Menu
AWS WAF
API Reference

WebACL

Contains the Rules that identify the requests that you want to allow, block, or count. In a WebACL, you also specify a default action (ALLOW or BLOCK), and the action for each Rule that you add to a WebACL, for example, block requests from specified IP addresses or block requests from specified referrers. You also associate the WebACL with a CloudFront distribution to identify the requests that you want AWS WAF to filter. If you add more than one Rule to a WebACL, a request needs to match only one of the specifications to be allowed, blocked, or counted. For more information, see UpdateWebACL.

Contents

DefaultAction

The action to perform if none of the Rules contained in the WebACL match. The action is specified by the WafAction object.

Type: WafAction object

Required: Yes

MetricName

A friendly name or description for the metrics for this WebACL. The name can contain only alphanumeric characters (A-Z, a-z, 0-9); the name can't contain whitespace. You can't change MetricName after you create the WebACL.

Type: String

Required: No

Name

A friendly name or description of the WebACL. You can't change the name of a WebACL after you create it.

Type: String

Length Constraints: Minimum length of 1. Maximum length of 128.

Required: No

Rules

An array that contains the action for each Rule in a WebACL, the priority of the Rule, and the ID of the Rule.

Type: Array of ActivatedRule objects

Required: Yes

WebACLId

A unique identifier for a WebACL. You use WebACLId to get information about a WebACL (see GetWebACL), update a WebACL (see UpdateWebACL), and delete a WebACL from AWS WAF (see DeleteWebACL).

WebACLId is returned by CreateWebACL and by ListWebACLs.

Type: String

Length Constraints: Minimum length of 1. Maximum length of 128.

Required: Yes

See Also

For more information about using this API in one of the language-specific AWS SDKs, see the following:

On this page: