AwsWafWebAclRule
Details for a rule in an Amazon WAF web ACL.
Contents
- Action
-
Specifies the action that CloudFront or Amazon WAF takes when a web request matches the conditions in the rule.
Type: WafAction object
Required: No
- ExcludedRules
-
Rules to exclude from a rule group.
Type: Array of WafExcludedRule objects
Required: No
- OverrideAction
-
Use the
OverrideActionto test yourRuleGroup.Any rule in a
RuleGroupcan potentially block a request. If you set theOverrideActiontoNone, theRuleGroupblocks a request if any individual rule in theRuleGroupmatches the request and is configured to block that request.However, if you first want to test the
RuleGroup, set theOverrideActiontoCount. TheRuleGroupthen overrides any block action specified by individual rules contained within the group. Instead of blocking matching requests, those requests are counted.ActivatedRule|OverrideActionapplies only when updating or adding aRuleGroupto a web ACL. In this case you do not useActivatedRuleAction. For all other update requests,ActivatedRuleActionis used instead ofActivatedRuleOverrideAction.Type: WafOverrideAction object
Required: No
- Priority
-
Specifies the order in which the rules in a web ACL are evaluated. Rules with a lower value for
Priorityare evaluated before rules with a higher value. The value must be a unique integer. If you add multiple rules to a web ACL, the values do not need to be consecutive.Type: Integer
Required: No
- RuleId
-
The identifier for a rule.
Type: String
Pattern:
.*\S.*Required: No
- Type
-
The rule type.
Valid values:
REGULAR|RATE_BASED|GROUPThe default is
REGULAR.Type: String
Pattern:
.*\S.*Required: No
See Also
For more information about using this API in one of the language-specific Amazon SDKs, see the following: