Avi WafPolicy Object API
CLI ``` - configure wafpolicy - show wafpolicy - updatecrsrules virtualservice ```
Version: 22.1.5
BasePath:/api
All rights reserved
http://apache.org/licenses/LICENSE-2.0.html
Access
- HTTP Basic Authentication
[ Jump to Models ]
Table of Contents
get /wafpolicypost /wafpolicydelete /wafpolicy/{uuid}get /wafpolicy/{uuid}patch /wafpolicy/{uuid}put /wafpolicy/{uuid}put /wafpolicy/{uuid}/update-crs-rules
(wafpolicyGet)
Consumes
This API call consumes the following media types via the
Content-Type request header:
Query parameters
name (optional)
Query Parameter — object name
refers_to (optional)
Query Parameter — Filter to request all objects that refers to another Avi resource. Its syntax is refers_to=<obj_type>:<obj_uuid>. Eg. get all virtual services referring to pool p1 will be refers_to=pool:pool_p1_uuid
referred_by (optional)
Query Parameter — Filter to request all objects that are referred by another Avi resource. Its syntax is referred_by=<obj_type>:<obj_uuid>. Eg. get all pools referred_by virtual service vs1 - referred_by=virtualservice:vs_vs1_uuid
fields (optional)
Query Parameter — List of fields to be returned for the resource. Some fields like name, URL, uuid etc. are always returned.
include_name (optional)
Query Parameter — All the Avi REST reference URIs have a name suffix as URI#name. It is useful to get the referenced resource name without performing get on that object.
skip_default (optional)
Query Parameter — Default values are not set.
join_subresources (optional)
Query Parameter — It automatically returns additional dependent resources like runtime. Eg. join_subresources=runtime.
Return type
Example data
Content-Type: application/json
{
"next" : "aeiou",
"count" : 123,
"results" : [ {
"description" : "aeiou",
"updated_crs_rules_in_detection_mode" : true,
"allow_mode_delegation" : true,
"uuid" : "aeiou",
"bypass_static_extensions" : true,
"_last_modified" : "aeiou",
"allowlist" : {
"rules" : [ {
"enable" : true,
"sampling_percent" : 123,
"match" : {
"cookie" : {
"match_criteria" : "aeiou",
"name" : "aeiou",
"value" : "aeiou",
"match_case" : "aeiou"
},
"method" : {
"match_criteria" : "aeiou",
"methods" : [ "aeiou" ]
},
"host_hdr" : {
"match_criteria" : "aeiou",
"value" : [ "aeiou" ],
"match_case" : "aeiou"
},
"ip_reputation_type" : {
"reputation_types" : [ "aeiou" ],
"match_operation" : "aeiou"
},
"query" : {
"match_criteria" : "aeiou",
"string_group_refs" : [ "aeiou" ],
"match_decoded_string" : true,
"match_str" : [ "aeiou" ],
"match_case" : "aeiou"
},
"vs_port" : {
"match_criteria" : "aeiou",
"ports" : [ "" ]
},
"hdrs" : [ {
"match_criteria" : "aeiou",
"hdr" : "aeiou",
"value" : [ "aeiou" ],
"match_case" : "aeiou"
} ],
"version" : {
"match_criteria" : "aeiou",
"versions" : [ "aeiou" ]
},
"tls_fingerprint_match" : {
"match_operation" : "aeiou",
"string_group_refs" : [ "aeiou" ],
"fingerprints" : [ "aeiou" ]
},
"source_ip" : "",
"path" : {
"match_criteria" : "aeiou",
"string_group_refs" : [ "aeiou" ],
"match_decoded_string" : true,
"match_str" : [ "aeiou" ],
"match_case" : "aeiou"
},
"geo_matches" : [ {
"match_operation" : "aeiou",
"values" : [ "aeiou" ],
"attribute" : "aeiou"
} ],
"protocol" : {
"match_criteria" : "aeiou",
"protocols" : "aeiou"
},
"client_ip" : {
"group_refs" : [ "aeiou" ],
"match_criteria" : "aeiou",
"prefixes" : [ {
"ip_addr" : "",
"mask" : 123
} ],
"ranges" : [ {
"end" : "",
"begin" : ""
} ],
"addrs" : [ {
"addr" : "aeiou",
"type" : "aeiou"
} ]
},
"bot_detection_result" : {
"classifications" : [ {
"user_defined_type" : "aeiou",
"type" : "aeiou"
} ],
"match_operation" : "aeiou"
}
},
"name" : "aeiou",
"description" : "aeiou",
"index" : 123,
"actions" : [ "aeiou" ]
} ]
},
"mode" : "aeiou",
"geo_db_ref" : "aeiou",
"learning_params" : {
"enable_per_uri_learning" : true,
"min_hits_to_learn" : 123456789,
"max_uris" : 123,
"update_interval" : 123,
"sampling_percent" : 123,
"learn_from_authenticated_clients_only" : true,
"max_params" : 123,
"trusted_ipgroup_ref" : "aeiou"
},
"configpb_attributes" : {
"version" : 123
},
"post_crs_groups" : [ {
"enable" : true,
"name" : "aeiou",
"index" : 123,
"rules" : [ "" ],
"exclude_list" : [ "" ]
} ],
"min_confidence" : "aeiou",
"required_data_files" : [ {
"name" : "aeiou",
"type" : "aeiou"
} ],
"auto_update_crs" : true,
"crs_overrides" : [ {
"mode" : "aeiou",
"enable" : true,
"name" : "aeiou",
"rule_overrides" : [ "" ],
"exclude_list" : [ "" ]
} ],
"waf_crs_ref" : "aeiou",
"failure_mode" : "aeiou",
"waf_profile_ref" : "aeiou",
"positive_security_model" : {
"group_refs" : [ "aeiou" ]
},
"pre_crs_groups" : [ "" ],
"enable_auto_rule_updates" : true,
"application_signatures" : {
"resolved_rules" : [ {
"mode" : "aeiou",
"phase" : "aeiou",
"rule_id" : "aeiou",
"enable" : true,
"is_sensitive" : true,
"name" : "aeiou",
"index" : 123,
"rule" : "aeiou",
"exclude_list" : [ {
"client_subnet" : "",
"match_element" : "aeiou",
"uri_path" : "aeiou",
"uri_match_criteria" : "",
"match_element_criteria" : {
"match_op" : "aeiou",
"match_case" : "aeiou"
},
"description" : "aeiou"
} ],
"paranoia_level" : "aeiou",
"tags" : [ "aeiou" ]
} ],
"ruleset_version" : "aeiou",
"rule_overrides" : [ {
"mode" : "aeiou",
"rule_id" : "aeiou",
"enable" : true,
"exclude_list" : [ "" ]
} ],
"provider_ref" : "aeiou",
"selected_applications" : [ "aeiou" ]
},
"created_by" : "aeiou",
"confidence_override" : {
"confid_probable_value" : 123,
"confid_low_value" : 123,
"confid_very_high_value" : 123,
"confid_high_value" : 123
},
"url" : "aeiou",
"enable_regex_learning" : true,
"tenant_ref" : "aeiou",
"name" : "aeiou",
"markers" : [ {
"values" : [ "aeiou" ],
"key" : "aeiou"
} ],
"enable_app_learning" : true,
"paranoia_level" : "aeiou"
} ]
}
Produces
This API call produces the following media types according to the request header;
the media type will be conveyed by the
Content-Type response header.
Responses
200
OK
WafPolicyApiResponse
401
log in failed
(wafpolicyPost)
Consumes
This API call consumes the following media types via the
Content-Type request header:
Request body
body (required)
Body Parameter — WafPolicy object creation
Return type
Example data
Content-Type: application/json
{
"description" : "aeiou",
"updated_crs_rules_in_detection_mode" : true,
"allow_mode_delegation" : true,
"uuid" : "aeiou",
"bypass_static_extensions" : true,
"_last_modified" : "aeiou",
"allowlist" : {
"rules" : [ {
"enable" : true,
"sampling_percent" : 123,
"match" : {
"cookie" : {
"match_criteria" : "aeiou",
"name" : "aeiou",
"value" : "aeiou",
"match_case" : "aeiou"
},
"method" : {
"match_criteria" : "aeiou",
"methods" : [ "aeiou" ]
},
"host_hdr" : {
"match_criteria" : "aeiou",
"value" : [ "aeiou" ],
"match_case" : "aeiou"
},
"ip_reputation_type" : {
"reputation_types" : [ "aeiou" ],
"match_operation" : "aeiou"
},
"query" : {
"match_criteria" : "aeiou",
"string_group_refs" : [ "aeiou" ],
"match_decoded_string" : true,
"match_str" : [ "aeiou" ],
"match_case" : "aeiou"
},
"vs_port" : {
"match_criteria" : "aeiou",
"ports" : [ "" ]
},
"hdrs" : [ {
"match_criteria" : "aeiou",
"hdr" : "aeiou",
"value" : [ "aeiou" ],
"match_case" : "aeiou"
} ],
"version" : {
"match_criteria" : "aeiou",
"versions" : [ "aeiou" ]
},
"tls_fingerprint_match" : {
"match_operation" : "aeiou",
"string_group_refs" : [ "aeiou" ],
"fingerprints" : [ "aeiou" ]
},
"source_ip" : "",
"path" : {
"match_criteria" : "aeiou",
"string_group_refs" : [ "aeiou" ],
"match_decoded_string" : true,
"match_str" : [ "aeiou" ],
"match_case" : "aeiou"
},
"geo_matches" : [ {
"match_operation" : "aeiou",
"values" : [ "aeiou" ],
"attribute" : "aeiou"
} ],
"protocol" : {
"match_criteria" : "aeiou",
"protocols" : "aeiou"
},
"client_ip" : {
"group_refs" : [ "aeiou" ],
"match_criteria" : "aeiou",
"prefixes" : [ {
"ip_addr" : "",
"mask" : 123
} ],
"ranges" : [ {
"end" : "",
"begin" : ""
} ],
"addrs" : [ {
"addr" : "aeiou",
"type" : "aeiou"
} ]
},
"bot_detection_result" : {
"classifications" : [ {
"user_defined_type" : "aeiou",
"type" : "aeiou"
} ],
"match_operation" : "aeiou"
}
},
"name" : "aeiou",
"description" : "aeiou",
"index" : 123,
"actions" : [ "aeiou" ]
} ]
},
"mode" : "aeiou",
"geo_db_ref" : "aeiou",
"learning_params" : {
"enable_per_uri_learning" : true,
"min_hits_to_learn" : 123456789,
"max_uris" : 123,
"update_interval" : 123,
"sampling_percent" : 123,
"learn_from_authenticated_clients_only" : true,
"max_params" : 123,
"trusted_ipgroup_ref" : "aeiou"
},
"configpb_attributes" : {
"version" : 123
},
"post_crs_groups" : [ {
"enable" : true,
"name" : "aeiou",
"index" : 123,
"rules" : [ "" ],
"exclude_list" : [ "" ]
} ],
"min_confidence" : "aeiou",
"required_data_files" : [ {
"name" : "aeiou",
"type" : "aeiou"
} ],
"auto_update_crs" : true,
"crs_overrides" : [ {
"mode" : "aeiou",
"enable" : true,
"name" : "aeiou",
"rule_overrides" : [ "" ],
"exclude_list" : [ "" ]
} ],
"waf_crs_ref" : "aeiou",
"failure_mode" : "aeiou",
"waf_profile_ref" : "aeiou",
"positive_security_model" : {
"group_refs" : [ "aeiou" ]
},
"pre_crs_groups" : [ "" ],
"enable_auto_rule_updates" : true,
"application_signatures" : {
"resolved_rules" : [ {
"mode" : "aeiou",
"phase" : "aeiou",
"rule_id" : "aeiou",
"enable" : true,
"is_sensitive" : true,
"name" : "aeiou",
"index" : 123,
"rule" : "aeiou",
"exclude_list" : [ {
"client_subnet" : "",
"match_element" : "aeiou",
"uri_path" : "aeiou",
"uri_match_criteria" : "",
"match_element_criteria" : {
"match_op" : "aeiou",
"match_case" : "aeiou"
},
"description" : "aeiou"
} ],
"paranoia_level" : "aeiou",
"tags" : [ "aeiou" ]
} ],
"ruleset_version" : "aeiou",
"rule_overrides" : [ {
"mode" : "aeiou",
"rule_id" : "aeiou",
"enable" : true,
"exclude_list" : [ "" ]
} ],
"provider_ref" : "aeiou",
"selected_applications" : [ "aeiou" ]
},
"created_by" : "aeiou",
"confidence_override" : {
"confid_probable_value" : 123,
"confid_low_value" : 123,
"confid_very_high_value" : 123,
"confid_high_value" : 123
},
"url" : "aeiou",
"enable_regex_learning" : true,
"tenant_ref" : "aeiou",
"name" : "aeiou",
"markers" : [ {
"values" : [ "aeiou" ],
"key" : "aeiou"
} ],
"enable_app_learning" : true,
"paranoia_level" : "aeiou"
}
Produces
This API call produces the following media types according to the request header;
the media type will be conveyed by the
Content-Type response header.
Responses
200
OK
WafPolicy
401
log in failed
Up
delete /wafpolicy/{uuid}
(wafpolicyUuidDelete)
Path parameters
uuid (required)
Path Parameter — UUID of the object to fetch
Consumes
This API call consumes the following media types via the
Content-Type request header:
Query parameters
name (optional)
Query Parameter — object name
Return type
String
Example data
Content-Type: application/json
"aeiou"
Produces
This API call produces the following media types according to the request header;
the media type will be conveyed by the
Content-Type response header.
Responses
204
object deleted
String
404
not found
(wafpolicyUuidGet)
Path parameters
uuid (required)
Path Parameter — UUID of the object to fetch
Consumes
This API call consumes the following media types via the
Content-Type request header:
Query parameters
name (optional)
Query Parameter — object name
fields (optional)
Query Parameter — List of fields to be returned for the resource. Some fields like name, URL, uuid etc. are always returned.
include_name (optional)
Query Parameter — All the Avi REST reference URIs have a name suffix as URI#name. It is useful to get the referenced resource name without performing get on that object.
skip_default (optional)
Query Parameter — Default values are not set.
join_subresources (optional)
Query Parameter — It automatically returns additional dependent resources like runtime. Eg. join_subresources=runtime.
Return type
Example data
Content-Type: application/json
{
"description" : "aeiou",
"updated_crs_rules_in_detection_mode" : true,
"allow_mode_delegation" : true,
"uuid" : "aeiou",
"bypass_static_extensions" : true,
"_last_modified" : "aeiou",
"allowlist" : {
"rules" : [ {
"enable" : true,
"sampling_percent" : 123,
"match" : {
"cookie" : {
"match_criteria" : "aeiou",
"name" : "aeiou",
"value" : "aeiou",
"match_case" : "aeiou"
},
"method" : {
"match_criteria" : "aeiou",
"methods" : [ "aeiou" ]
},
"host_hdr" : {
"match_criteria" : "aeiou",
"value" : [ "aeiou" ],
"match_case" : "aeiou"
},
"ip_reputation_type" : {
"reputation_types" : [ "aeiou" ],
"match_operation" : "aeiou"
},
"query" : {
"match_criteria" : "aeiou",
"string_group_refs" : [ "aeiou" ],
"match_decoded_string" : true,
"match_str" : [ "aeiou" ],
"match_case" : "aeiou"
},
"vs_port" : {
"match_criteria" : "aeiou",
"ports" : [ "" ]
},
"hdrs" : [ {
"match_criteria" : "aeiou",
"hdr" : "aeiou",
"value" : [ "aeiou" ],
"match_case" : "aeiou"
} ],
"version" : {
"match_criteria" : "aeiou",
"versions" : [ "aeiou" ]
},
"tls_fingerprint_match" : {
"match_operation" : "aeiou",
"string_group_refs" : [ "aeiou" ],
"fingerprints" : [ "aeiou" ]
},
"source_ip" : "",
"path" : {
"match_criteria" : "aeiou",
"string_group_refs" : [ "aeiou" ],
"match_decoded_string" : true,
"match_str" : [ "aeiou" ],
"match_case" : "aeiou"
},
"geo_matches" : [ {
"match_operation" : "aeiou",
"values" : [ "aeiou" ],
"attribute" : "aeiou"
} ],
"protocol" : {
"match_criteria" : "aeiou",
"protocols" : "aeiou"
},
"client_ip" : {
"group_refs" : [ "aeiou" ],
"match_criteria" : "aeiou",
"prefixes" : [ {
"ip_addr" : "",
"mask" : 123
} ],
"ranges" : [ {
"end" : "",
"begin" : ""
} ],
"addrs" : [ {
"addr" : "aeiou",
"type" : "aeiou"
} ]
},
"bot_detection_result" : {
"classifications" : [ {
"user_defined_type" : "aeiou",
"type" : "aeiou"
} ],
"match_operation" : "aeiou"
}
},
"name" : "aeiou",
"description" : "aeiou",
"index" : 123,
"actions" : [ "aeiou" ]
} ]
},
"mode" : "aeiou",
"geo_db_ref" : "aeiou",
"learning_params" : {
"enable_per_uri_learning" : true,
"min_hits_to_learn" : 123456789,
"max_uris" : 123,
"update_interval" : 123,
"sampling_percent" : 123,
"learn_from_authenticated_clients_only" : true,
"max_params" : 123,
"trusted_ipgroup_ref" : "aeiou"
},
"configpb_attributes" : {
"version" : 123
},
"post_crs_groups" : [ {
"enable" : true,
"name" : "aeiou",
"index" : 123,
"rules" : [ "" ],
"exclude_list" : [ "" ]
} ],
"min_confidence" : "aeiou",
"required_data_files" : [ {
"name" : "aeiou",
"type" : "aeiou"
} ],
"auto_update_crs" : true,
"crs_overrides" : [ {
"mode" : "aeiou",
"enable" : true,
"name" : "aeiou",
"rule_overrides" : [ "" ],
"exclude_list" : [ "" ]
} ],
"waf_crs_ref" : "aeiou",
"failure_mode" : "aeiou",
"waf_profile_ref" : "aeiou",
"positive_security_model" : {
"group_refs" : [ "aeiou" ]
},
"pre_crs_groups" : [ "" ],
"enable_auto_rule_updates" : true,
"application_signatures" : {
"resolved_rules" : [ {
"mode" : "aeiou",
"phase" : "aeiou",
"rule_id" : "aeiou",
"enable" : true,
"is_sensitive" : true,
"name" : "aeiou",
"index" : 123,
"rule" : "aeiou",
"exclude_list" : [ {
"client_subnet" : "",
"match_element" : "aeiou",
"uri_path" : "aeiou",
"uri_match_criteria" : "",
"match_element_criteria" : {
"match_op" : "aeiou",
"match_case" : "aeiou"
},
"description" : "aeiou"
} ],
"paranoia_level" : "aeiou",
"tags" : [ "aeiou" ]
} ],
"ruleset_version" : "aeiou",
"rule_overrides" : [ {
"mode" : "aeiou",
"rule_id" : "aeiou",
"enable" : true,
"exclude_list" : [ "" ]
} ],
"provider_ref" : "aeiou",
"selected_applications" : [ "aeiou" ]
},
"created_by" : "aeiou",
"confidence_override" : {
"confid_probable_value" : 123,
"confid_low_value" : 123,
"confid_very_high_value" : 123,
"confid_high_value" : 123
},
"url" : "aeiou",
"enable_regex_learning" : true,
"tenant_ref" : "aeiou",
"name" : "aeiou",
"markers" : [ {
"values" : [ "aeiou" ],
"key" : "aeiou"
} ],
"enable_app_learning" : true,
"paranoia_level" : "aeiou"
}
Produces
This API call produces the following media types according to the request header;
the media type will be conveyed by the
Content-Type response header.
