Skip to content

Commit 98241e7

Browse files
disreedhdisreedh
authored
[Hub Generated] Review request for Microsoft.Network to add version stable/2020-11-01 (#11353)
* Adds base for updating Microsoft.Network from version stable/2020-04-01 to version 2020-11-01 * Updates readme * Updates API version in new specs and examples * WAF API update 20201101 * Add WAF SKU 20201101 * WAF SKU is optional * WAF SKU description updated * v20201101 WAF API changes * clean up ManagedRuleSet * fix json validation * fix examples
1 parent 9b39fcc commit 98241e7

File tree

8 files changed

+2000
-11
lines changed

8 files changed

+2000
-11
lines changed

specification/frontdoor/resource-manager/Microsoft.Network/stable/2020-11-01/examples/WafListManagedRuleSets.json

Lines changed: 69 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,69 @@
1+
{
2+
"parameters": {
3+
"api-version": "2020-11-01",
4+
"subscriptionId": "subid"
5+
},
6+
"responses": {
7+
"200": {
8+
"body": {
9+
"value": [
10+
{
11+
"name": "DefaultRuleSet_1.0",
12+
"id": "/subscriptions/subid/providers/Microsoft.Network/FrontDoorWebApplicationFirewallManagedRuleSets",
13+
"type": "Microsoft.Network/frontdoorwebapplicationfirewallmanagedrulesets",
14+
"properties": {
15+
"provisioningState": "Succeeded",
16+
"ruleSetId": "8125d145-ddc5-4d90-9bc3-24c5f2de69a2",
17+
"ruleSetType": "DefaultRuleSet",
18+
"ruleSetVersion": "1.0",
19+
"ruleGroups": [
20+
{
21+
"ruleGroupName": "SQLI",
22+
"description": "SQL injection",
23+
"rules": [
24+
{
25+
"ruleId": "942100",
26+
"description": "SQL Injection Attack Detected via libinjection",
27+
"defaultState": "Enabled",
28+
"defaultAction": "Block"
29+
},
30+
{
31+
"ruleId": "942110",
32+
"description": "SQL Injection Attack: Common Injection Testing Detected",
33+
"defaultState": "Enabled",
34+
"defaultAction": "Block"
35+
}
36+
]
37+
},
38+
{
39+
"ruleGroupName": "XSS",
40+
"description": "Cross-site scripting",
41+
"rules": [
42+
{
43+
"ruleId": "941100",
44+
"description": "XSS Attack Detected via libinjection",
45+
"defaultState": "Enabled",
46+
"defaultAction": "Block"
47+
},
48+
{
49+
"ruleId": "941101",
50+
"description": "XSS Attack Detected via libinjection",
51+
"defaultState": "Enabled",
52+
"defaultAction": "Block"
53+
},
54+
{
55+
"ruleId": "941110",
56+
"description": "XSS Filter - Category 1: Script Tag Vector",
57+
"defaultState": "Enabled",
58+
"defaultAction": "Block"
59+
}
60+
]
61+
}
62+
]
63+
}
64+
}
65+
]
66+
}
67+
}
68+
}
69+
}

specification/frontdoor/resource-manager/Microsoft.Network/stable/2020-11-01/examples/WafListPolicies.json

Lines changed: 133 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,133 @@
1+
{
2+
"parameters": {
3+
"api-version": "2020-11-01",
4+
"subscriptionId": "subid",
5+
"resourceGroupName": "rg1"
6+
},
7+
"responses": {
8+
"200": {
9+
"body": {
10+
"value": [
11+
{
12+
"name": "Policy1",
13+
"id": "/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/FrontDoorWebApplicationFirewallPolicies/Policy1",
14+
"type": "Microsoft.Network/frontdoorwebapplicationfirewallpolicies",
15+
"tags": {
16+
"key1": "value1",
17+
"key2": "value2"
18+
},
19+
"location": "WestUs",
20+
"sku": {
21+
"name": "Classic_AzureFrontDoor"
22+
},
23+
"properties": {
24+
"resourceState": "Enabled",
25+
"provisioningState": "Succeeded",
26+
"policySettings": {
27+
"enabledState": "Enabled",
28+
"mode": "Prevention",
29+
"redirectUrl": "http://www.bing.com",
30+
"customBlockResponseStatusCode": 499,
31+
"customBlockResponseBody": "PGh0bWw+CjxoZWFkZXI+PHRpdGxlPkhlbGxvPC90aXRsZT48L2hlYWRlcj4KPGJvZHk+CkhlbGxvIHdvcmxkCjwvYm9keT4KPC9odG1sPg=="
32+
},
33+
"customRules": {
34+
"rules": [
35+
{
36+
"name": "Rule1",
37+
"priority": 1,
38+
"enabledState": "Enabled",
39+
"ruleType": "RateLimitRule",
40+
"rateLimitDurationInMinutes": 0,
41+
"rateLimitThreshold": 1000,
42+
"matchConditions": [
43+
{
44+
"matchVariable": "RemoteAddr",
45+
"selector": null,
46+
"operator": "IPMatch",
47+
"negateCondition": false,
48+
"matchValue": [
49+
"192.168.1.0/24",
50+
"10.0.0.0/24"
51+
],
52+
"transforms": []
53+
}
54+
],
55+
"action": "Block"
56+
},
57+
{
58+
"name": "Rule2",
59+
"priority": 2,
60+
"enabledState": "Enabled",
61+
"ruleType": "MatchRule",
62+
"rateLimitDurationInMinutes": 0,
63+
"rateLimitThreshold": 0,
64+
"matchConditions": [
65+
{
66+
"matchVariable": "RemoteAddr",
67+
"selector": null,
68+
"operator": "GeoMatch",
69+
"negateCondition": false,
70+
"matchValue": [
71+
"CH"
72+
]
73+
},
74+
{
75+
"matchVariable": "RequestHeader",
76+
"selector": "UserAgent",
77+
"operator": "Contains",
78+
"negateCondition": false,
79+
"matchValue": [
80+
"windows"
81+
],
82+
"transforms": [
83+
"Lowercase"
84+
]
85+
}
86+
],
87+
"action": "Block"
88+
}
89+
]
90+
},
91+
"managedRules": {
92+
"managedRuleSets": [
93+
{
94+
"ruleSetType": "DefaultRuleSet",
95+
"ruleSetVersion": "1.0",
96+
"exclusions": [
97+
{
98+
"matchVariable": "RequestHeaderNames",
99+
"selectorMatchOperator": "Equals",
100+
"selector": "User-Agent"
101+
}
102+
],
103+
"ruleGroupOverrides": [
104+
{
105+
"ruleGroupName": "SQLI",
106+
"rules": [
107+
{
108+
"ruleId": "942100",
109+
"enabledState": "Enabled",
110+
"action": "Redirect"
111+
},
112+
{
113+
"ruleId": "942110",
114+
"enabledState": "Disabled"
115+
}
116+
]
117+
}
118+
]
119+
}
120+
]
121+
},
122+
"frontendEndpointLinks": [
123+
{
124+
"id": "/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/frontdoors/fd1/frontendendpoints/fd1-azurefd-net"
125+
}
126+
]
127+
}
128+
}
129+
]
130+
}
131+
}
132+
}
133+
}

0 commit comments

Comments
 (0)