Azure Front Door WAF Service enables you to define, manage, and monitor the global routing for your web traffic by optimizing for best performance and instant global failover for high availability. With Front Door, you can transform your global (multi-region) consumer and enterprise applications into robust, high-performance personalized modern applications, APIs, and content that reach a global audience with Azure.
This document provides information about the Azure Front Door WAF Connector, which facilitates automated interactions, with a Azure Front Door WAF server using FortiSOAR™ playbooks. Add the Azure Front Door WAF Connector as a step in FortiSOAR™ playbooks and perform automated operations with Azure Front Door WAF.
Connector Version: 1.0.0
FortiSOAR™ Version Tested on: 7.4.1-3167
Azure Front Door WAF Version Tested on: 2020-11-01
Authored By: Fortinet
Certified: Yes
Use the Content Hub to install the connector. For the detailed procedure to install a connector, click here.
You can also use the yum command as a root user to install the connector:
yum install cyops-connector-azure-front-door-waf
For the procedure to configure a connector, click here
In FortiSOAR™, on the Connectors page, click the Azure Front Door WAF connector row (if you are in the Grid view on the Connectors page) and in the Configurations tab enter the required configuration details:
| Parameter | Description |
|---|---|
| Get Access Token | Select the method using which you received authentication tokens to access the management activity APIs. You can choose between On behalf of User – Delegate Permission or Without a User – Application Permission. For more information, see the Getting Access Tokens section. |
| Server URL | The service-based URI to connect and perform the automated operations. |
| Client ID | Unique API ID of the Azure AD application that is used to create an authentication token required to access the API. |
| Client Secret | Unique API Secret of the Azure AD application that is used to create an authentication token required to access the API. |
| Tenant ID | ID of the tenant that you have been provided for your Azure AD instance. |
| Authorization Code | (Only Applicable to On behalf of User – Delegate Permission) The authorization code that you acquired during the authorization step. |
| Redirect URL | (Only Applicable to On behalf of User – Delegate Permission) The redirect_uri of your app, where authentication responses can be sent and received by your app. It must exactly match one of the redirect_uri you registered in the app registration portal. |
| Resource Group Name | Name of the resource group that holds resources on the Azure Portal. |
| Subscription ID | Subscription credentials that uniquely identify the Microsoft Azure subscription. |
| API Version | Specify The API version to use for all automated operations using this connector. |
| Verify SSL | Specifies whether the SSL certificate for the server is to be verified. By default, this option is set to True. |
The following automated operations can be included in playbooks and you can also use the annotations to access operations:
| Function | Description | Annotation and Category |
|---|---|---|
| Create or Update Policy | Creates or updates policy with specified rule set name within a resource group. | create_or_update_policy Investigation |
| Get Policy Details | Retrieves protection policy with a specified name within a resource group. | get_policy_details Investigation |
| Get Policies List | Lists all of the protection policies within a resource group. | get_policies_list Investigation |
| Delete Policy | Deletes policy based on the policy name that you have specified. | delete_policy Investigation |
| Block IP | Creates or updates policy to block IPs based on the input parameters that you have specified. | block_ip Investigation |
| Unblock IP | Creates or updates policy to unblock IPs based on the input parameters that you have specified. | unblock_ip Investigation |
| Parameter | Description |
|---|---|
| Policy Name | Specify the name of the Web Application Firewall Policy. If a policy with the specified name exists, the policy is updated, else a new policy is created. |
| Location | Specify the resource location. |
| Custom Rules | Specify custom rules inside the policy in a JSON format. If a rule with the specified name exists, the rule is updated, else a new rule is created. |
| Managed Rules | Specify managed rules inside the policy in a JSON format. |
| Policy Settings | Specify settings for the policy in a JSON format. |
| Sku | Specify the pricing tier of the web application firewall policy. Defaults to Classic_AzureFrontDoor if not specified. |
| Tags | Specify the resource tags in a JSON format. |
The output contains the following populated JSON schema:
{
"name": "",
"id": "",
"type": "",
"tags": "",
"location": "",
"properties": {
"resourceState": "",
"provisioningState": "",
"policySettings": {
"enabledState": "",
"mode": "",
"redirectUrl": "",
"customBlockResponseStatusCode": "",
"customBlockResponseBody": "",
"requestBodyCheck": ""
},
"customRules": {
"rules": [
{
"name": "",
"priority": "",
"enabledState": "",
"ruleType": "",
"rateLimitDurationInMinutes": "",
"rateLimitThreshold": "",
"matchConditions": [
{
"matchVariable": "",
"selector": "",
"operator": "",
"negateCondition": "",
"matchValue": [],
"transforms": []
}
],
"action": ""
}
]
},
"managedRules": {
"managedRuleSets": [
{
"ruleSetType": "",
"ruleSetVersion": "",
"ruleSetAction": "",
"exclusions": [
{
"matchVariable": "",
"selectorMatchOperator": "",
"selector": ""
}
],
"ruleGroupOverrides": [
{
"ruleGroupName": "",
"exclusions": [
{
"matchVariable": "",
"selectorMatchOperator": "",
"selector": ""
}
],
"rules": [
{
"ruleId": "",
"enabledState": "",
"action": "",
"exclusions": [
{
"matchVariable": "",
"selectorMatchOperator": "",
"selector": ""
}
]
}
]
}
]
}
]
},
"frontendEndpointLinks": [],
"securityPolicyLinks": []
},
"sku": {
"name": ""
}
}
| Parameter | Description |
|---|---|
| Policy Name | Specify the name of the policy to get its details from Azure Front Door Web Application Firewall. |
The output contains the following populated JSON schema:
{
"name": "",
"id": "",
"type": "",
"tags": "",
"location": "",
"properties": {
"resourceState": "",
"provisioningState": "",
"policySettings": {
"enabledState": "",
"mode": "",
"redirectUrl": "",
"customBlockResponseStatusCode": "",
"customBlockResponseBody": "",
"requestBodyCheck": ""
},
"customRules": {
"rules": [
{
"name": "",
"priority": "",
"enabledState": "",
"ruleType": "",
"rateLimitDurationInMinutes": "",
"rateLimitThreshold": "",
"matchConditions": [
{
"matchVariable": "",
"selector": "",
"operator": "",
"negateCondition": "",
"matchValue": [],
"transforms": []
}
],
"action": ""
}
]
},
"managedRules": {
"managedRuleSets": [
{
"ruleSetType": "",
"ruleSetVersion": "",
"ruleSetAction": "",
"exclusions": [
{
"matchVariable": "",
"selectorMatchOperator": "",
"selector": ""
}
],
"ruleGroupOverrides": [
{
"ruleGroupName": "",
"exclusions": [],
"rules": [
{
"ruleId": "",
"enabledState": "",
"action": "",
"exclusions": []
}
]
}
]
}
]
},
"frontendEndpointLinks": [
{
"id": ""
}
],
"securityPolicyLinks": []
},
"sku": {
"name": ""
}
}
None.
The output contains the following populated JSON schema:
{
"value": [
{
"name": "",
"id": "",
"type": "",
"tags": "",
"location": "",
"sku": {
"name": ""
},
"properties": {
"resourceState": "",
"provisioningState": "",
"policySettings": {
"enabledState": "",
"mode": "",
"redirectUrl": "",
"customBlockResponseStatusCode": "",
"customBlockResponseBody": ""
},
"customRules": {
"rules": [
{
"name": "",
"priority": "",
"enabledState": "",
"ruleType": "",
"rateLimitDurationInMinutes": "",
"rateLimitThreshold": "",
"matchConditions": [
{
"matchVariable": "",
"selector": "",
"operator": "",
"negateCondition": "",
"matchValue": [],
"transforms": []
}
],
"action": ""
}
]
},
"managedRules": {
"managedRuleSets": [
{
"ruleSetType": "",
"ruleSetVersion": "",
"exclusions": [
{
"matchVariable": "",
"selectorMatchOperator": "",
"selector": ""
}
],
"ruleGroupOverrides": [
{
"ruleGroupName": "",
"rules": [
{
"ruleId": "",
"enabledState": "",
"action": ""
}
]
}
]
}
]
},
"frontendEndpointLinks": [
{
"id": ""
}
],
"securityPolicyLinks": []
}
}
]
}
| Parameter | Description |
|---|---|
| Policy Name | Specify the name of the policy to delete from Azure Front Door Web Application Firewall. |
The output contains the following populated JSON schema:
{
"success": "Deleted Successfully"
}
| Parameter | Description |
|---|---|
| Policy Name | Specify the name of the policy to apply for blocking the IP address on Azure Front Door Web Application Firewall. If a policy with the specified name exists, the policy is updated, else a new policy is created. |
| Location | Specify the resource location to apply the policy for blocking the IP address on Azure Front Door Web Application Firewall. |
| Rule Name | Specify the rule name that you want to create or update for blocking the IP address on Azure Front Door Web Application Firewall. If a rule with the specified name exists, the rule is updated, else a new rule is created. |
| Rule Priority | Specify a unique number to the rule to specify the order in which the rule is processed relative to other custom rules. Rules with lower values are evaluated before rules with higher values. Best practice is to assign numbers in increments of 100 to make prioritizing rules easy if necessary. |
| IP Address | Specify a comma-separated list of IP addresses that you want to block on Azure Front Door Web Application Firewall. |
| Sku | Specify the pricing tier of the policy on Azure Front Door Web Application Firewall. Defaults to Classic_AzureFrontDoor if not specified. |
The output contains the following populated JSON schema:
{
"name": "",
"id": "",
"type": "",
"tags": "",
"location": "",
"properties": {
"resourceState": "",
"provisioningState": "",
"policySettings": {
"enabledState": "",
"mode": "",
"redirectUrl": "",
"customBlockResponseStatusCode": "",
"customBlockResponseBody": "",
"requestBodyCheck": ""
},
"customRules": {
"rules": [
{
"name": "",
"priority": "",
"enabledState": "",
"ruleType": "",
"rateLimitDurationInMinutes": "",
"rateLimitThreshold": "",
"matchConditions": [
{
"matchVariable": "",
"selector": "",
"operator": "",
"negateCondition": "",
"matchValue": [],
"transforms": []
}
],
"action": ""
}
]
},
"managedRules": {
"managedRuleSets": [
{
"ruleSetType": "",
"ruleSetVersion": "",
"ruleSetAction": "",
"exclusions": [
{
"matchVariable": "",
"selectorMatchOperator": "",
"selector": ""
}
],
"ruleGroupOverrides": [
{
"ruleGroupName": "",
"exclusions": [
{
"matchVariable": "",
"selectorMatchOperator": "",
"selector": ""
}
],
"rules": [
{
"ruleId": "",
"enabledState": "",
"action": "",
"exclusions": [
{
"matchVariable": "",
"selectorMatchOperator": "",
"selector": ""
}
]
}
]
}
]
}
]
},
"frontendEndpointLinks": [],
"securityPolicyLinks": []
},
"sku": {
"name": ""
}
}
| Parameter | Description |
|---|---|
| Policy Name | Specify the name of the policy for unblocking the IP address on Azure Front Door Web Application Firewall. |
| Rule Name | Specify the rule name that you want to create or update for blocking the IP address on Azure Front Door Web Application Firewall. |
| IP Address | Specify a comma-separated list of IP addresses that you want to unblock on Azure Front Door Web Application Firewall. |
The output contains the following populated JSON schema:
{
"name": "",
"id": "",
"type": "",
"tags": "",
"location": "",
"properties": {
"resourceState": "",
"provisioningState": "",
"policySettings": {
"enabledState": "",
"mode": "",
"redirectUrl": "",
"customBlockResponseStatusCode": "",
"customBlockResponseBody": "",
"requestBodyCheck": ""
},
"customRules": {
"rules": [
{
"name": "",
"priority": "",
"enabledState": "",
"ruleType": "",
"rateLimitDurationInMinutes": "",
"rateLimitThreshold": "",
"matchConditions": [
{
"matchVariable": "",
"selector": "",
"operator": "",
"negateCondition": "",
"matchValue": [],
"transforms": []
}
],
"action": ""
}
]
},
"managedRules": {
"managedRuleSets": [
{
"ruleSetType": "",
"ruleSetVersion": "",
"ruleSetAction": "",
"exclusions": [
{
"matchVariable": "",
"selectorMatchOperator": "",
"selector": ""
}
],
"ruleGroupOverrides": [
{
"ruleGroupName": "",
"exclusions": [
{
"matchVariable": "",
"selectorMatchOperator": "",
"selector": ""
}
],
"rules": [
{
"ruleId": "",
"enabledState": "",
"action": "",
"exclusions": [
{
"matchVariable": "",
"selectorMatchOperator": "",
"selector": ""
}
]
}
]
}
]
}
]
},
"frontendEndpointLinks": [],
"securityPolicyLinks": []
},
"sku": {
"name": ""
}
}
The Sample - Azure Front Door WAF - 1.0.0 playbook collection comes bundled with the Azure Front Door WAF connector. These playbooks contain steps using which you can perform all supported actions. You can see bundled playbooks in the Automation > Playbooks section in FortiSOAR™ after importing the Azure Front Door WAF connector.
