azurermFrontdoorRulesEngine
!> IMPORTANT This deploys an Azure Front Door (classic) resource which has been deprecated and will receive security updates only. Please migrate your existing Azure Front Door (classic) deployments to the new Azure Front Door (standard/premium) resources. For your convenience, the service team has exposed a frontDoorClassic to frontDoorStandard/premium migration tool to allow you to migrate your existing frontDoorClassic instances to the new frontDoorStandard/premium product tiers.
Manages an Azure Front Door (classic) Rules Engine configuration and rules.
Example Usage
/*Provider bindings are generated by running cdktf get.
See https://cdk.tf/provider-generation for more details.*/
import * as azurerm from "./.gen/providers/azurerm";
/*The following providers are missing schema information and might need manual adjustments to synthesize correctly: azurerm.
For a more precise conversion please use the --provider flag in convert.*/
const azurermResourceGroupExample = new azurerm.resourceGroup.ResourceGroup(
this,
"example",
{
location: "West Europe",
name: "example-rg",
}
);
const azurermFrontdoorExample = new azurerm.frontdoor.Frontdoor(
this,
"example_1",
{
backend_pool: [
{
backend: [
{
address: "www.bing.com",
host_header: "www.bing.com",
http_port: 80,
https_port: 443,
},
],
health_probe_name: "exampleHealthProbeSetting1",
load_balancing_name: "exampleLoadBalancingSettings1",
name: "exampleBackendBing",
},
],
backend_pool_health_probe: [
{
name: "exampleHealthProbeSetting1",
},
],
backend_pool_load_balancing: [
{
name: "exampleLoadBalancingSettings1",
},
],
frontend_endpoint: [
{
host_name: "example-FrontDoor.azurefd.net",
name: "exampleFrontendEndpoint1",
},
],
name: "example",
resource_group_name: azurermResourceGroupExample.name,
routing_rule: [
{
accepted_protocols: ["Http", "Https"],
frontend_endpoints: ["exampleFrontendEndpoint1"],
name: "exampleRoutingRule1",
patterns_to_match: ["/*"],
},
],
}
);
/*This allows the Terraform resource name to match the original name. You can remove the call if you don't need them to match.*/
azurermFrontdoorExample.overrideLogicalId("example");
new azurerm.frontdoorRulesEngine.FrontdoorRulesEngine(
this,
"example_rules_engine",
{
frontdoor_name: azurermFrontdoorExample.name,
name: "exampleRulesEngineConfig1",
resource_group_name: azurermFrontdoorExample.resourceGroupName,
rule: [
{
action: [
{
response_header: [
{
header_action_type: "Append",
header_name: "X-TEST-HEADER",
value: "Append Header Rule",
},
],
},
],
name: "debuggingoutput",
priority: 1,
},
{
action: [
{
response_header: [
{
header_action_type: "Overwrite",
header_name: "Access-Control-Allow-Origin",
value: "*",
},
{
header_action_type: "Overwrite",
header_name: "Access-Control-Allow-Credentials",
value: "true",
},
],
},
],
match_condition: [
{
operator: "Equal",
value: ["GET", "POST"],
variable: "RequestMethod",
},
],
name: "overwriteorigin",
priority: 2,
},
],
}
);
Argument Reference
The following arguments are supported:
-
name- (Required) The name of the Rules engine configuration. Changing this forces a new resource to be created. -
frontdoorName- (Required) The name of the Front Door instance. Changing this forces a new resource to be created. -
resourceGroupName- (Required) The name of the resource group. Changing this forces a new resource to be created. -
enabled- (Optional) Whether this Rules engine configuration is enabled? Defaults totrue. -
rule- (Optional) Aruleblock as defined below.
The rule block supports the following:
-
name- (Required) The name of the rule. -
priority- (Required) Priority of the rule, must be unique per rules engine definition. -
action- (Optional) Anactionblock as defined below. -
matchCondition- (Optional) One or morematchConditionblock as defined below.
The action block supports the following:
-
requestHeader- (Optional) ArequestHeaderblock as defined below. -
responseHeader- (Optional) AresponseHeaderblock as defined below.
The requestHeader block supports the following:
-
headerActionType- (Optional) can be set tooverwrite,appendordelete. -
headerName- (Optional) header name (string). -
value- (Optional) value name (string).
The responseHeader block supports the following:
-
headerActionType- (Optional) can be set tooverwrite,appendordelete. -
headerName- (Optional) header name (string). -
value- (Optional) value name (string).
The matchCondition block supports the following:
-
variable- (Optional) can be set toisMobile,remoteAddr,requestMethod,queryString,postArgs,requestUri,requestPath,requestFilename,requestFilenameExtension,requestHeader,requestBodyorrequestScheme. -
selector- (Optional) match against a specific key whenvariableis set topostArgsorrequestHeader. It cannot be used withqueryStringandrequestMethod. -
operator- (Required) can be set toany,ipMatch,geoMatch,equal,contains,lessThan,greaterThan,lessThanOrEqual,greaterThanOrEqual,beginsWithorendsWith -
transform- (Optional) can be set to one or more values out oflowercase,removeNulls,trim,uppercase,urlDecodeandurlEncode -
negateCondition- (Optional) can be set totrueorfalseto negate the given condition. Defaults totrue. -
value- (Optional) (array) can contain one or more strings.
Timeouts
The timeouts block allows you to specify timeouts for certain actions:
read- (Defaults to 5 minutes) Used when retrieving the Frontdoor Rules Engine.create- (Defaults to 6 hours) Used when creating the Frontdoor Rules Engine.update- (Defaults to 6 hours) Used when updating the Frontdoor Rules Engine.delete- (Defaults to 6 hours) Used when deleting the Frontdoor Rules Engine.
Import
Azure Front Door Rules Engine's can be imported using the resourceId, e.g.