Module frontdoor
This page documents the language specification for the azure package. If you're looking for help working with the inputs, outputs, or functions of azure resources in a Pulumi program, please see the resource documentation for examples and API reference.
Resources
Others
Resources
Resource FirewallPolicy
class FirewallPolicy extends CustomResourceManages an Azure Front Door Web Application Firewall Policy instance.
Example Usage
import * as pulumi from "@pulumi/pulumi";
import * as azure from "@pulumi/azure";
const exampleResourceGroup = new azure.core.ResourceGroup("exampleResourceGroup", {location: "West US 2"});
const exampleFirewallPolicy = new azure.frontdoor.FirewallPolicy("exampleFirewallPolicy", {
resourceGroupName: exampleResourceGroup.name,
enabled: true,
mode: "Prevention",
redirectUrl: "https://www.contoso.com",
customBlockResponseStatusCode: 403,
customBlockResponseBody: "PGh0bWw+CjxoZWFkZXI+PHRpdGxlPkhlbGxvPC90aXRsZT48L2hlYWRlcj4KPGJvZHk+CkhlbGxvIHdvcmxkCjwvYm9keT4KPC9odG1sPg==",
custom_rule: [
{
name: "Rule1",
enabled: true,
priority: 1,
rateLimitDurationInMinutes: 1,
rateLimitThreshold: 10,
type: "MatchRule",
action: "Block",
match_condition: [{
matchVariable: "RemoteAddr",
operator: "IPMatch",
negationCondition: false,
matchValues: [
"192.168.1.0/24",
"10.0.0.0/24",
],
}],
},
{
name: "Rule2",
enabled: true,
priority: 2,
rateLimitDurationInMinutes: 1,
rateLimitThreshold: 10,
type: "MatchRule",
action: "Block",
match_condition: [
{
matchVariable: "RemoteAddr",
operator: "IPMatch",
negationCondition: false,
matchValues: ["192.168.1.0/24"],
},
{
matchVariable: "RequestHeader",
selector: "UserAgent",
operator: "Contains",
negationCondition: false,
matchValues: ["windows"],
transforms: [
"Lowercase",
"Trim",
],
},
],
},
],
managed_rule: [
{
type: "DefaultRuleSet",
version: "1.0",
exclusion: [{
matchVariable: "QueryStringArgNames",
operator: "Equals",
selector: "not_suspicious",
}],
override: [
{
ruleGroupName: "PHP",
rule: [{
ruleId: "933100",
enabled: false,
action: "Block",
}],
},
{
ruleGroupName: "SQLI",
exclusion: [{
matchVariable: "QueryStringArgNames",
operator: "Equals",
selector: "really_not_suspicious",
}],
rule: [{
ruleId: "942200",
action: "Block",
exclusion: [{
matchVariable: "QueryStringArgNames",
operator: "Equals",
selector: "innocent",
}],
}],
},
],
},
{
type: "Microsoft_BotManagerRuleSet",
version: "1.0",
},
],
});constructor
new FirewallPolicy(name: string, args: FirewallPolicyArgs, opts?: pulumi.CustomResourceOptions)Create a FirewallPolicy resource with the given unique name, arguments, and options.
nameThe unique name of the resource.argsThe arguments to use to populate this resource's properties.optsA bag of options that control this resource's behavior.
method get
public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: FirewallPolicyState, opts?: pulumi.CustomResourceOptions): FirewallPolicyGet an existing FirewallPolicy resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
method getProvider
getProvider(moduleMember: string): ProviderResource | undefinedmethod isInstance
public static isInstance(obj: any): obj is FirewallPolicyReturns true if the given object is an instance of FirewallPolicy. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.
property customBlockResponseBody
public customBlockResponseBody: pulumi.Output<string | undefined>;If a customRule block’s action type is block, this is the response body. The body must be specified in base64 encoding.
property customBlockResponseStatusCode
public customBlockResponseStatusCode: pulumi.Output<number | undefined>;If a customRule block’s action type is block, this is the response status code. Possible values are 200, 403, 405, 406, or 429.
property customRules
public customRules: pulumi.Output<FirewallPolicyCustomRule[] | undefined>;One or more customRule blocks as defined below.
property enabled
public enabled: pulumi.Output<boolean | undefined>;Is the policy a enabled state or disabled state. Defaults to true.
property frontendEndpointIds
public frontendEndpointIds: pulumi.Output<string[]>;the Frontend Endpoints associated with this Front Door Web Application Firewall policy.
property id
id: Output<ID>;id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.
property location
public location: pulumi.Output<string>;Resource location.
property managedRules
public managedRules: pulumi.Output<FirewallPolicyManagedRule[] | undefined>;One or more managedRule blocks as defined below.
property mode
public mode: pulumi.Output<string | undefined>;The firewall policy mode. Possible values are Detection, Prevention and defaults to Prevention.
property name
public name: pulumi.Output<string>;The name of the policy. Changing this forces a new resource to be created.
property redirectUrl
public redirectUrl: pulumi.Output<string | undefined>;If action type is redirect, this field represents redirect URL for the client.
property resourceGroupName
public resourceGroupName: pulumi.Output<string>;The name of the resource group. Changing this forces a new resource to be created.
property tags
public tags: pulumi.Output<{[key: string]: string} | undefined>;A mapping of tags to assign to the Web Application Firewall Policy.
property urn
urn: Output<URN>;urn is the stable logical URN used to distinctly address a resource, both before and after deployments.