Note: If you are planning to use any of the sample playbooks in your environment, ensure that you clone those playbooks and move them to a different collection since the sample playbook collection gets deleted during connector upgrade and delete.
You can get authentication tokens to access the security Azure APIs using two methods:
For more information see, https://learn.microsoft.com/en-us/rest/api/azure/
user_impersonationTENANT_ID, CLIENT_ID, and REDIRECT_URI with your tenant ID, client ID, and the following redirect URL:https://login.microsoftonline.com/TENANT_ID/oauth2/v2.0/authorize?response_type=code&scope=https://management.azure.com/user_impersonation offline_access user.read&client_id=CLIENT_ID&redirect_uri=REDIRECT_URIREDIRECT_URI?code=AUTH_CODE&session_state=SESSION_STATEAUTH_CODE (without the code= prefix) and paste it in your instance configuration in the Authorization Code parameter.user_impersonationAzure Front Door WAF Service enables you to define, manage, and monitor the global routing for your web traffic by optimizing for best performance and instant global failover for high availability. With Front Door, you can transform your global (multi-region) consumer and enterprise applications into robust, high-performance personalized modern applications, APIs, and content that reach a global audience with Azure.
This document provides information about the Azure Front Door WAF Connector, which facilitates automated interactions, with a Azure Front Door WAF server using FortiSOAR™ playbooks. Add the Azure Front Door WAF Connector as a step in FortiSOAR™ playbooks and perform automated operations with Azure Front Door WAF.
Connector Version: 1.0.0
FortiSOAR™ Version Tested on: 7.4.1-3167
Azure Front Door WAF Version Tested on: 2020-11-01
Authored By: Fortinet
Certified: Yes
Use the Content Hub to install the connector. For the detailed procedure to install a connector, click here.
You can also use the yum command as a root user to install the connector:
yum install cyops-connector-azure-front-door-waf
For the procedure to configure a connector, click here
In FortiSOAR™, on the Connectors page, click the Azure Front Door WAF connector row (if you are in the Grid view on the Connectors page) and in the Configurations tab enter the required configuration details:
| Parameter | Description |
|---|---|
| Get Access Token | Select the method using which you received authentication tokens to access the management activity APIs. You can choose between On behalf of User – Delegate Permission or Without a User – Application Permission. For more information, see the Getting Access Tokens section. |
| Server URL | The service-based URI to connect and perform the automated operations. |
| Client ID | Unique API ID of the Azure AD application that is used to create an authentication token required to access the API. |
| Client Secret | Unique API Secret of the Azure AD application that is used to create an authentication token required to access the API. |
| Tenant ID | ID of the tenant that you have been provided for your Azure AD instance. |
| Authorization Code | (Only Applicable to On behalf of User – Delegate Permission) The authorization code that you acquired during the authorization step. |
| Redirect URL | (Only Applicable to On behalf of User – Delegate Permission) The redirect_uri of your app, where authentication responses can be sent and received by your app. It must exactly match one of the redirect_uri you registered in the app registration portal. |
| Resource Group Name | Name of the resource group that holds resources on the Azure Portal. |
| Subscription ID | Subscription credentials that uniquely identify the Microsoft Azure subscription. |
| API Version | Specify The API version to use for all automated operations using this connector. |
| Verify SSL | Specifies whether the SSL certificate for the server is to be verified. By default, this option is set to True. |
The following automated operations can be included in playbooks and you can also use the annotations to access operations:
| Function | Description | Annotation and Category |
|---|---|---|
| Create or Update Policy | Creates or updates policy with specified rule set name within a resource group. | create_or_update_policy Investigation |
| Get Policy Details | Retrieves protection policy with a specified name within a resource group. | get_policy_details Investigation |
| Get Policies List | Lists all of the protection policies within a resource group. | get_policies_list Investigation |
| Delete Policy | Deletes policy based on the policy name that you have specified. | delete_policy Investigation |
| Block IP | Creates or updates policy to block IPs based on the input parameters that you have specified. | block_ip Investigation |
| Unblock IP | Creates or updates policy to unblock IPs based on the input parameters that you have specified. | unblock_ip Investigation |
| Parameter | Description |
|---|---|
| Policy Name | Specify the name of the Web Application Firewall Policy. If a policy with the specified name exists, the policy is updated, else a new policy is created. |
| Location | Specify the resource location. |
| Custom Rules | Specify custom rules inside the policy in a JSON format. If a rule with the specified name exists, the rule is updated, else a new rule is created. |
| Managed Rules | Specify managed rules inside the policy in a JSON format. |
| Policy Settings | Specify settings for the policy in a JSON format. |
| Sku | Specify the pricing tier of the web application firewall policy. Defaults to Classic_AzureFrontDoor if not specified. |
| Tags | Specify the resource tags in a JSON format. |
The output contains the following populated JSON schema:
{
"name": "",
"id": "",
"type": "",
"tags": "",
"location": "",
"properties": {
"resourceState": "",
"provisioningState": "",
"policySettings": {
"enabledState": "",
"mode": "",
"redirectUrl": "",
"customBlockResponseStatusCode": "",
"customBlockResponseBody": "",
"requestBodyCheck": ""
},
"customRules": {
"rules": [
{
"name": "",
"priority": "",
"enabledState": "",
"ruleType": "",
"rateLimitDurationInMinutes": "",
"rateLimitThreshold": "",
"matchConditions": [
{
"matchVariable": "",
"selector": "",
"operator": "",
"negateCondition": "",
"matchValue": [],
"transforms": []
}
],
"action": ""
}
]
},
"managedRules": {
"managedRuleSets": [
{
"ruleSetType": "",
"ruleSetVersion": "",
"ruleSetAction": "",
"exclusions": [
{
"matchVariable": "",
"selectorMatchOperator": "",
"selector": ""
}
],
"ruleGroupOverrides": [
{
"ruleGroupName": "",
"exclusions": [
{
"matchVariable": "",
"selectorMatchOperator": "",
"selector": ""
}
],
"rules": [
{
"ruleId": "",
"enabledState": "",
"action": "",
"exclusions": [
{
"matchVariable": "",
"selectorMatchOperator": "",
"selector": ""
}
]
}
]
}
]
}
]
},
"frontendEndpointLinks": [],
"securityPolicyLinks": []
},
"sku": {
"name": ""
}
}
| Parameter | Description |
|---|---|
| Policy Name | Specify the name of the policy to get its details from Azure Front Door Web Application Firewall. |
The output contains the following populated JSON schema:
{
"name": "",
"id": "",
"type": "",
"tags": "",
"location": "",
"properties": {
"resourceState": "",
"provisioningState": "",
"policySettings": {
"enabledState": "",
"mode": "",
"redirectUrl": "",
"customBlockResponseStatusCode": "",
"customBlockResponseBody": "",
"requestBodyCheck": ""
},
"customRules": {
"rules": [
{
"name": "",
"priority": "",
"enabledState": "",
"ruleType": "",
"rateLimitDurationInMinutes": "",
"rateLimitThreshold": "",
"matchConditions": [
{
"matchVariable": "",
"selector": "",
"operator": "",
"negateCondition": "",
"matchValue": [],
"transforms": []
}
],
"action": ""
}
]
},
"managedRules": {
"managedRuleSets": [
{
"ruleSetType": "",
"ruleSetVersion": "",
"ruleSetAction": "",
"exclusions": [
{
"matchVariable": "",
"selectorMatchOperator": "",
"selector": ""
}
],
"ruleGroupOverrides": [
{
"ruleGroupName": "",
"exclusions": [],
"rules": [
{
"ruleId": "",
"enabledState": "",
"action": "",
"exclusions": []
}
]
}
]
}
]
},
"frontendEndpointLinks": [
{
"id": ""
}
],
"securityPolicyLinks": []
},
"sku": {
"name": ""
}
}
None.
The output contains the following populated JSON schema:
{
"value": [
{
"name": "",
"id": "",
"type": "",
"tags": "",
"location": "",
"sku": {
"name": ""
},
"properties": {
"resourceState": "",
"provisioningState": "",
"policySettings": {
"enabledState": "",
"mode": "",
"redirectUrl": "",
"customBlockResponseStatusCode": "",
"customBlockResponseBody": ""
},
"customRules": {
"rules": [
{
"name": "",
"priority": "",
"enabledState": "",
"ruleType": "",
"rateLimitDurationInMinutes": "",
"rateLimitThreshold": "",
"matchConditions": [
{
"matchVariable": "",
"selector": "",
"operator": "",
"negateCondition": "",
"matchValue": [],
"transforms": []
}
],
"action": ""
}
]
},
"managedRules": {
"managedRuleSets": [
{
"ruleSetType": "",
"ruleSetVersion": "",
"exclusions": [
{
"matchVariable": "",
"selectorMatchOperator": "",
"selector": ""
}
],
"ruleGroupOverrides": [
{
"ruleGroupName": "",
"rules": [
{
"ruleId": "",
"enabledState": "",
"action": ""
}
]
}
]
}
]
},
"frontendEndpointLinks": [
{
"id": ""
}
],
"securityPolicyLinks": []
}
}
]
}
| Parameter | Description |
|---|---|
| Policy Name | Specify the name of the policy to delete from Azure Front Door Web Application Firewall. |
The output contains the following populated JSON schema:
{
"success": "Deleted Successfully"
}
| Parameter | Description |
|---|---|
| Policy Name | Specify the name of the policy to apply for blocking the IP address on Azure Front Door Web Application Firewall. If a policy with the specified name exists, the policy is updated, else a new policy is created. |
| Location | Specify the resource location to apply the policy for blocking the IP address on Azure Front Door Web Application Firewall. |
| Rule Name | Specify the rule name that you want to create or update for blocking the IP address on Azure Front Door Web Application Firewall. If a rule with the specified name exists, the rule is updated, else a new rule is created. |
| Rule Priority | Specify a unique number to the rule to specify the order in which the rule is processed relative to other custom rules. Rules with lower values are evaluated before rules with higher values. Best practice is to assign numbers in increments of 100 to make prioritizing rules easy if necessary. |
| IP Address | Specify a comma-separated list of IP addresses that you want to block on Azure Front Door Web Application Firewall. |
| Sku | Specify the pricing tier of the policy on Azure Front Door Web Application Firewall. Defaults to Classic_AzureFrontDoor if not specified. |
The output contains the following populated JSON schema:
{
"name": "",
"id": "",
"type": "",
"tags": "",
"location": "",
"properties": {
"resourceState": "",
"provisioningState": "",
"policySettings": {
"enabledState": "",
"mode": "",
"redirectUrl": "",
"customBlockResponseStatusCode": "",
"customBlockResponseBody": "",
"requestBodyCheck": ""
},
"customRules": {
"rules": [
{
"name": "",
"priority": "",
"enabledState": "",
"ruleType": "",
"rateLimitDurationInMinutes": "",
"rateLimitThreshold": "",
"matchConditions": [
{
"matchVariable": "",
"selector": "",
"operator": "",
"negateCondition": "",
"matchValue": [],
"transforms": []
}
],
"action": ""
}
]
},
"managedRules": {
"managedRuleSets": [
{
"ruleSetType": "",
"ruleSetVersion": "",
"ruleSetAction": "",
"exclusions": [
{
"matchVariable": "",
"selectorMatchOperator": "",
