Malware policy action
akamai_appsec_malware_policy_action
Creates, modifies, or deletes the actions associated with a malware policy. By default, malware policies take no action when triggered.
Note that you must set separate actions for requests that are scanned according to the specified malware policy and those that are unscanned.
Scopes: Malware protection
Example
terraform {
required_providers {
akamai = {
source = "akamai/akamai"
}
}
}
provider "akamai" {
edgerc = "~/.edgerc"
}
// USE CASE: User wants to create a malware policy and malware policy actions for a security configuration.
data "akamai_appsec_configuration" "configuration" {
name = "Documentation"
}
resource "akamai_appsec_malware_policy" "appsec_malware_policy" {
config_id = data.akamai_appsec_configuration.configuration.config_id
malware_policy = file("${path.module}/malware_policy.json")
}
resource "akamai_appsec_malware_policy_action" "appsec_malware_policy_action" {
config_id = data.akamai_appsec_configuration.configuration.config_id
security_policy_id = "gms1_134637"
malware_policy_id = akamai_appsec_malware_policy.appsec_malware_policy.malware_policy_id
action = "deny"
unscanned_action = "deny"
}
Argument reference
This resource supports the following arguments:
-
config_id
(Required). Unique identifier of the security configuration associated with the malware policy action being modified. -
security_policy_id
(Required). Unique identifier of the security policy associated with the malware policy whose action is being modified. -
malware_policy_id
(Required). Unique identifier of the malware policy whose action is being modified. -
action
(Required). Action to be taken for requests scanned according to the given malware policy. Allowed actions are:- alert. Record the event.
- deny. Block the request.
- deny_custom{custom_deny_id}. Take the action specified by the custom deny.
- none. Take no action.
-
unscanned_action
(Required). Action to be taken for requests not scanned according to the given malware policy. Allowed actions are:- alert. Record the event.
- deny. Block the request.
- deny_custom{custom_deny_id}. Take the action specified by the custom deny.
Updated almost 2 years ago