incapsula 3.33.0, Apr 30 25

incapsula 3.33.0 published on Wednesday, Apr 30, 2025 by imperva

incapsula.WafSecurityRule

Explore with Pulumi AI

incapsula 3.33.0 published on Wednesday, Apr 30, 2025 by imperva

Example Usage

import * as pulumi from "@pulumi/pulumi";
import * as incapsula from "@pulumi/incapsula";

const example_waf_backdoor_rule = new incapsula.WafSecurityRule("example-waf-backdoor-rule", {
    siteId: incapsula_site["example-site"].id,
    ruleId: "api.threats.backdoor",
    securityRuleAction: "api.threats.action.quarantine_url",
});
// (api.threats.action.quarantine_url (default) | api.threats.action.alert | api.threats.action.disabled | api.threats.action.quarantine_url)
const example_waf_bot_access_control_rule = new incapsula.WafSecurityRule("example-waf-bot-access-control-rule", {
    siteId: incapsula_site["example-site"].id,
    ruleId: "api.threats.bot_access_control",
    blockBadBots: "true",
    challengeSuspectedBots: "true",
});
// true | false (optional, default: true)
const example_waf_ddos_rule = new incapsula.WafSecurityRule("example-waf-ddos-rule", {
    siteId: incapsula_site["example-site"].id,
    ruleId: "api.threats.ddos",
    activationMode: "api.threats.ddos.activation_mode.on",
    ddosTrafficThreshold: "5000",
    unknownClientsChallenge: "none",
    blockNonEssentialBots: "false",
});
// true | false (optional, default: false)

import pulumi
import pulumi_incapsula as incapsula

example_waf_backdoor_rule = incapsula.WafSecurityRule("example-waf-backdoor-rule",
    site_id=incapsula_site["example-site"]["id"],
    rule_id="api.threats.backdoor",
    security_rule_action="api.threats.action.quarantine_url")
# (api.threats.action.quarantine_url (default) | api.threats.action.alert | api.threats.action.disabled | api.threats.action.quarantine_url)
example_waf_bot_access_control_rule = incapsula.WafSecurityRule("example-waf-bot-access-control-rule",
    site_id=incapsula_site["example-site"]["id"],
    rule_id="api.threats.bot_access_control",
    block_bad_bots="true",
    challenge_suspected_bots="true")
# true | false (optional, default: true)
example_waf_ddos_rule = incapsula.WafSecurityRule("example-waf-ddos-rule",
    site_id=incapsula_site["example-site"]["id"],
    rule_id="api.threats.ddos",
    activation_mode="api.threats.ddos.activation_mode.on",
    ddos_traffic_threshold="5000",
    unknown_clients_challenge="none",
    block_non_essential_bots="false")
# true | false (optional, default: false)

package main

import (
	"github.com/pulumi/pulumi-terraform-provider/sdks/go/incapsula/v3/incapsula"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := incapsula.NewWafSecurityRule(ctx, "example-waf-backdoor-rule", &incapsula.WafSecurityRuleArgs{
			SiteId:             pulumi.Any(incapsula_site.ExampleSite.Id),
			RuleId:             pulumi.String("api.threats.backdoor"),
			SecurityRuleAction: pulumi.String("api.threats.action.quarantine_url"),
		})
		if err != nil {
			return err
		}
		_, err = incapsula.NewWafSecurityRule(ctx, "example-waf-bot-access-control-rule", &incapsula.WafSecurityRuleArgs{
			SiteId:                 pulumi.Any(incapsula_site.ExampleSite.Id),
			RuleId:                 pulumi.String("api.threats.bot_access_control"),
			BlockBadBots:           pulumi.String("true"),
			ChallengeSuspectedBots: pulumi.String("true"),
		})
		if err != nil {
			return err
		}
		_, err = incapsula.NewWafSecurityRule(ctx, "example-waf-ddos-rule", &incapsula.WafSecurityRuleArgs{
			SiteId:                  pulumi.Any(incapsula_site.ExampleSite.Id),
			RuleId:                  pulumi.String("api.threats.ddos"),
			ActivationMode:          pulumi.String("api.threats.ddos.activation_mode.on"),
			DdosTrafficThreshold:    pulumi.String("5000"),
			UnknownClientsChallenge: pulumi.String("none"),
			BlockNonEssentialBots:   pulumi.String("false"),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Incapsula = Pulumi.Incapsula;

return await Deployment.RunAsync(() => 
{
    var example_waf_backdoor_rule = new Incapsula.WafSecurityRule("example-waf-backdoor-rule", new()
    {
        SiteId = incapsula_site.Example_site.Id,
        RuleId = "api.threats.backdoor",
        SecurityRuleAction = "api.threats.action.quarantine_url",
    });

