1. Packages
  2. Oracle Cloud Infrastructure
  3. API Docs
  4. Waf
  5. getWebAppFirewallPolicies
Oracle Cloud Infrastructure v1.16.1 published on Wednesday, Nov 22, 2023 by Pulumi

oci.Waf.getWebAppFirewallPolicies

Explore with Pulumi AI

oci logo
Oracle Cloud Infrastructure v1.16.1 published on Wednesday, Nov 22, 2023 by Pulumi

    This data source provides the list of Web App Firewall Policies in Oracle Cloud Infrastructure Waf service.

    Gets a list of all WebAppFirewallPolicies in a compartment.

    Example Usage

    using System.Collections.Generic;
    using System.Linq;
    using Pulumi;
    using Oci = Pulumi.Oci;
    
    return await Deployment.RunAsync(() => 
    {
        var testWebAppFirewallPolicies = Oci.Waf.GetWebAppFirewallPolicies.Invoke(new()
        {
            CompartmentId = @var.Compartment_id,
            DisplayName = @var.Web_app_firewall_policy_display_name,
            Id = @var.Web_app_firewall_policy_id,
            States = @var.Web_app_firewall_policy_state,
        });
    
    });
    
    package main
    
    import (
    	"github.com/pulumi/pulumi-oci/sdk/go/oci/Waf"
    	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
    )
    
    func main() {
    	pulumi.Run(func(ctx *pulumi.Context) error {
    		_, err := Waf.GetWebAppFirewallPolicies(ctx, &waf.GetWebAppFirewallPoliciesArgs{
    			CompartmentId: _var.Compartment_id,
    			DisplayName:   pulumi.StringRef(_var.Web_app_firewall_policy_display_name),
    			Id:            pulumi.StringRef(_var.Web_app_firewall_policy_id),
    			States:        _var.Web_app_firewall_policy_state,
    		}, nil)
    		if err != nil {
    			return err
    		}
    		return nil
    	})
    }
    
    package generated_program;
    
    import com.pulumi.Context;
    import com.pulumi.Pulumi;
    import com.pulumi.core.Output;
    import com.pulumi.oci.Waf.WafFunctions;
    import com.pulumi.oci.Waf.inputs.GetWebAppFirewallPoliciesArgs;
    import java.util.List;
    import java.util.ArrayList;
    import java.util.Map;
    import java.io.File;
    import java.nio.file.Files;
    import java.nio.file.Paths;
    
    public class App {
        public static void main(String[] args) {
            Pulumi.run(App::stack);
        }
    
        public static void stack(Context ctx) {
            final var testWebAppFirewallPolicies = WafFunctions.getWebAppFirewallPolicies(GetWebAppFirewallPoliciesArgs.builder()
                .compartmentId(var_.compartment_id())
                .displayName(var_.web_app_firewall_policy_display_name())
                .id(var_.web_app_firewall_policy_id())
                .states(var_.web_app_firewall_policy_state())
                .build());
    
        }
    }
    
    import pulumi
    import pulumi_oci as oci
    
    test_web_app_firewall_policies = oci.Waf.get_web_app_firewall_policies(compartment_id=var["compartment_id"],
        display_name=var["web_app_firewall_policy_display_name"],
        id=var["web_app_firewall_policy_id"],
        states=var["web_app_firewall_policy_state"])
    
    import * as pulumi from "@pulumi/pulumi";
    import * as oci from "@pulumi/oci";
    
    const testWebAppFirewallPolicies = oci.Waf.getWebAppFirewallPolicies({
        compartmentId: _var.compartment_id,
        displayName: _var.web_app_firewall_policy_display_name,
        id: _var.web_app_firewall_policy_id,
        states: _var.web_app_firewall_policy_state,
    });
    
    variables:
      testWebAppFirewallPolicies:
        fn::invoke:
          Function: oci:Waf:getWebAppFirewallPolicies
          Arguments:
            compartmentId: ${var.compartment_id}
            displayName: ${var.web_app_firewall_policy_display_name}
            id: ${var.web_app_firewall_policy_id}
            states: ${var.web_app_firewall_policy_state}
    

    Using getWebAppFirewallPolicies

    Two invocation forms are available. The direct form accepts plain arguments and either blocks until the result value is available, or returns a Promise-wrapped result. The output form accepts Input-wrapped arguments and returns an Output-wrapped result.

    function getWebAppFirewallPolicies(args: GetWebAppFirewallPoliciesArgs, opts?: InvokeOptions): Promise<GetWebAppFirewallPoliciesResult>
    function getWebAppFirewallPoliciesOutput(args: GetWebAppFirewallPoliciesOutputArgs, opts?: InvokeOptions): Output<GetWebAppFirewallPoliciesResult>
    def get_web_app_firewall_policies(compartment_id: Optional[str] = None,
                                      display_name: Optional[str] = None,
                                      filters: Optional[Sequence[_waf.GetWebAppFirewallPoliciesFilter]] = None,
                                      id: Optional[str] = None,
                                      states: Optional[Sequence[str]] = None,
                                      opts: Optional[InvokeOptions] = None) -> GetWebAppFirewallPoliciesResult
    def get_web_app_firewall_policies_output(compartment_id: Optional[pulumi.Input[str]] = None,
                                      display_name: Optional[pulumi.Input[str]] = None,
                                      filters: Optional[pulumi.Input[Sequence[pulumi.Input[_waf.GetWebAppFirewallPoliciesFilterArgs]]]] = None,
                                      id: Optional[pulumi.Input[str]] = None,
                                      states: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
                                      opts: Optional[InvokeOptions] = None) -> Output[GetWebAppFirewallPoliciesResult]
    func GetWebAppFirewallPolicies(ctx *Context, args *GetWebAppFirewallPoliciesArgs, opts ...InvokeOption) (*GetWebAppFirewallPoliciesResult, error)
    func GetWebAppFirewallPoliciesOutput(ctx *Context, args *GetWebAppFirewallPoliciesOutputArgs, opts ...InvokeOption) GetWebAppFirewallPoliciesResultOutput

    > Note: This function is named GetWebAppFirewallPolicies in the Go SDK.

    public static class GetWebAppFirewallPolicies 
    {
        public static Task<GetWebAppFirewallPoliciesResult> InvokeAsync(GetWebAppFirewallPoliciesArgs args, InvokeOptions? opts = null)
        public static Output<GetWebAppFirewallPoliciesResult> Invoke(GetWebAppFirewallPoliciesInvokeArgs args, InvokeOptions? opts = null)
    }
    public static CompletableFuture<GetWebAppFirewallPoliciesResult> getWebAppFirewallPolicies(GetWebAppFirewallPoliciesArgs args, InvokeOptions options)
    // Output-based functions aren't available in Java yet
    
    fn::invoke:
      function: oci:Waf/getWebAppFirewallPolicies:getWebAppFirewallPolicies
      arguments:
        # arguments dictionary

    The following arguments are supported:

    CompartmentId string

    The OCID of the compartment in which to list resources.

    DisplayName string

    A filter to return only resources that match the entire display name given.

    Filters List<GetWebAppFirewallPoliciesFilter>
    Id string

    A filter to return only the WebAppFirewallPolicy with the given OCID.

    States List<string>

    A filter to return only resources that match the given lifecycleState.

    CompartmentId string

    The OCID of the compartment in which to list resources.

    DisplayName string

    A filter to return only resources that match the entire display name given.

    Filters []GetWebAppFirewallPoliciesFilter
    Id string

    A filter to return only the WebAppFirewallPolicy with the given OCID.

    States []string

    A filter to return only resources that match the given lifecycleState.

    compartmentId String

    The OCID of the compartment in which to list resources.

    displayName String

    A filter to return only resources that match the entire display name given.

    filters List<GetWebAppFirewallPoliciesFilter>
    id String

    A filter to return only the WebAppFirewallPolicy with the given OCID.

    states List<String>

    A filter to return only resources that match the given lifecycleState.

    compartmentId string

    The OCID of the compartment in which to list resources.

    displayName string

    A filter to return only resources that match the entire display name given.

    filters GetWebAppFirewallPoliciesFilter[]
    id string

    A filter to return only the WebAppFirewallPolicy with the given OCID.

    states string[]

    A filter to return only resources that match the given lifecycleState.

    compartment_id str

    The OCID of the compartment in which to list resources.

    display_name str

    A filter to return only resources that match the entire display name given.

    filters GetWebAppFirewallPoliciesFilter]
    id str

    A filter to return only the WebAppFirewallPolicy with the given OCID.

    states Sequence[str]

    A filter to return only resources that match the given lifecycleState.

    compartmentId String

    The OCID of the compartment in which to list resources.

    displayName String

    A filter to return only resources that match the entire display name given.

    filters List<Property Map>
    id String

    A filter to return only the WebAppFirewallPolicy with the given OCID.

    states List<String>

    A filter to return only resources that match the given lifecycleState.

    getWebAppFirewallPolicies Result

    The following output properties are available:

    CompartmentId string

    The OCID of the compartment.

    WebAppFirewallPolicyCollections List<GetWebAppFirewallPoliciesWebAppFirewallPolicyCollection>

    The list of web_app_firewall_policy_collection.

    DisplayName string

    WebAppFirewallPolicy display name, can be renamed.

    Filters List<GetWebAppFirewallPoliciesFilter>
    Id string

    The OCID of the WebAppFirewallPolicy.

    States List<string>

    The current state of the WebAppFirewallPolicy.

    CompartmentId string

    The OCID of the compartment.

    WebAppFirewallPolicyCollections []GetWebAppFirewallPoliciesWebAppFirewallPolicyCollection

    The list of web_app_firewall_policy_collection.

    DisplayName string

    WebAppFirewallPolicy display name, can be renamed.

    Filters []GetWebAppFirewallPoliciesFilter
    Id string

    The OCID of the WebAppFirewallPolicy.

    States []string

    The current state of the WebAppFirewallPolicy.

    compartmentId String

    The OCID of the compartment.

    webAppFirewallPolicyCollections List<GetWebAppFirewallPoliciesWebAppFirewallPolicyCollection>

    The list of web_app_firewall_policy_collection.

    displayName String

    WebAppFirewallPolicy display name, can be renamed.

    filters List<GetWebAppFirewallPoliciesFilter>
    id String

    The OCID of the WebAppFirewallPolicy.

    states List<String>

    The current state of the WebAppFirewallPolicy.

    compartmentId string

    The OCID of the compartment.

    webAppFirewallPolicyCollections GetWebAppFirewallPoliciesWebAppFirewallPolicyCollection[]

    The list of web_app_firewall_policy_collection.

    displayName string

    WebAppFirewallPolicy display name, can be renamed.

    filters GetWebAppFirewallPoliciesFilter[]
    id string

    The OCID of the WebAppFirewallPolicy.

    states string[]

    The current state of the WebAppFirewallPolicy.

    compartment_id str

    The OCID of the compartment.

    web_app_firewall_policy_collections GetWebAppFirewallPoliciesWebAppFirewallPolicyCollection]

    The list of web_app_firewall_policy_collection.

    display_name str

    WebAppFirewallPolicy display name, can be renamed.

    filters GetWebAppFirewallPoliciesFilter]
    id str

    The OCID of the WebAppFirewallPolicy.

    states Sequence[str]

    The current state of the WebAppFirewallPolicy.

    compartmentId String

    The OCID of the compartment.

    webAppFirewallPolicyCollections List<Property Map>

    The list of web_app_firewall_policy_collection.

    displayName String

    WebAppFirewallPolicy display name, can be renamed.

    filters List<Property Map>
    id String

    The OCID of the WebAppFirewallPolicy.

    states List<String>

    The current state of the WebAppFirewallPolicy.

    Supporting Types

    GetWebAppFirewallPoliciesFilter

    Name string

    Rule name. Must be unique within the module.

    Values List<string>
    Regex bool
    Name string

    Rule name. Must be unique within the module.

    Values []string
    Regex bool
    name String

    Rule name. Must be unique within the module.

    values List<String>
    regex Boolean
    name string

    Rule name. Must be unique within the module.

    values string[]
    regex boolean
    name str

    Rule name. Must be unique within the module.

    values Sequence[str]
    regex bool
    name String

    Rule name. Must be unique within the module.

    values List<String>
    regex Boolean

    GetWebAppFirewallPoliciesWebAppFirewallPolicyCollection

    GetWebAppFirewallPoliciesWebAppFirewallPolicyCollectionItem

    Actions List<GetWebAppFirewallPoliciesWebAppFirewallPolicyCollectionItemAction>

    Predefined actions for use in multiple different rules. Not all actions are supported in every module. Some actions terminate further execution of modules and rules in a module and some do not. Actions names must be unique within this array.

    CompartmentId string

    The OCID of the compartment in which to list resources.

    DefinedTags Dictionary<string, object>

    Defined tags for this resource. Each key is predefined and scoped to a namespace. Example: {"foo-namespace.bar-key": "value"}

    DisplayName string

    A filter to return only resources that match the entire display name given.

    FreeformTags Dictionary<string, object>

    Simple key-value pair that is applied without any predefined name, type or scope. Exists for cross-compatibility only. Example: {"bar-key": "value"}

    Id string

    A filter to return only the WebAppFirewallPolicy with the given OCID.

    LifecycleDetails string

    A message describing the current state in more detail. For example, can be used to provide actionable information for a resource in FAILED state.

    RequestAccessControls List<GetWebAppFirewallPoliciesWebAppFirewallPolicyCollectionItemRequestAccessControl>

    Module that allows inspection of HTTP request properties and to return a defined HTTP response. In this module, rules with the name 'Default Action' are not allowed, since this name is reserved for default action logs.

    RequestProtections List<GetWebAppFirewallPoliciesWebAppFirewallPolicyCollectionItemRequestProtection>

    Module that allows to enable OCI-managed protection capabilities for incoming HTTP requests.

    RequestRateLimitings List<GetWebAppFirewallPoliciesWebAppFirewallPolicyCollectionItemRequestRateLimiting>

    Module that allows inspection of HTTP connection properties and to limit requests frequency for a given key.

    ResponseAccessControls List<GetWebAppFirewallPoliciesWebAppFirewallPolicyCollectionItemResponseAccessControl>

    Module that allows inspection of HTTP response properties and to return a defined HTTP response.

    ResponseProtections List<GetWebAppFirewallPoliciesWebAppFirewallPolicyCollectionItemResponseProtection>

    Module that allows to enable OCI-managed protection capabilities for HTTP responses.

    State string

    A filter to return only resources that match the given lifecycleState.

    SystemTags Dictionary<string, object>

    Usage of system tag keys. These predefined keys are scoped to namespaces. Example: {"orcl-cloud.free-tier-retained": "true"}

    TimeCreated string

    The time the WebAppFirewallPolicy was created. An RFC3339 formatted datetime string.

    TimeUpdated string

    The time the WebAppFirewallPolicy was updated. An RFC3339 formatted datetime string.

    Actions []GetWebAppFirewallPoliciesWebAppFirewallPolicyCollectionItemAction

    Predefined actions for use in multiple different rules. Not all actions are supported in every module. Some actions terminate further execution of modules and rules in a module and some do not. Actions names must be unique within this array.

    CompartmentId string

    The OCID of the compartment in which to list resources.

    DefinedTags map[string]interface{}

    Defined tags for this resource. Each key is predefined and scoped to a namespace. Example: {"foo-namespace.bar-key": "value"}

    DisplayName string

    A filter to return only resources that match the entire display name given.

    FreeformTags map[string]interface{}

    Simple key-value pair that is applied without any predefined name, type or scope. Exists for cross-compatibility only. Example: {"bar-key": "value"}

    Id string

    A filter to return only the WebAppFirewallPolicy with the given OCID.

    LifecycleDetails string

    A message describing the current state in more detail. For example, can be used to provide actionable information for a resource in FAILED state.

    RequestAccessControls []GetWebAppFirewallPoliciesWebAppFirewallPolicyCollectionItemRequestAccessControl

    Module that allows inspection of HTTP request properties and to return a defined HTTP response. In this module, rules with the name 'Default Action' are not allowed, since this name is reserved for default action logs.

    RequestProtections []GetWebAppFirewallPoliciesWebAppFirewallPolicyCollectionItemRequestProtection

    Module that allows to enable OCI-managed protection capabilities for incoming HTTP requests.

    RequestRateLimitings []GetWebAppFirewallPoliciesWebAppFirewallPolicyCollectionItemRequestRateLimiting

    Module that allows inspection of HTTP connection properties and to limit requests frequency for a given key.

    ResponseAccessControls []GetWebAppFirewallPoliciesWebAppFirewallPolicyCollectionItemResponseAccessControl

    Module that allows inspection of HTTP response properties and to return a defined HTTP response.

    ResponseProtections []GetWebAppFirewallPoliciesWebAppFirewallPolicyCollectionItemResponseProtection

    Module that allows to enable OCI-managed protection capabilities for HTTP responses.

    State string

    A filter to return only resources that match the given lifecycleState.

    SystemTags map[string]interface{}

    Usage of system tag keys. These predefined keys are scoped to namespaces. Example: {"orcl-cloud.free-tier-retained": "true"}

    TimeCreated string

    The time the WebAppFirewallPolicy was created. An RFC3339 formatted datetime string.

    TimeUpdated string

    The time the WebAppFirewallPolicy was updated. An RFC3339 formatted datetime string.

    actions List<GetWebAppFirewallPoliciesWebAppFirewallPolicyCollectionItemAction>

    Predefined actions for use in multiple different rules. Not all actions are supported in every module. Some actions terminate further execution of modules and rules in a module and some do not. Actions names must be unique within this array.

    compartmentId String

    The OCID of the compartment in which to list resources.

    definedTags Map<String,Object>

    Defined tags for this resource. Each key is predefined and scoped to a namespace. Example: {"foo-namespace.bar-key": "value"}

    displayName String

    A filter to return only resources that match the entire display name given.

    freeformTags Map<String,Object>

    Simple key-value pair that is applied without any predefined name, type or scope. Exists for cross-compatibility only. Example: {"bar-key": "value"}

    id String

    A filter to return only the WebAppFirewallPolicy with the given OCID.

    lifecycleDetails String

    A message describing the current state in more detail. For example, can be used to provide actionable information for a resource in FAILED state.

    requestAccessControls List<GetWebAppFirewallPoliciesWebAppFirewallPolicyCollectionItemRequestAccessControl>

    Module that allows inspection of HTTP request properties and to return a defined HTTP response. In this module, rules with the name 'Default Action' are not allowed, since this name is reserved for default action logs.

    requestProtections List<GetWebAppFirewallPoliciesWebAppFirewallPolicyCollectionItemRequestProtection>

    Module that allows to enable OCI-managed protection capabilities for incoming HTTP requests.

    requestRateLimitings List<GetWebAppFirewallPoliciesWebAppFirewallPolicyCollectionItemRequestRateLimiting>

    Module that allows inspection of HTTP connection properties and to limit requests frequency for a given key.

    responseAccessControls List<GetWebAppFirewallPoliciesWebAppFirewallPolicyCollectionItemResponseAccessControl>

    Module that allows inspection of HTTP response properties and to return a defined HTTP response.

    responseProtections List<GetWebAppFirewallPoliciesWebAppFirewallPolicyCollectionItemResponseProtection>

    Module that allows to enable OCI-managed protection capabilities for HTTP responses.

    state String

    A filter to return only resources that match the given lifecycleState.

    systemTags Map<String,Object>

    Usage of system tag keys. These predefined keys are scoped to namespaces. Example: {"orcl-cloud.free-tier-retained": "true"}

    timeCreated String

    The time the WebAppFirewallPolicy was created. An RFC3339 formatted datetime string.

    timeUpdated String

    The time the WebAppFirewallPolicy was updated. An RFC3339 formatted datetime string.

    actions GetWebAppFirewallPoliciesWebAppFirewallPolicyCollectionItemAction[]

    Predefined actions for use in multiple different rules. Not all actions are supported in every module. Some actions terminate further execution of modules and rules in a module and some do not. Actions names must be unique within this array.

    compartmentId string

    The OCID of the compartment in which to list resources.

    definedTags {[key: string]: any}

    Defined tags for this resource. Each key is predefined and scoped to a namespace. Example: {"foo-namespace.bar-key": "value"}

    displayName string

    A filter to return only resources that match the entire display name given.

    freeformTags {[key: string]: any}

    Simple key-value pair that is applied without any predefined name, type or scope. Exists for cross-compatibility only. Example: {"bar-key": "value"}

    id string

    A filter to return only the WebAppFirewallPolicy with the given OCID.

    lifecycleDetails string

    A message describing the current state in more detail. For example, can be used to provide actionable information for a resource in FAILED state.

    requestAccessControls GetWebAppFirewallPoliciesWebAppFirewallPolicyCollectionItemRequestAccessControl[]

    Module that allows inspection of HTTP request properties and to return a defined HTTP response. In this module, rules with the name 'Default Action' are not allowed, since this name is reserved for default action logs.

    requestProtections GetWebAppFirewallPoliciesWebAppFirewallPolicyCollectionItemRequestProtection[]

    Module that allows to enable OCI-managed protection capabilities for incoming HTTP requests.

    requestRateLimitings GetWebAppFirewallPoliciesWebAppFirewallPolicyCollectionItemRequestRateLimiting[]

    Module that allows inspection of HTTP connection properties and to limit requests frequency for a given key.

    responseAccessControls GetWebAppFirewallPoliciesWebAppFirewallPolicyCollectionItemResponseAccessControl[]

    Module that allows inspection of HTTP response properties and to return a defined HTTP response.

    responseProtections GetWebAppFirewallPoliciesWebAppFirewallPolicyCollectionItemResponseProtection[]

    Module that allows to enable OCI-managed protection capabilities for HTTP responses.

    state string

    A filter to return only resources that match the given lifecycleState.

    systemTags {[key: string]: any}

    Usage of system tag keys. These predefined keys are scoped to namespaces. Example: {"orcl-cloud.free-tier-retained": "true"}

    timeCreated string

    The time the WebAppFirewallPolicy was created. An RFC3339 formatted datetime string.

    timeUpdated string

    The time the WebAppFirewallPolicy was updated. An RFC3339 formatted datetime string.

    actions GetWebAppFirewallPoliciesWebAppFirewallPolicyCollectionItemAction]

    Predefined actions for use in multiple different rules. Not all actions are supported in every module. Some actions terminate further execution of modules and rules in a module and some do not. Actions names must be unique within this array.

    compartment_id str

    The OCID of the compartment in which to list resources.

    defined_tags Mapping[str, Any]

    Defined tags for this resource. Each key is predefined and scoped to a namespace. Example: {"foo-namespace.bar-key": "value"}

    display_name str

    A filter to return only resources that match the entire display name given.

    freeform_tags Mapping[str, Any]

    Simple key-value pair that is applied without any predefined name, type or scope. Exists for cross-compatibility only. Example: {"bar-key": "value"}

    id str

    A filter to return only the WebAppFirewallPolicy with the given OCID.

    lifecycle_details str

    A message describing the current state in more detail. For example, can be used to provide actionable information for a resource in FAILED state.

    request_access_controls GetWebAppFirewallPoliciesWebAppFirewallPolicyCollectionItemRequestAccessControl]

    Module that allows inspection of HTTP request properties and to return a defined HTTP response. In this module, rules with the name 'Default Action' are not allowed, since this name is reserved for default action logs.

    request_protections GetWebAppFirewallPoliciesWebAppFirewallPolicyCollectionItemRequestProtection]

    Module that allows to enable OCI-managed protection capabilities for incoming HTTP requests.

    request_rate_limitings GetWebAppFirewallPoliciesWebAppFirewallPolicyCollectionItemRequestRateLimiting]

    Module that allows inspection of HTTP connection properties and to limit requests frequency for a given key.

    response_access_controls GetWebAppFirewallPoliciesWebAppFirewallPolicyCollectionItemResponseAccessControl]

    Module that allows inspection of HTTP response properties and to return a defined HTTP response.

    response_protections GetWebAppFirewallPoliciesWebAppFirewallPolicyCollectionItemResponseProtection]

    Module that allows to enable OCI-managed protection capabilities for HTTP responses.

