frontdoor¶

This provider is a derived work of the Terraform Provider distributed under MPL 2.0. If you encounter a bug or missing feature, first check the pulumi/pulumi-azure repo; however, if that doesn’t turn up anything, please consult the source terraform-providers/terraform-provider-azurerm repo.

class pulumi_azure.frontdoor.FirewallPolicy(resource_name, opts=None, custom_block_response_body=None, custom_block_response_status_code=None, custom_rules=None, enabled=None, managed_rules=None, mode=None, name=None, redirect_url=None, resource_group_name=None, tags=None, __props__=None, __name__=None, __opts__=None)¶

Manages an Azure Front Door Web Application Firewall Policy instance.

import pulumi
import pulumi_azure as azure

example_resource_group = azure.core.ResourceGroup("exampleResourceGroup", location="West US 2")
example_firewall_policy = azure.frontdoor.FirewallPolicy("exampleFirewallPolicy",
    resource_group_name=example_resource_group.name,
    enabled=True,
    mode="Prevention",
    redirect_url="https://www.contoso.com",
    custom_block_response_status_code=403,
    custom_block_response_body="PGh0bWw+CjxoZWFkZXI+PHRpdGxlPkhlbGxvPC90aXRsZT48L2hlYWRlcj4KPGJvZHk+CkhlbGxvIHdvcmxkCjwvYm9keT4KPC9odG1sPg==",
    custom_rule=[
        {
            "name": "Rule1",
            "enabled": True,
            "priority": 1,
            "rateLimitDurationInMinutes": 1,
            "rateLimitThreshold": 10,
            "type": "MatchRule",
            "action": "Block",
            "match_condition": [{
                "matchVariable": "RemoteAddr",
                "operator": "IPMatch",
                "negationCondition": False,
                "matchValues": [
                    "192.168.1.0/24",
                    "10.0.0.0/24",
                ],
            }],
        },
        {
            "name": "Rule2",
            "enabled": True,
            "priority": 2,
            "rateLimitDurationInMinutes": 1,
            "rateLimitThreshold": 10,
            "type": "MatchRule",
            "action": "Block",
            "match_condition": [
                {
                    "matchVariable": "RemoteAddr",
                    "operator": "IPMatch",
                    "negationCondition": False,
                    "matchValues": ["192.168.1.0/24"],
                },
                {
                    "matchVariable": "RequestHeader",
                    "selector": "UserAgent",
                    "operator": "Contains",
                    "negationCondition": False,
                    "matchValues": ["windows"],
                    "transforms": [
                        "Lowercase",
                        "Trim",
                    ],
                },
            ],
        },
    ],
    managed_rule=[
        {
            "type": "DefaultRuleSet",
            "version": "1.0",
            "exclusion": [{
                "matchVariable": "QueryStringArgNames",
                "operator": "Equals",
                "selector": "not_suspicious",
            }],
            "override": [
                {
                    "ruleGroupName": "PHP",
                    "rule": [{
                        "rule_id": "933100",
                        "enabled": False,
                        "action": "Block",
                    }],
                },
                {
                    "ruleGroupName": "SQLI",
                    "exclusion": [{
                        "matchVariable": "QueryStringArgNames",
                        "operator": "Equals",
                        "selector": "really_not_suspicious",
                    }],
                    "rule": [{
                        "rule_id": "942200",
                        "action": "Block",
                        "exclusion": [{
                            "matchVariable": "QueryStringArgNames",
                            "operator": "Equals",
                            "selector": "innocent",
                        }],
                    }],
                },
            ],
        },
        {
            "type": "Microsoft_BotManagerRuleSet",
            "version": "1.0",
        },
    ])

Parameters

• resource_name (str) – The name of the resource.

• opts (pulumi.ResourceOptions) – Options for the resource.

• custom_block_response_body (pulumi.Input[str]) – If a custom_rule block’s action type is block, this is the response body. The body must be specified in base64 encoding.

• custom_block_response_status_code (pulumi.Input[float]) – If a custom_rule block’s action type is block, this is the response status code. Possible values are 200, 403, 405, 406, or 429.

• custom_rules (pulumi.Input[list]) – One or more custom_rule blocks as defined below.

• enabled (pulumi.Input[bool]) – Is the policy a enabled state or disabled state. Defaults to true.

• managed_rules (pulumi.Input[list]) – One or more managed_rule blocks as defined below.

• mode (pulumi.Input[str]) – The firewall policy mode. Possible values are Detection, Prevention and defaults to Prevention.

• name (pulumi.Input[str]) – The name of the policy. Changing this forces a new resource to be created.

• redirect_url (pulumi.Input[str]) – If action type is redirect, this field represents redirect URL for the client.

• resource_group_name (pulumi.Input[str]) – The name of the resource group. Changing this forces a new resource to be created.

• tags (pulumi.Input[dict]) – A mapping of tags to assign to the Web Application Firewall Policy.

The custom_rules object supports the following:

• action (pulumi.Input[str]) - The action to perform when the rule is matched. Possible values are Allow, Block, Log, or Redirect.

• enabled (pulumi.Input[bool]) - Is the rule is enabled or disabled? Defaults to true.

• matchConditions (pulumi.Input[list]) - One or more match_condition block defined below.

  • matchValues (pulumi.Input[list]) - Up to 100 possible values to match.

  • matchVariable (pulumi.Input[str]) - The request variable to compare with. Possible values are Cookies, PostArgs, QueryString, RemoteAddr, RequestBody, RequestHeader, RequestMethod, or RequestUri.

  • negationCondition (pulumi.Input[bool]) - Should the result of the condition be negated.

  • operator (pulumi.Input[str]) - Comparison type to use for matching with the variable value. Possible values are Any, BeginsWith, Contains, EndsWith, Equal, GeoMatch, GreaterThan, GreaterThanOrEqual, IPMatch, LessThan, LessThanOrEqual or RegEx.

  • selector (pulumi.Input[str]) - Match against a specific key if the match_variable is QueryString, PostArgs, RequestHeader or Cookies.

  • transforms (pulumi.Input[list]) - Up to 5 transforms to apply. Possible values are Lowercase, RemoveNulls, Trim, Uppercase, URLDecode orURLEncode.

• name (pulumi.Input[str]) - Gets name of the resource that is unique within a policy. This name can be used to access the resource.

• priority (pulumi.Input[float]) - The priority of the rule. Rules with a lower value will be evaluated before rules with a higher value. Defaults to 1.

• rateLimitDurationInMinutes (pulumi.Input[float]) - The rate limit duration in minutes. Defaults to 1.

• rateLimitThreshold (pulumi.Input[float]) - The rate limit threshold. Defaults to 10.

• type (pulumi.Input[str]) - The type of rule. Possible values are MatchRule or RateLimitRule.

The managed_rules object supports the following:

• exclusions (pulumi.Input[list]) - One or more exclusion blocks as defined below.

  • matchVariable (pulumi.Input[str]) - The variable type to be excluded. Possible values are QueryStringArgNames, RequestBodyPostArgNames, RequestCookieNames, RequestHeaderNames.

  • operator (pulumi.Input[str]) - Comparison operator to apply to the selector when specifying which elements in the collection this exclusion applies to. Possible values are: Equals, Contains, StartsWith, EndsWith, EqualsAny.

  • selector (pulumi.Input[str]) - Selector for the value in the match_variable attribute this exclusion applies to.

• overrides (pulumi.Input[list]) - One or more override blocks as defined below.

  • exclusions (pulumi.Input[list]) - One or more exclusion blocks as defined below.

    • matchVariable (pulumi.Input[str]) - The variable type to be excluded. Possible values are QueryStringArgNames, RequestBodyPostArgNames, RequestCookieNames, RequestHeaderNames.

    • operator (pulumi.Input[str]) - Comparison operator to apply to the selector when specifying which elements in the collection this exclusion applies to. Possible values are: Equals, Contains, StartsWith, EndsWith, EqualsAny.

    • selector (pulumi.Input[str]) - Selector for the value in the match_variable attribute this exclusion applies to.

  • ruleGroupName (pulumi.Input[str]) - The managed rule group to override.

  • rules (pulumi.Input[list]) - One or more rule blocks as defined below. If none are specified, all of the rules in the group will be disabled.

    • action (pulumi.Input[str]) - The action to be applied when the rule matches. Possible values are Allow, Block, Log, or Redirect.

    • enabled (pulumi.Input[bool]) - Is the managed rule override enabled or disabled. Defaults to false

    • exclusions (pulumi.Input[list]) - One or more exclusion blocks as defined below.

      • matchVariable (pulumi.Input[str]) - The variable type to be excluded. Possible values are QueryStringArgNames, RequestBodyPostArgNames, RequestCookieNames, RequestHeaderNames.

      • operator (pulumi.Input[str]) - Comparison operator to apply to the selector when specifying which elements in the collection this exclusion applies to. Possible values are: Equals, Contains, StartsWith, EndsWith, EqualsAny.

      • selector (pulumi.Input[str]) - Selector for the value in the match_variable attribute this exclusion applies to.

    • rule_id (pulumi.Input[str]) - Identifier for the managed rule.

• type (pulumi.Input[str]) - The name of the managed rule to use with this resource.

• version (pulumi.Input[str]) - The version on the managed rule to use with this resource.

custom_block_response_body: pulumi.Output[str] = None¶

If a custom_rule block’s action type is block, this is the response body. The body must be specified in base64 encoding.

custom_block_response_status_code: pulumi.Output[float] = None¶

If a custom_rule block’s action type is block, this is the response status code. Possible values are 200, 403, 405, 406, or 429.

custom_rules: pulumi.Output[list] = None¶

One or more custom_rule blocks as defined below.

• action (str) - The action to perform when the rule is matched. Possible values are Allow, Block, Log, or Redirect.

• enabled (bool) - Is the rule is enabled or disabled? Defaults to true.

• matchConditions (list) - One or more match_condition block defined below.

  • matchValues (list) - Up to 100 possible values to match.

  • matchVariable (str) - The request variable to compare with. Possible values are Cookies, PostArgs, QueryString, RemoteAddr, RequestBody, RequestHeader, RequestMethod, or RequestUri.

  • negationCondition (bool) - Should the result of the condition be negated.

  • operator (str) - Comparison type to use for matching with the variable value. Possible values are Any, BeginsWith, Contains, EndsWith, Equal, GeoMatch, GreaterThan, GreaterThanOrEqual, IPMatch, LessThan, LessThanOrEqual or RegEx.

  • selector (str) - Match against a specific key if the match_variable is QueryString, PostArgs, RequestHeader or Cookies.

  • transforms (list) - Up to 5 transforms to apply. Possible values are Lowercase, RemoveNulls, Trim, Uppercase, URLDecode orURLEncode.

• name (str) - Gets name of the resource that is unique within a policy. This name can be used to access the resource.

• priority (float) - The priority of the rule. Rules with a lower value will be evaluated before rules with a higher value. Defaults to 1.

• rateLimitDurationInMinutes (float) - The rate limit duration in minutes. Defaults to 1.

• rateLimitThreshold (float) - The rate limit threshold. Defaults to 10.

• type (str) - The type of rule. Possible values are MatchRule or RateLimitRule.

enabled: pulumi.Output[bool] = None¶

Is the policy a enabled state or disabled state. Defaults to true.

frontend_endpoint_ids: pulumi.Output[list] = None¶

the Frontend Endpoints associated with this Front Door Web Application Firewall policy.

location: pulumi.Output[str] = None¶

Resource location.

managed_rules: pulumi.Output[list] = None¶

One or more managed_rule blocks as defined below.

• exclusions (list) - One or more exclusion blocks as defined below.

  • matchVariable (str) - The variable type to be excluded. Possible values are QueryStringArgNames, RequestBodyPostArgNames, RequestCookieNames, RequestHeaderNames.

  • operator (str) - Comparison operator to apply to the selector when specifying which elements in the collection this exclusion applies to. Possible values are: Equals, Contains, StartsWith, EndsWith, EqualsAny.

  • selector (str) - Selector for the value in the match_variable attribute this exclusion applies to.

• overrides (list) - One or more override blocks as defined below.

  • exclusions (list) - One or more exclusion blocks as defined below.

    • matchVariable (str) - The variable type to be excluded. Possible values are QueryStringArgNames, RequestBodyPostArgNames, RequestCookieNames, RequestHeaderNames.

