Copyright | (c) 2013-2023 Brendan Hay |
---|---|
License | Mozilla Public License, v. 2.0. |
Maintainer | Brendan Hay |
Stability | auto-generated |
Portability | non-portable (GHC extensions) |
Safe Haskell | Safe-Inferred |
Language | Haskell2010 |
Synopsis
- data ManagedRuleGroupStatement = ManagedRuleGroupStatement' {}
- newManagedRuleGroupStatement :: Text -> Text -> ManagedRuleGroupStatement
- managedRuleGroupStatement_excludedRules :: Lens' ManagedRuleGroupStatement (Maybe [ExcludedRule])
- managedRuleGroupStatement_managedRuleGroupConfigs :: Lens' ManagedRuleGroupStatement (Maybe (NonEmpty ManagedRuleGroupConfig))
- managedRuleGroupStatement_ruleActionOverrides :: Lens' ManagedRuleGroupStatement (Maybe (NonEmpty RuleActionOverride))
- managedRuleGroupStatement_scopeDownStatement :: Lens' ManagedRuleGroupStatement (Maybe Statement)
- managedRuleGroupStatement_version :: Lens' ManagedRuleGroupStatement (Maybe Text)
- managedRuleGroupStatement_vendorName :: Lens' ManagedRuleGroupStatement Text
- managedRuleGroupStatement_name :: Lens' ManagedRuleGroupStatement Text
Documentation
data ManagedRuleGroupStatement Source #
A rule statement used to run the rules that are defined in a managed rule group. To use this, provide the vendor name and the name of the rule group in this statement. You can retrieve the required names by calling ListAvailableManagedRuleGroups.
You cannot nest a ManagedRuleGroupStatement
, for example for use
inside a NotStatement
or OrStatement
. It can only be referenced as a
top-level statement within a rule.
You are charged additional fees when you use the WAF Bot Control managed
rule group AWSManagedRulesBotControlRuleSet
or the WAF Fraud Control
account takeover prevention (ATP) managed rule group
AWSManagedRulesATPRuleSet
. For more information, see
WAF Pricing.
See: newManagedRuleGroupStatement
smart constructor.
ManagedRuleGroupStatement' | |
|
Instances
newManagedRuleGroupStatement Source #
:: Text | |
-> Text | |
-> ManagedRuleGroupStatement |
Create a value of ManagedRuleGroupStatement
with all optional fields omitted.
Use generic-lens or optics to modify other optional fields.
The following record fields are available, with the corresponding lenses provided for backwards compatibility:
$sel:excludedRules:ManagedRuleGroupStatement'
, managedRuleGroupStatement_excludedRules
- Rules in the referenced rule group whose actions are set to Count
.
Instead of this option, use RuleActionOverrides
. It accepts any valid
action setting, including Count
.
$sel:managedRuleGroupConfigs:ManagedRuleGroupStatement'
, managedRuleGroupStatement_managedRuleGroupConfigs
- Additional information that's used by a managed rule group. Many
managed rule groups don't require this.
Use the AWSManagedRulesBotControlRuleSet
configuration object to
configure the protection level that you want the Bot Control rule group
to use.
$sel:ruleActionOverrides:ManagedRuleGroupStatement'
, managedRuleGroupStatement_ruleActionOverrides
- Action settings to use in the place of the rule actions that are
configured inside the rule group. You specify one override for each rule
whose action you want to change.
You can use overrides for testing, for example you can override all of
rule actions to Count
and then monitor the resulting count metrics to
understand how the rule group would handle your web traffic. You can
also permanently override some or all actions, to modify how the rule
group manages your web traffic.
$sel:scopeDownStatement:ManagedRuleGroupStatement'
, managedRuleGroupStatement_scopeDownStatement
- An optional nested statement that narrows the scope of the web requests
that are evaluated by the managed rule group. Requests are only
evaluated by the rule group if they match the scope-down statement. You
can use any nestable Statement in the scope-down statement, and you can
nest statements at any level, the same as you can for a rule statement.
$sel:version:ManagedRuleGroupStatement'
, managedRuleGroupStatement_version
- The version of the managed rule group to use. If you specify this, the
version setting is fixed until you change it. If you don't specify
this, WAF uses the vendor's default version, and then keeps the version
at the vendor's default when the vendor updates the managed rule group
settings.
$sel:vendorName:ManagedRuleGroupStatement'
, managedRuleGroupStatement_vendorName
- The name of the managed rule group vendor. You use this, along with the
rule group name, to identify the rule group.
RuleActionOverride
, managedRuleGroupStatement_name
- The name of the managed rule group. You use this, along with the vendor
name, to identify the rule group.
managedRuleGroupStatement_excludedRules :: Lens' ManagedRuleGroupStatement (Maybe [ExcludedRule]) Source #
Rules in the referenced rule group whose actions are set to Count
.
Instead of this option, use RuleActionOverrides
. It accepts any valid
action setting, including Count
.
managedRuleGroupStatement_managedRuleGroupConfigs :: Lens' ManagedRuleGroupStatement (Maybe (NonEmpty ManagedRuleGroupConfig)) Source #
Additional information that's used by a managed rule group. Many managed rule groups don't require this.
Use the AWSManagedRulesBotControlRuleSet
configuration object to
configure the protection level that you want the Bot Control rule group
to use.
managedRuleGroupStatement_ruleActionOverrides :: Lens' ManagedRuleGroupStatement (Maybe (NonEmpty RuleActionOverride)) Source #
Action settings to use in the place of the rule actions that are configured inside the rule group. You specify one override for each rule whose action you want to change.
You can use overrides for testing, for example you can override all of
rule actions to Count
and then monitor the resulting count metrics to
understand how the rule group would handle your web traffic. You can
also permanently override some or all actions, to modify how the rule
group manages your web traffic.
managedRuleGroupStatement_scopeDownStatement :: Lens' ManagedRuleGroupStatement (Maybe Statement) Source #
An optional nested statement that narrows the scope of the web requests that are evaluated by the managed rule group. Requests are only evaluated by the rule group if they match the scope-down statement. You can use any nestable Statement in the scope-down statement, and you can nest statements at any level, the same as you can for a rule statement.
managedRuleGroupStatement_version :: Lens' ManagedRuleGroupStatement (Maybe Text) Source #
The version of the managed rule group to use. If you specify this, the version setting is fixed until you change it. If you don't specify this, WAF uses the vendor's default version, and then keeps the version at the vendor's default when the vendor updates the managed rule group settings.
managedRuleGroupStatement_vendorName :: Lens' ManagedRuleGroupStatement Text Source #
The name of the managed rule group vendor. You use this, along with the rule group name, to identify the rule group.
managedRuleGroupStatement_name :: Lens' ManagedRuleGroupStatement Text Source #
The name of the managed rule group. You use this, along with the vendor name, to identify the rule group.