Resource Frontdoor
class Frontdoor extends CustomResourceManages an Azure Front Door instance.
Azure Front Door Service is Microsoft’s highly available and scalable web application acceleration platform and global HTTP(s) load balancer. It provides built-in DDoS protection and application layer security and caching. Front Door enables you to build applications that maximize and automate high-availability and performance for your end-users. Use Front Door with Azure services including Web/Mobile Apps, Cloud Services and Virtual Machines – or combine it with on-premises services for hybrid deployments and smooth cloud migration.
Below are some of the key scenarios that Azure Front Door Service addresses: * Use Front Door to improve application scale and availability with instant multi-region failover * Use Front Door to improve application performance with SSL offload and routing requests to the fastest available application backend. * Use Front Door for application layer security and DDoS protection for your application.
Example Usage
import * as pulumi from "@pulumi/pulumi";
import * as azure from "@pulumi/azure";
const exampleResourceGroup = new azure.core.ResourceGroup("exampleResourceGroup", {location: "EastUS2"});
const exampleFrontdoor = new azure.frontdoor.Frontdoor("exampleFrontdoor", {
resourceGroupName: exampleResourceGroup.name,
enforceBackendPoolsCertificateNameCheck: false,
routing_rule: [{
name: "exampleRoutingRule1",
acceptedProtocols: [
"Http",
"Https",
],
patternsToMatches: ["/*"],
frontendEndpoints: ["exampleFrontendEndpoint1"],
forwarding_configuration: {
forwardingProtocol: "MatchRequest",
backendPoolName: "exampleBackendBing",
},
}],
backend_pool_load_balancing: [{
name: "exampleLoadBalancingSettings1",
}],
backend_pool_health_probe: [{
name: "exampleHealthProbeSetting1",
}],
backend_pool: [{
name: "exampleBackendBing",
backend: [{
hostHeader: "www.bing.com",
address: "www.bing.com",
httpPort: 80,
httpsPort: 443,
}],
loadBalancingName: "exampleLoadBalancingSettings1",
healthProbeName: "exampleHealthProbeSetting1",
}],
frontend_endpoint: [{
name: "exampleFrontendEndpoint1",
hostName: "example-FrontDoor.azurefd.net",
customHttpsProvisioningEnabled: false,
}],
});constructor
new Frontdoor(name: string, args: FrontdoorArgs, opts?: pulumi.CustomResourceOptions)Create a Frontdoor resource with the given unique name, arguments, and options.
nameThe unique name of the resource.argsThe arguments to use to populate this resource's properties.optsA bag of options that control this resource's behavior.
method get
public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: FrontdoorState, opts?: pulumi.CustomResourceOptions): FrontdoorGet an existing Frontdoor resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
method getProvider
getProvider(moduleMember: string): ProviderResource | undefinedmethod isInstance
public static isInstance(obj: any): obj is FrontdoorReturns true if the given object is an instance of Frontdoor. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.
property backendPoolHealthProbes
public backendPoolHealthProbes: pulumi.Output<FrontdoorBackendPoolHealthProbe[]>;A backendPoolHealthProbe block as defined below.
property backendPoolLoadBalancings
public backendPoolLoadBalancings: pulumi.Output<FrontdoorBackendPoolLoadBalancing[]>;A backendPoolLoadBalancing block as defined below.
property backendPools
public backendPools: pulumi.Output<FrontdoorBackendPool[]>;A backendPool block as defined below.
property backendPoolsSendReceiveTimeoutSeconds
public backendPoolsSendReceiveTimeoutSeconds: pulumi.Output<number | undefined>;Specifies the send and receive timeout on forwarding request to the backend. When the timeout is reached, the request fails and returns. Possible values are between 0 - 240. Defaults to 60.
property cname
public cname: pulumi.Output<string>;The host that each frontendEndpoint must CNAME to.
property enforceBackendPoolsCertificateNameCheck
public enforceBackendPoolsCertificateNameCheck: pulumi.Output<boolean>;Enforce certificate name check on HTTPS requests to all backend pools, this setting will have no effect on HTTP requests. Permitted values are true or false.
property friendlyName
public friendlyName: pulumi.Output<string | undefined>;A friendly name for the Front Door service.
property frontendEndpoints
public frontendEndpoints: pulumi.Output<FrontdoorFrontendEndpoint[]>;A frontendEndpoint block as defined below.
property headerFrontdoorId
public headerFrontdoorId: pulumi.Output<string>;The unique ID of the Front Door which is embedded into the incoming headers X-Azure-FDID attribute and maybe used to filter traffic sent by the Front Door to your backend.
property id
id: Output<ID>;id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.
property loadBalancerEnabled
public loadBalancerEnabled: pulumi.Output<boolean | undefined>;Should the Front Door Load Balancer be Enabled? Defaults to true.
property location
public location: pulumi.Output<string>;property name
public name: pulumi.Output<string>;Specifies the name of the Front Door service. Changing this forces a new resource to be created.
property resourceGroupName
public resourceGroupName: pulumi.Output<string>;Specifies the name of the Resource Group in which the Front Door service should exist. Changing this forces a new resource to be created.
property routingRules
public routingRules: pulumi.Output<FrontdoorRoutingRule[]>;A routingRule block as defined below.
property tags
public tags: pulumi.Output<{[key: string]: string} | undefined>;A mapping of tags to assign to the resource.
property urn
urn: Output<URN>;urn is the stable logical URN used to distinctly address a resource, both before and after deployments.
Others
interface FirewallPolicyArgs
interface FirewallPolicyArgsThe set of arguments for constructing a FirewallPolicy resource.
property customBlockResponseBody
customBlockResponseBody?: pulumi.Input<string>;If a customRule block’s action type is block, this is the response body. The body must be specified in base64 encoding.
property customBlockResponseStatusCode
customBlockResponseStatusCode?: pulumi.Input<number>;If a customRule block’s action type is block, this is the response status code. Possible values are 200, 403, 405, 406, or 429.
property customRules
customRules?: pulumi.Input<pulumi.Input<FirewallPolicyCustomRule>[]>;One or more customRule blocks as defined below.
property enabled
enabled?: pulumi.Input<boolean>;Is the policy a enabled state or disabled state. Defaults to true.
property managedRules
managedRules?: pulumi.Input<pulumi.Input<FirewallPolicyManagedRule>[]>;One or more managedRule blocks as defined below.
property mode
mode?: pulumi.Input<string>;The firewall policy mode. Possible values are Detection, Prevention and defaults to Prevention.
property name
name?: pulumi.Input<string>;The name of the policy. Changing this forces a new resource to be created.
property redirectUrl
redirectUrl?: pulumi.Input<string>;If action type is redirect, this field represents redirect URL for the client.
property resourceGroupName
resourceGroupName: pulumi.Input<string>;The name of the resource group. Changing this forces a new resource to be created.
property tags
tags?: pulumi.Input<{[key: string]: pulumi.Input<string>}>;A mapping of tags to assign to the Web Application Firewall Policy.
interface FirewallPolicyState
interface FirewallPolicyStateInput properties used for looking up and filtering FirewallPolicy resources.
property customBlockResponseBody
customBlockResponseBody?: pulumi.Input<string>;If a customRule block’s action type is block, this is the response body. The body must be specified in base64 encoding.
property customBlockResponseStatusCode
customBlockResponseStatusCode?: pulumi.Input<number>;If a customRule block’s action type is block, this is the response status code. Possible values are 200, 403, 405, 406, or 429.
property customRules
customRules?: pulumi.Input<pulumi.Input<FirewallPolicyCustomRule>[]>;One or more customRule blocks as defined below.
property enabled
enabled?: pulumi.Input<boolean>;Is the policy a enabled state or disabled state. Defaults to true.
property frontendEndpointIds
frontendEndpointIds?: pulumi.Input<pulumi.Input<string>[]>;the Frontend Endpoints associated with this Front Door Web Application Firewall policy.
property location
location?: pulumi.Input<string>;Resource location.
property managedRules
managedRules?: pulumi.Input<pulumi.Input<FirewallPolicyManagedRule>[]>;One or more managedRule blocks as defined below.
property mode
mode?: pulumi.Input<string>;The firewall policy mode. Possible values are Detection, Prevention and defaults to Prevention.
property name
name?: pulumi.Input<string>;The name of the policy. Changing this forces a new resource to be created.
property redirectUrl
redirectUrl?: pulumi.Input<string>;If action type is redirect, this field represents redirect URL for the client.
property resourceGroupName
resourceGroupName?: pulumi.Input<string>;The name of the resource group. Changing this forces a new resource to be created.
property tags
tags?: pulumi.Input<{[key: string]: pulumi.Input<string>}>;A mapping of tags to assign to the Web Application Firewall Policy.
interface FrontdoorArgs
interface FrontdoorArgsThe set of arguments for constructing a Frontdoor resource.
property backendPoolHealthProbes
backendPoolHealthProbes: pulumi.Input<pulumi.Input<FrontdoorBackendPoolHealthProbe>[]>;A backendPoolHealthProbe block as defined below.
property backendPoolLoadBalancings
backendPoolLoadBalancings: pulumi.Input<pulumi.Input<FrontdoorBackendPoolLoadBalancing>[]>;A backendPoolLoadBalancing block as defined below.
property backendPools
backendPools: pulumi.Input<pulumi.Input<FrontdoorBackendPool>[]>;A backendPool block as defined below.
property backendPoolsSendReceiveTimeoutSeconds
backendPoolsSendReceiveTimeoutSeconds?: pulumi.Input<number>;Specifies the send and receive timeout on forwarding request to the backend. When the timeout is reached, the request fails and returns. Possible values are between 0 - 240. Defaults to 60.
property enforceBackendPoolsCertificateNameCheck
enforceBackendPoolsCertificateNameCheck: pulumi.Input<boolean>;Enforce certificate name check on HTTPS requests to all backend pools, this setting will have no effect on HTTP requests. Permitted values are true or false.
property friendlyName
friendlyName?: pulumi.Input<string>;A friendly name for the Front Door service.
property frontendEndpoints
frontendEndpoints: pulumi.Input<pulumi.Input<FrontdoorFrontendEndpoint>[]>;A frontendEndpoint block as defined below.
property loadBalancerEnabled
loadBalancerEnabled?: pulumi.Input<boolean>;Should the Front Door Load Balancer be Enabled? Defaults to true.
property location
location?: pulumi.Input<string>;property name
name?: pulumi.Input<string>;Specifies the name of the Front Door service. Changing this forces a new resource to be created.
property resourceGroupName
resourceGroupName: pulumi.Input<string>;Specifies the name of the Resource Group in which the Front Door service should exist. Changing this forces a new resource to be created.
property routingRules
routingRules: pulumi.Input<pulumi.Input<FrontdoorRoutingRule>[]>;A routingRule block as defined below.
property tags
tags?: pulumi.Input<{[key: string]: pulumi.Input<string>}>;A mapping of tags to assign to the resource.
interface FrontdoorState
interface FrontdoorStateInput properties used for looking up and filtering Frontdoor resources.
property backendPoolHealthProbes
backendPoolHealthProbes?: pulumi.Input<pulumi.Input<FrontdoorBackendPoolHealthProbe>[]>;A backendPoolHealthProbe block as defined below.
property backendPoolLoadBalancings
backendPoolLoadBalancings?: pulumi.Input<pulumi.Input<FrontdoorBackendPoolLoadBalancing>[]>;A backendPoolLoadBalancing block as defined below.
property backendPools
backendPools?: pulumi.Input<pulumi.Input<FrontdoorBackendPool>[]>;A backendPool block as defined below.
property backendPoolsSendReceiveTimeoutSeconds
backendPoolsSendReceiveTimeoutSeconds?: pulumi.Input<number>;Specifies the send and receive timeout on forwarding request to the backend. When the timeout is reached, the request fails and returns. Possible values are between 0 - 240. Defaults to 60.
property cname
cname?: pulumi.Input<string>;The host that each frontendEndpoint must CNAME to.
property enforceBackendPoolsCertificateNameCheck
enforceBackendPoolsCertificateNameCheck?: pulumi.Input<boolean>;Enforce certificate name check on HTTPS requests to all backend pools, this setting will have no effect on HTTP requests. Permitted values are true or false.
property friendlyName
friendlyName?: pulumi.Input<string>;A friendly name for the Front Door service.
property frontendEndpoints
frontendEndpoints?: pulumi.Input<pulumi.Input<FrontdoorFrontendEndpoint>[]>;A frontendEndpoint block as defined below.
property headerFrontdoorId
headerFrontdoorId?: pulumi.Input<string>;The unique ID of the Front Door which is embedded into the incoming headers X-Azure-FDID attribute and maybe used to filter traffic sent by the Front Door to your backend.
property loadBalancerEnabled
loadBalancerEnabled?: pulumi.Input<boolean>;Should the Front Door Load Balancer be Enabled? Defaults to true.
property location
location?: pulumi.Input<string>;property name
name?: pulumi.Input<string>;Specifies the name of the Front Door service. Changing this forces a new resource to be created.
property resourceGroupName
resourceGroupName?: pulumi.Input<string>;Specifies the name of the Resource Group in which the Front Door service should exist. Changing this forces a new resource to be created.
property routingRules
routingRules?: pulumi.Input<pulumi.Input<FrontdoorRoutingRule>[]>;A routingRule block as defined below.
property tags
tags?: pulumi.Input<{[key: string]: pulumi.Input<string>}>;A mapping of tags to assign to the resource.