Class CfnRateBasedRule
A CloudFormation AWS::WAFRegional::RateBasedRule
.
Inherited Members
Namespace: Amazon.CDK.AWS.WAFRegional
Assembly: Amazon.CDK.AWS.WAFRegional.dll
Syntax (csharp)
public class CfnRateBasedRule : CfnResource, IConstruct, IDependable, IInspectable
Syntax (vb)
Public Class CfnRateBasedRule
Inherits CfnResource
Implements IConstruct, IDependable, IInspectable
Remarks
This is AWS WAF Classic documentation. For more information, see AWS WAF Classic in the developer guide.
For the latest version of AWS WAF , use the AWS WAF V2 API and see the AWS WAF Developer Guide . With the latest version, AWS WAF has a single set of endpoints for regional and global use.
A RateBasedRule
is identical to a regular Rule
, with one addition: a RateBasedRule
counts the number of requests that arrive from a specified IP address every five minutes. For example, based on recent requests that you've seen from an attacker, you might create a RateBasedRule
that includes the following conditions:
In the rule, you also define the rate limit as 15,000.
Requests that meet both of these conditions and exceed 15,000 requests every five minutes trigger the rule's action (block or count), which is defined in the web ACL.
Note you can only create rate-based rules using an AWS CloudFormation template. To add the rate-based rules created through AWS CloudFormation to a web ACL, use the AWS WAF console, API, or command line interface (CLI). For more information, see UpdateWebACL .
CloudformationResource: AWS::WAFRegional::RateBasedRule
ExampleMetadata: fixture=_generated
Examples
// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
using Amazon.CDK.AWS.WAFRegional;
var cfnRateBasedRule = new CfnRateBasedRule(this, "MyCfnRateBasedRule", new CfnRateBasedRuleProps {
MetricName = "metricName",
Name = "name",
RateKey = "rateKey",
RateLimit = 123,
// the properties below are optional
MatchPredicates = new [] { new PredicateProperty {
DataId = "dataId",
Negated = false,
Type = "type"
} }
});
Synopsis
Constructors
CfnRateBasedRule(Construct, String, ICfnRateBasedRuleProps) | Create a new |
CfnRateBasedRule(ByRefValue) | Used by jsii to construct an instance of this class from a Javascript-owned object reference |
CfnRateBasedRule(DeputyBase.DeputyProps) | Used by jsii to construct an instance of this class from DeputyProps |
Properties
CFN_RESOURCE_TYPE_NAME | The CloudFormation resource type name for this resource class. |
CfnProperties | |
MatchPredicates | The |
MetricName | A name for the metrics for a |
Name | A friendly name or description for a |
RateKey | The field that AWS WAF uses to determine if requests are likely arriving from single source and thus subject to rate monitoring. |
RateLimit | The maximum number of requests, which have an identical value in the field specified by the |
Methods
Inspect(TreeInspector) | Examines the CloudFormation resource and discloses attributes. |
RenderProperties(IDictionary<String, Object>) |
Constructors
CfnRateBasedRule(Construct, String, ICfnRateBasedRuleProps)
Create a new AWS::WAFRegional::RateBasedRule
.
public CfnRateBasedRule(Construct scope, string id, ICfnRateBasedRuleProps props)
Parameters
- scope Construct
- scope in which this resource is defined.
- id System.String
- scoped id of the resource.
- props ICfnRateBasedRuleProps
- resource properties.
CfnRateBasedRule(ByRefValue)
Used by jsii to construct an instance of this class from a Javascript-owned object reference
protected CfnRateBasedRule(ByRefValue reference)
Parameters
- reference Amazon.JSII.Runtime.Deputy.ByRefValue
The Javascript-owned object reference
CfnRateBasedRule(DeputyBase.DeputyProps)
Used by jsii to construct an instance of this class from DeputyProps
protected CfnRateBasedRule(DeputyBase.DeputyProps props)
Parameters
- props Amazon.JSII.Runtime.Deputy.DeputyBase.DeputyProps
The deputy props
Properties
CFN_RESOURCE_TYPE_NAME
The CloudFormation resource type name for this resource class.
public static string CFN_RESOURCE_TYPE_NAME { get; }
Property Value
System.String
CfnProperties
protected override IDictionary<string, object> CfnProperties { get; }
Property Value
System.Collections.Generic.IDictionary<System.String, System.Object>
Overrides
MatchPredicates
The Predicates
object contains one Predicate
element for each ByteMatchSet
, IPSet
, or SqlInjectionMatchSet>
object that you want to include in a RateBasedRule
.
public virtual object MatchPredicates { get; set; }
Property Value
System.Object
Remarks
MetricName
A name for the metrics for a RateBasedRule
.
public virtual string MetricName { get; set; }
Property Value
System.String
Remarks
The name can contain only alphanumeric characters (A-Z, a-z, 0-9), with maximum length 128 and minimum length one. It can't contain whitespace or metric names reserved for AWS WAF , including "All" and "Default_Action." You can't change the name of the metric after you create the RateBasedRule
.
Name
A friendly name or description for a RateBasedRule
.
public virtual string Name { get; set; }
Property Value
System.String
Remarks
You can't change the name of a RateBasedRule
after you create it.
RateKey
The field that AWS WAF uses to determine if requests are likely arriving from single source and thus subject to rate monitoring.
public virtual string RateKey { get; set; }
Property Value
System.String
Remarks
The only valid value for RateKey
is IP
. IP
indicates that requests arriving from the same IP address are subject to the RateLimit
that is specified in the RateBasedRule
.
RateLimit
The maximum number of requests, which have an identical value in the field specified by the RateKey
, allowed in a five-minute period.
public virtual double RateLimit { get; set; }
Property Value
System.Double
Remarks
If the number of requests exceeds the RateLimit
and the other predicates specified in the rule are also met, AWS WAF triggers the action that is specified for this rule.
Methods
Inspect(TreeInspector)
Examines the CloudFormation resource and discloses attributes.
public virtual void Inspect(TreeInspector inspector)
Parameters
- inspector TreeInspector
- tree inspector to collect and process attributes.
RenderProperties(IDictionary<String, Object>)
protected override IDictionary<string, object> RenderProperties(IDictionary<string, object> props)
Parameters
- props System.Collections.Generic.IDictionary<System.String, System.Object>
Returns
System.Collections.Generic.IDictionary<System.String, System.Object>