Class: AWSCDK::WAFv2::CfnRuleGroup::IPSetReferenceStatementProperty

Inherits:
Jsii::Struct
  • Object
show all
Defined in:
wa_fv2/cfn_rule_group.rb

Overview

A rule statement used to detect web requests coming from particular IP addresses or address ranges.

To use this, create an IPSet that specifies the addresses you want to detect, then use the ARN of that set in this statement.

Each IP set rule statement references an IP set. You create and maintain the set independent of your rules. This allows you to use the single set in multiple rules. When you update the referenced set, AWS WAF automatically updates all rules that reference it.

Instance Attribute Summary collapse

Class Method Summary collapse

Instance Method Summary collapse

Constructor Details

#initialize(arn:, ip_set_forwarded_ip_config: nil) ⇒ IPSetReferenceStatementProperty

Returns a new instance of IPSetReferenceStatementProperty.

Parameters:



2144
2145
2146
2147
2148
2149
# File 'wa_fv2/cfn_rule_group.rb', line 2144

def initialize(arn:, ip_set_forwarded_ip_config: nil)
  @arn = arn
  Jsii::Type.check_type(@arn, JSON.parse(Base64.strict_decode64("eyJwcmltaXRpdmUiOiJzdHJpbmcifQ==")), "arn")
  @ip_set_forwarded_ip_config = ip_set_forwarded_ip_config.is_a?(Hash) ? ::AWSCDK::WAFv2::CfnRuleGroup::IPSetForwardedIPConfigurationProperty.new(**ip_set_forwarded_ip_config.transform_keys(&:to_sym)) : ip_set_forwarded_ip_config
  Jsii::Type.check_type(@ip_set_forwarded_ip_config, JSON.parse(Base64.strict_decode64("eyJ1bmlvbiI6eyJ0eXBlcyI6W3siZnFuIjoiYXdzLWNkay1saWIuSVJlc29sdmFibGUifSx7ImZxbiI6ImF3cy1jZGstbGliLmF3c193YWZ2Mi5DZm5SdWxlR3JvdXAuSVBTZXRGb3J3YXJkZWRJUENvbmZpZ3VyYXRpb25Qcm9wZXJ0eSJ9XX19")), "ipSetForwardedIpConfig") unless @ip_set_forwarded_ip_config.nil?
end

Instance Attribute Details

#arnString (readonly)

The Amazon Resource Name (ARN) of the IPSet that this statement references.



2155
2156
2157
# File 'wa_fv2/cfn_rule_group.rb', line 2155

def arn
  @arn
end

#ip_set_forwarded_ip_configAWSCDK::IResolvable, ... (readonly)

The configuration for inspecting IP addresses in an HTTP header that you specify, instead of using the IP address that's reported by the web request origin.

Commonly, this is the X-Forwarded-For (XFF) header, but you can specify any header name.

If the specified header isn't present in the request, AWS WAF doesn't apply the rule to the web request at all.



2164
2165
2166
# File 'wa_fv2/cfn_rule_group.rb', line 2164

def ip_set_forwarded_ip_config
  @ip_set_forwarded_ip_config
end

Class Method Details

.jsii_propertiesObject



2166
2167
2168
2169
2170
2171
# File 'wa_fv2/cfn_rule_group.rb', line 2166

def self.jsii_properties
  {
    :arn => "arn",
    :ip_set_forwarded_ip_config => "ipSetForwardedIpConfig",
  }
end

Instance Method Details

#to_jsiiObject



2173
2174
2175
2176
2177
2178
2179
2180
# File 'wa_fv2/cfn_rule_group.rb', line 2173

def to_jsii
  result = {}
  result.merge!({
    "arn" => @arn,
    "ipSetForwardedIpConfig" => @ip_set_forwarded_ip_config,
  })
  result.compact
end