Class WebAcl
Provides a WAF Regional Web ACL Resource for use with Application Load Balancer.
Example Usage
Regular Rule
using Pulumi;
using Aws = Pulumi.Aws;
class MyStack : Stack
{
public MyStack()
{
var ipset = new Aws.WafRegional.IpSet("ipset", new Aws.WafRegional.IpSetArgs
{
IpSetDescriptors =
{
new Aws.WafRegional.Inputs.IpSetIpSetDescriptorArgs
{
Type = "IPV4",
Value = "192.0.7.0/24",
},
},
});
var wafrule = new Aws.WafRegional.Rule("wafrule", new Aws.WafRegional.RuleArgs
{
MetricName = "tfWAFRule",
Predicates =
{
new Aws.WafRegional.Inputs.RulePredicateArgs
{
DataId = ipset.Id,
Negated = false,
Type = "IPMatch",
},
},
});
var wafacl = new Aws.WafRegional.WebAcl("wafacl", new Aws.WafRegional.WebAclArgs
{
DefaultAction = new Aws.WafRegional.Inputs.WebAclDefaultActionArgs
{
Type = "ALLOW",
},
MetricName = "tfWebACL",
Rules =
{
new Aws.WafRegional.Inputs.WebAclRuleArgs
{
Action = new Aws.WafRegional.Inputs.WebAclRuleActionArgs
{
Type = "BLOCK",
},
Priority = 1,
RuleId = wafrule.Id,
Type = "REGULAR",
},
},
});
}
}
Group Rule
using Pulumi;
using Aws = Pulumi.Aws;
class MyStack : Stack
{
public MyStack()
{
var example = new Aws.WafRegional.WebAcl("example", new Aws.WafRegional.WebAclArgs
{
DefaultAction = new Aws.WafRegional.Inputs.WebAclDefaultActionArgs
{
Type = "ALLOW",
},
MetricName = "example",
Rules =
{
new Aws.WafRegional.Inputs.WebAclRuleArgs
{
OverrideAction = new Aws.WafRegional.Inputs.WebAclRuleOverrideActionArgs
{
Type = "NONE",
},
Priority = 1,
RuleId = aws_wafregional_rule_group.Example.Id,
Type = "GROUP",
},
},
});
}
}
Logging
using Pulumi;
using Aws = Pulumi.Aws;
class MyStack : Stack
{
public MyStack()
{
var example = new Aws.WafRegional.WebAcl("example", new Aws.WafRegional.WebAclArgs
{
LoggingConfiguration = new Aws.WafRegional.Inputs.WebAclLoggingConfigurationArgs
{
LogDestination = aws_kinesis_firehose_delivery_stream.Example.Arn,
RedactedFields = new Aws.WafRegional.Inputs.WebAclLoggingConfigurationRedactedFieldsArgs
{
FieldToMatch =
{
{
{ "type", "URI" },
},
{
{ "data", "referer" },
{ "type", "HEADER" },
},
},
},
},
});
}
}
Inherited Members
System.Object.Equals(System.Object)
System.Object.Equals(System.Object, System.Object)
System.Object.GetHashCode()
System.Object.GetType()
System.Object.MemberwiseClone()
System.Object.ReferenceEquals(System.Object, System.Object)
System.Object.ToString()
Namespace: Pulumi.Aws.WafRegional
Assembly: Pulumi.Aws.dll
Syntax
public class WebAcl : CustomResourceConstructors
View SourceWebAcl(String, WebAclArgs, CustomResourceOptions)
Create a WebAcl resource with the given unique name, arguments, and options.
Declaration
public WebAcl(string name, WebAclArgs args, CustomResourceOptions options = null)Parameters
| Type | Name | Description |
|---|---|---|
| System.String | name | The unique name of the resource |
| WebAclArgs | args | The arguments used to populate this resource's properties |
| CustomResourceOptions | options | A bag of options that control this resource's behavior |
Properties
View SourceArn
Amazon Resource Name (ARN) of the WAF Regional WebACL.
Declaration
public Output<string> Arn { get; }Property Value
| Type | Description |
|---|---|
| Output<System.String> |
DefaultAction
The action that you want AWS WAF Regional to take when a request doesn't match the criteria in any of the rules that are associated with the web ACL.
Declaration
public Output<WebAclDefaultAction> DefaultAction { get; }Property Value
| Type | Description |
|---|---|
| Output<WebAclDefaultAction> |
LoggingConfiguration
Configuration block to enable WAF logging. Detailed below.
Declaration
public Output<WebAclLoggingConfiguration> LoggingConfiguration { get; }Property Value
| Type | Description |
|---|---|
| Output<WebAclLoggingConfiguration> |
MetricName
The name or description for the Amazon CloudWatch metric of this web ACL.
Declaration
public Output<string> MetricName { get; }Property Value
| Type | Description |
|---|---|
| Output<System.String> |
Name
The name or description of the web ACL.
Declaration
public Output<string> Name { get; }Property Value
| Type | Description |
|---|---|
| Output<System.String> |
Rules
Set of configuration blocks containing rules for the web ACL. Detailed below.
Declaration
public Output<ImmutableArray<WebAclRule>> Rules { get; }Property Value
| Type | Description |
|---|---|
| Output<System.Collections.Immutable.ImmutableArray<WebAclRule>> |
Tags
Key-value map of resource tags
Declaration
public Output<ImmutableDictionary<string, object>> Tags { get; }Property Value
| Type | Description |
|---|---|
| Output<System.Collections.Immutable.ImmutableDictionary<System.String, System.Object>> |
Methods
View SourceGet(String, Input<String>, WebAclState, CustomResourceOptions)
Get an existing WebAcl resource's state with the given name, ID, and optional extra properties used to qualify the lookup.
Declaration
public static WebAcl Get(string name, Input<string> id, WebAclState state = null, CustomResourceOptions options = null)Parameters
| Type | Name | Description |
|---|---|---|
| System.String | name | The unique name of the resulting resource. |
| Input<System.String> | id | The unique provider ID of the resource to lookup. |
| WebAclState | state | Any extra arguments used during the lookup. |
| CustomResourceOptions | options | A bag of options that control this resource's behavior |
Returns
| Type | Description |
|---|---|
| WebAcl |