FirewallManagerRuleGroup

A rule group that's defined for an AWS Firewall Manager WAF policy.

Contents

FirewallManagerStatement

The processing guidance for an AWS Firewall Manager rule. This is like a regular rule Statement, but it can only contain a rule group reference.

Type: FirewallManagerStatement object

Required: Yes

Name

The name of the rule group. You cannot change the name of a rule group after you create it.

Type: String

Length Constraints: Minimum length of 1. Maximum length of 128.

Pattern: ^[\w\-]+$

Required: Yes

OverrideAction

The override action to apply to the rules in a rule group. Used only for rule statements that reference a rule group, like RuleGroupReferenceStatement and ManagedRuleGroupStatement.

Set the override action to none to leave the rule actions in effect. Set it to count to only count matches, regardless of the rule action settings.

In a Rule, you must specify either this OverrideAction setting or the rule Action setting, but not both:

• If the rule statement references a rule group, use this override action setting and not the action setting.

• If the rule statement does not reference a rule group, use the rule action setting and not this rule override action setting.

Type: OverrideAction object

Required: Yes

Priority

If you define more than one rule group in the first or last Firewall Manager rule groups, AWS WAF evaluates each request against the rule groups in order, starting from the lowest priority setting. The priorities don't need to be consecutive, but they must all be different.

Type: Integer

Valid Range: Minimum value of 0.

Required: Yes

VisibilityConfig

Defines and enables Amazon CloudWatch metrics and web request sample collection.

Type: VisibilityConfig object

Required: Yes

See Also

For more information about using this API in one of the language-specific AWS SDKs, see the following:

• AWS SDK for C++

• AWS SDK for Go

• AWS SDK for Java V2

• AWS SDK for Ruby V3