Class: Aws::SecurityHub::Types::AwsWafWebAclRule
- Inherits:
-
Struct
- Object
- Struct
- Aws::SecurityHub::Types::AwsWafWebAclRule
- Defined in:
- gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb
Overview
Details for a rule in an WAF web ACL.
Constant Summary collapse
- SENSITIVE =
[]
Instance Attribute Summary collapse
-
#action ⇒ Types::WafAction
Specifies the action that CloudFront or WAF takes when a web request matches the conditions in the rule.
-
#excluded_rules ⇒ Array<Types::WafExcludedRule>
Rules to exclude from a rule group.
-
#override_action ⇒ Types::WafOverrideAction
Use the
OverrideAction
to test yourRuleGroup
. -
#priority ⇒ Integer
Specifies the order in which the rules in a web ACL are evaluated.
-
#rule_id ⇒ String
The identifier for a rule.
-
#type ⇒ String
The rule type.
Instance Attribute Details
#action ⇒ Types::WafAction
Specifies the action that CloudFront or WAF takes when a web request matches the conditions in the rule.
21006 21007 21008 21009 21010 21011 21012 21013 21014 21015 |
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 21006 class AwsWafWebAclRule < Struct.new( :action, :excluded_rules, :override_action, :priority, :rule_id, :type) SENSITIVE = [] include Aws::Structure end |
#excluded_rules ⇒ Array<Types::WafExcludedRule>
Rules to exclude from a rule group.
21006 21007 21008 21009 21010 21011 21012 21013 21014 21015 |
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 21006 class AwsWafWebAclRule < Struct.new( :action, :excluded_rules, :override_action, :priority, :rule_id, :type) SENSITIVE = [] include Aws::Structure end |
#override_action ⇒ Types::WafOverrideAction
Use the OverrideAction
to test your RuleGroup
.
Any rule in a RuleGroup
can potentially block a request. If you
set the OverrideAction
to None
, the RuleGroup
blocks a request
if any individual rule in the RuleGroup
matches the request and is
configured to block that request.
However, if you first want to test the RuleGroup
, set the
OverrideAction
to Count
. The RuleGroup
then overrides any
block action specified by individual rules contained within the
group. Instead of blocking matching requests, those requests are
counted.
ActivatedRule
|OverrideAction
applies only when updating or
adding a RuleGroup
to a web ACL. In this case you don't use
ActivatedRule
Action
. For all other update requests,
ActivatedRule
Action
is used instead of ActivatedRule
OverrideAction
.
21006 21007 21008 21009 21010 21011 21012 21013 21014 21015 |
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 21006 class AwsWafWebAclRule < Struct.new( :action, :excluded_rules, :override_action, :priority, :rule_id, :type) SENSITIVE = [] include Aws::Structure end |
#priority ⇒ Integer
Specifies the order in which the rules in a web ACL are evaluated.
Rules with a lower value for Priority
are evaluated before rules
with a higher value. The value must be a unique integer. If you add
multiple rules to a web ACL, the values don't need to be
consecutive.
21006 21007 21008 21009 21010 21011 21012 21013 21014 21015 |
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 21006 class AwsWafWebAclRule < Struct.new( :action, :excluded_rules, :override_action, :priority, :rule_id, :type) SENSITIVE = [] include Aws::Structure end |
#rule_id ⇒ String
The identifier for a rule.
21006 21007 21008 21009 21010 21011 21012 21013 21014 21015 |
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 21006 class AwsWafWebAclRule < Struct.new( :action, :excluded_rules, :override_action, :priority, :rule_id, :type) SENSITIVE = [] include Aws::Structure end |
#type ⇒ String
The rule type.
Valid values: REGULAR
| RATE_BASED
| GROUP
The default is REGULAR
.
21006 21007 21008 21009 21010 21011 21012 21013 21014 21015 |
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 21006 class AwsWafWebAclRule < Struct.new( :action, :excluded_rules, :override_action, :priority, :rule_id, :type) SENSITIVE = [] include Aws::Structure end |