com.pulumi.aws.wafv2.WebAclArgs Maven / Gradle / Ivy
// *** WARNING: this file was generated by pulumi-java-gen. ***
// *** Do not edit by hand unless you're certain you know what you are doing! ***
package com.pulumi.aws.wafv2;
import com.pulumi.aws.wafv2.inputs.WebAclAssociationConfigArgs;
import com.pulumi.aws.wafv2.inputs.WebAclCaptchaConfigArgs;
import com.pulumi.aws.wafv2.inputs.WebAclChallengeConfigArgs;
import com.pulumi.aws.wafv2.inputs.WebAclCustomResponseBodyArgs;
import com.pulumi.aws.wafv2.inputs.WebAclDefaultActionArgs;
import com.pulumi.aws.wafv2.inputs.WebAclRuleArgs;
import com.pulumi.aws.wafv2.inputs.WebAclVisibilityConfigArgs;
import com.pulumi.core.Output;
import com.pulumi.core.annotations.Import;
import com.pulumi.exceptions.MissingRequiredPropertyException;
import java.lang.String;
import java.util.List;
import java.util.Map;
import java.util.Objects;
import java.util.Optional;
import javax.annotation.Nullable;
public final class WebAclArgs extends com.pulumi.resources.ResourceArgs {
public static final WebAclArgs Empty = new WebAclArgs();
/**
* Specifies custom configurations for the associations between the web ACL and protected resources. See `association_config` below for details.
*
*/
@Import(name="associationConfig")
private @Nullable Output associationConfig;
/**
* @return Specifies custom configurations for the associations between the web ACL and protected resources. See `association_config` below for details.
*
*/
public Optional> associationConfig() {
return Optional.ofNullable(this.associationConfig);
}
/**
* Specifies how AWS WAF should handle CAPTCHA evaluations on the ACL level (used by [AWS Bot Control](https://docs.aws.amazon.com/waf/latest/developerguide/aws-managed-rule-groups-bot.html)). See `captcha_config` below for details.
*
*/
@Import(name="captchaConfig")
private @Nullable Output captchaConfig;
/**
* @return Specifies how AWS WAF should handle CAPTCHA evaluations on the ACL level (used by [AWS Bot Control](https://docs.aws.amazon.com/waf/latest/developerguide/aws-managed-rule-groups-bot.html)). See `captcha_config` below for details.
*
*/
public Optional> captchaConfig() {
return Optional.ofNullable(this.captchaConfig);
}
/**
* Specifies how AWS WAF should handle Challenge evaluations on the ACL level (used by [AWS Bot Control](https://docs.aws.amazon.com/waf/latest/developerguide/aws-managed-rule-groups-bot.html)). See `challenge_config` below for details.
*
*/
@Import(name="challengeConfig")
private @Nullable Output challengeConfig;
/**
* @return Specifies how AWS WAF should handle Challenge evaluations on the ACL level (used by [AWS Bot Control](https://docs.aws.amazon.com/waf/latest/developerguide/aws-managed-rule-groups-bot.html)). See `challenge_config` below for details.
*
*/
public Optional> challengeConfig() {
return Optional.ofNullable(this.challengeConfig);
}
/**
* Defines custom response bodies that can be referenced by `custom_response` actions. See `custom_response_body` below for details.
*
*/
@Import(name="customResponseBodies")
private @Nullable Output> customResponseBodies;
/**
* @return Defines custom response bodies that can be referenced by `custom_response` actions. See `custom_response_body` below for details.
*
*/
public Optional>> customResponseBodies() {
return Optional.ofNullable(this.customResponseBodies);
}
/**
* Action to perform if none of the `rules` contained in the WebACL match. See `default_action` below for details.
*
*/
@Import(name="defaultAction", required=true)
private Output defaultAction;
/**
* @return Action to perform if none of the `rules` contained in the WebACL match. See `default_action` below for details.
*
*/
public Output defaultAction() {
return this.defaultAction;
}
/**
* Friendly description of the WebACL.
*
*/
@Import(name="description")
private @Nullable Output description;
/**
* @return Friendly description of the WebACL.
*
*/
public Optional> description() {
return Optional.ofNullable(this.description);
}
/**
* Friendly name of the WebACL.
*
*/
@Import(name="name")
private @Nullable Output name;
/**
* @return Friendly name of the WebACL.
*
*/
public Optional> name() {
return Optional.ofNullable(this.name);
}
/**
* Raw JSON string to allow more than three nested statements. Conflicts with `rule` attribute. This is for advanced use cases where more than 3 levels of nested statements are required. **There is no drift detection at this time**. If you use this attribute instead of `rule`, you will be foregoing drift detection. See the AWS [documentation](https://docs.aws.amazon.com/waf/latest/APIReference/API_CreateWebACL.html) for the JSON structure.
*
*/
@Import(name="ruleJson")
private @Nullable Output ruleJson;
/**
* @return Raw JSON string to allow more than three nested statements. Conflicts with `rule` attribute. This is for advanced use cases where more than 3 levels of nested statements are required. **There is no drift detection at this time**. If you use this attribute instead of `rule`, you will be foregoing drift detection. See the AWS [documentation](https://docs.aws.amazon.com/waf/latest/APIReference/API_CreateWebACL.html) for the JSON structure.
*
*/
public Optional> ruleJson() {
return Optional.ofNullable(this.ruleJson);
}
/**
* Rule blocks used to identify the web requests that you want to `allow`, `block`, or `count`. See `rule` below for details.
*
*/
@Import(name="rules")
private @Nullable Output> rules;
/**
* @return Rule blocks used to identify the web requests that you want to `allow`, `block`, or `count`. See `rule` below for details.
*
*/
public Optional>> rules() {
return Optional.ofNullable(this.rules);
}
/**
* Specifies whether this is for an AWS CloudFront distribution or for a regional application. Valid values are `CLOUDFRONT` or `REGIONAL`. To work with CloudFront, you must also specify the region `us-east-1` (N. Virginia) on the AWS provider.
*
*/
@Import(name="scope", required=true)
private Output scope;
/**
* @return Specifies whether this is for an AWS CloudFront distribution or for a regional application. Valid values are `CLOUDFRONT` or `REGIONAL`. To work with CloudFront, you must also specify the region `us-east-1` (N. Virginia) on the AWS provider.
*
*/
public Output scope() {
return this.scope;
}
/**
* Map of key-value pairs to associate with the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.
*
*/
@Import(name="tags")
private @Nullable Output> tags;
/**
* @return Map of key-value pairs to associate with the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.
*
*/
public Optional>> tags() {
return Optional.ofNullable(this.tags);
}
/**
* Specifies the domains that AWS WAF should accept in a web request token. This enables the use of tokens across multiple protected websites. When AWS WAF provides a token, it uses the domain of the AWS resource that the web ACL is protecting. If you don't specify a list of token domains, AWS WAF accepts tokens only for the domain of the protected resource. With a token domain list, AWS WAF accepts the resource's host domain plus all domains in the token domain list, including their prefixed subdomains.
*
*/
@Import(name="tokenDomains")
private @Nullable Output> tokenDomains;
/**
* @return Specifies the domains that AWS WAF should accept in a web request token. This enables the use of tokens across multiple protected websites. When AWS WAF provides a token, it uses the domain of the AWS resource that the web ACL is protecting. If you don't specify a list of token domains, AWS WAF accepts tokens only for the domain of the protected resource. With a token domain list, AWS WAF accepts the resource's host domain plus all domains in the token domain list, including their prefixed subdomains.
*
*/
public Optional>> tokenDomains() {
return Optional.ofNullable(this.tokenDomains);
}
/**
* Defines and enables Amazon CloudWatch metrics and web request sample collection. See `visibility_config` below for details.
*
*/
@Import(name="visibilityConfig", required=true)
private Output visibilityConfig;
/**
* @return Defines and enables Amazon CloudWatch metrics and web request sample collection. See `visibility_config` below for details.
*
*/
public Output visibilityConfig() {
return this.visibilityConfig;
}
private WebAclArgs() {}
private WebAclArgs(WebAclArgs $) {
this.associationConfig = $.associationConfig;
this.captchaConfig = $.captchaConfig;
this.challengeConfig = $.challengeConfig;
this.customResponseBodies = $.customResponseBodies;
this.defaultAction = $.defaultAction;
this.description = $.description;
this.name = $.name;
this.ruleJson = $.ruleJson;
this.rules = $.rules;
this.scope = $.scope;
this.tags = $.tags;
this.tokenDomains = $.tokenDomains;
this.visibilityConfig = $.visibilityConfig;
}
public static Builder builder() {
return new Builder();
}
public static Builder builder(WebAclArgs defaults) {
return new Builder(defaults);
}
public static final class Builder {
private WebAclArgs $;
public Builder() {
$ = new WebAclArgs();
}
public Builder(WebAclArgs defaults) {
$ = new WebAclArgs(Objects.requireNonNull(defaults));
}
/**
* @param associationConfig Specifies custom configurations for the associations between the web ACL and protected resources. See `association_config` below for details.
*
* @return builder
*
*/
public Builder associationConfig(@Nullable Output associationConfig) {
$.associationConfig = associationConfig;
return this;
}
/**
* @param associationConfig Specifies custom configurations for the associations between the web ACL and protected resources. See `association_config` below for details.
*
* @return builder
*
*/
public Builder associationConfig(WebAclAssociationConfigArgs associationConfig) {
return associationConfig(Output.of(associationConfig));
}
/**
* @param captchaConfig Specifies how AWS WAF should handle CAPTCHA evaluations on the ACL level (used by [AWS Bot Control](https://docs.aws.amazon.com/waf/latest/developerguide/aws-managed-rule-groups-bot.html)). See `captcha_config` below for details.
*
* @return builder
*
*/
public Builder captchaConfig(@Nullable Output captchaConfig) {
$.captchaConfig = captchaConfig;
return this;
}
/**
* @param captchaConfig Specifies how AWS WAF should handle CAPTCHA evaluations on the ACL level (used by [AWS Bot Control](https://docs.aws.amazon.com/waf/latest/developerguide/aws-managed-rule-groups-bot.html)). See `captcha_config` below for details.
*
* @return builder
*
*/
public Builder captchaConfig(WebAclCaptchaConfigArgs captchaConfig) {
return captchaConfig(Output.of(captchaConfig));
}
/**
* @param challengeConfig Specifies how AWS WAF should handle Challenge evaluations on the ACL level (used by [AWS Bot Control](https://docs.aws.amazon.com/waf/latest/developerguide/aws-managed-rule-groups-bot.html)). See `challenge_config` below for details.
*
* @return builder
*
*/
public Builder challengeConfig(@Nullable Output challengeConfig) {
$.challengeConfig = challengeConfig;
return this;
}
/**
* @param challengeConfig Specifies how AWS WAF should handle Challenge evaluations on the ACL level (used by [AWS Bot Control](https://docs.aws.amazon.com/waf/latest/developerguide/aws-managed-rule-groups-bot.html)). See `challenge_config` below for details.
*
* @return builder
*
*/
public Builder challengeConfig(WebAclChallengeConfigArgs challengeConfig) {
return challengeConfig(Output.of(challengeConfig));
}
/**
* @param customResponseBodies Defines custom response bodies that can be referenced by `custom_response` actions. See `custom_response_body` below for details.
*
* @return builder
*
*/
public Builder customResponseBodies(@Nullable Output> customResponseBodies) {
$.customResponseBodies = customResponseBodies;
return this;
}
/**
* @param customResponseBodies Defines custom response bodies that can be referenced by `custom_response` actions. See `custom_response_body` below for details.
*
* @return builder
*
*/
public Builder customResponseBodies(List customResponseBodies) {
return customResponseBodies(Output.of(customResponseBodies));
}
/**
* @param customResponseBodies Defines custom response bodies that can be referenced by `custom_response` actions. See `custom_response_body` below for details.
*
* @return builder
*
*/
public Builder customResponseBodies(WebAclCustomResponseBodyArgs... customResponseBodies) {
return customResponseBodies(List.of(customResponseBodies));
}
/**
* @param defaultAction Action to perform if none of the `rules` contained in the WebACL match. See `default_action` below for details.
*
* @return builder
*
*/
public Builder defaultAction(Output defaultAction) {
$.defaultAction = defaultAction;
return this;
}
/**
* @param defaultAction Action to perform if none of the `rules` contained in the WebACL match. See `default_action` below for details.
*
* @return builder
*
*/
public Builder defaultAction(WebAclDefaultActionArgs defaultAction) {
return defaultAction(Output.of(defaultAction));
}
/**
* @param description Friendly description of the WebACL.
*
* @return builder
*
*/
public Builder description(@Nullable Output description) {
$.description = description;
return this;
}
/**
* @param description Friendly description of the WebACL.
*
* @return builder
*
*/
public Builder description(String description) {
return description(Output.of(description));
}
/**
* @param name Friendly name of the WebACL.
*
* @return builder
*
*/
public Builder name(@Nullable Output name) {
$.name = name;
return this;
}
/**
* @param name Friendly name of the WebACL.
*
* @return builder
*
*/
public Builder name(String name) {
return name(Output.of(name));
}
/**
* @param ruleJson Raw JSON string to allow more than three nested statements. Conflicts with `rule` attribute. This is for advanced use cases where more than 3 levels of nested statements are required. **There is no drift detection at this time**. If you use this attribute instead of `rule`, you will be foregoing drift detection. See the AWS [documentation](https://docs.aws.amazon.com/waf/latest/APIReference/API_CreateWebACL.html) for the JSON structure.
*
* @return builder
*
*/
public Builder ruleJson(@Nullable Output ruleJson) {
$.ruleJson = ruleJson;
return this;
}
/**
* @param ruleJson Raw JSON string to allow more than three nested statements. Conflicts with `rule` attribute. This is for advanced use cases where more than 3 levels of nested statements are required. **There is no drift detection at this time**. If you use this attribute instead of `rule`, you will be foregoing drift detection. See the AWS [documentation](https://docs.aws.amazon.com/waf/latest/APIReference/API_CreateWebACL.html) for the JSON structure.
