diff --git a/.gitignore b/.gitignore index 8c72b05a9..1bfe11490 100644 --- a/.gitignore +++ b/.gitignore @@ -33,6 +33,7 @@ dist/ # NGINX Plus license files *.crt *.key +*.jwt # RHEL license rhel_license diff --git a/config/crd/bases/appprotect.f5.com_appolicies.yaml b/config/crd/bases/appprotect.f5.com_appolicies.yaml index 4929c9624..ecdbb311e 100644 --- a/config/crd/bases/appprotect.f5.com_appolicies.yaml +++ b/config/crd/bases/appprotect.f5.com_appolicies.yaml @@ -184,6 +184,8 @@ spec: - VIOL_ASM_COOKIE_HIJACKING - VIOL_ASM_COOKIE_MODIFIED - VIOL_BLACKLISTED_IP + - VIOL_BOT_CLIENT + - VIOL_BRUTE_FORCE - VIOL_COOKIE_EXPIRED - VIOL_COOKIE_LENGTH - VIOL_COOKIE_MALFORMED @@ -195,6 +197,7 @@ spec: - VIOL_FILE_UPLOAD - VIOL_FILE_UPLOAD_IN_BODY - VIOL_FILETYPE + - VIOL_GEOLOCATION - VIOL_GRAPHQL_ERROR_RESPONSE - VIOL_GRAPHQL_FORMAT - VIOL_GRAPHQL_INTROSPECTION_QUERY @@ -210,6 +213,9 @@ spec: - VIOL_JSON_FORMAT - VIOL_JSON_MALFORMED - VIOL_JSON_SCHEMA + - VIOL_LOGIN + - VIOL_LOGIN_URL_BYPASSED + - VIOL_LOGIN_URL_EXPIRED - VIOL_MANDATORY_HEADER - VIOL_MANDATORY_PARAMETER - VIOL_MANDATORY_REQUEST_BODY @@ -239,6 +245,7 @@ spec: - VIOL_URL_CONTENT_TYPE - VIOL_URL_LENGTH - VIOL_URL_METACHAR + - VIOL_WEBSOCKET_BAD_REQUEST - VIOL_XML_FORMAT - VIOL_XML_MALFORMED type: string @@ -552,6 +559,528 @@ spec: type: object description: type: string + disallowed-geolocations: + items: + properties: + $action: + enum: + - delete + type: string + countryCode: + enum: + - AF + - AX + - AL + - DZ + - AS + - AD + - AO + - AI + - A1 + - AQ + - AG + - AR + - AM + - AW + - AU + - AT + - AZ + - BS + - BH + - BD + - BB + - BY + - BE + - BZ + - BJ + - BM + - BT + - BO + - BA + - BW + - BV + - BR + - IO + - BN + - BG + - BF + - BI + - KH + - CM + - CA + - CV + - KY + - CF + - TD + - CL + - CN + - CX + - CC + - CO + - KM + - CG + - CD + - CK + - CR + - CI + - HR + - CU + - CY + - CZ + - DK + - DJ + - DM + - DO + - EC + - EG + - SV + - GQ + - ER + - EE + - ET + - FK + - FO + - FJ + - FI + - FR + - FX + - GF + - PF + - TF + - GA + - GM + - GE + - DE + - GH + - GI + - GR + - GL + - GD + - GP + - GU + - GT + - GG + - GN + - GW + - GY + - HT + - HM + - VA + - HN + - HK + - HU + - IS + - IN + - ID + - IR + - IQ + - IE + - IM + - IL + - IT + - JM + - JP + - JE + - JO + - KZ + - KE + - KI + - KP + - KR + - KW + - KG + - LA + - LV + - LB + - LS + - LR + - LY + - LI + - LT + - LU + - MO + - MK + - MG + - MW + - MY + - MV + - ML + - MT + - MH + - MQ + - MR + - MU + - YT + - MX + - FM + - MD + - MC + - MN + - ME + - MS + - MA + - MZ + - MM + - ZZ + - NA + - NR + - NP + - NL + - AN + - NC + - NZ + - NI + - NE + - NG + - NU + - NF + - MP + - "NO" + - OM + - PK + - PW + - PS + - PA + - PG + - PY + - PE + - PH + - PN + - PL + - PT + - PR + - QA + - RE + - RO + - RU + - RW + - BL + - SH + - KN + - LC + - MF + - PM + - VC + - WS + - SM + - ST + - A2 + - SA + - SN + - RS + - SC + - SL + - SG + - SK + - SI + - SB + - SO + - ZA + - GS + - ES + - LK + - SD + - SR + - SJ + - SZ + - SE + - CH + - SY + - TW + - TJ + - TZ + - TH + - TL + - TG + - TK + - TO + - TT + - TN + - TR + - TM + - TC + - TV + - UG + - UA + - AE + - GB + - US + - UM + - UY + - UZ + - VU + - VE + - VN + - VG + - VI + - WF + - EH + - YE + - ZM + - ZW + type: string + countryName: + enum: + - Afghanistan + - Aland Islands + - Albania + - Algeria + - American Samoa + - Andorra + - Angola + - Anguilla + - Anonymous Proxy + - Antarctica + - Antigua and Barbuda + - Argentina + - Armenia + - Aruba + - Australia + - Austria + - Azerbaijan + - Bahamas + - Bahrain + - Bangladesh + - Barbados + - Belarus + - Belgium + - Belize + - Benin + - Bermuda + - Bhutan + - Bolivia + - Bosnia and Herzegovina + - Botswana + - Bouvet Island + - Brazil + - British Indian Ocean Territory + - Brunei Darussalam + - Bulgaria + - Burkina Faso + - Burundi + - Cambodia + - Cameroon + - Canada + - Cape Verde + - Cayman Islands + - Central African Republic + - Chad + - Chile + - China + - Christmas Island + - Cocos (Keeling) Islands + - Colombia + - Comoros + - Congo + - Congo, The Democratic Republic of the + - Cook Islands + - Costa Rica + - Cote D'Ivoire + - Croatia + - Cuba + - Cyprus + - Czech Republic + - Denmark + - Djibouti + - Dominica + - Dominican Republic + - Ecuador + - Egypt + - El Salvador + - Equatorial Guinea + - Eritrea + - Estonia + - Ethiopia + - Falkland Islands (Malvinas) + - Faroe Islands + - Fiji + - Finland + - France + - France, Metropolitan + - French Guiana + - French Polynesia + - French Southern Territories + - Gabon + - Gambia + - Georgia + - Germany + - Ghana + - Gibraltar + - Greece + - Greenland + - Grenada + - Guadeloupe + - Guam + - Guatemala + - Guernsey + - Guinea + - Guinea-Bissau + - Guyana + - Haiti + - Heard Island and McDonald Islands + - Holy See (Vatican City State) + - Honduras + - Hong Kong + - Hungary + - Iceland + - India + - Indonesia + - Iran, Islamic Republic of + - Iraq + - Ireland + - Isle of Man + - Israel + - Italy + - Jamaica + - Japan + - Jersey + - Jordan + - Kazakhstan + - Kenya + - Kiribati + - Korea, Democratic People's Republic of + - Korea, Republic of + - Kuwait + - Kyrgyzstan + - Lao People's Democratic Republic + - Latvia + - Lebanon + - Lesotho + - Liberia + - Libyan Arab Jamahiriya + - Liechtenstein + - Lithuania + - Luxembourg + - Macau + - Macedonia + - Madagascar + - Malawi + - Malaysia + - Maldives + - Mali + - Malta + - Marshall Islands + - Martinique + - Mauritania + - Mauritius + - Mayotte + - Mexico + - Micronesia, Federated States of + - Moldova, Republic of + - Monaco + - Mongolia + - Montenegro + - Montserrat + - Morocco + - Mozambique + - Myanmar + - N/A + - Namibia + - Nauru + - Nepal + - Netherlands + - Netherlands Antilles + - New Caledonia + - New Zealand + - Nicaragua + - Niger + - Nigeria + - Niue + - Norfolk Island + - Northern Mariana Islands + - Norway + - Oman + - Other + - Pakistan + - Palau + - Palestinian Territory + - Panama + - Papua New Guinea + - Paraguay + - Peru + - Philippines + - Pitcairn Islands + - Poland + - Portugal + - Puerto Rico + - Qatar + - Reunion + - Romania + - Russian Federation + - Rwanda + - Saint Barthelemy + - Saint Helena + - Saint Kitts and Nevis + - Saint Lucia + - Saint Martin + - Saint Pierre and Miquelon + - Saint Vincent and the Grenadines + - Samoa + - San Marino + - Sao Tome and Principe + - Satellite Provider + - Saudi Arabia + - Senegal + - Serbia + - Seychelles + - Sierra Leone + - Singapore + - Slovakia + - Slovenia + - Solomon Islands + - Somalia + - South