com.amazonaws.services.waf.model.ActivatedRule Maven / Gradle / Ivy
Show all versions of aws-java-sdk-waf Show documentation
/*
* Copyright 2019-2024 Amazon.com, Inc. or its affiliates. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the "License"). You may not use this file except in compliance with
* the License. A copy of the License is located at
*
* http://aws.amazon.com/apache2.0
*
* or in the "license" file accompanying this file. This file is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR
* CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions
* and limitations under the License.
*/
package com.amazonaws.services.waf.model;
import java.io.Serializable;
import javax.annotation.Generated;
import com.amazonaws.protocol.StructuredPojo;
import com.amazonaws.protocol.ProtocolMarshaller;
/**
*
*
* This is AWS WAF Classic documentation. For more information, see AWS WAF Classic in the
* developer guide.
*
*
* For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS WAF Developer Guide. With the
* latest version, AWS WAF has a single set of endpoints for regional and global use.
*
*
*
* The ActivatedRule object in an UpdateWebACL request specifies a Rule that you want
* to insert or delete, the priority of the Rule in the WebACL, and the action that you want
* AWS WAF to take when a web request matches the Rule (ALLOW, BLOCK, or
* COUNT).
*
*
* To specify whether to insert or delete a Rule, use the Action parameter in the
* WebACLUpdate data type.
*
*
* @see AWS API
* Documentation
*/
@Generated("com.amazonaws:aws-java-sdk-code-generator")
public class ActivatedRule implements Serializable, Cloneable, StructuredPojo {
/**
*
* Specifies the order in which the Rules in a WebACL are evaluated. Rules with a lower
* value for Priority are evaluated before Rules with a higher value. The value must be a
* unique integer. If you add multiple Rules to a WebACL, the values don't need to be
* consecutive.
*
*/
private Integer priority;
/**
*
* The RuleId for a Rule. You use RuleId to get more information about a
* Rule (see GetRule), update a Rule (see UpdateRule), insert a
* Rule into a WebACL or delete a one from a WebACL (see
* UpdateWebACL), or delete a Rule from AWS WAF (see DeleteRule).
*
*
* RuleId is returned by CreateRule and by ListRules.
*
*/
private String ruleId;
/**
*
* Specifies the action that CloudFront or AWS WAF takes when a web request matches the conditions in the
* Rule. Valid values for Action include the following:
*
*
* -
*
* ALLOW: CloudFront responds with the requested object.
*
*
* -
*
* BLOCK: CloudFront responds with an HTTP 403 (Forbidden) status code.
*
*
* -
*
* COUNT: AWS WAF increments a counter of requests that match the conditions in the rule and then
* continues to inspect the web request based on the remaining rules in the web ACL.
*
*
*
*
* ActivatedRule|OverrideAction applies only when updating or adding a RuleGroup to a
* WebACL. In this case, you do not use ActivatedRule|Action. For all other update
* requests, ActivatedRule|Action is used instead of ActivatedRule|OverrideAction.
*
*/
private WafAction action;
/**
*
* Use the OverrideAction to test your RuleGroup.
*
*
* Any rule in a RuleGroup can potentially block a request. If you set the OverrideAction
* to None, the RuleGroup will block a request if any individual rule in the
* RuleGroup matches the request and is configured to block that request. However if you first want to
* test the RuleGroup, set the OverrideAction to Count. The
* RuleGroup will then override any block action specified by individual rules contained within the
* group. Instead of blocking matching requests, those requests will be counted. You can view a record of counted
* requests using GetSampledRequests.
*
*
* ActivatedRule|OverrideAction applies only when updating or adding a RuleGroup to a
* WebACL. In this case you do not use ActivatedRule|Action. For all other update
* requests, ActivatedRule|Action is used instead of ActivatedRule|OverrideAction.
*
*/
private WafOverrideAction overrideAction;
/**
*
* The rule type, either REGULAR, as defined by Rule, RATE_BASED, as defined by
* RateBasedRule, or GROUP, as defined by RuleGroup. The default is REGULAR. Although
* this field is optional, be aware that if you try to add a RATE_BASED rule to a web ACL without setting the type,
* the UpdateWebACL request will fail because the request tries to add a REGULAR rule with the specified ID,
* which does not exist.
*
*/
private String type;
/**
*
* An array of rules to exclude from a rule group. This is applicable only when the ActivatedRule
* refers to a RuleGroup.
*
*
* Sometimes it is necessary to troubleshoot rule groups that are blocking traffic unexpectedly (false positives).
* One troubleshooting technique is to identify the specific rule within the rule group that is blocking the
* legitimate traffic and then disable (exclude) that particular rule. You can exclude rules from both your own rule
* groups and AWS Marketplace rule groups that have been associated with a web ACL.
*
*
* Specifying ExcludedRules does not remove those rules from the rule group. Rather, it changes the
* action for the rules to COUNT. Therefore, requests that match an ExcludedRule are
* counted but not blocked. The RuleGroup owner will receive COUNT metrics for each
* ExcludedRule.
*
*
* If you want to exclude rules from a rule group that is already associated with a web ACL, perform the following
* steps:
*
*
* -
*
* Use the AWS WAF logs to identify the IDs of the rules that you want to exclude. For more information about the
* logs, see Logging Web ACL Traffic
* Information.
*
*
* -
*
* Submit an UpdateWebACL request that has two actions:
*
*
* -
*
* The first action deletes the existing rule group from the web ACL. That is, in the UpdateWebACL request,
* the first Updates:Action should be DELETE and Updates:ActivatedRule:RuleId
* should be the rule group that contains the rules that you want to exclude.
*
*
* -
*
* The second action inserts the same rule group back in, but specifying the rules to exclude. That is, the second
* Updates:Action should be INSERT, Updates:ActivatedRule:RuleId should be
* the rule group that you just removed, and ExcludedRules should contain the rules that you want to
* exclude.
*
*
*
*
*
*/
private java.util.List excludedRules;
/**
*
* Specifies the order in which the Rules in a WebACL are evaluated. Rules with a lower
* value for Priority are evaluated before Rules with a higher value. The value must be a
* unique integer. If you add multiple Rules to a WebACL, the values don't need to be
* consecutive.
*
*
* @param priority
* Specifies the order in which the Rules in a WebACL are evaluated. Rules with a
* lower value for Priority are evaluated before Rules with a higher value. The
* value must be a unique integer. If you add multiple Rules to a WebACL, the
* values don't need to be consecutive.
*/
public void setPriority(Integer priority) {
this.priority = priority;
}
/**
*
* Specifies the order in which the Rules in a WebACL are evaluated. Rules with a lower
* value for Priority are evaluated before Rules with a higher value. The value must be a
* unique integer. If you add multiple Rules to a WebACL, the values don't need to be
* consecutive.
*
*
* @return Specifies the order in which the Rules in a WebACL are evaluated. Rules with a
* lower value for Priority are evaluated before Rules with a higher value. The
* value must be a unique integer. If you add multiple Rules to a WebACL, the
* values don't need to be consecutive.
*/
public Integer getPriority() {
return this.priority;
}
/**
*
* Specifies the order in which the Rules in a WebACL are evaluated. Rules with a lower
* value for Priority are evaluated before Rules with a higher value. The value must be a
* unique integer. If you add multiple Rules to a WebACL, the values don't need to be
* consecutive.
*
*
* @param priority
* Specifies the order in which the Rules in a WebACL are evaluated. Rules with a
* lower value for Priority are evaluated before Rules with a higher value. The
* value must be a unique integer. If you add multiple Rules to a WebACL, the
* values don't need to be consecutive.
* @return Returns a reference to this object so that method calls can be chained together.
*/
public ActivatedRule withPriority(Integer priority) {
setPriority(priority);
return this;
}
/**
*
* The RuleId for a Rule. You use RuleId to get more information about a
* Rule (see GetRule), update a Rule (see UpdateRule), insert a
* Rule into a WebACL or delete a one from a WebACL (see
* UpdateWebACL), or delete a Rule from AWS WAF (see DeleteRule).
*
*
* RuleId is returned by CreateRule and by ListRules.
*
*
* @param ruleId
* The RuleId for a Rule. You use RuleId to get more information about
* a Rule (see GetRule), update a Rule (see UpdateRule), insert a
* Rule into a WebACL or delete a one from a WebACL (see
* UpdateWebACL), or delete a Rule from AWS WAF (see DeleteRule).
*
* RuleId is returned by CreateRule and by ListRules.
*/
public void setRuleId(String ruleId) {
this.ruleId = ruleId;
}
/**
*
* The RuleId for a Rule. You use RuleId to get more information about a
* Rule (see GetRule), update a Rule (see UpdateRule), insert a
* Rule into a WebACL or delete a one from a WebACL (see
* UpdateWebACL), or delete a Rule from AWS WAF (see DeleteRule).
*
*
* RuleId is returned by CreateRule and by ListRules.
*
*
* @return The RuleId for a Rule. You use RuleId to get more information
* about a Rule (see GetRule), update a Rule (see UpdateRule),
* insert a Rule into a WebACL or delete a one from a WebACL (see
* UpdateWebACL), or delete a Rule from AWS WAF (see DeleteRule).
*
* RuleId is returned by CreateRule and by ListRules.
*/
public String getRuleId() {
return this.ruleId;
}
/**
*
* The RuleId for a Rule. You use RuleId to get more information about a
* Rule (see GetRule), update a Rule (see UpdateRule), insert a
* Rule into a WebACL or delete a one from a WebACL (see
* UpdateWebACL), or delete a Rule from AWS WAF (see DeleteRule).
*
*
* RuleId is returned by CreateRule and by ListRules.
*
*
* @param ruleId
* The RuleId for a Rule. You use RuleId to get more information about
* a Rule (see GetRule), update a Rule (see UpdateRule), insert a
* Rule into a WebACL or delete a one from a WebACL (see
* UpdateWebACL), or delete a Rule from AWS WAF (see DeleteRule).
*
* RuleId is returned by CreateRule and by ListRules.
* @return Returns a reference to this object so that method calls can be chained together.
*/
public ActivatedRule withRuleId(String ruleId) {
setRuleId(ruleId);
return this;
}
/**
*
* Specifies the action that CloudFront or AWS WAF takes when a web request matches the conditions in the
* Rule. Valid values for Action include the following:
*
*
* -
*
* ALLOW: CloudFront responds with the requested object.
*
*
* -
*
* BLOCK: CloudFront responds with an HTTP 403 (Forbidden) status code.
*
*
* -
*
* COUNT: AWS WAF increments a counter of requests that match the conditions in the rule and then
* continues to inspect the web request based on the remaining rules in the web ACL.
*
*
*
*
* ActivatedRule|OverrideAction applies only when updating or adding a RuleGroup to a
* WebACL. In this case, you do not use ActivatedRule|Action. For all other update
* requests, ActivatedRule|Action is used instead of ActivatedRule|OverrideAction.
*
*
* @param action
* Specifies the action that CloudFront or AWS WAF takes when a web request matches the conditions in the
* Rule. Valid values for Action include the following:
*
* -
*
* ALLOW: CloudFront responds with the requested object.
*
*
* -
*
* BLOCK: CloudFront responds with an HTTP 403 (Forbidden) status code.
*
*
* -
*
* COUNT: AWS WAF increments a counter of requests that match the conditions in the rule and
* then continues to inspect the web request based on the remaining rules in the web ACL.
*
*
*
*
* ActivatedRule|OverrideAction applies only when updating or adding a RuleGroup to
* a WebACL. In this case, you do not use ActivatedRule|Action. For all other
* update requests, ActivatedRule|Action is used instead of
* ActivatedRule|OverrideAction.
*/
public void setAction(WafAction action) {
this.action = action;
}
/**
*
* Specifies the action that CloudFront or AWS WAF takes when a web request matches the conditions in the
* Rule. Valid values for Action include the following:
*
*
* -
*
* ALLOW: CloudFront responds with the requested object.
*
*
* -
*
* BLOCK: CloudFront responds with an HTTP 403 (Forbidden) status code.
*
*
* -
*
* COUNT: AWS WAF increments a counter of requests that match the conditions in the rule and then
* continues to inspect the web request based on the remaining rules in the web ACL.
*
*
*
*
* ActivatedRule|OverrideAction applies only when updating or adding a RuleGroup to a
* WebACL. In this case, you do not use ActivatedRule|Action. For all other update
* requests, ActivatedRule|Action is used instead of ActivatedRule|OverrideAction.
*
*
* @return Specifies the action that CloudFront or AWS WAF takes when a web request matches the conditions in the
* Rule. Valid values for Action include the following:
*
* -
*
* ALLOW: CloudFront responds with the requested object.
*
*
* -
*
* BLOCK: CloudFront responds with an HTTP 403 (Forbidden) status code.
*
*
* -
*
* COUNT: AWS WAF increments a counter of requests that match the conditions in the rule and
* then continues to inspect the web request based on the remaining rules in the web ACL.
*
*
*
*
* ActivatedRule|OverrideAction applies only when updating or adding a RuleGroup
* to a WebACL. In this case, you do not use ActivatedRule|Action. For all other
* update requests, ActivatedRule|Action is used instead of
* ActivatedRule|OverrideAction.
*/
public WafAction getAction() {
return this.action;
}
/**
*
* Specifies the action that CloudFront or AWS WAF takes when a web request matches the conditions in the
* Rule. Valid values for Action include the following:
*
*
* -
*
* ALLOW: CloudFront responds with the requested object.
*
*
* -
*
* BLOCK: CloudFront responds with an HTTP 403 (Forbidden) status code.
*
*
* -
*
* COUNT: AWS WAF increments a counter of requests that match the conditions in the rule and then
* continues to inspect the web request based on the remaining rules in the web ACL.
*
*
*
*
* ActivatedRule|OverrideAction applies only when updating or adding a RuleGroup to a
* WebACL. In this case, you do not use ActivatedRule|Action. For all other update
* requests, ActivatedRule|Action is used instead of ActivatedRule|OverrideAction.
*
*
* @param action
* Specifies the action that CloudFront or AWS WAF takes when a web request matches the conditions in the
* Rule. Valid values for Action include the following:
*
* -
*
* ALLOW: CloudFront responds with the requested object.
*
*
* -
*
* BLOCK: CloudFront responds with an HTTP 403 (Forbidden) status code.
*
*
* -
*
* COUNT: AWS WAF increments a counter of requests that match the conditions in the rule and
* then continues to inspect the web request based on the remaining rules in the web ACL.
*
*
*
*
* ActivatedRule|OverrideAction applies only when updating or adding a RuleGroup to
* a WebACL. In this case, you do not use ActivatedRule|Action. For all other
* update requests, ActivatedRule|Action is used instead of
* ActivatedRule|OverrideAction.
* @return Returns a reference to this object so that method calls can be chained together.
*/
public ActivatedRule withAction(WafAction action) {
setAction(action);
return this;
}
/**
*
* Use the OverrideAction to test your RuleGroup.
*
*
* Any rule in a RuleGroup can potentially block a request. If you set the OverrideAction
* to None, the RuleGroup will block a request if any individual rule in the
* RuleGroup matches the request and is configured to block that request. However if you first want to
* test the RuleGroup, set the OverrideAction to Count. The
* RuleGroup will then override any block action specified by individual rules contained within the
* group. Instead of blocking matching requests, those requests will be counted. You can view a record of counted
* requests using GetSampledRequests.
*
*
* ActivatedRule|OverrideAction applies only when updating or adding a RuleGroup to a
* WebACL. In this case you do not use ActivatedRule|Action. For all other update
* requests, ActivatedRule|Action is used instead of ActivatedRule|OverrideAction.
*
*
* @param overrideAction
* Use the OverrideAction to test your RuleGroup.
*
* Any rule in a RuleGroup can potentially block a request. If you set the
* OverrideAction to None, the RuleGroup will block a request if any
* individual rule in the RuleGroup matches the request and is configured to block that request.
* However if you first want to test the RuleGroup, set the OverrideAction to
* Count. The RuleGroup will then override any block action specified by individual
* rules contained within the group. Instead of blocking matching requests, those requests will be counted.
* You can view a record of counted requests using GetSampledRequests.
*
*
* ActivatedRule|OverrideAction applies only when updating or adding a RuleGroup to
* a WebACL. In this case you do not use ActivatedRule|Action. For all other update
* requests, ActivatedRule|Action is used instead of ActivatedRule|OverrideAction.
*/
public void setOverrideAction(WafOverrideAction overrideAction) {
this.overrideAction = overrideAction;
}
/**
*
* Use the OverrideAction to test your RuleGroup.
*
*
* Any rule in a RuleGroup can potentially block a request. If you set the OverrideAction
* to None, the RuleGroup will block a request if any individual rule in the
* RuleGroup matches the request and is configured to block that request. However if you first want to
* test the RuleGroup, set the OverrideAction to Count. The
* RuleGroup will then override any block action specified by individual rules contained within the
* group. Instead of blocking matching requests, those requests will be counted. You can view a record of counted
* requests using GetSampledRequests.
*
*
* ActivatedRule|OverrideAction applies only when updating or adding a RuleGroup to a
* WebACL. In this case you do not use ActivatedRule|Action. For all other update
* requests, ActivatedRule|Action is used instead of ActivatedRule|OverrideAction.
*
*
* @return Use the OverrideAction to test your RuleGroup.
*
* Any rule in a RuleGroup can potentially block a request. If you set the
* OverrideAction to None, the RuleGroup will block a request if any
* individual rule in the RuleGroup matches the request and is configured to block that
* request. However if you first want to test the RuleGroup, set the
* OverrideAction to Count. The RuleGroup will then override any
* block action specified by individual rules contained within the group. Instead of blocking matching
* requests, those requests will be counted. You can view a record of counted requests using
* GetSampledRequests.
*
*
* ActivatedRule|OverrideAction applies only when updating or adding a RuleGroup
* to a WebACL. In this case you do not use ActivatedRule|Action. For all other
* update requests, ActivatedRule|Action is used instead of
* ActivatedRule|OverrideAction.
*/
public WafOverrideAction getOverrideAction() {
return this.overrideAction;
}
/**
*
* Use the OverrideAction to test your RuleGroup.
*
*
* Any rule in a RuleGroup can potentially block a request. If you set the OverrideAction
* to None, the RuleGroup will block a request if any individual rule in the
* RuleGroup matches the request and is configured to block that request. However if you first want to
* test the RuleGroup, set the OverrideAction to Count. The
* RuleGroup will then override any block action specified by individual rules contained within the
* group. Instead of blocking matching requests, those requests will be counted. You can view a record of counted
* requests using GetSampledRequests.
*
*
* ActivatedRule|OverrideAction applies only when updating or adding a RuleGroup to a
* WebACL. In this case you do not use ActivatedRule|Action. For all other update
* requests, ActivatedRule|Action is used instead of ActivatedRule|OverrideAction.
*
*
* @param overrideAction
* Use the OverrideAction to test your RuleGroup.
*
* Any rule in a RuleGroup can potentially block a request. If you set the
* OverrideAction to None, the RuleGroup will block a request if any
* individual rule in the RuleGroup matches the request and is configured to block that request.
* However if you first want to test the RuleGroup, set the OverrideAction to
* Count. The RuleGroup will then override any block action specified by individual
* rules contained within the group. Instead of blocking matching requests, those requests will be counted.
* You can view a record of counted requests using GetSampledRequests.
*
*
* ActivatedRule|OverrideAction applies only when updating or adding a RuleGroup to
* a WebACL. In this case you do not use ActivatedRule|Action. For all other update
* requests, ActivatedRule|Action is used instead of ActivatedRule|OverrideAction.
* @return Returns a reference to this object so that method calls can be chained together.
*/
public ActivatedRule withOverrideAction(WafOverrideAction overrideAction) {
setOverrideAction(overrideAction);
return this;
}
/**
*
* The rule type, either REGULAR, as defined by Rule, RATE_BASED, as defined by
* RateBasedRule, or GROUP, as defined by RuleGroup. The default is REGULAR. Although
* this field is optional, be aware that if you try to add a RATE_BASED rule to a web ACL without setting the type,
* the UpdateWebACL request will fail because the request tries to add a REGULAR rule with the specified ID,
* which does not exist.
*
*
* @param type
* The rule type, either REGULAR, as defined by Rule, RATE_BASED, as defined
* by RateBasedRule, or GROUP, as defined by RuleGroup. The default is REGULAR.
* Although this field is optional, be aware that if you try to add a RATE_BASED rule to a web ACL without
* setting the type, the UpdateWebACL request will fail because the request tries to add a REGULAR
* rule with the specified ID, which does not exist.
* @see WafRuleType
*/
public void setType(String type) {
this.type = type;
}
/**
*
* The rule type, either REGULAR, as defined by Rule, RATE_BASED, as defined by
* RateBasedRule, or GROUP, as defined by RuleGroup. The default is REGULAR. Although
* this field is optional, be aware that if you try to add a RATE_BASED rule to a web ACL without setting the type,
* the UpdateWebACL request will fail because the request tries to add a REGULAR rule with the specified ID,
* which does not exist.
*
*
* @return The rule type, either REGULAR, as defined by Rule, RATE_BASED, as
* defined by RateBasedRule, or GROUP, as defined by RuleGroup. The default is
* REGULAR. Although this field is optional, be aware that if you try to add a RATE_BASED rule to a web ACL
* without setting the type, the UpdateWebACL request will fail because the request tries to add a
* REGULAR rule with the specified ID, which does not exist.
* @see WafRuleType
*/
public String getType() {
return this.type;
}
/**
*
* The rule type, either REGULAR, as defined by Rule, RATE_BASED, as defined by
* RateBasedRule, or GROUP, as defined by RuleGroup. The default is REGULAR. Although
* this field is optional, be aware that if you try to add a RATE_BASED rule to a web ACL without setting the type,
* the UpdateWebACL request will fail because the request tries to add a REGULAR rule with the specified ID,
* which does not exist.
*
*
* @param type
* The rule type, either REGULAR, as defined by Rule, RATE_BASED, as defined
* by RateBasedRule, or GROUP, as defined by RuleGroup. The default is REGULAR.
* Although this field is optional, be aware that if you try to add a RATE_BASED rule to a web ACL without
* setting the type, the UpdateWebACL request will fail because the request tries to add a REGULAR
* rule with the specified ID, which does not exist.
* @return Returns a reference to this object so that method calls can be chained together.
* @see WafRuleType
*/
public ActivatedRule withType(String type) {
setType(type);
return this;
}
/**
*
* The rule type, either REGULAR, as defined by Rule, RATE_BASED, as defined by
* RateBasedRule, or GROUP, as defined by RuleGroup. The default is REGULAR. Although
* this field is optional, be aware that if you try to add a RATE_BASED rule to a web ACL without setting the type,
* the UpdateWebACL request will fail because the request tries to add a REGULAR rule with the specified ID,
* which does not exist.
*
*
* @param type
* The rule type, either REGULAR, as defined by Rule, RATE_BASED, as defined
* by RateBasedRule, or GROUP, as defined by RuleGroup. The default is REGULAR.
* Although this field is optional, be aware that if you try to add a RATE_BASED rule to a web ACL without
* setting the type, the UpdateWebACL request will fail because the request tries to add a REGULAR
* rule with the specified ID, which does not exist.
* @see WafRuleType
*/
public void setType(WafRuleType type) {
withType(type);
}
/**
*
* The rule type, either REGULAR, as defined by Rule, RATE_BASED, as defined by
* RateBasedRule, or GROUP, as defined by RuleGroup. The default is REGULAR. Although
* this field is optional, be aware that if you try to add a RATE_BASED rule to a web ACL without setting the type,
* the UpdateWebACL request will fail because the request tries to add a REGULAR rule with the specified ID,
* which does not exist.
*
*
* @param type
* The rule type, either REGULAR, as defined by Rule, RATE_BASED, as defined
* by RateBasedRule, or GROUP, as defined by RuleGroup. The default is REGULAR.
* Although this field is optional, be aware that if you try to add a RATE_BASED rule to a web ACL without
* setting the type, the UpdateWebACL request will fail because the request tries to add a REGULAR
* rule with the specified ID, which does not exist.
* @return Returns a reference to this object so that method calls can be chained together.
* @see WafRuleType
*/
public ActivatedRule withType(WafRuleType type) {
this.type = type.toString();
return this;
}
/**
*
* An array of rules to exclude from a rule group. This is applicable only when the ActivatedRule
* refers to a RuleGroup.
*
*
* Sometimes it is necessary to troubleshoot rule groups that are blocking traffic unexpectedly (false positives).
* One troubleshooting technique is to identify the specific rule within the rule group that is blocking the
* legitimate traffic and then disable (exclude) that particular rule. You can exclude rules from both your own rule
* groups and AWS Marketplace rule groups that have been associated with a web ACL.
*
*
* Specifying ExcludedRules does not remove those rules from the rule group. Rather, it changes the
* action for the rules to COUNT. Therefore, requests that match an ExcludedRule are
* counted but not blocked. The RuleGroup owner will receive COUNT metrics for each
* ExcludedRule.
*
*
* If you want to exclude rules from a rule group that is already associated with a web ACL, perform the following
* steps:
*
*
* -
*
* Use the AWS WAF logs to identify the IDs of the rules that you want to exclude. For more information about the
* logs, see Logging Web ACL Traffic
* Information.
*
*
* -
*
* Submit an UpdateWebACL request that has two actions:
*
*
* -
*
* The first action deletes the existing rule group from the web ACL. That is, in the UpdateWebACL request,
* the first Updates:Action should be DELETE and Updates:ActivatedRule:RuleId
* should be the rule group that contains the rules that you want to exclude.
*
*
* -
*
* The second action inserts the same rule group back in, but specifying the rules to exclude. That is, the second
* Updates:Action should be INSERT, Updates:ActivatedRule:RuleId should be
* the rule group that you just removed, and ExcludedRules should contain the rules that you want to
* exclude.
*
*
*
*
*
*
* @return An array of rules to exclude from a rule group. This is applicable only when the
* ActivatedRule refers to a RuleGroup.
