akamai.getAppSecTuningRecommendations

Returns tuning recommendations for the specified attack group or rule (or, if both the attack_group and the rule_id arguments are not included, returns tuning recommendations for all the attack groups and rules in the specified security policy). Tuning recommendations help minimize the number of false positives triggered by a security policy. With a false positive, a client request is marked as having violated the security policy restrictions even though it actually did not. Tuning recommendations are returned as attack group or rule exceptions: if you choose, you can copy the response and use the akamai.AppSecAttackGroup resource to add the recommended exception to an attack group or the akamai.AppSecRule resource to add the recommended exception to a rule.
If the data source response is empty, that means that there are no further recommendations for tuning your security policy or attack group. If you need, you can manually merge a recommended exception for an attack group or a rule with the exception previously configured. You can find additional information in our Application Security API v1 documentation.

Related API endpoint: /appsec/v1/configs/{configId}/versions/{versionNumber}/security-policies/{policyId}/recommendation

Example Usage

Basic usage

using System.Collections.Generic;
using Pulumi;
using Akamai = Pulumi.Akamai;

return await Deployment.RunAsync(() => 
{
    var configuration = Akamai.GetAppSecConfiguration.Invoke(new()
    {
        Name = @var.Security_configuration,
    });

    var policyRecommendations = Akamai.GetAppSecTuningRecommendations.Invoke(new()
    {
        ConfigId = configuration.Apply(getAppSecConfigurationResult => getAppSecConfigurationResult.ConfigId),
        SecurityPolicyId = @var.Security_policy_id,
    });

    var attackGroupRecommendations = Akamai.GetAppSecTuningRecommendations.Invoke(new()
    {
        ConfigId = configuration.Apply(getAppSecConfigurationResult => getAppSecConfigurationResult.ConfigId),
        SecurityPolicyId = @var.Security_policy_id,
        RulesetType = @var.Ruleset_type,
        AttackGroup = @var.Attack_group,
    });

    return new Dictionary<string, object?>
    {
        ["policyRecommendationsJson"] = policyRecommendations.Apply(getAppSecTuningRecommendationsResult => getAppSecTuningRecommendationsResult.Json),
        ["attackGroupRecommendationsJson"] = attackGroupRecommendations.Apply(getAppSecTuningRecommendationsResult => getAppSecTuningRecommendationsResult.Json),
    };
});
package main

import (
	"github.com/pulumi/pulumi-akamai/sdk/v4/go/akamai"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		configuration, err := akamai.LookupAppSecConfiguration(ctx, &akamai.LookupAppSecConfigurationArgs{
			Name: pulumi.StringRef(_var.Security_configuration),
		}, nil)
		if err != nil {
			return err
		}
		policyRecommendations, err := akamai.GetAppSecTuningRecommendations(ctx, &akamai.GetAppSecTuningRecommendationsArgs{
			ConfigId:         configuration.ConfigId,
			SecurityPolicyId: pulumi.StringRef(_var.Security_policy_id),
		}, nil)
		if err != nil {
			return err
		}
		ctx.Export("policyRecommendationsJson", policyRecommendations.Json)
		attackGroupRecommendations, err := akamai.GetAppSecTuningRecommendations(ctx, &akamai.GetAppSecTuningRecommendationsArgs{
			ConfigId:         configuration.ConfigId,
			SecurityPolicyId: pulumi.StringRef(_var.Security_policy_id),
			RulesetType:      pulumi.StringRef(_var.Ruleset_type),
			AttackGroup:      pulumi.StringRef(_var.Attack_group),
		}, nil)
		if err != nil {
			return err
		}
		ctx.Export("attackGroupRecommendationsJson", attackGroupRecommendations.Json)
		return nil
	})
}
package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.akamai.AkamaiFunctions;
import com.pulumi.akamai.inputs.GetAppSecConfigurationArgs;
import com.pulumi.akamai.inputs.GetAppSecTuningRecommendationsArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        final var configuration = AkamaiFunctions.getAppSecConfiguration(GetAppSecConfigurationArgs.builder()
            .name(var_.security_configuration())
            .build());

        final var policyRecommendations = AkamaiFunctions.getAppSecTuningRecommendations(GetAppSecTuningRecommendationsArgs.builder()
            .configId(configuration.applyValue(getAppSecConfigurationResult -> getAppSecConfigurationResult.configId()))
            .securityPolicyId(var_.security_policy_id())
            .build());

        ctx.export("policyRecommendationsJson", policyRecommendations.applyValue(getAppSecTuningRecommendationsResult -> getAppSecTuningRecommendationsResult.json()));
        final var attackGroupRecommendations = AkamaiFunctions.getAppSecTuningRecommendations(GetAppSecTuningRecommendationsArgs.builder()
            .configId(configuration.applyValue(getAppSecConfigurationResult -> getAppSecConfigurationResult.configId()))
            .securityPolicyId(var_.security_policy_id())
            .rulesetType(var_.ruleset_type())
            .attackGroup(var_.attack_group())
            .build());

        ctx.export("attackGroupRecommendationsJson", attackGroupRecommendations.applyValue(getAppSecTuningRecommendationsResult -> getAppSecTuningRecommendationsResult.json()));
    }
}
import pulumi
import pulumi_akamai as akamai

configuration = akamai.get_app_sec_configuration(name=var["security_configuration"])
policy_recommendations = akamai.get_app_sec_tuning_recommendations(config_id=configuration.config_id,
    security_policy_id=var["security_policy_id"])
pulumi.export("policyRecommendationsJson", policy_recommendations.json)
attack_group_recommendations = akamai.get_app_sec_tuning_recommendations(config_id=configuration.config_id,
    security_policy_id=var["security_policy_id"],
    ruleset_type=var["ruleset_type"],
    attack_group=var["attack_group"])
pulumi.export("attackGroupRecommendationsJson", attack_group_recommendations.json)
import * as pulumi from "@pulumi/pulumi";
import * as akamai from "@pulumi/akamai";

const configuration = akamai.getAppSecConfiguration({
    name: _var.security_configuration,
});
const policyRecommendations = configuration.then(configuration => akamai.getAppSecTuningRecommendations({
    configId: configuration.configId,
    securityPolicyId: _var.security_policy_id,
}));
export const policyRecommendationsJson = policyRecommendations.then(policyRecommendations => policyRecommendations.json);
const attackGroupRecommendations = configuration.then(configuration => akamai.getAppSecTuningRecommendations({
    configId: configuration.configId,
    securityPolicyId: _var.security_policy_id,
    rulesetType: _var.ruleset_type,
    attackGroup: _var.attack_group,
}));
export const attackGroupRecommendationsJson = attackGroupRecommendations.then(attackGroupRecommendations => attackGroupRecommendations.json);
variables:
  configuration:
    fn::invoke:
      Function: akamai:getAppSecConfiguration
      Arguments:
        name: ${var.security_configuration}
  policyRecommendations:
    fn::invoke:
      Function: akamai:getAppSecTuningRecommendations
      Arguments:
        configId: ${configuration.configId}
        securityPolicyId: ${var.security_policy_id}
  attackGroupRecommendations:
    fn::invoke:
      Function: akamai:getAppSecTuningRecommendations
      Arguments:
        configId: ${configuration.configId}
        securityPolicyId: ${var.security_policy_id}
        rulesetType: ${var.ruleset_type}
        attackGroup: ${var.attack_group}
outputs:
  policyRecommendationsJson: ${policyRecommendations.json}
  attackGroupRecommendationsJson: ${attackGroupRecommendations.json}

Using getAppSecTuningRecommendations

Two invocation forms are available. The direct form accepts plain arguments and either blocks until the result value is available, or returns a Promise-wrapped result. The output form accepts Input-wrapped arguments and returns an Output-wrapped result.

function getAppSecTuningRecommendations(args: GetAppSecTuningRecommendationsArgs, opts?: InvokeOptions): Promise<GetAppSecTuningRecommendationsResult>
function getAppSecTuningRecommendationsOutput(args: GetAppSecTuningRecommendationsOutputArgs, opts?: InvokeOptions): Output<GetAppSecTuningRecommendationsResult>
def get_app_sec_tuning_recommendations(attack_group: Optional[str] = None,
                                       config_id: Optional[int] = None,
                                       rule_id: Optional[int] = None,
                                       ruleset_type: Optional[str] = None,
                                       security_policy_id: Optional[str] = None,
                                       opts: Optional[InvokeOptions] = None) -> GetAppSecTuningRecommendationsResult
def get_app_sec_tuning_recommendations_output(attack_group: Optional[pulumi.Input[str]] = None,
                                       config_id: Optional[pulumi.Input[int]] = None,
                                       rule_id: Optional[pulumi.Input[int]] = None,
                                       ruleset_type: Optional[pulumi.Input[str]] = None,
                                       security_policy_id: Optional[pulumi.Input[str]] = None,
                                       opts: Optional[InvokeOptions] = None) -> Output[GetAppSecTuningRecommendationsResult]
func GetAppSecTuningRecommendations(ctx *Context, args *GetAppSecTuningRecommendationsArgs, opts ...InvokeOption) (*GetAppSecTuningRecommendationsResult, error)
func GetAppSecTuningRecommendationsOutput(ctx *Context, args *GetAppSecTuningRecommendationsOutputArgs, opts ...InvokeOption) GetAppSecTuningRecommendationsResultOutput

> Note: This function is named GetAppSecTuningRecommendations in the Go SDK.

public static class GetAppSecTuningRecommendations 
{
    public static Task<GetAppSecTuningRecommendationsResult> InvokeAsync(GetAppSecTuningRecommendationsArgs args, InvokeOptions? opts = null)
    public static Output<GetAppSecTuningRecommendationsResult> Invoke(GetAppSecTuningRecommendationsInvokeArgs args, InvokeOptions? opts = null)
}
public static CompletableFuture<GetAppSecTuningRecommendationsResult> getAppSecTuningRecommendations(GetAppSecTuningRecommendationsArgs args, InvokeOptions options)
// Output-based functions aren't available in Java yet
fn::invoke:
  function: akamai:index/getAppSecTuningRecommendations:getAppSecTuningRecommendations
  arguments:
    # arguments dictionary

The following arguments are supported:

ConfigId int

. Unique identifier of the security configuration you want tuning recommendations for.

AttackGroup string

. Unique name of the attack group you want tuning recommendations for. If both attack_group and rule_id not included, recommendations are returned for all attack groups.

RuleId int

. Unique id of the rule you want tuning recommendations for. If both attack_group and rule_id not included, recommendations are returned for all attack groups.

RulesetType string

. Type of ruleset used by the security configuration you want tuning recommendations for. Supported values are active and evaluation. Defaults to active.

SecurityPolicyId string

. Unique identifier of the security policy you want tuning recommendations for.

ConfigId int

. Unique identifier of the security configuration you want tuning recommendations for.

AttackGroup string

. Unique name of the attack group you want tuning recommendations for. If both attack_group and rule_id not included, recommendations are returned for all attack groups.

RuleId int

. Unique id of the rule you want tuning recommendations for. If both attack_group and rule_id not included, recommendations are returned for all attack groups.

RulesetType string

. Type of ruleset used by the security configuration you want tuning recommendations for. Supported values are active and evaluation. Defaults to active.

SecurityPolicyId string

. Unique identifier of the security policy you want tuning recommendations for.

configId Integer

. Unique identifier of the security configuration you want tuning recommendations for.

attackGroup String

. Unique name of the attack group you want tuning recommendations for. If both attack_group and rule_id not included, recommendations are returned for all attack groups.

ruleId Integer

. Unique id of the rule you want tuning recommendations for. If both attack_group and rule_id not included, recommendations are returned for all attack groups.

rulesetType String

. Type of ruleset used by the security configuration you want tuning recommendations for. Supported values are active and evaluation. Defaults to active.

securityPolicyId String

. Unique identifier of the security policy you want tuning recommendations for.

configId number

. Unique identifier of the security configuration you want tuning recommendations for.

attackGroup string

. Unique name of the attack group you want tuning recommendations for. If both attack_group and rule_id not included, recommendations are returned for all attack groups.

ruleId number

. Unique id of the rule you want tuning recommendations for. If both attack_group and rule_id not included, recommendations are returned for all attack groups.

rulesetType string

. Type of ruleset used by the security configuration you want tuning recommendations for. Supported values are active and evaluation. Defaults to active.

securityPolicyId string

. Unique identifier of the security policy you want tuning recommendations for.

config_id int

. Unique identifier of the security configuration you want tuning recommendations for.

attack_group str

. Unique name of the attack group you want tuning recommendations for. If both attack_group and rule_id not included, recommendations are returned for all attack groups.

rule_id int

. Unique id of the rule you want tuning recommendations for. If both attack_group and rule_id not included, recommendations are returned for all attack groups.

ruleset_type str

. Type of ruleset used by the security configuration you want tuning recommendations for. Supported values are active and evaluation. Defaults to active.

security_policy_id str

. Unique identifier of the security policy you want tuning recommendations for.

configId Number

. Unique identifier of the security configuration you want tuning recommendations for.

attackGroup String

. Unique name of the attack group you want tuning recommendations for. If both attack_group and rule_id not included, recommendations are returned for all attack groups.

ruleId Number

. Unique id of the rule you want tuning recommendations for. If both attack_group and rule_id not included, recommendations are returned for all attack groups.

rulesetType String

. Type of ruleset used by the security configuration you want tuning recommendations for. Supported values are active and evaluation. Defaults to active.

securityPolicyId String

. Unique identifier of the security policy you want tuning recommendations for.

getAppSecTuningRecommendations Result

The following output properties are available:

ConfigId int
Id string

The provider-assigned unique ID for this managed resource.

Json string

JSON-formatted list of the tuning recommendations for the security policy, the attack group or the rule. The exception block format in a recommendation conforms to the exception block format used in condition_exception element of attack_group or ASE rule resource.

AttackGroup string
RuleId int
RulesetType string
SecurityPolicyId string
ConfigId int
Id string

The provider-assigned unique ID for this managed resource.

Json string

JSON-formatted list of the tuning recommendations for the security policy, the attack group or the rule. The exception block format in a recommendation conforms to the exception block format used in condition_exception element of attack_group or ASE rule resource.

AttackGroup string
RuleId int
RulesetType string
SecurityPolicyId string
configId Integer
id String

The provider-assigned unique ID for this managed resource.

json String

JSON-formatted list of the tuning recommendations for the security policy, the attack group or the rule. The exception block format in a recommendation conforms to the exception block format used in condition_exception element of attack_group or ASE rule resource.

attackGroup String
ruleId Integer
rulesetType String
securityPolicyId String
configId number
id string

The provider-assigned unique ID for this managed resource.

json string

JSON-formatted list of the tuning recommendations for the security policy, the attack group or the rule. The exception block format in a recommendation conforms to the exception block format used in condition_exception element of attack_group or ASE rule resource.

attackGroup string
ruleId number
rulesetType string
securityPolicyId string
config_id int
id str

The provider-assigned unique ID for this managed resource.

json str

JSON-formatted list of the tuning recommendations for the security policy, the attack group or the rule. The exception block format in a recommendation conforms to the exception block format used in condition_exception element of attack_group or ASE rule resource.

attack_group str
rule_id int
ruleset_type str
security_policy_id str
configId Number
id String

The provider-assigned unique ID for this managed resource.

json String

JSON-formatted list of the tuning recommendations for the security policy, the attack group or the rule. The exception block format in a recommendation conforms to the exception block format used in condition_exception element of attack_group or ASE rule resource.

attackGroup String
ruleId Number
rulesetType String
securityPolicyId String

Package Details

Repository
Akamai pulumi/pulumi-akamai
License
Apache-2.0
Notes

This Pulumi package is based on the akamai Terraform Provider.