Class: AWSCDK::WAFv2::CfnWebACL::RuleActionProperty

Inherits:
Jsii::Struct
  • Object
show all
Defined in:
wa_fv2/cfn_web_acl.rb

Overview

The action that AWS WAF should take on a web request when it matches a rule's statement.

Settings at the web ACL level can override the rule action setting.

Instance Attribute Summary collapse

Class Method Summary collapse

Instance Method Summary collapse

Constructor Details

#initialize(allow: nil, block: nil, captcha: nil, challenge: nil, count: nil, monetize: nil) ⇒ RuleActionProperty

Returns a new instance of RuleActionProperty.

Parameters:



5540
5541
5542
5543
5544
5545
5546
5547
5548
5549
5550
5551
5552
5553
# File 'wa_fv2/cfn_web_acl.rb', line 5540

def initialize(allow: nil, block: nil, captcha: nil, challenge: nil, count: nil, monetize: nil)
  @allow = allow.is_a?(Hash) ? ::AWSCDK::WAFv2::CfnWebACL::AllowActionProperty.new(**allow.transform_keys(&:to_sym)) : allow
  Jsii::Type.check_type(@allow, JSON.parse(Base64.strict_decode64("eyJ1bmlvbiI6eyJ0eXBlcyI6W3siZnFuIjoiYXdzLWNkay1saWIuSVJlc29sdmFibGUifSx7ImZxbiI6ImF3cy1jZGstbGliLmF3c193YWZ2Mi5DZm5XZWJBQ0wuQWxsb3dBY3Rpb25Qcm9wZXJ0eSJ9XX19")), "allow") unless @allow.nil?
  @block = block.is_a?(Hash) ? ::AWSCDK::WAFv2::CfnWebACL::BlockActionProperty.new(**block.transform_keys(&:to_sym)) : block
  Jsii::Type.check_type(@block, JSON.parse(Base64.strict_decode64("eyJ1bmlvbiI6eyJ0eXBlcyI6W3siZnFuIjoiYXdzLWNkay1saWIuSVJlc29sdmFibGUifSx7ImZxbiI6ImF3cy1jZGstbGliLmF3c193YWZ2Mi5DZm5XZWJBQ0wuQmxvY2tBY3Rpb25Qcm9wZXJ0eSJ9XX19")), "block") unless @block.nil?
  @captcha = captcha.is_a?(Hash) ? ::AWSCDK::WAFv2::CfnWebACL::CaptchaActionProperty.new(**captcha.transform_keys(&:to_sym)) : captcha
  Jsii::Type.check_type(@captcha, JSON.parse(Base64.strict_decode64("eyJ1bmlvbiI6eyJ0eXBlcyI6W3siZnFuIjoiYXdzLWNkay1saWIuSVJlc29sdmFibGUifSx7ImZxbiI6ImF3cy1jZGstbGliLmF3c193YWZ2Mi5DZm5XZWJBQ0wuQ2FwdGNoYUFjdGlvblByb3BlcnR5In1dfX0=")), "captcha") unless @captcha.nil?
  @challenge = challenge.is_a?(Hash) ? ::AWSCDK::WAFv2::CfnWebACL::ChallengeActionProperty.new(**challenge.transform_keys(&:to_sym)) : challenge
  Jsii::Type.check_type(@challenge, JSON.parse(Base64.strict_decode64("eyJ1bmlvbiI6eyJ0eXBlcyI6W3siZnFuIjoiYXdzLWNkay1saWIuSVJlc29sdmFibGUifSx7ImZxbiI6ImF3cy1jZGstbGliLmF3c193YWZ2Mi5DZm5XZWJBQ0wuQ2hhbGxlbmdlQWN0aW9uUHJvcGVydHkifV19fQ==")), "challenge") unless @challenge.nil?
  @count = count.is_a?(Hash) ? ::AWSCDK::WAFv2::CfnWebACL::CountActionProperty.new(**count.transform_keys(&:to_sym)) : count
  Jsii::Type.check_type(@count, JSON.parse(Base64.strict_decode64("eyJ1bmlvbiI6eyJ0eXBlcyI6W3siZnFuIjoiYXdzLWNkay1saWIuSVJlc29sdmFibGUifSx7ImZxbiI6ImF3cy1jZGstbGliLmF3c193YWZ2Mi5DZm5XZWJBQ0wuQ291bnRBY3Rpb25Qcm9wZXJ0eSJ9XX19")), "count") unless @count.nil?
  @monetize = monetize.is_a?(Hash) ? ::AWSCDK::WAFv2::CfnWebACL::MonetizeActionProperty.new(**monetize.transform_keys(&:to_sym)) : monetize
  Jsii::Type.check_type(@monetize, JSON.parse(Base64.strict_decode64("eyJ1bmlvbiI6eyJ0eXBlcyI6W3siZnFuIjoiYXdzLWNkay1saWIuSVJlc29sdmFibGUifSx7ImZxbiI6ImF3cy1jZGstbGliLmF3c193YWZ2Mi5DZm5XZWJBQ0wuTW9uZXRpemVBY3Rpb25Qcm9wZXJ0eSJ9XX19")), "monetize") unless @monetize.nil?
end

Instance Attribute Details

#allowAWSCDK::IResolvable, ... (readonly)

Instructs AWS WAF to allow the web request.



5559
5560
5561
# File 'wa_fv2/cfn_web_acl.rb', line 5559

def allow
  @allow
end

#blockAWSCDK::IResolvable, ... (readonly)

Instructs AWS WAF to block the web request.



5564
5565
5566
# File 'wa_fv2/cfn_web_acl.rb', line 5564

def block
  @block
end

#captchaAWSCDK::IResolvable, ... (readonly)

Specifies that AWS WAF should run a CAPTCHA check against the request:.

  • If the request includes a valid, unexpired CAPTCHA token, AWS WAF allows the web request inspection to proceed to the next rule, similar to a CountAction .
  • If the request doesn't include a valid, unexpired CAPTCHA token, AWS WAF discontinues the web ACL evaluation of the request and blocks it from going to its intended destination.

AWS WAF generates a response that it sends back to the client, which includes the following:

  • The header x-amzn-waf-action with a value of captcha .
  • The HTTP status code 405 Method Not Allowed .
  • If the request contains an Accept header with a value of text/html , the response includes a CAPTCHA challenge.

You can configure the expiration time in the CaptchaConfig ImmunityTimeProperty setting at the rule and web ACL level. The rule setting overrides the web ACL setting.

This action option is available for rules. It isn't available for web ACL default actions.



5582
5583
5584
# File 'wa_fv2/cfn_web_acl.rb', line 5582

def captcha
  @captcha
end

#challengeAWSCDK::IResolvable, ... (readonly)

Instructs AWS WAF to run a Challenge check against the web request.



5587
5588
5589
# File 'wa_fv2/cfn_web_acl.rb', line 5587

def challenge
  @challenge
end

#countAWSCDK::IResolvable, ... (readonly)

Instructs AWS WAF to count the web request and then continue evaluating the request using the remaining rules in the web ACL.



5592
5593
5594
# File 'wa_fv2/cfn_web_acl.rb', line 5592

def count
  @count
end

#monetizeAWSCDK::IResolvable, ... (readonly)

Monetize action for rules.



5597
5598
5599
# File 'wa_fv2/cfn_web_acl.rb', line 5597

def monetize
  @monetize
end

Class Method Details

.jsii_propertiesObject



5599
5600
5601
5602
5603
5604
5605
5606
5607
5608
# File 'wa_fv2/cfn_web_acl.rb', line 5599

def self.jsii_properties
  {
    :allow => "allow",
    :block => "block",
    :captcha => "captcha",
    :challenge => "challenge",
    :count => "count",
    :monetize => "monetize",
  }
end

Instance Method Details

#to_jsiiObject



5610
5611
5612
5613
5614
5615
5616
5617
5618
5619
5620
5621
# File 'wa_fv2/cfn_web_acl.rb', line 5610

def to_jsii
  result = {}
  result.merge!({
    "allow" => @allow,
    "block" => @block,
    "captcha" => @captcha,
    "challenge" => @challenge,
    "count" => @count,
    "monetize" => @monetize,
  })
  result.compact
end