Create a Post
Showing results for 
Search instead for 
Did you mean: 

API install-policy behavior if policy name changes


how does "install-policy" behave when the policy name to be installed does not match to the one already installed on the target gateway. Doing it by GUI you get a warning, but you can force it. The API reference error codes didn't gave me a hint.

1.    Will the install fail? If yes, any option to force it?

vice versa

2.    If it would just install, any option to force to stop with error?

thx in advance

0 Kudos
4 Replies

As this is an API question, I am moving this to Developers (Code Hub)

And, you appear to be correct, the install-policy API call does not let you know that you are changing the policy from X to Y.

I'm also not clear what API call you need to make to check this beforehand.

Amiad Stern‌?

0 Kudos

This is a bad behavior of install policy via API. We will address it in the next versions. Thanks for your input.

In the mean time, this logic can be accomplished with few api commands (as a "script"):

1. get relevant policy installed on target  (show gateways-and-servers)

2. check if the policy installed is different from the one that is about to be installed

3. fail if it is different (or make your script interactive and wait for user input to keep installation)

0 Kudos

Hi Amiad,

thx for making it clear.

Just the workaround is not really one. You need to switch to detailed-level full for the show command. And to work through that is quite complicate as the output does not only contain gateways with "access-policy". So it bit much effort just to cover that.

0 Kudos

You're right there is some extra work to do, but you can use jq to filter only relevant results which might make it easier.

0 Kudos


Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events