{-# LANGUAGE DeriveGeneric #-}
{-# LANGUAGE DuplicateRecordFields #-}
{-# LANGUAGE NamedFieldPuns #-}
{-# LANGUAGE OverloadedStrings #-}
{-# LANGUAGE RecordWildCards #-}
{-# LANGUAGE StrictData #-}
{-# LANGUAGE NoImplicitPrelude #-}
{-# OPTIONS_GHC -fno-warn-unused-imports #-}
{-# OPTIONS_GHC -fno-warn-unused-matches #-}

-- Derived from AWS service descriptions, licensed under Apache 2.0.

-- |
-- Module      : Amazonka.WAFV2.Types.WebACL
-- Copyright   : (c) 2013-2023 Brendan Hay
-- License     : Mozilla Public License, v. 2.0.
-- Maintainer  : Brendan Hay
-- Stability   : auto-generated
-- Portability : non-portable (GHC extensions)
module Amazonka.WAFV2.Types.WebACL where

import qualified Amazonka.Core as Core
import qualified Amazonka.Core.Lens.Internal as Lens
import qualified Amazonka.Data as Data
import qualified Amazonka.Prelude as Prelude
import Amazonka.WAFV2.Types.CaptchaConfig
import Amazonka.WAFV2.Types.ChallengeConfig
import Amazonka.WAFV2.Types.CustomResponseBody
import Amazonka.WAFV2.Types.DefaultAction
import Amazonka.WAFV2.Types.FirewallManagerRuleGroup
import Amazonka.WAFV2.Types.Rule
import Amazonka.WAFV2.Types.VisibilityConfig

-- | A web ACL defines a collection of rules to use to inspect and control
-- web requests. Each rule has an action defined (allow, block, or count)
-- for requests that match the statement of the rule. In the web ACL, you
-- assign a default action to take (allow, block) for any request that does
-- not match any of the rules. The rules in a web ACL can be a combination
-- of the types Rule, RuleGroup, and managed rule group. You can associate
-- a web ACL with one or more Amazon Web Services resources to protect. The
-- resources can be an Amazon CloudFront distribution, an Amazon API
-- Gateway REST API, an Application Load Balancer, an AppSync GraphQL API,
-- or an Amazon Cognito user pool.
--
-- /See:/ 'newWebACL' smart constructor.
data WebACL = WebACL'
  { -- | The web ACL capacity units (WCUs) currently being used by this web ACL.
    --
    -- WAF uses WCUs to calculate and control the operating resources that are
    -- used to run your rules, rule groups, and web ACLs. WAF calculates
    -- capacity differently for each rule type, to reflect the relative cost of
    -- each rule. Simple rules that cost little to run use fewer WCUs than more
    -- complex rules that use more processing power. Rule group capacity is
    -- fixed at creation, which helps users plan their web ACL WCU usage when
    -- they use a rule group. The WCU limit for web ACLs is 1,500.
    WebACL -> Maybe Natural
capacity :: Prelude.Maybe Prelude.Natural,
    -- | Specifies how WAF should handle @CAPTCHA@ evaluations for rules that
    -- don\'t have their own @CaptchaConfig@ settings. If you don\'t specify
    -- this, WAF uses its default settings for @CaptchaConfig@.
    WebACL -> Maybe CaptchaConfig
captchaConfig :: Prelude.Maybe CaptchaConfig,
    -- | Specifies how WAF should handle challenge evaluations for rules that
    -- don\'t have their own @ChallengeConfig@ settings. If you don\'t specify
    -- this, WAF uses its default settings for @ChallengeConfig@.
    WebACL -> Maybe ChallengeConfig
challengeConfig :: Prelude.Maybe ChallengeConfig,
    -- | A map of custom response keys and content bodies. When you create a rule
    -- with a block action, you can send a custom response to the web request.
    -- You define these for the web ACL, and then use them in the rules and
    -- default actions that you define in the web ACL.
    --
    -- For information about customizing web requests and responses, see
    -- <https://docs.aws.amazon.com/waf/latest/developerguide/waf-custom-request-response.html Customizing web requests and responses in WAF>
    -- in the
    -- <https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html WAF Developer Guide>.
    --
    -- For information about the limits on count and size for custom request
    -- and response settings, see
    -- <https://docs.aws.amazon.com/waf/latest/developerguide/limits.html WAF quotas>
    -- in the
    -- <https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html WAF Developer Guide>.
    WebACL -> Maybe (HashMap Text CustomResponseBody)
customResponseBodies :: Prelude.Maybe (Prelude.HashMap Prelude.Text CustomResponseBody),
    -- | A description of the web ACL that helps with identification.
    WebACL -> Maybe Text
description :: Prelude.Maybe Prelude.Text,
    -- | The label namespace prefix for this web ACL. All labels added by rules
    -- in this web ACL have this prefix.
    --
    -- -   The syntax for the label namespace prefix for a web ACL is the
    --     following:
    --
    --     @awswaf:\<account ID>:webacl:\<web ACL name>:@
    --
    -- -   When a rule with a label matches a web request, WAF adds the fully
    --     qualified label to the request. A fully qualified label is made up
    --     of the label namespace from the rule group or web ACL where the rule
    --     is defined and the label from the rule, separated by a colon:
    --
    --     @\<label namespace>:\<label from rule>@
    WebACL -> Maybe Text
labelNamespace :: Prelude.Maybe Prelude.Text,
    -- | Indicates whether this web ACL is managed by Firewall Manager. If true,
    -- then only Firewall Manager can delete the web ACL or any Firewall
    -- Manager rule groups in the web ACL.
    WebACL -> Maybe Bool
managedByFirewallManager :: Prelude.Maybe Prelude.Bool,
    -- | The last set of rules for WAF to process in the web ACL. This is defined
    -- in an Firewall Manager WAF policy and contains only rule group
    -- references. You can\'t alter these. Any rules and rule groups that you
    -- define for the web ACL are prioritized before these.
    --
    -- In the Firewall Manager WAF policy, the Firewall Manager administrator
    -- can define a set of rule groups to run first in the web ACL and a set of
    -- rule groups to run last. Within each set, the administrator prioritizes
    -- the rule groups, to determine their relative processing order.
    WebACL -> Maybe [FirewallManagerRuleGroup]
postProcessFirewallManagerRuleGroups :: Prelude.Maybe [FirewallManagerRuleGroup],
    -- | The first set of rules for WAF to process in the web ACL. This is
    -- defined in an Firewall Manager WAF policy and contains only rule group
    -- references. You can\'t alter these. Any rules and rule groups that you
    -- define for the web ACL are prioritized after these.
    --
    -- In the Firewall Manager WAF policy, the Firewall Manager administrator
    -- can define a set of rule groups to run first in the web ACL and a set of
    -- rule groups to run last. Within each set, the administrator prioritizes
    -- the rule groups, to determine their relative processing order.
    WebACL -> Maybe [FirewallManagerRuleGroup]
preProcessFirewallManagerRuleGroups :: Prelude.Maybe [FirewallManagerRuleGroup],
    -- | The Rule statements used to identify the web requests that you want to
    -- allow, block, or count. Each rule includes one top-level statement that
    -- WAF uses to identify matching web requests, and parameters that govern
    -- how WAF handles them.
    WebACL -> Maybe [Rule]
rules :: Prelude.Maybe [Rule],
    -- | Specifies the domains that WAF should accept in a web request token.
    -- This enables the use of tokens across multiple protected websites. When
    -- WAF provides a token, it uses the domain of the Amazon Web Services
    -- resource that the web ACL is protecting. If you don\'t specify a list of
    -- token domains, WAF accepts tokens only for the domain of the protected
    -- resource. With a token domain list, WAF accepts the resource\'s host
    -- domain plus all domains in the token domain list, including their
    -- prefixed subdomains.
    WebACL -> Maybe (NonEmpty Text)
tokenDomains :: Prelude.Maybe (Prelude.NonEmpty Prelude.Text),
    -- | The name of the web ACL. You cannot change the name of a web ACL after
    -- you create it.
    WebACL -> Text
name :: Prelude.Text,
    -- | A unique identifier for the @WebACL@. This ID is returned in the
    -- responses to create and list commands. You use this ID to do things like
    -- get, update, and delete a @WebACL@.
    WebACL -> Text
id :: Prelude.Text,
    -- | The Amazon Resource Name (ARN) of the web ACL that you want to associate
    -- with the resource.
    WebACL -> Text
arn :: Prelude.Text,
    -- | The action to perform if none of the @Rules@ contained in the @WebACL@
    -- match.
    WebACL -> DefaultAction
defaultAction :: DefaultAction,
    -- | Defines and enables Amazon CloudWatch metrics and web request sample
    -- collection.
    WebACL -> VisibilityConfig
visibilityConfig :: VisibilityConfig
  }
  deriving (WebACL -> WebACL -> Bool
forall a. (a -> a -> Bool) -> (a -> a -> Bool) -> Eq a
/= :: WebACL -> WebACL -> Bool
$c/= :: WebACL -> WebACL -> Bool
== :: WebACL -> WebACL -> Bool
$c== :: WebACL -> WebACL -> Bool
Prelude.Eq, ReadPrec [WebACL]
ReadPrec WebACL
Int -> ReadS WebACL
ReadS [WebACL]
forall a.
(Int -> ReadS a)
-> ReadS [a] -> ReadPrec a -> ReadPrec [a] -> Read a
readListPrec :: ReadPrec [WebACL]
$creadListPrec :: ReadPrec [WebACL]
readPrec :: ReadPrec WebACL
$creadPrec :: ReadPrec WebACL
readList :: ReadS [WebACL]
$creadList :: ReadS [WebACL]
readsPrec :: Int -> ReadS WebACL
$creadsPrec :: Int -> ReadS WebACL
Prelude.Read, Int -> WebACL -> ShowS
[WebACL] -> ShowS
WebACL -> String
forall a.
(Int -> a -> ShowS) -> (a -> String) -> ([a] -> ShowS) -> Show a
showList :: [WebACL] -> ShowS
$cshowList :: [WebACL] -> ShowS
show :: WebACL -> String
$cshow :: WebACL -> String
showsPrec :: Int -> WebACL -> ShowS
$cshowsPrec :: Int -> WebACL -> ShowS
Prelude.Show, forall x. Rep WebACL x -> WebACL
forall x. WebACL -> Rep WebACL x
forall a.
(forall x. a -> Rep a x) -> (forall x. Rep a x -> a) -> Generic a
$cto :: forall x. Rep WebACL x -> WebACL
$cfrom :: forall x. WebACL -> Rep WebACL x
Prelude.Generic)

-- |
-- Create a value of 'WebACL' with all optional fields omitted.
--
-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
--
-- The following record fields are available, with the corresponding lenses provided
-- for backwards compatibility:
--
-- 'capacity', 'webACL_capacity' - The web ACL capacity units (WCUs) currently being used by this web ACL.
--
-- WAF uses WCUs to calculate and control the operating resources that are
-- used to run your rules, rule groups, and web ACLs. WAF calculates
-- capacity differently for each rule type, to reflect the relative cost of
-- each rule. Simple rules that cost little to run use fewer WCUs than more
-- complex rules that use more processing power. Rule group capacity is
-- fixed at creation, which helps users plan their web ACL WCU usage when
-- they use a rule group. The WCU limit for web ACLs is 1,500.
--
-- 'captchaConfig', 'webACL_captchaConfig' - Specifies how WAF should handle @CAPTCHA@ evaluations for rules that
-- don\'t have their own @CaptchaConfig@ settings. If you don\'t specify
-- this, WAF uses its default settings for @CaptchaConfig@.
--
-- 'challengeConfig', 'webACL_challengeConfig' - Specifies how WAF should handle challenge evaluations for rules that
-- don\'t have their own @ChallengeConfig@ settings. If you don\'t specify
-- this, WAF uses its default settings for @ChallengeConfig@.
--
-- 'customResponseBodies', 'webACL_customResponseBodies' - A map of custom response keys and content bodies. When you create a rule
-- with a block action, you can send a custom response to the web request.
-- You define these for the web ACL, and then use them in the rules and
-- default actions that you define in the web ACL.
--
-- For information about customizing web requests and responses, see
-- <https://docs.aws.amazon.com/waf/latest/developerguide/waf-custom-request-response.html Customizing web requests and responses in WAF>
-- in the
-- <https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html WAF Developer Guide>.
--
-- For information about the limits on count and size for custom request
-- and response settings, see
-- <https://docs.aws.amazon.com/waf/latest/developerguide/limits.html WAF quotas>
-- in the
-- <https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html WAF Developer Guide>.
--
-- 'description', 'webACL_description' - A description of the web ACL that helps with identification.
--
-- 'labelNamespace', 'webACL_labelNamespace' - The label namespace prefix for this web ACL. All labels added by rules
-- in this web ACL have this prefix.
--
-- -   The syntax for the label namespace prefix for a web ACL is the
--     following:
--
--     @awswaf:\<account ID>:webacl:\<web ACL name>:@
--
-- -   When a rule with a label matches a web request, WAF adds the fully
--     qualified label to the request. A fully qualified label is made up
--     of the label namespace from the rule group or web ACL where the rule
--     is defined and the label from the rule, separated by a colon:
--
--     @\<label namespace>:\<label from rule>@
--
-- 'managedByFirewallManager', 'webACL_managedByFirewallManager' - Indicates whether this web ACL is managed by Firewall Manager. If true,
-- then only Firewall Manager can delete the web ACL or any Firewall
-- Manager rule groups in the web ACL.
--
-- 'postProcessFirewallManagerRuleGroups', 'webACL_postProcessFirewallManagerRuleGroups' - The last set of rules for WAF to process in the web ACL. This is defined
-- in an Firewall Manager WAF policy and contains only rule group
-- references. You can\'t alter these. Any rules and rule groups that you
-- define for the web ACL are prioritized before these.
--
-- In the Firewall Manager WAF policy, the Firewall Manager administrator
-- can define a set of rule groups to run first in the web ACL and a set of
-- rule groups to run last. Within each set, the administrator prioritizes
-- the rule groups, to determine their relative processing order.
--
-- 'preProcessFirewallManagerRuleGroups', 'webACL_preProcessFirewallManagerRuleGroups' - The first set of rules for WAF to process in the web ACL. This is
-- defined in an Firewall Manager WAF policy and contains only rule group
-- references. You can\'t alter these. Any rules and rule groups that you
-- define for the web ACL are prioritized after these.
--
-- In the Firewall Manager WAF policy, the Firewall Manager administrator
-- can define a set of rule groups to run first in the web ACL and a set of
-- rule groups to run last. Within each set, the administrator prioritizes
-- the rule groups, to determine their relative processing order.
--
-- 'rules', 'webACL_rules' - The Rule statements used to identify the web requests that you want to
-- allow, block, or count. Each rule includes one top-level statement that
-- WAF uses to identify matching web requests, and parameters that govern
-- how WAF handles them.
--
-- 'tokenDomains', 'webACL_tokenDomains' - Specifies the domains that WAF should accept in a web request token.
-- This enables the use of tokens across multiple protected websites. When
-- WAF provides a token, it uses the domain of the Amazon Web Services
-- resource that the web ACL is protecting. If you don\'t specify a list of
-- token domains, WAF accepts tokens only for the domain of the protected
-- resource. With a token domain list, WAF accepts the resource\'s host
-- domain plus all domains in the token domain list, including their
-- prefixed subdomains.
--
-- 'name', 'webACL_name' - The name of the web ACL. You cannot change the name of a web ACL after
-- you create it.
--
-- 'id', 'webACL_id' - A unique identifier for the @WebACL@. This ID is returned in the
-- responses to create and list commands. You use this ID to do things like
-- get, update, and delete a @WebACL@.
--
-- 'arn', 'webACL_arn' - The Amazon Resource Name (ARN) of the web ACL that you want to associate
-- with the resource.
--
-- 'defaultAction', 'webACL_defaultAction' - The action to perform if none of the @Rules@ contained in the @WebACL@
-- match.
--
-- 'visibilityConfig', 'webACL_visibilityConfig' - Defines and enables Amazon CloudWatch metrics and web request sample
-- collection.
newWebACL ::
  -- | 'name'
  Prelude.Text ->
  -- | 'id'
  Prelude.Text ->
  -- | 'arn'
  Prelude.Text ->
  -- | 'defaultAction'
  DefaultAction ->
  -- | 'visibilityConfig'
  VisibilityConfig ->
  WebACL
newWebACL :: Text -> Text -> Text -> DefaultAction -> VisibilityConfig -> WebACL
newWebACL
  Text
pName_
  Text
pId_
  Text
pARN_
  DefaultAction
pDefaultAction_
  VisibilityConfig
pVisibilityConfig_ =
    WebACL'
      { $sel:capacity:WebACL' :: Maybe Natural
capacity = forall a. Maybe a
Prelude.Nothing,
        $sel:captchaConfig:WebACL' :: Maybe CaptchaConfig
captchaConfig = forall a. Maybe a
Prelude.Nothing,
        $sel:challengeConfig:WebACL' :: Maybe ChallengeConfig
challengeConfig = forall a. Maybe a
Prelude.Nothing,
        $sel:customResponseBodies:WebACL' :: Maybe (HashMap Text CustomResponseBody)
customResponseBodies = forall a. Maybe a
Prelude.Nothing,
        $sel:description:WebACL' :: Maybe Text
description = forall a. Maybe a
Prelude.Nothing,
        $sel:labelNamespace:WebACL' :: Maybe Text
labelNamespace = forall a. Maybe a
Prelude.Nothing,
        $sel:managedByFirewallManager:WebACL' :: Maybe Bool
managedByFirewallManager = forall a. Maybe a
Prelude.Nothing,
        $sel:postProcessFirewallManagerRuleGroups:WebACL' :: Maybe [FirewallManagerRuleGroup]
postProcessFirewallManagerRuleGroups =
          forall a. Maybe a
Prelude.Nothing,
        $sel:preProcessFirewallManagerRuleGroups:WebACL' :: Maybe [FirewallManagerRuleGroup]
preProcessFirewallManagerRuleGroups =
          forall a. Maybe a
Prelude.Nothing,
        $sel:rules:WebACL' :: Maybe [Rule]
rules = forall a. Maybe a
Prelude.Nothing,
        $sel:tokenDomains:WebACL' :: Maybe (NonEmpty Text)
tokenDomains = forall a. Maybe a
Prelude.Nothing,
        $sel:name:WebACL' :: Text
name = Text
pName_,
        $sel:id:WebACL' :: Text
id = Text
pId_,
        $sel:arn:WebACL' :: Text
arn = Text
pARN_,
        $sel:defaultAction:WebACL' :: DefaultAction
defaultAction = DefaultAction
pDefaultAction_,
        $sel:visibilityConfig:WebACL' :: VisibilityConfig
visibilityConfig = VisibilityConfig
pVisibilityConfig_
      }

-- | The web ACL capacity units (WCUs) currently being used by this web ACL.
--
-- WAF uses WCUs to calculate and control the operating resources that are
-- used to run your rules, rule groups, and web ACLs. WAF calculates
-- capacity differently for each rule type, to reflect the relative cost of
-- each rule. Simple rules that cost little to run use fewer WCUs than more
-- complex rules that use more processing power. Rule group capacity is
-- fixed at creation, which helps users plan their web ACL WCU usage when
-- they use a rule group. The WCU limit for web ACLs is 1,500.
webACL_capacity :: Lens.Lens' WebACL (Prelude.Maybe Prelude.Natural)
webACL_capacity :: Lens' WebACL (Maybe Natural)
webACL_capacity = forall s a b t. (s -> a) -> (s -> b -> t) -> Lens s t a b
Lens.lens (\WebACL' {Maybe Natural
capacity :: Maybe Natural
$sel:capacity:WebACL' :: WebACL -> Maybe Natural
capacity} -> Maybe Natural
capacity) (\s :: WebACL
s@WebACL' {} Maybe Natural
a -> WebACL
s {$sel:capacity:WebACL' :: Maybe Natural
capacity = Maybe Natural
a} :: WebACL)

-- | Specifies how WAF should handle @CAPTCHA@ evaluations for rules that
-- don\'t have their own @CaptchaConfig@ settings. If you don\'t specify
-- this, WAF uses its default settings for @CaptchaConfig@.
webACL_captchaConfig :: Lens.Lens' WebACL (Prelude.Maybe CaptchaConfig)
webACL_captchaConfig :: Lens' WebACL (Maybe CaptchaConfig)
webACL_captchaConfig = forall s a b t. (s -> a) -> (s -> b -> t) -> Lens s t a b
Lens.lens (\WebACL' {Maybe CaptchaConfig
captchaConfig :: Maybe CaptchaConfig
$sel:captchaConfig:WebACL' :: WebACL -> Maybe CaptchaConfig
captchaConfig} -> Maybe CaptchaConfig
captchaConfig) (\s :: WebACL
s@WebACL' {} Maybe CaptchaConfig
a -> WebACL
s {$sel:captchaConfig:WebACL' :: Maybe CaptchaConfig
captchaConfig = Maybe CaptchaConfig
a} :: WebACL)

-- | Specifies how WAF should handle challenge evaluations for rules that
-- don\'t have their own @ChallengeConfig@ settings. If you don\'t specify
-- this, WAF uses its default settings for @ChallengeConfig@.
webACL_challengeConfig :: Lens.Lens' WebACL (Prelude.Maybe ChallengeConfig)
webACL_challengeConfig :: Lens' WebACL (Maybe ChallengeConfig)
webACL_challengeConfig = forall s a b t. (s -> a) -> (s -> b -> t) -> Lens s t a b
Lens.lens (\WebACL' {Maybe ChallengeConfig
challengeConfig :: Maybe ChallengeConfig
$sel:challengeConfig:WebACL' :: WebACL -> Maybe ChallengeConfig
challengeConfig} -> Maybe ChallengeConfig
challengeConfig) (\s :: WebACL
s@WebACL' {} Maybe ChallengeConfig
a -> WebACL
s {$sel:challengeConfig:WebACL' :: Maybe ChallengeConfig
challengeConfig = Maybe ChallengeConfig
a} :: WebACL)

-- | A map of custom response keys and content bodies. When you create a rule
-- with a block action, you can send a custom response to the web request.
-- You define these for the web ACL, and then use them in the rules and
-- default actions that you define in the web ACL.
--
-- For information about customizing web requests and responses, see
-- <https://docs.aws.amazon.com/waf/latest/developerguide/waf-custom-request-response.html Customizing web requests and responses in WAF>
-- in the
-- <https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html WAF Developer Guide>.
--
-- For information about the limits on count and size for custom request
-- and response settings, see
-- <https://docs.aws.amazon.com/waf/latest/developerguide/limits.html WAF quotas>
-- in the
-- <https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html WAF Developer Guide>.
webACL_customResponseBodies :: Lens.Lens' WebACL (Prelude.Maybe (Prelude.HashMap Prelude.Text CustomResponseBody))
webACL_customResponseBodies :: Lens' WebACL (Maybe (HashMap Text CustomResponseBody))
webACL_customResponseBodies = forall s a b t. (s -> a) -> (s -> b -> t) -> Lens s t a b
Lens.lens (\WebACL' {Maybe (HashMap Text CustomResponseBody)
customResponseBodies :: Maybe (HashMap Text CustomResponseBody)
$sel:customResponseBodies:WebACL' :: WebACL -> Maybe (HashMap Text CustomResponseBody)
customResponseBodies} -> Maybe (HashMap Text CustomResponseBody)
customResponseBodies) (\s :: WebACL
s@WebACL' {} Maybe (HashMap Text CustomResponseBody)
a -> WebACL
s {$sel:customResponseBodies:WebACL' :: Maybe (HashMap Text CustomResponseBody)
customResponseBodies = Maybe (HashMap Text CustomResponseBody)
a} :: WebACL) forall b c a. (b -> c) -> (a -> b) -> a -> c
Prelude.. forall (f :: * -> *) (g :: * -> *) s t a b.
(Functor f, Functor g) =>
AnIso s t a b -> Iso (f s) (g t) (f a) (g b)
Lens.mapping forall s t a b. (Coercible s a, Coercible t b) => Iso s t a b
Lens.coerced

-- | A description of the web ACL that helps with identification.
webACL_description :: Lens.Lens' WebACL (Prelude.Maybe Prelude.Text)
webACL_description :: Lens' WebACL (Maybe Text)
webACL_description = forall s a b t. (s -> a) -> (s -> b -> t) -> Lens s t a b
Lens.lens (\WebACL' {Maybe Text
description :: Maybe Text
$sel:description:WebACL' :: WebACL -> Maybe Text
description} -> Maybe Text
description) (\s :: WebACL
s@WebACL' {} Maybe Text
a -> WebACL
s {$sel:description:WebACL' :: Maybe Text
description = Maybe Text
a} :: WebACL)

-- | The label namespace prefix for this web ACL. All labels added by rules
-- in this web ACL have this prefix.
--
-- -   The syntax for the label namespace prefix for a web ACL is the
--     following:
--
--     @awswaf:\<account ID>:webacl:\<web ACL name>:@
--
-- -   When a rule with a label matches a web request, WAF adds the fully
--     qualified label to the request. A fully qualified label is made up
--     of the label namespace from the rule group or web ACL where the rule
--     is defined and the label from the rule, separated by a colon:
--
--     @\<label namespace>:\<label from rule>@
webACL_labelNamespace :: Lens.Lens' WebACL (Prelude.Maybe Prelude.Text)
webACL_labelNamespace :: Lens' WebACL (Maybe Text)
webACL_labelNamespace = forall s a b t. (s -> a) -> (s -> b -> t) -> Lens s t a b
Lens.lens (\WebACL' {Maybe Text
labelNamespace :: Maybe Text
$sel:labelNamespace:WebACL' :: WebACL -> Maybe Text
labelNamespace} -> Maybe Text
labelNamespace) (\s :: WebACL
s@WebACL' {} Maybe Text
a -> WebACL
s {$sel:labelNamespace:WebACL' :: Maybe Text
labelNamespace = Maybe Text
a} :: WebACL)

-- | Indicates whether this web ACL is managed by Firewall Manager. If true,
-- then only Firewall Manager can delete the web ACL or any Firewall
-- Manager rule groups in the web ACL.
webACL_managedByFirewallManager :: Lens.Lens' WebACL (Prelude.Maybe Prelude.Bool)
webACL_managedByFirewallManager :: Lens' WebACL (Maybe Bool)
webACL_managedByFirewallManager = forall s a b t. (s -> a) -> (s -> b -> t) -> Lens s t a b
Lens.lens (\WebACL' {Maybe Bool
managedByFirewallManager :: Maybe Bool
$sel:managedByFirewallManager:WebACL' :: WebACL -> Maybe Bool
managedByFirewallManager} -> Maybe Bool
managedByFirewallManager) (\s :: WebACL
s@WebACL' {} Maybe Bool
a -> WebACL
s {$sel:managedByFirewallManager:WebACL' :: Maybe Bool
managedByFirewallManager = Maybe Bool
a} :: WebACL)

-- | The last set of rules for WAF to process in the web ACL. This is defined
-- in an Firewall Manager WAF policy and contains only rule group
-- references. You can\'t alter these. Any rules and rule groups that you
-- define for the web ACL are prioritized before these.
--
-- In the Firewall Manager WAF policy, the Firewall Manager administrator
-- can define a set of rule groups to run first in the web ACL and a set of
-- rule groups to run last. Within each set, the administrator prioritizes
-- the rule groups, to determine their relative processing order.
webACL_postProcessFirewallManagerRuleGroups :: Lens.Lens' WebACL (Prelude.Maybe [FirewallManagerRuleGroup])
webACL_postProcessFirewallManagerRuleGroups :: Lens' WebACL (Maybe [FirewallManagerRuleGroup])
webACL_postProcessFirewallManagerRuleGroups = forall s a b t. (s -> a) -> (s -> b -> t) -> Lens s t a b
Lens.lens (\WebACL' {Maybe [FirewallManagerRuleGroup]
postProcessFirewallManagerRuleGroups :: Maybe [FirewallManagerRuleGroup]
$sel:postProcessFirewallManagerRuleGroups:WebACL' :: WebACL -> Maybe [FirewallManagerRuleGroup]
postProcessFirewallManagerRuleGroups} -> Maybe [FirewallManagerRuleGroup]
postProcessFirewallManagerRuleGroups) (\s :: WebACL
s@WebACL' {} Maybe [FirewallManagerRuleGroup]
a -> WebACL
s {$sel:postProcessFirewallManagerRuleGroups:WebACL' :: Maybe [FirewallManagerRuleGroup]
postProcessFirewallManagerRuleGroups = Maybe [FirewallManagerRuleGroup]
a} :: WebACL) forall b c a. (b -> c) -> (a -> b) -> a -> c
Prelude.. forall (f :: * -> *) (g :: * -> *) s t a b.
(Functor f, Functor g) =>
AnIso s t a b -> Iso (f s) (g t) (f a) (g b)
Lens.mapping forall s t a b. (Coercible s a, Coercible t b) => Iso s t a b
Lens.coerced

-- | The first set of rules for WAF to process in the web ACL. This is
-- defined in an Firewall Manager WAF policy and contains only rule group
-- references. You can\'t alter these. Any rules and rule groups that you
-- define for the web ACL are prioritized after these.
--
-- In the Firewall Manager WAF policy, the Firewall Manager administrator
-- can define a set of rule groups to run first in the web ACL and a set of
-- rule groups to run last. Within each set, the administrator prioritizes
-- the rule groups, to determine their relative processing order.
webACL_preProcessFirewallManagerRuleGroups :: Lens.Lens' WebACL (Prelude.Maybe [FirewallManagerRuleGroup])
webACL_preProcessFirewallManagerRuleGroups :: Lens' WebACL (Maybe [FirewallManagerRuleGroup])
webACL_preProcessFirewallManagerRuleGroups = forall s a b t. (s -> a) -> (s -> b -> t) -> Lens s t a b
Lens.lens (\WebACL' {Maybe [FirewallManagerRuleGroup]
preProcessFirewallManagerRuleGroups :: Maybe [FirewallManagerRuleGroup]
$sel:preProcessFirewallManagerRuleGroups:WebACL' :: WebACL -> Maybe [FirewallManagerRuleGroup]
preProcessFirewallManagerRuleGroups} -> Maybe [FirewallManagerRuleGroup]
preProcessFirewallManagerRuleGroups) (\s :: WebACL
s@WebACL' {} Maybe [FirewallManagerRuleGroup]
a -> WebACL
s {$sel:preProcessFirewallManagerRuleGroups:WebACL' :: Maybe [FirewallManagerRuleGroup]
preProcessFirewallManagerRuleGroups = Maybe [FirewallManagerRuleGroup]
a} :: WebACL) forall b c a. (b -> c) -> (a -> b) -> a -> c
Prelude.. forall (f :: * -> *) (g :: * -> *) s t a b.
(Functor f, Functor g) =>
AnIso s t a b -> Iso (f s) (g t) (f a) (g b)
Lens.mapping forall s t a b. (Coercible s a, Coercible t b) => Iso s t a b
Lens.coerced

-- | The Rule statements used to identify the web requests that you want to
-- allow, block, or count. Each rule includes one top-level statement that
-- WAF uses to identify matching web requests, and parameters that govern
-- how WAF handles them.
webACL_rules :: Lens.Lens' WebACL (Prelude.Maybe [Rule])
webACL_rules :: Lens' WebACL (Maybe [Rule])
webACL_rules = forall s a b t. (s -> a) -> (s -> b -> t) -> Lens s t a b
Lens.lens (\WebACL' {Maybe [Rule]
rules :: Maybe [Rule]
$sel:rules:WebACL' :: WebACL -> Maybe [Rule]
rules} -> Maybe [Rule]
rules) (\s :: WebACL
s@WebACL' {} Maybe [Rule]
a -> WebACL
s {$sel:rules:WebACL' :: Maybe [Rule]
rules = Maybe [Rule]
a} :: WebACL) forall b c a. (b -> c) -> (a -> b) -> a -> c
Prelude.. forall (f :: * -> *) (g :: * -> *) s t a b.
(Functor f, Functor g) =>
AnIso s t a b -> Iso (f s) (g t) (f a) (g b)
Lens.mapping forall s t a b. (Coercible s a, Coercible t b) => Iso s t a b
Lens.coerced

-- | Specifies the domains that WAF should accept in a web request token.
-- This enables the use of tokens across multiple protected websites. When
-- WAF provides a token, it uses the domain of the Amazon Web Services
-- resource that the web ACL is protecting. If you don\'t specify a list of
-- token domains, WAF accepts tokens only for the domain of the protected
-- resource. With a token domain list, WAF accepts the resource\'s host
-- domain plus all domains in the token domain list, including their
-- prefixed subdomains.
webACL_tokenDomains :: Lens.Lens' WebACL (Prelude.Maybe (Prelude.NonEmpty Prelude.Text))
webACL_tokenDomains :: Lens' WebACL (Maybe (NonEmpty Text))
webACL_tokenDomains = forall s a b t. (s -> a) -> (s -> b -> t) -> Lens s t a b
Lens.lens (\WebACL' {Maybe (NonEmpty Text)
tokenDomains :: Maybe (NonEmpty Text)
$sel:tokenDomains:WebACL' :: WebACL -> Maybe (NonEmpty Text)
tokenDomains} -> Maybe (NonEmpty Text)
tokenDomains) (\s :: WebACL
s@WebACL' {} Maybe (NonEmpty Text)
a -> WebACL
s {$sel:tokenDomains:WebACL' :: Maybe (NonEmpty Text)
tokenDomains = Maybe (NonEmpty Text)
a} :: WebACL) forall b c a. (b -> c) -> (a -> b) -> a -> c
Prelude.. forall (f :: * -> *) (g :: * -> *) s t a b.
(Functor f, Functor g) =>
AnIso s t a b -> Iso (f s) (g t) (f a) (g b)
Lens.mapping forall s t a b. (Coercible s a, Coercible t b) => Iso s t a b
Lens.coerced

-- | The name of the web ACL. You cannot change the name of a web ACL after
-- you create it.
webACL_name :: Lens.Lens' WebACL Prelude.Text
webACL_name :: Lens' WebACL Text
webACL_name = forall s a b t. (s -> a) -> (s -> b -> t) -> Lens s t a b
Lens.lens (\WebACL' {Text
name :: Text
$sel:name:WebACL' :: WebACL -> Text
name} -> Text
name) (\s :: WebACL
s@WebACL' {} Text
a -> WebACL
s {$sel:name:WebACL' :: Text
name = Text
a} :: WebACL)

-- | A unique identifier for the @WebACL@. This ID is returned in the
-- responses to create and list commands. You use this ID to do things like
-- get, update, and delete a @WebACL@.
webACL_id :: Lens.Lens' WebACL Prelude.Text
webACL_id :: Lens' WebACL Text
webACL_id = forall s a b t. (s -> a) -> (s -> b -> t) -> Lens s t a b
Lens.lens (\WebACL' {Text
id :: Text
$sel:id:WebACL' :: WebACL -> Text
id} -> Text
id) (\s :: WebACL
s@WebACL' {} Text
a -> WebACL
s {$sel:id:WebACL' :: Text
id = Text
a} :: WebACL)

-- | The Amazon Resource Name (ARN) of the web ACL that you want to associate
-- with the resource.
webACL_arn :: Lens.Lens' WebACL Prelude.Text
webACL_arn :: Lens' WebACL Text
webACL_arn = forall s a b t. (s -> a) -> (s -> b -> t) -> Lens s t a b
Lens.lens (\WebACL' {Text
arn :: Text
$sel:arn:WebACL' :: WebACL -> Text
arn} -> Text
arn) (\s :: WebACL
s@WebACL' {} Text
a -> WebACL
s {$sel:arn:WebACL' :: Text
arn = Text
a} :: WebACL)

-- | The action to perform if none of the @Rules@ contained in the @WebACL@
-- match.
webACL_defaultAction :: Lens.Lens' WebACL DefaultAction
webACL_defaultAction :: Lens' WebACL DefaultAction
webACL_defaultAction = forall s a b t. (s -> a) -> (s -> b -> t) -> Lens s t a b
Lens.lens (\WebACL' {DefaultAction
defaultAction :: DefaultAction
$sel:defaultAction:WebACL' :: WebACL -> DefaultAction
defaultAction} -> DefaultAction
defaultAction) (\s :: WebACL
s@WebACL' {} DefaultAction
a -> WebACL
s {$sel:defaultAction:WebACL' :: DefaultAction
defaultAction = DefaultAction
a} :: WebACL)

-- | Defines and enables Amazon CloudWatch metrics and web request sample
-- collection.
webACL_visibilityConfig :: Lens.Lens' WebACL VisibilityConfig
webACL_visibilityConfig :: Lens' WebACL VisibilityConfig
webACL_visibilityConfig = forall s a b t. (s -> a) -> (s -> b -> t) -> Lens s t a b
Lens.lens (\WebACL' {VisibilityConfig
visibilityConfig :: VisibilityConfig
$sel:visibilityConfig:WebACL' :: WebACL -> VisibilityConfig
visibilityConfig} -> VisibilityConfig
visibilityConfig) (\s :: WebACL
s@WebACL' {} VisibilityConfig
a -> WebACL
s {$sel:visibilityConfig:WebACL' :: VisibilityConfig
visibilityConfig = VisibilityConfig
a} :: WebACL)

instance Data.FromJSON WebACL where
  parseJSON :: Value -> Parser WebACL
parseJSON =
    forall a. String -> (Object -> Parser a) -> Value -> Parser a
Data.withObject
      String
"WebACL"
      ( \Object
x ->
          Maybe Natural
-> Maybe CaptchaConfig
-> Maybe ChallengeConfig
-> Maybe (HashMap Text CustomResponseBody)
-> Maybe Text
-> Maybe Text
-> Maybe Bool
-> Maybe [FirewallManagerRuleGroup]
-> Maybe [FirewallManagerRuleGroup]
-> Maybe [Rule]
-> Maybe (NonEmpty Text)
-> Text
-> Text
-> Text
-> DefaultAction
-> VisibilityConfig
-> WebACL
WebACL'
            forall (f :: * -> *) a b. Functor f => (a -> b) -> f a -> f b
Prelude.<$> (Object
x forall a. FromJSON a => Object -> Key -> Parser (Maybe a)
Data..:? Key
"Capacity")
            forall (f :: * -> *) a b. Applicative f => f (a -> b) -> f a -> f b
Prelude.<*> (Object
x forall a. FromJSON a => Object -> Key -> Parser (Maybe a)
Data..:? Key
"CaptchaConfig")
            forall (f :: * -> *) a b. Applicative f => f (a -> b) -> f a -> f b
Prelude.<*> (Object
x forall a. FromJSON a => Object -> Key -> Parser (Maybe a)
Data..:? Key
"ChallengeConfig")
            forall (f :: * -> *) a b. Applicative f => f (a -> b) -> f a -> f b
Prelude.<*> ( Object
x
                            forall a. FromJSON a => Object -> Key -> Parser (Maybe a)
Data..:? Key
"CustomResponseBodies"
                            forall a. Parser (Maybe a) -> a -> Parser a
Data..!= forall a. Monoid a => a
Prelude.mempty
                        )
            forall (f :: * -> *) a b. Applicative f => f (a -> b) -> f a -> f b
Prelude.<*> (Object
x forall a. FromJSON a => Object -> Key -> Parser (Maybe a)
Data..:? Key
"Description")
            forall (f :: * -> *) a b. Applicative f => f (a -> b) -> f a -> f b
Prelude.<*> (Object
x forall a. FromJSON a => Object -> Key -> Parser (Maybe a)
Data..:? Key
"LabelNamespace")
            forall (f :: * -> *) a b. Applicative f => f (a -> b) -> f a -> f b
Prelude.<*> (Object
x forall a. FromJSON a => Object -> Key -> Parser (Maybe a)
Data..:? Key
"ManagedByFirewallManager")
            forall (f :: * -> *) a b. Applicative f => f (a -> b) -> f a -> f b
Prelude.<*> ( Object
x
                            forall a. FromJSON a => Object -> Key -> Parser (Maybe a)
Data..:? Key
"PostProcessFirewallManagerRuleGroups"
                            forall a. Parser (Maybe a) -> a -> Parser a
Data..!= forall a. Monoid a => a
Prelude.mempty
                        )
            forall (f :: * -> *) a b. Applicative f => f (a -> b) -> f a -> f b
Prelude.<*> ( Object
x
                            forall a. FromJSON a => Object -> Key -> Parser (Maybe a)
Data..:? Key
"PreProcessFirewallManagerRuleGroups"
                            forall a. Parser (Maybe a) -> a -> Parser a
Data..!= forall a. Monoid a => a
Prelude.mempty
                        )
            forall (f :: * -> *) a b. Applicative f => f (a -> b) -> f a -> f b
Prelude.<*> (Object
x forall a. FromJSON a => Object -> Key -> Parser (Maybe a)
Data..:? Key
"Rules" forall a. Parser (Maybe a) -> a -> Parser a
Data..!= forall a. Monoid a => a
Prelude.mempty)
            forall (f :: * -> *) a b. Applicative f => f (a -> b) -> f a -> f b
Prelude.<*> (Object
x forall a. FromJSON a => Object -> Key -> Parser (Maybe a)
Data..:? Key
"TokenDomains")
            forall (f :: * -> *) a b. Applicative f => f (a -> b) -> f a -> f b
Prelude.<*> (Object
x forall a. FromJSON a => Object -> Key -> Parser a
Data..: Key
"Name")
            forall (f :: * -> *) a b. Applicative f => f (a -> b) -> f a -> f b
Prelude.<*> (Object
x forall a. FromJSON a => Object -> Key -> Parser a
Data..: Key
"Id")
            forall (f :: * -> *) a b. Applicative f => f (a -> b) -> f a -> f b
Prelude.<*> (Object
x forall a. FromJSON a => Object -> Key -> Parser a
Data..: Key
"ARN")
            forall (f :: * -> *) a b. Applicative f => f (a -> b) -> f a -> f b
Prelude.<*> (Object
x forall a. FromJSON a => Object -> Key -> Parser a
Data..: Key
"DefaultAction")
            forall (f :: * -> *) a b. Applicative f => f (a -> b) -> f a -> f b
Prelude.<*> (Object
x forall a. FromJSON a => Object -> Key -> Parser a
Data..: Key
"VisibilityConfig")
      )

instance Prelude.Hashable WebACL where
  hashWithSalt :: Int -> WebACL -> Int
hashWithSalt Int
_salt WebACL' {Maybe Bool
Maybe Natural
Maybe [FirewallManagerRuleGroup]
Maybe [Rule]
Maybe (NonEmpty Text)
Maybe Text
Maybe (HashMap Text CustomResponseBody)
Maybe ChallengeConfig
Maybe CaptchaConfig
Text
DefaultAction
VisibilityConfig
visibilityConfig :: VisibilityConfig
defaultAction :: DefaultAction
arn :: Text
id :: Text
name :: Text
tokenDomains :: Maybe (NonEmpty Text)
rules :: Maybe [Rule]
preProcessFirewallManagerRuleGroups :: Maybe [FirewallManagerRuleGroup]
postProcessFirewallManagerRuleGroups :: Maybe [FirewallManagerRuleGroup]
managedByFirewallManager :: Maybe Bool
labelNamespace :: Maybe Text
description :: Maybe Text
customResponseBodies :: Maybe (HashMap Text CustomResponseBody)
challengeConfig :: Maybe ChallengeConfig
captchaConfig :: Maybe CaptchaConfig
capacity :: Maybe Natural
$sel:visibilityConfig:WebACL' :: WebACL -> VisibilityConfig
$sel:defaultAction:WebACL' :: WebACL -> DefaultAction
$sel:arn:WebACL' :: WebACL -> Text
$sel:id:WebACL' :: WebACL -> Text
$sel:name:WebACL' :: WebACL -> Text
$sel:tokenDomains:WebACL' :: WebACL -> Maybe (NonEmpty Text)
$sel:rules:WebACL' :: WebACL -> Maybe [Rule]
$sel:preProcessFirewallManagerRuleGroups:WebACL' :: WebACL -> Maybe [FirewallManagerRuleGroup]
$sel:postProcessFirewallManagerRuleGroups:WebACL' :: WebACL -> Maybe [FirewallManagerRuleGroup]
$sel:managedByFirewallManager:WebACL' :: WebACL -> Maybe Bool
$sel:labelNamespace:WebACL' :: WebACL -> Maybe Text
$sel:description:WebACL' :: WebACL -> Maybe Text
$sel:customResponseBodies:WebACL' :: WebACL -> Maybe (HashMap Text CustomResponseBody)
$sel:challengeConfig:WebACL' :: WebACL -> Maybe ChallengeConfig
$sel:captchaConfig:WebACL' :: WebACL -> Maybe CaptchaConfig
$sel:capacity:WebACL' :: WebACL -> Maybe Natural
..} =
    Int
_salt
      forall a. Hashable a => Int -> a -> Int
`Prelude.hashWithSalt` Maybe Natural
capacity
      forall a. Hashable a => Int -> a -> Int
`Prelude.hashWithSalt` Maybe CaptchaConfig
captchaConfig
      forall a. Hashable a => Int -> a -> Int
`Prelude.hashWithSalt` Maybe ChallengeConfig
challengeConfig
      forall a. Hashable a => Int -> a -> Int
`Prelude.hashWithSalt` Maybe (HashMap Text CustomResponseBody)
customResponseBodies
      forall a. Hashable a => Int -> a -> Int
`Prelude.hashWithSalt` Maybe Text
description
      forall a. Hashable a => Int -> a -> Int
`Prelude.hashWithSalt` Maybe Text
labelNamespace
      forall a. Hashable a => Int -> a -> Int
`Prelude.hashWithSalt` Maybe Bool
managedByFirewallManager
      forall a. Hashable a => Int -> a -> Int
`Prelude.hashWithSalt` Maybe [FirewallManagerRuleGroup]
postProcessFirewallManagerRuleGroups
      forall a. Hashable a => Int -> a -> Int
`Prelude.hashWithSalt` Maybe [FirewallManagerRuleGroup]
preProcessFirewallManagerRuleGroups
      forall a. Hashable a => Int -> a -> Int
`Prelude.hashWithSalt` Maybe [Rule]
rules
      forall a. Hashable a => Int -> a -> Int
`Prelude.hashWithSalt` Maybe (NonEmpty Text)
tokenDomains
      forall a. Hashable a => Int -> a -> Int
`Prelude.hashWithSalt` Text
name
      forall a. Hashable a => Int -> a -> Int
`Prelude.hashWithSalt` Text
id
      forall a. Hashable a => Int -> a -> Int
`Prelude.hashWithSalt` Text
arn
      forall a. Hashable a => Int -> a -> Int
`Prelude.hashWithSalt` DefaultAction
defaultAction
      forall a. Hashable a => Int -> a -> Int
`Prelude.hashWithSalt` VisibilityConfig
visibilityConfig

