Class CfnRuleGroup.RateBasedStatementProperty
A rate-based rule tracks the rate of requests for each originating IP address, and triggers the rule action when the rate exceeds a limit that you specify on the number of requests in any 5-minute time span.
Inheritance
Implements
Namespace: Amazon.CDK.AWS.WAFv2
Assembly: Amazon.CDK.AWS.WAFv2.dll
Syntax (csharp)
public class RateBasedStatementProperty : Object, CfnRuleGroup.IRateBasedStatementPropertySyntax (vb)
Public Class RateBasedStatementProperty
Inherits Object
Implements CfnRuleGroup.IRateBasedStatementPropertyRemarks
You can use this to put a temporary block on requests from an IP address that is sending excessive requests.
AWS WAF tracks and manages web requests separately for each instance of a rate-based rule that you use. For example, if you provide the same rate-based rule settings in two web ACLs, each of the two rule statements represents a separate instance of the rate-based rule and gets its own tracking and management by AWS WAF . If you define a rate-based rule inside a rule group, and then use that rule group in multiple places, each use creates a separate instance of the rate-based rule that gets its own tracking and management by AWS WAF .
When the rule action triggers, AWS WAF blocks additional requests from the IP address until the request rate falls below the limit.
You can optionally nest another statement inside the rate-based statement, to narrow the scope of the rule so that it only counts requests that match the nested statement. For example, based on recent requests that you have seen from an attacker, you might create a rate-based rule with a nested AND rule statement that contains the following nested statements:
In this rate-based rule, you also define a rate limit. For this example, the rate limit is 1,000. Requests that meet the criteria of both of the nested statements are counted. If the count exceeds 1,000 requests per five minutes, the rule action triggers. Requests that do not meet the criteria of both of the nested statements are not counted towards the rate limit and are not affected by this rule.
You cannot nest a RateBasedStatement inside another statement, for example inside a NotStatement or OrStatement . You can define a RateBasedStatement inside a web ACL and inside a rule group.
ExampleMetadata: fixture=_generated
Examples
// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
using Amazon.CDK.AWS.WAFv2;
var all;
var allQueryArguments;
var method;
var queryString;
var singleHeader;
var singleQueryArgument;
StatementProperty statementProperty_;
var uriPath;
var rateBasedStatementProperty = new RateBasedStatementProperty {
AggregateKeyType = "aggregateKeyType",
Limit = 123,
// the properties below are optional
ForwardedIpConfig = new ForwardedIPConfigurationProperty {
FallbackBehavior = "fallbackBehavior",
HeaderName = "headerName"
},
ScopeDownStatement = new StatementProperty {
AndStatement = new AndStatementProperty {
Statements = new [] { statementProperty_ }
},
ByteMatchStatement = new ByteMatchStatementProperty {
FieldToMatch = new FieldToMatchProperty {
AllQueryArguments = allQueryArguments,
Body = new BodyProperty {
OversizeHandling = "oversizeHandling"
},
Cookies = new CookiesProperty {
MatchPattern = new CookieMatchPatternProperty {
All = all,
ExcludedCookies = new [] { "excludedCookies" },
IncludedCookies = new [] { "includedCookies" }
},
MatchScope = "matchScope",
OversizeHandling = "oversizeHandling"
},
Headers = new HeadersProperty {
MatchPattern = new HeaderMatchPatternProperty {
All = all,
ExcludedHeaders = new [] { "excludedHeaders" },
IncludedHeaders = new [] { "includedHeaders" }
},
MatchScope = "matchScope",
OversizeHandling = "oversizeHandling"
},
JsonBody = new JsonBodyProperty {
MatchPattern = new JsonMatchPatternProperty {
All = all,
IncludedPaths = new [] { "includedPaths" }
},
MatchScope = "matchScope",
// the properties below are optional
InvalidFallbackBehavior = "invalidFallbackBehavior",
OversizeHandling = "oversizeHandling"
},
Method = method,
QueryString = queryString,
SingleHeader = singleHeader,
SingleQueryArgument = singleQueryArgument,
UriPath = uriPath
},
PositionalConstraint = "positionalConstraint",
TextTransformations = new [] { new TextTransformationProperty {
Priority = 123,
Type = "type"
} },
// the properties below are optional
SearchString = "searchString",
SearchStringBase64 = "searchStringBase64"
},
GeoMatchStatement = new GeoMatchStatementProperty {
CountryCodes = new [] { "countryCodes" },
ForwardedIpConfig = new ForwardedIPConfigurationProperty {
FallbackBehavior = "fallbackBehavior",
HeaderName = "headerName"
}
},
IpSetReferenceStatement = new Dictionary<string, object> {
{ "arn", "arn" },
// the properties below are optional
{ "ipSetForwardedIpConfig", new Dictionary<string, string> {
{ "fallbackBehavior", "fallbackBehavior" },
{ "headerName", "headerName" },
{ "position", "position" }
} }
},
LabelMatchStatement = new LabelMatchStatementProperty {
Key = "key",
Scope = "scope"
},
NotStatement = new NotStatementProperty {
Statement = statementProperty_
},
OrStatement = new OrStatementProperty {
Statements = new [] { statementProperty_ }
},
RateBasedStatement = new RateBasedStatementProperty {
AggregateKeyType = "aggregateKeyType",
Limit = 123,
// the properties below are optional
ForwardedIpConfig = new ForwardedIPConfigurationProperty {
FallbackBehavior = "fallbackBehavior",
HeaderName = "headerName"
},
ScopeDownStatement = statementProperty_
},
RegexMatchStatement = new RegexMatchStatementProperty {
FieldToMatch = new FieldToMatchProperty {
AllQueryArguments = allQueryArguments,
Body = new BodyProperty {
OversizeHandling = "oversizeHandling"
},
Cookies = new CookiesProperty {
MatchPattern = new CookieMatchPatternProperty {
All = all,
ExcludedCookies = new [] { "excludedCookies" },
IncludedCookies = new [] { "includedCookies" }
},
MatchScope = "matchScope",
OversizeHandling = "oversizeHandling"
},
Headers = new HeadersProperty {
MatchPattern = new HeaderMatchPatternProperty {
All = all,
ExcludedHeaders = new [] { "excludedHeaders" },
IncludedHeaders = new [] { "includedHeaders" }
},
MatchScope = "matchScope",
OversizeHandling = "oversizeHandling"
},
JsonBody = new JsonBodyProperty {
MatchPattern = new JsonMatchPatternProperty {
All = all,
IncludedPaths = new [] { "includedPaths" }
},
MatchScope = "matchScope",
// the properties below are optional
InvalidFallbackBehavior = "invalidFallbackBehavior",
OversizeHandling = "oversizeHandling"
},
Method = method,
QueryString = queryString,
SingleHeader = singleHeader,
SingleQueryArgument = singleQueryArgument,
UriPath = uriPath
},
RegexString = "regexString",
TextTransformations = new [] { new TextTransformationProperty {
Priority = 123,
Type = "type"
} }
},
RegexPatternSetReferenceStatement = new RegexPatternSetReferenceStatementProperty {
Arn = "arn",
FieldToMatch = new FieldToMatchProperty {
AllQueryArguments = allQueryArguments,
Body = new BodyProperty {
OversizeHandling = "oversizeHandling"
},
Cookies = new CookiesProperty {
MatchPattern = new CookieMatchPatternProperty {
All = all,
ExcludedCookies = new [] { "excludedCookies" },
IncludedCookies = new [] { "includedCookies" }
},
MatchScope = "matchScope",
OversizeHandling = "oversizeHandling"
},
Headers = new HeadersProperty {
MatchPattern = new HeaderMatchPatternProperty {
All = all,
ExcludedHeaders = new [] { "excludedHeaders" },
IncludedHeaders = new [] { "includedHeaders" }
},
MatchScope = "matchScope",
OversizeHandling = "oversizeHandling"
},
JsonBody = new JsonBodyProperty {
MatchPattern = new JsonMatchPatternProperty {
All = all,
IncludedPaths = new [] { "includedPaths" }
},
MatchScope = "matchScope",
// the properties below are optional
InvalidFallbackBehavior = "invalidFallbackBehavior",
OversizeHandling = "oversizeHandling"
},
Method = method,
QueryString = queryString,
SingleHeader = singleHeader,
SingleQueryArgument = singleQueryArgument,
UriPath = uriPath
},
TextTransformations = new [] { new TextTransformationProperty {
Priority = 123,
Type = "type"
} }
},
SizeConstraintStatement = new SizeConstraintStatementProperty {
ComparisonOperator = "comparisonOperator",
FieldToMatch = new FieldToMatchProperty {
AllQueryArguments = allQueryArguments,
Body = new BodyProperty {
OversizeHandling = "oversizeHandling"
},
Cookies = new CookiesProperty {
MatchPattern = new CookieMatchPatternProperty {
All = all,
ExcludedCookies = new [] { "excludedCookies" },
IncludedCookies = new [] { "includedCookies" }
},
MatchScope = "matchScope",
OversizeHandling = "oversizeHandling"
},
Headers = new HeadersProperty {
MatchPattern = new HeaderMatchPatternProperty {
All = all,
ExcludedHeaders = new [] { "excludedHeaders" },
IncludedHeaders = new [] { "includedHeaders" }
},
MatchScope = "matchScope",
OversizeHandling = "oversizeHandling"
},
JsonBody = new JsonBodyProperty {
MatchPattern = new JsonMatchPatternProperty {
All = all,
IncludedPaths = new [] { "includedPaths" }
},
MatchScope = "matchScope",
// the properties below are optional
InvalidFallbackBehavior = "invalidFallbackBehavior",
OversizeHandling = "oversizeHandling"
},
Method = method,
QueryString = queryString,
SingleHeader = singleHeader,
SingleQueryArgument = singleQueryArgument,
UriPath = uriPath
},
Size = 123,
TextTransformations = new [] { new TextTransformationProperty {
Priority = 123,
Type = "type"
} }
},
SqliMatchStatement = new SqliMatchStatementProperty {
FieldToMatch = new FieldToMatchProperty {
