Docs Home
Vercel v1.14.3 published on Monday, Oct 7, 2024 by Pulumiverse
vercel.FirewallConfig
Explore with Pulumi AI
Define Custom Rules to shape the way your traffic is handled by the Vercel Edge Network.
Example Usage
Coming soon!
Coming soon!
Coming soon!
Coming soon!
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.vercel.Project;
import com.pulumi.vercel.FirewallConfig;
import com.pulumi.vercel.FirewallConfigArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var exampleProject = new Project("exampleProject");
var exampleFirewallConfig = new FirewallConfig("exampleFirewallConfig", FirewallConfigArgs.builder()
.projectId(exampleProject.id())
.rules(FirewallConfigRulesArgs.builder()
.rules(
FirewallConfigRulesRuleArgs.builder()
.name("Bypass Known request")
.description("Bypass requests using internal bearer tokens")
.conditionGroups(
FirewallConfigRulesRuleConditionGroupArgs.builder()
.conditions(FirewallConfigRulesRuleConditionGroupConditionArgs.builder()
.type("header")
.key("Authorization")
.op("eq")
.value("Bearer internaltoken")
.build())
.build(),
FirewallConfigRulesRuleConditionGroupArgs.builder()
.conditions(FirewallConfigRulesRuleConditionGroupConditionArgs.builder()
.type("header")
.key("Authorization")
.op("eq")
.value("Bearer internaltoken2")
.build())
.build())
.action(FirewallConfigRulesRuleActionArgs.builder()
.action("bypass")
.build())
.build(),
FirewallConfigRulesRuleArgs.builder()
.name("Challenge curl")
.description("Challenge user agents containing 'curl'")
.conditionGroups(FirewallConfigRulesRuleConditionGroupArgs.builder()
.conditions(FirewallConfigRulesRuleConditionGroupConditionArgs.builder()
.type("user_agent")
.op("sub")
.value("curl")
.build())
.build())
.action(FirewallConfigRulesRuleActionArgs.builder()
.action("challenge")
.build())
.build(),
FirewallConfigRulesRuleArgs.builder()
.name("Deny cookieless requests")
.description("requests to /api that are missing a session cookie")
.conditionGroups(FirewallConfigRulesRuleConditionGroupArgs.builder()
.conditions(
FirewallConfigRulesRuleConditionGroupConditionArgs.builder()
.type("path")
.op("eq")
.value("/api")
.build(),
FirewallConfigRulesRuleConditionGroupConditionArgs.builder()
.type("cookie")
.key("_session")
.neg(true)
.op("ex")
.build())
.build())
.action(FirewallConfigRulesRuleActionArgs.builder()
.action("challenge")
.build())
.build(),
FirewallConfigRulesRuleArgs.builder()
.name("Rate limit API")
.description("apply ratelimit to requests under /api")
.conditionGroups(FirewallConfigRulesRuleConditionGroupArgs.builder()
.conditions(FirewallConfigRulesRuleConditionGroupConditionArgs.builder()
.type("path")
.op("pre")
.value("/api")
.build())
.build())
.action(FirewallConfigRulesRuleActionArgs.builder()
.action("rate_limit")
.rate_limit(%!v(PANIC=Format method: runtime error: invalid memory address or nil pointer dereference))
.actionDuration("5m")
.build())
.build())
.build())
.build());
var managedExample = new Project("managedExample");
var managed = new FirewallConfig("managed", FirewallConfigArgs.builder()
.projectId(vercel_project.managed().id())
.managedRulesets(FirewallConfigManagedRulesetsArgs.builder()
.owasp(FirewallConfigManagedRulesetsOwaspArgs.builder()
.xss(FirewallConfigManagedRulesetsOwaspXssArgs.builder()
.action("deny")
.build())
.sqli(FirewallConfigManagedRulesetsOwaspSqliArgs.builder()
.action("deny")
.build())
.rce(FirewallConfigManagedRulesetsOwaspRceArgs.builder()
.action("deny")
.build())
.php(FirewallConfigManagedRulesetsOwaspPhpArgs.builder()
.action("deny")
.build())
.java(FirewallConfigManagedRulesetsOwaspJavaArgs.builder()
.action("deny")
.build())
.lfi(FirewallConfigManagedRulesetsOwaspLfiArgs.builder()
.action("deny")
.build())
.rfi(FirewallConfigManagedRulesetsOwaspRfiArgs.builder()
.action("deny")
.build())
.gen(FirewallConfigManagedRulesetsOwaspGenArgs.builder()
.action("deny")
.build())
.build())
.build())
.build());
var ipExample = new Project("ipExample");
var ip_blocking = new FirewallConfig("ip-blocking", FirewallConfigArgs.builder()
.projectId(ipExample.id())
.ipRules(FirewallConfigIpRulesArgs.builder()
.rules(
FirewallConfigIpRulesRuleArgs.builder()
.action("deny")
.ip("51.85.0.0/16")
.hostname("*")
.build(),
FirewallConfigIpRulesRuleArgs.builder()
.action("challenge")
.ip("1.2.3.4")
.hostname("example.com")
.build())
.build())
.build());
}
}
resources:
exampleProject:
type: vercel:Project
exampleFirewallConfig:
type: vercel:FirewallConfig
properties:
projectId: ${exampleProject.id}
rules:
- rules:
- name: Bypass Known request
description: Bypass requests using internal bearer tokens
conditionGroups:
- conditions:
- type: header
key: Authorization
op: eq
value: Bearer internaltoken
- conditions:
- type: header
key: Authorization
op: eq
value: Bearer internaltoken2
action:
action: bypass
- name: Challenge curl
description: Challenge user agents containing 'curl'
conditionGroups:
- conditions:
- type: user_agent
op: sub
value: curl
action:
action: challenge
- name: Deny cookieless requests
description: requests to /api that are missing a session cookie
conditionGroups:
- conditions:
- type: path
op: eq
value: /api
- type: cookie
key: _session
neg: true
op: ex
action:
action: challenge
- name: Rate limit API
description: apply ratelimit to requests under /api
conditionGroups:
- conditions:
- type: path
op: pre
value: /api
action:
action: rate_limit
rate_limit:
limit: 100
window: 300
keys:
- ip
- ja4
algo: fixed_window
action: deny
actionDuration: 5m
managedExample:
type: vercel:Project
managed:
type: vercel:FirewallConfig
properties:
projectId: ${vercel_project.managed.id}
managedRulesets:
- owasp:
- xss:
action: deny
sqli:
action: deny
rce:
action: deny
php:
action: deny
java:
action: deny
lfi:
action: deny
rfi:
action: deny
gen:
action: deny
ipExample:
type: vercel:Project
ip-blocking:
type: vercel:FirewallConfig
properties:
projectId: ${ipExample.id}
ipRules:
- rules:
- action: deny
ip: 51.85.0.0/16
hostname: '*'
- action: challenge
ip: 1.2.3.4
hostname: example.com
Create FirewallConfig Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new FirewallConfig(name: string, args: FirewallConfigArgs, opts?: CustomResourceOptions);@overload
def FirewallConfig(resource_name: str,
args: FirewallConfigArgs,
opts: Optional[ResourceOptions] = None)
@overload
def FirewallConfig(resource_name: str,
opts: Optional[ResourceOptions] = None,
project_id: Optional[str] = None,
enabled: Optional[bool] = None,
ip_rules: Optional[FirewallConfigIpRulesArgs] = None,
managed_rulesets: Optional[FirewallConfigManagedRulesetsArgs] = None,
rules: Optional[FirewallConfigRulesArgs] = None,
team_id: Optional[str] = None)func NewFirewallConfig(ctx *Context, name string, args FirewallConfigArgs, opts ...ResourceOption) (*FirewallConfig, error)public FirewallConfig(string name, FirewallConfigArgs args, CustomResourceOptions? opts = null)
public FirewallConfig(String name, FirewallConfigArgs args)
public FirewallConfig(String name, FirewallConfigArgs args, CustomResourceOptions options)
type: vercel:FirewallConfig
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name string
- The unique name of the resource.
- args FirewallConfigArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args FirewallConfigArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args FirewallConfigArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args FirewallConfigArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args FirewallConfigArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Constructor example
The following reference example uses placeholder values for all input properties.
var firewallConfigResource = new Vercel.FirewallConfig("firewallConfigResource", new()
{
ProjectId = "string",
Enabled = false,
IpRules = new Vercel.Inputs.FirewallConfigIpRulesArgs
{
Rules = new[]
{
new Vercel.Inputs.FirewallConfigIpRulesRuleArgs
{
Action = "string",
Hostname = "string",
Ip = "string",
Id = "string",
Notes = "string",
},
},
},
ManagedRulesets = new Vercel.Inputs.FirewallConfigManagedRulesetsArgs
{
Owasp = new Vercel.Inputs.FirewallConfigManagedRulesetsOwaspArgs
{
Gen = new Vercel.Inputs.FirewallConfigManagedRulesetsOwaspGenArgs
{
Action = "string",
Active = false,
},
Java = new Vercel.Inputs.FirewallConfigManagedRulesetsOwaspJavaArgs
{
Action = "string",
Active = false,
},
Lfi = new Vercel.Inputs.FirewallConfigManagedRulesetsOwaspLfiArgs
{
Action = "string",
Active = false,
},
Ma = new Vercel.Inputs.FirewallConfigManagedRulesetsOwaspMaArgs
{
Action = "string",
Active = false,
},
Php = new Vercel.Inputs.FirewallConfigManagedRulesetsOwaspPhpArgs
{
Action = "string",
Active = false,
},
Rce = new Vercel.Inputs.FirewallConfigManagedRulesetsOwaspRceArgs
{
Action = "string",
Active = false,
},
Rfi = new Vercel.Inputs.FirewallConfigManagedRulesetsOwaspRfiArgs
{
Action = "string",
Active = false,
},
Sd = new Vercel.Inputs.FirewallConfigManagedRulesetsOwaspSdArgs
{
Action = "string",
Active = false,
},
Sqli = new Vercel.Inputs.FirewallConfigManagedRulesetsOwaspSqliArgs
{
Action = "string",
Active = false,
},
Xss = new Vercel.Inputs.FirewallConfigManagedRulesetsOwaspXssArgs
{
Action = "string",
Active = false,
},
},
},
Rules = new Vercel.Inputs.FirewallConfigRulesArgs
{
Rules = new[]
{
new Vercel.Inputs.FirewallConfigRulesRuleArgs
{
Action = new Vercel.Inputs.FirewallConfigRulesRuleActionArgs
{
Action = "string",
ActionDuration = "string",
RateLimit = new Vercel.Inputs.FirewallConfigRulesRuleActionRateLimitArgs
{
Action = "string",
Algo = "string",
Keys = new[]
{
"string",
},
Limit = 0,
Window = 0,
},
Redirect = new Vercel.Inputs.FirewallConfigRulesRuleActionRedirectArgs
{
Location = "string",
Permanent = false,
},
},
ConditionGroups = new[]
{
new Vercel.Inputs.FirewallConfigRulesRuleConditionGroupArgs
{
Conditions = new[]
{
new Vercel.Inputs.FirewallConfigRulesRuleConditionGroupConditionArgs
{
Op = "string",
Type = "string",
Key = "string",
Neg = false,
Value = "string",
},
},
},
},
Name = "string",
Active = false,
Description = "string",
Id = "string",
},
},
},
TeamId = "string",
});
example, err := vercel.NewFirewallConfig(ctx, "firewallConfigResource", &vercel.FirewallConfigArgs{
ProjectId: pulumi.String("string"),
Enabled: pulumi.Bool(false),
IpRules: &vercel.FirewallConfigIpRulesArgs{
Rules: vercel.FirewallConfigIpRulesRuleArray{
&vercel.FirewallConfigIpRulesRuleArgs{
Action: pulumi.String("string"),
Hostname: pulumi.String("string"),
Ip: pulumi.String("string"),
Id: pulumi.String("string"),
Notes: pulumi.String("string"),
},
},
},
ManagedRulesets: &vercel.FirewallConfigManagedRulesetsArgs{
Owasp: &vercel.FirewallConfigManagedRulesetsOwaspArgs{
Gen: &vercel.FirewallConfigManagedRulesetsOwaspGenArgs{
Action: pulumi.String("string"),
Active: pulumi.Bool(false),
},
Java: &vercel.FirewallConfigManagedRulesetsOwaspJavaArgs{
Action: pulumi.String("string"),
Active: pulumi.Bool(false),
},
Lfi: &vercel.FirewallConfigManagedRulesetsOwaspLfiArgs{
Action: pulumi.String("string"),
Active: pulumi.Bool(false),
},
Ma: &vercel.FirewallConfigManagedRulesetsOwaspMaArgs{
Action: pulumi.String("string"),
Active: pulumi.Bool(false),
},
Php: &vercel.FirewallConfigManagedRulesetsOwaspPhpArgs{
Action: pulumi.String("string"),
Active: pulumi.Bool(false),
},
Rce: &vercel.FirewallConfigManagedRulesetsOwaspRceArgs{
Action: pulumi.String("string"),
Active: pulumi.Bool(false),
},
Rfi: &vercel.FirewallConfigManagedRulesetsOwaspRfiArgs{
Action: pulumi.String("string"),
Active: pulumi.Bool(false),
},
Sd: &vercel.FirewallConfigManagedRulesetsOwaspSdArgs{
Action: pulumi.String("string"),
Active: pulumi.Bool(false),
},
Sqli: &vercel.FirewallConfigManagedRulesetsOwaspSqliArgs{
Action: pulumi.String("string"),
Active: pulumi.Bool(false),
},
Xss: &vercel.FirewallConfigManagedRulesetsOwaspXssArgs{
Action: pulumi.String("string"),
Active: pulumi.Bool(false),
},
},
},
Rules: &vercel.FirewallConfigRulesArgs{
Rules: vercel.FirewallConfigRulesRuleArray{
&vercel.FirewallConfigRulesRuleArgs{
Action: &vercel.FirewallConfigRulesRuleActionArgs{
Action: pulumi.String("string"),
ActionDuration: pulumi.String("string"),
RateLimit: &vercel.FirewallConfigRulesRuleActionRateLimitArgs{
Action: pulumi.String("string"),
Algo: pulumi.String("string"),
Keys: pulumi.StringArray{
pulumi.String("string"),
},
Limit: pulumi.Int(0),
Window: pulumi.Int(0),
},
Redirect: &vercel.FirewallConfigRulesRuleActionRedirectArgs{
Location: pulumi.String("string"),
Permanent: pulumi.Bool(false),
},
},
ConditionGroups: vercel.FirewallConfigRulesRuleConditionGroupArray{
&vercel.FirewallConfigRulesRuleConditionGroupArgs{
Conditions: vercel.FirewallConfigRulesRuleConditionGroupConditionArray{
&vercel.FirewallConfigRulesRuleConditionGroupConditionArgs{
Op: pulumi.String("string"),
Type: pulumi.String("string"),
Key: pulumi.String("string"),
Neg: pulumi.Bool(false),
Value: pulumi.String("string"),
},
},
},
},
Name: pulumi.String("string"),
Active: pulumi.Bool(false),
Description: pulumi.String("string"),
Id: pulumi.String("string"),
},
},
},
TeamId: pulumi.String("string"),
})
var firewallConfigResource = new FirewallConfig("firewallConfigResource", FirewallConfigArgs.builder()
.projectId("string")
.enabled(false)
.ipRules(FirewallConfigIpRulesArgs.builder()
.rules(FirewallConfigIpRulesRuleArgs.builder()
.action("string")
.hostname("string")
.ip("string")
.id("string")
.notes("string")
.build())
.build())
.managedRulesets(FirewallConfigManagedRulesetsArgs.builder()
.owasp(FirewallConfigManagedRulesetsOwaspArgs.builder()
.gen(FirewallConfigManagedRulesetsOwaspGenArgs.builder()
.action("string")
.active(false)
.build())
.java(FirewallConfigManagedRulesetsOwaspJavaArgs.builder()
.action("string")
.active(false)
.build())
.lfi(FirewallConfigManagedRulesetsOwaspLfiArgs.builder()
.action("string")
.active(false)
.build())
.ma(FirewallConfigManagedRulesetsOwaspMaArgs.builder()
.action("string")
.active(false)
.build())
.php(FirewallConfigManagedRulesetsOwaspPhpArgs.builder()
.action("string")