    state str

    A filter to return only resources that match the given lifecycleState.

    system_tags Mapping[str, Any]

    Usage of system tag keys. These predefined keys are scoped to namespaces. Example: {"orcl-cloud.free-tier-retained": "true"}

    time_created str

    The time the WebAppFirewallPolicy was created. An RFC3339 formatted datetime string.

    time_updated str

    The time the WebAppFirewallPolicy was updated. An RFC3339 formatted datetime string.

    actions List<Property Map>

    Predefined actions for use in multiple different rules. Not all actions are supported in every module. Some actions terminate further execution of modules and rules in a module and some do not. Actions names must be unique within this array.

    compartmentId String

    The OCID of the compartment in which to list resources.

    definedTags Map<Any>

    Defined tags for this resource. Each key is predefined and scoped to a namespace. Example: {"foo-namespace.bar-key": "value"}

    displayName String

    A filter to return only resources that match the entire display name given.

    freeformTags Map<Any>

    Simple key-value pair that is applied without any predefined name, type or scope. Exists for cross-compatibility only. Example: {"bar-key": "value"}

    id String

    A filter to return only the WebAppFirewallPolicy with the given OCID.

    lifecycleDetails String

    A message describing the current state in more detail. For example, can be used to provide actionable information for a resource in FAILED state.

    requestAccessControls List<Property Map>

    Module that allows inspection of HTTP request properties and to return a defined HTTP response. In this module, rules with the name 'Default Action' are not allowed, since this name is reserved for default action logs.

    requestProtections List<Property Map>

    Module that allows to enable OCI-managed protection capabilities for incoming HTTP requests.

    requestRateLimitings List<Property Map>

    Module that allows inspection of HTTP connection properties and to limit requests frequency for a given key.

    responseAccessControls List<Property Map>

    Module that allows inspection of HTTP response properties and to return a defined HTTP response.

    responseProtections List<Property Map>

    Module that allows to enable OCI-managed protection capabilities for HTTP responses.

    state String

    A filter to return only resources that match the given lifecycleState.

    systemTags Map<Any>

    Usage of system tag keys. These predefined keys are scoped to namespaces. Example: {"orcl-cloud.free-tier-retained": "true"}

    timeCreated String

    The time the WebAppFirewallPolicy was created. An RFC3339 formatted datetime string.

    timeUpdated String

    The time the WebAppFirewallPolicy was updated. An RFC3339 formatted datetime string.

    GetWebAppFirewallPoliciesWebAppFirewallPolicyCollectionItemAction

    Bodies List<GetWebAppFirewallPoliciesWebAppFirewallPolicyCollectionItemActionBody>

    Type of returned HTTP response body.

    Code int

    Response code.

    Headers List<GetWebAppFirewallPoliciesWebAppFirewallPolicyCollectionItemActionHeader>

    Adds headers defined in this array for HTTP response.

    Name string

    Rule name. Must be unique within the module.

    Type string

    Type of WebAppFirewallPolicyRule.

    Bodies []GetWebAppFirewallPoliciesWebAppFirewallPolicyCollectionItemActionBody

    Type of returned HTTP response body.

    Code int

    Response code.

    Headers []GetWebAppFirewallPoliciesWebAppFirewallPolicyCollectionItemActionHeader

    Adds headers defined in this array for HTTP response.

    Name string

    Rule name. Must be unique within the module.

    Type string

    Type of WebAppFirewallPolicyRule.

    bodies List<GetWebAppFirewallPoliciesWebAppFirewallPolicyCollectionItemActionBody>

    Type of returned HTTP response body.

    code Integer

    Response code.

    headers List<GetWebAppFirewallPoliciesWebAppFirewallPolicyCollectionItemActionHeader>

    Adds headers defined in this array for HTTP response.

    name String

    Rule name. Must be unique within the module.

    type String

    Type of WebAppFirewallPolicyRule.

    bodies GetWebAppFirewallPoliciesWebAppFirewallPolicyCollectionItemActionBody[]

    Type of returned HTTP response body.

    code number

    Response code.

    headers GetWebAppFirewallPoliciesWebAppFirewallPolicyCollectionItemActionHeader[]

    Adds headers defined in this array for HTTP response.

    name string

    Rule name. Must be unique within the module.

    type string

    Type of WebAppFirewallPolicyRule.

    bodies GetWebAppFirewallPoliciesWebAppFirewallPolicyCollectionItemActionBody]

    Type of returned HTTP response body.

    code int

    Response code.

    headers GetWebAppFirewallPoliciesWebAppFirewallPolicyCollectionItemActionHeader]

    Adds headers defined in this array for HTTP response.

    name str

    Rule name. Must be unique within the module.

    type str

    Type of WebAppFirewallPolicyRule.

    bodies List<Property Map>

    Type of returned HTTP response body.

    code Number

    Response code.

    headers List<Property Map>

    Adds headers defined in this array for HTTP response.

    name String

    Rule name. Must be unique within the module.

    type String

    Type of WebAppFirewallPolicyRule.

    GetWebAppFirewallPoliciesWebAppFirewallPolicyCollectionItemActionBody

    Text string

    Static response body text.

    Type string

    Type of WebAppFirewallPolicyRule.

    Text string

    Static response body text.

    Type string

    Type of WebAppFirewallPolicyRule.

    text String

    Static response body text.

    type String

    Type of WebAppFirewallPolicyRule.

    text string

    Static response body text.

    type string

    Type of WebAppFirewallPolicyRule.

    text str

    Static response body text.

    type str

    Type of WebAppFirewallPolicyRule.

    text String

    Static response body text.

    type String

    Type of WebAppFirewallPolicyRule.

    GetWebAppFirewallPoliciesWebAppFirewallPolicyCollectionItemActionHeader

    Name string

    Rule name. Must be unique within the module.

    Value string

    The value of the header field.

    Name string

    Rule name. Must be unique within the module.

    Value string

    The value of the header field.

    name String

    Rule name. Must be unique within the module.

    value String

    The value of the header field.

    name string

    Rule name. Must be unique within the module.

    value string

    The value of the header field.

    name str

    Rule name. Must be unique within the module.

    value str

    The value of the header field.

    name String

    Rule name. Must be unique within the module.

    value String

    The value of the header field.

    GetWebAppFirewallPoliciesWebAppFirewallPolicyCollectionItemRequestAccessControl

    DefaultActionName string

    References an default Action to take if no AccessControlRule was matched. Allowed action types:

    • ALLOW continues execution of other modules and their rules.
    • RETURN_HTTP_RESPONSE terminates further execution of modules and rules and returns defined HTTP response.
    Rules List<GetWebAppFirewallPoliciesWebAppFirewallPolicyCollectionItemRequestAccessControlRule>

    Ordered list of ProtectionRules. Rules are executed in order of appearance in this array. ProtectionRules in this array can only use protection capabilities of RESPONSE_PROTECTION_CAPABILITY type.

    DefaultActionName string

    References an default Action to take if no AccessControlRule was matched. Allowed action types:

    • ALLOW continues execution of other modules and their rules.
    • RETURN_HTTP_RESPONSE terminates further execution of modules and rules and returns defined HTTP response.
    Rules []GetWebAppFirewallPoliciesWebAppFirewallPolicyCollectionItemRequestAccessControlRule

    Ordered list of ProtectionRules. Rules are executed in order of appearance in this array. ProtectionRules in this array can only use protection capabilities of RESPONSE_PROTECTION_CAPABILITY type.

    defaultActionName String

    References an default Action to take if no AccessControlRule was matched. Allowed action types:

    • ALLOW continues execution of other modules and their rules.
    • RETURN_HTTP_RESPONSE terminates further execution of modules and rules and returns defined HTTP response.
    rules List<GetWebAppFirewallPoliciesWebAppFirewallPolicyCollectionItemRequestAccessControlRule>

    Ordered list of ProtectionRules. Rules are executed in order of appearance in this array. ProtectionRules in this array can only use protection capabilities of RESPONSE_PROTECTION_CAPABILITY type.

    defaultActionName string

    References an default Action to take if no AccessControlRule was matched. Allowed action types:

    • ALLOW continues execution of other modules and their rules.
    • RETURN_HTTP_RESPONSE terminates further execution of modules and rules and returns defined HTTP response.
    rules GetWebAppFirewallPoliciesWebAppFirewallPolicyCollectionItemRequestAccessControlRule[]

    Ordered list of ProtectionRules. Rules are executed in order of appearance in this array. ProtectionRules in this array can only use protection capabilities of RESPONSE_PROTECTION_CAPABILITY type.

    default_action_name str

    References an default Action to take if no AccessControlRule was matched. Allowed action types:

    • ALLOW continues execution of other modules and their rules.
    • RETURN_HTTP_RESPONSE terminates further execution of modules and rules and returns defined HTTP response.
    rules GetWebAppFirewallPoliciesWebAppFirewallPolicyCollectionItemRequestAccessControlRule]

    Ordered list of ProtectionRules. Rules are executed in order of appearance in this array. ProtectionRules in this array can only use protection capabilities of RESPONSE_PROTECTION_CAPABILITY type.

    defaultActionName String

    References an default Action to take if no AccessControlRule was matched. Allowed action types:

    • ALLOW continues execution of other modules and their rules.
    • RETURN_HTTP_RESPONSE terminates further execution of modules and rules and returns defined HTTP response.
    rules List<Property Map>

    Ordered list of ProtectionRules. Rules are executed in order of appearance in this array. ProtectionRules in this array can only use protection capabilities of RESPONSE_PROTECTION_CAPABILITY type.

    GetWebAppFirewallPoliciesWebAppFirewallPolicyCollectionItemRequestAccessControlRule

    ActionName string

    Override action to take if capability was triggered, defined in Protection Rule for this capability. Only actions of type CHECK are allowed.

    Condition string

    An expression that determines whether or not the rule action should be executed.

    ConditionLanguage string

    The language used to parse condition from field condition. Available languages:

    • JMESPATH an extended JMESPath language syntax.
    Name string

    Rule name. Must be unique within the module.

    Type string

    Type of WebAppFirewallPolicyRule.

    ActionName string

    Override action to take if capability was triggered, defined in Protection Rule for this capability. Only actions of type CHECK are allowed.

    Condition string

    An expression that determines whether or not the rule action should be executed.

    ConditionLanguage string

    The language used to parse condition from field condition. Available languages:

    • JMESPATH an extended JMESPath language syntax.
    Name string

    Rule name. Must be unique within the module.

    Type string

    Type of WebAppFirewallPolicyRule.

    actionName String

    Override action to take if capability was triggered, defined in Protection Rule for this capability. Only actions of type CHECK are allowed.

    condition String

    An expression that determines whether or not the rule action should be executed.

    conditionLanguage String

    The language used to parse condition from field condition. Available languages:

    • JMESPATH an extended JMESPath language syntax.
    name String

    Rule name. Must be unique within the module.

    type String

    Type of WebAppFirewallPolicyRule.

    actionName string

    Override action to take if capability was triggered, defined in Protection Rule for this capability. Only actions of type CHECK are allowed.

    condition string

    An expression that determines whether or not the rule action should be executed.

    conditionLanguage string

    The language used to parse condition from field condition. Available languages:

    • JMESPATH an extended JMESPath language syntax.
    name string

    Rule name. Must be unique within the module.

    type string

    Type of WebAppFirewallPolicyRule.

    action_name str

    Override action to take if capability was triggered, defined in Protection Rule for this capability. Only actions of type CHECK are allowed.

    condition str

    An expression that determines whether or not the rule action should be executed.

    condition_language str

    The language used to parse condition from field condition. Available languages:

    • JMESPATH an extended JMESPath language syntax.
    name str

    Rule name. Must be unique within the module.

    type str

    Type of WebAppFirewallPolicyRule.

    actionName String

    Override action to take if capability was triggered, defined in Protection Rule for this capability. Only actions of type CHECK are allowed.

    condition String

    An expression that determines whether or not the rule action should be executed.

    conditionLanguage String

    The language used to parse condition from field condition. Available languages:

    • JMESPATH an extended JMESPath language syntax.
    name String

    Rule name. Must be unique within the module.

    type String

    Type of WebAppFirewallPolicyRule.

    GetWebAppFirewallPoliciesWebAppFirewallPolicyCollectionItemRequestProtection

    BodyInspectionSizeLimitExceededActionName string

    References action by name from actions defined in WebAppFirewallPolicy. Executed if HTTP message body size exceeds limit set in field bodyInspectionSizeLimitInBytes.

    BodyInspectionSizeLimitInBytes int

    Maximum size of inspected HTTP message body in bytes. Actions to take if this limit is exceeded are defined in bodyInspectionSizeLimitExceededActionName.

    Rules List<GetWebAppFirewallPoliciesWebAppFirewallPolicyCollectionItemRequestProtectionRule>

    Ordered list of ProtectionRules. Rules are executed in order of appearance in this array. ProtectionRules in this array can only use protection capabilities of RESPONSE_PROTECTION_CAPABILITY type.

    BodyInspectionSizeLimitExceededActionName string

    References action by name from actions defined in WebAppFirewallPolicy. Executed if HTTP message body size exceeds limit set in field bodyInspectionSizeLimitInBytes.

    BodyInspectionSizeLimitInBytes int

    Maximum size of inspected HTTP message body in bytes. Actions to take if this limit is exceeded are defined in bodyInspectionSizeLimitExceededActionName.

    Rules []GetWebAppFirewallPoliciesWebAppFirewallPolicyCollectionItemRequestProtectionRule

    Ordered list of ProtectionRules. Rules are executed in order of appearance in this array. ProtectionRules in this array can only use protection capabilities of RESPONSE_PROTECTION_CAPABILITY type.

    bodyInspectionSizeLimitExceededActionName String

    References action by name from actions defined in WebAppFirewallPolicy. Executed if HTTP message body size exceeds limit set in field bodyInspectionSizeLimitInBytes.

    bodyInspectionSizeLimitInBytes Integer

    Maximum size of inspected HTTP message body in bytes. Actions to take if this limit is exceeded are defined in bodyInspectionSizeLimitExceededActionName.

    rules List<GetWebAppFirewallPoliciesWebAppFirewallPolicyCollectionItemRequestProtectionRule>

    Ordered list of ProtectionRules. Rules are executed in order of appearance in this array. ProtectionRules in this array can only use protection capabilities of RESPONSE_PROTECTION_CAPABILITY type.

    bodyInspectionSizeLimitExceededActionName string

    References action by name from actions defined in WebAppFirewallPolicy. Executed if HTTP message body size exceeds limit set in field bodyInspectionSizeLimitInBytes.

    bodyInspectionSizeLimitInBytes number

    Maximum size of inspected HTTP message body in bytes. Actions to take if this limit is exceeded are defined in bodyInspectionSizeLimitExceededActionName.

    rules GetWebAppFirewallPoliciesWebAppFirewallPolicyCollectionItemRequestProtectionRule[]

    Ordered list of ProtectionRules. Rules are executed in order of appearance in this array. ProtectionRules in this array can only use protection capabilities of RESPONSE_PROTECTION_CAPABILITY type.

    body_inspection_size_limit_exceeded_action_name str

    References action by name from actions defined in WebAppFirewallPolicy. Executed if HTTP message body size exceeds limit set in field bodyInspectionSizeLimitInBytes.

    body_inspection_size_limit_in_bytes int

    Maximum size of inspected HTTP message body in bytes. Actions to take if this limit is exceeded are defined in bodyInspectionSizeLimitExceededActionName.

    rules GetWebAppFirewallPoliciesWebAppFirewallPolicyCollectionItemRequestProtectionRule]

    Ordered list of ProtectionRules. Rules are executed in order of appearance in this array. ProtectionRules in this array can only use protection capabilities of RESPONSE_PROTECTION_CAPABILITY type.

    bodyInspectionSizeLimitExceededActionName String

    References action by name from actions defined in WebAppFirewallPolicy. Executed if HTTP message body size exceeds limit set in field bodyInspectionSizeLimitInBytes.

    bodyInspectionSizeLimitInBytes Number

    Maximum size of inspected HTTP message body in bytes. Actions to take if this limit is exceeded are defined in bodyInspectionSizeLimitExceededActionName.

    rules List<Property Map>

    Ordered list of ProtectionRules. Rules are executed in order of appearance in this array. ProtectionRules in this array can only use protection capabilities of RESPONSE_PROTECTION_CAPABILITY type.

    GetWebAppFirewallPoliciesWebAppFirewallPolicyCollectionItemRequestProtectionRule

    ActionName string

    Override action to take if capability was triggered, defined in Protection Rule for this capability. Only actions of type CHECK are allowed.

    Condition string

    An expression that determines whether or not the rule action should be executed.

    ConditionLanguage string

    The language used to parse condition from field condition. Available languages:

    • JMESPATH an extended JMESPath language syntax.
    IsBodyInspectionEnabled bool

    Enables/disables body inspection for this protection rule. Only Protection Rules in RequestProtection can have this option enabled. Response body inspection will be available at a later date.

    Name string

    Rule name. Must be unique within the module.

    ProtectionCapabilities List<GetWebAppFirewallPoliciesWebAppFirewallPolicyCollectionItemRequestProtectionRuleProtectionCapability>

    An ordered list that references OCI-managed protection capabilities. Referenced protection capabilities are not necessarily executed in order of appearance. Their execution order is decided at runtime for improved performance. The array cannot contain entries with the same pair of capability key and version more than once.

    ProtectionCapabilitySettings List<GetWebAppFirewallPoliciesWebAppFirewallPolicyCollectionItemRequestProtectionRuleProtectionCapabilitySetting>

    Settings for protection capabilities

    Type string

    Type of WebAppFirewallPolicyRule.

    ActionName string

    Override action to take if capability was triggered, defined in Protection Rule for this capability. Only actions of type CHECK are allowed.

    Condition string

    An expression that determines whether or not the rule action should be executed.

    ConditionLanguage string

    The language used to parse condition from field condition. Available languages:

    • JMESPATH an extended JMESPath language syntax.
    IsBodyInspectionEnabled bool

    Enables/disables body inspection for this protection rule. Only Protection Rules in RequestProtection can have this option enabled. Response body inspection will be available at a later date.

    Name string

    Rule name. Must be unique within the module.

    ProtectionCapabilities []GetWebAppFirewallPoliciesWebAppFirewallPolicyCollectionItemRequestProtectionRuleProtectionCapability

    An ordered list that references OCI-managed protection capabilities. Referenced protection capabilities are not necessarily executed in order of appearance. Their execution order is decided at runtime for improved performance. The array cannot contain entries with the same pair of capability key and version more than once.

    ProtectionCapabilitySettings []GetWebAppFirewallPoliciesWebAppFirewallPolicyCollectionItemRequestProtectionRuleProtectionCapabilitySetting

    Settings for protection capabilities

    Type string

    Type of WebAppFirewallPolicyRule.

    actionName String

    Override action to take if capability was triggered, defined in Protection Rule for this capability. Only actions of type CHECK are allowed.

    condition String

    An expression that determines whether or not the rule action should be executed.

    conditionLanguage String

    The language used to parse condition from field condition. Available languages:

    • JMESPATH an extended JMESPath language syntax.
    isBodyInspectionEnabled Boolean

    Enables/disables body inspection for this protection rule. Only Protection Rules in RequestProtection can have this option enabled. Response body inspection will be available at a later date.

    name String

    Rule name. Must be unique within the module.

    protectionCapabilities List<GetWebAppFirewallPoliciesWebAppFirewallPolicyCollectionItemRequestProtectionRuleProtectionCapability>

    An ordered list that references OCI-managed protection capabilities. Referenced protection capabilities are not necessarily executed in order of appearance. Their execution order is decided at runtime for improved performance. The array cannot contain entries with the same pair of capability key and version more than once.

    protectionCapabilitySettings List<GetWebAppFirewallPoliciesWebAppFirewallPolicyCollectionItemRequestProtectionRuleProtectionCapabilitySetting>

    Settings for protection capabilities

    type String

    Type of WebAppFirewallPolicyRule.

    actionName string

    Override action to take if capability was triggered, defined in Protection Rule for this capability. Only actions of type CHECK are allowed.

    condition string

    An expression that determines whether or not the rule action should be executed.

    conditionLanguage string

    The language used to parse condition from field condition. Available languages:

    • JMESPATH an extended JMESPath language syntax.
    isBodyInspectionEnabled boolean

    Enables/disables body inspection for this protection rule. Only Protection Rules in RequestProtection can have this option enabled. Response body inspection will be available at a later date.

    name string

    Rule name. Must be unique within the module.

    protectionCapabilities GetWebAppFirewallPoliciesWebAppFirewallPolicyCollectionItemRequestProtectionRuleProtectionCapability[]

    An ordered list that references OCI-managed protection capabilities. Referenced protection capabilities are not necessarily executed in order of appearance. Their execution order is decided at runtime for improved performance. The array cannot contain entries with the same pair of capability key and version more than once.

    protectionCapabilitySettings GetWebAppFirewallPoliciesWebAppFirewallPolicyCollectionItemRequestProtectionRuleProtectionCapabilitySetting[]

    Settings for protection capabilities

    type string

    Type of WebAppFirewallPolicyRule.

    action_name str

    Override action to take if capability was triggered, defined in Protection Rule for this capability. Only actions of type CHECK are allowed.

    condition str

    An expression that determines whether or not the rule action should be executed.

    condition_language str

    The language used to parse condition from field condition. Available languages:

    • JMESPATH an extended JMESPath language syntax.
    is_body_inspection_enabled bool

    Enables/disables body inspection for this protection rule. Only Protection Rules in RequestProtection can have this option enabled. Response body inspection will be available at a later date.

    name str

    Rule name. Must be unique within the module.

    protection_capabilities GetWebAppFirewallPoliciesWebAppFirewallPolicyCollectionItemRequestProtectionRuleProtectionCapability]

    An ordered list that references OCI-managed protection capabilities. Referenced protection capabilities are not necessarily executed in order of appearance. Their execution order is decided at runtime for improved performance. The array cannot contain entries with the same pair of capability key and version more than once.

    protection_capability_settings GetWebAppFirewallPoliciesWebAppFirewallPolicyCollectionItemRequestProtectionRuleProtectionCapabilitySetting]

    Settings for protection capabilities

    type str

    Type of WebAppFirewallPolicyRule.

    actionName String

    Override action to take if capability was triggered, defined in Protection Rule for this capability. Only actions of type CHECK are allowed.

    condition String

    An expression that determines whether or not the rule action should be executed.

    conditionLanguage String

    The language used to parse condition from field condition. Available languages:

    • JMESPATH an extended JMESPath language syntax.
    isBodyInspectionEnabled Boolean

    Enables/disables body inspection for this protection rule. Only Protection Rules in RequestProtection can have this option enabled. Response body inspection will be available at a later date.

    name String

    Rule name. Must be unique within the module.

    protectionCapabilities List<Property Map>

    An ordered list that references OCI-managed protection capabilities. Referenced protection capabilities are not necessarily executed in order of appearance. Their execution order is decided at runtime for improved performance. The array cannot contain entries with the same pair of capability key and version more than once.

    protectionCapabilitySettings List<Property Map>

    Settings for protection capabilities

    type String

    Type of WebAppFirewallPolicyRule.

    GetWebAppFirewallPoliciesWebAppFirewallPolicyCollectionItemRequestProtectionRuleProtectionCapability

    ActionName string

    Override action to take if capability was triggered, defined in Protection Rule for this capability. Only actions of type CHECK are allowed.

    CollaborativeActionThreshold int

    The minimum sum of weights of associated collaborative protection capabilities that have triggered which must be reached in order for this capability to trigger. This field is ignored for non-collaborative capabilities.

    CollaborativeWeights List<GetWebAppFirewallPoliciesWebAppFirewallPolicyCollectionItemRequestProtectionRuleProtectionCapabilityCollaborativeWeight>

    Explicit weight values to use for associated collaborative protection capabilities.

    Exclusions List<GetWebAppFirewallPoliciesWebAppFirewallPolicyCollectionItemRequestProtectionRuleProtectionCapabilityExclusion>

    Identifies specific HTTP message parameters to exclude from inspection by a protection capability.

