az network application-gateway waf-policy managed-rule exclusion

Is this page helpful?

Any additional feedback?

Feedback will be sent to Microsoft: By pressing the submit button, your feedback will be used to improve Microsoft products and services. Privacy policy.

Manage OWASP CRS exclusions that are applied on a WAF policy managed rules.

Commands

az network application-gateway waf-policy managed-rule exclusion add	Add an OWASP CRS exclusion rule to the WAF policy managed rules.
az network application-gateway waf-policy managed-rule exclusion list	List all OWASP CRS exclusion rules that are applied on a Waf policy managed rules.
az network application-gateway waf-policy managed-rule exclusion remove	Remove all OWASP CRS exclusion rules that are applied on a Waf policy managed rules.
az network application-gateway waf-policy managed-rule exclusion rule-set	Define a managed rule set for exclusions.
az network application-gateway waf-policy managed-rule exclusion rule-set add	Add a managed rule set to an exclusion.
az network application-gateway waf-policy managed-rule exclusion rule-set list	List all managed rule sets of an exclusion.
az network application-gateway waf-policy managed-rule exclusion rule-set remove	Remove managed rule set within an exclusion.

az network application-gateway waf-policy managed-rule exclusion add

Add an OWASP CRS exclusion rule to the WAF policy managed rules.

az network application-gateway waf-policy managed-rule exclusion add --match-operator {Contains, EndsWith, Equals, EqualsAny, StartsWith}
                                                                     --match-variable {RequestArgKeys, RequestArgNames, RequestArgValues, RequestCookieKeys, RequestCookieNames, RequestCookieValues, RequestHeaderKeys, RequestHeaderNames, RequestHeaderValues}
                                                                     --policy-name
                                                                     --resource-group
                                                                     --selector

Required Parameters

--match-operator --selector-match-operator

When matchVariable is a collection, operate on the selector to specify which elements in the collection this exclusion applies to.

accepted values: Contains, EndsWith, Equals, EqualsAny, StartsWith

--match-variable

The variable to be excluded.

accepted values: RequestArgKeys, RequestArgNames, RequestArgValues, RequestCookieKeys, RequestCookieNames, RequestCookieValues, RequestHeaderKeys, RequestHeaderNames, RequestHeaderValues

--policy-name

The name of the web application firewall policy.

--resource-group -g

Name of resource group. You can configure the default group using az configure --defaults group=<name>.

--selector

When matchVariable is a collection, operator used to specify which elements in the collection this exclusion applies to.

Global Parameters

--debug

Increase logging verbosity to show all debug logs.

--help -h

Show this help message and exit.

--only-show-errors

Only show errors, suppressing warnings.

--output -o

Output format.

--query

JMESPath query string. See http://jmespath.org/ for more information and examples.

--subscription

Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.

--verbose

Increase logging verbosity. Use --debug for full debug logs.

az network application-gateway waf-policy managed-rule exclusion list

List all OWASP CRS exclusion rules that are applied on a Waf policy managed rules.

az network application-gateway waf-policy managed-rule exclusion list --policy-name
                                                                      --resource-group

Required Parameters

--policy-name

The name of the web application firewall policy.

--resource-group -g

Name of resource group. You can configure the default group using az configure --defaults group=<name>.

Global Parameters

--debug

Increase logging verbosity to show all debug logs.

--help -h

Show this help message and exit.

--only-show-errors

Only show errors, suppressing warnings.

--output -o

Output format.

--query

JMESPath query string. See http://jmespath.org/ for more information and examples.

--subscription

Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.

--verbose

Increase logging verbosity. Use --debug for full debug logs.

az network application-gateway waf-policy managed-rule exclusion remove

Remove all OWASP CRS exclusion rules that are applied on a Waf policy managed rules.

az network application-gateway waf-policy managed-rule exclusion remove --policy-name
                                                                        --resource-group

Required Parameters

--policy-name

The name of the web application firewall policy.

--resource-group -g

Name of resource group. You can configure the default group using az configure --defaults group=<name>.

Global Parameters

--debug

Increase logging verbosity to show all debug logs.

--help -h

Show this help message and exit.

--only-show-errors

Only show errors, suppressing warnings.

--output -o

Output format.

--query

JMESPath query string. See http://jmespath.org/ for more information and examples.

--subscription

Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.

--verbose

Increase logging verbosity. Use --debug for full debug logs.