AwsWafWebAclRule
Details for a rule in an Amazon WAF web ACL.
Contents
- Action
-
Specifies the action that CloudFront or Amazon WAF takes when a web request matches the conditions in the rule.
Type: WafAction object
Required: No
- ExcludedRules
-
Rules to exclude from a rule group.
Type: Array of WafExcludedRule objects
Required: No
- OverrideAction
-
Use the
OverrideAction
to test yourRuleGroup
.Any rule in a
RuleGroup
can potentially block a request. If you set theOverrideAction
toNone
, theRuleGroup
blocks a request if any individual rule in theRuleGroup
matches the request and is configured to block that request.However, if you first want to test the
RuleGroup
, set theOverrideAction
toCount
. TheRuleGroup
then overrides any block action specified by individual rules contained within the group. Instead of blocking matching requests, those requests are counted.ActivatedRule
|OverrideAction
applies only when updating or adding aRuleGroup
to a web ACL. In this case you don't useActivatedRule
Action
. For all other update requests,ActivatedRule
Action
is used instead ofActivatedRule
OverrideAction
.Type: WafOverrideAction object
Required: No
- Priority
-
Specifies the order in which the rules in a web ACL are evaluated. Rules with a lower value for
Priority
are evaluated before rules with a higher value. The value must be a unique integer. If you add multiple rules to a web ACL, the values don't need to be consecutive.Type: Integer
Required: No
- RuleId
-
The identifier for a rule.
Type: String
Pattern:
.*\S.*
Required: No
- Type
-
The rule type.
Valid values:
REGULAR
|RATE_BASED
|GROUP
The default is
REGULAR
.Type: String
Pattern:
.*\S.*
Required: No
See Also
For more information about using this API in one of the language-specific Amazon SDKs, see the following: