Malware policy actions

Update a malware policy's actions or send bulk action updates for multiple policies.

An update of your malware policy's actions does not automatically apply the changes to what's live on a network. Instead, the update creates a new, inactive version of your security configuration that includes your changes.

To see your changes on a network, reactivate your security configuration.

resource "akamai_appsec_malware_policy_actions" "my_malware_policy_actions" {
  config_id              = 12345
  security_policy_id     = "ab1_23456"
  malware_policy_actions = <<-EOF
{
    "malwarePolicyActions": [
        {
            "id": 12345,
            "action": "alert",
            "unscanned_action": "alert"
        },
        {
            "id": 56789,
            "action": "deny_custom_12345",
            "unscanned_action": "deny"
        },
        {
            "id": 101112,
            "action": "none",
            "unscanned_action": "none"
        }
    ]
}
EOF
}

Arguments

Pass all arguments to update your malware policy's actions.

Argument Required Description

config_id ✔ Your security configuration's ID.

security_policy_id ✔ Your security policy's ID.

Argument	Required	Description
`config_id`	✔	Your security configuration's ID.
`security_policy_id`	✔	Your security policy's ID.
`malware_policy_actions`	✔	A JSON list of your malware policies and their actions. You can send the JSON as a value or provide a path to a JSON file. Each object in the malwarePolicyActions array contains: `id`. Required. A malware policy ID. `action`. Required. The scanned request response action. `unscanned_action`. Required. The unscanned request response action. Its value is dependent on the value in `action`. To set the value to `none`, `action` must also be `none`. To set the value to anything other than `none`, the value of `action` must be one of `alert`, `deny`, or a custom deny. Possible action values: `alert`. Log the request and continue further evaluation. `deny`. Return an HTTP status of `403 FORBIDDEN`. `deny_custom_{custom_deny_id}`. Your custom deny action. To set an unscanned value to a custom deny, your action's value cannot be `none`. For more information, see Custom deny. `none`. No action.

malware_policy_actions

✔

A JSON list of your malware policies and their actions. You can send the JSON as a value or provide a path to a JSON file. Each object in the malwarePolicyActions array contains:

id. Required. A malware policy ID.
action. Required. The scanned request response action.
unscanned_action. Required. The unscanned request response action. Its value is dependent on the value in action.
- To set the value to none, action must also be none.
- To set the value to anything other than none, the value of action must be one of alert, deny, or a custom deny.

Possible action values:

alert. Log the request and continue further evaluation.
deny. Return an HTTP status of 403 FORBIDDEN.
deny_custom_{custom_deny_id}. Your custom deny action. To set an unscanned value to a custom deny, your action's value cannot be none. For more information, see Custom deny.
none. No action.

Attributes

This resource does not return any attributes. Your security policy and malware IDs will be in the creation success line of your return log.

akamai_appsec_malware_policy_actions.my_malware_policy_actions: Creation complete after 5s [id=12345:ab1_23456]