Docs
PackagesTry AWS Native preview for resources not in the classic version.
aws.wafv2.WebAcl
Explore with Pulumi AI
Try AWS Native preview for resources not in the classic version.
Create WebAcl Resource
new WebAcl(name: string, args: WebAclArgs, opts?: CustomResourceOptions);@overload
def WebAcl(resource_name: str,
opts: Optional[ResourceOptions] = None,
association_config: Optional[WebAclAssociationConfigArgs] = None,
captcha_config: Optional[WebAclCaptchaConfigArgs] = None,
custom_response_bodies: Optional[Sequence[WebAclCustomResponseBodyArgs]] = None,
default_action: Optional[WebAclDefaultActionArgs] = None,
description: Optional[str] = None,
name: Optional[str] = None,
rules: Optional[Sequence[WebAclRuleArgs]] = None,
scope: Optional[str] = None,
tags: Optional[Mapping[str, str]] = None,
token_domains: Optional[Sequence[str]] = None,
visibility_config: Optional[WebAclVisibilityConfigArgs] = None)
@overload
def WebAcl(resource_name: str,
args: WebAclArgs,
opts: Optional[ResourceOptions] = None)func NewWebAcl(ctx *Context, name string, args WebAclArgs, opts ...ResourceOption) (*WebAcl, error)public WebAcl(string name, WebAclArgs args, CustomResourceOptions? opts = null)
public WebAcl(String name, WebAclArgs args)
public WebAcl(String name, WebAclArgs args, CustomResourceOptions options)
type: aws:wafv2:WebAcl
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args WebAclArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args WebAclArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args WebAclArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args WebAclArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args WebAclArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
WebAcl Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
The WebAcl resource accepts the following input properties:
- Default
Action Pulumi.Aws. Waf V2. Inputs. Web Acl Default Action Action to perform if none of the
rulescontained in the WebACL match. Seedefault_actionbelow for details.- Scope string
Specifies whether this is for an AWS CloudFront distribution or for a regional application. Valid values are
CLOUDFRONTorREGIONAL. To work with CloudFront, you must also specify the regionus-east-1(N. Virginia) on the AWS provider.- Visibility
Config Pulumi.Aws. Waf V2. Inputs. Web Acl Visibility Config Defines and enables Amazon CloudWatch metrics and web request sample collection. See
visibility_configbelow for details.- Association
Config Pulumi.Aws. Waf V2. Inputs. Web Acl Association Config Specifies custom configurations for the associations between the web ACL and protected resources. See
association_configbelow for details.- Captcha
Config Pulumi.Aws. Waf V2. Inputs. Web Acl Captcha Config Specifies how AWS WAF should handle CAPTCHA evaluations. See
captcha_configbelow for details.- Custom
Response List<Pulumi.Bodies Aws. Waf V2. Inputs. Web Acl Custom Response Body> Defines custom response bodies that can be referenced by
custom_responseactions. Seecustom_response_bodybelow for details.- Description string
Friendly description of the WebACL.
- Name string
Friendly name of the WebACL.
- Rules
List<Pulumi.
Aws. Waf V2. Inputs. Web Acl Rule> Rule blocks used to identify the web requests that you want to
allow,block, orcount. Seerulebelow for details.- Dictionary<string, string>
Map of key-value pairs to associate with the resource. If configured with a provider
default_tagsconfiguration block present, tags with matching keys will overwrite those defined at the provider-level.- Token
Domains List<string> Specifies the domains that AWS WAF should accept in a web request token. This enables the use of tokens across multiple protected websites. When AWS WAF provides a token, it uses the domain of the AWS resource that the web ACL is protecting. If you don't specify a list of token domains, AWS WAF accepts tokens only for the domain of the protected resource. With a token domain list, AWS WAF accepts the resource's host domain plus all domains in the token domain list, including their prefixed subdomains.
- Default
Action WebAcl Default Action Args Action to perform if none of the
rulescontained in the WebACL match. Seedefault_actionbelow for details.- Scope string
Specifies whether this is for an AWS CloudFront distribution or for a regional application. Valid values are
CLOUDFRONTorREGIONAL. To work with CloudFront, you must also specify the regionus-east-1(N. Virginia) on the AWS provider.- Visibility
Config WebAcl Visibility Config Args Defines and enables Amazon CloudWatch metrics and web request sample collection. See
visibility_configbelow for details.- Association
Config WebAcl Association Config Args Specifies custom configurations for the associations between the web ACL and protected resources. See
association_configbelow for details.- Captcha
Config WebAcl Captcha Config Args Specifies how AWS WAF should handle CAPTCHA evaluations. See
captcha_configbelow for details.- Custom
Response []WebBodies Acl Custom Response Body Args Defines custom response bodies that can be referenced by
custom_responseactions. Seecustom_response_bodybelow for details.- Description string
Friendly description of the WebACL.
- Name string
Friendly name of the WebACL.
- Rules
[]Web
Acl Rule Args Rule blocks used to identify the web requests that you want to
allow,block, orcount. Seerulebelow for details.- map[string]string
Map of key-value pairs to associate with the resource. If configured with a provider
default_tagsconfiguration block present, tags with matching keys will overwrite those defined at the provider-level.- Token
Domains []string Specifies the domains that AWS WAF should accept in a web request token. This enables the use of tokens across multiple protected websites. When AWS WAF provides a token, it uses the domain of the AWS resource that the web ACL is protecting. If you don't specify a list of token domains, AWS WAF accepts tokens only for the domain of the protected resource. With a token domain list, AWS WAF accepts the resource's host domain plus all domains in the token domain list, including their prefixed subdomains.
- default
Action WebAcl Default Action Action to perform if none of the
rulescontained in the WebACL match. Seedefault_actionbelow for details.- scope String
Specifies whether this is for an AWS CloudFront distribution or for a regional application. Valid values are
CLOUDFRONTorREGIONAL. To work with CloudFront, you must also specify the regionus-east-1(N. Virginia) on the AWS provider.- visibility
Config WebAcl Visibility Config Defines and enables Amazon CloudWatch metrics and web request sample collection. See
visibility_configbelow for details.- association
Config WebAcl Association Config Specifies custom configurations for the associations between the web ACL and protected resources. See
association_configbelow for details.- captcha
Config WebAcl Captcha Config Specifies how AWS WAF should handle CAPTCHA evaluations. See
captcha_configbelow for details.- custom
Response List<WebBodies Acl Custom Response Body> Defines custom response bodies that can be referenced by
custom_responseactions. Seecustom_response_bodybelow for details.- description String
Friendly description of the WebACL.
- name String
Friendly name of the WebACL.
- rules
List<Web
Acl Rule> Rule blocks used to identify the web requests that you want to
allow,block, orcount. Seerulebelow for details.- Map<String,String>
Map of key-value pairs to associate with the resource. If configured with a provider
default_tagsconfiguration block present, tags with matching keys will overwrite those defined at the provider-level.- token
Domains List<String> Specifies the domains that AWS WAF should accept in a web request token. This enables the use of tokens across multiple protected websites. When AWS WAF provides a token, it uses the domain of the AWS resource that the web ACL is protecting. If you don't specify a list of token domains, AWS WAF accepts tokens only for the domain of the protected resource. With a token domain list, AWS WAF accepts the resource's host domain plus all domains in the token domain list, including their prefixed subdomains.
- default
Action WebAcl Default Action Action to perform if none of the
rulescontained in the WebACL match. Seedefault_actionbelow for details.- scope string
Specifies whether this is for an AWS CloudFront distribution or for a regional application. Valid values are
CLOUDFRONTorREGIONAL. To work with CloudFront, you must also specify the regionus-east-1(N. Virginia) on the AWS provider.- visibility
Config WebAcl Visibility Config Defines and enables Amazon CloudWatch metrics and web request sample collection. See
visibility_configbelow for details.- association
Config WebAcl Association Config Specifies custom configurations for the associations between the web ACL and protected resources. See
association_configbelow for details.- captcha
Config WebAcl Captcha Config Specifies how AWS WAF should handle CAPTCHA evaluations. See
captcha_configbelow for details.- custom
Response WebBodies Acl Custom Response Body[] Defines custom response bodies that can be referenced by
custom_responseactions. Seecustom_response_bodybelow for details.- description string
Friendly description of the WebACL.
- name string
Friendly name of the WebACL.
- rules
Web
Acl Rule[] Rule blocks used to identify the web requests that you want to
allow,block, orcount. Seerulebelow for details.- {[key: string]: string}
Map of key-value pairs to associate with the resource. If configured with a provider
default_tagsconfiguration block present, tags with matching keys will overwrite those defined at the provider-level.- token
Domains string[] Specifies the domains that AWS WAF should accept in a web request token. This enables the use of tokens across multiple protected websites. When AWS WAF provides a token, it uses the domain of the AWS resource that the web ACL is protecting. If you don't specify a list of token domains, AWS WAF accepts tokens only for the domain of the protected resource. With a token domain list, AWS WAF accepts the resource's host domain plus all domains in the token domain list, including their prefixed subdomains.
- default_
action WebAcl Default Action Args Action to perform if none of the
rulescontained in the WebACL match. Seedefault_actionbelow for details.- scope str
Specifies whether this is for an AWS CloudFront distribution or for a regional application. Valid values are
CLOUDFRONTorREGIONAL. To work with CloudFront, you must also specify the regionus-east-1(N. Virginia) on the AWS provider.- visibility_
config WebAcl Visibility Config Args Defines and enables Amazon CloudWatch metrics and web request sample collection. See
visibility_configbelow for details.- association_
config WebAcl Association Config Args Specifies custom configurations for the associations between the web ACL and protected resources. See
association_configbelow for details.- captcha_
config WebAcl Captcha Config Args Specifies how AWS WAF should handle CAPTCHA evaluations. See
captcha_configbelow for details.- custom_
response_ Sequence[Webbodies Acl Custom Response Body Args] Defines custom response bodies that can be referenced by
custom_responseactions. Seecustom_response_bodybelow for details.- description str
Friendly description of the WebACL.
- name str
Friendly name of the WebACL.
- rules
Sequence[Web
Acl Rule Args] Rule blocks used to identify the web requests that you want to
allow,block, orcount. Seerulebelow for details.- Mapping[str, str]
Map of key-value pairs to associate with the resource. If configured with a provider
default_tagsconfiguration block present, tags with matching keys will overwrite those defined at the provider-level.- token_
domains Sequence[str] Specifies the domains that AWS WAF should accept in a web request token. This enables the use of tokens across multiple protected websites. When AWS WAF provides a token, it uses the domain of the AWS resource that the web ACL is protecting. If you don't specify a list of token domains, AWS WAF accepts tokens only for the domain of the protected resource. With a token domain list, AWS WAF accepts the resource's host domain plus all domains in the token domain list, including their prefixed subdomains.
- default
Action Property Map Action to perform if none of the
rulescontained in the WebACL match. Seedefault_actionbelow for details.- scope String
Specifies whether this is for an AWS CloudFront distribution or for a regional application. Valid values are
CLOUDFRONTorREGIONAL. To work with CloudFront, you must also specify the regionus-east-1(N. Virginia) on the AWS provider.- visibility
Config Property Map Defines and enables Amazon CloudWatch metrics and web request sample collection. See
visibility_configbelow for details.- association
Config Property Map Specifies custom configurations for the associations between the web ACL and protected resources. See
association_configbelow for details.- captcha
Config Property Map Specifies how AWS WAF should handle CAPTCHA evaluations. See
captcha_configbelow for details.- custom
Response List<Property Map>Bodies Defines custom response bodies that can be referenced by
custom_responseactions. Seecustom_response_bodybelow for details.- description String
Friendly description of the WebACL.
- name String
Friendly name of the WebACL.
- rules List<Property Map>
Rule blocks used to identify the web requests that you want to
allow,block, orcount. Seerulebelow for details.- Map<String>
Map of key-value pairs to associate with the resource. If configured with a provider
default_tagsconfiguration block present, tags with matching keys will overwrite those defined at the provider-level.- token
Domains List<String> Specifies the domains that AWS WAF should accept in a web request token. This enables the use of tokens across multiple protected websites. When AWS WAF provides a token, it uses the domain of the AWS resource that the web ACL is protecting. If you don't specify a list of token domains, AWS WAF accepts tokens only for the domain of the protected resource. With a token domain list, AWS WAF accepts the resource's host domain plus all domains in the token domain list, including their prefixed subdomains.
Outputs
All input properties are implicitly available as output properties. Additionally, the WebAcl resource produces the following output properties:
- Arn string
The Amazon Resource Name (ARN) of the IP Set that this statement references.
- Capacity int
Web ACL capacity units (WCUs) currently being used by this web ACL.
- Id string
The provider-assigned unique ID for this managed resource.
- Lock
Token string - Dictionary<string, string>
Map of tags assigned to the resource, including those inherited from the provider
default_tagsconfiguration block.Please use
tagsinstead.
- Arn string
The Amazon Resource Name (ARN) of the IP Set that this statement references.
- Capacity int
Web ACL capacity units (WCUs) currently being used by this web ACL.
- Id string
The provider-assigned unique ID for this managed resource.
- Lock
Token string - map[string]string
Map of tags assigned to the resource, including those inherited from the provider
default_tagsconfiguration block.Please use
tagsinstead.
- arn String
The Amazon Resource Name (ARN) of the IP Set that this statement references.
- capacity Integer
Web ACL capacity units (WCUs) currently being used by this web ACL.
- id String
The provider-assigned unique ID for this managed resource.
- lock
Token String - Map<String,String>
Map of tags assigned to the resource, including those inherited from the provider
default_tagsconfiguration block.Please use
tagsinstead.
- arn string
The Amazon Resource Name (ARN) of the IP Set that this statement references.
- capacity number
Web ACL capacity units (WCUs) currently being used by this web ACL.
- id string
The provider-assigned unique ID for this managed resource.
- lock
Token string - {[key: string]: string}
Map of tags assigned to the resource, including those inherited from the provider
default_tagsconfiguration block.Please use
tagsinstead.
- arn str
The Amazon Resource Name (ARN) of the IP Set that this statement references.
- capacity int
Web ACL capacity units (WCUs) currently being used by this web ACL.
- id str
The provider-assigned unique ID for this managed resource.
- lock_
token str - Mapping[str, str]
Map of tags assigned to the resource, including those inherited from the provider
default_tagsconfiguration block.Please use
tagsinstead.
- arn String
The Amazon Resource Name (ARN) of the IP Set that this statement references.
- capacity Number
Web ACL capacity units (WCUs) currently being used by this web ACL.
- id String
The provider-assigned unique ID for this managed resource.
- lock
Token String - Map<String>
Map of tags assigned to the resource, including those inherited from the provider
default_tagsconfiguration block.Please use
tagsinstead.
Look up Existing WebAcl Resource
Get an existing WebAcl resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: WebAclState, opts?: CustomResourceOptions): WebAcl@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
arn: Optional[str] = None,
association_config: Optional[WebAclAssociationConfigArgs] = None,
capacity: Optional[int] = None,
captcha_config: Optional[WebAclCaptchaConfigArgs] = None,
custom_response_bodies: Optional[Sequence[WebAclCustomResponseBodyArgs]] = None,
default_action: Optional[WebAclDefaultActionArgs] = None,
description: Optional[str] = None,
lock_token: Optional[str] = None,
name: Optional[str] = None,
rules: Optional[Sequence[WebAclRuleArgs]] = None,
scope: Optional[str] = None,
tags: Optional[Mapping[str, str]] = None,
tags_all: Optional[Mapping[str, str]] = None,
token_domains: Optional[Sequence[str]] = None,
visibility_config: Optional[WebAclVisibilityConfigArgs] = None) -> WebAclfunc GetWebAcl(ctx *Context, name string, id IDInput, state *WebAclState, opts ...ResourceOption) (*WebAcl, error)public static WebAcl Get(string name, Input<string> id, WebAclState? state, CustomResourceOptions? opts = null)public static WebAcl get(String name, Output<String> id, WebAclState state, CustomResourceOptions options)Resource lookup is not supported in YAML- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- Arn string
The Amazon Resource Name (ARN) of the IP Set that this statement references.
- Association
Config Pulumi.Aws. Waf V2. Inputs. Web Acl Association Config Specifies custom configurations for the associations between the web ACL and protected resources. See
association_configbelow for details.- Capacity int
Web ACL capacity units (WCUs) currently being used by this web ACL.
- Captcha
Config Pulumi.Aws. Waf V2. Inputs. Web Acl Captcha Config Specifies how AWS WAF should handle CAPTCHA evaluations. See
captcha_configbelow for details.- Custom
Response List<Pulumi.Bodies Aws. Waf V2. Inputs. Web Acl Custom Response Body> Defines custom response bodies that can be referenced by
custom_responseactions. Seecustom_response_bodybelow for details.- Default
Action Pulumi.Aws. Waf V2. Inputs. Web Acl Default Action Action to perform if none of the
rulescontained in the WebACL match. Seedefault_actionbelow for details.- Description string
Friendly description of the WebACL.
- Lock
Token string - Name string
Friendly name of the WebACL.
- Rules
List<Pulumi.
Aws. Waf V2. Inputs. Web Acl Rule> Rule blocks used to identify the web requests that you want to
allow,block, orcount. Seerulebelow for details.- Scope string
Specifies whether this is for an AWS CloudFront distribution or for a regional application. Valid values are
CLOUDFRONTorREGIONAL. To work with CloudFront, you must also specify the regionus-east-1(N. Virginia) on the AWS provider.- Dictionary<string, string>
Map of key-value pairs to associate with the resource. If configured with a provider
default_tagsconfiguration block present, tags with matching keys will overwrite those defined at the provider-level.- Dictionary<string, string>
Map of tags assigned to the resource, including those inherited from the provider
default_tagsconfiguration block.Please use
tagsinstead.- Token
Domains List<string> Specifies the domains that AWS WAF should accept in a web request token. This enables the use of tokens across multiple protected websites. When AWS WAF provides a token, it uses the domain of the AWS resource that the web ACL is protecting. If you don't specify a list of token domains, AWS WAF accepts tokens only for the domain of the protected resource. With a token domain list, AWS WAF accepts the resource's host domain plus all domains in the token domain list, including their prefixed subdomains.
- Visibility
Config Pulumi.Aws. Waf V2. Inputs. Web Acl Visibility Config Defines and enables Amazon CloudWatch metrics and web request sample collection. See
visibility_configbelow for details.
- Arn string
The Amazon Resource Name (ARN) of the IP Set that this statement references.
- Association
Config WebAcl Association Config Args Specifies custom configurations for the associations between the web ACL and protected resources. See
association_configbelow for details.- Capacity int
Web ACL capacity units (WCUs) currently being used by this web ACL.
- Captcha
Config WebAcl Captcha Config Args Specifies how AWS WAF should handle CAPTCHA evaluations. See
captcha_configbelow for details.- Custom
Response []WebBodies Acl Custom Response Body Args Defines custom response bodies that can be referenced by
custom_responseactions. Seecustom_response_bodybelow for details.- Default
Action WebAcl Default Action Args Action to perform if none of the
rulescontained in the WebACL match. Seedefault_actionbelow for details.- Description string
Friendly description of the WebACL.
- Lock
Token string - Name string
Friendly name of the WebACL.
- Rules
[]Web
Acl Rule Args Rule blocks used to identify the web requests that you want to
allow,block, orcount. Seerulebelow for details.- Scope string
Specifies whether this is for an AWS CloudFront distribution or for a regional application. Valid values are
CLOUDFRONTorREGIONAL. To work with CloudFront, you must also specify the regionus-east-1(N. Virginia) on the AWS provider.- map[string]string
Map of key-value pairs to associate with the resource. If configured with a provider
default_tagsconfiguration block present, tags with matching keys will overwrite those defined at the provider-level.- map[string]string
Map of tags assigned to the resource, including those inherited from the provider
default_tagsconfiguration block.Please use
tagsinstead.- Token
Domains []string Specifies the domains that AWS WAF should accept in a web request token. This enables the use of tokens across multiple protected websites. When AWS WAF provides a token, it uses the domain of the AWS resource that the web ACL is protecting. If you don't specify a list of token domains, AWS WAF accepts tokens only for the domain of the protected resource. With a token domain list, AWS WAF accepts the resource's host domain plus all domains in the token domain list, including their prefixed subdomains.
- Visibility
Config WebAcl Visibility Config Args Defines and enables Amazon CloudWatch metrics and web request sample collection. See
visibility_configbelow for details.
- arn String
The Amazon Resource Name (ARN) of the IP Set that this statement references.
- association
Config WebAcl Association Config Specifies custom configurations for the associations between the web ACL and protected resources. See
association_configbelow for details.- capacity Integer
Web ACL capacity units (WCUs) currently being used by this web ACL.
- captcha
Config WebAcl Captcha Config Specifies how AWS WAF should handle CAPTCHA evaluations. See
captcha_configbelow for details.- custom
Response List<WebBodies Acl Custom Response Body> Defines custom response bodies that can be referenced by
custom_responseactions. Seecustom_response_bodybelow for details.- default
Action WebAcl Default Action Action to perform if none of the
rulescontained in the WebACL match. Seedefault_actionbelow for details.- description String
Friendly description of the WebACL.
- lock
Token String - name String
Friendly name of the WebACL.
- rules
List<Web
Acl Rule> Rule blocks used to identify the web requests that you want to
allow,block, orcount. Seerulebelow for details.- scope String
Specifies whether this is for an AWS CloudFront distribution or for a regional application. Valid values are
CLOUDFRONTorREGIONAL. To work with CloudFront, you must also specify the regionus-east-1(N. Virginia) on the AWS provider.- Map<String,String>
Map of key-value pairs to associate with the resource. If configured with a provider
default_tagsconfiguration block present, tags with matching keys will overwrite those defined at the provider-level.- Map<String,String>
Map of tags assigned to the resource, including those inherited from the provider
default_tagsconfiguration block.Please use
tagsinstead.- token
Domains List<String> Specifies the domains that AWS WAF should accept in a web request token. This enables the use of tokens across multiple protected websites. When AWS WAF provides a token, it uses the domain of the AWS resource that the web ACL is protecting. If you don't specify a list of token domains, AWS WAF accepts tokens only for the domain of the protected resource. With a token domain list, AWS WAF accepts the resource's host domain plus all domains in the token domain list, including their prefixed subdomains.
- visibility
Config WebAcl Visibility Config Defines and enables Amazon CloudWatch metrics and web request sample collection. See
visibility_configbelow for details.
- arn string
The Amazon Resource Name (ARN) of the IP Set that this statement references.
- association
Config WebAcl Association Config Specifies custom configurations for the associations between the web ACL and protected resources. See
association_configbelow for details.- capacity number
Web ACL capacity units (WCUs) currently being used by this web ACL.
- captcha
Config WebAcl Captcha Config Specifies how AWS WAF should handle CAPTCHA evaluations. See
captcha_configbelow for details.- custom
Response WebBodies Acl Custom Response Body[] Defines custom response bodies that can be referenced by
custom_responseactions. Seecustom_response_bodybelow for details.- default
Action WebAcl Default Action Action to perform if none of the
rulescontained in the WebACL match. Seedefault_actionbelow for details.- description string
Friendly description of the WebACL.
- lock
Token string - name string
Friendly name of the WebACL.
- rules
Web
Acl Rule[] Rule blocks used to identify the web requests that you want to
allow,block, orcount. Seerulebelow for details.- scope string
Specifies whether this is for an AWS CloudFront distribution or for a regional application. Valid values are
CLOUDFRONTorREGIONAL. To work with CloudFront, you must also specify the regionus-east-1(N. Virginia) on the AWS provider.- {[key: string]: string}
Map of key-value pairs to associate with the resource. If configured with a provider
default_tagsconfiguration block present, tags with matching keys will overwrite those defined at the provider-level.- {[key: string]: string}
Map of tags assigned to the resource, including those inherited from the provider
default_tagsconfiguration block.Please use
tagsinstead.- token
Domains string[] Specifies the domains that AWS WAF should accept in a web request token. This enables the use of tokens across multiple protected websites. When AWS WAF provides a token, it uses the domain of the AWS resource that the web ACL is protecting. If you don't specify a list of token domains, AWS WAF accepts tokens only for the domain of the protected resource. With a token domain list, AWS WAF accepts the resource's host domain plus all domains in the token domain list, including their prefixed subdomains.
- visibility
Config WebAcl Visibility Config Defines and enables Amazon CloudWatch metrics and web request sample collection. See
visibility_configbelow for details.
- arn str
The Amazon Resource Name (ARN) of the IP Set that this statement references.
- association_
config WebAcl Association Config Args Specifies custom configurations for the associations between the web ACL and protected resources. See
association_configbelow for details.- capacity int
Web ACL capacity units (WCUs) currently being used by this web ACL.
- captcha_
config WebAcl Captcha Config Args Specifies how AWS WAF should handle CAPTCHA evaluations. See
captcha_configbelow for details.- custom_
response_ Sequence[Webbodies Acl Custom Response Body Args] Defines custom response bodies that can be referenced by
custom_responseactions. Seecustom_response_bodybelow for details.- default_
action WebAcl Default Action Args Action to perform if none of the
rulescontained in the WebACL match. Seedefault_actionbelow for details.- description str
Friendly description of the WebACL.
- lock_
token str - name str
Friendly name of the WebACL.
- rules
Sequence[Web
Acl Rule Args] Rule blocks used to identify the web requests that you want to
allow,block, orcount. Seerulebelow for details.- scope str
Specifies whether this is for an AWS CloudFront distribution or for a regional application. Valid values are
CLOUDFRONTorREGIONAL. To work with CloudFront, you must also specify the regionus-east-1(N. Virginia) on the AWS provider.- Mapping[str, str]
Map of key-value pairs to associate with the resource. If configured with a provider
default_tagsconfiguration block present, tags with matching keys will overwrite those defined at the provider-level.- Mapping[str, str]
Map of tags assigned to the resource, including those inherited from the provider
default_tagsconfiguration block.Please use
tagsinstead.- token_
domains Sequence[str] Specifies the domains that AWS WAF should accept in a web request token. This enables the use of tokens across multiple protected websites. When AWS WAF provides a token, it uses the domain of the AWS resource that the web ACL is protecting. If you don't specify a list of token domains, AWS WAF accepts tokens only for the domain of the protected resource. With a token domain list, AWS WAF accepts the resource's host domain plus all domains in the token domain list, including their prefixed subdomains.
- visibility_
config WebAcl Visibility Config Args Defines and enables Amazon CloudWatch metrics and web request sample collection. See
visibility_configbelow for details.
- arn String
The Amazon Resource Name (ARN) of the IP Set that this statement references.
- association
Config Property Map Specifies custom configurations for the associations between the web ACL and protected resources. See
association_configbelow for details.- capacity Number
Web ACL capacity units (WCUs) currently being used by this web ACL.
- captcha
Config Property Map Specifies how AWS WAF should handle CAPTCHA evaluations. See
captcha_configbelow for details.- custom
Response List<Property Map>Bodies Defines custom response bodies that can be referenced by
custom_responseactions. Seecustom_response_bodybelow for details.- default
Action Property Map Action to perform if none of the
rulescontained in the WebACL match. Seedefault_actionbelow for details.- description String
Friendly description of the WebACL.
- lock
Token String - name String
Friendly name of the WebACL.
- rules List<Property Map>
Rule blocks used to identify the web requests that you want to
allow,block, orcount. Seerulebelow for details.- scope String
Specifies whether this is for an AWS CloudFront distribution or for a regional application. Valid values are
CLOUDFRONTorREGIONAL. To work with CloudFront, you must also specify the regionus-east-1(N. Virginia) on the AWS provider.- Map<String>
Map of key-value pairs to associate with the resource. If configured with a provider
default_tagsconfiguration block present, tags with matching keys will overwrite those defined at the provider-level.- Map<String>
Map of tags assigned to the resource, including those inherited from the provider
default_tagsconfiguration block.Please use
tagsinstead.- token
Domains List<String> Specifies the domains that AWS WAF should accept in a web request token. This enables the use of tokens across multiple protected websites. When AWS WAF provides a token, it uses the domain of the AWS resource that the web ACL is protecting. If you don't specify a list of token domains, AWS WAF accepts tokens only for the domain of the protected resource. With a token domain list, AWS WAF accepts the resource's host domain plus all domains in the token domain list, including their prefixed subdomains.
- visibility
Config Property Map Defines and enables Amazon CloudWatch metrics and web request sample collection. See
visibility_configbelow for details.
Supporting Types
Note: There are over 200 nested types for this resource. Only the first 200 types are included in this documentation.
WebAclAssociationConfig, WebAclAssociationConfigArgs
- Request
Bodies List<Pulumi.Aws. Waf V2. Inputs. Web Acl Association Config Request Body> Customizes the request body that your protected resource forward to AWS WAF for inspection. See
request_bodybelow for details.
- Request
Bodies []WebAcl Association Config Request Body Customizes the request body that your protected resource forward to AWS WAF for inspection. See
request_bodybelow for details.
- request
Bodies List<WebAcl Association Config Request Body> Customizes the request body that your protected resource forward to AWS WAF for inspection. See
request_bodybelow for details.
- request
Bodies WebAcl Association Config Request Body[] Customizes the request body that your protected resource forward to AWS WAF for inspection. See
request_bodybelow for details.
- request_
bodies Sequence[WebAcl Association Config Request Body] Customizes the request body that your protected resource forward to AWS WAF for inspection. See
request_bodybelow for details.
- request
Bodies List<Property Map> Customizes the request body that your protected resource forward to AWS WAF for inspection. See
request_bodybelow for details.
WebAclAssociationConfigRequestBody, WebAclAssociationConfigRequestBodyArgs
- Cloudfronts
List<Pulumi.
Aws. Waf V2. Inputs. Web Acl Association Config Request Body Cloudfront> Customizes the request body that your protected CloudFront distributions forward to AWS WAF for inspection. See
cloudfrontbelow for details.
- Cloudfronts
[]Web
Acl Association Config Request Body Cloudfront Customizes the request body that your protected CloudFront distributions forward to AWS WAF for inspection. See
cloudfrontbelow for details.
- cloudfronts
List<Web
Acl Association Config Request Body Cloudfront> Customizes the request body that your protected CloudFront distributions forward to AWS WAF for inspection. See
cloudfrontbelow for details.
- cloudfronts
Web
Acl Association Config Request Body Cloudfront[] Customizes the request body that your protected CloudFront distributions forward to AWS WAF for inspection. See
cloudfrontbelow for details.
- cloudfronts
Sequence[Web
Acl Association Config Request Body Cloudfront] Customizes the request body that your protected CloudFront distributions forward to AWS WAF for inspection. See
cloudfrontbelow for details.
- cloudfronts List<Property Map>
Customizes the request body that your protected CloudFront distributions forward to AWS WAF for inspection. See
cloudfrontbelow for details.
WebAclAssociationConfigRequestBodyCloudfront, WebAclAssociationConfigRequestBodyCloudfrontArgs
- Default
Size stringInspection Limit Specifies the maximum size of the web request body component that an associated CloudFront distribution should send to AWS WAF for inspection. This applies to statements in the web ACL that inspect the body or JSON body. Valid values are
KB_16,KB_32,KB_48andKB_64.
- Default
Size stringInspection Limit Specifies the maximum size of the web request body component that an associated CloudFront distribution should send to AWS WAF for inspection. This applies to statements in the web ACL that inspect the body or JSON body. Valid values are
KB_16,KB_32,KB_48andKB_64.
- default
Size StringInspection Limit Specifies the maximum size of the web request body component that an associated CloudFront distribution should send to AWS WAF for inspection. This applies to statements in the web ACL that inspect the body or JSON body. Valid values are
KB_16,KB_32,KB_48andKB_64.
- default
Size stringInspection Limit Specifies the maximum size of the web request body component that an associated CloudFront distribution should send to AWS WAF for inspection. This applies to statements in the web ACL that inspect the body or JSON body. Valid values are
KB_16,KB_32,KB_48andKB_64.
- default_
size_ strinspection_ limit Specifies the maximum size of the web request body component that an associated CloudFront distribution should send to AWS WAF for inspection. This applies to statements in the web ACL that inspect the body or JSON body. Valid values are
KB_16,KB_32,KB_48andKB_64.
- default
Size StringInspection Limit Specifies the maximum size of the web request body component that an associated CloudFront distribution should send to AWS WAF for inspection. This applies to statements in the web ACL that inspect the body or JSON body. Valid values are
KB_16,KB_32,KB_48andKB_64.
WebAclCaptchaConfig, WebAclCaptchaConfigArgs
- Immunity
Time Pulumi.Property Aws. Waf V2. Inputs. Web Acl Captcha Config Immunity Time Property Defines custom immunity time. See
immunity_time_propertybelow for details.
- Immunity
Time WebProperty Acl Captcha Config Immunity Time Property Defines custom immunity time. See
immunity_time_propertybelow for details.
