pulumi-azure-native-kotlin/com.pulumi.azurenative.network.kotlin/WebApplicationFirewallPolicy

WebApplicationFirewallPolicy

class WebApplicationFirewallPolicy : KotlinCustomResource

Defines web application firewall policy. API Version: 2020-11-01.

Example Usage

Creates or updates a WAF policy within a resource group

using System.Collections.Generic;
using System.Linq;
using Pulumi;
using AzureNative = Pulumi.AzureNative;
return await Deployment.RunAsync(() =>
{
    var webApplicationFirewallPolicy = new AzureNative.Network.WebApplicationFirewallPolicy("webApplicationFirewallPolicy", new()
    {
        CustomRules = new[]
        {
            new AzureNative.Network.Inputs.WebApplicationFirewallCustomRuleArgs
            {
                Action = "Block",
                MatchConditions = new[]
                {
                    new AzureNative.Network.Inputs.MatchConditionArgs
                    {
                        MatchValues = new[]
                        {
                            "192.168.1.0/24",
                            "10.0.0.0/24",
                        },
                        MatchVariables = new[]
                        {
                            new AzureNative.Network.Inputs.MatchVariableArgs
                            {
                                VariableName = "RemoteAddr",
                            },
                        },
                        Operator = "IPMatch",
                    },
                },
                Name = "Rule1",
                Priority = 1,
                RuleType = "MatchRule",
            },
            new AzureNative.Network.Inputs.WebApplicationFirewallCustomRuleArgs
            {
                Action = "Block",
                MatchConditions = new[]
                {
                    new AzureNative.Network.Inputs.MatchConditionArgs
                    {
                        MatchValues = new[]
                        {
                            "192.168.1.0/24",
                        },
                        MatchVariables = new[]
                        {
                            new AzureNative.Network.Inputs.MatchVariableArgs
                            {
                                VariableName = "RemoteAddr",
                            },
                        },
                        Operator = "IPMatch",
                    },
                    new AzureNative.Network.Inputs.MatchConditionArgs
                    {
                        MatchValues = new[]
                        {
                            "Windows",
                        },
                        MatchVariables = new[]
                        {
                            new AzureNative.Network.Inputs.MatchVariableArgs
                            {
                                Selector = "UserAgent",
                                VariableName = "RequestHeaders",
                            },
                        },
                        Operator = "Contains",
                    },
                },
                Name = "Rule2",
                Priority = 2,
                RuleType = "MatchRule",
            },
        },
        Location = "WestUs",
        ManagedRules = new AzureNative.Network.Inputs.ManagedRulesDefinitionArgs
        {
            ManagedRuleSets = new[]
            {
                new AzureNative.Network.Inputs.ManagedRuleSetArgs
                {
                    RuleSetType = "OWASP",
                    RuleSetVersion = "3.0",
                },
            },
        },
        PolicyName = "Policy1",
        ResourceGroupName = "rg1",
    });
});
Content copied to clipboard
package main
import (
	network "github.com/pulumi/pulumi-azure-native-sdk/network"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := network.NewWebApplicationFirewallPolicy(ctx, "webApplicationFirewallPolicy", &network.WebApplicationFirewallPolicyArgs{
			CustomRules: []network.WebApplicationFirewallCustomRuleArgs{
				{
					Action: pulumi.String("Block"),
					MatchConditions: network.MatchConditionArray{
						{
							MatchValues: pulumi.StringArray{
								pulumi.String("192.168.1.0/24"),
								pulumi.String("10.0.0.0/24"),
							},
							MatchVariables: network.MatchVariableArray{
								{
									VariableName: pulumi.String("RemoteAddr"),
								},
							},
							Operator: pulumi.String("IPMatch"),
						},
					},
					Name:     pulumi.String("Rule1"),
					Priority: pulumi.Int(1),
					RuleType: pulumi.String("MatchRule"),
				},
				{
					Action: pulumi.String("Block"),
					MatchConditions: network.MatchConditionArray{
						{
							MatchValues: pulumi.StringArray{
								pulumi.String("192.168.1.0/24"),
							},
							MatchVariables: network.MatchVariableArray{
								{
									VariableName: pulumi.String("RemoteAddr"),
								},
							},
							Operator: pulumi.String("IPMatch"),
						},
						{
							MatchValues: pulumi.StringArray{
								pulumi.String("Windows"),
							},
							MatchVariables: network.MatchVariableArray{
								{
									Selector:     pulumi.String("UserAgent"),
									VariableName: pulumi.String("RequestHeaders"),
								},
							},
							Operator: pulumi.String("Contains"),
						},
					},
					Name:     pulumi.String("Rule2"),
					Priority: pulumi.Int(2),
					RuleType: pulumi.String("MatchRule"),
				},
			},
			Location: pulumi.String("WestUs"),
			ManagedRules: network.ManagedRulesDefinitionResponse{
				ManagedRuleSets: network.ManagedRuleSetArray{
					&network.ManagedRuleSetArgs{
						RuleSetType:    pulumi.String("OWASP"),
						RuleSetVersion: pulumi.String("3.0"),
					},
				},
			},
			PolicyName:        pulumi.String("Policy1"),
			ResourceGroupName: pulumi.String("rg1"),
		})
		if err != nil {
			return err
		}
		return nil
	})
}
Content copied to clipboard
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.azurenative.network.WebApplicationFirewallPolicy;
import com.pulumi.azurenative.network.WebApplicationFirewallPolicyArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }
    public static void stack(Context ctx) {
        var webApplicationFirewallPolicy = new WebApplicationFirewallPolicy("webApplicationFirewallPolicy", WebApplicationFirewallPolicyArgs.builder()
            .customRules(
                Map.ofEntries(
                    Map.entry("action", "Block"),
                    Map.entry("matchConditions", Map.ofEntries(
                        Map.entry("matchValues",
                            "192.168.1.0/24",
                            "10.0.0.0/24"),
                        Map.entry("matchVariables", Map.of("variableName", "RemoteAddr")),
                        Map.entry("operator", "IPMatch")
                    )),
                    Map.entry("name", "Rule1"),
                    Map.entry("priority", 1),
                    Map.entry("ruleType", "MatchRule")
                ),
                Map.ofEntries(
                    Map.entry("action", "Block"),
                    Map.entry("matchConditions",
                        Map.ofEntries(
                            Map.entry("matchValues", "192.168.1.0/24"),
                            Map.entry("matchVariables", Map.of("variableName", "RemoteAddr")),
                            Map.entry("operator", "IPMatch")
                        ),
                        Map.ofEntries(
                            Map.entry("matchValues", "Windows"),
                            Map.entry("matchVariables", Map.ofEntries(
                                Map.entry("selector", "UserAgent"),
                                Map.entry("variableName", "RequestHeaders")
                            )),
                            Map.entry("operator", "Contains")
                        )),
                    Map.entry("name", "Rule2"),
                    Map.entry("priority", 2),
                    Map.entry("ruleType", "MatchRule")
                ))
            .location("WestUs")
            .managedRules(Map.of("managedRuleSets", Map.ofEntries(
                Map.entry("ruleSetType", "OWASP"),
                Map.entry("ruleSetVersion", "3.0")
            )))
            .policyName("Policy1")
            .resourceGroupName("rg1")
            .build());
    }
}
Content copied to clipboard

Import

An existing resource can be imported using its type token, name, and identifier, e.g.

$ pulumi import azure-native:network:WebApplicationFirewallPolicy Policy1 /subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/ApplicationGatewayWebApplicationFirewallPolicies/Policy1
Content copied to clipboard

Properties

Link copied to clipboard
val applicationGateways: Output<List<ApplicationGatewayResponse>>

A collection of references to application gateways.

Link copied to clipboard
val customRules: Output<List<WebApplicationFirewallCustomRuleResponse>>?

The custom rules inside the policy.

Link copied to clipboard
val etag: Output<String>

A unique read-only string that changes whenever the resource is updated.

Link copied to clipboard
val httpListeners: Output<List<SubResourceResponse>>

A collection of references to application gateway http listeners.

Link copied to clipboard
val id: Output<String>
Link copied to clipboard
val location: Output<String>?

Resource location.

Link copied to clipboard
val managedRules: Output<ManagedRulesDefinitionResponse>

Describes the managedRules structure.

Link copied to clipboard
val name: Output<String>

Resource name.

Link copied to clipboard
val pathBasedRules: Output<List<SubResourceResponse>>

A collection of references to application gateway path rules.

Link copied to clipboard
val policySettings: Output<PolicySettingsResponse>?

The PolicySettings for policy.

Link copied to clipboard
val provisioningState: Output<String>

The provisioning state of the web application firewall policy resource.

Link copied to clipboard
val pulumiChildResources: Set<KotlinResource>
Link copied to clipboard
Link copied to clipboard
Link copied to clipboard
val resourceState: Output<String>

Resource status of the policy.

Link copied to clipboard
val tags: Output<Map<String, String>>?

Resource tags.

Link copied to clipboard
val type: Output<String>

Resource type.

Link copied to clipboard
val urn: Output<String>