Try SpotterManage a RuleSet resource in Oracle Cloud Infrastructure
| "added in version" 2.9.0 of oracle.oci"
Authors: Oracle (@oracle)
preview | supported by community
Install with ansible-galaxy collection install oracle.oci:==5.0.0
collections:
- name: oracle.oci
version: 5.0.0This module allows the user to create, update and delete a RuleSet resource in Oracle Cloud Infrastructure
For I(state=present), creates a new rule set associated with the specified load balancer. For more information, see L(Managing Rule Sets,https://docs.cloud.oracle.com/Content/Balance/Tasks/managingrulesets.htm).
- name: Create rule_set
oci_loadbalancer_rule_set:
# required
items:
- # required
value: value_example
action: ADD_HTTP_REQUEST_HEADER
header: header_example
load_balancer_id: "ocid1.loadbalancer.oc1..xxxxxxEXAMPLExxxxxx"
name: name_example
- name: Update rule_set
oci_loadbalancer_rule_set:
# required
items:
- # required
value: value_example
action: ADD_HTTP_REQUEST_HEADER
header: header_example
load_balancer_id: "ocid1.loadbalancer.oc1..xxxxxxEXAMPLExxxxxx"
name: name_example
- name: Delete rule_set
oci_loadbalancer_rule_set:
# required
load_balancer_id: "ocid1.loadbalancer.oc1..xxxxxxEXAMPLExxxxxx"
name: name_example
state: absent
name:
description:
- The name for this set of rules. It must be unique and it cannot be changed. Avoid
entering confidential information.
- 'Example: `example_rule_set`'
required: true
type: str
wait:
default: true
description: Whether to wait for create or delete operation to complete.
type: bool
items:
description:
- An array of rules that compose the rule set.
- Required for create using I(state=present), update using I(state=present) with name
present.
elements: dict
suboptions:
action:
choices:
- ADD_HTTP_REQUEST_HEADER
- REDIRECT
- REMOVE_HTTP_REQUEST_HEADER
- EXTEND_HTTP_REQUEST_HEADER_VALUE
- REMOVE_HTTP_RESPONSE_HEADER
- CONTROL_ACCESS_USING_HTTP_METHODS
- ALLOW
- HTTP_HEADER
- ADD_HTTP_RESPONSE_HEADER
- EXTEND_HTTP_RESPONSE_HEADER_VALUE
description:
- ''
required: true
type: str
allowed_methods:
description:
- The list of HTTP methods allowed for this listener.
- By default, you can specify only the standard HTTP methods defined in the L(HTTP
Method Registry,http://www.iana.org/assignments/http-methods/http-methods.xhtml).
You can also see a list of supported standard HTTP methods in the Load Balancing
service documentation at L(Managing Rule Sets,https://docs.cloud.oracle.com/Content/Balance/Tasks/managingrulesets.htm).
- Your backend application must be able to handle the methods specified in this
list.
- The list of HTTP methods is extensible. If you need to configure custom HTTP
methods, contact L(My Oracle Support,http://support.oracle.com/) to remove the
restriction for your tenancy.
- 'Example: ["GET", "PUT", "POST", "PROPFIND"]'
- Required when action is 'CONTROL_ACCESS_USING_HTTP_METHODS'
elements: str
type: list
are_invalid_characters_allowed:
description:
- Indicates whether or not invalid characters in client header fields will be
allowed. Valid names are composed of English letters, digits, hyphens and underscores.
If "true", invalid characters are allowed in the HTTP header. If "false", invalid
characters are not allowed in the HTTP header
- Applicable when action is 'HTTP_HEADER'
type: bool
conditions:
description:
- ''
- Required when action is one of ['REDIRECT', 'ALLOW']
elements: dict
suboptions:
attribute_name:
choices:
- SOURCE_VCN_ID
- SOURCE_IP_ADDRESS
- PATH
- SOURCE_VCN_IP_ADDRESS
description:
- ''
required: true
type: str
attribute_value:
description:
- The L(OCID,https://docs.cloud.oracle.com/Content/General/Concepts/identifiers.htm)
of the originating VCN that an incoming packet must match.
- You can use this condition in conjunction with `SourceVcnIpAddressCondition`.
- '**NOTE:** If you define this condition for a rule without a `SourceVcnIpAddressCondition`,
this condition matches all incoming traffic in the specified VCN.'
required: true
type: str
operator:
choices:
- EXACT_MATCH
- FORCE_LONGEST_PREFIX_MATCH
- PREFIX_MATCH
- SUFFIX_MATCH
description:
- A string that specifies how to compare the PathMatchCondition object's `attributeValue`
string to the incoming URI.
- '* **EXACT_MATCH** - The incoming URI path must exactly and completely
match the `attributeValue` string.'
- '* **FORCE_LONGEST_PREFIX_MATCH** - The system looks for the `attributeValue`
string with the best, longest match of the beginning portion of the incoming
URI path.'
- '* **PREFIX_MATCH** - The beginning portion of the incoming URI path must
exactly match the `attributeValue` string.'
- '* **SUFFIX_MATCH** - The ending portion of the incoming URI path must
exactly match the `attributeValue` string.'
- Required when attribute_name is 'PATH'
type: str
type: list
description:
description:
- A brief description of the access control rule. Avoid entering confidential
information.
- 'example: `192.168.0.0/16 and 2001:db8::/32 are trusted clients. Whitelist them.`'
- Applicable when action is 'ALLOW'
type: str
header:
description:
- A header name that conforms to RFC 7230.
- 'Example: `example_header_name`'
- Required when action is one of ['REMOVE_HTTP_REQUEST_HEADER', 'EXTEND_HTTP_REQUEST_HEADER_VALUE',
'ADD_HTTP_RESPONSE_HEADER', 'ADD_HTTP_REQUEST_HEADER', 'REMOVE_HTTP_RESPONSE_HEADER',
'EXTEND_HTTP_RESPONSE_HEADER_VALUE']
type: str
http_large_header_size_in_kb:
description:
- The maximum size of each buffer used for reading http client request header.
This value indicates the maximum size allowed for each buffer. The allowed values
for buffer size are 8, 16, 32 and 64.
- Applicable when action is 'HTTP_HEADER'
type: int
prefix:
description:
- 'A string to prepend to the header value. The resulting header value must conform
to RFC 7230. With the following exceptions: * value cannot contain `$` * value
cannot contain patterns like `{variable_name}`. They are reserved for future
extensions. Currently, such values are invalid.'
- 'Example: `example_prefix_value`'
- Applicable when action is one of ['EXTEND_HTTP_REQUEST_HEADER_VALUE', 'EXTEND_HTTP_RESPONSE_HEADER_VALUE']
type: str
redirect_uri:
description:
- ''
- Applicable when action is 'REDIRECT'
suboptions:
host:
description:
- The valid domain name (hostname) or IP address to use in the redirect URI.
- When this value is null, not set, or set to `{host}`, the service preserves
the original domain name from the incoming HTTP request URI.
- All RedirectUri tokens are valid for this property. You can use any token
more than once.
- Curly braces are valid in this property only to surround tokens, such as
`{host}`
- 'Examples:'
- '* **example.com** appears as `example.com` in the redirect URI.'
- '* **in{host}** appears as `inexample.com` in the redirect URI if `example.com`
is the hostname in the incoming HTTP request URI.'
- '* **{port}{host}** appears as `8081example.com` in the redirect URI if
`example.com` is the hostname and the port is `8081` in the incoming HTTP
request URI.'
- Applicable when action is 'REDIRECT'
type: str
path:
description:
- The HTTP URI path to use in the redirect URI.
- When this value is null, not set, or set to `{path}`, the service preserves
the original path from the incoming HTTP request URI. To omit the path from
the redirect URI, set this value to an empty string, "".
- All RedirectUri tokens are valid for this property. You can use any token
more than once.
- The path string must begin with `/` if it does not begin with the `{path}`
token.
- 'Examples:'
- '* __/example/video/123__ appears as `/example/video/123` in the redirect
URI.'
- '* __/example{path}__ appears as `/example/video/123` in the redirect URI
if `/video/123` is the path in the incoming HTTP request URI.'
- '* __{path}/123__ appears as `/example/video/123` in the redirect URI if
`/example/video` is the path in the incoming HTTP request URI.'
- '* __{path}123__ appears as `/example/video123` in the redirect URI if
`/example/video` is the path in the incoming HTTP request URI.'
- '* __/{host}/123__ appears as `/example.com/123` in the redirect URI if
`example.com` is the hostname in the incoming HTTP request URI.'
- '* __/{host}/{port}__ appears as `/example.com/123` in the redirect URI
if `example.com` is the hostname and `123` is the port in the incoming HTTP
request URI.'
- '* __/{query}__ appears as `/lang=en` in the redirect URI if the query
is `lang=en` in the incoming HTTP request URI.'
- Applicable when action is 'REDIRECT'
type: str
port:
description:
- The communication port to use in the redirect URI.
- Valid values include integers from 1 to 65535.
- When this value is null, the service preserves the original port from the
incoming HTTP request URI.
- 'Example: `8081`'
- Applicable when action is 'REDIRECT'
type: int
protocol:
description:
- The HTTP protocol to use in the redirect URI.
- 'When this value is null, not set, or set to `{protocol}`, the service preserves
the original protocol from the incoming HTTP request URI. Allowed values
are:'
- '* HTTP * HTTPS * {protocol}'
- '`{protocol}` is the only valid token for this property. It can appear only
once in the value string.'
- 'Example: `HTTPS`'
- Applicable when action is 'REDIRECT'
type: str
query:
description:
- The query string to use in the redirect URI.
- When this value is null, not set, or set to `{query}`, the service preserves
the original query parameters from the incoming HTTP request URI.
- All `RedirectUri` tokens are valid for this property. You can use any token
more than once.
- If the query string does not begin with the `{query}` token, it must begin
with the question mark (?) character.
- You can specify multiple query parameters as a single string. Separate each
query parameter with an ampersand (&) character. To omit all incoming query
parameters from the redirect URI, set this value to an empty string, "".
- If the specified query string results in a redirect URI ending with `?`
or `&`, the last character is truncated. For example, if the incoming URI
is `http://host.com:8080/documents` and the query property value is `?lang=en&{query}`,
the redirect URI is `http://host.com:8080/documents?lang=en`. The system
truncates the final ampersand (&) because the incoming URI included no value
to replace the {query} token.
- 'Examples: * **lang=en&time_zone=PST** appears as `lang=en&time_zone=PST`
in the redirect URI.'
- '* **{query}** appears as `lang=en&time_zone=PST` in the redirect URI if
`lang=en&time_zone=PST` is the query string in the incoming HTTP request.
If the incoming HTTP request has no query parameters, the `{query}` token
renders as an empty string.'
- '* **lang=en&{query}&time_zone=PST** appears as `lang=en&country=us&time_zone=PST`
in the redirect URI if `country=us` is the query string in the incoming
HTTP request. If the incoming HTTP request has no query parameters, this
value renders as `lang=en&time_zone=PST`.'
- '* **protocol={protocol}&hostname={host}** appears as `protocol=http&hostname=example.com`
in the redirect URI if the protocol is `HTTP` and the hostname is `example.com`
in the incoming HTTP request.'
- '* **port={port}&hostname={host}** appears as `port=8080&hostname=example.com`
in the redirect URI if the port is `8080` and the hostname is `example.com`
in the incoming HTTP request URI.'
- Applicable when action is 'REDIRECT'
type: str
type: dict
response_code:
description:
- The HTTP status code to return when the incoming request is redirected.
- 'The status line returned with the code is mapped from the standard HTTP specification.
Valid response codes for redirection are:'
- '* 301 * 302 * 303 * 307 * 308'
- The default value is `302` (Found).
- 'Example: `301`'
- Applicable when action is 'REDIRECT'
type: int
status_code:
description:
- The HTTP status code to return when the requested HTTP method is not in the
list of allowed methods. The associated status line returned with the code is
mapped from the standard HTTP specification. The default value is `405 (Method
Not Allowed)`.
- 'Example: 403'
- Applicable when action is 'CONTROL_ACCESS_USING_HTTP_METHODS'
type: int
suffix:
description:
- 'A string to append to the header value. The resulting header value must conform
to RFC 7230. With the following exceptions: * value cannot contain `$` * value
cannot contain patterns like `{variable_name}`. They are reserved for future
extensions. Currently, such values are invalid.'
- 'Example: `example_suffix_value`'
- Applicable when action is one of ['EXTEND_HTTP_REQUEST_HEADER_VALUE', 'EXTEND_HTTP_RESPONSE_HEADER_VALUE']
type: str
value:
description:
- 'A header value that conforms to RFC 7230. With the following exceptions: * value
cannot contain `$` * value cannot contain patterns like `{variable_name}`.
They are reserved for future extensions. Currently, such values are invalid.'
- 'Example: `example_value`'
- Required when action is one of ['ADD_HTTP_RESPONSE_HEADER', 'ADD_HTTP_REQUEST_HEADER']
type: str
type: list
state:
choices:
- present
- absent
default: present
description:
- The state of the RuleSet.
- Use I(state=present) to create or update a RuleSet.
- Use I(state=absent) to delete a RuleSet.
required: false
type: str
key_by:
description: The list of attributes of this resource which should be used to uniquely
identify an instance of the resource. By default, all the attributes of a resource
are used to uniquely identify a resource.
elements: str
type: list
region:
description:
- The Oracle Cloud Infrastructure region to use for all OCI API requests. If not set,
then the value of the OCI_REGION variable, if any, is used. This option is required
if the region is not specified through a configuration file (See C(config_file_location)).
Please refer to U(https://docs.us-phoenix-1.oraclecloud.com/Content/General/Concepts/regions.htm)
for more information on OCI regions.
type: str
tenancy:
description:
- OCID of your tenancy. If not set, then the value of the OCI_TENANCY variable, if
any, is used. This option is required if the tenancy OCID is not specified through
a configuration file (See C(config_file_location)). To get the tenancy OCID, please
refer U(https://docs.us-phoenix-1.oraclecloud.com/Content/API/Concepts/apisigningkey.htm)
type: str
api_user:
description:
- The OCID of the user, on whose behalf, OCI APIs are invoked. If not set, then the
value of the OCI_USER_ID environment variable, if any, is used. This option is required
if the user is not specified through a configuration file (See C(config_file_location)).
To get the user's OCID, please refer U(https://docs.us-phoenix-1.oraclecloud.com/Content/API/Concepts/apisigningkey.htm).
type: str
auth_type:
choices:
- api_key
- instance_principal
- instance_obo_user
- resource_principal
- security_token
default: api_key
description:
- The type of authentication to use for making API requests. By default C(auth_type="api_key")
based authentication is performed and the API key (see I(api_user_key_file)) in
your config file will be used. If this 'auth_type' module option is not specified,
the value of the OCI_ANSIBLE_AUTH_TYPE, if any, is used. Use C(auth_type="instance_principal")
to use instance principal based authentication when running ansible playbooks within
an OCI compute instance.
type: str
cert_bundle:
description:
- The full path to a CA certificate bundle to be used for SSL verification. This will
override the default CA certificate bundle. If not set, then the value of the OCI_ANSIBLE_CERT_BUNDLE
variable, if any, is used.
type: str
auth_purpose:
choices:
- service_principal
description:
- The auth purpose which can be used in conjunction with 'auth_type=instance_principal'.
The default auth_purpose for instance_principal is None.
type: str
force_create:
default: false
description: Whether to attempt non-idempotent creation of a resource. By default,
create resource is an idempotent operation, and doesn't create the resource if it
already exists. Setting this option to true, forcefully creates a copy of the resource,
even if it already exists.This option is mutually exclusive with I(key_by).
type: bool
wait_timeout:
description: Time, in seconds, to wait when I(wait=yes). Defaults to 1200 for most
of the services but some services might have a longer wait timeout.
type: int
load_balancer_id:
description:
- The L(OCID,https://docs.cloud.oracle.com/Content/General/Concepts/identifiers.htm)
of the specified load balancer.
required: true
type: str
api_user_key_file:
description:
- Full path and filename of the private key (in PEM format). If not set, then the
value of the OCI_USER_KEY_FILE variable, if any, is used. This option is required
if the private key is not specified through a configuration file (See C(config_file_location)).
If the key is encrypted with a pass-phrase, the C(api_user_key_pass_phrase) option
must also be provided.
type: str
config_profile_name:
description:
- The profile to load from the config file referenced by C(config_file_location).
If not set, then the value of the OCI_CONFIG_PROFILE environment variable, if any,
is used. Otherwise, defaults to the "DEFAULT" profile in C(config_file_location).
type: str
api_user_fingerprint:
description:
- Fingerprint for the key pair being used. If not set, then the value of the OCI_USER_FINGERPRINT
environment variable, if any, is used. This option is required if the key fingerprint
is not specified through a configuration file (See C(config_file_location)). To
get the key pair's fingerprint value please refer U(https://docs.us-phoenix-1.oraclecloud.com/Content/API/Concepts/apisigningkey.htm).
type: str
config_file_location:
description:
- Path to configuration file. If not set then the value of the OCI_CONFIG_FILE environment
variable, if any, is used. Otherwise, defaults to ~/.oci/config.
type: str
api_user_key_pass_phrase:
description:
- Passphrase used by the key referenced in C(api_user_key_file), if it is encrypted.
If not set, then the value of the OCI_USER_KEY_PASS_PHRASE variable, if any, is
used. This option is required if the key passphrase is not specified through a configuration
file (See C(config_file_location)).
type: str
realm_specific_endpoint_template_enabled:
description:
- Enable/Disable realm specific endpoint template for service client. By Default,
realm specific endpoint template is disabled. If not set, then the value of the
OCI_REALM_SPECIFIC_SERVICE_ENDPOINT_TEMPLATE_ENABLED variable, if any, is used.
type: bool
rule_set:
contains:
items:
contains:
action:
description:
- ''
returned: on success
sample: ADD_HTTP_REQUEST_HEADER
type: str
allowed_methods:
description:
- The list of HTTP methods allowed for this listener.
- By default, you can specify only the standard HTTP methods defined in
the L(HTTP Method Registry,http://www.iana.org/assignments/http-methods/http-methods.xhtml).
You can also see a list of supported standard HTTP methods in the Load
Balancing service documentation at L(Managing Rule Sets,https://docs.cloud.oracle.com/Content/Balance/Tasks/managingrulesets.htm).
- Your backend application must be able to handle the methods specified
in this list.
- The list of HTTP methods is extensible. If you need to configure custom
HTTP methods, contact L(My Oracle Support,http://support.oracle.com/)
to remove the restriction for your tenancy.
- 'Example: ["GET", "PUT", "POST", "PROPFIND"]'
returned: on success
sample: []
type: list
are_invalid_characters_allowed:
description:
- Indicates whether or not invalid characters in client header fields will
be allowed. Valid names are composed of English letters, digits, hyphens
and underscores. If "true", invalid characters are allowed in the HTTP
header. If "false", invalid characters are not allowed in the HTTP header
returned: on success
sample: true
type: bool
conditions:
contains:
attribute_name:
description:
- ''
returned: on success
sample: SOURCE_IP_ADDRESS
type: str
attribute_value:
description:
- The path string that the redirection rule applies to.
- 'Example: `/example`'
returned: on success
sample: attribute_value_example
type: str
operator:
description:
- A string that specifies how to compare the PathMatchCondition object's
`attributeValue` string to the incoming URI.
- '* **EXACT_MATCH** - The incoming URI path must exactly and completely
match the `attributeValue` string.'
- '* **FORCE_LONGEST_PREFIX_MATCH** - The system looks for the `attributeValue`
string with the best, longest match of the beginning portion of the
incoming URI path.'
- '* **PREFIX_MATCH** - The beginning portion of the incoming URI path
must exactly match the `attributeValue` string.'
- '* **SUFFIX_MATCH** - The ending portion of the incoming URI path
must exactly match the `attributeValue` string.'
returned: on success
sample: EXACT_MATCH
type: str
description:
- ''
returned: on success
type: complex
description:
description:
- A brief description of the access control rule. Avoid entering confidential
information.
- 'example: `192.168.0.0/16 and 2001:db8::/32 are trusted clients. Whitelist
them.`'
returned: on success
sample: description_example
type: str
header:
description:
- A header name that conforms to RFC 7230.
- 'Example: `example_header_name`'
returned: on success
sample: header_example
type: str
http_large_header_size_in_kb:
description:
- The maximum size of each buffer used for reading http client request header.
This value indicates the maximum size allowed for each buffer. The allowed
values for buffer size are 8, 16, 32 and 64.
returned: on success
sample: 56
type: int
prefix:
description:
- 'A string to prepend to the header value. The resulting header value must
conform to RFC 7230. With the following exceptions: * value cannot contain
`$` * value cannot contain patterns like `{variable_name}`. They are
reserved for future extensions. Currently, such values are invalid.'
- 'Example: `example_prefix_value`'
returned: on success
sample: prefix_example
type: str
redirect_uri:
contains:
host:
description:
- The valid domain name (hostname) or IP address to use in the redirect
URI.
- When this value is null, not set, or set to `{host}`, the service
preserves the original domain name from the incoming HTTP request
URI.
- All RedirectUri tokens are valid for this property. You can use any
token more than once.
- Curly braces are valid in this property only to surround tokens, such
as `{host}`
- 'Examples:'
- '* **example.com** appears as `example.com` in the redirect URI.'
- '* **in{host}** appears as `inexample.com` in the redirect URI if
`example.com` is the hostname in the incoming HTTP request URI.'
- '* **{port}{host}** appears as `8081example.com` in the redirect
URI if `example.com` is the hostname and the port is `8081` in the
incoming HTTP request URI.'
returned: on success
sample: host_example
type: str
path:
description:
- The HTTP URI path to use in the redirect URI.
- When this value is null, not set, or set to `{path}`, the service
preserves the original path from the incoming HTTP request URI. To
omit the path from the redirect URI, set this value to an empty string,
"".
- All RedirectUri tokens are valid for this property. You can use any
token more than once.
- The path string must begin with `/` if it does not begin with the
`{path}` token.
- 'Examples:'
- '* __/example/video/123__ appears as `/example/video/123` in the
redirect URI.'
- '* __/example{path}__ appears as `/example/video/123` in the redirect
URI if `/video/123` is the path in the incoming HTTP request URI.'
- '* __{path}/123__ appears as `/example/video/123` in the redirect
URI if `/example/video` is the path in the incoming HTTP request URI.'
- '* __{path}123__ appears as `/example/video123` in the redirect URI
if `/example/video` is the path in the incoming HTTP request URI.'
- '* __/{host}/123__ appears as `/example.com/123` in the redirect
URI if `example.com` is the hostname in the incoming HTTP request
URI.'
- '* __/{host}/{port}__ appears as `/example.com/123` in the redirect
URI if `example.com` is the hostname and `123` is the port in the
incoming HTTP request URI.'
- '* __/{query}__ appears as `/lang=en` in the redirect URI if the
query is `lang=en` in the incoming HTTP request URI.'
returned: on success
sample: path_example
type: str
port:
description:
- The communication port to use in the redirect URI.
- Valid values include integers from 1 to 65535.
- When this value is null, the service preserves the original port from
the incoming HTTP request URI.
- 'Example: `8081`'
returned: on success
sample: 56
type: int
protocol:
description:
- The HTTP protocol to use in the redirect URI.
- 'When this value is null, not set, or set to `{protocol}`, the service
preserves the original protocol from the incoming HTTP request URI.
Allowed values are:'
- '* HTTP * HTTPS * {protocol}'
- '`{protocol}` is the only valid token for this property. It can appear
only once in the value string.'
- 'Example: `HTTPS`'
returned: on success
sample: protocol_example
type: str
query:
description:
- The query string to use in the redirect URI.
- When this value is null, not set, or set to `{query}`, the service
preserves the original query parameters from the incoming HTTP request
URI.
- All `RedirectUri` tokens are valid for this property. You can use
any token more than once.
- If the query string does not begin with the `{query}` token, it must
begin with the question mark (?) character.
- You can specify multiple query parameters as a single string. Separate
each query parameter with an ampersand (&) character. To omit all
incoming query parameters from the redirect URI, set this value to
an empty string, "".
- If the specified query string results in a redirect URI ending with
`?` or `&`, the last character is truncated. For example, if the incoming
URI is `http://host.com:8080/documents` and the query property value
is `?lang=en&{query}`, the redirect URI is `http://host.com:8080/documents?lang=en`.
The system truncates the final ampersand (&) because the incoming
URI included no value to replace the {query} token.
- 'Examples: * **lang=en&time_zone=PST** appears as `lang=en&time_zone=PST`
in the redirect URI.'
- '* **{query}** appears as `lang=en&time_zone=PST` in the redirect
URI if `lang=en&time_zone=PST` is the query string in the incoming
HTTP request. If the incoming HTTP request has no query parameters,
the `{query}` token renders as an empty string.'
- '* **lang=en&{query}&time_zone=PST** appears as `lang=en&country=us&time_zone=PST`
in the redirect URI if `country=us` is the query string in the incoming
HTTP request. If the incoming HTTP request has no query parameters,
this value renders as `lang=en&time_zone=PST`.'
- '* **protocol={protocol}&hostname={host}** appears as `protocol=http&hostname=example.com`
in the redirect URI if the protocol is `HTTP` and the hostname is
`example.com` in the incoming HTTP request.'
- '* **port={port}&hostname={host}** appears as `port=8080&hostname=example.com`
in the redirect URI if the port is `8080` and the hostname is `example.com`
in the incoming HTTP request URI.'
returned: on success
sample: query_example
type: str
description:
- ''
returned: on success
type: complex
response_code:
description:
- The HTTP status code to return when the incoming request is redirected.
- 'The status line returned with the code is mapped from the standard HTTP
specification. Valid response codes for redirection are:'
- '* 301 * 302 * 303 * 307 * 308'
- The default value is `302` (Found).
- 'Example: `301`'
returned: on success
sample: 56
type: int
status_code:
description:
- The HTTP status code to return when the requested HTTP method is not in
the list of allowed methods. The associated status line returned with
the code is mapped from the standard HTTP specification. The default value
is `405 (Method Not Allowed)`.
- 'Example: 403'
returned: on success
sample: 56
type: int
suffix:
description:
- 'A string to append to the header value. The resulting header value must
conform to RFC 7230. With the following exceptions: * value cannot contain
`$` * value cannot contain patterns like `{variable_name}`. They are
reserved for future extensions. Currently, such values are invalid.'
- 'Example: `example_suffix_value`'
returned: on success
sample: suffix_example
type: str
value:
description:
- 'A header value that conforms to RFC 7230. With the following exceptions:
* value cannot contain `$` * value cannot contain patterns like `{variable_name}`.
They are reserved for future extensions. Currently, such values are invalid.'
- 'Example: `example_value`'
returned: on success
sample: value_example
type: str
description:
- An array of rules that compose the rule set.
returned: on success
type: complex
name:
description:
- The name for this set of rules. It must be unique and it cannot be changed.
Avoid entering confidential information.
- 'Example: `example_rule_set`'
returned: on success
sample: name_example
type: str
description:
- Details of the RuleSet resource acted upon by the current operation
returned: on success
sample:
items:
- action: ADD_HTTP_REQUEST_HEADER
allowed_methods: []
are_invalid_characters_allowed: true
conditions:
- attribute_name: SOURCE_IP_ADDRESS
attribute_value: attribute_value_example
operator: EXACT_MATCH
description: description_example
header: header_example
http_large_header_size_in_kb: 56
prefix: prefix_example
redirect_uri:
host: host_example
path: path_example
port: 56
protocol: protocol_example
query: query_example
response_code: 56
status_code: 56
suffix: suffix_example
value: value_example
name: name_example
type: complex