az network front-door waf-policy rule

Note

This reference is part of the front-door extension for the Azure CLI (version 2.57.0 or higher). The extension will automatically install the first time you run an az network front-door waf-policy rule command. Learn more about extensions.

Manage WAF policy custom rules.

Commands

Name Description Type Status
az network front-door waf-policy rule create

Create a WAF policy custom rule. Use --defer and add a rule match-condition.

Extension GA
az network front-door waf-policy rule delete

Delete a WAF policy custom rule.

Extension GA
az network front-door waf-policy rule list

List WAF policy custom rules.

Extension GA
az network front-door waf-policy rule match-condition

Alter match-conditions associated with a WAF policy custom rule.

Extension GA
az network front-door waf-policy rule match-condition add

Add a match-condition to a WAF policy custom rule.

Extension GA
az network front-door waf-policy rule match-condition list

Show all match-conditions associated with a WAF policy custom rule.

Extension GA
az network front-door waf-policy rule match-condition remove

Remove a match-condition from a WAF policy custom rule.

Extension GA
az network front-door waf-policy rule show

Get the details of a WAF policy custom rule.

Extension GA
az network front-door waf-policy rule update

Alter the details of a WAF policy custom rule.

Extension GA

az network front-door waf-policy rule create

Create a WAF policy custom rule. Use --defer and add a rule match-condition.

az network front-door waf-policy rule create --action {Allow, AnomalyScoring, Block, JSChallenge, Log, Redirect}
                                             --name
                                             --policy-name
                                             --priority
                                             --resource-group
                                             --rule-type {MatchRule, RateLimitRule}
                                             [--defer]
                                             [--disabled {false, true}]
                                             [--rate-limit-duration]
                                             [--rate-limit-threshold]

Required Parameters

--action

Rule action.

Accepted values: Allow, AnomalyScoring, Block, JSChallenge, Log, Redirect
--name -n

Name of the custom rule.

--policy-name

Name of the WAF policy. Name must begin with a letter and contain only letters and numbers.

--priority

Priority of the rule.

--resource-group -g

Name of resource group. You can configure the default group using az configure --defaults group=<name>.

--rule-type

Type of rule.

Accepted values: MatchRule, RateLimitRule

Optional Parameters

--defer

Temporarily store the object in the local cache instead of sending to Azure. Use az cache commands to view/clear.

--disabled

Whether to disable the rule.

Accepted values: false, true
--rate-limit-duration

Rate limit duration in minutes.

--rate-limit-threshold

Rate limit threshold.

Global Parameters
--debug

Increase logging verbosity to show all debug logs.

--help -h

Show this help message and exit.

--only-show-errors

Only show errors, suppressing warnings.

--output -o

Output format.

Accepted values: json, jsonc, none, table, tsv, yaml, yamlc
Default value: json
--query

JMESPath query string. See http://jmespath.org/ for more information and examples.

--subscription

Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.

--verbose

Increase logging verbosity. Use --debug for full debug logs.

az network front-door waf-policy rule delete

Delete a WAF policy custom rule.

az network front-door waf-policy rule delete [--defer]
                                             [--ids]
                                             [--name]
                                             [--policy-name]
                                             [--resource-group]
                                             [--subscription]

Optional Parameters

--defer

Temporarily store the object in the local cache instead of sending to Azure. Use az cache commands to view/clear.

--ids

One or more resource IDs (space-delimited). It should be a complete resource ID containing all information of 'Resource Id' arguments. You should provide either --ids or other 'Resource Id' arguments.

--name -n

Name of the custom rule.

--policy-name

Name of the WAF policy. Name must begin with a letter and contain only letters and numbers.

--resource-group -g

Name of resource group. You can configure the default group using az configure --defaults group=<name>.

--subscription

Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.

Global Parameters
--debug

Increase logging verbosity to show all debug logs.

--help -h

Show this help message and exit.

--only-show-errors

Only show errors, suppressing warnings.

--output -o

Output format.

Accepted values: json, jsonc, none, table, tsv, yaml, yamlc
Default value: json
--query

JMESPath query string. See http://jmespath.org/ for more information and examples.

