az network front-door waf-policy rule match-condition
Note
This reference is part of the front-door extension for the Azure CLI (version 2.57.0 or higher). The extension will automatically install the first time you run an az network front-door waf-policy rule match-condition command. Learn more about extensions.
Alter match-conditions associated with a WAF policy custom rule.
Note that at least one match-condition must be associated with a custom rule.
Commands
Name | Description | Type | Status |
---|---|---|---|
az network front-door waf-policy rule match-condition add |
Add a match-condition to a WAF policy custom rule. |
Extension | GA |
az network front-door waf-policy rule match-condition list |
Show all match-conditions associated with a WAF policy custom rule. |
Extension | GA |
az network front-door waf-policy rule match-condition remove |
Remove a match-condition from a WAF policy custom rule. |
Extension | GA |
az network front-door waf-policy rule match-condition add
Add a match-condition to a WAF policy custom rule.
Usage: [--negate] --match-variable VARIABLE[.selector] --operator OPERATOR --value [VALUE [VALUE ...]]
Variable allowed values: RemoteAddr, RequestMethod, QueryString, PostArgs, RequestUri, RequestHeader, RequestBody, Cookies, SocketAddr
Operator allowed values: Any, IPMatch, GeoMatch, Equal, Contains, LessThan, GreaterThan, LessThanOrEqual, GreaterThanOrEqual, BeginsWith, EndsWith, RegEx.
az network front-door waf-policy rule match-condition add --match-variable
--operator
--values
[--defer]
[--ids]
[--name]
[--negate {false, true}]
[--policy-name]
[--resource-group]
[--subscription]
[--transforms {Lowercase, RemoveNulls, Trim, Uppercase, UrlDecode, UrlEncode}]
Required Parameters
Variable[.Selector] Request variable to test with optional selector.
Operator used to compare the variable to the values.
Space-separated list of values to match against.
Optional Parameters
Temporarily store the object in the local cache instead of sending to Azure. Use az cache
commands to view/clear.
One or more resource IDs (space-delimited). It should be a complete resource ID containing all information of 'Resource Id' arguments. You should provide either --ids or other 'Resource Id' arguments.
Name of the custom rule.
Applies "Not" to the operator.
Name of the WAF policy. Name must begin with a letter and contain only letters and numbers.
Name of resource group. You can configure the default group using az configure --defaults group=<name>
.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID
.
Space-separated list of transforms to apply.
Global Parameters
Increase logging verbosity to show all debug logs.
Show this help message and exit.
Only show errors, suppressing warnings.
Output format.
JMESPath query string. See http://jmespath.org/ for more information and examples.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID
.
Increase logging verbosity. Use --debug for full debug logs.
az network front-door waf-policy rule match-condition list
Show all match-conditions associated with a WAF policy custom rule.
az network front-door waf-policy rule match-condition list --name
--policy-name
--resource-group
[--defer]
Required Parameters
Name of the custom rule.
Name of the WAF policy. Name must begin with a letter and contain only letters and numbers.
Name of resource group. You can configure the default group using az configure --defaults group=<name>
.
Optional Parameters
Temporarily store the object in the local cache instead of sending to Azure. Use az cache
commands to view/clear.
Global Parameters
Increase logging verbosity to show all debug logs.
Show this help message and exit.
Only show errors, suppressing warnings.
Output format.
JMESPath query string. See http://jmespath.org/ for more information and examples.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID
.
Increase logging verbosity. Use --debug for full debug logs.
az network front-door waf-policy rule match-condition remove
Remove a match-condition from a WAF policy custom rule.
az network front-door waf-policy rule match-condition remove --index
[--defer]
[--ids]
[--name]
[--policy-name]
[--resource-group]
[--subscription]
Required Parameters
0-based index of the match condition to remove.
Optional Parameters
Temporarily store the object in the local cache instead of sending to Azure. Use az cache
commands to view/clear.
One or more resource IDs (space-delimited). It should be a complete resource ID containing all information of 'Resource Id' arguments. You should provide either --ids or other 'Resource Id' arguments.
Name of the custom rule.
Name of the WAF policy. Name must begin with a letter and contain only letters and numbers.
Name of resource group. You can configure the default group using az configure --defaults group=<name>
.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID
.
Global Parameters
Increase logging verbosity to show all debug logs.
Show this help message and exit.
Only show errors, suppressing warnings.
Output format.
JMESPath query string. See http://jmespath.org/ for more information and examples.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID
.
Increase logging verbosity. Use --debug for full debug logs.
Azure CLI