terraform-provider-bigip icon indicating copy to clipboard operation
terraform-provider-bigip copied to clipboard

Published 20 hours ago verified publisher icon F5Networks

bigip_ltm_policy - action replace

Open Luubosi opened this issue 3 years ago • 2 comments

i would like to define policy with action: Replace HTTP URI Path: 'tcl:[string map {/role-service/ /} [HTTP::uri]]' at request time.

terraform - required_version = "= 1.1.4" provider source = "F5Networks/bigip" - version = "1.12.2"

for example policy

resource "bigip_ltm_policy" "policy_001" {
  name     = "/Common/${var.env}_tf_${var.vs_lb_dcom["name"]}"
  strategy = "first-match"
  requires = ["http"]
  controls = ["forwarding"]
  rule {
    name = "${var.env}_${var.vs_lb_dcom["name"]}_001"
    condition {
      index = 0
      http_host = true
      contains  = true
      values    = [var.vs_lb_dcom["name"]]
      request    = true
    }
    condition {  
      http_uri = true
      path     = true
      not = true
      starts_with  = true
      values    = ["/role-service"]
      request = true
    }
    action {
      forward = false
      replace = true
      http_uri = true
      path     = true
      tcl = true
      value    = "string map {/role-service/ /} [HTTP::uri]"
      request = true
    }
    action {
      forward = true
      pool    = bigip_ltm_pool.pool_001.name
    }
  }
  depends_on = [bigip_ltm_pool.pool_001]
}

after apply there is error │ Error: HTTP 400 :: {"code":400,"message":""select" may not be specified with "replace"","errorStack":[],"apiError":26214401} │ │ with bigip_ltm_policy.policy_001, │ on lb_config.tf line 321, in resource "bigip_ltm_policy" "policy_001":

How to define action - Replace HTTP URI Path: 'tcl:[string map {/role-service/ /} [HTTP::uri]]' at request time. thanks

Luubosi avatar Feb 05 '22 19:02 Luubosi

@Luubosi - Recommend using AS3 with TF to support this - See https://clouddocs.f5.com/products/extensions/f5-appsvcs-extension/latest/refguide/schema-reference.html#policy-action-replace

AS3 and TF - Refer to https://clouddocs.f5.com/products/orchestration/terraform/latest/userguide/as3-integration.html

Hope this helps. Please share your findings.

trinaths avatar Mar 11 '22 10:03 trinaths

@Luubosi please try with below config:

resource "bigip_ltm_policy" "policy-issue-591" {
  name     = "/Common/policy-issue-591"
  strategy = "first-match"
  requires = ["http"]
  controls = ["forwarding"]
  rule {
    name = "rule-issue591"
    condition {
      index     = 0
      http_host = true
      contains  = true
      values = [
        "domain1.net",
        "domain2.nl"
      ]
      request = true
    }
    condition {
      http_uri    = true
      path        = true
      not         = true
      starts_with = true
      values      = ["/role-service"]
      request     = true
    }
    action {
      forward  = false
      replace  = true
      connection = false
      http_uri = true
      path     = "tcl:[string map {/role-service/ /} [HTTP::uri]]"
      request  = true
    }
    action {
      forward    = true
      connection = false
      pool       = bigip_ltm_pool.k8s_prod.name
    }
  }
}

RavinderReddyF5 avatar Aug 23 '22 18:08 RavinderReddyF5