Skip to content

Commit

Permalink
Merge pull request #7363 from bosch-io/feature/7327
Browse files Browse the repository at this point in the history
  • Loading branch information
jackofallops authored Jul 9, 2020
2 parents af71ed6 + c7ffa1f commit e6580e9
Show file tree
Hide file tree
Showing 4 changed files with 52 additions and 8 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -2064,8 +2064,11 @@ resource "azurerm_web_application_firewall_policy" "testfwp" {
location = azurerm_resource_group.test.location
policy_settings {
enabled = true
mode = "Prevention"
enabled = true
mode = "Prevention"
file_upload_limit_in_mb = 100
max_request_body_size_in_kb = 100
request_body_check = "true"
}
managed_rules {
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -92,6 +92,9 @@ func TestAccAzureRMWebApplicationFirewallPolicy_complete(t *testing.T) {
resource.TestCheckResourceAttr(data.ResourceName, "policy_settings.#", "1"),
resource.TestCheckResourceAttr(data.ResourceName, "policy_settings.0.enabled", "true"),
resource.TestCheckResourceAttr(data.ResourceName, "policy_settings.0.mode", "Prevention"),
resource.TestCheckResourceAttr(data.ResourceName, "policy_settings.0.request_body_check", "true"),
resource.TestCheckResourceAttr(data.ResourceName, "policy_settings.0.file_upload_limit_in_mb", "100"),
resource.TestCheckResourceAttr(data.ResourceName, "policy_settings.0.max_request_body_size_in_kb", "128"),
),
},
data.ImportStep(),
Expand Down Expand Up @@ -167,6 +170,9 @@ func TestAccAzureRMWebApplicationFirewallPolicy_update(t *testing.T) {
resource.TestCheckResourceAttr(data.ResourceName, "policy_settings.#", "1"),
resource.TestCheckResourceAttr(data.ResourceName, "policy_settings.0.enabled", "true"),
resource.TestCheckResourceAttr(data.ResourceName, "policy_settings.0.mode", "Prevention"),
resource.TestCheckResourceAttr(data.ResourceName, "policy_settings.0.request_body_check", "true"),
resource.TestCheckResourceAttr(data.ResourceName, "policy_settings.0.file_upload_limit_in_mb", "100"),
resource.TestCheckResourceAttr(data.ResourceName, "policy_settings.0.max_request_body_size_in_kb", "128"),
),
},
data.ImportStep(),
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -262,6 +262,23 @@ func resourceArmWebApplicationFirewallPolicy() *schema.Resource {
}, false),
Default: string(network.Prevention),
},
"request_body_check": {
Type: schema.TypeBool,
Optional: true,
Default: true,
},
"file_upload_limit_in_mb": {
Type: schema.TypeInt,
Optional: true,
ValidateFunc: validation.IntBetween(1, 750),
Default: 100,
},
"max_request_body_size_in_kb": {
Type: schema.TypeInt,
Optional: true,
ValidateFunc: validation.IntBetween(8, 128),
Default: 128,
},
},
},
},
Expand Down Expand Up @@ -431,10 +448,16 @@ func expandArmWebApplicationFirewallPolicyPolicySettings(input []interface{}) *n
enabled = network.WebApplicationFirewallEnabledStateEnabled
}
mode := v["mode"].(string)
requestBodyCheck := v["request_body_check"].(bool)
maxRequestBodySizeInKb := v["max_request_body_size_in_kb"].(int)
fileUploadLimitInMb := v["file_upload_limit_in_mb"].(int)

result := network.PolicySettings{
State: enabled,
Mode: network.WebApplicationFirewallMode(mode),
State: enabled,
Mode: network.WebApplicationFirewallMode(mode),
RequestBodyCheck: utils.Bool(requestBodyCheck),
MaxRequestBodySizeInKb: utils.Int32(int32(maxRequestBodySizeInKb)),
FileUploadLimitInMb: utils.Int32(int32(fileUploadLimitInMb)),
}
return &result
}
Expand Down Expand Up @@ -607,6 +630,9 @@ func flattenArmWebApplicationFirewallPolicyPolicySettings(input *network.PolicyS

result["enabled"] = input.State == network.WebApplicationFirewallEnabledStateEnabled
result["mode"] = string(input.Mode)
result["request_body_check"] = input.RequestBodyCheck
result["max_request_body_size_in_kb"] = int(*input.MaxRequestBodySizeInKb)
result["file_upload_limit_in_mb"] = int(*input.FileUploadLimitInMb)

return []interface{}{result}
}
Expand Down
17 changes: 13 additions & 4 deletions website/docs/r/web_application_firewall_policy.html.markdown
Original file line number Diff line number Diff line change
Expand Up @@ -71,8 +71,11 @@ resource "azurerm_web_application_firewall_policy" "example" {
}
policy_settings {
enabled = true
mode = "Prevention"
enabled = true
mode = "Prevention"
request_body_check = true
file_upload_limit_in_mb = 100
max_request_body_size_in_kb = 128
}
managed_rules {
Expand Down Expand Up @@ -161,9 +164,15 @@ The `match_variables` block supports the following:

The `policy_settings` block supports the following:

* `enabled` - (Optional) Describes if the policy is in enabled state or disabled state Defaults to `Enabled`.
* `enabled` - (Optional) Describes if the policy is in enabled state or disabled state. Defaults to `Enabled`.

* `mode` - (Optional) Describes if it is in detection mode or prevention mode at the policy level Defaults to `Prevention`.
* `mode` - (Optional) Describes if it is in detection mode or prevention mode at the policy level. Defaults to `Prevention`.

* `file_upload_limit_mb` - (Optional) The File Upload Limit in MB. Accepted values are in the range `1` to `750`. Defaults to `100`.

* `request_body_check` - (Optional) Is Request Body Inspection enabled? Defaults to `true`.

* `max_request_body_size_kb` - (Optional) The Maximum Request Body Size in KB. Accepted values are in the range `8` to `128`. Defaults to `128`.

---

Expand Down

0 comments on commit e6580e9

Please sign in to comment.