    Key string

    Unique key of referenced protection capability.

    Version int

    Version of referenced protection capability.

    ActionName string

    Override action to take if capability was triggered, defined in Protection Rule for this capability. Only actions of type CHECK are allowed.

    CollaborativeActionThreshold int

    The minimum sum of weights of associated collaborative protection capabilities that have triggered which must be reached in order for this capability to trigger. This field is ignored for non-collaborative capabilities.

    CollaborativeWeights []GetWebAppFirewallPoliciesWebAppFirewallPolicyCollectionItemRequestProtectionRuleProtectionCapabilityCollaborativeWeight

    Explicit weight values to use for associated collaborative protection capabilities.

    Exclusions []GetWebAppFirewallPoliciesWebAppFirewallPolicyCollectionItemRequestProtectionRuleProtectionCapabilityExclusion

    Identifies specific HTTP message parameters to exclude from inspection by a protection capability.

    Key string

    Unique key of referenced protection capability.

    Version int

    Version of referenced protection capability.

    actionName String

    Override action to take if capability was triggered, defined in Protection Rule for this capability. Only actions of type CHECK are allowed.

    collaborativeActionThreshold Integer

    The minimum sum of weights of associated collaborative protection capabilities that have triggered which must be reached in order for this capability to trigger. This field is ignored for non-collaborative capabilities.

    collaborativeWeights List<GetWebAppFirewallPoliciesWebAppFirewallPolicyCollectionItemRequestProtectionRuleProtectionCapabilityCollaborativeWeight>

    Explicit weight values to use for associated collaborative protection capabilities.

    exclusions List<GetWebAppFirewallPoliciesWebAppFirewallPolicyCollectionItemRequestProtectionRuleProtectionCapabilityExclusion>

    Identifies specific HTTP message parameters to exclude from inspection by a protection capability.

    key String

    Unique key of referenced protection capability.

    version Integer

    Version of referenced protection capability.

    actionName string

    Override action to take if capability was triggered, defined in Protection Rule for this capability. Only actions of type CHECK are allowed.

    collaborativeActionThreshold number

    The minimum sum of weights of associated collaborative protection capabilities that have triggered which must be reached in order for this capability to trigger. This field is ignored for non-collaborative capabilities.

    collaborativeWeights GetWebAppFirewallPoliciesWebAppFirewallPolicyCollectionItemRequestProtectionRuleProtectionCapabilityCollaborativeWeight[]

    Explicit weight values to use for associated collaborative protection capabilities.

    exclusions GetWebAppFirewallPoliciesWebAppFirewallPolicyCollectionItemRequestProtectionRuleProtectionCapabilityExclusion[]

    Identifies specific HTTP message parameters to exclude from inspection by a protection capability.

    key string

    Unique key of referenced protection capability.

    version number

    Version of referenced protection capability.

    action_name str

    Override action to take if capability was triggered, defined in Protection Rule for this capability. Only actions of type CHECK are allowed.

    collaborative_action_threshold int

    The minimum sum of weights of associated collaborative protection capabilities that have triggered which must be reached in order for this capability to trigger. This field is ignored for non-collaborative capabilities.

    collaborative_weights GetWebAppFirewallPoliciesWebAppFirewallPolicyCollectionItemRequestProtectionRuleProtectionCapabilityCollaborativeWeight]

    Explicit weight values to use for associated collaborative protection capabilities.

    exclusions GetWebAppFirewallPoliciesWebAppFirewallPolicyCollectionItemRequestProtectionRuleProtectionCapabilityExclusion]

    Identifies specific HTTP message parameters to exclude from inspection by a protection capability.

    key str

    Unique key of referenced protection capability.

    version int

    Version of referenced protection capability.

    actionName String

    Override action to take if capability was triggered, defined in Protection Rule for this capability. Only actions of type CHECK are allowed.

    collaborativeActionThreshold Number

    The minimum sum of weights of associated collaborative protection capabilities that have triggered which must be reached in order for this capability to trigger. This field is ignored for non-collaborative capabilities.

    collaborativeWeights List<Property Map>

    Explicit weight values to use for associated collaborative protection capabilities.

    exclusions List<Property Map>

    Identifies specific HTTP message parameters to exclude from inspection by a protection capability.

    key String

    Unique key of referenced protection capability.

    version Number

    Version of referenced protection capability.

    GetWebAppFirewallPoliciesWebAppFirewallPolicyCollectionItemRequestProtectionRuleProtectionCapabilityCollaborativeWeight

    Key string

    Unique key of referenced protection capability.

    Weight int

    The value of weight to set.

    Key string

    Unique key of referenced protection capability.

    Weight int

    The value of weight to set.

    key String

    Unique key of referenced protection capability.

    weight Integer

    The value of weight to set.

    key string

    Unique key of referenced protection capability.

    weight number

    The value of weight to set.

    key str

    Unique key of referenced protection capability.

    weight int

    The value of weight to set.

    key String

    Unique key of referenced protection capability.

    weight Number

    The value of weight to set.

    GetWebAppFirewallPoliciesWebAppFirewallPolicyCollectionItemRequestProtectionRuleProtectionCapabilityExclusion

    Args List<string>

    List of URL query parameter values from form-urlencoded XML, JSON, AMP, or POST payloads to exclude from inspecting. Example: If we have query parameter 'argumentName=argumentValue' and args=['argumentName'], both 'argumentName' and 'argumentValue' will not be inspected.

    RequestCookies List<string>

    List of HTTP request cookie values (by cookie name) to exclude from inspecting. Example: If we have cookie 'cookieName=cookieValue' and requestCookies=['cookieName'], both 'cookieName' and 'cookieValue' will not be inspected.

    Args []string

    List of URL query parameter values from form-urlencoded XML, JSON, AMP, or POST payloads to exclude from inspecting. Example: If we have query parameter 'argumentName=argumentValue' and args=['argumentName'], both 'argumentName' and 'argumentValue' will not be inspected.

    RequestCookies []string

    List of HTTP request cookie values (by cookie name) to exclude from inspecting. Example: If we have cookie 'cookieName=cookieValue' and requestCookies=['cookieName'], both 'cookieName' and 'cookieValue' will not be inspected.

    args List<String>

    List of URL query parameter values from form-urlencoded XML, JSON, AMP, or POST payloads to exclude from inspecting. Example: If we have query parameter 'argumentName=argumentValue' and args=['argumentName'], both 'argumentName' and 'argumentValue' will not be inspected.

    requestCookies List<String>

    List of HTTP request cookie values (by cookie name) to exclude from inspecting. Example: If we have cookie 'cookieName=cookieValue' and requestCookies=['cookieName'], both 'cookieName' and 'cookieValue' will not be inspected.

    args string[]

    List of URL query parameter values from form-urlencoded XML, JSON, AMP, or POST payloads to exclude from inspecting. Example: If we have query parameter 'argumentName=argumentValue' and args=['argumentName'], both 'argumentName' and 'argumentValue' will not be inspected.

    requestCookies string[]

    List of HTTP request cookie values (by cookie name) to exclude from inspecting. Example: If we have cookie 'cookieName=cookieValue' and requestCookies=['cookieName'], both 'cookieName' and 'cookieValue' will not be inspected.

    args Sequence[str]

    List of URL query parameter values from form-urlencoded XML, JSON, AMP, or POST payloads to exclude from inspecting. Example: If we have query parameter 'argumentName=argumentValue' and args=['argumentName'], both 'argumentName' and 'argumentValue' will not be inspected.

    request_cookies Sequence[str]

    List of HTTP request cookie values (by cookie name) to exclude from inspecting. Example: If we have cookie 'cookieName=cookieValue' and requestCookies=['cookieName'], both 'cookieName' and 'cookieValue' will not be inspected.

    args List<String>

    List of URL query parameter values from form-urlencoded XML, JSON, AMP, or POST payloads to exclude from inspecting. Example: If we have query parameter 'argumentName=argumentValue' and args=['argumentName'], both 'argumentName' and 'argumentValue' will not be inspected.

    requestCookies List<String>

    List of HTTP request cookie values (by cookie name) to exclude from inspecting. Example: If we have cookie 'cookieName=cookieValue' and requestCookies=['cookieName'], both 'cookieName' and 'cookieValue' will not be inspected.

    GetWebAppFirewallPoliciesWebAppFirewallPolicyCollectionItemRequestProtectionRuleProtectionCapabilitySetting

    AllowedHttpMethods List<string>

    List of allowed HTTP methods. Each value as a RFC7230 formated token string. Used in protection capability 911100: Restrict HTTP Request Methods.

    MaxHttpRequestHeaderLength int

    Maximum allowed length of headers in an HTTP request. Used in protection capability: 9200024: Limit length of request header size.

    MaxHttpRequestHeaders int

    Maximum number of headers allowed in an HTTP request. Used in protection capability 9200014: Limit Number of Request Headers.

    MaxNumberOfArguments int

    Maximum number of arguments allowed. Used in protection capability 920380: Number of Arguments Limits.

    MaxSingleArgumentLength int

    Maximum allowed length of a single argument. Used in protection capability 920370: Limit argument value length.

    MaxTotalArgumentLength int

    Maximum allowed total length of all arguments. Used in protection capability 920390: Limit arguments total length.

    AllowedHttpMethods []string

    List of allowed HTTP methods. Each value as a RFC7230 formated token string. Used in protection capability 911100: Restrict HTTP Request Methods.

    MaxHttpRequestHeaderLength int

    Maximum allowed length of headers in an HTTP request. Used in protection capability: 9200024: Limit length of request header size.

    MaxHttpRequestHeaders int

    Maximum number of headers allowed in an HTTP request. Used in protection capability 9200014: Limit Number of Request Headers.

    MaxNumberOfArguments int

    Maximum number of arguments allowed. Used in protection capability 920380: Number of Arguments Limits.

    MaxSingleArgumentLength int

    Maximum allowed length of a single argument. Used in protection capability 920370: Limit argument value length.

    MaxTotalArgumentLength int

    Maximum allowed total length of all arguments. Used in protection capability 920390: Limit arguments total length.

    allowedHttpMethods List<String>

    List of allowed HTTP methods. Each value as a RFC7230 formated token string. Used in protection capability 911100: Restrict HTTP Request Methods.

    maxHttpRequestHeaderLength Integer

    Maximum allowed length of headers in an HTTP request. Used in protection capability: 9200024: Limit length of request header size.

    maxHttpRequestHeaders Integer

    Maximum number of headers allowed in an HTTP request. Used in protection capability 9200014: Limit Number of Request Headers.

    maxNumberOfArguments Integer

    Maximum number of arguments allowed. Used in protection capability 920380: Number of Arguments Limits.

    maxSingleArgumentLength Integer

    Maximum allowed length of a single argument. Used in protection capability 920370: Limit argument value length.

    maxTotalArgumentLength Integer

    Maximum allowed total length of all arguments. Used in protection capability 920390: Limit arguments total length.

    allowedHttpMethods string[]

    List of allowed HTTP methods. Each value as a RFC7230 formated token string. Used in protection capability 911100: Restrict HTTP Request Methods.

    maxHttpRequestHeaderLength number

    Maximum allowed length of headers in an HTTP request. Used in protection capability: 9200024: Limit length of request header size.

    maxHttpRequestHeaders number

    Maximum number of headers allowed in an HTTP request. Used in protection capability 9200014: Limit Number of Request Headers.

    maxNumberOfArguments number

    Maximum number of arguments allowed. Used in protection capability 920380: Number of Arguments Limits.

    maxSingleArgumentLength number

    Maximum allowed length of a single argument. Used in protection capability 920370: Limit argument value length.

    maxTotalArgumentLength number

    Maximum allowed total length of all arguments. Used in protection capability 920390: Limit arguments total length.

    allowed_http_methods Sequence[str]

    List of allowed HTTP methods. Each value as a RFC7230 formated token string. Used in protection capability 911100: Restrict HTTP Request Methods.

    max_http_request_header_length int

    Maximum allowed length of headers in an HTTP request. Used in protection capability: 9200024: Limit length of request header size.

    max_http_request_headers int

    Maximum number of headers allowed in an HTTP request. Used in protection capability 9200014: Limit Number of Request Headers.

    max_number_of_arguments int

    Maximum number of arguments allowed. Used in protection capability 920380: Number of Arguments Limits.

    max_single_argument_length int

    Maximum allowed length of a single argument. Used in protection capability 920370: Limit argument value length.

    max_total_argument_length int

    Maximum allowed total length of all arguments. Used in protection capability 920390: Limit arguments total length.

    allowedHttpMethods List<String>

    List of allowed HTTP methods. Each value as a RFC7230 formated token string. Used in protection capability 911100: Restrict HTTP Request Methods.

    maxHttpRequestHeaderLength Number

    Maximum allowed length of headers in an HTTP request. Used in protection capability: 9200024: Limit length of request header size.

    maxHttpRequestHeaders Number

    Maximum number of headers allowed in an HTTP request. Used in protection capability 9200014: Limit Number of Request Headers.

    maxNumberOfArguments Number

    Maximum number of arguments allowed. Used in protection capability 920380: Number of Arguments Limits.

    maxSingleArgumentLength Number

    Maximum allowed length of a single argument. Used in protection capability 920370: Limit argument value length.

    maxTotalArgumentLength Number

    Maximum allowed total length of all arguments. Used in protection capability 920390: Limit arguments total length.

    GetWebAppFirewallPoliciesWebAppFirewallPolicyCollectionItemRequestRateLimiting

    Rules List<GetWebAppFirewallPoliciesWebAppFirewallPolicyCollectionItemRequestRateLimitingRule>

    Ordered list of ProtectionRules. Rules are executed in order of appearance in this array. ProtectionRules in this array can only use protection capabilities of RESPONSE_PROTECTION_CAPABILITY type.

    Rules []GetWebAppFirewallPoliciesWebAppFirewallPolicyCollectionItemRequestRateLimitingRule

    Ordered list of ProtectionRules. Rules are executed in order of appearance in this array. ProtectionRules in this array can only use protection capabilities of RESPONSE_PROTECTION_CAPABILITY type.

    rules List<GetWebAppFirewallPoliciesWebAppFirewallPolicyCollectionItemRequestRateLimitingRule>

    Ordered list of ProtectionRules. Rules are executed in order of appearance in this array. ProtectionRules in this array can only use protection capabilities of RESPONSE_PROTECTION_CAPABILITY type.

    rules GetWebAppFirewallPoliciesWebAppFirewallPolicyCollectionItemRequestRateLimitingRule[]

    Ordered list of ProtectionRules. Rules are executed in order of appearance in this array. ProtectionRules in this array can only use protection capabilities of RESPONSE_PROTECTION_CAPABILITY type.

    rules GetWebAppFirewallPoliciesWebAppFirewallPolicyCollectionItemRequestRateLimitingRule]

    Ordered list of ProtectionRules. Rules are executed in order of appearance in this array. ProtectionRules in this array can only use protection capabilities of RESPONSE_PROTECTION_CAPABILITY type.

    rules List<Property Map>

    Ordered list of ProtectionRules. Rules are executed in order of appearance in this array. ProtectionRules in this array can only use protection capabilities of RESPONSE_PROTECTION_CAPABILITY type.

    GetWebAppFirewallPoliciesWebAppFirewallPolicyCollectionItemRequestRateLimitingRule

    ActionName string

    Override action to take if capability was triggered, defined in Protection Rule for this capability. Only actions of type CHECK are allowed.

    Condition string

    An expression that determines whether or not the rule action should be executed.

    ConditionLanguage string

    The language used to parse condition from field condition. Available languages:

    • JMESPATH an extended JMESPath language syntax.
    Configurations List<GetWebAppFirewallPoliciesWebAppFirewallPolicyCollectionItemRequestRateLimitingRuleConfiguration>

    Rate Limiting Configurations. Each configuration counts requests towards its own requestsLimit.

    Name string

    Rule name. Must be unique within the module.

    Type string

    Type of WebAppFirewallPolicyRule.

    ActionName string

    Override action to take if capability was triggered, defined in Protection Rule for this capability. Only actions of type CHECK are allowed.

    Condition string

    An expression that determines whether or not the rule action should be executed.

    ConditionLanguage string

    The language used to parse condition from field condition. Available languages:

    • JMESPATH an extended JMESPath language syntax.
    Configurations []GetWebAppFirewallPoliciesWebAppFirewallPolicyCollectionItemRequestRateLimitingRuleConfiguration

    Rate Limiting Configurations. Each configuration counts requests towards its own requestsLimit.

    Name string

    Rule name. Must be unique within the module.

    Type string

    Type of WebAppFirewallPolicyRule.

    actionName String

    Override action to take if capability was triggered, defined in Protection Rule for this capability. Only actions of type CHECK are allowed.

    condition String

    An expression that determines whether or not the rule action should be executed.

    conditionLanguage String

    The language used to parse condition from field condition. Available languages:

    • JMESPATH an extended JMESPath language syntax.
    configurations List<GetWebAppFirewallPoliciesWebAppFirewallPolicyCollectionItemRequestRateLimitingRuleConfiguration>

    Rate Limiting Configurations. Each configuration counts requests towards its own requestsLimit.

    name String

    Rule name. Must be unique within the module.

    type String

    Type of WebAppFirewallPolicyRule.

    actionName string

    Override action to take if capability was triggered, defined in Protection Rule for this capability. Only actions of type CHECK are allowed.

    condition string

    An expression that determines whether or not the rule action should be executed.

    conditionLanguage string

    The language used to parse condition from field condition. Available languages:

    • JMESPATH an extended JMESPath language syntax.
    configurations GetWebAppFirewallPoliciesWebAppFirewallPolicyCollectionItemRequestRateLimitingRuleConfiguration[]

    Rate Limiting Configurations. Each configuration counts requests towards its own requestsLimit.

    name string

    Rule name. Must be unique within the module.

    type string

    Type of WebAppFirewallPolicyRule.

    action_name str

    Override action to take if capability was triggered, defined in Protection Rule for this capability. Only actions of type CHECK are allowed.

    condition str

    An expression that determines whether or not the rule action should be executed.

    condition_language str

    The language used to parse condition from field condition. Available languages:

    • JMESPATH an extended JMESPath language syntax.
    configurations GetWebAppFirewallPoliciesWebAppFirewallPolicyCollectionItemRequestRateLimitingRuleConfiguration]

    Rate Limiting Configurations. Each configuration counts requests towards its own requestsLimit.

    name str

    Rule name. Must be unique within the module.

    type str

    Type of WebAppFirewallPolicyRule.

    actionName String

    Override action to take if capability was triggered, defined in Protection Rule for this capability. Only actions of type CHECK are allowed.

    condition String

    An expression that determines whether or not the rule action should be executed.

    conditionLanguage String

    The language used to parse condition from field condition. Available languages:

    • JMESPATH an extended JMESPath language syntax.
    configurations List<Property Map>

    Rate Limiting Configurations. Each configuration counts requests towards its own requestsLimit.

    name String

    Rule name. Must be unique within the module.

    type String

    Type of WebAppFirewallPolicyRule.

    GetWebAppFirewallPoliciesWebAppFirewallPolicyCollectionItemRequestRateLimitingRuleConfiguration

    ActionDurationInSeconds int

    Duration of block action application in seconds when requestsLimit is reached. Optional and can be 0 (no block duration).

    PeriodInSeconds int

    Evaluation period in seconds.

    RequestsLimit int

    Requests allowed per evaluation period.

    ActionDurationInSeconds int

    Duration of block action application in seconds when requestsLimit is reached. Optional and can be 0 (no block duration).

    PeriodInSeconds int

    Evaluation period in seconds.

    RequestsLimit int

    Requests allowed per evaluation period.

    actionDurationInSeconds Integer

    Duration of block action application in seconds when requestsLimit is reached. Optional and can be 0 (no block duration).

    periodInSeconds Integer

    Evaluation period in seconds.

    requestsLimit Integer

    Requests allowed per evaluation period.

    actionDurationInSeconds number

    Duration of block action application in seconds when requestsLimit is reached. Optional and can be 0 (no block duration).

    periodInSeconds number

    Evaluation period in seconds.

    requestsLimit number

    Requests allowed per evaluation period.

    action_duration_in_seconds int

    Duration of block action application in seconds when requestsLimit is reached. Optional and can be 0 (no block duration).

    period_in_seconds int

    Evaluation period in seconds.

    requests_limit int

    Requests allowed per evaluation period.

    actionDurationInSeconds Number

    Duration of block action application in seconds when requestsLimit is reached. Optional and can be 0 (no block duration).

    periodInSeconds Number

    Evaluation period in seconds.

    requestsLimit Number

    Requests allowed per evaluation period.

    GetWebAppFirewallPoliciesWebAppFirewallPolicyCollectionItemResponseAccessControl

    Rules List<GetWebAppFirewallPoliciesWebAppFirewallPolicyCollectionItemResponseAccessControlRule>

    Ordered list of ProtectionRules. Rules are executed in order of appearance in this array. ProtectionRules in this array can only use protection capabilities of RESPONSE_PROTECTION_CAPABILITY type.

    Rules []GetWebAppFirewallPoliciesWebAppFirewallPolicyCollectionItemResponseAccessControlRule

    Ordered list of ProtectionRules. Rules are executed in order of appearance in this array. ProtectionRules in this array can only use protection capabilities of RESPONSE_PROTECTION_CAPABILITY type.

    rules List<GetWebAppFirewallPoliciesWebAppFirewallPolicyCollectionItemResponseAccessControlRule>

    Ordered list of ProtectionRules. Rules are executed in order of appearance in this array. ProtectionRules in this array can only use protection capabilities of RESPONSE_PROTECTION_CAPABILITY type.

    rules GetWebAppFirewallPoliciesWebAppFirewallPolicyCollectionItemResponseAccessControlRule[]

    Ordered list of ProtectionRules. Rules are executed in order of appearance in this array. ProtectionRules in this array can only use protection capabilities of RESPONSE_PROTECTION_CAPABILITY type.

    rules GetWebAppFirewallPoliciesWebAppFirewallPolicyCollectionItemResponseAccessControlRule]

    Ordered list of ProtectionRules. Rules are executed in order of appearance in this array. ProtectionRules in this array can only use protection capabilities of RESPONSE_PROTECTION_CAPABILITY type.

    rules List<Property Map>

    Ordered list of ProtectionRules. Rules are executed in order of appearance in this array. ProtectionRules in this array can only use protection capabilities of RESPONSE_PROTECTION_CAPABILITY type.

    GetWebAppFirewallPoliciesWebAppFirewallPolicyCollectionItemResponseAccessControlRule

    ActionName string

    Override action to take if capability was triggered, defined in Protection Rule for this capability. Only actions of type CHECK are allowed.

    Condition string

    An expression that determines whether or not the rule action should be executed.

    ConditionLanguage string

    The language used to parse condition from field condition. Available languages:

    • JMESPATH an extended JMESPath language syntax.
    Name string

    Rule name. Must be unique within the module.

    Type string

    Type of WebAppFirewallPolicyRule.

    ActionName string

    Override action to take if capability was triggered, defined in Protection Rule for this capability. Only actions of type CHECK are allowed.

    Condition string

    An expression that determines whether or not the rule action should be executed.

    ConditionLanguage string

    The language used to parse condition from field condition. Available languages:

    • JMESPATH an extended JMESPath language syntax.
    Name string

    Rule name. Must be unique within the module.

    Type string

    Type of WebAppFirewallPolicyRule.

    actionName String

    Override action to take if capability was triggered, defined in Protection Rule for this capability. Only actions of type CHECK are allowed.

    condition String

    An expression that determines whether or not the rule action should be executed.

    conditionLanguage String

    The language used to parse condition from field condition. Available languages:

    • JMESPATH an extended JMESPath language syntax.
    name String

    Rule name. Must be unique within the module.

    type String

    Type of WebAppFirewallPolicyRule.

    actionName string

    Override action to take if capability was triggered, defined in Protection Rule for this capability. Only actions of type CHECK are allowed.

    condition string

    An expression that determines whether or not the rule action should be executed.

    conditionLanguage string

    The language used to parse condition from field condition. Available languages:

    • JMESPATH an extended JMESPath language syntax.
    name string

    Rule name. Must be unique within the module.

    type string

    Type of WebAppFirewallPolicyRule.

    action_name str

    Override action to take if capability was triggered, defined in Protection Rule for this capability. Only actions of type CHECK are allowed.

    condition str

    An expression that determines whether or not the rule action should be executed.

    condition_language str

    The language used to parse condition from field condition. Available languages:

    • JMESPATH an extended JMESPath language syntax.
    name str

    Rule name. Must be unique within the module.

    type str

    Type of WebAppFirewallPolicyRule.

    actionName String

    Override action to take if capability was triggered, defined in Protection Rule for this capability. Only actions of type CHECK are allowed.

    condition String

    An expression that determines whether or not the rule action should be executed.

    conditionLanguage String

    The language used to parse condition from field condition. Available languages:

    • JMESPATH an extended JMESPath language syntax.
    name String

    Rule name. Must be unique within the module.

    type String

    Type of WebAppFirewallPolicyRule.

    GetWebAppFirewallPoliciesWebAppFirewallPolicyCollectionItemResponseProtection

    Rules List<GetWebAppFirewallPoliciesWebAppFirewallPolicyCollectionItemResponseProtectionRule>

    Ordered list of ProtectionRules. Rules are executed in order of appearance in this array. ProtectionRules in this array can only use protection capabilities of RESPONSE_PROTECTION_CAPABILITY type.

    Rules []GetWebAppFirewallPoliciesWebAppFirewallPolicyCollectionItemResponseProtectionRule

    Ordered list of ProtectionRules. Rules are executed in order of appearance in this array. ProtectionRules in this array can only use protection capabilities of RESPONSE_PROTECTION_CAPABILITY type.

    rules List<GetWebAppFirewallPoliciesWebAppFirewallPolicyCollectionItemResponseProtectionRule>

    Ordered list of ProtectionRules. Rules are executed in order of appearance in this array. ProtectionRules in this array can only use protection capabilities of RESPONSE_PROTECTION_CAPABILITY type.

    rules GetWebAppFirewallPoliciesWebAppFirewallPolicyCollectionItemResponseProtectionRule[]

    Ordered list of ProtectionRules. Rules are executed in order of appearance in this array. ProtectionRules in this array can only use protection capabilities of RESPONSE_PROTECTION_CAPABILITY type.

    rules GetWebAppFirewallPoliciesWebAppFirewallPolicyCollectionItemResponseProtectionRule]

    Ordered list of ProtectionRules. Rules are executed in order of appearance in this array. ProtectionRules in this array can only use protection capabilities of RESPONSE_PROTECTION_CAPABILITY type.

    rules List<Property Map>

    Ordered list of ProtectionRules. Rules are executed in order of appearance in this array. ProtectionRules in this array can only use protection capabilities of RESPONSE_PROTECTION_CAPABILITY type.

    GetWebAppFirewallPoliciesWebAppFirewallPolicyCollectionItemResponseProtectionRule

    ActionName string

    Override action to take if capability was triggered, defined in Protection Rule for this capability. Only actions of type CHECK are allowed.

    Condition string

    An expression that determines whether or not the rule action should be executed.

    ConditionLanguage string

    The language used to parse condition from field condition. Available languages:

    • JMESPATH an extended JMESPath language syntax.
    IsBodyInspectionEnabled bool

    Enables/disables body inspection for this protection rule. Only Protection Rules in RequestProtection can have this option enabled. Response body inspection will be available at a later date.

    Name string

    Rule name. Must be unique within the module.

    ProtectionCapabilities List<GetWebAppFirewallPoliciesWebAppFirewallPolicyCollectionItemResponseProtectionRuleProtectionCapability>

    An ordered list that references OCI-managed protection capabilities. Referenced protection capabilities are not necessarily executed in order of appearance. Their execution order is decided at runtime for improved performance. The array cannot contain entries with the same pair of capability key and version more than once.

    ProtectionCapabilitySettings List<GetWebAppFirewallPoliciesWebAppFirewallPolicyCollectionItemResponseProtectionRuleProtectionCapabilitySetting>

    Settings for protection capabilities

    Type string

    Type of WebAppFirewallPolicyRule.

    ActionName string

    Override action to take if capability was triggered, defined in Protection Rule for this capability. Only actions of type CHECK are allowed.

    Condition string

    An expression that determines whether or not the rule action should be executed.

    ConditionLanguage string

    The language used to parse condition from field condition. Available languages:

    • JMESPATH an extended JMESPath language syntax.
    IsBodyInspectionEnabled bool

    Enables/disables body inspection for this protection rule. Only Protection Rules in RequestProtection can have this option enabled. Response body inspection will be available at a later date.

    Name string

    Rule name. Must be unique within the module.

    ProtectionCapabilities []GetWebAppFirewallPoliciesWebAppFirewallPolicyCollectionItemResponseProtectionRuleProtectionCapability

    An ordered list that references OCI-managed protection capabilities. Referenced protection capabilities are not necessarily executed in order of appearance. Their execution order is decided at runtime for improved performance. The array cannot contain entries with the same pair of capability key and version more than once.

    ProtectionCapabilitySettings []GetWebAppFirewallPoliciesWebAppFirewallPolicyCollectionItemResponseProtectionRuleProtectionCapabilitySetting

    Settings for protection capabilities

    Type string

    Type of WebAppFirewallPolicyRule.

    actionName String

    Override action to take if capability was triggered, defined in Protection Rule for this capability. Only actions of type CHECK are allowed.

    condition String

    An expression that determines whether or not the rule action should be executed.

    conditionLanguage String

    The language used to parse condition from field condition. Available languages:

    • JMESPATH an extended JMESPath language syntax.
    isBodyInspectionEnabled Boolean

    Enables/disables body inspection for this protection rule. Only Protection Rules in RequestProtection can have this option enabled. Response body inspection will be available at a later date.

    name String

    Rule name. Must be unique within the module.

    protectionCapabilities List<GetWebAppFirewallPoliciesWebAppFirewallPolicyCollectionItemResponseProtectionRuleProtectionCapability>

    An ordered list that references OCI-managed protection capabilities. Referenced protection capabilities are not necessarily executed in order of appearance. Their execution order is decided at runtime for improved performance. The array cannot contain entries with the same pair of capability key and version more than once.

    protectionCapabilitySettings List<GetWebAppFirewallPoliciesWebAppFirewallPolicyCollectionItemResponseProtectionRuleProtectionCapabilitySetting>

    Settings for protection capabilities

    type String

    Type of WebAppFirewallPolicyRule.

    actionName string

    Override action to take if capability was triggered, defined in Protection Rule for this capability. Only actions of type CHECK are allowed.

    condition string

    An expression that determines whether or not the rule action should be executed.

    conditionLanguage string

    The language used to parse condition from field condition. Available languages:

    • JMESPATH an extended JMESPath language syntax.
    isBodyInspectionEnabled boolean

    Enables/disables body inspection for this protection rule. Only Protection Rules in RequestProtection can have this option enabled. Response body inspection will be available at a later date.

    name string

    Rule name. Must be unique within the module.

    protectionCapabilities GetWebAppFirewallPoliciesWebAppFirewallPolicyCollectionItemResponseProtectionRuleProtectionCapability[]

    An ordered list that references OCI-managed protection capabilities. Referenced protection capabilities are not necessarily executed in order of appearance. Their execution order is decided at runtime for improved performance. The array cannot contain entries with the same pair of capability key and version more than once.

    protectionCapabilitySettings GetWebAppFirewallPoliciesWebAppFirewallPolicyCollectionItemResponseProtectionRuleProtectionCapabilitySetting[]

    Settings for protection capabilities

    type string

    Type of WebAppFirewallPolicyRule.

    action_name str

    Override action to take if capability was triggered, defined in Protection Rule for this capability. Only actions of type CHECK are allowed.

    condition str

    An expression that determines whether or not the rule action should be executed.

    condition_language str

    The language used to parse condition from field condition. Available languages:

    • JMESPATH an extended JMESPath language syntax.
    is_body_inspection_enabled bool

    Enables/disables body inspection for this protection rule. Only Protection Rules in RequestProtection can have this option enabled. Response body inspection will be available at a later date.

    name str

    Rule name. Must be unique within the module.

    protection_capabilities GetWebAppFirewallPoliciesWebAppFirewallPolicyCollectionItemResponseProtectionRuleProtectionCapability]

    An ordered list that references OCI-managed protection capabilities. Referenced protection capabilities are not necessarily executed in order of appearance. Their execution order is decided at runtime for improved performance. The array cannot contain entries with the same pair of capability key and version more than once.

    protection_capability_settings GetWebAppFirewallPoliciesWebAppFirewallPolicyCollectionItemResponseProtectionRuleProtectionCapabilitySetting]

    Settings for protection capabilities

    type str

    Type of WebAppFirewallPolicyRule.

    actionName String

    Override action to take if capability was triggered, defined in Protection Rule for this capability. Only actions of type CHECK are allowed.

    condition String

    An expression that determines whether or not the rule action should be executed.

    conditionLanguage String

    The language used to parse condition from field condition. Available languages:

    • JMESPATH an extended JMESPath language syntax.
    isBodyInspectionEnabled Boolean

    Enables/disables body inspection for this protection rule. Only Protection Rules in RequestProtection can have this option enabled. Response body inspection will be available at a later date.

    name String

    Rule name. Must be unique within the module.

    protectionCapabilities List<Property Map>

    An ordered list that references OCI-managed protection capabilities. Referenced protection capabilities are not necessarily executed in order of appearance. Their execution order is decided at runtime for improved performance. The array cannot contain entries with the same pair of capability key and version more than once.

    protectionCapabilitySettings List<Property Map>

    Settings for protection capabilities

    type String

    Type of WebAppFirewallPolicyRule.

    GetWebAppFirewallPoliciesWebAppFirewallPolicyCollectionItemResponseProtectionRuleProtectionCapability

    ActionName string

    Override action to take if capability was triggered, defined in Protection Rule for this capability. Only actions of type CHECK are allowed.

    CollaborativeActionThreshold int

    The minimum sum of weights of associated collaborative protection capabilities that have triggered which must be reached in order for this capability to trigger. This field is ignored for non-collaborative capabilities.

    CollaborativeWeights List<GetWebAppFirewallPoliciesWebAppFirewallPolicyCollectionItemResponseProtectionRuleProtectionCapabilityCollaborativeWeight>

    Explicit weight values to use for associated collaborative protection capabilities.

    Exclusions List<GetWebAppFirewallPoliciesWebAppFirewallPolicyCollectionItemResponseProtectionRuleProtectionCapabilityExclusion>

    Identifies specific HTTP message parameters to exclude from inspection by a protection capability.

    Key string

    Unique key of referenced protection capability.

    Version int

    Version of referenced protection capability.

    ActionName string

    Override action to take if capability was triggered, defined in Protection Rule for this capability. Only actions of type CHECK are allowed.

    CollaborativeActionThreshold int

    The minimum sum of weights of associated collaborative protection capabilities that have triggered which must be reached in order for this capability to trigger. This field is ignored for non-collaborative capabilities.

    CollaborativeWeights []GetWebAppFirewallPoliciesWebAppFirewallPolicyCollectionItemResponseProtectionRuleProtectionCapabilityCollaborativeWeight

    Explicit weight values to use for associated collaborative protection capabilities.

    Exclusions []GetWebAppFirewallPoliciesWebAppFirewallPolicyCollectionItemResponseProtectionRuleProtectionCapabilityExclusion

    Identifies specific HTTP message parameters to exclude from inspection by a protection capability.

    Key string

    Unique key of referenced protection capability.

    Version int

    Version of referenced protection capability.

    actionName String

    Override action to take if capability was triggered, defined in Protection Rule for this capability. Only actions of type CHECK are allowed.

    collaborativeActionThreshold Integer

    The minimum sum of weights of associated collaborative protection capabilities that have triggered which must be reached in order for this capability to trigger. This field is ignored for non-collaborative capabilities.

    collaborativeWeights List<GetWebAppFirewallPoliciesWebAppFirewallPolicyCollectionItemResponseProtectionRuleProtectionCapabilityCollaborativeWeight>

    Explicit weight values to use for associated collaborative protection capabilities.

    exclusions List<GetWebAppFirewallPoliciesWebAppFirewallPolicyCollectionItemResponseProtectionRuleProtectionCapabilityExclusion>

    Identifies specific HTTP message parameters to exclude from inspection by a protection capability.

    key String

    Unique key of referenced protection capability.

    version Integer

    Version of referenced protection capability.

    actionName string

    Override action to take if capability was triggered, defined in Protection Rule for this capability. Only actions of type CHECK are allowed.

    collaborativeActionThreshold number

    The minimum sum of weights of associated collaborative protection capabilities that have triggered which must be reached in order for this capability to trigger. This field is ignored for non-collaborative capabilities.

    collaborativeWeights GetWebAppFirewallPoliciesWebAppFirewallPolicyCollectionItemResponseProtectionRuleProtectionCapabilityCollaborativeWeight[]

    Explicit weight values to use for associated collaborative protection capabilities.

    exclusions GetWebAppFirewallPoliciesWebAppFirewallPolicyCollectionItemResponseProtectionRuleProtectionCapabilityExclusion[]

    Identifies specific HTTP message parameters to exclude from inspection by a protection capability.

    key string

    Unique key of referenced protection capability.

    version number

    Version of referenced protection capability.

    action_name str

    Override action to take if capability was triggered, defined in Protection Rule for this capability. Only actions of type CHECK are allowed.

    collaborative_action_threshold int

    The minimum sum of weights of associated collaborative protection capabilities that have triggered which must be reached in order for this capability to trigger. This field is ignored for non-collaborative capabilities.

    collaborative_weights GetWebAppFirewallPoliciesWebAppFirewallPolicyCollectionItemResponseProtectionRuleProtectionCapabilityCollaborativeWeight]

    Explicit weight values to use for associated collaborative protection capabilities.

    exclusions GetWebAppFirewallPoliciesWebAppFirewallPolicyCollectionItemResponseProtectionRuleProtectionCapabilityExclusion]

    Identifies specific HTTP message parameters to exclude from inspection by a protection capability.

    key str

    Unique key of referenced protection capability.

    version int

    Version of referenced protection capability.

    actionName String

    Override action to take if capability was triggered, defined in Protection Rule for this capability. Only actions of type CHECK are allowed.

    collaborativeActionThreshold Number

    The minimum sum of weights of associated collaborative protection capabilities that have triggered which must be reached in order for this capability to trigger. This field is ignored for non-collaborative capabilities.

    collaborativeWeights List<Property Map>

    Explicit weight values to use for associated collaborative protection capabilities.

    exclusions List<Property Map>

    Identifies specific HTTP message parameters to exclude from inspection by a protection capability.

    key String

    Unique key of referenced protection capability.

    version Number

    Version of referenced protection capability.

    GetWebAppFirewallPoliciesWebAppFirewallPolicyCollectionItemResponseProtectionRuleProtectionCapabilityCollaborativeWeight

    Key string

    Unique key of referenced protection capability.

    Weight int

    The value of weight to set.

    Key string

    Unique key of referenced protection capability.

    Weight int

    The value of weight to set.

    key String

    Unique key of referenced protection capability.

    weight Integer

    The value of weight to set.

    key string

    Unique key of referenced protection capability.

    weight number

    The value of weight to set.

    key str

    Unique key of referenced protection capability.

    weight int

    The value of weight to set.

    key String

    Unique key of referenced protection capability.

    weight Number

    The value of weight to set.

    GetWebAppFirewallPoliciesWebAppFirewallPolicyCollectionItemResponseProtectionRuleProtectionCapabilityExclusion

    Args List<string>

    List of URL query parameter values from form-urlencoded XML, JSON, AMP, or POST payloads to exclude from inspecting. Example: If we have query parameter 'argumentName=argumentValue' and args=['argumentName'], both 'argumentName' and 'argumentValue' will not be inspected.

    RequestCookies List<string>

    List of HTTP request cookie values (by cookie name) to exclude from inspecting. Example: If we have cookie 'cookieName=cookieValue' and requestCookies=['cookieName'], both 'cookieName' and 'cookieValue' will not be inspected.

    Args []string

    List of URL query parameter values from form-urlencoded XML, JSON, AMP, or POST payloads to exclude from inspecting. Example: If we have query parameter 'argumentName=argumentValue' and args=['argumentName'], both 'argumentName' and 'argumentValue' will not be inspected.

    RequestCookies []string

    List of HTTP request cookie values (by cookie name) to exclude from inspecting. Example: If we have cookie 'cookieName=cookieValue' and requestCookies=['cookieName'], both 'cookieName' and 'cookieValue' will not be inspected.

    args List<String>

    List of URL query parameter values from form-urlencoded XML, JSON, AMP, or POST payloads to exclude from inspecting. Example: If we have query parameter 'argumentName=argumentValue' and args=['argumentName'], both 'argumentName' and 'argumentValue' will not be inspected.

    requestCookies List<String>

    List of HTTP request cookie values (by cookie name) to exclude from inspecting. Example: If we have cookie 'cookieName=cookieValue' and requestCookies=['cookieName'], both 'cookieName' and 'cookieValue' will not be inspected.

    args string[]

    List of URL query parameter values from form-urlencoded XML, JSON, AMP, or POST payloads to exclude from inspecting. Example: If we have query parameter 'argumentName=argumentValue' and args=['argumentName'], both 'argumentName' and 'argumentValue' will not be inspected.

    requestCookies string[]

    List of HTTP request cookie values (by cookie name) to exclude from inspecting. Example: If we have cookie 'cookieName=cookieValue' and requestCookies=['cookieName'], both 'cookieName' and 'cookieValue' will not be inspected.

    args Sequence[str]

    List of URL query parameter values from form-urlencoded XML, JSON, AMP, or POST payloads to exclude from inspecting. Example: If we have query parameter 'argumentName=argumentValue' and args=['argumentName'], both 'argumentName' and 'argumentValue' will not be inspected.

    request_cookies Sequence[str]

    List of HTTP request cookie values (by cookie name) to exclude from inspecting. Example: If we have cookie 'cookieName=cookieValue' and requestCookies=['cookieName'], both 'cookieName' and 'cookieValue' will not be inspected.

    args List<String>

    List of URL query parameter values from form-urlencoded XML, JSON, AMP, or POST payloads to exclude from inspecting. Example: If we have query parameter 'argumentName=argumentValue' and args=['argumentName'], both 'argumentName' and 'argumentValue' will not be inspected.

    requestCookies List<String>

    List of HTTP request cookie values (by cookie name) to exclude from inspecting. Example: If we have cookie 'cookieName=cookieValue' and requestCookies=['cookieName'], both 'cookieName' and 'cookieValue' will not be inspected.

    GetWebAppFirewallPoliciesWebAppFirewallPolicyCollectionItemResponseProtectionRuleProtectionCapabilitySetting

    AllowedHttpMethods List<string>

    List of allowed HTTP methods. Each value as a RFC7230 formated token string. Used in protection capability 911100: Restrict HTTP Request Methods.

    MaxHttpRequestHeaderLength int

    Maximum allowed length of headers in an HTTP request. Used in protection capability: 9200024: Limit length of request header size.

    MaxHttpRequestHeaders int

    Maximum number of headers allowed in an HTTP request. Used in protection capability 9200014: Limit Number of Request Headers.

    MaxNumberOfArguments int

    Maximum number of arguments allowed. Used in protection capability 920380: Number of Arguments Limits.

    MaxSingleArgumentLength int

    Maximum allowed length of a single argument. Used in protection capability 920370: Limit argument value length.

    MaxTotalArgumentLength int

    Maximum allowed total length of all arguments. Used in protection capability 920390: Limit arguments total length.

    AllowedHttpMethods []string

    List of allowed HTTP methods. Each value as a RFC7230 formated token string. Used in protection capability 911100: Restrict HTTP Request Methods.

    MaxHttpRequestHeaderLength int

    Maximum allowed length of headers in an HTTP request. Used in protection capability: 9200024: Limit length of request header size.

    MaxHttpRequestHeaders int

    Maximum number of headers allowed in an HTTP request. Used in protection capability 9200014: Limit Number of Request Headers.

    MaxNumberOfArguments int

    Maximum number of arguments allowed. Used in protection capability 920380: Number of Arguments Limits.

    MaxSingleArgumentLength int

    Maximum allowed length of a single argument. Used in protection capability 920370: Limit argument value length.

    MaxTotalArgumentLength int

    Maximum allowed total length of all arguments. Used in protection capability 920390: Limit arguments total length.

    allowedHttpMethods List<String>

    List of allowed HTTP methods. Each value as a RFC7230 formated token string. Used in protection capability 911100: Restrict HTTP Request Methods.

    maxHttpRequestHeaderLength Integer

    Maximum allowed length of headers in an HTTP request. Used in protection capability: 9200024: Limit length of request header size.

    maxHttpRequestHeaders Integer

    Maximum number of headers allowed in an HTTP request. Used in protection capability 9200014: Limit Number of Request Headers.

    maxNumberOfArguments Integer

    Maximum number of arguments allowed. Used in protection capability 920380: Number of Arguments Limits.

    maxSingleArgumentLength Integer

    Maximum allowed length of a single argument. Used in protection capability 920370: Limit argument value length.

    maxTotalArgumentLength Integer

    Maximum allowed total length of all arguments. Used in protection capability 920390: Limit arguments total length.

    allowedHttpMethods string[]

    List of allowed HTTP methods. Each value as a RFC7230 formated token string. Used in protection capability 911100: Restrict HTTP Request Methods.

    maxHttpRequestHeaderLength number

    Maximum allowed length of headers in an HTTP request. Used in protection capability: 9200024: Limit length of request header size.

    maxHttpRequestHeaders number

    Maximum number of headers allowed in an HTTP request. Used in protection capability 9200014: Limit Number of Request Headers.

    maxNumberOfArguments number

    Maximum number of arguments allowed. Used in protection capability 920380: Number of Arguments Limits.

    maxSingleArgumentLength number

    Maximum allowed length of a single argument. Used in protection capability 920370: Limit argument value length.

    maxTotalArgumentLength number

    Maximum allowed total length of all arguments. Used in protection capability 920390: Limit arguments total length.

    allowed_http_methods Sequence[str]

    List of allowed HTTP methods. Each value as a RFC7230 formated token string. Used in protection capability 911100: Restrict HTTP Request Methods.

    max_http_request_header_length int

    Maximum allowed length of headers in an HTTP request. Used in protection capability: 9200024: Limit length of request header size.

    max_http_request_headers int

    Maximum number of headers allowed in an HTTP request. Used in protection capability 9200014: Limit Number of Request Headers.

    max_number_of_arguments int

    Maximum number of arguments allowed. Used in protection capability 920380: Number of Arguments Limits.

    max_single_argument_length int

    Maximum allowed length of a single argument. Used in protection capability 920370: Limit argument value length.

    max_total_argument_length int

    Maximum allowed total length of all arguments. Used in protection capability 920390: Limit arguments total length.

    allowedHttpMethods List<String>

    List of allowed HTTP methods. Each value as a RFC7230 formated token string. Used in protection capability 911100: Restrict HTTP Request Methods.

    maxHttpRequestHeaderLength Number

    Maximum allowed length of headers in an HTTP request. Used in protection capability: 9200024: Limit length of request header size.

    maxHttpRequestHeaders Number

    Maximum number of headers allowed in an HTTP request. Used in protection capability 9200014: Limit Number of Request Headers.

    maxNumberOfArguments Number

    Maximum number of arguments allowed. Used in protection capability 920380: Number of Arguments Limits.

    maxSingleArgumentLength Number

    Maximum allowed length of a single argument. Used in protection capability 920370: Limit argument value length.

    maxTotalArgumentLength Number

    Maximum allowed total length of all arguments. Used in protection capability 920390: Limit arguments total length.

    Package Details

    Repository
    oci pulumi/pulumi-oci
    License
    Apache-2.0
    Notes

    This Pulumi package is based on the oci Terraform Provider.

    oci logo
    Oracle Cloud Infrastructure v1.16.1 published on Wednesday, Nov 22, 2023 by Pulumi