    // (api.threats.action.quarantine_url (default) | api.threats.action.alert | api.threats.action.disabled | api.threats.action.quarantine_url)
    var example_waf_bot_access_control_rule = new Incapsula.WafSecurityRule("example-waf-bot-access-control-rule", new()
    {
        SiteId = incapsula_site.Example_site.Id,
        RuleId = "api.threats.bot_access_control",
        BlockBadBots = "true",
        ChallengeSuspectedBots = "true",
    });

    // true | false (optional, default: true)
    var example_waf_ddos_rule = new Incapsula.WafSecurityRule("example-waf-ddos-rule", new()
    {
        SiteId = incapsula_site.Example_site.Id,
        RuleId = "api.threats.ddos",
        ActivationMode = "api.threats.ddos.activation_mode.on",
        DdosTrafficThreshold = "5000",
        UnknownClientsChallenge = "none",
        BlockNonEssentialBots = "false",
    });

    // true | false (optional, default: false)
});

package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.incapsula.WafSecurityRule;
import com.pulumi.incapsula.WafSecurityRuleArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        var example_waf_backdoor_rule = new WafSecurityRule("example-waf-backdoor-rule", WafSecurityRuleArgs.builder()
            .siteId(incapsula_site.example-site().id())
            .ruleId("api.threats.backdoor")
            .securityRuleAction("api.threats.action.quarantine_url")
            .build());

        // (api.threats.action.quarantine_url (default) | api.threats.action.alert | api.threats.action.disabled | api.threats.action.quarantine_url)
        var example_waf_bot_access_control_rule = new WafSecurityRule("example-waf-bot-access-control-rule", WafSecurityRuleArgs.builder()
            .siteId(incapsula_site.example-site().id())
            .ruleId("api.threats.bot_access_control")
            .blockBadBots("true")
            .challengeSuspectedBots("true")
            .build());

        // true | false (optional, default: true)
        var example_waf_ddos_rule = new WafSecurityRule("example-waf-ddos-rule", WafSecurityRuleArgs.builder()
            .siteId(incapsula_site.example-site().id())
            .ruleId("api.threats.ddos")
            .activationMode("api.threats.ddos.activation_mode.on")
            .ddosTrafficThreshold("5000")
            .unknownClientsChallenge("none")
            .blockNonEssentialBots("false")
            .build());

        // true | false (optional, default: false)
    }
}

resources:
  example-waf-backdoor-rule:
    type: incapsula:WafSecurityRule
    properties:
      siteId: ${incapsula_site"example-site"[%!s(MISSING)].id}
      ruleId: api.threats.backdoor
      securityRuleAction: api.threats.action.quarantine_url
  example-waf-bot-access-control-rule:
    type: incapsula:WafSecurityRule
    properties:
      siteId: ${incapsula_site"example-site"[%!s(MISSING)].id}
      ruleId: api.threats.bot_access_control
      blockBadBots: 'true'
      # true | false (optional, default: true)
      challengeSuspectedBots: 'true'
  example-waf-ddos-rule:
    type: incapsula:WafSecurityRule
    properties:
      siteId: ${incapsula_site"example-site"[%!s(MISSING)].id}
      ruleId: api.threats.ddos
      activationMode: api.threats.ddos.activation_mode.on
      # (api.threats.ddos.activation_mode.auto | api.threats.ddos.activation_mode.off | api.threats.ddos.activation_mode.on | api.threats.ddos.activation_mode.adaptive)
      ddosTrafficThreshold: '5000'
      # valid values are 10, 20, 50, 100, 200, 500, 750, 1000, 2000, 3000, 4000, 5000
      unknownClientsChallenge: none
      # valid values are none, cookies, javascript, captcha (optional, default: cookies)
      blockNonEssentialBots: 'false'

Create WafSecurityRule Resource

Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.

Constructor syntax

new WafSecurityRule(name: string, args: WafSecurityRuleArgs, opts?: CustomResourceOptions);

@overload
def WafSecurityRule(resource_name: str,
                    args: WafSecurityRuleArgs,
                    opts: Optional[ResourceOptions] = None)

@overload
def WafSecurityRule(resource_name: str,
                    opts: Optional[ResourceOptions] = None,
                    rule_id: Optional[str] = None,
                    site_id: Optional[float] = None,
                    activation_mode: Optional[str] = None,
                    block_bad_bots: Optional[str] = None,
                    block_non_essential_bots: Optional[str] = None,
                    challenge_suspected_bots: Optional[str] = None,
                    ddos_traffic_threshold: Optional[str] = None,
                    security_rule_action: Optional[str] = None,
                    unknown_clients_challenge: Optional[str] = None,
                    waf_security_rule_id: Optional[str] = None)

func NewWafSecurityRule(ctx *Context, name string, args WafSecurityRuleArgs, opts ...ResourceOption) (*WafSecurityRule, error)

public WafSecurityRule(string name, WafSecurityRuleArgs args, CustomResourceOptions? opts = null)

public WafSecurityRule(String name, WafSecurityRuleArgs args)
public WafSecurityRule(String name, WafSecurityRuleArgs args, CustomResourceOptions options)

type: incapsula:WafSecurityRule
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.

Parameters

name string: The unique name of the resource.
args WafSecurityRuleArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

resource_name str: The unique name of the resource.
args WafSecurityRuleArgs: The arguments to resource properties.
opts ResourceOptions: Bag of options to control resource's behavior.

ctx Context: Context object for the current deployment.
name string: The unique name of the resource.
args WafSecurityRuleArgs: The arguments to resource properties.
opts ResourceOption: Bag of options to control resource's behavior.

name string: The unique name of the resource.
args WafSecurityRuleArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

name String: The unique name of the resource.
args WafSecurityRuleArgs: The arguments to resource properties.
options CustomResourceOptions: Bag of options to control resource's behavior.

Constructor example

The following reference example uses placeholder values for all input properties.

var wafSecurityRuleResource = new Incapsula.WafSecurityRule("wafSecurityRuleResource", new()
{
    RuleId = "string",
    SiteId = 0,
    ActivationMode = "string",
    BlockBadBots = "string",
    BlockNonEssentialBots = "string",
    ChallengeSuspectedBots = "string",
    DdosTrafficThreshold = "string",
    SecurityRuleAction = "string",
    UnknownClientsChallenge = "string",
    WafSecurityRuleId = "string",
});

example, err := incapsula.NewWafSecurityRule(ctx, "wafSecurityRuleResource", &incapsula.WafSecurityRuleArgs{
	RuleId:                  pulumi.String("string"),
	SiteId:                  pulumi.Float64(0),
	ActivationMode:          pulumi.String("string"),
	BlockBadBots:            pulumi.String("string"),
	BlockNonEssentialBots:   pulumi.String("string"),
	ChallengeSuspectedBots:  pulumi.String("string"),
	DdosTrafficThreshold:    pulumi.String("string"),
	SecurityRuleAction:      pulumi.String("string"),
	UnknownClientsChallenge: pulumi.String("string"),
	WafSecurityRuleId:       pulumi.String("string"),
})

var wafSecurityRuleResource = new WafSecurityRule("wafSecurityRuleResource", WafSecurityRuleArgs.builder()
    .ruleId("string")
    .siteId(0)
    .activationMode("string")
    .blockBadBots("string")
    .blockNonEssentialBots("string")
    .challengeSuspectedBots("string")
    .ddosTrafficThreshold("string")
    .securityRuleAction("string")
    .unknownClientsChallenge("string")
    .wafSecurityRuleId("string")
    .build());

waf_security_rule_resource = incapsula.WafSecurityRule("wafSecurityRuleResource",
    rule_id="string",
    site_id=0,
    activation_mode="string",
    block_bad_bots="string",
    block_non_essential_bots="string",
    challenge_suspected_bots="string",
    ddos_traffic_threshold="string",
    security_rule_action="string",
    unknown_clients_challenge="string",
    waf_security_rule_id="string")

const wafSecurityRuleResource = new incapsula.WafSecurityRule("wafSecurityRuleResource", {
    ruleId: "string",
    siteId: 0,
    activationMode: "string",
    blockBadBots: "string",
    blockNonEssentialBots: "string",
    challengeSuspectedBots: "string",
    ddosTrafficThreshold: "string",
    securityRuleAction: "string",
    unknownClientsChallenge: "string",
    wafSecurityRuleId: "string",
});

type: incapsula:WafSecurityRule
properties:
    activationMode: string
    blockBadBots: string
    blockNonEssentialBots: string
    challengeSuspectedBots: string
    ddosTrafficThreshold: string
    ruleId: string
    securityRuleAction: string
    siteId: 0
    unknownClientsChallenge: string
    wafSecurityRuleId: string

WafSecurityRule Resource Properties

To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

Inputs

In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.

