Is there a way on the F5 VE to setup things so that when a virtual server is being configured, it requires the user to either select an Access Policy or an ASM policy before the webui will allow it to be saved and created?
We use SSLO and must have a valid access policy or a valid ASM policy before virtual servers can be deployed and have had some cases where engineers have deployed virtual servers and forgotten to assign the SSLO Access or a ASM Policy to the virtual server. We need a way to make some of the virtual server setting mandatory.... Is that possible and how do we go about it?
Any assistance and or feedback would be greatly appreciated.
You can create a custom iApp template for this. Helps to control workflows. Users then use this iApp template for adding new VS. Good way to also control naming conventions, profile options, etc.
Hope this helps? This is how we have solved similar problems for customers.
So - we are very familair with iapps and actually were heavy users of it for consistency and enforcing things like like this; however, when we went through and migrated from our on-premise F5 LTMs to AWS VE in the last 24-26 months our F5 account team told us that we should stop using iapps as F5 is changing that direction and would ultimately do away with iapps.
In that case, I would recommend embracing and migrating slowly to FAST templates: https://clouddocs.f5.com/products/extensions/f5-appsvcs-templates/latest/. This is the replacement for iApp templates.
@MrRobertBooth Other than using iApp as @whisperer mentioned you could probably use Ansible but other than those two I am unaware of a way to force this configuration other than making a CLI template that you would import using "load sys config from-terminal merge" and pasting in that completed template.