1. Packages
  2. Oracle Cloud Infrastructure
  3. API Docs
  4. Waf
  5. AppFirewallPolicy
Oracle Cloud Infrastructure v2.17.0 published on Friday, Nov 15, 2024 by Pulumi

oci.Waf.AppFirewallPolicy

Explore with Pulumi AI

oci logo
Oracle Cloud Infrastructure v2.17.0 published on Friday, Nov 15, 2024 by Pulumi

    This resource provides the Web App Firewall Policy resource in Oracle Cloud Infrastructure Waf service.

    Creates a new WebAppFirewallPolicy.

    Example Usage

    import * as pulumi from "@pulumi/pulumi";
    import * as oci from "@pulumi/oci";
    
    const testWebAppFirewallPolicy = new oci.waf.AppFirewallPolicy("test_web_app_firewall_policy", {
        compartmentId: compartmentId,
        actions: [{
            name: webAppFirewallPolicyActionsName,
            type: webAppFirewallPolicyActionsType,
            body: {
                text: webAppFirewallPolicyActionsBodyText,
                type: webAppFirewallPolicyActionsBodyType,
            },
            code: webAppFirewallPolicyActionsCode,
            headers: [{
                name: webAppFirewallPolicyActionsHeadersName,
                value: webAppFirewallPolicyActionsHeadersValue,
            }],
        }],
        definedTags: {
            "foo-namespace.bar-key": "value",
        },
        displayName: webAppFirewallPolicyDisplayName,
        freeformTags: {
            "bar-key": "value",
        },
        requestAccessControl: {
            defaultActionName: webAppFirewallPolicyRequestAccessControlDefaultActionName,
            rules: [{
                actionName: webAppFirewallPolicyRequestAccessControlRulesActionName,
                name: webAppFirewallPolicyRequestAccessControlRulesName,
                type: webAppFirewallPolicyRequestAccessControlRulesType,
                condition: webAppFirewallPolicyRequestAccessControlRulesCondition,
                conditionLanguage: webAppFirewallPolicyRequestAccessControlRulesConditionLanguage,
            }],
        },
        requestProtection: {
            bodyInspectionSizeLimitExceededActionName: webAppFirewallPolicyRequestProtectionBodyInspectionSizeLimitExceededActionName,
            bodyInspectionSizeLimitInBytes: webAppFirewallPolicyRequestProtectionBodyInspectionSizeLimitInBytes,
            rules: [{
                actionName: webAppFirewallPolicyRequestProtectionRulesActionName,
                name: webAppFirewallPolicyRequestProtectionRulesName,
                protectionCapabilities: [{
                    key: webAppFirewallPolicyRequestProtectionRulesProtectionCapabilitiesKey,
                    version: webAppFirewallPolicyRequestProtectionRulesProtectionCapabilitiesVersion,
                    actionName: webAppFirewallPolicyRequestProtectionRulesProtectionCapabilitiesActionName,
                    collaborativeActionThreshold: webAppFirewallPolicyRequestProtectionRulesProtectionCapabilitiesCollaborativeActionThreshold,
                    collaborativeWeights: [{
                        key: webAppFirewallPolicyRequestProtectionRulesProtectionCapabilitiesCollaborativeWeightsKey,
                        weight: webAppFirewallPolicyRequestProtectionRulesProtectionCapabilitiesCollaborativeWeightsWeight,
                    }],
                    exclusions: {
                        args: webAppFirewallPolicyRequestProtectionRulesProtectionCapabilitiesExclusionsArgs,
                        requestCookies: webAppFirewallPolicyRequestProtectionRulesProtectionCapabilitiesExclusionsRequestCookies,
                    },
                }],
                type: webAppFirewallPolicyRequestProtectionRulesType,
                condition: webAppFirewallPolicyRequestProtectionRulesCondition,
                conditionLanguage: webAppFirewallPolicyRequestProtectionRulesConditionLanguage,
                isBodyInspectionEnabled: webAppFirewallPolicyRequestProtectionRulesIsBodyInspectionEnabled,
                protectionCapabilitySettings: {
                    allowedHttpMethods: webAppFirewallPolicyRequestProtectionRulesProtectionCapabilitySettingsAllowedHttpMethods,
                    maxHttpRequestHeaderLength: webAppFirewallPolicyRequestProtectionRulesProtectionCapabilitySettingsMaxHttpRequestHeaderLength,
                    maxHttpRequestHeaders: webAppFirewallPolicyRequestProtectionRulesProtectionCapabilitySettingsMaxHttpRequestHeaders,
                    maxNumberOfArguments: webAppFirewallPolicyRequestProtectionRulesProtectionCapabilitySettingsMaxNumberOfArguments,
                    maxSingleArgumentLength: webAppFirewallPolicyRequestProtectionRulesProtectionCapabilitySettingsMaxSingleArgumentLength,
                    maxTotalArgumentLength: webAppFirewallPolicyRequestProtectionRulesProtectionCapabilitySettingsMaxTotalArgumentLength,
                },
            }],
        },
        requestRateLimiting: {
            rules: [{
                actionName: webAppFirewallPolicyRequestRateLimitingRulesActionName,
                configurations: [{
                    periodInSeconds: webAppFirewallPolicyRequestRateLimitingRulesConfigurationsPeriodInSeconds,
                    requestsLimit: webAppFirewallPolicyRequestRateLimitingRulesConfigurationsRequestsLimit,
                    actionDurationInSeconds: webAppFirewallPolicyRequestRateLimitingRulesConfigurationsActionDurationInSeconds,
                }],
                name: webAppFirewallPolicyRequestRateLimitingRulesName,
                type: webAppFirewallPolicyRequestRateLimitingRulesType,
                condition: webAppFirewallPolicyRequestRateLimitingRulesCondition,
                conditionLanguage: webAppFirewallPolicyRequestRateLimitingRulesConditionLanguage,
            }],
        },
        responseAccessControl: {
            rules: [{
                actionName: webAppFirewallPolicyResponseAccessControlRulesActionName,
                name: webAppFirewallPolicyResponseAccessControlRulesName,
                type: webAppFirewallPolicyResponseAccessControlRulesType,
                condition: webAppFirewallPolicyResponseAccessControlRulesCondition,
                conditionLanguage: webAppFirewallPolicyResponseAccessControlRulesConditionLanguage,
            }],
        },
        responseProtection: {
            rules: [{
                actionName: webAppFirewallPolicyResponseProtectionRulesActionName,
                name: webAppFirewallPolicyResponseProtectionRulesName,
                protectionCapabilities: [{
                    key: webAppFirewallPolicyResponseProtectionRulesProtectionCapabilitiesKey,
                    version: webAppFirewallPolicyResponseProtectionRulesProtectionCapabilitiesVersion,
                    actionName: webAppFirewallPolicyResponseProtectionRulesProtectionCapabilitiesActionName,
                    collaborativeActionThreshold: webAppFirewallPolicyResponseProtectionRulesProtectionCapabilitiesCollaborativeActionThreshold,
                    collaborativeWeights: [{
                        key: webAppFirewallPolicyResponseProtectionRulesProtectionCapabilitiesCollaborativeWeightsKey,
                        weight: webAppFirewallPolicyResponseProtectionRulesProtectionCapabilitiesCollaborativeWeightsWeight,
                    }],
                    exclusions: {
                        args: webAppFirewallPolicyResponseProtectionRulesProtectionCapabilitiesExclusionsArgs,
                        requestCookies: webAppFirewallPolicyResponseProtectionRulesProtectionCapabilitiesExclusionsRequestCookies,
                    },
                }],
                type: webAppFirewallPolicyResponseProtectionRulesType,
                condition: webAppFirewallPolicyResponseProtectionRulesCondition,
                conditionLanguage: webAppFirewallPolicyResponseProtectionRulesConditionLanguage,
                isBodyInspectionEnabled: webAppFirewallPolicyResponseProtectionRulesIsBodyInspectionEnabled,
                protectionCapabilitySettings: {
                    allowedHttpMethods: webAppFirewallPolicyResponseProtectionRulesProtectionCapabilitySettingsAllowedHttpMethods,
                    maxHttpRequestHeaderLength: webAppFirewallPolicyResponseProtectionRulesProtectionCapabilitySettingsMaxHttpRequestHeaderLength,
                    maxHttpRequestHeaders: webAppFirewallPolicyResponseProtectionRulesProtectionCapabilitySettingsMaxHttpRequestHeaders,
                    maxNumberOfArguments: webAppFirewallPolicyResponseProtectionRulesProtectionCapabilitySettingsMaxNumberOfArguments,
                    maxSingleArgumentLength: webAppFirewallPolicyResponseProtectionRulesProtectionCapabilitySettingsMaxSingleArgumentLength,
                    maxTotalArgumentLength: webAppFirewallPolicyResponseProtectionRulesProtectionCapabilitySettingsMaxTotalArgumentLength,
                },
            }],
        },
        systemTags: webAppFirewallPolicySystemTags,
    });
    
    import pulumi
    import pulumi_oci as oci
    
    test_web_app_firewall_policy = oci.waf.AppFirewallPolicy("test_web_app_firewall_policy",
        compartment_id=compartment_id,
        actions=[{
            "name": web_app_firewall_policy_actions_name,
            "type": web_app_firewall_policy_actions_type,
            "body": {
                "text": web_app_firewall_policy_actions_body_text,
                "type": web_app_firewall_policy_actions_body_type,
            },
            "code": web_app_firewall_policy_actions_code,
            "headers": [{
                "name": web_app_firewall_policy_actions_headers_name,
                "value": web_app_firewall_policy_actions_headers_value,
            }],
        }],
        defined_tags={
            "foo-namespace.bar-key": "value",
        },
        display_name=web_app_firewall_policy_display_name,
        freeform_tags={
            "bar-key": "value",
        },
        request_access_control={
            "default_action_name": web_app_firewall_policy_request_access_control_default_action_name,
            "rules": [{
                "action_name": web_app_firewall_policy_request_access_control_rules_action_name,
                "name": web_app_firewall_policy_request_access_control_rules_name,
                "type": web_app_firewall_policy_request_access_control_rules_type,
                "condition": web_app_firewall_policy_request_access_control_rules_condition,
                "condition_language": web_app_firewall_policy_request_access_control_rules_condition_language,
            }],
        },
        request_protection={
            "body_inspection_size_limit_exceeded_action_name": web_app_firewall_policy_request_protection_body_inspection_size_limit_exceeded_action_name,
            "body_inspection_size_limit_in_bytes": web_app_firewall_policy_request_protection_body_inspection_size_limit_in_bytes,
            "rules": [{
                "action_name": web_app_firewall_policy_request_protection_rules_action_name,
                "name": web_app_firewall_policy_request_protection_rules_name,
                "protection_capabilities": [{
                    "key": web_app_firewall_policy_request_protection_rules_protection_capabilities_key,
                    "version": web_app_firewall_policy_request_protection_rules_protection_capabilities_version,
                    "action_name": web_app_firewall_policy_request_protection_rules_protection_capabilities_action_name,
                    "collaborative_action_threshold": web_app_firewall_policy_request_protection_rules_protection_capabilities_collaborative_action_threshold,
                    "collaborative_weights": [{
                        "key": web_app_firewall_policy_request_protection_rules_protection_capabilities_collaborative_weights_key,
                        "weight": web_app_firewall_policy_request_protection_rules_protection_capabilities_collaborative_weights_weight,
                    }],
                    "exclusions": {
                        "args": web_app_firewall_policy_request_protection_rules_protection_capabilities_exclusions_args,
                        "request_cookies": web_app_firewall_policy_request_protection_rules_protection_capabilities_exclusions_request_cookies,
                    },
                }],
                "type": web_app_firewall_policy_request_protection_rules_type,
                "condition": web_app_firewall_policy_request_protection_rules_condition,
                "condition_language": web_app_firewall_policy_request_protection_rules_condition_language,
                "is_body_inspection_enabled": web_app_firewall_policy_request_protection_rules_is_body_inspection_enabled,
                "protection_capability_settings": {
                    "allowed_http_methods": web_app_firewall_policy_request_protection_rules_protection_capability_settings_allowed_http_methods,
                    "max_http_request_header_length": web_app_firewall_policy_request_protection_rules_protection_capability_settings_max_http_request_header_length,
                    "max_http_request_headers": web_app_firewall_policy_request_protection_rules_protection_capability_settings_max_http_request_headers,
                    "max_number_of_arguments": web_app_firewall_policy_request_protection_rules_protection_capability_settings_max_number_of_arguments,
                    "max_single_argument_length": web_app_firewall_policy_request_protection_rules_protection_capability_settings_max_single_argument_length,
                    "max_total_argument_length": web_app_firewall_policy_request_protection_rules_protection_capability_settings_max_total_argument_length,
                },
            }],
        },
        request_rate_limiting={
            "rules": [{
                "action_name": web_app_firewall_policy_request_rate_limiting_rules_action_name,
                "configurations": [{
                    "period_in_seconds": web_app_firewall_policy_request_rate_limiting_rules_configurations_period_in_seconds,
                    "requests_limit": web_app_firewall_policy_request_rate_limiting_rules_configurations_requests_limit,
                    "action_duration_in_seconds": web_app_firewall_policy_request_rate_limiting_rules_configurations_action_duration_in_seconds,
                }],
                "name": web_app_firewall_policy_request_rate_limiting_rules_name,
                "type": web_app_firewall_policy_request_rate_limiting_rules_type,
                "condition": web_app_firewall_policy_request_rate_limiting_rules_condition,
                "condition_language": web_app_firewall_policy_request_rate_limiting_rules_condition_language,
            }],
        },
        response_access_control={
            "rules": [{
                "action_name": web_app_firewall_policy_response_access_control_rules_action_name,
                "name": web_app_firewall_policy_response_access_control_rules_name,
                "type": web_app_firewall_policy_response_access_control_rules_type,
                "condition": web_app_firewall_policy_response_access_control_rules_condition,
                "condition_language": web_app_firewall_policy_response_access_control_rules_condition_language,
            }],
        },
        response_protection={
            "rules": [{
                "action_name": web_app_firewall_policy_response_protection_rules_action_name,
                "name": web_app_firewall_policy_response_protection_rules_name,
                "protection_capabilities": [{
                    "key": web_app_firewall_policy_response_protection_rules_protection_capabilities_key,
                    "version": web_app_firewall_policy_response_protection_rules_protection_capabilities_version,
                    "action_name": web_app_firewall_policy_response_protection_rules_protection_capabilities_action_name,
                    "collaborative_action_threshold": web_app_firewall_policy_response_protection_rules_protection_capabilities_collaborative_action_threshold,
                    "collaborative_weights": [{
                        "key": web_app_firewall_policy_response_protection_rules_protection_capabilities_collaborative_weights_key,
                        "weight": web_app_firewall_policy_response_protection_rules_protection_capabilities_collaborative_weights_weight,
                    }],
                    "exclusions": {
                        "args": web_app_firewall_policy_response_protection_rules_protection_capabilities_exclusions_args,
                        "request_cookies": web_app_firewall_policy_response_protection_rules_protection_capabilities_exclusions_request_cookies,
                    },
                }],
                "type": web_app_firewall_policy_response_protection_rules_type,
                "condition": web_app_firewall_policy_response_protection_rules_condition,
                "condition_language": web_app_firewall_policy_response_protection_rules_condition_language,
                "is_body_inspection_enabled": web_app_firewall_policy_response_protection_rules_is_body_inspection_enabled,
                "protection_capability_settings": {
                    "allowed_http_methods": web_app_firewall_policy_response_protection_rules_protection_capability_settings_allowed_http_methods,
                    "max_http_request_header_length": web_app_firewall_policy_response_protection_rules_protection_capability_settings_max_http_request_header_length,
                    "max_http_request_headers": web_app_firewall_policy_response_protection_rules_protection_capability_settings_max_http_request_headers,
                    "max_number_of_arguments": web_app_firewall_policy_response_protection_rules_protection_capability_settings_max_number_of_arguments,
                    "max_single_argument_length": web_app_firewall_policy_response_protection_rules_protection_capability_settings_max_single_argument_length,
                    "max_total_argument_length": web_app_firewall_policy_response_protection_rules_protection_capability_settings_max_total_argument_length,
                },
            }],
        },
        system_tags=web_app_firewall_policy_system_tags)
    
    package main
    
    import (
    	"github.com/pulumi/pulumi-oci/sdk/v2/go/oci/Waf"
    	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
    )
    
    func main() {
    	pulumi.Run(func(ctx *pulumi.Context) error {
    		_, err := Waf.NewAppFirewallPolicy(ctx, "test_web_app_firewall_policy", &Waf.AppFirewallPolicyArgs{
    			CompartmentId: pulumi.Any(compartmentId),
    			Actions: waf.AppFirewallPolicyActionArray{
    				&waf.AppFirewallPolicyActionArgs{
    					Name: pulumi.Any(webAppFirewallPolicyActionsName),
    					Type: pulumi.Any(webAppFirewallPolicyActionsType),
    					Body: &waf.AppFirewallPolicyActionBodyArgs{
    						Text: pulumi.Any(webAppFirewallPolicyActionsBodyText),
    						Type: pulumi.Any(webAppFirewallPolicyActionsBodyType),
    					},
    					Code: pulumi.Any(webAppFirewallPolicyActionsCode),
    					Headers: waf.AppFirewallPolicyActionHeaderArray{
    						&waf.AppFirewallPolicyActionHeaderArgs{
    							Name:  pulumi.Any(webAppFirewallPolicyActionsHeadersName),
    							Value: pulumi.Any(webAppFirewallPolicyActionsHeadersValue),
    						},
    					},
    				},
    			},
    			DefinedTags: pulumi.StringMap{
    				"foo-namespace.bar-key": pulumi.String("value"),
    			},
    			DisplayName: pulumi.Any(webAppFirewallPolicyDisplayName),
    			FreeformTags: pulumi.StringMap{
    				"bar-key": pulumi.String("value"),
    			},
    			RequestAccessControl: &waf.AppFirewallPolicyRequestAccessControlArgs{
    				DefaultActionName: pulumi.Any(webAppFirewallPolicyRequestAccessControlDefaultActionName),
    				Rules: waf.AppFirewallPolicyRequestAccessControlRuleArray{
    					&waf.AppFirewallPolicyRequestAccessControlRuleArgs{
    						ActionName:        pulumi.Any(webAppFirewallPolicyRequestAccessControlRulesActionName),
    						Name:              pulumi.Any(webAppFirewallPolicyRequestAccessControlRulesName),
    						Type:              pulumi.Any(webAppFirewallPolicyRequestAccessControlRulesType),
    						Condition:         pulumi.Any(webAppFirewallPolicyRequestAccessControlRulesCondition),
    						ConditionLanguage: pulumi.Any(webAppFirewallPolicyRequestAccessControlRulesConditionLanguage),
    					},
    				},
    			},
    			RequestProtection: &waf.AppFirewallPolicyRequestProtectionArgs{
    				BodyInspectionSizeLimitExceededActionName: pulumi.Any(webAppFirewallPolicyRequestProtectionBodyInspectionSizeLimitExceededActionName),
    				BodyInspectionSizeLimitInBytes:            pulumi.Any(webAppFirewallPolicyRequestProtectionBodyInspectionSizeLimitInBytes),
    				Rules: waf.AppFirewallPolicyRequestProtectionRuleArray{
    					&waf.AppFirewallPolicyRequestProtectionRuleArgs{
    						ActionName: pulumi.Any(webAppFirewallPolicyRequestProtectionRulesActionName),
    						Name:       pulumi.Any(webAppFirewallPolicyRequestProtectionRulesName),
    						ProtectionCapabilities: waf.AppFirewallPolicyRequestProtectionRuleProtectionCapabilityArray{
    							&waf.AppFirewallPolicyRequestProtectionRuleProtectionCapabilityArgs{
    								Key:                          pulumi.Any(webAppFirewallPolicyRequestProtectionRulesProtectionCapabilitiesKey),
    								Version:                      pulumi.Any(webAppFirewallPolicyRequestProtectionRulesProtectionCapabilitiesVersion),
    								ActionName:                   pulumi.Any(webAppFirewallPolicyRequestProtectionRulesProtectionCapabilitiesActionName),
    								CollaborativeActionThreshold: pulumi.Any(webAppFirewallPolicyRequestProtectionRulesProtectionCapabilitiesCollaborativeActionThreshold),
    								CollaborativeWeights: waf.AppFirewallPolicyRequestProtectionRuleProtectionCapabilityCollaborativeWeightArray{
    									&waf.AppFirewallPolicyRequestProtectionRuleProtectionCapabilityCollaborativeWeightArgs{
    										Key:    pulumi.Any(webAppFirewallPolicyRequestProtectionRulesProtectionCapabilitiesCollaborativeWeightsKey),
    										Weight: pulumi.Any(webAppFirewallPolicyRequestProtectionRulesProtectionCapabilitiesCollaborativeWeightsWeight),
    									},
    								},
    								Exclusions: &waf.AppFirewallPolicyRequestProtectionRuleProtectionCapabilityExclusionsArgs{
    									Args:           pulumi.Any(webAppFirewallPolicyRequestProtectionRulesProtectionCapabilitiesExclusionsArgs),
    									RequestCookies: pulumi.Any(webAppFirewallPolicyRequestProtectionRulesProtectionCapabilitiesExclusionsRequestCookies),
    								},
    							},
    						},
    						Type:                    pulumi.Any(webAppFirewallPolicyRequestProtectionRulesType),
    						Condition:               pulumi.Any(webAppFirewallPolicyRequestProtectionRulesCondition),
    						ConditionLanguage:       pulumi.Any(webAppFirewallPolicyRequestProtectionRulesConditionLanguage),
    						IsBodyInspectionEnabled: pulumi.Any(webAppFirewallPolicyRequestProtectionRulesIsBodyInspectionEnabled),
    						ProtectionCapabilitySettings: &waf.AppFirewallPolicyRequestProtectionRuleProtectionCapabilitySettingsArgs{
    							AllowedHttpMethods:         pulumi.Any(webAppFirewallPolicyRequestProtectionRulesProtectionCapabilitySettingsAllowedHttpMethods),
    							MaxHttpRequestHeaderLength: pulumi.Any(webAppFirewallPolicyRequestProtectionRulesProtectionCapabilitySettingsMaxHttpRequestHeaderLength),
    							MaxHttpRequestHeaders:      pulumi.Any(webAppFirewallPolicyRequestProtectionRulesProtectionCapabilitySettingsMaxHttpRequestHeaders),
    							MaxNumberOfArguments:       pulumi.Any(webAppFirewallPolicyRequestProtectionRulesProtectionCapabilitySettingsMaxNumberOfArguments),
    							MaxSingleArgumentLength:    pulumi.Any(webAppFirewallPolicyRequestProtectionRulesProtectionCapabilitySettingsMaxSingleArgumentLength),
    							MaxTotalArgumentLength:     pulumi.Any(webAppFirewallPolicyRequestProtectionRulesProtectionCapabilitySettingsMaxTotalArgumentLength),
    						},
    					},
    				},
    			},
    			RequestRateLimiting: &waf.AppFirewallPolicyRequestRateLimitingArgs{
    				Rules: waf.AppFirewallPolicyRequestRateLimitingRuleArray{
    					&waf.AppFirewallPolicyRequestRateLimitingRuleArgs{
    						ActionName: pulumi.Any(webAppFirewallPolicyRequestRateLimitingRulesActionName),
    						Configurations: waf.AppFirewallPolicyRequestRateLimitingRuleConfigurationArray{
    							&waf.AppFirewallPolicyRequestRateLimitingRuleConfigurationArgs{
    								PeriodInSeconds:         pulumi.Any(webAppFirewallPolicyRequestRateLimitingRulesConfigurationsPeriodInSeconds),
    								RequestsLimit:           pulumi.Any(webAppFirewallPolicyRequestRateLimitingRulesConfigurationsRequestsLimit),
    								ActionDurationInSeconds: pulumi.Any(webAppFirewallPolicyRequestRateLimitingRulesConfigurationsActionDurationInSeconds),
    							},
    						},
    						Name:              pulumi.Any(webAppFirewallPolicyRequestRateLimitingRulesName),
    						Type:              pulumi.Any(webAppFirewallPolicyRequestRateLimitingRulesType),
    						Condition:         pulumi.Any(webAppFirewallPolicyRequestRateLimitingRulesCondition),
    						ConditionLanguage: pulumi.Any(webAppFirewallPolicyRequestRateLimitingRulesConditionLanguage),
    					},
    				},
    			},
    			ResponseAccessControl: &waf.AppFirewallPolicyResponseAccessControlArgs{
    				Rules: waf.AppFirewallPolicyResponseAccessControlRuleArray{
    					&waf.AppFirewallPolicyResponseAccessControlRuleArgs{
    						ActionName:        pulumi.Any(webAppFirewallPolicyResponseAccessControlRulesActionName),
    						Name:              pulumi.Any(webAppFirewallPolicyResponseAccessControlRulesName),
    						Type:              pulumi.Any(webAppFirewallPolicyResponseAccessControlRulesType),
    						Condition:         pulumi.Any(webAppFirewallPolicyResponseAccessControlRulesCondition),
    						ConditionLanguage: pulumi.Any(webAppFirewallPolicyResponseAccessControlRulesConditionLanguage),
    					},
    				},
    			},
    			ResponseProtection: &waf.AppFirewallPolicyResponseProtectionArgs{
    				Rules: waf.AppFirewallPolicyResponseProtectionRuleArray{
    					&waf.AppFirewallPolicyResponseProtectionRuleArgs{
    						ActionName: pulumi.Any(webAppFirewallPolicyResponseProtectionRulesActionName),
    						Name:       pulumi.Any(webAppFirewallPolicyResponseProtectionRulesName),
    						ProtectionCapabilities: waf.AppFirewallPolicyResponseProtectionRuleProtectionCapabilityArray{
    							&waf.AppFirewallPolicyResponseProtectionRuleProtectionCapabilityArgs{
    								Key:                          pulumi.Any(webAppFirewallPolicyResponseProtectionRulesProtectionCapabilitiesKey),
    								Version:                      pulumi.Any(webAppFirewallPolicyResponseProtectionRulesProtectionCapabilitiesVersion),
    								ActionName:                   pulumi.Any(webAppFirewallPolicyResponseProtectionRulesProtectionCapabilitiesActionName),
    								CollaborativeActionThreshold: pulumi.Any(webAppFirewallPolicyResponseProtectionRulesProtectionCapabilitiesCollaborativeActionThreshold),
    								CollaborativeWeights: waf.AppFirewallPolicyResponseProtectionRuleProtectionCapabilityCollaborativeWeightArray{
    									&waf.AppFirewallPolicyResponseProtectionRuleProtectionCapabilityCollaborativeWeightArgs{
    										Key:    pulumi.Any(webAppFirewallPolicyResponseProtectionRulesProtectionCapabilitiesCollaborativeWeightsKey),
    										Weight: pulumi.Any(webAppFirewallPolicyResponseProtectionRulesProtectionCapabilitiesCollaborativeWeightsWeight),
    									},
    								},
    								Exclusions: &waf.AppFirewallPolicyResponseProtectionRuleProtectionCapabilityExclusionsArgs{
    									Args:           pulumi.Any(webAppFirewallPolicyResponseProtectionRulesProtectionCapabilitiesExclusionsArgs),
    									RequestCookies: pulumi.Any(webAppFirewallPolicyResponseProtectionRulesProtectionCapabilitiesExclusionsRequestCookies),
    								},
    							},
    						},
    						Type:                    pulumi.Any(webAppFirewallPolicyResponseProtectionRulesType),
    						Condition:               pulumi.Any(webAppFirewallPolicyResponseProtectionRulesCondition),
    						ConditionLanguage:       pulumi.Any(webAppFirewallPolicyResponseProtectionRulesConditionLanguage),
    						IsBodyInspectionEnabled: pulumi.Any(webAppFirewallPolicyResponseProtectionRulesIsBodyInspectionEnabled),
    						ProtectionCapabilitySettings: &waf.AppFirewallPolicyResponseProtectionRuleProtectionCapabilitySettingsArgs{
    							AllowedHttpMethods:         pulumi.Any(webAppFirewallPolicyResponseProtectionRulesProtectionCapabilitySettingsAllowedHttpMethods),
    							MaxHttpRequestHeaderLength: pulumi.Any(webAppFirewallPolicyResponseProtectionRulesProtectionCapabilitySettingsMaxHttpRequestHeaderLength),
    							MaxHttpRequestHeaders:      pulumi.Any(webAppFirewallPolicyResponseProtectionRulesProtectionCapabilitySettingsMaxHttpRequestHeaders),
    							MaxNumberOfArguments:       pulumi.Any(webAppFirewallPolicyResponseProtectionRulesProtectionCapabilitySettingsMaxNumberOfArguments),
    							MaxSingleArgumentLength:    pulumi.Any(webAppFirewallPolicyResponseProtectionRulesProtectionCapabilitySettingsMaxSingleArgumentLength),
    							MaxTotalArgumentLength:     pulumi.Any(webAppFirewallPolicyResponseProtectionRulesProtectionCapabilitySettingsMaxTotalArgumentLength),
    						},
    					},
    				},
    			},
    			SystemTags: pulumi.Any(webAppFirewallPolicySystemTags),
    		})
    		if err != nil {
    			return err
    		}
    		return nil
    	})
    }
    
    using System.Collections.Generic;
    using System.Linq;
    using Pulumi;
    using Oci = Pulumi.Oci;
    
    return await Deployment.RunAsync(() => 
    {
        var testWebAppFirewallPolicy = new Oci.Waf.AppFirewallPolicy("test_web_app_firewall_policy", new()
        {
            CompartmentId = compartmentId,
            Actions = new[]
            {
                new Oci.Waf.Inputs.AppFirewallPolicyActionArgs
                {
                    Name = webAppFirewallPolicyActionsName,
                    Type = webAppFirewallPolicyActionsType,
                    Body = new Oci.Waf.Inputs.AppFirewallPolicyActionBodyArgs
                    {
                        Text = webAppFirewallPolicyActionsBodyText,
                        Type = webAppFirewallPolicyActionsBodyType,
                    },
                    Code = webAppFirewallPolicyActionsCode,
                    Headers = new[]
                    {
                        new Oci.Waf.Inputs.AppFirewallPolicyActionHeaderArgs
                        {
                            Name = webAppFirewallPolicyActionsHeadersName,
                            Value = webAppFirewallPolicyActionsHeadersValue,
                        },
                    },
                },
            },
            DefinedTags = 
            {
                { "foo-namespace.bar-key", "value" },
            },
            DisplayName = webAppFirewallPolicyDisplayName,
            FreeformTags = 
            {
                { "bar-key", "value" },
            },
            RequestAccessControl = new Oci.Waf.Inputs.AppFirewallPolicyRequestAccessControlArgs
            {
                DefaultActionName = webAppFirewallPolicyRequestAccessControlDefaultActionName,
                Rules = new[]
                {
                    new Oci.Waf.Inputs.AppFirewallPolicyRequestAccessControlRuleArgs
                    {
                        ActionName = webAppFirewallPolicyRequestAccessControlRulesActionName,
                        Name = webAppFirewallPolicyRequestAccessControlRulesName,
                        Type = webAppFirewallPolicyRequestAccessControlRulesType,
                        Condition = webAppFirewallPolicyRequestAccessControlRulesCondition,
                        ConditionLanguage = webAppFirewallPolicyRequestAccessControlRulesConditionLanguage,
                    },
                },
            },
            RequestProtection = new Oci.Waf.Inputs.AppFirewallPolicyRequestProtectionArgs
            {
                BodyInspectionSizeLimitExceededActionName = webAppFirewallPolicyRequestProtectionBodyInspectionSizeLimitExceededActionName,
                BodyInspectionSizeLimitInBytes = webAppFirewallPolicyRequestProtectionBodyInspectionSizeLimitInBytes,
                Rules = new[]
                {
                    new Oci.Waf.Inputs.AppFirewallPolicyRequestProtectionRuleArgs
                    {
                        ActionName = webAppFirewallPolicyRequestProtectionRulesActionName,
                        Name = webAppFirewallPolicyRequestProtectionRulesName,
                        ProtectionCapabilities = new[]
                        {
                            new Oci.Waf.Inputs.AppFirewallPolicyRequestProtectionRuleProtectionCapabilityArgs
                            {
                                Key = webAppFirewallPolicyRequestProtectionRulesProtectionCapabilitiesKey,
                                Version = webAppFirewallPolicyRequestProtectionRulesProtectionCapabilitiesVersion,
                                ActionName = webAppFirewallPolicyRequestProtectionRulesProtectionCapabilitiesActionName,
                                CollaborativeActionThreshold = webAppFirewallPolicyRequestProtectionRulesProtectionCapabilitiesCollaborativeActionThreshold,
                                CollaborativeWeights = new[]
                                {
                                    new Oci.Waf.Inputs.AppFirewallPolicyRequestProtectionRuleProtectionCapabilityCollaborativeWeightArgs
                                    {
                                        Key = webAppFirewallPolicyRequestProtectionRulesProtectionCapabilitiesCollaborativeWeightsKey,
                                        Weight = webAppFirewallPolicyRequestProtectionRulesProtectionCapabilitiesCollaborativeWeightsWeight,
                                    },
                                },
                                Exclusions = new Oci.Waf.Inputs.AppFirewallPolicyRequestProtectionRuleProtectionCapabilityExclusionsArgs
                                {
                                    Args = webAppFirewallPolicyRequestProtectionRulesProtectionCapabilitiesExclusionsArgs,
                                    RequestCookies = webAppFirewallPolicyRequestProtectionRulesProtectionCapabilitiesExclusionsRequestCookies,
                                },
                            },
                        },
                        Type = webAppFirewallPolicyRequestProtectionRulesType,
                        Condition = webAppFirewallPolicyRequestProtectionRulesCondition,
                        ConditionLanguage = webAppFirewallPolicyRequestProtectionRulesConditionLanguage,
                        IsBodyInspectionEnabled = webAppFirewallPolicyRequestProtectionRulesIsBodyInspectionEnabled,
                        ProtectionCapabilitySettings = new Oci.Waf.Inputs.AppFirewallPolicyRequestProtectionRuleProtectionCapabilitySettingsArgs
                        {
                            AllowedHttpMethods = webAppFirewallPolicyRequestProtectionRulesProtectionCapabilitySettingsAllowedHttpMethods,
                            MaxHttpRequestHeaderLength = webAppFirewallPolicyRequestProtectionRulesProtectionCapabilitySettingsMaxHttpRequestHeaderLength,
                            MaxHttpRequestHeaders = webAppFirewallPolicyRequestProtectionRulesProtectionCapabilitySettingsMaxHttpRequestHeaders,
                            MaxNumberOfArguments = webAppFirewallPolicyRequestProtectionRulesProtectionCapabilitySettingsMaxNumberOfArguments,
                            MaxSingleArgumentLength = webAppFirewallPolicyRequestProtectionRulesProtectionCapabilitySettingsMaxSingleArgumentLength,
                            MaxTotalArgumentLength = webAppFirewallPolicyRequestProtectionRulesProtectionCapabilitySettingsMaxTotalArgumentLength,
                        },
                    },
                },
            },
            RequestRateLimiting = new Oci.Waf.Inputs.AppFirewallPolicyRequestRateLimitingArgs
            {
                Rules = new[]
                {
                    new Oci.Waf.Inputs.AppFirewallPolicyRequestRateLimitingRuleArgs
                    {
                        ActionName = webAppFirewallPolicyRequestRateLimitingRulesActionName,
                        Configurations = new[]
                        {
                            new Oci.Waf.Inputs.AppFirewallPolicyRequestRateLimitingRuleConfigurationArgs
                            {
                                PeriodInSeconds = webAppFirewallPolicyRequestRateLimitingRulesConfigurationsPeriodInSeconds,
                                RequestsLimit = webAppFirewallPolicyRequestRateLimitingRulesConfigurationsRequestsLimit,
                                ActionDurationInSeconds = webAppFirewallPolicyRequestRateLimitingRulesConfigurationsActionDurationInSeconds,
                            },
                        },
                        Name = webAppFirewallPolicyRequestRateLimitingRulesName,
                        Type = webAppFirewallPolicyRequestRateLimitingRulesType,
                        Condition = webAppFirewallPolicyRequestRateLimitingRulesCondition,
                        ConditionLanguage = webAppFirewallPolicyRequestRateLimitingRulesConditionLanguage,
                    },
                },
            },
            ResponseAccessControl = new Oci.Waf.Inputs.AppFirewallPolicyResponseAccessControlArgs
            {
                Rules = new[]
                {
                    new Oci.Waf.Inputs.AppFirewallPolicyResponseAccessControlRuleArgs
                    {
                        ActionName = webAppFirewallPolicyResponseAccessControlRulesActionName,
                        Name = webAppFirewallPolicyResponseAccessControlRulesName,
                        Type = webAppFirewallPolicyResponseAccessControlRulesType,
                        Condition = webAppFirewallPolicyResponseAccessControlRulesCondition,
                        ConditionLanguage = webAppFirewallPolicyResponseAccessControlRulesConditionLanguage,
                    },
                },
            },
            ResponseProtection = new Oci.Waf.Inputs.AppFirewallPolicyResponseProtectionArgs
            {
                Rules = new[]
                {
                    new Oci.Waf.Inputs.AppFirewallPolicyResponseProtectionRuleArgs
                    {
                        ActionName = webAppFirewallPolicyResponseProtectionRulesActionName,
                        Name = webAppFirewallPolicyResponseProtectionRulesName,
                        ProtectionCapabilities = new[]
                        {
                            new Oci.Waf.Inputs.AppFirewallPolicyResponseProtectionRuleProtectionCapabilityArgs
                            {
                                Key = webAppFirewallPolicyResponseProtectionRulesProtectionCapabilitiesKey,
                                Version = webAppFirewallPolicyResponseProtectionRulesProtectionCapabilitiesVersion,
                                ActionName = webAppFirewallPolicyResponseProtectionRulesProtectionCapabilitiesActionName,
                                CollaborativeActionThreshold = webAppFirewallPolicyResponseProtectionRulesProtectionCapabilitiesCollaborativeActionThreshold,
                                CollaborativeWeights = new[]
                                {
                                    new Oci.Waf.Inputs.AppFirewallPolicyResponseProtectionRuleProtectionCapabilityCollaborativeWeightArgs
                                    {
                                        Key = webAppFirewallPolicyResponseProtectionRulesProtectionCapabilitiesCollaborativeWeightsKey,
                                        Weight = webAppFirewallPolicyResponseProtectionRulesProtectionCapabilitiesCollaborativeWeightsWeight,
                                    },
                                },
                                Exclusions = new Oci.Waf.Inputs.AppFirewallPolicyResponseProtectionRuleProtectionCapabilityExclusionsArgs
                                {
                                    Args = webAppFirewallPolicyResponseProtectionRulesProtectionCapabilitiesExclusionsArgs,
                                    RequestCookies = webAppFirewallPolicyResponseProtectionRulesProtectionCapabilitiesExclusionsRequestCookies,
                                },
                            },
                        },
                        Type = webAppFirewallPolicyResponseProtectionRulesType,
                        Condition = webAppFirewallPolicyResponseProtectionRulesCondition,
                        ConditionLanguage = webAppFirewallPolicyResponseProtectionRulesConditionLanguage,
                        IsBodyInspectionEnabled = webAppFirewallPolicyResponseProtectionRulesIsBodyInspectionEnabled,
                        ProtectionCapabilitySettings = new Oci.Waf.Inputs.AppFirewallPolicyResponseProtectionRuleProtectionCapabilitySettingsArgs
                        {
                            AllowedHttpMethods = webAppFirewallPolicyResponseProtectionRulesProtectionCapabilitySettingsAllowedHttpMethods,
                            MaxHttpRequestHeaderLength = webAppFirewallPolicyResponseProtectionRulesProtectionCapabilitySettingsMaxHttpRequestHeaderLength,
                            MaxHttpRequestHeaders = webAppFirewallPolicyResponseProtectionRulesProtectionCapabilitySettingsMaxHttpRequestHeaders,
                            MaxNumberOfArguments = webAppFirewallPolicyResponseProtectionRulesProtectionCapabilitySettingsMaxNumberOfArguments,
                            MaxSingleArgumentLength = webAppFirewallPolicyResponseProtectionRulesProtectionCapabilitySettingsMaxSingleArgumentLength,
                            MaxTotalArgumentLength = webAppFirewallPolicyResponseProtectionRulesProtectionCapabilitySettingsMaxTotalArgumentLength,
                        },
                    },
                },
            },
            SystemTags = webAppFirewallPolicySystemTags,
        });
    
    });
    
    package generated_program;
    
    import com.pulumi.Context;
    import com.pulumi.Pulumi;
    import com.pulumi.core.Output;
    import com.pulumi.oci.Waf.AppFirewallPolicy;
    import com.pulumi.oci.Waf.AppFirewallPolicyArgs;
    import com.pulumi.oci.Waf.inputs.AppFirewallPolicyActionArgs;
    import com.pulumi.oci.Waf.inputs.AppFirewallPolicyActionBodyArgs;
    import com.pulumi.oci.Waf.inputs.AppFirewallPolicyRequestAccessControlArgs;
    import com.pulumi.oci.Waf.inputs.AppFirewallPolicyRequestProtectionArgs;
    import com.pulumi.oci.Waf.inputs.AppFirewallPolicyRequestRateLimitingArgs;
    import com.pulumi.oci.Waf.inputs.AppFirewallPolicyResponseAccessControlArgs;
    import com.pulumi.oci.Waf.inputs.AppFirewallPolicyResponseProtectionArgs;
    import java.util.List;
    import java.util.ArrayList;
    import java.util.Map;
    import java.io.File;
    import java.nio.file.Files;
    import java.nio.file.Paths;
    
    public class App {
        public static void main(String[] args) {
            Pulumi.run(App::stack);
        }
    
        public static void stack(Context ctx) {
            var testWebAppFirewallPolicy = new AppFirewallPolicy("testWebAppFirewallPolicy", AppFirewallPolicyArgs.builder()
                .compartmentId(compartmentId)
                .actions(AppFirewallPolicyActionArgs.builder()
                    .name(webAppFirewallPolicyActionsName)
                    .type(webAppFirewallPolicyActionsType)
                    .body(AppFirewallPolicyActionBodyArgs.builder()
                        .text(webAppFirewallPolicyActionsBodyText)
                        .type(webAppFirewallPolicyActionsBodyType)
                        .build())
                    .code(webAppFirewallPolicyActionsCode)
                    .headers(AppFirewallPolicyActionHeaderArgs.builder()
                        .name(webAppFirewallPolicyActionsHeadersName)
                        .value(webAppFirewallPolicyActionsHeadersValue)
                        .build())
                    .build())
                .definedTags(Map.of("foo-namespace.bar-key", "value"))
                .displayName(webAppFirewallPolicyDisplayName)
                .freeformTags(Map.of("bar-key", "value"))
                .requestAccessControl(AppFirewallPolicyRequestAccessControlArgs.builder()
                    .defaultActionName(webAppFirewallPolicyRequestAccessControlDefaultActionName)
                    .rules(AppFirewallPolicyRequestAccessControlRuleArgs.builder()
                        .actionName(webAppFirewallPolicyRequestAccessControlRulesActionName)
                        .name(webAppFirewallPolicyRequestAccessControlRulesName)
                        .type(webAppFirewallPolicyRequestAccessControlRulesType)
                        .condition(webAppFirewallPolicyRequestAccessControlRulesCondition)
                        .conditionLanguage(webAppFirewallPolicyRequestAccessControlRulesConditionLanguage)
                        .build())
                    .build())
                .requestProtection(AppFirewallPolicyRequestProtectionArgs.builder()
                    .bodyInspectionSizeLimitExceededActionName(webAppFirewallPolicyRequestProtectionBodyInspectionSizeLimitExceededActionName)
                    .bodyInspectionSizeLimitInBytes(webAppFirewallPolicyRequestProtectionBodyInspectionSizeLimitInBytes)
                    .rules(AppFirewallPolicyRequestProtectionRuleArgs.builder()
                        .actionName(webAppFirewallPolicyRequestProtectionRulesActionName)
                        .name(webAppFirewallPolicyRequestProtectionRulesName)
                        .protectionCapabilities(AppFirewallPolicyRequestProtectionRuleProtectionCapabilityArgs.builder()
                            .key(webAppFirewallPolicyRequestProtectionRulesProtectionCapabilitiesKey)
                            .version(webAppFirewallPolicyRequestProtectionRulesProtectionCapabilitiesVersion)
                            .actionName(webAppFirewallPolicyRequestProtectionRulesProtectionCapabilitiesActionName)
                            .collaborativeActionThreshold(webAppFirewallPolicyRequestProtectionRulesProtectionCapabilitiesCollaborativeActionThreshold)
                            .collaborativeWeights(AppFirewallPolicyRequestProtectionRuleProtectionCapabilityCollaborativeWeightArgs.builder()
                                .key(webAppFirewallPolicyRequestProtectionRulesProtectionCapabilitiesCollaborativeWeightsKey)
                                .weight(webAppFirewallPolicyRequestProtectionRulesProtectionCapabilitiesCollaborativeWeightsWeight)
                                .build())
                            .exclusions(AppFirewallPolicyRequestProtectionRuleProtectionCapabilityExclusionsArgs.builder()
                                .args(webAppFirewallPolicyRequestProtectionRulesProtectionCapabilitiesExclusionsArgs)
                                .requestCookies(webAppFirewallPolicyRequestProtectionRulesProtectionCapabilitiesExclusionsRequestCookies)
                                .build())
                            .build())
                        .type(webAppFirewallPolicyRequestProtectionRulesType)
                        .condition(webAppFirewallPolicyRequestProtectionRulesCondition)
                        .conditionLanguage(webAppFirewallPolicyRequestProtectionRulesConditionLanguage)
                        .isBodyInspectionEnabled(webAppFirewallPolicyRequestProtectionRulesIsBodyInspectionEnabled)
                        .protectionCapabilitySettings(AppFirewallPolicyRequestProtectionRuleProtectionCapabilitySettingsArgs.builder()
                            .allowedHttpMethods(webAppFirewallPolicyRequestProtectionRulesProtectionCapabilitySettingsAllowedHttpMethods)
                            .maxHttpRequestHeaderLength(webAppFirewallPolicyRequestProtectionRulesProtectionCapabilitySettingsMaxHttpRequestHeaderLength)
                            .maxHttpRequestHeaders(webAppFirewallPolicyRequestProtectionRulesProtectionCapabilitySettingsMaxHttpRequestHeaders)
                            .maxNumberOfArguments(webAppFirewallPolicyRequestProtectionRulesProtectionCapabilitySettingsMaxNumberOfArguments)
                            .maxSingleArgumentLength(webAppFirewallPolicyRequestProtectionRulesProtectionCapabilitySettingsMaxSingleArgumentLength)
                            .maxTotalArgumentLength(webAppFirewallPolicyRequestProtectionRulesProtectionCapabilitySettingsMaxTotalArgumentLength)
                            .build())
                        .build())
                    .build())
                .requestRateLimiting(AppFirewallPolicyRequestRateLimitingArgs.builder()
                    .rules(AppFirewallPolicyRequestRateLimitingRuleArgs.builder()
                        .actionName(webAppFirewallPolicyRequestRateLimitingRulesActionName)
                        .configurations(AppFirewallPolicyRequestRateLimitingRuleConfigurationArgs.builder()
                            .periodInSeconds(webAppFirewallPolicyRequestRateLimitingRulesConfigurationsPeriodInSeconds)
                            .requestsLimit(webAppFirewallPolicyRequestRateLimitingRulesConfigurationsRequestsLimit)
                            .actionDurationInSeconds(webAppFirewallPolicyRequestRateLimitingRulesConfigurationsActionDurationInSeconds)
                            .build())
                        .name(webAppFirewallPolicyRequestRateLimitingRulesName)
                        .type(webAppFirewallPolicyRequestRateLimitingRulesType)
                        .condition(webAppFirewallPolicyRequestRateLimitingRulesCondition)
                        .conditionLanguage(webAppFirewallPolicyRequestRateLimitingRulesConditionLanguage)
                        .build())
                    .build())
                .responseAccessControl(AppFirewallPolicyResponseAccessControlArgs.builder()
                    .rules(AppFirewallPolicyResponseAccessControlRuleArgs.builder()
                        .actionName(webAppFirewallPolicyResponseAccessControlRulesActionName)
                        .name(webAppFirewallPolicyResponseAccessControlRulesName)
                        .type(webAppFirewallPolicyResponseAccessControlRulesType)
                        .condition(webAppFirewallPolicyResponseAccessControlRulesCondition)
                        .conditionLanguage(webAppFirewallPolicyResponseAccessControlRulesConditionLanguage)
                        .build())
                    .build())
                .responseProtection(AppFirewallPolicyResponseProtectionArgs.builder()
                    .rules(AppFirewallPolicyResponseProtectionRuleArgs.builder()
                        .actionName(webAppFirewallPolicyResponseProtectionRulesActionName)
                        .name(webAppFirewallPolicyResponseProtectionRulesName)
                        .protectionCapabilities(AppFirewallPolicyResponseProtectionRuleProtectionCapabilityArgs.builder()
                            .key(webAppFirewallPolicyResponseProtectionRulesProtectionCapabilitiesKey)
                            .version(webAppFirewallPolicyResponseProtectionRulesProtectionCapabilitiesVersion)
                            .actionName(webAppFirewallPolicyResponseProtectionRulesProtectionCapabilitiesActionName)
                            .collaborativeActionThreshold(webAppFirewallPolicyResponseProtectionRulesProtectionCapabilitiesCollaborativeActionThreshold)
                            .collaborativeWeights(AppFirewallPolicyResponseProtectionRuleProtectionCapabilityCollaborativeWeightArgs.builder()
                                .key(webAppFirewallPolicyResponseProtectionRulesProtectionCapabilitiesCollaborativeWeightsKey)
                                .weight(webAppFirewallPolicyResponseProtectionRulesProtectionCapabilitiesCollaborativeWeightsWeight)
                                .build())
                            .exclusions(AppFirewallPolicyResponseProtectionRuleProtectionCapabilityExclusionsArgs.builder()
                                .args(webAppFirewallPolicyResponseProtectionRulesProtectionCapabilitiesExclusionsArgs)
                                .requestCookies(webAppFirewallPolicyResponseProtectionRulesProtectionCapabilitiesExclusionsRequestCookies)
                                .build())
                            .build())
                        .type(webAppFirewallPolicyResponseProtectionRulesType)
                        .condition(webAppFirewallPolicyResponseProtectionRulesCondition)
                        .conditionLanguage(webAppFirewallPolicyResponseProtectionRulesConditionLanguage)
                        .isBodyInspectionEnabled(webAppFirewallPolicyResponseProtectionRulesIsBodyInspectionEnabled)
                        .protectionCapabilitySettings(AppFirewallPolicyResponseProtectionRuleProtectionCapabilitySettingsArgs.builder()
                            .allowedHttpMethods(webAppFirewallPolicyResponseProtectionRulesProtectionCapabilitySettingsAllowedHttpMethods)
                            .maxHttpRequestHeaderLength(webAppFirewallPolicyResponseProtectionRulesProtectionCapabilitySettingsMaxHttpRequestHeaderLength)
                            .maxHttpRequestHeaders(webAppFirewallPolicyResponseProtectionRulesProtectionCapabilitySettingsMaxHttpRequestHeaders)
                            .maxNumberOfArguments(webAppFirewallPolicyResponseProtectionRulesProtectionCapabilitySettingsMaxNumberOfArguments)
                            .maxSingleArgumentLength(webAppFirewallPolicyResponseProtectionRulesProtectionCapabilitySettingsMaxSingleArgumentLength)
                            .maxTotalArgumentLength(webAppFirewallPolicyResponseProtectionRulesProtectionCapabilitySettingsMaxTotalArgumentLength)
                            .build())
                        .build())
                    .build())
                .systemTags(webAppFirewallPolicySystemTags)
                .build());
    
        }
    }
    
    resources:
      testWebAppFirewallPolicy:
        type: oci:Waf:AppFirewallPolicy
        name: test_web_app_firewall_policy
        properties:
          compartmentId: ${compartmentId}
          actions:
            - name: ${webAppFirewallPolicyActionsName}
              type: ${webAppFirewallPolicyActionsType}
              body:
                text: ${webAppFirewallPolicyActionsBodyText}
                type: ${webAppFirewallPolicyActionsBodyType}
              code: ${webAppFirewallPolicyActionsCode}
              headers:
                - name: ${webAppFirewallPolicyActionsHeadersName}
                  value: ${webAppFirewallPolicyActionsHeadersValue}
          definedTags:
            foo-namespace.bar-key: value
          displayName: ${webAppFirewallPolicyDisplayName}
          freeformTags:
            bar-key: value
          requestAccessControl:
            defaultActionName: ${webAppFirewallPolicyRequestAccessControlDefaultActionName}
            rules:
              - actionName: ${webAppFirewallPolicyRequestAccessControlRulesActionName}
                name: ${webAppFirewallPolicyRequestAccessControlRulesName}
                type: ${webAppFirewallPolicyRequestAccessControlRulesType}
                condition: ${webAppFirewallPolicyRequestAccessControlRulesCondition}
                conditionLanguage: ${webAppFirewallPolicyRequestAccessControlRulesConditionLanguage}
          requestProtection:
            bodyInspectionSizeLimitExceededActionName: ${webAppFirewallPolicyRequestProtectionBodyInspectionSizeLimitExceededActionName}
            bodyInspectionSizeLimitInBytes: ${webAppFirewallPolicyRequestProtectionBodyInspectionSizeLimitInBytes}
            rules:
              - actionName: ${webAppFirewallPolicyRequestProtectionRulesActionName}
                name: ${webAppFirewallPolicyRequestProtectionRulesName}
                protectionCapabilities:
                  - key: ${webAppFirewallPolicyRequestProtectionRulesProtectionCapabilitiesKey}
                    version: ${webAppFirewallPolicyRequestProtectionRulesProtectionCapabilitiesVersion}
                    actionName: ${webAppFirewallPolicyRequestProtectionRulesProtectionCapabilitiesActionName}
                    collaborativeActionThreshold: ${webAppFirewallPolicyRequestProtectionRulesProtectionCapabilitiesCollaborativeActionThreshold}
                    collaborativeWeights:
                      - key: ${webAppFirewallPolicyRequestProtectionRulesProtectionCapabilitiesCollaborativeWeightsKey}
                        weight: ${webAppFirewallPolicyRequestProtectionRulesProtectionCapabilitiesCollaborativeWeightsWeight}
                    exclusions:
                      args: ${webAppFirewallPolicyRequestProtectionRulesProtectionCapabilitiesExclusionsArgs}
                      requestCookies: ${webAppFirewallPolicyRequestProtectionRulesProtectionCapabilitiesExclusionsRequestCookies}
                type: ${webAppFirewallPolicyRequestProtectionRulesType}
                condition: ${webAppFirewallPolicyRequestProtectionRulesCondition}
                conditionLanguage: ${webAppFirewallPolicyRequestProtectionRulesConditionLanguage}
                isBodyInspectionEnabled: ${webAppFirewallPolicyRequestProtectionRulesIsBodyInspectionEnabled}
                protectionCapabilitySettings:
                  allowedHttpMethods: ${webAppFirewallPolicyRequestProtectionRulesProtectionCapabilitySettingsAllowedHttpMethods}
                  maxHttpRequestHeaderLength: ${webAppFirewallPolicyRequestProtectionRulesProtectionCapabilitySettingsMaxHttpRequestHeaderLength}
                  maxHttpRequestHeaders: ${webAppFirewallPolicyRequestProtectionRulesProtectionCapabilitySettingsMaxHttpRequestHeaders}
                  maxNumberOfArguments: ${webAppFirewallPolicyRequestProtectionRulesProtectionCapabilitySettingsMaxNumberOfArguments}
                  maxSingleArgumentLength: ${webAppFirewallPolicyRequestProtectionRulesProtectionCapabilitySettingsMaxSingleArgumentLength}
                  maxTotalArgumentLength: ${webAppFirewallPolicyRequestProtectionRulesProtectionCapabilitySettingsMaxTotalArgumentLength}
          requestRateLimiting:
            rules:
              - actionName: ${webAppFirewallPolicyRequestRateLimitingRulesActionName}
                configurations:
                  - periodInSeconds: ${webAppFirewallPolicyRequestRateLimitingRulesConfigurationsPeriodInSeconds}
                    requestsLimit: ${webAppFirewallPolicyRequestRateLimitingRulesConfigurationsRequestsLimit}
                    actionDurationInSeconds: ${webAppFirewallPolicyRequestRateLimitingRulesConfigurationsActionDurationInSeconds}
                name: ${webAppFirewallPolicyRequestRateLimitingRulesName}
                type: ${webAppFirewallPolicyRequestRateLimitingRulesType}
                condition: ${webAppFirewallPolicyRequestRateLimitingRulesCondition}
                conditionLanguage: ${webAppFirewallPolicyRequestRateLimitingRulesConditionLanguage}
          responseAccessControl:
            rules:
              - actionName: ${webAppFirewallPolicyResponseAccessControlRulesActionName}
                name: ${webAppFirewallPolicyResponseAccessControlRulesName}
                type: ${webAppFirewallPolicyResponseAccessControlRulesType}
                condition: ${webAppFirewallPolicyResponseAccessControlRulesCondition}
                conditionLanguage: ${webAppFirewallPolicyResponseAccessControlRulesConditionLanguage}
          responseProtection:
            rules:
              - actionName: ${webAppFirewallPolicyResponseProtectionRulesActionName}
                name: ${webAppFirewallPolicyResponseProtectionRulesName}
                protectionCapabilities:
                  - key: ${webAppFirewallPolicyResponseProtectionRulesProtectionCapabilitiesKey}
                    version: ${webAppFirewallPolicyResponseProtectionRulesProtectionCapabilitiesVersion}
                    actionName: ${webAppFirewallPolicyResponseProtectionRulesProtectionCapabilitiesActionName}
                    collaborativeActionThreshold: ${webAppFirewallPolicyResponseProtectionRulesProtectionCapabilitiesCollaborativeActionThreshold}
                    collaborativeWeights:
                      - key: ${webAppFirewallPolicyResponseProtectionRulesProtectionCapabilitiesCollaborativeWeightsKey}
                        weight: ${webAppFirewallPolicyResponseProtectionRulesProtectionCapabilitiesCollaborativeWeightsWeight}
                    exclusions:
                      args: ${webAppFirewallPolicyResponseProtectionRulesProtectionCapabilitiesExclusionsArgs}
                      requestCookies: ${webAppFirewallPolicyResponseProtectionRulesProtectionCapabilitiesExclusionsRequestCookies}
                type: ${webAppFirewallPolicyResponseProtectionRulesType}
                condition: ${webAppFirewallPolicyResponseProtectionRulesCondition}
                conditionLanguage: ${webAppFirewallPolicyResponseProtectionRulesConditionLanguage}
                isBodyInspectionEnabled: ${webAppFirewallPolicyResponseProtectionRulesIsBodyInspectionEnabled}
                protectionCapabilitySettings:
                  allowedHttpMethods: ${webAppFirewallPolicyResponseProtectionRulesProtectionCapabilitySettingsAllowedHttpMethods}
                  maxHttpRequestHeaderLength: ${webAppFirewallPolicyResponseProtectionRulesProtectionCapabilitySettingsMaxHttpRequestHeaderLength}
                  maxHttpRequestHeaders: ${webAppFirewallPolicyResponseProtectionRulesProtectionCapabilitySettingsMaxHttpRequestHeaders}
                  maxNumberOfArguments: ${webAppFirewallPolicyResponseProtectionRulesProtectionCapabilitySettingsMaxNumberOfArguments}
                  maxSingleArgumentLength: ${webAppFirewallPolicyResponseProtectionRulesProtectionCapabilitySettingsMaxSingleArgumentLength}
                  maxTotalArgumentLength: ${webAppFirewallPolicyResponseProtectionRulesProtectionCapabilitySettingsMaxTotalArgumentLength}
          systemTags: ${webAppFirewallPolicySystemTags}
    

    Create AppFirewallPolicy Resource

    Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.

    Constructor syntax

    new AppFirewallPolicy(name: string, args: AppFirewallPolicyArgs, opts?: CustomResourceOptions);
    @overload
    def AppFirewallPolicy(resource_name: str,
                          args: AppFirewallPolicyArgs,
                          opts: Optional[ResourceOptions] = None)
    
    @overload
    def AppFirewallPolicy(resource_name: str,
                          opts: Optional[ResourceOptions] = None,
                          compartment_id: Optional[str] = None,
                          actions: Optional[Sequence[_waf.AppFirewallPolicyActionArgs]] = None,
                          defined_tags: Optional[Mapping[str, str]] = None,
                          display_name: Optional[str] = None,
                          freeform_tags: Optional[Mapping[str, str]] = None,
                          request_access_control: Optional[_waf.AppFirewallPolicyRequestAccessControlArgs] = None,
                          request_protection: Optional[_waf.AppFirewallPolicyRequestProtectionArgs] = None,
                          request_rate_limiting: Optional[_waf.AppFirewallPolicyRequestRateLimitingArgs] = None,
                          response_access_control: Optional[_waf.AppFirewallPolicyResponseAccessControlArgs] = None,
                          response_protection: Optional[_waf.AppFirewallPolicyResponseProtectionArgs] = None,
                          system_tags: Optional[Mapping[str, str]] = None)
    func NewAppFirewallPolicy(ctx *Context, name string, args AppFirewallPolicyArgs, opts ...ResourceOption) (*AppFirewallPolicy, error)
    public AppFirewallPolicy(string name, AppFirewallPolicyArgs args, CustomResourceOptions? opts = null)
    public AppFirewallPolicy(String name, AppFirewallPolicyArgs args)
    public AppFirewallPolicy(String name, AppFirewallPolicyArgs args, CustomResourceOptions options)
    
    type: oci:Waf:AppFirewallPolicy
    properties: # The arguments to resource properties.
    options: # Bag of options to control resource's behavior.
    
    

    Parameters

    name string
    The unique name of the resource.
    args AppFirewallPolicyArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    resource_name str
    The unique name of the resource.
    args AppFirewallPolicyArgs
    The arguments to resource properties.
    opts ResourceOptions
    Bag of options to control resource's behavior.
    ctx Context
    Context object for the current deployment.
    name string
    The unique name of the resource.
    args AppFirewallPolicyArgs
    The arguments to resource properties.
    opts ResourceOption
    Bag of options to control resource's behavior.
    name string
    The unique name of the resource.
    args AppFirewallPolicyArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    name String
    The unique name of the resource.
    args AppFirewallPolicyArgs
    The arguments to resource properties.
    options CustomResourceOptions
    Bag of options to control resource's behavior.

    Constructor example

    The following reference example uses placeholder values for all input properties.

    var appFirewallPolicyResource = new Oci.Waf.AppFirewallPolicy("appFirewallPolicyResource", new()
    {
        CompartmentId = "string",
        Actions = new[]
        {
            new Oci.Waf.Inputs.AppFirewallPolicyActionArgs
            {
                Name = "string",
                Type = "string",
                Body = new Oci.Waf.Inputs.AppFirewallPolicyActionBodyArgs
                {
                    Type = "string",
                    Template = "string",
                    Text = "string",
                },
                Code = 0,
                Headers = new[]
                {
                    new Oci.Waf.Inputs.AppFirewallPolicyActionHeaderArgs
                    {
                        Name = "string",
                        Value = "string",
                    },
                },
            },
        },
        DefinedTags = 
        {
            { "string", "string" },
        },
        DisplayName = "string",
        FreeformTags = 
        {
            { "string", "string" },
        },
        RequestAccessControl = new Oci.Waf.Inputs.AppFirewallPolicyRequestAccessControlArgs
        {
            DefaultActionName = "string",
            Rules = new[]
            {
                new Oci.Waf.Inputs.AppFirewallPolicyRequestAccessControlRuleArgs
                {
                    ActionName = "string",
                    Name = "string",
                    Type = "string",
                    Condition = "string",
                    ConditionLanguage = "string",
                },
            },
        },
        RequestProtection = new Oci.Waf.Inputs.AppFirewallPolicyRequestProtectionArgs
        {
            BodyInspectionSizeLimitExceededActionName = "string",
            BodyInspectionSizeLimitInBytes = 0,
            Rules = new[]
            {
                new Oci.Waf.Inputs.AppFirewallPolicyRequestProtectionRuleArgs
                {
                    ActionName = "string",
                    Name = "string",
                    ProtectionCapabilities = new[]
                    {
                        new Oci.Waf.Inputs.AppFirewallPolicyRequestProtectionRuleProtectionCapabilityArgs
                        {
                            Key = "string",
                            Version = 0,
                            ActionName = "string",
                            CollaborativeActionThreshold = 0,
                            CollaborativeWeights = new[]
                            {
                                new Oci.Waf.Inputs.AppFirewallPolicyRequestProtectionRuleProtectionCapabilityCollaborativeWeightArgs
                                {
                                    Key = "string",
                                    Weight = 0,
                                },
                            },
                            Exclusions = new Oci.Waf.Inputs.AppFirewallPolicyRequestProtectionRuleProtectionCapabilityExclusionsArgs
                            {
                                Args = new[]
                                {
                                    "string",
                                },
                                RequestCookies = new[]
                                {
                                    "string",
                                },
                            },
                        },
                    },
                    Type = "string",
                    Condition = "string",
                    ConditionLanguage = "string",
                    IsBodyInspectionEnabled = false,
                    ProtectionCapabilitySettings = new Oci.Waf.Inputs.AppFirewallPolicyRequestProtectionRuleProtectionCapabilitySettingsArgs
                    {
                        AllowedHttpMethods = new[]
                        {
                            "string",
                        },
                        MaxHttpRequestHeaderLength = 0,
                        MaxHttpRequestHeaders = 0,
                        MaxNumberOfArguments = 0,
                        MaxSingleArgumentLength = 0,
                        MaxTotalArgumentLength = 0,
                    },
                },
            },
        },
        RequestRateLimiting = new Oci.Waf.Inputs.AppFirewallPolicyRequestRateLimitingArgs
        {
            Rules = new[]
            {
                new Oci.Waf.Inputs.AppFirewallPolicyRequestRateLimitingRuleArgs
                {
                    ActionName = "string",
                    Configurations = new[]
                    {
                        new Oci.Waf.Inputs.AppFirewallPolicyRequestRateLimitingRuleConfigurationArgs
                        {
                            PeriodInSeconds = 0,
                            RequestsLimit = 0,
                            ActionDurationInSeconds = 0,
                        },
                    },
                    Name = "string",
                    Type = "string",
                    Condition = "string",
                    ConditionLanguage = "string",
                },
            },
        },
        ResponseAccessControl = new Oci.Waf.Inputs.AppFirewallPolicyResponseAccessControlArgs
        {
            Rules = new[]
            {
                new Oci.Waf.Inputs.AppFirewallPolicyResponseAccessControlRuleArgs
                {
                    ActionName = "string",
                    Name = "string",
                    Type = "string",
                    Condition = "string",
                    ConditionLanguage = "string",
                },
            },
        },
        ResponseProtection = new Oci.Waf.Inputs.AppFirewallPolicyResponseProtectionArgs
        {
            Rules = new[]
            {
                new Oci.Waf.Inputs.AppFirewallPolicyResponseProtectionRuleArgs
                {
                    ActionName = "string",
                    Name = "string",
                    ProtectionCapabilities = new[]
                    {
                        new Oci.Waf.Inputs.AppFirewallPolicyResponseProtectionRuleProtectionCapabilityArgs
                        {
                            Key = "string",
                            Version = 0,
                            ActionName = "string",
                            CollaborativeActionThreshold = 0,
                            CollaborativeWeights = new[]
                            {
                                new Oci.Waf.Inputs.AppFirewallPolicyResponseProtectionRuleProtectionCapabilityCollaborativeWeightArgs
                                {
                                    Key = "string",
                                    Weight = 0,
                                },
                            },
                            Exclusions = new Oci.Waf.Inputs.AppFirewallPolicyResponseProtectionRuleProtectionCapabilityExclusionsArgs
                            {
                                Args = new[]
                                {
                                    "string",
                                },
                                RequestCookies = new[]
                                {
                                    "string",
                                },
                            },
                        },
                    },
                    Type = "string",
                    Condition = "string",
                    ConditionLanguage = "string",
                    IsBodyInspectionEnabled = false,
                    ProtectionCapabilitySettings = new Oci.Waf.Inputs.AppFirewallPolicyResponseProtectionRuleProtectionCapabilitySettingsArgs
                    {
                        AllowedHttpMethods = new[]
                        {
                            "string",
                        },
                        MaxHttpRequestHeaderLength = 0,
                        MaxHttpRequestHeaders = 0,
                        MaxNumberOfArguments = 0,
                        MaxSingleArgumentLength = 0,
                        MaxTotalArgumentLength = 0,
                    },
                },
            },
        },
        SystemTags = 
        {
            { "string", "string" },
        },
    });
    
    example, err := Waf.NewAppFirewallPolicy(ctx, "appFirewallPolicyResource", &Waf.AppFirewallPolicyArgs{
    	CompartmentId: pulumi.String("string"),
    	Actions: waf.AppFirewallPolicyActionArray{
    		&waf.AppFirewallPolicyActionArgs{
    			Name: pulumi.String("string"),
    			Type: pulumi.String("string"),
    			Body: &waf.AppFirewallPolicyActionBodyArgs{
    				Type:     pulumi.String("string"),
    				Template: pulumi.String("string"),
    				Text:     pulumi.String("string"),
    			},
    			Code: pulumi.Int(0),
    			Headers: waf.AppFirewallPolicyActionHeaderArray{
    				&waf.AppFirewallPolicyActionHeaderArgs{
    					Name:  pulumi.String("string"),
    					Value: pulumi.String("string"),
    				},
    			},
    		},
    	},
    	DefinedTags: pulumi.StringMap{
    		"string": pulumi.String("string"),
    	},
    	DisplayName: pulumi.String("string"),
    	FreeformTags: pulumi.StringMap{
    		"string": pulumi.String("string"),
    	},
    	RequestAccessControl: &waf.AppFirewallPolicyRequestAccessControlArgs{
    		DefaultActionName: pulumi.String("string"),
    		Rules: waf.AppFirewallPolicyRequestAccessControlRuleArray{
    			&waf.AppFirewallPolicyRequestAccessControlRuleArgs{
    				ActionName:        pulumi.String("string"),
    				Name:              pulumi.String("string"),
    				Type:              pulumi.String("string"),
    				Condition:         pulumi.String("string"),
    				ConditionLanguage: pulumi.String("string"),
    			},
    		},
    	},
    	RequestProtection: &waf.AppFirewallPolicyRequestProtectionArgs{
    		BodyInspectionSizeLimitExceededActionName: pulumi.String("string"),
    		BodyInspectionSizeLimitInBytes:            pulumi.Int(0),
    		Rules: waf.AppFirewallPolicyRequestProtectionRuleArray{
    			&waf.AppFirewallPolicyRequestProtectionRuleArgs{
    				ActionName: pulumi.String("string"),
    				Name:       pulumi.String("string"),
    				ProtectionCapabilities: waf.AppFirewallPolicyRequestProtectionRuleProtectionCapabilityArray{
    					&waf.AppFirewallPolicyRequestProtectionRuleProtectionCapabilityArgs{
    						Key:                          pulumi.String("string"),
    						Version:                      pulumi.Int(0),
    						ActionName:                   pulumi.String("string"),
    						CollaborativeActionThreshold: pulumi.Int(0),
    						CollaborativeWeights: waf.AppFirewallPolicyRequestProtectionRuleProtectionCapabilityCollaborativeWeightArray{
    							&waf.AppFirewallPolicyRequestProtectionRuleProtectionCapabilityCollaborativeWeightArgs{
    								Key:    pulumi.String("string"),
    								Weight: pulumi.Int(0),
    							},
    						},
    						Exclusions: &waf.AppFirewallPolicyRequestProtectionRuleProtectionCapabilityExclusionsArgs{
    							Args: pulumi.StringArray{
    								pulumi.String("string"),
    							},
    							RequestCookies: pulumi.StringArray{
    								pulumi.String("string"),
    							},
    						},
    					},
    				},
    				Type:                    pulumi.String("string"),
    				Condition:               pulumi.String("string"),
    				ConditionLanguage:       pulumi.String("string"),
    				IsBodyInspectionEnabled: pulumi.Bool(false),
    				ProtectionCapabilitySettings: &waf.AppFirewallPolicyRequestProtectionRuleProtectionCapabilitySettingsArgs{
    					AllowedHttpMethods: pulumi.StringArray{
    						pulumi.String("string"),
    					},
    					MaxHttpRequestHeaderLength: pulumi.Int(0),
    					MaxHttpRequestHeaders:      pulumi.Int(0),
    					MaxNumberOfArguments:       pulumi.Int(0),
    					MaxSingleArgumentLength:    pulumi.Int(0),
    					MaxTotalArgumentLength:     pulumi.Int(0),
    				},
    			},
    		},
    	},
    	RequestRateLimiting: &waf.AppFirewallPolicyRequestRateLimitingArgs{
    		Rules: waf.AppFirewallPolicyRequestRateLimitingRuleArray{
    			&waf.AppFirewallPolicyRequestRateLimitingRuleArgs{
    				ActionName: pulumi.String("string"),
    				Configurations: waf.AppFirewallPolicyRequestRateLimitingRuleConfigurationArray{
    					&waf.AppFirewallPolicyRequestRateLimitingRuleConfigurationArgs{
    						PeriodInSeconds:         pulumi.Int(0),
    						RequestsLimit:           pulumi.Int(0),
    						ActionDurationInSeconds: pulumi.Int(0),
    					},
    				},
    				Name:              pulumi.String("string"),
    				Type:              pulumi.String("string"),
    				Condition:         pulumi.String("string"),
    				ConditionLanguage: pulumi.String("string"),
    			},
    		},
    	},
    	ResponseAccessControl: &waf.AppFirewallPolicyResponseAccessControlArgs{
    		Rules: waf.AppFirewallPolicyResponseAccessControlRuleArray{
    			&waf.AppFirewallPolicyResponseAccessControlRuleArgs{
    				ActionName:        pulumi.String("string"),
    				Name:              pulumi.String("string"),
    				Type:              pulumi.String("string"),
    				Condition:         pulumi.String("string"),
    				ConditionLanguage: pulumi.String("string"),
    			},
    		},
    	},
    	ResponseProtection: &waf.AppFirewallPolicyResponseProtectionArgs{
    		Rules: waf.AppFirewallPolicyResponseProtectionRuleArray{
    			&waf.AppFirewallPolicyResponseProtectionRuleArgs{
    				ActionName: pulumi.String("string"),
    				Name:       pulumi.String("string"),
    				ProtectionCapabilities: waf.AppFirewallPolicyResponseProtectionRuleProtectionCapabilityArray{
    					&waf.AppFirewallPolicyResponseProtectionRuleProtectionCapabilityArgs{
    						Key:                          pulumi.String("string"),
    						Version:                      pulumi.Int(0),
    						ActionName:                   pulumi.String("string"),
    						CollaborativeActionThreshold: pulumi.Int(0),
    						CollaborativeWeights: waf.AppFirewallPolicyResponseProtectionRuleProtectionCapabilityCollaborativeWeightArray{
    							&waf.AppFirewallPolicyResponseProtectionRuleProtectionCapabilityCollaborativeWeightArgs{
    								Key:    pulumi.String("string"),
    								Weight: pulumi.Int(0),
    							},
    						},
    						Exclusions: &waf.AppFirewallPolicyResponseProtectionRuleProtectionCapabilityExclusionsArgs{
    							Args: pulumi.StringArray{
    								pulumi.String("string"),
    							},
    							RequestCookies: pulumi.StringArray{
    								pulumi.String("string"),
    							},
    						},
    					},
    				},
    				Type:                    pulumi.String("string"),
    				Condition:               pulumi.String("string"),
    				ConditionLanguage:       pulumi.String("string"),
    				IsBodyInspectionEnabled: pulumi.Bool(false),
    				ProtectionCapabilitySettings: &waf.AppFirewallPolicyResponseProtectionRuleProtectionCapabilitySettingsArgs{
    					AllowedHttpMethods: pulumi.StringArray{
    						pulumi.String("string"),
    					},
    					MaxHttpRequestHeaderLength: pulumi.Int(0),
    					MaxHttpRequestHeaders:      pulumi.Int(0),
    					MaxNumberOfArguments:       pulumi.Int(0),
    					MaxSingleArgumentLength:    pulumi.Int(0),
    					MaxTotalArgumentLength:     pulumi.Int(0),
    				},
    			},
    		},
    	},
    	SystemTags: pulumi.StringMap{
    		"string": pulumi.String("string"),
    	},
    })
    
    var appFirewallPolicyResource = new AppFirewallPolicy("appFirewallPolicyResource", AppFirewallPolicyArgs.builder()
        .compartmentId("string")
        .actions(AppFirewallPolicyActionArgs.builder()
            .name("string")
            .type("string")
            .body(AppFirewallPolicyActionBodyArgs.builder()
                .type("string")
                .template("string")
                .text("string")
                .build())
            .code(0)
            .headers(AppFirewallPolicyActionHeaderArgs.builder()
                .name("string")
                .value("string")
                .build())
            .build())
        .definedTags(Map.of("string", "string"))
        .displayName("string")
        .freeformTags(Map.of("string", "string"))
        .requestAccessControl(AppFirewallPolicyRequestAccessControlArgs.builder()
            .defaultActionName("string")
            .rules(AppFirewallPolicyRequestAccessControlRuleArgs.builder()
                .actionName("string")
                .name("string")
                .type("string")
                .condition("string")
                .conditionLanguage("string")
                .build())
            .build())
        .requestProtection(AppFirewallPolicyRequestProtectionArgs.builder()
            .bodyInspectionSizeLimitExceededActionName("string")
            .bodyInspectionSizeLimitInBytes(0)
            .rules(AppFirewallPolicyRequestProtectionRuleArgs.builder()
                .actionName("string")
                .name("string")
                .protectionCapabilities(AppFirewallPolicyRequestProtectionRuleProtectionCapabilityArgs.builder()
                    .key("string")
                    .version(0)
                    .actionName("string")
                    .collaborativeActionThreshold(0)
                    .collaborativeWeights(AppFirewallPolicyRequestProtectionRuleProtectionCapabilityCollaborativeWeightArgs.builder()
                        .key("string")
                        .weight(0)
                        .build())
                    .exclusions(AppFirewallPolicyRequestProtectionRuleProtectionCapabilityExclusionsArgs.builder()
                        .args("string")
                        .requestCookies("string")
                        .build())
                    .build())
                .type("string")
                .condition("string")
                .conditionLanguage("string")
                .isBodyInspectionEnabled(false)
                .protectionCapabilitySettings(AppFirewallPolicyRequestProtectionRuleProtectionCapabilitySettingsArgs.builder()
                    .allowedHttpMethods("string")
                    .maxHttpRequestHeaderLength(0)
                    .maxHttpRequestHeaders(0)
                    .maxNumberOfArguments(0)
                    .maxSingleArgumentLength(0)
                    .maxTotalArgumentLength(0)
                    .build())
                .build())
            .build())
        .requestRateLimiting(AppFirewallPolicyRequestRateLimitingArgs.builder()
            .rules(AppFirewallPolicyRequestRateLimitingRuleArgs.builder()
                .actionName("string")
                .configurations(AppFirewallPolicyRequestRateLimitingRuleConfigurationArgs.builder()
                    .periodInSeconds(0)
                    .requestsLimit(0)
                    .actionDurationInSeconds(0)
                    .build())
                .name("string")
                .type("string")
                .condition("string")
                .conditionLanguage("string")
                .build())
            .build())
        .responseAccessControl(AppFirewallPolicyResponseAccessControlArgs.builder()
            .rules(AppFirewallPolicyResponseAccessControlRuleArgs.builder()
                .actionName("string")
                .name("string")
                .type("string")
                .condition("string")
                .conditionLanguage("string")
                .build())
            .build())
        .responseProtection(AppFirewallPolicyResponseProtectionArgs.builder()
            .rules(AppFirewallPolicyResponseProtectionRuleArgs.builder()
                .actionName("string")
                .name("string")
                .protectionCapabilities(AppFirewallPolicyResponseProtectionRuleProtectionCapabilityArgs.builder()
                    .key("string")
                    .version(0)
                    .actionName("string")
                    .collaborativeActionThreshold(0)
                    .collaborativeWeights(AppFirewallPolicyResponseProtectionRuleProtectionCapabilityCollaborativeWeightArgs.builder()
                        .key("string")
                        .weight(0)
                        .build())
                    .exclusions(AppFirewallPolicyResponseProtectionRuleProtectionCapabilityExclusionsArgs.builder()
                        .args("string")
                        .requestCookies("string")
                        .build())
                    .build())
                .type("string")
                .condition("string")
                .conditionLanguage("string")
                .isBodyInspectionEnabled(false)
                .protectionCapabilitySettings(AppFirewallPolicyResponseProtectionRuleProtectionCapabilitySettingsArgs.builder()
                    .allowedHttpMethods("string")
                    .maxHttpRequestHeaderLength(0)
                    .maxHttpRequestHeaders(0)
                    .maxNumberOfArguments(0)
                    .maxSingleArgumentLength(0)
                    .maxTotalArgumentLength(0)
                    .build())
                .build())
            .build())
        .systemTags(Map.of("string", "string"))
        .build());
    
    app_firewall_policy_resource = oci.waf.AppFirewallPolicy("appFirewallPolicyResource",
        compartment_id="string",
        actions=[{
            "name": "string",
            "type": "string",
            "body": {
                "type": "string",
                "template": "string",
                "text": "string",
            },
            "code": 0,
            "headers": [{
                "name": "string",
                "value": "string",
            }],
        }],
        defined_tags={
            "string": "string",
        },
        display_name="string",
        freeform_tags={
            "string": "string",
        },
        request_access_control={
            "default_action_name": "string",
            "rules": [{
                "action_name": "string",
                "name": "string",
                "type": "string",
                "condition": "string",
                "condition_language": "string",
            }],
        },
        request_protection={
            "body_inspection_size_limit_exceeded_action_name": "string",
            "body_inspection_size_limit_in_bytes": 0,
            "rules": [{
                "action_name": "string",
                "name": "string",
                "protection_capabilities": [{
                    "key": "string",
                    "version": 0,
                    "action_name": "string",
                    "collaborative_action_threshold": 0,
                    "collaborative_weights": [{
                        "key": "string",
                        "weight": 0,
                    }],
                    "exclusions": {
                        "args": ["string"],
                        "request_cookies": ["string"],
                    },
                }],
                "type": "string",
                "condition": "string",
                "condition_language": "string",
                "is_body_inspection_enabled": False,
                "protection_capability_settings": {
                    "allowed_http_methods": ["string"],
                    "max_http_request_header_length": 0,
                    "max_http_request_headers": 0,
                    "max_number_of_arguments": 0,
                    "max_single_argument_length": 0,
                    "max_total_argument_length": 0,
                },
            }],
        },
        request_rate_limiting={
            "rules": [{
                "action_name": "string",
                "configurations": [{
                    "period_in_seconds": 0,
                    "requests_limit": 0,
                    "action_duration_in_seconds": 0,
                }],
                "name": "string",
                "type": "string",
                "condition": "string",
                "condition_language": "string",
            }],
        },
        response_access_control={
            "rules": [{
                "action_name": "string",
                "name": "string",
                "type": "string",
                "condition": "string",
                "condition_language": "string",
            }],
        },
        response_protection={
            "rules": [{
                "action_name": "string",
                "name": "string",
                "protection_capabilities": [{
                    "key": "string",
                    "version": 0,
                    "action_name": "string",
                    "collaborative_action_threshold": 0,
                    "collaborative_weights": [{
                        "key": "string",
                        "weight": 0,
                    }],
                    "exclusions": {
                        "args": ["string"],
                        "request_cookies": ["string"],
                    },
                }],
                "type": "string",
                "condition": "string",
                "condition_language": "string",
                "is_body_inspection_enabled": False,
                "protection_capability_settings": {
                    "allowed_http_methods": ["string"],
                    "max_http_request_header_length": 0,
                    "max_http_request_headers": 0,
                    "max_number_of_arguments": 0,
                    "max_single_argument_length": 0,
                    "max_total_argument_length": 0,
                },
            }],
        },
        system_tags={
            "string": "string",
        })
    
    const appFirewallPolicyResource = new oci.waf.AppFirewallPolicy("appFirewallPolicyResource", {
        compartmentId: "string",
        actions: [{
            name: "string",
            type: "string",
            body: {
                type: "string",
                template: "string",
                text: "string",
            },
            code: 0,
            headers: [{
                name: "string",
                value: "string",
            }],
        }],
        definedTags: {
            string: "string",
        },
        displayName: "string",
        freeformTags: {
            string: "string",
        },
        requestAccessControl: {
            defaultActionName: "string",
            rules: [{
                actionName: "string",
                name: "string",
                type: "string",
                condition: "string",
                conditionLanguage: "string",
            }],
        },
        requestProtection: {
            bodyInspectionSizeLimitExceededActionName: "string",
            bodyInspectionSizeLimitInBytes: 0,
            rules: [{
                actionName: "string",
                name: "string",
                protectionCapabilities: [{
                    key: "string",
                    version: 0,
                    actionName: "string",
                    collaborativeActionThreshold: 0,
                    collaborativeWeights: [{
                        key: "string",
                        weight: 0,
                    }],
                    exclusions: {
                        args: ["string"],
                        requestCookies: ["string"],
                    },
                }],
                type: "string",
                condition: "string",
                conditionLanguage: "string",
                isBodyInspectionEnabled: false,
                protectionCapabilitySettings: {
                    allowedHttpMethods: ["string"],
                    maxHttpRequestHeaderLength: 0,
                    maxHttpRequestHeaders: 0,
                    maxNumberOfArguments: 0,
                    maxSingleArgumentLength: 0,
                    maxTotalArgumentLength: 0,
                },
            }],
        },
        requestRateLimiting: {
            rules: [{
                actionName: "string",
                configurations: [{
                    periodInSeconds: 0,
                    requestsLimit: 0,
                    actionDurationInSeconds: 0,
                }],
                name: "string",
                type: "string",
                condition: "string",
                conditionLanguage: "string",
            }],
        },
        responseAccessControl: {
            rules: [{
                actionName: "string",
                name: "string",
                type: "string",
                condition: "string",
                conditionLanguage: "string",
            }],
        },
        responseProtection: {
            rules: [{
                actionName: "string",
                name: "string",
                protectionCapabilities: [{
                    key: "string",
                    version: 0,
                    actionName: "string",
                    collaborativeActionThreshold: 0,
                    collaborativeWeights: [{
                        key: "string",
                        weight: 0,
                    }],
                    exclusions: {
                        args: ["string"],
                        requestCookies: ["string"],
                    },
                }],
                type: "string",
                condition: "string",
                conditionLanguage: "string",
                isBodyInspectionEnabled: false,
                protectionCapabilitySettings: {
                    allowedHttpMethods: ["string"],
                    maxHttpRequestHeaderLength: 0,
                    maxHttpRequestHeaders: 0,
                    maxNumberOfArguments: 0,
                    maxSingleArgumentLength: 0,
                    maxTotalArgumentLength: 0,
                },
            }],
        },
        systemTags: {
            string: "string",
        },
    });
    
    type: oci:Waf:AppFirewallPolicy
    properties:
        actions:
            - body:
                template: string
                text: string
                type: string
              code: 0
              headers:
                - name: string
                  value: string
              name: string
              type: string
        compartmentId: string
        definedTags:
            string: string
        displayName: string
        freeformTags:
            string: string
        requestAccessControl:
            defaultActionName: string
            rules:
                - actionName: string
                  condition: string
                  conditionLanguage: string
                  name: string
                  type: string
        requestProtection:
            bodyInspectionSizeLimitExceededActionName: string
            bodyInspectionSizeLimitInBytes: 0
            rules:
                - actionName: string
                  condition: string
                  conditionLanguage: string
                  isBodyInspectionEnabled: false
                  name: string
                  protectionCapabilities:
                    - actionName: string
                      collaborativeActionThreshold: 0
                      collaborativeWeights:
                        - key: string
                          weight: 0
                      exclusions:
                        args:
                            - string
                        requestCookies:
                            - string
                      key: string
                      version: 0
                  protectionCapabilitySettings:
                    allowedHttpMethods:
                        - string
                    maxHttpRequestHeaderLength: 0
                    maxHttpRequestHeaders: 0
                    maxNumberOfArguments: 0
                    maxSingleArgumentLength: 0
                    maxTotalArgumentLength: 0
                  type: string
        requestRateLimiting:
            rules:
                - actionName: string
                  condition: string
                  conditionLanguage: string
                  configurations:
                    - actionDurationInSeconds: 0
                      periodInSeconds: 0
                      requestsLimit: 0
                  name: string
                  type: string
        responseAccessControl:
            rules:
                - actionName: string
                  condition: string
                  conditionLanguage: string
                  name: string
                  type: string
        responseProtection:
            rules:
                - actionName: string
                  condition: string
                  conditionLanguage: string
                  isBodyInspectionEnabled: false
                  name: string
                  protectionCapabilities:
                    - actionName: string
                      collaborativeActionThreshold: 0
                      collaborativeWeights:
                        - key: string
                          weight: 0
                      exclusions:
                        args:
                            - string
                        requestCookies:
                            - string
                      key: string
                      version: 0
                  protectionCapabilitySettings:
                    allowedHttpMethods:
                        - string
                    maxHttpRequestHeaderLength: 0
                    maxHttpRequestHeaders: 0
                    maxNumberOfArguments: 0
                    maxSingleArgumentLength: 0
                    maxTotalArgumentLength: 0
                  type: string
        systemTags:
            string: string
    

    AppFirewallPolicy Resource Properties

    To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

    Inputs

    In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.

    The AppFirewallPolicy resource accepts the following input properties:

    CompartmentId string
    (Updatable) The OCID of the compartment.
    Actions List<AppFirewallPolicyAction>
    (Updatable) Predefined actions for use in multiple different rules. Not all actions are supported in every module. Some actions terminate further execution of modules and rules in a module and some do not. Actions names must be unique within this array.
    DefinedTags Dictionary<string, string>
    (Updatable) Defined tags for this resource. Each key is predefined and scoped to a namespace. Example: {"foo-namespace.bar-key": "value"}
    DisplayName string
    (Updatable) WebAppFirewallPolicy display name, can be renamed.
    FreeformTags Dictionary<string, string>
    (Updatable) Simple key-value pair that is applied without any predefined name, type or scope. Exists for cross-compatibility only. Example: {"bar-key": "value"}
    RequestAccessControl AppFirewallPolicyRequestAccessControl
    (Updatable) Module that allows inspection of HTTP request properties and to return a defined HTTP response. In this module, rules with the name 'Default Action' are not allowed, since this name is reserved for default action logs.
    RequestProtection AppFirewallPolicyRequestProtection
    (Updatable) Module that allows to enable OCI-managed protection capabilities for incoming HTTP requests.
    RequestRateLimiting AppFirewallPolicyRequestRateLimiting
    (Updatable) Module that allows inspection of HTTP connection properties and to limit requests frequency for a given key.
    ResponseAccessControl AppFirewallPolicyResponseAccessControl
    (Updatable) Module that allows inspection of HTTP response properties and to return a defined HTTP response.
    ResponseProtection AppFirewallPolicyResponseProtection
    (Updatable) Module that allows to enable OCI-managed protection capabilities for HTTP responses.
    SystemTags Dictionary<string, string>

    (Updatable) Usage of system tag keys. These predefined keys are scoped to namespaces. Example: {"orcl-cloud.free-tier-retained": "true"}

    ** IMPORTANT ** Any change to a property that does not support update will force the destruction and recreation of the resource with the new property values

    CompartmentId string
    (Updatable) The OCID of the compartment.
    Actions []AppFirewallPolicyActionArgs
    (Updatable) Predefined actions for use in multiple different rules. Not all actions are supported in every module. Some actions terminate further execution of modules and rules in a module and some do not. Actions names must be unique within this array.
    DefinedTags map[string]string
    (Updatable) Defined tags for this resource. Each key is predefined and scoped to a namespace. Example: {"foo-namespace.bar-key": "value"}
    DisplayName string
    (Updatable) WebAppFirewallPolicy display name, can be renamed.
    FreeformTags map[string]string
    (Updatable) Simple key-value pair that is applied without any predefined name, type or scope. Exists for cross-compatibility only. Example: {"bar-key": "value"}
    RequestAccessControl AppFirewallPolicyRequestAccessControlArgs
    (Updatable) Module that allows inspection of HTTP request properties and to return a defined HTTP response. In this module, rules with the name 'Default Action' are not allowed, since this name is reserved for default action logs.
    RequestProtection AppFirewallPolicyRequestProtectionArgs
    (Updatable) Module that allows to enable OCI-managed protection capabilities for incoming HTTP requests.
    RequestRateLimiting AppFirewallPolicyRequestRateLimitingArgs
    (Updatable) Module that allows inspection of HTTP connection properties and to limit requests frequency for a given key.
    ResponseAccessControl AppFirewallPolicyResponseAccessControlArgs
    (Updatable) Module that allows inspection of HTTP response properties and to return a defined HTTP response.
    ResponseProtection AppFirewallPolicyResponseProtectionArgs
    (Updatable) Module that allows to enable OCI-managed protection capabilities for HTTP responses.
    SystemTags map[string]string

    (Updatable) Usage of system tag keys. These predefined keys are scoped to namespaces. Example: {"orcl-cloud.free-tier-retained": "true"}

    ** IMPORTANT ** Any change to a property that does not support update will force the destruction and recreation of the resource with the new property values

    compartmentId String
    (Updatable) The OCID of the compartment.
    actions List<AppFirewallPolicyAction>
    (Updatable) Predefined actions for use in multiple different rules. Not all actions are supported in every module. Some actions terminate further execution of modules and rules in a module and some do not. Actions names must be unique within this array.
    definedTags Map<String,String>
    (Updatable) Defined tags for this resource. Each key is predefined and scoped to a namespace. Example: {"foo-namespace.bar-key": "value"}
    displayName String
    (Updatable) WebAppFirewallPolicy display name, can be renamed.
    freeformTags Map<String,String>
    (Updatable) Simple key-value pair that is applied without any predefined name, type or scope. Exists for cross-compatibility only. Example: {"bar-key": "value"}
    requestAccessControl AppFirewallPolicyRequestAccessControl
    (Updatable) Module that allows inspection of HTTP request properties and to return a defined HTTP response. In this module, rules with the name 'Default Action' are not allowed, since this name is reserved for default action logs.
    requestProtection AppFirewallPolicyRequestProtection
    (Updatable) Module that allows to enable OCI-managed protection capabilities for incoming HTTP requests.
    requestRateLimiting AppFirewallPolicyRequestRateLimiting
    (Updatable) Module that allows inspection of HTTP connection properties and to limit requests frequency for a given key.
    responseAccessControl AppFirewallPolicyResponseAccessControl
    (Updatable) Module that allows inspection of HTTP response properties and to return a defined HTTP response.
    responseProtection AppFirewallPolicyResponseProtection
    (Updatable) Module that allows to enable OCI-managed protection capabilities for HTTP responses.
    systemTags Map<String,String>

    (Updatable) Usage of system tag keys. These predefined keys are scoped to namespaces. Example: {"orcl-cloud.free-tier-retained": "true"}

    ** IMPORTANT ** Any change to a property that does not support update will force the destruction and recreation of the resource with the new property values

    compartmentId string
    (Updatable) The OCID of the compartment.
    actions AppFirewallPolicyAction[]
    (Updatable) Predefined actions for use in multiple different rules. Not all actions are supported in every module. Some actions terminate further execution of modules and rules in a module and some do not. Actions names must be unique within this array.
    definedTags {[key: string]: string}
    (Updatable) Defined tags for this resource. Each key is predefined and scoped to a namespace. Example: {"foo-namespace.bar-key": "value"}
    displayName string
    (Updatable) WebAppFirewallPolicy display name, can be renamed.
    freeformTags {[key: string]: string}
    (Updatable) Simple key-value pair that is applied without any predefined name, type or scope. Exists for cross-compatibility only. Example: {"bar-key": "value"}
    requestAccessControl AppFirewallPolicyRequestAccessControl
    (Updatable) Module that allows inspection of HTTP request properties and to return a defined HTTP response. In this module, rules with the name 'Default Action' are not allowed, since this name is reserved for default action logs.
    requestProtection AppFirewallPolicyRequestProtection
    (Updatable) Module that allows to enable OCI-managed protection capabilities for incoming HTTP requests.
    requestRateLimiting AppFirewallPolicyRequestRateLimiting
    (Updatable) Module that allows inspection of HTTP connection properties and to limit requests frequency for a given key.
    responseAccessControl AppFirewallPolicyResponseAccessControl
    (Updatable) Module that allows inspection of HTTP response properties and to return a defined HTTP response.
    responseProtection AppFirewallPolicyResponseProtection
    (Updatable) Module that allows to enable OCI-managed protection capabilities for HTTP responses.
    systemTags {[key: string]: string}

    (Updatable) Usage of system tag keys. These predefined keys are scoped to namespaces. Example: {"orcl-cloud.free-tier-retained": "true"}

    ** IMPORTANT ** Any change to a property that does not support update will force the destruction and recreation of the resource with the new property values

    compartment_id str
    (Updatable) The OCID of the compartment.
    actions Sequence[waf.AppFirewallPolicyActionArgs]
    (Updatable) Predefined actions for use in multiple different rules. Not all actions are supported in every module. Some actions terminate further execution of modules and rules in a module and some do not. Actions names must be unique within this array.
    defined_tags Mapping[str, str]
    (Updatable) Defined tags for this resource. Each key is predefined and scoped to a namespace. Example: {"foo-namespace.bar-key": "value"}
    display_name str
    (Updatable) WebAppFirewallPolicy display name, can be renamed.
    freeform_tags Mapping[str, str]
    (Updatable) Simple key-value pair that is applied without any predefined name, type or scope. Exists for cross-compatibility only. Example: {"bar-key": "value"}
    request_access_control waf.AppFirewallPolicyRequestAccessControlArgs
    (Updatable) Module that allows inspection of HTTP request properties and to return a defined HTTP response. In this module, rules with the name 'Default Action' are not allowed, since this name is reserved for default action logs.
    request_protection waf.AppFirewallPolicyRequestProtectionArgs
    (Updatable) Module that allows to enable OCI-managed protection capabilities for incoming HTTP requests.
    request_rate_limiting waf.AppFirewallPolicyRequestRateLimitingArgs
    (Updatable) Module that allows inspection of HTTP connection properties and to limit requests frequency for a given key.
    response_access_control waf.AppFirewallPolicyResponseAccessControlArgs
    (Updatable) Module that allows inspection of HTTP response properties and to return a defined HTTP response.
    response_protection waf.AppFirewallPolicyResponseProtectionArgs
    (Updatable) Module that allows to enable OCI-managed protection capabilities for HTTP responses.
    system_tags Mapping[str, str]

    (Updatable) Usage of system tag keys. These predefined keys are scoped to namespaces. Example: {"orcl-cloud.free-tier-retained": "true"}

    ** IMPORTANT ** Any change to a property that does not support update will force the destruction and recreation of the resource with the new property values

    compartmentId String
    (Updatable) The OCID of the compartment.
    actions List<Property Map>
    (Updatable) Predefined actions for use in multiple different rules. Not all actions are supported in every module. Some actions terminate further execution of modules and rules in a module and some do not. Actions names must be unique within this array.
    definedTags Map<String>
    (Updatable) Defined tags for this resource. Each key is predefined and scoped to a namespace. Example: {"foo-namespace.bar-key": "value"}
    displayName String
    (Updatable) WebAppFirewallPolicy display name, can be renamed.
    freeformTags Map<String>
    (Updatable) Simple key-value pair that is applied without any predefined name, type or scope. Exists for cross-compatibility only. Example: {"bar-key": "value"}
    requestAccessControl Property Map
    (Updatable) Module that allows inspection of HTTP request properties and to return a defined HTTP response. In this module, rules with the name 'Default Action' are not allowed, since this name is reserved for default action logs.
    requestProtection Property Map
    (Updatable) Module that allows to enable OCI-managed protection capabilities for incoming HTTP requests.
    requestRateLimiting Property Map
    (Updatable) Module that allows inspection of HTTP connection properties and to limit requests frequency for a given key.
    responseAccessControl Property Map
    (Updatable) Module that allows inspection of HTTP response properties and to return a defined HTTP response.
    responseProtection Property Map
    (Updatable) Module that allows to enable OCI-managed protection capabilities for HTTP responses.
    systemTags Map<String>

    (Updatable) Usage of system tag keys. These predefined keys are scoped to namespaces. Example: {"orcl-cloud.free-tier-retained": "true"}

    ** IMPORTANT ** Any change to a property that does not support update will force the destruction and recreation of the resource with the new property values

    Outputs

    All input properties are implicitly available as output properties. Additionally, the AppFirewallPolicy resource produces the following output properties:

    Id string
    The provider-assigned unique ID for this managed resource.
    LifecycleDetails string
    A message describing the current state in more detail. For example, can be used to provide actionable information for a resource in FAILED state.
    State string
    The current state of the WebAppFirewallPolicy.
    TimeCreated string
    The time the WebAppFirewallPolicy was created. An RFC3339 formatted datetime string.
    TimeUpdated string
    The time the WebAppFirewallPolicy was updated. An RFC3339 formatted datetime string.
    Id string
    The provider-assigned unique ID for this managed resource.
    LifecycleDetails string
    A message describing the current state in more detail. For example, can be used to provide actionable information for a resource in FAILED state.
    State string
    The current state of the WebAppFirewallPolicy.
    TimeCreated string
    The time the WebAppFirewallPolicy was created. An RFC3339 formatted datetime string.
    TimeUpdated string
    The time the WebAppFirewallPolicy was updated. An RFC3339 formatted datetime string.
    id String
    The provider-assigned unique ID for this managed resource.
    lifecycleDetails String
    A message describing the current state in more detail. For example, can be used to provide actionable information for a resource in FAILED state.
    state String
    The current state of the WebAppFirewallPolicy.
    timeCreated String
    The time the WebAppFirewallPolicy was created. An RFC3339 formatted datetime string.
    timeUpdated String
    The time the WebAppFirewallPolicy was updated. An RFC3339 formatted datetime string.
    id string
    The provider-assigned unique ID for this managed resource.
    lifecycleDetails string
    A message describing the current state in more detail. For example, can be used to provide actionable information for a resource in FAILED state.
    state string
    The current state of the WebAppFirewallPolicy.
    timeCreated string
    The time the WebAppFirewallPolicy was created. An RFC3339 formatted datetime string.
    timeUpdated string
    The time the WebAppFirewallPolicy was updated. An RFC3339 formatted datetime string.
    id str
    The provider-assigned unique ID for this managed resource.
    lifecycle_details str
    A message describing the current state in more detail. For example, can be used to provide actionable information for a resource in FAILED state.
    state str
    The current state of the WebAppFirewallPolicy.
    time_created str
    The time the WebAppFirewallPolicy was created. An RFC3339 formatted datetime string.
    time_updated str
    The time the WebAppFirewallPolicy was updated. An RFC3339 formatted datetime string.
    id String
    The provider-assigned unique ID for this managed resource.
    lifecycleDetails String
    A message describing the current state in more detail. For example, can be used to provide actionable information for a resource in FAILED state.
    state String
    The current state of the WebAppFirewallPolicy.
    timeCreated String
    The time the WebAppFirewallPolicy was created. An RFC3339 formatted datetime string.
    timeUpdated String
    The time the WebAppFirewallPolicy was updated. An RFC3339 formatted datetime string.

    Look up Existing AppFirewallPolicy Resource

    Get an existing AppFirewallPolicy resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

    public static get(name: string, id: Input<ID>, state?: AppFirewallPolicyState, opts?: CustomResourceOptions): AppFirewallPolicy
    @staticmethod
    def get(resource_name: str,
            id: str,
            opts: Optional[ResourceOptions] = None,
            actions: Optional[Sequence[_waf.AppFirewallPolicyActionArgs]] = None,
            compartment_id: Optional[str] = None,
            defined_tags: Optional[Mapping[str, str]] = None,
            display_name: Optional[str] = None,
            freeform_tags: Optional[Mapping[str, str]] = None,
            lifecycle_details: Optional[str] = None,
            request_access_control: Optional[_waf.AppFirewallPolicyRequestAccessControlArgs] = None,
            request_protection: Optional[_waf.AppFirewallPolicyRequestProtectionArgs] = None,
            request_rate_limiting: Optional[_waf.AppFirewallPolicyRequestRateLimitingArgs] = None,
            response_access_control: Optional[_waf.AppFirewallPolicyResponseAccessControlArgs] = None,
            response_protection: Optional[_waf.AppFirewallPolicyResponseProtectionArgs] = None,
            state: Optional[str] = None,
            system_tags: Optional[Mapping[str, str]] = None,
            time_created: Optional[str] = None,
            time_updated: Optional[str] = None) -> AppFirewallPolicy
    func GetAppFirewallPolicy(ctx *Context, name string, id IDInput, state *AppFirewallPolicyState, opts ...ResourceOption) (*AppFirewallPolicy, error)
    public static AppFirewallPolicy Get(string name, Input<string> id, AppFirewallPolicyState? state, CustomResourceOptions? opts = null)
    public static AppFirewallPolicy get(String name, Output<String> id, AppFirewallPolicyState state, CustomResourceOptions options)
    Resource lookup is not supported in YAML
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    resource_name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    The following state arguments are supported:
    Actions List<AppFirewallPolicyAction>
    (Updatable) Predefined actions for use in multiple different rules. Not all actions are supported in every module. Some actions terminate further execution of modules and rules in a module and some do not. Actions names must be unique within this array.
    CompartmentId string
    (Updatable) The OCID of the compartment.
    DefinedTags Dictionary<string, string>
    (Updatable) Defined tags for this resource. Each key is predefined and scoped to a namespace. Example: {"foo-namespace.bar-key": "value"}
    DisplayName string
    (Updatable) WebAppFirewallPolicy display name, can be renamed.
    FreeformTags Dictionary<string, string>
    (Updatable) Simple key-value pair that is applied without any predefined name, type or scope. Exists for cross-compatibility only. Example: {"bar-key": "value"}
    LifecycleDetails string
    A message describing the current state in more detail. For example, can be used to provide actionable information for a resource in FAILED state.
    RequestAccessControl AppFirewallPolicyRequestAccessControl
    (Updatable) Module that allows inspection of HTTP request properties and to return a defined HTTP response. In this module, rules with the name 'Default Action' are not allowed, since this name is reserved for default action logs.
    RequestProtection AppFirewallPolicyRequestProtection
    (Updatable) Module that allows to enable OCI-managed protection capabilities for incoming HTTP requests.
    RequestRateLimiting AppFirewallPolicyRequestRateLimiting
    (Updatable) Module that allows inspection of HTTP connection properties and to limit requests frequency for a given key.
    ResponseAccessControl AppFirewallPolicyResponseAccessControl
    (Updatable) Module that allows inspection of HTTP response properties and to return a defined HTTP response.
    ResponseProtection AppFirewallPolicyResponseProtection
    (Updatable) Module that allows to enable OCI-managed protection capabilities for HTTP responses.
    State string
    The current state of the WebAppFirewallPolicy.
    SystemTags Dictionary<string, string>

    (Updatable) Usage of system tag keys. These predefined keys are scoped to namespaces. Example: {"orcl-cloud.free-tier-retained": "true"}

    ** IMPORTANT ** Any change to a property that does not support update will force the destruction and recreation of the resource with the new property values

    TimeCreated string
    The time the WebAppFirewallPolicy was created. An RFC3339 formatted datetime string.
    TimeUpdated string
    The time the WebAppFirewallPolicy was updated. An RFC3339 formatted datetime string.
    Actions []AppFirewallPolicyActionArgs
    (Updatable) Predefined actions for use in multiple different rules. Not all actions are supported in every module. Some actions terminate further execution of modules and rules in a module and some do not. Actions names must be unique within this array.
    CompartmentId string
    (Updatable) The OCID of the compartment.
    DefinedTags map[string]string
    (Updatable) Defined tags for this resource. Each key is predefined and scoped to a namespace. Example: {"foo-namespace.bar-key": "value"}
    DisplayName string
    (Updatable) WebAppFirewallPolicy display name, can be renamed.
    FreeformTags map[string]string
    (Updatable) Simple key-value pair that is applied without any predefined name, type or scope. Exists for cross-compatibility only. Example: {"bar-key": "value"}
    LifecycleDetails string
    A message describing the current state in more detail. For example, can be used to provide actionable information for a resource in FAILED state.
    RequestAccessControl AppFirewallPolicyRequestAccessControlArgs
    (Updatable) Module that allows inspection of HTTP request properties and to return a defined HTTP response. In this module, rules with the name 'Default Action' are not allowed, since this name is reserved for default action logs.
    RequestProtection AppFirewallPolicyRequestProtectionArgs
    (Updatable) Module that allows to enable OCI-managed protection capabilities for incoming HTTP requests.
    RequestRateLimiting AppFirewallPolicyRequestRateLimitingArgs
    (Updatable) Module that allows inspection of HTTP connection properties and to limit requests frequency for a given key.
    ResponseAccessControl AppFirewallPolicyResponseAccessControlArgs
    (Updatable) Module that allows inspection of HTTP response properties and to return a defined HTTP response.
    ResponseProtection AppFirewallPolicyResponseProtectionArgs
    (Updatable) Module that allows to enable OCI-managed protection capabilities for HTTP responses.
    State string
    The current state of the WebAppFirewallPolicy.
    SystemTags map[string]string

    (Updatable) Usage of system tag keys. These predefined keys are scoped to namespaces. Example: {"orcl-cloud.free-tier-retained": "true"}

    ** IMPORTANT ** Any change to a property that does not support update will force the destruction and recreation of the resource with the new property values

    TimeCreated string
    The time the WebAppFirewallPolicy was created. An RFC3339 formatted datetime string.
    TimeUpdated string
    The time the WebAppFirewallPolicy was updated. An RFC3339 formatted datetime string.
    actions List<AppFirewallPolicyAction>
    (Updatable) Predefined actions for use in multiple different rules. Not all actions are supported in every module. Some actions terminate further execution of modules and rules in a module and some do not. Actions names must be unique within this array.
    compartmentId String
    (Updatable) The OCID of the compartment.
    definedTags Map<String,String>
    (Updatable) Defined tags for this resource. Each key is predefined and scoped to a namespace. Example: {"foo-namespace.bar-key": "value"}
    displayName String
    (Updatable) WebAppFirewallPolicy display name, can be renamed.
    freeformTags Map<String,String>
    (Updatable) Simple key-value pair that is applied without any predefined name, type or scope. Exists for cross-compatibility only. Example: {"bar-key": "value"}
    lifecycleDetails String
    A message describing the current state in more detail. For example, can be used to provide actionable information for a resource in FAILED state.
    requestAccessControl AppFirewallPolicyRequestAccessControl
    (Updatable) Module that allows inspection of HTTP request properties and to return a defined HTTP response. In this module, rules with the name 'Default Action' are not allowed, since this name is reserved for default action logs.
    requestProtection AppFirewallPolicyRequestProtection
    (Updatable) Module that allows to enable OCI-managed protection capabilities for incoming HTTP requests.
    requestRateLimiting AppFirewallPolicyRequestRateLimiting
    (Updatable) Module that allows inspection of HTTP connection properties and to limit requests frequency for a given key.
    responseAccessControl AppFirewallPolicyResponseAccessControl
    (Updatable) Module that allows inspection of HTTP response properties and to return a defined HTTP response.
    responseProtection AppFirewallPolicyResponseProtection
    (Updatable) Module that allows to enable OCI-managed protection capabilities for HTTP responses.
    state String
    The current state of the WebAppFirewallPolicy.
    systemTags Map<String,String>

    (Updatable) Usage of system tag keys. These predefined keys are scoped to namespaces. Example: {"orcl-cloud.free-tier-retained": "true"}

    ** IMPORTANT ** Any change to a property that does not support update will force the destruction and recreation of the resource with the new property values

    timeCreated String
    The time the WebAppFirewallPolicy was created. An RFC3339 formatted datetime string.
    timeUpdated String
    The time the WebAppFirewallPolicy was updated. An RFC3339 formatted datetime string.
    actions AppFirewallPolicyAction[]
    (Updatable) Predefined actions for use in multiple different rules. Not all actions are supported in every module. Some actions terminate further execution of modules and rules in a module and some do not. Actions names must be unique within this array.
    compartmentId string
    (Updatable) The OCID of the compartment.
    definedTags {[key: string]: string}
    (Updatable) Defined tags for this resource. Each key is predefined and scoped to a namespace. Example: {"foo-namespace.bar-key": "value"}
    displayName string
    (Updatable) WebAppFirewallPolicy display name, can be renamed.
    freeformTags {[key: string]: string}
    (Updatable) Simple key-value pair that is applied without any predefined name, type or scope. Exists for cross-compatibility only. Example: {"bar-key": "value"}
    lifecycleDetails string
    A message describing the current state in more detail. For example, can be used to provide actionable information for a resource in FAILED state.
    requestAccessControl AppFirewallPolicyRequestAccessControl
    (Updatable) Module that allows inspection of HTTP request properties and to return a defined HTTP response. In this module, rules with the name 'Default Action' are not allowed, since this name is reserved for default action logs.
    requestProtection AppFirewallPolicyRequestProtection
    (Updatable) Module that allows to enable OCI-managed protection capabilities for incoming HTTP requests.
    requestRateLimiting AppFirewallPolicyRequestRateLimiting
    (Updatable) Module that allows inspection of HTTP connection properties and to limit requests frequency for a given key.
    responseAccessControl AppFirewallPolicyResponseAccessControl
    (Updatable) Module that allows inspection of HTTP response properties and to return a defined HTTP response.
    responseProtection AppFirewallPolicyResponseProtection
    (Updatable) Module that allows to enable OCI-managed protection capabilities for HTTP responses.
    state string
    The current state of the WebAppFirewallPolicy.
    systemTags {[key: string]: string}

    (Updatable) Usage of system tag keys. These predefined keys are scoped to namespaces. Example: {"orcl-cloud.free-tier-retained": "true"}

    ** IMPORTANT ** Any change to a property that does not support update will force the destruction and recreation of the resource with the new property values

    timeCreated string
    The time the WebAppFirewallPolicy was created. An RFC3339 formatted datetime string.
    timeUpdated string
    The time the WebAppFirewallPolicy was updated. An RFC3339 formatted datetime string.
    actions Sequence[waf.AppFirewallPolicyActionArgs]
    (Updatable) Predefined actions for use in multiple different rules. Not all actions are supported in every module. Some actions terminate further execution of modules and rules in a module and some do not. Actions names must be unique within this array.
    compartment_id str
    (Updatable) The OCID of the compartment.
    defined_tags Mapping[str, str]
    (Updatable) Defined tags for this resource. Each key is predefined and scoped to a namespace. Example: {"foo-namespace.bar-key": "value"}
    display_name str
    (Updatable) WebAppFirewallPolicy display name, can be renamed.
    freeform_tags Mapping[str, str]
    (Updatable) Simple key-value pair that is applied without any predefined name, type or scope. Exists for cross-compatibility only. Example: {"bar-key": "value"}
    lifecycle_details str
    A message describing the current state in more detail. For example, can be used to provide actionable information for a resource in FAILED state.
    request_access_control waf.AppFirewallPolicyRequestAccessControlArgs
    (Updatable) Module that allows inspection of HTTP request properties and to return a defined HTTP response. In this module, rules with the name 'Default Action' are not allowed, since this name is reserved for default action logs.
    request_protection waf.AppFirewallPolicyRequestProtectionArgs
    (Updatable) Module that allows to enable OCI-managed protection capabilities for incoming HTTP requests.
    request_rate_limiting waf.AppFirewallPolicyRequestRateLimitingArgs
    (Updatable) Module that allows inspection of HTTP connection properties and to limit requests frequency for a given key.
    response_access_control waf.AppFirewallPolicyResponseAccessControlArgs
    (Updatable) Module that allows inspection of HTTP response properties and to return a defined HTTP response.
    response_protection waf.AppFirewallPolicyResponseProtectionArgs
    (Updatable) Module that allows to enable OCI-managed protection capabilities for HTTP responses.
    state str
    The current state of the WebAppFirewallPolicy.
    system_tags Mapping[str, str]

    (Updatable) Usage of system tag keys. These predefined keys are scoped to namespaces. Example: {"orcl-cloud.free-tier-retained": "true"}

    ** IMPORTANT ** Any change to a property that does not support update will force the destruction and recreation of the resource with the new property values

    time_created str
    The time the WebAppFirewallPolicy was created. An RFC3339 formatted datetime string.
    time_updated str
    The time the WebAppFirewallPolicy was updated. An RFC3339 formatted datetime string.
    actions List<Property Map>
    (Updatable) Predefined actions for use in multiple different rules. Not all actions are supported in every module. Some actions terminate further execution of modules and rules in a module and some do not. Actions names must be unique within this array.
    compartmentId String
    (Updatable) The OCID of the compartment.
    definedTags Map<String>
    (Updatable) Defined tags for this resource. Each key is predefined and scoped to a namespace. Example: {"foo-namespace.bar-key": "value"}
    displayName String
    (Updatable) WebAppFirewallPolicy display name, can be renamed.
    freeformTags Map<String>
    (Updatable) Simple key-value pair that is applied without any predefined name, type or scope. Exists for cross-compatibility only. Example: {"bar-key": "value"}
    lifecycleDetails String
    A message describing the current state in more detail. For example, can be used to provide actionable information for a resource in FAILED state.
    requestAccessControl Property Map
    (Updatable) Module that allows inspection of HTTP request properties and to return a defined HTTP response. In this module, rules with the name 'Default Action' are not allowed, since this name is reserved for default action logs.
    requestProtection Property Map
    (Updatable) Module that allows to enable OCI-managed protection capabilities for incoming HTTP requests.
    requestRateLimiting Property Map
    (Updatable) Module that allows inspection of HTTP connection properties and to limit requests frequency for a given key.
    responseAccessControl Property Map
    (Updatable) Module that allows inspection of HTTP response properties and to return a defined HTTP response.
    responseProtection Property Map
    (Updatable) Module that allows to enable OCI-managed protection capabilities for HTTP responses.
    state String
    The current state of the WebAppFirewallPolicy.
    systemTags Map<String>

    (Updatable) Usage of system tag keys. These predefined keys are scoped to namespaces. Example: {"orcl-cloud.free-tier-retained": "true"}

    ** IMPORTANT ** Any change to a property that does not support update will force the destruction and recreation of the resource with the new property values

    timeCreated String
    The time the WebAppFirewallPolicy was created. An RFC3339 formatted datetime string.
    timeUpdated String
    The time the WebAppFirewallPolicy was updated. An RFC3339 formatted datetime string.

    Supporting Types

    AppFirewallPolicyAction, AppFirewallPolicyActionArgs

    Name string
    (Updatable) Action name. Can be used to reference the action.
    Type string
    (Updatable)

    • CHECK is a non-terminating action that does not stop the execution of rules in current module, just emits a log message documenting result of rule execution.
    • ALLOW is a non-terminating action which upon matching rule skips all remaining rules in the current module.
    • RETURN_HTTP_RESPONSE is a terminating action which is executed immediately, returns a defined HTTP response.
    Body AppFirewallPolicyActionBody
    (Updatable) Type of returned HTTP response body.
    Code int

    (Updatable) Response code.

    The following response codes are valid values for this property:

    • 2xx

    200 OK 201 Created 202 Accepted 206 Partial Content

    • 3xx

    300 Multiple Choices 301 Moved Permanently 302 Found 303 See Other 307 Temporary Redirect

    • 4xx

    400 Bad Request 401 Unauthorized 403 Forbidden 404 Not Found 405 Method Not Allowed 408 Request Timeout 409 Conflict 411 Length Required 412 Precondition Failed 413 Payload Too Large 414 URI Too Long 415 Unsupported Media Type 416 Range Not Satisfiable 422 Unprocessable Entity 494 Request Header Too Large 495 Cert Error 496 No Cert 497 HTTP to HTTPS

    • 5xx

    500 Internal Server Error 501 Not Implemented 502 Bad Gateway 503 Service Unavailable 504 Gateway Timeout 507 Insufficient Storage

    Example: 200

    Headers List<AppFirewallPolicyActionHeader>

    (Updatable) Adds headers defined in this array for HTTP response.

    Hop-by-hop headers are not allowed to be set:

    • Connection
    • Keep-Alive
    • Proxy-Authenticate
    • Proxy-Authorization
    • TE
    • Trailer
    • Transfer-Encoding
    • Upgrade
    Name string
    (Updatable) Action name. Can be used to reference the action.
    Type string
    (Updatable)

    • CHECK is a non-terminating action that does not stop the execution of rules in current module, just emits a log message documenting result of rule execution.
    • ALLOW is a non-terminating action which upon matching rule skips all remaining rules in the current module.
    • RETURN_HTTP_RESPONSE is a terminating action which is executed immediately, returns a defined HTTP response.
    Body AppFirewallPolicyActionBody
    (Updatable) Type of returned HTTP response body.
    Code int

    (Updatable) Response code.

    The following response codes are valid values for this property:

    • 2xx

    200 OK 201 Created 202 Accepted 206 Partial Content

    • 3xx

    300 Multiple Choices 301 Moved Permanently 302 Found 303 See Other 307 Temporary Redirect

    • 4xx

    400 Bad Request 401 Unauthorized 403 Forbidden 404 Not Found 405 Method Not Allowed 408 Request Timeout 409 Conflict 411 Length Required 412 Precondition Failed 413 Payload Too Large 414 URI Too Long 415 Unsupported Media Type 416 Range Not Satisfiable 422 Unprocessable Entity 494 Request Header Too Large 495 Cert Error 496 No Cert 497 HTTP to HTTPS

    • 5xx

    500 Internal Server Error 501 Not Implemented 502 Bad Gateway 503 Service Unavailable 504 Gateway Timeout 507 Insufficient Storage

    Example: 200

    Headers []AppFirewallPolicyActionHeader

    (Updatable) Adds headers defined in this array for HTTP response.

    Hop-by-hop headers are not allowed to be set:

    • Connection
    • Keep-Alive
    • Proxy-Authenticate
    • Proxy-Authorization
    • TE
    • Trailer
    • Transfer-Encoding
    • Upgrade
    name String
    (Updatable) Action name. Can be used to reference the action.
    type String
    (Updatable)

    • CHECK is a non-terminating action that does not stop the execution of rules in current module, just emits a log message documenting result of rule execution.
    • ALLOW is a non-terminating action which upon matching rule skips all remaining rules in the current module.
    • RETURN_HTTP_RESPONSE is a terminating action which is executed immediately, returns a defined HTTP response.
    body AppFirewallPolicyActionBody
    (Updatable) Type of returned HTTP response body.
    code Integer

    (Updatable) Response code.

    The following response codes are valid values for this property:

    • 2xx

    200 OK 201 Created 202 Accepted 206 Partial Content

    • 3xx

    300 Multiple Choices 301 Moved Permanently 302 Found 303 See Other 307 Temporary Redirect

    • 4xx

    400 Bad Request 401 Unauthorized 403 Forbidden 404 Not Found 405 Method Not Allowed 408 Request Timeout 409 Conflict 411 Length Required 412 Precondition Failed 413 Payload Too Large 414 URI Too Long 415 Unsupported Media Type 416 Range Not Satisfiable 422 Unprocessable Entity 494 Request Header Too Large 495 Cert Error 496 No Cert 497 HTTP to HTTPS

    • 5xx

    500 Internal Server Error 501 Not Implemented 502 Bad Gateway 503 Service Unavailable 504 Gateway Timeout 507 Insufficient Storage

    Example: 200

    headers List<AppFirewallPolicyActionHeader>

    (Updatable) Adds headers defined in this array for HTTP response.

    Hop-by-hop headers are not allowed to be set:

    • Connection
    • Keep-Alive
    • Proxy-Authenticate
    • Proxy-Authorization
    • TE
    • Trailer
    • Transfer-Encoding
    • Upgrade
    name string
    (Updatable) Action name. Can be used to reference the action.
    type string
    (Updatable)

    • CHECK is a non-terminating action that does not stop the execution of rules in current module, just emits a log message documenting result of rule execution.
    • ALLOW is a non-terminating action which upon matching rule skips all remaining rules in the current module.
    • RETURN_HTTP_RESPONSE is a terminating action which is executed immediately, returns a defined HTTP response.
    body AppFirewallPolicyActionBody
    (Updatable) Type of returned HTTP response body.
    code number

    (Updatable) Response code.

    The following response codes are valid values for this property:

    • 2xx

    200 OK 201 Created 202 Accepted 206 Partial Content

    • 3xx

    300 Multiple Choices 301 Moved Permanently 302 Found 303 See Other 307 Temporary Redirect

    • 4xx

    400 Bad Request 401 Unauthorized 403 Forbidden 404 Not Found 405 Method Not Allowed 408 Request Timeout 409 Conflict 411 Length Required 412 Precondition Failed 413 Payload Too Large 414 URI Too Long 415 Unsupported Media Type 416 Range Not Satisfiable 422 Unprocessable Entity 494 Request Header Too Large 495 Cert Error 496 No Cert 497 HTTP to HTTPS

    • 5xx

    500 Internal Server Error 501 Not Implemented 502 Bad Gateway 503 Service Unavailable 504 Gateway Timeout 507 Insufficient Storage

    Example: 200

    headers AppFirewallPolicyActionHeader[]

    (Updatable) Adds headers defined in this array for HTTP response.

    Hop-by-hop headers are not allowed to be set:

    • Connection
    • Keep-Alive
    • Proxy-Authenticate
    • Proxy-Authorization
    • TE
    • Trailer
    • Transfer-Encoding
    • Upgrade
    name str
    (Updatable) Action name. Can be used to reference the action.
    type str
    (Updatable)

    • CHECK is a non-terminating action that does not stop the execution of rules in current module, just emits a log message documenting result of rule execution.
    • ALLOW is a non-terminating action which upon matching rule skips all remaining rules in the current module.
    • RETURN_HTTP_RESPONSE is a terminating action which is executed immediately, returns a defined HTTP response.
    body waf.AppFirewallPolicyActionBody
    (Updatable) Type of returned HTTP response body.
    code int

    (Updatable) Response code.

    The following response codes are valid values for this property:

    • 2xx

    200 OK 201 Created 202 Accepted 206 Partial Content

    • 3xx

    300 Multiple Choices 301 Moved Permanently 302 Found 303 See Other 307 Temporary Redirect

    • 4xx

    400 Bad Request 401 Unauthorized 403 Forbidden 404 Not Found 405 Method Not Allowed 408 Request Timeout 409 Conflict 411 Length Required 412 Precondition Failed 413 Payload Too Large 414 URI Too Long 415 Unsupported Media Type 416 Range Not Satisfiable 422 Unprocessable Entity 494 Request Header Too Large 495 Cert Error 496 No Cert 497 HTTP to HTTPS

    • 5xx

    500 Internal Server Error 501 Not Implemented 502 Bad Gateway 503 Service Unavailable 504 Gateway Timeout 507 Insufficient Storage

    Example: 200

    headers Sequence[waf.AppFirewallPolicyActionHeader]

    (Updatable) Adds headers defined in this array for HTTP response.

    Hop-by-hop headers are not allowed to be set:

    • Connection
    • Keep-Alive
    • Proxy-Authenticate
    • Proxy-Authorization
    • TE
    • Trailer
    • Transfer-Encoding
    • Upgrade
    name String
    (Updatable) Action name. Can be used to reference the action.
    type String
    (Updatable)

    • CHECK is a non-terminating action that does not stop the execution of rules in current module, just emits a log message documenting result of rule execution.
    • ALLOW is a non-terminating action which upon matching rule skips all remaining rules in the current module.
    • RETURN_HTTP_RESPONSE is a terminating action which is executed immediately, returns a defined HTTP response.
    body Property Map
    (Updatable) Type of returned HTTP response body.
    code Number

    (Updatable) Response code.

    The following response codes are valid values for this property:

    • 2xx

    200 OK 201 Created 202 Accepted 206 Partial Content

    • 3xx

    300 Multiple Choices 301 Moved Permanently 302 Found 303 See Other 307 Temporary Redirect

    • 4xx

    400 Bad Request 401 Unauthorized 403 Forbidden 404 Not Found 405 Method Not Allowed 408 Request Timeout 409 Conflict 411 Length Required 412 Precondition Failed 413 Payload Too Large 414 URI Too Long 415 Unsupported Media Type 416 Range Not Satisfiable 422 Unprocessable Entity 494 Request Header Too Large 495 Cert Error 496 No Cert 497 HTTP to HTTPS

    • 5xx

    500 Internal Server Error 501 Not Implemented 502 Bad Gateway 503 Service Unavailable 504 Gateway Timeout 507 Insufficient Storage

    Example: 200

    headers List<Property Map>

    (Updatable) Adds headers defined in this array for HTTP response.

    Hop-by-hop headers are not allowed to be set:

    • Connection
    • Keep-Alive
    • Proxy-Authenticate
    • Proxy-Authorization
    • TE
    • Trailer
    • Transfer-Encoding
    • Upgrade

    AppFirewallPolicyActionBody, AppFirewallPolicyActionBodyArgs

    Type string
    (Updatable) Type of HttpResponseBody.
    Template string
    Text string
    (Updatable) Static response body text.
    Type string
    (Updatable) Type of HttpResponseBody.
    Template string
    Text string
    (Updatable) Static response body text.
    type String
    (Updatable) Type of HttpResponseBody.
    template String
    text String
    (Updatable) Static response body text.
    type string
    (Updatable) Type of HttpResponseBody.
    template string
    text string
    (Updatable) Static response body text.
    type str
    (Updatable) Type of HttpResponseBody.
    template str
    text str
    (Updatable) Static response body text.
    type String
    (Updatable) Type of HttpResponseBody.
    template String
    text String
    (Updatable) Static response body text.

    AppFirewallPolicyActionHeader, AppFirewallPolicyActionHeaderArgs

    Name string
    (Updatable) The name of the header field.
    Value string
    (Updatable) The value of the header field.
    Name string
    (Updatable) The name of the header field.
    Value string
    (Updatable) The value of the header field.
    name String
    (Updatable) The name of the header field.
    value String
    (Updatable) The value of the header field.
    name string
    (Updatable) The name of the header field.
    value string
    (Updatable) The value of the header field.
    name str
    (Updatable) The name of the header field.
    value str
    (Updatable) The value of the header field.
    name String
    (Updatable) The name of the header field.
    value String
    (Updatable) The value of the header field.

    AppFirewallPolicyRequestAccessControl, AppFirewallPolicyRequestAccessControlArgs

    DefaultActionName string
    (Updatable) References an default Action to take if no AccessControlRule was matched. Allowed action types:

    • ALLOW continues execution of other modules and their rules.
    • RETURN_HTTP_RESPONSE terminates further execution of modules and rules and returns defined HTTP response.
    Rules List<AppFirewallPolicyRequestAccessControlRule>
    (Updatable) Ordered list of AccessControlRules. Rules are executed in order of appearance in this array.
    DefaultActionName string
    (Updatable) References an default Action to take if no AccessControlRule was matched. Allowed action types:

    • ALLOW continues execution of other modules and their rules.
    • RETURN_HTTP_RESPONSE terminates further execution of modules and rules and returns defined HTTP response.
    Rules []AppFirewallPolicyRequestAccessControlRule
    (Updatable) Ordered list of AccessControlRules. Rules are executed in order of appearance in this array.
    defaultActionName String
    (Updatable) References an default Action to take if no AccessControlRule was matched. Allowed action types:

    • ALLOW continues execution of other modules and their rules.
    • RETURN_HTTP_RESPONSE terminates further execution of modules and rules and returns defined HTTP response.
    rules List<AppFirewallPolicyRequestAccessControlRule>
    (Updatable) Ordered list of AccessControlRules. Rules are executed in order of appearance in this array.
    defaultActionName string
    (Updatable) References an default Action to take if no AccessControlRule was matched. Allowed action types:

    • ALLOW continues execution of other modules and their rules.
    • RETURN_HTTP_RESPONSE terminates further execution of modules and rules and returns defined HTTP response.
    rules AppFirewallPolicyRequestAccessControlRule[]
    (Updatable) Ordered list of AccessControlRules. Rules are executed in order of appearance in this array.
    default_action_name str
    (Updatable) References an default Action to take if no AccessControlRule was matched. Allowed action types:

    • ALLOW continues execution of other modules and their rules.
    • RETURN_HTTP_RESPONSE terminates further execution of modules and rules and returns defined HTTP response.
    rules Sequence[waf.AppFirewallPolicyRequestAccessControlRule]
    (Updatable) Ordered list of AccessControlRules. Rules are executed in order of appearance in this array.
    defaultActionName String
    (Updatable) References an default Action to take if no AccessControlRule was matched. Allowed action types:

    • ALLOW continues execution of other modules and their rules.
    • RETURN_HTTP_RESPONSE terminates further execution of modules and rules and returns defined HTTP response.
    rules List<Property Map>
    (Updatable) Ordered list of AccessControlRules. Rules are executed in order of appearance in this array.

    AppFirewallPolicyRequestAccessControlRule, AppFirewallPolicyRequestAccessControlRuleArgs

    ActionName string
    (Updatable) References action by name from actions defined in WebAppFirewallPolicy.
    Name string
    (Updatable) Rule name. Must be unique within the module.
    Type string
    (Updatable) Type of WebAppFirewallPolicyRule.
    Condition string
    (Updatable) An expression that determines whether or not the rule action should be executed.
    ConditionLanguage string
    (Updatable) The language used to parse condition from field condition. Available languages:

    • JMESPATH an extended JMESPath language syntax.
    ActionName string
    (Updatable) References action by name from actions defined in WebAppFirewallPolicy.
    Name string
    (Updatable) Rule name. Must be unique within the module.
    Type string
    (Updatable) Type of WebAppFirewallPolicyRule.
    Condition string
    (Updatable) An expression that determines whether or not the rule action should be executed.
    ConditionLanguage string
    (Updatable) The language used to parse condition from field condition. Available languages:

    • JMESPATH an extended JMESPath language syntax.
    actionName String
    (Updatable) References action by name from actions defined in WebAppFirewallPolicy.
    name String
    (Updatable) Rule name. Must be unique within the module.
    type String
    (Updatable) Type of WebAppFirewallPolicyRule.
    condition String
    (Updatable) An expression that determines whether or not the rule action should be executed.
    conditionLanguage String
    (Updatable) The language used to parse condition from field condition. Available languages:

    • JMESPATH an extended JMESPath language syntax.
    actionName string
    (Updatable) References action by name from actions defined in WebAppFirewallPolicy.
    name string
    (Updatable) Rule name. Must be unique within the module.
    type string
    (Updatable) Type of WebAppFirewallPolicyRule.
    condition string
    (Updatable) An expression that determines whether or not the rule action should be executed.
    conditionLanguage string
    (Updatable) The language used to parse condition from field condition. Available languages:

    • JMESPATH an extended JMESPath language syntax.
    action_name str
    (Updatable) References action by name from actions defined in WebAppFirewallPolicy.
    name str
    (Updatable) Rule name. Must be unique within the module.
    type str
    (Updatable) Type of WebAppFirewallPolicyRule.
    condition str
    (Updatable) An expression that determines whether or not the rule action should be executed.
    condition_language str
    (Updatable) The language used to parse condition from field condition. Available languages:

    • JMESPATH an extended JMESPath language syntax.
    actionName String
    (Updatable) References action by name from actions defined in WebAppFirewallPolicy.
    name String
    (Updatable) Rule name. Must be unique within the module.
    type String
    (Updatable) Type of WebAppFirewallPolicyRule.
    condition String
    (Updatable) An expression that determines whether or not the rule action should be executed.
    conditionLanguage String
    (Updatable) The language used to parse condition from field condition. Available languages:

    • JMESPATH an extended JMESPath language syntax.

    AppFirewallPolicyRequestProtection, AppFirewallPolicyRequestProtectionArgs

    BodyInspectionSizeLimitExceededActionName string

    (Updatable) References action by name from actions defined in WebAppFirewallPolicy. Executed if HTTP message body size exceeds limit set in field bodyInspectionSizeLimitInBytes.

    If this field is null HTTP message body will inspected up to bodyInspectionSizeLimitInBytes and the rest will not be inspected by Protection Capabilities.

    Allowed action types:

    • RETURN_HTTP_RESPONSE terminates further execution of modules and rules and returns defined HTTP response.
    BodyInspectionSizeLimitInBytes int

    (Updatable) Maximum size of inspected HTTP message body in bytes. Actions to take if this limit is exceeded are defined in bodyInspectionSizeLimitExceededActionName.

    Body inspection maximum size allowed is defined with per-tenancy limit: 8192 bytes.

    For steps to request a limit increase, see Requesting a Service Limit Increase.

    Rules List<AppFirewallPolicyRequestProtectionRule>
    (Updatable) Ordered list of ProtectionRules. Rules are executed in order of appearance in this array. ProtectionRules in this array can only use protection Capabilities of REQUEST_PROTECTION_CAPABILITY type.
    BodyInspectionSizeLimitExceededActionName string

    (Updatable) References action by name from actions defined in WebAppFirewallPolicy. Executed if HTTP message body size exceeds limit set in field bodyInspectionSizeLimitInBytes.

    If this field is null HTTP message body will inspected up to bodyInspectionSizeLimitInBytes and the rest will not be inspected by Protection Capabilities.

    Allowed action types:

    • RETURN_HTTP_RESPONSE terminates further execution of modules and rules and returns defined HTTP response.
    BodyInspectionSizeLimitInBytes int

    (Updatable) Maximum size of inspected HTTP message body in bytes. Actions to take if this limit is exceeded are defined in bodyInspectionSizeLimitExceededActionName.

    Body inspection maximum size allowed is defined with per-tenancy limit: 8192 bytes.

    For steps to request a limit increase, see Requesting a Service Limit Increase.

    Rules []AppFirewallPolicyRequestProtectionRule
    (Updatable) Ordered list of ProtectionRules. Rules are executed in order of appearance in this array. ProtectionRules in this array can only use protection Capabilities of REQUEST_PROTECTION_CAPABILITY type.
    bodyInspectionSizeLimitExceededActionName String

    (Updatable) References action by name from actions defined in WebAppFirewallPolicy. Executed if HTTP message body size exceeds limit set in field bodyInspectionSizeLimitInBytes.

    If this field is null HTTP message body will inspected up to bodyInspectionSizeLimitInBytes and the rest will not be inspected by Protection Capabilities.

    Allowed action types:

    • RETURN_HTTP_RESPONSE terminates further execution of modules and rules and returns defined HTTP response.
    bodyInspectionSizeLimitInBytes Integer

    (Updatable) Maximum size of inspected HTTP message body in bytes. Actions to take if this limit is exceeded are defined in bodyInspectionSizeLimitExceededActionName.

    Body inspection maximum size allowed is defined with per-tenancy limit: 8192 bytes.

    For steps to request a limit increase, see Requesting a Service Limit Increase.

    rules List<AppFirewallPolicyRequestProtectionRule>
    (Updatable) Ordered list of ProtectionRules. Rules are executed in order of appearance in this array. ProtectionRules in this array can only use protection Capabilities of REQUEST_PROTECTION_CAPABILITY type.
    bodyInspectionSizeLimitExceededActionName string

    (Updatable) References action by name from actions defined in WebAppFirewallPolicy. Executed if HTTP message body size exceeds limit set in field bodyInspectionSizeLimitInBytes.

    If this field is null HTTP message body will inspected up to bodyInspectionSizeLimitInBytes and the rest will not be inspected by Protection Capabilities.

    Allowed action types:

    • RETURN_HTTP_RESPONSE terminates further execution of modules and rules and returns defined HTTP response.
    bodyInspectionSizeLimitInBytes number

    (Updatable) Maximum size of inspected HTTP message body in bytes. Actions to take if this limit is exceeded are defined in bodyInspectionSizeLimitExceededActionName.

    Body inspection maximum size allowed is defined with per-tenancy limit: 8192 bytes.

    For steps to request a limit increase, see Requesting a Service Limit Increase.

    rules AppFirewallPolicyRequestProtectionRule[]
    (Updatable) Ordered list of ProtectionRules. Rules are executed in order of appearance in this array. ProtectionRules in this array can only use protection Capabilities of REQUEST_PROTECTION_CAPABILITY type.
    body_inspection_size_limit_exceeded_action_name str

    (Updatable) References action by name from actions defined in WebAppFirewallPolicy. Executed if HTTP message body size exceeds limit set in field bodyInspectionSizeLimitInBytes.

    If this field is null HTTP message body will inspected up to bodyInspectionSizeLimitInBytes and the rest will not be inspected by Protection Capabilities.

    Allowed action types:

    • RETURN_HTTP_RESPONSE terminates further execution of modules and rules and returns defined HTTP response.
    body_inspection_size_limit_in_bytes int

    (Updatable) Maximum size of inspected HTTP message body in bytes. Actions to take if this limit is exceeded are defined in bodyInspectionSizeLimitExceededActionName.

    Body inspection maximum size allowed is defined with per-tenancy limit: 8192 bytes.

    For steps to request a limit increase, see Requesting a Service Limit Increase.

    rules Sequence[waf.AppFirewallPolicyRequestProtectionRule]
    (Updatable) Ordered list of ProtectionRules. Rules are executed in order of appearance in this array. ProtectionRules in this array can only use protection Capabilities of REQUEST_PROTECTION_CAPABILITY type.
    bodyInspectionSizeLimitExceededActionName String

    (Updatable) References action by name from actions defined in WebAppFirewallPolicy. Executed if HTTP message body size exceeds limit set in field bodyInspectionSizeLimitInBytes.

    If this field is null HTTP message body will inspected up to bodyInspectionSizeLimitInBytes and the rest will not be inspected by Protection Capabilities.

    Allowed action types:

    • RETURN_HTTP_RESPONSE terminates further execution of modules and rules and returns defined HTTP response.
    bodyInspectionSizeLimitInBytes Number

    (Updatable) Maximum size of inspected HTTP message body in bytes. Actions to take if this limit is exceeded are defined in bodyInspectionSizeLimitExceededActionName.

    Body inspection maximum size allowed is defined with per-tenancy limit: 8192 bytes.

    For steps to request a limit increase, see Requesting a Service Limit Increase.

    rules List<Property Map>
    (Updatable) Ordered list of ProtectionRules. Rules are executed in order of appearance in this array. ProtectionRules in this array can only use protection Capabilities of REQUEST_PROTECTION_CAPABILITY type.

    AppFirewallPolicyRequestProtectionRule, AppFirewallPolicyRequestProtectionRuleArgs

    ActionName string
    (Updatable) References action by name from actions defined in WebAppFirewallPolicy.
    Name string
    (Updatable) Rule name. Must be unique within the module.
    ProtectionCapabilities List<AppFirewallPolicyRequestProtectionRuleProtectionCapability>
    (Updatable) An ordered list that references OCI-managed protection capabilities. Referenced protection capabilities are not necessarily executed in order of appearance. Their execution order is decided at runtime for improved performance. The array cannot contain entries with the same pair of capability key and version more than once.
    Type string
    (Updatable) Type of WebAppFirewallPolicyRule.
    Condition string
    (Updatable) An expression that determines whether or not the rule action should be executed.
    ConditionLanguage string
    (Updatable) The language used to parse condition from field condition. Available languages:

    • JMESPATH an extended JMESPath language syntax.
    IsBodyInspectionEnabled bool
    (Updatable) Enables/disables body inspection for this protection rule. Only Protection Rules in RequestProtection can have this option enabled. Response body inspection will be available at a later date.
    ProtectionCapabilitySettings AppFirewallPolicyRequestProtectionRuleProtectionCapabilitySettings
    (Updatable) Settings for protection capabilities
    ActionName string
    (Updatable) References action by name from actions defined in WebAppFirewallPolicy.
    Name string
    (Updatable) Rule name. Must be unique within the module.
    ProtectionCapabilities []AppFirewallPolicyRequestProtectionRuleProtectionCapability
    (Updatable) An ordered list that references OCI-managed protection capabilities. Referenced protection capabilities are not necessarily executed in order of appearance. Their execution order is decided at runtime for improved performance. The array cannot contain entries with the same pair of capability key and version more than once.
    Type string
    (Updatable) Type of WebAppFirewallPolicyRule.
    Condition string
    (Updatable) An expression that determines whether or not the rule action should be executed.
    ConditionLanguage string
    (Updatable) The language used to parse condition from field condition. Available languages:

    • JMESPATH an extended JMESPath language syntax.
    IsBodyInspectionEnabled bool
    (Updatable) Enables/disables body inspection for this protection rule. Only Protection Rules in RequestProtection can have this option enabled. Response body inspection will be available at a later date.
    ProtectionCapabilitySettings AppFirewallPolicyRequestProtectionRuleProtectionCapabilitySettings
    (Updatable) Settings for protection capabilities
    actionName String
    (Updatable) References action by name from actions defined in WebAppFirewallPolicy.
    name String
    (Updatable) Rule name. Must be unique within the module.
    protectionCapabilities List<AppFirewallPolicyRequestProtectionRuleProtectionCapability>
    (Updatable) An ordered list that references OCI-managed protection capabilities. Referenced protection capabilities are not necessarily executed in order of appearance. Their execution order is decided at runtime for improved performance. The array cannot contain entries with the same pair of capability key and version more than once.
    type String
    (Updatable) Type of WebAppFirewallPolicyRule.
    condition String
    (Updatable) An expression that determines whether or not the rule action should be executed.
    conditionLanguage String
    (Updatable) The language used to parse condition from field condition. Available languages:

    • JMESPATH an extended JMESPath language syntax.
    isBodyInspectionEnabled Boolean
    (Updatable) Enables/disables body inspection for this protection rule. Only Protection Rules in RequestProtection can have this option enabled. Response body inspection will be available at a later date.
    protectionCapabilitySettings AppFirewallPolicyRequestProtectionRuleProtectionCapabilitySettings
    (Updatable) Settings for protection capabilities
    actionName string
    (Updatable) References action by name from actions defined in WebAppFirewallPolicy.
    name string
    (Updatable) Rule name. Must be unique within the module.
    protectionCapabilities AppFirewallPolicyRequestProtectionRuleProtectionCapability[]
    (Updatable) An ordered list that references OCI-managed protection capabilities. Referenced protection capabilities are not necessarily executed in order of appearance. Their execution order is decided at runtime for improved performance. The array cannot contain entries with the same pair of capability key and version more than once.
    type string
    (Updatable) Type of WebAppFirewallPolicyRule.
    condition string
    (Updatable) An expression that determines whether or not the rule action should be executed.
    conditionLanguage string
    (Updatable) The language used to parse condition from field condition. Available languages:

    • JMESPATH an extended JMESPath language syntax.
    isBodyInspectionEnabled boolean
    (Updatable) Enables/disables body inspection for this protection rule. Only Protection Rules in RequestProtection can have this option enabled. Response body inspection will be available at a later date.
    protectionCapabilitySettings AppFirewallPolicyRequestProtectionRuleProtectionCapabilitySettings
    (Updatable) Settings for protection capabilities
    action_name str
    (Updatable) References action by name from actions defined in WebAppFirewallPolicy.
    name str
    (Updatable) Rule name. Must be unique within the module.
    protection_capabilities Sequence[waf.AppFirewallPolicyRequestProtectionRuleProtectionCapability]
    (Updatable) An ordered list that references OCI-managed protection capabilities. Referenced protection capabilities are not necessarily executed in order of appearance. Their execution order is decided at runtime for improved performance. The array cannot contain entries with the same pair of capability key and version more than once.
    type str
    (Updatable) Type of WebAppFirewallPolicyRule.
    condition str
    (Updatable) An expression that determines whether or not the rule action should be executed.
    condition_language str
    (Updatable) The language used to parse condition from field condition. Available languages:

    • JMESPATH an extended JMESPath language syntax.
    is_body_inspection_enabled bool
    (Updatable) Enables/disables body inspection for this protection rule. Only Protection Rules in RequestProtection can have this option enabled. Response body inspection will be available at a later date.
    protection_capability_settings waf.AppFirewallPolicyRequestProtectionRuleProtectionCapabilitySettings
    (Updatable) Settings for protection capabilities
    actionName String
    (Updatable) References action by name from actions defined in WebAppFirewallPolicy.
    name String
    (Updatable) Rule name. Must be unique within the module.
    protectionCapabilities List<Property Map>
    (Updatable) An ordered list that references OCI-managed protection capabilities. Referenced protection capabilities are not necessarily executed in order of appearance. Their execution order is decided at runtime for improved performance. The array cannot contain entries with the same pair of capability key and version more than once.
    type String
    (Updatable) Type of WebAppFirewallPolicyRule.
    condition String
    (Updatable) An expression that determines whether or not the rule action should be executed.
    conditionLanguage String
    (Updatable) The language used to parse condition from field condition. Available languages:

    • JMESPATH an extended JMESPath language syntax.
    isBodyInspectionEnabled Boolean
    (Updatable) Enables/disables body inspection for this protection rule. Only Protection Rules in RequestProtection can have this option enabled. Response body inspection will be available at a later date.
    protectionCapabilitySettings Property Map
    (Updatable) Settings for protection capabilities

    AppFirewallPolicyRequestProtectionRuleProtectionCapability, AppFirewallPolicyRequestProtectionRuleProtectionCapabilityArgs

    Key string
    (Updatable) Unique key of referenced protection capability.
    Version int
    (Updatable) Version of referenced protection capability.
    ActionName string
    (Updatable) Override action to take if capability was triggered, defined in Protection Rule for this capability. Only actions of type CHECK are allowed.
    CollaborativeActionThreshold int
    (Updatable) The minimum sum of weights of associated collaborative protection capabilities that have triggered which must be reached in order for this capability to trigger. This field is ignored for non-collaborative capabilities.
    CollaborativeWeights List<AppFirewallPolicyRequestProtectionRuleProtectionCapabilityCollaborativeWeight>
    (Updatable) Explicit weight values to use for associated collaborative protection capabilities.
    Exclusions AppFirewallPolicyRequestProtectionRuleProtectionCapabilityExclusions
    (Updatable) Identifies specific HTTP message parameters to exclude from inspection by a protection capability.
    Key string
    (Updatable) Unique key of referenced protection capability.
    Version int
    (Updatable) Version of referenced protection capability.
    ActionName string
    (Updatable) Override action to take if capability was triggered, defined in Protection Rule for this capability. Only actions of type CHECK are allowed.
    CollaborativeActionThreshold int
    (Updatable) The minimum sum of weights of associated collaborative protection capabilities that have triggered which must be reached in order for this capability to trigger. This field is ignored for non-collaborative capabilities.
    CollaborativeWeights []AppFirewallPolicyRequestProtectionRuleProtectionCapabilityCollaborativeWeight
    (Updatable) Explicit weight values to use for associated collaborative protection capabilities.
    Exclusions AppFirewallPolicyRequestProtectionRuleProtectionCapabilityExclusions
    (Updatable) Identifies specific HTTP message parameters to exclude from inspection by a protection capability.
    key String
    (Updatable) Unique key of referenced protection capability.
    version Integer
    (Updatable) Version of referenced protection capability.
    actionName String
    (Updatable) Override action to take if capability was triggered, defined in Protection Rule for this capability. Only actions of type CHECK are allowed.
    collaborativeActionThreshold Integer
    (Updatable) The minimum sum of weights of associated collaborative protection capabilities that have triggered which must be reached in order for this capability to trigger. This field is ignored for non-collaborative capabilities.
    collaborativeWeights List<AppFirewallPolicyRequestProtectionRuleProtectionCapabilityCollaborativeWeight>
    (Updatable) Explicit weight values to use for associated collaborative protection capabilities.
    exclusions AppFirewallPolicyRequestProtectionRuleProtectionCapabilityExclusions
    (Updatable) Identifies specific HTTP message parameters to exclude from inspection by a protection capability.
    key string
    (Updatable) Unique key of referenced protection capability.
    version number
    (Updatable) Version of referenced protection capability.
    actionName string
    (Updatable) Override action to take if capability was triggered, defined in Protection Rule for this capability. Only actions of type CHECK are allowed.
    collaborativeActionThreshold number
    (Updatable) The minimum sum of weights of associated collaborative protection capabilities that have triggered which must be reached in order for this capability to trigger. This field is ignored for non-collaborative capabilities.
    collaborativeWeights AppFirewallPolicyRequestProtectionRuleProtectionCapabilityCollaborativeWeight[]
    (Updatable) Explicit weight values to use for associated collaborative protection capabilities.
    exclusions AppFirewallPolicyRequestProtectionRuleProtectionCapabilityExclusions
    (Updatable) Identifies specific HTTP message parameters to exclude from inspection by a protection capability.
    key str
    (Updatable) Unique key of referenced protection capability.
    version int
    (Updatable) Version of referenced protection capability.
    action_name str
    (Updatable) Override action to take if capability was triggered, defined in Protection Rule for this capability. Only actions of type CHECK are allowed.
    collaborative_action_threshold int
    (Updatable) The minimum sum of weights of associated collaborative protection capabilities that have triggered which must be reached in order for this capability to trigger. This field is ignored for non-collaborative capabilities.
    collaborative_weights Sequence[waf.AppFirewallPolicyRequestProtectionRuleProtectionCapabilityCollaborativeWeight]
    (Updatable) Explicit weight values to use for associated collaborative protection capabilities.
    exclusions waf.AppFirewallPolicyRequestProtectionRuleProtectionCapabilityExclusions
    (Updatable) Identifies specific HTTP message parameters to exclude from inspection by a protection capability.
    key String
    (Updatable) Unique key of referenced protection capability.
    version Number
    (Updatable) Version of referenced protection capability.
    actionName String
    (Updatable) Override action to take if capability was triggered, defined in Protection Rule for this capability. Only actions of type CHECK are allowed.
    collaborativeActionThreshold Number
    (Updatable) The minimum sum of weights of associated collaborative protection capabilities that have triggered which must be reached in order for this capability to trigger. This field is ignored for non-collaborative capabilities.
    collaborativeWeights List<Property Map>
    (Updatable) Explicit weight values to use for associated collaborative protection capabilities.
    exclusions Property Map
    (Updatable) Identifies specific HTTP message parameters to exclude from inspection by a protection capability.

    AppFirewallPolicyRequestProtectionRuleProtectionCapabilityCollaborativeWeight, AppFirewallPolicyRequestProtectionRuleProtectionCapabilityCollaborativeWeightArgs

    Key string
    (Updatable) Unique key of collaborative capability for which weight will be overridden.
    Weight int
    (Updatable) The value of weight to set.
    Key string
    (Updatable) Unique key of collaborative capability for which weight will be overridden.
    Weight int
    (Updatable) The value of weight to set.
    key String
    (Updatable) Unique key of collaborative capability for which weight will be overridden.
    weight Integer
    (Updatable) The value of weight to set.
    key string
    (Updatable) Unique key of collaborative capability for which weight will be overridden.
    weight number
    (Updatable) The value of weight to set.
    key str
    (Updatable) Unique key of collaborative capability for which weight will be overridden.
    weight int
    (Updatable) The value of weight to set.
    key String
    (Updatable) Unique key of collaborative capability for which weight will be overridden.
    weight Number
    (Updatable) The value of weight to set.

    AppFirewallPolicyRequestProtectionRuleProtectionCapabilityExclusions, AppFirewallPolicyRequestProtectionRuleProtectionCapabilityExclusionsArgs

    Args List<string>
    (Updatable) List of URL query parameter values from form-urlencoded XML, JSON, AMP, or POST payloads to exclude from inspecting. Example: If we have query parameter 'argumentName=argumentValue' and args=['argumentName'], both 'argumentName' and 'argumentValue' will not be inspected.
    RequestCookies List<string>
    (Updatable) List of HTTP request cookie values (by cookie name) to exclude from inspecting. Example: If we have cookie 'cookieName=cookieValue' and requestCookies=['cookieName'], both 'cookieName' and 'cookieValue' will not be inspected.
    Args []string
    (Updatable) List of URL query parameter values from form-urlencoded XML, JSON, AMP, or POST payloads to exclude from inspecting. Example: If we have query parameter 'argumentName=argumentValue' and args=['argumentName'], both 'argumentName' and 'argumentValue' will not be inspected.
    RequestCookies []string
    (Updatable) List of HTTP request cookie values (by cookie name) to exclude from inspecting. Example: If we have cookie 'cookieName=cookieValue' and requestCookies=['cookieName'], both 'cookieName' and 'cookieValue' will not be inspected.
    args List<String>
    (Updatable) List of URL query parameter values from form-urlencoded XML, JSON, AMP, or POST payloads to exclude from inspecting. Example: If we have query parameter 'argumentName=argumentValue' and args=['argumentName'], both 'argumentName' and 'argumentValue' will not be inspected.
    requestCookies List<String>
    (Updatable) List of HTTP request cookie values (by cookie name) to exclude from inspecting. Example: If we have cookie 'cookieName=cookieValue' and requestCookies=['cookieName'], both 'cookieName' and 'cookieValue' will not be inspected.
    args string[]
    (Updatable) List of URL query parameter values from form-urlencoded XML, JSON, AMP, or POST payloads to exclude from inspecting. Example: If we have query parameter 'argumentName=argumentValue' and args=['argumentName'], both 'argumentName' and 'argumentValue' will not be inspected.
    requestCookies string[]
    (Updatable) List of HTTP request cookie values (by cookie name) to exclude from inspecting. Example: If we have cookie 'cookieName=cookieValue' and requestCookies=['cookieName'], both 'cookieName' and 'cookieValue' will not be inspected.
    args Sequence[str]
    (Updatable) List of URL query parameter values from form-urlencoded XML, JSON, AMP, or POST payloads to exclude from inspecting. Example: If we have query parameter 'argumentName=argumentValue' and args=['argumentName'], both 'argumentName' and 'argumentValue' will not be inspected.
    request_cookies Sequence[str]
    (Updatable) List of HTTP request cookie values (by cookie name) to exclude from inspecting. Example: If we have cookie 'cookieName=cookieValue' and requestCookies=['cookieName'], both 'cookieName' and 'cookieValue' will not be inspected.
    args List<String>
    (Updatable) List of URL query parameter values from form-urlencoded XML, JSON, AMP, or POST payloads to exclude from inspecting. Example: If we have query parameter 'argumentName=argumentValue' and args=['argumentName'], both 'argumentName' and 'argumentValue' will not be inspected.
    requestCookies List<String>
    (Updatable) List of HTTP request cookie values (by cookie name) to exclude from inspecting. Example: If we have cookie 'cookieName=cookieValue' and requestCookies=['cookieName'], both 'cookieName' and 'cookieValue' will not be inspected.

    AppFirewallPolicyRequestProtectionRuleProtectionCapabilitySettings, AppFirewallPolicyRequestProtectionRuleProtectionCapabilitySettingsArgs

    AllowedHttpMethods List<string>
    (Updatable) List of allowed HTTP methods. Each value as a RFC7230 formated token string. Used in protection capability 911100: Restrict HTTP Request Methods.
    MaxHttpRequestHeaderLength int
    (Updatable) Maximum allowed length of headers in an HTTP request. Used in protection capability: 9200024: Limit length of request header size.
    MaxHttpRequestHeaders int
    (Updatable) Maximum number of headers allowed in an HTTP request. Used in protection capability 9200014: Limit Number of Request Headers.
    MaxNumberOfArguments int
    (Updatable) Maximum number of arguments allowed. Used in protection capability 920380: Number of Arguments Limits.
    MaxSingleArgumentLength int
    (Updatable) Maximum allowed length of a single argument. Used in protection capability 920370: Limit argument value length.
    MaxTotalArgumentLength int
    (Updatable) Maximum allowed total length of all arguments. Used in protection capability 920390: Limit arguments total length.
    AllowedHttpMethods []string
    (Updatable) List of allowed HTTP methods. Each value as a RFC7230 formated token string. Used in protection capability 911100: Restrict HTTP Request Methods.
    MaxHttpRequestHeaderLength int
    (Updatable) Maximum allowed length of headers in an HTTP request. Used in protection capability: 9200024: Limit length of request header size.
    MaxHttpRequestHeaders int
    (Updatable) Maximum number of headers allowed in an HTTP request. Used in protection capability 9200014: Limit Number of Request Headers.
    MaxNumberOfArguments int
    (Updatable) Maximum number of arguments allowed. Used in protection capability 920380: Number of Arguments Limits.
    MaxSingleArgumentLength int
    (Updatable) Maximum allowed length of a single argument. Used in protection capability 920370: Limit argument value length.
    MaxTotalArgumentLength int
    (Updatable) Maximum allowed total length of all arguments. Used in protection capability 920390: Limit arguments total length.
    allowedHttpMethods List<String>
    (Updatable) List of allowed HTTP methods. Each value as a RFC7230 formated token string. Used in protection capability 911100: Restrict HTTP Request Methods.
    maxHttpRequestHeaderLength Integer
    (Updatable) Maximum allowed length of headers in an HTTP request. Used in protection capability: 9200024: Limit length of request header size.
    maxHttpRequestHeaders Integer
    (Updatable) Maximum number of headers allowed in an HTTP request. Used in protection capability 9200014: Limit Number of Request Headers.
    maxNumberOfArguments Integer
    (Updatable) Maximum number of arguments allowed. Used in protection capability 920380: Number of Arguments Limits.
    maxSingleArgumentLength Integer
    (Updatable) Maximum allowed length of a single argument. Used in protection capability 920370: Limit argument value length.
    maxTotalArgumentLength Integer
    (Updatable) Maximum allowed total length of all arguments. Used in protection capability 920390: Limit arguments total length.
    allowedHttpMethods string[]
    (Updatable) List of allowed HTTP methods. Each value as a RFC7230 formated token string. Used in protection capability 911100: Restrict HTTP Request Methods.
    maxHttpRequestHeaderLength number
    (Updatable) Maximum allowed length of headers in an HTTP request. Used in protection capability: 9200024: Limit length of request header size.
    maxHttpRequestHeaders number
    (Updatable) Maximum number of headers allowed in an HTTP request. Used in protection capability 9200014: Limit Number of Request Headers.
    maxNumberOfArguments number
    (Updatable) Maximum number of arguments allowed. Used in protection capability 920380: Number of Arguments Limits.
    maxSingleArgumentLength number
    (Updatable) Maximum allowed length of a single argument. Used in protection capability 920370: Limit argument value length.
    maxTotalArgumentLength number
    (Updatable) Maximum allowed total length of all arguments. Used in protection capability 920390: Limit arguments total length.
    allowed_http_methods Sequence[str]
    (Updatable) List of allowed HTTP methods. Each value as a RFC7230 formated token string. Used in protection capability 911100: Restrict HTTP Request Methods.
    max_http_request_header_length int
    (Updatable) Maximum allowed length of headers in an HTTP request. Used in protection capability: 9200024: Limit length of request header size.
    max_http_request_headers int
    (Updatable) Maximum number of headers allowed in an HTTP request. Used in protection capability 9200014: Limit Number of Request Headers.
    max_number_of_arguments int
    (Updatable) Maximum number of arguments allowed. Used in protection capability 920380: Number of Arguments Limits.
    max_single_argument_length int
    (Updatable) Maximum allowed length of a single argument. Used in protection capability 920370: Limit argument value length.
    max_total_argument_length int
    (Updatable) Maximum allowed total length of all arguments. Used in protection capability 920390: Limit arguments total length.
    allowedHttpMethods List<String>
    (Updatable) List of allowed HTTP methods. Each value as a RFC7230 formated token string. Used in protection capability 911100: Restrict HTTP Request Methods.
    maxHttpRequestHeaderLength Number
    (Updatable) Maximum allowed length of headers in an HTTP request. Used in protection capability: 9200024: Limit length of request header size.
    maxHttpRequestHeaders Number
    (Updatable) Maximum number of headers allowed in an HTTP request. Used in protection capability 9200014: Limit Number of Request Headers.
    maxNumberOfArguments Number
    (Updatable) Maximum number of arguments allowed. Used in protection capability 920380: Number of Arguments Limits.
    maxSingleArgumentLength Number
    (Updatable) Maximum allowed length of a single argument. Used in protection capability 920370: Limit argument value length.
    maxTotalArgumentLength Number
    (Updatable) Maximum allowed total length of all arguments. Used in protection capability 920390: Limit arguments total length.

    AppFirewallPolicyRequestRateLimiting, AppFirewallPolicyRequestRateLimitingArgs

    Rules List<AppFirewallPolicyRequestRateLimitingRule>
    (Updatable) Ordered list of RequestRateLimitingRules. Rules are executed in order of appearance in this array.
    Rules []AppFirewallPolicyRequestRateLimitingRule
    (Updatable) Ordered list of RequestRateLimitingRules. Rules are executed in order of appearance in this array.
    rules List<AppFirewallPolicyRequestRateLimitingRule>
    (Updatable) Ordered list of RequestRateLimitingRules. Rules are executed in order of appearance in this array.
    rules AppFirewallPolicyRequestRateLimitingRule[]
    (Updatable) Ordered list of RequestRateLimitingRules. Rules are executed in order of appearance in this array.
    rules Sequence[waf.AppFirewallPolicyRequestRateLimitingRule]
    (Updatable) Ordered list of RequestRateLimitingRules. Rules are executed in order of appearance in this array.
    rules List<Property Map>
    (Updatable) Ordered list of RequestRateLimitingRules. Rules are executed in order of appearance in this array.

    AppFirewallPolicyRequestRateLimitingRule, AppFirewallPolicyRequestRateLimitingRuleArgs

    ActionName string
    (Updatable) References action by name from actions defined in WebAppFirewallPolicy.
    Configurations List<AppFirewallPolicyRequestRateLimitingRuleConfiguration>
    (Updatable) Rate Limiting Configurations. Each configuration counts requests towards its own requestsLimit.
    Name string
    (Updatable) Rule name. Must be unique within the module.
    Type string
    (Updatable) Type of WebAppFirewallPolicyRule.
    Condition string
    (Updatable) An expression that determines whether or not the rule action should be executed.
    ConditionLanguage string
    (Updatable) The language used to parse condition from field condition. Available languages:

    • JMESPATH an extended JMESPath language syntax.
    ActionName string
    (Updatable) References action by name from actions defined in WebAppFirewallPolicy.
    Configurations []AppFirewallPolicyRequestRateLimitingRuleConfiguration
    (Updatable) Rate Limiting Configurations. Each configuration counts requests towards its own requestsLimit.
    Name string
    (Updatable) Rule name. Must be unique within the module.
    Type string
    (Updatable) Type of WebAppFirewallPolicyRule.
    Condition string
    (Updatable) An expression that determines whether or not the rule action should be executed.
    ConditionLanguage string
    (Updatable) The language used to parse condition from field condition. Available languages:

    • JMESPATH an extended JMESPath language syntax.
    actionName String
    (Updatable) References action by name from actions defined in WebAppFirewallPolicy.
    configurations List<AppFirewallPolicyRequestRateLimitingRuleConfiguration>
    (Updatable) Rate Limiting Configurations. Each configuration counts requests towards its own requestsLimit.
    name String
    (Updatable) Rule name. Must be unique within the module.
    type String
    (Updatable) Type of WebAppFirewallPolicyRule.
    condition String
    (Updatable) An expression that determines whether or not the rule action should be executed.
    conditionLanguage String
    (Updatable) The language used to parse condition from field condition. Available languages:

    • JMESPATH an extended JMESPath language syntax.
    actionName string
    (Updatable) References action by name from actions defined in WebAppFirewallPolicy.
    configurations AppFirewallPolicyRequestRateLimitingRuleConfiguration[]
    (Updatable) Rate Limiting Configurations. Each configuration counts requests towards its own requestsLimit.
    name string
    (Updatable) Rule name. Must be unique within the module.
    type string
    (Updatable) Type of WebAppFirewallPolicyRule.
    condition string
    (Updatable) An expression that determines whether or not the rule action should be executed.
    conditionLanguage string
    (Updatable) The language used to parse condition from field condition. Available languages:

    • JMESPATH an extended JMESPath language syntax.
    action_name str
    (Updatable) References action by name from actions defined in WebAppFirewallPolicy.
    configurations Sequence[waf.AppFirewallPolicyRequestRateLimitingRuleConfiguration]
    (Updatable) Rate Limiting Configurations. Each configuration counts requests towards its own requestsLimit.
    name str
    (Updatable) Rule name. Must be unique within the module.
    type str
    (Updatable) Type of WebAppFirewallPolicyRule.
    condition str
    (Updatable) An expression that determines whether or not the rule action should be executed.
    condition_language str
    (Updatable) The language used to parse condition from field condition. Available languages:

    • JMESPATH an extended JMESPath language syntax.
    actionName String
    (Updatable) References action by name from actions defined in WebAppFirewallPolicy.
    configurations List<Property Map>
    (Updatable) Rate Limiting Configurations. Each configuration counts requests towards its own requestsLimit.
    name String
    (Updatable) Rule name. Must be unique within the module.
    type String
    (Updatable) Type of WebAppFirewallPolicyRule.
    condition String
    (Updatable) An expression that determines whether or not the rule action should be executed.
    conditionLanguage String
    (Updatable) The language used to parse condition from field condition. Available languages:

    • JMESPATH an extended JMESPath language syntax.

    AppFirewallPolicyRequestRateLimitingRuleConfiguration, AppFirewallPolicyRequestRateLimitingRuleConfigurationArgs

    PeriodInSeconds int
    (Updatable) Evaluation period in seconds.
    RequestsLimit int
    (Updatable) Requests allowed per evaluation period.
    ActionDurationInSeconds int
    (Updatable) Duration of block action application in seconds when requestsLimit is reached. Optional and can be 0 (no block duration).
    PeriodInSeconds int
    (Updatable) Evaluation period in seconds.
    RequestsLimit int
    (Updatable) Requests allowed per evaluation period.
    ActionDurationInSeconds int
    (Updatable) Duration of block action application in seconds when requestsLimit is reached. Optional and can be 0 (no block duration).
    periodInSeconds Integer
    (Updatable) Evaluation period in seconds.
    requestsLimit Integer
    (Updatable) Requests allowed per evaluation period.
    actionDurationInSeconds Integer
    (Updatable) Duration of block action application in seconds when requestsLimit is reached. Optional and can be 0 (no block duration).
    periodInSeconds number
    (Updatable) Evaluation period in seconds.
    requestsLimit number
    (Updatable) Requests allowed per evaluation period.
    actionDurationInSeconds number
    (Updatable) Duration of block action application in seconds when requestsLimit is reached. Optional and can be 0 (no block duration).
    period_in_seconds int
    (Updatable) Evaluation period in seconds.
    requests_limit int
    (Updatable) Requests allowed per evaluation period.
    action_duration_in_seconds int
    (Updatable) Duration of block action application in seconds when requestsLimit is reached. Optional and can be 0 (no block duration).
    periodInSeconds Number
    (Updatable) Evaluation period in seconds.
    requestsLimit Number
    (Updatable) Requests allowed per evaluation period.
    actionDurationInSeconds Number
    (Updatable) Duration of block action application in seconds when requestsLimit is reached. Optional and can be 0 (no block duration).

    AppFirewallPolicyResponseAccessControl, AppFirewallPolicyResponseAccessControlArgs

    Rules List<AppFirewallPolicyResponseAccessControlRule>
    (Updatable) Ordered list of AccessControlRules. Rules are executed in order of appearance in this array.
    Rules []AppFirewallPolicyResponseAccessControlRule
    (Updatable) Ordered list of AccessControlRules. Rules are executed in order of appearance in this array.
    rules List<AppFirewallPolicyResponseAccessControlRule>
    (Updatable) Ordered list of AccessControlRules. Rules are executed in order of appearance in this array.
    rules AppFirewallPolicyResponseAccessControlRule[]
    (Updatable) Ordered list of AccessControlRules. Rules are executed in order of appearance in this array.
    rules Sequence[waf.AppFirewallPolicyResponseAccessControlRule]
    (Updatable) Ordered list of AccessControlRules. Rules are executed in order of appearance in this array.
    rules List<Property Map>
    (Updatable) Ordered list of AccessControlRules. Rules are executed in order of appearance in this array.

    AppFirewallPolicyResponseAccessControlRule, AppFirewallPolicyResponseAccessControlRuleArgs

    ActionName string
    (Updatable) References action by name from actions defined in WebAppFirewallPolicy.
    Name string
    (Updatable) Rule name. Must be unique within the module.
    Type string
    (Updatable) Type of WebAppFirewallPolicyRule.
    Condition string
    (Updatable) An expression that determines whether or not the rule action should be executed.
    ConditionLanguage string
    (Updatable) The language used to parse condition from field condition. Available languages:

    • JMESPATH an extended JMESPath language syntax.
    ActionName string
    (Updatable) References action by name from actions defined in WebAppFirewallPolicy.
    Name string
    (Updatable) Rule name. Must be unique within the module.
    Type string
    (Updatable) Type of WebAppFirewallPolicyRule.
    Condition string
    (Updatable) An expression that determines whether or not the rule action should be executed.
    ConditionLanguage string
    (Updatable) The language used to parse condition from field condition. Available languages:

    • JMESPATH an extended JMESPath language syntax.
    actionName String
    (Updatable) References action by name from actions defined in WebAppFirewallPolicy.
    name String
    (Updatable) Rule name. Must be unique within the module.
    type String
    (Updatable) Type of WebAppFirewallPolicyRule.
    condition String
    (Updatable) An expression that determines whether or not the rule action should be executed.
    conditionLanguage String
    (Updatable) The language used to parse condition from field condition. Available languages:

    • JMESPATH an extended JMESPath language syntax.
    actionName string
    (Updatable) References action by name from actions defined in WebAppFirewallPolicy.
    name string
    (Updatable) Rule name. Must be unique within the module.
    type string
    (Updatable) Type of WebAppFirewallPolicyRule.
    condition string
    (Updatable) An expression that determines whether or not the rule action should be executed.
    conditionLanguage string
    (Updatable) The language used to parse condition from field condition. Available languages:

    • JMESPATH an extended JMESPath language syntax.
    action_name str
    (Updatable) References action by name from actions defined in WebAppFirewallPolicy.
    name str
    (Updatable) Rule name. Must be unique within the module.
    type str
    (Updatable) Type of WebAppFirewallPolicyRule.
    condition str
    (Updatable) An expression that determines whether or not the rule action should be executed.
    condition_language str
    (Updatable) The language used to parse condition from field condition. Available languages:

    • JMESPATH an extended JMESPath language syntax.
    actionName String
    (Updatable) References action by name from actions defined in WebAppFirewallPolicy.
    name String
    (Updatable) Rule name. Must be unique within the module.
    type String
    (Updatable) Type of WebAppFirewallPolicyRule.
    condition String
    (Updatable) An expression that determines whether or not the rule action should be executed.
    conditionLanguage String
    (Updatable) The language used to parse condition from field condition. Available languages:

    • JMESPATH an extended JMESPath language syntax.

    AppFirewallPolicyResponseProtection, AppFirewallPolicyResponseProtectionArgs

    Rules List<AppFirewallPolicyResponseProtectionRule>
    (Updatable) Ordered list of ProtectionRules. Rules are executed in order of appearance in this array. ProtectionRules in this array can only use protection capabilities of RESPONSE_PROTECTION_CAPABILITY type.
    Rules []AppFirewallPolicyResponseProtectionRule
    (Updatable) Ordered list of ProtectionRules. Rules are executed in order of appearance in this array. ProtectionRules in this array can only use protection capabilities of RESPONSE_PROTECTION_CAPABILITY type.
    rules List<AppFirewallPolicyResponseProtectionRule>
    (Updatable) Ordered list of ProtectionRules. Rules are executed in order of appearance in this array. ProtectionRules in this array can only use protection capabilities of RESPONSE_PROTECTION_CAPABILITY type.
    rules AppFirewallPolicyResponseProtectionRule[]
    (Updatable) Ordered list of ProtectionRules. Rules are executed in order of appearance in this array. ProtectionRules in this array can only use protection capabilities of RESPONSE_PROTECTION_CAPABILITY type.
    rules Sequence[waf.AppFirewallPolicyResponseProtectionRule]
    (Updatable) Ordered list of ProtectionRules. Rules are executed in order of appearance in this array. ProtectionRules in this array can only use protection capabilities of RESPONSE_PROTECTION_CAPABILITY type.
    rules List<Property Map>
    (Updatable) Ordered list of ProtectionRules. Rules are executed in order of appearance in this array. ProtectionRules in this array can only use protection capabilities of RESPONSE_PROTECTION_CAPABILITY type.

    AppFirewallPolicyResponseProtectionRule, AppFirewallPolicyResponseProtectionRuleArgs

    ActionName string
    (Updatable) References action by name from actions defined in WebAppFirewallPolicy.
    Name string
    (Updatable) Rule name. Must be unique within the module.
    ProtectionCapabilities List<AppFirewallPolicyResponseProtectionRuleProtectionCapability>
    (Updatable) An ordered list that references OCI-managed protection capabilities. Referenced protection capabilities are not necessarily executed in order of appearance. Their execution order is decided at runtime for improved performance. The array cannot contain entries with the same pair of capability key and version more than once.
    Type string
    (Updatable) Type of WebAppFirewallPolicyRule.
    Condition string
    (Updatable) An expression that determines whether or not the rule action should be executed.
    ConditionLanguage string
    (Updatable) The language used to parse condition from field condition. Available languages:

    • JMESPATH an extended JMESPath language syntax.
    IsBodyInspectionEnabled bool
    (Updatable) Enables/disables body inspection for this protection rule. Only Protection Rules in RequestProtection can have this option enabled. Response body inspection will be available at a later date.
    ProtectionCapabilitySettings AppFirewallPolicyResponseProtectionRuleProtectionCapabilitySettings
    (Updatable) Settings for protection capabilities
    ActionName string
    (Updatable) References action by name from actions defined in WebAppFirewallPolicy.
    Name string
    (Updatable) Rule name. Must be unique within the module.
    ProtectionCapabilities []AppFirewallPolicyResponseProtectionRuleProtectionCapability
    (Updatable) An ordered list that references OCI-managed protection capabilities. Referenced protection capabilities are not necessarily executed in order of appearance. Their execution order is decided at runtime for improved performance. The array cannot contain entries with the same pair of capability key and version more than once.
    Type string
    (Updatable) Type of WebAppFirewallPolicyRule.
    Condition string
    (Updatable) An expression that determines whether or not the rule action should be executed.
    ConditionLanguage string
    (Updatable) The language used to parse condition from field condition. Available languages:

    • JMESPATH an extended JMESPath language syntax.
    IsBodyInspectionEnabled bool
    (Updatable) Enables/disables body inspection for this protection rule. Only Protection Rules in RequestProtection can have this option enabled. Response body inspection will be available at a later date.
    ProtectionCapabilitySettings AppFirewallPolicyResponseProtectionRuleProtectionCapabilitySettings
    (Updatable) Settings for protection capabilities
    actionName String
    (Updatable) References action by name from actions defined in WebAppFirewallPolicy.
    name String
    (Updatable) Rule name. Must be unique within the module.
    protectionCapabilities List<AppFirewallPolicyResponseProtectionRuleProtectionCapability>
    (Updatable) An ordered list that references OCI-managed protection capabilities. Referenced protection capabilities are not necessarily executed in order of appearance. Their execution order is decided at runtime for improved performance. The array cannot contain entries with the same pair of capability key and version more than once.
    type String
    (Updatable) Type of WebAppFirewallPolicyRule.
    condition String
    (Updatable) An expression that determines whether or not the rule action should be executed.
    conditionLanguage String
    (Updatable) The language used to parse condition from field condition. Available languages:

    • JMESPATH an extended JMESPath language syntax.
    isBodyInspectionEnabled Boolean
    (Updatable) Enables/disables body inspection for this protection rule. Only Protection Rules in RequestProtection can have this option enabled. Response body inspection will be available at a later date.
    protectionCapabilitySettings AppFirewallPolicyResponseProtectionRuleProtectionCapabilitySettings
    (Updatable) Settings for protection capabilities
    actionName string
    (Updatable) References action by name from actions defined in WebAppFirewallPolicy.
    name string
    (Updatable) Rule name. Must be unique within the module.
    protectionCapabilities AppFirewallPolicyResponseProtectionRuleProtectionCapability[]
    (Updatable) An ordered list that references OCI-managed protection capabilities. Referenced protection capabilities are not necessarily executed in order of appearance. Their execution order is decided at runtime for improved performance. The array cannot contain entries with the same pair of capability key and version more than once.
    type string
    (Updatable) Type of WebAppFirewallPolicyRule.
    condition string
    (Updatable) An expression that determines whether or not the rule action should be executed.
    conditionLanguage string
    (Updatable) The language used to parse condition from field condition. Available languages:

    • JMESPATH an extended JMESPath language syntax.
    isBodyInspectionEnabled boolean
    (Updatable) Enables/disables body inspection for this protection rule. Only Protection Rules in RequestProtection can have this option enabled. Response body inspection will be available at a later date.
    protectionCapabilitySettings AppFirewallPolicyResponseProtectionRuleProtectionCapabilitySettings
    (Updatable) Settings for protection capabilities
    action_name str
    (Updatable) References action by name from actions defined in WebAppFirewallPolicy.
    name str
    (Updatable) Rule name. Must be unique within the module.
    protection_capabilities Sequence[waf.AppFirewallPolicyResponseProtectionRuleProtectionCapability]
    (Updatable) An ordered list that references OCI-managed protection capabilities. Referenced protection capabilities are not necessarily executed in order of appearance. Their execution order is decided at runtime for improved performance. The array cannot contain entries with the same pair of capability key and version more than once.
    type str
    (Updatable) Type of WebAppFirewallPolicyRule.
    condition str
    (Updatable) An expression that determines whether or not the rule action should be executed.
    condition_language str
    (Updatable) The language used to parse condition from field condition. Available languages:

    • JMESPATH an extended JMESPath language syntax.
    is_body_inspection_enabled bool
    (Updatable) Enables/disables body inspection for this protection rule. Only Protection Rules in RequestProtection can have this option enabled. Response body inspection will be available at a later date.
    protection_capability_settings waf.AppFirewallPolicyResponseProtectionRuleProtectionCapabilitySettings
    (Updatable) Settings for protection capabilities
    actionName String
    (Updatable) References action by name from actions defined in WebAppFirewallPolicy.
    name String
    (Updatable) Rule name. Must be unique within the module.
    protectionCapabilities List<Property Map>
    (Updatable) An ordered list that references OCI-managed protection capabilities. Referenced protection capabilities are not necessarily executed in order of appearance. Their execution order is decided at runtime for improved performance. The array cannot contain entries with the same pair of capability key and version more than once.
    type String
    (Updatable) Type of WebAppFirewallPolicyRule.
    condition String
    (Updatable) An expression that determines whether or not the rule action should be executed.
    conditionLanguage String
    (Updatable) The language used to parse condition from field condition. Available languages:

    • JMESPATH an extended JMESPath language syntax.
    isBodyInspectionEnabled Boolean
    (Updatable) Enables/disables body inspection for this protection rule. Only Protection Rules in RequestProtection can have this option enabled. Response body inspection will be available at a later date.
    protectionCapabilitySettings Property Map
    (Updatable) Settings for protection capabilities

    AppFirewallPolicyResponseProtectionRuleProtectionCapability, AppFirewallPolicyResponseProtectionRuleProtectionCapabilityArgs

    Key string
    (Updatable) Unique key of referenced protection capability.
    Version int
    (Updatable) Version of referenced protection capability.
    ActionName string
    (Updatable) Override action to take if capability was triggered, defined in Protection Rule for this capability. Only actions of type CHECK are allowed.
    CollaborativeActionThreshold int
    (Updatable) The minimum sum of weights of associated collaborative protection capabilities that have triggered which must be reached in order for this capability to trigger. This field is ignored for non-collaborative capabilities.
    CollaborativeWeights List<AppFirewallPolicyResponseProtectionRuleProtectionCapabilityCollaborativeWeight>
    (Updatable) Explicit weight values to use for associated collaborative protection capabilities.
    Exclusions AppFirewallPolicyResponseProtectionRuleProtectionCapabilityExclusions
    (Updatable) Identifies specific HTTP message parameters to exclude from inspection by a protection capability.
    Key string
    (Updatable) Unique key of referenced protection capability.
    Version int
    (Updatable) Version of referenced protection capability.
    ActionName string
    (Updatable) Override action to take if capability was triggered, defined in Protection Rule for this capability. Only actions of type CHECK are allowed.
    CollaborativeActionThreshold int
    (Updatable) The minimum sum of weights of associated collaborative protection capabilities that have triggered which must be reached in order for this capability to trigger. This field is ignored for non-collaborative capabilities.
    CollaborativeWeights []AppFirewallPolicyResponseProtectionRuleProtectionCapabilityCollaborativeWeight
    (Updatable) Explicit weight values to use for associated collaborative protection capabilities.
    Exclusions AppFirewallPolicyResponseProtectionRuleProtectionCapabilityExclusions
    (Updatable) Identifies specific HTTP message parameters to exclude from inspection by a protection capability.
    key String
    (Updatable) Unique key of referenced protection capability.
    version Integer
    (Updatable) Version of referenced protection capability.
    actionName String
    (Updatable) Override action to take if capability was triggered, defined in Protection Rule for this capability. Only actions of type CHECK are allowed.
    collaborativeActionThreshold Integer
    (Updatable) The minimum sum of weights of associated collaborative protection capabilities that have triggered which must be reached in order for this capability to trigger. This field is ignored for non-collaborative capabilities.
    collaborativeWeights List<AppFirewallPolicyResponseProtectionRuleProtectionCapabilityCollaborativeWeight>
    (Updatable) Explicit weight values to use for associated collaborative protection capabilities.
    exclusions AppFirewallPolicyResponseProtectionRuleProtectionCapabilityExclusions
    (Updatable) Identifies specific HTTP message parameters to exclude from inspection by a protection capability.
    key string
    (Updatable) Unique key of referenced protection capability.
    version number
    (Updatable) Version of referenced protection capability.
    actionName string
    (Updatable) Override action to take if capability was triggered, defined in Protection Rule for this capability. Only actions of type CHECK are allowed.
    collaborativeActionThreshold number
    (Updatable) The minimum sum of weights of associated collaborative protection capabilities that have triggered which must be reached in order for this capability to trigger. This field is ignored for non-collaborative capabilities.
    collaborativeWeights AppFirewallPolicyResponseProtectionRuleProtectionCapabilityCollaborativeWeight[]
    (Updatable) Explicit weight values to use for associated collaborative protection capabilities.
    exclusions AppFirewallPolicyResponseProtectionRuleProtectionCapabilityExclusions
    (Updatable) Identifies specific HTTP message parameters to exclude from inspection by a protection capability.
    key str
    (Updatable) Unique key of referenced protection capability.
    version int
    (Updatable) Version of referenced protection capability.
    action_name str
    (Updatable) Override action to take if capability was triggered, defined in Protection Rule for this capability. Only actions of type CHECK are allowed.
    collaborative_action_threshold int
    (Updatable) The minimum sum of weights of associated collaborative protection capabilities that have triggered which must be reached in order for this capability to trigger. This field is ignored for non-collaborative capabilities.
    collaborative_weights Sequence[waf.AppFirewallPolicyResponseProtectionRuleProtectionCapabilityCollaborativeWeight]
    (Updatable) Explicit weight values to use for associated collaborative protection capabilities.
    exclusions waf.AppFirewallPolicyResponseProtectionRuleProtectionCapabilityExclusions
    (Updatable) Identifies specific HTTP message parameters to exclude from inspection by a protection capability.
    key String
    (Updatable) Unique key of referenced protection capability.
    version Number
    (Updatable) Version of referenced protection capability.
    actionName String
    (Updatable) Override action to take if capability was triggered, defined in Protection Rule for this capability. Only actions of type CHECK are allowed.
    collaborativeActionThreshold Number
    (Updatable) The minimum sum of weights of associated collaborative protection capabilities that have triggered which must be reached in order for this capability to trigger. This field is ignored for non-collaborative capabilities.
    collaborativeWeights List<Property Map>
    (Updatable) Explicit weight values to use for associated collaborative protection capabilities.
    exclusions Property Map
    (Updatable) Identifies specific HTTP message parameters to exclude from inspection by a protection capability.

    AppFirewallPolicyResponseProtectionRuleProtectionCapabilityCollaborativeWeight, AppFirewallPolicyResponseProtectionRuleProtectionCapabilityCollaborativeWeightArgs

    Key string
    (Updatable) Unique key of collaborative capability for which weight will be overridden.
    Weight int
    (Updatable) The value of weight to set.
    Key string
    (Updatable) Unique key of collaborative capability for which weight will be overridden.
    Weight int
    (Updatable) The value of weight to set.
    key String
    (Updatable) Unique key of collaborative capability for which weight will be overridden.
    weight Integer
    (Updatable) The value of weight to set.
    key string
    (Updatable) Unique key of collaborative capability for which weight will be overridden.
    weight number
    (Updatable) The value of weight to set.
    key str
    (Updatable) Unique key of collaborative capability for which weight will be overridden.
    weight int
    (Updatable) The value of weight to set.
    key String
    (Updatable) Unique key of collaborative capability for which weight will be overridden.
    weight Number
    (Updatable) The value of weight to set.

    AppFirewallPolicyResponseProtectionRuleProtectionCapabilityExclusions, AppFirewallPolicyResponseProtectionRuleProtectionCapabilityExclusionsArgs

    Args List<string>
    (Updatable) List of URL query parameter values from form-urlencoded XML, JSON, AMP, or POST payloads to exclude from inspecting. Example: If we have query parameter 'argumentName=argumentValue' and args=['argumentName'], both 'argumentName' and 'argumentValue' will not be inspected.
    RequestCookies List<string>
    (Updatable) List of HTTP request cookie values (by cookie name) to exclude from inspecting. Example: If we have cookie 'cookieName=cookieValue' and requestCookies=['cookieName'], both 'cookieName' and 'cookieValue' will not be inspected.
    Args []string
    (Updatable) List of URL query parameter values from form-urlencoded XML, JSON, AMP, or POST payloads to exclude from inspecting. Example: If we have query parameter 'argumentName=argumentValue' and args=['argumentName'], both 'argumentName' and 'argumentValue' will not be inspected.
    RequestCookies []string
    (Updatable) List of HTTP request cookie values (by cookie name) to exclude from inspecting. Example: If we have cookie 'cookieName=cookieValue' and requestCookies=['cookieName'], both 'cookieName' and 'cookieValue' will not be inspected.
    args List<String>
    (Updatable) List of URL query parameter values from form-urlencoded XML, JSON, AMP, or POST payloads to exclude from inspecting. Example: If we have query parameter 'argumentName=argumentValue' and args=['argumentName'], both 'argumentName' and 'argumentValue' will not be inspected.
    requestCookies List<String>
    (Updatable) List of HTTP request cookie values (by cookie name) to exclude from inspecting. Example: If we have cookie 'cookieName=cookieValue' and requestCookies=['cookieName'], both 'cookieName' and 'cookieValue' will not be inspected.
    args string[]
    (Updatable) List of URL query parameter values from form-urlencoded XML, JSON, AMP, or POST payloads to exclude from inspecting. Example: If we have query parameter 'argumentName=argumentValue' and args=['argumentName'], both 'argumentName' and 'argumentValue' will not be inspected.
    requestCookies string[]
    (Updatable) List of HTTP request cookie values (by cookie name) to exclude from inspecting. Example: If we have cookie 'cookieName=cookieValue' and requestCookies=['cookieName'], both 'cookieName' and 'cookieValue' will not be inspected.
    args Sequence[str]
    (Updatable) List of URL query parameter values from form-urlencoded XML, JSON, AMP, or POST payloads to exclude from inspecting. Example: If we have query parameter 'argumentName=argumentValue' and args=['argumentName'], both 'argumentName' and 'argumentValue' will not be inspected.
    request_cookies Sequence[str]
    (Updatable) List of HTTP request cookie values (by cookie name) to exclude from inspecting. Example: If we have cookie 'cookieName=cookieValue' and requestCookies=['cookieName'], both 'cookieName' and 'cookieValue' will not be inspected.
    args List<String>
    (Updatable) List of URL query parameter values from form-urlencoded XML, JSON, AMP, or POST payloads to exclude from inspecting. Example: If we have query parameter 'argumentName=argumentValue' and args=['argumentName'], both 'argumentName' and 'argumentValue' will not be inspected.
    requestCookies List<String>
    (Updatable) List of HTTP request cookie values (by cookie name) to exclude from inspecting. Example: If we have cookie 'cookieName=cookieValue' and requestCookies=['cookieName'], both 'cookieName' and 'cookieValue' will not be inspected.

    AppFirewallPolicyResponseProtectionRuleProtectionCapabilitySettings, AppFirewallPolicyResponseProtectionRuleProtectionCapabilitySettingsArgs

    AllowedHttpMethods List<string>
    (Updatable) List of allowed HTTP methods. Each value as a RFC7230 formated token string. Used in protection capability 911100: Restrict HTTP Request Methods.
    MaxHttpRequestHeaderLength int
    (Updatable) Maximum allowed length of headers in an HTTP request. Used in protection capability: 9200024: Limit length of request header size.
    MaxHttpRequestHeaders int
    (Updatable) Maximum number of headers allowed in an HTTP request. Used in protection capability 9200014: Limit Number of Request Headers.
    MaxNumberOfArguments int
    (Updatable) Maximum number of arguments allowed. Used in protection capability 920380: Number of Arguments Limits.
    MaxSingleArgumentLength int
    (Updatable) Maximum allowed length of a single argument. Used in protection capability 920370: Limit argument value length.
    MaxTotalArgumentLength int
    (Updatable) Maximum allowed total length of all arguments. Used in protection capability 920390: Limit arguments total length.
    AllowedHttpMethods []string
    (Updatable) List of allowed HTTP methods. Each value as a RFC7230 formated token string. Used in protection capability 911100: Restrict HTTP Request Methods.
    MaxHttpRequestHeaderLength int
    (Updatable) Maximum allowed length of headers in an HTTP request. Used in protection capability: 9200024: Limit length of request header size.
    MaxHttpRequestHeaders int
    (Updatable) Maximum number of headers allowed in an HTTP request. Used in protection capability 9200014: Limit Number of Request Headers.
    MaxNumberOfArguments int
    (Updatable) Maximum number of arguments allowed. Used in protection capability 920380: Number of Arguments Limits.
    MaxSingleArgumentLength int
    (Updatable) Maximum allowed length of a single argument. Used in protection capability 920370: Limit argument value length.
    MaxTotalArgumentLength int
    (Updatable) Maximum allowed total length of all arguments. Used in protection capability 920390: Limit arguments total length.
    allowedHttpMethods List<String>
    (Updatable) List of allowed HTTP methods. Each value as a RFC7230 formated token string. Used in protection capability 911100: Restrict HTTP Request Methods.
    maxHttpRequestHeaderLength Integer
    (Updatable) Maximum allowed length of headers in an HTTP request. Used in protection capability: 9200024: Limit length of request header size.
    maxHttpRequestHeaders Integer
    (Updatable) Maximum number of headers allowed in an HTTP request. Used in protection capability 9200014: Limit Number of Request Headers.
    maxNumberOfArguments Integer
    (Updatable) Maximum number of arguments allowed. Used in protection capability 920380: Number of Arguments Limits.
    maxSingleArgumentLength Integer
    (Updatable) Maximum allowed length of a single argument. Used in protection capability 920370: Limit argument value length.
    maxTotalArgumentLength Integer
    (Updatable) Maximum allowed total length of all arguments. Used in protection capability 920390: Limit arguments total length.
    allowedHttpMethods string[]
    (Updatable) List of allowed HTTP methods. Each value as a RFC7230 formated token string. Used in protection capability 911100: Restrict HTTP Request Methods.
    maxHttpRequestHeaderLength number
    (Updatable) Maximum allowed length of headers in an HTTP request. Used in protection capability: 9200024: Limit length of request header size.
    maxHttpRequestHeaders number
    (Updatable) Maximum number of headers allowed in an HTTP request. Used in protection capability 9200014: Limit Number of Request Headers.
    maxNumberOfArguments number
    (Updatable) Maximum number of arguments allowed. Used in protection capability 920380: Number of Arguments Limits.
    maxSingleArgumentLength number
    (Updatable) Maximum allowed length of a single argument. Used in protection capability 920370: Limit argument value length.
    maxTotalArgumentLength number
    (Updatable) Maximum allowed total length of all arguments. Used in protection capability 920390: Limit arguments total length.
    allowed_http_methods Sequence[str]
    (Updatable) List of allowed HTTP methods. Each value as a RFC7230 formated token string. Used in protection capability 911100: Restrict HTTP Request Methods.
    max_http_request_header_length int
    (Updatable) Maximum allowed length of headers in an HTTP request. Used in protection capability: 9200024: Limit length of request header size.
    max_http_request_headers int
    (Updatable) Maximum number of headers allowed in an HTTP request. Used in protection capability 9200014: Limit Number of Request Headers.
    max_number_of_arguments int
    (Updatable) Maximum number of arguments allowed. Used in protection capability 920380: Number of Arguments Limits.
    max_single_argument_length int
    (Updatable) Maximum allowed length of a single argument. Used in protection capability 920370: Limit argument value length.
    max_total_argument_length int
    (Updatable) Maximum allowed total length of all arguments. Used in protection capability 920390: Limit arguments total length.
    allowedHttpMethods List<String>
    (Updatable) List of allowed HTTP methods. Each value as a RFC7230 formated token string. Used in protection capability 911100: Restrict HTTP Request Methods.
    maxHttpRequestHeaderLength Number
    (Updatable) Maximum allowed length of headers in an HTTP request. Used in protection capability: 9200024: Limit length of request header size.
    maxHttpRequestHeaders Number
    (Updatable) Maximum number of headers allowed in an HTTP request. Used in protection capability 9200014: Limit Number of Request Headers.
    maxNumberOfArguments Number
    (Updatable) Maximum number of arguments allowed. Used in protection capability 920380: Number of Arguments Limits.
    maxSingleArgumentLength Number
    (Updatable) Maximum allowed length of a single argument. Used in protection capability 920370: Limit argument value length.
    maxTotalArgumentLength Number
    (Updatable) Maximum allowed total length of all arguments. Used in protection capability 920390: Limit arguments total length.

    Import

    WebAppFirewallPolicies can be imported using the id, e.g.

    $ pulumi import oci:Waf/appFirewallPolicy:AppFirewallPolicy test_web_app_firewall_policy "id"
    

    To learn more about importing existing cloud resources, see Importing resources.

    Package Details

    Repository
    oci pulumi/pulumi-oci
    License
    Apache-2.0
    Notes
    This Pulumi package is based on the oci Terraform Provider.
    oci logo
    Oracle Cloud Infrastructure v2.17.0 published on Friday, Nov 15, 2024 by Pulumi