Docs
PackagesOracle Cloud Infrastructure v1.33.0 published on Thursday, Apr 25, 2024 by Pulumi
oci.Waas.getProtectionRules
Explore with Pulumi AI
This data source provides the list of Protection Rules in Oracle Cloud Infrastructure Web Application Acceleration and Security service.
Gets the list of available protection rules for a WAAS policy. Use the GetWafConfig operation to view a list of currently configured protection rules for the Web Application Firewall, or use the ListRecommendations operation to get a list of recommended protection rules for the Web Application Firewall.
The list is sorted by key, in ascending order.
Example Usage
import * as pulumi from "@pulumi/pulumi";
import * as oci from "@pulumi/oci";
const testProtectionRules = oci.Waas.getProtectionRules({
waasPolicyId: testWaasPolicy.id,
actions: protectionRuleAction,
modSecurityRuleIds: testRule.id,
});
import pulumi
import pulumi_oci as oci
test_protection_rules = oci.Waas.get_protection_rules(waas_policy_id=test_waas_policy["id"],
actions=protection_rule_action,
mod_security_rule_ids=test_rule["id"])
package main
import (
"github.com/pulumi/pulumi-oci/sdk/go/oci/Waas"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := Waas.GetProtectionRules(ctx, &waas.GetProtectionRulesArgs{
WaasPolicyId: testWaasPolicy.Id,
Actions: protectionRuleAction,
ModSecurityRuleIds: testRule.Id,
}, nil)
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Oci = Pulumi.Oci;
return await Deployment.RunAsync(() =>
{
var testProtectionRules = Oci.Waas.GetProtectionRules.Invoke(new()
{
WaasPolicyId = testWaasPolicy.Id,
Actions = protectionRuleAction,
ModSecurityRuleIds = testRule.Id,
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.oci.Waas.WaasFunctions;
import com.pulumi.oci.Waas.inputs.GetProtectionRulesArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
final var testProtectionRules = WaasFunctions.getProtectionRules(GetProtectionRulesArgs.builder()
.waasPolicyId(testWaasPolicy.id())
.actions(protectionRuleAction)
.modSecurityRuleIds(testRule.id())
.build());
}
}
variables:
testProtectionRules:
fn::invoke:
Function: oci:Waas:getProtectionRules
Arguments:
waasPolicyId: ${testWaasPolicy.id}
actions: ${protectionRuleAction}
modSecurityRuleIds: ${testRule.id}
Using getProtectionRules
Two invocation forms are available. The direct form accepts plain arguments and either blocks until the result value is available, or returns a Promise-wrapped result. The output form accepts Input-wrapped arguments and returns an Output-wrapped result.
function getProtectionRules(args: GetProtectionRulesArgs, opts?: InvokeOptions): Promise<GetProtectionRulesResult>
function getProtectionRulesOutput(args: GetProtectionRulesOutputArgs, opts?: InvokeOptions): Output<GetProtectionRulesResult>def get_protection_rules(actions: Optional[Sequence[str]] = None,
filters: Optional[Sequence[_waas.GetProtectionRulesFilter]] = None,
mod_security_rule_ids: Optional[Sequence[str]] = None,
waas_policy_id: Optional[str] = None,
opts: Optional[InvokeOptions] = None) -> GetProtectionRulesResult
def get_protection_rules_output(actions: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
filters: Optional[pulumi.Input[Sequence[pulumi.Input[_waas.GetProtectionRulesFilterArgs]]]] = None,
mod_security_rule_ids: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
waas_policy_id: Optional[pulumi.Input[str]] = None,
opts: Optional[InvokeOptions] = None) -> Output[GetProtectionRulesResult]func GetProtectionRules(ctx *Context, args *GetProtectionRulesArgs, opts ...InvokeOption) (*GetProtectionRulesResult, error)
func GetProtectionRulesOutput(ctx *Context, args *GetProtectionRulesOutputArgs, opts ...InvokeOption) GetProtectionRulesResultOutput> Note: This function is named GetProtectionRules in the Go SDK.
public static class GetProtectionRules
{
public static Task<GetProtectionRulesResult> InvokeAsync(GetProtectionRulesArgs args, InvokeOptions? opts = null)
public static Output<GetProtectionRulesResult> Invoke(GetProtectionRulesInvokeArgs args, InvokeOptions? opts = null)
}public static CompletableFuture<GetProtectionRulesResult> getProtectionRules(GetProtectionRulesArgs args, InvokeOptions options)
// Output-based functions aren't available in Java yet
fn::invoke:
function: oci:Waas/getProtectionRules:getProtectionRules
arguments:
# arguments dictionaryThe following arguments are supported:
- Waas
Policy stringId - The OCID of the WAAS policy.
- Actions List<string>
- Filter rules using a list of actions.
- Filters
List<Get
Protection Rules Filter> - Mod
Security List<string>Rule Ids - Filter rules using a list of ModSecurity rule IDs.
- Waas
Policy stringId - The OCID of the WAAS policy.
- Actions []string
- Filter rules using a list of actions.
- Filters
[]Get
Protection Rules Filter - Mod
Security []stringRule Ids - Filter rules using a list of ModSecurity rule IDs.
- waas
Policy StringId - The OCID of the WAAS policy.
- actions List<String>
- Filter rules using a list of actions.
- filters
List<Get
Protection Rules Filter> - mod
Security List<String>Rule Ids - Filter rules using a list of ModSecurity rule IDs.
- waas
Policy stringId - The OCID of the WAAS policy.
- actions string[]
- Filter rules using a list of actions.
- filters
Get
Protection Rules Filter[] - mod
Security string[]Rule Ids - Filter rules using a list of ModSecurity rule IDs.
- waas_
policy_ strid - The OCID of the WAAS policy.
- actions Sequence[str]
- Filter rules using a list of actions.
- filters
Sequence[waas.
Get Protection Rules Filter] - mod_
security_ Sequence[str]rule_ ids - Filter rules using a list of ModSecurity rule IDs.
- waas
Policy StringId - The OCID of the WAAS policy.
- actions List<String>
- Filter rules using a list of actions.
- filters List<Property Map>
- mod
Security List<String>Rule Ids - Filter rules using a list of ModSecurity rule IDs.
getProtectionRules Result
The following output properties are available:
- Id string
- The provider-assigned unique ID for this managed resource.
- Protection
Rules List<GetProtection Rules Protection Rule> - The list of protection_rules.
- Waas
Policy stringId - Actions List<string>
- The action to take when the traffic is detected as malicious. If unspecified, defaults to
OFF. - Filters
List<Get
Protection Rules Filter> - Mod
Security List<string>Rule Ids
- Id string
- The provider-assigned unique ID for this managed resource.
- Protection
Rules []GetProtection Rules Protection Rule - The list of protection_rules.
- Waas
Policy stringId - Actions []string
- The action to take when the traffic is detected as malicious. If unspecified, defaults to
OFF. - Filters
[]Get
Protection Rules Filter - Mod
Security []stringRule Ids
- id String
- The provider-assigned unique ID for this managed resource.
- protection
Rules List<GetProtection Rules Protection Rule> - The list of protection_rules.
- waas
Policy StringId - actions List<String>
- The action to take when the traffic is detected as malicious. If unspecified, defaults to
OFF. - filters
List<Get
Protection Rules Filter> - mod
Security List<String>Rule Ids
- id string
- The provider-assigned unique ID for this managed resource.
- protection
Rules GetProtection Rules Protection Rule[] - The list of protection_rules.
- waas
Policy stringId - actions string[]
- The action to take when the traffic is detected as malicious. If unspecified, defaults to
OFF. - filters
Get
Protection Rules Filter[] - mod
Security string[]Rule Ids
- id str
- The provider-assigned unique ID for this managed resource.
- protection_
rules Sequence[waas.Get Protection Rules Protection Rule] - The list of protection_rules.
