API Reference

PREVIEW DOCUMENTATION - This is a preview of a new format for the AWS SDK for Go API Reference documentation. For the current AWS SDK for Go API Reference, see

We welcome your feedback on this new version of the documentation. Send your comments to


import ""

type RateBasedRule struct { MatchPredicates []*Predicate `type:"list" required:"true"` MetricName *string `type:"string"` Name *string `min:"1" type:"string"` RateKey *string `type:"string" required:"true" enum:"RateKey"` RateLimit *int64 `min:"2000" type:"long" required:"true"` RuleId *string `min:"1" type:"string" required:"true"` }

A RateBasedRule is identical to a regular Rule, with one addition: a RateBasedRule counts the number of requests that arrive from a specified IP address every five minutes. For example, based on recent requests that you've seen from an attacker, you might create a RateBasedRule that includes the following conditions:

  • The requests come from

  • They contain the value BadBot in the User-Agent header.

In the rule, you also define the rate limit as 15,000.

Requests that meet both of these conditions and exceed 15,000 requests every five minutes trigger the rule's action (block or count), which is defined in the web ACL.


Specifies the ByteMatchSet, IPSet, SqlInjectionMatchSet, XssMatchSet, RegexMatchSet, GeoMatchSet, and SizeConstraintSet objects that you want to add to a Rule and, for each object, indicates whether you want to negate the settings, for example, requests that do NOT originate from the IP address


Type: *string

A friendly name or description for the metrics for a RateBasedRule. The name can contain only alphanumeric characters (A-Z, a-z, 0-9); the name can't contain whitespace. You can't change the name of the metric after you create the RateBasedRule.


Type: *string

A friendly name or description for a RateBasedRule. You can't change the name of a RateBasedRule after you create it.


Type: *string

The field that AWS WAF uses to determine if requests are likely arriving from single source and thus subject to rate monitoring. The only valid value for RateKey is IP. IP indicates that requests arriving from the same IP address are subject to the RateLimit that is specified in the RateBasedRule.

RateKey is a required field


Type: *int64

The maximum number of requests, which have an identical value in the field specified by the RateKey, allowed in a five-minute period. If the number of requests exceeds the RateLimit and the other predicates specified in the rule are also met, AWS WAF triggers the action that is specified for this rule.

RateLimit is a required field


Type: *string

A unique identifier for a RateBasedRule. You use RuleId to get more information about a RateBasedRule (see GetRateBasedRule), update a RateBasedRule (see UpdateRateBasedRule), insert a RateBasedRule into a WebACL or delete one from a WebACL (see UpdateWebACL), or delete a RateBasedRule from AWS WAF (see DeleteRateBasedRule).

RuleId is a required field



func (s RateBasedRule) GoString() string

GoString returns the string representation


func (s *RateBasedRule) SetMatchPredicates(v []*Predicate) *RateBasedRule

SetMatchPredicates sets the MatchPredicates field's value.


func (s *RateBasedRule) SetMetricName(v string) *RateBasedRule

SetMetricName sets the MetricName field's value.


func (s *RateBasedRule) SetName(v string) *RateBasedRule

SetName sets the Name field's value.


func (s *RateBasedRule) SetRateKey(v string) *RateBasedRule

SetRateKey sets the RateKey field's value.


func (s *RateBasedRule) SetRateLimit(v int64) *RateBasedRule

SetRateLimit sets the RateLimit field's value.


func (s *RateBasedRule) SetRuleId(v string) *RateBasedRule

SetRuleId sets the RuleId field's value.


func (s RateBasedRule) String() string

String returns the string representation

On this page: