1. Packages
  2. Oracle Cloud Infrastructure
  3. API Docs
  4. Waas
  5. getProtectionRules
Oracle Cloud Infrastructure v2.11.0 published on Thursday, Sep 19, 2024 by Pulumi

oci.Waas.getProtectionRules

Explore with Pulumi AI

oci logo
Oracle Cloud Infrastructure v2.11.0 published on Thursday, Sep 19, 2024 by Pulumi

    This data source provides the list of Protection Rules in Oracle Cloud Infrastructure Web Application Acceleration and Security service.

    Gets the list of available protection rules for a WAAS policy. Use the GetWafConfig operation to view a list of currently configured protection rules for the Web Application Firewall, or use the ListRecommendations operation to get a list of recommended protection rules for the Web Application Firewall. The list is sorted by key, in ascending order.

    Example Usage

    import * as pulumi from "@pulumi/pulumi";
    import * as oci from "@pulumi/oci";
    
    const testProtectionRules = oci.Waas.getProtectionRules({
        waasPolicyId: testWaasPolicy.id,
        actions: protectionRuleAction,
        modSecurityRuleIds: testRule.id,
    });
    
    import pulumi
    import pulumi_oci as oci
    
    test_protection_rules = oci.Waas.get_protection_rules(waas_policy_id=test_waas_policy["id"],
        actions=protection_rule_action,
        mod_security_rule_ids=test_rule["id"])
    
    package main
    
    import (
    	"github.com/pulumi/pulumi-oci/sdk/v2/go/oci/Waas"
    	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
    )
    
    func main() {
    	pulumi.Run(func(ctx *pulumi.Context) error {
    		_, err := Waas.GetProtectionRules(ctx, &waas.GetProtectionRulesArgs{
    			WaasPolicyId:       testWaasPolicy.Id,
    			Actions:            protectionRuleAction,
    			ModSecurityRuleIds: testRule.Id,
    		}, nil)
    		if err != nil {
    			return err
    		}
    		return nil
    	})
    }
    
    using System.Collections.Generic;
    using System.Linq;
    using Pulumi;
    using Oci = Pulumi.Oci;
    
    return await Deployment.RunAsync(() => 
    {
        var testProtectionRules = Oci.Waas.GetProtectionRules.Invoke(new()
        {
            WaasPolicyId = testWaasPolicy.Id,
            Actions = protectionRuleAction,
            ModSecurityRuleIds = testRule.Id,
        });
    
    });
    
    package generated_program;
    
    import com.pulumi.Context;
    import com.pulumi.Pulumi;
    import com.pulumi.core.Output;
    import com.pulumi.oci.Waas.WaasFunctions;
    import com.pulumi.oci.Waas.inputs.GetProtectionRulesArgs;
    import java.util.List;
    import java.util.ArrayList;
    import java.util.Map;
    import java.io.File;
    import java.nio.file.Files;
    import java.nio.file.Paths;
    
    public class App {
        public static void main(String[] args) {
            Pulumi.run(App::stack);
        }
    
        public static void stack(Context ctx) {
            final var testProtectionRules = WaasFunctions.getProtectionRules(GetProtectionRulesArgs.builder()
                .waasPolicyId(testWaasPolicy.id())
                .actions(protectionRuleAction)
                .modSecurityRuleIds(testRule.id())
                .build());
    
        }
    }
    
    variables:
      testProtectionRules:
        fn::invoke:
          Function: oci:Waas:getProtectionRules
          Arguments:
            waasPolicyId: ${testWaasPolicy.id}
            actions: ${protectionRuleAction}
            modSecurityRuleIds: ${testRule.id}
    

    Using getProtectionRules

    Two invocation forms are available. The direct form accepts plain arguments and either blocks until the result value is available, or returns a Promise-wrapped result. The output form accepts Input-wrapped arguments and returns an Output-wrapped result.

