AWS::WAFv2::RuleGroup VisibilityConfig - AWS CloudFormation

AWS::WAFv2::RuleGroup VisibilityConfig

Defines and enables Amazon CloudWatch metrics and web request sample collection.

Syntax

To declare this entity in your AWS CloudFormation template, use the following syntax:

JSON

{ "CloudWatchMetricsEnabled" : Boolean, "MetricName" : String, "SampledRequestsEnabled" : Boolean }

Properties

CloudWatchMetricsEnabled

Indicates whether the associated resource sends metrics to Amazon CloudWatch. For the list of available metrics, see AWS WAF Metrics in the AWS WAF Developer Guide.

For web ACLs, the metrics are for web requests that have the web ACL default action applied. AWS WAF applies the default action to web requests that pass the inspection of all rules in the web ACL without being either allowed or blocked. For more information, see The web ACL default action in the AWS WAF Developer Guide.

Required: Yes

Type: Boolean

Update requires: No interruption

MetricName

A name of the Amazon CloudWatch metric dimension. The name can contain only the characters: A-Z, a-z, 0-9, - (hyphen), and _ (underscore). The name can be from one to 128 characters long. It can't contain whitespace or metric names that are reserved for AWS WAF, for example All and Default_Action.

Required: Yes

Type: String

Minimum: 1

Maximum: 128

Update requires: No interruption

SampledRequestsEnabled

Indicates whether AWS WAF should store a sampling of the web requests that match the rules. You can view the sampled requests through the AWS WAF console.

Note

Request sampling doesn't provide a field redaction option, and any field redaction that you specify in your logging configuration doesn't affect sampling. The only way to exclude fields from request sampling is by disabling sampling in the web ACL visibility configuration.

Required: Yes

Type: Boolean

Update requires: No interruption