Oracle Cloud Infrastructure

v0.5.0 published on Monday, Sep 12, 2022 by Pulumi

AppFirewallPolicy

This resource provides the Web App Firewall Policy resource in Oracle Cloud Infrastructure Waf service.

Creates a new WebAppFirewallPolicy.

Example Usage

using System.Collections.Generic;
using Pulumi;
using Oci = Pulumi.Oci;

return await Deployment.RunAsync(() => 
{
    var testWebAppFirewallPolicy = new Oci.Waf.AppFirewallPolicy("testWebAppFirewallPolicy", new()
    {
        CompartmentId = @var.Compartment_id,
        Actions = new[]
        {
            new Oci.Waf.Inputs.AppFirewallPolicyActionArgs
            {
                Name = @var.Web_app_firewall_policy_actions_name,
                Type = @var.Web_app_firewall_policy_actions_type,
                Body = new Oci.Waf.Inputs.AppFirewallPolicyActionBodyArgs
                {
                    Text = @var.Web_app_firewall_policy_actions_body_text,
                    Type = @var.Web_app_firewall_policy_actions_body_type,
                },
                Code = @var.Web_app_firewall_policy_actions_code,
                Headers = new[]
                {
                    new Oci.Waf.Inputs.AppFirewallPolicyActionHeaderArgs
                    {
                        Name = @var.Web_app_firewall_policy_actions_headers_name,
                        Value = @var.Web_app_firewall_policy_actions_headers_value,
                    },
                },
            },
        },
        DefinedTags = 
        {
            { "foo-namespace.bar-key", "value" },
        },
        DisplayName = @var.Web_app_firewall_policy_display_name,
        FreeformTags = 
        {
            { "bar-key", "value" },
        },
        RequestAccessControl = new Oci.Waf.Inputs.AppFirewallPolicyRequestAccessControlArgs
        {
            DefaultActionName = @var.Web_app_firewall_policy_request_access_control_default_action_name,
            Rules = new[]
            {
                new Oci.Waf.Inputs.AppFirewallPolicyRequestAccessControlRuleArgs
                {
                    ActionName = @var.Web_app_firewall_policy_request_access_control_rules_action_name,
                    Name = @var.Web_app_firewall_policy_request_access_control_rules_name,
                    Type = @var.Web_app_firewall_policy_request_access_control_rules_type,
                    Condition = @var.Web_app_firewall_policy_request_access_control_rules_condition,
                    ConditionLanguage = @var.Web_app_firewall_policy_request_access_control_rules_condition_language,
                },
            },
        },
        RequestProtection = new Oci.Waf.Inputs.AppFirewallPolicyRequestProtectionArgs
        {
            BodyInspectionSizeLimitExceededActionName = @var.Web_app_firewall_policy_request_protection_body_inspection_size_limit_exceeded_action_name,
            BodyInspectionSizeLimitInBytes = @var.Web_app_firewall_policy_request_protection_body_inspection_size_limit_in_bytes,
            Rules = new[]
            {
                new Oci.Waf.Inputs.AppFirewallPolicyRequestProtectionRuleArgs
                {
                    ActionName = @var.Web_app_firewall_policy_request_protection_rules_action_name,
                    Name = @var.Web_app_firewall_policy_request_protection_rules_name,
                    ProtectionCapabilities = new[]
                    {
                        new Oci.Waf.Inputs.AppFirewallPolicyRequestProtectionRuleProtectionCapabilityArgs
                        {
                            Key = @var.Web_app_firewall_policy_request_protection_rules_protection_capabilities_key,
                            Version = @var.Web_app_firewall_policy_request_protection_rules_protection_capabilities_version,
                            ActionName = @var.Web_app_firewall_policy_request_protection_rules_protection_capabilities_action_name,
                            CollaborativeActionThreshold = @var.Web_app_firewall_policy_request_protection_rules_protection_capabilities_collaborative_action_threshold,
                            CollaborativeWeights = new[]
                            {
                                new Oci.Waf.Inputs.AppFirewallPolicyRequestProtectionRuleProtectionCapabilityCollaborativeWeightArgs
                                {
                                    Key = @var.Web_app_firewall_policy_request_protection_rules_protection_capabilities_collaborative_weights_key,
                                    Weight = @var.Web_app_firewall_policy_request_protection_rules_protection_capabilities_collaborative_weights_weight,
                                },
                            },
                            Exclusions = new Oci.Waf.Inputs.AppFirewallPolicyRequestProtectionRuleProtectionCapabilityExclusionsArgs
                            {
                                Args = @var.Web_app_firewall_policy_request_protection_rules_protection_capabilities_exclusions_args,
                                RequestCookies = @var.Web_app_firewall_policy_request_protection_rules_protection_capabilities_exclusions_request_cookies,
                            },
                        },
                    },
                    Type = @var.Web_app_firewall_policy_request_protection_rules_type,
                    Condition = @var.Web_app_firewall_policy_request_protection_rules_condition,
                    ConditionLanguage = @var.Web_app_firewall_policy_request_protection_rules_condition_language,
                    IsBodyInspectionEnabled = @var.Web_app_firewall_policy_request_protection_rules_is_body_inspection_enabled,
                    ProtectionCapabilitySettings = new Oci.Waf.Inputs.AppFirewallPolicyRequestProtectionRuleProtectionCapabilitySettingsArgs
                    {
                        AllowedHttpMethods = @var.Web_app_firewall_policy_request_protection_rules_protection_capability_settings_allowed_http_methods,
                        MaxHttpRequestHeaderLength = @var.Web_app_firewall_policy_request_protection_rules_protection_capability_settings_max_http_request_header_length,
                        MaxHttpRequestHeaders = @var.Web_app_firewall_policy_request_protection_rules_protection_capability_settings_max_http_request_headers,
                        MaxNumberOfArguments = @var.Web_app_firewall_policy_request_protection_rules_protection_capability_settings_max_number_of_arguments,
                        MaxSingleArgumentLength = @var.Web_app_firewall_policy_request_protection_rules_protection_capability_settings_max_single_argument_length,
                        MaxTotalArgumentLength = @var.Web_app_firewall_policy_request_protection_rules_protection_capability_settings_max_total_argument_length,
                    },
                },
            },
        },
        RequestRateLimiting = new Oci.Waf.Inputs.AppFirewallPolicyRequestRateLimitingArgs
        {
            Rules = new[]
            {
                new Oci.Waf.Inputs.AppFirewallPolicyRequestRateLimitingRuleArgs
                {
                    ActionName = @var.Web_app_firewall_policy_request_rate_limiting_rules_action_name,
                    Configurations = new[]
                    {
                        new Oci.Waf.Inputs.AppFirewallPolicyRequestRateLimitingRuleConfigurationArgs
                        {
                            PeriodInSeconds = @var.Web_app_firewall_policy_request_rate_limiting_rules_configurations_period_in_seconds,
                            RequestsLimit = @var.Web_app_firewall_policy_request_rate_limiting_rules_configurations_requests_limit,
                            ActionDurationInSeconds = @var.Web_app_firewall_policy_request_rate_limiting_rules_configurations_action_duration_in_seconds,
                        },
                    },
                    Name = @var.Web_app_firewall_policy_request_rate_limiting_rules_name,
                    Type = @var.Web_app_firewall_policy_request_rate_limiting_rules_type,
                    Condition = @var.Web_app_firewall_policy_request_rate_limiting_rules_condition,
                    ConditionLanguage = @var.Web_app_firewall_policy_request_rate_limiting_rules_condition_language,
                },
            },
        },
        ResponseAccessControl = new Oci.Waf.Inputs.AppFirewallPolicyResponseAccessControlArgs
        {
            Rules = new[]
            {
                new Oci.Waf.Inputs.AppFirewallPolicyResponseAccessControlRuleArgs
                {
                    ActionName = @var.Web_app_firewall_policy_response_access_control_rules_action_name,
                    Name = @var.Web_app_firewall_policy_response_access_control_rules_name,
                    Type = @var.Web_app_firewall_policy_response_access_control_rules_type,
                    Condition = @var.Web_app_firewall_policy_response_access_control_rules_condition,
                    ConditionLanguage = @var.Web_app_firewall_policy_response_access_control_rules_condition_language,
                },
            },
        },
        ResponseProtection = new Oci.Waf.Inputs.AppFirewallPolicyResponseProtectionArgs
        {
            Rules = new[]
            {
                new Oci.Waf.Inputs.AppFirewallPolicyResponseProtectionRuleArgs
                {
                    ActionName = @var.Web_app_firewall_policy_response_protection_rules_action_name,
                    Name = @var.Web_app_firewall_policy_response_protection_rules_name,
                    ProtectionCapabilities = new[]
                    {
                        new Oci.Waf.Inputs.AppFirewallPolicyResponseProtectionRuleProtectionCapabilityArgs
                        {
                            Key = @var.Web_app_firewall_policy_response_protection_rules_protection_capabilities_key,
                            Version = @var.Web_app_firewall_policy_response_protection_rules_protection_capabilities_version,
                            ActionName = @var.Web_app_firewall_policy_response_protection_rules_protection_capabilities_action_name,
                            CollaborativeActionThreshold = @var.Web_app_firewall_policy_response_protection_rules_protection_capabilities_collaborative_action_threshold,
                            CollaborativeWeights = new[]
                            {
                                new Oci.Waf.Inputs.AppFirewallPolicyResponseProtectionRuleProtectionCapabilityCollaborativeWeightArgs
                                {
                                    Key = @var.Web_app_firewall_policy_response_protection_rules_protection_capabilities_collaborative_weights_key,
                                    Weight = @var.Web_app_firewall_policy_response_protection_rules_protection_capabilities_collaborative_weights_weight,
                                },
                            },
                            Exclusions = new Oci.Waf.Inputs.AppFirewallPolicyResponseProtectionRuleProtectionCapabilityExclusionsArgs
                            {
                                Args = @var.Web_app_firewall_policy_response_protection_rules_protection_capabilities_exclusions_args,
                                RequestCookies = @var.Web_app_firewall_policy_response_protection_rules_protection_capabilities_exclusions_request_cookies,
                            },
                        },
                    },
                    Type = @var.Web_app_firewall_policy_response_protection_rules_type,
                    Condition = @var.Web_app_firewall_policy_response_protection_rules_condition,
                    ConditionLanguage = @var.Web_app_firewall_policy_response_protection_rules_condition_language,
                    IsBodyInspectionEnabled = @var.Web_app_firewall_policy_response_protection_rules_is_body_inspection_enabled,
                    ProtectionCapabilitySettings = new Oci.Waf.Inputs.AppFirewallPolicyResponseProtectionRuleProtectionCapabilitySettingsArgs
                    {
                        AllowedHttpMethods = @var.Web_app_firewall_policy_response_protection_rules_protection_capability_settings_allowed_http_methods,
                        MaxHttpRequestHeaderLength = @var.Web_app_firewall_policy_response_protection_rules_protection_capability_settings_max_http_request_header_length,
                        MaxHttpRequestHeaders = @var.Web_app_firewall_policy_response_protection_rules_protection_capability_settings_max_http_request_headers,
                        MaxNumberOfArguments = @var.Web_app_firewall_policy_response_protection_rules_protection_capability_settings_max_number_of_arguments,
                        MaxSingleArgumentLength = @var.Web_app_firewall_policy_response_protection_rules_protection_capability_settings_max_single_argument_length,
                        MaxTotalArgumentLength = @var.Web_app_firewall_policy_response_protection_rules_protection_capability_settings_max_total_argument_length,
                    },
                },
            },
        },
        SystemTags = @var.Web_app_firewall_policy_system_tags,
    });

});
package main

import (
	"github.com/pulumi/pulumi-oci/sdk/go/oci/Waf"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := Waf.NewAppFirewallPolicy(ctx, "testWebAppFirewallPolicy", &Waf.AppFirewallPolicyArgs{
			CompartmentId: pulumi.Any(_var.Compartment_id),
			Actions: waf.AppFirewallPolicyActionArray{
				&waf.AppFirewallPolicyActionArgs{
					Name: pulumi.Any(_var.Web_app_firewall_policy_actions_name),
					Type: pulumi.Any(_var.Web_app_firewall_policy_actions_type),
					Body: &waf.AppFirewallPolicyActionBodyArgs{
						Text: pulumi.Any(_var.Web_app_firewall_policy_actions_body_text),
						Type: pulumi.Any(_var.Web_app_firewall_policy_actions_body_type),
					},
					Code: pulumi.Any(_var.Web_app_firewall_policy_actions_code),
					Headers: waf.AppFirewallPolicyActionHeaderArray{
						&waf.AppFirewallPolicyActionHeaderArgs{
							Name:  pulumi.Any(_var.Web_app_firewall_policy_actions_headers_name),
							Value: pulumi.Any(_var.Web_app_firewall_policy_actions_headers_value),
						},
					},
				},
			},
			DefinedTags: pulumi.AnyMap{
				"foo-namespace.bar-key": pulumi.Any("value"),
			},
			DisplayName: pulumi.Any(_var.Web_app_firewall_policy_display_name),
			FreeformTags: pulumi.AnyMap{
				"bar-key": pulumi.Any("value"),
			},
			RequestAccessControl: &waf.AppFirewallPolicyRequestAccessControlArgs{
				DefaultActionName: pulumi.Any(_var.Web_app_firewall_policy_request_access_control_default_action_name),
				Rules: waf.AppFirewallPolicyRequestAccessControlRuleArray{
					&waf.AppFirewallPolicyRequestAccessControlRuleArgs{
						ActionName:        pulumi.Any(_var.Web_app_firewall_policy_request_access_control_rules_action_name),
						Name:              pulumi.Any(_var.Web_app_firewall_policy_request_access_control_rules_name),
						Type:              pulumi.Any(_var.Web_app_firewall_policy_request_access_control_rules_type),
						Condition:         pulumi.Any(_var.Web_app_firewall_policy_request_access_control_rules_condition),
						ConditionLanguage: pulumi.Any(_var.Web_app_firewall_policy_request_access_control_rules_condition_language),
					},
				},
			},
			RequestProtection: &waf.AppFirewallPolicyRequestProtectionArgs{
				BodyInspectionSizeLimitExceededActionName: pulumi.Any(_var.Web_app_firewall_policy_request_protection_body_inspection_size_limit_exceeded_action_name),
				BodyInspectionSizeLimitInBytes:            pulumi.Any(_var.Web_app_firewall_policy_request_protection_body_inspection_size_limit_in_bytes),
				Rules: waf.AppFirewallPolicyRequestProtectionRuleArray{
					&waf.AppFirewallPolicyRequestProtectionRuleArgs{
						ActionName: pulumi.Any(_var.Web_app_firewall_policy_request_protection_rules_action_name),
						Name:       pulumi.Any(_var.Web_app_firewall_policy_request_protection_rules_name),
						ProtectionCapabilities: waf.AppFirewallPolicyRequestProtectionRuleProtectionCapabilityArray{
							&waf.AppFirewallPolicyRequestProtectionRuleProtectionCapabilityArgs{
								Key:                          pulumi.Any(_var.Web_app_firewall_policy_request_protection_rules_protection_capabilities_key),
								Version:                      pulumi.Any(_var.Web_app_firewall_policy_request_protection_rules_protection_capabilities_version),
								ActionName:                   pulumi.Any(_var.Web_app_firewall_policy_request_protection_rules_protection_capabilities_action_name),
								CollaborativeActionThreshold: pulumi.Any(_var.Web_app_firewall_policy_request_protection_rules_protection_capabilities_collaborative_action_threshold),
								CollaborativeWeights: waf.AppFirewallPolicyRequestProtectionRuleProtectionCapabilityCollaborativeWeightArray{
									&waf.AppFirewallPolicyRequestProtectionRuleProtectionCapabilityCollaborativeWeightArgs{
										Key:    pulumi.Any(_var.Web_app_firewall_policy_request_protection_rules_protection_capabilities_collaborative_weights_key),
										Weight: pulumi.Any(_var.Web_app_firewall_policy_request_protection_rules_protection_capabilities_collaborative_weights_weight),
									},
								},
								Exclusions: &waf.AppFirewallPolicyRequestProtectionRuleProtectionCapabilityExclusionsArgs{
									Args:           pulumi.Any(_var.Web_app_firewall_policy_request_protection_rules_protection_capabilities_exclusions_args),
									RequestCookies: pulumi.Any(_var.Web_app_firewall_policy_request_protection_rules_protection_capabilities_exclusions_request_cookies),
								},
							},
						},
						Type:                    pulumi.Any(_var.Web_app_firewall_policy_request_protection_rules_type),
						Condition:               pulumi.Any(_var.Web_app_firewall_policy_request_protection_rules_condition),
						ConditionLanguage:       pulumi.Any(_var.Web_app_firewall_policy_request_protection_rules_condition_language),
						IsBodyInspectionEnabled: pulumi.Any(_var.Web_app_firewall_policy_request_protection_rules_is_body_inspection_enabled),
						ProtectionCapabilitySettings: &waf.AppFirewallPolicyRequestProtectionRuleProtectionCapabilitySettingsArgs{
							AllowedHttpMethods:         pulumi.Any(_var.Web_app_firewall_policy_request_protection_rules_protection_capability_settings_allowed_http_methods),
							MaxHttpRequestHeaderLength: pulumi.Any(_var.Web_app_firewall_policy_request_protection_rules_protection_capability_settings_max_http_request_header_length),
							MaxHttpRequestHeaders:      pulumi.Any(_var.Web_app_firewall_policy_request_protection_rules_protection_capability_settings_max_http_request_headers),
							MaxNumberOfArguments:       pulumi.Any(_var.Web_app_firewall_policy_request_protection_rules_protection_capability_settings_max_number_of_arguments),
							MaxSingleArgumentLength:    pulumi.Any(_var.Web_app_firewall_policy_request_protection_rules_protection_capability_settings_max_single_argument_length),
							MaxTotalArgumentLength:     pulumi.Any(_var.Web_app_firewall_policy_request_protection_rules_protection_capability_settings_max_total_argument_length),
						},
					},
				},
			},
			RequestRateLimiting: &waf.AppFirewallPolicyRequestRateLimitingArgs{
				Rules: waf.AppFirewallPolicyRequestRateLimitingRuleArray{
					&waf.AppFirewallPolicyRequestRateLimitingRuleArgs{
						ActionName: pulumi.Any(_var.Web_app_firewall_policy_request_rate_limiting_rules_action_name),
						Configurations: waf.AppFirewallPolicyRequestRateLimitingRuleConfigurationArray{
							&waf.AppFirewallPolicyRequestRateLimitingRuleConfigurationArgs{
								PeriodInSeconds:         pulumi.Any(_var.Web_app_firewall_policy_request_rate_limiting_rules_configurations_period_in_seconds),
								RequestsLimit:           pulumi.Any(_var.Web_app_firewall_policy_request_rate_limiting_rules_configurations_requests_limit),
								ActionDurationInSeconds: pulumi.Any(_var.Web_app_firewall_policy_request_rate_limiting_rules_configurations_action_duration_in_seconds),
							},
						},
						Name:              pulumi.Any(_var.Web_app_firewall_policy_request_rate_limiting_rules_name),
						Type:              pulumi.Any(_var.Web_app_firewall_policy_request_rate_limiting_rules_type),
						Condition:         pulumi.Any(_var.Web_app_firewall_policy_request_rate_limiting_rules_condition),
						ConditionLanguage: pulumi.Any(_var.Web_app_firewall_policy_request_rate_limiting_rules_condition_language),
					},
				},
			},
			ResponseAccessControl: &waf.AppFirewallPolicyResponseAccessControlArgs{
				Rules: waf.AppFirewallPolicyResponseAccessControlRuleArray{
					&waf.AppFirewallPolicyResponseAccessControlRuleArgs{
						ActionName:        pulumi.Any(_var.Web_app_firewall_policy_response_access_control_rules_action_name),
						Name:              pulumi.Any(_var.Web_app_firewall_policy_response_access_control_rules_name),
						Type:              pulumi.Any(_var.Web_app_firewall_policy_response_access_control_rules_type),
						Condition:         pulumi.Any(_var.Web_app_firewall_policy_response_access_control_rules_condition),
						ConditionLanguage: pulumi.Any(_var.Web_app_firewall_policy_response_access_control_rules_condition_language),
					},
				},
			},
			ResponseProtection: &waf.AppFirewallPolicyResponseProtectionArgs{
				Rules: waf.AppFirewallPolicyResponseProtectionRuleArray{
					&waf.AppFirewallPolicyResponseProtectionRuleArgs{
						ActionName: pulumi.Any(_var.Web_app_firewall_policy_response_protection_rules_action_name),
						Name:       pulumi.Any(_var.Web_app_firewall_policy_response_protection_rules_name),
						ProtectionCapabilities: waf.AppFirewallPolicyResponseProtectionRuleProtectionCapabilityArray{
							&waf.AppFirewallPolicyResponseProtectionRuleProtectionCapabilityArgs{
								Key:                          pulumi.Any(_var.Web_app_firewall_policy_response_protection_rules_protection_capabilities_key),
								Version:                      pulumi.Any(_var.Web_app_firewall_policy_response_protection_rules_protection_capabilities_version),
								ActionName:                   pulumi.Any(_var.Web_app_firewall_policy_response_protection_rules_protection_capabilities_action_name),
								CollaborativeActionThreshold: pulumi.Any(_var.Web_app_firewall_policy_response_protection_rules_protection_capabilities_collaborative_action_threshold),
								CollaborativeWeights: waf.AppFirewallPolicyResponseProtectionRuleProtectionCapabilityCollaborativeWeightArray{
									&waf.AppFirewallPolicyResponseProtectionRuleProtectionCapabilityCollaborativeWeightArgs{
										Key:    pulumi.Any(_var.Web_app_firewall_policy_response_protection_rules_protection_capabilities_collaborative_weights_key),
										Weight: pulumi.Any(_var.Web_app_firewall_policy_response_protection_rules_protection_capabilities_collaborative_weights_weight),
									},
								},
								Exclusions: &waf.AppFirewallPolicyResponseProtectionRuleProtectionCapabilityExclusionsArgs{
									Args:           pulumi.Any(_var.Web_app_firewall_policy_response_protection_rules_protection_capabilities_exclusions_args),
									RequestCookies: pulumi.Any(_var.Web_app_firewall_policy_response_protection_rules_protection_capabilities_exclusions_request_cookies),
								},
							},
						},
						Type:                    pulumi.Any(_var.Web_app_firewall_policy_response_protection_rules_type),
						Condition:               pulumi.Any(_var.Web_app_firewall_policy_response_protection_rules_condition),
						ConditionLanguage:       pulumi.Any(_var.Web_app_firewall_policy_response_protection_rules_condition_language),
						IsBodyInspectionEnabled: pulumi.Any(_var.Web_app_firewall_policy_response_protection_rules_is_body_inspection_enabled),
						ProtectionCapabilitySettings: &waf.AppFirewallPolicyResponseProtectionRuleProtectionCapabilitySettingsArgs{
							AllowedHttpMethods:         pulumi.Any(_var.Web_app_firewall_policy_response_protection_rules_protection_capability_settings_allowed_http_methods),
							MaxHttpRequestHeaderLength: pulumi.Any(_var.Web_app_firewall_policy_response_protection_rules_protection_capability_settings_max_http_request_header_length),
							MaxHttpRequestHeaders:      pulumi.Any(_var.Web_app_firewall_policy_response_protection_rules_protection_capability_settings_max_http_request_headers),
							MaxNumberOfArguments:       pulumi.Any(_var.Web_app_firewall_policy_response_protection_rules_protection_capability_settings_max_number_of_arguments),
							MaxSingleArgumentLength:    pulumi.Any(_var.Web_app_firewall_policy_response_protection_rules_protection_capability_settings_max_single_argument_length),
							MaxTotalArgumentLength:     pulumi.Any(_var.Web_app_firewall_policy_response_protection_rules_protection_capability_settings_max_total_argument_length),
						},
					},
				},
			},
			SystemTags: pulumi.Any(_var.Web_app_firewall_policy_system_tags),
		})
		if err != nil {
			return err
		}
		return nil
	})
}
package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.oci.Waf.AppFirewallPolicy;
import com.pulumi.oci.Waf.AppFirewallPolicyArgs;
import com.pulumi.oci.Waf.inputs.AppFirewallPolicyActionArgs;
import com.pulumi.oci.Waf.inputs.AppFirewallPolicyActionBodyArgs;
import com.pulumi.oci.Waf.inputs.AppFirewallPolicyRequestAccessControlArgs;
import com.pulumi.oci.Waf.inputs.AppFirewallPolicyRequestProtectionArgs;
import com.pulumi.oci.Waf.inputs.AppFirewallPolicyRequestRateLimitingArgs;
import com.pulumi.oci.Waf.inputs.AppFirewallPolicyResponseAccessControlArgs;
import com.pulumi.oci.Waf.inputs.AppFirewallPolicyResponseProtectionArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        var testWebAppFirewallPolicy = new AppFirewallPolicy("testWebAppFirewallPolicy", AppFirewallPolicyArgs.builder()        
            .compartmentId(var_.compartment_id())
            .actions(AppFirewallPolicyActionArgs.builder()
                .name(var_.web_app_firewall_policy_actions_name())
                .type(var_.web_app_firewall_policy_actions_type())
                .body(AppFirewallPolicyActionBodyArgs.builder()
                    .text(var_.web_app_firewall_policy_actions_body_text())
                    .type(var_.web_app_firewall_policy_actions_body_type())
                    .build())
                .code(var_.web_app_firewall_policy_actions_code())
                .headers(AppFirewallPolicyActionHeaderArgs.builder()
                    .name(var_.web_app_firewall_policy_actions_headers_name())
                    .value(var_.web_app_firewall_policy_actions_headers_value())
                    .build())
                .build())
            .definedTags(Map.of("foo-namespace.bar-key", "value"))
            .displayName(var_.web_app_firewall_policy_display_name())
            .freeformTags(Map.of("bar-key", "value"))
            .requestAccessControl(AppFirewallPolicyRequestAccessControlArgs.builder()
                .defaultActionName(var_.web_app_firewall_policy_request_access_control_default_action_name())
                .rules(AppFirewallPolicyRequestAccessControlRuleArgs.builder()
                    .actionName(var_.web_app_firewall_policy_request_access_control_rules_action_name())
                    .name(var_.web_app_firewall_policy_request_access_control_rules_name())
                    .type(var_.web_app_firewall_policy_request_access_control_rules_type())
                    .condition(var_.web_app_firewall_policy_request_access_control_rules_condition())
                    .conditionLanguage(var_.web_app_firewall_policy_request_access_control_rules_condition_language())
                    .build())
                .build())
            .requestProtection(AppFirewallPolicyRequestProtectionArgs.builder()
                .bodyInspectionSizeLimitExceededActionName(var_.web_app_firewall_policy_request_protection_body_inspection_size_limit_exceeded_action_name())
                .bodyInspectionSizeLimitInBytes(var_.web_app_firewall_policy_request_protection_body_inspection_size_limit_in_bytes())
                .rules(AppFirewallPolicyRequestProtectionRuleArgs.builder()
                    .actionName(var_.web_app_firewall_policy_request_protection_rules_action_name())
                    .name(var_.web_app_firewall_policy_request_protection_rules_name())
                    .protectionCapabilities(AppFirewallPolicyRequestProtectionRuleProtectionCapabilityArgs.builder()
                        .key(var_.web_app_firewall_policy_request_protection_rules_protection_capabilities_key())
                        .version(var_.web_app_firewall_policy_request_protection_rules_protection_capabilities_version())
                        .actionName(var_.web_app_firewall_policy_request_protection_rules_protection_capabilities_action_name())
                        .collaborativeActionThreshold(var_.web_app_firewall_policy_request_protection_rules_protection_capabilities_collaborative_action_threshold())
                        .collaborativeWeights(AppFirewallPolicyRequestProtectionRuleProtectionCapabilityCollaborativeWeightArgs.builder()
                            .key(var_.web_app_firewall_policy_request_protection_rules_protection_capabilities_collaborative_weights_key())
                            .weight(var_.web_app_firewall_policy_request_protection_rules_protection_capabilities_collaborative_weights_weight())
                            .build())
                        .exclusions(AppFirewallPolicyRequestProtectionRuleProtectionCapabilityExclusionsArgs.builder()
                            .args(var_.web_app_firewall_policy_request_protection_rules_protection_capabilities_exclusions_args())
                            .requestCookies(var_.web_app_firewall_policy_request_protection_rules_protection_capabilities_exclusions_request_cookies())
                            .build())
                        .build())
                    .type(var_.web_app_firewall_policy_request_protection_rules_type())
                    .condition(var_.web_app_firewall_policy_request_protection_rules_condition())
                    .conditionLanguage(var_.web_app_firewall_policy_request_protection_rules_condition_language())
                    .isBodyInspectionEnabled(var_.web_app_firewall_policy_request_protection_rules_is_body_inspection_enabled())
                    .protectionCapabilitySettings(AppFirewallPolicyRequestProtectionRuleProtectionCapabilitySettingsArgs.builder()
                        .allowedHttpMethods(var_.web_app_firewall_policy_request_protection_rules_protection_capability_settings_allowed_http_methods())
                        .maxHttpRequestHeaderLength(var_.web_app_firewall_policy_request_protection_rules_protection_capability_settings_max_http_request_header_length())
                        .maxHttpRequestHeaders(var_.web_app_firewall_policy_request_protection_rules_protection_capability_settings_max_http_request_headers())
                        .maxNumberOfArguments(var_.web_app_firewall_policy_request_protection_rules_protection_capability_settings_max_number_of_arguments())
                        .maxSingleArgumentLength(var_.web_app_firewall_policy_request_protection_rules_protection_capability_settings_max_single_argument_length())
                        .maxTotalArgumentLength(var_.web_app_firewall_policy_request_protection_rules_protection_capability_settings_max_total_argument_length())
                        .build())
                    .build())
                .build())
            .requestRateLimiting(AppFirewallPolicyRequestRateLimitingArgs.builder()
                .rules(AppFirewallPolicyRequestRateLimitingRuleArgs.builder()
                    .actionName(var_.web_app_firewall_policy_request_rate_limiting_rules_action_name())
                    .configurations(AppFirewallPolicyRequestRateLimitingRuleConfigurationArgs.builder()
                        .periodInSeconds(var_.web_app_firewall_policy_request_rate_limiting_rules_configurations_period_in_seconds())
                        .requestsLimit(var_.web_app_firewall_policy_request_rate_limiting_rules_configurations_requests_limit())
                        .actionDurationInSeconds(var_.web_app_firewall_policy_request_rate_limiting_rules_configurations_action_duration_in_seconds())
                        .build())
                    .name(var_.web_app_firewall_policy_request_rate_limiting_rules_name())
                    .type(var_.web_app_firewall_policy_request_rate_limiting_rules_type())
                    .condition(var_.web_app_firewall_policy_request_rate_limiting_rules_condition())
                    .conditionLanguage(var_.web_app_firewall_policy_request_rate_limiting_rules_condition_language())
                    .build())
                .build())
            .responseAccessControl(AppFirewallPolicyResponseAccessControlArgs.builder()
                .rules(AppFirewallPolicyResponseAccessControlRuleArgs.builder()
                    .actionName(var_.web_app_firewall_policy_response_access_control_rules_action_name())
                    .name(var_.web_app_firewall_policy_response_access_control_rules_name())
                    .type(var_.web_app_firewall_policy_response_access_control_rules_type())
                    .condition(var_.web_app_firewall_policy_response_access_control_rules_condition())
                    .conditionLanguage(var_.web_app_firewall_policy_response_access_control_rules_condition_language())
                    .build())
                .build())
            .responseProtection(AppFirewallPolicyResponseProtectionArgs.builder()
                .rules(AppFirewallPolicyResponseProtectionRuleArgs.builder()
                    .actionName(var_.web_app_firewall_policy_response_protection_rules_action_name())
                    .name(var_.web_app_firewall_policy_response_protection_rules_name())
                    .protectionCapabilities(AppFirewallPolicyResponseProtectionRuleProtectionCapabilityArgs.builder()
                        .key(var_.web_app_firewall_policy_response_protection_rules_protection_capabilities_key())
                        .version(var_.web_app_firewall_policy_response_protection_rules_protection_capabilities_version())
                        .actionName(var_.web_app_firewall_policy_response_protection_rules_protection_capabilities_action_name())
                        .collaborativeActionThreshold(var_.web_app_firewall_policy_response_protection_rules_protection_capabilities_collaborative_action_threshold())
                        .collaborativeWeights(AppFirewallPolicyResponseProtectionRuleProtectionCapabilityCollaborativeWeightArgs.builder()
                            .key(var_.web_app_firewall_policy_response_protection_rules_protection_capabilities_collaborative_weights_key())
                            .weight(var_.web_app_firewall_policy_response_protection_rules_protection_capabilities_collaborative_weights_weight())
                            .build())
                        .exclusions(AppFirewallPolicyResponseProtectionRuleProtectionCapabilityExclusionsArgs.builder()
                            .args(var_.web_app_firewall_policy_response_protection_rules_protection_capabilities_exclusions_args())
                            .requestCookies(var_.web_app_firewall_policy_response_protection_rules_protection_capabilities_exclusions_request_cookies())
                            .build())
                        .build())
                    .type(var_.web_app_firewall_policy_response_protection_rules_type())
                    .condition(var_.web_app_firewall_policy_response_protection_rules_condition())
                    .conditionLanguage(var_.web_app_firewall_policy_response_protection_rules_condition_language())
                    .isBodyInspectionEnabled(var_.web_app_firewall_policy_response_protection_rules_is_body_inspection_enabled())
                    .protectionCapabilitySettings(AppFirewallPolicyResponseProtectionRuleProtectionCapabilitySettingsArgs.builder()
                        .allowedHttpMethods(var_.web_app_firewall_policy_response_protection_rules_protection_capability_settings_allowed_http_methods())
                        .maxHttpRequestHeaderLength(var_.web_app_firewall_policy_response_protection_rules_protection_capability_settings_max_http_request_header_length())
                        .maxHttpRequestHeaders(var_.web_app_firewall_policy_response_protection_rules_protection_capability_settings_max_http_request_headers())
                        .maxNumberOfArguments(var_.web_app_firewall_policy_response_protection_rules_protection_capability_settings_max_number_of_arguments())
                        .maxSingleArgumentLength(var_.web_app_firewall_policy_response_protection_rules_protection_capability_settings_max_single_argument_length())
                        .maxTotalArgumentLength(var_.web_app_firewall_policy_response_protection_rules_protection_capability_settings_max_total_argument_length())
                        .build())
                    .build())
                .build())
            .systemTags(var_.web_app_firewall_policy_system_tags())
            .build());

    }
}
import pulumi
import pulumi_oci as oci

test_web_app_firewall_policy = oci.waf.AppFirewallPolicy("testWebAppFirewallPolicy",
    compartment_id=var["compartment_id"],
    actions=[oci.waf.AppFirewallPolicyActionArgs(
        name=var["web_app_firewall_policy_actions_name"],
        type=var["web_app_firewall_policy_actions_type"],
        body=oci.waf.AppFirewallPolicyActionBodyArgs(
            text=var["web_app_firewall_policy_actions_body_text"],
            type=var["web_app_firewall_policy_actions_body_type"],
        ),
        code=var["web_app_firewall_policy_actions_code"],
        headers=[oci.waf.AppFirewallPolicyActionHeaderArgs(
            name=var["web_app_firewall_policy_actions_headers_name"],
            value=var["web_app_firewall_policy_actions_headers_value"],
        )],
    )],
    defined_tags={
        "foo-namespace.bar-key": "value",
    },
    display_name=var["web_app_firewall_policy_display_name"],
    freeform_tags={
        "bar-key": "value",
    },
    request_access_control=oci.waf.AppFirewallPolicyRequestAccessControlArgs(
        default_action_name=var["web_app_firewall_policy_request_access_control_default_action_name"],
        rules=[oci.waf.AppFirewallPolicyRequestAccessControlRuleArgs(
            action_name=var["web_app_firewall_policy_request_access_control_rules_action_name"],
            name=var["web_app_firewall_policy_request_access_control_rules_name"],
            type=var["web_app_firewall_policy_request_access_control_rules_type"],
            condition=var["web_app_firewall_policy_request_access_control_rules_condition"],
            condition_language=var["web_app_firewall_policy_request_access_control_rules_condition_language"],
        )],
    ),
    request_protection=oci.waf.AppFirewallPolicyRequestProtectionArgs(
        body_inspection_size_limit_exceeded_action_name=var["web_app_firewall_policy_request_protection_body_inspection_size_limit_exceeded_action_name"],
        body_inspection_size_limit_in_bytes=var["web_app_firewall_policy_request_protection_body_inspection_size_limit_in_bytes"],
        rules=[oci.waf.AppFirewallPolicyRequestProtectionRuleArgs(
            action_name=var["web_app_firewall_policy_request_protection_rules_action_name"],
            name=var["web_app_firewall_policy_request_protection_rules_name"],
            protection_capabilities=[oci.waf.AppFirewallPolicyRequestProtectionRuleProtectionCapabilityArgs(
                key=var["web_app_firewall_policy_request_protection_rules_protection_capabilities_key"],
                version=var["web_app_firewall_policy_request_protection_rules_protection_capabilities_version"],
                action_name=var["web_app_firewall_policy_request_protection_rules_protection_capabilities_action_name"],
                collaborative_action_threshold=var["web_app_firewall_policy_request_protection_rules_protection_capabilities_collaborative_action_threshold"],
                collaborative_weights=[oci.waf.AppFirewallPolicyRequestProtectionRuleProtectionCapabilityCollaborativeWeightArgs(
                    key=var["web_app_firewall_policy_request_protection_rules_protection_capabilities_collaborative_weights_key"],
                    weight=var["web_app_firewall_policy_request_protection_rules_protection_capabilities_collaborative_weights_weight"],
                )],
                exclusions=oci.waf.AppFirewallPolicyRequestProtectionRuleProtectionCapabilityExclusionsArgs(
                    args=var["web_app_firewall_policy_request_protection_rules_protection_capabilities_exclusions_args"],
                    request_cookies=var["web_app_firewall_policy_request_protection_rules_protection_capabilities_exclusions_request_cookies"],
                ),
            )],
            type=var["web_app_firewall_policy_request_protection_rules_type"],
            condition=var["web_app_firewall_policy_request_protection_rules_condition"],
            condition_language=var["web_app_firewall_policy_request_protection_rules_condition_language"],
            is_body_inspection_enabled=var["web_app_firewall_policy_request_protection_rules_is_body_inspection_enabled"],
            protection_capability_settings=oci.waf.AppFirewallPolicyRequestProtectionRuleProtectionCapabilitySettingsArgs(
                allowed_http_methods=var["web_app_firewall_policy_request_protection_rules_protection_capability_settings_allowed_http_methods"],
                max_http_request_header_length=var["web_app_firewall_policy_request_protection_rules_protection_capability_settings_max_http_request_header_length"],
                max_http_request_headers=var["web_app_firewall_policy_request_protection_rules_protection_capability_settings_max_http_request_headers"],
                max_number_of_arguments=var["web_app_firewall_policy_request_protection_rules_protection_capability_settings_max_number_of_arguments"],
                max_single_argument_length=var["web_app_firewall_policy_request_protection_rules_protection_capability_settings_max_single_argument_length"],
                max_total_argument_length=var["web_app_firewall_policy_request_protection_rules_protection_capability_settings_max_total_argument_length"],
            ),
        )],
    ),
    request_rate_limiting=oci.waf.AppFirewallPolicyRequestRateLimitingArgs(
        rules=[oci.waf.AppFirewallPolicyRequestRateLimitingRuleArgs(
            action_name=var["web_app_firewall_policy_request_rate_limiting_rules_action_name"],
            configurations=[oci.waf.AppFirewallPolicyRequestRateLimitingRuleConfigurationArgs(
                period_in_seconds=var["web_app_firewall_policy_request_rate_limiting_rules_configurations_period_in_seconds"],
                requests_limit=var["web_app_firewall_policy_request_rate_limiting_rules_configurations_requests_limit"],
                action_duration_in_seconds=var["web_app_firewall_policy_request_rate_limiting_rules_configurations_action_duration_in_seconds"],
            )],
            name=var["web_app_firewall_policy_request_rate_limiting_rules_name"],
            type=var["web_app_firewall_policy_request_rate_limiting_rules_type"],
            condition=var["web_app_firewall_policy_request_rate_limiting_rules_condition"],
            condition_language=var["web_app_firewall_policy_request_rate_limiting_rules_condition_language"],
        )],
    ),
    response_access_control=oci.waf.AppFirewallPolicyResponseAccessControlArgs(
        rules=[oci.waf.AppFirewallPolicyResponseAccessControlRuleArgs(
            action_name=var["web_app_firewall_policy_response_access_control_rules_action_name"],
            name=var["web_app_firewall_policy_response_access_control_rules_name"],
            type=var["web_app_firewall_policy_response_access_control_rules_type"],
            condition=var["web_app_firewall_policy_response_access_control_rules_condition"],
            condition_language=var["web_app_firewall_policy_response_access_control_rules_condition_language"],
        )],
    ),
    response_protection=oci.waf.AppFirewallPolicyResponseProtectionArgs(
        rules=[oci.waf.AppFirewallPolicyResponseProtectionRuleArgs(
            action_name=var["web_app_firewall_policy_response_protection_rules_action_name"],
            name=var["web_app_firewall_policy_response_protection_rules_name"],
            protection_capabilities=[oci.waf.AppFirewallPolicyResponseProtectionRuleProtectionCapabilityArgs(
                key=var["web_app_firewall_policy_response_protection_rules_protection_capabilities_key"],
                version=var["web_app_firewall_policy_response_protection_rules_protection_capabilities_version"],
                action_name=var["web_app_firewall_policy_response_protection_rules_protection_capabilities_action_name"],
                collaborative_action_threshold=var["web_app_firewall_policy_response_protection_rules_protection_capabilities_collaborative_action_threshold"],
                collaborative_weights=[oci.waf.AppFirewallPolicyResponseProtectionRuleProtectionCapabilityCollaborativeWeightArgs(
                    key=var["web_app_firewall_policy_response_protection_rules_protection_capabilities_collaborative_weights_key"],
                    weight=var["web_app_firewall_policy_response_protection_rules_protection_capabilities_collaborative_weights_weight"],
                )],
                exclusions=oci.waf.AppFirewallPolicyResponseProtectionRuleProtectionCapabilityExclusionsArgs(
                    args=var["web_app_firewall_policy_response_protection_rules_protection_capabilities_exclusions_args"],
                    request_cookies=var["web_app_firewall_policy_response_protection_rules_protection_capabilities_exclusions_request_cookies"],
                ),
            )],
            type=var["web_app_firewall_policy_response_protection_rules_type"],
            condition=var["web_app_firewall_policy_response_protection_rules_condition"],
            condition_language=var["web_app_firewall_policy_response_protection_rules_condition_language"],
            is_body_inspection_enabled=var["web_app_firewall_policy_response_protection_rules_is_body_inspection_enabled"],
            protection_capability_settings=oci.waf.AppFirewallPolicyResponseProtectionRuleProtectionCapabilitySettingsArgs(
                allowed_http_methods=var["web_app_firewall_policy_response_protection_rules_protection_capability_settings_allowed_http_methods"],
                max_http_request_header_length=var["web_app_firewall_policy_response_protection_rules_protection_capability_settings_max_http_request_header_length"],
                max_http_request_headers=var["web_app_firewall_policy_response_protection_rules_protection_capability_settings_max_http_request_headers"],
                max_number_of_arguments=var["web_app_firewall_policy_response_protection_rules_protection_capability_settings_max_number_of_arguments"],
                max_single_argument_length=var["web_app_firewall_policy_response_protection_rules_protection_capability_settings_max_single_argument_length"],
                max_total_argument_length=var["web_app_firewall_policy_response_protection_rules_protection_capability_settings_max_total_argument_length"],
            ),
        )],
    ),
    system_tags=var["web_app_firewall_policy_system_tags"])
import * as pulumi from "@pulumi/pulumi";
import * as oci from "@pulumi/oci";

const testWebAppFirewallPolicy = new oci.waf.AppFirewallPolicy("testWebAppFirewallPolicy", {
    compartmentId: _var.compartment_id,
    actions: [{
        name: _var.web_app_firewall_policy_actions_name,
        type: _var.web_app_firewall_policy_actions_type,
        body: {
            text: _var.web_app_firewall_policy_actions_body_text,
            type: _var.web_app_firewall_policy_actions_body_type,
        },
        code: _var.web_app_firewall_policy_actions_code,
        headers: [{
            name: _var.web_app_firewall_policy_actions_headers_name,
            value: _var.web_app_firewall_policy_actions_headers_value,
        }],
    }],
    definedTags: {
        "foo-namespace.bar-key": "value",
    },
    displayName: _var.web_app_firewall_policy_display_name,
    freeformTags: {
        "bar-key": "value",
    },
    requestAccessControl: {
        defaultActionName: _var.web_app_firewall_policy_request_access_control_default_action_name,
        rules: [{
            actionName: _var.web_app_firewall_policy_request_access_control_rules_action_name,
            name: _var.web_app_firewall_policy_request_access_control_rules_name,
            type: _var.web_app_firewall_policy_request_access_control_rules_type,
            condition: _var.web_app_firewall_policy_request_access_control_rules_condition,
            conditionLanguage: _var.web_app_firewall_policy_request_access_control_rules_condition_language,
        }],
    },
    requestProtection: {
        bodyInspectionSizeLimitExceededActionName: _var.web_app_firewall_policy_request_protection_body_inspection_size_limit_exceeded_action_name,
        bodyInspectionSizeLimitInBytes: _var.web_app_firewall_policy_request_protection_body_inspection_size_limit_in_bytes,
        rules: [{
            actionName: _var.web_app_firewall_policy_request_protection_rules_action_name,
            name: _var.web_app_firewall_policy_request_protection_rules_name,
            protectionCapabilities: [{
                key: _var.web_app_firewall_policy_request_protection_rules_protection_capabilities_key,
                version: _var.web_app_firewall_policy_request_protection_rules_protection_capabilities_version,
                actionName: _var.web_app_firewall_policy_request_protection_rules_protection_capabilities_action_name,
                collaborativeActionThreshold: _var.web_app_firewall_policy_request_protection_rules_protection_capabilities_collaborative_action_threshold,
                collaborativeWeights: [{
                    key: _var.web_app_firewall_policy_request_protection_rules_protection_capabilities_collaborative_weights_key,
                    weight: _var.web_app_firewall_policy_request_protection_rules_protection_capabilities_collaborative_weights_weight,
                }],
                exclusions: {
                    args: _var.web_app_firewall_policy_request_protection_rules_protection_capabilities_exclusions_args,
                    requestCookies: _var.web_app_firewall_policy_request_protection_rules_protection_capabilities_exclusions_request_cookies,
                },
            }],
            type: _var.web_app_firewall_policy_request_protection_rules_type,
            condition: _var.web_app_firewall_policy_request_protection_rules_condition,
            conditionLanguage: _var.web_app_firewall_policy_request_protection_rules_condition_language,
            isBodyInspectionEnabled: _var.web_app_firewall_policy_request_protection_rules_is_body_inspection_enabled,
            protectionCapabilitySettings: {
                allowedHttpMethods: _var.web_app_firewall_policy_request_protection_rules_protection_capability_settings_allowed_http_methods,
                maxHttpRequestHeaderLength: _var.web_app_firewall_policy_request_protection_rules_protection_capability_settings_max_http_request_header_length,
                maxHttpRequestHeaders: _var.web_app_firewall_policy_request_protection_rules_protection_capability_settings_max_http_request_headers,
                maxNumberOfArguments: _var.web_app_firewall_policy_request_protection_rules_protection_capability_settings_max_number_of_arguments,
                maxSingleArgumentLength: _var.web_app_firewall_policy_request_protection_rules_protection_capability_settings_max_single_argument_length,
                maxTotalArgumentLength: _var.web_app_firewall_policy_request_protection_rules_protection_capability_settings_max_total_argument_length,
            },
        }],
    },
    requestRateLimiting: {
        rules: [{
            actionName: _var.web_app_firewall_policy_request_rate_limiting_rules_action_name,
            configurations: [{
                periodInSeconds: _var.web_app_firewall_policy_request_rate_limiting_rules_configurations_period_in_seconds,
                requestsLimit: _var.web_app_firewall_policy_request_rate_limiting_rules_configurations_requests_limit,
                actionDurationInSeconds: _var.web_app_firewall_policy_request_rate_limiting_rules_configurations_action_duration_in_seconds,
            }],
            name: _var.web_app_firewall_policy_request_rate_limiting_rules_name,
            type: _var.web_app_firewall_policy_request_rate_limiting_rules_type,
            condition: _var.web_app_firewall_policy_request_rate_limiting_rules_condition,
            conditionLanguage: _var.web_app_firewall_policy_request_rate_limiting_rules_condition_language,
        }],
    },
    responseAccessControl: {
        rules: [{
            actionName: _var.web_app_firewall_policy_response_access_control_rules_action_name,
            name: _var.web_app_firewall_policy_response_access_control_rules_name,
            type: _var.web_app_firewall_policy_response_access_control_rules_type,
            condition: _var.web_app_firewall_policy_response_access_control_rules_condition,
            conditionLanguage: _var.web_app_firewall_policy_response_access_control_rules_condition_language,
        }],
    },
    responseProtection: {
        rules: [{
            actionName: _var.web_app_firewall_policy_response_protection_rules_action_name,
            name: _var.web_app_firewall_policy_response_protection_rules_name,
            protectionCapabilities: [{
                key: _var.web_app_firewall_policy_response_protection_rules_protection_capabilities_key,
                version: _var.web_app_firewall_policy_response_protection_rules_protection_capabilities_version,
                actionName: _var.web_app_firewall_policy_response_protection_rules_protection_capabilities_action_name,
                collaborativeActionThreshold: _var.web_app_firewall_policy_response_protection_rules_protection_capabilities_collaborative_action_threshold,
                collaborativeWeights: [{
                    key: _var.web_app_firewall_policy_response_protection_rules_protection_capabilities_collaborative_weights_key,
                    weight: _var.web_app_firewall_policy_response_protection_rules_protection_capabilities_collaborative_weights_weight,
                }],
                exclusions: {
                    args: _var.web_app_firewall_policy_response_protection_rules_protection_capabilities_exclusions_args,
                    requestCookies: _var.web_app_firewall_policy_response_protection_rules_protection_capabilities_exclusions_request_cookies,
                },
            }],
            type: _var.web_app_firewall_policy_response_protection_rules_type,
            condition: _var.web_app_firewall_policy_response_protection_rules_condition,
            conditionLanguage: _var.web_app_firewall_policy_response_protection_rules_condition_language,
            isBodyInspectionEnabled: _var.web_app_firewall_policy_response_protection_rules_is_body_inspection_enabled,
            protectionCapabilitySettings: {
                allowedHttpMethods: _var.web_app_firewall_policy_response_protection_rules_protection_capability_settings_allowed_http_methods,
                maxHttpRequestHeaderLength: _var.web_app_firewall_policy_response_protection_rules_protection_capability_settings_max_http_request_header_length,
                maxHttpRequestHeaders: _var.web_app_firewall_policy_response_protection_rules_protection_capability_settings_max_http_request_headers,
                maxNumberOfArguments: _var.web_app_firewall_policy_response_protection_rules_protection_capability_settings_max_number_of_arguments,
                maxSingleArgumentLength: _var.web_app_firewall_policy_response_protection_rules_protection_capability_settings_max_single_argument_length,
                maxTotalArgumentLength: _var.web_app_firewall_policy_response_protection_rules_protection_capability_settings_max_total_argument_length,
            },
        }],
    },
    systemTags: _var.web_app_firewall_policy_system_tags,
});
resources:
  testWebAppFirewallPolicy:
    type: oci:Waf:AppFirewallPolicy
    properties:
      #Required
      compartmentId: ${var.compartment_id}
      #Optional
      actions:
        - name: ${var.web_app_firewall_policy_actions_name}
          type: ${var.web_app_firewall_policy_actions_type}
          body:
            text: ${var.web_app_firewall_policy_actions_body_text}
            type: ${var.web_app_firewall_policy_actions_body_type}
          code: ${var.web_app_firewall_policy_actions_code}
          headers:
            - name: ${var.web_app_firewall_policy_actions_headers_name}
              value: ${var.web_app_firewall_policy_actions_headers_value}
      definedTags:
        foo-namespace.bar-key: value
      displayName: ${var.web_app_firewall_policy_display_name}
      freeformTags:
        bar-key: value
      requestAccessControl:
        defaultActionName: ${var.web_app_firewall_policy_request_access_control_default_action_name}
        rules:
          - actionName: ${var.web_app_firewall_policy_request_access_control_rules_action_name}
            name: ${var.web_app_firewall_policy_request_access_control_rules_name}
            type: ${var.web_app_firewall_policy_request_access_control_rules_type}
            condition: ${var.web_app_firewall_policy_request_access_control_rules_condition}
            conditionLanguage: ${var.web_app_firewall_policy_request_access_control_rules_condition_language}
      requestProtection:
        bodyInspectionSizeLimitExceededActionName: ${var.web_app_firewall_policy_request_protection_body_inspection_size_limit_exceeded_action_name}
        bodyInspectionSizeLimitInBytes: ${var.web_app_firewall_policy_request_protection_body_inspection_size_limit_in_bytes}
        rules:
          - actionName: ${var.web_app_firewall_policy_request_protection_rules_action_name}
            name: ${var.web_app_firewall_policy_request_protection_rules_name}
            protectionCapabilities:
              - key: ${var.web_app_firewall_policy_request_protection_rules_protection_capabilities_key}
                version: ${var.web_app_firewall_policy_request_protection_rules_protection_capabilities_version}
                actionName: ${var.web_app_firewall_policy_request_protection_rules_protection_capabilities_action_name}
                collaborativeActionThreshold: ${var.web_app_firewall_policy_request_protection_rules_protection_capabilities_collaborative_action_threshold}
                collaborativeWeights:
                  - key: ${var.web_app_firewall_policy_request_protection_rules_protection_capabilities_collaborative_weights_key}
                    weight: ${var.web_app_firewall_policy_request_protection_rules_protection_capabilities_collaborative_weights_weight}
                exclusions:
                  args: ${var.web_app_firewall_policy_request_protection_rules_protection_capabilities_exclusions_args}
                  requestCookies: ${var.web_app_firewall_policy_request_protection_rules_protection_capabilities_exclusions_request_cookies}
            type: ${var.web_app_firewall_policy_request_protection_rules_type}
            condition: ${var.web_app_firewall_policy_request_protection_rules_condition}
            conditionLanguage: ${var.web_app_firewall_policy_request_protection_rules_condition_language}
            isBodyInspectionEnabled: ${var.web_app_firewall_policy_request_protection_rules_is_body_inspection_enabled}
            protectionCapabilitySettings:
              allowedHttpMethods: ${var.web_app_firewall_policy_request_protection_rules_protection_capability_settings_allowed_http_methods}
              maxHttpRequestHeaderLength: ${var.web_app_firewall_policy_request_protection_rules_protection_capability_settings_max_http_request_header_length}
              maxHttpRequestHeaders: ${var.web_app_firewall_policy_request_protection_rules_protection_capability_settings_max_http_request_headers}
              maxNumberOfArguments: ${var.web_app_firewall_policy_request_protection_rules_protection_capability_settings_max_number_of_arguments}
              maxSingleArgumentLength: ${var.web_app_firewall_policy_request_protection_rules_protection_capability_settings_max_single_argument_length}
              maxTotalArgumentLength: ${var.web_app_firewall_policy_request_protection_rules_protection_capability_settings_max_total_argument_length}
      requestRateLimiting:
        rules:
          - actionName: ${var.web_app_firewall_policy_request_rate_limiting_rules_action_name}
            configurations:
              - periodInSeconds: ${var.web_app_firewall_policy_request_rate_limiting_rules_configurations_period_in_seconds}
                requestsLimit: ${var.web_app_firewall_policy_request_rate_limiting_rules_configurations_requests_limit}
                actionDurationInSeconds: ${var.web_app_firewall_policy_request_rate_limiting_rules_configurations_action_duration_in_seconds}
            name: ${var.web_app_firewall_policy_request_rate_limiting_rules_name}
            type: ${var.web_app_firewall_policy_request_rate_limiting_rules_type}
            condition: ${var.web_app_firewall_policy_request_rate_limiting_rules_condition}
            conditionLanguage: ${var.web_app_firewall_policy_request_rate_limiting_rules_condition_language}
      responseAccessControl:
        rules:
          - actionName: ${var.web_app_firewall_policy_response_access_control_rules_action_name}
            name: ${var.web_app_firewall_policy_response_access_control_rules_name}
            type: ${var.web_app_firewall_policy_response_access_control_rules_type}
            condition: ${var.web_app_firewall_policy_response_access_control_rules_condition}
            conditionLanguage: ${var.web_app_firewall_policy_response_access_control_rules_condition_language}
      responseProtection:
        rules:
          - actionName: ${var.web_app_firewall_policy_response_protection_rules_action_name}
            name: ${var.web_app_firewall_policy_response_protection_rules_name}
            protectionCapabilities:
              - key: ${var.web_app_firewall_policy_response_protection_rules_protection_capabilities_key}
                version: ${var.web_app_firewall_policy_response_protection_rules_protection_capabilities_version}
                actionName: ${var.web_app_firewall_policy_response_protection_rules_protection_capabilities_action_name}
                collaborativeActionThreshold: ${var.web_app_firewall_policy_response_protection_rules_protection_capabilities_collaborative_action_threshold}
                collaborativeWeights:
                  - key: ${var.web_app_firewall_policy_response_protection_rules_protection_capabilities_collaborative_weights_key}
                    weight: ${var.web_app_firewall_policy_response_protection_rules_protection_capabilities_collaborative_weights_weight}
                exclusions:
                  args: ${var.web_app_firewall_policy_response_protection_rules_protection_capabilities_exclusions_args}
                  requestCookies: ${var.web_app_firewall_policy_response_protection_rules_protection_capabilities_exclusions_request_cookies}
            type: ${var.web_app_firewall_policy_response_protection_rules_type}
            condition: ${var.web_app_firewall_policy_response_protection_rules_condition}
            conditionLanguage: ${var.web_app_firewall_policy_response_protection_rules_condition_language}
            isBodyInspectionEnabled: ${var.web_app_firewall_policy_response_protection_rules_is_body_inspection_enabled}
            protectionCapabilitySettings:
              allowedHttpMethods: ${var.web_app_firewall_policy_response_protection_rules_protection_capability_settings_allowed_http_methods}
              maxHttpRequestHeaderLength: ${var.web_app_firewall_policy_response_protection_rules_protection_capability_settings_max_http_request_header_length}
              maxHttpRequestHeaders: ${var.web_app_firewall_policy_response_protection_rules_protection_capability_settings_max_http_request_headers}
              maxNumberOfArguments: ${var.web_app_firewall_policy_response_protection_rules_protection_capability_settings_max_number_of_arguments}
              maxSingleArgumentLength: ${var.web_app_firewall_policy_response_protection_rules_protection_capability_settings_max_single_argument_length}
              maxTotalArgumentLength: ${var.web_app_firewall_policy_response_protection_rules_protection_capability_settings_max_total_argument_length}
      systemTags: ${var.web_app_firewall_policy_system_tags}

Create a AppFirewallPolicy Resource

new AppFirewallPolicy(name: string, args: AppFirewallPolicyArgs, opts?: CustomResourceOptions);
@overload
def AppFirewallPolicy(resource_name: str,
                      opts: Optional[ResourceOptions] = None,
                      actions: Optional[Sequence[_waf.AppFirewallPolicyActionArgs]] = None,
                      compartment_id: Optional[str] = None,
                      defined_tags: Optional[Mapping[str, Any]] = None,
                      display_name: Optional[str] = None,
                      freeform_tags: Optional[Mapping[str, Any]] = None,
                      request_access_control: Optional[_waf.AppFirewallPolicyRequestAccessControlArgs] = None,
                      request_protection: Optional[_waf.AppFirewallPolicyRequestProtectionArgs] = None,
                      request_rate_limiting: Optional[_waf.AppFirewallPolicyRequestRateLimitingArgs] = None,
                      response_access_control: Optional[_waf.AppFirewallPolicyResponseAccessControlArgs] = None,
                      response_protection: Optional[_waf.AppFirewallPolicyResponseProtectionArgs] = None,
                      system_tags: Optional[Mapping[str, Any]] = None)
@overload
def AppFirewallPolicy(resource_name: str,
                      args: AppFirewallPolicyArgs,
                      opts: Optional[ResourceOptions] = None)
func NewAppFirewallPolicy(ctx *Context, name string, args AppFirewallPolicyArgs, opts ...ResourceOption) (*AppFirewallPolicy, error)
public AppFirewallPolicy(string name, AppFirewallPolicyArgs args, CustomResourceOptions? opts = null)
public AppFirewallPolicy(String name, AppFirewallPolicyArgs args)
public AppFirewallPolicy(String name, AppFirewallPolicyArgs args, CustomResourceOptions options)
type: oci:Waf:AppFirewallPolicy
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.

name string
The unique name of the resource.
args AppFirewallPolicyArgs
The arguments to resource properties.
opts CustomResourceOptions
Bag of options to control resource's behavior.
resource_name str
The unique name of the resource.
args AppFirewallPolicyArgs
The arguments to resource properties.
opts ResourceOptions
Bag of options to control resource's behavior.
ctx Context
Context object for the current deployment.
name string
The unique name of the resource.
args AppFirewallPolicyArgs
The arguments to resource properties.
opts ResourceOption
Bag of options to control resource's behavior.
name string
The unique name of the resource.
args AppFirewallPolicyArgs
The arguments to resource properties.
opts CustomResourceOptions
Bag of options to control resource's behavior.
name String
The unique name of the resource.
args AppFirewallPolicyArgs
The arguments to resource properties.
options CustomResourceOptions
Bag of options to control resource's behavior.

AppFirewallPolicy Resource Properties

To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

Inputs

The AppFirewallPolicy resource accepts the following input properties:

CompartmentId string

(Updatable) The OCID of the compartment.

Actions List<AppFirewallPolicyActionArgs>

(Updatable) Predefined actions for use in multiple different rules. Not all actions are supported in every module. Some actions terminate further execution of modules and rules in a module and some do not. Actions names must be unique within this array.

DefinedTags Dictionary<string, object>

(Updatable) Defined tags for this resource. Each key is predefined and scoped to a namespace. Example: {"foo-namespace.bar-key": "value"}

DisplayName string

(Updatable) WebAppFirewallPolicy display name, can be renamed.

FreeformTags Dictionary<string, object>

(Updatable) Simple key-value pair that is applied without any predefined name, type or scope. Exists for cross-compatibility only. Example: {"bar-key": "value"}

RequestAccessControl AppFirewallPolicyRequestAccessControlArgs

(Updatable) Module that allows inspection of HTTP request properties and to return a defined HTTP response. In this module, rules with the name 'Default Action' are not allowed, since this name is reserved for default action logs.

RequestProtection AppFirewallPolicyRequestProtectionArgs

(Updatable) Module that allows to enable OCI-managed protection capabilities for incoming HTTP requests.

RequestRateLimiting AppFirewallPolicyRequestRateLimitingArgs

(Updatable) Module that allows inspection of HTTP connection properties and to limit requests frequency for a given key.

ResponseAccessControl AppFirewallPolicyResponseAccessControlArgs

(Updatable) Module that allows inspection of HTTP response properties and to return a defined HTTP response.

ResponseProtection AppFirewallPolicyResponseProtectionArgs

(Updatable) Module that allows to enable OCI-managed protection capabilities for HTTP responses.

SystemTags Dictionary<string, object>

(Updatable) Usage of system tag keys. These predefined keys are scoped to namespaces. Example: {"orcl-cloud.free-tier-retained": "true"}

CompartmentId string

(Updatable) The OCID of the compartment.

Actions []AppFirewallPolicyActionArgs

(Updatable) Predefined actions for use in multiple different rules. Not all actions are supported in every module. Some actions terminate further execution of modules and rules in a module and some do not. Actions names must be unique within this array.

DefinedTags map[string]interface{}

(Updatable) Defined tags for this resource. Each key is predefined and scoped to a namespace. Example: {"foo-namespace.bar-key": "value"}

DisplayName string

(Updatable) WebAppFirewallPolicy display name, can be renamed.

FreeformTags map[string]interface{}

(Updatable) Simple key-value pair that is applied without any predefined name, type or scope. Exists for cross-compatibility only. Example: {"bar-key": "value"}

RequestAccessControl AppFirewallPolicyRequestAccessControlArgs

(Updatable) Module that allows inspection of HTTP request properties and to return a defined HTTP response. In this module, rules with the name 'Default Action' are not allowed, since this name is reserved for default action logs.

RequestProtection AppFirewallPolicyRequestProtectionArgs

(Updatable) Module that allows to enable OCI-managed protection capabilities for incoming HTTP requests.

RequestRateLimiting AppFirewallPolicyRequestRateLimitingArgs

(Updatable) Module that allows inspection of HTTP connection properties and to limit requests frequency for a given key.

ResponseAccessControl AppFirewallPolicyResponseAccessControlArgs

(Updatable) Module that allows inspection of HTTP response properties and to return a defined HTTP response.

ResponseProtection AppFirewallPolicyResponseProtectionArgs

(Updatable) Module that allows to enable OCI-managed protection capabilities for HTTP responses.

SystemTags map[string]interface{}

(Updatable) Usage of system tag keys. These predefined keys are scoped to namespaces. Example: {"orcl-cloud.free-tier-retained": "true"}

compartmentId String

(Updatable) The OCID of the compartment.

actions List<AppFirewallPolicyActionArgs>

(Updatable) Predefined actions for use in multiple different rules. Not all actions are supported in every module. Some actions terminate further execution of modules and rules in a module and some do not. Actions names must be unique within this array.

definedTags Map<String,Object>

(Updatable) Defined tags for this resource. Each key is predefined and scoped to a namespace. Example: {"foo-namespace.bar-key": "value"}

displayName String

(Updatable) WebAppFirewallPolicy display name, can be renamed.

freeformTags Map<String,Object>

(Updatable) Simple key-value pair that is applied without any predefined name, type or scope. Exists for cross-compatibility only. Example: {"bar-key": "value"}

requestAccessControl AppFirewallPolicyRequestAccessControlArgs

(Updatable) Module that allows inspection of HTTP request properties and to return a defined HTTP response. In this module, rules with the name 'Default Action' are not allowed, since this name is reserved for default action logs.

requestProtection AppFirewallPolicyRequestProtectionArgs

(Updatable) Module that allows to enable OCI-managed protection capabilities for incoming HTTP requests.

requestRateLimiting AppFirewallPolicyRequestRateLimitingArgs

(Updatable) Module that allows inspection of HTTP connection properties and to limit requests frequency for a given key.

responseAccessControl AppFirewallPolicyResponseAccessControlArgs

(Updatable) Module that allows inspection of HTTP response properties and to return a defined HTTP response.

responseProtection AppFirewallPolicyResponseProtectionArgs

(Updatable) Module that allows to enable OCI-managed protection capabilities for HTTP responses.

systemTags Map<String,Object>

(Updatable) Usage of system tag keys. These predefined keys are scoped to namespaces. Example: {"orcl-cloud.free-tier-retained": "true"}

compartmentId string

(Updatable) The OCID of the compartment.

actions AppFirewallPolicyActionArgs[]

(Updatable) Predefined actions for use in multiple different rules. Not all actions are supported in every module. Some actions terminate further execution of modules and rules in a module and some do not. Actions names must be unique within this array.

definedTags {[key: string]: any}

(Updatable) Defined tags for this resource. Each key is predefined and scoped to a namespace. Example: {"foo-namespace.bar-key": "value"}

displayName string

(Updatable) WebAppFirewallPolicy display name, can be renamed.

freeformTags {[key: string]: any}

(Updatable) Simple key-value pair that is applied without any predefined name, type or scope. Exists for cross-compatibility only. Example: {"bar-key": "value"}

requestAccessControl AppFirewallPolicyRequestAccessControlArgs

(Updatable) Module that allows inspection of HTTP request properties and to return a defined HTTP response. In this module, rules with the name 'Default Action' are not allowed, since this name is reserved for default action logs.

requestProtection AppFirewallPolicyRequestProtectionArgs

(Updatable) Module that allows to enable OCI-managed protection capabilities for incoming HTTP requests.

requestRateLimiting AppFirewallPolicyRequestRateLimitingArgs

(Updatable) Module that allows inspection of HTTP connection properties and to limit requests frequency for a given key.

responseAccessControl AppFirewallPolicyResponseAccessControlArgs

(Updatable) Module that allows inspection of HTTP response properties and to return a defined HTTP response.

responseProtection AppFirewallPolicyResponseProtectionArgs

(Updatable) Module that allows to enable OCI-managed protection capabilities for HTTP responses.

systemTags {[key: string]: any}

(Updatable) Usage of system tag keys. These predefined keys are scoped to namespaces. Example: {"orcl-cloud.free-tier-retained": "true"}

compartment_id str

(Updatable) The OCID of the compartment.

actions AppFirewallPolicyActionArgs]

(Updatable) Predefined actions for use in multiple different rules. Not all actions are supported in every module. Some actions terminate further execution of modules and rules in a module and some do not. Actions names must be unique within this array.

defined_tags Mapping[str, Any]

(Updatable) Defined tags for this resource. Each key is predefined and scoped to a namespace. Example: {"foo-namespace.bar-key": "value"}

display_name str

(Updatable) WebAppFirewallPolicy display name, can be renamed.

freeform_tags Mapping[str, Any]

(Updatable) Simple key-value pair that is applied without any predefined name, type or scope. Exists for cross-compatibility only. Example: {"bar-key": "value"}

request_access_control AppFirewallPolicyRequestAccessControlArgs

(Updatable) Module that allows inspection of HTTP request properties and to return a defined HTTP response. In this module, rules with the name 'Default Action' are not allowed, since this name is reserved for default action logs.

request_protection AppFirewallPolicyRequestProtectionArgs

(Updatable) Module that allows to enable OCI-managed protection capabilities for incoming HTTP requests.

request_rate_limiting AppFirewallPolicyRequestRateLimitingArgs

(Updatable) Module that allows inspection of HTTP connection properties and to limit requests frequency for a given key.

response_access_control AppFirewallPolicyResponseAccessControlArgs

(Updatable) Module that allows inspection of HTTP response properties and to return a defined HTTP response.

response_protection AppFirewallPolicyResponseProtectionArgs

(Updatable) Module that allows to enable OCI-managed protection capabilities for HTTP responses.

system_tags Mapping[str, Any]

(Updatable) Usage of system tag keys. These predefined keys are scoped to namespaces. Example: {"orcl-cloud.free-tier-retained": "true"}

compartmentId String

(Updatable) The OCID of the compartment.

actions List<Property Map>

(Updatable) Predefined actions for use in multiple different rules. Not all actions are supported in every module. Some actions terminate further execution of modules and rules in a module and some do not. Actions names must be unique within this array.

definedTags Map<Any>

(Updatable) Defined tags for this resource. Each key is predefined and scoped to a namespace. Example: {"foo-namespace.bar-key": "value"}

displayName String

(Updatable) WebAppFirewallPolicy display name, can be renamed.

freeformTags Map<Any>

(Updatable) Simple key-value pair that is applied without any predefined name, type or scope. Exists for cross-compatibility only. Example: {"bar-key": "value"}

requestAccessControl Property Map

(Updatable) Module that allows inspection of HTTP request properties and to return a defined HTTP response. In this module, rules with the name 'Default Action' are not allowed, since this name is reserved for default action logs.

requestProtection Property Map

(Updatable) Module that allows to enable OCI-managed protection capabilities for incoming HTTP requests.

requestRateLimiting Property Map

(Updatable) Module that allows inspection of HTTP connection properties and to limit requests frequency for a given key.

responseAccessControl Property Map

(Updatable) Module that allows inspection of HTTP response properties and to return a defined HTTP response.

responseProtection Property Map

(Updatable) Module that allows to enable OCI-managed protection capabilities for HTTP responses.

systemTags Map<Any>

(Updatable) Usage of system tag keys. These predefined keys are scoped to namespaces. Example: {"orcl-cloud.free-tier-retained": "true"}

Outputs

All input properties are implicitly available as output properties. Additionally, the AppFirewallPolicy resource produces the following output properties:

Id string

The provider-assigned unique ID for this managed resource.

LifecycleDetails string

A message describing the current state in more detail. For example, can be used to provide actionable information for a resource in FAILED state.

State string

The current state of the WebAppFirewallPolicy.

TimeCreated string

The time the WebAppFirewallPolicy was created. An RFC3339 formatted datetime string.

TimeUpdated string

The time the WebAppFirewallPolicy was updated. An RFC3339 formatted datetime string.

Id string

The provider-assigned unique ID for this managed resource.

LifecycleDetails string

A message describing the current state in more detail. For example, can be used to provide actionable information for a resource in FAILED state.

State string

The current state of the WebAppFirewallPolicy.

TimeCreated string

The time the WebAppFirewallPolicy was created. An RFC3339 formatted datetime string.

TimeUpdated string

The time the WebAppFirewallPolicy was updated. An RFC3339 formatted datetime string.

id String

The provider-assigned unique ID for this managed resource.

lifecycleDetails String

A message describing the current state in more detail. For example, can be used to provide actionable information for a resource in FAILED state.

state String

The current state of the WebAppFirewallPolicy.

timeCreated String

The time the WebAppFirewallPolicy was created. An RFC3339 formatted datetime string.

timeUpdated String

The time the WebAppFirewallPolicy was updated. An RFC3339 formatted datetime string.

id string

The provider-assigned unique ID for this managed resource.

lifecycleDetails string

A message describing the current state in more detail. For example, can be used to provide actionable information for a resource in FAILED state.

state string

The current state of the WebAppFirewallPolicy.

timeCreated string

The time the WebAppFirewallPolicy was created. An RFC3339 formatted datetime string.

timeUpdated string

The time the WebAppFirewallPolicy was updated. An RFC3339 formatted datetime string.

id str

The provider-assigned unique ID for this managed resource.

lifecycle_details str

A message describing the current state in more detail. For example, can be used to provide actionable information for a resource in FAILED state.

state str

The current state of the WebAppFirewallPolicy.

time_created str

The time the WebAppFirewallPolicy was created. An RFC3339 formatted datetime string.

time_updated str

The time the WebAppFirewallPolicy was updated. An RFC3339 formatted datetime string.

id String

The provider-assigned unique ID for this managed resource.

lifecycleDetails String

A message describing the current state in more detail. For example, can be used to provide actionable information for a resource in FAILED state.

state String

The current state of the WebAppFirewallPolicy.

timeCreated String

The time the WebAppFirewallPolicy was created. An RFC3339 formatted datetime string.

timeUpdated String

The time the WebAppFirewallPolicy was updated. An RFC3339 formatted datetime string.

Look up an Existing AppFirewallPolicy Resource

Get an existing AppFirewallPolicy resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

public static get(name: string, id: Input<ID>, state?: AppFirewallPolicyState, opts?: CustomResourceOptions): AppFirewallPolicy
@staticmethod
def get(resource_name: str,
        id: str,
        opts: Optional[ResourceOptions] = None,
        actions: Optional[Sequence[_waf.AppFirewallPolicyActionArgs]] = None,
        compartment_id: Optional[str] = None,
        defined_tags: Optional[Mapping[str, Any]] = None,
        display_name: Optional[str] = None,
        freeform_tags: Optional[Mapping[str, Any]] = None,
        lifecycle_details: Optional[str] = None,
        request_access_control: Optional[_waf.AppFirewallPolicyRequestAccessControlArgs] = None,
        request_protection: Optional[_waf.AppFirewallPolicyRequestProtectionArgs] = None,
        request_rate_limiting: Optional[_waf.AppFirewallPolicyRequestRateLimitingArgs] = None,
        response_access_control: Optional[_waf.AppFirewallPolicyResponseAccessControlArgs] = None,
        response_protection: Optional[_waf.AppFirewallPolicyResponseProtectionArgs] = None,
        state: Optional[str] = None,
        system_tags: Optional[Mapping[str, Any]] = None,
        time_created: Optional[str] = None,
        time_updated: Optional[str] = None) -> AppFirewallPolicy
func GetAppFirewallPolicy(ctx *Context, name string, id IDInput, state *AppFirewallPolicyState, opts ...ResourceOption) (*AppFirewallPolicy, error)
public static AppFirewallPolicy Get(string name, Input<string> id, AppFirewallPolicyState? state, CustomResourceOptions? opts = null)
public static AppFirewallPolicy get(String name, Output<String> id, AppFirewallPolicyState state, CustomResourceOptions options)
Resource lookup is not supported in YAML
name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
resource_name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
The following state arguments are supported:
Actions List<AppFirewallPolicyActionArgs>

(Updatable) Predefined actions for use in multiple different rules. Not all actions are supported in every module. Some actions terminate further execution of modules and rules in a module and some do not. Actions names must be unique within this array.

CompartmentId string

(Updatable) The OCID of the compartment.

DefinedTags Dictionary<string, object>

(Updatable) Defined tags for this resource. Each key is predefined and scoped to a namespace. Example: {"foo-namespace.bar-key": "value"}

DisplayName string

(Updatable) WebAppFirewallPolicy display name, can be renamed.

FreeformTags Dictionary<string, object>

(Updatable) Simple key-value pair that is applied without any predefined name, type or scope. Exists for cross-compatibility only. Example: {"bar-key": "value"}

LifecycleDetails string

A message describing the current state in more detail. For example, can be used to provide actionable information for a resource in FAILED state.

RequestAccessControl AppFirewallPolicyRequestAccessControlArgs

(Updatable) Module that allows inspection of HTTP request properties and to return a defined HTTP response. In this module, rules with the name 'Default Action' are not allowed, since this name is reserved for default action logs.

RequestProtection AppFirewallPolicyRequestProtectionArgs

(Updatable) Module that allows to enable OCI-managed protection capabilities for incoming HTTP requests.

RequestRateLimiting AppFirewallPolicyRequestRateLimitingArgs

(Updatable) Module that allows inspection of HTTP connection properties and to limit requests frequency for a given key.

ResponseAccessControl AppFirewallPolicyResponseAccessControlArgs

(Updatable) Module that allows inspection of HTTP response properties and to return a defined HTTP response.

ResponseProtection AppFirewallPolicyResponseProtectionArgs

(Updatable) Module that allows to enable OCI-managed protection capabilities for HTTP responses.

State string

The current state of the WebAppFirewallPolicy.

SystemTags Dictionary<string, object>

(Updatable) Usage of system tag keys. These predefined keys are scoped to namespaces. Example: {"orcl-cloud.free-tier-retained": "true"}

TimeCreated string

The time the WebAppFirewallPolicy was created. An RFC3339 formatted datetime string.

TimeUpdated string

The time the WebAppFirewallPolicy was updated. An RFC3339 formatted datetime string.

Actions []AppFirewallPolicyActionArgs

(Updatable) Predefined actions for use in multiple different rules. Not all actions are supported in every module. Some actions terminate further execution of modules and rules in a module and some do not. Actions names must be unique within this array.

CompartmentId string

(Updatable) The OCID of the compartment.

DefinedTags map[string]interface{}

(Updatable) Defined tags for this resource. Each key is predefined and scoped to a namespace. Example: {"foo-namespace.bar-key": "value"}

DisplayName string

(Updatable) WebAppFirewallPolicy display name, can be renamed.

FreeformTags map[string]interface{}

(Updatable) Simple key-value pair that is applied without any predefined name, type or scope. Exists for cross-compatibility only. Example: {"bar-key": "value"}

LifecycleDetails string

A message describing the current state in more detail. For example, can be used to provide actionable information for a resource in FAILED state.

RequestAccessControl AppFirewallPolicyRequestAccessControlArgs

(Updatable) Module that allows inspection of HTTP request properties and to return a defined HTTP response. In this module, rules with the name 'Default Action' are not allowed, since this name is reserved for default action logs.

RequestProtection AppFirewallPolicyRequestProtectionArgs

(Updatable) Module that allows to enable OCI-managed protection capabilities for incoming HTTP requests.

RequestRateLimiting AppFirewallPolicyRequestRateLimitingArgs

(Updatable) Module that allows inspection of HTTP connection properties and to limit requests frequency for a given key.

ResponseAccessControl AppFirewallPolicyResponseAccessControlArgs

(Updatable) Module that allows inspection of HTTP response properties and to return a defined HTTP response.

ResponseProtection AppFirewallPolicyResponseProtectionArgs

(Updatable) Module that allows to enable OCI-managed protection capabilities for HTTP responses.

State string

The current state of the WebAppFirewallPolicy.

SystemTags map[string]interface{}

(Updatable) Usage of system tag keys. These predefined keys are scoped to namespaces. Example: {"orcl-cloud.free-tier-retained": "true"}

TimeCreated string

The time the WebAppFirewallPolicy was created. An RFC3339 formatted datetime string.

TimeUpdated string

The time the WebAppFirewallPolicy was updated. An RFC3339 formatted datetime string.

actions List<AppFirewallPolicyActionArgs>

(Updatable) Predefined actions for use in multiple different rules. Not all actions are supported in every module. Some actions terminate further execution of modules and rules in a module and some do not. Actions names must be unique within this array.

compartmentId String

(Updatable) The OCID of the compartment.

definedTags Map<String,Object>

(Updatable) Defined tags for this resource. Each key is predefined and scoped to a namespace. Example: {"foo-namespace.bar-key": "value"}

displayName String

(Updatable) WebAppFirewallPolicy display name, can be renamed.

freeformTags Map<String,Object>

(Updatable) Simple key-value pair that is applied without any predefined name, type or scope. Exists for cross-compatibility only. Example: {"bar-key": "value"}

lifecycleDetails String

A message describing the current state in more detail. For example, can be used to provide actionable information for a resource in FAILED state.

requestAccessControl AppFirewallPolicyRequestAccessControlArgs

(Updatable) Module that allows inspection of HTTP request properties and to return a defined HTTP response. In this module, rules with the name 'Default Action' are not allowed, since this name is reserved for default action logs.

requestProtection AppFirewallPolicyRequestProtectionArgs

(Updatable) Module that allows to enable OCI-managed protection capabilities for incoming HTTP requests.

requestRateLimiting AppFirewallPolicyRequestRateLimitingArgs

(Updatable) Module that allows inspection of HTTP connection properties and to limit requests frequency for a given key.

responseAccessControl AppFirewallPolicyResponseAccessControlArgs

(Updatable) Module that allows inspection of HTTP response properties and to return a defined HTTP response.

responseProtection AppFirewallPolicyResponseProtectionArgs

(Updatable) Module that allows to enable OCI-managed protection capabilities for HTTP responses.

state String

The current state of the WebAppFirewallPolicy.

systemTags Map<String,Object>

(Updatable) Usage of system tag keys. These predefined keys are scoped to namespaces. Example: {"orcl-cloud.free-tier-retained": "true"}

timeCreated String

The time the WebAppFirewallPolicy was created. An RFC3339 formatted datetime string.

timeUpdated String

The time the WebAppFirewallPolicy was updated. An RFC3339 formatted datetime string.

actions AppFirewallPolicyActionArgs[]

(Updatable) Predefined actions for use in multiple different rules. Not all actions are supported in every module. Some actions terminate further execution of modules and rules in a module and some do not. Actions names must be unique within this array.

compartmentId string

(Updatable) The OCID of the compartment.

definedTags {[key: string]: any}

(Updatable) Defined tags for this resource. Each key is predefined and scoped to a namespace. Example: {"foo-namespace.bar-key": "value"}

displayName string

(Updatable) WebAppFirewallPolicy display name, can be renamed.

freeformTags {[key: string]: any}

(Updatable) Simple key-value pair that is applied without any predefined name, type or scope. Exists for cross-compatibility only. Example: {"bar-key": "value"}

lifecycleDetails string

A message describing the current state in more detail. For example, can be used to provide actionable information for a resource in FAILED state.

requestAccessControl AppFirewallPolicyRequestAccessControlArgs

(Updatable) Module that allows inspection of HTTP request properties and to return a defined HTTP response. In this module, rules with the name 'Default Action' are not allowed, since this name is reserved for default action logs.

requestProtection AppFirewallPolicyRequestProtectionArgs

(Updatable) Module that allows to enable OCI-managed protection capabilities for incoming HTTP requests.

requestRateLimiting AppFirewallPolicyRequestRateLimitingArgs

(Updatable) Module that allows inspection of HTTP connection properties and to limit requests frequency for a given key.

responseAccessControl AppFirewallPolicyResponseAccessControlArgs

(Updatable) Module that allows inspection of HTTP response properties and to return a defined HTTP response.

responseProtection AppFirewallPolicyResponseProtectionArgs

(Updatable) Module that allows to enable OCI-managed protection capabilities for HTTP responses.

state string

The current state of the WebAppFirewallPolicy.

systemTags {[key: string]: any}

(Updatable) Usage of system tag keys. These predefined keys are scoped to namespaces. Example: {"orcl-cloud.free-tier-retained": "true"}

timeCreated string

The time the WebAppFirewallPolicy was created. An RFC3339 formatted datetime string.

timeUpdated string

The time the WebAppFirewallPolicy was updated. An RFC3339 formatted datetime string.

actions AppFirewallPolicyActionArgs]

(Updatable) Predefined actions for use in multiple different rules. Not all actions are supported in every module. Some actions terminate further execution of modules and rules in a module and some do not. Actions names must be unique within this array.

compartment_id str

(Updatable) The OCID of the compartment.

defined_tags Mapping[str, Any]

(Updatable) Defined tags for this resource. Each key is predefined and scoped to a namespace. Example: {"foo-namespace.bar-key": "value"}

display_name str

(Updatable) WebAppFirewallPolicy display name, can be renamed.

freeform_tags Mapping[str, Any]

(Updatable) Simple key-value pair that is applied without any predefined name, type or scope. Exists for cross-compatibility only. Example: {"bar-key": "value"}

lifecycle_details str

A message describing the current state in more detail. For example, can be used to provide actionable information for a resource in FAILED state.

request_access_control AppFirewallPolicyRequestAccessControlArgs

(Updatable) Module that allows inspection of HTTP request properties and to return a defined HTTP response. In this module, rules with the name 'Default Action' are not allowed, since this name is reserved for default action logs.

request_protection AppFirewallPolicyRequestProtectionArgs

(Updatable) Module that allows to enable OCI-managed protection capabilities for incoming HTTP requests.

request_rate_limiting AppFirewallPolicyRequestRateLimitingArgs

(Updatable) Module that allows inspection of HTTP connection properties and to limit requests frequency for a given key.

response_access_control AppFirewallPolicyResponseAccessControlArgs

(Updatable) Module that allows inspection of HTTP response properties and to return a defined HTTP response.

response_protection AppFirewallPolicyResponseProtectionArgs

(Updatable) Module that allows to enable OCI-managed protection capabilities for HTTP responses.

state str

The current state of the WebAppFirewallPolicy.

system_tags Mapping[str, Any]

(Updatable) Usage of system tag keys. These predefined keys are scoped to namespaces. Example: {"orcl-cloud.free-tier-retained": "true"}

time_created str

The time the WebAppFirewallPolicy was created. An RFC3339 formatted datetime string.

time_updated str

The time the WebAppFirewallPolicy was updated. An RFC3339 formatted datetime string.

actions List<Property Map>

(Updatable) Predefined actions for use in multiple different rules. Not all actions are supported in every module. Some actions terminate further execution of modules and rules in a module and some do not. Actions names must be unique within this array.

compartmentId String

(Updatable) The OCID of the compartment.

definedTags Map<Any>

(Updatable) Defined tags for this resource. Each key is predefined and scoped to a namespace. Example: {"foo-namespace.bar-key": "value"}

displayName String

(Updatable) WebAppFirewallPolicy display name, can be renamed.

freeformTags Map<Any>

(Updatable) Simple key-value pair that is applied without any predefined name, type or scope. Exists for cross-compatibility only. Example: {"bar-key": "value"}

lifecycleDetails String

A message describing the current state in more detail. For example, can be used to provide actionable information for a resource in FAILED state.

requestAccessControl Property Map

(Updatable) Module that allows inspection of HTTP request properties and to return a defined HTTP response. In this module, rules with the name 'Default Action' are not allowed, since this name is reserved for default action logs.

requestProtection Property Map

(Updatable) Module that allows to enable OCI-managed protection capabilities for incoming HTTP requests.

requestRateLimiting Property Map

(Updatable) Module that allows inspection of HTTP connection properties and to limit requests frequency for a given key.

responseAccessControl Property Map

(Updatable) Module that allows inspection of HTTP response properties and to return a defined HTTP response.

responseProtection Property Map

(Updatable) Module that allows to enable OCI-managed protection capabilities for HTTP responses.

state String

The current state of the WebAppFirewallPolicy.

systemTags Map<Any>

(Updatable) Usage of system tag keys. These predefined keys are scoped to namespaces. Example: {"orcl-cloud.free-tier-retained": "true"}

timeCreated String

The time the WebAppFirewallPolicy was created. An RFC3339 formatted datetime string.

timeUpdated String

The time the WebAppFirewallPolicy was updated. An RFC3339 formatted datetime string.

Supporting Types

AppFirewallPolicyAction

Name string

(Updatable) Rule name. Must be unique within the module.

Type string

(Updatable) Type of WebAppFirewallPolicyRule.

Body AppFirewallPolicyActionBody

(Updatable) Type of returned HTTP response body.

Code int

(Updatable) Response code.

Headers List<AppFirewallPolicyActionHeader>

(Updatable) Adds headers defined in this array for HTTP response.

Name string

(Updatable) Rule name. Must be unique within the module.

Type string

(Updatable) Type of WebAppFirewallPolicyRule.

Body AppFirewallPolicyActionBody

(Updatable) Type of returned HTTP response body.

Code int

(Updatable) Response code.

Headers []AppFirewallPolicyActionHeader

(Updatable) Adds headers defined in this array for HTTP response.

name String

(Updatable) Rule name. Must be unique within the module.

type String

(Updatable) Type of WebAppFirewallPolicyRule.

body AppFirewallPolicyActionBody

(Updatable) Type of returned HTTP response body.

code Integer

(Updatable) Response code.

headers List<AppFirewallPolicyActionHeader>

(Updatable) Adds headers defined in this array for HTTP response.

name string

(Updatable) Rule name. Must be unique within the module.

type string

(Updatable) Type of WebAppFirewallPolicyRule.

body AppFirewallPolicyActionBody

(Updatable) Type of returned HTTP response body.

code number

(Updatable) Response code.

headers AppFirewallPolicyActionHeader[]

(Updatable) Adds headers defined in this array for HTTP response.

name str

(Updatable) Rule name. Must be unique within the module.

type str

(Updatable) Type of WebAppFirewallPolicyRule.

body AppFirewallPolicyActionBody

(Updatable) Type of returned HTTP response body.

code int

(Updatable) Response code.

headers AppFirewallPolicyActionHeader]

(Updatable) Adds headers defined in this array for HTTP response.

name String

(Updatable) Rule name. Must be unique within the module.

type String

(Updatable) Type of WebAppFirewallPolicyRule.

body Property Map

(Updatable) Type of returned HTTP response body.

code Number

(Updatable) Response code.

headers List<Property Map>

(Updatable) Adds headers defined in this array for HTTP response.

AppFirewallPolicyActionBody

Text string

(Updatable) Static response body text.

Type string

(Updatable) Type of WebAppFirewallPolicyRule.

Text string

(Updatable) Static response body text.

Type string

(Updatable) Type of WebAppFirewallPolicyRule.

text String

(Updatable) Static response body text.

type String

(Updatable) Type of WebAppFirewallPolicyRule.

text string

(Updatable) Static response body text.

type string

(Updatable) Type of WebAppFirewallPolicyRule.

text str

(Updatable) Static response body text.

type str

(Updatable) Type of WebAppFirewallPolicyRule.

text String

(Updatable) Static response body text.

type String

(Updatable) Type of WebAppFirewallPolicyRule.

AppFirewallPolicyActionHeader

Name string

(Updatable) Rule name. Must be unique within the module.

Value string

(Updatable) The value of the header field.

Name string

(Updatable) Rule name. Must be unique within the module.

Value string

(Updatable) The value of the header field.

name String

(Updatable) Rule name. Must be unique within the module.

value String

(Updatable) The value of the header field.

name string

(Updatable) Rule name. Must be unique within the module.

value string

(Updatable) The value of the header field.

name str

(Updatable) Rule name. Must be unique within the module.

value str

(Updatable) The value of the header field.

name String

(Updatable) Rule name. Must be unique within the module.

value String

(Updatable) The value of the header field.

AppFirewallPolicyRequestAccessControl

DefaultActionName string

(Updatable) References an default Action to take if no AccessControlRule was matched. Allowed action types:

  • ALLOW continues execution of other modules and their rules.
  • RETURN_HTTP_RESPONSE terminates further execution of modules and rules and returns defined HTTP response.
Rules List<AppFirewallPolicyRequestAccessControlRule>

(Updatable) Ordered list of ProtectionRules. Rules are executed in order of appearance in this array. ProtectionRules in this array can only use protection capabilities of RESPONSE_PROTECTION_CAPABILITY type.

DefaultActionName string

(Updatable) References an default Action to take if no AccessControlRule was matched. Allowed action types:

  • ALLOW continues execution of other modules and their rules.
  • RETURN_HTTP_RESPONSE terminates further execution of modules and rules and returns defined HTTP response.
Rules []AppFirewallPolicyRequestAccessControlRule

(Updatable) Ordered list of ProtectionRules. Rules are executed in order of appearance in this array. ProtectionRules in this array can only use protection capabilities of RESPONSE_PROTECTION_CAPABILITY type.

defaultActionName String

(Updatable) References an default Action to take if no AccessControlRule was matched. Allowed action types:

  • ALLOW continues execution of other modules and their rules.
  • RETURN_HTTP_RESPONSE terminates further execution of modules and rules and returns defined HTTP response.
rules List<AppFirewallPolicyRequestAccessControlRule>

(Updatable) Ordered list of ProtectionRules. Rules are executed in order of appearance in this array. ProtectionRules in this array can only use protection capabilities of RESPONSE_PROTECTION_CAPABILITY type.

defaultActionName string

(Updatable) References an default Action to take if no AccessControlRule was matched. Allowed action types:

  • ALLOW continues execution of other modules and their rules.
  • RETURN_HTTP_RESPONSE terminates further execution of modules and rules and returns defined HTTP response.
rules AppFirewallPolicyRequestAccessControlRule[]

(Updatable) Ordered list of ProtectionRules. Rules are executed in order of appearance in this array. ProtectionRules in this array can only use protection capabilities of RESPONSE_PROTECTION_CAPABILITY type.

default_action_name str

(Updatable) References an default Action to take if no AccessControlRule was matched. Allowed action types:

  • ALLOW continues execution of other modules and their rules.
  • RETURN_HTTP_RESPONSE terminates further execution of modules and rules and returns defined HTTP response.
rules AppFirewallPolicyRequestAccessControlRule]

(Updatable) Ordered list of ProtectionRules. Rules are executed in order of appearance in this array. ProtectionRules in this array can only use protection capabilities of RESPONSE_PROTECTION_CAPABILITY type.

defaultActionName String

(Updatable) References an default Action to take if no AccessControlRule was matched. Allowed action types:

  • ALLOW continues execution of other modules and their rules.
  • RETURN_HTTP_RESPONSE terminates further execution of modules and rules and returns defined HTTP response.
rules List<Property Map>

(Updatable) Ordered list of ProtectionRules. Rules are executed in order of appearance in this array. ProtectionRules in this array can only use protection capabilities of RESPONSE_PROTECTION_CAPABILITY type.

AppFirewallPolicyRequestAccessControlRule

ActionName string

(Updatable) Override action to take if capability was triggered, defined in Protection Rule for this capability. Only actions of type CHECK are allowed.

Name string

(Updatable) Rule name. Must be unique within the module.

Type string

(Updatable) Type of WebAppFirewallPolicyRule.

Condition string

(Updatable) An expression that determines whether or not the rule action should be executed.

ConditionLanguage string

(Updatable) The language used to parse condition from field condition. Available languages:

  • JMESPATH an extended JMESPath language syntax.
ActionName string

(Updatable) Override action to take if capability was triggered, defined in Protection Rule for this capability. Only actions of type CHECK are allowed.

Name string

(Updatable) Rule name. Must be unique within the module.

Type string

(Updatable) Type of WebAppFirewallPolicyRule.

Condition string

(Updatable) An expression that determines whether or not the rule action should be executed.

ConditionLanguage string

(Updatable) The language used to parse condition from field condition. Available languages:

  • JMESPATH an extended JMESPath language syntax.
actionName String

(Updatable) Override action to take if capability was triggered, defined in Protection Rule for this capability. Only actions of type CHECK are allowed.

name String

(Updatable) Rule name. Must be unique within the module.

type String

(Updatable) Type of WebAppFirewallPolicyRule.

condition String

(Updatable) An expression that determines whether or not the rule action should be executed.

conditionLanguage String

(Updatable) The language used to parse condition from field condition. Available languages:

  • JMESPATH an extended JMESPath language syntax.
actionName string

(Updatable) Override action to take if capability was triggered, defined in Protection Rule for this capability. Only actions of type CHECK are allowed.

name string

(Updatable) Rule name. Must be unique within the module.

type string

(Updatable) Type of WebAppFirewallPolicyRule.

condition string

(Updatable) An expression that determines whether or not the rule action should be executed.

conditionLanguage string

(Updatable) The language used to parse condition from field condition. Available languages:

  • JMESPATH an extended JMESPath language syntax.
action_name str

(Updatable) Override action to take if capability was triggered, defined in Protection Rule for this capability. Only actions of type CHECK are allowed.

name str

(Updatable) Rule name. Must be unique within the module.

type str

(Updatable) Type of WebAppFirewallPolicyRule.

condition str

(Updatable) An expression that determines whether or not the rule action should be executed.

condition_language str

(Updatable) The language used to parse condition from field condition. Available languages:

  • JMESPATH an extended JMESPath language syntax.
actionName String

(Updatable) Override action to take if capability was triggered, defined in Protection Rule for this capability. Only actions of type CHECK are allowed.

name String

(Updatable) Rule name. Must be unique within the module.

type String

(Updatable) Type of WebAppFirewallPolicyRule.

condition String

(Updatable) An expression that determines whether or not the rule action should be executed.

conditionLanguage String

(Updatable) The language used to parse condition from field condition. Available languages:

  • JMESPATH an extended JMESPath language syntax.

AppFirewallPolicyRequestProtection

BodyInspectionSizeLimitExceededActionName string

(Updatable) References action by name from actions defined in WebAppFirewallPolicy. Executed if HTTP message body size exceeds limit set in field bodyInspectionSizeLimitInBytes.

BodyInspectionSizeLimitInBytes int

(Updatable) Maximum size of inspected HTTP message body in bytes. Actions to take if this limit is exceeded are defined in bodyInspectionSizeLimitExceededActionName.

Rules List<AppFirewallPolicyRequestProtectionRule>

(Updatable) Ordered list of ProtectionRules. Rules are executed in order of appearance in this array. ProtectionRules in this array can only use protection capabilities of RESPONSE_PROTECTION_CAPABILITY type.

BodyInspectionSizeLimitExceededActionName string

(Updatable) References action by name from actions defined in WebAppFirewallPolicy. Executed if HTTP message body size exceeds limit set in field bodyInspectionSizeLimitInBytes.

BodyInspectionSizeLimitInBytes int

(Updatable) Maximum size of inspected HTTP message body in bytes. Actions to take if this limit is exceeded are defined in bodyInspectionSizeLimitExceededActionName.

Rules []AppFirewallPolicyRequestProtectionRule

(Updatable) Ordered list of ProtectionRules. Rules are executed in order of appearance in this array. ProtectionRules in this array can only use protection capabilities of RESPONSE_PROTECTION_CAPABILITY type.

bodyInspectionSizeLimitExceededActionName String

(Updatable) References action by name from actions defined in WebAppFirewallPolicy. Executed if HTTP message body size exceeds limit set in field bodyInspectionSizeLimitInBytes.

bodyInspectionSizeLimitInBytes Integer

(Updatable) Maximum size of inspected HTTP message body in bytes. Actions to take if this limit is exceeded are defined in bodyInspectionSizeLimitExceededActionName.

rules List<AppFirewallPolicyRequestProtectionRule>

(Updatable) Ordered list of ProtectionRules. Rules are executed in order of appearance in this array. ProtectionRules in this array can only use protection capabilities of RESPONSE_PROTECTION_CAPABILITY type.

bodyInspectionSizeLimitExceededActionName string

(Updatable) References action by name from actions defined in WebAppFirewallPolicy. Executed if HTTP message body size exceeds limit set in field bodyInspectionSizeLimitInBytes.

bodyInspectionSizeLimitInBytes number

(Updatable) Maximum size of inspected HTTP message body in bytes. Actions to take if this limit is exceeded are defined in bodyInspectionSizeLimitExceededActionName.

rules AppFirewallPolicyRequestProtectionRule[]

(Updatable) Ordered list of ProtectionRules. Rules are executed in order of appearance in this array. ProtectionRules in this array can only use protection capabilities of RESPONSE_PROTECTION_CAPABILITY type.

body_inspection_size_limit_exceeded_action_name str

(Updatable) References action by name from actions defined in WebAppFirewallPolicy. Executed if HTTP message body size exceeds limit set in field bodyInspectionSizeLimitInBytes.

body_inspection_size_limit_in_bytes int

(Updatable) Maximum size of inspected HTTP message body in bytes. Actions to take if this limit is exceeded are defined in bodyInspectionSizeLimitExceededActionName.

rules AppFirewallPolicyRequestProtectionRule]

(Updatable) Ordered list of ProtectionRules. Rules are executed in order of appearance in this array. ProtectionRules in this array can only use protection capabilities of RESPONSE_PROTECTION_CAPABILITY type.

bodyInspectionSizeLimitExceededActionName String

(Updatable) References action by name from actions defined in WebAppFirewallPolicy. Executed if HTTP message body size exceeds limit set in field bodyInspectionSizeLimitInBytes.

bodyInspectionSizeLimitInBytes Number

(Updatable) Maximum size of inspected HTTP message body in bytes. Actions to take if this limit is exceeded are defined in bodyInspectionSizeLimitExceededActionName.

rules List<Property Map>

(Updatable) Ordered list of ProtectionRules. Rules are executed in order of appearance in this array. ProtectionRules in this array can only use protection capabilities of RESPONSE_PROTECTION_CAPABILITY type.

AppFirewallPolicyRequestProtectionRule

ActionName string

(Updatable) Override action to take if capability was triggered, defined in Protection Rule for this capability. Only actions of type CHECK are allowed.

Name string

(Updatable) Rule name. Must be unique within the module.

ProtectionCapabilities List<AppFirewallPolicyRequestProtectionRuleProtectionCapability>

(Updatable) An ordered list that references OCI-managed protection capabilities. Referenced protection capabilities are not necessarily executed in order of appearance. Their execution order is decided at runtime for improved performance. The array cannot contain entries with the same pair of capability key and version more than once.

Type string

(Updatable) Type of WebAppFirewallPolicyRule.

Condition string

(Updatable) An expression that determines whether or not the rule action should be executed.

ConditionLanguage string

(Updatable) The language used to parse condition from field condition. Available languages:

  • JMESPATH an extended JMESPath language syntax.
IsBodyInspectionEnabled bool

(Updatable) Enables/disables body inspection for this protection rule. Only Protection Rules in RequestProtection can have this option enabled. Response body inspection will be available at a later date.

ProtectionCapabilitySettings AppFirewallPolicyRequestProtectionRuleProtectionCapabilitySettings

(Updatable) Settings for protection capabilities

ActionName string

(Updatable) Override action to take if capability was triggered, defined in Protection Rule for this capability. Only actions of type CHECK are allowed.

Name string

(Updatable) Rule name. Must be unique within the module.

ProtectionCapabilities []AppFirewallPolicyRequestProtectionRuleProtectionCapability

(Updatable) An ordered list that references OCI-managed protection capabilities. Referenced protection capabilities are not necessarily executed in order of appearance. Their execution order is decided at runtime for improved performance. The array cannot contain entries with the same pair of capability key and version more than once.

Type string

(Updatable) Type of WebAppFirewallPolicyRule.

Condition string

(Updatable) An expression that determines whether or not the rule action should be executed.

ConditionLanguage string

(Updatable) The language used to parse condition from field condition. Available languages:

  • JMESPATH an extended JMESPath language syntax.
IsBodyInspectionEnabled bool

(Updatable) Enables/disables body inspection for this protection rule. Only Protection Rules in RequestProtection can have this option enabled. Response body inspection will be available at a later date.

ProtectionCapabilitySettings AppFirewallPolicyRequestProtectionRuleProtectionCapabilitySettings

(Updatable) Settings for protection capabilities

actionName String

(Updatable) Override action to take if capability was triggered, defined in Protection Rule for this capability. Only actions of type CHECK are allowed.

name String

(Updatable) Rule name. Must be unique within the module.

protectionCapabilities List<AppFirewallPolicyRequestProtectionRuleProtectionCapability>

(Updatable) An ordered list that references OCI-managed protection capabilities. Referenced protection capabilities are not necessarily executed in order of appearance. Their execution order is decided at runtime for improved performance. The array cannot contain entries with the same pair of capability key and version more than once.

type String

(Updatable) Type of WebAppFirewallPolicyRule.

condition String

(Updatable) An expression that determines whether or not the rule action should be executed.

conditionLanguage String

(Updatable) The language used to parse condition from field condition. Available languages:

  • JMESPATH an extended JMESPath language syntax.
isBodyInspectionEnabled Boolean

(Updatable) Enables/disables body inspection for this protection rule. Only Protection Rules in RequestProtection can have this option enabled. Response body inspection will be available at a later date.

protectionCapabilitySettings AppFirewallPolicyRequestProtectionRuleProtectionCapabilitySettings

(Updatable) Settings for protection capabilities

actionName string

(Updatable) Override action to take if capability was triggered, defined in Protection Rule for this capability. Only actions of type CHECK are allowed.

name string

(Updatable) Rule name. Must be unique within the module.

protectionCapabilities AppFirewallPolicyRequestProtectionRuleProtectionCapability[]

(Updatable) An ordered list that references OCI-managed protection capabilities. Referenced protection capabilities are not necessarily executed in order of appearance. Their execution order is decided at runtime for improved performance. The array cannot contain entries with the same pair of capability key and version more than once.

type string

(Updatable) Type of WebAppFirewallPolicyRule.

condition string

(Updatable) An expression that determines whether or not the rule action should be executed.

conditionLanguage string

(Updatable) The language used to parse condition from field condition. Available languages:

  • JMESPATH an extended JMESPath language syntax.
isBodyInspectionEnabled boolean

(Updatable) Enables/disables body inspection for this protection rule. Only Protection Rules in RequestProtection can have this option enabled. Response body inspection will be available at a later date.

protectionCapabilitySettings AppFirewallPolicyRequestProtectionRuleProtectionCapabilitySettings

(Updatable) Settings for protection capabilities

action_name str

(Updatable) Override action to take if capability was triggered, defined in Protection Rule for this capability. Only actions of type CHECK are allowed.

name str

(Updatable) Rule name. Must be unique within the module.

protection_capabilities AppFirewallPolicyRequestProtectionRuleProtectionCapability]

(Updatable) An ordered list that references OCI-managed protection capabilities. Referenced protection capabilities are not necessarily executed in order of appearance. Their execution order is decided at runtime for improved performance. The array cannot contain entries with the same pair of capability key and version more than once.

type str

(Updatable) Type of WebAppFirewallPolicyRule.

condition str

(Updatable) An expression that determines whether or not the rule action should be executed.

condition_language str

(Updatable) The language used to parse condition from field condition. Available languages:

  • JMESPATH an extended JMESPath language syntax.
is_body_inspection_enabled bool

(Updatable) Enables/disables body inspection for this protection rule. Only Protection Rules in RequestProtection can have this option enabled. Response body inspection will be available at a later date.

protection_capability_settings AppFirewallPolicyRequestProtectionRuleProtectionCapabilitySettings

(Updatable) Settings for protection capabilities

actionName String

(Updatable) Override action to take if capability was triggered, defined in Protection Rule for this capability. Only actions of type CHECK are allowed.

name String

(Updatable) Rule name. Must be unique within the module.

protectionCapabilities List<Property Map>

(Updatable) An ordered list that references OCI-managed protection capabilities. Referenced protection capabilities are not necessarily executed in order of appearance. Their execution order is decided at runtime for improved performance. The array cannot contain entries with the same pair of capability key and version more than once.

type String

(Updatable) Type of WebAppFirewallPolicyRule.

condition String

(Updatable) An expression that determines whether or not the rule action should be executed.

conditionLanguage String

(Updatable) The language used to parse condition from field condition. Available languages:

  • JMESPATH an extended JMESPath language syntax.
isBodyInspectionEnabled Boolean

(Updatable) Enables/disables body inspection for this protection rule. Only Protection Rules in RequestProtection can have this option enabled. Response body inspection will be available at a later date.

protectionCapabilitySettings Property Map

(Updatable) Settings for protection capabilities

AppFirewallPolicyRequestProtectionRuleProtectionCapability

Key string

(Updatable) Unique key of referenced protection capability.

Version int

(Updatable) Version of referenced protection capability.

ActionName string

(Updatable) Override action to take if capability was triggered, defined in Protection Rule for this capability. Only actions of type CHECK are allowed.

CollaborativeActionThreshold int

(Updatable) The minimum sum of weights of associated collaborative protection capabilities that have triggered which must be reached in order for this capability to trigger. This field is ignored for non-collaborative capabilities.

CollaborativeWeights List<AppFirewallPolicyRequestProtectionRuleProtectionCapabilityCollaborativeWeight>

(Updatable) Explicit weight values to use for associated collaborative protection capabilities.

Exclusions AppFirewallPolicyRequestProtectionRuleProtectionCapabilityExclusions

(Updatable) Identifies specific HTTP message parameters to exclude from inspection by a protection capability.

Key string

(Updatable) Unique key of referenced protection capability.

Version int

(Updatable) Version of referenced protection capability.

ActionName string

(Updatable) Override action to take if capability was triggered, defined in Protection Rule for this capability. Only actions of type CHECK are allowed.

CollaborativeActionThreshold int

(Updatable) The minimum sum of weights of associated collaborative protection capabilities that have triggered which must be reached in order for this capability to trigger. This field is ignored for non-collaborative capabilities.

CollaborativeWeights []AppFirewallPolicyRequestProtectionRuleProtectionCapabilityCollaborativeWeight

(Updatable) Explicit weight values to use for associated collaborative protection capabilities.

Exclusions AppFirewallPolicyRequestProtectionRuleProtectionCapabilityExclusions

(Updatable) Identifies specific HTTP message parameters to exclude from inspection by a protection capability.

key String

(Updatable) Unique key of referenced protection capability.

version Integer

(Updatable) Version of referenced protection capability.

actionName String

(Updatable) Override action to take if capability was triggered, defined in Protection Rule for this capability. Only actions of type CHECK are allowed.

collaborativeActionThreshold Integer

(Updatable) The minimum sum of weights of associated collaborative protection capabilities that have triggered which must be reached in order for this capability to trigger. This field is ignored for non-collaborative capabilities.

collaborativeWeights List<AppFirewallPolicyRequestProtectionRuleProtectionCapabilityCollaborativeWeight>

(Updatable) Explicit weight values to use for associated collaborative protection capabilities.

exclusions AppFirewallPolicyRequestProtectionRuleProtectionCapabilityExclusions

(Updatable) Identifies specific HTTP message parameters to exclude from inspection by a protection capability.

key string

(Updatable) Unique key of referenced protection capability.

version number

(Updatable) Version of referenced protection capability.

actionName string

(Updatable) Override action to take if capability was triggered, defined in Protection Rule for this capability. Only actions of type CHECK are allowed.

collaborativeActionThreshold number

(Updatable) The minimum sum of weights of associated collaborative protection capabilities that have triggered which must be reached in order for this capability to trigger. This field is ignored for non-collaborative capabilities.

collaborativeWeights AppFirewallPolicyRequestProtectionRuleProtectionCapabilityCollaborativeWeight[]

(Updatable) Explicit weight values to use for associated collaborative protection capabilities.

exclusions AppFirewallPolicyRequestProtectionRuleProtectionCapabilityExclusions

(Updatable) Identifies specific HTTP message parameters to exclude from inspection by a protection capability.

key str

(Updatable) Unique key of referenced protection capability.

version int

(Updatable) Version of referenced protection capability.

action_name str

(Updatable) Override action to take if capability was triggered, defined in Protection Rule for this capability. Only actions of type CHECK are allowed.

collaborative_action_threshold int

(Updatable) The minimum sum of weights of associated collaborative protection capabilities that have triggered which must be reached in order for this capability to trigger. This field is ignored for non-collaborative capabilities.

collaborative_weights AppFirewallPolicyRequestProtectionRuleProtectionCapabilityCollaborativeWeight]

(Updatable) Explicit weight values to use for associated collaborative protection capabilities.

exclusions AppFirewallPolicyRequestProtectionRuleProtectionCapabilityExclusions

(Updatable) Identifies specific HTTP message parameters to exclude from inspection by a protection capability.

key String

(Updatable) Unique key of referenced protection capability.

version Number

(Updatable) Version of referenced protection capability.

actionName String

(Updatable) Override action to take if capability was triggered, defined in Protection Rule for this capability. Only actions of type CHECK are allowed.

collaborativeActionThreshold Number

(Updatable) The minimum sum of weights of associated collaborative protection capabilities that have triggered which must be reached in order for this capability to trigger. This field is ignored for non-collaborative capabilities.

collaborativeWeights List<Property Map>

(Updatable) Explicit weight values to use for associated collaborative protection capabilities.

exclusions Property Map

(Updatable) Identifies specific HTTP message parameters to exclude from inspection by a protection capability.

AppFirewallPolicyRequestProtectionRuleProtectionCapabilityCollaborativeWeight

Key string

(Updatable) Unique key of referenced protection capability.

Weight int

(Updatable) The value of weight to set.

Key string

(Updatable) Unique key of referenced protection capability.

Weight int

(Updatable) The value of weight to set.

key String

(Updatable) Unique key of referenced protection capability.

weight Integer

(Updatable) The value of weight to set.

key string

(Updatable) Unique key of referenced protection capability.

weight number

(Updatable) The value of weight to set.

key str

(Updatable) Unique key of referenced protection capability.

weight int

(Updatable) The value of weight to set.

key String

(Updatable) Unique key of referenced protection capability.

weight Number

(Updatable) The value of weight to set.

AppFirewallPolicyRequestProtectionRuleProtectionCapabilityExclusions

Args List<string>

(Updatable) List of URL query parameter values from form-urlencoded XML, JSON, AMP, or POST payloads to exclude from inspecting. Example: If we have query parameter 'argumentName=argumentValue' and args=['argumentName'], both 'argumentName' and 'argumentValue' will not be inspected.

RequestCookies List<string>

(Updatable) List of HTTP request cookie values (by cookie name) to exclude from inspecting. Example: If we have cookie 'cookieName=cookieValue' and requestCookies=['cookieName'], both 'cookieName' and 'cookieValue' will not be inspected.

Args []string

(Updatable) List of URL query parameter values from form-urlencoded XML, JSON, AMP, or POST payloads to exclude from inspecting. Example: If we have query parameter 'argumentName=argumentValue' and args=['argumentName'], both 'argumentName' and 'argumentValue' will not be inspected.

RequestCookies []string

(Updatable) List of HTTP request cookie values (by cookie name) to exclude from inspecting. Example: If we have cookie 'cookieName=cookieValue' and requestCookies=['cookieName'], both 'cookieName' and 'cookieValue' will not be inspected.

args List<String>

(Updatable) List of URL query parameter values from form-urlencoded XML, JSON, AMP, or POST payloads to exclude from inspecting. Example: If we have query parameter 'argumentName=argumentValue' and args=['argumentName'], both 'argumentName' and 'argumentValue' will not be inspected.

requestCookies List<String>

(Updatable) List of HTTP request cookie values (by cookie name) to exclude from inspecting. Example: If we have cookie 'cookieName=cookieValue' and requestCookies=['cookieName'], both 'cookieName' and 'cookieValue' will not be inspected.

args string[]

(Updatable) List of URL query parameter values from form-urlencoded XML, JSON, AMP, or POST payloads to exclude from inspecting. Example: If we have query parameter 'argumentName=argumentValue' and args=['argumentName'], both 'argumentName' and 'argumentValue' will not be inspected.

requestCookies string[]

(Updatable) List of HTTP request cookie values (by cookie name) to exclude from inspecting. Example: If we have cookie 'cookieName=cookieValue' and requestCookies=['cookieName'], both 'cookieName' and 'cookieValue' will not be inspected.

args Sequence[str]

(Updatable) List of URL query parameter values from form-urlencoded XML, JSON, AMP, or POST payloads to exclude from inspecting. Example: If we have query parameter 'argumentName=argumentValue' and args=['argumentName'], both 'argumentName' and 'argumentValue' will not be inspected.

request_cookies Sequence[str]

(Updatable) List of HTTP request cookie values (by cookie name) to exclude from inspecting. Example: If we have cookie 'cookieName=cookieValue' and requestCookies=['cookieName'], both 'cookieName' and 'cookieValue' will not be inspected.

args List<String>

(Updatable) List of URL query parameter values from form-urlencoded XML, JSON, AMP, or POST payloads to exclude from inspecting. Example: If we have query parameter 'argumentName=argumentValue' and args=['argumentName'], both 'argumentName' and 'argumentValue' will not be inspected.

requestCookies List<String>

(Updatable) List of HTTP request cookie values (by cookie name) to exclude from inspecting. Example: If we have cookie 'cookieName=cookieValue' and requestCookies=['cookieName'], both 'cookieName' and 'cookieValue' will not be inspected.

AppFirewallPolicyRequestProtectionRuleProtectionCapabilitySettings

AllowedHttpMethods List<string>

(Updatable) List of allowed HTTP methods. Each value as a RFC7230 formated token string. Used in protection capability 911100: Restrict HTTP Request Methods.

MaxHttpRequestHeaderLength int

(Updatable) Maximum allowed length of headers in an HTTP request. Used in protection capability: 9200024: Limit length of request header size.

MaxHttpRequestHeaders int

(Updatable) Maximum number of headers allowed in an HTTP request. Used in protection capability 9200014: Limit Number of Request Headers.

MaxNumberOfArguments int

(Updatable) Maximum number of arguments allowed. Used in protection capability 920380: Number of Arguments Limits.

MaxSingleArgumentLength int

(Updatable) Maximum allowed length of a single argument. Used in protection capability 920370: Limit argument value length.

MaxTotalArgumentLength int

(Updatable) Maximum allowed total length of all arguments. Used in protection capability 920390: Limit arguments total length.

AllowedHttpMethods []string

(Updatable) List of allowed HTTP methods. Each value as a RFC7230 formated token string. Used in protection capability 911100: Restrict HTTP Request Methods.

MaxHttpRequestHeaderLength int

(Updatable) Maximum allowed length of headers in an HTTP request. Used in protection capability: 9200024: Limit length of request header size.

MaxHttpRequestHeaders int

(Updatable) Maximum number of headers allowed in an HTTP request. Used in protection capability 9200014: Limit Number of Request Headers.

MaxNumberOfArguments int

(Updatable) Maximum number of arguments allowed. Used in protection capability 920380: Number of Arguments Limits.

MaxSingleArgumentLength int

(Updatable) Maximum allowed length of a single argument. Used in protection capability 920370: Limit argument value length.

MaxTotalArgumentLength int

(Updatable) Maximum allowed total length of all arguments. Used in protection capability 920390: Limit arguments total length.

allowedHttpMethods List<String>

(Updatable) List of allowed HTTP methods. Each value as a RFC7230 formated token string. Used in protection capability 911100: Restrict HTTP Request Methods.

maxHttpRequestHeaderLength Integer

(Updatable) Maximum allowed length of headers in an HTTP request. Used in protection capability: 9200024: Limit length of request header size.

maxHttpRequestHeaders Integer

(Updatable) Maximum number of headers allowed in an HTTP request. Used in protection capability 9200014: Limit Number of Request Headers.

maxNumberOfArguments Integer

(Updatable) Maximum number of arguments allowed. Used in protection capability 920380: Number of Arguments Limits.

maxSingleArgumentLength Integer

(Updatable) Maximum allowed length of a single argument. Used in protection capability 920370: Limit argument value length.

maxTotalArgumentLength Integer

(Updatable) Maximum allowed total length of all arguments. Used in protection capability 920390: Limit arguments total length.

allowedHttpMethods string[]

(Updatable) List of allowed HTTP methods. Each value as a RFC7230 formated token string. Used in protection capability 911100: Restrict HTTP Request Methods.

maxHttpRequestHeaderLength number

(Updatable) Maximum allowed length of headers in an HTTP request. Used in protection capability: 9200024: Limit length of request header size.

maxHttpRequestHeaders number

(Updatable) Maximum number of headers allowed in an HTTP request. Used in protection capability 9200014: Limit Number of Request Headers.

maxNumberOfArguments number

(Updatable) Maximum number of arguments allowed. Used in protection capability 920380: Number of Arguments Limits.

maxSingleArgumentLength number

(Updatable) Maximum allowed length of a single argument. Used in protection capability 920370: Limit argument value length.

maxTotalArgumentLength number

(Updatable) Maximum allowed total length of all arguments. Used in protection capability 920390: Limit arguments total length.

allowed_http_methods Sequence[str]

(Updatable) List of allowed HTTP methods. Each value as a RFC7230 formated token string. Used in protection capability 911100: Restrict HTTP Request Methods.

max_http_request_header_length int

(Updatable) Maximum allowed length of headers in an HTTP request. Used in protection capability: 9200024: Limit length of request header size.

max_http_request_headers int

(Updatable) Maximum number of headers allowed in an HTTP request. Used in protection capability 9200014: Limit Number of Request Headers.

max_number_of_arguments int

(Updatable) Maximum number of arguments allowed. Used in protection capability 920380: Number of Arguments Limits.

max_single_argument_length int

(Updatable) Maximum allowed length of a single argument. Used in protection capability 920370: Limit argument value length.

max_total_argument_length int

(Updatable) Maximum allowed total length of all arguments. Used in protection capability 920390: Limit arguments total length.

allowedHttpMethods List<String>

(Updatable) List of allowed HTTP methods. Each value as a RFC7230 formated token string. Used in protection capability 911100: Restrict HTTP Request Methods.

maxHttpRequestHeaderLength Number

(Updatable) Maximum allowed length of headers in an HTTP request. Used in protection capability: 9200024: Limit length of request header size.

maxHttpRequestHeaders Number

(Updatable) Maximum number of headers allowed in an HTTP request. Used in protection capability 9200014: Limit Number of Request Headers.

maxNumberOfArguments Number

(Updatable) Maximum number of arguments allowed. Used in protection capability 920380: Number of Arguments Limits.

maxSingleArgumentLength Number

(Updatable) Maximum allowed length of a single argument. Used in protection capability 920370: Limit argument value length.

maxTotalArgumentLength Number

(Updatable) Maximum allowed total length of all arguments. Used in protection capability 920390: Limit arguments total length.

AppFirewallPolicyRequestRateLimiting

Rules List<AppFirewallPolicyRequestRateLimitingRule>

(Updatable) Ordered list of ProtectionRules. Rules are executed in order of appearance in this array. ProtectionRules in this array can only use protection capabilities of RESPONSE_PROTECTION_CAPABILITY type.

Rules []AppFirewallPolicyRequestRateLimitingRule

(Updatable) Ordered list of ProtectionRules. Rules are executed in order of appearance in this array. ProtectionRules in this array can only use protection capabilities of RESPONSE_PROTECTION_CAPABILITY type.

rules List<AppFirewallPolicyRequestRateLimitingRule>

(Updatable) Ordered list of ProtectionRules. Rules are executed in order of appearance in this array. ProtectionRules in this array can only use protection capabilities of RESPONSE_PROTECTION_CAPABILITY type.

rules AppFirewallPolicyRequestRateLimitingRule[]

(Updatable) Ordered list of ProtectionRules. Rules are executed in order of appearance in this array. ProtectionRules in this array can only use protection capabilities of RESPONSE_PROTECTION_CAPABILITY type.

rules AppFirewallPolicyRequestRateLimitingRule]

(Updatable) Ordered list of ProtectionRules. Rules are executed in order of appearance in this array. ProtectionRules in this array can only use protection capabilities of RESPONSE_PROTECTION_CAPABILITY type.

rules List<Property Map>

(Updatable) Ordered list of ProtectionRules. Rules are executed in order of appearance in this array. ProtectionRules in this array can only use protection capabilities of RESPONSE_PROTECTION_CAPABILITY type.

AppFirewallPolicyRequestRateLimitingRule

ActionName string

(Updatable) Override action to take if capability was triggered, defined in Protection Rule for this capability. Only actions of type CHECK are allowed.

Configurations List<AppFirewallPolicyRequestRateLimitingRuleConfiguration>

(Updatable) Rate Limiting Configurations. Each configuration counts requests towards its own requestsLimit.

Name string

(Updatable) Rule name. Must be unique within the module.

Type string

(Updatable) Type of WebAppFirewallPolicyRule.

Condition string

(Updatable) An expression that determines whether or not the rule action should be executed.

ConditionLanguage string

(Updatable) The language used to parse condition from field condition. Available languages:

  • JMESPATH an extended JMESPath language syntax.
ActionName string

(Updatable) Override action to take if capability was triggered, defined in Protection Rule for this capability. Only actions of type CHECK are allowed.

Configurations []AppFirewallPolicyRequestRateLimitingRuleConfiguration

(Updatable) Rate Limiting Configurations. Each configuration counts requests towards its own requestsLimit.

Name string

(Updatable) Rule name. Must be unique within the module.

Type string

(Updatable) Type of WebAppFirewallPolicyRule.

Condition string

(Updatable) An expression that determines whether or not the rule action should be executed.

ConditionLanguage string

(Updatable) The language used to parse condition from field condition. Available languages:

  • JMESPATH an extended JMESPath language syntax.
actionName String

(Updatable) Override action to take if capability was triggered, defined in Protection Rule for this capability. Only actions of type CHECK are allowed.

configurations List<AppFirewallPolicyRequestRateLimitingRuleConfiguration>

(Updatable) Rate Limiting Configurations. Each configuration counts requests towards its own requestsLimit.

name String

(Updatable) Rule name. Must be unique within the module.

type String

(Updatable) Type of WebAppFirewallPolicyRule.

condition String

(Updatable) An expression that determines whether or not the rule action should be executed.

conditionLanguage String

(Updatable) The language used to parse condition from field condition. Available languages:

  • JMESPATH an extended JMESPath language syntax.
actionName string

(Updatable) Override action to take if capability was triggered, defined in Protection Rule for this capability. Only actions of type CHECK are allowed.

configurations AppFirewallPolicyRequestRateLimitingRuleConfiguration[]

(Updatable) Rate Limiting Configurations. Each configuration counts requests towards its own requestsLimit.

name string

(Updatable) Rule name. Must be unique within the module.

type string

(Updatable) Type of WebAppFirewallPolicyRule.

condition string

(Updatable) An expression that determines whether or not the rule action should be executed.

conditionLanguage string

(Updatable) The language used to parse condition from field condition. Available languages:

  • JMESPATH an extended JMESPath language syntax.
action_name str

(Updatable) Override action to take if capability was triggered, defined in Protection Rule for this capability. Only actions of type CHECK are allowed.

configurations AppFirewallPolicyRequestRateLimitingRuleConfiguration]

(Updatable) Rate Limiting Configurations. Each configuration counts requests towards its own requestsLimit.

name str

(Updatable) Rule name. Must be unique within the module.

type str

(Updatable) Type of WebAppFirewallPolicyRule.

condition str

(Updatable) An expression that determines whether or not the rule action should be executed.

condition_language str

(Updatable) The language used to parse condition from field condition. Available languages:

  • JMESPATH an extended JMESPath language syntax.
actionName String

(Updatable) Override action to take if capability was triggered, defined in Protection Rule for this capability. Only actions of type CHECK are allowed.

configurations List<Property Map>

(Updatable) Rate Limiting Configurations. Each configuration counts requests towards its own requestsLimit.

name String

(Updatable) Rule name. Must be unique within the module.

type String

(Updatable) Type of WebAppFirewallPolicyRule.

condition String

(Updatable) An expression that determines whether or not the rule action should be executed.

conditionLanguage String

(Updatable) The language used to parse condition from field condition. Available languages:

  • JMESPATH an extended JMESPath language syntax.

AppFirewallPolicyRequestRateLimitingRuleConfiguration

PeriodInSeconds int

(Updatable) Evaluation period in seconds.

RequestsLimit int

(Updatable) Requests allowed per evaluation period.

ActionDurationInSeconds int

(Updatable) Duration of block action application in seconds when requestsLimit is reached. Optional and can be 0 (no block duration).

PeriodInSeconds int

(Updatable) Evaluation period in seconds.

RequestsLimit int

(Updatable) Requests allowed per evaluation period.

ActionDurationInSeconds int

(Updatable) Duration of block action application in seconds when requestsLimit is reached. Optional and can be 0 (no block duration).

periodInSeconds Integer

(Updatable) Evaluation period in seconds.

requestsLimit Integer

(Updatable) Requests allowed per evaluation period.

actionDurationInSeconds Integer

(Updatable) Duration of block action application in seconds when requestsLimit is reached. Optional and can be 0 (no block duration).

periodInSeconds number

(Updatable) Evaluation period in seconds.

requestsLimit number

(Updatable) Requests allowed per evaluation period.

actionDurationInSeconds number

(Updatable) Duration of block action application in seconds when requestsLimit is reached. Optional and can be 0 (no block duration).

period_in_seconds int

(Updatable) Evaluation period in seconds.

requests_limit int

(Updatable) Requests allowed per evaluation period.

action_duration_in_seconds int

(Updatable) Duration of block action application in seconds when requestsLimit is reached. Optional and can be 0 (no block duration).

periodInSeconds Number

(Updatable) Evaluation period in seconds.

requestsLimit Number

(Updatable) Requests allowed per evaluation period.

actionDurationInSeconds Number

(Updatable) Duration of block action application in seconds when requestsLimit is reached. Optional and can be 0 (no block duration).

AppFirewallPolicyResponseAccessControl

Rules List<AppFirewallPolicyResponseAccessControlRule>

(Updatable) Ordered list of ProtectionRules. Rules are executed in order of appearance in this array. ProtectionRules in this array can only use protection capabilities of RESPONSE_PROTECTION_CAPABILITY type.

Rules []AppFirewallPolicyResponseAccessControlRule

(Updatable) Ordered list of ProtectionRules. Rules are executed in order of appearance in this array. ProtectionRules in this array can only use protection capabilities of RESPONSE_PROTECTION_CAPABILITY type.

rules List<AppFirewallPolicyResponseAccessControlRule>

(Updatable) Ordered list of ProtectionRules. Rules are executed in order of appearance in this array. ProtectionRules in this array can only use protection capabilities of RESPONSE_PROTECTION_CAPABILITY type.

rules AppFirewallPolicyResponseAccessControlRule[]

(Updatable) Ordered list of ProtectionRules. Rules are executed in order of appearance in this array. ProtectionRules in this array can only use protection capabilities of RESPONSE_PROTECTION_CAPABILITY type.

rules AppFirewallPolicyResponseAccessControlRule]

(Updatable) Ordered list of ProtectionRules. Rules are executed in order of appearance in this array. ProtectionRules in this array can only use protection capabilities of RESPONSE_PROTECTION_CAPABILITY type.

rules List<Property Map>

(Updatable) Ordered list of ProtectionRules. Rules are executed in order of appearance in this array. ProtectionRules in this array can only use protection capabilities of RESPONSE_PROTECTION_CAPABILITY type.

AppFirewallPolicyResponseAccessControlRule

ActionName string

(Updatable) Override action to take if capability was triggered, defined in Protection Rule for this capability. Only actions of type CHECK are allowed.

Name string

(Updatable) Rule name. Must be unique within the module.

Type string

(Updatable) Type of WebAppFirewallPolicyRule.

Condition string

(Updatable) An expression that determines whether or not the rule action should be executed.

ConditionLanguage string

(Updatable) The language used to parse condition from field condition. Available languages:

  • JMESPATH an extended JMESPath language syntax.
ActionName string

(Updatable) Override action to take if capability was triggered, defined in Protection Rule for this capability. Only actions of type CHECK are allowed.

Name string

(Updatable) Rule name. Must be unique within the module.

Type string

(Updatable) Type of WebAppFirewallPolicyRule.

Condition string

(Updatable) An expression that determines whether or not the rule action should be executed.

ConditionLanguage string

(Updatable) The language used to parse condition from field condition. Available languages:

  • JMESPATH an extended JMESPath language syntax.
actionName String

(Updatable) Override action to take if capability was triggered, defined in Protection Rule for this capability. Only actions of type CHECK are allowed.

name String

(Updatable) Rule name. Must be unique within the module.

type String

(Updatable) Type of WebAppFirewallPolicyRule.

condition String

(Updatable) An expression that determines whether or not the rule action should be executed.

conditionLanguage String

(Updatable) The language used to parse condition from field condition. Available languages:

  • JMESPATH an extended JMESPath language syntax.
actionName string

(Updatable) Override action to take if capability was triggered, defined in Protection Rule for this capability. Only actions of type CHECK are allowed.

name string

(Updatable) Rule name. Must be unique within the module.

type string

(Updatable) Type of WebAppFirewallPolicyRule.

condition string

(Updatable) An expression that determines whether or not the rule action should be executed.

conditionLanguage string

(Updatable) The language used to parse condition from field condition. Available languages:

  • JMESPATH an extended JMESPath language syntax.
action_name str

(Updatable) Override action to take if capability was triggered, defined in Protection Rule for this capability. Only actions of type CHECK are allowed.

name str

(Updatable) Rule name. Must be unique within the module.

type str

(Updatable) Type of WebAppFirewallPolicyRule.

condition str

(Updatable) An expression that determines whether or not the rule action should be executed.

condition_language str

(Updatable) The language used to parse condition from field condition. Available languages:

  • JMESPATH an extended JMESPath language syntax.
actionName String

(Updatable) Override action to take if capability was triggered, defined in Protection Rule for this capability. Only actions of type CHECK are allowed.

name String

(Updatable) Rule name. Must be unique within the module.

type String

(Updatable) Type of WebAppFirewallPolicyRule.

condition String

(Updatable) An expression that determines whether or not the rule action should be executed.

conditionLanguage String

(Updatable) The language used to parse condition from field condition. Available languages:

  • JMESPATH an extended JMESPath language syntax.

AppFirewallPolicyResponseProtection

Rules List<AppFirewallPolicyResponseProtectionRule>

(Updatable) Ordered list of ProtectionRules. Rules are executed in order of appearance in this array. ProtectionRules in this array can only use protection capabilities of RESPONSE_PROTECTION_CAPABILITY type.

Rules []AppFirewallPolicyResponseProtectionRule

(Updatable) Ordered list of ProtectionRules. Rules are executed in order of appearance in this array. ProtectionRules in this array can only use protection capabilities of RESPONSE_PROTECTION_CAPABILITY type.

rules List<AppFirewallPolicyResponseProtectionRule>

(Updatable) Ordered list of ProtectionRules. Rules are executed in order of appearance in this array. ProtectionRules in this array can only use protection capabilities of RESPONSE_PROTECTION_CAPABILITY type.

rules AppFirewallPolicyResponseProtectionRule[]

(Updatable) Ordered list of ProtectionRules. Rules are executed in order of appearance in this array. ProtectionRules in this array can only use protection capabilities of RESPONSE_PROTECTION_CAPABILITY type.

rules AppFirewallPolicyResponseProtectionRule]

(Updatable) Ordered list of ProtectionRules. Rules are executed in order of appearance in this array. ProtectionRules in this array can only use protection capabilities of RESPONSE_PROTECTION_CAPABILITY type.

rules List<Property Map>

(Updatable) Ordered list of ProtectionRules. Rules are executed in order of appearance in this array. ProtectionRules in this array can only use protection capabilities of RESPONSE_PROTECTION_CAPABILITY type.

AppFirewallPolicyResponseProtectionRule

ActionName string

(Updatable) Override action to take if capability was triggered, defined in Protection Rule for this capability. Only actions of type CHECK are allowed.

Name string

(Updatable) Rule name. Must be unique within the module.

ProtectionCapabilities List<AppFirewallPolicyResponseProtectionRuleProtectionCapability>

(Updatable) An ordered list that references OCI-managed protection capabilities. Referenced protection capabilities are not necessarily executed in order of appearance. Their execution order is decided at runtime for improved performance. The array cannot contain entries with the same pair of capability key and version more than once.

Type string

(Updatable) Type of WebAppFirewallPolicyRule.

Condition string

(Updatable) An expression that determines whether or not the rule action should be executed.

ConditionLanguage string

(Updatable) The language used to parse condition from field condition. Available languages:

  • JMESPATH an extended JMESPath language syntax.
IsBodyInspectionEnabled bool

(Updatable) Enables/disables body inspection for this protection rule. Only Protection Rules in RequestProtection can have this option enabled. Response body inspection will be available at a later date.

ProtectionCapabilitySettings AppFirewallPolicyResponseProtectionRuleProtectionCapabilitySettings

(Updatable) Settings for protection capabilities

ActionName string

(Updatable) Override action to take if capability was triggered, defined in Protection Rule for this capability. Only actions of type CHECK are allowed.

Name string

(Updatable) Rule name. Must be unique within the module.

ProtectionCapabilities []AppFirewallPolicyResponseProtectionRuleProtectionCapability

(Updatable) An ordered list that references OCI-managed protection capabilities. Referenced protection capabilities are not necessarily executed in order of appearance. Their execution order is decided at runtime for improved performance. The array cannot contain entries with the same pair of capability key and version more than once.

Type string

(Updatable) Type of WebAppFirewallPolicyRule.

Condition string

(Updatable) An expression that determines whether or not the rule action should be executed.

ConditionLanguage string

(Updatable) The language used to parse condition from field condition. Available languages:

  • JMESPATH an extended JMESPath language syntax.
IsBodyInspectionEnabled bool

(Updatable) Enables/disables body inspection for this protection rule. Only Protection Rules in RequestProtection can have this option enabled. Response body inspection will be available at a later date.

ProtectionCapabilitySettings AppFirewallPolicyResponseProtectionRuleProtectionCapabilitySettings

(Updatable) Settings for protection capabilities

actionName String

(Updatable) Override action to take if capability was triggered, defined in Protection Rule for this capability. Only actions of type CHECK are allowed.

name String

(Updatable) Rule name. Must be unique within the module.

protectionCapabilities List<AppFirewallPolicyResponseProtectionRuleProtectionCapability>

(Updatable) An ordered list that references OCI-managed protection capabilities. Referenced protection capabilities are not necessarily executed in order of appearance. Their execution order is decided at runtime for improved performance. The array cannot contain entries with the same pair of capability key and version more than once.

type String

(Updatable) Type of WebAppFirewallPolicyRule.

condition String

(Updatable) An expression that determines whether or not the rule action should be executed.

conditionLanguage String

(Updatable) The language used to parse condition from field condition. Available languages:

  • JMESPATH an extended JMESPath language syntax.
isBodyInspectionEnabled Boolean

(Updatable) Enables/disables body inspection for this protection rule. Only Protection Rules in RequestProtection can have this option enabled. Response body inspection will be available at a later date.

protectionCapabilitySettings AppFirewallPolicyResponseProtectionRuleProtectionCapabilitySettings

(Updatable) Settings for protection capabilities

actionName string

(Updatable) Override action to take if capability was triggered, defined in Protection Rule for this capability. Only actions of type CHECK are allowed.

name string

(Updatable) Rule name. Must be unique within the module.

protectionCapabilities AppFirewallPolicyResponseProtectionRuleProtectionCapability[]

(Updatable) An ordered list that references OCI-managed protection capabilities. Referenced protection capabilities are not necessarily executed in order of appearance. Their execution order is decided at runtime for improved performance. The array cannot contain entries with the same pair of capability key and version more than once.

type string

(Updatable) Type of WebAppFirewallPolicyRule.

condition string

(Updatable) An expression that determines whether or not the rule action should be executed.

conditionLanguage string

(Updatable) The language used to parse condition from field condition. Available languages:

  • JMESPATH an extended JMESPath language syntax.
isBodyInspectionEnabled boolean

(Updatable) Enables/disables body inspection for this protection rule. Only Protection Rules in RequestProtection can have this option enabled. Response body inspection will be available at a later date.

protectionCapabilitySettings AppFirewallPolicyResponseProtectionRuleProtectionCapabilitySettings

(Updatable) Settings for protection capabilities

action_name str

(Updatable) Override action to take if capability was triggered, defined in Protection Rule for this capability. Only actions of type CHECK are allowed.

name str

(Updatable) Rule name. Must be unique within the module.

protection_capabilities AppFirewallPolicyResponseProtectionRuleProtectionCapability]

(Updatable) An ordered list that references OCI-managed protection capabilities. Referenced protection capabilities are not necessarily executed in order of appearance. Their execution order is decided at runtime for improved performance. The array cannot contain entries with the same pair of capability key and version more than once.

type str

(Updatable) Type of WebAppFirewallPolicyRule.

condition str

(Updatable) An expression that determines whether or not the rule action should be executed.

condition_language str

(Updatable) The language used to parse condition from field condition. Available languages:

  • JMESPATH an extended JMESPath language syntax.
is_body_inspection_enabled bool

(Updatable) Enables/disables body inspection for this protection rule. Only Protection Rules in RequestProtection can have this option enabled. Response body inspection will be available at a later date.

protection_capability_settings AppFirewallPolicyResponseProtectionRuleProtectionCapabilitySettings

(Updatable) Settings for protection capabilities

actionName String

(Updatable) Override action to take if capability was triggered, defined in Protection Rule for this capability. Only actions of type CHECK are allowed.

name String

(Updatable) Rule name. Must be unique within the module.

protectionCapabilities List<Property Map>

(Updatable) An ordered list that references OCI-managed protection capabilities. Referenced protection capabilities are not necessarily executed in order of appearance. Their execution order is decided at runtime for improved performance. The array cannot contain entries with the same pair of capability key and version more than once.

type String

(Updatable) Type of WebAppFirewallPolicyRule.

condition String

(Updatable) An expression that determines whether or not the rule action should be executed.

conditionLanguage String

(Updatable) The language used to parse condition from field condition. Available languages:

  • JMESPATH an extended JMESPath language syntax.
isBodyInspectionEnabled Boolean

(Updatable) Enables/disables body inspection for this protection rule. Only Protection Rules in RequestProtection can have this option enabled. Response body inspection will be available at a later date.

protectionCapabilitySettings Property Map

(Updatable) Settings for protection capabilities

AppFirewallPolicyResponseProtectionRuleProtectionCapability

Key string

(Updatable) Unique key of referenced protection capability.

Version int

(Updatable) Version of referenced protection capability.

ActionName string

(Updatable) Override action to take if capability was triggered, defined in Protection Rule for this capability. Only actions of type CHECK are allowed.

CollaborativeActionThreshold int

(Updatable) The minimum sum of weights of associated collaborative protection capabilities that have triggered which must be reached in order for this capability to trigger. This field is ignored for non-collaborative capabilities.

CollaborativeWeights List<AppFirewallPolicyResponseProtectionRuleProtectionCapabilityCollaborativeWeight>

(Updatable) Explicit weight values to use for associated collaborative protection capabilities.

Exclusions AppFirewallPolicyResponseProtectionRuleProtectionCapabilityExclusions

(Updatable) Identifies specific HTTP message parameters to exclude from inspection by a protection capability.

Key string

(Updatable) Unique key of referenced protection capability.

Version int

(Updatable) Version of referenced protection capability.

ActionName string

(Updatable) Override action to take if capability was triggered, defined in Protection Rule for this capability. Only actions of type CHECK are allowed.

CollaborativeActionThreshold int

(Updatable) The minimum sum of weights of associated collaborative protection capabilities that have triggered which must be reached in order for this capability to trigger. This field is ignored for non-collaborative capabilities.

CollaborativeWeights []AppFirewallPolicyResponseProtectionRuleProtectionCapabilityCollaborativeWeight

(Updatable) Explicit weight values to use for associated collaborative protection capabilities.

Exclusions AppFirewallPolicyResponseProtectionRuleProtectionCapabilityExclusions

(Updatable) Identifies specific HTTP message parameters to exclude from inspection by a protection capability.

key String

(Updatable) Unique key of referenced protection capability.

version Integer

(Updatable) Version of referenced protection capability.

actionName String

(Updatable) Override action to take if capability was triggered, defined in Protection Rule for this capability. Only actions of type CHECK are allowed.

collaborativeActionThreshold Integer

(Updatable) The minimum sum of weights of associated collaborative protection capabilities that have triggered which must be reached in order for this capability to trigger. This field is ignored for non-collaborative capabilities.

collaborativeWeights List<AppFirewallPolicyResponseProtectionRuleProtectionCapabilityCollaborativeWeight>

(Updatable) Explicit weight values to use for associated collaborative protection capabilities.

exclusions AppFirewallPolicyResponseProtectionRuleProtectionCapabilityExclusions

(Updatable) Identifies specific HTTP message parameters to exclude from inspection by a protection capability.

key string

(Updatable) Unique key of referenced protection capability.

version number

(Updatable) Version of referenced protection capability.

actionName string

(Updatable) Override action to take if capability was triggered, defined in Protection Rule for this capability. Only actions of type CHECK are allowed.

collaborativeActionThreshold number

(Updatable) The minimum sum of weights of associated collaborative protection capabilities that have triggered which must be reached in order for this capability to trigger. This field is ignored for non-collaborative capabilities.

collaborativeWeights AppFirewallPolicyResponseProtectionRuleProtectionCapabilityCollaborativeWeight[]

(Updatable) Explicit weight values to use for associated collaborative protection capabilities.

exclusions AppFirewallPolicyResponseProtectionRuleProtectionCapabilityExclusions

(Updatable) Identifies specific HTTP message parameters to exclude from inspection by a protection capability.

key str

(Updatable) Unique key of referenced protection capability.

version int

(Updatable) Version of referenced protection capability.

action_name str

(Updatable) Override action to take if capability was triggered, defined in Protection Rule for this capability. Only actions of type CHECK are allowed.

collaborative_action_threshold int

(Updatable) The minimum sum of weights of associated collaborative protection capabilities that have triggered which must be reached in order for this capability to trigger. This field is ignored for non-collaborative capabilities.

collaborative_weights AppFirewallPolicyResponseProtectionRuleProtectionCapabilityCollaborativeWeight]

(Updatable) Explicit weight values to use for associated collaborative protection capabilities.

exclusions AppFirewallPolicyResponseProtectionRuleProtectionCapabilityExclusions

(Updatable) Identifies specific HTTP message parameters to exclude from inspection by a protection capability.

key String

(Updatable) Unique key of referenced protection capability.

version Number

(Updatable) Version of referenced protection capability.

actionName String

(Updatable) Override action to take if capability was triggered, defined in Protection Rule for this capability. Only actions of type CHECK are allowed.

collaborativeActionThreshold Number

(Updatable) The minimum sum of weights of associated collaborative protection capabilities that have triggered which must be reached in order for this capability to trigger. This field is ignored for non-collaborative capabilities.

collaborativeWeights List<Property Map>

(Updatable) Explicit weight values to use for associated collaborative protection capabilities.

exclusions Property Map

(Updatable) Identifies specific HTTP message parameters to exclude from inspection by a protection capability.

AppFirewallPolicyResponseProtectionRuleProtectionCapabilityCollaborativeWeight

Key string

(Updatable) Unique key of referenced protection capability.

Weight int

(Updatable) The value of weight to set.

Key string

(Updatable) Unique key of referenced protection capability.

Weight int

(Updatable) The value of weight to set.

key String

(Updatable) Unique key of referenced protection capability.

weight Integer

(Updatable) The value of weight to set.

key string

(Updatable) Unique key of referenced protection capability.

weight number

(Updatable) The value of weight to set.

key str

(Updatable) Unique key of referenced protection capability.

weight int

(Updatable) The value of weight to set.

key String

(Updatable) Unique key of referenced protection capability.

weight Number

(Updatable) The value of weight to set.

AppFirewallPolicyResponseProtectionRuleProtectionCapabilityExclusions

Args List<string>

(Updatable) List of URL query parameter values from form-urlencoded XML, JSON, AMP, or POST payloads to exclude from inspecting. Example: If we have query parameter 'argumentName=argumentValue' and args=['argumentName'], both 'argumentName' and 'argumentValue' will not be inspected.

RequestCookies List<string>

(Updatable) List of HTTP request cookie values (by cookie name) to exclude from inspecting. Example: If we have cookie 'cookieName=cookieValue' and requestCookies=['cookieName'], both 'cookieName' and 'cookieValue' will not be inspected.

Args []string

(Updatable) List of URL query parameter values from form-urlencoded XML, JSON, AMP, or POST payloads to exclude from inspecting. Example: If we have query parameter 'argumentName=argumentValue' and args=['argumentName'], both 'argumentName' and 'argumentValue' will not be inspected.

RequestCookies []string

(Updatable) List of HTTP request cookie values (by cookie name) to exclude from inspecting. Example: If we have cookie 'cookieName=cookieValue' and requestCookies=['cookieName'], both 'cookieName' and 'cookieValue' will not be inspected.

args List<String>

(Updatable) List of URL query parameter values from form-urlencoded XML, JSON, AMP, or POST payloads to exclude from inspecting. Example: If we have query parameter 'argumentName=argumentValue' and args=['argumentName'], both 'argumentName' and 'argumentValue' will not be inspected.

requestCookies List<String>

(Updatable) List of HTTP request cookie values (by cookie name) to exclude from inspecting. Example: If we have cookie 'cookieName=cookieValue' and requestCookies=['cookieName'], both 'cookieName' and 'cookieValue' will not be inspected.

args string[]

(Updatable) List of URL query parameter values from form-urlencoded XML, JSON, AMP, or POST payloads to exclude from inspecting. Example: If we have query parameter 'argumentName=argumentValue' and args=['argumentName'], both 'argumentName' and 'argumentValue' will not be inspected.

requestCookies string[]

(Updatable) List of HTTP request cookie values (by cookie name) to exclude from inspecting. Example: If we have cookie 'cookieName=cookieValue' and requestCookies=['cookieName'], both 'cookieName' and 'cookieValue' will not be inspected.

args Sequence[str]

(Updatable) List of URL query parameter values from form-urlencoded XML, JSON, AMP, or POST payloads to exclude from inspecting. Example: If we have query parameter 'argumentName=argumentValue' and args=['argumentName'], both 'argumentName' and 'argumentValue' will not be inspected.

request_cookies Sequence[str]

(Updatable) List of HTTP request cookie values (by cookie name) to exclude from inspecting. Example: If we have cookie 'cookieName=cookieValue' and requestCookies=['cookieName'], both 'cookieName' and 'cookieValue' will not be inspected.

args List<String>

(Updatable) List of URL query parameter values from form-urlencoded XML, JSON, AMP, or POST payloads to exclude from inspecting. Example: If we have query parameter 'argumentName=argumentValue' and args=['argumentName'], both 'argumentName' and 'argumentValue' will not be inspected.

requestCookies List<String>

(Updatable) List of HTTP request cookie values (by cookie name) to exclude from inspecting. Example: If we have cookie 'cookieName=cookieValue' and requestCookies=['cookieName'], both 'cookieName' and 'cookieValue' will not be inspected.

AppFirewallPolicyResponseProtectionRuleProtectionCapabilitySettings

AllowedHttpMethods List<string>

(Updatable) List of allowed HTTP methods. Each value as a RFC7230 formated token string. Used in protection capability 911100: Restrict HTTP Request Methods.

MaxHttpRequestHeaderLength int

(Updatable) Maximum allowed length of headers in an HTTP request. Used in protection capability: 9200024: Limit length of request header size.

MaxHttpRequestHeaders int

(Updatable) Maximum number of headers allowed in an HTTP request. Used in protection capability 9200014: Limit Number of Request Headers.

MaxNumberOfArguments int

(Updatable) Maximum number of arguments allowed. Used in protection capability 920380: Number of Arguments Limits.

MaxSingleArgumentLength int

(Updatable) Maximum allowed length of a single argument. Used in protection capability 920370: Limit argument value length.

MaxTotalArgumentLength int

(Updatable) Maximum allowed total length of all arguments. Used in protection capability 920390: Limit arguments total length.

AllowedHttpMethods []string

(Updatable) List of allowed HTTP methods. Each value as a RFC7230 formated token string. Used in protection capability 911100: Restrict HTTP Request Methods.

MaxHttpRequestHeaderLength int

(Updatable) Maximum allowed length of headers in an HTTP request. Used in protection capability: 9200024: Limit length of request header size.

MaxHttpRequestHeaders int

(Updatable) Maximum number of headers allowed in an HTTP request. Used in protection capability 9200014: Limit Number of Request Headers.

MaxNumberOfArguments int

(Updatable) Maximum number of arguments allowed. Used in protection capability 920380: Number of Arguments Limits.

MaxSingleArgumentLength int

(Updatable) Maximum allowed length of a single argument. Used in protection capability 920370: Limit argument value length.

MaxTotalArgumentLength int

(Updatable) Maximum allowed total length of all arguments. Used in protection capability 920390: Limit arguments total length.

allowedHttpMethods List<String>

(Updatable) List of allowed HTTP methods. Each value as a RFC7230 formated token string. Used in protection capability 911100: Restrict HTTP Request Methods.

maxHttpRequestHeaderLength Integer

(Updatable) Maximum allowed length of headers in an HTTP request. Used in protection capability: 9200024: Limit length of request header size.

maxHttpRequestHeaders Integer

(Updatable) Maximum number of headers allowed in an HTTP request. Used in protection capability 9200014: Limit Number of Request Headers.

maxNumberOfArguments Integer

(Updatable) Maximum number of arguments allowed. Used in protection capability 920380: Number of Arguments Limits.

maxSingleArgumentLength Integer

(Updatable) Maximum allowed length of a single argument. Used in protection capability 920370: Limit argument value length.

maxTotalArgumentLength Integer

(Updatable) Maximum allowed total length of all arguments. Used in protection capability 920390: Limit arguments total length.

allowedHttpMethods string[]

(Updatable) List of allowed HTTP methods. Each value as a RFC7230 formated token string. Used in protection capability 911100: Restrict HTTP Request Methods.

maxHttpRequestHeaderLength number

(Updatable) Maximum allowed length of headers in an HTTP request. Used in protection capability: 9200024: Limit length of request header size.

maxHttpRequestHeaders number

(Updatable) Maximum number of headers allowed in an HTTP request. Used in protection capability 9200014: Limit Number of Request Headers.

maxNumberOfArguments number

(Updatable) Maximum number of arguments allowed. Used in protection capability 920380: Number of Arguments Limits.

maxSingleArgumentLength number

(Updatable) Maximum allowed length of a single argument. Used in protection capability 920370: Limit argument value length.

maxTotalArgumentLength number

(Updatable) Maximum allowed total length of all arguments. Used in protection capability 920390: Limit arguments total length.

allowed_http_methods Sequence[str]

(Updatable) List of allowed HTTP methods. Each value as a RFC7230 formated token string. Used in protection capability 911100: Restrict HTTP Request Methods.

max_http_request_header_length int

(Updatable) Maximum allowed length of headers in an HTTP request. Used in protection capability: 9200024: Limit length of request header size.

max_http_request_headers int

(Updatable) Maximum number of headers allowed in an HTTP request. Used in protection capability 9200014: Limit Number of Request Headers.

max_number_of_arguments int

(Updatable) Maximum number of arguments allowed. Used in protection capability 920380: Number of Arguments Limits.

max_single_argument_length int

(Updatable) Maximum allowed length of a single argument. Used in protection capability 920370: Limit argument value length.

max_total_argument_length int

(Updatable) Maximum allowed total length of all arguments. Used in protection capability 920390: Limit arguments total length.

allowedHttpMethods List<String>

(Updatable) List of allowed HTTP methods. Each value as a RFC7230 formated token string. Used in protection capability 911100: Restrict HTTP Request Methods.

maxHttpRequestHeaderLength Number

(Updatable) Maximum allowed length of headers in an HTTP request. Used in protection capability: 9200024: Limit length of request header size.

maxHttpRequestHeaders Number

(Updatable) Maximum number of headers allowed in an HTTP request. Used in protection capability 9200014: Limit Number of Request Headers.

maxNumberOfArguments Number

(Updatable) Maximum number of arguments allowed. Used in protection capability 920380: Number of Arguments Limits.

maxSingleArgumentLength Number

(Updatable) Maximum allowed length of a single argument. Used in protection capability 920370: Limit argument value length.

maxTotalArgumentLength Number

(Updatable) Maximum allowed total length of all arguments. Used in protection capability 920390: Limit arguments total length.

Import

WebAppFirewallPolicies can be imported using the id, e.g.

 $ pulumi import oci:Waf/appFirewallPolicy:AppFirewallPolicy test_web_app_firewall_policy "id"

Package Details

Repository
https://github.com/pulumi/pulumi-oci
License
Apache-2.0
Notes

This Pulumi package is based on the oci Terraform Provider.