akamai.getAppSecWafMode
Scopes: Security policy
Returns information about how the Kona Rule Set rules associated with a security configuration and security policy are updated. The WAF (Web Application Firewall) mode determines whether Kona Rule Sets are automatically updated as part of automated attack groups (mode = AAG
) or whether you must periodically check for new rules and then manually update those rules yourself (mode = KRS
).
Related API Endpoint: /appsec/v1/configs/{configId}/versions/{versionNumber}/security-policies/{policyId}/mode
Output Options
The following options can be used to determine the information returned, and how that returned information is formatted:
mode
. Security policy mode, either KRS (update manually) or AAG (update automatically), For organizations running the Adaptive Security Engine (ASE) beta, you’ll get back ASE_AUTO for automatic updates or ASE_MANUAL for manual updates. Please contact your Akamai representative to learn more about ASE.current_ruleset
. Current ruleset version and the ISO 8601 date the version was introduced.eval_status
. Specifies whether evaluation mode is enabled or disabled.eval_ruleset
. Evaluation ruleset version and the ISO 8601 date the evaluation began.eval_expiration_date
. ISO 8601 timestamp indicating when evaluation mode expires. Valid only ifeval_status
is set to enabled.output_text
. Tabular report of the mode information.json
. JSON-formatted list of the mode information.
Example Usage
Basic usage
using System.Collections.Generic;
using Pulumi;
using Akamai = Pulumi.Akamai;
return await Deployment.RunAsync(() =>
{
var configuration = Akamai.GetAppSecConfiguration.Invoke(new()
{
Name = "Documentation",
});
var wafMode = Akamai.GetAppSecWafMode.Invoke(new()
{
ConfigId = configuration.Apply(getAppSecConfigurationResult => getAppSecConfigurationResult.ConfigId),
SecurityPolicyId = "gms1_134637",
});
return new Dictionary<string, object?>
{
["wafModeMode"] = wafMode.Apply(getAppSecWafModeResult => getAppSecWafModeResult.Mode),
["wafModeCurrentRuleset"] = wafMode.Apply(getAppSecWafModeResult => getAppSecWafModeResult.CurrentRuleset),
["wafModeEvalStatus"] = wafMode.Apply(getAppSecWafModeResult => getAppSecWafModeResult.EvalStatus),
["wafModeEvalRuleset"] = wafMode.Apply(getAppSecWafModeResult => getAppSecWafModeResult.EvalRuleset),
["wafModeEvalExpirationDate"] = wafMode.Apply(getAppSecWafModeResult => getAppSecWafModeResult.EvalExpirationDate),
["wafModeText"] = wafMode.Apply(getAppSecWafModeResult => getAppSecWafModeResult.OutputText),
["wafModeJson"] = wafMode.Apply(getAppSecWafModeResult => getAppSecWafModeResult.Json),
};
});
package main
import (
"github.com/pulumi/pulumi-akamai/sdk/v4/go/akamai"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
configuration, err := akamai.LookupAppSecConfiguration(ctx, &akamai.LookupAppSecConfigurationArgs{
Name: pulumi.StringRef("Documentation"),
}, nil)
if err != nil {
return err
}
wafMode, err := akamai.LookupAppSecWafMode(ctx, &akamai.LookupAppSecWafModeArgs{
ConfigId: configuration.ConfigId,
SecurityPolicyId: "gms1_134637",
}, nil)
if err != nil {
return err
}
ctx.Export("wafModeMode", wafMode.Mode)
ctx.Export("wafModeCurrentRuleset", wafMode.CurrentRuleset)
ctx.Export("wafModeEvalStatus", wafMode.EvalStatus)
ctx.Export("wafModeEvalRuleset", wafMode.EvalRuleset)
ctx.Export("wafModeEvalExpirationDate", wafMode.EvalExpirationDate)
ctx.Export("wafModeText", wafMode.OutputText)
ctx.Export("wafModeJson", wafMode.Json)
return nil
})
}
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.akamai.AkamaiFunctions;
import com.pulumi.akamai.inputs.GetAppSecConfigurationArgs;
import com.pulumi.akamai.inputs.GetAppSecWafModeArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
final var configuration = AkamaiFunctions.getAppSecConfiguration(GetAppSecConfigurationArgs.builder()
.name("Documentation")
.build());
final var wafMode = AkamaiFunctions.getAppSecWafMode(GetAppSecWafModeArgs.builder()
.configId(configuration.applyValue(getAppSecConfigurationResult -> getAppSecConfigurationResult.configId()))
.securityPolicyId("gms1_134637")
.build());
ctx.export("wafModeMode", wafMode.applyValue(getAppSecWafModeResult -> getAppSecWafModeResult.mode()));
ctx.export("wafModeCurrentRuleset", wafMode.applyValue(getAppSecWafModeResult -> getAppSecWafModeResult.currentRuleset()));
ctx.export("wafModeEvalStatus", wafMode.applyValue(getAppSecWafModeResult -> getAppSecWafModeResult.evalStatus()));
ctx.export("wafModeEvalRuleset", wafMode.applyValue(getAppSecWafModeResult -> getAppSecWafModeResult.evalRuleset()));
ctx.export("wafModeEvalExpirationDate", wafMode.applyValue(getAppSecWafModeResult -> getAppSecWafModeResult.evalExpirationDate()));
ctx.export("wafModeText", wafMode.applyValue(getAppSecWafModeResult -> getAppSecWafModeResult.outputText()));
ctx.export("wafModeJson", wafMode.applyValue(getAppSecWafModeResult -> getAppSecWafModeResult.json()));
}
}
import pulumi
import pulumi_akamai as akamai
configuration = akamai.get_app_sec_configuration(name="Documentation")
waf_mode = akamai.get_app_sec_waf_mode(config_id=configuration.config_id,
security_policy_id="gms1_134637")
pulumi.export("wafModeMode", waf_mode.mode)
pulumi.export("wafModeCurrentRuleset", waf_mode.current_ruleset)
pulumi.export("wafModeEvalStatus", waf_mode.eval_status)
pulumi.export("wafModeEvalRuleset", waf_mode.eval_ruleset)
pulumi.export("wafModeEvalExpirationDate", waf_mode.eval_expiration_date)
pulumi.export("wafModeText", waf_mode.output_text)
pulumi.export("wafModeJson", waf_mode.json)
import * as pulumi from "@pulumi/pulumi";
import * as akamai from "@pulumi/akamai";
const configuration = akamai.getAppSecConfiguration({
name: "Documentation",
});
const wafMode = configuration.then(configuration => akamai.getAppSecWafMode({
configId: configuration.configId,
securityPolicyId: "gms1_134637",
}));
export const wafModeMode = wafMode.then(wafMode => wafMode.mode);
export const wafModeCurrentRuleset = wafMode.then(wafMode => wafMode.currentRuleset);
export const wafModeEvalStatus = wafMode.then(wafMode => wafMode.evalStatus);
export const wafModeEvalRuleset = wafMode.then(wafMode => wafMode.evalRuleset);
export const wafModeEvalExpirationDate = wafMode.then(wafMode => wafMode.evalExpirationDate);
export const wafModeText = wafMode.then(wafMode => wafMode.outputText);
export const wafModeJson = wafMode.then(wafMode => wafMode.json);
variables:
configuration:
fn::invoke:
Function: akamai:getAppSecConfiguration
Arguments:
name: Documentation
wafMode:
fn::invoke:
Function: akamai:getAppSecWafMode
Arguments:
configId: ${configuration.configId}
securityPolicyId: gms1_134637
outputs:
wafModeMode: ${wafMode.mode}
wafModeCurrentRuleset: ${wafMode.currentRuleset}
wafModeEvalStatus: ${wafMode.evalStatus}
wafModeEvalRuleset: ${wafMode.evalRuleset}
wafModeEvalExpirationDate: ${wafMode.evalExpirationDate}
wafModeText: ${wafMode.outputText}
wafModeJson: ${wafMode.json}
Using getAppSecWafMode
Two invocation forms are available. The direct form accepts plain arguments and either blocks until the result value is available, or returns a Promise-wrapped result. The output form accepts Input-wrapped arguments and returns an Output-wrapped result.
function getAppSecWafMode(args: GetAppSecWafModeArgs, opts?: InvokeOptions): Promise<GetAppSecWafModeResult>
function getAppSecWafModeOutput(args: GetAppSecWafModeOutputArgs, opts?: InvokeOptions): Output<GetAppSecWafModeResult>
def get_app_sec_waf_mode(config_id: Optional[int] = None,
security_policy_id: Optional[str] = None,
opts: Optional[InvokeOptions] = None) -> GetAppSecWafModeResult
def get_app_sec_waf_mode_output(config_id: Optional[pulumi.Input[int]] = None,
security_policy_id: Optional[pulumi.Input[str]] = None,
opts: Optional[InvokeOptions] = None) -> Output[GetAppSecWafModeResult]
func LookupAppSecWafMode(ctx *Context, args *LookupAppSecWafModeArgs, opts ...InvokeOption) (*LookupAppSecWafModeResult, error)
func LookupAppSecWafModeOutput(ctx *Context, args *LookupAppSecWafModeOutputArgs, opts ...InvokeOption) LookupAppSecWafModeResultOutput
> Note: This function is named LookupAppSecWafMode
in the Go SDK.
public static class GetAppSecWafMode
{
public static Task<GetAppSecWafModeResult> InvokeAsync(GetAppSecWafModeArgs args, InvokeOptions? opts = null)
public static Output<GetAppSecWafModeResult> Invoke(GetAppSecWafModeInvokeArgs args, InvokeOptions? opts = null)
}
public static CompletableFuture<GetAppSecWafModeResult> getAppSecWafMode(GetAppSecWafModeArgs args, InvokeOptions options)
// Output-based functions aren't available in Java yet
fn::invoke:
function: akamai:index/getAppSecWafMode:getAppSecWafMode
arguments:
# arguments dictionary
The following arguments are supported:
- Config
Id int . Unique identifier of the security configuration associated with the Kona Rule Set rules.
- Security
Policy stringId . Unique identifier of the security policy associated with the Kona Rule Set rules.
- Config
Id int . Unique identifier of the security configuration associated with the Kona Rule Set rules.
- Security
Policy stringId . Unique identifier of the security policy associated with the Kona Rule Set rules.
- config
Id Integer . Unique identifier of the security configuration associated with the Kona Rule Set rules.
- security
Policy StringId . Unique identifier of the security policy associated with the Kona Rule Set rules.
- config
Id number . Unique identifier of the security configuration associated with the Kona Rule Set rules.
- security
Policy stringId . Unique identifier of the security policy associated with the Kona Rule Set rules.
- config_
id int . Unique identifier of the security configuration associated with the Kona Rule Set rules.
- security_
policy_ strid . Unique identifier of the security policy associated with the Kona Rule Set rules.
- config
Id Number . Unique identifier of the security configuration associated with the Kona Rule Set rules.
- security
Policy StringId . Unique identifier of the security policy associated with the Kona Rule Set rules.
getAppSecWafMode Result
The following output properties are available:
- Config
Id int - Current
Ruleset string - Eval
Expiration stringDate - Eval
Ruleset string - Eval
Status string - Id string
The provider-assigned unique ID for this managed resource.
- Json string
- Mode string
- Output
Text string - Security
Policy stringId
- Config
Id int - Current
Ruleset string - Eval
Expiration stringDate - Eval
Ruleset string - Eval
Status string - Id string
The provider-assigned unique ID for this managed resource.
- Json string
- Mode string
- Output
Text string - Security
Policy stringId
- config
Id Integer - current
Ruleset String - eval
Expiration StringDate - eval
Ruleset String - eval
Status String - id String
The provider-assigned unique ID for this managed resource.
- json String
- mode String
- output
Text String - security
Policy StringId
- config
Id number - current
Ruleset string - eval
Expiration stringDate - eval
Ruleset string - eval
Status string - id string
The provider-assigned unique ID for this managed resource.
- json string
- mode string
- output
Text string - security
Policy stringId
- config_
id int - current_
ruleset str - eval_
expiration_ strdate - eval_
ruleset str - eval_
status str - id str
The provider-assigned unique ID for this managed resource.
- json str
- mode str
- output_
text str - security_
policy_ strid
- config
Id Number - current
Ruleset String - eval
Expiration StringDate - eval
Ruleset String - eval
Status String - id String
The provider-assigned unique ID for this managed resource.
- json String
- mode String
- output
Text String - security
Policy StringId
Package Details
- Repository
- Akamai pulumi/pulumi-akamai
- License
- Apache-2.0
- Notes
This Pulumi package is based on the
akamai
Terraform Provider.