Frontdoor
data class FrontdoorFirewallPolicyArgs(val customBlockResponseBody: Output<String>? = null, val customBlockResponseStatusCode: Output<Int>? = null, val customRules: Output<List<FrontdoorFirewallPolicyCustomRuleArgs>>? = null, val enabled: Output<Boolean>? = null, val managedRules: Output<List<FrontdoorFirewallPolicyManagedRuleArgs>>? = null, val mode: Output<String>? = null, val name: Output<String>? = null, val redirectUrl: Output<String>? = null, val requestBodyCheckEnabled: Output<Boolean>? = null, val resourceGroupName: Output<String>? = null, val skuName: Output<String>? = null, val tags: Output<Map<String, String>>? = null) : ConvertibleToJava<FrontdoorFirewallPolicyArgs>
Manages a Front Door (standard/premium) Firewall Policy instance.
Example Usage
import * as pulumi from "@pulumi/pulumi";
import * as azure from "@pulumi/azure";
const example = new azure.core.ResourceGroup("example", {
name: "example-cdn-frontdoor",
location: "West Europe",
});
const exampleFrontdoorProfile = new azure.cdn.FrontdoorProfile("example", {
name: "example-profile",
resourceGroupName: example.name,
skuName: "Premium_AzureFrontDoor",
});
const exampleFrontdoorFirewallPolicy = new azure.cdn.FrontdoorFirewallPolicy("example", {
name: "examplecdnfdwafpolicy",
resourceGroupName: example.name,
skuName: exampleFrontdoorProfile.skuName,
enabled: true,
mode: "Prevention",
redirectUrl: "https://www.contoso.com",
customBlockResponseStatusCode: 403,
customBlockResponseBody: "PGh0bWw+CjxoZWFkZXI+PHRpdGxlPkhlbGxvPC90aXRsZT48L2hlYWRlcj4KPGJvZHk+CkhlbGxvIHdvcmxkCjwvYm9keT4KPC9odG1sPg==",
customRules: [
{
name: "Rule1",
enabled: true,
priority: 1,
rateLimitDurationInMinutes: 1,
rateLimitThreshold: 10,
type: "MatchRule",
action: "Block",
matchConditions: [{
matchVariable: "RemoteAddr",
operator: "IPMatch",
negationCondition: false,
matchValues: [
"10.0.1.0/24",
"10.0.0.0/24",
],
}],
},
{
name: "Rule2",
enabled: true,
priority: 2,
rateLimitDurationInMinutes: 1,
rateLimitThreshold: 10,
type: "MatchRule",
action: "Block",
matchConditions: [
{
matchVariable: "RemoteAddr",
operator: "IPMatch",
negationCondition: false,
matchValues: ["192.168.1.0/24"],
},
{
matchVariable: "RequestHeader",
selector: "UserAgent",
operator: "Contains",
negationCondition: false,
matchValues: ["windows"],
transforms: [
"Lowercase",
"Trim",
],
},
],
},
],
managedRules: [
{
type: "DefaultRuleSet",
version: "1.0",
exclusions: [{
matchVariable: "QueryStringArgNames",
operator: "Equals",
selector: "not_suspicious",
}],
overrides: [
{
ruleGroupName: "PHP",
rules: [{
ruleId: "933100",
enabled: false,
action: "Block",
}],
},
{
ruleGroupName: "SQLI",
exclusions: [{
matchVariable: "QueryStringArgNames",
operator: "Equals",
selector: "really_not_suspicious",
}],
rules: [{
ruleId: "942200",
action: "Block",
exclusions: [{
matchVariable: "QueryStringArgNames",
operator: "Equals",
selector: "innocent",
}],
}],
},
],
},
{
type: "Microsoft_BotManagerRuleSet",
version: "1.0",
action: "Log",
},
],
});Content copied to clipboard
import pulumi
import pulumi_azure as azure
example = azure.core.ResourceGroup("example",
name="example-cdn-frontdoor",
location="West Europe")
example_frontdoor_profile = azure.cdn.FrontdoorProfile("example",
name="example-profile",
resource_group_name=example.name,
sku_name="Premium_AzureFrontDoor")
example_frontdoor_firewall_policy = azure.cdn.FrontdoorFirewallPolicy("example",
name="examplecdnfdwafpolicy",
resource_group_name=example.name,
sku_name=example_frontdoor_profile.sku_name,
enabled=True,
mode="Prevention",
redirect_url="https://www.contoso.com",
custom_block_response_status_code=403,
custom_block_response_body="PGh0bWw+CjxoZWFkZXI+PHRpdGxlPkhlbGxvPC90aXRsZT48L2hlYWRlcj4KPGJvZHk+CkhlbGxvIHdvcmxkCjwvYm9keT4KPC9odG1sPg==",
custom_rules=[
{
"name": "Rule1",
"enabled": True,
"priority": 1,
"rate_limit_duration_in_minutes": 1,
"rate_limit_threshold": 10,
"type": "MatchRule",
"action": "Block",
"match_conditions": [{
"match_variable": "RemoteAddr",
"operator": "IPMatch",
"negation_condition": False,
"match_values": [
"10.0.1.0/24",
"10.0.0.0/24",
],
}],
},
{
"name": "Rule2",
"enabled": True,
"priority": 2,
"rate_limit_duration_in_minutes": 1,
"rate_limit_threshold": 10,
"type": "MatchRule",
"action": "Block",
"match_conditions": [
{
"match_variable": "RemoteAddr",
"operator": "IPMatch",
"negation_condition": False,
"match_values": ["192.168.1.0/24"],
},
{
"match_variable": "RequestHeader",
"selector": "UserAgent",
"operator": "Contains",
"negation_condition": False,
"match_values": ["windows"],
"transforms": [
"Lowercase",
"Trim",
],
},
],
},
],
managed_rules=[
{
"type": "DefaultRuleSet",
"version": "1.0",
"exclusions": [{
"match_variable": "QueryStringArgNames",
"operator": "Equals",
"selector": "not_suspicious",
}],
"overrides": [
{
"rule_group_name": "PHP",
"rules": [{
"rule_id": "933100",
"enabled": False,
"action": "Block",
}],
},
{
"rule_group_name": "SQLI",
"exclusions": [{
"match_variable": "QueryStringArgNames",
"operator": "Equals",
"selector": "really_not_suspicious",
}],
"rules": [{
"rule_id": "942200",
"action": "Block",
"exclusions": [{
"match_variable": "QueryStringArgNames",
"operator": "Equals",
"selector": "innocent",
}],
}],
},
],
},
{
"type": "Microsoft_BotManagerRuleSet",
"version": "1.0",
"action": "Log",
},
])Content copied to clipboard
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Azure = Pulumi.Azure;
return await Deployment.RunAsync(() =>
{
var example = new Azure.Core.ResourceGroup("example", new()
{
Name = "example-cdn-frontdoor",
Location = "West Europe",
});
var exampleFrontdoorProfile = new Azure.Cdn.FrontdoorProfile("example", new()
{
Name = "example-profile",
ResourceGroupName = example.Name,
SkuName = "Premium_AzureFrontDoor",
});
var exampleFrontdoorFirewallPolicy = new Azure.Cdn.FrontdoorFirewallPolicy("example", new()
{
Name = "examplecdnfdwafpolicy",
ResourceGroupName = example.Name,
SkuName = exampleFrontdoorProfile.SkuName,
