{ "description": "Load balancer rules allow customization of load balancing behavior using match/action rules. Currently, load balancer rules are supported for only layer 7 virtual servers with application profile LbHttpProfile. Each application rule consists of one or more match conditions and one or more actions. Load balancer rules could be used by different load balancer services.", "extends": { "$ref": "ManagedResource }, "id": "LbRule", "module_id": "LoadBalancer", "properties": { "_create_time": { "$ref": "EpochMsTimestamp, "can_sort": true, "description": "Timestamp of resource creation", "readonly": true }, "_create_user": { "description": "ID of the user who created this resource", "readonly": true, "type": "string" }, "_last_modified_time": { "$ref": "EpochMsTimestamp, "can_sort": true, "description": "Timestamp of last modification", "readonly": true }, "_last_modified_user": { "description": "ID of the user who last modified this resource", "readonly": true, "type": "string" }, "_links": { "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", "items": { "$ref": "ResourceLink }, "readonly": true, "title": "References related to this resource", "type": "array" }, "_protection": { "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.", "readonly": true, "title": "Indicates protection status of this resource", "type": "string" }, "_revision": { "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", "title": "Generation of this resource config", "type": "int" }, "_schema": { "readonly": true, "title": "Schema for this resource", "type": "string" }, "_self": { "$ref": "SelfResourceLink, "readonly": true, "title": "Link to this resource" }, "_system_owned": { "description": "Indicates system owned resource", "readonly": true, "type": "boolean" }, "actions": { "description": "A list of actions to be executed at specified phase when load balancer rule matches. The actions are used to manipulate application traffic, such as rewrite URI of HTTP messages, redirect HTTP messages, etc.", "items": { "$ref": "LbRuleAction }, "maxItems": 60, "required": true, "title": "Actions to be executed", "type": "array" }, "description": { "can_sort": true, "maxLength": 1024, "title": "Description of this resource", "type": "string" }, "display_name": { "can_sort": true, "description": "Defaults to ID if not set", "maxLength": 255, "title": "Identifier to use when displaying entity in logs or GUI", "type": "string" }, "id": { "can_sort": true, "title": "Unique identifier of this resource", "type": "string" }, "match_conditions": { "description": "A list of match conditions used to match application traffic. Multiple match conditions can be specified in one load balancer rule, each match condition defines a criterion to match application traffic. If no match conditions are specified, then the load balancer rule will always match and it is used typically to define default rules. If more than one match condition is specified, then match strategy determines if all conditions should match or any one condition should match for the load balancer rule to considered a match.", "items": { "$ref": "LbRuleCondition }, "maxItems": 60, "required": false, "title": "Conditions to match application traffic", "type": "array" }, "match_strategy": { "description": "Strategy to define how load balancer rule is considered a match when multiple match conditions are specified in one rule. If match_stragety is set to ALL, then load balancer rule is considered a match only if all the conditions match. If match_strategy is set to ANY, then load balancer rule is considered a match if any one of the conditions match.", "enum": [ "ALL", "ANY" ], "required": true, "title": "Strategy to match multiple conditions", "type": "string" }, "phase": { "description": "Each load balancer rule is used at a specific phase of load balancer processing. Currently five phases are supported, HTTP_REQUEST_REWRITE, HTTP_FORWARDING, HTTP_RESPONSE_REWRITE, HTTP_ACCESS and TRANSPORT. When an HTTP request message is received by load balancer, all HTTP_REQUEST_REWRITE rules, if present are executed in the order they are applied to virtual server. And then if HTTP_FORWARDING rules present, only first matching rule's action is executed, remaining rules are not checked. HTTP_FORWARDING rules can have only one action. If the request is forwarded to a backend server and the response goes back to load balancer, all HTTP_RESPONSE_REWRITE rules, if present, are executed in the order they are applied to the virtual server. In HTTP_ACCESS phase, user can define action to control access using JWT authentication. In TRANSPORT phase, user can define the condition to match SNI in TLS client hello and define the action to do SSL end-to-end, SSL offloading or SSL passthrough using a specific load balancer server pool.", "enum": [ "HTTP_REQUEST_REWRITE", "HTTP_FORWARDING", "HTTP_RESPONSE_REWRITE", "HTTP_ACCESS", "TRANSPORT" ], "required": true, "title": "Load balancer processing phase", "type": "string" }, "resource_type": { "description": "The type of this resource.", "readonly": false, "type": "string" }, "tags": { "items": { "$ref": "Tag }, "maxItems": 30, "title": "Opaque identifiers meaningful to the API user", "type": "array" } }, "title": "Load balancer rules", "type": "object" }