WebApplicationFirewallPolicy is the Schema for the WebApplicationFirewallPolicys API. Manages a Azure Web Application Firewall Policy instance.
WebApplicationFirewallPolicySpec defines the desired state of WebApplicationFirewallPolicy
No description provided.
One or more custom_rules blocks as defined below.
One or more match_conditions blocks as defined below.
A list of match values.
A list of transformations to do before the match is attempted. Possible values are HtmlEntityDecode, Lowercase, RemoveNulls, Trim, UrlDecode and UrlEncode.
A managed_rules blocks as defined below.
One or more exclusion block defined below.
One or more managed_rule_set block defined below.
PublishConnectionDetailsTo specifies the connection secret config which contains a name, metadata and a reference to secret store config to which any connection details for this managed resource should be written. Connection details frequently include the endpoint, username, and password required to connect to the managed resource.
WriteConnectionSecretToReference specifies the namespace and name of a Secret to which any connection details for this managed resource should be written. Connection details frequently include the endpoint, username, and password required to connect to the managed resource. This field is planned to be replaced in a future release in favor of PublishConnectionDetailsTo. Currently, both could be set independently and connection details would be published to both without affecting each other.
WebApplicationFirewallPolicyStatus defines the observed state of WebApplicationFirewallPolicy.
apiVersion: network.azure.upbound.io/v1beta1 kind: WebApplicationFirewallPolicy metadata: annotations: meta.upbound.io/example-id: network/v1beta1/webapplicationfirewallpolicy labels: testing.upbound.io/example-name: example name: example spec: forProvider: customRules: - action: Block matchConditions: - matchValues: - 192.168.1.0/24 - 10.0.0.0/24 matchVariables: - variableName: RemoteAddr negationCondition: false operator: IPMatch name: Rule1 priority: 1 ruleType: MatchRule - action: Block matchConditions: - matchValues: - 192.168.1.0/24 matchVariables: - variableName: RemoteAddr negationCondition: false operator: IPMatch - matchValues: - Windows matchVariables: - selector: UserAgent variableName: RequestHeaders negationCondition: false operator: Contains name: Rule2 priority: 2 ruleType: MatchRule location: West Europe managedRules: - exclusion: - matchVariable: RequestHeaderNames selector: x-company-secret-header selectorMatchOperator: Equals - matchVariable: RequestCookieNames selector: too-tasty selectorMatchOperator: EndsWith managedRuleSet: - ruleGroupOverride: - rule: - action: Log enabled: true id: "920300" - action: Block enabled: true id: "920440" ruleGroupName: REQUEST-920-PROTOCOL-ENFORCEMENT type: OWASP version: "3.2" policySettings: - enabled: true fileUploadLimitInMb: 100 maxRequestBodySizeInKb: 128 mode: Prevention requestBodyCheck: true resourceGroupNameSelector: matchLabels: testing.upbound.io/example-name: example
Discover the building blocks for your internal cloud platform.
© 2022 Upbound, Inc.
© 2022 Upbound, Inc.
Discover the building blocksfor your internal cloud platform.