You are viewing documentation for version 2 of the AWS SDK for Ruby. Version 3 documentation can be found here.
Class: Aws::SecurityHub::Types::AwsWafWebAclRule
- Inherits:
-
Struct
- Object
- Struct
- Aws::SecurityHub::Types::AwsWafWebAclRule
- Defined in:
- (unknown)
Overview
When passing AwsWafWebAclRule as input to an Aws::Client method, you can use a vanilla Hash:
{
action: {
type: "NonEmptyString",
},
excluded_rules: [
{
rule_id: "NonEmptyString",
},
],
override_action: {
type: "NonEmptyString",
},
priority: 1,
rule_id: "NonEmptyString",
type: "NonEmptyString",
}
Details for a rule in a WAF WebACL.
Instance Attribute Summary collapse
-
#action ⇒ Types::WafAction
Specifies the action that CloudFront or AWS WAF takes when a web request matches the conditions in the rule.
-
#excluded_rules ⇒ Array<Types::WafExcludedRule>
Rules to exclude from a rule group.
-
#override_action ⇒ Types::WafOverrideAction
Use the
OverrideAction
to test your RuleGroup. -
#priority ⇒ Integer
Specifies the order in which the rules in a WebACL are evaluated.
-
#rule_id ⇒ String
The identifier for a rule.
-
#type ⇒ String
The rule type.
Instance Attribute Details
#action ⇒ Types::WafAction
Specifies the action that CloudFront or AWS WAF takes when a web request matches the conditions in the rule.
#excluded_rules ⇒ Array<Types::WafExcludedRule>
Rules to exclude from a rule group.
#override_action ⇒ Types::WafOverrideAction
Use the OverrideAction
to test your RuleGroup.
Any rule in a RuleGroup can potentially block a request. If you set the
OverrideAction
to None
, the RuleGroup blocks a request if any
individual rule in the RuleGroup matches the request and is configured
to block that request.
However, if you first want to test the RuleGroup, set the
OverrideAction
to Count
. The RuleGroup then overrides any block
action specified by individual rules contained within the group. Instead
of blocking matching requests, those requests are counted.
ActivatedRule
|OverrideAction
applies only when updating or adding a
RuleGroup to a WebACL. In this case you do not use
ActivatedRule
|Action
. For all other update requests,
ActivatedRule
|Action
is used instead of
ActivatedRule
|OverrideAction
.
#priority ⇒ Integer
Specifies the order in which the rules in a WebACL are evaluated. Rules
with a lower value for Priority
are evaluated before rules with a
higher value. The value must be a unique integer. If you add multiple
rules to a WebACL, the values do not need to be consecutive.
#rule_id ⇒ String
The identifier for a rule.
#type ⇒ String
The rule type.
Valid values: REGULAR
| RATE_BASED
| GROUP
The default is REGULAR
.