instance Prelude.NFData WebACL where
  rnf :: WebACL -> ()
rnf WebACL' {Maybe Bool
Maybe Natural
Maybe [FirewallManagerRuleGroup]
Maybe [Rule]
Maybe (NonEmpty Text)
Maybe Text
Maybe (HashMap Text CustomResponseBody)
Maybe ChallengeConfig
Maybe CaptchaConfig
Text
DefaultAction
VisibilityConfig
visibilityConfig :: VisibilityConfig
defaultAction :: DefaultAction
arn :: Text
id :: Text
name :: Text
tokenDomains :: Maybe (NonEmpty Text)
rules :: Maybe [Rule]
preProcessFirewallManagerRuleGroups :: Maybe [FirewallManagerRuleGroup]
postProcessFirewallManagerRuleGroups :: Maybe [FirewallManagerRuleGroup]
managedByFirewallManager :: Maybe Bool
labelNamespace :: Maybe Text
description :: Maybe Text
customResponseBodies :: Maybe (HashMap Text CustomResponseBody)
challengeConfig :: Maybe ChallengeConfig
captchaConfig :: Maybe CaptchaConfig
capacity :: Maybe Natural
$sel:visibilityConfig:WebACL' :: WebACL -> VisibilityConfig
$sel:defaultAction:WebACL' :: WebACL -> DefaultAction
$sel:arn:WebACL' :: WebACL -> Text
$sel:id:WebACL' :: WebACL -> Text
$sel:name:WebACL' :: WebACL -> Text
$sel:tokenDomains:WebACL' :: WebACL -> Maybe (NonEmpty Text)
$sel:rules:WebACL' :: WebACL -> Maybe [Rule]
$sel:preProcessFirewallManagerRuleGroups:WebACL' :: WebACL -> Maybe [FirewallManagerRuleGroup]
$sel:postProcessFirewallManagerRuleGroups:WebACL' :: WebACL -> Maybe [FirewallManagerRuleGroup]
$sel:managedByFirewallManager:WebACL' :: WebACL -> Maybe Bool
$sel:labelNamespace:WebACL' :: WebACL -> Maybe Text
$sel:description:WebACL' :: WebACL -> Maybe Text
$sel:customResponseBodies:WebACL' :: WebACL -> Maybe (HashMap Text CustomResponseBody)
$sel:challengeConfig:WebACL' :: WebACL -> Maybe ChallengeConfig
$sel:captchaConfig:WebACL' :: WebACL -> Maybe CaptchaConfig
$sel:capacity:WebACL' :: WebACL -> Maybe Natural
..} =
    forall a. NFData a => a -> ()
Prelude.rnf Maybe Natural
capacity
      seq :: forall a b. a -> b -> b
`Prelude.seq` forall a. NFData a => a -> ()
Prelude.rnf Maybe CaptchaConfig
captchaConfig
      seq :: forall a b. a -> b -> b
`Prelude.seq` forall a. NFData a => a -> ()
Prelude.rnf Maybe ChallengeConfig
challengeConfig
      seq :: forall a b. a -> b -> b
`Prelude.seq` forall a. NFData a => a -> ()
Prelude.rnf Maybe (HashMap Text CustomResponseBody)
customResponseBodies
      seq :: forall a b. a -> b -> b
`Prelude.seq` forall a. NFData a => a -> ()
Prelude.rnf Maybe Text
description
      seq :: forall a b. a -> b -> b
`Prelude.seq` forall a. NFData a => a -> ()
Prelude.rnf Maybe Text
labelNamespace
      seq :: forall a b. a -> b -> b
`Prelude.seq` forall a. NFData a => a -> ()
Prelude.rnf Maybe Bool
managedByFirewallManager
      seq :: forall a b. a -> b -> b
`Prelude.seq` forall a. NFData a => a -> ()
Prelude.rnf Maybe [FirewallManagerRuleGroup]
postProcessFirewallManagerRuleGroups
      seq :: forall a b. a -> b -> b
`Prelude.seq` forall a. NFData a => a -> ()
Prelude.rnf Maybe [FirewallManagerRuleGroup]
preProcessFirewallManagerRuleGroups
      seq :: forall a b. a -> b -> b
`Prelude.seq` forall a. NFData a => a -> ()
Prelude.rnf Maybe [Rule]
rules
      seq :: forall a b. a -> b -> b
`Prelude.seq` forall a. NFData a => a -> ()
Prelude.rnf Maybe (NonEmpty Text)
tokenDomains
      seq :: forall a b. a -> b -> b
`Prelude.seq` forall a. NFData a => a -> ()
Prelude.rnf Text
name
      seq :: forall a b. a -> b -> b
`Prelude.seq` forall a. NFData a => a -> ()
Prelude.rnf Text
id
      seq :: forall a b. a -> b -> b
`Prelude.seq` forall a. NFData a => a -> ()
Prelude.rnf Text
arn
      seq :: forall a b. a -> b -> b
`Prelude.seq` forall a. NFData a => a -> ()
Prelude.rnf DefaultAction
defaultAction
      seq :: forall a b. a -> b -> b
`Prelude.seq` forall a. NFData a => a -> ()
Prelude.rnf VisibilityConfig
visibilityConfig