Responses
200
OK
WafPolicy
401
log in failed
Up
patch /wafpolicy/{uuid}
(wafpolicyUuidPatch)
Path parameters
uuid (required)
Path Parameter — UUID of the object to fetch
Consumes
This API call consumes the following media types via the
Content-Type request header:
Request body
body (required)
Body Parameter — WafPolicy object creation
Query parameters
name (optional)
Query Parameter — object name
Return type
Example data
Content-Type: application/json
{
"description" : "aeiou",
"updated_crs_rules_in_detection_mode" : true,
"allow_mode_delegation" : true,
"uuid" : "aeiou",
"bypass_static_extensions" : true,
"_last_modified" : "aeiou",
"allowlist" : {
"rules" : [ {
"enable" : true,
"sampling_percent" : 123,
"match" : {
"cookie" : {
"match_criteria" : "aeiou",
"name" : "aeiou",
"value" : "aeiou",
"match_case" : "aeiou"
},
"method" : {
"match_criteria" : "aeiou",
"methods" : [ "aeiou" ]
},
"host_hdr" : {
"match_criteria" : "aeiou",
"value" : [ "aeiou" ],
"match_case" : "aeiou"
},
"ip_reputation_type" : {
"reputation_types" : [ "aeiou" ],
"match_operation" : "aeiou"
},
"query" : {
"match_criteria" : "aeiou",
"string_group_refs" : [ "aeiou" ],
"match_decoded_string" : true,
"match_str" : [ "aeiou" ],
"match_case" : "aeiou"
},
"vs_port" : {
"match_criteria" : "aeiou",
"ports" : [ "" ]
},
"hdrs" : [ {
"match_criteria" : "aeiou",
"hdr" : "aeiou",
"value" : [ "aeiou" ],
"match_case" : "aeiou"
} ],
"version" : {
"match_criteria" : "aeiou",
"versions" : [ "aeiou" ]
},
"tls_fingerprint_match" : {
"match_operation" : "aeiou",
"string_group_refs" : [ "aeiou" ],
"fingerprints" : [ "aeiou" ]
},
"source_ip" : "",
"path" : {
"match_criteria" : "aeiou",
"string_group_refs" : [ "aeiou" ],
"match_decoded_string" : true,
"match_str" : [ "aeiou" ],
"match_case" : "aeiou"
},
"geo_matches" : [ {
"match_operation" : "aeiou",
"values" : [ "aeiou" ],
"attribute" : "aeiou"
} ],
"protocol" : {
"match_criteria" : "aeiou",
"protocols" : "aeiou"
},
"client_ip" : {
"group_refs" : [ "aeiou" ],
"match_criteria" : "aeiou",
"prefixes" : [ {
"ip_addr" : "",
"mask" : 123
} ],
"ranges" : [ {
"end" : "",
"begin" : ""
} ],
"addrs" : [ {
"addr" : "aeiou",
"type" : "aeiou"
} ]
},
"bot_detection_result" : {
"classifications" : [ {
"user_defined_type" : "aeiou",
"type" : "aeiou"
} ],
"match_operation" : "aeiou"
}
},
"name" : "aeiou",
"description" : "aeiou",
"index" : 123,
"actions" : [ "aeiou" ]
} ]
},
"mode" : "aeiou",
"geo_db_ref" : "aeiou",
"learning_params" : {
"enable_per_uri_learning" : true,
"min_hits_to_learn" : 123456789,
"max_uris" : 123,
"update_interval" : 123,
"sampling_percent" : 123,
"learn_from_authenticated_clients_only" : true,
"max_params" : 123,
"trusted_ipgroup_ref" : "aeiou"
},
"configpb_attributes" : {
"version" : 123
},
"post_crs_groups" : [ {
"enable" : true,
"name" : "aeiou",
"index" : 123,
"rules" : [ "" ],
"exclude_list" : [ "" ]
} ],
"min_confidence" : "aeiou",
"required_data_files" : [ {
"name" : "aeiou",
"type" : "aeiou"
} ],
"auto_update_crs" : true,
"crs_overrides" : [ {
"mode" : "aeiou",
"enable" : true,
"name" : "aeiou",
"rule_overrides" : [ "" ],
"exclude_list" : [ "" ]
} ],
"waf_crs_ref" : "aeiou",
"failure_mode" : "aeiou",
"waf_profile_ref" : "aeiou",
"positive_security_model" : {
"group_refs" : [ "aeiou" ]
},
"pre_crs_groups" : [ "" ],
"enable_auto_rule_updates" : true,
"application_signatures" : {
"resolved_rules" : [ {
"mode" : "aeiou",
"phase" : "aeiou",
"rule_id" : "aeiou",
"enable" : true,
"is_sensitive" : true,
"name" : "aeiou",
"index" : 123,
"rule" : "aeiou",
"exclude_list" : [ {
"client_subnet" : "",
"match_element" : "aeiou",
"uri_path" : "aeiou",
"uri_match_criteria" : "",
"match_element_criteria" : {
"match_op" : "aeiou",
"match_case" : "aeiou"
},
"description" : "aeiou"
} ],
"paranoia_level" : "aeiou",
"tags" : [ "aeiou" ]
} ],
"ruleset_version" : "aeiou",
"rule_overrides" : [ {
"mode" : "aeiou",
"rule_id" : "aeiou",
"enable" : true,
"exclude_list" : [ "" ]
} ],
"provider_ref" : "aeiou",
"selected_applications" : [ "aeiou" ]
},
"created_by" : "aeiou",
"confidence_override" : {
"confid_probable_value" : 123,
"confid_low_value" : 123,
"confid_very_high_value" : 123,
"confid_high_value" : 123
},
"url" : "aeiou",
"enable_regex_learning" : true,
"tenant_ref" : "aeiou",
"name" : "aeiou",
"markers" : [ {
"values" : [ "aeiou" ],
"key" : "aeiou"
} ],
"enable_app_learning" : true,
"paranoia_level" : "aeiou"
}
Produces
This API call produces the following media types according to the request header;
the media type will be conveyed by the
Content-Type response header.
Responses
200
OK
WafPolicy
401
log in failed
(wafpolicyUuidPut)
Path parameters
uuid (required)
Path Parameter — UUID of the object to fetch
Consumes
This API call consumes the following media types via the
Content-Type request header:
Request body
body (required)
Body Parameter — WafPolicy object creation
Query parameters
name (optional)
Query Parameter — object name
Return type
Example data
Content-Type: application/json
{
"description" : "aeiou",
"updated_crs_rules_in_detection_mode" : true,
"allow_mode_delegation" : true,
"uuid" : "aeiou",
"bypass_static_extensions" : true,
"_last_modified" : "aeiou",
"allowlist" : {
"rules" : [ {
"enable" : true,
"sampling_percent" : 123,
"match" : {
"cookie" : {
"match_criteria" : "aeiou",
"name" : "aeiou",
"value" : "aeiou",
"match_case" : "aeiou"
},
"method" : {
"match_criteria" : "aeiou",
"methods" : [ "aeiou" ]
},
"host_hdr" : {
"match_criteria" : "aeiou",
"value" : [ "aeiou" ],
"match_case" : "aeiou"
},
"ip_reputation_type" : {
"reputation_types" : [ "aeiou" ],
"match_operation" : "aeiou"
},
"query" : {
"match_criteria" : "aeiou",
"string_group_refs" : [ "aeiou" ],
"match_decoded_string" : true,
"match_str" : [ "aeiou" ],
"match_case" : "aeiou"
},
"vs_port" : {
"match_criteria" : "aeiou",
"ports" : [ "" ]
},
"hdrs" : [ {
"match_criteria" : "aeiou",
"hdr" : "aeiou",
"value" : [ "aeiou" ],
"match_case" : "aeiou"
} ],
"version" : {
"match_criteria" : "aeiou",
"versions" : [ "aeiou" ]
},
"tls_fingerprint_match" : {
"match_operation" : "aeiou",
"string_group_refs" : [ "aeiou" ],
"fingerprints" : [ "aeiou" ]
},
"source_ip" : "",
"path" : {
"match_criteria" : "aeiou",
"string_group_refs" : [ "aeiou" ],
"match_decoded_string" : true,
"match_str" : [ "aeiou" ],
"match_case" : "aeiou"
},
"geo_matches" : [ {
"match_operation" : "aeiou",
"values" : [ "aeiou" ],
"attribute" : "aeiou"
} ],
"protocol" : {
"match_criteria" : "aeiou",
"protocols" : "aeiou"
},
"client_ip" : {
"group_refs" : [ "aeiou" ],
"match_criteria" : "aeiou",
"prefixes" : [ {
"ip_addr" : "",
"mask" : 123
} ],
"ranges" : [ {
"end" : "",
"begin" : ""
} ],
"addrs" : [ {
"addr" : "aeiou",
"type" : "aeiou"
} ]
},
"bot_detection_result" : {
"classifications" : [ {
"user_defined_type" : "aeiou",
"type" : "aeiou"
} ],
"match_operation" : "aeiou"
}
},
"name" : "aeiou",
"description" : "aeiou",
"index" : 123,
"actions" : [ "aeiou" ]
} ]
},
"mode" : "aeiou",
"geo_db_ref" : "aeiou",
"learning_params" : {
"enable_per_uri_learning" : true,
"min_hits_to_learn" : 123456789,
"max_uris" : 123,
"update_interval" : 123,
"sampling_percent" : 123,
"learn_from_authenticated_clients_only" : true,
"max_params" : 123,
"trusted_ipgroup_ref" : "aeiou"
},
"configpb_attributes" : {
"version" : 123
},
"post_crs_groups" : [ {
"enable" : true,
"name" : "aeiou",
"index" : 123,
"rules" : [ "" ],
"exclude_list" : [ "" ]
} ],
"min_confidence" : "aeiou",
"required_data_files" : [ {
"name" : "aeiou",
"type" : "aeiou"
} ],
"auto_update_crs" : true,
"crs_overrides" : [ {
"mode" : "aeiou",
"enable" : true,
"name" : "aeiou",
"rule_overrides" : [ "" ],
"exclude_list" : [ "" ]
} ],
"waf_crs_ref" : "aeiou",
"failure_mode" : "aeiou",
"waf_profile_ref" : "aeiou",
"positive_security_model" : {
"group_refs" : [ "aeiou" ]
},
"pre_crs_groups" : [ "" ],
"enable_auto_rule_updates" : true,
"application_signatures" : {
"resolved_rules" : [ {
"mode" : "aeiou",
"phase" : "aeiou",
"rule_id" : "aeiou",
"enable" : true,
"is_sensitive" : true,
"name" : "aeiou",
"index" : 123,
"rule" : "aeiou",
"exclude_list" : [ {
"client_subnet" : "",
"match_element" : "aeiou",
"uri_path" : "aeiou",
"uri_match_criteria" : "",
"match_element_criteria" : {
"match_op" : "aeiou",
"match_case" : "aeiou"
},
"description" : "aeiou"
} ],
"paranoia_level" : "aeiou",
"tags" : [ "aeiou" ]
} ],
"ruleset_version" : "aeiou",
"rule_overrides" : [ {
"mode" : "aeiou",
"rule_id" : "aeiou",
"enable" : true,
"exclude_list" : [ "" ]
} ],
"provider_ref" : "aeiou",
"selected_applications" : [ "aeiou" ]
},
"created_by" : "aeiou",
"confidence_override" : {
"confid_probable_value" : 123,
"confid_low_value" : 123,
"confid_very_high_value" : 123,
"confid_high_value" : 123
},
"url" : "aeiou",
"enable_regex_learning" : true,
"tenant_ref" : "aeiou",
"name" : "aeiou",
"markers" : [ {
"values" : [ "aeiou" ],
"key" : "aeiou"
} ],
"enable_app_learning" : true,
"paranoia_level" : "aeiou"
}
Produces
This API call produces the following media types according to the request header;
the media type will be conveyed by the
Content-Type response header.
Responses
200
OK
WafPolicy
401
log in failed
Up
put /wafpolicy/{uuid}/update-crs-rules
(wafpolicyUuidUpdateCrsRulesPut)
Path parameters
uuid (required)
Path Parameter — UUID of the object to fetch
Consumes
This API call consumes the following media types via the
Content-Type request header:
Request body
body (required)
Body Parameter — WafPolicyCRSUpdate
Return type
String
Example data
Content-Type: application/json
"aeiou"
Produces
This API call produces the following media types according to the request header;
the media type will be conveyed by the
Content-Type response header.
Responses
200
OK
String
401
log in failed
[ Jump to Methods ]
Table of Contents
AppLearningConfidenceOverrideAppLearningParamsBotClassificationBotDetectionMatchConfigPbAttributesCookieMatchGeoMatchHTTPVersionMatchHdrMatchHostHdrMatchIPReputationTypeMatchIpAddrIpAddrMatchIpAddrPrefixIpAddrRangeKeyValueMatchTargetMethodMatchPathMatchPortMatchProtocolMatchQueryMatchRoleFilterMatchLabelTlsFingerprintMatchWafApplicationSignaturesWafExcludeListEntryWafExclusionTypeWafPolicyWafPolicyAllowlistWafPolicyAllowlistRuleWafPolicyApiResponseWafPolicyCRSUpdateWafPolicyRequiredDataFileWafPositiveSecurityModelWafRuleWafRuleGroupWafRuleGroupOverridesWafRuleOverrides
confid_high_value (optional)
Integer Confidence threshold for label CONFIDENCE_HIGH. Field introduced in 18.2.3. Allowed in Enterprise edition with any value, Essentials, Basic, Enterprise with Cloud Services edition. format: int32
confid_low_value (optional)
Integer Confidence threshold for label CONFIDENCE_LOW. Field introduced in 18.2.3. Allowed in Enterprise edition with any value, Essentials, Basic, Enterprise with Cloud Services edition. format: int32
confid_probable_value (optional)
Integer Confidence threshold for label CONFIDENCE_PROBABLE. Field introduced in 18.2.3. Allowed in Enterprise edition with any value, Essentials, Basic, Enterprise with Cloud Services edition. format: int32
confid_very_high_value (optional)
Integer Confidence threshold for label CONFIDENCE_VERY_HIGH. Field introduced in 18.2.3. Allowed in Enterprise edition with any value, Essentials, Basic, Enterprise with Cloud Services edition. format: int32
enable_per_uri_learning (optional)
Boolean Learn the params per URI path. Field introduced in 18.2.3. Allowed in Enterprise edition with any value, Essentials, Basic, Enterprise with Cloud Services edition.
learn_from_authenticated_clients_only (optional)
Boolean If true, learning will only be performed on requests from clients who have passed the authentication process configured in the Virtual Service's Auth Profile. Field introduced in 22.1.1. Allowed in Enterprise edition with any value, Enterprise with Cloud Services edition.
max_params (optional)
Integer Maximum number of params programmed for an application. Allowed values are 10-1000. Field introduced in 18.2.3. Allowed in Enterprise edition with any value, Essentials, Basic, Enterprise with Cloud Services edition. format: int32
max_uris (optional)
Integer Maximum number of URI paths programmed for an application. Allowed values are 10-10000. Field introduced in 18.2.3. Allowed in Enterprise edition with any value, Essentials, Basic, Enterprise with Cloud Services edition. format: int32
min_hits_to_learn (optional)
Long Minimum number of occurances required for a Param to qualify for learning. Field introduced in 18.2.5. Allowed in Enterprise edition with any value, Essentials, Basic, Enterprise with Cloud Services edition. format: int64
sampling_percent (optional)
Integer Percent of the requests subjected to Application learning. Allowed values are 1-100. Field introduced in 18.2.3. Unit is PERCENT. Allowed in Enterprise edition with any value, Essentials, Basic, Enterprise with Cloud Services edition. format: int32
trusted_ipgroup_ref (optional)
String If configured, learning will only be performed on requests from client IPs within the configured IP Address Group. It is a reference to an object of type IpAddrGroup. Field introduced in 22.1.1. Allowed in Enterprise edition with any value, Enterprise with Cloud Services edition.
update_interval (optional)
Integer Frequency with which SE publishes Application learning data to controller. Allowed values are 1-60. Field introduced in 18.2.3. Unit is MIN. Allowed in Enterprise edition with any value, Essentials, Basic, Enterprise with Cloud Services edition. format: int32
type
String One of the system-defined Bot classification types. Enum options - HUMAN, GOOD_BOT, BAD_BOT, DANGEROUS_BOT, USER_DEFINED_BOT, UNKNOWN_CLIENT. Field introduced in 21.1.1. Allowed in Enterprise edition with any value, Enterprise with Cloud Services edition.
user_defined_type (optional)
String If 'type' has BotClassificationTypes value 'USER_DEFINED', this is the user-defined value. Field introduced in 21.1.1. Allowed in Enterprise edition with any value, Enterprise with Cloud Services edition.
classifications (optional)
array[BotClassification] Bot classification types. Field introduced in 21.1.1. Allowed in Enterprise edition with any value, Enterprise with Cloud Services edition.
match_operation
String Match criteria. Enum options - IS_IN, IS_NOT_IN. Field introduced in 21.1.1. Allowed in Enterprise edition with any value, Enterprise with Cloud Services edition.
version (optional)
Integer Protobuf version number. Gets incremented if there is se Diff of federated diff in config pbs.This field will be a monotonically increasing number indicating the number of Config Update operations. Field introduced in 21.1.1. Allowed in Enterprise edition with any value, Essentials edition with any value, Basic edition with any value, Enterprise with Cloud Services edition. format: int32
match_case (optional)
String Case sensitivity to use for the match. Enum options - SENSITIVE, INSENSITIVE. Allowed in Enterprise edition with any value, Essentials, Basic, Enterprise with Cloud Services edition.
match_criteria
String Criterion to use for matching the cookie in the HTTP request. Enum options - HDR_EXISTS, HDR_DOES_NOT_EXIST, HDR_BEGINS_WITH, HDR_DOES_NOT_BEGIN_WITH, HDR_CONTAINS, HDR_DOES_NOT_CONTAIN, HDR_ENDS_WITH, HDR_DOES_NOT_END_WITH, HDR_EQUALS, HDR_DOES_NOT_EQUAL. Allowed in Enterprise edition with any value, Essentials, Basic, Enterprise with Cloud Services edition.
name
String Name of the cookie. Allowed in Enterprise edition with any value, Essentials, Basic, Enterprise with Cloud Services edition.
value (optional)
String String value in the cookie. Allowed in Enterprise edition with any value, Essentials, Basic, Enterprise with Cloud Services edition.
attribute
String The Geo data type to match on. Enum options - ATTRIBUTE_IP_PREFIX, ATTRIBUTE_COUNTRY_CODE, ATTRIBUTE_COUNTRY_NAME, ATTRIBUTE_CONTINENT_CODE, ATTRIBUTE_CONTINENT_NAME, ATTRIBUTE_REGION_NAME, ATTRIBUTE_CITY_NAME, ATTRIBUTE_ISP_NAME, ATTRIBUTE_ORGANIZATION_NAME, ATTRIBUTE_AS_NUMBER, ATTRIBUTE_AS_NAME, ATTRIBUTE_LONGITUDE, ATTRIBUTE_LATITUDE, ATTRIBUTE_CUSTOM_1, ATTRIBUTE_CUSTOM_2, ATTRIBUTE_CUSTOM_3, ATTRIBUTE_CUSTOM_4, ATTRIBUTE_CUSTOM_5, ATTRIBUTE_CUSTOM_6, ATTRIBUTE_CUSTOM_7, ATTRIBUTE_CUSTOM_8, ATTRIBUTE_CUSTOM_9, ATTRIBUTE_USER_DEFINED_MAPPING. Field introduced in 21.1.1. Allowed in Enterprise edition with any value, Enterprise with Cloud Services edition.
match_operation
String Match criteria. Enum options - IS_IN, IS_NOT_IN. Field introduced in 21.1.1. Allowed in Enterprise edition with any value, Enterprise with Cloud Services edition.
values
array[String] The values to match. Field introduced in 21.1.1. Allowed in Enterprise edition with any value, Enterprise with Cloud Services edition.
match_criteria
String Criterion to use for HTTP version matching the version used in the HTTP request. Enum options - IS_IN, IS_NOT_IN. Allowed in Enterprise edition with any value, Essentials, Basic, Enterprise with Cloud Services edition.
versions (optional)
array[String] HTTP protocol version. Enum options - ZERO_NINE, ONE_ZERO, ONE_ONE, TWO_ZERO. Minimum of 1 items required. Maximum of 8 items allowed. Allowed in Enterprise edition with any value, Essentials edition(Allowed values- ONE_ZERO,ONE_ONE), Basic edition(Allowed values- ONE_ZERO,ONE_ONE), Enterprise with Cloud Services edition.
hdr
String Name of the HTTP header whose value is to be matched. Allowed in Enterprise edition with any value, Essentials, Basic, Enterprise with Cloud Services edition.
match_case (optional)
String Case sensitivity to use for the match. Enum options - SENSITIVE, INSENSITIVE. Allowed in Enterprise edition with any value, Essentials, Basic, Enterprise with Cloud Services edition.
match_criteria
String Criterion to use for matching headers in the HTTP request. Enum options - HDR_EXISTS, HDR_DOES_NOT_EXIST, HDR_BEGINS_WITH, HDR_DOES_NOT_BEGIN_WITH, HDR_CONTAINS, HDR_DOES_NOT_CONTAIN, HDR_ENDS_WITH, HDR_DOES_NOT_END_WITH, HDR_EQUALS, HDR_DOES_NOT_EQUAL. Allowed in Enterprise edition with any value, Essentials, Basic, Enterprise with Cloud Services edition.
value (optional)
array[String] String values to match in the HTTP header. Allowed in Enterprise edition with any value, Essentials, Basic, Enterprise with Cloud Services edition.
match_case (optional)
String Case sensitivity to use for the match. Enum options - SENSITIVE, INSENSITIVE. Allowed in Enterprise edition with any value, Essentials, Basic, Enterprise with Cloud Services edition.
match_criteria
String Criterion to use for the host header value match. Enum options - HDR_EXISTS, HDR_DOES_NOT_EXIST, HDR_BEGINS_WITH, HDR_DOES_NOT_BEGIN_WITH, HDR_CONTAINS, HDR_DOES_NOT_CONTAIN, HDR_ENDS_WITH, HDR_DOES_NOT_END_WITH, HDR_EQUALS, HDR_DOES_NOT_EQUAL. Allowed in Enterprise edition with any value, Essentials, Basic, Enterprise with Cloud Services edition.
value (optional)
array[String] String value(s) in the host header. Allowed in Enterprise edition with any value, Essentials, Basic, Enterprise with Cloud Services edition.
match_operation
String Match criteria. Enum options - IS_IN, IS_NOT_IN. Field introduced in 20.1.1. Allowed in Enterprise edition with any value, Essentials, Basic, Enterprise with Cloud Services edition.
reputation_types (optional)
array[String] IP reputation type. Enum options - IP_REPUTATION_TYPE_SPAM_SOURCE, IP_REPUTATION_TYPE_WINDOWS_EXPLOITS, IP_REPUTATION_TYPE_WEB_ATTACKS, IP_REPUTATION_TYPE_BOTNETS, IP_REPUTATION_TYPE_SCANNERS, IP_REPUTATION_TYPE_DOS, IP_REPUTATION_TYPE_REPUTATION, IP_REPUTATION_TYPE_PHISHING, IP_REPUTATION_TYPE_PROXY, IP_REPUTATION_TYPE_NETWORK, IP_REPUTATION_TYPE_CLOUD, IP_REPUTATION_TYPE_MOBILE_THREATS, IP_REPUTATION_TYPE_TOR, IP_REPUTATION_TYPE_ALL. Field introduced in 20.1.1. Minimum of 1 items required. Allowed in Enterprise edition with any value, Essentials, Basic, Enterprise with Cloud Services edition.
addr
String IP address. Allowed in Enterprise edition with any value, Essentials, Basic, Enterprise with Cloud Services edition.
type
String Enum options - V4, DNS, V6. Allowed in Enterprise edition with any value, Essentials, Basic, Enterprise with Cloud Services edition.
addrs (optional)
array[IpAddr] IP address(es). Allowed in Enterprise edition with any value, Essentials, Basic, Enterprise with Cloud Services edition.
group_refs (optional)
array[String] UUID of IP address group(s). It is a reference to an object of type IpAddrGroup. Allowed in Enterprise edition with any value, Essentials, Basic, Enterprise with Cloud Services edition.
match_criteria
String Criterion to use for IP address matching the HTTP request. Enum options - IS_IN, IS_NOT_IN. Allowed in Enterprise edition with any value, Essentials, Basic, Enterprise with Cloud Services edition.
prefixes (optional)
array[IpAddrPrefix] IP address prefix(es). Allowed in Enterprise edition with any value, Essentials, Basic, Enterprise with Cloud Services edition.
ranges (optional)
array[IpAddrRange] IP address range(s). Allowed in Enterprise edition with any value, Essentials, Basic, Enterprise with Cloud Services edition.
ip_addr
IpAddr Allowed in Enterprise edition with any value, Essentials, Basic, Enterprise with Cloud Services edition.
mask
Integer Allowed in Enterprise edition with any value, Essentials, Basic, Enterprise with Cloud Services edition. format: int32
begin
IpAddr Starting IP address of the range. Allowed in Enterprise edition with any value, Essentials, Basic, Enterprise with Cloud Services edition.
end
IpAddr Ending IP address of the range. Allowed in Enterprise edition with any value, Essentials, Basic, Enterprise with Cloud Services edition.
key
String Key. Allowed in Enterprise edition with any value, Essentials, Basic, Enterprise with Cloud Services edition.
value (optional)
String Value. Allowed in Enterprise edition with any value, Essentials, Basic, Enterprise with Cloud Services edition.
bot_detection_result (optional)
BotDetectionMatch Configure the bot classification result. Field introduced in 21.1.1. Allowed in Enterprise edition with any value, Enterprise with Cloud Services edition.
client_ip (optional)
IpAddrMatch Configure client ip addresses. Allowed in Enterprise edition with any value, Essentials, Basic, Enterprise with Cloud Services edition.
cookie (optional)
CookieMatch Configure HTTP cookie(s). Allowed in Enterprise edition with any value, Essentials, Basic, Enterprise with Cloud Services edition.
geo_matches (optional)
array[GeoMatch] Configure the geo information. Field introduced in 21.1.1. Maximum of 1 items allowed. Allowed in Enterprise edition with any value, Enterprise with Cloud Services edition.
hdrs (optional)
array[HdrMatch] Configure HTTP header(s). All configured headers must match. Allowed in Enterprise edition with any value, Essentials, Basic, Enterprise with Cloud Services edition.
host_hdr (optional)
HostHdrMatch Configure the host header. Allowed in Enterprise edition with any value, Essentials, Basic, Enterprise with Cloud Services edition.
ip_reputation_type (optional)
IPReputationTypeMatch Configure IP reputation. Field introduced in 20.1.3. Allowed in Enterprise edition with any value, Enterprise with Cloud Services edition.
method (optional)
MethodMatch Configure HTTP methods. Allowed in Enterprise edition with any value, Essentials, Basic, Enterprise with Cloud Services edition.
path (optional)
PathMatch Configure request paths. Allowed in Enterprise edition with any value, Essentials, Basic, Enterprise with Cloud Services edition.
protocol (optional)
ProtocolMatch Configure the type of HTTP protocol. Allowed in Enterprise edition with any value, Essentials, Basic, Enterprise with Cloud Services edition.
query (optional)
QueryMatch Configure request query. Allowed in Enterprise edition with any value, Essentials, Basic, Enterprise with Cloud Services edition.
source_ip (optional)
IpAddrMatch Configure source ip addresses. Field introduced in 21.1.3. Allowed in Enterprise edition with any value, Enterprise with Cloud Services edition.
tls_fingerprint_match (optional)
TlsFingerprintMatch Configure the TLS fingerprint. Field introduced in 22.1.3. Allowed in Enterprise edition with any value, Enterprise with Cloud Services edition.
version (optional)
HTTPVersionMatch Configure versions of the HTTP protocol. Allowed in Enterprise edition with any value, Essentials, Basic, Enterprise with Cloud Services edition.
vs_port (optional)
PortMatch Configure virtual service ports. Allowed in Enterprise edition with any value, Essentials, Basic, Enterprise with Cloud Services edition.
match_criteria
String Criterion to use for HTTP method matching the method in the HTTP request. Enum options - IS_IN, IS_NOT_IN. Allowed in Enterprise edition with any value, Essentials, Basic, Enterprise with Cloud Services edition.
methods (optional)
array[String] Configure HTTP method(s). Enum options - HTTP_METHOD_GET, HTTP_METHOD_HEAD, HTTP_METHOD_PUT, HTTP_METHOD_DELETE, HTTP_METHOD_POST, HTTP_METHOD_OPTIONS, HTTP_METHOD_TRACE, HTTP_METHOD_CONNECT, HTTP_METHOD_PATCH, HTTP_METHOD_PROPFIND, HTTP_METHOD_PROPPATCH, HTTP_METHOD_MKCOL, HTTP_METHOD_COPY, HTTP_METHOD_MOVE, HTTP_METHOD_LOCK, HTTP_METHOD_UNLOCK. Minimum of 1 items required. Maximum of 16 items allowed. Allowed in Enterprise edition with any value, Essentials edition(Allowed values- HTTP_METHOD_GET,HTTP_METHOD_PUT,HTTP_METHOD_POST,HTTP_METHOD_HEAD,HTTP_METHOD_OPTIONS), Basic edition(Allowed values- HTTP_METHOD_GET,HTTP_METHOD_PUT,HTTP_METHOD_POST,HTTP_METHOD_HEAD,HTTP_METHOD_OPTIONS), Enterprise with Cloud Services edition.
match_case (optional)
String Case sensitivity to use for the matching. Enum options - SENSITIVE, INSENSITIVE. Allowed in Enterprise edition with any value, Essentials, Basic, Enterprise with Cloud Services edition.
match_criteria
String Criterion to use for matching the path in the HTTP request URI. Enum options - BEGINS_WITH, DOES_NOT_BEGIN_WITH, CONTAINS, DOES_NOT_CONTAIN, ENDS_WITH, DOES_NOT_END_WITH, EQUALS, DOES_NOT_EQUAL, REGEX_MATCH, REGEX_DOES_NOT_MATCH. Allowed in Enterprise edition with any value, Essentials edition(Allowed values- BEGINS_WITH,DOES_NOT_BEGIN_WITH,CONTAINS,DOES_NOT_CONTAIN,ENDS_WITH,DOES_NOT_END_WITH,EQUALS,DOES_NOT_EQUAL), Basic edition(Allowed values- BEGINS_WITH,DOES_NOT_BEGIN_WITH,CONTAINS,DOES_NOT_CONTAIN,ENDS_WITH,DOES_NOT_END_WITH,EQUALS,DOES_NOT_EQUAL), Enterprise with Cloud Services edition.
match_decoded_string (optional)
Boolean Match against the decoded URI path. Field introduced in 22.1.3. Allowed in Enterprise edition with any value, Enterprise with Cloud Services edition.
match_str (optional)
array[String] String values. Allowed in Enterprise edition with any value, Essentials, Basic, Enterprise with Cloud Services edition.
string_group_refs (optional)
array[String] UUID of the string group(s). It is a reference to an object of type StringGroup. Allowed in Enterprise edition with any value, Essentials, Basic, Enterprise with Cloud Services edition.
match_criteria
String Criterion to use for port matching the HTTP request. Enum options - IS_IN, IS_NOT_IN. Allowed in Enterprise edition with any value, Essentials, Basic, Enterprise with Cloud Services edition.
ports (optional)
array[Integer] Listening TCP port(s). Allowed values are 1-65535. Minimum of 1 items required. Allowed in Enterprise edition with any value, Essentials, Basic, Enterprise with Cloud Services edition.
match_criteria
String Criterion to use for protocol matching the HTTP request. Enum options - IS_IN, IS_NOT_IN. Allowed in Enterprise edition with any value, Essentials, Basic, Enterprise with Cloud Services edition.
protocols
String HTTP or HTTPS protocol. Enum options - HTTP, HTTPS. Allowed in Enterprise edition with any value, Essentials, Basic, Enterprise with Cloud Services edition.
match_case (optional)
String Case sensitivity to use for the match. Enum options - SENSITIVE, INSENSITIVE. Allowed in Enterprise edition with any value, Essentials, Basic, Enterprise with Cloud Services edition.
match_criteria
String Criterion to use for matching the query in HTTP request URI. Enum options - QUERY_MATCH_CONTAINS, QUERY_MATCH_DOES_NOT_CONTAIN, QUERY_MATCH_EXISTS, QUERY_MATCH_DOES_NOT_EXIST, QUERY_MATCH_BEGINS_WITH, QUERY_MATCH_DOES_NOT_BEGIN_WITH, QUERY_MATCH_ENDS_WITH, QUERY_MATCH_DOES_NOT_END_WITH, QUERY_MATCH_EQUALS, QUERY_MATCH_DOES_NOT_EQUAL, QUERY_MATCH_REGEX_MATCH, QUERY_MATCH_REGEX_DOES_NOT_MATCH. Allowed in Enterprise edition with any value, Essentials, Basic, Enterprise with Cloud Services edition.
match_decoded_string (optional)
Boolean Match against the decoded URI query. Field introduced in 22.1.3. Allowed in Enterprise edition with any value, Enterprise with Cloud Services edition.
match_str (optional)
array[String] String value(s). Allowed in Enterprise edition with any value, Essentials, Basic, Enterprise with Cloud Services edition.
string_group_refs (optional)
array[String] UUID of the string group(s). It is a reference to an object of type StringGroup. Allowed in Enterprise edition with any value, Essentials, Basic, Enterprise with Cloud Services edition.
key
String Key for filter match. Field introduced in 20.1.3. Allowed in Enterprise edition with any value, Enterprise with Cloud Services edition.
values (optional)
array[String] Values for filter match. Multiple values will be evaluated as OR. Example key = value1 OR key = value2. Behavior for match is key = * if this field is empty. Field introduced in 20.1.3. Allowed in Enterprise edition with any value, Enterprise with Cloud Services edition.
fingerprints (optional)
array[String] The list of fingerprints. Field introduced in 22.1.3. Allowed in Enterprise edition with any value, Enterprise with Cloud Services edition.
match_operation
String Match criteria. Enum options - IS_IN, IS_NOT_IN. Field introduced in 22.1.3. Allowed in Enterprise edition with any value, Enterprise with Cloud Services edition.
string_group_refs (optional)
array[String] UUIDs of the string groups. It is a reference to an object of type StringGroup. Field introduced in 22.1.3. Allowed in Enterprise edition with any value, Enterprise with Cloud Services edition.
provider_ref
String The external provide for the rules. It is a reference to an object of type WafApplicationSignatureProvider. Field introduced in 20.1.1. Allowed in Enterprise edition with any value, Essentials, Basic, Enterprise with Cloud Services edition.
resolved_rules (optional)
array[WafRule] A resolved version of the active application specific rules together with the overrides. Field introduced in 20.1.6. Allowed in Enterprise edition with any value, Essentials edition with any value, Basic edition with any value, Enterprise with Cloud Services edition.
rule_overrides (optional)
array[WafRuleOverrides] Override attributes of application signature rules. Field introduced in 20.1.6. Allowed in Enterprise edition with any value, Enterprise with Cloud Services edition.
ruleset_version (optional)
String The version in use of the provided ruleset. Field introduced in 20.1.1. Allowed in Enterprise edition with any value, Essentials edition with any value, Basic edition with any value, Enterprise with Cloud Services edition.
selected_applications (optional)
array[String] List of applications for which we use the rules from the WafApplicationSignatureProvider. Field introduced in 20.1.1. Allowed in Enterprise edition with any value, Essentials, Basic, Enterprise with Cloud Services edition.
client_subnet (optional)
IpAddrPrefix Client IP Subnet to exclude for WAF rules. Field introduced in 17.2.1. Allowed in Enterprise edition with any value, Essentials, Basic, Enterprise with Cloud Services edition.
description (optional)
String Free-text comment about this exclusion. Field introduced in 18.2.6. Allowed in Enterprise edition with any value, Essentials, Basic, Enterprise with Cloud Services edition.
match_element (optional)
String The match_element can be 'ARGS xxx', 'ARGS_GET xxx', 'ARGS_POST xxx', 'ARGS_NAMES xxx', 'FILES xxx', 'QUERY_STRING', 'REQUEST_BASENAME', 'REQUEST_BODY', 'REQUEST_URI', 'REQUEST_URI_RAW', 'REQUEST_COOKIES xxx', 'REQUEST_COOKIES_NAMES xxx', 'REQUEST_HEADERS xxx', 'REQUEST_HEADERS_NAMES xxx', 'RESPONSE_HEADERS xxx' or XML xxx. These match_elements in the HTTP Transaction (if present) will be excluded when executing WAF Rules. Field introduced in 17.2.1. Allowed in Enterprise edition with any value, Essentials, Basic, Enterprise with Cloud Services edition.
match_element_criteria (optional)
WafExclusionType Criteria for match_element matching. Field introduced in 18.2.2. Allowed in Enterprise edition with any value, Essentials, Basic, Enterprise with Cloud Services edition.
uri_match_criteria (optional)
WafExclusionType Criteria for URI matching. Field introduced in 17.2.8. Allowed in Enterprise edition with any value, Essentials, Basic, Enterprise with Cloud Services edition.
uri_path (optional)
String URI Path to exclude for WAF rules. Field introduced in 17.2.1. Allowed in Enterprise edition with any value, Essentials, Basic, Enterprise with Cloud Services edition.
match_case
String Case sensitivity to use for the matching. Enum options - SENSITIVE, INSENSITIVE. Field introduced in 17.2.8. Allowed in Enterprise edition with any value, Essentials, Basic, Enterprise with Cloud Services edition.
match_op
String String Operation to use for matching the Exclusion. Enum options - BEGINS_WITH, DOES_NOT_BEGIN_WITH, CONTAINS, DOES_NOT_CONTAIN, ENDS_WITH, DOES_NOT_END_WITH, EQUALS, DOES_NOT_EQUAL, REGEX_MATCH, REGEX_DOES_NOT_MATCH. Field introduced in 17.2.8. Allowed in Enterprise edition with any value, Essentials, Basic, Enterprise with Cloud Services edition.
_last_modified (optional)
String UNIX time since epoch in microseconds. Units(MICROSECONDS).
allow_mode_delegation (optional)
Boolean Allow Rules to overwrite the policy mode. This must be set if the policy mode is set to enforcement. Field introduced in 18.1.5, 18.2.1. Allowed in Enterprise edition with any value, Essentials, Basic, Enterprise with Cloud Services edition.
allowlist (optional)
WafPolicyAllowlist A set of rules which describe conditions under which the request will bypass the WAF. This will be processed in the request header phase before any other WAF related code. Field introduced in 20.1.3. Allowed in Enterprise edition with any value, Enterprise with Cloud Services edition.
application_signatures (optional)
WafApplicationSignatures Application Specific Signatures. Field introduced in 20.1.1. Allowed in Enterprise edition with any value, Essentials, Basic, Enterprise with Cloud Services edition.
auto_update_crs (optional)
Boolean If this flag is set, the system will try to keep the CRS version used in this policy up-to-date. If a newer CRS object is available on this controller, the system will issue the CRS upgrade process for this WAF Policy. It will not update polices if the current CRS version is CRS-VERSION-NOT-APPLICABLE. Field introduced in 22.1.3. Allowed in Enterprise edition with any value, Enterprise with Cloud Services edition.
bypass_static_extensions (optional)
Boolean Enable the functionality to bypass WAF for static file extensions. Field introduced in 22.1.1. Allowed in Enterprise edition with any value, Enterprise with Cloud Services edition.
confidence_override (optional)
AppLearningConfidenceOverride Configure thresholds for confidence labels. Field introduced in 20.1.1. Allowed in Enterprise edition with any value, Essentials, Basic, Enterprise with Cloud Services edition.
configpb_attributes (optional)
ConfigPbAttributes Protobuf versioning for config pbs. Field introduced in 21.1.1. Allowed in Enterprise edition with any value, Essentials edition with any value, Basic edition with any value, Enterprise with Cloud Services edition.
created_by (optional)
String Creator name. Field introduced in 17.2.4. Allowed in Enterprise edition with any value, Essentials, Basic, Enterprise with Cloud Services edition.
crs_overrides (optional)
array[WafRuleGroupOverrides] Override attributes for CRS rules. Field introduced in 20.1.6. Allowed in Enterprise edition with any value, Enterprise with Cloud Services edition.
description (optional)
String Field introduced in 17.2.1. Allowed in Enterprise edition with any value, Essentials, Basic, Enterprise with Cloud Services edition.
enable_app_learning (optional)
Boolean Enable Application Learning for this WAF policy. Field introduced in 18.2.3. Allowed in Enterprise edition with any value, Essentials, Basic, Enterprise with Cloud Services edition.
enable_auto_rule_updates (optional)
Boolean Enable Application Learning based rule updates on the WAF Profile. Rules will be programmed in dedicated WAF learning group. Field introduced in 20.1.1. Allowed in Enterprise edition with any value, Essentials, Basic, Enterprise with Cloud Services edition.
enable_regex_learning (optional)
Boolean Enable dynamic regex generation for positive security model rules. This is an experimental feature and shouldn't be used in production. Field introduced in 20.1.1. Allowed in Enterprise edition with any value, Essentials, Basic, Enterprise with Cloud Services edition.
failure_mode (optional)
String WAF Policy failure mode. This can be 'Open' or 'Closed'. Enum options - WAF_FAILURE_MODE_OPEN, WAF_FAILURE_MODE_CLOSED. Field introduced in 18.1.2. Allowed in Enterprise edition with any value, Essentials, Basic, Enterprise with Cloud Services edition.
geo_db_ref (optional)
String Geo Location Mapping Database used by this WafPolicy. It is a reference to an object of type GeoDB. Field introduced in 21.1.1. Allowed in Enterprise edition with any value, Enterprise with Cloud Services edition.
learning_params (optional)
AppLearningParams Parameters for tuning Application learning. Field introduced in 20.1.1. Allowed in Enterprise edition with any value, Essentials, Basic, Enterprise with Cloud Services edition.
markers (optional)
array[RoleFilterMatchLabel] List of labels to be used for granular RBAC. Field introduced in 20.1.5. Allowed in Enterprise edition with any value, Essentials edition with any value, Basic edition with any value, Enterprise with Cloud Services edition.
min_confidence (optional)
String Minimum confidence label required for auto rule updates. Enum options - CONFIDENCE_VERY_HIGH, CONFIDENCE_HIGH, CONFIDENCE_PROBABLE, CONFIDENCE_LOW, CONFIDENCE_NONE. Field introduced in 20.1.1. Allowed in Enterprise edition with any value, Essentials, Basic, Enterprise with Cloud Services edition.
mode
String WAF Policy mode. This can be detection or enforcement. It can be overwritten by rules if allow_mode_delegation is set. Enum options - WAF_MODE_DETECTION_ONLY, WAF_MODE_ENFORCEMENT. Field introduced in 17.2.1. Allowed in Enterprise edition with any value, Essentials, Basic, Enterprise with Cloud Services edition.
name
String Field introduced in 17.2.1. Allowed in Enterprise edition with any value, Essentials, Basic, Enterprise with Cloud Services edition.
paranoia_level (optional)
String WAF Ruleset paranoia mode. This is used to select Rules based on the paranoia-level tag. Enum options - WAF_PARANOIA_LEVEL_LOW, WAF_PARANOIA_LEVEL_MEDIUM, WAF_PARANOIA_LEVEL_HIGH, WAF_PARANOIA_LEVEL_EXTREME. Field introduced in 17.2.1. Allowed in Enterprise edition with any value, Essentials, Basic, Enterprise with Cloud Services edition.
positive_security_model (optional)
WafPositiveSecurityModel The Positive Security Model. This is used to describe how the request or parts of the request should look like. It is executed in the Request Body Phase of Avi WAF. Field introduced in 18.2.3. Allowed in Enterprise edition with any value, Essentials, Basic, Enterprise with Cloud Services edition.
post_crs_groups (optional)
array[WafRuleGroup] WAF Rules are categorized in to groups based on their characterization. These groups are created by the user and will be enforced after the CRS groups. Field introduced in 17.2.1. Allowed in Enterprise edition with any value, Essentials, Basic, Enterprise with Cloud Services edition.
pre_crs_groups (optional)
array[WafRuleGroup] WAF Rules are categorized in to groups based on their characterization. These groups are created by the user and will be enforced before the CRS groups. Field introduced in 17.2.1. Allowed in Enterprise edition with any value, Essentials, Basic, Enterprise with Cloud Services edition.
required_data_files (optional)
array[WafPolicyRequiredDataFile] The data files and types referred in this WAF policy. Field introduced in 22.1.3. Allowed in Enterprise edition with any value, Essentials edition with any value, Basic edition with any value, Enterprise with Cloud Services edition.
tenant_ref (optional)
String It is a reference to an object of type Tenant. Field introduced in 17.2.1. Allowed in Enterprise edition with any value, Essentials, Basic, Enterprise with Cloud Services edition.
updated_crs_rules_in_detection_mode (optional)
Boolean While updating CRS, the system will make sure that new rules are added in DETECTION mode. It only has an effect if the Policy is in ENFORCEMENT mode. In this case, the update will set new rules into DETECTION mode by adding crs_overrides for the new rules. If this flag is not set or if the policy mode is DETECTION, rules will be added without new crs_overrides. This option is used for the auto_update_crs workflow as well as for the UI based CRS update workflow. Field introduced in 22.1.3. Allowed in Enterprise edition with any value, Enterprise with Cloud Services edition.
url (optional)
uuid (optional)
String Field introduced in 17.2.1. Allowed in Enterprise edition with any value, Essentials, Basic, Enterprise with Cloud Services edition.
waf_crs_ref (optional)
String WAF core ruleset used for the CRS part of this Policy. It is a reference to an object of type WafCRS. Field introduced in 18.1.1. Allowed in Enterprise edition with any value, Essentials, Basic, Enterprise with Cloud Services edition.
waf_profile_ref
String WAF Profile for WAF policy. It is a reference to an object of type WafProfile. Field introduced in 17.2.1. Allowed in Enterprise edition with any value, Essentials, Basic, Enterprise with Cloud Services edition.
rules (optional)
array[WafPolicyAllowlistRule] Rules to bypass WAF. Field introduced in 20.1.3. Allowed in Enterprise edition with any value, Enterprise with Cloud Services edition.
actions (optional)
array[String] Actions to be performed upon successful matching. Enum options - WAF_POLICY_ALLOWLIST_ACTION_BYPASS, WAF_POLICY_ALLOWLIST_ACTION_DETECTION_MODE, WAF_POLICY_ALLOWLIST_ACTION_CONTINUE. Field introduced in 20.1.3. Minimum of 1 items required. Maximum of 1 items allowed. Allowed in Enterprise edition with any value, Enterprise with Cloud Services edition.
description (optional)
String Description of this rule. Field introduced in 20.1.3. Allowed in Enterprise edition with any value, Enterprise with Cloud Services edition.
enable (optional)
Boolean Enable or deactivate the rule. Field introduced in 20.1.3. Allowed in Enterprise edition with any value, Enterprise with Cloud Services edition.
index
Integer Rules are processed in order of this index field. Field introduced in 20.1.3. Allowed in Enterprise edition with any value, Enterprise with Cloud Services edition. format: int32
match
MatchTarget Match criteria describing requests to which this rule should be applied. Field introduced in 20.1.3. Allowed in Enterprise edition with any value, Enterprise with Cloud Services edition.
name
String A name describing the rule in a short form. Field introduced in 20.1.3. Allowed in Enterprise edition with any value, Enterprise with Cloud Services edition.
sampling_percent (optional)
Integer Percentage of traffic that is sampled. Allowed values are 0-100. Field introduced in 20.1.3. Unit is PERCENT. Allowed in Enterprise edition with any value, Enterprise with Cloud Services edition. format: int32
count
results
next (optional)
commit (optional)
Boolean Set this to true if you want to update the policy. The default value of false will only analyse what would be changed if this flag would be set to true. Field introduced in 22.1.1. Allowed in Enterprise edition with any value, Enterprise with Cloud Services edition.
waf_crs_ref
String CRS object to which this policy should be updated to. To disable CRS for this policy, the special CRS object CRS-VERSION-NOT-APPLICABLE can be used. It is a reference to an object of type WafCRS. Field introduced in 22.1.1. Allowed in Enterprise edition with any value, Enterprise with Cloud Services edition.
name (optional)
String Name of the data file. Field introduced in 22.1.3. Allowed in Enterprise edition with any value, Enterprise with Cloud Services edition.
type (optional)
String Type of the data file. Enum options - WAF_DATAFILE_PM_FROM_FILE, WAF_DATAFILE_DTD, WAF_DATAFILE_XSD, WAF_DATAFILE_IP_MATCH_FROM_FILE. Field introduced in 22.1.3. Allowed in Enterprise edition with any value, Enterprise with Cloud Services edition.
group_refs (optional)
array[String] These groups should be used to separate different levels of concern. The order of the groups matters, one group may mark parts of the request as valid, so that subsequent groups will not check these parts. It is a reference to an object of type WafPolicyPSMGroup. Field introduced in 18.2.3. Allowed in Enterprise edition with any value, Essentials, Basic, Enterprise with Cloud Services edition.
enable
Boolean Enable or disable WAF Rule Group. Field introduced in 17.2.1. Allowed in Enterprise edition with any value, Essentials, Basic, Enterprise with Cloud Services edition.
exclude_list (optional)
array[WafExcludeListEntry] Exclude list for the WAF rule. The fields in the exclude list entry are logically and'ed to deduce the exclusion criteria. If there are multiple excludelist entries, it will be 'logical or' of them. Field introduced in 17.2.3. Maximum of 64 items allowed. Allowed in Enterprise edition with any value, Essentials, Basic, Enterprise with Cloud Services edition.
index
Integer Field introduced in 17.2.1. Allowed in Enterprise edition with any value, Essentials, Basic, Enterprise with Cloud Services edition. format: int32
is_sensitive (optional)
Boolean The rule field is sensitive and will not be displayed. Field introduced in 20.1.1. Allowed in Enterprise edition with any value, Essentials, Basic, Enterprise with Cloud Services edition.
mode (optional)
String WAF Rule mode. This can be detection or enforcement. If this is not set, the Policy mode is used. This only takes effect if the policy allows delegation. Enum options - WAF_MODE_DETECTION_ONLY, WAF_MODE_ENFORCEMENT. Field introduced in 18.1.5, 18.2.1. Allowed in Enterprise edition with any value, Essentials, Basic, Enterprise with Cloud Services edition.
name (optional)
String User-friendly optional name for a rule. Field introduced in 17.2.1. Allowed in Enterprise edition with any value, Essentials, Basic, Enterprise with Cloud Services edition.
paranoia_level (optional)
String WAF rule paranoia level. This field is informative, like rule_id and tags, it is generated by the system from the rule text. This field is filled for CRS rules. Enum options - WAF_PARANOIA_LEVEL_LOW, WAF_PARANOIA_LEVEL_MEDIUM, WAF_PARANOIA_LEVEL_HIGH, WAF_PARANOIA_LEVEL_EXTREME. Field introduced in 22.1.3. Allowed in Enterprise edition with any value, Enterprise with Cloud Services edition.
phase (optional)
String The execution phase where this rule will be executed. Enum options - WAF_PHASE_CONNECTION, WAF_PHASE_REQUEST_HEADER, WAF_PHASE_REQUEST_BODY, WAF_PHASE_RESPONSE_HEADER, WAF_PHASE_RESPONSE_BODY, WAF_PHASE_LOGGING. Field introduced in 20.1.1. Allowed in Enterprise edition with any value, Essentials edition with any value, Basic edition with any value, Enterprise with Cloud Services edition.
rule
String Rule as per Modsec language. Field introduced in 17.2.1. Allowed in Enterprise edition with any value, Essentials, Basic, Enterprise with Cloud Services edition.
rule_id (optional)
String Identifier (id) for a rule per Modsec language. All SecRule and SecAction directives require an id. It is extracted from the id action in a Modsec rule. Rules within a single WAF Policy are required to have unique rule_ids. Field introduced in 17.2.2. Allowed in Enterprise edition with any value, Essentials, Basic, Enterprise with Cloud Services edition.
tags (optional)
array[String] Tags for WAF rule as per Modsec language. They are extracted from the tag action in a ModSec rule. Field introduced in 18.1.3. Allowed in Enterprise edition with any value, Essentials, Basic, Enterprise with Cloud Services edition.
enable
Boolean Enable or disable WAF Rule Group. Field introduced in 17.2.1. Allowed in Enterprise edition with any value, Essentials, Basic, Enterprise with Cloud Services edition.
exclude_list (optional)
array[WafExcludeListEntry] Exclude list for the WAF rule group. The fields in the exclude list entry are logically and'ed to deduce the exclusion criteria. If there are multiple excludelist entries, it will be 'logical or' of them. Field introduced in 17.2.1. Maximum of 64 items allowed. Allowed in Enterprise edition with any value, Essentials, Basic, Enterprise with Cloud Services edition.
index
Integer Field introduced in 17.2.1. Allowed in Enterprise edition with any value, Essentials, Basic, Enterprise with Cloud Services edition. format: int32
name
String Field introduced in 17.2.1. Allowed in Enterprise edition with any value, Essentials, Basic, Enterprise with Cloud Services edition.
rules (optional)
array[WafRule] Rules as per Modsec language. Field introduced in 17.2.1. Allowed in Enterprise edition with any value, Essentials, Basic, Enterprise with Cloud Services edition.
enable (optional)
Boolean Override the enable flag for this group. Field introduced in 20.1.6. Allowed in Enterprise edition with any value, Enterprise with Cloud Services edition.
exclude_list (optional)
array[WafExcludeListEntry] Replace the exclude list for this group. Field introduced in 20.1.6. Maximum of 64 items allowed. Allowed in Enterprise edition with any value, Enterprise with Cloud Services edition.
mode (optional)
String Override the waf mode for this group.. Enum options - WAF_MODE_DETECTION_ONLY, WAF_MODE_ENFORCEMENT. Field introduced in 20.1.6. Allowed in Enterprise edition with any value, Enterprise with Cloud Services edition.
name
String The name of the group where attributes or rules are overridden. Field introduced in 20.1.6. Allowed in Enterprise edition with any value, Enterprise with Cloud Services edition.
rule_overrides (optional)
array[WafRuleOverrides] Rule specific overrides. Field introduced in 20.1.6. Maximum of 1024 items allowed. Allowed in Enterprise edition with any value, Enterprise with Cloud Services edition.
enable (optional)
Boolean Override the enable flag for this rule. Field introduced in 20.1.6. Allowed in Enterprise edition with any value, Enterprise with Cloud Services edition.
exclude_list (optional)
array[WafExcludeListEntry] Replace the exclude list for this rule. Field introduced in 20.1.6. Maximum of 64 items allowed. Allowed in Enterprise edition with any value, Enterprise with Cloud Services edition.
mode (optional)
String Override the waf mode for this rule. Enum options - WAF_MODE_DETECTION_ONLY, WAF_MODE_ENFORCEMENT. Field introduced in 20.1.6. Allowed in Enterprise edition with any value, Enterprise with Cloud Services edition.
rule_id
String The rule_id of the rule where attributes are overridden. Field introduced in 20.1.6. Allowed in Enterprise edition with any value, Enterprise with Cloud Services edition.