Class CfnWebACL.ManagedRuleGroupStatementProperty
A rule statement used to run the rules that are defined in a managed rule group.
Inheritance
Implements
Namespace: Amazon.CDK.AWS.WAFv2
Assembly: Amazon.CDK.AWS.WAFv2.dll
Syntax (csharp)
public class ManagedRuleGroupStatementProperty : Object, CfnWebACL.IManagedRuleGroupStatementProperty
Syntax (vb)
Public Class ManagedRuleGroupStatementProperty
Inherits Object
Implements CfnWebACL.IManagedRuleGroupStatementProperty
Remarks
To use this, provide the vendor name and the name of the rule group in this statement.
You cannot nest a ManagedRuleGroupStatement
, for example for use inside a NotStatement
or OrStatement
. It can only be referenced as a top-level statement within a rule.
ExampleMetadata: fixture=_generated
Examples
// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
using Amazon.CDK.AWS.WAFv2;
var all;
var allQueryArguments;
var method;
var queryString;
var singleHeader;
var singleQueryArgument;
StatementProperty statementProperty_;
var uriPath;
var managedRuleGroupStatementProperty = new ManagedRuleGroupStatementProperty {
Name = "name",
VendorName = "vendorName",
// the properties below are optional
ExcludedRules = new [] { new ExcludedRuleProperty {
Name = "name"
} },
ManagedRuleGroupConfigs = new [] { new ManagedRuleGroupConfigProperty {
AwsManagedRulesAtpRuleSet = new AWSManagedRulesATPRuleSetProperty {
LoginPath = "loginPath",
// the properties below are optional
RequestInspection = new RequestInspectionProperty {
PasswordField = new FieldIdentifierProperty {
Identifier = "identifier"
},
PayloadType = "payloadType",
UsernameField = new FieldIdentifierProperty {
Identifier = "identifier"
}
},
ResponseInspection = new ResponseInspectionProperty {
BodyContains = new ResponseInspectionBodyContainsProperty {
FailureStrings = new [] { "failureStrings" },
SuccessStrings = new [] { "successStrings" }
},
Header = new ResponseInspectionHeaderProperty {
FailureValues = new [] { "failureValues" },
Name = "name",
SuccessValues = new [] { "successValues" }
},
Json = new ResponseInspectionJsonProperty {
FailureValues = new [] { "failureValues" },
Identifier = "identifier",
SuccessValues = new [] { "successValues" }
},
StatusCode = new ResponseInspectionStatusCodeProperty {
FailureCodes = new [] { 123 },
SuccessCodes = new [] { 123 }
}
}
},
AwsManagedRulesBotControlRuleSet = new AWSManagedRulesBotControlRuleSetProperty {
InspectionLevel = "inspectionLevel"
},
LoginPath = "loginPath",
PasswordField = new FieldIdentifierProperty {
Identifier = "identifier"
},
PayloadType = "payloadType",
UsernameField = new FieldIdentifierProperty {
Identifier = "identifier"
}
} },
RuleActionOverrides = new [] { new RuleActionOverrideProperty {
ActionToUse = new RuleActionProperty {
Allow = new AllowActionProperty {
CustomRequestHandling = new CustomRequestHandlingProperty {
InsertHeaders = new [] { new CustomHTTPHeaderProperty {
Name = "name",
Value = "value"
} }
}
},
Block = new BlockActionProperty {
CustomResponse = new CustomResponseProperty {
ResponseCode = 123,
// the properties below are optional
CustomResponseBodyKey = "customResponseBodyKey",
ResponseHeaders = new [] { new CustomHTTPHeaderProperty {
Name = "name",
Value = "value"
} }
}
},
Captcha = new CaptchaActionProperty {
CustomRequestHandling = new CustomRequestHandlingProperty {
InsertHeaders = new [] { new CustomHTTPHeaderProperty {
Name = "name",
Value = "value"
} }
}
},
Challenge = new ChallengeActionProperty {
CustomRequestHandling = new CustomRequestHandlingProperty {
InsertHeaders = new [] { new CustomHTTPHeaderProperty {
Name = "name",
Value = "value"
} }
}
},
Count = new CountActionProperty {
CustomRequestHandling = new CustomRequestHandlingProperty {
InsertHeaders = new [] { new CustomHTTPHeaderProperty {
Name = "name",
Value = "value"
} }
}
}
},
Name = "name"
} },
ScopeDownStatement = new StatementProperty {
AndStatement = new AndStatementProperty {
Statements = new [] { statementProperty_ }
},
ByteMatchStatement = new ByteMatchStatementProperty {
FieldToMatch = new FieldToMatchProperty {
