class CfnWebACLLogsMixin
| Language | Type name |
|---|---|
 .NET | Amazon.CDK.Mixins.Preview.AWS.WAFv2.Mixins.CfnWebACLLogsMixin |
 Go | github.com/aws/aws-cdk-go/awscdkmixinspreview/v2/awswafv2/mixins#CfnWebACLLogsMixin |
 Java | software.amazon.awscdk.mixins.preview.services.wafv2.mixins.CfnWebACLLogsMixin |
 Python | aws_cdk.mixins_preview.aws_wafv2.mixins.CfnWebACLLogsMixin |
 TypeScript | @aws-cdk/mixins-preview » aws_wafv2 » mixins » CfnWebACLLogsMixin |
Implements
IMixin
Extends
Mixin
This is the latest version of AWS WAF , named AWS WAF V2, released in November, 2019.
For information, including how to migrate your AWS WAF resources from the prior release, see the AWS WAF developer guide .
Use an WebACL to define a collection of rules to use to inspect and control web requests. Each rule in a web ACL has a statement that defines what to look for in web requests and an action that AWS WAF applies to requests that match the statement. In the web ACL, you assign a default action to take (allow, block) for any request that doesn't match any of the rules.
The rules in a web ACL can be a combination of explicitly defined rules and rule groups that you reference from the web ACL. The rule groups can be rule groups that you manage or rule groups that are managed by others.
You can associate a web ACL with one or more AWS resources to protect. The resources can be an Amazon CloudFront distribution, an REST API, an Application Load Balancer , an AWS AppSync GraphQL API , an Amazon Cognito user pool, an AWS App Runner service, an AWS Amplify application, or an AWS Verified Access instance.
For more information, see Web access control lists (web ACLs) in the AWS WAF developer guide .
Web ACLs used in AWS Shield Advanced automatic application layer DDoS mitigation
If you use Shield Advanced automatic application layer DDoS mitigation, the web ACLs that you use with automatic mitigation have a rule group rule whose name starts with ShieldMitigationRuleGroup . This rule is used for automatic mitigations and it's managed for you in the web ACL by Shield Advanced and AWS WAF . You'll see the rule listed among the web ACL rules when you view the web ACL through the AWS WAF interfaces.
When you manage the web ACL through CloudFormation interfaces, you won't see the Shield Advanced rule. CloudFormation doesn't include this type of rule in the stack drift status between the actual configuration of the web ACL and your web ACL template.
Don't add the Shield Advanced rule group rule to your web ACL template. The rule shouldn't be in your template. When you update the web ACL template in a stack, the Shield Advanced rule is maintained for you by AWS WAF in the resulting web ACL.
For more information, see Shield Advanced automatic application layer DDoS mitigation in the AWS Shield Advanced developer guide .
See also: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-wafv2-webacl.html
Example
// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import { aws_logs as logs } from '@aws-cdk/mixins-preview';
import { mixins as wafv2_mixins } from '@aws-cdk/mixins-preview/aws-wafv2';
declare const logsDelivery: logs.ILogsDelivery;
const cfnWebACLLogsMixin = new wafv2_mixins.CfnWebACLLogsMixin('logType', logsDelivery);
Initializer
new CfnWebACLLogsMixin(logType: string, logDelivery: ILogsDelivery)
Parameters
- logType
string— Type of logs that are getting vended. - logDelivery
ILogs— Object in charge of setting up the delivery source, delivery destination, and delivery connection.Delivery
Create a mixin to enable vended logs for AWS::WAFv2::WebACL.
Properties
| Name | Type | Description |
|---|---|---|
| log | ILogs | |
| log | string | |
| static ACCESS_LOGS | Cfn | |
| static TOKEN_LOGS | Cfn |
logDelivery
Type:
ILogs
logType
Type:
string
static ACCESS_LOGS
Type:
Cfn
static TOKEN_LOGS
Type:
Cfn
Methods
| Name | Description |
|---|---|
| apply | Apply vended logs configuration to the construct. |
| supports(construct) | Check if this mixin supports the given construct (has vendedLogs property). |
applyTo(resource)
public applyTo(resource: IConstruct): IConstruct
Parameters
- resource
IConstruct
Returns
Apply vended logs configuration to the construct.
supports(construct)
public supports(construct: IConstruct): boolean
Parameters
- construct
IConstruct
Returns
boolean
Check if this mixin supports the given construct (has vendedLogs property).