az network front-door waf-policy managed-rules exclusion

View and alter exclusions on a managed rule set, rule group, or rule within a managed rule set.

Exclusions prevent the rule set, rule group, or rule from being applied to the content of the specified variable. Use 'az network front-door waf-policy managed-rule-definition list' to see the available rules.

Commands

az network front-door waf-policy managed-rules exclusion add

Add an exclusion on a managed rule set, rule group, or rule within a managed rule set.

az network front-door waf-policy managed-rules exclusion list

List the exclusions on managed rule set, rule group, or rule within a managed rule set.

az network front-door waf-policy managed-rules exclusion remove

Remove an exclusion on a managed rule set, rule group, or rule within a managed rule set.

az network front-door waf-policy managed-rules exclusion add

Add an exclusion on a managed rule set, rule group, or rule within a managed rule set.

Prevents the rule set, rule group, or rule from being applied to the content of the specified variable. Use 'az network front-door waf-policy managed-rule-definition list' to see the available rules.

az network front-door waf-policy managed-rules exclusion add --match-variable
                                                             --operator
                                                             --policy-name
                                                             --resource-group
                                                             --type
                                                             --value
                                                             [--rule-group-id]
                                                             [--rule-id]

Required Parameters

--match-variable

Which kind of variable's content will be ignored, e.g. RequestHeaderNames, RequestCookieNames, QueryStringArgNames, RequestBodyPostArgNames.

--operator

Operator used to compare the variable name to the value, e.g. Equals, Contains, StartsWith, EndsWith, EqualsAny.

--policy-name

Name of the WAF policy.

--resource-group -g

Name of resource group. You can configure the default group using az configure --defaults group=<name>.

--type

ID of the ruleset to exclusion.

--value

Values to match the variable name against.

Optional Parameters

--rule-group-id

ID of the rule group containing the rule to exclusion.

--rule-id

ID of the rule to apply exclusion.

az network front-door waf-policy managed-rules exclusion list

List the exclusions on managed rule set, rule group, or rule within a managed rule set.

az network front-door waf-policy managed-rules exclusion list --policy-name
                                                              --resource-group
                                                              --type
                                                              [--rule-group-id]
                                                              [--rule-id]

Required Parameters

--policy-name

Name of the WAF policy.

--resource-group -g

Name of resource group. You can configure the default group using az configure --defaults group=<name>.

--type

ID of the ruleset with the exclusions to list.

Optional Parameters

--rule-group-id

ID of the rule group containing the exclusions to list.

--rule-id

ID of the rule to list exclusion for.

az network front-door waf-policy managed-rules exclusion remove

Remove an exclusion on a managed rule set, rule group, or rule within a managed rule set.

After this command, the standard behavior for the rule within the managed rule set will apply. Use 'az network front-door waf-policy managed-rule-definition list' to see the available rules.

az network front-door waf-policy managed-rules exclusion remove --match-variable
                                                                --operator
                                                                --policy-name
                                                                --resource-group
                                                                --type
                                                                --value
                                                                [--rule-group-id]
                                                                [--rule-id]

Required Parameters

--match-variable

Which kind of variable's content will be ignored, e.g. RequestHeaderNames, RequestCookieNames, QueryStringArgNames, RequestBodyPostArgNames.

--operator

Operator used to compare the variable name to the value, e.g. Equals, Contains, StartsWith, EndsWith, EqualsAny.

--policy-name

Name of the WAF policy.

--resource-group -g

Name of resource group. You can configure the default group using az configure --defaults group=<name>.

--type

ID of the ruleset with the exclusion to remove.

--value

Values to match the variable name against.

Optional Parameters

--rule-group-id

ID of the rule group containing the exclusion to remove.

--rule-id

ID of the rule to remove from exclusion.