diff --git a/azurerm/resource_arm_application_gateway.go b/azurerm/resource_arm_application_gateway.go index 49a343f045ed..51c4d4862afb 100644 --- a/azurerm/resource_arm_application_gateway.go +++ b/azurerm/resource_arm_application_gateway.go @@ -811,6 +811,17 @@ func resourceArmApplicationGateway() *schema.Resource { ValidateFunc: validation.IntBetween(1, 500), Default: 100, }, + "request_body_check": { + Type: schema.TypeBool, + Optional: true, + Default: true, + }, + "max_request_body_size_kb": { + Type: schema.TypeInt, + Optional: true, + ValidateFunc: validation.IntBetween(1, 128), + Default: 128, + }, }, }, }, @@ -2278,13 +2289,17 @@ func expandApplicationGatewayWafConfig(d *schema.ResourceData) *network.Applicat ruleSetType := v["rule_set_type"].(string) ruleSetVersion := v["rule_set_version"].(string) fileUploadLimitInMb := v["file_upload_limit_mb"].(int) + requestBodyCheck := v["request_body_check"].(bool) + maxRequestBodySizeInKb := v["max_request_body_size_kb"].(int) return &network.ApplicationGatewayWebApplicationFirewallConfiguration{ - Enabled: utils.Bool(enabled), - FirewallMode: network.ApplicationGatewayFirewallMode(mode), - RuleSetType: utils.String(ruleSetType), - RuleSetVersion: utils.String(ruleSetVersion), - FileUploadLimitInMb: utils.Int32(int32(fileUploadLimitInMb)), + Enabled: utils.Bool(enabled), + FirewallMode: network.ApplicationGatewayFirewallMode(mode), + RuleSetType: utils.String(ruleSetType), + RuleSetVersion: utils.String(ruleSetVersion), + FileUploadLimitInMb: utils.Int32(int32(fileUploadLimitInMb)), + RequestBodyCheck: utils.Bool(requestBodyCheck), + MaxRequestBodySizeInKb: utils.Int32(int32(maxRequestBodySizeInKb)), } } @@ -2314,6 +2329,14 @@ func flattenApplicationGatewayWafConfig(input *network.ApplicationGatewayWebAppl output["file_upload_limit_mb"] = int(*input.FileUploadLimitInMb) } + if input.RequestBodyCheck != nil { + output["request_body_check"] = *input.RequestBodyCheck + } + + if input.MaxRequestBodySizeInKb != nil { + output["max_request_body_size_kb"] = int(*input.MaxRequestBodySizeInKb) + } + results = append(results, output) return results diff --git a/azurerm/resource_arm_application_gateway_test.go b/azurerm/resource_arm_application_gateway_test.go index 60ede482b143..84ea780d11a2 100644 --- a/azurerm/resource_arm_application_gateway_test.go +++ b/azurerm/resource_arm_application_gateway_test.go @@ -351,6 +351,8 @@ func TestAccAzureRMApplicationGateway_webApplicationFirewall(t *testing.T) { resource.TestCheckResourceAttr(resourceName, "waf_configuration.0.rule_set_type", "OWASP"), resource.TestCheckResourceAttr(resourceName, "waf_configuration.0.rule_set_version", "3.0"), resource.TestCheckResourceAttr(resourceName, "waf_configuration.0.file_upload_limit_mb", "100"), + resource.TestCheckResourceAttr(resourceName, "waf_configuration.0.request_body_check", "true"), + resource.TestCheckResourceAttr(resourceName, "waf_configuration.0.max_request_body_size_kb", "100"), ), }, }, @@ -1435,6 +1437,8 @@ resource "azurerm_application_gateway" "test" { rule_set_type = "OWASP" rule_set_version = "3.0" file_upload_limit_mb = 100 + request_body_check = true + max_request_body_size_kb = 100 } gateway_ip_configuration { diff --git a/website/docs/r/application_gateway.html.markdown b/website/docs/r/application_gateway.html.markdown index 065edeec514e..a0432ad23144 100644 --- a/website/docs/r/application_gateway.html.markdown +++ b/website/docs/r/application_gateway.html.markdown @@ -377,6 +377,10 @@ A `waf_configuration` block supports the following: * `file_upload_limit_mb` - (Optional) The File Upload Limit in MB. Accepted values are in the range `1`MB to `500`MB. Defaults to `100`MB. +* `request_body_check` - (Optional) Is Request Body Inspection enabled? Defaults to `true`. + +* `max_request_body_size_kb` - (Optional) The Maximum Request Body Size in KB. Accepted values are in the range `1`KB to `128`KB. Defaults to `128`KB. + --- A `custom_error_configuration` block supports the following: