Class: AWSCDK::WAFv2::CfnWebACL::ManagedRuleGroupConfigProperty
- Inherits:
-
Jsii::Struct
- Object
- Jsii::Struct
- AWSCDK::WAFv2::CfnWebACL::ManagedRuleGroupConfigProperty
- Defined in:
- wa_fv2/cfn_web_acl.rb
Overview
Additional information that's used by a managed rule group. Many managed rule groups don't require this.
The rule groups used for intelligent threat mitigation require additional configuration:
- Use the
AWSManagedRulesACFPRuleSetconfiguration object to configure the account creation fraud prevention managed rule group. The configuration includes the registration and sign-up pages of your application and the locations in the account creation request payload of data, such as the user email and phone number fields. - Use the
AWSManagedRulesATPRuleSetconfiguration object to configure the account takeover prevention managed rule group. The configuration includes the sign-in page of your application and the locations in the login request payload of data such as the username and password. - Use the
AWSManagedRulesBotControlRuleSetconfiguration object to configure the protection level that you want the Bot Control rule group to use.
Instance Attribute Summary collapse
-
#aws_managed_rules_acfp_rule_set ⇒ AWSCDK::IResolvable, ...
readonly
Additional configuration for using the account creation fraud prevention (ACFP) managed rule group,
AWSManagedRulesACFPRuleSet. -
#aws_managed_rules_anti_d_do_s_rule_set ⇒ AWSCDK::IResolvable, ...
readonly
Additional configuration for using the anti-DDoS managed rule group,
AWSManagedRulesAntiDDoSRuleSet. -
#aws_managed_rules_atp_rule_set ⇒ AWSCDK::IResolvable, ...
readonly
Additional configuration for using the account takeover prevention (ATP) managed rule group,
AWSManagedRulesATPRuleSet. -
#aws_managed_rules_bot_control_rule_set ⇒ AWSCDK::IResolvable, ...
readonly
Additional configuration for using the Bot Control managed rule group.
-
#login_path ⇒ String?
readonly
Instead of this setting, provide your configuration under
AWSManagedRulesATPRuleSet. -
#password_field ⇒ AWSCDK::IResolvable, ...
readonly
Instead of this setting, provide your configuration under the request inspection configuration for
AWSManagedRulesATPRuleSetorAWSManagedRulesACFPRuleSet. -
#payload_type ⇒ String?
readonly
Instead of this setting, provide your configuration under the request inspection configuration for
AWSManagedRulesATPRuleSetorAWSManagedRulesACFPRuleSet. -
#username_field ⇒ AWSCDK::IResolvable, ...
readonly
Instead of this setting, provide your configuration under the request inspection configuration for
AWSManagedRulesATPRuleSetorAWSManagedRulesACFPRuleSet.
Class Method Summary collapse
Instance Method Summary collapse
-
#initialize(aws_managed_rules_acfp_rule_set: nil, aws_managed_rules_anti_d_do_s_rule_set: nil, aws_managed_rules_atp_rule_set: nil, aws_managed_rules_bot_control_rule_set: nil, login_path: nil, password_field: nil, payload_type: nil, username_field: nil) ⇒ ManagedRuleGroupConfigProperty
constructor
A new instance of ManagedRuleGroupConfigProperty.
- #to_jsii ⇒ Object
Constructor Details
#initialize(aws_managed_rules_acfp_rule_set: nil, aws_managed_rules_anti_d_do_s_rule_set: nil, aws_managed_rules_atp_rule_set: nil, aws_managed_rules_bot_control_rule_set: nil, login_path: nil, password_field: nil, payload_type: nil, username_field: nil) ⇒ ManagedRuleGroupConfigProperty
Returns a new instance of ManagedRuleGroupConfigProperty.
