All Downloads are FREE. Search and download functionalities are using the official Maven repository.

com.amazonaws.services.waf.model.ActivatedRule Maven / Gradle / Ivy

/*
 * Copyright 2017-2022 Amazon.com, Inc. or its affiliates. All Rights Reserved.
 * 
 * Licensed under the Apache License, Version 2.0 (the "License"). You may not use this file except in compliance with
 * the License. A copy of the License is located at
 * 
 * http://aws.amazon.com/apache2.0
 * 
 * or in the "license" file accompanying this file. This file is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR
 * CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions
 * and limitations under the License.
 */
package com.amazonaws.services.waf.model;

import java.io.Serializable;
import javax.annotation.Generated;
import com.amazonaws.protocol.StructuredPojo;
import com.amazonaws.protocol.ProtocolMarshaller;

/**
 * 
 * 

* This is AWS WAF Classic documentation. For more information, see AWS WAF Classic in the * developer guide. *

*

* For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS WAF Developer Guide. With the * latest version, AWS WAF has a single set of endpoints for regional and global use. *

*
*

* The ActivatedRule object in an UpdateWebACL request specifies a Rule that you want * to insert or delete, the priority of the Rule in the WebACL, and the action that you want * AWS WAF to take when a web request matches the Rule (ALLOW, BLOCK, or * COUNT). *

*

* To specify whether to insert or delete a Rule, use the Action parameter in the * WebACLUpdate data type. *

* * @see AWS API * Documentation */ @Generated("com.amazonaws:aws-java-sdk-code-generator") public class ActivatedRule implements Serializable, Cloneable, StructuredPojo { /** *

* Specifies the order in which the Rules in a WebACL are evaluated. Rules with a lower * value for Priority are evaluated before Rules with a higher value. The value must be a * unique integer. If you add multiple Rules to a WebACL, the values don't need to be * consecutive. *

*/ private Integer priority; /** *

* The RuleId for a Rule. You use RuleId to get more information about a * Rule (see GetRule), update a Rule (see UpdateRule), insert a * Rule into a WebACL or delete a one from a WebACL (see * UpdateWebACL), or delete a Rule from AWS WAF (see DeleteRule). *

*

* RuleId is returned by CreateRule and by ListRules. *

*/ private String ruleId; /** *

* Specifies the action that CloudFront or AWS WAF takes when a web request matches the conditions in the * Rule. Valid values for Action include the following: *

*
    *
  • *

    * ALLOW: CloudFront responds with the requested object. *

    *
  • *
  • *

    * BLOCK: CloudFront responds with an HTTP 403 (Forbidden) status code. *

    *
  • *
  • *

    * COUNT: AWS WAF increments a counter of requests that match the conditions in the rule and then * continues to inspect the web request based on the remaining rules in the web ACL. *

    *
  • *
*

* ActivatedRule|OverrideAction applies only when updating or adding a RuleGroup to a * WebACL. In this case, you do not use ActivatedRule|Action. For all other update * requests, ActivatedRule|Action is used instead of ActivatedRule|OverrideAction. *

*/ private WafAction action; /** *

* Use the OverrideAction to test your RuleGroup. *

*

* Any rule in a RuleGroup can potentially block a request. If you set the OverrideAction * to None, the RuleGroup will block a request if any individual rule in the * RuleGroup matches the request and is configured to block that request. However if you first want to * test the RuleGroup, set the OverrideAction to Count. The * RuleGroup will then override any block action specified by individual rules contained within the * group. Instead of blocking matching requests, those requests will be counted. You can view a record of counted * requests using GetSampledRequests. *

*

* ActivatedRule|OverrideAction applies only when updating or adding a RuleGroup to a * WebACL. In this case you do not use ActivatedRule|Action. For all other update * requests, ActivatedRule|Action is used instead of ActivatedRule|OverrideAction. *

*/ private WafOverrideAction overrideAction; /** *

* The rule type, either REGULAR, as defined by Rule, RATE_BASED, as defined by * RateBasedRule, or GROUP, as defined by RuleGroup. The default is REGULAR. Although * this field is optional, be aware that if you try to add a RATE_BASED rule to a web ACL without setting the type, * the UpdateWebACL request will fail because the request tries to add a REGULAR rule with the specified ID, * which does not exist. *

*/ private String type; /** *

* An array of rules to exclude from a rule group. This is applicable only when the ActivatedRule * refers to a RuleGroup. *

*

* Sometimes it is necessary to troubleshoot rule groups that are blocking traffic unexpectedly (false positives). * One troubleshooting technique is to identify the specific rule within the rule group that is blocking the * legitimate traffic and then disable (exclude) that particular rule. You can exclude rules from both your own rule * groups and AWS Marketplace rule groups that have been associated with a web ACL. *

*

* Specifying ExcludedRules does not remove those rules from the rule group. Rather, it changes the * action for the rules to COUNT. Therefore, requests that match an ExcludedRule are * counted but not blocked. The RuleGroup owner will receive COUNT metrics for each * ExcludedRule. *

*

* If you want to exclude rules from a rule group that is already associated with a web ACL, perform the following * steps: *

*
    *
  1. *

    * Use the AWS WAF logs to identify the IDs of the rules that you want to exclude. For more information about the * logs, see Logging Web ACL Traffic * Information. *

    *
  2. *
  3. *

    * Submit an UpdateWebACL request that has two actions: *

    *
      *
    • *

      * The first action deletes the existing rule group from the web ACL. That is, in the UpdateWebACL request, * the first Updates:Action should be DELETE and Updates:ActivatedRule:RuleId * should be the rule group that contains the rules that you want to exclude. *

      *
    • *
    • *

      * The second action inserts the same rule group back in, but specifying the rules to exclude. That is, the second * Updates:Action should be INSERT, Updates:ActivatedRule:RuleId should be * the rule group that you just removed, and ExcludedRules should contain the rules that you want to * exclude. *

      *
    • *
    *
  4. *
*/ private java.util.List excludedRules; /** *

* Specifies the order in which the Rules in a WebACL are evaluated. Rules with a lower * value for Priority are evaluated before Rules with a higher value. The value must be a * unique integer. If you add multiple Rules to a WebACL, the values don't need to be * consecutive. *

* * @param priority * Specifies the order in which the Rules in a WebACL are evaluated. Rules with a * lower value for Priority are evaluated before Rules with a higher value. The * value must be a unique integer. If you add multiple Rules to a WebACL, the * values don't need to be consecutive. */ public void setPriority(Integer priority) { this.priority = priority; } /** *

* Specifies the order in which the Rules in a WebACL are evaluated. Rules with a lower * value for Priority are evaluated before Rules with a higher value. The value must be a * unique integer. If you add multiple Rules to a WebACL, the values don't need to be * consecutive. *

* * @return Specifies the order in which the Rules in a WebACL are evaluated. Rules with a * lower value for Priority are evaluated before Rules with a higher value. The * value must be a unique integer. If you add multiple Rules to a WebACL, the * values don't need to be consecutive. */ public Integer getPriority() { return this.priority; } /** *

* Specifies the order in which the Rules in a WebACL are evaluated. Rules with a lower * value for Priority are evaluated before Rules with a higher value. The value must be a * unique integer. If you add multiple Rules to a WebACL, the values don't need to be * consecutive. *

* * @param priority * Specifies the order in which the Rules in a WebACL are evaluated. Rules with a * lower value for Priority are evaluated before Rules with a higher value. The * value must be a unique integer. If you add multiple Rules to a WebACL, the * values don't need to be consecutive. * @return Returns a reference to this object so that method calls can be chained together. */ public ActivatedRule withPriority(Integer priority) { setPriority(priority); return this; } /** *

* The RuleId for a Rule. You use RuleId to get more information about a * Rule (see GetRule), update a Rule (see UpdateRule), insert a * Rule into a WebACL or delete a one from a WebACL (see * UpdateWebACL), or delete a Rule from AWS WAF (see DeleteRule). *

*

* RuleId is returned by CreateRule and by ListRules. *

* * @param ruleId * The RuleId for a Rule. You use RuleId to get more information about * a Rule (see GetRule), update a Rule (see UpdateRule), insert a * Rule into a WebACL or delete a one from a WebACL (see * UpdateWebACL), or delete a Rule from AWS WAF (see DeleteRule).

*

* RuleId is returned by CreateRule and by ListRules. */ public void setRuleId(String ruleId) { this.ruleId = ruleId; } /** *

* The RuleId for a Rule. You use RuleId to get more information about a * Rule (see GetRule), update a Rule (see UpdateRule), insert a * Rule into a WebACL or delete a one from a WebACL (see * UpdateWebACL), or delete a Rule from AWS WAF (see DeleteRule). *

*

* RuleId is returned by CreateRule and by ListRules. *

* * @return The RuleId for a Rule. You use RuleId to get more information * about a Rule (see GetRule), update a Rule (see UpdateRule), * insert a Rule into a WebACL or delete a one from a WebACL (see * UpdateWebACL), or delete a Rule from AWS WAF (see DeleteRule).

*

* RuleId is returned by CreateRule and by ListRules. */ public String getRuleId() { return this.ruleId; } /** *

* The RuleId for a Rule. You use RuleId to get more information about a * Rule (see GetRule), update a Rule (see UpdateRule), insert a * Rule into a WebACL or delete a one from a WebACL (see * UpdateWebACL), or delete a Rule from AWS WAF (see DeleteRule). *

*

* RuleId is returned by CreateRule and by ListRules. *

* * @param ruleId * The RuleId for a Rule. You use RuleId to get more information about * a Rule (see GetRule), update a Rule (see UpdateRule), insert a * Rule into a WebACL or delete a one from a WebACL (see * UpdateWebACL), or delete a Rule from AWS WAF (see DeleteRule).

*

* RuleId is returned by CreateRule and by ListRules. * @return Returns a reference to this object so that method calls can be chained together. */ public ActivatedRule withRuleId(String ruleId) { setRuleId(ruleId); return this; } /** *

* Specifies the action that CloudFront or AWS WAF takes when a web request matches the conditions in the * Rule. Valid values for Action include the following: *

*
    *
  • *

    * ALLOW: CloudFront responds with the requested object. *

    *
  • *
  • *

    * BLOCK: CloudFront responds with an HTTP 403 (Forbidden) status code. *

    *
  • *
  • *

    * COUNT: AWS WAF increments a counter of requests that match the conditions in the rule and then * continues to inspect the web request based on the remaining rules in the web ACL. *

    *
  • *
*

* ActivatedRule|OverrideAction applies only when updating or adding a RuleGroup to a * WebACL. In this case, you do not use ActivatedRule|Action. For all other update * requests, ActivatedRule|Action is used instead of ActivatedRule|OverrideAction. *

* * @param action * Specifies the action that CloudFront or AWS WAF takes when a web request matches the conditions in the * Rule. Valid values for Action include the following:

*
    *
  • *

    * ALLOW: CloudFront responds with the requested object. *

    *
  • *
  • *

    * BLOCK: CloudFront responds with an HTTP 403 (Forbidden) status code. *

    *
  • *
  • *

    * COUNT: AWS WAF increments a counter of requests that match the conditions in the rule and * then continues to inspect the web request based on the remaining rules in the web ACL. *

    *
  • *
*

* ActivatedRule|OverrideAction applies only when updating or adding a RuleGroup to * a WebACL. In this case, you do not use ActivatedRule|Action. For all other * update requests, ActivatedRule|Action is used instead of * ActivatedRule|OverrideAction. */ public void setAction(WafAction action) { this.action = action; } /** *

* Specifies the action that CloudFront or AWS WAF takes when a web request matches the conditions in the * Rule. Valid values for Action include the following: *

*
    *
  • *

    * ALLOW: CloudFront responds with the requested object. *

    *
  • *
  • *

    * BLOCK: CloudFront responds with an HTTP 403 (Forbidden) status code. *

    *
  • *
  • *

    * COUNT: AWS WAF increments a counter of requests that match the conditions in the rule and then * continues to inspect the web request based on the remaining rules in the web ACL. *

    *
  • *
*

* ActivatedRule|OverrideAction applies only when updating or adding a RuleGroup to a * WebACL. In this case, you do not use ActivatedRule|Action. For all other update * requests, ActivatedRule|Action is used instead of ActivatedRule|OverrideAction. *

* * @return Specifies the action that CloudFront or AWS WAF takes when a web request matches the conditions in the * Rule. Valid values for Action include the following:

*
    *
  • *

    * ALLOW: CloudFront responds with the requested object. *

    *
  • *
  • *

    * BLOCK: CloudFront responds with an HTTP 403 (Forbidden) status code. *

    *
  • *
  • *

    * COUNT: AWS WAF increments a counter of requests that match the conditions in the rule and * then continues to inspect the web request based on the remaining rules in the web ACL. *

    *
  • *
*

* ActivatedRule|OverrideAction applies only when updating or adding a RuleGroup * to a WebACL. In this case, you do not use ActivatedRule|Action. For all other * update requests, ActivatedRule|Action is used instead of * ActivatedRule|OverrideAction. */ public WafAction getAction() { return this.action; } /** *

* Specifies the action that CloudFront or AWS WAF takes when a web request matches the conditions in the * Rule. Valid values for Action include the following: *

*
    *
  • *

    * ALLOW: CloudFront responds with the requested object. *

    *
  • *
  • *

    * BLOCK: CloudFront responds with an HTTP 403 (Forbidden) status code. *

    *
  • *
  • *

    * COUNT: AWS WAF increments a counter of requests that match the conditions in the rule and then * continues to inspect the web request based on the remaining rules in the web ACL. *

    *
  • *
*

* ActivatedRule|OverrideAction applies only when updating or adding a RuleGroup to a * WebACL. In this case, you do not use ActivatedRule|Action. For all other update * requests, ActivatedRule|Action is used instead of ActivatedRule|OverrideAction. *

* * @param action * Specifies the action that CloudFront or AWS WAF takes when a web request matches the conditions in the * Rule. Valid values for Action include the following:

*
    *
  • *

    * ALLOW: CloudFront responds with the requested object. *

    *
  • *
  • *

    * BLOCK: CloudFront responds with an HTTP 403 (Forbidden) status code. *

    *
  • *
  • *

    * COUNT: AWS WAF increments a counter of requests that match the conditions in the rule and * then continues to inspect the web request based on the remaining rules in the web ACL. *

    *
  • *
*

* ActivatedRule|OverrideAction applies only when updating or adding a RuleGroup to * a WebACL. In this case, you do not use ActivatedRule|Action. For all other * update requests, ActivatedRule|Action is used instead of * ActivatedRule|OverrideAction. * @return Returns a reference to this object so that method calls can be chained together. */ public ActivatedRule withAction(WafAction action) { setAction(action); return this; } /** *

* Use the OverrideAction to test your RuleGroup. *

*

* Any rule in a RuleGroup can potentially block a request. If you set the OverrideAction * to None, the RuleGroup will block a request if any individual rule in the * RuleGroup matches the request and is configured to block that request. However if you first want to * test the RuleGroup, set the OverrideAction to Count. The * RuleGroup will then override any block action specified by individual rules contained within the * group. Instead of blocking matching requests, those requests will be counted. You can view a record of counted * requests using GetSampledRequests. *

*

* ActivatedRule|OverrideAction applies only when updating or adding a RuleGroup to a * WebACL. In this case you do not use ActivatedRule|Action. For all other update * requests, ActivatedRule|Action is used instead of ActivatedRule|OverrideAction. *

* * @param overrideAction * Use the OverrideAction to test your RuleGroup.

*

* Any rule in a RuleGroup can potentially block a request. If you set the * OverrideAction to None, the RuleGroup will block a request if any * individual rule in the RuleGroup matches the request and is configured to block that request. * However if you first want to test the RuleGroup, set the OverrideAction to * Count. The RuleGroup will then override any block action specified by individual * rules contained within the group. Instead of blocking matching requests, those requests will be counted. * You can view a record of counted requests using GetSampledRequests. *

*

* ActivatedRule|OverrideAction applies only when updating or adding a RuleGroup to * a WebACL. In this case you do not use ActivatedRule|Action. For all other update * requests, ActivatedRule|Action is used instead of ActivatedRule|OverrideAction. */ public void setOverrideAction(WafOverrideAction overrideAction) { this.overrideAction = overrideAction; } /** *

* Use the OverrideAction to test your RuleGroup. *

*

* Any rule in a RuleGroup can potentially block a request. If you set the OverrideAction * to None, the RuleGroup will block a request if any individual rule in the * RuleGroup matches the request and is configured to block that request. However if you first want to * test the RuleGroup, set the OverrideAction to Count. The * RuleGroup will then override any block action specified by individual rules contained within the * group. Instead of blocking matching requests, those requests will be counted. You can view a record of counted * requests using GetSampledRequests. *

*

* ActivatedRule|OverrideAction applies only when updating or adding a RuleGroup to a * WebACL. In this case you do not use ActivatedRule|Action. For all other update * requests, ActivatedRule|Action is used instead of ActivatedRule|OverrideAction. *

* * @return Use the OverrideAction to test your RuleGroup.

*

* Any rule in a RuleGroup can potentially block a request. If you set the * OverrideAction to None, the RuleGroup will block a request if any * individual rule in the RuleGroup matches the request and is configured to block that * request. However if you first want to test the RuleGroup, set the * OverrideAction to Count. The RuleGroup will then override any * block action specified by individual rules contained within the group. Instead of blocking matching * requests, those requests will be counted. You can view a record of counted requests using * GetSampledRequests. *

*

* ActivatedRule|OverrideAction applies only when updating or adding a RuleGroup * to a WebACL. In this case you do not use ActivatedRule|Action. For all other * update requests, ActivatedRule|Action is used instead of * ActivatedRule|OverrideAction. */ public WafOverrideAction getOverrideAction() { return this.overrideAction; } /** *

* Use the OverrideAction to test your RuleGroup. *

*

* Any rule in a RuleGroup can potentially block a request. If you set the OverrideAction * to None, the RuleGroup will block a request if any individual rule in the * RuleGroup matches the request and is configured to block that request. However if you first want to * test the RuleGroup, set the OverrideAction to Count. The * RuleGroup will then override any block action specified by individual rules contained within the * group. Instead of blocking matching requests, those requests will be counted. You can view a record of counted * requests using GetSampledRequests. *

*

* ActivatedRule|OverrideAction applies only when updating or adding a RuleGroup to a * WebACL. In this case you do not use ActivatedRule|Action. For all other update * requests, ActivatedRule|Action is used instead of ActivatedRule|OverrideAction. *

* * @param overrideAction * Use the OverrideAction to test your RuleGroup.

*

* Any rule in a RuleGroup can potentially block a request. If you set the * OverrideAction to None, the RuleGroup will block a request if any * individual rule in the RuleGroup matches the request and is configured to block that request. * However if you first want to test the RuleGroup, set the OverrideAction to * Count. The RuleGroup will then override any block action specified by individual * rules contained within the group. Instead of blocking matching requests, those requests will be counted. * You can view a record of counted requests using GetSampledRequests. *

*

* ActivatedRule|OverrideAction applies only when updating or adding a RuleGroup to * a WebACL. In this case you do not use ActivatedRule|Action. For all other update * requests, ActivatedRule|Action is used instead of ActivatedRule|OverrideAction. * @return Returns a reference to this object so that method calls can be chained together. */ public ActivatedRule withOverrideAction(WafOverrideAction overrideAction) { setOverrideAction(overrideAction); return this; } /** *

* The rule type, either REGULAR, as defined by Rule, RATE_BASED, as defined by * RateBasedRule, or GROUP, as defined by RuleGroup. The default is REGULAR. Although * this field is optional, be aware that if you try to add a RATE_BASED rule to a web ACL without setting the type, * the UpdateWebACL request will fail because the request tries to add a REGULAR rule with the specified ID, * which does not exist. *

* * @param type * The rule type, either REGULAR, as defined by Rule, RATE_BASED, as defined * by RateBasedRule, or GROUP, as defined by RuleGroup. The default is REGULAR. * Although this field is optional, be aware that if you try to add a RATE_BASED rule to a web ACL without * setting the type, the UpdateWebACL request will fail because the request tries to add a REGULAR * rule with the specified ID, which does not exist. * @see WafRuleType */ public void setType(String type) { this.type = type; } /** *

* The rule type, either REGULAR, as defined by Rule, RATE_BASED, as defined by * RateBasedRule, or GROUP, as defined by RuleGroup. The default is REGULAR. Although * this field is optional, be aware that if you try to add a RATE_BASED rule to a web ACL without setting the type, * the UpdateWebACL request will fail because the request tries to add a REGULAR rule with the specified ID, * which does not exist. *

* * @return The rule type, either REGULAR, as defined by Rule, RATE_BASED, as * defined by RateBasedRule, or GROUP, as defined by RuleGroup. The default is * REGULAR. Although this field is optional, be aware that if you try to add a RATE_BASED rule to a web ACL * without setting the type, the UpdateWebACL request will fail because the request tries to add a * REGULAR rule with the specified ID, which does not exist. * @see WafRuleType */ public String getType() { return this.type; } /** *

* The rule type, either REGULAR, as defined by Rule, RATE_BASED, as defined by * RateBasedRule, or GROUP, as defined by RuleGroup. The default is REGULAR. Although * this field is optional, be aware that if you try to add a RATE_BASED rule to a web ACL without setting the type, * the UpdateWebACL request will fail because the request tries to add a REGULAR rule with the specified ID, * which does not exist. *

* * @param type * The rule type, either REGULAR, as defined by Rule, RATE_BASED, as defined * by RateBasedRule, or GROUP, as defined by RuleGroup. The default is REGULAR. * Although this field is optional, be aware that if you try to add a RATE_BASED rule to a web ACL without * setting the type, the UpdateWebACL request will fail because the request tries to add a REGULAR * rule with the specified ID, which does not exist. * @return Returns a reference to this object so that method calls can be chained together. * @see WafRuleType */ public ActivatedRule withType(String type) { setType(type); return this; } /** *

* The rule type, either REGULAR, as defined by Rule, RATE_BASED, as defined by * RateBasedRule, or GROUP, as defined by RuleGroup. The default is REGULAR. Although * this field is optional, be aware that if you try to add a RATE_BASED rule to a web ACL without setting the type, * the UpdateWebACL request will fail because the request tries to add a REGULAR rule with the specified ID, * which does not exist. *

* * @param type * The rule type, either REGULAR, as defined by Rule, RATE_BASED, as defined * by RateBasedRule, or GROUP, as defined by RuleGroup. The default is REGULAR. * Although this field is optional, be aware that if you try to add a RATE_BASED rule to a web ACL without * setting the type, the UpdateWebACL request will fail because the request tries to add a REGULAR * rule with the specified ID, which does not exist. * @see WafRuleType */ public void setType(WafRuleType type) { withType(type); } /** *

* The rule type, either REGULAR, as defined by Rule, RATE_BASED, as defined by * RateBasedRule, or GROUP, as defined by RuleGroup. The default is REGULAR. Although * this field is optional, be aware that if you try to add a RATE_BASED rule to a web ACL without setting the type, * the UpdateWebACL request will fail because the request tries to add a REGULAR rule with the specified ID, * which does not exist. *

* * @param type * The rule type, either REGULAR, as defined by Rule, RATE_BASED, as defined * by RateBasedRule, or GROUP, as defined by RuleGroup. The default is REGULAR. * Although this field is optional, be aware that if you try to add a RATE_BASED rule to a web ACL without * setting the type, the UpdateWebACL request will fail because the request tries to add a REGULAR * rule with the specified ID, which does not exist. * @return Returns a reference to this object so that method calls can be chained together. * @see WafRuleType */ public ActivatedRule withType(WafRuleType type) { this.type = type.toString(); return this; } /** *

* An array of rules to exclude from a rule group. This is applicable only when the ActivatedRule * refers to a RuleGroup. *

*

* Sometimes it is necessary to troubleshoot rule groups that are blocking traffic unexpectedly (false positives). * One troubleshooting technique is to identify the specific rule within the rule group that is blocking the * legitimate traffic and then disable (exclude) that particular rule. You can exclude rules from both your own rule * groups and AWS Marketplace rule groups that have been associated with a web ACL. *

*

* Specifying ExcludedRules does not remove those rules from the rule group. Rather, it changes the * action for the rules to COUNT. Therefore, requests that match an ExcludedRule are * counted but not blocked. The RuleGroup owner will receive COUNT metrics for each * ExcludedRule. *

*

* If you want to exclude rules from a rule group that is already associated with a web ACL, perform the following * steps: *

*
    *
  1. *

    * Use the AWS WAF logs to identify the IDs of the rules that you want to exclude. For more information about the * logs, see Logging Web ACL Traffic * Information. *

    *
  2. *
  3. *

    * Submit an UpdateWebACL request that has two actions: *

    *
      *
    • *

      * The first action deletes the existing rule group from the web ACL. That is, in the UpdateWebACL request, * the first Updates:Action should be DELETE and Updates:ActivatedRule:RuleId * should be the rule group that contains the rules that you want to exclude. *

      *
    • *
    • *

      * The second action inserts the same rule group back in, but specifying the rules to exclude. That is, the second * Updates:Action should be INSERT, Updates:ActivatedRule:RuleId should be * the rule group that you just removed, and ExcludedRules should contain the rules that you want to * exclude. *

      *
    • *
    *
  4. *
* * @return An array of rules to exclude from a rule group. This is applicable only when the * ActivatedRule refers to a RuleGroup.

*

* Sometimes it is necessary to troubleshoot rule groups that are blocking traffic unexpectedly (false * positives). One troubleshooting technique is to identify the specific rule within the rule group that is * blocking the legitimate traffic and then disable (exclude) that particular rule. You can exclude rules * from both your own rule groups and AWS Marketplace rule groups that have been associated with a web ACL. *

*

* Specifying ExcludedRules does not remove those rules from the rule group. Rather, it changes * the action for the rules to COUNT. Therefore, requests that match an * ExcludedRule are counted but not blocked. The RuleGroup owner will receive * COUNT metrics for each ExcludedRule. *

*

* If you want to exclude rules from a rule group that is already associated with a web ACL, perform the * following steps: *

*
    *
  1. *

    * Use the AWS WAF logs to identify the IDs of the rules that you want to exclude. For more information * about the logs, see Logging * Web ACL Traffic Information. *

    *
  2. *
  3. *

    * Submit an UpdateWebACL request that has two actions: *

    *
      *
    • *

      * The first action deletes the existing rule group from the web ACL. That is, in the UpdateWebACL * request, the first Updates:Action should be DELETE and * Updates:ActivatedRule:RuleId should be the rule group that contains the rules that you want * to exclude. *

      *
    • *
    • *

      * The second action inserts the same rule group back in, but specifying the rules to exclude. That is, the * second Updates:Action should be INSERT, * Updates:ActivatedRule:RuleId should be the rule group that you just removed, and * ExcludedRules should contain the rules that you want to exclude. *

      *
    • *
    *
  4. */ public java.util.List getExcludedRules() { return excludedRules; } /** *

    * An array of rules to exclude from a rule group. This is applicable only when the ActivatedRule * refers to a RuleGroup. *

    *

    * Sometimes it is necessary to troubleshoot rule groups that are blocking traffic unexpectedly (false positives). * One troubleshooting technique is to identify the specific rule within the rule group that is blocking the * legitimate traffic and then disable (exclude) that particular rule. You can exclude rules from both your own rule * groups and AWS Marketplace rule groups that have been associated with a web ACL. *

    *

    * Specifying ExcludedRules does not remove those rules from the rule group. Rather, it changes the * action for the rules to COUNT. Therefore, requests that match an ExcludedRule are * counted but not blocked. The RuleGroup owner will receive COUNT metrics for each * ExcludedRule. *

    *

    * If you want to exclude rules from a rule group that is already associated with a web ACL, perform the following * steps: *

    *
      *
    1. *

      * Use the AWS WAF logs to identify the IDs of the rules that you want to exclude. For more information about the * logs, see Logging Web ACL Traffic * Information. *

      *
    2. *
    3. *

      * Submit an UpdateWebACL request that has two actions: *

      *
        *
      • *

        * The first action deletes the existing rule group from the web ACL. That is, in the UpdateWebACL request, * the first Updates:Action should be DELETE and Updates:ActivatedRule:RuleId * should be the rule group that contains the rules that you want to exclude. *

        *
      • *
      • *

        * The second action inserts the same rule group back in, but specifying the rules to exclude. That is, the second * Updates:Action should be INSERT, Updates:ActivatedRule:RuleId should be * the rule group that you just removed, and ExcludedRules should contain the rules that you want to * exclude. *

        *
      • *
      *
    4. *
    * * @param excludedRules * An array of rules to exclude from a rule group. This is applicable only when the * ActivatedRule refers to a RuleGroup.

    *

    * Sometimes it is necessary to troubleshoot rule groups that are blocking traffic unexpectedly (false * positives). One troubleshooting technique is to identify the specific rule within the rule group that is * blocking the legitimate traffic and then disable (exclude) that particular rule. You can exclude rules * from both your own rule groups and AWS Marketplace rule groups that have been associated with a web ACL. *

    *

    * Specifying ExcludedRules does not remove those rules from the rule group. Rather, it changes * the action for the rules to COUNT. Therefore, requests that match an * ExcludedRule are counted but not blocked. The RuleGroup owner will receive COUNT * metrics for each ExcludedRule. *

    *

    * If you want to exclude rules from a rule group that is already associated with a web ACL, perform the * following steps: *

    *
      *
    1. *

      * Use the AWS WAF logs to identify the IDs of the rules that you want to exclude. For more information about * the logs, see Logging Web ACL * Traffic Information. *

      *
    2. *
    3. *

      * Submit an UpdateWebACL request that has two actions: *

      *
        *
      • *

        * The first action deletes the existing rule group from the web ACL. That is, in the UpdateWebACL * request, the first Updates:Action should be DELETE and * Updates:ActivatedRule:RuleId should be the rule group that contains the rules that you want * to exclude. *

        *
      • *
      • *

        * The second action inserts the same rule group back in, but specifying the rules to exclude. That is, the * second Updates:Action should be INSERT, * Updates:ActivatedRule:RuleId should be the rule group that you just removed, and * ExcludedRules should contain the rules that you want to exclude. *

        *
      • *
      *
    4. */ public void setExcludedRules(java.util.Collection excludedRules) { if (excludedRules == null) { this.excludedRules = null; return; } this.excludedRules = new java.util.ArrayList(excludedRules); } /** *

      * An array of rules to exclude from a rule group. This is applicable only when the ActivatedRule * refers to a RuleGroup. *

      *

      * Sometimes it is necessary to troubleshoot rule groups that are blocking traffic unexpectedly (false positives). * One troubleshooting technique is to identify the specific rule within the rule group that is blocking the * legitimate traffic and then disable (exclude) that particular rule. You can exclude rules from both your own rule * groups and AWS Marketplace rule groups that have been associated with a web ACL. *

      *

      * Specifying ExcludedRules does not remove those rules from the rule group. Rather, it changes the * action for the rules to COUNT. Therefore, requests that match an ExcludedRule are * counted but not blocked. The RuleGroup owner will receive COUNT metrics for each * ExcludedRule. *

      *

      * If you want to exclude rules from a rule group that is already associated with a web ACL, perform the following * steps: *

      *
        *
      1. *

        * Use the AWS WAF logs to identify the IDs of the rules that you want to exclude. For more information about the * logs, see Logging Web ACL Traffic * Information. *

        *
      2. *
      3. *

        * Submit an UpdateWebACL request that has two actions: *

        *
          *
        • *

          * The first action deletes the existing rule group from the web ACL. That is, in the UpdateWebACL request, * the first Updates:Action should be DELETE and Updates:ActivatedRule:RuleId * should be the rule group that contains the rules that you want to exclude. *

          *
        • *
        • *

          * The second action inserts the same rule group back in, but specifying the rules to exclude. That is, the second * Updates:Action should be INSERT, Updates:ActivatedRule:RuleId should be * the rule group that you just removed, and ExcludedRules should contain the rules that you want to * exclude. *

          *
        • *
        *
      4. *
      *

      * NOTE: This method appends the values to the existing list (if any). Use * {@link #setExcludedRules(java.util.Collection)} or {@link #withExcludedRules(java.util.Collection)} if you want * to override the existing values. *

      * * @param excludedRules * An array of rules to exclude from a rule group. This is applicable only when the * ActivatedRule refers to a RuleGroup.

      *

      * Sometimes it is necessary to troubleshoot rule groups that are blocking traffic unexpectedly (false * positives). One troubleshooting technique is to identify the specific rule within the rule group that is * blocking the legitimate traffic and then disable (exclude) that particular rule. You can exclude rules * from both your own rule groups and AWS Marketplace rule groups that have been associated with a web ACL. *

      *

      * Specifying ExcludedRules does not remove those rules from the rule group. Rather, it changes * the action for the rules to COUNT. Therefore, requests that match an * ExcludedRule are counted but not blocked. The RuleGroup owner will receive COUNT * metrics for each ExcludedRule. *

      *

      * If you want to exclude rules from a rule group that is already associated with a web ACL, perform the * following steps: *

      *
        *
      1. *

        * Use the AWS WAF logs to identify the IDs of the rules that you want to exclude. For more information about * the logs, see Logging Web ACL * Traffic Information. *

        *
      2. *
      3. *

        * Submit an UpdateWebACL request that has two actions: *

        *
          *
        • *

          * The first action deletes the existing rule group from the web ACL. That is, in the UpdateWebACL * request, the first Updates:Action should be DELETE and * Updates:ActivatedRule:RuleId should be the rule group that contains the rules that you want * to exclude. *

          *
        • *
        • *

          * The second action inserts the same rule group back in, but specifying the rules to exclude. That is, the * second Updates:Action should be INSERT, * Updates:ActivatedRule:RuleId should be the rule group that you just removed, and * ExcludedRules should contain the rules that you want to exclude. *

          *
        • *
        *
      4. * @return Returns a reference to this object so that method calls can be chained together. */ public ActivatedRule withExcludedRules(ExcludedRule... excludedRules) { if (this.excludedRules == null) { setExcludedRules(new java.util.ArrayList(excludedRules.length)); } for (ExcludedRule ele : excludedRules) { this.excludedRules.add(ele); } return this; } /** *

        * An array of rules to exclude from a rule group. This is applicable only when the ActivatedRule * refers to a RuleGroup. *

        *

        * Sometimes it is necessary to troubleshoot rule groups that are blocking traffic unexpectedly (false positives). * One troubleshooting technique is to identify the specific rule within the rule group that is blocking the * legitimate traffic and then disable (exclude) that particular rule. You can exclude rules from both your own rule * groups and AWS Marketplace rule groups that have been associated with a web ACL. *

        *

        * Specifying ExcludedRules does not remove those rules from the rule group. Rather, it changes the * action for the rules to COUNT. Therefore, requests that match an ExcludedRule are * counted but not blocked. The RuleGroup owner will receive COUNT metrics for each * ExcludedRule. *

        *

        * If you want to exclude rules from a rule group that is already associated with a web ACL, perform the following * steps: *

        *
          *
        1. *

          * Use the AWS WAF logs to identify the IDs of the rules that you want to exclude. For more information about the * logs, see Logging Web ACL Traffic * Information. *

          *
        2. *
        3. *

          * Submit an UpdateWebACL request that has two actions: *

          *
            *
          • *

            * The first action deletes the existing rule group from the web ACL. That is, in the UpdateWebACL request, * the first Updates:Action should be DELETE and Updates:ActivatedRule:RuleId * should be the rule group that contains the rules that you want to exclude. *

            *
          • *
          • *

            * The second action inserts the same rule group back in, but specifying the rules to exclude. That is, the second * Updates:Action should be INSERT, Updates:ActivatedRule:RuleId should be * the rule group that you just removed, and ExcludedRules should contain the rules that you want to * exclude. *

            *
          • *
          *
        4. *
        * * @param excludedRules * An array of rules to exclude from a rule group. This is applicable only when the * ActivatedRule refers to a RuleGroup.