.active(false)
.build())
.rce(FirewallConfigManagedRulesetsOwaspRceArgs.builder()
.action("string")
.active(false)
.build())
.rfi(FirewallConfigManagedRulesetsOwaspRfiArgs.builder()
.action("string")
.active(false)
.build())
.sd(FirewallConfigManagedRulesetsOwaspSdArgs.builder()
.action("string")
.active(false)
.build())
.sqli(FirewallConfigManagedRulesetsOwaspSqliArgs.builder()
.action("string")
.active(false)
.build())
.xss(FirewallConfigManagedRulesetsOwaspXssArgs.builder()
.action("string")
.active(false)
.build())
.build())
.build())
.rules(FirewallConfigRulesArgs.builder()
.rules(FirewallConfigRulesRuleArgs.builder()
.action(FirewallConfigRulesRuleActionArgs.builder()
.action("string")
.actionDuration("string")
.rateLimit(FirewallConfigRulesRuleActionRateLimitArgs.builder()
.action("string")
.algo("string")
.keys("string")
.limit(0)
.window(0)
.build())
.redirect(FirewallConfigRulesRuleActionRedirectArgs.builder()
.location("string")
.permanent(false)
.build())
.build())
.conditionGroups(FirewallConfigRulesRuleConditionGroupArgs.builder()
.conditions(FirewallConfigRulesRuleConditionGroupConditionArgs.builder()
.op("string")
.type("string")
.key("string")
.neg(false)
.value("string")
.build())
.build())
.name("string")
.active(false)
.description("string")
.id("string")
.build())
.build())
.teamId("string")
.build());
firewall_config_resource = vercel.FirewallConfig("firewallConfigResource",
project_id="string",
enabled=False,
ip_rules={
"rules": [{
"action": "string",
"hostname": "string",
"ip": "string",
"id": "string",
"notes": "string",
}],
},
managed_rulesets={
"owasp": {
"gen": {
"action": "string",
"active": False,
},
"java": {
"action": "string",
"active": False,
},
"lfi": {
"action": "string",
"active": False,
},
"ma": {
"action": "string",
"active": False,
},
"php": {
"action": "string",
"active": False,
},
"rce": {
"action": "string",
"active": False,
},
"rfi": {
"action": "string",
"active": False,
},
"sd": {
"action": "string",
"active": False,
},
"sqli": {
"action": "string",
"active": False,
},
"xss": {
"action": "string",
"active": False,
},
},
},
rules={
"rules": [{
"action": {
"action": "string",
"action_duration": "string",
"rate_limit": {
"action": "string",
"algo": "string",
"keys": ["string"],
"limit": 0,
"window": 0,
},
"redirect": {
"location": "string",
"permanent": False,
},
},
"condition_groups": [{
"conditions": [{
"op": "string",
"type": "string",
"key": "string",
"neg": False,
"value": "string",
}],
}],
"name": "string",
"active": False,
"description": "string",
"id": "string",
}],
},
team_id="string")
const firewallConfigResource = new vercel.FirewallConfig("firewallConfigResource", {
projectId: "string",
enabled: false,
ipRules: {
rules: [{
action: "string",
hostname: "string",
ip: "string",
id: "string",
notes: "string",
}],
},
managedRulesets: {
owasp: {
gen: {
action: "string",
active: false,
},
java: {
action: "string",
active: false,
},
lfi: {
action: "string",
active: false,
},
ma: {
action: "string",
active: false,
},
php: {
action: "string",
active: false,
},
rce: {
action: "string",
active: false,
},
rfi: {
action: "string",
active: false,
},
sd: {
action: "string",
active: false,
},
sqli: {
action: "string",
active: false,
},
xss: {
action: "string",
active: false,
},
},
},
rules: {
rules: [{
action: {
action: "string",
actionDuration: "string",
rateLimit: {
action: "string",
algo: "string",
keys: ["string"],
limit: 0,
window: 0,
},
redirect: {
location: "string",
permanent: false,
},
},
conditionGroups: [{
conditions: [{
op: "string",
type: "string",
key: "string",
neg: false,
value: "string",
}],
}],
name: "string",
active: false,
description: "string",
id: "string",
}],
},
teamId: "string",
});
type: vercel:FirewallConfig
properties:
enabled: false
ipRules:
rules:
- action: string
hostname: string
id: string
ip: string
notes: string
managedRulesets:
owasp:
gen:
action: string
active: false
java:
action: string
active: false
lfi:
action: string
active: false
ma:
action: string
active: false
php:
action: string
active: false
rce:
action: string
active: false
rfi:
action: string
active: false
sd:
action: string
active: false
sqli:
action: string
active: false
xss:
action: string
active: false
projectId: string
rules:
rules:
- action:
action: string
actionDuration: string
rateLimit:
action: string
algo: string
keys:
- string
limit: 0
window: 0
redirect:
location: string
permanent: false
active: false
conditionGroups:
- conditions:
- key: string
neg: false
op: string
type: string
value: string
description: string
id: string
name: string
teamId: string
FirewallConfig Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.
