1. Packages
  2. Netlify Provider
  3. API Docs
  4. WafPolicy
netlify 0.2.2 published on Friday, Mar 7, 2025 by netlify

netlify.WafPolicy

Explore with Pulumi AI

Netlify Web Application Firewall (WAF) policy. Read more

Create WafPolicy Resource

Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.

Constructor syntax

new WafPolicy(name: string, args: WafPolicyArgs, opts?: CustomResourceOptions);
@overload
def WafPolicy(resource_name: str,
              args: WafPolicyArgs,
              opts: Optional[ResourceOptions] = None)

@overload
def WafPolicy(resource_name: str,
              opts: Optional[ResourceOptions] = None,
              description: Optional[str] = None,
              rule_sets: Optional[Sequence[WafPolicyRuleSetArgs]] = None,
              team_id: Optional[str] = None,
              name: Optional[str] = None)
func NewWafPolicy(ctx *Context, name string, args WafPolicyArgs, opts ...ResourceOption) (*WafPolicy, error)
public WafPolicy(string name, WafPolicyArgs args, CustomResourceOptions? opts = null)
public WafPolicy(String name, WafPolicyArgs args)
public WafPolicy(String name, WafPolicyArgs args, CustomResourceOptions options)
type: netlify:WafPolicy
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.

Parameters

name This property is required. string
The unique name of the resource.
args This property is required. WafPolicyArgs
The arguments to resource properties.
opts CustomResourceOptions
Bag of options to control resource's behavior.
resource_name This property is required. str
The unique name of the resource.
args This property is required. WafPolicyArgs
The arguments to resource properties.
opts ResourceOptions
Bag of options to control resource's behavior.
ctx Context
Context object for the current deployment.
name This property is required. string
The unique name of the resource.
args This property is required. WafPolicyArgs
The arguments to resource properties.
opts ResourceOption
Bag of options to control resource's behavior.
name This property is required. string
The unique name of the resource.
args This property is required. WafPolicyArgs
The arguments to resource properties.
opts CustomResourceOptions
Bag of options to control resource's behavior.
name This property is required. String
The unique name of the resource.
args This property is required. WafPolicyArgs
The arguments to resource properties.
options CustomResourceOptions
Bag of options to control resource's behavior.

Constructor example

The following reference example uses placeholder values for all input properties.

var wafPolicyResource = new Netlify.WafPolicy("wafPolicyResource", new()
{
    Description = "string",
    RuleSets = new[]
    {
        new Netlify.Inputs.WafPolicyRuleSetArgs
        {
            ManagedId = "string",
            OverallThreshold = 0,
            PassiveMode = false,
            CategoryThresholds = 
            {
                { "string", 0 },
            },
            ExcludedPatterns = new[]
            {
                "string",
            },
            RuleOverrides = 
            {
                { "string", new Netlify.Inputs.WafPolicyRuleSetRuleOverridesArgs
                {
                    Action = "string",
                } },
            },
        },
    },
    TeamId = "string",
    Name = "string",
});
Copy
example, err := netlify.NewWafPolicy(ctx, "wafPolicyResource", &netlify.WafPolicyArgs{
Description: pulumi.String("string"),
RuleSets: .WafPolicyRuleSetArray{
&.WafPolicyRuleSetArgs{
ManagedId: pulumi.String("string"),
OverallThreshold: pulumi.Float64(0),
PassiveMode: pulumi.Bool(false),
CategoryThresholds: pulumi.Float64Map{
"string": pulumi.Float64(0),
},
ExcludedPatterns: pulumi.StringArray{
pulumi.String("string"),
},
RuleOverrides: .WafPolicyRuleSetRuleOverridesMap{
"string": &.WafPolicyRuleSetRuleOverridesArgs{
Action: pulumi.String("string"),
},
},
},
},
TeamId: pulumi.String("string"),
Name: pulumi.String("string"),
})
Copy
var wafPolicyResource = new WafPolicy("wafPolicyResource", WafPolicyArgs.builder()
    .description("string")
    .ruleSets(WafPolicyRuleSetArgs.builder()
        .managedId("string")
        .overallThreshold(0)
        .passiveMode(false)
        .categoryThresholds(Map.of("string", 0))
        .excludedPatterns("string")
        .ruleOverrides(Map.of("string", Map.of("action", "string")))
        .build())
    .teamId("string")
    .name("string")
    .build());
Copy
waf_policy_resource = netlify.WafPolicy("wafPolicyResource",
    description="string",
    rule_sets=[{
        "managed_id": "string",
        "overall_threshold": 0,
        "passive_mode": False,
        "category_thresholds": {
            "string": 0,
        },
        "excluded_patterns": ["string"],
        "rule_overrides": {
            "string": {
                "action": "string",
            },
        },
    }],
    team_id="string",
    name="string")
Copy
const wafPolicyResource = new netlify.WafPolicy("wafPolicyResource", {
    description: "string",
    ruleSets: [{
        managedId: "string",
        overallThreshold: 0,
        passiveMode: false,
        categoryThresholds: {
            string: 0,
        },
        excludedPatterns: ["string"],
        ruleOverrides: {
            string: {
                action: "string",
            },
        },
    }],
    teamId: "string",
    name: "string",
});
Copy
type: netlify:WafPolicy
properties:
    description: string
    name: string
    ruleSets:
        - categoryThresholds:
            string: 0
          excludedPatterns:
            - string
          managedId: string
          overallThreshold: 0
          passiveMode: false
          ruleOverrides:
            string:
                action: string
    teamId: string
Copy

WafPolicy Resource Properties

To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

Inputs

In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.

The WafPolicy resource accepts the following input properties:

Description This property is required. string
RuleSets This property is required. List<WafPolicyRuleSet>
TeamId This property is required. string
Name string
Description This property is required. string
RuleSets This property is required. []WafPolicyRuleSetArgs
TeamId This property is required. string
Name string
description This property is required. String
ruleSets This property is required. List<WafPolicyRuleSet>
teamId This property is required. String
name String
description This property is required. string
ruleSets This property is required. WafPolicyRuleSet[]
teamId This property is required. string
name string
description This property is required. str
rule_sets This property is required. Sequence[WafPolicyRuleSetArgs]
team_id This property is required. str
name str
description This property is required. String
ruleSets This property is required. List<Property Map>
teamId This property is required. String
name String

Outputs

All input properties are implicitly available as output properties. Additionally, the WafPolicy resource produces the following output properties:

Id string
The provider-assigned unique ID for this managed resource.
LastUpdated string
Id string
The provider-assigned unique ID for this managed resource.
LastUpdated string
id String
The provider-assigned unique ID for this managed resource.
lastUpdated String
id string
The provider-assigned unique ID for this managed resource.
lastUpdated string
id str
The provider-assigned unique ID for this managed resource.
last_updated str
id String
The provider-assigned unique ID for this managed resource.
lastUpdated String

Look up Existing WafPolicy Resource

Get an existing WafPolicy resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

public static get(name: string, id: Input<ID>, state?: WafPolicyState, opts?: CustomResourceOptions): WafPolicy
@staticmethod
def get(resource_name: str,
        id: str,
        opts: Optional[ResourceOptions] = None,
        description: Optional[str] = None,
        last_updated: Optional[str] = None,
        name: Optional[str] = None,
        rule_sets: Optional[Sequence[WafPolicyRuleSetArgs]] = None,
        team_id: Optional[str] = None) -> WafPolicy
func GetWafPolicy(ctx *Context, name string, id IDInput, state *WafPolicyState, opts ...ResourceOption) (*WafPolicy, error)
public static WafPolicy Get(string name, Input<string> id, WafPolicyState? state, CustomResourceOptions? opts = null)
public static WafPolicy get(String name, Output<String> id, WafPolicyState state, CustomResourceOptions options)
resources:  _:    type: netlify:WafPolicy    get:      id: ${id}
name This property is required.
The unique name of the resulting resource.
id This property is required.
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
resource_name This property is required.
The unique name of the resulting resource.
id This property is required.
The unique provider ID of the resource to lookup.
name This property is required.
The unique name of the resulting resource.
id This property is required.
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
name This property is required.
The unique name of the resulting resource.
id This property is required.
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
name This property is required.
The unique name of the resulting resource.
id This property is required.
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.

Supporting Types

WafPolicyRuleSet
, WafPolicyRuleSetArgs

ManagedId This property is required. string
The managed ID of the rule set. Currently, only crs-basic is supported.
OverallThreshold This property is required. double
Recommended default value is 5
PassiveMode This property is required. bool
CategoryThresholds Dictionary<string, double>
Thresholds for each category, e.g. fixation, injection-generic, injection-java, injection-php, lfi, protocol, rce, reputation-scanner, rfi, sqli, ssrf, xss
ExcludedPatterns List<string>
RuleOverrides Dictionary<string, WafPolicyRuleSetRuleOverrides>
ManagedId This property is required. string
The managed ID of the rule set. Currently, only crs-basic is supported.
OverallThreshold This property is required. float64
Recommended default value is 5
PassiveMode This property is required. bool
CategoryThresholds map[string]float64
Thresholds for each category, e.g. fixation, injection-generic, injection-java, injection-php, lfi, protocol, rce, reputation-scanner, rfi, sqli, ssrf, xss
ExcludedPatterns []string
RuleOverrides map[string]WafPolicyRuleSetRuleOverrides
managedId This property is required. String
The managed ID of the rule set. Currently, only crs-basic is supported.
overallThreshold This property is required. Double
Recommended default value is 5
passiveMode This property is required. Boolean
categoryThresholds Map<String,Double>
Thresholds for each category, e.g. fixation, injection-generic, injection-java, injection-php, lfi, protocol, rce, reputation-scanner, rfi, sqli, ssrf, xss
excludedPatterns List<String>
ruleOverrides Map<String,WafPolicyRuleSetRuleOverrides>
managedId This property is required. string
The managed ID of the rule set. Currently, only crs-basic is supported.
overallThreshold This property is required. number
Recommended default value is 5
passiveMode This property is required. boolean
categoryThresholds {[key: string]: number}
Thresholds for each category, e.g. fixation, injection-generic, injection-java, injection-php, lfi, protocol, rce, reputation-scanner, rfi, sqli, ssrf, xss
excludedPatterns string[]
ruleOverrides {[key: string]: WafPolicyRuleSetRuleOverrides}
managed_id This property is required. str
The managed ID of the rule set. Currently, only crs-basic is supported.
overall_threshold This property is required. float
Recommended default value is 5
passive_mode This property is required. bool
category_thresholds Mapping[str, float]
Thresholds for each category, e.g. fixation, injection-generic, injection-java, injection-php, lfi, protocol, rce, reputation-scanner, rfi, sqli, ssrf, xss
excluded_patterns Sequence[str]
rule_overrides Mapping[str, WafPolicyRuleSetRuleOverrides]
managedId This property is required. String
The managed ID of the rule set. Currently, only crs-basic is supported.
overallThreshold This property is required. Number
Recommended default value is 5
passiveMode This property is required. Boolean
categoryThresholds Map<Number>
Thresholds for each category, e.g. fixation, injection-generic, injection-java, injection-php, lfi, protocol, rce, reputation-scanner, rfi, sqli, ssrf, xss
excludedPatterns List<String>
ruleOverrides Map<Property Map>

WafPolicyRuleSetRuleOverrides
, WafPolicyRuleSetRuleOverridesArgs

Action This property is required. string
log_only or none
Action This property is required. string
log_only or none
action This property is required. String
log_only or none
action This property is required. string
log_only or none
action This property is required. str
log_only or none
action This property is required. String
log_only or none

Import

Import a WAF policy by its team ID and the policy ID

$ pulumi import netlify:index/wafPolicy:WafPolicy main 6600abcdef1234567890abcd:6600abcdef1234567890abcd
Copy

To learn more about importing existing cloud resources, see Importing resources.

Package Details

Repository
netlify netlify/terraform-provider-netlify
License
Notes
This Pulumi package is based on the netlify Terraform Provider.