Interface CfnWebACL.IAWSManagedRulesAntiDDoSRuleSetProperty

Configures the use of the anti-DDoS managed rule group, AWSManagedRulesAntiDDoSRuleSet . This configuration is used in ManagedRuleGroupConfig .

Namespace: Amazon.CDK.AWS.WAFv2
Assembly: Amazon.CDK.Lib.dll
Syntax (csharp)
public interface CfnWebACL.IAWSManagedRulesAntiDDoSRuleSetProperty
Syntax (vb)
Public Interface CfnWebACL.IAWSManagedRulesAntiDDoSRuleSetProperty
Remarks

The configuration that you provide here determines whether and how the rules in the rule group are used.

For additional information about this and the other intelligent threat mitigation rule groups, see Intelligent threat mitigation in AWS WAF and AWS Managed Rules rule groups list in the AWS WAF Developer Guide .

See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-wafv2-webacl-awsmanagedrulesantiddosruleset.html

ExampleMetadata: fixture=_generated

Examples
// The code below shows an example of how to instantiate this type.
             // The values are placeholders you should change.
             using Amazon.CDK.AWS.WAFv2;

             var aWSManagedRulesAntiDDoSRuleSetProperty = new AWSManagedRulesAntiDDoSRuleSetProperty {
                 ClientSideActionConfig = new ClientSideActionConfigProperty {
                     Challenge = new ClientSideActionProperty {
                         UsageOfAction = "usageOfAction",

                         // the properties below are optional
                         ExemptUriRegularExpressions = new [] { new RegexProperty {
                             RegexString = "regexString"
                         } },
                         Sensitivity = "sensitivity"
                     }
                 },

                 // the properties below are optional
                 SensitivityToBlock = "sensitivityToBlock"
             };

Synopsis

Properties

ClientSideActionConfig

Configures the request handling that's applied by the managed rule group rules ChallengeAllDuringEvent and ChallengeDDoSRequests during a distributed denial of service (DDoS) attack.
SensitivityToBlock

The sensitivity that the rule group rule DDoSRequests uses when matching against the DDoS suspicion labeling on a request.

Properties

ClientSideActionConfig

Configures the request handling that's applied by the managed rule group rules ChallengeAllDuringEvent and ChallengeDDoSRequests during a distributed denial of service (DDoS) attack.

object ClientSideActionConfig { get; }
Property Value

object

Remarks

See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-wafv2-webacl-awsmanagedrulesantiddosruleset.html#cfn-wafv2-webacl-awsmanagedrulesantiddosruleset-clientsideactionconfig

Type union: either IResolvable or CfnWebACL.IClientSideActionConfigProperty

SensitivityToBlock

The sensitivity that the rule group rule DDoSRequests uses when matching against the DDoS suspicion labeling on a request.

string? SensitivityToBlock { get; }
Property Value

string

Remarks

The managed rule group adds the labeling during DDoS events, before the DDoSRequests rule runs.

The higher the sensitivity, the more levels of labeling that the rule matches:

    Default: LOW

    See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-wafv2-webacl-awsmanagedrulesantiddosruleset.html#cfn-wafv2-webacl-awsmanagedrulesantiddosruleset-sensitivitytoblock