Docs Home
incapsula 3.32.1 published on Monday, Apr 14, 2025 by imperva
incapsula.Policy
Explore with Pulumi AI
Provides a resource to define WAF security, Whitelist, and ACL policies. All policies are created at the parent account level.
The follow-on action is to use the incapsula.AccountPolicyAssociation resource, to assign the policy to a sub account.
To simplify the use of policies, you can utilize this cloud-waf Module along with its submodules.
For full feature documentation, see Create and Manage Policies.
Example Usage
import * as pulumi from "@pulumi/pulumi";
import * as incapsula from "@pulumi/incapsula";
const example_whitelist_ip_policy = new incapsula.Policy("example-whitelist-ip-policy", {
enabled: true,
policyType: "WHITELIST",
description: "Example WHITELIST IP Policy description",
policySettings: ` [
{
"settingsAction": "ALLOW",
"policySettingType": "IP",
"data": {
"ips": [
"1.2.3.4"
]
}
}
]
`,
});
const example_acl_country_block_policy = new incapsula.Policy("example-acl-country-block-policy", {
description: "EXAMPLE ACL Block Countries based on attack.",
enabled: true,
policyType: "ACL",
policySettings: JSON.stringify([{
data: {
geo: {
countries: _var.countries,
},
},
policySettingType: "GEO",
settingsAction: "BLOCK",
}]),
});
const example_waf_rule_illegal_resource_access_policy = new incapsula.Policy("example-waf-rule-illegal-resource-access-policy", {
enabled: true,
policyType: "WAF_RULES",
policySettings: ` [
{
"settingsAction": "BLOCK",
"policySettingType": "REMOTE_FILE_INCLUSION"
},
{
"settingsAction": "BLOCK",
"policySettingType": "ILLEGAL_RESOURCE_ACCESS",
"policyDataExceptions": [
{
"data": [
{
"exceptionType": "URL",
"values": [
"/cmd.exe"
]
},
{
"exceptionType": "SITE_ID",
"values": [
"132456789"
]
}
]
}
]
},
{
"settingsAction": "BLOCK",
"policySettingType": "CROSS_SITE_SCRIPTING"
},
{
"settingsAction": "BLOCK",
"policySettingType": "SQL_INJECTION"
}
]
`,
});
import pulumi
import json
import pulumi_incapsula as incapsula
example_whitelist_ip_policy = incapsula.Policy("example-whitelist-ip-policy",
enabled=True,
policy_type="WHITELIST",
description="Example WHITELIST IP Policy description",
policy_settings=""" [
{
"settingsAction": "ALLOW",
"policySettingType": "IP",
"data": {
"ips": [
"1.2.3.4"
]
}
}
]
""")
example_acl_country_block_policy = incapsula.Policy("example-acl-country-block-policy",
description="EXAMPLE ACL Block Countries based on attack.",
enabled=True,
policy_type="ACL",
policy_settings=json.dumps([{
"data": {
"geo": {
"countries": var["countries"],
},
},
"policySettingType": "GEO",
"settingsAction": "BLOCK",
}]))
example_waf_rule_illegal_resource_access_policy = incapsula.Policy("example-waf-rule-illegal-resource-access-policy",
enabled=True,
policy_type="WAF_RULES",
policy_settings=""" [
{
"settingsAction": "BLOCK",
"policySettingType": "REMOTE_FILE_INCLUSION"
},
{
"settingsAction": "BLOCK",
"policySettingType": "ILLEGAL_RESOURCE_ACCESS",
"policyDataExceptions": [
{
"data": [
{
"exceptionType": "URL",
"values": [
"/cmd.exe"
]
},
{
"exceptionType": "SITE_ID",
"values": [
"132456789"
]
}
]
}
]
},
{
"settingsAction": "BLOCK",
"policySettingType": "CROSS_SITE_SCRIPTING"
},
{
"settingsAction": "BLOCK",
"policySettingType": "SQL_INJECTION"
}
]
""")
package main
import (
"encoding/json"
"github.com/pulumi/pulumi-terraform-provider/sdks/go/incapsula/v3/incapsula"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := incapsula.NewPolicy(ctx, "example-whitelist-ip-policy", &incapsula.PolicyArgs{
Enabled: pulumi.Bool(true),
PolicyType: pulumi.String("WHITELIST"),
Description: pulumi.String("Example WHITELIST IP Policy description"),
PolicySettings: pulumi.String(` [
{
"settingsAction": "ALLOW",
"policySettingType": "IP",
"data": {
"ips": [
"1.2.3.4"
]
}
}
]
`),
})
if err != nil {
return err
}
tmpJSON0, err := json.Marshal([]map[string]interface{}{
map[string]interface{}{
"data": map[string]interface{}{
"geo": map[string]interface{}{
"countries": _var.Countries,
},
},
"policySettingType": "GEO",
"settingsAction": "BLOCK",
},
})
if err != nil {
return err
}
json0 := string(tmpJSON0)
_, err = incapsula.NewPolicy(ctx, "example-acl-country-block-policy", &incapsula.PolicyArgs{
Description: pulumi.String("EXAMPLE ACL Block Countries based on attack."),
Enabled: pulumi.Bool(true),
PolicyType: pulumi.String("ACL"),
PolicySettings: pulumi.String(json0),
})
if err != nil {
return err
}
_, err = incapsula.NewPolicy(ctx, "example-waf-rule-illegal-resource-access-policy", &incapsula.PolicyArgs{
Enabled: pulumi.Bool(true),
PolicyType: pulumi.String("WAF_RULES"),
PolicySettings: pulumi.String(` [
{
"settingsAction": "BLOCK",
"policySettingType": "REMOTE_FILE_INCLUSION"
},
{
"settingsAction": "BLOCK",
"policySettingType": "ILLEGAL_RESOURCE_ACCESS",
"policyDataExceptions": [
{
"data": [
{
"exceptionType": "URL",
"values": [
"/cmd.exe"
]
},
{
"exceptionType": "SITE_ID",
"values": [
"132456789"
]
}
]
}
]
},
{
"settingsAction": "BLOCK",
"policySettingType": "CROSS_SITE_SCRIPTING"
},
{
"settingsAction": "BLOCK",
"policySettingType": "SQL_INJECTION"
}
]
`),
})
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using System.Text.Json;
using Pulumi;
using Incapsula = Pulumi.Incapsula;
return await Deployment.RunAsync(() =>
{
var example_whitelist_ip_policy = new Incapsula.Policy("example-whitelist-ip-policy", new()
{
Enabled = true,
PolicyType = "WHITELIST",
Description = "Example WHITELIST IP Policy description",
PolicySettings = @" [
{
""settingsAction"": ""ALLOW"",
""policySettingType"": ""IP"",
""data"": {
""ips"": [
""1.2.3.4""
]
}
}
]
",
});
var example_acl_country_block_policy = new Incapsula.Policy("example-acl-country-block-policy", new()
{
Description = "EXAMPLE ACL Block Countries based on attack.",
Enabled = true,
PolicyType = "ACL",
PolicySettings = JsonSerializer.Serialize(new[]
{
new Dictionary<string, object?>
{
["data"] = new Dictionary<string, object?>
{
["geo"] = new Dictionary<string, object?>
{
["countries"] = @var.Countries,
},
},
["policySettingType"] = "GEO",
["settingsAction"] = "BLOCK",
},
}),
});
var example_waf_rule_illegal_resource_access_policy = new Incapsula.Policy("example-waf-rule-illegal-resource-access-policy", new()
{
Enabled = true,
PolicyType = "WAF_RULES",
PolicySettings = @" [
{
""settingsAction"": ""BLOCK"",
""policySettingType"": ""REMOTE_FILE_INCLUSION""
},
{
""settingsAction"": ""BLOCK"",
""policySettingType"": ""ILLEGAL_RESOURCE_ACCESS"",
""policyDataExceptions"": [
{
""data"": [
{
""exceptionType"": ""URL"",
""values"": [
""/cmd.exe""
]
},
{
""exceptionType"": ""SITE_ID"",
""values"": [
""132456789""
]
}
]
}
]
},
{
""settingsAction"": ""BLOCK"",
""policySettingType"": ""CROSS_SITE_SCRIPTING""
},
{
""settingsAction"": ""BLOCK"",
""policySettingType"": ""SQL_INJECTION""
}
]
",
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.incapsula.Policy;
import com.pulumi.incapsula.PolicyArgs;
import static com.pulumi.codegen.internal.Serialization.*;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var example_whitelist_ip_policy = new Policy("example-whitelist-ip-policy", PolicyArgs.builder()
.enabled(true)
.policyType("WHITELIST")
.description("Example WHITELIST IP Policy description")
.policySettings("""
[
{
"settingsAction": "ALLOW",
"policySettingType": "IP",
"data": {
"ips": [
"1.2.3.4"
]
}
}
]
""")
.build());
var example_acl_country_block_policy = new Policy("example-acl-country-block-policy", PolicyArgs.builder()
.description("EXAMPLE ACL Block Countries based on attack.")
.enabled(true)
.policyType("ACL")
.policySettings(serializeJson(
jsonArray(jsonObject(
jsonProperty("data", jsonObject(
jsonProperty("geo", jsonObject(
jsonProperty("countries", var_.countries())
))
)),
jsonProperty("policySettingType", "GEO"),
jsonProperty("settingsAction", "BLOCK")
))))
.build());
var example_waf_rule_illegal_resource_access_policy = new Policy("example-waf-rule-illegal-resource-access-policy", PolicyArgs.builder()
.enabled(true)
.policyType("WAF_RULES")
.policySettings("""
[
{
"settingsAction": "BLOCK",
"policySettingType": "REMOTE_FILE_INCLUSION"
},
{
"settingsAction": "BLOCK",
"policySettingType": "ILLEGAL_RESOURCE_ACCESS",
"policyDataExceptions": [
{
"data": [
{
"exceptionType": "URL",
"values": [
"/cmd.exe"
]
},
{
"exceptionType": "SITE_ID",
"values": [
"132456789"
]
}
]
}
]
},
{
"settingsAction": "BLOCK",
"policySettingType": "CROSS_SITE_SCRIPTING"
},
{
"settingsAction": "BLOCK",
"policySettingType": "SQL_INJECTION"
}
]
""")
.build());
}
}
resources:
example-whitelist-ip-policy:
type: incapsula:Policy
properties:
enabled: true
policyType: WHITELIST
description: Example WHITELIST IP Policy description
policySettings: |2
[
{
"settingsAction": "ALLOW",
"policySettingType": "IP",
"data": {
"ips": [
"1.2.3.4"
]
}
}
]
example-acl-country-block-policy:
type: incapsula:Policy
properties:
description: EXAMPLE ACL Block Countries based on attack.
enabled: true
policyType: ACL
policySettings:
fn::toJSON:
- data:
geo:
countries: ${var.countries}
policySettingType: GEO
settingsAction: BLOCK
example-waf-rule-illegal-resource-access-policy:
type: incapsula:Policy
properties:
enabled: true
policyType: WAF_RULES
policySettings: " [\n {\n \"settingsAction\": \"BLOCK\",\n \"policySettingType\": \"REMOTE_FILE_INCLUSION\"\n\n },\n {\n \"settingsAction\": \"BLOCK\",\n \"policySettingType\": \"ILLEGAL_RESOURCE_ACCESS\",\n \"policyDataExceptions\": [\n {\n \"data\": [\n {\n \"exceptionType\": \"URL\",\n \"values\": [\n \"/cmd.exe\"\n ]\n },\n {\n \"exceptionType\": \"SITE_ID\",\n \"values\": [\n \"132456789\"\n ]\n }\n ]\n }\n ]\n },\n {\n \"settingsAction\": \"BLOCK\",\n \"policySettingType\": \"CROSS_SITE_SCRIPTING\"\n \n },\n {\n \"settingsAction\": \"BLOCK\",\n \"policySettingType\": \"SQL_INJECTION\"\n \n }\n ]\n"
Create Policy Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new Policy(name: string, args: PolicyArgs, opts?: CustomResourceOptions);@overload
def Policy(resource_name: str,
args: PolicyArgs,
opts: Optional[ResourceOptions] = None)
@overload
def Policy(resource_name: str,
opts: Optional[ResourceOptions] = None,
enabled: Optional[bool] = None,
policy_settings: Optional[str] = None,
policy_type: Optional[str] = None,
account_id: Optional[float] = None,
description: Optional[str] = None,
name: Optional[str] = None,
policy_id: Optional[str] = None)func NewPolicy(ctx *Context, name string, args PolicyArgs, opts ...ResourceOption) (*Policy, error)public Policy(string name, PolicyArgs args, CustomResourceOptions? opts = null)
public Policy(String name, PolicyArgs args)
public Policy(String name, PolicyArgs args, CustomResourceOptions options)
type: incapsula:Policy
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name string
- The unique name of the resource.
- args PolicyArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args PolicyArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args PolicyArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args PolicyArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args PolicyArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Constructor example
The following reference example uses placeholder values for all input properties.
var policyResource = new Incapsula.Policy("policyResource", new()
{
Enabled = false,
PolicySettings = "string",
PolicyType = "string",
Description = "string",
Name = "string",
PolicyId = "string",
});
example, err := incapsula.NewPolicy(ctx, "policyResource", &incapsula.PolicyArgs{
Enabled: pulumi.Bool(false),
PolicySettings: pulumi.String("string"),
PolicyType: pulumi.String("string"),
Description: pulumi.String("string"),
Name: pulumi.String("string"),
PolicyId: pulumi.String("string"),
})
var policyResource = new Policy("policyResource", PolicyArgs.builder()
.enabled(false)
.policySettings("string")
.policyType("string")
.description("string")
.name("string")
.policyId("string")
.build());
policy_resource = incapsula.Policy("policyResource",
enabled=False,
policy_settings="string",
policy_type="string",
description="string",
name="string",
policy_id="string")
const policyResource = new incapsula.Policy("policyResource", {
enabled: false,
policySettings: "string",
policyType: "string",
description: "string",
name: "string",
policyId: "string",
});
type: incapsula:Policy
properties:
description: string
enabled: false
name: string
policyId: string
policySettings: string
policyType: string
Policy Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.
The Policy resource accepts the following input properties:
- Enabled bool
- Enables the policy.
- Policy
Settings string - The policy settings as JSON string. See Imperva documentation for help with constructing a correct value. Policy_settings internal values: policySettingType: IP, GEO, URL settingsAction: BLOCK, ALLOW, ALERT, BLOCK_USER, BLOCK_IP, IGNORE policySettings.data.url.pattern: CONTAINS, EQUALS, NOT_CONTAINS, NOT_EQUALS, NOT_PREFIX, NOT_SUFFIX, PREFIX, SUFFIX exceptionType: GEO, IP, URL, CLIENT_ID, SITE_ID
- Policy
Type string - The policy type. Possible values: ACL, WHITELIST, WAF_RULES. Note: For (policy_type=WAF_RULES), all 4 setting types (policySettingType) are mandatory (REMOTE_FILE_INCLUSION, ILLEGAL_RESOURCE_ACCESS, CROSS_SITE_SCRIPTING, SQL_INJECTION).
- Account
Id double - Account ID of the policy.
- Description string
- The policy description.
- Name string
- The policy name.
- Policy
Id string - Unique identifier in the API for the policy.
- Enabled bool
- Enables the policy.
- Policy
Settings string - The policy settings as JSON string. See Imperva documentation for help with constructing a correct value. Policy_settings internal values: policySettingType: IP, GEO, URL settingsAction: BLOCK, ALLOW, ALERT, BLOCK_USER, BLOCK_IP, IGNORE policySettings.data.url.pattern: CONTAINS, EQUALS, NOT_CONTAINS, NOT_EQUALS, NOT_PREFIX, NOT_SUFFIX, PREFIX, SUFFIX exceptionType: GEO, IP, URL, CLIENT_ID, SITE_ID
- Policy
Type string - The policy type. Possible values: ACL, WHITELIST, WAF_RULES. Note: For (policy_type=WAF_RULES), all 4 setting types (policySettingType) are mandatory (REMOTE_FILE_INCLUSION, ILLEGAL_RESOURCE_ACCESS, CROSS_SITE_SCRIPTING, SQL_INJECTION).
- Account
Id float64 - Account ID of the policy.
- Description string
- The policy description.
- Name string
- The policy name.
- Policy
Id string - Unique identifier in the API for the policy.
- enabled Boolean
- Enables the policy.
- policy
Settings String - The policy settings as JSON string. See Imperva documentation for help with constructing a correct value. Policy_settings internal values: policySettingType: IP, GEO, URL settingsAction: BLOCK, ALLOW, ALERT, BLOCK_USER, BLOCK_IP, IGNORE policySettings.data.url.pattern: CONTAINS, EQUALS, NOT_CONTAINS, NOT_EQUALS, NOT_PREFIX, NOT_SUFFIX, PREFIX, SUFFIX exceptionType: GEO, IP, URL, CLIENT_ID, SITE_ID
- policy
Type String - The policy type. Possible values: ACL, WHITELIST, WAF_RULES. Note: For (policy_type=WAF_RULES), all 4 setting types (policySettingType) are mandatory (REMOTE_FILE_INCLUSION, ILLEGAL_RESOURCE_ACCESS, CROSS_SITE_SCRIPTING, SQL_INJECTION).
- account
Id Double - Account ID of the policy.
- description String
- The policy description.
- name String
- The policy name.
- policy
Id String - Unique identifier in the API for the policy.
- enabled boolean
- Enables the policy.
- policy
Settings string - The policy settings as JSON string. See Imperva documentation for help with constructing a correct value. Policy_settings internal values: policySettingType: IP, GEO, URL settingsAction: BLOCK, ALLOW, ALERT, BLOCK_USER, BLOCK_IP, IGNORE policySettings.data.url.pattern: CONTAINS, EQUALS, NOT_CONTAINS, NOT_EQUALS, NOT_PREFIX, NOT_SUFFIX, PREFIX, SUFFIX exceptionType: GEO, IP, URL, CLIENT_ID, SITE_ID
- policy
Type string - The policy type. Possible values: ACL, WHITELIST, WAF_RULES. Note: For (policy_type=WAF_RULES), all 4 setting types (policySettingType) are mandatory (REMOTE_FILE_INCLUSION, ILLEGAL_RESOURCE_ACCESS, CROSS_SITE_SCRIPTING, SQL_INJECTION).
- account
Id number - Account ID of the policy.
- description string
- The policy description.
- name string
- The policy name.
- policy
Id string - Unique identifier in the API for the policy.
- enabled bool
- Enables the policy.
- policy_
settings str - The policy settings as JSON string. See Imperva documentation for help with constructing a correct value. Policy_settings internal values: policySettingType: IP, GEO, URL settingsAction: BLOCK, ALLOW, ALERT, BLOCK_USER, BLOCK_IP, IGNORE policySettings.data.url.pattern: CONTAINS, EQUALS, NOT_CONTAINS, NOT_EQUALS, NOT_PREFIX, NOT_SUFFIX, PREFIX, SUFFIX exceptionType: GEO, IP, URL, CLIENT_ID, SITE_ID
- policy_
type str - The policy type. Possible values: ACL, WHITELIST, WAF_RULES. Note: For (policy_type=WAF_RULES), all 4 setting types (policySettingType) are mandatory (REMOTE_FILE_INCLUSION, ILLEGAL_RESOURCE_ACCESS, CROSS_SITE_SCRIPTING, SQL_INJECTION).
- account_
id float - Account ID of the policy.
- description str
- The policy description.
- name str
- The policy name.
- policy_
id str - Unique identifier in the API for the policy.
- enabled Boolean
- Enables the policy.
- policy
Settings String - The policy settings as JSON string. See Imperva documentation for help with constructing a correct value. Policy_settings internal values: policySettingType: IP, GEO, URL settingsAction: BLOCK, ALLOW, ALERT, BLOCK_USER, BLOCK_IP, IGNORE policySettings.data.url.pattern: CONTAINS, EQUALS, NOT_CONTAINS, NOT_EQUALS, NOT_PREFIX, NOT_SUFFIX, PREFIX, SUFFIX exceptionType: GEO, IP, URL, CLIENT_ID, SITE_ID
- policy
Type String - The policy type. Possible values: ACL, WHITELIST, WAF_RULES. Note: For (policy_type=WAF_RULES), all 4 setting types (policySettingType) are mandatory (REMOTE_FILE_INCLUSION, ILLEGAL_RESOURCE_ACCESS, CROSS_SITE_SCRIPTING, SQL_INJECTION).
- account
Id Number - Account ID of the policy.
- description String
- The policy description.
- name String
- The policy name.
- policy
Id String - Unique identifier in the API for the policy.
Outputs
All input properties are implicitly available as output properties. Additionally, the Policy resource produces the following output properties:
- Id string
- The provider-assigned unique ID for this managed resource.
- Id string
- The provider-assigned unique ID for this managed resource.
- id String
- The provider-assigned unique ID for this managed resource.
- id string
- The provider-assigned unique ID for this managed resource.
- id str
- The provider-assigned unique ID for this managed resource.
- id String
- The provider-assigned unique ID for this managed resource.
Look up Existing Policy Resource
Get an existing Policy resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: PolicyState, opts?: CustomResourceOptions): Policy@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
account_id: Optional[float] = None,
description: Optional[str] = None,
enabled: Optional[bool] = None,
name: Optional[str] = None,
policy_id: Optional[str] = None,
policy_settings: Optional[str] = None,
policy_type: Optional[str] = None) -> Policyfunc GetPolicy(ctx *Context, name string, id IDInput, state *PolicyState, opts ...ResourceOption) (*Policy, error)public static Policy Get(string name, Input<string> id, PolicyState? state, CustomResourceOptions? opts = null)public static Policy get(String name, Output<String> id, PolicyState state, CustomResourceOptions options)resources: _: type: incapsula:Policy get: id: ${id}- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- Account
Id double - Account ID of the policy.
- Description string
- The policy description.
- Enabled bool
- Enables the policy.
- Name string
- The policy name.
- Policy
Id string - Unique identifier in the API for the policy.
- Policy
Settings string - The policy settings as JSON string. See Imperva documentation for help with constructing a correct value. Policy_settings internal values: policySettingType: IP, GEO, URL settingsAction: BLOCK, ALLOW, ALERT, BLOCK_USER, BLOCK_IP, IGNORE policySettings.data.url.pattern: CONTAINS, EQUALS, NOT_CONTAINS, NOT_EQUALS, NOT_PREFIX, NOT_SUFFIX, PREFIX, SUFFIX exceptionType: GEO, IP, URL, CLIENT_ID, SITE_ID
- Policy
Type string - The policy type. Possible values: ACL, WHITELIST, WAF_RULES. Note: For (policy_type=WAF_RULES), all 4 setting types (policySettingType) are mandatory (REMOTE_FILE_INCLUSION, ILLEGAL_RESOURCE_ACCESS, CROSS_SITE_SCRIPTING, SQL_INJECTION).
- Account
Id float64 - Account ID of the policy.
- Description string
- The policy description.
- Enabled bool
- Enables the policy.
- Name string
- The policy name.
- Policy
Id string - Unique identifier in the API for the policy.
- Policy
Settings string - The policy settings as JSON string. See Imperva documentation for help with constructing a correct value. Policy_settings internal values: policySettingType: IP, GEO, URL settingsAction: BLOCK, ALLOW, ALERT, BLOCK_USER, BLOCK_IP, IGNORE policySettings.data.url.pattern: CONTAINS, EQUALS, NOT_CONTAINS, NOT_EQUALS, NOT_PREFIX, NOT_SUFFIX, PREFIX, SUFFIX exceptionType: GEO, IP, URL, CLIENT_ID, SITE_ID
- Policy
Type string - The policy type. Possible values: ACL, WHITELIST, WAF_RULES. Note: For (policy_type=WAF_RULES), all 4 setting types (policySettingType) are mandatory (REMOTE_FILE_INCLUSION, ILLEGAL_RESOURCE_ACCESS, CROSS_SITE_SCRIPTING, SQL_INJECTION).
- account
Id Double - Account ID of the policy.
- description String
- The policy description.
- enabled Boolean
- Enables the policy.
- name String
- The policy name.
- policy
Id String - Unique identifier in the API for the policy.
- policy
Settings String - The policy settings as JSON string. See Imperva documentation for help with constructing a correct value. Policy_settings internal values: policySettingType: IP, GEO, URL settingsAction: BLOCK, ALLOW, ALERT, BLOCK_USER, BLOCK_IP, IGNORE policySettings.data.url.pattern: CONTAINS, EQUALS, NOT_CONTAINS, NOT_EQUALS, NOT_PREFIX, NOT_SUFFIX, PREFIX, SUFFIX exceptionType: GEO, IP, URL, CLIENT_ID, SITE_ID
- policy
Type String - The policy type. Possible values: ACL, WHITELIST, WAF_RULES. Note: For (policy_type=WAF_RULES), all 4 setting types (policySettingType) are mandatory (REMOTE_FILE_INCLUSION, ILLEGAL_RESOURCE_ACCESS, CROSS_SITE_SCRIPTING, SQL_INJECTION).
- account
Id number - Account ID of the policy.
- description string
- The policy description.
- enabled boolean
- Enables the policy.
- name string
- The policy name.
- policy
Id string - Unique identifier in the API for the policy.
- policy
Settings string - The policy settings as JSON string. See Imperva documentation for help with constructing a correct value. Policy_settings internal values: policySettingType: IP, GEO, URL settingsAction: BLOCK, ALLOW, ALERT, BLOCK_USER, BLOCK_IP, IGNORE policySettings.data.url.pattern: CONTAINS, EQUALS, NOT_CONTAINS, NOT_EQUALS, NOT_PREFIX, NOT_SUFFIX, PREFIX, SUFFIX exceptionType: GEO, IP, URL, CLIENT_ID, SITE_ID
- policy
Type string - The policy type. Possible values: ACL, WHITELIST, WAF_RULES. Note: For (policy_type=WAF_RULES), all 4 setting types (policySettingType) are mandatory (REMOTE_FILE_INCLUSION, ILLEGAL_RESOURCE_ACCESS, CROSS_SITE_SCRIPTING, SQL_INJECTION).
- account_
id float - Account ID of the policy.
- description str
- The policy description.
- enabled bool
- Enables the policy.
- name str
- The policy name.
- policy_
id str - Unique identifier in the API for the policy.
- policy_
settings str - The policy settings as JSON string. See Imperva documentation for help with constructing a correct value. Policy_settings internal values: policySettingType: IP, GEO, URL settingsAction: BLOCK, ALLOW, ALERT, BLOCK_USER, BLOCK_IP, IGNORE policySettings.data.url.pattern: CONTAINS, EQUALS, NOT_CONTAINS, NOT_EQUALS, NOT_PREFIX, NOT_SUFFIX, PREFIX, SUFFIX exceptionType: GEO, IP, URL, CLIENT_ID, SITE_ID
- policy_
type str - The policy type. Possible values: ACL, WHITELIST, WAF_RULES. Note: For (policy_type=WAF_RULES), all 4 setting types (policySettingType) are mandatory (REMOTE_FILE_INCLUSION, ILLEGAL_RESOURCE_ACCESS, CROSS_SITE_SCRIPTING, SQL_INJECTION).
- account
Id Number - Account ID of the policy.
- description String
- The policy description.
- enabled Boolean
- Enables the policy.
- name String
- The policy name.
- policy
Id String - Unique identifier in the API for the policy.
- policy
Settings String - The policy settings as JSON string. See Imperva documentation for help with constructing a correct value. Policy_settings internal values: policySettingType: IP, GEO, URL settingsAction: BLOCK, ALLOW, ALERT, BLOCK_USER, BLOCK_IP, IGNORE policySettings.data.url.pattern: CONTAINS, EQUALS, NOT_CONTAINS, NOT_EQUALS, NOT_PREFIX, NOT_SUFFIX, PREFIX, SUFFIX exceptionType: GEO, IP, URL, CLIENT_ID, SITE_ID
- policy
Type String - The policy type. Possible values: ACL, WHITELIST, WAF_RULES. Note: For (policy_type=WAF_RULES), all 4 setting types (policySettingType) are mandatory (REMOTE_FILE_INCLUSION, ILLEGAL_RESOURCE_ACCESS, CROSS_SITE_SCRIPTING, SQL_INJECTION).
Import
Policy can be imported using the id, e.g.:
$ pulumi import incapsula:index/policy:Policy demo 1234
To learn more about importing existing cloud resources, see Importing resources.
Package Details
- Repository
- incapsula imperva/terraform-provider-incapsula
- License
- Notes
- This Pulumi package is based on the
incapsulaTerraform Provider.