avm-res-network-frontdoorwebapplicationfirewallpolicy
Azure/avm-res-network-frontdoorwebapplicationfirewallpolicy/azurerm
Front Door Web Application Firewall (WAF) Policy
terraform-azurerm-avm-res-network-frontdoorwebapplicationfirewallpolicy Description This Terraform module creates an Azure CDN Front Door Web Application Firewall (WAF) policy with customizable settings. It allows you to define both managed and custom rules to enhance the security of your Azure Front Door service. > [!IMPORTANT] > As the overall AVM framework is not GA (generally available) yet - the CI framework and test automation is not fully functional and implemented across all supported languages yet - breaking changes are expected, and additional customer feedback is yet to be gathered and incorporated. Hence, modules MUST NOT be published at version 1.0.0 or higher at this time. > > All module MUST be published as a pre-release version (e.g., 0.1.0, 0.1.1, 0.2.0, etc.) until the AV
| Name | Type | Description | Default |
|---|---|---|---|
| sku_name | string | SKU name of the WAF Policy. Possible values are 'Standard_AzureFrontDoor' and 'P | |
| mode | string | The mode of the WAF Policy. Possible values are 'Detection' and 'Prevention'. | |
| name | string | The name of the this resource. | |
| resource_group_name | string | The resource group where the resources will be deployed. | |
| enable_telemetry | bool | This variable controls whether or not telemetry is enabled for the module. For m | true |
| managed_rules | list(object({ type = st | The `managed_rules` variable is a list of managed rule configurations for Azure | [
{
"action": "Block",
"type": |
| redirect_url | string | Optional. The redirect URL for the WAF Policy. | null |
| request_body_check_enabled | bool | Indicates whether to enable request body check. Default is true. | true |
| tags | map(string) | (Optional) Tags of the resource. | null |
| custom_block_response_body | string | Optional. The custom block response body. If the action type is block, customer | null |
| custom_block_response_status_code | number | Optional. Customer can override the response status code setting this varibale. | null |
| enabled | bool | Indicates whether the WAF Policy is enabled or disabled. Default is true. | true |
| role_assignments | map(object({ role_definiti | A map of role definitions and scopes to be assigned as part of this resources im | {} |
| custom_rules | list(object({ name | A list of custom rules to be applied to the WAF (Web Application Firewall) Polic | [] |
| lock | object({ kind = string | Controls the Resource Lock configuration for this resource. The following proper | null |
resource — This is the full output for the resource.resource_id — The ID of the WAF Policy.