Bewerken

Delen via


New-AzFrontDoorWafPolicy

Create WAF policy

Syntax

New-AzFrontDoorWafPolicy
   -ResourceGroupName <String>
   -Name <String>
   [-EnabledState <PSEnabledState>]
   [-Mode <String>]
   [-Customrule <PSCustomRule[]>]
   [-ManagedRule <PSManagedRule[]>]
   [-RedirectUrl <String>]
   [-CustomBlockResponseStatusCode <Int32>]
   [-CustomBlockResponseBody <String>]
   [-Tag <Hashtable>]
   [-RequestBodyCheck <String>]
   [-Sku <String>]
   [-LogScrubbingSetting <PSFrontDoorWafLogScrubbingSetting>]
   [-JavascriptChallengeExpirationInMinutes <Int32>]
   [-DefaultProfile <IAzureContextContainer>]
   [-WhatIf]
   [-Confirm]
   [<CommonParameters>]

Description

The New-AzFrontDoorWafPolicy cmdlet creates a new Azure WAF policy in the specified resource group under current subscription

Examples

Example 1: Create WAF policy

New-AzFrontDoorWafPolicy -Name $policyName -ResourceGroupName $resourceGroupName -Customrule $customRule1,$customRule2 -ManagedRule $managedRule1 -EnabledState Enabled -Mode Prevention -RedirectUrl "https://www.bing.com/" -CustomBlockResponseStatusCode 405 -CustomBlockResponseBody "<html><head><title>You are blocked!</title></head><body></body></html>"

Name         PolicyMode PolicyEnabledState RedirectUrl
----         ---------- ------------------ -----------
{policyName} Prevention            Enabled https://www.bing.com/

Create WAF policy

Parameters

-Confirm

Prompts you for confirmation before running the cmdlet.

Type:SwitchParameter
Aliases:cf
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-CustomBlockResponseBody

Custom Response Body

Type:String
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-CustomBlockResponseStatusCode

Custom Response Status Code

Type:Int32
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-Customrule

Custom rules inside the policy

Type:PSCustomRule[]
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-DefaultProfile

The credentials, account, tenant, and subscription used for communication with Azure.

Type:IAzureContextContainer
Aliases:AzContext, AzureRmContext, AzureCredential
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-EnabledState

Whether the policy is in enabled state or disabled state. Possible values include: 'Disabled', 'Enabled'

Type:PSEnabledState
Accepted values:Enabled, Disabled
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-JavascriptChallengeExpirationInMinutes

setting is only applicable to Premium_AzureFrontDoor. Value must be an integer between 5 and 1440 with the default value being 30.

Type:Int32
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-LogScrubbingSetting

Defines rules that scrub sensitive fields in the Web Application Firewall.

Type:PSFrontDoorWafLogScrubbingSetting
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-ManagedRule

Managed rules inside the policy

Type:PSManagedRule[]
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-Mode

Describes if it is in detection mode or prevention mode at policy level. Possible values include:'Prevention', 'Detection'

Type:String
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-Name

WebApplicationFireWallPolicy name.

Type:String
Position:Named
Default value:None
Required:True
Accept pipeline input:False
Accept wildcard characters:False

-RedirectUrl

Redirect URL

Type:String
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-RequestBodyCheck

Defines if the body should be inspected by managed rules. Possible values include: 'Enabled', 'Disabled'

Type:String
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-ResourceGroupName

The resource group name

Type:String
Position:Named
Default value:None
Required:True
Accept pipeline input:False
Accept wildcard characters:False

-Sku

Sets Sku. Possible values include: 'Classic_AzureFrontDoor', 'Standard_AzureFrontDoor', 'Premium_AzureFrontDoor'

Type:String
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-Tag

The tags associate with the FrontDoor WAF Policy.

Type:Hashtable
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-WhatIf

Shows what would happen if the cmdlet runs. The cmdlet is not run.

Type:SwitchParameter
Aliases:wi
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

Inputs

None

Outputs

PSPolicy