class CfnWebACLPropsMixin
| Language | Type name |
|---|---|
 .NET | Amazon.CDK.Mixins.Preview.AWS.WAFv2.Mixins.CfnWebACLPropsMixin |
 Go | github.com/aws/aws-cdk-go/awscdkmixinspreview/v2/awswafv2/mixins#CfnWebACLPropsMixin |
 Java | software.amazon.awscdk.mixins.preview.services.wafv2.mixins.CfnWebACLPropsMixin |
 Python | aws_cdk.mixins_preview.aws_wafv2.mixins.CfnWebACLPropsMixin |
 TypeScript | @aws-cdk/mixins-preview » aws_wafv2 » mixins » CfnWebACLPropsMixin |
Implements
IMixin
Extends
Mixin
This is the latest version of AWS WAF , named AWS WAF V2, released in November, 2019.
For information, including how to migrate your AWS WAF resources from the prior release, see the AWS WAF developer guide .
Use an WebACL to define a collection of rules to use to inspect and control web requests. Each rule in a web ACL has a statement that defines what to look for in web requests and an action that AWS WAF applies to requests that match the statement. In the web ACL, you assign a default action to take (allow, block) for any request that doesn't match any of the rules.
The rules in a web ACL can be a combination of explicitly defined rules and rule groups that you reference from the web ACL. The rule groups can be rule groups that you manage or rule groups that are managed by others.
You can associate a web ACL with one or more AWS resources to protect. The resources can be an Amazon CloudFront distribution, an REST API, an Application Load Balancer , an AWS AppSync GraphQL API , an Amazon Cognito user pool, an AWS App Runner service, an AWS Amplify application, or an AWS Verified Access instance.
For more information, see Web access control lists (web ACLs) in the AWS WAF developer guide .
Web ACLs used in AWS Shield Advanced automatic application layer DDoS mitigation
If you use Shield Advanced automatic application layer DDoS mitigation, the web ACLs that you use with automatic mitigation have a rule group rule whose name starts with ShieldMitigationRuleGroup . This rule is used for automatic mitigations and it's managed for you in the web ACL by Shield Advanced and AWS WAF . You'll see the rule listed among the web ACL rules when you view the web ACL through the AWS WAF interfaces.
When you manage the web ACL through CloudFormation interfaces, you won't see the Shield Advanced rule. CloudFormation doesn't include this type of rule in the stack drift status between the actual configuration of the web ACL and your web ACL template.
Don't add the Shield Advanced rule group rule to your web ACL template. The rule shouldn't be in your template. When you update the web ACL template in a stack, the Shield Advanced rule is maintained for you by AWS WAF in the resulting web ACL.
For more information, see Shield Advanced automatic application layer DDoS mitigation in the AWS Shield Advanced developer guide .
See also: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-wafv2-webacl.html
Example
// The generated example for this type would exceed 500 lines,
// and has been elided for readability.
Initializer
new CfnWebACLPropsMixin(props: CfnWebACLMixinProps, options?: CfnPropertyMixinOptions)
Parameters
- props
Cfn— L1 properties to apply.Web ACLMixin Props - options
Cfn— Mixin options.Property Mixin Options
Create a mixin to apply properties to AWS::WAFv2::WebACL.
Properties
| Name | Type | Description |
|---|---|---|
| props | Cfn | |
| strategy | Property | |
| static CFN_PROPERTY_KEYS | string[] |
props
Type:
Cfn
strategy
Type:
Property
static CFN_PROPERTY_KEYS
Type:
string[]
Methods
| Name | Description |
|---|---|
| apply | Apply the mixin properties to the construct. |
| supports(construct) | Check if this mixin supports the given construct. |
applyTo(construct)
public applyTo(construct: IConstruct): IConstruct
Parameters
- construct
IConstruct
Returns
Apply the mixin properties to the construct.
supports(construct)
public supports(construct: IConstruct): boolean
Parameters
- construct
IConstruct
Returns
boolean
Check if this mixin supports the given construct.