f5-declarative-onboarding Add support for 'modify security firewall global-fqdn-policy dns-resolver resolvername'

Add support for 'modify security firewall global-fqdn-policy dns-resolver resolvername'

Open Arganox opened this issue 3 years ago • 0 comments

Is your feature request related to a problem? Please describe.

Creating an AFM policy then uses fqdns via class Firewall_Address_List.

....
"fwAllowedSites": {
"class": "Firewall_Address_List",
                    "fqdns": [
                        "www.ifconfig.com",
                        "www.google.com"
                    ]
}
...

When I manually add the dns-resolver tenant creation works just fine. I've been told by Stanislas PIRON(F5) on the Slack channel that this is not yet supported by DO.

Describe the solution you'd like

DO-ification of tmsh command: modify security firewall global-fqdn-policy dns-resolver resolvername

Describe alternatives you've considered

Manually link DNS Resolver
Config merge with DNS resolver settings included
TMSH command via terraform after DO to link the resolver to AFM

Mar 08 '21 08:03 Arganox

f5-declarative-onboarding f5-declarative-onboarding copied to clipboard

Add support for 'modify security firewall global-fqdn-policy dns-resolver resolvername'

Is your feature request related to a problem? Please describe.

Describe the solution you'd like

Describe alternatives you've considered

f5-declarative-onboarding
f5-declarative-onboarding copied to clipboard