*
* Sometimes it is necessary to troubleshoot rule groups that are blocking traffic unexpectedly (false
* positives). One troubleshooting technique is to identify the specific rule within the rule group that is
* blocking the legitimate traffic and then disable (exclude) that particular rule. You can exclude rules
* from both your own rule groups and AWS Marketplace rule groups that have been associated with a web ACL.
*
*
* Specifying ExcludedRules does not remove those rules from the rule group. Rather, it changes
* the action for the rules to COUNT. Therefore, requests that match an
* ExcludedRule are counted but not blocked. The RuleGroup owner will receive
* COUNT metrics for each ExcludedRule.
*
*
* If you want to exclude rules from a rule group that is already associated with a web ACL, perform the
* following steps:
*
*
* -
*
* Use the AWS WAF logs to identify the IDs of the rules that you want to exclude. For more information
* about the logs, see Logging
* Web ACL Traffic Information.
*
*
* -
*
* Submit an UpdateWebACL request that has two actions:
*
*
* -
*
* The first action deletes the existing rule group from the web ACL. That is, in the UpdateWebACL
* request, the first Updates:Action should be DELETE and
* Updates:ActivatedRule:RuleId should be the rule group that contains the rules that you want
* to exclude.
*
*
* -
*
* The second action inserts the same rule group back in, but specifying the rules to exclude. That is, the
* second Updates:Action should be INSERT,
* Updates:ActivatedRule:RuleId should be the rule group that you just removed, and
* ExcludedRules should contain the rules that you want to exclude.
*
*
*
*
*/
public java.util.List getExcludedRules() {
return excludedRules;
}
/**
*
* An array of rules to exclude from a rule group. This is applicable only when the ActivatedRule
* refers to a RuleGroup.
*
*
* Sometimes it is necessary to troubleshoot rule groups that are blocking traffic unexpectedly (false positives).
* One troubleshooting technique is to identify the specific rule within the rule group that is blocking the
* legitimate traffic and then disable (exclude) that particular rule. You can exclude rules from both your own rule
* groups and AWS Marketplace rule groups that have been associated with a web ACL.
*
*
* Specifying ExcludedRules does not remove those rules from the rule group. Rather, it changes the
* action for the rules to COUNT. Therefore, requests that match an ExcludedRule are
* counted but not blocked. The RuleGroup owner will receive COUNT metrics for each
* ExcludedRule.
*
*
* If you want to exclude rules from a rule group that is already associated with a web ACL, perform the following
* steps:
*
*
* -
*
* Use the AWS WAF logs to identify the IDs of the rules that you want to exclude. For more information about the
* logs, see Logging Web ACL Traffic
* Information.
*
*
* -
*
* Submit an UpdateWebACL request that has two actions:
*
*
* -
*
* The first action deletes the existing rule group from the web ACL. That is, in the UpdateWebACL request,
* the first Updates:Action should be DELETE and Updates:ActivatedRule:RuleId
* should be the rule group that contains the rules that you want to exclude.
*
*
* -
*
* The second action inserts the same rule group back in, but specifying the rules to exclude. That is, the second
* Updates:Action should be INSERT, Updates:ActivatedRule:RuleId should be
* the rule group that you just removed, and ExcludedRules should contain the rules that you want to
* exclude.
*
*
*
*
*
*
* @param excludedRules
* An array of rules to exclude from a rule group. This is applicable only when the
* ActivatedRule refers to a RuleGroup.
*
* Sometimes it is necessary to troubleshoot rule groups that are blocking traffic unexpectedly (false
* positives). One troubleshooting technique is to identify the specific rule within the rule group that is
* blocking the legitimate traffic and then disable (exclude) that particular rule. You can exclude rules
* from both your own rule groups and AWS Marketplace rule groups that have been associated with a web ACL.
*
*
* Specifying ExcludedRules does not remove those rules from the rule group. Rather, it changes
* the action for the rules to COUNT. Therefore, requests that match an
* ExcludedRule are counted but not blocked. The RuleGroup owner will receive COUNT
* metrics for each ExcludedRule.
*
*
* If you want to exclude rules from a rule group that is already associated with a web ACL, perform the
* following steps:
*
*
* -
*
* Use the AWS WAF logs to identify the IDs of the rules that you want to exclude. For more information about
* the logs, see Logging Web ACL
* Traffic Information.
*
*
* -
*
* Submit an UpdateWebACL request that has two actions:
*
*
* -
*
* The first action deletes the existing rule group from the web ACL. That is, in the UpdateWebACL
* request, the first Updates:Action should be DELETE and
* Updates:ActivatedRule:RuleId should be the rule group that contains the rules that you want
* to exclude.
*
*
* -
*
* The second action inserts the same rule group back in, but specifying the rules to exclude. That is, the
* second Updates:Action should be INSERT,
* Updates:ActivatedRule:RuleId should be the rule group that you just removed, and
* ExcludedRules should contain the rules that you want to exclude.
*
*
*
*
*/
public void setExcludedRules(java.util.Collection excludedRules) {
if (excludedRules == null) {
this.excludedRules = null;
return;
}
this.excludedRules = new java.util.ArrayList(excludedRules);
}
/**
*
* An array of rules to exclude from a rule group. This is applicable only when the ActivatedRule
* refers to a RuleGroup.
*
*
* Sometimes it is necessary to troubleshoot rule groups that are blocking traffic unexpectedly (false positives).
* One troubleshooting technique is to identify the specific rule within the rule group that is blocking the
* legitimate traffic and then disable (exclude) that particular rule. You can exclude rules from both your own rule
* groups and AWS Marketplace rule groups that have been associated with a web ACL.
*
*
* Specifying ExcludedRules does not remove those rules from the rule group. Rather, it changes the
* action for the rules to COUNT. Therefore, requests that match an ExcludedRule are
* counted but not blocked. The RuleGroup owner will receive COUNT metrics for each
* ExcludedRule.
*
*
* If you want to exclude rules from a rule group that is already associated with a web ACL, perform the following
* steps:
*
*
* -
*
* Use the AWS WAF logs to identify the IDs of the rules that you want to exclude. For more information about the
* logs, see Logging Web ACL Traffic
* Information.
*
*
* -
*
* Submit an UpdateWebACL request that has two actions:
*
*
* -
*
* The first action deletes the existing rule group from the web ACL. That is, in the UpdateWebACL request,
* the first Updates:Action should be DELETE and Updates:ActivatedRule:RuleId
* should be the rule group that contains the rules that you want to exclude.
*
*
* -
*
* The second action inserts the same rule group back in, but specifying the rules to exclude. That is, the second
* Updates:Action should be INSERT, Updates:ActivatedRule:RuleId should be
* the rule group that you just removed, and ExcludedRules should contain the rules that you want to
* exclude.
*
*
*
*
*
*
* NOTE: This method appends the values to the existing list (if any). Use
* {@link #setExcludedRules(java.util.Collection)} or {@link #withExcludedRules(java.util.Collection)} if you want
* to override the existing values.
*
*
* @param excludedRules
* An array of rules to exclude from a rule group. This is applicable only when the
* ActivatedRule refers to a RuleGroup.
*
* Sometimes it is necessary to troubleshoot rule groups that are blocking traffic unexpectedly (false
* positives). One troubleshooting technique is to identify the specific rule within the rule group that is
* blocking the legitimate traffic and then disable (exclude) that particular rule. You can exclude rules
* from both your own rule groups and AWS Marketplace rule groups that have been associated with a web ACL.
*
*
* Specifying ExcludedRules does not remove those rules from the rule group. Rather, it changes
* the action for the rules to COUNT. Therefore, requests that match an
* ExcludedRule are counted but not blocked. The RuleGroup owner will receive COUNT
* metrics for each ExcludedRule.
*
*
* If you want to exclude rules from a rule group that is already associated with a web ACL, perform the
* following steps:
*
*
* -
*
* Use the AWS WAF logs to identify the IDs of the rules that you want to exclude. For more information about
* the logs, see Logging Web ACL
* Traffic Information.
*
*
* -
*
* Submit an UpdateWebACL request that has two actions:
*
*
* -
*
* The first action deletes the existing rule group from the web ACL. That is, in the UpdateWebACL
* request, the first Updates:Action should be DELETE and
* Updates:ActivatedRule:RuleId should be the rule group that contains the rules that you want
* to exclude.
*
*
* -
*
* The second action inserts the same rule group back in, but specifying the rules to exclude. That is, the
* second Updates:Action should be INSERT,
* Updates:ActivatedRule:RuleId should be the rule group that you just removed, and
* ExcludedRules should contain the rules that you want to exclude.
*
*
*
*
* @return Returns a reference to this object so that method calls can be chained together.
*/
public ActivatedRule withExcludedRules(ExcludedRule... excludedRules) {
if (this.excludedRules == null) {
setExcludedRules(new java.util.ArrayList(excludedRules.length));
}
for (ExcludedRule ele : excludedRules) {
this.excludedRules.add(ele);
}
return this;
}
/**
*
* An array of rules to exclude from a rule group. This is applicable only when the ActivatedRule
* refers to a RuleGroup.
*
*
* Sometimes it is necessary to troubleshoot rule groups that are blocking traffic unexpectedly (false positives).
* One troubleshooting technique is to identify the specific rule within the rule group that is blocking the
* legitimate traffic and then disable (exclude) that particular rule. You can exclude rules from both your own rule
* groups and AWS Marketplace rule groups that have been associated with a web ACL.
*
*
* Specifying ExcludedRules does not remove those rules from the rule group. Rather, it changes the
* action for the rules to COUNT. Therefore, requests that match an ExcludedRule are
* counted but not blocked. The RuleGroup owner will receive COUNT metrics for each
* ExcludedRule.
*
*
* If you want to exclude rules from a rule group that is already associated with a web ACL, perform the following
* steps:
*
*
* -
*
* Use the AWS WAF logs to identify the IDs of the rules that you want to exclude. For more information about the
* logs, see Logging Web ACL Traffic
* Information.
*
*
* -
*
* Submit an UpdateWebACL request that has two actions:
*
*
* -
*
* The first action deletes the existing rule group from the web ACL. That is, in the UpdateWebACL request,
* the first Updates:Action should be DELETE and Updates:ActivatedRule:RuleId
* should be the rule group that contains the rules that you want to exclude.
*
*
* -
*
* The second action inserts the same rule group back in, but specifying the rules to exclude. That is, the second
* Updates:Action should be INSERT, Updates:ActivatedRule:RuleId should be
* the rule group that you just removed, and ExcludedRules should contain the rules that you want to
* exclude.
