interface RuleActionProperty
Language | Type name |
---|---|
![]() | Amazon.CDK.AWS.WAFv2.CfnRuleGroup.RuleActionProperty |
![]() | github.com/aws/aws-cdk-go/awscdk/v2/awswafv2#CfnRuleGroup_RuleActionProperty |
![]() | software.amazon.awscdk.services.wafv2.CfnRuleGroup.RuleActionProperty |
![]() | aws_cdk.aws_wafv2.CfnRuleGroup.RuleActionProperty |
![]() | aws-cdk-lib » aws_wafv2 » CfnRuleGroup » RuleActionProperty |
The action that AWS WAF should take on a web request when it matches a rule's statement.
Settings at the web ACL level can override the rule action setting.
Example
// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import { aws_wafv2 as wafv2 } from 'aws-cdk-lib';
declare const allow: any;
declare const block: any;
declare const captcha: any;
declare const challenge: any;
declare const count: any;
const ruleActionProperty: wafv2.CfnRuleGroup.RuleActionProperty = {
allow: allow,
block: block,
captcha: captcha,
challenge: challenge,
count: count,
};
Properties
Name | Type | Description |
---|---|---|
allow? | any | Instructs AWS WAF to allow the web request. |
block? | any | Instructs AWS WAF to block the web request. |
captcha? | any | Specifies that AWS WAF should run a CAPTCHA check against the request:. |
challenge? | any | Instructs AWS WAF to run a Challenge check against the web request. |
count? | any | Instructs AWS WAF to count the web request and then continue evaluating the request using the remaining rules in the web ACL. |
allow?
Type:
any
(optional)
Instructs AWS WAF to allow the web request.
block?
Type:
any
(optional)
Instructs AWS WAF to block the web request.
captcha?
Type:
any
(optional)
Specifies that AWS WAF should run a CAPTCHA
check against the request:.
- If the request includes a valid, unexpired
CAPTCHA
token, AWS WAF allows the web request inspection to proceed to the next rule, similar to aCountAction
. - If the request doesn't include a valid, unexpired
CAPTCHA
token, AWS WAF discontinues the web ACL evaluation of the request and blocks it from going to its intended destination.
AWS WAF generates a response that it sends back to the client, which includes the following:
- The header
x-amzn-waf-action
with a value ofcaptcha
. - The HTTP status code
405 Method Not Allowed
. - If the request contains an
Accept
header with a value oftext/html
, the response includes aCAPTCHA
challenge.
You can configure the expiration time in the CaptchaConfig
ImmunityTimeProperty
setting at the rule and web ACL level. The rule setting overrides the web ACL setting.
This action option is available for rules. It isn't available for web ACL default actions.
challenge?
Type:
any
(optional)
Instructs AWS WAF to run a Challenge
check against the web request.
count?
Type:
any
(optional)
Instructs AWS WAF to count the web request and then continue evaluating the request using the remaining rules in the web ACL.