Namespace Pulumi.Aws.Waf
Classes
ByteMatchSet
Provides a WAF Byte Match Set Resource
Example Usage
using Pulumi;
using Aws = Pulumi.Aws;
class MyStack : Stack
{
public MyStack()
{
var byteSet = new Aws.Waf.ByteMatchSet("byteSet", new Aws.Waf.ByteMatchSetArgs
{
ByteMatchTuples =
{
new Aws.Waf.Inputs.ByteMatchSetByteMatchTupleArgs
{
FieldToMatch = new Aws.Waf.Inputs.ByteMatchSetByteMatchTupleFieldToMatchArgs
{
Data = "referer",
Type = "HEADER",
},
PositionalConstraint = "CONTAINS",
TargetString = "badrefer1",
TextTransformation = "NONE",
},
},
});
}
}
ByteMatchSetArgs
ByteMatchSetState
GeoMatchSet
Provides a WAF Geo Match Set Resource
Example Usage
using Pulumi;
using Aws = Pulumi.Aws;
class MyStack : Stack
{
public MyStack()
{
var geoMatchSet = new Aws.Waf.GeoMatchSet("geoMatchSet", new Aws.Waf.GeoMatchSetArgs
{
GeoMatchConstraints =
{
new Aws.Waf.Inputs.GeoMatchSetGeoMatchConstraintArgs
{
Type = "Country",
Value = "US",
},
new Aws.Waf.Inputs.GeoMatchSetGeoMatchConstraintArgs
{
Type = "Country",
Value = "CA",
},
},
});
}
}
GeoMatchSetArgs
GeoMatchSetState
GetIpset
GetIpsetArgs
GetIpsetResult
GetRateBasedRule
GetRateBasedRuleArgs
GetRateBasedRuleResult
GetRule
GetRuleArgs
GetRuleResult
GetWebAcl
GetWebAclArgs
GetWebAclResult
IpSet
Provides a WAF IPSet Resource
Example Usage
using Pulumi;
using Aws = Pulumi.Aws;
class MyStack : Stack
{
public MyStack()
{
var ipset = new Aws.Waf.IpSet("ipset", new Aws.Waf.IpSetArgs
{
IpSetDescriptors =
{
new Aws.Waf.Inputs.IpSetIpSetDescriptorArgs
{
Type = "IPV4",
Value = "192.0.7.0/24",
},
new Aws.Waf.Inputs.IpSetIpSetDescriptorArgs
{
Type = "IPV4",
Value = "10.16.16.0/16",
},
},
});
}
}
IpSetArgs
IpSetState
RateBasedRule
Provides a WAF Rate Based Rule Resource
Example Usage
using Pulumi;
using Aws = Pulumi.Aws;
class MyStack : Stack
{
public MyStack()
{
var ipset = new Aws.Waf.IpSet("ipset", new Aws.Waf.IpSetArgs
{
IpSetDescriptors =
{
new Aws.Waf.Inputs.IpSetIpSetDescriptorArgs
{
Type = "IPV4",
Value = "192.0.7.0/24",
},
},
});
var wafrule = new Aws.Waf.RateBasedRule("wafrule", new Aws.Waf.RateBasedRuleArgs
{
MetricName = "tfWAFRule",
Predicates =
{
new Aws.Waf.Inputs.RateBasedRulePredicateArgs
{
DataId = ipset.Id,
Negated = false,
Type = "IPMatch",
},
},
RateKey = "IP",
RateLimit = 100,
});
}
}
RateBasedRuleArgs
RateBasedRuleState
RegexMatchSet
Provides a WAF Regex Match Set Resource
Example Usage
using Pulumi;
using Aws = Pulumi.Aws;
class MyStack : Stack
{
public MyStack()
{
var exampleRegexPatternSet = new Aws.Waf.RegexPatternSet("exampleRegexPatternSet", new Aws.Waf.RegexPatternSetArgs
{
RegexPatternStrings =
{
"one",
"two",
},
});
var exampleRegexMatchSet = new Aws.Waf.RegexMatchSet("exampleRegexMatchSet", new Aws.Waf.RegexMatchSetArgs
{
RegexMatchTuples =
{
new Aws.Waf.Inputs.RegexMatchSetRegexMatchTupleArgs
{
FieldToMatch = new Aws.Waf.Inputs.RegexMatchSetRegexMatchTupleFieldToMatchArgs
{
Data = "User-Agent",
Type = "HEADER",
},
RegexPatternSetId = exampleRegexPatternSet.Id,
TextTransformation = "NONE",
},
},
});
}
}
RegexMatchSetArgs
RegexMatchSetState
RegexPatternSet
Provides a WAF Regex Pattern Set Resource
Example Usage
using Pulumi;
using Aws = Pulumi.Aws;
class MyStack : Stack
{
public MyStack()
{
var example = new Aws.Waf.RegexPatternSet("example", new Aws.Waf.RegexPatternSetArgs
{
RegexPatternStrings =
{
"one",
"two",
},
});
}
}
RegexPatternSetArgs
RegexPatternSetState
Rule
Provides a WAF Rule Resource
Example Usage
using Pulumi;
using Aws = Pulumi.Aws;
class MyStack : Stack
{
public MyStack()
{
var ipset = new Aws.Waf.IpSet("ipset", new Aws.Waf.IpSetArgs
{
IpSetDescriptors =
{
new Aws.Waf.Inputs.IpSetIpSetDescriptorArgs
{
Type = "IPV4",
Value = "192.0.7.0/24",
},
},
});
var wafrule = new Aws.Waf.Rule("wafrule", new Aws.Waf.RuleArgs
{
MetricName = "tfWAFRule",
Predicates =
{
new Aws.Waf.Inputs.RulePredicateArgs
{
DataId = ipset.Id,
