AWS::WAFv2::WebACL DefaultAction - Amazon CloudFormation
SyntaxPropertiesExamples
Services or capabilities described in Amazon Web Services documentation might vary by Region. To see the differences applicable to the China Regions, see Getting Started with Amazon Web Services in China (PDF).

This is the new Amazon CloudFormation Template Reference Guide. Please update your bookmarks and links. For help getting started with CloudFormation, see the Amazon CloudFormation User Guide.

AWS::WAFv2::WebACL DefaultAction

In a AWS::WAFv2::WebACL, this is the action that you want Amazon WAF to perform when a web request doesn't match any of the rules in the WebACL. The default action must be a terminating action.

Syntax

To declare this entity in your Amazon CloudFormation template, use the following syntax:

Properties

Allow

Specifies that Amazon WAF should allow requests by default.

Required: No

Type: AllowAction

Update requires: No interruption

Block

Specifies that Amazon WAF should block requests by default.

Required: No

Type: BlockAction

Update requires: No interruption

Examples

Set a web ACL default action

The following shows an example web ACL default action specification that sets the default action to "Block".

YAML

DefaultAction:
    Block: {}

JSON

"DefaultAction": {
    "Block": {}
}

Set a customized web ACL default action

The following shows an example web ACL default action specification with customization.

YAML

DefaultAction:
  Allow:
    CustomRequestHandling:
      InsertHeaders:
        - Name: AllowActionHeader1Name
          Value: AllowActionHeader1Value
        - Name: AllowActionHeader2Name
          Value: AllowActionHeader2Value

JSON

"DefaultAction": {
  "Allow": {
    "CustomRequestHandling": {
      "InsertHeaders": [
        {
          "Name": "AllowActionHeader1Name",
          "Value": "AllowActionHeader1Value"
        },
        {
          "Name": "AllowActionHeader2Name",
          "Value": "AllowActionHeader2Value"
        }
      ]
    }
  }
}