Class: Aws::SecurityHub::Types::AwsWafWebAclRule

Inherits:
Struct
  • Object
show all
Defined in:
gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb

Overview

Note:

When making an API call, you may pass AwsWafWebAclRule data as a hash:

{
  action: {
    type: "NonEmptyString",
  },
  excluded_rules: [
    {
      rule_id: "NonEmptyString",
    },
  ],
  override_action: {
    type: "NonEmptyString",
  },
  priority: 1,
  rule_id: "NonEmptyString",
  type: "NonEmptyString",
}

Details for a rule in a WAF WebACL.

See Also:

Constant Summary collapse

SENSITIVE = 
[]

Instance Attribute Summary collapse

Instance Attribute Details

#actionTypes::WafAction

Specifies the action that CloudFront or AWS WAF takes when a web request matches the conditions in the rule.

Returns:



13886
13887
13888
13889
13890
13891
13892
13893
13894
13895
 
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 13886

class AwsWafWebAclRule < Struct.new(
  :action,
  :excluded_rules,
  :override_action,
  :priority,
  :rule_id,
  :type)
  SENSITIVE = []
  include Aws::Structure
end

#excluded_rulesArray<Types::WafExcludedRule>

Rules to exclude from a rule group.

Returns:



13886
13887
13888
13889
13890
13891
13892
13893
13894
13895
 
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 13886

class AwsWafWebAclRule < Struct.new(
  :action,
  :excluded_rules,
  :override_action,
  :priority,
  :rule_id,
  :type)
  SENSITIVE = []
  include Aws::Structure
end

#override_actionTypes::WafOverrideAction

Use the OverrideAction to test your RuleGroup.

Any rule in a RuleGroup can potentially block a request. If you set the OverrideAction to None, the RuleGroup blocks a request if any individual rule in the RuleGroup matches the request and is configured to block that request.

However, if you first want to test the RuleGroup, set the OverrideAction to Count. The RuleGroup then overrides any block action specified by individual rules contained within the group. Instead of blocking matching requests, those requests are counted.

ActivatedRule|OverrideAction applies only when updating or adding a RuleGroup to a WebACL. In this case you do not use ActivatedRule|Action. For all other update requests, ActivatedRule|Action is used instead of ActivatedRule|OverrideAction.

Returns:



13886
13887
13888
13889
13890
13891
13892
13893
13894
13895
 
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 13886

class AwsWafWebAclRule < Struct.new(
  :action,
  :excluded_rules,
  :override_action,
  :priority,
  :rule_id,
  :type)
  SENSITIVE = []
  include Aws::Structure
end

#priorityInteger

Specifies the order in which the rules in a WebACL are evaluated. Rules with a lower value for Priority are evaluated before rules with a higher value. The value must be a unique integer. If you add multiple rules to a WebACL, the values do not need to be consecutive.

Returns:

  • (Integer) 


13886
13887
13888
13889
13890
13891
13892
13893
13894
13895
 
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 13886

class AwsWafWebAclRule < Struct.new(
  :action,
  :excluded_rules,
  :override_action,
  :priority,
  :rule_id,
  :type)
  SENSITIVE = []
  include Aws::Structure
end

#rule_idString

The identifier for a rule.

Returns:

  • (String) 


13886
13887
13888
13889
13890
13891
13892
13893
13894
13895
 
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 13886

class AwsWafWebAclRule < Struct.new(
  :action,
  :excluded_rules,
  :override_action,
  :priority,
  :rule_id,
  :type)
  SENSITIVE = []
  include Aws::Structure
end

#typeString

The rule type.

Valid values: REGULAR | RATE_BASED | GROUP

The default is REGULAR.

Returns:

  • (String) 


13886
13887
13888
13889
13890
13891
13892
13893
13894
13895
 
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 13886

class AwsWafWebAclRule < Struct.new(
  :action,
  :excluded_rules,
  :override_action,
  :priority,
  :rule_id,
  :type)
  SENSITIVE = []
  include Aws::Structure
end