published on Thursday, Jul 9, 2026 by Pulumi
published on Thursday, Jul 9, 2026 by Pulumi
Defines web application firewall policy.
Uses Azure REST API version 2025-11-01.
Other available API versions: 2018-08-01, 2019-03-01, 2019-10-01, 2020-04-01, 2020-11-01, 2021-06-01, 2022-05-01, 2024-02-01, 2025-03-01, 2025-10-01. These can be accessed by generating a local SDK package using the CLI command pulumi package add azure-native frontdoor [ApiVersion]. See the version guide for details.
Example Usage
Creates specific policy
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using AzureNative = Pulumi.AzureNative;
return await Deployment.RunAsync(() =>
{
var policy = new AzureNative.FrontDoor.Policy("policy", new()
{
CustomRules = new AzureNative.FrontDoor.Inputs.CustomRuleListArgs
{
Rules = new[]
{
new AzureNative.FrontDoor.Inputs.CustomRuleArgs
{
Action = AzureNative.FrontDoor.ActionType.Block,
MatchConditions = new[]
{
new AzureNative.FrontDoor.Inputs.MatchConditionArgs
{
MatchValue = new[]
{
"192.168.1.0/24",
"10.0.0.0/24",
},
MatchVariable = AzureNative.FrontDoor.MatchVariable.RemoteAddr,
Operator = AzureNative.FrontDoor.Operator.IPMatch,
},
},
Name = "Rule1",
Priority = 1,
RateLimitThreshold = 1000,
RuleType = AzureNative.FrontDoor.RuleType.RateLimitRule,
},
new AzureNative.FrontDoor.Inputs.CustomRuleArgs
{
Action = AzureNative.FrontDoor.ActionType.Block,
MatchConditions = new[]
{
new AzureNative.FrontDoor.Inputs.MatchConditionArgs
{
MatchValue = new[]
{
"CH",
},
MatchVariable = AzureNative.FrontDoor.MatchVariable.RemoteAddr,
Operator = AzureNative.FrontDoor.Operator.GeoMatch,
},
new AzureNative.FrontDoor.Inputs.MatchConditionArgs
{
MatchValue = new[]
{
"windows",
},
MatchVariable = AzureNative.FrontDoor.MatchVariable.RequestHeader,
Operator = AzureNative.FrontDoor.Operator.Contains,
Selector = "UserAgent",
Transforms = new[]
{
AzureNative.FrontDoor.TransformType.Lowercase,
},
},
},
Name = "Rule2",
Priority = 2,
RuleType = AzureNative.FrontDoor.RuleType.MatchRule,
},
new AzureNative.FrontDoor.Inputs.CustomRuleArgs
{
Action = AzureNative.FrontDoor.ActionType.CAPTCHA,
MatchConditions = new[]
{
new AzureNative.FrontDoor.Inputs.MatchConditionArgs
{
MatchValue = new[]
{
"AzureBackup",
"AzureBotService",
},
MatchVariable = AzureNative.FrontDoor.MatchVariable.RemoteAddr,
Operator = AzureNative.FrontDoor.Operator.ServiceTagMatch,
},
},
Name = "Rule3",
Priority = 1,
RateLimitThreshold = 1000,
RuleType = AzureNative.FrontDoor.RuleType.RateLimitRule,
},
},
},
Location = "WestUs",
ManagedRules = new AzureNative.FrontDoor.Inputs.ManagedRuleSetListArgs
{
ExceptionsList = new AzureNative.FrontDoor.Inputs.ManagedRuleSetExceptionListArgs
{
Exceptions = new[]
{
new AzureNative.FrontDoor.Inputs.ManagedRuleSetExceptionArgs
{
MatchValues = new[]
{
"Mozilla",
},
MatchVariable = AzureNative.FrontDoor.ExceptionMatchVariable.RequestHeaderNames,
Scopes = new[]
{
new AzureNative.FrontDoor.Inputs.ManagedRuleSetScopeArgs
{
RuleSetType = "Microsoft_DefaultRuleSet",
RuleSetVersion = "2.2",
},
new AzureNative.FrontDoor.Inputs.ManagedRuleSetScopeArgs
{
RuleSetType = "Microsoft_HTTPDDoSRuleSet",
RuleSetVersion = "1.0",
},
},
Selector = "User-Agent",
SelectorMatchOperator = AzureNative.FrontDoor.ExceptionSelectorMatchOperator.EqualsValue,
ValueMatchOperator = AzureNative.FrontDoor.ExceptionValueMatchOperator.Contains,
},
},
},
ManagedRuleSets = new[]
{
new AzureNative.FrontDoor.Inputs.ManagedRuleSetArgs
{
Exclusions = new[]
{
new AzureNative.FrontDoor.Inputs.ManagedRuleExclusionArgs
{
MatchVariable = AzureNative.FrontDoor.ManagedRuleExclusionMatchVariable.RequestHeaderNames,
Selector = "User-Agent",
SelectorMatchOperator = AzureNative.FrontDoor.ManagedRuleExclusionSelectorMatchOperator.EqualsValue,
},
},
RuleGroupOverrides = new[]
{
new AzureNative.FrontDoor.Inputs.ManagedRuleGroupOverrideArgs
{
Exclusions = new[]
{
new AzureNative.FrontDoor.Inputs.ManagedRuleExclusionArgs
{
MatchVariable = AzureNative.FrontDoor.ManagedRuleExclusionMatchVariable.RequestCookieNames,
Selector = "token",
SelectorMatchOperator = AzureNative.FrontDoor.ManagedRuleExclusionSelectorMatchOperator.StartsWith,
},
},
RuleGroupName = "SQLI",
Rules = new[]
{
new AzureNative.FrontDoor.Inputs.ManagedRuleOverrideArgs
{
Action = AzureNative.FrontDoor.ActionType.Redirect,
EnabledState = AzureNative.FrontDoor.ManagedRuleEnabledState.Enabled,
Exclusions = new[]
{
new AzureNative.FrontDoor.Inputs.ManagedRuleExclusionArgs
{
MatchVariable = AzureNative.FrontDoor.ManagedRuleExclusionMatchVariable.QueryStringArgNames,
Selector = "query",
SelectorMatchOperator = AzureNative.FrontDoor.ManagedRuleExclusionSelectorMatchOperator.EqualsValue,
},
},
RuleId = "942100",
},
new AzureNative.FrontDoor.Inputs.ManagedRuleOverrideArgs
{
EnabledState = AzureNative.FrontDoor.ManagedRuleEnabledState.Disabled,
RuleId = "942110",
},
},
},
},
RuleSetAction = AzureNative.FrontDoor.ManagedRuleSetActionType.Block,
RuleSetType = "Microsoft_DefaultRuleSet",
RuleSetVersion = "2.2",
},
new AzureNative.FrontDoor.Inputs.ManagedRuleSetArgs
{
RuleGroupOverrides = new[]
{
new AzureNative.FrontDoor.Inputs.ManagedRuleGroupOverrideArgs
{
RuleGroupName = "ExcessiveRequests",
Rules = new[]
{
new AzureNative.FrontDoor.Inputs.ManagedRuleOverrideArgs
{
Action = AzureNative.FrontDoor.ActionType.Block,
EnabledState = AzureNative.FrontDoor.ManagedRuleEnabledState.Enabled,
RuleId = "500100",
Sensitivity = AzureNative.FrontDoor.SensitivityType.High,
},
},
},
},
RuleSetType = "Microsoft_HTTPDDoSRuleSet",
RuleSetVersion = "1.0",
},
},
},
PolicyName = "Policy1",
PolicySettings = new AzureNative.FrontDoor.Inputs.PolicySettingsArgs
{
CaptchaExpirationInMinutes = 30,
CustomBlockResponseBody = "PGh0bWw+CjxoZWFkZXI+PHRpdGxlPkhlbGxvPC90aXRsZT48L2hlYWRlcj4KPGJvZHk+CkhlbGxvIHdvcmxkCjwvYm9keT4KPC9odG1sPg==",
CustomBlockResponseStatusCode = 429,
EnabledState = AzureNative.FrontDoor.PolicyEnabledState.Enabled,
JavascriptChallengeExpirationInMinutes = 30,
Mode = AzureNative.FrontDoor.PolicyMode.Prevention,
RedirectUrl = "http://www.bing.com",
RequestBodyCheck = AzureNative.FrontDoor.PolicyRequestBodyCheck.Disabled,
ScrubbingRules = new[]
{
new AzureNative.FrontDoor.Inputs.WebApplicationFirewallScrubbingRulesArgs
{
MatchVariable = AzureNative.FrontDoor.ScrubbingRuleEntryMatchVariable.RequestIPAddress,
SelectorMatchOperator = AzureNative.FrontDoor.ScrubbingRuleEntryMatchOperator.EqualsAny,
State = AzureNative.FrontDoor.ScrubbingRuleEntryState.Enabled,
},
},
State = AzureNative.FrontDoor.WebApplicationFirewallScrubbingState.Enabled,
},
ResourceGroupName = "rg1",
Sku = new AzureNative.FrontDoor.Inputs.SkuArgs
{
Name = AzureNative.FrontDoor.SkuName.Premium_AzureFrontDoor,
},
});
});
package main
import (
frontdoor "github.com/pulumi/pulumi-azure-native-sdk/frontdoor/v3"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := frontdoor.NewPolicy(ctx, "policy", &frontdoor.PolicyArgs{
CustomRules: &frontdoor.CustomRuleListArgs{
Rules: frontdoor.CustomRuleArray{
&frontdoor.CustomRuleArgs{
Action: pulumi.String(frontdoor.ActionTypeBlock),
MatchConditions: frontdoor.MatchConditionArray{
&frontdoor.MatchConditionArgs{
MatchValue: pulumi.StringArray{
pulumi.String("192.168.1.0/24"),
pulumi.String("10.0.0.0/24"),
},
MatchVariable: pulumi.String(frontdoor.MatchVariableRemoteAddr),
Operator: pulumi.String(frontdoor.OperatorIPMatch),
},
},
Name: pulumi.String("Rule1"),
Priority: pulumi.Int(1),
RateLimitThreshold: pulumi.Int(1000),
RuleType: pulumi.String(frontdoor.RuleTypeRateLimitRule),
},
&frontdoor.CustomRuleArgs{
Action: pulumi.String(frontdoor.ActionTypeBlock),
MatchConditions: frontdoor.MatchConditionArray{
&frontdoor.MatchConditionArgs{
MatchValue: pulumi.StringArray{
pulumi.String("CH"),
},
MatchVariable: pulumi.String(frontdoor.MatchVariableRemoteAddr),
Operator: pulumi.String(frontdoor.OperatorGeoMatch),
},
&frontdoor.MatchConditionArgs{
MatchValue: pulumi.StringArray{
pulumi.String("windows"),
},
MatchVariable: pulumi.String(frontdoor.MatchVariableRequestHeader),
Operator: pulumi.String(frontdoor.OperatorContains),
Selector: pulumi.String("UserAgent"),
Transforms: pulumi.StringArray{
pulumi.String(frontdoor.TransformTypeLowercase),
},
},
},
Name: pulumi.String("Rule2"),
Priority: pulumi.Int(2),
RuleType: pulumi.String(frontdoor.RuleTypeMatchRule),
},
&frontdoor.CustomRuleArgs{
Action: pulumi.String(frontdoor.ActionTypeCAPTCHA),
MatchConditions: frontdoor.MatchConditionArray{
&frontdoor.MatchConditionArgs{
MatchValue: pulumi.StringArray{
pulumi.String("AzureBackup"),
pulumi.String("AzureBotService"),
},
MatchVariable: pulumi.String(frontdoor.MatchVariableRemoteAddr),
Operator: pulumi.String(frontdoor.OperatorServiceTagMatch),
},
},
Name: pulumi.String("Rule3"),
Priority: pulumi.Int(1),
RateLimitThreshold: pulumi.Int(1000),
RuleType: pulumi.String(frontdoor.RuleTypeRateLimitRule),
},
},
},
Location: pulumi.String("WestUs"),
ManagedRules: &frontdoor.ManagedRuleSetListArgs{
ExceptionsList: &frontdoor.ManagedRuleSetExceptionListArgs{
Exceptions: frontdoor.ManagedRuleSetExceptionArray{
&frontdoor.ManagedRuleSetExceptionArgs{
MatchValues: pulumi.StringArray{
pulumi.String("Mozilla"),
},
MatchVariable: pulumi.String(frontdoor.ExceptionMatchVariableRequestHeaderNames),
Scopes: frontdoor.ManagedRuleSetScopeArray{
&frontdoor.ManagedRuleSetScopeArgs{
RuleSetType: pulumi.String("Microsoft_DefaultRuleSet"),
RuleSetVersion: pulumi.String("2.2"),
},
&frontdoor.ManagedRuleSetScopeArgs{
RuleSetType: pulumi.String("Microsoft_HTTPDDoSRuleSet"),
RuleSetVersion: pulumi.String("1.0"),
},
},
Selector: pulumi.String("User-Agent"),
SelectorMatchOperator: pulumi.String(frontdoor.ExceptionSelectorMatchOperatorEquals),
ValueMatchOperator: pulumi.String(frontdoor.ExceptionValueMatchOperatorContains),
},
},
},
ManagedRuleSets: frontdoor.ManagedRuleSetArray{
&frontdoor.ManagedRuleSetArgs{
Exclusions: frontdoor.ManagedRuleExclusionArray{
&frontdoor.ManagedRuleExclusionArgs{
MatchVariable: pulumi.String(frontdoor.ManagedRuleExclusionMatchVariableRequestHeaderNames),
Selector: pulumi.String("User-Agent"),
SelectorMatchOperator: pulumi.String(frontdoor.ManagedRuleExclusionSelectorMatchOperatorEquals),
},
},
RuleGroupOverrides: frontdoor.ManagedRuleGroupOverrideArray{
&frontdoor.ManagedRuleGroupOverrideArgs{
Exclusions: frontdoor.ManagedRuleExclusionArray{
&frontdoor.ManagedRuleExclusionArgs{
MatchVariable: pulumi.String(frontdoor.ManagedRuleExclusionMatchVariableRequestCookieNames),
Selector: pulumi.String("token"),
SelectorMatchOperator: pulumi.String(frontdoor.ManagedRuleExclusionSelectorMatchOperatorStartsWith),
},
},
RuleGroupName: pulumi.String("SQLI"),
Rules: frontdoor.ManagedRuleOverrideArray{
&frontdoor.ManagedRuleOverrideArgs{
Action: pulumi.String(frontdoor.ActionTypeRedirect),
EnabledState: pulumi.String(frontdoor.ManagedRuleEnabledStateEnabled),
Exclusions: frontdoor.ManagedRuleExclusionArray{
&frontdoor.ManagedRuleExclusionArgs{
MatchVariable: pulumi.String(frontdoor.ManagedRuleExclusionMatchVariableQueryStringArgNames),
Selector: pulumi.String("query"),
SelectorMatchOperator: pulumi.String(frontdoor.ManagedRuleExclusionSelectorMatchOperatorEquals),
},
},
RuleId: pulumi.String("942100"),
},
&frontdoor.ManagedRuleOverrideArgs{
EnabledState: pulumi.String(frontdoor.ManagedRuleEnabledStateDisabled),
RuleId: pulumi.String("942110"),
},
},
},
},
RuleSetAction: pulumi.String(frontdoor.ManagedRuleSetActionTypeBlock),
RuleSetType: pulumi.String("Microsoft_DefaultRuleSet"),
RuleSetVersion: pulumi.String("2.2"),
},
&frontdoor.ManagedRuleSetArgs{
RuleGroupOverrides: frontdoor.ManagedRuleGroupOverrideArray{
&frontdoor.ManagedRuleGroupOverrideArgs{
RuleGroupName: pulumi.String("ExcessiveRequests"),
Rules: frontdoor.ManagedRuleOverrideArray{
&frontdoor.ManagedRuleOverrideArgs{
Action: pulumi.String(frontdoor.ActionTypeBlock),
EnabledState: pulumi.String(frontdoor.ManagedRuleEnabledStateEnabled),
RuleId: pulumi.String("500100"),
Sensitivity: pulumi.String(frontdoor.SensitivityTypeHigh),
},
},
},
},
RuleSetType: pulumi.String("Microsoft_HTTPDDoSRuleSet"),
RuleSetVersion: pulumi.String("1.0"),
},
},
},
PolicyName: pulumi.String("Policy1"),
PolicySettings: &frontdoor.PolicySettingsArgs{
CaptchaExpirationInMinutes: pulumi.Int(30),
CustomBlockResponseBody: pulumi.String("PGh0bWw+CjxoZWFkZXI+PHRpdGxlPkhlbGxvPC90aXRsZT48L2hlYWRlcj4KPGJvZHk+CkhlbGxvIHdvcmxkCjwvYm9keT4KPC9odG1sPg=="),
CustomBlockResponseStatusCode: pulumi.Int(429),
EnabledState: pulumi.String(frontdoor.PolicyEnabledStateEnabled),
JavascriptChallengeExpirationInMinutes: pulumi.Int(30),
Mode: pulumi.String(frontdoor.PolicyModePrevention),
RedirectUrl: pulumi.String("http://www.bing.com"),
RequestBodyCheck: pulumi.String(frontdoor.PolicyRequestBodyCheckDisabled),
ScrubbingRules: frontdoor.WebApplicationFirewallScrubbingRulesArray{
&frontdoor.WebApplicationFirewallScrubbingRulesArgs{
MatchVariable: pulumi.String(frontdoor.ScrubbingRuleEntryMatchVariableRequestIPAddress),
SelectorMatchOperator: pulumi.String(frontdoor.ScrubbingRuleEntryMatchOperatorEqualsAny),
State: pulumi.String(frontdoor.ScrubbingRuleEntryStateEnabled),
},
},
State: pulumi.String(frontdoor.WebApplicationFirewallScrubbingStateEnabled),
},
ResourceGroupName: pulumi.String("rg1"),
Sku: &frontdoor.SkuArgs{
Name: pulumi.String(frontdoor.SkuName_Premium_AzureFrontDoor),
},
})
if err != nil {
return err
}
return nil
})
}
pulumi {
required_providers {
azure-native = {
source = "pulumi/azure-native"
}
}
}
resource "azure-native_frontdoor_policy" "policy" {
custom_rules = {
rules = [{
"action" = "Block"
"matchConditions" = [{
"matchValue" = ["192.168.1.0/24", "10.0.0.0/24"]
"matchVariable" = "RemoteAddr"
"operator" = "IPMatch"
}]
"name" = "Rule1"
"priority" = 1
"rateLimitThreshold" = 1000
"ruleType" = "RateLimitRule"
}, {
"action" = "Block"
"matchConditions" = [{
"matchValue" = ["CH"]
"matchVariable" = "RemoteAddr"
"operator" = "GeoMatch"
}, {
"matchValue" = ["windows"]
"matchVariable" = "RequestHeader"
"operator" = "Contains"
"selector" = "UserAgent"
"transforms" = ["Lowercase"]
}]
"name" = "Rule2"
"priority" = 2
"ruleType" = "MatchRule"
}, {
"action" = "CAPTCHA"
"matchConditions" = [{
"matchValue" = ["AzureBackup", "AzureBotService"]
"matchVariable" = "RemoteAddr"
"operator" = "ServiceTagMatch"
}]
"name" = "Rule3"
"priority" = 1
"rateLimitThreshold" = 1000
"ruleType" = "RateLimitRule"
}]
}
location = "WestUs"
managed_rules = {
exceptions_list = {
exceptions = [{
"matchValues" = ["Mozilla"]
"matchVariable" = "RequestHeaderNames"
"scopes" = [{
"ruleSetType" = "Microsoft_DefaultRuleSet"
"ruleSetVersion" = "2.2"
}, {
"ruleSetType" = "Microsoft_HTTPDDoSRuleSet"
"ruleSetVersion" = "1.0"
}]
"selector" = "User-Agent"
"selectorMatchOperator" = "Equals"
"valueMatchOperator" = "Contains"
}]
}
managed_rule_sets = [{
"exclusions" = [{
"matchVariable" = "RequestHeaderNames"
"selector" = "User-Agent"
"selectorMatchOperator" = "Equals"
}]
"ruleGroupOverrides" = [{
"exclusions" = [{
"matchVariable" = "RequestCookieNames"
"selector" = "token"
"selectorMatchOperator" = "StartsWith"
}]
"ruleGroupName" = "SQLI"
"rules" = [{
"action" = "Redirect"
"enabledState" = "Enabled"
"exclusions" = [{
"matchVariable" = "QueryStringArgNames"
"selector" = "query"
"selectorMatchOperator" = "Equals"
}]
"ruleId" = "942100"
}, {
"enabledState" = "Disabled"
"ruleId" = "942110"
}]
}]
"ruleSetAction" = "Block"
"ruleSetType" = "Microsoft_DefaultRuleSet"
"ruleSetVersion" = "2.2"
}, {
"ruleGroupOverrides" = [{
"ruleGroupName" = "ExcessiveRequests"
"rules" = [{
"action" = "Block"
"enabledState" = "Enabled"
"ruleId" = "500100"
"sensitivity" = "High"
}]
}]
"ruleSetType" = "Microsoft_HTTPDDoSRuleSet"
"ruleSetVersion" = "1.0"
}]
}
policy_name = "Policy1"
policy_settings = {
captcha_expiration_in_minutes = 30
custom_block_response_body = "PGh0bWw+CjxoZWFkZXI+PHRpdGxlPkhlbGxvPC90aXRsZT48L2hlYWRlcj4KPGJvZHk+CkhlbGxvIHdvcmxkCjwvYm9keT4KPC9odG1sPg=="
custom_block_response_status_code = 429
enabled_state = "Enabled"
javascript_challenge_expiration_in_minutes = 30
mode = "Prevention"
redirect_url = "http://www.bing.com"
request_body_check = "Disabled"
scrubbing_rules = [{
"matchVariable" = "RequestIPAddress"
"selectorMatchOperator" = "EqualsAny"
"state" = "Enabled"
}]
state = "Enabled"
}
resource_group_name = "rg1"
sku = {
name = "Premium_AzureFrontDoor"
}
}
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.azurenative.frontdoor.Policy;
import com.pulumi.azurenative.frontdoor.PolicyArgs;
import com.pulumi.azurenative.frontdoor.inputs.CustomRuleListArgs;
import com.pulumi.azurenative.frontdoor.inputs.ManagedRuleSetListArgs;
import com.pulumi.azurenative.frontdoor.inputs.ManagedRuleSetExceptionListArgs;
import com.pulumi.azurenative.frontdoor.inputs.PolicySettingsArgs;
