This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Log in to ask a question
Log in to ask a question

Cloud Armor Request Body Exclusions

Posted on 12-12-2023 03:33 AM
Nathan-Scott
Bronze 1
Bronze 1
Reply posted on --/--/---- --:-- AM

Is there no way to create exclusions for specific values that appear in a request's body for the preconfigured rulesets? E.g. I have a value within a JSON parameter that is triggering a great deal of false positives, but it seems there is no way to highlight this field to be skipped by the specific rule that is causing the FPs.

ExclusionExamples.png

Image to the side shows what values exclusions can be created for, but nothing for request body/parameters.

 

 

So as I see it, this leaves turning the rules completely off as the only option, which I don't believe is a great option.

2 1 449
Topic Labels
1 REPLY 1

Posted on --/--/---- --:-- AM
Marvin_Lucero
Staff
Reply posted on --/--/---- --:-- AM

Hi @Nathan-Scott ,

There is no direct way to create exclusions for specific values that appear in a request's body for the preconfigured rulesets in Google Cloud Armor. The exclusions are primarily designed to exclude entire IP addresses, IP ranges, or ASNs.

However, there is a workaround you can consider. You can create a custom rule in Cloud Armor to specifically allow requests with the problematic value in the request body. This way, the preconfigured rule that is causing false positives will not be triggered for requests with the problematic value. You can check this documentation for more details.

Top Labels in this Space
Top Solution Authors
View all