From 6a44eadec24da3de63cc6c0f79c8aa16d5ca6ce5 Mon Sep 17 00:00:00 2001 From: Dmitry Iovev Date: Fri, 6 Dec 2024 23:32:56 +0700 Subject: [PATCH 1/4] Adds point in attack_rechecker_rewrite import --- wallarm/resource_rule_attack_rechecker_rewrite.go | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/wallarm/resource_rule_attack_rechecker_rewrite.go b/wallarm/resource_rule_attack_rechecker_rewrite.go index e410481..8213bea 100644 --- a/wallarm/resource_rule_attack_rechecker_rewrite.go +++ b/wallarm/resource_rule_attack_rechecker_rewrite.go @@ -410,6 +410,10 @@ func resourceWallarmAttackRecheckerRewriteImport(d *schema.ResourceData, m inter } } + pointInterface := (*actionHints.Body)[0].Point + point := wrapPointElements(pointInterface) + d.Set("point", point) + d.Set("rules", (*actionHints.Body)[0].Rules) existingID := fmt.Sprintf("%d/%d/%d", clientID, actionID, ruleID) From 4f1f3548b7dcf3835c17e84922e76820dfd3da47 Mon Sep 17 00:00:00 2001 From: Dmitry Iovev Date: Sat, 7 Dec 2024 01:55:13 +0700 Subject: [PATCH 2/4] Fixes regex_id --- wallarm/resource_rule_ignore_regex.go | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/wallarm/resource_rule_ignore_regex.go b/wallarm/resource_rule_ignore_regex.go index 3edfb1d..3dbe4e8 100644 --- a/wallarm/resource_rule_ignore_regex.go +++ b/wallarm/resource_rule_ignore_regex.go @@ -230,6 +230,7 @@ func resourceWallarmIgnoreRegexCreate(d *schema.ResourceData, m interface{}) err d.Set("rule_id", actionResp.Body.ID) d.Set("action_id", actionResp.Body.ActionID) d.Set("rule_type", actionResp.Body.Type) + d.Set("regex_id", actionResp.Body.RegexID) resID := fmt.Sprintf("%d/%d/%d/%s", clientID, actionResp.Body.ActionID, actionResp.Body.ID, actionResp.Body.Type) d.SetId(resID) @@ -434,14 +435,14 @@ func resourceWallarmIgnoreRegexImport(d *schema.ResourceData, m interface{}) ([] if err := d.Set("action", &actionsSet); err != nil { return nil, err } - d.Set("regex_id", (*actionHints.Body)[0].RegexID) - } pointInterface := (*actionHints.Body)[0].Point point := wrapPointElements(pointInterface) d.Set("point", point) + d.Set("regex_id", (*actionHints.Body)[0].RegexID) + existingID := fmt.Sprintf("%d/%d/%d", clientID, actionID, ruleID) d.SetId(existingID) From 16331227d02768278f710a5f3a465242b8fea2c7 Mon Sep 17 00:00:00 2001 From: Dmitry Iovev Date: Sat, 7 Dec 2024 02:05:50 +0700 Subject: [PATCH 3/4] Fixes examples --- examples/wallarm_rule_attack_rechecker.tf | 4 +- examples/wallarm_rule_binary_data.tf | 4 +- examples/wallarm_rule_disable_attack_type.tf | 4 +- examples/wallarm_rule_ignore_regex.tf | 3 +- examples/wallarm_rule_masking.tf | 16 +++--- examples/wallarm_rule_mode.tf | 31 ++++++----- .../wallarm_rule_overlimit_res_settings.tf | 35 ++++++------ examples/wallarm_rule_parser_state.tf | 8 +-- examples/wallarm_rule_rate_limit.tf | 54 +++++++++++++------ examples/wallarm_rule_regex.tf | 4 +- examples/wallarm_rule_set_response_header.tf | 20 +++---- examples/wallarm_rule_uploads.tf | 4 +- examples/wallarm_rule_vpatch.tf | 40 +++++++------- 13 files changed, 120 insertions(+), 107 deletions(-) diff --git a/examples/wallarm_rule_attack_rechecker.tf b/examples/wallarm_rule_attack_rechecker.tf index 67473b9..9bf8cc5 100644 --- a/examples/wallarm_rule_attack_rechecker.tf +++ b/examples/wallarm_rule_attack_rechecker.tf @@ -1,9 +1,9 @@ resource "wallarm_rule_attack_rechecker" "disable_rechecker" { - enabled = false + enabled = false action { point = { - instance = 6 + "instance" = 6 } } diff --git a/examples/wallarm_rule_binary_data.tf b/examples/wallarm_rule_binary_data.tf index 555bfc4..b88db81 100644 --- a/examples/wallarm_rule_binary_data.tf +++ b/examples/wallarm_rule_binary_data.tf @@ -3,8 +3,8 @@ resource "wallarm_rule_binary_data" "binary" { type = "iequal" value = "binary.wallarm.com" point = { - header = "HOST" + "header" = "HOST" } } - point = [["post"],["form_urlencoded","query"]] + point = [["post"], ["form_urlencoded", "query"]] } diff --git a/examples/wallarm_rule_disable_attack_type.tf b/examples/wallarm_rule_disable_attack_type.tf index 29b636a..64cb4eb 100644 --- a/examples/wallarm_rule_disable_attack_type.tf +++ b/examples/wallarm_rule_disable_attack_type.tf @@ -3,9 +3,9 @@ resource "wallarm_rule_disable_attack_type" "ignore_attack" { type = "iequal" value = "attack-types.wallarm.com" point = { - header = "HOST" + "header" = "HOST" } } - point = [["post"],["form_urlencoded","query"]] + point = [["post"], ["form_urlencoded", "query"]] attack_type = "sqli" } diff --git a/examples/wallarm_rule_ignore_regex.tf b/examples/wallarm_rule_ignore_regex.tf index c9b6ece..9042aee 100644 --- a/examples/wallarm_rule_ignore_regex.tf +++ b/examples/wallarm_rule_ignore_regex.tf @@ -1,6 +1,5 @@ resource "wallarm_rule_ignore_regex" "ingore_regex" { regex_id = 100365 - action { - } + point = [["header", "X-LOGIN"]] } diff --git a/examples/wallarm_rule_masking.tf b/examples/wallarm_rule_masking.tf index 30ea5fc..5510698 100644 --- a/examples/wallarm_rule_masking.tf +++ b/examples/wallarm_rule_masking.tf @@ -2,7 +2,7 @@ resource "wallarm_rule_masking" "dvwa_sensitive" { action { point = { - instance = 5 + "instance" = 5 } } @@ -14,21 +14,21 @@ resource "wallarm_rule_masking" "masking_header" { action { type = "absent" point = { - path = 0 + "path" = 0 } } action { type = "equal" point = { - action_name = "masking" + "action_name" = "masking" } } action { type = "absent" point = { - action_ext = "" + "action_ext" = "" } } point = [["header", "X-KEY"]] @@ -39,22 +39,22 @@ resource "wallarm_rule_masking" "masking_json" { action { type = "absent" point = { - path = 0 + "path" = 0 } } action { type = "equal" point = { - action_name = "masking" + "action_name" = "masking" } } action { type = "absent" point = { - action_ext = "" + "action_ext" = "" } } - point = [["post"],["json_doc"],["hash", "field"]] + point = [["post"], ["json_doc"], ["hash", "field"]] } \ No newline at end of file diff --git a/examples/wallarm_rule_mode.tf b/examples/wallarm_rule_mode.tf index a855ee2..0f4cb5c 100644 --- a/examples/wallarm_rule_mode.tf +++ b/examples/wallarm_rule_mode.tf @@ -1,10 +1,9 @@ - resource "wallarm_rule_mode" "wp_mode" { - mode = "block" + mode = "block" action { point = { - instance = 6 + "instance" = 6 } } @@ -12,7 +11,7 @@ resource "wallarm_rule_mode" "wp_mode" { type = "iequal" value = "monitor" point = { - path = 0 + "path" = 0 } } @@ -20,37 +19,37 @@ resource "wallarm_rule_mode" "wp_mode" { type = "equal" value = "admin" point = { - query = "user" + "query" = "user" } } } resource "wallarm_rule_mode" "tiredful_api_mode" { - mode = "monitoring" + mode = "monitoring" action { point = { - instance = "9" + "instance" = 9 } } action { type = "equal" point = { - action_name = "formmail" + "action_name" = "formmail" } } } resource "wallarm_rule_mode" "ad_mode" { - mode = "default" + mode = "default" action { type = "equal" value = "api" point = { - path = 0 + "path" = 0 } } @@ -58,26 +57,26 @@ resource "wallarm_rule_mode" "ad_mode" { type = "equal" value = "active-directory" point = { - path = 1 + "path" = 1 } } } resource "wallarm_rule_mode" "dvwa_mode" { - mode = "block" + mode = "block" action { - type = "equal" + type = "iequal" value = "dvwa.wallarm-demo.com" point = { - header = "HOST" + "header" = "HOST" } } action { type = "equal" point = { - method = "GET" + "method" = "GET" } } -} +} \ No newline at end of file diff --git a/examples/wallarm_rule_overlimit_res_settings.tf b/examples/wallarm_rule_overlimit_res_settings.tf index 1128e29..bcfebc0 100644 --- a/examples/wallarm_rule_overlimit_res_settings.tf +++ b/examples/wallarm_rule_overlimit_res_settings.tf @@ -1,23 +1,22 @@ -resource "wallarm_overlimit_res_settings_rule" "example_overlimit_res_settings" { - comment = "Example overlimit res settings rule" - - action = { - type = "equal" - value = "example_value" +resource "wallarm_rule_overlimit_res_settings" "example_overlimit_res_settings" { + action { point = { - header = ["X-Example-Header"] - method = "GET" - path = 10 - action_name = "example_action" - action_ext = "example_extension" - query = "example_query" - proto = "HTTP/1.1" - scheme = "https" - uri = "/example_uri" - instance = 1 + "path" = 0 } + type = "absent" } - + action { + point = { + "action_name" = "upload" + } + type = "equal" + } + action { + point = { + "action_ext" = "" + } + type = "absent" + } + mode = "blocking" overlimit_time = 2000 - mode = "monitoring" } \ No newline at end of file diff --git a/examples/wallarm_rule_parser_state.tf b/examples/wallarm_rule_parser_state.tf index 12f4c5c..0e11118 100644 --- a/examples/wallarm_rule_parser_state.tf +++ b/examples/wallarm_rule_parser_state.tf @@ -3,7 +3,7 @@ resource "wallarm_rule_parser_state" "enable_base64_parser" { type = "iequal" value = "parsers.wallarm.com" point = { - header = "HOST" + "header" = "HOST" } } point = [["post"]] @@ -11,8 +11,8 @@ resource "wallarm_rule_parser_state" "enable_base64_parser" { state = "enabled" } -resource "wallarm_rule_parser_state" "disable_gzip_parser" { - point = [["header","HOST"],["pollution"]] - parser = "gzip" +resource "wallarm_rule_parser_state" "disable_htmljs_parser" { + point = [["header", "COOKIE"], ["cookie_all"]] + parser = "htmljs" state = "disabled" } diff --git a/examples/wallarm_rule_rate_limit.tf b/examples/wallarm_rule_rate_limit.tf index 1514023..87877c5 100644 --- a/examples/wallarm_rule_rate_limit.tf +++ b/examples/wallarm_rule_rate_limit.tf @@ -1,24 +1,46 @@ -resource "wallarm_rate_limit" "example" { - comment = "Example rate limit rule" +resource "wallarm_rule_rate_limit" "rate_limit" { + comment = "Example rate limit rule" - action = { - type = "equal" - value = "example_value" + action { + type = "iequal" + value = "example.com" point = { - header = ["X-Example-Header"] - method = "GET" - path = 10 - action_name = "example_action" - action_ext = "example_extension" - query = "example_query" - proto = "HTTP/1.1" - scheme = "https" - uri = "/example_uri" - instance = 1 + "header" = "HOST" + } + } + action { + type = "equal" + value = "api" + point = { + "path" = 0 + } + } + action { + type = "equal" + value = "logon" + point = { + "path" = 1 + } + } + action { + type = "equal" + point = { + "method" = "POST" + } + } + action { + point = { + "instance" = 1 + } + } + action { + type = "equal" + point = { + "scheme" = "https" } } - point = ["example_point_1", "example_point_2"] + point = [["post"], ["json_doc"], ["hash", "enter"]] delay = 100 burst = 200 diff --git a/examples/wallarm_rule_regex.tf b/examples/wallarm_rule_regex.tf index 9147713..ce1177a 100644 --- a/examples/wallarm_rule_regex.tf +++ b/examples/wallarm_rule_regex.tf @@ -1,13 +1,13 @@ resource "wallarm_rule_regex" "regex" { regex = "[^0-9a-f]|^.{33,}$|^.{0,31}$" experimental = true - attack_type = "redir" + attack_type = "redir" action { type = "iequal" value = "tiredful-api.wallarm-demo.com" point = { - header = "HOST" + "header" = "HOST" } } point = [["header", "X-AUTHENTICATION"]] diff --git a/examples/wallarm_rule_set_response_header.tf b/examples/wallarm_rule_set_response_header.tf index 8ec3b27..4d055b8 100644 --- a/examples/wallarm_rule_set_response_header.tf +++ b/examples/wallarm_rule_set_response_header.tf @@ -3,29 +3,23 @@ resource "wallarm_rule_set_response_header" "resp_headers" { action { point = { - instance = 6 + "instance" = 6 } } - headers = { - Server = "Wallarm" - Blocked = "Yes, you are" - } - + name = "Server" + values = ["Wallarm", "Yes, you are blocked"] } -resource "wallarm_rule_set_response_header" "resp_headers" { +resource "wallarm_rule_set_response_header" "resp_headers_waf" { mode = "append" action { point = { - instance = "6" + "instance" = 6 } } - headers = { - Server = "Wallarm WAF" - Blocked = "Wallarm Blocked" - } - + name = "WAF" + values = ["Wallarm Blocked"] } diff --git a/examples/wallarm_rule_uploads.tf b/examples/wallarm_rule_uploads.tf index bf68fcd..869242b 100644 --- a/examples/wallarm_rule_uploads.tf +++ b/examples/wallarm_rule_uploads.tf @@ -3,9 +3,9 @@ resource "wallarm_rule_uploads" "allow_docs" { type = "iequal" value = "uploads.wallarm.com" point = { - header = "HOST" + "header" = "HOST" } } - point = [["post"],["form_urlencoded","query"]] + point = [["post"], ["form_urlencoded", "query"]] file_type = "docs" } diff --git a/examples/wallarm_rule_vpatch.tf b/examples/wallarm_rule_vpatch.tf index b6cf6b2..23a14bc 100644 --- a/examples/wallarm_rule_vpatch.tf +++ b/examples/wallarm_rule_vpatch.tf @@ -1,88 +1,88 @@ resource "wallarm_rule_vpatch" "default" { - attack_type = ["sqli"] + attack_type = "sqli" point = [["get_all"]] } resource "wallarm_rule_vpatch" "vpatch" { - attack_type = ["redir"] + attack_type = "redir" action { type = "iequal" value = "example.com" point = { - header = "HOST" + "header" = "HOST" } } action { type = "equal" value = "api" point = { - path = 0 + "path" = 0 } } action { type = "regex" value = "logon" point = { - path = 1 + "path" = 1 } } action { type = "equal" point = { - method = "POST" + "method" = "POST" } } action { point = { - instance = "1" + "instance" = 1 } } action { - type = "regex" + type = "equal" point = { - scheme = "https" + "scheme" = "https" } } - point = [["post"],["xml"],["hash","user"]] + point = [["post"], ["json_doc"], ["hash", "user"]] } resource "wallarm_rule_vpatch" "splunk" { - attack_type = ["sqli", "nosqli"] + attack_type = "sqli" action { type = "iequal" value = "splunk.wallarm-demo.com:88" point = { - header = "HOST" + "header" = "HOST" } } point = [["get_all"]] } resource "wallarm_rule_vpatch" "tiredful_api" { - attack_type = ["any"] + attack_type = "any" action { point = { - instance = "9" + "instance" = 9 } } action { type = "absent" point = { - path = 0 + "path" = 0 } } action { type = "equal" point = { - action_name = "formmail" + "action_name" = "formmail" } } action { type = "equal" point = { - action_ext = "cgi" + "action_ext" = "cgi" } } @@ -90,19 +90,19 @@ resource "wallarm_rule_vpatch" "tiredful_api" { } resource "wallarm_rule_vpatch" "env_sample" { - attack_type = ["any"] + attack_type = "any" action { type = "equal" point = { - action_name = ".env.sample" + "action_name" = ".env.sample" } } action { type = "equal" point = { - action_ext = "php" + "action_ext" = "php" } } From 1402f27da04cb7989dc7624c267006675d44cf8c Mon Sep 17 00:00:00 2001 From: Dmitry Iovev Date: Mon, 9 Dec 2024 13:24:22 +0700 Subject: [PATCH 4/4] Fixes docs and examples --- docs/resources/rule_attack_rechecker.md | 55 +++++++++- .../rule_attack_rechecker_rewrite.md | 55 +++++++++- docs/resources/rule_binary_data.md | 53 +++++++++ docs/resources/rule_disable_attack_type.md | 54 +++++++++ docs/resources/rule_ignore_regex.md | 52 +++++++++ docs/resources/rule_masking.md | 44 +++++++- docs/resources/rule_mode.md | 60 +++++++++- docs/resources/rule_overlimit_res_settings.md | 103 ++++++++++++++---- docs/resources/rule_parser_state.md | 59 +++++++++- docs/resources/rule_rate_limit.md | 102 +++++++++++++---- docs/resources/rule_regex.md | 62 ++++++++++- docs/resources/rule_set_response_header.md | 78 ++++++++++--- docs/resources/rule_uploads.md | 54 +++++++++ docs/resources/rule_vpatch.md | 60 +++++++++- examples/wallarm_rule_attack_rechecker.tf | 2 +- .../wallarm_rule_attack_rechecker_rewrite.tf | 2 +- examples/wallarm_rule_binary_data.tf | 2 +- examples/wallarm_rule_disable_attack_type.tf | 2 +- examples/wallarm_rule_masking.tf | 16 +-- examples/wallarm_rule_mode.tf | 18 +-- .../wallarm_rule_overlimit_res_settings.tf | 6 +- examples/wallarm_rule_parser_state.tf | 2 +- examples/wallarm_rule_rate_limit.tf | 12 +- examples/wallarm_rule_regex.tf | 2 +- examples/wallarm_rule_set_response_header.tf | 4 +- examples/wallarm_rule_uploads.tf | 2 +- examples/wallarm_rule_vpatch.tf | 26 ++--- 27 files changed, 860 insertions(+), 127 deletions(-) diff --git a/docs/resources/rule_attack_rechecker.md b/docs/resources/rule_attack_rechecker.md index ee588cc..0a6cc1a 100644 --- a/docs/resources/rule_attack_rechecker.md +++ b/docs/resources/rule_attack_rechecker.md @@ -19,7 +19,7 @@ This is because Terraform is designed to keep its configurations stable and not # Disables the attacks checking for requests sent to the application with ID 7 resource "wallarm_rule_attack_rechecker" "disable_rechecker" { - enabled = false + enabled = false action { point = { @@ -158,6 +158,57 @@ When `type` is `absent`, `point` must contain key with the default value. For `a * `rule_id` - ID of the created rule. * `action_id` - the action ID (The conditions to apply on request). -* `rule_type` - type of created rule. For example, `rule_type = "ignore_regex"`. +* `rule_type` - type of created rule. For example, `rule_type = "attack_rechecker"`. + +## Import + +The rule can be imported using a composite ID formed of client ID, action ID, rule ID and rule type. + +``` +$ terraform import wallarm_rule_attack_rechecker.disable_rechecker 6039/563855/11086881 +``` + +* `6039` - Client ID. +* `563855` - Action ID. +* `11086881` - Rule ID. +* `wallarm_rule_attack_rechecker` - Terraform resource rule type. + +### Import blocks + +The rule can be imported using Terraform import blocks. + +Resource block example: + +```hcl +resource "wallarm_rule_attack_rechecker" "disable_rechecker" { + action { + point = { + instance = 7 + } + } + enabled = false +} +``` + +Import block example: + +```hcl +import { + to = wallarm_rule_attack_rechecker.disable_rechecker + id = "6039/563855/11086881" +} +``` + +Before importing resources run: + +``` +$ terraform plan +``` + +If import looks good apply the configuration: + +``` +$ terraform apply +``` [1]: https://docs.wallarm.com/user-guides/rules/change-request-for-active-verification/#disabling-enabling-the-active-threat-verification-module diff --git a/docs/resources/rule_attack_rechecker_rewrite.md b/docs/resources/rule_attack_rechecker_rewrite.md index e524742..8f621ad 100644 --- a/docs/resources/rule_attack_rechecker_rewrite.md +++ b/docs/resources/rule_attack_rechecker_rewrite.md @@ -20,10 +20,14 @@ This is because Terraform is designed to keep its configurations stable and not # for all the verification tests resource "wallarm_rule_attack_rechecker_rewrite" "default_rewrite" { - rules = ["my.staging-application.com"] + rules = ["my.staging-application.com"] point = [["header", "HOST"]] } +resource "wallarm_rule_attack_rechecker_rewrite" "default_rewrite" { + rules = ["my.awesome-application.com"] + point = [["header", "HOST"]] +} ``` ## Argument Reference @@ -165,7 +169,54 @@ When `type` is `absent`, `point` must contain key with the default value. For `a * `rule_id` - ID of the created rule. * `action_id` - the action ID (The conditions to apply on request). -* `rule_type` - type of the created rule. For example, `rule_type = "ignore_regex"`. +* `rule_type` - type of the created rule. For example, `rule_type = "attack_rechecker_rewrite"`. + +## Import + +The rule can be imported using a composite ID formed of client ID, action ID, rule ID and rule type. + +``` +$ terraform import wallarm_rule_attack_rechecker_rewrite.default_rewrite 6039/563855/11086881 +``` + +* `6039` - Client ID. +* `563855` - Action ID. +* `11086881` - Rule ID. +* `wallarm_rule_attack_rechecker_rewrite` - Terraform resource rule type. + +### Import blocks + +The rule can be imported using Terraform import blocks. + +Resource block example: + +```hcl +resource "wallarm_rule_attack_rechecker_rewrite" "default_rewrite" { + point = [["header", "HOST"]] + rules = ["my.staging-application.com"] +} +``` + +Import block example: + +```hcl +import { + to = wallarm_rule_attack_rechecker_rewrite.default_rewrite + id = "6039/563855/11086881" +} +``` + +Before importing resources run: + +``` +$ terraform plan +``` + +If import looks good apply the configuration: + +``` +$ terraform apply +``` [1]: https://docs.wallarm.com/user-guides/rules/change-request-for-active-verification/#rewriting-the-request-before-attack-replaying [2]: https://docs.wallarm.com/user-guides/scanner/intro/#active-threat-verification diff --git a/docs/resources/rule_binary_data.md b/docs/resources/rule_binary_data.md index 22fb7bd..ed2d8d7 100644 --- a/docs/resources/rule_binary_data.md +++ b/docs/resources/rule_binary_data.md @@ -149,5 +149,58 @@ When `type` is `absent`, `point` must contain key with the default value. For `a * `action_id` - the action ID (The conditions to apply on request). * `rule_type` - type of the created rule. For example, `rule_type = "binary_data"`. +## Import + +The rule can be imported using a composite ID formed of client ID, action ID, rule ID and rule type. + +``` +$ terraform import wallarm_rule_binary_data.allow_bin_in_body 6039/563855/11086881 +``` + +* `6039` - Client ID. +* `563855` - Action ID. +* `11086881` - Rule ID. +* `wallarm_rule_binary_data` - Terraform resource rule type. + +### Import blocks + +The rule can be imported using Terraform import blocks. + +Resource block example: + +```hcl +resource "wallarm_rule_binary_data" "allow_bin_in_body" { + action { + point = { + header = "HOST" + } + type = "iequal" + value = "example.com" + } + point = [["post"]] +} +``` + +Import block example: + +```hcl +import { + to = wallarm_rule_binary_data.allow_bin_in_body + id = "6039/563855/11086881" +} +``` + +Before importing resources run: + +``` +$ terraform plan +``` + +If import looks good apply the configuration: + +``` +$ terraform apply +``` + [1]: https://docs.wallarm.com/user-guides/rules/ignore-attacks-in-binary-data/ [2]: https://docs.wallarm.com/installation/multi-tenant/overview/ diff --git a/docs/resources/rule_disable_attack_type.md b/docs/resources/rule_disable_attack_type.md index 84db902..94760d2 100644 --- a/docs/resources/rule_disable_attack_type.md +++ b/docs/resources/rule_disable_attack_type.md @@ -152,5 +152,59 @@ When `type` is `absent` * `action_id` - the action ID (The conditions to apply on request). * `rule_type` - type of the created rule. For example, `rule_type = "disable_attack_type"`. +## Import + +The rule can be imported using a composite ID formed of client ID, action ID, rule ID and rule type. + +``` +$ terraform import wallarm_rule_disable_attack_type.disable_sqli 6039/563855/11086881 +``` + +* `6039` - Client ID. +* `563855` - Action ID. +* `11086881` - Rule ID. +* `wallarm_rule_disable_attack_type` - Terraform resource rule type. + +### Import blocks + +The rule can be imported using Terraform import blocks. + +Resource block example: + +```hcl +resource "wallarm_rule_disable_attack_type" "disable_sqli" { + action { + point = { + header = "HOST" + } + type = "iequal" + value = "example.com" + } + point = [["get_all"]] + attack_type = "sqli" +} +``` + +Import block example: + +```hcl +import { + to = wallarm_rule_disable_attack_type.disable_sqli + id = "6039/563855/11086881" +} +``` + +Before importing resources run: + +``` +$ terraform plan +``` + +If import looks good apply the configuration: + +``` +$ terraform apply +``` + [1]: https://docs.wallarm.com/user-guides/rules/ignore-attack-types/ [2]: https://docs.wallarm.com/installation/multi-tenant/overview/ diff --git a/docs/resources/rule_ignore_regex.md b/docs/resources/rule_ignore_regex.md index bff8fa1..cf0b7e1 100644 --- a/docs/resources/rule_ignore_regex.md +++ b/docs/resources/rule_ignore_regex.md @@ -198,5 +198,57 @@ When `type` is `absent`, `point` must contain key with the default value. For `a * `action_id` - the action ID (The conditions to apply on request). * `rule_type` - type of the created rule. For example, `rule_type = "ignore_regex"`. +## Import + +The rule can be imported using a composite ID formed of client ID, action ID, rule ID and rule type. + +``` +$ terraform import wallarm_rule_ignore_regex.ignore_regex 6039/563855/11086881 +``` + +* `6039` - Client ID. +* `563855` - Action ID. +* `11086881` - Rule ID. +* `wallarm_rule_ignore_regex` - Terraform resource rule type. + +### Import blocks + +The rule can be imported using Terraform import blocks. + +Resource block example: + +```hcl +resource "wallarm_rule_ignore_regex" "ignore_regex" { + action { + point = { + instance = 5 + } + } + point = [["uri"]] + regex_id = 40671 +} +``` + +Import block example: + +```hcl +import { + to = wallarm_rule_ignore_regex.ignore_regex + id = "6039/563855/11086881" +} +``` + +Before importing resources run: + +``` +$ terraform plan +``` + +If import looks good apply the configuration: + +``` +$ terraform apply +``` + [1]: https://docs.wallarm.com/user-guides/rules/regex-rule/#partial-disabling-of-a-new-detection-rule [2]: https://docs.wallarm.com/installation/multi-tenant/overview/ diff --git a/docs/resources/rule_masking.md b/docs/resources/rule_masking.md index 2aac2b7..0bd5dc4 100644 --- a/docs/resources/rule_masking.md +++ b/docs/resources/rule_masking.md @@ -52,7 +52,7 @@ resource "wallarm_rule_masking" "masking_json" { } } - point = [["post"],["json_doc"],["hash", "field"]] + point = [["post"], ["json_doc"], ["hash", "field"]] } ``` @@ -188,20 +188,56 @@ When `type` is `absent`, `point` must contain key with the default value. For `a * `rule_id` - ID of the created rule. * `action_id` - the action ID (The conditions to apply on request). -* `rule_type` - type of created rule. For example, `rule_type = "ignore_regex"`. +* `rule_type` - type of created rule. For example, `rule_type = "sensitive_data"`. ## Import The rule can be imported using a composite ID formed of client ID, action ID, rule ID and rule type. ``` -$ terraform import wallarm_rule_masking.masking_json 6039/563855/11086881/wallarm_rule_masking +$ terraform import wallarm_rule_masking.masking_header 6039/563855/11086881 ``` * `6039` - Client ID. * `563855` - Action ID. * `11086881` - Rule ID. -* `wallarm_rule_masking` - Rule type. +* `wallarm_rule_masking` - Terraform resource rule type. + +### Import blocks + +Resource block example: + +```hcl +resource "wallarm_rule_masking" "masking_header" { + action { + point = { + instance = 1 + } + } + point = [["header","AUTHORIZATION"]] +} +``` + +Import block example: + +```hcl +import { + to = wallarm_rule_masking.masking_header + id = "6039/563855/11086881" +} +``` + +Before importing resources run: + +``` +$ terraform plan +``` + +If import looks good apply the configuration: + +``` +$ terraform apply +``` [1]: https://docs.wallarm.com/user-guides/rules/sensitive-data-rule/ [2]: https://docs.wallarm.com/installation/multi-tenant/overview/ diff --git a/docs/resources/rule_mode.md b/docs/resources/rule_mode.md index c21f2b7..e7d96fb 100644 --- a/docs/resources/rule_mode.md +++ b/docs/resources/rule_mode.md @@ -29,7 +29,7 @@ resource "wallarm_rule_mode" "tiredful_api_mode" { } action { - type = "regex" + type = "equal" point = { scheme = "https" } @@ -159,20 +159,68 @@ When `type` is `absent`, `point` must contain key with the default value. For `a * `rule_id` - ID of the created rule. * `action_id` - the action ID (The conditions to apply on request). -* `rule_type` - TType of the created rule. For example, `rule_type = "ignore_regex"`. +* `rule_type` - TType of the created rule. For example, `rule_type = "wallarm_mode"`. ## Import The rule can be imported using a composite ID formed of client ID, action ID, rule ID and rule type. +ID should end with a wallarm_mode value. + ``` -$ terraform import wallarm_rule_mode.tiredful_api_mode 6039/563854/11086884/wallarm_rule_mode +$ terraform import wallarm_rule_mode.api_mode 6039/563855/11086881/monitoring ``` * `6039` - Client ID. -* `563854` - Action ID. -* `11086884` - Rule ID. -* `wallarm_rule_mode` - Rule type. +* `563855` - Action ID. +* `11086881` - Rule ID. +* `wallarm_rule_mode` - Terraform resource rule type. +* `monitoring` - Wallarm mode. + +### Import blocks + +The rule can be imported using Terraform import blocks. + +Resource block example: + +```hcl +resource "wallarm_rule_mode" "api_mode" { + action { + point = { + path = 0 + } + type = "equal" + value = "api" + } + action { + point = { + instance = 9 + } + } + mode = "monitoring" +} +``` + +Import block example: + +```hcl +import { + to = wallarm_rule_mode.api_mode + id = "6039/563855/11086881/monitoring" +} +``` + +Before importing resources run: + +``` +$ terraform plan +``` + +If import looks good apply the configuration: + +``` +$ terraform apply +``` [1]: https://docs.wallarm.com/user-guides/rules/wallarm-mode-rule/ [2]: https://docs.wallarm.com/installation/multi-tenant/overview/ diff --git a/docs/resources/rule_overlimit_res_settings.md b/docs/resources/rule_overlimit_res_settings.md index 70fecb3..db1f01b 100644 --- a/docs/resources/rule_overlimit_res_settings.md +++ b/docs/resources/rule_overlimit_res_settings.md @@ -15,28 +15,27 @@ This rule enables you with setting up a custom time limit for a single request p ## Example Usage ```hcl -resource "wallarm_overlimit_res_settings_rule" "example_overlimit_res_settings" { - comment = "Example overlimit res settings rule" - - action = { - type = "equal" - value = "example_value" +resource "wallarm_rule_overlimit_res_settings" "example_overlimit_res_settings" { + action { point = { - header = ["X-Example-Header"] - method = "GET" - path = 10 - action_name = "example_action" - action_ext = "example_extension" - query = "example_query" - proto = "HTTP/1.1" - scheme = "https" - uri = "/example_uri" - instance = 1 + path = 0 } + type = "absent" } - + action { + point = { + action_name = "upload" + } + type = "equal" + } + action { + point = { + action_ext = "" + } + type = "absent" + } + mode = "blocking" overlimit_time = 2000 - mode = "monitoring" } ``` @@ -161,9 +160,73 @@ When `type` is `absent`, `point` must contain key with the default value. For `a ## Attributes Reference * `rule_id` - ID of the created rule. -* `counter` - Name of the counter. Randomly generated, but always starts with `d:`. * `action_id` - the action ID (The conditions to apply on request). -* `rule_type` - type of the created rule. For example, `rule_type = "dirbust_counter"`. +* `rule_type` - type of the created rule. For example, `rule_type = "overlimit_res_settings"`. + +## Import + +The rule can be imported using a composite ID formed of client ID, action ID, rule ID and rule type. + +``` +$ terraform import wallarm_rule_overlimit_res_settings.uploads_overlimit 6039/563855/11086881 +``` + +* `6039` - Client ID. +* `563855` - Action ID. +* `11086881` - Rule ID. +* `wallarm_rule_overlimit_res_settings` - Terraform resource rule type. + +### Import blocks + +The rule can be imported using Terraform import blocks. + +Resource block example: + +```hcl +resource "wallarm_rule_overlimit_res_settings" "uploads_overlimit" { + action { + point = { + action_ext = "" + } + type = "absent" + } + action { + point = { + action_name = "upload" + } + type = "equal" + } + action { + point = { + path = 0 + } + type = "absent" + } + mode = "blocking" + overlimit_time = 2000 +} +``` + +Import block example: + +```hcl +import { + to = wallarm_rule_overlimit_res_settings.uploads_overlimit + id = "6039/563855/11086881" +} +``` + +Before importing resources run: + +``` +$ terraform plan +``` + +If import looks good apply the configuration: + +``` +$ terraform apply +``` [1]: https://docs.wallarm.com/installation/multi-tenant/overview/ diff --git a/docs/resources/rule_parser_state.md b/docs/resources/rule_parser_state.md index 9c2307d..962dcf8 100644 --- a/docs/resources/rule_parser_state.md +++ b/docs/resources/rule_parser_state.md @@ -16,7 +16,7 @@ This is because Terraform is designed to keep its configurations stable and not ## Example Usage ```hcl -resource "wallarm_rule_parser_state" "disable_xml_parsing" { +resource "wallarm_rule_parser_state" "disable_htmljs_parsing" { action { type = "iequal" value = "example.com" @@ -25,7 +25,7 @@ resource "wallarm_rule_parser_state" "disable_xml_parsing" { } } point = [["get_all"]] - parser = "xml" + parser = "htmljs" state = "disabled" } ``` @@ -153,5 +153,60 @@ When `type` is `absent`, `point` must contain key with the default value. For `a * `action_id` - the action ID (The conditions to apply on request). * `rule_type` - type of the created rule. For example, `rule_type = "parser_state"`. +## Import + +The rule can be imported using a composite ID formed of client ID, action ID, rule ID and rule type. + +``` +$ terraform import wallarm_rule_parser_state.disable_htmljs_parsing 6039/563855/11086881 +``` + +* `6039` - Client ID. +* `563855` - Action ID. +* `11086881` - Rule ID. +* `wallarm_rule_parser_state` - Terraform resource rule type. + +### Import blocks + +The rule can be imported using Terraform import blocks. + +Resource block example: + +```hcl +resource "wallarm_rule_parser_state" "disable_htmljs_parsing" { + action { + point = { + header = "HOST" + } + type = "iequal" + value = "example.com" + } + point = [["get_all"]] + parser = "htmljs" + state = "disabled" +} +``` + +Import block example: + +```hcl +import { + to = wallarm_rule_parser_state.disable_htmljs_parsing + id = "6039/563855/11086881" +} +``` + +Before importing resources run: + +``` +$ terraform plan +``` + +If import looks good apply the configuration: + +``` +$ terraform apply +``` + [1]: https://docs.wallarm.com/user-guides/rules/disable-request-parsers/ [2]: https://docs.wallarm.com/installation/multi-tenant/overview/ diff --git a/docs/resources/rule_rate_limit.md b/docs/resources/rule_rate_limit.md index 5fc06a5..05b345c 100644 --- a/docs/resources/rule_rate_limit.md +++ b/docs/resources/rule_rate_limit.md @@ -1,12 +1,12 @@ --- layout: "wallarm" -page_title: "Wallarm: wallarm_rate_limit" +page_title: "Wallarm: wallarm_rule_rate_limit" subcategory: "Rule" description: |- Provides the "Rate Limit" rule resource. --- -# wallarm_rate_limit +# wallarm_rule_rate_limit Wallarm provides the Set rate limit rule to help prevent excessive traffic to your API. This rule enables you to specify the maximum number of connections that can be made to a particular scope, while also ensuring that incoming requests are evenly distributed. If a request exceeds the defined limit, Wallarm rejects it and returns the code you selected in the rule. @@ -15,27 +15,21 @@ Wallarm provides the Set rate limit rule to help prevent excessive traffic to yo ## Example Usage ```hcl -resource "wallarm_rate_limit" "example" { - comment = "Example rate limit rule" - - action = { - type = "equal" - value = "example_value" +resource "wallarm_rule_rate_limit" "rate_limit_api" { + action { + type = "equal" + value = "api" point = { - header = ["X-Example-Header"] - method = "GET" - path = 10 - action_name = "example_action" - action_ext = "example_extension" - query = "example_query" - proto = "HTTP/1.1" - scheme = "https" - uri = "/example_uri" - instance = 1 + path = 0 + } + } + action { + point = { + instance = 1 } } - point = ["example_point_1", "example_point_2"] + point = [["post"], ["json_doc"], ["hash", "email"]] delay = 100 burst = 200 @@ -129,7 +123,7 @@ Example: } action { - type = "regex" + type = "equal" point = { action_name = "masking" } @@ -169,9 +163,73 @@ When `type` is `absent`, `point` must contain key with the default value. For `a ## Attributes Reference * `rule_id` - ID of the created rule. -* `counter` - Name of the counter. Randomly generated, but always starts with `d:`. * `action_id` - the action ID (The conditions to apply on request). -* `rule_type` - type of the created rule. For example, `rule_type = "dirbust_counter"`. +* `rule_type` - type of the created rule. For example, `rule_type = "rate_limit"`. + +## Import + +The rule can be imported using a composite ID formed of client ID, action ID, rule ID and rule type. + +``` +$ terraform import wallarm_rule_rate_limit.rate_limit_api 6039/563855/11086881 +``` + +* `6039` - Client ID. +* `563855` - Action ID. +* `11086881` - Rule ID. +* `wallarm_rule_rate_limit` - Terraform resource rule type. + +### Import blocks + +The rule can be imported using Terraform import blocks. + +Resource block example: + +```hcl +resource "wallarm_rule_rate_limit" "rate_limit_api" { + action { + type = "equal" + value = "api" + point = { + path = 0 + } + } + action { + point = { + instance = 1 + } + } + + point = [["post"], ["json_doc"], ["hash", "email"]] + + delay = 10 + burst = 5 + rate = 10 + rsp_status = 404 + time_unit = "rps" +} +``` + +Import block example: + +```hcl +import { + to = wallarm_rule_rate_limit.rate_limit_api + id = "6039/563855/11086881" +} +``` + +Before importing resources run: + +``` +$ terraform plan +``` + +If import looks good apply the configuration: + +``` +$ terraform apply +``` [1]: https://docs.wallarm.com/installation/multi-tenant/overview/ diff --git a/docs/resources/rule_regex.md b/docs/resources/rule_regex.md index 05a12d5..45f7d67 100644 --- a/docs/resources/rule_regex.md +++ b/docs/resources/rule_regex.md @@ -28,7 +28,6 @@ This is because Terraform is designed to keep its configurations stable and not ## Example Usage ```hcl - # Creates the rule to mark the requests sent to front.example.com # with the URI value matching the regex ".*curltool.*" as # non-experimental "vpatch" attacks @@ -202,8 +201,67 @@ When `type` is `absent`, `point` must contain key with the default value. For `a * `rule_id` - ID of the created rule. * `action_id` - the action ID (The conditions to apply on request). -* `rule_type` - type of the created rule. For example, `rule_type = "ignore_regex"`. +* `rule_type` - type of the created rule. For example, `rule_type = "regex"`. * `regex_id` - ID of the specified regular expression. +## Import + +The rule can be imported using a composite ID formed of client ID, action ID, rule ID and rule type. + +ID should end with a rule type, which depends on experimental mode. The values are: `experimental_regex` or `regex` respectively. + +``` +$ terraform import wallarm_rule_regex.regex_curltool 6039/563855/11086881/regex +``` + +* `6039` - Client ID. +* `563855` - Action ID. +* `11086881` - Rule ID. +* `wallarm_rule_regex` - Terraform resource rule type. +* `regex` - Rule type. + +### Import blocks + +The rule can be imported using Terraform import blocks. + +Resource block example: + +```hcl +resource "wallarm_rule_regex" "regex_curltool" { + action { + point = { + header = "HOST" + } + type = "iequal" + value = "front.example.com" + } + point = [["uri"]] + attack_type = "vpatch" + regex = ".*curltool.*" + experimental = false +} +``` + +Import block example: + +```hcl +import { + to = wallarm_rule_regex.regex_curltool + id = "6039/563855/11086881/regex" +} +``` + +Before importing resources run: + +``` +$ terraform plan +``` + +If import looks good apply the configuration: + +``` +$ terraform apply +``` + [1]: https://docs.wallarm.com/user-guides/rules/regex-rule/ [2]: https://docs.wallarm.com/installation/multi-tenant/overview/ diff --git a/docs/resources/rule_set_response_header.md b/docs/resources/rule_set_response_header.md index dd7042f..149cd3a 100644 --- a/docs/resources/rule_set_response_header.md +++ b/docs/resources/rule_set_response_header.md @@ -20,35 +20,28 @@ This is because Terraform is designed to keep its configurations stable and not # and the "Server" header with the "Blocked by Wallarm" value # to the requests sent to the application with ID 3 -resource "wallarm_rule_set_response_header" "resp_headers" { +resource "wallarm_rule_set_response_header" "resp_header" { mode = "append" - name = "Server" action { point = { instance = 3 } } - - values = { - "Wallarm solution" - "Blocked by Wallarm" - } + name = "Server" + values = ["Wallarm solution", "Blocked by Wallarm"] } ``` ```hcl -# Deletes the "Wallarm component" header +# Deletes the "Wallarm" header resource "wallarm_rule_set_response_header" "delete_header" { mode = "replace" - name = "Wallarm component" - - values = { - " " - } + name = "Wallarm" + values = [""] } ``` @@ -56,8 +49,8 @@ resource "wallarm_rule_set_response_header" "delete_header" { ## Argument Reference * `mode` - (**required**) mode of header processing. Valid options: `append`, `replace` -* `name` - (**required**) description. -* `values` - (**required**) array of headers. Might be defined as much headers as need at once. +* `name` - (**required**) header name. +* `values` - (**required**) array of header values. Might be defined as much values as need at once. * `action` - (optional) a series of conditions, see below for a a full list . @@ -184,6 +177,59 @@ When `type` is `absent`, `point` must contain key with the default value. For `a * `rule_id` - ID of the created rule. * `action_id` - the action ID (The conditions to apply on request). -* `rule_type` - type of created rule. For example, `rule_type = "ignore_regex"`. +* `rule_type` - type of created rule. For example, `rule_type = "set_response_header"`. + +## Import + +The rule can be imported using a composite ID formed of client ID, action ID, rule ID and rule type. + +``` +$ terraform import wallarm_rule_set_response_header.resp_header 6039/563855/11086881 +``` + +* `6039` - Client ID. +* `563855` - Action ID. +* `11086881` - Rule ID. +* `wallarm_rule_set_response_header` - Terraform resource rule type. + +### Import blocks + +The rule can be imported using Terraform import blocks. + +Resource block example: + +```hcl +resource "wallarm_rule_set_response_header" "resp_header" { + action { + point = { + instance = 3 + } + } + mode = "append" + name = "Server" + values = ["Blocked by Wallarm","Wallarm solution"] +} +``` + +Import block example: + +```hcl +import { + to = wallarm_rule_set_response_header.resp_header + id = "6039/563855/11086881" +} +``` + +Before importing resources run: + +``` +$ terraform plan +``` + +If import looks good apply the configuration: + +``` +$ terraform apply +``` [1]: https://docs.wallarm.com/user-guides/rules/add-replace-response-header/ diff --git a/docs/resources/rule_uploads.md b/docs/resources/rule_uploads.md index 40efe92..8d7f1e5 100644 --- a/docs/resources/rule_uploads.md +++ b/docs/resources/rule_uploads.md @@ -151,5 +151,59 @@ When `type` is `absent`, `point` must contain key with the default value. For `a * `action_id` - the action ID (The conditions to apply on request). * `rule_type` - type of the created rule. For example, `rule_type = "uploads"`. +## Import + +The rule can be imported using a composite ID formed of client ID, action ID, rule ID and rule type. + +``` +$ terraform import wallarm_rule_uploads.allow_markup_in_body 6039/563855/11086881 +``` + +* `6039` - Client ID. +* `563855` - Action ID. +* `11086881` - Rule ID. +* `wallarm_rule_uploads` - Terraform resource rule type. + +### Import blocks + +The rule can be imported using Terraform import blocks. + +Resource block example: + +```hcl +resource "wallarm_rule_uploads" "allow_markup_in_body" { + action { + point = { + header = "HOST" + } + type = "iequal" + value = "example.com" + } + point = [["post"]] + file_type = "html" +} +``` + +Import block example: + +```hcl +import { + to = wallarm_rule_uploads.allow_markup_in_body + id = "6039/563855/11086881" +} +``` + +Before importing resources run: + +``` +$ terraform plan +``` + +If import looks good apply the configuration: + +``` +$ terraform apply +``` + [1]: https://docs.wallarm.com/user-guides/rules/ignore-attacks-in-binary-data/ [2]: https://docs.wallarm.com/installation/multi-tenant/overview/ diff --git a/docs/resources/rule_vpatch.md b/docs/resources/rule_vpatch.md index 1c34a4f..1ad44fa 100644 --- a/docs/resources/rule_vpatch.md +++ b/docs/resources/rule_vpatch.md @@ -25,7 +25,7 @@ This is because Terraform is designed to keep its configurations stable and not # in any GET parameter resource "wallarm_rule_vpatch" "splunk" { - attack_type = "sqli" + attack_type = "sqli" action { type = "iequal" @@ -47,7 +47,7 @@ resource "wallarm_rule_vpatch" "splunk" { * `client_id` - (optional) ID of the client to apply the rules to. The value is required for [multi-tenant scenarios][2]. * `attack_type` - (**required**) attack type. The request with this attack will be blocked. Can be: * `any` to block the request with the specified `point` even if the attack is not detected. - * One more names of attack types to block the requests with the specified `point` if these malicious payloads are detected. Possible attack types: `sqli`, `rce`, `crlf`, `nosqli`, `ptrav`, `xxe`, `ptrav`, `xss`, `scanner`, `redir`, `ldapi`. + * One of the names of attack types to block the requests with the specified `point` if these malicious payloads are detected. Possible attack types: `sqli`, `rce`, `crlf`, `nosqli`, `ptrav`, `xxe`, `ptrav`, `xss`, `scanner`, `redir`, `ldapi`. * `action` - (optional) rule conditions. Possible attributes are described below. * `point` - (**required**) request parts to apply the rules to. The full list of possible values is available in the [Wallarm official documentation](https://docs.wallarm.com/user-guides/rules/request-processing/#identifying-and-parsing-the-request-parts). | POINT |POSSIBLE VALUES| @@ -184,7 +184,61 @@ When `type` is `absent`, `point` must contain key with the default value. For `a * `rule_id` - ID of the created rule. * `action_id` - the action ID (The conditions to apply on request). -* `rule_type` - type of the created rule. For example, `rule_type = "ignore_regex"`. +* `rule_type` - type of the created rule. For example, `rule_type = "vpatch"`. + +## Import + +The rule can be imported using a composite ID formed of client ID, action ID, rule ID and rule type. + +``` +$ terraform import wallarm_rule_vpatch.vpatch_test 6039/563855/11086881 +``` + +* `6039` - Client ID. +* `563855` - Action ID. +* `11086881` - Rule ID. +* `wallarm_rule_vpatch` - Terraform resource rule type. + +### Import blocks + +The rule can be imported using Terraform import blocks. + +Resource block example: + +```hcl +resource "wallarm_rule_vpatch" "vpatch_test" { + action { + point = { + header = "HOST" + } + type = "iequal" + value = "app.example.com" + } + point = [["get_all"]] + attack_type = "sqli" +} +``` + +Import block example: + +```hcl +import { + to = wallarm_rule_vpatch.vpatch_test + id = "6039/563855/11086881" +} +``` + +Before importing resources run: + +``` +$ terraform plan +``` + +If import looks good apply the configuration: + +``` +$ terraform apply +``` [1]: https://docs.wallarm.com/user-guides/rules/vpatch-rule/ [2]: https://docs.wallarm.com/installation/multi-tenant/overview/ diff --git a/examples/wallarm_rule_attack_rechecker.tf b/examples/wallarm_rule_attack_rechecker.tf index 9bf8cc5..90208e4 100644 --- a/examples/wallarm_rule_attack_rechecker.tf +++ b/examples/wallarm_rule_attack_rechecker.tf @@ -3,7 +3,7 @@ resource "wallarm_rule_attack_rechecker" "disable_rechecker" { action { point = { - "instance" = 6 + instance = 6 } } diff --git a/examples/wallarm_rule_attack_rechecker_rewrite.tf b/examples/wallarm_rule_attack_rechecker_rewrite.tf index acd263b..91d3dda 100644 --- a/examples/wallarm_rule_attack_rechecker_rewrite.tf +++ b/examples/wallarm_rule_attack_rechecker_rewrite.tf @@ -1,4 +1,4 @@ resource "wallarm_rule_attack_rechecker_rewrite" "default_rewrite" { - rules = ["my.awesome-application.com"] + rules = ["my.awesome-application.com"] point = [["header", "HOST"]] } \ No newline at end of file diff --git a/examples/wallarm_rule_binary_data.tf b/examples/wallarm_rule_binary_data.tf index b88db81..b409ec1 100644 --- a/examples/wallarm_rule_binary_data.tf +++ b/examples/wallarm_rule_binary_data.tf @@ -3,7 +3,7 @@ resource "wallarm_rule_binary_data" "binary" { type = "iequal" value = "binary.wallarm.com" point = { - "header" = "HOST" + header = "HOST" } } point = [["post"], ["form_urlencoded", "query"]] diff --git a/examples/wallarm_rule_disable_attack_type.tf b/examples/wallarm_rule_disable_attack_type.tf index 64cb4eb..5c63119 100644 --- a/examples/wallarm_rule_disable_attack_type.tf +++ b/examples/wallarm_rule_disable_attack_type.tf @@ -3,7 +3,7 @@ resource "wallarm_rule_disable_attack_type" "ignore_attack" { type = "iequal" value = "attack-types.wallarm.com" point = { - "header" = "HOST" + header = "HOST" } } point = [["post"], ["form_urlencoded", "query"]] diff --git a/examples/wallarm_rule_masking.tf b/examples/wallarm_rule_masking.tf index 5510698..af1dcdd 100644 --- a/examples/wallarm_rule_masking.tf +++ b/examples/wallarm_rule_masking.tf @@ -2,7 +2,7 @@ resource "wallarm_rule_masking" "dvwa_sensitive" { action { point = { - "instance" = 5 + instance = 5 } } @@ -14,21 +14,21 @@ resource "wallarm_rule_masking" "masking_header" { action { type = "absent" point = { - "path" = 0 + path = 0 } } action { type = "equal" point = { - "action_name" = "masking" + action_name = "masking" } } action { type = "absent" point = { - "action_ext" = "" + action_ext = "" } } point = [["header", "X-KEY"]] @@ -39,22 +39,22 @@ resource "wallarm_rule_masking" "masking_json" { action { type = "absent" point = { - "path" = 0 + path = 0 } } action { type = "equal" point = { - "action_name" = "masking" + action_name = "masking" } } action { type = "absent" point = { - "action_ext" = "" + action_ext = "" } } point = [["post"], ["json_doc"], ["hash", "field"]] -} \ No newline at end of file +} diff --git a/examples/wallarm_rule_mode.tf b/examples/wallarm_rule_mode.tf index 0f4cb5c..92e9f3c 100644 --- a/examples/wallarm_rule_mode.tf +++ b/examples/wallarm_rule_mode.tf @@ -3,7 +3,7 @@ resource "wallarm_rule_mode" "wp_mode" { action { point = { - "instance" = 6 + instance = 6 } } @@ -11,7 +11,7 @@ resource "wallarm_rule_mode" "wp_mode" { type = "iequal" value = "monitor" point = { - "path" = 0 + path = 0 } } @@ -19,7 +19,7 @@ resource "wallarm_rule_mode" "wp_mode" { type = "equal" value = "admin" point = { - "query" = "user" + query = "user" } } } @@ -29,14 +29,14 @@ resource "wallarm_rule_mode" "tiredful_api_mode" { action { point = { - "instance" = 9 + instance = 9 } } action { type = "equal" point = { - "action_name" = "formmail" + action_name = "formmail" } } } @@ -49,7 +49,7 @@ resource "wallarm_rule_mode" "ad_mode" { type = "equal" value = "api" point = { - "path" = 0 + path = 0 } } @@ -57,7 +57,7 @@ resource "wallarm_rule_mode" "ad_mode" { type = "equal" value = "active-directory" point = { - "path" = 1 + path = 1 } } } @@ -69,14 +69,14 @@ resource "wallarm_rule_mode" "dvwa_mode" { type = "iequal" value = "dvwa.wallarm-demo.com" point = { - "header" = "HOST" + header = "HOST" } } action { type = "equal" point = { - "method" = "GET" + method = "GET" } } } \ No newline at end of file diff --git a/examples/wallarm_rule_overlimit_res_settings.tf b/examples/wallarm_rule_overlimit_res_settings.tf index bcfebc0..1684022 100644 --- a/examples/wallarm_rule_overlimit_res_settings.tf +++ b/examples/wallarm_rule_overlimit_res_settings.tf @@ -1,19 +1,19 @@ resource "wallarm_rule_overlimit_res_settings" "example_overlimit_res_settings" { action { point = { - "path" = 0 + path = 0 } type = "absent" } action { point = { - "action_name" = "upload" + action_name = "upload" } type = "equal" } action { point = { - "action_ext" = "" + action_ext = "" } type = "absent" } diff --git a/examples/wallarm_rule_parser_state.tf b/examples/wallarm_rule_parser_state.tf index 0e11118..21105d2 100644 --- a/examples/wallarm_rule_parser_state.tf +++ b/examples/wallarm_rule_parser_state.tf @@ -3,7 +3,7 @@ resource "wallarm_rule_parser_state" "enable_base64_parser" { type = "iequal" value = "parsers.wallarm.com" point = { - "header" = "HOST" + header = "HOST" } } point = [["post"]] diff --git a/examples/wallarm_rule_rate_limit.tf b/examples/wallarm_rule_rate_limit.tf index 87877c5..afe4c03 100644 --- a/examples/wallarm_rule_rate_limit.tf +++ b/examples/wallarm_rule_rate_limit.tf @@ -5,38 +5,38 @@ resource "wallarm_rule_rate_limit" "rate_limit" { type = "iequal" value = "example.com" point = { - "header" = "HOST" + header = "HOST" } } action { type = "equal" value = "api" point = { - "path" = 0 + path = 0 } } action { type = "equal" value = "logon" point = { - "path" = 1 + path = 1 } } action { type = "equal" point = { - "method" = "POST" + method = "POST" } } action { point = { - "instance" = 1 + instance = 1 } } action { type = "equal" point = { - "scheme" = "https" + scheme = "https" } } diff --git a/examples/wallarm_rule_regex.tf b/examples/wallarm_rule_regex.tf index ce1177a..4b8c0a3 100644 --- a/examples/wallarm_rule_regex.tf +++ b/examples/wallarm_rule_regex.tf @@ -7,7 +7,7 @@ resource "wallarm_rule_regex" "regex" { type = "iequal" value = "tiredful-api.wallarm-demo.com" point = { - "header" = "HOST" + header = "HOST" } } point = [["header", "X-AUTHENTICATION"]] diff --git a/examples/wallarm_rule_set_response_header.tf b/examples/wallarm_rule_set_response_header.tf index 4d055b8..de97321 100644 --- a/examples/wallarm_rule_set_response_header.tf +++ b/examples/wallarm_rule_set_response_header.tf @@ -3,7 +3,7 @@ resource "wallarm_rule_set_response_header" "resp_headers" { action { point = { - "instance" = 6 + instance = 6 } } @@ -16,7 +16,7 @@ resource "wallarm_rule_set_response_header" "resp_headers_waf" { action { point = { - "instance" = 6 + instance = 6 } } diff --git a/examples/wallarm_rule_uploads.tf b/examples/wallarm_rule_uploads.tf index 869242b..589106e 100644 --- a/examples/wallarm_rule_uploads.tf +++ b/examples/wallarm_rule_uploads.tf @@ -3,7 +3,7 @@ resource "wallarm_rule_uploads" "allow_docs" { type = "iequal" value = "uploads.wallarm.com" point = { - "header" = "HOST" + header = "HOST" } } point = [["post"], ["form_urlencoded", "query"]] diff --git a/examples/wallarm_rule_vpatch.tf b/examples/wallarm_rule_vpatch.tf index 23a14bc..a4d7d3d 100644 --- a/examples/wallarm_rule_vpatch.tf +++ b/examples/wallarm_rule_vpatch.tf @@ -9,38 +9,38 @@ resource "wallarm_rule_vpatch" "vpatch" { type = "iequal" value = "example.com" point = { - "header" = "HOST" + header = "HOST" } } action { type = "equal" value = "api" point = { - "path" = 0 + path = 0 } } action { type = "regex" value = "logon" point = { - "path" = 1 + path = 1 } } action { type = "equal" point = { - "method" = "POST" + method = "POST" } } action { point = { - "instance" = 1 + instance = 1 } } action { type = "equal" point = { - "scheme" = "https" + scheme = "https" } } point = [["post"], ["json_doc"], ["hash", "user"]] @@ -52,7 +52,7 @@ resource "wallarm_rule_vpatch" "splunk" { type = "iequal" value = "splunk.wallarm-demo.com:88" point = { - "header" = "HOST" + header = "HOST" } } point = [["get_all"]] @@ -62,27 +62,27 @@ resource "wallarm_rule_vpatch" "tiredful_api" { attack_type = "any" action { point = { - "instance" = 9 + instance = 9 } } action { type = "absent" point = { - "path" = 0 + path = 0 } } action { type = "equal" point = { - "action_name" = "formmail" + action_name = "formmail" } } action { type = "equal" point = { - "action_ext" = "cgi" + action_ext = "cgi" } } @@ -95,14 +95,14 @@ resource "wallarm_rule_vpatch" "env_sample" { action { type = "equal" point = { - "action_name" = ".env.sample" + action_name = ".env.sample" } } action { type = "equal" point = { - "action_ext" = "php" + action_ext = "php" } }