WAF rule set

akamai_appsec_waf_ruleset

📘
Beta
Hello. Just a note to let you know the underlying API on which this resource is built is general release and has been vetted, but because this is a new feature for our Terraform provider, we've given it beta label.
This status just means we've paused for a bit to get your feedback to make sure this resource works like you need and expect.

Create and update Web Application Firewall (WAF) rules.

resource "akamai_appsec_waf_ruleset" "my_ruleset" {
  config_id = 12345
  security_policy_id = "abcd_123456"
  attack_groups = [
    {
      attack_group = "CMD",
      attack_group_action = "alert",
      condition_exception = "{}"
    },
    {
      attack_group = "LFI",
      attack_group_action = "alert",
      condition_exception = condition_exception = jsonencode(
        {
          exception = {
            specificHeaderCookieParamXmlOrJsonNames = [
              {
                names    = [
                    "X-*",
                ]
                selector = "REQUEST_HEADERS_NAMES"
                wildcard = true
              },
            ]
          }
        }
      )
    }
  ],
  rules = [
    {
      condition_exception = {},
      rule_action = alert,
      rule_id = 234567
    },
    {
      condition_exception = {},
      rule_action = alert,
      rule_id = 345678
    },
  ],
}

Arguments

Pass a security configuration and security policy ID to create a default ruleset or customize the set by adding rules and attack groups.

Argument	Required	Description
`config_id`	✔️	Your security configuration's ID.
`security_policy_id`	✔️	Your security policy's ID.
`attack_groups`		Your attack group configuration. Contains: `attack_group`. Unique name of the attack group. `attack_group_action`. Action taken when the attack group is triggered. Value is one of: `alert`. Record the event. `deny`. Block the request. `deny_custom_{custom_deny_id}`. Take the action specified by the custom deny. `none`. Take no action. `condition_exception`. Conditions and exceptions associated with the attack group.
`rules`		List of rule objects including action and condition exceptions. Contains: `rule_id`. A rule's ID. `rule_action`. Action taken when the rule is triggered. Value is one of: `alert`. Record the event. `deny`. Block the request. `deny_custom_{custom_deny_id}`. Take the action specified by the custom deny. `none`. Take no action. `condition_exception`. Conditions and exceptions associated with the attack group.

Attributes

Returned to you is a reflection of the information sent in your request.

Argument	Description
`config_id`	Your security configuration's ID.
`security_policy_id`	Your security policy's ID.
`attack_groups`	Your attack group configuration. Contains: `attack_group`. Unique name of the attack group. `attack_group_action`. Action taken when the attack group is triggered. Value is one of: `alert`. Record the event. `deny`. Block the request. `deny_custom_{custom_deny_id}`. Take the action specified by the custom deny. `none`. Take no action. `condition_exception`. Conditions and exceptions associated with the attack group.
`rules`	List of rule objects including action and condition exceptions. Contains: `rule_id`. A rule's ID. `rule_action`. Action taken when the rule is triggered. Value is one of: `alert`. Record the event. `deny`. Block the request. `deny_custom_{custom_deny_id}`. Take the action specified by the custom deny. `challenge_{id}`. `none`. Take no action. `condition_exception`. Conditions and exceptions associated with the attack group.

Updated about 2 hours ago