import com.pulumi.azurenative.frontdoor.inputs.SkuArgs;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var policy = new Policy("policy", PolicyArgs.builder()
.customRules(CustomRuleListArgs.builder()
.rules(
CustomRuleArgs.builder()
.action("Block")
.matchConditions(MatchConditionArgs.builder()
.matchValue(
"192.168.1.0/24",
"10.0.0.0/24")
.matchVariable("RemoteAddr")
.operator("IPMatch")
.build())
.name("Rule1")
.priority(1)
.rateLimitThreshold(1000)
.ruleType("RateLimitRule")
.build(),
CustomRuleArgs.builder()
.action("Block")
.matchConditions(
MatchConditionArgs.builder()
.matchValue("CH")
.matchVariable("RemoteAddr")
.operator("GeoMatch")
.build(),
MatchConditionArgs.builder()
.matchValue("windows")
.matchVariable("RequestHeader")
.operator("Contains")
.selector("UserAgent")
.transforms("Lowercase")
.build())
.name("Rule2")
.priority(2)
.ruleType("MatchRule")
.build(),
CustomRuleArgs.builder()
.action("CAPTCHA")
.matchConditions(MatchConditionArgs.builder()
.matchValue(
"AzureBackup",
"AzureBotService")
.matchVariable("RemoteAddr")
.operator("ServiceTagMatch")
.build())
.name("Rule3")
.priority(1)
.rateLimitThreshold(1000)
.ruleType("RateLimitRule")
.build())
.build())
.location("WestUs")
.managedRules(ManagedRuleSetListArgs.builder()
.exceptionsList(ManagedRuleSetExceptionListArgs.builder()
.exceptions(ManagedRuleSetExceptionArgs.builder()
.matchValues("Mozilla")
.matchVariable("RequestHeaderNames")
.scopes(
ManagedRuleSetScopeArgs.builder()
.ruleSetType("Microsoft_DefaultRuleSet")
.ruleSetVersion("2.2")
.build(),
ManagedRuleSetScopeArgs.builder()
.ruleSetType("Microsoft_HTTPDDoSRuleSet")
.ruleSetVersion("1.0")
.build())
.selector("User-Agent")
.selectorMatchOperator("Equals")
.valueMatchOperator("Contains")
.build())
.build())
.managedRuleSets(
ManagedRuleSetArgs.builder()
.exclusions(ManagedRuleExclusionArgs.builder()
.matchVariable("RequestHeaderNames")
.selector("User-Agent")
.selectorMatchOperator("Equals")
.build())
.ruleGroupOverrides(ManagedRuleGroupOverrideArgs.builder()
.exclusions(ManagedRuleExclusionArgs.builder()
.matchVariable("RequestCookieNames")
.selector("token")
.selectorMatchOperator("StartsWith")
.build())
.ruleGroupName("SQLI")
.rules(
ManagedRuleOverrideArgs.builder()
.action("Redirect")
.enabledState("Enabled")
.exclusions(ManagedRuleExclusionArgs.builder()
.matchVariable("QueryStringArgNames")
.selector("query")
.selectorMatchOperator("Equals")
.build())
.ruleId("942100")
.build(),
ManagedRuleOverrideArgs.builder()
.enabledState("Disabled")
.ruleId("942110")
.build())
.build())
.ruleSetAction("Block")
.ruleSetType("Microsoft_DefaultRuleSet")
.ruleSetVersion("2.2")
.build(),
ManagedRuleSetArgs.builder()
.ruleGroupOverrides(ManagedRuleGroupOverrideArgs.builder()
.ruleGroupName("ExcessiveRequests")
.rules(ManagedRuleOverrideArgs.builder()
.action("Block")
.enabledState("Enabled")
.ruleId("500100")
.sensitivity("High")
.build())
.build())
.ruleSetType("Microsoft_HTTPDDoSRuleSet")
.ruleSetVersion("1.0")
.build())
.build())
.policyName("Policy1")
.policySettings(PolicySettingsArgs.builder()
.captchaExpirationInMinutes(30)
.customBlockResponseBody("PGh0bWw+CjxoZWFkZXI+PHRpdGxlPkhlbGxvPC90aXRsZT48L2hlYWRlcj4KPGJvZHk+CkhlbGxvIHdvcmxkCjwvYm9keT4KPC9odG1sPg==")
.customBlockResponseStatusCode(429)
.enabledState("Enabled")
.javascriptChallengeExpirationInMinutes(30)
.mode("Prevention")
.redirectUrl("http://www.bing.com")
.requestBodyCheck("Disabled")
.scrubbingRules(WebApplicationFirewallScrubbingRulesArgs.builder()
.matchVariable("RequestIPAddress")
.selectorMatchOperator("EqualsAny")
.state("Enabled")
.build())
.state("Enabled")
.build())
.resourceGroupName("rg1")
.sku(SkuArgs.builder()
.name("Premium_AzureFrontDoor")
.build())
.build());
}
}
import * as pulumi from "@pulumi/pulumi";
import * as azure_native from "@pulumi/azure-native";
const policy = new azure_native.frontdoor.Policy("policy", {
customRules: {
rules: [
{
action: azure_native.frontdoor.ActionType.Block,
matchConditions: [{
matchValue: [
"192.168.1.0/24",
"10.0.0.0/24",
],
matchVariable: azure_native.frontdoor.MatchVariable.RemoteAddr,
operator: azure_native.frontdoor.Operator.IPMatch,
}],
name: "Rule1",
priority: 1,
rateLimitThreshold: 1000,
ruleType: azure_native.frontdoor.RuleType.RateLimitRule,
},
{
action: azure_native.frontdoor.ActionType.Block,
matchConditions: [
{
matchValue: ["CH"],
matchVariable: azure_native.frontdoor.MatchVariable.RemoteAddr,
operator: azure_native.frontdoor.Operator.GeoMatch,
},
{
matchValue: ["windows"],
matchVariable: azure_native.frontdoor.MatchVariable.RequestHeader,
operator: azure_native.frontdoor.Operator.Contains,
selector: "UserAgent",
transforms: [azure_native.frontdoor.TransformType.Lowercase],
},
],
name: "Rule2",
priority: 2,
ruleType: azure_native.frontdoor.RuleType.MatchRule,
},
{
action: azure_native.frontdoor.ActionType.CAPTCHA,
matchConditions: [{
matchValue: [
"AzureBackup",
"AzureBotService",
],
matchVariable: azure_native.frontdoor.MatchVariable.RemoteAddr,
operator: azure_native.frontdoor.Operator.ServiceTagMatch,
}],
name: "Rule3",
priority: 1,
rateLimitThreshold: 1000,
ruleType: azure_native.frontdoor.RuleType.RateLimitRule,
},
],
},
location: "WestUs",
managedRules: {
exceptionsList: {
exceptions: [{
matchValues: ["Mozilla"],
matchVariable: azure_native.frontdoor.ExceptionMatchVariable.RequestHeaderNames,
scopes: [
{
ruleSetType: "Microsoft_DefaultRuleSet",
ruleSetVersion: "2.2",
},
{
ruleSetType: "Microsoft_HTTPDDoSRuleSet",
ruleSetVersion: "1.0",
},
],
selector: "User-Agent",
selectorMatchOperator: azure_native.frontdoor.ExceptionSelectorMatchOperator.Equals,
valueMatchOperator: azure_native.frontdoor.ExceptionValueMatchOperator.Contains,
}],
},
managedRuleSets: [
{
exclusions: [{
matchVariable: azure_native.frontdoor.ManagedRuleExclusionMatchVariable.RequestHeaderNames,
selector: "User-Agent",
selectorMatchOperator: azure_native.frontdoor.ManagedRuleExclusionSelectorMatchOperator.Equals,
}],
ruleGroupOverrides: [{
exclusions: [{
matchVariable: azure_native.frontdoor.ManagedRuleExclusionMatchVariable.RequestCookieNames,
selector: "token",
selectorMatchOperator: azure_native.frontdoor.ManagedRuleExclusionSelectorMatchOperator.StartsWith,
}],
ruleGroupName: "SQLI",
rules: [
{
action: azure_native.frontdoor.ActionType.Redirect,
enabledState: azure_native.frontdoor.ManagedRuleEnabledState.Enabled,
exclusions: [{
matchVariable: azure_native.frontdoor.ManagedRuleExclusionMatchVariable.QueryStringArgNames,
selector: "query",
selectorMatchOperator: azure_native.frontdoor.ManagedRuleExclusionSelectorMatchOperator.Equals,
}],
ruleId: "942100",
},
{
enabledState: azure_native.frontdoor.ManagedRuleEnabledState.Disabled,
ruleId: "942110",
},
],
}],
ruleSetAction: azure_native.frontdoor.ManagedRuleSetActionType.Block,
ruleSetType: "Microsoft_DefaultRuleSet",
ruleSetVersion: "2.2",
},
{
ruleGroupOverrides: [{
ruleGroupName: "ExcessiveRequests",
rules: [{
action: azure_native.frontdoor.ActionType.Block,
enabledState: azure_native.frontdoor.ManagedRuleEnabledState.Enabled,
ruleId: "500100",
sensitivity: azure_native.frontdoor.SensitivityType.High,
}],
}],
ruleSetType: "Microsoft_HTTPDDoSRuleSet",
ruleSetVersion: "1.0",
},
],
},
policyName: "Policy1",
policySettings: {
captchaExpirationInMinutes: 30,
customBlockResponseBody: "PGh0bWw+CjxoZWFkZXI+PHRpdGxlPkhlbGxvPC90aXRsZT48L2hlYWRlcj4KPGJvZHk+CkhlbGxvIHdvcmxkCjwvYm9keT4KPC9odG1sPg==",
customBlockResponseStatusCode: 429,
enabledState: azure_native.frontdoor.PolicyEnabledState.Enabled,
javascriptChallengeExpirationInMinutes: 30,
mode: azure_native.frontdoor.PolicyMode.Prevention,
redirectUrl: "http://www.bing.com",
requestBodyCheck: azure_native.frontdoor.PolicyRequestBodyCheck.Disabled,
scrubbingRules: [{
matchVariable: azure_native.frontdoor.ScrubbingRuleEntryMatchVariable.RequestIPAddress,
selectorMatchOperator: azure_native.frontdoor.ScrubbingRuleEntryMatchOperator.EqualsAny,
state: azure_native.frontdoor.ScrubbingRuleEntryState.Enabled,
}],
state: azure_native.frontdoor.WebApplicationFirewallScrubbingState.Enabled,
},
resourceGroupName: "rg1",
sku: {
name: azure_native.frontdoor.SkuName.Premium_AzureFrontDoor,
},
});
import pulumi
import pulumi_azure_native as azure_native
policy = azure_native.frontdoor.Policy("policy",
custom_rules={
"rules": [
{
"action": azure_native.frontdoor.ActionType.BLOCK,
"match_conditions": [{
"match_value": [
"192.168.1.0/24",
"10.0.0.0/24",
],
"match_variable": azure_native.frontdoor.MatchVariable.REMOTE_ADDR,
"operator": azure_native.frontdoor.Operator.IP_MATCH,
}],
"name": "Rule1",
"priority": 1,
"rate_limit_threshold": 1000,
"rule_type": azure_native.frontdoor.RuleType.RATE_LIMIT_RULE,
},
{
"action": azure_native.frontdoor.ActionType.BLOCK,
"match_conditions": [
{
"match_value": ["CH"],
"match_variable": azure_native.frontdoor.MatchVariable.REMOTE_ADDR,
"operator": azure_native.frontdoor.Operator.GEO_MATCH,
},
{
"match_value": ["windows"],
"match_variable": azure_native.frontdoor.MatchVariable.REQUEST_HEADER,
"operator": azure_native.frontdoor.Operator.CONTAINS,
"selector": "UserAgent",
"transforms": [azure_native.frontdoor.TransformType.LOWERCASE],
},
],
"name": "Rule2",
"priority": 2,
"rule_type": azure_native.frontdoor.RuleType.MATCH_RULE,
},
{
"action": azure_native.frontdoor.ActionType.CAPTCHA,
"match_conditions": [{
"match_value": [
"AzureBackup",
"AzureBotService",
],
"match_variable": azure_native.frontdoor.MatchVariable.REMOTE_ADDR,
"operator": azure_native.frontdoor.Operator.SERVICE_TAG_MATCH,
}],
"name": "Rule3",
"priority": 1,
"rate_limit_threshold": 1000,
"rule_type": azure_native.frontdoor.RuleType.RATE_LIMIT_RULE,
},
],
},
location="WestUs",
managed_rules={
"exceptions_list": {
"exceptions": [{
"match_values": ["Mozilla"],
"match_variable": azure_native.frontdoor.ExceptionMatchVariable.REQUEST_HEADER_NAMES,
"scopes": [
{
"rule_set_type": "Microsoft_DefaultRuleSet",
"rule_set_version": "2.2",
},
{
"rule_set_type": "Microsoft_HTTPDDoSRuleSet",
"rule_set_version": "1.0",
},
],
"selector": "User-Agent",
"selector_match_operator": azure_native.frontdoor.ExceptionSelectorMatchOperator.EQUALS,
"value_match_operator": azure_native.frontdoor.ExceptionValueMatchOperator.CONTAINS,
}],
},
"managed_rule_sets": [
{
"exclusions": [{
"match_variable": azure_native.frontdoor.ManagedRuleExclusionMatchVariable.REQUEST_HEADER_NAMES,
"selector": "User-Agent",
"selector_match_operator": azure_native.frontdoor.ManagedRuleExclusionSelectorMatchOperator.EQUALS,
}],
"rule_group_overrides": [{
"exclusions": [{
"match_variable": azure_native.frontdoor.ManagedRuleExclusionMatchVariable.REQUEST_COOKIE_NAMES,
"selector": "token",
"selector_match_operator": azure_native.frontdoor.ManagedRuleExclusionSelectorMatchOperator.STARTS_WITH,
}],
"rule_group_name": "SQLI",
"rules": [
{
"action": azure_native.frontdoor.ActionType.REDIRECT,
"enabled_state": azure_native.frontdoor.ManagedRuleEnabledState.ENABLED,
"exclusions": [{
"match_variable": azure_native.frontdoor.ManagedRuleExclusionMatchVariable.QUERY_STRING_ARG_NAMES,
"selector": "query",
"selector_match_operator": azure_native.frontdoor.ManagedRuleExclusionSelectorMatchOperator.EQUALS,
}],
"rule_id": "942100",
},
{
"enabled_state": azure_native.frontdoor.ManagedRuleEnabledState.DISABLED,
"rule_id": "942110",
},
],
}],
"rule_set_action": azure_native.frontdoor.ManagedRuleSetActionType.BLOCK,
"rule_set_type": "Microsoft_DefaultRuleSet",
"rule_set_version": "2.2",
},
{
"rule_group_overrides": [{
"rule_group_name": "ExcessiveRequests",
"rules": [{
"action": azure_native.frontdoor.ActionType.BLOCK,
"enabled_state": azure_native.frontdoor.ManagedRuleEnabledState.ENABLED,
"rule_id": "500100",
"sensitivity": azure_native.frontdoor.SensitivityType.HIGH,
}],
}],
"rule_set_type": "Microsoft_HTTPDDoSRuleSet",
"rule_set_version": "1.0",
},
],
},
policy_name="Policy1",
policy_settings={
"captcha_expiration_in_minutes": 30,
"custom_block_response_body": "PGh0bWw+CjxoZWFkZXI+PHRpdGxlPkhlbGxvPC90aXRsZT48L2hlYWRlcj4KPGJvZHk+CkhlbGxvIHdvcmxkCjwvYm9keT4KPC9odG1sPg==",
"custom_block_response_status_code": 429,
"enabled_state": azure_native.frontdoor.PolicyEnabledState.ENABLED,
"javascript_challenge_expiration_in_minutes": 30,
"mode": azure_native.frontdoor.PolicyMode.PREVENTION,
"redirect_url": "http://www.bing.com",
"request_body_check": azure_native.frontdoor.PolicyRequestBodyCheck.DISABLED,
"scrubbing_rules": [{
"match_variable": azure_native.frontdoor.ScrubbingRuleEntryMatchVariable.REQUEST_IP_ADDRESS,
"selector_match_operator": azure_native.frontdoor.ScrubbingRuleEntryMatchOperator.EQUALS_ANY,
"state": azure_native.frontdoor.ScrubbingRuleEntryState.ENABLED,
}],
"state": azure_native.frontdoor.WebApplicationFirewallScrubbingState.ENABLED,
},
resource_group_name="rg1",
sku={
"name": azure_native.frontdoor.SkuName.PREMIUM_AZURE_FRONT_DOOR,
})
resources:
policy:
type: azure-native:frontdoor:Policy
properties:
customRules:
rules:
- action: Block
matchConditions:
- matchValue:
- 192.168.1.0/24
- 10.0.0.0/24
matchVariable: RemoteAddr
operator: IPMatch
name: Rule1
priority: 1
rateLimitThreshold: 1000
ruleType: RateLimitRule
- action: Block
matchConditions:
- matchValue:
- CH
matchVariable: RemoteAddr
operator: GeoMatch
- matchValue:
- windows
matchVariable: RequestHeader
operator: Contains
selector: UserAgent
transforms:
- Lowercase
name: Rule2
priority: 2
ruleType: MatchRule
- action: CAPTCHA
matchConditions:
- matchValue:
- AzureBackup
- AzureBotService
matchVariable: RemoteAddr
operator: ServiceTagMatch
name: Rule3
priority: 1
rateLimitThreshold: 1000
ruleType: RateLimitRule
location: WestUs
managedRules:
exceptionsList:
exceptions:
- matchValues:
- Mozilla
matchVariable: RequestHeaderNames
scopes:
- ruleSetType: Microsoft_DefaultRuleSet
ruleSetVersion: '2.2'
- ruleSetType: Microsoft_HTTPDDoSRuleSet
ruleSetVersion: '1.0'
selector: User-Agent
selectorMatchOperator: Equals
valueMatchOperator: Contains
managedRuleSets:
- exclusions:
- matchVariable: RequestHeaderNames
selector: User-Agent
selectorMatchOperator: Equals
ruleGroupOverrides:
- exclusions:
- matchVariable: RequestCookieNames
selector: token
selectorMatchOperator: StartsWith
ruleGroupName: SQLI
rules:
- action: Redirect
enabledState: Enabled
exclusions:
- matchVariable: QueryStringArgNames
selector: query
selectorMatchOperator: Equals
ruleId: '942100'
- enabledState: Disabled
ruleId: '942110'
ruleSetAction: Block
ruleSetType: Microsoft_DefaultRuleSet
ruleSetVersion: '2.2'
- ruleGroupOverrides:
- ruleGroupName: ExcessiveRequests
rules:
- action: Block
enabledState: Enabled
ruleId: '500100'
sensitivity: High
ruleSetType: Microsoft_HTTPDDoSRuleSet
ruleSetVersion: '1.0'
policyName: Policy1
policySettings:
captchaExpirationInMinutes: 30
customBlockResponseBody: PGh0bWw+CjxoZWFkZXI+PHRpdGxlPkhlbGxvPC90aXRsZT48L2hlYWRlcj4KPGJvZHk+CkhlbGxvIHdvcmxkCjwvYm9keT4KPC9odG1sPg==
customBlockResponseStatusCode: 429
enabledState: Enabled
javascriptChallengeExpirationInMinutes: 30
mode: Prevention
redirectUrl: http://www.bing.com
requestBodyCheck: Disabled
scrubbingRules:
- matchVariable: RequestIPAddress
selectorMatchOperator: EqualsAny
state: Enabled
state: Enabled
resourceGroupName: rg1
sku:
name: Premium_AzureFrontDoor
Create Policy Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new Policy(name: string, args: PolicyArgs, opts?: CustomResourceOptions);@overload
def Policy(resource_name: str,
args: PolicyArgs,
opts: Optional[ResourceOptions] = None)
@overload
def Policy(resource_name: str,
opts: Optional[ResourceOptions] = None,
resource_group_name: Optional[str] = None,
custom_rules: Optional[CustomRuleListArgs] = None,
location: Optional[str] = None,
managed_rules: Optional[ManagedRuleSetListArgs] = None,
policy_name: Optional[str] = None,
policy_settings: Optional[PolicySettingsArgs] = None,
sku: Optional[SkuArgs] = None,
tags: Optional[Mapping[str, str]] = None)func NewPolicy(ctx *Context, name string, args PolicyArgs, opts ...ResourceOption) (*Policy, error)public Policy(string name, PolicyArgs args, CustomResourceOptions? opts = null)
public Policy(String name, PolicyArgs args)
public Policy(String name, PolicyArgs args, CustomResourceOptions options)
type: azure-native:frontdoor:Policy
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
resource "azure-native_frontdoor_policy" "name" {
# resource properties
}Parameters
- name string
- The unique name of the resource.
- args PolicyArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args PolicyArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args PolicyArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args PolicyArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args PolicyArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Constructor example
The following reference example uses placeholder values for all input properties.
var examplepolicyResourceResourceFromFrontdoor = new AzureNative.FrontDoor.Policy("examplepolicyResourceResourceFromFrontdoor", new()
{
ResourceGroupName = "string",
CustomRules = new AzureNative.FrontDoor.Inputs.CustomRuleListArgs
{
Rules = new[]
{
new AzureNative.FrontDoor.Inputs.CustomRuleArgs
{
Action = "string",
MatchConditions = new[]
{
new AzureNative.FrontDoor.Inputs.MatchConditionArgs
{
MatchValue = new[]
{
"string",
},
MatchVariable = "string",
Operator = "string",
NegateCondition = false,
Selector = "string",
Transforms = new[]
{
"string",
},
},
},
Priority = 0,
RuleType = "string",
EnabledState = "string",
GroupBy = new[]
{
new AzureNative.FrontDoor.Inputs.GroupByVariableArgs
{
VariableName = "string",
},
},
Name = "string",
RateLimitDurationInMinutes = 0,
RateLimitThreshold = 0,
},
},
},
Location = "string",
ManagedRules = new AzureNative.FrontDoor.Inputs.ManagedRuleSetListArgs
{
ExceptionsList = new AzureNative.FrontDoor.Inputs.ManagedRuleSetExceptionListArgs
{
Exceptions = new[]
{
new AzureNative.FrontDoor.Inputs.ManagedRuleSetExceptionArgs
{
MatchValues = new[]
{
"string",
},
MatchVariable = "string",
Scopes = new[]
{
new AzureNative.FrontDoor.Inputs.ManagedRuleSetScopeArgs
{
RuleSetType = "string",
RuleSetVersion = "string",
RuleGroupScopes = new[]
{
new AzureNative.FrontDoor.Inputs.RuleGroupScopeArgs
{
RuleGroupName = "string",
RuleScopes = new[]
{
new AzureNative.FrontDoor.Inputs.RuleScopeArgs
{
RuleId = "string",
},
},
},
},
},
},
ValueMatchOperator = "string",
Selector = "string",
SelectorMatchOperator = "string",
},
},
},
ManagedRuleSets = new[]
{
new AzureNative.FrontDoor.Inputs.ManagedRuleSetArgs
{
RuleSetType = "string",
RuleSetVersion = "string",
Exclusions = new[]
{
new AzureNative.FrontDoor.Inputs.ManagedRuleExclusionArgs
{
MatchVariable = "string",
Selector = "string",
SelectorMatchOperator = "string",
},
},
RuleGroupOverrides = new[]
{
new AzureNative.FrontDoor.Inputs.ManagedRuleGroupOverrideArgs
{
RuleGroupName = "string",
Exclusions = new[]
{
new AzureNative.FrontDoor.Inputs.ManagedRuleExclusionArgs
{
MatchVariable = "string",
Selector = "string",
SelectorMatchOperator = "string",
},
},
Rules = new[]
{
new AzureNative.FrontDoor.Inputs.ManagedRuleOverrideArgs
{
RuleId = "string",
Action = "string",
EnabledState = "string",
Exclusions = new[]
{
new AzureNative.FrontDoor.Inputs.ManagedRuleExclusionArgs
{
MatchVariable = "string",
Selector = "string",
SelectorMatchOperator = "string",
},
},
Sensitivity = "string",
},
},
},
},
RuleSetAction = "string",
},
},
},
PolicyName = "string",
PolicySettings = new AzureNative.FrontDoor.Inputs.PolicySettingsArgs
{
CaptchaExpirationInMinutes = 0,
CustomBlockResponseBody = "string",
CustomBlockResponseStatusCode = 0,
EnabledState = "string",
JavascriptChallengeExpirationInMinutes = 0,
Mode = "string",
RedirectUrl = "string",
RequestBodyCheck = "string",
ScrubbingRules = new[]
{
new AzureNative.FrontDoor.Inputs.WebApplicationFirewallScrubbingRulesArgs
{
MatchVariable = "string",
SelectorMatchOperator = "string",
Selector = "string",
State = "string",
},
},
State = "string",
},
Sku = new AzureNative.FrontDoor.Inputs.SkuArgs
{
Name = "string",
},
Tags =
{
{ "string", "string" },
},
});
example, err := frontdoor.NewPolicy(ctx, "examplepolicyResourceResourceFromFrontdoor", &frontdoor.PolicyArgs{
ResourceGroupName: pulumi.String("string"),
CustomRules: &frontdoor.CustomRuleListArgs{
Rules: frontdoor.CustomRuleArray{
&frontdoor.CustomRuleArgs{
Action: pulumi.String("string"),
MatchConditions: frontdoor.MatchConditionArray{
&frontdoor.MatchConditionArgs{
MatchValue: pulumi.StringArray{
pulumi.String("string"),
},
MatchVariable: pulumi.String("string"),
Operator: pulumi.String("string"),
NegateCondition: pulumi.Bool(false),
Selector: pulumi.String("string"),
Transforms: pulumi.StringArray{
pulumi.String("string"),
},
},
},
Priority: pulumi.Int(0),
RuleType: pulumi.String("string"),
EnabledState: pulumi.String("string"),
GroupBy: frontdoor.GroupByVariableArray{
&frontdoor.GroupByVariableArgs{
VariableName: pulumi.String("string"),
},
},
Name: pulumi.String("string"),
RateLimitDurationInMinutes: pulumi.Int(0),
RateLimitThreshold: pulumi.Int(0),
},
},
},
Location: pulumi.String("string"),
ManagedRules: &frontdoor.ManagedRuleSetListArgs{
ExceptionsList: &frontdoor.ManagedRuleSetExceptionListArgs{
Exceptions: frontdoor.ManagedRuleSetExceptionArray{
&frontdoor.ManagedRuleSetExceptionArgs{
MatchValues: pulumi.StringArray{
pulumi.String("string"),
},
MatchVariable: pulumi.String("string"),
Scopes: frontdoor.ManagedRuleSetScopeArray{
&frontdoor.ManagedRuleSetScopeArgs{
RuleSetType: pulumi.String("string"),
RuleSetVersion: pulumi.String("string"),
RuleGroupScopes: frontdoor.RuleGroupScopeArray{
&frontdoor.RuleGroupScopeArgs{
RuleGroupName: pulumi.String("string"),
RuleScopes: frontdoor.RuleScopeArray{
&frontdoor.RuleScopeArgs{
RuleId: pulumi.String("string"),
},
},
},
},
},
},
ValueMatchOperator: pulumi.String("string"),
Selector: pulumi.String("string"),
SelectorMatchOperator: pulumi.String("string"),
},
},
},
ManagedRuleSets: frontdoor.ManagedRuleSetArray{
&frontdoor.ManagedRuleSetArgs{
RuleSetType: pulumi.String("string"),
RuleSetVersion: pulumi.String("string"),
Exclusions: frontdoor.ManagedRuleExclusionArray{
&frontdoor.ManagedRuleExclusionArgs{
MatchVariable: pulumi.String("string"),
Selector: pulumi.String("string"),
SelectorMatchOperator: pulumi.String("string"),
},
},
RuleGroupOverrides: frontdoor.ManagedRuleGroupOverrideArray{
&frontdoor.ManagedRuleGroupOverrideArgs{
RuleGroupName: pulumi.String("string"),
Exclusions: frontdoor.ManagedRuleExclusionArray{
&frontdoor.ManagedRuleExclusionArgs{
MatchVariable: pulumi.String("string"),
Selector: pulumi.String("string"),
SelectorMatchOperator: pulumi.String("string"),
},
},
Rules: frontdoor.ManagedRuleOverrideArray{
&frontdoor.ManagedRuleOverrideArgs{
RuleId: pulumi.String("string"),
Action: pulumi.String("string"),
EnabledState: pulumi.String("string"),
Exclusions: frontdoor.ManagedRuleExclusionArray{
&frontdoor.ManagedRuleExclusionArgs{
MatchVariable: pulumi.String("string"),
Selector: pulumi.String("string"),
SelectorMatchOperator: pulumi.String("string"),
},
},
Sensitivity: pulumi.String("string"),
},
},
},
},
RuleSetAction: pulumi.String("string"),
},
},
},
PolicyName: pulumi.String("string"),
PolicySettings: &frontdoor.PolicySettingsArgs{
CaptchaExpirationInMinutes: pulumi.Int(0),
CustomBlockResponseBody: pulumi.String("string"),
CustomBlockResponseStatusCode: pulumi.Int(0),
EnabledState: pulumi.String("string"),
JavascriptChallengeExpirationInMinutes: pulumi.Int(0),
Mode: pulumi.String("string"),
RedirectUrl: pulumi.String("string"),
RequestBodyCheck: pulumi.String("string"),
ScrubbingRules: frontdoor.WebApplicationFirewallScrubbingRulesArray{
&frontdoor.WebApplicationFirewallScrubbingRulesArgs{
MatchVariable: pulumi.String("string"),
SelectorMatchOperator: pulumi.String("string"),
Selector: pulumi.String("string"),
State: pulumi.String("string"),
},
},
State: pulumi.String("string"),
},
Sku: &frontdoor.SkuArgs{
Name: pulumi.String("string"),
},
Tags: pulumi.StringMap{
"string": pulumi.String("string"),
},
})
resource "azure-native_frontdoor_policy" "examplepolicyResourceResourceFromFrontdoor" {
resource_group_name = "string"
custom_rules = {
rules = [{
"action" = "string"
"matchConditions" = [{
"matchValue" = ["string"]
"matchVariable" = "string"
"operator" = "string"
"negateCondition" = false
"selector" = "string"
"transforms" = ["string"]
}]
"priority" = 0
"ruleType" = "string"
"enabledState" = "string"
"groupBy" = [{
"variableName" = "string"
}]
"name" = "string"
"rateLimitDurationInMinutes" = 0
"rateLimitThreshold" = 0
}]
}
location = "string"
managed_rules = {
exceptions_list = {
exceptions = [{
"matchValues" = ["string"]
"matchVariable" = "string"
"scopes" = [{
"ruleSetType" = "string"
"ruleSetVersion" = "string"
"ruleGroupScopes" = [{
"ruleGroupName" = "string"
"ruleScopes" = [{
"ruleId" = "string"
}]
}]
}]
"valueMatchOperator" = "string"
"selector" = "string"
"selectorMatchOperator" = "string"
}]
}
managed_rule_sets = [{
"ruleSetType" = "string"
"ruleSetVersion" = "string"
"exclusions" = [{
"matchVariable" = "string"
"selector" = "string"
"selectorMatchOperator" = "string"
}]
"ruleGroupOverrides" = [{
"ruleGroupName" = "string"
"exclusions" = [{
"matchVariable" = "string"
"selector" = "string"
"selectorMatchOperator" = "string"
}]
"rules" = [{
"ruleId" = "string"
"action" = "string"
"enabledState" = "string"
"exclusions" = [{
"matchVariable" = "string"
"selector" = "string"
"selectorMatchOperator" = "string"
}]
"sensitivity" = "string"
}]
}]
"ruleSetAction" = "string"
}]
}
policy_name = "string"
policy_settings = {
captcha_expiration_in_minutes = 0
custom_block_response_body = "string"
custom_block_response_status_code = 0
enabled_state = "string"
javascript_challenge_expiration_in_minutes = 0
mode = "string"
redirect_url = "string"
request_body_check = "string"
scrubbing_rules = [{
"matchVariable" = "string"
"selectorMatchOperator" = "string"
"selector" = "string"
"state" = "string"
}]
state = "string"
}
sku = {
name = "string"
}
tags = {
"string" = "string"
}
}
var examplepolicyResourceResourceFromFrontdoor = new com.pulumi.azurenative.frontdoor.Policy("examplepolicyResourceResourceFromFrontdoor", com.pulumi.azurenative.frontdoor.PolicyArgs.builder()
.resourceGroupName("string")
.customRules(com.pulumi.azurenative.frontdoor.inputs.CustomRuleListArgs.builder()
.rules(com.pulumi.azurenative.frontdoor.inputs.CustomRuleArgs.builder()
.action("string")
.matchConditions(com.pulumi.azurenative.frontdoor.inputs.MatchConditionArgs.builder()
.matchValue("string")
.matchVariable("string")
.operator("string")
.negateCondition(false)
.selector("string")
.transforms("string")
.build())
.priority(0)
.ruleType("string")
.enabledState("string")
.groupBy(com.pulumi.azurenative.frontdoor.inputs.GroupByVariableArgs.builder()
.variableName("string")
.build())
.name("string")
.rateLimitDurationInMinutes(0)
.rateLimitThreshold(0)
.build())
.build())
.location("string")
.managedRules(com.pulumi.azurenative.frontdoor.inputs.ManagedRuleSetListArgs.builder()
.exceptionsList(ManagedRuleSetExceptionListArgs.builder()
.exceptions(ManagedRuleSetExceptionArgs.builder()
.matchValues("string")
.matchVariable("string")
.scopes(ManagedRuleSetScopeArgs.builder()
.ruleSetType("string")
.ruleSetVersion("string")
.ruleGroupScopes(RuleGroupScopeArgs.builder()
.ruleGroupName("string")
.ruleScopes(RuleScopeArgs.builder()
.ruleId("string")
.build())
.build())
.build())
.valueMatchOperator("string")
.selector("string")
.selectorMatchOperator("string")
.build())
.build())
.managedRuleSets(com.pulumi.azurenative.frontdoor.inputs.ManagedRuleSetArgs.builder()
.ruleSetType("string")
.ruleSetVersion("string")
.exclusions(ManagedRuleExclusionArgs.builder()
.matchVariable("string")
.selector("string")
.selectorMatchOperator("string")
.build())
.ruleGroupOverrides(com.pulumi.azurenative.frontdoor.inputs.ManagedRuleGroupOverrideArgs.builder()
.ruleGroupName("string")
.exclusions(ManagedRuleExclusionArgs.builder()
.matchVariable("string")
.selector("string")
.selectorMatchOperator("string")
.build())
.rules(com.pulumi.azurenative.frontdoor.inputs.ManagedRuleOverrideArgs.builder()
.ruleId("string")
.action("string")
.enabledState("string")
.exclusions(ManagedRuleExclusionArgs.builder()
.matchVariable("string")
.selector("string")
.selectorMatchOperator("string")
.build())
.sensitivity("string")
.build())
.build())
.ruleSetAction("string")
.build())
.build())
.policyName("string")
.policySettings(com.pulumi.azurenative.frontdoor.inputs.PolicySettingsArgs.builder()
.captchaExpirationInMinutes(0)
.customBlockResponseBody("string")
.customBlockResponseStatusCode(0)
.enabledState("string")
.javascriptChallengeExpirationInMinutes(0)
.mode("string")
.redirectUrl("string")
.requestBodyCheck("string")
.scrubbingRules(com.pulumi.azurenative.frontdoor.inputs.WebApplicationFirewallScrubbingRulesArgs.builder()
.matchVariable("string")
.selectorMatchOperator("string")
.selector("string")
.state("string")
.build())
.state("string")
.build())
.sku(com.pulumi.azurenative.frontdoor.inputs.SkuArgs.builder()
.name("string")
.build())
.tags(Map.of("string", "string"))
.build());
examplepolicy_resource_resource_from_frontdoor = azure_native.frontdoor.Policy("examplepolicyResourceResourceFromFrontdoor",
resource_group_name="string",
custom_rules={
"rules": [{
"action": "string",
"match_conditions": [{
"match_value": ["string"],
"match_variable": "string",
"operator": "string",
"negate_condition": False,
"selector": "string",
"transforms": ["string"],
}],
"priority": 0,
"rule_type": "string",
"enabled_state": "string",
"group_by": [{
"variable_name": "string",
}],
"name": "string",
"rate_limit_duration_in_minutes": 0,
"rate_limit_threshold": 0,
}],
},
location="string",
managed_rules={
"exceptions_list": {
"exceptions": [{
"match_values": ["string"],
"match_variable": "string",
"scopes": [{
"rule_set_type": "string",
"rule_set_version": "string",
"rule_group_scopes": [{
"rule_group_name": "string",
"rule_scopes": [{
"rule_id": "string",
}],
}],
}],
"value_match_operator": "string",
"selector": "string",
"selector_match_operator": "string",
}],
},
"managed_rule_sets": [{
"rule_set_type": "string",
"rule_set_version": "string",
"exclusions": [{
"match_variable": "string",
"selector": "string",
"selector_match_operator": "string",
}],
"rule_group_overrides": [{
"rule_group_name": "string",
"exclusions": [{
"match_variable": "string",
"selector": "string",
"selector_match_operator": "string",
}],
"rules": [{
"rule_id": "string",
"action": "string",
"enabled_state": "string",
"exclusions": [{
"match_variable": "string",
"selector": "string",
"selector_match_operator": "string",
}],
"sensitivity": "string",
}],
}],
"rule_set_action": "string",
}],
},
policy_name="string",
policy_settings={
"captcha_expiration_in_minutes": 0,
"custom_block_response_body": "string",
"custom_block_response_status_code": 0,
"enabled_state": "string",
"javascript_challenge_expiration_in_minutes": 0,
"mode": "string",
"redirect_url": "string",
"request_body_check": "string",
"scrubbing_rules": [{
"match_variable": "string",
"selector_match_operator": "string",
"selector": "string",
"state": "string",
}],
"state": "string",
},
sku={
"name": "string",
},
tags={
"string": "string",
})
const examplepolicyResourceResourceFromFrontdoor = new azure_native.frontdoor.Policy("examplepolicyResourceResourceFromFrontdoor", {
resourceGroupName: "string",
customRules: {
rules: [{
action: "string",
matchConditions: [{
matchValue: ["string"],
matchVariable: "string",
operator: "string",
negateCondition: false,
selector: "string",
transforms: ["string"],
}],
priority: 0,
ruleType: "string",
enabledState: "string",
groupBy: [{
variableName: "string",
}],
name: "string",
rateLimitDurationInMinutes: 0,
rateLimitThreshold: 0,
}],
},
location: "string",
managedRules: {
exceptionsList: {
exceptions: [{
matchValues: ["string"],
matchVariable: "string",
scopes: [{
ruleSetType: "string",
ruleSetVersion: "string",
ruleGroupScopes: [{
ruleGroupName: "string",
ruleScopes: [{
ruleId: "string",
}],
}],
}],
valueMatchOperator: "string",
selector: "string",
selectorMatchOperator: "string",
}],
},
managedRuleSets: [{
ruleSetType: "string",
ruleSetVersion: "string",
exclusions: [{
matchVariable: "string",
selector: "string",
selectorMatchOperator: "string",
}],
ruleGroupOverrides: [{
ruleGroupName: "string",
exclusions: [{
matchVariable: "string",
selector: "string",
selectorMatchOperator: "string",
}],
rules: [{
ruleId: "string",
action: "string",
enabledState: "string",
exclusions: [{
matchVariable: "string",
selector: "string",
selectorMatchOperator: "string",
}],
sensitivity: "string",
}],
}],
ruleSetAction: "string",
}],
},
policyName: "string",
policySettings: {
captchaExpirationInMinutes: 0,
customBlockResponseBody: "string",
customBlockResponseStatusCode: 0,
enabledState: "string",
javascriptChallengeExpirationInMinutes: 0,
mode: "string",
redirectUrl: "string",
requestBodyCheck: "string",
scrubbingRules: [{
matchVariable: "string",
selectorMatchOperator: "string",
selector: "string",
state: "string",
}],
state: "string",
},
sku: {
name: "string",
},
tags: {
string: "string",
},
});
type: azure-native:frontdoor:Policy
properties:
customRules:
rules:
- action: string
enabledState: string
groupBy:
- variableName: string
matchConditions:
- matchValue:
- string
matchVariable: string
negateCondition: false
operator: string
selector: string
transforms:
- string
name: string
priority: 0
rateLimitDurationInMinutes: 0
rateLimitThreshold: 0
ruleType: string
location: string
managedRules:
exceptionsList:
exceptions:
- matchValues:
- string
matchVariable: string
scopes:
- ruleGroupScopes:
- ruleGroupName: string
ruleScopes:
- ruleId: string
ruleSetType: string
ruleSetVersion: string
selector: string
selectorMatchOperator: string
valueMatchOperator: string
managedRuleSets:
- exclusions:
- matchVariable: string
selector: string
selectorMatchOperator: string
ruleGroupOverrides:
- exclusions:
- matchVariable: string
selector: string
selectorMatchOperator: string
ruleGroupName: string
rules:
- action: string
enabledState: string
exclusions:
- matchVariable: string
selector: string
selectorMatchOperator: string
ruleId: string
sensitivity: string
ruleSetAction: string
ruleSetType: string
ruleSetVersion: string
policyName: string
policySettings:
captchaExpirationInMinutes: 0
customBlockResponseBody: string
customBlockResponseStatusCode: 0
enabledState: string
javascriptChallengeExpirationInMinutes: 0
mode: string
redirectUrl: string
requestBodyCheck: string
scrubbingRules:
- matchVariable: string
selector: string
selectorMatchOperator: string
state: string
state: string
resourceGroupName: string
sku:
name: string
tags:
string: string
Policy Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.
The Policy resource accepts the following input properties:
- Resource
Group stringName - The name of the resource group. The name is case insensitive.
- Custom
Rules Pulumi.Azure Native. Front Door. Inputs. Custom Rule List - Describes custom rules inside the policy.
- Location string
- Resource location.
- Managed
Rules Pulumi.Azure Native. Front Door. Inputs. Managed Rule Set List - Describes managed rules inside the policy.
- Policy
Name string - The name of the Web Application Firewall Policy.
- Policy
Settings Pulumi.Azure Native. Front Door. Inputs. Policy Settings - Describes settings for the policy.
- Sku
Pulumi.
Azure Native. Front Door. Inputs. Sku - The pricing tier of web application firewall policy. Defaults to Classic_AzureFrontDoor if not specified.
- Dictionary<string, string>
- Resource tags.
- Resource
Group stringName - The name of the resource group. The name is case insensitive.
- Custom
Rules CustomRule List Args - Describes custom rules inside the policy.
- Location string
- Resource location.
- Managed
Rules ManagedRule Set List Args - Describes managed rules inside the policy.
- Policy
Name string - The name of the Web Application Firewall Policy.
- Policy
Settings PolicySettings Args - Describes settings for the policy.
- Sku
Sku
Args - The pricing tier of web application firewall policy. Defaults to Classic_AzureFrontDoor if not specified.
- map[string]string
- Resource tags.
- resource_
group_ stringname - The name of the resource group. The name is case insensitive.
- custom_
rules object - Describes custom rules inside the policy.
- location string
- Resource location.
- managed_
rules object - Describes managed rules inside the policy.
- policy_
name string - The name of the Web Application Firewall Policy.
- policy_
settings object - Describes settings for the policy.
- sku object
- The pricing tier of web application firewall policy. Defaults to Classic_AzureFrontDoor if not specified.
- map(string)
- Resource tags.
- resource
Group StringName - The name of the resource group. The name is case insensitive.
- custom
Rules CustomRule List - Describes custom rules inside the policy.
- location String
- Resource location.
- managed
Rules ManagedRule Set List - Describes managed rules inside the policy.
- policy
Name String - The name of the Web Application Firewall Policy.
- policy
Settings PolicySettings - Describes settings for the policy.
- sku Sku
- The pricing tier of web application firewall policy. Defaults to Classic_AzureFrontDoor if not specified.
- Map<String,String>
- Resource tags.
- resource
Group stringName - The name of the resource group. The name is case insensitive.
- custom
Rules CustomRule List - Describes custom rules inside the policy.
- location string
- Resource location.
- managed
Rules ManagedRule Set List - Describes managed rules inside the policy.
- policy
Name string - The name of the Web Application Firewall Policy.
- policy
Settings PolicySettings - Describes settings for the policy.
- sku Sku
- The pricing tier of web application firewall policy. Defaults to Classic_AzureFrontDoor if not specified.
- {[key: string]: string}
- Resource tags.
- resource_
group_ strname - The name of the resource group. The name is case insensitive.
- custom_
rules CustomRule List Args - Describes custom rules inside the policy.
- location str
- Resource location.
- managed_
rules ManagedRule Set List Args - Describes managed rules inside the policy.
- policy_
name str - The name of the Web Application Firewall Policy.
- policy_
settings PolicySettings Args - Describes settings for the policy.
- sku
Sku
Args - The pricing tier of web application firewall policy. Defaults to Classic_AzureFrontDoor if not specified.
- Mapping[str, str]
- Resource tags.
- resource
Group StringName - The name of the resource group. The name is case insensitive.
- custom
Rules Property Map - Describes custom rules inside the policy.
- location String
- Resource location.
- managed
Rules Property Map - Describes managed rules inside the policy.
- policy
Name String - The name of the Web Application Firewall Policy.
- policy
Settings Property Map - Describes settings for the policy.
- sku Property Map
- The pricing tier of web application firewall policy. Defaults to Classic_AzureFrontDoor if not specified.
- Map<String>
- Resource tags.
Outputs
All input properties are implicitly available as output properties. Additionally, the Policy resource produces the following output properties:
- Azure
Api stringVersion - The Azure API version of the resource.
- Frontend
Endpoint List<Pulumi.Links Azure Native. Front Door. Outputs. Frontend Endpoint Link Response> - Describes Frontend Endpoints associated with this Web Application Firewall policy.
- Id string
- The provider-assigned unique ID for this managed resource.
- Name string
- Resource name.
- Provisioning
State string - Provisioning state of the policy.
- Resource
State string - Resource status of the policy.
- Routing
Rule List<Pulumi.Links Azure Native. Front Door. Outputs. Routing Rule Link Response> - Describes Routing Rules associated with this Web Application Firewall policy.
- Security
Policy List<Pulumi.Links Azure Native. Front Door. Outputs. Security Policy Link Response> - Describes Security Policy associated with this Web Application Firewall policy.
- Type string
- Resource type.
- Etag string
- Gets a unique read-only string that changes whenever the resource is updated.
- Azure
Api stringVersion - The Azure API version of the resource.
- Frontend
Endpoint []FrontendLinks Endpoint Link Response - Describes Frontend Endpoints associated with this Web Application Firewall policy.
- Id string
- The provider-assigned unique ID for this managed resource.
- Name string
- Resource name.
- Provisioning
State string - Provisioning state of the policy.
- Resource
State string - Resource status of the policy.
- Routing
Rule []RoutingLinks Rule Link Response - Describes Routing Rules associated with this Web Application Firewall policy.
- Security
Policy []SecurityLinks Policy Link Response - Describes Security Policy associated with this Web Application Firewall policy.
- Type string
- Resource type.
- Etag string
- Gets a unique read-only string that changes whenever the resource is updated.
- azure_
api_ stringversion - The Azure API version of the resource.
- frontend_
endpoint_ list(object)links - Describes Frontend Endpoints associated with this Web Application Firewall policy.
- id string
- The provider-assigned unique ID for this managed resource.
- name string
- Resource name.
- provisioning_
state string - Provisioning state of the policy.
- resource_
state string - Resource status of the policy.
- routing_
rule_ list(object)links - Describes Routing Rules associated with this Web Application Firewall policy.
- security_
policy_ list(object)links - Describes Security Policy associated with this Web Application Firewall policy.
- type string
- Resource type.
- etag string
- Gets a unique read-only string that changes whenever the resource is updated.
- azure
Api StringVersion - The Azure API version of the resource.
- frontend
Endpoint List<FrontendLinks Endpoint Link Response> - Describes Frontend Endpoints associated with this Web Application Firewall policy.
- id String
- The provider-assigned unique ID for this managed resource.
- name String
- Resource name.
- provisioning
State String - Provisioning state of the policy.
- resource
State String - Resource status of the policy.
- routing
Rule List<RoutingLinks Rule Link Response> - Describes Routing Rules associated with this Web Application Firewall policy.
- security
Policy List<SecurityLinks Policy Link Response> - Describes Security Policy associated with this Web Application Firewall policy.
- type String
- Resource type.
- etag String
- Gets a unique read-only string that changes whenever the resource is updated.
- azure
Api stringVersion - The Azure API version of the resource.
- frontend
Endpoint FrontendLinks Endpoint Link Response[] - Describes Frontend Endpoints associated with this Web Application Firewall policy.
- id string
- The provider-assigned unique ID for this managed resource.
- name string
- Resource name.
- provisioning
State string - Provisioning state of the policy.
- resource
State string - Resource status of the policy.
- routing
Rule RoutingLinks Rule Link Response[] - Describes Routing Rules associated with this Web Application Firewall policy.
- security
Policy SecurityLinks Policy Link Response[] - Describes Security Policy associated with this Web Application Firewall policy.
- type string
- Resource type.
- etag string
- Gets a unique read-only string that changes whenever the resource is updated.
- azure_
api_ strversion - The Azure API version of the resource.
- frontend_
endpoint_ Sequence[Frontendlinks Endpoint Link Response] - Describes Frontend Endpoints associated with this Web Application Firewall policy.
- id str
- The provider-assigned unique ID for this managed resource.
- name str
- Resource name.
- provisioning_
state str - Provisioning state of the policy.
- resource_
state str - Resource status of the policy.
- routing_
rule_ Sequence[Routinglinks Rule Link Response] - Describes Routing Rules associated with this Web Application Firewall policy.
- security_
policy_ Sequence[Securitylinks Policy Link Response] - Describes Security Policy associated with this Web Application Firewall policy.
- type str
- Resource type.
- etag str
- Gets a unique read-only string that changes whenever the resource is updated.
- azure
Api StringVersion - The Azure API version of the resource.
- frontend
Endpoint List<Property Map>Links - Describes Frontend Endpoints associated with this Web Application Firewall policy.
- id String
- The provider-assigned unique ID for this managed resource.
- name String
- Resource name.
- provisioning
State String - Provisioning state of the policy.
- resource
State String - Resource status of the policy.
- routing
Rule List<Property Map>Links - Describes Routing Rules associated with this Web Application Firewall policy.
- security
Policy List<Property Map>Links - Describes Security Policy associated with this Web Application Firewall policy.
- type String
- Resource type.
- etag String
- Gets a unique read-only string that changes whenever the resource is updated.