*
*
*
*
*
*
* @param excludedRules
* An array of rules to exclude from a rule group. This is applicable only when the
* ActivatedRule refers to a RuleGroup.
*
* Sometimes it is necessary to troubleshoot rule groups that are blocking traffic unexpectedly (false
* positives). One troubleshooting technique is to identify the specific rule within the rule group that is
* blocking the legitimate traffic and then disable (exclude) that particular rule. You can exclude rules
* from both your own rule groups and AWS Marketplace rule groups that have been associated with a web ACL.
*
*
* Specifying ExcludedRules does not remove those rules from the rule group. Rather, it changes
* the action for the rules to COUNT. Therefore, requests that match an
* ExcludedRule are counted but not blocked. The RuleGroup owner will receive COUNT
* metrics for each ExcludedRule.
*
*
* If you want to exclude rules from a rule group that is already associated with a web ACL, perform the
* following steps:
*
*
* -
*
* Use the AWS WAF logs to identify the IDs of the rules that you want to exclude. For more information about
* the logs, see Logging Web ACL
* Traffic Information.
*
*
* -
*
* Submit an UpdateWebACL request that has two actions:
*
*
* -
*
* The first action deletes the existing rule group from the web ACL. That is, in the UpdateWebACL
* request, the first Updates:Action should be DELETE and
* Updates:ActivatedRule:RuleId should be the rule group that contains the rules that you want
* to exclude.
*
*
* -
*
* The second action inserts the same rule group back in, but specifying the rules to exclude. That is, the
* second Updates:Action should be INSERT,
* Updates:ActivatedRule:RuleId should be the rule group that you just removed, and
* ExcludedRules should contain the rules that you want to exclude.
*
*
*
*
* @return Returns a reference to this object so that method calls can be chained together.
*/
public ActivatedRule withExcludedRules(java.util.Collection excludedRules) {
setExcludedRules(excludedRules);
return this;
}
/**
* Returns a string representation of this object. This is useful for testing and debugging. Sensitive data will be
* redacted from this string using a placeholder value.
*
* @return A string representation of this object.
*
* @see java.lang.Object#toString()
*/
@Override
public String toString() {
StringBuilder sb = new StringBuilder();
sb.append("{");
if (getPriority() != null)
sb.append("Priority: ").append(getPriority()).append(",");
if (getRuleId() != null)
sb.append("RuleId: ").append(getRuleId()).append(",");
if (getAction() != null)
sb.append("Action: ").append(getAction()).append(",");
if (getOverrideAction() != null)
sb.append("OverrideAction: ").append(getOverrideAction()).append(",");
if (getType() != null)
sb.append("Type: ").append(getType()).append(",");
if (getExcludedRules() != null)
sb.append("ExcludedRules: ").append(getExcludedRules());
sb.append("}");
return sb.toString();
}
@Override
public boolean equals(Object obj) {
if (this == obj)
return true;
if (obj == null)
return false;
if (obj instanceof ActivatedRule == false)
return false;
ActivatedRule other = (ActivatedRule) obj;
if (other.getPriority() == null ^ this.getPriority() == null)
return false;
if (other.getPriority() != null && other.getPriority().equals(this.getPriority()) == false)
return false;
if (other.getRuleId() == null ^ this.getRuleId() == null)
return false;
if (other.getRuleId() != null && other.getRuleId().equals(this.getRuleId()) == false)
return false;
if (other.getAction() == null ^ this.getAction() == null)
return false;
if (other.getAction() != null && other.getAction().equals(this.getAction()) == false)
return false;
if (other.getOverrideAction() == null ^ this.getOverrideAction() == null)
return false;
if (other.getOverrideAction() != null && other.getOverrideAction().equals(this.getOverrideAction()) == false)
return false;
if (other.getType() == null ^ this.getType() == null)
return false;
if (other.getType() != null && other.getType().equals(this.getType()) == false)
return false;
if (other.getExcludedRules() == null ^ this.getExcludedRules() == null)
return false;
if (other.getExcludedRules() != null && other.getExcludedRules().equals(this.getExcludedRules()) == false)
return false;
return true;
}
@Override
public int hashCode() {
final int prime = 31;
int hashCode = 1;
hashCode = prime * hashCode + ((getPriority() == null) ? 0 : getPriority().hashCode());
hashCode = prime * hashCode + ((getRuleId() == null) ? 0 : getRuleId().hashCode());
hashCode = prime * hashCode + ((getAction() == null) ? 0 : getAction().hashCode());
hashCode = prime * hashCode + ((getOverrideAction() == null) ? 0 : getOverrideAction().hashCode());
hashCode = prime * hashCode + ((getType() == null) ? 0 : getType().hashCode());
hashCode = prime * hashCode + ((getExcludedRules() == null) ? 0 : getExcludedRules().hashCode());
return hashCode;
}
@Override
public ActivatedRule clone() {
try {
return (ActivatedRule) super.clone();
} catch (CloneNotSupportedException e) {
throw new IllegalStateException("Got a CloneNotSupportedException from Object.clone() " + "even though we're Cloneable!", e);
}
}
@com.amazonaws.annotation.SdkInternalApi
@Override
public void marshall(ProtocolMarshaller protocolMarshaller) {
com.amazonaws.services.waf.model.waf_regional.transform.ActivatedRuleMarshaller.getInstance().marshall(this, protocolMarshaller);
}
}