3508 3509 3510 3511 3512 3513 3514 3515 3516 3517 3518 3519 3520 3521 3522 3523 3524 3525 |
# File 'wa_fv2/cfn_web_acl.rb', line 3508 def initialize(aws_managed_rules_acfp_rule_set: nil, aws_managed_rules_anti_d_do_s_rule_set: nil, aws_managed_rules_atp_rule_set: nil, aws_managed_rules_bot_control_rule_set: nil, login_path: nil, password_field: nil, payload_type: nil, username_field: nil) @aws_managed_rules_acfp_rule_set = aws_managed_rules_acfp_rule_set.is_a?(Hash) ? ::AWSCDK::WAFv2::CfnWebACL::AWSManagedRulesACFPRuleSetProperty.new(**aws_managed_rules_acfp_rule_set.transform_keys(&:to_sym)) : aws_managed_rules_acfp_rule_set Jsii::Type.check_type(@aws_managed_rules_acfp_rule_set, JSON.parse(Base64.strict_decode64("eyJ1bmlvbiI6eyJ0eXBlcyI6W3siZnFuIjoiYXdzLWNkay1saWIuSVJlc29sdmFibGUifSx7ImZxbiI6ImF3cy1jZGstbGliLmF3c193YWZ2Mi5DZm5XZWJBQ0wuQVdTTWFuYWdlZFJ1bGVzQUNGUFJ1bGVTZXRQcm9wZXJ0eSJ9XX19")), "awsManagedRulesAcfpRuleSet") unless @aws_managed_rules_acfp_rule_set.nil? @aws_managed_rules_anti_d_do_s_rule_set = aws_managed_rules_anti_d_do_s_rule_set.is_a?(Hash) ? ::AWSCDK::WAFv2::CfnWebACL::AWSManagedRulesAntiDDoSRuleSetProperty.new(**aws_managed_rules_anti_d_do_s_rule_set.transform_keys(&:to_sym)) : aws_managed_rules_anti_d_do_s_rule_set Jsii::Type.check_type(@aws_managed_rules_anti_d_do_s_rule_set, JSON.parse(Base64.strict_decode64("eyJ1bmlvbiI6eyJ0eXBlcyI6W3siZnFuIjoiYXdzLWNkay1saWIuSVJlc29sdmFibGUifSx7ImZxbiI6ImF3cy1jZGstbGliLmF3c193YWZ2Mi5DZm5XZWJBQ0wuQVdTTWFuYWdlZFJ1bGVzQW50aUREb1NSdWxlU2V0UHJvcGVydHkifV19fQ==")), "awsManagedRulesAntiDDoSRuleSet") unless @aws_managed_rules_anti_d_do_s_rule_set.nil? @aws_managed_rules_atp_rule_set = aws_managed_rules_atp_rule_set.is_a?(Hash) ? ::AWSCDK::WAFv2::CfnWebACL::AWSManagedRulesATPRuleSetProperty.new(**aws_managed_rules_atp_rule_set.transform_keys(&:to_sym)) : aws_managed_rules_atp_rule_set Jsii::Type.check_type(@aws_managed_rules_atp_rule_set, JSON.parse(Base64.strict_decode64("eyJ1bmlvbiI6eyJ0eXBlcyI6W3siZnFuIjoiYXdzLWNkay1saWIuSVJlc29sdmFibGUifSx7ImZxbiI6ImF3cy1jZGstbGliLmF3c193YWZ2Mi5DZm5XZWJBQ0wuQVdTTWFuYWdlZFJ1bGVzQVRQUnVsZVNldFByb3BlcnR5In1dfX0=")), "awsManagedRulesAtpRuleSet") unless @aws_managed_rules_atp_rule_set.nil? @aws_managed_rules_bot_control_rule_set = aws_managed_rules_bot_control_rule_set.is_a?(Hash) ? ::AWSCDK::WAFv2::CfnWebACL::AWSManagedRulesBotControlRuleSetProperty.new(**aws_managed_rules_bot_control_rule_set.transform_keys(&:to_sym)) : aws_managed_rules_bot_control_rule_set Jsii::Type.check_type(@aws_managed_rules_bot_control_rule_set, JSON.parse(Base64.strict_decode64("eyJ1bmlvbiI6eyJ0eXBlcyI6W3siZnFuIjoiYXdzLWNkay1saWIuSVJlc29sdmFibGUifSx7ImZxbiI6ImF3cy1jZGstbGliLmF3c193YWZ2Mi5DZm5XZWJBQ0wuQVdTTWFuYWdlZFJ1bGVzQm90Q29udHJvbFJ1bGVTZXRQcm9wZXJ0eSJ9XX19")), "awsManagedRulesBotControlRuleSet") unless @aws_managed_rules_bot_control_rule_set.nil? @login_path = login_path Jsii::Type.check_type(@login_path, JSON.parse(Base64.strict_decode64("eyJwcmltaXRpdmUiOiJzdHJpbmcifQ==")), "loginPath") unless @login_path.nil? @password_field = password_field.is_a?