@Generated(value="jsii-pacmak/1.67.0 (build 2c027f5)", date="2022-09-19T20:26:42.744Z") @Stability(value=Stable) public class CfnWebACL extends CfnResource implements IInspectable
This is the latest version of AWS WAF , named AWS WAF V2, released in November, 2019. For information, including how to migrate your AWS WAF resources from the prior release, see the AWS WAF Developer Guide .
Use an WebACL to define a collection of rules to use to inspect and control web requests. Each rule has an action defined (allow, block, or count) for requests that match the statement of the rule. In the web ACL, you assign a default action to take (allow, block) for any request that does not match any of the rules. The rules in a web ACL can contain rule statements that you define explicitly and rule statements that reference rule groups and managed rule groups. You can associate a web ACL with one or more AWS resources to protect. The resources can be an Amazon CloudFront distribution, an Amazon API Gateway REST API, an Application Load Balancer , or an AWS AppSync GraphQL API.
Example:
// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import software.amazon.awscdk.services.wafv2.*;
Object all;
Object allQueryArguments;
Object count;
Object method;
Object none;
Object queryString;
Object singleHeader;
Object singleQueryArgument;
StatementProperty statementProperty_;
Object uriPath;
CfnWebACL cfnWebACL = CfnWebACL.Builder.create(this, "MyCfnWebACL")
.defaultAction(DefaultActionProperty.builder()
.allow(AllowActionProperty.builder()
.customRequestHandling(CustomRequestHandlingProperty.builder()
.insertHeaders(List.of(CustomHTTPHeaderProperty.builder()
.name("name")
.value("value")
.build()))
.build())
.build())
.block(BlockActionProperty.builder()
.customResponse(CustomResponseProperty.builder()
.responseCode(123)
// the properties below are optional
.customResponseBodyKey("customResponseBodyKey")
.responseHeaders(List.of(CustomHTTPHeaderProperty.builder()
.name("name")
.value("value")
.build()))
.build())
.build())
.build())
.scope("scope")
.visibilityConfig(VisibilityConfigProperty.builder()
.cloudWatchMetricsEnabled(false)
.metricName("metricName")
.sampledRequestsEnabled(false)
.build())
// the properties below are optional
.captchaConfig(CaptchaConfigProperty.builder()
.immunityTimeProperty(ImmunityTimePropertyProperty.builder()
.immunityTime(123)
.build())
.build())
.customResponseBodies(Map.of(
"customResponseBodiesKey", CustomResponseBodyProperty.builder()
.content("content")
.contentType("contentType")
.build()))
.description("description")
.name("name")
.rules(List.of(RuleProperty.builder()
.name("name")
.priority(123)
.statement(StatementProperty.builder()
.andStatement(AndStatementProperty.builder()
.statements(List.of(statementProperty_))
.build())
.byteMatchStatement(ByteMatchStatementProperty.builder()
.fieldToMatch(FieldToMatchProperty.builder()
.allQueryArguments(allQueryArguments)
.body(BodyProperty.builder()
.oversizeHandling("oversizeHandling")
.build())
.cookies(CookiesProperty.builder()
.matchPattern(CookieMatchPatternProperty.builder()
.all(all)
.excludedCookies(List.of("excludedCookies"))
.includedCookies(List.of("includedCookies"))
.build())
.matchScope("matchScope")
.oversizeHandling("oversizeHandling")
.build())
.headers(HeadersProperty.builder()
.matchPattern(HeaderMatchPatternProperty.builder()
.all(all)
.excludedHeaders(List.of("excludedHeaders"))
.includedHeaders(List.of("includedHeaders"))
.build())
.matchScope("matchScope")
.oversizeHandling("oversizeHandling")
.build())
.jsonBody(JsonBodyProperty.builder()
.matchPattern(JsonMatchPatternProperty.builder()
.all(all)
.includedPaths(List.of("includedPaths"))
.build())
.matchScope("matchScope")
// the properties below are optional
.invalidFallbackBehavior("invalidFallbackBehavior")
.oversizeHandling("oversizeHandling")
