diff --git a/avm/res/network/application-gateway-web-application-firewall-policy/README.md b/avm/res/network/application-gateway-web-application-firewall-policy/README.md index d66c625612..48b9bf4855 100644 --- a/avm/res/network/application-gateway-web-application-firewall-policy/README.md +++ b/avm/res/network/application-gateway-web-application-firewall-policy/README.md @@ -14,7 +14,7 @@ This module deploys an Application Gateway Web Application Firewall (WAF) Policy | Resource Type | API Version | | :-- | :-- | -| `Microsoft.Network/ApplicationGatewayWebApplicationFirewallPolicies` | [2022-11-01](https://learn.microsoft.com/en-us/azure/templates/Microsoft.Network/2022-11-01/ApplicationGatewayWebApplicationFirewallPolicies) | +| `Microsoft.Network/ApplicationGatewayWebApplicationFirewallPolicies` | [2024-03-01](https://learn.microsoft.com/en-us/azure/templates/Microsoft.Network/2024-03-01/ApplicationGatewayWebApplicationFirewallPolicies) | ## Usage examples @@ -150,7 +150,10 @@ module applicationGatewayWebApplicationFirewallPolicy 'br/public:avm/res/network // Non-required parameters location: '' policySettings: { + customBlockResponseBody: 'PGh0bWw+CjxoZWFkZXI+PHRpdGxlPkhlbGxvPC90aXRsZT48L2hlYWRlcj4KPGJvZHk+CkhlbGxvIHdvcmxkCjwvYm9keT4KPC9odG1sPg==' + customBlockResponseStatusCode: 403 fileUploadLimitInMb: 10 + jsChallengeCookieExpirationInMins: 60 mode: 'Prevention' state: 'Enabled' } @@ -201,7 +204,10 @@ module applicationGatewayWebApplicationFirewallPolicy 'br/public:avm/res/network }, "policySettings": { "value": { + "customBlockResponseBody": "PGh0bWw+CjxoZWFkZXI+PHRpdGxlPkhlbGxvPC90aXRsZT48L2hlYWRlcj4KPGJvZHk+CkhlbGxvIHdvcmxkCjwvYm9keT4KPC9odG1sPg==", + "customBlockResponseStatusCode": 403, "fileUploadLimitInMb": 10, + "jsChallengeCookieExpirationInMins": 60, "mode": "Prevention", "state": "Enabled" } @@ -246,7 +252,10 @@ param name = 'nagwafpmax001' // Non-required parameters param location = '' param policySettings = { + customBlockResponseBody: 'PGh0bWw+CjxoZWFkZXI+PHRpdGxlPkhlbGxvPC90aXRsZT48L2hlYWRlcj4KPGJvZHk+CkhlbGxvIHdvcmxkCjwvYm9keT4KPC9odG1sPg==' + customBlockResponseStatusCode: 403 fileUploadLimitInMb: 10 + jsChallengeCookieExpirationInMins: 60 mode: 'Prevention' state: 'Enabled' } @@ -292,6 +301,7 @@ module applicationGatewayWebApplicationFirewallPolicy 'br/public:avm/res/network location: '' policySettings: { fileUploadLimitInMb: 10 + jsChallengeCookieExpirationInMins: 60 mode: 'Prevention' state: 'Enabled' } @@ -342,6 +352,7 @@ module applicationGatewayWebApplicationFirewallPolicy 'br/public:avm/res/network "policySettings": { "value": { "fileUploadLimitInMb": 10, + "jsChallengeCookieExpirationInMins": 60, "mode": "Prevention", "state": "Enabled" } @@ -386,6 +397,7 @@ param name = 'nagwafpwaf001' param location = '' param policySettings = { fileUploadLimitInMb: 10 + jsChallengeCookieExpirationInMins: 60 mode: 'Prevention' state: 'Enabled' } diff --git a/avm/res/network/application-gateway-web-application-firewall-policy/main.bicep b/avm/res/network/application-gateway-web-application-firewall-policy/main.bicep index 48cd3a1127..6bb0a131a7 100644 --- a/avm/res/network/application-gateway-web-application-firewall-policy/main.bicep +++ b/avm/res/network/application-gateway-web-application-firewall-policy/main.bicep @@ -42,7 +42,7 @@ resource avmTelemetry 'Microsoft.Resources/deployments@2024-03-01' = if (enableT } } -resource applicationGatewayWAFPolicy 'Microsoft.Network/ApplicationGatewayWebApplicationFirewallPolicies@2022-11-01' = { +resource applicationGatewayWAFPolicy 'Microsoft.Network/ApplicationGatewayWebApplicationFirewallPolicies@2024-03-01' = { name: name location: location tags: tags diff --git a/avm/res/network/application-gateway-web-application-firewall-policy/main.json b/avm/res/network/application-gateway-web-application-firewall-policy/main.json index df030e7c36..34ca43fdae 100644 --- a/avm/res/network/application-gateway-web-application-firewall-policy/main.json +++ b/avm/res/network/application-gateway-web-application-firewall-policy/main.json @@ -5,8 +5,8 @@ "metadata": { "_generator": { "name": "bicep", - "version": "0.28.1.47646", - "templateHash": "9391039096512506977" + "version": "0.32.4.45862", + "templateHash": "10893386311526546547" }, "name": "Application Gateway Web Application Firewall (WAF) Policies", "description": "This module deploys an Application Gateway Web Application Firewall (WAF) Policy.", @@ -84,7 +84,7 @@ }, "applicationGatewayWAFPolicy": { "type": "Microsoft.Network/ApplicationGatewayWebApplicationFirewallPolicies", - "apiVersion": "2022-11-01", + "apiVersion": "2024-03-01", "name": "[parameters('name')]", "location": "[parameters('location')]", "tags": "[parameters('tags')]", @@ -122,7 +122,7 @@ "metadata": { "description": "The location the resource was deployed into." }, - "value": "[reference('applicationGatewayWAFPolicy', '2022-11-01', 'full').location]" + "value": "[reference('applicationGatewayWAFPolicy', '2024-03-01', 'full').location]" } } } \ No newline at end of file diff --git a/avm/res/network/application-gateway-web-application-firewall-policy/tests/e2e/max/main.test.bicep b/avm/res/network/application-gateway-web-application-firewall-policy/tests/e2e/max/main.test.bicep index 0f47cfd5cc..6693746b83 100644 --- a/avm/res/network/application-gateway-web-application-firewall-policy/tests/e2e/max/main.test.bicep +++ b/avm/res/network/application-gateway-web-application-firewall-policy/tests/e2e/max/main.test.bicep @@ -47,6 +47,9 @@ module testDeployment '../../../main.bicep' = [ fileUploadLimitInMb: 10 state: 'Enabled' mode: 'Prevention' + customBlockResponseBody: 'PGh0bWw+CjxoZWFkZXI+PHRpdGxlPkhlbGxvPC90aXRsZT48L2hlYWRlcj4KPGJvZHk+CkhlbGxvIHdvcmxkCjwvYm9keT4KPC9odG1sPg==' + customBlockResponseStatusCode: 403 + jsChallengeCookieExpirationInMins: 60 } managedRules: { managedRuleSets: [ diff --git a/avm/res/network/application-gateway-web-application-firewall-policy/tests/e2e/waf-aligned/main.test.bicep b/avm/res/network/application-gateway-web-application-firewall-policy/tests/e2e/waf-aligned/main.test.bicep index b61c4d33e6..32732fb65f 100644 --- a/avm/res/network/application-gateway-web-application-firewall-policy/tests/e2e/waf-aligned/main.test.bicep +++ b/avm/res/network/application-gateway-web-application-firewall-policy/tests/e2e/waf-aligned/main.test.bicep @@ -47,6 +47,7 @@ module testDeployment '../../../main.bicep' = [ fileUploadLimitInMb: 10 state: 'Enabled' mode: 'Prevention' + jsChallengeCookieExpirationInMins: 60 } managedRules: { managedRuleSets: [ diff --git a/avm/res/network/application-gateway-web-application-firewall-policy/version.json b/avm/res/network/application-gateway-web-application-firewall-policy/version.json index 83083db694..1c035df49f 100644 --- a/avm/res/network/application-gateway-web-application-firewall-policy/version.json +++ b/avm/res/network/application-gateway-web-application-firewall-policy/version.json @@ -1,6 +1,6 @@ { "$schema": "https://aka.ms/bicep-registry-module-version-file-schema#", - "version": "0.1", + "version": "0.2", "pathFilters": [ "./main.json" ]