Challenge injection rules


Modifies a challenge injection rule.

To configure challenge injection rules, you need to create a JSON array containing the desired settings and values. That array is then used as the value of the challenge_injection_rules argument.


resource "akamai_botman_challenge_injection_rules" "injection_rules" {
  config_id                    = data.akamai_appsec_configuration.configuration.config_id
  challenge_injection_rules = file("${path.module}/challenge_injection_rules.json")

Argument reference

This resource supports the following arguments:

  • config_id (Required). Unique identifier of the security configuration associated with the challenge injection rules.
  • challenge_injection_rules (Required). JSON-formatted collection of challenge injection rule settings and values. In the preceding sample code, the syntax file("${path.module}/challenge_injection_rules.json") points to the location of a JSON file containing the challenge injection rules settings and values. Use the Bot Manager API or Bot Manager in Akamai Control Center to create a configuration. Then, export your configuration or use the corresponding data source to get the JSON file.

Attributes reference

This data source returns these attributes:

  • injectJavaScript ‚ÄĒ Whether to automatically inject the AJAX challenge JavaScript on protected operation hostnames. Set to true if you use AJAX pervasively. Otherwise, set to false and apply injection rules to the page URLs where you use AJAX

  • rules‚ÄĒ The conditions that, when met, either inject or don't inject the AJAX challenge.

    • conditions - Rule conditions to match on. The injection rules override injectJavaScript at the parent level, so only specify them if that attribute is false.
    • injectJavaScript - Whether the AJAX challenge JavaScript is injected on HTML pages that match the specified rule conditions.
    • ruleName - The rule's unique name.