Policy > Networking > Network Services > Advanced Load Balancing > Alb Waf Profiles

Create or update a ALBWafProfile

If a ALBWafProfile with the alb-WafProfile-id is not
already present, create a new ALBWafProfile. If it already exists,
update the ALBWafProfile. This is a full replace.
This API is only available when using VMware NSX-T.

Request:

Method:
PUT
URI Path(s):
/policy/api/v1/infra/alb-waf-profiles/<alb-wafprofile-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
ALBWafProfile+

Example Request:

{ "config": { "allowed_http_versions": [ "ONE_ZERO", "ONE_ONE", "TWO_ZERO" ], "allowed_methods": [ "HTTP_METHOD_GET", "HTTP_METHOD_HEAD", "HTTP_METHOD_POST", "HTTP_METHOD_OPTIONS" ], "allowed_request_content_types": [ "application/x-www-form-urlencoded", "multipart/form-data", "text/xml", "application/xml", "application/x-amf", "application/json" ], "argument_separator": "&", "client_request_max_body_size": 32, "cookie_format_version": 0, "ignore_incomplete_request_body_error": true, "max_execution_time": 50, "regex_match_limit": 30000, "regex_recursion_limit": 10000, "request_body_default_action": "phase:2,deny,status:403,log,auditlog", "request_hdr_default_action": "phase:1,deny,status:403,log,auditlog", "response_body_default_action": "phase:4,deny,status:403,log,auditlog", "response_hdr_default_action": "phase:3,deny,status:403,log,auditlog", "restricted_extensions": [ ".asa", ".asax", ".ascx", ".axd", ".backup", ".bak", ".bat", ".cdx", ".cer", ".cfg", ".cmd", ".com", ".config", ".conf", ".cs", ".csproj", ".csr", ".dat", ".db", ".dbf", ".dll", ".dos", ".htr", ".htw", ".ida", ".idc", ".idq", ".inc", ".ini", ".key", ".licx", ".lnk", ".log", ".mdb", ".old", ".pass", ".pdb", ".pol", ".printer", ".pwd", ".rdb", ".resources", ".resx", ".sql", ".sys", ".vb", ".vbs", ".vbproj", ".vsdisco", ".webinfo", ".xsd", ".xsx" ], "restricted_headers": [ "Proxy-Connection", "Lock-Token", "Content-Range", "Translate", "via", "if" ], "server_response_max_body_size": 128, "static_extensions": [ ".gif", ".jpg", ".jpeg", ".png", ".js", ".css", ".ico", ".svg", ".webp" ], "status_code_for_rejected_requests": "HTTP_RESPONSE_CODE_403", "xml_xxe_protection": true }, "files": [ { "data": "com.opensymphony.xwork2\ncom.sun.org.apache\njava.io.BufferedInputStream\njava.io.BufferedReader\njava.io.ByteArrayInputStream\njava.io.ByteArrayOutputStream\njava.io.CharArrayReader\njava.io.DataInputStream\njava.io.File\njava.io.FileOutputStream\njava.io.FilePermission\njava.io.FileWriter\njava.io.FilterInputStream\njava.io.FilterOutputStream\njava.io.FilterReader\njava.io.InputStream\njava.io.InputStreamReader\njava.io.LineNumberReader\njava.io.ObjectOutputStream\njava.io.OutputStream\njava.io.PipedOutputStream\njava.io.PipedReader\njava.io.PrintStream\njava.io.PushbackInputStream\njava.io.Reader\njava.io.StringReader\njava.lang.Class\njava.lang.Integer\njava.lang.Number\njava.lang.Object\njava.lang.Process\njava.lang.ProcessBuilder\njava.lang.reflect\njava.lang.Runtime\njava.lang.String\njava.lang.StringBuilder\njava.lang.System\njavax.script.ScriptEngineManager\norg.apache.commons\norg.apache.struts\norg.apache.struts2\norg.omg.CORBA\njava.beans.XMLDecode\n", "name": "java-classes.data", "type": "WAF_DATAFILE_PM_FROM_FILE" }, { "data": "powershell.exe\nAdd-BitsFile\nAdd-Computer\nAdd-Content\nAdd-History\nAdd-Member\nAdd-PSSnapin\nAdd-Type\nCheckpoint-Computer\nClear-Content\nClear-EventLog\nClear-History\nClear-Item\nClear-ItemProperty\nClear-Variable\nCompare-Object\nComplete-BitsTransfer\nComplete-Transaction\nConnect-WSMan\nConvertFrom-CSV\nConvertFrom-SecureString\nConvertFrom-StringData\nConvert-Path\nConvertTo-CSV\nConvertTo-Html\nConvertTo-SecureString\nConvertTo-XML\nCopy-Item\nCopy-ItemProperty\nDebug-Process\nDisable-ComputerRestore\nDisable-PSBreakpoint\nDisable-PSSessionConfiguration\nDisable-WSManCredSSP\nDisconnect-WSMan\nEnable-ComputerRestore\nEnable-PSBreakpoint\nEnable-PSRemoting\nEnable-PSSessionConfiguration\nEnable-WSManCredSSP\nEnter-PSSession\nExit-PSSession\nExport-Alias\nExport-Clixml\nExport-Console\nExport-Counter\nExport-CSV\nExport-FormatData\nExport-ModuleMember\nExport-PSSession\nForEach-Object\nFormat-Custom\nFormat-List\nFormat-Table\nFormat-Wide\nGet-Acl\nGet-Alias\nGet-AppLockerFileInformation\nGet-AppLockerPolicy\nGet-AuthenticodeSignature\nGet-BitsTransfer\nGet-ChildItem\nGet-Command\nGet-ComputerRestorePoint\nGet-Content\nGet-Counter\nGet-Credential\nGet-Culture\nGet-Event\nGet-EventLog\nGet-EventSubscriber\nGet-ExecutionPolicy\nGet-FormatData\nGet-History\nGet-Host\nGet-HotFix\nGet-Item\nGet-ItemProperty\nGet-Job\nGet-Location\nGet-Member\nGet-Module\nGet-PfxCertificate\nGet-Process\nGet-PSBreakpoint\nGet-PSCallStack\nGet-PSDrive\nGet-PSProvider\nGet-PSSession\nGet-PSSessionConfiguration\nGet-PSSnapin\nGet-Random\nGet-Service\nGet-TraceSource\nGet-Transaction\nGet-TroubleshootingPack\nGet-UICulture\nGet-Unique\nGet-Variable\nGet-WinEvent\nGet-WmiObject\nGet-WSManCredSSP\nGet-WSManInstance\nGroup-Object\nImport-Alias\nImport-Clixml\nImport-Counter\nImport-CSV\nImport-LocalizedData\nImport-Module\nImport-PSSession\nInvoke-Command\nInvoke-Expression\nInvoke-History\nInvoke-Item\nInvoke-TroubleshootingPack\nInvoke-WmiMethod\nInvoke-WSManAction\nJoin-Path\nLimit-EventLog\nMeasure-Command\nMeasure-Object\nMove-Item\nMove-ItemProperty\nNew-Alias\nNew-AppLockerPolicy\nNew-Event\nNew-EventLog\nNew-Item\nNew-ItemProperty\nNew-Module\nNew-ModuleManifest\nNew-Object\nNew-PSDrive\nNew-PSSession\nNew-PSSessionOption\nNew-Service\nNew-TimeSpan\nNew-Variable\nNew-WebServiceProxy\nNew-WSManInstance\nNew-WSManSessionOption\nOut-Default\nOut-File\nOut-GridView\nOut-Host\nOut-Null\nOut-Printer\nOut-String\nPop-Location\nPush-Location\nRead-Host\nReceive-Job\nRegister-EngineEvent\nRegister-ObjectEvent\nRegister-PSSessionConfiguration\nRegister-WmiEvent\nRemove-BitsTransfer\nRemove-Computer\nRemove-Event\nRemove-EventLog\nRemove-Item\nRemove-ItemProperty\nRemove-Job\nRemove-Module\nRemove-PSBreakpoint\nRemove-PSDrive\nRemove-PSSession\nRemove-PSSnapin\nRemove-Variable\nRemove-WmiObject\nRemove-WSManInstance\nRename-Item\nRename-ItemProperty\nReset-ComputerMachinePassword\nResolve-Path\nRestart-Computer\nRestart-Service\nRestore-Computer\nResume-BitsTransfer\nResume-Service\nSelect-Object\nSelect-String\nSelect-XML\nSend-MailMessage\nSet-Acl\nSet-Alias\nSet-AppLockerPolicy\nSet-AuthenticodeSignature\nSet-BitsTransfer\nSet-Content\nSet-Date\nSet-ExecutionPolicy\nSet-Item\nSet-ItemProperty\nSet-Location\nSet-PSBreakpoint\nSet-PSDebug\nSet-PSSessionConfiguration\nSet-Service\nSet-StrictMode\nSet-TraceSource\nSet-Variable\nSet-WmiInstance\nSet-WSManInstance\nSet-WSManQuickConfig\nShow-EventLog\nSort-Object\nSplit-Path\nStart-BitsTransfer\nStart-Job\nStart-Process\nStart-Service\nStart-Sleep\nStart-Transaction\nStart-Transcript\nStop-Computer\nStop-Job\nStop-Process\nStop-Service\nStop-Transcript\nSuspend-BitsTransfer\nSuspend-Service\nTee-Object\nTest-AppLockerPolicy\nTest-ComputerSecureChannel\nTest-Connection\nTest-ModuleManifest\nTest-Path\nTest-WSMan\nTrace-Command\nUndo-Transaction\nUnregister-Event\nUnregister-PSSessionConfiguration\nUpdate-FormatData\nUpdate-List\nUpdate-TypeData\nUse-Transaction\nWait-Event\nWait-Job\nWait-Process\nWhere-Object\nWrite-Debug\nWrite-Error\nWrite-EventLog\nWrite-Host\nWrite-Output\nWrite-Progress\nWrite-Verbose\nWrite-Warning\n-EncodedCommand\n-ExecutionPolicy\n-PSConsoleFile\n", "name": "windows-powershell-commands.data", "type": "WAF_DATAFILE_PM_FROM_FILE" } ], "name": "test-waf-profile" }

Successful Response:

Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
ALBWafProfile+

Example Response:

{ "_create_time": 1598510678078, "_create_user": "admin", "_last_modified_time": 1598510678090, "_last_modified_user": "admin", "_protection": "NOT_PROTECTED", "_revision": 0, "_system_owned": false, "config": { "allowed_http_versions": [ "ONE_ZERO", "ONE_ONE", "TWO_ZERO" ], "allowed_methods": [ "HTTP_METHOD_GET", "HTTP_METHOD_HEAD", "HTTP_METHOD_POST", "HTTP_METHOD_OPTIONS" ], "allowed_request_content_types": [ "application/x-www-form-urlencoded", "multipart/form-data", "text/xml", "application/xml", "application/x-amf", "application/json" ], "argument_separator": "&", "client_request_max_body_size": 32, "cookie_format_version": 0, "ignore_incomplete_request_body_error": true, "max_execution_time": 50, "regex_match_limit": 30000, "regex_recursion_limit": 10000, "request_body_default_action": "phase:2,deny,status:403,log,auditlog", "request_hdr_default_action": "phase:1,deny,status:403,log,auditlog", "response_body_default_action": "phase:4,deny,status:403,log,auditlog", "response_hdr_default_action": "phase:3,deny,status:403,log,auditlog", "restricted_extensions": [ ".asa", ".asax", ".ascx", ".axd", ".backup", ".bak", ".bat", ".cdx", ".cer", ".cfg", ".cmd", ".com", ".config", ".conf", ".cs", ".csproj", ".csr", ".dat", ".db", ".dbf", ".dll", ".dos", ".htr", ".htw", ".ida", ".idc", ".idq", ".inc", ".ini", ".key", ".licx", ".lnk", ".log", ".mdb", ".old", ".pass", ".pdb", ".pol", ".printer", ".pwd", ".rdb", ".resources", ".resx", ".sql", ".sys", ".vb", ".vbs", ".vbproj", ".vsdisco", ".webinfo", ".xsd", ".xsx" ], "restricted_headers": [ "Proxy-Connection", "Lock-Token", "Content-Range", "Translate", "via", "if" ], "server_response_max_body_size": 128, "static_extensions": [ ".gif", ".jpg", ".jpeg", ".png", ".js", ".css", ".ico", ".svg", ".webp" ], "status_code_for_rejected_requests": "HTTP_RESPONSE_CODE_403", "xml_xxe_protection": true }, "display_name": "test-waf-profile", "files": [ { "data": "com.opensymphony.xwork2\ncom.sun.org.apache\njava.io.BufferedInputStream\njava.io.BufferedReader\njava.io.ByteArrayInputStream\njava.io.ByteArrayOutputStream\njava.io.CharArrayReader\njava.io.DataInputStream\njava.io.File\njava.io.FileOutputStream\njava.io.FilePermission\njava.io.FileWriter\njava.io.FilterInputStream\njava.io.FilterOutputStream\njava.io.FilterReader\njava.io.InputStream\njava.io.InputStreamReader\njava.io.LineNumberReader\njava.io.ObjectOutputStream\njava.io.OutputStream\njava.io.PipedOutputStream\njava.io.PipedReader\njava.io.PrintStream\njava.io.PushbackInputStream\njava.io.Reader\njava.io.StringReader\njava.lang.Class\njava.lang.Integer\njava.lang.Number\njava.lang.Object\njava.lang.Process\njava.lang.ProcessBuilder\njava.lang.reflect\njava.lang.Runtime\njava.lang.String\njava.lang.StringBuilder\njava.lang.System\njavax.script.ScriptEngineManager\norg.apache.commons\norg.apache.struts\norg.apache.struts2\norg.omg.CORBA\njava.beans.XMLDecode\n", "name": "java-classes.data", "type": "WAF_DATAFILE_PM_FROM_FILE" }, { "data": "powershell.exe\nAdd-BitsFile\nAdd-Computer\nAdd-Content\nAdd-History\nAdd-Member\nAdd-PSSnapin\nAdd-Type\nCheckpoint-Computer\nClear-Content\nClear-EventLog\nClear-History\nClear-Item\nClear-ItemProperty\nClear-Variable\nCompare-Object\nComplete-BitsTransfer\nComplete-Transaction\nConnect-WSMan\nConvertFrom-CSV\nConvertFrom-SecureString\nConvertFrom-StringData\nConvert-Path\nConvertTo-CSV\nConvertTo-Html\nConvertTo-SecureString\nConvertTo-XML\nCopy-Item\nCopy-ItemProperty\nDebug-Process\nDisable-ComputerRestore\nDisable-PSBreakpoint\nDisable-PSSessionConfiguration\nDisable-WSManCredSSP\nDisconnect-WSMan\nEnable-ComputerRestore\nEnable-PSBreakpoint\nEnable-PSRemoting\nEnable-PSSessionConfiguration\nEnable-WSManCredSSP\nEnter-PSSession\nExit-PSSession\nExport-Alias\nExport-Clixml\nExport-Console\nExport-Counter\nExport-CSV\nExport-FormatData\nExport-ModuleMember\nExport-PSSession\nForEach-Object\nFormat-Custom\nFormat-List\nFormat-Table\nFormat-Wide\nGet-Acl\nGet-Alias\nGet-AppLockerFileInformation\nGet-AppLockerPolicy\nGet-AuthenticodeSignature\nGet-BitsTransfer\nGet-ChildItem\nGet-Command\nGet-ComputerRestorePoint\nGet-Content\nGet-Counter\nGet-Credential\nGet-Culture\nGet-Event\nGet-EventLog\nGet-EventSubscriber\nGet-ExecutionPolicy\nGet-FormatData\nGet-History\nGet-Host\nGet-HotFix\nGet-Item\nGet-ItemProperty\nGet-Job\nGet-Location\nGet-Member\nGet-Module\nGet-PfxCertificate\nGet-Process\nGet-PSBreakpoint\nGet-PSCallStack\nGet-PSDrive\nGet-PSProvider\nGet-PSSession\nGet-PSSessionConfiguration\nGet-PSSnapin\nGet-Random\nGet-Service\nGet-TraceSource\nGet-Transaction\nGet-TroubleshootingPack\nGet-UICulture\nGet-Unique\nGet-Variable\nGet-WinEvent\nGet-WmiObject\nGet-WSManCredSSP\nGet-WSManInstance\nGroup-Object\nImport-Alias\nImport-Clixml\nImport-Counter\nImport-CSV\nImport-LocalizedData\nImport-Module\nImport-PSSession\nInvoke-Command\nInvoke-Expression\nInvoke-History\nInvoke-Item\nInvoke-TroubleshootingPack\nInvoke-WmiMethod\nInvoke-WSManAction\nJoin-Path\nLimit-EventLog\nMeasure-Command\nMeasure-Object\nMove-Item\nMove-ItemProperty\nNew-Alias\nNew-AppLockerPolicy\nNew-Event\nNew-EventLog\nNew-Item\nNew-ItemProperty\nNew-Module\nNew-ModuleManifest\nNew-Object\nNew-PSDrive\nNew-PSSession\nNew-PSSessionOption\nNew-Service\nNew-TimeSpan\nNew-Variable\nNew-WebServiceProxy\nNew-WSManInstance\nNew-WSManSessionOption\nOut-Default\nOut-File\nOut-GridView\nOut-Host\nOut-Null\nOut-Printer\nOut-String\nPop-Location\nPush-Location\nRead-Host\nReceive-Job\nRegister-EngineEvent\nRegister-ObjectEvent\nRegister-PSSessionConfiguration\nRegister-WmiEvent\nRemove-BitsTransfer\nRemove-Computer\nRemove-Event\nRemove-EventLog\nRemove-Item\nRemove-ItemProperty\nRemove-Job\nRemove-Module\nRemove-PSBreakpoint\nRemove-PSDrive\nRemove-PSSession\nRemove-PSSnapin\nRemove-Variable\nRemove-WmiObject\nRemove-WSManInstance\nRename-Item\nRename-ItemProperty\nReset-ComputerMachinePassword\nResolve-Path\nRestart-Computer\nRestart-Service\nRestore-Computer\nResume-BitsTransfer\nResume-Service\nSelect-Object\nSelect-String\nSelect-XML\nSend-MailMessage\nSet-Acl\nSet-Alias\nSet-AppLockerPolicy\nSet-AuthenticodeSignature\nSet-BitsTransfer\nSet-Content\nSet-Date\nSet-ExecutionPolicy\nSet-Item\nSet-ItemProperty\nSet-Location\nSet-PSBreakpoint\nSet-PSDebug\nSet-PSSessionConfiguration\nSet-Service\nSet-StrictMode\nSet-TraceSource\nSet-Variable\nSet-WmiInstance\nSet-WSManInstance\nSet-WSManQuickConfig\nShow-EventLog\nSort-Object\nSplit-Path\nStart-BitsTransfer\nStart-Job\nStart-Process\nStart-Service\nStart-Sleep\nStart-Transaction\nStart-Transcript\nStop-Computer\nStop-Job\nStop-Process\nStop-Service\nStop-Transcript\nSuspend-BitsTransfer\nSuspend-Service\nTee-Object\nTest-AppLockerPolicy\nTest-ComputerSecureChannel\nTest-Connection\nTest-ModuleManifest\nTest-Path\nTest-WSMan\nTrace-Command\nUndo-Transaction\nUnregister-Event\nUnregister-PSSessionConfiguration\nUpdate-FormatData\nUpdate-List\nUpdate-TypeData\nUse-Transaction\nWait-Event\nWait-Job\nWait-Process\nWhere-Object\nWrite-Debug\nWrite-Error\nWrite-EventLog\nWrite-Host\nWrite-Output\nWrite-Progress\nWrite-Verbose\nWrite-Warning\n-EncodedCommand\n-ExecutionPolicy\n-PSConsoleFile\n", "name": "windows-powershell-commands.data", "type": "WAF_DATAFILE_PM_FROM_FILE" } ], "id": "test-waf-profile", "marked_for_delete": false, "name": "test-waf-profile", "overridden": false, "parent_path": "/infra", "path": "/infra/alb-waf-profiles/test-waf-profile", "relative_path": "test-waf-profile", "resource_type": "ALBWafProfile", "unique_id": "782c85c2-07de-4246-8841-08afe9ab3955" }

Required Permissions:

crud

Feature:

policy_lb

Additional Errors: