{-# LANGUAGE DeriveGeneric #-}
{-# LANGUAGE DuplicateRecordFields #-}
{-# LANGUAGE NamedFieldPuns #-}
{-# LANGUAGE OverloadedStrings #-}
{-# LANGUAGE RecordWildCards #-}
{-# LANGUAGE StrictData #-}
{-# LANGUAGE NoImplicitPrelude #-}
{-# OPTIONS_GHC -fno-warn-unused-imports #-}
{-# OPTIONS_GHC -fno-warn-unused-matches #-}

-- Derived from AWS service descriptions, licensed under Apache 2.0.

-- |
-- Module      : Amazonka.WAF.Types.RateBasedRule
-- Copyright   : (c) 2013-2023 Brendan Hay
-- License     : Mozilla Public License, v. 2.0.
-- Maintainer  : Brendan Hay
-- Stability   : auto-generated
-- Portability : non-portable (GHC extensions)
module Amazonka.WAF.Types.RateBasedRule where

import qualified Amazonka.Core as Core
import qualified Amazonka.Core.Lens.Internal as Lens
import qualified Amazonka.Data as Data
import qualified Amazonka.Prelude as Prelude
import Amazonka.WAF.Types.Predicate
import Amazonka.WAF.Types.RateKey

-- | This is __AWS WAF Classic__ documentation. For more information, see
-- <https://docs.aws.amazon.com/waf/latest/developerguide/classic-waf-chapter.html AWS WAF Classic>
-- in the developer guide.
--
-- __For the latest version of AWS WAF__, use the AWS WAFV2 API and see the
-- <https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html AWS WAF Developer Guide>.
-- With the latest version, AWS WAF has a single set of endpoints for
-- regional and global use.
--
-- A @RateBasedRule@ is identical to a regular Rule, with one addition: a
-- @RateBasedRule@ counts the number of requests that arrive from a
-- specified IP address every five minutes. For example, based on recent
-- requests that you\'ve seen from an attacker, you might create a
-- @RateBasedRule@ that includes the following conditions:
--
-- -   The requests come from 192.0.2.44.
--
-- -   They contain the value @BadBot@ in the @User-Agent@ header.
--
-- In the rule, you also define the rate limit as 1,000.
--
-- Requests that meet both of these conditions and exceed 1,000 requests
-- every five minutes trigger the rule\'s action (block or count), which is
-- defined in the web ACL.
--
-- /See:/ 'newRateBasedRule' smart constructor.
data RateBasedRule = RateBasedRule'
  { -- | A friendly name or description for the metrics for a @RateBasedRule@.
    -- The name can contain only alphanumeric characters (A-Z, a-z, 0-9), with
    -- maximum length 128 and minimum length one. It can\'t contain whitespace
    -- or metric names reserved for AWS WAF, including \"All\" and
    -- \"Default_Action.\" You can\'t change the name of the metric after you
    -- create the @RateBasedRule@.
    RateBasedRule -> Maybe Text
metricName :: Prelude.Maybe Prelude.Text,
    -- | A friendly name or description for a @RateBasedRule@. You can\'t change
    -- the name of a @RateBasedRule@ after you create it.
    RateBasedRule -> Maybe Text
name :: Prelude.Maybe Prelude.Text,
    -- | A unique identifier for a @RateBasedRule@. You use @RuleId@ to get more
    -- information about a @RateBasedRule@ (see GetRateBasedRule), update a
    -- @RateBasedRule@ (see UpdateRateBasedRule), insert a @RateBasedRule@ into
    -- a @WebACL@ or delete one from a @WebACL@ (see UpdateWebACL), or delete a
    -- @RateBasedRule@ from AWS WAF (see DeleteRateBasedRule).
    RateBasedRule -> Text
ruleId :: Prelude.Text,
    -- | The @Predicates@ object contains one @Predicate@ element for each
    -- ByteMatchSet, IPSet, or SqlInjectionMatchSet object that you want to
    -- include in a @RateBasedRule@.
    RateBasedRule -> [Predicate]
matchPredicates :: [Predicate],
    -- | The field that AWS WAF uses to determine if requests are likely arriving
    -- from single source and thus subject to rate monitoring. The only valid
    -- value for @RateKey@ is @IP@. @IP@ indicates that requests arriving from
    -- the same IP address are subject to the @RateLimit@ that is specified in
    -- the @RateBasedRule@.
    RateBasedRule -> RateKey
rateKey :: RateKey,
    -- | The maximum number of requests, which have an identical value in the
    -- field specified by the @RateKey@, allowed in a five-minute period. If
    -- the number of requests exceeds the @RateLimit@ and the other predicates
    -- specified in the rule are also met, AWS WAF triggers the action that is
    -- specified for this rule.
    RateBasedRule -> Natural
rateLimit :: Prelude.Natural
  }
  deriving (RateBasedRule -> RateBasedRule -> Bool
forall a. (a -> a -> Bool) -> (a -> a -> Bool) -> Eq a
/= :: RateBasedRule -> RateBasedRule -> Bool
$c/= :: RateBasedRule -> RateBasedRule -> Bool
== :: RateBasedRule -> RateBasedRule -> Bool
$c== :: RateBasedRule -> RateBasedRule -> Bool
Prelude.Eq, ReadPrec [RateBasedRule]
ReadPrec RateBasedRule
Int -> ReadS RateBasedRule
ReadS [RateBasedRule]
forall a.
(Int -> ReadS a)
-> ReadS [a] -> ReadPrec a -> ReadPrec [a] -> Read a
readListPrec :: ReadPrec [RateBasedRule]
$creadListPrec :: ReadPrec [RateBasedRule]
readPrec :: ReadPrec RateBasedRule
$creadPrec :: ReadPrec RateBasedRule
readList :: ReadS [RateBasedRule]
$creadList :: ReadS [RateBasedRule]
readsPrec :: Int -> ReadS RateBasedRule
$creadsPrec :: Int -> ReadS RateBasedRule
Prelude.Read, Int -> RateBasedRule -> ShowS
[RateBasedRule] -> ShowS
RateBasedRule -> String
forall a.
(Int -> a -> ShowS) -> (a -> String) -> ([a] -> ShowS) -> Show a
showList :: [RateBasedRule] -> ShowS
$cshowList :: [RateBasedRule] -> ShowS
show :: RateBasedRule -> String
$cshow :: RateBasedRule -> String
showsPrec :: Int -> RateBasedRule -> ShowS
$cshowsPrec :: Int -> RateBasedRule -> ShowS
Prelude.Show, forall x. Rep RateBasedRule x -> RateBasedRule
forall x. RateBasedRule -> Rep RateBasedRule x
forall a.
(forall x. a -> Rep a x) -> (forall x. Rep a x -> a) -> Generic a
$cto :: forall x. Rep RateBasedRule x -> RateBasedRule
$cfrom :: forall x. RateBasedRule -> Rep RateBasedRule x
Prelude.Generic)

-- |
-- Create a value of 'RateBasedRule' with all optional fields omitted.
--
-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
--
-- The following record fields are available, with the corresponding lenses provided
-- for backwards compatibility:
--
-- 'metricName', 'rateBasedRule_metricName' - A friendly name or description for the metrics for a @RateBasedRule@.
-- The name can contain only alphanumeric characters (A-Z, a-z, 0-9), with
-- maximum length 128 and minimum length one. It can\'t contain whitespace
-- or metric names reserved for AWS WAF, including \"All\" and
-- \"Default_Action.\" You can\'t change the name of the metric after you
-- create the @RateBasedRule@.
--
-- 'name', 'rateBasedRule_name' - A friendly name or description for a @RateBasedRule@. You can\'t change
-- the name of a @RateBasedRule@ after you create it.
--
-- 'ruleId', 'rateBasedRule_ruleId' - A unique identifier for a @RateBasedRule@. You use @RuleId@ to get more
-- information about a @RateBasedRule@ (see GetRateBasedRule), update a
-- @RateBasedRule@ (see UpdateRateBasedRule), insert a @RateBasedRule@ into
-- a @WebACL@ or delete one from a @WebACL@ (see UpdateWebACL), or delete a
-- @RateBasedRule@ from AWS WAF (see DeleteRateBasedRule).
--
-- 'matchPredicates', 'rateBasedRule_matchPredicates' - The @Predicates@ object contains one @Predicate@ element for each
-- ByteMatchSet, IPSet, or SqlInjectionMatchSet object that you want to
-- include in a @RateBasedRule@.
--
-- 'rateKey', 'rateBasedRule_rateKey' - The field that AWS WAF uses to determine if requests are likely arriving
-- from single source and thus subject to rate monitoring. The only valid
-- value for @RateKey@ is @IP@. @IP@ indicates that requests arriving from
-- the same IP address are subject to the @RateLimit@ that is specified in
-- the @RateBasedRule@.
--
-- 'rateLimit', 'rateBasedRule_rateLimit' - The maximum number of requests, which have an identical value in the
-- field specified by the @RateKey@, allowed in a five-minute period. If
-- the number of requests exceeds the @RateLimit@ and the other predicates
-- specified in the rule are also met, AWS WAF triggers the action that is
-- specified for this rule.
newRateBasedRule ::
  -- | 'ruleId'
  Prelude.Text ->
  -- | 'rateKey'
  RateKey ->
  -- | 'rateLimit'
  Prelude.Natural ->
  RateBasedRule
newRateBasedRule :: Text -> RateKey -> Natural -> RateBasedRule
newRateBasedRule Text
pRuleId_ RateKey
pRateKey_ Natural
pRateLimit_ =
  RateBasedRule'
    { $sel:metricName:RateBasedRule' :: Maybe Text
metricName = forall a. Maybe a
Prelude.Nothing,
      $sel:name:RateBasedRule' :: Maybe Text
name = forall a. Maybe a
Prelude.Nothing,
      $sel:ruleId:RateBasedRule' :: Text
ruleId = Text
pRuleId_,
      $sel:matchPredicates:RateBasedRule' :: [Predicate]
matchPredicates = forall a. Monoid a => a
Prelude.mempty,
      $sel:rateKey:RateBasedRule' :: RateKey
rateKey = RateKey
pRateKey_,
      $sel:rateLimit:RateBasedRule' :: Natural
rateLimit = Natural
pRateLimit_
    }

-- | A friendly name or description for the metrics for a @RateBasedRule@.
-- The name can contain only alphanumeric characters (A-Z, a-z, 0-9), with
-- maximum length 128 and minimum length one. It can\'t contain whitespace
-- or metric names reserved for AWS WAF, including \"All\" and
-- \"Default_Action.\" You can\'t change the name of the metric after you
-- create the @RateBasedRule@.
rateBasedRule_metricName :: Lens.Lens' RateBasedRule (Prelude.Maybe Prelude.Text)
rateBasedRule_metricName :: Lens' RateBasedRule (Maybe Text)
rateBasedRule_metricName = forall s a b t. (s -> a) -> (s -> b -> t) -> Lens s t a b
Lens.lens (\RateBasedRule' {Maybe Text
metricName :: Maybe Text
$sel:metricName:RateBasedRule' :: RateBasedRule -> Maybe Text
metricName} -> Maybe Text
metricName) (\s :: RateBasedRule
s@RateBasedRule' {} Maybe Text
a -> RateBasedRule
s {$sel:metricName:RateBasedRule' :: Maybe Text
metricName = Maybe Text
a} :: RateBasedRule)

-- | A friendly name or description for a @RateBasedRule@. You can\'t change
-- the name of a @RateBasedRule@ after you create it.
rateBasedRule_name :: Lens.Lens' RateBasedRule (Prelude.Maybe Prelude.Text)
rateBasedRule_name :: Lens' RateBasedRule (Maybe Text)
rateBasedRule_name = forall s a b t. (s -> a) -> (s -> b -> t) -> Lens s t a b
Lens.lens (\RateBasedRule' {Maybe Text
name :: Maybe Text
$sel:name:RateBasedRule' :: RateBasedRule -> Maybe Text
name} -> Maybe Text
name) (\s :: RateBasedRule
s@RateBasedRule' {} Maybe Text
a -> RateBasedRule
s {$sel:name:RateBasedRule' :: Maybe Text
name = Maybe Text
a} :: RateBasedRule)

-- | A unique identifier for a @RateBasedRule@. You use @RuleId@ to get more
-- information about a @RateBasedRule@ (see GetRateBasedRule), update a
-- @RateBasedRule@ (see UpdateRateBasedRule), insert a @RateBasedRule@ into
-- a @WebACL@ or delete one from a @WebACL@ (see UpdateWebACL), or delete a
-- @RateBasedRule@ from AWS WAF (see DeleteRateBasedRule).
rateBasedRule_ruleId :: Lens.Lens' RateBasedRule Prelude.Text
rateBasedRule_ruleId :: Lens' RateBasedRule Text
rateBasedRule_ruleId = forall s a b t. (s -> a) -> (s -> b -> t) -> Lens s t a b
Lens.lens (\RateBasedRule' {Text
ruleId :: Text
$sel:ruleId:RateBasedRule' :: RateBasedRule -> Text
ruleId} -> Text
ruleId) (\s :: RateBasedRule
s@RateBasedRule' {} Text
a -> RateBasedRule
s {$sel:ruleId:RateBasedRule' :: Text
ruleId = Text
a} :: RateBasedRule)

