Policies
Cloudlet policies contain the match rules that determine how an application manages your traffic.
Some cloudlet application types allow you to share policies across multiple properties, others don't, and some types work both ways.
Cloudlet | Non-Shared | Shared |
---|---|---|
API Prioritization | ✔ | ✔ |
Application Load Balancer1 | ✔ | |
Audience Segmentation2 | ✔ | ✔ |
Edge Redirector | ✔ | ✔ |
Forward Rewrite2 | ✔ | ✔ |
Phased Release2 | ✔ | ✔ |
Request Control | ✔ | ✔ |
Visitor Prioritization | ✔ |
1Cloudlet forwards incoming requests and requires load balancer configuration and origin.
2Cloudlet forwards incoming requests and requires an origin server.
Create a policy
A policy is basically a container in which you place a set of versioned rules for your cloudlet application.
- To create a non-shared policy for a load balancer or visitor prioritization cloudlet, use the
-Legacy
switch as the policy cmdlets default to shared policies. - To upgrade a non-shared policy to shared, create a new policy of the same type and then get your existing policy's rule set.
Provide your group ID, a name for the policy, and designate a cloudlet type.
- API Prioritization
- Application Load Balancer
- Audience Segmentation
- Redirector
- Forward Rewrite
- Phased Release
- Request Control
- Visitor Prioritization
New-CloudletPolicy -GroupID 12345 -Name my_er_policy -CloudletType "Edge Redirector"
id : 12345
name : my_er_policy
description :
policyType : SHARED
cloudletType : ER
groupId : 12345
createdBy : jsmith
createdDate : 4/17/2024 2:45:34 PM
modifiedBy : jsmith
modifiedDate : 4/17/2024 2:45:34 PM
currentActivations : @{staging=; production=}
links : {@{rel=self; href=http://origin.pulsar.akamai.com/
cloudlets/v3/policies/54321}}
Use the returned policy id
to add a set of match rules.
Get policies and rules
Get a list of your cloudlet policies, policy versions, and policy version rules.
Note: When converting to and outputting as JSON, the default depth is two. To make sure you get complete data, set the depth between seven and 99.
-
List your cloudlet policies to get a policy.
Get-CloudletPolicy
location : /cloudlets/api/v3/policies/12345 serviceVersion : policyId : 12345 groupId : 654321 name : My_Edge_Redirector_Cloudlet description : Cloudlet for marketing department propertyName : createdBy : jsmith createDate : 1533884670660 lastModifiedBy : jsmith lastModifiedDate : 1711660359367 activations : {@{serviceVersion=; network=staging; policyInfo=@{policyId=12345; name=my_er_policy; version=2; status=active; activatedBy=jsmith; activationDate=1711660359367}; propertyInfo=@{name=myproperty; version=13; groupId=654321; status=activated; activatedBy=jsmith; activationDate=1687966909000; id=98765}; apiVersion=3.0}} cloudletCode : ER cloudletId : 9 apiVersion : 3.0 deleted : False location : /cloudlets/api/v2/policies/98765 serviceVersion : policyId : 98765 groupId : 654321 name : My_ALB_Cloudlet description : propertyName : createdBy : jsmith createDate : 1664283009238 lastModifiedBy : jsmith lastModifiedDate : 1711660550615 activations : {@{serviceVersion=; network=staging; policyInfo=@{policyId=98765; name=my_alb_policy; version=2; status=active; activatedBy=jsmith; activationDate=1711660550615}; propertyInfo=@{name=myotherproperty; version=4; groupId=654321; status=activated; activatedBy=jsmith; activationDate=1687966909000; id=78901}; apiVersion=2.0}} cloudletCode : ALB cloudletId : 0 apiVersion : 2.0 deleted : False
-
Get a policy's version to get its rules.
Get-CloudletPolicyVersion -PolicyID 12345 -Version latest
location : /cloudlets/api/v3/policies/12345/versions/2 revisionId : 90123456 policyId : 12345 version : 2 description : Cloudlet for marketing department (based on v1) createdBy : jsmith createDate : 1698076947387 lastModifiedBy : jsmith lastModifiedDate : 1698078021489 activations : {@{serviceVersion = 1; network = staging; policyInfo = @{policyId = 12345; name = my_er_policy; version = 2; status = active; activatedBy = jsmith; activationDate = 1711660359367}; propertyInfo = @{name = myproperty; version = 13; groupId = 654321; status = activated; activatedBy = jsmith; activationDate = 1687966909000; id = 98765}; apiVersion = 3.0}} matchRules : {@{type = erMatchRule; id = 0; name = my_er_match_rule; start = 0; end = 0; matchURL = ; matches = {@{matchValue=/test1; matchOperator=equals; negate=False; caseSensitive=False; matchType=path}}; akaRuleId = 1a23b4c5d6ef78g9; location = /cloudlets/api/v3/policies/12345/versions/2/rules/1a23b4c5d6ef78g9; statusCode = 301; redirectURL = /homepage; useIncomingQueryString = True; useIncomingSchemeAndHost = True; UseRelativeUrl = copy_scheme_hostname}} matchRuleFormat : 1.0 deleted : False rulesLocked : True
Configure match rules
A cloudlet's policy contains a set of match rules that govern the actions taken on your site's inbound traffic.
Set up or edit an existing set of match rules based on the type of cloudlet you're using.
Update policy
To update your policies, get your rules and make your changes directly in the shell or in a JSON file to import.
Note: The
akaRuleId
and ruletype
are immutable.
-
Make your changes.
// Make changes in the shell $PolicyRules.matchRules.matches[0].matchesAlways = $true // Make changes externally and import them $PolicyRules = Get-Content ./policy-rules.json | ConvertFrom-Json
-
Update your policy.
Set-CloudletPolicyVersion -Body $Policy -PolicyID 54321 -Version latest
matchRulesWarnings : {} modifiedBy : jsmith version : 1 immutable : False description : Update matches always to true createdBy : jsmith policyId : 56789 matchRules : {@{type=igMatchRule; id=0; name=AllowSampleIP; start=0; end=0; matchURL=; matches=System.Object[]; akaRuleId=1a23b4c5d6ef78g9; allowDeny=allow}, @{type=igMatchRule; id=0; name=DefaultDeny; start=0; end=0; matchURL=; akaRuleId=98a765bc4d32e1fg; matchesAlways=True; allowDeny=deny}} createdDate : 4/17/2024 5:21:39 PM modifiedDate : 4/17/2024 5:21:39 PM
If you need to associate your cloudlet with additional or different properties once you've finished your updates, activate and connect your policy to them.
Otherwise, just activate your policy.
- Your existing policy continues to serve traffic until you activate your update.
- The new activation automatically deactivates the existing policy.
Activate and connect
Because cloudlets are add-on applications to properties, you need to connect the two together before the cloudlet can manage traffic. Activate your cloudlet policy on a network, add a cloudlet rule to each property you want to add the cloudlet to, and activate the properties.
Note: If you set up a new load balancer configuration, you need only activate your policy as the property steps were part of that process.
1. Activate policy
Pass your cloudlet's policy ID and version with a network choice to activate your policy.
New-CloudletPolicyActivation -Network STAGING -PolicyID -Version 1
id : 98765
policyId : 56789
status : SUCCESS
createdBy : jsmith
createdDate : 4/17/2024 5:47:22 PM
finishDate : 4/17/2024 5:47:22 PM
operation : ACTIVATION
network : STAGING
policyVersion : 1
policyVersionDeleted : False
links : {@{rel=self; href=http://origin.pulsar.akamai.com/cloudlets/v3/p
olicies/56789/activations/98765}}
2. Add a property rule
Add a rule to each of the properties you want associated with your cloudlet.
-
Get each property's rule tree. The output is a directory at your current location containing a
property-snippets
subdirectory with each of your rule's configurations.Get-PropertyRules -PropertyName "My property" -PropertyVersion latest -OutputToFile
-
Create a new rule snippet file and configure a new rule, behavior, and criteria for your cloudlet type.
-
Add a reference to your new rule in your rule tree's
main.json
.... "children": [ "#include:<your-cloudlet-rule>.json" ] ...
-
Update your property's rules, pointing to the property snippet directory.
Send your entire rule tree back. Rules not returned are removed from your property.Set-PropertyRule -PropertyName "my-property" -PropertyVersion latest -InputDirectory "./property-rules/property-snippets" -VersionNotes "Adding a cloudlet rule"
The output returns your rule tree along with any errors or warnings on upload.
3. Activate your property
Provide a value for the network, staging
or production
, and activate your property.
New-PropertyActivation -PropertyName "my-property" -PropertyVersion latest -Network staging
activationLink: /papi/v0/properties/prp_98765/activations/atv_76543?contractId=ctr_C-0N7RAC7&groupId=grp_12345
Updated about 2 months ago