The FirewallConfig resource accepts the following input properties:
- Project
Id string - The ID of the project this configuration belongs to.
- Enabled bool
- Whether firewall is enabled or not.
- Ip
Rules Pulumiverse.Vercel. Inputs. Firewall Config Ip Rules - IP rules to apply to the project.
- Managed
Rulesets Pulumiverse.Vercel. Inputs. Firewall Config Managed Rulesets - The managed rulesets that are enabled.
- Rules
Pulumiverse.
Vercel. Inputs. Firewall Config Rules - Custom rules to apply to the project
- Team
Id string - The ID of the team this project belongs to.
- Project
Id string - The ID of the project this configuration belongs to.
- Enabled bool
- Whether firewall is enabled or not.
- Ip
Rules FirewallConfig Ip Rules Args - IP rules to apply to the project.
- Managed
Rulesets FirewallConfig Managed Rulesets Args - The managed rulesets that are enabled.
- Rules
Firewall
Config Rules Args - Custom rules to apply to the project
- Team
Id string - The ID of the team this project belongs to.
- project
Id String - The ID of the project this configuration belongs to.
- enabled Boolean
- Whether firewall is enabled or not.
- ip
Rules FirewallConfig Ip Rules - IP rules to apply to the project.
- managed
Rulesets FirewallConfig Managed Rulesets - The managed rulesets that are enabled.
- rules
Firewall
Config Rules - Custom rules to apply to the project
- team
Id String - The ID of the team this project belongs to.
- project
Id string - The ID of the project this configuration belongs to.
- enabled boolean
- Whether firewall is enabled or not.
- ip
Rules FirewallConfig Ip Rules - IP rules to apply to the project.
- managed
Rulesets FirewallConfig Managed Rulesets - The managed rulesets that are enabled.
- rules
Firewall
Config Rules - Custom rules to apply to the project
- team
Id string - The ID of the team this project belongs to.
- project_
id str - The ID of the project this configuration belongs to.
- enabled bool
- Whether firewall is enabled or not.
- ip_
rules FirewallConfig Ip Rules Args - IP rules to apply to the project.
- managed_
rulesets FirewallConfig Managed Rulesets Args - The managed rulesets that are enabled.
- rules
Firewall
Config Rules Args - Custom rules to apply to the project
- team_
id str - The ID of the team this project belongs to.
- project
Id String - The ID of the project this configuration belongs to.
- enabled Boolean
- Whether firewall is enabled or not.
- ip
Rules Property Map - IP rules to apply to the project.
- managed
Rulesets Property Map - The managed rulesets that are enabled.
- rules Property Map
- Custom rules to apply to the project
- team
Id String - The ID of the team this project belongs to.
Outputs
All input properties are implicitly available as output properties. Additionally, the FirewallConfig resource produces the following output properties:
- Id string
- The provider-assigned unique ID for this managed resource.
- Id string
- The provider-assigned unique ID for this managed resource.
- id String
- The provider-assigned unique ID for this managed resource.
- id string
- The provider-assigned unique ID for this managed resource.
- id str
- The provider-assigned unique ID for this managed resource.
- id String
- The provider-assigned unique ID for this managed resource.
Look up Existing FirewallConfig Resource
Get an existing FirewallConfig resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: FirewallConfigState, opts?: CustomResourceOptions): FirewallConfig@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
enabled: Optional[bool] = None,
ip_rules: Optional[FirewallConfigIpRulesArgs] = None,
managed_rulesets: Optional[FirewallConfigManagedRulesetsArgs] = None,
project_id: Optional[str] = None,
rules: Optional[FirewallConfigRulesArgs] = None,
team_id: Optional[str] = None) -> FirewallConfigfunc GetFirewallConfig(ctx *Context, name string, id IDInput, state *FirewallConfigState, opts ...ResourceOption) (*FirewallConfig, error)public static FirewallConfig Get(string name, Input<string> id, FirewallConfigState? state, CustomResourceOptions? opts = null)public static FirewallConfig get(String name, Output<String> id, FirewallConfigState state, CustomResourceOptions options)Resource lookup is not supported in YAML- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- Enabled bool
- Whether firewall is enabled or not.
- Ip
Rules Pulumiverse.Vercel. Inputs. Firewall Config Ip Rules - IP rules to apply to the project.
- Managed
Rulesets Pulumiverse.Vercel. Inputs. Firewall Config Managed Rulesets - The managed rulesets that are enabled.
- Project
Id string - The ID of the project this configuration belongs to.
- Rules
Pulumiverse.
Vercel. Inputs. Firewall Config Rules - Custom rules to apply to the project
- Team
Id string - The ID of the team this project belongs to.
- Enabled bool
- Whether firewall is enabled or not.
- Ip
Rules FirewallConfig Ip Rules Args - IP rules to apply to the project.
- Managed
Rulesets FirewallConfig Managed Rulesets Args - The managed rulesets that are enabled.
- Project
Id string - The ID of the project this configuration belongs to.
- Rules
Firewall
Config Rules Args - Custom rules to apply to the project
- Team
Id string - The ID of the team this project belongs to.
- enabled Boolean
- Whether firewall is enabled or not.
- ip
Rules FirewallConfig Ip Rules - IP rules to apply to the project.
- managed
Rulesets FirewallConfig Managed Rulesets - The managed rulesets that are enabled.
- project
Id String - The ID of the project this configuration belongs to.
- rules
Firewall
Config Rules - Custom rules to apply to the project
- team
Id String - The ID of the team this project belongs to.
- enabled boolean
- Whether firewall is enabled or not.
- ip
Rules FirewallConfig Ip Rules - IP rules to apply to the project.
- managed
Rulesets FirewallConfig Managed Rulesets - The managed rulesets that are enabled.
- project
Id string - The ID of the project this configuration belongs to.
- rules
Firewall
Config Rules - Custom rules to apply to the project
- team
Id string - The ID of the team this project belongs to.
- enabled bool
- Whether firewall is enabled or not.
- ip_
rules FirewallConfig Ip Rules Args - IP rules to apply to the project.
- managed_
rulesets FirewallConfig Managed Rulesets Args - The managed rulesets that are enabled.
- project_
id str - The ID of the project this configuration belongs to.
- rules
Firewall
Config Rules Args - Custom rules to apply to the project
- team_
id str - The ID of the team this project belongs to.
- enabled Boolean
- Whether firewall is enabled or not.
- ip
Rules Property Map - IP rules to apply to the project.
- managed
Rulesets Property Map - The managed rulesets that are enabled.
- project
Id String - The ID of the project this configuration belongs to.
- rules Property Map
- Custom rules to apply to the project
- team
Id String - The ID of the team this project belongs to.
Supporting Types
FirewallConfigIpRules, FirewallConfigIpRulesArgs
FirewallConfigIpRulesRule, FirewallConfigIpRulesRuleArgs
FirewallConfigManagedRulesets, FirewallConfigManagedRulesetsArgs
- Owasp
Pulumiverse.
Vercel. Inputs. Firewall Config Managed Rulesets Owasp - Enable the owasp managed rulesets and select ruleset behaviors
- Owasp
Firewall
Config Managed Rulesets Owasp - Enable the owasp managed rulesets and select ruleset behaviors
- owasp
Firewall
Config Managed Rulesets Owasp - Enable the owasp managed rulesets and select ruleset behaviors
- owasp
Firewall
Config Managed Rulesets Owasp - Enable the owasp managed rulesets and select ruleset behaviors
- owasp
Firewall
Config Managed Rulesets Owasp - Enable the owasp managed rulesets and select ruleset behaviors
- owasp Property Map
- Enable the owasp managed rulesets and select ruleset behaviors
FirewallConfigManagedRulesetsOwasp, FirewallConfigManagedRulesetsOwaspArgs
- Gen
Pulumiverse.
Vercel. Inputs. Firewall Config Managed Rulesets Owasp Gen - Generic Attack Detection
- Java
Pulumiverse.
Vercel. Inputs. Firewall Config Managed Rulesets Owasp Java - Java Attack Detection
- Lfi
Pulumiverse.
Vercel. Inputs. Firewall Config Managed Rulesets Owasp Lfi - Local File Inclusion Rules
- Ma
Pulumiverse.
Vercel. Inputs. Firewall Config Managed Rulesets Owasp Ma - Multipart Rules
- Php
Pulumiverse.
Vercel. Inputs. Firewall Config Managed Rulesets Owasp Php - PHP Attack Detection
- Rce
Pulumiverse.
Vercel. Inputs. Firewall Config Managed Rulesets Owasp Rce - Remote Code Execution Rules
- Rfi
Pulumiverse.
Vercel. Inputs. Firewall Config Managed Rulesets Owasp Rfi - Remote File Inclusion Rules
- Sd
Pulumiverse.
Vercel. Inputs. Firewall Config Managed Rulesets Owasp Sd - Scanner Detection Rules
- Sqli
Pulumiverse.
Vercel. Inputs. Firewall Config Managed Rulesets Owasp Sqli - SQL Injection Rules
- Xss
Pulumiverse.
Vercel. Inputs. Firewall Config Managed Rulesets Owasp Xss - Cross Site Scripting Rules
- Gen
Firewall
Config Managed Rulesets Owasp Gen - Generic Attack Detection
- Java
Firewall
Config Managed Rulesets Owasp Java - Java Attack Detection
- Lfi
Firewall
Config Managed Rulesets Owasp Lfi - Local File Inclusion Rules
- Ma
Firewall
Config Managed Rulesets Owasp Ma - Multipart Rules
- Php
Firewall
Config Managed Rulesets Owasp Php - PHP Attack Detection
- Rce
Firewall
Config Managed Rulesets Owasp Rce - Remote Code Execution Rules
- Rfi
Firewall
Config Managed Rulesets Owasp Rfi - Remote File Inclusion Rules
- Sd
Firewall
Config Managed Rulesets Owasp Sd - Scanner Detection Rules
- Sqli
Firewall
Config Managed Rulesets Owasp Sqli - SQL Injection Rules
- Xss
Firewall
Config Managed Rulesets Owasp Xss - Cross Site Scripting Rules
- gen
Firewall
Config Managed Rulesets Owasp Gen - Generic Attack Detection
- java
Firewall
Config Managed Rulesets Owasp Java - Java Attack Detection
- lfi
Firewall
Config Managed Rulesets Owasp Lfi - Local File Inclusion Rules
- ma
Firewall
Config Managed Rulesets Owasp Ma - Multipart Rules
- php
Firewall
Config Managed Rulesets Owasp Php - PHP Attack Detection
- rce
Firewall
Config Managed Rulesets Owasp Rce - Remote Code Execution Rules
- rfi
Firewall
Config Managed Rulesets Owasp Rfi - Remote File Inclusion Rules
- sd
Firewall
Config Managed Rulesets Owasp Sd - Scanner Detection Rules
- sqli
Firewall
Config Managed Rulesets Owasp Sqli - SQL Injection Rules
- xss
Firewall
Config Managed Rulesets Owasp Xss - Cross Site Scripting Rules
- gen
Firewall
Config Managed Rulesets Owasp Gen - Generic Attack Detection
- java
Firewall
Config Managed Rulesets Owasp Java - Java Attack Detection
- lfi
Firewall
Config Managed Rulesets Owasp Lfi - Local File Inclusion Rules
- ma
Firewall
Config Managed Rulesets Owasp Ma - Multipart Rules
- php
Firewall
Config Managed Rulesets Owasp Php - PHP Attack Detection
- rce
Firewall
Config Managed Rulesets Owasp Rce - Remote Code Execution Rules
- rfi
Firewall
Config Managed Rulesets Owasp Rfi - Remote File Inclusion Rules
- sd
Firewall
Config Managed Rulesets Owasp Sd - Scanner Detection Rules
- sqli
Firewall
Config Managed Rulesets Owasp Sqli - SQL Injection Rules
- xss
Firewall
Config Managed Rulesets Owasp Xss - Cross Site Scripting Rules
- gen
Firewall
Config Managed Rulesets Owasp Gen - Generic Attack Detection
- java
Firewall
Config Managed Rulesets Owasp Java - Java Attack Detection
- lfi
Firewall
Config Managed Rulesets Owasp Lfi - Local File Inclusion Rules
- ma
Firewall
Config Managed Rulesets Owasp Ma - Multipart Rules
- php
Firewall
Config Managed Rulesets Owasp Php - PHP Attack Detection
- rce
Firewall
Config Managed Rulesets Owasp Rce - Remote Code Execution Rules
- rfi
Firewall
Config Managed Rulesets Owasp Rfi - Remote File Inclusion Rules
- sd
Firewall
Config Managed Rulesets Owasp Sd - Scanner Detection Rules
- sqli
Firewall
Config Managed Rulesets Owasp Sqli - SQL Injection Rules
- xss
Firewall
Config Managed Rulesets Owasp Xss - Cross Site Scripting Rules
- gen Property Map
- Generic Attack Detection
- java Property Map
- Java Attack Detection
- lfi Property Map
- Local File Inclusion Rules
- ma Property Map
- Multipart Rules
- php Property Map
- PHP Attack Detection
- rce Property Map
- Remote Code Execution Rules
- rfi Property Map
- Remote File Inclusion Rules
- sd Property Map
- Scanner Detection Rules
- sqli Property Map
- SQL Injection Rules
- xss Property Map
- Cross Site Scripting Rules
FirewallConfigManagedRulesetsOwaspGen, FirewallConfigManagedRulesetsOwaspGenArgs
FirewallConfigManagedRulesetsOwaspJava, FirewallConfigManagedRulesetsOwaspJavaArgs
FirewallConfigManagedRulesetsOwaspLfi, FirewallConfigManagedRulesetsOwaspLfiArgs
FirewallConfigManagedRulesetsOwaspMa, FirewallConfigManagedRulesetsOwaspMaArgs
FirewallConfigManagedRulesetsOwaspPhp, FirewallConfigManagedRulesetsOwaspPhpArgs
FirewallConfigManagedRulesetsOwaspRce, FirewallConfigManagedRulesetsOwaspRceArgs
FirewallConfigManagedRulesetsOwaspRfi, FirewallConfigManagedRulesetsOwaspRfiArgs
FirewallConfigManagedRulesetsOwaspSd, FirewallConfigManagedRulesetsOwaspSdArgs
FirewallConfigManagedRulesetsOwaspSqli, FirewallConfigManagedRulesetsOwaspSqliArgs
FirewallConfigManagedRulesetsOwaspXss, FirewallConfigManagedRulesetsOwaspXssArgs
FirewallConfigRules, FirewallConfigRulesArgs
FirewallConfigRulesRule, FirewallConfigRulesRuleArgs
- Action
Pulumiverse.
Vercel. Inputs. Firewall Config Rules Rule Action - Actions to take when the condition groups match a request
- Condition
Groups List<Pulumiverse.Vercel. Inputs. Firewall Config Rules Rule Condition Group> - Sets of conditions that may match a request
- Name string
- Name to identify the rule
- Active bool
- Rule is active or disabled
- Description string
- Id string
- The ID of this resource.
- Action
Firewall
Config Rules Rule Action - Actions to take when the condition groups match a request
- Condition
Groups []FirewallConfig Rules Rule Condition Group - Sets of conditions that may match a request
- Name string
- Name to identify the rule
- Active bool
- Rule is active or disabled
- Description string
- Id string
- The ID of this resource.
- action
Firewall
Config Rules Rule Action - Actions to take when the condition groups match a request
- condition
Groups List<FirewallConfig Rules Rule Condition Group> - Sets of conditions that may match a request
- name String
- Name to identify the rule
- active Boolean
- Rule is active or disabled
- description String
- id String
- The ID of this resource.
- action
Firewall
Config Rules Rule Action - Actions to take when the condition groups match a request
- condition
Groups FirewallConfig Rules Rule Condition Group[] - Sets of conditions that may match a request
- name string
- Name to identify the rule
- active boolean
- Rule is active or disabled
- description string
- id string
- The ID of this resource.
- action
Firewall
Config Rules Rule Action - Actions to take when the condition groups match a request
- condition_
groups Sequence[FirewallConfig Rules Rule Condition Group] - Sets of conditions that may match a request
- name str
- Name to identify the rule
- active bool
- Rule is active or disabled
- description str
- id str
- The ID of this resource.
- action Property Map
- Actions to take when the condition groups match a request
- condition
Groups List<Property Map> - Sets of conditions that may match a request
- name String
- Name to identify the rule
- active Boolean
- Rule is active or disabled
- description String
- id String
- The ID of this resource.
FirewallConfigRulesRuleAction, FirewallConfigRulesRuleActionArgs
- Action string
- Base action
- Action
Duration string - Forward persistence of a rule aciton
- Rate
Limit Pulumiverse.Vercel. Inputs. Firewall Config Rules Rule Action Rate Limit - Behavior or a rate limiting action. Required if action is rate*limit
- Redirect
Pulumiverse.
Vercel. Inputs. Firewall Config Rules Rule Action Redirect - How to redirect a request. Required if action is redirect
- Action string
- Base action
- Action
Duration string - Forward persistence of a rule aciton
- Rate
Limit FirewallConfig Rules Rule Action Rate Limit - Behavior or a rate limiting action. Required if action is rate*limit
- Redirect
Firewall
Config Rules Rule Action Redirect - How to redirect a request. Required if action is redirect
- action String
- Base action
- action
Duration String - Forward persistence of a rule aciton
- rate
Limit FirewallConfig Rules Rule Action Rate Limit - Behavior or a rate limiting action. Required if action is rate*limit
- redirect
Firewall
Config Rules Rule Action Redirect - How to redirect a request. Required if action is redirect
- action string
- Base action
- action
Duration string - Forward persistence of a rule aciton
- rate
Limit FirewallConfig Rules Rule Action Rate Limit - Behavior or a rate limiting action. Required if action is rate*limit
- redirect
Firewall
Config Rules Rule Action Redirect - How to redirect a request. Required if action is redirect
- action str
- Base action
- action_
duration str - Forward persistence of a rule aciton
- rate_
limit FirewallConfig Rules Rule Action Rate Limit - Behavior or a rate limiting action. Required if action is rate*limit
- redirect
Firewall
Config Rules Rule Action Redirect - How to redirect a request. Required if action is redirect
- action String
- Base action
- action
Duration String - Forward persistence of a rule aciton
- rate
Limit Property Map - Behavior or a rate limiting action. Required if action is rate*limit
- redirect Property Map
- How to redirect a request. Required if action is redirect
FirewallConfigRulesRuleActionRateLimit, FirewallConfigRulesRuleActionRateLimitArgs
FirewallConfigRulesRuleActionRedirect, FirewallConfigRulesRuleActionRedirectArgs
FirewallConfigRulesRuleConditionGroup, FirewallConfigRulesRuleConditionGroupArgs
- Conditions
List<Pulumiverse.
Vercel. Inputs. Firewall Config Rules Rule Condition Group Condition> - Conditions that must all match within a group
- Conditions
[]Firewall
Config Rules Rule Condition Group Condition - Conditions that must all match within a group
- conditions
List<Firewall
Config Rules Rule Condition Group Condition> - Conditions that must all match within a group
- conditions
Firewall
Config Rules Rule Condition Group Condition[] - Conditions that must all match within a group
- conditions
Sequence[Firewall
Config Rules Rule Condition Group Condition] - Conditions that must all match within a group
- conditions List<Property Map>
- Conditions that must all match within a group
FirewallConfigRulesRuleConditionGroupCondition, FirewallConfigRulesRuleConditionGroupConditionArgs
Import
$ pulumi import vercel:index/firewallConfig:FirewallConfig example team_xxxxxxxxxxxxxxxxxxxxxxxx/prj_xxxxxxxxxxxxxxxxxxxxxxxxxxxx
To learn more about importing existing cloud resources, see Importing resources.
Package Details
- Repository
- vercel pulumiverse/pulumi-vercel
- License
- Apache-2.0
- Notes
- This Pulumi package is based on the
vercelTerraform Provider.