-- | The @Predicates@ object contains one @Predicate@ element for each
-- ByteMatchSet, IPSet, or SqlInjectionMatchSet object that you want to
-- include in a @RateBasedRule@.
rateBasedRule_matchPredicates :: Lens.Lens' RateBasedRule [Predicate]
rateBasedRule_matchPredicates :: Lens' RateBasedRule [Predicate]
rateBasedRule_matchPredicates = forall s a b t. (s -> a) -> (s -> b -> t) -> Lens s t a b
Lens.lens (\RateBasedRule' {[Predicate]
matchPredicates :: [Predicate]
$sel:matchPredicates:RateBasedRule' :: RateBasedRule -> [Predicate]
matchPredicates} -> [Predicate]
matchPredicates) (\s :: RateBasedRule
s@RateBasedRule' {} [Predicate]
a -> RateBasedRule
s {$sel:matchPredicates:RateBasedRule' :: [Predicate]
matchPredicates = [Predicate]
a} :: RateBasedRule) forall b c a. (b -> c) -> (a -> b) -> a -> c
Prelude.. forall s t a b. (Coercible s a, Coercible t b) => Iso s t a b
Lens.coerced

-- | The field that AWS WAF uses to determine if requests are likely arriving
-- from single source and thus subject to rate monitoring. The only valid
-- value for @RateKey@ is @IP@. @IP@ indicates that requests arriving from
-- the same IP address are subject to the @RateLimit@ that is specified in
-- the @RateBasedRule@.
rateBasedRule_rateKey :: Lens.Lens' RateBasedRule RateKey
rateBasedRule_rateKey :: Lens' RateBasedRule RateKey
rateBasedRule_rateKey = forall s a b t. (s -> a) -> (s -> b -> t) -> Lens s t a b
Lens.lens (\RateBasedRule' {RateKey
rateKey :: RateKey
$sel:rateKey:RateBasedRule' :: RateBasedRule -> RateKey
rateKey} -> RateKey
rateKey) (\s :: RateBasedRule
s@RateBasedRule' {} RateKey
a -> RateBasedRule
s {$sel:rateKey:RateBasedRule' :: RateKey
rateKey = RateKey
a} :: RateBasedRule)

-- | The maximum number of requests, which have an identical value in the
-- field specified by the @RateKey@, allowed in a five-minute period. If
-- the number of requests exceeds the @RateLimit@ and the other predicates
-- specified in the rule are also met, AWS WAF triggers the action that is
-- specified for this rule.
rateBasedRule_rateLimit :: Lens.Lens' RateBasedRule Prelude.Natural
rateBasedRule_rateLimit :: Lens' RateBasedRule Natural
rateBasedRule_rateLimit = forall s a b t. (s -> a) -> (s -> b -> t) -> Lens s t a b
Lens.lens (\RateBasedRule' {Natural
rateLimit :: Natural
$sel:rateLimit:RateBasedRule' :: RateBasedRule -> Natural
rateLimit} -> Natural
rateLimit) (\s :: RateBasedRule
s@RateBasedRule' {} Natural
a -> RateBasedRule
s {$sel:rateLimit:RateBasedRule' :: Natural
rateLimit = Natural
a} :: RateBasedRule)

instance Data.FromJSON RateBasedRule where
  parseJSON :: Value -> Parser RateBasedRule
parseJSON =
    forall a. String -> (Object -> Parser a) -> Value -> Parser a
Data.withObject
      String
"RateBasedRule"
      ( \Object
x ->
          Maybe Text
-> Maybe Text
-> Text
-> [Predicate]
-> RateKey
-> Natural
-> RateBasedRule
RateBasedRule'
            forall (f :: * -> *) a b. Functor f => (a -> b) -> f a -> f b
Prelude.<$> (Object
x forall a. FromJSON a => Object -> Key -> Parser (Maybe a)
Data..:? Key
"MetricName")
            forall (f :: * -> *) a b. Applicative f => f (a -> b) -> f a -> f b
Prelude.<*> (Object
x forall a. FromJSON a => Object -> Key -> Parser (Maybe a)
Data..:? Key
"Name")
            forall (f :: * -> *) a b. Applicative f => f (a -> b) -> f a -> f b
Prelude.<*> (Object
x forall a. FromJSON a => Object -> Key -> Parser a
Data..: Key
"RuleId")
            forall (f :: * -> *) a b. Applicative f => f (a -> b) -> f a -> f b
Prelude.<*> ( Object
x
                            forall a. FromJSON a => Object -> Key -> Parser (Maybe a)
Data..:? Key
"MatchPredicates"
                            forall a. Parser (Maybe a) -> a -> Parser a
Data..!= forall a. Monoid a => a
Prelude.mempty
                        )
            forall (f :: * -> *) a b. Applicative f => f (a -> b) -> f a -> f b
Prelude.<*> (Object
x forall a. FromJSON a => Object -> Key -> Parser a
Data..: Key
"RateKey")
            forall (f :: * -> *) a b. Applicative f => f (a -> b) -> f a -> f b
Prelude.<*> (Object
x forall a. FromJSON a => Object -> Key -> Parser a
Data..: Key
"RateLimit")
      )

instance Prelude.Hashable RateBasedRule where
  hashWithSalt :: Int -> RateBasedRule -> Int
hashWithSalt Int
_salt RateBasedRule' {Natural
[Predicate]
Maybe Text
Text
RateKey
rateLimit :: Natural
rateKey :: RateKey
matchPredicates :: [Predicate]
ruleId :: Text
name :: Maybe Text
metricName :: Maybe Text
$sel:rateLimit:RateBasedRule' :: RateBasedRule -> Natural
$sel:rateKey:RateBasedRule' :: RateBasedRule -> RateKey
$sel:matchPredicates:RateBasedRule' :: RateBasedRule -> [Predicate]
$sel:ruleId:RateBasedRule' :: RateBasedRule -> Text
$sel:name:RateBasedRule' :: RateBasedRule -> Maybe Text
$sel:metricName:RateBasedRule' :: RateBasedRule -> Maybe Text
..} =
    Int
_salt
      forall a. Hashable a => Int -> a -> Int
`Prelude.hashWithSalt` Maybe Text
metricName
      forall a. Hashable a => Int -> a -> Int
`Prelude.hashWithSalt` Maybe Text
name
      forall a. Hashable a => Int -> a -> Int
`Prelude.hashWithSalt` Text
ruleId
      forall a. Hashable a => Int -> a -> Int
`Prelude.hashWithSalt` [Predicate]
matchPredicates
      forall a. Hashable a => Int -> a -> Int
`Prelude.hashWithSalt` RateKey
rateKey
      forall a. Hashable a => Int -> a -> Int
`Prelude.hashWithSalt` Natural
rateLimit

instance Prelude.NFData RateBasedRule where
  rnf :: RateBasedRule -> ()
rnf RateBasedRule' {Natural
[Predicate]
Maybe Text
Text
RateKey
rateLimit :: Natural
rateKey :: RateKey
matchPredicates :: [Predicate]
ruleId :: Text
name :: Maybe Text
metricName :: Maybe Text
$sel:rateLimit:RateBasedRule' :: RateBasedRule -> Natural
$sel:rateKey:RateBasedRule' :: RateBasedRule -> RateKey
$sel:matchPredicates:RateBasedRule' :: RateBasedRule -> [Predicate]
$sel:ruleId:RateBasedRule' :: RateBasedRule -> Text
$sel:name:RateBasedRule' :: RateBasedRule -> Maybe Text
$sel:metricName:RateBasedRule' :: RateBasedRule -> Maybe Text
..} =
    forall a. NFData a => a -> ()
Prelude.rnf Maybe Text
metricName
      seq :: forall a b. a -> b -> b
`Prelude.seq` forall a. NFData a => a -> ()
Prelude.rnf Maybe Text
name
      seq :: forall a b. a -> b -> b
`Prelude.seq` forall a. NFData a => a -> ()
Prelude.rnf Text
ruleId
      seq :: forall a b. a -> b -> b
`Prelude.seq` forall a. NFData a => a -> ()
Prelude.rnf [Predicate]
matchPredicates
      seq :: forall a b. a -> b -> b
`Prelude.seq` forall a. NFData a => a -> ()
Prelude.rnf RateKey
rateKey
      seq :: forall a b. a -> b -> b
`Prelude.seq` forall a. NFData a => a -> ()
Prelude.rnf Natural
rateLimit