amazonka-wafv2-2.0: Amazon WAFV2 SDK.
Copyright(c) 2013-2023 Brendan Hay
LicenseMozilla Public License, v. 2.0.
MaintainerBrendan Hay
Stabilityauto-generated
Portabilitynon-portable (GHC extensions)
Safe HaskellSafe-Inferred
LanguageHaskell2010

Amazonka.WAFV2.Types.ManagedRuleGroupStatement

Description

 
Synopsis

Documentation

data ManagedRuleGroupStatement Source #

A rule statement used to run the rules that are defined in a managed rule group. To use this, provide the vendor name and the name of the rule group in this statement. You can retrieve the required names by calling ListAvailableManagedRuleGroups.

You cannot nest a ManagedRuleGroupStatement, for example for use inside a NotStatement or OrStatement. It can only be referenced as a top-level statement within a rule.

You are charged additional fees when you use the WAF Bot Control managed rule group AWSManagedRulesBotControlRuleSet or the WAF Fraud Control account takeover prevention (ATP) managed rule group AWSManagedRulesATPRuleSet. For more information, see WAF Pricing.

See: newManagedRuleGroupStatement smart constructor.

Constructors

ManagedRuleGroupStatement' 

Fields

  • excludedRules :: Maybe [ExcludedRule]

    Rules in the referenced rule group whose actions are set to Count.

    Instead of this option, use RuleActionOverrides. It accepts any valid action setting, including Count.

  • managedRuleGroupConfigs :: Maybe (NonEmpty ManagedRuleGroupConfig)

    Additional information that's used by a managed rule group. Many managed rule groups don't require this.

    Use the AWSManagedRulesBotControlRuleSet configuration object to configure the protection level that you want the Bot Control rule group to use.

  • ruleActionOverrides :: Maybe (NonEmpty RuleActionOverride)

    Action settings to use in the place of the rule actions that are configured inside the rule group. You specify one override for each rule whose action you want to change.

    You can use overrides for testing, for example you can override all of rule actions to Count and then monitor the resulting count metrics to understand how the rule group would handle your web traffic. You can also permanently override some or all actions, to modify how the rule group manages your web traffic.

  • scopeDownStatement :: Maybe Statement

    An optional nested statement that narrows the scope of the web requests that are evaluated by the managed rule group. Requests are only evaluated by the rule group if they match the scope-down statement. You can use any nestable Statement in the scope-down statement, and you can nest statements at any level, the same as you can for a rule statement.

  • version :: Maybe Text

    The version of the managed rule group to use. If you specify this, the version setting is fixed until you change it. If you don't specify this, WAF uses the vendor's default version, and then keeps the version at the vendor's default when the vendor updates the managed rule group settings.

  • vendorName :: Text

    The name of the managed rule group vendor. You use this, along with the rule group name, to identify the rule group.

  • name :: Text

    The name of the managed rule group. You use this, along with the vendor name, to identify the rule group.

