AWS::WAFRegional::RegexPatternSet - AWS CloudFormation


The RegexPatternSet specifies the regular expression (regex) pattern that you want AWS WAF to search for, such as B[a@]dB[o0]t. You can then configure AWS WAF to reject those requests.

Note that you can only create regex pattern sets using a AWS CloudFormation template. To add the regex pattern sets created through AWS CloudFormation to a RegexMatchSet, use the AWS WAF console, API, or command line interface (CLI). For more information, see UpdateRegexMatchSet.


To declare this entity in your AWS CloudFormation template, use the following syntax:


{ "Type" : "AWS::WAFRegional::RegexPatternSet", "Properties" : { "Name" : String, "RegexPatternStrings" : [ String, ... ] } }


Type: AWS::WAFRegional::RegexPatternSet Properties: Name: String RegexPatternStrings: - String



A friendly name or description of the AWS::WAFRegional::RegexPatternSet. You can't change Name after you create a RegexPatternSet.

Required: Yes

Type: String

Minimum: 1

Maximum: 128

Pattern: .*\S.*

Update requires: Replacement


Specifies the regular expression (regex) patterns that you want AWS WAF to search for, such as B[a@]dB[o0]t.

Required: Yes

Type: List of String

Maximum: 10

Update requires: No interruption

Return values


When you pass the logical ID of this resource to the intrinsic Ref function, Ref returns the resource physical ID, such as 1234a1a-a1b1-12a1-abcd-a123b123456.

For more information about using the Ref function, see Ref.


Define Regular Expression Pattern

The following example defines a regular expression (regex) pattern for a web access control list (ACL) rule.


"MyRegexPatternSet": { "Type": "AWS::WAFRegional::RegexPatternSet", "Properties": { "Name": "Regex Pattern Set", "RegexPatternStrings": ["badbot", "danger"] } }


MyRegexPatternSet: Type: "AWS::WAFRegional::RegexPatternSet" Properties: Name: "Regex Pattern Set" RegexPatternStrings: - "[B[a@]dB[o0]t" - "D[a@]ng[e3]rStr[i1]ng"

Associate a RegexPatternSet with a Web ACL Rule

The following example associates the MyRegexPatternSet with a web ACL rule.


"MyRegexRule" : { "Type": "AWS::WAFRegional::Rule", "Properties": { "Name": "MyRegexRule", "MetricName" : "MyRegexRule", "Predicates": [ { "DataId" : { "Ref" : "MyRegexPatternSet" }, "Negated" : false, "Type" : "RegexMatch" } ] } }


MyRegexRule: Type: "AWS::WAFRegional::Rule" Properties: Name: "MyRegexRule" MetricName: "MyRegexRule" Predicates: - DataId: Ref: "MyRegexPatternSet" Negated: false Type: "RegexMatch"

Create a Web ACL

The following example associates the MyRegexRule rule with a web ACL. The web ACL allows requests except for those that include strings defined by MyRegexRule.


"MyWebACL": { "Type": "AWS::WAFRegional::WebACL", "Properties": { "Name": "WebACL to block certain regex strings", "DefaultAction": { "Type": "ALLOW" }, "MetricName" : "MyWebACL", "Rules": [ { "Action" : { "Type" : "BLOCK" }, "Priority" : 1, "RuleId" : { "Ref" : "MyRegexRule" } } ] } }


MyWebACL: Type: "AWS::WAFRegional::WebACL" Properties: Name: "WebACL to block certain regex strings" DefaultAction: Type: "ALLOW" MetricName: "MyWebACL" Rules: - Action: Type: "BLOCK" Priority: 1 RuleId: Ref: "MyRegexRule"