» Data Source: oci_waas_custom_protection_rule

This data source provides details about a specific Custom Protection Rule resource in Oracle Cloud Infrastructure Waas service.

Gets the details of a Custom Protection rule.

» Example Usage

data "oci_waas_custom_protection_rule" "test_custom_protection_rule" {
    #Required
    custom_protection_rule_id = "${oci_waas_custom_protection_rule.test_custom_protection_rule.id}"
}

» Argument Reference

The following arguments are supported:

  • custom_protection_rule_id - (Required) The OCID of the Custom Protection rule. This number is generated when the Custom Protection rule is added to the compartment.

» Attributes Reference

The following attributes are exported:

  • compartment_id - The OCID of the Custom Protection rule's compartment.
  • defined_tags - Defined tags for this resource. Each key is predefined and scoped to a namespace. For more information, see Resource Tags. Example: {"Operations.CostCenter": "42"}
  • description - The description of the Custom Protection rule.
  • display_name - The user-friendly name of the Custom Protection rule.
  • freeform_tags - Free-form tags for this resource. Each tag is a simple key-value pair with no predefined name, type, or namespace. For more information, see Resource Tags. Example: {"Department": "Finance"}
  • id - The OCID of the Custom Protection rule.
  • mod_security_rule_ids - The list of the ModSecurity rule IDs that apply to this protection rule. For more information about ModSecurity's open source WAF rules, see Mod Security's documentation.
  • state - The current lifecycle state of the Custom Protection rule.
  • template - The template text of the Custom Protection rule. The syntax is based on ModSecurity Rule Language. Additionally it needs to include two variables / placeholders which will be replaced during publishing.

    • {{mode}} - rule action, defined by user in UI, like OFF, DETECT or BLOCK.
    • {{id_1}} - unique rule ID which identifies a SecRule, generated by the system. Multiple IDs can be used by increasing the number of the variable for every SecRule defined in the template.

    Example usage: SecRule REQUEST_COOKIES "regex matching SQL injection - part 1/2" \ "phase:2, \ msg:'Detects chained SQL injection attempts 1/2.', \ id: {{id_1}}, \ ctl:ruleEngine={{mode}}, \ deny" SecRule REQUEST_COOKIES "regex matching SQL injection - part 2/2" \ "phase:2, \ msg:'Detects chained SQL injection attempts 2/2.', \ id: {{id_2}}, \ ctl:ruleEngine={{mode}}, \ deny" The example contains two SecRules each having distinct regex expression to match Cookie header value during second input analysis phase. The disruptive deny action takes effect only when {{mode}} is set to BLOCK. The message is logged either when {{mode}} is set to DETECT or BLOCK.

    For more information about ModSecurity's open source WAF rules, see Mod Security's documentation.

  • time_created - The date and time the protection rule was created, expressed in RFC 3339 timestamp format.