az network application-gateway waf-policy managed-rule rule-set
Manage managed rule set of managed rules of a WAF policy.
Commands
| az network application-gateway waf-policy managed-rule rule-set add |
Add managed rule set to the WAF policy managed rules. For rule set and rules, please visit: https://docs.microsoft.com/azure/web-application-firewall/ag/application-gateway-crs-rulegroups-rules. |
| az network application-gateway waf-policy managed-rule rule-set list |
List all managed rule set. |
| az network application-gateway waf-policy managed-rule rule-set remove |
Remove a managed rule set by rule set group name if rule_group_name is specified. Otherwise, remove all rule set. |
| az network application-gateway waf-policy managed-rule rule-set update |
Manage rules of a WAF policy. If --group-name and --rules are provided, override existing rules. If --group-name is provided, clear all rules under a certain rule group. If neither of them are provided, update rule set and clear all rules under itself. For rule set and rules, please visit: https://docs.microsoft.com/azure/web-application-firewall/ag/application-gateway-crs-rulegroups-rules. |
az network application-gateway waf-policy managed-rule rule-set add
Add managed rule set to the WAF policy managed rules. For rule set and rules, please visit: https://docs.microsoft.com/azure/web-application-firewall/ag/application-gateway-crs-rulegroups-rules.
az network application-gateway waf-policy managed-rule rule-set add --policy-name
--resource-group
--type {Microsoft_BotManagerRuleSet, OWASP}
--version {0.1, 2.2.9, 3.0, 3.1, 3.2}
[--group-name]
[--rules]Examples
Disable an attack protection rule
az network application-gateway waf-policy managed-rule rule-set add --policy-name MyPolicy -g MyResourceGroup --type OWASP --version 3.1 --group-name REQUEST-921-PROTOCOL-ATTACK --rules 921110Add managed rule set to the WAF policy managed rules (autogenerated)
az network application-gateway waf-policy managed-rule rule-set add --policy-name MyPolicy --resource-group MyResourceGroup --type Microsoft_BotManagerRuleSet --version 0.1Required Parameters
The name of the web application firewall policy.
Name of resource group. You can configure the default group using az configure --defaults group=<name>.
The type of the web application firewall rule set.
The version of the web application firewall rule set type. 0.1 is used for Microsoft_BotManagerRuleSet.
Optional Parameters
The name of the web application firewall rule set group.
List of rules that will be disabled. If provided, --group-name must be provided too.
Increase logging verbosity to show all debug logs.
Show this help message and exit.
Only show errors, suppressing warnings.
Output format.
JMESPath query string. See http://jmespath.org/ for more information and examples.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.
Increase logging verbosity. Use --debug for full debug logs.
az network application-gateway waf-policy managed-rule rule-set list
List all managed rule set.
az network application-gateway waf-policy managed-rule rule-set list --policy-name
--resource-groupExamples
List all managed rule set. (autogenerated)
az network application-gateway waf-policy managed-rule rule-set list --policy-name MyPolicy --resource-group MyResourceGroupRequired Parameters
The name of the web application firewall policy.
Name of resource group. You can configure the default group using az configure --defaults group=<name>.
Increase logging verbosity to show all debug logs.
Show this help message and exit.
Only show errors, suppressing warnings.
Output format.
JMESPath query string. See http://jmespath.org/ for more information and examples.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.
Increase logging verbosity. Use --debug for full debug logs.
az network application-gateway waf-policy managed-rule rule-set remove
Remove a managed rule set by rule set group name if rule_group_name is specified. Otherwise, remove all rule set.
az network application-gateway waf-policy managed-rule rule-set remove --policy-name
--resource-group
--type {Microsoft_BotManagerRuleSet, OWASP}
--version {0.1, 2.2.9, 3.0, 3.1, 3.2}
[--group-name]Examples
Remove a managed rule set by rule set group name if rule_group_name is specified. Otherwise, remove all rule set.
az network application-gateway waf-policy managed-rule rule-set remove --policy-name MyPolicy --resource-group MyResourceGroup --type OWASP --version 3.1Required Parameters
The name of the web application firewall policy.
Name of resource group. You can configure the default group using az configure --defaults group=<name>.
The type of the web application firewall rule set.
The version of the web application firewall rule set type. 0.1 is used for Microsoft_BotManagerRuleSet.
Optional Parameters
The name of the web application firewall rule set group.
Increase logging verbosity to show all debug logs.
Show this help message and exit.
Only show errors, suppressing warnings.
Output format.
JMESPath query string. See http://jmespath.org/ for more information and examples.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.
Increase logging verbosity. Use --debug for full debug logs.
az network application-gateway waf-policy managed-rule rule-set update
Manage rules of a WAF policy. If --group-name and --rules are provided, override existing rules. If --group-name is provided, clear all rules under a certain rule group. If neither of them are provided, update rule set and clear all rules under itself. For rule set and rules, please visit: https://docs.microsoft.com/azure/web-application-firewall/ag/application-gateway-crs-rulegroups-rules.
az network application-gateway waf-policy managed-rule rule-set update --policy-name
--resource-group
--type {Microsoft_BotManagerRuleSet, OWASP}
--version {0.1, 2.2.9, 3.0, 3.1, 3.2}
[--add]
[--force-string]
[--group-name]
[--remove]
[--rules]
[--set]Examples
Override rules under rule group EQUEST-921-PROTOCOL-ATTACK
az network application-gateway waf-policy managed-rule rule-set update --policy-name MyPolicy -g MyResourceGroup --type OWASP --version 3.1 --group-name REQUEST-921-PROTOCOL-ATTACK --rules 921130 921160Update the OWASP protocol version from 3.1 to 3.0 which will clear the old rules
az network application-gateway waf-policy managed-rule rule-set update --policy-name MyPolicy -g MyResourceGroup --type OWASP --version 3.0Required Parameters
The name of the web application firewall policy.
Name of resource group. You can configure the default group using az configure --defaults group=<name>.
The type of the web application firewall rule set.
The version of the web application firewall rule set type. 0.1 is used for Microsoft_BotManagerRuleSet.
Optional Parameters
Add an object to a list of objects by specifying a path and key value pairs. Example: --add property.listProperty <key=value, string or JSON string>.
When using 'set' or 'add', preserve string literals instead of attempting to convert to JSON.
The name of the web application firewall rule set group.
Remove a property or an element from a list. Example: --remove property.list OR --remove propertyToRemove.
List of rules that will be disabled. If provided, --group-name must be provided too.
Update an object by specifying a property path and value to set. Example: --set property1.property2=.
Increase logging verbosity to show all debug logs.
Show this help message and exit.
Only show errors, suppressing warnings.
Output format.
JMESPath query string. See http://jmespath.org/ for more information and examples.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.
Increase logging verbosity. Use --debug for full debug logs.
الملاحظات
إرسال الملاحظات وعرضها المتعلقة بـ