Class WebAcl

Provides a WAF Web ACL Resource

Example Usage

using Pulumi;
using Aws = Pulumi.Aws;

class MyStack : Stack
{
public MyStack()
{
    var ipset = new Aws.Waf.IpSet("ipset", new Aws.Waf.IpSetArgs
    {
        IpSetDescriptors = 
        {
            new Aws.Waf.Inputs.IpSetIpSetDescriptorArgs
            {
                Type = "IPV4",
                Value = "192.0.7.0/24",
            },
        },
    });
    var wafrule = new Aws.Waf.Rule("wafrule", new Aws.Waf.RuleArgs
    {
        MetricName = "tfWAFRule",
        Predicates = 
        {
            new Aws.Waf.Inputs.RulePredicateArgs
            {
                DataId = ipset.Id,
                Negated = false,
                Type = "IPMatch",
            },
        },
    });
    var wafAcl = new Aws.Waf.WebAcl("wafAcl", new Aws.Waf.WebAclArgs
    {
        DefaultAction = new Aws.Waf.Inputs.WebAclDefaultActionArgs
        {
            Type = "ALLOW",
        },
        MetricName = "tfWebACL",
        Rules = 
        {
            new Aws.Waf.Inputs.WebAclRuleArgs
            {
                Action = new Aws.Waf.Inputs.WebAclRuleActionArgs
                {
                    Type = "BLOCK",
                },
                Priority = 1,
                RuleId = wafrule.Id,
                Type = "REGULAR",
            },
        },
    });
}

}

Logging

using Pulumi;
using Aws = Pulumi.Aws;

class MyStack : Stack
{
public MyStack()
{
    var example = new Aws.Waf.WebAcl("example", new Aws.Waf.WebAclArgs
    {
        LoggingConfiguration = new Aws.Waf.Inputs.WebAclLoggingConfigurationArgs
        {
            LogDestination = aws_kinesis_firehose_delivery_stream.Example.Arn,
            RedactedFields = new Aws.Waf.Inputs.WebAclLoggingConfigurationRedactedFieldsArgs
            {
                FieldToMatch = 
                {

                    {
                        { "type", "URI" },
                    },

                    {
                        { "data", "referer" },
                        { "type", "HEADER" },
                    },
                },
            },
        },
    });
}

}
Inheritance
System.Object
Resource
CustomResource
WebAcl
Inherited Members
System.Object.Equals(System.Object)
System.Object.Equals(System.Object, System.Object)
System.Object.GetHashCode()
System.Object.GetType()
System.Object.MemberwiseClone()
System.Object.ReferenceEquals(System.Object, System.Object)
System.Object.ToString()
Namespace: Pulumi.Aws.Waf
Assembly: Pulumi.Aws.dll
Syntax
public class WebAcl : CustomResource

Constructors

View Source

WebAcl(String, WebAclArgs, CustomResourceOptions)

Create a WebAcl resource with the given unique name, arguments, and options.

Declaration
public WebAcl(string name, WebAclArgs args, CustomResourceOptions options = null)
Parameters
Type Name Description
System.String name

The unique name of the resource
WebAclArgs args

The arguments used to populate this resource's properties
CustomResourceOptions options

A bag of options that control this resource's behavior

Properties

View Source

Arn

The ARN of the WAF WebACL.

Declaration
public Output<string> Arn { get; }
Property Value
Type Description
Output<System.String>
View Source

DefaultAction

Configuration block with action that you want AWS WAF to take when a request doesn't match the criteria in any of the rules that are associated with the web ACL. Detailed below.

Declaration
public Output<WebAclDefaultAction> DefaultAction { get; }
Property Value
Type Description
Output<WebAclDefaultAction>
View Source

LoggingConfiguration

Configuration block to enable WAF logging. Detailed below.

Declaration
public Output<WebAclLoggingConfiguration> LoggingConfiguration { get; }
Property Value
Type Description
Output<WebAclLoggingConfiguration>
View Source

MetricName

The name or description for the Amazon CloudWatch metric of this web ACL.

Declaration
public Output<string> MetricName { get; }
Property Value
Type Description
Output<System.String>
View Source

Name

The name or description of the web ACL.

Declaration
public Output<string> Name { get; }
Property Value
Type Description
Output<System.String>
View Source

Rules

Configuration blocks containing rules to associate with the web ACL and the settings for each rule. Detailed below.

Declaration
public Output<ImmutableArray<WebAclRule>> Rules { get; }
Property Value
Type Description
Output<System.Collections.Immutable.ImmutableArray<WebAclRule>>
View Source

Tags

Key-value map of resource tags

Declaration
public Output<ImmutableDictionary<string, object>> Tags { get; }
Property Value
Type Description
Output<System.Collections.Immutable.ImmutableDictionary<System.String, System.Object>>

Methods

View Source

Get(String, Input<String>, WebAclState, CustomResourceOptions)

Get an existing WebAcl resource's state with the given name, ID, and optional extra properties used to qualify the lookup.

Declaration
public static WebAcl Get(string name, Input<string> id, WebAclState state = null, CustomResourceOptions options = null)
Parameters
Type Name Description
System.String name

The unique name of the resulting resource.
Input<System.String> id

The unique provider ID of the resource to lookup.
WebAclState state

Any extra arguments used during the lookup.
CustomResourceOptions options

A bag of options that control this resource's behavior
Returns
Type Description
WebAcl