AWS::WAFRegional::WebACL Rule - AWS CloudFormation
SyntaxProperties
Services or capabilities described in AWS documentation might vary by Region. To see the differences applicable to the AWS European Sovereign Cloud Region, see the AWS European Sovereign Cloud User Guide.

This is the new CloudFormation Template Reference Guide. Please update your bookmarks and links. For help getting started with CloudFormation, see the AWS CloudFormation User Guide.

AWS::WAFRegional::WebACL Rule

A combination of ByteMatchSet, IPSet, and/or SqlInjectionMatchSet objects that identify the web requests that you want to allow, block, or count. For example, you might create a Rule that includes the following predicates:

  • An IPSet that causes AWS WAF to search for web requests that originate from the IP address 192.0.2.44

  • A ByteMatchSet that causes AWS WAF to search for web requests for which the value of the User-Agent header is BadBot.

To match the settings in this Rule, a request must originate from 192.0.2.44 AND include a User-Agent header for which the value is BadBot.

Syntax

To declare this entity in your CloudFormation template, use the following syntax:

JSON

{
  "Action" : Action,
  "Priority" : Integer,
  "RuleId" : String
}

YAML

  Action: 
    Action
  Priority: Integer
  RuleId: String

Properties

Action

The action that AWS WAF takes when a web request matches all conditions in the rule, such as allow, block, or count the request.

Required: Yes

Type: Action

Update requires: No interruption

Priority

The order in which AWS WAF evaluates the rules in a web ACL. AWS WAF evaluates rules with a lower value before rules with a higher value. The value must be a unique integer. If you have multiple rules in a web ACL, the priority numbers do not need to be consecutive.

Required: Yes

Type: Integer

Update requires: No interruption

RuleId

The ID of an AWS WAF Regional rule to associate with a web ACL.

Required: Yes

Type: String

Pattern: .*\S.*

Minimum: 1

Maximum: 128

Update requires: No interruption