/*
* Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the "License").
* You may not use this file except in compliance with the License.
* A copy of the License is located at
*
* http://aws.amazon.com/apache2.0
*
* or in the "license" file accompanying this file. This file is distributed
* on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either
* express or implied. See the License for the specific language governing
* permissions and limitations under the License.
*/
/*
* Do not modify this file. This file is generated from the wafv2-2019-07-29.normal.json service model.
*/
using System;
using System.Collections.Generic;
using System.Xml.Serialization;
using System.Text;
using System.IO;
using System.Net;
using Amazon.Runtime;
using Amazon.Runtime.Internal;
namespace Amazon.WAFV2.Model
{
///
/// A web ACL defines a collection of rules to use to inspect and control web requests.
/// Each rule has an action defined (allow, block, or count) for requests that match the
/// statement of the rule. In the web ACL, you assign a default action to take (allow,
/// block) for any request that does not match any of the rules. The rules in a web ACL
/// can be a combination of the types Rule, RuleGroup, and managed rule
/// group. You can associate a web ACL with one or more Amazon Web Services resources
/// to protect. The resources can be an Amazon CloudFront distribution, an Amazon API
/// Gateway REST API, an Application Load Balancer, an AppSync GraphQL API, an Amazon
/// Cognito user pool, an App Runner service, or an Amazon Web Services Verified Access
/// instance.
///
public partial class WebACL
{
private string _arn;
private AssociationConfig _associationConfig;
private long? _capacity;
private CaptchaConfig _captchaConfig;
private ChallengeConfig _challengeConfig;
private Dictionary _customResponseBodies = new Dictionary();
private DefaultAction _defaultAction;
private string _description;
private string _id;
private string _labelNamespace;
private bool? _managedByFirewallManager;
private string _name;
private List _postProcessFirewallManagerRuleGroups = new List();
private List _preProcessFirewallManagerRuleGroups = new List();
private List _rules = new List();
private List _tokenDomains = new List();
private VisibilityConfig _visibilityConfig;
///
/// Gets and sets the property ARN.
///
/// The Amazon Resource Name (ARN) of the web ACL that you want to associate with the
/// resource.
///
///
[AWSProperty(Required=true, Min=20, Max=2048)]
public string ARN
{
get { return this._arn; }
set { this._arn = value; }
}
// Check to see if ARN property is set
internal bool IsSetARN()
{
return this._arn != null;
}
///
/// Gets and sets the property AssociationConfig.
///
/// Specifies custom configurations for the associations between the web ACL and protected
/// resources.
///
///
///
/// Use this to customize the maximum size of the request body that your protected CloudFront
/// distributions forward to WAF for inspection. The default is 16 KB (16,384 kilobytes).
///
///
///
///
/// You are charged additional fees when your protected resources forward body sizes that
/// are larger than the default. For more information, see WAF
/// Pricing.
///
///
///
public AssociationConfig AssociationConfig
{
get { return this._associationConfig; }
set { this._associationConfig = value; }
}
// Check to see if AssociationConfig property is set
internal bool IsSetAssociationConfig()
{
return this._associationConfig != null;
}
///
/// Gets and sets the property Capacity.
///
/// The web ACL capacity units (WCUs) currently being used by this web ACL.
///
///
///
/// WAF uses WCUs to calculate and control the operating resources that are used to run
/// your rules, rule groups, and web ACLs. WAF calculates capacity differently for each
/// rule type, to reflect the relative cost of each rule. Simple rules that cost little
/// to run use fewer WCUs than more complex rules that use more processing power. Rule
/// group capacity is fixed at creation, which helps users plan their web ACL WCU usage
/// when they use a rule group. For more information, see WAF
/// web ACL capacity units (WCU) in the WAF Developer Guide.
///
///
[AWSProperty(Min=0)]
public long Capacity
{
get { return this._capacity.GetValueOrDefault(); }
set { this._capacity = value; }
}
// Check to see if Capacity property is set
internal bool IsSetCapacity()
{
return this._capacity.HasValue;
}
///
/// Gets and sets the property CaptchaConfig.
///
/// Specifies how WAF should handle CAPTCHA evaluations for rules that don't
/// have their own CaptchaConfig settings. If you don't specify this, WAF
/// uses its default settings for CaptchaConfig.
///
///
public CaptchaConfig CaptchaConfig
{
get { return this._captchaConfig; }
set { this._captchaConfig = value; }
}
// Check to see if CaptchaConfig property is set
internal bool IsSetCaptchaConfig()
{
return this._captchaConfig != null;
}
///
/// Gets and sets the property ChallengeConfig.
///
/// Specifies how WAF should handle challenge evaluations for rules that don't have their
/// own ChallengeConfig settings. If you don't specify this, WAF uses its
/// default settings for ChallengeConfig.
///
///
public ChallengeConfig ChallengeConfig
{
get { return this._challengeConfig; }
set { this._challengeConfig = value; }
}
// Check to see if ChallengeConfig property is set
internal bool IsSetChallengeConfig()
{
return this._challengeConfig != null;
}
///
/// Gets and sets the property CustomResponseBodies.
///
/// A map of custom response keys and content bodies. When you create a rule with a block
/// action, you can send a custom response to the web request. You define these for the
/// web ACL, and then use them in the rules and default actions that you define in the
/// web ACL.
///
///
///
/// For information about customizing web requests and responses, see Customizing
/// web requests and responses in WAF in the WAF Developer Guide.
///
///
///
/// For information about the limits on count and size for custom request and response
/// settings, see WAF
/// quotas in the WAF Developer Guide.
///
///
[AWSProperty(Min=1)]
public Dictionary CustomResponseBodies
{
get { return this._customResponseBodies; }
set { this._customResponseBodies = value; }
}
// Check to see if CustomResponseBodies property is set
internal bool IsSetCustomResponseBodies()
{
return this._customResponseBodies != null && this._customResponseBodies.Count > 0;
}
///
/// Gets and sets the property DefaultAction.
///
/// The action to perform if none of the Rules contained in the WebACL
/// match.
///
///
[AWSProperty(Required=true)]
public DefaultAction DefaultAction
{
get { return this._defaultAction; }
set { this._defaultAction = value; }
}
// Check to see if DefaultAction property is set
internal bool IsSetDefaultAction()
{
return this._defaultAction != null;
}
///
/// Gets and sets the property Description.
///
/// A description of the web ACL that helps with identification.
///
///
[AWSProperty(Min=1, Max=256)]
public string Description
{
get { return this._description; }
set { this._description = value; }
}
// Check to see if Description property is set
internal bool IsSetDescription()
{
return this._description != null;
}
///
/// Gets and sets the property Id.
///
/// A unique identifier for the WebACL. This ID is returned in the responses
/// to create and list commands. You use this ID to do things like get, update, and delete
/// a WebACL.
///
///
[AWSProperty(Required=true, Min=1, Max=36)]
public string Id
{
get { return this._id; }
set { this._id = value; }
}
// Check to see if Id property is set
internal bool IsSetId()
{
return this._id != null;
}
///
/// Gets and sets the property LabelNamespace.
///
/// The label namespace prefix for this web ACL. All labels added by rules in this web
/// ACL have this prefix.
///
/// -
///
/// The syntax for the label namespace prefix for a web ACL is the following:
///
///
///
///
awswaf:<account ID>:webacl:<web ACL name>:
///
/// -
///
/// When a rule with a label matches a web request, WAF adds the fully qualified label
/// to the request. A fully qualified label is made up of the label namespace from the
/// rule group or web ACL where the rule is defined and the label from the rule, separated
/// by a colon:
///
///
///
///
<label namespace>:<label from rule>
///
///
///
[AWSProperty(Min=1, Max=1024)]
public string LabelNamespace
{
get { return this._labelNamespace; }
set { this._labelNamespace = value; }
}
// Check to see if LabelNamespace property is set
internal bool IsSetLabelNamespace()
{
return this._labelNamespace != null;
}
///
/// Gets and sets the property ManagedByFirewallManager.
///
/// Indicates whether this web ACL is managed by Firewall Manager. If true, then only
/// Firewall Manager can delete the web ACL or any Firewall Manager rule groups in the
/// web ACL.
///
///
public bool ManagedByFirewallManager
{
get { return this._managedByFirewallManager.GetValueOrDefault(); }
set { this._managedByFirewallManager = value; }
}
// Check to see if ManagedByFirewallManager property is set
internal bool IsSetManagedByFirewallManager()
{
return this._managedByFirewallManager.HasValue;
}
///
/// Gets and sets the property Name.
///
/// The name of the web ACL. You cannot change the name of a web ACL after you create
/// it.
///
///
[AWSProperty(Required=true, Min=1, Max=128)]
public string Name
{
get { return this._name; }
set { this._name = value; }
}
// Check to see if Name property is set
internal bool IsSetName()
{
return this._name != null;
}
///
/// Gets and sets the property PostProcessFirewallManagerRuleGroups.
///
/// The last set of rules for WAF to process in the web ACL. This is defined in an Firewall
/// Manager WAF policy and contains only rule group references. You can't alter these.
/// Any rules and rule groups that you define for the web ACL are prioritized before these.
///
///
///
///
/// In the Firewall Manager WAF policy, the Firewall Manager administrator can define
/// a set of rule groups to run first in the web ACL and a set of rule groups to run last.
/// Within each set, the administrator prioritizes the rule groups, to determine their
/// relative processing order.
///
///
public List PostProcessFirewallManagerRuleGroups
{
get { return this._postProcessFirewallManagerRuleGroups; }
set { this._postProcessFirewallManagerRuleGroups = value; }
}
// Check to see if PostProcessFirewallManagerRuleGroups property is set
internal bool IsSetPostProcessFirewallManagerRuleGroups()
{
return this._postProcessFirewallManagerRuleGroups != null && this._postProcessFirewallManagerRuleGroups.Count > 0;
}
///
/// Gets and sets the property PreProcessFirewallManagerRuleGroups.
///
/// The first set of rules for WAF to process in the web ACL. This is defined in an Firewall
/// Manager WAF policy and contains only rule group references. You can't alter these.
/// Any rules and rule groups that you define for the web ACL are prioritized after these.
///
///
///
///
/// In the Firewall Manager WAF policy, the Firewall Manager administrator can define
/// a set of rule groups to run first in the web ACL and a set of rule groups to run last.
/// Within each set, the administrator prioritizes the rule groups, to determine their
/// relative processing order.
///
///
public List PreProcessFirewallManagerRuleGroups
{
get { return this._preProcessFirewallManagerRuleGroups; }
set { this._preProcessFirewallManagerRuleGroups = value; }
}
// Check to see if PreProcessFirewallManagerRuleGroups property is set
internal bool IsSetPreProcessFirewallManagerRuleGroups()
{
return this._preProcessFirewallManagerRuleGroups != null && this._preProcessFirewallManagerRuleGroups.Count > 0;
}
///
/// Gets and sets the property Rules.
///
/// The Rule statements used to identify the web requests that you want to allow,
/// block, or count. Each rule includes one top-level statement that WAF uses to identify
/// matching web requests, and parameters that govern how WAF handles them.
///
///
public List Rules
{
get { return this._rules; }
set { this._rules = value; }
}
// Check to see if Rules property is set
internal bool IsSetRules()
{
return this._rules != null && this._rules.Count > 0;
}
///
/// Gets and sets the property TokenDomains.
///
/// Specifies the domains that WAF should accept in a web request token. This enables
/// the use of tokens across multiple protected websites. When WAF provides a token, it
/// uses the domain of the Amazon Web Services resource that the web ACL is protecting.
/// If you don't specify a list of token domains, WAF accepts tokens only for the domain
/// of the protected resource. With a token domain list, WAF accepts the resource's host
/// domain plus all domains in the token domain list, including their prefixed subdomains.
///
///
public List TokenDomains
{
get { return this._tokenDomains; }
set { this._tokenDomains = value; }
}
// Check to see if TokenDomains property is set
internal bool IsSetTokenDomains()
{
return this._tokenDomains != null && this._tokenDomains.Count > 0;
}
///
/// Gets and sets the property VisibilityConfig.
///
/// Defines and enables Amazon CloudWatch metrics and web request sample collection.
///
///
[AWSProperty(Required=true)]
public VisibilityConfig VisibilityConfig
{
get { return this._visibilityConfig; }
set { this._visibilityConfig = value; }
}
// Check to see if VisibilityConfig property is set
internal bool IsSetVisibilityConfig()
{
return this._visibilityConfig != null;
}
}
}