The lab consist of two modules describe as below.
In this module, lab users will be utilizing visual studio code to modify the OpenAPI spec and push the code to the GitLab CE server, this action will trigger an automated pipeline that deploys and configures the Kubernetes workload via Terraform and provisions the virtual servers and AWAF policies on the F5 BIG-IP. After the pipeline is deployed user can access the application, review the learning suggestion generated by the policy.
In this module, lab users will be modifying the AWAF policy by incorporating the learning suggestions generated by pipeline and commit the code to GitLab. This action will trigger an automated pipeline to redeploy on the BIG-IP services. The policies will also be tested using the F5 WAF tester tool, which tests the policies against OWASP top 10 attacks and well-known vulnerabilities.