GuideReference
TrainingSupportCommunity
Guide

Malware policy action

akamai_appsec_malware_policy_action

Creates, modifies, or deletes the actions associated with a malware policy. By default, malware policies take no action when triggered.

Note that you must set separate actions for requests that are scanned according to the specified malware policy and those that are unscanned.

Scopes: Malware protection

Example

terraform {
  required_providers {
    akamai = {
      source = "akamai/akamai"
    }
  }
}

provider "akamai" {
  edgerc = "~/.edgerc"
}
// USE CASE: User wants to create a malware policy and malware policy actions for a security configuration.

data "akamai_appsec_configuration" "configuration" {
  name = "Documentation"
}

resource "akamai_appsec_malware_policy" "appsec_malware_policy" {
  config_id      = data.akamai_appsec_configuration.configuration.config_id
  malware_policy = file("${path.module}/malware_policy.json")
}

resource "akamai_appsec_malware_policy_action" "appsec_malware_policy_action" {
  config_id          = data.akamai_appsec_configuration.configuration.config_id
  security_policy_id = "gms1_134637"
  malware_policy_id  = akamai_appsec_malware_policy.appsec_malware_policy.malware_policy_id
  action             = "deny"
  unscanned_action   = "deny"
}

Argument reference

This resource supports the following arguments:

  • config_id (Required). Unique identifier of the security configuration associated with the malware policy action being modified.

  • security_policy_id (Required). Unique identifier of the security policy associated with the malware policy whose action is being modified.

  • malware_policy_id (Required). Unique identifier of the malware policy whose action is being modified.

  • action (Required). Action to be taken for requests scanned according to the given malware policy. Allowed actions are:

    • alert. Record the event.
    • deny. Block the request.
    • deny_custom{custom_deny_id}. Take the action specified by the custom deny.
    • none. Take no action.
  • unscanned_action (Required). Action to be taken for requests not scanned according to the given malware policy. Allowed actions are:

    • alert. Record the event.
    • deny. Block the request.
    • deny_custom{custom_deny_id}. Take the action specified by the custom deny.