mirror of
https://github.com/openappsec/openappsec.git
synced 2025-11-16 01:12:18 +03:00
Compare commits
6 Commits
Jul_23_202
...
orianelou-
| Author | SHA1 | Date | |
|---|---|---|---|
|
805e958cb9 | ||
|
|
5bcd7cfcf1 | ||
|
|
ae6f2faeec | ||
|
705a5e6061 | ||
|
|
c33b74a970 | ||
|
2da9fbc385 |
File diff suppressed because one or more lines are too long
1321
config/crds/open-appsec-crd-latest.yaml
Normal file
1321
config/crds/open-appsec-crd-latest.yaml
Normal file
File diff suppressed because it is too large
Load Diff
525
config/crds/open-appsec-crd-v1beta1.yaml
Normal file
525
config/crds/open-appsec-crd-v1beta1.yaml
Normal file
@@ -0,0 +1,525 @@
|
||||
Enter file contents hereapiVersion: apiextensions.k8s.io/v1
|
||||
kind: CustomResourceDefinition
|
||||
metadata :
|
||||
name : customresponses.openappsec.io
|
||||
|
||||
spec:
|
||||
group: openappsec.io
|
||||
versions:
|
||||
- name: v1beta1
|
||||
served: true
|
||||
storage: true
|
||||
schema:
|
||||
openAPIV3Schema:
|
||||
type: object
|
||||
properties:
|
||||
spec:
|
||||
type: object
|
||||
properties:
|
||||
mode:
|
||||
type: string
|
||||
enum:
|
||||
- block-page
|
||||
#- redirect
|
||||
- response-code-only
|
||||
message-title:
|
||||
type: string
|
||||
message-body:
|
||||
type: string
|
||||
http-response-code:
|
||||
type: integer
|
||||
minimum: 100
|
||||
maximum: 599
|
||||
|
||||
scope: Cluster
|
||||
names:
|
||||
plural: customresponses
|
||||
singular: customresponse
|
||||
kind: CustomResponse
|
||||
shortNames:
|
||||
- customresponse
|
||||
---
|
||||
apiVersion: apiextensions.k8s.io/v1
|
||||
kind: CustomResourceDefinition
|
||||
metadata:
|
||||
name: exceptions.openappsec.io
|
||||
|
||||
spec:
|
||||
group: openappsec.io
|
||||
versions:
|
||||
- name: v1beta1
|
||||
served: true
|
||||
storage: true
|
||||
schema:
|
||||
openAPIV3Schema:
|
||||
type: object
|
||||
properties:
|
||||
spec:
|
||||
type: array
|
||||
items:
|
||||
type: object
|
||||
required:
|
||||
- action
|
||||
properties:
|
||||
action:
|
||||
type: string
|
||||
enum:
|
||||
- skip
|
||||
- accept
|
||||
- drop
|
||||
- suppressLog
|
||||
sourceIp:
|
||||
type: array
|
||||
items:
|
||||
type: string
|
||||
url:
|
||||
type: array
|
||||
items:
|
||||
type: string
|
||||
sourceIdentifier:
|
||||
type: array
|
||||
items:
|
||||
type: string
|
||||
protectionName:
|
||||
type: array
|
||||
items:
|
||||
type: string
|
||||
paramValue:
|
||||
type: array
|
||||
items:
|
||||
type: string
|
||||
paramName:
|
||||
type: array
|
||||
items:
|
||||
type: string
|
||||
hostName:
|
||||
type: array
|
||||
items:
|
||||
type: string
|
||||
countryCode:
|
||||
type: array
|
||||
items:
|
||||
type: string
|
||||
countryName:
|
||||
type: array
|
||||
items:
|
||||
type: string
|
||||
comment:
|
||||
type: string
|
||||
|
||||
scope: Cluster
|
||||
names:
|
||||
plural: exceptions
|
||||
singular: exception
|
||||
kind: Exception
|
||||
shortNames:
|
||||
- exception
|
||||
---
|
||||
apiVersion: apiextensions.k8s.io/v1
|
||||
kind: CustomResourceDefinition
|
||||
metadata :
|
||||
name : logtriggers.openappsec.io
|
||||
|
||||
spec:
|
||||
group: openappsec.io
|
||||
versions:
|
||||
- name: v1beta1
|
||||
# Each version can be enabled/disabled by Served flag.
|
||||
served: true
|
||||
# One and only one version must be marked as the storage version.
|
||||
storage: true
|
||||
schema:
|
||||
openAPIV3Schema:
|
||||
type: object
|
||||
properties:
|
||||
spec:
|
||||
type: object
|
||||
properties:
|
||||
access-control-logging:
|
||||
type: object
|
||||
properties:
|
||||
allow-events:
|
||||
type: boolean
|
||||
drop-events:
|
||||
type: boolean
|
||||
appsec-logging:
|
||||
type: object
|
||||
properties:
|
||||
detect-events:
|
||||
type: boolean
|
||||
prevent-events:
|
||||
type: boolean
|
||||
all-web-requests:
|
||||
type: boolean
|
||||
additional-suspicious-events-logging:
|
||||
type: object
|
||||
properties:
|
||||
enabled:
|
||||
type: boolean
|
||||
minimum-severity:
|
||||
type: string
|
||||
enum:
|
||||
- high
|
||||
- critical
|
||||
response-body:
|
||||
type: boolean
|
||||
response-code:
|
||||
type: boolean
|
||||
extended-logging:
|
||||
type: object
|
||||
properties:
|
||||
url-path:
|
||||
type: boolean
|
||||
url-query:
|
||||
type: boolean
|
||||
http-headers:
|
||||
type: boolean
|
||||
request-body:
|
||||
type: boolean
|
||||
log-destination:
|
||||
type: object
|
||||
properties:
|
||||
cloud:
|
||||
type: boolean
|
||||
syslog-service: #change to object array
|
||||
type: array
|
||||
items:
|
||||
type: object
|
||||
properties:
|
||||
address:
|
||||
type: string
|
||||
port:
|
||||
type: integer
|
||||
file:
|
||||
type: string
|
||||
stdout:
|
||||
type: object
|
||||
properties:
|
||||
format:
|
||||
type: string
|
||||
enum:
|
||||
- json
|
||||
- json-formatted
|
||||
cef-service:
|
||||
type: array
|
||||
items:
|
||||
type: object
|
||||
properties:
|
||||
address:
|
||||
type: string
|
||||
port:
|
||||
type: integer
|
||||
proto:
|
||||
type: string
|
||||
enum:
|
||||
- tcp
|
||||
- udp
|
||||
|
||||
scope: Cluster
|
||||
names:
|
||||
plural: logtriggers
|
||||
singular: logtrigger
|
||||
kind: LogTrigger
|
||||
shortNames:
|
||||
- logtrigger
|
||||
---
|
||||
apiVersion: apiextensions.k8s.io/v1
|
||||
kind: CustomResourceDefinition
|
||||
metadata :
|
||||
name : policies.openappsec.io
|
||||
|
||||
spec:
|
||||
group: openappsec.io
|
||||
versions:
|
||||
- name: v1beta1
|
||||
# Each version can be enabled/disabled by Served flag.
|
||||
served: true
|
||||
# One and only one version must be marked as the storage version.
|
||||
storage: true
|
||||
schema:
|
||||
openAPIV3Schema:
|
||||
type: object
|
||||
properties:
|
||||
spec:
|
||||
type: object
|
||||
properties:
|
||||
default:
|
||||
type: object
|
||||
properties:
|
||||
mode:
|
||||
type: string
|
||||
enum:
|
||||
- prevent-learn
|
||||
- detect-learn
|
||||
- prevent
|
||||
- detect
|
||||
- inactive
|
||||
practices:
|
||||
type: array
|
||||
items:
|
||||
type: string
|
||||
triggers:
|
||||
type: array
|
||||
items:
|
||||
type: string
|
||||
custom-response:
|
||||
type: string
|
||||
source-identifiers:
|
||||
type: string
|
||||
trusted-sources:
|
||||
type: string
|
||||
exceptions:
|
||||
type: array
|
||||
items:
|
||||
type: string
|
||||
specific-rules:
|
||||
type: array
|
||||
items:
|
||||
type: object
|
||||
properties:
|
||||
host:
|
||||
type: string
|
||||
mode:
|
||||
type: string
|
||||
enum:
|
||||
- prevent-learn
|
||||
- detect-learn
|
||||
- prevent
|
||||
- detect
|
||||
- inactive
|
||||
practices:
|
||||
type: array
|
||||
items:
|
||||
type: string
|
||||
triggers:
|
||||
type: array
|
||||
items:
|
||||
type: string
|
||||
custom-response:
|
||||
type: string
|
||||
source-identifiers:
|
||||
type: string
|
||||
trusted-sources:
|
||||
type: string
|
||||
exceptions:
|
||||
type: array
|
||||
items:
|
||||
type: string
|
||||
|
||||
scope: Cluster
|
||||
names:
|
||||
plural: policies
|
||||
singular: policy
|
||||
kind: Policy
|
||||
shortNames:
|
||||
- policy
|
||||
---
|
||||
apiVersion: apiextensions.k8s.io/v1
|
||||
kind: CustomResourceDefinition
|
||||
metadata :
|
||||
name : practices.openappsec.io
|
||||
|
||||
spec:
|
||||
group: openappsec.io
|
||||
versions:
|
||||
- name: v1beta1
|
||||
served: true
|
||||
storage: true
|
||||
schema:
|
||||
openAPIV3Schema:
|
||||
type: object
|
||||
properties:
|
||||
spec:
|
||||
type: object
|
||||
properties:
|
||||
web-attacks:
|
||||
type: object
|
||||
properties:
|
||||
override-mode:
|
||||
type: string
|
||||
enum:
|
||||
- prevent-learn
|
||||
- detect-learn
|
||||
- prevent
|
||||
- detect
|
||||
- inactive
|
||||
minimum-confidence:
|
||||
type: string
|
||||
enum:
|
||||
- medium
|
||||
- high
|
||||
- critical
|
||||
max-url-size-bytes:
|
||||
type: integer
|
||||
max-object-depth:
|
||||
type: integer
|
||||
max-body-size-kb:
|
||||
type: integer
|
||||
max-header-size-bytes:
|
||||
type: integer
|
||||
protections:
|
||||
type: object
|
||||
properties:
|
||||
csrf-enabled:
|
||||
type: string
|
||||
enum:
|
||||
- prevent-learn
|
||||
- detect-learn
|
||||
- prevent
|
||||
- detect
|
||||
- inactive
|
||||
error-disclosure-enabled:
|
||||
type: string
|
||||
enum:
|
||||
- prevent-learn
|
||||
- detect-learn
|
||||
- prevent
|
||||
- detect
|
||||
- inactive
|
||||
open-redirect-enabled:
|
||||
type: string
|
||||
enum:
|
||||
- prevent-learn
|
||||
- detect-learn
|
||||
- prevent
|
||||
- detect
|
||||
- inactive
|
||||
non-valid-http-methods:
|
||||
type: boolean
|
||||
anti-bot:
|
||||
type: object
|
||||
properties:
|
||||
override-mode:
|
||||
type: string
|
||||
enum:
|
||||
- prevent-learn
|
||||
- detect-learn
|
||||
- prevent
|
||||
- detect
|
||||
- inactive
|
||||
injected-URIs:
|
||||
type: array
|
||||
items:
|
||||
type: object
|
||||
properties:
|
||||
uri:
|
||||
type: string
|
||||
validated-URIs:
|
||||
type: array
|
||||
items:
|
||||
type: object
|
||||
properties:
|
||||
uri:
|
||||
type: string
|
||||
snort-signatures:
|
||||
type: object
|
||||
properties:
|
||||
override-mode:
|
||||
type: string
|
||||
enum:
|
||||
- prevent-learn
|
||||
- detect-learn
|
||||
- prevent
|
||||
- detect
|
||||
- inactive
|
||||
configmap:
|
||||
type: array
|
||||
items:
|
||||
type: string
|
||||
openapi-schema-validation:
|
||||
type: object
|
||||
properties:
|
||||
override-mode:
|
||||
type: string
|
||||
enum:
|
||||
- prevent-learn
|
||||
- detect-learn
|
||||
- prevent
|
||||
- detect
|
||||
- inactive
|
||||
configmap:
|
||||
type: array
|
||||
items:
|
||||
type: string
|
||||
|
||||
scope: Cluster
|
||||
names:
|
||||
plural: practices
|
||||
singular: practice
|
||||
kind: Practice
|
||||
shortNames:
|
||||
- practice
|
||||
---
|
||||
apiVersion: apiextensions.k8s.io/v1
|
||||
kind: CustomResourceDefinition
|
||||
metadata :
|
||||
name : sourcesidentifiers.openappsec.io
|
||||
|
||||
spec:
|
||||
group: openappsec.io
|
||||
versions:
|
||||
- name: v1beta1
|
||||
served: true
|
||||
storage: true
|
||||
schema:
|
||||
openAPIV3Schema:
|
||||
type: object
|
||||
properties:
|
||||
spec:
|
||||
type: array
|
||||
items:
|
||||
type: object
|
||||
properties:
|
||||
sourceIdentifier:
|
||||
type: string
|
||||
enum:
|
||||
- headerkey
|
||||
- JWTKey
|
||||
- cookie
|
||||
- sourceip
|
||||
- x-forwarded-for
|
||||
value:
|
||||
type: array
|
||||
items:
|
||||
type: string
|
||||
|
||||
scope: Cluster
|
||||
names:
|
||||
plural: sourcesidentifiers
|
||||
singular: sourcesidentifier
|
||||
kind: SourcesIdentifier
|
||||
shortNames:
|
||||
- sourcesidentifier
|
||||
---
|
||||
apiVersion: apiextensions.k8s.io/v1
|
||||
kind: CustomResourceDefinition
|
||||
metadata :
|
||||
name : trustedsources.openappsec.io
|
||||
|
||||
spec:
|
||||
group: openappsec.io
|
||||
versions:
|
||||
- name: v1beta1
|
||||
served: true
|
||||
storage: true
|
||||
schema:
|
||||
openAPIV3Schema:
|
||||
type: object
|
||||
properties:
|
||||
spec:
|
||||
type: object
|
||||
properties:
|
||||
minNumOfSources:
|
||||
type: integer
|
||||
sourcesIdentifiers:
|
||||
type: array
|
||||
items:
|
||||
type: string
|
||||
|
||||
scope: Cluster
|
||||
names:
|
||||
plural: trustedsources
|
||||
singular: trustedsource
|
||||
kind: TrustedSource
|
||||
shortNames:
|
||||
- trustedsource
|
||||
1321
config/crds/open-appsec-crd-v1beta2.yaml
Normal file
1321
config/crds/open-appsec-crd-v1beta2.yaml
Normal file
File diff suppressed because it is too large
Load Diff
Reference in New Issue
Block a user