.build())
.method(method)
.queryString(queryString)
.singleHeader(singleHeader)
.singleQueryArgument(singleQueryArgument)
.uriPath(uriPath)
.build())
.positionalConstraint("positionalConstraint")
.textTransformations(List.of(TextTransformationProperty.builder()
.priority(123)
.type("type")
.build()))
// the properties below are optional
.searchString("searchString")
.searchStringBase64("searchStringBase64")
.build())
.geoMatchStatement(GeoMatchStatementProperty.builder()
.countryCodes(List.of("countryCodes"))
.forwardedIpConfig(ForwardedIPConfigurationProperty.builder()
.fallbackBehavior("fallbackBehavior")
.headerName("headerName")
.build())
.build())
.ipSetReferenceStatement(Map.of(
"arn", "arn",
// the properties below are optional
"ipSetForwardedIpConfig", Map.of(
"fallbackBehavior", "fallbackBehavior",
"headerName", "headerName",
"position", "position")))
.labelMatchStatement(LabelMatchStatementProperty.builder()
.key("key")
.scope("scope")
.build())
.managedRuleGroupStatement(ManagedRuleGroupStatementProperty.builder()
.name("name")
.vendorName("vendorName")
// the properties below are optional
.excludedRules(List.of(ExcludedRuleProperty.builder()
.name("name")
.build()))
.managedRuleGroupConfigs(List.of(ManagedRuleGroupConfigProperty.builder()
.loginPath("loginPath")
.passwordField(FieldIdentifierProperty.builder()
.identifier("identifier")
.build())
.payloadType("payloadType")
.usernameField(FieldIdentifierProperty.builder()
.identifier("identifier")
.build())
.build()))
.scopeDownStatement(statementProperty_)
.version("version")
.build())
.notStatement(NotStatementProperty.builder()
.statement(statementProperty_)
.build())
.orStatement(OrStatementProperty.builder()
.statements(List.of(statementProperty_))
.build())
.rateBasedStatement(RateBasedStatementProperty.builder()
.aggregateKeyType("aggregateKeyType")
.limit(123)
// the properties below are optional
.forwardedIpConfig(ForwardedIPConfigurationProperty.builder()
.fallbackBehavior("fallbackBehavior")
.headerName("headerName")
.build())
.scopeDownStatement(statementProperty_)
.build())
.regexMatchStatement(RegexMatchStatementProperty.builder()
.fieldToMatch(FieldToMatchProperty.builder()
.allQueryArguments(allQueryArguments)
.body(BodyProperty.builder()
.oversizeHandling("oversizeHandling")
.build())
.cookies(CookiesProperty.builder()
.matchPattern(CookieMatchPatternProperty.builder()
.all(all)
.excludedCookies(List.of("excludedCookies"))
.includedCookies(List.of("includedCookies"))
.build())
.matchScope("matchScope")
.oversizeHandling("oversizeHandling")
.build())
.headers(HeadersProperty.builder()
.matchPattern(HeaderMatchPatternProperty.builder()
.all(all)
.excludedHeaders(List.of("excludedHeaders"))
.includedHeaders(List.of("includedHeaders"))
.build())
.matchScope("matchScope")
.oversizeHandling("oversizeHandling")
.build())
.jsonBody(JsonBodyProperty.builder()
.matchPattern(JsonMatchPatternProperty.builder()
.all(all)
.includedPaths(List.of("includedPaths"))
.build())
.matchScope("matchScope")
// the properties below are optional
.invalidFallbackBehavior("invalidFallbackBehavior")
.oversizeHandling("oversizeHandling")
.build())
.method(method)
.queryString(queryString)
.singleHeader(singleHeader)
.singleQueryArgument(singleQueryArgument)
.uriPath(uriPath)
.build())
.regexString("regexString")
.textTransformations(List.of(TextTransformationProperty.builder()
.priority(123)
.type("type")
.build()))
.build())
.regexPatternSetReferenceStatement(RegexPatternSetReferenceStatementProperty.builder()
.arn("arn")
.fieldToMatch(FieldToMatchProperty.builder()
.allQueryArguments(allQueryArguments)
.body(BodyProperty.builder()
.oversizeHandling("oversizeHandling")
.build())
.cookies(CookiesProperty.builder()
.matchPattern(CookieMatchPatternProperty.builder()
.all(all)
.excludedCookies(List.of("excludedCookies"))
.includedCookies(List.of("includedCookies"))
.build())
.matchScope("matchScope")
.oversizeHandling("oversizeHandling")
.build())
.headers(HeadersProperty.builder()
.matchPattern(HeaderMatchPatternProperty.builder()
.all(all)
.excludedHeaders(List.of("excludedHeaders"))
.includedHeaders(List.of("includedHeaders"))
.build())
.matchScope("matchScope")
.oversizeHandling("oversizeHandling")
.build())
.jsonBody(JsonBodyProperty.builder()
.matchPattern(JsonMatchPatternProperty.builder()
.all(all)
.includedPaths(List.of("includedPaths"))
.build())
.matchScope("matchScope")
// the properties below are optional
.invalidFallbackBehavior("invalidFallbackBehavior")
.oversizeHandling("oversizeHandling")
.build())
.method(method)
.queryString(queryString)
.singleHeader(singleHeader)
.singleQueryArgument(singleQueryArgument)
.uriPath(uriPath)
.build())
.textTransformations(List.of(TextTransformationProperty.builder()
.priority(123)
.type("type")
.build()))
.build())
.ruleGroupReferenceStatement(RuleGroupReferenceStatementProperty.builder()
.arn("arn")
// the properties below are optional
.excludedRules(List.of(ExcludedRuleProperty.builder()
.name("name")
.build()))
.build())
.sizeConstraintStatement(SizeConstraintStatementProperty.builder()
.comparisonOperator("comparisonOperator")
.fieldToMatch(FieldToMatchProperty.builder()
.allQueryArguments(allQueryArguments)
.body(BodyProperty.builder()
.oversizeHandling("oversizeHandling")
.build())
.cookies(CookiesProperty.builder()
.matchPattern(CookieMatchPatternProperty.builder()
.all(all)
.excludedCookies(List.of("excludedCookies"))
.includedCookies(List.of("includedCookies"))
.build())
.matchScope("matchScope")
.oversizeHandling("oversizeHandling")
.build())
.headers(HeadersProperty.builder()
.matchPattern(HeaderMatchPatternProperty.builder()
.all(all)
.excludedHeaders(List.of("excludedHeaders"))
.includedHeaders(List.of("includedHeaders"))
.build())
.matchScope("matchScope")
.oversizeHandling("oversizeHandling")
.build())
.jsonBody(JsonBodyProperty.builder()
.matchPattern(JsonMatchPatternProperty.builder()
.all(all)
.includedPaths(List.of("includedPaths"))
.build())
.matchScope("matchScope")
// the properties below are optional
.invalidFallbackBehavior("invalidFallbackBehavior")
.oversizeHandling("oversizeHandling")
.build())
.method(method)
.queryString(queryString)
.singleHeader(singleHeader)
.singleQueryArgument(singleQueryArgument)
.uriPath(uriPath)
.build())
.size(123)
.textTransformations(List.of(TextTransformationProperty.builder()
.priority(123)
.type("type")
.build()))
.build())
.sqliMatchStatement(SqliMatchStatementProperty.builder()
.fieldToMatch(FieldToMatchProperty.builder()
.allQueryArguments(allQueryArguments)
.body(BodyProperty.builder()
.oversizeHandling("oversizeHandling")
.build())
.cookies(CookiesProperty.builder()
.matchPattern(CookieMatchPatternProperty.builder()
.all(all)
.excludedCookies(List.of("excludedCookies"))
.includedCookies(List.of("includedCookies"))
.build())
.matchScope("matchScope")
.oversizeHandling("oversizeHandling")
.build())
.headers(HeadersProperty.builder()
.matchPattern(HeaderMatchPatternProperty.builder()
.all(all)
.excludedHeaders(List.of("excludedHeaders"))
.includedHeaders(List.of("includedHeaders"))
.build())
.matchScope("matchScope")
.oversizeHandling("oversizeHandling")
.build())
.jsonBody(JsonBodyProperty.builder()
.matchPattern(JsonMatchPatternProperty.builder()
.all(all)
.includedPaths(List.of("includedPaths"))
.build())
.matchScope("matchScope")
// the properties below are optional
.invalidFallbackBehavior("invalidFallbackBehavior")
.oversizeHandling("oversizeHandling")
.build())
.method(method)
.queryString(queryString)
.singleHeader(singleHeader)
.singleQueryArgument(singleQueryArgument)
.uriPath(uriPath)
.build())
.textTransformations(List.of(TextTransformationProperty.builder()
.priority(123)
.type("type")
.build()))
// the properties below are optional
.sensitivityLevel("sensitivityLevel")
.build())
.xssMatchStatement(XssMatchStatementProperty.builder()
.fieldToMatch(FieldToMatchProperty.builder()
.allQueryArguments(allQueryArguments)
.body(BodyProperty.builder()
.oversizeHandling("oversizeHandling")
.build())
.cookies(CookiesProperty.builder()
.matchPattern(CookieMatchPatternProperty.builder()
.all(all)
.excludedCookies(List.of("excludedCookies"))
.includedCookies(List.of("includedCookies"))
.build())
.matchScope("matchScope")
.oversizeHandling("oversizeHandling")
.build())
.headers(HeadersProperty.builder()
.matchPattern(HeaderMatchPatternProperty.builder()
.all(all)
.excludedHeaders(List.of("excludedHeaders"))
.includedHeaders(List.of("includedHeaders"))
.build())
.matchScope("matchScope")
.oversizeHandling("oversizeHandling")
.build())
.jsonBody(JsonBodyProperty.builder()
.matchPattern(JsonMatchPatternProperty.builder()
.all(all)
.includedPaths(List.of("includedPaths"))
.build())
.matchScope("matchScope")
// the properties below are optional
.invalidFallbackBehavior("invalidFallbackBehavior")
.oversizeHandling("oversizeHandling")
.build())
.method(method)
.queryString(queryString)
.singleHeader(singleHeader)
.singleQueryArgument(singleQueryArgument)
.uriPath(uriPath)
.build())
.textTransformations(List.of(TextTransformationProperty.builder()
.priority(123)
.type("type")
.build()))
.build())
.build())
.visibilityConfig(VisibilityConfigProperty.builder()
.cloudWatchMetricsEnabled(false)
.metricName("metricName")
.sampledRequestsEnabled(false)
.build())
// the properties below are optional
.action(RuleActionProperty.builder()
.allow(AllowActionProperty.builder()
.customRequestHandling(CustomRequestHandlingProperty.builder()
.insertHeaders(List.of(CustomHTTPHeaderProperty.builder()
.name("name")
.value("value")
.build()))
.build())
.build())
.block(BlockActionProperty.builder()
.customResponse(CustomResponseProperty.builder()
.responseCode(123)
// the properties below are optional
.customResponseBodyKey("customResponseBodyKey")
.responseHeaders(List.of(CustomHTTPHeaderProperty.builder()
.name("name")
.value("value")
.build()))
.build())
.build())
.captcha(CaptchaActionProperty.builder()
.customRequestHandling(CustomRequestHandlingProperty.builder()
.insertHeaders(List.of(CustomHTTPHeaderProperty.builder()
.name("name")
.value("value")
.build()))
.build())
.build())
.count(CountActionProperty.builder()
.customRequestHandling(CustomRequestHandlingProperty.builder()
.insertHeaders(List.of(CustomHTTPHeaderProperty.builder()
.name("name")
.value("value")
.build()))
.build())
.build())
.build())
.captchaConfig(CaptchaConfigProperty.builder()
.immunityTimeProperty(ImmunityTimePropertyProperty.builder()
.immunityTime(123)
.build())
.build())
.overrideAction(OverrideActionProperty.builder()
.count(count)
.none(none)
.build())
.ruleLabels(List.of(LabelProperty.builder()
.name("name")
.build()))
.build()))
.tags(List.of(CfnTag.builder()
.key("key")
.value("value")
.build()))
.build();
| Modifier and Type | Class and Description |
|---|---|
static interface |
CfnWebACL.AllowActionProperty
Specifies that AWS WAF should allow the request and optionally defines additional custom handling for the request.
|
static interface |
CfnWebACL.AndStatementProperty
A logical rule statement used to combine other rule statements with AND logic.
|
static interface |
CfnWebACL.BlockActionProperty
Specifies that AWS WAF should block the request and optionally defines additional custom handling for the response to the web request.
|
static interface |
CfnWebACL.BodyProperty
Inspect the body of the web request.
|
static class |
CfnWebACL.Builder
A fluent builder for
CfnWebACL. |
static interface |
CfnWebACL.ByteMatchStatementProperty
A rule statement that defines a string match search for AWS WAF to apply to web requests.
|
static interface |
CfnWebACL.CaptchaActionProperty
Specifies that AWS WAF should run a `CAPTCHA` check against the request:.
|
static interface |
CfnWebACL.CaptchaConfigProperty
Specifies how AWS WAF should handle `CAPTCHA` evaluations for rules that don't have their own `CaptchaConfig` settings.
|
static interface |
CfnWebACL.CookieMatchPatternProperty
The filter to use to identify the subset of cookies to inspect in a web request.
|
static interface |
CfnWebACL.CookiesProperty
Inspect the cookies in the web request.
|
static interface |
CfnWebACL.CountActionProperty
Specifies that AWS WAF should count the request.
|
static interface |
CfnWebACL.CustomHTTPHeaderProperty
A custom header for custom request and response handling.
|
static interface |
CfnWebACL.CustomRequestHandlingProperty
Custom request handling behavior that inserts custom headers into a web request.
|
static interface |
CfnWebACL.CustomResponseBodyProperty
The response body to use in a custom response to a web request.
|
static interface |
CfnWebACL.CustomResponseProperty
A custom response to send to the client.
|
static interface |
CfnWebACL.DefaultActionProperty
In a `WebACL` , this is the action that you want AWS WAF to perform when a web request doesn't match any of the rules in the `WebACL` .
|
static interface |
CfnWebACL.ExcludedRuleProperty
Specifies a single rule in a rule group whose action you want to override to `Count` .
|
static interface |
CfnWebACL.FieldIdentifierProperty
The identifier of the username or password field, used in the `ManagedRuleGroupConfig` settings.
|
static interface |
CfnWebACL.FieldToMatchProperty
The part of the web request that you want AWS WAF to inspect.
|
static interface |
CfnWebACL.ForwardedIPConfigurationProperty
The configuration for inspecting IP addresses in an HTTP header that you specify, instead of using the IP address that's reported by the web request origin.
|
static interface |
CfnWebACL.GeoMatchStatementProperty
A rule statement used to identify web requests based on country of origin.
|
static interface |
CfnWebACL.HeaderMatchPatternProperty
The filter to use to identify the subset of headers to inspect in a web request.
|
static interface |
CfnWebACL.HeadersProperty
Inspect all headers in the web request.
|
static interface |
CfnWebACL.ImmunityTimePropertyProperty
Determines how long a `CAPTCHA` token remains valid after the client successfully solves a `CAPTCHA` puzzle.
|
static interface |
CfnWebACL.IPSetForwardedIPConfigurationProperty
The configuration for inspecting IP addresses in an HTTP header that you specify, instead of using the IP address that's reported by the web request origin.
|
static interface |
CfnWebACL.IPSetReferenceStatementProperty
A rule statement used to detect web requests coming from particular IP addresses or address ranges.
|
static interface |
CfnWebACL.JsonBodyProperty
Inspect the body of the web request as JSON.
|
static interface |
CfnWebACL.JsonMatchPatternProperty
The patterns to look for in the JSON body.
|
static interface |
CfnWebACL.LabelMatchStatementProperty
A rule statement that defines a string match search against labels that have been added to the web request by rules that have already run in the web ACL.
|
static interface |
CfnWebACL.LabelProperty
A single label container.
|
static interface |
CfnWebACL.ManagedRuleGroupConfigProperty
Additional information that's used by a managed rule group.
|
static interface |
CfnWebACL.ManagedRuleGroupStatementProperty
A rule statement used to run the rules that are defined in a managed rule group.
|
static interface |
CfnWebACL.NotStatementProperty
A logical rule statement used to negate the results of another rule statement.
|
static interface |
CfnWebACL.OrStatementProperty
A logical rule statement used to combine other rule statements with OR logic.
|
static interface |
CfnWebACL.OverrideActionProperty
The action to use in the place of the action that results from the rule group evaluation.
|
static interface |
CfnWebACL.RateBasedStatementProperty
A rate-based rule tracks the rate of requests for each originating IP address, and triggers the rule action when the rate exceeds a limit that you specify on the number of requests in any 5-minute time span.
|
static interface |
CfnWebACL.RegexMatchStatementProperty
A rule statement used to search web request components for a match against a single regular expression.
|
static interface |
CfnWebACL.RegexPatternSetReferenceStatementProperty
A rule statement used to search web request components for matches with regular expressions.
|
static interface |
CfnWebACL.RuleActionProperty
The action that AWS WAF should take on a web request when it matches a rule's statement.
|
static interface |
CfnWebACL.RuleGroupReferenceStatementProperty
A rule statement used to run the rules that are defined in a `RuleGroup` .
|
static interface |
CfnWebACL.RuleProperty
A single rule, which you can use in a `WebACL` or `RuleGroup` to identify web requests that you want to allow, block, or count.
|
static interface |
CfnWebACL.SizeConstraintStatementProperty
A rule statement that compares a number of bytes against the size of a request component, using a comparison operator, such as greater than (>) or less than (<).
|
static interface |
CfnWebACL.SqliMatchStatementProperty
A rule statement that inspects for malicious SQL code.
|
static interface |
CfnWebACL.StatementProperty
The processing guidance for a rule, used by AWS WAF to determine whether a web request matches the rule.
|
static interface |
CfnWebACL.TextTransformationProperty
Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection.
|
static interface |
CfnWebACL.VisibilityConfigProperty
Defines and enables Amazon CloudWatch metrics and web request sample collection.
|
static interface |
CfnWebACL.XssMatchStatementProperty
A rule statement that inspects for cross-site scripting (XSS) attacks.
|
software.amazon.jsii.JsiiObject.InitializationModeIInspectable.Jsii$Default, IInspectable.Jsii$Proxy| Modifier and Type | Field and Description |
|---|---|
static String |
CFN_RESOURCE_TYPE_NAME
The CloudFormation resource type name for this resource class.
|
| Modifier | Constructor and Description |
|---|---|
|
CfnWebACL(software.constructs.Construct scope,
String id,
CfnWebACLProps props)
Create a new `AWS::WAFv2::WebACL`.
|
protected |
CfnWebACL(software.amazon.jsii.JsiiObject.InitializationMode initializationMode) |
protected |
CfnWebACL(software.amazon.jsii.JsiiObjectRef objRef) |
| Modifier and Type | Method and Description |
|---|---|
String |
getAttrArn()
The Amazon Resource Name (ARN) of the web ACL.
|
Number |
getAttrCapacity()
The web ACL capacity units (WCUs) currently being used by this web ACL.
|
String |
getAttrId()
The ID of the web ACL.
|
String |
getAttrLabelNamespace()
The label namespace prefix for this web ACL.
|
Object |
getCaptchaConfig()
Specifies how AWS WAF should handle `CAPTCHA` evaluations for rules that don't have their own `CaptchaConfig` settings.
|
protected Map<String,Object> |
getCfnProperties() |
Object |
getCustomResponseBodies()
A map of custom response keys and content bodies.
|
Object |
getDefaultAction()
The action to perform if none of the `Rules` contained in the `WebACL` match.
|
String |
getDescription()
A description of the web ACL that helps with identification.
|
String |
getName()
The name of the web ACL.
|
Object |
getRules()
The rule statements used to identify the web requests that you want to allow, block, or count.
|
String |
getScope()
Specifies whether this is for an Amazon CloudFront distribution or for a regional application.
|
TagManager |
getTags()
Key:value pairs associated with an AWS resource.
|
Object |
getVisibilityConfig()
Defines and enables Amazon CloudWatch metrics and web request sample collection.
|
void |
inspect(TreeInspector inspector)
Examines the CloudFormation resource and discloses attributes.
|
protected Map<String,Object> |
renderProperties(Map<String,Object> props) |
void |
setCaptchaConfig(CfnWebACL.CaptchaConfigProperty value)
Specifies how AWS WAF should handle `CAPTCHA` evaluations for rules that don't have their own `CaptchaConfig` settings.
|
void |
setCaptchaConfig(IResolvable value)
Specifies how AWS WAF should handle `CAPTCHA` evaluations for rules that don't have their own `CaptchaConfig` settings.
|
void |
setCustomResponseBodies(IResolvable value)
A map of custom response keys and content bodies.
|
void |
setCustomResponseBodies(Map<String,Object> value)
A map of custom response keys and content bodies.
|
void |
setDefaultAction(CfnWebACL.DefaultActionProperty value)
The action to perform if none of the `Rules` contained in the `WebACL` match.
|
void |
setDefaultAction(IResolvable value)
The action to perform if none of the `Rules` contained in the `WebACL` match.
|
void |
setDescription(String value)
A description of the web ACL that helps with identification.
|
void |
setName(String value)
The name of the web ACL.
|
void |
setRules(IResolvable value)
The rule statements used to identify the web requests that you want to allow, block, or count.
|
void |
setRules(List<Object> value)
The rule statements used to identify the web requests that you want to allow, block, or count.
|
void |
setScope(String value)
Specifies whether this is for an Amazon CloudFront distribution or for a regional application.
|
void |
setVisibilityConfig(CfnWebACL.VisibilityConfigProperty value)
Defines and enables Amazon CloudWatch metrics and web request sample collection.
|
void |
setVisibilityConfig(IResolvable value)
Defines and enables Amazon CloudWatch metrics and web request sample collection.
|
addDeletionOverride, addDependsOn, addMetadata, addOverride, addPropertyDeletionOverride, addPropertyOverride, applyRemovalPolicy, applyRemovalPolicy, applyRemovalPolicy, getAtt, getCfnOptions, getCfnResourceType, getMetadata, getUpdatedProperites, getUpdatedProperties, isCfnResource, shouldSynthesize, toString, validatePropertiesgetRefgetCreationStack, getLogicalId, getStack, isCfnElement, overrideLogicalIdjsiiAsyncCall, jsiiAsyncCall, jsiiCall, jsiiCall, jsiiGet, jsiiGet, jsiiSet, jsiiStaticCall, jsiiStaticCall, jsiiStaticGet, jsiiStaticGet, jsiiStaticSet, jsiiStaticSet@Stability(value=Stable) public static final String CFN_RESOURCE_TYPE_NAME
protected CfnWebACL(software.amazon.jsii.JsiiObjectRef objRef)
protected CfnWebACL(software.amazon.jsii.JsiiObject.InitializationMode initializationMode)
@Stability(value=Stable)
public CfnWebACL(@NotNull
software.constructs.Construct scope,
@NotNull
String id,
@NotNull
CfnWebACLProps props)
scope - - scope in which this resource is defined. This parameter is required.id - - scoped id of the resource. This parameter is required.props - - resource properties. This parameter is required.@Stability(value=Stable)
public void inspect(@NotNull
TreeInspector inspector)
inspect in interface IInspectableinspector - - tree inspector to collect and process attributes. This parameter is required.@Stability(value=Stable) @NotNull protected Map<String,Object> renderProperties(@NotNull Map<String,Object> props)
renderProperties in class CfnResourceprops - This parameter is required.@Stability(value=Stable) @NotNull public String getAttrArn()
@Stability(value=Stable) @NotNull public Number getAttrCapacity()
AWS WAF uses WCUs to calculate and control the operating resources that are used to run your rules, rule groups, and web ACLs. AWS WAF calculates capacity differently for each rule type, to reflect the relative cost of each rule. Simple rules that cost little to run use fewer WCUs than more complex rules that use more processing power. Rule group capacity is fixed at creation, which helps users plan their web ACL WCU usage when they use a rule group. The WCU limit for web ACLs is 1,500.
@Stability(value=Stable) @NotNull public String getAttrId()
@Stability(value=Stable) @NotNull public String getAttrLabelNamespace()
All labels added by rules in this web ACL have this prefix.
The syntax for the label namespace prefix for a web ACL is the following: awswaf:<account ID>:webacl:<web ACL name>:
When a rule with a label matches a web request, AWS WAF adds the fully qualified label to the request. A fully qualified label is made up of the label namespace from the rule group or web ACL where the rule is defined and the label from the rule, separated by a colon.
@Stability(value=Stable) @NotNull protected Map<String,Object> getCfnProperties()
getCfnProperties in class CfnResource@Stability(value=Stable) @NotNull public TagManager getTags()
The key:value pair can be anything you define. Typically, the tag key represents a category (such as "environment") and the tag value represents a specific value within that category (such as "test," "development," or "production"). You can add up to 50 tags to each AWS resource.
To modify tags on existing resources, use the AWS WAF APIs or command line interface. With AWS CloudFormation , you can only add tags to AWS WAF resources during resource creation.