The WafSecurityRule resource accepts the following input properties:

RuleId string: The identifier of the WAF rule, e.g api.threats.cross_site_scripting.
SiteId double: Numeric identifier of the site to operate on.
ActivationMode string: The mode of activation for ddos on a site. Possible values: api.threats.ddos.activation_mode.off, api.threats.ddos.activation_mode.auto, api.threats.ddos.activation_mode.on, api.threats.ddos.activation_mode.adaptive.
BlockBadBots string: Whether or not to block bad bots. Possible values: true, false.
BlockNonEssentialBots string: If non-essential bots (bots determined to be legitimate by Imperva's client classification mechanism, such as site helpers and search engines) should be blocked or not. This argument is valid for the rule_id api.threats.ddos argument value only. If this argument is not provided, then the value stays as it is in the system. Possible values: true, false
ChallengeSuspectedBots string: Whether or not to send a challenge to clients that are suspected to be bad bots (CAPTCHA for example). Possible values: true, false.
DdosTrafficThreshold string: Consider site to be under DDoS if the request rate is above this threshold. The valid values are 10, 20, 50, 100, 200, 500, 750, 1000, 2000, 3000, 4000, 5000.
SecurityRuleAction string: The action that should be taken when a threat is detected, for example: api.threats.action.block_ip. See above examples for rule_id and action combinations.
UnknownClientsChallenge string: Defines a method used for challenging suspicious bots. This argument is valid for the rule_id api.threats.ddos argument value only. If this argument is not provided, then the value stays as it is in the system. Possible values: none, cookies, javascript, captcha
WafSecurityRuleId string: Unique identifier in the API for the WAF Security Rule.

RuleId string: The identifier of the WAF rule, e.g api.threats.cross_site_scripting.
SiteId float64: Numeric identifier of the site to operate on.
ActivationMode string: The mode of activation for ddos on a site. Possible values: api.threats.ddos.activation_mode.off, api.threats.ddos.activation_mode.auto, api.threats.ddos.activation_mode.on, api.threats.ddos.activation_mode.adaptive.
BlockBadBots string: Whether or not to block bad bots. Possible values: true, false.
BlockNonEssentialBots string: If non-essential bots (bots determined to be legitimate by Imperva's client classification mechanism, such as site helpers and search engines) should be blocked or not. This argument is valid for the rule_id api.threats.ddos argument value only. If this argument is not provided, then the value stays as it is in the system. Possible values: true, false
ChallengeSuspectedBots string: Whether or not to send a challenge to clients that are suspected to be bad bots (CAPTCHA for example). Possible values: true, false.
DdosTrafficThreshold string: Consider site to be under DDoS if the request rate is above this threshold. The valid values are 10, 20, 50, 100, 200, 500, 750, 1000, 2000, 3000, 4000, 5000.
SecurityRuleAction string: The action that should be taken when a threat is detected, for example: api.threats.action.block_ip. See above examples for rule_id and action combinations.
UnknownClientsChallenge string: Defines a method used for challenging suspicious bots. This argument is valid for the rule_id api.threats.ddos argument value only. If this argument is not provided, then the value stays as it is in the system. Possible values: none, cookies, javascript, captcha
WafSecurityRuleId string: Unique identifier in the API for the WAF Security Rule.

ruleId String: The identifier of the WAF rule, e.g api.threats.cross_site_scripting.
siteId Double: Numeric identifier of the site to operate on.
activationMode String: The mode of activation for ddos on a site. Possible values: api.threats.ddos.activation_mode.off, api.threats.ddos.activation_mode.auto, api.threats.ddos.activation_mode.on, api.threats.ddos.activation_mode.adaptive.
blockBadBots String: Whether or not to block bad bots. Possible values: true, false.
blockNonEssentialBots String: If non-essential bots (bots determined to be legitimate by Imperva's client classification mechanism, such as site helpers and search engines) should be blocked or not. This argument is valid for the rule_id api.threats.ddos argument value only. If this argument is not provided, then the value stays as it is in the system. Possible values: true, false
challengeSuspectedBots String: Whether or not to send a challenge to clients that are suspected to be bad bots (CAPTCHA for example). Possible values: true, false.
ddosTrafficThreshold String: Consider site to be under DDoS if the request rate is above this threshold. The valid values are 10, 20, 50, 100, 200, 500, 750, 1000, 2000, 3000, 4000, 5000.
securityRuleAction String: The action that should be taken when a threat is detected, for example: api.threats.action.block_ip. See above examples for rule_id and action combinations.
unknownClientsChallenge String: Defines a method used for challenging suspicious bots. This argument is valid for the rule_id api.threats.ddos argument value only. If this argument is not provided, then the value stays as it is in the system. Possible values: none, cookies, javascript, captcha
wafSecurityRuleId String: Unique identifier in the API for the WAF Security Rule.

ruleId string: The identifier of the WAF rule, e.g api.threats.cross_site_scripting.
siteId number: Numeric identifier of the site to operate on.
activationMode string: The mode of activation for ddos on a site. Possible values: api.threats.ddos.activation_mode.off, api.threats.ddos.activation_mode.auto, api.threats.ddos.activation_mode.on, api.threats.ddos.activation_mode.adaptive.
blockBadBots string: Whether or not to block bad bots. Possible values: true, false.
blockNonEssentialBots string: If non-essential bots (bots determined to be legitimate by Imperva's client classification mechanism, such as site helpers and search engines) should be blocked or not. This argument is valid for the rule_id api.threats.ddos argument value only. If this argument is not provided, then the value stays as it is in the system. Possible values: true, false
challengeSuspectedBots string: Whether or not to send a challenge to clients that are suspected to be bad bots (CAPTCHA for example). Possible values: true, false.
ddosTrafficThreshold string: Consider site to be under DDoS if the request rate is above this threshold. The valid values are 10, 20, 50, 100, 200, 500, 750, 1000, 2000, 3000, 4000, 5000.
securityRuleAction string: The action that should be taken when a threat is detected, for example: api.threats.action.block_ip. See above examples for rule_id and action combinations.
unknownClientsChallenge string: Defines a method used for challenging suspicious bots. This argument is valid for the rule_id api.threats.ddos argument value only. If this argument is not provided, then the value stays as it is in the system. Possible values: none, cookies, javascript, captcha
wafSecurityRuleId string: Unique identifier in the API for the WAF Security Rule.

rule_id str: The identifier of the WAF rule, e.g api.threats.cross_site_scripting.
site_id float: Numeric identifier of the site to operate on.
activation_mode str: The mode of activation for ddos on a site. Possible values: api.threats.ddos.activation_mode.off, api.threats.ddos.activation_mode.auto, api.threats.ddos.activation_mode.on, api.threats.ddos.activation_mode.adaptive.
block_bad_bots str: Whether or not to block bad bots. Possible values: true, false.
block_non_essential_bots str: If non-essential bots (bots determined to be legitimate by Imperva's client classification mechanism, such as site helpers and search engines) should be blocked or not. This argument is valid for the rule_id api.threats.ddos argument value only. If this argument is not provided, then the value stays as it is in the system. Possible values: true, false
challenge_suspected_bots str: Whether or not to send a challenge to clients that are suspected to be bad bots (CAPTCHA for example). Possible values: true, false.
ddos_traffic_threshold str: Consider site to be under DDoS if the request rate is above this threshold. The valid values are 10, 20, 50, 100, 200, 500, 750, 1000, 2000, 3000, 4000, 5000.
security_rule_action str: The action that should be taken when a threat is detected, for example: api.threats.action.block_ip. See above examples for rule_id and action combinations.
unknown_clients_challenge str: Defines a method used for challenging suspicious bots. This argument is valid for the rule_id api.threats.ddos argument value only. If this argument is not provided, then the value stays as it is in the system. Possible values: none, cookies, javascript, captcha
waf_security_rule_id str: Unique identifier in the API for the WAF Security Rule.

ruleId String: The identifier of the WAF rule, e.g api.threats.cross_site_scripting.
siteId Number: Numeric identifier of the site to operate on.
activationMode String: The mode of activation for ddos on a site. Possible values: api.threats.ddos.activation_mode.off, api.threats.ddos.activation_mode.auto, api.threats.ddos.activation_mode.on, api.threats.ddos.activation_mode.adaptive.
blockBadBots String: Whether or not to block bad bots. Possible values: true, false.
blockNonEssentialBots String: If non-essential bots (bots determined to be legitimate by Imperva's client classification mechanism, such as site helpers and search engines) should be blocked or not. This argument is valid for the rule_id api.threats.ddos argument value only. If this argument is not provided, then the value stays as it is in the system. Possible values: true, false
challengeSuspectedBots String: Whether or not to send a challenge to clients that are suspected to be bad bots (CAPTCHA for example). Possible values: true, false.
ddosTrafficThreshold String: Consider site to be under DDoS if the request rate is above this threshold. The valid values are 10, 20, 50, 100, 200, 500, 750, 1000, 2000, 3000, 4000, 5000.
securityRuleAction String: The action that should be taken when a threat is detected, for example: api.threats.action.block_ip. See above examples for rule_id and action combinations.
unknownClientsChallenge String: Defines a method used for challenging suspicious bots. This argument is valid for the rule_id api.threats.ddos argument value only. If this argument is not provided, then the value stays as it is in the system. Possible values: none, cookies, javascript, captcha
wafSecurityRuleId String: Unique identifier in the API for the WAF Security Rule.

Outputs

All input properties are implicitly available as output properties. Additionally, the WafSecurityRule resource produces the following output properties:

Id string: The provider-assigned unique ID for this managed resource.

Id string: The provider-assigned unique ID for this managed resource.

id String: The provider-assigned unique ID for this managed resource.

id string: The provider-assigned unique ID for this managed resource.

id str: The provider-assigned unique ID for this managed resource.

id String: The provider-assigned unique ID for this managed resource.

Look up Existing WafSecurityRule Resource

Get an existing WafSecurityRule resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

public static get(name: string, id: Input<ID>, state?: WafSecurityRuleState, opts?: CustomResourceOptions): WafSecurityRule

@staticmethod
def get(resource_name: str,
        id: str,
        opts: Optional[ResourceOptions] = None,
        activation_mode: Optional[str] = None,
        block_bad_bots: Optional[str] = None,
        block_non_essential_bots: Optional[str] = None,
        challenge_suspected_bots: Optional[str] = None,
        ddos_traffic_threshold: Optional[str] = None,
        rule_id: Optional[str] = None,
        security_rule_action: Optional[str] = None,
        site_id: Optional[float] = None,
        unknown_clients_challenge: Optional[str] = None,
        waf_security_rule_id: Optional[str] = None) -> WafSecurityRule

func GetWafSecurityRule(ctx *Context, name string, id IDInput, state *WafSecurityRuleState, opts ...ResourceOption) (*WafSecurityRule, error)

public static WafSecurityRule Get(string name, Input<string> id, WafSecurityRuleState? state, CustomResourceOptions? opts = null)

public static WafSecurityRule get(String name, Output<String> id, WafSecurityRuleState state, CustomResourceOptions options)

resources:  _:    type: incapsula:WafSecurityRule    get:      id: ${id}

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

resource_name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

The following state arguments are supported:

ActivationMode string: The mode of activation for ddos on a site. Possible values: api.threats.ddos.activation_mode.off, api.threats.ddos.activation_mode.auto, api.threats.ddos.activation_mode.on, api.threats.ddos.activation_mode.adaptive.
BlockBadBots string: Whether or not to block bad bots. Possible values: true, false.
BlockNonEssentialBots string: If non-essential bots (bots determined to be legitimate by Imperva's client classification mechanism, such as site helpers and search engines) should be blocked or not. This argument is valid for the rule_id api.threats.ddos argument value only. If this argument is not provided, then the value stays as it is in the system. Possible values: true, false
ChallengeSuspectedBots string: Whether or not to send a challenge to clients that are suspected to be bad bots (CAPTCHA for example). Possible values: true, false.
DdosTrafficThreshold string: Consider site to be under DDoS if the request rate is above this threshold. The valid values are 10, 20, 50, 100, 200, 500, 750, 1000, 2000, 3000, 4000, 5000.
RuleId string: The identifier of the WAF rule, e.g api.threats.cross_site_scripting.
SecurityRuleAction string: The action that should be taken when a threat is detected, for example: api.threats.action.block_ip. See above examples for rule_id and action combinations.
SiteId double: Numeric identifier of the site to operate on.
UnknownClientsChallenge string: Defines a method used for challenging suspicious bots. This argument is valid for the rule_id api.threats.ddos argument value only. If this argument is not provided, then the value stays as it is in the system. Possible values: none, cookies, javascript, captcha
WafSecurityRuleId string: Unique identifier in the API for the WAF Security Rule.

ActivationMode string: The mode of activation for ddos on a site. Possible values: api.threats.ddos.activation_mode.off, api.threats.ddos.activation_mode.auto, api.threats.ddos.activation_mode.on, api.threats.ddos.activation_mode.adaptive.
BlockBadBots string: Whether or not to block bad bots. Possible values: true, false.
BlockNonEssentialBots string: If non-essential bots (bots determined to be legitimate by Imperva's client classification mechanism, such as site helpers and search engines) should be blocked or not. This argument is valid for the rule_id api.threats.ddos argument value only. If this argument is not provided, then the value stays as it is in the system. Possible values: true, false
ChallengeSuspectedBots string: Whether or not to send a challenge to clients that are suspected to be bad bots (CAPTCHA for example). Possible values: true, false.
DdosTrafficThreshold string: Consider site to be under DDoS if the request rate is above this threshold. The valid values are 10, 20, 50, 100, 200, 500, 750, 1000, 2000, 3000, 4000, 5000.
RuleId string: The identifier of the WAF rule, e.g api.threats.cross_site_scripting.
SecurityRuleAction string: The action that should be taken when a threat is detected, for example: api.threats.action.block_ip. See above examples for rule_id and action combinations.
SiteId float64: Numeric identifier of the site to operate on.
UnknownClientsChallenge string: Defines a method used for challenging suspicious bots. This argument is valid for the rule_id api.threats.ddos argument value only. If this argument is not provided, then the value stays as it is in the system. Possible values: none, cookies, javascript, captcha
WafSecurityRuleId string: Unique identifier in the API for the WAF Security Rule.

activationMode String: The mode of activation for ddos on a site. Possible values: api.threats.ddos.activation_mode.off, api.threats.ddos.activation_mode.auto, api.threats.ddos.activation_mode.on, api.threats.ddos.activation_mode.adaptive.
blockBadBots String: Whether or not to block bad bots. Possible values: true, false.
blockNonEssentialBots String: If non-essential bots (bots determined to be legitimate by Imperva's client classification mechanism, such as site helpers and search engines) should be blocked or not. This argument is valid for the rule_id api.threats.ddos argument value only. If this argument is not provided, then the value stays as it is in the system. Possible values: true, false
challengeSuspectedBots String: Whether or not to send a challenge to clients that are suspected to be bad bots (CAPTCHA for example). Possible values: true, false.
ddosTrafficThreshold String: Consider site to be under DDoS if the request rate is above this threshold. The valid values are 10, 20, 50, 100, 200, 500, 750, 1000, 2000, 3000, 4000, 5000.
ruleId String: The identifier of the WAF rule, e.g api.threats.cross_site_scripting.
securityRuleAction String: The action that should be taken when a threat is detected, for example: api.threats.action.block_ip. See above examples for rule_id and action combinations.
siteId Double: Numeric identifier of the site to operate on.
unknownClientsChallenge String: Defines a method used for challenging suspicious bots. This argument is valid for the rule_id api.threats.ddos argument value only. If this argument is not provided, then the value stays as it is in the system. Possible values: none, cookies, javascript, captcha
wafSecurityRuleId String: Unique identifier in the API for the WAF Security Rule.

activationMode string: The mode of activation for ddos on a site. Possible values: api.threats.ddos.activation_mode.off, api.threats.ddos.activation_mode.auto, api.threats.ddos.activation_mode.on, api.threats.ddos.activation_mode.adaptive.
blockBadBots string: Whether or not to block bad bots. Possible values: true, false.
blockNonEssentialBots string: If non-essential bots (bots determined to be legitimate by Imperva's client classification mechanism, such as site helpers and search engines) should be blocked or not. This argument is valid for the rule_id api.threats.ddos argument value only. If this argument is not provided, then the value stays as it is in the system. Possible values: true, false
challengeSuspectedBots string: Whether or not to send a challenge to clients that are suspected to be bad bots (CAPTCHA for example). Possible values: true, false.
ddosTrafficThreshold string: Consider site to be under DDoS if the request rate is above this threshold. The valid values are 10, 20, 50, 100, 200, 500, 750, 1000, 2000, 3000, 4000, 5000.
ruleId string: The identifier of the WAF rule, e.g api.threats.cross_site_scripting.
securityRuleAction string: The action that should be taken when a threat is detected, for example: api.threats.action.block_ip. See above examples for rule_id and action combinations.
siteId number: Numeric identifier of the site to operate on.
unknownClientsChallenge string: Defines a method used for challenging suspicious bots. This argument is valid for the rule_id api.threats.ddos argument value only. If this argument is not provided, then the value stays as it is in the system. Possible values: none, cookies, javascript, captcha
wafSecurityRuleId string: Unique identifier in the API for the WAF Security Rule.

activation_mode str: The mode of activation for ddos on a site. Possible values: api.threats.ddos.activation_mode.off, api.threats.ddos.activation_mode.auto, api.threats.ddos.activation_mode.on, api.threats.ddos.activation_mode.adaptive.
block_bad_bots str: Whether or not to block bad bots. Possible values: true, false.
block_non_essential_bots str: If non-essential bots (bots determined to be legitimate by Imperva's client classification mechanism, such as site helpers and search engines) should be blocked or not. This argument is valid for the rule_id api.threats.ddos argument value only. If this argument is not provided, then the value stays as it is in the system. Possible values: true, false
challenge_suspected_bots str: Whether or not to send a challenge to clients that are suspected to be bad bots (CAPTCHA for example). Possible values: true, false.
ddos_traffic_threshold str: Consider site to be under DDoS if the request rate is above this threshold. The valid values are 10, 20, 50, 100, 200, 500, 750, 1000, 2000, 3000, 4000, 5000.
rule_id str: The identifier of the WAF rule, e.g api.threats.cross_site_scripting.
security_rule_action str: The action that should be taken when a threat is detected, for example: api.threats.action.block_ip. See above examples for rule_id and action combinations.
site_id float: Numeric identifier of the site to operate on.
unknown_clients_challenge str: Defines a method used for challenging suspicious bots. This argument is valid for the rule_id api.threats.ddos argument value only. If this argument is not provided, then the value stays as it is in the system. Possible values: none, cookies, javascript, captcha
waf_security_rule_id str: Unique identifier in the API for the WAF Security Rule.

activationMode String: The mode of activation for ddos on a site. Possible values: api.threats.ddos.activation_mode.off, api.threats.ddos.activation_mode.auto, api.threats.ddos.activation_mode.on, api.threats.ddos.activation_mode.adaptive.
blockBadBots String: Whether or not to block bad bots. Possible values: true, false.
blockNonEssentialBots String: If non-essential bots (bots determined to be legitimate by Imperva's client classification mechanism, such as site helpers and search engines) should be blocked or not. This argument is valid for the rule_id api.threats.ddos argument value only. If this argument is not provided, then the value stays as it is in the system. Possible values: true, false
challengeSuspectedBots String: Whether or not to send a challenge to clients that are suspected to be bad bots (CAPTCHA for example). Possible values: true, false.
ddosTrafficThreshold String: Consider site to be under DDoS if the request rate is above this threshold. The valid values are 10, 20, 50, 100, 200, 500, 750, 1000, 2000, 3000, 4000, 5000.
ruleId String: The identifier of the WAF rule, e.g api.threats.cross_site_scripting.
securityRuleAction String: The action that should be taken when a threat is detected, for example: api.threats.action.block_ip. See above examples for rule_id and action combinations.
siteId Number: Numeric identifier of the site to operate on.
unknownClientsChallenge String: Defines a method used for challenging suspicious bots. This argument is valid for the rule_id api.threats.ddos argument value only. If this argument is not provided, then the value stays as it is in the system. Possible values: none, cookies, javascript, captcha
wafSecurityRuleId String: Unique identifier in the API for the WAF Security Rule.

Import

Security Rule can be imported using the role site_id and rule_id separated by /, e.g.:

$ pulumi import incapsula:index/wafSecurityRule:WafSecurityRule demo site_id/rule_id

To learn more about importing existing cloud resources, see Importing resources.

Package Details

Repository: incapsula imperva/terraform-provider-incapsula
License
Notes: This Pulumi package is based on the incapsula Terraform Provider.

incapsula 3.33.0 published on Wednesday, Apr 30, 2025 by imperva

imperva/terraform-provider-incapsula

incapsula.WafSecurityRule

On this page

On this page

Example Usage

Create WafSecurityRule Resource

Constructor syntax

Parameters

Constructor example

WafSecurityRule Resource Properties

Inputs

Outputs

Look up Existing WafSecurityRule Resource

Import

Package Details

On this page

On this page