Class: Aws::SecurityHub::Types::AwsWafWebAclRule

Inherits:

Struct

• Object
• Struct
• Aws::SecurityHub::Types::AwsWafWebAclRule

Includes:

Aws::Structure

Defined in:

lib/aws-sdk-securityhub/types.rb

Overview

Details for a rule in an WAF web ACL.

See Also:

• AWS API Documentation

Constant Summary

SENSITIVE =

[]

Instance Attribute Summary

• #action ⇒ Types::WafAction

  Specifies the action that CloudFront or WAF takes when a web request matches the conditions in the rule.

• #excluded_rules ⇒ Array<Types::WafExcludedRule>

  Rules to exclude from a rule group.

• #override_action ⇒ Types::WafOverrideAction

  Use the ‘OverrideAction` to test your `RuleGroup`.

• #priority ⇒ Integer

  Specifies the order in which the rules in a web ACL are evaluated.

• #rule_id ⇒ String

  The identifier for a rule.

• #type ⇒ String

  The rule type.

Instance Attribute Details

#action ⇒ Types::WafAction

Specifies the action that CloudFront or WAF takes when a web request matches the conditions in the rule.

Returns:

• (Types::WafAction)

# File 'lib/aws-sdk-securityhub/types.rb', line 21908

class AwsWafWebAclRule < Struct.new(
  :action,
  :excluded_rules,
  :override_action,
  :priority,
  :rule_id,
  :type)
  SENSITIVE = []
  include Aws::Structure
end

#excluded_rules ⇒ Array<Types::WafExcludedRule>

Rules to exclude from a rule group.

Returns:

• (Array<Types::WafExcludedRule>)

# File 'lib/aws-sdk-securityhub/types.rb', line 21908

class AwsWafWebAclRule < Struct.new(
  :action,
  :excluded_rules,
  :override_action,
  :priority,
  :rule_id,
  :type)
  SENSITIVE = []
  include Aws::Structure
end

#override_action ⇒ Types::WafOverrideAction

Use the ‘OverrideAction` to test your `RuleGroup`.

Any rule in a ‘RuleGroup` can potentially block a request. If you set the `OverrideAction` to `None`, the `RuleGroup` blocks a request if any individual rule in the `RuleGroup` matches the request and is configured to block that request.

However, if you first want to test the ‘RuleGroup`, set the `OverrideAction` to `Count`. The `RuleGroup` then overrides any block action specified by individual rules contained within the group. Instead of blocking matching requests, those requests are counted.

‘ActivatedRule`|`OverrideAction` applies only when updating or adding a `RuleGroup` to a web ACL. In this case you don’t use ‘ActivatedRule` `Action`. For all other update requests, `ActivatedRule` `Action` is used instead of `ActivatedRule` `OverrideAction`.

Returns:

• (Types::WafOverrideAction)

# File 'lib/aws-sdk-securityhub/types.rb', line 21908

class AwsWafWebAclRule < Struct.new(
  :action,
  :excluded_rules,
  :override_action,
  :priority,
  :rule_id,
  :type)
  SENSITIVE = []
  include Aws::Structure
end

#priority ⇒ Integer

Specifies the order in which the rules in a web ACL are evaluated. Rules with a lower value for ‘Priority` are evaluated before rules with a higher value. The value must be a unique integer. If you add multiple rules to a web ACL, the values don’t need to be consecutive.

Returns:

• (Integer)

# File 'lib/aws-sdk-securityhub/types.rb', line 21908

class AwsWafWebAclRule < Struct.new(
  :action,
  :excluded_rules,
  :override_action,
  :priority,
  :rule_id,
  :type)
  SENSITIVE = []
  include Aws::Structure
end

#rule_id ⇒ String

The identifier for a rule.

Returns:

• (String)

# File 'lib/aws-sdk-securityhub/types.rb', line 21908

class AwsWafWebAclRule < Struct.new(
  :action,
  :excluded_rules,
  :override_action,
  :priority,
  :rule_id,
  :type)
  SENSITIVE = []
  include Aws::Structure
end

#type ⇒ String

The rule type.

Valid values: ‘REGULAR` | `RATE_BASED` | `GROUP`

The default is ‘REGULAR`.

Returns:

• (String)

# File 'lib/aws-sdk-securityhub/types.rb', line 21908

class AwsWafWebAclRule < Struct.new(
  :action,
  :excluded_rules,
  :override_action,
  :priority,
  :rule_id,
  :type)
  SENSITIVE = []
  include Aws::Structure
end