    function getProtectionRules(args: GetProtectionRulesArgs, opts?: InvokeOptions): Promise<GetProtectionRulesResult>
    function getProtectionRulesOutput(args: GetProtectionRulesOutputArgs, opts?: InvokeOptions): Output<GetProtectionRulesResult>
    def get_protection_rules(actions: Optional[Sequence[str]] = None,
                             filters: Optional[Sequence[_waas.GetProtectionRulesFilter]] = None,
                             mod_security_rule_ids: Optional[Sequence[str]] = None,
                             waas_policy_id: Optional[str] = None,
                             opts: Optional[InvokeOptions] = None) -> GetProtectionRulesResult
    def get_protection_rules_output(actions: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
                             filters: Optional[pulumi.Input[Sequence[pulumi.Input[_waas.GetProtectionRulesFilterArgs]]]] = None,
                             mod_security_rule_ids: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
                             waas_policy_id: Optional[pulumi.Input[str]] = None,
                             opts: Optional[InvokeOptions] = None) -> Output[GetProtectionRulesResult]
    func GetProtectionRules(ctx *Context, args *GetProtectionRulesArgs, opts ...InvokeOption) (*GetProtectionRulesResult, error)
    func GetProtectionRulesOutput(ctx *Context, args *GetProtectionRulesOutputArgs, opts ...InvokeOption) GetProtectionRulesResultOutput

    > Note: This function is named GetProtectionRules in the Go SDK.

    public static class GetProtectionRules 
    {
        public static Task<GetProtectionRulesResult> InvokeAsync(GetProtectionRulesArgs args, InvokeOptions? opts = null)
        public static Output<GetProtectionRulesResult> Invoke(GetProtectionRulesInvokeArgs args, InvokeOptions? opts = null)
    }
    public static CompletableFuture<GetProtectionRulesResult> getProtectionRules(GetProtectionRulesArgs args, InvokeOptions options)
    // Output-based functions aren't available in Java yet
    
    fn::invoke:
      function: oci:Waas/getProtectionRules:getProtectionRules
      arguments:
        # arguments dictionary

    The following arguments are supported:

    WaasPolicyId string
    The OCID of the WAAS policy.
    Actions List<string>
    Filter rules using a list of actions.
    Filters List<GetProtectionRulesFilter>
    ModSecurityRuleIds List<string>
    Filter rules using a list of ModSecurity rule IDs.
    WaasPolicyId string
    The OCID of the WAAS policy.
    Actions []string
    Filter rules using a list of actions.
    Filters []GetProtectionRulesFilter
    ModSecurityRuleIds []string
    Filter rules using a list of ModSecurity rule IDs.
    waasPolicyId String
    The OCID of the WAAS policy.
    actions List<String>
    Filter rules using a list of actions.
    filters List<GetProtectionRulesFilter>
    modSecurityRuleIds List<String>
    Filter rules using a list of ModSecurity rule IDs.
    waasPolicyId string
    The OCID of the WAAS policy.
    actions string[]
    Filter rules using a list of actions.
    filters GetProtectionRulesFilter[]
    modSecurityRuleIds string[]
    Filter rules using a list of ModSecurity rule IDs.
    waas_policy_id str
    The OCID of the WAAS policy.
    actions Sequence[str]
    Filter rules using a list of actions.
    filters Sequence[waas.GetProtectionRulesFilter]
    mod_security_rule_ids Sequence[str]
    Filter rules using a list of ModSecurity rule IDs.
    waasPolicyId String
    The OCID of the WAAS policy.
    actions List<String>
    Filter rules using a list of actions.
    filters List<Property Map>
    modSecurityRuleIds List<String>
    Filter rules using a list of ModSecurity rule IDs.

    getProtectionRules Result

    The following output properties are available:

    Id string
    The provider-assigned unique ID for this managed resource.
    ProtectionRules List<GetProtectionRulesProtectionRule>
    The list of protection_rules.
    WaasPolicyId string
    Actions List<string>
    The action to take when the traffic is detected as malicious. If unspecified, defaults to OFF.
    Filters List<GetProtectionRulesFilter>
    ModSecurityRuleIds List<string>
    Id string
    The provider-assigned unique ID for this managed resource.
    ProtectionRules []GetProtectionRulesProtectionRule
    The list of protection_rules.
    WaasPolicyId string
    Actions []string
    The action to take when the traffic is detected as malicious. If unspecified, defaults to OFF.
    Filters []GetProtectionRulesFilter
    ModSecurityRuleIds []string
    id String
    The provider-assigned unique ID for this managed resource.
    protectionRules List<GetProtectionRulesProtectionRule>
    The list of protection_rules.
    waasPolicyId String
    actions List<String>
    The action to take when the traffic is detected as malicious. If unspecified, defaults to OFF.
    filters List<GetProtectionRulesFilter>
    modSecurityRuleIds List<String>
    id string
    The provider-assigned unique ID for this managed resource.
    protectionRules GetProtectionRulesProtectionRule[]
    The list of protection_rules.
    waasPolicyId string
    actions string[]
    The action to take when the traffic is detected as malicious. If unspecified, defaults to OFF.
    filters GetProtectionRulesFilter[]
    modSecurityRuleIds string[]
    id str
    The provider-assigned unique ID for this managed resource.
    protection_rules Sequence[waas.GetProtectionRulesProtectionRule]
    The list of protection_rules.
    waas_policy_id str
    actions Sequence[str]
    The action to take when the traffic is detected as malicious. If unspecified, defaults to OFF.
    filters Sequence[waas.GetProtectionRulesFilter]
    mod_security_rule_ids Sequence[str]
    id String
    The provider-assigned unique ID for this managed resource.
    protectionRules List<Property Map>
    The list of protection_rules.
    waasPolicyId String
    actions List<String>
    The action to take when the traffic is detected as malicious. If unspecified, defaults to OFF.
    filters List<Property Map>
    modSecurityRuleIds List<String>

    Supporting Types

    GetProtectionRulesFilter

    Name string
    The name of the protection rule.
    Values List<string>
    Regex bool
    Name string
    The name of the protection rule.
    Values []string
    Regex bool
    name String
    The name of the protection rule.
    values List<String>
    regex Boolean
    name string
    The name of the protection rule.
    values string[]
    regex boolean
    name str
    The name of the protection rule.
    values Sequence[str]
    regex bool
    name String
    The name of the protection rule.
    values List<String>
    regex Boolean

    GetProtectionRulesProtectionRule

    Action string
    Filter rules using a list of actions.
    Description string
    The description of the protection rule.
    Exclusions List<GetProtectionRulesProtectionRuleExclusion>
    An array of The target property of a request that would allow it to bypass the protection rule. For example, when target is REQUEST_COOKIE_NAMES, the list may include names of cookies to exclude from the protection rule. When the target is ARGS, the list may include strings of URL query parameters and values from form-urlencoded XML, JSON, AMP, or POST payloads to exclude from the protection rule. Exclusions properties must not contain whitespace, comma or |. Note: If protection rules have been enabled that utilize the maxArgumentCount or maxTotalNameLengthOfArguments properties, and the target property has been set to ARGS, it is important that the exclusions properties be defined to honor those protection rule settings in a consistent manner.
    Key string
    The unique key of the protection rule.
    Labels List<string>
    The list of labels for the protection rule.
    ModSecurityRuleIds List<string>
    The list of the ModSecurity rule IDs that apply to this protection rule. For more information about ModSecurity's open source WAF rules, see Mod Security's documentation.
    Name string
    The name of the protection rule.
    WaasPolicyId string
    The OCID of the WAAS policy.
    Action string
    Filter rules using a list of actions.
    Description string
    The description of the protection rule.
    Exclusions []GetProtectionRulesProtectionRuleExclusion
    An array of The target property of a request that would allow it to bypass the protection rule. For example, when target is REQUEST_COOKIE_NAMES, the list may include names of cookies to exclude from the protection rule. When the target is ARGS, the list may include strings of URL query parameters and values from form-urlencoded XML, JSON, AMP, or POST payloads to exclude from the protection rule. Exclusions properties must not contain whitespace, comma or |. Note: If protection rules have been enabled that utilize the maxArgumentCount or maxTotalNameLengthOfArguments properties, and the target property has been set to ARGS, it is important that the exclusions properties be defined to honor those protection rule settings in a consistent manner.
    Key string
    The unique key of the protection rule.
    Labels []string
    The list of labels for the protection rule.
    ModSecurityRuleIds []string
    The list of the ModSecurity rule IDs that apply to this protection rule. For more information about ModSecurity's open source WAF rules, see Mod Security's documentation.
    Name string
    The name of the protection rule.
    WaasPolicyId string
    The OCID of the WAAS policy.
    action String
    Filter rules using a list of actions.
    description String
    The description of the protection rule.
    exclusions List<GetProtectionRulesProtectionRuleExclusion>
    An array of The target property of a request that would allow it to bypass the protection rule. For example, when target is REQUEST_COOKIE_NAMES, the list may include names of cookies to exclude from the protection rule. When the target is ARGS, the list may include strings of URL query parameters and values from form-urlencoded XML, JSON, AMP, or POST payloads to exclude from the protection rule. Exclusions properties must not contain whitespace, comma or |. Note: If protection rules have been enabled that utilize the maxArgumentCount or maxTotalNameLengthOfArguments properties, and the target property has been set to ARGS, it is important that the exclusions properties be defined to honor those protection rule settings in a consistent manner.
    key String
    The unique key of the protection rule.
    labels List<String>
    The list of labels for the protection rule.
    modSecurityRuleIds List<String>
    The list of the ModSecurity rule IDs that apply to this protection rule. For more information about ModSecurity's open source WAF rules, see Mod Security's documentation.
    name String
    The name of the protection rule.
    waasPolicyId String
    The OCID of the WAAS policy.
    action string
    Filter rules using a list of actions.
    description string
    The description of the protection rule.
    exclusions GetProtectionRulesProtectionRuleExclusion[]
    An array of The target property of a request that would allow it to bypass the protection rule. For example, when target is REQUEST_COOKIE_NAMES, the list may include names of cookies to exclude from the protection rule. When the target is ARGS, the list may include strings of URL query parameters and values from form-urlencoded XML, JSON, AMP, or POST payloads to exclude from the protection rule. Exclusions properties must not contain whitespace, comma or |. Note: If protection rules have been enabled that utilize the maxArgumentCount or maxTotalNameLengthOfArguments properties, and the target property has been set to ARGS, it is important that the exclusions properties be defined to honor those protection rule settings in a consistent manner.
    key string
    The unique key of the protection rule.
    labels string[]
    The list of labels for the protection rule.
    modSecurityRuleIds string[]
    The list of the ModSecurity rule IDs that apply to this protection rule. For more information about ModSecurity's open source WAF rules, see Mod Security's documentation.
    name string
    The name of the protection rule.
    waasPolicyId string
    The OCID of the WAAS policy.
    action str
    Filter rules using a list of actions.
    description str
    The description of the protection rule.
    exclusions Sequence[waas.GetProtectionRulesProtectionRuleExclusion]
    An array of The target property of a request that would allow it to bypass the protection rule. For example, when target is REQUEST_COOKIE_NAMES, the list may include names of cookies to exclude from the protection rule. When the target is ARGS, the list may include strings of URL query parameters and values from form-urlencoded XML, JSON, AMP, or POST payloads to exclude from the protection rule. Exclusions properties must not contain whitespace, comma or |. Note: If protection rules have been enabled that utilize the maxArgumentCount or maxTotalNameLengthOfArguments properties, and the target property has been set to ARGS, it is important that the exclusions properties be defined to honor those protection rule settings in a consistent manner.
    key str
    The unique key of the protection rule.
    labels Sequence[str]
    The list of labels for the protection rule.
    mod_security_rule_ids Sequence[str]
    The list of the ModSecurity rule IDs that apply to this protection rule. For more information about ModSecurity's open source WAF rules, see Mod Security's documentation.
    name str
    The name of the protection rule.
    waas_policy_id str
    The OCID of the WAAS policy.
    action String
    Filter rules using a list of actions.
    description String
    The description of the protection rule.
    exclusions List<Property Map>
    An array of The target property of a request that would allow it to bypass the protection rule. For example, when target is REQUEST_COOKIE_NAMES, the list may include names of cookies to exclude from the protection rule. When the target is ARGS, the list may include strings of URL query parameters and values from form-urlencoded XML, JSON, AMP, or POST payloads to exclude from the protection rule. Exclusions properties must not contain whitespace, comma or |. Note: If protection rules have been enabled that utilize the maxArgumentCount or maxTotalNameLengthOfArguments properties, and the target property has been set to ARGS, it is important that the exclusions properties be defined to honor those protection rule settings in a consistent manner.
    key String
    The unique key of the protection rule.
    labels List<String>
    The list of labels for the protection rule.
    modSecurityRuleIds List<String>
    The list of the ModSecurity rule IDs that apply to this protection rule. For more information about ModSecurity's open source WAF rules, see Mod Security's documentation.
    name String
    The name of the protection rule.
    waasPolicyId String
    The OCID of the WAAS policy.

