Try SpotterFetches details about one or multiple RuleSet resources in Oracle Cloud Infrastructure
| "added in version" 2.9.0 of oracle.oci"
Authors: Oracle (@oracle)
preview | supported by community
Install with ansible-galaxy collection install oracle.oci:==5.0.0
collections:
- name: oracle.oci
version: 5.0.0Fetches details about one or multiple RuleSet resources in Oracle Cloud Infrastructure
Lists all rule sets associated with the specified load balancer.
If I(rule_set_name) is specified, the details of a single RuleSet will be returned.
- name: Get a specific rule_set
oci_loadbalancer_rule_set_facts:
# required
rule_set_name: rule_set_name_example
load_balancer_id: "ocid1.loadbalancer.oc1..xxxxxxEXAMPLExxxxxx"
- name: List rule_sets
oci_loadbalancer_rule_set_facts:
# required
load_balancer_id: "ocid1.loadbalancer.oc1..xxxxxxEXAMPLExxxxxx"
region:
description:
- The Oracle Cloud Infrastructure region to use for all OCI API requests. If not set,
then the value of the OCI_REGION variable, if any, is used. This option is required
if the region is not specified through a configuration file (See C(config_file_location)).
Please refer to U(https://docs.us-phoenix-1.oraclecloud.com/Content/General/Concepts/regions.htm)
for more information on OCI regions.
type: str
tenancy:
description:
- OCID of your tenancy. If not set, then the value of the OCI_TENANCY variable, if
any, is used. This option is required if the tenancy OCID is not specified through
a configuration file (See C(config_file_location)). To get the tenancy OCID, please
refer U(https://docs.us-phoenix-1.oraclecloud.com/Content/API/Concepts/apisigningkey.htm)
type: str
api_user:
description:
- The OCID of the user, on whose behalf, OCI APIs are invoked. If not set, then the
value of the OCI_USER_ID environment variable, if any, is used. This option is required
if the user is not specified through a configuration file (See C(config_file_location)).
To get the user's OCID, please refer U(https://docs.us-phoenix-1.oraclecloud.com/Content/API/Concepts/apisigningkey.htm).
type: str
auth_type:
choices:
- api_key
- instance_principal
- instance_obo_user
- resource_principal
- security_token
default: api_key
description:
- The type of authentication to use for making API requests. By default C(auth_type="api_key")
based authentication is performed and the API key (see I(api_user_key_file)) in
your config file will be used. If this 'auth_type' module option is not specified,
the value of the OCI_ANSIBLE_AUTH_TYPE, if any, is used. Use C(auth_type="instance_principal")
to use instance principal based authentication when running ansible playbooks within
an OCI compute instance.
type: str
cert_bundle:
description:
- The full path to a CA certificate bundle to be used for SSL verification. This will
override the default CA certificate bundle. If not set, then the value of the OCI_ANSIBLE_CERT_BUNDLE
variable, if any, is used.
type: str
auth_purpose:
choices:
- service_principal
description:
- The auth purpose which can be used in conjunction with 'auth_type=instance_principal'.
The default auth_purpose for instance_principal is None.
type: str
rule_set_name:
aliases:
- name
description:
- The name of the rule set to retrieve.
- 'Example: `example_rule_set`'
- Required to get a specific rule_set.
type: str
load_balancer_id:
description:
- The L(OCID,https://docs.cloud.oracle.com/Content/General/Concepts/identifiers.htm)
of the specified load balancer.
required: true
type: str
api_user_key_file:
description:
- Full path and filename of the private key (in PEM format). If not set, then the
value of the OCI_USER_KEY_FILE variable, if any, is used. This option is required
if the private key is not specified through a configuration file (See C(config_file_location)).
If the key is encrypted with a pass-phrase, the C(api_user_key_pass_phrase) option
must also be provided.
type: str
config_profile_name:
description:
- The profile to load from the config file referenced by C(config_file_location).
If not set, then the value of the OCI_CONFIG_PROFILE environment variable, if any,
is used. Otherwise, defaults to the "DEFAULT" profile in C(config_file_location).
type: str
api_user_fingerprint:
description:
- Fingerprint for the key pair being used. If not set, then the value of the OCI_USER_FINGERPRINT
environment variable, if any, is used. This option is required if the key fingerprint
is not specified through a configuration file (See C(config_file_location)). To
get the key pair's fingerprint value please refer U(https://docs.us-phoenix-1.oraclecloud.com/Content/API/Concepts/apisigningkey.htm).
type: str
config_file_location:
description:
- Path to configuration file. If not set then the value of the OCI_CONFIG_FILE environment
variable, if any, is used. Otherwise, defaults to ~/.oci/config.
type: str
api_user_key_pass_phrase:
description:
- Passphrase used by the key referenced in C(api_user_key_file), if it is encrypted.
If not set, then the value of the OCI_USER_KEY_PASS_PHRASE variable, if any, is
used. This option is required if the key passphrase is not specified through a configuration
file (See C(config_file_location)).
type: str
realm_specific_endpoint_template_enabled:
description:
- Enable/Disable realm specific endpoint template for service client. By Default,
realm specific endpoint template is disabled. If not set, then the value of the
OCI_REALM_SPECIFIC_SERVICE_ENDPOINT_TEMPLATE_ENABLED variable, if any, is used.
type: bool
rule_sets:
contains:
items:
contains:
action:
description:
- ''
returned: on success
sample: ADD_HTTP_REQUEST_HEADER
type: str
allowed_methods:
description:
- The list of HTTP methods allowed for this listener.
- By default, you can specify only the standard HTTP methods defined in
the L(HTTP Method Registry,http://www.iana.org/assignments/http-methods/http-methods.xhtml).
You can also see a list of supported standard HTTP methods in the Load
Balancing service documentation at L(Managing Rule Sets,https://docs.cloud.oracle.com/Content/Balance/Tasks/managingrulesets.htm).
- Your backend application must be able to handle the methods specified
in this list.
- The list of HTTP methods is extensible. If you need to configure custom
HTTP methods, contact L(My Oracle Support,http://support.oracle.com/)
to remove the restriction for your tenancy.
- 'Example: ["GET", "PUT", "POST", "PROPFIND"]'
returned: on success
sample: []
type: list
are_invalid_characters_allowed:
description:
- Indicates whether or not invalid characters in client header fields will
be allowed. Valid names are composed of English letters, digits, hyphens
and underscores. If "true", invalid characters are allowed in the HTTP
header. If "false", invalid characters are not allowed in the HTTP header
returned: on success
sample: true
type: bool
conditions:
contains:
attribute_name:
description:
- ''
returned: on success
sample: SOURCE_IP_ADDRESS
type: str
attribute_value:
description:
- The path string that the redirection rule applies to.
- 'Example: `/example`'
returned: on success
sample: attribute_value_example
type: str
operator:
description:
- A string that specifies how to compare the PathMatchCondition object's
`attributeValue` string to the incoming URI.
- '* **EXACT_MATCH** - The incoming URI path must exactly and completely
match the `attributeValue` string.'
- '* **FORCE_LONGEST_PREFIX_MATCH** - The system looks for the `attributeValue`
string with the best, longest match of the beginning portion of the
incoming URI path.'
- '* **PREFIX_MATCH** - The beginning portion of the incoming URI path
must exactly match the `attributeValue` string.'
- '* **SUFFIX_MATCH** - The ending portion of the incoming URI path
must exactly match the `attributeValue` string.'
returned: on success
sample: EXACT_MATCH
type: str
description:
- ''
returned: on success
type: complex
description:
description:
- A brief description of the access control rule. Avoid entering confidential
information.
- 'example: `192.168.0.0/16 and 2001:db8::/32 are trusted clients. Whitelist
them.`'
returned: on success
sample: description_example
type: str
header:
description:
- A header name that conforms to RFC 7230.
- 'Example: `example_header_name`'
returned: on success
sample: header_example
type: str
http_large_header_size_in_kb:
description:
- The maximum size of each buffer used for reading http client request header.
This value indicates the maximum size allowed for each buffer. The allowed
values for buffer size are 8, 16, 32 and 64.
returned: on success
sample: 56
type: int
prefix:
description:
- 'A string to prepend to the header value. The resulting header value must
conform to RFC 7230. With the following exceptions: * value cannot contain
`$` * value cannot contain patterns like `{variable_name}`. They are
reserved for future extensions. Currently, such values are invalid.'
- 'Example: `example_prefix_value`'
returned: on success
sample: prefix_example
type: str
redirect_uri:
contains:
host:
description:
- The valid domain name (hostname) or IP address to use in the redirect
URI.
- When this value is null, not set, or set to `{host}`, the service
preserves the original domain name from the incoming HTTP request
URI.
- All RedirectUri tokens are valid for this property. You can use any
token more than once.
- Curly braces are valid in this property only to surround tokens, such
as `{host}`
- 'Examples:'
- '* **example.com** appears as `example.com` in the redirect URI.'
- '* **in{host}** appears as `inexample.com` in the redirect URI if
`example.com` is the hostname in the incoming HTTP request URI.'
- '* **{port}{host}** appears as `8081example.com` in the redirect
URI if `example.com` is the hostname and the port is `8081` in the
incoming HTTP request URI.'
returned: on success
sample: host_example
type: str
path:
description:
- The HTTP URI path to use in the redirect URI.
- When this value is null, not set, or set to `{path}`, the service
preserves the original path from the incoming HTTP request URI. To
omit the path from the redirect URI, set this value to an empty string,
"".
- All RedirectUri tokens are valid for this property. You can use any
token more than once.
- The path string must begin with `/` if it does not begin with the
`{path}` token.
- 'Examples:'
- '* __/example/video/123__ appears as `/example/video/123` in the
redirect URI.'
- '* __/example{path}__ appears as `/example/video/123` in the redirect
URI if `/video/123` is the path in the incoming HTTP request URI.'
- '* __{path}/123__ appears as `/example/video/123` in the redirect
URI if `/example/video` is the path in the incoming HTTP request URI.'
- '* __{path}123__ appears as `/example/video123` in the redirect URI
if `/example/video` is the path in the incoming HTTP request URI.'
- '* __/{host}/123__ appears as `/example.com/123` in the redirect
URI if `example.com` is the hostname in the incoming HTTP request
URI.'
- '* __/{host}/{port}__ appears as `/example.com/123` in the redirect
URI if `example.com` is the hostname and `123` is the port in the
incoming HTTP request URI.'
- '* __/{query}__ appears as `/lang=en` in the redirect URI if the
query is `lang=en` in the incoming HTTP request URI.'
returned: on success
sample: path_example
type: str
port:
description:
- The communication port to use in the redirect URI.
- Valid values include integers from 1 to 65535.
- When this value is null, the service preserves the original port from
the incoming HTTP request URI.
- 'Example: `8081`'
returned: on success
sample: 56
type: int
protocol:
description:
- The HTTP protocol to use in the redirect URI.
- 'When this value is null, not set, or set to `{protocol}`, the service
preserves the original protocol from the incoming HTTP request URI.
Allowed values are:'
- '* HTTP * HTTPS * {protocol}'
- '`{protocol}` is the only valid token for this property. It can appear
only once in the value string.'
- 'Example: `HTTPS`'
returned: on success
sample: protocol_example
type: str
query:
description:
- The query string to use in the redirect URI.
- When this value is null, not set, or set to `{query}`, the service
preserves the original query parameters from the incoming HTTP request
URI.
- All `RedirectUri` tokens are valid for this property. You can use
any token more than once.
- If the query string does not begin with the `{query}` token, it must
begin with the question mark (?) character.
- You can specify multiple query parameters as a single string. Separate
each query parameter with an ampersand (&) character. To omit all
incoming query parameters from the redirect URI, set this value to
an empty string, "".
- If the specified query string results in a redirect URI ending with
`?` or `&`, the last character is truncated. For example, if the incoming
URI is `http://host.com:8080/documents` and the query property value
is `?lang=en&{query}`, the redirect URI is `http://host.com:8080/documents?lang=en`.
The system truncates the final ampersand (&) because the incoming
URI included no value to replace the {query} token.
- 'Examples: * **lang=en&time_zone=PST** appears as `lang=en&time_zone=PST`
in the redirect URI.'
- '* **{query}** appears as `lang=en&time_zone=PST` in the redirect
URI if `lang=en&time_zone=PST` is the query string in the incoming
HTTP request. If the incoming HTTP request has no query parameters,
the `{query}` token renders as an empty string.'
- '* **lang=en&{query}&time_zone=PST** appears as `lang=en&country=us&time_zone=PST`
in the redirect URI if `country=us` is the query string in the incoming
HTTP request. If the incoming HTTP request has no query parameters,
this value renders as `lang=en&time_zone=PST`.'
- '* **protocol={protocol}&hostname={host}** appears as `protocol=http&hostname=example.com`
in the redirect URI if the protocol is `HTTP` and the hostname is
`example.com` in the incoming HTTP request.'
- '* **port={port}&hostname={host}** appears as `port=8080&hostname=example.com`
in the redirect URI if the port is `8080` and the hostname is `example.com`
in the incoming HTTP request URI.'
returned: on success
sample: query_example
type: str
description:
- ''
returned: on success
type: complex
response_code:
description:
- The HTTP status code to return when the incoming request is redirected.
- 'The status line returned with the code is mapped from the standard HTTP
specification. Valid response codes for redirection are:'
- '* 301 * 302 * 303 * 307 * 308'
- The default value is `302` (Found).
- 'Example: `301`'
returned: on success
sample: 56
type: int
status_code:
description:
- The HTTP status code to return when the requested HTTP method is not in
the list of allowed methods. The associated status line returned with
the code is mapped from the standard HTTP specification. The default value
is `405 (Method Not Allowed)`.
- 'Example: 403'
returned: on success
sample: 56
type: int
suffix:
description:
- 'A string to append to the header value. The resulting header value must
conform to RFC 7230. With the following exceptions: * value cannot contain
`$` * value cannot contain patterns like `{variable_name}`. They are
reserved for future extensions. Currently, such values are invalid.'
- 'Example: `example_suffix_value`'
returned: on success
sample: suffix_example
type: str
value:
description:
- 'A header value that conforms to RFC 7230. With the following exceptions:
* value cannot contain `$` * value cannot contain patterns like `{variable_name}`.
They are reserved for future extensions. Currently, such values are invalid.'
- 'Example: `example_value`'
returned: on success
sample: value_example
type: str
description:
- An array of rules that compose the rule set.
returned: on success
type: complex
name:
description:
- The name for this set of rules. It must be unique and it cannot be changed.
Avoid entering confidential information.
- 'Example: `example_rule_set`'
returned: on success
sample: name_example
type: str
description:
- List of RuleSet resources
returned: on success
sample:
- items:
- action: ADD_HTTP_REQUEST_HEADER
allowed_methods: []
are_invalid_characters_allowed: true
conditions:
- attribute_name: SOURCE_IP_ADDRESS
attribute_value: attribute_value_example
operator: EXACT_MATCH
description: description_example
header: header_example
http_large_header_size_in_kb: 56
prefix: prefix_example
redirect_uri:
host: host_example
path: path_example
port: 56
protocol: protocol_example
query: query_example
response_code: 56
status_code: 56
suffix: suffix_example
value: value_example
name: name_example
type: complex