WebApplicationFirewall provides the configuration for an instance of a Web Application Firewall, and the
WebApplicationFirewallPolicy resource configures the matching patterns for when
WebApplicationFirewalls get executed against requests.
This doc is an overview of all the fields on the
WebApplicationFirewall Custom Resource with descriptions of the purpose, type, and default values of those fields.
Tutorials and guides for Web Application Firewalls can be found in the usage guides section
|FirewallRules||Defines the rules to be used for the Web Application Firewall|
|When enabled, creates additional log lines in the Ambassador Edge Stack pods whenever the |
Defines the rules to be used for the Web Application Firewall
|Identifies which method is being used to load the firewall rules. Value must be one of |
|ConfigMapReference||Defines a reference to a Kubernetes ConfigMap to load firewall rules from.|
|Location of a file on disk to load the firewall rules from. Example: |
|URL to fetch firewall rules from. If the rules are unable to be downloaded/parsed from the provided url for whatever reason, the requests matched to this |
Defines a reference to a Kubernetes ConfigMap to load firewall rules from.
|Name of the referenced Kuberntes |
|Namespace of the referenced Kuberntes |
|The key in the referenced Kuberntes |
The following guides will help you get started using Web Application Firewalls
- Using Web Application Firewalls - Get started using
- Rules for Web Application Firewalls - Info about creating and configuring firewall rules
- Web Application Firewalls in Production - Recommendations and info for creating and running
WebApplicationFirewallsin a production environment