API request constraints

appsec_api_request_constraints

Modifies the action taken when an API request constraint triggers.

To use this operation, call the akamai_appsec_api_endpoints data source to list the names of your API endpoints, then apply a constraint (and an accompanying action) to one of those endpoints.

Scopes: API endpoint

Example

terraform { required_providers { akamai = { source = "akamai/akamai" } } } provider "akamai" { edgerc = "~/.edgerc" } // USE CASE: User wants to set the API request constraints action. data "akamai_appsec_configuration" "configuration" { name = "Documentation" } data "akamai_appsec_api_endpoints" "api_endpoint" { config_id = data.akamai_appsec_configuration.configuration.config_id security_policy_id = "gms1_134637" api_name = "Contracts" } resource "akamai_appsec_api_request_constraints" "api_request_constraints" { config_id = data.akamai_appsec_configuration.configuration.config_id security_policy_id = "gms1_134637" api_endpoint_id = data.akamai_appsec_api_endpoints.api_endpoint.id action = "alert" }

Argument reference

This resource supports the following arguments:

  • config_id (Required). Unique identifier of the security configuration associated with the API request constraint settings being modified.

  • security_policy_id (Required). Unique identifier of the security policy associated with the API request constraint settings being modified.

  • api_endpoint_id (Optional). ID of the API endpoint the constraint will be assigned to.

  • action (Required). Action to assign to the API request constraint. Allowed values are:

    • alert, Record the event.
    • deny. Block the request.
    • denycustom{custom_deny_id}. Take the action specified by the custom deny.
    • none. Take no action.

Did this page help you?