New-AzApplicationGatewayFirewallCustomRule
Creates a new custom rule for the application gateway firewall policy.
Syntax
Default (Default)
New-AzApplicationGatewayFirewallCustomRule
-Name <String>
-Priority <Int32>
[-RateLimitDuration <String>]
[-RateLimitThreshold <Int32>]
-RuleType <String>
-MatchCondition <PSApplicationGatewayFirewallCondition[]>
[-GroupByUserSession <PSApplicationGatewayFirewallCustomRuleGroupByUserSession[]>]
-Action <String>
[-State <String>]
[-DefaultProfile <IAzureContextContainer>]
[<CommonParameters>]
Description
The New-AzApplicationGatewayFirewallCustomRule creates a custom rule for firewall policy.
Examples
Example 1
New-AzApplicationGatewayFirewallCustomRule -Name example-rule -Priority 1 -RuleType MatchRule -MatchCondition $condtion -Action Allow
Name : example-rule
Priority : 1
RuleType : MatchRule
MatchConditions : {Microsoft.Azure.Commands.Network.Models.PSApplicationGatewayFirewallCondition}
Action : Allow
State : Enabled
MatchConditionsText : [
{
"MatchVariables": [
{
"VariableName": "RequestHeaders",
"Selector": "Malicious-Header"
}
],
"OperatorProperty": "Any",
"NegationConditon": false
}
]
The command creates a new custom rule with name of example-rule, priority 1 and the rule type will be MatchRule with condition defined in the condition variable, the action will the allow.
Example 2
New-AzApplicationGatewayFirewallCustomRule -Name example-rule -Priority 2 -RuleType MatchRule -MatchCondition $condition -Action Allow -State Disabled
Name : example-rule
Priority : 2
RuleType : MatchRule
MatchConditions : {Microsoft.Azure.Commands.Network.Models.PSApplicationGatewayFirewallCondition}
Action : Allow
State : Disabled
MatchConditionsText : [
{
"MatchVariables": [
{
"VariableName": "RequestHeaders",
"Selector": "Malicious-Header"
}
],
"OperatorProperty": "Any",
"NegationConditon": false
}
]
The command creates a new custom rule with name of example-rule, state as Disabled, priority 2 and the rule type will be MatchRule with condition defined in the condition variable, the action will the allow.
Example 3
New-AzApplicationGatewayFirewallCustomRule -Name RateLimitRule3 -Priority 3 -RateLimitDuration OneMin -RateLimitThreshold 10 -RuleType RateLimitRule -MatchCondition $condition -GroupByUserSession $groupbyUserSes -Action Allow -State Disabled
Name : RateLimitRule3
Priority : 3
RateLimitDuration : OneMin
RateLimitThreshold : 10
RuleType : RateLimitRule
MatchConditions : {Microsoft.Azure.Commands.Network.Models.PSApplicationGatewayFirewallCondition}
GroupByUserSession : {Microsoft.Azure.Commands.Network.Models.PSApplicationGatewayFirewallCustomRuleGroupByUserSession}
Action : Allow
State : Disabled
MatchConditionsText : [
{
"MatchVariables": [
{
"VariableName": "RequestHeaders",
"Selector": "Malicious-Header"
}
],
"OperatorProperty": "Any",
"NegationConditon": false
}
]
GroupByUserSessionText : [
{
"groupByVariables": [
{
"variableName": "ClientAddr"
}
]
}
]
The command creates a new custom rule with name of RateLimitRule3, state as Disabled, priority 3, RateLimitDuration OneMin, RateLimitThreshold 10 and the rule type will be RateLimitRule with condition defined in the condition variable, the action will the allow, the GroupByUserSession defined in the GroupByUserSession condition variable.
Parameters
-Action
Type of Actions.
Parameter properties
Type: String
Default value: None Accepted values: Allow, Block, Log Supports wildcards: False DontShow: False
Parameter sets
(All)
Position: Named Mandatory: True Value from pipeline: False Value from pipeline by property name: False Value from remaining arguments: False
-DefaultProfile
The credentials, account, tenant, and subscription used for communication with Azure.
Parameter properties
Type: IAzureContextContainer
Default value: None Supports wildcards: False DontShow: False Aliases: AzContext, AzureRmContext, AzureCredential
Parameter sets
(All)
Position: Named Mandatory: False Value from pipeline: False Value from pipeline by property name: False Value from remaining arguments: False
-GroupByUserSession
List of match conditions.
Parameter properties
Parameter sets
(All)
Position: Named Mandatory: False Value from pipeline: False Value from pipeline by property name: False Value from remaining arguments: False
-MatchCondition
List of match conditions.
Parameter properties
Parameter sets
(All)
Position: Named Mandatory: True Value from pipeline: False Value from pipeline by property name: False Value from remaining arguments: False
-Name
The Name of the Rule.
Parameter properties
Type: String
Default value: None Supports wildcards: False DontShow: False
Parameter sets
(All)
Position: Named Mandatory: True Value from pipeline: False Value from pipeline by property name: False Value from remaining arguments: False
-Priority
Describes priority of the rule.
Rules with a lower value will be evaluated before rules with a higher value.
Parameter properties
Type: Int32
Default value: None Supports wildcards: False DontShow: False
Parameter sets
(All)
Position: Named Mandatory: True Value from pipeline: False Value from pipeline by property name: False Value from remaining arguments: False
-RateLimitDuration
Describes duration over which Rate Limit policy will be applied. Applies only when ruleType is RateLimitRule.
Parameter properties
Type: String
Default value: None Accepted values: OneMin, FiveMins Supports wildcards: False DontShow: False
Parameter sets
(All)
Position: Named Mandatory: False Value from pipeline: False Value from pipeline by property name: False Value from remaining arguments: False
-RateLimitThreshold
Describes rate limit threshold. Applies only when ruleType is RateLimitRule.Accepted range for this value is 1 - 5000.
Parameter properties
Type: Int32
Default value: None Supports wildcards: False DontShow: False
Parameter sets
(All)
Position: Named Mandatory: False Value from pipeline: False Value from pipeline by property name: False Value from remaining arguments: False
-RuleType
Describes type of rule.
Parameter properties
Type: String
Default value: None Accepted values: MatchRule, RateLimitRule Supports wildcards: False DontShow: False
Parameter sets
(All)
Position: Named Mandatory: True Value from pipeline: False Value from pipeline by property name: False Value from remaining arguments: False
-State
State variable of the custom rule.
Parameter properties
Type: String
Default value: Enabled Accepted values: Disabled, Enabled Supports wildcards: False DontShow: False
Parameter sets
(All)
Position: Named Mandatory: False Value from pipeline: False Value from pipeline by property name: False Value from remaining arguments: False
CommonParameters
This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable,
-InformationAction, -InformationVariable, -OutBuffer, -OutVariable, -PipelineVariable,
-ProgressAction, -Verbose, -WarningAction, and -WarningVariable. For more information, see
about_CommonParameters .
None
Outputs