WaasClient

class oci.waas.WaasClient(config, **kwargs)

OCI Web Application Acceleration and Security Services

__init__(config, **kwargs)

Creates a new service client

Parameters:
  • config (dict) -- Configuration keys and values as per SDK and Tool Configuration. The from_file() method can be used to load configuration from a file. Alternatively, a dict can be passed. You can validate_config the dict using validate_config()
  • service_endpoint (str) -- (optional) The endpoint of the service to call using this client. For example https://iaas.us-ashburn-1.oraclecloud.com. If this keyword argument is not provided then it will be derived using the region in the config parameter. You should only provide this keyword argument if you have an explicit need to specify a service endpoint.
  • timeout (float or tuple(float, float)) -- (optional) The connection and read timeouts for the client. The default is that the client never times out. This keyword argument can be provided as a single float, in which case the value provided is used for both the read and connection timeouts, or as a tuple of two floats. If a tuple is provided then the first value is used as the connection timeout and the second value as the read timeout.
  • signer (AbstractBaseSigner) --

    (optional) The signer to use when signing requests made by the service client. The default is to use a Signer based on the values provided in the config parameter.

    One use case for this parameter is for Instance Principals authentication by passing an instance of InstancePrincipalsSecurityTokenSigner as the value for this keyword argument

  • retry_strategy (obj) --

    (optional) A retry strategy to apply to all calls made by this service client (i.e. at the client level). There is no retry strategy applied by default. Retry strategies can also be applied at the operation level by passing a retry_strategy keyword argument as part of calling the operation. Any value provided at the operation level will override whatever is specified at the client level.

    This should be one of the strategies available in the retry module. A convenience DEFAULT_RETRY_STRATEGY is also available. The specifics of the default retry strategy are described here.

accept_recommendations(waas_policy_id, protection_rule_keys, **kwargs)

Accepts a list of recommended Web Application Firewall protection rules. Accepts a list of recommended Web Application Firewall protection rules. Web Application Firewall protection rule recommendations are sets of rules generated by observed traffic patterns through the Web Application Firewall and are meant to optimize the Web Application Firewall's security profile. Only the rules specified in the request body will be updated; all other rules will remain unchanged.

Use the GET /waasPolicies/{waasPolicyId}/wafConfig/recommendations method to view a list of recommended Web Application Firewall protection rules. For more information, see WAF Protection Rules.

Parameters:
  • waas_policy_id (str) --

    (required) The OCID of the WAAS policy.

  • protection_rule_keys (list[str]) -- (required)
  • opc_request_id (str) -- (optional) The unique Oracle-assigned identifier for the request. If you need to contact Oracle about a particular request, please provide the request ID.
  • if_match (str) -- (optional) For optimistic concurrency control. In the PUT or DELETE call for a resource, set the if-match parameter to the value of the etag from a previous GET or POST response for that resource. The resource will be updated or deleted only if the etag provided matches the resource's current etag value.
  • retry_strategy (obj) --

    (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level.

    This should be one of the strategies available in the retry module. A convenience DEFAULT_RETRY_STRATEGY is also available. The specifics of the default retry strategy are described here.

    To have this operation explicitly not perform any retries, pass an instance of NoneRetryStrategy.

Returns:

A Response object with data of type None

Return type:

Response

cancel_work_request(work_request_id, **kwargs)

Cancels a work request. Cancels a specified work request.

Parameters:
  • work_request_id (str) --

    (required) The OCID of the work request. This number is generated when work request is created.

  • opc_request_id (str) -- (optional) The unique Oracle-assigned identifier for the request. If you need to contact Oracle about a particular request, please provide the request ID.
  • opc_retry_token (str) -- (optional) A token that uniquely identifies a request so it can be retried in case of a timeout or server error without risk of executing that same action again. Retry tokens expire after 24 hours, but can be invalidated before then due to conflicting operations Example: If a resource has been deleted and purged from the system, then a retry of the original delete request may be rejected.
  • if_match (str) -- (optional) For optimistic concurrency control. In the PUT or DELETE call for a resource, set the if-match parameter to the value of the etag from a previous GET or POST response for that resource. The resource will be updated or deleted only if the etag provided matches the resource's current etag value.
  • retry_strategy (obj) --

    (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level.

    This should be one of the strategies available in the retry module. A convenience DEFAULT_RETRY_STRATEGY is also available. The specifics of the default retry strategy are described here.

    To have this operation explicitly not perform any retries, pass an instance of NoneRetryStrategy.

Returns:

A Response object with data of type None

Return type:

Response

change_address_list_compartment(address_list_id, change_address_list_compartment_details, **kwargs)

Moves address list into a different compartment. Moves address list into a different compartment. When provided, If-Match is checked against ETag values of the address list.

Parameters:
  • address_list_id (str) --

    (required) The OCID of the address list. This number is generated when the address list is added to the compartment.

  • change_address_list_compartment_details (ChangeAddressListCompartmentDetails) -- (required)
  • if_match (str) -- (optional) For optimistic concurrency control. In the PUT or DELETE call for a resource, set the if-match parameter to the value of the etag from a previous GET or POST response for that resource. The resource will be updated or deleted only if the etag provided matches the resource's current etag value.
  • opc_request_id (str) -- (optional) The unique Oracle-assigned identifier for the request. If you need to contact Oracle about a particular request, please provide the request ID.
  • opc_retry_token (str) -- (optional) A token that uniquely identifies a request so it can be retried in case of a timeout or server error without risk of executing that same action again. Retry tokens expire after 24 hours, but can be invalidated before then due to conflicting operations Example: If a resource has been deleted and purged from the system, then a retry of the original delete request may be rejected.
  • retry_strategy (obj) --

    (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level.

    This should be one of the strategies available in the retry module. A convenience DEFAULT_RETRY_STRATEGY is also available. The specifics of the default retry strategy are described here.

    To have this operation explicitly not perform any retries, pass an instance of NoneRetryStrategy.

Returns:

A Response object with data of type None

Return type:

Response

change_certificate_compartment(certificate_id, change_certificate_compartment_details, **kwargs)

Moves certificate into a different compartment. Moves certificate into a different compartment. When provided, If-Match is checked against ETag values of the certificate.

Parameters:
  • certificate_id (str) --

    (required) The OCID of the SSL certificate used in the WAAS policy. This number is generated when the certificate is added to the policy.

  • change_certificate_compartment_details (ChangeCertificateCompartmentDetails) -- (required)
  • if_match (str) -- (optional) For optimistic concurrency control. In the PUT or DELETE call for a resource, set the if-match parameter to the value of the etag from a previous GET or POST response for that resource. The resource will be updated or deleted only if the etag provided matches the resource's current etag value.
  • opc_request_id (str) -- (optional) The unique Oracle-assigned identifier for the request. If you need to contact Oracle about a particular request, please provide the request ID.
  • opc_retry_token (str) -- (optional) A token that uniquely identifies a request so it can be retried in case of a timeout or server error without risk of executing that same action again. Retry tokens expire after 24 hours, but can be invalidated before then due to conflicting operations Example: If a resource has been deleted and purged from the system, then a retry of the original delete request may be rejected.
  • retry_strategy (obj) --

    (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level.

    This should be one of the strategies available in the retry module. A convenience DEFAULT_RETRY_STRATEGY is also available. The specifics of the default retry strategy are described here.

    To have this operation explicitly not perform any retries, pass an instance of NoneRetryStrategy.

Returns:

A Response object with data of type None

Return type:

Response

change_custom_protection_rule_compartment(custom_protection_rule_id, change_custom_protection_rule_compartment_details, **kwargs)

Moves Custom Protection rule into a different compartment. Moves Custom Protection rule into a different compartment. When provided, If-Match is checked against ETag values of the Custom Protection rule.

Parameters:
  • custom_protection_rule_id (str) --

    (required) The OCID of the Custom Protection rule. This number is generated when the Custom Protection rule is added to the compartment.

  • change_custom_protection_rule_compartment_details (ChangeCustomProtectionRuleCompartmentDetails) -- (required)
  • if_match (str) -- (optional) For optimistic concurrency control. In the PUT or DELETE call for a resource, set the if-match parameter to the value of the etag from a previous GET or POST response for that resource. The resource will be updated or deleted only if the etag provided matches the resource's current etag value.
  • opc_request_id (str) -- (optional) The unique Oracle-assigned identifier for the request. If you need to contact Oracle about a particular request, please provide the request ID.
  • opc_retry_token (str) -- (optional) A token that uniquely identifies a request so it can be retried in case of a timeout or server error without risk of executing that same action again. Retry tokens expire after 24 hours, but can be invalidated before then due to conflicting operations Example: If a resource has been deleted and purged from the system, then a retry of the original delete request may be rejected.
  • retry_strategy (obj) --

    (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level.

    This should be one of the strategies available in the retry module. A convenience DEFAULT_RETRY_STRATEGY is also available. The specifics of the default retry strategy are described here.

    To have this operation explicitly not perform any retries, pass an instance of NoneRetryStrategy.

Returns:

A Response object with data of type None

Return type:

Response

change_waas_policy_compartment(waas_policy_id, change_waas_policy_compartment_details, **kwargs)

Moves WAAS policy into a different compartment. Moves WAAS policy into a different compartment. When provided, If-Match is checked against ETag values of the WAAS policy.

Parameters:
  • waas_policy_id (str) --

    (required) The OCID of the WAAS policy.

  • change_waas_policy_compartment_details (ChangeWaasPolicyCompartmentDetails) -- (required)
  • if_match (str) -- (optional) For optimistic concurrency control. In the PUT or DELETE call for a resource, set the if-match parameter to the value of the etag from a previous GET or POST response for that resource. The resource will be updated or deleted only if the etag provided matches the resource's current etag value.
  • opc_request_id (str) -- (optional) The unique Oracle-assigned identifier for the request. If you need to contact Oracle about a particular request, please provide the request ID.
  • opc_retry_token (str) -- (optional) A token that uniquely identifies a request so it can be retried in case of a timeout or server error without risk of executing that same action again. Retry tokens expire after 24 hours, but can be invalidated before then due to conflicting operations Example: If a resource has been deleted and purged from the system, then a retry of the original delete request may be rejected.
  • retry_strategy (obj) --

    (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level.

    This should be one of the strategies available in the retry module. A convenience DEFAULT_RETRY_STRATEGY is also available. The specifics of the default retry strategy are described here.

    To have this operation explicitly not perform any retries, pass an instance of NoneRetryStrategy.

Returns:

A Response object with data of type None

Return type:

Response

create_address_list(create_address_list_details, **kwargs)

Creates an address list. Creates an address list in set compartment and allows it to be used in a WAAS policy. For more information, see WAF Settings.

Parameters:
  • create_address_list_details (CreateAddressListDetails) -- (required) The details of the address list resource to create.
  • opc_request_id (str) -- (optional) The unique Oracle-assigned identifier for the request. If you need to contact Oracle about a particular request, please provide the request ID.
  • opc_retry_token (str) -- (optional) A token that uniquely identifies a request so it can be retried in case of a timeout or server error without risk of executing that same action again. Retry tokens expire after 24 hours, but can be invalidated before then due to conflicting operations Example: If a resource has been deleted and purged from the system, then a retry of the original delete request may be rejected.
  • retry_strategy (obj) --

    (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level.

    This should be one of the strategies available in the retry module. A convenience DEFAULT_RETRY_STRATEGY is also available. The specifics of the default retry strategy are described here.

    To have this operation explicitly not perform any retries, pass an instance of NoneRetryStrategy.

Returns:

A Response object with data of type AddressList

Return type:

Response

create_certificate(create_certificate_details, **kwargs)

Creates a certificate resource for the uploaded X.509 certificate. Allows an SSL certificate to be added to a WAAS policy. The Web Application Firewall terminates SSL connections to inspect requests in runtime, and then re-encrypts requests before sending them to the origin for fulfillment.

For more information, see WAF Settings.

Parameters:
  • create_certificate_details (CreateCertificateDetails) -- (required) The details of the SSL certificate resource to create.
  • opc_request_id (str) -- (optional) The unique Oracle-assigned identifier for the request. If you need to contact Oracle about a particular request, please provide the request ID.
  • opc_retry_token (str) -- (optional) A token that uniquely identifies a request so it can be retried in case of a timeout or server error without risk of executing that same action again. Retry tokens expire after 24 hours, but can be invalidated before then due to conflicting operations Example: If a resource has been deleted and purged from the system, then a retry of the original delete request may be rejected.
  • retry_strategy (obj) --

    (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level.

    This should be one of the strategies available in the retry module. A convenience DEFAULT_RETRY_STRATEGY is also available. The specifics of the default retry strategy are described here.

    To have this operation explicitly not perform any retries, pass an instance of NoneRetryStrategy.

Returns:

A Response object with data of type Certificate

Return type:

Response

create_custom_protection_rule(create_custom_protection_rule_details, **kwargs)

Creates a new Custom Protection rule in the specified compartment. Creates a new Custom Protection rule in the specified compartment.

Parameters:
  • create_custom_protection_rule_details (CreateCustomProtectionRuleDetails) -- (required) The details of the Custom Protection rule.
  • opc_request_id (str) -- (optional) The unique Oracle-assigned identifier for the request. If you need to contact Oracle about a particular request, please provide the request ID.
  • opc_retry_token (str) -- (optional) A token that uniquely identifies a request so it can be retried in case of a timeout or server error without risk of executing that same action again. Retry tokens expire after 24 hours, but can be invalidated before then due to conflicting operations Example: If a resource has been deleted and purged from the system, then a retry of the original delete request may be rejected.
  • retry_strategy (obj) --

    (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level.

    This should be one of the strategies available in the retry module. A convenience DEFAULT_RETRY_STRATEGY is also available. The specifics of the default retry strategy are described here.

    To have this operation explicitly not perform any retries, pass an instance of NoneRetryStrategy.

Returns:

A Response object with data of type CustomProtectionRule

Return type:

Response

create_waas_policy(create_waas_policy_details, **kwargs)

Creates a new policy in the specified compartment. Creates a new Web Application Acceleration and Security (WAAS) policy in the specified compartment. A WAAS policy must be established before creating Web Application Firewall (WAF) rules. To use WAF rules, your web application's origin servers must defined in the WaasPolicy schema.

A domain name must be specified when creating a WAAS policy. The domain name should be different from the origins specified in your WaasPolicy. Once domain name is entered and stored, it is unchangeable.

Use the record data returned in the cname field of the WaasPolicy object to create a CNAME record in your DNS configuration that will direct your domain's traffic through the WAF.

For the purposes of access control, you must provide the OCID of the compartment where you want the service to reside. For information about access control and compartments, see Overview of the IAM Service.

You must specify a display name and domain for the WAAS policy. The display name does not have to be unique and can be changed. The domain name should be different from every origin specified in WaasPolicy.

All Oracle Cloud Infrastructure resources, including WAAS policies, receive a unique, Oracle-assigned ID called an Oracle Cloud Identifier (OCID). When a resource is created, you can find its OCID in the response. You can also retrieve a resource's OCID by using a list API operation for that resource type, or by viewing the resource in the Console. Fore more information, see Resource Identifiers.

Note: After sending the POST request, the new object's state will temporarily be CREATING. Ensure that the resource's state has changed to ACTIVE before use.

Parameters:
  • create_waas_policy_details (CreateWaasPolicyDetails) -- (required) The details of the WAAS policy.
  • opc_request_id (str) -- (optional) The unique Oracle-assigned identifier for the request. If you need to contact Oracle about a particular request, please provide the request ID.
  • opc_retry_token (str) -- (optional) A token that uniquely identifies a request so it can be retried in case of a timeout or server error without risk of executing that same action again. Retry tokens expire after 24 hours, but can be invalidated before then due to conflicting operations Example: If a resource has been deleted and purged from the system, then a retry of the original delete request may be rejected.
  • retry_strategy (obj) --

    (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level.

    This should be one of the strategies available in the retry module. A convenience DEFAULT_RETRY_STRATEGY is also available. The specifics of the default retry strategy are described here.

    To have this operation explicitly not perform any retries, pass an instance of NoneRetryStrategy.

Returns:

A Response object with data of type None

Return type:

Response

delete_address_list(address_list_id, **kwargs)

Deletes an address list. Deletes the address list from the compartment if it is not used.

Parameters:
  • address_list_id (str) --

    (required) The OCID of the address list. This number is generated when the address list is added to the compartment.

  • opc_request_id (str) -- (optional) The unique Oracle-assigned identifier for the request. If you need to contact Oracle about a particular request, please provide the request ID.
  • opc_retry_token (str) -- (optional) A token that uniquely identifies a request so it can be retried in case of a timeout or server error without risk of executing that same action again. Retry tokens expire after 24 hours, but can be invalidated before then due to conflicting operations Example: If a resource has been deleted and purged from the system, then a retry of the original delete request may be rejected.
  • if_match (str) -- (optional) For optimistic concurrency control. In the PUT or DELETE call for a resource, set the if-match parameter to the value of the etag from a previous GET or POST response for that resource. The resource will be updated or deleted only if the etag provided matches the resource's current etag value.
  • retry_strategy (obj) --

    (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level.

    This should be one of the strategies available in the retry module. A convenience DEFAULT_RETRY_STRATEGY is also available. The specifics of the default retry strategy are described here.

    To have this operation explicitly not perform any retries, pass an instance of NoneRetryStrategy.

Returns:

A Response object with data of type None

Return type:

Response

delete_certificate(certificate_id, **kwargs)

Deletes a certificate. Deletes an SSL certificate from the WAAS service.

Parameters:
  • certificate_id (str) --

    (required) The OCID of the SSL certificate used in the WAAS policy. This number is generated when the certificate is added to the policy.

  • opc_request_id (str) -- (optional) The unique Oracle-assigned identifier for the request. If you need to contact Oracle about a particular request, please provide the request ID.
  • opc_retry_token (str) -- (optional) A token that uniquely identifies a request so it can be retried in case of a timeout or server error without risk of executing that same action again. Retry tokens expire after 24 hours, but can be invalidated before then due to conflicting operations Example: If a resource has been deleted and purged from the system, then a retry of the original delete request may be rejected.
  • if_match (str) -- (optional) For optimistic concurrency control. In the PUT or DELETE call for a resource, set the if-match parameter to the value of the etag from a previous GET or POST response for that resource. The resource will be updated or deleted only if the etag provided matches the resource's current etag value.
  • retry_strategy (obj) --

    (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level.

    This should be one of the strategies available in the retry module. A convenience DEFAULT_RETRY_STRATEGY is also available. The specifics of the default retry strategy are described here.

    To have this operation explicitly not perform any retries, pass an instance of NoneRetryStrategy.

Returns:

A Response object with data of type None

Return type:

Response

delete_custom_protection_rule(custom_protection_rule_id, **kwargs)

Deletes a Custom Protection rule. Deletes a Custom Protection rule.

Parameters:
  • custom_protection_rule_id (str) --

    (required) The OCID of the Custom Protection rule. This number is generated when the Custom Protection rule is added to the compartment.

  • opc_request_id (str) -- (optional) The unique Oracle-assigned identifier for the request. If you need to contact Oracle about a particular request, please provide the request ID.
  • opc_retry_token (str) -- (optional) A token that uniquely identifies a request so it can be retried in case of a timeout or server error without risk of executing that same action again. Retry tokens expire after 24 hours, but can be invalidated before then due to conflicting operations Example: If a resource has been deleted and purged from the system, then a retry of the original delete request may be rejected.
  • if_match (str) -- (optional) For optimistic concurrency control. In the PUT or DELETE call for a resource, set the if-match parameter to the value of the etag from a previous GET or POST response for that resource. The resource will be updated or deleted only if the etag provided matches the resource's current etag value.
  • retry_strategy (obj) --

    (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level.

    This should be one of the strategies available in the retry module. A convenience DEFAULT_RETRY_STRATEGY is also available. The specifics of the default retry strategy are described here.

    To have this operation explicitly not perform any retries, pass an instance of NoneRetryStrategy.

Returns:

A Response object with data of type None

Return type:

Response

delete_waas_policy(waas_policy_id, **kwargs)

Deletes a policy. Deletes a policy.

Parameters:
  • waas_policy_id (str) --

    (required) The OCID of the WAAS policy.

  • opc_request_id (str) -- (optional) The unique Oracle-assigned identifier for the request. If you need to contact Oracle about a particular request, please provide the request ID.
  • opc_retry_token (str) -- (optional) A token that uniquely identifies a request so it can be retried in case of a timeout or server error without risk of executing that same action again. Retry tokens expire after 24 hours, but can be invalidated before then due to conflicting operations Example: If a resource has been deleted and purged from the system, then a retry of the original delete request may be rejected.
  • if_match (str) -- (optional) For optimistic concurrency control. In the PUT or DELETE call for a resource, set the if-match parameter to the value of the etag from a previous GET or POST response for that resource. The resource will be updated or deleted only if the etag provided matches the resource's current etag value.
  • retry_strategy (obj) --

    (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level.

    This should be one of the strategies available in the retry module. A convenience DEFAULT_RETRY_STRATEGY is also available. The specifics of the default retry strategy are described here.

    To have this operation explicitly not perform any retries, pass an instance of NoneRetryStrategy.

Returns:

A Response object with data of type None

Return type:

Response

get_address_list(address_list_id, **kwargs)

Returns the details of an address list. Gets the details of an address list.

Parameters:
  • address_list_id (str) --

    (required) The OCID of the address list. This number is generated when the address list is added to the compartment.

  • opc_request_id (str) -- (optional) The unique Oracle-assigned identifier for the request. If you need to contact Oracle about a particular request, please provide the request ID.
  • retry_strategy (obj) --

    (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level.

    This should be one of the strategies available in the retry module. A convenience DEFAULT_RETRY_STRATEGY is also available. The specifics of the default retry strategy are described here.

    To have this operation explicitly not perform any retries, pass an instance of NoneRetryStrategy.

Returns:

A Response object with data of type AddressList

Return type:

Response

get_certificate(certificate_id, **kwargs)

Returns the details of a certificate. Gets the details of an SSL certificate.

Parameters:
  • certificate_id (str) --

    (required) The OCID of the SSL certificate used in the WAAS policy. This number is generated when the certificate is added to the policy.

  • opc_request_id (str) -- (optional) The unique Oracle-assigned identifier for the request. If you need to contact Oracle about a particular request, please provide the request ID.
  • retry_strategy (obj) --

    (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level.

    This should be one of the strategies available in the retry module. A convenience DEFAULT_RETRY_STRATEGY is also available. The specifics of the default retry strategy are described here.

    To have this operation explicitly not perform any retries, pass an instance of NoneRetryStrategy.

Returns:

A Response object with data of type Certificate

Return type:

Response

get_custom_protection_rule(custom_protection_rule_id, **kwargs)

Returns the details of a Custom Protection rule. Gets the details of a Custom Protection rule.

Parameters:
  • custom_protection_rule_id (str) --

    (required) The OCID of the Custom Protection rule. This number is generated when the Custom Protection rule is added to the compartment.

  • opc_request_id (str) -- (optional) The unique Oracle-assigned identifier for the request. If you need to contact Oracle about a particular request, please provide the request ID.
  • retry_strategy (obj) --

    (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level.

    This should be one of the strategies available in the retry module. A convenience DEFAULT_RETRY_STRATEGY is also available. The specifics of the default retry strategy are described here.

    To have this operation explicitly not perform any retries, pass an instance of NoneRetryStrategy.

Returns:

A Response object with data of type CustomProtectionRule

Return type:

Response

get_device_fingerprint_challenge(waas_policy_id, **kwargs)

Returns the device fingerprint challenge settings for the Web Application Firewall. Gets the device fingerprint challenge settings in the Web Application Firewall configuration for a WAAS policy.

Parameters:
  • waas_policy_id (str) --

    (required) The OCID of the WAAS policy.

  • opc_request_id (str) -- (optional) The unique Oracle-assigned identifier for the request. If you need to contact Oracle about a particular request, please provide the request ID.
  • retry_strategy (obj) --

    (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level.

    This should be one of the strategies available in the retry module. A convenience DEFAULT_RETRY_STRATEGY is also available. The specifics of the default retry strategy are described here.

    To have this operation explicitly not perform any retries, pass an instance of NoneRetryStrategy.

Returns:

A Response object with data of type DeviceFingerprintChallenge

Return type:

Response

get_human_interaction_challenge(waas_policy_id, **kwargs)

Returns the human interaction challenge settings for the Web Application Firewall. Gets the human interaction challenge settings in the Web Application Firewall configuration for a WAAS policy.

Parameters:
  • waas_policy_id (str) --

    (required) The OCID of the WAAS policy.

  • opc_request_id (str) -- (optional) The unique Oracle-assigned identifier for the request. If you need to contact Oracle about a particular request, please provide the request ID.
  • retry_strategy (obj) --

    (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level.

    This should be one of the strategies available in the retry module. A convenience DEFAULT_RETRY_STRATEGY is also available. The specifics of the default retry strategy are described here.

    To have this operation explicitly not perform any retries, pass an instance of NoneRetryStrategy.

Returns:

A Response object with data of type HumanInteractionChallenge

Return type:

Response

get_js_challenge(waas_policy_id, **kwargs)

Returns the JavaScript challenge settings for the Web Application Firewall. Gets the JavaScript challenge settings in the Web Application Firewall configuration for a WAAS policy.

Parameters:
  • waas_policy_id (str) --

    (required) The OCID of the WAAS policy.

  • opc_request_id (str) -- (optional) The unique Oracle-assigned identifier for the request. If you need to contact Oracle about a particular request, please provide the request ID.
  • retry_strategy (obj) --

    (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level.

    This should be one of the strategies available in the retry module. A convenience DEFAULT_RETRY_STRATEGY is also available. The specifics of the default retry strategy are described here.

    To have this operation explicitly not perform any retries, pass an instance of NoneRetryStrategy.

Returns:

A Response object with data of type JsChallenge

Return type:

Response

get_policy_config(waas_policy_id, **kwargs)

Returns the general configuration for the policy. Gets the configuration of a WAAS policy.

Parameters:
  • waas_policy_id (str) --

    (required) The OCID of the WAAS policy.

  • opc_request_id (str) -- (optional) The unique Oracle-assigned identifier for the request. If you need to contact Oracle about a particular request, please provide the request ID.
  • retry_strategy (obj) --

    (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level.

    This should be one of the strategies available in the retry module. A convenience DEFAULT_RETRY_STRATEGY is also available. The specifics of the default retry strategy are described here.

    To have this operation explicitly not perform any retries, pass an instance of NoneRetryStrategy.

Returns:

A Response object with data of type PolicyConfig

Return type:

Response

get_protection_rule(waas_policy_id, protection_rule_key, **kwargs)

Returns the details of a single protection rule. Gets the details of a protection rule in the Web Application Firewall configuration for a WAAS policy.

Parameters:
  • waas_policy_id (str) --

    (required) The OCID of the WAAS policy.

  • protection_rule_key (str) -- (required) The protection rule key.
  • opc_request_id (str) -- (optional) The unique Oracle-assigned identifier for the request. If you need to contact Oracle about a particular request, please provide the request ID.
  • retry_strategy (obj) --

    (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level.

    This should be one of the strategies available in the retry module. A convenience DEFAULT_RETRY_STRATEGY is also available. The specifics of the default retry strategy are described here.

    To have this operation explicitly not perform any retries, pass an instance of NoneRetryStrategy.

Returns:

A Response object with data of type ProtectionRule

Return type:

Response

get_protection_settings(waas_policy_id, **kwargs)

Returns the protection settings for the Web Application Firewall. Gets the protection settings in the Web Application Firewall configuration for a WAAS policy.

Parameters:
  • waas_policy_id (str) --

    (required) The OCID of the WAAS policy.

  • opc_request_id (str) -- (optional) The unique Oracle-assigned identifier for the request. If you need to contact Oracle about a particular request, please provide the request ID.
  • retry_strategy (obj) --

    (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level.

    This should be one of the strategies available in the retry module. A convenience DEFAULT_RETRY_STRATEGY is also available. The specifics of the default retry strategy are described here.

    To have this operation explicitly not perform any retries, pass an instance of NoneRetryStrategy.

Returns:

A Response object with data of type ProtectionSettings

Return type:

Response

get_waas_policy(waas_policy_id, **kwargs)

Returns the details of a policy. Gets the details of a WAAS policy.

Parameters:
  • waas_policy_id (str) --

    (required) The OCID of the WAAS policy.

  • opc_request_id (str) -- (optional) The unique Oracle-assigned identifier for the request. If you need to contact Oracle about a particular request, please provide the request ID.
  • retry_strategy (obj) --

    (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level.

    This should be one of the strategies available in the retry module. A convenience DEFAULT_RETRY_STRATEGY is also available. The specifics of the default retry strategy are described here.

    To have this operation explicitly not perform any retries, pass an instance of NoneRetryStrategy.

Returns:

A Response object with data of type WaasPolicy

Return type:

Response

get_waf_address_rate_limiting(waas_policy_id, **kwargs)

Returns the rate limiting settings for the Web Application Firewall. Gets the address rate limiting settings of the Web Application Firewall configuration for a WAAS policy.

Parameters:
  • waas_policy_id (str) --

    (required) The OCID of the WAAS policy.

  • opc_request_id (str) -- (optional) The unique Oracle-assigned identifier for the request. If you need to contact Oracle about a particular request, please provide the request ID.
  • retry_strategy (obj) --

    (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level.

    This should be one of the strategies available in the retry module. A convenience DEFAULT_RETRY_STRATEGY is also available. The specifics of the default retry strategy are described here.

    To have this operation explicitly not perform any retries, pass an instance of NoneRetryStrategy.

Returns:

A Response object with data of type AddressRateLimiting

Return type:

Response

get_waf_config(waas_policy_id, **kwargs)

Returns the Web Application Firewall configuration. Gets the Web Application Firewall configuration details for a WAAS policy.

Parameters:
  • waas_policy_id (str) --

    (required) The OCID of the WAAS policy.

  • opc_request_id (str) -- (optional) The unique Oracle-assigned identifier for the request. If you need to contact Oracle about a particular request, please provide the request ID.
  • retry_strategy (obj) --

    (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level.

    This should be one of the strategies available in the retry module. A convenience DEFAULT_RETRY_STRATEGY is also available. The specifics of the default retry strategy are described here.

    To have this operation explicitly not perform any retries, pass an instance of NoneRetryStrategy.

Returns:

A Response object with data of type WafConfig

Return type:

Response

get_work_request(work_request_id, **kwargs)

Returns the details of a work request. Gets the details of a specified work request.

Parameters:
  • work_request_id (str) --

    (required) The OCID of the work request. This number is generated when work request is created.

  • opc_request_id (str) -- (optional) The unique Oracle-assigned identifier for the request. If you need to contact Oracle about a particular request, please provide the request ID.
  • retry_strategy (obj) --

    (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level.

    This should be one of the strategies available in the retry module. A convenience DEFAULT_RETRY_STRATEGY is also available. The specifics of the default retry strategy are described here.

    To have this operation explicitly not perform any retries, pass an instance of NoneRetryStrategy.

Returns:

A Response object with data of type WorkRequest

Return type:

Response

list_access_rules(waas_policy_id, **kwargs)

Returns a list of access rules for the Web Application Firewall. Gets the currently configured access rules for the Web Application Firewall configuration of a specified WAAS policy. The order of the access rules is important. The rules will be checked in the order they are specified and the first matching rule will be used.

Parameters:
  • waas_policy_id (str) --

    (required) The OCID of the WAAS policy.

  • opc_request_id (str) -- (optional) The unique Oracle-assigned identifier for the request. If you need to contact Oracle about a particular request, please provide the request ID.
  • limit (int) -- (optional) The maximum number of items to return in a paginated call. In unspecified, defaults to 10.
  • page (str) -- (optional) The value of the opc-next-page response header from the previous paginated call.
  • retry_strategy (obj) --

    (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level.

    This should be one of the strategies available in the retry module. A convenience DEFAULT_RETRY_STRATEGY is also available. The specifics of the default retry strategy are described here.

    To have this operation explicitly not perform any retries, pass an instance of NoneRetryStrategy.

Returns:

A Response object with data of type list of AccessRule

Return type:

Response

list_address_lists(compartment_id, **kwargs)

Returns a list of address lists. Gets a list of address lists that can be used in a WAAS policy.

Parameters:
  • compartment_id (str) --

    (required) The OCID of the compartment. This number is generated when the compartment is created.

  • opc_request_id (str) -- (optional) The unique Oracle-assigned identifier for the request. If you need to contact Oracle about a particular request, please provide the request ID.
  • limit (int) -- (optional) The maximum number of items to return in a paginated call. In unspecified, defaults to 10.
  • page (str) -- (optional) The value of the opc-next-page response header from the previous paginated call.
  • sort_by (str) --

    (optional) The value by which address lists are sorted in a paginated 'List' call. If unspecified, defaults to timeCreated.

    Allowed values are: "id", "name", "timeCreated"

  • sort_order (str) --

    (optional) The value of the sorting direction of resources in a paginated 'List' call. If unspecified, defaults to DESC.

    Allowed values are: "ASC", "DESC"

  • id (list[str]) -- (optional) Filter address lists using a list of address lists OCIDs.
  • name (list[str]) -- (optional) Filter address lists using a list of names.
  • lifecycle_state (list[str]) --

    (optional) Filter address lists using a list of lifecycle states.

    Allowed values are: "CREATING", "ACTIVE", "FAILED", "UPDATING", "DELETING", "DELETED"

  • time_created_greater_than_or_equal_to (datetime) -- (optional) A filter that matches address lists created on or after the specified date-time.
  • time_created_less_than (datetime) -- (optional) A filter that matches address lists created before the specified date-time.
  • retry_strategy (obj) --

    (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level.

    This should be one of the strategies available in the retry module. A convenience DEFAULT_RETRY_STRATEGY is also available. The specifics of the default retry strategy are described here.

    To have this operation explicitly not perform any retries, pass an instance of NoneRetryStrategy.

Returns:

A Response object with data of type list of AddressListSummary

Return type:

Response

list_caching_rules(waas_policy_id, **kwargs)

Returns the list of caching rules for the Web Application Firewall. Gets the currently configured caching rules for the Web Application Firewall configuration of a specified WAAS policy. The order of the caching rules is important. The rules will be checked in the order they are specified and the first matching rule will be used.

Parameters:
  • waas_policy_id (str) --

    (required) The OCID of the WAAS policy.

  • opc_request_id (str) -- (optional) The unique Oracle-assigned identifier for the request. If you need to contact Oracle about a particular request, please provide the request ID.
  • limit (int) -- (optional) The maximum number of items to return in a paginated call. In unspecified, defaults to 10.
  • page (str) -- (optional) The value of the opc-next-page response header from the previous paginated call.
  • retry_strategy (obj) --

    (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level.

    This should be one of the strategies available in the retry module. A convenience DEFAULT_RETRY_STRATEGY is also available. The specifics of the default retry strategy are described here.

    To have this operation explicitly not perform any retries, pass an instance of NoneRetryStrategy.

Returns:

A Response object with data of type list of CachingRuleSummary

Return type:

Response

list_captchas(waas_policy_id, **kwargs)

Returns a list of CAPTCHA configurations for the Web Application Firewall. Gets the list of currently configured CAPTCHA challenges in the Web Application Firewall configuration of a WAAS policy.

The order of the CAPTCHA challenges is important. The URL for each CAPTCHA will be checked in the order they are created.

Parameters:
  • waas_policy_id (str) --

    (required) The OCID of the WAAS policy.

  • opc_request_id (str) -- (optional) The unique Oracle-assigned identifier for the request. If you need to contact Oracle about a particular request, please provide the request ID.
  • limit (int) -- (optional) The maximum number of items to return in a paginated call. In unspecified, defaults to 10.
  • page (str) -- (optional) The value of the opc-next-page response header from the previous paginated call.
  • retry_strategy (obj) --

    (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level.

    This should be one of the strategies available in the retry module. A convenience DEFAULT_RETRY_STRATEGY is also available. The specifics of the default retry strategy are described here.

    To have this operation explicitly not perform any retries, pass an instance of NoneRetryStrategy.

Returns:

A Response object with data of type list of Captcha

Return type:

Response

list_certificates(compartment_id, **kwargs)

Returns a list of certificates. Gets a list of SSL certificates that can be used in a WAAS policy.

Parameters:
  • compartment_id (str) --

    (required) The OCID of the compartment. This number is generated when the compartment is created.

  • opc_request_id (str) -- (optional) The unique Oracle-assigned identifier for the request. If you need to contact Oracle about a particular request, please provide the request ID.
  • limit (int) -- (optional) The maximum number of items to return in a paginated call. In unspecified, defaults to 10.
  • page (str) -- (optional) The value of the opc-next-page response header from the previous paginated call.
  • sort_by (str) --

    (optional) The value by which certificate summaries are sorted in a paginated 'List' call. If unspecified, defaults to timeCreated.

    Allowed values are: "id", "compartmentId", "displayName", "notValidAfter", "timeCreated"

  • sort_order (str) --

    (optional) The value of the sorting direction of resources in a paginated 'List' call. If unspecified, defaults to DESC.

    Allowed values are: "ASC", "DESC"

  • id (list[str]) -- (optional) Filter certificates using a list of certificates OCIDs.
  • display_name (list[str]) -- (optional) Filter certificates using a list of display names.
  • lifecycle_state (list[str]) --

    (optional) Filter certificates using a list of lifecycle states.

    Allowed values are: "CREATING", "ACTIVE", "FAILED", "UPDATING", "DELETING", "DELETED"

  • time_created_greater_than_or_equal_to (datetime) -- (optional) A filter that matches certificates created on or after the specified date-time.
  • time_created_less_than (datetime) -- (optional) A filter that matches certificates created before the specified date-time.
  • retry_strategy (obj) --

    (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level.

    This should be one of the strategies available in the retry module. A convenience DEFAULT_RETRY_STRATEGY is also available. The specifics of the default retry strategy are described here.

    To have this operation explicitly not perform any retries, pass an instance of NoneRetryStrategy.

Returns:

A Response object with data of type list of CertificateSummary

Return type:

Response

list_custom_protection_rules(compartment_id, **kwargs)

Returns the list of Custom Protection rules for the given compartment. Gets a list of Custom Protection rules.

Parameters:
  • compartment_id (str) --

    (required) The OCID of the compartment. This number is generated when the compartment is created.

  • opc_request_id (str) -- (optional) The unique Oracle-assigned identifier for the request. If you need to contact Oracle about a particular request, please provide the request ID.
  • limit (int) -- (optional) The maximum number of items to return in a paginated call. In unspecified, defaults to 10.
  • page (str) -- (optional) The value of the opc-next-page response header from the previous paginated call.
  • sort_by (str) --

    (optional) The value by which Custom Protection rules are sorted in a paginated 'List' call. If unspecified, defaults to timeCreated.

    Allowed values are: "id", "compartmentId", "displayName", "modSecurityRuleId", "timeCreated"

  • sort_order (str) --

    (optional) The value of the sorting direction of resources in a paginated 'List' call. If unspecified, defaults to DESC.

    Allowed values are: "ASC", "DESC"

  • id (list[str]) -- (optional) Filter Custom Protection rules using a list of Custom Protection rules OCIDs.
  • display_name (list[str]) -- (optional) Filter Custom Protection rules using a list of display names.
  • lifecycle_state (list[str]) --

    (optional) Filter Custom Protection rules using a list of lifecycle states.

    Allowed values are: "CREATING", "ACTIVE", "FAILED", "UPDATING", "DELETING", "DELETED"

  • time_created_greater_than_or_equal_to (datetime) -- (optional) A filter that matches Custom Protection rules created on or after the specified date-time.
  • time_created_less_than (datetime) -- (optional) A filter that matches Custom Protection rules created before the specified date-time.
  • retry_strategy (obj) --

    (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level.

    This should be one of the strategies available in the retry module. A convenience DEFAULT_RETRY_STRATEGY is also available. The specifics of the default retry strategy are described here.

    To have this operation explicitly not perform any retries, pass an instance of NoneRetryStrategy.

Returns:

A Response object with data of type list of CustomProtectionRuleSummary

Return type:

Response

list_edge_subnets(**kwargs)

Returns a list of subnets corresponding the Web Application Firewall. Return the list of the tenant's edge node subnets. Use these CIDR blocks to restrict incoming traffic to your origin. These subnets are owned by OCI and forward traffic to customer origins. They are not associated with specific regions or compartments.

Parameters:
  • opc_request_id (str) -- (optional) The unique Oracle-assigned identifier for the request. If you need to contact Oracle about a particular request, please provide the request ID.
  • limit (int) -- (optional) The maximum number of items to return in a paginated call. In unspecified, defaults to 10.
  • page (str) -- (optional) The value of the opc-next-page response header from the previous paginated call.
  • sort_by (str) --

    (optional) The value by which edge node subnets are sorted in a paginated 'List' call. If unspecified, defaults to timeModified.

    Allowed values are: "cidr", "region", "timeModified"

  • sort_order (str) --

    (optional) The value of the sorting direction of resources in a paginated 'List' call. If unspecified, defaults to DESC.

    Allowed values are: "ASC", "DESC"

  • retry_strategy (obj) --

    (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level.

    This should be one of the strategies available in the retry module. A convenience DEFAULT_RETRY_STRATEGY is also available. The specifics of the default retry strategy are described here.

    To have this operation explicitly not perform any retries, pass an instance of NoneRetryStrategy.

Returns:

A Response object with data of type list of EdgeSubnet

Return type:

Response

list_good_bots(waas_policy_id, **kwargs)

Returns the list of good bot configurations for the Web Application Firewall. Gets the list of good bots defined in the Web Application Firewall configuration for a WAAS policy.

The list is sorted by key, in ascending order.

Parameters:
  • waas_policy_id (str) --

    (required) The OCID of the WAAS policy.

  • opc_request_id (str) -- (optional) The unique Oracle-assigned identifier for the request. If you need to contact Oracle about a particular request, please provide the request ID.
  • limit (int) -- (optional) The maximum number of items to return in a paginated call. In unspecified, defaults to 10.
  • page (str) -- (optional) The value of the opc-next-page response header from the previous paginated call.
  • retry_strategy (obj) --

    (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level.

    This should be one of the strategies available in the retry module. A convenience DEFAULT_RETRY_STRATEGY is also available. The specifics of the default retry strategy are described here.

    To have this operation explicitly not perform any retries, pass an instance of NoneRetryStrategy.

Returns:

A Response object with data of type list of GoodBot

Return type:

Response

list_protection_rules(waas_policy_id, **kwargs)

Returns the list of protection rules for the Web Application Firewall. Gets the list of available protection rules for a WAAS policy. Use the GetWafConfig operation to view a list of currently configured protection rules for the Web Application Firewall, or use the ListRecommendations operation to get a list of recommended protection rules for the Web Application Firewall. The list is sorted by key, in ascending order.

Parameters:
  • waas_policy_id (str) --

    (required) The OCID of the WAAS policy.

  • opc_request_id (str) -- (optional) The unique Oracle-assigned identifier for the request. If you need to contact Oracle about a particular request, please provide the request ID.
  • limit (int) -- (optional) The maximum number of items to return in a paginated call. In unspecified, defaults to 10.
  • page (str) -- (optional) The value of the opc-next-page response header from the previous paginated call.
  • mod_security_rule_id (list[str]) -- (optional) Filter rules using a list of ModSecurity rule IDs.
  • action (list[str]) --

    (optional) Filter rules using a list of actions.

    Allowed values are: "OFF", "DETECT", "BLOCK"

  • retry_strategy (obj) --

    (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level.

    This should be one of the strategies available in the retry module. A convenience DEFAULT_RETRY_STRATEGY is also available. The specifics of the default retry strategy are described here.

    To have this operation explicitly not perform any retries, pass an instance of NoneRetryStrategy.

Returns:

A Response object with data of type list of ProtectionRule

Return type:

Response

list_recommendations(waas_policy_id, **kwargs)

Returns the list of recommended Web Application Firewall protection rules. Gets the list of recommended Web Application Firewall protection rules.

Use the POST /waasPolicies/{waasPolicyId}/actions/acceptWafConfigRecommendations method to accept recommended Web Application Firewall protection rules. For more information, see WAF Protection Rules. The list is sorted by key, in ascending order.

Parameters:
  • waas_policy_id (str) --

    (required) The OCID of the WAAS policy.

  • opc_request_id (str) -- (optional) The unique Oracle-assigned identifier for the request. If you need to contact Oracle about a particular request, please provide the request ID.
  • recommended_action (str) --

    (optional) A filter that matches recommended protection rules based on the selected action. If unspecified, rules with any action type are returned.

    Allowed values are: "DETECT", "BLOCK"

  • limit (int) -- (optional) The maximum number of items to return in a paginated call. In unspecified, defaults to 10.
  • page (str) -- (optional) The value of the opc-next-page response header from the previous paginated call.
  • retry_strategy (obj) --

    (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level.

    This should be one of the strategies available in the retry module. A convenience DEFAULT_RETRY_STRATEGY is also available. The specifics of the default retry strategy are described here.

    To have this operation explicitly not perform any retries, pass an instance of NoneRetryStrategy.

Returns:

A Response object with data of type list of Recommendation

Return type:

Response

list_threat_feeds(waas_policy_id, **kwargs)

Returns a list of threat intelligence feeds. Gets the list of available web application threat intelligence feeds and the actions set for each feed. The list is sorted by key, in ascending order.

Parameters:
  • waas_policy_id (str) --

    (required) The OCID of the WAAS policy.

  • opc_request_id (str) -- (optional) The unique Oracle-assigned identifier for the request. If you need to contact Oracle about a particular request, please provide the request ID.
  • limit (int) -- (optional) The maximum number of items to return in a paginated call. In unspecified, defaults to 10.
  • page (str) -- (optional) The value of the opc-next-page response header from the previous paginated call.
  • retry_strategy (obj) --

    (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level.

    This should be one of the strategies available in the retry module. A convenience DEFAULT_RETRY_STRATEGY is also available. The specifics of the default retry strategy are described here.

    To have this operation explicitly not perform any retries, pass an instance of NoneRetryStrategy.

Returns:

A Response object with data of type list of ThreatFeed

Return type:

Response

list_waas_policies(compartment_id, **kwargs)

Returns the list of policies for the given compartment. Gets a list of WAAS policies.

Parameters:
  • compartment_id (str) --

    (required) The OCID of the compartment. This number is generated when the compartment is created.

  • opc_request_id (str) -- (optional) The unique Oracle-assigned identifier for the request. If you need to contact Oracle about a particular request, please provide the request ID.
  • limit (int) -- (optional) The maximum number of items to return in a paginated call. In unspecified, defaults to 10.
  • page (str) -- (optional) The value of the opc-next-page response header from the previous paginated call.
  • sort_by (str) --

    (optional) The value by which policies are sorted in a paginated 'List' call. If unspecified, defaults to timeCreated.

    Allowed values are: "id", "displayName", "timeCreated"

  • sort_order (str) --

    (optional) The value of the sorting direction of resources in a paginated 'List' call. If unspecified, defaults to DESC.

    Allowed values are: "ASC", "DESC"

  • id (list[str]) -- (optional) Filter policies using a list of policy OCIDs.
  • display_name (list[str]) -- (optional) Filter policies using a list of display names.
  • lifecycle_state (list[str]) --

    (optional) Filter policies using a list of lifecycle states.

    Allowed values are: "CREATING", "ACTIVE", "FAILED", "UPDATING", "DELETING", "DELETED"

  • time_created_greater_than_or_equal_to (datetime) -- (optional) A filter that matches policies created on or after the specified date and time.
  • time_created_less_than (datetime) -- (optional) A filter that matches policies created before the specified date-time.
  • retry_strategy (obj) --

    (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level.

    This should be one of the strategies available in the retry module. A convenience DEFAULT_RETRY_STRATEGY is also available. The specifics of the default retry strategy are described here.

    To have this operation explicitly not perform any retries, pass an instance of NoneRetryStrategy.

Returns:

A Response object with data of type list of WaasPolicySummary

Return type:

Response

list_waas_policy_custom_protection_rules(waas_policy_id, **kwargs)

Returns the list of custom protection rules for the Web Application Firewall. Gets the list of currently configured custom protection rules for a WAAS policy.

Parameters:
  • waas_policy_id (str) --

    (required) The OCID of the WAAS policy.

  • opc_request_id (str) -- (optional) The unique Oracle-assigned identifier for the request. If you need to contact Oracle about a particular request, please provide the request ID.
  • limit (int) -- (optional) The maximum number of items to return in a paginated call. In unspecified, defaults to 10.
  • page (str) -- (optional) The value of the opc-next-page response header from the previous paginated call.
  • mod_security_rule_id (list[str]) -- (optional) Filter rules using a list of ModSecurity rule IDs.
  • action (list[str]) --

    (optional) Filter rules using a list of actions.

    Allowed values are: "DETECT", "BLOCK"

  • retry_strategy (obj) --

    (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level.

    This should be one of the strategies available in the retry module. A convenience DEFAULT_RETRY_STRATEGY is also available. The specifics of the default retry strategy are described here.

    To have this operation explicitly not perform any retries, pass an instance of NoneRetryStrategy.

Returns:

A Response object with data of type list of WaasPolicyCustomProtectionRuleSummary

Return type:

Response

list_waf_blocked_requests(waas_policy_id, **kwargs)

Returns a list of requests blocked by the Web Application Firewall. Gets the number of blocked requests by a Web Application Firewall feature in five minute blocks, sorted by timeObserved in ascending order (starting from oldest data).

Parameters:
  • waas_policy_id (str) --

    (required) The OCID of the WAAS policy.

  • opc_request_id (str) -- (optional) The unique Oracle-assigned identifier for the request. If you need to contact Oracle about a particular request, please provide the request ID.
  • time_observed_greater_than_or_equal_to (datetime) -- (optional) A filter that limits returned events to those occurring on or after a date and time, specified in RFC 3339 format. If unspecified, defaults to 30 minutes before receipt of the request.
  • time_observed_less_than (datetime) -- (optional) A filter that limits returned events to those occurring before a date and time, specified in RFC 3339 format.
  • limit (int) -- (optional) The maximum number of items to return in a paginated call. In unspecified, defaults to 10.
  • page (str) -- (optional) The value of the opc-next-page response header from the previous paginated call.
  • waf_feature (list[str]) --

    (optional) Filter stats by the Web Application Firewall feature that triggered the block action. If unspecified, data for all WAF features will be returned.

    Allowed values are: "PROTECTION_RULES", "JS_CHALLENGE", "ACCESS_RULES", "THREAT_FEEDS", "HUMAN_INTERACTION_CHALLENGE", "DEVICE_FINGERPRINT_CHALLENGE", "CAPTCHA", "ADDRESS_RATE_LIMITING"

  • retry_strategy (obj) --

    (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level.

    This should be one of the strategies available in the retry module. A convenience DEFAULT_RETRY_STRATEGY is also available. The specifics of the default retry strategy are described here.

    To have this operation explicitly not perform any retries, pass an instance of NoneRetryStrategy.

Returns:

A Response object with data of type list of WafBlockedRequest

Return type:

Response

list_waf_logs(waas_policy_id, **kwargs)

Returns a list of logs for the Web Application Firewall. Gets structured Web Application Firewall event logs for a WAAS policy. Sorted by the timeObserved in ascending order (starting from the oldest recorded event).

Parameters:
  • waas_policy_id (str) --

    (required) The OCID of the WAAS policy.

  • opc_request_id (str) -- (optional) The unique Oracle-assigned identifier for the request. If you need to contact Oracle about a particular request, please provide the request ID.
  • limit (int) -- (optional) The maximum number of items to return in a paginated call. In unspecified, defaults to 20.
  • page (str) -- (optional) The value of the opc-next-page response header from the previous paginated call.
  • time_observed_greater_than_or_equal_to (datetime) -- (optional) A filter that matches log entries where the observed event occurred on or after a date and time specified in RFC 3339 format. If unspecified, defaults to two hours before receipt of the request.
  • time_observed_less_than (datetime) -- (optional) A filter that matches log entries where the observed event occurred before a date and time, specified in RFC 3339 format.
  • text_contains (str) -- (optional) A full text search for logs.
  • access_rule_key (list[str]) -- (optional) Filters logs by access rule key.
  • action (list[str]) --

    (optional) Filters logs by Web Application Firewall action.

    Allowed values are: "BLOCK", "DETECT", "BYPASS", "LOG", "REDIRECTED"

  • client_address (list[str]) -- (optional) Filters logs by client IP address.
  • country_code (list[str]) --

    (optional) Filters logs by country code. Country codes are in ISO 3166-1 alpha-2 format. For a list of codes, see ISO's website.

  • country_name (list[str]) -- (optional) Filter logs by country name.
  • fingerprint (list[str]) -- (optional) Filter logs by device fingerprint.
  • http_method (list[str]) --

    (optional) Filter logs by HTTP method.

    Allowed values are: "OPTIONS", "GET", "HEAD", "POST", "PUT", "DELETE", "TRACE", "CONNECT"

  • incident_key (list[str]) -- (optional) Filter logs by incident key.
  • log_type (list[str]) --

    (optional) Filter by log type.

    Allowed values are: "ACCESS", "PROTECTION_RULES", "JS_CHALLENGE", "CAPTCHA", "ACCESS_RULES", "THREAT_FEEDS", "HUMAN_INTERACTION_CHALLENGE", "DEVICE_FINGERPRINT_CHALLENGE", "ADDRESS_RATE_LIMITING"

  • origin_address (list[str]) -- (optional) Filter by origin IP address.
  • referrer (list[str]) -- (optional) Filter by referrer.
  • request_url (list[str]) -- (optional) Filter by request URL.
  • response_code (list[int]) -- (optional) Filter by response code.
  • threat_feed_key (list[str]) -- (optional) Filter by threat feed key.
  • user_agent (list[str]) -- (optional) Filter by user agent.
  • protection_rule_key (list[str]) -- (optional) Filter by protection rule key.
  • retry_strategy (obj) --

    (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level.

    This should be one of the strategies available in the retry module. A convenience DEFAULT_RETRY_STRATEGY is also available. The specifics of the default retry strategy are described here.

    To have this operation explicitly not perform any retries, pass an instance of NoneRetryStrategy.

Returns:

A Response object with data of type list of WafLog

Return type:

Response

list_waf_requests(waas_policy_id, **kwargs)

Returns a list of requests handled by the Web Application Firewall. Gets the number of requests managed by a Web Application Firewall over a specified period of time, including blocked requests. Sorted by timeObserved in ascending order (starting from oldest requests).

Parameters:
  • waas_policy_id (str) --

    (required) The OCID of the WAAS policy.

  • opc_request_id (str) -- (optional) The unique Oracle-assigned identifier for the request. If you need to contact Oracle about a particular request, please provide the request ID.
  • time_observed_greater_than_or_equal_to (datetime) -- (optional) A filter that limits returned events to those occurring on or after a date and time, specified in RFC 3339 format. If unspecified, defaults to 30 minutes before receipt of the request.
  • time_observed_less_than (datetime) -- (optional) A filter that limits returned events to those occurring before a date and time, specified in RFC 3339 format.
  • limit (int) -- (optional) The maximum number of items to return in a paginated call. In unspecified, defaults to 10.
  • page (str) -- (optional) The value of the opc-next-page response header from the previous paginated call.
  • retry_strategy (obj) --

    (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level.

    This should be one of the strategies available in the retry module. A convenience DEFAULT_RETRY_STRATEGY is also available. The specifics of the default retry strategy are described here.

    To have this operation explicitly not perform any retries, pass an instance of NoneRetryStrategy.

Returns:

A Response object with data of type list of WafRequest

Return type:

Response

list_waf_traffic(waas_policy_id, **kwargs)

Returns a list of traffic data for the Web Application Firewall. Gets the Web Application Firewall traffic data for a WAAS policy. Sorted by timeObserved in ascending order (starting from oldest data).

Parameters:
  • waas_policy_id (str) --

    (required) The OCID of the WAAS policy.

  • opc_request_id (str) -- (optional) The unique Oracle-assigned identifier for the request. If you need to contact Oracle about a particular request, please provide the request ID.
  • time_observed_greater_than_or_equal_to (datetime) -- (optional) A filter that limits returned events to those occurring on or after a date and time, specified in RFC 3339 format. If unspecified, defaults to 30 minutes before receipt of the request.
  • time_observed_less_than (datetime) -- (optional) A filter that limits returned events to those occurring before a date and time, specified in RFC 3339 format.
  • limit (int) -- (optional) The maximum number of items to return in a paginated call. In unspecified, defaults to 10.
  • page (str) -- (optional) The value of the opc-next-page response header from the previous paginated call.
  • retry_strategy (obj) --

    (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level.

    This should be one of the strategies available in the retry module. A convenience DEFAULT_RETRY_STRATEGY is also available. The specifics of the default retry strategy are described here.

    To have this operation explicitly not perform any retries, pass an instance of NoneRetryStrategy.

Returns:

A Response object with data of type list of WafTrafficDatum

Return type:

Response

list_whitelists(waas_policy_id, **kwargs)

Returns a list of whitelists for the Web Application Firewall. Gets the list of whitelists defined in the Web Application Firewall configuration for a WAAS policy.

Parameters:
  • waas_policy_id (str) --

    (required) The OCID of the WAAS policy.

  • opc_request_id (str) -- (optional) The unique Oracle-assigned identifier for the request. If you need to contact Oracle about a particular request, please provide the request ID.
  • limit (int) -- (optional) The maximum number of items to return in a paginated call. In unspecified, defaults to 10.
  • page (str) -- (optional) The value of the opc-next-page response header from the previous paginated call.
  • retry_strategy (obj) --

    (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level.

    This should be one of the strategies available in the retry module. A convenience DEFAULT_RETRY_STRATEGY is also available. The specifics of the default retry strategy are described here.

    To have this operation explicitly not perform any retries, pass an instance of NoneRetryStrategy.

Returns:

A Response object with data of type list of Whitelist

Return type:

Response

list_work_requests(waas_policy_id, compartment_id, **kwargs)

Returns a list of work requests. Gets a list of subnets (CIDR notation) from which the WAAS EDGE may make requests. The subnets are owned by OCI and forward traffic to your origins. Allow traffic from these subnets to your origins. They are not associated with specific regions or compartments.

Parameters:
  • waas_policy_id (str) --

    (required) The OCID of the policy.

  • compartment_id (str) --

    (required) The OCID of the compartment. This number is generated when the compartment is created.

  • opc_request_id (str) -- (optional) The unique Oracle-assigned identifier for the request. If you need to contact Oracle about a particular request, please provide the request ID.
  • limit (int) -- (optional) The maximum number of items to return in a paginated call. In unspecified, defaults to 10.
  • page (str) -- (optional) The value of the opc-next-page response header from the previous paginated call.
  • sort_by (str) --

    (optional) The value by which work requests are sorted in a paginated 'List' call. If unspecified, defaults to timeAccepted.

    Allowed values are: "id", "status", "timeAccepted", "timeStarted", "timeFinished", "operationType"

  • sort_order (str) --

    (optional) The value of the sorting direction of resources in a paginated 'List' call. If unspecified, defaults to DESC.

    Allowed values are: "ASC", "DESC"

  • retry_strategy (obj) --

    (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level.

    This should be one of the strategies available in the retry module. A convenience DEFAULT_RETRY_STRATEGY is also available. The specifics of the default retry strategy are described here.

    To have this operation explicitly not perform any retries, pass an instance of NoneRetryStrategy.

Returns:

A Response object with data of type list of WorkRequestSummary

Return type:

Response

purge_cache(waas_policy_id, **kwargs)

Accepts a list of resources to be purged. Accepts a list of resources that will get it's cache purged. If resources property is not passed, then the entire cache for Web Application will be purged.

Parameters:
  • waas_policy_id (str) --

    (required) The OCID of the WAAS policy.

  • opc_request_id (str) -- (optional) The unique Oracle-assigned identifier for the request. If you need to contact Oracle about a particular request, please provide the request ID.
  • if_match (str) -- (optional) For optimistic concurrency control. In the PUT or DELETE call for a resource, set the if-match parameter to the value of the etag from a previous GET or POST response for that resource. The resource will be updated or deleted only if the etag provided matches the resource's current etag value.
  • purge_cache (PurgeCache) -- (optional)
  • retry_strategy (obj) --

    (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level.

    This should be one of the strategies available in the retry module. A convenience DEFAULT_RETRY_STRATEGY is also available. The specifics of the default retry strategy are described here.

    To have this operation explicitly not perform any retries, pass an instance of NoneRetryStrategy.

Returns:

A Response object with data of type None

Return type:

Response

update_access_rules(waas_policy_id, access_rules, **kwargs)

Updates the list of access rules for the Web Application Firewall. Updates the list of access rules in the Web Application Firewall configuration for a specified WAAS policy. Access rules allow explicit actions to be defined and executed for requests that meet various conditions. A rule action can be set to allow, detect, or block requests. The detect setting allows the request to pass through the Web Application Firewall and is tagged with a DETECT flag in the Web Application Firewall's log.

This operation can create, delete, update, and/or reorder access rules depending on the structure of the request body.

Access rules can be updated by changing the properties of the access rule object with the rule's key specified in the key field. Access rules can be reordered by changing the order of the access rules in the list when updating.

Access rules can be created by adding a new access rule object to the list without a key property specified. A key will be generated for the new access rule upon update.

Any existing access rules that are not specified with a key in the list of access rules will be deleted upon update.

Parameters:
  • waas_policy_id (str) --

    (required) The OCID of the WAAS policy.

  • access_rules (list[AccessRule]) -- (required)
  • opc_request_id (str) -- (optional) The unique Oracle-assigned identifier for the request. If you need to contact Oracle about a particular request, please provide the request ID.
  • opc_retry_token (str) -- (optional) A token that uniquely identifies a request so it can be retried in case of a timeout or server error without risk of executing that same action again. Retry tokens expire after 24 hours, but can be invalidated before then due to conflicting operations Example: If a resource has been deleted and purged from the system, then a retry of the original delete request may be rejected.
  • if_match (str) -- (optional) For optimistic concurrency control. In the PUT or DELETE call for a resource, set the if-match parameter to the value of the etag from a previous GET or POST response for that resource. The resource will be updated or deleted only if the etag provided matches the resource's current etag value.
  • retry_strategy (obj) --

    (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level.

    This should be one of the strategies available in the retry module. A convenience DEFAULT_RETRY_STRATEGY is also available. The specifics of the default retry strategy are described here.

    To have this operation explicitly not perform any retries, pass an instance of NoneRetryStrategy.

Returns:

A Response object with data of type None

Return type:

Response

update_address_list(address_list_id, **kwargs)

Updates the name and IP values of an address list. Updates the details of an address list. Only the fields specified in the request body will be updated; all other properties will remain unchanged.

Parameters:
  • address_list_id (str) --

    (required) The OCID of the address list. This number is generated when the address list is added to the compartment.

  • opc_request_id (str) -- (optional) The unique Oracle-assigned identifier for the request. If you need to contact Oracle about a particular request, please provide the request ID.
  • if_match (str) -- (optional) For optimistic concurrency control. In the PUT or DELETE call for a resource, set the if-match parameter to the value of the etag from a previous GET or POST response for that resource. The resource will be updated or deleted only if the etag provided matches the resource's current etag value.
  • update_address_list_details (UpdateAddressListDetails) -- (optional) The details of the address list to update.
  • retry_strategy (obj) --

    (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level.

    This should be one of the strategies available in the retry module. A convenience DEFAULT_RETRY_STRATEGY is also available. The specifics of the default retry strategy are described here.

    To have this operation explicitly not perform any retries, pass an instance of NoneRetryStrategy.

Returns:

A Response object with data of type AddressList

Return type:

Response

update_caching_rules(waas_policy_id, caching_rules_details, **kwargs)

Updates the list of caching rules for the Web Application Firewall. Updates the configuration for each specified caching rule. This operation can update or delete caching rules depending on the structure of the request body. Caching rules can be updated by changing the properties of the caching rule object with the rule's key specified in the key field. Any existing caching rules that are not specified with a key in the list of access rules will be deleted upon update.

Parameters:
  • waas_policy_id (str) --

    (required) The OCID of the WAAS policy.

  • caching_rules_details (list[CachingRule]) -- (required)
  • opc_request_id (str) -- (optional) The unique Oracle-assigned identifier for the request. If you need to contact Oracle about a particular request, please provide the request ID.
  • opc_retry_token (str) -- (optional) A token that uniquely identifies a request so it can be retried in case of a timeout or server error without risk of executing that same action again. Retry tokens expire after 24 hours, but can be invalidated before then due to conflicting operations Example: If a resource has been deleted and purged from the system, then a retry of the original delete request may be rejected.
  • if_match (str) -- (optional) For optimistic concurrency control. In the PUT or DELETE call for a resource, set the if-match parameter to the value of the etag from a previous GET or POST response for that resource. The resource will be updated or deleted only if the etag provided matches the resource's current etag value.
  • retry_strategy (obj) --

    (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level.

    This should be one of the strategies available in the retry module. A convenience DEFAULT_RETRY_STRATEGY is also available. The specifics of the default retry strategy are described here.

    To have this operation explicitly not perform any retries, pass an instance of NoneRetryStrategy.

Returns:

A Response object with data of type None

Return type:

Response

update_captchas(waas_policy_id, captchas, **kwargs)

Updates the list of CAPTCHA configurations for the Web Application Firewall. Updates the list of CAPTCHA challenges in the Web Application Firewall configuration for a WAAS policy. This operation can create, update, or delete CAPTCHAs depending on the structure of the request body. CAPTCHA challenges can be updated by changing the properties of the CAPTCHA object with the rule's key specified in the key field. CAPTCHA challenges can be reordered by changing the order of the CAPTCHA challenges in the list when updating.

CAPTCHA challenges can be created by adding a new access rule object to the list without a key property specified. A key will be generated for the new CAPTCHA challenges upon update.

Any existing CAPTCHA challenges that are not specified with a key in the list of CAPTCHA challenges will be deleted upon update.

Parameters:
  • waas_policy_id (str) --

    (required) The OCID of the WAAS policy.

  • captchas (list[Captcha]) -- (required) A list of CAPTCHA details.
  • opc_request_id (str) -- (optional) The unique Oracle-assigned identifier for the request. If you need to contact Oracle about a particular request, please provide the request ID.
  • opc_retry_token (str) -- (optional) A token that uniquely identifies a request so it can be retried in case of a timeout or server error without risk of executing that same action again. Retry tokens expire after 24 hours, but can be invalidated before then due to conflicting operations Example: If a resource has been deleted and purged from the system, then a retry of the original delete request may be rejected.
  • if_match (str) -- (optional) For optimistic concurrency control. In the PUT or DELETE call for a resource, set the if-match parameter to the value of the etag from a previous GET or POST response for that resource. The resource will be updated or deleted only if the etag provided matches the resource's current etag value.
  • retry_strategy (obj) --

    (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level.

    This should be one of the strategies available in the retry module. A convenience DEFAULT_RETRY_STRATEGY is also available. The specifics of the default retry strategy are described here.

    To have this operation explicitly not perform any retries, pass an instance of NoneRetryStrategy.

Returns:

A Response object with data of type None

Return type:

Response

update_certificate(certificate_id, **kwargs)

Updates the display name, freeform tags, and defined tags of a certificate. It is not possible to update a certificate, only create and delete. Therefore, this operation can only update the display name, freeform tags, and defined tags of a certificate.

Parameters:
  • certificate_id (str) --

    (required) The OCID of the SSL certificate used in the WAAS policy. This number is generated when the certificate is added to the policy.

  • opc_request_id (str) -- (optional) The unique Oracle-assigned identifier for the request. If you need to contact Oracle about a particular request, please provide the request ID.
  • if_match (str) -- (optional) For optimistic concurrency control. In the PUT or DELETE call for a resource, set the if-match parameter to the value of the etag from a previous GET or POST response for that resource. The resource will be updated or deleted only if the etag provided matches the resource's current etag value.
  • update_certificate_details (UpdateCertificateDetails) -- (optional) The new display name, freeform tags, and defined tags to apply to a certificate.
  • retry_strategy (obj) --

    (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level.

    This should be one of the strategies available in the retry module. A convenience DEFAULT_RETRY_STRATEGY is also available. The specifics of the default retry strategy are described here.

    To have this operation explicitly not perform any retries, pass an instance of NoneRetryStrategy.

Returns:

A Response object with data of type Certificate

Return type:

Response

update_custom_protection_rule(custom_protection_rule_id, update_custom_protection_rule_details, **kwargs)

Updates the details of a Custom Protection rule. Updates the details of a Custom Protection rule. Only the fields specified in the request body will be updated; all other properties will remain unchanged.

Parameters:
  • custom_protection_rule_id (str) --

    (required) The OCID of the Custom Protection rule. This number is generated when the Custom Protection rule is added to the compartment.

  • update_custom_protection_rule_details (UpdateCustomProtectionRuleDetails) -- (required) The details of the Custom Protection rule to update.
  • opc_request_id (str) -- (optional) The unique Oracle-assigned identifier for the request. If you need to contact Oracle about a particular request, please provide the request ID.
  • opc_retry_token (str) -- (optional) A token that uniquely identifies a request so it can be retried in case of a timeout or server error without risk of executing that same action again. Retry tokens expire after 24 hours, but can be invalidated before then due to conflicting operations Example: If a resource has been deleted and purged from the system, then a retry of the original delete request may be rejected.
  • if_match (str) -- (optional) For optimistic concurrency control. In the PUT or DELETE call for a resource, set the if-match parameter to the value of the etag from a previous GET or POST response for that resource. The resource will be updated or deleted only if the etag provided matches the resource's current etag value.
  • retry_strategy (obj) --

    (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level.

    This should be one of the strategies available in the retry module. A convenience DEFAULT_RETRY_STRATEGY is also available. The specifics of the default retry strategy are described here.

    To have this operation explicitly not perform any retries, pass an instance of NoneRetryStrategy.

Returns:

A Response object with data of type CustomProtectionRule

Return type:

Response

update_device_fingerprint_challenge(waas_policy_id, update_device_fingerprint_challenge_details, **kwargs)

Updates the device fingerprint challenge settings for the Web Application Firewall. Updates the Device Fingerprint Challenge (DFC) settings in the Web Application Firewall configuration for a policy. The DFC generates a hashed signature of both virtual and real browsers based on 50+ attributes. These proprietary signatures are then leveraged for real-time correlation to identify and block malicious bots.

The signature is based on a library of attributes detected via JavaScript listeners; the attributes include OS, screen resolution, fonts, UserAgent, IP address, etc. We are constantly making improvements and considering new libraries to include in our DFC build. We can also exclude attributes from the signature as needed.

DFC collects attributes to generate a hashed signature about a client – if a fingerprint is not possible, then it will result in a block or alert action. Actions can be enforced across multiple devices if they share they have the same fingerprint.

Parameters:
  • waas_policy_id (str) --

    (required) The OCID of the WAAS policy.

  • update_device_fingerprint_challenge_details (DeviceFingerprintChallenge) -- (required) The device fingerprint challenge settings to be updated.
  • opc_request_id (str) -- (optional) The unique Oracle-assigned identifier for the request. If you need to contact Oracle about a particular request, please provide the request ID.
  • opc_retry_token (str) -- (optional) A token that uniquely identifies a request so it can be retried in case of a timeout or server error without risk of executing that same action again. Retry tokens expire after 24 hours, but can be invalidated before then due to conflicting operations Example: If a resource has been deleted and purged from the system, then a retry of the original delete request may be rejected.
  • if_match (str) -- (optional) For optimistic concurrency control. In the PUT or DELETE call for a resource, set the if-match parameter to the value of the etag from a previous GET or POST response for that resource. The resource will be updated or deleted only if the etag provided matches the resource's current etag value.
  • retry_strategy (obj) --

    (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level.

    This should be one of the strategies available in the retry module. A convenience DEFAULT_RETRY_STRATEGY is also available. The specifics of the default retry strategy are described here.

    To have this operation explicitly not perform any retries, pass an instance of NoneRetryStrategy.

Returns:

A Response object with data of type None

Return type:

Response

update_good_bots(waas_policy_id, good_bots, **kwargs)

Updates the list of good bot configurations for the Web Application Firewall. Updates the list of good bots in the Web Application Firewall configuration for a policy. Only the fields specified in the request body will be updated, all other configuration properties will remain unchanged.

Good bots allows you to manage access for bots from known providers, such as Google or Baidu. For more information about good bots, see Bot Management.

Parameters:
  • waas_policy_id (str) --

    (required) The OCID of the WAAS policy.

  • good_bots (list[GoodBot]) -- (required)
  • opc_request_id (str) -- (optional) The unique Oracle-assigned identifier for the request. If you need to contact Oracle about a particular request, please provide the request ID.
  • opc_retry_token (str) -- (optional) A token that uniquely identifies a request so it can be retried in case of a timeout or server error without risk of executing that same action again. Retry tokens expire after 24 hours, but can be invalidated before then due to conflicting operations Example: If a resource has been deleted and purged from the system, then a retry of the original delete request may be rejected.
  • if_match (str) -- (optional) For optimistic concurrency control. In the PUT or DELETE call for a resource, set the if-match parameter to the value of the etag from a previous GET or POST response for that resource. The resource will be updated or deleted only if the etag provided matches the resource's current etag value.
  • retry_strategy (obj) --

    (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level.

    This should be one of the strategies available in the retry module. A convenience DEFAULT_RETRY_STRATEGY is also available. The specifics of the default retry strategy are described here.

    To have this operation explicitly not perform any retries, pass an instance of NoneRetryStrategy.

Returns:

A Response object with data of type None

Return type:

Response

update_human_interaction_challenge(waas_policy_id, update_human_interaction_challenge_details, **kwargs)

Updates the human interaction challenge settings for the Web Application Firewall. Updates the Human Interaction Challenge (HIC) settings in the Web Application Firewall configuration for a WAAS policy. HIC is a countermeasure that allows the proxy to check the user's browser for various behaviors that distinguish a human presence from a bot.

Parameters:
  • waas_policy_id (str) --

    (required) The OCID of the WAAS policy.

  • update_human_interaction_challenge_details (HumanInteractionChallenge) -- (required) The human interaction challenge settings.
  • opc_request_id (str) -- (optional) The unique Oracle-assigned identifier for the request. If you need to contact Oracle about a particular request, please provide the request ID.
  • opc_retry_token (str) -- (optional) A token that uniquely identifies a request so it can be retried in case of a timeout or server error without risk of executing that same action again. Retry tokens expire after 24 hours, but can be invalidated before then due to conflicting operations Example: If a resource has been deleted and purged from the system, then a retry of the original delete request may be rejected.
  • if_match (str) -- (optional) For optimistic concurrency control. In the PUT or DELETE call for a resource, set the if-match parameter to the value of the etag from a previous GET or POST response for that resource. The resource will be updated or deleted only if the etag provided matches the resource's current etag value.
  • retry_strategy (obj) --

    (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level.

    This should be one of the strategies available in the retry module. A convenience DEFAULT_RETRY_STRATEGY is also available. The specifics of the default retry strategy are described here.

    To have this operation explicitly not perform any retries, pass an instance of NoneRetryStrategy.

Returns:

A Response object with data of type None

Return type:

Response

update_js_challenge(waas_policy_id, update_js_challenge_details, **kwargs)

Updates the JavaScript challenge settings for the Web Application Firewall. Updates the JavaScript challenge settings in the Web Application Firewall configuration for a WAAS policy. JavaScript Challenge validates that the client can accept JavaScript with a binary decision. For more information, see Bot Management.

Parameters:
  • waas_policy_id (str) --

    (required) The OCID of the WAAS policy.

  • update_js_challenge_details (JsChallenge) -- (required) The JavaScript challenge settings to be updated.
  • opc_request_id (str) -- (optional) The unique Oracle-assigned identifier for the request. If you need to contact Oracle about a particular request, please provide the request ID.
  • opc_retry_token (str) -- (optional) A token that uniquely identifies a request so it can be retried in case of a timeout or server error without risk of executing that same action again. Retry tokens expire after 24 hours, but can be invalidated before then due to conflicting operations Example: If a resource has been deleted and purged from the system, then a retry of the original delete request may be rejected.
  • if_match (str) -- (optional) For optimistic concurrency control. In the PUT or DELETE call for a resource, set the if-match parameter to the value of the etag from a previous GET or POST response for that resource. The resource will be updated or deleted only if the etag provided matches the resource's current etag value.
  • retry_strategy (obj) --

    (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level.

    This should be one of the strategies available in the retry module. A convenience DEFAULT_RETRY_STRATEGY is also available. The specifics of the default retry strategy are described here.

    To have this operation explicitly not perform any retries, pass an instance of NoneRetryStrategy.

Returns:

A Response object with data of type None

Return type:

Response

update_policy_config(waas_policy_id, update_policy_config_details, **kwargs)

Updates the policy configuration. Updates the configuration for a WAAS policy. Only the fields specified in the request body will be updated; all other properties will remain unchanged.

Parameters:
  • waas_policy_id (str) --

    (required) The OCID of the WAAS policy.

  • update_policy_config_details (PolicyConfig) -- (required) The new configuration to apply to a WAAS policy.
  • opc_request_id (str) -- (optional) The unique Oracle-assigned identifier for the request. If you need to contact Oracle about a particular request, please provide the request ID.
  • opc_retry_token (str) -- (optional) A token that uniquely identifies a request so it can be retried in case of a timeout or server error without risk of executing that same action again. Retry tokens expire after 24 hours, but can be invalidated before then due to conflicting operations Example: If a resource has been deleted and purged from the system, then a retry of the original delete request may be rejected.
  • if_match (str) -- (optional) For optimistic concurrency control. In the PUT or DELETE call for a resource, set the if-match parameter to the value of the etag from a previous GET or POST response for that resource. The resource will be updated or deleted only if the etag provided matches the resource's current etag value.
  • retry_strategy (obj) --

    (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level.

    This should be one of the strategies available in the retry module. A convenience DEFAULT_RETRY_STRATEGY is also available. The specifics of the default retry strategy are described here.

    To have this operation explicitly not perform any retries, pass an instance of NoneRetryStrategy.

Returns:

A Response object with data of type None

Return type:

Response

update_protection_rules(waas_policy_id, protection_rules, **kwargs)

Updates the list of protection rules for the Web Application Firewall. Updates the action for each specified protection rule. Requests can either be allowed, blocked, or trigger an alert if they meet the parameters of an applied rule. For more information on protection rules, see WAF Protection Rules. This operation can update or disable protection rules depending on the structure of the request body. Protection rules can be updated by changing the properties of the protection rule object with the rule's key specified in the key field.

Parameters:
  • waas_policy_id (str) --

    (required) The OCID of the WAAS policy.

  • protection_rules (list[ProtectionRuleAction]) -- (required)
  • opc_request_id (str) -- (optional) The unique Oracle-assigned identifier for the request. If you need to contact Oracle about a particular request, please provide the request ID.
  • if_match (str) -- (optional) For optimistic concurrency control. In the PUT or DELETE call for a resource, set the if-match parameter to the value of the etag from a previous GET or POST response for that resource. The resource will be updated or deleted only if the etag provided matches the resource's current etag value.
  • retry_strategy (obj) --

    (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level.

    This should be one of the strategies available in the retry module. A convenience DEFAULT_RETRY_STRATEGY is also available. The specifics of the default retry strategy are described here.

    To have this operation explicitly not perform any retries, pass an instance of NoneRetryStrategy.

Returns:

A Response object with data of type None

Return type:

Response

update_protection_settings(waas_policy_id, update_protection_settings_details, **kwargs)

Updates the protection settings for the Web Application Firewall. Updates the protection settings in the Web Application Firewall configuration for a WAAS policy. Protection settings allow you define what action is taken when a request is blocked by the Web Application Firewall, such as returning a response code or block page. Only the fields specified in the request body will be updated; all other fields will remain unchanged.

Parameters:
  • waas_policy_id (str) --

    (required) The OCID of the WAAS policy.

  • update_protection_settings_details (ProtectionSettings) -- (required) The details of the protection settings to be updated.
  • opc_request_id (str) -- (optional) The unique Oracle-assigned identifier for the request. If you need to contact Oracle about a particular request, please provide the request ID.
  • opc_retry_token (str) -- (optional) A token that uniquely identifies a request so it can be retried in case of a timeout or server error without risk of executing that same action again. Retry tokens expire after 24 hours, but can be invalidated before then due to conflicting operations Example: If a resource has been deleted and purged from the system, then a retry of the original delete request may be rejected.
  • if_match (str) -- (optional) For optimistic concurrency control. In the PUT or DELETE call for a resource, set the if-match parameter to the value of the etag from a previous GET or POST response for that resource. The resource will be updated or deleted only if the etag provided matches the resource's current etag value.
  • retry_strategy (obj) --

    (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level.

    This should be one of the strategies available in the retry module. A convenience DEFAULT_RETRY_STRATEGY is also available. The specifics of the default retry strategy are described here.

    To have this operation explicitly not perform any retries, pass an instance of NoneRetryStrategy.

Returns:

A Response object with data of type None

Return type:

Response

update_threat_feeds(waas_policy_id, threat_feeds, **kwargs)

Updates the action for each threat intelligence feed. Updates the action to take when a request's IP address matches an address in the specified threat intelligence feed. Threat intelligence feeds are compiled lists of IP addresses with malicious reputations based on internet intelligence. Only the threat feeds specified in the request body will be updated; all other threat feeds will remain unchanged.

Parameters:
  • waas_policy_id (str) --

    (required) The OCID of the WAAS policy.

  • threat_feeds (list[ThreatFeedAction]) -- (required) A list of threat feeds for which to update the actions.
  • opc_request_id (str) -- (optional) The unique Oracle-assigned identifier for the request. If you need to contact Oracle about a particular request, please provide the request ID.
  • if_match (str) -- (optional) For optimistic concurrency control. In the PUT or DELETE call for a resource, set the if-match parameter to the value of the etag from a previous GET or POST response for that resource. The resource will be updated or deleted only if the etag provided matches the resource's current etag value.
  • retry_strategy (obj) --

    (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level.

    This should be one of the strategies available in the retry module. A convenience DEFAULT_RETRY_STRATEGY is also available. The specifics of the default retry strategy are described here.

    To have this operation explicitly not perform any retries, pass an instance of NoneRetryStrategy.

Returns:

A Response object with data of type None

Return type:

Response

update_waas_policy(waas_policy_id, update_waas_policy_details, **kwargs)

Updates the details of a policy. Updates the details of a WAAS policy, including origins and tags. Only the fields specified in the request body will be updated; all other properties will remain unchanged. To update platform provided resources such as GoodBots, ProtectionRules, and ThreatFeeds, first retrieve the list of available resources with the related list operation such as GetThreatFeeds or GetProtectionRules. The returned list will contain objects with key properties that can be used to update the resource during the UpdateWaasPolicy request.

Parameters:
  • waas_policy_id (str) --

    (required) The OCID of the WAAS policy.

  • update_waas_policy_details (UpdateWaasPolicyDetails) -- (required) The details of the WAAS policy to update.
  • opc_request_id (str) -- (optional) The unique Oracle-assigned identifier for the request. If you need to contact Oracle about a particular request, please provide the request ID.
  • opc_retry_token (str) -- (optional) A token that uniquely identifies a request so it can be retried in case of a timeout or server error without risk of executing that same action again. Retry tokens expire after 24 hours, but can be invalidated before then due to conflicting operations Example: If a resource has been deleted and purged from the system, then a retry of the original delete request may be rejected.
  • if_match (str) -- (optional) For optimistic concurrency control. In the PUT or DELETE call for a resource, set the if-match parameter to the value of the etag from a previous GET or POST response for that resource. The resource will be updated or deleted only if the etag provided matches the resource's current etag value.
  • retry_strategy (obj) --

    (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level.

    This should be one of the strategies available in the retry module. A convenience DEFAULT_RETRY_STRATEGY is also available. The specifics of the default retry strategy are described here.

    To have this operation explicitly not perform any retries, pass an instance of NoneRetryStrategy.

Returns:

A Response object with data of type None

Return type:

Response

update_waas_policy_custom_protection_rules(waas_policy_id, update_custom_protection_rules_details, **kwargs)

Updates the list of custom protection rules for the Web Application Firewall. Updates the action for each specified custom protection rule. Only the DETECT and BLOCK actions can be set. Disabled rules should not be included in the list. For more information on protection rules, see WAF Protection Rules.

Parameters:
  • waas_policy_id (str) --

    (required) The OCID of the WAAS policy.

  • update_custom_protection_rules_details (list[CustomProtectionRuleSetting]) -- (required)
  • opc_request_id (str) -- (optional) The unique Oracle-assigned identifier for the request. If you need to contact Oracle about a particular request, please provide the request ID.
  • opc_retry_token (str) -- (optional) A token that uniquely identifies a request so it can be retried in case of a timeout or server error without risk of executing that same action again. Retry tokens expire after 24 hours, but can be invalidated before then due to conflicting operations Example: If a resource has been deleted and purged from the system, then a retry of the original delete request may be rejected.
  • if_match (str) -- (optional) For optimistic concurrency control. In the PUT or DELETE call for a resource, set the if-match parameter to the value of the etag from a previous GET or POST response for that resource. The resource will be updated or deleted only if the etag provided matches the resource's current etag value.
  • retry_strategy (obj) --

    (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level.

    This should be one of the strategies available in the retry module. A convenience DEFAULT_RETRY_STRATEGY is also available. The specifics of the default retry strategy are described here.

    To have this operation explicitly not perform any retries, pass an instance of NoneRetryStrategy.

Returns:

A Response object with data of type None

Return type:

Response

update_waf_address_rate_limiting(waas_policy_id, update_waf_address_rate_limiting_details, **kwargs)

Updates the rate limiting settings for the Web Application Firewall. Updates the address rate limiting settings in the Web Application Firewall configuration for a policy. Rate limiting allows you to configure a threshold for the number of requests from a unique IP address for the given period. You can also define the response code for the requests from the same address that exceed the threshold.

Parameters:
  • waas_policy_id (str) --

    (required) The OCID of the WAAS policy.

  • update_waf_address_rate_limiting_details (AddressRateLimiting) -- (required) The address rate limiting settings.
  • opc_request_id (str) -- (optional) The unique Oracle-assigned identifier for the request. If you need to contact Oracle about a particular request, please provide the request ID.
  • opc_retry_token (str) -- (optional) A token that uniquely identifies a request so it can be retried in case of a timeout or server error without risk of executing that same action again. Retry tokens expire after 24 hours, but can be invalidated before then due to conflicting operations Example: If a resource has been deleted and purged from the system, then a retry of the original delete request may be rejected.
  • if_match (str) -- (optional) For optimistic concurrency control. In the PUT or DELETE call for a resource, set the if-match parameter to the value of the etag from a previous GET or POST response for that resource. The resource will be updated or deleted only if the etag provided matches the resource's current etag value.
  • retry_strategy (obj) --

    (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level.

    This should be one of the strategies available in the retry module. A convenience DEFAULT_RETRY_STRATEGY is also available. The specifics of the default retry strategy are described here.

    To have this operation explicitly not perform any retries, pass an instance of NoneRetryStrategy.

Returns:

A Response object with data of type None

Return type:

Response

update_waf_config(waas_policy_id, update_waf_config_details, **kwargs)

Updates the Web Application Firewall configuration. Updates the Web Application Firewall configuration for a specified WAAS policy.

To update platform provided resources such as GoodBots, ProtectionRules, and ThreatFeeds, first retrieve the list of available resources with the related list operation, such as GetThreatFeeds or GetProtectionRules.

The returned list will contain objects with key properties that can be used to update the resource during the UpdateWafConfig request.

Parameters:
  • waas_policy_id (str) --

    (required) The OCID of the WAAS policy.

  • update_waf_config_details (WafConfig) -- (required) The new Web Application Firewall configuration to apply to a WAAS policy.
  • opc_request_id (str) -- (optional) The unique Oracle-assigned identifier for the request. If you need to contact Oracle about a particular request, please provide the request ID.
  • opc_retry_token (str) -- (optional) A token that uniquely identifies a request so it can be retried in case of a timeout or server error without risk of executing that same action again. Retry tokens expire after 24 hours, but can be invalidated before then due to conflicting operations Example: If a resource has been deleted and purged from the system, then a retry of the original delete request may be rejected.
  • if_match (str) -- (optional) For optimistic concurrency control. In the PUT or DELETE call for a resource, set the if-match parameter to the value of the etag from a previous GET or POST response for that resource. The resource will be updated or deleted only if the etag provided matches the resource's current etag value.
  • retry_strategy (obj) --

    (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level.

    This should be one of the strategies available in the retry module. A convenience DEFAULT_RETRY_STRATEGY is also available. The specifics of the default retry strategy are described here.

    To have this operation explicitly not perform any retries, pass an instance of NoneRetryStrategy.

Returns:

A Response object with data of type None

Return type:

Response

update_whitelists(waas_policy_id, whitelists, **kwargs)

Updates the list of whitelists for the Web Application Firewall. Updates the list of IP addresses that bypass the Web Application Firewall for a WAAS policy. Supports both single IP addresses or subnet masks (CIDR notation).

This operation can create, delete, update, and/or reorder whitelists depending on the structure of the request body.

Whitelists can be updated by changing the properties of the whitelist object with the rule's key specified in the key field. Whitelists can be reordered by changing the order of the whitelists in the list of objects when updating.

Whitelists can be created by adding a new whitelist object to the list without a key property specified. A key will be generated for the new whitelist upon update.

Whitelists can be deleted by removing the existing whitelist object from the list. Any existing whitelists that are not specified with a key in the list of access rules will be deleted upon update.

Parameters:
  • waas_policy_id (str) --

    (required) The OCID of the WAAS policy.

  • whitelists (list[Whitelist]) -- (required)
  • opc_request_id (str) -- (optional) The unique Oracle-assigned identifier for the request. If you need to contact Oracle about a particular request, please provide the request ID.
  • opc_retry_token (str) -- (optional) A token that uniquely identifies a request so it can be retried in case of a timeout or server error without risk of executing that same action again. Retry tokens expire after 24 hours, but can be invalidated before then due to conflicting operations Example: If a resource has been deleted and purged from the system, then a retry of the original delete request may be rejected.
  • if_match (str) -- (optional) For optimistic concurrency control. In the PUT or DELETE call for a resource, set the if-match parameter to the value of the etag from a previous GET or POST response for that resource. The resource will be updated or deleted only if the etag provided matches the resource's current etag value.
  • retry_strategy (obj) --

    (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level.

    This should be one of the strategies available in the retry module. A convenience DEFAULT_RETRY_STRATEGY is also available. The specifics of the default retry strategy are described here.

    To have this operation explicitly not perform any retries, pass an instance of NoneRetryStrategy.

Returns:

A Response object with data of type None

Return type:

Response