AllQueryArguments = allQueryArguments,
Body = new BodyProperty {
OversizeHandling = "oversizeHandling"
},
Cookies = new CookiesProperty {
MatchPattern = new CookieMatchPatternProperty {
All = all,
ExcludedCookies = new [] { "excludedCookies" },
IncludedCookies = new [] { "includedCookies" }
},
MatchScope = "matchScope",
OversizeHandling = "oversizeHandling"
},
Headers = new HeadersProperty {
MatchPattern = new HeaderMatchPatternProperty {
All = all,
ExcludedHeaders = new [] { "excludedHeaders" },
IncludedHeaders = new [] { "includedHeaders" }
},
MatchScope = "matchScope",
OversizeHandling = "oversizeHandling"
},
JsonBody = new JsonBodyProperty {
MatchPattern = new JsonMatchPatternProperty {
All = all,
IncludedPaths = new [] { "includedPaths" }
},
MatchScope = "matchScope",
// the properties below are optional
InvalidFallbackBehavior = "invalidFallbackBehavior",
OversizeHandling = "oversizeHandling"
},
Method = method,
QueryString = queryString,
SingleHeader = singleHeader,
SingleQueryArgument = singleQueryArgument,
UriPath = uriPath
},
PositionalConstraint = "positionalConstraint",
TextTransformations = new [] { new TextTransformationProperty {
Priority = 123,
Type = "type"
} },
// the properties below are optional
SearchString = "searchString",
SearchStringBase64 = "searchStringBase64"
},
GeoMatchStatement = new GeoMatchStatementProperty {
CountryCodes = new [] { "countryCodes" },
ForwardedIpConfig = new ForwardedIPConfigurationProperty {
FallbackBehavior = "fallbackBehavior",
HeaderName = "headerName"
}
},
IpSetReferenceStatement = new Dictionary<string, object> {
{ "arn", "arn" },
// the properties below are optional
{ "ipSetForwardedIpConfig", new Dictionary<string, string> {
{ "fallbackBehavior", "fallbackBehavior" },
{ "headerName", "headerName" },
{ "position", "position" }
} }
},
LabelMatchStatement = new LabelMatchStatementProperty {
Key = "key",
Scope = "scope"
},
ManagedRuleGroupStatement = new ManagedRuleGroupStatementProperty {
Name = "name",
VendorName = "vendorName",
// the properties below are optional
ExcludedRules = new [] { new ExcludedRuleProperty {
Name = "name"
} },
ManagedRuleGroupConfigs = new [] { new ManagedRuleGroupConfigProperty {
AwsManagedRulesAtpRuleSet = new AWSManagedRulesATPRuleSetProperty {
LoginPath = "loginPath",
// the properties below are optional
RequestInspection = new RequestInspectionProperty {
PasswordField = new FieldIdentifierProperty {
Identifier = "identifier"
},
PayloadType = "payloadType",
UsernameField = new FieldIdentifierProperty {
Identifier = "identifier"
}
},
ResponseInspection = new ResponseInspectionProperty {
BodyContains = new ResponseInspectionBodyContainsProperty {
FailureStrings = new [] { "failureStrings" },
SuccessStrings = new [] { "successStrings" }
},
Header = new ResponseInspectionHeaderProperty {
FailureValues = new [] { "failureValues" },
Name = "name",
SuccessValues = new [] { "successValues" }
},
Json = new ResponseInspectionJsonProperty {
FailureValues = new [] { "failureValues" },
Identifier = "identifier",
SuccessValues = new [] { "successValues" }
},
StatusCode = new ResponseInspectionStatusCodeProperty {
FailureCodes = new [] { 123 },
SuccessCodes = new [] { 123 }
}
}
},
AwsManagedRulesBotControlRuleSet = new AWSManagedRulesBotControlRuleSetProperty {
InspectionLevel = "inspectionLevel"
},
LoginPath = "loginPath",
PasswordField = new FieldIdentifierProperty {
Identifier = "identifier"
},
PayloadType = "payloadType",
UsernameField = new FieldIdentifierProperty {
Identifier = "identifier"
}
} },
RuleActionOverrides = new [] { new RuleActionOverrideProperty {
ActionToUse = new RuleActionProperty {
Allow = new AllowActionProperty {
CustomRequestHandling = new CustomRequestHandlingProperty {
InsertHeaders = new [] { new CustomHTTPHeaderProperty {
Name = "name",
Value = "value"
} }
}
},
Block = new BlockActionProperty {
CustomResponse = new CustomResponseProperty {
ResponseCode = 123,
// the properties below are optional
CustomResponseBodyKey = "customResponseBodyKey",
ResponseHeaders = new [] { new CustomHTTPHeaderProperty {
Name = "name",
Value = "value"
} }
}
},
Captcha = new CaptchaActionProperty {
CustomRequestHandling = new CustomRequestHandlingProperty {
InsertHeaders = new [] { new CustomHTTPHeaderProperty {
Name = "name",
Value = "value"
} }
}
},
Challenge = new ChallengeActionProperty {
CustomRequestHandling = new CustomRequestHandlingProperty {
InsertHeaders = new [] { new CustomHTTPHeaderProperty {
Name = "name",
Value = "value"
} }
}
},
Count = new CountActionProperty {
CustomRequestHandling = new CustomRequestHandlingProperty {
InsertHeaders = new [] { new CustomHTTPHeaderProperty {
Name = "name",
Value = "value"
} }
}
}
},
Name = "name"
} },
ScopeDownStatement = statementProperty_,
Version = "version"
},
NotStatement = new NotStatementProperty {
Statement = statementProperty_
},
OrStatement = new OrStatementProperty {
Statements = new [] { statementProperty_ }
},
RateBasedStatement = new RateBasedStatementProperty {
AggregateKeyType = "aggregateKeyType",
Limit = 123,
// the properties below are optional
ForwardedIpConfig = new ForwardedIPConfigurationProperty {
FallbackBehavior = "fallbackBehavior",
HeaderName = "headerName"
},
ScopeDownStatement = statementProperty_
},
RegexMatchStatement = new RegexMatchStatementProperty {
FieldToMatch = new FieldToMatchProperty {
AllQueryArguments = allQueryArguments,
Body = new BodyProperty {
OversizeHandling = "oversizeHandling"
},
Cookies = new CookiesProperty {
MatchPattern = new CookieMatchPatternProperty {
All = all,
ExcludedCookies = new [] { "excludedCookies" },
IncludedCookies = new [] { "includedCookies" }
},
MatchScope = "matchScope",
OversizeHandling = "oversizeHandling"
},
Headers = new HeadersProperty {
MatchPattern = new HeaderMatchPatternProperty {
All = all,
ExcludedHeaders = new [] { "excludedHeaders" },
IncludedHeaders = new [] { "includedHeaders" }
},
MatchScope = "matchScope",
OversizeHandling = "oversizeHandling"
},
JsonBody = new JsonBodyProperty {
MatchPattern = new JsonMatchPatternProperty {
All = all,
IncludedPaths = new [] { "includedPaths" }
},
MatchScope = "matchScope",
// the properties below are optional
InvalidFallbackBehavior = "invalidFallbackBehavior",
OversizeHandling = "oversizeHandling"
},
Method = method,
QueryString = queryString,
SingleHeader = singleHeader,
SingleQueryArgument = singleQueryArgument,
UriPath = uriPath
},
RegexString = "regexString",
TextTransformations = new [] { new TextTransformationProperty {
Priority = 123,
Type = "type"
} }
},
RegexPatternSetReferenceStatement = new RegexPatternSetReferenceStatementProperty {
Arn = "arn",
FieldToMatch = new FieldToMatchProperty {
AllQueryArguments = allQueryArguments,
Body = new BodyProperty {
OversizeHandling = "oversizeHandling"
},
Cookies = new CookiesProperty {
MatchPattern = new CookieMatchPatternProperty {
All = all,
ExcludedCookies = new [] { "excludedCookies" },
IncludedCookies = new [] { "includedCookies" }
},
MatchScope = "matchScope",
OversizeHandling = "oversizeHandling"
},
Headers = new HeadersProperty {
MatchPattern = new HeaderMatchPatternProperty {
All = all,
ExcludedHeaders = new [] { "excludedHeaders" },
IncludedHeaders = new [] { "includedHeaders" }
},
MatchScope = "matchScope",
OversizeHandling = "oversizeHandling"
},
JsonBody = new JsonBodyProperty {
MatchPattern = new JsonMatchPatternProperty {
All = all,
IncludedPaths = new [] { "includedPaths" }
},
MatchScope = "matchScope",
// the properties below are optional
InvalidFallbackBehavior = "invalidFallbackBehavior",
OversizeHandling = "oversizeHandling"
},
Method = method,
QueryString = queryString,
SingleHeader = singleHeader,
SingleQueryArgument = singleQueryArgument,
UriPath = uriPath
},
TextTransformations = new [] { new TextTransformationProperty {
Priority = 123,
Type = "type"
} }
},
RuleGroupReferenceStatement = new RuleGroupReferenceStatementProperty {
Arn = "arn",
// the properties below are optional
ExcludedRules = new [] { new ExcludedRuleProperty {
Name = "name"
} },
RuleActionOverrides = new [] { new RuleActionOverrideProperty {
ActionToUse = new RuleActionProperty {
Allow = new AllowActionProperty {
CustomRequestHandling = new CustomRequestHandlingProperty {
InsertHeaders = new [] { new CustomHTTPHeaderProperty {
Name = "name",
Value = "value"
} }
}
},
Block = new BlockActionProperty {
CustomResponse = new CustomResponseProperty {
ResponseCode = 123,
// the properties below are optional
CustomResponseBodyKey = "customResponseBodyKey",
ResponseHeaders = new [] { new CustomHTTPHeaderProperty {
Name = "name",
Value = "value"
} }
}
},
Captcha = new CaptchaActionProperty {
CustomRequestHandling = new CustomRequestHandlingProperty {
InsertHeaders = new [] { new CustomHTTPHeaderProperty {
Name = "name",
Value = "value"
} }
}
},
Challenge = new ChallengeActionProperty {
CustomRequestHandling = new CustomRequestHandlingProperty {
InsertHeaders = new [] { new CustomHTTPHeaderProperty {
Name = "name",
Value = "value"
} }
}
},
Count = new CountActionProperty {
CustomRequestHandling = new CustomRequestHandlingProperty {
InsertHeaders = new [] { new CustomHTTPHeaderProperty {
Name = "name",
Value = "value"
} }
}
}
},
Name = "name"
} }
},
SizeConstraintStatement = new SizeConstraintStatementProperty {
ComparisonOperator = "comparisonOperator",
FieldToMatch = new FieldToMatchProperty {
AllQueryArguments = allQueryArguments,
Body = new BodyProperty {
OversizeHandling = "oversizeHandling"
},
Cookies = new CookiesProperty {
MatchPattern = new CookieMatchPatternProperty {
All = all,
ExcludedCookies = new [] { "excludedCookies" },
IncludedCookies = new [] { "includedCookies" }
},
MatchScope = "matchScope",
OversizeHandling = "oversizeHandling"
},
Headers = new HeadersProperty {
MatchPattern = new HeaderMatchPatternProperty {
All = all,
ExcludedHeaders = new [] { "excludedHeaders" },
IncludedHeaders = new [] { "includedHeaders" }
},
MatchScope = "matchScope",
OversizeHandling = "oversizeHandling"
},
JsonBody = new JsonBodyProperty {
MatchPattern = new JsonMatchPatternProperty {
All = all,
IncludedPaths = new [] { "includedPaths" }
},
MatchScope = "matchScope",
// the properties below are optional
InvalidFallbackBehavior = "invalidFallbackBehavior",
OversizeHandling = "oversizeHandling"
},
Method = method,
QueryString = queryString,
SingleHeader = singleHeader,
SingleQueryArgument = singleQueryArgument,
UriPath = uriPath
},
Size = 123,
TextTransformations = new [] { new TextTransformationProperty {
Priority = 123,
Type = "type"
} }
},
SqliMatchStatement = new SqliMatchStatementProperty {
FieldToMatch = new FieldToMatchProperty {
AllQueryArguments = allQueryArguments,
Body = new BodyProperty {
OversizeHandling = "oversizeHandling"
},
Cookies = new CookiesProperty {
MatchPattern = new CookieMatchPatternProperty {
All = all,
ExcludedCookies = new [] { "excludedCookies" },
IncludedCookies = new [] { "includedCookies" }
},
MatchScope = "matchScope",
OversizeHandling = "oversizeHandling"
},
Headers = new HeadersProperty {
MatchPattern = new HeaderMatchPatternProperty {
All = all,
ExcludedHeaders = new [] { "excludedHeaders" },
IncludedHeaders = new [] { "includedHeaders" }
},
MatchScope = "matchScope",
OversizeHandling = "oversizeHandling"
},
JsonBody = new JsonBodyProperty {
MatchPattern = new JsonMatchPatternProperty {
All = all,
IncludedPaths = new [] { "includedPaths" }
},
MatchScope = "matchScope",
// the properties below are optional
InvalidFallbackBehavior = "invalidFallbackBehavior",
OversizeHandling = "oversizeHandling"
},
Method = method,
QueryString = queryString,
SingleHeader = singleHeader,
SingleQueryArgument = singleQueryArgument,
UriPath = uriPath
},
TextTransformations = new [] { new TextTransformationProperty {
Priority = 123,
Type = "type"
} },
// the properties below are optional
SensitivityLevel = "sensitivityLevel"
},
XssMatchStatement = new XssMatchStatementProperty {
FieldToMatch = new FieldToMatchProperty {
AllQueryArguments = allQueryArguments,
Body = new BodyProperty {
OversizeHandling = "oversizeHandling"
},
Cookies = new CookiesProperty {
MatchPattern = new CookieMatchPatternProperty {
All = all,
ExcludedCookies = new [] { "excludedCookies" },
IncludedCookies = new [] { "includedCookies" }
},
MatchScope = "matchScope",
OversizeHandling = "oversizeHandling"
},
Headers = new HeadersProperty {
MatchPattern = new HeaderMatchPatternProperty {
All = all,
ExcludedHeaders = new [] { "excludedHeaders" },
IncludedHeaders = new [] { "includedHeaders" }
},
MatchScope = "matchScope",
OversizeHandling = "oversizeHandling"
},
JsonBody = new JsonBodyProperty {
MatchPattern = new JsonMatchPatternProperty {
All = all,
IncludedPaths = new [] { "includedPaths" }
},
MatchScope = "matchScope",
// the properties below are optional
InvalidFallbackBehavior = "invalidFallbackBehavior",
OversizeHandling = "oversizeHandling"
},
Method = method,
QueryString = queryString,
SingleHeader = singleHeader,
SingleQueryArgument = singleQueryArgument,
UriPath = uriPath
},
TextTransformations = new [] { new TextTransformationProperty {
Priority = 123,
Type = "type"
} }
}
},
Version = "version"
};
Synopsis
Constructors
ManagedRuleGroupStatementProperty() |
Properties
ExcludedRules | Rules in the referenced rule group whose actions are set to |
ManagedRuleGroupConfigs | Additional information that's used by a managed rule group. Many managed rule groups don't require this. |
Name | The name of the managed rule group. |
RuleActionOverrides | Action settings to use in the place of the rule actions that are configured inside the rule group. |
ScopeDownStatement | An optional nested statement that narrows the scope of the web requests that are evaluated by the managed rule group. |
VendorName | The name of the managed rule group vendor. |
Version | The version of the managed rule group to use. |
Constructors
ManagedRuleGroupStatementProperty()
public ManagedRuleGroupStatementProperty()
Properties
ExcludedRules
Rules in the referenced rule group whose actions are set to Count
.
public object ExcludedRules { get; set; }
Property Value
System.Object
Remarks
Instead of this option, use RuleActionOverrides
. It accepts any valid action setting, including Count
.
ManagedRuleGroupConfigs
Additional information that's used by a managed rule group. Many managed rule groups don't require this.
public object ManagedRuleGroupConfigs { get; set; }
Property Value
System.Object
Remarks
The rule groups used for intelligent threat mitigation require additional configuration:
Name
The name of the managed rule group.
public string Name { get; set; }
Property Value
System.String
Remarks
You use this, along with the vendor name, to identify the rule group.
RuleActionOverrides
Action settings to use in the place of the rule actions that are configured inside the rule group.
public object RuleActionOverrides { get; set; }
Property Value
System.Object
Remarks
You specify one override for each rule whose action you want to change.
You can use overrides for testing, for example you can override all of rule actions to Count
and then monitor the resulting count metrics to understand how the rule group would handle your web traffic. You can also permanently override some or all actions, to modify how the rule group manages your web traffic.
ScopeDownStatement
An optional nested statement that narrows the scope of the web requests that are evaluated by the managed rule group.
public object ScopeDownStatement { get; set; }
Property Value
System.Object
Remarks
Requests are only evaluated by the rule group if they match the scope-down statement. You can use any nestable Statement
in the scope-down statement, and you can nest statements at any level, the same as you can for a rule statement.
VendorName
The name of the managed rule group vendor.
public string VendorName { get; set; }
Property Value
System.String
Remarks
You use this, along with the rule group name, to identify a rule group.
Version
The version of the managed rule group to use.
public string Version { get; set; }
Property Value
System.String
Remarks
If you specify this, the version setting is fixed until you change it. If you don't specify this, AWS WAF uses the vendor's default version, and then keeps the version at the vendor's default when the vendor updates the managed rule group settings.