New-AzApplicationGatewayFirewallCustomRule
Creates a new custom rule for the application gateway firewall policy.
New-AzApplicationGatewayFirewallCustomRule
-Name <String>
-Priority <Int32>
[-RateLimitDuration <String>]
[-RateLimitThreshold <Int32>]
-RuleType <String>
-MatchCondition <PSApplicationGatewayFirewallCondition[]>
[-GroupByUserSession <PSApplicationGatewayFirewallCustomRuleGroupByUserSession[]>]
-Action <String>
[-State <String>]
[-DefaultProfile <IAzureContextContainer>]
[<CommonParameters>]
The New-AzApplicationGatewayFirewallCustomRule creates a custom rule for firewall policy.
New-AzApplicationGatewayFirewallCustomRule -Name example-rule -Priority 1 -RuleType MatchRule -MatchCondition $condtion -Action Allow
Name : example-rule
Priority : 1
RuleType : MatchRule
MatchConditions : {Microsoft.Azure.Commands.Network.Models.PSApplicationGatewayFirewallCondition}
Action : Allow
State : Enabled
MatchConditionsText : [
{
"MatchVariables": [
{
"VariableName": "RequestHeaders",
"Selector": "Malicious-Header"
}
],
"OperatorProperty": "Any",
"NegationConditon": false
}
]
The command creates a new custom rule with name of example-rule, priority 1 and the rule type will be MatchRule with condition defined in the condition variable, the action will the allow.
New-AzApplicationGatewayFirewallCustomRule -Name example-rule -Priority 2 -RuleType MatchRule -MatchCondition $condition -Action Allow -State Disabled
Name : example-rule
Priority : 2
RuleType : MatchRule
MatchConditions : {Microsoft.Azure.Commands.Network.Models.PSApplicationGatewayFirewallCondition}
Action : Allow
State : Disabled
MatchConditionsText : [
{
"MatchVariables": [
{
"VariableName": "RequestHeaders",
"Selector": "Malicious-Header"
}
],
"OperatorProperty": "Any",
"NegationConditon": false
}
]
The command creates a new custom rule with name of example-rule, state as Disabled, priority 2 and the rule type will be MatchRule with condition defined in the condition variable, the action will the allow.
New-AzApplicationGatewayFirewallCustomRule -Name RateLimitRule3 -Priority 3 -RateLimitDuration OneMin -RateLimitThreshold 10 -RuleType RateLimitRule -MatchCondition $condition -GroupByUserSession $groupbyUserSes -Action Allow -State Disabled
Name : RateLimitRule3
Priority : 3
RateLimitDuration : OneMin
RateLimitThreshold : 10
RuleType : RateLimitRule
MatchConditions : {Microsoft.Azure.Commands.Network.Models.PSApplicationGatewayFirewallCondition}
GroupByUserSession : {Microsoft.Azure.Commands.Network.Models.PSApplicationGatewayFirewallCustomRuleGroupByUserSession}
Action : Allow
State : Disabled
MatchConditionsText : [
{
"MatchVariables": [
{
"VariableName": "RequestHeaders",
"Selector": "Malicious-Header"
}
],
"OperatorProperty": "Any",
"NegationConditon": false
}
]
GroupByUserSessionText : [
{
"groupByVariables": [
{
"variableName": "ClientAddr"
}
]
}
]
The command creates a new custom rule with name of RateLimitRule3, state as Disabled, priority 3, RateLimitDuration OneMin, RateLimitThreshold 10 and the rule type will be RateLimitRule with condition defined in the condition variable, the action will the allow, the GroupByUserSession defined in the GroupByUserSession condition variable.
Type of Actions.
Type: | String |
Accepted values: | Allow, Block, Log |
Position: | Named |
Default value: | None |
Required: | True |
Accept pipeline input: | False |
Accept wildcard characters: | False |
The credentials, account, tenant, and subscription used for communication with Azure.
Type: | IAzureContextContainer |
Aliases: | AzContext, AzureRmContext, AzureCredential |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
List of match conditions.
Type: | PSApplicationGatewayFirewallCustomRuleGroupByUserSession[] |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
List of match conditions.
Type: | PSApplicationGatewayFirewallCondition[] |
Position: | Named |
Default value: | None |
Required: | True |
Accept pipeline input: | False |
Accept wildcard characters: | False |
The Name of the Rule.
Type: | String |
Position: | Named |
Default value: | None |
Required: | True |
Accept pipeline input: | False |
Accept wildcard characters: | False |
Describes priority of the rule. Rules with a lower value will be evaluated before rules with a higher value.
Type: | Int32 |
Position: | Named |
Default value: | None |
Required: | True |
Accept pipeline input: | False |
Accept wildcard characters: | False |
Describes duration over which Rate Limit policy will be applied. Applies only when ruleType is RateLimitRule.
Type: | String |
Accepted values: | OneMin, FiveMins |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
Describes rate limit threshold. Applies only when ruleType is RateLimitRule.Accepted range for this value is 1 - 5000.
Type: | Int32 |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
Describes type of rule.
Type: | String |
Accepted values: | MatchRule, RateLimitRule |
Position: | Named |
Default value: | None |
Required: | True |
Accept pipeline input: | False |
Accept wildcard characters: | False |
State variable of the custom rule.
Type: | String |
Accepted values: | Disabled, Enabled |
Position: | Named |
Default value: | Enabled |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
None