Instances

Instances details
FromJSON ManagedRuleGroupStatement Source # 
Instance details

Defined in Amazonka.WAFV2.Types.ManagedRuleGroupStatement

Methods

parseJSON :: Value -> Parser ManagedRuleGroupStatement #

parseJSONList :: Value -> Parser [ManagedRuleGroupStatement] #

ToJSON ManagedRuleGroupStatement Source # 
Instance details

Defined in Amazonka.WAFV2.Types.ManagedRuleGroupStatement

Methods

toJSON :: ManagedRuleGroupStatement -> Value #

toEncoding :: ManagedRuleGroupStatement -> Encoding #

toJSONList :: [ManagedRuleGroupStatement] -> Value #

toEncodingList :: [ManagedRuleGroupStatement] -> Encoding #

Generic ManagedRuleGroupStatement Source # 
Instance details

Defined in Amazonka.WAFV2.Types.ManagedRuleGroupStatement

Associated Types

type Rep ManagedRuleGroupStatement :: Type -> Type #

Methods

from :: ManagedRuleGroupStatement -> Rep ManagedRuleGroupStatement x #

to :: Rep ManagedRuleGroupStatement x -> ManagedRuleGroupStatement #

Read ManagedRuleGroupStatement Source # 
Instance details

Defined in Amazonka.WAFV2.Types.ManagedRuleGroupStatement

Methods

readsPrec :: Int -> ReadS ManagedRuleGroupStatement #

readList :: ReadS [ManagedRuleGroupStatement] #

readPrec :: ReadPrec ManagedRuleGroupStatement #

readListPrec :: ReadPrec [ManagedRuleGroupStatement] #

Show ManagedRuleGroupStatement Source # 
Instance details

Defined in Amazonka.WAFV2.Types.ManagedRuleGroupStatement

Methods

showsPrec :: Int -> ManagedRuleGroupStatement -> ShowS #

show :: ManagedRuleGroupStatement -> String #

showList :: [ManagedRuleGroupStatement] -> ShowS #

NFData ManagedRuleGroupStatement Source # 
Instance details

Defined in Amazonka.WAFV2.Types.ManagedRuleGroupStatement

Methods

rnf :: ManagedRuleGroupStatement -> () #

Eq ManagedRuleGroupStatement Source # 
Instance details

Defined in Amazonka.WAFV2.Types.ManagedRuleGroupStatement

Methods

(==) :: ManagedRuleGroupStatement -> ManagedRuleGroupStatement -> Bool #

(/=) :: ManagedRuleGroupStatement -> ManagedRuleGroupStatement -> Bool #

Hashable ManagedRuleGroupStatement Source # 
Instance details

Defined in Amazonka.WAFV2.Types.ManagedRuleGroupStatement

Methods

hashWithSalt :: Int -> ManagedRuleGroupStatement -> Int #

hash :: ManagedRuleGroupStatement -> Int #

type Rep ManagedRuleGroupStatement Source # 
Instance details

Defined in Amazonka.WAFV2.Types.ManagedRuleGroupStatement

type Rep ManagedRuleGroupStatement = D1 ('MetaData "ManagedRuleGroupStatement" "Amazonka.WAFV2.Types.ManagedRuleGroupStatement" "amazonka-wafv2-2.0-3v3WgpYn7RT5hSd6MsT5dN" 'False) (C1 ('MetaCons "ManagedRuleGroupStatement'" 'PrefixI 'True) ((S1 ('MetaSel ('Just "excludedRules") 'NoSourceUnpackedness 'NoSourceStrictness 'DecidedStrict) (Rec0 (Maybe [ExcludedRule])) :*: (S1 ('MetaSel ('Just "managedRuleGroupConfigs") 'NoSourceUnpackedness 'NoSourceStrictness 'DecidedStrict) (Rec0 (Maybe (NonEmpty ManagedRuleGroupConfig))) :*: S1 ('MetaSel ('Just "ruleActionOverrides") 'NoSourceUnpackedness 'NoSourceStrictness 'DecidedStrict) (Rec0 (Maybe (NonEmpty RuleActionOverride))))) :*: ((S1 ('MetaSel ('Just "scopeDownStatement") 'NoSourceUnpackedness 'NoSourceStrictness 'DecidedStrict) (Rec0 (Maybe Statement)) :*: S1 ('MetaSel ('Just "version") 'NoSourceUnpackedness 'NoSourceStrictness 'DecidedStrict) (Rec0 (Maybe Text))) :*: (S1 ('MetaSel ('Just "vendorName") 'NoSourceUnpackedness 'NoSourceStrictness 'DecidedStrict) (Rec0 Text) :*: S1 ('MetaSel ('Just "name") 'NoSourceUnpackedness 'NoSourceStrictness 'DecidedStrict) (Rec0 Text)))))

newManagedRuleGroupStatement Source #

Arguments

:: Text

$sel:vendorName:ManagedRuleGroupStatement'

-> Text

RuleActionOverride

-> ManagedRuleGroupStatement 

Create a value of ManagedRuleGroupStatement with all optional fields omitted.

Use generic-lens or optics to modify other optional fields.

The following record fields are available, with the corresponding lenses provided for backwards compatibility:

$sel:excludedRules:ManagedRuleGroupStatement', managedRuleGroupStatement_excludedRules - Rules in the referenced rule group whose actions are set to Count.

Instead of this option, use RuleActionOverrides. It accepts any valid action setting, including Count.

$sel:managedRuleGroupConfigs:ManagedRuleGroupStatement', managedRuleGroupStatement_managedRuleGroupConfigs - Additional information that's used by a managed rule group. Many managed rule groups don't require this.

Use the AWSManagedRulesBotControlRuleSet configuration object to configure the protection level that you want the Bot Control rule group to use.

$sel:ruleActionOverrides:ManagedRuleGroupStatement', managedRuleGroupStatement_ruleActionOverrides - Action settings to use in the place of the rule actions that are configured inside the rule group. You specify one override for each rule whose action you want to change.

You can use overrides for testing, for example you can override all of rule actions to Count and then monitor the resulting count metrics to understand how the rule group would handle your web traffic. You can also permanently override some or all actions, to modify how the rule group manages your web traffic.

$sel:scopeDownStatement:ManagedRuleGroupStatement', managedRuleGroupStatement_scopeDownStatement - An optional nested statement that narrows the scope of the web requests that are evaluated by the managed rule group. Requests are only evaluated by the rule group if they match the scope-down statement. You can use any nestable Statement in the scope-down statement, and you can nest statements at any level, the same as you can for a rule statement.

$sel:version:ManagedRuleGroupStatement', managedRuleGroupStatement_version - The version of the managed rule group to use. If you specify this, the version setting is fixed until you change it. If you don't specify this, WAF uses the vendor's default version, and then keeps the version at the vendor's default when the vendor updates the managed rule group settings.

$sel:vendorName:ManagedRuleGroupStatement', managedRuleGroupStatement_vendorName - The name of the managed rule group vendor. You use this, along with the rule group name, to identify the rule group.

RuleActionOverride, managedRuleGroupStatement_name - The name of the managed rule group. You use this, along with the vendor name, to identify the rule group.

managedRuleGroupStatement_excludedRules :: Lens' ManagedRuleGroupStatement (Maybe [ExcludedRule]) Source #

Rules in the referenced rule group whose actions are set to Count.

Instead of this option, use RuleActionOverrides. It accepts any valid action setting, including Count.

managedRuleGroupStatement_managedRuleGroupConfigs :: Lens' ManagedRuleGroupStatement (Maybe (NonEmpty ManagedRuleGroupConfig)) Source #

Additional information that's used by a managed rule group. Many managed rule groups don't require this.

Use the AWSManagedRulesBotControlRuleSet configuration object to configure the protection level that you want the Bot Control rule group to use.

managedRuleGroupStatement_ruleActionOverrides :: Lens' ManagedRuleGroupStatement (Maybe (NonEmpty RuleActionOverride)) Source #

Action settings to use in the place of the rule actions that are configured inside the rule group. You specify one override for each rule whose action you want to change.

You can use overrides for testing, for example you can override all of rule actions to Count and then monitor the resulting count metrics to understand how the rule group would handle your web traffic. You can also permanently override some or all actions, to modify how the rule group manages your web traffic.

managedRuleGroupStatement_scopeDownStatement :: Lens' ManagedRuleGroupStatement (Maybe Statement) Source #

An optional nested statement that narrows the scope of the web requests that are evaluated by the managed rule group. Requests are only evaluated by the rule group if they match the scope-down statement. You can use any nestable Statement in the scope-down statement, and you can nest statements at any level, the same as you can for a rule statement.

managedRuleGroupStatement_version :: Lens' ManagedRuleGroupStatement (Maybe Text) Source #

The version of the managed rule group to use. If you specify this, the version setting is fixed until you change it. If you don't specify this, WAF uses the vendor's default version, and then keeps the version at the vendor's default when the vendor updates the managed rule group settings.

managedRuleGroupStatement_vendorName :: Lens' ManagedRuleGroupStatement Text Source #

The name of the managed rule group vendor. You use this, along with the rule group name, to identify the rule group.

managedRuleGroupStatement_name :: Lens' ManagedRuleGroupStatement Text Source #

The name of the managed rule group. You use this, along with the vendor name, to identify the rule group.