Africa + - South Georgia and the South Sandwich Islands + - Spain + - Sri Lanka + - Sudan + - Suriname + - Svalbard and Jan Mayen + - Swaziland + - Sweden + - Switzerland + - Syrian Arab Republic + - Taiwan + - Tajikistan + - Tanzania, United Republic of + - Thailand + - Timor-Leste + - Togo + - Tokelau + - Tonga + - Trinidad and Tobago + - Tunisia + - Turkey + - Turkmenistan + - Turks and Caicos Islands + - Tuvalu + - Uganda + - Ukraine + - United Arab Emirates + - United Kingdom + - United States + - United States Minor Outlying Islands + - Uruguay + - Uzbekistan + - Vanuatu + - Venezuela + - Vietnam + - Virgin Islands, British + - Virgin Islands, U.S. + - Wallis and Futuna + - Western Sahara + - Yemen + - Zambia + - Zimbabwe + type: string + type: object + type: array + disallowedGeolocationReference: + properties: + link: + pattern: ^http + type: string + type: object enablePassiveMode: type: boolean enforcementMode: diff --git a/deploy/crds-nap-waf.yaml b/deploy/crds-nap-waf.yaml index 2548a69ce..ef72853a9 100644 --- a/deploy/crds-nap-waf.yaml +++ b/deploy/crds-nap-waf.yaml @@ -268,6 +268,8 @@ spec: - VIOL_ASM_COOKIE_HIJACKING - VIOL_ASM_COOKIE_MODIFIED - VIOL_BLACKLISTED_IP + - VIOL_BOT_CLIENT + - VIOL_BRUTE_FORCE - VIOL_COOKIE_EXPIRED - VIOL_COOKIE_LENGTH - VIOL_COOKIE_MALFORMED @@ -279,6 +281,7 @@ spec: - VIOL_FILE_UPLOAD - VIOL_FILE_UPLOAD_IN_BODY - VIOL_FILETYPE + - VIOL_GEOLOCATION - VIOL_GRAPHQL_ERROR_RESPONSE - VIOL_GRAPHQL_FORMAT - VIOL_GRAPHQL_INTROSPECTION_QUERY @@ -294,6 +297,9 @@ spec: - VIOL_JSON_FORMAT - VIOL_JSON_MALFORMED - VIOL_JSON_SCHEMA + - VIOL_LOGIN + - VIOL_LOGIN_URL_BYPASSED + - VIOL_LOGIN_URL_EXPIRED - VIOL_MANDATORY_HEADER - VIOL_MANDATORY_PARAMETER - VIOL_MANDATORY_REQUEST_BODY @@ -323,6 +329,7 @@ spec: - VIOL_URL_CONTENT_TYPE - VIOL_URL_LENGTH - VIOL_URL_METACHAR + - VIOL_WEBSOCKET_BAD_REQUEST - VIOL_XML_FORMAT - VIOL_XML_MALFORMED type: string @@ -636,6 +643,528 @@ spec: type: object description: type: string + disallowed-geolocations: + items: + properties: + $action: + enum: + - delete + type: string + countryCode: + enum: + - AF + - AX + - AL + - DZ + - AS + - AD + - AO + - AI + - A1 + - AQ + - AG + - AR + - AM + - AW + - AU + - AT + - AZ + - BS + - BH + - BD + - BB + - BY + - BE + - BZ + - BJ + - BM + - BT + - BO + - BA + - BW + - BV + - BR + - IO + - BN + - BG + - BF + - BI + - KH + - CM + - CA + - CV + - KY + - CF + - TD + - CL + - CN + - CX + - CC + - CO + - KM + - CG + - CD + - CK + - CR + - CI + - HR + - CU + - CY + - CZ + - DK + - DJ + - DM + - DO + - EC + - EG + - SV + - GQ + - ER + - EE + - ET + - FK + - FO + - FJ + - FI + - FR + - FX + - GF + - PF + - TF + - GA + - GM + - GE + - DE + - GH + - GI + - GR + - GL + - GD + - GP + - GU + - GT + - GG + - GN + - GW + - GY + - HT + - HM + - VA + - HN + - HK + - HU + - IS + - IN + - ID + - IR + - IQ + - IE + - IM + - IL + - IT + - JM + - JP + - JE + - JO + - KZ + - KE + - KI + - KP + - KR + - KW + - KG + - LA + - LV + - LB + - LS + - LR + - LY + - LI + - LT + - LU + - MO + - MK + - MG + - MW + - MY + - MV + - ML + - MT + - MH + - MQ + - MR + - MU + - YT + - MX + - FM + - MD + - MC + - MN + - ME + - MS + - MA + - MZ + - MM + - ZZ + - NA + - NR + - NP + - NL + - AN + - NC + - NZ + - NI + - NE + - NG + - NU + - NF + - MP + - "NO" + - OM + - PK + - PW + - PS + - PA + - PG + - PY + - PE + - PH + - PN + - PL + - PT + - PR + - QA + - RE + - RO + - RU + - RW + - BL + - SH + - KN + - LC + - MF + - PM + - VC + - WS + - SM + - ST + - A2 + - SA + - SN + - RS + - SC + - SL + - SG + - SK + - SI + - SB + - SO + - ZA + - GS + - ES + - LK + - SD + - SR + - SJ + - SZ + - SE + - CH + - SY + - TW + - TJ + - TZ + - TH + - TL + - TG + - TK + - TO + - TT + - TN + - TR + - TM + - TC + - TV + - UG + - UA + - AE + - GB + - US + - UM + - UY + - UZ + - VU + - VE + - VN + - VG + - VI + - WF + - EH + - YE + - ZM + - ZW + type: string + countryName: + enum: + - Afghanistan + - Aland Islands + - Albania + - Algeria + - American Samoa + - Andorra + - Angola + - Anguilla + - Anonymous Proxy + - Antarctica + - Antigua and Barbuda + - Argentina + - Armenia + - Aruba + - Australia + - Austria + - Azerbaijan + - Bahamas + - Bahrain + - Bangladesh + - Barbados + - Belarus + - Belgium + - Belize + - Benin + - Bermuda + - Bhutan + - Bolivia + - Bosnia and Herzegovina + - Botswana + - Bouvet Island + - Brazil + - British Indian Ocean Territory + - Brunei Darussalam + - Bulgaria + - Burkina Faso + - Burundi + - Cambodia + - Cameroon + - Canada + - Cape Verde + - Cayman Islands + - Central African Republic + - Chad + - Chile + - China + - Christmas Island + - Cocos (Keeling) Islands + - Colombia + - Comoros + - Congo + - Congo, The Democratic Republic of the + - Cook Islands + - Costa Rica + - Cote D'Ivoire + - Croatia + - Cuba + - Cyprus + - Czech Republic + - Denmark + - Djibouti + - Dominica + - Dominican Republic + - Ecuador + - Egypt + - El Salvador + - Equatorial Guinea + - Eritrea + - Estonia + - Ethiopia + - Falkland Islands (Malvinas) + - Faroe Islands + - Fiji + - Finland + - France + - France, Metropolitan + - French Guiana + - French Polynesia + - French Southern Territories + - Gabon + - Gambia + - Georgia + - Germany + - Ghana + - Gibraltar + - Greece + - Greenland + - Grenada + - Guadeloupe + - Guam + - Guatemala + - Guernsey + - Guinea + - Guinea-Bissau + - Guyana + - Haiti + - Heard Island and McDonald Islands + - Holy See (Vatican City State) + - Honduras + - Hong Kong + - Hungary + - Iceland + - India + - Indonesia + - Iran, Islamic Republic of + - Iraq + - Ireland + - Isle of Man + - Israel + - Italy + - Jamaica + - Japan + - Jersey + - Jordan + - Kazakhstan + - Kenya + - Kiribati + - Korea, Democratic People's Republic of + - Korea, Republic of + - Kuwait + - Kyrgyzstan + - Lao People's Democratic Republic + - Latvia + - Lebanon + - Lesotho + - Liberia + - Libyan Arab Jamahiriya + - Liechtenstein + - Lithuania + - Luxembourg + - Macau + - Macedonia + - Madagascar + - Malawi + - Malaysia + - Maldives + - Mali + - Malta + - Marshall Islands + - Martinique + - Mauritania + - Mauritius + - Mayotte + - Mexico + - Micronesia, Federated States of + - Moldova, Republic of + - Monaco + - Mongolia + - Montenegro + - Montserrat + - Morocco + - Mozambique + - Myanmar + - N/A + - Namibia + - Nauru + - Nepal + - Netherlands + - Netherlands Antilles + - New Caledonia + - New Zealand + - Nicaragua + - Niger + - Nigeria + - Niue + - Norfolk Island + - Northern Mariana Islands + - Norway + - Oman + - Other + - Pakistan + - Palau + - Palestinian Territory + - Panama + - Papua New Guinea + - Paraguay + - Peru + - Philippines + - Pitcairn Islands + - Poland + - Portugal + - Puerto Rico + - Qatar + - Reunion + - Romania + - Russian Federation + - Rwanda + - Saint Barthelemy + - Saint Helena + - Saint Kitts and Nevis + - Saint Lucia + - Saint Martin + - Saint Pierre and Miquelon + - Saint Vincent and the Grenadines + - Samoa + - San Marino + - Sao Tome and Principe + - Satellite Provider + - Saudi Arabia + - Senegal + - Serbia + - Seychelles + - Sierra Leone + - Singapore + - Slovakia + - Slovenia + - Solomon Islands + - Somalia + - South Africa + - South Georgia and the South Sandwich Islands + - Spain + - Sri Lanka + - Sudan + - Suriname + - Svalbard and Jan Mayen + - Swaziland + - Sweden + - Switzerland + - Syrian Arab Republic + - Taiwan + - Tajikistan + - Tanzania, United Republic of + - Thailand + - Timor-Leste + - Togo + - Tokelau + - Tonga + - Trinidad and Tobago + - Tunisia + - Turkey + - Turkmenistan + - Turks and Caicos Islands + - Tuvalu + - Uganda + - Ukraine + - United Arab Emirates + - United Kingdom + - United States + - United States Minor Outlying Islands + - Uruguay + - Uzbekistan + - Vanuatu + - Venezuela + - Vietnam + - Virgin Islands, British + - Virgin Islands, U.S. + - Wallis and Futuna + - Western Sahara + - Yemen + - Zambia + - Zimbabwe + type: string + type: object + type: array + disallowedGeolocationReference: + properties: + link: + pattern: ^http + type: string + type: object enablePassiveMode: type: boolean enforcementMode: diff --git a/docs/crd/appprotect.f5.com_appolicies.md b/docs/crd/appprotect.f5.com_appolicies.md index fe5298802..fef4e8a1b 100644 --- a/docs/crd/appprotect.f5.com_appolicies.md +++ b/docs/crd/appprotect.f5.com_appolicies.md @@ -41,7 +41,7 @@ The `.spec` object supports the following fields: | `policy.blocking-settings.violations[].alarm` | `boolean` | Enable or disable this feature. | | `policy.blocking-settings.violations[].block` | `boolean` | Enable or disable this feature. | | `policy.blocking-settings.violations[].description` | `string` | String configuration value. | -| `policy.blocking-settings.violations[].name` | `string` | Allowed values: `"VIOL_ACCESS_INVALID"`, `"VIOL_ACCESS_MALFORMED"`, `"VIOL_ACCESS_MISSING"`, `"VIOL_ACCESS_UNAUTHORIZED"`, `"VIOL_ASM_COOKIE_HIJACKING"`, `"VIOL_ASM_COOKIE_MODIFIED"`, `"VIOL_BLACKLISTED_IP"`, `"VIOL_COOKIE_EXPIRED"`, `"VIOL_COOKIE_LENGTH"`, `"VIOL_COOKIE_MALFORMED"`, `"VIOL_COOKIE_MODIFIED"`, `"VIOL_CSRF"`, `"VIOL_DATA_GUARD"`, `"VIOL_ENCODING"`, `"VIOL_EVASION"`, `"VIOL_FILE_UPLOAD"`, `"VIOL_FILE_UPLOAD_IN_BODY"`, `"VIOL_FILETYPE"`, `"VIOL_GRAPHQL_ERROR_RESPONSE"`, `"VIOL_GRAPHQL_FORMAT"`, `"VIOL_GRAPHQL_INTROSPECTION_QUERY"`, `"VIOL_GRAPHQL_MALFORMED"`, `"VIOL_GRPC_FORMAT"`, `"VIOL_GRPC_MALFORMED"`, `"VIOL_GRPC_METHOD"`, `"VIOL_HEADER_LENGTH"`, `"VIOL_HEADER_METACHAR"`, `"VIOL_HEADER_REPEATED"`, `"VIOL_HTTP_PROTOCOL"`, `"VIOL_HTTP_RESPONSE_STATUS"`, `"VIOL_JSON_FORMAT"`, `"VIOL_JSON_MALFORMED"`, `"VIOL_JSON_SCHEMA"`, `"VIOL_MANDATORY_HEADER"`, `"VIOL_MANDATORY_PARAMETER"`, `"VIOL_MANDATORY_REQUEST_BODY"`, `"VIOL_METHOD"`, `"VIOL_PARAMETER"`, `"VIOL_PARAMETER_ARRAY_VALUE"`, `"VIOL_PARAMETER_DATA_TYPE"`, `"VIOL_PARAMETER_EMPTY_VALUE"`, `"VIOL_PARAMETER_LOCATION"`, `"VIOL_PARAMETER_MULTIPART_NULL_VALUE"`, `"VIOL_PARAMETER_NAME_METACHAR"`, `"VIOL_PARAMETER_NUMERIC_VALUE"`, `"VIOL_PARAMETER_REPEATED"`, `"VIOL_PARAMETER_STATIC_VALUE"`, `"VIOL_PARAMETER_VALUE_BASE64"`, `"VIOL_PARAMETER_VALUE_LENGTH"`, `"VIOL_PARAMETER_VALUE_METACHAR"`, `"VIOL_PARAMETER_VALUE_REGEXP"`, `"VIOL_POST_DATA_LENGTH"`, `"VIOL_QUERY_STRING_LENGTH"`, `"VIOL_RATING_NEED_EXAMINATION"`, `"VIOL_RATING_THREAT"`, `"VIOL_REQUEST_LENGTH"`, `"VIOL_REQUEST_MAX_LENGTH"`, `"VIOL_THREAT_CAMPAIGN"`, `"VIOL_URL"`, `"VIOL_URL_CONTENT_TYPE"`, `"VIOL_URL_LENGTH"`, `"VIOL_URL_METACHAR"`, `"VIOL_XML_FORMAT"`, `"VIOL_XML_MALFORMED"`. | +| `policy.blocking-settings.violations[].name` | `string` | Allowed values: `"VIOL_ACCESS_INVALID"`, `"VIOL_ACCESS_MALFORMED"`, `"VIOL_ACCESS_MISSING"`, `"VIOL_ACCESS_UNAUTHORIZED"`, `"VIOL_ASM_COOKIE_HIJACKING"`, `"VIOL_ASM_COOKIE_MODIFIED"`, `"VIOL_BLACKLISTED_IP"`, `"VIOL_BOT_CLIENT"`, `"VIOL_BRUTE_FORCE"`, `"VIOL_COOKIE_EXPIRED"`, `"VIOL_COOKIE_LENGTH"`, `"VIOL_COOKIE_MALFORMED"`, `"VIOL_COOKIE_MODIFIED"`, `"VIOL_CSRF"`, `"VIOL_DATA_GUARD"`, `"VIOL_ENCODING"`, `"VIOL_EVASION"`, `"VIOL_FILE_UPLOAD"`, `"VIOL_FILE_UPLOAD_IN_BODY"`, `"VIOL_FILETYPE"`, `"VIOL_GEOLOCATION"`, `"VIOL_GRAPHQL_ERROR_RESPONSE"`, `"VIOL_GRAPHQL_FORMAT"`, `"VIOL_GRAPHQL_INTROSPECTION_QUERY"`, `"VIOL_GRAPHQL_MALFORMED"`, `"VIOL_GRPC_FORMAT"`, `"VIOL_GRPC_MALFORMED"`, `"VIOL_GRPC_METHOD"`, `"VIOL_HEADER_LENGTH"`, `"VIOL_HEADER_METACHAR"`, `"VIOL_HEADER_REPEATED"`, `"VIOL_HTTP_PROTOCOL"`, `"VIOL_HTTP_RESPONSE_STATUS"`, `"VIOL_JSON_FORMAT"`, `"VIOL_JSON_MALFORMED"`, `"VIOL_JSON_SCHEMA"`, `"VIOL_LOGIN"`, `"VIOL_LOGIN_URL_BYPASSED"`, `"VIOL_LOGIN_URL_EXPIRED"`, `"VIOL_MANDATORY_HEADER"`, `"VIOL_MANDATORY_PARAMETER"`, `"VIOL_MANDATORY_REQUEST_BODY"`, `"VIOL_METHOD"`, `"VIOL_PARAMETER"`, `"VIOL_PARAMETER_ARRAY_VALUE"`, `"VIOL_PARAMETER_DATA_TYPE"`, `"VIOL_PARAMETER_EMPTY_VALUE"`, `"VIOL_PARAMETER_LOCATION"`, `"VIOL_PARAMETER_MULTIPART_NULL_VALUE"`, `"VIOL_PARAMETER_NAME_METACHAR"`, `"VIOL_PARAMETER_NUMERIC_VALUE"`, `"VIOL_PARAMETER_REPEATED"`, `"VIOL_PARAMETER_STATIC_VALUE"`, `"VIOL_PARAMETER_VALUE_BASE64"`, `"VIOL_PARAMETER_VALUE_LENGTH"`, `"VIOL_PARAMETER_VALUE_METACHAR"`, `"VIOL_PARAMETER_VALUE_REGEXP"`, `"VIOL_POST_DATA_LENGTH"`, `"VIOL_QUERY_STRING_LENGTH"`, `"VIOL_RATING_NEED_EXAMINATION"`, `"VIOL_RATING_THREAT"`, `"VIOL_REQUEST_LENGTH"`, `"VIOL_REQUEST_MAX_LENGTH"`, `"VIOL_THREAT_CAMPAIGN"`, `"VIOL_URL"`, `"VIOL_URL_CONTENT_TYPE"`, `"VIOL_URL_LENGTH"`, `"VIOL_URL_METACHAR"`, `"VIOL_WEBSOCKET_BAD_REQUEST"`, `"VIOL_XML_FORMAT"`, `"VIOL_XML_MALFORMED"`. | | `policy.blockingSettingReference` | `object` | Configuration object. | | `policy.blockingSettingReference.link` | `string` | String configuration value. | | `policy.bot-defense` | `object` | Configuration object. | @@ -162,6 +162,12 @@ The `.spec` object supports the following fields: | `policy.general.trustXff` | `boolean` | Enable or disable this feature. | | `policy.generalReference` | `object` | Configuration object. | | `policy.generalReference.link` | `string` | String configuration value. | +| `policy.disallowed-geolocations` | `array` | List of configuration values. | +| `policy.disallowed-geolocations[].$action` | `string` | Allowed values: `"delete"`. | +| `policy.disallowed-geolocations[].countryCode` | `string` | Specifies the ISO country code of the selected country. Allowed values: `"AF"`, `"AX"`, `"AL"`, `"DZ"`, `"AS"`, `"AD"`, `"AO"`, `"AI"`, `"A1"`, `"AQ"`, `"AG"`, `"AR"`, `"AM"`, `"AW"`, `"AU"`, `"AT"`, `"AZ"`, `"BS"`, `"BH"`, `"BD"`, `"BB"`, `"BY"`, `"BE"`, `"BZ"`, `"BJ"`, `"BM"`, `"BT"`, `"BO"`, `"BA"`, `"BW"`, `"BV"`, `"BR"`, `"IO"`, `"BN"`, `"BG"`, `"BF"`, `"BI"`, `"KH"`, `"CM"`, `"CA"`, `"CV"`, `"KY"`, `"CF"`, `"TD"`, `"CL"`, `"CN"`, `"CX"`, `"CC"`, `"CO"`, `"KM"`, `"CG"`, `"CD"`, `"CK"`, `"CR"`, `"CI"`, `"HR"`, `"CU"`, `"CY"`, `"CZ"`, `"DK"`, `"DJ"`, `"DM"`, `"DO"`, `"EC"`, `"EG"`, `"SV"`, `"GQ"`, `"ER"`, `"EE"`, `"ET"`, `"FK"`, `"FO"`, `"FJ"`, `"FI"`, `"FR"`, `"FX"`, `"GF"`, `"PF"`, `"TF"`, `"GA"`, `"GM"`, `"GE"`, `"DE"`, `"GH"`, `"GI"`, `"GR"`, `"GL"`, `"GD"`, `"GP"`, `"GU"`, `"GT"`, `"GG"`, `"GN"`, `"GW"`, `"GY"`, `"HT"`, `"HM"`, `"VA"`, `"HN"`, `"HK"`, `"HU"`, `"IS"`, `"IN"`, `"ID"`, `"IR"`, `"IQ"`, `"IE"`, `"IM"`, `"IL"`, `"IT"`, `"JM"`, `"JP"`, `"JE"`, `"JO"`, `"KZ"`, `"KE"`, `"KI"`, `"KP"`, `"KR"`, `"KW"`, `"KG"`, `"LA"`, `"LV"`, `"LB"`, `"LS"`, `"LR"`, `"LY"`, `"LI"`, `"LT"`, `"LU"`, `"MO"`, `"MK"`, `"MG"`, `"MW"`, `"MY"`, `"MV"`, `"ML"`, `"MT"`, `"MH"`, `"MQ"`, `"MR"`, `"MU"`, `"YT"`, `"MX"`, `"FM"`, `"MD"`, `"MC"`, `"MN"`, `"ME"`, `"MS"`, `"MA"`, `"MZ"`, `"MM"`, `"ZZ"`, `"NA"`, `"NR"`, `"NP"`, `"NL"`, `"AN"`, `"NC"`, `"NZ"`, `"NI"`, `"NE"`, `"NG"`, `"NU"`, `"NF"`, `"MP"`, `"NO"`, `"OM"`, `"PK"`, `"PW"`, `"PS"`, `"PA"`, `"PG"`, `"PY"`, `"PE"`, `"PH"`, `"PN"`, `"PL"`, `"PT"`, `"PR"`, `"QA"`, `"RE"`, `"RO"`, `"RU"`, `"RW"`, `"BL"`, `"SH"`, `"KN"`, `"LC"`, `"MF"`, `"PM"`, `"VC"`, `"WS"`, `"SM"`, `"ST"`, `"A2"`, `"SA"`, `"SN"`, `"RS"`, `"SC"`, `"SL"`, `"SG"`, `"SK"`, `"SI"`, `"SB"`, `"SO"`, `"ZA"`, `"GS"`, `"ES"`, `"LK"`, `"SD"`, `"SR"`, `"SJ"`, `"SZ"`, `"SE"`, `"CH"`, `"SY"`, `"TW"`, `"TJ"`, `"TZ"`, `"TH"`, `"TL"`, `"TG"`, `"TK"`, `"TO"`, `"TT"`, `"TN"`, `"TR"`, `"TM"`, `"TC"`, `"TV"`, `"UG"`, `"UA"`, `"AE"`, `"GB"`, `"US"`, `"UM"`, `"UY"`, `"UZ"`, `"VU"`, `"VE"`, `"VN"`, `"VG"`, `"VI"`, `"WF"`, `"EH"`, `"YE"`, `"ZM"`, `"ZW"`. | +| `policy.disallowed-geolocations[].countryName` | `string` | Specifies the name of the country. Allowed values: `"Afghanistan", "Aland Islands", "Albania", "Algeria", "American Samoa", "Andorra", "Angola", "Anguilla", "Anonymous Proxy", "Antarctica", "Antigua and Barbuda", "Argentina", "Armenia", "Aruba", "Australia", "Austria", "Azerbaijan", "Bahamas", "Bahrain", "Bangladesh", "Barbados", "Belarus", "Belgium", "Belize", "Benin", "Bermuda", "Bhutan", "Bolivia", "Bosnia and Herzegovina", "Botswana", "Bouvet Island", "Brazil", "British Indian Ocean Territory", "Brunei Darussalam", "Bulgaria", "Burkina Faso", "Burundi", "Cambodia", "Cameroon", "Canada", "Cape Verde", "Cayman Islands", "Central African Republic", "Chad", "Chile", "China", "Christmas Island", "Cocos (Keeling) Islands", "Colombia", "Comoros", "Congo", "Congo, The Democratic Republic of the", "Cook Islands", "Costa Rica", "Cote D'Ivoire", "Croatia", "Cuba", "Cyprus", "Czech Republic", "Denmark", "Djibouti", "Dominica", "Dominican Republic", "Ecuador", "Egypt", "El Salvador", "Equatorial Guinea", "Eritrea", "Estonia", "Ethiopia", "Falkland Islands (Malvinas)", "Faroe Islands", "Fiji", "Finland", "France", "France, Metropolitan", "French Guiana", "French Polynesia", "French Southern Territories", "Gabon", "Gambia", "Georgia", "Germany", "Ghana", "Gibraltar", "Greece", "Greenland", "Grenada", "Guadeloupe", "Guam", "Guatemala", "Guernsey", "Guinea", "Guinea-Bissau", "Guyana", "Haiti", "Heard Island and McDonald Islands", "Holy See (Vatican City State)", "Honduras", "Hong Kong", "Hungary", "Iceland", "India", "Indonesia", "Iran, Islamic Republic of", "Iraq", "Ireland", "Isle of Man", "Israel", "Italy", "Jamaica", "Japan", "Jersey", "Jordan", "Kazakhstan", "Kenya", "Kiribati", "Korea, Democratic People's Republic of", "Korea, Republic of", "Kuwait", "Kyrgyzstan", "Lao People's Democratic Republic", "Latvia", "Lebanon", "Lesotho", "Liberia", "Libyan Arab Jamahiriya", "Liechtenstein", "Lithuania", "Luxembourg", "Macau", "Macedonia", "Madagascar", "Malawi", "Malaysia", "Maldives", "Mali", "Malta", "Marshall Islands", "Martinique", "Mauritania", "Mauritius", "Mayotte", "Mexico", "Micronesia, Federated States of", "Moldova, Republic of", "Monaco", "Mongolia", "Montenegro", "Montserrat", "Morocco", "Mozambique", "Myanmar", "N/A", "Namibia", "Nauru", "Nepal", "Netherlands", "Netherlands Antilles", "New Caledonia", "New Zealand", "Nicaragua", "Niger", "Nigeria", "Niue", "Norfolk Island", "Northern Mariana Islands", "Norway", "Oman", "Other", "Pakistan", "Palau", "Palestinian Territory", "Panama", "Papua New Guinea", "Paraguay", "Peru", "Philippines", "Pitcairn Islands", "Poland", "Portugal", "Puerto Rico", "Qatar", "Reunion", "Romania", "Russian Federation", "Rwanda", "Saint Barthelemy", "Saint Helena", "Saint Kitts and Nevis", "Saint Lucia", "Saint Martin", "Saint Pierre and Miquelon", "Saint Vincent and the Grenadines", "Samoa", "San Marino", "Sao Tome and Principe", "Satellite Provider", "Saudi Arabia", "Senegal", "Serbia", "Seychelles", "Sierra Leone", "Singapore", "Slovakia", "Slovenia", "Solomon Islands", "Somalia", "South Africa", "South Georgia and the South Sandwich Islands", "Spain", "Sri Lanka", "Sudan", "Suriname", "Svalbard and Jan Mayen", "Swaziland", "Sweden", "Switzerland", "Syrian Arab Republic", "Taiwan", "Tajikistan", "Tanzania, United Republic of", "Thailand", "Timor-Leste", "Togo", "Tokelau", "Tonga", "Trinidad and Tobago", "Tunisia", "Turkey", "Turkmenistan", "Turks and Caicos Islands", "Tuvalu", "Uganda", "Ukraine", "United Arab Emirates", "United Kingdom", "United States", "United States Minor Outlying Islands", "Uruguay", "Uzbekistan", "Vanuatu", "Venezuela", "Vietnam", "Virgin Islands, British", "Virgin Islands, U.S.", "Wallis and Futuna", "Western Sahara", "Yemen", "Zambia", "Zimbabwe"` | +| `policy.disallowedGeolocationReference` | `object` | Configuration object. | +| `policy.disallowedGeolocationReference.link` | `string` | String configuration value. | | `policy.graphql-profiles` | `array` | List of configuration values. | | `policy.graphql-profiles[].$action` | `string` | Allowed values: `"delete"`. | | `policy.graphql-profiles[].attackSignaturesCheck` | `boolean` | Enable or disable this feature. |