Eval penalty box

🚧

Beta

This is a beta version of eval penalty box. Use of this version is as is and as available while still in testing and development.

Modifies the penalty box settings for a security policy in evaluation mode - evaluation penalty box.
When the penalty box is enabled for a policy in evaluation mode, clients that trigger a WAF Deny action are placed in the “penalty box”.
There, the action you select for the penalty box (either Alert or Deny) continues to apply to any requests from that client for the next 10 minutes.

Scopes: Security policy

Example

terraform {
  required_providers {
    akamai = {
      source = "akamai/akamai"
    }
  }
}

provider "akamai" {
  edgerc = "~/.edgerc"
}

// USE CASE: User wants to update penalty box settings.

data "akamai_appsec_configuration" "configuration" {
  name = "Documentation"
}
resource "akamai_appsec_eval_penalty_box" "eval_penalty_box" {
  config_id              = data.akamai_appsec_configuration.configuration.config_id
  security_policy_id     = "gms1_134637"
  penalty_box_protection = true
  penalty_box_action     = "deny"
}

Argument reference

This resource supports the following arguments:

• config_id (Required). Unique identifier of the security configuration associated with the evaluation penalty box settings being modified.

• security_policy_id (Required). Unique identifier of the security policy associated with the evaluation penalty box settings being modified.

• penalty_box_protection (Required). Set to true to enable evaluation penalty box protection; set to false to disable evaluation penalty box protection.

• penalty_box_action (Required). Action taken any time evaluation penalty box protection is triggered. Allowed values are:

  • alert. Record the event.
  • deny. Block the request.
  • denycustom{custom_deny_id}. Take the action specified by the custom deny.
  • none. Take no action.