Docs Home
incapsula 3.33.0 published on Wednesday, Apr 30, 2025 by imperva
incapsula.AccountPolicyAssociation
Explore with Pulumi AI
incapsula 3.33.0 published on Wednesday, Apr 30, 2025 by imperva
Provides an Incapsula Account Policy Association resource.
Dependency is on existing policies, created using the incapsula.Policy resource.
Example Usage
Basic Usage - Account Policy Association for account before WAF settings are migrated to the WAF RULES policy - default_waf_policy_id is not set
import * as pulumi from "@pulumi/pulumi";
import * as incapsula from "@pulumi/incapsula";
const accountData = incapsula.getAccountData({});
const example_account_policy_association = new incapsula.AccountPolicyAssociation("example-account-policy-association", {
accountId: accountData.then(accountData => accountData.currentAccount),
defaultNonMandatoryPolicyIds: [
"123777",
"123888",
"123999",
"123444",
incapsula_policy.default_acl_policy.id,
incapsula_policy.default_allowlist_policy.id,
],
});
import pulumi
import pulumi_incapsula as incapsula
account_data = incapsula.get_account_data()
example_account_policy_association = incapsula.AccountPolicyAssociation("example-account-policy-association",
account_id=account_data.current_account,
default_non_mandatory_policy_ids=[
"123777",
"123888",
"123999",
"123444",
incapsula_policy["default_acl_policy"]["id"],
incapsula_policy["default_allowlist_policy"]["id"],
])
package main
import (
"github.com/pulumi/pulumi-terraform-provider/sdks/go/incapsula/v3/incapsula"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
accountData, err := incapsula.GetAccountData(ctx, &incapsula.GetAccountDataArgs{}, nil)
if err != nil {
return err
}
_, err = incapsula.NewAccountPolicyAssociation(ctx, "example-account-policy-association", &incapsula.AccountPolicyAssociationArgs{
AccountId: pulumi.String(accountData.CurrentAccount),
DefaultNonMandatoryPolicyIds: pulumi.StringArray{
pulumi.String("123777"),
pulumi.String("123888"),
pulumi.String("123999"),
pulumi.String("123444"),
incapsula_policy.Default_acl_policy.Id,
incapsula_policy.Default_allowlist_policy.Id,
},
})
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Incapsula = Pulumi.Incapsula;
return await Deployment.RunAsync(() =>
{
var accountData = Incapsula.GetAccountData.Invoke();
var example_account_policy_association = new Incapsula.AccountPolicyAssociation("example-account-policy-association", new()
{
AccountId = accountData.Apply(getAccountDataResult => getAccountDataResult.CurrentAccount),
DefaultNonMandatoryPolicyIds = new[]
{
"123777",
"123888",
"123999",
"123444",
incapsula_policy.Default_acl_policy.Id,
incapsula_policy.Default_allowlist_policy.Id,
},
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.incapsula.IncapsulaFunctions;
import com.pulumi.incapsula.inputs.GetAccountDataArgs;
import com.pulumi.incapsula.AccountPolicyAssociation;
import com.pulumi.incapsula.AccountPolicyAssociationArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
final var accountData = IncapsulaFunctions.getAccountData();
var example_account_policy_association = new AccountPolicyAssociation("example-account-policy-association", AccountPolicyAssociationArgs.builder()
.accountId(accountData.applyValue(getAccountDataResult -> getAccountDataResult.currentAccount()))
.defaultNonMandatoryPolicyIds(
"123777",
"123888",
"123999",
"123444",
incapsula_policy.default_acl_policy().id(),
incapsula_policy.default_allowlist_policy().id())
.build());
}
}
resources:
example-account-policy-association:
type: incapsula:AccountPolicyAssociation
properties:
accountId: ${accountData.currentAccount}
defaultNonMandatoryPolicyIds:
- '123777'
- '123888'
- '123999'
- '123444'
- ${incapsula_policy.default_acl_policy.id}
- ${incapsula_policy.default_allowlist_policy.id}
variables:
accountData:
fn::invoke:
function: incapsula:getAccountData
arguments: {}
Basic Usage - Account Policy Association for account after WAF settings are migrated to the WAF RULES policy - default_waf_policy_id is set
import * as pulumi from "@pulumi/pulumi";
import * as incapsula from "@pulumi/incapsula";
const accountData = incapsula.getAccountData({});
const example_account_policy_association = new incapsula.AccountPolicyAssociation("example-account-policy-association", {
accountId: accountData.then(accountData => accountData.currentAccount),
defaultNonMandatoryPolicyIds: [
"123777",
"123888",
"123999",
"123444",
incapsula_policy.default_acl_policy.id,
incapsula_policy.default_allowlist_policy.id,
],
defaultWafPolicyId: "1480033",
});
import pulumi
import pulumi_incapsula as incapsula
account_data = incapsula.get_account_data()
example_account_policy_association = incapsula.AccountPolicyAssociation("example-account-policy-association",
account_id=account_data.current_account,
default_non_mandatory_policy_ids=[
"123777",
"123888",
"123999",
"123444",
incapsula_policy["default_acl_policy"]["id"],
incapsula_policy["default_allowlist_policy"]["id"],
],
default_waf_policy_id="1480033")
package main
import (
"github.com/pulumi/pulumi-terraform-provider/sdks/go/incapsula/v3/incapsula"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
accountData, err := incapsula.GetAccountData(ctx, &incapsula.GetAccountDataArgs{}, nil)
if err != nil {
return err
}
_, err = incapsula.NewAccountPolicyAssociation(ctx, "example-account-policy-association", &incapsula.AccountPolicyAssociationArgs{
AccountId: pulumi.String(accountData.CurrentAccount),
DefaultNonMandatoryPolicyIds: pulumi.StringArray{
pulumi.String("123777"),
pulumi.String("123888"),
pulumi.String("123999"),
pulumi.String("123444"),
incapsula_policy.Default_acl_policy.Id,
incapsula_policy.Default_allowlist_policy.Id,
},
DefaultWafPolicyId: pulumi.String("1480033"),
})
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Incapsula = Pulumi.Incapsula;
return await Deployment.RunAsync(() =>
{
var accountData = Incapsula.GetAccountData.Invoke();
var example_account_policy_association = new Incapsula.AccountPolicyAssociation("example-account-policy-association", new()
{
AccountId = accountData.Apply(getAccountDataResult => getAccountDataResult.CurrentAccount),
DefaultNonMandatoryPolicyIds = new[]
{
"123777",
"123888",
"123999",
"123444",
incapsula_policy.Default_acl_policy.Id,
incapsula_policy.Default_allowlist_policy.Id,
},
DefaultWafPolicyId = "1480033",
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.incapsula.IncapsulaFunctions;
import com.pulumi.incapsula.inputs.GetAccountDataArgs;
import com.pulumi.incapsula.AccountPolicyAssociation;
import com.pulumi.incapsula.AccountPolicyAssociationArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
final var accountData = IncapsulaFunctions.getAccountData();
var example_account_policy_association = new AccountPolicyAssociation("example-account-policy-association", AccountPolicyAssociationArgs.builder()
.accountId(accountData.applyValue(getAccountDataResult -> getAccountDataResult.currentAccount()))
.defaultNonMandatoryPolicyIds(
"123777",
"123888",
"123999",
"123444",
incapsula_policy.default_acl_policy().id(),
incapsula_policy.default_allowlist_policy().id())
.defaultWafPolicyId("1480033")
.build());
}
}
resources:
example-account-policy-association:
type: incapsula:AccountPolicyAssociation
properties:
accountId: ${accountData.currentAccount}
defaultNonMandatoryPolicyIds:
- '123777'
- '123888'
- '123999'
- '123444'
- ${incapsula_policy.default_acl_policy.id}
- ${incapsula_policy.default_allowlist_policy.id}
defaultWafPolicyId: '1480033'
variables:
accountData:
fn::invoke:
function: incapsula:getAccountData
arguments: {}
Destroy
Destroying this resource will cause the following behavior:
- Default WAF policy will remain unchanged
- Default non-mandatory policies will be unset as default
- Availability will remain unchanged unless the resource is pointing to a sub account and managed by the parent account. In that case, availability to all policies except for the WAF policy will be removed.
Create AccountPolicyAssociation Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new AccountPolicyAssociation(name: string, args: AccountPolicyAssociationArgs, opts?: CustomResourceOptions);@overload
def AccountPolicyAssociation(resource_name: str,
args: AccountPolicyAssociationArgs,
opts: Optional[ResourceOptions] = None)
@overload
def AccountPolicyAssociation(resource_name: str,
opts: Optional[ResourceOptions] = None,
account_id: Optional[str] = None,
account_policy_association_id: Optional[str] = None,
available_policy_ids: Optional[str] = None,
default_non_mandatory_policy_ids: Optional[Sequence[str]] = None,
default_waf_policy_id: Optional[str] = None)func NewAccountPolicyAssociation(ctx *Context, name string, args AccountPolicyAssociationArgs, opts ...ResourceOption) (*AccountPolicyAssociation, error)public AccountPolicyAssociation(string name, AccountPolicyAssociationArgs args, CustomResourceOptions? opts = null)
public AccountPolicyAssociation(String name, AccountPolicyAssociationArgs args)
public AccountPolicyAssociation(String name, AccountPolicyAssociationArgs args, CustomResourceOptions options)
type: incapsula:AccountPolicyAssociation
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name string
- The unique name of the resource.
- args AccountPolicyAssociationArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args AccountPolicyAssociationArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args AccountPolicyAssociationArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args AccountPolicyAssociationArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args AccountPolicyAssociationArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Constructor example
The following reference example uses placeholder values for all input properties.
var accountPolicyAssociationResource = new Incapsula.AccountPolicyAssociation("accountPolicyAssociationResource", new()
{
AccountId = "string",
AccountPolicyAssociationId = "string",
AvailablePolicyIds = "string",
DefaultNonMandatoryPolicyIds = new[]
{
"string",
},
DefaultWafPolicyId = "string",
});
example, err := incapsula.NewAccountPolicyAssociation(ctx, "accountPolicyAssociationResource", &incapsula.AccountPolicyAssociationArgs{
AccountId: pulumi.String("string"),
AccountPolicyAssociationId: pulumi.String("string"),
AvailablePolicyIds: pulumi.String("string"),
DefaultNonMandatoryPolicyIds: pulumi.StringArray{
pulumi.String("string"),
},
DefaultWafPolicyId: pulumi.String("string"),
})
var accountPolicyAssociationResource = new AccountPolicyAssociation("accountPolicyAssociationResource", AccountPolicyAssociationArgs.builder()
.accountId("string")
.accountPolicyAssociationId("string")
.availablePolicyIds("string")
.defaultNonMandatoryPolicyIds("string")
.defaultWafPolicyId("string")
.build());
account_policy_association_resource = incapsula.AccountPolicyAssociation("accountPolicyAssociationResource",
account_id="string",
account_policy_association_id="string",
available_policy_ids="string",
default_non_mandatory_policy_ids=["string"],
default_waf_policy_id="string")
const accountPolicyAssociationResource = new incapsula.AccountPolicyAssociation("accountPolicyAssociationResource", {
accountId: "string",
accountPolicyAssociationId: "string",
availablePolicyIds: "string",
defaultNonMandatoryPolicyIds: ["string"],
defaultWafPolicyId: "string",
});
type: incapsula:AccountPolicyAssociation
properties:
accountId: string
accountPolicyAssociationId: string
availablePolicyIds: string
defaultNonMandatoryPolicyIds:
- string
defaultWafPolicyId: string
AccountPolicyAssociation Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.
The AccountPolicyAssociation resource accepts the following input properties:
- Account
Id string - The account to operate on.
- Account
Policy stringAssociation Id - Available
Policy stringIds - Comma separated list of the account’s available policies. These policies can be applied to the websites in the account. e.g. available_policy_ids = format("%s,%s", incapsula_policy.acl1-policy.id, incapsula_policy.waf3-policy.id) Specify this argument only for a parent account trying to update policy availability for its subaccounts. To remove availability for all policies, specify "NO_AVAILABLE_POLICIES".
- Default
Non List<string>Mandatory Policy Ids - This list is currently relevant to Allowlist and ACL policies. More than one policy can be set as default. The default policies can be set for the current account, or if used by users with credentials of the parent account can also be set for sub-accounts. Default setting – empty list. No default policy. Providing an empty list or omitting this argument will clear all the non-mandatory default policies.
- Default
Waf stringPolicy Id - The WAF policy which is set as default for the account. The account can only have 1 such ID. The Default policy will be applied automatically to sites that are created after setting it to default. This default setting can be set for the current account, or if used by users with credentials of the parent account can also be set for sub-accounts. This parameter is MANDATORY for customers that have account level WAF RULES policies enabled. This means that a default WAF RULES policy resource must be created. For customers who were not migrated yet, this parameter should not be set. However, after migration, a WAF RULES policy must be added and set as default. Default setting - None.
- Account
Id string - The account to operate on.
- Account
Policy stringAssociation Id - Available
Policy stringIds - Comma separated list of the account’s available policies. These policies can be applied to the websites in the account. e.g. available_policy_ids = format("%s,%s", incapsula_policy.acl1-policy.id, incapsula_policy.waf3-policy.id) Specify this argument only for a parent account trying to update policy availability for its subaccounts. To remove availability for all policies, specify "NO_AVAILABLE_POLICIES".
- Default
Non []stringMandatory Policy Ids - This list is currently relevant to Allowlist and ACL policies. More than one policy can be set as default. The default policies can be set for the current account, or if used by users with credentials of the parent account can also be set for sub-accounts. Default setting – empty list. No default policy. Providing an empty list or omitting this argument will clear all the non-mandatory default policies.
- Default
Waf stringPolicy Id - The WAF policy which is set as default for the account. The account can only have 1 such ID. The Default policy will be applied automatically to sites that are created after setting it to default. This default setting can be set for the current account, or if used by users with credentials of the parent account can also be set for sub-accounts. This parameter is MANDATORY for customers that have account level WAF RULES policies enabled. This means that a default WAF RULES policy resource must be created. For customers who were not migrated yet, this parameter should not be set. However, after migration, a WAF RULES policy must be added and set as default. Default setting - None.
- account
Id String - The account to operate on.
- account
Policy StringAssociation Id - available
Policy StringIds - Comma separated list of the account’s available policies. These policies can be applied to the websites in the account. e.g. available_policy_ids = format("%s,%s", incapsula_policy.acl1-policy.id, incapsula_policy.waf3-policy.id) Specify this argument only for a parent account trying to update policy availability for its subaccounts. To remove availability for all policies, specify "NO_AVAILABLE_POLICIES".
- default
Non List<String>Mandatory Policy Ids - This list is currently relevant to Allowlist and ACL policies. More than one policy can be set as default. The default policies can be set for the current account, or if used by users with credentials of the parent account can also be set for sub-accounts. Default setting – empty list. No default policy. Providing an empty list or omitting this argument will clear all the non-mandatory default policies.
- default
Waf StringPolicy Id - The WAF policy which is set as default for the account. The account can only have 1 such ID. The Default policy will be applied automatically to sites that are created after setting it to default. This default setting can be set for the current account, or if used by users with credentials of the parent account can also be set for sub-accounts. This parameter is MANDATORY for customers that have account level WAF RULES policies enabled. This means that a default WAF RULES policy resource must be created. For customers who were not migrated yet, this parameter should not be set. However, after migration, a WAF RULES policy must be added and set as default. Default setting - None.
- account
Id string - The account to operate on.
- account
Policy stringAssociation Id - available
Policy stringIds - Comma separated list of the account’s available policies. These policies can be applied to the websites in the account. e.g. available_policy_ids = format("%s,%s", incapsula_policy.acl1-policy.id, incapsula_policy.waf3-policy.id) Specify this argument only for a parent account trying to update policy availability for its subaccounts. To remove availability for all policies, specify "NO_AVAILABLE_POLICIES".
- default
Non string[]Mandatory Policy Ids - This list is currently relevant to Allowlist and ACL policies. More than one policy can be set as default. The default policies can be set for the current account, or if used by users with credentials of the parent account can also be set for sub-accounts. Default setting – empty list. No default policy. Providing an empty list or omitting this argument will clear all the non-mandatory default policies.
- default
Waf stringPolicy Id - The WAF policy which is set as default for the account. The account can only have 1 such ID. The Default policy will be applied automatically to sites that are created after setting it to default. This default setting can be set for the current account, or if used by users with credentials of the parent account can also be set for sub-accounts. This parameter is MANDATORY for customers that have account level WAF RULES policies enabled. This means that a default WAF RULES policy resource must be created. For customers who were not migrated yet, this parameter should not be set. However, after migration, a WAF RULES policy must be added and set as default. Default setting - None.
- account_
id str - The account to operate on.
- account_
policy_ strassociation_ id - available_
policy_ strids - Comma separated list of the account’s available policies. These policies can be applied to the websites in the account. e.g. available_policy_ids = format("%s,%s", incapsula_policy.acl1-policy.id, incapsula_policy.waf3-policy.id) Specify this argument only for a parent account trying to update policy availability for its subaccounts. To remove availability for all policies, specify "NO_AVAILABLE_POLICIES".
- default_
non_ Sequence[str]mandatory_ policy_ ids - This list is currently relevant to Allowlist and ACL policies. More than one policy can be set as default. The default policies can be set for the current account, or if used by users with credentials of the parent account can also be set for sub-accounts. Default setting – empty list. No default policy. Providing an empty list or omitting this argument will clear all the non-mandatory default policies.
- default_
waf_ strpolicy_ id - The WAF policy which is set as default for the account. The account can only have 1 such ID. The Default policy will be applied automatically to sites that are created after setting it to default. This default setting can be set for the current account, or if used by users with credentials of the parent account can also be set for sub-accounts. This parameter is MANDATORY for customers that have account level WAF RULES policies enabled. This means that a default WAF RULES policy resource must be created. For customers who were not migrated yet, this parameter should not be set. However, after migration, a WAF RULES policy must be added and set as default. Default setting - None.
- account
Id String - The account to operate on.
- account
Policy StringAssociation Id - available
Policy StringIds - Comma separated list of the account’s available policies. These policies can be applied to the websites in the account. e.g. available_policy_ids = format("%s,%s", incapsula_policy.acl1-policy.id, incapsula_policy.waf3-policy.id) Specify this argument only for a parent account trying to update policy availability for its subaccounts. To remove availability for all policies, specify "NO_AVAILABLE_POLICIES".
- default
Non List<String>Mandatory Policy Ids - This list is currently relevant to Allowlist and ACL policies. More than one policy can be set as default. The default policies can be set for the current account, or if used by users with credentials of the parent account can also be set for sub-accounts. Default setting – empty list. No default policy. Providing an empty list or omitting this argument will clear all the non-mandatory default policies.
- default
Waf StringPolicy Id - The WAF policy which is set as default for the account. The account can only have 1 such ID. The Default policy will be applied automatically to sites that are created after setting it to default. This default setting can be set for the current account, or if used by users with credentials of the parent account can also be set for sub-accounts. This parameter is MANDATORY for customers that have account level WAF RULES policies enabled. This means that a default WAF RULES policy resource must be created. For customers who were not migrated yet, this parameter should not be set. However, after migration, a WAF RULES policy must be added and set as default. Default setting - None.
Outputs
All input properties are implicitly available as output properties. Additionally, the AccountPolicyAssociation resource produces the following output properties:
- Id string
- The provider-assigned unique ID for this managed resource.
- Id string
- The provider-assigned unique ID for this managed resource.
- id String
- The provider-assigned unique ID for this managed resource.
- id string
- The provider-assigned unique ID for this managed resource.
- id str
- The provider-assigned unique ID for this managed resource.
- id String
- The provider-assigned unique ID for this managed resource.
Look up Existing AccountPolicyAssociation Resource
Get an existing AccountPolicyAssociation resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: AccountPolicyAssociationState, opts?: CustomResourceOptions): AccountPolicyAssociation@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
account_id: Optional[str] = None,
account_policy_association_id: Optional[str] = None,
available_policy_ids: Optional[str] = None,
default_non_mandatory_policy_ids: Optional[Sequence[str]] = None,
default_waf_policy_id: Optional[str] = None) -> AccountPolicyAssociationfunc GetAccountPolicyAssociation(ctx *Context, name string, id IDInput, state *AccountPolicyAssociationState, opts ...ResourceOption) (*AccountPolicyAssociation, error)public static AccountPolicyAssociation Get(string name, Input<string> id, AccountPolicyAssociationState? state, CustomResourceOptions? opts = null)public static AccountPolicyAssociation get(String name, Output<String> id, AccountPolicyAssociationState state, CustomResourceOptions options)resources: _: type: incapsula:AccountPolicyAssociation get: id: ${id}- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- Account
Id string - The account to operate on.
- Account
Policy stringAssociation Id - Available
Policy stringIds - Comma separated list of the account’s available policies. These policies can be applied to the websites in the account. e.g. available_policy_ids = format("%s,%s", incapsula_policy.acl1-policy.id, incapsula_policy.waf3-policy.id) Specify this argument only for a parent account trying to update policy availability for its subaccounts. To remove availability for all policies, specify "NO_AVAILABLE_POLICIES".
- Default
Non List<string>Mandatory Policy Ids - This list is currently relevant to Allowlist and ACL policies. More than one policy can be set as default. The default policies can be set for the current account, or if used by users with credentials of the parent account can also be set for sub-accounts. Default setting – empty list. No default policy. Providing an empty list or omitting this argument will clear all the non-mandatory default policies.
- Default
Waf stringPolicy Id - The WAF policy which is set as default for the account. The account can only have 1 such ID. The Default policy will be applied automatically to sites that are created after setting it to default. This default setting can be set for the current account, or if used by users with credentials of the parent account can also be set for sub-accounts. This parameter is MANDATORY for customers that have account level WAF RULES policies enabled. This means that a default WAF RULES policy resource must be created. For customers who were not migrated yet, this parameter should not be set. However, after migration, a WAF RULES policy must be added and set as default. Default setting - None.
- Account
Id string - The account to operate on.
- Account
Policy stringAssociation Id - Available
Policy stringIds - Comma separated list of the account’s available policies. These policies can be applied to the websites in the account. e.g. available_policy_ids = format("%s,%s", incapsula_policy.acl1-policy.id, incapsula_policy.waf3-policy.id) Specify this argument only for a parent account trying to update policy availability for its subaccounts. To remove availability for all policies, specify "NO_AVAILABLE_POLICIES".
- Default
Non []stringMandatory Policy Ids - This list is currently relevant to Allowlist and ACL policies. More than one policy can be set as default. The default policies can be set for the current account, or if used by users with credentials of the parent account can also be set for sub-accounts. Default setting – empty list. No default policy. Providing an empty list or omitting this argument will clear all the non-mandatory default policies.
- Default
Waf stringPolicy Id - The WAF policy which is set as default for the account. The account can only have 1 such ID. The Default policy will be applied automatically to sites that are created after setting it to default. This default setting can be set for the current account, or if used by users with credentials of the parent account can also be set for sub-accounts. This parameter is MANDATORY for customers that have account level WAF RULES policies enabled. This means that a default WAF RULES policy resource must be created. For customers who were not migrated yet, this parameter should not be set. However, after migration, a WAF RULES policy must be added and set as default. Default setting - None.
- account
Id String - The account to operate on.
- account
Policy StringAssociation Id - available
Policy StringIds - Comma separated list of the account’s available policies. These policies can be applied to the websites in the account. e.g. available_policy_ids = format("%s,%s", incapsula_policy.acl1-policy.id, incapsula_policy.waf3-policy.id) Specify this argument only for a parent account trying to update policy availability for its subaccounts. To remove availability for all policies, specify "NO_AVAILABLE_POLICIES".
- default
Non List<String>Mandatory Policy Ids - This list is currently relevant to Allowlist and ACL policies. More than one policy can be set as default. The default policies can be set for the current account, or if used by users with credentials of the parent account can also be set for sub-accounts. Default setting – empty list. No default policy. Providing an empty list or omitting this argument will clear all the non-mandatory default policies.
- default
Waf StringPolicy Id - The WAF policy which is set as default for the account. The account can only have 1 such ID. The Default policy will be applied automatically to sites that are created after setting it to default. This default setting can be set for the current account, or if used by users with credentials of the parent account can also be set for sub-accounts. This parameter is MANDATORY for customers that have account level WAF RULES policies enabled. This means that a default WAF RULES policy resource must be created. For customers who were not migrated yet, this parameter should not be set. However, after migration, a WAF RULES policy must be added and set as default. Default setting - None.
- account
Id string - The account to operate on.
- account
Policy stringAssociation Id - available
Policy stringIds - Comma separated list of the account’s available policies. These policies can be applied to the websites in the account. e.g. available_policy_ids = format("%s,%s", incapsula_policy.acl1-policy.id, incapsula_policy.waf3-policy.id) Specify this argument only for a parent account trying to update policy availability for its subaccounts. To remove availability for all policies, specify "NO_AVAILABLE_POLICIES".
- default
Non string[]Mandatory Policy Ids - This list is currently relevant to Allowlist and ACL policies. More than one policy can be set as default. The default policies can be set for the current account, or if used by users with credentials of the parent account can also be set for sub-accounts. Default setting – empty list. No default policy. Providing an empty list or omitting this argument will clear all the non-mandatory default policies.
- default
Waf stringPolicy Id - The WAF policy which is set as default for the account. The account can only have 1 such ID. The Default policy will be applied automatically to sites that are created after setting it to default. This default setting can be set for the current account, or if used by users with credentials of the parent account can also be set for sub-accounts. This parameter is MANDATORY for customers that have account level WAF RULES policies enabled. This means that a default WAF RULES policy resource must be created. For customers who were not migrated yet, this parameter should not be set. However, after migration, a WAF RULES policy must be added and set as default. Default setting - None.
- account_
id str - The account to operate on.
- account_
policy_ strassociation_ id - available_
policy_ strids - Comma separated list of the account’s available policies. These policies can be applied to the websites in the account. e.g. available_policy_ids = format("%s,%s", incapsula_policy.acl1-policy.id, incapsula_policy.waf3-policy.id) Specify this argument only for a parent account trying to update policy availability for its subaccounts. To remove availability for all policies, specify "NO_AVAILABLE_POLICIES".
- default_
non_ Sequence[str]mandatory_ policy_ ids - This list is currently relevant to Allowlist and ACL policies. More than one policy can be set as default. The default policies can be set for the current account, or if used by users with credentials of the parent account can also be set for sub-accounts. Default setting – empty list. No default policy. Providing an empty list or omitting this argument will clear all the non-mandatory default policies.
- default_
waf_ strpolicy_ id - The WAF policy which is set as default for the account. The account can only have 1 such ID. The Default policy will be applied automatically to sites that are created after setting it to default. This default setting can be set for the current account, or if used by users with credentials of the parent account can also be set for sub-accounts. This parameter is MANDATORY for customers that have account level WAF RULES policies enabled. This means that a default WAF RULES policy resource must be created. For customers who were not migrated yet, this parameter should not be set. However, after migration, a WAF RULES policy must be added and set as default. Default setting - None.
- account
Id String - The account to operate on.
- account
Policy StringAssociation Id - available
Policy StringIds - Comma separated list of the account’s available policies. These policies can be applied to the websites in the account. e.g. available_policy_ids = format("%s,%s", incapsula_policy.acl1-policy.id, incapsula_policy.waf3-policy.id) Specify this argument only for a parent account trying to update policy availability for its subaccounts. To remove availability for all policies, specify "NO_AVAILABLE_POLICIES".
- default
Non List<String>Mandatory Policy Ids - This list is currently relevant to Allowlist and ACL policies. More than one policy can be set as default. The default policies can be set for the current account, or if used by users with credentials of the parent account can also be set for sub-accounts. Default setting – empty list. No default policy. Providing an empty list or omitting this argument will clear all the non-mandatory default policies.
- default
Waf StringPolicy Id - The WAF policy which is set as default for the account. The account can only have 1 such ID. The Default policy will be applied automatically to sites that are created after setting it to default. This default setting can be set for the current account, or if used by users with credentials of the parent account can also be set for sub-accounts. This parameter is MANDATORY for customers that have account level WAF RULES policies enabled. This means that a default WAF RULES policy resource must be created. For customers who were not migrated yet, this parameter should not be set. However, after migration, a WAF RULES policy must be added and set as default. Default setting - None.
Import
Account Policy Association can be imported using the id (account ID), e.g.:
$ pulumi import incapsula:index/accountPolicyAssociation:AccountPolicyAssociation example-account-policy-association 1234
To learn more about importing existing cloud resources, see Importing resources.
Package Details
- Repository
- incapsula imperva/terraform-provider-incapsula
- License
- Notes
- This Pulumi package is based on the
incapsulaTerraform Provider.
incapsula 3.33.0 published on Wednesday, Apr 30, 2025 by imperva