az network front-door waf-policy rule match-condition
Note
This reference is part of the front-door extension for the Azure CLI (version 2.67.0 or higher). The extension will automatically install the first time you run an az network front-door waf-policy rule match-condition command. Learn more about extensions.
Alter match-conditions associated with a WAF policy custom rule.
Note that at least one match-condition must be associated with a custom rule.
Commands
| Name | Description | Type | Status |
|---|---|---|---|
| az network front-door waf-policy rule match-condition add |
Add a match-condition to a WAF policy custom rule. |
Extension | GA |
| az network front-door waf-policy rule match-condition list |
Show all match-conditions associated with a WAF policy custom rule. |
Extension | GA |
| az network front-door waf-policy rule match-condition remove |
Remove a match-condition from a WAF policy custom rule. |
Extension | GA |
az network front-door waf-policy rule match-condition add
Add a match-condition to a WAF policy custom rule.
Usage: [--negate] --match-variable VARIABLE[.selector] --operator OPERATOR --value [VALUE [VALUE ...]]
Variable allowed values: RemoteAddr, RequestMethod, QueryString, PostArgs, RequestUri, RequestHeader, RequestBody, Cookies, SocketAddr
Operator allowed values: Any, IPMatch, GeoMatch, Equal, Contains, LessThan, GreaterThan, LessThanOrEqual, GreaterThanOrEqual, BeginsWith, EndsWith, RegEx.
az network front-door waf-policy rule match-condition add --match-variable
--operator
--values
[--defer]
[--ids]
[--name]
[--negate {false, true}]
[--policy-name]
[--resource-group]
[--subscription]
[--transforms {Lowercase, RemoveNulls, Trim, Uppercase, UrlDecode, UrlEncode}]Required Parameters
Variable[.Selector] Request variable to test with optional selector.
Operator used to compare the variable to the values.
Space-separated list of values to match against.
Optional Parameters
The following parameters are optional, but depending on the context, one or more might become required for the command to execute successfully.
Temporarily store the object in the local cache instead of sending to Azure. Use az cache commands to view/clear.
One or more resource IDs (space-delimited). It should be a complete resource ID containing all information of 'Resource Id' arguments. You should provide either --ids or other 'Resource Id' arguments.
| Property | Value |
|---|---|
| Parameter group: | Resource Id Arguments |
Name of the custom rule.
| Property | Value |
|---|---|
| Parameter group: | Resource Id Arguments |
Applies "Not" to the operator.
| Property | Value |
|---|---|
| Accepted values: | false, true |
Name of the WAF policy. Name must begin with a letter and contain only letters and numbers.
| Property | Value |
|---|---|
| Parameter group: | Resource Id Arguments |
Name of resource group. You can configure the default group using az configure --defaults group=<name>.
| Property | Value |
|---|---|
| Parameter group: | Resource Id Arguments |
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.
| Property | Value |
|---|---|
| Parameter group: | Resource Id Arguments |
Space-separated list of transforms to apply.
| Property | Value |
|---|---|
| Accepted values: | Lowercase, RemoveNulls, Trim, Uppercase, UrlDecode, UrlEncode |
Global Parameters
Increase logging verbosity to show all debug logs.
| Property | Value |
|---|---|
| Default value: | False |
Show this help message and exit.
Only show errors, suppressing warnings.
| Property | Value |
|---|---|
| Default value: | False |
Output format.
| Property | Value |
|---|---|
| Default value: | json |
| Accepted values: | json, jsonc, none, table, tsv, yaml, yamlc |
JMESPath query string. See http://jmespath.org/ for more information and examples.
Increase logging verbosity. Use --debug for full debug logs.
| Property | Value |
|---|---|
| Default value: | False |
az network front-door waf-policy rule match-condition list
Show all match-conditions associated with a WAF policy custom rule.
az network front-door waf-policy rule match-condition list --name
--policy-name
--resource-group
[--defer]Required Parameters
Name of the custom rule.
Name of the WAF policy. Name must begin with a letter and contain only letters and numbers.
Name of resource group. You can configure the default group using az configure --defaults group=<name>.
Optional Parameters
The following parameters are optional, but depending on the context, one or more might become required for the command to execute successfully.
Temporarily store the object in the local cache instead of sending to Azure. Use az cache commands to view/clear.
Global Parameters
Increase logging verbosity to show all debug logs.
| Property | Value |
|---|---|
| Default value: | False |
Show this help message and exit.
Only show errors, suppressing warnings.
| Property | Value |
|---|---|
| Default value: | False |
Output format.
| Property | Value |
|---|---|
| Default value: | json |
| Accepted values: | json, jsonc, none, table, tsv, yaml, yamlc |
JMESPath query string. See http://jmespath.org/ for more information and examples.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.
Increase logging verbosity. Use --debug for full debug logs.
| Property | Value |
|---|---|
| Default value: | False |
az network front-door waf-policy rule match-condition remove
Remove a match-condition from a WAF policy custom rule.
az network front-door waf-policy rule match-condition remove --index
[--defer]
[--ids]
[--name]
[--policy-name]
[--resource-group]
[--subscription]Required Parameters
0-based index of the match condition to remove.
Optional Parameters
The following parameters are optional, but depending on the context, one or more might become required for the command to execute successfully.
Temporarily store the object in the local cache instead of sending to Azure. Use az cache commands to view/clear.
One or more resource IDs (space-delimited). It should be a complete resource ID containing all information of 'Resource Id' arguments. You should provide either --ids or other 'Resource Id' arguments.
| Property | Value |
|---|---|
| Parameter group: | Resource Id Arguments |
Name of the custom rule.
| Property | Value |
|---|---|
| Parameter group: | Resource Id Arguments |
Name of the WAF policy. Name must begin with a letter and contain only letters and numbers.
| Property | Value |
|---|---|
| Parameter group: | Resource Id Arguments |
Name of resource group. You can configure the default group using az configure --defaults group=<name>.
| Property | Value |
|---|---|
| Parameter group: | Resource Id Arguments |
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.
| Property | Value |
|---|---|
| Parameter group: | Resource Id Arguments |
Global Parameters
Increase logging verbosity to show all debug logs.
| Property | Value |
|---|---|
| Default value: | False |
Show this help message and exit.
Only show errors, suppressing warnings.
| Property | Value |
|---|---|
| Default value: | False |
Output format.
| Property | Value |
|---|---|
| Default value: | json |
| Accepted values: | json, jsonc, none, table, tsv, yaml, yamlc |
JMESPath query string. See http://jmespath.org/ for more information and examples.
Increase logging verbosity. Use --debug for full debug logs.
| Property | Value |
|---|---|
| Default value: | False |