        *

        * Sometimes it is necessary to troubleshoot rule groups that are blocking traffic unexpectedly (false * positives). One troubleshooting technique is to identify the specific rule within the rule group that is * blocking the legitimate traffic and then disable (exclude) that particular rule. You can exclude rules * from both your own rule groups and AWS Marketplace rule groups that have been associated with a web ACL. *

        *

        * Specifying ExcludedRules does not remove those rules from the rule group. Rather, it changes * the action for the rules to COUNT. Therefore, requests that match an * ExcludedRule are counted but not blocked. The RuleGroup owner will receive COUNT * metrics for each ExcludedRule. *

        *

        * If you want to exclude rules from a rule group that is already associated with a web ACL, perform the * following steps: *

        *
          *
        1. *

          * Use the AWS WAF logs to identify the IDs of the rules that you want to exclude. For more information about * the logs, see Logging Web ACL * Traffic Information. *

          *
        2. *
        3. *

          * Submit an UpdateWebACL request that has two actions: *

          *
            *
          • *

            * The first action deletes the existing rule group from the web ACL. That is, in the UpdateWebACL * request, the first Updates:Action should be DELETE and * Updates:ActivatedRule:RuleId should be the rule group that contains the rules that you want * to exclude. *

            *
          • *
          • *

            * The second action inserts the same rule group back in, but specifying the rules to exclude. That is, the * second Updates:Action should be INSERT, * Updates:ActivatedRule:RuleId should be the rule group that you just removed, and * ExcludedRules should contain the rules that you want to exclude. *

            *
          • *
          *
        4. * @return Returns a reference to this object so that method calls can be chained together. */ public ActivatedRule withExcludedRules(java.util.Collection excludedRules) { setExcludedRules(excludedRules); return this; } /** * Returns a string representation of this object. This is useful for testing and debugging. Sensitive data will be * redacted from this string using a placeholder value. * * @return A string representation of this object. * * @see java.lang.Object#toString() */ @Override public String toString() { StringBuilder sb = new StringBuilder(); sb.append("{"); if (getPriority() != null) sb.append("Priority: ").append(getPriority()).append(","); if (getRuleId() != null) sb.append("RuleId: ").append(getRuleId()).append(","); if (getAction() != null) sb.append("Action: ").append(getAction()).append(","); if (getOverrideAction() != null) sb.append("OverrideAction: ").append(getOverrideAction()).append(","); if (getType() != null) sb.append("Type: ").append(getType()).append(","); if (getExcludedRules() != null) sb.append("ExcludedRules: ").append(getExcludedRules()); sb.append("}"); return sb.toString(); } @Override public boolean equals(Object obj) { if (this == obj) return true; if (obj == null) return false; if (obj instanceof ActivatedRule == false) return false; ActivatedRule other = (ActivatedRule) obj; if (other.getPriority() == null ^ this.getPriority() == null) return false; if (other.getPriority() != null && other.getPriority().equals(this.getPriority()) == false) return false; if (other.getRuleId() == null ^ this.getRuleId() == null) return false; if (other.getRuleId() != null && other.getRuleId().equals(this.getRuleId()) == false) return false; if (other.getAction() == null ^ this.getAction() == null) return false; if (other.getAction() != null && other.getAction().equals(this.getAction()) == false) return false; if (other.getOverrideAction() == null ^ this.getOverrideAction() == null) return false; if (other.getOverrideAction() != null && other.getOverrideAction().equals(this.getOverrideAction()) == false) return false; if (other.getType() == null ^ this.getType() == null) return false; if (other.getType() != null && other.getType().equals(this.getType()) == false) return false; if (other.getExcludedRules() == null ^ this.getExcludedRules() == null) return false; if (other.getExcludedRules() != null && other.getExcludedRules().equals(this.getExcludedRules()) == false) return false; return true; } @Override public int hashCode() { final int prime = 31; int hashCode = 1; hashCode = prime * hashCode + ((getPriority() == null) ? 0 : getPriority().hashCode()); hashCode = prime * hashCode + ((getRuleId() == null) ? 0 : getRuleId().hashCode()); hashCode = prime * hashCode + ((getAction() == null) ? 0 : getAction().hashCode()); hashCode = prime * hashCode + ((getOverrideAction() == null) ? 0 : getOverrideAction().hashCode()); hashCode = prime * hashCode + ((getType() == null) ? 0 : getType().hashCode()); hashCode = prime * hashCode + ((getExcludedRules() == null) ? 0 : getExcludedRules().hashCode()); return hashCode; } @Override public ActivatedRule clone() { try { return (ActivatedRule) super.clone(); } catch (CloneNotSupportedException e) { throw new IllegalStateException("Got a CloneNotSupportedException from Object.clone() " + "even though we're Cloneable!", e); } } @com.amazonaws.annotation.SdkInternalApi @Override public void marshall(ProtocolMarshaller protocolMarshaller) { com.amazonaws.services.waf.model.waf_regional.transform.ActivatedRuleMarshaller.getInstance().marshall(this, protocolMarshaller); } }




© 2015 - 2025 Weber Informatics LLC | Privacy Policy