1. Packages
  2. Oracle Cloud Infrastructure
  3. API Docs
  4. Waf
  5. getWebAppFirewallPolicy
Oracle Cloud Infrastructure v2.18.0 published on Friday, Nov 22, 2024 by Pulumi

oci.Waf.getWebAppFirewallPolicy

Explore with Pulumi AI

oci logo
Oracle Cloud Infrastructure v2.18.0 published on Friday, Nov 22, 2024 by Pulumi

    This data source provides details about a specific Web App Firewall Policy resource in Oracle Cloud Infrastructure Waf service.

    Gets a WebAppFirewallPolicy with the given OCID.

    Example Usage

    import * as pulumi from "@pulumi/pulumi";
    import * as oci from "@pulumi/oci";
    
    const testWebAppFirewallPolicy = oci.Waf.getWebAppFirewallPolicy({
        webAppFirewallPolicyId: testWebAppFirewallPolicyOciWafWebAppFirewallPolicy.id,
    });
    
    import pulumi
    import pulumi_oci as oci
    
    test_web_app_firewall_policy = oci.Waf.get_web_app_firewall_policy(web_app_firewall_policy_id=test_web_app_firewall_policy_oci_waf_web_app_firewall_policy["id"])
    
    package main
    
    import (
    	"github.com/pulumi/pulumi-oci/sdk/v2/go/oci/Waf"
    	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
    )
    
    func main() {
    	pulumi.Run(func(ctx *pulumi.Context) error {
    		_, err := Waf.GetWebAppFirewallPolicy(ctx, &waf.GetWebAppFirewallPolicyArgs{
    			WebAppFirewallPolicyId: testWebAppFirewallPolicyOciWafWebAppFirewallPolicy.Id,
    		}, nil)
    		if err != nil {
    			return err
    		}
    		return nil
    	})
    }
    
    using System.Collections.Generic;
    using System.Linq;
    using Pulumi;
    using Oci = Pulumi.Oci;
    
    return await Deployment.RunAsync(() => 
    {
        var testWebAppFirewallPolicy = Oci.Waf.GetWebAppFirewallPolicy.Invoke(new()
        {
            WebAppFirewallPolicyId = testWebAppFirewallPolicyOciWafWebAppFirewallPolicy.Id,
        });
    
    });
    
    package generated_program;
    
    import com.pulumi.Context;
    import com.pulumi.Pulumi;
    import com.pulumi.core.Output;
    import com.pulumi.oci.Waf.WafFunctions;
    import com.pulumi.oci.Waf.inputs.GetWebAppFirewallPolicyArgs;
    import java.util.List;
    import java.util.ArrayList;
    import java.util.Map;
    import java.io.File;
    import java.nio.file.Files;
    import java.nio.file.Paths;
    
    public class App {
        public static void main(String[] args) {
            Pulumi.run(App::stack);
        }
    
        public static void stack(Context ctx) {
            final var testWebAppFirewallPolicy = WafFunctions.getWebAppFirewallPolicy(GetWebAppFirewallPolicyArgs.builder()
                .webAppFirewallPolicyId(testWebAppFirewallPolicyOciWafWebAppFirewallPolicy.id())
                .build());
    
        }
    }
    
    variables:
      testWebAppFirewallPolicy:
        fn::invoke:
          Function: oci:Waf:getWebAppFirewallPolicy
          Arguments:
            webAppFirewallPolicyId: ${testWebAppFirewallPolicyOciWafWebAppFirewallPolicy.id}
    

    Using getWebAppFirewallPolicy

    Two invocation forms are available. The direct form accepts plain arguments and either blocks until the result value is available, or returns a Promise-wrapped result. The output form accepts Input-wrapped arguments and returns an Output-wrapped result.

    function getWebAppFirewallPolicy(args: GetWebAppFirewallPolicyArgs, opts?: InvokeOptions): Promise<GetWebAppFirewallPolicyResult>
    function getWebAppFirewallPolicyOutput(args: GetWebAppFirewallPolicyOutputArgs, opts?: InvokeOptions): Output<GetWebAppFirewallPolicyResult>
    def get_web_app_firewall_policy(web_app_firewall_policy_id: Optional[str] = None,
                                    opts: Optional[InvokeOptions] = None) -> GetWebAppFirewallPolicyResult
    def get_web_app_firewall_policy_output(web_app_firewall_policy_id: Optional[pulumi.Input[str]] = None,
                                    opts: Optional[InvokeOptions] = None) -> Output[GetWebAppFirewallPolicyResult]
    func GetWebAppFirewallPolicy(ctx *Context, args *GetWebAppFirewallPolicyArgs, opts ...InvokeOption) (*GetWebAppFirewallPolicyResult, error)
    func GetWebAppFirewallPolicyOutput(ctx *Context, args *GetWebAppFirewallPolicyOutputArgs, opts ...InvokeOption) GetWebAppFirewallPolicyResultOutput

    > Note: This function is named GetWebAppFirewallPolicy in the Go SDK.

    public static class GetWebAppFirewallPolicy 
    {
        public static Task<GetWebAppFirewallPolicyResult> InvokeAsync(GetWebAppFirewallPolicyArgs args, InvokeOptions? opts = null)
        public static Output<GetWebAppFirewallPolicyResult> Invoke(GetWebAppFirewallPolicyInvokeArgs args, InvokeOptions? opts = null)
    }
    public static CompletableFuture<GetWebAppFirewallPolicyResult> getWebAppFirewallPolicy(GetWebAppFirewallPolicyArgs args, InvokeOptions options)
    // Output-based functions aren't available in Java yet
    
    fn::invoke:
      function: oci:Waf/getWebAppFirewallPolicy:getWebAppFirewallPolicy
      arguments:
        # arguments dictionary

    The following arguments are supported:

    WebAppFirewallPolicyId string
    The OCID of the WebAppFirewallPolicy.
    WebAppFirewallPolicyId string
    The OCID of the WebAppFirewallPolicy.
    webAppFirewallPolicyId String
    The OCID of the WebAppFirewallPolicy.
    webAppFirewallPolicyId string
    The OCID of the WebAppFirewallPolicy.
    web_app_firewall_policy_id str
    The OCID of the WebAppFirewallPolicy.
    webAppFirewallPolicyId String
    The OCID of the WebAppFirewallPolicy.

    getWebAppFirewallPolicy Result

    The following output properties are available:

    Actions List<GetWebAppFirewallPolicyAction>
    Predefined actions for use in multiple different rules. Not all actions are supported in every module. Some actions terminate further execution of modules and rules in a module and some do not. Actions names must be unique within this array.
    CompartmentId string
    The OCID of the compartment.
    DefinedTags Dictionary<string, string>
    Defined tags for this resource. Each key is predefined and scoped to a namespace. Example: {"foo-namespace.bar-key": "value"}
    DisplayName string
    WebAppFirewallPolicy display name, can be renamed.
    FreeformTags Dictionary<string, string>
    Simple key-value pair that is applied without any predefined name, type or scope. Exists for cross-compatibility only. Example: {"bar-key": "value"}
    Id string
    The OCID of the WebAppFirewallPolicy.
    LifecycleDetails string
    A message describing the current state in more detail. For example, can be used to provide actionable information for a resource in FAILED state.
    RequestAccessControls List<GetWebAppFirewallPolicyRequestAccessControl>
    Module that allows inspection of HTTP request properties and to return a defined HTTP response. In this module, rules with the name 'Default Action' are not allowed, since this name is reserved for default action logs.
    RequestProtections List<GetWebAppFirewallPolicyRequestProtection>
    Module that allows to enable OCI-managed protection capabilities for incoming HTTP requests.
    RequestRateLimitings List<GetWebAppFirewallPolicyRequestRateLimiting>
    Module that allows inspection of HTTP connection properties and to limit requests frequency for a given key.
    ResponseAccessControls List<GetWebAppFirewallPolicyResponseAccessControl>
    Module that allows inspection of HTTP response properties and to return a defined HTTP response.
    ResponseProtections List<GetWebAppFirewallPolicyResponseProtection>
    Module that allows to enable OCI-managed protection capabilities for HTTP responses.
    State string
    The current state of the WebAppFirewallPolicy.
    SystemTags Dictionary<string, string>
    Usage of system tag keys. These predefined keys are scoped to namespaces. Example: {"orcl-cloud.free-tier-retained": "true"}
    TimeCreated string
    The time the WebAppFirewallPolicy was created. An RFC3339 formatted datetime string.
    TimeUpdated string
    The time the WebAppFirewallPolicy was updated. An RFC3339 formatted datetime string.
    WebAppFirewallPolicyId string
    Actions []GetWebAppFirewallPolicyAction
    Predefined actions for use in multiple different rules. Not all actions are supported in every module. Some actions terminate further execution of modules and rules in a module and some do not. Actions names must be unique within this array.
    CompartmentId string
    The OCID of the compartment.
    DefinedTags map[string]string
    Defined tags for this resource. Each key is predefined and scoped to a namespace. Example: {"foo-namespace.bar-key": "value"}
    DisplayName string
    WebAppFirewallPolicy display name, can be renamed.
    FreeformTags map[string]string
    Simple key-value pair that is applied without any predefined name, type or scope. Exists for cross-compatibility only. Example: {"bar-key": "value"}
    Id string
    The OCID of the WebAppFirewallPolicy.
    LifecycleDetails string
    A message describing the current state in more detail. For example, can be used to provide actionable information for a resource in FAILED state.
    RequestAccessControls []GetWebAppFirewallPolicyRequestAccessControl
    Module that allows inspection of HTTP request properties and to return a defined HTTP response. In this module, rules with the name 'Default Action' are not allowed, since this name is reserved for default action logs.
    RequestProtections []GetWebAppFirewallPolicyRequestProtection
    Module that allows to enable OCI-managed protection capabilities for incoming HTTP requests.
    RequestRateLimitings []GetWebAppFirewallPolicyRequestRateLimiting
    Module that allows inspection of HTTP connection properties and to limit requests frequency for a given key.
    ResponseAccessControls []GetWebAppFirewallPolicyResponseAccessControl
    Module that allows inspection of HTTP response properties and to return a defined HTTP response.
    ResponseProtections []GetWebAppFirewallPolicyResponseProtection
    Module that allows to enable OCI-managed protection capabilities for HTTP responses.
    State string
    The current state of the WebAppFirewallPolicy.
    SystemTags map[string]string
    Usage of system tag keys. These predefined keys are scoped to namespaces. Example: {"orcl-cloud.free-tier-retained": "true"}
    TimeCreated string
    The time the WebAppFirewallPolicy was created. An RFC3339 formatted datetime string.
    TimeUpdated string
    The time the WebAppFirewallPolicy was updated. An RFC3339 formatted datetime string.
    WebAppFirewallPolicyId string
    actions List<GetWebAppFirewallPolicyAction>
    Predefined actions for use in multiple different rules. Not all actions are supported in every module. Some actions terminate further execution of modules and rules in a module and some do not. Actions names must be unique within this array.
    compartmentId String
    The OCID of the compartment.
    definedTags Map<String,String>
    Defined tags for this resource. Each key is predefined and scoped to a namespace. Example: {"foo-namespace.bar-key": "value"}
    displayName String
    WebAppFirewallPolicy display name, can be renamed.
    freeformTags Map<String,String>
    Simple key-value pair that is applied without any predefined name, type or scope. Exists for cross-compatibility only. Example: {"bar-key": "value"}
    id String
    The OCID of the WebAppFirewallPolicy.
    lifecycleDetails String
    A message describing the current state in more detail. For example, can be used to provide actionable information for a resource in FAILED state.
    requestAccessControls List<GetWebAppFirewallPolicyRequestAccessControl>
    Module that allows inspection of HTTP request properties and to return a defined HTTP response. In this module, rules with the name 'Default Action' are not allowed, since this name is reserved for default action logs.
    requestProtections List<GetWebAppFirewallPolicyRequestProtection>
    Module that allows to enable OCI-managed protection capabilities for incoming HTTP requests.
    requestRateLimitings List<GetWebAppFirewallPolicyRequestRateLimiting>
    Module that allows inspection of HTTP connection properties and to limit requests frequency for a given key.
    responseAccessControls List<GetWebAppFirewallPolicyResponseAccessControl>
    Module that allows inspection of HTTP response properties and to return a defined HTTP response.
    responseProtections List<GetWebAppFirewallPolicyResponseProtection>
    Module that allows to enable OCI-managed protection capabilities for HTTP responses.
    state String
    The current state of the WebAppFirewallPolicy.
    systemTags Map<String,String>
    Usage of system tag keys. These predefined keys are scoped to namespaces. Example: {"orcl-cloud.free-tier-retained": "true"}
    timeCreated String
    The time the WebAppFirewallPolicy was created. An RFC3339 formatted datetime string.
    timeUpdated String
    The time the WebAppFirewallPolicy was updated. An RFC3339 formatted datetime string.
    webAppFirewallPolicyId String
    actions GetWebAppFirewallPolicyAction[]
    Predefined actions for use in multiple different rules. Not all actions are supported in every module. Some actions terminate further execution of modules and rules in a module and some do not. Actions names must be unique within this array.
    compartmentId string
    The OCID of the compartment.
    definedTags {[key: string]: string}
    Defined tags for this resource. Each key is predefined and scoped to a namespace. Example: {"foo-namespace.bar-key": "value"}
    displayName string
    WebAppFirewallPolicy display name, can be renamed.
    freeformTags {[key: string]: string}
    Simple key-value pair that is applied without any predefined name, type or scope. Exists for cross-compatibility only. Example: {"bar-key": "value"}
    id string
    The OCID of the WebAppFirewallPolicy.
    lifecycleDetails string
    A message describing the current state in more detail. For example, can be used to provide actionable information for a resource in FAILED state.
    requestAccessControls GetWebAppFirewallPolicyRequestAccessControl[]
    Module that allows inspection of HTTP request properties and to return a defined HTTP response. In this module, rules with the name 'Default Action' are not allowed, since this name is reserved for default action logs.
    requestProtections GetWebAppFirewallPolicyRequestProtection[]
    Module that allows to enable OCI-managed protection capabilities for incoming HTTP requests.
    requestRateLimitings GetWebAppFirewallPolicyRequestRateLimiting[]
    Module that allows inspection of HTTP connection properties and to limit requests frequency for a given key.
    responseAccessControls GetWebAppFirewallPolicyResponseAccessControl[]
    Module that allows inspection of HTTP response properties and to return a defined HTTP response.
    responseProtections GetWebAppFirewallPolicyResponseProtection[]
    Module that allows to enable OCI-managed protection capabilities for HTTP responses.
    state string
    The current state of the WebAppFirewallPolicy.
    systemTags {[key: string]: string}
    Usage of system tag keys. These predefined keys are scoped to namespaces. Example: {"orcl-cloud.free-tier-retained": "true"}
    timeCreated string
    The time the WebAppFirewallPolicy was created. An RFC3339 formatted datetime string.
    timeUpdated string
    The time the WebAppFirewallPolicy was updated. An RFC3339 formatted datetime string.
    webAppFirewallPolicyId string
    actions Sequence[waf.GetWebAppFirewallPolicyAction]
    Predefined actions for use in multiple different rules. Not all actions are supported in every module. Some actions terminate further execution of modules and rules in a module and some do not. Actions names must be unique within this array.
    compartment_id str
    The OCID of the compartment.
    defined_tags Mapping[str, str]
    Defined tags for this resource. Each key is predefined and scoped to a namespace. Example: {"foo-namespace.bar-key": "value"}
    display_name str
    WebAppFirewallPolicy display name, can be renamed.
    freeform_tags Mapping[str, str]
    Simple key-value pair that is applied without any predefined name, type or scope. Exists for cross-compatibility only. Example: {"bar-key": "value"}
    id str
    The OCID of the WebAppFirewallPolicy.
    lifecycle_details str
    A message describing the current state in more detail. For example, can be used to provide actionable information for a resource in FAILED state.
    request_access_controls Sequence[waf.GetWebAppFirewallPolicyRequestAccessControl]
    Module that allows inspection of HTTP request properties and to return a defined HTTP response. In this module, rules with the name 'Default Action' are not allowed, since this name is reserved for default action logs.
    request_protections Sequence[waf.GetWebAppFirewallPolicyRequestProtection]
    Module that allows to enable OCI-managed protection capabilities for incoming HTTP requests.
    request_rate_limitings Sequence[waf.GetWebAppFirewallPolicyRequestRateLimiting]
    Module that allows inspection of HTTP connection properties and to limit requests frequency for a given key.
    response_access_controls Sequence[waf.GetWebAppFirewallPolicyResponseAccessControl]
    Module that allows inspection of HTTP response properties and to return a defined HTTP response.
    response_protections Sequence[waf.GetWebAppFirewallPolicyResponseProtection]
    Module that allows to enable OCI-managed protection capabilities for HTTP responses.
    state str
    The current state of the WebAppFirewallPolicy.
    system_tags Mapping[str, str]
    Usage of system tag keys. These predefined keys are scoped to namespaces. Example: {"orcl-cloud.free-tier-retained": "true"}
    time_created str
    The time the WebAppFirewallPolicy was created. An RFC3339 formatted datetime string.
    time_updated str
    The time the WebAppFirewallPolicy was updated. An RFC3339 formatted datetime string.
    web_app_firewall_policy_id str
    actions List<Property Map>
    Predefined actions for use in multiple different rules. Not all actions are supported in every module. Some actions terminate further execution of modules and rules in a module and some do not. Actions names must be unique within this array.
    compartmentId String
    The OCID of the compartment.
    definedTags Map<String>
    Defined tags for this resource. Each key is predefined and scoped to a namespace. Example: {"foo-namespace.bar-key": "value"}
    displayName String
    WebAppFirewallPolicy display name, can be renamed.
    freeformTags Map<String>
    Simple key-value pair that is applied without any predefined name, type or scope. Exists for cross-compatibility only. Example: {"bar-key": "value"}
    id String
    The OCID of the WebAppFirewallPolicy.
    lifecycleDetails String
    A message describing the current state in more detail. For example, can be used to provide actionable information for a resource in FAILED state.
    requestAccessControls List<Property Map>
    Module that allows inspection of HTTP request properties and to return a defined HTTP response. In this module, rules with the name 'Default Action' are not allowed, since this name is reserved for default action logs.
    requestProtections List<Property Map>
    Module that allows to enable OCI-managed protection capabilities for incoming HTTP requests.
    requestRateLimitings List<Property Map>
    Module that allows inspection of HTTP connection properties and to limit requests frequency for a given key.
    responseAccessControls List<Property Map>
    Module that allows inspection of HTTP response properties and to return a defined HTTP response.
    responseProtections List<Property Map>
    Module that allows to enable OCI-managed protection capabilities for HTTP responses.
    state String
    The current state of the WebAppFirewallPolicy.
    systemTags Map<String>
    Usage of system tag keys. These predefined keys are scoped to namespaces. Example: {"orcl-cloud.free-tier-retained": "true"}
    timeCreated String
    The time the WebAppFirewallPolicy was created. An RFC3339 formatted datetime string.
    timeUpdated String
    The time the WebAppFirewallPolicy was updated. An RFC3339 formatted datetime string.
    webAppFirewallPolicyId String

    Supporting Types

    GetWebAppFirewallPolicyAction

    Bodies List<GetWebAppFirewallPolicyActionBody>
    Type of returned HTTP response body.
    Code int
    Response code.
    Headers List<GetWebAppFirewallPolicyActionHeader>
    Adds headers defined in this array for HTTP response.
    Name string
    Rule name. Must be unique within the module.
    Type string
    Type of WebAppFirewallPolicyRule.
    Bodies []GetWebAppFirewallPolicyActionBody
    Type of returned HTTP response body.
    Code int
    Response code.
    Headers []GetWebAppFirewallPolicyActionHeader
    Adds headers defined in this array for HTTP response.
    Name string
    Rule name. Must be unique within the module.
    Type string
    Type of WebAppFirewallPolicyRule.
    bodies List<GetWebAppFirewallPolicyActionBody>
    Type of returned HTTP response body.
    code Integer
    Response code.
    headers List<GetWebAppFirewallPolicyActionHeader>
    Adds headers defined in this array for HTTP response.
    name String
    Rule name. Must be unique within the module.
    type String
    Type of WebAppFirewallPolicyRule.
    bodies GetWebAppFirewallPolicyActionBody[]
    Type of returned HTTP response body.
    code number
    Response code.
    headers GetWebAppFirewallPolicyActionHeader[]
    Adds headers defined in this array for HTTP response.
    name string
    Rule name. Must be unique within the module.
    type string
    Type of WebAppFirewallPolicyRule.
    bodies Sequence[waf.GetWebAppFirewallPolicyActionBody]
    Type of returned HTTP response body.
    code int
    Response code.
    headers Sequence[waf.GetWebAppFirewallPolicyActionHeader]
    Adds headers defined in this array for HTTP response.
    name str
    Rule name. Must be unique within the module.
    type str
    Type of WebAppFirewallPolicyRule.
    bodies List<Property Map>
    Type of returned HTTP response body.
    code Number
    Response code.
    headers List<Property Map>
    Adds headers defined in this array for HTTP response.
    name String
    Rule name. Must be unique within the module.
    type String
    Type of WebAppFirewallPolicyRule.

    GetWebAppFirewallPolicyActionBody

    Template string
    Text string
    Static response body text.
    Type string
    Type of WebAppFirewallPolicyRule.
    Template string
    Text string
    Static response body text.
    Type string
    Type of WebAppFirewallPolicyRule.
    template String
    text String
    Static response body text.
    type String
    Type of WebAppFirewallPolicyRule.
    template string
    text string
    Static response body text.
    type string
    Type of WebAppFirewallPolicyRule.
    template str
    text str
    Static response body text.
    type str
    Type of WebAppFirewallPolicyRule.
    template String
    text String
    Static response body text.
    type String
    Type of WebAppFirewallPolicyRule.

    GetWebAppFirewallPolicyActionHeader

    Name string
    Rule name. Must be unique within the module.
    Value string
    The value of the header field.
    Name string
    Rule name. Must be unique within the module.
    Value string
    The value of the header field.
    name String
    Rule name. Must be unique within the module.
    value String
    The value of the header field.
    name string
    Rule name. Must be unique within the module.
    value string
    The value of the header field.
    name str
    Rule name. Must be unique within the module.
    value str
    The value of the header field.
    name String
    Rule name. Must be unique within the module.
    value String
    The value of the header field.

    GetWebAppFirewallPolicyRequestAccessControl

    DefaultActionName string
    References an default Action to take if no AccessControlRule was matched. Allowed action types:

    • ALLOW continues execution of other modules and their rules.
    • RETURN_HTTP_RESPONSE terminates further execution of modules and rules and returns defined HTTP response.
    Rules List<GetWebAppFirewallPolicyRequestAccessControlRule>
    Ordered list of ProtectionRules. Rules are executed in order of appearance in this array. ProtectionRules in this array can only use protection capabilities of RESPONSE_PROTECTION_CAPABILITY type.
    DefaultActionName string
    References an default Action to take if no AccessControlRule was matched. Allowed action types:

    • ALLOW continues execution of other modules and their rules.
    • RETURN_HTTP_RESPONSE terminates further execution of modules and rules and returns defined HTTP response.
    Rules []GetWebAppFirewallPolicyRequestAccessControlRule
    Ordered list of ProtectionRules. Rules are executed in order of appearance in this array. ProtectionRules in this array can only use protection capabilities of RESPONSE_PROTECTION_CAPABILITY type.
    defaultActionName String
    References an default Action to take if no AccessControlRule was matched. Allowed action types:

    • ALLOW continues execution of other modules and their rules.
    • RETURN_HTTP_RESPONSE terminates further execution of modules and rules and returns defined HTTP response.
    rules List<GetWebAppFirewallPolicyRequestAccessControlRule>
    Ordered list of ProtectionRules. Rules are executed in order of appearance in this array. ProtectionRules in this array can only use protection capabilities of RESPONSE_PROTECTION_CAPABILITY type.
    defaultActionName string
    References an default Action to take if no AccessControlRule was matched. Allowed action types:

    • ALLOW continues execution of other modules and their rules.
    • RETURN_HTTP_RESPONSE terminates further execution of modules and rules and returns defined HTTP response.
    rules GetWebAppFirewallPolicyRequestAccessControlRule[]
    Ordered list of ProtectionRules. Rules are executed in order of appearance in this array. ProtectionRules in this array can only use protection capabilities of RESPONSE_PROTECTION_CAPABILITY type.
    default_action_name str
    References an default Action to take if no AccessControlRule was matched. Allowed action types:

    • ALLOW continues execution of other modules and their rules.
    • RETURN_HTTP_RESPONSE terminates further execution of modules and rules and returns defined HTTP response.
    rules Sequence[waf.GetWebAppFirewallPolicyRequestAccessControlRule]
    Ordered list of ProtectionRules. Rules are executed in order of appearance in this array. ProtectionRules in this array can only use protection capabilities of RESPONSE_PROTECTION_CAPABILITY type.
    defaultActionName String
    References an default Action to take if no AccessControlRule was matched. Allowed action types:

    • ALLOW continues execution of other modules and their rules.
    • RETURN_HTTP_RESPONSE terminates further execution of modules and rules and returns defined HTTP response.
    rules List<Property Map>
    Ordered list of ProtectionRules. Rules are executed in order of appearance in this array. ProtectionRules in this array can only use protection capabilities of RESPONSE_PROTECTION_CAPABILITY type.

    GetWebAppFirewallPolicyRequestAccessControlRule

    ActionName string
    Override action to take if capability was triggered, defined in Protection Rule for this capability. Only actions of type CHECK are allowed.
    Condition string
    An expression that determines whether or not the rule action should be executed.
    ConditionLanguage string
    The language used to parse condition from field condition. Available languages:

    • JMESPATH an extended JMESPath language syntax.
    Name string
    Rule name. Must be unique within the module.
    Type string
    Type of WebAppFirewallPolicyRule.
    ActionName string
    Override action to take if capability was triggered, defined in Protection Rule for this capability. Only actions of type CHECK are allowed.
    Condition string
    An expression that determines whether or not the rule action should be executed.
    ConditionLanguage string
    The language used to parse condition from field condition. Available languages:

    • JMESPATH an extended JMESPath language syntax.
    Name string
    Rule name. Must be unique within the module.
    Type string
    Type of WebAppFirewallPolicyRule.
    actionName String
    Override action to take if capability was triggered, defined in Protection Rule for this capability. Only actions of type CHECK are allowed.
    condition String
    An expression that determines whether or not the rule action should be executed.
    conditionLanguage String
    The language used to parse condition from field condition. Available languages:

    • JMESPATH an extended JMESPath language syntax.
    name String
    Rule name. Must be unique within the module.
    type String
    Type of WebAppFirewallPolicyRule.
    actionName string
    Override action to take if capability was triggered, defined in Protection Rule for this capability. Only actions of type CHECK are allowed.
    condition string
    An expression that determines whether or not the rule action should be executed.
    conditionLanguage string
    The language used to parse condition from field condition. Available languages:

    • JMESPATH an extended JMESPath language syntax.
    name string
    Rule name. Must be unique within the module.
    type string
    Type of WebAppFirewallPolicyRule.
    action_name str
    Override action to take if capability was triggered, defined in Protection Rule for this capability. Only actions of type CHECK are allowed.
    condition str
    An expression that determines whether or not the rule action should be executed.
    condition_language str
    The language used to parse condition from field condition. Available languages:

    • JMESPATH an extended JMESPath language syntax.
    name str
    Rule name. Must be unique within the module.
    type str
    Type of WebAppFirewallPolicyRule.
    actionName String
    Override action to take if capability was triggered, defined in Protection Rule for this capability. Only actions of type CHECK are allowed.
    condition String
    An expression that determines whether or not the rule action should be executed.
    conditionLanguage String
    The language used to parse condition from field condition. Available languages:

    • JMESPATH an extended JMESPath language syntax.
    name String
    Rule name. Must be unique within the module.
    type String
    Type of WebAppFirewallPolicyRule.

    GetWebAppFirewallPolicyRequestProtection

    BodyInspectionSizeLimitExceededActionName string
    References action by name from actions defined in WebAppFirewallPolicy. Executed if HTTP message body size exceeds limit set in field bodyInspectionSizeLimitInBytes.
    BodyInspectionSizeLimitInBytes int
    Maximum size of inspected HTTP message body in bytes. Actions to take if this limit is exceeded are defined in bodyInspectionSizeLimitExceededActionName.
    Rules List<GetWebAppFirewallPolicyRequestProtectionRule>
    Ordered list of ProtectionRules. Rules are executed in order of appearance in this array. ProtectionRules in this array can only use protection capabilities of RESPONSE_PROTECTION_CAPABILITY type.
    BodyInspectionSizeLimitExceededActionName string
    References action by name from actions defined in WebAppFirewallPolicy. Executed if HTTP message body size exceeds limit set in field bodyInspectionSizeLimitInBytes.
    BodyInspectionSizeLimitInBytes int
    Maximum size of inspected HTTP message body in bytes. Actions to take if this limit is exceeded are defined in bodyInspectionSizeLimitExceededActionName.
    Rules []GetWebAppFirewallPolicyRequestProtectionRule
    Ordered list of ProtectionRules. Rules are executed in order of appearance in this array. ProtectionRules in this array can only use protection capabilities of RESPONSE_PROTECTION_CAPABILITY type.
    bodyInspectionSizeLimitExceededActionName String
    References action by name from actions defined in WebAppFirewallPolicy. Executed if HTTP message body size exceeds limit set in field bodyInspectionSizeLimitInBytes.
    bodyInspectionSizeLimitInBytes Integer
    Maximum size of inspected HTTP message body in bytes. Actions to take if this limit is exceeded are defined in bodyInspectionSizeLimitExceededActionName.
    rules List<GetWebAppFirewallPolicyRequestProtectionRule>
    Ordered list of ProtectionRules. Rules are executed in order of appearance in this array. ProtectionRules in this array can only use protection capabilities of RESPONSE_PROTECTION_CAPABILITY type.
    bodyInspectionSizeLimitExceededActionName string
    References action by name from actions defined in WebAppFirewallPolicy. Executed if HTTP message body size exceeds limit set in field bodyInspectionSizeLimitInBytes.
    bodyInspectionSizeLimitInBytes number
    Maximum size of inspected HTTP message body in bytes. Actions to take if this limit is exceeded are defined in bodyInspectionSizeLimitExceededActionName.
    rules GetWebAppFirewallPolicyRequestProtectionRule[]
    Ordered list of ProtectionRules. Rules are executed in order of appearance in this array. ProtectionRules in this array can only use protection capabilities of RESPONSE_PROTECTION_CAPABILITY type.
    body_inspection_size_limit_exceeded_action_name str
    References action by name from actions defined in WebAppFirewallPolicy. Executed if HTTP message body size exceeds limit set in field bodyInspectionSizeLimitInBytes.
    body_inspection_size_limit_in_bytes int
    Maximum size of inspected HTTP message body in bytes. Actions to take if this limit is exceeded are defined in bodyInspectionSizeLimitExceededActionName.
    rules Sequence[waf.GetWebAppFirewallPolicyRequestProtectionRule]
    Ordered list of ProtectionRules. Rules are executed in order of appearance in this array. ProtectionRules in this array can only use protection capabilities of RESPONSE_PROTECTION_CAPABILITY type.
    bodyInspectionSizeLimitExceededActionName String
    References action by name from actions defined in WebAppFirewallPolicy. Executed if HTTP message body size exceeds limit set in field bodyInspectionSizeLimitInBytes.
    bodyInspectionSizeLimitInBytes Number
    Maximum size of inspected HTTP message body in bytes. Actions to take if this limit is exceeded are defined in bodyInspectionSizeLimitExceededActionName.
    rules List<Property Map>
    Ordered list of ProtectionRules. Rules are executed in order of appearance in this array. ProtectionRules in this array can only use protection capabilities of RESPONSE_PROTECTION_CAPABILITY type.

    GetWebAppFirewallPolicyRequestProtectionRule

    ActionName string
    Override action to take if capability was triggered, defined in Protection Rule for this capability. Only actions of type CHECK are allowed.
    Condition string
    An expression that determines whether or not the rule action should be executed.
    ConditionLanguage string
    The language used to parse condition from field condition. Available languages:

    • JMESPATH an extended JMESPath language syntax.
    IsBodyInspectionEnabled bool
    Enables/disables body inspection for this protection rule. Only Protection Rules in RequestProtection can have this option enabled. Response body inspection will be available at a later date.
    Name string
    Rule name. Must be unique within the module.
    ProtectionCapabilities List<GetWebAppFirewallPolicyRequestProtectionRuleProtectionCapability>
    An ordered list that references OCI-managed protection capabilities. Referenced protection capabilities are not necessarily executed in order of appearance. Their execution order is decided at runtime for improved performance. The array cannot contain entries with the same pair of capability key and version more than once.
    ProtectionCapabilitySettings List<GetWebAppFirewallPolicyRequestProtectionRuleProtectionCapabilitySetting>
    Settings for protection capabilities
    Type string
    Type of WebAppFirewallPolicyRule.
    ActionName string
    Override action to take if capability was triggered, defined in Protection Rule for this capability. Only actions of type CHECK are allowed.
    Condition string
    An expression that determines whether or not the rule action should be executed.
    ConditionLanguage string
    The language used to parse condition from field condition. Available languages:

    • JMESPATH an extended JMESPath language syntax.
    IsBodyInspectionEnabled bool
    Enables/disables body inspection for this protection rule. Only Protection Rules in RequestProtection can have this option enabled. Response body inspection will be available at a later date.
    Name string
    Rule name. Must be unique within the module.
    ProtectionCapabilities []GetWebAppFirewallPolicyRequestProtectionRuleProtectionCapability
    An ordered list that references OCI-managed protection capabilities. Referenced protection capabilities are not necessarily executed in order of appearance. Their execution order is decided at runtime for improved performance. The array cannot contain entries with the same pair of capability key and version more than once.
    ProtectionCapabilitySettings []GetWebAppFirewallPolicyRequestProtectionRuleProtectionCapabilitySetting
    Settings for protection capabilities
    Type string
    Type of WebAppFirewallPolicyRule.
    actionName String
    Override action to take if capability was triggered, defined in Protection Rule for this capability. Only actions of type CHECK are allowed.
    condition String
    An expression that determines whether or not the rule action should be executed.
    conditionLanguage String
    The language used to parse condition from field condition. Available languages:

    • JMESPATH an extended JMESPath language syntax.
    isBodyInspectionEnabled Boolean
    Enables/disables body inspection for this protection rule. Only Protection Rules in RequestProtection can have this option enabled. Response body inspection will be available at a later date.
    name String
    Rule name. Must be unique within the module.
    protectionCapabilities List<GetWebAppFirewallPolicyRequestProtectionRuleProtectionCapability>
    An ordered list that references OCI-managed protection capabilities. Referenced protection capabilities are not necessarily executed in order of appearance. Their execution order is decided at runtime for improved performance. The array cannot contain entries with the same pair of capability key and version more than once.
    protectionCapabilitySettings List<GetWebAppFirewallPolicyRequestProtectionRuleProtectionCapabilitySetting>
    Settings for protection capabilities
    type String
    Type of WebAppFirewallPolicyRule.
    actionName string
    Override action to take if capability was triggered, defined in Protection Rule for this capability. Only actions of type CHECK are allowed.
    condition string
    An expression that determines whether or not the rule action should be executed.
    conditionLanguage string
    The language used to parse condition from field condition. Available languages:

    • JMESPATH an extended JMESPath language syntax.
    isBodyInspectionEnabled boolean
    Enables/disables body inspection for this protection rule. Only Protection Rules in RequestProtection can have this option enabled. Response body inspection will be available at a later date.
    name string
    Rule name. Must be unique within the module.
    protectionCapabilities GetWebAppFirewallPolicyRequestProtectionRuleProtectionCapability[]
    An ordered list that references OCI-managed protection capabilities. Referenced protection capabilities are not necessarily executed in order of appearance. Their execution order is decided at runtime for improved performance. The array cannot contain entries with the same pair of capability key and version more than once.
    protectionCapabilitySettings GetWebAppFirewallPolicyRequestProtectionRuleProtectionCapabilitySetting[]
    Settings for protection capabilities
    type string
    Type of WebAppFirewallPolicyRule.
    action_name str
    Override action to take if capability was triggered, defined in Protection Rule for this capability. Only actions of type CHECK are allowed.
    condition str
    An expression that determines whether or not the rule action should be executed.
    condition_language str
    The language used to parse condition from field condition. Available languages:

    • JMESPATH an extended JMESPath language syntax.
    is_body_inspection_enabled bool
    Enables/disables body inspection for this protection rule. Only Protection Rules in RequestProtection can have this option enabled. Response body inspection will be available at a later date.
    name str
    Rule name. Must be unique within the module.
    protection_capabilities Sequence[waf.GetWebAppFirewallPolicyRequestProtectionRuleProtectionCapability]
    An ordered list that references OCI-managed protection capabilities. Referenced protection capabilities are not necessarily executed in order of appearance. Their execution order is decided at runtime for improved performance. The array cannot contain entries with the same pair of capability key and version more than once.
    protection_capability_settings Sequence[waf.GetWebAppFirewallPolicyRequestProtectionRuleProtectionCapabilitySetting]
    Settings for protection capabilities
    type str
    Type of WebAppFirewallPolicyRule.
    actionName String
    Override action to take if capability was triggered, defined in Protection Rule for this capability. Only actions of type CHECK are allowed.
    condition String
    An expression that determines whether or not the rule action should be executed.
    conditionLanguage String
    The language used to parse condition from field condition. Available languages:

    • JMESPATH an extended JMESPath language syntax.
    isBodyInspectionEnabled Boolean
    Enables/disables body inspection for this protection rule. Only Protection Rules in RequestProtection can have this option enabled. Response body inspection will be available at a later date.
    name String
    Rule name. Must be unique within the module.
    protectionCapabilities List<Property Map>
    An ordered list that references OCI-managed protection capabilities. Referenced protection capabilities are not necessarily executed in order of appearance. Their execution order is decided at runtime for improved performance. The array cannot contain entries with the same pair of capability key and version more than once.
    protectionCapabilitySettings List<Property Map>
    Settings for protection capabilities
    type String
    Type of WebAppFirewallPolicyRule.

    GetWebAppFirewallPolicyRequestProtectionRuleProtectionCapability

    ActionName string
    Override action to take if capability was triggered, defined in Protection Rule for this capability. Only actions of type CHECK are allowed.
    CollaborativeActionThreshold int
    The minimum sum of weights of associated collaborative protection capabilities that have triggered which must be reached in order for this capability to trigger. This field is ignored for non-collaborative capabilities.
    CollaborativeWeights List<GetWebAppFirewallPolicyRequestProtectionRuleProtectionCapabilityCollaborativeWeight>
    Explicit weight values to use for associated collaborative protection capabilities.
    Exclusions List<GetWebAppFirewallPolicyRequestProtectionRuleProtectionCapabilityExclusion>
    Identifies specific HTTP message parameters to exclude from inspection by a protection capability.
    Key string
    Unique key of referenced protection capability.
    Version int
    Version of referenced protection capability.
    ActionName string
    Override action to take if capability was triggered, defined in Protection Rule for this capability. Only actions of type CHECK are allowed.
    CollaborativeActionThreshold int
    The minimum sum of weights of associated collaborative protection capabilities that have triggered which must be reached in order for this capability to trigger. This field is ignored for non-collaborative capabilities.
    CollaborativeWeights []GetWebAppFirewallPolicyRequestProtectionRuleProtectionCapabilityCollaborativeWeight
    Explicit weight values to use for associated collaborative protection capabilities.
    Exclusions []GetWebAppFirewallPolicyRequestProtectionRuleProtectionCapabilityExclusion
    Identifies specific HTTP message parameters to exclude from inspection by a protection capability.
    Key string
    Unique key of referenced protection capability.
    Version int
    Version of referenced protection capability.
    actionName String
    Override action to take if capability was triggered, defined in Protection Rule for this capability. Only actions of type CHECK are allowed.
    collaborativeActionThreshold Integer
    The minimum sum of weights of associated collaborative protection capabilities that have triggered which must be reached in order for this capability to trigger. This field is ignored for non-collaborative capabilities.
    collaborativeWeights List<GetWebAppFirewallPolicyRequestProtectionRuleProtectionCapabilityCollaborativeWeight>
    Explicit weight values to use for associated collaborative protection capabilities.
    exclusions List<GetWebAppFirewallPolicyRequestProtectionRuleProtectionCapabilityExclusion>
    Identifies specific HTTP message parameters to exclude from inspection by a protection capability.
    key String
    Unique key of referenced protection capability.
    version Integer
    Version of referenced protection capability.
    actionName string
    Override action to take if capability was triggered, defined in Protection Rule for this capability. Only actions of type CHECK are allowed.
    collaborativeActionThreshold number
    The minimum sum of weights of associated collaborative protection capabilities that have triggered which must be reached in order for this capability to trigger. This field is ignored for non-collaborative capabilities.
    collaborativeWeights GetWebAppFirewallPolicyRequestProtectionRuleProtectionCapabilityCollaborativeWeight[]
    Explicit weight values to use for associated collaborative protection capabilities.
    exclusions GetWebAppFirewallPolicyRequestProtectionRuleProtectionCapabilityExclusion[]
    Identifies specific HTTP message parameters to exclude from inspection by a protection capability.
    key string
    Unique key of referenced protection capability.
    version number
    Version of referenced protection capability.
    action_name str
    Override action to take if capability was triggered, defined in Protection Rule for this capability. Only actions of type CHECK are allowed.
    collaborative_action_threshold int
    The minimum sum of weights of associated collaborative protection capabilities that have triggered which must be reached in order for this capability to trigger. This field is ignored for non-collaborative capabilities.
    collaborative_weights Sequence[waf.GetWebAppFirewallPolicyRequestProtectionRuleProtectionCapabilityCollaborativeWeight]
    Explicit weight values to use for associated collaborative protection capabilities.
    exclusions Sequence[waf.GetWebAppFirewallPolicyRequestProtectionRuleProtectionCapabilityExclusion]
    Identifies specific HTTP message parameters to exclude from inspection by a protection capability.
    key str
    Unique key of referenced protection capability.
    version int
    Version of referenced protection capability.
    actionName String
    Override action to take if capability was triggered, defined in Protection Rule for this capability. Only actions of type CHECK are allowed.
    collaborativeActionThreshold Number
    The minimum sum of weights of associated collaborative protection capabilities that have triggered which must be reached in order for this capability to trigger. This field is ignored for non-collaborative capabilities.
    collaborativeWeights List<Property Map>
    Explicit weight values to use for associated collaborative protection capabilities.
    exclusions List<Property Map>
    Identifies specific HTTP message parameters to exclude from inspection by a protection capability.
    key String
    Unique key of referenced protection capability.
    version Number
    Version of referenced protection capability.

    GetWebAppFirewallPolicyRequestProtectionRuleProtectionCapabilityCollaborativeWeight

    Key string
    Unique key of referenced protection capability.
    Weight int
    The value of weight to set.
    Key string
    Unique key of referenced protection capability.
    Weight int
    The value of weight to set.
    key String
    Unique key of referenced protection capability.
    weight Integer
    The value of weight to set.
    key string
    Unique key of referenced protection capability.
    weight number
    The value of weight to set.
    key str
    Unique key of referenced protection capability.
    weight int
    The value of weight to set.
    key String
    Unique key of referenced protection capability.
    weight Number
    The value of weight to set.

    GetWebAppFirewallPolicyRequestProtectionRuleProtectionCapabilityExclusion

    Args List<string>
    List of URL query parameter values from form-urlencoded XML, JSON, AMP, or POST payloads to exclude from inspecting. Example: If we have query parameter 'argumentName=argumentValue' and args=['argumentName'], both 'argumentName' and 'argumentValue' will not be inspected.
    RequestCookies List<string>
    List of HTTP request cookie values (by cookie name) to exclude from inspecting. Example: If we have cookie 'cookieName=cookieValue' and requestCookies=['cookieName'], both 'cookieName' and 'cookieValue' will not be inspected.
    Args []string
    List of URL query parameter values from form-urlencoded XML, JSON, AMP, or POST payloads to exclude from inspecting. Example: If we have query parameter 'argumentName=argumentValue' and args=['argumentName'], both 'argumentName' and 'argumentValue' will not be inspected.
    RequestCookies []string
    List of HTTP request cookie values (by cookie name) to exclude from inspecting. Example: If we have cookie 'cookieName=cookieValue' and requestCookies=['cookieName'], both 'cookieName' and 'cookieValue' will not be inspected.
    args List<String>
    List of URL query parameter values from form-urlencoded XML, JSON, AMP, or POST payloads to exclude from inspecting. Example: If we have query parameter 'argumentName=argumentValue' and args=['argumentName'], both 'argumentName' and 'argumentValue' will not be inspected.
    requestCookies List<String>
    List of HTTP request cookie values (by cookie name) to exclude from inspecting. Example: If we have cookie 'cookieName=cookieValue' and requestCookies=['cookieName'], both 'cookieName' and 'cookieValue' will not be inspected.
    args string[]
    List of URL query parameter values from form-urlencoded XML, JSON, AMP, or POST payloads to exclude from inspecting. Example: If we have query parameter 'argumentName=argumentValue' and args=['argumentName'], both 'argumentName' and 'argumentValue' will not be inspected.
    requestCookies string[]
    List of HTTP request cookie values (by cookie name) to exclude from inspecting. Example: If we have cookie 'cookieName=cookieValue' and requestCookies=['cookieName'], both 'cookieName' and 'cookieValue' will not be inspected.
    args Sequence[str]
    List of URL query parameter values from form-urlencoded XML, JSON, AMP, or POST payloads to exclude from inspecting. Example: If we have query parameter 'argumentName=argumentValue' and args=['argumentName'], both 'argumentName' and 'argumentValue' will not be inspected.
    request_cookies Sequence[str]
    List of HTTP request cookie values (by cookie name) to exclude from inspecting. Example: If we have cookie 'cookieName=cookieValue' and requestCookies=['cookieName'], both 'cookieName' and 'cookieValue' will not be inspected.
    args List<String>
    List of URL query parameter values from form-urlencoded XML, JSON, AMP, or POST payloads to exclude from inspecting. Example: If we have query parameter 'argumentName=argumentValue' and args=['argumentName'], both 'argumentName' and 'argumentValue' will not be inspected.
    requestCookies List<String>
    List of HTTP request cookie values (by cookie name) to exclude from inspecting. Example: If we have cookie 'cookieName=cookieValue' and requestCookies=['cookieName'], both 'cookieName' and 'cookieValue' will not be inspected.

    GetWebAppFirewallPolicyRequestProtectionRuleProtectionCapabilitySetting

    AllowedHttpMethods List<string>
    List of allowed HTTP methods. Each value as a RFC7230 formated token string. Used in protection capability 911100: Restrict HTTP Request Methods.
    MaxHttpRequestHeaderLength int
    Maximum allowed length of headers in an HTTP request. Used in protection capability: 9200024: Limit length of request header size.
    MaxHttpRequestHeaders int
    Maximum number of headers allowed in an HTTP request. Used in protection capability 9200014: Limit Number of Request Headers.
    MaxNumberOfArguments int
    Maximum number of arguments allowed. Used in protection capability 920380: Number of Arguments Limits.
    MaxSingleArgumentLength int
    Maximum allowed length of a single argument. Used in protection capability 920370: Limit argument value length.
    MaxTotalArgumentLength int
    Maximum allowed total length of all arguments. Used in protection capability 920390: Limit arguments total length.
    AllowedHttpMethods []string
    List of allowed HTTP methods. Each value as a RFC7230 formated token string. Used in protection capability 911100: Restrict HTTP Request Methods.
    MaxHttpRequestHeaderLength int
    Maximum allowed length of headers in an HTTP request. Used in protection capability: 9200024: Limit length of request header size.
    MaxHttpRequestHeaders int
    Maximum number of headers allowed in an HTTP request. Used in protection capability 9200014: Limit Number of Request Headers.
    MaxNumberOfArguments int
    Maximum number of arguments allowed. Used in protection capability 920380: Number of Arguments Limits.
    MaxSingleArgumentLength int
    Maximum allowed length of a single argument. Used in protection capability 920370: Limit argument value length.
    MaxTotalArgumentLength int
    Maximum allowed total length of all arguments. Used in protection capability 920390: Limit arguments total length.
    allowedHttpMethods List<String>
    List of allowed HTTP methods. Each value as a RFC7230 formated token string. Used in protection capability 911100: Restrict HTTP Request Methods.
    maxHttpRequestHeaderLength Integer
    Maximum allowed length of headers in an HTTP request. Used in protection capability: 9200024: Limit length of request header size.
    maxHttpRequestHeaders Integer
    Maximum number of headers allowed in an HTTP request. Used in protection capability 9200014: Limit Number of Request Headers.
    maxNumberOfArguments Integer
    Maximum number of arguments allowed. Used in protection capability 920380: Number of Arguments Limits.
    maxSingleArgumentLength Integer
    Maximum allowed length of a single argument. Used in protection capability 920370: Limit argument value length.
    maxTotalArgumentLength Integer
    Maximum allowed total length of all arguments. Used in protection capability 920390: Limit arguments total length.
    allowedHttpMethods string[]
    List of allowed HTTP methods. Each value as a RFC7230 formated token string. Used in protection capability 911100: Restrict HTTP Request Methods.
    maxHttpRequestHeaderLength number
    Maximum allowed length of headers in an HTTP request. Used in protection capability: 9200024: Limit length of request header size.
    maxHttpRequestHeaders number
    Maximum number of headers allowed in an HTTP request. Used in protection capability 9200014: Limit Number of Request Headers.
    maxNumberOfArguments number
    Maximum number of arguments allowed. Used in protection capability 920380: Number of Arguments Limits.
    maxSingleArgumentLength number
    Maximum allowed length of a single argument. Used in protection capability 920370: Limit argument value length.
    maxTotalArgumentLength number
    Maximum allowed total length of all arguments. Used in protection capability 920390: Limit arguments total length.
    allowed_http_methods Sequence[str]
    List of allowed HTTP methods. Each value as a RFC7230 formated token string. Used in protection capability 911100: Restrict HTTP Request Methods.
    max_http_request_header_length int
    Maximum allowed length of headers in an HTTP request. Used in protection capability: 9200024: Limit length of request header size.
    max_http_request_headers int
    Maximum number of headers allowed in an HTTP request. Used in protection capability 9200014: Limit Number of Request Headers.
    max_number_of_arguments int
    Maximum number of arguments allowed. Used in protection capability 920380: Number of Arguments Limits.
    max_single_argument_length int
    Maximum allowed length of a single argument. Used in protection capability 920370: Limit argument value length.
    max_total_argument_length int
    Maximum allowed total length of all arguments. Used in protection capability 920390: Limit arguments total length.
    allowedHttpMethods List<String>
    List of allowed HTTP methods. Each value as a RFC7230 formated token string. Used in protection capability 911100: Restrict HTTP Request Methods.
    maxHttpRequestHeaderLength Number
    Maximum allowed length of headers in an HTTP request. Used in protection capability: 9200024: Limit length of request header size.
    maxHttpRequestHeaders Number
    Maximum number of headers allowed in an HTTP request. Used in protection capability 9200014: Limit Number of Request Headers.
    maxNumberOfArguments Number
    Maximum number of arguments allowed. Used in protection capability 920380: Number of Arguments Limits.
    maxSingleArgumentLength Number
    Maximum allowed length of a single argument. Used in protection capability 920370: Limit argument value length.
    maxTotalArgumentLength Number
    Maximum allowed total length of all arguments. Used in protection capability 920390: Limit arguments total length.

    GetWebAppFirewallPolicyRequestRateLimiting

    Rules List<GetWebAppFirewallPolicyRequestRateLimitingRule>
    Ordered list of ProtectionRules. Rules are executed in order of appearance in this array. ProtectionRules in this array can only use protection capabilities of RESPONSE_PROTECTION_CAPABILITY type.
    Rules []GetWebAppFirewallPolicyRequestRateLimitingRule
    Ordered list of ProtectionRules. Rules are executed in order of appearance in this array. ProtectionRules in this array can only use protection capabilities of RESPONSE_PROTECTION_CAPABILITY type.
    rules List<GetWebAppFirewallPolicyRequestRateLimitingRule>
    Ordered list of ProtectionRules. Rules are executed in order of appearance in this array. ProtectionRules in this array can only use protection capabilities of RESPONSE_PROTECTION_CAPABILITY type.
    rules GetWebAppFirewallPolicyRequestRateLimitingRule[]
    Ordered list of ProtectionRules. Rules are executed in order of appearance in this array. ProtectionRules in this array can only use protection capabilities of RESPONSE_PROTECTION_CAPABILITY type.
    rules Sequence[waf.GetWebAppFirewallPolicyRequestRateLimitingRule]
    Ordered list of ProtectionRules. Rules are executed in order of appearance in this array. ProtectionRules in this array can only use protection capabilities of RESPONSE_PROTECTION_CAPABILITY type.
    rules List<Property Map>
    Ordered list of ProtectionRules. Rules are executed in order of appearance in this array. ProtectionRules in this array can only use protection capabilities of RESPONSE_PROTECTION_CAPABILITY type.

    GetWebAppFirewallPolicyRequestRateLimitingRule

    ActionName string
    Override action to take if capability was triggered, defined in Protection Rule for this capability. Only actions of type CHECK are allowed.
    Condition string
    An expression that determines whether or not the rule action should be executed.
    ConditionLanguage string
    The language used to parse condition from field condition. Available languages:

    • JMESPATH an extended JMESPath language syntax.
    Configurations List<GetWebAppFirewallPolicyRequestRateLimitingRuleConfiguration>
    Rate Limiting Configurations. Each configuration counts requests towards its own requestsLimit.
    Name string
    Rule name. Must be unique within the module.
    Type string
    Type of WebAppFirewallPolicyRule.
    ActionName string
    Override action to take if capability was triggered, defined in Protection Rule for this capability. Only actions of type CHECK are allowed.
    Condition string
    An expression that determines whether or not the rule action should be executed.
    ConditionLanguage string
    The language used to parse condition from field condition. Available languages:

    • JMESPATH an extended JMESPath language syntax.
    Configurations []GetWebAppFirewallPolicyRequestRateLimitingRuleConfiguration
    Rate Limiting Configurations. Each configuration counts requests towards its own requestsLimit.
    Name string
    Rule name. Must be unique within the module.
    Type string
    Type of WebAppFirewallPolicyRule.
    actionName String
    Override action to take if capability was triggered, defined in Protection Rule for this capability. Only actions of type CHECK are allowed.
    condition String
    An expression that determines whether or not the rule action should be executed.
    conditionLanguage String
    The language used to parse condition from field condition. Available languages:

    • JMESPATH an extended JMESPath language syntax.
    configurations List<GetWebAppFirewallPolicyRequestRateLimitingRuleConfiguration>
    Rate Limiting Configurations. Each configuration counts requests towards its own requestsLimit.
    name String
    Rule name. Must be unique within the module.
    type String
    Type of WebAppFirewallPolicyRule.
    actionName string
    Override action to take if capability was triggered, defined in Protection Rule for this capability. Only actions of type CHECK are allowed.
    condition string
    An expression that determines whether or not the rule action should be executed.
    conditionLanguage string
    The language used to parse condition from field condition. Available languages:

    • JMESPATH an extended JMESPath language syntax.
    configurations GetWebAppFirewallPolicyRequestRateLimitingRuleConfiguration[]
    Rate Limiting Configurations. Each configuration counts requests towards its own requestsLimit.
    name string
    Rule name. Must be unique within the module.
    type string
    Type of WebAppFirewallPolicyRule.
    action_name str
    Override action to take if capability was triggered, defined in Protection Rule for this capability. Only actions of type CHECK are allowed.
    condition str
    An expression that determines whether or not the rule action should be executed.
    condition_language str
    The language used to parse condition from field condition. Available languages:

    • JMESPATH an extended JMESPath language syntax.
    configurations Sequence[waf.GetWebAppFirewallPolicyRequestRateLimitingRuleConfiguration]
    Rate Limiting Configurations. Each configuration counts requests towards its own requestsLimit.
    name str
    Rule name. Must be unique within the module.
    type str
    Type of WebAppFirewallPolicyRule.
    actionName String
    Override action to take if capability was triggered, defined in Protection Rule for this capability. Only actions of type CHECK are allowed.
    condition String
    An expression that determines whether or not the rule action should be executed.
    conditionLanguage String
    The language used to parse condition from field condition. Available languages:

    • JMESPATH an extended JMESPath language syntax.
    configurations List<Property Map>
    Rate Limiting Configurations. Each configuration counts requests towards its own requestsLimit.
    name String
    Rule name. Must be unique within the module.
    type String
    Type of WebAppFirewallPolicyRule.

    GetWebAppFirewallPolicyRequestRateLimitingRuleConfiguration

    ActionDurationInSeconds int
    Duration of block action application in seconds when requestsLimit is reached. Optional and can be 0 (no block duration).
    PeriodInSeconds int
    Evaluation period in seconds.
    RequestsLimit int
    Requests allowed per evaluation period.
    ActionDurationInSeconds int
    Duration of block action application in seconds when requestsLimit is reached. Optional and can be 0 (no block duration).
    PeriodInSeconds int
    Evaluation period in seconds.
    RequestsLimit int
    Requests allowed per evaluation period.
    actionDurationInSeconds Integer
    Duration of block action application in seconds when requestsLimit is reached. Optional and can be 0 (no block duration).
    periodInSeconds Integer
    Evaluation period in seconds.
    requestsLimit Integer
    Requests allowed per evaluation period.
    actionDurationInSeconds number
    Duration of block action application in seconds when requestsLimit is reached. Optional and can be 0 (no block duration).
    periodInSeconds number
    Evaluation period in seconds.
    requestsLimit number
    Requests allowed per evaluation period.
    action_duration_in_seconds int
    Duration of block action application in seconds when requestsLimit is reached. Optional and can be 0 (no block duration).
    period_in_seconds int
    Evaluation period in seconds.
    requests_limit int
    Requests allowed per evaluation period.
    actionDurationInSeconds Number
    Duration of block action application in seconds when requestsLimit is reached. Optional and can be 0 (no block duration).
    periodInSeconds Number
    Evaluation period in seconds.
    requestsLimit Number
    Requests allowed per evaluation period.

    GetWebAppFirewallPolicyResponseAccessControl

    Rules List<GetWebAppFirewallPolicyResponseAccessControlRule>
    Ordered list of ProtectionRules. Rules are executed in order of appearance in this array. ProtectionRules in this array can only use protection capabilities of RESPONSE_PROTECTION_CAPABILITY type.
    Rules []GetWebAppFirewallPolicyResponseAccessControlRule
    Ordered list of ProtectionRules. Rules are executed in order of appearance in this array. ProtectionRules in this array can only use protection capabilities of RESPONSE_PROTECTION_CAPABILITY type.
    rules List<GetWebAppFirewallPolicyResponseAccessControlRule>
    Ordered list of ProtectionRules. Rules are executed in order of appearance in this array. ProtectionRules in this array can only use protection capabilities of RESPONSE_PROTECTION_CAPABILITY type.
    rules GetWebAppFirewallPolicyResponseAccessControlRule[]
    Ordered list of ProtectionRules. Rules are executed in order of appearance in this array. ProtectionRules in this array can only use protection capabilities of RESPONSE_PROTECTION_CAPABILITY type.
    rules Sequence[waf.GetWebAppFirewallPolicyResponseAccessControlRule]
    Ordered list of ProtectionRules. Rules are executed in order of appearance in this array. ProtectionRules in this array can only use protection capabilities of RESPONSE_PROTECTION_CAPABILITY type.
    rules List<Property Map>
    Ordered list of ProtectionRules. Rules are executed in order of appearance in this array. ProtectionRules in this array can only use protection capabilities of RESPONSE_PROTECTION_CAPABILITY type.

    GetWebAppFirewallPolicyResponseAccessControlRule

    ActionName string
    Override action to take if capability was triggered, defined in Protection Rule for this capability. Only actions of type CHECK are allowed.
    Condition string
    An expression that determines whether or not the rule action should be executed.
    ConditionLanguage string
    The language used to parse condition from field condition. Available languages:

    • JMESPATH an extended JMESPath language syntax.
    Name string
    Rule name. Must be unique within the module.
    Type string
    Type of WebAppFirewallPolicyRule.
    ActionName string
    Override action to take if capability was triggered, defined in Protection Rule for this capability. Only actions of type CHECK are allowed.
    Condition string
    An expression that determines whether or not the rule action should be executed.
    ConditionLanguage string
    The language used to parse condition from field condition. Available languages:

    • JMESPATH an extended JMESPath language syntax.
    Name string
    Rule name. Must be unique within the module.
    Type string
    Type of WebAppFirewallPolicyRule.
    actionName String
    Override action to take if capability was triggered, defined in Protection Rule for this capability. Only actions of type CHECK are allowed.
    condition String
    An expression that determines whether or not the rule action should be executed.
    conditionLanguage String
    The language used to parse condition from field condition. Available languages:

    • JMESPATH an extended JMESPath language syntax.
    name String
    Rule name. Must be unique within the module.
    type String
    Type of WebAppFirewallPolicyRule.
    actionName string
    Override action to take if capability was triggered, defined in Protection Rule for this capability. Only actions of type CHECK are allowed.
    condition string
    An expression that determines whether or not the rule action should be executed.
    conditionLanguage string
    The language used to parse condition from field condition. Available languages:

    • JMESPATH an extended JMESPath language syntax.
    name string
    Rule name. Must be unique within the module.
    type string
    Type of WebAppFirewallPolicyRule.
    action_name str
    Override action to take if capability was triggered, defined in Protection Rule for this capability. Only actions of type CHECK are allowed.
    condition str
    An expression that determines whether or not the rule action should be executed.
    condition_language str
    The language used to parse condition from field condition. Available languages:

    • JMESPATH an extended JMESPath language syntax.
    name str
    Rule name. Must be unique within the module.
    type str
    Type of WebAppFirewallPolicyRule.
    actionName String
    Override action to take if capability was triggered, defined in Protection Rule for this capability. Only actions of type CHECK are allowed.
    condition String
    An expression that determines whether or not the rule action should be executed.
    conditionLanguage String
    The language used to parse condition from field condition. Available languages:

    • JMESPATH an extended JMESPath language syntax.
    name String
    Rule name. Must be unique within the module.
    type String
    Type of WebAppFirewallPolicyRule.

