Fastly v11.0.0 published on Thursday, Sep 4, 2025 by Pulumi
fastly.NgwafAccountRule
Provides a Fastly Next-Gen WAF Account Rule.
Account-level rules apply across one or more workspaces and are useful for defining shared or global WAF logic.
Example Usage
Basic usage:
import * as pulumi from "@pulumi/pulumi";
import * as fastly from "@pulumi/fastly";
const example = new fastly.NgwafAccountRule("example", {
appliesTos: ["*"],
type: "request",
description: "example",
enabled: true,
requestLogging: "sampled",
groupOperator: "all",
actions: [{
type: "block",
}],
conditions: [{
field: "ip",
operator: "equals",
value: "1.2.3.4",
}],
groupConditions: [{
groupOperator: "all",
conditions: [{
field: "method",
operator: "equals",
value: "POST",
}],
}],
});
import pulumi
import pulumi_fastly as fastly
example = fastly.NgwafAccountRule("example",
applies_tos=["*"],
type="request",
description="example",
enabled=True,
request_logging="sampled",
group_operator="all",
actions=[{
"type": "block",
}],
conditions=[{
"field": "ip",
"operator": "equals",
"value": "1.2.3.4",
}],
group_conditions=[{
"group_operator": "all",
"conditions": [{
"field": "method",
"operator": "equals",
"value": "POST",
}],
}])
package main
import (
"github.com/pulumi/pulumi-fastly/sdk/v11/go/fastly"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := fastly.NewNgwafAccountRule(ctx, "example", &fastly.NgwafAccountRuleArgs{
AppliesTos: pulumi.StringArray{
pulumi.String("*"),
},
Type: pulumi.String("request"),
Description: pulumi.String("example"),
Enabled: pulumi.Bool(true),
RequestLogging: pulumi.String("sampled"),
GroupOperator: pulumi.String("all"),
Actions: fastly.NgwafAccountRuleActionArray{
&fastly.NgwafAccountRuleActionArgs{
Type: pulumi.String("block"),
},
},
Conditions: fastly.NgwafAccountRuleConditionArray{
&fastly.NgwafAccountRuleConditionArgs{
Field: pulumi.String("ip"),
Operator: pulumi.String("equals"),
Value: pulumi.String("1.2.3.4"),
},
},
GroupConditions: fastly.NgwafAccountRuleGroupConditionArray{
&fastly.NgwafAccountRuleGroupConditionArgs{
GroupOperator: pulumi.String("all"),
Conditions: fastly.NgwafAccountRuleGroupConditionConditionArray{
&fastly.NgwafAccountRuleGroupConditionConditionArgs{
Field: pulumi.String("method"),
Operator: pulumi.String("equals"),
Value: pulumi.String("POST"),
},
},
},
},
})
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Fastly = Pulumi.Fastly;
return await Deployment.RunAsync(() =>
{
var example = new Fastly.NgwafAccountRule("example", new()
{
AppliesTos = new[]
{
"*",
},
Type = "request",
Description = "example",
Enabled = true,
RequestLogging = "sampled",
GroupOperator = "all",
Actions = new[]
{
new Fastly.Inputs.NgwafAccountRuleActionArgs
{
Type = "block",
},
},
Conditions = new[]
{
new Fastly.Inputs.NgwafAccountRuleConditionArgs
{
Field = "ip",
Operator = "equals",
Value = "1.2.3.4",
},
},
GroupConditions = new[]
{
new Fastly.Inputs.NgwafAccountRuleGroupConditionArgs
{
GroupOperator = "all",
Conditions = new[]
{
new Fastly.Inputs.NgwafAccountRuleGroupConditionConditionArgs
{
Field = "method",
Operator = "equals",
Value = "POST",
},
},
},
},
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.fastly.NgwafAccountRule;
import com.pulumi.fastly.NgwafAccountRuleArgs;
import com.pulumi.fastly.inputs.NgwafAccountRuleActionArgs;
import com.pulumi.fastly.inputs.NgwafAccountRuleConditionArgs;
import com.pulumi.fastly.inputs.NgwafAccountRuleGroupConditionArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var example = new NgwafAccountRule("example", NgwafAccountRuleArgs.builder()
.appliesTos("*")
.type("request")
.description("example")
.enabled(true)
.requestLogging("sampled")
.groupOperator("all")
.actions(NgwafAccountRuleActionArgs.builder()
.type("block")
.build())
.conditions(NgwafAccountRuleConditionArgs.builder()
.field("ip")
.operator("equals")
.value("1.2.3.4")
.build())
.groupConditions(NgwafAccountRuleGroupConditionArgs.builder()
.groupOperator("all")
.conditions(NgwafAccountRuleGroupConditionConditionArgs.builder()
.field("method")
.operator("equals")
.value("POST")
.build())
.build())
.build());
}
}
resources:
example:
type: fastly:NgwafAccountRule
properties:
appliesTos:
- '*'
type: request
description: example
enabled: true
requestLogging: sampled
groupOperator: all
actions:
- type: block
conditions:
- field: ip
operator: equals
value: 1.2.3.4
groupConditions:
- groupOperator: all
conditions:
- field: method
operator: equals
value: POST
Create NgwafAccountRule Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new NgwafAccountRule(name: string, args: NgwafAccountRuleArgs, opts?: CustomResourceOptions);@overload
def NgwafAccountRule(resource_name: str,
args: NgwafAccountRuleArgs,
opts: Optional[ResourceOptions] = None)
@overload
def NgwafAccountRule(resource_name: str,
opts: Optional[ResourceOptions] = None,
actions: Optional[Sequence[NgwafAccountRuleActionArgs]] = None,
applies_tos: Optional[Sequence[str]] = None,
description: Optional[str] = None,
enabled: Optional[bool] = None,
type: Optional[str] = None,
conditions: Optional[Sequence[NgwafAccountRuleConditionArgs]] = None,
group_conditions: Optional[Sequence[NgwafAccountRuleGroupConditionArgs]] = None,
group_operator: Optional[str] = None,
rate_limit: Optional[NgwafAccountRuleRateLimitArgs] = None,
request_logging: Optional[str] = None)func NewNgwafAccountRule(ctx *Context, name string, args NgwafAccountRuleArgs, opts ...ResourceOption) (*NgwafAccountRule, error)public NgwafAccountRule(string name, NgwafAccountRuleArgs args, CustomResourceOptions? opts = null)
public NgwafAccountRule(String name, NgwafAccountRuleArgs args)
public NgwafAccountRule(String name, NgwafAccountRuleArgs args, CustomResourceOptions options)
type: fastly:NgwafAccountRule
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name string
- The unique name of the resource.
- args NgwafAccountRuleArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args NgwafAccountRuleArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args NgwafAccountRuleArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args NgwafAccountRuleArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args NgwafAccountRuleArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Constructor example
The following reference example uses placeholder values for all input properties.
var ngwafAccountRuleResource = new Fastly.NgwafAccountRule("ngwafAccountRuleResource", new()
{
Actions = new[]
{
new Fastly.Inputs.NgwafAccountRuleActionArgs
{
Type = "string",
Signal = "string",
},
},
AppliesTos = new[]
{
"string",
},
Description = "string",
Enabled = false,
Type = "string",
Conditions = new[]
{
new Fastly.Inputs.NgwafAccountRuleConditionArgs
{
Field = "string",
Operator = "string",
Value = "string",
},
},
GroupConditions = new[]
{
new Fastly.Inputs.NgwafAccountRuleGroupConditionArgs
{
Conditions = new[]
{
new Fastly.Inputs.NgwafAccountRuleGroupConditionConditionArgs
{
Field = "string",
Operator = "string",
Value = "string",
},
},
GroupOperator = "string",
},
},
GroupOperator = "string",
RateLimit = new Fastly.Inputs.NgwafAccountRuleRateLimitArgs
{
ClientIdentifiers = new[]
{
new Fastly.Inputs.NgwafAccountRuleRateLimitClientIdentifierArgs
{
Type = "string",
Key = "string",
Name = "string",
},
},
Duration = 0,
Interval = 0,
Signal = "string",
Threshold = 0,
},
RequestLogging = "string",
});
example, err := fastly.NewNgwafAccountRule(ctx, "ngwafAccountRuleResource", &fastly.NgwafAccountRuleArgs{
Actions: fastly.NgwafAccountRuleActionArray{
&fastly.NgwafAccountRuleActionArgs{
Type: pulumi.String("string"),
Signal: pulumi.String("string"),
},
},
AppliesTos: pulumi.StringArray{
pulumi.String("string"),
},
Description: pulumi.String("string"),
Enabled: pulumi.Bool(false),
Type: pulumi.String("string"),
Conditions: fastly.NgwafAccountRuleConditionArray{
&fastly.NgwafAccountRuleConditionArgs{
Field: pulumi.String("string"),
Operator: pulumi.String("string"),
Value: pulumi.String("string"),
},
},
GroupConditions: fastly.NgwafAccountRuleGroupConditionArray{
&fastly.NgwafAccountRuleGroupConditionArgs{
Conditions: fastly.NgwafAccountRuleGroupConditionConditionArray{
&fastly.NgwafAccountRuleGroupConditionConditionArgs{
Field: pulumi.String("string"),
Operator: pulumi.String("string"),
Value: pulumi.String("string"),
},
},
GroupOperator: pulumi.String("string"),
},
},
GroupOperator: pulumi.String("string"),
RateLimit: &fastly.NgwafAccountRuleRateLimitArgs{
ClientIdentifiers: fastly.NgwafAccountRuleRateLimitClientIdentifierArray{
&fastly.NgwafAccountRuleRateLimitClientIdentifierArgs{
Type: pulumi.String("string"),
Key: pulumi.String("string"),
Name: pulumi.String("string"),
},
},
Duration: pulumi.Int(0),
Interval: pulumi.Int(0),
Signal: pulumi.String("string"),
Threshold: pulumi.Int(0),
},
RequestLogging: pulumi.String("string"),
})
var ngwafAccountRuleResource = new NgwafAccountRule("ngwafAccountRuleResource", NgwafAccountRuleArgs.builder()
.actions(NgwafAccountRuleActionArgs.builder()
.type("string")
.signal("string")
.build())
.appliesTos("string")
.description("string")
.enabled(false)
.type("string")
.conditions(NgwafAccountRuleConditionArgs.builder()
.field("string")
.operator("string")
.value("string")
.build())
.groupConditions(NgwafAccountRuleGroupConditionArgs.builder()
.conditions(NgwafAccountRuleGroupConditionConditionArgs.builder()
.field("string")
.operator("string")
.value("string")
.build())
.groupOperator("string")
.build())
.groupOperator("string")
.rateLimit(NgwafAccountRuleRateLimitArgs.builder()
.clientIdentifiers(NgwafAccountRuleRateLimitClientIdentifierArgs.builder()
.type("string")
.key("string")
.name("string")
.build())
.duration(0)
.interval(0)
.signal("string")
.threshold(0)
.build())
.requestLogging("string")
.build());
ngwaf_account_rule_resource = fastly.NgwafAccountRule("ngwafAccountRuleResource",
actions=[{
"type": "string",
"signal": "string",
}],
applies_tos=["string"],
description="string",
enabled=False,
type="string",
conditions=[{
"field": "string",
"operator": "string",
"value": "string",
}],
group_conditions=[{
"conditions": [{
"field": "string",
"operator": "string",
"value": "string",
}],
"group_operator": "string",
}],
group_operator="string",
rate_limit={
"client_identifiers": [{
"type": "string",
"key": "string",
"name": "string",
}],
"duration": 0,
"interval": 0,
"signal": "string",
"threshold": 0,
},
request_logging="string")
const ngwafAccountRuleResource = new fastly.NgwafAccountRule("ngwafAccountRuleResource", {
actions: [{
type: "string",
signal: "string",
}],
appliesTos: ["string"],
description: "string",
enabled: false,
type: "string",
conditions: [{
field: "string",
operator: "string",
value: "string",
}],
groupConditions: [{
conditions: [{
field: "string",
operator: "string",
value: "string",
}],
groupOperator: "string",
}],
groupOperator: "string",
rateLimit: {
clientIdentifiers: [{
type: "string",
key: "string",
name: "string",
}],
duration: 0,
interval: 0,
signal: "string",
threshold: 0,
},
requestLogging: "string",
});
type: fastly:NgwafAccountRule
properties:
actions:
- signal: string
type: string
appliesTos:
- string
conditions:
- field: string
operator: string
value: string
description: string
enabled: false
groupConditions:
- conditions:
- field: string
operator: string
value: string
groupOperator: string
groupOperator: string
rateLimit:
clientIdentifiers:
- key: string
name: string
type: string
duration: 0
interval: 0
signal: string
threshold: 0
requestLogging: string
type: string
NgwafAccountRule Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.
The NgwafAccountRule resource accepts the following input properties:
- Actions
List<Ngwaf
Account Rule Action> - List of actions to perform when the rule matches.
- Applies
Tos List<string> - The list of workspace IDs this signal applies to, or the wildcard
*if it applies to all workspaces. - Description string
- The description of the rule.
- Enabled bool
- Whether the rule is currently enabled.
- Type string
- The type of the rule. Accepted values are
requestandsignal. - Conditions
List<Ngwaf
Account Rule Condition> - Flat list of individual conditions. Each must include
field,operator, andvalue. - Group
Conditions List<NgwafAccount Rule Group Condition> - List of grouped conditions with nested logic. Each group must define a
group_operatorand at least one condition. - Group
Operator string - Logical operator to apply to group conditions. Accepted values are
anyandall. - Rate
Limit NgwafAccount Rule Rate Limit - Block specifically for rate*limit rules.
- Request
Logging string - Logging behavior for matching requests. Accepted values are
sampledandnone.
- Actions
[]Ngwaf
Account Rule Action Args - List of actions to perform when the rule matches.
- Applies
Tos []string - The list of workspace IDs this signal applies to, or the wildcard
*if it applies to all workspaces. - Description string
- The description of the rule.
- Enabled bool
- Whether the rule is currently enabled.
- Type string
- The type of the rule. Accepted values are
requestandsignal. - Conditions
[]Ngwaf
Account Rule Condition Args - Flat list of individual conditions. Each must include
field,operator, andvalue. - Group
Conditions []NgwafAccount Rule Group Condition Args - List of grouped conditions with nested logic. Each group must define a
group_operatorand at least one condition. - Group
Operator string - Logical operator to apply to group conditions. Accepted values are
anyandall. - Rate
Limit NgwafAccount Rule Rate Limit Args - Block specifically for rate*limit rules.
- Request
Logging string - Logging behavior for matching requests. Accepted values are
sampledandnone.
- actions
List<Ngwaf
Account Rule Action> - List of actions to perform when the rule matches.
- applies
Tos List<String> - The list of workspace IDs this signal applies to, or the wildcard
*if it applies to all workspaces. - description String
- The description of the rule.
- enabled Boolean
- Whether the rule is currently enabled.
- type String
- The type of the rule. Accepted values are
requestandsignal. - conditions
List<Ngwaf
Account Rule Condition> - Flat list of individual conditions. Each must include
field,operator, andvalue. - group
Conditions List<NgwafAccount Rule Group Condition> - List of grouped conditions with nested logic. Each group must define a
group_operatorand at least one condition. - group
Operator String - Logical operator to apply to group conditions. Accepted values are
anyandall. - rate
Limit NgwafAccount Rule Rate Limit - Block specifically for rate*limit rules.
- request
Logging String - Logging behavior for matching requests. Accepted values are
sampledandnone.
- actions
Ngwaf
Account Rule Action[] - List of actions to perform when the rule matches.
- applies
Tos string[] - The list of workspace IDs this signal applies to, or the wildcard
*if it applies to all workspaces. - description string
- The description of the rule.
- enabled boolean
- Whether the rule is currently enabled.
- type string
- The type of the rule. Accepted values are
requestandsignal. - conditions
Ngwaf
Account Rule Condition[] - Flat list of individual conditions. Each must include
field,operator, andvalue. - group
Conditions NgwafAccount Rule Group Condition[] - List of grouped conditions with nested logic. Each group must define a
group_operatorand at least one condition. - group
Operator string - Logical operator to apply to group conditions. Accepted values are
anyandall. - rate
Limit NgwafAccount Rule Rate Limit - Block specifically for rate*limit rules.
- request
Logging string - Logging behavior for matching requests. Accepted values are
sampledandnone.
- actions
Sequence[Ngwaf
Account Rule Action Args] - List of actions to perform when the rule matches.
- applies_
tos Sequence[str] - The list of workspace IDs this signal applies to, or the wildcard
*if it applies to all workspaces. - description str
- The description of the rule.
- enabled bool
- Whether the rule is currently enabled.
- type str
- The type of the rule. Accepted values are
requestandsignal. - conditions
Sequence[Ngwaf
Account Rule Condition Args] - Flat list of individual conditions. Each must include
field,operator, andvalue. - group_
conditions Sequence[NgwafAccount Rule Group Condition Args] - List of grouped conditions with nested logic. Each group must define a
group_operatorand at least one condition. - group_
operator str - Logical operator to apply to group conditions. Accepted values are
anyandall. - rate_
limit NgwafAccount Rule Rate Limit Args - Block specifically for rate*limit rules.
- request_
logging str - Logging behavior for matching requests. Accepted values are
sampledandnone.
- actions List<Property Map>
- List of actions to perform when the rule matches.
- applies
Tos List<String> - The list of workspace IDs this signal applies to, or the wildcard
*if it applies to all workspaces. - description String
- The description of the rule.
- enabled Boolean
- Whether the rule is currently enabled.
- type String
- The type of the rule. Accepted values are
requestandsignal. - conditions List<Property Map>
- Flat list of individual conditions. Each must include
field,operator, andvalue. - group
Conditions List<Property Map> - List of grouped conditions with nested logic. Each group must define a
group_operatorand at least one condition. - group
Operator String - Logical operator to apply to group conditions. Accepted values are
anyandall. - rate
Limit Property Map - Block specifically for rate*limit rules.
- request
Logging String - Logging behavior for matching requests. Accepted values are
sampledandnone.
Outputs
All input properties are implicitly available as output properties. Additionally, the NgwafAccountRule resource produces the following output properties:
- Id string
- The provider-assigned unique ID for this managed resource.
- Id string
- The provider-assigned unique ID for this managed resource.
- id String
- The provider-assigned unique ID for this managed resource.
- id string
- The provider-assigned unique ID for this managed resource.
- id str
- The provider-assigned unique ID for this managed resource.
- id String
- The provider-assigned unique ID for this managed resource.
Look up Existing NgwafAccountRule Resource
Get an existing NgwafAccountRule resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: NgwafAccountRuleState, opts?: CustomResourceOptions): NgwafAccountRule@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
actions: Optional[Sequence[NgwafAccountRuleActionArgs]] = None,
applies_tos: Optional[Sequence[str]] = None,
conditions: Optional[Sequence[NgwafAccountRuleConditionArgs]] = None,
description: Optional[str] = None,
enabled: Optional[bool] = None,
group_conditions: Optional[Sequence[NgwafAccountRuleGroupConditionArgs]] = None,
group_operator: Optional[str] = None,
rate_limit: Optional[NgwafAccountRuleRateLimitArgs] = None,
request_logging: Optional[str] = None,
type: Optional[str] = None) -> NgwafAccountRulefunc GetNgwafAccountRule(ctx *Context, name string, id IDInput, state *NgwafAccountRuleState, opts ...ResourceOption) (*NgwafAccountRule, error)public static NgwafAccountRule Get(string name, Input<string> id, NgwafAccountRuleState? state, CustomResourceOptions? opts = null)public static NgwafAccountRule get(String name, Output<String> id, NgwafAccountRuleState state, CustomResourceOptions options)resources: _: type: fastly:NgwafAccountRule get: id: ${id}- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- Actions
List<Ngwaf
Account Rule Action> - List of actions to perform when the rule matches.
- Applies
Tos List<string> - The list of workspace IDs this signal applies to, or the wildcard
*if it applies to all workspaces. - Conditions
List<Ngwaf
Account Rule Condition> - Flat list of individual conditions. Each must include
field,operator, andvalue. - Description string
- The description of the rule.
- Enabled bool
- Whether the rule is currently enabled.
- Group
Conditions List<NgwafAccount Rule Group Condition> - List of grouped conditions with nested logic. Each group must define a
group_operatorand at least one condition. - Group
Operator string - Logical operator to apply to group conditions. Accepted values are
anyandall. - Rate
Limit NgwafAccount Rule Rate Limit - Block specifically for rate*limit rules.
- Request
Logging string - Logging behavior for matching requests. Accepted values are
sampledandnone. - Type string
- The type of the rule. Accepted values are
requestandsignal.
- Actions
[]Ngwaf
Account Rule Action Args - List of actions to perform when the rule matches.
- Applies
Tos []string - The list of workspace IDs this signal applies to, or the wildcard
*if it applies to all workspaces. - Conditions
[]Ngwaf
Account Rule Condition Args - Flat list of individual conditions. Each must include
field,operator, andvalue. - Description string
- The description of the rule.
- Enabled bool
- Whether the rule is currently enabled.
- Group
Conditions []NgwafAccount Rule Group Condition Args - List of grouped conditions with nested logic. Each group must define a
group_operatorand at least one condition. - Group
Operator string - Logical operator to apply to group conditions. Accepted values are
anyandall. - Rate
Limit NgwafAccount Rule Rate Limit Args - Block specifically for rate*limit rules.
- Request
Logging string - Logging behavior for matching requests. Accepted values are
sampledandnone. - Type string
- The type of the rule. Accepted values are
requestandsignal.
- actions
List<Ngwaf
Account Rule Action> - List of actions to perform when the rule matches.
- applies
Tos List<String> - The list of workspace IDs this signal applies to, or the wildcard
*if it applies to all workspaces. - conditions
List<Ngwaf
Account Rule Condition> - Flat list of individual conditions. Each must include
field,operator, andvalue. - description String
- The description of the rule.
- enabled Boolean
- Whether the rule is currently enabled.
- group
Conditions List<NgwafAccount Rule Group Condition> - List of grouped conditions with nested logic. Each group must define a
group_operatorand at least one condition. - group
Operator String - Logical operator to apply to group conditions. Accepted values are
anyandall. - rate
Limit NgwafAccount Rule Rate Limit - Block specifically for rate*limit rules.
- request
Logging String - Logging behavior for matching requests. Accepted values are
sampledandnone. - type String
- The type of the rule. Accepted values are
requestandsignal.
- actions
Ngwaf
Account Rule Action[] - List of actions to perform when the rule matches.
- applies
Tos string[] - The list of workspace IDs this signal applies to, or the wildcard
*if it applies to all workspaces. - conditions
Ngwaf
Account Rule Condition[] - Flat list of individual conditions. Each must include
field,operator, andvalue. - description string
- The description of the rule.
- enabled boolean
- Whether the rule is currently enabled.
- group
Conditions NgwafAccount Rule Group Condition[] - List of grouped conditions with nested logic. Each group must define a
group_operatorand at least one condition. - group
Operator string - Logical operator to apply to group conditions. Accepted values are
anyandall. - rate
Limit NgwafAccount Rule Rate Limit - Block specifically for rate*limit rules.
- request
Logging string - Logging behavior for matching requests. Accepted values are
sampledandnone. - type string
- The type of the rule. Accepted values are
requestandsignal.
- actions
Sequence[Ngwaf
Account Rule Action Args] - List of actions to perform when the rule matches.
- applies_
tos Sequence[str] - The list of workspace IDs this signal applies to, or the wildcard
*if it applies to all workspaces. - conditions
Sequence[Ngwaf
Account Rule Condition Args] - Flat list of individual conditions. Each must include
field,operator, andvalue. - description str
- The description of the rule.
- enabled bool
- Whether the rule is currently enabled.
- group_
conditions Sequence[NgwafAccount Rule Group Condition Args] - List of grouped conditions with nested logic. Each group must define a
group_operatorand at least one condition. - group_
operator str - Logical operator to apply to group conditions. Accepted values are
anyandall. - rate_
limit NgwafAccount Rule Rate Limit Args - Block specifically for rate*limit rules.
- request_
logging str - Logging behavior for matching requests. Accepted values are
sampledandnone. - type str
- The type of the rule. Accepted values are
requestandsignal.
- actions List<Property Map>
- List of actions to perform when the rule matches.
- applies
Tos List<String> - The list of workspace IDs this signal applies to, or the wildcard
*if it applies to all workspaces. - conditions List<Property Map>
- Flat list of individual conditions. Each must include
field,operator, andvalue. - description String
- The description of the rule.
- enabled Boolean
- Whether the rule is currently enabled.
- group
Conditions List<Property Map> - List of grouped conditions with nested logic. Each group must define a
group_operatorand at least one condition. - group
Operator String - Logical operator to apply to group conditions. Accepted values are
anyandall. - rate
Limit Property Map - Block specifically for rate*limit rules.
- request
Logging String - Logging behavior for matching requests. Accepted values are
sampledandnone. - type String
- The type of the rule. Accepted values are
requestandsignal.
Supporting Types
NgwafAccountRuleAction, NgwafAccountRuleActionArgs
NgwafAccountRuleCondition, NgwafAccountRuleConditionArgs
NgwafAccountRuleGroupCondition, NgwafAccountRuleGroupConditionArgs
- Conditions
List<Ngwaf
Account Rule Group Condition Condition> - A list of nested conditions in this group.
- Group
Operator string - Logical operator for the group. Accepted values are
anyandall.
- Conditions
[]Ngwaf
Account Rule Group Condition Condition - A list of nested conditions in this group.
- Group
Operator string - Logical operator for the group. Accepted values are
anyandall.
- conditions
List<Ngwaf
Account Rule Group Condition Condition> - A list of nested conditions in this group.
- group
Operator String - Logical operator for the group. Accepted values are
anyandall.
- conditions
Ngwaf
Account Rule Group Condition Condition[] - A list of nested conditions in this group.
- group
Operator string - Logical operator for the group. Accepted values are
anyandall.
- conditions
Sequence[Ngwaf
Account Rule Group Condition Condition] - A list of nested conditions in this group.
- group_
operator str - Logical operator for the group. Accepted values are
anyandall.
- conditions List<Property Map>
- A list of nested conditions in this group.
- group
Operator String - Logical operator for the group. Accepted values are
anyandall.
NgwafAccountRuleGroupConditionCondition, NgwafAccountRuleGroupConditionConditionArgs
NgwafAccountRuleRateLimit, NgwafAccountRuleRateLimitArgs
- Client
Identifiers List<NgwafAccount Rule Rate Limit Client Identifier> - List of client identifiers used for rate limiting. Can only be length 1 or 2.
- Duration int
- Duration in seconds for the rate limit.
- Interval int
- Time interval for the rate limit in seconds. Accepted values are 60, 600, and 3600.
- Signal string
- Reference ID of the custom signal this rule uses to count requests.
- Threshold int
- Rate limit threshold. Minimum 1 and maximum 10,000.
- Client
Identifiers []NgwafAccount Rule Rate Limit Client Identifier - List of client identifiers used for rate limiting. Can only be length 1 or 2.
- Duration int
- Duration in seconds for the rate limit.
- Interval int
- Time interval for the rate limit in seconds. Accepted values are 60, 600, and 3600.
- Signal string
- Reference ID of the custom signal this rule uses to count requests.
- Threshold int
- Rate limit threshold. Minimum 1 and maximum 10,000.
- client
Identifiers List<NgwafAccount Rule Rate Limit Client Identifier> - List of client identifiers used for rate limiting. Can only be length 1 or 2.
- duration Integer
- Duration in seconds for the rate limit.
- interval Integer
- Time interval for the rate limit in seconds. Accepted values are 60, 600, and 3600.
- signal String
- Reference ID of the custom signal this rule uses to count requests.
- threshold Integer
- Rate limit threshold. Minimum 1 and maximum 10,000.
- client
Identifiers NgwafAccount Rule Rate Limit Client Identifier[] - List of client identifiers used for rate limiting. Can only be length 1 or 2.
- duration number
- Duration in seconds for the rate limit.
- interval number
- Time interval for the rate limit in seconds. Accepted values are 60, 600, and 3600.
- signal string
- Reference ID of the custom signal this rule uses to count requests.
- threshold number
- Rate limit threshold. Minimum 1 and maximum 10,000.
- client_
identifiers Sequence[NgwafAccount Rule Rate Limit Client Identifier] - List of client identifiers used for rate limiting. Can only be length 1 or 2.
- duration int
- Duration in seconds for the rate limit.
- interval int
- Time interval for the rate limit in seconds. Accepted values are 60, 600, and 3600.
- signal str
- Reference ID of the custom signal this rule uses to count requests.
- threshold int
- Rate limit threshold. Minimum 1 and maximum 10,000.
- client
Identifiers List<Property Map> - List of client identifiers used for rate limiting. Can only be length 1 or 2.
- duration Number
- Duration in seconds for the rate limit.
- interval Number
- Time interval for the rate limit in seconds. Accepted values are 60, 600, and 3600.
- signal String
- Reference ID of the custom signal this rule uses to count requests.
- threshold Number
- Rate limit threshold. Minimum 1 and maximum 10,000.
NgwafAccountRuleRateLimitClientIdentifier, NgwafAccountRuleRateLimitClientIdentifierArgs
Import
Fastly Next-Gen WAF account rules can be imported using just the rule ID, e.g.:
$ pulumi import fastly:index/ngwafAccountRule:NgwafAccountRule demo <ruleID>
To learn more about importing existing cloud resources, see Importing resources.
Package Details
- Repository
- Fastly pulumi/pulumi-fastly
- License
- Apache-2.0
- Notes
- This Pulumi package is based on the
fastlyTerraform Provider.
