From b5090899f5b92e157582b33f0c58825ec97db637 Mon Sep 17 00:00:00 2001 From: Sune Keller Date: Wed, 25 Mar 2020 11:49:05 +0100 Subject: [PATCH] Set new properties in test Signed-off-by: Sune Keller --- ...rm_web_application_firewall_policy_test.go | 49 +++++++++++++++++++ 1 file changed, 49 insertions(+) diff --git a/azurerm/internal/services/network/tests/resource_arm_web_application_firewall_policy_test.go b/azurerm/internal/services/network/tests/resource_arm_web_application_firewall_policy_test.go index 576c91e87635d..7dfaa2fb3d2b6 100644 --- a/azurerm/internal/services/network/tests/resource_arm_web_application_firewall_policy_test.go +++ b/azurerm/internal/services/network/tests/resource_arm_web_application_firewall_policy_test.go @@ -73,6 +73,23 @@ func TestAccAzureRMWebApplicationFirewallPolicy_complete(t *testing.T) { resource.TestCheckResourceAttr(data.ResourceName, "custom_rules.1.match_conditions.1.match_values.#", "1"), resource.TestCheckResourceAttr(data.ResourceName, "custom_rules.1.match_conditions.1.match_values.0", "Windows"), resource.TestCheckResourceAttr(data.ResourceName, "custom_rules.1.action", "Block"), + resource.TestCheckResourceAttr(data.ResourceName, "managed_rules.exclusion.#", "2"), + resource.TestCheckResourceAttr(data.ResourceName, "managed_rules.exclusion.0.match_variable", "RequestHeaderNames"), + resource.TestCheckResourceAttr(data.ResourceName, "managed_rules.exclusion.0.selector", "x-shared-secret"), + resource.TestCheckResourceAttr(data.ResourceName, "managed_rules.exclusion.0.selector_match_operator", "Equals"), + resource.TestCheckResourceAttr(data.ResourceName, "managed_rules.exclusion.1.match_variable", "RequestCookieNames"), + resource.TestCheckResourceAttr(data.ResourceName, "managed_rules.exclusion.1.selector", "too-much-fun"), + resource.TestCheckResourceAttr(data.ResourceName, "managed_rules.exclusion.1.selector_match_operator", "EndsWith"), + resource.TestCheckResourceAttr(data.ResourceName, "managed_rules.managed_rules_set.#", "1"), + resource.TestCheckResourceAttr(data.ResourceName, "managed_rules.managed_rules_set.0.type", "OWASP"), + resource.TestCheckResourceAttr(data.ResourceName, "managed_rules.managed_rules_set.0.version", "3.1"), + resource.TestCheckResourceAttr(data.ResourceName, "managed_rules.managed_rules_set.0.rule_group_override.#", "1"), + resource.TestCheckResourceAttr(data.ResourceName, "managed_rules.managed_rules_set.0.rule_group_override.0.rule_group_name", "REQUEST-920-PROTOCOL-ENFORCEMENT"), + resource.TestCheckResourceAttr(data.ResourceName, "managed_rules.managed_rules_set.0.rule_group_override.0.disabled_rules.#", "2"), + resource.TestCheckResourceAttr(data.ResourceName, "managed_rules.managed_rules_set.0.rule_group_override.0.disabled_rules.0", "920300"), + resource.TestCheckResourceAttr(data.ResourceName, "managed_rules.managed_rules_set.0.rule_group_override.0.disabled_rules.1", "920440"), + resource.TestCheckResourceAttr(data.ResourceName, "policy_settings.enabled", "true"), + resource.TestCheckResourceAttr(data.ResourceName, "policy_settings.mode", "Prevention"), ), }, data.ImportStep(), @@ -265,6 +282,38 @@ resource "azurerm_web_application_firewall_policy" "test" { action = "Block" } + + managed_rules { + exclusion { + match_variable = "RequestHeaderNames" + selector = "x-shared-secret" + selector_match_operator = "Equals" + } + + exclusion { + match_variable = "RequestCookieNames" + selector = "too-much-fun" + selector_match_operator = "EndsWith" + } + + managed_rules_set { + type = "OWASP" + version = "3.1" + + rule_group_override { + rule_group_name = "REQUEST-920-PROTOCOL-ENFORCEMENT" + disabled_rules = [ + "920300", + "920440", + ] + } + } + } + + policy_settings { + enabled = true + mode = "Prevention" + } } `, data.RandomInteger, data.Locations.Primary, data.RandomInteger) }