network.frontdoor.azure.com/v1api20220501

Package v1api20220501 contains API Schema definitions for the network.frontdoor v1api20220501 API group

Resource Types:

APIVersion (`string` alias)

Value	Description
"2022-05-01"

ActionType (`string` alias)

(Appears on:CustomRule, ManagedRuleOverride)

Defines the action to take on rule match.

Value	Description
"Allow"
"AnomalyScoring"
"Block"
"Log"
"Redirect"

ActionType_STATUS (`string` alias)

(Appears on:CustomRule_STATUS, ManagedRuleOverride_STATUS)

Defines the action to take on rule match.

Value	Description
"Allow"
"AnomalyScoring"
"Block"
"Log"
"Redirect"

CustomRule

Defines contents of a web application rule

Field	Description
`action` ActionType	Action: Describes what action to be applied when rule matches.
`enabledState` CustomRule_EnabledState	EnabledState: Describes if the custom rule is in enabled or disabled state. Defaults to Enabled if not specified.
`matchConditions` []MatchCondition	MatchConditions: List of match conditions.
`name` string	Name: Describes the name of the rule.
`priority` int	Priority: Describes priority of the rule. Rules with a lower value will be evaluated before rules with a higher value.
`rateLimitDurationInMinutes` int	RateLimitDurationInMinutes: Time window for resetting the rate limit count. Default is 1 minute.
`rateLimitThreshold` int	RateLimitThreshold: Number of allowed requests per client within the time window.
`ruleType` CustomRule_RuleType	RuleType: Describes type of rule.

CustomRuleList_STATUS

(Appears on:WebApplicationFirewallPolicy_STATUS)

Defines contents of custom rules

Field	Description
`rules` []CustomRule_STATUS	Rules: List of rules

CustomRule_EnabledState (`string` alias)

(Appears on:CustomRule)

Value	Description
"Disabled"
"Enabled"

CustomRule_EnabledState_STATUS (`string` alias)

(Appears on:CustomRule_STATUS)

Value	Description
"Disabled"
"Enabled"

CustomRule_RuleType (`string` alias)

(Appears on:CustomRule)

Value	Description
"MatchRule"
"RateLimitRule"

CustomRule_RuleType_STATUS (`string` alias)

(Appears on:CustomRule_STATUS)

Value	Description
"MatchRule"
"RateLimitRule"

CustomRule_STATUS

(Appears on:CustomRuleList_STATUS)

Defines contents of a web application rule

Field	Description
`action` ActionType_STATUS	Action: Describes what action to be applied when rule matches.
`enabledState` CustomRule_EnabledState_STATUS	EnabledState: Describes if the custom rule is in enabled or disabled state. Defaults to Enabled if not specified.
`matchConditions` []MatchCondition_STATUS	MatchConditions: List of match conditions.
`name` string	Name: Describes the name of the rule.
`priority` int	Priority: Describes priority of the rule. Rules with a lower value will be evaluated before rules with a higher value.
`rateLimitDurationInMinutes` int	RateLimitDurationInMinutes: Time window for resetting the rate limit count. Default is 1 minute.
`rateLimitThreshold` int	RateLimitThreshold: Number of allowed requests per client within the time window.
`ruleType` CustomRule_RuleType_STATUS	RuleType: Describes type of rule.

FrontendEndpointLink_STATUS

(Appears on:WebApplicationFirewallPolicy_STATUS)

Defines the Resource ID for a Frontend Endpoint.

Field	Description
`id` string	Id: Resource ID.

ManagedRuleEnabledState (`string` alias)

(Appears on:ManagedRuleOverride)

Describes if the managed rule is in enabled or disabled state.

Value	Description
"Disabled"
"Enabled"

ManagedRuleEnabledState_STATUS (`string` alias)

(Appears on:ManagedRuleOverride_STATUS)

Describes if the managed rule is in enabled or disabled state.

Value	Description
"Disabled"
"Enabled"

ManagedRuleExclusion

(Appears on:ManagedRuleGroupOverride, ManagedRuleOverride, ManagedRuleSet)

Exclude variables from managed rule evaluation.

Field	Description
`matchVariable` ManagedRuleExclusion_MatchVariable	MatchVariable: The variable type to be excluded.
`selector` string	Selector: Selector value for which elements in the collection this exclusion applies to.
`selectorMatchOperator` ManagedRuleExclusion_SelectorMatchOperator	SelectorMatchOperator: Comparison operator to apply to the selector when specifying which elements in the collection this exclusion applies to.

ManagedRuleExclusion_MatchVariable (`string` alias)

(Appears on:ManagedRuleExclusion)

Value	Description
"QueryStringArgNames"
"RequestBodyJsonArgNames"
"RequestBodyPostArgNames"
"RequestCookieNames"
"RequestHeaderNames"

ManagedRuleExclusion_MatchVariable_STATUS (`string` alias)

(Appears on:ManagedRuleExclusion_STATUS)

Value	Description
"QueryStringArgNames"
"RequestBodyJsonArgNames"
"RequestBodyPostArgNames"
"RequestCookieNames"
"RequestHeaderNames"

ManagedRuleExclusion_STATUS

(Appears on:ManagedRuleGroupOverride_STATUS, ManagedRuleOverride_STATUS, ManagedRuleSet_STATUS)

Exclude variables from managed rule evaluation.

Field	Description
`matchVariable` ManagedRuleExclusion_MatchVariable_STATUS	MatchVariable: The variable type to be excluded.
`selector` string	Selector: Selector value for which elements in the collection this exclusion applies to.
`selectorMatchOperator` ManagedRuleExclusion_SelectorMatchOperator_STATUS	SelectorMatchOperator: Comparison operator to apply to the selector when specifying which elements in the collection this exclusion applies to.

ManagedRuleExclusion_SelectorMatchOperator (`string` alias)

(Appears on:ManagedRuleExclusion)

Value	Description
"Contains"
"EndsWith"
"Equals"
"EqualsAny"
"StartsWith"

ManagedRuleExclusion_SelectorMatchOperator_STATUS (`string` alias)

(Appears on:ManagedRuleExclusion_STATUS)

Value	Description
"Contains"
"EndsWith"
"Equals"
"EqualsAny"
"StartsWith"

ManagedRuleGroupOverride

(Appears on:ManagedRuleSet)

Defines a managed rule group override setting.

Field	Description
`exclusions` []ManagedRuleExclusion	Exclusions: Describes the exclusions that are applied to all rules in the group.
`ruleGroupName` string	RuleGroupName: Describes the managed rule group to override.
`rules` []ManagedRuleOverride	Rules: List of rules that will be disabled. If none specified, all rules in the group will be disabled.

ManagedRuleGroupOverride_STATUS

(Appears on:ManagedRuleSet_STATUS)

Defines a managed rule group override setting.

Field	Description
`exclusions` []ManagedRuleExclusion_STATUS	Exclusions: Describes the exclusions that are applied to all rules in the group.
`ruleGroupName` string	RuleGroupName: Describes the managed rule group to override.
`rules` []ManagedRuleOverride_STATUS	Rules: List of rules that will be disabled. If none specified, all rules in the group will be disabled.

ManagedRuleOverride

(Appears on:ManagedRuleGroupOverride)

Defines a managed rule group override setting.

Field	Description
`action` ActionType	Action: Describes the override action to be applied when rule matches.
`enabledState` ManagedRuleEnabledState	EnabledState: Describes if the managed rule is in enabled or disabled state. Defaults to Disabled if not specified.
`exclusions` []ManagedRuleExclusion	Exclusions: Describes the exclusions that are applied to this specific rule.
`ruleId` string	RuleId: Identifier for the managed rule.

ManagedRuleOverride_STATUS

(Appears on:ManagedRuleGroupOverride_STATUS)

Defines a managed rule group override setting.

Field	Description
`action` ActionType_STATUS	Action: Describes the override action to be applied when rule matches.
`enabledState` ManagedRuleEnabledState_STATUS	EnabledState: Describes if the managed rule is in enabled or disabled state. Defaults to Disabled if not specified.
`exclusions` []ManagedRuleExclusion_STATUS	Exclusions: Describes the exclusions that are applied to this specific rule.
`ruleId` string	RuleId: Identifier for the managed rule.

ManagedRuleSet

Defines a managed rule set.

Field	Description
`exclusions` []ManagedRuleExclusion	Exclusions: Describes the exclusions that are applied to all rules in the set.
`ruleGroupOverrides` []ManagedRuleGroupOverride	RuleGroupOverrides: Defines the rule group overrides to apply to the rule set.
`ruleSetAction` ManagedRuleSetActionType	RuleSetAction: Defines the rule set action.
`ruleSetType` string	RuleSetType: Defines the rule set type to use.
`ruleSetVersion` string	RuleSetVersion: Defines the version of the rule set to use.

ManagedRuleSetActionType (`string` alias)

(Appears on:ManagedRuleSet)

Defines the action to take when a managed rule set score threshold is met.

