FirewallManagerRuleGroup
A rule group that's defined for an AWS Firewall Manager WAF policy.
Contents
- FirewallManagerStatement
-
The processing guidance for an AWS Firewall Manager rule. This is like a regular rule Statement, but it can only contain a rule group reference.
Type: FirewallManagerStatement object
Required: Yes
- Name
-
The name of the rule group. You cannot change the name of a rule group after you create it.
Type: String
Length Constraints: Minimum length of 1. Maximum length of 128.
Pattern:
^[\w\-]+$
Required: Yes
- OverrideAction
-
The override action to apply to the rules in a rule group. Used only for rule statements that reference a rule group, like
RuleGroupReferenceStatement
andManagedRuleGroupStatement
.Set the override action to none to leave the rule actions in effect. Set it to count to only count matches, regardless of the rule action settings.
In a Rule, you must specify either this
OverrideAction
setting or the ruleAction
setting, but not both:-
If the rule statement references a rule group, use this override action setting and not the action setting.
-
If the rule statement does not reference a rule group, use the rule action setting and not this rule override action setting.
Type: OverrideAction object
Required: Yes
-
- Priority
-
If you define more than one rule group in the first or last Firewall Manager rule groups, AWS WAF evaluates each request against the rule groups in order, starting from the lowest priority setting. The priorities don't need to be consecutive, but they must all be different.
Type: Integer
Valid Range: Minimum value of 0.
Required: Yes
- VisibilityConfig
-
Defines and enables Amazon CloudWatch metrics and web request sample collection.
Type: VisibilityConfig object
Required: Yes
See Also
For more information about using this API in one of the language-specific AWS SDKs, see the following: