Request control match rule
akamai_cloudlets_request_control_match_rule
Build a match rule JSON object for the request control cloudlet.
data "akamai_cloudlets_request_control_match_rule" "my_rc_match_rule" {
match_rules {
name = "my_rc_match_rule"
disabled = false
allow_deny = "allow"
matches {
case_sensitive = false
match_operator = "contains"
match_type = "method"
negate = false
check_ips = "CONNECTING_IP XFF_HEADERS"
object_match_value {
name_case_sensitive = true
name_has_wildcard = true
type = "simple"
value = [
"GET"
]
}
}
}
output "my_rc_match_rule" {
value = data.akamai_cloudlets_request_control_match_rule.my_rc_match_rule
}
Changes to Outputs:
+ my_rc_match_rule = {
+ id = "12ab3cde4f5g678h901234567i890123j456k789"
+ json = jsonencode(
[
+ {
+ allowDeny = "allow"
+ matches = [
+ {
+ caseSensitive = false
+ checkIPs = "CONNECTING_IP XFF_HEADERS"
+ matchOperator = "contains"
+ matchType = "method"
+ negate = false
+ objectMatchValue = {
+ type = "simple"
+ value = [
+ "GET",
]
}
},
]
+ name = "my_rc_match_rule"
+ type = "igMatchRule"
},
]
)
+ match_rules = [
+ {
+ allow_deny = "allow"
+ disabled = false
+ end = 0
+ matches = [
+ {
+ case_sensitive = false
+ check_ips = "CONNECTING_IP XFF_HEADERS"
+ match_operator = "contains"
+ match_type = "method"
+ match_value = ""
+ negate = false
+ object_match_value = [
+ {
+ name = ""
+ name_case_sensitive = true
+ name_has_wildcard = true
+ options = []
+ type = "simple"
+ value = [
+ "GET",
]
},
]
},
]
+ matches_always = false
+ name = "my_rc_match_rule"
+ start = 0
+ type = "igMatchRule"
},
]
}
Arguments
Pass a match_rules list with the options that best fit your business case. While the match definitions arguments are optional, expected, at a minimum, is the allow_deny argument.
Use the information in the match options table to build out your rule's matches criteria.
| Argument | Required | Description |
|---|---|---|
allow_deny |
✔ | The allow or deny settings for requests. Value is one of:
|
matches_always |
Whether the rule always matches the rule options set. | |
name |
A human-readable name for your rule. | |
start |
The start time for the match. Value is UTC through seconds. | |
end |
The end time for the match. Value is UTC through seconds. | |
disabled |
Whether to disable a rule so it is not evaluated against incoming requests. | |
matches |
The match object definitions list. |
Match options
The options listed are nested within the matches argument.
All match options are optional.
| Argument | Description |
|---|---|
match_type |
The type of match used. Value is one of:
|
match_value |
A value that reflects your match type, for example, if you set your match type to countrycode, the value would reflect the match country. |
match_operator |
Compares a string expression with a pattern. Value is one of:
|
case_sensitive |
Whether the match is case sensitive. |
negate |
Whether to negate the match. |
check_ips |
For clientip, continent, countrycode, proxy, and regioncode match types, the part of the request that defines the part of the request to use as the IP address. Value options:
|
object_match_value |
Use when a rule includes more complex match criteria, like multiple value attributes. Value options:
|
Attributes
Returned is a jsonencoded list of the match rules defined in your query. Set the output type to capture the result based on your need as you use the return in the policy resource.
Updated 8 months ago