|
27 | 27 | "description": "Rule represents an individual security or validation rule.", |
28 | 28 | "properties": { |
29 | 29 | "description": { |
30 | | - "description": "Description of the specific rule.", |
31 | | - "example": "SQL Injection Attack Detected via libinjection", |
| 30 | + "description": "SQL Injection Attack Detected via libinjection", |
| 31 | + "example": "ENABLED", |
| 32 | + "type": "string" |
| 33 | + }, |
| 34 | + "mode": { |
| 35 | + "description": "The current mode of the rule.", |
| 36 | + "enum": [ |
| 37 | + "MODE_UNSPECIFIED", |
| 38 | + "MODE_ENABLED", |
| 39 | + "MODE_DISABLED", |
| 40 | + "MODE_LOG_ONLY" |
| 41 | + ], |
| 42 | + "example": "MODE_ENABLED", |
| 43 | + "pattern": "^(MODE_ENABLED|MODE_DISABLED|MODE_LOG_ONLY)$", |
| 44 | + "title": "OWASP Core Rule Set", |
32 | 45 | "type": "string" |
33 | 46 | }, |
34 | | - "id": { |
35 | | - "description": "The unique numeric ID of the rule.", |
36 | | - "example": 942100, |
37 | | - "format": "int32", |
38 | | - "type": "integer" |
39 | | - }, |
40 | 47 | "severity": { |
41 | | - "description": "The impact level of the rule trigger.", |
| 48 | + "description": "Impact level.", |
42 | 49 | "example": "CRITICAL", |
43 | 50 | "pattern": "^(CRITICAL|ERROR|WARNING|INFO)$", |
44 | 51 | "type": "string" |
|
51 | 58 | "properties": { |
52 | 59 | "description": { |
53 | 60 | "description": "A description of what this group covers.", |
54 | | - "example": "Rules designed to detect and block SQL injection attempts.", |
| 61 | + "example": "A description of what this group covers.", |
55 | 62 | "type": "string" |
56 | 63 | }, |
57 | 64 | "groupName": { |
58 | 65 | "description": "The name for the rule group.", |
59 | | - "example": "Multipart Enforcement (MULTIPART ATTACK)", |
| 66 | + "example": "SQL Injection Attack (SQLI)", |
60 | 67 | "pattern": "^[a-zA-Z\\(\\) ]+$", |
61 | 68 | "type": "string" |
62 | 69 | }, |
63 | 70 | "rules": { |
64 | | - "description": "The list of individual rules contained within this group.", |
65 | | - "items": { |
| 71 | + "additionalProperties": { |
66 | 72 | "$ref": "#/components/schemas/CRSRule" |
67 | 73 | }, |
68 | | - "type": "array" |
| 74 | + "type": "object" |
69 | 75 | } |
70 | 76 | }, |
71 | 77 | "type": "object" |
|
104 | 110 | }, |
105 | 111 | "type": "object" |
106 | 112 | }, |
107 | | - "CreateCoreRuleSetResponse": { |
108 | | - "description": "CreateCoreRuleSetResponse returns rule configuration name and it's rules.", |
109 | | - "properties": { |
110 | | - "active": { |
111 | | - "description": "Indicates if the OWASP core rule set is active.", |
112 | | - "example": true, |
113 | | - "title": "OWASP Core Rule Set", |
114 | | - "type": "boolean" |
115 | | - }, |
116 | | - "name": { |
117 | | - "description": "Core rule set configuration name.", |
118 | | - "example": "my-core-rule-set-config", |
119 | | - "pattern": "^[0-9a-z](?:(?:[0-9a-z]|-){0,61}[0-9a-z])?$", |
120 | | - "type": "string" |
121 | | - }, |
122 | | - "region": { |
123 | | - "description": "Region", |
124 | | - "example": "eu01", |
125 | | - "format": "string", |
126 | | - "pattern": "^[a-z]{2,4}[0-9]{2}$", |
127 | | - "readOnly": true, |
128 | | - "type": "string" |
129 | | - } |
130 | | - }, |
131 | | - "type": "object" |
132 | | - }, |
133 | 113 | "CreateRulesPayload": { |
134 | 114 | "description": "CreateRulesRequest creates a rule configuration.", |
135 | 115 | "properties": { |
|
304 | 284 | "type": "boolean" |
305 | 285 | }, |
306 | 286 | "groups": { |
307 | | - "items": { |
| 287 | + "additionalProperties": { |
308 | 288 | "$ref": "#/components/schemas/CRSRuleGroup" |
309 | 289 | }, |
310 | | - "type": "array" |
| 290 | + "description": "Inventory of all available Core Rule Set groups and their current configuration. The key is the unique Group ID.", |
| 291 | + "example": { |
| 292 | + "942": { |
| 293 | + "description": "Detects common SQL injection attacks.", |
| 294 | + "group_name": "SQL Injection (SQLi)", |
| 295 | + "rules": { |
| 296 | + "942100": { |
| 297 | + "description": "libinjection SQLi check", |
| 298 | + "mode": "MODE_ENABLED", |
| 299 | + "severity": "CRITICAL" |
| 300 | + } |
| 301 | + } |
| 302 | + } |
| 303 | + }, |
| 304 | + "type": "object" |
311 | 305 | }, |
312 | 306 | "name": { |
313 | 307 | "description": "Core rule set configuration name.", |
|
506 | 500 | }, |
507 | 501 | "type": "object" |
508 | 502 | }, |
| 503 | + "PatchCRSRule": { |
| 504 | + "properties": { |
| 505 | + "mode": { |
| 506 | + "description": "The current mode of the rule.", |
| 507 | + "enum": [ |
| 508 | + "MODE_UNSPECIFIED", |
| 509 | + "MODE_ENABLED", |
| 510 | + "MODE_DISABLED", |
| 511 | + "MODE_LOG_ONLY" |
| 512 | + ], |
| 513 | + "example": "MODE_LOG_ONLY", |
| 514 | + "pattern": "^(MODE_ENABLED|MODE_DISABLED|MODE_LOG_ONLY)$", |
| 515 | + "title": "OWASP Core Rule Set", |
| 516 | + "type": "string" |
| 517 | + } |
| 518 | + }, |
| 519 | + "type": "object" |
| 520 | + }, |
| 521 | + "PatchCRSRuleGroup": { |
| 522 | + "properties": { |
| 523 | + "rules": { |
| 524 | + "additionalProperties": { |
| 525 | + "$ref": "#/components/schemas/PatchCRSRule" |
| 526 | + }, |
| 527 | + "type": "object" |
| 528 | + } |
| 529 | + }, |
| 530 | + "type": "object" |
| 531 | + }, |
| 532 | + "PatchCoreRuleSetPayload": { |
| 533 | + "description": "PatchCoreRuleSetRequest updates a rules configuration.", |
| 534 | + "properties": { |
| 535 | + "active": { |
| 536 | + "description": "To activate the OWASP core rule set, set this boolean to true.", |
| 537 | + "example": true, |
| 538 | + "title": "OWASP Core Rule Set", |
| 539 | + "type": "boolean" |
| 540 | + }, |
| 541 | + "groups": { |
| 542 | + "additionalProperties": { |
| 543 | + "$ref": "#/components/schemas/PatchCRSRuleGroup" |
| 544 | + }, |
| 545 | + "description": "Map of Core Rule Set groups to be patched. The key is the Group ID (e.g., 942 for SQL Injection). Only provided rules within the group will be updated; others remain unchanged.", |
| 546 | + "example": { |
| 547 | + "942": { |
| 548 | + "rules": { |
| 549 | + "942100": { |
| 550 | + "mode": "MODE_DISABLED" |
| 551 | + } |
| 552 | + } |
| 553 | + } |
| 554 | + }, |
| 555 | + "type": "object" |
| 556 | + }, |
| 557 | + "name": { |
| 558 | + "description": "Core rule set configuration name.", |
| 559 | + "example": "my-core-rule-set-config", |
| 560 | + "pattern": "^[0-9a-z](?:(?:[0-9a-z]|-){0,61}[0-9a-z])?$", |
| 561 | + "type": "string" |
| 562 | + }, |
| 563 | + "projectId": { |
| 564 | + "description": "Project identifier", |
| 565 | + "example": "2438ac3c-37eb-4902-adef-ed16b4431030", |
| 566 | + "format": "uuid", |
| 567 | + "pattern": "^[0-9a-f]{8}-[0-9a-f]{4}-4[0-9a-f]{3}-[89ab][0-9a-f]{3}-[0-9a-f]{12}$", |
| 568 | + "readOnly": true, |
| 569 | + "type": "string" |
| 570 | + }, |
| 571 | + "region": { |
| 572 | + "description": "Region", |
| 573 | + "example": "eu01", |
| 574 | + "format": "string", |
| 575 | + "pattern": "^[a-z]{2,4}[0-9]{2}$", |
| 576 | + "readOnly": true, |
| 577 | + "type": "string" |
| 578 | + } |
| 579 | + }, |
| 580 | + "type": "object" |
| 581 | + }, |
509 | 582 | "Quotas": { |
510 | 583 | "description": "Quotas holds the specific quota elements for different resources", |
511 | 584 | "properties": { |
|
544 | 617 | "type": "object" |
545 | 618 | }, |
546 | 619 | "UpdateCoreRuleSetPayload": { |
547 | | - "description": "UpdateCoreRuleSetRequest updates a rules configuration, but only if it changed.", |
| 620 | + "description": "UpdateCoreRuleSetRequest updates a rules configuration, but only if it changed.\n DEPRECATED use PatchCoreRuleSet", |
548 | 621 | "properties": { |
549 | 622 | "active": { |
550 | 623 | "description": "To activate the OWASP core rule set, set this boolean to true.", |
551 | 624 | "example": true, |
552 | 625 | "title": "OWASP Core Rule Set", |
553 | 626 | "type": "boolean" |
554 | 627 | }, |
| 628 | + "groups": { |
| 629 | + "additionalProperties": { |
| 630 | + "$ref": "#/components/schemas/PatchCRSRuleGroup" |
| 631 | + }, |
| 632 | + "description": "Map of Core Rule Set groups to be patched. The key is the Group ID (e.g., 942 for SQL Injection). Only provided rules within the group will be updated; others remain unchanged.", |
| 633 | + "example": { |
| 634 | + "942": { |
| 635 | + "rules": { |
| 636 | + "942100": { |
| 637 | + "mode": "MODE_DISABLED" |
| 638 | + } |
| 639 | + } |
| 640 | + } |
| 641 | + }, |
| 642 | + "type": "object" |
| 643 | + }, |
555 | 644 | "name": { |
556 | 645 | "description": "Core rule set configuration name.", |
557 | 646 | "example": "my-core-rule-set-config", |
|
578 | 667 | "type": "object" |
579 | 668 | }, |
580 | 669 | "UpdateCoreRuleSetResponse": { |
581 | | - "description": "UpdateCoreRuleSetResponse returns rule configuration name and it's rules.", |
| 670 | + "description": "DEPRECATED use PatchCoreRuleSet", |
582 | 671 | "properties": { |
583 | 672 | "active": { |
584 | 673 | "description": "Indicates if the OWASP core rule set is active.", |
|
897 | 986 | "content": { |
898 | 987 | "application/json": { |
899 | 988 | "schema": { |
900 | | - "$ref": "#/components/schemas/CreateCoreRuleSetResponse" |
| 989 | + "$ref": "#/components/schemas/GetCoreRuleSetResponse" |
901 | 990 | } |
902 | 991 | } |
903 | 992 | }, |
|
1126 | 1215 | } |
1127 | 1216 | } |
1128 | 1217 | }, |
| 1218 | + "patch": { |
| 1219 | + "description": "Accepts the same structure as the GET response. Only fields provided with values will be updated.", |
| 1220 | + "operationId": "PatchCoreRuleSet", |
| 1221 | + "parameters": [ |
| 1222 | + { |
| 1223 | + "in": "path", |
| 1224 | + "name": "projectId", |
| 1225 | + "required": true, |
| 1226 | + "schema": { |
| 1227 | + "type": "string" |
| 1228 | + } |
| 1229 | + }, |
| 1230 | + { |
| 1231 | + "in": "path", |
| 1232 | + "name": "region", |
| 1233 | + "required": true, |
| 1234 | + "schema": { |
| 1235 | + "type": "string" |
| 1236 | + } |
| 1237 | + }, |
| 1238 | + { |
| 1239 | + "in": "path", |
| 1240 | + "name": "name", |
| 1241 | + "required": true, |
| 1242 | + "schema": { |
| 1243 | + "type": "string" |
| 1244 | + } |
| 1245 | + } |
| 1246 | + ], |
| 1247 | + "requestBody": { |
| 1248 | + "content": { |
| 1249 | + "application/json": { |
| 1250 | + "schema": { |
| 1251 | + "$ref": "#/components/schemas/PatchCoreRuleSetPayload" |
| 1252 | + } |
| 1253 | + } |
| 1254 | + }, |
| 1255 | + "required": true |
| 1256 | + }, |
| 1257 | + "responses": { |
| 1258 | + "200": { |
| 1259 | + "content": { |
| 1260 | + "application/json": { |
| 1261 | + "schema": { |
| 1262 | + "$ref": "#/components/schemas/GetCoreRuleSetResponse" |
| 1263 | + } |
| 1264 | + } |
| 1265 | + }, |
| 1266 | + "description": "OK" |
| 1267 | + }, |
| 1268 | + "400": { |
| 1269 | + "description": "Invalid fields." |
| 1270 | + }, |
| 1271 | + "401": { |
| 1272 | + "content": { |
| 1273 | + "*/*": { |
| 1274 | + "schema": { |
| 1275 | + "$ref": "#/components/schemas/Status" |
| 1276 | + } |
| 1277 | + } |
| 1278 | + }, |
| 1279 | + "description": "Unauthorized" |
| 1280 | + }, |
| 1281 | + "403": { |
| 1282 | + "description": "Forbidden" |
| 1283 | + }, |
| 1284 | + "404": { |
| 1285 | + "description": "Not found" |
| 1286 | + }, |
| 1287 | + "500": { |
| 1288 | + "description": "Internal error" |
| 1289 | + }, |
| 1290 | + "default": { |
| 1291 | + "content": { |
| 1292 | + "application/json": { |
| 1293 | + "schema": { |
| 1294 | + "$ref": "#/components/schemas/Status" |
| 1295 | + } |
| 1296 | + } |
| 1297 | + }, |
| 1298 | + "description": "Default error response" |
| 1299 | + } |
| 1300 | + }, |
| 1301 | + "summary": "Granularly update a CRS configuration", |
| 1302 | + "x-stackit-authorization": { |
| 1303 | + "actions": [ |
| 1304 | + "alb.waf.crs.update" |
| 1305 | + ], |
| 1306 | + "resource-id": "projectId", |
| 1307 | + "resource-id-type": "dynamic", |
| 1308 | + "resource-type": "project" |
| 1309 | + } |
| 1310 | + }, |
1129 | 1311 | "put": { |
1130 | | - "description": "This endpoint will update an existing core rule set (CRS) configuration and also inturn update all WAF configurations that reference it.", |
| 1312 | + "description": "DEPRECATED: Use PatchCoreRuleSet", |
1131 | 1313 | "operationId": "UpdateCoreRuleSet", |
1132 | 1314 | "parameters": [ |
1133 | 1315 | { |
|
0 commit comments