Mock application response for uri in ASM policy
(I apologize for the quality of my English.)
Presentation of my context: In my company, I have an F5 (WAF) installed on a closed development environment that does not have access to applications and the internet. In this F5, there is a security policy configured to allow a list of APIs and their parameters to access the internet.
My constraint is that the security policy cannot be tested on this development environment. I have to wait for the delivery of the security policy on a test environment that has access to the applications to test if there are any blocks.
My need is to test this F5 security policy on the closed development environment to ensure that all my API parameters are properly declared in the F5 and to avoid any blockages on the second environment.
Since my development environment cannot access applications, my idea is to develop a mock to simulate the applications.
Is it possible to simulate the response of an API of an application declared in the ASM to verify that all its parameters are not blocked?
Is it possible to make a curl call to the URI of an API declared on F5 and simulate the response of the API with an iRule?
Thank you for your attention.