az network application-gateway waf-policy custom-rule
Manage application gateway web application firewall (WAF) policy custom rules.
Commands
Name | Description | Type | Status |
---|---|---|---|
az network application-gateway waf-policy custom-rule create |
Create an application gateway WAF policy custom rule. |
Core | GA |
az network application-gateway waf-policy custom-rule delete |
Delete an application gateway WAF policy custom rule. |
Core | GA |
az network application-gateway waf-policy custom-rule list |
List application gateway WAF policy custom rules. |
Core | GA |
az network application-gateway waf-policy custom-rule match-condition |
Manage match conditions in an application gateway web application firewall (WAF) policy custom rule. |
Core | GA |
az network application-gateway waf-policy custom-rule match-condition add |
Add a match condition to an application gateway WAF policy custom rule. |
Core | GA |
az network application-gateway waf-policy custom-rule match-condition list |
List application gateway WAF policy custom rule match conditions. |
Core | GA |
az network application-gateway waf-policy custom-rule match-condition remove |
Remove a match condition from an application gateway WAF policy custom rule. |
Core | GA |
az network application-gateway waf-policy custom-rule show |
Get the details of an application gateway WAF policy custom rule. |
Core | GA |
az network application-gateway waf-policy custom-rule update |
Update an application gateway WAF policy custom rule. |
Core | GA |
az network application-gateway waf-policy custom-rule create
Create an application gateway WAF policy custom rule.
az network application-gateway waf-policy custom-rule create --action {Allow, Block, JSChallenge, Log}
--name
--policy-name
--priority
--resource-group
--rule-type {Invalid, MatchRule, RateLimitRule}
[--group-by-user-session]
[--match-conditions]
[--rate-limit-duration {FiveMins, OneMin}]
[--rate-limit-threshold]
[--state {Disabled, Enabled}]
Examples
Create an application gateway WAF policy custom rule.
az network application-gateway waf-policy custom-rule create --action Allow --name MyWafPolicyRule --policy-name MyPolicy --priority 500 --resource-group MyResourceGroup --rule-type MatchRule
Create an application gateway WAF policy custom rule with user session identifier.
az network application-gateway waf-policy custom-rule create -g MyResourceGroup --policy-name MyPolicy -n MyRule --priority 3 --action Block --rule-type RateLimitRule --rate-limit-duration FiveMins --rate-limit-threshold 15 --group-by-user-session "[{group-by-variables:[{variable-name:GeoLocation}]}]"
Required Parameters
Action to take.
Name of the WAF policy rule.
Name of the application gateway WAF policy.
Rule priority. Lower values are evaluated prior to higher values.
Name of resource group. You can configure the default group using az configure --defaults group=<name>
.
Type of rule.
Optional Parameters
List of user session identifier group by clauses. Support shorthand-syntax, json-file and yaml-file. Try "??" to show more.
List of match conditions. Support shorthand-syntax, json-file and yaml-file. Try "??" to show more.
Duration over which Rate Limit policy will be applied. Applies only when ruleType is RateLimitRule.
Rate Limit threshold to apply in case ruleType is RateLimitRule. Must be greater than or equal to 1.
Describe if the custom rule is in enabled or disabled state.
Global Parameters
Increase logging verbosity to show all debug logs.
Show this help message and exit.
Only show errors, suppressing warnings.
Output format.
JMESPath query string. See http://jmespath.org/ for more information and examples.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID
.
Increase logging verbosity. Use --debug for full debug logs.
az network application-gateway waf-policy custom-rule delete
Delete an application gateway WAF policy custom rule.
az network application-gateway waf-policy custom-rule delete --name
--policy-name
--resource-group
Examples
Delete an application gateway WAF policy custom rule.
az network application-gateway waf-policy custom-rule delete --name MyWafPolicyRule --policy-name MyPolicy --resource-group MyResourceGroup --subscription MySubscription
Required Parameters
Name of the WAF policy rule.
Name of the application gateway WAF policy.
Name of resource group. You can configure the default group using az configure --defaults group=<name>
.
Global Parameters
Increase logging verbosity to show all debug logs.
Show this help message and exit.
Only show errors, suppressing warnings.
Output format.
JMESPath query string. See http://jmespath.org/ for more information and examples.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID
.
Increase logging verbosity. Use --debug for full debug logs.
az network application-gateway waf-policy custom-rule list
List application gateway WAF policy custom rules.
az network application-gateway waf-policy custom-rule list --policy-name
--resource-group
Examples
List application gateway WAF policy custom rules.
az network application-gateway waf-policy custom-rule list --policy-name MyPolicy --resource-group MyResourceGroup
Required Parameters
Name of the application gateway WAF policy.
Name of resource group. You can configure the default group using az configure --defaults group=<name>
.
Global Parameters
Increase logging verbosity to show all debug logs.
Show this help message and exit.
Only show errors, suppressing warnings.
Output format.
JMESPath query string. See http://jmespath.org/ for more information and examples.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID
.
Increase logging verbosity. Use --debug for full debug logs.
az network application-gateway waf-policy custom-rule show
Get the details of an application gateway WAF policy custom rule.
az network application-gateway waf-policy custom-rule show --name
--policy-name
--resource-group
Examples
Get the details of an application gateway WAF policy custom rule.
az network application-gateway waf-policy custom-rule show --name MyWAFPolicyRule --policy-name MyPolicy --resource-group MyResourceGroup
Required Parameters
Name of the WAF policy rule.
Name of the application gateway WAF policy.
Name of resource group. You can configure the default group using az configure --defaults group=<name>
.
Global Parameters
Increase logging verbosity to show all debug logs.
Show this help message and exit.
Only show errors, suppressing warnings.
Output format.
JMESPath query string. See http://jmespath.org/ for more information and examples.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID
.
Increase logging verbosity. Use --debug for full debug logs.
az network application-gateway waf-policy custom-rule update
Update an application gateway WAF policy custom rule.
az network application-gateway waf-policy custom-rule update --name
--policy-name
--resource-group
[--action {Allow, Block, JSChallenge, Log}]
[--add]
[--force-string {0, 1, f, false, n, no, t, true, y, yes}]
[--group-by-user-session]
[--match-conditions]
[--priority]
[--rate-limit-duration {FiveMins, OneMin}]
[--rate-limit-threshold]
[--remove]
[--rule-type {Invalid, MatchRule, RateLimitRule}]
[--set]
[--state {Disabled, Enabled}]
Examples
Update an application gateway WAF policy custom rule.
az network application-gateway waf-policy custom-rule update --action Allow --name MyWAFPolicyRule --policy-name MyPolicy --priority 500 --resource-group MyResourceGroup --rule-type MatchRule
Update an application gateway WAF policy custom rule with user session identifier.
az network application-gateway waf-policy custom-rule create -g MyResourceGroup --policy-name MyPolicy -n MyRule --rate-limit-duration OneMin --rate-limit-threshold 10 --group-by-user-session "[{group-by-variables:[{variable-name:ClientAddr}]}]"
Required Parameters
Name of the WAF policy rule.
Name of the application gateway WAF policy.
Name of resource group. You can configure the default group using az configure --defaults group=<name>
.
Optional Parameters
Action to take.
Add an object to a list of objects by specifying a path and key value pairs. Example: --add property.listProperty <key=value, string or JSON string>
.
When using 'set' or 'add', preserve string literals instead of attempting to convert to JSON.
List of user session identifier group by clauses. Support shorthand-syntax, json-file and yaml-file. Try "??" to show more.
List of match conditions. Support shorthand-syntax, json-file and yaml-file. Try "??" to show more.
Rule priority. Lower values are evaluated prior to higher values.
Duration over which Rate Limit policy will be applied. Applies only when ruleType is RateLimitRule.
Rate Limit threshold to apply in case ruleType is RateLimitRule. Must be greater than or equal to 1.
Remove a property or an element from a list. Example: --remove property.list <indexToRemove>
OR --remove propertyToRemove
.
Type of rule.
Update an object by specifying a property path and value to set. Example: --set property1.property2=<value>
.
Describe if the custom rule is in enabled or disabled state.
Global Parameters
Increase logging verbosity to show all debug logs.
Show this help message and exit.
Only show errors, suppressing warnings.
Output format.
JMESPath query string. See http://jmespath.org/ for more information and examples.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID
.
Increase logging verbosity. Use --debug for full debug logs.
Azure CLI