แชร์ผ่าน

az network application-gateway waf-policy custom-rule match-condition

  • Reference

Manage match conditions in an application gateway web application firewall (WAF) policy custom rule.

Commands

Name Description Type Status
az network application-gateway waf-policy custom-rule match-condition add

Add a match condition to an application gateway WAF policy custom rule.

 Core GA
az network application-gateway waf-policy custom-rule match-condition list

List application gateway WAF policy custom rule match conditions.

 Core GA
az network application-gateway waf-policy custom-rule match-condition remove

Remove a match condition from an application gateway WAF policy custom rule.

 Core GA

az network application-gateway waf-policy custom-rule match-condition add

Edit

Add a match condition to an application gateway WAF policy custom rule.

az network application-gateway waf-policy custom-rule match-condition add --match-variables
                                                                          --name
                                                                          --operator {Any, BeginsWith, Contains, EndsWith, Equal, GeoMatch, GreaterThan, GreaterThanOrEqual, IPMatch, LessThan, LessThanOrEqual, Regex}
                                                                          --policy-name
                                                                          --resource-group
                                                                          --values
                                                                          [--index]
                                                                          [--negate {0, 1, f, false, n, no, t, true, y, yes}]
                                                                          [--transforms]

Examples

Add application gateway WAF policy custom rule match condition with contains.

az network application-gateway waf-policy custom-rule match-condition add --resource-group MyResourceGroup --policy-name MyPolicy --name MyWAFPolicyRule --match-variables RequestHeaders.value --operator contains --values foo boo --transform lowercase

Add application gateway WAF policy custom rule match condition with equal.

az network application-gateway waf-policy custom-rule match-condition add --resource-group MyResourceGroup --policy-name MyPolicy --name MyWAFPolicyRule --match-variables RequestHeaders.Content-Type --operator Equal --values application/csp-report

Required Parameters

--match-variables

Space-separated list of variables to use when matching. Variable values: RemoteAddr, RequestMethod, QueryString, PostArgs, RequestUri, RequestHeaders, RequestBody, RequestCookies. Support shorthand-syntax, json-file and yaml-file. Try "??" to show more.

--name -n

Name of the WAF policy rule.

--operator

Operator for matching.

Accepted values: Any, BeginsWith, Contains, EndsWith, Equal, GeoMatch, GreaterThan, GreaterThanOrEqual, IPMatch, LessThan, LessThanOrEqual, Regex
--policy-name

Name of the application gateway WAF policy.

--resource-group -g

Name of resource group. You can configure the default group using az configure --defaults group=<name>.

--values

Space-separated list of values to match. Support shorthand-syntax, json-file and yaml-file. Try "??" to show more.

Optional Parameters

--index

Index of match condition. If no index is provided, the default behavior is append.

--negate

Match the negative of the condition.

Accepted values: 0, 1, f, false, n, no, t, true, y, yes
--transforms

Space-separated list of transforms to apply when matching. Allowed values: HtmlEntityDecode, Uppercase, Lowercase, RemoveNulls, Trim, UrlDecode, UrlEncode. Support shorthand-syntax, json-file and yaml-file. Try "??" to show more.

Global Parameters
--debug

Increase logging verbosity to show all debug logs.

--help -h

Show this help message and exit.

--only-show-errors

Only show errors, suppressing warnings.

--output -o

Output format.

Accepted values: json, jsonc, none, table, tsv, yaml, yamlc
Default value: json
--query

JMESPath query string. See http://jmespath.org/ for more information and examples.

--subscription

Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.

--verbose

Increase logging verbosity. Use --debug for full debug logs.

az network application-gateway waf-policy custom-rule match-condition list

Edit

List application gateway WAF policy custom rule match conditions.

az network application-gateway waf-policy custom-rule match-condition list --name
                                                                           --policy-name
                                                                           --resource-group

Examples

List application gateway WAF policy custom rule match conditions.

az network application-gateway waf-policy custom-rule match-condition list --name MyWAFPolicyRule --policy-name MyPolicy --resource-group MyResourceGroup --subscription MySubscription

Required Parameters

--name -n

Name of the WAF policy rule.

--policy-name

Name of the application gateway WAF policy.

--resource-group -g

Name of resource group. You can configure the default group using az configure --defaults group=<name>.

Global Parameters
--debug

Increase logging verbosity to show all debug logs.

--help -h

Show this help message and exit.

--only-show-errors

Only show errors, suppressing warnings.

--output -o

Output format.

Accepted values: json, jsonc, none, table, tsv, yaml, yamlc
Default value: json
--query

JMESPath query string. See http://jmespath.org/ for more information and examples.

--subscription

Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.

--verbose

Increase logging verbosity. Use --debug for full debug logs.

az network application-gateway waf-policy custom-rule match-condition remove

Edit

Remove a match condition from an application gateway WAF policy custom rule.

az network application-gateway waf-policy custom-rule match-condition remove --index
                                                                             --name
                                                                             --policy-name
                                                                             --resource-group

Examples

Remove a match condition from an application gateway WAF policy custom rule.

az network application-gateway waf-policy custom-rule match-condition remove -n MyRule -g MyResourceGroup --policy-name MyPolicy --index 0

Required Parameters

--index

Index of the match condition to remove.

--name -n

Name of the WAF policy rule.

--policy-name

Name of the application gateway WAF policy.

--resource-group -g

Name of resource group. You can configure the default group using az configure --defaults group=<name>.

Global Parameters
--debug

Increase logging verbosity to show all debug logs.

--help -h

Show this help message and exit.

--only-show-errors

Only show errors, suppressing warnings.

--output -o

Output format.

Accepted values: json, jsonc, none, table, tsv, yaml, yamlc
Default value: json
--query

JMESPath query string. See http://jmespath.org/ for more information and examples.

--subscription

Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.

--verbose

Increase logging verbosity. Use --debug for full debug logs.