    • operator (str) - Comparison operator to apply to the selector when specifying which elements in the collection this exclusion applies to. Possible values are: Equals, Contains, StartsWith, EndsWith, EqualsAny.

    • selector (str) - Selector for the value in the match_variable attribute this exclusion applies to.

  • ruleGroupName (str) - The managed rule group to override.

  • rules (list) - One or more rule blocks as defined below. If none are specified, all of the rules in the group will be disabled.

    • action (str) - The action to be applied when the rule matches. Possible values are Allow, Block, Log, or Redirect.

    • enabled (bool) - Is the managed rule override enabled or disabled. Defaults to false

    • exclusions (list) - One or more exclusion blocks as defined below.

      • matchVariable (str) - The variable type to be excluded. Possible values are QueryStringArgNames, RequestBodyPostArgNames, RequestCookieNames, RequestHeaderNames.

      • operator (str) - Comparison operator to apply to the selector when specifying which elements in the collection this exclusion applies to. Possible values are: Equals, Contains, StartsWith, EndsWith, EqualsAny.

      • selector (str) - Selector for the value in the match_variable attribute this exclusion applies to.

    • rule_id (str) - Identifier for the managed rule.

• type (str) - The name of the managed rule to use with this resource.

• version (str) - The version on the managed rule to use with this resource.

mode: pulumi.Output[str] = None¶

The firewall policy mode. Possible values are Detection, Prevention and defaults to Prevention.

name: pulumi.Output[str] = None¶

The name of the policy. Changing this forces a new resource to be created.

redirect_url: pulumi.Output[str] = None¶

If action type is redirect, this field represents redirect URL for the client.

resource_group_name: pulumi.Output[str] = None¶

The name of the resource group. Changing this forces a new resource to be created.

tags: pulumi.Output[dict] = None¶

A mapping of tags to assign to the Web Application Firewall Policy.

static get(resource_name, id, opts=None, custom_block_response_body=None, custom_block_response_status_code=None, custom_rules=None, enabled=None, frontend_endpoint_ids=None, location=None, managed_rules=None, mode=None, name=None, redirect_url=None, resource_group_name=None, tags=None)¶

Get an existing FirewallPolicy resource’s state with the given name, id, and optional extra properties used to qualify the lookup.

Parameters

• resource_name (str) – The unique name of the resulting resource.

• id (str) – The unique provider ID of the resource to lookup.

• opts (pulumi.ResourceOptions) – Options for the resource.

• custom_block_response_body (pulumi.Input[str]) – If a custom_rule block’s action type is block, this is the response body. The body must be specified in base64 encoding.

• custom_block_response_status_code (pulumi.Input[float]) – If a custom_rule block’s action type is block, this is the response status code. Possible values are 200, 403, 405, 406, or 429.

• custom_rules (pulumi.Input[list]) – One or more custom_rule blocks as defined below.

• enabled (pulumi.Input[bool]) – Is the policy a enabled state or disabled state. Defaults to true.

• frontend_endpoint_ids (pulumi.Input[list]) – the Frontend Endpoints associated with this Front Door Web Application Firewall policy.

• location (pulumi.Input[str]) – Resource location.

• managed_rules (pulumi.Input[list]) – One or more managed_rule blocks as defined below.

• mode (pulumi.Input[str]) – The firewall policy mode. Possible values are Detection, Prevention and defaults to Prevention.

• name (pulumi.Input[str]) – The name of the policy. Changing this forces a new resource to be created.

• redirect_url (pulumi.Input[str]) – If action type is redirect, this field represents redirect URL for the client.

• resource_group_name (pulumi.Input[str]) – The name of the resource group. Changing this forces a new resource to be created.

• tags (pulumi.Input[dict]) – A mapping of tags to assign to the Web Application Firewall Policy.

The custom_rules object supports the following:

• action (pulumi.Input[str]) - The action to perform when the rule is matched. Possible values are Allow, Block, Log, or Redirect.

• enabled (pulumi.Input[bool]) - Is the rule is enabled or disabled? Defaults to true.

• matchConditions (pulumi.Input[list]) - One or more match_condition block defined below.

  • matchValues (pulumi.Input[list]) - Up to 100 possible values to match.

  • matchVariable (pulumi.Input[str]) - The request variable to compare with. Possible values are Cookies, PostArgs, QueryString, RemoteAddr, RequestBody, RequestHeader, RequestMethod, or RequestUri.

  • negationCondition (pulumi.Input[bool]) - Should the result of the condition be negated.

  • operator (pulumi.Input[str]) - Comparison type to use for matching with the variable value. Possible values are Any, BeginsWith, Contains, EndsWith, Equal, GeoMatch, GreaterThan, GreaterThanOrEqual, IPMatch, LessThan, LessThanOrEqual or RegEx.

  • selector (pulumi.Input[str]) - Match against a specific key if the match_variable is QueryString, PostArgs, RequestHeader or Cookies.

  • transforms (pulumi.Input[list]) - Up to 5 transforms to apply. Possible values are Lowercase, RemoveNulls, Trim, Uppercase, URLDecode orURLEncode.

• name (pulumi.Input[str]) - Gets name of the resource that is unique within a policy. This name can be used to access the resource.

• priority (pulumi.Input[float]) - The priority of the rule. Rules with a lower value will be evaluated before rules with a higher value. Defaults to 1.

• rateLimitDurationInMinutes (pulumi.Input[float]) - The rate limit duration in minutes. Defaults to 1.

• rateLimitThreshold (pulumi.Input[float]) - The rate limit threshold. Defaults to 10.

• type (pulumi.Input[str]) - The type of rule. Possible values are MatchRule or RateLimitRule.

The managed_rules object supports the following:

• exclusions (pulumi.Input[list]) - One or more exclusion blocks as defined below.

  • matchVariable (pulumi.Input[str]) - The variable type to be excluded. Possible values are QueryStringArgNames, RequestBodyPostArgNames, RequestCookieNames, RequestHeaderNames.

  • operator (pulumi.Input[str]) - Comparison operator to apply to the selector when specifying which elements in the collection this exclusion applies to. Possible values are: Equals, Contains, StartsWith, EndsWith, EqualsAny.

  • selector (pulumi.Input[str]) - Selector for the value in the match_variable attribute this exclusion applies to.

• overrides (pulumi.Input[list]) - One or more override blocks as defined below.

  • exclusions (pulumi.Input[list]) - One or more exclusion blocks as defined below.

    • matchVariable (pulumi.Input[str]) - The variable type to be excluded. Possible values are QueryStringArgNames, RequestBodyPostArgNames, RequestCookieNames, RequestHeaderNames.

    • operator (pulumi.Input[str]) - Comparison operator to apply to the selector when specifying which elements in the collection this exclusion applies to. Possible values are: Equals, Contains, StartsWith, EndsWith, EqualsAny.

    • selector (pulumi.Input[str]) - Selector for the value in the match_variable attribute this exclusion applies to.

  • ruleGroupName (pulumi.Input[str]) - The managed rule group to override.

  • rules (pulumi.Input[list]) - One or more rule blocks as defined below. If none are specified, all of the rules in the group will be disabled.

    • action (pulumi.Input[str]) - The action to be applied when the rule matches. Possible values are Allow, Block, Log, or Redirect.

    • enabled (pulumi.Input[bool]) - Is the managed rule override enabled or disabled. Defaults to false

    • exclusions (pulumi.Input[list]) - One or more exclusion blocks as defined below.

      • matchVariable (pulumi.Input[str]) - The variable type to be excluded. Possible values are QueryStringArgNames, RequestBodyPostArgNames, RequestCookieNames, RequestHeaderNames.

      • operator (pulumi.Input[str]) - Comparison operator to apply to the selector when specifying which elements in the collection this exclusion applies to. Possible values are: Equals, Contains, StartsWith, EndsWith, EqualsAny.

      • selector (pulumi.Input[str]) - Selector for the value in the match_variable attribute this exclusion applies to.

    • rule_id (pulumi.Input[str]) - Identifier for the managed rule.

• type (pulumi.Input[str]) - The name of the managed rule to use with this resource.

• version (pulumi.Input[str]) - The version on the managed rule to use with this resource.

translate_output_property(prop)¶

Provides subclasses of Resource an opportunity to translate names of output properties into a format of their choosing before writing those properties to the resource object.

Parameters

prop (str) – A property name.

Returns

A potentially transformed property name.

Return type

str

translate_input_property(prop)¶

Provides subclasses of Resource an opportunity to translate names of input properties into a format of their choosing before sending those properties to the Pulumi engine.

Parameters

prop (str) – A property name.

Returns

A potentially transformed property name.

Return type

str

class pulumi_azure.frontdoor.Frontdoor(resource_name, opts=None, backend_pool_health_probes=None, backend_pool_load_balancings=None, backend_pools=None, backend_pools_send_receive_timeout_seconds=None, enforce_backend_pools_certificate_name_check=None, friendly_name=None, frontend_endpoints=None, load_balancer_enabled=None, location=None, name=None, resource_group_name=None, routing_rules=None, tags=None, __props__=None, __name__=None, __opts__=None)¶

Manages an Azure Front Door instance.

Azure Front Door Service is Microsoft’s highly available and scalable web application acceleration platform and global HTTP(s) load balancer. It provides built-in DDoS protection and application layer security and caching. Front Door enables you to build applications that maximize and automate high-availability and performance for your end-users. Use Front Door with Azure services including Web/Mobile Apps, Cloud Services and Virtual Machines – or combine it with on-premises services for hybrid deployments and smooth cloud migration.

Below are some of the key scenarios that Azure Front Door Service addresses:

• Use Front Door to improve application scale and availability with instant multi-region failover

• Use Front Door to improve application performance with SSL offload and routing requests to the fastest available application backend.

• Use Front Door for application layer security and DDoS protection for your application.

import pulumi
import pulumi_azure as azure

example_resource_group = azure.core.ResourceGroup("exampleResourceGroup", location="EastUS2")
example_frontdoor = azure.frontdoor.Frontdoor("exampleFrontdoor",
    resource_group_name=example_resource_group.name,
    enforce_backend_pools_certificate_name_check=False,
    routing_rule=[{
        "name": "exampleRoutingRule1",
        "acceptedProtocols": [
            "Http",
            "Https",
        ],
        "patternsToMatches": ["/*"],
        "frontend_endpoints": ["exampleFrontendEndpoint1"],
        "forwarding_configuration": {
            "forwardingProtocol": "MatchRequest",
            "backendPoolName": "exampleBackendBing",
        },
    }],
    backend_pool_load_balancing=[{
        "name": "exampleLoadBalancingSettings1",
    }],
    backend_pool_health_probe=[{
        "name": "exampleHealthProbeSetting1",
    }],
    backend_pool=[{
        "name": "exampleBackendBing",
        "backend": [{
            "hostHeader": "www.bing.com",
            "address": "www.bing.com",
            "httpPort": 80,
            "httpsPort": 443,
        }],
        "loadBalancingName": "exampleLoadBalancingSettings1",
        "healthProbeName": "exampleHealthProbeSetting1",
    }],
    frontend_endpoint=[{
        "name": "exampleFrontendEndpoint1",
        "host_name": "example-FrontDoor.azurefd.net",
        "customHttpsProvisioningEnabled": False,
    }])

Parameters

• resource_name (str) – The name of the resource.

• opts (pulumi.ResourceOptions) – Options for the resource.

• backend_pool_health_probes (pulumi.Input[list]) – A backend_pool_health_probe block as defined below.

• backend_pool_load_balancings (pulumi.Input[list]) – A backend_pool_load_balancing block as defined below.

• backend_pools (pulumi.Input[list]) – A backend_pool block as defined below.

• backend_pools_send_receive_timeout_seconds (pulumi.Input[float]) – Specifies the send and receive timeout on forwarding request to the backend. When the timeout is reached, the request fails and returns. Possible values are between 0 - 240. Defaults to 60.

• enforce_backend_pools_certificate_name_check (pulumi.Input[bool]) – Enforce certificate name check on HTTPS requests to all backend pools, this setting will have no effect on HTTP requests. Permitted values are true or false.

• friendly_name (pulumi.Input[str]) – A friendly name for the Front Door service.

• frontend_endpoints (pulumi.Input[list]) – A frontend_endpoint block as defined below.

• load_balancer_enabled (pulumi.Input[bool]) – Should the Front Door Load Balancer be Enabled? Defaults to true.

• name (pulumi.Input[str]) – Specifies the name of the Front Door service. Changing this forces a new resource to be created.

• resource_group_name (pulumi.Input[str]) – Specifies the name of the Resource Group in which the Front Door service should exist. Changing this forces a new resource to be created.

• routing_rules (pulumi.Input[list]) – A routing_rule block as defined below.

• tags (pulumi.Input[dict]) – A mapping of tags to assign to the resource.

The backend_pool_health_probes object supports the following:

• enabled (pulumi.Input[bool]) - Is this health probe enabled? Dafaults to true.

• id (pulumi.Input[str]) - The ID of the FrontDoor.

• interval_in_seconds (pulumi.Input[float]) - The number of seconds between each Health Probe. Defaults to 120.

• name (pulumi.Input[str]) - Specifies the name of the Health Probe.

• path (pulumi.Input[str]) - The path to use for the Health Probe. Default is /.

• probeMethod (pulumi.Input[str]) - Specifies HTTP method the health probe uses when querying the backend pool instances. Possible values include: Get and Head. Defaults to Get.

• protocol (pulumi.Input[str]) - Protocol scheme to use for the Health Probe. Defaults to Http.

The backend_pool_load_balancings object supports the following:

• additionalLatencyMilliseconds (pulumi.Input[float]) - The additional latency in milliseconds for probes to fall into the lowest latency bucket. Defaults to 0.

• id (pulumi.Input[str]) - The ID of the FrontDoor.

• name (pulumi.Input[str]) - Specifies the name of the Load Balancer.

• sampleSize (pulumi.Input[float]) - The number of samples to consider for load balancing decisions. Defaults to 4.

• successfulSamplesRequired (pulumi.Input[float]) - The number of samples within the sample period that must succeed. Defaults to 2.

The backend_pools object supports the following:

• backends (pulumi.Input[list]) - A backend block as defined below.

  • address (pulumi.Input[str]) - Location of the backend (IP address or FQDN)

  • enabled (pulumi.Input[bool]) - Specifies if the backend is enabled or not. Valid options are true or false. Defaults to true.

  • hostHeader (pulumi.Input[str]) - The value to use as the host header sent to the backend.

  • httpPort (pulumi.Input[float]) - The HTTP TCP port number. Possible values are between 1 - 65535.

  • httpsPort (pulumi.Input[float]) - The HTTPS TCP port number. Possible values are between 1 - 65535.

  • priority (pulumi.Input[float]) - Priority to use for load balancing. Higher priorities will not be used for load balancing if any lower priority backend is healthy. Defaults to 1.

  • weight (pulumi.Input[float]) - Weight of this endpoint for load balancing purposes. Defaults to 50.

• healthProbeName (pulumi.Input[str]) - Specifies the name of the backend_pool_health_probe block whithin this resource to use for this Backend Pool.

• id (pulumi.Input[str]) - The ID of the FrontDoor.

• loadBalancingName (pulumi.Input[str]) - Specifies the name of the backend_pool_load_balancing block within this resource to use for this Backend Pool.

• name (pulumi.Input[str]) - Specifies the name of the Backend Pool.

The frontend_endpoints object supports the following:

• customHttpsConfiguration (pulumi.Input[dict]) - A custom_https_configuration block as defined below.

  • azureKeyVaultCertificateSecretName (pulumi.Input[str]) - The name of the Key Vault secret representing the full certificate PFX.

  • azureKeyVaultCertificateSecretVersion (pulumi.Input[str]) - The version of the Key Vault secret representing the full certificate PFX.

  • azureKeyVaultCertificateVaultId (pulumi.Input[str]) - The ID of the Key Vault containing the SSL certificate.

  • certificateSource (pulumi.Input[str]) - Certificate source to encrypted HTTPS traffic with. Allowed values are FrontDoor or AzureKeyVault. Defaults to FrontDoor.

  • minimum_tls_version (pulumi.Input[str]) - Minimum client TLS version supported.

  • provisioningState (pulumi.Input[str]) - Provisioning state of the Front Door.

  • provisioningSubstate (pulumi.Input[str]) - Provisioning substate of the Front Door

• customHttpsProvisioningEnabled (pulumi.Input[bool]) - Should the HTTPS protocol be enabled for a custom domain associated with the Front Door?

• host_name (pulumi.Input[str]) - Specifies the host name of the frontend_endpoint. Must be a domain name.

• id (pulumi.Input[str]) - The ID of the FrontDoor.

• name (pulumi.Input[str]) - Specifies the name of the frontend_endpoint.

• sessionAffinityEnabled (pulumi.Input[bool]) - Whether to allow session affinity on this host. Valid options are true or false Defaults to false.

• sessionAffinityTtlSeconds (pulumi.Input[float]) - The TTL to use in seconds for session affinity, if applicable. Defaults to 0.

• webApplicationFirewallPolicyLinkId (pulumi.Input[str]) - Defines the Web Application Firewall policy ID for each host.

The routing_rules object supports the following:

• acceptedProtocols (pulumi.Input[list]) - Protocol schemes to match for the Backend Routing Rule. Defaults to Http.

• enabled (pulumi.Input[bool]) - Enable or Disable use of this Backend Routing Rule. Permitted values are true or false. Defaults to true.

• forwardingConfiguration (pulumi.Input[dict]) - A forwarding_configuration block as defined below.

  • backendPoolName (pulumi.Input[str]) - Specifies the name of the Backend Pool to forward the incoming traffic to.

  • cacheEnabled (pulumi.Input[bool]) - Specifies whether to Enable caching or not. Valid options are true or false. Defaults to false.

  • cacheQueryParameterStripDirective (pulumi.Input[str]) - Defines cache behavior in releation to query string parameters. Valid options are StripAll or StripNone. Defaults to StripAll.

  • cacheUseDynamicCompression (pulumi.Input[bool]) - Whether to use dynamic compression when caching. Valid options are true or false. Defaults to false.

  • customForwardingPath (pulumi.Input[str]) - Path to use when constructing the request to forward to the backend. This functions as a URL Rewrite. Default behavior preserves the URL path.

  • forwardingProtocol (pulumi.Input[str]) - Protocol to use when redirecting. Valid options are HttpOnly, HttpsOnly, or MatchRequest. Defaults to HttpsOnly.

• frontend_endpoints (pulumi.Input[list]) - The names of the frontend_endpoint blocks whithin this resource to associate with this routing_rule.

• id (pulumi.Input[str]) - The ID of the FrontDoor.

• name (pulumi.Input[str]) - Specifies the name of the Routing Rule.

• patternsToMatches (pulumi.Input[list]) - The route patterns for the Backend Routing Rule. Defaults to /*.

• redirectConfiguration (pulumi.Input[dict]) - A redirect_configuration block as defined below.

  • customFragment (pulumi.Input[str]) - The destination fragment in the portion of URL after ‘#’. Set this to add a fragment to the redirect URL.

  • customHost (pulumi.Input[str]) - Set this to change the URL for the redirection.

  • customPath (pulumi.Input[str]) - The path to retain as per the incoming request, or update in the URL for the redirection.

  • customQueryString (pulumi.Input[str]) - Replace any existing query string from the incoming request URL.

  • redirectProtocol (pulumi.Input[str]) - Protocol to use when redirecting. Valid options are HttpOnly, HttpsOnly, or MatchRequest. Defaults to MatchRequest

  • redirectType (pulumi.Input[str]) - Status code for the redirect. Valida options are Moved, Found, TemporaryRedirect, PermanentRedirect. Defaults to Found

backend_pool_health_probes: pulumi.Output[list] = None¶

A backend_pool_health_probe block as defined below.

• enabled (bool) - Is this health probe enabled? Dafaults to true.

• id (str) - The ID of the FrontDoor.

• interval_in_seconds (float) - The number of seconds between each Health Probe. Defaults to 120.

• name (str) - Specifies the name of the Health Probe.

• path (str) - The path to use for the Health Probe. Default is /.

• probeMethod (str) - Specifies HTTP method the health probe uses when querying the backend pool instances. Possible values include: Get and Head. Defaults to Get.

• protocol (str) - Protocol scheme to use for the Health Probe. Defaults to Http.

backend_pool_load_balancings: pulumi.Output[list] = None¶

A backend_pool_load_balancing block as defined below.

• additionalLatencyMilliseconds (float) - The additional latency in milliseconds for probes to fall into the lowest latency bucket. Defaults to 0.

• id (str) - The ID of the FrontDoor.

• name (str) - Specifies the name of the Load Balancer.

• sampleSize (float) - The number of samples to consider for load balancing decisions. Defaults to 4.

• successfulSamplesRequired (float) - The number of samples within the sample period that must succeed. Defaults to 2.

backend_pools: pulumi.Output[list] = None¶

A backend_pool block as defined below.

• backends (list) - A backend block as defined below.

  • address (str) - Location of the backend (IP address or FQDN)

  • enabled (bool) - Specifies if the backend is enabled or not. Valid options are true or false. Defaults to true.

  • hostHeader (str) - The value to use as the host header sent to the backend.

  • httpPort (float) - The HTTP TCP port number. Possible values are between 1 - 65535.

  • httpsPort (float) - The HTTPS TCP port number. Possible values are between 1 - 65535.

  • priority (float) - Priority to use for load balancing. Higher priorities will not be used for load balancing if any lower priority backend is healthy. Defaults to 1.

  • weight (float) - Weight of this endpoint for load balancing purposes. Defaults to 50.

• healthProbeName (str) - Specifies the name of the backend_pool_health_probe block whithin this resource to use for this Backend Pool.

• id (str) - The ID of the FrontDoor.

• loadBalancingName (str) - Specifies the name of the backend_pool_load_balancing block within this resource to use for this Backend Pool.

• name (str) - Specifies the name of the Backend Pool.

backend_pools_send_receive_timeout_seconds: pulumi.Output[float] = None¶

Specifies the send and receive timeout on forwarding request to the backend. When the timeout is reached, the request fails and returns. Possible values are between 0 - 240. Defaults to 60.

cname: pulumi.Output[str] = None¶

The host that each frontendEndpoint must CNAME to.

enforce_backend_pools_certificate_name_check: pulumi.Output[bool] = None¶

Enforce certificate name check on HTTPS requests to all backend pools, this setting will have no effect on HTTP requests. Permitted values are true or false.

friendly_name: pulumi.Output[str] = None¶

A friendly name for the Front Door service.

frontend_endpoints: pulumi.Output[list] = None¶

A frontend_endpoint block as defined below.

• customHttpsConfiguration (dict) - A custom_https_configuration block as defined below.

  • azureKeyVaultCertificateSecretName (str) - The name of the Key Vault secret representing the full certificate PFX.

  • azureKeyVaultCertificateSecretVersion (str) - The version of the Key Vault secret representing the full certificate PFX.

  • azureKeyVaultCertificateVaultId (str) - The ID of the Key Vault containing the SSL certificate.

  • certificateSource (str) - Certificate source to encrypted HTTPS traffic with. Allowed values are FrontDoor or AzureKeyVault. Defaults to FrontDoor.

  • minimum_tls_version (str) - Minimum client TLS version supported.

  • provisioningState (str) - Provisioning state of the Front Door.

  • provisioningSubstate (str) - Provisioning substate of the Front Door

• customHttpsProvisioningEnabled (bool) - Should the HTTPS protocol be enabled for a custom domain associated with the Front Door?

• host_name (str) - Specifies the host name of the frontend_endpoint. Must be a domain name.

• id (str) - The ID of the FrontDoor.

• name (str) - Specifies the name of the frontend_endpoint.

• sessionAffinityEnabled (bool) - Whether to allow session affinity on this host. Valid options are true or false Defaults to false.

• sessionAffinityTtlSeconds (float) - The TTL to use in seconds for session affinity, if applicable. Defaults to 0.

• webApplicationFirewallPolicyLinkId (str) - Defines the Web Application Firewall policy ID for each host.

header_frontdoor_id: pulumi.Output[str] = None¶

The unique ID of the Front Door which is embedded into the incoming headers X-Azure-FDID attribute and maybe used to filter traffic sent by the Front Door to your backend.

load_balancer_enabled: pulumi.Output[bool] = None¶

Should the Front Door Load Balancer be Enabled? Defaults to true.

name: pulumi.Output[str] = None¶

Specifies the name of the Front Door service. Changing this forces a new resource to be created.

resource_group_name: pulumi.Output[str] = None¶

Specifies the name of the Resource Group in which the Front Door service should exist. Changing this forces a new resource to be created.

routing_rules: pulumi.Output[list] = None¶

A routing_rule block as defined below.

• acceptedProtocols (list) - Protocol schemes to match for the Backend Routing Rule. Defaults to Http.

• enabled (bool) - Enable or Disable use of this Backend Routing Rule. Permitted values are true or false. Defaults to true.

• forwardingConfiguration (dict) - A forwarding_configuration block as defined below.

  • backendPoolName (str) - Specifies the name of the Backend Pool to forward the incoming traffic to.

  • cacheEnabled (bool) - Specifies whether to Enable caching or not. Valid options are true or false. Defaults to false.

  • cacheQueryParameterStripDirective (str) - Defines cache behavior in releation to query string parameters. Valid options are StripAll or StripNone. Defaults to StripAll.

  • cacheUseDynamicCompression (bool) - Whether to use dynamic compression when caching. Valid options are true or false. Defaults to false.

  • customForwardingPath (str) - Path to use when constructing the request to forward to the backend. This functions as a URL Rewrite. Default behavior preserves the URL path.

  • forwardingProtocol (str) - Protocol to use when redirecting. Valid options are HttpOnly, HttpsOnly, or MatchRequest. Defaults to HttpsOnly.

• frontend_endpoints (list) - The names of the frontend_endpoint blocks whithin this resource to associate with this routing_rule.

• id (str) - The ID of the FrontDoor.

• name (str) - Specifies the name of the Routing Rule.

• patternsToMatches (list) - The route patterns for the Backend Routing Rule. Defaults to /*.

• redirectConfiguration (dict) - A redirect_configuration block as defined below.

  • customFragment (str) - The destination fragment in the portion of URL after ‘#’. Set this to add a fragment to the redirect URL.

  • customHost (str) - Set this to change the URL for the redirection.

  • customPath (str) - The path to retain as per the incoming request, or update in the URL for the redirection.

  • customQueryString (str) - Replace any existing query string from the incoming request URL.

  • redirectProtocol (str) - Protocol to use when redirecting. Valid options are HttpOnly, HttpsOnly, or MatchRequest. Defaults to MatchRequest

  • redirectType (str) - Status code for the redirect. Valida options are Moved, Found, TemporaryRedirect, PermanentRedirect. Defaults to Found

tags: pulumi.Output[dict] = None¶

A mapping of tags to assign to the resource.

static get(resource_name, id, opts=None, backend_pool_health_probes=None, backend_pool_load_balancings=None, backend_pools=None, backend_pools_send_receive_timeout_seconds=None, cname=None, enforce_backend_pools_certificate_name_check=None, friendly_name=None, frontend_endpoints=None, header_frontdoor_id=None, load_balancer_enabled=None, location=None, name=None, resource_group_name=None, routing_rules=None, tags=None)¶

Get an existing Frontdoor resource’s state with the given name, id, and optional extra properties used to qualify the lookup.

Parameters

• resource_name (str) – The unique name of the resulting resource.

• id (str) – The unique provider ID of the resource to lookup.

• opts (pulumi.ResourceOptions) – Options for the resource.

• backend_pool_health_probes (pulumi.Input[list]) – A backend_pool_health_probe block as defined below.

• backend_pool_load_balancings (pulumi.Input[list]) – A backend_pool_load_balancing block as defined below.

• backend_pools (pulumi.Input[list]) – A backend_pool block as defined below.

• backend_pools_send_receive_timeout_seconds (pulumi.Input[float]) – Specifies the send and receive timeout on forwarding request to the backend. When the timeout is reached, the request fails and returns. Possible values are between 0 - 240. Defaults to 60.

• cname (pulumi.Input[str]) – The host that each frontendEndpoint must CNAME to.

• enforce_backend_pools_certificate_name_check (pulumi.Input[bool]) – Enforce certificate name check on HTTPS requests to all backend pools, this setting will have no effect on HTTP requests. Permitted values are true or false.

• friendly_name (pulumi.Input[str]) – A friendly name for the Front Door service.

• frontend_endpoints (pulumi.Input[list]) – A frontend_endpoint block as defined below.

• header_frontdoor_id (pulumi.Input[str]) – The unique ID of the Front Door which is embedded into the incoming headers X-Azure-FDID attribute and maybe used to filter traffic sent by the Front Door to your backend.

• load_balancer_enabled (pulumi.Input[bool]) – Should the Front Door Load Balancer be Enabled? Defaults to true.

• name (pulumi.Input[str]) – Specifies the name of the Front Door service. Changing this forces a new resource to be created.

• resource_group_name (pulumi.Input[str]) – Specifies the name of the Resource Group in which the Front Door service should exist. Changing this forces a new resource to be created.

• routing_rules (pulumi.Input[list]) – A routing_rule block as defined below.

• tags (pulumi.Input[dict]) – A mapping of tags to assign to the resource.

The backend_pool_health_probes object supports the following:

• enabled (pulumi.Input[bool]) - Is this health probe enabled? Dafaults to true.

• id (pulumi.Input[str]) - The ID of the FrontDoor.

• interval_in_seconds (pulumi.Input[float]) - The number of seconds between each Health Probe. Defaults to 120.

• name (pulumi.Input[str]) - Specifies the name of the Health Probe.

• path (pulumi.Input[str]) - The path to use for the Health Probe. Default is /.

• probeMethod (pulumi.Input[str]) - Specifies HTTP method the health probe uses when querying the backend pool instances. Possible values include: Get and Head. Defaults to Get.

• protocol (pulumi.Input[str]) - Protocol scheme to use for the Health Probe. Defaults to Http.

The backend_pool_load_balancings object supports the following:

• additionalLatencyMilliseconds (pulumi.Input[float]) - The additional latency in milliseconds for probes to fall into the lowest latency bucket. Defaults to 0.

• id (pulumi.Input[str]) - The ID of the FrontDoor.

• name (pulumi.Input[str]) - Specifies the name of the Load Balancer.

• sampleSize (pulumi.Input[float]) - The number of samples to consider for load balancing decisions. Defaults to 4.

• successfulSamplesRequired (pulumi.Input[float]) - The number of samples within the sample period that must succeed. Defaults to 2.

The backend_pools object supports the following:

• backends (pulumi.Input[list]) - A backend block as defined below.

  • address (pulumi.Input[str]) - Location of the backend (IP address or FQDN)

  • enabled (pulumi.Input[bool]) - Specifies if the backend is enabled or not. Valid options are true or false. Defaults to true.

  • hostHeader (pulumi.Input[str]) - The value to use as the host header sent to the backend.

  • httpPort (pulumi.Input[float]) - The HTTP TCP port number. Possible values are between 1 - 65535.

  • httpsPort (pulumi.Input[float]) - The HTTPS TCP port number. Possible values are between 1 - 65535.

  • priority (pulumi.Input[float]) - Priority to use for load balancing. Higher priorities will not be used for load balancing if any lower priority backend is healthy. Defaults to 1.

  • weight (pulumi.Input[float]) - Weight of this endpoint for load balancing purposes. Defaults to 50.

• healthProbeName (pulumi.Input[str]) - Specifies the name of the backend_pool_health_probe block whithin this resource to use for this Backend Pool.

• id (pulumi.Input[str]) - The ID of the FrontDoor.

• loadBalancingName (pulumi.Input[str]) - Specifies the name of the backend_pool_load_balancing block within this resource to use for this Backend Pool.

• name (pulumi.Input[str]) - Specifies the name of the Backend Pool.

The frontend_endpoints object supports the following:

• customHttpsConfiguration (pulumi.Input[dict]) - A custom_https_configuration block as defined below.

  • azureKeyVaultCertificateSecretName (pulumi.Input[str]) - The name of the Key Vault secret representing the full certificate PFX.

  • azureKeyVaultCertificateSecretVersion (pulumi.Input[str]) - The version of the Key Vault secret representing the full certificate PFX.

  • azureKeyVaultCertificateVaultId (pulumi.Input[str]) - The ID of the Key Vault containing the SSL certificate.

  • certificateSource (pulumi.Input[str]) - Certificate source to encrypted HTTPS traffic with. Allowed values are FrontDoor or AzureKeyVault. Defaults to FrontDoor.

  • minimum_tls_version (pulumi.Input[str]) - Minimum client TLS version supported.

  • provisioningState (pulumi.Input[str]) - Provisioning state of the Front Door.

  • provisioningSubstate (pulumi.Input[str]) - Provisioning substate of the Front Door

• customHttpsProvisioningEnabled (pulumi.Input[bool]) - Should the HTTPS protocol be enabled for a custom domain associated with the Front Door?

• host_name (pulumi.Input[str]) - Specifies the host name of the frontend_endpoint. Must be a domain name.

• id (pulumi.Input[str]) - The ID of the FrontDoor.

• name (pulumi.Input[str]) - Specifies the name of the frontend_endpoint.

• sessionAffinityEnabled (pulumi.Input[bool]) - Whether to allow session affinity on this host. Valid options are true or false Defaults to false.

• sessionAffinityTtlSeconds (pulumi.Input[float]) - The TTL to use in seconds for session affinity, if applicable. Defaults to 0.

• webApplicationFirewallPolicyLinkId (pulumi.Input[str]) - Defines the Web Application Firewall policy ID for each host.

The routing_rules object supports the following:

• acceptedProtocols (pulumi.Input[list]) - Protocol schemes to match for the Backend Routing Rule. Defaults to Http.

• enabled (pulumi.Input[bool]) - Enable or Disable use of this Backend Routing Rule. Permitted values are true or false. Defaults to true.

• forwardingConfiguration (pulumi.Input[dict]) - A forwarding_configuration block as defined below.

  • backendPoolName (pulumi.Input[str]) - Specifies the name of the Backend Pool to forward the incoming traffic to.

  • cacheEnabled (pulumi.Input[bool]) - Specifies whether to Enable caching or not. Valid options are true or false. Defaults to false.

  • cacheQueryParameterStripDirective (pulumi.Input[str]) - Defines cache behavior in releation to query string parameters. Valid options are StripAll or StripNone. Defaults to StripAll.

  • cacheUseDynamicCompression (pulumi.Input[bool]) - Whether to use dynamic compression when caching. Valid options are true or false. Defaults to false.

  • customForwardingPath (pulumi.Input[str]) - Path to use when constructing the request to forward to the backend. This functions as a URL Rewrite. Default behavior preserves the URL path.

  • forwardingProtocol (pulumi.Input[str]) - Protocol to use when redirecting. Valid options are HttpOnly, HttpsOnly, or MatchRequest. Defaults to HttpsOnly.

• frontend_endpoints (pulumi.Input[list]) - The names of the frontend_endpoint blocks whithin this resource to associate with this routing_rule.

• id (pulumi.Input[str]) - The ID of the FrontDoor.

• name (pulumi.Input[str]) - Specifies the name of the Routing Rule.

• patternsToMatches (pulumi.Input[list]) - The route patterns for the Backend Routing Rule. Defaults to /*.

• redirectConfiguration (pulumi.Input[dict]) - A redirect_configuration block as defined below.

  • customFragment (pulumi.Input[str]) - The destination fragment in the portion of URL after ‘#’. Set this to add a fragment to the redirect URL.

  • customHost (pulumi.Input[str]) - Set this to change the URL for the redirection.

  • customPath (pulumi.Input[str]) - The path to retain as per the incoming request, or update in the URL for the redirection.

  • customQueryString (pulumi.Input[str]) - Replace any existing query string from the incoming request URL.

  • redirectProtocol (pulumi.Input[str]) - Protocol to use when redirecting. Valid options are HttpOnly, HttpsOnly, or MatchRequest. Defaults to MatchRequest

  • redirectType (pulumi.Input[str]) - Status code for the redirect. Valida options are Moved, Found, TemporaryRedirect, PermanentRedirect. Defaults to Found

translate_output_property(prop)¶

Provides subclasses of Resource an opportunity to translate names of output properties into a format of their choosing before writing those properties to the resource object.

Parameters

prop (str) – A property name.

Returns

A potentially transformed property name.

Return type

str

translate_input_property(prop)¶

Provides subclasses of Resource an opportunity to translate names of input properties into a format of their choosing before sending those properties to the Pulumi engine.

Parameters

prop (str) – A property name.

Returns

A potentially transformed property name.

Return type

str