WebACL - Amazon WAFV2
ContentsSee Also
Services or capabilities described in Amazon Web Services documentation might vary by Region. To see the differences applicable to the China Regions, see Getting Started with Amazon Web Services in China (PDF).

WebACL

Note

Amazon WAF Classic support will end on September 30, 2025.

This is Amazon WAF Classic documentation. For more information, see Amazon WAF Classic in the developer guide.

For the latest version of Amazon WAF , use the Amazon WAFV2 API and see the Amazon WAF Developer Guide. With the latest version, Amazon WAF has a single set of endpoints for regional and global use.

Contains the Rules that identify the requests that you want to allow, block, or count. In a WebACL, you also specify a default action (ALLOW or BLOCK), and the action for each Rule that you add to a WebACL, for example, block requests from specified IP addresses or block requests from specified referrers. You also associate the WebACL with an Amazon CloudFront distribution to identify the requests that you want Amazon WAF to filter. If you add more than one Rule to a WebACL, a request needs to match only one of the specifications to be allowed, blocked, or counted. For more information, see UpdateWebACL.

Contents

DefaultAction

The action to perform if none of the Rules contained in the WebACL match. The action is specified by the WafAction object.

Type: WafAction object

Required: Yes

Rules

An array that contains the action for each Rule in a WebACL, the priority of the Rule, and the ID of the Rule.

Type: Array of ActivatedRule objects

Required: Yes

WebACLId

A unique identifier for a WebACL. You use WebACLId to get information about a WebACL (see GetWebACL), update a WebACL (see UpdateWebACL), and delete a WebACL from Amazon WAF (see DeleteWebACL).

WebACLId is returned by CreateWebACL and by ListWebACLs.

Type: String

Length Constraints: Minimum length of 1. Maximum length of 128.

Pattern: .*\S.*

Required: Yes

MetricName

A friendly name or description for the metrics for this WebACL. The name can contain only alphanumeric characters (A-Z, a-z, 0-9), with maximum length 128 and minimum length one. It can't contain whitespace or metric names reserved for Amazon WAF, including "All" and "Default_Action." You can't change MetricName after you create the WebACL.

Type: String

Length Constraints: Minimum length of 1. Maximum length of 128.

Pattern: .*\S.*

Required: No

Name

A friendly name or description of the WebACL. You can't change the name of a WebACL after you create it.

Type: String

Length Constraints: Minimum length of 1. Maximum length of 128.

Pattern: .*\S.*

Required: No

WebACLArn

Tha Amazon Resource Name (ARN) of the web ACL.

Type: String

Length Constraints: Minimum length of 1. Maximum length of 1224.

Pattern: .*\S.*

Required: No

See Also

For more information about using this API in one of the language-specific Amazon SDKs, see the following: