Code Monkey home page Code Monkey logo

xc_https_waf's Introduction

xc_https_waf

This repository uses HashiCorp's Terraform to deploy an application on to F5 Distributed Cloud's Regional Edges using a HTTP load balancer and optionally an App Firewall.

Requirements:

  • Terraform v0.12+
  • Volterra Provider currently v0.11.7

Creating a Distributed Cloud API Credential P12 file

  • Click on Administration
  • Click Credentials under Personal Management
  • Click Add Credentials
    • Enter a name for your credentials
    • Select API Certificate under Credential Type
    • Enter a password
    • Select an expiration date (maximum of 90 days)
    • Click Download

Setting up Volterra provider

  • Create the following environment variables
    • VOLT_API_P12_FILE - This provides path to the Credential P12 file you just created
    • VOLT_API_URL - The URL to the Distributed Cloud API
    • VES_P12_PASSWORD - The password of the P12 file
    export VOLT_API_URL='https://<your-tenant-name>.console.ves.volterra.io/api'
    export VOLT_API_P12_FILE='/home/ubuntu/myp12file.p12'
    export VES_P12_PASSWORD='password'

Run terraform.

If you have not updated the variables.tf file with your xcTenant and demoNameSpace, define those variables at the cmd line:

terraform init
terraform plan -var custName=customer -var originFQDN=www.customer.com -var xcTenant=<your-tenant-name> -var demoNameSpace=<your-namespace>
terraform apply -var custName=customer -var originFQDN=www.customer.com -var xcTenant=<your-tenant-name> -var demoNameSpace=<your-namespace>

Create and enable an Application Firewall

Set the variable disableWAF to false

terraform apply -var custName=customer -var originFQDN=www.customer.com -var xcTenant=<your-tenant-name> -var demoNameSpace=<your-namespace> -var disableWAF=false

Create and enable a Service Policy

The Service Policy defined will block sources by country Set the variable servicePolicyType to "custom"

terraform apply -var custName=customer -var originFQDN=www.customer.com -var xcTenant=<your-tenant-name> -var demoNameSpace=<your-namespace> -var disableWAF=false -var servicePolicyType=custom

xc_https_waf's People

Contributors

ajgerace avatar mikeoleary avatar

Stargazers

Glen Willms avatar

Watchers

James Cloos avatar avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.