GuideReference
Guide

Rule upgrade

akamai_appsec_rule_upgrade

Suggest Edits

Upgrades your Kona Rule Set (KRS) rules to the most recent version. Akamai periodically updates these rules to keep protections current. However, the rules you use in your security policies are not automatically upgraded to the latest version if you are running in KRS or ASE_MANUAL mode. (These rules do update automatically when you have mode set to AAG or ASE_AUTO.) This resource upgrades your Kona Rule Set rules for organizations running in KRS or ASE_MANUAL mode.

Note: This resource requires your account uses Adaptive Security Engine.

Before you upgrade it's recommended that you use theakamai_appsec_rule_upgrade_details data source to determine which rules and rule sets (if any) have available upgrades. In addition to that, you might want to test the new rules in evaluation mode. In evaluation mode, rules are triggered the same way they are on the production network; however, the only action taken by the rules is to record how they would have responded had they been active on the production network. This enables you to see how the rules interact with your production network without actually making changes to that network.

resource "akamai_appsec_rule_upgrade" "rule_upgrade" {
  config_id          = 12345
  security_policy_id = "abcd_1234567"
}

Arguments

This resource supports the following arguments:

  • config_id (Required). Unique identifier of the security configuration associated with the ruleset being upgraded.

  • security_policy_id (Required). Unique identifier of the security policy associated with the ruleset being upgraded.

  • upgrade_mode. (Optional). Modifies the upgrade type for the Adaptive Security Engine. Allowed values are:

    • ASE_AUTO. Akamai automatically updates your rulesets.
    • ASE_MANUAL. Manually updates your rulesets.

Output options

The following options can be used to determine the information returned and how that returned information is formatted:

  • current_ruleset. Versioning information for your current KRS rule set.

  • mode. Specifies the current upgrade mode type. Valid values are:

    • KRS. Rulesets must be manually upgraded.
    • AAG. Rulesets are automatically upgraded by Akamai.
    • ASE_MANUAL. Adaptive Security Engine rulesets must be manually upgraded.
    • ASE_AUTO. Adaptive Security Engine rulesets are automatically updated by Akamai.

  • eval_status. Returns enabled if an evaluation is currently in progress; otherwise returns disabled.

Updated about 2 months ago