Skip to content

Latest commit

 

History

History
137 lines (99 loc) · 5.32 KB

corp_rule.md

File metadata and controls

137 lines (99 loc) · 5.32 KB
page_title subcategory description
sigsci_corp_rule Resource - terraform-provider-sigsci

sigsci_corp_rule (Resource)

Example Usage

resource "sigsci_corp_rule" "test" {
  site_short_names = [sigsci_site.my-site.short_name]
  type             = "signal"
  corp_scope       = "specificSites"
  enabled          = true
  group_operator   = "any"
  signal           = "SQLI"
  reason           = "Example corp rule"
  expiration       = ""

  conditions {
    type     = "single"
    field    = "ip"
    operator = "equals"
    value    = "1.2.3.4"
  }
  conditions {
    type     = "single"
    field    = "ip"
    operator = "equals"
    value    = "1.2.3.5"
  }
  actions {
    type   = "excludeSignal"
    signal = "corp.signal_id"
  }
}

Schema

Required

  • actions (Block Set, Min: 1, Max: 2) Actions (see below for nested schema)
  • conditions (Block Set, Min: 1, Max: 10) Conditions (see below for nested schema)
  • corp_scope (String) Whether the rule is applied to all sites or to specific sites. (global, specificSites)
  • enabled (Boolean) enable the rule
  • expiration (String) Date the rule will automatically be disabled. If rule is always enabled, will return empty string
  • group_operator (String) Conditions that must be matched when evaluating the request (all, any)
  • reason (String) Description of the rule
  • type (String) Type of rule (request, signal)

Optional

  • requestlogging (String) Indicates whether to store the logs for requests that match the rule's conditions (sampled) or not store them (none). This field is only available for rules of type request. Not valid for signal.
  • signal (String) The signal id of the signal being excluded
  • site_short_names (Set of String) Sites with the rule available. Rules with a global corpScope will return '[]'.

Read-Only

  • id (String) The ID of this resource.

Nested Schema for actions

Required:

  • type (String) (block, allow, addSignal, excludeSignal)

Optional:

  • signal (String) signal id

Nested Schema for conditions

Required:

  • type (String) (group, multival, single)

Optional:

  • conditions (Block Set, Max: 10) Conditions (see below for nested schema)
  • field (String) types:
    • single - (scheme, method, path, useragent, domain, ip, responseCode, agentname, paramname, paramvalue, country, name, valueString, valueInt, valueIp, signalType, value, ja3Fingerprint, protocolVersion)
    • multival - (signal, requestHeader, queryParameter, postParameter, requestCookie, responseHeader)
  • group_operator (String) type: group, multival - Conditions that must be matched when evaluating the request (all, any)
  • operator (String) type: single - (equals, doesNotEqual, contains, doesNotContain, greaterEqual, lesserEqual, like, notLike, exists, doesNotExist, inList, notInList)
  • value (String) type: single - See request fields (https://docs.signalsciences.net/using-signal-sciences/features/rules/#request-fields)

Nested Schema for conditions.conditions

Required:

  • type (String) (group, multival, single)

Optional:

  • conditions (Block Set, Max: 10) Conditions (see below for nested schema)
  • field (String) types:
    • single - (scheme, method, path, useragent, domain, ip, responseCode, agentname, paramname, paramvalue, country, name, valueString, valueInt, valueIp, signalType, value, ja3Fingerprint, protocolVersion)
    • multival - (signal, requestHeader, queryParameter, postParameter, requestCookie, responseHeader)
  • group_operator (String) type: group, multival - Conditions that must be matched when evaluating the request (all, any)
  • operator (String) type: single - (equals, doesNotEqual, contains, doesNotContain, greaterEqual, lesserEqual, like, notLike, exists, doesNotExist, inList, notInList)
  • value (String) type: single - See request fields (https://docs.fastly.com/signalsciences/using-signal-sciences/rules/defining-rule-conditions/#fields)

Nested Schema for conditions.conditions.conditions

Required:

  • type (String) (group, multival, single)

Optional:

  • field (String) types:
    • single - (scheme, method, path, useragent, domain, ip, responseCode, agentname, paramname, paramvalue, country, name, valueString, valueInt, valueIp, signalType, value, ja3Fingerprint, protocolVersion)
    • multival - (signal, requestHeader, queryParameter, postParameter, requestCookie, responseHeader)
  • group_operator (String) type: group, multival - Conditions that must be matched when evaluating the request (all, any)
  • operator (String) type: single - (equals, doesNotEqual, contains, doesNotContain, greaterEqual, lesserEqual, like, notLike, exists, doesNotExist, inList, notInList)
  • value (String) type: single - See request fields (https://docs.fastly.com/signalsciences/using-signal-sciences/rules/defining-rule-conditions/#fields)

Import

Import is supported using the following syntax:

terraform import sigsci_corp_rule.test id