Azure WAF Policy - Add custom rules with Rest API call

mx-oss 61 Reputation points
2022-01-25T22:43:17.157+00:00

Hi,

I am trying to update a current WAF policy attached to an AppGw by using the Rest API, but I am facing an issue by updating the policy

I am using the REST API method documented here : https://learn.microsoft.com/en-us/rest/api/application-gateway/web-application-firewall-policies/create-or-update

and I am sending the HTTP PUT request with the HTTP connector :
168532-image.png

However, when I am updating the policy for adding a custom rule (to block a Bad IP), all the existing custom rules are also removed.

Can I add a custom rule without erasing the existing rules by using the Rest API?
any example from the azure github that I could use for my need ?

thank you for your help
Regards,
Mx

Azure Logic Apps
Azure Logic Apps
An Azure service that automates the access and use of data across clouds without writing code.
2,904 questions
Azure Application Gateway
Azure Application Gateway
An Azure service that provides a platform-managed, scalable, and highly available application delivery controller as a service.
978 questions
{count} votes

Accepted answer
  1. MayankBargali-MSFT 69,751 Reputation points
    2022-01-27T03:28:10.863+00:00

    @mx-oss Thanks for reaching out. You can call the Web Application Firewall Policies - Get API in your logic app to verify if the Policy is already created. If yes then you need to get the customRules parameter from the response of Get API. Initialize the array variable and assign the customRules parameter parse value and then add your new custom rule to this array.
    Pass the new array to your Update Policy API.

    Workflow:
    Web Application Firewall Policies Policy --> Parse the Json --> Add new custom role to the array --> Web Application Firewall Policies Create/Update Policy

    Note: Please handle the error/exception scenario as per your responses.

    Feel free to get back to me if you need any assistance.

    Update 1/31:
    I have created the test workflow with HTTP trigger and you can refer to the code view of my workflow for your reference.

    Workflow:
    Http Trigger --> Http with Azure AD (Web Application Firewall Policies Policy) --> Compose Action (to get your input customRules) --> Parse the Json (the output of get call) --> Compose Action (to create the request body for your PUT operation) --> Http with Azure AD (to update the the Web Application Firewall Policies)

    169794-workflow.gif

    The above is for reference and you can modify the action, add/remove different actions and update the request body as per your requirement.


0 additional answers

Sort by: Most helpful