Negated = false,
Type = "IPMatch",
},
},
});
}
}
RuleArgs
RuleGroup
Provides a WAF Rule Group Resource
Example Usage
using Pulumi;
using Aws = Pulumi.Aws;
class MyStack : Stack
{
public MyStack()
{
var exampleRule = new Aws.Waf.Rule("exampleRule", new Aws.Waf.RuleArgs
{
MetricName = "example",
});
var exampleRuleGroup = new Aws.Waf.RuleGroup("exampleRuleGroup", new Aws.Waf.RuleGroupArgs
{
ActivatedRules =
{
new Aws.Waf.Inputs.RuleGroupActivatedRuleArgs
{
Action = new Aws.Waf.Inputs.RuleGroupActivatedRuleActionArgs
{
Type = "COUNT",
},
Priority = 50,
RuleId = exampleRule.Id,
},
},
MetricName = "example",
});
}
}
RuleGroupArgs
RuleGroupState
RuleState
SizeConstraintSet
Provides a WAF Size Constraint Set Resource
Example Usage
using Pulumi;
using Aws = Pulumi.Aws;
class MyStack : Stack
{
public MyStack()
{
var sizeConstraintSet = new Aws.Waf.SizeConstraintSet("sizeConstraintSet", new Aws.Waf.SizeConstraintSetArgs
{
SizeConstraints =
{
new Aws.Waf.Inputs.SizeConstraintSetSizeConstraintArgs
{
ComparisonOperator = "EQ",
FieldToMatch = new Aws.Waf.Inputs.SizeConstraintSetSizeConstraintFieldToMatchArgs
{
Type = "BODY",
},
Size = "4096",
TextTransformation = "NONE",
},
},
});
}
}
SizeConstraintSetArgs
SizeConstraintSetState
SqlInjectionMatchSet
Provides a WAF SQL Injection Match Set Resource
Example Usage
using Pulumi;
using Aws = Pulumi.Aws;
class MyStack : Stack
{
public MyStack()
{
var sqlInjectionMatchSet = new Aws.Waf.SqlInjectionMatchSet("sqlInjectionMatchSet", new Aws.Waf.SqlInjectionMatchSetArgs
{
SqlInjectionMatchTuples =
{
new Aws.Waf.Inputs.SqlInjectionMatchSetSqlInjectionMatchTupleArgs
{
FieldToMatch = new Aws.Waf.Inputs.SqlInjectionMatchSetSqlInjectionMatchTupleFieldToMatchArgs
{
Type = "QUERY_STRING",
},
TextTransformation = "URL_DECODE",
},
},
});
}
}
SqlInjectionMatchSetArgs
SqlInjectionMatchSetState
WebAcl
Provides a WAF Web ACL Resource
Example Usage
using Pulumi;
using Aws = Pulumi.Aws;
class MyStack : Stack
{
public MyStack()
{
var ipset = new Aws.Waf.IpSet("ipset", new Aws.Waf.IpSetArgs
{
IpSetDescriptors =
{
new Aws.Waf.Inputs.IpSetIpSetDescriptorArgs
{
Type = "IPV4",
Value = "192.0.7.0/24",
},
},
});
var wafrule = new Aws.Waf.Rule("wafrule", new Aws.Waf.RuleArgs
{
MetricName = "tfWAFRule",
Predicates =
{
new Aws.Waf.Inputs.RulePredicateArgs
{
DataId = ipset.Id,
Negated = false,
Type = "IPMatch",
},
},
});
var wafAcl = new Aws.Waf.WebAcl("wafAcl", new Aws.Waf.WebAclArgs
{
DefaultAction = new Aws.Waf.Inputs.WebAclDefaultActionArgs
{
Type = "ALLOW",
},
MetricName = "tfWebACL",
Rules =
{
new Aws.Waf.Inputs.WebAclRuleArgs
{
Action = new Aws.Waf.Inputs.WebAclRuleActionArgs
{
Type = "BLOCK",
},
Priority = 1,
RuleId = wafrule.Id,
Type = "REGULAR",
},
},
});
}
}
Logging
using Pulumi;
using Aws = Pulumi.Aws;
class MyStack : Stack
{
public MyStack()
{
var example = new Aws.Waf.WebAcl("example", new Aws.Waf.WebAclArgs
{
LoggingConfiguration = new Aws.Waf.Inputs.WebAclLoggingConfigurationArgs
{
LogDestination = aws_kinesis_firehose_delivery_stream.Example.Arn,
RedactedFields = new Aws.Waf.Inputs.WebAclLoggingConfigurationRedactedFieldsArgs
{
FieldToMatch =
{
{
{ "type", "URI" },
},
{
{ "data", "referer" },
{ "type", "HEADER" },
},
},
},
},
});
}
}
WebAclArgs
WebAclState
XssMatchSet
Provides a WAF XSS Match Set Resource
Example Usage
using Pulumi;
using Aws = Pulumi.Aws;
class MyStack : Stack
{
public MyStack()
{
var xssMatchSet = new Aws.Waf.XssMatchSet("xssMatchSet", new Aws.Waf.XssMatchSetArgs
{
XssMatchTuples =
{
new Aws.Waf.Inputs.XssMatchSetXssMatchTupleArgs
{
FieldToMatch = new Aws.Waf.Inputs.XssMatchSetXssMatchTupleFieldToMatchArgs
{
Type = "URI",
},
TextTransformation = "NONE",
},
new Aws.Waf.Inputs.XssMatchSetXssMatchTupleArgs
{
FieldToMatch = new Aws.Waf.Inputs.XssMatchSetXssMatchTupleFieldToMatchArgs
{
Type = "QUERY_STRING",
},
TextTransformation = "NONE",
},
},
});
}
}