There are more AWS SDK examples available in the [AWS Doc SDK Examples](https://github.com/awsdocs/aws-doc-sdk-examples) GitHub repo.
# Basic examples for AWS WAFV2 using AWS SDKs
The following code examples show how to use the basics of AWS WAFV2 with AWS SDKs.
**Contents**
+ [Actions](wafv2_code_examples_actions.md)
+ [`CreateWebAcl`](wafv2_example_wafv2_CreateWebAcl_section.md)
# Actions for AWS WAFV2 using AWS SDKs
The following code examples demonstrate how to perform individual AWS WAFV2 actions with AWS SDKs. Each example includes a link to GitHub, where you can find instructions for setting up and running the code.
These excerpts call the AWS WAFV2 API and are code excerpts from larger programs that must be run in context. You can see actions in context in [Scenarios for AWS WAFV2 using AWS SDKs](wafv2_code_examples_scenarios.md).
The following examples include only the most commonly used actions. For a complete list, see the [AWS WAFV2 API Reference](https://docs.aws.amazon.com/waf/latest/APIReference/API_Operations_AWS_WAFV2.html).
**Topics**
+ [`CreateWebAcl`](wafv2_example_wafv2_CreateWebAcl_section.md)
# Use `CreateWebAcl` with a CLI
The following code examples show how to use `CreateWebAcl`.
Action examples are code excerpts from larger programs and must be run in context. You can see this action in context in the following code example:
+ [Getting started with WAF](wafv2_example_wafv2_GettingStarted_052_section.md)
------
#### [ CLI ]
**AWS CLI**
**To create a web ACL**
The following `create-web-acl` command creates a web ACL for regional use. The rule statements for the web ACL are provided in a JSON-formatted file.
```
aws wafv2 create-web-acl \
--name TestWebAcl \
--scope REGIONAL \
--default-action Allow={} \
--visibility-config SampledRequestsEnabled=true,CloudWatchMetricsEnabled=true,MetricName=TestWebAclMetrics \
--rules file://waf-rule.json \
--region us-west-2
```
Contents of file://waf-rule.json:
```
[
{
"Name":"basic-rule",
"Priority":0,
"Statement":{
"AndStatement":{
"Statements":[
{
"ByteMatchStatement":{
"SearchString":"example.com",
"FieldToMatch":{
"SingleHeader":{
"Name":"host"
}
},
"TextTransformations":[
{
"Priority":0,
"Type":"LOWERCASE"
}
],
"PositionalConstraint":"EXACTLY"
}
},
{
"GeoMatchStatement":{
"CountryCodes":[
"US",
"IN"
]
}
}
]
}
},
"Action":{
"Allow":{
}
},
"VisibilityConfig":{
"SampledRequestsEnabled":true,
"CloudWatchMetricsEnabled":true,
"MetricName":"basic-rule"
}
}
]
```
Output:
```
{
"Summary":{
"ARN":"arn:aws:wafv2:us-west-2:123456789012:regional/webacl/TestWebAcl/a1b2c3d4-5678-90ab-cdef-EXAMPLE11111",
"Description":"",
"Name":"TestWebAcl",
"LockToken":"2294b3a1-eb60-4aa0-a86f-a3ae04329de9",
"Id":"a1b2c3d4-5678-90ab-cdef-EXAMPLE11111"
}
}
```
For more information, see [Managing and Using a Web Access Control List (Web ACL)](https://docs.aws.amazon.com/waf/latest/developerguide/web-acl.html) in the *AWS WAF, AWS Firewall Manager, and AWS Shield Advanced Developer Guide*.
+ For API details, see [CreateWebAcl](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/wafv2/create-web-acl.html) in *AWS CLI Command Reference*.
------
#### [ PowerShell ]
**Tools for PowerShell V4**
**Example 1: This command creates a new web ACL named "waf-test". Kindly note that as per service API documentation, 'DefaultAction' is a required property. Hence, value for either '-DefaultAction\$1Allow' and/or '-DefaultAction\$1Block' should be specified. Since '-DefaultAction\$1Allow' and '-DefaultAction\$1Block' are not the required properties, value '@\$1\$1' could be used as placeholder as shown in above example.**
```
New-WAF2WebACL -Name "waf-test" -Scope REGIONAL -Region eu-west-1 -VisibilityConfig_CloudWatchMetricsEnabled $true -VisibilityConfig_SampledRequestsEnabled $true -VisibilityConfig_MetricName "waf-test" -Description "Test" -DefaultAction_Allow @{}
```
**Output:**
```
ARN : arn:aws:wafv2:eu-west-1:139480602983:regional/webacl/waf-test/19460b3f-db14-4b9a-8e23-a417e1eb007f
Description : Test
Id : 19460b3f-db14-4b9a-8e23-a417e1eb007f
LockToken : 5a0cd5eb-d911-4341-b313-b429e6d6b6ab
Name : waf-test
```
+ For API details, see [CreateWebAcl](https://docs.aws.amazon.com/powershell/v4/reference) in *AWS Tools for PowerShell Cmdlet Reference (V4)*.
**Tools for PowerShell V5**
**Example 1: This command creates a new web ACL named "waf-test". Kindly note that as per service API documentation, 'DefaultAction' is a required property. Hence, value for either '-DefaultAction\$1Allow' and/or '-DefaultAction\$1Block' should be specified. Since '-DefaultAction\$1Allow' and '-DefaultAction\$1Block' are not the required properties, value '@\$1\$1' could be used as placeholder as shown in above example.**
```
New-WAF2WebACL -Name "waf-test" -Scope REGIONAL -Region eu-west-1 -VisibilityConfig_CloudWatchMetricsEnabled $true -VisibilityConfig_SampledRequestsEnabled $true -VisibilityConfig_MetricName "waf-test" -Description "Test" -DefaultAction_Allow @{}
```
**Output:**
```
ARN : arn:aws:wafv2:eu-west-1:139480602983:regional/webacl/waf-test/19460b3f-db14-4b9a-8e23-a417e1eb007f
Description : Test
Id : 19460b3f-db14-4b9a-8e23-a417e1eb007f
LockToken : 5a0cd5eb-d911-4341-b313-b429e6d6b6ab
Name : waf-test
```
+ For API details, see [CreateWebAcl](https://docs.aws.amazon.com/powershell/v5/reference) in *AWS Tools for PowerShell Cmdlet Reference (V5)*.
------