In a AWS::WAFv2::WebACL, this is the action that you want AWS WAF to perform
when a web request doesn't match any of the rules in the WebACL
. The default
action must be a terminating action.
Syntax
To declare this entity in your AWS CloudFormation template, use the following syntax:
JSON
{
"Allow" : AllowAction
,
"Block" : BlockAction
}
YAML
Allow:
AllowAction
Block:
BlockAction
Properties
Allow
-
Specifies that AWS WAF should allow requests by default.
Required: No
Type: AllowAction
Update requires: No interruption
Block
-
Specifies that AWS WAF should block requests by default.
Required: No
Type: BlockAction
Update requires: No interruption
Examples
Set a web ACL default action
The following shows an example web ACL default action specification that sets the default action to "Block".
YAML
DefaultAction:
Block: {}
JSON
"DefaultAction": {
"Block": {}
}
Set a customized web ACL default action
The following shows an example web ACL default action specification with customization.
YAML
DefaultAction:
Allow:
CustomRequestHandling:
InsertHeaders:
- Name: AllowActionHeader1Name
Value: AllowActionHeader1Value
- Name: AllowActionHeader2Name
Value: AllowActionHeader2Value
JSON
"DefaultAction": {
"Allow": {
"CustomRequestHandling": {
"InsertHeaders": [
{
"Name": "AllowActionHeader1Name",
"Value": "AllowActionHeader1Value"
},
{
"Name": "AllowActionHeader2Name",
"Value": "AllowActionHeader2Value"
}
]
}
}
}