The Firewall Rule for access to the WebUI management uses hardcoded ports, but the actual port of the WebUI is configurable by through YAML parameter mgmtGuiPort. This might lead to an ineffective firewall rule, permitting access to the incorrect port.
The port for WebUI management access in the function def FirewallRuleMgmt(context): could be changed to include context.properties['mgmtGuiPort'], like this:
The Firewall Rule for access to the WebUI management uses hardcoded ports, but the actual port of the WebUI is configurable by through YAML parameter
mgmtGuiPort
. This might lead to an ineffective firewall rule, permitting access to the incorrect port.This applies to all templates, here are two examples: https://github.com/F5Networks/f5-google-gdm-templates/blob/0dfdfd380e171569722b60081181da5d680c61fc/supported/standalone/1nic/existing-stack/byol/f5-existing-stack-byol-1nic-bigip.py#L42 https://github.com/F5Networks/f5-google-gdm-templates/blob/0dfdfd380e171569722b60081181da5d680c61fc/supported/standalone/3nic/existing-stack/byol/f5-existing-stack-byol-3nic-bigip.py#L42
The port for WebUI management access in the function
def FirewallRuleMgmt(context):
could be changed to includecontext.properties['mgmtGuiPort']
, like this: