I have mulitple policy packages that have a security layer and a application layer. The application layer appeared after importing from migrate import from R77, i do not want it. I would like to remove this layer from all these policy packages.
The application layer has only 1 rule
Any -> Internet -> accept -> detailed log :accounting
I thought i would just be able to delete the layer from the API. It deletes perfectly from the SmartConsole. I have tried
deleting the application access layer
mgmt_cli -r true -d Mgmt1 delete access-layer uid "12345678-abcd-4710-a798-12345609f989"
code: "generic_err_object_deletion"
message: "Object MyPolicy Application could not be deleted because it is referenced by other objects, run where-used command for details"
I have verified that I have the correct id for the application layer, using show object uid.
mgmt_cli -r true -d Mgmt1 where-used uid "12345678-abcd-4710-a798-12345609f989"
code: "generic_err_object_not_found"
message: "Requested object [12345678-805c-4710-a798-12345609f989] not found"
where used doesnt work on this object, ok expected i think.
I tried to delete the 1 rule from the application access layer
mgmt_cli -r true -d Mgmt1 delete access-rule layer "12345678-abcd-4710-a798-12345609f989" rule-number 1 --format json
{
"code" : "generic_error",
"message" : "Runtime error: Cannot delete the only child of the rulebase."
}
So , can i delete this using the API, what am i missing?