/* * Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. * * Licensed under the Apache License, Version 2.0 (the "License"). * You may not use this file except in compliance with the License. * A copy of the License is located at * * http://aws.amazon.com/apache2.0 * * or in the "license" file accompanying this file. This file is distributed * on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either * express or implied. See the License for the specific language governing * permissions and limitations under the License. */ /* * Do not modify this file. This file is generated from the wafv2-2019-07-29.normal.json service model. */ using System; using System.Collections.Generic; using System.Xml.Serialization; using System.Text; using System.IO; using System.Net; using Amazon.Runtime; using Amazon.Runtime.Internal; namespace Amazon.WAFV2.Model { /// /// Defines an association between logging destinations and a web ACL resource, for logging /// from WAF. As part of the association, you can specify parts of the standard logging /// fields to keep out of the logs and you can specify filters so that you log only a /// subset of the logging records. /// /// /// /// You can define one logging destination per web ACL. /// /// /// /// You can access information about the traffic that WAF inspects using the following /// steps: /// ///
  1. /// /// Create your logging destination. You can use an Amazon CloudWatch Logs log group, /// an Amazon Simple Storage Service (Amazon S3) bucket, or an Amazon Kinesis Data Firehose. /// /// /// /// /// The name that you give the destination must start with aws-waf-logs-. /// Depending on the type of destination, you might need to configure additional settings /// or permissions. /// /// /// /// For configuration requirements and pricing information for each destination type, /// see Logging /// web ACL traffic in the WAF Developer Guide. /// ///
  2. /// /// Associate your logging destination to your web ACL using a PutLoggingConfiguration /// request. /// ///
/// /// When you successfully enable logging using a PutLoggingConfiguration /// request, WAF creates an additional role or policy that is required to write logs to /// the logging destination. For an Amazon CloudWatch Logs log group, WAF creates a resource /// policy on the log group. For an Amazon S3 bucket, WAF creates a bucket policy. For /// an Amazon Kinesis Data Firehose, WAF creates a service-linked role. /// /// /// /// For additional information about web ACL logging, see Logging /// web ACL traffic information in the WAF Developer Guide. /// /// public partial class LoggingConfiguration { private List _logDestinationConfigs = new List(); private LoggingFilter _loggingFilter; private bool? _managedByFirewallManager; private List _redactedFields = new List(); private string _resourceArn; /// /// Gets and sets the property LogDestinationConfigs. /// /// The logging destination configuration that you want to associate with the web ACL. /// /// /// /// You can associate one logging destination to a web ACL. /// /// /// [AWSProperty(Required=true, Min=1, Max=100)] public List LogDestinationConfigs { get { return this._logDestinationConfigs; } set { this._logDestinationConfigs = value; } } // Check to see if LogDestinationConfigs property is set internal bool IsSetLogDestinationConfigs() { return this._logDestinationConfigs != null && this._logDestinationConfigs.Count > 0; } /// /// Gets and sets the property LoggingFilter. /// /// Filtering that specifies which web requests are kept in the logs and which are dropped. /// You can filter on the rule action and on the web request labels that were applied /// by matching rules during web ACL evaluation. /// /// public LoggingFilter LoggingFilter { get { return this._loggingFilter; } set { this._loggingFilter = value; } } // Check to see if LoggingFilter property is set internal bool IsSetLoggingFilter() { return this._loggingFilter != null; } /// /// Gets and sets the property ManagedByFirewallManager. /// /// Indicates whether the logging configuration was created by Firewall Manager, as part /// of an WAF policy configuration. If true, only Firewall Manager can modify or delete /// the configuration. /// /// public bool ManagedByFirewallManager { get { return this._managedByFirewallManager.GetValueOrDefault(); } set { this._managedByFirewallManager = value; } } // Check to see if ManagedByFirewallManager property is set internal bool IsSetManagedByFirewallManager() { return this._managedByFirewallManager.HasValue; } /// /// Gets and sets the property RedactedFields. /// /// The parts of the request that you want to keep out of the logs. /// /// /// /// For example, if you redact the SingleHeader field, the HEADER /// field in the logs will be REDACTED for all rules that use the SingleHeader /// FieldToMatch setting. /// /// /// /// Redaction applies only to the component that's specified in the rule's FieldToMatch /// setting, so the SingleHeader redaction doesn't apply to rules that use /// the Headers FieldToMatch. /// /// /// /// You can specify only the following fields for redaction: UriPath, QueryString, /// SingleHeader, and Method. /// /// /// [AWSProperty(Max=100)] public List RedactedFields { get { return this._redactedFields; } set { this._redactedFields = value; } } // Check to see if RedactedFields property is set internal bool IsSetRedactedFields() { return this._redactedFields != null && this._redactedFields.Count > 0; } /// /// Gets and sets the property ResourceArn. /// /// The Amazon Resource Name (ARN) of the web ACL that you want to associate with LogDestinationConfigs. /// /// [AWSProperty(Required=true, Min=20, Max=2048)] public string ResourceArn { get { return this._resourceArn; } set { this._resourceArn = value; } } // Check to see if ResourceArn property is set internal bool IsSetResourceArn() { return this._resourceArn != null; } } }