Class CfnWebACL.ManagedRuleGroupConfigProperty
Additional information that's used by a managed rule group. Many managed rule groups don't require this.
Inheritance
Implements
Namespace: Amazon.CDK.AWS.WAFv2
Assembly: Amazon.CDK.Lib.dll
Syntax (csharp)
public class ManagedRuleGroupConfigProperty : Object, CfnWebACL.IManagedRuleGroupConfigProperty
Syntax (vb)
Public Class ManagedRuleGroupConfigProperty
Inherits Object
Implements CfnWebACL.IManagedRuleGroupConfigProperty
Remarks
The rule groups used for intelligent threat mitigation require additional configuration:
ExampleMetadata: fixture=_generated
Examples
// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
using Amazon.CDK.AWS.WAFv2;
var managedRuleGroupConfigProperty = new ManagedRuleGroupConfigProperty {
AwsManagedRulesAcfpRuleSet = new AWSManagedRulesACFPRuleSetProperty {
CreationPath = "creationPath",
RegistrationPagePath = "registrationPagePath",
RequestInspection = new RequestInspectionACFPProperty {
PayloadType = "payloadType",
// the properties below are optional
AddressFields = new [] { new FieldIdentifierProperty {
Identifier = "identifier"
} },
EmailField = new FieldIdentifierProperty {
Identifier = "identifier"
},
PasswordField = new FieldIdentifierProperty {
Identifier = "identifier"
},
PhoneNumberFields = new [] { new FieldIdentifierProperty {
Identifier = "identifier"
} },
UsernameField = new FieldIdentifierProperty {
Identifier = "identifier"
}
},
// the properties below are optional
EnableRegexInPath = false,
ResponseInspection = new ResponseInspectionProperty {
BodyContains = new ResponseInspectionBodyContainsProperty {
FailureStrings = new [] { "failureStrings" },
SuccessStrings = new [] { "successStrings" }
},
Header = new ResponseInspectionHeaderProperty {
FailureValues = new [] { "failureValues" },
Name = "name",
SuccessValues = new [] { "successValues" }
},
Json = new ResponseInspectionJsonProperty {
FailureValues = new [] { "failureValues" },
Identifier = "identifier",
SuccessValues = new [] { "successValues" }
},
StatusCode = new ResponseInspectionStatusCodeProperty {
FailureCodes = new [] { 123 },
SuccessCodes = new [] { 123 }
}
}
},
AwsManagedRulesAtpRuleSet = new AWSManagedRulesATPRuleSetProperty {
LoginPath = "loginPath",
// the properties below are optional
EnableRegexInPath = false,
RequestInspection = new RequestInspectionProperty {
PasswordField = new FieldIdentifierProperty {
Identifier = "identifier"
},
PayloadType = "payloadType",
UsernameField = new FieldIdentifierProperty {
Identifier = "identifier"
}
},
ResponseInspection = new ResponseInspectionProperty {
BodyContains = new ResponseInspectionBodyContainsProperty {
FailureStrings = new [] { "failureStrings" },
SuccessStrings = new [] { "successStrings" }
},
Header = new ResponseInspectionHeaderProperty {
FailureValues = new [] { "failureValues" },
Name = "name",
SuccessValues = new [] { "successValues" }
},
Json = new ResponseInspectionJsonProperty {
FailureValues = new [] { "failureValues" },
Identifier = "identifier",
SuccessValues = new [] { "successValues" }
},
StatusCode = new ResponseInspectionStatusCodeProperty {
FailureCodes = new [] { 123 },
SuccessCodes = new [] { 123 }
}
}
},
AwsManagedRulesBotControlRuleSet = new AWSManagedRulesBotControlRuleSetProperty {
InspectionLevel = "inspectionLevel",
// the properties below are optional
EnableMachineLearning = false
},
LoginPath = "loginPath",
PasswordField = new FieldIdentifierProperty {
Identifier = "identifier"
},
PayloadType = "payloadType",
UsernameField = new FieldIdentifierProperty {
Identifier = "identifier"
}
};
Synopsis
Constructors
ManagedRuleGroupConfigProperty() |
Properties
AwsManagedRulesAcfpRuleSet | Additional configuration for using the account creation fraud prevention (ACFP) managed rule group, |
AwsManagedRulesAtpRuleSet | Additional configuration for using the account takeover prevention (ATP) managed rule group, |
AwsManagedRulesBotControlRuleSet | Additional configuration for using the Bot Control managed rule group. |
LoginPath | Instead of this setting, provide your configuration under |
PasswordField | Instead of this setting, provide your configuration under the request inspection configuration for |
PayloadType | Instead of this setting, provide your configuration under the request inspection configuration for |
UsernameField | Instead of this setting, provide your configuration under the request inspection configuration for |
Constructors
ManagedRuleGroupConfigProperty()
public ManagedRuleGroupConfigProperty()
Properties
AwsManagedRulesAcfpRuleSet
Additional configuration for using the account creation fraud prevention (ACFP) managed rule group, AWSManagedRulesACFPRuleSet
.
public object AwsManagedRulesAcfpRuleSet { get; set; }
Property Value
System.Object
Remarks
Use this to provide account creation request information to the rule group. For web ACLs that protect CloudFront distributions, use this to also provide the information about how your distribution responds to account creation requests.
For information about using the ACFP managed rule group, see AWS WAF Fraud Control account creation fraud prevention (ACFP) rule group and AWS WAF Fraud Control account creation fraud prevention (ACFP) in the AWS WAF Developer Guide .
AwsManagedRulesAtpRuleSet
Additional configuration for using the account takeover prevention (ATP) managed rule group, AWSManagedRulesATPRuleSet
.
public object AwsManagedRulesAtpRuleSet { get; set; }
Property Value
System.Object
Remarks
Use this to provide login request information to the rule group. For web ACLs that protect CloudFront distributions, use this to also provide the information about how your distribution responds to login requests.
This configuration replaces the individual configuration fields in ManagedRuleGroupConfig
and provides additional feature configuration.
For information about using the ATP managed rule group, see AWS WAF Fraud Control account takeover prevention (ATP) rule group and AWS WAF Fraud Control account takeover prevention (ATP) in the AWS WAF Developer Guide .
AwsManagedRulesBotControlRuleSet
Additional configuration for using the Bot Control managed rule group.
public object AwsManagedRulesBotControlRuleSet { get; set; }
Property Value
System.Object
Remarks
Use this to specify the inspection level that you want to use. For information about using the Bot Control managed rule group, see AWS WAF Bot Control rule group and AWS WAF Bot Control in the AWS WAF Developer Guide .
LoginPath
Instead of this setting, provide your configuration under
AWSManagedRulesATPRuleSet
.
public string LoginPath { get; set; }
Property Value
System.String
Remarks
PasswordField
Instead of this setting, provide your configuration under the request inspection configuration for
AWSManagedRulesATPRuleSet
orAWSManagedRulesACFPRuleSet
.
public object PasswordField { get; set; }
Property Value
System.Object
Remarks
PayloadType
Instead of this setting, provide your configuration under the request inspection configuration for
AWSManagedRulesATPRuleSet
orAWSManagedRulesACFPRuleSet
.
public string PayloadType { get; set; }
Property Value
System.String
Remarks
UsernameField
Instead of this setting, provide your configuration under the request inspection configuration for
AWSManagedRulesATPRuleSet
orAWSManagedRulesACFPRuleSet
.
public object UsernameField { get; set; }
Property Value
System.Object