Skip to content

Commit

Permalink
azurerm_web_application_firewall_policy - remove disabled_rules f…
Browse files Browse the repository at this point in the history 
…rom tests (#27104)

* azurerm_web_application_firewall_policy - remove disabled_rules from tests

* terrafmt
  • Loading branch information
@mbfrahry
mbfrahry authored Aug 20, 2024
1 parent fdc7124 commit 5ea01bb
Show file tree
Hide file tree
Showing 2 changed files with 146 additions and 69 deletions.
213 changes: 145 additions & 68 deletions internal/services/network/web_application_firewall_policy_resource_test.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -888,13 +888,22 @@ resource "azurerm_web_application_firewall_policy" "test" {
version = "3.2"
rule_group_override {
disabled_rules = [
"800112",
"800111",
"800110",
"800100",
"800113",
]
rule {
id = "800112"
}
rule {
id = "800111"
}
rule {
id = "800110"
}
rule {
id = "800100"
}
rule {
id = "800113"
}
rule_group_name = "Known-CVEs"
}
}
Expand Down Expand Up @@ -994,10 +1003,12 @@ resource "azurerm_web_application_firewall_policy" "test" {
rule_group_override {
rule_group_name = "REQUEST-920-PROTOCOL-ENFORCEMENT"
disabled_rules = [
"920300",
"920440",
]
rule {
id = "920300"
}
rule {
id = "920440"
}
}
}
}
Expand Down Expand Up @@ -1053,10 +1064,12 @@ resource "azurerm_web_application_firewall_policy" "test" {
rule_group_override {
rule_group_name = "REQUEST-920-PROTOCOL-ENFORCEMENT"
disabled_rules = [
"920300",
"920440",
]
rule {
id = "920300"
}
rule {
id = "920440"
}
}
}
}
Expand Down Expand Up @@ -1168,10 +1181,12 @@ resource "azurerm_web_application_firewall_policy" "test" {
rule_group_override {
rule_group_name = "REQUEST-920-PROTOCOL-ENFORCEMENT"
disabled_rules = [
"920300",
"920440",
]
rule {
id = "920300"
}
rule {
id = "920440"
}
}
}
}
Expand Down Expand Up @@ -1215,42 +1230,72 @@ resource "azurerm_web_application_firewall_policy" "test" {
rule_group_override {
rule_group_name = "REQUEST-931-APPLICATION-ATTACK-RFI"
disabled_rules = ["931130"]
rule {
id = "931130"
}
}
rule_group_override {
rule_group_name = "REQUEST-920-PROTOCOL-ENFORCEMENT"
disabled_rules = [
"920320", # Missing User Agent Header
"920230" # Multiple URL Encoding Detected
]
rule {
id = "920320"
}
rule {
id = "920230"
}
}
rule_group_override {
rule_group_name = "REQUEST-942-APPLICATION-ATTACK-SQLI"
disabled_rules = [
"942450",
"942430",
"942440",
"942370",
"942340",
"942260",
"942200",
"942330",
"942120",
"942110",
"942150",
"942410",
"942130",
"942100"
]
rule {
id = "942450"
}
rule {
id = "942430"
}
rule {
id = "942440"
}
rule {
id = "942370"
}
rule {
id = "942340"
}
rule {
id = "942260"
}
rule {
id = "942200"
}
rule {
id = "942330"
}
rule {
id = "942120"
}
rule {
id = "942110"
}
rule {
id = "942150"
}
rule {
id = "942410"
}
rule {
id = "942130"
}
rule {
id = "942100"
}
}
rule_group_override {
rule_group_name = "REQUEST-941-APPLICATION-ATTACK-XSS"
disabled_rules = [
"941340"
]
rule {
id = "941340"
}
}
}
}
Expand Down Expand Up @@ -1289,48 +1334,80 @@ resource "azurerm_web_application_firewall_policy" "test" {
rule_group_override {
rule_group_name = "REQUEST-931-APPLICATION-ATTACK-RFI"
disabled_rules = ["931130"]
rule {
id = "931130"
}
}
rule_group_override {
rule_group_name = "REQUEST-920-PROTOCOL-ENFORCEMENT"
disabled_rules = [
"920320", # Missing User Agent Header
"920230" # Multiple URL Encoding Detected
]
rule {
id = "920320"
}
rule {
id = "920230"
}
}
#NEW BLOCK
rule_group_override {
rule_group_name = "REQUEST-932-APPLICATION-ATTACK-RCE"
disabled_rules = ["932100"]
rule {
id = "932100"
}
}
rule_group_override {
rule_group_name = "REQUEST-942-APPLICATION-ATTACK-SQLI"
disabled_rules = [
"942450",
"942430",
"942440",
"942370",
"942340",
"942260",
"942200",
"942330",
"942120",
"942110",
"942150",
"942410",
"942130",
"942100"
]
rule {
id = "942450"
}
rule {
id = "942430"
}
rule {
id = "942440"
}
rule {
id = "942370"
}
rule {
id = "942340"
}
rule {
id = "942260"
}
rule {
id = "942200"
}
rule {
id = "942330"
}
rule {
id = "942120"
}
rule {
id = "942110"
}
rule {
id = "942150"
}
rule {
id = "942410"
}
rule {
id = "942130"
}
rule {
id = "942100"
}
}
rule_group_override {
rule_group_name = "REQUEST-941-APPLICATION-ATTACK-XSS"
disabled_rules = [
"941340"
]
rule {
id = "941340"
}
}
}
}
Expand Down
2 changes: 1 addition & 1 deletion website/docs/r/communication_service_email_domain_association.html.markdown
View file
Original file line number Diff line number Diff line change
Expand Up @@ -71,4 +71,4 @@ Communication service email domain association can be imported using the `resour

```shell
terraform import azurerm_communication_service_email_domain_association.example "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/group1/providers/Microsoft.Communication/communicationServices/communicationService1|/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/group1/providers/Microsoft.Communication/emailServices/emailCommunicationService1/domains/domain1"
```
```

0 comments on commit 5ea01bb

Please sign in to comment.