AWS::WAFv2::WebACL DefaultAction

In a AWS::WAFv2::WebACL, this is the action that you want AWS WAF to perform when a web request doesn't match any of the rules in the WebACL. The default action must be a terminating action.

Syntax

To declare this entity in your AWS CloudFormation template, use the following syntax:

JSON


{
  "Allow" : AllowAction,
  "Block" : BlockAction
}

YAML


  Allow: 
    AllowAction
  Block: 
    BlockAction

Properties

Allow

Specifies that AWS WAF should allow requests by default.

Required: No

Type: AllowAction

Update requires: No interruption

Block

Specifies that AWS WAF should block requests by default.

Required: No

Type: BlockAction

Update requires: No interruption

Set a web ACL default action

The following shows an example web ACL default action specification that sets the default action to "Block".

YAML


DefaultAction:
    Block: {}

JSON


"DefaultAction": {
    "Block": {}
}

Set a customized web ACL default action

The following shows an example web ACL default action specification with customization.

YAML


DefaultAction:
  Allow:
    CustomRequestHandling:
      InsertHeaders:
        - Name: AllowActionHeader1Name
          Value: AllowActionHeader1Value
        - Name: AllowActionHeader2Name
          Value: AllowActionHeader2Value

JSON


"DefaultAction": {
  "Allow": {
    "CustomRequestHandling": {
      "InsertHeaders": [
        {
          "Name": "AllowActionHeader1Name",
          "Value": "AllowActionHeader1Value"
        },
        {
          "Name": "AllowActionHeader2Name",
          "Value": "AllowActionHeader2Value"
        }
      ]
    }
  }
}

Warning Javascript is disabled or is unavailable in your browser.

To use the Amazon Web Services Documentation, Javascript must be enabled. Please refer to your browser's Help pages for instructions.

Document Conventions

CustomResponseBody

ExcludedRule