1. Packages
  2. Packages
  3. Azure Native
  4. API Docs
  5. frontdoor
  6. Policy
This is the latest version of Azure Native. Use the Azure Native v2 docs if using the v2 version of this package.
Viewing docs for Azure Native v3.20.0
published on Thursday, Jul 9, 2026 by Pulumi
azure-native logo
This is the latest version of Azure Native. Use the Azure Native v2 docs if using the v2 version of this package.
Viewing docs for Azure Native v3.20.0
published on Thursday, Jul 9, 2026 by Pulumi

    Defines web application firewall policy.

    Uses Azure REST API version 2025-11-01.

    Other available API versions: 2018-08-01, 2019-03-01, 2019-10-01, 2020-04-01, 2020-11-01, 2021-06-01, 2022-05-01, 2024-02-01, 2025-03-01, 2025-10-01. These can be accessed by generating a local SDK package using the CLI command pulumi package add azure-native frontdoor [ApiVersion]. See the version guide for details.

    Example Usage

    Creates specific policy

    using System.Collections.Generic;
    using System.Linq;
    using Pulumi;
    using AzureNative = Pulumi.AzureNative;
    
    return await Deployment.RunAsync(() => 
    {
        var policy = new AzureNative.FrontDoor.Policy("policy", new()
        {
            CustomRules = new AzureNative.FrontDoor.Inputs.CustomRuleListArgs
            {
                Rules = new[]
                {
                    new AzureNative.FrontDoor.Inputs.CustomRuleArgs
                    {
                        Action = AzureNative.FrontDoor.ActionType.Block,
                        MatchConditions = new[]
                        {
                            new AzureNative.FrontDoor.Inputs.MatchConditionArgs
                            {
                                MatchValue = new[]
                                {
                                    "192.168.1.0/24",
                                    "10.0.0.0/24",
                                },
                                MatchVariable = AzureNative.FrontDoor.MatchVariable.RemoteAddr,
                                Operator = AzureNative.FrontDoor.Operator.IPMatch,
                            },
                        },
                        Name = "Rule1",
                        Priority = 1,
                        RateLimitThreshold = 1000,
                        RuleType = AzureNative.FrontDoor.RuleType.RateLimitRule,
                    },
                    new AzureNative.FrontDoor.Inputs.CustomRuleArgs
                    {
                        Action = AzureNative.FrontDoor.ActionType.Block,
                        MatchConditions = new[]
                        {
                            new AzureNative.FrontDoor.Inputs.MatchConditionArgs
                            {
                                MatchValue = new[]
                                {
                                    "CH",
                                },
                                MatchVariable = AzureNative.FrontDoor.MatchVariable.RemoteAddr,
                                Operator = AzureNative.FrontDoor.Operator.GeoMatch,
                            },
                            new AzureNative.FrontDoor.Inputs.MatchConditionArgs
                            {
                                MatchValue = new[]
                                {
                                    "windows",
                                },
                                MatchVariable = AzureNative.FrontDoor.MatchVariable.RequestHeader,
                                Operator = AzureNative.FrontDoor.Operator.Contains,
                                Selector = "UserAgent",
                                Transforms = new[]
                                {
                                    AzureNative.FrontDoor.TransformType.Lowercase,
                                },
                            },
                        },
                        Name = "Rule2",
                        Priority = 2,
                        RuleType = AzureNative.FrontDoor.RuleType.MatchRule,
                    },
                    new AzureNative.FrontDoor.Inputs.CustomRuleArgs
                    {
                        Action = AzureNative.FrontDoor.ActionType.CAPTCHA,
                        MatchConditions = new[]
                        {
                            new AzureNative.FrontDoor.Inputs.MatchConditionArgs
                            {
                                MatchValue = new[]
                                {
                                    "AzureBackup",
                                    "AzureBotService",
                                },
                                MatchVariable = AzureNative.FrontDoor.MatchVariable.RemoteAddr,
                                Operator = AzureNative.FrontDoor.Operator.ServiceTagMatch,
                            },
                        },
                        Name = "Rule3",
                        Priority = 1,
                        RateLimitThreshold = 1000,
                        RuleType = AzureNative.FrontDoor.RuleType.RateLimitRule,
                    },
                },
            },
            Location = "WestUs",
            ManagedRules = new AzureNative.FrontDoor.Inputs.ManagedRuleSetListArgs
            {
                ExceptionsList = new AzureNative.FrontDoor.Inputs.ManagedRuleSetExceptionListArgs
                {
                    Exceptions = new[]
                    {
                        new AzureNative.FrontDoor.Inputs.ManagedRuleSetExceptionArgs
                        {
                            MatchValues = new[]
                            {
                                "Mozilla",
                            },
                            MatchVariable = AzureNative.FrontDoor.ExceptionMatchVariable.RequestHeaderNames,
                            Scopes = new[]
                            {
                                new AzureNative.FrontDoor.Inputs.ManagedRuleSetScopeArgs
                                {
                                    RuleSetType = "Microsoft_DefaultRuleSet",
                                    RuleSetVersion = "2.2",
                                },
                                new AzureNative.FrontDoor.Inputs.ManagedRuleSetScopeArgs
                                {
                                    RuleSetType = "Microsoft_HTTPDDoSRuleSet",
                                    RuleSetVersion = "1.0",
                                },
                            },
                            Selector = "User-Agent",
                            SelectorMatchOperator = AzureNative.FrontDoor.ExceptionSelectorMatchOperator.EqualsValue,
                            ValueMatchOperator = AzureNative.FrontDoor.ExceptionValueMatchOperator.Contains,
                        },
                    },
                },
                ManagedRuleSets = new[]
                {
                    new AzureNative.FrontDoor.Inputs.ManagedRuleSetArgs
                    {
                        Exclusions = new[]
                        {
                            new AzureNative.FrontDoor.Inputs.ManagedRuleExclusionArgs
                            {
                                MatchVariable = AzureNative.FrontDoor.ManagedRuleExclusionMatchVariable.RequestHeaderNames,
                                Selector = "User-Agent",
                                SelectorMatchOperator = AzureNative.FrontDoor.ManagedRuleExclusionSelectorMatchOperator.EqualsValue,
                            },
                        },
                        RuleGroupOverrides = new[]
                        {
                            new AzureNative.FrontDoor.Inputs.ManagedRuleGroupOverrideArgs
                            {
                                Exclusions = new[]
                                {
                                    new AzureNative.FrontDoor.Inputs.ManagedRuleExclusionArgs
                                    {
                                        MatchVariable = AzureNative.FrontDoor.ManagedRuleExclusionMatchVariable.RequestCookieNames,
                                        Selector = "token",
                                        SelectorMatchOperator = AzureNative.FrontDoor.ManagedRuleExclusionSelectorMatchOperator.StartsWith,
                                    },
                                },
                                RuleGroupName = "SQLI",
                                Rules = new[]
                                {
                                    new AzureNative.FrontDoor.Inputs.ManagedRuleOverrideArgs
                                    {
                                        Action = AzureNative.FrontDoor.ActionType.Redirect,
                                        EnabledState = AzureNative.FrontDoor.ManagedRuleEnabledState.Enabled,
                                        Exclusions = new[]
                                        {
                                            new AzureNative.FrontDoor.Inputs.ManagedRuleExclusionArgs
                                            {
                                                MatchVariable = AzureNative.FrontDoor.ManagedRuleExclusionMatchVariable.QueryStringArgNames,
                                                Selector = "query",
                                                SelectorMatchOperator = AzureNative.FrontDoor.ManagedRuleExclusionSelectorMatchOperator.EqualsValue,
                                            },
                                        },
                                        RuleId = "942100",
                                    },
                                    new AzureNative.FrontDoor.Inputs.ManagedRuleOverrideArgs
                                    {
                                        EnabledState = AzureNative.FrontDoor.ManagedRuleEnabledState.Disabled,
                                        RuleId = "942110",
                                    },
                                },
                            },
                        },
                        RuleSetAction = AzureNative.FrontDoor.ManagedRuleSetActionType.Block,
                        RuleSetType = "Microsoft_DefaultRuleSet",
                        RuleSetVersion = "2.2",
                    },
                    new AzureNative.FrontDoor.Inputs.ManagedRuleSetArgs
                    {
                        RuleGroupOverrides = new[]
                        {
                            new AzureNative.FrontDoor.Inputs.ManagedRuleGroupOverrideArgs
                            {
                                RuleGroupName = "ExcessiveRequests",
                                Rules = new[]
                                {
                                    new AzureNative.FrontDoor.Inputs.ManagedRuleOverrideArgs
                                    {
                                        Action = AzureNative.FrontDoor.ActionType.Block,
                                        EnabledState = AzureNative.FrontDoor.ManagedRuleEnabledState.Enabled,
                                        RuleId = "500100",
                                        Sensitivity = AzureNative.FrontDoor.SensitivityType.High,
                                    },
                                },
                            },
                        },
                        RuleSetType = "Microsoft_HTTPDDoSRuleSet",
                        RuleSetVersion = "1.0",
                    },
                },
            },
            PolicyName = "Policy1",
            PolicySettings = new AzureNative.FrontDoor.Inputs.PolicySettingsArgs
            {
                CaptchaExpirationInMinutes = 30,
                CustomBlockResponseBody = "PGh0bWw+CjxoZWFkZXI+PHRpdGxlPkhlbGxvPC90aXRsZT48L2hlYWRlcj4KPGJvZHk+CkhlbGxvIHdvcmxkCjwvYm9keT4KPC9odG1sPg==",
                CustomBlockResponseStatusCode = 429,
                EnabledState = AzureNative.FrontDoor.PolicyEnabledState.Enabled,
                JavascriptChallengeExpirationInMinutes = 30,
                Mode = AzureNative.FrontDoor.PolicyMode.Prevention,
                RedirectUrl = "http://www.bing.com",
                RequestBodyCheck = AzureNative.FrontDoor.PolicyRequestBodyCheck.Disabled,
                ScrubbingRules = new[]
                {
                    new AzureNative.FrontDoor.Inputs.WebApplicationFirewallScrubbingRulesArgs
                    {
                        MatchVariable = AzureNative.FrontDoor.ScrubbingRuleEntryMatchVariable.RequestIPAddress,
                        SelectorMatchOperator = AzureNative.FrontDoor.ScrubbingRuleEntryMatchOperator.EqualsAny,
                        State = AzureNative.FrontDoor.ScrubbingRuleEntryState.Enabled,
                    },
                },
                State = AzureNative.FrontDoor.WebApplicationFirewallScrubbingState.Enabled,
            },
            ResourceGroupName = "rg1",
            Sku = new AzureNative.FrontDoor.Inputs.SkuArgs
            {
                Name = AzureNative.FrontDoor.SkuName.Premium_AzureFrontDoor,
            },
        });
    
    });
    
    package main
    
    import (
    	frontdoor "github.com/pulumi/pulumi-azure-native-sdk/frontdoor/v3"
    	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
    )
    
    func main() {
    	pulumi.Run(func(ctx *pulumi.Context) error {
    		_, err := frontdoor.NewPolicy(ctx, "policy", &frontdoor.PolicyArgs{
    			CustomRules: &frontdoor.CustomRuleListArgs{
    				Rules: frontdoor.CustomRuleArray{
    					&frontdoor.CustomRuleArgs{
    						Action: pulumi.String(frontdoor.ActionTypeBlock),
    						MatchConditions: frontdoor.MatchConditionArray{
    							&frontdoor.MatchConditionArgs{
    								MatchValue: pulumi.StringArray{
    									pulumi.String("192.168.1.0/24"),
    									pulumi.String("10.0.0.0/24"),
    								},
    								MatchVariable: pulumi.String(frontdoor.MatchVariableRemoteAddr),
    								Operator:      pulumi.String(frontdoor.OperatorIPMatch),
    							},
    						},
    						Name:               pulumi.String("Rule1"),
    						Priority:           pulumi.Int(1),
    						RateLimitThreshold: pulumi.Int(1000),
    						RuleType:           pulumi.String(frontdoor.RuleTypeRateLimitRule),
    					},
    					&frontdoor.CustomRuleArgs{
    						Action: pulumi.String(frontdoor.ActionTypeBlock),
    						MatchConditions: frontdoor.MatchConditionArray{
    							&frontdoor.MatchConditionArgs{
    								MatchValue: pulumi.StringArray{
    									pulumi.String("CH"),
    								},
    								MatchVariable: pulumi.String(frontdoor.MatchVariableRemoteAddr),
    								Operator:      pulumi.String(frontdoor.OperatorGeoMatch),
    							},
    							&frontdoor.MatchConditionArgs{
    								MatchValue: pulumi.StringArray{
    									pulumi.String("windows"),
    								},
    								MatchVariable: pulumi.String(frontdoor.MatchVariableRequestHeader),
    								Operator:      pulumi.String(frontdoor.OperatorContains),
    								Selector:      pulumi.String("UserAgent"),
    								Transforms: pulumi.StringArray{
    									pulumi.String(frontdoor.TransformTypeLowercase),
    								},
    							},
    						},
    						Name:     pulumi.String("Rule2"),
    						Priority: pulumi.Int(2),
    						RuleType: pulumi.String(frontdoor.RuleTypeMatchRule),
    					},
    					&frontdoor.CustomRuleArgs{
    						Action: pulumi.String(frontdoor.ActionTypeCAPTCHA),
    						MatchConditions: frontdoor.MatchConditionArray{
    							&frontdoor.MatchConditionArgs{
    								MatchValue: pulumi.StringArray{
    									pulumi.String("AzureBackup"),
    									pulumi.String("AzureBotService"),
    								},
    								MatchVariable: pulumi.String(frontdoor.MatchVariableRemoteAddr),
    								Operator:      pulumi.String(frontdoor.OperatorServiceTagMatch),
    							},
    						},
    						Name:               pulumi.String("Rule3"),
    						Priority:           pulumi.Int(1),
    						RateLimitThreshold: pulumi.Int(1000),
    						RuleType:           pulumi.String(frontdoor.RuleTypeRateLimitRule),
    					},
    				},
    			},
    			Location: pulumi.String("WestUs"),
    			ManagedRules: &frontdoor.ManagedRuleSetListArgs{
    				ExceptionsList: &frontdoor.ManagedRuleSetExceptionListArgs{
    					Exceptions: frontdoor.ManagedRuleSetExceptionArray{
    						&frontdoor.ManagedRuleSetExceptionArgs{
    							MatchValues: pulumi.StringArray{
    								pulumi.String("Mozilla"),
    							},
    							MatchVariable: pulumi.String(frontdoor.ExceptionMatchVariableRequestHeaderNames),
    							Scopes: frontdoor.ManagedRuleSetScopeArray{
    								&frontdoor.ManagedRuleSetScopeArgs{
    									RuleSetType:    pulumi.String("Microsoft_DefaultRuleSet"),
    									RuleSetVersion: pulumi.String("2.2"),
    								},
    								&frontdoor.ManagedRuleSetScopeArgs{
    									RuleSetType:    pulumi.String("Microsoft_HTTPDDoSRuleSet"),
    									RuleSetVersion: pulumi.String("1.0"),
    								},
    							},
    							Selector:              pulumi.String("User-Agent"),
    							SelectorMatchOperator: pulumi.String(frontdoor.ExceptionSelectorMatchOperatorEquals),
    							ValueMatchOperator:    pulumi.String(frontdoor.ExceptionValueMatchOperatorContains),
    						},
    					},
    				},
    				ManagedRuleSets: frontdoor.ManagedRuleSetArray{
    					&frontdoor.ManagedRuleSetArgs{
    						Exclusions: frontdoor.ManagedRuleExclusionArray{
    							&frontdoor.ManagedRuleExclusionArgs{
    								MatchVariable:         pulumi.String(frontdoor.ManagedRuleExclusionMatchVariableRequestHeaderNames),
    								Selector:              pulumi.String("User-Agent"),
    								SelectorMatchOperator: pulumi.String(frontdoor.ManagedRuleExclusionSelectorMatchOperatorEquals),
    							},
    						},
    						RuleGroupOverrides: frontdoor.ManagedRuleGroupOverrideArray{
    							&frontdoor.ManagedRuleGroupOverrideArgs{
    								Exclusions: frontdoor.ManagedRuleExclusionArray{
    									&frontdoor.ManagedRuleExclusionArgs{
    										MatchVariable:         pulumi.String(frontdoor.ManagedRuleExclusionMatchVariableRequestCookieNames),
    										Selector:              pulumi.String("token"),
    										SelectorMatchOperator: pulumi.String(frontdoor.ManagedRuleExclusionSelectorMatchOperatorStartsWith),
    									},
    								},
    								RuleGroupName: pulumi.String("SQLI"),
    								Rules: frontdoor.ManagedRuleOverrideArray{
    									&frontdoor.ManagedRuleOverrideArgs{
    										Action:       pulumi.String(frontdoor.ActionTypeRedirect),
    										EnabledState: pulumi.String(frontdoor.ManagedRuleEnabledStateEnabled),
    										Exclusions: frontdoor.ManagedRuleExclusionArray{
    											&frontdoor.ManagedRuleExclusionArgs{
    												MatchVariable:         pulumi.String(frontdoor.ManagedRuleExclusionMatchVariableQueryStringArgNames),
    												Selector:              pulumi.String("query"),
    												SelectorMatchOperator: pulumi.String(frontdoor.ManagedRuleExclusionSelectorMatchOperatorEquals),
    											},
    										},
    										RuleId: pulumi.String("942100"),
    									},
    									&frontdoor.ManagedRuleOverrideArgs{
    										EnabledState: pulumi.String(frontdoor.ManagedRuleEnabledStateDisabled),
    										RuleId:       pulumi.String("942110"),
    									},
    								},
    							},
    						},
    						RuleSetAction:  pulumi.String(frontdoor.ManagedRuleSetActionTypeBlock),
    						RuleSetType:    pulumi.String("Microsoft_DefaultRuleSet"),
    						RuleSetVersion: pulumi.String("2.2"),
    					},
    					&frontdoor.ManagedRuleSetArgs{
    						RuleGroupOverrides: frontdoor.ManagedRuleGroupOverrideArray{
    							&frontdoor.ManagedRuleGroupOverrideArgs{
    								RuleGroupName: pulumi.String("ExcessiveRequests"),
    								Rules: frontdoor.ManagedRuleOverrideArray{
    									&frontdoor.ManagedRuleOverrideArgs{
    										Action:       pulumi.String(frontdoor.ActionTypeBlock),
    										EnabledState: pulumi.String(frontdoor.ManagedRuleEnabledStateEnabled),
    										RuleId:       pulumi.String("500100"),
    										Sensitivity:  pulumi.String(frontdoor.SensitivityTypeHigh),
    									},
    								},
    							},
    						},
    						RuleSetType:    pulumi.String("Microsoft_HTTPDDoSRuleSet"),
    						RuleSetVersion: pulumi.String("1.0"),
    					},
    				},
    			},
    			PolicyName: pulumi.String("Policy1"),
    			PolicySettings: &frontdoor.PolicySettingsArgs{
    				CaptchaExpirationInMinutes:             pulumi.Int(30),
    				CustomBlockResponseBody:                pulumi.String("PGh0bWw+CjxoZWFkZXI+PHRpdGxlPkhlbGxvPC90aXRsZT48L2hlYWRlcj4KPGJvZHk+CkhlbGxvIHdvcmxkCjwvYm9keT4KPC9odG1sPg=="),
    				CustomBlockResponseStatusCode:          pulumi.Int(429),
    				EnabledState:                           pulumi.String(frontdoor.PolicyEnabledStateEnabled),
    				JavascriptChallengeExpirationInMinutes: pulumi.Int(30),
    				Mode:                                   pulumi.String(frontdoor.PolicyModePrevention),
    				RedirectUrl:                            pulumi.String("http://www.bing.com"),
    				RequestBodyCheck:                       pulumi.String(frontdoor.PolicyRequestBodyCheckDisabled),
    				ScrubbingRules: frontdoor.WebApplicationFirewallScrubbingRulesArray{
    					&frontdoor.WebApplicationFirewallScrubbingRulesArgs{
    						MatchVariable:         pulumi.String(frontdoor.ScrubbingRuleEntryMatchVariableRequestIPAddress),
    						SelectorMatchOperator: pulumi.String(frontdoor.ScrubbingRuleEntryMatchOperatorEqualsAny),
    						State:                 pulumi.String(frontdoor.ScrubbingRuleEntryStateEnabled),
    					},
    				},
    				State: pulumi.String(frontdoor.WebApplicationFirewallScrubbingStateEnabled),
    			},
    			ResourceGroupName: pulumi.String("rg1"),
    			Sku: &frontdoor.SkuArgs{
    				Name: pulumi.String(frontdoor.SkuName_Premium_AzureFrontDoor),
    			},
    		})
    		if err != nil {
    			return err
    		}
    		return nil
    	})
    }
    
    pulumi {
      required_providers {
        azure-native = {
          source = "pulumi/azure-native"
        }
      }
    }
    
    resource "azure-native_frontdoor_policy" "policy" {
      custom_rules = {
        rules = [{
          "action" = "Block"
          "matchConditions" = [{
            "matchValue"    = ["192.168.1.0/24", "10.0.0.0/24"]
            "matchVariable" = "RemoteAddr"
            "operator"      = "IPMatch"
          }]
          "name"               = "Rule1"
          "priority"           = 1
          "rateLimitThreshold" = 1000
          "ruleType"           = "RateLimitRule"
          }, {
          "action" = "Block"
          "matchConditions" = [{
            "matchValue"    = ["CH"]
            "matchVariable" = "RemoteAddr"
            "operator"      = "GeoMatch"
            }, {
            "matchValue"    = ["windows"]
            "matchVariable" = "RequestHeader"
            "operator"      = "Contains"
            "selector"      = "UserAgent"
            "transforms"    = ["Lowercase"]
          }]
          "name"     = "Rule2"
          "priority" = 2
          "ruleType" = "MatchRule"
          }, {
          "action" = "CAPTCHA"
          "matchConditions" = [{
            "matchValue"    = ["AzureBackup", "AzureBotService"]
            "matchVariable" = "RemoteAddr"
            "operator"      = "ServiceTagMatch"
          }]
          "name"               = "Rule3"
          "priority"           = 1
          "rateLimitThreshold" = 1000
          "ruleType"           = "RateLimitRule"
        }]
      }
      location = "WestUs"
      managed_rules = {
        exceptions_list = {
          exceptions = [{
            "matchValues"   = ["Mozilla"]
            "matchVariable" = "RequestHeaderNames"
            "scopes" = [{
              "ruleSetType"    = "Microsoft_DefaultRuleSet"
              "ruleSetVersion" = "2.2"
              }, {
              "ruleSetType"    = "Microsoft_HTTPDDoSRuleSet"
              "ruleSetVersion" = "1.0"
            }]
            "selector"              = "User-Agent"
            "selectorMatchOperator" = "Equals"
            "valueMatchOperator"    = "Contains"
          }]
        }
        managed_rule_sets = [{
          "exclusions" = [{
            "matchVariable"         = "RequestHeaderNames"
            "selector"              = "User-Agent"
            "selectorMatchOperator" = "Equals"
          }]
          "ruleGroupOverrides" = [{
            "exclusions" = [{
              "matchVariable"         = "RequestCookieNames"
              "selector"              = "token"
              "selectorMatchOperator" = "StartsWith"
            }]
            "ruleGroupName" = "SQLI"
            "rules" = [{
              "action"       = "Redirect"
              "enabledState" = "Enabled"
              "exclusions" = [{
                "matchVariable"         = "QueryStringArgNames"
                "selector"              = "query"
                "selectorMatchOperator" = "Equals"
              }]
              "ruleId" = "942100"
              }, {
              "enabledState" = "Disabled"
              "ruleId"       = "942110"
            }]
          }]
          "ruleSetAction"  = "Block"
          "ruleSetType"    = "Microsoft_DefaultRuleSet"
          "ruleSetVersion" = "2.2"
          }, {
          "ruleGroupOverrides" = [{
            "ruleGroupName" = "ExcessiveRequests"
            "rules" = [{
              "action"       = "Block"
              "enabledState" = "Enabled"
              "ruleId"       = "500100"
              "sensitivity"  = "High"
            }]
          }]
          "ruleSetType"    = "Microsoft_HTTPDDoSRuleSet"
          "ruleSetVersion" = "1.0"
        }]
      }
      policy_name = "Policy1"
      policy_settings = {
        captcha_expiration_in_minutes              = 30
        custom_block_response_body                 = "PGh0bWw+CjxoZWFkZXI+PHRpdGxlPkhlbGxvPC90aXRsZT48L2hlYWRlcj4KPGJvZHk+CkhlbGxvIHdvcmxkCjwvYm9keT4KPC9odG1sPg=="
        custom_block_response_status_code          = 429
        enabled_state                              = "Enabled"
        javascript_challenge_expiration_in_minutes = 30
        mode                                       = "Prevention"
        redirect_url                               = "http://www.bing.com"
        request_body_check                         = "Disabled"
        scrubbing_rules = [{
          "matchVariable"         = "RequestIPAddress"
          "selectorMatchOperator" = "EqualsAny"
          "state"                 = "Enabled"
        }]
        state = "Enabled"
      }
      resource_group_name = "rg1"
      sku = {
        name = "Premium_AzureFrontDoor"
      }
    }
    
    package generated_program;
    
    import com.pulumi.Context;
    import com.pulumi.Pulumi;
    import com.pulumi.core.Output;
    import com.pulumi.azurenative.frontdoor.Policy;
    import com.pulumi.azurenative.frontdoor.PolicyArgs;
    import com.pulumi.azurenative.frontdoor.inputs.CustomRuleListArgs;
    import com.pulumi.azurenative.frontdoor.inputs.ManagedRuleSetListArgs;
    import com.pulumi.azurenative.frontdoor.inputs.ManagedRuleSetExceptionListArgs;
    import com.pulumi.azurenative.frontdoor.inputs.PolicySettingsArgs;
    import com.pulumi.azurenative.frontdoor.inputs.SkuArgs;
    import java.util.ArrayList;
    import java.util.Arrays;
    import java.util.Map;
    import java.io.File;
    import java.nio.file.Files;
    import java.nio.file.Paths;
    
    public class App {
        public static void main(String[] args) {
            Pulumi.run(App::stack);
        }
    
        public static void stack(Context ctx) {
            var policy = new Policy("policy", PolicyArgs.builder()
                .customRules(CustomRuleListArgs.builder()
                    .rules(                
                        CustomRuleArgs.builder()
                            .action("Block")
                            .matchConditions(MatchConditionArgs.builder()
                                .matchValue(                            
                                    "192.168.1.0/24",
                                    "10.0.0.0/24")
                                .matchVariable("RemoteAddr")
                                .operator("IPMatch")
                                .build())
                            .name("Rule1")
                            .priority(1)
                            .rateLimitThreshold(1000)
                            .ruleType("RateLimitRule")
                            .build(),
                        CustomRuleArgs.builder()
                            .action("Block")
                            .matchConditions(                        
                                MatchConditionArgs.builder()
                                    .matchValue("CH")
                                    .matchVariable("RemoteAddr")
                                    .operator("GeoMatch")
                                    .build(),
                                MatchConditionArgs.builder()
                                    .matchValue("windows")
                                    .matchVariable("RequestHeader")
                                    .operator("Contains")
                                    .selector("UserAgent")
                                    .transforms("Lowercase")
                                    .build())
                            .name("Rule2")
                            .priority(2)
                            .ruleType("MatchRule")
                            .build(),
                        CustomRuleArgs.builder()
                            .action("CAPTCHA")
                            .matchConditions(MatchConditionArgs.builder()
                                .matchValue(                            
                                    "AzureBackup",
                                    "AzureBotService")
                                .matchVariable("RemoteAddr")
                                .operator("ServiceTagMatch")
                                .build())
                            .name("Rule3")
                            .priority(1)
                            .rateLimitThreshold(1000)
                            .ruleType("RateLimitRule")
                            .build())
                    .build())
                .location("WestUs")
                .managedRules(ManagedRuleSetListArgs.builder()
                    .exceptionsList(ManagedRuleSetExceptionListArgs.builder()
                        .exceptions(ManagedRuleSetExceptionArgs.builder()
                            .matchValues("Mozilla")
                            .matchVariable("RequestHeaderNames")
                            .scopes(                        
                                ManagedRuleSetScopeArgs.builder()
                                    .ruleSetType("Microsoft_DefaultRuleSet")
                                    .ruleSetVersion("2.2")
                                    .build(),
                                ManagedRuleSetScopeArgs.builder()
                                    .ruleSetType("Microsoft_HTTPDDoSRuleSet")
                                    .ruleSetVersion("1.0")
                                    .build())
                            .selector("User-Agent")
                            .selectorMatchOperator("Equals")
                            .valueMatchOperator("Contains")
                            .build())
                        .build())
                    .managedRuleSets(                
                        ManagedRuleSetArgs.builder()
                            .exclusions(ManagedRuleExclusionArgs.builder()
                                .matchVariable("RequestHeaderNames")
                                .selector("User-Agent")
                                .selectorMatchOperator("Equals")
                                .build())
                            .ruleGroupOverrides(ManagedRuleGroupOverrideArgs.builder()
                                .exclusions(ManagedRuleExclusionArgs.builder()
                                    .matchVariable("RequestCookieNames")
                                    .selector("token")
                                    .selectorMatchOperator("StartsWith")
                                    .build())
                                .ruleGroupName("SQLI")
                                .rules(                            
                                    ManagedRuleOverrideArgs.builder()
                                        .action("Redirect")
                                        .enabledState("Enabled")
                                        .exclusions(ManagedRuleExclusionArgs.builder()
                                            .matchVariable("QueryStringArgNames")
                                            .selector("query")
                                            .selectorMatchOperator("Equals")
                                            .build())
                                        .ruleId("942100")
                                        .build(),
                                    ManagedRuleOverrideArgs.builder()
                                        .enabledState("Disabled")
                                        .ruleId("942110")
                                        .build())
                                .build())
                            .ruleSetAction("Block")
                            .ruleSetType("Microsoft_DefaultRuleSet")
                            .ruleSetVersion("2.2")
                            .build(),
                        ManagedRuleSetArgs.builder()
                            .ruleGroupOverrides(ManagedRuleGroupOverrideArgs.builder()
                                .ruleGroupName("ExcessiveRequests")
                                .rules(ManagedRuleOverrideArgs.builder()
                                    .action("Block")
                                    .enabledState("Enabled")
                                    .ruleId("500100")
                                    .sensitivity("High")
                                    .build())
                                .build())
                            .ruleSetType("Microsoft_HTTPDDoSRuleSet")
                            .ruleSetVersion("1.0")
                            .build())
                    .build())
                .policyName("Policy1")
                .policySettings(PolicySettingsArgs.builder()
                    .captchaExpirationInMinutes(30)
                    .customBlockResponseBody("PGh0bWw+CjxoZWFkZXI+PHRpdGxlPkhlbGxvPC90aXRsZT48L2hlYWRlcj4KPGJvZHk+CkhlbGxvIHdvcmxkCjwvYm9keT4KPC9odG1sPg==")
                    .customBlockResponseStatusCode(429)
                    .enabledState("Enabled")
                    .javascriptChallengeExpirationInMinutes(30)
                    .mode("Prevention")
                    .redirectUrl("http://www.bing.com")
                    .requestBodyCheck("Disabled")
                    .scrubbingRules(WebApplicationFirewallScrubbingRulesArgs.builder()
                        .matchVariable("RequestIPAddress")
                        .selectorMatchOperator("EqualsAny")
                        .state("Enabled")
                        .build())
                    .state("Enabled")
                    .build())
                .resourceGroupName("rg1")
                .sku(SkuArgs.builder()
                    .name("Premium_AzureFrontDoor")
                    .build())
                .build());
    
        }
    }
    
    import * as pulumi from "@pulumi/pulumi";
    import * as azure_native from "@pulumi/azure-native";
    
    const policy = new azure_native.frontdoor.Policy("policy", {
        customRules: {
            rules: [
                {
                    action: azure_native.frontdoor.ActionType.Block,
                    matchConditions: [{
                        matchValue: [
                            "192.168.1.0/24",
                            "10.0.0.0/24",
                        ],
                        matchVariable: azure_native.frontdoor.MatchVariable.RemoteAddr,
                        operator: azure_native.frontdoor.Operator.IPMatch,
                    }],
                    name: "Rule1",
                    priority: 1,
                    rateLimitThreshold: 1000,
                    ruleType: azure_native.frontdoor.RuleType.RateLimitRule,
                },
                {
                    action: azure_native.frontdoor.ActionType.Block,
                    matchConditions: [
                        {
                            matchValue: ["CH"],
                            matchVariable: azure_native.frontdoor.MatchVariable.RemoteAddr,
                            operator: azure_native.frontdoor.Operator.GeoMatch,
                        },
                        {
                            matchValue: ["windows"],
                            matchVariable: azure_native.frontdoor.MatchVariable.RequestHeader,
                            operator: azure_native.frontdoor.Operator.Contains,
                            selector: "UserAgent",
                            transforms: [azure_native.frontdoor.TransformType.Lowercase],
                        },
                    ],
                    name: "Rule2",
                    priority: 2,
                    ruleType: azure_native.frontdoor.RuleType.MatchRule,
                },
                {
                    action: azure_native.frontdoor.ActionType.CAPTCHA,
                    matchConditions: [{
                        matchValue: [
                            "AzureBackup",
                            "AzureBotService",
                        ],
                        matchVariable: azure_native.frontdoor.MatchVariable.RemoteAddr,
                        operator: azure_native.frontdoor.Operator.ServiceTagMatch,
                    }],
                    name: "Rule3",
                    priority: 1,
                    rateLimitThreshold: 1000,
                    ruleType: azure_native.frontdoor.RuleType.RateLimitRule,
                },
            ],
        },
        location: "WestUs",
        managedRules: {
            exceptionsList: {
                exceptions: [{
                    matchValues: ["Mozilla"],
                    matchVariable: azure_native.frontdoor.ExceptionMatchVariable.RequestHeaderNames,
                    scopes: [
                        {
                            ruleSetType: "Microsoft_DefaultRuleSet",
                            ruleSetVersion: "2.2",
                        },
                        {
                            ruleSetType: "Microsoft_HTTPDDoSRuleSet",
                            ruleSetVersion: "1.0",
                        },
                    ],
                    selector: "User-Agent",
                    selectorMatchOperator: azure_native.frontdoor.ExceptionSelectorMatchOperator.Equals,
                    valueMatchOperator: azure_native.frontdoor.ExceptionValueMatchOperator.Contains,
                }],
            },
            managedRuleSets: [
                {
                    exclusions: [{
                        matchVariable: azure_native.frontdoor.ManagedRuleExclusionMatchVariable.RequestHeaderNames,
                        selector: "User-Agent",
                        selectorMatchOperator: azure_native.frontdoor.ManagedRuleExclusionSelectorMatchOperator.Equals,
                    }],
                    ruleGroupOverrides: [{
                        exclusions: [{
                            matchVariable: azure_native.frontdoor.ManagedRuleExclusionMatchVariable.RequestCookieNames,
                            selector: "token",
                            selectorMatchOperator: azure_native.frontdoor.ManagedRuleExclusionSelectorMatchOperator.StartsWith,
                        }],
                        ruleGroupName: "SQLI",
                        rules: [
                            {
                                action: azure_native.frontdoor.ActionType.Redirect,
                                enabledState: azure_native.frontdoor.ManagedRuleEnabledState.Enabled,
                                exclusions: [{
                                    matchVariable: azure_native.frontdoor.ManagedRuleExclusionMatchVariable.QueryStringArgNames,
                                    selector: "query",
                                    selectorMatchOperator: azure_native.frontdoor.ManagedRuleExclusionSelectorMatchOperator.Equals,
                                }],
                                ruleId: "942100",
                            },
                            {
                                enabledState: azure_native.frontdoor.ManagedRuleEnabledState.Disabled,
                                ruleId: "942110",
                            },
                        ],
                    }],
                    ruleSetAction: azure_native.frontdoor.ManagedRuleSetActionType.Block,
                    ruleSetType: "Microsoft_DefaultRuleSet",
                    ruleSetVersion: "2.2",
                },
                {
                    ruleGroupOverrides: [{
                        ruleGroupName: "ExcessiveRequests",
                        rules: [{
                            action: azure_native.frontdoor.ActionType.Block,
                            enabledState: azure_native.frontdoor.ManagedRuleEnabledState.Enabled,
                            ruleId: "500100",
                            sensitivity: azure_native.frontdoor.SensitivityType.High,
                        }],
                    }],
                    ruleSetType: "Microsoft_HTTPDDoSRuleSet",
                    ruleSetVersion: "1.0",
                },
            ],
        },
        policyName: "Policy1",
        policySettings: {
            captchaExpirationInMinutes: 30,
            customBlockResponseBody: "PGh0bWw+CjxoZWFkZXI+PHRpdGxlPkhlbGxvPC90aXRsZT48L2hlYWRlcj4KPGJvZHk+CkhlbGxvIHdvcmxkCjwvYm9keT4KPC9odG1sPg==",
            customBlockResponseStatusCode: 429,
            enabledState: azure_native.frontdoor.PolicyEnabledState.Enabled,
            javascriptChallengeExpirationInMinutes: 30,
            mode: azure_native.frontdoor.PolicyMode.Prevention,
            redirectUrl: "http://www.bing.com",
            requestBodyCheck: azure_native.frontdoor.PolicyRequestBodyCheck.Disabled,
            scrubbingRules: [{
                matchVariable: azure_native.frontdoor.ScrubbingRuleEntryMatchVariable.RequestIPAddress,
                selectorMatchOperator: azure_native.frontdoor.ScrubbingRuleEntryMatchOperator.EqualsAny,
                state: azure_native.frontdoor.ScrubbingRuleEntryState.Enabled,
            }],
            state: azure_native.frontdoor.WebApplicationFirewallScrubbingState.Enabled,
        },
        resourceGroupName: "rg1",
        sku: {
            name: azure_native.frontdoor.SkuName.Premium_AzureFrontDoor,
        },
    });
    
    import pulumi
    import pulumi_azure_native as azure_native
    
    policy = azure_native.frontdoor.Policy("policy",
        custom_rules={
            "rules": [
                {
                    "action": azure_native.frontdoor.ActionType.BLOCK,
                    "match_conditions": [{
                        "match_value": [
                            "192.168.1.0/24",
                            "10.0.0.0/24",
                        ],
                        "match_variable": azure_native.frontdoor.MatchVariable.REMOTE_ADDR,
                        "operator": azure_native.frontdoor.Operator.IP_MATCH,
                    }],
                    "name": "Rule1",
                    "priority": 1,
                    "rate_limit_threshold": 1000,
                    "rule_type": azure_native.frontdoor.RuleType.RATE_LIMIT_RULE,
                },
                {
                    "action": azure_native.frontdoor.ActionType.BLOCK,
                    "match_conditions": [
                        {
                            "match_value": ["CH"],
                            "match_variable": azure_native.frontdoor.MatchVariable.REMOTE_ADDR,
                            "operator": azure_native.frontdoor.Operator.GEO_MATCH,
                        },
                        {
                            "match_value": ["windows"],
                            "match_variable": azure_native.frontdoor.MatchVariable.REQUEST_HEADER,
                            "operator": azure_native.frontdoor.Operator.CONTAINS,
                            "selector": "UserAgent",
                            "transforms": [azure_native.frontdoor.TransformType.LOWERCASE],
                        },
                    ],
                    "name": "Rule2",
                    "priority": 2,
                    "rule_type": azure_native.frontdoor.RuleType.MATCH_RULE,
                },
                {
                    "action": azure_native.frontdoor.ActionType.CAPTCHA,
                    "match_conditions": [{
                        "match_value": [
                            "AzureBackup",
                            "AzureBotService",
                        ],
                        "match_variable": azure_native.frontdoor.MatchVariable.REMOTE_ADDR,
                        "operator": azure_native.frontdoor.Operator.SERVICE_TAG_MATCH,
                    }],
                    "name": "Rule3",
                    "priority": 1,
                    "rate_limit_threshold": 1000,
                    "rule_type": azure_native.frontdoor.RuleType.RATE_LIMIT_RULE,
                },
            ],
        },
        location="WestUs",
        managed_rules={
            "exceptions_list": {
                "exceptions": [{
                    "match_values": ["Mozilla"],
                    "match_variable": azure_native.frontdoor.ExceptionMatchVariable.REQUEST_HEADER_NAMES,
                    "scopes": [
                        {
                            "rule_set_type": "Microsoft_DefaultRuleSet",
                            "rule_set_version": "2.2",
                        },
                        {
                            "rule_set_type": "Microsoft_HTTPDDoSRuleSet",
                            "rule_set_version": "1.0",
                        },
                    ],
                    "selector": "User-Agent",
                    "selector_match_operator": azure_native.frontdoor.ExceptionSelectorMatchOperator.EQUALS,
                    "value_match_operator": azure_native.frontdoor.ExceptionValueMatchOperator.CONTAINS,
                }],
            },
            "managed_rule_sets": [
                {
                    "exclusions": [{
                        "match_variable": azure_native.frontdoor.ManagedRuleExclusionMatchVariable.REQUEST_HEADER_NAMES,
                        "selector": "User-Agent",
                        "selector_match_operator": azure_native.frontdoor.ManagedRuleExclusionSelectorMatchOperator.EQUALS,
                    }],
                    "rule_group_overrides": [{
                        "exclusions": [{
                            "match_variable": azure_native.frontdoor.ManagedRuleExclusionMatchVariable.REQUEST_COOKIE_NAMES,
                            "selector": "token",
                            "selector_match_operator": azure_native.frontdoor.ManagedRuleExclusionSelectorMatchOperator.STARTS_WITH,
                        }],
                        "rule_group_name": "SQLI",
                        "rules": [
                            {
                                "action": azure_native.frontdoor.ActionType.REDIRECT,
                                "enabled_state": azure_native.frontdoor.ManagedRuleEnabledState.ENABLED,
                                "exclusions": [{
                                    "match_variable": azure_native.frontdoor.ManagedRuleExclusionMatchVariable.QUERY_STRING_ARG_NAMES,
                                    "selector": "query",
                                    "selector_match_operator": azure_native.frontdoor.ManagedRuleExclusionSelectorMatchOperator.EQUALS,
                                }],
                                "rule_id": "942100",
                            },
                            {
                                "enabled_state": azure_native.frontdoor.ManagedRuleEnabledState.DISABLED,
                                "rule_id": "942110",
                            },
                        ],
                    }],
                    "rule_set_action": azure_native.frontdoor.ManagedRuleSetActionType.BLOCK,
                    "rule_set_type": "Microsoft_DefaultRuleSet",
                    "rule_set_version": "2.2",
                },
                {
                    "rule_group_overrides": [{
                        "rule_group_name": "ExcessiveRequests",
                        "rules": [{
                            "action": azure_native.frontdoor.ActionType.BLOCK,
                            "enabled_state": azure_native.frontdoor.ManagedRuleEnabledState.ENABLED,
                            "rule_id": "500100",
                            "sensitivity": azure_native.frontdoor.SensitivityType.HIGH,
                        }],
                    }],
                    "rule_set_type": "Microsoft_HTTPDDoSRuleSet",
                    "rule_set_version": "1.0",
                },
            ],
        },
        policy_name="Policy1",
        policy_settings={
            "captcha_expiration_in_minutes": 30,
            "custom_block_response_body": "PGh0bWw+CjxoZWFkZXI+PHRpdGxlPkhlbGxvPC90aXRsZT48L2hlYWRlcj4KPGJvZHk+CkhlbGxvIHdvcmxkCjwvYm9keT4KPC9odG1sPg==",
            "custom_block_response_status_code": 429,
            "enabled_state": azure_native.frontdoor.PolicyEnabledState.ENABLED,
            "javascript_challenge_expiration_in_minutes": 30,
            "mode": azure_native.frontdoor.PolicyMode.PREVENTION,
            "redirect_url": "http://www.bing.com",
            "request_body_check": azure_native.frontdoor.PolicyRequestBodyCheck.DISABLED,
            "scrubbing_rules": [{
                "match_variable": azure_native.frontdoor.ScrubbingRuleEntryMatchVariable.REQUEST_IP_ADDRESS,
                "selector_match_operator": azure_native.frontdoor.ScrubbingRuleEntryMatchOperator.EQUALS_ANY,
                "state": azure_native.frontdoor.ScrubbingRuleEntryState.ENABLED,
            }],
            "state": azure_native.frontdoor.WebApplicationFirewallScrubbingState.ENABLED,
        },
        resource_group_name="rg1",
        sku={
            "name": azure_native.frontdoor.SkuName.PREMIUM_AZURE_FRONT_DOOR,
        })
    
    resources:
      policy:
        type: azure-native:frontdoor:Policy
        properties:
          customRules:
            rules:
              - action: Block
                matchConditions:
                  - matchValue:
                      - 192.168.1.0/24
                      - 10.0.0.0/24
                    matchVariable: RemoteAddr
                    operator: IPMatch
                name: Rule1
                priority: 1
                rateLimitThreshold: 1000
                ruleType: RateLimitRule
              - action: Block
                matchConditions:
                  - matchValue:
                      - CH
                    matchVariable: RemoteAddr
                    operator: GeoMatch
                  - matchValue:
                      - windows
                    matchVariable: RequestHeader
                    operator: Contains
                    selector: UserAgent
                    transforms:
                      - Lowercase
                name: Rule2
                priority: 2
                ruleType: MatchRule
              - action: CAPTCHA
                matchConditions:
                  - matchValue:
                      - AzureBackup
                      - AzureBotService
                    matchVariable: RemoteAddr
                    operator: ServiceTagMatch
                name: Rule3
                priority: 1
                rateLimitThreshold: 1000
                ruleType: RateLimitRule
          location: WestUs
          managedRules:
            exceptionsList:
              exceptions:
                - matchValues:
                    - Mozilla
                  matchVariable: RequestHeaderNames
                  scopes:
                    - ruleSetType: Microsoft_DefaultRuleSet
                      ruleSetVersion: '2.2'
                    - ruleSetType: Microsoft_HTTPDDoSRuleSet
                      ruleSetVersion: '1.0'
                  selector: User-Agent
                  selectorMatchOperator: Equals
                  valueMatchOperator: Contains
            managedRuleSets:
              - exclusions:
                  - matchVariable: RequestHeaderNames
                    selector: User-Agent
                    selectorMatchOperator: Equals
                ruleGroupOverrides:
                  - exclusions:
                      - matchVariable: RequestCookieNames
                        selector: token
                        selectorMatchOperator: StartsWith
                    ruleGroupName: SQLI
                    rules:
                      - action: Redirect
                        enabledState: Enabled
                        exclusions:
                          - matchVariable: QueryStringArgNames
                            selector: query
                            selectorMatchOperator: Equals
                        ruleId: '942100'
                      - enabledState: Disabled
                        ruleId: '942110'
                ruleSetAction: Block
                ruleSetType: Microsoft_DefaultRuleSet
                ruleSetVersion: '2.2'
              - ruleGroupOverrides:
                  - ruleGroupName: ExcessiveRequests
                    rules:
                      - action: Block
                        enabledState: Enabled
                        ruleId: '500100'
                        sensitivity: High
                ruleSetType: Microsoft_HTTPDDoSRuleSet
                ruleSetVersion: '1.0'
          policyName: Policy1
          policySettings:
            captchaExpirationInMinutes: 30
            customBlockResponseBody: PGh0bWw+CjxoZWFkZXI+PHRpdGxlPkhlbGxvPC90aXRsZT48L2hlYWRlcj4KPGJvZHk+CkhlbGxvIHdvcmxkCjwvYm9keT4KPC9odG1sPg==
            customBlockResponseStatusCode: 429
            enabledState: Enabled
            javascriptChallengeExpirationInMinutes: 30
            mode: Prevention
            redirectUrl: http://www.bing.com
            requestBodyCheck: Disabled
            scrubbingRules:
              - matchVariable: RequestIPAddress
                selectorMatchOperator: EqualsAny
                state: Enabled
            state: Enabled
          resourceGroupName: rg1
          sku:
            name: Premium_AzureFrontDoor
    

    Create Policy Resource

    Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.

    Constructor syntax

    new Policy(name: string, args: PolicyArgs, opts?: CustomResourceOptions);
    @overload
    def Policy(resource_name: str,
               args: PolicyArgs,
               opts: Optional[ResourceOptions] = None)
    
    @overload
    def Policy(resource_name: str,
               opts: Optional[ResourceOptions] = None,
               resource_group_name: Optional[str] = None,
               custom_rules: Optional[CustomRuleListArgs] = None,
               location: Optional[str] = None,
               managed_rules: Optional[ManagedRuleSetListArgs] = None,
               policy_name: Optional[str] = None,
               policy_settings: Optional[PolicySettingsArgs] = None,
               sku: Optional[SkuArgs] = None,
               tags: Optional[Mapping[str, str]] = None)
    func NewPolicy(ctx *Context, name string, args PolicyArgs, opts ...ResourceOption) (*Policy, error)
    public Policy(string name, PolicyArgs args, CustomResourceOptions? opts = null)
    public Policy(String name, PolicyArgs args)
    public Policy(String name, PolicyArgs args, CustomResourceOptions options)
    
    type: azure-native:frontdoor:Policy
    properties: # The arguments to resource properties.
    options: # Bag of options to control resource's behavior.
    
    
    resource "azure-native_frontdoor_policy" "name" {
        # resource properties
    }

    Parameters

    name string
    The unique name of the resource.
    args PolicyArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    resource_name str
    The unique name of the resource.
    args PolicyArgs
    The arguments to resource properties.
    opts ResourceOptions
    Bag of options to control resource's behavior.
    ctx Context
    Context object for the current deployment.
    name string
    The unique name of the resource.
    args PolicyArgs
    The arguments to resource properties.
    opts ResourceOption
    Bag of options to control resource's behavior.
    name string
    The unique name of the resource.
    args PolicyArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    name String
    The unique name of the resource.
    args PolicyArgs
    The arguments to resource properties.
    options CustomResourceOptions
    Bag of options to control resource's behavior.

    Constructor example

    The following reference example uses placeholder values for all input properties.

    var examplepolicyResourceResourceFromFrontdoor = new AzureNative.FrontDoor.Policy("examplepolicyResourceResourceFromFrontdoor", new()
    {
        ResourceGroupName = "string",
        CustomRules = new AzureNative.FrontDoor.Inputs.CustomRuleListArgs
        {
            Rules = new[]
            {
                new AzureNative.FrontDoor.Inputs.CustomRuleArgs
                {
                    Action = "string",
                    MatchConditions = new[]
                    {
                        new AzureNative.FrontDoor.Inputs.MatchConditionArgs
                        {
                            MatchValue = new[]
                            {
                                "string",
                            },
                            MatchVariable = "string",
                            Operator = "string",
                            NegateCondition = false,
                            Selector = "string",
                            Transforms = new[]
                            {
                                "string",
                            },
                        },
                    },
                    Priority = 0,
                    RuleType = "string",
                    EnabledState = "string",
                    GroupBy = new[]
                    {
                        new AzureNative.FrontDoor.Inputs.GroupByVariableArgs
                        {
                            VariableName = "string",
                        },
                    },
                    Name = "string",
                    RateLimitDurationInMinutes = 0,
                    RateLimitThreshold = 0,
                },
            },
        },
        Location = "string",
        ManagedRules = new AzureNative.FrontDoor.Inputs.ManagedRuleSetListArgs
        {
            ExceptionsList = new AzureNative.FrontDoor.Inputs.ManagedRuleSetExceptionListArgs
            {
                Exceptions = new[]
                {
                    new AzureNative.FrontDoor.Inputs.ManagedRuleSetExceptionArgs
                    {
                        MatchValues = new[]
                        {
                            "string",
                        },
                        MatchVariable = "string",
                        Scopes = new[]
                        {
                            new AzureNative.FrontDoor.Inputs.ManagedRuleSetScopeArgs
                            {
                                RuleSetType = "string",
                                RuleSetVersion = "string",
                                RuleGroupScopes = new[]
                                {
                                    new AzureNative.FrontDoor.Inputs.RuleGroupScopeArgs
                                    {
                                        RuleGroupName = "string",
                                        RuleScopes = new[]
                                        {
                                            new AzureNative.FrontDoor.Inputs.RuleScopeArgs
                                            {
                                                RuleId = "string",
                                            },
                                        },
                                    },
                                },
                            },
                        },
                        ValueMatchOperator = "string",
                        Selector = "string",
                        SelectorMatchOperator = "string",
                    },
                },
            },
            ManagedRuleSets = new[]
            {
                new AzureNative.FrontDoor.Inputs.ManagedRuleSetArgs
                {
                    RuleSetType = "string",
                    RuleSetVersion = "string",
                    Exclusions = new[]
                    {
                        new AzureNative.FrontDoor.Inputs.ManagedRuleExclusionArgs
                        {
                            MatchVariable = "string",
                            Selector = "string",
                            SelectorMatchOperator = "string",
                        },
                    },
                    RuleGroupOverrides = new[]
                    {
                        new AzureNative.FrontDoor.Inputs.ManagedRuleGroupOverrideArgs
                        {
                            RuleGroupName = "string",
                            Exclusions = new[]
                            {
                                new AzureNative.FrontDoor.Inputs.ManagedRuleExclusionArgs
                                {
                                    MatchVariable = "string",
                                    Selector = "string",
                                    SelectorMatchOperator = "string",
                                },
                            },
                            Rules = new[]
                            {
                                new AzureNative.FrontDoor.Inputs.ManagedRuleOverrideArgs
                                {
                                    RuleId = "string",
                                    Action = "string",
                                    EnabledState = "string",
                                    Exclusions = new[]
                                    {
                                        new AzureNative.FrontDoor.Inputs.ManagedRuleExclusionArgs
                                        {
                                            MatchVariable = "string",
                                            Selector = "string",
                                            SelectorMatchOperator = "string",
                                        },
                                    },
                                    Sensitivity = "string",
                                },
                            },
                        },
                    },
                    RuleSetAction = "string",
                },
            },
        },
        PolicyName = "string",
        PolicySettings = new AzureNative.FrontDoor.Inputs.PolicySettingsArgs
        {
            CaptchaExpirationInMinutes = 0,
            CustomBlockResponseBody = "string",
            CustomBlockResponseStatusCode = 0,
            EnabledState = "string",
            JavascriptChallengeExpirationInMinutes = 0,
            Mode = "string",
            RedirectUrl = "string",
            RequestBodyCheck = "string",
            ScrubbingRules = new[]
            {
                new AzureNative.FrontDoor.Inputs.WebApplicationFirewallScrubbingRulesArgs
                {
                    MatchVariable = "string",
                    SelectorMatchOperator = "string",
                    Selector = "string",
                    State = "string",
                },
            },
            State = "string",
        },
        Sku = new AzureNative.FrontDoor.Inputs.SkuArgs
        {
            Name = "string",
        },
        Tags = 
        {
            { "string", "string" },
        },
    });
    
    example, err := frontdoor.NewPolicy(ctx, "examplepolicyResourceResourceFromFrontdoor", &frontdoor.PolicyArgs{
    	ResourceGroupName: pulumi.String("string"),
    	CustomRules: &frontdoor.CustomRuleListArgs{
    		Rules: frontdoor.CustomRuleArray{
    			&frontdoor.CustomRuleArgs{
    				Action: pulumi.String("string"),
    				MatchConditions: frontdoor.MatchConditionArray{
    					&frontdoor.MatchConditionArgs{
    						MatchValue: pulumi.StringArray{
    							pulumi.String("string"),
    						},
    						MatchVariable:   pulumi.String("string"),
    						Operator:        pulumi.String("string"),
    						NegateCondition: pulumi.Bool(false),
    						Selector:        pulumi.String("string"),
    						Transforms: pulumi.StringArray{
    							pulumi.String("string"),
    						},
    					},
    				},
    				Priority:     pulumi.Int(0),
    				RuleType:     pulumi.String("string"),
    				EnabledState: pulumi.String("string"),
    				GroupBy: frontdoor.GroupByVariableArray{
    					&frontdoor.GroupByVariableArgs{
    						VariableName: pulumi.String("string"),
    					},
    				},
    				Name:                       pulumi.String("string"),
    				RateLimitDurationInMinutes: pulumi.Int(0),
    				RateLimitThreshold:         pulumi.Int(0),
    			},
    		},
    	},
    	Location: pulumi.String("string"),
    	ManagedRules: &frontdoor.ManagedRuleSetListArgs{
    		ExceptionsList: &frontdoor.ManagedRuleSetExceptionListArgs{
    			Exceptions: frontdoor.ManagedRuleSetExceptionArray{
    				&frontdoor.ManagedRuleSetExceptionArgs{
    					MatchValues: pulumi.StringArray{
    						pulumi.String("string"),
    					},
    					MatchVariable: pulumi.String("string"),
    					Scopes: frontdoor.ManagedRuleSetScopeArray{
    						&frontdoor.ManagedRuleSetScopeArgs{
    							RuleSetType:    pulumi.String("string"),
    							RuleSetVersion: pulumi.String("string"),
    							RuleGroupScopes: frontdoor.RuleGroupScopeArray{
    								&frontdoor.RuleGroupScopeArgs{
    									RuleGroupName: pulumi.String("string"),
    									RuleScopes: frontdoor.RuleScopeArray{
    										&frontdoor.RuleScopeArgs{
    											RuleId: pulumi.String("string"),
    										},
    									},
    								},
    							},
    						},
    					},
    					ValueMatchOperator:    pulumi.String("string"),
    					Selector:              pulumi.String("string"),
    					SelectorMatchOperator: pulumi.String("string"),
    				},
    			},
    		},
    		ManagedRuleSets: frontdoor.ManagedRuleSetArray{
    			&frontdoor.ManagedRuleSetArgs{
    				RuleSetType:    pulumi.String("string"),
    				RuleSetVersion: pulumi.String("string"),
    				Exclusions: frontdoor.ManagedRuleExclusionArray{
    					&frontdoor.ManagedRuleExclusionArgs{
    						MatchVariable:         pulumi.String("string"),
    						Selector:              pulumi.String("string"),
    						SelectorMatchOperator: pulumi.String("string"),
    					},
    				},
    				RuleGroupOverrides: frontdoor.ManagedRuleGroupOverrideArray{
    					&frontdoor.ManagedRuleGroupOverrideArgs{
    						RuleGroupName: pulumi.String("string"),
    						Exclusions: frontdoor.ManagedRuleExclusionArray{
    							&frontdoor.ManagedRuleExclusionArgs{
    								MatchVariable:         pulumi.String("string"),
    								Selector:              pulumi.String("string"),
    								SelectorMatchOperator: pulumi.String("string"),
    							},
    						},
    						Rules: frontdoor.ManagedRuleOverrideArray{
    							&frontdoor.ManagedRuleOverrideArgs{
    								RuleId:       pulumi.String("string"),
    								Action:       pulumi.String("string"),
    								EnabledState: pulumi.String("string"),
    								Exclusions: frontdoor.ManagedRuleExclusionArray{
    									&frontdoor.ManagedRuleExclusionArgs{
    										MatchVariable:         pulumi.String("string"),
    										Selector:              pulumi.String("string"),
    										SelectorMatchOperator: pulumi.String("string"),
    									},
    								},
    								Sensitivity: pulumi.String("string"),
    							},
    						},
    					},
    				},
    				RuleSetAction: pulumi.String("string"),
    			},
    		},
    	},
    	PolicyName: pulumi.String("string"),
    	PolicySettings: &frontdoor.PolicySettingsArgs{
    		CaptchaExpirationInMinutes:             pulumi.Int(0),
    		CustomBlockResponseBody:                pulumi.String("string"),
    		CustomBlockResponseStatusCode:          pulumi.Int(0),
    		EnabledState:                           pulumi.String("string"),
    		JavascriptChallengeExpirationInMinutes: pulumi.Int(0),
    		Mode:                                   pulumi.String("string"),
    		RedirectUrl:                            pulumi.String("string"),
    		RequestBodyCheck:                       pulumi.String("string"),
    		ScrubbingRules: frontdoor.WebApplicationFirewallScrubbingRulesArray{
    			&frontdoor.WebApplicationFirewallScrubbingRulesArgs{
    				MatchVariable:         pulumi.String("string"),
    				SelectorMatchOperator: pulumi.String("string"),
    				Selector:              pulumi.String("string"),
    				State:                 pulumi.String("string"),
    			},
    		},
    		State: pulumi.String("string"),
    	},
    	Sku: &frontdoor.SkuArgs{
    		Name: pulumi.String("string"),
    	},
    	Tags: pulumi.StringMap{
    		"string": pulumi.String("string"),
    	},
    })
    
    resource "azure-native_frontdoor_policy" "examplepolicyResourceResourceFromFrontdoor" {
      resource_group_name = "string"
      custom_rules = {
        rules = [{
          "action" = "string"
          "matchConditions" = [{
            "matchValue"      = ["string"]
            "matchVariable"   = "string"
            "operator"        = "string"
            "negateCondition" = false
            "selector"        = "string"
            "transforms"      = ["string"]
          }]
          "priority"     = 0
          "ruleType"     = "string"
          "enabledState" = "string"
          "groupBy" = [{
            "variableName" = "string"
          }]
          "name"                       = "string"
          "rateLimitDurationInMinutes" = 0
          "rateLimitThreshold"         = 0
        }]
      }
      location = "string"
      managed_rules = {
        exceptions_list = {
          exceptions = [{
            "matchValues"   = ["string"]
            "matchVariable" = "string"
            "scopes" = [{
              "ruleSetType"    = "string"
              "ruleSetVersion" = "string"
              "ruleGroupScopes" = [{
                "ruleGroupName" = "string"
                "ruleScopes" = [{
                  "ruleId" = "string"
                }]
              }]
            }]
            "valueMatchOperator"    = "string"
            "selector"              = "string"
            "selectorMatchOperator" = "string"
          }]
        }
        managed_rule_sets = [{
          "ruleSetType"    = "string"
          "ruleSetVersion" = "string"
          "exclusions" = [{
            "matchVariable"         = "string"
            "selector"              = "string"
            "selectorMatchOperator" = "string"
          }]
          "ruleGroupOverrides" = [{
            "ruleGroupName" = "string"
            "exclusions" = [{
              "matchVariable"         = "string"
              "selector"              = "string"
              "selectorMatchOperator" = "string"
            }]
            "rules" = [{
              "ruleId"       = "string"
              "action"       = "string"
              "enabledState" = "string"
              "exclusions" = [{
                "matchVariable"         = "string"
                "selector"              = "string"
                "selectorMatchOperator" = "string"
              }]
              "sensitivity" = "string"
            }]
          }]
          "ruleSetAction" = "string"
        }]
      }
      policy_name = "string"
      policy_settings = {
        captcha_expiration_in_minutes              = 0
        custom_block_response_body                 = "string"
        custom_block_response_status_code          = 0
        enabled_state                              = "string"
        javascript_challenge_expiration_in_minutes = 0
        mode                                       = "string"
        redirect_url                               = "string"
        request_body_check                         = "string"
        scrubbing_rules = [{
          "matchVariable"         = "string"
          "selectorMatchOperator" = "string"
          "selector"              = "string"
          "state"                 = "string"
        }]
        state = "string"
      }
      sku = {
        name = "string"
      }
      tags = {
        "string" = "string"
      }
    }
    
    var examplepolicyResourceResourceFromFrontdoor = new com.pulumi.azurenative.frontdoor.Policy("examplepolicyResourceResourceFromFrontdoor", com.pulumi.azurenative.frontdoor.PolicyArgs.builder()
        .resourceGroupName("string")
        .customRules(com.pulumi.azurenative.frontdoor.inputs.CustomRuleListArgs.builder()
            .rules(com.pulumi.azurenative.frontdoor.inputs.CustomRuleArgs.builder()
                .action("string")
                .matchConditions(com.pulumi.azurenative.frontdoor.inputs.MatchConditionArgs.builder()
                    .matchValue("string")
                    .matchVariable("string")
                    .operator("string")
                    .negateCondition(false)
                    .selector("string")
                    .transforms("string")
                    .build())
                .priority(0)
                .ruleType("string")
                .enabledState("string")
                .groupBy(com.pulumi.azurenative.frontdoor.inputs.GroupByVariableArgs.builder()
                    .variableName("string")
                    .build())
                .name("string")
                .rateLimitDurationInMinutes(0)
                .rateLimitThreshold(0)
                .build())
            .build())
        .location("string")
        .managedRules(com.pulumi.azurenative.frontdoor.inputs.ManagedRuleSetListArgs.builder()
            .exceptionsList(ManagedRuleSetExceptionListArgs.builder()
                .exceptions(ManagedRuleSetExceptionArgs.builder()
                    .matchValues("string")
                    .matchVariable("string")
                    .scopes(ManagedRuleSetScopeArgs.builder()
                        .ruleSetType("string")
                        .ruleSetVersion("string")
                        .ruleGroupScopes(RuleGroupScopeArgs.builder()
                            .ruleGroupName("string")
                            .ruleScopes(RuleScopeArgs.builder()
                                .ruleId("string")
                                .build())
                            .build())
                        .build())
                    .valueMatchOperator("string")
                    .selector("string")
                    .selectorMatchOperator("string")
                    .build())
                .build())
            .managedRuleSets(com.pulumi.azurenative.frontdoor.inputs.ManagedRuleSetArgs.builder()
                .ruleSetType("string")
                .ruleSetVersion("string")
                .exclusions(ManagedRuleExclusionArgs.builder()
                    .matchVariable("string")
                    .selector("string")
                    .selectorMatchOperator("string")
                    .build())
                .ruleGroupOverrides(com.pulumi.azurenative.frontdoor.inputs.ManagedRuleGroupOverrideArgs.builder()
                    .ruleGroupName("string")
                    .exclusions(ManagedRuleExclusionArgs.builder()
                        .matchVariable("string")
                        .selector("string")
                        .selectorMatchOperator("string")
                        .build())
                    .rules(com.pulumi.azurenative.frontdoor.inputs.ManagedRuleOverrideArgs.builder()
                        .ruleId("string")
                        .action("string")
                        .enabledState("string")
                        .exclusions(ManagedRuleExclusionArgs.builder()
                            .matchVariable("string")
                            .selector("string")
                            .selectorMatchOperator("string")
                            .build())
                        .sensitivity("string")
                        .build())
                    .build())
                .ruleSetAction("string")
                .build())
            .build())
        .policyName("string")
        .policySettings(com.pulumi.azurenative.frontdoor.inputs.PolicySettingsArgs.builder()
            .captchaExpirationInMinutes(0)
            .customBlockResponseBody("string")
            .customBlockResponseStatusCode(0)
            .enabledState("string")
            .javascriptChallengeExpirationInMinutes(0)
            .mode("string")
            .redirectUrl("string")
            .requestBodyCheck("string")
            .scrubbingRules(com.pulumi.azurenative.frontdoor.inputs.WebApplicationFirewallScrubbingRulesArgs.builder()
                .matchVariable("string")
                .selectorMatchOperator("string")
                .selector("string")
                .state("string")
                .build())
            .state("string")
            .build())
        .sku(com.pulumi.azurenative.frontdoor.inputs.SkuArgs.builder()
            .name("string")
            .build())
        .tags(Map.of("string", "string"))
        .build());
    
    examplepolicy_resource_resource_from_frontdoor = azure_native.frontdoor.Policy("examplepolicyResourceResourceFromFrontdoor",
        resource_group_name="string",
        custom_rules={
            "rules": [{
                "action": "string",
                "match_conditions": [{
                    "match_value": ["string"],
                    "match_variable": "string",
                    "operator": "string",
                    "negate_condition": False,
                    "selector": "string",
                    "transforms": ["string"],
                }],
                "priority": 0,
                "rule_type": "string",
                "enabled_state": "string",
                "group_by": [{
                    "variable_name": "string",
                }],
                "name": "string",
                "rate_limit_duration_in_minutes": 0,
                "rate_limit_threshold": 0,
            }],
        },
        location="string",
        managed_rules={
            "exceptions_list": {
                "exceptions": [{
                    "match_values": ["string"],
                    "match_variable": "string",
                    "scopes": [{
                        "rule_set_type": "string",
                        "rule_set_version": "string",
                        "rule_group_scopes": [{
                            "rule_group_name": "string",
                            "rule_scopes": [{
                                "rule_id": "string",
                            }],
                        }],
                    }],
                    "value_match_operator": "string",
                    "selector": "string",
                    "selector_match_operator": "string",
                }],
            },
            "managed_rule_sets": [{
                "rule_set_type": "string",
                "rule_set_version": "string",
                "exclusions": [{
                    "match_variable": "string",
                    "selector": "string",
                    "selector_match_operator": "string",
                }],
                "rule_group_overrides": [{
                    "rule_group_name": "string",
                    "exclusions": [{
                        "match_variable": "string",
                        "selector": "string",
                        "selector_match_operator": "string",
                    }],
                    "rules": [{
                        "rule_id": "string",
                        "action": "string",
                        "enabled_state": "string",
                        "exclusions": [{
                            "match_variable": "string",
                            "selector": "string",
                            "selector_match_operator": "string",
                        }],
                        "sensitivity": "string",
                    }],
                }],
                "rule_set_action": "string",
            }],
        },
        policy_name="string",
        policy_settings={
            "captcha_expiration_in_minutes": 0,
            "custom_block_response_body": "string",
            "custom_block_response_status_code": 0,
            "enabled_state": "string",
            "javascript_challenge_expiration_in_minutes": 0,
            "mode": "string",
            "redirect_url": "string",
            "request_body_check": "string",
            "scrubbing_rules": [{
                "match_variable": "string",
                "selector_match_operator": "string",
                "selector": "string",
                "state": "string",
            }],
            "state": "string",
        },
        sku={
            "name": "string",
        },
        tags={
            "string": "string",
        })
    
    const examplepolicyResourceResourceFromFrontdoor = new azure_native.frontdoor.Policy("examplepolicyResourceResourceFromFrontdoor", {
        resourceGroupName: "string",
        customRules: {
            rules: [{
                action: "string",
                matchConditions: [{
                    matchValue: ["string"],
                    matchVariable: "string",
                    operator: "string",
                    negateCondition: false,
                    selector: "string",
                    transforms: ["string"],
                }],
                priority: 0,
                ruleType: "string",
                enabledState: "string",
                groupBy: [{
                    variableName: "string",
                }],
                name: "string",
                rateLimitDurationInMinutes: 0,
                rateLimitThreshold: 0,
            }],
        },
        location: "string",
        managedRules: {
            exceptionsList: {
                exceptions: [{
                    matchValues: ["string"],
                    matchVariable: "string",
                    scopes: [{
                        ruleSetType: "string",
                        ruleSetVersion: "string",
                        ruleGroupScopes: [{
                            ruleGroupName: "string",
                            ruleScopes: [{
                                ruleId: "string",
                            }],
                        }],
                    }],
                    valueMatchOperator: "string",
                    selector: "string",
                    selectorMatchOperator: "string",
                }],
            },
            managedRuleSets: [{
                ruleSetType: "string",
                ruleSetVersion: "string",
                exclusions: [{
                    matchVariable: "string",
                    selector: "string",
                    selectorMatchOperator: "string",
                }],
                ruleGroupOverrides: [{
                    ruleGroupName: "string",
                    exclusions: [{
                        matchVariable: "string",
                        selector: "string",
                        selectorMatchOperator: "string",
                    }],
                    rules: [{
                        ruleId: "string",
                        action: "string",
                        enabledState: "string",
                        exclusions: [{
                            matchVariable: "string",
                            selector: "string",
                            selectorMatchOperator: "string",
                        }],
                        sensitivity: "string",
                    }],
                }],
                ruleSetAction: "string",
            }],
        },
        policyName: "string",
        policySettings: {
            captchaExpirationInMinutes: 0,
            customBlockResponseBody: "string",
            customBlockResponseStatusCode: 0,
            enabledState: "string",
            javascriptChallengeExpirationInMinutes: 0,
            mode: "string",
            redirectUrl: "string",
            requestBodyCheck: "string",
            scrubbingRules: [{
                matchVariable: "string",
                selectorMatchOperator: "string",
                selector: "string",
                state: "string",
            }],
            state: "string",
        },
        sku: {
            name: "string",
        },
        tags: {
            string: "string",
        },
    });
    
    type: azure-native:frontdoor:Policy
    properties:
        customRules:
            rules:
                - action: string
                  enabledState: string
                  groupBy:
                    - variableName: string
                  matchConditions:
                    - matchValue:
                        - string
                      matchVariable: string
                      negateCondition: false
                      operator: string
                      selector: string
                      transforms:
                        - string
                  name: string
                  priority: 0
                  rateLimitDurationInMinutes: 0
                  rateLimitThreshold: 0
                  ruleType: string
        location: string
        managedRules:
            exceptionsList:
                exceptions:
                    - matchValues:
                        - string
                      matchVariable: string
                      scopes:
                        - ruleGroupScopes:
                            - ruleGroupName: string
                              ruleScopes:
                                - ruleId: string
                          ruleSetType: string
                          ruleSetVersion: string
                      selector: string
                      selectorMatchOperator: string
                      valueMatchOperator: string
            managedRuleSets:
                - exclusions:
                    - matchVariable: string
                      selector: string
                      selectorMatchOperator: string
                  ruleGroupOverrides:
                    - exclusions:
                        - matchVariable: string
                          selector: string
                          selectorMatchOperator: string
                      ruleGroupName: string
                      rules:
                        - action: string
                          enabledState: string
                          exclusions:
                            - matchVariable: string
                              selector: string
                              selectorMatchOperator: string
                          ruleId: string
                          sensitivity: string
                  ruleSetAction: string
                  ruleSetType: string
                  ruleSetVersion: string
        policyName: string
        policySettings:
            captchaExpirationInMinutes: 0
            customBlockResponseBody: string
            customBlockResponseStatusCode: 0
            enabledState: string
            javascriptChallengeExpirationInMinutes: 0
            mode: string
            redirectUrl: string
            requestBodyCheck: string
            scrubbingRules:
                - matchVariable: string
                  selector: string
                  selectorMatchOperator: string
                  state: string
            state: string
        resourceGroupName: string
        sku:
            name: string
        tags:
            string: string
    

    Policy Resource Properties

    To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

    Inputs

    In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.

    The Policy resource accepts the following input properties:

    ResourceGroupName string
    The name of the resource group. The name is case insensitive.
    CustomRules Pulumi.AzureNative.FrontDoor.Inputs.CustomRuleList
    Describes custom rules inside the policy.
    Location string
    Resource location.
    ManagedRules Pulumi.AzureNative.FrontDoor.Inputs.ManagedRuleSetList
    Describes managed rules inside the policy.
    PolicyName string
    The name of the Web Application Firewall Policy.
    PolicySettings Pulumi.AzureNative.FrontDoor.Inputs.PolicySettings
    Describes settings for the policy.
    Sku Pulumi.AzureNative.FrontDoor.Inputs.Sku
    The pricing tier of web application firewall policy. Defaults to Classic_AzureFrontDoor if not specified.
    Tags Dictionary<string, string>
    Resource tags.
    ResourceGroupName string
    The name of the resource group. The name is case insensitive.
    CustomRules CustomRuleListArgs
    Describes custom rules inside the policy.
    Location string
    Resource location.
    ManagedRules ManagedRuleSetListArgs
    Describes managed rules inside the policy.
    PolicyName string
    The name of the Web Application Firewall Policy.
    PolicySettings PolicySettingsArgs
    Describes settings for the policy.
    Sku SkuArgs
    The pricing tier of web application firewall policy. Defaults to Classic_AzureFrontDoor if not specified.
    Tags map[string]string
    Resource tags.
    resource_group_name string
    The name of the resource group. The name is case insensitive.
    custom_rules object
    Describes custom rules inside the policy.
    location string
    Resource location.
    managed_rules object
    Describes managed rules inside the policy.
    policy_name string
    The name of the Web Application Firewall Policy.
    policy_settings object
    Describes settings for the policy.
    sku object
    The pricing tier of web application firewall policy. Defaults to Classic_AzureFrontDoor if not specified.
    tags map(string)
    Resource tags.
    resourceGroupName String
    The name of the resource group. The name is case insensitive.
    customRules CustomRuleList
    Describes custom rules inside the policy.
    location String
    Resource location.
    managedRules ManagedRuleSetList
    Describes managed rules inside the policy.
    policyName String
    The name of the Web Application Firewall Policy.
    policySettings PolicySettings
    Describes settings for the policy.
    sku Sku
    The pricing tier of web application firewall policy. Defaults to Classic_AzureFrontDoor if not specified.
    tags Map<String,String>
    Resource tags.
    resourceGroupName string
    The name of the resource group. The name is case insensitive.
    customRules CustomRuleList
    Describes custom rules inside the policy.
    location string
    Resource location.
    managedRules ManagedRuleSetList
    Describes managed rules inside the policy.
    policyName string
    The name of the Web Application Firewall Policy.
    policySettings PolicySettings
    Describes settings for the policy.
    sku Sku
    The pricing tier of web application firewall policy. Defaults to Classic_AzureFrontDoor if not specified.
    tags {[key: string]: string}
    Resource tags.
    resource_group_name str
    The name of the resource group. The name is case insensitive.
    custom_rules CustomRuleListArgs
    Describes custom rules inside the policy.
    location str
    Resource location.
    managed_rules ManagedRuleSetListArgs
    Describes managed rules inside the policy.
    policy_name str
    The name of the Web Application Firewall Policy.
    policy_settings PolicySettingsArgs
    Describes settings for the policy.
    sku SkuArgs
    The pricing tier of web application firewall policy. Defaults to Classic_AzureFrontDoor if not specified.
    tags Mapping[str, str]
    Resource tags.
    resourceGroupName String
    The name of the resource group. The name is case insensitive.
    customRules Property Map
    Describes custom rules inside the policy.
    location String
    Resource location.
    managedRules Property Map
    Describes managed rules inside the policy.
    policyName String
    The name of the Web Application Firewall Policy.
    policySettings Property Map
    Describes settings for the policy.
    sku Property Map
    The pricing tier of web application firewall policy. Defaults to Classic_AzureFrontDoor if not specified.
    tags Map<String>
    Resource tags.

    Outputs

    All input properties are implicitly available as output properties. Additionally, the Policy resource produces the following output properties:

    AzureApiVersion string
    The Azure API version of the resource.
    FrontendEndpointLinks List<Pulumi.AzureNative.FrontDoor.Outputs.FrontendEndpointLinkResponse>
    Describes Frontend Endpoints associated with this Web Application Firewall policy.
    Id string
    The provider-assigned unique ID for this managed resource.
    Name string
    Resource name.
    ProvisioningState string
    Provisioning state of the policy.
    ResourceState string
    Resource status of the policy.
    RoutingRuleLinks List<Pulumi.AzureNative.FrontDoor.Outputs.RoutingRuleLinkResponse>
    Describes Routing Rules associated with this Web Application Firewall policy.
    SecurityPolicyLinks List<Pulumi.AzureNative.FrontDoor.Outputs.SecurityPolicyLinkResponse>
    Describes Security Policy associated with this Web Application Firewall policy.
    Type string
    Resource type.
    Etag string
    Gets a unique read-only string that changes whenever the resource is updated.
    AzureApiVersion string
    The Azure API version of the resource.
    FrontendEndpointLinks []FrontendEndpointLinkResponse
    Describes Frontend Endpoints associated with this Web Application Firewall policy.
    Id string
    The provider-assigned unique ID for this managed resource.
    Name string
    Resource name.
    ProvisioningState string
    Provisioning state of the policy.
    ResourceState string
    Resource status of the policy.
    RoutingRuleLinks []RoutingRuleLinkResponse
    Describes Routing Rules associated with this Web Application Firewall policy.
    SecurityPolicyLinks []SecurityPolicyLinkResponse
    Describes Security Policy associated with this Web Application Firewall policy.
    Type string
    Resource type.
    Etag string
    Gets a unique read-only string that changes whenever the resource is updated.
    azure_api_version string
    The Azure API version of the resource.
    frontend_endpoint_links list(object)
    Describes Frontend Endpoints associated with this Web Application Firewall policy.
    id string
    The provider-assigned unique ID for this managed resource.
    name string
    Resource name.
    provisioning_state string
    Provisioning state of the policy.
    resource_state string
    Resource status of the policy.
    routing_rule_links list(object)
    Describes Routing Rules associated with this Web Application Firewall policy.
    security_policy_links list(object)
    Describes Security Policy associated with this Web Application Firewall policy.
    type string
    Resource type.
    etag string
    Gets a unique read-only string that changes whenever the resource is updated.
    azureApiVersion String
    The Azure API version of the resource.
    frontendEndpointLinks List<FrontendEndpointLinkResponse>
    Describes Frontend Endpoints associated with this Web Application Firewall policy.
    id String
    The provider-assigned unique ID for this managed resource.
    name String
    Resource name.
    provisioningState String
    Provisioning state of the policy.
    resourceState String
    Resource status of the policy.
    routingRuleLinks List<RoutingRuleLinkResponse>
    Describes Routing Rules associated with this Web Application Firewall policy.
    securityPolicyLinks List<SecurityPolicyLinkResponse>
    Describes Security Policy associated with this Web Application Firewall policy.
    type String
    Resource type.
    etag String
    Gets a unique read-only string that changes whenever the resource is updated.
    azureApiVersion string
    The Azure API version of the resource.
    frontendEndpointLinks FrontendEndpointLinkResponse[]
    Describes Frontend Endpoints associated with this Web Application Firewall policy.
    id string
    The provider-assigned unique ID for this managed resource.
    name string
    Resource name.
    provisioningState string
    Provisioning state of the policy.
    resourceState string
    Resource status of the policy.
    routingRuleLinks RoutingRuleLinkResponse[]
    Describes Routing Rules associated with this Web Application Firewall policy.
    securityPolicyLinks SecurityPolicyLinkResponse[]
    Describes Security Policy associated with this Web Application Firewall policy.
    type string
    Resource type.
    etag string
    Gets a unique read-only string that changes whenever the resource is updated.
    azure_api_version str
    The Azure API version of the resource.
    frontend_endpoint_links Sequence[FrontendEndpointLinkResponse]
    Describes Frontend Endpoints associated with this Web Application Firewall policy.
    id str
    The provider-assigned unique ID for this managed resource.
    name str
    Resource name.
    provisioning_state str
    Provisioning state of the policy.
    resource_state str
    Resource status of the policy.
    routing_rule_links Sequence[RoutingRuleLinkResponse]
    Describes Routing Rules associated with this Web Application Firewall policy.
    security_policy_links Sequence[SecurityPolicyLinkResponse]
    Describes Security Policy associated with this Web Application Firewall policy.
    type str
    Resource type.
    etag str
    Gets a unique read-only string that changes whenever the resource is updated.
    azureApiVersion String
    The Azure API version of the resource.
    frontendEndpointLinks List<Property Map>
    Describes Frontend Endpoints associated with this Web Application Firewall policy.
    id String
    The provider-assigned unique ID for this managed resource.
    name String
    Resource name.
    provisioningState String
    Provisioning state of the policy.
    resourceState String
    Resource status of the policy.
    routingRuleLinks List<Property Map>
    Describes Routing Rules associated with this Web Application Firewall policy.
    securityPolicyLinks List<Property Map>
    Describes Security Policy associated with this Web Application Firewall policy.
    type String
    Resource type.
    etag String
    Gets a unique read-only string that changes whenever the resource is updated.

    Supporting Types

    ActionType, ActionTypeArgs

    Allow
    Allow Allow
    Block
    Block Block
    Log
    Log Log
    Redirect
    Redirect Redirect
    AnomalyScoring
    AnomalyScoring AnomalyScoring
    JSChallenge
    JSChallenge JSChallenge
    CAPTCHA
    CAPTCHA CAPTCHA
    ActionTypeAllow
    Allow Allow
    ActionTypeBlock
    Block Block
    ActionTypeLog
    Log Log
    ActionTypeRedirect
    Redirect Redirect
    ActionTypeAnomalyScoring
    AnomalyScoring AnomalyScoring
    ActionTypeJSChallenge
    JSChallenge JSChallenge
    ActionTypeCAPTCHA
    CAPTCHA CAPTCHA
    "Allow"
    Allow Allow
    "Block"
    Block Block
    "Log"
    Log Log
    "Redirect"
    Redirect Redirect
    "AnomalyScoring"
    AnomalyScoring AnomalyScoring
    "JSChallenge"
    JSChallenge JSChallenge
    "CAPTCHA"
    CAPTCHA CAPTCHA
    Allow
    Allow Allow
    Block
    Block Block
    Log
    Log Log
    Redirect
    Redirect Redirect
    AnomalyScoring
    AnomalyScoring AnomalyScoring
    JSChallenge
    JSChallenge JSChallenge
    CAPTCHA
    CAPTCHA CAPTCHA
    Allow
    Allow Allow
    Block
    Block Block
    Log
    Log Log
    Redirect
    Redirect Redirect
    AnomalyScoring
    AnomalyScoring AnomalyScoring
    JSChallenge
    JSChallenge JSChallenge
    CAPTCHA
    CAPTCHA CAPTCHA
    ALLOW
    Allow Allow
    BLOCK
    Block Block
    LOG
    Log Log
    REDIRECT
    Redirect Redirect
    ANOMALY_SCORING
    AnomalyScoring AnomalyScoring
    JS_CHALLENGE
    JSChallenge JSChallenge
    CAPTCHA
    CAPTCHA CAPTCHA
    "Allow"
    Allow Allow
    "Block"
    Block Block
    "Log"
    Log Log
    "Redirect"
    Redirect Redirect
    "AnomalyScoring"
    AnomalyScoring AnomalyScoring
    "JSChallenge"
    JSChallenge JSChallenge
    "CAPTCHA"
    CAPTCHA CAPTCHA

    CustomRule, CustomRuleArgs

    Defines contents of a web application rule
    Action string | Pulumi.AzureNative.FrontDoor.ActionType
    Describes what action to be applied when rule matches.
    MatchConditions List<Pulumi.AzureNative.FrontDoor.Inputs.MatchCondition>
    List of match conditions.
    Priority int
    Describes priority of the rule. Rules with a lower value will be evaluated before rules with a higher value.
    RuleType string | Pulumi.AzureNative.FrontDoor.RuleType
    Describes type of rule.
    EnabledState string | Pulumi.AzureNative.FrontDoor.CustomRuleEnabledState
    Describes if the custom rule is in enabled or disabled state. Defaults to Enabled if not specified.
    GroupBy List<Pulumi.AzureNative.FrontDoor.Inputs.GroupByVariable>
    Describes the list of variables to group the rate limit requests
    Name string
    Describes the name of the rule.
    RateLimitDurationInMinutes int
    Time window for resetting the rate limit count. Default is 1 minute.
    RateLimitThreshold int
    Number of allowed requests per client within the time window.
    Action string | ActionType
    Describes what action to be applied when rule matches.
    MatchConditions []MatchCondition
    List of match conditions.
    Priority int
    Describes priority of the rule. Rules with a lower value will be evaluated before rules with a higher value.
    RuleType string | RuleType
    Describes type of rule.
    EnabledState string | CustomRuleEnabledState
    Describes if the custom rule is in enabled or disabled state. Defaults to Enabled if not specified.
    GroupBy []GroupByVariable
    Describes the list of variables to group the rate limit requests
    Name string
    Describes the name of the rule.
    RateLimitDurationInMinutes int
    Time window for resetting the rate limit count. Default is 1 minute.
    RateLimitThreshold int
    Number of allowed requests per client within the time window.
    action string | "Allow" | "Block" | "Log" | "Redirect" | "AnomalyScoring" | "JSChallenge" | "CAPTCHA"
    Describes what action to be applied when rule matches.
    match_conditions list(object)
    List of match conditions.
    priority number
    Describes priority of the rule. Rules with a lower value will be evaluated before rules with a higher value.
    rule_type string | "MatchRule" | "RateLimitRule"
    Describes type of rule.
    enabled_state string | "Disabled" | "Enabled"
    Describes if the custom rule is in enabled or disabled state. Defaults to Enabled if not specified.
    group_by list(object)
    Describes the list of variables to group the rate limit requests
    name string
    Describes the name of the rule.
    rate_limit_duration_in_minutes number
    Time window for resetting the rate limit count. Default is 1 minute.
    rate_limit_threshold number
    Number of allowed requests per client within the time window.
    action String | ActionType
    Describes what action to be applied when rule matches.
    matchConditions List<MatchCondition>
    List of match conditions.
    priority Integer
    Describes priority of the rule. Rules with a lower value will be evaluated before rules with a higher value.
    ruleType String | RuleType
    Describes type of rule.
    enabledState String | CustomRuleEnabledState
    Describes if the custom rule is in enabled or disabled state. Defaults to Enabled if not specified.
    groupBy List<GroupByVariable>
    Describes the list of variables to group the rate limit requests
    name String
    Describes the name of the rule.
    rateLimitDurationInMinutes Integer
    Time window for resetting the rate limit count. Default is 1 minute.
    rateLimitThreshold Integer
    Number of allowed requests per client within the time window.
    action string | ActionType
    Describes what action to be applied when rule matches.
    matchConditions MatchCondition[]
    List of match conditions.
    priority number
    Describes priority of the rule. Rules with a lower value will be evaluated before rules with a higher value.
    ruleType string | RuleType
    Describes type of rule.
    enabledState string | CustomRuleEnabledState
    Describes if the custom rule is in enabled or disabled state. Defaults to Enabled if not specified.
    groupBy GroupByVariable[]
    Describes the list of variables to group the rate limit requests
    name string
    Describes the name of the rule.
    rateLimitDurationInMinutes number
    Time window for resetting the rate limit count. Default is 1 minute.
    rateLimitThreshold number
    Number of allowed requests per client within the time window.
    action str | ActionType
    Describes what action to be applied when rule matches.
    match_conditions Sequence[MatchCondition]
    List of match conditions.
    priority int
    Describes priority of the rule. Rules with a lower value will be evaluated before rules with a higher value.
    rule_type str | RuleType
    Describes type of rule.
    enabled_state str | CustomRuleEnabledState
    Describes if the custom rule is in enabled or disabled state. Defaults to Enabled if not specified.
    group_by Sequence[GroupByVariable]
    Describes the list of variables to group the rate limit requests
    name str
    Describes the name of the rule.
    rate_limit_duration_in_minutes int
    Time window for resetting the rate limit count. Default is 1 minute.
    rate_limit_threshold int
    Number of allowed requests per client within the time window.
    action String | "Allow" | "Block" | "Log" | "Redirect" | "AnomalyScoring" | "JSChallenge" | "CAPTCHA"
    Describes what action to be applied when rule matches.
    matchConditions List<Property Map>
    List of match conditions.
    priority Number
    Describes priority of the rule. Rules with a lower value will be evaluated before rules with a higher value.
    ruleType String | "MatchRule" | "RateLimitRule"
    Describes type of rule.
    enabledState String | "Disabled" | "Enabled"
    Describes if the custom rule is in enabled or disabled state. Defaults to Enabled if not specified.
    groupBy List<Property Map>
    Describes the list of variables to group the rate limit requests
    name String
    Describes the name of the rule.
    rateLimitDurationInMinutes Number
    Time window for resetting the rate limit count. Default is 1 minute.
    rateLimitThreshold Number
    Number of allowed requests per client within the time window.

    CustomRuleEnabledState, CustomRuleEnabledStateArgs

    Disabled
    Disabled Disabled
    Enabled
    Enabled Enabled
    CustomRuleEnabledStateDisabled
    Disabled Disabled
    CustomRuleEnabledStateEnabled
    Enabled Enabled
    "Disabled"
    Disabled Disabled
    "Enabled"
    Enabled Enabled
    Disabled
    Disabled Disabled
    Enabled
    Enabled Enabled
    Disabled
    Disabled Disabled
    Enabled
    Enabled Enabled
    DISABLED
    Disabled Disabled
    ENABLED
    Enabled Enabled
    "Disabled"
    Disabled Disabled
    "Enabled"
    Enabled Enabled

    CustomRuleList, CustomRuleListArgs

    Defines contents of custom rules
    Rules []CustomRule
    List of rules
    rules list(object)
    List of rules
    rules List<CustomRule>
    List of rules
    rules CustomRule[]
    List of rules

    CustomRuleListResponse, CustomRuleListResponseArgs

    Defines contents of custom rules
    rules list(object)
    List of rules

    CustomRuleResponse, CustomRuleResponseArgs

    Defines contents of a web application rule
    Action string
    Describes what action to be applied when rule matches.
    MatchConditions List<Pulumi.AzureNative.FrontDoor.Inputs.MatchConditionResponse>
    List of match conditions.
    Priority int
    Describes priority of the rule. Rules with a lower value will be evaluated before rules with a higher value.
    RuleType string
    Describes type of rule.
    EnabledState string
    Describes if the custom rule is in enabled or disabled state. Defaults to Enabled if not specified.
    GroupBy List<Pulumi.AzureNative.FrontDoor.Inputs.GroupByVariableResponse>
    Describes the list of variables to group the rate limit requests
    Name string
    Describes the name of the rule.
    RateLimitDurationInMinutes int
    Time window for resetting the rate limit count. Default is 1 minute.
    RateLimitThreshold int
    Number of allowed requests per client within the time window.
    Action string
    Describes what action to be applied when rule matches.
    MatchConditions []MatchConditionResponse
    List of match conditions.
    Priority int
    Describes priority of the rule. Rules with a lower value will be evaluated before rules with a higher value.
    RuleType string
    Describes type of rule.
    EnabledState string
    Describes if the custom rule is in enabled or disabled state. Defaults to Enabled if not specified.
    GroupBy []GroupByVariableResponse
    Describes the list of variables to group the rate limit requests
    Name string
    Describes the name of the rule.
    RateLimitDurationInMinutes int
    Time window for resetting the rate limit count. Default is 1 minute.
    RateLimitThreshold int
    Number of allowed requests per client within the time window.
    action string
    Describes what action to be applied when rule matches.
    match_conditions list(object)
    List of match conditions.
    priority number
    Describes priority of the rule. Rules with a lower value will be evaluated before rules with a higher value.
    rule_type string
    Describes type of rule.
    enabled_state string
    Describes if the custom rule is in enabled or disabled state. Defaults to Enabled if not specified.
    group_by list(object)
    Describes the list of variables to group the rate limit requests
    name string
    Describes the name of the rule.
    rate_limit_duration_in_minutes number
    Time window for resetting the rate limit count. Default is 1 minute.
    rate_limit_threshold number
    Number of allowed requests per client within the time window.
    action String
    Describes what action to be applied when rule matches.
    matchConditions List<MatchConditionResponse>
    List of match conditions.
    priority Integer
    Describes priority of the rule. Rules with a lower value will be evaluated before rules with a higher value.
    ruleType String
    Describes type of rule.
    enabledState String
    Describes if the custom rule is in enabled or disabled state. Defaults to Enabled if not specified.
    groupBy List<GroupByVariableResponse>
    Describes the list of variables to group the rate limit requests
    name String
    Describes the name of the rule.
    rateLimitDurationInMinutes Integer
    Time window for resetting the rate limit count. Default is 1 minute.
    rateLimitThreshold Integer
    Number of allowed requests per client within the time window.
    action string
    Describes what action to be applied when rule matches.
    matchConditions MatchConditionResponse[]
    List of match conditions.
    priority number
    Describes priority of the rule. Rules with a lower value will be evaluated before rules with a higher value.
    ruleType string
    Describes type of rule.
    enabledState string
    Describes if the custom rule is in enabled or disabled state. Defaults to Enabled if not specified.
    groupBy GroupByVariableResponse[]
    Describes the list of variables to group the rate limit requests
    name string
    Describes the name of the rule.
    rateLimitDurationInMinutes number
    Time window for resetting the rate limit count. Default is 1 minute.
    rateLimitThreshold number
    Number of allowed requests per client within the time window.
    action str
    Describes what action to be applied when rule matches.
    match_conditions Sequence[MatchConditionResponse]
    List of match conditions.
    priority int
    Describes priority of the rule. Rules with a lower value will be evaluated before rules with a higher value.
    rule_type str
    Describes type of rule.
    enabled_state str
    Describes if the custom rule is in enabled or disabled state. Defaults to Enabled if not specified.
    group_by Sequence[GroupByVariableResponse]
    Describes the list of variables to group the rate limit requests
    name str
    Describes the name of the rule.
    rate_limit_duration_in_minutes int
    Time window for resetting the rate limit count. Default is 1 minute.
    rate_limit_threshold int
    Number of allowed requests per client within the time window.
    action String
    Describes what action to be applied when rule matches.
    matchConditions List<Property Map>
    List of match conditions.
    priority Number
    Describes priority of the rule. Rules with a lower value will be evaluated before rules with a higher value.
    ruleType String
    Describes type of rule.
    enabledState String
    Describes if the custom rule is in enabled or disabled state. Defaults to Enabled if not specified.
    groupBy List<Property Map>
    Describes the list of variables to group the rate limit requests
    name String
    Describes the name of the rule.
    rateLimitDurationInMinutes Number
    Time window for resetting the rate limit count. Default is 1 minute.
    rateLimitThreshold Number
    Number of allowed requests per client within the time window.

    ExceptionMatchVariable, ExceptionMatchVariableArgs

    RequestUri
    RequestUri Request Uri Exception Match Variable
    SocketAddr
    SocketAddr Socket Address Exception Match Variable
    RequestHeaderNames
    RequestHeaderNames Request Header Names Exception Match Variable
    ExceptionMatchVariableRequestUri
    RequestUri Request Uri Exception Match Variable
    ExceptionMatchVariableSocketAddr
    SocketAddr Socket Address Exception Match Variable
    ExceptionMatchVariableRequestHeaderNames
    RequestHeaderNames Request Header Names Exception Match Variable
    "RequestUri"
    RequestUri Request Uri Exception Match Variable
    "SocketAddr"
    SocketAddr Socket Address Exception Match Variable
    "RequestHeaderNames"
    RequestHeaderNames Request Header Names Exception Match Variable
    RequestUri
    RequestUri Request Uri Exception Match Variable
    SocketAddr
    SocketAddr Socket Address Exception Match Variable
    RequestHeaderNames
    RequestHeaderNames Request Header Names Exception Match Variable
    RequestUri
    RequestUri Request Uri Exception Match Variable
    SocketAddr
    SocketAddr Socket Address Exception Match Variable
    RequestHeaderNames
    RequestHeaderNames Request Header Names Exception Match Variable
    REQUEST_URI
    RequestUri Request Uri Exception Match Variable
    SOCKET_ADDR
    SocketAddr Socket Address Exception Match Variable
    REQUEST_HEADER_NAMES
    RequestHeaderNames Request Header Names Exception Match Variable
    "RequestUri"
    RequestUri Request Uri Exception Match Variable
    "SocketAddr"
    SocketAddr Socket Address Exception Match Variable
    "RequestHeaderNames"
    RequestHeaderNames Request Header Names Exception Match Variable

    ExceptionSelectorMatchOperator, ExceptionSelectorMatchOperatorArgs

    EqualsValue
    Equals Equals Selector Match Operator
    ExceptionSelectorMatchOperatorEquals
    Equals Equals Selector Match Operator
    "Equals"
    Equals Equals Selector Match Operator
    Equals
    Equals Equals Selector Match Operator
    Equals
    Equals Equals Selector Match Operator
    EQUALS
    Equals Equals Selector Match Operator
    "Equals"
    Equals Equals Selector Match Operator

    ExceptionValueMatchOperator, ExceptionValueMatchOperatorArgs

    EqualsValue
    Equals Equals Exception Value Match Operator
    Contains
    Contains Contains Exception Value Match Operator
    StartsWith
    StartsWith StartsWith Exception Value Match Operator
    EndsWith
    EndsWith EndsWith Exception Value Match Operator
    EqualsAny
    EqualsAny EqualsAny Exception Value Match Operator
    IPMatch
    IPMatch IPMatch Exception Value Match Operator
    ExceptionValueMatchOperatorEquals
    Equals Equals Exception Value Match Operator
    ExceptionValueMatchOperatorContains
    Contains Contains Exception Value Match Operator
    ExceptionValueMatchOperatorStartsWith
    StartsWith StartsWith Exception Value Match Operator
    ExceptionValueMatchOperatorEndsWith
    EndsWith EndsWith Exception Value Match Operator
    ExceptionValueMatchOperatorEqualsAny
    EqualsAny EqualsAny Exception Value Match Operator
    ExceptionValueMatchOperatorIPMatch
    IPMatch IPMatch Exception Value Match Operator
    "Equals"
    Equals Equals Exception Value Match Operator
    "Contains"
    Contains Contains Exception Value Match Operator
    "StartsWith"
    StartsWith StartsWith Exception Value Match Operator
    "EndsWith"
    EndsWith EndsWith Exception Value Match Operator
    "EqualsAny"
    EqualsAny EqualsAny Exception Value Match Operator
    "IPMatch"
    IPMatch IPMatch Exception Value Match Operator
    Equals
    Equals Equals Exception Value Match Operator
    Contains
    Contains Contains Exception Value Match Operator
    StartsWith
    StartsWith StartsWith Exception Value Match Operator
    EndsWith
    EndsWith EndsWith Exception Value Match Operator
    EqualsAny
    EqualsAny EqualsAny Exception Value Match Operator
    IPMatch
    IPMatch IPMatch Exception Value Match Operator
    Equals
    Equals Equals Exception Value Match Operator
    Contains
    Contains Contains Exception Value Match Operator
    StartsWith
    StartsWith StartsWith Exception Value Match Operator
    EndsWith
    EndsWith EndsWith Exception Value Match Operator
    EqualsAny
    EqualsAny EqualsAny Exception Value Match Operator
    IPMatch
    IPMatch IPMatch Exception Value Match Operator
    EQUALS
    Equals Equals Exception Value Match Operator
    CONTAINS
    Contains Contains Exception Value Match Operator
    STARTS_WITH
    StartsWith StartsWith Exception Value Match Operator
    ENDS_WITH
    EndsWith EndsWith Exception Value Match Operator
    EQUALS_ANY
    EqualsAny EqualsAny Exception Value Match Operator
    IP_MATCH
    IPMatch IPMatch Exception Value Match Operator
    "Equals"
    Equals Equals Exception Value Match Operator
    "Contains"
    Contains Contains Exception Value Match Operator
    "StartsWith"
    StartsWith StartsWith Exception Value Match Operator
    "EndsWith"
    EndsWith EndsWith Exception Value Match Operator
    "EqualsAny"
    EqualsAny EqualsAny Exception Value Match Operator
    "IPMatch"
    IPMatch IPMatch Exception Value Match Operator

    FrontendEndpointLinkResponse, FrontendEndpointLinkResponseArgs

    Defines the Resource ID for a Frontend Endpoint.
    Id string
    Resource ID.
    Id string
    Resource ID.
    id string
    Resource ID.
    id String
    Resource ID.
    id string
    Resource ID.
    id str
    Resource ID.
    id String
    Resource ID.

    GroupByVariable, GroupByVariableArgs

    Describes the variables available to group the rate limit requests
    VariableName string | Pulumi.AzureNative.FrontDoor.VariableName
    Describes the supported variable for group by
    VariableName string | VariableName
    Describes the supported variable for group by
    variable_name string | "SocketAddr" | "GeoLocation" | "None"
    Describes the supported variable for group by
    variableName String | VariableName
    Describes the supported variable for group by
    variableName string | VariableName
    Describes the supported variable for group by
    variable_name str | VariableName
    Describes the supported variable for group by
    variableName String | "SocketAddr" | "GeoLocation" | "None"
    Describes the supported variable for group by

    GroupByVariableResponse, GroupByVariableResponseArgs

    Describes the variables available to group the rate limit requests
    VariableName string
    Describes the supported variable for group by
    VariableName string
    Describes the supported variable for group by
    variable_name string
    Describes the supported variable for group by
    variableName String
    Describes the supported variable for group by
    variableName string
    Describes the supported variable for group by
    variable_name str
    Describes the supported variable for group by
    variableName String
    Describes the supported variable for group by

    ManagedRuleEnabledState, ManagedRuleEnabledStateArgs

    Disabled
    Disabled Disabled
    Enabled
    Enabled Enabled
    ManagedRuleEnabledStateDisabled
    Disabled Disabled
    ManagedRuleEnabledStateEnabled
    Enabled Enabled
    "Disabled"
    Disabled Disabled
    "Enabled"
    Enabled Enabled
    Disabled
    Disabled Disabled
    Enabled
    Enabled Enabled
    Disabled
    Disabled Disabled
    Enabled
    Enabled Enabled
    DISABLED
    Disabled Disabled
    ENABLED
    Enabled Enabled
    "Disabled"
    Disabled Disabled
    "Enabled"
    Enabled Enabled

    ManagedRuleExclusion, ManagedRuleExclusionArgs

    Exclude variables from managed rule evaluation.
    MatchVariable string | Pulumi.AzureNative.FrontDoor.ManagedRuleExclusionMatchVariable
    The variable type to be excluded.
    Selector string
    Selector value for which elements in the collection this exclusion applies to.
    SelectorMatchOperator string | Pulumi.AzureNative.FrontDoor.ManagedRuleExclusionSelectorMatchOperator
    Comparison operator to apply to the selector when specifying which elements in the collection this exclusion applies to.
    MatchVariable string | ManagedRuleExclusionMatchVariable
    The variable type to be excluded.
    Selector string
    Selector value for which elements in the collection this exclusion applies to.
    SelectorMatchOperator string | ManagedRuleExclusionSelectorMatchOperator
    Comparison operator to apply to the selector when specifying which elements in the collection this exclusion applies to.
    match_variable string | "RequestHeaderNames" | "RequestCookieNames" | "QueryStringArgNames" | "RequestBodyPostArgNames" | "RequestBodyJsonArgNames"
    The variable type to be excluded.
    selector string
    Selector value for which elements in the collection this exclusion applies to.
    selector_match_operator string | "Equals" | "Contains" | "StartsWith" | "EndsWith" | "EqualsAny"
    Comparison operator to apply to the selector when specifying which elements in the collection this exclusion applies to.
    matchVariable String | ManagedRuleExclusionMatchVariable
    The variable type to be excluded.
    selector String
    Selector value for which elements in the collection this exclusion applies to.
    selectorMatchOperator String | ManagedRuleExclusionSelectorMatchOperator
    Comparison operator to apply to the selector when specifying which elements in the collection this exclusion applies to.
    matchVariable string | ManagedRuleExclusionMatchVariable
    The variable type to be excluded.
    selector string
    Selector value for which elements in the collection this exclusion applies to.
    selectorMatchOperator string | ManagedRuleExclusionSelectorMatchOperator
    Comparison operator to apply to the selector when specifying which elements in the collection this exclusion applies to.
    match_variable str | ManagedRuleExclusionMatchVariable
    The variable type to be excluded.
    selector str
    Selector value for which elements in the collection this exclusion applies to.
    selector_match_operator str | ManagedRuleExclusionSelectorMatchOperator
    Comparison operator to apply to the selector when specifying which elements in the collection this exclusion applies to.
    matchVariable String | "RequestHeaderNames" | "RequestCookieNames" | "QueryStringArgNames" | "RequestBodyPostArgNames" | "RequestBodyJsonArgNames"
    The variable type to be excluded.
    selector String
    Selector value for which elements in the collection this exclusion applies to.
    selectorMatchOperator String | "Equals" | "Contains" | "StartsWith" | "EndsWith" | "EqualsAny"
    Comparison operator to apply to the selector when specifying which elements in the collection this exclusion applies to.

    ManagedRuleExclusionMatchVariable, ManagedRuleExclusionMatchVariableArgs

    RequestHeaderNames
    RequestHeaderNames RequestHeaderNames
    RequestCookieNames
    RequestCookieNames RequestCookieNames
    QueryStringArgNames
    QueryStringArgNames QueryStringArgNames
    RequestBodyPostArgNames
    RequestBodyPostArgNames RequestBodyPostArgNames
    RequestBodyJsonArgNames
    RequestBodyJsonArgNames RequestBodyJsonArgNames
    ManagedRuleExclusionMatchVariableRequestHeaderNames
    RequestHeaderNames RequestHeaderNames
    ManagedRuleExclusionMatchVariableRequestCookieNames
    RequestCookieNames RequestCookieNames
    ManagedRuleExclusionMatchVariableQueryStringArgNames
    QueryStringArgNames QueryStringArgNames
    ManagedRuleExclusionMatchVariableRequestBodyPostArgNames
    RequestBodyPostArgNames RequestBodyPostArgNames
    ManagedRuleExclusionMatchVariableRequestBodyJsonArgNames
    RequestBodyJsonArgNames RequestBodyJsonArgNames
    "RequestHeaderNames"
    RequestHeaderNames RequestHeaderNames
    "RequestCookieNames"
    RequestCookieNames RequestCookieNames
    "QueryStringArgNames"
    QueryStringArgNames QueryStringArgNames
    "RequestBodyPostArgNames"
    RequestBodyPostArgNames RequestBodyPostArgNames
    "RequestBodyJsonArgNames"
    RequestBodyJsonArgNames RequestBodyJsonArgNames
    RequestHeaderNames
    RequestHeaderNames RequestHeaderNames
    RequestCookieNames
    RequestCookieNames RequestCookieNames
    QueryStringArgNames
    QueryStringArgNames QueryStringArgNames
    RequestBodyPostArgNames
    RequestBodyPostArgNames RequestBodyPostArgNames
    RequestBodyJsonArgNames
    RequestBodyJsonArgNames RequestBodyJsonArgNames
    RequestHeaderNames
    RequestHeaderNames RequestHeaderNames
    RequestCookieNames
    RequestCookieNames RequestCookieNames
    QueryStringArgNames
    QueryStringArgNames QueryStringArgNames
    RequestBodyPostArgNames
    RequestBodyPostArgNames RequestBodyPostArgNames
    RequestBodyJsonArgNames
    RequestBodyJsonArgNames RequestBodyJsonArgNames
    REQUEST_HEADER_NAMES
    RequestHeaderNames RequestHeaderNames
    REQUEST_COOKIE_NAMES
    RequestCookieNames RequestCookieNames
    QUERY_STRING_ARG_NAMES
    QueryStringArgNames QueryStringArgNames
    REQUEST_BODY_POST_ARG_NAMES
    RequestBodyPostArgNames RequestBodyPostArgNames
    REQUEST_BODY_JSON_ARG_NAMES
    RequestBodyJsonArgNames RequestBodyJsonArgNames
    "RequestHeaderNames"
    RequestHeaderNames RequestHeaderNames
    "RequestCookieNames"
    RequestCookieNames RequestCookieNames
    "QueryStringArgNames"
    QueryStringArgNames QueryStringArgNames
    "RequestBodyPostArgNames"
    RequestBodyPostArgNames RequestBodyPostArgNames
    "RequestBodyJsonArgNames"
    RequestBodyJsonArgNames RequestBodyJsonArgNames

    ManagedRuleExclusionResponse, ManagedRuleExclusionResponseArgs

    Exclude variables from managed rule evaluation.
    MatchVariable string
    The variable type to be excluded.
    Selector string
    Selector value for which elements in the collection this exclusion applies to.
    SelectorMatchOperator string
    Comparison operator to apply to the selector when specifying which elements in the collection this exclusion applies to.
    MatchVariable string
    The variable type to be excluded.
    Selector string
    Selector value for which elements in the collection this exclusion applies to.
    SelectorMatchOperator string
    Comparison operator to apply to the selector when specifying which elements in the collection this exclusion applies to.
    match_variable string
    The variable type to be excluded.
    selector string
    Selector value for which elements in the collection this exclusion applies to.
    selector_match_operator string
    Comparison operator to apply to the selector when specifying which elements in the collection this exclusion applies to.
    matchVariable String
    The variable type to be excluded.
    selector String
    Selector value for which elements in the collection this exclusion applies to.
    selectorMatchOperator String
    Comparison operator to apply to the selector when specifying which elements in the collection this exclusion applies to.
    matchVariable string
    The variable type to be excluded.
    selector string
    Selector value for which elements in the collection this exclusion applies to.
    selectorMatchOperator string
    Comparison operator to apply to the selector when specifying which elements in the collection this exclusion applies to.
    match_variable str
    The variable type to be excluded.
    selector str
    Selector value for which elements in the collection this exclusion applies to.
    selector_match_operator str
    Comparison operator to apply to the selector when specifying which elements in the collection this exclusion applies to.
    matchVariable String
    The variable type to be excluded.
    selector String
    Selector value for which elements in the collection this exclusion applies to.
    selectorMatchOperator String
    Comparison operator to apply to the selector when specifying which elements in the collection this exclusion applies to.

    ManagedRuleExclusionSelectorMatchOperator, ManagedRuleExclusionSelectorMatchOperatorArgs

    EqualsValue
    Equals Equals
    Contains
    Contains Contains
    StartsWith
    StartsWith StartsWith
    EndsWith
    EndsWith EndsWith
    EqualsAny
    EqualsAny EqualsAny
    ManagedRuleExclusionSelectorMatchOperatorEquals
    Equals Equals
    ManagedRuleExclusionSelectorMatchOperatorContains
    Contains Contains
    ManagedRuleExclusionSelectorMatchOperatorStartsWith
    StartsWith StartsWith
    ManagedRuleExclusionSelectorMatchOperatorEndsWith
    EndsWith EndsWith
    ManagedRuleExclusionSelectorMatchOperatorEqualsAny
    EqualsAny EqualsAny
    "Equals"
    Equals Equals
    "Contains"
    Contains Contains
    "StartsWith"
    StartsWith StartsWith
    "EndsWith"
    EndsWith EndsWith
    "EqualsAny"
    EqualsAny EqualsAny
    Equals
    Equals Equals
    Contains
    Contains Contains
    StartsWith
    StartsWith StartsWith
    EndsWith
    EndsWith EndsWith
    EqualsAny
    EqualsAny EqualsAny
    Equals
    Equals Equals
    Contains
    Contains Contains
    StartsWith
    StartsWith StartsWith
    EndsWith
    EndsWith EndsWith
    EqualsAny
    EqualsAny EqualsAny
    EQUALS
    Equals Equals
    CONTAINS
    Contains Contains
    STARTS_WITH
    StartsWith StartsWith
    ENDS_WITH
    EndsWith EndsWith
    EQUALS_ANY
    EqualsAny EqualsAny
    "Equals"
    Equals Equals
    "Contains"
    Contains Contains
    "StartsWith"
    StartsWith StartsWith
    "EndsWith"
    EndsWith EndsWith
    "EqualsAny"
    EqualsAny EqualsAny

    ManagedRuleGroupOverride, ManagedRuleGroupOverrideArgs

    Defines a managed rule group override setting.
    RuleGroupName string
    Describes the managed rule group to override.
    Exclusions List<Pulumi.AzureNative.FrontDoor.Inputs.ManagedRuleExclusion>
    Describes the exclusions that are applied to all rules in the group.
    Rules List<Pulumi.AzureNative.FrontDoor.Inputs.ManagedRuleOverride>
    List of rules that will be disabled. If none specified, all rules in the group will be disabled.
    RuleGroupName string
    Describes the managed rule group to override.
    Exclusions []ManagedRuleExclusion
    Describes the exclusions that are applied to all rules in the group.
    Rules []ManagedRuleOverride
    List of rules that will be disabled. If none specified, all rules in the group will be disabled.
    rule_group_name string
    Describes the managed rule group to override.
    exclusions list(object)
    Describes the exclusions that are applied to all rules in the group.
    rules list(object)
    List of rules that will be disabled. If none specified, all rules in the group will be disabled.
    ruleGroupName String
    Describes the managed rule group to override.
    exclusions List<ManagedRuleExclusion>
    Describes the exclusions that are applied to all rules in the group.
    rules List<ManagedRuleOverride>
    List of rules that will be disabled. If none specified, all rules in the group will be disabled.
    ruleGroupName string
    Describes the managed rule group to override.
    exclusions ManagedRuleExclusion[]
    Describes the exclusions that are applied to all rules in the group.
    rules ManagedRuleOverride[]
    List of rules that will be disabled. If none specified, all rules in the group will be disabled.
    rule_group_name str
    Describes the managed rule group to override.
    exclusions Sequence[ManagedRuleExclusion]
    Describes the exclusions that are applied to all rules in the group.
    rules Sequence[ManagedRuleOverride]
    List of rules that will be disabled. If none specified, all rules in the group will be disabled.
    ruleGroupName String
    Describes the managed rule group to override.
    exclusions List<Property Map>
    Describes the exclusions that are applied to all rules in the group.
    rules List<Property Map>
    List of rules that will be disabled. If none specified, all rules in the group will be disabled.

    ManagedRuleGroupOverrideResponse, ManagedRuleGroupOverrideResponseArgs

    Defines a managed rule group override setting.
    RuleGroupName string
    Describes the managed rule group to override.
    Exclusions List<Pulumi.AzureNative.FrontDoor.Inputs.ManagedRuleExclusionResponse>
    Describes the exclusions that are applied to all rules in the group.
    Rules List<Pulumi.AzureNative.FrontDoor.Inputs.ManagedRuleOverrideResponse>
    List of rules that will be disabled. If none specified, all rules in the group will be disabled.
    RuleGroupName string
    Describes the managed rule group to override.
    Exclusions []ManagedRuleExclusionResponse
    Describes the exclusions that are applied to all rules in the group.
    Rules []ManagedRuleOverrideResponse
    List of rules that will be disabled. If none specified, all rules in the group will be disabled.
    rule_group_name string
    Describes the managed rule group to override.
    exclusions list(object)
    Describes the exclusions that are applied to all rules in the group.
    rules list(object)
    List of rules that will be disabled. If none specified, all rules in the group will be disabled.
    ruleGroupName String
    Describes the managed rule group to override.
    exclusions List<ManagedRuleExclusionResponse>
    Describes the exclusions that are applied to all rules in the group.
    rules List<ManagedRuleOverrideResponse>
    List of rules that will be disabled. If none specified, all rules in the group will be disabled.
    ruleGroupName string
    Describes the managed rule group to override.
    exclusions ManagedRuleExclusionResponse[]
    Describes the exclusions that are applied to all rules in the group.
    rules ManagedRuleOverrideResponse[]
    List of rules that will be disabled. If none specified, all rules in the group will be disabled.
    rule_group_name str
    Describes the managed rule group to override.
    exclusions Sequence[ManagedRuleExclusionResponse]
    Describes the exclusions that are applied to all rules in the group.
    rules Sequence[ManagedRuleOverrideResponse]
    List of rules that will be disabled. If none specified, all rules in the group will be disabled.
    ruleGroupName String
    Describes the managed rule group to override.
    exclusions List<Property Map>
    Describes the exclusions that are applied to all rules in the group.
    rules List<Property Map>
    List of rules that will be disabled. If none specified, all rules in the group will be disabled.

    ManagedRuleOverride, ManagedRuleOverrideArgs

    Defines a managed rule group override setting.
    RuleId string
    Identifier for the managed rule.
    Action string | Pulumi.AzureNative.FrontDoor.ActionType
    Describes the override action to be applied when rule matches.
    EnabledState string | Pulumi.AzureNative.FrontDoor.ManagedRuleEnabledState
    Describes if the managed rule is in enabled or disabled state. Defaults to Disabled if not specified.
    Exclusions List<Pulumi.AzureNative.FrontDoor.Inputs.ManagedRuleExclusion>
    Describes the exclusions that are applied to this specific rule.
    Sensitivity string | Pulumi.AzureNative.FrontDoor.SensitivityType
    Describes the override sensitivity to be applied when rule matches.
    RuleId string
    Identifier for the managed rule.
    Action string | ActionType
    Describes the override action to be applied when rule matches.
    EnabledState string | ManagedRuleEnabledState
    Describes if the managed rule is in enabled or disabled state. Defaults to Disabled if not specified.
    Exclusions []ManagedRuleExclusion
    Describes the exclusions that are applied to this specific rule.
    Sensitivity string | SensitivityType
    Describes the override sensitivity to be applied when rule matches.
    rule_id string
    Identifier for the managed rule.
    action string | "Allow" | "Block" | "Log" | "Redirect" | "AnomalyScoring" | "JSChallenge" | "CAPTCHA"
    Describes the override action to be applied when rule matches.
    enabled_state string | "Disabled" | "Enabled"
    Describes if the managed rule is in enabled or disabled state. Defaults to Disabled if not specified.
    exclusions list(object)
    Describes the exclusions that are applied to this specific rule.
    sensitivity string | "Low" | "Medium" | "High"
    Describes the override sensitivity to be applied when rule matches.
    ruleId String
    Identifier for the managed rule.
    action String | ActionType
    Describes the override action to be applied when rule matches.
    enabledState String | ManagedRuleEnabledState
    Describes if the managed rule is in enabled or disabled state. Defaults to Disabled if not specified.
    exclusions List<ManagedRuleExclusion>
    Describes the exclusions that are applied to this specific rule.
    sensitivity String | SensitivityType
    Describes the override sensitivity to be applied when rule matches.
    ruleId string
    Identifier for the managed rule.
    action string | ActionType
    Describes the override action to be applied when rule matches.
    enabledState string | ManagedRuleEnabledState
    Describes if the managed rule is in enabled or disabled state. Defaults to Disabled if not specified.
    exclusions ManagedRuleExclusion[]
    Describes the exclusions that are applied to this specific rule.
    sensitivity string | SensitivityType
    Describes the override sensitivity to be applied when rule matches.
    rule_id str
    Identifier for the managed rule.
    action str | ActionType
    Describes the override action to be applied when rule matches.
    enabled_state str | ManagedRuleEnabledState
    Describes if the managed rule is in enabled or disabled state. Defaults to Disabled if not specified.
    exclusions Sequence[ManagedRuleExclusion]
    Describes the exclusions that are applied to this specific rule.
    sensitivity str | SensitivityType
    Describes the override sensitivity to be applied when rule matches.
    ruleId String
    Identifier for the managed rule.
    action String | "Allow" | "Block" | "Log" | "Redirect" | "AnomalyScoring" | "JSChallenge" | "CAPTCHA"
    Describes the override action to be applied when rule matches.
    enabledState String | "Disabled" | "Enabled"
    Describes if the managed rule is in enabled or disabled state. Defaults to Disabled if not specified.
    exclusions List<Property Map>
    Describes the exclusions that are applied to this specific rule.
    sensitivity String | "Low" | "Medium" | "High"
    Describes the override sensitivity to be applied when rule matches.

    ManagedRuleOverrideResponse, ManagedRuleOverrideResponseArgs

    Defines a managed rule group override setting.
    RuleId string
    Identifier for the managed rule.
    Action string
    Describes the override action to be applied when rule matches.
    EnabledState string
    Describes if the managed rule is in enabled or disabled state. Defaults to Disabled if not specified.
    Exclusions List<Pulumi.AzureNative.FrontDoor.Inputs.ManagedRuleExclusionResponse>
    Describes the exclusions that are applied to this specific rule.
    Sensitivity string
    Describes the override sensitivity to be applied when rule matches.
    RuleId string
    Identifier for the managed rule.
    Action string
    Describes the override action to be applied when rule matches.
    EnabledState string
    Describes if the managed rule is in enabled or disabled state. Defaults to Disabled if not specified.
    Exclusions []ManagedRuleExclusionResponse
    Describes the exclusions that are applied to this specific rule.
    Sensitivity string
    Describes the override sensitivity to be applied when rule matches.
    rule_id string
    Identifier for the managed rule.
    action string
    Describes the override action to be applied when rule matches.
    enabled_state string
    Describes if the managed rule is in enabled or disabled state. Defaults to Disabled if not specified.
    exclusions list(object)
    Describes the exclusions that are applied to this specific rule.
    sensitivity string
    Describes the override sensitivity to be applied when rule matches.
    ruleId String
    Identifier for the managed rule.
    action String
    Describes the override action to be applied when rule matches.
    enabledState String
    Describes if the managed rule is in enabled or disabled state. Defaults to Disabled if not specified.
    exclusions List<ManagedRuleExclusionResponse>
    Describes the exclusions that are applied to this specific rule.
    sensitivity String
    Describes the override sensitivity to be applied when rule matches.
    ruleId string
    Identifier for the managed rule.
    action string
    Describes the override action to be applied when rule matches.
    enabledState string
    Describes if the managed rule is in enabled or disabled state. Defaults to Disabled if not specified.
    exclusions ManagedRuleExclusionResponse[]
    Describes the exclusions that are applied to this specific rule.
    sensitivity string
    Describes the override sensitivity to be applied when rule matches.
    rule_id str
    Identifier for the managed rule.
    action str
    Describes the override action to be applied when rule matches.
    enabled_state str
    Describes if the managed rule is in enabled or disabled state. Defaults to Disabled if not specified.
    exclusions Sequence[ManagedRuleExclusionResponse]
    Describes the exclusions that are applied to this specific rule.
    sensitivity str
    Describes the override sensitivity to be applied when rule matches.
    ruleId String
    Identifier for the managed rule.
    action String
    Describes the override action to be applied when rule matches.
    enabledState String
    Describes if the managed rule is in enabled or disabled state. Defaults to Disabled if not specified.
    exclusions List<Property Map>
    Describes the exclusions that are applied to this specific rule.
    sensitivity String
    Describes the override sensitivity to be applied when rule matches.

    ManagedRuleSet, ManagedRuleSetArgs

    Defines a managed rule set.
    RuleSetType string
    Defines the rule set type to use.
    RuleSetVersion string
    Defines the version of the rule set to use.
    Exclusions List<Pulumi.AzureNative.FrontDoor.Inputs.ManagedRuleExclusion>
    Describes the exclusions that are applied to all rules in the set.
    RuleGroupOverrides List<Pulumi.AzureNative.FrontDoor.Inputs.ManagedRuleGroupOverride>
    Defines the rule group overrides to apply to the rule set.
    RuleSetAction string | Pulumi.AzureNative.FrontDoor.ManagedRuleSetActionType
    Defines the rule set action.
    RuleSetType string
    Defines the rule set type to use.
    RuleSetVersion string
    Defines the version of the rule set to use.
    Exclusions []ManagedRuleExclusion
    Describes the exclusions that are applied to all rules in the set.
    RuleGroupOverrides []ManagedRuleGroupOverride
    Defines the rule group overrides to apply to the rule set.
    RuleSetAction string | ManagedRuleSetActionType
    Defines the rule set action.
    rule_set_type string
    Defines the rule set type to use.
    rule_set_version string
    Defines the version of the rule set to use.
    exclusions list(object)
    Describes the exclusions that are applied to all rules in the set.
    rule_group_overrides list(object)
    Defines the rule group overrides to apply to the rule set.
    rule_set_action string | "Block" | "Log" | "Redirect"
    Defines the rule set action.
    ruleSetType String
    Defines the rule set type to use.
    ruleSetVersion String
    Defines the version of the rule set to use.
    exclusions List<ManagedRuleExclusion>
    Describes the exclusions that are applied to all rules in the set.
    ruleGroupOverrides List<ManagedRuleGroupOverride>
    Defines the rule group overrides to apply to the rule set.
    ruleSetAction String | ManagedRuleSetActionType
    Defines the rule set action.
    ruleSetType string
    Defines the rule set type to use.
    ruleSetVersion string
    Defines the version of the rule set to use.
    exclusions ManagedRuleExclusion[]
    Describes the exclusions that are applied to all rules in the set.
    ruleGroupOverrides ManagedRuleGroupOverride[]
    Defines the rule group overrides to apply to the rule set.
    ruleSetAction string | ManagedRuleSetActionType
    Defines the rule set action.
    rule_set_type str
    Defines the rule set type to use.
    rule_set_version str
    Defines the version of the rule set to use.
    exclusions Sequence[ManagedRuleExclusion]
    Describes the exclusions that are applied to all rules in the set.
    rule_group_overrides Sequence[ManagedRuleGroupOverride]
    Defines the rule group overrides to apply to the rule set.
    rule_set_action str | ManagedRuleSetActionType
    Defines the rule set action.
    ruleSetType String
    Defines the rule set type to use.
    ruleSetVersion String
    Defines the version of the rule set to use.
    exclusions List<Property Map>
    Describes the exclusions that are applied to all rules in the set.
    ruleGroupOverrides List<Property Map>
    Defines the rule group overrides to apply to the rule set.
    ruleSetAction String | "Block" | "Log" | "Redirect"
    Defines the rule set action.

    ManagedRuleSetActionType, ManagedRuleSetActionTypeArgs

    Block
    Block Block
    Log
    Log Log
    Redirect
    Redirect Redirect
    ManagedRuleSetActionTypeBlock
    Block Block
    ManagedRuleSetActionTypeLog
    Log Log
    ManagedRuleSetActionTypeRedirect
    Redirect Redirect
    "Block"
    Block Block
    "Log"
    Log Log
    "Redirect"
    Redirect Redirect
    Block
    Block Block
    Log
    Log Log
    Redirect
    Redirect Redirect
    Block
    Block Block
    Log
    Log Log
    Redirect
    Redirect Redirect
    BLOCK
    Block Block
    LOG
    Log Log
    REDIRECT
    Redirect Redirect
    "Block"
    Block Block
    "Log"
    Log Log
    "Redirect"
    Redirect Redirect

    ManagedRuleSetException, ManagedRuleSetExceptionArgs

    Excludes whole requests from managed rule evaluation according to match conditions.
    MatchValues List<string>
    List of values to be matched with.
    MatchVariable string | Pulumi.AzureNative.FrontDoor.ExceptionMatchVariable
    The variable to be evaluated for excluding the request.
    Scopes List<Pulumi.AzureNative.FrontDoor.Inputs.ManagedRuleSetScope>
    Scope(s) of the exception.
    ValueMatchOperator string | Pulumi.AzureNative.FrontDoor.ExceptionValueMatchOperator
    Comparison operator to apply to the value to be matched.
    Selector string
    When matchVariable is a collection, operator used to specify which elements in the collection this exception applies to. Currently supported only for RequestHeaderNames.
    SelectorMatchOperator string | Pulumi.AzureNative.FrontDoor.ExceptionSelectorMatchOperator
    Comparison operator to apply to the selector when specifying which elements in the collection this exception applies to.
    MatchValues []string
    List of values to be matched with.
    MatchVariable string | ExceptionMatchVariable
    The variable to be evaluated for excluding the request.
    Scopes []ManagedRuleSetScope
    Scope(s) of the exception.
    ValueMatchOperator string | ExceptionValueMatchOperator
    Comparison operator to apply to the value to be matched.
    Selector string
    When matchVariable is a collection, operator used to specify which elements in the collection this exception applies to. Currently supported only for RequestHeaderNames.
    SelectorMatchOperator string | ExceptionSelectorMatchOperator
    Comparison operator to apply to the selector when specifying which elements in the collection this exception applies to.
    match_values list(string)
    List of values to be matched with.
    match_variable string | "RequestUri" | "SocketAddr" | "RequestHeaderNames"
    The variable to be evaluated for excluding the request.
    scopes list(object)
    Scope(s) of the exception.
    value_match_operator string | "Equals" | "Contains" | "StartsWith" | "EndsWith" | "EqualsAny" | "IPMatch"
    Comparison operator to apply to the value to be matched.
    selector string
    When matchVariable is a collection, operator used to specify which elements in the collection this exception applies to. Currently supported only for RequestHeaderNames.
    selector_match_operator string | "Equals"
    Comparison operator to apply to the selector when specifying which elements in the collection this exception applies to.
    matchValues List<String>
    List of values to be matched with.
    matchVariable String | ExceptionMatchVariable
    The variable to be evaluated for excluding the request.
    scopes List<ManagedRuleSetScope>
    Scope(s) of the exception.
    valueMatchOperator String | ExceptionValueMatchOperator
    Comparison operator to apply to the value to be matched.
    selector String
    When matchVariable is a collection, operator used to specify which elements in the collection this exception applies to. Currently supported only for RequestHeaderNames.
    selectorMatchOperator String | ExceptionSelectorMatchOperator
    Comparison operator to apply to the selector when specifying which elements in the collection this exception applies to.
    matchValues string[]
    List of values to be matched with.
    matchVariable string | ExceptionMatchVariable
    The variable to be evaluated for excluding the request.
    scopes ManagedRuleSetScope[]
    Scope(s) of the exception.
    valueMatchOperator string | ExceptionValueMatchOperator
    Comparison operator to apply to the value to be matched.
    selector string
    When matchVariable is a collection, operator used to specify which elements in the collection this exception applies to. Currently supported only for RequestHeaderNames.
    selectorMatchOperator string | ExceptionSelectorMatchOperator
    Comparison operator to apply to the selector when specifying which elements in the collection this exception applies to.
    match_values Sequence[str]
    List of values to be matched with.
    match_variable str | ExceptionMatchVariable
    The variable to be evaluated for excluding the request.
    scopes Sequence[ManagedRuleSetScope]
    Scope(s) of the exception.
    value_match_operator str | ExceptionValueMatchOperator
    Comparison operator to apply to the value to be matched.
    selector str
    When matchVariable is a collection, operator used to specify which elements in the collection this exception applies to. Currently supported only for RequestHeaderNames.
    selector_match_operator str | ExceptionSelectorMatchOperator
    Comparison operator to apply to the selector when specifying which elements in the collection this exception applies to.
    matchValues List<String>
    List of values to be matched with.
    matchVariable String | "RequestUri" | "SocketAddr" | "RequestHeaderNames"
    The variable to be evaluated for excluding the request.
    scopes List<Property Map>
    Scope(s) of the exception.
    valueMatchOperator String | "Equals" | "Contains" | "StartsWith" | "EndsWith" | "EqualsAny" | "IPMatch"
    Comparison operator to apply to the value to be matched.
    selector String
    When matchVariable is a collection, operator used to specify which elements in the collection this exception applies to. Currently supported only for RequestHeaderNames.
    selectorMatchOperator String | "Equals"
    Comparison operator to apply to the selector when specifying which elements in the collection this exception applies to.

    ManagedRuleSetExceptionList, ManagedRuleSetExceptionListArgs

    Defines the list of exceptions for the managed rule sets.
    exceptions list(object)
    List of exceptions.
    exceptions List<Property Map>
    List of exceptions.

    ManagedRuleSetExceptionListResponse, ManagedRuleSetExceptionListResponseArgs

    Defines the list of exceptions for the managed rule sets.
    exceptions list(object)
    List of exceptions.
    exceptions List<Property Map>
    List of exceptions.

    ManagedRuleSetExceptionResponse, ManagedRuleSetExceptionResponseArgs

    Excludes whole requests from managed rule evaluation according to match conditions.
    MatchValues List<string>
    List of values to be matched with.
    MatchVariable string
    The variable to be evaluated for excluding the request.
    Scopes List<Pulumi.AzureNative.FrontDoor.Inputs.ManagedRuleSetScopeResponse>
    Scope(s) of the exception.
    ValueMatchOperator string
    Comparison operator to apply to the value to be matched.
    Selector string
    When matchVariable is a collection, operator used to specify which elements in the collection this exception applies to. Currently supported only for RequestHeaderNames.
    SelectorMatchOperator string
    Comparison operator to apply to the selector when specifying which elements in the collection this exception applies to.
    MatchValues []string
    List of values to be matched with.
    MatchVariable string
    The variable to be evaluated for excluding the request.
    Scopes []ManagedRuleSetScopeResponse
    Scope(s) of the exception.
    ValueMatchOperator string
    Comparison operator to apply to the value to be matched.
    Selector string
    When matchVariable is a collection, operator used to specify which elements in the collection this exception applies to. Currently supported only for RequestHeaderNames.
    SelectorMatchOperator string
    Comparison operator to apply to the selector when specifying which elements in the collection this exception applies to.
    match_values list(string)
    List of values to be matched with.
    match_variable string
    The variable to be evaluated for excluding the request.
    scopes list(object)
    Scope(s) of the exception.
    value_match_operator string
    Comparison operator to apply to the value to be matched.
    selector string
    When matchVariable is a collection, operator used to specify which elements in the collection this exception applies to. Currently supported only for RequestHeaderNames.
    selector_match_operator string
    Comparison operator to apply to the selector when specifying which elements in the collection this exception applies to.
    matchValues List<String>
    List of values to be matched with.
    matchVariable String
    The variable to be evaluated for excluding the request.
    scopes List<ManagedRuleSetScopeResponse>
    Scope(s) of the exception.
    valueMatchOperator String
    Comparison operator to apply to the value to be matched.
    selector String
    When matchVariable is a collection, operator used to specify which elements in the collection this exception applies to. Currently supported only for RequestHeaderNames.
    selectorMatchOperator String
    Comparison operator to apply to the selector when specifying which elements in the collection this exception applies to.
    matchValues string[]
    List of values to be matched with.
    matchVariable string
    The variable to be evaluated for excluding the request.
    scopes ManagedRuleSetScopeResponse[]
    Scope(s) of the exception.
    valueMatchOperator string
    Comparison operator to apply to the value to be matched.
    selector string
    When matchVariable is a collection, operator used to specify which elements in the collection this exception applies to. Currently supported only for RequestHeaderNames.
    selectorMatchOperator string
    Comparison operator to apply to the selector when specifying which elements in the collection this exception applies to.
    match_values Sequence[str]
    List of values to be matched with.
    match_variable str
    The variable to be evaluated for excluding the request.
    scopes Sequence[ManagedRuleSetScopeResponse]
    Scope(s) of the exception.
    value_match_operator str
    Comparison operator to apply to the value to be matched.
    selector str
    When matchVariable is a collection, operator used to specify which elements in the collection this exception applies to. Currently supported only for RequestHeaderNames.
    selector_match_operator str
    Comparison operator to apply to the selector when specifying which elements in the collection this exception applies to.
    matchValues List<String>
    List of values to be matched with.
    matchVariable String
    The variable to be evaluated for excluding the request.
    scopes List<Property Map>
    Scope(s) of the exception.
    valueMatchOperator String
    Comparison operator to apply to the value to be matched.
    selector String
    When matchVariable is a collection, operator used to specify which elements in the collection this exception applies to. Currently supported only for RequestHeaderNames.
    selectorMatchOperator String
    Comparison operator to apply to the selector when specifying which elements in the collection this exception applies to.

    ManagedRuleSetList, ManagedRuleSetListArgs

    Defines the list of managed rule sets for the policy.
    ExceptionsList ManagedRuleSetExceptionList
    List of exceptions applied on the managed rule sets.
    ManagedRuleSets []ManagedRuleSet
    List of rule sets.
    exceptions_list object
    List of exceptions applied on the managed rule sets.
    managed_rule_sets list(object)
    List of rule sets.
    exceptionsList ManagedRuleSetExceptionList
    List of exceptions applied on the managed rule sets.
    managedRuleSets List<ManagedRuleSet>
    List of rule sets.
    exceptionsList ManagedRuleSetExceptionList
    List of exceptions applied on the managed rule sets.
    managedRuleSets ManagedRuleSet[]
    List of rule sets.
    exceptions_list ManagedRuleSetExceptionList
    List of exceptions applied on the managed rule sets.
    managed_rule_sets Sequence[ManagedRuleSet]
    List of rule sets.
    exceptionsList Property Map
    List of exceptions applied on the managed rule sets.
    managedRuleSets List<Property Map>
    List of rule sets.

    ManagedRuleSetListResponse, ManagedRuleSetListResponseArgs

    Defines the list of managed rule sets for the policy.
    ExceptionsList ManagedRuleSetExceptionListResponse
    List of exceptions applied on the managed rule sets.
    ManagedRuleSets []ManagedRuleSetResponse
    List of rule sets.
    exceptions_list object
    List of exceptions applied on the managed rule sets.
    managed_rule_sets list(object)
    List of rule sets.
    exceptionsList ManagedRuleSetExceptionListResponse
    List of exceptions applied on the managed rule sets.
    managedRuleSets List<ManagedRuleSetResponse>
    List of rule sets.
    exceptionsList ManagedRuleSetExceptionListResponse
    List of exceptions applied on the managed rule sets.
    managedRuleSets ManagedRuleSetResponse[]
    List of rule sets.
    exceptions_list ManagedRuleSetExceptionListResponse
    List of exceptions applied on the managed rule sets.
    managed_rule_sets Sequence[ManagedRuleSetResponse]
    List of rule sets.
    exceptionsList Property Map
    List of exceptions applied on the managed rule sets.
    managedRuleSets List<Property Map>
    List of rule sets.

    ManagedRuleSetResponse, ManagedRuleSetResponseArgs

    Defines a managed rule set.
    RuleSetType string
    Defines the rule set type to use.
    RuleSetVersion string
    Defines the version of the rule set to use.
    Exclusions List<Pulumi.AzureNative.FrontDoor.Inputs.ManagedRuleExclusionResponse>
    Describes the exclusions that are applied to all rules in the set.
    RuleGroupOverrides List<Pulumi.AzureNative.FrontDoor.Inputs.ManagedRuleGroupOverrideResponse>
    Defines the rule group overrides to apply to the rule set.
    RuleSetAction string
    Defines the rule set action.
    RuleSetType string
    Defines the rule set type to use.
    RuleSetVersion string
    Defines the version of the rule set to use.
    Exclusions []ManagedRuleExclusionResponse
    Describes the exclusions that are applied to all rules in the set.
    RuleGroupOverrides []ManagedRuleGroupOverrideResponse
    Defines the rule group overrides to apply to the rule set.
    RuleSetAction string
    Defines the rule set action.
    rule_set_type string
    Defines the rule set type to use.
    rule_set_version string
    Defines the version of the rule set to use.
    exclusions list(object)
    Describes the exclusions that are applied to all rules in the set.
    rule_group_overrides list(object)
    Defines the rule group overrides to apply to the rule set.
    rule_set_action string
    Defines the rule set action.
    ruleSetType String
    Defines the rule set type to use.
    ruleSetVersion String
    Defines the version of the rule set to use.
    exclusions List<ManagedRuleExclusionResponse>
    Describes the exclusions that are applied to all rules in the set.
    ruleGroupOverrides List<ManagedRuleGroupOverrideResponse>
    Defines the rule group overrides to apply to the rule set.
    ruleSetAction String
    Defines the rule set action.
    ruleSetType string
    Defines the rule set type to use.
    ruleSetVersion string
    Defines the version of the rule set to use.
    exclusions ManagedRuleExclusionResponse[]
    Describes the exclusions that are applied to all rules in the set.
    ruleGroupOverrides ManagedRuleGroupOverrideResponse[]
    Defines the rule group overrides to apply to the rule set.
    ruleSetAction string
    Defines the rule set action.
    rule_set_type str
    Defines the rule set type to use.
    rule_set_version str
    Defines the version of the rule set to use.
    exclusions Sequence[ManagedRuleExclusionResponse]
    Describes the exclusions that are applied to all rules in the set.
    rule_group_overrides Sequence[ManagedRuleGroupOverrideResponse]
    Defines the rule group overrides to apply to the rule set.
    rule_set_action str
    Defines the rule set action.
    ruleSetType String
    Defines the rule set type to use.
    ruleSetVersion String
    Defines the version of the rule set to use.
    exclusions List<Property Map>
    Describes the exclusions that are applied to all rules in the set.
    ruleGroupOverrides List<Property Map>
    Defines the rule group overrides to apply to the rule set.
    ruleSetAction String
    Defines the rule set action.

    ManagedRuleSetScope, ManagedRuleSetScopeArgs

    Defines the scope of the managed rules.
    RuleSetType string
    Defines the rule set type. Examples: DefaultRuleSet, Microsoft_DefaultRuleSet, Microsoft_BotManagerRuleSet, Microsoft_HTTPDDoSRuleSet, BotProtection
    RuleSetVersion string
    Defines the version of the rule set.
    RuleGroupScopes List<Pulumi.AzureNative.FrontDoor.Inputs.RuleGroupScope>
    List of rule group scopes.
    RuleSetType string
    Defines the rule set type. Examples: DefaultRuleSet, Microsoft_DefaultRuleSet, Microsoft_BotManagerRuleSet, Microsoft_HTTPDDoSRuleSet, BotProtection
    RuleSetVersion string
    Defines the version of the rule set.
    RuleGroupScopes []RuleGroupScope
    List of rule group scopes.
    rule_set_type string
    Defines the rule set type. Examples: DefaultRuleSet, Microsoft_DefaultRuleSet, Microsoft_BotManagerRuleSet, Microsoft_HTTPDDoSRuleSet, BotProtection
    rule_set_version string
    Defines the version of the rule set.
    rule_group_scopes list(object)
    List of rule group scopes.
    ruleSetType String
    Defines the rule set type. Examples: DefaultRuleSet, Microsoft_DefaultRuleSet, Microsoft_BotManagerRuleSet, Microsoft_HTTPDDoSRuleSet, BotProtection
    ruleSetVersion String
    Defines the version of the rule set.
    ruleGroupScopes List<RuleGroupScope>
    List of rule group scopes.
    ruleSetType string
    Defines the rule set type. Examples: DefaultRuleSet, Microsoft_DefaultRuleSet, Microsoft_BotManagerRuleSet, Microsoft_HTTPDDoSRuleSet, BotProtection
    ruleSetVersion string
    Defines the version of the rule set.
    ruleGroupScopes RuleGroupScope[]
    List of rule group scopes.
    rule_set_type str
    Defines the rule set type. Examples: DefaultRuleSet, Microsoft_DefaultRuleSet, Microsoft_BotManagerRuleSet, Microsoft_HTTPDDoSRuleSet, BotProtection
    rule_set_version str
    Defines the version of the rule set.
    rule_group_scopes Sequence[RuleGroupScope]
    List of rule group scopes.
    ruleSetType String
    Defines the rule set type. Examples: DefaultRuleSet, Microsoft_DefaultRuleSet, Microsoft_BotManagerRuleSet, Microsoft_HTTPDDoSRuleSet, BotProtection
    ruleSetVersion String
    Defines the version of the rule set.
    ruleGroupScopes List<Property Map>
    List of rule group scopes.

    ManagedRuleSetScopeResponse, ManagedRuleSetScopeResponseArgs

    Defines the scope of the managed rules.
    RuleSetType string
    Defines the rule set type. Examples: DefaultRuleSet, Microsoft_DefaultRuleSet, Microsoft_BotManagerRuleSet, Microsoft_HTTPDDoSRuleSet, BotProtection
    RuleSetVersion string
    Defines the version of the rule set.
    RuleGroupScopes List<Pulumi.AzureNative.FrontDoor.Inputs.RuleGroupScopeResponse>
    List of rule group scopes.
    RuleSetType string
    Defines the rule set type. Examples: DefaultRuleSet, Microsoft_DefaultRuleSet, Microsoft_BotManagerRuleSet, Microsoft_HTTPDDoSRuleSet, BotProtection
    RuleSetVersion string
    Defines the version of the rule set.
    RuleGroupScopes []RuleGroupScopeResponse
    List of rule group scopes.
    rule_set_type string
    Defines the rule set type. Examples: DefaultRuleSet, Microsoft_DefaultRuleSet, Microsoft_BotManagerRuleSet, Microsoft_HTTPDDoSRuleSet, BotProtection
    rule_set_version string
    Defines the version of the rule set.
    rule_group_scopes list(object)
    List of rule group scopes.
    ruleSetType String
    Defines the rule set type. Examples: DefaultRuleSet, Microsoft_DefaultRuleSet, Microsoft_BotManagerRuleSet, Microsoft_HTTPDDoSRuleSet, BotProtection
    ruleSetVersion String
    Defines the version of the rule set.
    ruleGroupScopes List<RuleGroupScopeResponse>
    List of rule group scopes.
    ruleSetType string
    Defines the rule set type. Examples: DefaultRuleSet, Microsoft_DefaultRuleSet, Microsoft_BotManagerRuleSet, Microsoft_HTTPDDoSRuleSet, BotProtection
    ruleSetVersion string
    Defines the version of the rule set.
    ruleGroupScopes RuleGroupScopeResponse[]
    List of rule group scopes.
    rule_set_type str
    Defines the rule set type. Examples: DefaultRuleSet, Microsoft_DefaultRuleSet, Microsoft_BotManagerRuleSet, Microsoft_HTTPDDoSRuleSet, BotProtection
    rule_set_version str
    Defines the version of the rule set.
    rule_group_scopes Sequence[RuleGroupScopeResponse]
    List of rule group scopes.
    ruleSetType String
    Defines the rule set type. Examples: DefaultRuleSet, Microsoft_DefaultRuleSet, Microsoft_BotManagerRuleSet, Microsoft_HTTPDDoSRuleSet, BotProtection
    ruleSetVersion String
    Defines the version of the rule set.
    ruleGroupScopes List<Property Map>
    List of rule group scopes.

    MatchCondition, MatchConditionArgs

    Define a match condition.
    MatchValue List<string>
    List of possible match values.
    MatchVariable string | Pulumi.AzureNative.FrontDoor.MatchVariable
    Request variable to compare with.
    Operator string | Pulumi.AzureNative.FrontDoor.Operator
    Comparison type to use for matching with the variable value.
    NegateCondition bool
    Describes if the result of this condition should be negated.
    Selector string
    Match against a specific key from the QueryString, PostArgs, RequestHeader or Cookies variables. Default is null.
    Transforms List<Union<string, Pulumi.AzureNative.FrontDoor.TransformType>>
    List of transforms.
    MatchValue []string
    List of possible match values.
    MatchVariable string | MatchVariable
    Request variable to compare with.
    Operator string | Operator
    Comparison type to use for matching with the variable value.
    NegateCondition bool
    Describes if the result of this condition should be negated.
    Selector string
    Match against a specific key from the QueryString, PostArgs, RequestHeader or Cookies variables. Default is null.
    Transforms []string
    List of transforms.
    match_value list(string)
    List of possible match values.
    match_variable string | "RemoteAddr" | "RequestMethod" | "QueryString" | "PostArgs" | "RequestUri" | "RequestHeader" | "RequestBody" | "Cookies" | "SocketAddr" | "JA4"
    Request variable to compare with.
    operator string | "Any" | "IPMatch" | "GeoMatch" | "Equal" | "Contains" | "LessThan" | "GreaterThan" | "LessThanOrEqual" | "GreaterThanOrEqual" | "BeginsWith" | "EndsWith" | "RegEx" | "ServiceTagMatch" | "AsnMatch" | "ClientFingerprint"
    Comparison type to use for matching with the variable value.
    negate_condition bool
    Describes if the result of this condition should be negated.
    selector string
    Match against a specific key from the QueryString, PostArgs, RequestHeader or Cookies variables. Default is null.
    transforms list(string | "Lowercase" | "Uppercase" | "Trim" | "UrlDecode" | "UrlEncode" | "RemoveNulls")
    List of transforms.
    matchValue List<String>
    List of possible match values.
    matchVariable String | MatchVariable
    Request variable to compare with.
    operator String | Operator
    Comparison type to use for matching with the variable value.
    negateCondition Boolean
    Describes if the result of this condition should be negated.
    selector String
    Match against a specific key from the QueryString, PostArgs, RequestHeader or Cookies variables. Default is null.
    transforms List<Either<String,TransformType>>
    List of transforms.
    matchValue string[]
    List of possible match values.
    matchVariable string | MatchVariable
    Request variable to compare with.
    operator string | Operator
    Comparison type to use for matching with the variable value.
    negateCondition boolean
    Describes if the result of this condition should be negated.
    selector string
    Match against a specific key from the QueryString, PostArgs, RequestHeader or Cookies variables. Default is null.
    transforms (string | TransformType)[]
    List of transforms.
    match_value Sequence[str]
    List of possible match values.
    match_variable str | MatchVariable
    Request variable to compare with.
    operator str | Operator
    Comparison type to use for matching with the variable value.
    negate_condition bool
    Describes if the result of this condition should be negated.
    selector str
    Match against a specific key from the QueryString, PostArgs, RequestHeader or Cookies variables. Default is null.
    transforms Sequence[Union[str, TransformType]]
    List of transforms.
    matchValue List<String>
    List of possible match values.
    matchVariable String | "RemoteAddr" | "RequestMethod" | "QueryString" | "PostArgs" | "RequestUri" | "RequestHeader" | "RequestBody" | "Cookies" | "SocketAddr" | "JA4"
    Request variable to compare with.
    operator String | "Any" | "IPMatch" | "GeoMatch" | "Equal" | "Contains" | "LessThan" | "GreaterThan" | "LessThanOrEqual" | "GreaterThanOrEqual" | "BeginsWith" | "EndsWith" | "RegEx" | "ServiceTagMatch" | "AsnMatch" | "ClientFingerprint"
    Comparison type to use for matching with the variable value.
    negateCondition Boolean
    Describes if the result of this condition should be negated.
    selector String
    Match against a specific key from the QueryString, PostArgs, RequestHeader or Cookies variables. Default is null.
    transforms List<String | "Lowercase" | "Uppercase" | "Trim" | "UrlDecode" | "UrlEncode" | "RemoveNulls">
    List of transforms.

    MatchConditionResponse, MatchConditionResponseArgs

    Define a match condition.
    MatchValue List<string>
    List of possible match values.
    MatchVariable string
    Request variable to compare with.
    Operator string
    Comparison type to use for matching with the variable value.
    NegateCondition bool
    Describes if the result of this condition should be negated.
    Selector string
    Match against a specific key from the QueryString, PostArgs, RequestHeader or Cookies variables. Default is null.
    Transforms List<string>
    List of transforms.
    MatchValue []string
    List of possible match values.
    MatchVariable string
    Request variable to compare with.
    Operator string
    Comparison type to use for matching with the variable value.
    NegateCondition bool
    Describes if the result of this condition should be negated.
    Selector string
    Match against a specific key from the QueryString, PostArgs, RequestHeader or Cookies variables. Default is null.
    Transforms []string
    List of transforms.
    match_value list(string)
    List of possible match values.
    match_variable string
    Request variable to compare with.
    operator string
    Comparison type to use for matching with the variable value.
    negate_condition bool
    Describes if the result of this condition should be negated.
    selector string
    Match against a specific key from the QueryString, PostArgs, RequestHeader or Cookies variables. Default is null.
    transforms list(string)
    List of transforms.
    matchValue List<String>
    List of possible match values.
    matchVariable String
    Request variable to compare with.
    operator String
    Comparison type to use for matching with the variable value.
    negateCondition Boolean
    Describes if the result of this condition should be negated.
    selector String
    Match against a specific key from the QueryString, PostArgs, RequestHeader or Cookies variables. Default is null.
    transforms List<String>
    List of transforms.
    matchValue string[]
    List of possible match values.
    matchVariable string
    Request variable to compare with.
    operator string
    Comparison type to use for matching with the variable value.
    negateCondition boolean
    Describes if the result of this condition should be negated.
    selector string
    Match against a specific key from the QueryString, PostArgs, RequestHeader or Cookies variables. Default is null.
    transforms string[]
    List of transforms.
    match_value Sequence[str]
    List of possible match values.
    match_variable str
    Request variable to compare with.
    operator str
    Comparison type to use for matching with the variable value.
    negate_condition bool
    Describes if the result of this condition should be negated.
    selector str
    Match against a specific key from the QueryString, PostArgs, RequestHeader or Cookies variables. Default is null.
    transforms Sequence[str]
    List of transforms.
    matchValue List<String>
    List of possible match values.
    matchVariable String
    Request variable to compare with.
    operator String
    Comparison type to use for matching with the variable value.
    negateCondition Boolean
    Describes if the result of this condition should be negated.
    selector String
    Match against a specific key from the QueryString, PostArgs, RequestHeader or Cookies variables. Default is null.
    transforms List<String>
    List of transforms.

    MatchVariable, MatchVariableArgs

    RemoteAddr
    RemoteAddr RemoteAddr
    RequestMethod
    RequestMethod RequestMethod
    QueryString
    QueryString QueryString
    PostArgs
    PostArgs PostArgs
    RequestUri
    RequestUri RequestUri
    RequestHeader
    RequestHeader RequestHeader
    RequestBody
    RequestBody RequestBody
    Cookies
    Cookies Cookies
    SocketAddr
    SocketAddr SocketAddr
    JA4
    JA4 JA4 Match Variable
    MatchVariableRemoteAddr
    RemoteAddr RemoteAddr
    MatchVariableRequestMethod
    RequestMethod RequestMethod
    MatchVariableQueryString
    QueryString QueryString
    MatchVariablePostArgs
    PostArgs PostArgs
    MatchVariableRequestUri
    RequestUri RequestUri
    MatchVariableRequestHeader
    RequestHeader RequestHeader
    MatchVariableRequestBody
    RequestBody RequestBody
    MatchVariableCookies
    Cookies Cookies
    MatchVariableSocketAddr
    SocketAddr SocketAddr
    MatchVariableJA4
    JA4 JA4 Match Variable
    "RemoteAddr"
    RemoteAddr RemoteAddr
    "RequestMethod"
    RequestMethod RequestMethod
    "QueryString"
    QueryString QueryString
    "PostArgs"
    PostArgs PostArgs
    "RequestUri"
    RequestUri RequestUri
    "RequestHeader"
    RequestHeader RequestHeader
    "RequestBody"
    RequestBody RequestBody
    "Cookies"
    Cookies Cookies
    "SocketAddr"
    SocketAddr SocketAddr
    "JA4"
    JA4 JA4 Match Variable
    RemoteAddr
    RemoteAddr RemoteAddr
    RequestMethod
    RequestMethod RequestMethod
    QueryString
    QueryString QueryString
    PostArgs
    PostArgs PostArgs
    RequestUri
    RequestUri RequestUri
    RequestHeader
    RequestHeader RequestHeader
    RequestBody
    RequestBody RequestBody
    Cookies
    Cookies Cookies
    SocketAddr
    SocketAddr SocketAddr
    JA4
    JA4 JA4 Match Variable
    RemoteAddr
    RemoteAddr RemoteAddr
    RequestMethod
    RequestMethod RequestMethod
    QueryString
    QueryString QueryString
    PostArgs
    PostArgs PostArgs
    RequestUri
    RequestUri RequestUri
    RequestHeader
    RequestHeader RequestHeader
    RequestBody
    RequestBody RequestBody
    Cookies
    Cookies Cookies
    SocketAddr
    SocketAddr SocketAddr
    JA4
    JA4 JA4 Match Variable
    REMOTE_ADDR
    RemoteAddr RemoteAddr
    REQUEST_METHOD
    RequestMethod RequestMethod
    QUERY_STRING
    QueryString QueryString
    POST_ARGS
    PostArgs PostArgs
    REQUEST_URI
    RequestUri RequestUri
    REQUEST_HEADER
    RequestHeader RequestHeader
    REQUEST_BODY
    RequestBody RequestBody
    COOKIES
    Cookies Cookies
    SOCKET_ADDR
    SocketAddr SocketAddr
    JA4
    JA4 JA4 Match Variable
    "RemoteAddr"
    RemoteAddr RemoteAddr
    "RequestMethod"
    RequestMethod RequestMethod
    "QueryString"
    QueryString QueryString
    "PostArgs"
    PostArgs PostArgs
    "RequestUri"
    RequestUri RequestUri
    "RequestHeader"
    RequestHeader RequestHeader
    "RequestBody"
    RequestBody RequestBody
    "Cookies"
    Cookies Cookies
    "SocketAddr"
    SocketAddr SocketAddr
    "JA4"
    JA4 JA4 Match Variable

    Operator, OperatorArgs

    Any
    Any Any
    IPMatch
    IPMatch IPMatch
    GeoMatch
    GeoMatch GeoMatch
    Equal
    Equal Equal
    Contains
    Contains Contains
    LessThan
    LessThan LessThan
    GreaterThan
    GreaterThan GreaterThan
    LessThanOrEqual
    LessThanOrEqual LessThanOrEqual
    GreaterThanOrEqual
    GreaterThanOrEqual GreaterThanOrEqual
    BeginsWith
    BeginsWith BeginsWith
    EndsWith
    EndsWith EndsWith
    RegEx
    RegEx RegEx
    ServiceTagMatch
    ServiceTagMatch ServiceTagMatch
    AsnMatch
    AsnMatch Autonomous System Number Match Operator
    ClientFingerprint
    ClientFingerprint Client Finger print Operator
    OperatorAny
    Any Any
    OperatorIPMatch
    IPMatch IPMatch
    OperatorGeoMatch
    GeoMatch GeoMatch
    OperatorEqual
    Equal Equal
    OperatorContains
    Contains Contains
    OperatorLessThan
    LessThan LessThan
    OperatorGreaterThan
    GreaterThan GreaterThan
    OperatorLessThanOrEqual
    LessThanOrEqual LessThanOrEqual
    OperatorGreaterThanOrEqual
    GreaterThanOrEqual GreaterThanOrEqual
    OperatorBeginsWith
    BeginsWith BeginsWith
    OperatorEndsWith
    EndsWith EndsWith
    OperatorRegEx
    RegEx RegEx
    OperatorServiceTagMatch
    ServiceTagMatch ServiceTagMatch
    OperatorAsnMatch
    AsnMatch Autonomous System Number Match Operator
    OperatorClientFingerprint
    ClientFingerprint Client Finger print Operator
    "Any"
    Any Any
    "IPMatch"
    IPMatch IPMatch
    "GeoMatch"
    GeoMatch GeoMatch
    "Equal"
    Equal Equal
    "Contains"
    Contains Contains
    "LessThan"
    LessThan LessThan
    "GreaterThan"
    GreaterThan GreaterThan
    "LessThanOrEqual"
    LessThanOrEqual LessThanOrEqual
    "GreaterThanOrEqual"
    GreaterThanOrEqual GreaterThanOrEqual
    "BeginsWith"
    BeginsWith BeginsWith
    "EndsWith"
    EndsWith EndsWith
    "RegEx"
    RegEx RegEx
    "ServiceTagMatch"
    ServiceTagMatch ServiceTagMatch
    "AsnMatch"
    AsnMatch Autonomous System Number Match Operator
    "ClientFingerprint"
    ClientFingerprint Client Finger print Operator
    Any
    Any Any
    IPMatch
    IPMatch IPMatch
    GeoMatch
    GeoMatch GeoMatch
    Equal
    Equal Equal
    Contains
    Contains Contains
    LessThan
    LessThan LessThan
    GreaterThan
    GreaterThan GreaterThan
    LessThanOrEqual
    LessThanOrEqual LessThanOrEqual
    GreaterThanOrEqual
    GreaterThanOrEqual GreaterThanOrEqual
    BeginsWith
    BeginsWith BeginsWith
    EndsWith
    EndsWith EndsWith
    RegEx
    RegEx RegEx
    ServiceTagMatch
    ServiceTagMatch ServiceTagMatch
    AsnMatch
    AsnMatch Autonomous System Number Match Operator
    ClientFingerprint
    ClientFingerprint Client Finger print Operator
    Any
    Any Any
    IPMatch
    IPMatch IPMatch
    GeoMatch
    GeoMatch GeoMatch
    Equal
    Equal Equal
    Contains
    Contains Contains
    LessThan
    LessThan LessThan
    GreaterThan
    GreaterThan GreaterThan
    LessThanOrEqual
    LessThanOrEqual LessThanOrEqual
    GreaterThanOrEqual
    GreaterThanOrEqual GreaterThanOrEqual
    BeginsWith
    BeginsWith BeginsWith
    EndsWith
    EndsWith EndsWith
    RegEx
    RegEx RegEx
    ServiceTagMatch
    ServiceTagMatch ServiceTagMatch
    AsnMatch
    AsnMatch Autonomous System Number Match Operator
    ClientFingerprint
    ClientFingerprint Client Finger print Operator
    ANY
    Any Any
    IP_MATCH
    IPMatch IPMatch
    GEO_MATCH
    GeoMatch GeoMatch
    EQUAL
    Equal Equal
    CONTAINS
    Contains Contains
    LESS_THAN
    LessThan LessThan
    GREATER_THAN
    GreaterThan GreaterThan
    LESS_THAN_OR_EQUAL
    LessThanOrEqual LessThanOrEqual
    GREATER_THAN_OR_EQUAL
    GreaterThanOrEqual GreaterThanOrEqual
    BEGINS_WITH
    BeginsWith BeginsWith
    ENDS_WITH
    EndsWith EndsWith
    REG_EX
    RegEx RegEx
    SERVICE_TAG_MATCH
    ServiceTagMatch ServiceTagMatch
    ASN_MATCH
    AsnMatch Autonomous System Number Match Operator
    CLIENT_FINGERPRINT
    ClientFingerprint Client Finger print Operator
    "Any"
    Any Any
    "IPMatch"
    IPMatch IPMatch
    "GeoMatch"
    GeoMatch GeoMatch
    "Equal"
    Equal Equal
    "Contains"
    Contains Contains
    "LessThan"
    LessThan LessThan
    "GreaterThan"
    GreaterThan GreaterThan
    "LessThanOrEqual"
    LessThanOrEqual LessThanOrEqual
    "GreaterThanOrEqual"
    GreaterThanOrEqual GreaterThanOrEqual
    "BeginsWith"
    BeginsWith BeginsWith
    "EndsWith"
    EndsWith EndsWith
    "RegEx"
    RegEx RegEx
    "ServiceTagMatch"
    ServiceTagMatch ServiceTagMatch
    "AsnMatch"
    AsnMatch Autonomous System Number Match Operator
    "ClientFingerprint"
    ClientFingerprint Client Finger print Operator

    PolicyEnabledState, PolicyEnabledStateArgs

    Disabled
    Disabled Disabled
    Enabled
    Enabled Enabled
    PolicyEnabledStateDisabled
    Disabled Disabled
    PolicyEnabledStateEnabled
    Enabled Enabled
    "Disabled"
    Disabled Disabled
    "Enabled"
    Enabled Enabled
    Disabled
    Disabled Disabled
    Enabled
    Enabled Enabled
    Disabled
    Disabled Disabled
    Enabled
    Enabled Enabled
    DISABLED
    Disabled Disabled
    ENABLED
    Enabled Enabled
    "Disabled"
    Disabled Disabled
    "Enabled"
    Enabled Enabled

    PolicyMode, PolicyModeArgs

    Prevention
    Prevention Prevention
    Detection
    Detection Detection
    PolicyModePrevention
    Prevention Prevention
    PolicyModeDetection
    Detection Detection
    "Prevention"
    Prevention Prevention
    "Detection"
    Detection Detection
    Prevention
    Prevention Prevention
    Detection
    Detection Detection
    Prevention
    Prevention Prevention
    Detection
    Detection Detection
    PREVENTION
    Prevention Prevention
    DETECTION
    Detection Detection
    "Prevention"
    Prevention Prevention
    "Detection"
    Detection Detection

    PolicyRequestBodyCheck, PolicyRequestBodyCheckArgs

    Disabled
    Disabled Disabled
    Enabled
    Enabled Enabled
    PolicyRequestBodyCheckDisabled
    Disabled Disabled
    PolicyRequestBodyCheckEnabled
    Enabled Enabled
    "Disabled"
    Disabled Disabled
    "Enabled"
    Enabled Enabled
    Disabled
    Disabled Disabled
    Enabled
    Enabled Enabled
    Disabled
    Disabled Disabled
    Enabled
    Enabled Enabled
    DISABLED
    Disabled Disabled
    ENABLED
    Enabled Enabled
    "Disabled"
    Disabled Disabled
    "Enabled"
    Enabled Enabled

    PolicySettings, PolicySettingsArgs

    Defines top-level WebApplicationFirewallPolicy configuration settings.
    CaptchaExpirationInMinutes int
    Defines the Captcha cookie validity lifetime in minutes. This setting is only applicable to Premium_AzureFrontDoor. Value must be an integer between 5 and 1440 with the default value being 30.
    CustomBlockResponseBody string
    If the action type is block, customer can override the response body. The body must be specified in base64 encoding.
    CustomBlockResponseStatusCode int
    If the action type is block, customer can override the response status code.
    EnabledState string | Pulumi.AzureNative.FrontDoor.PolicyEnabledState
    Describes if the policy is in enabled or disabled state. Defaults to Enabled if not specified.
    JavascriptChallengeExpirationInMinutes int
    Defines the JavaScript challenge cookie validity lifetime in minutes. This setting is only applicable to Premium_AzureFrontDoor. Value must be an integer between 5 and 1440 with the default value being 30.
    Mode string | Pulumi.AzureNative.FrontDoor.PolicyMode
    Describes if it is in detection mode or prevention mode at policy level.
    RedirectUrl string
    If action type is redirect, this field represents redirect URL for the client.
    RequestBodyCheck string | Pulumi.AzureNative.FrontDoor.PolicyRequestBodyCheck
    Describes if policy managed rules will inspect the request body content.
    ScrubbingRules List<Pulumi.AzureNative.FrontDoor.Inputs.WebApplicationFirewallScrubbingRules>
    List of log scrubbing rules applied to the Web Application Firewall logs.
    State string | Pulumi.AzureNative.FrontDoor.WebApplicationFirewallScrubbingState
    State of the log scrubbing config. Default value is Enabled.
    CaptchaExpirationInMinutes int
    Defines the Captcha cookie validity lifetime in minutes. This setting is only applicable to Premium_AzureFrontDoor. Value must be an integer between 5 and 1440 with the default value being 30.
    CustomBlockResponseBody string
    If the action type is block, customer can override the response body. The body must be specified in base64 encoding.
    CustomBlockResponseStatusCode int
    If the action type is block, customer can override the response status code.
    EnabledState string | PolicyEnabledState
    Describes if the policy is in enabled or disabled state. Defaults to Enabled if not specified.
    JavascriptChallengeExpirationInMinutes int
    Defines the JavaScript challenge cookie validity lifetime in minutes. This setting is only applicable to Premium_AzureFrontDoor. Value must be an integer between 5 and 1440 with the default value being 30.
    Mode string | PolicyMode
    Describes if it is in detection mode or prevention mode at policy level.
    RedirectUrl string
    If action type is redirect, this field represents redirect URL for the client.
    RequestBodyCheck string | PolicyRequestBodyCheck
    Describes if policy managed rules will inspect the request body content.
    ScrubbingRules []WebApplicationFirewallScrubbingRules
    List of log scrubbing rules applied to the Web Application Firewall logs.
    State string | WebApplicationFirewallScrubbingState
    State of the log scrubbing config. Default value is Enabled.
    captcha_expiration_in_minutes number
    Defines the Captcha cookie validity lifetime in minutes. This setting is only applicable to Premium_AzureFrontDoor. Value must be an integer between 5 and 1440 with the default value being 30.
    custom_block_response_body string
    If the action type is block, customer can override the response body. The body must be specified in base64 encoding.
    custom_block_response_status_code number
    If the action type is block, customer can override the response status code.
    enabled_state string | "Disabled" | "Enabled"
    Describes if the policy is in enabled or disabled state. Defaults to Enabled if not specified.
    javascript_challenge_expiration_in_minutes number
    Defines the JavaScript challenge cookie validity lifetime in minutes. This setting is only applicable to Premium_AzureFrontDoor. Value must be an integer between 5 and 1440 with the default value being 30.
    mode string | "Prevention" | "Detection"
    Describes if it is in detection mode or prevention mode at policy level.
    redirect_url string
    If action type is redirect, this field represents redirect URL for the client.
    request_body_check string | "Disabled" | "Enabled"
    Describes if policy managed rules will inspect the request body content.
    scrubbing_rules list(object)
    List of log scrubbing rules applied to the Web Application Firewall logs.
    state string | "Enabled" | "Disabled"
    State of the log scrubbing config. Default value is Enabled.
    captchaExpirationInMinutes Integer
    Defines the Captcha cookie validity lifetime in minutes. This setting is only applicable to Premium_AzureFrontDoor. Value must be an integer between 5 and 1440 with the default value being 30.
    customBlockResponseBody String
    If the action type is block, customer can override the response body. The body must be specified in base64 encoding.
    customBlockResponseStatusCode Integer
    If the action type is block, customer can override the response status code.
    enabledState String | PolicyEnabledState
    Describes if the policy is in enabled or disabled state. Defaults to Enabled if not specified.
    javascriptChallengeExpirationInMinutes Integer
    Defines the JavaScript challenge cookie validity lifetime in minutes. This setting is only applicable to Premium_AzureFrontDoor. Value must be an integer between 5 and 1440 with the default value being 30.
    mode String | PolicyMode
    Describes if it is in detection mode or prevention mode at policy level.
    redirectUrl String
    If action type is redirect, this field represents redirect URL for the client.
    requestBodyCheck String | PolicyRequestBodyCheck
    Describes if policy managed rules will inspect the request body content.
    scrubbingRules List<WebApplicationFirewallScrubbingRules>
    List of log scrubbing rules applied to the Web Application Firewall logs.
    state String | WebApplicationFirewallScrubbingState
    State of the log scrubbing config. Default value is Enabled.
    captchaExpirationInMinutes number
    Defines the Captcha cookie validity lifetime in minutes. This setting is only applicable to Premium_AzureFrontDoor. Value must be an integer between 5 and 1440 with the default value being 30.
    customBlockResponseBody string
    If the action type is block, customer can override the response body. The body must be specified in base64 encoding.
    customBlockResponseStatusCode number
    If the action type is block, customer can override the response status code.
    enabledState string | PolicyEnabledState
    Describes if the policy is in enabled or disabled state. Defaults to Enabled if not specified.
    javascriptChallengeExpirationInMinutes number
    Defines the JavaScript challenge cookie validity lifetime in minutes. This setting is only applicable to Premium_AzureFrontDoor. Value must be an integer between 5 and 1440 with the default value being 30.
    mode string | PolicyMode
    Describes if it is in detection mode or prevention mode at policy level.
    redirectUrl string
    If action type is redirect, this field represents redirect URL for the client.
    requestBodyCheck string | PolicyRequestBodyCheck
    Describes if policy managed rules will inspect the request body content.
    scrubbingRules WebApplicationFirewallScrubbingRules[]
    List of log scrubbing rules applied to the Web Application Firewall logs.
    state string | WebApplicationFirewallScrubbingState
    State of the log scrubbing config. Default value is Enabled.
    captcha_expiration_in_minutes int
    Defines the Captcha cookie validity lifetime in minutes. This setting is only applicable to Premium_AzureFrontDoor. Value must be an integer between 5 and 1440 with the default value being 30.
    custom_block_response_body str
    If the action type is block, customer can override the response body. The body must be specified in base64 encoding.
    custom_block_response_status_code int
    If the action type is block, customer can override the response status code.
    enabled_state str | PolicyEnabledState
    Describes if the policy is in enabled or disabled state. Defaults to Enabled if not specified.
    javascript_challenge_expiration_in_minutes int
    Defines the JavaScript challenge cookie validity lifetime in minutes. This setting is only applicable to Premium_AzureFrontDoor. Value must be an integer between 5 and 1440 with the default value being 30.
    mode str | PolicyMode
    Describes if it is in detection mode or prevention mode at policy level.
    redirect_url str
    If action type is redirect, this field represents redirect URL for the client.
    request_body_check str | PolicyRequestBodyCheck
    Describes if policy managed rules will inspect the request body content.
    scrubbing_rules Sequence[WebApplicationFirewallScrubbingRules]
    List of log scrubbing rules applied to the Web Application Firewall logs.
    state str | WebApplicationFirewallScrubbingState
    State of the log scrubbing config. Default value is Enabled.
    captchaExpirationInMinutes Number
    Defines the Captcha cookie validity lifetime in minutes. This setting is only applicable to Premium_AzureFrontDoor. Value must be an integer between 5 and 1440 with the default value being 30.
    customBlockResponseBody String
    If the action type is block, customer can override the response body. The body must be specified in base64 encoding.
    customBlockResponseStatusCode Number
    If the action type is block, customer can override the response status code.
    enabledState String | "Disabled" | "Enabled"
    Describes if the policy is in enabled or disabled state. Defaults to Enabled if not specified.
    javascriptChallengeExpirationInMinutes Number
    Defines the JavaScript challenge cookie validity lifetime in minutes. This setting is only applicable to Premium_AzureFrontDoor. Value must be an integer between 5 and 1440 with the default value being 30.
    mode String | "Prevention" | "Detection"
    Describes if it is in detection mode or prevention mode at policy level.
    redirectUrl String
    If action type is redirect, this field represents redirect URL for the client.
    requestBodyCheck String | "Disabled" | "Enabled"
    Describes if policy managed rules will inspect the request body content.
    scrubbingRules List<Property Map>
    List of log scrubbing rules applied to the Web Application Firewall logs.
    state String | "Enabled" | "Disabled"
    State of the log scrubbing config. Default value is Enabled.

    PolicySettingsResponse, PolicySettingsResponseArgs

    Defines top-level WebApplicationFirewallPolicy configuration settings.
    CaptchaExpirationInMinutes int
    Defines the Captcha cookie validity lifetime in minutes. This setting is only applicable to Premium_AzureFrontDoor. Value must be an integer between 5 and 1440 with the default value being 30.
    CustomBlockResponseBody string
    If the action type is block, customer can override the response body. The body must be specified in base64 encoding.
    CustomBlockResponseStatusCode int
    If the action type is block, customer can override the response status code.
    EnabledState string
    Describes if the policy is in enabled or disabled state. Defaults to Enabled if not specified.
    JavascriptChallengeExpirationInMinutes int
    Defines the JavaScript challenge cookie validity lifetime in minutes. This setting is only applicable to Premium_AzureFrontDoor. Value must be an integer between 5 and 1440 with the default value being 30.
    Mode string
    Describes if it is in detection mode or prevention mode at policy level.
    RedirectUrl string
    If action type is redirect, this field represents redirect URL for the client.
    RequestBodyCheck string
    Describes if policy managed rules will inspect the request body content.
    ScrubbingRules List<Pulumi.AzureNative.FrontDoor.Inputs.WebApplicationFirewallScrubbingRulesResponse>
    List of log scrubbing rules applied to the Web Application Firewall logs.
    State string
    State of the log scrubbing config. Default value is Enabled.
    CaptchaExpirationInMinutes int
    Defines the Captcha cookie validity lifetime in minutes. This setting is only applicable to Premium_AzureFrontDoor. Value must be an integer between 5 and 1440 with the default value being 30.
    CustomBlockResponseBody string
    If the action type is block, customer can override the response body. The body must be specified in base64 encoding.
    CustomBlockResponseStatusCode int
    If the action type is block, customer can override the response status code.
    EnabledState string
    Describes if the policy is in enabled or disabled state. Defaults to Enabled if not specified.
    JavascriptChallengeExpirationInMinutes int
    Defines the JavaScript challenge cookie validity lifetime in minutes. This setting is only applicable to Premium_AzureFrontDoor. Value must be an integer between 5 and 1440 with the default value being 30.
    Mode string
    Describes if it is in detection mode or prevention mode at policy level.
    RedirectUrl string
    If action type is redirect, this field represents redirect URL for the client.
    RequestBodyCheck string
    Describes if policy managed rules will inspect the request body content.
    ScrubbingRules []WebApplicationFirewallScrubbingRulesResponse
    List of log scrubbing rules applied to the Web Application Firewall logs.
    State string
    State of the log scrubbing config. Default value is Enabled.
    captcha_expiration_in_minutes number
    Defines the Captcha cookie validity lifetime in minutes. This setting is only applicable to Premium_AzureFrontDoor. Value must be an integer between 5 and 1440 with the default value being 30.
    custom_block_response_body string
    If the action type is block, customer can override the response body. The body must be specified in base64 encoding.
    custom_block_response_status_code number
    If the action type is block, customer can override the response status code.
    enabled_state string
    Describes if the policy is in enabled or disabled state. Defaults to Enabled if not specified.
    javascript_challenge_expiration_in_minutes number
    Defines the JavaScript challenge cookie validity lifetime in minutes. This setting is only applicable to Premium_AzureFrontDoor. Value must be an integer between 5 and 1440 with the default value being 30.
    mode string
    Describes if it is in detection mode or prevention mode at policy level.
    redirect_url string
    If action type is redirect, this field represents redirect URL for the client.
    request_body_check string
    Describes if policy managed rules will inspect the request body content.
    scrubbing_rules list(object)
    List of log scrubbing rules applied to the Web Application Firewall logs.
    state string
    State of the log scrubbing config. Default value is Enabled.
    captchaExpirationInMinutes Integer
    Defines the Captcha cookie validity lifetime in minutes. This setting is only applicable to Premium_AzureFrontDoor. Value must be an integer between 5 and 1440 with the default value being 30.
    customBlockResponseBody String
    If the action type is block, customer can override the response body. The body must be specified in base64 encoding.
    customBlockResponseStatusCode Integer
    If the action type is block, customer can override the response status code.
    enabledState String
    Describes if the policy is in enabled or disabled state. Defaults to Enabled if not specified.
    javascriptChallengeExpirationInMinutes Integer
    Defines the JavaScript challenge cookie validity lifetime in minutes. This setting is only applicable to Premium_AzureFrontDoor. Value must be an integer between 5 and 1440 with the default value being 30.
    mode String
    Describes if it is in detection mode or prevention mode at policy level.
    redirectUrl String
    If action type is redirect, this field represents redirect URL for the client.
    requestBodyCheck String
    Describes if policy managed rules will inspect the request body content.
    scrubbingRules List<WebApplicationFirewallScrubbingRulesResponse>
    List of log scrubbing rules applied to the Web Application Firewall logs.
    state String
    State of the log scrubbing config. Default value is Enabled.
    captchaExpirationInMinutes number
    Defines the Captcha cookie validity lifetime in minutes. This setting is only applicable to Premium_AzureFrontDoor. Value must be an integer between 5 and 1440 with the default value being 30.
    customBlockResponseBody string
    If the action type is block, customer can override the response body. The body must be specified in base64 encoding.
    customBlockResponseStatusCode number
    If the action type is block, customer can override the response status code.
    enabledState string
    Describes if the policy is in enabled or disabled state. Defaults to Enabled if not specified.
    javascriptChallengeExpirationInMinutes number
    Defines the JavaScript challenge cookie validity lifetime in minutes. This setting is only applicable to Premium_AzureFrontDoor. Value must be an integer between 5 and 1440 with the default value being 30.
    mode string
    Describes if it is in detection mode or prevention mode at policy level.
    redirectUrl string
    If action type is redirect, this field represents redirect URL for the client.
    requestBodyCheck string
    Describes if policy managed rules will inspect the request body content.
    scrubbingRules WebApplicationFirewallScrubbingRulesResponse[]
    List of log scrubbing rules applied to the Web Application Firewall logs.
    state string
    State of the log scrubbing config. Default value is Enabled.
    captcha_expiration_in_minutes int
    Defines the Captcha cookie validity lifetime in minutes. This setting is only applicable to Premium_AzureFrontDoor. Value must be an integer between 5 and 1440 with the default value being 30.
    custom_block_response_body str
    If the action type is block, customer can override the response body. The body must be specified in base64 encoding.
    custom_block_response_status_code int
    If the action type is block, customer can override the response status code.
    enabled_state str
    Describes if the policy is in enabled or disabled state. Defaults to Enabled if not specified.
    javascript_challenge_expiration_in_minutes int
    Defines the JavaScript challenge cookie validity lifetime in minutes. This setting is only applicable to Premium_AzureFrontDoor. Value must be an integer between 5 and 1440 with the default value being 30.
    mode str
    Describes if it is in detection mode or prevention mode at policy level.
    redirect_url str
    If action type is redirect, this field represents redirect URL for the client.
    request_body_check str
    Describes if policy managed rules will inspect the request body content.
    scrubbing_rules Sequence[WebApplicationFirewallScrubbingRulesResponse]
    List of log scrubbing rules applied to the Web Application Firewall logs.
    state str
    State of the log scrubbing config. Default value is Enabled.
    captchaExpirationInMinutes Number
    Defines the Captcha cookie validity lifetime in minutes. This setting is only applicable to Premium_AzureFrontDoor. Value must be an integer between 5 and 1440 with the default value being 30.
    customBlockResponseBody String
    If the action type is block, customer can override the response body. The body must be specified in base64 encoding.
    customBlockResponseStatusCode Number
    If the action type is block, customer can override the response status code.
    enabledState String
    Describes if the policy is in enabled or disabled state. Defaults to Enabled if not specified.
    javascriptChallengeExpirationInMinutes Number
    Defines the JavaScript challenge cookie validity lifetime in minutes. This setting is only applicable to Premium_AzureFrontDoor. Value must be an integer between 5 and 1440 with the default value being 30.
    mode String
    Describes if it is in detection mode or prevention mode at policy level.
    redirectUrl String
    If action type is redirect, this field represents redirect URL for the client.
    requestBodyCheck String
    Describes if policy managed rules will inspect the request body content.
    scrubbingRules List<Property Map>
    List of log scrubbing rules applied to the Web Application Firewall logs.
    state String
    State of the log scrubbing config. Default value is Enabled.

    RoutingRuleLinkResponse, RoutingRuleLinkResponseArgs

    Defines the Resource ID for a Routing Rule.
    Id string
    Resource ID.
    Id string
    Resource ID.
    id string
    Resource ID.
    id String
    Resource ID.
    id string
    Resource ID.
    id str
    Resource ID.
    id String
    Resource ID.

    RuleGroupScope, RuleGroupScopeArgs

    Defines the scope of the rule group.
    RuleGroupName string
    Defines the rule group name.
    RuleScopes List<Pulumi.AzureNative.FrontDoor.Inputs.RuleScope>
    List of rule scopes.
    RuleGroupName string
    Defines the rule group name.
    RuleScopes []RuleScope
    List of rule scopes.
    rule_group_name string
    Defines the rule group name.
    rule_scopes list(object)
    List of rule scopes.
    ruleGroupName String
    Defines the rule group name.
    ruleScopes List<RuleScope>
    List of rule scopes.
    ruleGroupName string
    Defines the rule group name.
    ruleScopes RuleScope[]
    List of rule scopes.
    rule_group_name str
    Defines the rule group name.
    rule_scopes Sequence[RuleScope]
    List of rule scopes.
    ruleGroupName String
    Defines the rule group name.
    ruleScopes List<Property Map>
    List of rule scopes.

    RuleGroupScopeResponse, RuleGroupScopeResponseArgs

    Defines the scope of the rule group.
    RuleGroupName string
    Defines the rule group name.
    RuleScopes List<Pulumi.AzureNative.FrontDoor.Inputs.RuleScopeResponse>
    List of rule scopes.
    RuleGroupName string
    Defines the rule group name.
    RuleScopes []RuleScopeResponse
    List of rule scopes.
    rule_group_name string
    Defines the rule group name.
    rule_scopes list(object)
    List of rule scopes.
    ruleGroupName String
    Defines the rule group name.
    ruleScopes List<RuleScopeResponse>
    List of rule scopes.
    ruleGroupName string
    Defines the rule group name.
    ruleScopes RuleScopeResponse[]
    List of rule scopes.
    rule_group_name str
    Defines the rule group name.
    rule_scopes Sequence[RuleScopeResponse]
    List of rule scopes.
    ruleGroupName String
    Defines the rule group name.
    ruleScopes List<Property Map>
    List of rule scopes.

    RuleScope, RuleScopeArgs

    Defines the scope of the rule.
    RuleId string
    Defines the rule id.
    RuleId string
    Defines the rule id.
    rule_id string
    Defines the rule id.
    ruleId String
    Defines the rule id.
    ruleId string
    Defines the rule id.
    rule_id str
    Defines the rule id.
    ruleId String
    Defines the rule id.

    RuleScopeResponse, RuleScopeResponseArgs

    Defines the scope of the rule.
    RuleId string
    Defines the rule id.
    RuleId string
    Defines the rule id.
    rule_id string
    Defines the rule id.
    ruleId String
    Defines the rule id.
    ruleId string
    Defines the rule id.
    rule_id str
    Defines the rule id.
    ruleId String
    Defines the rule id.

    RuleType, RuleTypeArgs

    MatchRule
    MatchRule MatchRule
    RateLimitRule
    RateLimitRule RateLimitRule
    RuleTypeMatchRule
    MatchRule MatchRule
    RuleTypeRateLimitRule
    RateLimitRule RateLimitRule
    "MatchRule"
    MatchRule MatchRule
    "RateLimitRule"
    RateLimitRule RateLimitRule
    MatchRule
    MatchRule MatchRule
    RateLimitRule
    RateLimitRule RateLimitRule
    MatchRule
    MatchRule MatchRule
    RateLimitRule
    RateLimitRule RateLimitRule
    MATCH_RULE
    MatchRule MatchRule
    RATE_LIMIT_RULE
    RateLimitRule RateLimitRule
    "MatchRule"
    MatchRule MatchRule
    "RateLimitRule"
    RateLimitRule RateLimitRule

    ScrubbingRuleEntryMatchOperator, ScrubbingRuleEntryMatchOperatorArgs

    EqualsAny
    EqualsAny EqualsAny
    EqualsValue
    Equals Equals
    ScrubbingRuleEntryMatchOperatorEqualsAny
    EqualsAny EqualsAny
    ScrubbingRuleEntryMatchOperatorEquals
    Equals Equals
    "EqualsAny"
    EqualsAny EqualsAny
    "Equals"
    Equals Equals
    EqualsAny
    EqualsAny EqualsAny
    Equals
    Equals Equals
    EqualsAny
    EqualsAny EqualsAny
    Equals
    Equals Equals
    EQUALS_ANY
    EqualsAny EqualsAny
    EQUALS
    Equals Equals
    "EqualsAny"
    EqualsAny EqualsAny
    "Equals"
    Equals Equals

    ScrubbingRuleEntryMatchVariable, ScrubbingRuleEntryMatchVariableArgs

    RequestIPAddress
    RequestIPAddress RequestIPAddress
    RequestUri
    RequestUri RequestUri
    QueryStringArgNames
    QueryStringArgNames QueryStringArgNames
    RequestHeaderNames
    RequestHeaderNames RequestHeaderNames
    RequestCookieNames
    RequestCookieNames RequestCookieNames
    RequestBodyPostArgNames
    RequestBodyPostArgNames RequestBodyPostArgNames
    RequestBodyJsonArgNames
    RequestBodyJsonArgNames RequestBodyJsonArgNames
    ScrubbingRuleEntryMatchVariableRequestIPAddress
    RequestIPAddress RequestIPAddress
    ScrubbingRuleEntryMatchVariableRequestUri
    RequestUri RequestUri
    ScrubbingRuleEntryMatchVariableQueryStringArgNames
    QueryStringArgNames QueryStringArgNames
    ScrubbingRuleEntryMatchVariableRequestHeaderNames
    RequestHeaderNames RequestHeaderNames
    ScrubbingRuleEntryMatchVariableRequestCookieNames
    RequestCookieNames RequestCookieNames
    ScrubbingRuleEntryMatchVariableRequestBodyPostArgNames
    RequestBodyPostArgNames RequestBodyPostArgNames
    ScrubbingRuleEntryMatchVariableRequestBodyJsonArgNames
    RequestBodyJsonArgNames RequestBodyJsonArgNames
    "RequestIPAddress"
    RequestIPAddress RequestIPAddress
    "RequestUri"
    RequestUri RequestUri
    "QueryStringArgNames"
    QueryStringArgNames QueryStringArgNames
    "RequestHeaderNames"
    RequestHeaderNames RequestHeaderNames
    "RequestCookieNames"
    RequestCookieNames RequestCookieNames
    "RequestBodyPostArgNames"
    RequestBodyPostArgNames RequestBodyPostArgNames
    "RequestBodyJsonArgNames"
    RequestBodyJsonArgNames RequestBodyJsonArgNames
    RequestIPAddress
    RequestIPAddress RequestIPAddress
    RequestUri
    RequestUri RequestUri
    QueryStringArgNames
    QueryStringArgNames QueryStringArgNames
    RequestHeaderNames
    RequestHeaderNames RequestHeaderNames
    RequestCookieNames
    RequestCookieNames RequestCookieNames
    RequestBodyPostArgNames
    RequestBodyPostArgNames RequestBodyPostArgNames
    RequestBodyJsonArgNames
    RequestBodyJsonArgNames RequestBodyJsonArgNames
    RequestIPAddress
    RequestIPAddress RequestIPAddress
    RequestUri
    RequestUri RequestUri
    QueryStringArgNames
    QueryStringArgNames QueryStringArgNames
    RequestHeaderNames
    RequestHeaderNames RequestHeaderNames
    RequestCookieNames
    RequestCookieNames RequestCookieNames
    RequestBodyPostArgNames
    RequestBodyPostArgNames RequestBodyPostArgNames
    RequestBodyJsonArgNames
    RequestBodyJsonArgNames RequestBodyJsonArgNames
    REQUEST_IP_ADDRESS
    RequestIPAddress RequestIPAddress
    REQUEST_URI
    RequestUri RequestUri
    QUERY_STRING_ARG_NAMES
    QueryStringArgNames QueryStringArgNames
    REQUEST_HEADER_NAMES
    RequestHeaderNames RequestHeaderNames
    REQUEST_COOKIE_NAMES
    RequestCookieNames RequestCookieNames
    REQUEST_BODY_POST_ARG_NAMES
    RequestBodyPostArgNames RequestBodyPostArgNames
    REQUEST_BODY_JSON_ARG_NAMES
    RequestBodyJsonArgNames RequestBodyJsonArgNames
    "RequestIPAddress"
    RequestIPAddress RequestIPAddress
    "RequestUri"
    RequestUri RequestUri
    "QueryStringArgNames"
    QueryStringArgNames QueryStringArgNames
    "RequestHeaderNames"
    RequestHeaderNames RequestHeaderNames
    "RequestCookieNames"
    RequestCookieNames RequestCookieNames
    "RequestBodyPostArgNames"
    RequestBodyPostArgNames RequestBodyPostArgNames
    "RequestBodyJsonArgNames"
    RequestBodyJsonArgNames RequestBodyJsonArgNames

    ScrubbingRuleEntryState, ScrubbingRuleEntryStateArgs

    Enabled
    Enabled Enabled
    Disabled
    Disabled Disabled
    ScrubbingRuleEntryStateEnabled
    Enabled Enabled
    ScrubbingRuleEntryStateDisabled
    Disabled Disabled
    "Enabled"
    Enabled Enabled
    "Disabled"
    Disabled Disabled
    Enabled
    Enabled Enabled
    Disabled
    Disabled Disabled
    Enabled
    Enabled Enabled
    Disabled
    Disabled Disabled
    ENABLED
    Enabled Enabled
    DISABLED
    Disabled Disabled
    "Enabled"
    Enabled Enabled
    "Disabled"
    Disabled Disabled

    SecurityPolicyLinkResponse, SecurityPolicyLinkResponseArgs

    Defines the Resource ID for a Security Policy.
    Id string
    Resource ID.
    Id string
    Resource ID.
    id string
    Resource ID.
    id String
    Resource ID.
    id string
    Resource ID.
    id str
    Resource ID.
    id String
    Resource ID.

    SensitivityType, SensitivityTypeArgs

    Low
    Low Low Sensitivity - triggers the rule by larger spikes in traffic
    Medium
    Medium Medium Sensitivity - triggers the rule by moderate spikes in traffic
    High
    High High Sensitivity - triggers the rule by smaller spikes in traffic
    SensitivityTypeLow
    Low Low Sensitivity - triggers the rule by larger spikes in traffic
    SensitivityTypeMedium
    Medium Medium Sensitivity - triggers the rule by moderate spikes in traffic
    SensitivityTypeHigh
    High High Sensitivity - triggers the rule by smaller spikes in traffic
    "Low"
    Low Low Sensitivity - triggers the rule by larger spikes in traffic
    "Medium"
    Medium Medium Sensitivity - triggers the rule by moderate spikes in traffic
    "High"
    High High Sensitivity - triggers the rule by smaller spikes in traffic
    Low
    Low Low Sensitivity - triggers the rule by larger spikes in traffic
    Medium
    Medium Medium Sensitivity - triggers the rule by moderate spikes in traffic
    High
    High High Sensitivity - triggers the rule by smaller spikes in traffic
    Low
    Low Low Sensitivity - triggers the rule by larger spikes in traffic
    Medium
    Medium Medium Sensitivity - triggers the rule by moderate spikes in traffic
    High
    High High Sensitivity - triggers the rule by smaller spikes in traffic
    LOW
    Low Low Sensitivity - triggers the rule by larger spikes in traffic
    MEDIUM
    Medium Medium Sensitivity - triggers the rule by moderate spikes in traffic
    HIGH
    High High Sensitivity - triggers the rule by smaller spikes in traffic
    "Low"
    Low Low Sensitivity - triggers the rule by larger spikes in traffic
    "Medium"
    Medium Medium Sensitivity - triggers the rule by moderate spikes in traffic
    "High"
    High High Sensitivity - triggers the rule by smaller spikes in traffic

    Sku, SkuArgs

    The pricing tier of the web application firewall policy.
    Name string | Pulumi.AzureNative.FrontDoor.SkuName
    Name of the pricing tier.
    Name string | SkuName
    Name of the pricing tier.
    name String | SkuName
    Name of the pricing tier.
    name string | SkuName
    Name of the pricing tier.
    name str | SkuName
    Name of the pricing tier.

    SkuName, SkuNameArgs

    Classic_AzureFrontDoor
    Classic_AzureFrontDoor Classic_AzureFrontDoor
    Standard_AzureFrontDoor
    Standard_AzureFrontDoor Standard_AzureFrontDoor
    Premium_AzureFrontDoor
    Premium_AzureFrontDoor Premium_AzureFrontDoor
    SkuName_Classic_AzureFrontDoor
    Classic_AzureFrontDoor Classic_AzureFrontDoor
    SkuName_Standard_AzureFrontDoor
    Standard_AzureFrontDoor Standard_AzureFrontDoor
    SkuName_Premium_AzureFrontDoor
    Premium_AzureFrontDoor Premium_AzureFrontDoor
    "Classic_AzureFrontDoor"
    Classic_AzureFrontDoor Classic_AzureFrontDoor
    "Standard_AzureFrontDoor"
    Standard_AzureFrontDoor Standard_AzureFrontDoor
    "Premium_AzureFrontDoor"
    Premium_AzureFrontDoor Premium_AzureFrontDoor
    Classic_AzureFrontDoor
    Classic_AzureFrontDoor Classic_AzureFrontDoor
    Standard_AzureFrontDoor
    Standard_AzureFrontDoor Standard_AzureFrontDoor
    Premium_AzureFrontDoor
    Premium_AzureFrontDoor Premium_AzureFrontDoor
    Classic_AzureFrontDoor
    Classic_AzureFrontDoor Classic_AzureFrontDoor
    Standard_AzureFrontDoor
    Standard_AzureFrontDoor Standard_AzureFrontDoor
    Premium_AzureFrontDoor
    Premium_AzureFrontDoor Premium_AzureFrontDoor
    CLASSIC_AZURE_FRONT_DOOR
    Classic_AzureFrontDoor Classic_AzureFrontDoor
    STANDARD_AZURE_FRONT_DOOR
    Standard_AzureFrontDoor Standard_AzureFrontDoor
    PREMIUM_AZURE_FRONT_DOOR
    Premium_AzureFrontDoor Premium_AzureFrontDoor
    "Classic_AzureFrontDoor"
    Classic_AzureFrontDoor Classic_AzureFrontDoor
    "Standard_AzureFrontDoor"
    Standard_AzureFrontDoor Standard_AzureFrontDoor
    "Premium_AzureFrontDoor"
    Premium_AzureFrontDoor Premium_AzureFrontDoor

    SkuResponse, SkuResponseArgs

    The pricing tier of the web application firewall policy.
    Name string
    Name of the pricing tier.
    Name string
    Name of the pricing tier.
    name string
    Name of the pricing tier.
    name String
    Name of the pricing tier.
    name string
    Name of the pricing tier.
    name str
    Name of the pricing tier.
    name String
    Name of the pricing tier.

    TransformType, TransformTypeArgs

    Lowercase
    Lowercase Lowercase
    Uppercase
    Uppercase Uppercase
    Trim
    Trim Trim
    UrlDecode
    UrlDecode UrlDecode
    UrlEncode
    UrlEncode UrlEncode
    RemoveNulls
    RemoveNulls RemoveNulls
    TransformTypeLowercase
    Lowercase Lowercase
    TransformTypeUppercase
    Uppercase Uppercase
    TransformTypeTrim
    Trim Trim
    TransformTypeUrlDecode
    UrlDecode UrlDecode
    TransformTypeUrlEncode
    UrlEncode UrlEncode
    TransformTypeRemoveNulls
    RemoveNulls RemoveNulls
    "Lowercase"
    Lowercase Lowercase
    "Uppercase"
    Uppercase Uppercase
    "Trim"
    Trim Trim
    "UrlDecode"
    UrlDecode UrlDecode
    "UrlEncode"
    UrlEncode UrlEncode
    "RemoveNulls"
    RemoveNulls RemoveNulls
    Lowercase
    Lowercase Lowercase
    Uppercase
    Uppercase Uppercase
    Trim
    Trim Trim
    UrlDecode
    UrlDecode UrlDecode
    UrlEncode
    UrlEncode UrlEncode
    RemoveNulls
    RemoveNulls RemoveNulls
    Lowercase
    Lowercase Lowercase
    Uppercase
    Uppercase Uppercase
    Trim
    Trim Trim
    UrlDecode
    UrlDecode UrlDecode
    UrlEncode
    UrlEncode UrlEncode
    RemoveNulls
    RemoveNulls RemoveNulls
    LOWERCASE
    Lowercase Lowercase
    UPPERCASE
    Uppercase Uppercase
    TRIM
    Trim Trim
    URL_DECODE
    UrlDecode UrlDecode
    URL_ENCODE
    UrlEncode UrlEncode
    REMOVE_NULLS
    RemoveNulls RemoveNulls
    "Lowercase"
    Lowercase Lowercase
    "Uppercase"
    Uppercase Uppercase
    "Trim"
    Trim Trim
    "UrlDecode"
    UrlDecode UrlDecode
    "UrlEncode"
    UrlEncode UrlEncode
    "RemoveNulls"
    RemoveNulls RemoveNulls

    VariableName, VariableNameArgs

    SocketAddr
    SocketAddr SocketAddr
    GeoLocation
    GeoLocation GeoLocation
    None
    None None
    VariableNameSocketAddr
    SocketAddr SocketAddr
    VariableNameGeoLocation
    GeoLocation GeoLocation
    VariableNameNone
    None None
    "SocketAddr"
    SocketAddr SocketAddr
    "GeoLocation"
    GeoLocation GeoLocation
    "None"
    None None
    SocketAddr
    SocketAddr SocketAddr
    GeoLocation
    GeoLocation GeoLocation
    None
    None None
    SocketAddr
    SocketAddr SocketAddr
    GeoLocation
    GeoLocation GeoLocation
    None
    None None
    SOCKET_ADDR
    SocketAddr SocketAddr
    GEO_LOCATION
    GeoLocation GeoLocation
    NONE
    None None
    "SocketAddr"
    SocketAddr SocketAddr
    "GeoLocation"
    GeoLocation GeoLocation
    "None"
    None None

    WebApplicationFirewallScrubbingRules, WebApplicationFirewallScrubbingRulesArgs

    Defines the contents of the log scrubbing rules.
    MatchVariable string | Pulumi.AzureNative.FrontDoor.ScrubbingRuleEntryMatchVariable
    The variable to be scrubbed from the logs.
    SelectorMatchOperator string | Pulumi.AzureNative.FrontDoor.ScrubbingRuleEntryMatchOperator
    When matchVariable is a collection, operate on the selector to specify which elements in the collection this rule applies to.
    Selector string
    When matchVariable is a collection, operator used to specify which elements in the collection this rule applies to.
    State string | Pulumi.AzureNative.FrontDoor.ScrubbingRuleEntryState
    Defines the state of a log scrubbing rule. Default value is enabled.
    MatchVariable string | ScrubbingRuleEntryMatchVariable
    The variable to be scrubbed from the logs.
    SelectorMatchOperator string | ScrubbingRuleEntryMatchOperator
    When matchVariable is a collection, operate on the selector to specify which elements in the collection this rule applies to.
    Selector string
    When matchVariable is a collection, operator used to specify which elements in the collection this rule applies to.
    State string | ScrubbingRuleEntryState
    Defines the state of a log scrubbing rule. Default value is enabled.
    match_variable string | "RequestIPAddress" | "RequestUri" | "QueryStringArgNames" | "RequestHeaderNames" | "RequestCookieNames" | "RequestBodyPostArgNames" | "RequestBodyJsonArgNames"
    The variable to be scrubbed from the logs.
    selector_match_operator string | "EqualsAny" | "Equals"
    When matchVariable is a collection, operate on the selector to specify which elements in the collection this rule applies to.
    selector string
    When matchVariable is a collection, operator used to specify which elements in the collection this rule applies to.
    state string | "Enabled" | "Disabled"
    Defines the state of a log scrubbing rule. Default value is enabled.
    matchVariable String | ScrubbingRuleEntryMatchVariable
    The variable to be scrubbed from the logs.
    selectorMatchOperator String | ScrubbingRuleEntryMatchOperator
    When matchVariable is a collection, operate on the selector to specify which elements in the collection this rule applies to.
    selector String
    When matchVariable is a collection, operator used to specify which elements in the collection this rule applies to.
    state String | ScrubbingRuleEntryState
    Defines the state of a log scrubbing rule. Default value is enabled.
    matchVariable string | ScrubbingRuleEntryMatchVariable
    The variable to be scrubbed from the logs.
    selectorMatchOperator string | ScrubbingRuleEntryMatchOperator
    When matchVariable is a collection, operate on the selector to specify which elements in the collection this rule applies to.
    selector string
    When matchVariable is a collection, operator used to specify which elements in the collection this rule applies to.
    state string | ScrubbingRuleEntryState
    Defines the state of a log scrubbing rule. Default value is enabled.
    match_variable str | ScrubbingRuleEntryMatchVariable
    The variable to be scrubbed from the logs.
    selector_match_operator str | ScrubbingRuleEntryMatchOperator
    When matchVariable is a collection, operate on the selector to specify which elements in the collection this rule applies to.
    selector str
    When matchVariable is a collection, operator used to specify which elements in the collection this rule applies to.
    state str | ScrubbingRuleEntryState
    Defines the state of a log scrubbing rule. Default value is enabled.
    matchVariable String | "RequestIPAddress" | "RequestUri" | "QueryStringArgNames" | "RequestHeaderNames" | "RequestCookieNames" | "RequestBodyPostArgNames" | "RequestBodyJsonArgNames"
    The variable to be scrubbed from the logs.
    selectorMatchOperator String | "EqualsAny" | "Equals"
    When matchVariable is a collection, operate on the selector to specify which elements in the collection this rule applies to.
    selector String
    When matchVariable is a collection, operator used to specify which elements in the collection this rule applies to.
    state String | "Enabled" | "Disabled"
    Defines the state of a log scrubbing rule. Default value is enabled.

    WebApplicationFirewallScrubbingRulesResponse, WebApplicationFirewallScrubbingRulesResponseArgs

    Defines the contents of the log scrubbing rules.
    MatchVariable string
    The variable to be scrubbed from the logs.
    SelectorMatchOperator string
    When matchVariable is a collection, operate on the selector to specify which elements in the collection this rule applies to.
    Selector string
    When matchVariable is a collection, operator used to specify which elements in the collection this rule applies to.
    State string
    Defines the state of a log scrubbing rule. Default value is enabled.
    MatchVariable string
    The variable to be scrubbed from the logs.
    SelectorMatchOperator string
    When matchVariable is a collection, operate on the selector to specify which elements in the collection this rule applies to.
    Selector string
    When matchVariable is a collection, operator used to specify which elements in the collection this rule applies to.
    State string
    Defines the state of a log scrubbing rule. Default value is enabled.
    match_variable string
    The variable to be scrubbed from the logs.
    selector_match_operator string
    When matchVariable is a collection, operate on the selector to specify which elements in the collection this rule applies to.
    selector string
    When matchVariable is a collection, operator used to specify which elements in the collection this rule applies to.
    state string
    Defines the state of a log scrubbing rule. Default value is enabled.
    matchVariable String
    The variable to be scrubbed from the logs.
    selectorMatchOperator String
    When matchVariable is a collection, operate on the selector to specify which elements in the collection this rule applies to.
    selector String
    When matchVariable is a collection, operator used to specify which elements in the collection this rule applies to.
    state String
    Defines the state of a log scrubbing rule. Default value is enabled.
    matchVariable string
    The variable to be scrubbed from the logs.
    selectorMatchOperator string
    When matchVariable is a collection, operate on the selector to specify which elements in the collection this rule applies to.
    selector string
    When matchVariable is a collection, operator used to specify which elements in the collection this rule applies to.
    state string
    Defines the state of a log scrubbing rule. Default value is enabled.
    match_variable str
    The variable to be scrubbed from the logs.
    selector_match_operator str
    When matchVariable is a collection, operate on the selector to specify which elements in the collection this rule applies to.
    selector str
    When matchVariable is a collection, operator used to specify which elements in the collection this rule applies to.
    state str
    Defines the state of a log scrubbing rule. Default value is enabled.
    matchVariable String
    The variable to be scrubbed from the logs.
    selectorMatchOperator String
    When matchVariable is a collection, operate on the selector to specify which elements in the collection this rule applies to.
    selector String
    When matchVariable is a collection, operator used to specify which elements in the collection this rule applies to.
    state String
    Defines the state of a log scrubbing rule. Default value is enabled.

    WebApplicationFirewallScrubbingState, WebApplicationFirewallScrubbingStateArgs

    Enabled
    Enabled Enabled
    Disabled
    Disabled Disabled
    WebApplicationFirewallScrubbingStateEnabled
    Enabled Enabled
    WebApplicationFirewallScrubbingStateDisabled
    Disabled Disabled
    "Enabled"
    Enabled Enabled
    "Disabled"
    Disabled Disabled
    Enabled
    Enabled Enabled
    Disabled
    Disabled Disabled
    Enabled
    Enabled Enabled
    Disabled
    Disabled Disabled
    ENABLED
    Enabled Enabled
    DISABLED
    Disabled Disabled
    "Enabled"
    Enabled Enabled
    "Disabled"
    Disabled Disabled

    Import

    An existing resource can be imported using its type token, name, and identifier, e.g.

    $ pulumi import azure-native:frontdoor:Policy Policy1 /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/FrontDoorWebApplicationFirewallPolicies/{policyName} 
    

    To learn more about importing existing cloud resources, see Importing resources.

    Package Details

    Repository
    Azure Native pulumi/pulumi-azure-native
    License
    Apache-2.0
    azure-native logo
    This is the latest version of Azure Native. Use the Azure Native v2 docs if using the v2 version of this package.
    Viewing docs for Azure Native v3.20.0
    published on Thursday, Jul 9, 2026 by Pulumi

      Try Pulumi Cloud free.
      Your team will thank you.

      Start free trial