Update a security policy

You can update an existing F5 WAF for NGINX security policy using either the NGINX Instance Manager web interface or the REST API.

To update a policy in the web interface:

  1. In your browser, go to the FQDN for your NGINX Instance Manager host and log in.
  2. From the Launchpad, select Instance Manager.
  3. In the left menu, select WAF > Policies.
  4. On the Security Policies page, select Edit from the Actions column for the policy you want to update.
  5. The editor opens, allowing you to modify the policy as described in Create a security policy.
  6. After making your changes, select Save.

To update a policy using the REST API, send either a POST or PUT request to the Security Policies endpoint.

  • Use POST with the isNewRevision=true parameter to create a new revision of an existing policy.
  • Use PUT with the policy UID to overwrite the existing version.
Method Endpoint
POST /api/platform/v1/security/policies?isNewRevision=true
PUT /api/platform/v1/security/policies/{policy_uid}

Example using POST (create new revision):

shell
curl -X POST https://{{NIM_FQDN}}/api/platform/v1/security/policies?isNewRevision=true \
  -H "Authorization: Bearer <access token>" \
  -H "Content-Type: application/json" \
  -d @update-xss-policy.json

Example using PUT (overwrite existing):

  1. Retrieve the policy’s unique identifier (UID):

    shell
    curl -X GET https://{{NIM_FQDN}}/api/platform/v1/security/policies \
  -H "Authorization: Bearer <access token>"

  2. Include the UID in your PUT request:

    shell
    curl -X PUT https://{{NIM_FQDN}}/api/platform/v1/security/policies/<policy-uid> \
  -H "Authorization: Bearer <access token>" \
  -H "Content-Type: application/json" \
  -d @update-xss-policy.json

After updating the policy, you can publish it to selected instances or instance groups.

View source
Edit this page
Create a new issue