az network front-door waf-policy managed-rules exclusion
Note
This reference is part of the front-door extension for the Azure CLI (version 2.0.68 or higher). The extension will automatically install the first time you run an az network front-door waf-policy managed-rules exclusion command. Learn more about extensions.
View and alter exclusions on a managed rule set, rule group, or rule within a managed rule set.
Exclusions prevent the rule set, rule group, or rule from being applied to the content of the specified variable. Use 'az network front-door waf-policy managed-rule-definition list' to see the available rules.
Commands
| az network front-door waf-policy managed-rules exclusion add |
Add an exclusion on a managed rule set, rule group, or rule within a managed rule set. |
| az network front-door waf-policy managed-rules exclusion list |
List the exclusions on managed rule set, rule group, or rule within a managed rule set. |
| az network front-door waf-policy managed-rules exclusion remove |
Remove an exclusion on a managed rule set, rule group, or rule within a managed rule set. |
az network front-door waf-policy managed-rules exclusion add
Add an exclusion on a managed rule set, rule group, or rule within a managed rule set.
Prevents the rule set, rule group, or rule from being applied to the content of the specified variable. Use 'az network front-door waf-policy managed-rule-definition list' to see the available rules.
az network front-door waf-policy managed-rules exclusion add --match-variable
--operator
--type
--value
[--ids]
[--policy-name]
[--resource-group]
[--rule-group-id]
[--rule-id]
[--subscription]Required Parameters
Which kind of variable's content will be ignored, e.g. RequestHeaderNames, RequestCookieNames, QueryStringArgNames, RequestBodyPostArgNames.
Operator used to compare the variable name to the value, e.g. Equals, Contains, StartsWith, EndsWith, EqualsAny.
ID of the ruleset to exclusion.
Values to match the variable name against.
Optional Parameters
One or more resource IDs (space-delimited). It should be a complete resource ID containing all information of 'Resource Id' arguments. You should provide either --ids or other 'Resource Id' arguments.
Name of the WAF policy.
Name of resource group. You can configure the default group using az configure --defaults group=<name>.
ID of the rule group containing the rule to exclusion.
ID of the rule to apply exclusion.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.
Increase logging verbosity to show all debug logs.
Show this help message and exit.
Only show errors, suppressing warnings.
Output format.
JMESPath query string. See http://jmespath.org/ for more information and examples.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.
Increase logging verbosity. Use --debug for full debug logs.
az network front-door waf-policy managed-rules exclusion list
List the exclusions on managed rule set, rule group, or rule within a managed rule set.
az network front-door waf-policy managed-rules exclusion list --policy-name
--resource-group
--type
[--rule-group-id]
[--rule-id]Required Parameters
Name of the WAF policy.
Name of resource group. You can configure the default group using az configure --defaults group=<name>.
ID of the ruleset with the exclusions to list.
Optional Parameters
ID of the rule group containing the exclusions to list.
ID of the rule to list exclusion for.
Increase logging verbosity to show all debug logs.
Show this help message and exit.
Only show errors, suppressing warnings.
Output format.
JMESPath query string. See http://jmespath.org/ for more information and examples.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.
Increase logging verbosity. Use --debug for full debug logs.
az network front-door waf-policy managed-rules exclusion remove
Remove an exclusion on a managed rule set, rule group, or rule within a managed rule set.
After this command, the standard behavior for the rule within the managed rule set will apply. Use 'az network front-door waf-policy managed-rule-definition list' to see the available rules.
az network front-door waf-policy managed-rules exclusion remove --match-variable
--operator
--type
--value
[--ids]
[--policy-name]
[--resource-group]
[--rule-group-id]
[--rule-id]
[--subscription]Required Parameters
Which kind of variable's content will be ignored, e.g. RequestHeaderNames, RequestCookieNames, QueryStringArgNames, RequestBodyPostArgNames.
Operator used to compare the variable name to the value, e.g. Equals, Contains, StartsWith, EndsWith, EqualsAny.
ID of the ruleset with the exclusion to remove.
Values to match the variable name against.
Optional Parameters
One or more resource IDs (space-delimited). It should be a complete resource ID containing all information of 'Resource Id' arguments. You should provide either --ids or other 'Resource Id' arguments.
Name of the WAF policy.
Name of resource group. You can configure the default group using az configure --defaults group=<name>.
ID of the rule group containing the exclusion to remove.
ID of the rule to remove from exclusion.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.
Increase logging verbosity to show all debug logs.
Show this help message and exit.
Only show errors, suppressing warnings.
Output format.
JMESPath query string. See http://jmespath.org/ for more information and examples.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.
Increase logging verbosity. Use --debug for full debug logs.
Feedback
Submit and view feedback for