AWS::WAF::WebACL ActivatedRule - AWS CloudFormation
SyntaxProperties

This is the new AWS CloudFormation Template Reference Guide. Please update your bookmarks and links. For help getting started with CloudFormation, see the AWS CloudFormation User Guide.

AWS::WAF::WebACL ActivatedRule

The ActivatedRule object in an UpdateWebACL request specifies a Rule that you want to insert or delete, the priority of the Rule in the WebACL, and the action that you want AWS WAF to take when a web request matches the Rule (ALLOW, BLOCK, or COUNT).

To specify whether to insert or delete a Rule, use the Action parameter in the WebACLUpdate data type.

Syntax

To declare this entity in your AWS CloudFormation template, use the following syntax:

JSON

{
  "Action" : WafAction,
  "Priority" : Integer,
  "RuleId" : String
}

YAML

  Action: 
    WafAction
  Priority: Integer
  RuleId: String

Properties

Action

Specifies the action that Amazon CloudFront or AWS WAF takes when a web request matches the conditions in the Rule. Valid values for Action include the following:

  • ALLOW: CloudFront responds with the requested object.

  • BLOCK: CloudFront responds with an HTTP 403 (Forbidden) status code.

  • COUNT: AWS WAF increments a counter of requests that match the conditions in the rule and then continues to inspect the web request based on the remaining rules in the web ACL.

ActivatedRule|OverrideAction applies only when updating or adding a RuleGroup to a WebACL. In this case, you do not use ActivatedRule|Action. For all other update requests, ActivatedRule|Action is used instead of ActivatedRule|OverrideAction.

Required: No

Type: WafAction

Update requires: No interruption

Priority

Specifies the order in which the Rules in a WebACL are evaluated. Rules with a lower value for Priority are evaluated before Rules with a higher value. The value must be a unique integer. If you add multiple Rules to a WebACL, the values don't need to be consecutive.

Required: Yes

Type: Integer

Update requires: No interruption

RuleId

The RuleId for a Rule. You use RuleId to get more information about a Rule, update a Rule, insert a Rule into a WebACL or delete a one from a WebACL, or delete a Rule from AWS WAF.

RuleId is returned by CreateRule and by ListRules.

Required: Yes

Type: String

Pattern: .*\S.*

Minimum: 1

Maximum: 128

Update requires: No interruption