New in version 2.5.
The below requirements are needed on the host that executes this module.
Parameter |
Choices/Defaults |
Comments |
---|---|---|
api_context
(added in 2.5) |
|
Avi API context that includes current session ID and CSRF Token.
This allows user to perform single login and re-use the session.
|
api_version
|
Default:
16.4.4
|
Avi API version of to use for Avi API and objects.
|
avi_api_patch_op
(added in 2.5) |
|
Patch operation to use when using avi_api_update_method as patch.
|
avi_api_update_method
(added in 2.5) |
|
Default method for object update is HTTP PUT.
Setting to patch will override that behavior to use HTTP PATCH.
|
avi_credentials
(added in 2.5) |
|
Avi Credentials dictionary which can be used in lieu of enumerating Avi Controller login details.
|
controller
|
Default:
|
IP address or hostname of the controller. The default value is the environment variable
AVI_CONTROLLER . |
created_by
|
|
Creator name.
Field introduced in 17.2.4.
|
crs_groups
|
|
Waf rules are categorized in to groups based on their characterization.
These groups are system created with crs groups.
Field introduced in 17.2.1.
|
description
|
|
Field introduced in 17.2.1.
|
mode
required |
|
Waf policy mode.
This can be detection or enforcement.
Enum options - WAF_MODE_DETECTION_ONLY, WAF_MODE_ENFORCEMENT.
Field introduced in 17.2.1.
Default value when not specified in API or module is interpreted by Avi Controller as WAF_MODE_DETECTION_ONLY.
|
name
required |
|
Field introduced in 17.2.1.
|
paranoia_level
|
|
Waf ruleset paranoia mode.
This is used to select rules based on the paranoia-level tag.
Enum options - WAF_PARANOIA_LEVEL_LOW, WAF_PARANOIA_LEVEL_MEDIUM, WAF_PARANOIA_LEVEL_HIGH, WAF_PARANOIA_LEVEL_EXTREME.
Field introduced in 17.2.1.
Default value when not specified in API or module is interpreted by Avi Controller as WAF_PARANOIA_LEVEL_LOW.
|
password
|
Default:
|
Password of Avi user in Avi controller. The default value is the environment variable
AVI_PASSWORD . |
post_crs_groups
|
|
Waf rules are categorized in to groups based on their characterization.
These groups are created by the user and will be enforced after the crs groups.
Field introduced in 17.2.1.
|
pre_crs_groups
|
|
Waf rules are categorized in to groups based on their characterization.
These groups are created by the user and will be enforced before the crs groups.
Field introduced in 17.2.1.
|
state
|
|
The state that should be applied on the entity.
|
tenant
|
Default:
admin
|
Name of tenant used for all Avi API calls and context of object.
|
tenant_ref
|
|
It is a reference to an object of type tenant.
Field introduced in 17.2.1.
|
tenant_uuid
|
Default:
|
UUID of tenant used for all Avi API calls and context of object.
|
url
|
|
Avi controller URL of the object.
|
username
|
Default:
|
Username used for accessing Avi controller. The default value is the environment variable
AVI_USERNAME . |
uuid
|
|
Field introduced in 17.2.1.
|
waf_profile_ref
required |
|
Waf profile for waf policy.
It is a reference to an object of type wafprofile.
Field introduced in 17.2.1.
|
Note
- name: Example to create WafPolicy object
avi_wafpolicy:
controller: 10.10.25.42
username: admin
password: something
state: present
name: sample_wafpolicy
Common return values are documented here, the following are the fields unique to this module:
Key |
Returned |
Description |
---|---|---|
obj
dict
|
success, changed |
WafPolicy (api/wafpolicy) object
|
This module is flagged as preview which means that it is not guaranteed to have a backwards compatible interface.
Hint
If you notice any issues in this documentation you can edit this document to improve it.