你当前正在访问 Microsoft Azure Global Edition 技术文档网站。 如果需要访问由世纪互联运营的 Microsoft Azure 中国技术文档网站,请访问 https://docs.azure.cn。
New-AzFrontDoorWafPolicy
Create WAF policy
Syntax
New-AzFrontDoorWafPolicy
-ResourceGroupName <String>
-Name <String>
[-EnabledState <PSEnabledState>]
[-Mode <String>]
[-Customrule <PSCustomRule[]>]
[-ManagedRule <PSManagedRule[]>]
[-RedirectUrl <String>]
[-CustomBlockResponseStatusCode <Int32>]
[-CustomBlockResponseBody <String>]
[-Tag <Hashtable>]
[-RequestBodyCheck <String>]
[-Sku <String>]
[-LogScrubbingSetting <PSFrontDoorWafLogScrubbingSetting>]
[-JavascriptChallengeExpirationInMinutes <Int32>]
[-DefaultProfile <IAzureContextContainer>]
[-WhatIf]
[-Confirm]
[<CommonParameters>]
Description
The New-AzFrontDoorWafPolicy cmdlet creates a new Azure WAF policy in the specified resource group under current subscription
Examples
Example 1: Create WAF policy
New-AzFrontDoorWafPolicy -Name $policyName -ResourceGroupName $resourceGroupName -Customrule $customRule1,$customRule2 -ManagedRule $managedRule1 -EnabledState Enabled -Mode Prevention -RedirectUrl "https://www.bing.com/" -CustomBlockResponseStatusCode 405 -CustomBlockResponseBody "<html><head><title>You are blocked!</title></head><body></body></html>"
Name PolicyMode PolicyEnabledState RedirectUrl
---- ---------- ------------------ -----------
{policyName} Prevention Enabled https://www.bing.com/
Create WAF policy
Parameters
-Confirm
Prompts you for confirmation before running the cmdlet.
Type: | SwitchParameter |
Aliases: | cf |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-CustomBlockResponseBody
Custom Response Body
Type: | String |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-CustomBlockResponseStatusCode
Custom Response Status Code
Type: | Int32 |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-Customrule
Custom rules inside the policy
Type: | PSCustomRule[] |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-DefaultProfile
The credentials, account, tenant, and subscription used for communication with Azure.
Type: | IAzureContextContainer |
Aliases: | AzContext, AzureRmContext, AzureCredential |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-EnabledState
Whether the policy is in enabled state or disabled state. Possible values include: 'Disabled', 'Enabled'
Type: | PSEnabledState |
Accepted values: | Enabled, Disabled |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-JavascriptChallengeExpirationInMinutes
setting is only applicable to Premium_AzureFrontDoor. Value must be an integer between 5 and 1440 with the default value being 30.
Type: | Int32 |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-LogScrubbingSetting
Defines rules that scrub sensitive fields in the Web Application Firewall.
Type: | PSFrontDoorWafLogScrubbingSetting |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-ManagedRule
Managed rules inside the policy
Type: | PSManagedRule[] |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-Mode
Describes if it is in detection mode or prevention mode at policy level. Possible values include:'Prevention', 'Detection'
Type: | String |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-Name
WebApplicationFireWallPolicy name.
Type: | String |
Position: | Named |
Default value: | None |
Required: | True |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-RedirectUrl
Redirect URL
Type: | String |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-RequestBodyCheck
Defines if the body should be inspected by managed rules. Possible values include: 'Enabled', 'Disabled'
Type: | String |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-ResourceGroupName
The resource group name
Type: | String |
Position: | Named |
Default value: | None |
Required: | True |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-Sku
Sets Sku. Possible values include: 'Classic_AzureFrontDoor', 'Standard_AzureFrontDoor', 'Premium_AzureFrontDoor'
Type: | String |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-Tag
The tags associate with the FrontDoor WAF Policy.
Type: | Hashtable |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-WhatIf
Shows what would happen if the cmdlet runs. The cmdlet is not run.
Type: | SwitchParameter |
Aliases: | wi |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
Inputs
None