Oracle Cloud Infrastructure

Pulumi Official
Package maintained by Pulumi
v0.1.1 published on Tuesday, May 3, 2022 by Pulumi

getProtectionRules

This data source provides the list of Protection Rules in Oracle Cloud Infrastructure Web Application Acceleration and Security service.

Gets the list of available protection rules for a WAAS policy. Use the GetWafConfig operation to view a list of currently configured protection rules for the Web Application Firewall, or use the ListRecommendations operation to get a list of recommended protection rules for the Web Application Firewall. The list is sorted by key, in ascending order.

Example Usage

using Pulumi;
using Oci = Pulumi.Oci;

class MyStack : Stack
{
    public MyStack()
    {
        var testProtectionRules = Output.Create(Oci.Waas.GetProtectionRules.InvokeAsync(new Oci.Waas.GetProtectionRulesArgs
        {
            WaasPolicyId = oci_waas_waas_policy.Test_waas_policy.Id,
            Actions = @var.Protection_rule_action,
            ModSecurityRuleIds = oci_events_rule.Test_rule.Id,
        }));
    }

}
package main

import (
	"github.com/pulumi/pulumi-oci/sdk/go/oci/Waas"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := Waas.GetProtectionRules(ctx, &waas.GetProtectionRulesArgs{
			WaasPolicyId:       oci_waas_waas_policy.Test_waas_policy.Id,
			Actions:            _var.Protection_rule_action,
			ModSecurityRuleIds: oci_events_rule.Test_rule.Id,
		}, nil)
		if err != nil {
			return err
		}
		return nil
	})
}

Coming soon!

import pulumi
import pulumi_oci as oci

test_protection_rules = oci.Waas.get_protection_rules(waas_policy_id=oci_waas_waas_policy["test_waas_policy"]["id"],
    actions=var["protection_rule_action"],
    mod_security_rule_ids=oci_events_rule["test_rule"]["id"])
import * as pulumi from "@pulumi/pulumi";
import * as oci from "@pulumi/oci";

const testProtectionRules = oci.Waas.getProtectionRules({
    waasPolicyId: oci_waas_waas_policy.test_waas_policy.id,
    actions: _var.protection_rule_action,
    modSecurityRuleIds: oci_events_rule.test_rule.id,
});

Coming soon!

Using getProtectionRules

Two invocation forms are available. The direct form accepts plain arguments and either blocks until the result value is available, or returns a Promise-wrapped result. The output form accepts Input-wrapped arguments and returns an Output-wrapped result.

function getProtectionRules(args: GetProtectionRulesArgs, opts?: InvokeOptions): Promise<GetProtectionRulesResult>
function getProtectionRulesOutput(args: GetProtectionRulesOutputArgs, opts?: InvokeOptions): Output<GetProtectionRulesResult>
def get_protection_rules(actions: Optional[Sequence[str]] = None,
                         filters: Optional[Sequence[_waas.GetProtectionRulesFilter]] = None,
                         mod_security_rule_ids: Optional[Sequence[str]] = None,
                         waas_policy_id: Optional[str] = None,
                         opts: Optional[InvokeOptions] = None) -> GetProtectionRulesResult
def get_protection_rules_output(actions: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
                         filters: Optional[pulumi.Input[Sequence[pulumi.Input[_waas.GetProtectionRulesFilterArgs]]]] = None,
                         mod_security_rule_ids: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
                         waas_policy_id: Optional[pulumi.Input[str]] = None,
                         opts: Optional[InvokeOptions] = None) -> Output[GetProtectionRulesResult]
func GetProtectionRules(ctx *Context, args *GetProtectionRulesArgs, opts ...InvokeOption) (*GetProtectionRulesResult, error)
func GetProtectionRulesOutput(ctx *Context, args *GetProtectionRulesOutputArgs, opts ...InvokeOption) GetProtectionRulesResultOutput

> Note: This function is named GetProtectionRules in the Go SDK.

public static class GetProtectionRules 
{
    public static Task<GetProtectionRulesResult> InvokeAsync(GetProtectionRulesArgs args, InvokeOptions? opts = null)
    public static Output<GetProtectionRulesResult> Invoke(GetProtectionRulesInvokeArgs args, InvokeOptions? opts = null)
}
public static CompletableFuture<GetProtectionRulesResult> getProtectionRules(GetProtectionRulesArgs args, InvokeOptions options)
// Output-based functions aren't available in Java yet
Fn::Invoke:
  Function: oci:Waas/getProtectionRules:getProtectionRules
  Arguments:
    # Arguments dictionary

The following arguments are supported:

WaasPolicyId string

The OCID of the WAAS policy.

Actions List<string>

Filter rules using a list of actions.

Filters List<GetProtectionRulesFilter>
ModSecurityRuleIds List<string>

Filter rules using a list of ModSecurity rule IDs.

WaasPolicyId string

The OCID of the WAAS policy.

Actions []string

Filter rules using a list of actions.

Filters []GetProtectionRulesFilter
ModSecurityRuleIds []string

Filter rules using a list of ModSecurity rule IDs.

waasPolicyId String

The OCID of the WAAS policy.

actions List<String>

Filter rules using a list of actions.

filters List<GetProtectionRulesFilter>
modSecurityRuleIds List<String>

Filter rules using a list of ModSecurity rule IDs.

waasPolicyId string

The OCID of the WAAS policy.

actions string[]

Filter rules using a list of actions.

filters GetProtectionRulesFilter[]
modSecurityRuleIds string[]

Filter rules using a list of ModSecurity rule IDs.

waas_policy_id str

The OCID of the WAAS policy.

actions Sequence[str]

Filter rules using a list of actions.

filters GetProtectionRulesFilter]
mod_security_rule_ids Sequence[str]

Filter rules using a list of ModSecurity rule IDs.

waasPolicyId String

The OCID of the WAAS policy.

actions List<String>

Filter rules using a list of actions.

filters List<Property Map>
modSecurityRuleIds List<String>

Filter rules using a list of ModSecurity rule IDs.

getProtectionRules Result

The following output properties are available:

Id string

The provider-assigned unique ID for this managed resource.

ProtectionRules List<GetProtectionRulesProtectionRule>

The list of protection_rules.

WaasPolicyId string
Actions List<string>

The action to take when the traffic is detected as malicious. If unspecified, defaults to OFF.

Filters List<GetProtectionRulesFilter>
ModSecurityRuleIds List<string>
Id string

The provider-assigned unique ID for this managed resource.

ProtectionRules []GetProtectionRulesProtectionRule

The list of protection_rules.

WaasPolicyId string
Actions []string

The action to take when the traffic is detected as malicious. If unspecified, defaults to OFF.

Filters []GetProtectionRulesFilter
ModSecurityRuleIds []string
id String

The provider-assigned unique ID for this managed resource.

protectionRules List<GetProtectionRulesProtectionRule>

The list of protection_rules.

waasPolicyId String
actions List<String>

The action to take when the traffic is detected as malicious. If unspecified, defaults to OFF.

filters List<GetProtectionRulesFilter>
modSecurityRuleIds List<String>
id string

The provider-assigned unique ID for this managed resource.

protectionRules GetProtectionRulesProtectionRule[]

The list of protection_rules.

waasPolicyId string
actions string[]

The action to take when the traffic is detected as malicious. If unspecified, defaults to OFF.

filters GetProtectionRulesFilter[]
modSecurityRuleIds string[]
id str

The provider-assigned unique ID for this managed resource.

protection_rules GetProtectionRulesProtectionRule]

The list of protection_rules.

waas_policy_id str
actions Sequence[str]

The action to take when the traffic is detected as malicious. If unspecified, defaults to OFF.

filters GetProtectionRulesFilter]
mod_security_rule_ids Sequence[str]
id String

The provider-assigned unique ID for this managed resource.

protectionRules List<Property Map>

The list of protection_rules.

waasPolicyId String
actions List<String>

The action to take when the traffic is detected as malicious. If unspecified, defaults to OFF.

filters List<Property Map>
modSecurityRuleIds List<String>

Supporting Types

GetProtectionRulesFilter

Name string

The name of the protection rule.

Values List<string>
Regex bool
Name string

The name of the protection rule.

Values []string
Regex bool
name String

The name of the protection rule.

values List<String>
regex Boolean
name string

The name of the protection rule.

values string[]
regex boolean
name str

The name of the protection rule.

values Sequence[str]
regex bool
name String

The name of the protection rule.

values List<String>
regex Boolean

GetProtectionRulesProtectionRule

Action string

Filter rules using a list of actions.

Description string

The description of the protection rule.

Exclusions List<GetProtectionRulesProtectionRuleExclusion>

An array of The target property of a request that would allow it to bypass the protection rule. For example, when target is REQUEST_COOKIE_NAMES, the list may include names of cookies to exclude from the protection rule. When the target is ARGS, the list may include strings of URL query parameters and values from form-urlencoded XML, JSON, AMP, or POST payloads to exclude from the protection rule. Exclusions properties must not contain whitespace, comma or |. Note: If protection rules have been enabled that utilize the maxArgumentCount or maxTotalNameLengthOfArguments properties, and the target property has been set to ARGS, it is important that the exclusions properties be defined to honor those protection rule settings in a consistent manner.

Key string

The unique key of the protection rule.

Labels List<string>

The list of labels for the protection rule.

ModSecurityRuleIds List<string>

The list of the ModSecurity rule IDs that apply to this protection rule. For more information about ModSecurity's open source WAF rules, see Mod Security's documentation.

Name string

The name of the protection rule.

WaasPolicyId string

The OCID of the WAAS policy.

Action string

Filter rules using a list of actions.

Description string

The description of the protection rule.

Exclusions []GetProtectionRulesProtectionRuleExclusion

An array of The target property of a request that would allow it to bypass the protection rule. For example, when target is REQUEST_COOKIE_NAMES, the list may include names of cookies to exclude from the protection rule. When the target is ARGS, the list may include strings of URL query parameters and values from form-urlencoded XML, JSON, AMP, or POST payloads to exclude from the protection rule. Exclusions properties must not contain whitespace, comma or |. Note: If protection rules have been enabled that utilize the maxArgumentCount or maxTotalNameLengthOfArguments properties, and the target property has been set to ARGS, it is important that the exclusions properties be defined to honor those protection rule settings in a consistent manner.

Key string

The unique key of the protection rule.

Labels []string

The list of labels for the protection rule.

ModSecurityRuleIds []string

The list of the ModSecurity rule IDs that apply to this protection rule. For more information about ModSecurity's open source WAF rules, see Mod Security's documentation.

Name string

The name of the protection rule.

WaasPolicyId string

The OCID of the WAAS policy.

action String

Filter rules using a list of actions.

description String

The description of the protection rule.

exclusions List<GetProtectionRulesProtectionRuleExclusion>

An array of The target property of a request that would allow it to bypass the protection rule. For example, when target is REQUEST_COOKIE_NAMES, the list may include names of cookies to exclude from the protection rule. When the target is ARGS, the list may include strings of URL query parameters and values from form-urlencoded XML, JSON, AMP, or POST payloads to exclude from the protection rule. Exclusions properties must not contain whitespace, comma or |. Note: If protection rules have been enabled that utilize the maxArgumentCount or maxTotalNameLengthOfArguments properties, and the target property has been set to ARGS, it is important that the exclusions properties be defined to honor those protection rule settings in a consistent manner.

key String

The unique key of the protection rule.

labels List<String>

The list of labels for the protection rule.

modSecurityRuleIds List<String>

The list of the ModSecurity rule IDs that apply to this protection rule. For more information about ModSecurity's open source WAF rules, see Mod Security's documentation.

name String

The name of the protection rule.

waasPolicyId String

The OCID of the WAAS policy.

action string

Filter rules using a list of actions.

description string

The description of the protection rule.

exclusions GetProtectionRulesProtectionRuleExclusion[]

An array of The target property of a request that would allow it to bypass the protection rule. For example, when target is REQUEST_COOKIE_NAMES, the list may include names of cookies to exclude from the protection rule. When the target is ARGS, the list may include strings of URL query parameters and values from form-urlencoded XML, JSON, AMP, or POST payloads to exclude from the protection rule. Exclusions properties must not contain whitespace, comma or |. Note: If protection rules have been enabled that utilize the maxArgumentCount or maxTotalNameLengthOfArguments properties, and the target property has been set to ARGS, it is important that the exclusions properties be defined to honor those protection rule settings in a consistent manner.

key string

The unique key of the protection rule.

labels string[]

The list of labels for the protection rule.

modSecurityRuleIds string[]

The list of the ModSecurity rule IDs that apply to this protection rule. For more information about ModSecurity's open source WAF rules, see Mod Security's documentation.

name string

The name of the protection rule.

waasPolicyId string

The OCID of the WAAS policy.

action str

Filter rules using a list of actions.

description str

The description of the protection rule.

exclusions GetProtectionRulesProtectionRuleExclusion]

An array of The target property of a request that would allow it to bypass the protection rule. For example, when target is REQUEST_COOKIE_NAMES, the list may include names of cookies to exclude from the protection rule. When the target is ARGS, the list may include strings of URL query parameters and values from form-urlencoded XML, JSON, AMP, or POST payloads to exclude from the protection rule. Exclusions properties must not contain whitespace, comma or |. Note: If protection rules have been enabled that utilize the maxArgumentCount or maxTotalNameLengthOfArguments properties, and the target property has been set to ARGS, it is important that the exclusions properties be defined to honor those protection rule settings in a consistent manner.

key str

The unique key of the protection rule.

labels Sequence[str]

The list of labels for the protection rule.

mod_security_rule_ids Sequence[str]

The list of the ModSecurity rule IDs that apply to this protection rule. For more information about ModSecurity's open source WAF rules, see Mod Security's documentation.

name str

The name of the protection rule.

waas_policy_id str

The OCID of the WAAS policy.

action String

Filter rules using a list of actions.

description String

The description of the protection rule.

exclusions List<Property Map>

An array of The target property of a request that would allow it to bypass the protection rule. For example, when target is REQUEST_COOKIE_NAMES, the list may include names of cookies to exclude from the protection rule. When the target is ARGS, the list may include strings of URL query parameters and values from form-urlencoded XML, JSON, AMP, or POST payloads to exclude from the protection rule. Exclusions properties must not contain whitespace, comma or |. Note: If protection rules have been enabled that utilize the maxArgumentCount or maxTotalNameLengthOfArguments properties, and the target property has been set to ARGS, it is important that the exclusions properties be defined to honor those protection rule settings in a consistent manner.

key String

The unique key of the protection rule.

labels List<String>

The list of labels for the protection rule.

modSecurityRuleIds List<String>

The list of the ModSecurity rule IDs that apply to this protection rule. For more information about ModSecurity's open source WAF rules, see Mod Security's documentation.

name String

The name of the protection rule.

waasPolicyId String

The OCID of the WAAS policy.

GetProtectionRulesProtectionRuleExclusion

Exclusions List<string>

An array of The target property of a request that would allow it to bypass the protection rule. For example, when target is REQUEST_COOKIE_NAMES, the list may include names of cookies to exclude from the protection rule. When the target is ARGS, the list may include strings of URL query parameters and values from form-urlencoded XML, JSON, AMP, or POST payloads to exclude from the protection rule. Exclusions properties must not contain whitespace, comma or |. Note: If protection rules have been enabled that utilize the maxArgumentCount or maxTotalNameLengthOfArguments properties, and the target property has been set to ARGS, it is important that the exclusions properties be defined to honor those protection rule settings in a consistent manner.

Target string

The target of the exclusion.

Exclusions []string

An array of The target property of a request that would allow it to bypass the protection rule. For example, when target is REQUEST_COOKIE_NAMES, the list may include names of cookies to exclude from the protection rule. When the target is ARGS, the list may include strings of URL query parameters and values from form-urlencoded XML, JSON, AMP, or POST payloads to exclude from the protection rule. Exclusions properties must not contain whitespace, comma or |. Note: If protection rules have been enabled that utilize the maxArgumentCount or maxTotalNameLengthOfArguments properties, and the target property has been set to ARGS, it is important that the exclusions properties be defined to honor those protection rule settings in a consistent manner.

Target string

The target of the exclusion.

exclusions List<String>

An array of The target property of a request that would allow it to bypass the protection rule. For example, when target is REQUEST_COOKIE_NAMES, the list may include names of cookies to exclude from the protection rule. When the target is ARGS, the list may include strings of URL query parameters and values from form-urlencoded XML, JSON, AMP, or POST payloads to exclude from the protection rule. Exclusions properties must not contain whitespace, comma or |. Note: If protection rules have been enabled that utilize the maxArgumentCount or maxTotalNameLengthOfArguments properties, and the target property has been set to ARGS, it is important that the exclusions properties be defined to honor those protection rule settings in a consistent manner.

target String

The target of the exclusion.

exclusions string[]

An array of The target property of a request that would allow it to bypass the protection rule. For example, when target is REQUEST_COOKIE_NAMES, the list may include names of cookies to exclude from the protection rule. When the target is ARGS, the list may include strings of URL query parameters and values from form-urlencoded XML, JSON, AMP, or POST payloads to exclude from the protection rule. Exclusions properties must not contain whitespace, comma or |. Note: If protection rules have been enabled that utilize the maxArgumentCount or maxTotalNameLengthOfArguments properties, and the target property has been set to ARGS, it is important that the exclusions properties be defined to honor those protection rule settings in a consistent manner.

target string

The target of the exclusion.

exclusions Sequence[str]

An array of The target property of a request that would allow it to bypass the protection rule. For example, when target is REQUEST_COOKIE_NAMES, the list may include names of cookies to exclude from the protection rule. When the target is ARGS, the list may include strings of URL query parameters and values from form-urlencoded XML, JSON, AMP, or POST payloads to exclude from the protection rule. Exclusions properties must not contain whitespace, comma or |. Note: If protection rules have been enabled that utilize the maxArgumentCount or maxTotalNameLengthOfArguments properties, and the target property has been set to ARGS, it is important that the exclusions properties be defined to honor those protection rule settings in a consistent manner.

target str

The target of the exclusion.

exclusions List<String>

An array of The target property of a request that would allow it to bypass the protection rule. For example, when target is REQUEST_COOKIE_NAMES, the list may include names of cookies to exclude from the protection rule. When the target is ARGS, the list may include strings of URL query parameters and values from form-urlencoded XML, JSON, AMP, or POST payloads to exclude from the protection rule. Exclusions properties must not contain whitespace, comma or |. Note: If protection rules have been enabled that utilize the maxArgumentCount or maxTotalNameLengthOfArguments properties, and the target property has been set to ARGS, it is important that the exclusions properties be defined to honor those protection rule settings in a consistent manner.

target String

The target of the exclusion.

Package Details

Repository
https://github.com/pulumi/pulumi-oci
License
Apache-2.0
Notes

This Pulumi package is based on the oci Terraform Provider.