netscaler.adc.appfwprofile_jsondosurl_binding module – Binding Resource definition for describing association between appfwprofile and jsondosurl resources

Note

This module is part of the netscaler.adc collection (version 2.6.0).

It is not included in ansible-core. To check whether it is installed, run ansible-galaxy collection list.

To install it, use: ansible-galaxy collection install netscaler.adc.

To use it in a playbook, specify: netscaler.adc.appfwprofile_jsondosurl_binding.

New in netscaler.adc 2.0.0

Synopsis

  • Binding Resource definition for describing association between appfwprofile and jsondosurl resources

Parameters

Parameter

Comments

alertonly

string

Send SNMP alert?

Choices:

  • "ON"

  • "OFF"

api_path

string

Base NITRO API path.

Define only in case of an ADM service proxy call

Default: "nitro/v1/config"

comment

string

Any comments about the purpose of profile, or other useful information about the profile.

isautodeployed

string

Is the rule auto deployed by dynamic profile ?

Choices:

  • "AUTODEPLOYED"

  • "NOTAUTODEPLOYED"

jsondosurl

string

The URL on which we need to enforce the specified JSON denial-of-service (JSONDoS) attack protections.

An JSON DoS configuration consists of the following items:

* URL. PCRE-format regular expression for the URL.

* Maximum-document-length-check toggle. ON to enable this check, OFF to disable it.

* Maximum document length. Positive integer representing the maximum length of the JSON document.

* Maximum-container-depth-check toggle. ON to enable, OFF to disable.

* Maximum container depth. Positive integer representing the maximum container depth of the JSON document.

* Maximum-object-key-count-check toggle. ON to enable, OFF to disable.

* Maximum object key count. Positive integer representing the maximum allowed number of keys in any of the JSON object.

* Maximum-object-key-length-check toggle. ON to enable, OFF to disable.

* Maximum object key length. Positive integer representing the maximum allowed length of key in any of the JSON object.

* Maximum-array-value-count-check toggle. ON to enable, OFF to disable.

* Maximum array value count. Positive integer representing the maximum allowed number of values in any of the JSON array.

* Maximum-string-length-check toggle. ON to enable, OFF to disable.

* Maximum string length. Positive integer representing the maximum length of string in JSON.

jsonmaxarraylength

float

Maximum array length in the any of JSON object. This check protects against arrays having large lengths.

jsonmaxarraylengthcheck

string

State if JSON Max array value count check is ON or OFF.

Choices:

  • "ON"

  • "OFF"

jsonmaxcontainerdepth

float

Maximum allowed nesting depth of JSON document. JSON allows one to nest the containers (object and array) in any order to any depth. This check protects against documents that have excessive depth of hierarchy.

jsonmaxcontainerdepthcheck

string

State if JSON Max depth check is ON or OFF.

Choices:

  • "ON"

  • "OFF"

jsonmaxdocumentlength

float

Maximum document length of JSON document, in bytes.

jsonmaxdocumentlengthcheck

string

State if JSON Max document length check is ON or OFF.

Choices:

  • "ON"

  • "OFF"

jsonmaxobjectkeycount

float

Maximum key count in the any of JSON object. This check protects against objects that have large number of keys.

jsonmaxobjectkeycountcheck

string

State if JSON Max object key count check is ON or OFF.

Choices:

  • "ON"

  • "OFF"

jsonmaxobjectkeylength

float

Maximum key length in the any of JSON object. This check protects against objects that have large keys.

jsonmaxobjectkeylengthcheck

string

State if JSON Max object key length check is ON or OFF.

Choices:

  • "ON"

  • "OFF"

jsonmaxstringlength

float

Maximum string length in the JSON. This check protects against strings that have large length.

jsonmaxstringlengthcheck

string

State if JSON Max string value count check is ON or OFF.

Choices:

  • "ON"

  • "OFF"

managed_netscaler_instance_id

string

added in netscaler.adc 2.6.0

The ID of the managed NetScaler instance to which NetScaler Console

has to configure as a proxy server.

Define only in case of an ADM service proxy call

managed_netscaler_instance_ip

string

added in netscaler.adc 2.6.0

The IP of the managed NetScaler instance to which NetScaler Console

has to configure as a proxy server.

Define only in case of an ADM service proxy call

managed_netscaler_instance_name

string

added in netscaler.adc 2.6.0

The name of the managed NetScaler instance to which NetScaler Console

has to configure as a proxy server.

Define only in case of an ADM service proxy call

managed_netscaler_instance_password

string

added in netscaler.adc 2.6.0

The password of the managed NetScaler instance.

Define only in case of an ADM service proxy call

In Settings > Administration > System Configurations > Basic Settings,

if you select Prompt Credentials for Instance Login,

ensure to configure username and password of a managed instance.

managed_netscaler_instance_username

string

added in netscaler.adc 2.6.0

The username of the managed NetScaler instance.

Define only in case of an ADM service proxy call

In Settings > Administration > System Configurations > Basic Settings,

if you select Prompt Credentials for Instance Login,

ensure to configure username and password of a managed instance.

name

string

Name of the profile to which to bind an exemption or rule.

netscaler_console_as_proxy_server

boolean

added in netscaler.adc 2.6.0

The IP address of the NetScaler ADC appliance acting as a proxy server.

Define only in case of an ADM service proxy call

Choices:

  • false ← (default)

  • true

nitro_auth_token

string

The authentication token provided by a login operation.

nitro_pass

string

The password with which to authenticate to the NetScaler ADC node.

nitro_protocol

string

Which protocol to use when accessing the nitro API objects.

Choices:

  • "http"

  • "https" ← (default)

nitro_user

string

The username with which to authenticate to the NetScaler ADC node.

nsip

string / required

The ip address of the NetScaler ADC appliance where the nitro API calls will be made.

The port can be specified with the colon (:). E.g. 192.168.1.1:555.

resourceid

string

A “id” that identifies the rule.

ruletype

string

Specifies rule type of binding

Choices:

  • "ALLOW"

  • "DENY"

save_config

boolean

If true the module will save the configuration on the NetScaler ADC node if it makes any changes.

The module will not save the configuration on the NetScaler ADC node if it made no changes.

Choices:

  • false ← (default)

  • true

state

string

The state of the resource being configured by the module on the NetScaler ADC node.

When present, the resource will be added/updated configured according to the module’s parameters.

When absent, the resource will be deleted from the NetScaler ADC node.

Choices:

  • "present" ← (default)

  • "absent"

validate_certs

boolean

If false, SSL certificates will not be validated. This should only be used on personally controlled sites using self-signed certificates.

Choices:

  • false

  • true ← (default)

Notes

Note

Examples

Return Values

Common return values are documented here, the following are the fields unique to this module:

Key

Description

changed

boolean

Indicates if any change is made by the module

Returned: always

Sample: true

diff

dictionary

Dictionary of before and after changes

Returned: always

Sample: {"after": {"key2": "pqr"}, "before": {"key1": "xyz"}, "prepared": "changes done"}

diff_list

list / elements=string

List of differences between the actual configured object and the configuration specified in the module

Returned: when changed

Sample: ["Attribute `key1` differs. Desired: (<class 'str'>) XYZ. Existing: (<class 'str'>) PQR"]

failed

boolean

Indicates if the module failed or not

Returned: always

Sample: false

loglines

list / elements=string

list of logged messages by the module

Returned: always

Sample: ["message 1", "message 2"]

Authors

  • Sumanth Lingappa (@sumanth-lingappa)