Class: AWSCDK::WAFv2::CfnWebACL::AWSManagedRulesACFPRuleSetProperty
- Inherits:
-
Jsii::Struct
- Object
- Jsii::Struct
- AWSCDK::WAFv2::CfnWebACL::AWSManagedRulesACFPRuleSetProperty
- Defined in:
- wa_fv2/cfn_web_acl.rb
Overview
Details for your use of the account creation fraud prevention managed rule group, AWSManagedRulesACFPRuleSet .
This configuration is used in ManagedRuleGroupConfig .
For additional information about this and the other intelligent threat mitigation rule groups, see Intelligent threat mitigation in AWS WAF and AWS Managed Rules rule groups list in the AWS WAF Developer Guide .
Instance Attribute Summary collapse
-
#creation_path ⇒ String
readonly
The path of the account creation endpoint for your application.
-
#enable_regex_in_path ⇒ Boolean, ...
readonly
Allow the use of regular expressions in the registration page path and the account creation path.
-
#registration_page_path ⇒ String
readonly
The path of the account registration endpoint for your application.
-
#request_inspection ⇒ AWSCDK::IResolvable, AWSCDK::WAFv2::CfnWebACL::RequestInspectionACFPProperty
readonly
The criteria for inspecting account creation requests, used by the ACFP rule group to validate and track account creation attempts.
-
#response_inspection ⇒ AWSCDK::IResolvable, ...
readonly
The criteria for inspecting responses to account creation requests, used by the ACFP rule group to track account creation success rates.
Class Method Summary collapse
Instance Method Summary collapse
-
#initialize(creation_path:, registration_page_path:, request_inspection:, enable_regex_in_path: nil, response_inspection: nil) ⇒ AWSManagedRulesACFPRuleSetProperty
constructor
A new instance of AWSManagedRulesACFPRuleSetProperty.
- #to_jsii ⇒ Object
Constructor Details
#initialize(creation_path:, registration_page_path:, request_inspection:, enable_regex_in_path: nil, response_inspection: nil) ⇒ AWSManagedRulesACFPRuleSetProperty
Returns a new instance of AWSManagedRulesACFPRuleSetProperty.
781 782 783 784 785 786 787 788 789 790 791 792 |
# File 'wa_fv2/cfn_web_acl.rb', line 781 def initialize(creation_path:, registration_page_path:, request_inspection:, enable_regex_in_path: nil, response_inspection: nil) @creation_path = creation_path Jsii::Type.check_type(@creation_path, JSON.parse(Base64.strict_decode64("eyJwcmltaXRpdmUiOiJzdHJpbmcifQ==")), "creationPath") @registration_page_path = registration_page_path Jsii::Type.check_type(@registration_page_path, JSON.parse(Base64.strict_decode64("eyJwcmltaXRpdmUiOiJzdHJpbmcifQ==")), "registrationPagePath") @request_inspection = request_inspection.is_a?(Hash) ? ::AWSCDK::WAFv2::CfnWebACL::RequestInspectionACFPProperty.new(**request_inspection.transform_keys(&:to_sym)) : request_inspection Jsii::Type.check_type(@request_inspection, JSON.parse(Base64.strict_decode64("eyJ1bmlvbiI6eyJ0eXBlcyI6W3siZnFuIjoiYXdzLWNkay1saWIuSVJlc29sdmFibGUifSx7ImZxbiI6ImF3cy1jZGstbGliLmF3c193YWZ2Mi5DZm5XZWJBQ0wuUmVxdWVzdEluc3BlY3Rpb25BQ0ZQUHJvcGVydHkifV19fQ==")), "requestInspection") @enable_regex_in_path = enable_regex_in_path Jsii::Type.check_type(@enable_regex_in_path, JSON.parse(Base64.strict_decode64("eyJ1bmlvbiI6eyJ0eXBlcyI6W3sicHJpbWl0aXZlIjoiYm9vbGVhbiJ9LHsiZnFuIjoiYXdzLWNkay1saWIuSVJlc29sdmFibGUifV19fQ==")), "enableRegexInPath") unless @enable_regex_in_path.nil? @response_inspection = response_inspection.is_a?(Hash) ? ::AWSCDK::WAFv2::CfnWebACL::ResponseInspectionProperty.new(**response_inspection.transform_keys(&:to_sym)) : response_inspection Jsii::Type.check_type(@response_inspection, JSON.parse(Base64.strict_decode64("eyJ1bmlvbiI6eyJ0eXBlcyI6W3siZnFuIjoiYXdzLWNkay1saWIuSVJlc29sdmFibGUifSx7ImZxbiI6ImF3cy1jZGstbGliLmF3c193YWZ2Mi5DZm5XZWJBQ0wuUmVzcG9uc2VJbnNwZWN0aW9uUHJvcGVydHkifV19fQ==")), "responseInspection") unless @response_inspection.nil? end |
Instance Attribute Details
#creation_path ⇒ String (readonly)
The path of the account creation endpoint for your application.
This is the page on your website that accepts the completed registration form for a new user. This page must accept POST requests.
For example, for the URL https://example.com/web/newaccount , you would provide the path /web/newaccount . Account creation page paths that start with the path that you provide are considered a match. For example /web/newaccount matches the account creation paths /web/newaccount , /web/newaccount/ , /web/newaccountPage , and /web/newaccount/thisPage , but doesn't match the path /home/web/newaccount or /website/newaccount .
802 803 804 |
# File 'wa_fv2/cfn_web_acl.rb', line 802 def creation_path @creation_path end |
#enable_regex_in_path ⇒ Boolean, ... (readonly)
Allow the use of regular expressions in the registration page path and the account creation path.
823 824 825 |
# File 'wa_fv2/cfn_web_acl.rb', line 823 def enable_regex_in_path @enable_regex_in_path end |
#registration_page_path ⇒ String (readonly)
The path of the account registration endpoint for your application.
This is the page on your website that presents the registration form to new users.
This page must accept
GETtext/html requests.
For example, for the URL https://example.com/web/registration , you would provide the path /web/registration . Registration page paths that start with the path that you provide are considered a match. For example /web/registration matches the registration paths /web/registration , /web/registration/ , /web/registrationPage , and /web/registration/thisPage , but doesn't match the path /home/web/registration or /website/registration .
813 814 815 |
# File 'wa_fv2/cfn_web_acl.rb', line 813 def registration_page_path @registration_page_path end |
#request_inspection ⇒ AWSCDK::IResolvable, AWSCDK::WAFv2::CfnWebACL::RequestInspectionACFPProperty (readonly)
The criteria for inspecting account creation requests, used by the ACFP rule group to validate and track account creation attempts.
818 819 820 |
# File 'wa_fv2/cfn_web_acl.rb', line 818 def request_inspection @request_inspection end |
#response_inspection ⇒ AWSCDK::IResolvable, ... (readonly)
The criteria for inspecting responses to account creation requests, used by the ACFP rule group to track account creation success rates.
Response inspection is available only in web ACLs that protect Amazon CloudFront distributions.
The ACFP rule group evaluates the responses that your protected resources send back to client account creation attempts, keeping count of successful and failed attempts from each IP address and client session. Using this information, the rule group labels and mitigates requests from client sessions and IP addresses that have had too many successful account creation attempts in a short amount of time.
832 833 834 |
# File 'wa_fv2/cfn_web_acl.rb', line 832 def response_inspection @response_inspection end |
Class Method Details
.jsii_properties ⇒ Object
834 835 836 837 838 839 840 841 842 |
# File 'wa_fv2/cfn_web_acl.rb', line 834 def self.jsii_properties { :creation_path => "creationPath", :registration_page_path => "registrationPagePath", :request_inspection => "requestInspection", :enable_regex_in_path => "enableRegexInPath", :response_inspection => "responseInspection", } end |
Instance Method Details
#to_jsii ⇒ Object
844 845 846 847 848 849 850 851 852 853 854 |
# File 'wa_fv2/cfn_web_acl.rb', line 844 def to_jsii result = {} result.merge!({ "creationPath" => @creation_path, "registrationPagePath" => @registration_page_path, "requestInspection" => @request_inspection, "enableRegexInPath" => @enable_regex_in_path, "responseInspection" => @response_inspection, }) result.compact end |