- waas_
policy_ strid - actions Sequence[str]
- The action to take when the traffic is detected as malicious. If unspecified, defaults to
OFF. - filters
Sequence[waas.
Get Protection Rules Filter] - mod_
security_ Sequence[str]rule_ ids
- id String
- The provider-assigned unique ID for this managed resource.
- protection
Rules List<Property Map> - The list of protection_rules.
- waas
Policy StringId - actions List<String>
- The action to take when the traffic is detected as malicious. If unspecified, defaults to
OFF. - filters List<Property Map>
- mod
Security List<String>Rule Ids
Supporting Types
GetProtectionRulesFilter
GetProtectionRulesProtectionRule
- Action string
- Filter rules using a list of actions.
- Description string
- The description of the protection rule.
- Exclusions
List<Get
Protection Rules Protection Rule Exclusion> - An array of The target property of a request that would allow it to bypass the protection rule. For example, when
targetisREQUEST_COOKIE_NAMES, the list may include names of cookies to exclude from the protection rule. When the target isARGS, the list may include strings of URL query parameters and values from form-urlencoded XML, JSON, AMP, or POST payloads to exclude from the protection rule.Exclusionsproperties must not contain whitespace, comma or |. Note: If protection rules have been enabled that utilize themaxArgumentCountormaxTotalNameLengthOfArgumentsproperties, and thetargetproperty has been set toARGS, it is important that theexclusionsproperties be defined to honor those protection rule settings in a consistent manner. - Key string
- The unique key of the protection rule.
- Labels List<string>
- The list of labels for the protection rule.
- Mod
Security List<string>Rule Ids - The list of the ModSecurity rule IDs that apply to this protection rule. For more information about ModSecurity's open source WAF rules, see Mod Security's documentation.
- Name string
- The name of the protection rule.
- Waas
Policy stringId - The OCID of the WAAS policy.
- Action string
- Filter rules using a list of actions.
- Description string
- The description of the protection rule.
- Exclusions
[]Get
Protection Rules Protection Rule Exclusion - An array of The target property of a request that would allow it to bypass the protection rule. For example, when
targetisREQUEST_COOKIE_NAMES, the list may include names of cookies to exclude from the protection rule. When the target isARGS, the list may include strings of URL query parameters and values from form-urlencoded XML, JSON, AMP, or POST payloads to exclude from the protection rule.Exclusionsproperties must not contain whitespace, comma or |. Note: If protection rules have been enabled that utilize themaxArgumentCountormaxTotalNameLengthOfArgumentsproperties, and thetargetproperty has been set toARGS, it is important that theexclusionsproperties be defined to honor those protection rule settings in a consistent manner. - Key string
- The unique key of the protection rule.
- Labels []string
- The list of labels for the protection rule.
- Mod
Security []stringRule Ids - The list of the ModSecurity rule IDs that apply to this protection rule. For more information about ModSecurity's open source WAF rules, see Mod Security's documentation.
- Name string
- The name of the protection rule.
- Waas
Policy stringId - The OCID of the WAAS policy.
- action String
- Filter rules using a list of actions.
- description String
- The description of the protection rule.
- exclusions
List<Get
Protection Rules Protection Rule Exclusion> - An array of The target property of a request that would allow it to bypass the protection rule. For example, when
targetisREQUEST_COOKIE_NAMES, the list may include names of cookies to exclude from the protection rule. When the target isARGS, the list may include strings of URL query parameters and values from form-urlencoded XML, JSON, AMP, or POST payloads to exclude from the protection rule.Exclusionsproperties must not contain whitespace, comma or |. Note: If protection rules have been enabled that utilize themaxArgumentCountormaxTotalNameLengthOfArgumentsproperties, and thetargetproperty has been set toARGS, it is important that theexclusionsproperties be defined to honor those protection rule settings in a consistent manner. - key String
- The unique key of the protection rule.
- labels List<String>
- The list of labels for the protection rule.
- mod
Security List<String>Rule Ids - The list of the ModSecurity rule IDs that apply to this protection rule. For more information about ModSecurity's open source WAF rules, see Mod Security's documentation.
