WaasClient

class oci.waas.WaasClient(config, **kwargs)

OCI Web Application Acceleration and Security Services

Methods

__init__(config, **kwargs)	Creates a new service client
accept_recommendations(waas_policy_id, …)	Accepts a list of recommended Web Application Firewall protection rules.
cancel_work_request(work_request_id, **kwargs)	Cancels a specified work request.
change_address_list_compartment(…)	Moves address list into a different compartment.
change_certificate_compartment(…)	Moves certificate into a different compartment.
change_custom_protection_rule_compartment(…)	Moves a custom protection rule into a different compartment within the same tenancy.
change_waas_policy_compartment(…)	Moves WAAS policy into a different compartment.
create_address_list(…)	Creates an address list in a set compartment and allows it to be used in a WAAS policy and referenced by access rules.
create_certificate(…)	Allows an SSL certificate to be added to a WAAS policy.
create_custom_protection_rule(…)	Creates a new custom protection rule in the specified compartment.
create_waas_policy(…)	Creates a new Web Application Acceleration and Security (WAAS) policy in the specified compartment.
delete_address_list(address_list_id, **kwargs)	Deletes the address list from the compartment if it is not used.
delete_certificate(certificate_id, **kwargs)	Deletes an SSL certificate from the WAAS service.
delete_custom_protection_rule(…)	Deletes a Custom Protection rule.
delete_waas_policy(waas_policy_id, **kwargs)	Deletes a policy.
get_address_list(address_list_id, **kwargs)	Gets the details of an address list.
get_certificate(certificate_id, **kwargs)	Gets the details of an SSL certificate.
get_custom_protection_rule(…)	Gets the details of a custom protection rule.
get_device_fingerprint_challenge(…)	Gets the device fingerprint challenge settings in the Web Application Firewall configuration for a WAAS policy.
get_human_interaction_challenge(…)	Gets the human interaction challenge settings in the Web Application Firewall configuration for a WAAS policy.
get_js_challenge(waas_policy_id, **kwargs)	Gets the JavaScript challenge settings in the Web Application Firewall configuration for a WAAS policy.
get_policy_config(waas_policy_id, **kwargs)	Gets the configuration of a WAAS policy.
get_protection_rule(waas_policy_id, …)	Gets the details of a protection rule in the Web Application Firewall configuration for a WAAS policy.
get_protection_settings(waas_policy_id, **kwargs)	Gets the protection settings in the Web Application Firewall configuration for a WAAS policy.
get_waas_policy(waas_policy_id, **kwargs)	Gets the details of a WAAS policy.
get_waf_address_rate_limiting(…)	Gets the address rate limiting settings of the Web Application Firewall configuration for a WAAS policy.
get_waf_config(waas_policy_id, **kwargs)	Gets the Web Application Firewall configuration details for a WAAS policy.
get_work_request(work_request_id, **kwargs)	Gets the details of a specified work request.
list_access_rules(waas_policy_id, **kwargs)	Gets the currently configured access rules for the Web Application Firewall configuration of a specified WAAS policy.
list_address_lists(compartment_id, **kwargs)	Gets a list of address lists that can be used in a WAAS policy.
list_caching_rules(waas_policy_id, **kwargs)	Gets the currently configured caching rules for the Web Application Firewall configuration of a specified WAAS policy.
list_captchas(waas_policy_id, **kwargs)	Gets the list of currently configured CAPTCHA challenges in the Web Application Firewall configuration of a WAAS policy.
list_certificates(compartment_id, **kwargs)	Gets a list of SSL certificates that can be used in a WAAS policy.
list_custom_protection_rules(compartment_id, …)	Gets a list of custom protection rules for the specified Web Application Firewall.
list_edge_subnets(**kwargs)	Return the list of the tenant’s edge node subnets.
list_good_bots(waas_policy_id, **kwargs)	Gets the list of good bots defined in the Web Application Firewall configuration for a WAAS policy.
list_protection_rules(waas_policy_id, **kwargs)	Gets the list of available protection rules for a WAAS policy.
list_recommendations(waas_policy_id, **kwargs)	Gets the list of recommended Web Application Firewall protection rules.
list_threat_feeds(waas_policy_id, **kwargs)	Gets the list of available web application threat intelligence feeds and the actions set for each feed.
list_waas_policies(compartment_id, **kwargs)	Gets a list of WAAS policies.
list_waas_policy_custom_protection_rules(…)	Gets the list of currently configured custom protection rules for a WAAS policy.
list_waf_blocked_requests(waas_policy_id, …)	Gets the number of blocked requests by a Web Application Firewall feature in five minute blocks, sorted by timeObserved in ascending order (starting from oldest data).
list_waf_logs(waas_policy_id, **kwargs)	Gets structured Web Application Firewall event logs for a WAAS policy.
list_waf_requests(waas_policy_id, **kwargs)	Gets the number of requests managed by a Web Application Firewall over a specified period of time, including blocked requests.
list_waf_traffic(waas_policy_id, **kwargs)	Gets the Web Application Firewall traffic data for a WAAS policy.
list_whitelists(waas_policy_id, **kwargs)	Gets the list of whitelists defined in the Web Application Firewall configuration for a WAAS policy.
list_work_requests(waas_policy_id, …)	Gets a list of subnets (CIDR notation) from which the WAAS EDGE may make requests.
purge_cache(waas_policy_id, **kwargs)	Performs a purge of the cache for each specified resource.
update_access_rules(waas_policy_id, …)	Updates the list of access rules in the Web Application Firewall configuration for a specified WAAS policy.
update_address_list(address_list_id, **kwargs)	Updates the details of an address list.
update_caching_rules(waas_policy_id, …)	Updates the configuration for each specified caching rule.
update_captchas(waas_policy_id, captchas, …)	Updates the list of CAPTCHA challenges in the Web Application Firewall configuration for a WAAS policy.
update_certificate(certificate_id, **kwargs)	It is not possible to update a certificate, only create and delete.
update_custom_protection_rule(…)	Updates the configuration of a custom protection rule.
update_device_fingerprint_challenge(…)	Updates the Device Fingerprint Challenge (DFC) settings in the Web Application Firewall configuration for a policy.
update_good_bots(waas_policy_id, good_bots, …)	Updates the list of good bots in the Web Application Firewall configuration for a policy.
update_human_interaction_challenge(…)	Updates the Human Interaction Challenge (HIC) settings in the Web Application Firewall configuration for a WAAS policy.
update_js_challenge(waas_policy_id, …)	Updates the JavaScript challenge settings in the Web Application Firewall configuration for a WAAS policy.
update_policy_config(waas_policy_id, …)	Updates the configuration for a WAAS policy.
update_protection_rules(waas_policy_id, …)	Updates the action for each specified protection rule.
update_protection_settings(waas_policy_id, …)	Updates the protection settings in the Web Application Firewall configuration for a WAAS policy.
update_threat_feeds(waas_policy_id, …)	Updates the action to take when a request’s IP address matches an address in the specified threat intelligence feed.
update_waas_policy(waas_policy_id, …)	Updates the details of a WAAS policy, including origins and tags.
update_waas_policy_custom_protection_rules(…)	Updates the action for each specified custom protection rule.
update_waf_address_rate_limiting(…)	Updates the address rate limiting settings in the Web Application Firewall configuration for a policy.
update_waf_config(waas_policy_id, …)	Updates the Web Application Firewall configuration for a specified WAAS policy.
update_whitelists(waas_policy_id, …)	Updates the list of IP addresses that bypass the Web Application Firewall for a WAAS policy.

__init__(config, **kwargs)

Creates a new service client

Parameters:

• config (dict) – Configuration keys and values as per SDK and Tool Configuration. The from_file() method can be used to load configuration from a file. Alternatively, a dict can be passed. You can validate_config the dict using validate_config()
• service_endpoint (str) – (optional) The endpoint of the service to call using this client. For example https://iaas.us-ashburn-1.oraclecloud.com. If this keyword argument is not provided then it will be derived using the region in the config parameter. You should only provide this keyword argument if you have an explicit need to specify a service endpoint.
• timeout (float or tuple(float, float)) – (optional) The connection and read timeouts for the client. The default values are connection timeout 10 seconds and read timeout 60 seconds. This keyword argument can be provided as a single float, in which case the value provided is used for both the read and connection timeouts, or as a tuple of two floats. If a tuple is provided then the first value is used as the connection timeout and the second value as the read timeout.
• signer (AbstractBaseSigner) –

  (optional) The signer to use when signing requests made by the service client. The default is to use a Signer based on the values provided in the config parameter.

  One use case for this parameter is for Instance Principals authentication by passing an instance of InstancePrincipalsSecurityTokenSigner as the value for this keyword argument

• retry_strategy (obj) –

  (optional) A retry strategy to apply to all calls made by this service client (i.e. at the client level). There is no retry strategy applied by default. Retry strategies can also be applied at the operation level by passing a retry_strategy keyword argument as part of calling the operation. Any value provided at the operation level will override whatever is specified at the client level.

  This should be one of the strategies available in the retry module. A convenience DEFAULT_RETRY_STRATEGY is also available. The specifics of the default retry strategy are described here.

• circuit_breaker_strategy (obj) – (optional) A circuit breaker strategy to apply to all calls made by this service client (i.e. at the client level). This client uses DEFAULT_CIRCUIT_BREAKER_STRATEGY as default if no circuit breaker strategy is provided. The specifics of circuit breaker strategy are described here.
• circuit_breaker_callback (function) – (optional) Callback function to receive any exceptions triggerred by the circuit breaker.
• client_level_realm_specific_endpoint_template_enabled (bool) – (optional) A boolean flag to indicate whether or not this client should be created with realm specific endpoint template enabled or disable. By default, this will be set as None.
• allow_control_chars – (optional) allow_control_chars is a boolean to indicate whether or not this client should allow control characters in the response object. By default, the client will not allow control characters to be in the response object.

accept_recommendations(waas_policy_id, protection_rule_keys, **kwargs)

Accepts a list of recommended Web Application Firewall protection rules. Web Application Firewall protection rule recommendations are sets of rules generated by observed traffic patterns through the Web Application Firewall and are meant to optimize the Web Application Firewall’s security profile. Only the rules specified in the request body will be updated; all other rules will remain unchanged.

Use the GET /waasPolicies/{waasPolicyId}/wafConfig/recommendations method to view a list of recommended Web Application Firewall protection rules. For more information, see WAF Protection Rules.

Parameters:

• waas_policy_id (str) –

  (required) The OCID of the WAAS policy.

• protection_rule_keys (list[str]) – (required)
• opc_request_id (str) – (optional) The unique Oracle-assigned identifier for the request. If you need to contact Oracle about a particular request, please provide the request ID.
• if_match (str) – (optional) For optimistic concurrency control. In the PUT or DELETE call for a resource, set the if-match parameter to the value of the etag from a previous GET or POST response for that resource. The resource will be updated or deleted only if the etag provided matches the resource’s current etag value.
• retry_strategy (obj) –

  (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level.

  This should be one of the strategies available in the retry module. This operation will not retry by default, users can also use the convenient DEFAULT_RETRY_STRATEGY provided by the SDK to enable retries for it. The specifics of the default retry strategy are described here.

  To have this operation explicitly not perform any retries, pass an instance of NoneRetryStrategy.

• allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings

Returns:

A Response object with data of type None

Return type:

Response

Example:

Click here to see an example of how to use accept_recommendations API.

cancel_work_request(work_request_id, **kwargs)

Cancels a specified work request.

Parameters:

• work_request_id (str) –

  (required) The OCID of the work request. This number is generated when work request is created.

• opc_request_id (str) – (optional) The unique Oracle-assigned identifier for the request. If you need to contact Oracle about a particular request, please provide the request ID.
• opc_retry_token (str) – (optional) A token that uniquely identifies a request so it can be retried in case of a timeout or server error without risk of executing that same action again. Retry tokens expire after 24 hours, but can be invalidated before then due to conflicting operations Example: If a resource has been deleted and purged from the system, then a retry of the original delete request may be rejected.
• if_match (str) – (optional) For optimistic concurrency control. In the PUT or DELETE call for a resource, set the if-match parameter to the value of the etag from a previous GET or POST response for that resource. The resource will be updated or deleted only if the etag provided matches the resource’s current etag value.
• retry_strategy (obj) –

  (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level.

  This should be one of the strategies available in the retry module. This operation will not retry by default, users can also use the convenient DEFAULT_RETRY_STRATEGY provided by the SDK to enable retries for it. The specifics of the default retry strategy are described here.

  To have this operation explicitly not perform any retries, pass an instance of NoneRetryStrategy.

• allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings

Returns:

A Response object with data of type None

Return type:

Response

Example:

Click here to see an example of how to use cancel_work_request API.

change_address_list_compartment(address_list_id, change_address_list_compartment_details, **kwargs)

Moves address list into a different compartment. When provided, If-Match is checked against ETag values of the address list. For information about moving resources between compartments, see Moving Resources to a Different Compartment.

Parameters:

• address_list_id (str) –

  (required) The OCID of the address list. This number is generated when the address list is added to the compartment.

• change_address_list_compartment_details (oci.waas.models.ChangeAddressListCompartmentDetails) – (required)
• if_match (str) – (optional) For optimistic concurrency control. In the PUT or DELETE call for a resource, set the if-match parameter to the value of the etag from a previous GET or POST response for that resource. The resource will be updated or deleted only if the etag provided matches the resource’s current etag value.
• opc_request_id (str) – (optional) The unique Oracle-assigned identifier for the request. If you need to contact Oracle about a particular request, please provide the request ID.
• opc_retry_token (str) – (optional) A token that uniquely identifies a request so it can be retried in case of a timeout or server error without risk of executing that same action again. Retry tokens expire after 24 hours, but can be invalidated before then due to conflicting operations Example: If a resource has been deleted and purged from the system, then a retry of the original delete request may be rejected.
• retry_strategy (obj) –

  (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level.

  This should be one of the strategies available in the retry module. This operation will not retry by default, users can also use the convenient DEFAULT_RETRY_STRATEGY provided by the SDK to enable retries for it. The specifics of the default retry strategy are described here.

  To have this operation explicitly not perform any retries, pass an instance of NoneRetryStrategy.

• allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings

Returns:

A Response object with data of type None

Return type:

Response

Example:

Click here to see an example of how to use change_address_list_compartment API.

change_certificate_compartment(certificate_id, change_certificate_compartment_details, **kwargs)

Moves certificate into a different compartment. When provided, If-Match is checked against ETag values of the certificate. For information about moving resources between compartments, see Moving Resources to a Different Compartment.

Parameters:

• certificate_id (str) –

  (required) The OCID of the SSL certificate used in the WAAS policy. This number is generated when the certificate is added to the policy.

• change_certificate_compartment_details (oci.waas.models.ChangeCertificateCompartmentDetails) – (required)
• if_match (str) – (optional) For optimistic concurrency control. In the PUT or DELETE call for a resource, set the if-match parameter to the value of the etag from a previous GET or POST response for that resource. The resource will be updated or deleted only if the etag provided matches the resource’s current etag value.
• opc_request_id (str) – (optional) The unique Oracle-assigned identifier for the request. If you need to contact Oracle about a particular request, please provide the request ID.
• opc_retry_token (str) – (optional) A token that uniquely identifies a request so it can be retried in case of a timeout or server error without risk of executing that same action again. Retry tokens expire after 24 hours, but can be invalidated before then due to conflicting operations Example: If a resource has been deleted and purged from the system, then a retry of the original delete request may be rejected.
• retry_strategy (obj) –

  (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level.

  This should be one of the strategies available in the retry module. This operation will not retry by default, users can also use the convenient DEFAULT_RETRY_STRATEGY provided by the SDK to enable retries for it. The specifics of the default retry strategy are described here.

  To have this operation explicitly not perform any retries, pass an instance of NoneRetryStrategy.

• allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings

Returns:

A Response object with data of type None

Return type:

Response

Example:

Click here to see an example of how to use change_certificate_compartment API.

change_custom_protection_rule_compartment(custom_protection_rule_id, change_custom_protection_rule_compartment_details, **kwargs)

Moves a custom protection rule into a different compartment within the same tenancy. When provided, If-Match is checked against ETag values of the custom protection rule. For information about moving resources between compartments, see Moving Resources to a Different Compartment.

Parameters:

• custom_protection_rule_id (str) –

  (required) The OCID of the custom protection rule. This number is generated when the custom protection rule is added to the compartment.

• change_custom_protection_rule_compartment_details (oci.waas.models.ChangeCustomProtectionRuleCompartmentDetails) – (required)
• if_match (str) – (optional) For optimistic concurrency control. In the PUT or DELETE call for a resource, set the if-match parameter to the value of the etag from a previous GET or POST response for that resource. The resource will be updated or deleted only if the etag provided matches the resource’s current etag value.
• opc_request_id (str) – (optional) The unique Oracle-assigned identifier for the request. If you need to contact Oracle about a particular request, please provide the request ID.
• opc_retry_token (str) – (optional) A token that uniquely identifies a request so it can be retried in case of a timeout or server error without risk of executing that same action again. Retry tokens expire after 24 hours, but can be invalidated before then due to conflicting operations Example: If a resource has been deleted and purged from the system, then a retry of the original delete request may be rejected.
• retry_strategy (obj) –

  (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level.

  This should be one of the strategies available in the retry module. This operation will not retry by default, users can also use the convenient DEFAULT_RETRY_STRATEGY provided by the SDK to enable retries for it. The specifics of the default retry strategy are described here.

  To have this operation explicitly not perform any retries, pass an instance of NoneRetryStrategy.

• allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings

Returns:

A Response object with data of type None

Return type:

Response

Example:

Click here to see an example of how to use change_custom_protection_rule_compartment API.

change_waas_policy_compartment(waas_policy_id, change_waas_policy_compartment_details, **kwargs)

Moves WAAS policy into a different compartment. When provided, If-Match is checked against ETag values of the WAAS policy. For information about moving resources between compartments, see Moving Resources to a Different Compartment.

Parameters:

• waas_policy_id (str) –

  (required) The OCID of the WAAS policy.

• change_waas_policy_compartment_details (oci.waas.models.ChangeWaasPolicyCompartmentDetails) – (required)
• if_match (str) – (optional) For optimistic concurrency control. In the PUT or DELETE call for a resource, set the if-match parameter to the value of the etag from a previous GET or POST response for that resource. The resource will be updated or deleted only if the etag provided matches the resource’s current etag value.
• opc_request_id (str) – (optional) The unique Oracle-assigned identifier for the request. If you need to contact Oracle about a particular request, please provide the request ID.
• opc_retry_token (str) – (optional) A token that uniquely identifies a request so it can be retried in case of a timeout or server error without risk of executing that same action again. Retry tokens expire after 24 hours, but can be invalidated before then due to conflicting operations Example: If a resource has been deleted and purged from the system, then a retry of the original delete request may be rejected.
• retry_strategy (obj) –

  (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level.

  This should be one of the strategies available in the retry module. This operation will not retry by default, users can also use the convenient DEFAULT_RETRY_STRATEGY provided by the SDK to enable retries for it. The specifics of the default retry strategy are described here.

  To have this operation explicitly not perform any retries, pass an instance of NoneRetryStrategy.

• allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings

Returns:

A Response object with data of type None

Return type:

Response

Example:

Click here to see an example of how to use change_waas_policy_compartment API.

create_address_list(create_address_list_details, **kwargs)

Creates an address list in a set compartment and allows it to be used in a WAAS policy and referenced by access rules. Addresses can be IP addresses and CIDR notations.

Parameters:

• create_address_list_details (oci.waas.models.CreateAddressListDetails) – (required) The details of the address list resource to create.
• opc_request_id (str) – (optional) The unique Oracle-assigned identifier for the request. If you need to contact Oracle about a particular request, please provide the request ID.
• opc_retry_token (str) – (optional) A token that uniquely identifies a request so it can be retried in case of a timeout or server error without risk of executing that same action again. Retry tokens expire after 24 hours, but can be invalidated before then due to conflicting operations Example: If a resource has been deleted and purged from the system, then a retry of the original delete request may be rejected.
• retry_strategy (obj) –

  (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level.

  This should be one of the strategies available in the retry module. This operation will not retry by default, users can also use the convenient DEFAULT_RETRY_STRATEGY provided by the SDK to enable retries for it. The specifics of the default retry strategy are described here.

  To have this operation explicitly not perform any retries, pass an instance of NoneRetryStrategy.

• allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings

Returns:

A Response object with data of type AddressList

Return type:

Response

Example:

Click here to see an example of how to use create_address_list API.

create_certificate(create_certificate_details, **kwargs)

Allows an SSL certificate to be added to a WAAS policy. The Web Application Firewall terminates SSL connections to inspect requests in runtime, and then re-encrypts requests before sending them to the origin for fulfillment.

For more information, see WAF Settings.

Parameters:

• create_certificate_details (oci.waas.models.CreateCertificateDetails) – (required) The details of the SSL certificate resource to create.
• opc_request_id (str) – (optional) The unique Oracle-assigned identifier for the request. If you need to contact Oracle about a particular request, please provide the request ID.
• opc_retry_token (str) – (optional) A token that uniquely identifies a request so it can be retried in case of a timeout or server error without risk of executing that same action again. Retry tokens expire after 24 hours, but can be invalidated before then due to conflicting operations Example: If a resource has been deleted and purged from the system, then a retry of the original delete request may be rejected.
• retry_strategy (obj) –

  (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level.

  This should be one of the strategies available in the retry module. This operation will not retry by default, users can also use the convenient DEFAULT_RETRY_STRATEGY provided by the SDK to enable retries for it. The specifics of the default retry strategy are described here.

  To have this operation explicitly not perform any retries, pass an instance of NoneRetryStrategy.

• allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings

Returns:

A Response object with data of type Certificate

Return type:

Response

Example:

Click here to see an example of how to use create_certificate API.

create_custom_protection_rule(create_custom_protection_rule_details, **kwargs)

Creates a new custom protection rule in the specified compartment.

Custom protection rules allow you to create rules in addition to the rulesets provided by the Web Application Firewall service, including rules from ModSecurity. The syntax for custom rules is based on the ModSecurity syntax. For more information about custom protection rules, see Custom Protection Rules.

Parameters:

• create_custom_protection_rule_details (oci.waas.models.CreateCustomProtectionRuleDetails) – (required) The details of the custom protection rule.
• opc_request_id (str) – (optional) The unique Oracle-assigned identifier for the request. If you need to contact Oracle about a particular request, please provide the request ID.
• opc_retry_token (str) – (optional) A token that uniquely identifies a request so it can be retried in case of a timeout or server error without risk of executing that same action again. Retry tokens expire after 24 hours, but can be invalidated before then due to conflicting operations Example: If a resource has been deleted and purged from the system, then a retry of the original delete request may be rejected.
• retry_strategy (obj) –

  (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level.

  This should be one of the strategies available in the retry module. This operation will not retry by default, users can also use the convenient DEFAULT_RETRY_STRATEGY provided by the SDK to enable retries for it. The specifics of the default retry strategy are described here.

  To have this operation explicitly not perform any retries, pass an instance of NoneRetryStrategy.

• allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings

Returns:

A Response object with data of type CustomProtectionRule

Return type:

Response

Example:

Click here to see an example of how to use create_custom_protection_rule API.

create_waas_policy(create_waas_policy_details, **kwargs)

Creates a new Web Application Acceleration and Security (WAAS) policy in the specified compartment. A WAAS policy must be established before creating Web Application Firewall (WAF) rules. To use WAF rules, your web application’s origin servers must defined in the WaasPolicy schema.

A domain name must be specified when creating a WAAS policy. The domain name should be different from the origins specified in your WaasPolicy. Once domain name is entered and stored, it is unchangeable.

Use the record data returned in the cname field of the WaasPolicy object to create a CNAME record in your DNS configuration that will direct your domain’s traffic through the WAF.

For the purposes of access control, you must provide the OCID of the compartment where you want the service to reside. For information about access control and compartments, see Overview of the IAM Service.

You must specify a display name and domain for the WAAS policy. The display name does not have to be unique and can be changed. The domain name should be different from every origin specified in WaasPolicy.

All Oracle Cloud Infrastructure resources, including WAAS policies, receive a unique, Oracle-assigned ID called an Oracle Cloud Identifier (OCID). When a resource is created, you can find its OCID in the response. You can also retrieve a resource’s OCID by using a list API operation for that resource type, or by viewing the resource in the Console. Fore more information, see Resource Identifiers.

Note: After sending the POST request, the new object’s state will temporarily be CREATING. Ensure that the resource’s state has changed to ACTIVE before use.

Parameters:

• create_waas_policy_details (oci.waas.models.CreateWaasPolicyDetails) – (required) The details of the WAAS policy.
• opc_request_id (str) – (optional) The unique Oracle-assigned identifier for the request. If you need to contact Oracle about a particular request, please provide the request ID.
• opc_retry_token (str) – (optional) A token that uniquely identifies a request so it can be retried in case of a timeout or server error without risk of executing that same action again. Retry tokens expire after 24 hours, but can be invalidated before then due to conflicting operations Example: If a resource has been deleted and purged from the system, then a retry of the original delete request may be rejected.
• retry_strategy (obj) –

  (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level.

  This should be one of the strategies available in the retry module. This operation will not retry by default, users can also use the convenient DEFAULT_RETRY_STRATEGY provided by the SDK to enable retries for it. The specifics of the default retry strategy are described here.

  To have this operation explicitly not perform any retries, pass an instance of NoneRetryStrategy.

• allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings

Returns:

A Response object with data of type None

Return type:

Response

Example:

Click here to see an example of how to use create_waas_policy API.

delete_address_list(address_list_id, **kwargs)

Deletes the address list from the compartment if it is not used.

Parameters:

• address_list_id (str) –

  (required) The OCID of the address list. This number is generated when the address list is added to the compartment.

• opc_request_id (str) – (optional) The unique Oracle-assigned identifier for the request. If you need to contact Oracle about a particular request, please provide the request ID.
• opc_retry_token (str) – (optional) A token that uniquely identifies a request so it can be retried in case of a timeout or server error without risk of executing that same action again. Retry tokens expire after 24 hours, but can be invalidated before then due to conflicting operations Example: If a resource has been deleted and purged from the system, then a retry of the original delete request may be rejected.
• if_match (str) – (optional) For optimistic concurrency control. In the PUT or DELETE call for a resource, set the if-match parameter to the value of the etag from a previous GET or POST response for that resource. The resource will be updated or deleted only if the etag provided matches the resource’s current etag value.
• retry_strategy (obj) –

  (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level.

  This should be one of the strategies available in the retry module. This operation will not retry by default, users can also use the convenient DEFAULT_RETRY_STRATEGY provided by the SDK to enable retries for it. The specifics of the default retry strategy are described here.

  To have this operation explicitly not perform any retries, pass an instance of NoneRetryStrategy.

• allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings

Returns:

A Response object with data of type None

Return type:

Response

Example:

Click here to see an example of how to use delete_address_list API.

delete_certificate(certificate_id, **kwargs)

Deletes an SSL certificate from the WAAS service.

Parameters:

• certificate_id (str) –

  (required) The OCID of the SSL certificate used in the WAAS policy. This number is generated when the certificate is added to the policy.

• opc_request_id (str) – (optional) The unique Oracle-assigned identifier for the request. If you need to contact Oracle about a particular request, please provide the request ID.
• opc_retry_token (str) – (optional) A token that uniquely identifies a request so it can be retried in case of a timeout or server error without risk of executing that same action again. Retry tokens expire after 24 hours, but can be invalidated before then due to conflicting operations Example: If a resource has been deleted and purged from the system, then a retry of the original delete request may be rejected.
• if_match (str) – (optional) For optimistic concurrency control. In the PUT or DELETE call for a resource, set the if-match parameter to the value of the etag from a previous GET or POST response for that resource. The resource will be updated or deleted only if the etag provided matches the resource’s current etag value.
• retry_strategy (obj) –

  (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level.

  This should be one of the strategies available in the retry module. This operation will not retry by default, users can also use the convenient DEFAULT_RETRY_STRATEGY provided by the SDK to enable retries for it. The specifics of the default retry strategy are described here.

  To have this operation explicitly not perform any retries, pass an instance of NoneRetryStrategy.

• allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings

Returns:

A Response object with data of type None

Return type:

Response

Example:

Click here to see an example of how to use delete_certificate API.

delete_custom_protection_rule(custom_protection_rule_id, **kwargs)

Deletes a Custom Protection rule.

Parameters:

• custom_protection_rule_id (str) –

  (required) The OCID of the custom protection rule. This number is generated when the custom protection rule is added to the compartment.

• opc_request_id (str) – (optional) The unique Oracle-assigned identifier for the request. If you need to contact Oracle about a particular request, please provide the request ID.
• opc_retry_token (str) – (optional) A token that uniquely identifies a request so it can be retried in case of a timeout or server error without risk of executing that same action again. Retry tokens expire after 24 hours, but can be invalidated before then due to conflicting operations Example: If a resource has been deleted and purged from the system, then a retry of the original delete request may be rejected.
• if_match (str) – (optional) For optimistic concurrency control. In the PUT or DELETE call for a resource, set the if-match parameter to the value of the etag from a previous GET or POST response for that resource. The resource will be updated or deleted only if the etag provided matches the resource’s current etag value.
• retry_strategy (obj) –

  (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level.

  This should be one of the strategies available in the retry module. This operation will not retry by default, users can also use the convenient DEFAULT_RETRY_STRATEGY provided by the SDK to enable retries for it. The specifics of the default retry strategy are described here.

  To have this operation explicitly not perform any retries, pass an instance of NoneRetryStrategy.

• allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings

Returns:

A Response object with data of type None

Return type:

Response

Example:

Click here to see an example of how to use delete_custom_protection_rule API.

delete_waas_policy(waas_policy_id, **kwargs)

Deletes a policy.

Parameters:

• waas_policy_id (str) –

  (required) The OCID of the WAAS policy.

• opc_request_id (str) – (optional) The unique Oracle-assigned identifier for the request. If you need to contact Oracle about a particular request, please provide the request ID.
• opc_retry_token (str) – (optional) A token that uniquely identifies a request so it can be retried in case of a timeout or server error without risk of executing that same action again. Retry tokens expire after 24 hours, but can be invalidated before then due to conflicting operations Example: If a resource has been deleted and purged from the system, then a retry of the original delete request may be rejected.
• if_match (str) – (optional) For optimistic concurrency control. In the PUT or DELETE call for a resource, set the if-match parameter to the value of the etag from a previous GET or POST response for that resource. The resource will be updated or deleted only if the etag provided matches the resource’s current etag value.
• retry_strategy (obj) –

  (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level.

  This should be one of the strategies available in the retry module. This operation will not retry by default, users can also use the convenient DEFAULT_RETRY_STRATEGY provided by the SDK to enable retries for it. The specifics of the default retry strategy are described here.

  To have this operation explicitly not perform any retries, pass an instance of NoneRetryStrategy.

• allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings

Returns:

A Response object with data of type None

Return type:

Response

Example:

Click here to see an example of how to use delete_waas_policy API.

get_address_list(address_list_id, **kwargs)

Gets the details of an address list.

Parameters:

• address_list_id (str) –

  (required) The OCID of the address list. This number is generated when the address list is added to the compartment.

• opc_request_id (str) – (optional) The unique Oracle-assigned identifier for the request. If you need to contact Oracle about a particular request, please provide the request ID.
• retry_strategy (obj) –

  (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level.

  This should be one of the strategies available in the retry module. This operation uses DEFAULT_RETRY_STRATEGY as default if no retry strategy is provided. The specifics of the default retry strategy are described here.

  To have this operation explicitly not perform any retries, pass an instance of NoneRetryStrategy.

• allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings

Returns:

A Response object with data of type AddressList

Return type:

Response

Example:

Click here to see an example of how to use get_address_list API.

get_certificate(certificate_id, **kwargs)

Gets the details of an SSL certificate.

Parameters:

• certificate_id (str) –

  (required) The OCID of the SSL certificate used in the WAAS policy. This number is generated when the certificate is added to the policy.

• opc_request_id (str) – (optional) The unique Oracle-assigned identifier for the request. If you need to contact Oracle about a particular request, please provide the request ID.
• retry_strategy (obj) –

  (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level.

  This should be one of the strategies available in the retry module. This operation uses DEFAULT_RETRY_STRATEGY as default if no retry strategy is provided. The specifics of the default retry strategy are described here.

  To have this operation explicitly not perform any retries, pass an instance of NoneRetryStrategy.

• allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings

Returns:

A Response object with data of type Certificate

Return type:

Response

Example:

Click here to see an example of how to use get_certificate API.

get_custom_protection_rule(custom_protection_rule_id, **kwargs)

Gets the details of a custom protection rule.

Parameters:

• custom_protection_rule_id (str) –

  (required) The OCID of the custom protection rule. This number is generated when the custom protection rule is added to the compartment.

• opc_request_id (str) – (optional) The unique Oracle-assigned identifier for the request. If you need to contact Oracle about a particular request, please provide the request ID.
• retry_strategy (obj) –

  (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level.

  This should be one of the strategies available in the retry module. This operation uses DEFAULT_RETRY_STRATEGY as default if no retry strategy is provided. The specifics of the default retry strategy are described here.

  To have this operation explicitly not perform any retries, pass an instance of NoneRetryStrategy.

• allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings

Returns:

A Response object with data of type CustomProtectionRule

Return type:

Response

Example:

Click here to see an example of how to use get_custom_protection_rule API.

get_device_fingerprint_challenge(waas_policy_id, **kwargs)

Gets the device fingerprint challenge settings in the Web Application Firewall configuration for a WAAS policy.

Parameters:

• waas_policy_id (str) –

  (required) The OCID of the WAAS policy.

• opc_request_id (str) – (optional) The unique Oracle-assigned identifier for the request. If you need to contact Oracle about a particular request, please provide the request ID.
• retry_strategy (obj) –

  (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level.

  This should be one of the strategies available in the retry module. This operation uses DEFAULT_RETRY_STRATEGY as default if no retry strategy is provided. The specifics of the default retry strategy are described here.

  To have this operation explicitly not perform any retries, pass an instance of NoneRetryStrategy.

• allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings

Returns:

A Response object with data of type DeviceFingerprintChallenge

Return type:

Response

Example:

Click here to see an example of how to use get_device_fingerprint_challenge API.

get_human_interaction_challenge(waas_policy_id, **kwargs)

Gets the human interaction challenge settings in the Web Application Firewall configuration for a WAAS policy.

Parameters:

• waas_policy_id (str) –

  (required) The OCID of the WAAS policy.

• opc_request_id (str) – (optional) The unique Oracle-assigned identifier for the request. If you need to contact Oracle about a particular request, please provide the request ID.
• retry_strategy (obj) –

  (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level.

  This should be one of the strategies available in the retry module. This operation uses DEFAULT_RETRY_STRATEGY as default if no retry strategy is provided. The specifics of the default retry strategy are described here.

  To have this operation explicitly not perform any retries, pass an instance of NoneRetryStrategy.

• allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings

Returns:

A Response object with data of type HumanInteractionChallenge

Return type:

Response

Example:

Click here to see an example of how to use get_human_interaction_challenge API.

get_js_challenge(waas_policy_id, **kwargs)

Gets the JavaScript challenge settings in the Web Application Firewall configuration for a WAAS policy.

Parameters:

• waas_policy_id (str) –

  (required) The OCID of the WAAS policy.

• opc_request_id (str) – (optional) The unique Oracle-assigned identifier for the request. If you need to contact Oracle about a particular request, please provide the request ID.
• retry_strategy (obj) –

  (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level.

  This should be one of the strategies available in the retry module. This operation uses DEFAULT_RETRY_STRATEGY as default if no retry strategy is provided. The specifics of the default retry strategy are described here.

  To have this operation explicitly not perform any retries, pass an instance of NoneRetryStrategy.

• allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings

Returns:

A Response object with data of type JsChallenge

Return type:

Response

Example:

Click here to see an example of how to use get_js_challenge API.

get_policy_config(waas_policy_id, **kwargs)

Gets the configuration of a WAAS policy.

Parameters:

• waas_policy_id (str) –

  (required) The OCID of the WAAS policy.

• opc_request_id (str) – (optional) The unique Oracle-assigned identifier for the request. If you need to contact Oracle about a particular request, please provide the request ID.
• retry_strategy (obj) –

  (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level.

  This should be one of the strategies available in the retry module. This operation uses DEFAULT_RETRY_STRATEGY as default if no retry strategy is provided. The specifics of the default retry strategy are described here.

  To have this operation explicitly not perform any retries, pass an instance of NoneRetryStrategy.

• allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings

Returns:

A Response object with data of type PolicyConfig

Return type:

Response

Example:

Click here to see an example of how to use get_policy_config API.

get_protection_rule(waas_policy_id, protection_rule_key, **kwargs)

Gets the details of a protection rule in the Web Application Firewall configuration for a WAAS policy.

Parameters:

• waas_policy_id (str) –

  (required) The OCID of the WAAS policy.

• protection_rule_key (str) – (required) The protection rule key.
• opc_request_id (str) – (optional) The unique Oracle-assigned identifier for the request. If you need to contact Oracle about a particular request, please provide the request ID.
• retry_strategy (obj) –

  (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level.

  This should be one of the strategies available in the retry module. This operation uses DEFAULT_RETRY_STRATEGY as default if no retry strategy is provided. The specifics of the default retry strategy are described here.

  To have this operation explicitly not perform any retries, pass an instance of NoneRetryStrategy.

• allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings

Returns:

A Response object with data of type ProtectionRule

Return type:

Response

Example:

Click here to see an example of how to use get_protection_rule API.

get_protection_settings(waas_policy_id, **kwargs)

Gets the protection settings in the Web Application Firewall configuration for a WAAS policy.

Parameters:

• waas_policy_id (str) –

  (required) The OCID of the WAAS policy.

• opc_request_id (str) – (optional) The unique Oracle-assigned identifier for the request. If you need to contact Oracle about a particular request, please provide the request ID.
• retry_strategy (obj) –

  (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level.

  This should be one of the strategies available in the retry module. This operation uses DEFAULT_RETRY_STRATEGY as default if no retry strategy is provided. The specifics of the default retry strategy are described here.

  To have this operation explicitly not perform any retries, pass an instance of NoneRetryStrategy.

• allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings

Returns:

A Response object with data of type ProtectionSettings

Return type:

Response

Example:

Click here to see an example of how to use get_protection_settings API.

get_waas_policy(waas_policy_id, **kwargs)

Gets the details of a WAAS policy.

Parameters:

• waas_policy_id (str) –

  (required) The OCID of the WAAS policy.

• opc_request_id (str) – (optional) The unique Oracle-assigned identifier for the request. If you need to contact Oracle about a particular request, please provide the request ID.
• retry_strategy (obj) –

  (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level.

  This should be one of the strategies available in the retry module. This operation uses DEFAULT_RETRY_STRATEGY as default if no retry strategy is provided. The specifics of the default retry strategy are described here.

  To have this operation explicitly not perform any retries, pass an instance of NoneRetryStrategy.

• allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings

Returns:

A Response object with data of type WaasPolicy

Return type:

Response

Example:

Click here to see an example of how to use get_waas_policy API.

get_waf_address_rate_limiting(waas_policy_id, **kwargs)

Gets the address rate limiting settings of the Web Application Firewall configuration for a WAAS policy.

Parameters:

• waas_policy_id (str) –

  (required) The OCID of the WAAS policy.

• opc_request_id (str) – (optional) The unique Oracle-assigned identifier for the request. If you need to contact Oracle about a particular request, please provide the request ID.
• retry_strategy (obj) –

  (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level.

  This should be one of the strategies available in the retry module. This operation uses DEFAULT_RETRY_STRATEGY as default if no retry strategy is provided. The specifics of the default retry strategy are described here.

  To have this operation explicitly not perform any retries, pass an instance of NoneRetryStrategy.

• allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings

Returns:

A Response object with data of type AddressRateLimiting

Return type:

Response

Example:

Click here to see an example of how to use get_waf_address_rate_limiting API.

get_waf_config(waas_policy_id, **kwargs)

Gets the Web Application Firewall configuration details for a WAAS policy.

Parameters:

• waas_policy_id (str) –

  (required) The OCID of the WAAS policy.

• opc_request_id (str) – (optional) The unique Oracle-assigned identifier for the request. If you need to contact Oracle about a particular request, please provide the request ID.
• retry_strategy (obj) –

  (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level.

  This should be one of the strategies available in the retry module. This operation uses DEFAULT_RETRY_STRATEGY as default if no retry strategy is provided. The specifics of the default retry strategy are described here.

  To have this operation explicitly not perform any retries, pass an instance of NoneRetryStrategy.

• allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings

Returns:

A Response object with data of type WafConfig

Return type:

Response

Example:

Click here to see an example of how to use get_waf_config API.

get_work_request(work_request_id, **kwargs)

Gets the details of a specified work request.

Parameters:

• work_request_id (str) –

  (required) The OCID of the work request. This number is generated when work request is created.

• opc_request_id (str) – (optional) The unique Oracle-assigned identifier for the request. If you need to contact Oracle about a particular request, please provide the request ID.
• retry_strategy (obj) –

  (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level.

  This should be one of the strategies available in the retry module. This operation uses DEFAULT_RETRY_STRATEGY as default if no retry strategy is provided. The specifics of the default retry strategy are described here.

  To have this operation explicitly not perform any retries, pass an instance of NoneRetryStrategy.

• allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings

Returns:

A Response object with data of type WorkRequest

Return type:

Response

Example:

Click here to see an example of how to use get_work_request API.

list_access_rules(waas_policy_id, **kwargs)

Gets the currently configured access rules for the Web Application Firewall configuration of a specified WAAS policy. The order of the access rules is important. The rules will be checked in the order they are specified and the first matching rule will be used.

Parameters:

• waas_policy_id (str) –

  (required) The OCID of the WAAS policy.

• opc_request_id (str) – (optional) The unique Oracle-assigned identifier for the request. If you need to contact Oracle about a particular request, please provide the request ID.
• limit (int) – (optional) The maximum number of items to return in a paginated call. If unspecified, defaults to 10.
• page (str) – (optional) The value of the opc-next-page response header from the previous paginated call.
• retry_strategy (obj) –

  (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level.

  This should be one of the strategies available in the retry module. This operation uses DEFAULT_RETRY_STRATEGY as default if no retry strategy is provided. The specifics of the default retry strategy are described here.

  To have this operation explicitly not perform any retries, pass an instance of NoneRetryStrategy.

• allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings

Returns:

A Response object with data of type list of AccessRule

Return type:

Response

Example:

Click here to see an example of how to use list_access_rules API.

list_address_lists(compartment_id, **kwargs)

Gets a list of address lists that can be used in a WAAS policy.

Parameters:

• compartment_id (str) –

  (required) The OCID of the compartment. This number is generated when the compartment is created.

• opc_request_id (str) – (optional) The unique Oracle-assigned identifier for the request. If you need to contact Oracle about a particular request, please provide the request ID.
• limit (int) – (optional) The maximum number of items to return in a paginated call. If unspecified, defaults to 10.
• page (str) – (optional) The value of the opc-next-page response header from the previous paginated call.
• sort_by (str) –

  (optional) The value by which address lists are sorted in a paginated ‘List’ call. If unspecified, defaults to timeCreated.

  Allowed values are: “id”, “name”, “timeCreated”

• sort_order (str) –

  (optional) The value of the sorting direction of resources in a paginated ‘List’ call. If unspecified, defaults to DESC.

  Allowed values are: “ASC”, “DESC”

• id (list[str]) – (optional) Filter address lists using a list of address lists OCIDs.
• name (list[str]) – (optional) Filter address lists using a list of names.
• lifecycle_state (list[str]) –

  (optional) Filter address lists using a list of lifecycle states.

  Allowed values are: “CREATING”, “ACTIVE”, “FAILED”, “UPDATING”, “DELETING”, “DELETED”

• time_created_greater_than_or_equal_to (datetime) – (optional) A filter that matches address lists created on or after the specified date-time.
• time_created_less_than (datetime) – (optional) A filter that matches address lists created before the specified date-time.
• retry_strategy (obj) –

  (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level.

  This should be one of the strategies available in the retry module. This operation uses DEFAULT_RETRY_STRATEGY as default if no retry strategy is provided. The specifics of the default retry strategy are described here.

  To have this operation explicitly not perform any retries, pass an instance of NoneRetryStrategy.

• allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings

Returns:

A Response object with data of type list of AddressListSummary

Return type:

Response

Example:

Click here to see an example of how to use list_address_lists API.

list_caching_rules(waas_policy_id, **kwargs)

Gets the currently configured caching rules for the Web Application Firewall configuration of a specified WAAS policy. The rules are processed in the order they are specified in and the first matching rule will be used when processing a request.

Parameters:

• waas_policy_id (str) –

  (required) The OCID of the WAAS policy.

• opc_request_id (str) – (optional) The unique Oracle-assigned identifier for the request. If you need to contact Oracle about a particular request, please provide the request ID.
• limit (int) – (optional) The maximum number of items to return in a paginated call. If unspecified, defaults to 10.
• page (str) – (optional) The value of the opc-next-page response header from the previous paginated call.
• retry_strategy (obj) –

  (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level.

  This should be one of the strategies available in the retry module. This operation uses DEFAULT_RETRY_STRATEGY as default if no retry strategy is provided. The specifics of the default retry strategy are described here.

  To have this operation explicitly not perform any retries, pass an instance of NoneRetryStrategy.

• allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings

Returns:

A Response object with data of type list of CachingRuleSummary

Return type:

Response

Example:

Click here to see an example of how to use list_caching_rules API.

list_captchas(waas_policy_id, **kwargs)

Gets the list of currently configured CAPTCHA challenges in the Web Application Firewall configuration of a WAAS policy.

The order of the CAPTCHA challenges is important. The URL for each CAPTCHA will be checked in the order they are created.

Parameters:

• waas_policy_id (str) –

  (required) The OCID of the WAAS policy.

• opc_request_id (str) – (optional) The unique Oracle-assigned identifier for the request. If you need to contact Oracle about a particular request, please provide the request ID.
• limit (int) – (optional) The maximum number of items to return in a paginated call. If unspecified, defaults to 10.
• page (str) – (optional) The value of the opc-next-page response header from the previous paginated call.
• retry_strategy (obj) –

  (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level.

  This should be one of the strategies available in the retry module. This operation uses DEFAULT_RETRY_STRATEGY as default if no retry strategy is provided. The specifics of the default retry strategy are described here.

  To have this operation explicitly not perform any retries, pass an instance of NoneRetryStrategy.

• allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings

Returns:

A Response object with data of type list of Captcha

Return type:

Response

Example:

Click here to see an example of how to use list_captchas API.

list_certificates(compartment_id, **kwargs)

Gets a list of SSL certificates that can be used in a WAAS policy.

Parameters:

• compartment_id (str) –

  (required) The OCID of the compartment. This number is generated when the compartment is created.

• opc_request_id (str) – (optional) The unique Oracle-assigned identifier for the request. If you need to contact Oracle about a particular request, please provide the request ID.
• limit (int) – (optional) The maximum number of items to return in a paginated call. If unspecified, defaults to 10.
• page (str) – (optional) The value of the opc-next-page response header from the previous paginated call.
• sort_by (str) –

  (optional) The value by which certificate summaries are sorted in a paginated ‘List’ call. If unspecified, defaults to timeCreated.

  Allowed values are: “id”, “compartmentId”, “displayName”, “notValidAfter”, “timeCreated”

• sort_order (str) –

  (optional) The value of the sorting direction of resources in a paginated ‘List’ call. If unspecified, defaults to DESC.

  Allowed values are: “ASC”, “DESC”

• id (list[str]) – (optional) Filter certificates using a list of certificates OCIDs.
• display_name (list[str]) – (optional) Filter certificates using a list of display names.
• lifecycle_state (list[str]) –

  (optional) Filter certificates using a list of lifecycle states.

  Allowed values are: “CREATING”, “ACTIVE”, “FAILED”, “UPDATING”, “DELETING”, “DELETED”

• time_created_greater_than_or_equal_to (datetime) – (optional) A filter that matches certificates created on or after the specified date-time.
• time_created_less_than (datetime) – (optional) A filter that matches certificates created before the specified date-time.
• retry_strategy (obj) –

  (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level.

  This should be one of the strategies available in the retry module. This operation uses DEFAULT_RETRY_STRATEGY as default if no retry strategy is provided. The specifics of the default retry strategy are described here.

  To have this operation explicitly not perform any retries, pass an instance of NoneRetryStrategy.

• allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings

Returns:

A Response object with data of type list of CertificateSummary

Return type:

Response

Example:

Click here to see an example of how to use list_certificates API.

list_custom_protection_rules(compartment_id, **kwargs)

Gets a list of custom protection rules for the specified Web Application Firewall.

Parameters:

• compartment_id (str) –

  (required) The OCID of the compartment. This number is generated when the compartment is created.

• opc_request_id (str) – (optional) The unique Oracle-assigned identifier for the request. If you need to contact Oracle about a particular request, please provide the request ID.
• limit (int) – (optional) The maximum number of items to return in a paginated call. If unspecified, defaults to 10.
• page (str) – (optional) The value of the opc-next-page response header from the previous paginated call.
• sort_by (str) –

  (optional) The value by which custom protection rules are sorted in a paginated ‘List’ call. If unspecified, defaults to timeCreated.

  Allowed values are: “id”, “compartmentId”, “displayName”, “modSecurityRuleId”, “timeCreated”

• sort_order (str) –

  (optional) The value of the sorting direction of resources in a paginated ‘List’ call. If unspecified, defaults to DESC.

  Allowed values are: “ASC”, “DESC”

• id (list[str]) – (optional) Filter custom protection rules using a list of custom protection rule OCIDs.
• display_name (list[str]) – (optional) Filter custom protection rules using a list of display names.
• lifecycle_state (list[str]) –

  (optional) Filter Custom Protection rules using a list of lifecycle states.

  Allowed values are: “CREATING”, “ACTIVE”, “FAILED”, “UPDATING”, “DELETING”, “DELETED”

• time_created_greater_than_or_equal_to (datetime) – (optional) A filter that matches Custom Protection rules created on or after the specified date-time.
• time_created_less_than (datetime) – (optional) A filter that matches custom protection rules created before the specified date-time.
• retry_strategy (obj) –

  (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level.

  This should be one of the strategies available in the retry module. This operation uses DEFAULT_RETRY_STRATEGY as default if no retry strategy is provided. The specifics of the default retry strategy are described here.

  To have this operation explicitly not perform any retries, pass an instance of NoneRetryStrategy.

• allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings

Returns:

A Response object with data of type list of CustomProtectionRuleSummary

Return type:

Response

Example:

Click here to see an example of how to use list_custom_protection_rules API.

list_edge_subnets(**kwargs)

Return the list of the tenant’s edge node subnets. Use these CIDR blocks to restrict incoming traffic to your origin. These subnets are owned by OCI and forward traffic to customer origins. They are not associated with specific regions or compartments.

Parameters:

• opc_request_id (str) – (optional) The unique Oracle-assigned identifier for the request. If you need to contact Oracle about a particular request, please provide the request ID.
• limit (int) – (optional) The maximum number of items to return in a paginated call. If unspecified, defaults to 10.
• page (str) – (optional) The value of the opc-next-page response header from the previous paginated call.
• sort_by (str) –

  (optional) The value by which edge node subnets are sorted in a paginated ‘List’ call. If unspecified, defaults to timeModified.

  Allowed values are: “cidr”, “region”, “timeModified”

• sort_order (str) –

  (optional) The value of the sorting direction of resources in a paginated ‘List’ call. If unspecified, defaults to DESC.

  Allowed values are: “ASC”, “DESC”

• retry_strategy (obj) –

  (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level.

  This should be one of the strategies available in the retry module. This operation uses DEFAULT_RETRY_STRATEGY as default if no retry strategy is provided. The specifics of the default retry strategy are described here.

  To have this operation explicitly not perform any retries, pass an instance of NoneRetryStrategy.

• allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings

Returns:

A Response object with data of type list of EdgeSubnet

Return type:

Response

Example:

Click here to see an example of how to use list_edge_subnets API.

list_good_bots(waas_policy_id, **kwargs)

Gets the list of good bots defined in the Web Application Firewall configuration for a WAAS policy.

The list is sorted by key, in ascending order.

Parameters:

• waas_policy_id (str) –

  (required) The OCID of the WAAS policy.

• opc_request_id (str) – (optional) The unique Oracle-assigned identifier for the request. If you need to contact Oracle about a particular request, please provide the request ID.
• limit (int) – (optional) The maximum number of items to return in a paginated call. If unspecified, defaults to 10.
• page (str) – (optional) The value of the opc-next-page response header from the previous paginated call.
• retry_strategy (obj) –

  (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level.

  This should be one of the strategies available in the retry module. This operation uses DEFAULT_RETRY_STRATEGY as default if no retry strategy is provided. The specifics of the default retry strategy are described here.

  To have this operation explicitly not perform any retries, pass an instance of NoneRetryStrategy.

• allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings

Returns:

A Response object with data of type list of GoodBot

Return type:

Response

Example:

Click here to see an example of how to use list_good_bots API.

list_protection_rules(waas_policy_id, **kwargs)

Gets the list of available protection rules for a WAAS policy. Use the GetWafConfig operation to view a list of currently configured protection rules for the Web Application Firewall, or use the ListRecommendations operation to get a list of recommended protection rules for the Web Application Firewall. The list is sorted by key, in ascending order.

Parameters:

• waas_policy_id (str) –

  (required) The OCID of the WAAS policy.

• opc_request_id (str) – (optional) The unique Oracle-assigned identifier for the request. If you need to contact Oracle about a particular request, please provide the request ID.
• limit (int) – (optional) The maximum number of items to return in a paginated call. If unspecified, defaults to 10.
• page (str) – (optional) The value of the opc-next-page response header from the previous paginated call.
• mod_security_rule_id (list[str]) – (optional) Filter rules using a list of ModSecurity rule IDs.
• action (list[str]) –

  (optional) Filter rules using a list of actions.

  Allowed values are: “OFF”, “DETECT”, “BLOCK”

• retry_strategy (obj) –

  (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level.

  This should be one of the strategies available in the retry module. This operation uses DEFAULT_RETRY_STRATEGY as default if no retry strategy is provided. The specifics of the default retry strategy are described here.

  To have this operation explicitly not perform any retries, pass an instance of NoneRetryStrategy.

• allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings

Returns:

A Response object with data of type list of ProtectionRule

Return type:

Response

Example:

Click here to see an example of how to use list_protection_rules API.

list_recommendations(waas_policy_id, **kwargs)

Gets the list of recommended Web Application Firewall protection rules.

Use the POST /waasPolicies/{waasPolicyId}/actions/acceptWafConfigRecommendations method to accept recommended Web Application Firewall protection rules. For more information, see WAF Protection Rules. The list is sorted by key, in ascending order.

Parameters:

• waas_policy_id (str) –

  (required) The OCID of the WAAS policy.

• opc_request_id (str) – (optional) The unique Oracle-assigned identifier for the request. If you need to contact Oracle about a particular request, please provide the request ID.
• recommended_action (str) –

  (optional) A filter that matches recommended protection rules based on the selected action. If unspecified, rules with any action type are returned.

  Allowed values are: “DETECT”, “BLOCK”

• limit (int) – (optional) The maximum number of items to return in a paginated call. If unspecified, defaults to 10.
• page (str) – (optional) The value of the opc-next-page response header from the previous paginated call.
• retry_strategy (obj) –

  (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level.

  This should be one of the strategies available in the retry module. This operation uses DEFAULT_RETRY_STRATEGY as default if no retry strategy is provided. The specifics of the default retry strategy are described here.

  To have this operation explicitly not perform any retries, pass an instance of NoneRetryStrategy.

• allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings

Returns:

A Response object with data of type list of Recommendation

Return type:

Response

Example:

Click here to see an example of how to use list_recommendations API.

list_threat_feeds(waas_policy_id, **kwargs)

Gets the list of available web application threat intelligence feeds and the actions set for each feed. The list is sorted by key, in ascending order.

Parameters:

• waas_policy_id (str) –

  (required) The OCID of the WAAS policy.

• opc_request_id (str) – (optional) The unique Oracle-assigned identifier for the request. If you need to contact Oracle about a particular request, please provide the request ID.
• limit (int) – (optional) The maximum number of items to return in a paginated call. If unspecified, defaults to 10.
• page (str) – (optional) The value of the opc-next-page response header from the previous paginated call.
• retry_strategy (obj) –

  (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level.

  This should be one of the strategies available in the retry module. This operation uses DEFAULT_RETRY_STRATEGY as default if no retry strategy is provided. The specifics of the default retry strategy are described here.

  To have this operation explicitly not perform any retries, pass an instance of NoneRetryStrategy.

• allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings

Returns:

A Response object with data of type list of ThreatFeed

Return type:

Response

Example:

Click here to see an example of how to use list_threat_feeds API.

list_waas_policies(compartment_id, **kwargs)

Gets a list of WAAS policies.

Parameters:

• compartment_id (str) –

  (required) The OCID of the compartment. This number is generated when the compartment is created.

• opc_request_id (str) – (optional) The unique Oracle-assigned identifier for the request. If you need to contact Oracle about a particular request, please provide the request ID.
• limit (int) – (optional) The maximum number of items to return in a paginated call. If unspecified, defaults to 10.
• page (str) – (optional) The value of the opc-next-page response header from the previous paginated call.
• sort_by (str) –

  (optional) The value by which policies are sorted in a paginated ‘List’ call. If unspecified, defaults to timeCreated.

  Allowed values are: “id”, “displayName”, “timeCreated”

• sort_order (str) –

  (optional) The value of the sorting direction of resources in a paginated ‘List’ call. If unspecified, defaults to DESC.

  Allowed values are: “ASC”, “DESC”

• id (list[str]) – (optional) Filter policies using a list of policy OCIDs.
• display_name (list[str]) – (optional) Filter policies using a list of display names.
• lifecycle_state (list[str]) –

  (optional) Filter policies using a list of lifecycle states.

  Allowed values are: “CREATING”, “ACTIVE”, “FAILED”, “UPDATING”, “DELETING”, “DELETED”

• time_created_greater_than_or_equal_to (datetime) – (optional) A filter that matches policies created on or after the specified date and time.
• time_created_less_than (datetime) – (optional) A filter that matches policies created before the specified date-time.
• retry_strategy (obj) –

  (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level.

  This should be one of the strategies available in the retry module. This operation uses DEFAULT_RETRY_STRATEGY as default if no retry strategy is provided. The specifics of the default retry strategy are described here.

  To have this operation explicitly not perform any retries, pass an instance of NoneRetryStrategy.

• allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings

Returns:

A Response object with data of type list of WaasPolicySummary

Return type:

Response

Example:

Click here to see an example of how to use list_waas_policies API.

list_waas_policy_custom_protection_rules(waas_policy_id, **kwargs)

Gets the list of currently configured custom protection rules for a WAAS policy.

Parameters:

• waas_policy_id (str) –

  (required) The OCID of the WAAS policy.

• opc_request_id (str) – (optional) The unique Oracle-assigned identifier for the request. If you need to contact Oracle about a particular request, please provide the request ID.
• limit (int) – (optional) The maximum number of items to return in a paginated call. If unspecified, defaults to 10.
• page (str) – (optional) The value of the opc-next-page response header from the previous paginated call.
• mod_security_rule_id (list[str]) – (optional) Filter rules using a list of ModSecurity rule IDs.
• action (list[str]) –

  (optional) Filter rules using a list of actions.

  Allowed values are: “DETECT”, “BLOCK”

• retry_strategy (obj) –

  (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level.

  This should be one of the strategies available in the retry module. This operation uses DEFAULT_RETRY_STRATEGY as default if no retry strategy is provided. The specifics of the default retry strategy are described here.

  To have this operation explicitly not perform any retries, pass an instance of NoneRetryStrategy.

• allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings

Returns:

A Response object with data of type list of WaasPolicyCustomProtectionRuleSummary

Return type:

Response

Example:

Click here to see an example of how to use list_waas_policy_custom_protection_rules API.

list_waf_blocked_requests(waas_policy_id, **kwargs)

Gets the number of blocked requests by a Web Application Firewall feature in five minute blocks, sorted by timeObserved in ascending order (starting from oldest data).

Parameters:

• waas_policy_id (str) –

  (required) The OCID of the WAAS policy.

• opc_request_id (str) – (optional) The unique Oracle-assigned identifier for the request. If you need to contact Oracle about a particular request, please provide the request ID.
• time_observed_greater_than_or_equal_to (datetime) – (optional) A filter that limits returned events to those occurring on or after a date and time, specified in RFC 3339 format. If unspecified, defaults to 30 minutes before receipt of the request.
• time_observed_less_than (datetime) – (optional) A filter that limits returned events to those occurring before a date and time, specified in RFC 3339 format.
• limit (int) – (optional) The maximum number of items to return in a paginated call. If unspecified, defaults to 10.
• page (str) – (optional) The value of the opc-next-page response header from the previous paginated call.
• waf_feature (list[str]) –

  (optional) Filter stats by the Web Application Firewall feature that triggered the block action. If unspecified, data for all WAF features will be returned.

  Allowed values are: “PROTECTION_RULES”, “JS_CHALLENGE”, “ACCESS_RULES”, “THREAT_FEEDS”, “HUMAN_INTERACTION_CHALLENGE”, “DEVICE_FINGERPRINT_CHALLENGE”, “CAPTCHA”, “ADDRESS_RATE_LIMITING”

• retry_strategy (obj) –

  (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level.

  This should be one of the strategies available in the retry module. This operation uses DEFAULT_RETRY_STRATEGY as default if no retry strategy is provided. The specifics of the default retry strategy are described here.

  To have this operation explicitly not perform any retries, pass an instance of NoneRetryStrategy.

• allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings

Returns:

A Response object with data of type list of WafBlockedRequest

Return type:

Response

Example:

Click here to see an example of how to use list_waf_blocked_requests API.

list_waf_logs(waas_policy_id, **kwargs)

Gets structured Web Application Firewall event logs for a WAAS policy. Sorted by the timeObserved in ascending order (starting from the oldest recorded event).

Parameters:

• waas_policy_id (str) –

  (required) The OCID of the WAAS policy.

• opc_request_id (str) – (optional) The unique Oracle-assigned identifier for the request. If you need to contact Oracle about a particular request, please provide the request ID.
• limit (int) – (optional) The maximum number of items to return in a paginated call. If unspecified, defaults to 20.
• page (str) – (optional) The value of the opc-next-page response header from the previous paginated call.
• time_observed_greater_than_or_equal_to (datetime) – (optional) A filter that matches log entries where the observed event occurred on or after a date and time specified in RFC 3339 format. If unspecified, defaults to two hours before receipt of the request.
• time_observed_less_than (datetime) – (optional) A filter that matches log entries where the observed event occurred before a date and time, specified in RFC 3339 format.
• text_contains (str) – (optional) A full text search for logs.
• access_rule_key (list[str]) – (optional) Filters logs by access rule key.
• action (list[str]) –

  (optional) Filters logs by Web Application Firewall action.

  Allowed values are: “BLOCK”, “DETECT”, “BYPASS”, “LOG”, “REDIRECTED”

• client_address (list[str]) – (optional) Filters logs by client IP address.
• country_code (list[str]) –

  (optional) Filters logs by country code. Country codes are in ISO 3166-1 alpha-2 format. For a list of codes, see ISO’s website.

• country_name (list[str]) – (optional) Filter logs by country name.
• fingerprint (list[str]) – (optional) Filter logs by device fingerprint.
• http_method (list[str]) –

  (optional) Filter logs by HTTP method.

  Allowed values are: “OPTIONS”, “GET”, “HEAD”, “POST”, “PUT”, “DELETE”, “TRACE”, “CONNECT”

• incident_key (list[str]) – (optional) Filter logs by incident key.
• log_type (list[str]) –

  (optional) Filter by log type. For more information about WAF logs, see Logs.

  Allowed values are: “ACCESS”, “PROTECTION_RULES”, “JS_CHALLENGE”, “CAPTCHA”, “ACCESS_RULES”, “THREAT_FEEDS”, “HUMAN_INTERACTION_CHALLENGE”, “DEVICE_FINGERPRINT_CHALLENGE”, “ADDRESS_RATE_LIMITING”

• origin_address (list[str]) – (optional) Filter by origin IP address.
• referrer (list[str]) – (optional) Filter by referrer.
• request_url (list[str]) – (optional) Filter by request URL.
• response_code (list[int]) – (optional) Filter by response code.
• threat_feed_key (list[str]) – (optional) Filter by threat feed key.
• user_agent (list[str]) – (optional) Filter by user agent.
• protection_rule_key (list[str]) – (optional) Filter by protection rule key.
• retry_strategy (obj) –

  (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level.

  This should be one of the strategies available in the retry module. This operation uses DEFAULT_RETRY_STRATEGY as default if no retry strategy is provided. The specifics of the default retry strategy are described here.

  To have this operation explicitly not perform any retries, pass an instance of NoneRetryStrategy.

• allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings

Returns:

A Response object with data of type list of WafLog

Return type:

Response

Example:

Click here to see an example of how to use list_waf_logs API.

list_waf_requests(waas_policy_id, **kwargs)

Gets the number of requests managed by a Web Application Firewall over a specified period of time, including blocked requests. Sorted by timeObserved in ascending order (starting from oldest requests).

Parameters:

• waas_policy_id (str) –

  (required) The OCID of the WAAS policy.

• opc_request_id (str) – (optional) The unique Oracle-assigned identifier for the request. If you need to contact Oracle about a particular request, please provide the request ID.
• time_observed_greater_than_or_equal_to (datetime) – (optional) A filter that limits returned events to those occurring on or after a date and time, specified in RFC 3339 format. If unspecified, defaults to 30 minutes before receipt of the request.
• time_observed_less_than (datetime) – (optional) A filter that limits returned events to those occurring before a date and time, specified in RFC 3339 format.
• limit (int) – (optional) The maximum number of items to return in a paginated call. If unspecified, defaults to 10.
• page (str) – (optional) The value of the opc-next-page response header from the previous paginated call.
• retry_strategy (obj) –

  (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level.

  This should be one of the strategies available in the retry module. This operation uses DEFAULT_RETRY_STRATEGY as default if no retry strategy is provided. The specifics of the default retry strategy are described here.

  To have this operation explicitly not perform any retries, pass an instance of NoneRetryStrategy.

• allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings

Returns:

A Response object with data of type list of WafRequest

Return type:

Response

Example:

Click here to see an example of how to use list_waf_requests API.

list_waf_traffic(waas_policy_id, **kwargs)

Gets the Web Application Firewall traffic data for a WAAS policy. Sorted by timeObserved in ascending order (starting from oldest data).

Parameters:

• waas_policy_id (str) –

  (required) The OCID of the WAAS policy.

• opc_request_id (str) – (optional) The unique Oracle-assigned identifier for the request. If you need to contact Oracle about a particular request, please provide the request ID.
• time_observed_greater_than_or_equal_to (datetime) – (optional) A filter that limits returned events to those occurring on or after a date and time, specified in RFC 3339 format. If unspecified, defaults to 30 minutes before receipt of the request.
• time_observed_less_than (datetime) – (optional) A filter that limits returned events to those occurring before a date and time, specified in RFC 3339 format.
• limit (int) – (optional) The maximum number of items to return in a paginated call. If unspecified, defaults to 10.
• page (str) – (optional) The value of the opc-next-page response header from the previous paginated call.
• retry_strategy (obj) –

  (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level.

  This should be one of the strategies available in the retry module. This operation uses DEFAULT_RETRY_STRATEGY as default if no retry strategy is provided. The specifics of the default retry strategy are described here.

  To have this operation explicitly not perform any retries, pass an instance of NoneRetryStrategy.

• allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings

Returns:

A Response object with data of type list of WafTrafficDatum

Return type:

Response

Example:

Click here to see an example of how to use list_waf_traffic API.

list_whitelists(waas_policy_id, **kwargs)

Gets the list of whitelists defined in the Web Application Firewall configuration for a WAAS policy.

Parameters:

• waas_policy_id (str) –

  (required) The OCID of the WAAS policy.

• opc_request_id (str) – (optional) The unique Oracle-assigned identifier for the request. If you need to contact Oracle about a particular request, please provide the request ID.
• limit (int) – (optional) The maximum number of items to return in a paginated call. If unspecified, defaults to 10.
• page (str) – (optional) The value of the opc-next-page response header from the previous paginated call.
• retry_strategy (obj) –

  (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level.

  This should be one of the strategies available in the retry module. This operation uses DEFAULT_RETRY_STRATEGY as default if no retry strategy is provided. The specifics of the default retry strategy are described here.

  To have this operation explicitly not perform any retries, pass an instance of NoneRetryStrategy.

• allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings

Returns:

A Response object with data of type list of Whitelist

Return type:

Response

Example:

Click here to see an example of how to use list_whitelists API.

list_work_requests(waas_policy_id, compartment_id, **kwargs)

Gets a list of subnets (CIDR notation) from which the WAAS EDGE may make requests. The subnets are owned by OCI and forward traffic to your origins. Allow traffic from these subnets to your origins. They are not associated with specific regions or compartments.

Parameters:

• waas_policy_id (str) –

  (required) The OCID of the policy.

• compartment_id (str) –

  (required) The OCID of the compartment. This number is generated when the compartment is created.

• opc_request_id (str) – (optional) The unique Oracle-assigned identifier for the request. If you need to contact Oracle about a particular request, please provide the request ID.
• limit (int) – (optional) The maximum number of items to return in a paginated call. If unspecified, defaults to 10.
• page (str) – (optional) The value of the opc-next-page response header from the previous paginated call.
• sort_by (str) –

  (optional) The value by which work requests are sorted in a paginated ‘List’ call. If unspecified, defaults to timeAccepted.

  Allowed values are: “id”, “status”, “timeAccepted”, “timeStarted”, “timeFinished”, “operationType”

• sort_order (str) –

  (optional) The value of the sorting direction of resources in a paginated ‘List’ call. If unspecified, defaults to DESC.

  Allowed values are: “ASC”, “DESC”

• retry_strategy (obj) –

  (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level.

  This should be one of the strategies available in the retry module. This operation uses DEFAULT_RETRY_STRATEGY as default if no retry strategy is provided. The specifics of the default retry strategy are described here.

  To have this operation explicitly not perform any retries, pass an instance of NoneRetryStrategy.

• allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings

Returns:

A Response object with data of type list of WorkRequestSummary

Return type:

Response

Example:

Click here to see an example of how to use list_work_requests API.

purge_cache(waas_policy_id, **kwargs)

Performs a purge of the cache for each specified resource. If no resources are passed, the cache for the entire Web Application Firewall will be purged. For more information, see Caching Rules.

Parameters:

• waas_policy_id (str) –

  (required) The OCID of the WAAS policy.

• opc_request_id (str) – (optional) The unique Oracle-assigned identifier for the request. If you need to contact Oracle about a particular request, please provide the request ID.
• if_match (str) – (optional) For optimistic concurrency control. In the PUT or DELETE call for a resource, set the if-match parameter to the value of the etag from a previous GET or POST response for that resource. The resource will be updated or deleted only if the etag provided matches the resource’s current etag value.
• purge_cache (oci.waas.models.PurgeCache) – (optional)
• retry_strategy (obj) –

  (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level.

  This should be one of the strategies available in the retry module. This operation will not retry by default, users can also use the convenient DEFAULT_RETRY_STRATEGY provided by the SDK to enable retries for it. The specifics of the default retry strategy are described here.

  To have this operation explicitly not perform any retries, pass an instance of NoneRetryStrategy.

• allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings

Returns:

A Response object with data of type None

Return type:

Response

Example:

Click here to see an example of how to use purge_cache API.

update_access_rules(waas_policy_id, access_rules, **kwargs)

Updates the list of access rules in the Web Application Firewall configuration for a specified WAAS policy. Access rules allow explicit actions to be defined and executed for requests that meet various conditions. A rule action can be set to allow, detect, or block requests. The detect setting allows the request to pass through the Web Application Firewall and is tagged with a DETECT flag in the Web Application Firewall’s log.

This operation can create, delete, update, and/or reorder access rules depending on the structure of the request body.

Access rules can be updated by changing the properties of the access rule object with the rule’s key specified in the key field. Access rules can be reordered by changing the order of the access rules in the list when updating.

Access rules can be created by adding a new access rule object to the list without a key property specified. A key will be generated for the new access rule upon update.

Any existing access rules that are not specified with a key in the list of access rules will be deleted upon update.

Parameters:

• waas_policy_id (str) –

  (required) The OCID of the WAAS policy.

• access_rules (oci.waas.models.list[AccessRule]) – (required)
• opc_request_id (str) – (optional) The unique Oracle-assigned identifier for the request. If you need to contact Oracle about a particular request, please provide the request ID.
• opc_retry_token (str) – (optional) A token that uniquely identifies a request so it can be retried in case of a timeout or server error without risk of executing that same action again. Retry tokens expire after 24 hours, but can be invalidated before then due to conflicting operations Example: If a resource has been deleted and purged from the system, then a retry of the original delete request may be rejected.
• if_match (str) – (optional) For optimistic concurrency control. In the PUT or DELETE call for a resource, set the if-match parameter to the value of the etag from a previous GET or POST response for that resource. The resource will be updated or deleted only if the etag provided matches the resource’s current etag value.
• retry_strategy (obj) –

  (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level.

  This should be one of the strategies available in the retry module. This operation will not retry by default, users can also use the convenient DEFAULT_RETRY_STRATEGY provided by the SDK to enable retries for it. The specifics of the default retry strategy are described here.

  To have this operation explicitly not perform any retries, pass an instance of NoneRetryStrategy.

• allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings

Returns:

A Response object with data of type None

Return type:

Response

Example:

Click here to see an example of how to use update_access_rules API.

update_address_list(address_list_id, **kwargs)

Updates the details of an address list. Only the fields specified in the request body will be updated; all other properties will remain unchanged.

Parameters:

• address_list_id (str) –

  (required) The OCID of the address list. This number is generated when the address list is added to the compartment.

• opc_request_id (str) – (optional) The unique Oracle-assigned identifier for the request. If you need to contact Oracle about a particular request, please provide the request ID.
• if_match (str) – (optional) For optimistic concurrency control. In the PUT or DELETE call for a resource, set the if-match parameter to the value of the etag from a previous GET or POST response for that resource. The resource will be updated or deleted only if the etag provided matches the resource’s current etag value.
• update_address_list_details (oci.waas.models.UpdateAddressListDetails) – (optional) The details of the address list to update.
• retry_strategy (obj) –

  (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level.

  This should be one of the strategies available in the retry module. This operation will not retry by default, users can also use the convenient DEFAULT_RETRY_STRATEGY provided by the SDK to enable retries for it. The specifics of the default retry strategy are described here.

  To have this operation explicitly not perform any retries, pass an instance of NoneRetryStrategy.

• allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings

Returns:

A Response object with data of type AddressList

Return type:

Response

Example:

Click here to see an example of how to use update_address_list API.

update_caching_rules(waas_policy_id, caching_rules_details, **kwargs)

Updates the configuration for each specified caching rule.

Caching rules WAF policies allow you to selectively cache content on Oracle Cloud Infrastructure’s edge servers, such as webpages or certain file types. For more information about caching rules, see Caching Rules.

This operation can create, delete, update, and/or reorder caching rules depending on the structure of the request body. Caching rules can be updated by changing the properties of the caching rule object with the rule’s key specified in the key field. Any existing caching rules that are not specified with a key in the list of access rules will be deleted upon update.

The order the caching rules are specified in is important. The rules are processed in the order they are specified and the first matching rule will be used when processing a request. Use ListCachingRules to view a list of all available caching rules in a compartment.

Parameters:

• waas_policy_id (str) –

  (required) The OCID of the WAAS policy.

• caching_rules_details (oci.waas.models.list[CachingRule]) – (required)
• opc_request_id (str) – (optional) The unique Oracle-assigned identifier for the request. If you need to contact Oracle about a particular request, please provide the request ID.
• opc_retry_token (str) – (optional) A token that uniquely identifies a request so it can be retried in case of a timeout or server error without risk of executing that same action again. Retry tokens expire after 24 hours, but can be invalidated before then due to conflicting operations Example: If a resource has been deleted and purged from the system, then a retry of the original delete request may be rejected.
• if_match (str) – (optional) For optimistic concurrency control. In the PUT or DELETE call for a resource, set the if-match parameter to the value of the etag from a previous GET or POST response for that resource. The resource will be updated or deleted only if the etag provided matches the resource’s current etag value.
• retry_strategy (obj) –

  (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level.

  This should be one of the strategies available in the retry module. This operation will not retry by default, users can also use the convenient DEFAULT_RETRY_STRATEGY provided by the SDK to enable retries for it. The specifics of the default retry strategy are described here.

  To have this operation explicitly not perform any retries, pass an instance of NoneRetryStrategy.

• allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings

Returns:

A Response object with data of type None

Return type:

Response

Example:

Click here to see an example of how to use update_caching_rules API.

update_captchas(waas_policy_id, captchas, **kwargs)

Updates the list of CAPTCHA challenges in the Web Application Firewall configuration for a WAAS policy. This operation can create, update, or delete CAPTCHAs depending on the structure of the request body. CAPTCHA challenges can be updated by changing the properties of the CAPTCHA object with the rule’s key specified in the key field. CAPTCHA challenges can be reordered by changing the order of the CAPTCHA challenges in the list when updating.

CAPTCHA challenges can be created by adding a new access rule object to the list without a key property specified. A key will be generated for the new CAPTCHA challenges upon update.

Any existing CAPTCHA challenges that are not specified with a key in the list of CAPTCHA challenges will be deleted upon update.

Query parameters are allowed in CAPTCHA URL.

Parameters:

• waas_policy_id (str) –

  (required) The OCID of the WAAS policy.

• captchas (oci.waas.models.list[Captcha]) – (required) A list of CAPTCHA details.
• opc_request_id (str) – (optional) The unique Oracle-assigned identifier for the request. If you need to contact Oracle about a particular request, please provide the request ID.
• opc_retry_token (str) – (optional) A token that uniquely identifies a request so it can be retried in case of a timeout or server error without risk of executing that same action again. Retry tokens expire after 24 hours, but can be invalidated before then due to conflicting operations Example: If a resource has been deleted and purged from the system, then a retry of the original delete request may be rejected.
• if_match (str) – (optional) For optimistic concurrency control. In the PUT or DELETE call for a resource, set the if-match parameter to the value of the etag from a previous GET or POST response for that resource. The resource will be updated or deleted only if the etag provided matches the resource’s current etag value.
• retry_strategy (obj) –

  (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level.

  This should be one of the strategies available in the retry module. This operation will not retry by default, users can also use the convenient DEFAULT_RETRY_STRATEGY provided by the SDK to enable retries for it. The specifics of the default retry strategy are described here.

  To have this operation explicitly not perform any retries, pass an instance of NoneRetryStrategy.

• allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings

Returns:

A Response object with data of type None

Return type:

Response

Example:

Click here to see an example of how to use update_captchas API.

update_certificate(certificate_id, **kwargs)

It is not possible to update a certificate, only create and delete. Therefore, this operation can only update the display name, freeform tags, and defined tags of a certificate.

Parameters:

• certificate_id (str) –

  (required) The OCID of the SSL certificate used in the WAAS policy. This number is generated when the certificate is added to the policy.

• opc_request_id (str) – (optional) The unique Oracle-assigned identifier for the request. If you need to contact Oracle about a particular request, please provide the request ID.
• if_match (str) – (optional) For optimistic concurrency control. In the PUT or DELETE call for a resource, set the if-match parameter to the value of the etag from a previous GET or POST response for that resource. The resource will be updated or deleted only if the etag provided matches the resource’s current etag value.
• update_certificate_details (oci.waas.models.UpdateCertificateDetails) – (optional) The new display name, freeform tags, and defined tags to apply to a certificate.
• retry_strategy (obj) –

  (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level.

  This should be one of the strategies available in the retry module. This operation will not retry by default, users can also use the convenient DEFAULT_RETRY_STRATEGY provided by the SDK to enable retries for it. The specifics of the default retry strategy are described here.

  To have this operation explicitly not perform any retries, pass an instance of NoneRetryStrategy.

• allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings

Returns:

A Response object with data of type Certificate

Return type:

Response

Example:

Click here to see an example of how to use update_certificate API.

update_custom_protection_rule(custom_protection_rule_id, update_custom_protection_rule_details, **kwargs)

Updates the configuration of a custom protection rule. Only the fields specified in the request body will be updated; all other properties will remain unchanged.

Parameters:

• custom_protection_rule_id (str) –

  (required) The OCID of the custom protection rule. This number is generated when the custom protection rule is added to the compartment.

• update_custom_protection_rule_details (oci.waas.models.UpdateCustomProtectionRuleDetails) – (required) The details of the custom protection rule to update.
• opc_request_id (str) – (optional) The unique Oracle-assigned identifier for the request. If you need to contact Oracle about a particular request, please provide the request ID.
• opc_retry_token (str) – (optional) A token that uniquely identifies a request so it can be retried in case of a timeout or server error without risk of executing that same action again. Retry tokens expire after 24 hours, but can be invalidated before then due to conflicting operations Example: If a resource has been deleted and purged from the system, then a retry of the original delete request may be rejected.
• if_match (str) – (optional) For optimistic concurrency control. In the PUT or DELETE call for a resource, set the if-match parameter to the value of the etag from a previous GET or POST response for that resource. The resource will be updated or deleted only if the etag provided matches the resource’s current etag value.
• retry_strategy (obj) –

  (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level.

  This should be one of the strategies available in the retry module. This operation will not retry by default, users can also use the convenient DEFAULT_RETRY_STRATEGY provided by the SDK to enable retries for it. The specifics of the default retry strategy are described here.

  To have this operation explicitly not perform any retries, pass an instance of NoneRetryStrategy.

• allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings

Returns:

A Response object with data of type CustomProtectionRule

Return type:

Response

Example:

Click here to see an example of how to use update_custom_protection_rule API.

update_device_fingerprint_challenge(waas_policy_id, update_device_fingerprint_challenge_details, **kwargs)

Updates the Device Fingerprint Challenge (DFC) settings in the Web Application Firewall configuration for a policy. The DFC generates a hashed signature of both virtual and real browsers based on 50+ attributes. These proprietary signatures are then leveraged for real-time correlation to identify and block malicious bots.

The signature is based on a library of attributes detected via JavaScript listeners; the attributes include OS, screen resolution, fonts, UserAgent, IP address, etc. We are constantly making improvements and considering new libraries to include in our DFC build. We can also exclude attributes from the signature as needed.

DFC collects attributes to generate a hashed signature about a client - if a fingerprint is not possible, then it will result in a block or alert action. Actions can be enforced across multiple devices if they share they have the same fingerprint.

Parameters:

• waas_policy_id (str) –

  (required) The OCID of the WAAS policy.

• update_device_fingerprint_challenge_details (oci.waas.models.DeviceFingerprintChallenge) – (required) The device fingerprint challenge settings to be updated.
• opc_request_id (str) – (optional) The unique Oracle-assigned identifier for the request. If you need to contact Oracle about a particular request, please provide the request ID.
• opc_retry_token (str) – (optional) A token that uniquely identifies a request so it can be retried in case of a timeout or server error without risk of executing that same action again. Retry tokens expire after 24 hours, but can be invalidated before then due to conflicting operations Example: If a resource has been deleted and purged from the system, then a retry of the original delete request may be rejected.
• if_match (str) – (optional) For optimistic concurrency control. In the PUT or DELETE call for a resource, set the if-match parameter to the value of the etag from a previous GET or POST response for that resource. The resource will be updated or deleted only if the etag provided matches the resource’s current etag value.
• retry_strategy (obj) –

  (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level.

  This should be one of the strategies available in the retry module. This operation will not retry by default, users can also use the convenient DEFAULT_RETRY_STRATEGY provided by the SDK to enable retries for it. The specifics of the default retry strategy are described here.

  To have this operation explicitly not perform any retries, pass an instance of NoneRetryStrategy.

• allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings

Returns:

A Response object with data of type None

Return type:

Response

Example:

Click here to see an example of how to use update_device_fingerprint_challenge API.

update_good_bots(waas_policy_id, good_bots, **kwargs)

Updates the list of good bots in the Web Application Firewall configuration for a policy. Only the fields specified in the request body will be updated, all other configuration properties will remain unchanged.

Good bots allows you to manage access for bots from known providers, such as Google or Baidu. For more information about good bots, see Bot Management.

Parameters:

• waas_policy_id (str) –

  (required) The OCID of the WAAS policy.

• good_bots (oci.waas.models.list[GoodBot]) – (required)
• opc_request_id (str) – (optional) The unique Oracle-assigned identifier for the request. If you need to contact Oracle about a particular request, please provide the request ID.
• opc_retry_token (str) – (optional) A token that uniquely identifies a request so it can be retried in case of a timeout or server error without risk of executing that same action again. Retry tokens expire after 24 hours, but can be invalidated before then due to conflicting operations Example: If a resource has been deleted and purged from the system, then a retry of the original delete request may be rejected.
• if_match (str) – (optional) For optimistic concurrency control. In the PUT or DELETE call for a resource, set the if-match parameter to the value of the etag from a previous GET or POST response for that resource. The resource will be updated or deleted only if the etag provided matches the resource’s current etag value.
• retry_strategy (obj) –

  (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level.

  This should be one of the strategies available in the retry module. This operation will not retry by default, users can also use the convenient DEFAULT_RETRY_STRATEGY provided by the SDK to enable retries for it. The specifics of the default retry strategy are described here.

  To have this operation explicitly not perform any retries, pass an instance of NoneRetryStrategy.

• allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings

Returns:

A Response object with data of type None

Return type:

Response

Example:

Click here to see an example of how to use update_good_bots API.

update_human_interaction_challenge(waas_policy_id, update_human_interaction_challenge_details, **kwargs)

Updates the Human Interaction Challenge (HIC) settings in the Web Application Firewall configuration for a WAAS policy. HIC is a countermeasure that allows the proxy to check the user’s browser for various behaviors that distinguish a human presence from a bot.

Parameters:

• waas_policy_id (str) –

  (required) The OCID of the WAAS policy.

• update_human_interaction_challenge_details (oci.waas.models.HumanInteractionChallenge) – (required) The human interaction challenge settings.
• opc_request_id (str) – (optional) The unique Oracle-assigned identifier for the request. If you need to contact Oracle about a particular request, please provide the request ID.
• opc_retry_token (str) – (optional) A token that uniquely identifies a request so it can be retried in case of a timeout or server error without risk of executing that same action again. Retry tokens expire after 24 hours, but can be invalidated before then due to conflicting operations Example: If a resource has been deleted and purged from the system, then a retry of the original delete request may be rejected.
• if_match (str) – (optional) For optimistic concurrency control. In the PUT or DELETE call for a resource, set the if-match parameter to the value of the etag from a previous GET or POST response for that resource. The resource will be updated or deleted only if the etag provided matches the resource’s current etag value.
• retry_strategy (obj) –

  (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level.

  This should be one of the strategies available in the retry module. This operation will not retry by default, users can also use the convenient DEFAULT_RETRY_STRATEGY provided by the SDK to enable retries for it. The specifics of the default retry strategy are described here.

  To have this operation explicitly not perform any retries, pass an instance of NoneRetryStrategy.

• allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings

Returns:

A Response object with data of type None

Return type:

Response

Example:

Click here to see an example of how to use update_human_interaction_challenge API.

update_js_challenge(waas_policy_id, update_js_challenge_details, **kwargs)

Updates the JavaScript challenge settings in the Web Application Firewall configuration for a WAAS policy. JavaScript Challenge validates that the client can accept JavaScript with a binary decision. For more information, see Bot Management.

Parameters:

• waas_policy_id (str) –

  (required) The OCID of the WAAS policy.

• update_js_challenge_details (oci.waas.models.JsChallenge) – (required) The JavaScript challenge settings to be updated.
• opc_request_id (str) – (optional) The unique Oracle-assigned identifier for the request. If you need to contact Oracle about a particular request, please provide the request ID.
• opc_retry_token (str) – (optional) A token that uniquely identifies a request so it can be retried in case of a timeout or server error without risk of executing that same action again. Retry tokens expire after 24 hours, but can be invalidated before then due to conflicting operations Example: If a resource has been deleted and purged from the system, then a retry of the original delete request may be rejected.
• if_match (str) – (optional) For optimistic concurrency control. In the PUT or DELETE call for a resource, set the if-match parameter to the value of the etag from a previous GET or POST response for that resource. The resource will be updated or deleted only if the etag provided matches the resource’s current etag value.
• retry_strategy (obj) –

  (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level.

  This should be one of the strategies available in the retry module. This operation will not retry by default, users can also use the convenient DEFAULT_RETRY_STRATEGY provided by the SDK to enable retries for it. The specifics of the default retry strategy are described here.

  To have this operation explicitly not perform any retries, pass an instance of NoneRetryStrategy.

• allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings

Returns:

A Response object with data of type None

Return type:

Response

Example:

Click here to see an example of how to use update_js_challenge API.

update_policy_config(waas_policy_id, update_policy_config_details, **kwargs)

Updates the configuration for a WAAS policy. Only the fields specified in the request body will be updated; all other properties will remain unchanged.

Parameters:

• waas_policy_id (str) –

  (required) The OCID of the WAAS policy.

• update_policy_config_details (oci.waas.models.PolicyConfig) – (required) The new configuration to apply to a WAAS policy.
• opc_request_id (str) – (optional) The unique Oracle-assigned identifier for the request. If you need to contact Oracle about a particular request, please provide the request ID.
• opc_retry_token (str) – (optional) A token that uniquely identifies a request so it can be retried in case of a timeout or server error without risk of executing that same action again. Retry tokens expire after 24 hours, but can be invalidated before then due to conflicting operations Example: If a resource has been deleted and purged from the system, then a retry of the original delete request may be rejected.
• if_match (str) – (optional) For optimistic concurrency control. In the PUT or DELETE call for a resource, set the if-match parameter to the value of the etag from a previous GET or POST response for that resource. The resource will be updated or deleted only if the etag provided matches the resource’s current etag value.
• retry_strategy (obj) –

  (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level.

  This should be one of the strategies available in the retry module. This operation will not retry by default, users can also use the convenient DEFAULT_RETRY_STRATEGY provided by the SDK to enable retries for it. The specifics of the default retry strategy are described here.

  To have this operation explicitly not perform any retries, pass an instance of NoneRetryStrategy.

• allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings

Returns:

A Response object with data of type None

Return type:

Response

Example:

Click here to see an example of how to use update_policy_config API.

update_protection_rules(waas_policy_id, protection_rules, **kwargs)

Updates the action for each specified protection rule. Requests can either be allowed, blocked, or trigger an alert if they meet the parameters of an applied rule. For more information on protection rules, see WAF Protection Rules. This operation can update or disable protection rules depending on the structure of the request body. Protection rules can be updated by changing the properties of the protection rule object with the rule’s key specified in the key field.

Parameters:

• waas_policy_id (str) –

  (required) The OCID of the WAAS policy.

• protection_rules (oci.waas.models.list[ProtectionRuleAction]) – (required)
• opc_request_id (str) – (optional) The unique Oracle-assigned identifier for the request. If you need to contact Oracle about a particular request, please provide the request ID.
• if_match (str) – (optional) For optimistic concurrency control. In the PUT or DELETE call for a resource, set the if-match parameter to the value of the etag from a previous GET or POST response for that resource. The resource will be updated or deleted only if the etag provided matches the resource’s current etag value.
• retry_strategy (obj) –

  (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level.

  This should be one of the strategies available in the retry module. This operation will not retry by default, users can also use the convenient DEFAULT_RETRY_STRATEGY provided by the SDK to enable retries for it. The specifics of the default retry strategy are described here.

  To have this operation explicitly not perform any retries, pass an instance of NoneRetryStrategy.

• allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings

Returns:

A Response object with data of type None

Return type:

Response

Example:

Click here to see an example of how to use update_protection_rules API.

update_protection_settings(waas_policy_id, update_protection_settings_details, **kwargs)

Updates the protection settings in the Web Application Firewall configuration for a WAAS policy. Protection settings allow you define what action is taken when a request is blocked by the Web Application Firewall, such as returning a response code or block page. Only the fields specified in the request body will be updated; all other fields will remain unchanged.

Parameters:

• waas_policy_id (str) –

  (required) The OCID of the WAAS policy.

• update_protection_settings_details (oci.waas.models.ProtectionSettings) – (required) The details of the protection settings to be updated.
• opc_request_id (str) – (optional) The unique Oracle-assigned identifier for the request. If you need to contact Oracle about a particular request, please provide the request ID.
• opc_retry_token (str) – (optional) A token that uniquely identifies a request so it can be retried in case of a timeout or server error without risk of executing that same action again. Retry tokens expire after 24 hours, but can be invalidated before then due to conflicting operations Example: If a resource has been deleted and purged from the system, then a retry of the original delete request may be rejected.
• if_match (str) – (optional) For optimistic concurrency control. In the PUT or DELETE call for a resource, set the if-match parameter to the value of the etag from a previous GET or POST response for that resource. The resource will be updated or deleted only if the etag provided matches the resource’s current etag value.
• retry_strategy (obj) –

  (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level.

  This should be one of the strategies available in the retry module. This operation will not retry by default, users can also use the convenient DEFAULT_RETRY_STRATEGY provided by the SDK to enable retries for it. The specifics of the default retry strategy are described here.

  To have this operation explicitly not perform any retries, pass an instance of NoneRetryStrategy.

• allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings

Returns:

A Response object with data of type None

Return type:

Response

Example:

Click here to see an example of how to use update_protection_settings API.

update_threat_feeds(waas_policy_id, threat_feeds, **kwargs)

Updates the action to take when a request’s IP address matches an address in the specified threat intelligence feed. Threat intelligence feeds are compiled lists of IP addresses with malicious reputations based on internet intelligence. Only the threat feeds specified in the request body will be updated; all other threat feeds will remain unchanged.

Parameters:

• waas_policy_id (str) –

  (required) The OCID of the WAAS policy.

• threat_feeds (oci.waas.models.list[ThreatFeedAction]) – (required) A list of threat feeds for which to update the actions.
• opc_request_id (str) – (optional) The unique Oracle-assigned identifier for the request. If you need to contact Oracle about a particular request, please provide the request ID.
• if_match (str) – (optional) For optimistic concurrency control. In the PUT or DELETE call for a resource, set the if-match parameter to the value of the etag from a previous GET or POST response for that resource. The resource will be updated or deleted only if the etag provided matches the resource’s current etag value.
• retry_strategy (obj) –

  (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level.

  This should be one of the strategies available in the retry module. This operation will not retry by default, users can also use the convenient DEFAULT_RETRY_STRATEGY provided by the SDK to enable retries for it. The specifics of the default retry strategy are described here.

  To have this operation explicitly not perform any retries, pass an instance of NoneRetryStrategy.

• allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings

Returns:

A Response object with data of type None

Return type:

Response

Example:

Click here to see an example of how to use update_threat_feeds API.

update_waas_policy(waas_policy_id, update_waas_policy_details, **kwargs)

Updates the details of a WAAS policy, including origins and tags. Only the fields specified in the request body will be updated; all other properties will remain unchanged. To update platform provided resources such as GoodBots, ProtectionRules, and ThreatFeeds, first retrieve the list of available resources with the related list operation such as GetThreatFeeds or GetProtectionRules. The returned list will contain objects with key properties that can be used to update the resource during the UpdateWaasPolicy request.

Parameters:

• waas_policy_id (str) –

  (required) The OCID of the WAAS policy.

• update_waas_policy_details (oci.waas.models.UpdateWaasPolicyDetails) – (required) The details of the WAAS policy to update.
• opc_request_id (str) – (optional) The unique Oracle-assigned identifier for the request. If you need to contact Oracle about a particular request, please provide the request ID.
• opc_retry_token (str) – (optional) A token that uniquely identifies a request so it can be retried in case of a timeout or server error without risk of executing that same action again. Retry tokens expire after 24 hours, but can be invalidated before then due to conflicting operations Example: If a resource has been deleted and purged from the system, then a retry of the original delete request may be rejected.
• if_match (str) – (optional) For optimistic concurrency control. In the PUT or DELETE call for a resource, set the if-match parameter to the value of the etag from a previous GET or POST response for that resource. The resource will be updated or deleted only if the etag provided matches the resource’s current etag value.
• retry_strategy (obj) –

  (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level.

  This should be one of the strategies available in the retry module. This operation will not retry by default, users can also use the convenient DEFAULT_RETRY_STRATEGY provided by the SDK to enable retries for it. The specifics of the default retry strategy are described here.

  To have this operation explicitly not perform any retries, pass an instance of NoneRetryStrategy.

• allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings

Returns:

A Response object with data of type None

Return type:

Response

Example:

Click here to see an example of how to use update_waas_policy API.

update_waas_policy_custom_protection_rules(waas_policy_id, update_custom_protection_rules_details, **kwargs)

Updates the action for each specified custom protection rule. Only the DETECT and BLOCK actions can be set. Disabled rules should not be included in the list. For more information on protection rules, see WAF Protection Rules.

Parameters:

• waas_policy_id (str) –

  (required) The OCID of the WAAS policy.

• update_custom_protection_rules_details (oci.waas.models.list[CustomProtectionRuleSetting]) – (required)
• opc_request_id (str) – (optional) The unique Oracle-assigned identifier for the request. If you need to contact Oracle about a particular request, please provide the request ID.
• opc_retry_token (str) – (optional) A token that uniquely identifies a request so it can be retried in case of a timeout or server error without risk of executing that same action again. Retry tokens expire after 24 hours, but can be invalidated before then due to conflicting operations Example: If a resource has been deleted and purged from the system, then a retry of the original delete request may be rejected.
• if_match (str) – (optional) For optimistic concurrency control. In the PUT or DELETE call for a resource, set the if-match parameter to the value of the etag from a previous GET or POST response for that resource. The resource will be updated or deleted only if the etag provided matches the resource’s current etag value.
• retry_strategy (obj) –

  (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level.

  This should be one of the strategies available in the retry module. This operation will not retry by default, users can also use the convenient DEFAULT_RETRY_STRATEGY provided by the SDK to enable retries for it. The specifics of the default retry strategy are described here.

  To have this operation explicitly not perform any retries, pass an instance of NoneRetryStrategy.

• allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings

Returns:

A Response object with data of type None

Return type:

Response

Example:

Click here to see an example of how to use update_waas_policy_custom_protection_rules API.

update_waf_address_rate_limiting(waas_policy_id, update_waf_address_rate_limiting_details, **kwargs)

Updates the address rate limiting settings in the Web Application Firewall configuration for a policy. Rate limiting allows you to configure a threshold for the number of requests from a unique IP address for the given period. You can also define the response code for the requests from the same address that exceed the threshold.

Parameters:

• waas_policy_id (str) –

  (required) The OCID of the WAAS policy.

• update_waf_address_rate_limiting_details (oci.waas.models.AddressRateLimiting) – (required) The address rate limiting settings.
• opc_request_id (str) – (optional) The unique Oracle-assigned identifier for the request. If you need to contact Oracle about a particular request, please provide the request ID.
• opc_retry_token (str) – (optional) A token that uniquely identifies a request so it can be retried in case of a timeout or server error without risk of executing that same action again. Retry tokens expire after 24 hours, but can be invalidated before then due to conflicting operations Example: If a resource has been deleted and purged from the system, then a retry of the original delete request may be rejected.
• if_match (str) – (optional) For optimistic concurrency control. In the PUT or DELETE call for a resource, set the if-match parameter to the value of the etag from a previous GET or POST response for that resource. The resource will be updated or deleted only if the etag provided matches the resource’s current etag value.
• retry_strategy (obj) –

  (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level.

  This should be one of the strategies available in the retry module. This operation will not retry by default, users can also use the convenient DEFAULT_RETRY_STRATEGY provided by the SDK to enable retries for it. The specifics of the default retry strategy are described here.

  To have this operation explicitly not perform any retries, pass an instance of NoneRetryStrategy.

• allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings

Returns:

A Response object with data of type None

Return type:

Response

Example:

Click here to see an example of how to use update_waf_address_rate_limiting API.

update_waf_config(waas_policy_id, update_waf_config_details, **kwargs)

Updates the Web Application Firewall configuration for a specified WAAS policy.

To update platform provided resources such as GoodBots, ProtectionRules, and ThreatFeeds, first retrieve the list of available resources with the related list operation, such as GetThreatFeeds or GetProtectionRules.

The returned list will contain objects with key properties that can be used to update the resource during the UpdateWafConfig request.

Parameters:

• waas_policy_id (str) –

  (required) The OCID of the WAAS policy.

• update_waf_config_details (oci.waas.models.WafConfig) – (required) The new Web Application Firewall configuration to apply to a WAAS policy.
• opc_request_id (str) – (optional) The unique Oracle-assigned identifier for the request. If you need to contact Oracle about a particular request, please provide the request ID.
• opc_retry_token (str) – (optional) A token that uniquely identifies a request so it can be retried in case of a timeout or server error without risk of executing that same action again. Retry tokens expire after 24 hours, but can be invalidated before then due to conflicting operations Example: If a resource has been deleted and purged from the system, then a retry of the original delete request may be rejected.
• if_match (str) – (optional) For optimistic concurrency control. In the PUT or DELETE call for a resource, set the if-match parameter to the value of the etag from a previous GET or POST response for that resource. The resource will be updated or deleted only if the etag provided matches the resource’s current etag value.
• retry_strategy (obj) –

  (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level.

  This should be one of the strategies available in the retry module. This operation will not retry by default, users can also use the convenient DEFAULT_RETRY_STRATEGY provided by the SDK to enable retries for it. The specifics of the default retry strategy are described here.

  To have this operation explicitly not perform any retries, pass an instance of NoneRetryStrategy.

• allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings

Returns:

A Response object with data of type None

Return type:

Response

Example:

Click here to see an example of how to use update_waf_config API.

update_whitelists(waas_policy_id, whitelists, **kwargs)

Updates the list of IP addresses that bypass the Web Application Firewall for a WAAS policy. Supports single IP addresses, subnet masks (CIDR notation) and Address Lists.

This operation can create, delete, update, and/or reorder whitelists depending on the structure of the request body.

Whitelists can be updated by changing the properties of the whitelist object with the rule’s key specified in the key field. Whitelists can be reordered by changing the order of the whitelists in the list of objects when updating.

Whitelists can be created by adding a new whitelist object to the list without a key property specified. A key will be generated for the new whitelist upon update.

Whitelists can be deleted by removing the existing whitelist object from the list. Any existing whitelists that are not specified with a key in the list of access rules will be deleted upon update.

Parameters:

• waas_policy_id (str) –

  (required) The OCID of the WAAS policy.

• whitelists (oci.waas.models.list[Whitelist]) – (required)
• opc_request_id (str) – (optional) The unique Oracle-assigned identifier for the request. If you need to contact Oracle about a particular request, please provide the request ID.
• opc_retry_token (str) – (optional) A token that uniquely identifies a request so it can be retried in case of a timeout or server error without risk of executing that same action again. Retry tokens expire after 24 hours, but can be invalidated before then due to conflicting operations Example: If a resource has been deleted and purged from the system, then a retry of the original delete request may be rejected.
• if_match (str) – (optional) For optimistic concurrency control. In the PUT or DELETE call for a resource, set the if-match parameter to the value of the etag from a previous GET or POST response for that resource. The resource will be updated or deleted only if the etag provided matches the resource’s current etag value.
• retry_strategy (obj) –

  (optional) A retry strategy to apply to this specific operation/call. This will override any retry strategy set at the client-level.

  This should be one of the strategies available in the retry module. This operation will not retry by default, users can also use the convenient DEFAULT_RETRY_STRATEGY provided by the SDK to enable retries for it. The specifics of the default retry strategy are described here.

  To have this operation explicitly not perform any retries, pass an instance of NoneRetryStrategy.

• allow_control_chars (bool) – (optional) allow_control_chars is a boolean to indicate whether or not this request should allow control characters in the response object. By default, the response will not allow control characters in strings

Returns:

A Response object with data of type None

Return type:

Response

Example:

Click here to see an example of how to use update_whitelists API.