Dynamic Injection

Configure the Dynamic Injection action type to process Dynamic rules and protect data on-the-fly.

After defining a Dynamic Rule variable name type to store the request header that sends the Dynamic CoP structure, configure the Dynamic Injection action type to process Dynamic rules and protect data on-the-fly.

While creating Rulesets for Dynamic CoP, use the Profile Reference rule is for data transformation instead of the Transform rule. The security benefits of using Profile Reference rule are higher than the Transform rule as the requests can be triggered out of the secure network perimeter of an organization.

The fields for the Dynamic Injection action are as seen in the following figure.

Dynamic Injection Action

The following table describes the Authorized Rule Types applicable to the Dynamic Injection action.

FieldDescription
Rule TypeAllowed Action type that will be parsed from the Dynamic Rule request header.The following are the Available Action type options:
  • Error
  • Exit
  • Extract
  • Log
  • Profile Reference
  • Set Context Variable
  • Set User Identity
  • Transform
PayloadSelect the allowed Payload type that will be parsed from the Dynamic Rule request header. This field also accepts Regex patterns for selecting payload that needs to be parsed.Note: To select all payloads, click the Payload drop down and select ALL.

Note: The Dynamic Injection action type must always be created as a leaf node (a rule without any child nodes).

Creating a Dynamic Injection rule

The dynamic injection rule must be created to send dynamic Ruleset requests.

To create a Dynamic Injection Rule:

  1. Create an extract rule under an existing profile or a new profile to extract the request header with the Dynamic Rule.

    Dynamic Injection Rule-1

  2. Under this extract rule, create a Set Context Variable rule to extract the Dynamic rule and set as a variable.

    Dynamic Injection Rule-2

  3. Under the same profile, create an extract rule to extract the request message.

    Dynamic Injection Rule-3

  4. Under the extract rule created in step 3, create the Dynamic Injection rule. The Dynamic rule received in the request header in step 2 will be hooked to this rule for further processing.

    Dynamic Injection Rule-4

  5. Click Deploy or Deploy to Node Groups to apply configuration changes.

    When a request is received at the configured URI, the request header and request body are processed, and then the response is sent.