Cloudlet policies contain the match rules that determine how an application manages your traffic.

Some cloudlet application types allow you to share policies across multiple properties, others don't, and some types work both ways.

Cloudlet Non-Shared Shared
API Prioritization
Application Load Balancer1
Audience Segmentation2
Edge Redirector
Forward Rewrite2
Phased Release2
Request Control
Visitor Prioritization

1Cloudlet forwards incoming requests and requires load balancer configuration and origin.

2Cloudlet forwards incoming requests and requires an origin server.

Create a policy

A policy is basically a container in which you place a set of versioned rules for your cloudlet application.

  • To create a non-shared policy for a load balancer or visitor prioritization cloudlet, use the -Legacy switch as the policy cmdlets default to shared policies.
  • To upgrade a non-shared policy to shared, create a new policy of the same type and then get your existing policy's rule set.

Provide your group ID, a name for the policy, and designate a cloudlet type.

  • API Prioritization
  • Application Load Balancer
  • Audience Segmentation
  • Redirector
  • Forward Rewrite
  • Phased Release
  • Request Control
  • Visitor Prioritization
New-CloudletPolicy -GroupID 12345 -Name my_er_policy -CloudletType "Edge Redirector" 
id                 : 12345
name               : my_er_policy
description        : 
policyType         : SHARED
cloudletType       : ER
groupId            : 12345
createdBy          : jsmith
createdDate        : 4/17/2024 2:45:34 PM
modifiedBy         : jsmith
modifiedDate       : 4/17/2024 2:45:34 PM
currentActivations : @{staging=; production=}
links              : {@{rel=self; href=http://origin.pulsar.akamai.com/
                     cloudlets/v3/policies/54321}}

Use the returned policy id to add a set of match rules.

Get policies and rules

Get a list of your cloudlet policies, policy versions, and policy version rules.

Note: When converting to and outputting as JSON, the default depth is two. To make sure you get complete data, set the depth between seven and 99.

  1. List your cloudlet policies to get a policy.

    Get-CloudletPolicy
    
    location         : /cloudlets/api/v3/policies/12345
    serviceVersion   : 
    policyId         : 12345
    groupId          : 654321
    name             : My_Edge_Redirector_Cloudlet
    description      : Cloudlet for marketing department
    propertyName     : 
    createdBy        : jsmith
    createDate       : 1533884670660
    lastModifiedBy   : jsmith
    lastModifiedDate : 1711660359367
    activations      : {@{serviceVersion=;  network=staging; 
                      policyInfo=@{policyId=12345; name=my_er_policy; version=2; 
                      status=active; activatedBy=jsmith; activationDate=1711660359367}; 
                      propertyInfo=@{name=myproperty; version=13; groupId=654321; status=activated; 
                      activatedBy=jsmith; activationDate=1687966909000; id=98765}; apiVersion=3.0}}
    cloudletCode     : ER
    cloudletId       : 9
    apiVersion       : 3.0
    deleted          : False
    
    location         : /cloudlets/api/v2/policies/98765
    serviceVersion   : 
    policyId         : 98765
    groupId          : 654321
    name             : My_ALB_Cloudlet
    description      : 
    propertyName     : 
    createdBy        : jsmith
    createDate       : 1664283009238
    lastModifiedBy   : jsmith
    lastModifiedDate : 1711660550615
    activations      : {@{serviceVersion=; network=staging; policyInfo=@{policyId=98765; 
                      name=my_alb_policy; version=2; status=active; activatedBy=jsmith; 
                      activationDate=1711660550615}; propertyInfo=@{name=myotherproperty; 
                      version=4; groupId=654321; status=activated; activatedBy=jsmith; 
                      activationDate=1687966909000; id=78901}; apiVersion=2.0}}
    cloudletCode     : ALB
    cloudletId       : 0
    apiVersion       : 2.0
    deleted          : False
    
  2. Get a policy's version to get its rules.

    Get-CloudletPolicyVersion -PolicyID 12345 -Version latest 
    
    location         : /cloudlets/api/v3/policies/12345/versions/2
    revisionId       : 90123456
    policyId         : 12345
    version          : 2
    description      : Cloudlet for marketing department (based on v1)
    createdBy        : jsmith
    createDate       : 1698076947387
    lastModifiedBy   : jsmith
    lastModifiedDate : 1698078021489
    activations      : {@{serviceVersion = 1; network = staging; 
                      policyInfo = @{policyId = 12345; name = my_er_policy; version = 2; 
                      status = active; activatedBy = jsmith; activationDate = 1711660359367};   
                      propertyInfo = @{name = myproperty; version = 13; groupId = 654321;             
                      status = activated; activatedBy = jsmith; activationDate = 1687966909000;            
                      id = 98765}; apiVersion = 3.0}}
    matchRules       : {@{type = erMatchRule; id = 0; name = my_er_match_rule; start = 0; end = 0;   
                      matchURL = ; matches = {@{matchValue=/test1; matchOperator=equals; negate=False; 
                      caseSensitive=False; matchType=path}}; akaRuleId = 1a23b4c5d6ef78g9;           
                      location = /cloudlets/api/v3/policies/12345/versions/2/rules/1a23b4c5d6ef78g9; 
                      statusCode = 301; redirectURL = /homepage; useIncomingQueryString = True; 
                      useIncomingSchemeAndHost = True; UseRelativeUrl = copy_scheme_hostname}}
    matchRuleFormat  : 1.0
    deleted          : False
    rulesLocked      : True
    

Configure match rules

A cloudlet's policy contains a set of match rules that govern the actions taken on your site's inbound traffic.

Set up or edit an existing set of match rules based on the type of cloudlet you're using.

Update policy

To update your policies, get your rules and make your changes directly in the shell or in a JSON file to import.

Note: The akaRuleId and rule type are immutable.

  1. Make your changes.

    // Make changes in the shell
    $PolicyRules.matchRules.matches[0].matchesAlways = $true
    
    // Make changes externally and import them
    $PolicyRules = Get-Content ./policy-rules.json | ConvertFrom-Json
    
  2. Update your policy.

    Set-CloudletPolicyVersion -Body $Policy -PolicyID 54321 -Version latest
    
    matchRulesWarnings : {}
    modifiedBy         : jsmith
    version            : 1
    immutable          : False
    description        : Update matches always to true
    createdBy          : jsmith
    policyId           : 56789
    matchRules         : {@{type=igMatchRule; id=0; name=AllowSampleIP; 
                         start=0; end=0; matchURL=; 
                         matches=System.Object[]; 
                         akaRuleId=1a23b4c5d6ef78g9; allowDeny=allow}, 
                         @{type=igMatchRule; id=0; name=DefaultDeny; 
                         start=0; end=0; matchURL=; 
                         akaRuleId=98a765bc4d32e1fg; matchesAlways=True; 
                         allowDeny=deny}}
    createdDate        : 4/17/2024 5:21:39 PM
    modifiedDate       : 4/17/2024 5:21:39 PM
    

If you need to associate your cloudlet with additional or different properties once you've finished your updates, activate and connect your policy to them.

Otherwise, just activate your policy.

  • Your existing policy continues to serve traffic until you activate your update.
  • The new activation automatically deactivates the existing policy.

Activate and connect

Because cloudlets are add-on applications to properties, you need to connect the two together before the cloudlet can manage traffic. Activate your cloudlet policy on a network, add a cloudlet rule to each property you want to add the cloudlet to, and activate the properties.

Note: If you set up a new load balancer configuration, you need only activate your policy as the property steps were part of that process.

1. Activate policy

Pass your cloudlet's policy ID and version with a network choice to activate your policy.

New-CloudletPolicyActivation -Network STAGING -PolicyID  -Version 1
id                   : 98765
policyId             : 56789
status               : SUCCESS
createdBy            : jsmith
createdDate          : 4/17/2024 5:47:22 PM
finishDate           : 4/17/2024 5:47:22 PM
operation            : ACTIVATION
network              : STAGING
policyVersion        : 1
policyVersionDeleted : False
links                : {@{rel=self; href=http://origin.pulsar.akamai.com/cloudlets/v3/p
                       olicies/56789/activations/98765}}

2. Add a property rule

Add a rule to each of the properties you want associated with your cloudlet.

  1. Get each property's rule tree. The output is a directory at your current location containing a property-snippets subdirectory with each of your rule's configurations.

    Get-PropertyRules -PropertyName "My property" -PropertyVersion latest -OutputToFile
    
  2. Create a new rule snippet file and configure a new rule, behavior, and criteria for your cloudlet type.

  3. Add a reference to your new rule in your rule tree's main.json.

    ...
    
    "children": [
      "#include:<your-cloudlet-rule>.json"
    ]
    ...
    
    
  4. Update your property's rules, pointing to the property snippet directory.

    Send your entire rule tree back. Rules not returned are removed from your property.
    Set-PropertyRule -PropertyName "my-property" -PropertyVersion latest -InputDirectory "./property-rules/property-snippets" -VersionNotes "Adding a cloudlet rule"
    

    The output returns your rule tree along with any errors or warnings on upload.

3. Activate your property

Provide a value for the network, staging or production, and activate your property.

New-PropertyActivation -PropertyName "my-property" -PropertyVersion latest -Network staging
activationLink: /papi/v0/properties/prp_98765/activations/atv_76543?contractId=ctr_C-0N7RAC7&groupId=grp_12345