- name String
- The name of the protection rule.
- waas
Policy StringId - The OCID of the WAAS policy.
- action string
- Filter rules using a list of actions.
- description string
- The description of the protection rule.
- exclusions
Get
Protection Rules Protection Rule Exclusion[] - An array of The target property of a request that would allow it to bypass the protection rule. For example, when
targetisREQUEST_COOKIE_NAMES, the list may include names of cookies to exclude from the protection rule. When the target isARGS, the list may include strings of URL query parameters and values from form-urlencoded XML, JSON, AMP, or POST payloads to exclude from the protection rule.Exclusionsproperties must not contain whitespace, comma or |. Note: If protection rules have been enabled that utilize themaxArgumentCountormaxTotalNameLengthOfArgumentsproperties, and thetargetproperty has been set toARGS, it is important that theexclusionsproperties be defined to honor those protection rule settings in a consistent manner. - key string
- The unique key of the protection rule.
- labels string[]
- The list of labels for the protection rule.
- mod
Security string[]Rule Ids - The list of the ModSecurity rule IDs that apply to this protection rule. For more information about ModSecurity's open source WAF rules, see Mod Security's documentation.
- name string
- The name of the protection rule.
- waas
Policy stringId - The OCID of the WAAS policy.
- action str
- Filter rules using a list of actions.
- description str
- The description of the protection rule.
- exclusions
Sequence[waas.
Get Protection Rules Protection Rule Exclusion] - An array of The target property of a request that would allow it to bypass the protection rule. For example, when
targetisREQUEST_COOKIE_NAMES, the list may include names of cookies to exclude from the protection rule. When the target isARGS, the list may include strings of URL query parameters and values from form-urlencoded XML, JSON, AMP, or POST payloads to exclude from the protection rule.Exclusionsproperties must not contain whitespace, comma or |. Note: If protection rules have been enabled that utilize themaxArgumentCountormaxTotalNameLengthOfArgumentsproperties, and thetargetproperty has been set toARGS, it is important that theexclusionsproperties be defined to honor those protection rule settings in a consistent manner. - key str
- The unique key of the protection rule.
- labels Sequence[str]
- The list of labels for the protection rule.
- mod_
security_ Sequence[str]rule_ ids - The list of the ModSecurity rule IDs that apply to this protection rule. For more information about ModSecurity's open source WAF rules, see Mod Security's documentation.
- name str
- The name of the protection rule.
- waas_
policy_ strid - The OCID of the WAAS policy.
- action String
- Filter rules using a list of actions.
- description String
- The description of the protection rule.
- exclusions List<Property Map>
- An array of The target property of a request that would allow it to bypass the protection rule. For example, when
targetisREQUEST_COOKIE_NAMES, the list may include names of cookies to exclude from the protection rule. When the target isARGS, the list may include strings of URL query parameters and values from form-urlencoded XML, JSON, AMP, or POST payloads to exclude from the protection rule.Exclusionsproperties must not contain whitespace, comma or |. Note: If protection rules have been enabled that utilize themaxArgumentCountormaxTotalNameLengthOfArgumentsproperties, and thetargetproperty has been set toARGS, it is important that theexclusionsproperties be defined to honor those protection rule settings in a consistent manner. - key String
- The unique key of the protection rule.
- labels List<String>
- The list of labels for the protection rule.
- mod
Security List<String>Rule Ids - The list of the ModSecurity rule IDs that apply to this protection rule. For more information about ModSecurity's open source WAF rules, see Mod Security's documentation.
- name String
- The name of the protection rule.
- waas
Policy StringId - The OCID of the WAAS policy.
GetProtectionRulesProtectionRuleExclusion
- Exclusions List<string>
- An array of The target property of a request that would allow it to bypass the protection rule. For example, when
targetisREQUEST_COOKIE_NAMES, the list may include names of cookies to exclude from the protection rule. When the target isARGS, the list may include strings of URL query parameters and values from form-urlencoded XML, JSON, AMP, or POST payloads to exclude from the protection rule.Exclusionsproperties must not contain whitespace, comma or |. Note: If protection rules have been enabled that utilize themaxArgumentCountormaxTotalNameLengthOfArgumentsproperties, and thetargetproperty has been set toARGS, it is important that theexclusionsproperties be defined to honor those protection rule settings in a consistent manner. - Target string
- The target of the exclusion.
