com.amazonaws.services.wafv2.model

Class WebACL

java.lang.Object

com.amazonaws.services.wafv2.model.WebACL

All Implemented Interfaces:

StructuredPojo, Serializable, Cloneable

@Generated(value="com.amazonaws:aws-java-sdk-code-generator")
public class WebACL
extends Object
implements Serializable, Cloneable, StructuredPojo

A web ACL defines a collection of rules to use to inspect and control web requests. Each rule has a statement that defines what to look for in web requests and an action that WAF applies to requests that match the statement. In the web ACL, you assign a default action to take (allow, block) for any request that does not match any of the rules. The rules in a web ACL can be a combination of the types Rule, RuleGroup, and managed rule group. You can associate a web ACL with one or more Amazon Web Services resources to protect. The resources can be an Amazon CloudFront distribution, an Amazon API Gateway REST API, an Application Load Balancer, an AppSync GraphQL API, an Amazon Cognito user pool, an App Runner service, or an Amazon Web Services Verified Access instance.

See Also:

AWS API Documentation, Serialized Form

Constructor Summary

Constructors

Constructor and Description
WebACL()

Method Summary

Modifier and Type	Method and Description
WebACL	addCustomResponseBodiesEntry(String key, CustomResponseBody value) Add a single CustomResponseBodies entry
WebACL	clearCustomResponseBodiesEntries() Removes all the entries added into CustomResponseBodies.
WebACL	clone()
boolean	equals(Object obj)
String	getARN() The Amazon Resource Name (ARN) of the web ACL that you want to associate with the resource.
AssociationConfig	getAssociationConfig() Specifies custom configurations for the associations between the web ACL and protected resources.
Long	getCapacity() The web ACL capacity units (WCUs) currently being used by this web ACL.
CaptchaConfig	getCaptchaConfig() Specifies how WAF should handle CAPTCHA evaluations for rules that don't have their own CaptchaConfig settings.
ChallengeConfig	getChallengeConfig() Specifies how WAF should handle challenge evaluations for rules that don't have their own ChallengeConfig settings.
Map<String,CustomResponseBody>	getCustomResponseBodies() A map of custom response keys and content bodies.
DefaultAction	getDefaultAction() The action to perform if none of the Rules contained in the WebACL match.
String	getDescription() A description of the web ACL that helps with identification.
String	getId() A unique identifier for the WebACL.
String	getLabelNamespace() The label namespace prefix for this web ACL.
Boolean	getManagedByFirewallManager() Indicates whether this web ACL is managed by Firewall Manager.
String	getName() The name of the web ACL.
List<FirewallManagerRuleGroup>	getPostProcessFirewallManagerRuleGroups() The last set of rules for WAF to process in the web ACL.
List<FirewallManagerRuleGroup>	getPreProcessFirewallManagerRuleGroups() The first set of rules for WAF to process in the web ACL.
List<Rule>	getRules() The Rule statements used to identify the web requests that you want to manage.
List<String>	getTokenDomains() Specifies the domains that WAF should accept in a web request token.
VisibilityConfig	getVisibilityConfig() Defines and enables Amazon CloudWatch metrics and web request sample collection.
int	hashCode()
Boolean	isManagedByFirewallManager() Indicates whether this web ACL is managed by Firewall Manager.
void	marshall(ProtocolMarshaller protocolMarshaller) Marshalls this structured data using the given ProtocolMarshaller.
void	setARN(String aRN) The Amazon Resource Name (ARN) of the web ACL that you want to associate with the resource.
void	setAssociationConfig(AssociationConfig associationConfig) Specifies custom configurations for the associations between the web ACL and protected resources.
void	setCapacity(Long capacity) The web ACL capacity units (WCUs) currently being used by this web ACL.
void	setCaptchaConfig(CaptchaConfig captchaConfig) Specifies how WAF should handle CAPTCHA evaluations for rules that don't have their own CaptchaConfig settings.
void	setChallengeConfig(ChallengeConfig challengeConfig) Specifies how WAF should handle challenge evaluations for rules that don't have their own ChallengeConfig settings.
void	setCustomResponseBodies(Map<String,CustomResponseBody> customResponseBodies) A map of custom response keys and content bodies.
void	setDefaultAction(DefaultAction defaultAction) The action to perform if none of the Rules contained in the WebACL match.
void	setDescription(String description) A description of the web ACL that helps with identification.
void	setId(String id) A unique identifier for the WebACL.
void	setLabelNamespace(String labelNamespace) The label namespace prefix for this web ACL.
void	setManagedByFirewallManager(Boolean managedByFirewallManager) Indicates whether this web ACL is managed by Firewall Manager.
void	setName(String name) The name of the web ACL.
void	setPostProcessFirewallManagerRuleGroups(Collection<FirewallManagerRuleGroup> postProcessFirewallManagerRuleGroups) The last set of rules for WAF to process in the web ACL.
void	setPreProcessFirewallManagerRuleGroups(Collection<FirewallManagerRuleGroup> preProcessFirewallManagerRuleGroups) The first set of rules for WAF to process in the web ACL.
void	setRules(Collection<Rule> rules) The Rule statements used to identify the web requests that you want to manage.
void	setTokenDomains(Collection<String> tokenDomains) Specifies the domains that WAF should accept in a web request token.
void	setVisibilityConfig(VisibilityConfig visibilityConfig) Defines and enables Amazon CloudWatch metrics and web request sample collection.
String	toString() Returns a string representation of this object.
WebACL	withARN(String aRN) The Amazon Resource Name (ARN) of the web ACL that you want to associate with the resource.
WebACL	withAssociationConfig(AssociationConfig associationConfig) Specifies custom configurations for the associations between the web ACL and protected resources.
WebACL	withCapacity(Long capacity) The web ACL capacity units (WCUs) currently being used by this web ACL.
WebACL	withCaptchaConfig(CaptchaConfig captchaConfig) Specifies how WAF should handle CAPTCHA evaluations for rules that don't have their own CaptchaConfig settings.
WebACL	withChallengeConfig(ChallengeConfig challengeConfig) Specifies how WAF should handle challenge evaluations for rules that don't have their own ChallengeConfig settings.
WebACL	withCustomResponseBodies(Map<String,CustomResponseBody> customResponseBodies) A map of custom response keys and content bodies.
WebACL	withDefaultAction(DefaultAction defaultAction) The action to perform if none of the Rules contained in the WebACL match.
WebACL	withDescription(String description) A description of the web ACL that helps with identification.
WebACL	withId(String id) A unique identifier for the WebACL.
WebACL	withLabelNamespace(String labelNamespace) The label namespace prefix for this web ACL.
WebACL	withManagedByFirewallManager(Boolean managedByFirewallManager) Indicates whether this web ACL is managed by Firewall Manager.
WebACL	withName(String name) The name of the web ACL.
WebACL	withPostProcessFirewallManagerRuleGroups(Collection<FirewallManagerRuleGroup> postProcessFirewallManagerRuleGroups) The last set of rules for WAF to process in the web ACL.
WebACL	withPostProcessFirewallManagerRuleGroups(FirewallManagerRuleGroup... postProcessFirewallManagerRuleGroups) The last set of rules for WAF to process in the web ACL.
WebACL	withPreProcessFirewallManagerRuleGroups(Collection<FirewallManagerRuleGroup> preProcessFirewallManagerRuleGroups) The first set of rules for WAF to process in the web ACL.
WebACL	withPreProcessFirewallManagerRuleGroups(FirewallManagerRuleGroup... preProcessFirewallManagerRuleGroups) The first set of rules for WAF to process in the web ACL.
WebACL	withRules(Collection<Rule> rules) The Rule statements used to identify the web requests that you want to manage.
WebACL	withRules(Rule... rules) The Rule statements used to identify the web requests that you want to manage.
WebACL	withTokenDomains(Collection<String> tokenDomains) Specifies the domains that WAF should accept in a web request token.
WebACL	withTokenDomains(String... tokenDomains) Specifies the domains that WAF should accept in a web request token.
WebACL	withVisibilityConfig(VisibilityConfig visibilityConfig) Defines and enables Amazon CloudWatch metrics and web request sample collection.

Methods inherited from class java.lang.Object

getClass, notify, notifyAll, wait, wait, wait

Constructor Detail

WebACL

public WebACL()

Method Detail

setName

public void setName(String name)

The name of the web ACL. You cannot change the name of a web ACL after you create it.

Parameters:

name - The name of the web ACL. You cannot change the name of a web ACL after you create it.

getName

public String getName()

The name of the web ACL. You cannot change the name of a web ACL after you create it.

Returns:

The name of the web ACL. You cannot change the name of a web ACL after you create it.

withName

public WebACL withName(String name)

The name of the web ACL. You cannot change the name of a web ACL after you create it.

Parameters:

name - The name of the web ACL. You cannot change the name of a web ACL after you create it.

Returns:

Returns a reference to this object so that method calls can be chained together.

setId

public void setId(String id)

A unique identifier for the WebACL. This ID is returned in the responses to create and list commands. You use this ID to do things like get, update, and delete a WebACL.

Parameters:

id - A unique identifier for the WebACL. This ID is returned in the responses to create and list commands. You use this ID to do things like get, update, and delete a WebACL.

getId

public String getId()

A unique identifier for the WebACL. This ID is returned in the responses to create and list commands. You use this ID to do things like get, update, and delete a WebACL.

Returns:

A unique identifier for the WebACL. This ID is returned in the responses to create and list commands. You use this ID to do things like get, update, and delete a WebACL.

withId

public WebACL withId(String id)

A unique identifier for the WebACL. This ID is returned in the responses to create and list commands. You use this ID to do things like get, update, and delete a WebACL.

Parameters:

id - A unique identifier for the WebACL. This ID is returned in the responses to create and list commands. You use this ID to do things like get, update, and delete a WebACL.

Returns:

Returns a reference to this object so that method calls can be chained together.

setARN

public void setARN(String aRN)

The Amazon Resource Name (ARN) of the web ACL that you want to associate with the resource.

Parameters:

aRN - The Amazon Resource Name (ARN) of the web ACL that you want to associate with the resource.

getARN

public String getARN()

The Amazon Resource Name (ARN) of the web ACL that you want to associate with the resource.

Returns:

The Amazon Resource Name (ARN) of the web ACL that you want to associate with the resource.

withARN

public WebACL withARN(String aRN)

The Amazon Resource Name (ARN) of the web ACL that you want to associate with the resource.

Parameters:

aRN - The Amazon Resource Name (ARN) of the web ACL that you want to associate with the resource.

Returns:

Returns a reference to this object so that method calls can be chained together.

setDefaultAction

public void setDefaultAction(DefaultAction defaultAction)

The action to perform if none of the Rules contained in the WebACL match.

Parameters:

defaultAction - The action to perform if none of the Rules contained in the WebACL match.

getDefaultAction

public DefaultAction getDefaultAction()

The action to perform if none of the Rules contained in the WebACL match.

Returns:

The action to perform if none of the Rules contained in the WebACL match.

withDefaultAction

public WebACL withDefaultAction(DefaultAction defaultAction)

The action to perform if none of the Rules contained in the WebACL match.

Parameters:

defaultAction - The action to perform if none of the Rules contained in the WebACL match.

Returns:

Returns a reference to this object so that method calls can be chained together.

setDescription

public void setDescription(String description)

A description of the web ACL that helps with identification.

Parameters:

description - A description of the web ACL that helps with identification.

getDescription

public String getDescription()

A description of the web ACL that helps with identification.

Returns:

A description of the web ACL that helps with identification.

withDescription

public WebACL withDescription(String description)

A description of the web ACL that helps with identification.

Parameters:

description - A description of the web ACL that helps with identification.

Returns:

Returns a reference to this object so that method calls can be chained together.

getRules

public List<Rule> getRules()

The Rule statements used to identify the web requests that you want to manage. Each rule includes one top-level statement that WAF uses to identify matching web requests, and parameters that govern how WAF handles them.

Returns:

The Rule statements used to identify the web requests that you want to manage. Each rule includes one top-level statement that WAF uses to identify matching web requests, and parameters that govern how WAF handles them.

setRules

public void setRules(Collection<Rule> rules)

The Rule statements used to identify the web requests that you want to manage. Each rule includes one top-level statement that WAF uses to identify matching web requests, and parameters that govern how WAF handles them.

Parameters:

rules - The Rule statements used to identify the web requests that you want to manage. Each rule includes one top-level statement that WAF uses to identify matching web requests, and parameters that govern how WAF handles them.

withRules

public WebACL withRules(Rule... rules)

The Rule statements used to identify the web requests that you want to manage. Each rule includes one top-level statement that WAF uses to identify matching web requests, and parameters that govern how WAF handles them.

NOTE: This method appends the values to the existing list (if any). Use setRules(java.util.Collection) or withRules(java.util.Collection) if you want to override the existing values.

Parameters:

rules - The Rule statements used to identify the web requests that you want to manage. Each rule includes one top-level statement that WAF uses to identify matching web requests, and parameters that govern how WAF handles them.

Returns:

Returns a reference to this object so that method calls can be chained together.

withRules

public WebACL withRules(Collection<Rule> rules)

The Rule statements used to identify the web requests that you want to manage. Each rule includes one top-level statement that WAF uses to identify matching web requests, and parameters that govern how WAF handles them.

Parameters:

rules - The Rule statements used to identify the web requests that you want to manage. Each rule includes one top-level statement that WAF uses to identify matching web requests, and parameters that govern how WAF handles them.

Returns:

Returns a reference to this object so that method calls can be chained together.

setVisibilityConfig

public void setVisibilityConfig(VisibilityConfig visibilityConfig)

Defines and enables Amazon CloudWatch metrics and web request sample collection.

Parameters:

visibilityConfig - Defines and enables Amazon CloudWatch metrics and web request sample collection.

getVisibilityConfig

public VisibilityConfig getVisibilityConfig()

Defines and enables Amazon CloudWatch metrics and web request sample collection.

Returns:

Defines and enables Amazon CloudWatch metrics and web request sample collection.

withVisibilityConfig

public WebACL withVisibilityConfig(VisibilityConfig visibilityConfig)

Defines and enables Amazon CloudWatch metrics and web request sample collection.

Parameters:

visibilityConfig - Defines and enables Amazon CloudWatch metrics and web request sample collection.

Returns:

Returns a reference to this object so that method calls can be chained together.

setCapacity

public void setCapacity(Long capacity)

The web ACL capacity units (WCUs) currently being used by this web ACL.

WAF uses WCUs to calculate and control the operating resources that are used to run your rules, rule groups, and web ACLs. WAF calculates capacity differently for each rule type, to reflect the relative cost of each rule. Simple rules that cost little to run use fewer WCUs than more complex rules that use more processing power. Rule group capacity is fixed at creation, which helps users plan their web ACL WCU usage when they use a rule group. For more information, see WAF web ACL capacity units (WCU) in the WAF Developer Guide.

Parameters:

capacity - The web ACL capacity units (WCUs) currently being used by this web ACL.

WAF uses WCUs to calculate and control the operating resources that are used to run your rules, rule groups, and web ACLs. WAF calculates capacity differently for each rule type, to reflect the relative cost of each rule. Simple rules that cost little to run use fewer WCUs than more complex rules that use more processing power. Rule group capacity is fixed at creation, which helps users plan their web ACL WCU usage when they use a rule group. For more information, see WAF web ACL capacity units (WCU) in the WAF Developer Guide.

getCapacity

public Long getCapacity()

The web ACL capacity units (WCUs) currently being used by this web ACL.

WAF uses WCUs to calculate and control the operating resources that are used to run your rules, rule groups, and web ACLs. WAF calculates capacity differently for each rule type, to reflect the relative cost of each rule. Simple rules that cost little to run use fewer WCUs than more complex rules that use more processing power. Rule group capacity is fixed at creation, which helps users plan their web ACL WCU usage when they use a rule group. For more information, see WAF web ACL capacity units (WCU) in the WAF Developer Guide.

Returns:

The web ACL capacity units (WCUs) currently being used by this web ACL.

WAF uses WCUs to calculate and control the operating resources that are used to run your rules, rule groups, and web ACLs. WAF calculates capacity differently for each rule type, to reflect the relative cost of each rule. Simple rules that cost little to run use fewer WCUs than more complex rules that use more processing power. Rule group capacity is fixed at creation, which helps users plan their web ACL WCU usage when they use a rule group. For more information, see WAF web ACL capacity units (WCU) in the WAF Developer Guide.

withCapacity

public WebACL withCapacity(Long capacity)

The web ACL capacity units (WCUs) currently being used by this web ACL.

WAF uses WCUs to calculate and control the operating resources that are used to run your rules, rule groups, and web ACLs. WAF calculates capacity differently for each rule type, to reflect the relative cost of each rule. Simple rules that cost little to run use fewer WCUs than more complex rules that use more processing power. Rule group capacity is fixed at creation, which helps users plan their web ACL WCU usage when they use a rule group. For more information, see WAF web ACL capacity units (WCU) in the WAF Developer Guide.

Parameters:

capacity - The web ACL capacity units (WCUs) currently being used by this web ACL.

WAF uses WCUs to calculate and control the operating resources that are used to run your rules, rule groups, and web ACLs. WAF calculates capacity differently for each rule type, to reflect the relative cost of each rule. Simple rules that cost little to run use fewer WCUs than more complex rules that use more processing power. Rule group capacity is fixed at creation, which helps users plan their web ACL WCU usage when they use a rule group. For more information, see WAF web ACL capacity units (WCU) in the WAF Developer Guide.

Returns:

Returns a reference to this object so that method calls can be chained together.

getPreProcessFirewallManagerRuleGroups

public List<FirewallManagerRuleGroup> getPreProcessFirewallManagerRuleGroups()

The first set of rules for WAF to process in the web ACL. This is defined in an Firewall Manager WAF policy and contains only rule group references. You can't alter these. Any rules and rule groups that you define for the web ACL are prioritized after these.

In the Firewall Manager WAF policy, the Firewall Manager administrator can define a set of rule groups to run first in the web ACL and a set of rule groups to run last. Within each set, the administrator prioritizes the rule groups, to determine their relative processing order.

Returns:

The first set of rules for WAF to process in the web ACL. This is defined in an Firewall Manager WAF policy and contains only rule group references. You can't alter these. Any rules and rule groups that you define for the web ACL are prioritized after these.

In the Firewall Manager WAF policy, the Firewall Manager administrator can define a set of rule groups to run first in the web ACL and a set of rule groups to run last. Within each set, the administrator prioritizes the rule groups, to determine their relative processing order.

setPreProcessFirewallManagerRuleGroups

public void setPreProcessFirewallManagerRuleGroups(Collection<FirewallManagerRuleGroup> preProcessFirewallManagerRuleGroups)

The first set of rules for WAF to process in the web ACL. This is defined in an Firewall Manager WAF policy and contains only rule group references. You can't alter these. Any rules and rule groups that you define for the web ACL are prioritized after these.

In the Firewall Manager WAF policy, the Firewall Manager administrator can define a set of rule groups to run first in the web ACL and a set of rule groups to run last. Within each set, the administrator prioritizes the rule groups, to determine their relative processing order.

Parameters:

preProcessFirewallManagerRuleGroups - The first set of rules for WAF to process in the web ACL. This is defined in an Firewall Manager WAF policy and contains only rule group references. You can't alter these. Any rules and rule groups that you define for the web ACL are prioritized after these.

In the Firewall Manager WAF policy, the Firewall Manager administrator can define a set of rule groups to run first in the web ACL and a set of rule groups to run last. Within each set, the administrator prioritizes the rule groups, to determine their relative processing order.

withPreProcessFirewallManagerRuleGroups

public WebACL withPreProcessFirewallManagerRuleGroups(FirewallManagerRuleGroup... preProcessFirewallManagerRuleGroups)

The first set of rules for WAF to process in the web ACL. This is defined in an Firewall Manager WAF policy and contains only rule group references. You can't alter these. Any rules and rule groups that you define for the web ACL are prioritized after these.

In the Firewall Manager WAF policy, the Firewall Manager administrator can define a set of rule groups to run first in the web ACL and a set of rule groups to run last. Within each set, the administrator prioritizes the rule groups, to determine their relative processing order.

NOTE: This method appends the values to the existing list (if any). Use setPreProcessFirewallManagerRuleGroups(java.util.Collection) or withPreProcessFirewallManagerRuleGroups(java.util.Collection) if you want to override the existing values.

Parameters:

preProcessFirewallManagerRuleGroups - The first set of rules for WAF to process in the web ACL. This is defined in an Firewall Manager WAF policy and contains only rule group references. You can't alter these. Any rules and rule groups that you define for the web ACL are prioritized after these.

In the Firewall Manager WAF policy, the Firewall Manager administrator can define a set of rule groups to run first in the web ACL and a set of rule groups to run last. Within each set, the administrator prioritizes the rule groups, to determine their relative processing order.

Returns:

Returns a reference to this object so that method calls can be chained together.

withPreProcessFirewallManagerRuleGroups

public WebACL withPreProcessFirewallManagerRuleGroups(Collection<FirewallManagerRuleGroup> preProcessFirewallManagerRuleGroups)

The first set of rules for WAF to process in the web ACL. This is defined in an Firewall Manager WAF policy and contains only rule group references. You can't alter these. Any rules and rule groups that you define for the web ACL are prioritized after these.

In the Firewall Manager WAF policy, the Firewall Manager administrator can define a set of rule groups to run first in the web ACL and a set of rule groups to run last. Within each set, the administrator prioritizes the rule groups, to determine their relative processing order.

Parameters:

preProcessFirewallManagerRuleGroups - The first set of rules for WAF to process in the web ACL. This is defined in an Firewall Manager WAF policy and contains only rule group references. You can't alter these. Any rules and rule groups that you define for the web ACL are prioritized after these.

In the Firewall Manager WAF policy, the Firewall Manager administrator can define a set of rule groups to run first in the web ACL and a set of rule groups to run last. Within each set, the administrator prioritizes the rule groups, to determine their relative processing order.

Returns:

Returns a reference to this object so that method calls can be chained together.

getPostProcessFirewallManagerRuleGroups

public List<FirewallManagerRuleGroup> getPostProcessFirewallManagerRuleGroups()

The last set of rules for WAF to process in the web ACL. This is defined in an Firewall Manager WAF policy and contains only rule group references. You can't alter these. Any rules and rule groups that you define for the web ACL are prioritized before these.

In the Firewall Manager WAF policy, the Firewall Manager administrator can define a set of rule groups to run first in the web ACL and a set of rule groups to run last. Within each set, the administrator prioritizes the rule groups, to determine their relative processing order.

Returns:

The last set of rules for WAF to process in the web ACL. This is defined in an Firewall Manager WAF policy and contains only rule group references. You can't alter these. Any rules and rule groups that you define for the web ACL are prioritized before these.

In the Firewall Manager WAF policy, the Firewall Manager administrator can define a set of rule groups to run first in the web ACL and a set of rule groups to run last. Within each set, the administrator prioritizes the rule groups, to determine their relative processing order.

setPostProcessFirewallManagerRuleGroups

public void setPostProcessFirewallManagerRuleGroups(Collection<FirewallManagerRuleGroup> postProcessFirewallManagerRuleGroups)

The last set of rules for WAF to process in the web ACL. This is defined in an Firewall Manager WAF policy and contains only rule group references. You can't alter these. Any rules and rule groups that you define for the web ACL are prioritized before these.

In the Firewall Manager WAF policy, the Firewall Manager administrator can define a set of rule groups to run first in the web ACL and a set of rule groups to run last. Within each set, the administrator prioritizes the rule groups, to determine their relative processing order.

Parameters:

postProcessFirewallManagerRuleGroups - The last set of rules for WAF to process in the web ACL. This is defined in an Firewall Manager WAF policy and contains only rule group references. You can't alter these. Any rules and rule groups that you define for the web ACL are prioritized before these.

In the Firewall Manager WAF policy, the Firewall Manager administrator can define a set of rule groups to run first in the web ACL and a set of rule groups to run last. Within each set, the administrator prioritizes the rule groups, to determine their relative processing order.

withPostProcessFirewallManagerRuleGroups

public WebACL withPostProcessFirewallManagerRuleGroups(FirewallManagerRuleGroup... postProcessFirewallManagerRuleGroups)

The last set of rules for WAF to process in the web ACL. This is defined in an Firewall Manager WAF policy and contains only rule group references. You can't alter these. Any rules and rule groups that you define for the web ACL are prioritized before these.

In the Firewall Manager WAF policy, the Firewall Manager administrator can define a set of rule groups to run first in the web ACL and a set of rule groups to run last. Within each set, the administrator prioritizes the rule groups, to determine their relative processing order.

NOTE: This method appends the values to the existing list (if any). Use setPostProcessFirewallManagerRuleGroups(java.util.Collection) or withPostProcessFirewallManagerRuleGroups(java.util.Collection) if you want to override the existing values.

Parameters:

postProcessFirewallManagerRuleGroups - The last set of rules for WAF to process in the web ACL. This is defined in an Firewall Manager WAF policy and contains only rule group references. You can't alter these. Any rules and rule groups that you define for the web ACL are prioritized before these.

In the Firewall Manager WAF policy, the Firewall Manager administrator can define a set of rule groups to run first in the web ACL and a set of rule groups to run last. Within each set, the administrator prioritizes the rule groups, to determine their relative processing order.

Returns:

Returns a reference to this object so that method calls can be chained together.

withPostProcessFirewallManagerRuleGroups

public WebACL withPostProcessFirewallManagerRuleGroups(Collection<FirewallManagerRuleGroup> postProcessFirewallManagerRuleGroups)

The last set of rules for WAF to process in the web ACL. This is defined in an Firewall Manager WAF policy and contains only rule group references. You can't alter these. Any rules and rule groups that you define for the web ACL are prioritized before these.

In the Firewall Manager WAF policy, the Firewall Manager administrator can define a set of rule groups to run first in the web ACL and a set of rule groups to run last. Within each set, the administrator prioritizes the rule groups, to determine their relative processing order.

Parameters:

postProcessFirewallManagerRuleGroups - The last set of rules for WAF to process in the web ACL. This is defined in an Firewall Manager WAF policy and contains only rule group references. You can't alter these. Any rules and rule groups that you define for the web ACL are prioritized before these.

In the Firewall Manager WAF policy, the Firewall Manager administrator can define a set of rule groups to run first in the web ACL and a set of rule groups to run last. Within each set, the administrator prioritizes the rule groups, to determine their relative processing order.

Returns:

Returns a reference to this object so that method calls can be chained together.

setManagedByFirewallManager

public void setManagedByFirewallManager(Boolean managedByFirewallManager)

Indicates whether this web ACL is managed by Firewall Manager. If true, then only Firewall Manager can delete the web ACL or any Firewall Manager rule groups in the web ACL.

Parameters:

managedByFirewallManager - Indicates whether this web ACL is managed by Firewall Manager. If true, then only Firewall Manager can delete the web ACL or any Firewall Manager rule groups in the web ACL.

getManagedByFirewallManager

public Boolean getManagedByFirewallManager()

Indicates whether this web ACL is managed by Firewall Manager. If true, then only Firewall Manager can delete the web ACL or any Firewall Manager rule groups in the web ACL.

Returns:

Indicates whether this web ACL is managed by Firewall Manager. If true, then only Firewall Manager can delete the web ACL or any Firewall Manager rule groups in the web ACL.

withManagedByFirewallManager

public WebACL withManagedByFirewallManager(Boolean managedByFirewallManager)

Indicates whether this web ACL is managed by Firewall Manager. If true, then only Firewall Manager can delete the web ACL or any Firewall Manager rule groups in the web ACL.

Parameters:

managedByFirewallManager - Indicates whether this web ACL is managed by Firewall Manager. If true, then only Firewall Manager can delete the web ACL or any Firewall Manager rule groups in the web ACL.

Returns:

Returns a reference to this object so that method calls can be chained together.

isManagedByFirewallManager

public Boolean isManagedByFirewallManager()

Indicates whether this web ACL is managed by Firewall Manager. If true, then only Firewall Manager can delete the web ACL or any Firewall Manager rule groups in the web ACL.

Returns:

Indicates whether this web ACL is managed by Firewall Manager. If true, then only Firewall Manager can delete the web ACL or any Firewall Manager rule groups in the web ACL.

setLabelNamespace

public void setLabelNamespace(String labelNamespace)

The label namespace prefix for this web ACL. All labels added by rules in this web ACL have this prefix.

• The syntax for the label namespace prefix for a web ACL is the following:

  awswaf:<account ID>:webacl:<web ACL name>:

• When a rule with a label matches a web request, WAF adds the fully qualified label to the request. A fully qualified label is made up of the label namespace from the rule group or web ACL where the rule is defined and the label from the rule, separated by a colon:

  <label namespace>:<label from rule>

Parameters:

labelNamespace - The label namespace prefix for this web ACL. All labels added by rules in this web ACL have this prefix.

• The syntax for the label namespace prefix for a web ACL is the following:

  awswaf:<account ID>:webacl:<web ACL name>:

• When a rule with a label matches a web request, WAF adds the fully qualified label to the request. A fully qualified label is made up of the label namespace from the rule group or web ACL where the rule is defined and the label from the rule, separated by a colon:

  <label namespace>:<label from rule>

getLabelNamespace

public String getLabelNamespace()

The label namespace prefix for this web ACL. All labels added by rules in this web ACL have this prefix.

• The syntax for the label namespace prefix for a web ACL is the following:

  awswaf:<account ID>:webacl:<web ACL name>:

• When a rule with a label matches a web request, WAF adds the fully qualified label to the request. A fully qualified label is made up of the label namespace from the rule group or web ACL where the rule is defined and the label from the rule, separated by a colon:

  <label namespace>:<label from rule>

Returns:

The label namespace prefix for this web ACL. All labels added by rules in this web ACL have this prefix.

• The syntax for the label namespace prefix for a web ACL is the following:

  awswaf:<account ID>:webacl:<web ACL name>:

• When a rule with a label matches a web request, WAF adds the fully qualified label to the request. A fully qualified label is made up of the label namespace from the rule group or web ACL where the rule is defined and the label from the rule, separated by a colon:

  <label namespace>:<label from rule>

withLabelNamespace

public WebACL withLabelNamespace(String labelNamespace)

The label namespace prefix for this web ACL. All labels added by rules in this web ACL have this prefix.

• The syntax for the label namespace prefix for a web ACL is the following:

  awswaf:<account ID>:webacl:<web ACL name>:

• When a rule with a label matches a web request, WAF adds the fully qualified label to the request. A fully qualified label is made up of the label namespace from the rule group or web ACL where the rule is defined and the label from the rule, separated by a colon:

  <label namespace>:<label from rule>

Parameters:

labelNamespace - The label namespace prefix for this web ACL. All labels added by rules in this web ACL have this prefix.

• The syntax for the label namespace prefix for a web ACL is the following:

  awswaf:<account ID>:webacl:<web ACL name>:

• When a rule with a label matches a web request, WAF adds the fully qualified label to the request. A fully qualified label is made up of the label namespace from the rule group or web ACL where the rule is defined and the label from the rule, separated by a colon:

  <label namespace>:<label from rule>

Returns:

Returns a reference to this object so that method calls can be chained together.

getCustomResponseBodies

public Map<String,CustomResponseBody> getCustomResponseBodies()

A map of custom response keys and content bodies. When you create a rule with a block action, you can send a custom response to the web request. You define these for the web ACL, and then use them in the rules and default actions that you define in the web ACL.

For information about customizing web requests and responses, see Customizing web requests and responses in WAF in the WAF Developer Guide.

For information about the limits on count and size for custom request and response settings, see WAF quotas in the WAF Developer Guide.

Returns:

A map of custom response keys and content bodies. When you create a rule with a block action, you can send a custom response to the web request. You define these for the web ACL, and then use them in the rules and default actions that you define in the web ACL.

For information about customizing web requests and responses, see Customizing web requests and responses in WAF in the WAF Developer Guide.

For information about the limits on count and size for custom request and response settings, see WAF quotas in the WAF Developer Guide.

setCustomResponseBodies

public void setCustomResponseBodies(Map<String,CustomResponseBody> customResponseBodies)

A map of custom response keys and content bodies. When you create a rule with a block action, you can send a custom response to the web request. You define these for the web ACL, and then use them in the rules and default actions that you define in the web ACL.

For information about customizing web requests and responses, see Customizing web requests and responses in WAF in the WAF Developer Guide.

For information about the limits on count and size for custom request and response settings, see WAF quotas in the WAF Developer Guide.

Parameters:

customResponseBodies - A map of custom response keys and content bodies. When you create a rule with a block action, you can send a custom response to the web request. You define these for the web ACL, and then use them in the rules and default actions that you define in the web ACL.

For information about customizing web requests and responses, see Customizing web requests and responses in WAF in the WAF Developer Guide.

For information about the limits on count and size for custom request and response settings, see WAF quotas in the WAF Developer Guide.

withCustomResponseBodies

public WebACL withCustomResponseBodies(Map<String,CustomResponseBody> customResponseBodies)

A map of custom response keys and content bodies. When you create a rule with a block action, you can send a custom response to the web request. You define these for the web ACL, and then use them in the rules and default actions that you define in the web ACL.

For information about customizing web requests and responses, see Customizing web requests and responses in WAF in the WAF Developer Guide.

For information about the limits on count and size for custom request and response settings, see WAF quotas in the WAF Developer Guide.

Parameters:

customResponseBodies - A map of custom response keys and content bodies. When you create a rule with a block action, you can send a custom response to the web request. You define these for the web ACL, and then use them in the rules and default actions that you define in the web ACL.

For information about customizing web requests and responses, see Customizing web requests and responses in WAF in the WAF Developer Guide.

