com.pulumi.azure.cdn.FrontdoorFirewallPolicy Maven / Gradle / Ivy
Go to download
Show more of this group Show more artifacts with this name
Show all versions of azure Show documentation
Show all versions of azure Show documentation
A Pulumi package for creating and managing Microsoft Azure cloud resources, based on the Terraform azurerm provider. We recommend using the [Azure Native provider](https://github.com/pulumi/pulumi-azure-native) to provision Azure infrastructure. Azure Native provides complete coverage of Azure resources and same-day access to new resources and resource updates.
// *** WARNING: this file was generated by pulumi-java-gen. ***
// *** Do not edit by hand unless you're certain you know what you are doing! ***
package com.pulumi.azure.cdn;
import com.pulumi.azure.Utilities;
import com.pulumi.azure.cdn.FrontdoorFirewallPolicyArgs;
import com.pulumi.azure.cdn.inputs.FrontdoorFirewallPolicyState;
import com.pulumi.azure.cdn.outputs.FrontdoorFirewallPolicyCustomRule;
import com.pulumi.azure.cdn.outputs.FrontdoorFirewallPolicyManagedRule;
import com.pulumi.core.Output;
import com.pulumi.core.annotations.Export;
import com.pulumi.core.annotations.ResourceType;
import com.pulumi.core.internal.Codegen;
import java.lang.Boolean;
import java.lang.Integer;
import java.lang.String;
import java.util.List;
import java.util.Map;
import java.util.Optional;
import javax.annotation.Nullable;
/**
* Manages a Front Door (standard/premium) Firewall Policy instance.
*
* ## Example Usage
*
* <!--Start PulumiCodeChooser -->
*
* {@code
* package generated_program;
*
* import com.pulumi.Context;
* import com.pulumi.Pulumi;
* import com.pulumi.core.Output;
* import com.pulumi.azure.core.ResourceGroup;
* import com.pulumi.azure.core.ResourceGroupArgs;
* import com.pulumi.azure.cdn.FrontdoorProfile;
* import com.pulumi.azure.cdn.FrontdoorProfileArgs;
* import com.pulumi.azure.cdn.FrontdoorFirewallPolicy;
* import com.pulumi.azure.cdn.FrontdoorFirewallPolicyArgs;
* import com.pulumi.azure.cdn.inputs.FrontdoorFirewallPolicyCustomRuleArgs;
* import com.pulumi.azure.cdn.inputs.FrontdoorFirewallPolicyManagedRuleArgs;
* import java.util.List;
* import java.util.ArrayList;
* import java.util.Map;
* import java.io.File;
* import java.nio.file.Files;
* import java.nio.file.Paths;
*
* public class App {
* public static void main(String[] args) {
* Pulumi.run(App::stack);
* }
*
* public static void stack(Context ctx) {
* var example = new ResourceGroup("example", ResourceGroupArgs.builder()
* .name("example-cdn-frontdoor")
* .location("West Europe")
* .build());
*
* var exampleFrontdoorProfile = new FrontdoorProfile("exampleFrontdoorProfile", FrontdoorProfileArgs.builder()
* .name("example-profile")
* .resourceGroupName(example.name())
* .skuName("Premium_AzureFrontDoor")
* .build());
*
* var exampleFrontdoorFirewallPolicy = new FrontdoorFirewallPolicy("exampleFrontdoorFirewallPolicy", FrontdoorFirewallPolicyArgs.builder()
* .name("examplecdnfdwafpolicy")
* .resourceGroupName(example.name())
* .skuName(exampleFrontdoorProfile.skuName())
* .enabled(true)
* .mode("Prevention")
* .redirectUrl("https://www.contoso.com")
* .customBlockResponseStatusCode(403)
* .customBlockResponseBody("PGh0bWw+CjxoZWFkZXI+PHRpdGxlPkhlbGxvPC90aXRsZT48L2hlYWRlcj4KPGJvZHk+CkhlbGxvIHdvcmxkCjwvYm9keT4KPC9odG1sPg==")
* .customRules(
* FrontdoorFirewallPolicyCustomRuleArgs.builder()
* .name("Rule1")
* .enabled(true)
* .priority(1)
* .rateLimitDurationInMinutes(1)
* .rateLimitThreshold(10)
* .type("MatchRule")
* .action("Block")
* .matchConditions(FrontdoorFirewallPolicyCustomRuleMatchConditionArgs.builder()
* .matchVariable("RemoteAddr")
* .operator("IPMatch")
* .negationCondition(false)
* .matchValues(
* "10.0.1.0/24",
* "10.0.0.0/24")
* .build())
* .build(),
* FrontdoorFirewallPolicyCustomRuleArgs.builder()
* .name("Rule2")
* .enabled(true)
* .priority(2)
* .rateLimitDurationInMinutes(1)
* .rateLimitThreshold(10)
* .type("MatchRule")
* .action("Block")
* .matchConditions(
* FrontdoorFirewallPolicyCustomRuleMatchConditionArgs.builder()
* .matchVariable("RemoteAddr")
* .operator("IPMatch")
* .negationCondition(false)
* .matchValues("192.168.1.0/24")
* .build(),
* FrontdoorFirewallPolicyCustomRuleMatchConditionArgs.builder()
* .matchVariable("RequestHeader")
* .selector("UserAgent")
* .operator("Contains")
* .negationCondition(false)
* .matchValues("windows")
* .transforms(
* "Lowercase",
* "Trim")
* .build())
* .build())
* .managedRules(
* FrontdoorFirewallPolicyManagedRuleArgs.builder()
* .type("DefaultRuleSet")
* .version("1.0")
* .exclusions(FrontdoorFirewallPolicyManagedRuleExclusionArgs.builder()
* .matchVariable("QueryStringArgNames")
* .operator("Equals")
* .selector("not_suspicious")
* .build())
* .overrides(
* FrontdoorFirewallPolicyManagedRuleOverrideArgs.builder()
* .ruleGroupName("PHP")
* .rules(FrontdoorFirewallPolicyManagedRuleOverrideRuleArgs.builder()
* .ruleId("933100")
* .enabled(false)
* .action("Block")
* .build())
* .build(),
* FrontdoorFirewallPolicyManagedRuleOverrideArgs.builder()
* .ruleGroupName("SQLI")
* .exclusions(FrontdoorFirewallPolicyManagedRuleOverrideExclusionArgs.builder()
* .matchVariable("QueryStringArgNames")
* .operator("Equals")
* .selector("really_not_suspicious")
* .build())
* .rules(FrontdoorFirewallPolicyManagedRuleOverrideRuleArgs.builder()
* .ruleId("942200")
* .action("Block")
* .exclusions(FrontdoorFirewallPolicyManagedRuleOverrideRuleExclusionArgs.builder()
* .matchVariable("QueryStringArgNames")
* .operator("Equals")
* .selector("innocent")
* .build())
* .build())
* .build())
* .build(),
* FrontdoorFirewallPolicyManagedRuleArgs.builder()
* .type("Microsoft_BotManagerRuleSet")
* .version("1.0")
* .action("Log")
* .build())
* .build());
*
* }
* }
* }
*
* <!--End PulumiCodeChooser -->
*
* ## Import
*
* Front Door Firewall Policies can be imported using the `resource id`, e.g.
*
* ```sh
* $ pulumi import azure:cdn/frontdoorFirewallPolicy:FrontdoorFirewallPolicy example /subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/resourceGroup1/providers/Microsoft.Network/frontDoorWebApplicationFirewallPolicies/firewallPolicy1
* ```
*
*/
@ResourceType(type="azure:cdn/frontdoorFirewallPolicy:FrontdoorFirewallPolicy")
public class FrontdoorFirewallPolicy extends com.pulumi.resources.CustomResource {
/**
* If a `custom_rule` block's action type is `block`, this is the response body. The body must be specified in base64 encoding.
*
*/
@Export(name="customBlockResponseBody", refs={String.class}, tree="[0]")
private Output customBlockResponseBody;
/**
* @return If a `custom_rule` block's action type is `block`, this is the response body. The body must be specified in base64 encoding.
*
*/
public Output> customBlockResponseBody() {
return Codegen.optional(this.customBlockResponseBody);
}
/**
* If a `custom_rule` block's action type is `block`, this is the response status code. Possible values are `200`, `403`, `405`, `406`, or `429`.
*
*/
@Export(name="customBlockResponseStatusCode", refs={Integer.class}, tree="[0]")
private Output customBlockResponseStatusCode;
/**
* @return If a `custom_rule` block's action type is `block`, this is the response status code. Possible values are `200`, `403`, `405`, `406`, or `429`.
*
*/
public Output> customBlockResponseStatusCode() {
return Codegen.optional(this.customBlockResponseStatusCode);
}
/**
* One or more `custom_rule` blocks as defined below.
*
*/
@Export(name="customRules", refs={List.class,FrontdoorFirewallPolicyCustomRule.class}, tree="[0,1]")
private Output> customRules;
/**
* @return One or more `custom_rule` blocks as defined below.
*
*/
public Output>> customRules() {
return Codegen.optional(this.customRules);
}
/**
* Is the Front Door Firewall Policy enabled? Defaults to `true`.
*
*/
@Export(name="enabled", refs={Boolean.class}, tree="[0]")
private Output enabled;
/**
* @return Is the Front Door Firewall Policy enabled? Defaults to `true`.
*
*/
public Output> enabled() {
return Codegen.optional(this.enabled);
}
/**
* The Front Door Profiles frontend endpoints associated with this Front Door Firewall Policy.
*
*/
@Export(name="frontendEndpointIds", refs={List.class,String.class}, tree="[0,1]")
private Output> frontendEndpointIds;
/**
* @return The Front Door Profiles frontend endpoints associated with this Front Door Firewall Policy.
*
*/
public Output> frontendEndpointIds() {
return this.frontendEndpointIds;
}
/**
* One or more `managed_rule` blocks as defined below.
*
*/
@Export(name="managedRules", refs={List.class,FrontdoorFirewallPolicyManagedRule.class}, tree="[0,1]")
private Output> managedRules;
/**
* @return One or more `managed_rule` blocks as defined below.
*
*/
public Output>> managedRules() {
return Codegen.optional(this.managedRules);
}
/**
* The Front Door Firewall Policy mode. Possible values are `Detection`, `Prevention`.
*
*/
@Export(name="mode", refs={String.class}, tree="[0]")
private Output mode;
/**
* @return The Front Door Firewall Policy mode. Possible values are `Detection`, `Prevention`.
*
*/
public Output mode() {
return this.mode;
}
/**
* The name of the policy. Changing this forces a new resource to be created.
*
*/
@Export(name="name", refs={String.class}, tree="[0]")
private Output name;
/**
* @return The name of the policy. Changing this forces a new resource to be created.
*
*/
public Output name() {
return this.name;
}
/**
* If action type is redirect, this field represents redirect URL for the client.
*
*/
@Export(name="redirectUrl", refs={String.class}, tree="[0]")
private Output redirectUrl;
/**
* @return If action type is redirect, this field represents redirect URL for the client.
*
*/
public Output> redirectUrl() {
return Codegen.optional(this.redirectUrl);
}
/**
* Should policy managed rules inspect the request body content? Defaults to `true`.
*
* > **NOTE:** When run in `Detection` mode, the Front Door Firewall Policy doesn't take any other actions other than monitoring and logging the request and its matched Front Door Rule to the Web Application Firewall logs.
*
*/
@Export(name="requestBodyCheckEnabled", refs={Boolean.class}, tree="[0]")
private Output requestBodyCheckEnabled;
/**
* @return Should policy managed rules inspect the request body content? Defaults to `true`.
*
* > **NOTE:** When run in `Detection` mode, the Front Door Firewall Policy doesn't take any other actions other than monitoring and logging the request and its matched Front Door Rule to the Web Application Firewall logs.
*
*/
public Output> requestBodyCheckEnabled() {
return Codegen.optional(this.requestBodyCheckEnabled);
}
/**
* The name of the resource group. Changing this forces a new resource to be created.
*
*/
@Export(name="resourceGroupName", refs={String.class}, tree="[0]")
private Output resourceGroupName;
/**
* @return The name of the resource group. Changing this forces a new resource to be created.
*
*/
public Output resourceGroupName() {
return this.resourceGroupName;
}
/**
* The sku's pricing tier for this Front Door Firewall Policy. Possible values include `Standard_AzureFrontDoor` or `Premium_AzureFrontDoor`. Changing this forces a new resource to be created.
*
* > **NOTE:** The `Standard_AzureFrontDoor` Front Door Firewall Policy sku may contain `custom` rules only. The `Premium_AzureFrontDoor` Front Door Firewall Policy skus may contain both `custom` and `managed` rules.
*
*/
@Export(name="skuName", refs={String.class}, tree="[0]")
private Output skuName;
/**
* @return The sku's pricing tier for this Front Door Firewall Policy. Possible values include `Standard_AzureFrontDoor` or `Premium_AzureFrontDoor`. Changing this forces a new resource to be created.
*
* > **NOTE:** The `Standard_AzureFrontDoor` Front Door Firewall Policy sku may contain `custom` rules only. The `Premium_AzureFrontDoor` Front Door Firewall Policy skus may contain both `custom` and `managed` rules.
*
*/
public Output skuName() {
return this.skuName;
}
/**
* A mapping of tags to assign to the Front Door Firewall Policy.
*
*/
@Export(name="tags", refs={Map.class,String.class}, tree="[0,1,1]")
private Output> tags;
/**
* @return A mapping of tags to assign to the Front Door Firewall Policy.
*
*/
public Output>> tags() {
return Codegen.optional(this.tags);
}
/**
*
* @param name The _unique_ name of the resulting resource.
*/
public FrontdoorFirewallPolicy(java.lang.String name) {
this(name, FrontdoorFirewallPolicyArgs.Empty);
}
/**
*
* @param name The _unique_ name of the resulting resource.
* @param args The arguments to use to populate this resource's properties.
*/
public FrontdoorFirewallPolicy(java.lang.String name, FrontdoorFirewallPolicyArgs args) {
this(name, args, null);
}
/**
*
* @param name The _unique_ name of the resulting resource.
* @param args The arguments to use to populate this resource's properties.
* @param options A bag of options that control this resource's behavior.
*/
public FrontdoorFirewallPolicy(java.lang.String name, FrontdoorFirewallPolicyArgs args, @Nullable com.pulumi.resources.CustomResourceOptions options) {
super("azure:cdn/frontdoorFirewallPolicy:FrontdoorFirewallPolicy", name, makeArgs(args, options), makeResourceOptions(options, Codegen.empty()), false);
}
private FrontdoorFirewallPolicy(java.lang.String name, Output id, @Nullable FrontdoorFirewallPolicyState state, @Nullable com.pulumi.resources.CustomResourceOptions options) {
super("azure:cdn/frontdoorFirewallPolicy:FrontdoorFirewallPolicy", name, state, makeResourceOptions(options, id), false);
}
private static FrontdoorFirewallPolicyArgs makeArgs(FrontdoorFirewallPolicyArgs args, @Nullable com.pulumi.resources.CustomResourceOptions options) {
if (options != null && options.getUrn().isPresent()) {
return null;
}
return args == null ? FrontdoorFirewallPolicyArgs.Empty : args;
}
private static com.pulumi.resources.CustomResourceOptions makeResourceOptions(@Nullable com.pulumi.resources.CustomResourceOptions options, @Nullable Output id) {
var defaultOptions = com.pulumi.resources.CustomResourceOptions.builder()
.version(Utilities.getVersion())
.build();
return com.pulumi.resources.CustomResourceOptions.merge(defaultOptions, options, id);
}
/**
* Get an existing Host resource's state with the given name, ID, and optional extra
* properties used to qualify the lookup.
*
* @param name The _unique_ name of the resulting resource.
* @param id The _unique_ provider ID of the resource to lookup.
* @param state
* @param options Optional settings to control the behavior of the CustomResource.
*/
public static FrontdoorFirewallPolicy get(java.lang.String name, Output id, @Nullable FrontdoorFirewallPolicyState state, @Nullable com.pulumi.resources.CustomResourceOptions options) {
return new FrontdoorFirewallPolicy(name, id, state, options);
}
}