AWS::WAFv2::WebACL DefaultAction - AWS CloudFormation

AWS::WAFv2::WebACL DefaultAction

In a WebACL, this is the action that you want AWS WAF to perform when a web request doesn't match any of the rules in the WebACL. The default action must be a terminating action, so count is not allowed.

Syntax

To declare this entity in your AWS CloudFormation template, use the following syntax:

JSON

{ "Allow" : AllowAction, "Block" : BlockAction }

Properties

Allow

Specifies that AWS WAF should allow requests by default.

Required: No

Type: AllowAction

Update requires: No interruption

Block

Specifies that AWS WAF should block requests by default.

Required: No

Type: BlockAction

Update requires: No interruption

Examples

Set a web ACL default action

The following shows an example web ACL default action specification that sets the default action to "Block".

YAML

DefaultAction: Block: {}

JSON

"DefaultAction": { "Block": {} }

Set a customized web ACL default action

The following shows an example web ACL default action specification with customization.

YAML

DefaultAction: Allow: CustomRequestHandling: InsertHeaders: - Name: AllowActionHeader1Name Value: AllowActionHeader1Value - Name: AllowActionHeader2Name Value: AllowActionHeader2Value

JSON

"DefaultAction": { "Allow": { "CustomRequestHandling": { "InsertHeaders": [ { "Name": "AllowActionHeader1Name", "Value": "AllowActionHeader1Value" }, { "Name": "AllowActionHeader2Name", "Value": "AllowActionHeader2Value" } ] } } }