Enabled = true,
Mode = "Prevention",
RedirectUrl = "https://www.contoso.com",
CustomBlockResponseStatusCode = 403,
CustomBlockResponseBody = "PGh0bWw+CjxoZWFkZXI+PHRpdGxlPkhlbGxvPC90aXRsZT48L2hlYWRlcj4KPGJvZHk+CkhlbGxvIHdvcmxkCjwvYm9keT4KPC9odG1sPg==",
CustomRules = new[]
{
new Azure.Cdn.Inputs.FrontdoorFirewallPolicyCustomRuleArgs
{
Name = "Rule1",
Enabled = true,
Priority = 1,
RateLimitDurationInMinutes = 1,
RateLimitThreshold = 10,
Type = "MatchRule",
Action = "Block",
MatchConditions = new[]
{
new Azure.Cdn.Inputs.FrontdoorFirewallPolicyCustomRuleMatchConditionArgs
{
MatchVariable = "RemoteAddr",
Operator = "IPMatch",
NegationCondition = false,
MatchValues = new[]
{
"10.0.1.0/24",
"10.0.0.0/24",
},
},
},
},
new Azure.Cdn.Inputs.FrontdoorFirewallPolicyCustomRuleArgs
{
Name = "Rule2",
Enabled = true,
Priority = 2,
RateLimitDurationInMinutes = 1,
RateLimitThreshold = 10,
Type = "MatchRule",
Action = "Block",
MatchConditions = new[]
{
new Azure.Cdn.Inputs.FrontdoorFirewallPolicyCustomRuleMatchConditionArgs
{
MatchVariable = "RemoteAddr",
Operator = "IPMatch",
NegationCondition = false,
MatchValues = new[]
{
"192.168.1.0/24",
},
},
new Azure.Cdn.Inputs.FrontdoorFirewallPolicyCustomRuleMatchConditionArgs
{
MatchVariable = "RequestHeader",
Selector = "UserAgent",
Operator = "Contains",
NegationCondition = false,
MatchValues = new[]
{
"windows",
},
Transforms = new[]
{
"Lowercase",
"Trim",
},
},
},
},
},
ManagedRules = new[]
{
new Azure.Cdn.Inputs.FrontdoorFirewallPolicyManagedRuleArgs
{
Type = "DefaultRuleSet",
Version = "1.0",
Exclusions = new[]
{
new Azure.Cdn.Inputs.FrontdoorFirewallPolicyManagedRuleExclusionArgs
{
MatchVariable = "QueryStringArgNames",
Operator = "Equals",
Selector = "not_suspicious",
},
},
Overrides = new[]
{
new Azure.Cdn.Inputs.FrontdoorFirewallPolicyManagedRuleOverrideArgs
{
RuleGroupName = "PHP",
Rules = new[]
{
new Azure.Cdn.Inputs.FrontdoorFirewallPolicyManagedRuleOverrideRuleArgs
{
RuleId = "933100",
Enabled = false,
Action = "Block",
},
},
},
new Azure.Cdn.Inputs.FrontdoorFirewallPolicyManagedRuleOverrideArgs
{
RuleGroupName = "SQLI",
Exclusions = new[]
{
new Azure.Cdn.Inputs.FrontdoorFirewallPolicyManagedRuleOverrideExclusionArgs
{
MatchVariable = "QueryStringArgNames",
Operator = "Equals",
Selector = "really_not_suspicious",
},
},
Rules = new[]
{
new Azure.Cdn.Inputs.FrontdoorFirewallPolicyManagedRuleOverrideRuleArgs
{
RuleId = "942200",
Action = "Block",
Exclusions = new[]
{
new Azure.Cdn.Inputs.FrontdoorFirewallPolicyManagedRuleOverrideRuleExclusionArgs
{
MatchVariable = "QueryStringArgNames",
Operator = "Equals",
Selector = "innocent",
},
},
},
},
},
},
},
new Azure.Cdn.Inputs.FrontdoorFirewallPolicyManagedRuleArgs
{
Type = "Microsoft_BotManagerRuleSet",
Version = "1.0",
Action = "Log",
},
},
});
});Content copied to clipboard
package main
import (
"github.com/pulumi/pulumi-azure/sdk/v5/go/azure/cdn"
"github.com/pulumi/pulumi-azure/sdk/v5/go/azure/core"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
example, err := core.NewResourceGroup(ctx, "example", &core.ResourceGroupArgs{
Name: pulumi.String("example-cdn-frontdoor"),
Location: pulumi.String("West Europe"),
})
if err != nil {
return err
}
exampleFrontdoorProfile, err := cdn.NewFrontdoorProfile(ctx, "example", &cdn.FrontdoorProfileArgs{
Name: pulumi.String("example-profile"),
ResourceGroupName: example.Name,
SkuName: pulumi.String("Premium_AzureFrontDoor"),
})
if err != nil {
return err
}
_, err = cdn.NewFrontdoorFirewallPolicy(ctx, "example", &cdn.FrontdoorFirewallPolicyArgs{
Name: pulumi.String("examplecdnfdwafpolicy"),
ResourceGroupName: example.Name,
SkuName: exampleFrontdoorProfile.SkuName,
Enabled: pulumi.Bool(true),
Mode: pulumi.String("Prevention"),
RedirectUrl: pulumi.String("https://www.contoso.com"),
CustomBlockResponseStatusCode: pulumi.Int(403),
CustomBlockResponseBody: pulumi.String("PGh0bWw+CjxoZWFkZXI+PHRpdGxlPkhlbGxvPC90aXRsZT48L2hlYWRlcj4KPGJvZHk+CkhlbGxvIHdvcmxkCjwvYm9keT4KPC9odG1sPg=="),
CustomRules: cdn.FrontdoorFirewallPolicyCustomRuleArray{
&cdn.FrontdoorFirewallPolicyCustomRuleArgs{
Name: pulumi.String("Rule1"),
Enabled: pulumi.Bool(true),
Priority: pulumi.Int(1),
RateLimitDurationInMinutes: pulumi.Int(1),
RateLimitThreshold: pulumi.Int(10),
Type: pulumi.String("MatchRule"),
Action: pulumi.String("Block"),
MatchConditions: cdn.FrontdoorFirewallPolicyCustomRuleMatchConditionArray{
&cdn.FrontdoorFirewallPolicyCustomRuleMatchConditionArgs{
MatchVariable: pulumi.String("RemoteAddr"),
Operator: pulumi.String("IPMatch"),
NegationCondition: pulumi.Bool(false),
MatchValues: pulumi.StringArray{
pulumi.String("10.0.1.0/24"),
pulumi.String("10.0.0.0/24"),
},
},
},
},
&cdn.FrontdoorFirewallPolicyCustomRuleArgs{
Name: pulumi.String("Rule2"),
Enabled: pulumi.Bool(true),
Priority: pulumi.Int(2),
RateLimitDurationInMinutes: pulumi.Int(1),
RateLimitThreshold: pulumi.Int(10),
Type: pulumi.String("MatchRule"),
Action: pulumi.String("Block"),
MatchConditions: cdn.FrontdoorFirewallPolicyCustomRuleMatchConditionArray{
&cdn.FrontdoorFirewallPolicyCustomRuleMatchConditionArgs{
MatchVariable: pulumi.String("RemoteAddr"),
Operator: pulumi.String("IPMatch"),
NegationCondition: pulumi.Bool(false),
MatchValues: pulumi.StringArray{
pulumi.String("192.168.1.0/24"),
},
},
&cdn.FrontdoorFirewallPolicyCustomRuleMatchConditionArgs{
MatchVariable: pulumi.String("RequestHeader"),
Selector: pulumi.String("UserAgent"),
Operator: pulumi.String("Contains"),
NegationCondition: pulumi.Bool(false),
MatchValues: pulumi.StringArray{
pulumi.String("windows"),
},
Transforms: pulumi.StringArray{
pulumi.String("Lowercase"),
pulumi.String("Trim"),
},
},
},
},
},
ManagedRules: cdn.FrontdoorFirewallPolicyManagedRuleArray{
&cdn.FrontdoorFirewallPolicyManagedRuleArgs{
Type: pulumi.String("DefaultRuleSet"),
Version: pulumi.String("1.0"),
Exclusions: cdn.FrontdoorFirewallPolicyManagedRuleExclusionArray{
&cdn.FrontdoorFirewallPolicyManagedRuleExclusionArgs{
MatchVariable: pulumi.String("QueryStringArgNames"),
Operator: pulumi.String("Equals"),
Selector: pulumi.String("not_suspicious"),
},
},
Overrides: cdn.FrontdoorFirewallPolicyManagedRuleOverrideArray{
&cdn.FrontdoorFirewallPolicyManagedRuleOverrideArgs{
RuleGroupName: pulumi.String("PHP"),
Rules: cdn.FrontdoorFirewallPolicyManagedRuleOverrideRuleArray{
&cdn.FrontdoorFirewallPolicyManagedRuleOverrideRuleArgs{
RuleId: pulumi.String("933100"),
Enabled: pulumi.Bool(false),
Action: pulumi.String("Block"),
},
},
},
&cdn.FrontdoorFirewallPolicyManagedRuleOverrideArgs{
RuleGroupName: pulumi.String("SQLI"),
Exclusions: cdn.FrontdoorFirewallPolicyManagedRuleOverrideExclusionArray{
&cdn.FrontdoorFirewallPolicyManagedRuleOverrideExclusionArgs{
MatchVariable: pulumi.String("QueryStringArgNames"),
Operator: pulumi.String("Equals"),
Selector: pulumi.String("really_not_suspicious"),
},
},
Rules: cdn.FrontdoorFirewallPolicyManagedRuleOverrideRuleArray{
&cdn.FrontdoorFirewallPolicyManagedRuleOverrideRuleArgs{
RuleId: pulumi.String("942200"),
Action: pulumi.String("Block"),
Exclusions: cdn.FrontdoorFirewallPolicyManagedRuleOverrideRuleExclusionArray{
&cdn.FrontdoorFirewallPolicyManagedRuleOverrideRuleExclusionArgs{
MatchVariable: pulumi.String("QueryStringArgNames"),
Operator: pulumi.String("Equals"),
Selector: pulumi.String("innocent"),
},
},
},
},
},
},
},
&cdn.FrontdoorFirewallPolicyManagedRuleArgs{
Type: pulumi.String("Microsoft_BotManagerRuleSet"),
Version: pulumi.String("1.0"),
Action: pulumi.String("Log"),
},
},
})
if err != nil {
return err
}
return nil
})
}Content copied to clipboard
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.azure.core.ResourceGroup;
import com.pulumi.azure.core.ResourceGroupArgs;
import com.pulumi.azure.cdn.FrontdoorProfile;
import com.pulumi.azure.cdn.FrontdoorProfileArgs;
import com.pulumi.azure.cdn.FrontdoorFirewallPolicy;
import com.pulumi.azure.cdn.FrontdoorFirewallPolicyArgs;
import com.pulumi.azure.cdn.inputs.FrontdoorFirewallPolicyCustomRuleArgs;
import com.pulumi.azure.cdn.inputs.FrontdoorFirewallPolicyManagedRuleArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var example = new ResourceGroup("example", ResourceGroupArgs.builder()
.name("example-cdn-frontdoor")
.location("West Europe")
.build());
var exampleFrontdoorProfile = new FrontdoorProfile("exampleFrontdoorProfile", FrontdoorProfileArgs.builder()
.name("example-profile")
.resourceGroupName(example.name())
.skuName("Premium_AzureFrontDoor")
.build());
var exampleFrontdoorFirewallPolicy = new FrontdoorFirewallPolicy("exampleFrontdoorFirewallPolicy", FrontdoorFirewallPolicyArgs.builder()
.name("examplecdnfdwafpolicy")
.resourceGroupName(example.name())
.skuName(exampleFrontdoorProfile.skuName())
.enabled(true)
.mode("Prevention")
.redirectUrl("https://www.contoso.com")
.customBlockResponseStatusCode(403)
.customBlockResponseBody("PGh0bWw+CjxoZWFkZXI+PHRpdGxlPkhlbGxvPC90aXRsZT48L2hlYWRlcj4KPGJvZHk+CkhlbGxvIHdvcmxkCjwvYm9keT4KPC9odG1sPg==")
.customRules(
FrontdoorFirewallPolicyCustomRuleArgs.builder()
.name("Rule1")
.enabled(true)
.priority(1)
.rateLimitDurationInMinutes(1)
.rateLimitThreshold(10)
.type("MatchRule")
.action("Block")
.matchConditions(FrontdoorFirewallPolicyCustomRuleMatchConditionArgs.builder()
.matchVariable("RemoteAddr")
.operator("IPMatch")
.negationCondition(false)
.matchValues(
"10.0.1.0/24",
"10.0.0.0/24")
.build())
.build(),
FrontdoorFirewallPolicyCustomRuleArgs.builder()
.name("Rule2")
.enabled(true)
.priority(2)
.rateLimitDurationInMinutes(1)
.rateLimitThreshold(10)
.type("MatchRule")
.action("Block")
.matchConditions(
FrontdoorFirewallPolicyCustomRuleMatchConditionArgs.builder()
.matchVariable("RemoteAddr")
.operator("IPMatch")
.negationCondition(false)
.matchValues("192.168.1.0/24")
.build(),
FrontdoorFirewallPolicyCustomRuleMatchConditionArgs.builder()
.matchVariable("RequestHeader")
.selector("UserAgent")
.operator("Contains")
.negationCondition(false)
.matchValues("windows")
.transforms(
"Lowercase",
"Trim")
.build())
.build())
.managedRules(
FrontdoorFirewallPolicyManagedRuleArgs.builder()
.type("DefaultRuleSet")
.version("1.0")
.exclusions(FrontdoorFirewallPolicyManagedRuleExclusionArgs.builder()
.matchVariable("QueryStringArgNames")
.operator("Equals")
.selector("not_suspicious")
.build())
.overrides(
FrontdoorFirewallPolicyManagedRuleOverrideArgs.builder()
.ruleGroupName("PHP")
.rules(FrontdoorFirewallPolicyManagedRuleOverrideRuleArgs.builder()
.ruleId("933100")
.enabled(false)
.action("Block")
.build())
.build(),
FrontdoorFirewallPolicyManagedRuleOverrideArgs.builder()
.ruleGroupName("SQLI")
.exclusions(FrontdoorFirewallPolicyManagedRuleOverrideExclusionArgs.builder()
.matchVariable("QueryStringArgNames")
.operator("Equals")
.selector("really_not_suspicious")
.build())
.rules(FrontdoorFirewallPolicyManagedRuleOverrideRuleArgs.builder()
.ruleId("942200")
.action("Block")
.exclusions(FrontdoorFirewallPolicyManagedRuleOverrideRuleExclusionArgs.builder()
.matchVariable("QueryStringArgNames")
.operator("Equals")
.selector("innocent")
.build())
.build())
.build())
.build(),
FrontdoorFirewallPolicyManagedRuleArgs.builder()
.type("Microsoft_BotManagerRuleSet")
.version("1.0")
.action("Log")
.build())
.build());
}
}Content copied to clipboard
resources:
example:
type: azure:core:ResourceGroup
properties:
name: example-cdn-frontdoor
location: West Europe
exampleFrontdoorProfile:
type: azure:cdn:FrontdoorProfile
name: example
properties:
name: example-profile
resourceGroupName: ${example.name}
skuName: Premium_AzureFrontDoor
exampleFrontdoorFirewallPolicy:
type: azure:cdn:FrontdoorFirewallPolicy
name: example
properties:
name: examplecdnfdwafpolicy
resourceGroupName: ${example.name}
skuName: ${exampleFrontdoorProfile.skuName}
enabled: true
mode: Prevention
redirectUrl: https://www.contoso.com
customBlockResponseStatusCode: 403
customBlockResponseBody: PGh0bWw+CjxoZWFkZXI+PHRpdGxlPkhlbGxvPC90aXRsZT48L2hlYWRlcj4KPGJvZHk+CkhlbGxvIHdvcmxkCjwvYm9keT4KPC9odG1sPg==
customRules:
- name: Rule1
enabled: true
priority: 1
rateLimitDurationInMinutes: 1
rateLimitThreshold: 10
type: MatchRule
action: Block
matchConditions:
- matchVariable: RemoteAddr
operator: IPMatch
negationCondition: false
matchValues:
- 10.0.1.0/24
- 10.0.0.0/24
- name: Rule2
enabled: true
priority: 2
rateLimitDurationInMinutes: 1
rateLimitThreshold: 10
type: MatchRule
action: Block
matchConditions:
- matchVariable: RemoteAddr
operator: IPMatch
negationCondition: false
matchValues:
- 192.168.1.0/24
- matchVariable: RequestHeader
selector: UserAgent
operator: Contains
negationCondition: false
matchValues:
- windows
transforms:
- Lowercase
- Trim
managedRules:
- type: DefaultRuleSet
version: '1.0'
exclusions:
- matchVariable: QueryStringArgNames
operator: Equals
selector: not_suspicious
overrides:
- ruleGroupName: PHP
rules:
- ruleId: '933100'
enabled: false
action: Block
- ruleGroupName: SQLI
exclusions:
- matchVariable: QueryStringArgNames
operator: Equals
selector: really_not_suspicious
rules:
- ruleId: '942200'
action: Block
exclusions:
- matchVariable: QueryStringArgNames
operator: Equals
selector: innocent
- type: Microsoft_BotManagerRuleSet
version: '1.0'
action: LogContent copied to clipboard
Import
Front Door Firewall Policies can be imported using the resource id, e.g.
$ pulumi import azure:cdn/frontdoorFirewallPolicy:FrontdoorFirewallPolicy example /subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/resourceGroup1/providers/Microsoft.Network/frontDoorWebApplicationFirewallPolicies/firewallPolicy1Content copied to clipboard
Constructors
Link copied to clipboard
constructor(customBlockResponseBody: Output<String>? = null, customBlockResponseStatusCode: Output<Int>? = null, customRules: Output<List<FrontdoorFirewallPolicyCustomRuleArgs>>? = null, enabled: Output<Boolean>? = null, managedRules: Output<List<FrontdoorFirewallPolicyManagedRuleArgs>>? = null, mode: Output<String>? = null, name: Output<String>? = null, redirectUrl: Output<String>? = null, requestBodyCheckEnabled: Output<Boolean>? = null, resourceGroupName: Output<String>? = null, skuName: Output<String>? = null, tags: Output<Map<String, String>>? = null)
Properties
Link copied to clipboard
If a custom_rule block's action type is block, this is the response body. The body must be specified in base64 encoding.
Link copied to clipboard
If a custom_rule block's action type is block, this is the response status code. Possible values are 200, 403, 405, 406, or 429.
Link copied to clipboard
One or more custom_rule blocks as defined below.
Link copied to clipboard
One or more managed_rule blocks as defined below.
Link copied to clipboard
If action type is redirect, this field represents redirect URL for the client.
Link copied to clipboard
Should policy managed rules inspect the request body content? Defaults to true.
Link copied to clipboard
The name of the resource group. Changing this forces a new resource to be created.