Oracle Cloud Infrastructure v2.17.0 published on Friday, Nov 15, 2024 by Pulumi
oci.Waf.getWebAppFirewallPolicies
Explore with Pulumi AI
This data source provides the list of Web App Firewall Policies in Oracle Cloud Infrastructure Waf service.
Gets a list of all WebAppFirewallPolicies in a compartment.
Example Usage
import * as pulumi from "@pulumi/pulumi";
import * as oci from "@pulumi/oci";
const testWebAppFirewallPolicies = oci.Waf.getWebAppFirewallPolicies({
compartmentId: compartmentId,
displayName: webAppFirewallPolicyDisplayName,
id: webAppFirewallPolicyId,
states: webAppFirewallPolicyState,
});
import pulumi
import pulumi_oci as oci
test_web_app_firewall_policies = oci.Waf.get_web_app_firewall_policies(compartment_id=compartment_id,
display_name=web_app_firewall_policy_display_name,
id=web_app_firewall_policy_id,
states=web_app_firewall_policy_state)
package main
import (
"github.com/pulumi/pulumi-oci/sdk/v2/go/oci/Waf"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := Waf.GetWebAppFirewallPolicies(ctx, &waf.GetWebAppFirewallPoliciesArgs{
CompartmentId: compartmentId,
DisplayName: pulumi.StringRef(webAppFirewallPolicyDisplayName),
Id: pulumi.StringRef(webAppFirewallPolicyId),
States: webAppFirewallPolicyState,
}, nil)
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Oci = Pulumi.Oci;
return await Deployment.RunAsync(() =>
{
var testWebAppFirewallPolicies = Oci.Waf.GetWebAppFirewallPolicies.Invoke(new()
{
CompartmentId = compartmentId,
DisplayName = webAppFirewallPolicyDisplayName,
Id = webAppFirewallPolicyId,
States = webAppFirewallPolicyState,
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.oci.Waf.WafFunctions;
import com.pulumi.oci.Waf.inputs.GetWebAppFirewallPoliciesArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
final var testWebAppFirewallPolicies = WafFunctions.getWebAppFirewallPolicies(GetWebAppFirewallPoliciesArgs.builder()
.compartmentId(compartmentId)
.displayName(webAppFirewallPolicyDisplayName)
.id(webAppFirewallPolicyId)
.states(webAppFirewallPolicyState)
.build());
}
}
variables:
testWebAppFirewallPolicies:
fn::invoke:
Function: oci:Waf:getWebAppFirewallPolicies
Arguments:
compartmentId: ${compartmentId}
displayName: ${webAppFirewallPolicyDisplayName}
id: ${webAppFirewallPolicyId}
states: ${webAppFirewallPolicyState}
Using getWebAppFirewallPolicies
Two invocation forms are available. The direct form accepts plain arguments and either blocks until the result value is available, or returns a Promise-wrapped result. The output form accepts Input-wrapped arguments and returns an Output-wrapped result.
function getWebAppFirewallPolicies(args: GetWebAppFirewallPoliciesArgs, opts?: InvokeOptions): Promise<GetWebAppFirewallPoliciesResult>
function getWebAppFirewallPoliciesOutput(args: GetWebAppFirewallPoliciesOutputArgs, opts?: InvokeOptions): Output<GetWebAppFirewallPoliciesResult>
def get_web_app_firewall_policies(compartment_id: Optional[str] = None,
display_name: Optional[str] = None,
filters: Optional[Sequence[_waf.GetWebAppFirewallPoliciesFilter]] = None,
id: Optional[str] = None,
states: Optional[Sequence[str]] = None,
opts: Optional[InvokeOptions] = None) -> GetWebAppFirewallPoliciesResult
def get_web_app_firewall_policies_output(compartment_id: Optional[pulumi.Input[str]] = None,
display_name: Optional[pulumi.Input[str]] = None,
filters: Optional[pulumi.Input[Sequence[pulumi.Input[_waf.GetWebAppFirewallPoliciesFilterArgs]]]] = None,
id: Optional[pulumi.Input[str]] = None,
states: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
opts: Optional[InvokeOptions] = None) -> Output[GetWebAppFirewallPoliciesResult]
func GetWebAppFirewallPolicies(ctx *Context, args *GetWebAppFirewallPoliciesArgs, opts ...InvokeOption) (*GetWebAppFirewallPoliciesResult, error)
func GetWebAppFirewallPoliciesOutput(ctx *Context, args *GetWebAppFirewallPoliciesOutputArgs, opts ...InvokeOption) GetWebAppFirewallPoliciesResultOutput
> Note: This function is named GetWebAppFirewallPolicies
in the Go SDK.
public static class GetWebAppFirewallPolicies
{
public static Task<GetWebAppFirewallPoliciesResult> InvokeAsync(GetWebAppFirewallPoliciesArgs args, InvokeOptions? opts = null)
public static Output<GetWebAppFirewallPoliciesResult> Invoke(GetWebAppFirewallPoliciesInvokeArgs args, InvokeOptions? opts = null)
}
public static CompletableFuture<GetWebAppFirewallPoliciesResult> getWebAppFirewallPolicies(GetWebAppFirewallPoliciesArgs args, InvokeOptions options)
// Output-based functions aren't available in Java yet
fn::invoke:
function: oci:Waf/getWebAppFirewallPolicies:getWebAppFirewallPolicies
arguments:
# arguments dictionary
The following arguments are supported:
- Compartment
Id string - The OCID of the compartment in which to list resources.
- Display
Name string - A filter to return only resources that match the entire display name given.
- Filters
List<Get
Web App Firewall Policies Filter> - Id string
- A filter to return only the WebAppFirewallPolicy with the given OCID.
- States List<string>
- A filter to return only resources that match the given lifecycleState.
- Compartment
Id string - The OCID of the compartment in which to list resources.
- Display
Name string - A filter to return only resources that match the entire display name given.
- Filters
[]Get
Web App Firewall Policies Filter - Id string
- A filter to return only the WebAppFirewallPolicy with the given OCID.
- States []string
- A filter to return only resources that match the given lifecycleState.
- compartment
Id String - The OCID of the compartment in which to list resources.
- display
Name String - A filter to return only resources that match the entire display name given.
- filters
List<Get
Web App Firewall Policies Filter> - id String
- A filter to return only the WebAppFirewallPolicy with the given OCID.
- states List<String>
- A filter to return only resources that match the given lifecycleState.
- compartment
Id string - The OCID of the compartment in which to list resources.
- display
Name string - A filter to return only resources that match the entire display name given.
- filters
Get
Web App Firewall Policies Filter[] - id string
- A filter to return only the WebAppFirewallPolicy with the given OCID.
- states string[]
- A filter to return only resources that match the given lifecycleState.
- compartment_
id str - The OCID of the compartment in which to list resources.
- display_
name str - A filter to return only resources that match the entire display name given.
- filters
Sequence[waf.
Get Web App Firewall Policies Filter] - id str
- A filter to return only the WebAppFirewallPolicy with the given OCID.
- states Sequence[str]
- A filter to return only resources that match the given lifecycleState.
- compartment
Id String - The OCID of the compartment in which to list resources.
- display
Name String - A filter to return only resources that match the entire display name given.
- filters List<Property Map>
- id String
- A filter to return only the WebAppFirewallPolicy with the given OCID.
- states List<String>
- A filter to return only resources that match the given lifecycleState.
getWebAppFirewallPolicies Result
The following output properties are available:
- Compartment
Id string - The OCID of the compartment.
- Web
App List<GetFirewall Policy Collections Web App Firewall Policies Web App Firewall Policy Collection> - The list of web_app_firewall_policy_collection.
- Display
Name string - WebAppFirewallPolicy display name, can be renamed.
- Filters
List<Get
Web App Firewall Policies Filter> - Id string
- The OCID of the WebAppFirewallPolicy.
- States List<string>
- The current state of the WebAppFirewallPolicy.
- Compartment
Id string - The OCID of the compartment.
- Web
App []GetFirewall Policy Collections Web App Firewall Policies Web App Firewall Policy Collection - The list of web_app_firewall_policy_collection.
- Display
Name string - WebAppFirewallPolicy display name, can be renamed.
- Filters
[]Get
Web App Firewall Policies Filter - Id string
- The OCID of the WebAppFirewallPolicy.
- States []string
- The current state of the WebAppFirewallPolicy.
- compartment
Id String - The OCID of the compartment.
- web
App List<GetFirewall Policy Collections Web App Firewall Policies Web App Firewall Policy Collection> - The list of web_app_firewall_policy_collection.
- display
Name String - WebAppFirewallPolicy display name, can be renamed.
- filters
List<Get
Web App Firewall Policies Filter> - id String
- The OCID of the WebAppFirewallPolicy.
- states List<String>
- The current state of the WebAppFirewallPolicy.
- compartment
Id string - The OCID of the compartment.
- web
App GetFirewall Policy Collections Web App Firewall Policies Web App Firewall Policy Collection[] - The list of web_app_firewall_policy_collection.
- display
Name string - WebAppFirewallPolicy display name, can be renamed.
- filters
Get
Web App Firewall Policies Filter[] - id string
- The OCID of the WebAppFirewallPolicy.
- states string[]
- The current state of the WebAppFirewallPolicy.
- compartment_
id str - The OCID of the compartment.
- web_
app_ Sequence[waf.firewall_ policy_ collections Get Web App Firewall Policies Web App Firewall Policy Collection] - The list of web_app_firewall_policy_collection.
- display_
name str - WebAppFirewallPolicy display name, can be renamed.
- filters
Sequence[waf.
Get Web App Firewall Policies Filter] - id str
- The OCID of the WebAppFirewallPolicy.
- states Sequence[str]
- The current state of the WebAppFirewallPolicy.
- compartment
Id String - The OCID of the compartment.
- web
App List<Property Map>Firewall Policy Collections - The list of web_app_firewall_policy_collection.
- display
Name String - WebAppFirewallPolicy display name, can be renamed.
- filters List<Property Map>
- id String
- The OCID of the WebAppFirewallPolicy.
- states List<String>
- The current state of the WebAppFirewallPolicy.
Supporting Types
GetWebAppFirewallPoliciesFilter
GetWebAppFirewallPoliciesWebAppFirewallPolicyCollection
GetWebAppFirewallPoliciesWebAppFirewallPolicyCollectionItem
- Actions
List<Get
Web App Firewall Policies Web App Firewall Policy Collection Item Action> - Predefined actions for use in multiple different rules. Not all actions are supported in every module. Some actions terminate further execution of modules and rules in a module and some do not. Actions names must be unique within this array.
- Compartment
Id string - The OCID of the compartment in which to list resources.
- Dictionary<string, string>
- Defined tags for this resource. Each key is predefined and scoped to a namespace. Example:
{"foo-namespace.bar-key": "value"}
- Display
Name string - A filter to return only resources that match the entire display name given.
- Dictionary<string, string>
- Simple key-value pair that is applied without any predefined name, type or scope. Exists for cross-compatibility only. Example:
{"bar-key": "value"}
- Id string
- A filter to return only the WebAppFirewallPolicy with the given OCID.
- Lifecycle
Details string - A message describing the current state in more detail. For example, can be used to provide actionable information for a resource in FAILED state.
- Request
Access List<GetControls Web App Firewall Policies Web App Firewall Policy Collection Item Request Access Control> - Module that allows inspection of HTTP request properties and to return a defined HTTP response. In this module, rules with the name 'Default Action' are not allowed, since this name is reserved for default action logs.
- Request
Protections List<GetWeb App Firewall Policies Web App Firewall Policy Collection Item Request Protection> - Module that allows to enable OCI-managed protection capabilities for incoming HTTP requests.
- Request
Rate List<GetLimitings Web App Firewall Policies Web App Firewall Policy Collection Item Request Rate Limiting> - Module that allows inspection of HTTP connection properties and to limit requests frequency for a given key.
- Response
Access List<GetControls Web App Firewall Policies Web App Firewall Policy Collection Item Response Access Control> - Module that allows inspection of HTTP response properties and to return a defined HTTP response.
- Response
Protections List<GetWeb App Firewall Policies Web App Firewall Policy Collection Item Response Protection> - Module that allows to enable OCI-managed protection capabilities for HTTP responses.
- State string
- A filter to return only resources that match the given lifecycleState.
- Dictionary<string, string>
- Usage of system tag keys. These predefined keys are scoped to namespaces. Example:
{"orcl-cloud.free-tier-retained": "true"}
- Time
Created string - The time the WebAppFirewallPolicy was created. An RFC3339 formatted datetime string.
- Time
Updated string - The time the WebAppFirewallPolicy was updated. An RFC3339 formatted datetime string.
- Actions
[]Get
Web App Firewall Policies Web App Firewall Policy Collection Item Action - Predefined actions for use in multiple different rules. Not all actions are supported in every module. Some actions terminate further execution of modules and rules in a module and some do not. Actions names must be unique within this array.
- Compartment
Id string - The OCID of the compartment in which to list resources.
- map[string]string
- Defined tags for this resource. Each key is predefined and scoped to a namespace. Example:
{"foo-namespace.bar-key": "value"}
- Display
Name string - A filter to return only resources that match the entire display name given.
- map[string]string
- Simple key-value pair that is applied without any predefined name, type or scope. Exists for cross-compatibility only. Example:
{"bar-key": "value"}
- Id string
- A filter to return only the WebAppFirewallPolicy with the given OCID.
- Lifecycle
Details string - A message describing the current state in more detail. For example, can be used to provide actionable information for a resource in FAILED state.
- Request
Access []GetControls Web App Firewall Policies Web App Firewall Policy Collection Item Request Access Control - Module that allows inspection of HTTP request properties and to return a defined HTTP response. In this module, rules with the name 'Default Action' are not allowed, since this name is reserved for default action logs.
- Request
Protections []GetWeb App Firewall Policies Web App Firewall Policy Collection Item Request Protection - Module that allows to enable OCI-managed protection capabilities for incoming HTTP requests.
- Request
Rate []GetLimitings Web App Firewall Policies Web App Firewall Policy Collection Item Request Rate Limiting - Module that allows inspection of HTTP connection properties and to limit requests frequency for a given key.
- Response
Access []GetControls Web App Firewall Policies Web App Firewall Policy Collection Item Response Access Control - Module that allows inspection of HTTP response properties and to return a defined HTTP response.
- Response
Protections []GetWeb App Firewall Policies Web App Firewall Policy Collection Item Response Protection - Module that allows to enable OCI-managed protection capabilities for HTTP responses.
- State string
- A filter to return only resources that match the given lifecycleState.
- map[string]string
- Usage of system tag keys. These predefined keys are scoped to namespaces. Example:
{"orcl-cloud.free-tier-retained": "true"}
- Time
Created string - The time the WebAppFirewallPolicy was created. An RFC3339 formatted datetime string.
- Time
Updated string - The time the WebAppFirewallPolicy was updated. An RFC3339 formatted datetime string.
- actions
List<Get
Web App Firewall Policies Web App Firewall Policy Collection Item Action> - Predefined actions for use in multiple different rules. Not all actions are supported in every module. Some actions terminate further execution of modules and rules in a module and some do not. Actions names must be unique within this array.
- compartment
Id String - The OCID of the compartment in which to list resources.
- Map<String,String>
- Defined tags for this resource. Each key is predefined and scoped to a namespace. Example:
{"foo-namespace.bar-key": "value"}
- display
Name String - A filter to return only resources that match the entire display name given.
- Map<String,String>
- Simple key-value pair that is applied without any predefined name, type or scope. Exists for cross-compatibility only. Example:
{"bar-key": "value"}
- id String
- A filter to return only the WebAppFirewallPolicy with the given OCID.
- lifecycle
Details String - A message describing the current state in more detail. For example, can be used to provide actionable information for a resource in FAILED state.
- request
Access List<GetControls Web App Firewall Policies Web App Firewall Policy Collection Item Request Access Control> - Module that allows inspection of HTTP request properties and to return a defined HTTP response. In this module, rules with the name 'Default Action' are not allowed, since this name is reserved for default action logs.
- request
Protections List<GetWeb App Firewall Policies Web App Firewall Policy Collection Item Request Protection> - Module that allows to enable OCI-managed protection capabilities for incoming HTTP requests.
- request
Rate List<GetLimitings Web App Firewall Policies Web App Firewall Policy Collection Item Request Rate Limiting> - Module that allows inspection of HTTP connection properties and to limit requests frequency for a given key.
- response
Access List<GetControls Web App Firewall Policies Web App Firewall Policy Collection Item Response Access Control> - Module that allows inspection of HTTP response properties and to return a defined HTTP response.
- response
Protections List<GetWeb App Firewall Policies Web App Firewall Policy Collection Item Response Protection> - Module that allows to enable OCI-managed protection capabilities for HTTP responses.
- state String
- A filter to return only resources that match the given lifecycleState.
- Map<String,String>
- Usage of system tag keys. These predefined keys are scoped to namespaces. Example:
{"orcl-cloud.free-tier-retained": "true"}
- time
Created String - The time the WebAppFirewallPolicy was created. An RFC3339 formatted datetime string.
- time
Updated String - The time the WebAppFirewallPolicy was updated. An RFC3339 formatted datetime string.
- actions
Get
Web App Firewall Policies Web App Firewall Policy Collection Item Action[] - Predefined actions for use in multiple different rules. Not all actions are supported in every module. Some actions terminate further execution of modules and rules in a module and some do not. Actions names must be unique within this array.
- compartment
Id string - The OCID of the compartment in which to list resources.
- {[key: string]: string}
- Defined tags for this resource. Each key is predefined and scoped to a namespace. Example:
{"foo-namespace.bar-key": "value"}
- display
Name string - A filter to return only resources that match the entire display name given.
- {[key: string]: string}
- Simple key-value pair that is applied without any predefined name, type or scope. Exists for cross-compatibility only. Example:
{"bar-key": "value"}
- id string
- A filter to return only the WebAppFirewallPolicy with the given OCID.
- lifecycle
Details string - A message describing the current state in more detail. For example, can be used to provide actionable information for a resource in FAILED state.
- request
Access GetControls Web App Firewall Policies Web App Firewall Policy Collection Item Request Access Control[] - Module that allows inspection of HTTP request properties and to return a defined HTTP response. In this module, rules with the name 'Default Action' are not allowed, since this name is reserved for default action logs.
- request
Protections GetWeb App Firewall Policies Web App Firewall Policy Collection Item Request Protection[] - Module that allows to enable OCI-managed protection capabilities for incoming HTTP requests.
- request
Rate GetLimitings Web App Firewall Policies Web App Firewall Policy Collection Item Request Rate Limiting[] - Module that allows inspection of HTTP connection properties and to limit requests frequency for a given key.
- response
Access GetControls Web App Firewall Policies Web App Firewall Policy Collection Item Response Access Control[] - Module that allows inspection of HTTP response properties and to return a defined HTTP response.
- response
Protections GetWeb App Firewall Policies Web App Firewall Policy Collection Item Response Protection[] - Module that allows to enable OCI-managed protection capabilities for HTTP responses.
- state string
- A filter to return only resources that match the given lifecycleState.
- {[key: string]: string}
- Usage of system tag keys. These predefined keys are scoped to namespaces. Example:
{"orcl-cloud.free-tier-retained": "true"}
- time
Created string - The time the WebAppFirewallPolicy was created. An RFC3339 formatted datetime string.
- time
Updated string - The time the WebAppFirewallPolicy was updated. An RFC3339 formatted datetime string.
- actions
Sequence[waf.
Get Web App Firewall Policies Web App Firewall Policy Collection Item Action] - Predefined actions for use in multiple different rules. Not all actions are supported in every module. Some actions terminate further execution of modules and rules in a module and some do not. Actions names must be unique within this array.
- compartment_
id str - The OCID of the compartment in which to list resources.
- Mapping[str, str]
- Defined tags for this resource. Each key is predefined and scoped to a namespace. Example:
{"foo-namespace.bar-key": "value"}
- display_
name str - A filter to return only resources that match the entire display name given.
- Mapping[str, str]
- Simple key-value pair that is applied without any predefined name, type or scope. Exists for cross-compatibility only. Example:
{"bar-key": "value"}
- id str
- A filter to return only the WebAppFirewallPolicy with the given OCID.
- lifecycle_
details str - A message describing the current state in more detail. For example, can be used to provide actionable information for a resource in FAILED state.
- request_
access_ Sequence[waf.controls Get Web App Firewall Policies Web App Firewall Policy Collection Item Request Access Control] - Module that allows inspection of HTTP request properties and to return a defined HTTP response. In this module, rules with the name 'Default Action' are not allowed, since this name is reserved for default action logs.
- request_
protections Sequence[waf.Get Web App Firewall Policies Web App Firewall Policy Collection Item Request Protection] - Module that allows to enable OCI-managed protection capabilities for incoming HTTP requests.
- request_
rate_ Sequence[waf.limitings Get Web App Firewall Policies Web App Firewall Policy Collection Item Request Rate Limiting] - Module that allows inspection of HTTP connection properties and to limit requests frequency for a given key.
- response_
access_ Sequence[waf.controls Get Web App Firewall Policies Web App Firewall Policy Collection Item Response Access Control] - Module that allows inspection of HTTP response properties and to return a defined HTTP response.
- response_
protections Sequence[waf.Get Web App Firewall Policies Web App Firewall Policy Collection Item Response Protection] - Module that allows to enable OCI-managed protection capabilities for HTTP responses.
- state str
- A filter to return only resources that match the given lifecycleState.
- Mapping[str, str]
- Usage of system tag keys. These predefined keys are scoped to namespaces. Example:
{"orcl-cloud.free-tier-retained": "true"}
- time_
created str - The time the WebAppFirewallPolicy was created. An RFC3339 formatted datetime string.
- time_
updated str - The time the WebAppFirewallPolicy was updated. An RFC3339 formatted datetime string.
- actions List<Property Map>
- Predefined actions for use in multiple different rules. Not all actions are supported in every module. Some actions terminate further execution of modules and rules in a module and some do not. Actions names must be unique within this array.
- compartment
Id String - The OCID of the compartment in which to list resources.
- Map<String>
- Defined tags for this resource. Each key is predefined and scoped to a namespace. Example:
{"foo-namespace.bar-key": "value"}
- display
Name String - A filter to return only resources that match the entire display name given.
- Map<String>
- Simple key-value pair that is applied without any predefined name, type or scope. Exists for cross-compatibility only. Example:
{"bar-key": "value"}
- id String
- A filter to return only the WebAppFirewallPolicy with the given OCID.
- lifecycle
Details String - A message describing the current state in more detail. For example, can be used to provide actionable information for a resource in FAILED state.
- request
Access List<Property Map>Controls - Module that allows inspection of HTTP request properties and to return a defined HTTP response. In this module, rules with the name 'Default Action' are not allowed, since this name is reserved for default action logs.
- request
Protections List<Property Map> - Module that allows to enable OCI-managed protection capabilities for incoming HTTP requests.
- request
Rate List<Property Map>Limitings - Module that allows inspection of HTTP connection properties and to limit requests frequency for a given key.
- response
Access List<Property Map>Controls - Module that allows inspection of HTTP response properties and to return a defined HTTP response.
- response
Protections List<Property Map> - Module that allows to enable OCI-managed protection capabilities for HTTP responses.
- state String
- A filter to return only resources that match the given lifecycleState.
- Map<String>
- Usage of system tag keys. These predefined keys are scoped to namespaces. Example:
{"orcl-cloud.free-tier-retained": "true"}
- time
Created String - The time the WebAppFirewallPolicy was created. An RFC3339 formatted datetime string.
- time
Updated String - The time the WebAppFirewallPolicy was updated. An RFC3339 formatted datetime string.
GetWebAppFirewallPoliciesWebAppFirewallPolicyCollectionItemAction
- Bodies
List<Get
Web App Firewall Policies Web App Firewall Policy Collection Item Action Body> - Type of returned HTTP response body.
- Code int
- Response code.
- Headers
List<Get
Web App Firewall Policies Web App Firewall Policy Collection Item Action Header> - Adds headers defined in this array for HTTP response.
- Name string
- Rule name. Must be unique within the module.
- Type string
- Type of WebAppFirewallPolicyRule.
- Bodies
[]Get
Web App Firewall Policies Web App Firewall Policy Collection Item Action Body - Type of returned HTTP response body.
- Code int
- Response code.
- Headers
[]Get
Web App Firewall Policies Web App Firewall Policy Collection Item Action Header - Adds headers defined in this array for HTTP response.
- Name string
- Rule name. Must be unique within the module.
- Type string
- Type of WebAppFirewallPolicyRule.
- bodies
List<Get
Web App Firewall Policies Web App Firewall Policy Collection Item Action Body> - Type of returned HTTP response body.
- code Integer
- Response code.
- headers
List<Get
Web App Firewall Policies Web App Firewall Policy Collection Item Action Header> - Adds headers defined in this array for HTTP response.
- name String
- Rule name. Must be unique within the module.
- type String
- Type of WebAppFirewallPolicyRule.
- bodies
Get
Web App Firewall Policies Web App Firewall Policy Collection Item Action Body[] - Type of returned HTTP response body.
- code number
- Response code.
- headers
Get
Web App Firewall Policies Web App Firewall Policy Collection Item Action Header[] - Adds headers defined in this array for HTTP response.
- name string
- Rule name. Must be unique within the module.
- type string
- Type of WebAppFirewallPolicyRule.
- bodies
Sequence[waf.
Get Web App Firewall Policies Web App Firewall Policy Collection Item Action Body] - Type of returned HTTP response body.
- code int
- Response code.
- headers
Sequence[waf.
Get Web App Firewall Policies Web App Firewall Policy Collection Item Action Header] - Adds headers defined in this array for HTTP response.
- name str
- Rule name. Must be unique within the module.
- type str
- Type of WebAppFirewallPolicyRule.
- bodies List<Property Map>
- Type of returned HTTP response body.
- code Number
- Response code.
- headers List<Property Map>
- Adds headers defined in this array for HTTP response.
- name String
- Rule name. Must be unique within the module.
- type String
- Type of WebAppFirewallPolicyRule.
GetWebAppFirewallPoliciesWebAppFirewallPolicyCollectionItemActionBody
GetWebAppFirewallPoliciesWebAppFirewallPolicyCollectionItemActionHeader
GetWebAppFirewallPoliciesWebAppFirewallPolicyCollectionItemRequestAccessControl
- Default
Action stringName - References an default Action to take if no AccessControlRule was matched. Allowed action types:
- ALLOW continues execution of other modules and their rules.
- RETURN_HTTP_RESPONSE terminates further execution of modules and rules and returns defined HTTP response.
- Rules
List<Get
Web App Firewall Policies Web App Firewall Policy Collection Item Request Access Control Rule> - Ordered list of ProtectionRules. Rules are executed in order of appearance in this array. ProtectionRules in this array can only use protection capabilities of RESPONSE_PROTECTION_CAPABILITY type.
- Default
Action stringName - References an default Action to take if no AccessControlRule was matched. Allowed action types:
- ALLOW continues execution of other modules and their rules.
- RETURN_HTTP_RESPONSE terminates further execution of modules and rules and returns defined HTTP response.
- Rules
[]Get
Web App Firewall Policies Web App Firewall Policy Collection Item Request Access Control Rule - Ordered list of ProtectionRules. Rules are executed in order of appearance in this array. ProtectionRules in this array can only use protection capabilities of RESPONSE_PROTECTION_CAPABILITY type.
- default
Action StringName - References an default Action to take if no AccessControlRule was matched. Allowed action types:
- ALLOW continues execution of other modules and their rules.
- RETURN_HTTP_RESPONSE terminates further execution of modules and rules and returns defined HTTP response.
- rules
List<Get
Web App Firewall Policies Web App Firewall Policy Collection Item Request Access Control Rule> - Ordered list of ProtectionRules. Rules are executed in order of appearance in this array. ProtectionRules in this array can only use protection capabilities of RESPONSE_PROTECTION_CAPABILITY type.
- default
Action stringName - References an default Action to take if no AccessControlRule was matched. Allowed action types:
- ALLOW continues execution of other modules and their rules.
- RETURN_HTTP_RESPONSE terminates further execution of modules and rules and returns defined HTTP response.
- rules
Get
Web App Firewall Policies Web App Firewall Policy Collection Item Request Access Control Rule[] - Ordered list of ProtectionRules. Rules are executed in order of appearance in this array. ProtectionRules in this array can only use protection capabilities of RESPONSE_PROTECTION_CAPABILITY type.
- default_
action_ strname - References an default Action to take if no AccessControlRule was matched. Allowed action types:
- ALLOW continues execution of other modules and their rules.
- RETURN_HTTP_RESPONSE terminates further execution of modules and rules and returns defined HTTP response.
- rules
Sequence[waf.
Get Web App Firewall Policies Web App Firewall Policy Collection Item Request Access Control Rule] - Ordered list of ProtectionRules. Rules are executed in order of appearance in this array. ProtectionRules in this array can only use protection capabilities of RESPONSE_PROTECTION_CAPABILITY type.
- default
Action StringName - References an default Action to take if no AccessControlRule was matched. Allowed action types:
- ALLOW continues execution of other modules and their rules.
- RETURN_HTTP_RESPONSE terminates further execution of modules and rules and returns defined HTTP response.
- rules List<Property Map>
- Ordered list of ProtectionRules. Rules are executed in order of appearance in this array. ProtectionRules in this array can only use protection capabilities of RESPONSE_PROTECTION_CAPABILITY type.
GetWebAppFirewallPoliciesWebAppFirewallPolicyCollectionItemRequestAccessControlRule
- Action
Name string - Override action to take if capability was triggered, defined in Protection Rule for this capability. Only actions of type CHECK are allowed.
- Condition string
- An expression that determines whether or not the rule action should be executed.
- Condition
Language string - The language used to parse condition from field
condition
. Available languages:- JMESPATH an extended JMESPath language syntax.
- Name string
- Rule name. Must be unique within the module.
- Type string
- Type of WebAppFirewallPolicyRule.
- Action
Name string - Override action to take if capability was triggered, defined in Protection Rule for this capability. Only actions of type CHECK are allowed.
- Condition string
- An expression that determines whether or not the rule action should be executed.
- Condition
Language string - The language used to parse condition from field
condition
. Available languages:- JMESPATH an extended JMESPath language syntax.
- Name string
- Rule name. Must be unique within the module.
- Type string
- Type of WebAppFirewallPolicyRule.
- action
Name String - Override action to take if capability was triggered, defined in Protection Rule for this capability. Only actions of type CHECK are allowed.
- condition String
- An expression that determines whether or not the rule action should be executed.
- condition
Language String - The language used to parse condition from field
condition
. Available languages:- JMESPATH an extended JMESPath language syntax.
- name String
- Rule name. Must be unique within the module.
- type String
- Type of WebAppFirewallPolicyRule.
- action
Name string - Override action to take if capability was triggered, defined in Protection Rule for this capability. Only actions of type CHECK are allowed.
- condition string
- An expression that determines whether or not the rule action should be executed.
- condition
Language string - The language used to parse condition from field
condition
. Available languages:- JMESPATH an extended JMESPath language syntax.
- name string
- Rule name. Must be unique within the module.
- type string
- Type of WebAppFirewallPolicyRule.
- action_
name str - Override action to take if capability was triggered, defined in Protection Rule for this capability. Only actions of type CHECK are allowed.
- condition str
- An expression that determines whether or not the rule action should be executed.
- condition_
language str - The language used to parse condition from field
condition
. Available languages:- JMESPATH an extended JMESPath language syntax.
- name str
- Rule name. Must be unique within the module.
- type str
- Type of WebAppFirewallPolicyRule.
- action
Name String - Override action to take if capability was triggered, defined in Protection Rule for this capability. Only actions of type CHECK are allowed.
- condition String
- An expression that determines whether or not the rule action should be executed.
- condition
Language String - The language used to parse condition from field
condition
. Available languages:- JMESPATH an extended JMESPath language syntax.
- name String
- Rule name. Must be unique within the module.
- type String
- Type of WebAppFirewallPolicyRule.
GetWebAppFirewallPoliciesWebAppFirewallPolicyCollectionItemRequestProtection
- Body
Inspection stringSize Limit Exceeded Action Name - References action by name from actions defined in WebAppFirewallPolicy. Executed if HTTP message body size exceeds limit set in field
bodyInspectionSizeLimitInBytes
. - Body
Inspection intSize Limit In Bytes - Maximum size of inspected HTTP message body in bytes. Actions to take if this limit is exceeded are defined in
bodyInspectionSizeLimitExceededActionName
. - Rules
List<Get
Web App Firewall Policies Web App Firewall Policy Collection Item Request Protection Rule> - Ordered list of ProtectionRules. Rules are executed in order of appearance in this array. ProtectionRules in this array can only use protection capabilities of RESPONSE_PROTECTION_CAPABILITY type.
- Body
Inspection stringSize Limit Exceeded Action Name - References action by name from actions defined in WebAppFirewallPolicy. Executed if HTTP message body size exceeds limit set in field
bodyInspectionSizeLimitInBytes
. - Body
Inspection intSize Limit In Bytes - Maximum size of inspected HTTP message body in bytes. Actions to take if this limit is exceeded are defined in
bodyInspectionSizeLimitExceededActionName
. - Rules
[]Get
Web App Firewall Policies Web App Firewall Policy Collection Item Request Protection Rule - Ordered list of ProtectionRules. Rules are executed in order of appearance in this array. ProtectionRules in this array can only use protection capabilities of RESPONSE_PROTECTION_CAPABILITY type.
- body
Inspection StringSize Limit Exceeded Action Name - References action by name from actions defined in WebAppFirewallPolicy. Executed if HTTP message body size exceeds limit set in field
bodyInspectionSizeLimitInBytes
. - body
Inspection IntegerSize Limit In Bytes - Maximum size of inspected HTTP message body in bytes. Actions to take if this limit is exceeded are defined in
bodyInspectionSizeLimitExceededActionName
. - rules
List<Get
Web App Firewall Policies Web App Firewall Policy Collection Item Request Protection Rule> - Ordered list of ProtectionRules. Rules are executed in order of appearance in this array. ProtectionRules in this array can only use protection capabilities of RESPONSE_PROTECTION_CAPABILITY type.
- body
Inspection stringSize Limit Exceeded Action Name - References action by name from actions defined in WebAppFirewallPolicy. Executed if HTTP message body size exceeds limit set in field
bodyInspectionSizeLimitInBytes
. - body
Inspection numberSize Limit In Bytes - Maximum size of inspected HTTP message body in bytes. Actions to take if this limit is exceeded are defined in
bodyInspectionSizeLimitExceededActionName
. - rules
Get
Web App Firewall Policies Web App Firewall Policy Collection Item Request Protection Rule[] - Ordered list of ProtectionRules. Rules are executed in order of appearance in this array. ProtectionRules in this array can only use protection capabilities of RESPONSE_PROTECTION_CAPABILITY type.
- body_
inspection_ strsize_ limit_ exceeded_ action_ name - References action by name from actions defined in WebAppFirewallPolicy. Executed if HTTP message body size exceeds limit set in field
bodyInspectionSizeLimitInBytes
. - body_
inspection_ intsize_ limit_ in_ bytes - Maximum size of inspected HTTP message body in bytes. Actions to take if this limit is exceeded are defined in
bodyInspectionSizeLimitExceededActionName
. - rules
Sequence[waf.
Get Web App Firewall Policies Web App Firewall Policy Collection Item Request Protection Rule] - Ordered list of ProtectionRules. Rules are executed in order of appearance in this array. ProtectionRules in this array can only use protection capabilities of RESPONSE_PROTECTION_CAPABILITY type.
- body
Inspection StringSize Limit Exceeded Action Name - References action by name from actions defined in WebAppFirewallPolicy. Executed if HTTP message body size exceeds limit set in field
bodyInspectionSizeLimitInBytes
. - body
Inspection NumberSize Limit In Bytes - Maximum size of inspected HTTP message body in bytes. Actions to take if this limit is exceeded are defined in
bodyInspectionSizeLimitExceededActionName
. - rules List<Property Map>
- Ordered list of ProtectionRules. Rules are executed in order of appearance in this array. ProtectionRules in this array can only use protection capabilities of RESPONSE_PROTECTION_CAPABILITY type.
GetWebAppFirewallPoliciesWebAppFirewallPolicyCollectionItemRequestProtectionRule
- Action
Name string - Override action to take if capability was triggered, defined in Protection Rule for this capability. Only actions of type CHECK are allowed.
- Condition string
- An expression that determines whether or not the rule action should be executed.
- Condition
Language string - The language used to parse condition from field
condition
. Available languages:- JMESPATH an extended JMESPath language syntax.
- Is
Body boolInspection Enabled - Enables/disables body inspection for this protection rule. Only Protection Rules in RequestProtection can have this option enabled. Response body inspection will be available at a later date.
- Name string
- Rule name. Must be unique within the module.
- Protection
Capabilities List<GetWeb App Firewall Policies Web App Firewall Policy Collection Item Request Protection Rule Protection Capability> - An ordered list that references OCI-managed protection capabilities. Referenced protection capabilities are not necessarily executed in order of appearance. Their execution order is decided at runtime for improved performance. The array cannot contain entries with the same pair of capability key and version more than once.
- Protection
Capability List<GetSettings Web App Firewall Policies Web App Firewall Policy Collection Item Request Protection Rule Protection Capability Setting> - Settings for protection capabilities
- Type string
- Type of WebAppFirewallPolicyRule.
- Action
Name string - Override action to take if capability was triggered, defined in Protection Rule for this capability. Only actions of type CHECK are allowed.
- Condition string
- An expression that determines whether or not the rule action should be executed.
- Condition
Language string - The language used to parse condition from field
condition
. Available languages:- JMESPATH an extended JMESPath language syntax.
- Is
Body boolInspection Enabled - Enables/disables body inspection for this protection rule. Only Protection Rules in RequestProtection can have this option enabled. Response body inspection will be available at a later date.
- Name string
- Rule name. Must be unique within the module.
- Protection
Capabilities []GetWeb App Firewall Policies Web App Firewall Policy Collection Item Request Protection Rule Protection Capability - An ordered list that references OCI-managed protection capabilities. Referenced protection capabilities are not necessarily executed in order of appearance. Their execution order is decided at runtime for improved performance. The array cannot contain entries with the same pair of capability key and version more than once.
- Protection
Capability []GetSettings Web App Firewall Policies Web App Firewall Policy Collection Item Request Protection Rule Protection Capability Setting - Settings for protection capabilities
- Type string
- Type of WebAppFirewallPolicyRule.
- action
Name String - Override action to take if capability was triggered, defined in Protection Rule for this capability. Only actions of type CHECK are allowed.
- condition String
- An expression that determines whether or not the rule action should be executed.
- condition
Language String - The language used to parse condition from field
condition
. Available languages:- JMESPATH an extended JMESPath language syntax.
- is
Body BooleanInspection Enabled - Enables/disables body inspection for this protection rule. Only Protection Rules in RequestProtection can have this option enabled. Response body inspection will be available at a later date.
- name String
- Rule name. Must be unique within the module.
- protection
Capabilities List<GetWeb App Firewall Policies Web App Firewall Policy Collection Item Request Protection Rule Protection Capability> - An ordered list that references OCI-managed protection capabilities. Referenced protection capabilities are not necessarily executed in order of appearance. Their execution order is decided at runtime for improved performance. The array cannot contain entries with the same pair of capability key and version more than once.
- protection
Capability List<GetSettings Web App Firewall Policies Web App Firewall Policy Collection Item Request Protection Rule Protection Capability Setting> - Settings for protection capabilities
- type String
- Type of WebAppFirewallPolicyRule.
- action
Name string - Override action to take if capability was triggered, defined in Protection Rule for this capability. Only actions of type CHECK are allowed.
- condition string
- An expression that determines whether or not the rule action should be executed.
- condition
Language string - The language used to parse condition from field
condition
. Available languages:- JMESPATH an extended JMESPath language syntax.
- is
Body booleanInspection Enabled - Enables/disables body inspection for this protection rule. Only Protection Rules in RequestProtection can have this option enabled. Response body inspection will be available at a later date.
- name string
- Rule name. Must be unique within the module.
- protection
Capabilities GetWeb App Firewall Policies Web App Firewall Policy Collection Item Request Protection Rule Protection Capability[] - An ordered list that references OCI-managed protection capabilities. Referenced protection capabilities are not necessarily executed in order of appearance. Their execution order is decided at runtime for improved performance. The array cannot contain entries with the same pair of capability key and version more than once.
- protection
Capability GetSettings Web App Firewall Policies Web App Firewall Policy Collection Item Request Protection Rule Protection Capability Setting[] - Settings for protection capabilities
- type string
- Type of WebAppFirewallPolicyRule.
- action_
name str - Override action to take if capability was triggered, defined in Protection Rule for this capability. Only actions of type CHECK are allowed.
- condition str
- An expression that determines whether or not the rule action should be executed.
- condition_
language str - The language used to parse condition from field
condition
. Available languages:- JMESPATH an extended JMESPath language syntax.
- is_
body_ boolinspection_ enabled - Enables/disables body inspection for this protection rule. Only Protection Rules in RequestProtection can have this option enabled. Response body inspection will be available at a later date.
- name str
- Rule name. Must be unique within the module.
- protection_
capabilities Sequence[waf.Get Web App Firewall Policies Web App Firewall Policy Collection Item Request Protection Rule Protection Capability] - An ordered list that references OCI-managed protection capabilities. Referenced protection capabilities are not necessarily executed in order of appearance. Their execution order is decided at runtime for improved performance. The array cannot contain entries with the same pair of capability key and version more than once.
- protection_
capability_ Sequence[waf.settings Get Web App Firewall Policies Web App Firewall Policy Collection Item Request Protection Rule Protection Capability Setting] - Settings for protection capabilities
- type str
- Type of WebAppFirewallPolicyRule.
- action
Name String - Override action to take if capability was triggered, defined in Protection Rule for this capability. Only actions of type CHECK are allowed.
- condition String
- An expression that determines whether or not the rule action should be executed.
- condition
Language String - The language used to parse condition from field
condition
. Available languages:- JMESPATH an extended JMESPath language syntax.
- is
Body BooleanInspection Enabled - Enables/disables body inspection for this protection rule. Only Protection Rules in RequestProtection can have this option enabled. Response body inspection will be available at a later date.
- name String
- Rule name. Must be unique within the module.
- protection
Capabilities List<Property Map> - An ordered list that references OCI-managed protection capabilities. Referenced protection capabilities are not necessarily executed in order of appearance. Their execution order is decided at runtime for improved performance. The array cannot contain entries with the same pair of capability key and version more than once.
- protection
Capability List<Property Map>Settings - Settings for protection capabilities
- type String
- Type of WebAppFirewallPolicyRule.
GetWebAppFirewallPoliciesWebAppFirewallPolicyCollectionItemRequestProtectionRuleProtectionCapability
- Action
Name string - Override action to take if capability was triggered, defined in Protection Rule for this capability. Only actions of type CHECK are allowed.
- Collaborative
Action intThreshold - The minimum sum of weights of associated collaborative protection capabilities that have triggered which must be reached in order for this capability to trigger. This field is ignored for non-collaborative capabilities.
- Collaborative
Weights List<GetWeb App Firewall Policies Web App Firewall Policy Collection Item Request Protection Rule Protection Capability Collaborative Weight> - Explicit weight values to use for associated collaborative protection capabilities.
- Exclusions
List<Get
Web App Firewall Policies Web App Firewall Policy Collection Item Request Protection Rule Protection Capability Exclusion> - Identifies specific HTTP message parameters to exclude from inspection by a protection capability.
- Key string
- Unique key of referenced protection capability.
- Version int
- Version of referenced protection capability.
- Action
Name string - Override action to take if capability was triggered, defined in Protection Rule for this capability. Only actions of type CHECK are allowed.
- Collaborative
Action intThreshold - The minimum sum of weights of associated collaborative protection capabilities that have triggered which must be reached in order for this capability to trigger. This field is ignored for non-collaborative capabilities.
- Collaborative
Weights []GetWeb App Firewall Policies Web App Firewall Policy Collection Item Request Protection Rule Protection Capability Collaborative Weight - Explicit weight values to use for associated collaborative protection capabilities.
- Exclusions
[]Get
Web App Firewall Policies Web App Firewall Policy Collection Item Request Protection Rule Protection Capability Exclusion - Identifies specific HTTP message parameters to exclude from inspection by a protection capability.
- Key string
- Unique key of referenced protection capability.
- Version int
- Version of referenced protection capability.
- action
Name String - Override action to take if capability was triggered, defined in Protection Rule for this capability. Only actions of type CHECK are allowed.
- collaborative
Action IntegerThreshold - The minimum sum of weights of associated collaborative protection capabilities that have triggered which must be reached in order for this capability to trigger. This field is ignored for non-collaborative capabilities.
- collaborative
Weights List<GetWeb App Firewall Policies Web App Firewall Policy Collection Item Request Protection Rule Protection Capability Collaborative Weight> - Explicit weight values to use for associated collaborative protection capabilities.
- exclusions
List<Get
Web App Firewall Policies Web App Firewall Policy Collection Item Request Protection Rule Protection Capability Exclusion> - Identifies specific HTTP message parameters to exclude from inspection by a protection capability.
- key String
- Unique key of referenced protection capability.
- version Integer
- Version of referenced protection capability.
- action
Name string - Override action to take if capability was triggered, defined in Protection Rule for this capability. Only actions of type CHECK are allowed.
- collaborative
Action numberThreshold - The minimum sum of weights of associated collaborative protection capabilities that have triggered which must be reached in order for this capability to trigger. This field is ignored for non-collaborative capabilities.
- collaborative
Weights GetWeb App Firewall Policies Web App Firewall Policy Collection Item Request Protection Rule Protection Capability Collaborative Weight[] - Explicit weight values to use for associated collaborative protection capabilities.
- exclusions
Get
Web App Firewall Policies Web App Firewall Policy Collection Item Request Protection Rule Protection Capability Exclusion[] - Identifies specific HTTP message parameters to exclude from inspection by a protection capability.
- key string
- Unique key of referenced protection capability.
- version number
- Version of referenced protection capability.
- action_
name str - Override action to take if capability was triggered, defined in Protection Rule for this capability. Only actions of type CHECK are allowed.
- collaborative_
action_ intthreshold - The minimum sum of weights of associated collaborative protection capabilities that have triggered which must be reached in order for this capability to trigger. This field is ignored for non-collaborative capabilities.
- collaborative_
weights Sequence[waf.Get Web App Firewall Policies Web App Firewall Policy Collection Item Request Protection Rule Protection Capability Collaborative Weight] - Explicit weight values to use for associated collaborative protection capabilities.
- exclusions
Sequence[waf.
Get Web App Firewall Policies Web App Firewall Policy Collection Item Request Protection Rule Protection Capability Exclusion] - Identifies specific HTTP message parameters to exclude from inspection by a protection capability.
- key str
- Unique key of referenced protection capability.
- version int
- Version of referenced protection capability.
- action
Name String - Override action to take if capability was triggered, defined in Protection Rule for this capability. Only actions of type CHECK are allowed.
- collaborative
Action NumberThreshold - The minimum sum of weights of associated collaborative protection capabilities that have triggered which must be reached in order for this capability to trigger. This field is ignored for non-collaborative capabilities.
- collaborative
Weights List<Property Map> - Explicit weight values to use for associated collaborative protection capabilities.
- exclusions List<Property Map>
- Identifies specific HTTP message parameters to exclude from inspection by a protection capability.
- key String
- Unique key of referenced protection capability.
- version Number
- Version of referenced protection capability.
GetWebAppFirewallPoliciesWebAppFirewallPolicyCollectionItemRequestProtectionRuleProtectionCapabilityCollaborativeWeight
GetWebAppFirewallPoliciesWebAppFirewallPolicyCollectionItemRequestProtectionRuleProtectionCapabilityExclusion
- Args List<string>
- List of URL query parameter values from form-urlencoded XML, JSON, AMP, or POST payloads to exclude from inspecting. Example: If we have query parameter 'argumentName=argumentValue' and args=['argumentName'], both 'argumentName' and 'argumentValue' will not be inspected.
- List<string>
- List of HTTP request cookie values (by cookie name) to exclude from inspecting. Example: If we have cookie 'cookieName=cookieValue' and requestCookies=['cookieName'], both 'cookieName' and 'cookieValue' will not be inspected.
- Args []string
- List of URL query parameter values from form-urlencoded XML, JSON, AMP, or POST payloads to exclude from inspecting. Example: If we have query parameter 'argumentName=argumentValue' and args=['argumentName'], both 'argumentName' and 'argumentValue' will not be inspected.
- []string
- List of HTTP request cookie values (by cookie name) to exclude from inspecting. Example: If we have cookie 'cookieName=cookieValue' and requestCookies=['cookieName'], both 'cookieName' and 'cookieValue' will not be inspected.
- args List<String>
- List of URL query parameter values from form-urlencoded XML, JSON, AMP, or POST payloads to exclude from inspecting. Example: If we have query parameter 'argumentName=argumentValue' and args=['argumentName'], both 'argumentName' and 'argumentValue' will not be inspected.
- List<String>
- List of HTTP request cookie values (by cookie name) to exclude from inspecting. Example: If we have cookie 'cookieName=cookieValue' and requestCookies=['cookieName'], both 'cookieName' and 'cookieValue' will not be inspected.
- args string[]
- List of URL query parameter values from form-urlencoded XML, JSON, AMP, or POST payloads to exclude from inspecting. Example: If we have query parameter 'argumentName=argumentValue' and args=['argumentName'], both 'argumentName' and 'argumentValue' will not be inspected.
- string[]
- List of HTTP request cookie values (by cookie name) to exclude from inspecting. Example: If we have cookie 'cookieName=cookieValue' and requestCookies=['cookieName'], both 'cookieName' and 'cookieValue' will not be inspected.
- args Sequence[str]
- List of URL query parameter values from form-urlencoded XML, JSON, AMP, or POST payloads to exclude from inspecting. Example: If we have query parameter 'argumentName=argumentValue' and args=['argumentName'], both 'argumentName' and 'argumentValue' will not be inspected.
- Sequence[str]
- List of HTTP request cookie values (by cookie name) to exclude from inspecting. Example: If we have cookie 'cookieName=cookieValue' and requestCookies=['cookieName'], both 'cookieName' and 'cookieValue' will not be inspected.
- args List<String>
- List of URL query parameter values from form-urlencoded XML, JSON, AMP, or POST payloads to exclude from inspecting. Example: If we have query parameter 'argumentName=argumentValue' and args=['argumentName'], both 'argumentName' and 'argumentValue' will not be inspected.
- List<String>
- List of HTTP request cookie values (by cookie name) to exclude from inspecting. Example: If we have cookie 'cookieName=cookieValue' and requestCookies=['cookieName'], both 'cookieName' and 'cookieValue' will not be inspected.
GetWebAppFirewallPoliciesWebAppFirewallPolicyCollectionItemRequestProtectionRuleProtectionCapabilitySetting
- Allowed
Http List<string>Methods - List of allowed HTTP methods. Each value as a RFC7230 formated token string. Used in protection capability 911100: Restrict HTTP Request Methods.
- Max
Http intRequest Header Length - Maximum allowed length of headers in an HTTP request. Used in protection capability: 9200024: Limit length of request header size.
- Max
Http intRequest Headers - Maximum number of headers allowed in an HTTP request. Used in protection capability 9200014: Limit Number of Request Headers.
- Max
Number intOf Arguments - Maximum number of arguments allowed. Used in protection capability 920380: Number of Arguments Limits.
- Max
Single intArgument Length - Maximum allowed length of a single argument. Used in protection capability 920370: Limit argument value length.
- Max
Total intArgument Length - Maximum allowed total length of all arguments. Used in protection capability 920390: Limit arguments total length.
- Allowed
Http []stringMethods - List of allowed HTTP methods. Each value as a RFC7230 formated token string. Used in protection capability 911100: Restrict HTTP Request Methods.
- Max
Http intRequest Header Length - Maximum allowed length of headers in an HTTP request. Used in protection capability: 9200024: Limit length of request header size.
- Max
Http intRequest Headers - Maximum number of headers allowed in an HTTP request. Used in protection capability 9200014: Limit Number of Request Headers.
- Max
Number intOf Arguments - Maximum number of arguments allowed. Used in protection capability 920380: Number of Arguments Limits.
- Max
Single intArgument Length - Maximum allowed length of a single argument. Used in protection capability 920370: Limit argument value length.
- Max
Total intArgument Length - Maximum allowed total length of all arguments. Used in protection capability 920390: Limit arguments total length.
- allowed
Http List<String>Methods - List of allowed HTTP methods. Each value as a RFC7230 formated token string. Used in protection capability 911100: Restrict HTTP Request Methods.
- max
Http IntegerRequest Header Length - Maximum allowed length of headers in an HTTP request. Used in protection capability: 9200024: Limit length of request header size.
- max
Http IntegerRequest Headers - Maximum number of headers allowed in an HTTP request. Used in protection capability 9200014: Limit Number of Request Headers.
- max
Number IntegerOf Arguments - Maximum number of arguments allowed. Used in protection capability 920380: Number of Arguments Limits.
- max
Single IntegerArgument Length - Maximum allowed length of a single argument. Used in protection capability 920370: Limit argument value length.
- max
Total IntegerArgument Length - Maximum allowed total length of all arguments. Used in protection capability 920390: Limit arguments total length.
- allowed
Http string[]Methods - List of allowed HTTP methods. Each value as a RFC7230 formated token string. Used in protection capability 911100: Restrict HTTP Request Methods.
- max
Http numberRequest Header Length - Maximum allowed length of headers in an HTTP request. Used in protection capability: 9200024: Limit length of request header size.
- max
Http numberRequest Headers - Maximum number of headers allowed in an HTTP request. Used in protection capability 9200014: Limit Number of Request Headers.
- max
Number numberOf Arguments - Maximum number of arguments allowed. Used in protection capability 920380: Number of Arguments Limits.
- max
Single numberArgument Length - Maximum allowed length of a single argument. Used in protection capability 920370: Limit argument value length.
- max
Total numberArgument Length - Maximum allowed total length of all arguments. Used in protection capability 920390: Limit arguments total length.
- allowed_
http_ Sequence[str]methods - List of allowed HTTP methods. Each value as a RFC7230 formated token string. Used in protection capability 911100: Restrict HTTP Request Methods.
- max_
http_ intrequest_ header_ length - Maximum allowed length of headers in an HTTP request. Used in protection capability: 9200024: Limit length of request header size.
- max_
http_ intrequest_ headers - Maximum number of headers allowed in an HTTP request. Used in protection capability 9200014: Limit Number of Request Headers.
- max_
number_ intof_ arguments - Maximum number of arguments allowed. Used in protection capability 920380: Number of Arguments Limits.
- max_
single_ intargument_ length - Maximum allowed length of a single argument. Used in protection capability 920370: Limit argument value length.
- max_
total_ intargument_ length - Maximum allowed total length of all arguments. Used in protection capability 920390: Limit arguments total length.
- allowed
Http List<String>Methods - List of allowed HTTP methods. Each value as a RFC7230 formated token string. Used in protection capability 911100: Restrict HTTP Request Methods.
- max
Http NumberRequest Header Length - Maximum allowed length of headers in an HTTP request. Used in protection capability: 9200024: Limit length of request header size.
- max
Http NumberRequest Headers - Maximum number of headers allowed in an HTTP request. Used in protection capability 9200014: Limit Number of Request Headers.
- max
Number NumberOf Arguments - Maximum number of arguments allowed. Used in protection capability 920380: Number of Arguments Limits.
- max
Single NumberArgument Length - Maximum allowed length of a single argument. Used in protection capability 920370: Limit argument value length.
- max
Total NumberArgument Length - Maximum allowed total length of all arguments. Used in protection capability 920390: Limit arguments total length.
GetWebAppFirewallPoliciesWebAppFirewallPolicyCollectionItemRequestRateLimiting
- Rules
List<Get
Web App Firewall Policies Web App Firewall Policy Collection Item Request Rate Limiting Rule> - Ordered list of ProtectionRules. Rules are executed in order of appearance in this array. ProtectionRules in this array can only use protection capabilities of RESPONSE_PROTECTION_CAPABILITY type.
- Rules
[]Get
Web App Firewall Policies Web App Firewall Policy Collection Item Request Rate Limiting Rule - Ordered list of ProtectionRules. Rules are executed in order of appearance in this array. ProtectionRules in this array can only use protection capabilities of RESPONSE_PROTECTION_CAPABILITY type.
- rules
List<Get
Web App Firewall Policies Web App Firewall Policy Collection Item Request Rate Limiting Rule> - Ordered list of ProtectionRules. Rules are executed in order of appearance in this array. ProtectionRules in this array can only use protection capabilities of RESPONSE_PROTECTION_CAPABILITY type.
- rules
Get
Web App Firewall Policies Web App Firewall Policy Collection Item Request Rate Limiting Rule[] - Ordered list of ProtectionRules. Rules are executed in order of appearance in this array. ProtectionRules in this array can only use protection capabilities of RESPONSE_PROTECTION_CAPABILITY type.
- rules
Sequence[waf.
Get Web App Firewall Policies Web App Firewall Policy Collection Item Request Rate Limiting Rule] - Ordered list of ProtectionRules. Rules are executed in order of appearance in this array. ProtectionRules in this array can only use protection capabilities of RESPONSE_PROTECTION_CAPABILITY type.
- rules List<Property Map>
- Ordered list of ProtectionRules. Rules are executed in order of appearance in this array. ProtectionRules in this array can only use protection capabilities of RESPONSE_PROTECTION_CAPABILITY type.
GetWebAppFirewallPoliciesWebAppFirewallPolicyCollectionItemRequestRateLimitingRule
- Action
Name string - Override action to take if capability was triggered, defined in Protection Rule for this capability. Only actions of type CHECK are allowed.
- Condition string
- An expression that determines whether or not the rule action should be executed.
- Condition
Language string - The language used to parse condition from field
condition
. Available languages:- JMESPATH an extended JMESPath language syntax.
- Configurations
List<Get
Web App Firewall Policies Web App Firewall Policy Collection Item Request Rate Limiting Rule Configuration> - Rate Limiting Configurations. Each configuration counts requests towards its own
requestsLimit
. - Name string
- Rule name. Must be unique within the module.
- Type string
- Type of WebAppFirewallPolicyRule.
- Action
Name string - Override action to take if capability was triggered, defined in Protection Rule for this capability. Only actions of type CHECK are allowed.
- Condition string
- An expression that determines whether or not the rule action should be executed.
- Condition
Language string - The language used to parse condition from field
condition
. Available languages:- JMESPATH an extended JMESPath language syntax.
- Configurations
[]Get
Web App Firewall Policies Web App Firewall Policy Collection Item Request Rate Limiting Rule Configuration - Rate Limiting Configurations. Each configuration counts requests towards its own
requestsLimit
. - Name string
- Rule name. Must be unique within the module.
- Type string
- Type of WebAppFirewallPolicyRule.
- action
Name String - Override action to take if capability was triggered, defined in Protection Rule for this capability. Only actions of type CHECK are allowed.
- condition String
- An expression that determines whether or not the rule action should be executed.
- condition
Language String - The language used to parse condition from field
condition
. Available languages:- JMESPATH an extended JMESPath language syntax.
- configurations
List<Get
Web App Firewall Policies Web App Firewall Policy Collection Item Request Rate Limiting Rule Configuration> - Rate Limiting Configurations. Each configuration counts requests towards its own
requestsLimit
. - name String
- Rule name. Must be unique within the module.
- type String
- Type of WebAppFirewallPolicyRule.
- action
Name string - Override action to take if capability was triggered, defined in Protection Rule for this capability. Only actions of type CHECK are allowed.
- condition string
- An expression that determines whether or not the rule action should be executed.
- condition
Language string - The language used to parse condition from field
condition
. Available languages:- JMESPATH an extended JMESPath language syntax.
- configurations
Get
Web App Firewall Policies Web App Firewall Policy Collection Item Request Rate Limiting Rule Configuration[] - Rate Limiting Configurations. Each configuration counts requests towards its own
requestsLimit
. - name string
- Rule name. Must be unique within the module.
- type string
- Type of WebAppFirewallPolicyRule.
- action_
name str - Override action to take if capability was triggered, defined in Protection Rule for this capability. Only actions of type CHECK are allowed.
- condition str
- An expression that determines whether or not the rule action should be executed.
- condition_
language str - The language used to parse condition from field
condition
. Available languages:- JMESPATH an extended JMESPath language syntax.
- configurations
Sequence[waf.
Get Web App Firewall Policies Web App Firewall Policy Collection Item Request Rate Limiting Rule Configuration] - Rate Limiting Configurations. Each configuration counts requests towards its own
requestsLimit
. - name str
- Rule name. Must be unique within the module.
- type str
- Type of WebAppFirewallPolicyRule.
- action
Name String - Override action to take if capability was triggered, defined in Protection Rule for this capability. Only actions of type CHECK are allowed.
- condition String
- An expression that determines whether or not the rule action should be executed.
- condition
Language String - The language used to parse condition from field
condition
. Available languages:- JMESPATH an extended JMESPath language syntax.
- configurations List<Property Map>
- Rate Limiting Configurations. Each configuration counts requests towards its own
requestsLimit
. - name String
- Rule name. Must be unique within the module.
- type String
- Type of WebAppFirewallPolicyRule.
GetWebAppFirewallPoliciesWebAppFirewallPolicyCollectionItemRequestRateLimitingRuleConfiguration
- Action
Duration intIn Seconds - Duration of block action application in seconds when
requestsLimit
is reached. Optional and can be 0 (no block duration). - Period
In intSeconds - Evaluation period in seconds.
- Requests
Limit int - Requests allowed per evaluation period.
- Action
Duration intIn Seconds - Duration of block action application in seconds when
requestsLimit
is reached. Optional and can be 0 (no block duration). - Period
In intSeconds - Evaluation period in seconds.
- Requests
Limit int - Requests allowed per evaluation period.
- action
Duration IntegerIn Seconds - Duration of block action application in seconds when
requestsLimit
is reached. Optional and can be 0 (no block duration). - period
In IntegerSeconds - Evaluation period in seconds.
- requests
Limit Integer - Requests allowed per evaluation period.
- action
Duration numberIn Seconds - Duration of block action application in seconds when
requestsLimit
is reached. Optional and can be 0 (no block duration). - period
In numberSeconds - Evaluation period in seconds.
- requests
Limit number - Requests allowed per evaluation period.
- action_
duration_ intin_ seconds - Duration of block action application in seconds when
requestsLimit
is reached. Optional and can be 0 (no block duration). - period_
in_ intseconds - Evaluation period in seconds.
- requests_
limit int - Requests allowed per evaluation period.
- action
Duration NumberIn Seconds - Duration of block action application in seconds when
requestsLimit
is reached. Optional and can be 0 (no block duration). - period
In NumberSeconds - Evaluation period in seconds.
- requests
Limit Number - Requests allowed per evaluation period.
GetWebAppFirewallPoliciesWebAppFirewallPolicyCollectionItemResponseAccessControl
- Rules
List<Get
Web App Firewall Policies Web App Firewall Policy Collection Item Response Access Control Rule> - Ordered list of ProtectionRules. Rules are executed in order of appearance in this array. ProtectionRules in this array can only use protection capabilities of RESPONSE_PROTECTION_CAPABILITY type.
- Rules
[]Get
Web App Firewall Policies Web App Firewall Policy Collection Item Response Access Control Rule - Ordered list of ProtectionRules. Rules are executed in order of appearance in this array. ProtectionRules in this array can only use protection capabilities of RESPONSE_PROTECTION_CAPABILITY type.
- rules
List<Get
Web App Firewall Policies Web App Firewall Policy Collection Item Response Access Control Rule> - Ordered list of ProtectionRules. Rules are executed in order of appearance in this array. ProtectionRules in this array can only use protection capabilities of RESPONSE_PROTECTION_CAPABILITY type.
- rules
Get
Web App Firewall Policies Web App Firewall Policy Collection Item Response Access Control Rule[] - Ordered list of ProtectionRules. Rules are executed in order of appearance in this array. ProtectionRules in this array can only use protection capabilities of RESPONSE_PROTECTION_CAPABILITY type.
- rules
Sequence[waf.
Get Web App Firewall Policies Web App Firewall Policy Collection Item Response Access Control Rule] - Ordered list of ProtectionRules. Rules are executed in order of appearance in this array. ProtectionRules in this array can only use protection capabilities of RESPONSE_PROTECTION_CAPABILITY type.
- rules List<Property Map>
- Ordered list of ProtectionRules. Rules are executed in order of appearance in this array. ProtectionRules in this array can only use protection capabilities of RESPONSE_PROTECTION_CAPABILITY type.
GetWebAppFirewallPoliciesWebAppFirewallPolicyCollectionItemResponseAccessControlRule
- Action
Name string - Override action to take if capability was triggered, defined in Protection Rule for this capability. Only actions of type CHECK are allowed.
- Condition string
- An expression that determines whether or not the rule action should be executed.
- Condition
Language string - The language used to parse condition from field
condition
. Available languages:- JMESPATH an extended JMESPath language syntax.
- Name string
- Rule name. Must be unique within the module.
- Type string
- Type of WebAppFirewallPolicyRule.
- Action
Name string - Override action to take if capability was triggered, defined in Protection Rule for this capability. Only actions of type CHECK are allowed.
- Condition string
- An expression that determines whether or not the rule action should be executed.
- Condition
Language string - The language used to parse condition from field
condition
. Available languages:- JMESPATH an extended JMESPath language syntax.
- Name string
- Rule name. Must be unique within the module.
- Type string
- Type of WebAppFirewallPolicyRule.
- action
Name String - Override action to take if capability was triggered, defined in Protection Rule for this capability. Only actions of type CHECK are allowed.
- condition String
- An expression that determines whether or not the rule action should be executed.
- condition
Language String - The language used to parse condition from field
condition
. Available languages:- JMESPATH an extended JMESPath language syntax.
- name String
- Rule name. Must be unique within the module.
- type String
- Type of WebAppFirewallPolicyRule.
- action
Name string - Override action to take if capability was triggered, defined in Protection Rule for this capability. Only actions of type CHECK are allowed.
- condition string
- An expression that determines whether or not the rule action should be executed.
- condition
Language string - The language used to parse condition from field
condition
. Available languages:- JMESPATH an extended JMESPath language syntax.
- name string
- Rule name. Must be unique within the module.
- type string
- Type of WebAppFirewallPolicyRule.
- action_
name str - Override action to take if capability was triggered, defined in Protection Rule for this capability. Only actions of type CHECK are allowed.
- condition str
- An expression that determines whether or not the rule action should be executed.
- condition_
language str - The language used to parse condition from field
condition
. Available languages:- JMESPATH an extended JMESPath language syntax.
- name str
- Rule name. Must be unique within the module.
- type str
- Type of WebAppFirewallPolicyRule.
- action
Name String - Override action to take if capability was triggered, defined in Protection Rule for this capability. Only actions of type CHECK are allowed.
- condition String
- An expression that determines whether or not the rule action should be executed.
- condition
Language String - The language used to parse condition from field
condition
. Available languages:- JMESPATH an extended JMESPath language syntax.
- name String
- Rule name. Must be unique within the module.
- type String
- Type of WebAppFirewallPolicyRule.
GetWebAppFirewallPoliciesWebAppFirewallPolicyCollectionItemResponseProtection
- Rules
List<Get
Web App Firewall Policies Web App Firewall Policy Collection Item Response Protection Rule> - Ordered list of ProtectionRules. Rules are executed in order of appearance in this array. ProtectionRules in this array can only use protection capabilities of RESPONSE_PROTECTION_CAPABILITY type.
- Rules
[]Get
Web App Firewall Policies Web App Firewall Policy Collection Item Response Protection Rule - Ordered list of ProtectionRules. Rules are executed in order of appearance in this array. ProtectionRules in this array can only use protection capabilities of RESPONSE_PROTECTION_CAPABILITY type.
- rules
List<Get
Web App Firewall Policies Web App Firewall Policy Collection Item Response Protection Rule> - Ordered list of ProtectionRules. Rules are executed in order of appearance in this array. ProtectionRules in this array can only use protection capabilities of RESPONSE_PROTECTION_CAPABILITY type.
- rules
Get
Web App Firewall Policies Web App Firewall Policy Collection Item Response Protection Rule[] - Ordered list of ProtectionRules. Rules are executed in order of appearance in this array. ProtectionRules in this array can only use protection capabilities of RESPONSE_PROTECTION_CAPABILITY type.
- rules
Sequence[waf.
Get Web App Firewall Policies Web App Firewall Policy Collection Item Response Protection Rule] - Ordered list of ProtectionRules. Rules are executed in order of appearance in this array. ProtectionRules in this array can only use protection capabilities of RESPONSE_PROTECTION_CAPABILITY type.
- rules List<Property Map>
- Ordered list of ProtectionRules. Rules are executed in order of appearance in this array. ProtectionRules in this array can only use protection capabilities of RESPONSE_PROTECTION_CAPABILITY type.
GetWebAppFirewallPoliciesWebAppFirewallPolicyCollectionItemResponseProtectionRule
- Action
Name string - Override action to take if capability was triggered, defined in Protection Rule for this capability. Only actions of type CHECK are allowed.
- Condition string
- An expression that determines whether or not the rule action should be executed.
- Condition
Language string - The language used to parse condition from field
condition
. Available languages:- JMESPATH an extended JMESPath language syntax.
- Is
Body boolInspection Enabled - Enables/disables body inspection for this protection rule. Only Protection Rules in RequestProtection can have this option enabled. Response body inspection will be available at a later date.
- Name string
- Rule name. Must be unique within the module.
- Protection
Capabilities List<GetWeb App Firewall Policies Web App Firewall Policy Collection Item Response Protection Rule Protection Capability> - An ordered list that references OCI-managed protection capabilities. Referenced protection capabilities are not necessarily executed in order of appearance. Their execution order is decided at runtime for improved performance. The array cannot contain entries with the same pair of capability key and version more than once.
- Protection
Capability List<GetSettings Web App Firewall Policies Web App Firewall Policy Collection Item Response Protection Rule Protection Capability Setting> - Settings for protection capabilities
- Type string
- Type of WebAppFirewallPolicyRule.
- Action
Name string - Override action to take if capability was triggered, defined in Protection Rule for this capability. Only actions of type CHECK are allowed.
- Condition string
- An expression that determines whether or not the rule action should be executed.
- Condition
Language string - The language used to parse condition from field
condition
. Available languages:- JMESPATH an extended JMESPath language syntax.
- Is
Body boolInspection Enabled - Enables/disables body inspection for this protection rule. Only Protection Rules in RequestProtection can have this option enabled. Response body inspection will be available at a later date.
- Name string
- Rule name. Must be unique within the module.
- Protection
Capabilities []GetWeb App Firewall Policies Web App Firewall Policy Collection Item Response Protection Rule Protection Capability - An ordered list that references OCI-managed protection capabilities. Referenced protection capabilities are not necessarily executed in order of appearance. Their execution order is decided at runtime for improved performance. The array cannot contain entries with the same pair of capability key and version more than once.
- Protection
Capability []GetSettings Web App Firewall Policies Web App Firewall Policy Collection Item Response Protection Rule Protection Capability Setting - Settings for protection capabilities
- Type string
- Type of WebAppFirewallPolicyRule.
- action
Name String - Override action to take if capability was triggered, defined in Protection Rule for this capability. Only actions of type CHECK are allowed.
- condition String
- An expression that determines whether or not the rule action should be executed.
- condition
Language String - The language used to parse condition from field
condition
. Available languages:- JMESPATH an extended JMESPath language syntax.
- is
Body BooleanInspection Enabled - Enables/disables body inspection for this protection rule. Only Protection Rules in RequestProtection can have this option enabled. Response body inspection will be available at a later date.
- name String
- Rule name. Must be unique within the module.
- protection
Capabilities List<GetWeb App Firewall Policies Web App Firewall Policy Collection Item Response Protection Rule Protection Capability> - An ordered list that references OCI-managed protection capabilities. Referenced protection capabilities are not necessarily executed in order of appearance. Their execution order is decided at runtime for improved performance. The array cannot contain entries with the same pair of capability key and version more than once.
- protection
Capability List<GetSettings Web App Firewall Policies Web App Firewall Policy Collection Item Response Protection Rule Protection Capability Setting> - Settings for protection capabilities
- type String
- Type of WebAppFirewallPolicyRule.
- action
Name string - Override action to take if capability was triggered, defined in Protection Rule for this capability. Only actions of type CHECK are allowed.
- condition string
- An expression that determines whether or not the rule action should be executed.
- condition
Language string - The language used to parse condition from field
condition
. Available languages:- JMESPATH an extended JMESPath language syntax.
- is
Body booleanInspection Enabled - Enables/disables body inspection for this protection rule. Only Protection Rules in RequestProtection can have this option enabled. Response body inspection will be available at a later date.
- name string
- Rule name. Must be unique within the module.
- protection
Capabilities GetWeb App Firewall Policies Web App Firewall Policy Collection Item Response Protection Rule Protection Capability[] - An ordered list that references OCI-managed protection capabilities. Referenced protection capabilities are not necessarily executed in order of appearance. Their execution order is decided at runtime for improved performance. The array cannot contain entries with the same pair of capability key and version more than once.
- protection
Capability GetSettings Web App Firewall Policies Web App Firewall Policy Collection Item Response Protection Rule Protection Capability Setting[] - Settings for protection capabilities
- type string
- Type of WebAppFirewallPolicyRule.
- action_
name str - Override action to take if capability was triggered, defined in Protection Rule for this capability. Only actions of type CHECK are allowed.
- condition str
- An expression that determines whether or not the rule action should be executed.
- condition_
language str - The language used to parse condition from field
condition
. Available languages:- JMESPATH an extended JMESPath language syntax.
- is_
body_ boolinspection_ enabled - Enables/disables body inspection for this protection rule. Only Protection Rules in RequestProtection can have this option enabled. Response body inspection will be available at a later date.
- name str
- Rule name. Must be unique within the module.
- protection_
capabilities Sequence[waf.Get Web App Firewall Policies Web App Firewall Policy Collection Item Response Protection Rule Protection Capability] - An ordered list that references OCI-managed protection capabilities. Referenced protection capabilities are not necessarily executed in order of appearance. Their execution order is decided at runtime for improved performance. The array cannot contain entries with the same pair of capability key and version more than once.
- protection_
capability_ Sequence[waf.settings Get Web App Firewall Policies Web App Firewall Policy Collection Item Response Protection Rule Protection Capability Setting] - Settings for protection capabilities
- type str
- Type of WebAppFirewallPolicyRule.
- action
Name String - Override action to take if capability was triggered, defined in Protection Rule for this capability. Only actions of type CHECK are allowed.
- condition String
- An expression that determines whether or not the rule action should be executed.
- condition
Language String - The language used to parse condition from field
condition
. Available languages:- JMESPATH an extended JMESPath language syntax.
- is
Body BooleanInspection Enabled - Enables/disables body inspection for this protection rule. Only Protection Rules in RequestProtection can have this option enabled. Response body inspection will be available at a later date.
- name String
- Rule name. Must be unique within the module.
- protection
Capabilities List<Property Map> - An ordered list that references OCI-managed protection capabilities. Referenced protection capabilities are not necessarily executed in order of appearance. Their execution order is decided at runtime for improved performance. The array cannot contain entries with the same pair of capability key and version more than once.
- protection
Capability List<Property Map>Settings - Settings for protection capabilities
- type String
- Type of WebAppFirewallPolicyRule.
GetWebAppFirewallPoliciesWebAppFirewallPolicyCollectionItemResponseProtectionRuleProtectionCapability
- Action
Name string - Override action to take if capability was triggered, defined in Protection Rule for this capability. Only actions of type CHECK are allowed.
- Collaborative
Action intThreshold - The minimum sum of weights of associated collaborative protection capabilities that have triggered which must be reached in order for this capability to trigger. This field is ignored for non-collaborative capabilities.
- Collaborative
Weights List<GetWeb App Firewall Policies Web App Firewall Policy Collection Item Response Protection Rule Protection Capability Collaborative Weight> - Explicit weight values to use for associated collaborative protection capabilities.
- Exclusions
List<Get
Web App Firewall Policies Web App Firewall Policy Collection Item Response Protection Rule Protection Capability Exclusion> - Identifies specific HTTP message parameters to exclude from inspection by a protection capability.
- Key string
- Unique key of referenced protection capability.
- Version int
- Version of referenced protection capability.
- Action
Name string - Override action to take if capability was triggered, defined in Protection Rule for this capability. Only actions of type CHECK are allowed.
- Collaborative
Action intThreshold - The minimum sum of weights of associated collaborative protection capabilities that have triggered which must be reached in order for this capability to trigger. This field is ignored for non-collaborative capabilities.
- Collaborative
Weights []GetWeb App Firewall Policies Web App Firewall Policy Collection Item Response Protection Rule Protection Capability Collaborative Weight - Explicit weight values to use for associated collaborative protection capabilities.
- Exclusions
[]Get
Web App Firewall Policies Web App Firewall Policy Collection Item Response Protection Rule Protection Capability Exclusion - Identifies specific HTTP message parameters to exclude from inspection by a protection capability.
- Key string
- Unique key of referenced protection capability.
- Version int
- Version of referenced protection capability.
- action
Name String - Override action to take if capability was triggered, defined in Protection Rule for this capability. Only actions of type CHECK are allowed.
- collaborative
Action IntegerThreshold - The minimum sum of weights of associated collaborative protection capabilities that have triggered which must be reached in order for this capability to trigger. This field is ignored for non-collaborative capabilities.
- collaborative
Weights List<GetWeb App Firewall Policies Web App Firewall Policy Collection Item Response Protection Rule Protection Capability Collaborative Weight> - Explicit weight values to use for associated collaborative protection capabilities.
- exclusions
List<Get
Web App Firewall Policies Web App Firewall Policy Collection Item Response Protection Rule Protection Capability Exclusion> - Identifies specific HTTP message parameters to exclude from inspection by a protection capability.
- key String
- Unique key of referenced protection capability.
- version Integer
- Version of referenced protection capability.
- action
Name string - Override action to take if capability was triggered, defined in Protection Rule for this capability. Only actions of type CHECK are allowed.
- collaborative
Action numberThreshold - The minimum sum of weights of associated collaborative protection capabilities that have triggered which must be reached in order for this capability to trigger. This field is ignored for non-collaborative capabilities.
- collaborative
Weights GetWeb App Firewall Policies Web App Firewall Policy Collection Item Response Protection Rule Protection Capability Collaborative Weight[] - Explicit weight values to use for associated collaborative protection capabilities.
- exclusions
Get
Web App Firewall Policies Web App Firewall Policy Collection Item Response Protection Rule Protection Capability Exclusion[] - Identifies specific HTTP message parameters to exclude from inspection by a protection capability.
- key string
- Unique key of referenced protection capability.
- version number
- Version of referenced protection capability.
- action_
name str - Override action to take if capability was triggered, defined in Protection Rule for this capability. Only actions of type CHECK are allowed.
- collaborative_
action_ intthreshold - The minimum sum of weights of associated collaborative protection capabilities that have triggered which must be reached in order for this capability to trigger. This field is ignored for non-collaborative capabilities.
- collaborative_
weights Sequence[waf.Get Web App Firewall Policies Web App Firewall Policy Collection Item Response Protection Rule Protection Capability Collaborative Weight] - Explicit weight values to use for associated collaborative protection capabilities.
- exclusions
Sequence[waf.
Get Web App Firewall Policies Web App Firewall Policy Collection Item Response Protection Rule Protection Capability Exclusion] - Identifies specific HTTP message parameters to exclude from inspection by a protection capability.
- key str
- Unique key of referenced protection capability.
- version int
- Version of referenced protection capability.
- action
Name String - Override action to take if capability was triggered, defined in Protection Rule for this capability. Only actions of type CHECK are allowed.
- collaborative
Action NumberThreshold - The minimum sum of weights of associated collaborative protection capabilities that have triggered which must be reached in order for this capability to trigger. This field is ignored for non-collaborative capabilities.
- collaborative
Weights List<Property Map> - Explicit weight values to use for associated collaborative protection capabilities.
- exclusions List<Property Map>
- Identifies specific HTTP message parameters to exclude from inspection by a protection capability.
- key String
- Unique key of referenced protection capability.
- version Number
- Version of referenced protection capability.
GetWebAppFirewallPoliciesWebAppFirewallPolicyCollectionItemResponseProtectionRuleProtectionCapabilityCollaborativeWeight
GetWebAppFirewallPoliciesWebAppFirewallPolicyCollectionItemResponseProtectionRuleProtectionCapabilityExclusion
- Args List<string>
- List of URL query parameter values from form-urlencoded XML, JSON, AMP, or POST payloads to exclude from inspecting. Example: If we have query parameter 'argumentName=argumentValue' and args=['argumentName'], both 'argumentName' and 'argumentValue' will not be inspected.
- List<string>
- List of HTTP request cookie values (by cookie name) to exclude from inspecting. Example: If we have cookie 'cookieName=cookieValue' and requestCookies=['cookieName'], both 'cookieName' and 'cookieValue' will not be inspected.
- Args []string
- List of URL query parameter values from form-urlencoded XML, JSON, AMP, or POST payloads to exclude from inspecting. Example: If we have query parameter 'argumentName=argumentValue' and args=['argumentName'], both 'argumentName' and 'argumentValue' will not be inspected.
- []string
- List of HTTP request cookie values (by cookie name) to exclude from inspecting. Example: If we have cookie 'cookieName=cookieValue' and requestCookies=['cookieName'], both 'cookieName' and 'cookieValue' will not be inspected.
- args List<String>
- List of URL query parameter values from form-urlencoded XML, JSON, AMP, or POST payloads to exclude from inspecting. Example: If we have query parameter 'argumentName=argumentValue' and args=['argumentName'], both 'argumentName' and 'argumentValue' will not be inspected.
- List<String>
- List of HTTP request cookie values (by cookie name) to exclude from inspecting. Example: If we have cookie 'cookieName=cookieValue' and requestCookies=['cookieName'], both 'cookieName' and 'cookieValue' will not be inspected.
- args string[]
- List of URL query parameter values from form-urlencoded XML, JSON, AMP, or POST payloads to exclude from inspecting. Example: If we have query parameter 'argumentName=argumentValue' and args=['argumentName'], both 'argumentName' and 'argumentValue' will not be inspected.
- string[]
- List of HTTP request cookie values (by cookie name) to exclude from inspecting. Example: If we have cookie 'cookieName=cookieValue' and requestCookies=['cookieName'], both 'cookieName' and 'cookieValue' will not be inspected.
- args Sequence[str]
- List of URL query parameter values from form-urlencoded XML, JSON, AMP, or POST payloads to exclude from inspecting. Example: If we have query parameter 'argumentName=argumentValue' and args=['argumentName'], both 'argumentName' and 'argumentValue' will not be inspected.
- Sequence[str]
- List of HTTP request cookie values (by cookie name) to exclude from inspecting. Example: If we have cookie 'cookieName=cookieValue' and requestCookies=['cookieName'], both 'cookieName' and 'cookieValue' will not be inspected.
- args List<String>
- List of URL query parameter values from form-urlencoded XML, JSON, AMP, or POST payloads to exclude from inspecting. Example: If we have query parameter 'argumentName=argumentValue' and args=['argumentName'], both 'argumentName' and 'argumentValue' will not be inspected.
- List<String>
- List of HTTP request cookie values (by cookie name) to exclude from inspecting. Example: If we have cookie 'cookieName=cookieValue' and requestCookies=['cookieName'], both 'cookieName' and 'cookieValue' will not be inspected.
GetWebAppFirewallPoliciesWebAppFirewallPolicyCollectionItemResponseProtectionRuleProtectionCapabilitySetting
- Allowed
Http List<string>Methods - List of allowed HTTP methods. Each value as a RFC7230 formated token string. Used in protection capability 911100: Restrict HTTP Request Methods.
- Max
Http intRequest Header Length - Maximum allowed length of headers in an HTTP request. Used in protection capability: 9200024: Limit length of request header size.
- Max
Http intRequest Headers - Maximum number of headers allowed in an HTTP request. Used in protection capability 9200014: Limit Number of Request Headers.
- Max
Number intOf Arguments - Maximum number of arguments allowed. Used in protection capability 920380: Number of Arguments Limits.
- Max
Single intArgument Length - Maximum allowed length of a single argument. Used in protection capability 920370: Limit argument value length.
- Max
Total intArgument Length - Maximum allowed total length of all arguments. Used in protection capability 920390: Limit arguments total length.
- Allowed
Http []stringMethods - List of allowed HTTP methods. Each value as a RFC7230 formated token string. Used in protection capability 911100: Restrict HTTP Request Methods.
- Max
Http intRequest Header Length - Maximum allowed length of headers in an HTTP request. Used in protection capability: 9200024: Limit length of request header size.
- Max
Http intRequest Headers - Maximum number of headers allowed in an HTTP request. Used in protection capability 9200014: Limit Number of Request Headers.
- Max
Number intOf Arguments - Maximum number of arguments allowed. Used in protection capability 920380: Number of Arguments Limits.
- Max
Single intArgument Length - Maximum allowed length of a single argument. Used in protection capability 920370: Limit argument value length.
- Max
Total intArgument Length - Maximum allowed total length of all arguments. Used in protection capability 920390: Limit arguments total length.
- allowed
Http List<String>Methods - List of allowed HTTP methods. Each value as a RFC7230 formated token string. Used in protection capability 911100: Restrict HTTP Request Methods.
- max
Http IntegerRequest Header Length - Maximum allowed length of headers in an HTTP request. Used in protection capability: 9200024: Limit length of request header size.
- max
Http IntegerRequest Headers - Maximum number of headers allowed in an HTTP request. Used in protection capability 9200014: Limit Number of Request Headers.
- max
Number IntegerOf Arguments - Maximum number of arguments allowed. Used in protection capability 920380: Number of Arguments Limits.
- max
Single IntegerArgument Length - Maximum allowed length of a single argument. Used in protection capability 920370: Limit argument value length.
- max
Total IntegerArgument Length - Maximum allowed total length of all arguments. Used in protection capability 920390: Limit arguments total length.
- allowed
Http string[]Methods - List of allowed HTTP methods. Each value as a RFC7230 formated token string. Used in protection capability 911100: Restrict HTTP Request Methods.
- max
Http numberRequest Header Length - Maximum allowed length of headers in an HTTP request. Used in protection capability: 9200024: Limit length of request header size.
- max
Http numberRequest Headers - Maximum number of headers allowed in an HTTP request. Used in protection capability 9200014: Limit Number of Request Headers.
- max
Number numberOf Arguments - Maximum number of arguments allowed. Used in protection capability 920380: Number of Arguments Limits.
- max
Single numberArgument Length - Maximum allowed length of a single argument. Used in protection capability 920370: Limit argument value length.
- max
Total numberArgument Length - Maximum allowed total length of all arguments. Used in protection capability 920390: Limit arguments total length.
- allowed_
http_ Sequence[str]methods - List of allowed HTTP methods. Each value as a RFC7230 formated token string. Used in protection capability 911100: Restrict HTTP Request Methods.
- max_
http_ intrequest_ header_ length - Maximum allowed length of headers in an HTTP request. Used in protection capability: 9200024: Limit length of request header size.
- max_
http_ intrequest_ headers - Maximum number of headers allowed in an HTTP request. Used in protection capability 9200014: Limit Number of Request Headers.
- max_
number_ intof_ arguments - Maximum number of arguments allowed. Used in protection capability 920380: Number of Arguments Limits.
- max_
single_ intargument_ length - Maximum allowed length of a single argument. Used in protection capability 920370: Limit argument value length.
- max_
total_ intargument_ length - Maximum allowed total length of all arguments. Used in protection capability 920390: Limit arguments total length.
- allowed
Http List<String>Methods - List of allowed HTTP methods. Each value as a RFC7230 formated token string. Used in protection capability 911100: Restrict HTTP Request Methods.
- max
Http NumberRequest Header Length - Maximum allowed length of headers in an HTTP request. Used in protection capability: 9200024: Limit length of request header size.
- max
Http NumberRequest Headers - Maximum number of headers allowed in an HTTP request. Used in protection capability 9200014: Limit Number of Request Headers.
- max
Number NumberOf Arguments - Maximum number of arguments allowed. Used in protection capability 920380: Number of Arguments Limits.
- max
Single NumberArgument Length - Maximum allowed length of a single argument. Used in protection capability 920370: Limit argument value length.
- max
Total NumberArgument Length - Maximum allowed total length of all arguments. Used in protection capability 920390: Limit arguments total length.
Package Details
- Repository
- oci pulumi/pulumi-oci
- License
- Apache-2.0
- Notes
- This Pulumi package is based on the
oci
Terraform Provider.