akamai.getAppSecWafMode

Scopes: Security policy

Returns information about how the Kona Rule Set rules associated with a security configuration and security policy are updated. The WAF (Web Application Firewall) mode determines whether Kona Rule Sets are automatically updated as part of automated attack groups (mode = AAG) or whether you must periodically check for new rules and then manually update those rules yourself (mode = KRS).

Related API Endpoint: /appsec/v1/configs/{configId}/versions/{versionNumber}/security-policies/{policyId}/mode

Output Options

The following options can be used to determine the information returned, and how that returned information is formatted:

  • mode. Security policy mode, either KRS (update manually) or AAG (update automatically), For organizations running the Adaptive Security Engine (ASE) beta, you’ll get back ASE_AUTO for automatic updates or ASE_MANUAL for manual updates. Please contact your Akamai representative to learn more about ASE.
  • current_ruleset. Current ruleset version and the ISO 8601 date the version was introduced.
  • eval_status. Specifies whether evaluation mode is enabled or disabled.
  • eval_ruleset. Evaluation ruleset version and the ISO 8601 date the evaluation began.
  • eval_expiration_date. ISO 8601 timestamp indicating when evaluation mode expires. Valid only if eval_status is set to enabled.
  • output_text. Tabular report of the mode information.
  • json. JSON-formatted list of the mode information.

Example Usage

Basic usage

using System.Collections.Generic;
using Pulumi;
using Akamai = Pulumi.Akamai;

return await Deployment.RunAsync(() => 
{
    var configuration = Akamai.GetAppSecConfiguration.Invoke(new()
    {
        Name = "Documentation",
    });

    var wafMode = Akamai.GetAppSecWafMode.Invoke(new()
    {
        ConfigId = configuration.Apply(getAppSecConfigurationResult => getAppSecConfigurationResult.ConfigId),
        SecurityPolicyId = "gms1_134637",
    });

    return new Dictionary<string, object?>
    {
        ["wafModeMode"] = wafMode.Apply(getAppSecWafModeResult => getAppSecWafModeResult.Mode),
        ["wafModeCurrentRuleset"] = wafMode.Apply(getAppSecWafModeResult => getAppSecWafModeResult.CurrentRuleset),
        ["wafModeEvalStatus"] = wafMode.Apply(getAppSecWafModeResult => getAppSecWafModeResult.EvalStatus),
        ["wafModeEvalRuleset"] = wafMode.Apply(getAppSecWafModeResult => getAppSecWafModeResult.EvalRuleset),
        ["wafModeEvalExpirationDate"] = wafMode.Apply(getAppSecWafModeResult => getAppSecWafModeResult.EvalExpirationDate),
        ["wafModeText"] = wafMode.Apply(getAppSecWafModeResult => getAppSecWafModeResult.OutputText),
        ["wafModeJson"] = wafMode.Apply(getAppSecWafModeResult => getAppSecWafModeResult.Json),
    };
});
package main

import (
	"github.com/pulumi/pulumi-akamai/sdk/v4/go/akamai"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		configuration, err := akamai.LookupAppSecConfiguration(ctx, &akamai.LookupAppSecConfigurationArgs{
			Name: pulumi.StringRef("Documentation"),
		}, nil)
		if err != nil {
			return err
		}
		wafMode, err := akamai.LookupAppSecWafMode(ctx, &akamai.LookupAppSecWafModeArgs{
			ConfigId:         configuration.ConfigId,
			SecurityPolicyId: "gms1_134637",
		}, nil)
		if err != nil {
			return err
		}
		ctx.Export("wafModeMode", wafMode.Mode)
		ctx.Export("wafModeCurrentRuleset", wafMode.CurrentRuleset)
		ctx.Export("wafModeEvalStatus", wafMode.EvalStatus)
		ctx.Export("wafModeEvalRuleset", wafMode.EvalRuleset)
		ctx.Export("wafModeEvalExpirationDate", wafMode.EvalExpirationDate)
		ctx.Export("wafModeText", wafMode.OutputText)
		ctx.Export("wafModeJson", wafMode.Json)
		return nil
	})
}
package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.akamai.AkamaiFunctions;
import com.pulumi.akamai.inputs.GetAppSecConfigurationArgs;
import com.pulumi.akamai.inputs.GetAppSecWafModeArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        final var configuration = AkamaiFunctions.getAppSecConfiguration(GetAppSecConfigurationArgs.builder()
            .name("Documentation")
            .build());

        final var wafMode = AkamaiFunctions.getAppSecWafMode(GetAppSecWafModeArgs.builder()
            .configId(configuration.applyValue(getAppSecConfigurationResult -> getAppSecConfigurationResult.configId()))
            .securityPolicyId("gms1_134637")
            .build());

        ctx.export("wafModeMode", wafMode.applyValue(getAppSecWafModeResult -> getAppSecWafModeResult.mode()));
        ctx.export("wafModeCurrentRuleset", wafMode.applyValue(getAppSecWafModeResult -> getAppSecWafModeResult.currentRuleset()));
        ctx.export("wafModeEvalStatus", wafMode.applyValue(getAppSecWafModeResult -> getAppSecWafModeResult.evalStatus()));
        ctx.export("wafModeEvalRuleset", wafMode.applyValue(getAppSecWafModeResult -> getAppSecWafModeResult.evalRuleset()));
        ctx.export("wafModeEvalExpirationDate", wafMode.applyValue(getAppSecWafModeResult -> getAppSecWafModeResult.evalExpirationDate()));
        ctx.export("wafModeText", wafMode.applyValue(getAppSecWafModeResult -> getAppSecWafModeResult.outputText()));
        ctx.export("wafModeJson", wafMode.applyValue(getAppSecWafModeResult -> getAppSecWafModeResult.json()));
    }
}
import pulumi
import pulumi_akamai as akamai

configuration = akamai.get_app_sec_configuration(name="Documentation")
waf_mode = akamai.get_app_sec_waf_mode(config_id=configuration.config_id,
    security_policy_id="gms1_134637")
pulumi.export("wafModeMode", waf_mode.mode)
pulumi.export("wafModeCurrentRuleset", waf_mode.current_ruleset)
pulumi.export("wafModeEvalStatus", waf_mode.eval_status)
pulumi.export("wafModeEvalRuleset", waf_mode.eval_ruleset)
pulumi.export("wafModeEvalExpirationDate", waf_mode.eval_expiration_date)
pulumi.export("wafModeText", waf_mode.output_text)
pulumi.export("wafModeJson", waf_mode.json)
import * as pulumi from "@pulumi/pulumi";
import * as akamai from "@pulumi/akamai";

const configuration = akamai.getAppSecConfiguration({
    name: "Documentation",
});
const wafMode = configuration.then(configuration => akamai.getAppSecWafMode({
    configId: configuration.configId,
    securityPolicyId: "gms1_134637",
}));
export const wafModeMode = wafMode.then(wafMode => wafMode.mode);
export const wafModeCurrentRuleset = wafMode.then(wafMode => wafMode.currentRuleset);
export const wafModeEvalStatus = wafMode.then(wafMode => wafMode.evalStatus);
export const wafModeEvalRuleset = wafMode.then(wafMode => wafMode.evalRuleset);
export const wafModeEvalExpirationDate = wafMode.then(wafMode => wafMode.evalExpirationDate);
export const wafModeText = wafMode.then(wafMode => wafMode.outputText);
export const wafModeJson = wafMode.then(wafMode => wafMode.json);
variables:
  configuration:
    fn::invoke:
      Function: akamai:getAppSecConfiguration
      Arguments:
        name: Documentation
  wafMode:
    fn::invoke:
      Function: akamai:getAppSecWafMode
      Arguments:
        configId: ${configuration.configId}
        securityPolicyId: gms1_134637
outputs:
  wafModeMode: ${wafMode.mode}
  wafModeCurrentRuleset: ${wafMode.currentRuleset}
  wafModeEvalStatus: ${wafMode.evalStatus}
  wafModeEvalRuleset: ${wafMode.evalRuleset}
  wafModeEvalExpirationDate: ${wafMode.evalExpirationDate}
  wafModeText: ${wafMode.outputText}
  wafModeJson: ${wafMode.json}

Using getAppSecWafMode

Two invocation forms are available. The direct form accepts plain arguments and either blocks until the result value is available, or returns a Promise-wrapped result. The output form accepts Input-wrapped arguments and returns an Output-wrapped result.

function getAppSecWafMode(args: GetAppSecWafModeArgs, opts?: InvokeOptions): Promise<GetAppSecWafModeResult>
function getAppSecWafModeOutput(args: GetAppSecWafModeOutputArgs, opts?: InvokeOptions): Output<GetAppSecWafModeResult>
def get_app_sec_waf_mode(config_id: Optional[int] = None,
                         security_policy_id: Optional[str] = None,
                         opts: Optional[InvokeOptions] = None) -> GetAppSecWafModeResult
def get_app_sec_waf_mode_output(config_id: Optional[pulumi.Input[int]] = None,
                         security_policy_id: Optional[pulumi.Input[str]] = None,
                         opts: Optional[InvokeOptions] = None) -> Output[GetAppSecWafModeResult]
func LookupAppSecWafMode(ctx *Context, args *LookupAppSecWafModeArgs, opts ...InvokeOption) (*LookupAppSecWafModeResult, error)
func LookupAppSecWafModeOutput(ctx *Context, args *LookupAppSecWafModeOutputArgs, opts ...InvokeOption) LookupAppSecWafModeResultOutput

> Note: This function is named LookupAppSecWafMode in the Go SDK.

public static class GetAppSecWafMode 
{
    public static Task<GetAppSecWafModeResult> InvokeAsync(GetAppSecWafModeArgs args, InvokeOptions? opts = null)
    public static Output<GetAppSecWafModeResult> Invoke(GetAppSecWafModeInvokeArgs args, InvokeOptions? opts = null)
}
public static CompletableFuture<GetAppSecWafModeResult> getAppSecWafMode(GetAppSecWafModeArgs args, InvokeOptions options)
// Output-based functions aren't available in Java yet
fn::invoke:
  function: akamai:index/getAppSecWafMode:getAppSecWafMode
  arguments:
    # arguments dictionary

The following arguments are supported:

ConfigId int

. Unique identifier of the security configuration associated with the Kona Rule Set rules.

SecurityPolicyId string

. Unique identifier of the security policy associated with the Kona Rule Set rules.

ConfigId int

. Unique identifier of the security configuration associated with the Kona Rule Set rules.

SecurityPolicyId string

. Unique identifier of the security policy associated with the Kona Rule Set rules.

configId Integer

. Unique identifier of the security configuration associated with the Kona Rule Set rules.

securityPolicyId String

. Unique identifier of the security policy associated with the Kona Rule Set rules.

configId number

. Unique identifier of the security configuration associated with the Kona Rule Set rules.

securityPolicyId string

. Unique identifier of the security policy associated with the Kona Rule Set rules.

config_id int

. Unique identifier of the security configuration associated with the Kona Rule Set rules.

security_policy_id str

. Unique identifier of the security policy associated with the Kona Rule Set rules.

configId Number

. Unique identifier of the security configuration associated with the Kona Rule Set rules.

securityPolicyId String

. Unique identifier of the security policy associated with the Kona Rule Set rules.

getAppSecWafMode Result

The following output properties are available:

ConfigId int
CurrentRuleset string
EvalExpirationDate string
EvalRuleset string
EvalStatus string
Id string

The provider-assigned unique ID for this managed resource.

Json string
Mode string
OutputText string
SecurityPolicyId string
ConfigId int
CurrentRuleset string
EvalExpirationDate string
EvalRuleset string
EvalStatus string
Id string

The provider-assigned unique ID for this managed resource.

Json string
Mode string
OutputText string
SecurityPolicyId string
configId Integer
currentRuleset String
evalExpirationDate String
evalRuleset String
evalStatus String
id String

The provider-assigned unique ID for this managed resource.

json String
mode String
outputText String
securityPolicyId String
configId number
currentRuleset string
evalExpirationDate string
evalRuleset string
evalStatus string
id string

The provider-assigned unique ID for this managed resource.

json string
mode string
outputText string
securityPolicyId string
config_id int
current_ruleset str
eval_expiration_date str
eval_ruleset str
eval_status str
id str

The provider-assigned unique ID for this managed resource.

json str
mode str
output_text str
security_policy_id str
configId Number
currentRuleset String
evalExpirationDate String
evalRuleset String
evalStatus String
id String

The provider-assigned unique ID for this managed resource.

json String
mode String
outputText String
securityPolicyId String

Package Details

Repository
Akamai pulumi/pulumi-akamai
License
Apache-2.0
Notes

This Pulumi package is based on the akamai Terraform Provider.