AppSecWafMode

Scopes: Security policy

Modifies the way your Kona Rule Set rules are updated. Use KRS mode to update the rule sets manually or AAG to have those rule sets automatically updated.

Related API Endpoint: /appsec/v1/configs/{configId}/versions/{versionNumber}/security-policies/{policyId}/mode

Output Options

The following options can be used to determine the information returned, and how that returned information is formatted:

  • current_ruleset – Versioning information for the current Kona Rule Set.
  • eval_ruleset. Versioning information for the Kona Rule Set being evaluated (if applicable) .
  • eval_status. Returns enabled if an evaluation is currently in progress; otherwise returns disabled.
  • eval_expiration_date. Date on which the evaluation period ends (if applicable).
  • output_text. Tabular report showing the current rule set, WAF mode and evaluation status.

Example Usage

using Pulumi;
using Akamai = Pulumi.Akamai;

class MyStack : Stack
{
    public MyStack()
    {
        var configuration = Output.Create(Akamai.GetAppSecConfiguration.InvokeAsync(new Akamai.GetAppSecConfigurationArgs
        {
            Name = "Documentation",
        }));
        var wafMode = new Akamai.AppSecWafMode("wafMode", new Akamai.AppSecWafModeArgs
        {
            ConfigId = configuration.Apply(configuration => configuration.ConfigId),
            SecurityPolicyId = "gms1_134637",
            Mode = "KRS",
        });
        this.WafModeMode = wafMode.Mode;
        this.WafModeCurrentRuleset = wafMode.CurrentRuleset;
        this.WafModeEvalStatus = wafMode.EvalStatus;
        this.WafModeEvalRuleset = wafMode.EvalRuleset;
        this.WafModeEvalExpirationDate = wafMode.EvalExpirationDate;
    }

    [Output("wafModeMode")]
    public Output<string> WafModeMode { get; set; }
    [Output("wafModeCurrentRuleset")]
    public Output<string> WafModeCurrentRuleset { get; set; }
    [Output("wafModeEvalStatus")]
    public Output<string> WafModeEvalStatus { get; set; }
    [Output("wafModeEvalRuleset")]
    public Output<string> WafModeEvalRuleset { get; set; }
    [Output("wafModeEvalExpirationDate")]
    public Output<string> WafModeEvalExpirationDate { get; set; }
}
package main

import (
	"github.com/pulumi/pulumi-akamai/sdk/v2/go/akamai"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		opt0 := "Documentation"
		configuration, err := akamai.LookupAppSecConfiguration(ctx, &GetAppSecConfigurationArgs{
			Name: &opt0,
		}, nil)
		if err != nil {
			return err
		}
		wafMode, err := akamai.NewAppSecWafMode(ctx, "wafMode", &akamai.AppSecWafModeArgs{
			ConfigId:         pulumi.Int(configuration.ConfigId),
			SecurityPolicyId: pulumi.String("gms1_134637"),
			Mode:             pulumi.String("KRS"),
		})
		if err != nil {
			return err
		}
		ctx.Export("wafModeMode", wafMode.Mode)
		ctx.Export("wafModeCurrentRuleset", wafMode.CurrentRuleset)
		ctx.Export("wafModeEvalStatus", wafMode.EvalStatus)
		ctx.Export("wafModeEvalRuleset", wafMode.EvalRuleset)
		ctx.Export("wafModeEvalExpirationDate", wafMode.EvalExpirationDate)
		return nil
	})
}
import pulumi
import pulumi_akamai as akamai

configuration = akamai.get_app_sec_configuration(name="Documentation")
waf_mode = akamai.AppSecWafMode("wafMode",
    config_id=configuration.config_id,
    security_policy_id="gms1_134637",
    mode="KRS")
pulumi.export("wafModeMode", waf_mode.mode)
pulumi.export("wafModeCurrentRuleset", waf_mode.current_ruleset)
pulumi.export("wafModeEvalStatus", waf_mode.eval_status)
pulumi.export("wafModeEvalRuleset", waf_mode.eval_ruleset)
pulumi.export("wafModeEvalExpirationDate", waf_mode.eval_expiration_date)
import * as pulumi from "@pulumi/pulumi";
import * as akamai from "@pulumi/akamai";

const configuration = akamai.getAppSecConfiguration({
    name: "Documentation",
});
const wafMode = new akamai.AppSecWafMode("wafMode", {
    configId: configuration.then(configuration => configuration.configId),
    securityPolicyId: "gms1_134637",
    mode: "KRS",
});
export const wafModeMode = wafMode.mode;
export const wafModeCurrentRuleset = wafMode.currentRuleset;
export const wafModeEvalStatus = wafMode.evalStatus;
export const wafModeEvalRuleset = wafMode.evalRuleset;
export const wafModeEvalExpirationDate = wafMode.evalExpirationDate;

Create a AppSecWafMode Resource

new AppSecWafMode(name: string, args: AppSecWafModeArgs, opts?: CustomResourceOptions);
@overload
def AppSecWafMode(resource_name: str,
                  opts: Optional[ResourceOptions] = None,
                  config_id: Optional[int] = None,
                  mode: Optional[str] = None,
                  security_policy_id: Optional[str] = None)
@overload
def AppSecWafMode(resource_name: str,
                  args: AppSecWafModeArgs,
                  opts: Optional[ResourceOptions] = None)
func NewAppSecWafMode(ctx *Context, name string, args AppSecWafModeArgs, opts ...ResourceOption) (*AppSecWafMode, error)
public AppSecWafMode(string name, AppSecWafModeArgs args, CustomResourceOptions? opts = null)
name string
The unique name of the resource.
args AppSecWafModeArgs
The arguments to resource properties.
opts CustomResourceOptions
Bag of options to control resource's behavior.
resource_name str
The unique name of the resource.
args AppSecWafModeArgs
The arguments to resource properties.
opts ResourceOptions
Bag of options to control resource's behavior.
ctx Context
Context object for the current deployment.
name string
The unique name of the resource.
args AppSecWafModeArgs
The arguments to resource properties.
opts ResourceOption
Bag of options to control resource's behavior.
name string
The unique name of the resource.
args AppSecWafModeArgs
The arguments to resource properties.
opts CustomResourceOptions
Bag of options to control resource's behavior.

AppSecWafMode Resource Properties

To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

Inputs

The AppSecWafMode resource accepts the following input properties:

ConfigId int
. Unique identifier of the security configuration associated with the WAF mode settings being modified.
Mode string
. Specifies how Kona Rule Set rules are upgraded. Allowed values are:
SecurityPolicyId string
. Unique identifier of the security policy associated with the WAF mode settings being modified.
ConfigId int
. Unique identifier of the security configuration associated with the WAF mode settings being modified.
Mode string
. Specifies how Kona Rule Set rules are upgraded. Allowed values are:
SecurityPolicyId string
. Unique identifier of the security policy associated with the WAF mode settings being modified.
configId number
. Unique identifier of the security configuration associated with the WAF mode settings being modified.
mode string
. Specifies how Kona Rule Set rules are upgraded. Allowed values are:
securityPolicyId string
. Unique identifier of the security policy associated with the WAF mode settings being modified.
config_id int
. Unique identifier of the security configuration associated with the WAF mode settings being modified.
mode str
. Specifies how Kona Rule Set rules are upgraded. Allowed values are:
security_policy_id str
. Unique identifier of the security policy associated with the WAF mode settings being modified.

Outputs

All input properties are implicitly available as output properties. Additionally, the AppSecWafMode resource produces the following output properties:

CurrentRuleset string
EvalExpirationDate string
EvalRuleset string
EvalStatus string
Id string
The provider-assigned unique ID for this managed resource.
OutputText string
Text Export representation
CurrentRuleset string
EvalExpirationDate string
EvalRuleset string
EvalStatus string
Id string
The provider-assigned unique ID for this managed resource.
OutputText string
Text Export representation
currentRuleset string
evalExpirationDate string
evalRuleset string
evalStatus string
id string
The provider-assigned unique ID for this managed resource.
outputText string
Text Export representation
current_ruleset str
eval_expiration_date str
eval_ruleset str
eval_status str
id str
The provider-assigned unique ID for this managed resource.
output_text str
Text Export representation

Look up an Existing AppSecWafMode Resource

Get an existing AppSecWafMode resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

public static get(name: string, id: Input<ID>, state?: AppSecWafModeState, opts?: CustomResourceOptions): AppSecWafMode
@staticmethod
def get(resource_name: str,
        id: str,
        opts: Optional[ResourceOptions] = None,
        config_id: Optional[int] = None,
        current_ruleset: Optional[str] = None,
        eval_expiration_date: Optional[str] = None,
        eval_ruleset: Optional[str] = None,
        eval_status: Optional[str] = None,
        mode: Optional[str] = None,
        output_text: Optional[str] = None,
        security_policy_id: Optional[str] = None) -> AppSecWafMode
func GetAppSecWafMode(ctx *Context, name string, id IDInput, state *AppSecWafModeState, opts ...ResourceOption) (*AppSecWafMode, error)
public static AppSecWafMode Get(string name, Input<string> id, AppSecWafModeState? state, CustomResourceOptions? opts = null)
name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
resource_name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.

The following state arguments are supported:

ConfigId int
. Unique identifier of the security configuration associated with the WAF mode settings being modified.
CurrentRuleset string
EvalExpirationDate string
EvalRuleset string
EvalStatus string
Mode string
. Specifies how Kona Rule Set rules are upgraded. Allowed values are:
OutputText string
Text Export representation
SecurityPolicyId string
. Unique identifier of the security policy associated with the WAF mode settings being modified.
ConfigId int
. Unique identifier of the security configuration associated with the WAF mode settings being modified.
CurrentRuleset string
EvalExpirationDate string
EvalRuleset string
EvalStatus string
Mode string
. Specifies how Kona Rule Set rules are upgraded. Allowed values are:
OutputText string
Text Export representation
SecurityPolicyId string
. Unique identifier of the security policy associated with the WAF mode settings being modified.
configId number
. Unique identifier of the security configuration associated with the WAF mode settings being modified.
currentRuleset string
evalExpirationDate string
evalRuleset string
evalStatus string
mode string
. Specifies how Kona Rule Set rules are upgraded. Allowed values are:
outputText string
Text Export representation
securityPolicyId string
. Unique identifier of the security policy associated with the WAF mode settings being modified.
config_id int
. Unique identifier of the security configuration associated with the WAF mode settings being modified.
current_ruleset str
eval_expiration_date str
eval_ruleset str
eval_status str
mode str
. Specifies how Kona Rule Set rules are upgraded. Allowed values are:
output_text str
Text Export representation
security_policy_id str
. Unique identifier of the security policy associated with the WAF mode settings being modified.

Package Details

Repository
https://github.com/pulumi/pulumi-akamai
License
Apache-2.0
Notes
This Pulumi package is based on the akamai Terraform Provider.