AWS CloudFormation
User Guide (Version )

The AWS Documentation website is getting a new look!
Try it now and let us know what you think. Switch to the new look >>

You can return to the original look by selecting English in the language selector above.

AWS::WAFRegional::WebACL Action

Specifies the action AWS WAF takes when a web request matches or doesn't match all rule conditions.


To declare this entity in your AWS CloudFormation template, use the following syntax:


{ "Type" : String }


Type: String



For actions that are associated with a rule, the action that AWS WAF takes when a web request matches all conditions in a rule.

For the default action of a web access control list (ACL), the action that AWS WAF takes when a web request doesn't match all conditions in any rule.

Valid settings include the following:

  • ALLOW: AWS WAF allows requests

  • BLOCK: AWS WAF blocks requests

  • COUNT: AWS WAF increments a counter of the requests that match all of the conditions in the rule. AWS WAF then continues to inspect the web request based on the remaining rules in the web ACL. You can't specify COUNT for the default action for a WebACL.

Required: Yes

Type: String

Update requires: No interruption

On this page: