Class: Aws::WAFV2::Types::AWSManagedRulesATPRuleSet

Inherits:

Struct

• Object
• Struct
• Aws::WAFV2::Types::AWSManagedRulesATPRuleSet

Includes:

Structure

Defined in:

lib/aws-sdk-wafv2/types.rb

Overview

Details for your use of the account takeover prevention managed rule group, ‘AWSManagedRulesATPRuleSet`. This configuration is used in `ManagedRuleGroupConfig`.

See Also:

• AWS API Documentation

Constant Summary

SENSITIVE =

[]

Instance Attribute Summary

• #enable_regex_in_path ⇒ Boolean

  Allow the use of regular expressions in the login page path.

• #login_path ⇒ String

  The path of the login endpoint for your application.

• #request_inspection ⇒ Types::RequestInspection

  The criteria for inspecting login requests, used by the ATP rule group to validate credentials usage.

• #response_inspection ⇒ Types::ResponseInspection

  The criteria for inspecting responses to login requests, used by the ATP rule group to track login failure rates.

Instance Attribute Details

#enable_regex_in_path ⇒ Boolean

Allow the use of regular expressions in the login page path.

Returns:

• (Boolean)

# File 'lib/aws-sdk-wafv2/types.rb', line 175

class AWSManagedRulesATPRuleSet < Struct.new(
  :login_path,
  :request_inspection,
  :response_inspection,
  :enable_regex_in_path)
  SENSITIVE = []
  include Aws::Structure
end

#login_path ⇒ String

The path of the login endpoint for your application. For example, for the URL ‘example.com/web/login`, you would provide the path `/web/login`. Login paths that start with the path that you provide are considered a match. For example `/web/login` matches the login paths `/web/login`, `/web/login/`, `/web/loginPage`, and `/web/login/thisPage`, but doesn’t match the login path ‘/home/web/login` or `/website/login`.

The rule group inspects only HTTP ‘POST` requests to your specified login endpoint.

Returns:

• (String)

# File 'lib/aws-sdk-wafv2/types.rb', line 175

class AWSManagedRulesATPRuleSet < Struct.new(
  :login_path,
  :request_inspection,
  :response_inspection,
  :enable_regex_in_path)
  SENSITIVE = []
  include Aws::Structure
end

#request_inspection ⇒ Types::RequestInspection

The criteria for inspecting login requests, used by the ATP rule group to validate credentials usage.

Returns:

• (Types::RequestInspection)

# File 'lib/aws-sdk-wafv2/types.rb', line 175

class AWSManagedRulesATPRuleSet < Struct.new(
  :login_path,
  :request_inspection,
  :response_inspection,
  :enable_regex_in_path)
  SENSITIVE = []
  include Aws::Structure
end

#response_inspection ⇒ Types::ResponseInspection

The criteria for inspecting responses to login requests, used by the ATP rule group to track login failure rates.

<note markdown=“1”> Response inspection is available only in web ACLs that protect Amazon CloudFront distributions.

</note>

The ATP rule group evaluates the responses that your protected resources send back to client login attempts, keeping count of successful and failed attempts for each IP address and client session. Using this information, the rule group labels and mitigates requests from client sessions and IP addresses that have had too many failed login attempts in a short amount of time.

Returns:

• (Types::ResponseInspection)

# File 'lib/aws-sdk-wafv2/types.rb', line 175

class AWSManagedRulesATPRuleSet < Struct.new(
  :login_path,
  :request_inspection,
  :response_inspection,
  :enable_regex_in_path)
  SENSITIVE = []
  include Aws::Structure
end