Supporting Types
ActionType, ActionTypeArgs
- Allow
AllowAllow- Block
BlockBlock- Log
LogLog- Redirect
RedirectRedirect- Anomaly
Scoring AnomalyScoringAnomalyScoring- JSChallenge
JSChallengeJSChallenge- CAPTCHA
CAPTCHACAPTCHA
- Action
Type Allow AllowAllow- Action
Type Block BlockBlock- Action
Type Log LogLog- Action
Type Redirect RedirectRedirect- Action
Type Anomaly Scoring AnomalyScoringAnomalyScoring- Action
Type JSChallenge JSChallengeJSChallenge- Action
Type CAPTCHA CAPTCHACAPTCHA
- "Allow"
AllowAllow- "Block"
BlockBlock- "Log"
LogLog- "Redirect"
RedirectRedirect- "Anomaly
Scoring" AnomalyScoringAnomalyScoring- "JSChallenge"
JSChallengeJSChallenge- "CAPTCHA"
CAPTCHACAPTCHA
- Allow
AllowAllow- Block
BlockBlock- Log
LogLog- Redirect
RedirectRedirect- Anomaly
Scoring AnomalyScoringAnomalyScoring- JSChallenge
JSChallengeJSChallenge- CAPTCHA
CAPTCHACAPTCHA
- Allow
AllowAllow- Block
BlockBlock- Log
LogLog- Redirect
RedirectRedirect- Anomaly
Scoring AnomalyScoringAnomalyScoring- JSChallenge
JSChallengeJSChallenge- CAPTCHA
CAPTCHACAPTCHA
- ALLOW
AllowAllow- BLOCK
BlockBlock- LOG
LogLog- REDIRECT
RedirectRedirect- ANOMALY_SCORING
AnomalyScoringAnomalyScoring- JS_CHALLENGE
JSChallengeJSChallenge- CAPTCHA
CAPTCHACAPTCHA
- "Allow"
AllowAllow- "Block"
BlockBlock- "Log"
LogLog- "Redirect"
RedirectRedirect- "Anomaly
Scoring" AnomalyScoringAnomalyScoring- "JSChallenge"
JSChallengeJSChallenge- "CAPTCHA"
CAPTCHACAPTCHA
CustomRule, CustomRuleArgs
Defines contents of a web application rule- Action
string | Pulumi.
Azure Native. Front Door. Action Type - Describes what action to be applied when rule matches.
- Match
Conditions List<Pulumi.Azure Native. Front Door. Inputs. Match Condition> - List of match conditions.
- Priority int
- Describes priority of the rule. Rules with a lower value will be evaluated before rules with a higher value.
- Rule
Type string | Pulumi.Azure Native. Front Door. Rule Type - Describes type of rule.
- Enabled
State string | Pulumi.Azure Native. Front Door. Custom Rule Enabled State - Describes if the custom rule is in enabled or disabled state. Defaults to Enabled if not specified.
- Group
By List<Pulumi.Azure Native. Front Door. Inputs. Group By Variable> - Describes the list of variables to group the rate limit requests
- Name string
- Describes the name of the rule.
- Rate
Limit intDuration In Minutes - Time window for resetting the rate limit count. Default is 1 minute.
- Rate
Limit intThreshold - Number of allowed requests per client within the time window.
- Action
string | Action
Type - Describes what action to be applied when rule matches.
- Match
Conditions []MatchCondition - List of match conditions.
- Priority int
- Describes priority of the rule. Rules with a lower value will be evaluated before rules with a higher value.
- Rule
Type string | RuleType - Describes type of rule.
- Enabled
State string | CustomRule Enabled State - Describes if the custom rule is in enabled or disabled state. Defaults to Enabled if not specified.
- Group
By []GroupBy Variable - Describes the list of variables to group the rate limit requests
- Name string
- Describes the name of the rule.
- Rate
Limit intDuration In Minutes - Time window for resetting the rate limit count. Default is 1 minute.
- Rate
Limit intThreshold - Number of allowed requests per client within the time window.
- action
string | "Allow" | "Block" | "Log" | "Redirect" | "Anomaly
Scoring" | "JSChallenge" | "CAPTCHA" - Describes what action to be applied when rule matches.
- match_
conditions list(object) - List of match conditions.
- priority number
- Describes priority of the rule. Rules with a lower value will be evaluated before rules with a higher value.
- rule_
type string | "MatchRule" | "Rate Limit Rule" - Describes type of rule.
- enabled_
state string | "Disabled" | "Enabled" - Describes if the custom rule is in enabled or disabled state. Defaults to Enabled if not specified.
- group_
by list(object) - Describes the list of variables to group the rate limit requests
- name string
- Describes the name of the rule.
- rate_
limit_ numberduration_ in_ minutes - Time window for resetting the rate limit count. Default is 1 minute.
- rate_
limit_ numberthreshold - Number of allowed requests per client within the time window.
- action
String | Action
Type - Describes what action to be applied when rule matches.
- match
Conditions List<MatchCondition> - List of match conditions.
- priority Integer
- Describes priority of the rule. Rules with a lower value will be evaluated before rules with a higher value.
- rule
Type String | RuleType - Describes type of rule.
- enabled
State String | CustomRule Enabled State - Describes if the custom rule is in enabled or disabled state. Defaults to Enabled if not specified.
- group
By List<GroupBy Variable> - Describes the list of variables to group the rate limit requests
- name String
- Describes the name of the rule.
- rate
Limit IntegerDuration In Minutes - Time window for resetting the rate limit count. Default is 1 minute.
- rate
Limit IntegerThreshold - Number of allowed requests per client within the time window.
- action
string | Action
Type - Describes what action to be applied when rule matches.
- match
Conditions MatchCondition[] - List of match conditions.
- priority number
- Describes priority of the rule. Rules with a lower value will be evaluated before rules with a higher value.
- rule
Type string | RuleType - Describes type of rule.
- enabled
State string | CustomRule Enabled State - Describes if the custom rule is in enabled or disabled state. Defaults to Enabled if not specified.
- group
By GroupBy Variable[] - Describes the list of variables to group the rate limit requests
- name string
- Describes the name of the rule.
- rate
Limit numberDuration In Minutes - Time window for resetting the rate limit count. Default is 1 minute.
- rate
Limit numberThreshold - Number of allowed requests per client within the time window.
- action
str | Action
Type - Describes what action to be applied when rule matches.
- match_
conditions Sequence[MatchCondition] - List of match conditions.
- priority int
- Describes priority of the rule. Rules with a lower value will be evaluated before rules with a higher value.
- rule_
type str | RuleType - Describes type of rule.
- enabled_
state str | CustomRule Enabled State - Describes if the custom rule is in enabled or disabled state. Defaults to Enabled if not specified.
- group_
by Sequence[GroupBy Variable] - Describes the list of variables to group the rate limit requests
- name str
- Describes the name of the rule.
- rate_
limit_ intduration_ in_ minutes - Time window for resetting the rate limit count. Default is 1 minute.
- rate_
limit_ intthreshold - Number of allowed requests per client within the time window.
- action
String | "Allow" | "Block" | "Log" | "Redirect" | "Anomaly
Scoring" | "JSChallenge" | "CAPTCHA" - Describes what action to be applied when rule matches.
- match
Conditions List<Property Map> - List of match conditions.
- priority Number
- Describes priority of the rule. Rules with a lower value will be evaluated before rules with a higher value.
- rule
Type String | "MatchRule" | "Rate Limit Rule" - Describes type of rule.
- enabled
State String | "Disabled" | "Enabled" - Describes if the custom rule is in enabled or disabled state. Defaults to Enabled if not specified.
- group
By List<Property Map> - Describes the list of variables to group the rate limit requests
- name String
- Describes the name of the rule.
- rate
Limit NumberDuration In Minutes - Time window for resetting the rate limit count. Default is 1 minute.
- rate
Limit NumberThreshold - Number of allowed requests per client within the time window.
CustomRuleEnabledState, CustomRuleEnabledStateArgs
- Disabled
DisabledDisabled- Enabled
EnabledEnabled
- Custom
Rule Enabled State Disabled DisabledDisabled- Custom
Rule Enabled State Enabled EnabledEnabled
- "Disabled"
DisabledDisabled- "Enabled"
EnabledEnabled
- Disabled
DisabledDisabled- Enabled
EnabledEnabled
- Disabled
DisabledDisabled- Enabled
EnabledEnabled
- DISABLED
DisabledDisabled- ENABLED
EnabledEnabled
- "Disabled"
DisabledDisabled- "Enabled"
EnabledEnabled
CustomRuleList, CustomRuleListArgs
Defines contents of custom rules- Rules
[]Custom
Rule - List of rules
- rules list(object)
- List of rules
- rules
List<Custom
Rule> - List of rules
- rules
Custom
Rule[] - List of rules
- rules
Sequence[Custom
Rule] - List of rules
- rules List<Property Map>
- List of rules
CustomRuleListResponse, CustomRuleListResponseArgs
Defines contents of custom rules- Rules
[]Custom
Rule Response - List of rules
- rules list(object)
- List of rules
- rules
List<Custom
Rule Response> - List of rules
- rules
Custom
Rule Response[] - List of rules
- rules
Sequence[Custom
Rule Response] - List of rules
- rules List<Property Map>
- List of rules
CustomRuleResponse, CustomRuleResponseArgs
Defines contents of a web application rule- Action string
- Describes what action to be applied when rule matches.
- Match
Conditions List<Pulumi.Azure Native. Front Door. Inputs. Match Condition Response> - List of match conditions.
- Priority int
- Describes priority of the rule. Rules with a lower value will be evaluated before rules with a higher value.
- Rule
Type string - Describes type of rule.
- Enabled
State string - Describes if the custom rule is in enabled or disabled state. Defaults to Enabled if not specified.
- Group
By List<Pulumi.Azure Native. Front Door. Inputs. Group By Variable Response> - Describes the list of variables to group the rate limit requests
- Name string
- Describes the name of the rule.
- Rate
Limit intDuration In Minutes - Time window for resetting the rate limit count. Default is 1 minute.
- Rate
Limit intThreshold - Number of allowed requests per client within the time window.
- Action string
- Describes what action to be applied when rule matches.
- Match
Conditions []MatchCondition Response - List of match conditions.
- Priority int
- Describes priority of the rule. Rules with a lower value will be evaluated before rules with a higher value.
- Rule
Type string - Describes type of rule.
- Enabled
State string - Describes if the custom rule is in enabled or disabled state. Defaults to Enabled if not specified.
- Group
By []GroupBy Variable Response - Describes the list of variables to group the rate limit requests
- Name string
- Describes the name of the rule.
- Rate
Limit intDuration In Minutes - Time window for resetting the rate limit count. Default is 1 minute.
- Rate
Limit intThreshold - Number of allowed requests per client within the time window.
- action string
- Describes what action to be applied when rule matches.
- match_
conditions list(object) - List of match conditions.
- priority number
- Describes priority of the rule. Rules with a lower value will be evaluated before rules with a higher value.
- rule_
type string - Describes type of rule.
- enabled_
state string - Describes if the custom rule is in enabled or disabled state. Defaults to Enabled if not specified.
- group_
by list(object) - Describes the list of variables to group the rate limit requests
- name string
- Describes the name of the rule.
- rate_
limit_ numberduration_ in_ minutes - Time window for resetting the rate limit count. Default is 1 minute.
- rate_
limit_ numberthreshold - Number of allowed requests per client within the time window.
- action String
- Describes what action to be applied when rule matches.
- match
Conditions List<MatchCondition Response> - List of match conditions.
- priority Integer
- Describes priority of the rule. Rules with a lower value will be evaluated before rules with a higher value.
- rule
Type String - Describes type of rule.
- enabled
State String - Describes if the custom rule is in enabled or disabled state. Defaults to Enabled if not specified.
- group
By List<GroupBy Variable Response> - Describes the list of variables to group the rate limit requests
- name String
- Describes the name of the rule.
- rate
Limit IntegerDuration In Minutes - Time window for resetting the rate limit count. Default is 1 minute.
- rate
Limit IntegerThreshold - Number of allowed requests per client within the time window.
- action string
- Describes what action to be applied when rule matches.
- match
Conditions MatchCondition Response[] - List of match conditions.
- priority number
- Describes priority of the rule. Rules with a lower value will be evaluated before rules with a higher value.
- rule
Type string - Describes type of rule.
- enabled
State string - Describes if the custom rule is in enabled or disabled state. Defaults to Enabled if not specified.
- group
By GroupBy Variable Response[] - Describes the list of variables to group the rate limit requests
- name string
- Describes the name of the rule.
- rate
Limit numberDuration In Minutes - Time window for resetting the rate limit count. Default is 1 minute.
- rate
Limit numberThreshold - Number of allowed requests per client within the time window.
- action str
- Describes what action to be applied when rule matches.
- match_
conditions Sequence[MatchCondition Response] - List of match conditions.
- priority int
- Describes priority of the rule. Rules with a lower value will be evaluated before rules with a higher value.
- rule_
type str - Describes type of rule.
- enabled_
state str - Describes if the custom rule is in enabled or disabled state. Defaults to Enabled if not specified.
- group_
by Sequence[GroupBy Variable Response] - Describes the list of variables to group the rate limit requests
- name str
- Describes the name of the rule.
- rate_
limit_ intduration_ in_ minutes - Time window for resetting the rate limit count. Default is 1 minute.
- rate_
limit_ intthreshold - Number of allowed requests per client within the time window.
- action String
- Describes what action to be applied when rule matches.
- match
Conditions List<Property Map> - List of match conditions.
- priority Number
- Describes priority of the rule. Rules with a lower value will be evaluated before rules with a higher value.
- rule
Type String - Describes type of rule.
- enabled
State String - Describes if the custom rule is in enabled or disabled state. Defaults to Enabled if not specified.
- group
By List<Property Map> - Describes the list of variables to group the rate limit requests
- name String
- Describes the name of the rule.
- rate
Limit NumberDuration In Minutes - Time window for resetting the rate limit count. Default is 1 minute.
- rate
Limit NumberThreshold - Number of allowed requests per client within the time window.
ExceptionMatchVariable, ExceptionMatchVariableArgs
- Request
Uri RequestUriRequest Uri Exception Match Variable- Socket
Addr SocketAddrSocket Address Exception Match Variable- Request
Header Names RequestHeaderNamesRequest Header Names Exception Match Variable
- Exception
Match Variable Request Uri RequestUriRequest Uri Exception Match Variable- Exception
Match Variable Socket Addr SocketAddrSocket Address Exception Match Variable- Exception
Match Variable Request Header Names RequestHeaderNamesRequest Header Names Exception Match Variable
- "Request
Uri" RequestUriRequest Uri Exception Match Variable- "Socket
Addr" SocketAddrSocket Address Exception Match Variable- "Request
Header Names" RequestHeaderNamesRequest Header Names Exception Match Variable
- Request
Uri RequestUriRequest Uri Exception Match Variable- Socket
Addr SocketAddrSocket Address Exception Match Variable- Request
Header Names RequestHeaderNamesRequest Header Names Exception Match Variable
- Request
Uri RequestUriRequest Uri Exception Match Variable- Socket
Addr SocketAddrSocket Address Exception Match Variable- Request
Header Names RequestHeaderNamesRequest Header Names Exception Match Variable
- REQUEST_URI
RequestUriRequest Uri Exception Match Variable- SOCKET_ADDR
SocketAddrSocket Address Exception Match Variable- REQUEST_HEADER_NAMES
RequestHeaderNamesRequest Header Names Exception Match Variable
- "Request
Uri" RequestUriRequest Uri Exception Match Variable- "Socket
Addr" SocketAddrSocket Address Exception Match Variable- "Request
Header Names" RequestHeaderNamesRequest Header Names Exception Match Variable
ExceptionSelectorMatchOperator, ExceptionSelectorMatchOperatorArgs
- Equals
Value EqualsEquals Selector Match Operator
- Exception
Selector Match Operator Equals EqualsEquals Selector Match Operator
- "Equals"
EqualsEquals Selector Match Operator
- Equals
EqualsEquals Selector Match Operator
- Equals
EqualsEquals Selector Match Operator
- EQUALS
EqualsEquals Selector Match Operator
- "Equals"
EqualsEquals Selector Match Operator
ExceptionValueMatchOperator, ExceptionValueMatchOperatorArgs
- Equals
Value EqualsEquals Exception Value Match Operator- Contains
ContainsContains Exception Value Match Operator- Starts
With StartsWithStartsWith Exception Value Match Operator- Ends
With EndsWithEndsWith Exception Value Match Operator- Equals
Any EqualsAnyEqualsAny Exception Value Match Operator- IPMatch
IPMatchIPMatch Exception Value Match Operator
- Exception
Value Match Operator Equals EqualsEquals Exception Value Match Operator- Exception
Value Match Operator Contains ContainsContains Exception Value Match Operator- Exception
Value Match Operator Starts With StartsWithStartsWith Exception Value Match Operator- Exception
Value Match Operator Ends With EndsWithEndsWith Exception Value Match Operator- Exception
Value Match Operator Equals Any EqualsAnyEqualsAny Exception Value Match Operator- Exception
Value Match Operator IPMatch IPMatchIPMatch Exception Value Match Operator
- "Equals"
EqualsEquals Exception Value Match Operator- "Contains"
ContainsContains Exception Value Match Operator- "Starts
With" StartsWithStartsWith Exception Value Match Operator- "Ends
With" EndsWithEndsWith Exception Value Match Operator- "Equals
Any" EqualsAnyEqualsAny Exception Value Match Operator- "IPMatch"
IPMatchIPMatch Exception Value Match Operator
- Equals
EqualsEquals Exception Value Match Operator- Contains
ContainsContains Exception Value Match Operator- Starts
With StartsWithStartsWith Exception Value Match Operator- Ends
With EndsWithEndsWith Exception Value Match Operator- Equals
Any EqualsAnyEqualsAny Exception Value Match Operator- IPMatch
IPMatchIPMatch Exception Value Match Operator
- Equals
EqualsEquals Exception Value Match Operator- Contains
ContainsContains Exception Value Match Operator- Starts
With StartsWithStartsWith Exception Value Match Operator- Ends
With EndsWithEndsWith Exception Value Match Operator- Equals
Any EqualsAnyEqualsAny Exception Value Match Operator- IPMatch
IPMatchIPMatch Exception Value Match Operator
- EQUALS
EqualsEquals Exception Value Match Operator- CONTAINS
ContainsContains Exception Value Match Operator- STARTS_WITH
StartsWithStartsWith Exception Value Match Operator- ENDS_WITH
EndsWithEndsWith Exception Value Match Operator- EQUALS_ANY
EqualsAnyEqualsAny Exception Value Match Operator- IP_MATCH
IPMatchIPMatch Exception Value Match Operator
- "Equals"
EqualsEquals Exception Value Match Operator- "Contains"
ContainsContains Exception Value Match Operator- "Starts
With" StartsWithStartsWith Exception Value Match Operator- "Ends
With" EndsWithEndsWith Exception Value Match Operator- "Equals
Any" EqualsAnyEqualsAny Exception Value Match Operator- "IPMatch"
IPMatchIPMatch Exception Value Match Operator
FrontendEndpointLinkResponse, FrontendEndpointLinkResponseArgs
Defines the Resource ID for a Frontend Endpoint.- Id string
- Resource ID.
- Id string
- Resource ID.
- id string
- Resource ID.
- id String
- Resource ID.
- id string
- Resource ID.
- id str
- Resource ID.
- id String
- Resource ID.
GroupByVariable, GroupByVariableArgs
Describes the variables available to group the rate limit requests- Variable
Name string | Pulumi.Azure Native. Front Door. Variable Name - Describes the supported variable for group by
- Variable
Name string | VariableName - Describes the supported variable for group by
- variable_
name string | "SocketAddr" | "Geo Location" | "None" - Describes the supported variable for group by
- variable
Name String | VariableName - Describes the supported variable for group by
- variable
Name string | VariableName - Describes the supported variable for group by
- variable_
name str | VariableName - Describes the supported variable for group by
- variable
Name String | "SocketAddr" | "Geo Location" | "None" - Describes the supported variable for group by
GroupByVariableResponse, GroupByVariableResponseArgs
Describes the variables available to group the rate limit requests- Variable
Name string - Describes the supported variable for group by
- Variable
Name string - Describes the supported variable for group by
- variable_
name string - Describes the supported variable for group by
- variable
Name String - Describes the supported variable for group by
- variable
Name string - Describes the supported variable for group by
- variable_
name str - Describes the supported variable for group by
- variable
Name String - Describes the supported variable for group by
ManagedRuleEnabledState, ManagedRuleEnabledStateArgs
- Disabled
DisabledDisabled- Enabled
EnabledEnabled
- Managed
Rule Enabled State Disabled DisabledDisabled- Managed
Rule Enabled State Enabled EnabledEnabled
- "Disabled"
DisabledDisabled- "Enabled"
EnabledEnabled
- Disabled
DisabledDisabled- Enabled
EnabledEnabled
- Disabled
DisabledDisabled- Enabled
EnabledEnabled
- DISABLED
DisabledDisabled- ENABLED
EnabledEnabled
- "Disabled"
DisabledDisabled- "Enabled"
EnabledEnabled
ManagedRuleExclusion, ManagedRuleExclusionArgs
Exclude variables from managed rule evaluation.- Match
Variable string | Pulumi.Azure Native. Front Door. Managed Rule Exclusion Match Variable - The variable type to be excluded.
- Selector string
- Selector value for which elements in the collection this exclusion applies to.
- Selector
Match string | Pulumi.Operator Azure Native. Front Door. Managed Rule Exclusion Selector Match Operator - Comparison operator to apply to the selector when specifying which elements in the collection this exclusion applies to.
- Match
Variable string | ManagedRule Exclusion Match Variable - The variable type to be excluded.
- Selector string
- Selector value for which elements in the collection this exclusion applies to.
- Selector
Match string | ManagedOperator Rule Exclusion Selector Match Operator - Comparison operator to apply to the selector when specifying which elements in the collection this exclusion applies to.
- match_
variable string | "RequestHeader Names" | "Request Cookie Names" | "Query String Arg Names" | "Request Body Post Arg Names" | "Request Body Json Arg Names" - The variable type to be excluded.
- selector string
- Selector value for which elements in the collection this exclusion applies to.
- selector_
match_ string | "Equals" | "Contains" | "Startsoperator With" | "Ends With" | "Equals Any" - Comparison operator to apply to the selector when specifying which elements in the collection this exclusion applies to.
- match
Variable String | ManagedRule Exclusion Match Variable - The variable type to be excluded.
- selector String
- Selector value for which elements in the collection this exclusion applies to.
- selector
Match String | ManagedOperator Rule Exclusion Selector Match Operator - Comparison operator to apply to the selector when specifying which elements in the collection this exclusion applies to.
- match
Variable string | ManagedRule Exclusion Match Variable - The variable type to be excluded.
- selector string
- Selector value for which elements in the collection this exclusion applies to.
- selector
Match string | ManagedOperator Rule Exclusion Selector Match Operator - Comparison operator to apply to the selector when specifying which elements in the collection this exclusion applies to.
- match_
variable str | ManagedRule Exclusion Match Variable - The variable type to be excluded.
- selector str
- Selector value for which elements in the collection this exclusion applies to.
- selector_
match_ str | Managedoperator Rule Exclusion Selector Match Operator - Comparison operator to apply to the selector when specifying which elements in the collection this exclusion applies to.
- match
Variable String | "RequestHeader Names" | "Request Cookie Names" | "Query String Arg Names" | "Request Body Post Arg Names" | "Request Body Json Arg Names" - The variable type to be excluded.
- selector String
- Selector value for which elements in the collection this exclusion applies to.
- selector
Match String | "Equals" | "Contains" | "StartsOperator With" | "Ends With" | "Equals Any" - Comparison operator to apply to the selector when specifying which elements in the collection this exclusion applies to.
ManagedRuleExclusionMatchVariable, ManagedRuleExclusionMatchVariableArgs
- Request
Header Names RequestHeaderNamesRequestHeaderNames- Request
Cookie Names RequestCookieNamesRequestCookieNames- Query
String Arg Names QueryStringArgNamesQueryStringArgNames- Request
Body Post Arg Names RequestBodyPostArgNamesRequestBodyPostArgNames- Request
Body Json Arg Names RequestBodyJsonArgNamesRequestBodyJsonArgNames
- Managed
Rule Exclusion Match Variable Request Header Names RequestHeaderNamesRequestHeaderNames- Managed
Rule Exclusion Match Variable Request Cookie Names RequestCookieNamesRequestCookieNames- Managed
Rule Exclusion Match Variable Query String Arg Names QueryStringArgNamesQueryStringArgNames- Managed
Rule Exclusion Match Variable Request Body Post Arg Names RequestBodyPostArgNamesRequestBodyPostArgNames- Managed
Rule Exclusion Match Variable Request Body Json Arg Names RequestBodyJsonArgNamesRequestBodyJsonArgNames
- "Request
Header Names" RequestHeaderNamesRequestHeaderNames- "Request
Cookie Names" RequestCookieNamesRequestCookieNames- "Query
String Arg Names" QueryStringArgNamesQueryStringArgNames- "Request
Body Post Arg Names" RequestBodyPostArgNamesRequestBodyPostArgNames- "Request
Body Json Arg Names" RequestBodyJsonArgNamesRequestBodyJsonArgNames
- Request
Header Names RequestHeaderNamesRequestHeaderNames- Request
Cookie Names RequestCookieNamesRequestCookieNames- Query
String Arg Names QueryStringArgNamesQueryStringArgNames- Request
Body Post Arg Names RequestBodyPostArgNamesRequestBodyPostArgNames- Request
Body Json Arg Names RequestBodyJsonArgNamesRequestBodyJsonArgNames
- Request
Header Names RequestHeaderNamesRequestHeaderNames- Request
Cookie Names RequestCookieNamesRequestCookieNames- Query
String Arg Names QueryStringArgNamesQueryStringArgNames- Request
Body Post Arg Names RequestBodyPostArgNamesRequestBodyPostArgNames- Request
Body Json Arg Names RequestBodyJsonArgNamesRequestBodyJsonArgNames
- REQUEST_HEADER_NAMES
RequestHeaderNamesRequestHeaderNames- REQUEST_COOKIE_NAMES
RequestCookieNamesRequestCookieNames- QUERY_STRING_ARG_NAMES
QueryStringArgNamesQueryStringArgNames- REQUEST_BODY_POST_ARG_NAMES
RequestBodyPostArgNamesRequestBodyPostArgNames- REQUEST_BODY_JSON_ARG_NAMES
RequestBodyJsonArgNamesRequestBodyJsonArgNames
- "Request
Header Names" RequestHeaderNamesRequestHeaderNames- "Request
Cookie Names" RequestCookieNamesRequestCookieNames- "Query
String Arg Names" QueryStringArgNamesQueryStringArgNames- "Request
Body Post Arg Names" RequestBodyPostArgNamesRequestBodyPostArgNames- "Request
Body Json Arg Names" RequestBodyJsonArgNamesRequestBodyJsonArgNames
ManagedRuleExclusionResponse, ManagedRuleExclusionResponseArgs
Exclude variables from managed rule evaluation.- Match
Variable string - The variable type to be excluded.
- Selector string
- Selector value for which elements in the collection this exclusion applies to.
- Selector
Match stringOperator - Comparison operator to apply to the selector when specifying which elements in the collection this exclusion applies to.
- Match
Variable string - The variable type to be excluded.
- Selector string
- Selector value for which elements in the collection this exclusion applies to.
- Selector
Match stringOperator - Comparison operator to apply to the selector when specifying which elements in the collection this exclusion applies to.
- match_
variable string - The variable type to be excluded.
- selector string
- Selector value for which elements in the collection this exclusion applies to.
- selector_
match_ stringoperator - Comparison operator to apply to the selector when specifying which elements in the collection this exclusion applies to.
- match
Variable String - The variable type to be excluded.
- selector String
- Selector value for which elements in the collection this exclusion applies to.
- selector
Match StringOperator - Comparison operator to apply to the selector when specifying which elements in the collection this exclusion applies to.
- match
Variable string - The variable type to be excluded.
- selector string
- Selector value for which elements in the collection this exclusion applies to.
- selector
Match stringOperator - Comparison operator to apply to the selector when specifying which elements in the collection this exclusion applies to.
- match_
variable str - The variable type to be excluded.
- selector str
- Selector value for which elements in the collection this exclusion applies to.
- selector_
match_ stroperator - Comparison operator to apply to the selector when specifying which elements in the collection this exclusion applies to.
- match
Variable String - The variable type to be excluded.
- selector String
- Selector value for which elements in the collection this exclusion applies to.
- selector
Match StringOperator - Comparison operator to apply to the selector when specifying which elements in the collection this exclusion applies to.
ManagedRuleExclusionSelectorMatchOperator, ManagedRuleExclusionSelectorMatchOperatorArgs
- Equals
Value EqualsEquals- Contains
ContainsContains- Starts
With StartsWithStartsWith- Ends
With EndsWithEndsWith- Equals
Any EqualsAnyEqualsAny
- Managed
Rule Exclusion Selector Match Operator Equals EqualsEquals- Managed
Rule Exclusion Selector Match Operator Contains ContainsContains- Managed
Rule Exclusion Selector Match Operator Starts With StartsWithStartsWith- Managed
Rule Exclusion Selector Match Operator Ends With EndsWithEndsWith- Managed
Rule Exclusion Selector Match Operator Equals Any EqualsAnyEqualsAny
- "Equals"
EqualsEquals- "Contains"
ContainsContains- "Starts
With" StartsWithStartsWith- "Ends
With" EndsWithEndsWith- "Equals
Any" EqualsAnyEqualsAny
- Equals
EqualsEquals- Contains
ContainsContains- Starts
With StartsWithStartsWith- Ends
With EndsWithEndsWith- Equals
Any EqualsAnyEqualsAny
- Equals
EqualsEquals- Contains
ContainsContains- Starts
With StartsWithStartsWith- Ends
With EndsWithEndsWith- Equals
Any EqualsAnyEqualsAny
- EQUALS
EqualsEquals- CONTAINS
ContainsContains- STARTS_WITH
StartsWithStartsWith- ENDS_WITH
EndsWithEndsWith- EQUALS_ANY
EqualsAnyEqualsAny
- "Equals"
EqualsEquals- "Contains"
ContainsContains- "Starts
With" StartsWithStartsWith- "Ends
With" EndsWithEndsWith- "Equals
Any" EqualsAnyEqualsAny
ManagedRuleGroupOverride, ManagedRuleGroupOverrideArgs
Defines a managed rule group override setting.- Rule
Group stringName - Describes the managed rule group to override.
- Exclusions
List<Pulumi.
Azure Native. Front Door. Inputs. Managed Rule Exclusion> - Describes the exclusions that are applied to all rules in the group.
- Rules
List<Pulumi.
Azure Native. Front Door. Inputs. Managed Rule Override> - List of rules that will be disabled. If none specified, all rules in the group will be disabled.
- Rule
Group stringName - Describes the managed rule group to override.
- Exclusions
[]Managed
Rule Exclusion - Describes the exclusions that are applied to all rules in the group.
- Rules
[]Managed
Rule Override - List of rules that will be disabled. If none specified, all rules in the group will be disabled.
- rule_
group_ stringname - Describes the managed rule group to override.
- exclusions list(object)
- Describes the exclusions that are applied to all rules in the group.
- rules list(object)
- List of rules that will be disabled. If none specified, all rules in the group will be disabled.
- rule
Group StringName - Describes the managed rule group to override.
- exclusions
List<Managed
Rule Exclusion> - Describes the exclusions that are applied to all rules in the group.
- rules
List<Managed
Rule Override> - List of rules that will be disabled. If none specified, all rules in the group will be disabled.
- rule
Group stringName - Describes the managed rule group to override.
- exclusions
Managed
Rule Exclusion[] - Describes the exclusions that are applied to all rules in the group.
- rules
Managed
Rule Override[] - List of rules that will be disabled. If none specified, all rules in the group will be disabled.
- rule_
group_ strname - Describes the managed rule group to override.
- exclusions
Sequence[Managed
Rule Exclusion] - Describes the exclusions that are applied to all rules in the group.
- rules
Sequence[Managed
Rule Override] - List of rules that will be disabled. If none specified, all rules in the group will be disabled.
- rule
Group StringName - Describes the managed rule group to override.
- exclusions List<Property Map>
- Describes the exclusions that are applied to all rules in the group.
- rules List<Property Map>
- List of rules that will be disabled. If none specified, all rules in the group will be disabled.
ManagedRuleGroupOverrideResponse, ManagedRuleGroupOverrideResponseArgs
Defines a managed rule group override setting.- Rule
Group stringName - Describes the managed rule group to override.
- Exclusions
List<Pulumi.
Azure Native. Front Door. Inputs. Managed Rule Exclusion Response> - Describes the exclusions that are applied to all rules in the group.
- Rules
List<Pulumi.
Azure Native. Front Door. Inputs. Managed Rule Override Response> - List of rules that will be disabled. If none specified, all rules in the group will be disabled.
- Rule
Group stringName - Describes the managed rule group to override.
- Exclusions
[]Managed
Rule Exclusion Response - Describes the exclusions that are applied to all rules in the group.
- Rules
[]Managed
Rule Override Response - List of rules that will be disabled. If none specified, all rules in the group will be disabled.
- rule_
group_ stringname - Describes the managed rule group to override.
- exclusions list(object)
- Describes the exclusions that are applied to all rules in the group.
- rules list(object)
- List of rules that will be disabled. If none specified, all rules in the group will be disabled.
- rule
Group StringName - Describes the managed rule group to override.
- exclusions
List<Managed
Rule Exclusion Response> - Describes the exclusions that are applied to all rules in the group.
- rules
List<Managed
Rule Override Response> - List of rules that will be disabled. If none specified, all rules in the group will be disabled.
- rule
Group stringName - Describes the managed rule group to override.
- exclusions
Managed
Rule Exclusion Response[] - Describes the exclusions that are applied to all rules in the group.
- rules
Managed
Rule Override Response[] - List of rules that will be disabled. If none specified, all rules in the group will be disabled.
- rule_
group_ strname - Describes the managed rule group to override.
- exclusions
Sequence[Managed
Rule Exclusion Response] - Describes the exclusions that are applied to all rules in the group.
- rules
Sequence[Managed
Rule Override Response] - List of rules that will be disabled. If none specified, all rules in the group will be disabled.
- rule
Group StringName - Describes the managed rule group to override.
- exclusions List<Property Map>
- Describes the exclusions that are applied to all rules in the group.
- rules List<Property Map>
- List of rules that will be disabled. If none specified, all rules in the group will be disabled.
ManagedRuleOverride, ManagedRuleOverrideArgs
Defines a managed rule group override setting.- Rule
Id string - Identifier for the managed rule.
- Action
string | Pulumi.
Azure Native. Front Door. Action Type - Describes the override action to be applied when rule matches.
- Enabled
State string | Pulumi.Azure Native. Front Door. Managed Rule Enabled State - Describes if the managed rule is in enabled or disabled state. Defaults to Disabled if not specified.
- Exclusions
List<Pulumi.
Azure Native. Front Door. Inputs. Managed Rule Exclusion> - Describes the exclusions that are applied to this specific rule.
- Sensitivity
string | Pulumi.
Azure Native. Front Door. Sensitivity Type - Describes the override sensitivity to be applied when rule matches.
- Rule
Id string - Identifier for the managed rule.
- Action
string | Action
Type - Describes the override action to be applied when rule matches.
- Enabled
State string | ManagedRule Enabled State - Describes if the managed rule is in enabled or disabled state. Defaults to Disabled if not specified.
- Exclusions
[]Managed
Rule Exclusion - Describes the exclusions that are applied to this specific rule.
- Sensitivity
string | Sensitivity
Type - Describes the override sensitivity to be applied when rule matches.
- rule_
id string - Identifier for the managed rule.
- action
string | "Allow" | "Block" | "Log" | "Redirect" | "Anomaly
Scoring" | "JSChallenge" | "CAPTCHA" - Describes the override action to be applied when rule matches.
- enabled_
state string | "Disabled" | "Enabled" - Describes if the managed rule is in enabled or disabled state. Defaults to Disabled if not specified.
- exclusions list(object)
- Describes the exclusions that are applied to this specific rule.
- sensitivity string | "Low" | "Medium" | "High"
- Describes the override sensitivity to be applied when rule matches.
- rule
Id String - Identifier for the managed rule.
- action
String | Action
Type - Describes the override action to be applied when rule matches.
- enabled
State String | ManagedRule Enabled State - Describes if the managed rule is in enabled or disabled state. Defaults to Disabled if not specified.
- exclusions
List<Managed
Rule Exclusion> - Describes the exclusions that are applied to this specific rule.
- sensitivity
String | Sensitivity
Type - Describes the override sensitivity to be applied when rule matches.
- rule
Id string - Identifier for the managed rule.
- action
string | Action
Type - Describes the override action to be applied when rule matches.
- enabled
State string | ManagedRule Enabled State - Describes if the managed rule is in enabled or disabled state. Defaults to Disabled if not specified.
- exclusions
Managed
Rule Exclusion[] - Describes the exclusions that are applied to this specific rule.
- sensitivity
string | Sensitivity
Type - Describes the override sensitivity to be applied when rule matches.
- rule_
id str - Identifier for the managed rule.
- action
str | Action
Type - Describes the override action to be applied when rule matches.
- enabled_
state str | ManagedRule Enabled State - Describes if the managed rule is in enabled or disabled state. Defaults to Disabled if not specified.
- exclusions
Sequence[Managed
Rule Exclusion] - Describes the exclusions that are applied to this specific rule.
- sensitivity
str | Sensitivity
Type - Describes the override sensitivity to be applied when rule matches.
- rule
Id String - Identifier for the managed rule.
- action
String | "Allow" | "Block" | "Log" | "Redirect" | "Anomaly
Scoring" | "JSChallenge" | "CAPTCHA" - Describes the override action to be applied when rule matches.
- enabled
State String | "Disabled" | "Enabled" - Describes if the managed rule is in enabled or disabled state. Defaults to Disabled if not specified.
- exclusions List<Property Map>
- Describes the exclusions that are applied to this specific rule.
- sensitivity String | "Low" | "Medium" | "High"
- Describes the override sensitivity to be applied when rule matches.
ManagedRuleOverrideResponse, ManagedRuleOverrideResponseArgs
Defines a managed rule group override setting.- Rule
Id string - Identifier for the managed rule.
- Action string
- Describes the override action to be applied when rule matches.
- Enabled
State string - Describes if the managed rule is in enabled or disabled state. Defaults to Disabled if not specified.
- Exclusions
List<Pulumi.
Azure Native. Front Door. Inputs. Managed Rule Exclusion Response> - Describes the exclusions that are applied to this specific rule.
- Sensitivity string
- Describes the override sensitivity to be applied when rule matches.
- Rule
Id string - Identifier for the managed rule.
- Action string
- Describes the override action to be applied when rule matches.
- Enabled
State string - Describes if the managed rule is in enabled or disabled state. Defaults to Disabled if not specified.
- Exclusions
[]Managed
Rule Exclusion Response - Describes the exclusions that are applied to this specific rule.
- Sensitivity string
- Describes the override sensitivity to be applied when rule matches.
- rule_
id string - Identifier for the managed rule.
- action string
- Describes the override action to be applied when rule matches.
- enabled_
state string - Describes if the managed rule is in enabled or disabled state. Defaults to Disabled if not specified.
- exclusions list(object)
- Describes the exclusions that are applied to this specific rule.
- sensitivity string
- Describes the override sensitivity to be applied when rule matches.
- rule
Id String - Identifier for the managed rule.
- action String
- Describes the override action to be applied when rule matches.
- enabled
State String - Describes if the managed rule is in enabled or disabled state. Defaults to Disabled if not specified.
- exclusions
List<Managed
Rule Exclusion Response> - Describes the exclusions that are applied to this specific rule.
- sensitivity String
- Describes the override sensitivity to be applied when rule matches.
- rule
Id string - Identifier for the managed rule.
- action string
- Describes the override action to be applied when rule matches.
- enabled
State string - Describes if the managed rule is in enabled or disabled state. Defaults to Disabled if not specified.
- exclusions
Managed
Rule Exclusion Response[] - Describes the exclusions that are applied to this specific rule.
- sensitivity string
- Describes the override sensitivity to be applied when rule matches.
- rule_
id str - Identifier for the managed rule.
- action str
- Describes the override action to be applied when rule matches.
- enabled_
state str - Describes if the managed rule is in enabled or disabled state. Defaults to Disabled if not specified.
- exclusions
Sequence[Managed
Rule Exclusion Response] - Describes the exclusions that are applied to this specific rule.
- sensitivity str
- Describes the override sensitivity to be applied when rule matches.
- rule
Id String - Identifier for the managed rule.
- action String
- Describes the override action to be applied when rule matches.
- enabled
State String - Describes if the managed rule is in enabled or disabled state. Defaults to Disabled if not specified.
- exclusions List<Property Map>
- Describes the exclusions that are applied to this specific rule.
- sensitivity String
- Describes the override sensitivity to be applied when rule matches.
ManagedRuleSet, ManagedRuleSetArgs
Defines a managed rule set.- Rule
Set stringType - Defines the rule set type to use.
- Rule
Set stringVersion - Defines the version of the rule set to use.
- Exclusions
List<Pulumi.
Azure Native. Front Door. Inputs. Managed Rule Exclusion> - Describes the exclusions that are applied to all rules in the set.
- Rule
Group List<Pulumi.Overrides Azure Native. Front Door. Inputs. Managed Rule Group Override> - Defines the rule group overrides to apply to the rule set.
- Rule
Set string | Pulumi.Action Azure Native. Front Door. Managed Rule Set Action Type - Defines the rule set action.
- Rule
Set stringType - Defines the rule set type to use.
- Rule
Set stringVersion - Defines the version of the rule set to use.
- Exclusions
[]Managed
Rule Exclusion - Describes the exclusions that are applied to all rules in the set.
- Rule
Group []ManagedOverrides Rule Group Override - Defines the rule group overrides to apply to the rule set.
- Rule
Set string | ManagedAction Rule Set Action Type - Defines the rule set action.
- rule_
set_ stringtype - Defines the rule set type to use.
- rule_
set_ stringversion - Defines the version of the rule set to use.
- exclusions list(object)
- Describes the exclusions that are applied to all rules in the set.
- rule_
group_ list(object)overrides - Defines the rule group overrides to apply to the rule set.
- rule_
set_ string | "Block" | "Log" | "Redirect"action - Defines the rule set action.
- rule
Set StringType - Defines the rule set type to use.
- rule
Set StringVersion - Defines the version of the rule set to use.
- exclusions
List<Managed
Rule Exclusion> - Describes the exclusions that are applied to all rules in the set.
- rule
Group List<ManagedOverrides Rule Group Override> - Defines the rule group overrides to apply to the rule set.
- rule
Set String | ManagedAction Rule Set Action Type - Defines the rule set action.
- rule
Set stringType - Defines the rule set type to use.
- rule
Set stringVersion - Defines the version of the rule set to use.
- exclusions
Managed
Rule Exclusion[] - Describes the exclusions that are applied to all rules in the set.
- rule
Group ManagedOverrides Rule Group Override[] - Defines the rule group overrides to apply to the rule set.
- rule
Set string | ManagedAction Rule Set Action Type - Defines the rule set action.
- rule_
set_ strtype - Defines the rule set type to use.
- rule_
set_ strversion - Defines the version of the rule set to use.
- exclusions
Sequence[Managed
Rule Exclusion] - Describes the exclusions that are applied to all rules in the set.
- rule_
group_ Sequence[Managedoverrides Rule Group Override] - Defines the rule group overrides to apply to the rule set.
- rule_
set_ str | Managedaction Rule Set Action Type - Defines the rule set action.
- rule
Set StringType - Defines the rule set type to use.
- rule
Set StringVersion - Defines the version of the rule set to use.
- exclusions List<Property Map>
- Describes the exclusions that are applied to all rules in the set.
- rule
Group List<Property Map>Overrides - Defines the rule group overrides to apply to the rule set.
- rule
Set String | "Block" | "Log" | "Redirect"Action - Defines the rule set action.
ManagedRuleSetActionType, ManagedRuleSetActionTypeArgs
- Block
BlockBlock- Log
LogLog- Redirect
RedirectRedirect
- Managed
Rule Set Action Type Block BlockBlock- Managed
Rule Set Action Type Log LogLog- Managed
Rule Set Action Type Redirect RedirectRedirect
- "Block"
BlockBlock- "Log"
LogLog- "Redirect"
RedirectRedirect
- Block
BlockBlock- Log
LogLog- Redirect
RedirectRedirect
- Block
BlockBlock- Log
LogLog- Redirect
RedirectRedirect
- BLOCK
BlockBlock- LOG
LogLog- REDIRECT
RedirectRedirect
- "Block"
BlockBlock- "Log"
LogLog- "Redirect"
RedirectRedirect
ManagedRuleSetException, ManagedRuleSetExceptionArgs
Excludes whole requests from managed rule evaluation according to match conditions.- Match
Values List<string> - List of values to be matched with.
- Match
Variable string | Pulumi.Azure Native. Front Door. Exception Match Variable - The variable to be evaluated for excluding the request.
- Scopes
List<Pulumi.
Azure Native. Front Door. Inputs. Managed Rule Set Scope> - Scope(s) of the exception.
- Value
Match string | Pulumi.Operator Azure Native. Front Door. Exception Value Match Operator - Comparison operator to apply to the value to be matched.
- Selector string
- When matchVariable is a collection, operator used to specify which elements in the collection this exception applies to. Currently supported only for RequestHeaderNames.
- Selector
Match string | Pulumi.Operator Azure Native. Front Door. Exception Selector Match Operator - Comparison operator to apply to the selector when specifying which elements in the collection this exception applies to.
- Match
Values []string - List of values to be matched with.
- Match
Variable string | ExceptionMatch Variable - The variable to be evaluated for excluding the request.
- Scopes
[]Managed
Rule Set Scope - Scope(s) of the exception.
- Value
Match string | ExceptionOperator Value Match Operator - Comparison operator to apply to the value to be matched.
- Selector string
- When matchVariable is a collection, operator used to specify which elements in the collection this exception applies to. Currently supported only for RequestHeaderNames.
- Selector
Match string | ExceptionOperator Selector Match Operator - Comparison operator to apply to the selector when specifying which elements in the collection this exception applies to.
- match_
values list(string) - List of values to be matched with.
- match_
variable string | "RequestUri" | "Socket Addr" | "Request Header Names" - The variable to be evaluated for excluding the request.
- scopes list(object)
- Scope(s) of the exception.
- value_
match_ string | "Equals" | "Contains" | "Startsoperator With" | "Ends With" | "Equals Any" | "IPMatch" - Comparison operator to apply to the value to be matched.
- selector string
- When matchVariable is a collection, operator used to specify which elements in the collection this exception applies to. Currently supported only for RequestHeaderNames.
- selector_
match_ string | "Equals"operator - Comparison operator to apply to the selector when specifying which elements in the collection this exception applies to.
- match
Values List<String> - List of values to be matched with.
- match
Variable String | ExceptionMatch Variable - The variable to be evaluated for excluding the request.
- scopes
List<Managed
Rule Set Scope> - Scope(s) of the exception.
- value
Match String | ExceptionOperator Value Match Operator - Comparison operator to apply to the value to be matched.
- selector String
- When matchVariable is a collection, operator used to specify which elements in the collection this exception applies to. Currently supported only for RequestHeaderNames.
- selector
Match String | ExceptionOperator Selector Match Operator - Comparison operator to apply to the selector when specifying which elements in the collection this exception applies to.
- match
Values string[] - List of values to be matched with.
- match
Variable string | ExceptionMatch Variable - The variable to be evaluated for excluding the request.
- scopes
Managed
Rule Set Scope[] - Scope(s) of the exception.
- value
Match string | ExceptionOperator Value Match Operator - Comparison operator to apply to the value to be matched.
- selector string
- When matchVariable is a collection, operator used to specify which elements in the collection this exception applies to. Currently supported only for RequestHeaderNames.
- selector
Match string | ExceptionOperator Selector Match Operator - Comparison operator to apply to the selector when specifying which elements in the collection this exception applies to.
- match_
values Sequence[str] - List of values to be matched with.
- match_
variable str | ExceptionMatch Variable - The variable to be evaluated for excluding the request.
- scopes
Sequence[Managed
Rule Set Scope] - Scope(s) of the exception.
- value_
match_ str | Exceptionoperator Value Match Operator - Comparison operator to apply to the value to be matched.
- selector str
- When matchVariable is a collection, operator used to specify which elements in the collection this exception applies to. Currently supported only for RequestHeaderNames.
- selector_
match_ str | Exceptionoperator Selector Match Operator - Comparison operator to apply to the selector when specifying which elements in the collection this exception applies to.
- match
Values List<String> - List of values to be matched with.
- match
Variable String | "RequestUri" | "Socket Addr" | "Request Header Names" - The variable to be evaluated for excluding the request.
- scopes List<Property Map>
- Scope(s) of the exception.
- value
Match String | "Equals" | "Contains" | "StartsOperator With" | "Ends With" | "Equals Any" | "IPMatch" - Comparison operator to apply to the value to be matched.
- selector String
- When matchVariable is a collection, operator used to specify which elements in the collection this exception applies to. Currently supported only for RequestHeaderNames.
- selector
Match String | "Equals"Operator - Comparison operator to apply to the selector when specifying which elements in the collection this exception applies to.
ManagedRuleSetExceptionList, ManagedRuleSetExceptionListArgs
Defines the list of exceptions for the managed rule sets.- Exceptions
List<Pulumi.
Azure Native. Front Door. Inputs. Managed Rule Set Exception> - List of exceptions.
- Exceptions
[]Managed
Rule Set Exception - List of exceptions.
- exceptions list(object)
- List of exceptions.
- exceptions
List<Managed
Rule Set Exception> - List of exceptions.
- exceptions
Managed
Rule Set Exception[] - List of exceptions.
- exceptions
Sequence[Managed
Rule Set Exception] - List of exceptions.
- exceptions List<Property Map>
- List of exceptions.
ManagedRuleSetExceptionListResponse, ManagedRuleSetExceptionListResponseArgs
Defines the list of exceptions for the managed rule sets.- Exceptions
[]Managed
Rule Set Exception Response - List of exceptions.
- exceptions list(object)
- List of exceptions.
- exceptions
List<Managed
Rule Set Exception Response> - List of exceptions.
- exceptions
Managed
Rule Set Exception Response[] - List of exceptions.
- exceptions
Sequence[Managed
Rule Set Exception Response] - List of exceptions.
- exceptions List<Property Map>
- List of exceptions.
ManagedRuleSetExceptionResponse, ManagedRuleSetExceptionResponseArgs
Excludes whole requests from managed rule evaluation according to match conditions.- Match
Values List<string> - List of values to be matched with.
- Match
Variable string - The variable to be evaluated for excluding the request.
- Scopes
List<Pulumi.
Azure Native. Front Door. Inputs. Managed Rule Set Scope Response> - Scope(s) of the exception.
- Value
Match stringOperator - Comparison operator to apply to the value to be matched.
- Selector string
- When matchVariable is a collection, operator used to specify which elements in the collection this exception applies to. Currently supported only for RequestHeaderNames.
- Selector
Match stringOperator - Comparison operator to apply to the selector when specifying which elements in the collection this exception applies to.
- Match
Values []string - List of values to be matched with.
- Match
Variable string - The variable to be evaluated for excluding the request.
- Scopes
[]Managed
Rule Set Scope Response - Scope(s) of the exception.
- Value
Match stringOperator - Comparison operator to apply to the value to be matched.
- Selector string
- When matchVariable is a collection, operator used to specify which elements in the collection this exception applies to. Currently supported only for RequestHeaderNames.
- Selector
Match stringOperator - Comparison operator to apply to the selector when specifying which elements in the collection this exception applies to.
- match_
values list(string) - List of values to be matched with.
- match_
variable string - The variable to be evaluated for excluding the request.
- scopes list(object)
- Scope(s) of the exception.
- value_
match_ stringoperator - Comparison operator to apply to the value to be matched.
- selector string
- When matchVariable is a collection, operator used to specify which elements in the collection this exception applies to. Currently supported only for RequestHeaderNames.
- selector_
match_ stringoperator - Comparison operator to apply to the selector when specifying which elements in the collection this exception applies to.
- match
Values List<String> - List of values to be matched with.
- match
Variable String - The variable to be evaluated for excluding the request.
- scopes
List<Managed
Rule Set Scope Response> - Scope(s) of the exception.
- value
Match StringOperator - Comparison operator to apply to the value to be matched.
- selector String
- When matchVariable is a collection, operator used to specify which elements in the collection this exception applies to. Currently supported only for RequestHeaderNames.
- selector
Match StringOperator - Comparison operator to apply to the selector when specifying which elements in the collection this exception applies to.
- match
Values string[] - List of values to be matched with.
- match
Variable string - The variable to be evaluated for excluding the request.
- scopes
Managed
Rule Set Scope Response[] - Scope(s) of the exception.
- value
Match stringOperator - Comparison operator to apply to the value to be matched.
- selector string
- When matchVariable is a collection, operator used to specify which elements in the collection this exception applies to. Currently supported only for RequestHeaderNames.
- selector
Match stringOperator - Comparison operator to apply to the selector when specifying which elements in the collection this exception applies to.
- match_
values Sequence[str] - List of values to be matched with.
- match_
variable str - The variable to be evaluated for excluding the request.
- scopes
Sequence[Managed
Rule Set Scope Response] - Scope(s) of the exception.
- value_
match_ stroperator - Comparison operator to apply to the value to be matched.
- selector str
- When matchVariable is a collection, operator used to specify which elements in the collection this exception applies to. Currently supported only for RequestHeaderNames.
- selector_
match_ stroperator - Comparison operator to apply to the selector when specifying which elements in the collection this exception applies to.
- match
Values List<String> - List of values to be matched with.
- match
Variable String - The variable to be evaluated for excluding the request.
- scopes List<Property Map>
- Scope(s) of the exception.
- value
Match StringOperator - Comparison operator to apply to the value to be matched.
- selector String
- When matchVariable is a collection, operator used to specify which elements in the collection this exception applies to. Currently supported only for RequestHeaderNames.
- selector
Match StringOperator - Comparison operator to apply to the selector when specifying which elements in the collection this exception applies to.
ManagedRuleSetList, ManagedRuleSetListArgs
Defines the list of managed rule sets for the policy.- Exceptions
List Pulumi.Azure Native. Front Door. Inputs. Managed Rule Set Exception List - List of exceptions applied on the managed rule sets.
- Managed
Rule List<Pulumi.Sets Azure Native. Front Door. Inputs. Managed Rule Set> - List of rule sets.
- Exceptions
List ManagedRule Set Exception List - List of exceptions applied on the managed rule sets.
- Managed
Rule []ManagedSets Rule Set - List of rule sets.
- exceptions_
list object - List of exceptions applied on the managed rule sets.
- managed_
rule_ list(object)sets - List of rule sets.
- exceptions
List ManagedRule Set Exception List - List of exceptions applied on the managed rule sets.
- managed
Rule List<ManagedSets Rule Set> - List of rule sets.
- exceptions
List ManagedRule Set Exception List - List of exceptions applied on the managed rule sets.
- managed
Rule ManagedSets Rule Set[] - List of rule sets.
- exceptions_
list ManagedRule Set Exception List - List of exceptions applied on the managed rule sets.
- managed_
rule_ Sequence[Managedsets Rule Set] - List of rule sets.
- exceptions
List Property Map - List of exceptions applied on the managed rule sets.
- managed
Rule List<Property Map>Sets - List of rule sets.
ManagedRuleSetListResponse, ManagedRuleSetListResponseArgs
Defines the list of managed rule sets for the policy.- Exceptions
List Pulumi.Azure Native. Front Door. Inputs. Managed Rule Set Exception List Response - List of exceptions applied on the managed rule sets.
- Managed
Rule List<Pulumi.Sets Azure Native. Front Door. Inputs. Managed Rule Set Response> - List of rule sets.
- Exceptions
List ManagedRule Set Exception List Response - List of exceptions applied on the managed rule sets.
- Managed
Rule []ManagedSets Rule Set Response - List of rule sets.
- exceptions_
list object - List of exceptions applied on the managed rule sets.
- managed_
rule_ list(object)sets - List of rule sets.
- exceptions
List ManagedRule Set Exception List Response - List of exceptions applied on the managed rule sets.
- managed
Rule List<ManagedSets Rule Set Response> - List of rule sets.
- exceptions
List ManagedRule Set Exception List Response - List of exceptions applied on the managed rule sets.
- managed
Rule ManagedSets Rule Set Response[] - List of rule sets.
- exceptions_
list ManagedRule Set Exception List Response - List of exceptions applied on the managed rule sets.
- managed_
rule_ Sequence[Managedsets Rule Set Response] - List of rule sets.
- exceptions
List Property Map - List of exceptions applied on the managed rule sets.
- managed
Rule List<Property Map>Sets - List of rule sets.
ManagedRuleSetResponse, ManagedRuleSetResponseArgs
Defines a managed rule set.- Rule
Set stringType - Defines the rule set type to use.
- Rule
Set stringVersion - Defines the version of the rule set to use.
- Exclusions
List<Pulumi.
Azure Native. Front Door. Inputs. Managed Rule Exclusion Response> - Describes the exclusions that are applied to all rules in the set.
- Rule
Group List<Pulumi.Overrides Azure Native. Front Door. Inputs. Managed Rule Group Override Response> - Defines the rule group overrides to apply to the rule set.
- Rule
Set stringAction - Defines the rule set action.
- Rule
Set stringType - Defines the rule set type to use.
- Rule
Set stringVersion - Defines the version of the rule set to use.
- Exclusions
[]Managed
Rule Exclusion Response - Describes the exclusions that are applied to all rules in the set.
- Rule
Group []ManagedOverrides Rule Group Override Response - Defines the rule group overrides to apply to the rule set.
- Rule
Set stringAction - Defines the rule set action.
- rule_
set_ stringtype - Defines the rule set type to use.
- rule_
set_ stringversion - Defines the version of the rule set to use.
- exclusions list(object)
- Describes the exclusions that are applied to all rules in the set.
- rule_
group_ list(object)overrides - Defines the rule group overrides to apply to the rule set.
- rule_
set_ stringaction - Defines the rule set action.
- rule
Set StringType - Defines the rule set type to use.
- rule
Set StringVersion - Defines the version of the rule set to use.
- exclusions
List<Managed
Rule Exclusion Response> - Describes the exclusions that are applied to all rules in the set.
- rule
Group List<ManagedOverrides Rule Group Override Response> - Defines the rule group overrides to apply to the rule set.
- rule
Set StringAction - Defines the rule set action.
- rule
Set stringType - Defines the rule set type to use.
- rule
Set stringVersion - Defines the version of the rule set to use.
- exclusions
Managed
Rule Exclusion Response[] - Describes the exclusions that are applied to all rules in the set.
- rule
Group ManagedOverrides Rule Group Override Response[] - Defines the rule group overrides to apply to the rule set.
- rule
Set stringAction - Defines the rule set action.
- rule_
set_ strtype - Defines the rule set type to use.
- rule_
set_ strversion - Defines the version of the rule set to use.
- exclusions
Sequence[Managed
Rule Exclusion Response] - Describes the exclusions that are applied to all rules in the set.
- rule_
group_ Sequence[Managedoverrides Rule Group Override Response] - Defines the rule group overrides to apply to the rule set.
- rule_
set_ straction - Defines the rule set action.
- rule
Set StringType - Defines the rule set type to use.
- rule
Set StringVersion - Defines the version of the rule set to use.
- exclusions List<Property Map>
- Describes the exclusions that are applied to all rules in the set.
- rule
Group List<Property Map>Overrides - Defines the rule group overrides to apply to the rule set.
- rule
Set StringAction - Defines the rule set action.
ManagedRuleSetScope, ManagedRuleSetScopeArgs
Defines the scope of the managed rules.- Rule
Set stringType - Defines the rule set type. Examples: DefaultRuleSet, Microsoft_DefaultRuleSet, Microsoft_BotManagerRuleSet, Microsoft_HTTPDDoSRuleSet, BotProtection
- Rule
Set stringVersion - Defines the version of the rule set.
- Rule
Group List<Pulumi.Scopes Azure Native. Front Door. Inputs. Rule Group Scope> - List of rule group scopes.
- Rule
Set stringType - Defines the rule set type. Examples: DefaultRuleSet, Microsoft_DefaultRuleSet, Microsoft_BotManagerRuleSet, Microsoft_HTTPDDoSRuleSet, BotProtection
- Rule
Set stringVersion - Defines the version of the rule set.
- Rule
Group []RuleScopes Group Scope - List of rule group scopes.
- rule_
set_ stringtype - Defines the rule set type. Examples: DefaultRuleSet, Microsoft_DefaultRuleSet, Microsoft_BotManagerRuleSet, Microsoft_HTTPDDoSRuleSet, BotProtection
- rule_
set_ stringversion - Defines the version of the rule set.
- rule_
group_ list(object)scopes - List of rule group scopes.
- rule
Set StringType - Defines the rule set type. Examples: DefaultRuleSet, Microsoft_DefaultRuleSet, Microsoft_BotManagerRuleSet, Microsoft_HTTPDDoSRuleSet, BotProtection
- rule
Set StringVersion - Defines the version of the rule set.
- rule
Group List<RuleScopes Group Scope> - List of rule group scopes.
- rule
Set stringType - Defines the rule set type. Examples: DefaultRuleSet, Microsoft_DefaultRuleSet, Microsoft_BotManagerRuleSet, Microsoft_HTTPDDoSRuleSet, BotProtection
- rule
Set stringVersion - Defines the version of the rule set.
- rule
Group RuleScopes Group Scope[] - List of rule group scopes.
- rule_
set_ strtype - Defines the rule set type. Examples: DefaultRuleSet, Microsoft_DefaultRuleSet, Microsoft_BotManagerRuleSet, Microsoft_HTTPDDoSRuleSet, BotProtection
- rule_
set_ strversion - Defines the version of the rule set.
- rule_
group_ Sequence[Rulescopes Group Scope] - List of rule group scopes.
- rule
Set StringType - Defines the rule set type. Examples: DefaultRuleSet, Microsoft_DefaultRuleSet, Microsoft_BotManagerRuleSet, Microsoft_HTTPDDoSRuleSet, BotProtection
- rule
Set StringVersion - Defines the version of the rule set.
- rule
Group List<Property Map>Scopes - List of rule group scopes.
ManagedRuleSetScopeResponse, ManagedRuleSetScopeResponseArgs
Defines the scope of the managed rules.- Rule
Set stringType - Defines the rule set type. Examples: DefaultRuleSet, Microsoft_DefaultRuleSet, Microsoft_BotManagerRuleSet, Microsoft_HTTPDDoSRuleSet, BotProtection
- Rule
Set stringVersion - Defines the version of the rule set.
- Rule
Group List<Pulumi.Scopes Azure Native. Front Door. Inputs. Rule Group Scope Response> - List of rule group scopes.
- Rule
Set stringType - Defines the rule set type. Examples: DefaultRuleSet, Microsoft_DefaultRuleSet, Microsoft_BotManagerRuleSet, Microsoft_HTTPDDoSRuleSet, BotProtection
- Rule
Set stringVersion - Defines the version of the rule set.
- Rule
Group []RuleScopes Group Scope Response - List of rule group scopes.
- rule_
set_ stringtype - Defines the rule set type. Examples: DefaultRuleSet, Microsoft_DefaultRuleSet, Microsoft_BotManagerRuleSet, Microsoft_HTTPDDoSRuleSet, BotProtection
- rule_
set_ stringversion - Defines the version of the rule set.
- rule_
group_ list(object)scopes - List of rule group scopes.
- rule
Set StringType - Defines the rule set type. Examples: DefaultRuleSet, Microsoft_DefaultRuleSet, Microsoft_BotManagerRuleSet, Microsoft_HTTPDDoSRuleSet, BotProtection
- rule
Set StringVersion - Defines the version of the rule set.
- rule
Group List<RuleScopes Group Scope Response> - List of rule group scopes.
- rule
Set stringType - Defines the rule set type. Examples: DefaultRuleSet, Microsoft_DefaultRuleSet, Microsoft_BotManagerRuleSet, Microsoft_HTTPDDoSRuleSet, BotProtection
- rule
Set stringVersion - Defines the version of the rule set.
- rule
Group RuleScopes Group Scope Response[] - List of rule group scopes.
- rule_
set_ strtype - Defines the rule set type. Examples: DefaultRuleSet, Microsoft_DefaultRuleSet, Microsoft_BotManagerRuleSet, Microsoft_HTTPDDoSRuleSet, BotProtection
- rule_
set_ strversion - Defines the version of the rule set.
- rule_
group_ Sequence[Rulescopes Group Scope Response] - List of rule group scopes.
- rule
Set StringType - Defines the rule set type. Examples: DefaultRuleSet, Microsoft_DefaultRuleSet, Microsoft_BotManagerRuleSet, Microsoft_HTTPDDoSRuleSet, BotProtection
- rule
Set StringVersion - Defines the version of the rule set.
- rule
Group List<Property Map>Scopes - List of rule group scopes.
MatchCondition, MatchConditionArgs
Define a match condition.- Match
Value List<string> - List of possible match values.
- Match
Variable string | Pulumi.Azure Native. Front Door. Match Variable - Request variable to compare with.
- Operator
string | Pulumi.
Azure Native. Front Door. Operator - Comparison type to use for matching with the variable value.
- Negate
Condition bool - Describes if the result of this condition should be negated.
- Selector string
- Match against a specific key from the QueryString, PostArgs, RequestHeader or Cookies variables. Default is null.
- Transforms
List<Union<string, Pulumi.
Azure Native. Front Door. Transform Type>> - List of transforms.
- Match
Value []string - List of possible match values.
- Match
Variable string | MatchVariable - Request variable to compare with.
- Operator string | Operator
- Comparison type to use for matching with the variable value.
- Negate
Condition bool - Describes if the result of this condition should be negated.
- Selector string
- Match against a specific key from the QueryString, PostArgs, RequestHeader or Cookies variables. Default is null.
- Transforms []string
- List of transforms.
- match_
value list(string) - List of possible match values.
- match_
variable string | "RemoteAddr" | "Request Method" | "Query String" | "Post Args" | "Request Uri" | "Request Header" | "Request Body" | "Cookies" | "Socket Addr" | "JA4" - Request variable to compare with.
- operator
string | "Any" | "IPMatch" | "Geo
Match" | "Equal" | "Contains" | "Less Than" | "Greater Than" | "Less Than Or Equal" | "Greater Than Or Equal" | "Begins With" | "Ends With" | "Reg Ex" | "Service Tag Match" | "Asn Match" | "Client Fingerprint" - Comparison type to use for matching with the variable value.
- negate_
condition bool - Describes if the result of this condition should be negated.
- selector string
- Match against a specific key from the QueryString, PostArgs, RequestHeader or Cookies variables. Default is null.
- transforms
list(string | "Lowercase" | "Uppercase" | "Trim" | "Url
Decode" | "Url Encode" | "Remove Nulls") - List of transforms.
- match
Value List<String> - List of possible match values.
- match
Variable String | MatchVariable - Request variable to compare with.
- operator String | Operator
- Comparison type to use for matching with the variable value.
- negate
Condition Boolean - Describes if the result of this condition should be negated.
- selector String
- Match against a specific key from the QueryString, PostArgs, RequestHeader or Cookies variables. Default is null.
- transforms
List<Either<String,Transform
Type>> - List of transforms.
- match
Value string[] - List of possible match values.
- match
Variable string | MatchVariable - Request variable to compare with.
- operator string | Operator
- Comparison type to use for matching with the variable value.
- negate
Condition boolean - Describes if the result of this condition should be negated.
- selector string
- Match against a specific key from the QueryString, PostArgs, RequestHeader or Cookies variables. Default is null.
- transforms
(string | Transform
Type)[] - List of transforms.
- match_
value Sequence[str] - List of possible match values.
- match_
variable str | MatchVariable - Request variable to compare with.
- operator str | Operator
- Comparison type to use for matching with the variable value.
- negate_
condition bool - Describes if the result of this condition should be negated.
- selector str
- Match against a specific key from the QueryString, PostArgs, RequestHeader or Cookies variables. Default is null.
- transforms
Sequence[Union[str, Transform
Type]] - List of transforms.
- match
Value List<String> - List of possible match values.
- match
Variable String | "RemoteAddr" | "Request Method" | "Query String" | "Post Args" | "Request Uri" | "Request Header" | "Request Body" | "Cookies" | "Socket Addr" | "JA4" - Request variable to compare with.
- operator
String | "Any" | "IPMatch" | "Geo
Match" | "Equal" | "Contains" | "Less Than" | "Greater Than" | "Less Than Or Equal" | "Greater Than Or Equal" | "Begins With" | "Ends With" | "Reg Ex" | "Service Tag Match" | "Asn Match" | "Client Fingerprint" - Comparison type to use for matching with the variable value.
- negate
Condition Boolean - Describes if the result of this condition should be negated.
- selector String
- Match against a specific key from the QueryString, PostArgs, RequestHeader or Cookies variables. Default is null.
- transforms
List<String | "Lowercase" | "Uppercase" | "Trim" | "Url
Decode" | "Url Encode" | "Remove Nulls"> - List of transforms.
MatchConditionResponse, MatchConditionResponseArgs
Define a match condition.- Match
Value List<string> - List of possible match values.
- Match
Variable string - Request variable to compare with.
- Operator string
- Comparison type to use for matching with the variable value.
- Negate
Condition bool - Describes if the result of this condition should be negated.
- Selector string
- Match against a specific key from the QueryString, PostArgs, RequestHeader or Cookies variables. Default is null.
- Transforms List<string>
- List of transforms.
- Match
Value []string - List of possible match values.
- Match
Variable string - Request variable to compare with.
- Operator string
- Comparison type to use for matching with the variable value.
- Negate
Condition bool - Describes if the result of this condition should be negated.
- Selector string
- Match against a specific key from the QueryString, PostArgs, RequestHeader or Cookies variables. Default is null.
- Transforms []string
- List of transforms.
- match_
value list(string) - List of possible match values.
- match_
variable string - Request variable to compare with.
- operator string
- Comparison type to use for matching with the variable value.
- negate_
condition bool - Describes if the result of this condition should be negated.
- selector string
- Match against a specific key from the QueryString, PostArgs, RequestHeader or Cookies variables. Default is null.
- transforms list(string)
- List of transforms.
- match
Value List<String> - List of possible match values.
- match
Variable String - Request variable to compare with.
- operator String
- Comparison type to use for matching with the variable value.
- negate
Condition Boolean - Describes if the result of this condition should be negated.
- selector String
- Match against a specific key from the QueryString, PostArgs, RequestHeader or Cookies variables. Default is null.
- transforms List<String>
- List of transforms.
- match
Value string[] - List of possible match values.
- match
Variable string - Request variable to compare with.
- operator string
- Comparison type to use for matching with the variable value.
- negate
Condition boolean - Describes if the result of this condition should be negated.
- selector string
- Match against a specific key from the QueryString, PostArgs, RequestHeader or Cookies variables. Default is null.
- transforms string[]
- List of transforms.
- match_
value Sequence[str] - List of possible match values.
- match_
variable str - Request variable to compare with.
- operator str
- Comparison type to use for matching with the variable value.
- negate_
condition bool - Describes if the result of this condition should be negated.
- selector str
- Match against a specific key from the QueryString, PostArgs, RequestHeader or Cookies variables. Default is null.
- transforms Sequence[str]
- List of transforms.
- match
Value List<String> - List of possible match values.
- match
Variable String - Request variable to compare with.
- operator String
- Comparison type to use for matching with the variable value.
- negate
Condition Boolean - Describes if the result of this condition should be negated.
- selector String
- Match against a specific key from the QueryString, PostArgs, RequestHeader or Cookies variables. Default is null.
- transforms List<String>
- List of transforms.
MatchVariable, MatchVariableArgs
- Remote
Addr RemoteAddrRemoteAddr- Request
Method RequestMethodRequestMethod- Query
String QueryStringQueryString- Post
Args PostArgsPostArgs- Request
Uri RequestUriRequestUri- Request
Header RequestHeaderRequestHeader- Request
Body RequestBodyRequestBody- Cookies
CookiesCookies- Socket
Addr SocketAddrSocketAddr- JA4
JA4JA4 Match Variable
- Match
Variable Remote Addr RemoteAddrRemoteAddr- Match
Variable Request Method RequestMethodRequestMethod- Match
Variable Query String QueryStringQueryString- Match
Variable Post Args PostArgsPostArgs- Match
Variable Request Uri RequestUriRequestUri- Match
Variable Request Header RequestHeaderRequestHeader- Match
Variable Request Body RequestBodyRequestBody- Match
Variable Cookies CookiesCookies- Match
Variable Socket Addr SocketAddrSocketAddr- Match
Variable JA4 JA4JA4 Match Variable
- "Remote
Addr" RemoteAddrRemoteAddr- "Request
Method" RequestMethodRequestMethod- "Query
String" QueryStringQueryString- "Post
Args" PostArgsPostArgs- "Request
Uri" RequestUriRequestUri- "Request
Header" RequestHeaderRequestHeader- "Request
Body" RequestBodyRequestBody- "Cookies"
CookiesCookies- "Socket
Addr" SocketAddrSocketAddr- "JA4"
JA4JA4 Match Variable
- Remote
Addr RemoteAddrRemoteAddr- Request
Method RequestMethodRequestMethod- Query
String QueryStringQueryString- Post
Args PostArgsPostArgs- Request
Uri RequestUriRequestUri- Request
Header RequestHeaderRequestHeader- Request
Body RequestBodyRequestBody- Cookies
CookiesCookies- Socket
Addr SocketAddrSocketAddr- JA4
JA4JA4 Match Variable
- Remote
Addr RemoteAddrRemoteAddr- Request
Method RequestMethodRequestMethod- Query
String QueryStringQueryString- Post
Args PostArgsPostArgs- Request
Uri RequestUriRequestUri- Request
Header RequestHeaderRequestHeader- Request
Body RequestBodyRequestBody- Cookies
CookiesCookies- Socket
Addr SocketAddrSocketAddr- JA4
JA4JA4 Match Variable
- REMOTE_ADDR
RemoteAddrRemoteAddr- REQUEST_METHOD
RequestMethodRequestMethod- QUERY_STRING
QueryStringQueryString- POST_ARGS
PostArgsPostArgs- REQUEST_URI
RequestUriRequestUri- REQUEST_HEADER
RequestHeaderRequestHeader- REQUEST_BODY
RequestBodyRequestBody- COOKIES
CookiesCookies- SOCKET_ADDR
SocketAddrSocketAddr- JA4
JA4JA4 Match Variable
- "Remote
Addr" RemoteAddrRemoteAddr- "Request
Method" RequestMethodRequestMethod- "Query
String" QueryStringQueryString- "Post
Args" PostArgsPostArgs- "Request
Uri" RequestUriRequestUri- "Request
Header" RequestHeaderRequestHeader- "Request
Body" RequestBodyRequestBody- "Cookies"
CookiesCookies- "Socket
Addr" SocketAddrSocketAddr- "JA4"
JA4JA4 Match Variable
Operator, OperatorArgs
- Any
AnyAny- IPMatch
IPMatchIPMatch- Geo
Match GeoMatchGeoMatch- Equal
EqualEqual- Contains
ContainsContains- Less
Than LessThanLessThan- Greater
Than GreaterThanGreaterThan- Less
Than Or Equal LessThanOrEqualLessThanOrEqual- Greater
Than Or Equal GreaterThanOrEqualGreaterThanOrEqual- Begins
With BeginsWithBeginsWith- Ends
With EndsWithEndsWith- Reg
Ex RegExRegEx- Service
Tag Match ServiceTagMatchServiceTagMatch- Asn
Match AsnMatchAutonomous System Number Match Operator- Client
Fingerprint ClientFingerprintClient Finger print Operator
- Operator
Any AnyAny- Operator
IPMatch IPMatchIPMatch- Operator
Geo Match GeoMatchGeoMatch- Operator
Equal EqualEqual- Operator
Contains ContainsContains- Operator
Less Than LessThanLessThan- Operator
Greater Than GreaterThanGreaterThan- Operator
Less Than Or Equal LessThanOrEqualLessThanOrEqual- Operator
Greater Than Or Equal GreaterThanOrEqualGreaterThanOrEqual- Operator
Begins With BeginsWithBeginsWith- Operator
Ends With EndsWithEndsWith- Operator
Reg Ex RegExRegEx- Operator
Service Tag Match ServiceTagMatchServiceTagMatch- Operator
Asn Match AsnMatchAutonomous System Number Match Operator- Operator
Client Fingerprint ClientFingerprintClient Finger print Operator
- "Any"
AnyAny- "IPMatch"
IPMatchIPMatch- "Geo
Match" GeoMatchGeoMatch- "Equal"
EqualEqual- "Contains"
ContainsContains- "Less
Than" LessThanLessThan- "Greater
Than" GreaterThanGreaterThan- "Less
Than Or Equal" LessThanOrEqualLessThanOrEqual- "Greater
Than Or Equal" GreaterThanOrEqualGreaterThanOrEqual- "Begins
With" BeginsWithBeginsWith- "Ends
With" EndsWithEndsWith- "Reg
Ex" RegExRegEx- "Service
Tag Match" ServiceTagMatchServiceTagMatch- "Asn
Match" AsnMatchAutonomous System Number Match Operator- "Client
Fingerprint" ClientFingerprintClient Finger print Operator
- Any
AnyAny- IPMatch
IPMatchIPMatch- Geo
Match GeoMatchGeoMatch- Equal
EqualEqual- Contains
ContainsContains- Less
Than LessThanLessThan- Greater
Than GreaterThanGreaterThan- Less
Than Or Equal LessThanOrEqualLessThanOrEqual- Greater
Than Or Equal GreaterThanOrEqualGreaterThanOrEqual- Begins
With BeginsWithBeginsWith- Ends
With EndsWithEndsWith- Reg
Ex RegExRegEx- Service
Tag Match ServiceTagMatchServiceTagMatch- Asn
Match AsnMatchAutonomous System Number Match Operator- Client
Fingerprint ClientFingerprintClient Finger print Operator
- Any
AnyAny- IPMatch
IPMatchIPMatch- Geo
Match GeoMatchGeoMatch- Equal
EqualEqual- Contains
ContainsContains- Less
Than LessThanLessThan- Greater
Than GreaterThanGreaterThan- Less
Than Or Equal LessThanOrEqualLessThanOrEqual- Greater
Than Or Equal GreaterThanOrEqualGreaterThanOrEqual- Begins
With BeginsWithBeginsWith- Ends
With EndsWithEndsWith- Reg
Ex RegExRegEx- Service
Tag Match ServiceTagMatchServiceTagMatch- Asn
Match AsnMatchAutonomous System Number Match Operator- Client
Fingerprint ClientFingerprintClient Finger print Operator
- ANY
AnyAny- IP_MATCH
IPMatchIPMatch- GEO_MATCH
GeoMatchGeoMatch- EQUAL
EqualEqual- CONTAINS
ContainsContains- LESS_THAN
LessThanLessThan- GREATER_THAN
GreaterThanGreaterThan- LESS_THAN_OR_EQUAL
LessThanOrEqualLessThanOrEqual- GREATER_THAN_OR_EQUAL
GreaterThanOrEqualGreaterThanOrEqual- BEGINS_WITH
BeginsWithBeginsWith- ENDS_WITH
EndsWithEndsWith- REG_EX
RegExRegEx- SERVICE_TAG_MATCH
ServiceTagMatchServiceTagMatch- ASN_MATCH
AsnMatchAutonomous System Number Match Operator- CLIENT_FINGERPRINT
ClientFingerprintClient Finger print Operator
- "Any"
AnyAny- "IPMatch"
IPMatchIPMatch- "Geo
Match" GeoMatchGeoMatch- "Equal"
EqualEqual- "Contains"
ContainsContains- "Less
Than" LessThanLessThan- "Greater
Than" GreaterThanGreaterThan- "Less
Than Or Equal" LessThanOrEqualLessThanOrEqual- "Greater
Than Or Equal" GreaterThanOrEqualGreaterThanOrEqual- "Begins
With" BeginsWithBeginsWith- "Ends
With" EndsWithEndsWith- "Reg
Ex" RegExRegEx- "Service
Tag Match" ServiceTagMatchServiceTagMatch- "Asn
Match" AsnMatchAutonomous System Number Match Operator- "Client
Fingerprint" ClientFingerprintClient Finger print Operator
PolicyEnabledState, PolicyEnabledStateArgs
- Disabled
DisabledDisabled- Enabled
EnabledEnabled
- Policy
Enabled State Disabled DisabledDisabled- Policy
Enabled State Enabled EnabledEnabled
- "Disabled"
DisabledDisabled- "Enabled"
EnabledEnabled
- Disabled
DisabledDisabled- Enabled
EnabledEnabled
- Disabled
DisabledDisabled- Enabled
EnabledEnabled
- DISABLED
DisabledDisabled- ENABLED
EnabledEnabled
- "Disabled"
DisabledDisabled- "Enabled"
EnabledEnabled
PolicyMode, PolicyModeArgs
- Prevention
PreventionPrevention- Detection
DetectionDetection
- Policy
Mode Prevention PreventionPrevention- Policy
Mode Detection DetectionDetection
- "Prevention"
PreventionPrevention- "Detection"
DetectionDetection
- Prevention
PreventionPrevention- Detection
DetectionDetection
- Prevention
PreventionPrevention- Detection
DetectionDetection
- PREVENTION
PreventionPrevention- DETECTION
DetectionDetection
- "Prevention"
PreventionPrevention- "Detection"
DetectionDetection
PolicyRequestBodyCheck, PolicyRequestBodyCheckArgs
- Disabled
DisabledDisabled- Enabled
EnabledEnabled
- Policy
Request Body Check Disabled DisabledDisabled- Policy
Request Body Check Enabled EnabledEnabled
- "Disabled"
DisabledDisabled- "Enabled"
EnabledEnabled
- Disabled
DisabledDisabled- Enabled
EnabledEnabled
- Disabled
DisabledDisabled- Enabled
EnabledEnabled
- DISABLED
DisabledDisabled- ENABLED
EnabledEnabled
- "Disabled"
DisabledDisabled- "Enabled"
EnabledEnabled
PolicySettings, PolicySettingsArgs
Defines top-level WebApplicationFirewallPolicy configuration settings.- Captcha
Expiration intIn Minutes - Defines the Captcha cookie validity lifetime in minutes. This setting is only applicable to Premium_AzureFrontDoor. Value must be an integer between 5 and 1440 with the default value being 30.
- Custom
Block stringResponse Body - If the action type is block, customer can override the response body. The body must be specified in base64 encoding.
- Custom
Block intResponse Status Code - If the action type is block, customer can override the response status code.
- Enabled
State string | Pulumi.Azure Native. Front Door. Policy Enabled State - Describes if the policy is in enabled or disabled state. Defaults to Enabled if not specified.
- Javascript
Challenge intExpiration In Minutes - Defines the JavaScript challenge cookie validity lifetime in minutes. This setting is only applicable to Premium_AzureFrontDoor. Value must be an integer between 5 and 1440 with the default value being 30.
- Mode
string | Pulumi.
Azure Native. Front Door. Policy Mode - Describes if it is in detection mode or prevention mode at policy level.
- Redirect
Url string - If action type is redirect, this field represents redirect URL for the client.
- Request
Body string | Pulumi.Check Azure Native. Front Door. Policy Request Body Check - Describes if policy managed rules will inspect the request body content.
- Scrubbing
Rules List<Pulumi.Azure Native. Front Door. Inputs. Web Application Firewall Scrubbing Rules> - List of log scrubbing rules applied to the Web Application Firewall logs.
- State
string | Pulumi.
Azure Native. Front Door. Web Application Firewall Scrubbing State - State of the log scrubbing config. Default value is Enabled.
- Captcha
Expiration intIn Minutes - Defines the Captcha cookie validity lifetime in minutes. This setting is only applicable to Premium_AzureFrontDoor. Value must be an integer between 5 and 1440 with the default value being 30.
- Custom
Block stringResponse Body - If the action type is block, customer can override the response body. The body must be specified in base64 encoding.
- Custom
Block intResponse Status Code - If the action type is block, customer can override the response status code.
- Enabled
State string | PolicyEnabled State - Describes if the policy is in enabled or disabled state. Defaults to Enabled if not specified.
- Javascript
Challenge intExpiration In Minutes - Defines the JavaScript challenge cookie validity lifetime in minutes. This setting is only applicable to Premium_AzureFrontDoor. Value must be an integer between 5 and 1440 with the default value being 30.
- Mode
string | Policy
Mode - Describes if it is in detection mode or prevention mode at policy level.
- Redirect
Url string - If action type is redirect, this field represents redirect URL for the client.
- Request
Body string | PolicyCheck Request Body Check - Describes if policy managed rules will inspect the request body content.
- Scrubbing
Rules []WebApplication Firewall Scrubbing Rules - List of log scrubbing rules applied to the Web Application Firewall logs.
- State
string | Web
Application Firewall Scrubbing State - State of the log scrubbing config. Default value is Enabled.
- captcha_
expiration_ numberin_ minutes - Defines the Captcha cookie validity lifetime in minutes. This setting is only applicable to Premium_AzureFrontDoor. Value must be an integer between 5 and 1440 with the default value being 30.
- custom_
block_ stringresponse_ body - If the action type is block, customer can override the response body. The body must be specified in base64 encoding.
- custom_
block_ numberresponse_ status_ code - If the action type is block, customer can override the response status code.
- enabled_
state string | "Disabled" | "Enabled" - Describes if the policy is in enabled or disabled state. Defaults to Enabled if not specified.
- javascript_
challenge_ numberexpiration_ in_ minutes - Defines the JavaScript challenge cookie validity lifetime in minutes. This setting is only applicable to Premium_AzureFrontDoor. Value must be an integer between 5 and 1440 with the default value being 30.
- mode string | "Prevention" | "Detection"
- Describes if it is in detection mode or prevention mode at policy level.
- redirect_
url string - If action type is redirect, this field represents redirect URL for the client.
- request_
body_ string | "Disabled" | "Enabled"check - Describes if policy managed rules will inspect the request body content.
- scrubbing_
rules list(object) - List of log scrubbing rules applied to the Web Application Firewall logs.
- state string | "Enabled" | "Disabled"
- State of the log scrubbing config. Default value is Enabled.
- captcha
Expiration IntegerIn Minutes - Defines the Captcha cookie validity lifetime in minutes. This setting is only applicable to Premium_AzureFrontDoor. Value must be an integer between 5 and 1440 with the default value being 30.
- custom
Block StringResponse Body - If the action type is block, customer can override the response body. The body must be specified in base64 encoding.
- custom
Block IntegerResponse Status Code - If the action type is block, customer can override the response status code.
- enabled
State String | PolicyEnabled State - Describes if the policy is in enabled or disabled state. Defaults to Enabled if not specified.
- javascript
Challenge IntegerExpiration In Minutes - Defines the JavaScript challenge cookie validity lifetime in minutes. This setting is only applicable to Premium_AzureFrontDoor. Value must be an integer between 5 and 1440 with the default value being 30.
- mode
String | Policy
Mode - Describes if it is in detection mode or prevention mode at policy level.
- redirect
Url String - If action type is redirect, this field represents redirect URL for the client.
- request
Body String | PolicyCheck Request Body Check - Describes if policy managed rules will inspect the request body content.
- scrubbing
Rules List<WebApplication Firewall Scrubbing Rules> - List of log scrubbing rules applied to the Web Application Firewall logs.
- state
String | Web
Application Firewall Scrubbing State - State of the log scrubbing config. Default value is Enabled.
- captcha
Expiration numberIn Minutes - Defines the Captcha cookie validity lifetime in minutes. This setting is only applicable to Premium_AzureFrontDoor. Value must be an integer between 5 and 1440 with the default value being 30.
- custom
Block stringResponse Body - If the action type is block, customer can override the response body. The body must be specified in base64 encoding.
- custom
Block numberResponse Status Code - If the action type is block, customer can override the response status code.
- enabled
State string | PolicyEnabled State - Describes if the policy is in enabled or disabled state. Defaults to Enabled if not specified.
- javascript
Challenge numberExpiration In Minutes - Defines the JavaScript challenge cookie validity lifetime in minutes. This setting is only applicable to Premium_AzureFrontDoor. Value must be an integer between 5 and 1440 with the default value being 30.
- mode
string | Policy
Mode - Describes if it is in detection mode or prevention mode at policy level.
- redirect
Url string - If action type is redirect, this field represents redirect URL for the client.
- request
Body string | PolicyCheck Request Body Check - Describes if policy managed rules will inspect the request body content.
- scrubbing
Rules WebApplication Firewall Scrubbing Rules[] - List of log scrubbing rules applied to the Web Application Firewall logs.
- state
string | Web
Application Firewall Scrubbing State - State of the log scrubbing config. Default value is Enabled.
- captcha_
expiration_ intin_ minutes - Defines the Captcha cookie validity lifetime in minutes. This setting is only applicable to Premium_AzureFrontDoor. Value must be an integer between 5 and 1440 with the default value being 30.
- custom_
block_ strresponse_ body - If the action type is block, customer can override the response body. The body must be specified in base64 encoding.
- custom_
block_ intresponse_ status_ code - If the action type is block, customer can override the response status code.
- enabled_
state str | PolicyEnabled State - Describes if the policy is in enabled or disabled state. Defaults to Enabled if not specified.
- javascript_
challenge_ intexpiration_ in_ minutes - Defines the JavaScript challenge cookie validity lifetime in minutes. This setting is only applicable to Premium_AzureFrontDoor. Value must be an integer between 5 and 1440 with the default value being 30.
- mode
str | Policy
Mode - Describes if it is in detection mode or prevention mode at policy level.
- redirect_
url str - If action type is redirect, this field represents redirect URL for the client.
- request_
body_ str | Policycheck Request Body Check - Describes if policy managed rules will inspect the request body content.
- scrubbing_
rules Sequence[WebApplication Firewall Scrubbing Rules] - List of log scrubbing rules applied to the Web Application Firewall logs.
- state
str | Web
Application Firewall Scrubbing State - State of the log scrubbing config. Default value is Enabled.
- captcha
Expiration NumberIn Minutes - Defines the Captcha cookie validity lifetime in minutes. This setting is only applicable to Premium_AzureFrontDoor. Value must be an integer between 5 and 1440 with the default value being 30.
- custom
Block StringResponse Body - If the action type is block, customer can override the response body. The body must be specified in base64 encoding.
- custom
Block NumberResponse Status Code - If the action type is block, customer can override the response status code.
- enabled
State String | "Disabled" | "Enabled" - Describes if the policy is in enabled or disabled state. Defaults to Enabled if not specified.
- javascript
Challenge NumberExpiration In Minutes - Defines the JavaScript challenge cookie validity lifetime in minutes. This setting is only applicable to Premium_AzureFrontDoor. Value must be an integer between 5 and 1440 with the default value being 30.
- mode String | "Prevention" | "Detection"
- Describes if it is in detection mode or prevention mode at policy level.
- redirect
Url String - If action type is redirect, this field represents redirect URL for the client.
- request
Body String | "Disabled" | "Enabled"Check - Describes if policy managed rules will inspect the request body content.
- scrubbing
Rules List<Property Map> - List of log scrubbing rules applied to the Web Application Firewall logs.
- state String | "Enabled" | "Disabled"
- State of the log scrubbing config. Default value is Enabled.
PolicySettingsResponse, PolicySettingsResponseArgs
Defines top-level WebApplicationFirewallPolicy configuration settings.- Captcha
Expiration intIn Minutes - Defines the Captcha cookie validity lifetime in minutes. This setting is only applicable to Premium_AzureFrontDoor. Value must be an integer between 5 and 1440 with the default value being 30.
- Custom
Block stringResponse Body - If the action type is block, customer can override the response body. The body must be specified in base64 encoding.
- Custom
Block intResponse Status Code - If the action type is block, customer can override the response status code.
- Enabled
State string - Describes if the policy is in enabled or disabled state. Defaults to Enabled if not specified.
- Javascript
Challenge intExpiration In Minutes - Defines the JavaScript challenge cookie validity lifetime in minutes. This setting is only applicable to Premium_AzureFrontDoor. Value must be an integer between 5 and 1440 with the default value being 30.
- Mode string
- Describes if it is in detection mode or prevention mode at policy level.
- Redirect
Url string - If action type is redirect, this field represents redirect URL for the client.
- Request
Body stringCheck - Describes if policy managed rules will inspect the request body content.
- Scrubbing
Rules List<Pulumi.Azure Native. Front Door. Inputs. Web Application Firewall Scrubbing Rules Response> - List of log scrubbing rules applied to the Web Application Firewall logs.
- State string
- State of the log scrubbing config. Default value is Enabled.
- Captcha
Expiration intIn Minutes - Defines the Captcha cookie validity lifetime in minutes. This setting is only applicable to Premium_AzureFrontDoor. Value must be an integer between 5 and 1440 with the default value being 30.
- Custom
Block stringResponse Body - If the action type is block, customer can override the response body. The body must be specified in base64 encoding.
- Custom
Block intResponse Status Code - If the action type is block, customer can override the response status code.
- Enabled
State string - Describes if the policy is in enabled or disabled state. Defaults to Enabled if not specified.
- Javascript
Challenge intExpiration In Minutes - Defines the JavaScript challenge cookie validity lifetime in minutes. This setting is only applicable to Premium_AzureFrontDoor. Value must be an integer between 5 and 1440 with the default value being 30.
- Mode string
- Describes if it is in detection mode or prevention mode at policy level.
- Redirect
Url string - If action type is redirect, this field represents redirect URL for the client.
- Request
Body stringCheck - Describes if policy managed rules will inspect the request body content.
- Scrubbing
Rules []WebApplication Firewall Scrubbing Rules Response - List of log scrubbing rules applied to the Web Application Firewall logs.
- State string
- State of the log scrubbing config. Default value is Enabled.
- captcha_
expiration_ numberin_ minutes - Defines the Captcha cookie validity lifetime in minutes. This setting is only applicable to Premium_AzureFrontDoor. Value must be an integer between 5 and 1440 with the default value being 30.
- custom_
block_ stringresponse_ body - If the action type is block, customer can override the response body. The body must be specified in base64 encoding.
- custom_
block_ numberresponse_ status_ code - If the action type is block, customer can override the response status code.
- enabled_
state string - Describes if the policy is in enabled or disabled state. Defaults to Enabled if not specified.
- javascript_
challenge_ numberexpiration_ in_ minutes - Defines the JavaScript challenge cookie validity lifetime in minutes. This setting is only applicable to Premium_AzureFrontDoor. Value must be an integer between 5 and 1440 with the default value being 30.
- mode string
- Describes if it is in detection mode or prevention mode at policy level.
- redirect_
url string - If action type is redirect, this field represents redirect URL for the client.
- request_
body_ stringcheck - Describes if policy managed rules will inspect the request body content.
- scrubbing_
rules list(object) - List of log scrubbing rules applied to the Web Application Firewall logs.
- state string
- State of the log scrubbing config. Default value is Enabled.
- captcha
Expiration IntegerIn Minutes - Defines the Captcha cookie validity lifetime in minutes. This setting is only applicable to Premium_AzureFrontDoor. Value must be an integer between 5 and 1440 with the default value being 30.
- custom
Block StringResponse Body - If the action type is block, customer can override the response body. The body must be specified in base64 encoding.
- custom
Block IntegerResponse Status Code - If the action type is block, customer can override the response status code.
- enabled
State String - Describes if the policy is in enabled or disabled state. Defaults to Enabled if not specified.
- javascript
Challenge IntegerExpiration In Minutes - Defines the JavaScript challenge cookie validity lifetime in minutes. This setting is only applicable to Premium_AzureFrontDoor. Value must be an integer between 5 and 1440 with the default value being 30.
- mode String
- Describes if it is in detection mode or prevention mode at policy level.
- redirect
Url String - If action type is redirect, this field represents redirect URL for the client.
- request
Body StringCheck - Describes if policy managed rules will inspect the request body content.
- scrubbing
Rules List<WebApplication Firewall Scrubbing Rules Response> - List of log scrubbing rules applied to the Web Application Firewall logs.
- state String
- State of the log scrubbing config. Default value is Enabled.
- captcha
Expiration numberIn Minutes - Defines the Captcha cookie validity lifetime in minutes. This setting is only applicable to Premium_AzureFrontDoor. Value must be an integer between 5 and 1440 with the default value being 30.
- custom
Block stringResponse Body - If the action type is block, customer can override the response body. The body must be specified in base64 encoding.
- custom
Block numberResponse Status Code - If the action type is block, customer can override the response status code.
- enabled
State string - Describes if the policy is in enabled or disabled state. Defaults to Enabled if not specified.
- javascript
Challenge numberExpiration In Minutes - Defines the JavaScript challenge cookie validity lifetime in minutes. This setting is only applicable to Premium_AzureFrontDoor. Value must be an integer between 5 and 1440 with the default value being 30.
- mode string
- Describes if it is in detection mode or prevention mode at policy level.
- redirect
Url string - If action type is redirect, this field represents redirect URL for the client.
- request
Body stringCheck - Describes if policy managed rules will inspect the request body content.
- scrubbing
Rules WebApplication Firewall Scrubbing Rules Response[] - List of log scrubbing rules applied to the Web Application Firewall logs.
- state string
- State of the log scrubbing config. Default value is Enabled.
- captcha_
expiration_ intin_ minutes - Defines the Captcha cookie validity lifetime in minutes. This setting is only applicable to Premium_AzureFrontDoor. Value must be an integer between 5 and 1440 with the default value being 30.
- custom_
block_ strresponse_ body - If the action type is block, customer can override the response body. The body must be specified in base64 encoding.
- custom_
block_ intresponse_ status_ code - If the action type is block, customer can override the response status code.
- enabled_
state str - Describes if the policy is in enabled or disabled state. Defaults to Enabled if not specified.
- javascript_
challenge_ intexpiration_ in_ minutes - Defines the JavaScript challenge cookie validity lifetime in minutes. This setting is only applicable to Premium_AzureFrontDoor. Value must be an integer between 5 and 1440 with the default value being 30.
- mode str
- Describes if it is in detection mode or prevention mode at policy level.
- redirect_
url str - If action type is redirect, this field represents redirect URL for the client.
- request_
body_ strcheck - Describes if policy managed rules will inspect the request body content.
- scrubbing_
rules Sequence[WebApplication Firewall Scrubbing Rules Response] - List of log scrubbing rules applied to the Web Application Firewall logs.
- state str
- State of the log scrubbing config. Default value is Enabled.
- captcha
Expiration NumberIn Minutes - Defines the Captcha cookie validity lifetime in minutes. This setting is only applicable to Premium_AzureFrontDoor. Value must be an integer between 5 and 1440 with the default value being 30.
- custom
Block StringResponse Body - If the action type is block, customer can override the response body. The body must be specified in base64 encoding.
- custom
Block NumberResponse Status Code - If the action type is block, customer can override the response status code.
- enabled
State String - Describes if the policy is in enabled or disabled state. Defaults to Enabled if not specified.
- javascript
Challenge NumberExpiration In Minutes - Defines the JavaScript challenge cookie validity lifetime in minutes. This setting is only applicable to Premium_AzureFrontDoor. Value must be an integer between 5 and 1440 with the default value being 30.
- mode String
- Describes if it is in detection mode or prevention mode at policy level.
- redirect
Url String - If action type is redirect, this field represents redirect URL for the client.
- request
Body StringCheck - Describes if policy managed rules will inspect the request body content.
- scrubbing
Rules List<Property Map> - List of log scrubbing rules applied to the Web Application Firewall logs.
- state String
- State of the log scrubbing config. Default value is Enabled.
RoutingRuleLinkResponse, RoutingRuleLinkResponseArgs
Defines the Resource ID for a Routing Rule.- Id string
- Resource ID.
- Id string
- Resource ID.
- id string
- Resource ID.
- id String
- Resource ID.
- id string
- Resource ID.
- id str
- Resource ID.
- id String
- Resource ID.
RuleGroupScope, RuleGroupScopeArgs
Defines the scope of the rule group.- Rule
Group stringName - Defines the rule group name.
- Rule
Scopes List<Pulumi.Azure Native. Front Door. Inputs. Rule Scope> - List of rule scopes.
- Rule
Group stringName - Defines the rule group name.
- Rule
Scopes []RuleScope - List of rule scopes.
- rule_
group_ stringname - Defines the rule group name.
- rule_
scopes list(object) - List of rule scopes.
- rule
Group StringName - Defines the rule group name.
- rule
Scopes List<RuleScope> - List of rule scopes.
- rule
Group stringName - Defines the rule group name.
- rule
Scopes RuleScope[] - List of rule scopes.
- rule_
group_ strname - Defines the rule group name.
- rule_
scopes Sequence[RuleScope] - List of rule scopes.
- rule
Group StringName - Defines the rule group name.
- rule
Scopes List<Property Map> - List of rule scopes.
RuleGroupScopeResponse, RuleGroupScopeResponseArgs
Defines the scope of the rule group.- Rule
Group stringName - Defines the rule group name.
- Rule
Scopes List<Pulumi.Azure Native. Front Door. Inputs. Rule Scope Response> - List of rule scopes.
- Rule
Group stringName - Defines the rule group name.
- Rule
Scopes []RuleScope Response - List of rule scopes.
- rule_
group_ stringname - Defines the rule group name.
- rule_
scopes list(object) - List of rule scopes.
- rule
Group StringName - Defines the rule group name.
- rule
Scopes List<RuleScope Response> - List of rule scopes.
- rule
Group stringName - Defines the rule group name.
- rule
Scopes RuleScope Response[] - List of rule scopes.
- rule_
group_ strname - Defines the rule group name.
- rule_
scopes Sequence[RuleScope Response] - List of rule scopes.
- rule
Group StringName - Defines the rule group name.
- rule
Scopes List<Property Map> - List of rule scopes.
RuleScope, RuleScopeArgs
Defines the scope of the rule.- Rule
Id string - Defines the rule id.
- Rule
Id string - Defines the rule id.
- rule_
id string - Defines the rule id.
- rule
Id String - Defines the rule id.
- rule
Id string - Defines the rule id.
- rule_
id str - Defines the rule id.
- rule
Id String - Defines the rule id.
RuleScopeResponse, RuleScopeResponseArgs
Defines the scope of the rule.- Rule
Id string - Defines the rule id.
- Rule
Id string - Defines the rule id.
- rule_
id string - Defines the rule id.
- rule
Id String - Defines the rule id.
- rule
Id string - Defines the rule id.
- rule_
id str - Defines the rule id.
- rule
Id String - Defines the rule id.
RuleType, RuleTypeArgs
- Match
Rule MatchRuleMatchRule- Rate
Limit Rule RateLimitRuleRateLimitRule
- Rule
Type Match Rule MatchRuleMatchRule- Rule
Type Rate Limit Rule RateLimitRuleRateLimitRule
- "Match
Rule" MatchRuleMatchRule- "Rate
Limit Rule" RateLimitRuleRateLimitRule
- Match
Rule MatchRuleMatchRule- Rate
Limit Rule RateLimitRuleRateLimitRule
- Match
Rule MatchRuleMatchRule- Rate
Limit Rule RateLimitRuleRateLimitRule
- MATCH_RULE
MatchRuleMatchRule- RATE_LIMIT_RULE
RateLimitRuleRateLimitRule
- "Match
Rule" MatchRuleMatchRule- "Rate
Limit Rule" RateLimitRuleRateLimitRule
ScrubbingRuleEntryMatchOperator, ScrubbingRuleEntryMatchOperatorArgs
- Equals
Any EqualsAnyEqualsAny- Equals
Value EqualsEquals
- Scrubbing
Rule Entry Match Operator Equals Any EqualsAnyEqualsAny- Scrubbing
Rule Entry Match Operator Equals EqualsEquals
- "Equals
Any" EqualsAnyEqualsAny- "Equals"
EqualsEquals
- Equals
Any EqualsAnyEqualsAny- Equals
EqualsEquals
- Equals
Any EqualsAnyEqualsAny- Equals
EqualsEquals
- EQUALS_ANY
EqualsAnyEqualsAny- EQUALS
EqualsEquals
- "Equals
Any" EqualsAnyEqualsAny- "Equals"
EqualsEquals
ScrubbingRuleEntryMatchVariable, ScrubbingRuleEntryMatchVariableArgs
- Request
IPAddress RequestIPAddressRequestIPAddress- Request
Uri RequestUriRequestUri- Query
String Arg Names QueryStringArgNamesQueryStringArgNames- Request
Header Names RequestHeaderNamesRequestHeaderNames- Request
Cookie Names RequestCookieNamesRequestCookieNames- Request
Body Post Arg Names RequestBodyPostArgNamesRequestBodyPostArgNames- Request
Body Json Arg Names RequestBodyJsonArgNamesRequestBodyJsonArgNames
- Scrubbing
Rule Entry Match Variable Request IPAddress RequestIPAddressRequestIPAddress- Scrubbing
Rule Entry Match Variable Request Uri RequestUriRequestUri- Scrubbing
Rule Entry Match Variable Query String Arg Names QueryStringArgNamesQueryStringArgNames- Scrubbing
Rule Entry Match Variable Request Header Names RequestHeaderNamesRequestHeaderNames- Scrubbing
Rule Entry Match Variable Request Cookie Names RequestCookieNamesRequestCookieNames- Scrubbing
Rule Entry Match Variable Request Body Post Arg Names RequestBodyPostArgNamesRequestBodyPostArgNames- Scrubbing
Rule Entry Match Variable Request Body Json Arg Names RequestBodyJsonArgNamesRequestBodyJsonArgNames
- "Request
IPAddress" RequestIPAddressRequestIPAddress- "Request
Uri" RequestUriRequestUri- "Query
String Arg Names" QueryStringArgNamesQueryStringArgNames- "Request
Header Names" RequestHeaderNamesRequestHeaderNames- "Request
Cookie Names" RequestCookieNamesRequestCookieNames- "Request
Body Post Arg Names" RequestBodyPostArgNamesRequestBodyPostArgNames- "Request
Body Json Arg Names" RequestBodyJsonArgNamesRequestBodyJsonArgNames
- Request
IPAddress RequestIPAddressRequestIPAddress- Request
Uri RequestUriRequestUri- Query
String Arg Names QueryStringArgNamesQueryStringArgNames- Request
Header Names RequestHeaderNamesRequestHeaderNames- Request
Cookie Names RequestCookieNamesRequestCookieNames- Request
Body Post Arg Names RequestBodyPostArgNamesRequestBodyPostArgNames- Request
Body Json Arg Names RequestBodyJsonArgNamesRequestBodyJsonArgNames
- Request
IPAddress RequestIPAddressRequestIPAddress- Request
Uri RequestUriRequestUri- Query
String Arg Names QueryStringArgNamesQueryStringArgNames- Request
Header Names RequestHeaderNamesRequestHeaderNames- Request
Cookie Names RequestCookieNamesRequestCookieNames- Request
Body Post Arg Names RequestBodyPostArgNamesRequestBodyPostArgNames- Request
Body Json Arg Names RequestBodyJsonArgNamesRequestBodyJsonArgNames
- REQUEST_IP_ADDRESS
RequestIPAddressRequestIPAddress- REQUEST_URI
RequestUriRequestUri- QUERY_STRING_ARG_NAMES
QueryStringArgNamesQueryStringArgNames- REQUEST_HEADER_NAMES
RequestHeaderNamesRequestHeaderNames- REQUEST_COOKIE_NAMES
RequestCookieNamesRequestCookieNames- REQUEST_BODY_POST_ARG_NAMES
RequestBodyPostArgNamesRequestBodyPostArgNames- REQUEST_BODY_JSON_ARG_NAMES
RequestBodyJsonArgNamesRequestBodyJsonArgNames
- "Request
IPAddress" RequestIPAddressRequestIPAddress- "Request
Uri" RequestUriRequestUri- "Query
String Arg Names" QueryStringArgNamesQueryStringArgNames- "Request
Header Names" RequestHeaderNamesRequestHeaderNames- "Request
Cookie Names" RequestCookieNamesRequestCookieNames- "Request
Body Post Arg Names" RequestBodyPostArgNamesRequestBodyPostArgNames- "Request
Body Json Arg Names" RequestBodyJsonArgNamesRequestBodyJsonArgNames
ScrubbingRuleEntryState, ScrubbingRuleEntryStateArgs
- Enabled
EnabledEnabled- Disabled
DisabledDisabled
- Scrubbing
Rule Entry State Enabled EnabledEnabled- Scrubbing
Rule Entry State Disabled DisabledDisabled
- "Enabled"
EnabledEnabled- "Disabled"
DisabledDisabled
- Enabled
EnabledEnabled- Disabled
DisabledDisabled
- Enabled
EnabledEnabled- Disabled
DisabledDisabled
- ENABLED
EnabledEnabled- DISABLED
DisabledDisabled
- "Enabled"
EnabledEnabled- "Disabled"
DisabledDisabled
SecurityPolicyLinkResponse, SecurityPolicyLinkResponseArgs
Defines the Resource ID for a Security Policy.- Id string
- Resource ID.
- Id string
- Resource ID.
- id string
- Resource ID.
- id String
- Resource ID.
- id string
- Resource ID.
- id str
- Resource ID.
- id String
- Resource ID.
SensitivityType, SensitivityTypeArgs
- Low
LowLow Sensitivity - triggers the rule by larger spikes in traffic- Medium
MediumMedium Sensitivity - triggers the rule by moderate spikes in traffic- High
HighHigh Sensitivity - triggers the rule by smaller spikes in traffic
- Sensitivity
Type Low LowLow Sensitivity - triggers the rule by larger spikes in traffic- Sensitivity
Type Medium MediumMedium Sensitivity - triggers the rule by moderate spikes in traffic- Sensitivity
Type High HighHigh Sensitivity - triggers the rule by smaller spikes in traffic
- "Low"
LowLow Sensitivity - triggers the rule by larger spikes in traffic- "Medium"
MediumMedium Sensitivity - triggers the rule by moderate spikes in traffic- "High"
HighHigh Sensitivity - triggers the rule by smaller spikes in traffic
- Low
LowLow Sensitivity - triggers the rule by larger spikes in traffic- Medium
MediumMedium Sensitivity - triggers the rule by moderate spikes in traffic- High
HighHigh Sensitivity - triggers the rule by smaller spikes in traffic
- Low
LowLow Sensitivity - triggers the rule by larger spikes in traffic- Medium
MediumMedium Sensitivity - triggers the rule by moderate spikes in traffic- High
HighHigh Sensitivity - triggers the rule by smaller spikes in traffic
- LOW
LowLow Sensitivity - triggers the rule by larger spikes in traffic- MEDIUM
MediumMedium Sensitivity - triggers the rule by moderate spikes in traffic- HIGH
HighHigh Sensitivity - triggers the rule by smaller spikes in traffic
- "Low"
LowLow Sensitivity - triggers the rule by larger spikes in traffic- "Medium"
MediumMedium Sensitivity - triggers the rule by moderate spikes in traffic- "High"
HighHigh Sensitivity - triggers the rule by smaller spikes in traffic
Sku, SkuArgs
The pricing tier of the web application firewall policy.- Name
string | Pulumi.
Azure Native. Front Door. Sku Name - Name of the pricing tier.
- name
string | "Classic_Azure
Front Door" | "Standard_Azure Front Door" | "Premium_Azure Front Door" - Name of the pricing tier.
- name
String | "Classic_Azure
Front Door" | "Standard_Azure Front Door" | "Premium_Azure Front Door" - Name of the pricing tier.
SkuName, SkuNameArgs
- Classic_Azure
Front Door Classic_AzureFrontDoorClassic_AzureFrontDoor- Standard_Azure
Front Door Standard_AzureFrontDoorStandard_AzureFrontDoor- Premium_Azure
Front Door Premium_AzureFrontDoorPremium_AzureFrontDoor
- Sku
Name_Classic_Azure Front Door Classic_AzureFrontDoorClassic_AzureFrontDoor- Sku
Name_Standard_Azure Front Door Standard_AzureFrontDoorStandard_AzureFrontDoor- Sku
Name_Premium_Azure Front Door Premium_AzureFrontDoorPremium_AzureFrontDoor
- "Classic_Azure
Front Door" Classic_AzureFrontDoorClassic_AzureFrontDoor- "Standard_Azure
Front Door" Standard_AzureFrontDoorStandard_AzureFrontDoor- "Premium_Azure
Front Door" Premium_AzureFrontDoorPremium_AzureFrontDoor
- Classic_Azure
Front Door Classic_AzureFrontDoorClassic_AzureFrontDoor- Standard_Azure
Front Door Standard_AzureFrontDoorStandard_AzureFrontDoor- Premium_Azure
Front Door Premium_AzureFrontDoorPremium_AzureFrontDoor
- Classic_Azure
Front Door Classic_AzureFrontDoorClassic_AzureFrontDoor- Standard_Azure
Front Door Standard_AzureFrontDoorStandard_AzureFrontDoor- Premium_Azure
Front Door Premium_AzureFrontDoorPremium_AzureFrontDoor
- CLASSIC_AZURE_FRONT_DOOR
Classic_AzureFrontDoorClassic_AzureFrontDoor- STANDARD_AZURE_FRONT_DOOR
Standard_AzureFrontDoorStandard_AzureFrontDoor- PREMIUM_AZURE_FRONT_DOOR
Premium_AzureFrontDoorPremium_AzureFrontDoor
- "Classic_Azure
Front Door" Classic_AzureFrontDoorClassic_AzureFrontDoor- "Standard_Azure
Front Door" Standard_AzureFrontDoorStandard_AzureFrontDoor- "Premium_Azure
Front Door" Premium_AzureFrontDoorPremium_AzureFrontDoor
SkuResponse, SkuResponseArgs
The pricing tier of the web application firewall policy.- Name string
- Name of the pricing tier.
- Name string
- Name of the pricing tier.
- name string
- Name of the pricing tier.
- name String
- Name of the pricing tier.
- name string
- Name of the pricing tier.
- name str
- Name of the pricing tier.
- name String
- Name of the pricing tier.
TransformType, TransformTypeArgs
- Lowercase
LowercaseLowercase- Uppercase
UppercaseUppercase- Trim
TrimTrim- Url
Decode UrlDecodeUrlDecode- Url
Encode UrlEncodeUrlEncode- Remove
Nulls RemoveNullsRemoveNulls
- Transform
Type Lowercase LowercaseLowercase- Transform
Type Uppercase UppercaseUppercase- Transform
Type Trim TrimTrim- Transform
Type Url Decode UrlDecodeUrlDecode- Transform
Type Url Encode UrlEncodeUrlEncode- Transform
Type Remove Nulls RemoveNullsRemoveNulls
- "Lowercase"
LowercaseLowercase- "Uppercase"
UppercaseUppercase- "Trim"
TrimTrim- "Url
Decode" UrlDecodeUrlDecode- "Url
Encode" UrlEncodeUrlEncode- "Remove
Nulls" RemoveNullsRemoveNulls
- Lowercase
LowercaseLowercase- Uppercase
UppercaseUppercase- Trim
TrimTrim- Url
Decode UrlDecodeUrlDecode- Url
Encode UrlEncodeUrlEncode- Remove
Nulls RemoveNullsRemoveNulls
- Lowercase
LowercaseLowercase- Uppercase
UppercaseUppercase- Trim
TrimTrim- Url
Decode UrlDecodeUrlDecode- Url
Encode UrlEncodeUrlEncode- Remove
Nulls RemoveNullsRemoveNulls
- LOWERCASE
LowercaseLowercase- UPPERCASE
UppercaseUppercase- TRIM
TrimTrim- URL_DECODE
UrlDecodeUrlDecode- URL_ENCODE
UrlEncodeUrlEncode- REMOVE_NULLS
RemoveNullsRemoveNulls
- "Lowercase"
LowercaseLowercase- "Uppercase"
UppercaseUppercase- "Trim"
TrimTrim- "Url
Decode" UrlDecodeUrlDecode- "Url
Encode" UrlEncodeUrlEncode- "Remove
Nulls" RemoveNullsRemoveNulls
VariableName, VariableNameArgs
- Socket
Addr SocketAddrSocketAddr- Geo
Location GeoLocationGeoLocation- None
NoneNone
- Variable
Name Socket Addr SocketAddrSocketAddr- Variable
Name Geo Location GeoLocationGeoLocation- Variable
Name None NoneNone
- "Socket
Addr" SocketAddrSocketAddr- "Geo
Location" GeoLocationGeoLocation- "None"
NoneNone
- Socket
Addr SocketAddrSocketAddr- Geo
Location GeoLocationGeoLocation- None
NoneNone
- Socket
Addr SocketAddrSocketAddr- Geo
Location GeoLocationGeoLocation- None
NoneNone
- SOCKET_ADDR
SocketAddrSocketAddr- GEO_LOCATION
GeoLocationGeoLocation- NONE
NoneNone
- "Socket
Addr" SocketAddrSocketAddr- "Geo
Location" GeoLocationGeoLocation- "None"
NoneNone
WebApplicationFirewallScrubbingRules, WebApplicationFirewallScrubbingRulesArgs
Defines the contents of the log scrubbing rules.- Match
Variable string | Pulumi.Azure Native. Front Door. Scrubbing Rule Entry Match Variable - The variable to be scrubbed from the logs.
- Selector
Match string | Pulumi.Operator Azure Native. Front Door. Scrubbing Rule Entry Match Operator - When matchVariable is a collection, operate on the selector to specify which elements in the collection this rule applies to.
- Selector string
- When matchVariable is a collection, operator used to specify which elements in the collection this rule applies to.
- State
string | Pulumi.
Azure Native. Front Door. Scrubbing Rule Entry State - Defines the state of a log scrubbing rule. Default value is enabled.
- Match
Variable string | ScrubbingRule Entry Match Variable - The variable to be scrubbed from the logs.
- Selector
Match string | ScrubbingOperator Rule Entry Match Operator - When matchVariable is a collection, operate on the selector to specify which elements in the collection this rule applies to.
- Selector string
- When matchVariable is a collection, operator used to specify which elements in the collection this rule applies to.
- State
string | Scrubbing
Rule Entry State - Defines the state of a log scrubbing rule. Default value is enabled.
- match_
variable string | "RequestIPAddress" | "Request Uri" | "Query String Arg Names" | "Request Header Names" | "Request Cookie Names" | "Request Body Post Arg Names" | "Request Body Json Arg Names" - The variable to be scrubbed from the logs.
- selector_
match_ string | "Equalsoperator Any" | "Equals" - When matchVariable is a collection, operate on the selector to specify which elements in the collection this rule applies to.
- selector string
- When matchVariable is a collection, operator used to specify which elements in the collection this rule applies to.
- state string | "Enabled" | "Disabled"
- Defines the state of a log scrubbing rule. Default value is enabled.
- match
Variable String | ScrubbingRule Entry Match Variable - The variable to be scrubbed from the logs.
- selector
Match String | ScrubbingOperator Rule Entry Match Operator - When matchVariable is a collection, operate on the selector to specify which elements in the collection this rule applies to.
- selector String
- When matchVariable is a collection, operator used to specify which elements in the collection this rule applies to.
- state
String | Scrubbing
Rule Entry State - Defines the state of a log scrubbing rule. Default value is enabled.
- match
Variable string | ScrubbingRule Entry Match Variable - The variable to be scrubbed from the logs.
- selector
Match string | ScrubbingOperator Rule Entry Match Operator - When matchVariable is a collection, operate on the selector to specify which elements in the collection this rule applies to.
- selector string
- When matchVariable is a collection, operator used to specify which elements in the collection this rule applies to.
- state
string | Scrubbing
Rule Entry State - Defines the state of a log scrubbing rule. Default value is enabled.
- match_
variable str | ScrubbingRule Entry Match Variable - The variable to be scrubbed from the logs.
- selector_
match_ str | Scrubbingoperator Rule Entry Match Operator - When matchVariable is a collection, operate on the selector to specify which elements in the collection this rule applies to.
- selector str
- When matchVariable is a collection, operator used to specify which elements in the collection this rule applies to.
- state
str | Scrubbing
Rule Entry State - Defines the state of a log scrubbing rule. Default value is enabled.
- match
Variable String | "RequestIPAddress" | "Request Uri" | "Query String Arg Names" | "Request Header Names" | "Request Cookie Names" | "Request Body Post Arg Names" | "Request Body Json Arg Names" - The variable to be scrubbed from the logs.
- selector
Match String | "EqualsOperator Any" | "Equals" - When matchVariable is a collection, operate on the selector to specify which elements in the collection this rule applies to.
- selector String
- When matchVariable is a collection, operator used to specify which elements in the collection this rule applies to.
- state String | "Enabled" | "Disabled"
- Defines the state of a log scrubbing rule. Default value is enabled.
WebApplicationFirewallScrubbingRulesResponse, WebApplicationFirewallScrubbingRulesResponseArgs
Defines the contents of the log scrubbing rules.- Match
Variable string - The variable to be scrubbed from the logs.
- Selector
Match stringOperator - When matchVariable is a collection, operate on the selector to specify which elements in the collection this rule applies to.
- Selector string
- When matchVariable is a collection, operator used to specify which elements in the collection this rule applies to.
- State string
- Defines the state of a log scrubbing rule. Default value is enabled.
- Match
Variable string - The variable to be scrubbed from the logs.
- Selector
Match stringOperator - When matchVariable is a collection, operate on the selector to specify which elements in the collection this rule applies to.
- Selector string
- When matchVariable is a collection, operator used to specify which elements in the collection this rule applies to.
- State string
- Defines the state of a log scrubbing rule. Default value is enabled.
- match_
variable string - The variable to be scrubbed from the logs.
- selector_
match_ stringoperator - When matchVariable is a collection, operate on the selector to specify which elements in the collection this rule applies to.
- selector string
- When matchVariable is a collection, operator used to specify which elements in the collection this rule applies to.
- state string
- Defines the state of a log scrubbing rule. Default value is enabled.
- match
Variable String - The variable to be scrubbed from the logs.
- selector
Match StringOperator - When matchVariable is a collection, operate on the selector to specify which elements in the collection this rule applies to.
- selector String
- When matchVariable is a collection, operator used to specify which elements in the collection this rule applies to.
- state String
- Defines the state of a log scrubbing rule. Default value is enabled.
- match
Variable string - The variable to be scrubbed from the logs.
- selector
Match stringOperator - When matchVariable is a collection, operate on the selector to specify which elements in the collection this rule applies to.
- selector string
- When matchVariable is a collection, operator used to specify which elements in the collection this rule applies to.
- state string
- Defines the state of a log scrubbing rule. Default value is enabled.
- match_
variable str - The variable to be scrubbed from the logs.
- selector_
match_ stroperator - When matchVariable is a collection, operate on the selector to specify which elements in the collection this rule applies to.
- selector str
- When matchVariable is a collection, operator used to specify which elements in the collection this rule applies to.
- state str
- Defines the state of a log scrubbing rule. Default value is enabled.
- match
Variable String - The variable to be scrubbed from the logs.
- selector
Match StringOperator - When matchVariable is a collection, operate on the selector to specify which elements in the collection this rule applies to.
- selector String
- When matchVariable is a collection, operator used to specify which elements in the collection this rule applies to.
- state String
- Defines the state of a log scrubbing rule. Default value is enabled.
WebApplicationFirewallScrubbingState, WebApplicationFirewallScrubbingStateArgs
- Enabled
EnabledEnabled- Disabled
DisabledDisabled
- Web
Application Firewall Scrubbing State Enabled EnabledEnabled- Web
Application Firewall Scrubbing State Disabled DisabledDisabled
- "Enabled"
EnabledEnabled- "Disabled"
DisabledDisabled
- Enabled
EnabledEnabled- Disabled
DisabledDisabled
- Enabled
EnabledEnabled- Disabled
DisabledDisabled
- ENABLED
EnabledEnabled- DISABLED
DisabledDisabled
- "Enabled"
EnabledEnabled- "Disabled"
DisabledDisabled
Import
An existing resource can be imported using its type token, name, and identifier, e.g.
$ pulumi import azure-native:frontdoor:Policy Policy1 /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/FrontDoorWebApplicationFirewallPolicies/{policyName}
To learn more about importing existing cloud resources, see Importing resources.
Package Details
- Repository
- Azure Native pulumi/pulumi-azure-native
- License
- Apache-2.0
published on Thursday, Jul 9, 2026 by Pulumi