- immunity
Time WebProperty Acl Captcha Config Immunity Time Property Defines custom immunity time. See
immunity_time_propertybelow for details.
- immunity
Time WebProperty Acl Captcha Config Immunity Time Property Defines custom immunity time. See
immunity_time_propertybelow for details.
- immunity_
time_ Webproperty Acl Captcha Config Immunity Time Property Defines custom immunity time. See
immunity_time_propertybelow for details.
- immunity
Time Property MapProperty Defines custom immunity time. See
immunity_time_propertybelow for details.
WebAclCaptchaConfigImmunityTimeProperty, WebAclCaptchaConfigImmunityTimePropertyArgs
- Immunity
Time int The amount of time, in seconds, that a CAPTCHA or challenge timestamp is considered valid by AWS WAF. The default setting is 300.
- Immunity
Time int The amount of time, in seconds, that a CAPTCHA or challenge timestamp is considered valid by AWS WAF. The default setting is 300.
- immunity
Time Integer The amount of time, in seconds, that a CAPTCHA or challenge timestamp is considered valid by AWS WAF. The default setting is 300.
- immunity
Time number The amount of time, in seconds, that a CAPTCHA or challenge timestamp is considered valid by AWS WAF. The default setting is 300.
- immunity_
time int The amount of time, in seconds, that a CAPTCHA or challenge timestamp is considered valid by AWS WAF. The default setting is 300.
- immunity
Time Number The amount of time, in seconds, that a CAPTCHA or challenge timestamp is considered valid by AWS WAF. The default setting is 300.
WebAclCustomResponseBody, WebAclCustomResponseBodyArgs
- Content string
Payload of the custom response.
- Content
Type string Type of content in the payload that you are defining in the
contentargument. Valid values areTEXT_PLAIN,TEXT_HTML, orAPPLICATION_JSON.- Key string
Unique key identifying the custom response body. This is referenced by the
custom_response_body_keyargument in thecustom_responseblock.
- Content string
Payload of the custom response.
- Content
Type string Type of content in the payload that you are defining in the
contentargument. Valid values areTEXT_PLAIN,TEXT_HTML, orAPPLICATION_JSON.- Key string
Unique key identifying the custom response body. This is referenced by the
custom_response_body_keyargument in thecustom_responseblock.
- content String
Payload of the custom response.
- content
Type String Type of content in the payload that you are defining in the
contentargument. Valid values areTEXT_PLAIN,TEXT_HTML, orAPPLICATION_JSON.- key String
Unique key identifying the custom response body. This is referenced by the
custom_response_body_keyargument in thecustom_responseblock.
- content string
Payload of the custom response.
- content
Type string Type of content in the payload that you are defining in the
contentargument. Valid values areTEXT_PLAIN,TEXT_HTML, orAPPLICATION_JSON.- key string
Unique key identifying the custom response body. This is referenced by the
custom_response_body_keyargument in thecustom_responseblock.
- content str
Payload of the custom response.
- content_
type str Type of content in the payload that you are defining in the
contentargument. Valid values areTEXT_PLAIN,TEXT_HTML, orAPPLICATION_JSON.- key str
Unique key identifying the custom response body. This is referenced by the
custom_response_body_keyargument in thecustom_responseblock.
- content String
Payload of the custom response.
- content
Type String Type of content in the payload that you are defining in the
contentargument. Valid values areTEXT_PLAIN,TEXT_HTML, orAPPLICATION_JSON.- key String
Unique key identifying the custom response body. This is referenced by the
custom_response_body_keyargument in thecustom_responseblock.
WebAclDefaultAction, WebAclDefaultActionArgs
- Allow
Pulumi.
Aws. Waf V2. Inputs. Web Acl Default Action Allow Specifies that AWS WAF should allow requests by default. See
allowbelow for details.- Block
Pulumi.
Aws. Waf V2. Inputs. Web Acl Default Action Block Specifies that AWS WAF should block requests by default. See
blockbelow for details.
- Allow
Web
Acl Default Action Allow Specifies that AWS WAF should allow requests by default. See
allowbelow for details.- Block
Web
Acl Default Action Block Specifies that AWS WAF should block requests by default. See
blockbelow for details.
- allow
Web
Acl Default Action Allow Specifies that AWS WAF should allow requests by default. See
allowbelow for details.- block
Web
Acl Default Action Block Specifies that AWS WAF should block requests by default. See
blockbelow for details.
- allow
Web
Acl Default Action Allow Specifies that AWS WAF should allow requests by default. See
allowbelow for details.- block
Web
Acl Default Action Block Specifies that AWS WAF should block requests by default. See
blockbelow for details.
- allow
Web
Acl Default Action Allow Specifies that AWS WAF should allow requests by default. See
allowbelow for details.- block
Web
Acl Default Action Block Specifies that AWS WAF should block requests by default. See
blockbelow for details.
- allow Property Map
Specifies that AWS WAF should allow requests by default. See
allowbelow for details.- block Property Map
Specifies that AWS WAF should block requests by default. See
blockbelow for details.
WebAclDefaultActionAllow, WebAclDefaultActionAllowArgs
- Custom
Request Pulumi.Handling Aws. Waf V2. Inputs. Web Acl Default Action Allow Custom Request Handling Defines custom handling for the web request. See
custom_request_handlingbelow for details.
- Custom
Request WebHandling Acl Default Action Allow Custom Request Handling Defines custom handling for the web request. See
custom_request_handlingbelow for details.
- custom
Request WebHandling Acl Default Action Allow Custom Request Handling Defines custom handling for the web request. See
custom_request_handlingbelow for details.
- custom
Request WebHandling Acl Default Action Allow Custom Request Handling Defines custom handling for the web request. See
custom_request_handlingbelow for details.
- custom_
request_ Webhandling Acl Default Action Allow Custom Request Handling Defines custom handling for the web request. See
custom_request_handlingbelow for details.
- custom
Request Property MapHandling Defines custom handling for the web request. See
custom_request_handlingbelow for details.
WebAclDefaultActionAllowCustomRequestHandling, WebAclDefaultActionAllowCustomRequestHandlingArgs
- Insert
Headers List<Pulumi.Aws. Waf V2. Inputs. Web Acl Default Action Allow Custom Request Handling Insert Header> The
insert_headerblocks used to define HTTP headers added to the request. Seeinsert_headerbelow for details.
- Insert
Headers []WebAcl Default Action Allow Custom Request Handling Insert Header The
insert_headerblocks used to define HTTP headers added to the request. Seeinsert_headerbelow for details.
- insert
Headers List<WebAcl Default Action Allow Custom Request Handling Insert Header> The
insert_headerblocks used to define HTTP headers added to the request. Seeinsert_headerbelow for details.
- insert
Headers WebAcl Default Action Allow Custom Request Handling Insert Header[] The
insert_headerblocks used to define HTTP headers added to the request. Seeinsert_headerbelow for details.
- insert_
headers Sequence[WebAcl Default Action Allow Custom Request Handling Insert Header] The
insert_headerblocks used to define HTTP headers added to the request. Seeinsert_headerbelow for details.
- insert
Headers List<Property Map> The
insert_headerblocks used to define HTTP headers added to the request. Seeinsert_headerbelow for details.
WebAclDefaultActionAllowCustomRequestHandlingInsertHeader, WebAclDefaultActionAllowCustomRequestHandlingInsertHeaderArgs
- Name string
Name of the custom header. For custom request header insertion, when AWS WAF inserts the header into the request, it prefixes this name
x-amzn-waf-, to avoid confusion with the headers that are already in the request. For example, for the header namesample, AWS WAF inserts the headerx-amzn-waf-sample.- Value string
Value of the custom header.
- Name string
Name of the custom header. For custom request header insertion, when AWS WAF inserts the header into the request, it prefixes this name
x-amzn-waf-, to avoid confusion with the headers that are already in the request. For example, for the header namesample, AWS WAF inserts the headerx-amzn-waf-sample.- Value string
Value of the custom header.
- name String
Name of the custom header. For custom request header insertion, when AWS WAF inserts the header into the request, it prefixes this name
x-amzn-waf-, to avoid confusion with the headers that are already in the request. For example, for the header namesample, AWS WAF inserts the headerx-amzn-waf-sample.- value String
Value of the custom header.
- name string
Name of the custom header. For custom request header insertion, when AWS WAF inserts the header into the request, it prefixes this name
x-amzn-waf-, to avoid confusion with the headers that are already in the request. For example, for the header namesample, AWS WAF inserts the headerx-amzn-waf-sample.- value string
Value of the custom header.
- name str
Name of the custom header. For custom request header insertion, when AWS WAF inserts the header into the request, it prefixes this name
x-amzn-waf-, to avoid confusion with the headers that are already in the request. For example, for the header namesample, AWS WAF inserts the headerx-amzn-waf-sample.- value str
Value of the custom header.
- name String
Name of the custom header. For custom request header insertion, when AWS WAF inserts the header into the request, it prefixes this name
x-amzn-waf-, to avoid confusion with the headers that are already in the request. For example, for the header namesample, AWS WAF inserts the headerx-amzn-waf-sample.- value String
Value of the custom header.
WebAclDefaultActionBlock, WebAclDefaultActionBlockArgs
- Custom
Response Pulumi.Aws. Waf V2. Inputs. Web Acl Default Action Block Custom Response Defines a custom response for the web request. See
custom_responsebelow for details.
- Custom
Response WebAcl Default Action Block Custom Response Defines a custom response for the web request. See
custom_responsebelow for details.
- custom
Response WebAcl Default Action Block Custom Response Defines a custom response for the web request. See
custom_responsebelow for details.
- custom
Response WebAcl Default Action Block Custom Response Defines a custom response for the web request. See
custom_responsebelow for details.
- custom_
response WebAcl Default Action Block Custom Response Defines a custom response for the web request. See
custom_responsebelow for details.
- custom
Response Property Map Defines a custom response for the web request. See
custom_responsebelow for details.
WebAclDefaultActionBlockCustomResponse, WebAclDefaultActionBlockCustomResponseArgs
- Response
Code int The HTTP status code to return to the client.
- Custom
Response stringBody Key References the response body that you want AWS WAF to return to the web request client. This must reference a
keydefined in acustom_response_bodyblock of this resource.- Response
Headers List<Pulumi.Aws. Waf V2. Inputs. Web Acl Default Action Block Custom Response Response Header> The
response_headerblocks used to define the HTTP response headers added to the response. Seeresponse_headerbelow for details.
- Response
Code int The HTTP status code to return to the client.
- Custom
Response stringBody Key References the response body that you want AWS WAF to return to the web request client. This must reference a
keydefined in acustom_response_bodyblock of this resource.- Response
Headers []WebAcl Default Action Block Custom Response Response Header The
response_headerblocks used to define the HTTP response headers added to the response. Seeresponse_headerbelow for details.
- response
Code Integer The HTTP status code to return to the client.
- custom
Response StringBody Key References the response body that you want AWS WAF to return to the web request client. This must reference a
keydefined in acustom_response_bodyblock of this resource.- response
Headers List<WebAcl Default Action Block Custom Response Response Header> The
response_headerblocks used to define the HTTP response headers added to the response. Seeresponse_headerbelow for details.
- response
Code number The HTTP status code to return to the client.
- custom
Response stringBody Key References the response body that you want AWS WAF to return to the web request client. This must reference a
keydefined in acustom_response_bodyblock of this resource.- response
Headers WebAcl Default Action Block Custom Response Response Header[] The
response_headerblocks used to define the HTTP response headers added to the response. Seeresponse_headerbelow for details.
- response_
code int The HTTP status code to return to the client.
- custom_
response_ strbody_ key References the response body that you want AWS WAF to return to the web request client. This must reference a
keydefined in acustom_response_bodyblock of this resource.- response_
headers Sequence[WebAcl Default Action Block Custom Response Response Header] The
response_headerblocks used to define the HTTP response headers added to the response. Seeresponse_headerbelow for details.
- response
Code Number The HTTP status code to return to the client.
- custom
Response StringBody Key References the response body that you want AWS WAF to return to the web request client. This must reference a
keydefined in acustom_response_bodyblock of this resource.- response
Headers List<Property Map> The
response_headerblocks used to define the HTTP response headers added to the response. Seeresponse_headerbelow for details.
WebAclDefaultActionBlockCustomResponseResponseHeader, WebAclDefaultActionBlockCustomResponseResponseHeaderArgs
- Name string
Name of the custom header. For custom request header insertion, when AWS WAF inserts the header into the request, it prefixes this name
x-amzn-waf-, to avoid confusion with the headers that are already in the request. For example, for the header namesample, AWS WAF inserts the headerx-amzn-waf-sample.- Value string
Value of the custom header.
- Name string
Name of the custom header. For custom request header insertion, when AWS WAF inserts the header into the request, it prefixes this name
x-amzn-waf-, to avoid confusion with the headers that are already in the request. For example, for the header namesample, AWS WAF inserts the headerx-amzn-waf-sample.- Value string
Value of the custom header.
- name String
Name of the custom header. For custom request header insertion, when AWS WAF inserts the header into the request, it prefixes this name
x-amzn-waf-, to avoid confusion with the headers that are already in the request. For example, for the header namesample, AWS WAF inserts the headerx-amzn-waf-sample.- value String
Value of the custom header.
- name string
Name of the custom header. For custom request header insertion, when AWS WAF inserts the header into the request, it prefixes this name
x-amzn-waf-, to avoid confusion with the headers that are already in the request. For example, for the header namesample, AWS WAF inserts the headerx-amzn-waf-sample.- value string
Value of the custom header.
- name str
Name of the custom header. For custom request header insertion, when AWS WAF inserts the header into the request, it prefixes this name
x-amzn-waf-, to avoid confusion with the headers that are already in the request. For example, for the header namesample, AWS WAF inserts the headerx-amzn-waf-sample.- value str
Value of the custom header.
- name String
Name of the custom header. For custom request header insertion, when AWS WAF inserts the header into the request, it prefixes this name
x-amzn-waf-, to avoid confusion with the headers that are already in the request. For example, for the header namesample, AWS WAF inserts the headerx-amzn-waf-sample.- value String
Value of the custom header.
WebAclRule, WebAclRuleArgs
- Name string
Friendly name of the rule. Note that the provider assumes that rules with names matching this pattern,
^ShieldMitigationRuleGroup_<account-id>_<web-acl-guid>_.*, are AWS-added for automatic application layer DDoS mitigation activities. Such rules will be ignored by the provider unless you explicitly include them in your configuration (for example, by using the AWS CLI to discover their properties and creating matching configuration). However, since these rules are owned and managed by AWS, you may get permission errors.- Priority int
If you define more than one Rule in a WebACL, AWS WAF evaluates each request against the
rulesin order based on the value ofpriority. AWS WAF processes rules with lower priority first.- Statement
Pulumi.
Aws. Waf V2. Inputs. Web Acl Rule Statement The AWS WAF processing statement for the rule, for example
byte_match_statementorgeo_match_statement. Seestatementbelow for details.- Visibility
Config Pulumi.Aws. Waf V2. Inputs. Web Acl Rule Visibility Config Defines and enables Amazon CloudWatch metrics and web request sample collection. See
visibility_configbelow for details.- Action
Pulumi.
Aws. Waf V2. Inputs. Web Acl Rule Action Action that AWS WAF should take on a web request when it matches the rule's statement. This is used only for rules whose statements do not reference a rule group. See
actionfor details.- Captcha
Config Pulumi.Aws. Waf V2. Inputs. Web Acl Rule Captcha Config Specifies how AWS WAF should handle CAPTCHA evaluations. See
captcha_configbelow for details.- Override
Action Pulumi.Aws. Waf V2. Inputs. Web Acl Rule Override Action Override action to apply to the rules in a rule group. Used only for rule statements that reference a rule group, like
rule_group_reference_statementandmanaged_rule_group_statement. Seeoverride_actionbelow for details.- Rule
Labels List<Pulumi.Aws. Waf V2. Inputs. Web Acl Rule Rule Label> Labels to apply to web requests that match the rule match statement. See
rule_labelbelow for details.
- Name string
Friendly name of the rule. Note that the provider assumes that rules with names matching this pattern,
^ShieldMitigationRuleGroup_<account-id>_<web-acl-guid>_.*, are AWS-added for automatic application layer DDoS mitigation activities. Such rules will be ignored by the provider unless you explicitly include them in your configuration (for example, by using the AWS CLI to discover their properties and creating matching configuration). However, since these rules are owned and managed by AWS, you may get permission errors.- Priority int
If you define more than one Rule in a WebACL, AWS WAF evaluates each request against the
rulesin order based on the value ofpriority. AWS WAF processes rules with lower priority first.- Statement
Web
Acl Rule Statement The AWS WAF processing statement for the rule, for example
byte_match_statementorgeo_match_statement. Seestatementbelow for details.- Visibility
Config WebAcl Rule Visibility Config Defines and enables Amazon CloudWatch metrics and web request sample collection. See
visibility_configbelow for details.- Action
Web
Acl Rule Action Action that AWS WAF should take on a web request when it matches the rule's statement. This is used only for rules whose statements do not reference a rule group. See
actionfor details.- Captcha
Config WebAcl Rule Captcha Config Specifies how AWS WAF should handle CAPTCHA evaluations. See
captcha_configbelow for details.- Override
Action WebAcl Rule Override Action Override action to apply to the rules in a rule group. Used only for rule statements that reference a rule group, like
rule_group_reference_statementandmanaged_rule_group_statement. Seeoverride_actionbelow for details.- Rule
Labels []WebAcl Rule Rule Label Labels to apply to web requests that match the rule match statement. See
rule_labelbelow for details.
- name String
Friendly name of the rule. Note that the provider assumes that rules with names matching this pattern,
^ShieldMitigationRuleGroup_<account-id>_<web-acl-guid>_.*, are AWS-added for automatic application layer DDoS mitigation activities. Such rules will be ignored by the provider unless you explicitly include them in your configuration (for example, by using the AWS CLI to discover their properties and creating matching configuration). However, since these rules are owned and managed by AWS, you may get permission errors.- priority Integer
If you define more than one Rule in a WebACL, AWS WAF evaluates each request against the
rulesin order based on the value ofpriority. AWS WAF processes rules with lower priority first.- statement
Web
Acl Rule Statement The AWS WAF processing statement for the rule, for example
byte_match_statementorgeo_match_statement. Seestatementbelow for details.- visibility
Config WebAcl Rule Visibility Config Defines and enables Amazon CloudWatch metrics and web request sample collection. See
visibility_configbelow for details.- action
Web
Acl Rule Action Action that AWS WAF should take on a web request when it matches the rule's statement. This is used only for rules whose statements do not reference a rule group. See
actionfor details.- captcha
Config WebAcl Rule Captcha Config Specifies how AWS WAF should handle CAPTCHA evaluations. See
captcha_configbelow for details.- override
Action WebAcl Rule Override Action Override action to apply to the rules in a rule group. Used only for rule statements that reference a rule group, like
rule_group_reference_statementandmanaged_rule_group_statement. Seeoverride_actionbelow for details.- rule
Labels List<WebAcl Rule Rule Label> Labels to apply to web requests that match the rule match statement. See
rule_labelbelow for details.
- name string
Friendly name of the rule. Note that the provider assumes that rules with names matching this pattern,
^ShieldMitigationRuleGroup_<account-id>_<web-acl-guid>_.*, are AWS-added for automatic application layer DDoS mitigation activities. Such rules will be ignored by the provider unless you explicitly include them in your configuration (for example, by using the AWS CLI to discover their properties and creating matching configuration). However, since these rules are owned and managed by AWS, you may get permission errors.- priority number
If you define more than one Rule in a WebACL, AWS WAF evaluates each request against the
rulesin order based on the value ofpriority. AWS WAF processes rules with lower priority first.- statement
Web
Acl Rule Statement The AWS WAF processing statement for the rule, for example
byte_match_statementorgeo_match_statement. Seestatementbelow for details.- visibility
Config WebAcl Rule Visibility Config Defines and enables Amazon CloudWatch metrics and web request sample collection. See
visibility_configbelow for details.- action
Web
Acl Rule Action Action that AWS WAF should take on a web request when it matches the rule's statement. This is used only for rules whose statements do not reference a rule group. See
actionfor details.- captcha
Config WebAcl Rule Captcha Config Specifies how AWS WAF should handle CAPTCHA evaluations. See
captcha_configbelow for details.- override
Action WebAcl Rule Override Action Override action to apply to the rules in a rule group. Used only for rule statements that reference a rule group, like
rule_group_reference_statementandmanaged_rule_group_statement. Seeoverride_actionbelow for details.- rule
Labels WebAcl Rule Rule Label[] Labels to apply to web requests that match the rule match statement. See
rule_labelbelow for details.
- name str
Friendly name of the rule. Note that the provider assumes that rules with names matching this pattern,
^ShieldMitigationRuleGroup_<account-id>_<web-acl-guid>_.*, are AWS-added for automatic application layer DDoS mitigation activities. Such rules will be ignored by the provider unless you explicitly include them in your configuration (for example, by using the AWS CLI to discover their properties and creating matching configuration). However, since these rules are owned and managed by AWS, you may get permission errors.- priority int
If you define more than one Rule in a WebACL, AWS WAF evaluates each request against the
rulesin order based on the value ofpriority. AWS WAF processes rules with lower priority first.- statement
Web
Acl Rule Statement The AWS WAF processing statement for the rule, for example
byte_match_statementorgeo_match_statement. Seestatementbelow for details.- visibility_
config WebAcl Rule Visibility Config Defines and enables Amazon CloudWatch metrics and web request sample collection. See
visibility_configbelow for details.- action
Web
Acl Rule Action Action that AWS WAF should take on a web request when it matches the rule's statement. This is used only for rules whose statements do not reference a rule group. See
actionfor details.- captcha_
config WebAcl Rule Captcha Config Specifies how AWS WAF should handle CAPTCHA evaluations. See
captcha_configbelow for details.- override_
action WebAcl Rule Override Action Override action to apply to the rules in a rule group. Used only for rule statements that reference a rule group, like
rule_group_reference_statementandmanaged_rule_group_statement. Seeoverride_actionbelow for details.- rule_
labels Sequence[WebAcl Rule Rule Label] Labels to apply to web requests that match the rule match statement. See
rule_labelbelow for details.
- name String
Friendly name of the rule. Note that the provider assumes that rules with names matching this pattern,
^ShieldMitigationRuleGroup_<account-id>_<web-acl-guid>_.*, are AWS-added for automatic application layer DDoS mitigation activities. Such rules will be ignored by the provider unless you explicitly include them in your configuration (for example, by using the AWS CLI to discover their properties and creating matching configuration). However, since these rules are owned and managed by AWS, you may get permission errors.- priority Number
If you define more than one Rule in a WebACL, AWS WAF evaluates each request against the
rulesin order based on the value ofpriority. AWS WAF processes rules with lower priority first.- statement Property Map
The AWS WAF processing statement for the rule, for example
byte_match_statementorgeo_match_statement. Seestatementbelow for details.- visibility
Config Property Map Defines and enables Amazon CloudWatch metrics and web request sample collection. See
visibility_configbelow for details.- action Property Map
Action that AWS WAF should take on a web request when it matches the rule's statement. This is used only for rules whose statements do not reference a rule group. See
actionfor details.- captcha
Config Property Map Specifies how AWS WAF should handle CAPTCHA evaluations. See
captcha_configbelow for details.- override
Action Property Map Override action to apply to the rules in a rule group. Used only for rule statements that reference a rule group, like
rule_group_reference_statementandmanaged_rule_group_statement. Seeoverride_actionbelow for details.- rule
Labels List<Property Map> Labels to apply to web requests that match the rule match statement. See
rule_labelbelow for details.
WebAclRuleAction, WebAclRuleActionArgs
- Allow
Pulumi.
Aws. Waf V2. Inputs. Web Acl Rule Action Allow Instructs AWS WAF to allow the web request. See
allowbelow for details.- Block
Pulumi.
Aws. Waf V2. Inputs. Web Acl Rule Action Block Instructs AWS WAF to block the web request. See
blockbelow for details.- Captcha
Pulumi.
Aws. Waf V2. Inputs. Web Acl Rule Action Captcha Instructs AWS WAF to run a Captcha check against the web request. See
captchabelow for details.- Challenge
Pulumi.
Aws. Waf V2. Inputs. Web Acl Rule Action Challenge Instructs AWS WAF to run a check against the request to verify that the request is coming from a legitimate client session. See
challengebelow for details.- Count
Pulumi.
Aws. Waf V2. Inputs. Web Acl Rule Action Count Instructs AWS WAF to count the web request and allow it. See
countbelow for details.
- Allow
Web
Acl Rule Action Allow Instructs AWS WAF to allow the web request. See
allowbelow for details.- Block
Web
Acl Rule Action Block Instructs AWS WAF to block the web request. See
blockbelow for details.- Captcha
Web
Acl Rule Action Captcha Instructs AWS WAF to run a Captcha check against the web request. See
captchabelow for details.- Challenge
Web
Acl Rule Action Challenge Instructs AWS WAF to run a check against the request to verify that the request is coming from a legitimate client session. See
challengebelow for details.- Count
Web
Acl Rule Action Count Instructs AWS WAF to count the web request and allow it. See
countbelow for details.
- allow
Web
Acl Rule Action Allow Instructs AWS WAF to allow the web request. See
allowbelow for details.- block
Web
Acl Rule Action Block Instructs AWS WAF to block the web request. See
blockbelow for details.- captcha
Web
Acl Rule Action Captcha Instructs AWS WAF to run a Captcha check against the web request. See
captchabelow for details.- challenge
Web
Acl Rule Action Challenge Instructs AWS WAF to run a check against the request to verify that the request is coming from a legitimate client session. See
challengebelow for details.- count
Web
Acl Rule Action Count Instructs AWS WAF to count the web request and allow it. See
countbelow for details.
- allow
Web
Acl Rule Action Allow Instructs AWS WAF to allow the web request. See
allowbelow for details.- block
Web
Acl Rule Action Block Instructs AWS WAF to block the web request. See
blockbelow for details.- captcha
Web
Acl Rule Action Captcha Instructs AWS WAF to run a Captcha check against the web request. See
captchabelow for details.- challenge
Web
Acl Rule Action Challenge Instructs AWS WAF to run a check against the request to verify that the request is coming from a legitimate client session. See
challengebelow for details.- count
Web
Acl Rule Action Count Instructs AWS WAF to count the web request and allow it. See
countbelow for details.
- allow
Web
Acl Rule Action Allow Instructs AWS WAF to allow the web request. See
allowbelow for details.- block
Web
Acl Rule Action Block Instructs AWS WAF to block the web request. See
blockbelow for details.- captcha
Web
Acl Rule Action Captcha Instructs AWS WAF to run a Captcha check against the web request. See
captchabelow for details.- challenge
Web
Acl Rule Action Challenge Instructs AWS WAF to run a check against the request to verify that the request is coming from a legitimate client session. See
challengebelow for details.- count
Web
Acl Rule Action Count Instructs AWS WAF to count the web request and allow it. See
countbelow for details.
- allow Property Map
Instructs AWS WAF to allow the web request. See
allowbelow for details.- block Property Map
Instructs AWS WAF to block the web request. See
blockbelow for details.- captcha Property Map
Instructs AWS WAF to run a Captcha check against the web request. See
captchabelow for details.- challenge Property Map
Instructs AWS WAF to run a check against the request to verify that the request is coming from a legitimate client session. See
challengebelow for details.- count Property Map
Instructs AWS WAF to count the web request and allow it. See
countbelow for details.
WebAclRuleActionAllow, WebAclRuleActionAllowArgs
- Custom
Request Pulumi.Handling Aws. Waf V2. Inputs. Web Acl Rule Action Allow Custom Request Handling Defines custom handling for the web request. See
custom_request_handlingbelow for details.
- Custom
Request WebHandling Acl Rule Action Allow Custom Request Handling Defines custom handling for the web request. See
custom_request_handlingbelow for details.
- custom
Request WebHandling Acl Rule Action Allow Custom Request Handling Defines custom handling for the web request. See
custom_request_handlingbelow for details.
- custom
Request WebHandling Acl Rule Action Allow Custom Request Handling Defines custom handling for the web request. See
custom_request_handlingbelow for details.
- custom_
request_ Webhandling Acl Rule Action Allow Custom Request Handling Defines custom handling for the web request. See
custom_request_handlingbelow for details.
- custom
Request Property MapHandling Defines custom handling for the web request. See
custom_request_handlingbelow for details.
WebAclRuleActionAllowCustomRequestHandling, WebAclRuleActionAllowCustomRequestHandlingArgs
- Insert
Headers List<Pulumi.Aws. Waf V2. Inputs. Web Acl Rule Action Allow Custom Request Handling Insert Header> The
insert_headerblocks used to define HTTP headers added to the request. Seeinsert_headerbelow for details.
- Insert
Headers []WebAcl Rule Action Allow Custom Request Handling Insert Header The
insert_headerblocks used to define HTTP headers added to the request. Seeinsert_headerbelow for details.
- insert
Headers List<WebAcl Rule Action Allow Custom Request Handling Insert Header> The
insert_headerblocks used to define HTTP headers added to the request. Seeinsert_headerbelow for details.
- insert
Headers WebAcl Rule Action Allow Custom Request Handling Insert Header[] The
insert_headerblocks used to define HTTP headers added to the request. Seeinsert_headerbelow for details.
- insert_
headers Sequence[WebAcl Rule Action Allow Custom Request Handling Insert Header] The
insert_headerblocks used to define HTTP headers added to the request. Seeinsert_headerbelow for details.
- insert
Headers List<Property Map> The
insert_headerblocks used to define HTTP headers added to the request. Seeinsert_headerbelow for details.
WebAclRuleActionAllowCustomRequestHandlingInsertHeader, WebAclRuleActionAllowCustomRequestHandlingInsertHeaderArgs
- Name string
Name of the custom header. For custom request header insertion, when AWS WAF inserts the header into the request, it prefixes this name
x-amzn-waf-, to avoid confusion with the headers that are already in the request. For example, for the header namesample, AWS WAF inserts the headerx-amzn-waf-sample.- Value string
Value of the custom header.
- Name string
Name of the custom header. For custom request header insertion, when AWS WAF inserts the header into the request, it prefixes this name
x-amzn-waf-, to avoid confusion with the headers that are already in the request. For example, for the header namesample, AWS WAF inserts the headerx-amzn-waf-sample.- Value string
Value of the custom header.
- name String
Name of the custom header. For custom request header insertion, when AWS WAF inserts the header into the request, it prefixes this name
x-amzn-waf-, to avoid confusion with the headers that are already in the request. For example, for the header namesample, AWS WAF inserts the headerx-amzn-waf-sample.- value String
Value of the custom header.
- name string
Name of the custom header. For custom request header insertion, when AWS WAF inserts the header into the request, it prefixes this name
x-amzn-waf-, to avoid confusion with the headers that are already in the request. For example, for the header namesample, AWS WAF inserts the headerx-amzn-waf-sample.- value string
Value of the custom header.
- name str
Name of the custom header. For custom request header insertion, when AWS WAF inserts the header into the request, it prefixes this name
x-amzn-waf-, to avoid confusion with the headers that are already in the request. For example, for the header namesample, AWS WAF inserts the headerx-amzn-waf-sample.- value str
Value of the custom header.
- name String
Name of the custom header. For custom request header insertion, when AWS WAF inserts the header into the request, it prefixes this name
x-amzn-waf-, to avoid confusion with the headers that are already in the request. For example, for the header namesample, AWS WAF inserts the headerx-amzn-waf-sample.- value String
Value of the custom header.
WebAclRuleActionBlock, WebAclRuleActionBlockArgs
- Custom
Response Pulumi.Aws. Waf V2. Inputs. Web Acl Rule Action Block Custom Response Defines a custom response for the web request. See
custom_responsebelow for details.
- Custom
Response WebAcl Rule Action Block Custom Response Defines a custom response for the web request. See
custom_responsebelow for details.
- custom
Response WebAcl Rule Action Block Custom Response Defines a custom response for the web request. See
custom_responsebelow for details.
- custom
Response WebAcl Rule Action Block Custom Response Defines a custom response for the web request. See
custom_responsebelow for details.
- custom_
response WebAcl Rule Action Block Custom Response Defines a custom response for the web request. See
custom_responsebelow for details.
- custom
Response Property Map Defines a custom response for the web request. See
custom_responsebelow for details.
WebAclRuleActionBlockCustomResponse, WebAclRuleActionBlockCustomResponseArgs
- Response
Code int The HTTP status code to return to the client.
- Custom
Response stringBody Key References the response body that you want AWS WAF to return to the web request client. This must reference a
keydefined in acustom_response_bodyblock of this resource.- Response
Headers List<Pulumi.Aws. Waf V2. Inputs. Web Acl Rule Action Block Custom Response Response Header> The
response_headerblocks used to define the HTTP response headers added to the response. Seeresponse_headerbelow for details.
- Response
Code int The HTTP status code to return to the client.
