CreateCustomProtectionRuleDetails

class oci.waas.models.CreateCustomProtectionRuleDetails(**kwargs)

Bases: object

The required data to create a Custom Protection rule. Warning: Oracle recommends that you avoid using any confidential information when you supply string values using the API.

__init__(**kwargs)

Initializes a new CreateCustomProtectionRuleDetails object with values from keyword arguments. The following keyword arguments are supported (corresponding to the getters/setters of this class):

Parameters:
  • compartment_id (str) -- The value to assign to the compartment_id property of this CreateCustomProtectionRuleDetails.
  • display_name (str) -- The value to assign to the display_name property of this CreateCustomProtectionRuleDetails.
  • description (str) -- The value to assign to the description property of this CreateCustomProtectionRuleDetails.
  • template (str) -- The value to assign to the template property of this CreateCustomProtectionRuleDetails.
  • freeform_tags (dict(str, str)) -- The value to assign to the freeform_tags property of this CreateCustomProtectionRuleDetails.
  • defined_tags (dict(str, dict(str, object))) -- The value to assign to the defined_tags property of this CreateCustomProtectionRuleDetails.
compartment_id

[Required] Gets the compartment_id of this CreateCustomProtectionRuleDetails. The OCID of the compartment in which to create the Custom Protection rule.

Returns:The compartment_id of this CreateCustomProtectionRuleDetails.
Return type:str
defined_tags

Gets the defined_tags of this CreateCustomProtectionRuleDetails. Defined tags for this resource. Each key is predefined and scoped to a namespace. For more information, see Resource Tags.

Example: {"Operations": {"CostCenter": "42"}}

Returns:The defined_tags of this CreateCustomProtectionRuleDetails.
Return type:dict(str, dict(str, object))
description

Gets the description of this CreateCustomProtectionRuleDetails. A description for the Custom Protection rule.

Returns:The description of this CreateCustomProtectionRuleDetails.
Return type:str
display_name

[Required] Gets the display_name of this CreateCustomProtectionRuleDetails. A user-friendly name for the Custom Protection rule.

Returns:The display_name of this CreateCustomProtectionRuleDetails.
Return type:str
freeform_tags

Gets the freeform_tags of this CreateCustomProtectionRuleDetails. Free-form tags for this resource. Each tag is a simple key-value pair with no predefined name, type, or namespace. For more information, see Resource Tags.

Example: {"Department": "Finance"}

Returns:The freeform_tags of this CreateCustomProtectionRuleDetails.
Return type:dict(str, str)
template

[Required] Gets the template of this CreateCustomProtectionRuleDetails. The template text of the Custom Protection rule. The syntax is based on ModSecurity Rule Language. Additionaly it needs to include two variables / placeholders which will be replaced during publishing.

  • {{mode}} - rule action, defined by user in UI, like OFF, DETECT or BLOCK.
  • {{id_1}} - unique rule ID which identifies a SecRule, generated by the system. Multiple IDs can be used by increasing the number of the variable for every SecRule defined in the template.
Example usage:

``` SecRule REQUEST_COOKIES "regex matching SQL injection - part 1/2"

"phase:2, msg:'Detects chained SQL injection attempts 1/2.', id: {{id_1}}, ctl:ruleEngine={{mode}}, deny"
SecRule REQUEST_COOKIES "regex matching SQL injection - part 2/2"
"phase:2, msg:'Detects chained SQL injection attempts 2/2.', id: {{id_2}}, ctl:ruleEngine={{mode}}, deny"

``` The example contains two SecRules each having distinct regex expression to match Cookie header value during second input analysis phase. The disruptive deny action takes effect only when {{mode}} is set to BLOCK. The message is logged either when {{mode}} is set to DETECT or BLOCK.

For more information about ModSecurity's open source WAF rules, see Mod Security's documentation.

Returns:The template of this CreateCustomProtectionRuleDetails.
Return type:str