Are you interested in our Early Access Program (EAP)? This program allows you to preview code, test in your lab and provide feedback prior to General Availability (GA) release of all Infoblox products. If so, please click the link here.

API Examples

Reply

wapi: create zone_auth with allow_query

Posts: 5
235     0

Hi,

 

I'm trying to add a "zone_auth" with a NamedACL, but i'm getting following error:

 

{ "Error": "AdmConProtoError: TSIG key or access control rule structure or Named ACL ref expected in allow_query", 
  "code": "Client.Ibap.Proto", 
  "text": "TSIG key or access control rule structure or Named ACL ref expected in allow_query"
}

 

This is the body I'm POST(ing) to "https://<url>/wapi/v2.11.3/request":

 

[
   {
"method" : "POST", "object" : "zone_auth", "data" : { "allow_query" : [ "namedacl/b25lLmRlZmluZWRfYWNsJDAudW5p:public" ], "ns_group" : "RZ-DNS-Server", "fqdn" : "10.4.3.0/24", "comment" : "tbk.privat", "extattrs" : { "Backbone" : { "value" : "RZ" }, "Audit" : { "value" : "tbk - add network - Tue Aug 9 16:18:04 2022" } } } } ]

If I try to GET the Named ACL everything is fine:

 

curl -k -H 'Authorization:  Basic <base64> content-type:application/json' -XGET "https://<url>/wapi/v2.11.3/namedacl/b25lLmRlZmluZWRfYWNsJDAudW5p:public"
{
    "_ref": "namedacl/b25lLmRlZmluZWRfYWNsJDAudW5p:uni",
    "name": "public"
}

In the wapidoc for zone_auth the type of allow_query is as followed defined:

 

One of the following: Address ac struct, TSIG ac struct array.

so no Named ACL ref

Re: wapi: create zone_auth with allow_query

Community Manager
Community Manager
Posts: 180
236     0

A few things you'll want to fix:

  • Specify that it's a reverse zone, with the zone_format attribute
  • Specify that an ACL will be used, with the use_allow_query attribute
  • The reference is passed as an attribute/value pair, in the allow_query structure

So your data should look something like this:

[
   {
      "method" : "POST",
      "object" : "zone_auth",
      "data" : {
        "zone_format": "IPV4",
        "fqdn" : "10.4.3.0/24",
        "ns_group" : "Internal DNS",
	"comment" : "tbk.privat",
        "use_allow_query": true,
      	"allow_query": [
          {
            "_ref": "namedacl/b25lLmRlZmluZWRfYWNsJDAuSW50ZXJuYWwgTmV0d29ya3M:Internal%20Networks"
          }
        ]
      }      
   }
]

Re: wapi: create zone_auth with allow_query

Posts: 5
236     0

Hi,

 

thank you for the help. Now it's clear that I have to use

 

"use_allow_query": true,

 

and that the format of allow_query is:

 

"allow_query": [
       {
         "_ref": "namedacl/b25lLmRlZmluZWRfYWNsJDAuSW50ZXJuYWwgTmV0d29ya3M:Internal%20Networks"
       }
]

(a list of hashes with key,value par of "_ref","<_ref>")

Showing results for 
Search instead for 
Did you mean: 

Recommended for You