Lightrun
question-mark
Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

"az network front-door waf-policy managed-rules add" only working for Type DefaultRuleSet Version 1.0

See original GitHub issue

az feedback auto-generates most of the information requested below, as of CLI version 2.0.62

Related command

az network front-door waf-policy managed-rules add --policy-name MyWaf" --resource-group “MyRg” --type Microsoft_DefaultRuleSet --version 2.0

Describe the bug

When the above command is run, it should add the “Microsoft_DefaultRuleSet” version 2.0 rule set to the WAF. However, it actually errors with: (BadRequest) WebApplicationFirewallPolicy validation failed. More information “Managed rule set types or versions are not compatible.”. Indeed, the only combination of types and versions that work is: –type DefaultRuleSet --version 1.0

To Reproduce

az network front-door waf-policy managed-rules add --policy-name MyWaf" --resource-group “MyRg” --type Microsoft_DefaultRuleSet --version 2.0

Expected behavior

The CLI should allow addition of all the rules sets specified in the GUI including: Microsoft_DefaultRuleSet version 1.1 AND Microsoft_DefaultRuleSet version 2.0

Environment summary

Azure Cloud Shell (PowerShell)

Additional context

Issue Analytics

  • State:closed
  • Created a year ago
  • Comments:10 (5 by maintainers)

github_iconTop GitHub Comments

1reaction
t-bzhancommented, Oct 18, 2022

Hi @mossywell , could you update the front-door extension version to 1.0.17 to see whether the issue is addressed or not: az extension add --upgrade --name front-door --version 1.0.17

0reactions
mossywellcommented, Oct 24, 2022

Hello, when I run this: az extension add --upgrade --name front-door --version 1.0.17 followed by this: az network front-door waf-policy managed-rules add --policy-name MyWaf" --resource-group “MyRg” --type Microsoft_DefaultRuleSet --version 2.0

I still get an error: This rule set action value is not supported

Read more comments on GitHub >

github_iconTop Results From Across the Web

Tuning Web Application Firewall (WAF) for Azure Front Door
These articles explain how the WAF functions, how the WAF rule sets work, and how to access WAF logs. Understanding WAF logs. The...
Read more >
Azcli fails to create FrontDoor WAF Policy · Issue #5625
Describe the bug Command Name az network front-door waf-policy create Extension Name: front-door. Version: 1.0.17. az-cli fails to create ...
Read more >
aztfmod/caf-frontdoor/azurerm
1 to many WAF Policies and links them to Frontend Endpoints. Reference the module to a specific version (recommended): module "front-door" { ...
Read more >
Azure Front Door WAF is blocking .AspNet.ApplicationCookie
The rule that is being triggered is DefaultRuleSet-1.0-SQLI-942440 SQL Comment Sequence Detected. The only place that I can find an sql comment ...
Read more >
Managing Azure Front Door with the Azure CLI
I assume you know about the Azure CLI and how it works. ... az network front-door frontend-endpoint create ` --resource-group ...
Read more >

github_iconTop Related Medium Post

No results found

github_iconTop Related StackOverflow Question

No results found

github_iconTroubleshoot Live Code

Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free

github_iconTop Related Reddit Thread

No results found

github_iconTop Related Hackernoon Post

No results found

github_iconTop Related Tweet

No results found

github_iconTop Related Dev.to Post

No results found

github_iconTop Related Hashnode Post

No results found
Previous page

Getting lock for specified resource with az lock show --resource xxx fails with exception

Next page

Unable to run "az connectedk8s"; versions mismatch?