import * as pulumi from "@pulumi/pulumi"; import * as inputs from "./types/input"; import * as outputs from "./types/output"; /** * Provides a Datadog AppsecWafExclusionFilter resource. This can be used to create and manage Datadog appsec_waf_exclusion_filter. * * ## Example Usage * * ```typescript * import * as pulumi from "@pulumi/pulumi"; * import * as datadog from "@pulumi/datadog"; * * // Create a WAF exclusion filter on a path * const excludeOnPath = new datadog.index.AppsecExclusionFilter("exclude_on_path", { * description: "Exclude false positives on a path", * enabled: true, * pathGlob: "/accounts/*", * rulesTarget: [{ * tags: [{ * category: "attack_attempt", * type: "lfi", * }], * }], * scope: [{ * env: "www", * service: "prod", * }], * }); * // Create a WAF exclusion filter for trusted IPs * const trustedIps = new datadog.index.AppsecExclusionFilter("trusted_ips", { * description: "Do not block office IP network", * enabled: true, * ipList: ["198.10.14.53/24"], * onMatch: "monitor", * }); * ``` * * ## Import * * The `pulumi import` command can be used, for example: * * ```sh * $ pulumi import datadog:index/appsecWafExclusionFilter:AppsecWafExclusionFilter passlist_entry "45b7032f-0ac4-4b2f-9118-363523c625f6" * ``` */ export declare class AppsecWafExclusionFilter extends pulumi.CustomResource { /** * Get an existing AppsecWafExclusionFilter resource's state with the given name, ID, and optional extra * properties used to qualify the lookup. * * @param name The _unique_ name of the resulting resource. * @param id The _unique_ provider ID of the resource to lookup. * @param state Any extra arguments used during the lookup. * @param opts Optional settings to control the behavior of the CustomResource. */ static get(name: string, id: pulumi.Input, state?: AppsecWafExclusionFilterState, opts?: pulumi.CustomResourceOptions): AppsecWafExclusionFilter; /** * Returns true if the given object is an instance of AppsecWafExclusionFilter. This is designed to work even * when multiple copies of the Pulumi SDK have been loaded into the same process. */ static isInstance(obj: any): obj is AppsecWafExclusionFilter; /** * A description for the exclusion filter. */ readonly description: pulumi.Output; /** * Indicates whether the exclusion filter is enabled. */ readonly enabled: pulumi.Output; /** * The event query matched by the legacy exclusion filter. Cannot be created nor updated. */ readonly eventQuery: pulumi.Output; /** * The client IP addresses matched by the exclusion filter (CIDR notation is supported). */ readonly ipLists: pulumi.Output; /** * The action taken when the exclusion filter matches. When set to `monitor`, security traces are emitted but the requests are not blocked. By default, security traces are not emitted and the requests are not blocked. */ readonly onMatch: pulumi.Output; /** * A list of parameters matched by the exclusion filter in the HTTP query string and HTTP request body. Nested parameters can be matched by joining fields with a dot character. */ readonly parameters: pulumi.Output; /** * The HTTP path glob expression matched by the exclusion filter. */ readonly pathGlob: pulumi.Output; readonly rulesTargets: pulumi.Output; readonly scopes: pulumi.Output; /** * Create a AppsecWafExclusionFilter resource with the given unique name, arguments, and options. * * @param name The _unique_ name of the resource. * @param args The arguments to use to populate this resource's properties. * @param opts A bag of options that control this resource's behavior. */ constructor(name: string, args: AppsecWafExclusionFilterArgs, opts?: pulumi.CustomResourceOptions); } /** * Input properties used for looking up and filtering AppsecWafExclusionFilter resources. */ export interface AppsecWafExclusionFilterState { /** * A description for the exclusion filter. */ description?: pulumi.Input; /** * Indicates whether the exclusion filter is enabled. */ enabled?: pulumi.Input; /** * The event query matched by the legacy exclusion filter. Cannot be created nor updated. */ eventQuery?: pulumi.Input; /** * The client IP addresses matched by the exclusion filter (CIDR notation is supported). */ ipLists?: pulumi.Input[]>; /** * The action taken when the exclusion filter matches. When set to `monitor`, security traces are emitted but the requests are not blocked. By default, security traces are not emitted and the requests are not blocked. */ onMatch?: pulumi.Input; /** * A list of parameters matched by the exclusion filter in the HTTP query string and HTTP request body. Nested parameters can be matched by joining fields with a dot character. */ parameters?: pulumi.Input[]>; /** * The HTTP path glob expression matched by the exclusion filter. */ pathGlob?: pulumi.Input; rulesTargets?: pulumi.Input[]>; scopes?: pulumi.Input[]>; } /** * The set of arguments for constructing a AppsecWafExclusionFilter resource. */ export interface AppsecWafExclusionFilterArgs { /** * A description for the exclusion filter. */ description: pulumi.Input; /** * Indicates whether the exclusion filter is enabled. */ enabled: pulumi.Input; /** * The event query matched by the legacy exclusion filter. Cannot be created nor updated. */ eventQuery?: pulumi.Input; /** * The client IP addresses matched by the exclusion filter (CIDR notation is supported). */ ipLists?: pulumi.Input[]>; /** * The action taken when the exclusion filter matches. When set to `monitor`, security traces are emitted but the requests are not blocked. By default, security traces are not emitted and the requests are not blocked. */ onMatch?: pulumi.Input; /** * A list of parameters matched by the exclusion filter in the HTTP query string and HTTP request body. Nested parameters can be matched by joining fields with a dot character. */ parameters?: pulumi.Input[]>; /** * The HTTP path glob expression matched by the exclusion filter. */ pathGlob?: pulumi.Input; rulesTargets?: pulumi.Input[]>; scopes?: pulumi.Input[]>; }