"selector": ""
}
],
"ruleGroupOverrides": [
{
"ruleGroupName": "",
"exclusions": [
{
"matchVariable": "",
"selectorMatchOperator": "",
"selector": ""
}
],
"rules": [
{
"ruleId": "",
"enabledState": "",
"action": "",
"exclusions": [
{
"matchVariable": "",
"selectorMatchOperator": "",
"selector": ""
}
]
}
]
}
]
}
]
},
"frontendEndpointLinks": [],
"securityPolicyLinks": []
},
"sku": {
"name": ""
}
}
| Parameter | Description |
|---|---|
| Policy Name | Specify the name of the policy for unblocking the IP address on Azure Front Door Web Application Firewall. |
| Rule Name | Specify the rule name that you want to create or update for blocking the IP address on Azure Front Door Web Application Firewall. |
| IP Address | Specify a comma-separated list of IP addresses that you want to unblock on Azure Front Door Web Application Firewall. |
The output contains the following populated JSON schema:
{
"name": "",
"id": "",
"type": "",
"tags": "",
"location": "",
"properties": {
"resourceState": "",
"provisioningState": "",
"policySettings": {
"enabledState": "",
"mode": "",
"redirectUrl": "",
"customBlockResponseStatusCode": "",
"customBlockResponseBody": "",
"requestBodyCheck": ""
},
"customRules": {
"rules": [
{
"name": "",
"priority": "",
"enabledState": "",
"ruleType": "",
"rateLimitDurationInMinutes": "",
"rateLimitThreshold": "",
"matchConditions": [
{
"matchVariable": "",
"selector": "",
"operator": "",
"negateCondition": "",
"matchValue": [],
"transforms": []
}
],
"action": ""
}
]
},
"managedRules": {
"managedRuleSets": [
{
"ruleSetType": "",
"ruleSetVersion": "",
"ruleSetAction": "",
"exclusions": [
{
"matchVariable": "",
"selectorMatchOperator": "",
"selector": ""
}
],
"ruleGroupOverrides": [
{
"ruleGroupName": "",
"exclusions": [
{
"matchVariable": "",
"selectorMatchOperator": "",
"selector": ""
}
],
"rules": [
{
"ruleId": "",
"enabledState": "",
"action": "",
"exclusions": [
{
"matchVariable": "",
"selectorMatchOperator": "",
"selector": ""
}
]
}
]
}
]
}
]
},
"frontendEndpointLinks": [],
"securityPolicyLinks": []
},
"sku": {
"name": ""
}
}
The Sample - Azure Front Door WAF - 1.0.0 playbook collection comes bundled with the Azure Front Door WAF connector. These playbooks contain steps using which you can perform all supported actions. You can see bundled playbooks in the Automation > Playbooks section in FortiSOAR™ after importing the Azure Front Door WAF connector.
Note: If you are planning to use any of the sample playbooks in your environment, ensure that you clone those playbooks and move them to a different collection since the sample playbook collection gets deleted during connector upgrade and delete.
You can get authentication tokens to access the security Azure APIs using two methods:
For more information see, https://learn.microsoft.com/en-us/rest/api/azure/
user_impersonationTENANT_ID, CLIENT_ID, and REDIRECT_URI with your tenant ID, client ID, and the following redirect URL:https://login.microsoftonline.com/TENANT_ID/oauth2/v2.0/authorize?response_type=code&scope=https://management.azure.com/user_impersonation offline_access user.read&client_id=CLIENT_ID&redirect_uri=REDIRECT_URIREDIRECT_URI?code=AUTH_CODE&session_state=SESSION_STATEAUTH_CODE (without the code= prefix) and paste it in your instance configuration in the Authorization Code parameter.user_impersonation