CfnWebACLPropsMixin

class aws_cdk.mixins_preview.aws_waf.mixins.CfnWebACLPropsMixin(props, *, strategy=None)

Bases: Mixin

This is AWS WAF Classic documentation.

For more information, see AWS WAF Classic in the developer guide. .. epigraph:

*For the latest version of AWS WAF* , use the AWS WAF V2 API and see the `AWS WAF Developer Guide <https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html>`_ . With the latest version, AWS WAF has a single set of endpoints for regional and global use.

Contains the Rules that identify the requests that you want to allow, block, or count. In a WebACL , you also specify a default action ( ALLOW or BLOCK ), and the action for each Rule that you add to a WebACL , for example, block requests from specified IP addresses or block requests from specified referrers. You also associate the WebACL with a Amazon CloudFront distribution to identify the requests that you want AWS WAF to filter. If you add more than one Rule to a WebACL , a request needs to match only one of the specifications to be allowed, blocked, or counted.

see:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-waf-webacl.html

cloudformationResource:

AWS::WAF::WebACL

mixin:

true

exampleMetadata:

fixture=_generated

Example:

# The code below shows an example of how to instantiate this type.
# The values are placeholders you should change.
from aws_cdk.mixins_preview import mixins
from aws_cdk.mixins_preview.aws_waf import mixins as waf_mixins

cfn_web_aCLProps_mixin = waf_mixins.CfnWebACLPropsMixin(waf_mixins.CfnWebACLMixinProps(
    default_action=waf_mixins.CfnWebACLPropsMixin.WafActionProperty(
        type="type"
    ),
    metric_name="metricName",
    name="name",
    rules=[waf_mixins.CfnWebACLPropsMixin.ActivatedRuleProperty(
        action=waf_mixins.CfnWebACLPropsMixin.WafActionProperty(
            type="type"
        ),
        priority=123,
        rule_id="ruleId"
    )]
),
    strategy=mixins.PropertyMergeStrategy.OVERRIDE
)

Create a mixin to apply properties to AWS::WAF::WebACL.

Parameters:

  • props (Union[CfnWebACLMixinProps, Dict[str, Any]]) – L1 properties to apply.

  • strategy (Optional[PropertyMergeStrategy]) – (experimental) Strategy for merging nested properties. Default: - PropertyMergeStrategy.MERGE

Methods

apply_to(construct)

Apply the mixin properties to the construct.

Parameters:

construct (IConstruct)

Return type:

IConstruct

supports(construct)

Check if this mixin supports the given construct.

Parameters:

construct (IConstruct)

Return type:

bool

Attributes

CFN_PROPERTY_KEYS = ['defaultAction', 'metricName', 'name', 'rules']

Static Methods

classmethod is_mixin(x)

(experimental) Checks if x is a Mixin.

Parameters:

x (Any) – Any object.

Return type:

bool

Returns:

true if x is an object created from a class which extends Mixin.

Stability:

experimental

ActivatedRuleProperty

class CfnWebACLPropsMixin.ActivatedRuleProperty(*, action=None, priority=None, rule_id=None)

Bases: object

The ActivatedRule object in an UpdateWebACL request specifies a Rule that you want to insert or delete, the priority of the Rule in the WebACL , and the action that you want AWS WAF to take when a web request matches the Rule ( ALLOW , BLOCK , or COUNT ).

To specify whether to insert or delete a Rule , use the Action parameter in the WebACLUpdate data type.

Parameters:

  • action (Union[IResolvable, WafActionProperty, Dict[str, Any], None]) – Specifies the action that Amazon CloudFront or AWS WAF takes when a web request matches the conditions in the Rule . Valid values for Action include the following: - ALLOW : CloudFront responds with the requested object. - BLOCK : CloudFront responds with an HTTP 403 (Forbidden) status code. - COUNT : AWS WAF increments a counter of requests that match the conditions in the rule and then continues to inspect the web request based on the remaining rules in the web ACL. ActivatedRule|OverrideAction applies only when updating or adding a RuleGroup to a WebACL . In this case, you do not use ActivatedRule|Action . For all other update requests, ActivatedRule|Action is used instead of ActivatedRule|OverrideAction .

  • priority (Union[int, float, None]) – Specifies the order in which the Rules in a WebACL are evaluated. Rules with a lower value for Priority are evaluated before Rules with a higher value. The value must be a unique integer. If you add multiple Rules to a WebACL , the values don’t need to be consecutive.

  • rule_id (Optional[str]) – The RuleId for a Rule . You use RuleId to get more information about a Rule , update a Rule , insert a Rule into a WebACL or delete a one from a WebACL , or delete a Rule from AWS WAF . RuleId is returned by CreateRule and by ListRules .

See:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-waf-webacl-activatedrule.html

ExampleMetadata:

fixture=_generated

Example:

# The code below shows an example of how to instantiate this type.
# The values are placeholders you should change.
from aws_cdk.mixins_preview.aws_waf import mixins as waf_mixins

activated_rule_property = waf_mixins.CfnWebACLPropsMixin.ActivatedRuleProperty(
    action=waf_mixins.CfnWebACLPropsMixin.WafActionProperty(
        type="type"
    ),
    priority=123,
    rule_id="ruleId"
)

Attributes

action

Specifies the action that Amazon CloudFront or AWS WAF takes when a web request matches the conditions in the Rule .

Valid values for Action include the following:

  • ALLOW : CloudFront responds with the requested object.

  • BLOCK : CloudFront responds with an HTTP 403 (Forbidden) status code.

  • COUNT : AWS WAF increments a counter of requests that match the conditions in the rule and then continues to inspect the web request based on the remaining rules in the web ACL.

ActivatedRule|OverrideAction applies only when updating or adding a RuleGroup to a WebACL . In this case, you do not use ActivatedRule|Action . For all other update requests, ActivatedRule|Action is used instead of ActivatedRule|OverrideAction .

See:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-waf-webacl-activatedrule.html#cfn-waf-webacl-activatedrule-action

priority

Specifies the order in which the Rules in a WebACL are evaluated.

Rules with a lower value for Priority are evaluated before Rules with a higher value. The value must be a unique integer. If you add multiple Rules to a WebACL , the values don’t need to be consecutive.

See:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-waf-webacl-activatedrule.html#cfn-waf-webacl-activatedrule-priority

rule_id

The RuleId for a Rule .

You use RuleId to get more information about a Rule , update a Rule , insert a Rule into a WebACL or delete a one from a WebACL , or delete a Rule from AWS WAF .

RuleId is returned by CreateRule and by ListRules .

See:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-waf-webacl-activatedrule.html#cfn-waf-webacl-activatedrule-ruleid

WafActionProperty

class CfnWebACLPropsMixin.WafActionProperty(*, type=None)

Bases: object

AWS WAF Classic support will end on September 30, 2025.

This is AWS WAF Classic documentation. For more information, see AWS WAF Classic in the developer guide.

For the latest version of AWS WAF , use the AWS WAF V2 API and see the AWS WAF Developer Guide . With the latest version, AWS WAF has a single set of endpoints for regional and global use.

For the action that is associated with a rule in a WebACL , specifies the action that you want AWS WAF to perform when a web request matches all of the conditions in a rule. For the default action in a WebACL , specifies the action that you want AWS WAF to take when a web request doesn’t match all of the conditions in any of the rules in a WebACL .

Attributes

type

Specifies how you want AWS WAF to respond to requests that match the settings in a Rule .

Valid settings include the following:

  • ALLOW : AWS WAF allows requests

  • BLOCK : AWS WAF blocks requests

  • COUNT : AWS WAF increments a counter of the requests that match all of the conditions in the rule. AWS WAF then continues to inspect the web request based on the remaining rules in the web ACL. You can’t specify COUNT for the default action for a WebACL .

See:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-waf-webacl-wafaction.html#cfn-waf-webacl-wafaction-type