Class: Aws::WAFV2::Types::Rule
- Inherits:
-
Struct
- Object
- Struct
- Aws::WAFV2::Types::Rule
- Defined in:
- gems/aws-sdk-wafv2/lib/aws-sdk-wafv2/types.rb
Overview
When making an API call, you may pass Rule data as a hash:
{
name: "EntityName", # required
priority: 1, # required
statement: { # required
byte_match_statement: {
search_string: "data", # required
field_to_match: { # required
single_header: {
name: "FieldToMatchData", # required
},
single_query_argument: {
name: "FieldToMatchData", # required
},
all_query_arguments: {
},
uri_path: {
},
query_string: {
},
body: {
},
method: {
},
json_body: {
match_pattern: { # required
all: {
},
included_paths: ["JsonPointerPath"],
},
match_scope: "ALL", # required, accepts ALL, KEY, VALUE
invalid_fallback_behavior: "MATCH", # accepts MATCH, NO_MATCH, EVALUATE_AS_STRING
},
},
text_transformations: [ # required
{
priority: 1, # required
type: "NONE", # required, accepts NONE, COMPRESS_WHITE_SPACE, HTML_ENTITY_DECODE, LOWERCASE, CMD_LINE, URL_DECODE
},
],
positional_constraint: "EXACTLY", # required, accepts EXACTLY, STARTS_WITH, ENDS_WITH, CONTAINS, CONTAINS_WORD
},
sqli_match_statement: {
field_to_match: { # required
single_header: {
name: "FieldToMatchData", # required
},
single_query_argument: {
name: "FieldToMatchData", # required
},
all_query_arguments: {
},
uri_path: {
},
query_string: {
},
body: {
},
method: {
},
json_body: {
match_pattern: { # required
all: {
},
included_paths: ["JsonPointerPath"],
},
match_scope: "ALL", # required, accepts ALL, KEY, VALUE
invalid_fallback_behavior: "MATCH", # accepts MATCH, NO_MATCH, EVALUATE_AS_STRING
},
},
text_transformations: [ # required
{
priority: 1, # required
type: "NONE", # required, accepts NONE, COMPRESS_WHITE_SPACE, HTML_ENTITY_DECODE, LOWERCASE, CMD_LINE, URL_DECODE
},
],
},
xss_match_statement: {
field_to_match: { # required
single_header: {
name: "FieldToMatchData", # required
},
single_query_argument: {
name: "FieldToMatchData", # required
},
all_query_arguments: {
},
uri_path: {
},
query_string: {
},
body: {
},
method: {
},
json_body: {
match_pattern: { # required
all: {
},
included_paths: ["JsonPointerPath"],
},
match_scope: "ALL", # required, accepts ALL, KEY, VALUE
invalid_fallback_behavior: "MATCH", # accepts MATCH, NO_MATCH, EVALUATE_AS_STRING
},
},
text_transformations: [ # required
{
priority: 1, # required
type: "NONE", # required, accepts NONE, COMPRESS_WHITE_SPACE, HTML_ENTITY_DECODE, LOWERCASE, CMD_LINE, URL_DECODE
},
],
},
size_constraint_statement: {
field_to_match: { # required
single_header: {
name: "FieldToMatchData", # required
},
single_query_argument: {
name: "FieldToMatchData", # required
},
all_query_arguments: {
},
uri_path: {
},
query_string: {
},
body: {
},
method: {
},
json_body: {
match_pattern: { # required
all: {
},
included_paths: ["JsonPointerPath"],
},
match_scope: "ALL", # required, accepts ALL, KEY, VALUE
invalid_fallback_behavior: "MATCH", # accepts MATCH, NO_MATCH, EVALUATE_AS_STRING
},
},
comparison_operator: "EQ", # required, accepts EQ, NE, LE, LT, GE, GT
size: 1, # required
text_transformations: [ # required
{
priority: 1, # required
type: "NONE", # required, accepts NONE, COMPRESS_WHITE_SPACE, HTML_ENTITY_DECODE, LOWERCASE, CMD_LINE, URL_DECODE
},
],
},
geo_match_statement: {
country_codes: ["AF"], # accepts AF, AX, AL, DZ, AS, AD, AO, AI, AQ, AG, AR, AM, AW, AU, AT, AZ, BS, BH, BD, BB, BY, BE, BZ, BJ, BM, BT, BO, BQ, BA, BW, BV, BR, IO, BN, BG, BF, BI, KH, CM, CA, CV, KY, CF, TD, CL, CN, CX, CC, CO, KM, CG, CD, CK, CR, CI, HR, CU, CW, CY, CZ, DK, DJ, DM, DO, EC, EG, SV, GQ, ER, EE, ET, FK, FO, FJ, FI, FR, GF, PF, TF, GA, GM, GE, DE, GH, GI, GR, GL, GD, GP, GU, GT, GG, GN, GW, GY, HT, HM, VA, HN, HK, HU, IS, IN, ID, IR, IQ, IE, IM, IL, IT, JM, JP, JE, JO, KZ, KE, KI, KP, KR, KW, KG, LA, LV, LB, LS, LR, LY, LI, LT, LU, MO, MK, MG, MW, MY, MV, ML, MT, MH, MQ, MR, MU, YT, MX, FM, MD, MC, MN, ME, MS, MA, MZ, MM, NA, NR, NP, NL, NC, NZ, NI, NE, NG, NU, NF, MP, NO, OM, PK, PW, PS, PA, PG, PY, PE, PH, PN, PL, PT, PR, QA, RE, RO, RU, RW, BL, SH, KN, LC, MF, PM, VC, WS, SM, ST, SA, SN, RS, SC, SL, SG, SX, SK, SI, SB, SO, ZA, GS, SS, ES, LK, SD, SR, SJ, SZ, SE, CH, SY, TW, TJ, TZ, TH, TL, TG, TK, TO, TT, TN, TR, TM, TC, TV, UG, UA, AE, GB, US, UM, UY, UZ, VU, VE, VN, VG, VI, WF, EH, YE, ZM, ZW
forwarded_ip_config: {
header_name: "ForwardedIPHeaderName", # required
fallback_behavior: "MATCH", # required, accepts MATCH, NO_MATCH
},
},
rule_group_reference_statement: {
arn: "ResourceArn", # required
excluded_rules: [
{
name: "EntityName", # required
},
],
},
ip_set_reference_statement: {
arn: "ResourceArn", # required
ip_set_forwarded_ip_config: {
header_name: "ForwardedIPHeaderName", # required
fallback_behavior: "MATCH", # required, accepts MATCH, NO_MATCH
position: "FIRST", # required, accepts FIRST, LAST, ANY
},
},
regex_pattern_set_reference_statement: {
arn: "ResourceArn", # required
field_to_match: { # required
single_header: {
name: "FieldToMatchData", # required
},
single_query_argument: {
name: "FieldToMatchData", # required
},
all_query_arguments: {
},
uri_path: {
},
query_string: {
},
body: {
},
method: {
},
json_body: {
match_pattern: { # required
all: {
},
included_paths: ["JsonPointerPath"],
},
match_scope: "ALL", # required, accepts ALL, KEY, VALUE
invalid_fallback_behavior: "MATCH", # accepts MATCH, NO_MATCH, EVALUATE_AS_STRING
},
},
text_transformations: [ # required
{
priority: 1, # required
type: "NONE", # required, accepts NONE, COMPRESS_WHITE_SPACE, HTML_ENTITY_DECODE, LOWERCASE, CMD_LINE, URL_DECODE
},
],
},
rate_based_statement: {
limit: 1, # required
aggregate_key_type: "IP", # required, accepts IP, FORWARDED_IP
scope_down_statement: {
# recursive Statement
},
forwarded_ip_config: {
header_name: "ForwardedIPHeaderName", # required
fallback_behavior: "MATCH", # required, accepts MATCH, NO_MATCH
},
},
and_statement: {
statements: [ # required
{
# recursive Statement
},
],
},
or_statement: {
statements: [ # required
{
# recursive Statement
},
],
},
not_statement: {
statement: { # required
# recursive Statement
},
},
managed_rule_group_statement: {
vendor_name: "VendorName", # required
name: "EntityName", # required
excluded_rules: [
{
name: "EntityName", # required
},
],
},
},
action: {
block: {
},
allow: {
},
count: {
},
},
override_action: {
count: {
},
none: {
},
},
visibility_config: { # required
sampled_requests_enabled: false, # required
cloud_watch_metrics_enabled: false, # required
metric_name: "MetricName", # required
},
}
A single rule, which you can use in a WebACL or RuleGroup to identify web requests that you want to allow, block, or count. Each rule includes one top-level Statement that AWS WAF uses to identify matching web requests, and parameters that govern how AWS WAF handles them.
Constant Summary collapse
- SENSITIVE =
[]
Instance Attribute Summary collapse
-
#action ⇒ Types::RuleAction
The action that AWS WAF should take on a web request when it matches the rule statement.
-
#name ⇒ String
The name of the rule.
-
#override_action ⇒ Types::OverrideAction
The override action to apply to the rules in a rule group.
-
#priority ⇒ Integer
If you define more than one
Rule
in aWebACL
, AWS WAF evaluates each request against theRules
in order based on the value ofPriority
. -
#statement ⇒ Types::Statement
The AWS WAF processing statement for the rule, for example ByteMatchStatement or SizeConstraintStatement.
-
#visibility_config ⇒ Types::VisibilityConfig
Defines and enables Amazon CloudWatch metrics and web request sample collection.
Instance Attribute Details
#action ⇒ Types::RuleAction
The action that AWS WAF should take on a web request when it matches the rule statement. Settings at the web ACL level can override the rule action setting.
This is used only for rules whose statements do not reference a rule
group. Rule statements that reference a rule group include
RuleGroupReferenceStatement
and ManagedRuleGroupStatement
.
You must specify either this Action
setting or the rule
OverrideAction
setting, but not both:
If the rule statement does not reference a rule group, use this rule action setting and not the rule override action setting.
If the rule statement references a rule group, use the override action setting and not this action setting.
5918 5919 5920 5921 5922 5923 5924 5925 5926 5927 |
# File 'gems/aws-sdk-wafv2/lib/aws-sdk-wafv2/types.rb', line 5918 class Rule < Struct.new( :name, :priority, :statement, :action, :override_action, :visibility_config) SENSITIVE = [] include Aws::Structure end |
#name ⇒ String
The name of the rule. You can't change the name of a Rule
after
you create it.
5918 5919 5920 5921 5922 5923 5924 5925 5926 5927 |
# File 'gems/aws-sdk-wafv2/lib/aws-sdk-wafv2/types.rb', line 5918 class Rule < Struct.new( :name, :priority, :statement, :action, :override_action, :visibility_config) SENSITIVE = [] include Aws::Structure end |
#override_action ⇒ Types::OverrideAction
The override action to apply to the rules in a rule group. Used only
for rule statements that reference a rule group, like
RuleGroupReferenceStatement
and ManagedRuleGroupStatement
.
Set the override action to none to leave the rule actions in effect. Set it to count to only count matches, regardless of the rule action settings.
In a Rule, you must specify either this OverrideAction
setting or
the rule Action
setting, but not both:
If the rule statement references a rule group, use this override action setting and not the action setting.
If the rule statement does not reference a rule group, use the rule action setting and not this rule override action setting.
5918 5919 5920 5921 5922 5923 5924 5925 5926 5927 |
# File 'gems/aws-sdk-wafv2/lib/aws-sdk-wafv2/types.rb', line 5918 class Rule < Struct.new( :name, :priority, :statement, :action, :override_action, :visibility_config) SENSITIVE = [] include Aws::Structure end |
#priority ⇒ Integer
If you define more than one Rule
in a WebACL
, AWS WAF evaluates
each request against the Rules
in order based on the value of
Priority
. AWS WAF processes rules with lower priority first. The
priorities don't need to be consecutive, but they must all be
different.
5918 5919 5920 5921 5922 5923 5924 5925 5926 5927 |
# File 'gems/aws-sdk-wafv2/lib/aws-sdk-wafv2/types.rb', line 5918 class Rule < Struct.new( :name, :priority, :statement, :action, :override_action, :visibility_config) SENSITIVE = [] include Aws::Structure end |
#statement ⇒ Types::Statement
The AWS WAF processing statement for the rule, for example ByteMatchStatement or SizeConstraintStatement.
5918 5919 5920 5921 5922 5923 5924 5925 5926 5927 |
# File 'gems/aws-sdk-wafv2/lib/aws-sdk-wafv2/types.rb', line 5918 class Rule < Struct.new( :name, :priority, :statement, :action, :override_action, :visibility_config) SENSITIVE = [] include Aws::Structure end |
#visibility_config ⇒ Types::VisibilityConfig
Defines and enables Amazon CloudWatch metrics and web request sample collection.
5918 5919 5920 5921 5922 5923 5924 5925 5926 5927 |
# File 'gems/aws-sdk-wafv2/lib/aws-sdk-wafv2/types.rb', line 5918 class Rule < Struct.new( :name, :priority, :statement, :action, :override_action, :visibility_config) SENSITIVE = [] include Aws::Structure end |