- Exclusions []string
- An array of The target property of a request that would allow it to bypass the protection rule. For example, when
targetisREQUEST_COOKIE_NAMES, the list may include names of cookies to exclude from the protection rule. When the target isARGS, the list may include strings of URL query parameters and values from form-urlencoded XML, JSON, AMP, or POST payloads to exclude from the protection rule.Exclusionsproperties must not contain whitespace, comma or |. Note: If protection rules have been enabled that utilize themaxArgumentCountormaxTotalNameLengthOfArgumentsproperties, and thetargetproperty has been set toARGS, it is important that theexclusionsproperties be defined to honor those protection rule settings in a consistent manner. - Target string
- The target of the exclusion.
- exclusions List<String>
- An array of The target property of a request that would allow it to bypass the protection rule. For example, when
targetisREQUEST_COOKIE_NAMES, the list may include names of cookies to exclude from the protection rule. When the target isARGS, the list may include strings of URL query parameters and values from form-urlencoded XML, JSON, AMP, or POST payloads to exclude from the protection rule.Exclusionsproperties must not contain whitespace, comma or |. Note: If protection rules have been enabled that utilize themaxArgumentCountormaxTotalNameLengthOfArgumentsproperties, and thetargetproperty has been set toARGS, it is important that theexclusionsproperties be defined to honor those protection rule settings in a consistent manner. - target String
- The target of the exclusion.
- exclusions string[]
- An array of The target property of a request that would allow it to bypass the protection rule. For example, when
targetisREQUEST_COOKIE_NAMES, the list may include names of cookies to exclude from the protection rule. When the target isARGS, the list may include strings of URL query parameters and values from form-urlencoded XML, JSON, AMP, or POST payloads to exclude from the protection rule.Exclusionsproperties must not contain whitespace, comma or |. Note: If protection rules have been enabled that utilize themaxArgumentCountormaxTotalNameLengthOfArgumentsproperties, and thetargetproperty has been set toARGS, it is important that theexclusionsproperties be defined to honor those protection rule settings in a consistent manner. - target string
- The target of the exclusion.
- exclusions Sequence[str]
- An array of The target property of a request that would allow it to bypass the protection rule. For example, when
targetisREQUEST_COOKIE_NAMES, the list may include names of cookies to exclude from the protection rule. When the target isARGS, the list may include strings of URL query parameters and values from form-urlencoded XML, JSON, AMP, or POST payloads to exclude from the protection rule.Exclusionsproperties must not contain whitespace, comma or |. Note: If protection rules have been enabled that utilize themaxArgumentCountormaxTotalNameLengthOfArgumentsproperties, and thetargetproperty has been set toARGS, it is important that theexclusionsproperties be defined to honor those protection rule settings in a consistent manner. - target str
- The target of the exclusion.
- exclusions List<String>
- An array of The target property of a request that would allow it to bypass the protection rule. For example, when
targetisREQUEST_COOKIE_NAMES, the list may include names of cookies to exclude from the protection rule. When the target isARGS, the list may include strings of URL query parameters and values from form-urlencoded XML, JSON, AMP, or POST payloads to exclude from the protection rule.Exclusionsproperties must not contain whitespace, comma or |. Note: If protection rules have been enabled that utilize themaxArgumentCountormaxTotalNameLengthOfArgumentsproperties, and thetargetproperty has been set toARGS, it is important that theexclusionsproperties be defined to honor those protection rule settings in a consistent manner. - target String
- The target of the exclusion.
Package Details
- Repository
- oci pulumi/pulumi-oci
- License
- Apache-2.0
- Notes
- This Pulumi package is based on the
ociTerraform Provider.