New-AzFrontDoorWafPolicy
Create WAF policy
Syntax
New-AzFrontDoorWafPolicy
-ResourceGroupName <String>
-Name <String>
[-EnabledState <PSEnabledState>]
[-Mode <String>]
[-Customrule <PSCustomRule[]>]
[-ManagedRule <PSManagedRule[]>]
[-RedirectUrl <String>]
[-CustomBlockResponseStatusCode <Int32>]
[-CustomBlockResponseBody <String>]
[-Tag <Hashtable>]
[-RequestBodyCheck <String>]
[-Sku <String>]
[-LogScrubbingSetting <PSFrontDoorWafLogScrubbingSetting>]
[-JavascriptChallengeExpirationInMinutes <Int32>]
[-DefaultProfile <IAzureContextContainer>]
[-WhatIf]
[-Confirm]
[<CommonParameters>] Description
The New-AzFrontDoorWafPolicy cmdlet creates a new Azure WAF policy in the specified resource group under current subscription
Examples
Example 1: Create WAF policy
New-AzFrontDoorWafPolicy -Name $policyName -ResourceGroupName $resourceGroupName -Customrule $customRule1,$customRule2 -ManagedRule $managedRule1 -EnabledState Enabled -Mode Prevention -RedirectUrl "https://www.bing.com/" -CustomBlockResponseStatusCode 405 -CustomBlockResponseBody "<html><head><title>You are blocked!</title></head><body></body></html>"
Name PolicyMode PolicyEnabledState RedirectUrl
---- ---------- ------------------ -----------
{policyName} Prevention Enabled https://www.bing.com/Create WAF policy
Parameters
-Confirm
Prompts you for confirmation before running the cmdlet.
| Type: | SwitchParameter |
| Aliases: | cf |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-CustomBlockResponseBody
Custom Response Body
| Type: | String |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-CustomBlockResponseStatusCode
Custom Response Status Code
| Type: | Int32 |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-Customrule
Custom rules inside the policy
| Type: | PSCustomRule[] |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-DefaultProfile
The credentials, account, tenant, and subscription used for communication with Azure.
| Type: | IAzureContextContainer |
| Aliases: | AzContext, AzureRmContext, AzureCredential |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-EnabledState
Whether the policy is in enabled state or disabled state. Possible values include: 'Disabled', 'Enabled'
| Type: | PSEnabledState |
| Accepted values: | Enabled, Disabled |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-JavascriptChallengeExpirationInMinutes
setting is only applicable to Premium_AzureFrontDoor. Value must be an integer between 5 and 1440 with the default value being 30.
| Type: | Int32 |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-LogScrubbingSetting
Defines rules that scrub sensitive fields in the Web Application Firewall.
| Type: | PSFrontDoorWafLogScrubbingSetting |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-ManagedRule
Managed rules inside the policy
| Type: | PSManagedRule[] |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-Mode
Describes if it is in detection mode or prevention mode at policy level. Possible values include:'Prevention', 'Detection'
| Type: | String |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-Name
WebApplicationFireWallPolicy name.
| Type: | String |
| Position: | Named |
| Default value: | None |
| Required: | True |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-RedirectUrl
Redirect URL
| Type: | String |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-RequestBodyCheck
Defines if the body should be inspected by managed rules. Possible values include: 'Enabled', 'Disabled'
| Type: | String |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-ResourceGroupName
The resource group name
| Type: | String |
| Position: | Named |
| Default value: | None |
| Required: | True |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-Sku
Sets Sku. Possible values include: 'Classic_AzureFrontDoor', 'Standard_AzureFrontDoor', 'Premium_AzureFrontDoor'
| Type: | String |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-Tag
The tags associate with the FrontDoor WAF Policy.
| Type: | Hashtable |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-WhatIf
Shows what would happen if the cmdlet runs. The cmdlet is not run.
| Type: | SwitchParameter |
| Aliases: | wi |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
Inputs
None
Outputs
Related Links
Azure PowerShell