*
* @return builder
*
*/
public Builder ruleJson(String ruleJson) {
return ruleJson(Output.of(ruleJson));
}
/**
* @param rules Rule blocks used to identify the web requests that you want to `allow`, `block`, or `count`. See `rule` below for details.
*
* @return builder
*
*/
public Builder rules(@Nullable Output> rules) {
$.rules = rules;
return this;
}
/**
* @param rules Rule blocks used to identify the web requests that you want to `allow`, `block`, or `count`. See `rule` below for details.
*
* @return builder
*
*/
public Builder rules(List rules) {
return rules(Output.of(rules));
}
/**
* @param rules Rule blocks used to identify the web requests that you want to `allow`, `block`, or `count`. See `rule` below for details.
*
* @return builder
*
*/
public Builder rules(WebAclRuleArgs... rules) {
return rules(List.of(rules));
}
/**
* @param scope Specifies whether this is for an AWS CloudFront distribution or for a regional application. Valid values are `CLOUDFRONT` or `REGIONAL`. To work with CloudFront, you must also specify the region `us-east-1` (N. Virginia) on the AWS provider.
*
* @return builder
*
*/
public Builder scope(Output scope) {
$.scope = scope;
return this;
}
/**
* @param scope Specifies whether this is for an AWS CloudFront distribution or for a regional application. Valid values are `CLOUDFRONT` or `REGIONAL`. To work with CloudFront, you must also specify the region `us-east-1` (N. Virginia) on the AWS provider.
*
* @return builder
*
*/
public Builder scope(String scope) {
return scope(Output.of(scope));
}
/**
* @param tags Map of key-value pairs to associate with the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.
*
* @return builder
*
*/
public Builder tags(@Nullable Output> tags) {
$.tags = tags;
return this;
}
/**
* @param tags Map of key-value pairs to associate with the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.
*
* @return builder
*
*/
public Builder tags(Map tags) {
return tags(Output.of(tags));
}
/**
* @param tokenDomains Specifies the domains that AWS WAF should accept in a web request token. This enables the use of tokens across multiple protected websites. When AWS WAF provides a token, it uses the domain of the AWS resource that the web ACL is protecting. If you don't specify a list of token domains, AWS WAF accepts tokens only for the domain of the protected resource. With a token domain list, AWS WAF accepts the resource's host domain plus all domains in the token domain list, including their prefixed subdomains.
*
* @return builder
*
*/
public Builder tokenDomains(@Nullable Output> tokenDomains) {
$.tokenDomains = tokenDomains;
return this;
}
/**
* @param tokenDomains Specifies the domains that AWS WAF should accept in a web request token. This enables the use of tokens across multiple protected websites. When AWS WAF provides a token, it uses the domain of the AWS resource that the web ACL is protecting. If you don't specify a list of token domains, AWS WAF accepts tokens only for the domain of the protected resource. With a token domain list, AWS WAF accepts the resource's host domain plus all domains in the token domain list, including their prefixed subdomains.
*
* @return builder
*
*/
public Builder tokenDomains(List tokenDomains) {
return tokenDomains(Output.of(tokenDomains));
}
/**
* @param tokenDomains Specifies the domains that AWS WAF should accept in a web request token. This enables the use of tokens across multiple protected websites. When AWS WAF provides a token, it uses the domain of the AWS resource that the web ACL is protecting. If you don't specify a list of token domains, AWS WAF accepts tokens only for the domain of the protected resource. With a token domain list, AWS WAF accepts the resource's host domain plus all domains in the token domain list, including their prefixed subdomains.
*
* @return builder
*
*/
public Builder tokenDomains(String... tokenDomains) {
return tokenDomains(List.of(tokenDomains));
}
/**
* @param visibilityConfig Defines and enables Amazon CloudWatch metrics and web request sample collection. See `visibility_config` below for details.
*
* @return builder
*
*/
public Builder visibilityConfig(Output visibilityConfig) {
$.visibilityConfig = visibilityConfig;
return this;
}
/**
* @param visibilityConfig Defines and enables Amazon CloudWatch metrics and web request sample collection. See `visibility_config` below for details.
*
* @return builder
*
*/
public Builder visibilityConfig(WebAclVisibilityConfigArgs visibilityConfig) {
return visibilityConfig(Output.of(visibilityConfig));
}
public WebAclArgs build() {
if ($.defaultAction == null) {
throw new MissingRequiredPropertyException("WebAclArgs", "defaultAction");
}
if ($.scope == null) {
throw new MissingRequiredPropertyException("WebAclArgs", "scope");
}
if ($.visibilityConfig == null) {
throw new MissingRequiredPropertyException("WebAclArgs", "visibilityConfig");
}
return $;
}
}
}
© 2015 - 2025 Weber Informatics LLC | Privacy Policy