For information about the limits on count and size for custom request and response settings, see WAF quotas in the WAF Developer Guide.

Returns:

Returns a reference to this object so that method calls can be chained together.

addCustomResponseBodiesEntry

public WebACL addCustomResponseBodiesEntry(String key,
                                           CustomResponseBody value)

Add a single CustomResponseBodies entry

See Also:

withCustomResponseBodies(java.util.Map<java.lang.String, com.amazonaws.services.wafv2.model.CustomResponseBody>)

clearCustomResponseBodiesEntries

public WebACL clearCustomResponseBodiesEntries()

Removes all the entries added into CustomResponseBodies.

Returns:

Returns a reference to this object so that method calls can be chained together.

setCaptchaConfig

public void setCaptchaConfig(CaptchaConfig captchaConfig)

Specifies how WAF should handle CAPTCHA evaluations for rules that don't have their own CaptchaConfig settings. If you don't specify this, WAF uses its default settings for CaptchaConfig.

Parameters:

captchaConfig - Specifies how WAF should handle CAPTCHA evaluations for rules that don't have their own CaptchaConfig settings. If you don't specify this, WAF uses its default settings for CaptchaConfig.

getCaptchaConfig

public CaptchaConfig getCaptchaConfig()

Specifies how WAF should handle CAPTCHA evaluations for rules that don't have their own CaptchaConfig settings. If you don't specify this, WAF uses its default settings for CaptchaConfig.

Returns:

Specifies how WAF should handle CAPTCHA evaluations for rules that don't have their own CaptchaConfig settings. If you don't specify this, WAF uses its default settings for CaptchaConfig.

withCaptchaConfig

public WebACL withCaptchaConfig(CaptchaConfig captchaConfig)

Specifies how WAF should handle CAPTCHA evaluations for rules that don't have their own CaptchaConfig settings. If you don't specify this, WAF uses its default settings for CaptchaConfig.

Parameters:

captchaConfig - Specifies how WAF should handle CAPTCHA evaluations for rules that don't have their own CaptchaConfig settings. If you don't specify this, WAF uses its default settings for CaptchaConfig.

Returns:

Returns a reference to this object so that method calls can be chained together.

setChallengeConfig

public void setChallengeConfig(ChallengeConfig challengeConfig)

Specifies how WAF should handle challenge evaluations for rules that don't have their own ChallengeConfig settings. If you don't specify this, WAF uses its default settings for ChallengeConfig.

Parameters:

challengeConfig - Specifies how WAF should handle challenge evaluations for rules that don't have their own ChallengeConfig settings. If you don't specify this, WAF uses its default settings for ChallengeConfig.

getChallengeConfig

public ChallengeConfig getChallengeConfig()

Specifies how WAF should handle challenge evaluations for rules that don't have their own ChallengeConfig settings. If you don't specify this, WAF uses its default settings for ChallengeConfig.

Returns:

Specifies how WAF should handle challenge evaluations for rules that don't have their own ChallengeConfig settings. If you don't specify this, WAF uses its default settings for ChallengeConfig.

withChallengeConfig

public WebACL withChallengeConfig(ChallengeConfig challengeConfig)

Specifies how WAF should handle challenge evaluations for rules that don't have their own ChallengeConfig settings. If you don't specify this, WAF uses its default settings for ChallengeConfig.

Parameters:

challengeConfig - Specifies how WAF should handle challenge evaluations for rules that don't have their own ChallengeConfig settings. If you don't specify this, WAF uses its default settings for ChallengeConfig.

Returns:

Returns a reference to this object so that method calls can be chained together.

getTokenDomains

public List<String> getTokenDomains()

Specifies the domains that WAF should accept in a web request token. This enables the use of tokens across multiple protected websites. When WAF provides a token, it uses the domain of the Amazon Web Services resource that the web ACL is protecting. If you don't specify a list of token domains, WAF accepts tokens only for the domain of the protected resource. With a token domain list, WAF accepts the resource's host domain plus all domains in the token domain list, including their prefixed subdomains.

Returns:

Specifies the domains that WAF should accept in a web request token. This enables the use of tokens across multiple protected websites. When WAF provides a token, it uses the domain of the Amazon Web Services resource that the web ACL is protecting. If you don't specify a list of token domains, WAF accepts tokens only for the domain of the protected resource. With a token domain list, WAF accepts the resource's host domain plus all domains in the token domain list, including their prefixed subdomains.

setTokenDomains

public void setTokenDomains(Collection<String> tokenDomains)

Specifies the domains that WAF should accept in a web request token. This enables the use of tokens across multiple protected websites. When WAF provides a token, it uses the domain of the Amazon Web Services resource that the web ACL is protecting. If you don't specify a list of token domains, WAF accepts tokens only for the domain of the protected resource. With a token domain list, WAF accepts the resource's host domain plus all domains in the token domain list, including their prefixed subdomains.

Parameters:

tokenDomains - Specifies the domains that WAF should accept in a web request token. This enables the use of tokens across multiple protected websites. When WAF provides a token, it uses the domain of the Amazon Web Services resource that the web ACL is protecting. If you don't specify a list of token domains, WAF accepts tokens only for the domain of the protected resource. With a token domain list, WAF accepts the resource's host domain plus all domains in the token domain list, including their prefixed subdomains.

withTokenDomains

public WebACL withTokenDomains(String... tokenDomains)

Specifies the domains that WAF should accept in a web request token. This enables the use of tokens across multiple protected websites. When WAF provides a token, it uses the domain of the Amazon Web Services resource that the web ACL is protecting. If you don't specify a list of token domains, WAF accepts tokens only for the domain of the protected resource. With a token domain list, WAF accepts the resource's host domain plus all domains in the token domain list, including their prefixed subdomains.

NOTE: This method appends the values to the existing list (if any). Use setTokenDomains(java.util.Collection) or withTokenDomains(java.util.Collection) if you want to override the existing values.

Parameters:

tokenDomains - Specifies the domains that WAF should accept in a web request token. This enables the use of tokens across multiple protected websites. When WAF provides a token, it uses the domain of the Amazon Web Services resource that the web ACL is protecting. If you don't specify a list of token domains, WAF accepts tokens only for the domain of the protected resource. With a token domain list, WAF accepts the resource's host domain plus all domains in the token domain list, including their prefixed subdomains.

Returns:

Returns a reference to this object so that method calls can be chained together.

withTokenDomains

public WebACL withTokenDomains(Collection<String> tokenDomains)

Specifies the domains that WAF should accept in a web request token. This enables the use of tokens across multiple protected websites. When WAF provides a token, it uses the domain of the Amazon Web Services resource that the web ACL is protecting. If you don't specify a list of token domains, WAF accepts tokens only for the domain of the protected resource. With a token domain list, WAF accepts the resource's host domain plus all domains in the token domain list, including their prefixed subdomains.

Parameters:

tokenDomains - Specifies the domains that WAF should accept in a web request token. This enables the use of tokens across multiple protected websites. When WAF provides a token, it uses the domain of the Amazon Web Services resource that the web ACL is protecting. If you don't specify a list of token domains, WAF accepts tokens only for the domain of the protected resource. With a token domain list, WAF accepts the resource's host domain plus all domains in the token domain list, including their prefixed subdomains.

Returns:

Returns a reference to this object so that method calls can be chained together.

setAssociationConfig

public void setAssociationConfig(AssociationConfig associationConfig)

Specifies custom configurations for the associations between the web ACL and protected resources.

Use this to customize the maximum size of the request body that your protected resources forward to WAF for inspection. You can customize this setting for CloudFront, API Gateway, Amazon Cognito, App Runner, or Verified Access resources. The default setting is 16 KB (16,384 bytes).

You are charged additional fees when your protected resources forward body sizes that are larger than the default. For more information, see WAF Pricing.

For Application Load Balancer and AppSync, the limit is fixed at 8 KB (8,192 bytes).

Parameters:

associationConfig - Specifies custom configurations for the associations between the web ACL and protected resources.

Use this to customize the maximum size of the request body that your protected resources forward to WAF for inspection. You can customize this setting for CloudFront, API Gateway, Amazon Cognito, App Runner, or Verified Access resources. The default setting is 16 KB (16,384 bytes).

You are charged additional fees when your protected resources forward body sizes that are larger than the default. For more information, see WAF Pricing.

For Application Load Balancer and AppSync, the limit is fixed at 8 KB (8,192 bytes).

getAssociationConfig

public AssociationConfig getAssociationConfig()

Specifies custom configurations for the associations between the web ACL and protected resources.

Use this to customize the maximum size of the request body that your protected resources forward to WAF for inspection. You can customize this setting for CloudFront, API Gateway, Amazon Cognito, App Runner, or Verified Access resources. The default setting is 16 KB (16,384 bytes).

You are charged additional fees when your protected resources forward body sizes that are larger than the default. For more information, see WAF Pricing.

For Application Load Balancer and AppSync, the limit is fixed at 8 KB (8,192 bytes).

Returns:

Specifies custom configurations for the associations between the web ACL and protected resources.

Use this to customize the maximum size of the request body that your protected resources forward to WAF for inspection. You can customize this setting for CloudFront, API Gateway, Amazon Cognito, App Runner, or Verified Access resources. The default setting is 16 KB (16,384 bytes).

You are charged additional fees when your protected resources forward body sizes that are larger than the default. For more information, see WAF Pricing.

For Application Load Balancer and AppSync, the limit is fixed at 8 KB (8,192 bytes).

withAssociationConfig

public WebACL withAssociationConfig(AssociationConfig associationConfig)

Specifies custom configurations for the associations between the web ACL and protected resources.

Use this to customize the maximum size of the request body that your protected resources forward to WAF for inspection. You can customize this setting for CloudFront, API Gateway, Amazon Cognito, App Runner, or Verified Access resources. The default setting is 16 KB (16,384 bytes).

You are charged additional fees when your protected resources forward body sizes that are larger than the default. For more information, see WAF Pricing.

For Application Load Balancer and AppSync, the limit is fixed at 8 KB (8,192 bytes).

Parameters:

associationConfig - Specifies custom configurations for the associations between the web ACL and protected resources.

Use this to customize the maximum size of the request body that your protected resources forward to WAF for inspection. You can customize this setting for CloudFront, API Gateway, Amazon Cognito, App Runner, or Verified Access resources. The default setting is 16 KB (16,384 bytes).

You are charged additional fees when your protected resources forward body sizes that are larger than the default. For more information, see WAF Pricing.

For Application Load Balancer and AppSync, the limit is fixed at 8 KB (8,192 bytes).

Returns:

Returns a reference to this object so that method calls can be chained together.

toString

public String toString()

Returns a string representation of this object. This is useful for testing and debugging. Sensitive data will be redacted from this string using a placeholder value.

Overrides:

toString in class Object

Returns:

A string representation of this object.

See Also:

Object.toString()

equals

public boolean equals(Object obj)

Overrides:

equals in class Object

hashCode

public int hashCode()

Overrides:

hashCode in class Object

clone

public WebACL clone()

Overrides:

clone in class Object

marshall

public void marshall(ProtocolMarshaller protocolMarshaller)

Description copied from interface: StructuredPojo

Marshalls this structured data using the given ProtocolMarshaller.

Specified by:

marshall in interface StructuredPojo

Parameters:

protocolMarshaller - Implementation of ProtocolMarshaller used to marshall this object's data.