I am looking for a way to delete the root folder "code_root" from the target gateway using GMU restman. When trying doing so it gives me the below error-
POLICY resource #f681af82df37e4ac5e5b91111111 could not be deleted. Caused by: Policy #f681af82df37e4ac5e5b2222222 (Some Service) cannot be deleted; it is referenced by Policy #871d8de5c15f0a4685c1a3333333
I can find the list of dependencies through restman call.
But what should be the good way forward to delete the folder.
Hi gaurav_nagarro ,
As the error indicates, you cannot delete this policy as its being used elsewhere. You will have to dis-associate this policy and then try deleting.
Were you able to dis-associate the policy and were you able to delete it?
Yes, it works if we delete the dependencies first. But this is really hard to maintain the dependencies if we try to delete the folders through script through provisioning. Is there any way to define order to delete the dependencies?
Dear gaurav_nagarro ,
I ever wrote a KB article for similar situation, it's not published yet.
Introduction: Sometimes, when you try to delete a policy, it could popup a message as below.
If you know what policy is using this policy, then you can delete it first, and then delete this policy successfully.
This article will introduce a way to find out what policy is using the current policy.
Here is an example of how to find the policies/services using "OTK Authenticate OAuth 1.0 Parameter"
On policy manager, right click on "OTK Authenticate OAuth 1.0 Parameter" -> Policy Properties -> copy the Policy GUID(not Policy ID), for example: 71815bbd-f527-4806-b60d-c66128961c84
run the SQL on ssg database (search by GUID),
mysql> select name from policy where xml like '%71815bbd-f527-4806-b60d-c66128961c84%';
| name |
| OTK Require OAuth 1.0 Token |
| Policy for service #799948386a78439e71fdaa554a1b3c0f, auth/oauth/v1/token |
| Policy for service #799948386a78439e71fdaa554a1b3d17, auth/oauth/v1/request |
3 rows in set (0.10 sec)
For example, to find the policies/services using "OTK Client Delete"
run the SQL on ssg database(search by name),
mysql> select name from policy where xml like '%OTK Client Delete%';
| Policy for service #799948386a78439e71fdaa554a1b408e, oauth/manager/clients |
1 row in set (0.09 sec)
Remove the service/policy which using this encapsulated assertion first, and then goto Task -> Manage Encapsulated Assertions, remove the encapsulated assertion, then it should become fragment, then you can delete the fragment.
NOTE1: before delete those dependent policies/services, verify if they won't be access in the future, and eligible to be retired.
NOTE2: backup the database before any changes.
Hope this can help.
Is there any feasible way of doing that through script? Reason being I might need to delete the folder in the number of target gateways and don't want to do it through policy manager.
To find the best solution, we need to understand if the components in the folder (ie. policies, encapsulated, etc) are self-contained and not needed by other folders.
Director, CA Support
The sub-folders have dependencies among themselves. Lets assume there is folder wsgi and have sub-folders, shared_services and data-store in it. The policies in data-store has dependencies in shared_services folder. Also, the services within shared_services have dependencies among themselves.