akamai.AppSecRatePolicyAction
Scopes: Rate policy
Creates, modifies, or deletes the actions associated with a rate policy. By default, rate policies take no action when triggered. Note that you must set separate actions for requests originating from an IPv4 IP address and for requests originating from an IPv6 address.
Related API Endpoint: /appsec/v1/configs/{configId}/versions/{versionNumber}/security-policies/{policyId}/rate-policies/{ratePolicyId}
Example Usage
Basic usage
using System.Collections.Generic;
using System.IO;
using Pulumi;
using Akamai = Pulumi.Akamai;
return await Deployment.RunAsync(() =>
{
var configuration = Akamai.GetAppSecConfiguration.Invoke(new()
{
Name = "Documentation",
});
var appsecRatePolicy = new Akamai.AppSecRatePolicy("appsecRatePolicy", new()
{
ConfigId = configuration.Apply(getAppSecConfigurationResult => getAppSecConfigurationResult.ConfigId),
RatePolicy = File.ReadAllText($"{path.Module}/rate_policy.json"),
});
var appsecRatePolicyAction = new Akamai.AppSecRatePolicyAction("appsecRatePolicyAction", new()
{
ConfigId = configuration.Apply(getAppSecConfigurationResult => getAppSecConfigurationResult.ConfigId),
SecurityPolicyId = "gms1_134637",
RatePolicyId = appsecRatePolicy.RatePolicyId,
Ipv4Action = "deny",
Ipv6Action = "deny",
});
});
package main
import (
"fmt"
"os"
"github.com/pulumi/pulumi-akamai/sdk/v4/go/akamai"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func readFileOrPanic(path string) pulumi.StringPtrInput {
data, err := os.ReadFile(path)
if err != nil {
panic(err.Error())
}
return pulumi.String(string(data))
}
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
configuration, err := akamai.LookupAppSecConfiguration(ctx, &akamai.LookupAppSecConfigurationArgs{
Name: pulumi.StringRef("Documentation"),
}, nil)
if err != nil {
return err
}
appsecRatePolicy, err := akamai.NewAppSecRatePolicy(ctx, "appsecRatePolicy", &akamai.AppSecRatePolicyArgs{
ConfigId: *pulumi.Int(configuration.ConfigId),
RatePolicy: readFileOrPanic(fmt.Sprintf("%v/rate_policy.json", path.Module)),
})
if err != nil {
return err
}
_, err = akamai.NewAppSecRatePolicyAction(ctx, "appsecRatePolicyAction", &akamai.AppSecRatePolicyActionArgs{
ConfigId: *pulumi.Int(configuration.ConfigId),
SecurityPolicyId: pulumi.String("gms1_134637"),
RatePolicyId: appsecRatePolicy.RatePolicyId,
Ipv4Action: pulumi.String("deny"),
Ipv6Action: pulumi.String("deny"),
})
if err != nil {
return err
}
return nil
})
}
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.akamai.AkamaiFunctions;
import com.pulumi.akamai.inputs.GetAppSecConfigurationArgs;
import com.pulumi.akamai.AppSecRatePolicy;
import com.pulumi.akamai.AppSecRatePolicyArgs;
import com.pulumi.akamai.AppSecRatePolicyAction;
import com.pulumi.akamai.AppSecRatePolicyActionArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
final var configuration = AkamaiFunctions.getAppSecConfiguration(GetAppSecConfigurationArgs.builder()
.name("Documentation")
.build());
var appsecRatePolicy = new AppSecRatePolicy("appsecRatePolicy", AppSecRatePolicyArgs.builder()
.configId(configuration.applyValue(getAppSecConfigurationResult -> getAppSecConfigurationResult.configId()))
.ratePolicy(Files.readString(Paths.get(String.format("%s/rate_policy.json", path.module()))))
.build());
var appsecRatePolicyAction = new AppSecRatePolicyAction("appsecRatePolicyAction", AppSecRatePolicyActionArgs.builder()
.configId(configuration.applyValue(getAppSecConfigurationResult -> getAppSecConfigurationResult.configId()))
.securityPolicyId("gms1_134637")
.ratePolicyId(appsecRatePolicy.ratePolicyId())
.ipv4Action("deny")
.ipv6Action("deny")
.build());
}
}
import pulumi
import pulumi_akamai as akamai
configuration = akamai.get_app_sec_configuration(name="Documentation")
appsec_rate_policy = akamai.AppSecRatePolicy("appsecRatePolicy",
config_id=configuration.config_id,
rate_policy=(lambda path: open(path).read())(f"{path['module']}/rate_policy.json"))
appsec_rate_policy_action = akamai.AppSecRatePolicyAction("appsecRatePolicyAction",
config_id=configuration.config_id,
security_policy_id="gms1_134637",
rate_policy_id=appsec_rate_policy.rate_policy_id,
ipv4_action="deny",
ipv6_action="deny")
import * as pulumi from "@pulumi/pulumi";
import * as akamai from "@pulumi/akamai";
import * as fs from "fs";
const configuration = akamai.getAppSecConfiguration({
name: "Documentation",
});
const appsecRatePolicy = new akamai.AppSecRatePolicy("appsecRatePolicy", {
configId: configuration.then(configuration => configuration.configId),
ratePolicy: fs.readFileSync(`${path.module}/rate_policy.json`),
});
const appsecRatePolicyAction = new akamai.AppSecRatePolicyAction("appsecRatePolicyAction", {
configId: configuration.then(configuration => configuration.configId),
securityPolicyId: "gms1_134637",
ratePolicyId: appsecRatePolicy.ratePolicyId,
ipv4Action: "deny",
ipv6Action: "deny",
});
resources:
appsecRatePolicy:
type: akamai:AppSecRatePolicy
properties:
configId: ${configuration.configId}
ratePolicy:
fn::readFile: ${path.module}/rate_policy.json
appsecRatePolicyAction:
type: akamai:AppSecRatePolicyAction
properties:
configId: ${configuration.configId}
securityPolicyId: gms1_134637
ratePolicyId: ${appsecRatePolicy.ratePolicyId}
ipv4Action: deny
ipv6Action: deny
variables:
configuration:
fn::invoke:
Function: akamai:getAppSecConfiguration
Arguments:
name: Documentation
Create AppSecRatePolicyAction Resource
new AppSecRatePolicyAction(name: string, args: AppSecRatePolicyActionArgs, opts?: CustomResourceOptions);@overload
def AppSecRatePolicyAction(resource_name: str,
opts: Optional[ResourceOptions] = None,
config_id: Optional[int] = None,
ipv4_action: Optional[str] = None,
ipv6_action: Optional[str] = None,
rate_policy_id: Optional[int] = None,
security_policy_id: Optional[str] = None)
@overload
def AppSecRatePolicyAction(resource_name: str,
args: AppSecRatePolicyActionArgs,
opts: Optional[ResourceOptions] = None)func NewAppSecRatePolicyAction(ctx *Context, name string, args AppSecRatePolicyActionArgs, opts ...ResourceOption) (*AppSecRatePolicyAction, error)public AppSecRatePolicyAction(string name, AppSecRatePolicyActionArgs args, CustomResourceOptions? opts = null)
public AppSecRatePolicyAction(String name, AppSecRatePolicyActionArgs args)
public AppSecRatePolicyAction(String name, AppSecRatePolicyActionArgs args, CustomResourceOptions options)
type: akamai:AppSecRatePolicyAction
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args AppSecRatePolicyActionArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args AppSecRatePolicyActionArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args AppSecRatePolicyActionArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args AppSecRatePolicyActionArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args AppSecRatePolicyActionArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
AppSecRatePolicyAction Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
The AppSecRatePolicyAction resource accepts the following input properties:
- Config
Id int . Unique identifier of the security configuration associated with the rate policy action being modified.
- Ipv4Action string
. Rate policy action for requests coming from an IPv4 IP address. Allowed actions are:
- alert. Record the event.
- deny. Block the request.
- deny_custom{custom_deny_id}. Take the action specified by the custom deny.
- none. Take no action.
- Ipv6Action string
. Rate policy action for requests coming from an IPv6 IP address. Allowed actions are:
- alert. Record the event.
- deny. Block the request.
- deny_custom{custom_deny_id}. Take the action specified by the custom deny.
- Rate
Policy intId . Unique identifier of the rate policy whose action is being modified.
- Security
Policy stringId . Unique identifier of the security policy associated with the rate policy whose action is being modified.
- Config
Id int . Unique identifier of the security configuration associated with the rate policy action being modified.
- Ipv4Action string
. Rate policy action for requests coming from an IPv4 IP address. Allowed actions are:
- alert. Record the event.
- deny. Block the request.
- deny_custom{custom_deny_id}. Take the action specified by the custom deny.
- none. Take no action.
- Ipv6Action string
. Rate policy action for requests coming from an IPv6 IP address. Allowed actions are:
- alert. Record the event.
- deny. Block the request.
- deny_custom{custom_deny_id}. Take the action specified by the custom deny.
- Rate
Policy intId . Unique identifier of the rate policy whose action is being modified.
- Security
Policy stringId . Unique identifier of the security policy associated with the rate policy whose action is being modified.
- config
Id Integer . Unique identifier of the security configuration associated with the rate policy action being modified.
- ipv4Action String
. Rate policy action for requests coming from an IPv4 IP address. Allowed actions are:
- alert. Record the event.
- deny. Block the request.
- deny_custom{custom_deny_id}. Take the action specified by the custom deny.
- none. Take no action.
- ipv6Action String
. Rate policy action for requests coming from an IPv6 IP address. Allowed actions are:
- alert. Record the event.
- deny. Block the request.
- deny_custom{custom_deny_id}. Take the action specified by the custom deny.
- rate
Policy IntegerId . Unique identifier of the rate policy whose action is being modified.
- security
Policy StringId . Unique identifier of the security policy associated with the rate policy whose action is being modified.
- config
Id number . Unique identifier of the security configuration associated with the rate policy action being modified.
- ipv4Action string
. Rate policy action for requests coming from an IPv4 IP address. Allowed actions are:
- alert. Record the event.
- deny. Block the request.
- deny_custom{custom_deny_id}. Take the action specified by the custom deny.
- none. Take no action.
- ipv6Action string
. Rate policy action for requests coming from an IPv6 IP address. Allowed actions are:
- alert. Record the event.
- deny. Block the request.
- deny_custom{custom_deny_id}. Take the action specified by the custom deny.
- rate
Policy numberId . Unique identifier of the rate policy whose action is being modified.
- security
Policy stringId . Unique identifier of the security policy associated with the rate policy whose action is being modified.
- config_
id int . Unique identifier of the security configuration associated with the rate policy action being modified.
- ipv4_
action str . Rate policy action for requests coming from an IPv4 IP address. Allowed actions are:
- alert. Record the event.
- deny. Block the request.
- deny_custom{custom_deny_id}. Take the action specified by the custom deny.
- none. Take no action.
- ipv6_
action str . Rate policy action for requests coming from an IPv6 IP address. Allowed actions are:
- alert. Record the event.
- deny. Block the request.
- deny_custom{custom_deny_id}. Take the action specified by the custom deny.
- rate_
policy_ intid . Unique identifier of the rate policy whose action is being modified.
- security_
policy_ strid . Unique identifier of the security policy associated with the rate policy whose action is being modified.
- config
Id Number . Unique identifier of the security configuration associated with the rate policy action being modified.
- ipv4Action String
. Rate policy action for requests coming from an IPv4 IP address. Allowed actions are:
- alert. Record the event.
- deny. Block the request.
- deny_custom{custom_deny_id}. Take the action specified by the custom deny.
- none. Take no action.
- ipv6Action String
. Rate policy action for requests coming from an IPv6 IP address. Allowed actions are:
- alert. Record the event.
- deny. Block the request.
- deny_custom{custom_deny_id}. Take the action specified by the custom deny.
- rate
Policy NumberId . Unique identifier of the rate policy whose action is being modified.
- security
Policy StringId . Unique identifier of the security policy associated with the rate policy whose action is being modified.
Outputs
All input properties are implicitly available as output properties. Additionally, the AppSecRatePolicyAction resource produces the following output properties:
- Id string
The provider-assigned unique ID for this managed resource.
- Id string
The provider-assigned unique ID for this managed resource.
- id String
The provider-assigned unique ID for this managed resource.
- id string
The provider-assigned unique ID for this managed resource.
- id str
The provider-assigned unique ID for this managed resource.
- id String
The provider-assigned unique ID for this managed resource.
Look up Existing AppSecRatePolicyAction Resource
Get an existing AppSecRatePolicyAction resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: AppSecRatePolicyActionState, opts?: CustomResourceOptions): AppSecRatePolicyAction@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
config_id: Optional[int] = None,
ipv4_action: Optional[str] = None,
ipv6_action: Optional[str] = None,
rate_policy_id: Optional[int] = None,
security_policy_id: Optional[str] = None) -> AppSecRatePolicyActionfunc GetAppSecRatePolicyAction(ctx *Context, name string, id IDInput, state *AppSecRatePolicyActionState, opts ...ResourceOption) (*AppSecRatePolicyAction, error)public static AppSecRatePolicyAction Get(string name, Input<string> id, AppSecRatePolicyActionState? state, CustomResourceOptions? opts = null)public static AppSecRatePolicyAction get(String name, Output<String> id, AppSecRatePolicyActionState state, CustomResourceOptions options)Resource lookup is not supported in YAML- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- Config
Id int . Unique identifier of the security configuration associated with the rate policy action being modified.
- Ipv4Action string
. Rate policy action for requests coming from an IPv4 IP address. Allowed actions are:
- alert. Record the event.
- deny. Block the request.
- deny_custom{custom_deny_id}. Take the action specified by the custom deny.
- none. Take no action.
- Ipv6Action string
. Rate policy action for requests coming from an IPv6 IP address. Allowed actions are:
- alert. Record the event.
- deny. Block the request.
- deny_custom{custom_deny_id}. Take the action specified by the custom deny.
- Rate
Policy intId . Unique identifier of the rate policy whose action is being modified.
- Security
Policy stringId . Unique identifier of the security policy associated with the rate policy whose action is being modified.
- Config
Id int . Unique identifier of the security configuration associated with the rate policy action being modified.
- Ipv4Action string
. Rate policy action for requests coming from an IPv4 IP address. Allowed actions are:
- alert. Record the event.
- deny. Block the request.
- deny_custom{custom_deny_id}. Take the action specified by the custom deny.
- none. Take no action.
- Ipv6Action string
. Rate policy action for requests coming from an IPv6 IP address. Allowed actions are:
- alert. Record the event.
- deny. Block the request.
- deny_custom{custom_deny_id}. Take the action specified by the custom deny.
- Rate
Policy intId . Unique identifier of the rate policy whose action is being modified.
- Security
Policy stringId . Unique identifier of the security policy associated with the rate policy whose action is being modified.
- config
Id Integer . Unique identifier of the security configuration associated with the rate policy action being modified.
- ipv4Action String
. Rate policy action for requests coming from an IPv4 IP address. Allowed actions are:
- alert. Record the event.
- deny. Block the request.
- deny_custom{custom_deny_id}. Take the action specified by the custom deny.
- none. Take no action.
- ipv6Action String
. Rate policy action for requests coming from an IPv6 IP address. Allowed actions are:
- alert. Record the event.
- deny. Block the request.
- deny_custom{custom_deny_id}. Take the action specified by the custom deny.
- rate
Policy IntegerId . Unique identifier of the rate policy whose action is being modified.
- security
Policy StringId . Unique identifier of the security policy associated with the rate policy whose action is being modified.
- config
Id number . Unique identifier of the security configuration associated with the rate policy action being modified.
- ipv4Action string
. Rate policy action for requests coming from an IPv4 IP address. Allowed actions are:
- alert. Record the event.
- deny. Block the request.
- deny_custom{custom_deny_id}. Take the action specified by the custom deny.
- none. Take no action.
- ipv6Action string
. Rate policy action for requests coming from an IPv6 IP address. Allowed actions are:
- alert. Record the event.
- deny. Block the request.
- deny_custom{custom_deny_id}. Take the action specified by the custom deny.
- rate
Policy numberId . Unique identifier of the rate policy whose action is being modified.
- security
Policy stringId . Unique identifier of the security policy associated with the rate policy whose action is being modified.
- config_
id int . Unique identifier of the security configuration associated with the rate policy action being modified.
- ipv4_
action str . Rate policy action for requests coming from an IPv4 IP address. Allowed actions are:
- alert. Record the event.
- deny. Block the request.
- deny_custom{custom_deny_id}. Take the action specified by the custom deny.
- none. Take no action.
- ipv6_
action str . Rate policy action for requests coming from an IPv6 IP address. Allowed actions are:
- alert. Record the event.
- deny. Block the request.
- deny_custom{custom_deny_id}. Take the action specified by the custom deny.
- rate_
policy_ intid . Unique identifier of the rate policy whose action is being modified.
- security_
policy_ strid . Unique identifier of the security policy associated with the rate policy whose action is being modified.
- config
Id Number . Unique identifier of the security configuration associated with the rate policy action being modified.
- ipv4Action String
. Rate policy action for requests coming from an IPv4 IP address. Allowed actions are:
- alert. Record the event.
- deny. Block the request.
- deny_custom{custom_deny_id}. Take the action specified by the custom deny.
- none. Take no action.
- ipv6Action String
. Rate policy action for requests coming from an IPv6 IP address. Allowed actions are:
- alert. Record the event.
- deny. Block the request.
- deny_custom{custom_deny_id}. Take the action specified by the custom deny.
- rate
Policy NumberId . Unique identifier of the rate policy whose action is being modified.
- security
Policy StringId . Unique identifier of the security policy associated with the rate policy whose action is being modified.
Package Details
- Repository
- Akamai pulumi/pulumi-akamai
- License
- Apache-2.0
- Notes
This Pulumi package is based on the
akamaiTerraform Provider.