    GetProtectionRulesProtectionRuleExclusion

    Exclusions List<string>
    An array of The target property of a request that would allow it to bypass the protection rule. For example, when target is REQUEST_COOKIE_NAMES, the list may include names of cookies to exclude from the protection rule. When the target is ARGS, the list may include strings of URL query parameters and values from form-urlencoded XML, JSON, AMP, or POST payloads to exclude from the protection rule. Exclusions properties must not contain whitespace, comma or |. Note: If protection rules have been enabled that utilize the maxArgumentCount or maxTotalNameLengthOfArguments properties, and the target property has been set to ARGS, it is important that the exclusions properties be defined to honor those protection rule settings in a consistent manner.
    Target string
    The target of the exclusion.
    Exclusions []string
    An array of The target property of a request that would allow it to bypass the protection rule. For example, when target is REQUEST_COOKIE_NAMES, the list may include names of cookies to exclude from the protection rule. When the target is ARGS, the list may include strings of URL query parameters and values from form-urlencoded XML, JSON, AMP, or POST payloads to exclude from the protection rule. Exclusions properties must not contain whitespace, comma or |. Note: If protection rules have been enabled that utilize the maxArgumentCount or maxTotalNameLengthOfArguments properties, and the target property has been set to ARGS, it is important that the exclusions properties be defined to honor those protection rule settings in a consistent manner.
    Target string
    The target of the exclusion.
    exclusions List<String>
    An array of The target property of a request that would allow it to bypass the protection rule. For example, when target is REQUEST_COOKIE_NAMES, the list may include names of cookies to exclude from the protection rule. When the target is ARGS, the list may include strings of URL query parameters and values from form-urlencoded XML, JSON, AMP, or POST payloads to exclude from the protection rule. Exclusions properties must not contain whitespace, comma or |. Note: If protection rules have been enabled that utilize the maxArgumentCount or maxTotalNameLengthOfArguments properties, and the target property has been set to ARGS, it is important that the exclusions properties be defined to honor those protection rule settings in a consistent manner.
    target String
    The target of the exclusion.
    exclusions string[]
    An array of The target property of a request that would allow it to bypass the protection rule. For example, when target is REQUEST_COOKIE_NAMES, the list may include names of cookies to exclude from the protection rule. When the target is ARGS, the list may include strings of URL query parameters and values from form-urlencoded XML, JSON, AMP, or POST payloads to exclude from the protection rule. Exclusions properties must not contain whitespace, comma or |. Note: If protection rules have been enabled that utilize the maxArgumentCount or maxTotalNameLengthOfArguments properties, and the target property has been set to ARGS, it is important that the exclusions properties be defined to honor those protection rule settings in a consistent manner.
    target string
    The target of the exclusion.
    exclusions Sequence[str]
    An array of The target property of a request that would allow it to bypass the protection rule. For example, when target is REQUEST_COOKIE_NAMES, the list may include names of cookies to exclude from the protection rule. When the target is ARGS, the list may include strings of URL query parameters and values from form-urlencoded XML, JSON, AMP, or POST payloads to exclude from the protection rule. Exclusions properties must not contain whitespace, comma or |. Note: If protection rules have been enabled that utilize the maxArgumentCount or maxTotalNameLengthOfArguments properties, and the target property has been set to ARGS, it is important that the exclusions properties be defined to honor those protection rule settings in a consistent manner.
    target str
    The target of the exclusion.
    exclusions List<String>
    An array of The target property of a request that would allow it to bypass the protection rule. For example, when target is REQUEST_COOKIE_NAMES, the list may include names of cookies to exclude from the protection rule. When the target is ARGS, the list may include strings of URL query parameters and values from form-urlencoded XML, JSON, AMP, or POST payloads to exclude from the protection rule. Exclusions properties must not contain whitespace, comma or |. Note: If protection rules have been enabled that utilize the maxArgumentCount or maxTotalNameLengthOfArguments properties, and the target property has been set to ARGS, it is important that the exclusions properties be defined to honor those protection rule settings in a consistent manner.
    target String
    The target of the exclusion.

    Package Details

    Repository
    oci pulumi/pulumi-oci
    License
    Apache-2.0
    Notes
    This Pulumi package is based on the oci Terraform Provider.
    oci logo
    Oracle Cloud Infrastructure v2.11.0 published on Thursday, Sep 19, 2024 by Pulumi