Skip to main content

Expressions

Expressions are a powerful way to define the conditions under which specific actions in a traffic policy are triggered. Expressions are written in the Common Expression Language (CEL) and allow you to evaluate various traffic attributes, such as headers, paths, IP addresses, and more.

Each expression must evaluate to true for the corresponding actions in a rule to be executed. If a rule contains no expressions, it will always evaluate to true, causing its actions to be applied to all matching traffic.

Available Elements

Expressions in traffic policies can reference a variety of elements, including:

  • Traffic Policy Variables: These allow you to access metadata about the connection or request, such as certificate details, headers, client IP, geo-location and more.
  • Traffic Policy Macros: Macros simplify complex conditions, enabling reusable patterns across expressions and policies.
  • Action Variables: Some actions may provide additional variables, enabling deeper customization based on specific action outcomes.

Use-Cases

Expressions give you the flexibility to:

  • Filter traffic: Evaluate headers, IP addresses, or other attributes to decide if traffic should match a given rule.
  • Route traffic: Forward traffic based on factors such as geolocation, protocol, or path.
  • Control flow: Implement more complex routing decisions based on dynamic conditions, ensuring optimal traffic handling.

Common Examples

Match Based on Header

Loading…

Match Requests to a Specific Path

Loading…

Match by Country

Loading…

Writing Expressions

Basic Syntax

Expressions are written in CEL and are similar to expressions in languages like C, JavaScript, or Python. They can include variables, literals, and operators.

Variables

Variables refer to values. For example, identity might refer to a user object.

Loading…

View list of available variables

Literals

CEL supports several literal types:

  • Boolean: true, false
  • Integer: 42, -7
  • String: "hello", 'world'
  • List: [1, 2, 3]
  • Map: {"key1": "value1", "key2": "value2"}

Operators

CEL provides a rich set of operators for arithmetic, comparison, and logical operations:

  • Arithmetic: +, -, *, /, %
  • Comparison: ==, !=, <, <=, >, >=
  • Logical: &&, ||, !

Using Arithmetic

Loading…

Using Comparison and Logical Operators

Loading…

Strings

String Concatenation

To combine strings, use the + operator:

Loading…

String Functions

CEL provides several built-in functions to work with strings, enabling you to perform transformations, query information, or compare strings.

size()

Returns the number of characters in the string:

Loading…
startsWith()

Checks if the string starts with a specified substring:

Loading…
endsWith()

Checks if the string ends with a specified substring:

Loading…
matches()

Determines if the string matches a regular expression pattern:

Loading…
contains()

To check if a string contains another string:

Loading…

Advanced String Manipulation

Regular Expressions

CEL's matches() function allows you to use regular expressions for pattern matching. This can be powerful for validation or extracting parts of strings:

Loading…
Concatenation and Interpolation

While direct string interpolation isn't a feature in CEL, concatenation can be used to dynamically construct strings:

Loading…
Working with Unicode

Strings in CEL are Unicode and can handle a wide range of characters:

Loading…
String Comparison

String comparison in CEL is case-sensitive and uses the standard comparison operators:

Loading…

Lists

A list in CEL is an ordered collection of elements. You can perform various operations on lists, including checking if an item is contained within a list, accessing elements by their index, and iterating over elements.

Creating a List

Loading…

Checking for Membership

To check if a value exists in a list, use the in operator:

Loading…

Accessing Elements

Access elements by their index (0-based):

Loading…

Counting Elements

Returns the number of elements in the list:

Loading…

Iterating Over a List

Use a comprehension to iterate over elements in a list and apply logic:

Loading…

Filtering a List

Filter a list to include only certain elements:

Loading…

Membership in Lists

The in operator is versatile and can be used to check for membership in both lists:

Loading…

Maps

A map in CEL is a collection of key-value pairs. Keys are unique, and each key maps to exactly one value. You can check for the presence of keys, access values by their keys, and iterate over keys or values.

Creating a Map

Loading…

Checking for Key Presence

To check if a key is present in a map, use the in operator:

Loading…

Accessing Values

Access values by their keys:

Loading…

Counting Elements

Returns the number of key-value pairs present in the map:

Loading…

Iterating Over a Map

You can iterate over the keys or values of a map using a comprehension:

Loading…

Checking for a Condition in a Map

Use exists or all macros to check if any or all elements in a collection meet a condition:

Loading…

Membership in Maps

The in operator is versatile and can be used to check for membership in maps:

Loading…