com.pulumi.azure.frontdoor.FirewallPolicy Maven / Gradle / Ivy
Go to download
Show more of this group Show more artifacts with this name
Show all versions of azure Show documentation
Show all versions of azure Show documentation
A Pulumi package for creating and managing Microsoft Azure cloud resources, based on the Terraform azurerm provider. We recommend using the [Azure Native provider](https://github.com/pulumi/pulumi-azure-native) to provision Azure infrastructure. Azure Native provides complete coverage of Azure resources and same-day access to new resources and resource updates.
// *** WARNING: this file was generated by pulumi-java-gen. ***
// *** Do not edit by hand unless you're certain you know what you are doing! ***
package com.pulumi.azure.frontdoor;
import com.pulumi.azure.Utilities;
import com.pulumi.azure.frontdoor.FirewallPolicyArgs;
import com.pulumi.azure.frontdoor.inputs.FirewallPolicyState;
import com.pulumi.azure.frontdoor.outputs.FirewallPolicyCustomRule;
import com.pulumi.azure.frontdoor.outputs.FirewallPolicyManagedRule;
import com.pulumi.core.Output;
import com.pulumi.core.annotations.Export;
import com.pulumi.core.annotations.ResourceType;
import com.pulumi.core.internal.Codegen;
import java.lang.Boolean;
import java.lang.Integer;
import java.lang.String;
import java.util.List;
import java.util.Map;
import java.util.Optional;
import javax.annotation.Nullable;
/**
* !> **IMPORTANT** This deploys an Azure Front Door (classic) resource which has been deprecated and will receive security updates only. Please migrate your existing Azure Front Door (classic) deployments to the new Azure Front Door (standard/premium) resources. For your convenience, the service team has exposed a `Front Door Classic` to `Front Door Standard/Premium` [migration tool](https://learn.microsoft.com/azure/frontdoor/tier-migration) to allow you to migrate your existing `Front Door Classic` instances to the new `Front Door Standard/Premium` product tiers.
*
* Manages an Azure Front Door (classic) Web Application Firewall Policy instance.
*
* !> **Be Aware:** Azure is rolling out a breaking change on Friday 9th April 2021 which may cause issues with the CDN/FrontDoor resources. More information is available in this GitHub issue - however unfortunately this may necessitate a breaking change to the CDN and Front Door resources, more information will be posted in the GitHub issue as the necessary changes are identified.
*
* ## Example Usage
*
* <!--Start PulumiCodeChooser -->
*
* {@code
* package generated_program;
*
* import com.pulumi.Context;
* import com.pulumi.Pulumi;
* import com.pulumi.core.Output;
* import com.pulumi.azure.core.ResourceGroup;
* import com.pulumi.azure.core.ResourceGroupArgs;
* import com.pulumi.azure.frontdoor.FirewallPolicy;
* import com.pulumi.azure.frontdoor.FirewallPolicyArgs;
* import com.pulumi.azure.frontdoor.inputs.FirewallPolicyCustomRuleArgs;
* import com.pulumi.azure.frontdoor.inputs.FirewallPolicyManagedRuleArgs;
* import java.util.List;
* import java.util.ArrayList;
* import java.util.Map;
* import java.io.File;
* import java.nio.file.Files;
* import java.nio.file.Paths;
*
* public class App {
* public static void main(String[] args) {
* Pulumi.run(App::stack);
* }
*
* public static void stack(Context ctx) {
* var example = new ResourceGroup("example", ResourceGroupArgs.builder()
* .name("example-rg")
* .location("West Europe")
* .build());
*
* var exampleFirewallPolicy = new FirewallPolicy("exampleFirewallPolicy", FirewallPolicyArgs.builder()
* .name("examplefdwafpolicy")
* .resourceGroupName(example.name())
* .enabled(true)
* .mode("Prevention")
* .redirectUrl("https://www.contoso.com")
* .customBlockResponseStatusCode(403)
* .customBlockResponseBody("PGh0bWw+CjxoZWFkZXI+PHRpdGxlPkhlbGxvPC90aXRsZT48L2hlYWRlcj4KPGJvZHk+CkhlbGxvIHdvcmxkCjwvYm9keT4KPC9odG1sPg==")
* .customRules(
* FirewallPolicyCustomRuleArgs.builder()
* .name("Rule1")
* .enabled(true)
* .priority(1)
* .rateLimitDurationInMinutes(1)
* .rateLimitThreshold(10)
* .type("MatchRule")
* .action("Block")
* .matchConditions(FirewallPolicyCustomRuleMatchConditionArgs.builder()
* .matchVariable("RemoteAddr")
* .operator("IPMatch")
* .negationCondition(false)
* .matchValues(
* "192.168.1.0/24",
* "10.0.0.0/24")
* .build())
* .build(),
* FirewallPolicyCustomRuleArgs.builder()
* .name("Rule2")
* .enabled(true)
* .priority(2)
* .rateLimitDurationInMinutes(1)
* .rateLimitThreshold(10)
* .type("MatchRule")
* .action("Block")
* .matchConditions(
* FirewallPolicyCustomRuleMatchConditionArgs.builder()
* .matchVariable("RemoteAddr")
* .operator("IPMatch")
* .negationCondition(false)
* .matchValues("192.168.1.0/24")
* .build(),
* FirewallPolicyCustomRuleMatchConditionArgs.builder()
* .matchVariable("RequestHeader")
* .selector("UserAgent")
* .operator("Contains")
* .negationCondition(false)
* .matchValues("windows")
* .transforms(
* "Lowercase",
* "Trim")
* .build())
* .build())
* .managedRules(
* FirewallPolicyManagedRuleArgs.builder()
* .type("DefaultRuleSet")
* .version("1.0")
* .exclusions(FirewallPolicyManagedRuleExclusionArgs.builder()
* .matchVariable("QueryStringArgNames")
* .operator("Equals")
* .selector("not_suspicious")
* .build())
* .overrides(
* FirewallPolicyManagedRuleOverrideArgs.builder()
* .ruleGroupName("PHP")
* .rules(FirewallPolicyManagedRuleOverrideRuleArgs.builder()
* .ruleId("933100")
* .enabled(false)
* .action("Block")
* .build())
* .build(),
* FirewallPolicyManagedRuleOverrideArgs.builder()
* .ruleGroupName("SQLI")
* .exclusions(FirewallPolicyManagedRuleOverrideExclusionArgs.builder()
* .matchVariable("QueryStringArgNames")
* .operator("Equals")
* .selector("really_not_suspicious")
* .build())
* .rules(FirewallPolicyManagedRuleOverrideRuleArgs.builder()
* .ruleId("942200")
* .action("Block")
* .exclusions(FirewallPolicyManagedRuleOverrideRuleExclusionArgs.builder()
* .matchVariable("QueryStringArgNames")
* .operator("Equals")
* .selector("innocent")
* .build())
* .build())
* .build())
* .build(),
* FirewallPolicyManagedRuleArgs.builder()
* .type("Microsoft_BotManagerRuleSet")
* .version("1.0")
* .build())
* .build());
*
* }
* }
* }
*
* <!--End PulumiCodeChooser -->
*
* ## Import
*
* FrontDoor Web Application Firewall Policy can be imported using the `resource id`, e.g.
*
* ```sh
* $ pulumi import azure:frontdoor/firewallPolicy:FirewallPolicy example /subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/example-rg/providers/Microsoft.Network/frontDoorWebApplicationFirewallPolicies/examplefdwafpolicy
* ```
*
*/
@ResourceType(type="azure:frontdoor/firewallPolicy:FirewallPolicy")
public class FirewallPolicy extends com.pulumi.resources.CustomResource {
/**
* If a `custom_rule` block's action type is `block`, this is the response body. The body must be specified in base64 encoding.
*
*/
@Export(name="customBlockResponseBody", refs={String.class}, tree="[0]")
private Output customBlockResponseBody;
/**
* @return If a `custom_rule` block's action type is `block`, this is the response body. The body must be specified in base64 encoding.
*
*/
public Output> customBlockResponseBody() {
return Codegen.optional(this.customBlockResponseBody);
}
/**
* If a `custom_rule` block's action type is `block`, this is the response status code. Possible values are `200`, `403`, `405`, `406`, or `429`.
*
*/
@Export(name="customBlockResponseStatusCode", refs={Integer.class}, tree="[0]")
private Output customBlockResponseStatusCode;
/**
* @return If a `custom_rule` block's action type is `block`, this is the response status code. Possible values are `200`, `403`, `405`, `406`, or `429`.
*
*/
public Output> customBlockResponseStatusCode() {
return Codegen.optional(this.customBlockResponseStatusCode);
}
/**
* One or more `custom_rule` blocks as defined below.
*
*/
@Export(name="customRules", refs={List.class,FirewallPolicyCustomRule.class}, tree="[0,1]")
private Output> customRules;
/**
* @return One or more `custom_rule` blocks as defined below.
*
*/
public Output>> customRules() {
return Codegen.optional(this.customRules);
}
/**
* Is the policy a enabled state or disabled state. Defaults to `true`.
*
*/
@Export(name="enabled", refs={Boolean.class}, tree="[0]")
private Output enabled;
/**
* @return Is the policy a enabled state or disabled state. Defaults to `true`.
*
*/
public Output> enabled() {
return Codegen.optional(this.enabled);
}
/**
* The Frontend Endpoints associated with this Front Door Web Application Firewall policy.
*
*/
@Export(name="frontendEndpointIds", refs={List.class,String.class}, tree="[0,1]")
private Output> frontendEndpointIds;
/**
* @return The Frontend Endpoints associated with this Front Door Web Application Firewall policy.
*
*/
public Output> frontendEndpointIds() {
return this.frontendEndpointIds;
}
/**
* The Azure Region where this Front Door Firewall Policy exists.
*
*/
@Export(name="location", refs={String.class}, tree="[0]")
private Output location;
/**
* @return The Azure Region where this Front Door Firewall Policy exists.
*
*/
public Output location() {
return this.location;
}
/**
* One or more `managed_rule` blocks as defined below.
*
*/
@Export(name="managedRules", refs={List.class,FirewallPolicyManagedRule.class}, tree="[0,1]")
private Output> managedRules;
/**
* @return One or more `managed_rule` blocks as defined below.
*
*/
public Output>> managedRules() {
return Codegen.optional(this.managedRules);
}
/**
* The firewall policy mode. Possible values are `Detection`, `Prevention`. Defaults to `Prevention`.
*
*/
@Export(name="mode", refs={String.class}, tree="[0]")
private Output mode;
/**
* @return The firewall policy mode. Possible values are `Detection`, `Prevention`. Defaults to `Prevention`.
*
*/
public Output> mode() {
return Codegen.optional(this.mode);
}
/**
* The name of the policy. Changing this forces a new resource to be created.
*
*/
@Export(name="name", refs={String.class}, tree="[0]")
private Output name;
/**
* @return The name of the policy. Changing this forces a new resource to be created.
*
*/
public Output name() {
return this.name;
}
/**
* If action type is redirect, this field represents redirect URL for the client.
*
*/
@Export(name="redirectUrl", refs={String.class}, tree="[0]")
private Output redirectUrl;
/**
* @return If action type is redirect, this field represents redirect URL for the client.
*
*/
public Output> redirectUrl() {
return Codegen.optional(this.redirectUrl);
}
/**
* The name of the resource group. Changing this forces a new resource to be created.
*
*/
@Export(name="resourceGroupName", refs={String.class}, tree="[0]")
private Output resourceGroupName;
/**
* @return The name of the resource group. Changing this forces a new resource to be created.
*
*/
public Output resourceGroupName() {
return this.resourceGroupName;
}
/**
* A mapping of tags to assign to the Web Application Firewall Policy.
*
*/
@Export(name="tags", refs={Map.class,String.class}, tree="[0,1,1]")
private Output> tags;
/**
* @return A mapping of tags to assign to the Web Application Firewall Policy.
*
*/
public Output>> tags() {
return Codegen.optional(this.tags);
}
/**
*
* @param name The _unique_ name of the resulting resource.
*/
public FirewallPolicy(java.lang.String name) {
this(name, FirewallPolicyArgs.Empty);
}
/**
*
* @param name The _unique_ name of the resulting resource.
* @param args The arguments to use to populate this resource's properties.
*/
public FirewallPolicy(java.lang.String name, FirewallPolicyArgs args) {
this(name, args, null);
}
/**
*
* @param name The _unique_ name of the resulting resource.
* @param args The arguments to use to populate this resource's properties.
* @param options A bag of options that control this resource's behavior.
*/
public FirewallPolicy(java.lang.String name, FirewallPolicyArgs args, @Nullable com.pulumi.resources.CustomResourceOptions options) {
super("azure:frontdoor/firewallPolicy:FirewallPolicy", name, makeArgs(args, options), makeResourceOptions(options, Codegen.empty()), false);
}
private FirewallPolicy(java.lang.String name, Output id, @Nullable FirewallPolicyState state, @Nullable com.pulumi.resources.CustomResourceOptions options) {
super("azure:frontdoor/firewallPolicy:FirewallPolicy", name, state, makeResourceOptions(options, id), false);
}
private static FirewallPolicyArgs makeArgs(FirewallPolicyArgs args, @Nullable com.pulumi.resources.CustomResourceOptions options) {
if (options != null && options.getUrn().isPresent()) {
return null;
}
return args == null ? FirewallPolicyArgs.Empty : args;
}
private static com.pulumi.resources.CustomResourceOptions makeResourceOptions(@Nullable com.pulumi.resources.CustomResourceOptions options, @Nullable Output id) {
var defaultOptions = com.pulumi.resources.CustomResourceOptions.builder()
.version(Utilities.getVersion())
.build();
return com.pulumi.resources.CustomResourceOptions.merge(defaultOptions, options, id);
}
/**
* Get an existing Host resource's state with the given name, ID, and optional extra
* properties used to qualify the lookup.
*
* @param name The _unique_ name of the resulting resource.
* @param id The _unique_ provider ID of the resource to lookup.
* @param state
* @param options Optional settings to control the behavior of the CustomResource.
*/
public static FirewallPolicy get(java.lang.String name, Output id, @Nullable FirewallPolicyState state, @Nullable com.pulumi.resources.CustomResourceOptions options) {
return new FirewallPolicy(name, id, state, options);
}
}