Update a security policy
You can update an existing F5 WAF for NGINX security policy using either the NGINX Instance Manager web interface or the REST API.
To update a policy in the web interface:
- Log in to NGINX Instance Manager.
- From the Launchpad, select Instance Manager.
- In the left menu, select WAF > Policies.
- On the Security Policies page, select Edit from the Actions column for the policy you want to update.
- The policy editor opens. Change the policy as described in Create a security policy.
- After making your changes, select Save.
Editing a policy creates a new revision, whether or not you’ve deployed it.
To update a policy using the REST API, use POST with isNewRevision=true. Both the POST and PUT methods create a new policy revision. However, PUT is deprecated — use POST instead.
| Method | Endpoint |
|---|---|
| POST | /api/platform/v1/security/policies?isNewRevision=true |
| PUT (deprecated) | /api/platform/v1/security/policies/{policy_uid} |
Example using POST (creates a new policy revision):
curl -X POST https://<NIM_FQDN>/api/platform/v1/security/policies?isNewRevision=true \
-H "Authorization: Bearer <access token>" \
-H "Content-Type: application/json" \
-d @update-xss-policy.jsonExample using PUT (creates a new policy revision, deprecated):
DeprecatedThePUTmethod is deprecated. UsePOSTwithisNewRevision=trueinstead.
-
Get the policy UID:
shell curl -X GET https://<NIM_FQDN>/api/platform/v1/security/policies \ -H "Authorization: Bearer <access token>" -
Include the UID in your
PUTrequest:shell curl -X PUT https://<NIM_FQDN>/api/platform/v1/security/policies/{policy-uid} \ -H "Authorization: Bearer <access token>" \ -H "Content-Type: application/json" \ -d @update-xss-policy.json
After updating the policy, you can publish it to selected instances or instance groups.