Class: Aws::SecurityHub::Types::AwsWafWebAclRule

Inherits:
Struct
  • Object
show all
Includes:
Aws::Structure
Defined in:
lib/aws-sdk-securityhub/types.rb

Overview

Details for a rule in an WAF web ACL.

Constant Summary collapse

SENSITIVE =
[]

Instance Attribute Summary collapse

Instance Attribute Details

#actionTypes::WafAction

Specifies the action that CloudFront or WAF takes when a web request matches the conditions in the rule.

Returns:



22054
22055
22056
22057
22058
22059
22060
22061
22062
22063
# File 'lib/aws-sdk-securityhub/types.rb', line 22054

class AwsWafWebAclRule < Struct.new(
  :action,
  :excluded_rules,
  :override_action,
  :priority,
  :rule_id,
  :type)
  SENSITIVE = []
  include Aws::Structure
end

#excluded_rulesArray<Types::WafExcludedRule>

Rules to exclude from a rule group.

Returns:



22054
22055
22056
22057
22058
22059
22060
22061
22062
22063
# File 'lib/aws-sdk-securityhub/types.rb', line 22054

class AwsWafWebAclRule < Struct.new(
  :action,
  :excluded_rules,
  :override_action,
  :priority,
  :rule_id,
  :type)
  SENSITIVE = []
  include Aws::Structure
end

#override_actionTypes::WafOverrideAction

Use the ‘OverrideAction` to test your `RuleGroup`.

Any rule in a ‘RuleGroup` can potentially block a request. If you set the `OverrideAction` to `None`, the `RuleGroup` blocks a request if any individual rule in the `RuleGroup` matches the request and is configured to block that request.

However, if you first want to test the ‘RuleGroup`, set the `OverrideAction` to `Count`. The `RuleGroup` then overrides any block action specified by individual rules contained within the group. Instead of blocking matching requests, those requests are counted.

‘ActivatedRule`|`OverrideAction` applies only when updating or adding a `RuleGroup` to a web ACL. In this case you don’t use ‘ActivatedRule` `Action`. For all other update requests, `ActivatedRule` `Action` is used instead of `ActivatedRule` `OverrideAction`.



22054
22055
22056
22057
22058
22059
22060
22061
22062
22063
# File 'lib/aws-sdk-securityhub/types.rb', line 22054

class AwsWafWebAclRule < Struct.new(
  :action,
  :excluded_rules,
  :override_action,
  :priority,
  :rule_id,
  :type)
  SENSITIVE = []
  include Aws::Structure
end

#priorityInteger

Specifies the order in which the rules in a web ACL are evaluated. Rules with a lower value for ‘Priority` are evaluated before rules with a higher value. The value must be a unique integer. If you add multiple rules to a web ACL, the values don’t need to be consecutive.

Returns:

  • (Integer)


22054
22055
22056
22057
22058
22059
22060
22061
22062
22063
# File 'lib/aws-sdk-securityhub/types.rb', line 22054

class AwsWafWebAclRule < Struct.new(
  :action,
  :excluded_rules,
  :override_action,
  :priority,
  :rule_id,
  :type)
  SENSITIVE = []
  include Aws::Structure
end

#rule_idString

The identifier for a rule.

Returns:

  • (String)


22054
22055
22056
22057
22058
22059
22060
22061
22062
22063
# File 'lib/aws-sdk-securityhub/types.rb', line 22054

class AwsWafWebAclRule < Struct.new(
  :action,
  :excluded_rules,
  :override_action,
  :priority,
  :rule_id,
  :type)
  SENSITIVE = []
  include Aws::Structure
end

#typeString

The rule type.

Valid values: ‘REGULAR` | `RATE_BASED` | `GROUP`

The default is ‘REGULAR`.

Returns:

  • (String)


22054
22055
22056
22057
22058
22059
22060
22061
22062
22063
# File 'lib/aws-sdk-securityhub/types.rb', line 22054

class AwsWafWebAclRule < Struct.new(
  :action,
  :excluded_rules,
  :override_action,
  :priority,
  :rule_id,
  :type)
  SENSITIVE = []
  include Aws::Structure
end