- Custom
Response stringBody Key References the response body that you want AWS WAF to return to the web request client. This must reference a
keydefined in acustom_response_bodyblock of this resource.- Response
Headers []WebAcl Rule Action Block Custom Response Response Header The
response_headerblocks used to define the HTTP response headers added to the response. Seeresponse_headerbelow for details.
- response
Code Integer The HTTP status code to return to the client.
- custom
Response StringBody Key References the response body that you want AWS WAF to return to the web request client. This must reference a
keydefined in acustom_response_bodyblock of this resource.- response
Headers List<WebAcl Rule Action Block Custom Response Response Header> The
response_headerblocks used to define the HTTP response headers added to the response. Seeresponse_headerbelow for details.
- response
Code number The HTTP status code to return to the client.
- custom
Response stringBody Key References the response body that you want AWS WAF to return to the web request client. This must reference a
keydefined in acustom_response_bodyblock of this resource.- response
Headers WebAcl Rule Action Block Custom Response Response Header[] The
response_headerblocks used to define the HTTP response headers added to the response. Seeresponse_headerbelow for details.
- response_
code int The HTTP status code to return to the client.
- custom_
response_ strbody_ key References the response body that you want AWS WAF to return to the web request client. This must reference a
keydefined in acustom_response_bodyblock of this resource.- response_
headers Sequence[WebAcl Rule Action Block Custom Response Response Header] The
response_headerblocks used to define the HTTP response headers added to the response. Seeresponse_headerbelow for details.
- response
Code Number The HTTP status code to return to the client.
- custom
Response StringBody Key References the response body that you want AWS WAF to return to the web request client. This must reference a
keydefined in acustom_response_bodyblock of this resource.- response
Headers List<Property Map> The
response_headerblocks used to define the HTTP response headers added to the response. Seeresponse_headerbelow for details.
WebAclRuleActionBlockCustomResponseResponseHeader, WebAclRuleActionBlockCustomResponseResponseHeaderArgs
- Name string
Name of the custom header. For custom request header insertion, when AWS WAF inserts the header into the request, it prefixes this name
x-amzn-waf-, to avoid confusion with the headers that are already in the request. For example, for the header namesample, AWS WAF inserts the headerx-amzn-waf-sample.- Value string
Value of the custom header.
- Name string
Name of the custom header. For custom request header insertion, when AWS WAF inserts the header into the request, it prefixes this name
x-amzn-waf-, to avoid confusion with the headers that are already in the request. For example, for the header namesample, AWS WAF inserts the headerx-amzn-waf-sample.- Value string
Value of the custom header.
- name String
Name of the custom header. For custom request header insertion, when AWS WAF inserts the header into the request, it prefixes this name
x-amzn-waf-, to avoid confusion with the headers that are already in the request. For example, for the header namesample, AWS WAF inserts the headerx-amzn-waf-sample.- value String
Value of the custom header.
- name string
Name of the custom header. For custom request header insertion, when AWS WAF inserts the header into the request, it prefixes this name
x-amzn-waf-, to avoid confusion with the headers that are already in the request. For example, for the header namesample, AWS WAF inserts the headerx-amzn-waf-sample.- value string
Value of the custom header.
- name str
Name of the custom header. For custom request header insertion, when AWS WAF inserts the header into the request, it prefixes this name
x-amzn-waf-, to avoid confusion with the headers that are already in the request. For example, for the header namesample, AWS WAF inserts the headerx-amzn-waf-sample.- value str
Value of the custom header.
- name String
Name of the custom header. For custom request header insertion, when AWS WAF inserts the header into the request, it prefixes this name
x-amzn-waf-, to avoid confusion with the headers that are already in the request. For example, for the header namesample, AWS WAF inserts the headerx-amzn-waf-sample.- value String
Value of the custom header.
WebAclRuleActionCaptcha, WebAclRuleActionCaptchaArgs
- Custom
Request Pulumi.Handling Aws. Waf V2. Inputs. Web Acl Rule Action Captcha Custom Request Handling Defines custom handling for the web request. See
custom_request_handlingbelow for details.
- Custom
Request WebHandling Acl Rule Action Captcha Custom Request Handling Defines custom handling for the web request. See
custom_request_handlingbelow for details.
- custom
Request WebHandling Acl Rule Action Captcha Custom Request Handling Defines custom handling for the web request. See
custom_request_handlingbelow for details.
- custom
Request WebHandling Acl Rule Action Captcha Custom Request Handling Defines custom handling for the web request. See
custom_request_handlingbelow for details.
- custom_
request_ Webhandling Acl Rule Action Captcha Custom Request Handling Defines custom handling for the web request. See
custom_request_handlingbelow for details.
- custom
Request Property MapHandling Defines custom handling for the web request. See
custom_request_handlingbelow for details.
WebAclRuleActionCaptchaCustomRequestHandling, WebAclRuleActionCaptchaCustomRequestHandlingArgs
- Insert
Headers List<Pulumi.Aws. Waf V2. Inputs. Web Acl Rule Action Captcha Custom Request Handling Insert Header> The
insert_headerblocks used to define HTTP headers added to the request. Seeinsert_headerbelow for details.
- Insert
Headers []WebAcl Rule Action Captcha Custom Request Handling Insert Header The
insert_headerblocks used to define HTTP headers added to the request. Seeinsert_headerbelow for details.
- insert
Headers List<WebAcl Rule Action Captcha Custom Request Handling Insert Header> The
insert_headerblocks used to define HTTP headers added to the request. Seeinsert_headerbelow for details.
- insert
Headers WebAcl Rule Action Captcha Custom Request Handling Insert Header[] The
insert_headerblocks used to define HTTP headers added to the request. Seeinsert_headerbelow for details.
- insert_
headers Sequence[WebAcl Rule Action Captcha Custom Request Handling Insert Header] The
insert_headerblocks used to define HTTP headers added to the request. Seeinsert_headerbelow for details.
- insert
Headers List<Property Map> The
insert_headerblocks used to define HTTP headers added to the request. Seeinsert_headerbelow for details.
WebAclRuleActionCaptchaCustomRequestHandlingInsertHeader, WebAclRuleActionCaptchaCustomRequestHandlingInsertHeaderArgs
- Name string
Name of the custom header. For custom request header insertion, when AWS WAF inserts the header into the request, it prefixes this name
x-amzn-waf-, to avoid confusion with the headers that are already in the request. For example, for the header namesample, AWS WAF inserts the headerx-amzn-waf-sample.- Value string
Value of the custom header.
- Name string
Name of the custom header. For custom request header insertion, when AWS WAF inserts the header into the request, it prefixes this name
x-amzn-waf-, to avoid confusion with the headers that are already in the request. For example, for the header namesample, AWS WAF inserts the headerx-amzn-waf-sample.- Value string
Value of the custom header.
- name String
Name of the custom header. For custom request header insertion, when AWS WAF inserts the header into the request, it prefixes this name
x-amzn-waf-, to avoid confusion with the headers that are already in the request. For example, for the header namesample, AWS WAF inserts the headerx-amzn-waf-sample.- value String
Value of the custom header.
- name string
Name of the custom header. For custom request header insertion, when AWS WAF inserts the header into the request, it prefixes this name
x-amzn-waf-, to avoid confusion with the headers that are already in the request. For example, for the header namesample, AWS WAF inserts the headerx-amzn-waf-sample.- value string
Value of the custom header.
- name str
Name of the custom header. For custom request header insertion, when AWS WAF inserts the header into the request, it prefixes this name
x-amzn-waf-, to avoid confusion with the headers that are already in the request. For example, for the header namesample, AWS WAF inserts the headerx-amzn-waf-sample.- value str
Value of the custom header.
- name String
Name of the custom header. For custom request header insertion, when AWS WAF inserts the header into the request, it prefixes this name
x-amzn-waf-, to avoid confusion with the headers that are already in the request. For example, for the header namesample, AWS WAF inserts the headerx-amzn-waf-sample.- value String
Value of the custom header.
WebAclRuleActionChallenge, WebAclRuleActionChallengeArgs
- Custom
Request Pulumi.Handling Aws. Waf V2. Inputs. Web Acl Rule Action Challenge Custom Request Handling Defines custom handling for the web request. See
custom_request_handlingbelow for details.
- Custom
Request WebHandling Acl Rule Action Challenge Custom Request Handling Defines custom handling for the web request. See
custom_request_handlingbelow for details.
- custom
Request WebHandling Acl Rule Action Challenge Custom Request Handling Defines custom handling for the web request. See
custom_request_handlingbelow for details.
- custom
Request WebHandling Acl Rule Action Challenge Custom Request Handling Defines custom handling for the web request. See
custom_request_handlingbelow for details.
- custom_
request_ Webhandling Acl Rule Action Challenge Custom Request Handling Defines custom handling for the web request. See
custom_request_handlingbelow for details.
- custom
Request Property MapHandling Defines custom handling for the web request. See
custom_request_handlingbelow for details.
WebAclRuleActionChallengeCustomRequestHandling, WebAclRuleActionChallengeCustomRequestHandlingArgs
- Insert
Headers List<Pulumi.Aws. Waf V2. Inputs. Web Acl Rule Action Challenge Custom Request Handling Insert Header> The
insert_headerblocks used to define HTTP headers added to the request. Seeinsert_headerbelow for details.
- Insert
Headers []WebAcl Rule Action Challenge Custom Request Handling Insert Header The
insert_headerblocks used to define HTTP headers added to the request. Seeinsert_headerbelow for details.
- insert
Headers List<WebAcl Rule Action Challenge Custom Request Handling Insert Header> The
insert_headerblocks used to define HTTP headers added to the request. Seeinsert_headerbelow for details.
- insert
Headers WebAcl Rule Action Challenge Custom Request Handling Insert Header[] The
insert_headerblocks used to define HTTP headers added to the request. Seeinsert_headerbelow for details.
- insert_
headers Sequence[WebAcl Rule Action Challenge Custom Request Handling Insert Header] The
insert_headerblocks used to define HTTP headers added to the request. Seeinsert_headerbelow for details.
- insert
Headers List<Property Map> The
insert_headerblocks used to define HTTP headers added to the request. Seeinsert_headerbelow for details.
WebAclRuleActionChallengeCustomRequestHandlingInsertHeader, WebAclRuleActionChallengeCustomRequestHandlingInsertHeaderArgs
- Name string
Name of the custom header. For custom request header insertion, when AWS WAF inserts the header into the request, it prefixes this name
x-amzn-waf-, to avoid confusion with the headers that are already in the request. For example, for the header namesample, AWS WAF inserts the headerx-amzn-waf-sample.- Value string
Value of the custom header.
- Name string
Name of the custom header. For custom request header insertion, when AWS WAF inserts the header into the request, it prefixes this name
x-amzn-waf-, to avoid confusion with the headers that are already in the request. For example, for the header namesample, AWS WAF inserts the headerx-amzn-waf-sample.- Value string
Value of the custom header.
- name String
Name of the custom header. For custom request header insertion, when AWS WAF inserts the header into the request, it prefixes this name
x-amzn-waf-, to avoid confusion with the headers that are already in the request. For example, for the header namesample, AWS WAF inserts the headerx-amzn-waf-sample.- value String
Value of the custom header.
- name string
Name of the custom header. For custom request header insertion, when AWS WAF inserts the header into the request, it prefixes this name
x-amzn-waf-, to avoid confusion with the headers that are already in the request. For example, for the header namesample, AWS WAF inserts the headerx-amzn-waf-sample.- value string
Value of the custom header.
- name str
Name of the custom header. For custom request header insertion, when AWS WAF inserts the header into the request, it prefixes this name
x-amzn-waf-, to avoid confusion with the headers that are already in the request. For example, for the header namesample, AWS WAF inserts the headerx-amzn-waf-sample.- value str
Value of the custom header.
- name String
Name of the custom header. For custom request header insertion, when AWS WAF inserts the header into the request, it prefixes this name
x-amzn-waf-, to avoid confusion with the headers that are already in the request. For example, for the header namesample, AWS WAF inserts the headerx-amzn-waf-sample.- value String
Value of the custom header.
WebAclRuleActionCount, WebAclRuleActionCountArgs
- Custom
Request Pulumi.Handling Aws. Waf V2. Inputs. Web Acl Rule Action Count Custom Request Handling Defines custom handling for the web request. See
custom_request_handlingbelow for details.
- Custom
Request WebHandling Acl Rule Action Count Custom Request Handling Defines custom handling for the web request. See
custom_request_handlingbelow for details.
- custom
Request WebHandling Acl Rule Action Count Custom Request Handling Defines custom handling for the web request. See
custom_request_handlingbelow for details.
- custom
Request WebHandling Acl Rule Action Count Custom Request Handling Defines custom handling for the web request. See
custom_request_handlingbelow for details.
- custom_
request_ Webhandling Acl Rule Action Count Custom Request Handling Defines custom handling for the web request. See
custom_request_handlingbelow for details.
- custom
Request Property MapHandling Defines custom handling for the web request. See
custom_request_handlingbelow for details.
WebAclRuleActionCountCustomRequestHandling, WebAclRuleActionCountCustomRequestHandlingArgs
- Insert
Headers List<Pulumi.Aws. Waf V2. Inputs. Web Acl Rule Action Count Custom Request Handling Insert Header> The
insert_headerblocks used to define HTTP headers added to the request. Seeinsert_headerbelow for details.
- Insert
Headers []WebAcl Rule Action Count Custom Request Handling Insert Header The
insert_headerblocks used to define HTTP headers added to the request. Seeinsert_headerbelow for details.
- insert
Headers List<WebAcl Rule Action Count Custom Request Handling Insert Header> The
insert_headerblocks used to define HTTP headers added to the request. Seeinsert_headerbelow for details.
- insert
Headers WebAcl Rule Action Count Custom Request Handling Insert Header[] The
insert_headerblocks used to define HTTP headers added to the request. Seeinsert_headerbelow for details.
- insert_
headers Sequence[WebAcl Rule Action Count Custom Request Handling Insert Header] The
insert_headerblocks used to define HTTP headers added to the request. Seeinsert_headerbelow for details.
- insert
Headers List<Property Map> The
insert_headerblocks used to define HTTP headers added to the request. Seeinsert_headerbelow for details.
WebAclRuleActionCountCustomRequestHandlingInsertHeader, WebAclRuleActionCountCustomRequestHandlingInsertHeaderArgs
- Name string
Name of the custom header. For custom request header insertion, when AWS WAF inserts the header into the request, it prefixes this name
x-amzn-waf-, to avoid confusion with the headers that are already in the request. For example, for the header namesample, AWS WAF inserts the headerx-amzn-waf-sample.- Value string
Value of the custom header.
- Name string
Name of the custom header. For custom request header insertion, when AWS WAF inserts the header into the request, it prefixes this name
x-amzn-waf-, to avoid confusion with the headers that are already in the request. For example, for the header namesample, AWS WAF inserts the headerx-amzn-waf-sample.- Value string
Value of the custom header.
- name String
Name of the custom header. For custom request header insertion, when AWS WAF inserts the header into the request, it prefixes this name
x-amzn-waf-, to avoid confusion with the headers that are already in the request. For example, for the header namesample, AWS WAF inserts the headerx-amzn-waf-sample.- value String
Value of the custom header.
- name string
Name of the custom header. For custom request header insertion, when AWS WAF inserts the header into the request, it prefixes this name
x-amzn-waf-, to avoid confusion with the headers that are already in the request. For example, for the header namesample, AWS WAF inserts the headerx-amzn-waf-sample.- value string
Value of the custom header.
- name str
Name of the custom header. For custom request header insertion, when AWS WAF inserts the header into the request, it prefixes this name
x-amzn-waf-, to avoid confusion with the headers that are already in the request. For example, for the header namesample, AWS WAF inserts the headerx-amzn-waf-sample.- value str
Value of the custom header.
- name String
Name of the custom header. For custom request header insertion, when AWS WAF inserts the header into the request, it prefixes this name
x-amzn-waf-, to avoid confusion with the headers that are already in the request. For example, for the header namesample, AWS WAF inserts the headerx-amzn-waf-sample.- value String
Value of the custom header.
WebAclRuleCaptchaConfig, WebAclRuleCaptchaConfigArgs
- Immunity
Time Pulumi.Property Aws. Waf V2. Inputs. Web Acl Rule Captcha Config Immunity Time Property Defines custom immunity time. See
immunity_time_propertybelow for details.
- Immunity
Time WebProperty Acl Rule Captcha Config Immunity Time Property Defines custom immunity time. See
immunity_time_propertybelow for details.
- immunity
Time WebProperty Acl Rule Captcha Config Immunity Time Property Defines custom immunity time. See
immunity_time_propertybelow for details.
- immunity
Time WebProperty Acl Rule Captcha Config Immunity Time Property Defines custom immunity time. See
immunity_time_propertybelow for details.
- immunity_
time_ Webproperty Acl Rule Captcha Config Immunity Time Property Defines custom immunity time. See
immunity_time_propertybelow for details.
- immunity
Time Property MapProperty Defines custom immunity time. See
immunity_time_propertybelow for details.
WebAclRuleCaptchaConfigImmunityTimeProperty, WebAclRuleCaptchaConfigImmunityTimePropertyArgs
- Immunity
Time int The amount of time, in seconds, that a CAPTCHA or challenge timestamp is considered valid by AWS WAF. The default setting is 300.
- Immunity
Time int The amount of time, in seconds, that a CAPTCHA or challenge timestamp is considered valid by AWS WAF. The default setting is 300.
- immunity
Time Integer The amount of time, in seconds, that a CAPTCHA or challenge timestamp is considered valid by AWS WAF. The default setting is 300.
- immunity
Time number The amount of time, in seconds, that a CAPTCHA or challenge timestamp is considered valid by AWS WAF. The default setting is 300.
- immunity_
time int The amount of time, in seconds, that a CAPTCHA or challenge timestamp is considered valid by AWS WAF. The default setting is 300.
- immunity
Time Number The amount of time, in seconds, that a CAPTCHA or challenge timestamp is considered valid by AWS WAF. The default setting is 300.
WebAclRuleOverrideAction, WebAclRuleOverrideActionArgs
- Count
Pulumi.
Aws. Waf V2. Inputs. Web Acl Rule Override Action Count Override the rule action setting to count (i.e., only count matches). Configured as an empty block
{}.- None
Pulumi.
Aws. Waf V2. Inputs. Web Acl Rule Override Action None Don't override the rule action setting. Configured as an empty block
{}.
- Count
Web
Acl Rule Override Action Count Override the rule action setting to count (i.e., only count matches). Configured as an empty block
{}.- None
Web
Acl Rule Override Action None Don't override the rule action setting. Configured as an empty block
{}.
- count
Web
Acl Rule Override Action Count Override the rule action setting to count (i.e., only count matches). Configured as an empty block
{}.- none
Web
Acl Rule Override Action None Don't override the rule action setting. Configured as an empty block
{}.
- count
Web
Acl Rule Override Action Count Override the rule action setting to count (i.e., only count matches). Configured as an empty block
{}.- none
Web
Acl Rule Override Action None Don't override the rule action setting. Configured as an empty block
{}.
- count
Web
Acl Rule Override Action Count Override the rule action setting to count (i.e., only count matches). Configured as an empty block
{}.- none
Web
Acl Rule Override Action None Don't override the rule action setting. Configured as an empty block
{}.
- count Property Map
Override the rule action setting to count (i.e., only count matches). Configured as an empty block
{}.- none Property Map
Don't override the rule action setting. Configured as an empty block
{}.
WebAclRuleRuleLabel, WebAclRuleRuleLabelArgs
- Name string
Label string.
- Name string
Label string.
- name String
Label string.
- name string
Label string.
- name str
Label string.
- name String
Label string.
WebAclRuleStatement, WebAclRuleStatementArgs
- And
Statement Pulumi.Aws. Waf V2. Inputs. Web Acl Rule Statement And Statement Logical rule statement used to combine other rule statements with AND logic. See
and_statementbelow for details.- Byte
Match Pulumi.Statement Aws. Waf V2. Inputs. Web Acl Rule Statement Byte Match Statement Rule statement that defines a string match search for AWS WAF to apply to web requests. See
byte_match_statementbelow for details.- Geo
Match Pulumi.Statement Aws. Waf V2. Inputs. Web Acl Rule Statement Geo Match Statement Rule statement used to identify web requests based on country of origin. See
geo_match_statementbelow for details.- Ip
Set Pulumi.Reference Statement Aws. Waf V2. Inputs. Web Acl Rule Statement Ip Set Reference Statement Rule statement used to detect web requests coming from particular IP addresses or address ranges. See
ip_set_reference_statementbelow for details.- Label
Match Pulumi.Statement Aws. Waf V2. Inputs. Web Acl Rule Statement Label Match Statement Rule statement that defines a string match search against labels that have been added to the web request by rules that have already run in the web ACL. See
label_match_statementbelow for details.- Managed
Rule Pulumi.Group Statement Aws. Waf V2. Inputs. Web Acl Rule Statement Managed Rule Group Statement Rule statement used to run the rules that are defined in a managed rule group. This statement can not be nested. See
managed_rule_group_statementbelow for details.- Not
Statement Pulumi.Aws. Waf V2. Inputs. Web Acl Rule Statement Not Statement Logical rule statement used to negate the results of another rule statement. See
not_statementbelow for details.- Or
Statement Pulumi.Aws. Waf V2. Inputs. Web Acl Rule Statement Or Statement Logical rule statement used to combine other rule statements with OR logic. See
or_statementbelow for details.- Rate
Based Pulumi.Statement Aws. Waf V2. Inputs. Web Acl Rule Statement Rate Based Statement Rate-based rule tracks the rate of requests for each originating
IP address, and triggers the rule action when the rate exceeds a limit that you specify on the number of requests in any5-minutetime span. This statement can not be nested. Seerate_based_statementbelow for details.- Regex
Match Pulumi.Statement Aws. Waf V2. Inputs. Web Acl Rule Statement Regex Match Statement Rule statement used to search web request components for a match against a single regular expression. See
regex_match_statementbelow for details.- Regex
Pattern Pulumi.Set Reference Statement Aws. Waf V2. Inputs. Web Acl Rule Statement Regex Pattern Set Reference Statement Rule statement used to search web request components for matches with regular expressions. See
regex_pattern_set_reference_statementbelow for details.- Rule
Group Pulumi.Reference Statement Aws. Waf V2. Inputs. Web Acl Rule Statement Rule Group Reference Statement Rule statement used to run the rules that are defined in an WAFv2 Rule Group. See
rule_group_reference_statementbelow for details.- Size
Constraint Pulumi.Statement Aws. Waf V2. Inputs. Web Acl Rule Statement Size Constraint Statement Rule statement that compares a number of bytes against the size of a request component, using a comparison operator, such as greater than (>) or less than (<). See
size_constraint_statementbelow for more details.- Sqli
Match Pulumi.Statement Aws. Waf V2. Inputs. Web Acl Rule Statement Sqli Match Statement An SQL injection match condition identifies the part of web requests, such as the URI or the query string, that you want AWS WAF to inspect. See
sqli_match_statementbelow for details.- Xss
Match Pulumi.Statement Aws. Waf V2. Inputs. Web Acl Rule Statement Xss Match Statement Rule statement that defines a cross-site scripting (XSS) match search for AWS WAF to apply to web requests. See
xss_match_statementbelow for details.
- And
Statement WebAcl Rule Statement And Statement Logical rule statement used to combine other rule statements with AND logic. See
and_statementbelow for details.- Byte
Match WebStatement Acl Rule Statement Byte Match Statement Rule statement that defines a string match search for AWS WAF to apply to web requests. See
byte_match_statementbelow for details.- Geo
Match WebStatement Acl Rule Statement Geo Match Statement Rule statement used to identify web requests based on country of origin. See
geo_match_statementbelow for details.- Ip
Set WebReference Statement Acl Rule Statement Ip Set Reference Statement Rule statement used to detect web requests coming from particular IP addresses or address ranges. See
ip_set_reference_statementbelow for details.- Label
Match WebStatement Acl Rule Statement Label Match Statement Rule statement that defines a string match search against labels that have been added to the web request by rules that have already run in the web ACL. See
label_match_statementbelow for details.- Managed
Rule WebGroup Statement Acl Rule Statement Managed Rule Group Statement Rule statement used to run the rules that are defined in a managed rule group. This statement can not be nested. See
managed_rule_group_statementbelow for details.- Not
Statement WebAcl Rule Statement Not Statement Logical rule statement used to negate the results of another rule statement. See
not_statementbelow for details.- Or
Statement WebAcl Rule Statement Or Statement Logical rule statement used to combine other rule statements with OR logic. See
or_statementbelow for details.- Rate
Based WebStatement Acl Rule Statement Rate Based Statement Rate-based rule tracks the rate of requests for each originating
IP address, and triggers the rule action when the rate exceeds a limit that you specify on the number of requests in any5-minutetime span. This statement can not be nested. Seerate_based_statementbelow for details.- Regex
Match WebStatement Acl Rule Statement Regex Match Statement Rule statement used to search web request components for a match against a single regular expression. See
regex_match_statementbelow for details.- Regex
Pattern WebSet Reference Statement Acl Rule Statement Regex Pattern Set Reference Statement Rule statement used to search web request components for matches with regular expressions. See
regex_pattern_set_reference_statementbelow for details.- Rule
Group WebReference Statement Acl Rule Statement Rule Group Reference Statement Rule statement used to run the rules that are defined in an WAFv2 Rule Group. See
rule_group_reference_statementbelow for details.- Size
Constraint WebStatement Acl Rule Statement Size Constraint Statement Rule statement that compares a number of bytes against the size of a request component, using a comparison operator, such as greater than (>) or less than (<). See
size_constraint_statementbelow for more details.- Sqli
Match WebStatement Acl Rule Statement Sqli Match Statement An SQL injection match condition identifies the part of web requests, such as the URI or the query string, that you want AWS WAF to inspect. See
sqli_match_statementbelow for details.- Xss
Match WebStatement Acl Rule Statement Xss Match Statement Rule statement that defines a cross-site scripting (XSS) match search for AWS WAF to apply to web requests. See
xss_match_statementbelow for details.
- and
Statement WebAcl Rule Statement And Statement Logical rule statement used to combine other rule statements with AND logic. See
and_statementbelow for details.- byte
Match WebStatement Acl Rule Statement Byte Match Statement Rule statement that defines a string match search for AWS WAF to apply to web requests. See
byte_match_statementbelow for details.- geo
Match WebStatement Acl Rule Statement Geo Match Statement Rule statement used to identify web requests based on country of origin. See
geo_match_statementbelow for details.- ip
Set WebReference Statement Acl Rule Statement Ip Set Reference Statement Rule statement used to detect web requests coming from particular IP addresses or address ranges. See
ip_set_reference_statementbelow for details.- label
Match WebStatement Acl Rule Statement Label Match Statement Rule statement that defines a string match search against labels that have been added to the web request by rules that have already run in the web ACL. See
label_match_statementbelow for details.- managed
Rule WebGroup Statement Acl Rule Statement Managed Rule Group Statement Rule statement used to run the rules that are defined in a managed rule group. This statement can not be nested. See
managed_rule_group_statementbelow for details.- not
Statement WebAcl Rule Statement Not Statement Logical rule statement used to negate the results of another rule statement. See
not_statementbelow for details.- or
Statement WebAcl Rule Statement Or Statement Logical rule statement used to combine other rule statements with OR logic. See
or_statementbelow for details.- rate
Based WebStatement Acl Rule Statement Rate Based Statement Rate-based rule tracks the rate of requests for each originating
IP address, and triggers the rule action when the rate exceeds a limit that you specify on the number of requests in any5-minutetime span. This statement can not be nested. Seerate_based_statementbelow for details.- regex
Match WebStatement Acl Rule Statement Regex Match Statement Rule statement used to search web request components for a match against a single regular expression. See
regex_match_statementbelow for details.- regex
Pattern WebSet Reference Statement Acl Rule Statement Regex Pattern Set Reference Statement Rule statement used to search web request components for matches with regular expressions. See
regex_pattern_set_reference_statementbelow for details.- rule
Group WebReference Statement Acl Rule Statement Rule Group Reference Statement Rule statement used to run the rules that are defined in an WAFv2 Rule Group. See
rule_group_reference_statementbelow for details.- size
Constraint WebStatement Acl Rule Statement Size Constraint Statement Rule statement that compares a number of bytes against the size of a request component, using a comparison operator, such as greater than (>) or less than (<). See
size_constraint_statementbelow for more details.- sqli
Match WebStatement Acl Rule Statement Sqli Match Statement An SQL injection match condition identifies the part of web requests, such as the URI or the query string, that you want AWS WAF to inspect. See
sqli_match_statementbelow for details.- xss
Match WebStatement Acl Rule Statement Xss Match Statement Rule statement that defines a cross-site scripting (XSS) match search for AWS WAF to apply to web requests. See
xss_match_statementbelow for details.
- and
Statement WebAcl Rule Statement And Statement Logical rule statement used to combine other rule statements with AND logic. See
and_statementbelow for details.- byte
Match WebStatement Acl Rule Statement Byte Match Statement Rule statement that defines a string match search for AWS WAF to apply to web requests. See
byte_match_statementbelow for details.- geo
Match WebStatement Acl Rule Statement Geo Match Statement Rule statement used to identify web requests based on country of origin. See
geo_match_statementbelow for details.- ip
Set WebReference Statement Acl Rule Statement Ip Set Reference Statement Rule statement used to detect web requests coming from particular IP addresses or address ranges. See
ip_set_reference_statementbelow for details.- label
Match WebStatement Acl Rule Statement Label Match Statement Rule statement that defines a string match search against labels that have been added to the web request by rules that have already run in the web ACL. See
label_match_statementbelow for details.- managed
Rule WebGroup Statement Acl Rule Statement Managed Rule Group Statement Rule statement used to run the rules that are defined in a managed rule group. This statement can not be nested. See
managed_rule_group_statementbelow for details.- not
Statement WebAcl Rule Statement Not Statement Logical rule statement used to negate the results of another rule statement. See
not_statementbelow for details.- or
Statement WebAcl Rule Statement Or Statement Logical rule statement used to combine other rule statements with OR logic. See
or_statementbelow for details.- rate
Based WebStatement Acl Rule Statement Rate Based Statement Rate-based rule tracks the rate of requests for each originating
IP address, and triggers the rule action when the rate exceeds a limit that you specify on the number of requests in any5-minutetime span. This statement can not be nested. Seerate_based_statementbelow for details.- regex
Match WebStatement Acl Rule Statement Regex Match Statement Rule statement used to search web request components for a match against a single regular expression. See
regex_match_statementbelow for details.- regex
Pattern WebSet Reference Statement Acl Rule Statement Regex Pattern Set Reference Statement Rule statement used to search web request components for matches with regular expressions. See
regex_pattern_set_reference_statementbelow for details.- rule
Group WebReference Statement Acl Rule Statement Rule Group Reference Statement Rule statement used to run the rules that are defined in an WAFv2 Rule Group. See
rule_group_reference_statementbelow for details.- size
Constraint WebStatement Acl Rule Statement Size Constraint Statement Rule statement that compares a number of bytes against the size of a request component, using a comparison operator, such as greater than (>) or less than (<). See
size_constraint_statementbelow for more details.- sqli
Match WebStatement Acl Rule Statement Sqli Match Statement An SQL injection match condition identifies the part of web requests, such as the URI or the query string, that you want AWS WAF to inspect. See
sqli_match_statementbelow for details.- xss
Match WebStatement Acl Rule Statement Xss Match Statement Rule statement that defines a cross-site scripting (XSS) match search for AWS WAF to apply to web requests. See
xss_match_statementbelow for details.
- and_
statement WebAcl Rule Statement And Statement Logical rule statement used to combine other rule statements with AND logic. See
and_statementbelow for details.- byte_
match_ Webstatement Acl Rule Statement Byte Match Statement Rule statement that defines a string match search for AWS WAF to apply to web requests. See
byte_match_statementbelow for details.- geo_
match_ Webstatement Acl Rule Statement Geo Match Statement Rule statement used to identify web requests based on country of origin. See
geo_match_statementbelow for details.- ip_
set_ Webreference_ statement Acl Rule Statement Ip Set Reference Statement Rule statement used to detect web requests coming from particular IP addresses or address ranges. See
ip_set_reference_statementbelow for details.- label_
match_ Webstatement Acl Rule Statement Label Match Statement Rule statement that defines a string match search against labels that have been added to the web request by rules that have already run in the web ACL. See
label_match_statementbelow for details.- managed_
rule_ Webgroup_ statement Acl Rule Statement Managed Rule Group Statement Rule statement used to run the rules that are defined in a managed rule group. This statement can not be nested. See
managed_rule_group_statementbelow for details.- not_
statement WebAcl Rule Statement Not Statement Logical rule statement used to negate the results of another rule statement. See
not_statementbelow for details.- or_
statement WebAcl Rule Statement Or Statement Logical rule statement used to combine other rule statements with OR logic. See
or_statementbelow for details.- rate_
based_ Webstatement Acl Rule Statement Rate Based Statement Rate-based rule tracks the rate of requests for each originating
IP address, and triggers the rule action when the rate exceeds a limit that you specify on the number of requests in any5-minutetime span. This statement can not be nested. Seerate_based_statementbelow for details.- regex_
match_ Webstatement Acl Rule Statement Regex Match Statement Rule statement used to search web request components for a match against a single regular expression. See
regex_match_statementbelow for details.- regex_
pattern_ Webset_ reference_ statement Acl Rule Statement Regex Pattern Set Reference Statement Rule statement used to search web request components for matches with regular expressions. See
regex_pattern_set_reference_statementbelow for details.- rule_
group_ Webreference_ statement Acl Rule Statement Rule Group Reference Statement Rule statement used to run the rules that are defined in an WAFv2 Rule Group. See
rule_group_reference_statementbelow for details.- size_
constraint_ Webstatement Acl Rule Statement Size Constraint Statement Rule statement that compares a number of bytes against the size of a request component, using a comparison operator, such as greater than (>) or less than (<). See
size_constraint_statementbelow for more details.- sqli_
match_ Webstatement Acl Rule Statement Sqli Match Statement An SQL injection match condition identifies the part of web requests, such as the URI or the query string, that you want AWS WAF to inspect. See
sqli_match_statementbelow for details.- xss_
match_ Webstatement Acl Rule Statement Xss Match Statement Rule statement that defines a cross-site scripting (XSS) match search for AWS WAF to apply to web requests. See
xss_match_statementbelow for details.
- and
Statement Property Map Logical rule statement used to combine other rule statements with AND logic. See
and_statementbelow for details.- byte
Match Property MapStatement Rule statement that defines a string match search for AWS WAF to apply to web requests. See
byte_match_statementbelow for details.- geo
Match Property MapStatement Rule statement used to identify web requests based on country of origin. See
geo_match_statementbelow for details.- ip
Set Property MapReference Statement Rule statement used to detect web requests coming from particular IP addresses or address ranges. See
ip_set_reference_statementbelow for details.- label
Match Property MapStatement Rule statement that defines a string match search against labels that have been added to the web request by rules that have already run in the web ACL. See
label_match_statementbelow for details.- managed
Rule Property MapGroup Statement Rule statement used to run the rules that are defined in a managed rule group. This statement can not be nested. See
managed_rule_group_statementbelow for details.- not
Statement Property Map Logical rule statement used to negate the results of another rule statement. See
not_statementbelow for details.- or
Statement Property Map Logical rule statement used to combine other rule statements with OR logic. See
or_statementbelow for details.- rate
Based Property MapStatement Rate-based rule tracks the rate of requests for each originating
IP address, and triggers the rule action when the rate exceeds a limit that you specify on the number of requests in any5-minutetime span. This statement can not be nested. Seerate_based_statementbelow for details.- regex
Match Property MapStatement Rule statement used to search web request components for a match against a single regular expression. See
regex_match_statementbelow for details.- regex
Pattern Property MapSet Reference Statement Rule statement used to search web request components for matches with regular expressions. See
regex_pattern_set_reference_statementbelow for details.- rule
Group Property MapReference Statement Rule statement used to run the rules that are defined in an WAFv2 Rule Group. See
rule_group_reference_statementbelow for details.- size
Constraint Property MapStatement Rule statement that compares a number of bytes against the size of a request component, using a comparison operator, such as greater than (>) or less than (<). See
size_constraint_statementbelow for more details.- sqli
Match Property MapStatement An SQL injection match condition identifies the part of web requests, such as the URI or the query string, that you want AWS WAF to inspect. See
sqli_match_statementbelow for details.- xss
Match Property MapStatement Rule statement that defines a cross-site scripting (XSS) match search for AWS WAF to apply to web requests. See
xss_match_statementbelow for details.
WebAclRuleStatementAndStatement, WebAclRuleStatementAndStatementArgs
- Statements
List<Pulumi.
Aws. Waf V2. Inputs. Web Acl Rule Statement> The statements to combine.
- Statements
[]Web
Acl Rule Statement The statements to combine.
- statements
List<Web
Acl Rule Statement> The statements to combine.
- statements
Web
Acl Rule Statement[] The statements to combine.
- statements
Sequence[Web
Acl Rule Statement] The statements to combine.
- statements List<Property Map>
The statements to combine.
WebAclRuleStatementByteMatchStatement, WebAclRuleStatementByteMatchStatementArgs
- Positional
Constraint string Area within the portion of a web request that you want AWS WAF to search for
search_string. Valid values include the following:EXACTLY,STARTS_WITH,ENDS_WITH,CONTAINS,CONTAINS_WORD. See the AWS documentation for more information.- Search
String string String value that you want AWS WAF to search for. AWS WAF searches only in the part of web requests that you designate for inspection in
field_to_match. The maximum length of the value is 50 bytes.- Text
Transformations List<Pulumi.Aws. Waf V2. Inputs. Web Acl Rule Statement Byte Match Statement Text Transformation> Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. At least one transformation is required. See
text_transformationbelow for details.- Field
To Pulumi.Match Aws. Waf V2. Inputs. Web Acl Rule Statement Byte Match Statement Field To Match Part of a web request that you want AWS WAF to inspect. See
field_to_matchbelow for details.
- Positional
Constraint string Area within the portion of a web request that you want AWS WAF to search for
search_string. Valid values include the following:EXACTLY,STARTS_WITH,ENDS_WITH,CONTAINS,CONTAINS_WORD. See the AWS documentation for more information.- Search
String string String value that you want AWS WAF to search for. AWS WAF searches only in the part of web requests that you designate for inspection in
field_to_match. The maximum length of the value is 50 bytes.- Text
Transformations []WebAcl Rule Statement Byte Match Statement Text Transformation Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. At least one transformation is required. See
text_transformationbelow for details.- Field
To WebMatch Acl Rule Statement Byte Match Statement Field To Match Part of a web request that you want AWS WAF to inspect. See
field_to_matchbelow for details.
- positional
Constraint String Area within the portion of a web request that you want AWS WAF to search for
search_string. Valid values include the following:EXACTLY,STARTS_WITH,ENDS_WITH,CONTAINS,CONTAINS_WORD. See the AWS documentation for more information.- search
String String String value that you want AWS WAF to search for. AWS WAF searches only in the part of web requests that you designate for inspection in
field_to_match. The maximum length of the value is 50 bytes.- text
Transformations List<WebAcl Rule Statement Byte Match Statement Text Transformation> Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. At least one transformation is required. See
text_transformationbelow for details.- field
To WebMatch Acl Rule Statement Byte Match Statement Field To Match Part of a web request that you want AWS WAF to inspect. See
field_to_matchbelow for details.
- positional
Constraint string Area within the portion of a web request that you want AWS WAF to search for
search_string. Valid values include the following:EXACTLY,STARTS_WITH,ENDS_WITH,CONTAINS,CONTAINS_WORD. See the AWS documentation for more information.- search
String string String value that you want AWS WAF to search for. AWS WAF searches only in the part of web requests that you designate for inspection in
field_to_match. The maximum length of the value is 50 bytes.- text
Transformations WebAcl Rule Statement Byte Match Statement Text Transformation[] Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. At least one transformation is required. See
text_transformationbelow for details.- field
To WebMatch Acl Rule Statement Byte Match Statement Field To Match Part of a web request that you want AWS WAF to inspect. See
field_to_matchbelow for details.
- positional_
constraint str Area within the portion of a web request that you want AWS WAF to search for
search_string. Valid values include the following:EXACTLY,STARTS_WITH,ENDS_WITH,CONTAINS,CONTAINS_WORD. See the AWS documentation for more information.- search_
string str String value that you want AWS WAF to search for. AWS WAF searches only in the part of web requests that you designate for inspection in
field_to_match. The maximum length of the value is 50 bytes.- text_
transformations Sequence[WebAcl Rule Statement Byte Match Statement Text Transformation] Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. At least one transformation is required. See
text_transformationbelow for details.- field_
to_ Webmatch Acl Rule Statement Byte Match Statement Field To Match Part of a web request that you want AWS WAF to inspect. See
field_to_matchbelow for details.
- positional
Constraint String Area within the portion of a web request that you want AWS WAF to search for
search_string. Valid values include the following:EXACTLY,STARTS_WITH,ENDS_WITH,CONTAINS,CONTAINS_WORD. See the AWS documentation for more information.- search
String String String value that you want AWS WAF to search for. AWS WAF searches only in the part of web requests that you designate for inspection in
field_to_match. The maximum length of the value is 50 bytes.- text
Transformations List<Property Map> Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. At least one transformation is required. See
text_transformationbelow for details.- field
To Property MapMatch Part of a web request that you want AWS WAF to inspect. See
field_to_matchbelow for details.
WebAclRuleStatementByteMatchStatementFieldToMatch, WebAclRuleStatementByteMatchStatementFieldToMatchArgs
- All
Query Pulumi.Arguments Aws. Waf V2. Inputs. Web Acl Rule Statement Byte Match Statement Field To Match All Query Arguments Inspect all query arguments.
- Body
Pulumi.
Aws. Waf V2. Inputs. Web Acl Rule Statement Byte Match Statement Field To Match Body Inspect the request body, which immediately follows the request headers. See
bodybelow for details.-
Pulumi.
Aws. Waf V2. Inputs. Web Acl Rule Statement Byte Match Statement Field To Match Cookies Inspect the cookies in the web request. See
cookiesbelow for details.- Headers
List<Pulumi.
Aws. Waf V2. Inputs. Web Acl Rule Statement Byte Match Statement Field To Match Header> Inspect the request headers. See
headersbelow for details.- Json
Body Pulumi.Aws. Waf V2. Inputs. Web Acl Rule Statement Byte Match Statement Field To Match Json Body Inspect the request body as JSON. See
json_bodyfor details.- Method
Pulumi.
Aws. Waf V2. Inputs. Web Acl Rule Statement Byte Match Statement Field To Match Method Inspect the HTTP method. The method indicates the type of operation that the request is asking the origin to perform.
- Query
String Pulumi.Aws. Waf V2. Inputs. Web Acl Rule Statement Byte Match Statement Field To Match Query String Inspect the query string. This is the part of a URL that appears after a
?character, if any.- Single
Header Pulumi.Aws. Waf V2. Inputs. Web Acl Rule Statement Byte Match Statement Field To Match Single Header Inspect a single header. See
single_headerbelow for details.- Single
Query Pulumi.Argument Aws. Waf V2. Inputs. Web Acl Rule Statement Byte Match Statement Field To Match Single Query Argument Inspect a single query argument. See
single_query_argumentbelow for details.- Uri
Path Pulumi.Aws. Waf V2. Inputs. Web Acl Rule Statement Byte Match Statement Field To Match Uri Path Inspect the request URI path. This is the part of a web request that identifies a resource, for example,
/images/daily-ad.jpg.
- All
Query WebArguments Acl Rule Statement Byte Match Statement Field To Match All Query Arguments Inspect all query arguments.
- Body
Web
Acl Rule Statement Byte Match Statement Field To Match Body Inspect the request body, which immediately follows the request headers. See
bodybelow for details.-
Web
Acl Rule Statement Byte Match Statement Field To Match Cookies Inspect the cookies in the web request. See
cookiesbelow for details.- Headers
[]Web
Acl Rule Statement Byte Match Statement Field To Match Header Inspect the request headers. See
headersbelow for details.- Json
Body WebAcl Rule Statement Byte Match Statement Field To Match Json Body Inspect the request body as JSON. See
json_bodyfor details.- Method
Web
Acl Rule Statement Byte Match Statement Field To Match Method Inspect the HTTP method. The method indicates the type of operation that the request is asking the origin to perform.
- Query
String WebAcl Rule Statement Byte Match Statement Field To Match Query String Inspect the query string. This is the part of a URL that appears after a
?character, if any.- Single
Header WebAcl Rule Statement Byte Match Statement Field To Match Single Header Inspect a single header. See
single_headerbelow for details.- Single
Query WebArgument Acl Rule Statement Byte Match Statement Field To Match Single Query Argument Inspect a single query argument. See
single_query_argumentbelow for details.- Uri
Path WebAcl Rule Statement Byte Match Statement Field To Match Uri Path Inspect the request URI path. This is the part of a web request that identifies a resource, for example,
/images/daily-ad.jpg.
- all
Query WebArguments Acl Rule Statement Byte Match Statement Field To Match All Query Arguments Inspect all query arguments.
- body
Web
Acl Rule Statement Byte Match Statement Field To Match Body Inspect the request body, which immediately follows the request headers. See
bodybelow for details.-
Web
Acl Rule Statement Byte Match Statement Field To Match Cookies Inspect the cookies in the web request. See
cookiesbelow for details.- headers
List<Web
Acl Rule Statement Byte Match Statement Field To Match Header> Inspect the request headers. See
headersbelow for details.- json
Body WebAcl Rule Statement Byte Match Statement Field To Match Json Body Inspect the request body as JSON. See
json_bodyfor details.- method
Web
Acl Rule Statement Byte Match Statement Field To Match Method Inspect the HTTP method. The method indicates the type of operation that the request is asking the origin to perform.
- query
String WebAcl Rule Statement Byte Match Statement Field To Match Query String Inspect the query string. This is the part of a URL that appears after a
?character, if any.- single
Header WebAcl Rule Statement Byte Match Statement Field To Match Single Header Inspect a single header. See
single_headerbelow for details.- single
Query WebArgument Acl Rule Statement Byte Match Statement Field To Match Single Query Argument Inspect a single query argument. See
single_query_argumentbelow for details.- uri
Path WebAcl Rule Statement Byte Match Statement Field To Match Uri Path Inspect the request URI path. This is the part of a web request that identifies a resource, for example,
/images/daily-ad.jpg.
- all
Query WebArguments Acl Rule Statement Byte Match Statement Field To Match All Query Arguments Inspect all query arguments.
- body
Web
Acl Rule Statement Byte Match Statement Field To Match Body Inspect the request body, which immediately follows the request headers. See
bodybelow for details.-
Web
Acl Rule Statement Byte Match Statement Field To Match Cookies Inspect the cookies in the web request. See
cookiesbelow for details.- headers
Web
Acl Rule Statement Byte Match Statement Field To Match Header[] Inspect the request headers. See
headersbelow for details.- json
Body WebAcl Rule Statement Byte Match Statement Field To Match Json Body Inspect the request body as JSON. See
json_bodyfor details.- method
Web
Acl Rule Statement Byte Match Statement Field To Match Method Inspect the HTTP method. The method indicates the type of operation that the request is asking the origin to perform.
- query
String WebAcl Rule Statement Byte Match Statement Field To Match Query String Inspect the query string. This is the part of a URL that appears after a
?character, if any.- single
Header WebAcl Rule Statement Byte Match Statement Field To Match Single Header Inspect a single header. See
single_headerbelow for details.- single
Query WebArgument Acl Rule Statement Byte Match Statement Field To Match Single Query Argument Inspect a single query argument. See
single_query_argumentbelow for details.- uri
Path WebAcl Rule Statement Byte Match Statement Field To Match Uri Path Inspect the request URI path. This is the part of a web request that identifies a resource, for example,
/images/daily-ad.jpg.
- all_
query_ Webarguments Acl Rule Statement Byte Match Statement Field To Match All Query Arguments Inspect all query arguments.
- body
Web
Acl Rule Statement Byte Match Statement Field To Match Body Inspect the request body, which immediately follows the request headers. See
bodybelow for details.-
Web
Acl Rule Statement Byte Match Statement Field To Match Cookies Inspect the cookies in the web request. See
cookiesbelow for details.- headers
Sequence[Web
Acl Rule Statement Byte Match Statement Field To Match Header] Inspect the request headers. See
headersbelow for details.- json_
body WebAcl Rule Statement Byte Match Statement Field To Match Json Body Inspect the request body as JSON. See
json_bodyfor details.- method
Web
Acl Rule Statement Byte Match Statement Field To Match Method Inspect the HTTP method. The method indicates the type of operation that the request is asking the origin to perform.
- query_
string WebAcl Rule Statement Byte Match Statement Field To Match Query String Inspect the query string. This is the part of a URL that appears after a
?character, if any.- single_
header WebAcl Rule Statement Byte Match Statement Field To Match Single Header Inspect a single header. See
single_headerbelow for details.- single_
query_ Webargument Acl Rule Statement Byte Match Statement Field To Match Single Query Argument Inspect a single query argument. See
single_query_argumentbelow for details.- uri_
path WebAcl Rule Statement Byte Match Statement Field To Match Uri Path Inspect the request URI path. This is the part of a web request that identifies a resource, for example,
/images/daily-ad.jpg.
- all
Query Property MapArguments Inspect all query arguments.
- body Property Map
Inspect the request body, which immediately follows the request headers. See
bodybelow for details.- Property Map
Inspect the cookies in the web request. See
cookiesbelow for details.- headers List<Property Map>
Inspect the request headers. See
headersbelow for details.- json
Body Property Map Inspect the request body as JSON. See
json_bodyfor details.- method Property Map
Inspect the HTTP method. The method indicates the type of operation that the request is asking the origin to perform.
- query
String Property Map Inspect the query string. This is the part of a URL that appears after a
?character, if any.- single
Header Property Map Inspect a single header. See
single_headerbelow for details.- single
Query Property MapArgument Inspect a single query argument. See
single_query_argumentbelow for details.- uri
Path Property Map Inspect the request URI path. This is the part of a web request that identifies a resource, for example,
/images/daily-ad.jpg.
WebAclRuleStatementByteMatchStatementFieldToMatchBody, WebAclRuleStatementByteMatchStatementFieldToMatchBodyArgs
- Oversize
Handling string What WAF should do if the body is larger than WAF can inspect. WAF does not support inspecting the entire contents of the body of a web request when the body exceeds 8 KB (8192 bytes). Only the first 8 KB of the request body are forwarded to WAF by the underlying host service. Valid values:
CONTINUE,MATCH,NO_MATCH.
- Oversize
Handling string What WAF should do if the body is larger than WAF can inspect. WAF does not support inspecting the entire contents of the body of a web request when the body exceeds 8 KB (8192 bytes). Only the first 8 KB of the request body are forwarded to WAF by the underlying host service. Valid values:
CONTINUE,MATCH,NO_MATCH.
- oversize
Handling String What WAF should do if the body is larger than WAF can inspect. WAF does not support inspecting the entire contents of the body of a web request when the body exceeds 8 KB (8192 bytes). Only the first 8 KB of the request body are forwarded to WAF by the underlying host service. Valid values:
CONTINUE,MATCH,NO_MATCH.
- oversize
Handling string What WAF should do if the body is larger than WAF can inspect. WAF does not support inspecting the entire contents of the body of a web request when the body exceeds 8 KB (8192 bytes). Only the first 8 KB of the request body are forwarded to WAF by the underlying host service. Valid values:
CONTINUE,MATCH,NO_MATCH.
- oversize_
handling str What WAF should do if the body is larger than WAF can inspect. WAF does not support inspecting the entire contents of the body of a web request when the body exceeds 8 KB (8192 bytes). Only the first 8 KB of the request body are forwarded to WAF by the underlying host service. Valid values:
CONTINUE,MATCH,NO_MATCH.
- oversize
Handling String What WAF should do if the body is larger than WAF can inspect. WAF does not support inspecting the entire contents of the body of a web request when the body exceeds 8 KB (8192 bytes). Only the first 8 KB of the request body are forwarded to WAF by the underlying host service. Valid values:
CONTINUE,MATCH,NO_MATCH.
WebAclRuleStatementByteMatchStatementFieldToMatchCookies, WebAclRuleStatementByteMatchStatementFieldToMatchCookiesArgs
- Match
Patterns List<Pulumi.Aws. Waf V2. Inputs. Web Acl Rule Statement Byte Match Statement Field To Match Cookies Match Pattern> The filter to use to identify the subset of cookies to inspect in a web request. You must specify exactly one setting: either
all,included_cookiesorexcluded_cookies. More details: CookieMatchPattern- Match
Scope string The parts of the cookies to inspect with the rule inspection criteria. If you specify All, AWS WAF inspects both keys and values. Valid values:
ALL,KEY,VALUE- Oversize
Handling string What AWS WAF should do if the cookies of the request are larger than AWS WAF can inspect. AWS WAF does not support inspecting the entire contents of request cookies when they exceed 8 KB (8192 bytes) or 200 total cookies. The underlying host service forwards a maximum of 200 cookies and at most 8 KB of cookie contents to AWS WAF. Valid values:
CONTINUE,MATCH,NO_MATCH.
- Match
Patterns []WebAcl Rule Statement Byte Match Statement Field To Match Cookies Match Pattern The filter to use to identify the subset of cookies to inspect in a web request. You must specify exactly one setting: either
all,included_cookiesorexcluded_cookies. More details: CookieMatchPattern- Match
Scope string The parts of the cookies to inspect with the rule inspection criteria. If you specify All, AWS WAF inspects both keys and values. Valid values:
ALL,KEY,VALUE- Oversize
Handling string What AWS WAF should do if the cookies of the request are larger than AWS WAF can inspect. AWS WAF does not support inspecting the entire contents of request cookies when they exceed 8 KB (8192 bytes) or 200 total cookies. The underlying host service forwards a maximum of 200 cookies and at most 8 KB of cookie contents to AWS WAF. Valid values:
CONTINUE,MATCH,NO_MATCH.
- match
Patterns List<WebAcl Rule Statement Byte Match Statement Field To Match Cookies Match Pattern> The filter to use to identify the subset of cookies to inspect in a web request. You must specify exactly one setting: either
all,included_cookiesorexcluded_cookies. More details: CookieMatchPattern- match
Scope String The parts of the cookies to inspect with the rule inspection criteria. If you specify All, AWS WAF inspects both keys and values. Valid values:
ALL,KEY,VALUE- oversize
Handling String What AWS WAF should do if the cookies of the request are larger than AWS WAF can inspect. AWS WAF does not support inspecting the entire contents of request cookies when they exceed 8 KB (8192 bytes) or 200 total cookies. The underlying host service forwards a maximum of 200 cookies and at most 8 KB of cookie contents to AWS WAF. Valid values:
CONTINUE,MATCH,NO_MATCH.
- match
Patterns WebAcl Rule Statement Byte Match Statement Field To Match Cookies Match Pattern[] The filter to use to identify the subset of cookies to inspect in a web request. You must specify exactly one setting: either
all,included_cookiesorexcluded_cookies. More details: CookieMatchPattern- match
Scope string The parts of the cookies to inspect with the rule inspection criteria. If you specify All, AWS WAF inspects both keys and values. Valid values:
ALL,KEY,VALUE- oversize
Handling string What AWS WAF should do if the cookies of the request are larger than AWS WAF can inspect. AWS WAF does not support inspecting the entire contents of request cookies when they exceed 8 KB (8192 bytes) or 200 total cookies. The underlying host service forwards a maximum of 200 cookies and at most 8 KB of cookie contents to AWS WAF. Valid values:
CONTINUE,MATCH,NO_MATCH.
- match_
patterns Sequence[WebAcl Rule Statement Byte Match Statement Field To Match Cookies Match Pattern] The filter to use to identify the subset of cookies to inspect in a web request. You must specify exactly one setting: either
all,included_cookiesorexcluded_cookies. More details: CookieMatchPattern- match_
scope str The parts of the cookies to inspect with the rule inspection criteria. If you specify All, AWS WAF inspects both keys and values. Valid values:
ALL,KEY,VALUE- oversize_
handling str What AWS WAF should do if the cookies of the request are larger than AWS WAF can inspect. AWS WAF does not support inspecting the entire contents of request cookies when they exceed 8 KB (8192 bytes) or 200 total cookies. The underlying host service forwards a maximum of 200 cookies and at most 8 KB of cookie contents to AWS WAF. Valid values:
CONTINUE,MATCH,NO_MATCH.
- match
Patterns List<Property Map> The filter to use to identify the subset of cookies to inspect in a web request. You must specify exactly one setting: either
all,included_cookiesorexcluded_cookies. More details: CookieMatchPattern- match
Scope String The parts of the cookies to inspect with the rule inspection criteria. If you specify All, AWS WAF inspects both keys and values. Valid values:
ALL,KEY,VALUE- oversize
Handling String What AWS WAF should do if the cookies of the request are larger than AWS WAF can inspect. AWS WAF does not support inspecting the entire contents of request cookies when they exceed 8 KB (8192 bytes) or 200 total cookies. The underlying host service forwards a maximum of 200 cookies and at most 8 KB of cookie contents to AWS WAF. Valid values:
CONTINUE,MATCH,NO_MATCH.
WebAclRuleStatementByteMatchStatementFieldToMatchCookiesMatchPattern, WebAclRuleStatementByteMatchStatementFieldToMatchCookiesMatchPatternArgs
- All
Pulumi.
Aws. Waf V2. Inputs. Web Acl Rule Statement Byte Match Statement Field To Match Cookies Match Pattern All An empty configuration block that is used for inspecting all headers.
- List<string>
- List<string>
- All
Web
Acl Rule Statement Byte Match Statement Field To Match Cookies Match Pattern All An empty configuration block that is used for inspecting all headers.
- []string
- []string
- all
Web
Acl Rule Statement Byte Match Statement Field To Match Cookies Match Pattern All An empty configuration block that is used for inspecting all headers.
- List<String>
- List<String>
- all
Web
Acl Rule Statement Byte Match Statement Field To Match Cookies Match Pattern All An empty configuration block that is used for inspecting all headers.
- string[]
- string[]
- all
Web
Acl Rule Statement Byte Match Statement Field To Match Cookies Match Pattern All An empty configuration block that is used for inspecting all headers.
- Sequence[str]
- Sequence[str]
- all Property Map
An empty configuration block that is used for inspecting all headers.
- List<String>
- List<String>
WebAclRuleStatementByteMatchStatementFieldToMatchHeader, WebAclRuleStatementByteMatchStatementFieldToMatchHeaderArgs
- Match
Pattern Pulumi.Aws. Waf V2. Inputs. Web Acl Rule Statement Byte Match Statement Field To Match Header Match Pattern The filter to use to identify the subset of headers to inspect in a web request. The
match_patternblock supports only one of the following arguments:- Match
Scope string The parts of the headers to inspect with the rule inspection criteria. If you specify
All, AWS WAF inspects both keys and values. Valid values include the following:ALL,Key,Value.- Oversize
Handling string Oversize handling tells AWS WAF what to do with a web request when the request component that the rule inspects is over the limits. Valid values include the following:
CONTINUE,MATCH,NO_MATCH. See the AWS documentation for more information.
- Match
Pattern WebAcl Rule Statement Byte Match Statement Field To Match Header Match Pattern The filter to use to identify the subset of headers to inspect in a web request. The
match_patternblock supports only one of the following arguments:- Match
Scope string The parts of the headers to inspect with the rule inspection criteria. If you specify
All, AWS WAF inspects both keys and values. Valid values include the following:ALL,Key,Value.- Oversize
Handling string Oversize handling tells AWS WAF what to do with a web request when the request component that the rule inspects is over the limits. Valid values include the following:
CONTINUE,MATCH,NO_MATCH. See the AWS documentation for more information.
- match
Pattern WebAcl Rule Statement Byte Match Statement Field To Match Header Match Pattern The filter to use to identify the subset of headers to inspect in a web request. The
match_patternblock supports only one of the following arguments:- match
Scope String The parts of the headers to inspect with the rule inspection criteria. If you specify
All, AWS WAF inspects both keys and values. Valid values include the following:ALL,Key,Value.- oversize
Handling String Oversize handling tells AWS WAF what to do with a web request when the request component that the rule inspects is over the limits. Valid values include the following:
CONTINUE,MATCH,NO_MATCH. See the AWS documentation for more information.
- match
Pattern WebAcl Rule Statement Byte Match Statement Field To Match Header Match Pattern The filter to use to identify the subset of headers to inspect in a web request. The
match_patternblock supports only one of the following arguments:- match
Scope string The parts of the headers to inspect with the rule inspection criteria. If you specify
All, AWS WAF inspects both keys and values. Valid values include the following:ALL,Key,Value.- oversize
Handling string Oversize handling tells AWS WAF what to do with a web request when the request component that the rule inspects is over the limits. Valid values include the following:
CONTINUE,MATCH,NO_MATCH. See the AWS documentation for more information.
- match_
pattern WebAcl Rule Statement Byte Match Statement Field To Match Header Match Pattern The filter to use to identify the subset of headers to inspect in a web request. The
match_patternblock supports only one of the following arguments:- match_
scope str The parts of the headers to inspect with the rule inspection criteria. If you specify
All, AWS WAF inspects both keys and values. Valid values include the following:ALL,Key,Value.- oversize_
handling str Oversize handling tells AWS WAF what to do with a web request when the request component that the rule inspects is over the limits. Valid values include the following:
CONTINUE,MATCH,NO_MATCH. See the AWS documentation for more information.
- match
Pattern Property Map The filter to use to identify the subset of headers to inspect in a web request. The
match_patternblock supports only one of the following arguments:- match
Scope String The parts of the headers to inspect with the rule inspection criteria. If you specify
All, AWS WAF inspects both keys and values. Valid values include the following:ALL,Key,Value.- oversize
Handling String Oversize handling tells AWS WAF what to do with a web request when the request component that the rule inspects is over the limits. Valid values include the following:
CONTINUE,MATCH,NO_MATCH. See the AWS documentation for more information.
WebAclRuleStatementByteMatchStatementFieldToMatchHeaderMatchPattern, WebAclRuleStatementByteMatchStatementFieldToMatchHeaderMatchPatternArgs
- All
Pulumi.
Aws. Waf V2. Inputs. Web Acl Rule Statement Byte Match Statement Field To Match Header Match Pattern All An empty configuration block that is used for inspecting all headers.
- Excluded
Headers List<string> An array of strings that will be used for inspecting headers that do not have a key that matches one of the provided values.
- Included
Headers List<string> An array of strings that will be used for inspecting headers that have a key that matches one of the provided values.
- All
Web
Acl Rule Statement Byte Match Statement Field To Match Header Match Pattern All An empty configuration block that is used for inspecting all headers.
- Excluded
Headers []string An array of strings that will be used for inspecting headers that do not have a key that matches one of the provided values.
- Included
Headers []string An array of strings that will be used for inspecting headers that have a key that matches one of the provided values.
- all
Web
Acl Rule Statement Byte Match Statement Field To Match Header Match Pattern All An empty configuration block that is used for inspecting all headers.
- excluded
Headers List<String> An array of strings that will be used for inspecting headers that do not have a key that matches one of the provided values.
- included
Headers List<String> An array of strings that will be used for inspecting headers that have a key that matches one of the provided values.
- all
Web
Acl Rule Statement Byte Match Statement Field To Match Header Match Pattern All An empty configuration block that is used for inspecting all headers.
- excluded
Headers string[] An array of strings that will be used for inspecting headers that do not have a key that matches one of the provided values.
- included
Headers string[] An array of strings that will be used for inspecting headers that have a key that matches one of the provided values.
- all
Web
Acl Rule Statement Byte Match Statement Field To Match Header Match Pattern All An empty configuration block that is used for inspecting all headers.
- excluded_
headers Sequence[str] An array of strings that will be used for inspecting headers that do not have a key that matches one of the provided values.
- included_
headers Sequence[str] An array of strings that will be used for inspecting headers that have a key that matches one of the provided values.
- all Property Map
An empty configuration block that is used for inspecting all headers.
- excluded
Headers List<String> An array of strings that will be used for inspecting headers that do not have a key that matches one of the provided values.
- included
Headers List<String> An array of strings that will be used for inspecting headers that have a key that matches one of the provided values.
WebAclRuleStatementByteMatchStatementFieldToMatchJsonBody, WebAclRuleStatementByteMatchStatementFieldToMatchJsonBodyArgs
- Match
Pattern Pulumi.Aws. Waf V2. Inputs. Web Acl Rule Statement Byte Match Statement Field To Match Json Body Match Pattern The patterns to look for in the JSON body. You must specify exactly one setting: either
allorincluded_paths. See JsonMatchPattern for details.- Match
Scope string The parts of the JSON to match against using the
match_pattern. Valid values areALL,KEYandVALUE.- Invalid
Fallback stringBehavior What to do when JSON parsing fails. Defaults to evaluating up to the first parsing failure. Valid values are
EVALUATE_AS_STRING,MATCHandNO_MATCH.- Oversize
Handling string What to do if the body is larger than can be inspected. Valid values are
CONTINUE(default),MATCHandNO_MATCH.
- Match
Pattern WebAcl Rule Statement Byte Match Statement Field To Match Json Body Match Pattern The patterns to look for in the JSON body. You must specify exactly one setting: either
allorincluded_paths. See JsonMatchPattern for details.- Match
Scope string The parts of the JSON to match against using the
match_pattern. Valid values areALL,KEYandVALUE.- Invalid
Fallback stringBehavior What to do when JSON parsing fails. Defaults to evaluating up to the first parsing failure. Valid values are
EVALUATE_AS_STRING,MATCHandNO_MATCH.- Oversize
Handling string What to do if the body is larger than can be inspected. Valid values are
CONTINUE(default),MATCHandNO_MATCH.
- match
Pattern WebAcl Rule Statement Byte Match Statement Field To Match Json Body Match Pattern The patterns to look for in the JSON body. You must specify exactly one setting: either
allorincluded_paths. See JsonMatchPattern for details.- match
Scope String The parts of the JSON to match against using the
match_pattern. Valid values areALL,KEYandVALUE.- invalid
Fallback StringBehavior What to do when JSON parsing fails. Defaults to evaluating up to the first parsing failure. Valid values are
EVALUATE_AS_STRING,MATCHandNO_MATCH.- oversize
Handling String What to do if the body is larger than can be inspected. Valid values are
CONTINUE(default),MATCHandNO_MATCH.
- match
Pattern WebAcl Rule Statement Byte Match Statement Field To Match Json Body Match Pattern The patterns to look for in the JSON body. You must specify exactly one setting: either
allorincluded_paths. See JsonMatchPattern for details.- match
Scope string The parts of the JSON to match against using the
match_pattern. Valid values areALL,KEYandVALUE.- invalid
Fallback stringBehavior What to do when JSON parsing fails. Defaults to evaluating up to the first parsing failure. Valid values are
EVALUATE_AS_STRING,MATCHandNO_MATCH.- oversize
Handling string What to do if the body is larger than can be inspected. Valid values are
CONTINUE(default),MATCHandNO_MATCH.
- match_
pattern WebAcl Rule Statement Byte Match Statement Field To Match Json Body Match Pattern The patterns to look for in the JSON body. You must specify exactly one setting: either
allorincluded_paths. See JsonMatchPattern for details.- match_
scope str The parts of the JSON to match against using the
match_pattern. Valid values areALL,KEYandVALUE.- invalid_
fallback_ strbehavior What to do when JSON parsing fails. Defaults to evaluating up to the first parsing failure. Valid values are
EVALUATE_AS_STRING,MATCHandNO_MATCH.- oversize_
handling str What to do if the body is larger than can be inspected. Valid values are
CONTINUE(default),MATCHandNO_MATCH.
- match
Pattern Property Map The patterns to look for in the JSON body. You must specify exactly one setting: either
allorincluded_paths. See JsonMatchPattern for details.- match
Scope String The parts of the JSON to match against using the
match_pattern. Valid values areALL,KEYandVALUE.- invalid
Fallback StringBehavior What to do when JSON parsing fails. Defaults to evaluating up to the first parsing failure. Valid values are
EVALUATE_AS_STRING,MATCHandNO_MATCH.- oversize
Handling String What to do if the body is larger than can be inspected. Valid values are
CONTINUE(default),MATCHandNO_MATCH.
WebAclRuleStatementByteMatchStatementFieldToMatchJsonBodyMatchPattern, WebAclRuleStatementByteMatchStatementFieldToMatchJsonBodyMatchPatternArgs
- All
Pulumi.
Aws. Waf V2. Inputs. Web Acl Rule Statement Byte Match Statement Field To Match Json Body Match Pattern All An empty configuration block that is used for inspecting all headers.
- Included
Paths List<string>
- All
Web
Acl Rule Statement Byte Match Statement Field To Match Json Body Match Pattern All An empty configuration block that is used for inspecting all headers.
- Included
Paths []string
- all
Web
Acl Rule Statement Byte Match Statement Field To Match Json Body Match Pattern All An empty configuration block that is used for inspecting all headers.
- included
Paths List<String>
- all
Web
Acl Rule Statement Byte Match Statement Field To Match Json Body Match Pattern All An empty configuration block that is used for inspecting all headers.
- included
Paths string[]
- all
Web
Acl Rule Statement Byte Match Statement Field To Match Json Body Match Pattern All An empty configuration block that is used for inspecting all headers.
- included_
paths Sequence[str]
- all Property Map
An empty configuration block that is used for inspecting all headers.
- included
Paths List<String>
WebAclRuleStatementByteMatchStatementFieldToMatchSingleHeader, WebAclRuleStatementByteMatchStatementFieldToMatchSingleHeaderArgs
- Name string
Name of the query header to inspect. This setting must be provided as lower case characters.
- Name string
Name of the query header to inspect. This setting must be provided as lower case characters.
- name String
Name of the query header to inspect. This setting must be provided as lower case characters.
- name string
Name of the query header to inspect. This setting must be provided as lower case characters.
- name str
Name of the query header to inspect. This setting must be provided as lower case characters.
- name String
Name of the query header to inspect. This setting must be provided as lower case characters.
WebAclRuleStatementByteMatchStatementFieldToMatchSingleQueryArgument, WebAclRuleStatementByteMatchStatementFieldToMatchSingleQueryArgumentArgs
- Name string
Name of the query header to inspect. This setting must be provided as lower case characters.
- Name string
Name of the query header to inspect. This setting must be provided as lower case characters.
- name String
Name of the query header to inspect. This setting must be provided as lower case characters.
- name string
Name of the query header to inspect. This setting must be provided as lower case characters.
- name str
Name of the query header to inspect. This setting must be provided as lower case characters.
- name String
Name of the query header to inspect. This setting must be provided as lower case characters.
WebAclRuleStatementByteMatchStatementTextTransformation, WebAclRuleStatementByteMatchStatementTextTransformationArgs
- Priority int
Relative processing order for multiple transformations that are defined for a rule statement. AWS WAF processes all transformations, from lowest priority to highest, before inspecting the transformed content.
- Type string
Transformation to apply, please refer to the Text Transformation documentation for more details.
- Priority int
Relative processing order for multiple transformations that are defined for a rule statement. AWS WAF processes all transformations, from lowest priority to highest, before inspecting the transformed content.
- Type string
Transformation to apply, please refer to the Text Transformation documentation for more details.
- priority Integer
Relative processing order for multiple transformations that are defined for a rule statement. AWS WAF processes all transformations, from lowest priority to highest, before inspecting the transformed content.
- type String
Transformation to apply, please refer to the Text Transformation documentation for more details.
- priority number
Relative processing order for multiple transformations that are defined for a rule statement. AWS WAF processes all transformations, from lowest priority to highest, before inspecting the transformed content.
- type string
Transformation to apply, please refer to the Text Transformation documentation for more details.
- priority int
Relative processing order for multiple transformations that are defined for a rule statement. AWS WAF processes all transformations, from lowest priority to highest, before inspecting the transformed content.
- type str
Transformation to apply, please refer to the Text Transformation documentation for more details.
- priority Number
Relative processing order for multiple transformations that are defined for a rule statement. AWS WAF processes all transformations, from lowest priority to highest, before inspecting the transformed content.
- type String
Transformation to apply, please refer to the Text Transformation documentation for more details.
WebAclRuleStatementGeoMatchStatement, WebAclRuleStatementGeoMatchStatementArgs
- Country
Codes List<string> Array of two-character country codes, for example, [ "US", "CN" ], from the alpha-2 country ISO codes of the
ISO 3166international standard. See the documentation for valid values.- Forwarded
Ip Pulumi.Config Aws. Waf V2. Inputs. Web Acl Rule Statement Geo Match Statement Forwarded Ip Config Configuration for inspecting IP addresses in an HTTP header that you specify, instead of using the IP address that's reported by the web request origin. See
forwarded_ip_configbelow for details.
- Country
Codes []string Array of two-character country codes, for example, [ "US", "CN" ], from the alpha-2 country ISO codes of the
ISO 3166international standard. See the documentation for valid values.- Forwarded
Ip WebConfig Acl Rule Statement Geo Match Statement Forwarded Ip Config Configuration for inspecting IP addresses in an HTTP header that you specify, instead of using the IP address that's reported by the web request origin. See
forwarded_ip_configbelow for details.
- country
Codes List<String> Array of two-character country codes, for example, [ "US", "CN" ], from the alpha-2 country ISO codes of the
ISO 3166international standard. See the documentation for valid values.- forwarded
Ip WebConfig Acl Rule Statement Geo Match Statement Forwarded Ip Config Configuration for inspecting IP addresses in an HTTP header that you specify, instead of using the IP address that's reported by the web request origin. See
forwarded_ip_configbelow for details.
- country
Codes string[] Array of two-character country codes, for example, [ "US", "CN" ], from the alpha-2 country ISO codes of the
ISO 3166international standard. See the documentation for valid values.- forwarded
Ip WebConfig Acl Rule Statement Geo Match Statement Forwarded Ip Config Configuration for inspecting IP addresses in an HTTP header that you specify, instead of using the IP address that's reported by the web request origin. See
forwarded_ip_configbelow for details.
- country_
codes Sequence[str] Array of two-character country codes, for example, [ "US", "CN" ], from the alpha-2 country ISO codes of the
ISO 3166international standard. See the documentation for valid values.- forwarded_
ip_ Webconfig Acl Rule Statement Geo Match Statement Forwarded Ip Config Configuration for inspecting IP addresses in an HTTP header that you specify, instead of using the IP address that's reported by the web request origin. See
forwarded_ip_configbelow for details.
- country
Codes List<String> Array of two-character country codes, for example, [ "US", "CN" ], from the alpha-2 country ISO codes of the
ISO 3166international standard. See the documentation for valid values.- forwarded
Ip Property MapConfig Configuration for inspecting IP addresses in an HTTP header that you specify, instead of using the IP address that's reported by the web request origin. See
forwarded_ip_configbelow for details.
WebAclRuleStatementGeoMatchStatementForwardedIpConfig, WebAclRuleStatementGeoMatchStatementForwardedIpConfigArgs
- Fallback
Behavior string Match status to assign to the web request if the request doesn't have a valid IP address in the specified position. Valid values include:
MATCHorNO_MATCH.- Header
Name string Name of the HTTP header to use for the IP address.
- Fallback
Behavior string Match status to assign to the web request if the request doesn't have a valid IP address in the specified position. Valid values include:
MATCHorNO_MATCH.- Header
Name string Name of the HTTP header to use for the IP address.
- fallback
Behavior String Match status to assign to the web request if the request doesn't have a valid IP address in the specified position. Valid values include:
MATCHorNO_MATCH.- header
Name String Name of the HTTP header to use for the IP address.
- fallback
Behavior string Match status to assign to the web request if the request doesn't have a valid IP address in the specified position. Valid values include:
MATCHorNO_MATCH.- header
Name string Name of the HTTP header to use for the IP address.
- fallback_
behavior str Match status to assign to the web request if the request doesn't have a valid IP address in the specified position. Valid values include:
MATCHorNO_MATCH.- header_
name str Name of the HTTP header to use for the IP address.
- fallback
Behavior String Match status to assign to the web request if the request doesn't have a valid IP address in the specified position. Valid values include:
MATCHorNO_MATCH.- header
Name String Name of the HTTP header to use for the IP address.
WebAclRuleStatementIpSetReferenceStatement, WebAclRuleStatementIpSetReferenceStatementArgs
- Arn string
The Amazon Resource Name (ARN) of the IP Set that this statement references.
- Ip
Set Pulumi.Forwarded Ip Config Aws. Waf V2. Inputs. Web Acl Rule Statement Ip Set Reference Statement Ip Set Forwarded Ip Config Configuration for inspecting IP addresses in an HTTP header that you specify, instead of using the IP address that's reported by the web request origin. See
ip_set_forwarded_ip_configbelow for more details.
- Arn string
The Amazon Resource Name (ARN) of the IP Set that this statement references.
- Ip
Set WebForwarded Ip Config Acl Rule Statement Ip Set Reference Statement Ip Set Forwarded Ip Config Configuration for inspecting IP addresses in an HTTP header that you specify, instead of using the IP address that's reported by the web request origin. See
ip_set_forwarded_ip_configbelow for more details.
- arn String
The Amazon Resource Name (ARN) of the IP Set that this statement references.
- ip
Set WebForwarded Ip Config Acl Rule Statement Ip Set Reference Statement Ip Set Forwarded Ip Config Configuration for inspecting IP addresses in an HTTP header that you specify, instead of using the IP address that's reported by the web request origin. See
ip_set_forwarded_ip_configbelow for more details.
- arn string
The Amazon Resource Name (ARN) of the IP Set that this statement references.
- ip
Set WebForwarded Ip Config Acl Rule Statement Ip Set Reference Statement Ip Set Forwarded Ip Config Configuration for inspecting IP addresses in an HTTP header that you specify, instead of using the IP address that's reported by the web request origin. See
ip_set_forwarded_ip_configbelow for more details.
- arn str
The Amazon Resource Name (ARN) of the IP Set that this statement references.
- ip_
set_ Webforwarded_ ip_ config Acl Rule Statement Ip Set Reference Statement Ip Set Forwarded Ip Config Configuration for inspecting IP addresses in an HTTP header that you specify, instead of using the IP address that's reported by the web request origin. See
ip_set_forwarded_ip_configbelow for more details.
- arn String
The Amazon Resource Name (ARN) of the IP Set that this statement references.
- ip
Set Property MapForwarded Ip Config Configuration for inspecting IP addresses in an HTTP header that you specify, instead of using the IP address that's reported by the web request origin. See
ip_set_forwarded_ip_configbelow for more details.
WebAclRuleStatementIpSetReferenceStatementIpSetForwardedIpConfig, WebAclRuleStatementIpSetReferenceStatementIpSetForwardedIpConfigArgs
- Fallback
Behavior string Match status to assign to the web request if the request doesn't have a valid IP address in the specified position. Valid values include:
MATCHorNO_MATCH.- Header
Name string Name of the HTTP header to use for the IP address.
- Position string
Position in the header to search for the IP address. Valid values include:
FIRST,LAST, orANY. IfANYis specified and the header contains more than 10 IP addresses, AWS WAFv2 inspects the last 10.
- Fallback
Behavior string Match status to assign to the web request if the request doesn't have a valid IP address in the specified position. Valid values include:
MATCHorNO_MATCH.- Header
Name string Name of the HTTP header to use for the IP address.
- Position string
Position in the header to search for the IP address. Valid values include:
FIRST,LAST, orANY. IfANYis specified and the header contains more than 10 IP addresses, AWS WAFv2 inspects the last 10.
- fallback
Behavior String Match status to assign to the web request if the request doesn't have a valid IP address in the specified position. Valid values include:
MATCHorNO_MATCH.- header
Name String Name of the HTTP header to use for the IP address.
- position String
Position in the header to search for the IP address. Valid values include:
FIRST,LAST, orANY. IfANYis specified and the header contains more than 10 IP addresses, AWS WAFv2 inspects the last 10.
- fallback
Behavior string Match status to assign to the web request if the request doesn't have a valid IP address in the specified position. Valid values include:
MATCHorNO_MATCH.- header
Name string Name of the HTTP header to use for the IP address.
- position string
Position in the header to search for the IP address. Valid values include:
FIRST,LAST, orANY. IfANYis specified and the header contains more than 10 IP addresses, AWS WAFv2 inspects the last 10.
- fallback_
behavior str Match status to assign to the web request if the request doesn't have a valid IP address in the specified position. Valid values include:
MATCHorNO_MATCH.- header_
name str Name of the HTTP header to use for the IP address.
- position str
Position in the header to search for the IP address. Valid values include:
FIRST,LAST, orANY. IfANYis specified and the header contains more than 10 IP addresses, AWS WAFv2 inspects the last 10.
- fallback
Behavior String Match status to assign to the web request if the request doesn't have a valid IP address in the specified position. Valid values include:
MATCHorNO_MATCH.- header
Name String Name of the HTTP header to use for the IP address.
- position String
Position in the header to search for the IP address. Valid values include:
FIRST,LAST, orANY. IfANYis specified and the header contains more than 10 IP addresses, AWS WAFv2 inspects the last 10.
WebAclRuleStatementLabelMatchStatement, WebAclRuleStatementLabelMatchStatementArgs
WebAclRuleStatementManagedRuleGroupStatement, WebAclRuleStatementManagedRuleGroupStatementArgs
- Name string
Name of the managed rule group.
- Vendor
Name string Name of the managed rule group vendor.
- Managed
Rule List<Pulumi.Group Configs Aws. Waf V2. Inputs. Web Acl Rule Statement Managed Rule Group Statement Managed Rule Group Config> Additional information that's used by a managed rule group. Only one rule attribute is allowed in each config. See
managed_rule_group_configsfor more details- Rule
Action List<Pulumi.Overrides Aws. Waf V2. Inputs. Web Acl Rule Statement Managed Rule Group Statement Rule Action Override> Action settings to use in the place of the rule actions that are configured inside the rule group. You specify one override for each rule whose action you want to change. See
rule_action_overridebelow for details.- Scope
Down Pulumi.Statement Aws. Waf V2. Inputs. Web Acl Rule Statement Managed Rule Group Statement Scope Down Statement Narrows the scope of the statement to matching web requests. This can be any nestable statement, and you can nest statements at any level below this scope-down statement. See
statementabove for details.- Version string
Version of the managed rule group. You can set
Version_1.0orVersion_1.1etc. If you want to use the default version, do not set anything.
- Name string
Name of the managed rule group.
- Vendor
Name string Name of the managed rule group vendor.
- Managed
Rule []WebGroup Configs Acl Rule Statement Managed Rule Group Statement Managed Rule Group Config Additional information that's used by a managed rule group. Only one rule attribute is allowed in each config. See
managed_rule_group_configsfor more details- Rule
Action []WebOverrides Acl Rule Statement Managed Rule Group Statement Rule Action Override Action settings to use in the place of the rule actions that are configured inside the rule group. You specify one override for each rule whose action you want to change. See
rule_action_overridebelow for details.- Scope
Down WebStatement Acl Rule Statement Managed Rule Group Statement Scope Down Statement Narrows the scope of the statement to matching web requests. This can be any nestable statement, and you can nest statements at any level below this scope-down statement. See
statementabove for details.- Version string
Version of the managed rule group. You can set
Version_1.0orVersion_1.1etc. If you want to use the default version, do not set anything.
- name String
Name of the managed rule group.
- vendor
Name String Name of the managed rule group vendor.
- managed
Rule List<WebGroup Configs Acl Rule Statement Managed Rule Group Statement Managed Rule Group Config> Additional information that's used by a managed rule group. Only one rule attribute is allowed in each config. See
managed_rule_group_configsfor more details- rule
Action List<WebOverrides Acl Rule Statement Managed Rule Group Statement Rule Action Override> Action settings to use in the place of the rule actions that are configured inside the rule group. You specify one override for each rule whose action you want to change. See
rule_action_overridebelow for details.- scope
Down WebStatement Acl Rule Statement Managed Rule Group Statement Scope Down Statement Narrows the scope of the statement to matching web requests. This can be any nestable statement, and you can nest statements at any level below this scope-down statement. See
statementabove for details.- version String
Version of the managed rule group. You can set
Version_1.0orVersion_1.1etc. If you want to use the default version, do not set anything.
- name string
Name of the managed rule group.
- vendor
Name string Name of the managed rule group vendor.
- managed
Rule WebGroup Configs Acl Rule Statement Managed Rule Group Statement Managed Rule Group Config[] Additional information that's used by a managed rule group. Only one rule attribute is allowed in each config. See
managed_rule_group_configsfor more details- rule
Action WebOverrides Acl Rule Statement Managed Rule Group Statement Rule Action Override[] Action settings to use in the place of the rule actions that are configured inside the rule group. You specify one override for each rule whose action you want to change. See
rule_action_overridebelow for details.- scope
Down WebStatement Acl Rule Statement Managed Rule Group Statement Scope Down Statement Narrows the scope of the statement to matching web requests. This can be any nestable statement, and you can nest statements at any level below this scope-down statement. See
statementabove for details.- version string
Version of the managed rule group. You can set
Version_1.0orVersion_1.1etc. If you want to use the default version, do not set anything.
- name str
Name of the managed rule group.
- vendor_
name str Name of the managed rule group vendor.
- managed_
rule_ Sequence[Webgroup_ configs Acl Rule Statement Managed Rule Group Statement Managed Rule Group Config] Additional information that's used by a managed rule group. Only one rule attribute is allowed in each config. See
managed_rule_group_configsfor more details- rule_
action_ Sequence[Weboverrides Acl Rule Statement Managed Rule Group Statement Rule Action Override] Action settings to use in the place of the rule actions that are configured inside the rule group. You specify one override for each rule whose action you want to change. See
rule_action_overridebelow for details.- scope_
down_ Webstatement Acl Rule Statement Managed Rule Group Statement Scope Down Statement Narrows the scope of the statement to matching web requests. This can be any nestable statement, and you can nest statements at any level below this scope-down statement. See
statementabove for details.- version str
Version of the managed rule group. You can set
Version_1.0orVersion_1.1etc. If you want to use the default version, do not set anything.
- name String
Name of the managed rule group.
- vendor
Name String Name of the managed rule group vendor.
- managed
Rule List<Property Map>Group Configs Additional information that's used by a managed rule group. Only one rule attribute is allowed in each config. See
managed_rule_group_configsfor more details- rule
Action List<Property Map>Overrides Action settings to use in the place of the rule actions that are configured inside the rule group. You specify one override for each rule whose action you want to change. See
rule_action_overridebelow for details.- scope
Down Property MapStatement Narrows the scope of the statement to matching web requests. This can be any nestable statement, and you can nest statements at any level below this scope-down statement. See
statementabove for details.- version String
Version of the managed rule group. You can set
Version_1.0orVersion_1.1etc. If you want to use the default version, do not set anything.
WebAclRuleStatementManagedRuleGroupStatementManagedRuleGroupConfig, WebAclRuleStatementManagedRuleGroupStatementManagedRuleGroupConfigArgs
- Aws
Managed Pulumi.Rules Atp Rule Set Aws. Waf V2. Inputs. Web Acl Rule Statement Managed Rule Group Statement Managed Rule Group Config Aws Managed Rules Atp Rule Set Additional configuration for using the Account Takeover Protection managed rule group. Use this to specify information such as the sign-in page of your application and the type of content to accept or reject from the client.
- Aws
Managed Pulumi.Rules Bot Control Rule Set Aws. Waf V2. Inputs. Web Acl Rule Statement Managed Rule Group Statement Managed Rule Group Config Aws Managed Rules Bot Control Rule Set Additional configuration for using the Bot Control managed rule group. Use this to specify the inspection level that you want to use. See
aws_managed_rules_bot_control_rule_setfor more details- Login
Path string The path of the login endpoint for your application.
- Password
Field Pulumi.Aws. Waf V2. Inputs. Web Acl Rule Statement Managed Rule Group Statement Managed Rule Group Config Password Field Details about your login page password field. See
password_fieldfor more details.- Payload
Type string The payload type for your login endpoint, either JSON or form encoded.
- Username
Field Pulumi.Aws. Waf V2. Inputs. Web Acl Rule Statement Managed Rule Group Statement Managed Rule Group Config Username Field Details about your login page username field. See
username_fieldfor more details.
- Aws
Managed WebRules Atp Rule Set Acl Rule Statement Managed Rule Group Statement Managed Rule Group Config Aws Managed Rules Atp Rule Set Additional configuration for using the Account Takeover Protection managed rule group. Use this to specify information such as the sign-in page of your application and the type of content to accept or reject from the client.
- Aws
Managed WebRules Bot Control Rule Set Acl Rule Statement Managed Rule Group Statement Managed Rule Group Config Aws Managed Rules Bot Control Rule Set Additional configuration for using the Bot Control managed rule group. Use this to specify the inspection level that you want to use. See
aws_managed_rules_bot_control_rule_setfor more details- Login
Path string The path of the login endpoint for your application.
- Password
Field WebAcl Rule Statement Managed Rule Group Statement Managed Rule Group Config Password Field Details about your login page password field. See
password_fieldfor more details.- Payload
Type string The payload type for your login endpoint, either JSON or form encoded.
- Username
Field WebAcl Rule Statement Managed Rule Group Statement Managed Rule Group Config Username Field Details about your login page username field. See
username_fieldfor more details.
- aws
Managed WebRules Atp Rule Set Acl Rule Statement Managed Rule Group Statement Managed Rule Group Config Aws Managed Rules Atp Rule Set Additional configuration for using the Account Takeover Protection managed rule group. Use this to specify information such as the sign-in page of your application and the type of content to accept or reject from the client.
- aws
Managed WebRules Bot Control Rule Set Acl Rule Statement Managed Rule Group Statement Managed Rule Group Config Aws Managed Rules Bot Control Rule Set Additional configuration for using the Bot Control managed rule group. Use this to specify the inspection level that you want to use. See
aws_managed_rules_bot_control_rule_setfor more details- login
Path String The path of the login endpoint for your application.
- password
Field WebAcl Rule Statement Managed Rule Group Statement Managed Rule Group Config Password Field Details about your login page password field. See
password_fieldfor more details.- payload
Type String The payload type for your login endpoint, either JSON or form encoded.
- username
Field WebAcl Rule Statement Managed Rule Group Statement Managed Rule Group Config Username Field Details about your login page username field. See
username_fieldfor more details.
- aws
Managed WebRules Atp Rule Set Acl Rule Statement Managed Rule Group Statement Managed Rule Group Config Aws Managed Rules Atp Rule Set Additional configuration for using the Account Takeover Protection managed rule group. Use this to specify information such as the sign-in page of your application and the type of content to accept or reject from the client.
- aws
Managed WebRules Bot Control Rule Set Acl Rule Statement Managed Rule Group Statement Managed Rule Group Config Aws Managed Rules Bot Control Rule Set Additional configuration for using the Bot Control managed rule group. Use this to specify the inspection level that you want to use. See
aws_managed_rules_bot_control_rule_setfor more details- login
Path string The path of the login endpoint for your application.
- password
Field WebAcl Rule Statement Managed Rule Group Statement Managed Rule Group Config Password Field Details about your login page password field. See
password_fieldfor more details.- payload
Type string The payload type for your login endpoint, either JSON or form encoded.
- username
Field WebAcl Rule Statement Managed Rule Group Statement Managed Rule Group Config Username Field Details about your login page username field. See
username_fieldfor more details.
- aws_
managed_ Webrules_ atp_ rule_ set Acl Rule Statement Managed Rule Group Statement Managed Rule Group Config Aws Managed Rules Atp Rule Set Additional configuration for using the Account Takeover Protection managed rule group. Use this to specify information such as the sign-in page of your application and the type of content to accept or reject from the client.
- aws_
managed_ Webrules_ bot_ control_ rule_ set Acl Rule Statement Managed Rule Group Statement Managed Rule Group Config Aws Managed Rules Bot Control Rule Set Additional configuration for using the Bot Control managed rule group. Use this to specify the inspection level that you want to use. See
aws_managed_rules_bot_control_rule_setfor more details- login_
path str The path of the login endpoint for your application.
- password_
field WebAcl Rule Statement Managed Rule Group Statement Managed Rule Group Config Password Field Details about your login page password field. See
password_fieldfor more details.- payload_
type str The payload type for your login endpoint, either JSON or form encoded.
- username_
field WebAcl Rule Statement Managed Rule Group Statement Managed Rule Group Config Username Field Details about your login page username field. See
username_fieldfor more details.
- aws
Managed Property MapRules Atp Rule Set Additional configuration for using the Account Takeover Protection managed rule group. Use this to specify information such as the sign-in page of your application and the type of content to accept or reject from the client.
- aws
Managed Property MapRules Bot Control Rule Set Additional configuration for using the Bot Control managed rule group. Use this to specify the inspection level that you want to use. See
aws_managed_rules_bot_control_rule_setfor more details- login
Path String The path of the login endpoint for your application.
- password
Field Property Map Details about your login page password field. See
password_fieldfor more details.- payload
Type String The payload type for your login endpoint, either JSON or form encoded.
- username
Field Property Map Details about your login page username field. See
username_fieldfor more details.
WebAclRuleStatementManagedRuleGroupStatementManagedRuleGroupConfigAwsManagedRulesAtpRuleSet, WebAclRuleStatementManagedRuleGroupStatementManagedRuleGroupConfigAwsManagedRulesAtpRuleSetArgs
- Login
Path string The path of the login endpoint for your application.
- Enable
Regex boolIn Path Whether or not to allow the use of regular expressions in the login page path.
- Request
Inspection Pulumi.Aws. Waf V2. Inputs. Web Acl Rule Statement Managed Rule Group Statement Managed Rule Group Config Aws Managed Rules Atp Rule Set Request Inspection The criteria for inspecting login requests, used by the ATP rule group to validate credentials usage. See
request_inspectionfor more details.- Response
Inspection Pulumi.Aws. Waf V2. Inputs. Web Acl Rule Statement Managed Rule Group Statement Managed Rule Group Config Aws Managed Rules Atp Rule Set Response Inspection The criteria for inspecting responses to login requests, used by the ATP rule group to track login failure rates. Note that Response Inspection is available only on web ACLs that protect CloudFront distributions. See
response_inspectionfor more details.
- Login
Path string The path of the login endpoint for your application.
- Enable
Regex boolIn Path Whether or not to allow the use of regular expressions in the login page path.
- Request
Inspection WebAcl Rule Statement Managed Rule Group Statement Managed Rule Group Config Aws Managed Rules Atp Rule Set Request Inspection The criteria for inspecting login requests, used by the ATP rule group to validate credentials usage. See
request_inspectionfor more details.- Response
Inspection WebAcl Rule Statement Managed Rule Group Statement Managed Rule Group Config Aws Managed Rules Atp Rule Set Response Inspection The criteria for inspecting responses to login requests, used by the ATP rule group to track login failure rates. Note that Response Inspection is available only on web ACLs that protect CloudFront distributions. See
response_inspectionfor more details.
- login
Path String The path of the login endpoint for your application.
- enable
Regex BooleanIn Path Whether or not to allow the use of regular expressions in the login page path.
- request
Inspection WebAcl Rule Statement Managed Rule Group Statement Managed Rule Group Config Aws Managed Rules Atp Rule Set Request Inspection The criteria for inspecting login requests, used by the ATP rule group to validate credentials usage. See
request_inspectionfor more details.- response
Inspection WebAcl Rule Statement Managed Rule Group Statement Managed Rule Group Config Aws Managed Rules Atp Rule Set Response Inspection The criteria for inspecting responses to login requests, used by the ATP rule group to track login failure rates. Note that Response Inspection is available only on web ACLs that protect CloudFront distributions. See
response_inspectionfor more details.
- login
Path string The path of the login endpoint for your application.
- enable
Regex booleanIn Path Whether or not to allow the use of regular expressions in the login page path.
- request
Inspection WebAcl Rule Statement Managed Rule Group Statement Managed Rule Group Config Aws Managed Rules Atp Rule Set Request Inspection The criteria for inspecting login requests, used by the ATP rule group to validate credentials usage. See
request_inspectionfor more details.- response
Inspection WebAcl Rule Statement Managed Rule Group Statement Managed Rule Group Config Aws Managed Rules Atp Rule Set Response Inspection The criteria for inspecting responses to login requests, used by the ATP rule group to track login failure rates. Note that Response Inspection is available only on web ACLs that protect CloudFront distributions. See
response_inspectionfor more details.
- login_
path str The path of the login endpoint for your application.
- enable_
regex_ boolin_ path Whether or not to allow the use of regular expressions in the login page path.
- request_
inspection WebAcl Rule Statement Managed Rule Group Statement Managed Rule Group Config Aws Managed Rules Atp Rule Set Request Inspection The criteria for inspecting login requests, used by the ATP rule group to validate credentials usage. See
request_inspectionfor more details.- response_
inspection WebAcl Rule Statement Managed Rule Group Statement Managed Rule Group Config Aws Managed Rules Atp Rule Set Response Inspection The criteria for inspecting responses to login requests, used by the ATP rule group to track login failure rates. Note that Response Inspection is available only on web ACLs that protect CloudFront distributions. See
response_inspectionfor more details.
- login
Path String The path of the login endpoint for your application.
- enable
Regex BooleanIn Path Whether or not to allow the use of regular expressions in the login page path.
- request
Inspection Property Map The criteria for inspecting login requests, used by the ATP rule group to validate credentials usage. See
request_inspectionfor more details.- response
Inspection Property Map The criteria for inspecting responses to login requests, used by the ATP rule group to track login failure rates. Note that Response Inspection is available only on web ACLs that protect CloudFront distributions. See
response_inspectionfor more details.
WebAclRuleStatementManagedRuleGroupStatementManagedRuleGroupConfigAwsManagedRulesAtpRuleSetRequestInspection, WebAclRuleStatementManagedRuleGroupStatementManagedRuleGroupConfigAwsManagedRulesAtpRuleSetRequestInspectionArgs
- Password
Field Pulumi.Aws. Waf V2. Inputs. Web Acl Rule Statement Managed Rule Group Statement Managed Rule Group Config Aws Managed Rules Atp Rule Set Request Inspection Password Field Details about your login page password field. See
password_fieldfor more details.- Payload
Type string The payload type for your login endpoint, either JSON or form encoded.
- Username
Field Pulumi.Aws. Waf V2. Inputs. Web Acl Rule Statement Managed Rule Group Statement Managed Rule Group Config Aws Managed Rules Atp Rule Set Request Inspection Username Field Details about your login page username field. See
username_fieldfor more details.
- Password
Field WebAcl Rule Statement Managed Rule Group Statement Managed Rule Group Config Aws Managed Rules Atp Rule Set Request Inspection Password Field Details about your login page password field. See
password_fieldfor more details.- Payload
Type string The payload type for your login endpoint, either JSON or form encoded.
- Username
Field WebAcl Rule Statement Managed Rule Group Statement Managed Rule Group Config Aws Managed Rules Atp Rule Set Request Inspection Username Field Details about your login page username field. See
username_fieldfor more details.
- password
Field WebAcl Rule Statement Managed Rule Group Statement Managed Rule Group Config Aws Managed Rules Atp Rule Set Request Inspection Password Field Details about your login page password field. See
password_fieldfor more details.- payload
Type String The payload type for your login endpoint, either JSON or form encoded.
- username
Field WebAcl Rule Statement Managed Rule Group Statement Managed Rule Group Config Aws Managed Rules Atp Rule Set Request Inspection Username Field Details about your login page username field. See
username_fieldfor more details.
- password
Field WebAcl Rule Statement Managed Rule Group Statement Managed Rule Group Config Aws Managed Rules Atp Rule Set Request Inspection Password Field Details about your login page password field. See
password_fieldfor more details.- payload
Type string The payload type for your login endpoint, either JSON or form encoded.
- username
Field WebAcl Rule Statement Managed Rule Group Statement Managed Rule Group Config Aws Managed Rules Atp Rule Set Request Inspection Username Field Details about your login page username field. See
username_fieldfor more details.
- password_
field WebAcl Rule Statement Managed Rule Group Statement Managed Rule Group Config Aws Managed Rules Atp Rule Set Request Inspection Password Field Details about your login page password field. See
password_fieldfor more details.- payload_
type str The payload type for your login endpoint, either JSON or form encoded.
- username_
field WebAcl Rule Statement Managed Rule Group Statement Managed Rule Group Config Aws Managed Rules Atp Rule Set Request Inspection Username Field Details about your login page username field. See
username_fieldfor more details.
- password
Field Property Map Details about your login page password field. See
password_fieldfor more details.- payload
Type String The payload type for your login endpoint, either JSON or form encoded.
- username
Field Property Map Details about your login page username field. See
username_fieldfor more details.
WebAclRuleStatementManagedRuleGroupStatementManagedRuleGroupConfigAwsManagedRulesAtpRuleSetRequestInspectionPasswordField, WebAclRuleStatementManagedRuleGroupStatementManagedRuleGroupConfigAwsManagedRulesAtpRuleSetRequestInspectionPasswordFieldArgs
- Identifier string
The name of the password field.
- Identifier string
The name of the password field.
- identifier String
The name of the password field.
- identifier string
The name of the password field.
- identifier str
The name of the password field.
- identifier String
The name of the password field.
WebAclRuleStatementManagedRuleGroupStatementManagedRuleGroupConfigAwsManagedRulesAtpRuleSetRequestInspectionUsernameField, WebAclRuleStatementManagedRuleGroupStatementManagedRuleGroupConfigAwsManagedRulesAtpRuleSetRequestInspectionUsernameFieldArgs
- Identifier string
The name of the username field.
- Identifier string
The name of the username field.
- identifier String
The name of the username field.
- identifier string
The name of the username field.
- identifier str
The name of the username field.
- identifier String
The name of the username field.
WebAclRuleStatementManagedRuleGroupStatementManagedRuleGroupConfigAwsManagedRulesAtpRuleSetResponseInspection, WebAclRuleStatementManagedRuleGroupStatementManagedRuleGroupConfigAwsManagedRulesAtpRuleSetResponseInspectionArgs
- Body
Contains Pulumi.Aws. Waf V2. Inputs. Web Acl Rule Statement Managed Rule Group Statement Managed Rule Group Config Aws Managed Rules Atp Rule Set Response Inspection Body Contains Configures inspection of the response body. See
body_containsfor more details.- Header
Pulumi.
Aws. Waf V2. Inputs. Web Acl Rule Statement Managed Rule Group Statement Managed Rule Group Config Aws Managed Rules Atp Rule Set Response Inspection Header Configures inspection of the response header.See
headerfor more details.- Json
Pulumi.
Aws. Waf V2. Inputs. Web Acl Rule Statement Managed Rule Group Statement Managed Rule Group Config Aws Managed Rules Atp Rule Set Response Inspection Json Configures inspection of the response JSON. See
jsonfor more details.- Status
Code Pulumi.Aws. Waf V2. Inputs. Web Acl Rule Statement Managed Rule Group Statement Managed Rule Group Config Aws Managed Rules Atp Rule Set Response Inspection Status Code Configures inspection of the response status code.See
status_codefor more details.
- Body
Contains WebAcl Rule Statement Managed Rule Group Statement Managed Rule Group Config Aws Managed Rules Atp Rule Set Response Inspection Body Contains Configures inspection of the response body. See
body_containsfor more details.- Header
Web
Acl Rule Statement Managed Rule Group Statement Managed Rule Group Config Aws Managed Rules Atp Rule Set Response Inspection Header Configures inspection of the response header.See
headerfor more details.- Json
Web
Acl Rule Statement Managed Rule Group Statement Managed Rule Group Config Aws Managed Rules Atp Rule Set Response Inspection Json Configures inspection of the response JSON. See
jsonfor more details.- Status
Code WebAcl Rule Statement Managed Rule Group Statement Managed Rule Group Config Aws Managed Rules Atp Rule Set Response Inspection Status Code Configures inspection of the response status code.See
status_codefor more details.
- body
Contains WebAcl Rule Statement Managed Rule Group Statement Managed Rule Group Config Aws Managed Rules Atp Rule Set Response Inspection Body Contains Configures inspection of the response body. See
body_containsfor more details.- header
Web
Acl Rule Statement Managed Rule Group Statement Managed Rule Group Config Aws Managed Rules Atp Rule Set Response Inspection Header Configures inspection of the response header.See
headerfor more details.- json
Web
Acl Rule Statement Managed Rule Group Statement Managed Rule Group Config Aws Managed Rules Atp Rule Set Response Inspection Json Configures inspection of the response JSON. See
jsonfor more details.- status
Code WebAcl Rule Statement Managed Rule Group Statement Managed Rule Group Config Aws Managed Rules Atp Rule Set Response Inspection Status Code Configures inspection of the response status code.See
status_codefor more details.
- body
Contains WebAcl Rule Statement Managed Rule Group Statement Managed Rule Group Config Aws Managed Rules Atp Rule Set Response Inspection Body Contains Configures inspection of the response body. See
body_containsfor more details.- header
Web
Acl Rule Statement Managed Rule Group Statement Managed Rule Group Config Aws Managed Rules Atp Rule Set Response Inspection Header Configures inspection of the response header.See
headerfor more details.- json
Web
Acl Rule Statement Managed Rule Group Statement Managed Rule Group Config Aws Managed Rules Atp Rule Set Response Inspection Json Configures inspection of the response JSON. See
jsonfor more details.- status
Code WebAcl Rule Statement Managed Rule Group Statement Managed Rule Group Config Aws Managed Rules Atp Rule Set Response Inspection Status Code Configures inspection of the response status code.See
status_codefor more details.
- body_
contains WebAcl Rule Statement Managed Rule Group Statement Managed Rule Group Config Aws Managed Rules Atp Rule Set Response Inspection Body Contains Configures inspection of the response body. See
body_containsfor more details.- header
Web
Acl Rule Statement Managed Rule Group Statement Managed Rule Group Config Aws Managed Rules Atp Rule Set Response Inspection Header Configures inspection of the response header.See
headerfor more details.- json
Web
Acl Rule Statement Managed Rule Group Statement Managed Rule Group Config Aws Managed Rules Atp Rule Set Response Inspection Json Configures inspection of the response JSON. See
jsonfor more details.- status_
code WebAcl Rule Statement Managed Rule Group Statement Managed Rule Group Config Aws Managed Rules Atp Rule Set Response Inspection Status Code Configures inspection of the response status code.See
status_codefor more details.
- body
Contains Property Map Configures inspection of the response body. See
body_containsfor more details.- header Property Map
Configures inspection of the response header.See
headerfor more details.- json Property Map
Configures inspection of the response JSON. See
jsonfor more details.- status
Code Property Map Configures inspection of the response status code.See
status_codefor more details.
WebAclRuleStatementManagedRuleGroupStatementManagedRuleGroupConfigAwsManagedRulesAtpRuleSetResponseInspectionBodyContains, WebAclRuleStatementManagedRuleGroupStatementManagedRuleGroupConfigAwsManagedRulesAtpRuleSetResponseInspectionBodyContainsArgs
- Failure
Strings List<string> Strings in the body of the response that indicate a failed login attempt.
- Success
Strings List<string> Strings in the body of the response that indicate a successful login attempt.
- Failure
Strings []string Strings in the body of the response that indicate a failed login attempt.
- Success
Strings []string Strings in the body of the response that indicate a successful login attempt.
- failure
Strings List<String> Strings in the body of the response that indicate a failed login attempt.
- success
Strings List<String> Strings in the body of the response that indicate a successful login attempt.
- failure
Strings string[] Strings in the body of the response that indicate a failed login attempt.
- success
Strings string[] Strings in the body of the response that indicate a successful login attempt.
- failure_
strings Sequence[str] Strings in the body of the response that indicate a failed login attempt.
- success_
strings Sequence[str] Strings in the body of the response that indicate a successful login attempt.
- failure
Strings List<String> Strings in the body of the response that indicate a failed login attempt.
- success
Strings List<String> Strings in the body of the response that indicate a successful login attempt.
WebAclRuleStatementManagedRuleGroupStatementManagedRuleGroupConfigAwsManagedRulesAtpRuleSetResponseInspectionHeader, WebAclRuleStatementManagedRuleGroupStatementManagedRuleGroupConfigAwsManagedRulesAtpRuleSetResponseInspectionHeaderArgs
- Failure
Values List<string> Values in the response header with the specified name that indicate a failed login attempt.
- Name string
The name of the header to match against. The name must be an exact match, including case.
- Success
Values List<string> Values in the response header with the specified name that indicate a successful login attempt.
- Failure
Values []string Values in the response header with the specified name that indicate a failed login attempt.
- Name string
The name of the header to match against. The name must be an exact match, including case.
- Success
Values []string Values in the response header with the specified name that indicate a successful login attempt.
- failure
Values List<String> Values in the response header with the specified name that indicate a failed login attempt.
- name String
The name of the header to match against. The name must be an exact match, including case.
- success
Values List<String> Values in the response header with the specified name that indicate a successful login attempt.
- failure
Values string[] Values in the response header with the specified name that indicate a failed login attempt.
- name string
The name of the header to match against. The name must be an exact match, including case.
- success
Values string[] Values in the response header with the specified name that indicate a successful login attempt.
- failure_
values Sequence[str] Values in the response header with the specified name that indicate a failed login attempt.
- name str
The name of the header to match against. The name must be an exact match, including case.
- success_
values Sequence[str] Values in the response header with the specified name that indicate a successful login attempt.
- failure
Values List<String> Values in the response header with the specified name that indicate a failed login attempt.
- name String
The name of the header to match against. The name must be an exact match, including case.
- success
Values List<String> Values in the response header with the specified name that indicate a successful login attempt.
WebAclRuleStatementManagedRuleGroupStatementManagedRuleGroupConfigAwsManagedRulesAtpRuleSetResponseInspectionJson, WebAclRuleStatementManagedRuleGroupStatementManagedRuleGroupConfigAwsManagedRulesAtpRuleSetResponseInspectionJsonArgs
- Failure
Values List<string> Values in the response header with the specified name that indicate a failed login attempt.
- Identifier string
The identifier for the value to match against in the JSON.
- Success
Values List<string> Values in the response header with the specified name that indicate a successful login attempt.
- Failure
Values []string Values in the response header with the specified name that indicate a failed login attempt.
- Identifier string
The identifier for the value to match against in the JSON.
- Success
Values []string Values in the response header with the specified name that indicate a successful login attempt.
- failure
Values List<String> Values in the response header with the specified name that indicate a failed login attempt.
- identifier String
The identifier for the value to match against in the JSON.
- success
Values List<String> Values in the response header with the specified name that indicate a successful login attempt.
- failure
Values string[] Values in the response header with the specified name that indicate a failed login attempt.
- identifier string
The identifier for the value to match against in the JSON.
- success
Values string[] Values in the response header with the specified name that indicate a successful login attempt.
- failure_
values Sequence[str] Values in the response header with the specified name that indicate a failed login attempt.
- identifier str
The identifier for the value to match against in the JSON.
- success_
values Sequence[str] Values in the response header with the specified name that indicate a successful login attempt.
- failure
Values List<String> Values in the response header with the specified name that indicate a failed login attempt.
- identifier String
The identifier for the value to match against in the JSON.
- success
Values List<String> Values in the response header with the specified name that indicate a successful login attempt.
WebAclRuleStatementManagedRuleGroupStatementManagedRuleGroupConfigAwsManagedRulesAtpRuleSetResponseInspectionStatusCode, WebAclRuleStatementManagedRuleGroupStatementManagedRuleGroupConfigAwsManagedRulesAtpRuleSetResponseInspectionStatusCodeArgs
- Failure
Codes List<int> Status codes in the response that indicate a failed login attempt.
- Success
Codes List<int> Status codes in the response that indicate a successful login attempt.
- Failure
Codes []int Status codes in the response that indicate a failed login attempt.
- Success
Codes []int Status codes in the response that indicate a successful login attempt.
- failure
Codes List<Integer> Status codes in the response that indicate a failed login attempt.
- success
Codes List<Integer> Status codes in the response that indicate a successful login attempt.
- failure
Codes number[] Status codes in the response that indicate a failed login attempt.
- success
Codes number[] Status codes in the response that indicate a successful login attempt.
- failure_
codes Sequence[int] Status codes in the response that indicate a failed login attempt.
- success_
codes Sequence[int] Status codes in the response that indicate a successful login attempt.
- failure
Codes List<Number> Status codes in the response that indicate a failed login attempt.
- success
Codes List<Number> Status codes in the response that indicate a successful login attempt.
WebAclRuleStatementManagedRuleGroupStatementManagedRuleGroupConfigAwsManagedRulesBotControlRuleSet, WebAclRuleStatementManagedRuleGroupStatementManagedRuleGroupConfigAwsManagedRulesBotControlRuleSetArgs
- Inspection
Level string The inspection level to use for the Bot Control rule group.
- Inspection
Level string The inspection level to use for the Bot Control rule group.
- inspection
Level String The inspection level to use for the Bot Control rule group.
- inspection
Level string The inspection level to use for the Bot Control rule group.
- inspection_
level str The inspection level to use for the Bot Control rule group.
- inspection
Level String The inspection level to use for the Bot Control rule group.
WebAclRuleStatementManagedRuleGroupStatementManagedRuleGroupConfigPasswordField, WebAclRuleStatementManagedRuleGroupStatementManagedRuleGroupConfigPasswordFieldArgs
- Identifier string
The name of the password field.
- Identifier string
The name of the password field.
- identifier String
The name of the password field.
- identifier string
The name of the password field.
- identifier str
The name of the password field.
- identifier String
The name of the password field.
WebAclRuleStatementManagedRuleGroupStatementManagedRuleGroupConfigUsernameField, WebAclRuleStatementManagedRuleGroupStatementManagedRuleGroupConfigUsernameFieldArgs
- Identifier string
The name of the username field.
- Identifier string
The name of the username field.
- identifier String
The name of the username field.
- identifier string
The name of the username field.
- identifier str
The name of the username field.
- identifier String
The name of the username field.
WebAclRuleStatementManagedRuleGroupStatementRuleActionOverride, WebAclRuleStatementManagedRuleGroupStatementRuleActionOverrideArgs
- Action
To Pulumi.Use Aws. Waf V2. Inputs. Web Acl Rule Statement Managed Rule Group Statement Rule Action Override Action To Use Override action to use, in place of the configured action of the rule in the rule group. See
actionfor details.- Name string
Name of the rule to override. See the documentation for a list of names in the appropriate rule group in use.
- Action
To WebUse Acl Rule Statement Managed Rule Group Statement Rule Action Override Action To Use Override action to use, in place of the configured action of the rule in the rule group. See
actionfor details.- Name string
Name of the rule to override. See the documentation for a list of names in the appropriate rule group in use.
- action
To WebUse Acl Rule Statement Managed Rule Group Statement Rule Action Override Action To Use Override action to use, in place of the configured action of the rule in the rule group. See
actionfor details.- name String
Name of the rule to override. See the documentation for a list of names in the appropriate rule group in use.
- action
To WebUse Acl Rule Statement Managed Rule Group Statement Rule Action Override Action To Use Override action to use, in place of the configured action of the rule in the rule group. See
actionfor details.- name string
Name of the rule to override. See the documentation for a list of names in the appropriate rule group in use.
- action_
to_ Webuse Acl Rule Statement Managed Rule Group Statement Rule Action Override Action To Use Override action to use, in place of the configured action of the rule in the rule group. See
actionfor details.- name str
Name of the rule to override. See the documentation for a list of names in the appropriate rule group in use.
- action
To Property MapUse Override action to use, in place of the configured action of the rule in the rule group. See
actionfor details.- name String
Name of the rule to override. See the documentation for a list of names in the appropriate rule group in use.
WebAclRuleStatementManagedRuleGroupStatementRuleActionOverrideActionToUse, WebAclRuleStatementManagedRuleGroupStatementRuleActionOverrideActionToUseArgs
- Allow
Pulumi.
Aws. Waf V2. Inputs. Web Acl Rule Statement Managed Rule Group Statement Rule Action Override Action To Use Allow Specifies that AWS WAF should allow requests by default. See
allowbelow for details.- Block
Pulumi.
Aws. Waf V2. Inputs. Web Acl Rule Statement Managed Rule Group Statement Rule Action Override Action To Use Block Specifies that AWS WAF should block requests by default. See
blockbelow for details.- Captcha
Pulumi.
Aws. Waf V2. Inputs. Web Acl Rule Statement Managed Rule Group Statement Rule Action Override Action To Use Captcha Instructs AWS WAF to run a Captcha check against the web request. See
captchabelow for details.- Challenge
Pulumi.
Aws. Waf V2. Inputs. Web Acl Rule Statement Managed Rule Group Statement Rule Action Override Action To Use Challenge Instructs AWS WAF to run a check against the request to verify that the request is coming from a legitimate client session. See
challengebelow for details.- Count
Pulumi.
Aws. Waf V2. Inputs. Web Acl Rule Statement Managed Rule Group Statement Rule Action Override Action To Use Count Instructs AWS WAF to count the web request and allow it. See
countbelow for details.
- Allow
Web
Acl Rule Statement Managed Rule Group Statement Rule Action Override Action To Use Allow Specifies that AWS WAF should allow requests by default. See
allowbelow for details.- Block
Web
Acl Rule Statement Managed Rule Group Statement Rule Action Override Action To Use Block Specifies that AWS WAF should block requests by default. See
blockbelow for details.- Captcha
Web
Acl Rule Statement Managed Rule Group Statement Rule Action Override Action To Use Captcha Instructs AWS WAF to run a Captcha check against the web request. See
captchabelow for details.- Challenge
Web
Acl Rule Statement Managed Rule Group Statement Rule Action Override Action To Use Challenge Instructs AWS WAF to run a check against the request to verify that the request is coming from a legitimate client session. See
challengebelow for details.- Count
Web
Acl Rule Statement Managed Rule Group Statement Rule Action Override Action To Use Count Instructs AWS WAF to count the web request and allow it. See
countbelow for details.
- allow
Web
Acl Rule Statement Managed Rule Group Statement Rule Action Override Action To Use Allow Specifies that AWS WAF should allow requests by default. See
allowbelow for details.- block
Web
Acl Rule Statement Managed Rule Group Statement Rule Action Override Action To Use Block Specifies that AWS WAF should block requests by default. See
blockbelow for details.- captcha
Web
Acl Rule Statement Managed Rule Group Statement Rule Action Override Action To Use Captcha Instructs AWS WAF to run a Captcha check against the web request. See
captchabelow for details.- challenge
Web
Acl Rule Statement Managed Rule Group Statement Rule Action Override Action To Use Challenge Instructs AWS WAF to run a check against the request to verify that the request is coming from a legitimate client session. See
challengebelow for details.- count
Web
Acl Rule Statement Managed Rule Group Statement Rule Action Override Action To Use Count Instructs AWS WAF to count the web request and allow it. See
countbelow for details.
- allow
Web
Acl Rule Statement Managed Rule Group Statement Rule Action Override Action To Use Allow Specifies that AWS WAF should allow requests by default. See
allowbelow for details.- block
Web
Acl Rule Statement Managed Rule Group Statement Rule Action Override Action To Use Block Specifies that AWS WAF should block requests by default. See
blockbelow for details.- captcha
Web
Acl Rule Statement Managed Rule Group Statement Rule Action Override Action To Use Captcha Instructs AWS WAF to run a Captcha check against the web request. See
captchabelow for details.- challenge
Web
Acl Rule Statement Managed Rule Group Statement Rule Action Override Action To Use Challenge Instructs AWS WAF to run a check against the request to verify that the request is coming from a legitimate client session. See
challengebelow for details.- count
Web
Acl Rule Statement Managed Rule Group Statement Rule Action Override Action To Use Count Instructs AWS WAF to count the web request and allow it. See
countbelow for details.
- allow
Web
Acl Rule Statement Managed Rule Group Statement Rule Action Override Action To Use Allow Specifies that AWS WAF should allow requests by default. See
allowbelow for details.- block
Web
Acl Rule Statement Managed Rule Group Statement Rule Action Override Action To Use Block Specifies that AWS WAF should block requests by default. See
blockbelow for details.- captcha
Web
Acl Rule Statement Managed Rule Group Statement Rule Action Override Action To Use Captcha Instructs AWS WAF to run a Captcha check against the web request. See
captchabelow for details.- challenge
Web
Acl Rule Statement Managed Rule Group Statement Rule Action Override Action To Use Challenge Instructs AWS WAF to run a check against the request to verify that the request is coming from a legitimate client session. See
challengebelow for details.- count
Web
Acl Rule Statement Managed Rule Group Statement Rule Action Override Action To Use Count Instructs AWS WAF to count the web request and allow it. See
countbelow for details.
- allow Property Map
Specifies that AWS WAF should allow requests by default. See
allowbelow for details.- block Property Map
Specifies that AWS WAF should block requests by default. See
blockbelow for details.- captcha Property Map
Instructs AWS WAF to run a Captcha check against the web request. See
captchabelow for details.- challenge Property Map
Instructs AWS WAF to run a check against the request to verify that the request is coming from a legitimate client session. See
challengebelow for details.- count Property Map
Instructs AWS WAF to count the web request and allow it. See
countbelow for details.
WebAclRuleStatementManagedRuleGroupStatementRuleActionOverrideActionToUseAllow, WebAclRuleStatementManagedRuleGroupStatementRuleActionOverrideActionToUseAllowArgs
- Custom
Request Pulumi.Handling Aws. Waf V2. Inputs. Web Acl Rule Statement Managed Rule Group Statement Rule Action Override Action To Use Allow Custom Request Handling Defines custom handling for the web request. See
custom_request_handlingbelow for details.
- Custom
Request WebHandling Acl Rule Statement Managed Rule Group Statement Rule Action Override Action To Use Allow Custom Request Handling Defines custom handling for the web request. See
custom_request_handlingbelow for details.
- custom
Request WebHandling Acl Rule Statement Managed Rule Group Statement Rule Action Override Action To Use Allow Custom Request Handling Defines custom handling for the web request. See
custom_request_handlingbelow for details.
- custom
Request WebHandling Acl Rule Statement Managed Rule Group Statement Rule Action Override Action To Use Allow Custom Request Handling Defines custom handling for the web request. See
custom_request_handlingbelow for details.
- custom_
request_ Webhandling Acl Rule Statement Managed Rule Group Statement Rule Action Override Action To Use Allow Custom Request Handling Defines custom handling for the web request. See
custom_request_handlingbelow for details.
- custom
Request Property MapHandling Defines custom handling for the web request. See
custom_request_handlingbelow for details.
WebAclRuleStatementManagedRuleGroupStatementRuleActionOverrideActionToUseAllowCustomRequestHandling, WebAclRuleStatementManagedRuleGroupStatementRuleActionOverrideActionToUseAllowCustomRequestHandlingArgs
- Insert
Headers List<Pulumi.Aws. Waf V2. Inputs. Web Acl Rule Statement Managed Rule Group Statement Rule Action Override Action To Use Allow Custom Request Handling Insert Header> The
insert_headerblocks used to define HTTP headers added to the request. Seeinsert_headerbelow for details.
- Insert
Headers []WebAcl Rule Statement Managed Rule Group Statement Rule Action Override Action To Use Allow Custom Request Handling Insert Header The
insert_headerblocks used to define HTTP headers added to the request. Seeinsert_headerbelow for details.
- insert
Headers List<WebAcl Rule Statement Managed Rule Group Statement Rule Action Override Action To Use Allow Custom Request Handling Insert Header> The
insert_headerblocks used to define HTTP headers added to the request. Seeinsert_headerbelow for details.
- insert
Headers WebAcl Rule Statement Managed Rule Group Statement Rule Action Override Action To Use Allow Custom Request Handling Insert Header[] The
insert_headerblocks used to define HTTP headers added to the request. Seeinsert_headerbelow for details.
- insert_
headers Sequence[WebAcl Rule Statement Managed Rule Group Statement Rule Action Override Action To Use Allow Custom Request Handling Insert Header] The
insert_headerblocks used to define HTTP headers added to the request. Seeinsert_headerbelow for details.
- insert
Headers List<Property Map> The
insert_headerblocks used to define HTTP headers added to the request. Seeinsert_headerbelow for details.
WebAclRuleStatementManagedRuleGroupStatementRuleActionOverrideActionToUseAllowCustomRequestHandlingInsertHeader, WebAclRuleStatementManagedRuleGroupStatementRuleActionOverrideActionToUseAllowCustomRequestHandlingInsertHeaderArgs
- Name string
Name of the custom header. For custom request header insertion, when AWS WAF inserts the header into the request, it prefixes this name
x-amzn-waf-, to avoid confusion with the headers that are already in the request. For example, for the header namesample, AWS WAF inserts the headerx-amzn-waf-sample.- Value string
Value of the custom header.
- Name string
Name of the custom header. For custom request header insertion, when AWS WAF inserts the header into the request, it prefixes this name
x-amzn-waf-, to avoid confusion with the headers that are already in the request. For example, for the header namesample, AWS WAF inserts the headerx-amzn-waf-sample.- Value string
Value of the custom header.
- name String
Name of the custom header. For custom request header insertion, when AWS WAF inserts the header into the request, it prefixes this name
x-amzn-waf-, to avoid confusion with the headers that are already in the request. For example, for the header namesample, AWS WAF inserts the headerx-amzn-waf-sample.- value String
Value of the custom header.
- name string
Name of the custom header. For custom request header insertion, when AWS WAF inserts the header into the request, it prefixes this name
x-amzn-waf-, to avoid confusion with the headers that are already in the request. For example, for the header namesample, AWS WAF inserts the headerx-amzn-waf-sample.- value string
Value of the custom header.
- name str
Name of the custom header. For custom request header insertion, when AWS WAF inserts the header into the request, it prefixes this name
x-amzn-waf-, to avoid confusion with the headers that are already in the request. For example, for the header namesample, AWS WAF inserts the headerx-amzn-waf-sample.- value str
Value of the custom header.
- name String
Name of the custom header. For custom request header insertion, when AWS WAF inserts the header into the request, it prefixes this name
x-amzn-waf-, to avoid confusion with the headers that are already in the request. For example, for the header namesample, AWS WAF inserts the headerx-amzn-waf-sample.- value String
Value of the custom header.
WebAclRuleStatementManagedRuleGroupStatementRuleActionOverrideActionToUseBlock, WebAclRuleStatementManagedRuleGroupStatementRuleActionOverrideActionToUseBlockArgs
- Custom
Response Pulumi.Aws. Waf V2. Inputs. Web Acl Rule Statement Managed Rule Group Statement Rule Action Override Action To Use Block Custom Response Defines a custom response for the web request. See
custom_responsebelow for details.
- Custom
Response WebAcl Rule Statement Managed Rule Group Statement Rule Action Override Action To Use Block Custom Response Defines a custom response for the web request. See
custom_responsebelow for details.
- custom
Response WebAcl Rule Statement Managed Rule Group Statement Rule Action Override Action To Use Block Custom Response Defines a custom response for the web request. See
custom_responsebelow for details.
- custom
Response WebAcl Rule Statement Managed Rule Group Statement Rule Action Override Action To Use Block Custom Response Defines a custom response for the web request. See
custom_responsebelow for details.
- custom_
response WebAcl Rule Statement Managed Rule Group Statement Rule Action Override Action To Use Block Custom Response Defines a custom response for the web request. See
custom_responsebelow for details.
- custom
Response Property Map Defines a custom response for the web request. See
custom_responsebelow for details.
WebAclRuleStatementManagedRuleGroupStatementRuleActionOverrideActionToUseBlockCustomResponse, WebAclRuleStatementManagedRuleGroupStatementRuleActionOverrideActionToUseBlockCustomResponseArgs
- Response
Code int The HTTP status code to return to the client.
- Custom
Response stringBody Key References the response body that you want AWS WAF to return to the web request client. This must reference a
keydefined in acustom_response_bodyblock of this resource.- Response
Headers List<Pulumi.Aws. Waf V2. Inputs. Web Acl Rule Statement Managed Rule Group Statement Rule Action Override Action To Use Block Custom Response Response Header> The
response_headerblocks used to define the HTTP response headers added to the response. Seeresponse_headerbelow for details.
- Response
Code int The HTTP status code to return to the client.
- Custom
Response stringBody Key References the response body that you want AWS WAF to return to the web request client. This must reference a
keydefined in acustom_response_bodyblock of this resource.- Response
Headers []WebAcl Rule Statement Managed Rule Group Statement Rule Action Override Action To Use Block Custom Response Response Header The
response_headerblocks used to define the HTTP response headers added to the response. Seeresponse_headerbelow for details.
- response
Code Integer The HTTP status code to return to the client.
- custom
Response StringBody Key References the response body that you want AWS WAF to return to the web request client. This must reference a
keydefined in acustom_response_bodyblock of this resource.- response
Headers List<WebAcl Rule Statement Managed Rule Group Statement Rule Action Override Action To Use Block Custom Response Response Header> The
response_headerblocks used to define the HTTP response headers added to the response. Seeresponse_headerbelow for details.
- response
Code number The HTTP status code to return to the client.
- custom
Response stringBody Key References the response body that you want AWS WAF to return to the web request client. This must reference a
keydefined in acustom_response_bodyblock of this resource.- response
Headers WebAcl Rule Statement Managed Rule Group Statement Rule Action Override Action To Use Block Custom Response Response Header[] The
response_headerblocks used to define the HTTP response headers added to the response. Seeresponse_headerbelow for details.
- response_
code int The HTTP status code to return to the client.
- custom_
response_ strbody_ key References the response body that you want AWS WAF to return to the web request client. This must reference a
keydefined in acustom_response_bodyblock of this resource.- response_
headers Sequence[WebAcl Rule Statement Managed Rule Group Statement Rule Action Override Action To Use Block Custom Response Response Header] The
response_headerblocks used to define the HTTP response headers added to the response. Seeresponse_headerbelow for details.
- response
Code Number The HTTP status code to return to the client.
- custom
Response StringBody Key References the response body that you want AWS WAF to return to the web request client. This must reference a
keydefined in acustom_response_bodyblock of this resource.- response
Headers List<Property Map> The
response_headerblocks used to define the HTTP response headers added to the response. Seeresponse_headerbelow for details.
WebAclRuleStatementManagedRuleGroupStatementRuleActionOverrideActionToUseBlockCustomResponseResponseHeader, WebAclRuleStatementManagedRuleGroupStatementRuleActionOverrideActionToUseBlockCustomResponseResponseHeaderArgs
- Name string
Name of the custom header. For custom request header insertion, when AWS WAF inserts the header into the request, it prefixes this name
x-amzn-waf-, to avoid confusion with the headers that are already in the request. For example, for the header namesample, AWS WAF inserts the headerx-amzn-waf-sample.- Value string
Value of the custom header.
- Name string
Name of the custom header. For custom request header insertion, when AWS WAF inserts the header into the request, it prefixes this name
x-amzn-waf-, to avoid confusion with the headers that are already in the request. For example, for the header namesample, AWS WAF inserts the headerx-amzn-waf-sample.- Value string
Value of the custom header.
