CODEWITHSUNDEEP
azurepowershellazure-front-doorazure-waf
Kosmich
Kosmich

Reputation: 21

Update-AzFrontDoorWafPolicy - update particular managed rule action

I have Azure Front Door WAF policy and would like to change particular managed rule action using Powershell.

Here is my code:

$RuleOverride1 = New-AzFrontDoorWafManagedRuleOverrideObject -RuleId 930100 -Action Log
$RuleGroupOverride = New-AzFrontDoorWafRuleGroupOverrideObject -RuleGroupName "LFI" -ManagedRuleOverride $RuleOverride1
$ManagedRuleSet = New-AzFrontDoorWafManagedRuleObject -Type Microsoft_DefaultRuleSet -Version 2.0 -RuleGroupOverride $RuleGroupOverride
Update-AzFrontDoorWafPolicy -ResourceGroupName "rg-name" -Name "wafpolicyname" -ManagedRule $ManagedRuleSet

I get the error after execution:

Update-AzFrontDoorWafPolicy : Error response received. Error Message: '{
  "error": {
    "code": "BadRequest",
    "message": "WebApplicationFirewallPolicy validation failed. More information \"This rule set action value is not supported.\"."
  }
}'
At line:4 char:1
+ Update-AzFrontDoorWafPolicy -ResourceGroupName "rg-name"  ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : CloseError: (:) [Update-AzFrontDoorWafPolicy], PSArgumentException
    + FullyQualifiedErrorId : Microsoft.Azure.Commands.FrontDoor.Cmdlets.UpdateFrontDoorWafPolicy

I also tried to add -Action Log to command New-AzFrontDoorWafManagedRuleObject - in this case my script is working, but it overwrites all the rules action to "Log on anomaly" (only my particaular rule 930100 has the action "Log"), and more over - the other rule sets are missing.

Is there any way to avoid such overwrite and update only single particaular rule action?

Upvotes: 0

Views: 536

Answers (1)

Jahnavi
Jahnavi

Reputation: 8058

I also received the same error when I tried in my environment.

The error implies that the given rule set action value is not supported.

enter image description here

For managed ruleset, I modified the script as below with the supported type & version and it worked as expected.

$RuleOverride1 = New-AzFrontDoorWafManagedRuleOverrideObject -RuleId 930100 -Action Log
$RuleGroupOverride = New-AzFrontDoorWafRuleGroupOverrideObject -RuleGroupName "LFI" -ManagedRuleOverride $RuleOverride1
$ManagedRuleset = New-AzFrontDoorWafManagedRuleObject -Type DefaultRuleSet -Version "preview-0.1" -RuleGroupOverride $RuleGroupOverride
Update-AzFrontDoorWafPolicy -ResourceGroupName "example-resources" -Name "mypolicy" -ManagedRule $ManagedRuleset

Output:

enter image description here

You can refer this MSDoc for more detailed information.

Upvotes: 0

Related Questions