Last Modified: Jun 19, 2025
Affected Product(s):
BIG-IQ Platform
Known Affected Versions:
8.0.0, 8.0.0.1
Opened: Aug 06, 2022 Severity: 3-Major
Individual users or groups that require access to more than one set of resources are faced with a pop-up screen to associate new resources. When selected you see an error "The system returned an unexpected error (400 Bad Request)"
When you select an option in the pop-up then you see a 400 error and are unable to proceed with the operation
Associating more than one resource group to a user or group will cause a pop-up window attempting to perform certain operations for the first time. Operations are any operations on the resource, for example if the resource is a pool then the operation can be creation of new pools or changing pool member states
A resource group containing the missing resource can be created and added to the other resource groups associated to the user to avoid the pop-up. Here are the steps: 1) Create a new resource group that will be used to contain the missing permission. From bash on the CM, run the following command: restcurl shared/authorization/resource-groups -X POST -d '{"name": "Self Service Addon RG","displayName": "Self Service Addon RG"}' This should produce output similar to this; { "id": "de371df9-72ec-31fd-bfcd-35b63fd626a8", "name": "Self Service Addon RG", "isBuiltIn": false, "isPublic": true, "displayName": "Self Service Addon RG", "isSystemManaged": false, "referenceExpressionCollectionReference": { "link": "https://localhost/mgmt/shared/authorization/resource-groups/de371df9-72ec-31fd-bfcd-35b63fd626a8/reference-expressions", "isSubcollection": true }, "generation": 1, "lastUpdateMicros": 1620667195851470, "kind": "shared:authorization:resource-groups:resourcegroupstate", "selfLink": "https://localhost/mgmt/shared/authorization/resource-groups/de371df9-72ec-31fd-bfcd-35b63fd626a8" } 2) Add the missing permission to this new Resource Group: restcurl shared/authorization/patch-resource-groups -X POST -d '{ "resourceGroupName": "Self Service Addon RG", "resourceGroupDisplayName": "Self Service Addon RG", "referenceExpressionsPatches": [ { "targetKind": "cm:adc-core:tasks:self-service:selfservicetaskitemstate", "referenceExpressions": [ { "name": "Workaround_referenceexpressionstate", "description": "Workaround_referenceexpressionstate", "expression": "/cm/adc-core/tasks/self-service/*" } ] } ] }' This should produce output similar to this: { "id": "de371df9-72ec-31fd-bfcd-35b63fd626a8", "name": "Self Service Addon RG", "isBuiltIn": false, "isPublic": true, "displayName": "Self Service Addon RG", "isSystemManaged": false, "referenceExpressionCollectionReference": { <SNIP> "differences": { "added": [ "/cm/adc-core/tasks/self-service/*", "/cm/adc-core/tasks/self-service" ], "removed": [] } } 3) To verify that the changes are as expected, use the "id" value (de371df9-72ec-31fd-bfcd-35b63fd626a8) in the previous output and run this command: restcurl /shared/authorization/resource-groups/d5f38c92-017a-33cb-b3a0-f6abf486d9d9/reference-expressions You should see the following in the output: "collectionExpressions": [ { "expression": "/cm/adc-core/tasks/self-service" } ], "expressions": [ { "expression": "/cm/adc-core/tasks/self-service/*", "name": "Workaround_referenceexpressionstate", "description": "Workaround_referenceexpressionstate" } ], 4) With the new Resource Group created, use the BIG-IQ UI to add this Resource Group to the user or group along with existing resource groups to avoid the pop-up
None