@Stability(value=Stable) @NotNull public Object getDefaultAction()
@Stability(value=Stable)
public void setDefaultAction(@NotNull
CfnWebACL.DefaultActionProperty value)
@Stability(value=Stable)
public void setDefaultAction(@NotNull
IResolvable value)
@Stability(value=Stable) @NotNull public String getScope()
A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, or an AWS AppSync GraphQL API. Valid Values are CLOUDFRONT and REGIONAL .
For
CLOUDFRONT, you must create your WAFv2 resources in the US East (N. Virginia) Region,us-east-1.
For information about how to define the association of the web ACL with your resource, see WebACLAssociation .
@Stability(value=Stable)
public void setScope(@NotNull
String value)
A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, or an AWS AppSync GraphQL API. Valid Values are CLOUDFRONT and REGIONAL .
For
CLOUDFRONT, you must create your WAFv2 resources in the US East (N. Virginia) Region,us-east-1.
For information about how to define the association of the web ACL with your resource, see WebACLAssociation .
@Stability(value=Stable) @NotNull public Object getVisibilityConfig()
@Stability(value=Stable)
public void setVisibilityConfig(@NotNull
CfnWebACL.VisibilityConfigProperty value)
@Stability(value=Stable)
public void setVisibilityConfig(@NotNull
IResolvable value)
@Stability(value=Stable) @Nullable public Object getCaptchaConfig()
If you don't specify this, AWS WAF uses its default settings for CaptchaConfig .
@Stability(value=Stable)
public void setCaptchaConfig(@Nullable
CfnWebACL.CaptchaConfigProperty value)
If you don't specify this, AWS WAF uses its default settings for CaptchaConfig .
@Stability(value=Stable)
public void setCaptchaConfig(@Nullable
IResolvable value)
If you don't specify this, AWS WAF uses its default settings for CaptchaConfig .
@Stability(value=Stable) @Nullable public Object getCustomResponseBodies()
When you create a rule with a block action, you can send a custom response to the web request. You define these for the web ACL, and then use them in the rules and default actions that you define in the web ACL.
For information about customizing web requests and responses, see Customizing web requests and responses in AWS WAF in the AWS WAF Developer Guide .
For information about the limits on count and size for custom request and response settings, see AWS WAF quotas in the AWS WAF Developer Guide .
@Stability(value=Stable)
public void setCustomResponseBodies(@Nullable
IResolvable value)
When you create a rule with a block action, you can send a custom response to the web request. You define these for the web ACL, and then use them in the rules and default actions that you define in the web ACL.
For information about customizing web requests and responses, see Customizing web requests and responses in AWS WAF in the AWS WAF Developer Guide .
For information about the limits on count and size for custom request and response settings, see AWS WAF quotas in the AWS WAF Developer Guide .
@Stability(value=Stable)
public void setCustomResponseBodies(@Nullable
Map<String,Object> value)
When you create a rule with a block action, you can send a custom response to the web request. You define these for the web ACL, and then use them in the rules and default actions that you define in the web ACL.
For information about customizing web requests and responses, see Customizing web requests and responses in AWS WAF in the AWS WAF Developer Guide .
For information about the limits on count and size for custom request and response settings, see AWS WAF quotas in the AWS WAF Developer Guide .
@Stability(value=Stable) @Nullable public String getDescription()
@Stability(value=Stable)
public void setDescription(@Nullable
String value)
@Stability(value=Stable) @Nullable public String getName()
You cannot change the name of a web ACL after you create it.
@Stability(value=Stable)
public void setName(@Nullable
String value)
You cannot change the name of a web ACL after you create it.
@Stability(value=Stable) @Nullable public Object getRules()
Each rule includes one top-level statement that AWS WAF uses to identify matching web requests, and parameters that govern how AWS WAF handles them.
@Stability(value=Stable)
public void setRules(@Nullable
IResolvable value)
Each rule includes one top-level statement that AWS WAF uses to identify matching web requests, and parameters that govern how AWS WAF handles them.
@Stability(value=Stable)
public void setRules(@Nullable
List<Object> value)
Each rule includes one top-level statement that AWS WAF uses to identify matching web requests, and parameters that govern how AWS WAF handles them.
Copyright © 2022. All rights reserved.