(Hash) ? ::AWSCDK::WAFv2::CfnWebACL::FieldIdentifierProperty.new(**password_field.transform_keys(&:to_sym)) : password_field Jsii::Type.check_type(@password_field, JSON.parse(Base64.strict_decode64("eyJ1bmlvbiI6eyJ0eXBlcyI6W3siZnFuIjoiYXdzLWNkay1saWIuSVJlc29sdmFibGUifSx7ImZxbiI6ImF3cy1jZGstbGliLmF3c193YWZ2Mi5DZm5XZWJBQ0wuRmllbGRJZGVudGlmaWVyUHJvcGVydHkifV19fQ==")), "passwordField") unless @password_field.nil? @payload_type = payload_type Jsii::Type.check_type(@payload_type, JSON.parse(Base64.strict_decode64("eyJwcmltaXRpdmUiOiJzdHJpbmcifQ==")), "payloadType") unless @payload_type.nil? @username_field = username_field.is_a?(Hash) ? ::AWSCDK::WAFv2::CfnWebACL::FieldIdentifierProperty.new(**username_field.transform_keys(&:to_sym)) : username_field Jsii::Type.check_type(@username_field, JSON.parse(Base64.strict_decode64("eyJ1bmlvbiI6eyJ0eXBlcyI6W3siZnFuIjoiYXdzLWNkay1saWIuSVJlc29sdmFibGUifSx7ImZxbiI6ImF3cy1jZGstbGliLmF3c193YWZ2Mi5DZm5XZWJBQ0wuRmllbGRJZGVudGlmaWVyUHJvcGVydHkifV19fQ==")), "usernameField") unless @username_field.nil? end |
Instance Attribute Details
#aws_managed_rules_acfp_rule_set ⇒ AWSCDK::IResolvable, ... (readonly)
Additional configuration for using the account creation fraud prevention (ACFP) managed rule group, AWSManagedRulesACFPRuleSet .
Use this to provide account creation request information to the rule group. For web ACLs that protect CloudFront distributions, use this to also provide the information about how your distribution responds to account creation requests.
For information about using the ACFP managed rule group, see AWS WAF Fraud Control account creation fraud prevention (ACFP) rule group and AWS WAF Fraud Control account creation fraud prevention (ACFP) in the AWS WAF Developer Guide .
3535 3536 3537 |
# File 'wa_fv2/cfn_web_acl.rb', line 3535 def aws_managed_rules_acfp_rule_set @aws_managed_rules_acfp_rule_set end |
#aws_managed_rules_anti_d_do_s_rule_set ⇒ AWSCDK::IResolvable, ... (readonly)
Additional configuration for using the anti-DDoS managed rule group, AWSManagedRulesAntiDDoSRuleSet .
Use this to configure anti-DDoS behavior for the rule group.
For information about using the anti-DDoS managed rule group, see AWS WAF Anti-DDoS rule group and Distributed Denial of Service (DDoS) prevention in the AWS WAF Developer Guide .
3544 3545 3546 |
# File 'wa_fv2/cfn_web_acl.rb', line 3544 def aws_managed_rules_anti_d_do_s_rule_set @aws_managed_rules_anti_d_do_s_rule_set end |
#aws_managed_rules_atp_rule_set ⇒ AWSCDK::IResolvable, ... (readonly)
Additional configuration for using the account takeover prevention (ATP) managed rule group, AWSManagedRulesATPRuleSet .
Use this to provide login request information to the rule group. For web ACLs that protect CloudFront distributions, use this to also provide the information about how your distribution responds to login requests.
This configuration replaces the individual configuration fields in ManagedRuleGroupConfig and provides additional feature configuration.
For information about using the ATP managed rule group, see AWS WAF Fraud Control account takeover prevention (ATP) rule group and AWS WAF Fraud Control account takeover prevention (ATP) in the AWS WAF Developer Guide .
3555 3556 3557 |
# File 'wa_fv2/cfn_web_acl.rb', line 3555 def aws_managed_rules_atp_rule_set @aws_managed_rules_atp_rule_set end |
#aws_managed_rules_bot_control_rule_set ⇒ AWSCDK::IResolvable, ... (readonly)
Additional configuration for using the Bot Control managed rule group.
Use this to specify the inspection level that you want to use. For information about using the Bot Control managed rule group, see AWS WAF Bot Control rule group and AWS WAF Bot Control in the AWS WAF Developer Guide .
3562 3563 3564 |
# File 'wa_fv2/cfn_web_acl.rb', line 3562 def aws_managed_rules_bot_control_rule_set @aws_managed_rules_bot_control_rule_set end |
#login_path ⇒ String? (readonly)
Instead of this setting, provide your configuration under
AWSManagedRulesATPRuleSet.
3567 3568 3569 |
# File 'wa_fv2/cfn_web_acl.rb', line 3567 def login_path @login_path end |
#password_field ⇒ AWSCDK::IResolvable, ... (readonly)
Instead of this setting, provide your configuration under the request inspection configuration for
AWSManagedRulesATPRuleSetorAWSManagedRulesACFPRuleSet.
3572 3573 3574 |
# File 'wa_fv2/cfn_web_acl.rb', line 3572 def password_field @password_field end |
#payload_type ⇒ String? (readonly)
Instead of this setting, provide your configuration under the request inspection configuration for
AWSManagedRulesATPRuleSetorAWSManagedRulesACFPRuleSet.
3577 3578 3579 |
# File 'wa_fv2/cfn_web_acl.rb', line 3577 def payload_type @payload_type end |
#username_field ⇒ AWSCDK::IResolvable, ... (readonly)
Instead of this setting, provide your configuration under the request inspection configuration for
AWSManagedRulesATPRuleSetorAWSManagedRulesACFPRuleSet.
3582 3583 3584 |
# File 'wa_fv2/cfn_web_acl.rb', line 3582 def username_field @username_field end |
Class Method Details
.jsii_properties ⇒ Object
3584 3585 3586 3587 3588 3589 3590 3591 3592 3593 3594 3595 |
# File 'wa_fv2/cfn_web_acl.rb', line 3584 def self.jsii_properties { :aws_managed_rules_acfp_rule_set => "awsManagedRulesAcfpRuleSet", :aws_managed_rules_anti_d_do_s_rule_set => "awsManagedRulesAntiDDoSRuleSet", :aws_managed_rules_atp_rule_set => "awsManagedRulesAtpRuleSet", :aws_managed_rules_bot_control_rule_set => "awsManagedRulesBotControlRuleSet", :login_path => "loginPath", :password_field => "passwordField", :payload_type => "payloadType", :username_field => "usernameField", } end |
Instance Method Details
#to_jsii ⇒ Object
3597 3598 3599 3600 3601 3602 3603 3604 3605 3606 3607 3608 3609 3610 |
# File 'wa_fv2/cfn_web_acl.rb', line 3597 def to_jsii result = {} result.merge!({ "awsManagedRulesAcfpRuleSet" => @aws_managed_rules_acfp_rule_set, "awsManagedRulesAntiDDoSRuleSet" => @aws_managed_rules_anti_d_do_s_rule_set, "awsManagedRulesAtpRuleSet" => @aws_managed_rules_atp_rule_set, "awsManagedRulesBotControlRuleSet" => @aws_managed_rules_bot_control_rule_set, "loginPath" => @login_path, "passwordField" => @password_field, "payloadType" => @payload_type, "usernameField" => @username_field, }) result.compact end |