getAppSecWafMode

Scopes: Security policy

Returns information about how the Kona Rule Set rules associated with a security configuration and security policy are updated. The WAF (Web Application Firewall) mode determines whether Kona Rule Sets are automatically updated as part of automated attack groups (mode = AAG) or whether you must periodically check for new rules and then manually update those rules yourself (mode = KRS).

Related API Endpoint: /appsec/v1/configs/{configId}/versions/{versionNumber}/security-policies/{policyId}/mode

Output Options

The following options can be used to determine the information returned, and how that returned information is formatted:

  • mode. Security policy mode, either KRS (update manually) or AAG (update automatically), For organizations running the Adaptive Security Engine (ASE) beta, you’ll get back ASE_AUTO for automatic updates or ASE_MANUAL for manual updates. Please contact your Akamai representative to learn more about ASE.
  • current_ruleset. Current ruleset version and the ISO 8601 date the version was introduced.
  • eval_status. Specifies whether evaluation mode is enabled or disabled.
  • eval_ruleset. Evaluation ruleset version and the ISO 8601 date the evaluation began.
  • eval_expiration_date. ISO 8601 timestamp indicating when evaluation mode expires. Valid only if eval_status is set to enabled.
  • output_text. Tabular report of the mode information.
  • json. JSON-formatted list of the mode information.

Example Usage

using Pulumi;
using Akamai = Pulumi.Akamai;

class MyStack : Stack
{
    public MyStack()
    {
        var configuration = Output.Create(Akamai.GetAppSecConfiguration.InvokeAsync(new Akamai.GetAppSecConfigurationArgs
        {
            Name = "Documentation",
        }));
        var wafMode = configuration.Apply(configuration => Output.Create(Akamai.GetAppSecWafMode.InvokeAsync(new Akamai.GetAppSecWafModeArgs
        {
            ConfigId = configuration.ConfigId,
            SecurityPolicyId = "gms1_134637",
        })));
        this.WafModeMode = wafMode.Apply(wafMode => wafMode.Mode);
        this.WafModeCurrentRuleset = wafMode.Apply(wafMode => wafMode.CurrentRuleset);
        this.WafModeEvalStatus = wafMode.Apply(wafMode => wafMode.EvalStatus);
        this.WafModeEvalRuleset = wafMode.Apply(wafMode => wafMode.EvalRuleset);
        this.WafModeEvalExpirationDate = wafMode.Apply(wafMode => wafMode.EvalExpirationDate);
        this.WafModeText = wafMode.Apply(wafMode => wafMode.OutputText);
        this.WafModeJson = wafMode.Apply(wafMode => wafMode.Json);
    }

    [Output("wafModeMode")]
    public Output<string> WafModeMode { get; set; }
    [Output("wafModeCurrentRuleset")]
    public Output<string> WafModeCurrentRuleset { get; set; }
    [Output("wafModeEvalStatus")]
    public Output<string> WafModeEvalStatus { get; set; }
    [Output("wafModeEvalRuleset")]
    public Output<string> WafModeEvalRuleset { get; set; }
    [Output("wafModeEvalExpirationDate")]
    public Output<string> WafModeEvalExpirationDate { get; set; }
    [Output("wafModeText")]
    public Output<string> WafModeText { get; set; }
    [Output("wafModeJson")]
    public Output<string> WafModeJson { get; set; }
}
package main

import (
	"github.com/pulumi/pulumi-akamai/sdk/v2/go/akamai"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		opt0 := "Documentation"
		configuration, err := akamai.LookupAppSecConfiguration(ctx, &GetAppSecConfigurationArgs{
			Name: &opt0,
		}, nil)
		if err != nil {
			return err
		}
		wafMode, err := akamai.LookupAppSecWafMode(ctx, &GetAppSecWafModeArgs{
			ConfigId:         configuration.ConfigId,
			SecurityPolicyId: "gms1_134637",
		}, nil)
		if err != nil {
			return err
		}
		ctx.Export("wafModeMode", wafMode.Mode)
		ctx.Export("wafModeCurrentRuleset", wafMode.CurrentRuleset)
		ctx.Export("wafModeEvalStatus", wafMode.EvalStatus)
		ctx.Export("wafModeEvalRuleset", wafMode.EvalRuleset)
		ctx.Export("wafModeEvalExpirationDate", wafMode.EvalExpirationDate)
		ctx.Export("wafModeText", wafMode.OutputText)
		ctx.Export("wafModeJson", wafMode.Json)
		return nil
	})
}
import pulumi
import pulumi_akamai as akamai

configuration = akamai.get_app_sec_configuration(name="Documentation")
waf_mode = akamai.get_app_sec_waf_mode(config_id=configuration.config_id,
    security_policy_id="gms1_134637")
pulumi.export("wafModeMode", waf_mode.mode)
pulumi.export("wafModeCurrentRuleset", waf_mode.current_ruleset)
pulumi.export("wafModeEvalStatus", waf_mode.eval_status)
pulumi.export("wafModeEvalRuleset", waf_mode.eval_ruleset)
pulumi.export("wafModeEvalExpirationDate", waf_mode.eval_expiration_date)
pulumi.export("wafModeText", waf_mode.output_text)
pulumi.export("wafModeJson", waf_mode.json)
import * as pulumi from "@pulumi/pulumi";
import * as akamai from "@pulumi/akamai";

const configuration = akamai.getAppSecConfiguration({
    name: "Documentation",
});
const wafMode = configuration.then(configuration => akamai.getAppSecWafMode({
    configId: configuration.configId,
    securityPolicyId: "gms1_134637",
}));
export const wafModeMode = wafMode.then(wafMode => wafMode.mode);
export const wafModeCurrentRuleset = wafMode.then(wafMode => wafMode.currentRuleset);
export const wafModeEvalStatus = wafMode.then(wafMode => wafMode.evalStatus);
export const wafModeEvalRuleset = wafMode.then(wafMode => wafMode.evalRuleset);
export const wafModeEvalExpirationDate = wafMode.then(wafMode => wafMode.evalExpirationDate);
export const wafModeText = wafMode.then(wafMode => wafMode.outputText);
export const wafModeJson = wafMode.then(wafMode => wafMode.json);

Using getAppSecWafMode

Two invocation forms are available. The direct form accepts plain arguments and either blocks until the result value is available, or returns a Promise-wrapped result. The output form accepts Input-wrapped arguments and returns an Output-wrapped result.

function getAppSecWafMode(args: GetAppSecWafModeArgs, opts?: InvokeOptions): Promise<GetAppSecWafModeResult>
function getAppSecWafModeOutput(args: GetAppSecWafModeOutputArgs, opts?: InvokeOptions): Output<GetAppSecWafModeResult>
def get_app_sec_waf_mode(config_id: Optional[int] = None,
                         security_policy_id: Optional[str] = None,
                         opts: Optional[InvokeOptions] = None) -> GetAppSecWafModeResult
def get_app_sec_waf_mode_output(config_id: Optional[pulumi.Input[int]] = None,
                         security_policy_id: Optional[pulumi.Input[str]] = None,
                         opts: Optional[InvokeOptions] = None) -> Output[GetAppSecWafModeResult]
func LookupAppSecWafMode(ctx *Context, args *LookupAppSecWafModeArgs, opts ...InvokeOption) (*LookupAppSecWafModeResult, error)
func LookupAppSecWafModeOutput(ctx *Context, args *LookupAppSecWafModeOutputArgs, opts ...InvokeOption) LookupAppSecWafModeResultOutput

> Note: This function is named LookupAppSecWafMode in the Go SDK.

public static class GetAppSecWafMode 
{
    public static Task<GetAppSecWafModeResult> InvokeAsync(GetAppSecWafModeArgs args, InvokeOptions? opts = null)
    public static Output<GetAppSecWafModeResult> Invoke(GetAppSecWafModeInvokeArgs args, InvokeOptions? opts = null)
}

The following arguments are supported:

ConfigId int
. Unique identifier of the security configuration associated with the Kona Rule Set rules.
SecurityPolicyId string
. Unique identifier of the security policy associated with the Kona Rule Set rules.
ConfigId int
. Unique identifier of the security configuration associated with the Kona Rule Set rules.
SecurityPolicyId string
. Unique identifier of the security policy associated with the Kona Rule Set rules.
configId number
. Unique identifier of the security configuration associated with the Kona Rule Set rules.
securityPolicyId string
. Unique identifier of the security policy associated with the Kona Rule Set rules.
config_id int
. Unique identifier of the security configuration associated with the Kona Rule Set rules.
security_policy_id str
. Unique identifier of the security policy associated with the Kona Rule Set rules.

getAppSecWafMode Result

The following output properties are available:

ConfigId int
CurrentRuleset string
EvalExpirationDate string
EvalRuleset string
EvalStatus string
Id string
The provider-assigned unique ID for this managed resource.
Json string
Mode string
OutputText string
SecurityPolicyId string
ConfigId int
CurrentRuleset string
EvalExpirationDate string
EvalRuleset string
EvalStatus string
Id string
The provider-assigned unique ID for this managed resource.
Json string
Mode string
OutputText string
SecurityPolicyId string
configId number
currentRuleset string
evalExpirationDate string
evalRuleset string
evalStatus string
id string
The provider-assigned unique ID for this managed resource.
json string
mode string
outputText string
securityPolicyId string
config_id int
current_ruleset str
eval_expiration_date str
eval_ruleset str
eval_status str
id str
The provider-assigned unique ID for this managed resource.
json str
mode str
output_text str
security_policy_id str

Package Details

Repository
https://github.com/pulumi/pulumi-akamai
License
Apache-2.0
Notes
This Pulumi package is based on the akamai Terraform Provider.