Build ACL from map

Hello,

I’m trying to build an acl with a map file. I’m using haproxy 2.2.9. This is to allow us to deploy a map file with a tool like ansible or a cron task without having to update the haproxy config, a simple reload should be able to update the loaded map.

I have a list of client, allowed to access a list of uri :

127.0.0.1 /uri1
127.0.0.1 /uri2
127.0.0.2 /uri2
127.0.0.3 /uri1

Now, i want to allow the access only if src is in map and if begining of the request uri match the one in the map.

Is there a way to achieve this ? A made a lots of tries without success :frowning:

A map is a key/value store. You cannot have multiple entries for the same key.

Use ACL files instead of map files, and group the URI prefixes together.

Like Group1 is allowed to access /uri1 and /uri3, Group2 is allowed to access /uri2 and /uri3.

Then just make a ACL file with the IPs for Group1, and another one for Group2 and use normal ACL rules in haproxy to achieve what you want.

1 Like