search

imperva / terraform-provider-incapsula

This package is a plugin for Terraform, and is designed to be used to auto-provision sites in Incapsula via Incapsula’s API from the terraform cli/yaml configurations.
Mozilla Public License 2.0
44 stars 72 forks source link

Multiple exceptions on incapsula_policy #89

Closed kirubakaran25 closed 3 years ago

kirubakaran25 commented 3 years ago

Hello there

Is there a way we can add multiple exceptions to a policy? I understand we can have multiple conditions to a single exception rule. But what I'm trying to do is add a new exception as we can do in the console with the "Add Exception" option (screenshot below). image

joeymoore commented 3 years ago

Yes @kirubakaran25 you can see here where I did three exceptions, noting the difference in the logical AND/OR.

resource "incapsula_policy" "example-policy" {
  name        = "Example exceptions"
  enabled     = true
  policy_type = "ACL"
  description = "Example policy exceptions for JM"
  policy_settings = <<POLICY
[
  {
    "settingsAction": "BLOCK",
    "policySettingType": "IP",
    "data": {
      "ips": [
        "109.12.1.151",
        "109.12.1.200"
      ]
    },
    "policyDataExceptions": [
      {
        "data": [
          {
            "exceptionType": "GEO",
            "values": [
              "CA"
            ]
          },
          {
            "exceptionType": "IP",
            "values": [
              "209.12.1.1"
            ]
          }
        ],
        "comment": "Creates an AND logical exception."
      },
      {
        "data": [
          {
            "exceptionType": "GEO",
            "values": [
              "CA"
            ]
          }
        ],
        "comment": "Creates an OR logical exception."
      }
    ]
  }
]
POLICY
}

Renders this: image

kirubakaran25 commented 3 years ago

Thanks so much Joe. This is working. It would be helpful to add this example to the "examples" section of the repo. I searched for this kind of example before asking here. Thanks again!