Class: Aws::WAFV2::Types::ManagedRuleGroupConfig

Inherits:

Struct

• Object
• Struct
• Aws::WAFV2::Types::ManagedRuleGroupConfig

Includes:

Structure

Defined in:

lib/aws-sdk-wafv2/types.rb

Overview

Additional information that’s used by a managed rule group. Many managed rule groups don’t require this.

The rule groups used for intelligent threat mitigation require additional configuration:

• Use the AWSManagedRulesACFPRuleSet configuration object to configure the account creation fraud prevention managed rule group. The configuration includes the registration and sign-up pages of your application and the locations in the account creation request payload of data, such as the user email and phone number fields.

• Use the AWSManagedRulesAntiDDoSRuleSet configuration object to configure the anti-DDoS managed rule group. The configuration includes the sensitivity levels to use in the rules that typically block and challenge requests that might be participating in DDoS attacks and the specification to use to indicate whether a request can handle a silent browser challenge.

• Use the AWSManagedRulesATPRuleSet configuration object to configure the account takeover prevention managed rule group. The configuration includes the sign-in page of your application and the locations in the login request payload of data such as the username and password.

• Use the AWSManagedRulesBotControlRuleSet configuration object to configure the protection level that you want the Bot Control rule group to use.

For example specifications, see the examples section of CreateWebACL.

See Also:

• AWS API Documentation

Constant Summary

SENSITIVE =

[]

Instance Attribute Summary

• #aws_managed_rules_acfp_rule_set ⇒ Types::AWSManagedRulesACFPRuleSet

  Additional configuration for using the account creation fraud prevention (ACFP) managed rule group, AWSManagedRulesACFPRuleSet.

• #aws_managed_rules_anti_d_do_s_rule_set ⇒ Types::AWSManagedRulesAntiDDoSRuleSet

  Additional configuration for using the anti-DDoS managed rule group, AWSManagedRulesAntiDDoSRuleSet.

• #aws_managed_rules_atp_rule_set ⇒ Types::AWSManagedRulesATPRuleSet

  Additional configuration for using the account takeover prevention (ATP) managed rule group, AWSManagedRulesATPRuleSet.

• #aws_managed_rules_bot_control_rule_set ⇒ Types::AWSManagedRulesBotControlRuleSet

  Additional configuration for using the Bot Control managed rule group.

• #login_path ⇒ String

  <note markdown=“1”> Instead of this setting, provide your configuration under AWSManagedRulesATPRuleSet.

• #password_field ⇒ Types::PasswordField

  <note markdown=“1”> Instead of this setting, provide your configuration under the request inspection configuration for AWSManagedRulesATPRuleSet or AWSManagedRulesACFPRuleSet.

• #payload_type ⇒ String

  <note markdown=“1”> Instead of this setting, provide your configuration under the request inspection configuration for AWSManagedRulesATPRuleSet or AWSManagedRulesACFPRuleSet.

• #username_field ⇒ Types::UsernameField

  <note markdown=“1”> Instead of this setting, provide your configuration under the request inspection configuration for AWSManagedRulesATPRuleSet or AWSManagedRulesACFPRuleSet.

Instance Attribute Details

#aws_managed_rules_acfp_rule_set ⇒ Types::AWSManagedRulesACFPRuleSet

Additional configuration for using the account creation fraud prevention (ACFP) managed rule group, AWSManagedRulesACFPRuleSet. Use this to provide account creation request information to the rule group. For web ACLs that protect CloudFront distributions, use this to also provide the information about how your distribution responds to account creation requests.

For information about using the ACFP managed rule group, see [WAF Fraud Control account creation fraud prevention (ACFP) rule group] and [WAF Fraud Control account creation fraud prevention (ACFP)] in the *WAF Developer Guide*.

[1]: docs.aws.amazon.com/waf/latest/developerguide/aws-managed-rule-groups-acfp.html [2]: docs.aws.amazon.com/waf/latest/developerguide/waf-acfp.html

# File 'lib/aws-sdk-wafv2/types.rb', line 6170

class ManagedRuleGroupConfig < Struct.new(
  :login_path,
  :payload_type,
  :username_field,
  :password_field,
  :aws_managed_rules_bot_control_rule_set,
  :aws_managed_rules_atp_rule_set,
  :aws_managed_rules_acfp_rule_set,
  :aws_managed_rules_anti_d_do_s_rule_set)
  SENSITIVE = []
  include Aws::Structure
end

#aws_managed_rules_anti_d_do_s_rule_set ⇒ Types::AWSManagedRulesAntiDDoSRuleSet

Additional configuration for using the anti-DDoS managed rule group, AWSManagedRulesAntiDDoSRuleSet. Use this to configure anti-DDoS behavior for the rule group.

For information about using the anti-DDoS managed rule group, see

WAF Anti-DDoS rule group][1

and [Distributed Denial of Service

(DDoS) prevention] in the *WAF Developer Guide*.

[1]: docs.aws.amazon.com/waf/latest/developerguide/aws-managed-rule-groups-anti-ddos.html [2]: docs.aws.amazon.com/waf/latest/developerguide/waf-anti-ddos.html

# File 'lib/aws-sdk-wafv2/types.rb', line 6170

class ManagedRuleGroupConfig < Struct.new(
  :login_path,
  :payload_type,
  :username_field,
  :password_field,
  :aws_managed_rules_bot_control_rule_set,
  :aws_managed_rules_atp_rule_set,
  :aws_managed_rules_acfp_rule_set,
  :aws_managed_rules_anti_d_do_s_rule_set)
  SENSITIVE = []
  include Aws::Structure
end

#aws_managed_rules_atp_rule_set ⇒ Types::AWSManagedRulesATPRuleSet

Additional configuration for using the account takeover prevention (ATP) managed rule group, AWSManagedRulesATPRuleSet. Use this to provide login request information to the rule group. For web ACLs that protect CloudFront distributions, use this to also provide the information about how your distribution responds to login requests.

This configuration replaces the individual configuration fields in ManagedRuleGroupConfig and provides additional feature configuration.

For information about using the ATP managed rule group, see [WAF Fraud Control account takeover prevention (ATP) rule group] and

WAF Fraud Control account takeover prevention (ATP)][2

in the *WAF

Developer Guide*.

[1]: docs.aws.amazon.com/waf/latest/developerguide/aws-managed-rule-groups-atp.html [2]: docs.aws.amazon.com/waf/latest/developerguide/waf-atp.html

# File 'lib/aws-sdk-wafv2/types.rb', line 6170

class ManagedRuleGroupConfig < Struct.new(
  :login_path,
  :payload_type,
  :username_field,
  :password_field,
  :aws_managed_rules_bot_control_rule_set,
  :aws_managed_rules_atp_rule_set,
  :aws_managed_rules_acfp_rule_set,
  :aws_managed_rules_anti_d_do_s_rule_set)
  SENSITIVE = []
  include Aws::Structure
end

#aws_managed_rules_bot_control_rule_set ⇒ Types::AWSManagedRulesBotControlRuleSet

Additional configuration for using the Bot Control managed rule group. Use this to specify the inspection level that you want to use. For information about using the Bot Control managed rule group, see [WAF Bot Control rule group] and [WAF Bot Control] in the *WAF Developer Guide*.

[1]: docs.aws.amazon.com/waf/latest/developerguide/aws-managed-rule-groups-bot.html [2]: docs.aws.amazon.com/waf/latest/developerguide/waf-bot-control.html

# File 'lib/aws-sdk-wafv2/types.rb', line 6170

class ManagedRuleGroupConfig < Struct.new(
  :login_path,
  :payload_type,
  :username_field,
  :password_field,
  :aws_managed_rules_bot_control_rule_set,
  :aws_managed_rules_atp_rule_set,
  :aws_managed_rules_acfp_rule_set,
  :aws_managed_rules_anti_d_do_s_rule_set)
  SENSITIVE = []
  include Aws::Structure
end

#login_path ⇒ String

<note markdown=“1”> Instead of this setting, provide your configuration under AWSManagedRulesATPRuleSet.

</note>

# File 'lib/aws-sdk-wafv2/types.rb', line 6170

class ManagedRuleGroupConfig < Struct.new(
  :login_path,
  :payload_type,
  :username_field,
  :password_field,
  :aws_managed_rules_bot_control_rule_set,
  :aws_managed_rules_atp_rule_set,
  :aws_managed_rules_acfp_rule_set,
  :aws_managed_rules_anti_d_do_s_rule_set)
  SENSITIVE = []
  include Aws::Structure
end

#password_field ⇒ Types::PasswordField

<note markdown=“1”> Instead of this setting, provide your configuration under the request inspection configuration for AWSManagedRulesATPRuleSet or AWSManagedRulesACFPRuleSet.

</note>

# File 'lib/aws-sdk-wafv2/types.rb', line 6170

class ManagedRuleGroupConfig < Struct.new(
  :login_path,
  :payload_type,
  :username_field,
  :password_field,
  :aws_managed_rules_bot_control_rule_set,
  :aws_managed_rules_atp_rule_set,
  :aws_managed_rules_acfp_rule_set,
  :aws_managed_rules_anti_d_do_s_rule_set)
  SENSITIVE = []
  include Aws::Structure
end

#payload_type ⇒ String

<note markdown=“1”> Instead of this setting, provide your configuration under the request inspection configuration for AWSManagedRulesATPRuleSet or AWSManagedRulesACFPRuleSet.

</note>

# File 'lib/aws-sdk-wafv2/types.rb', line 6170

class ManagedRuleGroupConfig < Struct.new(
  :login_path,
  :payload_type,
  :username_field,
  :password_field,
  :aws_managed_rules_bot_control_rule_set,
  :aws_managed_rules_atp_rule_set,
  :aws_managed_rules_acfp_rule_set,
  :aws_managed_rules_anti_d_do_s_rule_set)
  SENSITIVE = []
  include Aws::Structure
end

#username_field ⇒ Types::UsernameField

<note markdown=“1”> Instead of this setting, provide your configuration under the request inspection configuration for AWSManagedRulesATPRuleSet or AWSManagedRulesACFPRuleSet.

</note>

# File 'lib/aws-sdk-wafv2/types.rb', line 6170

class ManagedRuleGroupConfig < Struct.new(
  :login_path,
  :payload_type,
  :username_field,
  :password_field,
  :aws_managed_rules_bot_control_rule_set,
  :aws_managed_rules_atp_rule_set,
  :aws_managed_rules_acfp_rule_set,
  :aws_managed_rules_anti_d_do_s_rule_set)
  SENSITIVE = []
  include Aws::Structure
end