    GetWebAppFirewallPolicyResponseProtection

    Rules List<GetWebAppFirewallPolicyResponseProtectionRule>
    Ordered list of ProtectionRules. Rules are executed in order of appearance in this array. ProtectionRules in this array can only use protection capabilities of RESPONSE_PROTECTION_CAPABILITY type.
    Rules []GetWebAppFirewallPolicyResponseProtectionRule
    Ordered list of ProtectionRules. Rules are executed in order of appearance in this array. ProtectionRules in this array can only use protection capabilities of RESPONSE_PROTECTION_CAPABILITY type.
    rules List<GetWebAppFirewallPolicyResponseProtectionRule>
    Ordered list of ProtectionRules. Rules are executed in order of appearance in this array. ProtectionRules in this array can only use protection capabilities of RESPONSE_PROTECTION_CAPABILITY type.
    rules GetWebAppFirewallPolicyResponseProtectionRule[]
    Ordered list of ProtectionRules. Rules are executed in order of appearance in this array. ProtectionRules in this array can only use protection capabilities of RESPONSE_PROTECTION_CAPABILITY type.
    rules Sequence[waf.GetWebAppFirewallPolicyResponseProtectionRule]
    Ordered list of ProtectionRules. Rules are executed in order of appearance in this array. ProtectionRules in this array can only use protection capabilities of RESPONSE_PROTECTION_CAPABILITY type.
    rules List<Property Map>
    Ordered list of ProtectionRules. Rules are executed in order of appearance in this array. ProtectionRules in this array can only use protection capabilities of RESPONSE_PROTECTION_CAPABILITY type.

    GetWebAppFirewallPolicyResponseProtectionRule

    ActionName string
    Override action to take if capability was triggered, defined in Protection Rule for this capability. Only actions of type CHECK are allowed.
    Condition string
    An expression that determines whether or not the rule action should be executed.
    ConditionLanguage string
    The language used to parse condition from field condition. Available languages:

    • JMESPATH an extended JMESPath language syntax.
    IsBodyInspectionEnabled bool
    Enables/disables body inspection for this protection rule. Only Protection Rules in RequestProtection can have this option enabled. Response body inspection will be available at a later date.
    Name string
    Rule name. Must be unique within the module.
    ProtectionCapabilities List<GetWebAppFirewallPolicyResponseProtectionRuleProtectionCapability>
    An ordered list that references OCI-managed protection capabilities. Referenced protection capabilities are not necessarily executed in order of appearance. Their execution order is decided at runtime for improved performance. The array cannot contain entries with the same pair of capability key and version more than once.
    ProtectionCapabilitySettings List<GetWebAppFirewallPolicyResponseProtectionRuleProtectionCapabilitySetting>
    Settings for protection capabilities
    Type string
    Type of WebAppFirewallPolicyRule.
    ActionName string
    Override action to take if capability was triggered, defined in Protection Rule for this capability. Only actions of type CHECK are allowed.
    Condition string
    An expression that determines whether or not the rule action should be executed.
    ConditionLanguage string
    The language used to parse condition from field condition. Available languages:

    • JMESPATH an extended JMESPath language syntax.
    IsBodyInspectionEnabled bool
    Enables/disables body inspection for this protection rule. Only Protection Rules in RequestProtection can have this option enabled. Response body inspection will be available at a later date.
    Name string
    Rule name. Must be unique within the module.
    ProtectionCapabilities []GetWebAppFirewallPolicyResponseProtectionRuleProtectionCapability
    An ordered list that references OCI-managed protection capabilities. Referenced protection capabilities are not necessarily executed in order of appearance. Their execution order is decided at runtime for improved performance. The array cannot contain entries with the same pair of capability key and version more than once.
    ProtectionCapabilitySettings []GetWebAppFirewallPolicyResponseProtectionRuleProtectionCapabilitySetting
    Settings for protection capabilities
    Type string
    Type of WebAppFirewallPolicyRule.
    actionName String
    Override action to take if capability was triggered, defined in Protection Rule for this capability. Only actions of type CHECK are allowed.
    condition String
    An expression that determines whether or not the rule action should be executed.
    conditionLanguage String
    The language used to parse condition from field condition. Available languages:

    • JMESPATH an extended JMESPath language syntax.
    isBodyInspectionEnabled Boolean
    Enables/disables body inspection for this protection rule. Only Protection Rules in RequestProtection can have this option enabled. Response body inspection will be available at a later date.
    name String
    Rule name. Must be unique within the module.
    protectionCapabilities List<GetWebAppFirewallPolicyResponseProtectionRuleProtectionCapability>
    An ordered list that references OCI-managed protection capabilities. Referenced protection capabilities are not necessarily executed in order of appearance. Their execution order is decided at runtime for improved performance. The array cannot contain entries with the same pair of capability key and version more than once.
    protectionCapabilitySettings List<GetWebAppFirewallPolicyResponseProtectionRuleProtectionCapabilitySetting>
    Settings for protection capabilities
    type String
    Type of WebAppFirewallPolicyRule.
    actionName string
    Override action to take if capability was triggered, defined in Protection Rule for this capability. Only actions of type CHECK are allowed.
    condition string
    An expression that determines whether or not the rule action should be executed.
    conditionLanguage string
    The language used to parse condition from field condition. Available languages:

    • JMESPATH an extended JMESPath language syntax.
    isBodyInspectionEnabled boolean
    Enables/disables body inspection for this protection rule. Only Protection Rules in RequestProtection can have this option enabled. Response body inspection will be available at a later date.
    name string
    Rule name. Must be unique within the module.
    protectionCapabilities GetWebAppFirewallPolicyResponseProtectionRuleProtectionCapability[]
    An ordered list that references OCI-managed protection capabilities. Referenced protection capabilities are not necessarily executed in order of appearance. Their execution order is decided at runtime for improved performance. The array cannot contain entries with the same pair of capability key and version more than once.
    protectionCapabilitySettings GetWebAppFirewallPolicyResponseProtectionRuleProtectionCapabilitySetting[]
    Settings for protection capabilities
    type string
    Type of WebAppFirewallPolicyRule.
    action_name str
    Override action to take if capability was triggered, defined in Protection Rule for this capability. Only actions of type CHECK are allowed.
    condition str
    An expression that determines whether or not the rule action should be executed.
    condition_language str
    The language used to parse condition from field condition. Available languages:

    • JMESPATH an extended JMESPath language syntax.
    is_body_inspection_enabled bool
    Enables/disables body inspection for this protection rule. Only Protection Rules in RequestProtection can have this option enabled. Response body inspection will be available at a later date.
    name str
    Rule name. Must be unique within the module.
    protection_capabilities Sequence[waf.GetWebAppFirewallPolicyResponseProtectionRuleProtectionCapability]
    An ordered list that references OCI-managed protection capabilities. Referenced protection capabilities are not necessarily executed in order of appearance. Their execution order is decided at runtime for improved performance. The array cannot contain entries with the same pair of capability key and version more than once.
    protection_capability_settings Sequence[waf.GetWebAppFirewallPolicyResponseProtectionRuleProtectionCapabilitySetting]
    Settings for protection capabilities
    type str
    Type of WebAppFirewallPolicyRule.
    actionName String
    Override action to take if capability was triggered, defined in Protection Rule for this capability. Only actions of type CHECK are allowed.
    condition String
    An expression that determines whether or not the rule action should be executed.
    conditionLanguage String
    The language used to parse condition from field condition. Available languages:

    • JMESPATH an extended JMESPath language syntax.
    isBodyInspectionEnabled Boolean
    Enables/disables body inspection for this protection rule. Only Protection Rules in RequestProtection can have this option enabled. Response body inspection will be available at a later date.
    name String
    Rule name. Must be unique within the module.
    protectionCapabilities List<Property Map>
    An ordered list that references OCI-managed protection capabilities. Referenced protection capabilities are not necessarily executed in order of appearance. Their execution order is decided at runtime for improved performance. The array cannot contain entries with the same pair of capability key and version more than once.
    protectionCapabilitySettings List<Property Map>
    Settings for protection capabilities
    type String
    Type of WebAppFirewallPolicyRule.

    GetWebAppFirewallPolicyResponseProtectionRuleProtectionCapability

    ActionName string
    Override action to take if capability was triggered, defined in Protection Rule for this capability. Only actions of type CHECK are allowed.
    CollaborativeActionThreshold int
    The minimum sum of weights of associated collaborative protection capabilities that have triggered which must be reached in order for this capability to trigger. This field is ignored for non-collaborative capabilities.
    CollaborativeWeights List<GetWebAppFirewallPolicyResponseProtectionRuleProtectionCapabilityCollaborativeWeight>
    Explicit weight values to use for associated collaborative protection capabilities.
    Exclusions List<GetWebAppFirewallPolicyResponseProtectionRuleProtectionCapabilityExclusion>
    Identifies specific HTTP message parameters to exclude from inspection by a protection capability.
    Key string
    Unique key of referenced protection capability.
    Version int
    Version of referenced protection capability.
    ActionName string
    Override action to take if capability was triggered, defined in Protection Rule for this capability. Only actions of type CHECK are allowed.
    CollaborativeActionThreshold int
    The minimum sum of weights of associated collaborative protection capabilities that have triggered which must be reached in order for this capability to trigger. This field is ignored for non-collaborative capabilities.
    CollaborativeWeights []GetWebAppFirewallPolicyResponseProtectionRuleProtectionCapabilityCollaborativeWeight
    Explicit weight values to use for associated collaborative protection capabilities.
    Exclusions []GetWebAppFirewallPolicyResponseProtectionRuleProtectionCapabilityExclusion
    Identifies specific HTTP message parameters to exclude from inspection by a protection capability.
    Key string
    Unique key of referenced protection capability.
    Version int
    Version of referenced protection capability.
    actionName String
    Override action to take if capability was triggered, defined in Protection Rule for this capability. Only actions of type CHECK are allowed.
    collaborativeActionThreshold Integer
    The minimum sum of weights of associated collaborative protection capabilities that have triggered which must be reached in order for this capability to trigger. This field is ignored for non-collaborative capabilities.
    collaborativeWeights List<GetWebAppFirewallPolicyResponseProtectionRuleProtectionCapabilityCollaborativeWeight>
    Explicit weight values to use for associated collaborative protection capabilities.
    exclusions List<GetWebAppFirewallPolicyResponseProtectionRuleProtectionCapabilityExclusion>
    Identifies specific HTTP message parameters to exclude from inspection by a protection capability.
    key String
    Unique key of referenced protection capability.
    version Integer
    Version of referenced protection capability.
    actionName string
    Override action to take if capability was triggered, defined in Protection Rule for this capability. Only actions of type CHECK are allowed.
    collaborativeActionThreshold number
    The minimum sum of weights of associated collaborative protection capabilities that have triggered which must be reached in order for this capability to trigger. This field is ignored for non-collaborative capabilities.
    collaborativeWeights GetWebAppFirewallPolicyResponseProtectionRuleProtectionCapabilityCollaborativeWeight[]
    Explicit weight values to use for associated collaborative protection capabilities.
    exclusions GetWebAppFirewallPolicyResponseProtectionRuleProtectionCapabilityExclusion[]
    Identifies specific HTTP message parameters to exclude from inspection by a protection capability.
    key string
    Unique key of referenced protection capability.
    version number
    Version of referenced protection capability.
    action_name str
    Override action to take if capability was triggered, defined in Protection Rule for this capability. Only actions of type CHECK are allowed.
    collaborative_action_threshold int
    The minimum sum of weights of associated collaborative protection capabilities that have triggered which must be reached in order for this capability to trigger. This field is ignored for non-collaborative capabilities.
    collaborative_weights Sequence[waf.GetWebAppFirewallPolicyResponseProtectionRuleProtectionCapabilityCollaborativeWeight]
    Explicit weight values to use for associated collaborative protection capabilities.
    exclusions Sequence[waf.GetWebAppFirewallPolicyResponseProtectionRuleProtectionCapabilityExclusion]
    Identifies specific HTTP message parameters to exclude from inspection by a protection capability.
    key str
    Unique key of referenced protection capability.
    version int
    Version of referenced protection capability.
    actionName String
    Override action to take if capability was triggered, defined in Protection Rule for this capability. Only actions of type CHECK are allowed.
    collaborativeActionThreshold Number
    The minimum sum of weights of associated collaborative protection capabilities that have triggered which must be reached in order for this capability to trigger. This field is ignored for non-collaborative capabilities.
    collaborativeWeights List<Property Map>
    Explicit weight values to use for associated collaborative protection capabilities.
    exclusions List<Property Map>
    Identifies specific HTTP message parameters to exclude from inspection by a protection capability.
    key String
    Unique key of referenced protection capability.
    version Number
    Version of referenced protection capability.

    GetWebAppFirewallPolicyResponseProtectionRuleProtectionCapabilityCollaborativeWeight

    Key string
    Unique key of referenced protection capability.
    Weight int
    The value of weight to set.
    Key string
    Unique key of referenced protection capability.
    Weight int
    The value of weight to set.
    key String
    Unique key of referenced protection capability.
    weight Integer
    The value of weight to set.
    key string
    Unique key of referenced protection capability.
    weight number
    The value of weight to set.
    key str
    Unique key of referenced protection capability.
    weight int
    The value of weight to set.
    key String
    Unique key of referenced protection capability.
    weight Number
    The value of weight to set.

    GetWebAppFirewallPolicyResponseProtectionRuleProtectionCapabilityExclusion

    Args List<string>
    List of URL query parameter values from form-urlencoded XML, JSON, AMP, or POST payloads to exclude from inspecting. Example: If we have query parameter 'argumentName=argumentValue' and args=['argumentName'], both 'argumentName' and 'argumentValue' will not be inspected.
    RequestCookies List<string>
    List of HTTP request cookie values (by cookie name) to exclude from inspecting. Example: If we have cookie 'cookieName=cookieValue' and requestCookies=['cookieName'], both 'cookieName' and 'cookieValue' will not be inspected.
    Args []string
    List of URL query parameter values from form-urlencoded XML, JSON, AMP, or POST payloads to exclude from inspecting. Example: If we have query parameter 'argumentName=argumentValue' and args=['argumentName'], both 'argumentName' and 'argumentValue' will not be inspected.
    RequestCookies []string
    List of HTTP request cookie values (by cookie name) to exclude from inspecting. Example: If we have cookie 'cookieName=cookieValue' and requestCookies=['cookieName'], both 'cookieName' and 'cookieValue' will not be inspected.
    args List<String>
    List of URL query parameter values from form-urlencoded XML, JSON, AMP, or POST payloads to exclude from inspecting. Example: If we have query parameter 'argumentName=argumentValue' and args=['argumentName'], both 'argumentName' and 'argumentValue' will not be inspected.
    requestCookies List<String>
    List of HTTP request cookie values (by cookie name) to exclude from inspecting. Example: If we have cookie 'cookieName=cookieValue' and requestCookies=['cookieName'], both 'cookieName' and 'cookieValue' will not be inspected.
    args string[]
    List of URL query parameter values from form-urlencoded XML, JSON, AMP, or POST payloads to exclude from inspecting. Example: If we have query parameter 'argumentName=argumentValue' and args=['argumentName'], both 'argumentName' and 'argumentValue' will not be inspected.
    requestCookies string[]
    List of HTTP request cookie values (by cookie name) to exclude from inspecting. Example: If we have cookie 'cookieName=cookieValue' and requestCookies=['cookieName'], both 'cookieName' and 'cookieValue' will not be inspected.
    args Sequence[str]
    List of URL query parameter values from form-urlencoded XML, JSON, AMP, or POST payloads to exclude from inspecting. Example: If we have query parameter 'argumentName=argumentValue' and args=['argumentName'], both 'argumentName' and 'argumentValue' will not be inspected.
    request_cookies Sequence[str]
    List of HTTP request cookie values (by cookie name) to exclude from inspecting. Example: If we have cookie 'cookieName=cookieValue' and requestCookies=['cookieName'], both 'cookieName' and 'cookieValue' will not be inspected.
    args List<String>
    List of URL query parameter values from form-urlencoded XML, JSON, AMP, or POST payloads to exclude from inspecting. Example: If we have query parameter 'argumentName=argumentValue' and args=['argumentName'], both 'argumentName' and 'argumentValue' will not be inspected.
    requestCookies List<String>
    List of HTTP request cookie values (by cookie name) to exclude from inspecting. Example: If we have cookie 'cookieName=cookieValue' and requestCookies=['cookieName'], both 'cookieName' and 'cookieValue' will not be inspected.

    GetWebAppFirewallPolicyResponseProtectionRuleProtectionCapabilitySetting

    AllowedHttpMethods List<string>
    List of allowed HTTP methods. Each value as a RFC7230 formated token string. Used in protection capability 911100: Restrict HTTP Request Methods.
    MaxHttpRequestHeaderLength int
    Maximum allowed length of headers in an HTTP request. Used in protection capability: 9200024: Limit length of request header size.
    MaxHttpRequestHeaders int
    Maximum number of headers allowed in an HTTP request. Used in protection capability 9200014: Limit Number of Request Headers.
    MaxNumberOfArguments int
    Maximum number of arguments allowed. Used in protection capability 920380: Number of Arguments Limits.
    MaxSingleArgumentLength int
    Maximum allowed length of a single argument. Used in protection capability 920370: Limit argument value length.
    MaxTotalArgumentLength int
    Maximum allowed total length of all arguments. Used in protection capability 920390: Limit arguments total length.
    AllowedHttpMethods []string
    List of allowed HTTP methods. Each value as a RFC7230 formated token string. Used in protection capability 911100: Restrict HTTP Request Methods.
    MaxHttpRequestHeaderLength int
    Maximum allowed length of headers in an HTTP request. Used in protection capability: 9200024: Limit length of request header size.
    MaxHttpRequestHeaders int
    Maximum number of headers allowed in an HTTP request. Used in protection capability 9200014: Limit Number of Request Headers.
    MaxNumberOfArguments int
    Maximum number of arguments allowed. Used in protection capability 920380: Number of Arguments Limits.
    MaxSingleArgumentLength int
    Maximum allowed length of a single argument. Used in protection capability 920370: Limit argument value length.
    MaxTotalArgumentLength int
    Maximum allowed total length of all arguments. Used in protection capability 920390: Limit arguments total length.
    allowedHttpMethods List<String>
    List of allowed HTTP methods. Each value as a RFC7230 formated token string. Used in protection capability 911100: Restrict HTTP Request Methods.
    maxHttpRequestHeaderLength Integer
    Maximum allowed length of headers in an HTTP request. Used in protection capability: 9200024: Limit length of request header size.
    maxHttpRequestHeaders Integer
    Maximum number of headers allowed in an HTTP request. Used in protection capability 9200014: Limit Number of Request Headers.
    maxNumberOfArguments Integer
    Maximum number of arguments allowed. Used in protection capability 920380: Number of Arguments Limits.
    maxSingleArgumentLength Integer
    Maximum allowed length of a single argument. Used in protection capability 920370: Limit argument value length.
    maxTotalArgumentLength Integer
    Maximum allowed total length of all arguments. Used in protection capability 920390: Limit arguments total length.
    allowedHttpMethods string[]
    List of allowed HTTP methods. Each value as a RFC7230 formated token string. Used in protection capability 911100: Restrict HTTP Request Methods.
    maxHttpRequestHeaderLength number
    Maximum allowed length of headers in an HTTP request. Used in protection capability: 9200024: Limit length of request header size.
    maxHttpRequestHeaders number
    Maximum number of headers allowed in an HTTP request. Used in protection capability 9200014: Limit Number of Request Headers.
    maxNumberOfArguments number
    Maximum number of arguments allowed. Used in protection capability 920380: Number of Arguments Limits.
    maxSingleArgumentLength number
    Maximum allowed length of a single argument. Used in protection capability 920370: Limit argument value length.
    maxTotalArgumentLength number
    Maximum allowed total length of all arguments. Used in protection capability 920390: Limit arguments total length.
    allowed_http_methods Sequence[str]
    List of allowed HTTP methods. Each value as a RFC7230 formated token string. Used in protection capability 911100: Restrict HTTP Request Methods.
    max_http_request_header_length int
    Maximum allowed length of headers in an HTTP request. Used in protection capability: 9200024: Limit length of request header size.
    max_http_request_headers int
    Maximum number of headers allowed in an HTTP request. Used in protection capability 9200014: Limit Number of Request Headers.
    max_number_of_arguments int
    Maximum number of arguments allowed. Used in protection capability 920380: Number of Arguments Limits.
    max_single_argument_length int
    Maximum allowed length of a single argument. Used in protection capability 920370: Limit argument value length.
    max_total_argument_length int
    Maximum allowed total length of all arguments. Used in protection capability 920390: Limit arguments total length.
    allowedHttpMethods List<String>
    List of allowed HTTP methods. Each value as a RFC7230 formated token string. Used in protection capability 911100: Restrict HTTP Request Methods.
    maxHttpRequestHeaderLength Number
    Maximum allowed length of headers in an HTTP request. Used in protection capability: 9200024: Limit length of request header size.
    maxHttpRequestHeaders Number
    Maximum number of headers allowed in an HTTP request. Used in protection capability 9200014: Limit Number of Request Headers.
    maxNumberOfArguments Number
    Maximum number of arguments allowed. Used in protection capability 920380: Number of Arguments Limits.
    maxSingleArgumentLength Number
    Maximum allowed length of a single argument. Used in protection capability 920370: Limit argument value length.
    maxTotalArgumentLength Number
    Maximum allowed total length of all arguments. Used in protection capability 920390: Limit arguments total length.

    Package Details

    Repository
    oci pulumi/pulumi-oci
    License
    Apache-2.0
    Notes
    This Pulumi package is based on the oci Terraform Provider.
    oci logo
    Oracle Cloud Infrastructure v2.18.0 published on Friday, Nov 22, 2024 by Pulumi