Avi WafPolicy Object API

##CLI## ``` - configure wafpolicy - show wafpolicy ```
More information: https://avinetworks.com/contact-us
Contact Info: support@avinetworks.com
Version: 17.2.4
BasePath:/api
All rights reserved
http://apache.org/licenses/LICENSE-2.0.html

Access

  1. HTTP Basic Authentication

Methods

[ Jump to Models ]

Table of Contents

  1. get /wafpolicy
  2. post /wafpolicy
  3. delete /wafpolicy/{uuid}
  4. get /wafpolicy/{uuid}
  5. patch /wafpolicy/{uuid}
  6. put /wafpolicy/{uuid}
Up
get /wafpolicy
( wafpolicyGet)

Consumes

This API call consumes the following media types via the Content-Type request header:

Query parameters

name (optional)
Query Parameter — object name
refers_to (optional)
Query Parameter — Filter to request all objects that refers to another Avi resource. Its syntax is refers_to=<obj_type>:<obj_uuid>. Eg. get all virtual services referring to pool p1 will be refers_to=pool:pool_p1_uuid
referred_by (optional)
Query Parameter — Filter to request all objects that are referred by another Avi resource. Its syntax is referred_by=<obj_type>:<obj_uuid>. Eg. get all pools referred_by virtual service vs1 - referred_by=virtualservice:vs_vs1_uuid
fields (optional)
Query Parameter — List of fields to be returned for the resource. Some fields like name, URL, uuid etc. are always returned.
include_name (optional)
Query Parameter — All the Avi REST reference URIs have a name suffix as URI#name. It is useful to get the referenced resource name without performing get on that object.
join_subresources (optional)
Query Parameter — It automatically returns additional dependent resources like runtime. Eg. join_subresources=runtime.

Return type

WafPolicyApiResponse

Example data

Content-Type: application/json
{
  "count" : 123,
  "results" : [ {
    "mode" : "aeiou",
    "pre_crs_groups" : [ "" ],
    "tenant_ref" : "aeiou",
    "name" : "aeiou",
    "description" : "aeiou",
    "post_crs_groups" : [ "" ],
    "crs_groups" : [ {
      "enable" : true,
      "name" : "aeiou",
      "index" : 123,
      "rules" : [ {
        "rule_id" : "aeiou",
        "enable" : true,
        "name" : "aeiou",
        "index" : 123,
        "rule" : "aeiou",
        "exclude_list" : [ "" ]
      } ],
      "exclude_list" : [ {
        "client_subnet" : {
          "ip_addr" : {
            "addr" : "aeiou",
            "type" : "aeiou"
          },
          "mask" : 123
        },
        "match_element" : "aeiou",
        "uri_path" : "aeiou"
      } ]
    } ],
    "created_by" : "aeiou",
    "uuid" : "aeiou",
    "url" : "aeiou",
    "paranoia_level" : "aeiou",
    "waf_profile_ref" : "aeiou"
  } ]
}

Produces

This API call produces the following media types according to the Accept request header; the media type will be conveyed by the Content-Type response header.

Responses

200

OK WafPolicyApiResponse

401

log in failed

Up
post /wafpolicy
( wafpolicyPost)

Consumes

This API call consumes the following media types via the Content-Type request header:

Request body

body (required)
Body Parameter — WafPolicy object creation

Return type

WafPolicy

Example data

Content-Type: application/json
{
  "mode" : "aeiou",
  "pre_crs_groups" : [ "" ],
  "tenant_ref" : "aeiou",
  "name" : "aeiou",
  "description" : "aeiou",
  "post_crs_groups" : [ "" ],
  "crs_groups" : [ {
    "enable" : true,
    "name" : "aeiou",
    "index" : 123,
    "rules" : [ {
      "rule_id" : "aeiou",
      "enable" : true,
      "name" : "aeiou",
      "index" : 123,
      "rule" : "aeiou",
      "exclude_list" : [ "" ]
    } ],
    "exclude_list" : [ {
      "client_subnet" : {
        "ip_addr" : {
          "addr" : "aeiou",
          "type" : "aeiou"
        },
        "mask" : 123
      },
      "match_element" : "aeiou",
      "uri_path" : "aeiou"
    } ]
  } ],
  "created_by" : "aeiou",
  "uuid" : "aeiou",
  "url" : "aeiou",
  "paranoia_level" : "aeiou",
  "waf_profile_ref" : "aeiou"
}

Produces

This API call produces the following media types according to the Accept request header; the media type will be conveyed by the Content-Type response header.

Responses

200

OK WafPolicy

401

log in failed

Up
delete /wafpolicy/{uuid}
( wafpolicyUuidDelete)

Path parameters

uuid (required)
Path Parameter — UUID of the object to fetch

Consumes

This API call consumes the following media types via the Content-Type request header:

Query parameters

name (optional)
Query Parameter — object name

Return type

String

Example data

Content-Type: application/json
"aeiou"

Produces

This API call produces the following media types according to the Accept request header; the media type will be conveyed by the Content-Type response header.

