Class: AWSCDK::WAFv2::CfnRuleGroup::RuleActionProperty

Inherits:
Jsii::Struct
  • Object
show all
Defined in:
wa_fv2/cfn_rule_group.rb

Overview

The action that AWS WAF should take on a web request when it matches a rule's statement.

Settings at the web ACL level can override the rule action setting.

Instance Attribute Summary collapse

Class Method Summary collapse

Instance Method Summary collapse

Constructor Details

#initialize(allow: nil, block: nil, captcha: nil, challenge: nil, count: nil, monetize: nil) ⇒ RuleActionProperty

Returns a new instance of RuleActionProperty.

Parameters:

  • allow (Object, nil) (defaults to: nil)

    Instructs AWS WAF to allow the web request.

  • block (Object, nil) (defaults to: nil)

    Instructs AWS WAF to block the web request.

  • captcha (Object, nil) (defaults to: nil)

    Specifies that AWS WAF should run a CAPTCHA check against the request:.

  • challenge (Object, nil) (defaults to: nil)

    Instructs AWS WAF to run a Challenge check against the web request.

  • count (Object, nil) (defaults to: nil)

    Instructs AWS WAF to count the web request and then continue evaluating the request using the remaining rules in the web ACL.

  • monetize (AWSCDK::IResolvable, AWSCDK::WAFv2::CfnRuleGroup::MonetizeActionProperty, nil) (defaults to: nil)

    Monetize action for rules.



3644
3645
3646
3647
3648
3649
3650
3651
3652
3653
3654
3655
3656
3657
# File 'wa_fv2/cfn_rule_group.rb', line 3644

def initialize(allow: nil, block: nil, captcha: nil, challenge: nil, count: nil, monetize: nil)
  @allow = allow
  Jsii::Type.check_type(@allow, JSON.parse(Base64.strict_decode64("eyJwcmltaXRpdmUiOiJhbnkifQ==")), "allow") unless @allow.nil?
  @block = block
  Jsii::Type.check_type(@block, JSON.parse(Base64.strict_decode64("eyJwcmltaXRpdmUiOiJhbnkifQ==")), "block") unless @block.nil?
  @captcha = captcha
  Jsii::Type.check_type(@captcha, JSON.parse(Base64.strict_decode64("eyJwcmltaXRpdmUiOiJhbnkifQ==")), "captcha") unless @captcha.nil?
  @challenge = challenge
  Jsii::Type.check_type(@challenge, JSON.parse(Base64.strict_decode64("eyJwcmltaXRpdmUiOiJhbnkifQ==")), "challenge") unless @challenge.nil?
  @count = count
  Jsii::Type.check_type(@count, JSON.parse(Base64.strict_decode64("eyJwcmltaXRpdmUiOiJhbnkifQ==")), "count") unless @count.nil?
  @monetize = monetize.is_a?(Hash) ? ::AWSCDK::WAFv2::CfnRuleGroup::MonetizeActionProperty.new(**monetize.transform_keys(&:to_sym)) : monetize
  Jsii::Type.check_type(@monetize, JSON.parse(Base64.strict_decode64("eyJ1bmlvbiI6eyJ0eXBlcyI6W3siZnFuIjoiYXdzLWNkay1saWIuSVJlc29sdmFibGUifSx7ImZxbiI6ImF3cy1jZGstbGliLmF3c193YWZ2Mi5DZm5SdWxlR3JvdXAuTW9uZXRpemVBY3Rpb25Qcm9wZXJ0eSJ9XX19")), "monetize") unless @monetize.nil?
end

Instance Attribute Details

#allowObject? (readonly)

Instructs AWS WAF to allow the web request.



3663
3664
3665
# File 'wa_fv2/cfn_rule_group.rb', line 3663

def allow
  @allow
end

#blockObject? (readonly)

Instructs AWS WAF to block the web request.



3668
3669
3670
# File 'wa_fv2/cfn_rule_group.rb', line 3668

def block
  @block
end

#captchaObject? (readonly)

Specifies that AWS WAF should run a CAPTCHA check against the request:.

  • If the request includes a valid, unexpired CAPTCHA token, AWS WAF allows the web request inspection to proceed to the next rule, similar to a CountAction .
  • If the request doesn't include a valid, unexpired CAPTCHA token, AWS WAF discontinues the web ACL evaluation of the request and blocks it from going to its intended destination.

AWS WAF generates a response that it sends back to the client, which includes the following:

  • The header x-amzn-waf-action with a value of captcha .
  • The HTTP status code 405 Method Not Allowed .
  • If the request contains an Accept header with a value of text/html , the response includes a CAPTCHA challenge.

You can configure the expiration time in the CaptchaConfig ImmunityTimeProperty setting at the rule and web ACL level. The rule setting overrides the web ACL setting.

This action option is available for rules. It isn't available for web ACL default actions.



3686
3687
3688
# File 'wa_fv2/cfn_rule_group.rb', line 3686

def captcha
  @captcha
end

#challengeObject? (readonly)

Instructs AWS WAF to run a Challenge check against the web request.



3691
3692
3693
# File 'wa_fv2/cfn_rule_group.rb', line 3691

def challenge
  @challenge
end

#countObject? (readonly)

Instructs AWS WAF to count the web request and then continue evaluating the request using the remaining rules in the web ACL.



3696
3697
3698
# File 'wa_fv2/cfn_rule_group.rb', line 3696

def count
  @count
end

#monetizeAWSCDK::IResolvable, ... (readonly)

Monetize action for rules.



3701
3702
3703
# File 'wa_fv2/cfn_rule_group.rb', line 3701

def monetize
  @monetize
end

Class Method Details

.jsii_propertiesObject



3703
3704
3705
3706
3707
3708
3709
3710
3711
3712
# File 'wa_fv2/cfn_rule_group.rb', line 3703

def self.jsii_properties
  {
    :allow => "allow",
    :block => "block",
    :captcha => "captcha",
    :challenge => "challenge",
    :count => "count",
    :monetize => "monetize",
  }
end

Instance Method Details

#to_jsiiObject



3714
3715
3716
3717
3718
3719
3720
3721
3722
3723
3724
3725
# File 'wa_fv2/cfn_rule_group.rb', line 3714

def to_jsii
  result = {}
  result.merge!({
    "allow" => @allow,
    "block" => @block,
    "captcha" => @captcha,
    "challenge" => @challenge,
    "count" => @count,
    "monetize" => @monetize,
  })
  result.compact
end