Value	Description
"Block"
"Log"
"Redirect"

ManagedRuleSetActionType_STATUS (`string` alias)

(Appears on:ManagedRuleSet_STATUS)

Defines the action to take when a managed rule set score threshold is met.

Value	Description
"Block"
"Log"
"Redirect"

ManagedRuleSetList_STATUS

(Appears on:WebApplicationFirewallPolicy_STATUS)

Defines the list of managed rule sets for the policy.

Field	Description
`managedRuleSets` []ManagedRuleSet_STATUS	ManagedRuleSets: List of rule sets.

ManagedRuleSet_STATUS

(Appears on:ManagedRuleSetList_STATUS)

Defines a managed rule set.

Field	Description
`exclusions` []ManagedRuleExclusion_STATUS	Exclusions: Describes the exclusions that are applied to all rules in the set.
`ruleGroupOverrides` []ManagedRuleGroupOverride_STATUS	RuleGroupOverrides: Defines the rule group overrides to apply to the rule set.
`ruleSetAction` ManagedRuleSetActionType_STATUS	RuleSetAction: Defines the rule set action.
`ruleSetType` string	RuleSetType: Defines the rule set type to use.
`ruleSetVersion` string	RuleSetVersion: Defines the version of the rule set to use.

MatchCondition

(Appears on:CustomRule)

Define a match condition.

Field	Description
`matchValue` []string	MatchValue: List of possible match values.
`matchVariable` MatchCondition_MatchVariable	MatchVariable: Request variable to compare with.
`negateCondition` bool	NegateCondition: Describes if the result of this condition should be negated.
`operator` MatchCondition_Operator	Operator: Comparison type to use for matching with the variable value.
`selector` string	Selector: Match against a specific key from the QueryString, PostArgs, RequestHeader or Cookies variables. Default is null.
`transforms` []TransformType	Transforms: List of transforms.

MatchCondition_MatchVariable (`string` alias)

(Appears on:MatchCondition)

Value	Description
"Cookies"
"PostArgs"
"QueryString"
"RemoteAddr"
"RequestBody"
"RequestHeader"
"RequestMethod"
"RequestUri"
"SocketAddr"

MatchCondition_MatchVariable_STATUS (`string` alias)

(Appears on:MatchCondition_STATUS)

Value	Description
"Cookies"
"PostArgs"
"QueryString"
"RemoteAddr"
"RequestBody"
"RequestHeader"
"RequestMethod"
"RequestUri"
"SocketAddr"

MatchCondition_Operator (`string` alias)

(Appears on:MatchCondition)

Value	Description
"Any"
"BeginsWith"
"Contains"
"EndsWith"
"Equal"
"GeoMatch"
"GreaterThan"
"GreaterThanOrEqual"
"IPMatch"
"LessThan"
"LessThanOrEqual"
"RegEx"

MatchCondition_Operator_STATUS (`string` alias)

(Appears on:MatchCondition_STATUS)

Value	Description
"Any"
"BeginsWith"
"Contains"
"EndsWith"
"Equal"
"GeoMatch"
"GreaterThan"
"GreaterThanOrEqual"
"IPMatch"
"LessThan"
"LessThanOrEqual"
"RegEx"

MatchCondition_STATUS

(Appears on:CustomRule_STATUS)

Define a match condition.

Field	Description
`matchValue` []string	MatchValue: List of possible match values.
`matchVariable` MatchCondition_MatchVariable_STATUS	MatchVariable: Request variable to compare with.
`negateCondition` bool	NegateCondition: Describes if the result of this condition should be negated.
`operator` MatchCondition_Operator_STATUS	Operator: Comparison type to use for matching with the variable value.
`selector` string	Selector: Match against a specific key from the QueryString, PostArgs, RequestHeader or Cookies variables. Default is null.
`transforms` []TransformType_STATUS	Transforms: List of transforms.

PolicySettings

(Appears on:WebApplicationFirewallPolicy_Spec)

Defines top-level WebApplicationFirewallPolicy configuration settings.

Field	Description
`customBlockResponseBody` string	CustomBlockResponseBody: If the action type is block, customer can override the response body. The body must be specified in base64 encoding.
`customBlockResponseStatusCode` int	CustomBlockResponseStatusCode: If the action type is block, customer can override the response status code.
`enabledState` PolicySettings_EnabledState	EnabledState: Describes if the policy is in enabled or disabled state. Defaults to Enabled if not specified.
`mode` PolicySettings_Mode	Mode: Describes if it is in detection mode or prevention mode at policy level.
`redirectUrl` string	RedirectUrl: If action type is redirect, this field represents redirect URL for the client.
`requestBodyCheck` PolicySettings_RequestBodyCheck	RequestBodyCheck: Describes if policy managed rules will inspect the request body content.

PolicySettings_EnabledState (`string` alias)

(Appears on:PolicySettings)

Value	Description
"Disabled"
"Enabled"

PolicySettings_EnabledState_STATUS (`string` alias)

(Appears on:PolicySettings_STATUS)

Value	Description
"Disabled"
"Enabled"

PolicySettings_Mode (`string` alias)

(Appears on:PolicySettings)

Value	Description
"Detection"
"Prevention"

PolicySettings_Mode_STATUS (`string` alias)

(Appears on:PolicySettings_STATUS)

Value	Description
"Detection"
"Prevention"

PolicySettings_RequestBodyCheck (`string` alias)

(Appears on:PolicySettings)

Value	Description
"Disabled"
"Enabled"

PolicySettings_RequestBodyCheck_STATUS (`string` alias)

(Appears on:PolicySettings_STATUS)

Value	Description
"Disabled"
"Enabled"

PolicySettings_STATUS

(Appears on:WebApplicationFirewallPolicy_STATUS)

Defines top-level WebApplicationFirewallPolicy configuration settings.

Field	Description
`customBlockResponseBody` string	CustomBlockResponseBody: If the action type is block, customer can override the response body. The body must be specified in base64 encoding.
`customBlockResponseStatusCode` int	CustomBlockResponseStatusCode: If the action type is block, customer can override the response status code.
`enabledState` PolicySettings_EnabledState_STATUS	EnabledState: Describes if the policy is in enabled or disabled state. Defaults to Enabled if not specified.
`mode` PolicySettings_Mode_STATUS	Mode: Describes if it is in detection mode or prevention mode at policy level.
`redirectUrl` string	RedirectUrl: If action type is redirect, this field represents redirect URL for the client.
`requestBodyCheck` PolicySettings_RequestBodyCheck_STATUS	RequestBodyCheck: Describes if policy managed rules will inspect the request body content.

RoutingRuleLink_STATUS

(Appears on:WebApplicationFirewallPolicy_STATUS)

Defines the Resource ID for a Routing Rule.

Field	Description
`id` string	Id: Resource ID.

SecurityPolicyLink_STATUS

(Appears on:WebApplicationFirewallPolicy_STATUS)

Defines the Resource ID for a Security Policy.

Field	Description
`id` string	Id: Resource ID.

Sku

(Appears on:WebApplicationFirewallPolicy_Spec)

The pricing tier of the web application firewall policy.

Field	Description
`name` Sku_Name	Name: Name of the pricing tier.

Sku_Name (`string` alias)

(Appears on:Sku)

Value	Description
"Classic_AzureFrontDoor"
"Premium_AzureFrontDoor"
"Standard_AzureFrontDoor"

Sku_Name_STATUS (`string` alias)

(Appears on:Sku_STATUS)

Value	Description
"Classic_AzureFrontDoor"
"Premium_AzureFrontDoor"
"Standard_AzureFrontDoor"

Sku_STATUS

(Appears on:WebApplicationFirewallPolicy_STATUS)

The pricing tier of the web application firewall policy.

Field	Description
`name` Sku_Name_STATUS	Name: Name of the pricing tier.

TransformType (`string` alias)

(Appears on:MatchCondition)

Describes what transforms applied before matching.

Value	Description
"Lowercase"
"RemoveNulls"
"Trim"
"Uppercase"
"UrlDecode"
"UrlEncode"

TransformType_STATUS (`string` alias)

(Appears on:MatchCondition_STATUS)

Describes what transforms applied before matching.

Value	Description
"Lowercase"
"RemoveNulls"
"Trim"
"Uppercase"
"UrlDecode"
"UrlEncode"

WebApplicationFirewallPolicy

Generator information: - Generated from: /frontdoor/resource-manager/Microsoft.Network/stable/2022-05-01/webapplicationfirewall.json - ARM URI: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/FrontDoorWebApplicationFirewallPolicies/{policyName}

Field Description

metadata
Kubernetes meta/v1.ObjectMeta Refer to the Kubernetes API documentation for the fields of the metadata field.

spec
WebApplicationFirewallPolicy_Spec

`azureName` string	AzureName: The name of the resource in Azure. This is often the same as the name of the resource in Kubernetes but it doesn’t have to be.
`customRules` CustomRuleList	CustomRules: Describes custom rules inside the policy.
`etag` string	Etag: Gets a unique read-only string that changes whenever the resource is updated.
`location` string	Location: Resource location.
`managedRules` ManagedRuleSetList	ManagedRules: Describes managed rules inside the policy.
`operatorSpec` WebApplicationFirewallPolicyOperatorSpec	OperatorSpec: The specification for configuring operator behavior. This field is interpreted by the operator and not passed directly to Azure
`owner` genruntime.KnownResourceReference	Owner: The owner of the resource. The owner controls where the resource goes when it is deployed. The owner also controls the resources lifecycle. When the owner is deleted the resource will also be deleted. Owner is expected to be a reference to a resources.azure.com/ResourceGroup resource
`policySettings` PolicySettings	PolicySettings: Describes settings for the policy.
`sku` Sku	Sku: The pricing tier of web application firewall policy. Defaults to Classic_AzureFrontDoor if not specified.
`tags` map[string]string	Tags: Resource tags.

status
WebApplicationFirewallPolicy_STATUS

WebApplicationFirewallPolicyOperatorSpec

(Appears on:WebApplicationFirewallPolicy_Spec)

Details for configuring operator behavior. Fields in this struct are interpreted by the operator directly rather than being passed to Azure

Field	Description
`configMapExpressions` []genruntime/core.DestinationExpression	ConfigMapExpressions: configures where to place operator written dynamic ConfigMaps (created with CEL expressions).
`secretExpressions` []genruntime/core.DestinationExpression	SecretExpressions: configures where to place operator written dynamic secrets (created with CEL expressions).

WebApplicationFirewallPolicyProperties_ResourceState_STATUS (`string` alias)

(Appears on:WebApplicationFirewallPolicy_STATUS)

Value	Description
"Creating"
"Deleting"
"Disabled"
"Disabling"
"Enabled"
"Enabling"

WebApplicationFirewallPolicy_STATUS

(Appears on:WebApplicationFirewallPolicy)

Field	Description
`conditions` []genruntime/conditions.Condition	Conditions: The observed state of the resource
`customRules` CustomRuleList_STATUS	CustomRules: Describes custom rules inside the policy.
`etag` string	Etag: Gets a unique read-only string that changes whenever the resource is updated.
`frontendEndpointLinks` []FrontendEndpointLink_STATUS	FrontendEndpointLinks: Describes Frontend Endpoints associated with this Web Application Firewall policy.
`id` string	Id: Resource ID.
`location` string	Location: Resource location.
`managedRules` ManagedRuleSetList_STATUS	ManagedRules: Describes managed rules inside the policy.
`name` string	Name: Resource name.
`policySettings` PolicySettings_STATUS	PolicySettings: Describes settings for the policy.
`provisioningState` string	ProvisioningState: Provisioning state of the policy.
`resourceState` WebApplicationFirewallPolicyProperties_ResourceState_STATUS
`routingRuleLinks` []RoutingRuleLink_STATUS	RoutingRuleLinks: Describes Routing Rules associated with this Web Application Firewall policy.
`securityPolicyLinks` []SecurityPolicyLink_STATUS	SecurityPolicyLinks: Describes Security Policy associated with this Web Application Firewall policy.
`sku` Sku_STATUS	Sku: The pricing tier of web application firewall policy. Defaults to Classic_AzureFrontDoor if not specified.
`tags` map[string]string	Tags: Resource tags.
`type` string	Type: Resource type.

WebApplicationFirewallPolicy_Spec

(Appears on:WebApplicationFirewallPolicy)

Field	Description
`azureName` string	AzureName: The name of the resource in Azure. This is often the same as the name of the resource in Kubernetes but it doesn’t have to be.
`customRules` CustomRuleList	CustomRules: Describes custom rules inside the policy.
`etag` string	Etag: Gets a unique read-only string that changes whenever the resource is updated.
`location` string	Location: Resource location.
`managedRules` ManagedRuleSetList	ManagedRules: Describes managed rules inside the policy.
`operatorSpec` WebApplicationFirewallPolicyOperatorSpec	OperatorSpec: The specification for configuring operator behavior. This field is interpreted by the operator and not passed directly to Azure
`owner` genruntime.KnownResourceReference	Owner: The owner of the resource. The owner controls where the resource goes when it is deployed. The owner also controls the resources lifecycle. When the owner is deleted the resource will also be deleted. Owner is expected to be a reference to a resources.azure.com/ResourceGroup resource
`policySettings` PolicySettings	PolicySettings: Describes settings for the policy.
`sku` Sku	Sku: The pricing tier of web application firewall policy. Defaults to Classic_AzureFrontDoor if not specified.
`tags` map[string]string	Tags: Resource tags.

network.frontdoor.azure.com/v1api20220501