- name String
Name of the custom header. For custom request header insertion, when AWS WAF inserts the header into the request, it prefixes this name
x-amzn-waf-, to avoid confusion with the headers that are already in the request. For example, for the header namesample, AWS WAF inserts the headerx-amzn-waf-sample.- value String
Value of the custom header.
- name string
Name of the custom header. For custom request header insertion, when AWS WAF inserts the header into the request, it prefixes this name
x-amzn-waf-, to avoid confusion with the headers that are already in the request. For example, for the header namesample, AWS WAF inserts the headerx-amzn-waf-sample.- value string
Value of the custom header.
- name str
Name of the custom header. For custom request header insertion, when AWS WAF inserts the header into the request, it prefixes this name
x-amzn-waf-, to avoid confusion with the headers that are already in the request. For example, for the header namesample, AWS WAF inserts the headerx-amzn-waf-sample.- value str
Value of the custom header.
- name String
Name of the custom header. For custom request header insertion, when AWS WAF inserts the header into the request, it prefixes this name
x-amzn-waf-, to avoid confusion with the headers that are already in the request. For example, for the header namesample, AWS WAF inserts the headerx-amzn-waf-sample.- value String
Value of the custom header.
WebAclRuleStatementManagedRuleGroupStatementRuleActionOverrideActionToUseCaptcha, WebAclRuleStatementManagedRuleGroupStatementRuleActionOverrideActionToUseCaptchaArgs
- Custom
Request Pulumi.Handling Aws. Waf V2. Inputs. Web Acl Rule Statement Managed Rule Group Statement Rule Action Override Action To Use Captcha Custom Request Handling Defines custom handling for the web request. See
custom_request_handlingbelow for details.
- Custom
Request WebHandling Acl Rule Statement Managed Rule Group Statement Rule Action Override Action To Use Captcha Custom Request Handling Defines custom handling for the web request. See
custom_request_handlingbelow for details.
- custom
Request WebHandling Acl Rule Statement Managed Rule Group Statement Rule Action Override Action To Use Captcha Custom Request Handling Defines custom handling for the web request. See
custom_request_handlingbelow for details.
- custom
Request WebHandling Acl Rule Statement Managed Rule Group Statement Rule Action Override Action To Use Captcha Custom Request Handling Defines custom handling for the web request. See
custom_request_handlingbelow for details.
- custom_
request_ Webhandling Acl Rule Statement Managed Rule Group Statement Rule Action Override Action To Use Captcha Custom Request Handling Defines custom handling for the web request. See
custom_request_handlingbelow for details.
- custom
Request Property MapHandling Defines custom handling for the web request. See
custom_request_handlingbelow for details.
WebAclRuleStatementManagedRuleGroupStatementRuleActionOverrideActionToUseCaptchaCustomRequestHandling, WebAclRuleStatementManagedRuleGroupStatementRuleActionOverrideActionToUseCaptchaCustomRequestHandlingArgs
- Insert
Headers List<Pulumi.Aws. Waf V2. Inputs. Web Acl Rule Statement Managed Rule Group Statement Rule Action Override Action To Use Captcha Custom Request Handling Insert Header> The
insert_headerblocks used to define HTTP headers added to the request. Seeinsert_headerbelow for details.
- Insert
Headers []WebAcl Rule Statement Managed Rule Group Statement Rule Action Override Action To Use Captcha Custom Request Handling Insert Header The
insert_headerblocks used to define HTTP headers added to the request. Seeinsert_headerbelow for details.
- insert
Headers List<WebAcl Rule Statement Managed Rule Group Statement Rule Action Override Action To Use Captcha Custom Request Handling Insert Header> The
insert_headerblocks used to define HTTP headers added to the request. Seeinsert_headerbelow for details.
- insert
Headers WebAcl Rule Statement Managed Rule Group Statement Rule Action Override Action To Use Captcha Custom Request Handling Insert Header[] The
insert_headerblocks used to define HTTP headers added to the request. Seeinsert_headerbelow for details.
- insert_
headers Sequence[WebAcl Rule Statement Managed Rule Group Statement Rule Action Override Action To Use Captcha Custom Request Handling Insert Header] The
insert_headerblocks used to define HTTP headers added to the request. Seeinsert_headerbelow for details.
- insert
Headers List<Property Map> The
insert_headerblocks used to define HTTP headers added to the request. Seeinsert_headerbelow for details.
WebAclRuleStatementManagedRuleGroupStatementRuleActionOverrideActionToUseCaptchaCustomRequestHandlingInsertHeader, WebAclRuleStatementManagedRuleGroupStatementRuleActionOverrideActionToUseCaptchaCustomRequestHandlingInsertHeaderArgs
- Name string
Name of the custom header. For custom request header insertion, when AWS WAF inserts the header into the request, it prefixes this name
x-amzn-waf-, to avoid confusion with the headers that are already in the request. For example, for the header namesample, AWS WAF inserts the headerx-amzn-waf-sample.- Value string
Value of the custom header.
- Name string
Name of the custom header. For custom request header insertion, when AWS WAF inserts the header into the request, it prefixes this name
x-amzn-waf-, to avoid confusion with the headers that are already in the request. For example, for the header namesample, AWS WAF inserts the headerx-amzn-waf-sample.- Value string
Value of the custom header.
- name String
Name of the custom header. For custom request header insertion, when AWS WAF inserts the header into the request, it prefixes this name
x-amzn-waf-, to avoid confusion with the headers that are already in the request. For example, for the header namesample, AWS WAF inserts the headerx-amzn-waf-sample.- value String
Value of the custom header.
- name string
Name of the custom header. For custom request header insertion, when AWS WAF inserts the header into the request, it prefixes this name
x-amzn-waf-, to avoid confusion with the headers that are already in the request. For example, for the header namesample, AWS WAF inserts the headerx-amzn-waf-sample.- value string
Value of the custom header.
- name str
Name of the custom header. For custom request header insertion, when AWS WAF inserts the header into the request, it prefixes this name
x-amzn-waf-, to avoid confusion with the headers that are already in the request. For example, for the header namesample, AWS WAF inserts the headerx-amzn-waf-sample.- value str
Value of the custom header.
- name String
Name of the custom header. For custom request header insertion, when AWS WAF inserts the header into the request, it prefixes this name
x-amzn-waf-, to avoid confusion with the headers that are already in the request. For example, for the header namesample, AWS WAF inserts the headerx-amzn-waf-sample.- value String
Value of the custom header.
WebAclRuleStatementManagedRuleGroupStatementRuleActionOverrideActionToUseChallenge, WebAclRuleStatementManagedRuleGroupStatementRuleActionOverrideActionToUseChallengeArgs
- Custom
Request Pulumi.Handling Aws. Waf V2. Inputs. Web Acl Rule Statement Managed Rule Group Statement Rule Action Override Action To Use Challenge Custom Request Handling Defines custom handling for the web request. See
custom_request_handlingbelow for details.
- Custom
Request WebHandling Acl Rule Statement Managed Rule Group Statement Rule Action Override Action To Use Challenge Custom Request Handling Defines custom handling for the web request. See
custom_request_handlingbelow for details.
- custom
Request WebHandling Acl Rule Statement Managed Rule Group Statement Rule Action Override Action To Use Challenge Custom Request Handling Defines custom handling for the web request. See
custom_request_handlingbelow for details.
- custom
Request WebHandling Acl Rule Statement Managed Rule Group Statement Rule Action Override Action To Use Challenge Custom Request Handling Defines custom handling for the web request. See
custom_request_handlingbelow for details.
- custom_
request_ Webhandling Acl Rule Statement Managed Rule Group Statement Rule Action Override Action To Use Challenge Custom Request Handling Defines custom handling for the web request. See
custom_request_handlingbelow for details.
- custom
Request Property MapHandling Defines custom handling for the web request. See
custom_request_handlingbelow for details.
WebAclRuleStatementManagedRuleGroupStatementRuleActionOverrideActionToUseChallengeCustomRequestHandling, WebAclRuleStatementManagedRuleGroupStatementRuleActionOverrideActionToUseChallengeCustomRequestHandlingArgs
- Insert
Headers List<Pulumi.Aws. Waf V2. Inputs. Web Acl Rule Statement Managed Rule Group Statement Rule Action Override Action To Use Challenge Custom Request Handling Insert Header> The
insert_headerblocks used to define HTTP headers added to the request. Seeinsert_headerbelow for details.
- Insert
Headers []WebAcl Rule Statement Managed Rule Group Statement Rule Action Override Action To Use Challenge Custom Request Handling Insert Header The
insert_headerblocks used to define HTTP headers added to the request. Seeinsert_headerbelow for details.
- insert
Headers List<WebAcl Rule Statement Managed Rule Group Statement Rule Action Override Action To Use Challenge Custom Request Handling Insert Header> The
insert_headerblocks used to define HTTP headers added to the request. Seeinsert_headerbelow for details.
- insert
Headers WebAcl Rule Statement Managed Rule Group Statement Rule Action Override Action To Use Challenge Custom Request Handling Insert Header[] The
insert_headerblocks used to define HTTP headers added to the request. Seeinsert_headerbelow for details.
- insert_
headers Sequence[WebAcl Rule Statement Managed Rule Group Statement Rule Action Override Action To Use Challenge Custom Request Handling Insert Header] The
insert_headerblocks used to define HTTP headers added to the request. Seeinsert_headerbelow for details.
- insert
Headers List<Property Map> The
insert_headerblocks used to define HTTP headers added to the request. Seeinsert_headerbelow for details.
WebAclRuleStatementManagedRuleGroupStatementRuleActionOverrideActionToUseChallengeCustomRequestHandlingInsertHeader, WebAclRuleStatementManagedRuleGroupStatementRuleActionOverrideActionToUseChallengeCustomRequestHandlingInsertHeaderArgs
- Name string
Name of the custom header. For custom request header insertion, when AWS WAF inserts the header into the request, it prefixes this name
x-amzn-waf-, to avoid confusion with the headers that are already in the request. For example, for the header namesample, AWS WAF inserts the headerx-amzn-waf-sample.- Value string
Value of the custom header.
- Name string
Name of the custom header. For custom request header insertion, when AWS WAF inserts the header into the request, it prefixes this name
x-amzn-waf-, to avoid confusion with the headers that are already in the request. For example, for the header namesample, AWS WAF inserts the headerx-amzn-waf-sample.- Value string
Value of the custom header.
- name String
Name of the custom header. For custom request header insertion, when AWS WAF inserts the header into the request, it prefixes this name
x-amzn-waf-, to avoid confusion with the headers that are already in the request. For example, for the header namesample, AWS WAF inserts the headerx-amzn-waf-sample.- value String
Value of the custom header.
- name string
Name of the custom header. For custom request header insertion, when AWS WAF inserts the header into the request, it prefixes this name
x-amzn-waf-, to avoid confusion with the headers that are already in the request. For example, for the header namesample, AWS WAF inserts the headerx-amzn-waf-sample.- value string
Value of the custom header.
- name str
Name of the custom header. For custom request header insertion, when AWS WAF inserts the header into the request, it prefixes this name
x-amzn-waf-, to avoid confusion with the headers that are already in the request. For example, for the header namesample, AWS WAF inserts the headerx-amzn-waf-sample.- value str
Value of the custom header.
- name String
Name of the custom header. For custom request header insertion, when AWS WAF inserts the header into the request, it prefixes this name
x-amzn-waf-, to avoid confusion with the headers that are already in the request. For example, for the header namesample, AWS WAF inserts the headerx-amzn-waf-sample.- value String
Value of the custom header.
WebAclRuleStatementManagedRuleGroupStatementRuleActionOverrideActionToUseCount, WebAclRuleStatementManagedRuleGroupStatementRuleActionOverrideActionToUseCountArgs
- Custom
Request Pulumi.Handling Aws. Waf V2. Inputs. Web Acl Rule Statement Managed Rule Group Statement Rule Action Override Action To Use Count Custom Request Handling Defines custom handling for the web request. See
custom_request_handlingbelow for details.
- Custom
Request WebHandling Acl Rule Statement Managed Rule Group Statement Rule Action Override Action To Use Count Custom Request Handling Defines custom handling for the web request. See
custom_request_handlingbelow for details.
- custom
Request WebHandling Acl Rule Statement Managed Rule Group Statement Rule Action Override Action To Use Count Custom Request Handling Defines custom handling for the web request. See
custom_request_handlingbelow for details.
- custom
Request WebHandling Acl Rule Statement Managed Rule Group Statement Rule Action Override Action To Use Count Custom Request Handling Defines custom handling for the web request. See
custom_request_handlingbelow for details.
- custom_
request_ Webhandling Acl Rule Statement Managed Rule Group Statement Rule Action Override Action To Use Count Custom Request Handling Defines custom handling for the web request. See
custom_request_handlingbelow for details.
- custom
Request Property MapHandling Defines custom handling for the web request. See
custom_request_handlingbelow for details.
WebAclRuleStatementManagedRuleGroupStatementRuleActionOverrideActionToUseCountCustomRequestHandling, WebAclRuleStatementManagedRuleGroupStatementRuleActionOverrideActionToUseCountCustomRequestHandlingArgs
- Insert
Headers List<Pulumi.Aws. Waf V2. Inputs. Web Acl Rule Statement Managed Rule Group Statement Rule Action Override Action To Use Count Custom Request Handling Insert Header> The
insert_headerblocks used to define HTTP headers added to the request. Seeinsert_headerbelow for details.
- Insert
Headers []WebAcl Rule Statement Managed Rule Group Statement Rule Action Override Action To Use Count Custom Request Handling Insert Header The
insert_headerblocks used to define HTTP headers added to the request. Seeinsert_headerbelow for details.
- insert
Headers List<WebAcl Rule Statement Managed Rule Group Statement Rule Action Override Action To Use Count Custom Request Handling Insert Header> The
insert_headerblocks used to define HTTP headers added to the request. Seeinsert_headerbelow for details.
- insert
Headers WebAcl Rule Statement Managed Rule Group Statement Rule Action Override Action To Use Count Custom Request Handling Insert Header[] The
insert_headerblocks used to define HTTP headers added to the request. Seeinsert_headerbelow for details.
- insert_
headers Sequence[WebAcl Rule Statement Managed Rule Group Statement Rule Action Override Action To Use Count Custom Request Handling Insert Header] The
insert_headerblocks used to define HTTP headers added to the request. Seeinsert_headerbelow for details.
- insert
Headers List<Property Map> The
insert_headerblocks used to define HTTP headers added to the request. Seeinsert_headerbelow for details.
WebAclRuleStatementManagedRuleGroupStatementRuleActionOverrideActionToUseCountCustomRequestHandlingInsertHeader, WebAclRuleStatementManagedRuleGroupStatementRuleActionOverrideActionToUseCountCustomRequestHandlingInsertHeaderArgs
- Name string
Name of the custom header. For custom request header insertion, when AWS WAF inserts the header into the request, it prefixes this name
x-amzn-waf-, to avoid confusion with the headers that are already in the request. For example, for the header namesample, AWS WAF inserts the headerx-amzn-waf-sample.- Value string
Value of the custom header.
- Name string
Name of the custom header. For custom request header insertion, when AWS WAF inserts the header into the request, it prefixes this name
x-amzn-waf-, to avoid confusion with the headers that are already in the request. For example, for the header namesample, AWS WAF inserts the headerx-amzn-waf-sample.- Value string
Value of the custom header.
- name String
Name of the custom header. For custom request header insertion, when AWS WAF inserts the header into the request, it prefixes this name
x-amzn-waf-, to avoid confusion with the headers that are already in the request. For example, for the header namesample, AWS WAF inserts the headerx-amzn-waf-sample.- value String
Value of the custom header.
- name string
Name of the custom header. For custom request header insertion, when AWS WAF inserts the header into the request, it prefixes this name
x-amzn-waf-, to avoid confusion with the headers that are already in the request. For example, for the header namesample, AWS WAF inserts the headerx-amzn-waf-sample.- value string
Value of the custom header.
- name str
Name of the custom header. For custom request header insertion, when AWS WAF inserts the header into the request, it prefixes this name
x-amzn-waf-, to avoid confusion with the headers that are already in the request. For example, for the header namesample, AWS WAF inserts the headerx-amzn-waf-sample.- value str
Value of the custom header.
- name String
Name of the custom header. For custom request header insertion, when AWS WAF inserts the header into the request, it prefixes this name
x-amzn-waf-, to avoid confusion with the headers that are already in the request. For example, for the header namesample, AWS WAF inserts the headerx-amzn-waf-sample.- value String
Value of the custom header.
WebAclRuleStatementManagedRuleGroupStatementScopeDownStatement, WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementArgs
- And
Statement Pulumi.Aws. Waf V2. Inputs. Web Acl Rule Statement Managed Rule Group Statement Scope Down Statement And Statement Logical rule statement used to combine other rule statements with AND logic. See
and_statementbelow for details.- Byte
Match Pulumi.Statement Aws. Waf V2. Inputs. Web Acl Rule Statement Managed Rule Group Statement Scope Down Statement Byte Match Statement Rule statement that defines a string match search for AWS WAF to apply to web requests. See
byte_match_statementbelow for details.- Geo
Match Pulumi.Statement Aws. Waf V2. Inputs. Web Acl Rule Statement Managed Rule Group Statement Scope Down Statement Geo Match Statement Rule statement used to identify web requests based on country of origin. See
geo_match_statementbelow for details.- Ip
Set Pulumi.Reference Statement Aws. Waf V2. Inputs. Web Acl Rule Statement Managed Rule Group Statement Scope Down Statement Ip Set Reference Statement Rule statement used to detect web requests coming from particular IP addresses or address ranges. See
ip_set_reference_statementbelow for details.- Label
Match Pulumi.Statement Aws. Waf V2. Inputs. Web Acl Rule Statement Managed Rule Group Statement Scope Down Statement Label Match Statement Rule statement that defines a string match search against labels that have been added to the web request by rules that have already run in the web ACL. See
label_match_statementbelow for details.- Not
Statement Pulumi.Aws. Waf V2. Inputs. Web Acl Rule Statement Managed Rule Group Statement Scope Down Statement Not Statement Logical rule statement used to negate the results of another rule statement. See
not_statementbelow for details.- Or
Statement Pulumi.Aws. Waf V2. Inputs. Web Acl Rule Statement Managed Rule Group Statement Scope Down Statement Or Statement Logical rule statement used to combine other rule statements with OR logic. See
or_statementbelow for details.- Regex
Match Pulumi.Statement Aws. Waf V2. Inputs. Web Acl Rule Statement Managed Rule Group Statement Scope Down Statement Regex Match Statement Rule statement used to search web request components for a match against a single regular expression. See
regex_match_statementbelow for details.- Regex
Pattern Pulumi.Set Reference Statement Aws. Waf V2. Inputs. Web Acl Rule Statement Managed Rule Group Statement Scope Down Statement Regex Pattern Set Reference Statement Rule statement used to search web request components for matches with regular expressions. See
regex_pattern_set_reference_statementbelow for details.- Size
Constraint Pulumi.Statement Aws. Waf V2. Inputs. Web Acl Rule Statement Managed Rule Group Statement Scope Down Statement Size Constraint Statement Rule statement that compares a number of bytes against the size of a request component, using a comparison operator, such as greater than (>) or less than (<). See
size_constraint_statementbelow for more details.- Sqli
Match Pulumi.Statement Aws. Waf V2. Inputs. Web Acl Rule Statement Managed Rule Group Statement Scope Down Statement Sqli Match Statement An SQL injection match condition identifies the part of web requests, such as the URI or the query string, that you want AWS WAF to inspect. See
sqli_match_statementbelow for details.- Xss
Match Pulumi.Statement Aws. Waf V2. Inputs. Web Acl Rule Statement Managed Rule Group Statement Scope Down Statement Xss Match Statement Rule statement that defines a cross-site scripting (XSS) match search for AWS WAF to apply to web requests. See
xss_match_statementbelow for details.
- And
Statement WebAcl Rule Statement Managed Rule Group Statement Scope Down Statement And Statement Logical rule statement used to combine other rule statements with AND logic. See
and_statementbelow for details.- Byte
Match WebStatement Acl Rule Statement Managed Rule Group Statement Scope Down Statement Byte Match Statement Rule statement that defines a string match search for AWS WAF to apply to web requests. See
byte_match_statementbelow for details.- Geo
Match WebStatement Acl Rule Statement Managed Rule Group Statement Scope Down Statement Geo Match Statement Rule statement used to identify web requests based on country of origin. See
geo_match_statementbelow for details.- Ip
Set WebReference Statement Acl Rule Statement Managed Rule Group Statement Scope Down Statement Ip Set Reference Statement Rule statement used to detect web requests coming from particular IP addresses or address ranges. See
ip_set_reference_statementbelow for details.- Label
Match WebStatement Acl Rule Statement Managed Rule Group Statement Scope Down Statement Label Match Statement Rule statement that defines a string match search against labels that have been added to the web request by rules that have already run in the web ACL. See
label_match_statementbelow for details.- Not
Statement WebAcl Rule Statement Managed Rule Group Statement Scope Down Statement Not Statement Logical rule statement used to negate the results of another rule statement. See
not_statementbelow for details.- Or
Statement WebAcl Rule Statement Managed Rule Group Statement Scope Down Statement Or Statement Logical rule statement used to combine other rule statements with OR logic. See
or_statementbelow for details.- Regex
Match WebStatement Acl Rule Statement Managed Rule Group Statement Scope Down Statement Regex Match Statement Rule statement used to search web request components for a match against a single regular expression. See
regex_match_statementbelow for details.- Regex
Pattern WebSet Reference Statement Acl Rule Statement Managed Rule Group Statement Scope Down Statement Regex Pattern Set Reference Statement Rule statement used to search web request components for matches with regular expressions. See
regex_pattern_set_reference_statementbelow for details.- Size
Constraint WebStatement Acl Rule Statement Managed Rule Group Statement Scope Down Statement Size Constraint Statement Rule statement that compares a number of bytes against the size of a request component, using a comparison operator, such as greater than (>) or less than (<). See
size_constraint_statementbelow for more details.- Sqli
Match WebStatement Acl Rule Statement Managed Rule Group Statement Scope Down Statement Sqli Match Statement An SQL injection match condition identifies the part of web requests, such as the URI or the query string, that you want AWS WAF to inspect. See
sqli_match_statementbelow for details.- Xss
Match WebStatement Acl Rule Statement Managed Rule Group Statement Scope Down Statement Xss Match Statement Rule statement that defines a cross-site scripting (XSS) match search for AWS WAF to apply to web requests. See
xss_match_statementbelow for details.
- and
Statement WebAcl Rule Statement Managed Rule Group Statement Scope Down Statement And Statement Logical rule statement used to combine other rule statements with AND logic. See
and_statementbelow for details.- byte
Match WebStatement Acl Rule Statement Managed Rule Group Statement Scope Down Statement Byte Match Statement Rule statement that defines a string match search for AWS WAF to apply to web requests. See
byte_match_statementbelow for details.- geo
Match WebStatement Acl Rule Statement Managed Rule Group Statement Scope Down Statement Geo Match Statement Rule statement used to identify web requests based on country of origin. See
geo_match_statementbelow for details.- ip
Set WebReference Statement Acl Rule Statement Managed Rule Group Statement Scope Down Statement Ip Set Reference Statement Rule statement used to detect web requests coming from particular IP addresses or address ranges. See
ip_set_reference_statementbelow for details.- label
Match WebStatement Acl Rule Statement Managed Rule Group Statement Scope Down Statement Label Match Statement Rule statement that defines a string match search against labels that have been added to the web request by rules that have already run in the web ACL. See
label_match_statementbelow for details.- not
Statement WebAcl Rule Statement Managed Rule Group Statement Scope Down Statement Not Statement Logical rule statement used to negate the results of another rule statement. See
not_statementbelow for details.- or
Statement WebAcl Rule Statement Managed Rule Group Statement Scope Down Statement Or Statement Logical rule statement used to combine other rule statements with OR logic. See
or_statementbelow for details.- regex
Match WebStatement Acl Rule Statement Managed Rule Group Statement Scope Down Statement Regex Match Statement Rule statement used to search web request components for a match against a single regular expression. See
regex_match_statementbelow for details.- regex
Pattern WebSet Reference Statement Acl Rule Statement Managed Rule Group Statement Scope Down Statement Regex Pattern Set Reference Statement Rule statement used to search web request components for matches with regular expressions. See
regex_pattern_set_reference_statementbelow for details.- size
Constraint WebStatement Acl Rule Statement Managed Rule Group Statement Scope Down Statement Size Constraint Statement Rule statement that compares a number of bytes against the size of a request component, using a comparison operator, such as greater than (>) or less than (<). See
size_constraint_statementbelow for more details.- sqli
Match WebStatement Acl Rule Statement Managed Rule Group Statement Scope Down Statement Sqli Match Statement An SQL injection match condition identifies the part of web requests, such as the URI or the query string, that you want AWS WAF to inspect. See
sqli_match_statementbelow for details.- xss
Match WebStatement Acl Rule Statement Managed Rule Group Statement Scope Down Statement Xss Match Statement Rule statement that defines a cross-site scripting (XSS) match search for AWS WAF to apply to web requests. See
xss_match_statementbelow for details.
- and
Statement WebAcl Rule Statement Managed Rule Group Statement Scope Down Statement And Statement Logical rule statement used to combine other rule statements with AND logic. See
and_statementbelow for details.- byte
Match WebStatement Acl Rule Statement Managed Rule Group Statement Scope Down Statement Byte Match Statement Rule statement that defines a string match search for AWS WAF to apply to web requests. See
byte_match_statementbelow for details.- geo
Match WebStatement Acl Rule Statement Managed Rule Group Statement Scope Down Statement Geo Match Statement Rule statement used to identify web requests based on country of origin. See
geo_match_statementbelow for details.- ip
Set WebReference Statement Acl Rule Statement Managed Rule Group Statement Scope Down Statement Ip Set Reference Statement Rule statement used to detect web requests coming from particular IP addresses or address ranges. See
ip_set_reference_statementbelow for details.- label
Match WebStatement Acl Rule Statement Managed Rule Group Statement Scope Down Statement Label Match Statement Rule statement that defines a string match search against labels that have been added to the web request by rules that have already run in the web ACL. See
label_match_statementbelow for details.- not
Statement WebAcl Rule Statement Managed Rule Group Statement Scope Down Statement Not Statement Logical rule statement used to negate the results of another rule statement. See
not_statementbelow for details.- or
Statement WebAcl Rule Statement Managed Rule Group Statement Scope Down Statement Or Statement Logical rule statement used to combine other rule statements with OR logic. See
or_statementbelow for details.- regex
Match WebStatement Acl Rule Statement Managed Rule Group Statement Scope Down Statement Regex Match Statement Rule statement used to search web request components for a match against a single regular expression. See
regex_match_statementbelow for details.- regex
Pattern WebSet Reference Statement Acl Rule Statement Managed Rule Group Statement Scope Down Statement Regex Pattern Set Reference Statement Rule statement used to search web request components for matches with regular expressions. See
regex_pattern_set_reference_statementbelow for details.- size
Constraint WebStatement Acl Rule Statement Managed Rule Group Statement Scope Down Statement Size Constraint Statement Rule statement that compares a number of bytes against the size of a request component, using a comparison operator, such as greater than (>) or less than (<). See
size_constraint_statementbelow for more details.- sqli
Match WebStatement Acl Rule Statement Managed Rule Group Statement Scope Down Statement Sqli Match Statement An SQL injection match condition identifies the part of web requests, such as the URI or the query string, that you want AWS WAF to inspect. See
sqli_match_statementbelow for details.- xss
Match WebStatement Acl Rule Statement Managed Rule Group Statement Scope Down Statement Xss Match Statement Rule statement that defines a cross-site scripting (XSS) match search for AWS WAF to apply to web requests. See
xss_match_statementbelow for details.
- and_
statement WebAcl Rule Statement Managed Rule Group Statement Scope Down Statement And Statement Logical rule statement used to combine other rule statements with AND logic. See
and_statementbelow for details.- byte_
match_ Webstatement Acl Rule Statement Managed Rule Group Statement Scope Down Statement Byte Match Statement Rule statement that defines a string match search for AWS WAF to apply to web requests. See
byte_match_statementbelow for details.- geo_
match_ Webstatement Acl Rule Statement Managed Rule Group Statement Scope Down Statement Geo Match Statement Rule statement used to identify web requests based on country of origin. See
geo_match_statementbelow for details.- ip_
set_ Webreference_ statement Acl Rule Statement Managed Rule Group Statement Scope Down Statement Ip Set Reference Statement Rule statement used to detect web requests coming from particular IP addresses or address ranges. See
ip_set_reference_statementbelow for details.- label_
match_ Webstatement Acl Rule Statement Managed Rule Group Statement Scope Down Statement Label Match Statement Rule statement that defines a string match search against labels that have been added to the web request by rules that have already run in the web ACL. See
label_match_statementbelow for details.- not_
statement WebAcl Rule Statement Managed Rule Group Statement Scope Down Statement Not Statement Logical rule statement used to negate the results of another rule statement. See
not_statementbelow for details.- or_
statement WebAcl Rule Statement Managed Rule Group Statement Scope Down Statement Or Statement Logical rule statement used to combine other rule statements with OR logic. See
or_statementbelow for details.- regex_
match_ Webstatement Acl Rule Statement Managed Rule Group Statement Scope Down Statement Regex Match Statement Rule statement used to search web request components for a match against a single regular expression. See
regex_match_statementbelow for details.- regex_
pattern_ Webset_ reference_ statement Acl Rule Statement Managed Rule Group Statement Scope Down Statement Regex Pattern Set Reference Statement Rule statement used to search web request components for matches with regular expressions. See
regex_pattern_set_reference_statementbelow for details.- size_
constraint_ Webstatement Acl Rule Statement Managed Rule Group Statement Scope Down Statement Size Constraint Statement Rule statement that compares a number of bytes against the size of a request component, using a comparison operator, such as greater than (>) or less than (<). See
size_constraint_statementbelow for more details.- sqli_
match_ Webstatement Acl Rule Statement Managed Rule Group Statement Scope Down Statement Sqli Match Statement An SQL injection match condition identifies the part of web requests, such as the URI or the query string, that you want AWS WAF to inspect. See
sqli_match_statementbelow for details.- xss_
match_ Webstatement Acl Rule Statement Managed Rule Group Statement Scope Down Statement Xss Match Statement Rule statement that defines a cross-site scripting (XSS) match search for AWS WAF to apply to web requests. See
xss_match_statementbelow for details.
- and
Statement Property Map Logical rule statement used to combine other rule statements with AND logic. See
and_statementbelow for details.- byte
Match Property MapStatement Rule statement that defines a string match search for AWS WAF to apply to web requests. See
byte_match_statementbelow for details.- geo
Match Property MapStatement Rule statement used to identify web requests based on country of origin. See
geo_match_statementbelow for details.- ip
Set Property MapReference Statement Rule statement used to detect web requests coming from particular IP addresses or address ranges. See
ip_set_reference_statementbelow for details.- label
Match Property MapStatement Rule statement that defines a string match search against labels that have been added to the web request by rules that have already run in the web ACL. See
label_match_statementbelow for details.- not
Statement Property Map Logical rule statement used to negate the results of another rule statement. See
not_statementbelow for details.- or
Statement Property Map Logical rule statement used to combine other rule statements with OR logic. See
or_statementbelow for details.- regex
Match Property MapStatement Rule statement used to search web request components for a match against a single regular expression. See
regex_match_statementbelow for details.- regex
Pattern Property MapSet Reference Statement Rule statement used to search web request components for matches with regular expressions. See
regex_pattern_set_reference_statementbelow for details.- size
Constraint Property MapStatement Rule statement that compares a number of bytes against the size of a request component, using a comparison operator, such as greater than (>) or less than (<). See
size_constraint_statementbelow for more details.- sqli
Match Property MapStatement An SQL injection match condition identifies the part of web requests, such as the URI or the query string, that you want AWS WAF to inspect. See
sqli_match_statementbelow for details.- xss
Match Property MapStatement Rule statement that defines a cross-site scripting (XSS) match search for AWS WAF to apply to web requests. See
xss_match_statementbelow for details.
WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementAndStatement, WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementAndStatementArgs
- Statements
List<Pulumi.
Aws. Waf V2. Inputs. Web Acl Rule Statement> The statements to combine.
- Statements
[]Web
Acl Rule Statement The statements to combine.
- statements
List<Web
Acl Rule Statement> The statements to combine.
- statements
Web
Acl Rule Statement[] The statements to combine.
- statements
Sequence[Web
Acl Rule Statement] The statements to combine.
- statements List<Property Map>
The statements to combine.
WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementByteMatchStatement, WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementByteMatchStatementArgs
- Positional
Constraint string Area within the portion of a web request that you want AWS WAF to search for
search_string. Valid values include the following:EXACTLY,STARTS_WITH,ENDS_WITH,CONTAINS,CONTAINS_WORD. See the AWS documentation for more information.- Search
String string String value that you want AWS WAF to search for. AWS WAF searches only in the part of web requests that you designate for inspection in
field_to_match. The maximum length of the value is 50 bytes.- Text
Transformations List<Pulumi.Aws. Waf V2. Inputs. Web Acl Rule Statement Managed Rule Group Statement Scope Down Statement Byte Match Statement Text Transformation> Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. At least one transformation is required. See
text_transformationbelow for details.- Field
To Pulumi.Match Aws. Waf V2. Inputs. Web Acl Rule Statement Managed Rule Group Statement Scope Down Statement Byte Match Statement Field To Match Part of a web request that you want AWS WAF to inspect. See
field_to_matchbelow for details.
- Positional
Constraint string Area within the portion of a web request that you want AWS WAF to search for
search_string. Valid values include the following:EXACTLY,STARTS_WITH,ENDS_WITH,CONTAINS,CONTAINS_WORD. See the AWS documentation for more information.- Search
String string String value that you want AWS WAF to search for. AWS WAF searches only in the part of web requests that you designate for inspection in
field_to_match. The maximum length of the value is 50 bytes.- Text
Transformations []WebAcl Rule Statement Managed Rule Group Statement Scope Down Statement Byte Match Statement Text Transformation Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. At least one transformation is required. See
text_transformationbelow for details.- Field
To WebMatch Acl Rule Statement Managed Rule Group Statement Scope Down Statement Byte Match Statement Field To Match Part of a web request that you want AWS WAF to inspect. See
field_to_matchbelow for details.
- positional
Constraint String Area within the portion of a web request that you want AWS WAF to search for
search_string. Valid values include the following:EXACTLY,STARTS_WITH,ENDS_WITH,CONTAINS,CONTAINS_WORD. See the AWS documentation for more information.- search
String String String value that you want AWS WAF to search for. AWS WAF searches only in the part of web requests that you designate for inspection in
field_to_match. The maximum length of the value is 50 bytes.- text
Transformations List<WebAcl Rule Statement Managed Rule Group Statement Scope Down Statement Byte Match Statement Text Transformation> Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. At least one transformation is required. See
text_transformationbelow for details.- field
To WebMatch Acl Rule Statement Managed Rule Group Statement Scope Down Statement Byte Match Statement Field To Match Part of a web request that you want AWS WAF to inspect. See
field_to_matchbelow for details.
- positional
Constraint string Area within the portion of a web request that you want AWS WAF to search for
search_string. Valid values include the following:EXACTLY,STARTS_WITH,ENDS_WITH,CONTAINS,CONTAINS_WORD. See the AWS documentation for more information.- search
String string String value that you want AWS WAF to search for. AWS WAF searches only in the part of web requests that you designate for inspection in
field_to_match. The maximum length of the value is 50 bytes.- text
Transformations WebAcl Rule Statement Managed Rule Group Statement Scope Down Statement Byte Match Statement Text Transformation[] Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. At least one transformation is required. See
text_transformationbelow for details.- field
To WebMatch Acl Rule Statement Managed Rule Group Statement Scope Down Statement Byte Match Statement Field To Match Part of a web request that you want AWS WAF to inspect. See
field_to_matchbelow for details.
- positional_
constraint str Area within the portion of a web request that you want AWS WAF to search for
search_string. Valid values include the following:EXACTLY,STARTS_WITH,ENDS_WITH,CONTAINS,CONTAINS_WORD. See the AWS documentation for more information.- search_
string str String value that you want AWS WAF to search for. AWS WAF searches only in the part of web requests that you designate for inspection in
field_to_match. The maximum length of the value is 50 bytes.- text_
transformations Sequence[WebAcl Rule Statement Managed Rule Group Statement Scope Down Statement Byte Match Statement Text Transformation] Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. At least one transformation is required. See
text_transformationbelow for details.- field_
to_ Webmatch Acl Rule Statement Managed Rule Group Statement Scope Down Statement Byte Match Statement Field To Match Part of a web request that you want AWS WAF to inspect. See
field_to_matchbelow for details.
- positional
Constraint String Area within the portion of a web request that you want AWS WAF to search for
search_string. Valid values include the following:EXACTLY,STARTS_WITH,ENDS_WITH,CONTAINS,CONTAINS_WORD. See the AWS documentation for more information.- search
String String String value that you want AWS WAF to search for. AWS WAF searches only in the part of web requests that you designate for inspection in
field_to_match. The maximum length of the value is 50 bytes.- text
Transformations List<Property Map> Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. At least one transformation is required. See
text_transformationbelow for details.- field
To Property MapMatch Part of a web request that you want AWS WAF to inspect. See
field_to_matchbelow for details.
WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementByteMatchStatementFieldToMatch, WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementByteMatchStatementFieldToMatchArgs
- All
Query Pulumi.Arguments Aws. Waf V2. Inputs. Web Acl Rule Statement Managed Rule Group Statement Scope Down Statement Byte Match Statement Field To Match All Query Arguments Inspect all query arguments.
- Body
Pulumi.
Aws. Waf V2. Inputs. Web Acl Rule Statement Managed Rule Group Statement Scope Down Statement Byte Match Statement Field To Match Body Inspect the request body, which immediately follows the request headers. See
bodybelow for details.-
Pulumi.
Aws. Waf V2. Inputs. Web Acl Rule Statement Managed Rule Group Statement Scope Down Statement Byte Match Statement Field To Match Cookies Inspect the cookies in the web request. See
cookiesbelow for details.- Headers
List<Pulumi.
Aws. Waf V2. Inputs. Web Acl Rule Statement Managed Rule Group Statement Scope Down Statement Byte Match Statement Field To Match Header> Inspect the request headers. See
headersbelow for details.- Json
Body Pulumi.Aws. Waf V2. Inputs. Web Acl Rule Statement Managed Rule Group Statement Scope Down Statement Byte Match Statement Field To Match Json Body Inspect the request body as JSON. See
json_bodyfor details.- Method
Pulumi.
Aws. Waf V2. Inputs. Web Acl Rule Statement Managed Rule Group Statement Scope Down Statement Byte Match Statement Field To Match Method Inspect the HTTP method. The method indicates the type of operation that the request is asking the origin to perform.
- Query
String Pulumi.Aws. Waf V2. Inputs. Web Acl Rule Statement Managed Rule Group Statement Scope Down Statement Byte Match Statement Field To Match Query String Inspect the query string. This is the part of a URL that appears after a
?character, if any.- Single
Header Pulumi.Aws. Waf V2. Inputs. Web Acl Rule Statement Managed Rule Group Statement Scope Down Statement Byte Match Statement Field To Match Single Header Inspect a single header. See
single_headerbelow for details.- Single
Query Pulumi.Argument Aws. Waf V2. Inputs. Web Acl Rule Statement Managed Rule Group Statement Scope Down Statement Byte Match Statement Field To Match Single Query Argument Inspect a single query argument. See
single_query_argumentbelow for details.- Uri
Path Pulumi.Aws. Waf V2. Inputs. Web Acl Rule Statement Managed Rule Group Statement Scope Down Statement Byte Match Statement Field To Match Uri Path Inspect the request URI path. This is the part of a web request that identifies a resource, for example,
/images/daily-ad.jpg.
- All
Query WebArguments Acl Rule Statement Managed Rule Group Statement Scope Down Statement Byte Match Statement Field To Match All Query Arguments Inspect all query arguments.
- Body
Web
Acl Rule Statement Managed Rule Group Statement Scope Down Statement Byte Match Statement Field To Match Body Inspect the request body, which immediately follows the request headers. See
bodybelow for details.-
Web
Acl Rule Statement Managed Rule Group Statement Scope Down Statement Byte Match Statement Field To Match Cookies Inspect the cookies in the web request. See
cookiesbelow for details.- Headers
[]Web
Acl Rule Statement Managed Rule Group Statement Scope Down Statement Byte Match Statement Field To Match Header Inspect the request headers. See
headersbelow for details.- Json
Body WebAcl Rule Statement Managed Rule Group Statement Scope Down Statement Byte Match Statement Field To Match Json Body Inspect the request body as JSON. See
json_bodyfor details.- Method
Web
Acl Rule Statement Managed Rule Group Statement Scope Down Statement Byte Match Statement Field To Match Method Inspect the HTTP method. The method indicates the type of operation that the request is asking the origin to perform.
- Query
String WebAcl Rule Statement Managed Rule Group Statement Scope Down Statement Byte Match Statement Field To Match Query String Inspect the query string. This is the part of a URL that appears after a
?character, if any.- Single
Header WebAcl Rule Statement Managed Rule Group Statement Scope Down Statement Byte Match Statement Field To Match Single Header Inspect a single header. See
single_headerbelow for details.- Single
Query WebArgument Acl Rule Statement Managed Rule Group Statement Scope Down Statement Byte Match Statement Field To Match Single Query Argument Inspect a single query argument. See
single_query_argumentbelow for details.- Uri
Path WebAcl Rule Statement Managed Rule Group Statement Scope Down Statement Byte Match Statement Field To Match Uri Path Inspect the request URI path. This is the part of a web request that identifies a resource, for example,
/images/daily-ad.jpg.
- all
Query WebArguments Acl Rule Statement Managed Rule Group Statement Scope Down Statement Byte Match Statement Field To Match All Query Arguments Inspect all query arguments.
- body
Web
Acl Rule Statement Managed Rule Group Statement Scope Down Statement Byte Match Statement Field To Match Body Inspect the request body, which immediately follows the request headers. See
bodybelow for details.-
Web
Acl Rule Statement Managed Rule Group Statement Scope Down Statement Byte Match Statement Field To Match Cookies Inspect the cookies in the web request. See
cookiesbelow for details.- headers
List<Web
Acl Rule Statement Managed Rule Group Statement Scope Down Statement Byte Match Statement Field To Match Header> Inspect the request headers. See
headersbelow for details.- json
Body WebAcl Rule Statement Managed Rule Group Statement Scope Down Statement Byte Match Statement Field To Match Json Body Inspect the request body as JSON. See
json_bodyfor details.- method
Web
Acl Rule Statement Managed Rule Group Statement Scope Down Statement Byte Match Statement Field To Match Method Inspect the HTTP method. The method indicates the type of operation that the request is asking the origin to perform.
- query
String WebAcl Rule Statement Managed Rule Group Statement Scope Down Statement Byte Match Statement Field To Match Query String Inspect the query string. This is the part of a URL that appears after a
?character, if any.- single
Header WebAcl Rule Statement Managed Rule Group Statement Scope Down Statement Byte Match Statement Field To Match Single Header Inspect a single header. See
single_headerbelow for details.- single
Query WebArgument Acl Rule Statement Managed Rule Group Statement Scope Down Statement Byte Match Statement Field To Match Single Query Argument Inspect a single query argument. See
single_query_argumentbelow for details.- uri
Path WebAcl Rule Statement Managed Rule Group Statement Scope Down Statement Byte Match Statement Field To Match Uri Path Inspect the request URI path. This is the part of a web request that identifies a resource, for example,
/images/daily-ad.jpg.
- all
Query WebArguments Acl Rule Statement Managed Rule Group Statement Scope Down Statement Byte Match Statement Field To Match All Query Arguments Inspect all query arguments.
- body
Web
Acl Rule Statement Managed Rule Group Statement Scope Down Statement Byte Match Statement Field To Match Body Inspect the request body, which immediately follows the request headers. See
bodybelow for details.-
Web
Acl Rule Statement Managed Rule Group Statement Scope Down Statement Byte Match Statement Field To Match Cookies Inspect the cookies in the web request. See
cookiesbelow for details.- headers
Web
Acl Rule Statement Managed Rule Group Statement Scope Down Statement Byte Match Statement Field To Match Header[] Inspect the request headers. See
headersbelow for details.- json
Body WebAcl Rule Statement Managed Rule Group Statement Scope Down Statement Byte Match Statement Field To Match Json Body Inspect the request body as JSON. See
json_bodyfor details.- method
Web
Acl Rule Statement Managed Rule Group Statement Scope Down Statement Byte Match Statement Field To Match Method Inspect the HTTP method. The method indicates the type of operation that the request is asking the origin to perform.
- query
String WebAcl Rule Statement Managed Rule Group Statement Scope Down Statement Byte Match Statement Field To Match Query String Inspect the query string. This is the part of a URL that appears after a
?character, if any.- single
Header WebAcl Rule Statement Managed Rule Group Statement Scope Down Statement Byte Match Statement Field To Match Single Header Inspect a single header. See
single_headerbelow for details.- single
Query WebArgument Acl Rule Statement Managed Rule Group Statement Scope Down Statement Byte Match Statement Field To Match Single Query Argument Inspect a single query argument. See
single_query_argumentbelow for details.- uri
Path WebAcl Rule Statement Managed Rule Group Statement Scope Down Statement Byte Match Statement Field To Match Uri Path Inspect the request URI path. This is the part of a web request that identifies a resource, for example,
/images/daily-ad.jpg.
- all_
query_ Webarguments Acl Rule Statement Managed Rule Group Statement Scope Down Statement Byte Match Statement Field To Match All Query Arguments Inspect all query arguments.
- body
Web
Acl Rule Statement Managed Rule Group Statement Scope Down Statement Byte Match Statement Field To Match Body Inspect the request body, which immediately follows the request headers. See
bodybelow for details.-
Web
Acl Rule Statement Managed Rule Group Statement Scope Down Statement Byte Match Statement Field To Match Cookies Inspect the cookies in the web request. See
cookiesbelow for details.- headers
Sequence[Web
Acl Rule Statement Managed Rule Group Statement Scope Down Statement Byte Match Statement Field To Match Header] Inspect the request headers. See
headersbelow for details.- json_
body WebAcl Rule Statement Managed Rule Group Statement Scope Down Statement Byte Match Statement Field To Match Json Body Inspect the request body as JSON. See
json_bodyfor details.- method
Web
Acl Rule Statement Managed Rule Group Statement Scope Down Statement Byte Match Statement Field To Match Method Inspect the HTTP method. The method indicates the type of operation that the request is asking the origin to perform.
- query_
string WebAcl Rule Statement Managed Rule Group Statement Scope Down Statement Byte Match Statement Field To Match Query String Inspect the query string. This is the part of a URL that appears after a
?character, if any.- single_
header WebAcl Rule Statement Managed Rule Group Statement Scope Down Statement Byte Match Statement Field To Match Single Header Inspect a single header. See
single_headerbelow for details.- single_
query_ Webargument Acl Rule Statement Managed Rule Group Statement Scope Down Statement Byte Match Statement Field To Match Single Query Argument Inspect a single query argument. See
single_query_argumentbelow for details.- uri_
path WebAcl Rule Statement Managed Rule Group Statement Scope Down Statement Byte Match Statement Field To Match Uri Path Inspect the request URI path. This is the part of a web request that identifies a resource, for example,
/images/daily-ad.jpg.
- all
Query Property MapArguments Inspect all query arguments.
- body Property Map
Inspect the request body, which immediately follows the request headers. See
bodybelow for details.- Property Map
Inspect the cookies in the web request. See
cookiesbelow for details.- headers List<Property Map>
Inspect the request headers. See
headersbelow for details.- json
Body Property Map Inspect the request body as JSON. See
json_bodyfor details.- method Property Map
Inspect the HTTP method. The method indicates the type of operation that the request is asking the origin to perform.
- query
String Property Map Inspect the query string. This is the part of a URL that appears after a
?character, if any.- single
Header Property Map Inspect a single header. See
single_headerbelow for details.- single
Query Property MapArgument Inspect a single query argument. See
single_query_argumentbelow for details.- uri
Path Property Map Inspect the request URI path. This is the part of a web request that identifies a resource, for example,
/images/daily-ad.jpg.
WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementByteMatchStatementFieldToMatchBody, WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementByteMatchStatementFieldToMatchBodyArgs
- Oversize
Handling string What WAF should do if the body is larger than WAF can inspect. WAF does not support inspecting the entire contents of the body of a web request when the body exceeds 8 KB (8192 bytes). Only the first 8 KB of the request body are forwarded to WAF by the underlying host service. Valid values:
CONTINUE,MATCH,NO_MATCH.
- Oversize
Handling string What WAF should do if the body is larger than WAF can inspect. WAF does not support inspecting the entire contents of the body of a web request when the body exceeds 8 KB (8192 bytes). Only the first 8 KB of the request body are forwarded to WAF by the underlying host service. Valid values:
CONTINUE,MATCH,NO_MATCH.
- oversize
Handling String What WAF should do if the body is larger than WAF can inspect. WAF does not support inspecting the entire contents of the body of a web request when the body exceeds 8 KB (8192 bytes). Only the first 8 KB of the request body are forwarded to WAF by the underlying host service. Valid values:
CONTINUE,MATCH,NO_MATCH.
- oversize
Handling string What WAF should do if the body is larger than WAF can inspect. WAF does not support inspecting the entire contents of the body of a web request when the body exceeds 8 KB (8192 bytes). Only the first 8 KB of the request body are forwarded to WAF by the underlying host service. Valid values:
CONTINUE,MATCH,NO_MATCH.
- oversize_
handling str What WAF should do if the body is larger than WAF can inspect. WAF does not support inspecting the entire contents of the body of a web request when the body exceeds 8 KB (8192 bytes). Only the first 8 KB of the request body are forwarded to WAF by the underlying host service. Valid values:
CONTINUE,MATCH,NO_MATCH.
- oversize
Handling String What WAF should do if the body is larger than WAF can inspect. WAF does not support inspecting the entire contents of the body of a web request when the body exceeds 8 KB (8192 bytes). Only the first 8 KB of the request body are forwarded to WAF by the underlying host service. Valid values:
CONTINUE,MATCH,NO_MATCH.
WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementByteMatchStatementFieldToMatchCookies, WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementByteMatchStatementFieldToMatchCookiesArgs
- Match
Patterns List<Pulumi.Aws. Waf V2. Inputs. Web Acl Rule Statement Managed Rule Group Statement Scope Down Statement Byte Match Statement Field To Match Cookies Match Pattern> The filter to use to identify the subset of cookies to inspect in a web request. You must specify exactly one setting: either
all,included_cookiesorexcluded_cookies. More details: CookieMatchPattern- Match
Scope string The parts of the cookies to inspect with the rule inspection criteria. If you specify All, AWS WAF inspects both keys and values. Valid values:
ALL,KEY,VALUE- Oversize
Handling string What AWS WAF should do if the cookies of the request are larger than AWS WAF can inspect. AWS WAF does not support inspecting the entire contents of request cookies when they exceed 8 KB (8192 bytes) or 200 total cookies. The underlying host service forwards a maximum of 200 cookies and at most 8 KB of cookie contents to AWS WAF. Valid values:
CONTINUE,MATCH,NO_MATCH.
- Match
Patterns []WebAcl Rule Statement Managed Rule Group Statement Scope Down Statement Byte Match Statement Field To Match Cookies Match Pattern The filter to use to identify the subset of cookies to inspect in a web request. You must specify exactly one setting: either
all,included_cookiesorexcluded_cookies. More details: CookieMatchPattern- Match
Scope string The parts of the cookies to inspect with the rule inspection criteria. If you specify All, AWS WAF inspects both keys and values. Valid values:
ALL,KEY,VALUE- Oversize
Handling string What AWS WAF should do if the cookies of the request are larger than AWS WAF can inspect. AWS WAF does not support inspecting the entire contents of request cookies when they exceed 8 KB (8192 bytes) or 200 total cookies. The underlying host service forwards a maximum of 200 cookies and at most 8 KB of cookie contents to AWS WAF. Valid values:
CONTINUE,MATCH,NO_MATCH.
- match
Patterns List<WebAcl Rule Statement Managed Rule Group Statement Scope Down Statement Byte Match Statement Field To Match Cookies Match Pattern> The filter to use to identify the subset of cookies to inspect in a web request. You must specify exactly one setting: either
all,included_cookiesorexcluded_cookies. More details: CookieMatchPattern- match
Scope String The parts of the cookies to inspect with the rule inspection criteria. If you specify All, AWS WAF inspects both keys and values. Valid values:
ALL,KEY,VALUE- oversize
Handling String What AWS WAF should do if the cookies of the request are larger than AWS WAF can inspect. AWS WAF does not support inspecting the entire contents of request cookies when they exceed 8 KB (8192 bytes) or 200 total cookies. The underlying host service forwards a maximum of 200 cookies and at most 8 KB of cookie contents to AWS WAF. Valid values:
CONTINUE,MATCH,NO_MATCH.
- match
Patterns WebAcl Rule Statement Managed Rule Group Statement Scope Down Statement Byte Match Statement Field To Match Cookies Match Pattern[] The filter to use to identify the subset of cookies to inspect in a web request. You must specify exactly one setting: either
all,included_cookiesorexcluded_cookies. More details: CookieMatchPattern- match
Scope string The parts of the cookies to inspect with the rule inspection criteria. If you specify All, AWS WAF inspects both keys and values. Valid values:
ALL,KEY,VALUE- oversize
Handling string What AWS WAF should do if the cookies of the request are larger than AWS WAF can inspect. AWS WAF does not support inspecting the entire contents of request cookies when they exceed 8 KB (8192 bytes) or 200 total cookies. The underlying host service forwards a maximum of 200 cookies and at most 8 KB of cookie contents to AWS WAF. Valid values:
CONTINUE,MATCH,NO_MATCH.
- match_
patterns Sequence[WebAcl Rule Statement Managed Rule Group Statement Scope Down Statement Byte Match Statement Field To Match Cookies Match Pattern] The filter to use to identify the subset of cookies to inspect in a web request. You must specify exactly one setting: either
all,included_cookiesorexcluded_cookies. More details: CookieMatchPattern- match_
scope str The parts of the cookies to inspect with the rule inspection criteria. If you specify All, AWS WAF inspects both keys and values. Valid values:
ALL,KEY,VALUE- oversize_
handling str What AWS WAF should do if the cookies of the request are larger than AWS WAF can inspect. AWS WAF does not support inspecting the entire contents of request cookies when they exceed 8 KB (8192 bytes) or 200 total cookies. The underlying host service forwards a maximum of 200 cookies and at most 8 KB of cookie contents to AWS WAF. Valid values:
CONTINUE,MATCH,NO_MATCH.
- match
Patterns List<Property Map> The filter to use to identify the subset of cookies to inspect in a web request. You must specify exactly one setting: either
all,included_cookiesorexcluded_cookies. More details: CookieMatchPattern- match
Scope String The parts of the cookies to inspect with the rule inspection criteria. If you specify All, AWS WAF inspects both keys and values. Valid values:
ALL,KEY,VALUE- oversize
Handling String What AWS WAF should do if the cookies of the request are larger than AWS WAF can inspect. AWS WAF does not support inspecting the entire contents of request cookies when they exceed 8 KB (8192 bytes) or 200 total cookies. The underlying host service forwards a maximum of 200 cookies and at most 8 KB of cookie contents to AWS WAF. Valid values:
CONTINUE,MATCH,NO_MATCH.
WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementByteMatchStatementFieldToMatchCookiesMatchPattern, WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementByteMatchStatementFieldToMatchCookiesMatchPatternArgs
- All
Pulumi.
Aws. Waf V2. Inputs. Web Acl Rule Statement Managed Rule Group Statement Scope Down Statement Byte Match Statement Field To Match Cookies Match Pattern All An empty configuration block that is used for inspecting all headers.
- List<string>
- List<string>
- All
Web
Acl Rule Statement Managed Rule Group Statement Scope Down Statement Byte Match Statement Field To Match Cookies Match Pattern All An empty configuration block that is used for inspecting all headers.
- []string
- []string
- all
Web
Acl Rule Statement Managed Rule Group Statement Scope Down Statement Byte Match Statement Field To Match Cookies Match Pattern All An empty configuration block that is used for inspecting all headers.
- List<String>
- List<String>
- all
Web
Acl Rule Statement Managed Rule Group Statement Scope Down Statement Byte Match Statement Field To Match Cookies Match Pattern All An empty configuration block that is used for inspecting all headers.
- string[]
- string[]
- all
Web
Acl Rule Statement Managed Rule Group Statement Scope Down Statement Byte Match Statement Field To Match Cookies Match Pattern All An empty configuration block that is used for inspecting all headers.
- Sequence[str]
- Sequence[str]
- all Property Map
An empty configuration block that is used for inspecting all headers.
- List<String>
- List<String>
WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementByteMatchStatementFieldToMatchHeader, WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementByteMatchStatementFieldToMatchHeaderArgs
- Match
Pattern Pulumi.Aws. Waf V2. Inputs. Web Acl Rule Statement Managed Rule Group Statement Scope Down Statement Byte Match Statement Field To Match Header Match Pattern The filter to use to identify the subset of headers to inspect in a web request. The
match_patternblock supports only one of the following arguments:- Match
Scope string The parts of the headers to inspect with the rule inspection criteria. If you specify
All, AWS WAF inspects both keys and values. Valid values include the following:ALL,Key,Value.- Oversize
Handling string Oversize handling tells AWS WAF what to do with a web request when the request component that the rule inspects is over the limits. Valid values include the following:
CONTINUE,MATCH,NO_MATCH. See the AWS documentation for more information.
- Match
Pattern WebAcl Rule Statement Managed Rule Group Statement Scope Down Statement Byte Match Statement Field To Match Header Match Pattern The filter to use to identify the subset of headers to inspect in a web request. The
match_patternblock supports only one of the following arguments:- Match
Scope string The parts of the headers to inspect with the rule inspection criteria. If you specify
All, AWS WAF inspects both keys and values. Valid values include the following:ALL,Key,Value.- Oversize
Handling string Oversize handling tells AWS WAF what to do with a web request when the request component that the rule inspects is over the limits. Valid values include the following:
CONTINUE,MATCH,NO_MATCH. See the AWS documentation for more information.
- match
Pattern WebAcl Rule Statement Managed Rule Group Statement Scope Down Statement Byte Match Statement Field To Match Header Match Pattern The filter to use to identify the subset of headers to inspect in a web request. The
match_patternblock supports only one of the following arguments:- match
Scope String The parts of the headers to inspect with the rule inspection criteria. If you specify
All, AWS WAF inspects both keys and values. Valid values include the following:ALL,Key,Value.- oversize
Handling String Oversize handling tells AWS WAF what to do with a web request when the request component that the rule inspects is over the limits. Valid values include the following:
CONTINUE,MATCH,NO_MATCH. See the AWS documentation for more information.
- match
Pattern WebAcl Rule Statement Managed Rule Group Statement Scope Down Statement Byte Match Statement Field To Match Header Match Pattern The filter to use to identify the subset of headers to inspect in a web request. The
match_patternblock supports only one of the following arguments:- match
Scope string The parts of the headers to inspect with the rule inspection criteria. If you specify
All, AWS WAF inspects both keys and values. Valid values include the following:ALL,Key,Value.- oversize
Handling string Oversize handling tells AWS WAF what to do with a web request when the request component that the rule inspects is over the limits. Valid values include the following:
CONTINUE,MATCH,NO_MATCH. See the AWS documentation for more information.
- match_
pattern WebAcl Rule Statement Managed Rule Group Statement Scope Down Statement Byte Match Statement Field To Match Header Match Pattern The filter to use to identify the subset of headers to inspect in a web request. The
match_patternblock supports only one of the following arguments:- match_
scope str The parts of the headers to inspect with the rule inspection criteria. If you specify
All, AWS WAF inspects both keys and values. Valid values include the following:ALL,Key,Value.- oversize_
handling str Oversize handling tells AWS WAF what to do with a web request when the request component that the rule inspects is over the limits. Valid values include the following:
CONTINUE,MATCH,NO_MATCH. See the AWS documentation for more information.
- match
Pattern Property Map The filter to use to identify the subset of headers to inspect in a web request. The
match_patternblock supports only one of the following arguments:- match
Scope String The parts of the headers to inspect with the rule inspection criteria. If you specify
All, AWS WAF inspects both keys and values. Valid values include the following:ALL,Key,Value.- oversize
Handling String Oversize handling tells AWS WAF what to do with a web request when the request component that the rule inspects is over the limits. Valid values include the following:
CONTINUE,MATCH,NO_MATCH. See the AWS documentation for more information.
WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementByteMatchStatementFieldToMatchHeaderMatchPattern, WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementByteMatchStatementFieldToMatchHeaderMatchPatternArgs
- All
Pulumi.
Aws. Waf V2. Inputs. Web Acl Rule Statement Managed Rule Group Statement Scope Down Statement Byte Match Statement Field To Match Header Match Pattern All An empty configuration block that is used for inspecting all headers.
- Excluded
Headers List<string> An array of strings that will be used for inspecting headers that do not have a key that matches one of the provided values.
- Included
Headers List<string> An array of strings that will be used for inspecting headers that have a key that matches one of the provided values.
- All
Web
Acl Rule Statement Managed Rule Group Statement Scope Down Statement Byte Match Statement Field To Match Header Match Pattern All An empty configuration block that is used for inspecting all headers.
- Excluded
Headers []string An array of strings that will be used for inspecting headers that do not have a key that matches one of the provided values.
- Included
Headers []string An array of strings that will be used for inspecting headers that have a key that matches one of the provided values.
- all
Web
Acl Rule Statement Managed Rule Group Statement Scope Down Statement Byte Match Statement Field To Match Header Match Pattern All An empty configuration block that is used for inspecting all headers.
- excluded
Headers List<String> An array of strings that will be used for inspecting headers that do not have a key that matches one of the provided values.
- included
Headers List<String> An array of strings that will be used for inspecting headers that have a key that matches one of the provided values.
- all
Web
Acl Rule Statement Managed Rule Group Statement Scope Down Statement Byte Match Statement Field To Match Header Match Pattern All An empty configuration block that is used for inspecting all headers.
- excluded
Headers string[] An array of strings that will be used for inspecting headers that do not have a key that matches one of the provided values.
- included
Headers string[] An array of strings that will be used for inspecting headers that have a key that matches one of the provided values.
- all
Web
Acl Rule Statement Managed Rule Group Statement Scope Down Statement Byte Match Statement Field To Match Header Match Pattern All An empty configuration block that is used for inspecting all headers.
- excluded_
headers Sequence[str] An array of strings that will be used for inspecting headers that do not have a key that matches one of the provided values.
- included_
headers Sequence[str] An array of strings that will be used for inspecting headers that have a key that matches one of the provided values.
- all Property Map
An empty configuration block that is used for inspecting all headers.
- excluded
Headers List<String> An array of strings that will be used for inspecting headers that do not have a key that matches one of the provided values.
- included
Headers List<String> An array of strings that will be used for inspecting headers that have a key that matches one of the provided values.
WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementByteMatchStatementFieldToMatchJsonBody, WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementByteMatchStatementFieldToMatchJsonBodyArgs
- Match
Pattern Pulumi.Aws. Waf V2. Inputs. Web Acl Rule Statement Managed Rule Group Statement Scope Down Statement Byte Match Statement Field To Match Json Body Match Pattern The patterns to look for in the JSON body. You must specify exactly one setting: either
allorincluded_paths. See JsonMatchPattern for details.- Match
Scope string The parts of the JSON to match against using the
match_pattern. Valid values areALL,KEYandVALUE.- Invalid
Fallback stringBehavior What to do when JSON parsing fails. Defaults to evaluating up to the first parsing failure. Valid values are
EVALUATE_AS_STRING,MATCHandNO_MATCH.- Oversize
Handling string What to do if the body is larger than can be inspected. Valid values are
CONTINUE(default),MATCHandNO_MATCH.
- Match
Pattern WebAcl Rule Statement Managed Rule Group Statement Scope Down Statement Byte Match Statement Field To Match Json Body Match Pattern The patterns to look for in the JSON body. You must specify exactly one setting: either
allorincluded_paths. See JsonMatchPattern for details.- Match
Scope string The parts of the JSON to match against using the
match_pattern. Valid values areALL,KEYandVALUE.- Invalid
Fallback stringBehavior What to do when JSON parsing fails. Defaults to evaluating up to the first parsing failure. Valid values are
EVALUATE_AS_STRING,MATCHandNO_MATCH.- Oversize
Handling string What to do if the body is larger than can be inspected. Valid values are
CONTINUE(default),MATCHandNO_MATCH.
- match
Pattern WebAcl Rule Statement Managed Rule Group Statement Scope Down Statement Byte Match Statement Field To Match Json Body Match Pattern The patterns to look for in the JSON body. You must specify exactly one setting: either
allorincluded_paths. See JsonMatchPattern for details.- match
Scope String The parts of the JSON to match against using the
match_pattern. Valid values areALL,KEYandVALUE.- invalid
Fallback StringBehavior What to do when JSON parsing fails. Defaults to evaluating up to the first parsing failure. Valid values are
EVALUATE_AS_STRING,MATCHandNO_MATCH.