Nooshu/terraform.json

## terraform.json
{
    name           = "nfdiv"
    custom_domain  = "nfdiv.perftest.platform.hmcts.net"
    dns_zone_name  = "perftest.platform.hmcts.net"
    mode           = "Prevention"
    backend_domain = ["firewall-nonprodi-palo-cft-perftest.uksouth.cloudapp.azure.com"]
    disabled_rules = {
      SQLI = [
        "942100",
        "942150",
        "942200",
        "942210",
        "942230",
        "942361",
        "942380",
        "942400",
        "942430",
        "942260"
      ]
      LFI = [
        "930100", // false positive on multi-part uploads
        "930110", // false positive on multi-part uploads
      ]
      RCE = [
        "932100"
      ]
      RFI = [
        "931130"
      ]
      conditions {
    dynamic "url_file_extension_condition" {
      for_each = lookup(each.value, "caching", {
        url_file_extension_conditions = [
          {
            operator         = "Equal"
            negate_condition = false
            match_values     = ["jpg", "png", "css", "ico", "js"]
            transforms       = ["Lowercase"]
          }
        ]
      }).url_file_extension_conditions
      iterator = condition
      content {
        operator         = lookup(condition.value, "operator", null) != null ? condition.value.operator : "Equal"
        negate_condition = lookup(condition.value, "negate_condition", null) != null ? condition.value.negate_condition : false
        match_values     = lookup(condition.value, "match_values", null) != null ? condition.value.match_values : ["jpg", "png", "css", "ico", "js"]
        transforms       = lookup(condition.value, "transforms", null) != null ? condition.value.transforms : ["Lowercase"]
      }
    }
  },
  actions {
    dynamic "route_configuration_override_action" {
      for_each = lookup(each.value, "caching", {
        route_configuration_override_action = [
          {
            cache_duration                = null
            cdn_frontdoor_origin_group_id = null
            forwarding_protocol           = null
            query_string_caching_behavior = "UseQueryString"
            query_string_parameters       = null
            compression_enabled           = false
            cache_behavior                = "HonorOrigin"
          }
        ]
      }).route_configuration_override_action
      iterator = action
      content {
        cache_duration                = lookup(action.value, "cache_duration", null) != null ? action.value.cache_duration : null
        cdn_frontdoor_origin_group_id = lookup(action.value, "cdn_frontdoor_origin_group_id", null) != null ? action.value.cdn_frontdoor_origin_group_id : null
        forwarding_protocol           = lookup(action.value, "forwarding_protocol", null) != null ? action.value.forwarding_protocol : null
        query_string_caching_behavior = lookup(action.value, "query_string_caching_behavior", null) != null ? action.value.query_string_caching_behavior : "UseQueryString"
        query_string_parameters       = lookup(action.value, "query_string_parameters", null) != null ? action.value.query_string_parameters : null
        compression_enabled           = lookup(action.value, "compression_enabled", null) != null ? action.value.compression_enabled : false
        cache_behavior                = lookup(action.value, "cache_behavior", null) != null ? action.value.cache_behavior : "HonorOrigin"
      }
    }
  }
}
	{
	name = "nfdiv"
	custom_domain = "nfdiv.perftest.platform.hmcts.net"
	dns_zone_name = "perftest.platform.hmcts.net"
	mode = "Prevention"
	backend_domain = ["firewall-nonprodi-palo-cft-perftest.uksouth.cloudapp.azure.com"]
	disabled_rules = {
	SQLI = [
	"942100",
	"942150",
	"942200",
	"942210",
	"942230",
	"942361",
	"942380",
	"942400",
	"942430",
	"942260"
	]
	LFI = [
	"930100", // false positive on multi-part uploads
	"930110", // false positive on multi-part uploads
	]
	RCE = [
	"932100"
	]
	RFI = [
	"931130"
	]
	conditions {
	dynamic "url_file_extension_condition" {
	for_each = lookup(each.value, "caching", {
	url_file_extension_conditions = [
	{
	operator = "Equal"
	negate_condition = false
	match_values = ["jpg", "png", "css", "ico", "js"]
	transforms = ["Lowercase"]
	}
	]
	}).url_file_extension_conditions
	iterator = condition
	content {
	operator = lookup(condition.value, "operator", null) != null ? condition.value.operator : "Equal"
	negate_condition = lookup(condition.value, "negate_condition", null) != null ? condition.value.negate_condition : false
	match_values = lookup(condition.value, "match_values", null) != null ? condition.value.match_values : ["jpg", "png", "css", "ico", "js"]
	transforms = lookup(condition.value, "transforms", null) != null ? condition.value.transforms : ["Lowercase"]
	}
	}
	},
	actions {
	dynamic "route_configuration_override_action" {
	for_each = lookup(each.value, "caching", {
	route_configuration_override_action = [
	{
	cache_duration = null
	cdn_frontdoor_origin_group_id = null
	forwarding_protocol = null
	query_string_caching_behavior = "UseQueryString"
	query_string_parameters = null
	compression_enabled = false
	cache_behavior = "HonorOrigin"
	}
	]
	}).route_configuration_override_action
	iterator = action
	content {
	cache_duration = lookup(action.value, "cache_duration", null) != null ? action.value.cache_duration : null
	cdn_frontdoor_origin_group_id = lookup(action.value, "cdn_frontdoor_origin_group_id", null) != null ? action.value.cdn_frontdoor_origin_group_id : null
	forwarding_protocol = lookup(action.value, "forwarding_protocol", null) != null ? action.value.forwarding_protocol : null
	query_string_caching_behavior = lookup(action.value, "query_string_caching_behavior", null) != null ? action.value.query_string_caching_behavior : "UseQueryString"
	query_string_parameters = lookup(action.value, "query_string_parameters", null) != null ? action.value.query_string_parameters : null
	compression_enabled = lookup(action.value, "compression_enabled", null) != null ? action.value.compression_enabled : false
	cache_behavior = lookup(action.value, "cache_behavior", null) != null ? action.value.cache_behavior : "HonorOrigin"
	}
	}
	}
	}