New-AzFrontDoorWafPolicy

Syntax

CreateExpanded (Default)

New-AzFrontDoorWafPolicy
 -Name <String>
 -ResourceGroupName <String>
 [-SubscriptionId <String>]
 [-CustomBlockResponseBody <String>]
 [-CustomBlockResponseStatusCode <Int32>]
 [-Customrule <ICustomRule[]>]
 [-EnabledState <String>]
 [-Etag <String>]
 [-JavascriptChallengeExpirationInMinutes <Int32>]
 [-CaptchaExpirationInMinutes <Int32>]
 [-LogScrubbingSetting <IPolicySettingsLogScrubbing>]
 [-ManagedRuleSet <IManagedRuleSet[]>]
 [-Mode <String>]
 [-RedirectUrl <String>]
 [-RequestBodyCheck <String>]
 [-SkuName <String>]
 [-Tag <Hashtable>]
 [-DefaultProfile <PSObject>]
 [-AsJob]
 [-NoWait]
 [-WhatIf]
 [-Confirm]
 [<CommonParameters>]

CreateViaJsonFilePath

New-AzFrontDoorWafPolicy
 -Name <String>
 -ResourceGroupName <String>
 -JsonFilePath <String>
 [-SubscriptionId <String>]
 [-DefaultProfile <PSObject>]
 [-AsJob]
 [-NoWait]
 [-WhatIf]
 [-Confirm]
 [<CommonParameters>]

CreateViaJsonString

New-AzFrontDoorWafPolicy
 -Name <String>
 -ResourceGroupName <String>
 -JsonString <String>
 [-SubscriptionId <String>]
 [-DefaultProfile <PSObject>]
 [-AsJob]
 [-NoWait]
 [-WhatIf]
 [-Confirm]
 [<CommonParameters>]

Description

Examples

Example 1: Create WAF policy

New-AzFrontDoorWafPolicy -Name $policyName -ResourceGroupName $resourceGroupName -Customrule $customRule1,$customRule2 -ManagedRule $managedRule1 -EnabledState Enabled -Mode Prevention -RedirectUrl "https://www.bing.com/" -CustomBlockResponseStatusCode 405 -CustomBlockResponseBody "<html><head><title>You are blocked!</title></head><body></body></html>"

Customrule : {customrule0, customrule01}
Etag :
FrontendEndpointLink : {}
Id : /subscriptions/{subid}/resourcegroups/{rg}/providers/Microsoft.Network/frontdoorwebapplicationfirewallpolicies/{policyName}
Location : Global
ManagedRuleSet : {{
 "ruleSetType": "Microsoft_DefaultRuleSet",
 "ruleSetVersion": "2.0",
 "ruleSetAction": "Block",
 "exclusions": [ ],
 "ruleGroupOverrides": [ ]
 }}
Name : {policyName}
PolicySetting : {
 "enabledState": "Enabled",
 "mode": "Detection",
 "customBlockResponseStatusCode": 403,
 "requestBodyCheck": "Enabled"
 }
ProvisioningState : Succeeded
ResourceGroupName : {rg}
ResourceState : Enabled
RoutingRuleLink :
SecurityPolicyLink : {{
 "id": "/subscriptions/{subid}/resourcegroups/{rg}/providers/Microsoft.Cdn/profiles/hdis-fe/securitypolicies/premium"
 }}
SkuName : Premium_AzureFrontDoor
Tag : {
 }
Type : Microsoft.Network/frontdoorwebapplicationfirewallpolicies

Parameters

-AsJob

Run the command as a job

Parameter properties

Parameter sets

-CaptchaExpirationInMinutes

Defines the Captcha cookie validity lifetime in minutes. This setting is only applicable to Premium_AzureFrontDoor. Value must be an integer between 5 and 1440 with the default value being 30.

Parameter properties

Parameter sets

-Confirm

Prompts you for confirmation before running the cmdlet.

Parameter properties

Parameter sets

-CustomBlockResponseBody

If the action type is block, customer can override the response body. The body must be specified in base64 encoding.

Parameter properties

Parameter sets

-CustomBlockResponseStatusCode

If the action type is block, customer can override the response status code.

Parameter properties

Parameter sets

-Customrule

List of rules

Parameter properties

Parameter sets

-DefaultProfile

The DefaultProfile parameter is not functional. Use the SubscriptionId parameter when available if executing the cmdlet against a different subscription.

Parameter properties

Parameter sets

-EnabledState

Describes if the policy is in enabled or disabled state. Defaults to Enabled if not specified.

Parameter properties

Parameter sets

-Etag

Gets a unique read-only string that changes whenever the resource is updated.

Parameter properties

Parameter sets

-JavascriptChallengeExpirationInMinutes

Defines the JavaScript challenge cookie validity lifetime in minutes. This setting is only applicable to Premium_AzureFrontDoor. Value must be an integer between 5 and 1440 with the default value being 30.

Parameter properties

Parameter sets

-JsonFilePath

Path of Json file supplied to the Create operation

Parameter properties

Parameter sets

-JsonString

Json string supplied to the Create operation

Parameter properties

Parameter sets

-LogScrubbingSetting

Defines rules that scrub sensitive fields in the Web Application Firewall logs.

Parameter properties

Parameter sets

-ManagedRuleSet

List of rule sets.

Parameter properties

Parameter sets

-Mode

Describes if it is in detection mode or prevention mode at policy level.

Parameter properties

Parameter sets

-Name

The name of the Web Application Firewall Policy.

Parameter properties

Parameter sets

-NoWait

Run the command asynchronously

Parameter properties

Parameter sets

-RedirectUrl

If action type is redirect, this field represents redirect URL for the client.

Parameter properties

Parameter sets

-RequestBodyCheck

Describes if policy managed rules will inspect the request body content.

Parameter properties

Parameter sets

-ResourceGroupName

Name of the Resource group within the Azure subscription.

Parameter properties

Parameter sets

-SkuName

Name of the pricing tier.

Parameter properties

Parameter sets

-SubscriptionId

The subscription credentials which uniquely identify the Microsoft Azure subscription. The subscription ID forms part of the URI for every service call.

Parameter properties

Parameter sets

-Tag

Resource tags.

Parameter properties

Parameter sets

-WhatIf

Shows what would happen if the cmdlet runs. The cmdlet is not run.

Parameter properties

Parameter sets

CommonParameters

Outputs

IWebApplicationFirewallPolicy