Editar

Partilhar via


Update-AzFrontDoorWafPolicy

Update WAF policy

Syntax

Update-AzFrontDoorWafPolicy
      -ResourceGroupName <String>
      -Name <String>
      [-EnabledState <PSEnabledState>]
      [-Mode <String>]
      [-Customrule <PSCustomRule[]>]
      [-ManagedRule <PSManagedRule[]>]
      [-RedirectUrl <String>]
      [-CustomBlockResponseStatusCode <Int32>]
      [-CustomBlockResponseBody <String>]
      [-RequestBodyCheck <String>]
      [-LogScrubbingSetting <PSFrontDoorWafLogScrubbingSetting>]
      [-JavascriptChallengeExpirationInMinutes <Int32>]
      [-DefaultProfile <IAzureContextContainer>]
      [-WhatIf]
      [-Confirm]
      [<CommonParameters>]
Update-AzFrontDoorWafPolicy
      -InputObject <PSPolicy>
      [-EnabledState <PSEnabledState>]
      [-Mode <String>]
      [-Customrule <PSCustomRule[]>]
      [-ManagedRule <PSManagedRule[]>]
      [-RedirectUrl <String>]
      [-CustomBlockResponseStatusCode <Int32>]
      [-CustomBlockResponseBody <String>]
      [-RequestBodyCheck <String>]
      [-LogScrubbingSetting <PSFrontDoorWafLogScrubbingSetting>]
      [-JavascriptChallengeExpirationInMinutes <Int32>]
      [-DefaultProfile <IAzureContextContainer>]
      [-WhatIf]
      [-Confirm]
      [<CommonParameters>]
Update-AzFrontDoorWafPolicy
      -ResourceId <String>
      [-EnabledState <PSEnabledState>]
      [-Mode <String>]
      [-Customrule <PSCustomRule[]>]
      [-ManagedRule <PSManagedRule[]>]
      [-RedirectUrl <String>]
      [-CustomBlockResponseStatusCode <Int32>]
      [-CustomBlockResponseBody <String>]
      [-RequestBodyCheck <String>]
      [-LogScrubbingSetting <PSFrontDoorWafLogScrubbingSetting>]
      [-JavascriptChallengeExpirationInMinutes <Int32>]
      [-DefaultProfile <IAzureContextContainer>]
      [-WhatIf]
      [-Confirm]
      [<CommonParameters>]

Description

The Update-AzFrontDoorWafPolicy cmdlet updates an existing WAF policy. If input parameters are not provided, old parameters from the existing WAF policy will be used.

Examples

Example 1

Update-AzFrontDoorWafPolicy -Name $policyName -ResourceGroupName $resourceGroupName -CustomBlockResponseStatusCode 403

Name         PolicyMode PolicyEnabledState CustomBlockResponseStatusCode RedirectUrl
----         ---------- ------------------ ----------------------------- -----------
{policyName} Prevention            Enabled                           403 https://www.bing.com/

Update an existing WAF policy custom status code.

Example 2

Update-AzFrontDoorWafPolicy -Name $policyName -ResourceGroupName $resourceGroupName -Mode Detection

Name         PolicyMode PolicyEnabledState CustomBlockResponseStatusCode RedirectUrl
----         ---------- ------------------ ----------------------------- -----------
{policyName} Detection            Enabled                           403 https://www.bing.com/

Update an existing WAF policy mode.

Example 3

Update-AzFrontDoorWafPolicy -Name $policyName -ResourceGroupName $resourceGroupName -Mode Detection -EnabledState Disabled

Name          PolicyMode PolicyEnabledState CustomBlockResponseStatusCode RedirectUrl
----          ---------- ------------------ ----------------------------- -----------
{policyName}  Detection           Disabled                           403 https://www.bing.com/

Update an existing WAF policy enabled state and mode.

Example 4

Get-AzFrontDoorWafPolicy -ResourceGroupName $resourceGroupName | Update-AzFrontDoorWafPolicy -Mode Detection -EnabledState Disabled

Update all WAF policies in $resourceGroupName

Parameters

-Confirm

Prompts you for confirmation before running the cmdlet.

Type:SwitchParameter
Aliases:cf
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-CustomBlockResponseBody

Custom Response Body

Type:String
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-CustomBlockResponseStatusCode

Custom Response Status Code

Type:Nullable<T>[Int32]
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-Customrule

Custom rules inside the policy

Type:PSCustomRule[]
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-DefaultProfile

The credentials, account, tenant, and subscription used for communication with Azure.

Type:IAzureContextContainer
Aliases:AzContext, AzureRmContext, AzureCredential
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-EnabledState

Whether the policy is in enabled state or disabled state. Possible values include: 'Disabled', 'Enabled'

Type:PSEnabledState
Accepted values:Enabled, Disabled
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-InputObject

The FireWallPolicy object to update.

Type:PSPolicy
Position:Named
Default value:None
Required:True
Accept pipeline input:True
Accept wildcard characters:False

-JavascriptChallengeExpirationInMinutes

setting is only applicable to Premium_AzureFrontDoor. Value must be an integer between 5 and 1440 with the default value being 30.

Type:Int32
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-LogScrubbingSetting

Defines rules that scrub sensitive fields in the Web Application Firewall.

Type:PSFrontDoorWafLogScrubbingSetting
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-ManagedRule

Managed rules inside the policy

Type:PSManagedRule[]
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-Mode

Describes if it is in detection mode or prevention mode at policy level. Possible values include:'Prevention', 'Detection'

Type:String
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-Name

The name of the FireWallPolicy to update.

Type:String
Position:Named
Default value:None
Required:True
Accept pipeline input:False
Accept wildcard characters:False

-RedirectUrl

Redirect URL

Type:String
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-RequestBodyCheck

Defines if the body should be inspected by managed rules. Possible values include: 'Enabled', 'Disabled'

Type:String
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-ResourceGroupName

The resource group to which the FireWallPolicy belongs.

Type:String
Position:Named
Default value:None
Required:True
Accept pipeline input:False
Accept wildcard characters:False

-ResourceId

Resource Id of the FireWallPolicy to update

Type:String
Position:Named
Default value:None
Required:True
Accept pipeline input:True
Accept wildcard characters:False

-WhatIf

Shows what would happen if the cmdlet runs. The cmdlet is not run.

Type:SwitchParameter
Aliases:wi
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

Inputs

PSPolicy

String

Outputs

PSPolicy