You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: docs/resources/rules_settings.md
+26-25Lines changed: 26 additions & 25 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -3,20 +3,19 @@ layout: "wallarm"
3
3
page_title: "Wallarm: wallarm_rules_settings"
4
4
subcategory: "Common"
5
5
description: |-
6
-
Provides the resource to manage rules settings of the company.
6
+
Provides the resource to manage Wallarm traffic processing rules.
7
7
---
8
8
9
9
# wallarm_rules_settings
10
10
11
-
Provides the resource to manage rules settings of the company.
11
+
Provides the resource for managing [rules][2]. Wallarm rules are used to fine-tune the behavior of the system during the analysis of requests and their further processing in the post-analysis module as well as in the Wallarm Cloud.
12
12
13
13
## Duplicates
14
-
Every client can have only one wallarm_rules_settings resource.
15
-
Unfortunately, terraform doesn't support singleton resources.
16
-
Therefore, you must ensure that there is no more than one resource per client in your configuration.
17
-
Otherwise, the terraform provider will merge them and send them as one resource. Priority for identical fields will be random.
18
14
19
-
Let's break down the merge rules using the following configuration:
15
+
Every client can have only one `wallarm_rules_settings` resource. As Terraform does not support singleton resources, you must ensure that there is no more than one resource per client in your configuration. Otherwise, the Terraform provider will merge and send them as one resource, and the priority for the identical fields will be random.
16
+
17
+
The following configuration shows how to avoid merging configurations of different clients:
*`client_id` - (optional) ID of the client which is a partner for the created tenant. By default, this argument has the value of the current client ID.
106
-
*`min_lom_format` - (optional) Minimal Custom Ruleset format that will be compiled.
107
-
*`max_lom_format` - (optional) Maximum Custom Ruleset format that will be compiled.
108
-
*`max_lom_size` - (optional) Maximum size of Custom Ruleset size in bytes.
109
-
*`lom_disabled` - (optional) Field determining whether Custom Ruleset is compiled.
110
-
*`lom_compilation_delay` - (optional) Delay before Custom Ruleset compilition.
111
-
*`rules_snapshot_enabled` - (optional) Field determining whether rules snapshots are created during Custom Ruleset compilation.
112
-
*`rules_snapshot_max_count` - (optional) Maximum count of rules snapshot stored in wallarm.
113
-
*`rules_manipulation_locked` - (optional) Field determining whether rules might changed.
114
-
*`heavy_lom` - (optional) Field determining whether Custom Ruleset is compiled in special queue for huge rulesets.
115
-
*`parameters_count_weight` - (optional) [Risk Score][1] weight of query and body parameters. The more parameters, the more potential malicious payloads.
116
-
*`path_variativity_weight` - (optional) [Risk Score][1] weight of potential vulnerabilites to BOLA. Variable path parts make the endpoint a potential target of BOLA (IDOR) attacks.
117
-
*`pii_weight` - (optional) [Risk Score][1] weight of parameters with sensitive data. Parameters with sensitive data are always at risk of exposure.
118
-
*`request_content_weight` - (optional) [Risk Score][1] weight of uploading files to server. Attackers may be able to attack servers by uploading files containing malicious code.
119
-
*`open_vulns_weight` - (optional) [Risk Score][1] weight of active vulnerabilities. Active vulnerabilities may result in unauthorized data access or corruption.
120
-
*`serialized_data_weight` - (optional) [Risk Score][1] weight of accepting XML / JSON objects. XML / JSON objects are often used to transfer malicious payloads to attack servers.
121
-
*`risk_score_algo` - (optional) Method of [Risk Score][1]calulation. Specify how the risk score calculation should be performed. Available values: maximum, average.
122
-
*`pii_fallback` - (optional) Field determining whether fallback mechanism for PII detection is active.
106
+
*`min_lom_format` - (optional) minimal custom ruleset format that will be compiled.
107
+
*`max_lom_format` - (optional) maximum custom ruleset format that will be compiled.
108
+
*`max_lom_size` - (optional) maximum size of a custom ruleset size in bytes.
109
+
*`lom_disabled` - (optional) forbids a custom ruleset compilation to prevent rule updates on nodes.
110
+
*`lom_compilation_delay` - (optional) delay before a custom ruleset compilation.
111
+
*`rules_snapshot_enabled` - (optional) defines whether the rule snapshots are created during custom ruleset compilation.
112
+
*`rules_snapshot_max_count` - (optional) maximum count of rules snapshot stored in wallarm.
*`heavy_lom` - (optional) defines whether a custom ruleset is compiled in special queue for huge rulesets.
115
+
*`parameters_count_weight` - (optional) [risk score][1] weight of query and body parameters. The more parameters, the more potential malicious payloads.
116
+
*`path_variativity_weight` - (optional) [risk score][1] weight of potential vulnerabilities to BOLA: variable path parts make the endpoint a potential target for BOLA (IDOR) attacks.
117
+
*`pii_weight` - (optional) [risk score][1] weight of parameters with sensitive data. Parameters with sensitive data are always at risk of exposure.
118
+
*`request_content_weight` - (optional) [risk score][1] weight of uploading files to server. Attackers may be able to attack servers by uploading files containing malicious code.
119
+
*`open_vulns_weight` - (optional) [risk score][1] weight of active vulnerabilities. Active vulnerabilities may result in unauthorized data access or corruption.
120
+
*`serialized_data_weight` - (optional) [risk score][1] weight of accepting XML / JSON objects. XML / JSON objects are often used to transfer malicious payloads to attack servers.
121
+
*`risk_score_algo` - (optional) method of [risk score][1]calculation. Specify how the risk score calculation should be performed. Available values: maximum, average.
122
+
*`pii_fallback` - (optional) defines whether fallback mechanism for PII detection is active.
0 commit comments