AllQueryArguments = allQueryArguments,
Body = new BodyProperty {
OversizeHandling = "oversizeHandling"
},
Cookies = new CookiesProperty {
MatchPattern = new CookieMatchPatternProperty {
All = all,
ExcludedCookies = new [] { "excludedCookies" },
IncludedCookies = new [] { "includedCookies" }
},
MatchScope = "matchScope",
OversizeHandling = "oversizeHandling"
},
Headers = new HeadersProperty {
MatchPattern = new HeaderMatchPatternProperty {
All = all,
ExcludedHeaders = new [] { "excludedHeaders" },
IncludedHeaders = new [] { "includedHeaders" }
},
MatchScope = "matchScope",
OversizeHandling = "oversizeHandling"
},
JsonBody = new JsonBodyProperty {
MatchPattern = new JsonMatchPatternProperty {
All = all,
IncludedPaths = new [] { "includedPaths" }
},
MatchScope = "matchScope",
// the properties below are optional
InvalidFallbackBehavior = "invalidFallbackBehavior",
OversizeHandling = "oversizeHandling"
},
Method = method,
QueryString = queryString,
SingleHeader = singleHeader,
SingleQueryArgument = singleQueryArgument,
UriPath = uriPath
},
TextTransformations = new [] { new TextTransformationProperty {
Priority = 123,
Type = "type"
} },
// the properties below are optional
SensitivityLevel = "sensitivityLevel"
},
XssMatchStatement = new XssMatchStatementProperty {
FieldToMatch = new FieldToMatchProperty {
AllQueryArguments = allQueryArguments,
Body = new BodyProperty {
OversizeHandling = "oversizeHandling"
},
Cookies = new CookiesProperty {
MatchPattern = new CookieMatchPatternProperty {
All = all,
ExcludedCookies = new [] { "excludedCookies" },
IncludedCookies = new [] { "includedCookies" }
},
MatchScope = "matchScope",
OversizeHandling = "oversizeHandling"
},
Headers = new HeadersProperty {
MatchPattern = new HeaderMatchPatternProperty {
All = all,
ExcludedHeaders = new [] { "excludedHeaders" },
IncludedHeaders = new [] { "includedHeaders" }
},
MatchScope = "matchScope",
OversizeHandling = "oversizeHandling"
},
JsonBody = new JsonBodyProperty {
MatchPattern = new JsonMatchPatternProperty {
All = all,
IncludedPaths = new [] { "includedPaths" }
},
MatchScope = "matchScope",
// the properties below are optional
InvalidFallbackBehavior = "invalidFallbackBehavior",
OversizeHandling = "oversizeHandling"
},
Method = method,
QueryString = queryString,
SingleHeader = singleHeader,
SingleQueryArgument = singleQueryArgument,
UriPath = uriPath
},
TextTransformations = new [] { new TextTransformationProperty {
Priority = 123,
Type = "type"
} }
}
}
};Synopsis
Constructors
| RateBasedStatementProperty() |
Properties
| AggregateKeyType | Setting that indicates how to aggregate the request counts. The options are the following:. |
| ForwardedIpConfig | The configuration for inspecting IP addresses in an HTTP header that you specify, instead of using the IP address that's reported by the web request origin. |
| Limit | The limit on requests per 5-minute period for a single originating IP address. |
| ScopeDownStatement | An optional nested statement that narrows the scope of the web requests that are evaluated by the rate-based statement. |
Constructors
RateBasedStatementProperty()
public RateBasedStatementProperty()Properties
AggregateKeyType
Setting that indicates how to aggregate the request counts. The options are the following:.
public string AggregateKeyType { get; set; }Property Value
System.String
Remarks
You can only use the <code>IP</code> and <code>FORWARDED_IP</code> key types.
ForwardedIpConfig
The configuration for inspecting IP addresses in an HTTP header that you specify, instead of using the IP address that's reported by the web request origin.
public object ForwardedIpConfig { get; set; }Property Value
System.Object
Remarks
Commonly, this is the X-Forwarded-For (XFF) header, but you can specify any header name.
If the specified header isn't present in the request, AWS WAF doesn't apply the rule to the web request at all.
This is required if you specify a forwarded IP in the rule's aggregate key settings.
Limit
The limit on requests per 5-minute period for a single originating IP address.
public double Limit { get; set; }Property Value
System.Double
Remarks
If the statement includes a ScopeDownStatement , this limit is applied only to the requests that match the statement.
ScopeDownStatement
An optional nested statement that narrows the scope of the web requests that are evaluated by the rate-based statement.
public object ScopeDownStatement { get; set; }Property Value
System.Object
Remarks
Requests are only tracked by the rate-based statement if they match the scope-down statement. You can use any nestable statement in the scope-down statement, and you can nest statements at any level, the same as you can for a rule statement.