Responses

204

object deleted String

404

not found

Up
get /wafpolicy/{uuid}
( wafpolicyUuidGet)

Path parameters

uuid (required)
Path Parameter — UUID of the object to fetch

Consumes

This API call consumes the following media types via the Content-Type request header:

Query parameters

name (optional)
Query Parameter — object name
fields (optional)
Query Parameter — List of fields to be returned for the resource. Some fields like name, URL, uuid etc. are always returned.
include_name (optional)
Query Parameter — All the Avi REST reference URIs have a name suffix as URI#name. It is useful to get the referenced resource name without performing get on that object.
join_subresources (optional)
Query Parameter — It automatically returns additional dependent resources like runtime. Eg. join_subresources=runtime.

Return type

WafPolicy

Example data

Content-Type: application/json
{
  "mode" : "aeiou",
  "pre_crs_groups" : [ "" ],
  "tenant_ref" : "aeiou",
  "name" : "aeiou",
  "description" : "aeiou",
  "post_crs_groups" : [ "" ],
  "crs_groups" : [ {
    "enable" : true,
    "name" : "aeiou",
    "index" : 123,
    "rules" : [ {
      "rule_id" : "aeiou",
      "enable" : true,
      "name" : "aeiou",
      "index" : 123,
      "rule" : "aeiou",
      "exclude_list" : [ "" ]
    } ],
    "exclude_list" : [ {
      "client_subnet" : {
        "ip_addr" : {
          "addr" : "aeiou",
          "type" : "aeiou"
        },
        "mask" : 123
      },
      "match_element" : "aeiou",
      "uri_path" : "aeiou"
    } ]
  } ],
  "created_by" : "aeiou",
  "uuid" : "aeiou",
  "url" : "aeiou",
  "paranoia_level" : "aeiou",
  "waf_profile_ref" : "aeiou"
}

Produces

This API call produces the following media types according to the Accept request header; the media type will be conveyed by the Content-Type response header.

Responses

200

OK WafPolicy

401

log in failed

Up
patch /wafpolicy/{uuid}
( wafpolicyUuidPatch)

Path parameters

uuid (required)
Path Parameter — UUID of the object to fetch

Consumes

This API call consumes the following media types via the Content-Type request header:

Request body

body (required)
Body Parameter — WafPolicy object creation

Query parameters

name (optional)
Query Parameter — object name

Return type

WafPolicy

Example data

Content-Type: application/json
{
  "mode" : "aeiou",
  "pre_crs_groups" : [ "" ],
  "tenant_ref" : "aeiou",
  "name" : "aeiou",
  "description" : "aeiou",
  "post_crs_groups" : [ "" ],
  "crs_groups" : [ {
    "enable" : true,
    "name" : "aeiou",
    "index" : 123,
    "rules" : [ {
      "rule_id" : "aeiou",
      "enable" : true,
      "name" : "aeiou",
      "index" : 123,
      "rule" : "aeiou",
      "exclude_list" : [ "" ]
    } ],
    "exclude_list" : [ {
      "client_subnet" : {
        "ip_addr" : {
          "addr" : "aeiou",
          "type" : "aeiou"
        },
        "mask" : 123
      },
      "match_element" : "aeiou",
      "uri_path" : "aeiou"
    } ]
  } ],
  "created_by" : "aeiou",
  "uuid" : "aeiou",
  "url" : "aeiou",
  "paranoia_level" : "aeiou",
  "waf_profile_ref" : "aeiou"
}

Produces

This API call produces the following media types according to the Accept request header; the media type will be conveyed by the Content-Type response header.

Responses

200

OK WafPolicy

401

log in failed

Up
put /wafpolicy/{uuid}
( wafpolicyUuidPut)

Path parameters

uuid (required)
Path Parameter — UUID of the object to fetch

Consumes

This API call consumes the following media types via the Content-Type request header:

Request body

body (required)
Body Parameter — WafPolicy object creation

Query parameters

name (optional)
Query Parameter — object name

Return type

WafPolicy

Example data

Content-Type: application/json
{
  "mode" : "aeiou",
  "pre_crs_groups" : [ "" ],
  "tenant_ref" : "aeiou",
  "name" : "aeiou",
  "description" : "aeiou",
  "post_crs_groups" : [ "" ],
  "crs_groups" : [ {
    "enable" : true,
    "name" : "aeiou",
    "index" : 123,
    "rules" : [ {
      "rule_id" : "aeiou",
      "enable" : true,
      "name" : "aeiou",
      "index" : 123,
      "rule" : "aeiou",
      "exclude_list" : [ "" ]
    } ],
    "exclude_list" : [ {
      "client_subnet" : {
        "ip_addr" : {
          "addr" : "aeiou",
          "type" : "aeiou"
        },
        "mask" : 123
      },
      "match_element" : "aeiou",
      "uri_path" : "aeiou"
    } ]
  } ],
  "created_by" : "aeiou",
  "uuid" : "aeiou",
  "url" : "aeiou",
  "paranoia_level" : "aeiou",
  "waf_profile_ref" : "aeiou"
}

Produces

This API call produces the following media types according to the Accept request header; the media type will be conveyed by the Content-Type response header.

Responses

200

OK WafPolicy

401

log in failed

Up

Models

[ Jump to Methods ]

Table of Contents

  1. IpAddr
  2. IpAddrPrefix
  3. WafExcludeListEntry
  4. WafPolicy
  5. WafPolicyApiResponse
  6. WafRule
  7. WafRuleGroup

IpAddr Up

addr
String IP address.
type
String Enum options - V4, DNS.

IpAddrPrefix Up

ip_addr
IpAddr Placeholder for description of property ip_addr of obj type IpAddrPrefix field type str type object
mask
Integer Number of mask. format: int32

WafExcludeListEntry Up

client_subnet (optional)
IpAddrPrefix Client IP Subnet to exclude for WAF rules. Field introduced in 17.2.1.
match_element (optional)
String match_element can be 'ARGS xxx', 'ARGS_GET xxx', 'ARGS_POST xxx''ARGS_NAMES xxx, 'QUERY_STRING', 'REQUEST_BASENAME', 'REQUEST_BODY', 'REQUEST_URI', 'REQUEST_URI_RAW', 'REQUEST_COOKIES xxx', 'REQUEST_HEADERS xxx' and 'RESPONSE_HEADERS xxx'. These match_elements in the HTTP Transcation (if present) will be excluded when executing WAF Rules. Field introduced in 17.2.1.
uri_path (optional)
String URI Path to exclude for WAF rules. Field introduced in 17.2.1.

WafPolicy Up

created_by (optional)
String Creator name. Field introduced in 17.2.4.
crs_groups (optional)
array[WafRuleGroup] WAF Rules are categorized in to groups based on their characterization. These groups are system created with CRS groups. Field introduced in 17.2.1.
description (optional)
String Field introduced in 17.2.1.
mode
String WAF Policy mode. This can be detection or enforcement. Enum options - WAF_MODE_DETECTION_ONLY, WAF_MODE_ENFORCEMENT. Field introduced in 17.2.1.
name
String Field introduced in 17.2.1.
paranoia_level (optional)
String WAF Ruleset paranoia mode. This is used to select Rules based on the paranoia-level tag. Enum options - WAF_PARANOIA_LEVEL_LOW, WAF_PARANOIA_LEVEL_MEDIUM, WAF_PARANOIA_LEVEL_HIGH, WAF_PARANOIA_LEVEL_EXTREME. Field introduced in 17.2.1.
post_crs_groups (optional)
array[WafRuleGroup] WAF Rules are categorized in to groups based on their characterization. These groups are created by the user and will be enforced after the CRS groups. Field introduced in 17.2.1.
pre_crs_groups (optional)
array[WafRuleGroup] WAF Rules are categorized in to groups based on their characterization. These groups are created by the user and will be enforced before the CRS groups. Field introduced in 17.2.1.
tenant_ref (optional)
String It is a reference to an object of type Tenant. Field introduced in 17.2.1.
url (optional)
String url
uuid (optional)
String Field introduced in 17.2.1.
waf_profile_ref
String WAF Profile for WAF policy. It is a reference to an object of type WafProfile. Field introduced in 17.2.1.

WafPolicyApiResponse Up

count
Integer format: int32
results

WafRule Up

enable
Boolean Enable or disable WAF Rule Group. Field introduced in 17.2.1.
exclude_list (optional)
array[WafExcludeListEntry] Exclude list for the WAF rule. The fields in the exclude list entry are logically and'ed to deduce the exclusion criteria. If there are multiple excludelist entries, it will be 'logical or' of them. Field introduced in 17.2.3.
index
Integer Field introduced in 17.2.1. format: int32
name (optional)
String User-friendly optional name for a rule. Field introduced in 17.2.1.
rule
String Rule as per Modsec language. Field introduced in 17.2.1.
rule_id (optional)
String Identifier (id) for a rule per Modsec language. All SecRule and SecAction directives require an id. It is extracted from the id action in a ModSec rule. Rules within a single WAF Policy are required to have unique rule_ids. Field introduced in 17.2.2.

WafRuleGroup Up

enable
Boolean Enable or disable WAF Rule Group. Field introduced in 17.2.1.
exclude_list (optional)
array[WafExcludeListEntry] Exclude list for the WAF rule group. The fields in the exclude list entry are logically and'ed to deduce the exclusion criteria. If there are multiple excludelist entries, it will be 'logical or' of them. Field introduced in 17.2.1.
index
Integer Field introduced in 17.2.1. format: int32
name
String Field introduced in 17.2.1.
rules (optional)
array[WafRule] Rules as per Modsec language. Field introduced in 17.2.1.