--subscription

Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.

--verbose

Increase logging verbosity. Use --debug for full debug logs.

az network front-door waf-policy rule list

List WAF policy custom rules.

az network front-door waf-policy rule list --policy-name
                                           --resource-group
                                           [--defer]

Required Parameters

--policy-name

Name of the WAF policy. Name must begin with a letter and contain only letters and numbers.

--resource-group -g

Name of resource group. You can configure the default group using az configure --defaults group=<name>.

Optional Parameters

--defer

Temporarily store the object in the local cache instead of sending to Azure. Use az cache commands to view/clear.

Global Parameters
--debug

Increase logging verbosity to show all debug logs.

--help -h

Show this help message and exit.

--only-show-errors

Only show errors, suppressing warnings.

--output -o

Output format.

Accepted values: json, jsonc, none, table, tsv, yaml, yamlc
Default value: json
--query

JMESPath query string. See http://jmespath.org/ for more information and examples.

--subscription

Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.

--verbose

Increase logging verbosity. Use --debug for full debug logs.

az network front-door waf-policy rule show

Get the details of a WAF policy custom rule.

az network front-door waf-policy rule show [--defer]
                                           [--ids]
                                           [--name]
                                           [--policy-name]
                                           [--resource-group]
                                           [--subscription]

Optional Parameters

--defer

Temporarily store the object in the local cache instead of sending to Azure. Use az cache commands to view/clear.

--ids

One or more resource IDs (space-delimited). It should be a complete resource ID containing all information of 'Resource Id' arguments. You should provide either --ids or other 'Resource Id' arguments.

--name -n

Name of the custom rule.

--policy-name

Name of the WAF policy. Name must begin with a letter and contain only letters and numbers.

--resource-group -g

Name of resource group. You can configure the default group using az configure --defaults group=<name>.

--subscription

Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.

Global Parameters
--debug

Increase logging verbosity to show all debug logs.

--help -h

Show this help message and exit.

--only-show-errors

Only show errors, suppressing warnings.

--output -o

Output format.

Accepted values: json, jsonc, none, table, tsv, yaml, yamlc
Default value: json
--query

JMESPath query string. See http://jmespath.org/ for more information and examples.

--subscription

Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.

--verbose

Increase logging verbosity. Use --debug for full debug logs.

az network front-door waf-policy rule update

Alter the details of a WAF policy custom rule.

az network front-door waf-policy rule update [--action {Allow, AnomalyScoring, Block, JSChallenge, Log, Redirect}]
                                             [--defer]
                                             [--disabled {false, true}]
                                             [--ids]
                                             [--name]
                                             [--policy-name]
                                             [--priority]
                                             [--rate-limit-duration]
                                             [--rate-limit-threshold]
                                             [--resource-group]
                                             [--subscription]

Optional Parameters

--action

Rule action.

Accepted values: Allow, AnomalyScoring, Block, JSChallenge, Log, Redirect
--defer

Temporarily store the object in the local cache instead of sending to Azure. Use az cache commands to view/clear.

--disabled

Whether to disable the rule.

Accepted values: false, true
--ids

One or more resource IDs (space-delimited). It should be a complete resource ID containing all information of 'Resource Id' arguments. You should provide either --ids or other 'Resource Id' arguments.

--name -n

Name of the custom rule.

--policy-name

Name of the WAF policy. Name must begin with a letter and contain only letters and numbers.

--priority

Priority of the rule.

--rate-limit-duration

Rate limit duration in minutes.

--rate-limit-threshold

Rate limit threshold.

--resource-group -g

Name of resource group. You can configure the default group using az configure --defaults group=<name>.

--subscription

Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.

Global Parameters
--debug

Increase logging verbosity to show all debug logs.

--help -h

Show this help message and exit.

--only-show-errors

Only show errors, suppressing warnings.

--output -o

Output format.

Accepted values: json, jsonc, none, table, tsv, yaml, yamlc
Default value: json
--query

JMESPath query string. See http://jmespath.org/ for more information and examples.

--subscription

Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.

--verbose

Increase logging verbosity. Use --debug for full debug logs.