Share via


az network front-door waf-policy managed-rules override

Note

This reference is part of the front-door extension for the Azure CLI (version 2.57.0 or higher). The extension will automatically install the first time you run an az network front-door waf-policy managed-rules override command. Learn more about extensions.

View and alter overrides on managed rules within a managed rule set.

Use 'az network front-door waf-policy managed-rule-definition list' to see the available rules.

Commands

Name Description Type Status
az network front-door waf-policy managed-rules override add

Add an override on a managed rule within a managed rule set.

Extension GA
az network front-door waf-policy managed-rules override list

List the overrides on managed rules within a managed rule set.

Extension GA
az network front-door waf-policy managed-rules override remove

Remove an override on a managed rule within a managed rule set.

Extension GA

az network front-door waf-policy managed-rules override add

Add an override on a managed rule within a managed rule set.

Use 'az network front-door waf-policy managed-rule-definition list' to see the available rules.

az network front-door waf-policy managed-rules override add --rule-group-id
                                                            --rule-id
                                                            --type
                                                            [--action {Allow, AnomalyScoring, Block, JSChallenge, Log, Redirect}]
                                                            [--disabled {false, true}]
                                                            [--ids]
                                                            [--policy-name]
                                                            [--resource-group]
                                                            [--subscription]

Required Parameters

--rule-group-id

ID of the rule group containing the rule to override.

--rule-id

ID of the rule to override.

--type

ID of the ruleset to override.

Optional Parameters

--action

Action for applied rulesets.

Accepted values: Allow, AnomalyScoring, Block, JSChallenge, Log, Redirect
--disabled

Whether to disable the rule.

Accepted values: false, true
--ids

One or more resource IDs (space-delimited). It should be a complete resource ID containing all information of 'Resource Id' arguments. You should provide either --ids or other 'Resource Id' arguments.

--policy-name

Name of the WAF policy. Name must begin with a letter and contain only letters and numbers.

--resource-group -g

Name of resource group. You can configure the default group using az configure --defaults group=<name>.

--subscription

Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.

Global Parameters
--debug

Increase logging verbosity to show all debug logs.

--help -h

Show this help message and exit.

--only-show-errors

Only show errors, suppressing warnings.

--output -o

Output format.

Accepted values: json, jsonc, none, table, tsv, yaml, yamlc
Default value: json
--query

JMESPath query string. See http://jmespath.org/ for more information and examples.

--subscription

Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.

--verbose

Increase logging verbosity. Use --debug for full debug logs.

az network front-door waf-policy managed-rules override list

List the overrides on managed rules within a managed rule set.

az network front-door waf-policy managed-rules override list --policy-name
                                                             --resource-group
                                                             --type

Required Parameters

--policy-name

Name of the WAF policy. Name must begin with a letter and contain only letters and numbers.

--resource-group -g

Name of resource group. You can configure the default group using az configure --defaults group=<name>.

--type

ID of the ruleset with the overrides to list.

Global Parameters
--debug

Increase logging verbosity to show all debug logs.

--help -h

Show this help message and exit.

--only-show-errors

Only show errors, suppressing warnings.

--output -o

Output format.

Accepted values: json, jsonc, none, table, tsv, yaml, yamlc
Default value: json
--query

JMESPath query string. See http://jmespath.org/ for more information and examples.

--subscription

Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.

--verbose

Increase logging verbosity. Use --debug for full debug logs.

az network front-door waf-policy managed-rules override remove

Remove an override on a managed rule within a managed rule set.

After this command, the standard behavior for the rule within the managed rule set will apply. Use 'az network front-door waf-policy managed-rule-definition list' to see the available rules.

az network front-door waf-policy managed-rules override remove --rule-group-id
                                                               --rule-id
                                                               --type
                                                               [--ids]
                                                               [--policy-name]
                                                               [--resource-group]
                                                               [--subscription]

Required Parameters

--rule-group-id

ID of the rule group containing the override to remove.

--rule-id

ID of the rule override to remove.

--type

ID of the ruleset with the override to remove.

Optional Parameters

--ids

One or more resource IDs (space-delimited). It should be a complete resource ID containing all information of 'Resource Id' arguments. You should provide either --ids or other 'Resource Id' arguments.

--policy-name

Name of the WAF policy. Name must begin with a letter and contain only letters and numbers.

--resource-group -g

Name of resource group. You can configure the default group using az configure --defaults group=<name>.

--subscription

Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.

Global Parameters
--debug

Increase logging verbosity to show all debug logs.

--help -h

Show this help message and exit.

--only-show-errors

Only show errors, suppressing warnings.

--output -o

Output format.

Accepted values: json, jsonc, none, table, tsv, yaml, yamlc
Default value: json
--query

JMESPath query string. See http://jmespath.org/ for more information and examples.

--subscription

Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.

--verbose

Increase logging verbosity. Use --debug for full debug logs.