Class: Aws::SecurityHub::Types::AwsWafWebAclRule

Inherits:

Struct

• Object
• Struct
• Aws::SecurityHub::Types::AwsWafWebAclRule

Defined in:

gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb

Overview

Details for a rule in an WAF web ACL.

See Also:

• AWS API Documentation

Constant Summary

SENSITIVE =

[]

Instance Attribute Summary

• #action ⇒ Types::WafAction

  Specifies the action that CloudFront or WAF takes when a web request matches the conditions in the rule.

• #excluded_rules ⇒ Array<Types::WafExcludedRule>

  Rules to exclude from a rule group.

• #override_action ⇒ Types::WafOverrideAction

  Use the OverrideAction to test your RuleGroup.

• #priority ⇒ Integer

  Specifies the order in which the rules in a web ACL are evaluated.

• #rule_id ⇒ String

  The identifier for a rule.

• #type ⇒ String

  The rule type.

Instance Attribute Details

#action ⇒ Types::WafAction

Specifies the action that CloudFront or WAF takes when a web request matches the conditions in the rule.

Returns:

• (Types::WafAction)

# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 21145

class AwsWafWebAclRule < Struct.new(
  :action,
  :excluded_rules,
  :override_action,
  :priority,
  :rule_id,
  :type)
  SENSITIVE = []
  include Aws::Structure
end

#excluded_rules ⇒ Array<Types::WafExcludedRule>

Rules to exclude from a rule group.

Returns:

• (Array<Types::WafExcludedRule>)

# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 21145

class AwsWafWebAclRule < Struct.new(
  :action,
  :excluded_rules,
  :override_action,
  :priority,
  :rule_id,
  :type)
  SENSITIVE = []
  include Aws::Structure
end

#override_action ⇒ Types::WafOverrideAction

Use the OverrideAction to test your RuleGroup.

Any rule in a RuleGroup can potentially block a request. If you set the OverrideAction to None, the RuleGroup blocks a request if any individual rule in the RuleGroup matches the request and is configured to block that request.

However, if you first want to test the RuleGroup, set the OverrideAction to Count. The RuleGroup then overrides any block action specified by individual rules contained within the group. Instead of blocking matching requests, those requests are counted.

ActivatedRule|OverrideAction applies only when updating or adding a RuleGroup to a web ACL. In this case you don't use ActivatedRule Action. For all other update requests, ActivatedRule Action is used instead of ActivatedRule OverrideAction.

Returns:

• (Types::WafOverrideAction)

# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 21145

class AwsWafWebAclRule < Struct.new(
  :action,
  :excluded_rules,
  :override_action,
  :priority,
  :rule_id,
  :type)
  SENSITIVE = []
  include Aws::Structure
end

#priority ⇒ Integer

Specifies the order in which the rules in a web ACL are evaluated. Rules with a lower value for Priority are evaluated before rules with a higher value. The value must be a unique integer. If you add multiple rules to a web ACL, the values don't need to be consecutive.

Returns:

• (Integer)

# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 21145

class AwsWafWebAclRule < Struct.new(
  :action,
  :excluded_rules,
  :override_action,
  :priority,
  :rule_id,
  :type)
  SENSITIVE = []
  include Aws::Structure
end

#rule_id ⇒ String

The identifier for a rule.

Returns:

• (String)

# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 21145

class AwsWafWebAclRule < Struct.new(
  :action,
  :excluded_rules,
  :override_action,
  :priority,
  :rule_id,
  :type)
  SENSITIVE = []
  include Aws::Structure
end

#type ⇒ String

The rule type.

Valid values: REGULAR | RATE_BASED | GROUP

The default is REGULAR.

Returns:

• (String)

# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 21145

class AwsWafWebAclRule < Struct.new(
  :action,
  :excluded_rules,
  :override_action,
  :priority,
  :rule_id,
  :type)
  SENSITIVE = []
  include Aws::Structure
end