Docs Home
Oracle Cloud Infrastructure v2.28.0 published on Thursday, Mar 27, 2025 by Pulumi
oci.Waas.getProtectionRules
Explore with Pulumi AI
This data source provides the list of Protection Rules in Oracle Cloud Infrastructure Web Application Acceleration and Security service.
Gets the list of available protection rules for a WAAS policy. Use the GetWafConfig operation to view a list of currently configured protection rules for the Web Application Firewall, or use the ListRecommendations operation to get a list of recommended protection rules for the Web Application Firewall.
The list is sorted by key, in ascending order.
Example Usage
import * as pulumi from "@pulumi/pulumi";
import * as oci from "@pulumi/oci";
const testProtectionRules = oci.Waas.getProtectionRules({
waasPolicyId: testWaasPolicy.id,
actions: protectionRuleAction,
modSecurityRuleIds: testRule.id,
});
import pulumi
import pulumi_oci as oci
test_protection_rules = oci.Waas.get_protection_rules(waas_policy_id=test_waas_policy["id"],
actions=protection_rule_action,
mod_security_rule_ids=test_rule["id"])
package main
import (
"github.com/pulumi/pulumi-oci/sdk/v2/go/oci/waas"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := waas.GetProtectionRules(ctx, &waas.GetProtectionRulesArgs{
WaasPolicyId: testWaasPolicy.Id,
Actions: protectionRuleAction,
ModSecurityRuleIds: testRule.Id,
}, nil)
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Oci = Pulumi.Oci;
return await Deployment.RunAsync(() =>
{
var testProtectionRules = Oci.Waas.GetProtectionRules.Invoke(new()
{
WaasPolicyId = testWaasPolicy.Id,
Actions = protectionRuleAction,
ModSecurityRuleIds = testRule.Id,
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.oci.Waas.WaasFunctions;
import com.pulumi.oci.Waas.inputs.GetProtectionRulesArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
final var testProtectionRules = WaasFunctions.getProtectionRules(GetProtectionRulesArgs.builder()
.waasPolicyId(testWaasPolicy.id())
.actions(protectionRuleAction)
.modSecurityRuleIds(testRule.id())
.build());
}
}
variables:
testProtectionRules:
fn::invoke:
function: oci:Waas:getProtectionRules
arguments:
waasPolicyId: ${testWaasPolicy.id}
actions: ${protectionRuleAction}
modSecurityRuleIds: ${testRule.id}
Using getProtectionRules
Two invocation forms are available. The direct form accepts plain arguments and either blocks until the result value is available, or returns a Promise-wrapped result. The output form accepts Input-wrapped arguments and returns an Output-wrapped result.
function getProtectionRules(args: GetProtectionRulesArgs, opts?: InvokeOptions): Promise<GetProtectionRulesResult>
function getProtectionRulesOutput(args: GetProtectionRulesOutputArgs, opts?: InvokeOptions): Output<GetProtectionRulesResult>def get_protection_rules(actions: Optional[Sequence[str]] = None,
filters: Optional[Sequence[_waas.GetProtectionRulesFilter]] = None,
mod_security_rule_ids: Optional[Sequence[str]] = None,
waas_policy_id: Optional[str] = None,
opts: Optional[InvokeOptions] = None) -> GetProtectionRulesResult
def get_protection_rules_output(actions: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
filters: Optional[pulumi.Input[Sequence[pulumi.Input[_waas.GetProtectionRulesFilterArgs]]]] = None,
mod_security_rule_ids: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
waas_policy_id: Optional[pulumi.Input[str]] = None,
opts: Optional[InvokeOptions] = None) -> Output[GetProtectionRulesResult]func GetProtectionRules(ctx *Context, args *GetProtectionRulesArgs, opts ...InvokeOption) (*GetProtectionRulesResult, error)
func GetProtectionRulesOutput(ctx *Context, args *GetProtectionRulesOutputArgs, opts ...InvokeOption) GetProtectionRulesResultOutput> Note: This function is named GetProtectionRules in the Go SDK.
public static class GetProtectionRules
{
public static Task<GetProtectionRulesResult> InvokeAsync(GetProtectionRulesArgs args, InvokeOptions? opts = null)
public static Output<GetProtectionRulesResult> Invoke(GetProtectionRulesInvokeArgs args, InvokeOptions? opts = null)
}public static CompletableFuture<GetProtectionRulesResult> getProtectionRules(GetProtectionRulesArgs args, InvokeOptions options)
public static Output<GetProtectionRulesResult> getProtectionRules(GetProtectionRulesArgs args, InvokeOptions options)
fn::invoke:
function: oci:Waas/getProtectionRules:getProtectionRules
arguments:
# arguments dictionaryThe following arguments are supported:
- Waas
Policy Id This property is required. string - The OCID of the WAAS policy.
- Actions List<string>
- Filter rules using a list of actions.
- Filters
Changes to this property will trigger replacement.Protection Rules Filter> - Mod
Security List<string>Rule Ids - Filter rules using a list of ModSecurity rule IDs.
- Waas
Policy Id This property is required. string - The OCID of the WAAS policy.
- Actions []string
- Filter rules using a list of actions.
- Filters
Protection Rules Filter - Mod
Security []stringRule Ids - Filter rules using a list of ModSecurity rule IDs.
- waas
Policy Id This property is required. String - The OCID of the WAAS policy.
- actions List<String>
- Filter rules using a list of actions.
- filters
Protection Rules Filter> - mod
Security List<String>Rule Ids - Filter rules using a list of ModSecurity rule IDs.
- waas
Policy Id This property is required. string - The OCID of the WAAS policy.
- actions string[]
- Filter rules using a list of actions.
- filters
Protection Rules Filter[] - mod
Security string[]Rule Ids - Filter rules using a list of ModSecurity rule IDs.
- waas_
policy_ id This property is required. str - The OCID of the WAAS policy.
- actions Sequence[str]
- Filter rules using a list of actions.
- filters
Get Protection Rules Filter] - mod_
security_ Sequence[str]rule_ ids - Filter rules using a list of ModSecurity rule IDs.
- waas
Policy Id This property is required. String - The OCID of the WAAS policy.
- actions List<String>
- Filter rules using a list of actions.
- filters
- mod
Security List<String>Rule Ids - Filter rules using a list of ModSecurity rule IDs.
getProtectionRules Result
The following output properties are available:
- Id string
- The provider-assigned unique ID for this managed resource.
- Protection
Rules List<GetProtection Rules Protection Rule> - The list of protection_rules.
- Waas
Policy stringId - Actions List<string>
- The action to take when the traffic is detected as malicious. If unspecified, defaults to
OFF. - Filters
List<Get
Protection Rules Filter> - Mod
Security List<string>Rule Ids
- Id string
- The provider-assigned unique ID for this managed resource.
- Protection
Rules []GetProtection Rules Protection Rule - The list of protection_rules.
- Waas
Policy stringId - Actions []string
- The action to take when the traffic is detected as malicious. If unspecified, defaults to
OFF. - Filters
[]Get
Protection Rules Filter - Mod
Security []stringRule Ids
- id String
- The provider-assigned unique ID for this managed resource.
- protection
Rules List<GetProtection Rules Protection Rule> - The list of protection_rules.
- waas
Policy StringId - actions List<String>
- The action to take when the traffic is detected as malicious. If unspecified, defaults to
OFF. - filters
List<Get
Protection Rules Filter> - mod
Security List<String>Rule Ids
- id string
- The provider-assigned unique ID for this managed resource.
- protection
Rules GetProtection Rules Protection Rule[] - The list of protection_rules.
- waas
Policy stringId - actions string[]
- The action to take when the traffic is detected as malicious. If unspecified, defaults to
OFF. - filters
Get
Protection Rules Filter[] - mod
Security string[]Rule Ids
- id str
- The provider-assigned unique ID for this managed resource.
- protection_
rules Sequence[waas.Get Protection Rules Protection Rule] - The list of protection_rules.
- waas_
policy_ strid - actions Sequence[str]
- The action to take when the traffic is detected as malicious. If unspecified, defaults to
OFF. - filters
Sequence[waas.
Get Protection Rules Filter] - mod_
security_ Sequence[str]rule_ ids
- id String
- The provider-assigned unique ID for this managed resource.
- protection
Rules List<Property Map> - The list of protection_rules.
- waas
Policy StringId - actions List<String>
- The action to take when the traffic is detected as malicious. If unspecified, defaults to
OFF. - filters List<Property Map>
- mod
Security List<String>Rule Ids
Supporting Types
GetProtectionRulesFilter
GetProtectionRulesProtectionRule
- Action
This property is required. string - Filter rules using a list of actions.
- Description
This property is required. string - The description of the protection rule.
- Exclusions
This property is required. List<GetProtection Rules Protection Rule Exclusion> - An array of The target property of a request that would allow it to bypass the protection rule. For example, when
targetisREQUEST_COOKIE_NAMES, the list may include names of cookies to exclude from the protection rule. When the target isARGS, the list may include strings of URL query parameters and values from form-urlencoded XML, JSON, AMP, or POST payloads to exclude from the protection rule.Exclusionsproperties must not contain whitespace, comma or |. Note: If protection rules have been enabled that utilize themaxArgumentCountormaxTotalNameLengthOfArgumentsproperties, and thetargetproperty has been set toARGS, it is important that theexclusionsproperties be defined to honor those protection rule settings in a consistent manner. - Key
This property is required. string - The unique key of the protection rule.
- Labels
This property is required. List<string> - The list of labels for the protection rule.
- Mod
Security Rule Ids This property is required. List<string> - The list of the ModSecurity rule IDs that apply to this protection rule. For more information about ModSecurity's open source WAF rules, see Mod Security's documentation.
- Name
This property is required. string - The name of the protection rule.
- Waas
Policy Id This property is required. string - The OCID of the WAAS policy.
- Action
This property is required. string - Filter rules using a list of actions.
- Description
This property is required. string - The description of the protection rule.
- Exclusions
This property is required. []GetProtection Rules Protection Rule Exclusion - An array of The target property of a request that would allow it to bypass the protection rule. For example, when
targetisREQUEST_COOKIE_NAMES, the list may include names of cookies to exclude from the protection rule. When the target isARGS, the list may include strings of URL query parameters and values from form-urlencoded XML, JSON, AMP, or POST payloads to exclude from the protection rule.Exclusionsproperties must not contain whitespace, comma or |. Note: If protection rules have been enabled that utilize themaxArgumentCountormaxTotalNameLengthOfArgumentsproperties, and thetargetproperty has been set toARGS, it is important that theexclusionsproperties be defined to honor those protection rule settings in a consistent manner. - Key
This property is required. string - The unique key of the protection rule.
- Labels
This property is required. []string - The list of labels for the protection rule.
- Mod
Security Rule Ids This property is required. []string - The list of the ModSecurity rule IDs that apply to this protection rule. For more information about ModSecurity's open source WAF rules, see Mod Security's documentation.
- Name
This property is required. string - The name of the protection rule.
- Waas
Policy Id This property is required. string - The OCID of the WAAS policy.
- action
This property is required. String - Filter rules using a list of actions.
- description
This property is required. String - The description of the protection rule.
- exclusions
This property is required. List<GetProtection Rules Protection Rule Exclusion> - An array of The target property of a request that would allow it to bypass the protection rule. For example, when
targetisREQUEST_COOKIE_NAMES, the list may include names of cookies to exclude from the protection rule. When the target isARGS, the list may include strings of URL query parameters and values from form-urlencoded XML, JSON, AMP, or POST payloads to exclude from the protection rule.Exclusionsproperties must not contain whitespace, comma or |. Note: If protection rules have been enabled that utilize themaxArgumentCountormaxTotalNameLengthOfArgumentsproperties, and thetargetproperty has been set toARGS, it is important that theexclusionsproperties be defined to honor those protection rule settings in a consistent manner. - key
This property is required. String - The unique key of the protection rule.
- labels
This property is required. List<String> - The list of labels for the protection rule.
- mod
Security Rule Ids This property is required. List<String> - The list of the ModSecurity rule IDs that apply to this protection rule. For more information about ModSecurity's open source WAF rules, see Mod Security's documentation.
- name
This property is required. String - The name of the protection rule.
- waas
Policy Id This property is required. String - The OCID of the WAAS policy.
- action
This property is required. string - Filter rules using a list of actions.
- description
This property is required. string - The description of the protection rule.
- exclusions
This property is required. GetProtection Rules Protection Rule Exclusion[] - An array of The target property of a request that would allow it to bypass the protection rule. For example, when
targetisREQUEST_COOKIE_NAMES, the list may include names of cookies to exclude from the protection rule. When the target isARGS, the list may include strings of URL query parameters and values from form-urlencoded XML, JSON, AMP, or POST payloads to exclude from the protection rule.Exclusionsproperties must not contain whitespace, comma or |. Note: If protection rules have been enabled that utilize themaxArgumentCountormaxTotalNameLengthOfArgumentsproperties, and thetargetproperty has been set toARGS, it is important that theexclusionsproperties be defined to honor those protection rule settings in a consistent manner. - key
This property is required. string - The unique key of the protection rule.
- labels
This property is required. string[] - The list of labels for the protection rule.
- mod
Security Rule Ids This property is required. string[] - The list of the ModSecurity rule IDs that apply to this protection rule. For more information about ModSecurity's open source WAF rules, see Mod Security's documentation.
- name
This property is required. string - The name of the protection rule.
- waas
Policy Id This property is required. string - The OCID of the WAAS policy.
- action
This property is required. str - Filter rules using a list of actions.
- description
This property is required. str - The description of the protection rule.
- exclusions
This property is required. Sequence[waas.Get Protection Rules Protection Rule Exclusion] - An array of The target property of a request that would allow it to bypass the protection rule. For example, when
targetisREQUEST_COOKIE_NAMES, the list may include names of cookies to exclude from the protection rule. When the target isARGS, the list may include strings of URL query parameters and values from form-urlencoded XML, JSON, AMP, or POST payloads to exclude from the protection rule.Exclusionsproperties must not contain whitespace, comma or |. Note: If protection rules have been enabled that utilize themaxArgumentCountormaxTotalNameLengthOfArgumentsproperties, and thetargetproperty has been set toARGS, it is important that theexclusionsproperties be defined to honor those protection rule settings in a consistent manner. - key
This property is required. str - The unique key of the protection rule.
- labels
This property is required. Sequence[str] - The list of labels for the protection rule.
- mod_
security_ rule_ ids This property is required. Sequence[str] - The list of the ModSecurity rule IDs that apply to this protection rule. For more information about ModSecurity's open source WAF rules, see Mod Security's documentation.
- name
This property is required. str - The name of the protection rule.
- waas_
policy_ id This property is required. str - The OCID of the WAAS policy.
- action
This property is required. String - Filter rules using a list of actions.
- description
This property is required. String - The description of the protection rule.
- exclusions
This property is required. List<Property Map> - An array of The target property of a request that would allow it to bypass the protection rule. For example, when
targetisREQUEST_COOKIE_NAMES, the list may include names of cookies to exclude from the protection rule. When the target isARGS, the list may include strings of URL query parameters and values from form-urlencoded XML, JSON, AMP, or POST payloads to exclude from the protection rule.Exclusionsproperties must not contain whitespace, comma or |. Note: If protection rules have been enabled that utilize themaxArgumentCountormaxTotalNameLengthOfArgumentsproperties, and thetargetproperty has been set toARGS, it is important that theexclusionsproperties be defined to honor those protection rule settings in a consistent manner. - key
This property is required. String - The unique key of the protection rule.
- labels
This property is required. List<String> - The list of labels for the protection rule.
- mod
Security Rule Ids This property is required. List<String> - The list of the ModSecurity rule IDs that apply to this protection rule. For more information about ModSecurity's open source WAF rules, see Mod Security's documentation.
- name
This property is required. String - The name of the protection rule.
- waas
Policy Id This property is required. String - The OCID of the WAAS policy.
GetProtectionRulesProtectionRuleExclusion
- Exclusions
This property is required. List<string> - An array of The target property of a request that would allow it to bypass the protection rule. For example, when
targetisREQUEST_COOKIE_NAMES, the list may include names of cookies to exclude from the protection rule. When the target isARGS, the list may include strings of URL query parameters and values from form-urlencoded XML, JSON, AMP, or POST payloads to exclude from the protection rule.Exclusionsproperties must not contain whitespace, comma or |. Note: If protection rules have been enabled that utilize themaxArgumentCountormaxTotalNameLengthOfArgumentsproperties, and thetargetproperty has been set toARGS, it is important that theexclusionsproperties be defined to honor those protection rule settings in a consistent manner. - Target
This property is required. string - The target of the exclusion.
- Exclusions
This property is required. []string - An array of The target property of a request that would allow it to bypass the protection rule. For example, when
targetisREQUEST_COOKIE_NAMES, the list may include names of cookies to exclude from the protection rule. When the target isARGS, the list may include strings of URL query parameters and values from form-urlencoded XML, JSON, AMP, or POST payloads to exclude from the protection rule.Exclusionsproperties must not contain whitespace, comma or |. Note: If protection rules have been enabled that utilize themaxArgumentCountormaxTotalNameLengthOfArgumentsproperties, and thetargetproperty has been set toARGS, it is important that theexclusionsproperties be defined to honor those protection rule settings in a consistent manner. - Target
This property is required. string - The target of the exclusion.
- exclusions
This property is required. List<String> - An array of The target property of a request that would allow it to bypass the protection rule. For example, when
targetisREQUEST_COOKIE_NAMES, the list may include names of cookies to exclude from the protection rule. When the target isARGS, the list may include strings of URL query parameters and values from form-urlencoded XML, JSON, AMP, or POST payloads to exclude from the protection rule.Exclusionsproperties must not contain whitespace, comma or |. Note: If protection rules have been enabled that utilize themaxArgumentCountormaxTotalNameLengthOfArgumentsproperties, and thetargetproperty has been set toARGS, it is important that theexclusionsproperties be defined to honor those protection rule settings in a consistent manner. - target
This property is required. String - The target of the exclusion.
- exclusions
This property is required. string[] - An array of The target property of a request that would allow it to bypass the protection rule. For example, when
targetisREQUEST_COOKIE_NAMES, the list may include names of cookies to exclude from the protection rule. When the target isARGS, the list may include strings of URL query parameters and values from form-urlencoded XML, JSON, AMP, or POST payloads to exclude from the protection rule.Exclusionsproperties must not contain whitespace, comma or |. Note: If protection rules have been enabled that utilize themaxArgumentCountormaxTotalNameLengthOfArgumentsproperties, and thetargetproperty has been set toARGS, it is important that theexclusionsproperties be defined to honor those protection rule settings in a consistent manner. - target
This property is required. string - The target of the exclusion.
- exclusions
This property is required. Sequence[str] - An array of The target property of a request that would allow it to bypass the protection rule. For example, when
targetisREQUEST_COOKIE_NAMES, the list may include names of cookies to exclude from the protection rule. When the target isARGS, the list may include strings of URL query parameters and values from form-urlencoded XML, JSON, AMP, or POST payloads to exclude from the protection rule.Exclusionsproperties must not contain whitespace, comma or |. Note: If protection rules have been enabled that utilize themaxArgumentCountormaxTotalNameLengthOfArgumentsproperties, and thetargetproperty has been set toARGS, it is important that theexclusionsproperties be defined to honor those protection rule settings in a consistent manner. - target
This property is required. str - The target of the exclusion.
- exclusions
This property is required. List<String> - An array of The target property of a request that would allow it to bypass the protection rule. For example, when
targetisREQUEST_COOKIE_NAMES, the list may include names of cookies to exclude from the protection rule. When the target isARGS, the list may include strings of URL query parameters and values from form-urlencoded XML, JSON, AMP, or POST payloads to exclude from the protection rule.Exclusionsproperties must not contain whitespace, comma or |. Note: If protection rules have been enabled that utilize themaxArgumentCountormaxTotalNameLengthOfArgumentsproperties, and thetargetproperty has been set toARGS, it is important that theexclusionsproperties be defined to honor those protection rule settings in a consistent manner. - target
This property is required. String - The target of the exclusion.
Package Details
- Repository
- oci pulumi/pulumi-oci
- License
- Apache-2.0
- Notes
- This Pulumi package is based on the
ociTerraform Provider.