com.pulumi.awsnative.wafv2.kotlin.WebAcl.kt Maven / Gradle / Ivy
Go to download
Show more of this group Show more artifacts with this name
Show all versions of pulumi-aws-native-kotlin Show documentation
Show all versions of pulumi-aws-native-kotlin Show documentation
Build cloud applications and infrastructure by combining the safety and reliability of infrastructure as code with the power of the Kotlin programming language.
@file:Suppress("NAME_SHADOWING", "DEPRECATION")
package com.pulumi.awsnative.wafv2.kotlin
import com.pulumi.awsnative.kotlin.outputs.Tag
import com.pulumi.awsnative.wafv2.kotlin.enums.WebAclScope
import com.pulumi.awsnative.wafv2.kotlin.outputs.WebAclAssociationConfig
import com.pulumi.awsnative.wafv2.kotlin.outputs.WebAclCaptchaConfig
import com.pulumi.awsnative.wafv2.kotlin.outputs.WebAclChallengeConfig
import com.pulumi.awsnative.wafv2.kotlin.outputs.WebAclCustomResponseBody
import com.pulumi.awsnative.wafv2.kotlin.outputs.WebAclDefaultAction
import com.pulumi.awsnative.wafv2.kotlin.outputs.WebAclRule
import com.pulumi.awsnative.wafv2.kotlin.outputs.WebAclVisibilityConfig
import com.pulumi.core.Output
import com.pulumi.kotlin.KotlinCustomResource
import com.pulumi.kotlin.PulumiTagMarker
import com.pulumi.kotlin.ResourceMapper
import com.pulumi.kotlin.options.CustomResourceOptions
import com.pulumi.kotlin.options.CustomResourceOptionsBuilder
import com.pulumi.resources.Resource
import kotlin.Boolean
import kotlin.Int
import kotlin.String
import kotlin.Suppress
import kotlin.Unit
import kotlin.collections.List
import kotlin.collections.Map
import com.pulumi.awsnative.kotlin.outputs.Tag.Companion.toKotlin as tagToKotlin
import com.pulumi.awsnative.wafv2.kotlin.enums.WebAclScope.Companion.toKotlin as webAclScopeToKotlin
import com.pulumi.awsnative.wafv2.kotlin.outputs.WebAclAssociationConfig.Companion.toKotlin as webAclAssociationConfigToKotlin
import com.pulumi.awsnative.wafv2.kotlin.outputs.WebAclCaptchaConfig.Companion.toKotlin as webAclCaptchaConfigToKotlin
import com.pulumi.awsnative.wafv2.kotlin.outputs.WebAclChallengeConfig.Companion.toKotlin as webAclChallengeConfigToKotlin
import com.pulumi.awsnative.wafv2.kotlin.outputs.WebAclCustomResponseBody.Companion.toKotlin as webAclCustomResponseBodyToKotlin
import com.pulumi.awsnative.wafv2.kotlin.outputs.WebAclDefaultAction.Companion.toKotlin as webAclDefaultActionToKotlin
import com.pulumi.awsnative.wafv2.kotlin.outputs.WebAclRule.Companion.toKotlin as webAclRuleToKotlin
import com.pulumi.awsnative.wafv2.kotlin.outputs.WebAclVisibilityConfig.Companion.toKotlin as webAclVisibilityConfigToKotlin
/**
* Builder for [WebAcl].
*/
@PulumiTagMarker
public class WebAclResourceBuilder internal constructor() {
public var name: String? = null
public var args: WebAclArgs = WebAclArgs()
public var opts: CustomResourceOptions = CustomResourceOptions()
/**
* @param name The _unique_ name of the resulting resource.
*/
public fun name(`value`: String) {
this.name = value
}
/**
* @param block The arguments to use to populate this resource's properties.
*/
public suspend fun args(block: suspend WebAclArgsBuilder.() -> Unit) {
val builder = WebAclArgsBuilder()
block(builder)
this.args = builder.build()
}
/**
* @param block A bag of options that control this resource's behavior.
*/
public suspend fun opts(block: suspend CustomResourceOptionsBuilder.() -> Unit) {
this.opts = com.pulumi.kotlin.options.CustomResourceOptions.opts(block)
}
internal fun build(): WebAcl {
val builtJavaResource = com.pulumi.awsnative.wafv2.WebAcl(
this.name,
this.args.toJava(),
this.opts.toJava(),
)
return WebAcl(builtJavaResource)
}
}
/**
* Contains the Rules that identify the requests that you want to allow, block, or count. In a WebACL, you also specify a default action (ALLOW or BLOCK), and the action for each Rule that you add to a WebACL, for example, block requests from specified IP addresses or block requests from specified referrers. You also associate the WebACL with a CloudFront distribution to identify the requests that you want AWS WAF to filter. If you add more than one Rule to a WebACL, a request needs to match only one of the specifications to be allowed, blocked, or counted.
*/
public class WebAcl internal constructor(
override val javaResource: com.pulumi.awsnative.wafv2.WebAcl,
) : KotlinCustomResource(javaResource, WebAclMapper) {
/**
* The Amazon Resource Name (ARN) of the web ACL.
*/
public val arn: Output
get() = javaResource.arn().applyValue({ args0 -> args0 })
/**
* Specifies custom configurations for the associations between the web ACL and protected resources.
* Use this to customize the maximum size of the request body that your protected resources forward to AWS WAF for inspection. You can customize this setting for CloudFront, API Gateway, Amazon Cognito, App Runner, or Verified Access resources. The default setting is 16 KB (16,384 bytes).
* > You are charged additional fees when your protected resources forward body sizes that are larger than the default. For more information, see [AWS WAF Pricing](https://docs.aws.amazon.com/waf/pricing/) .
* For Application Load Balancer and AWS AppSync , the limit is fixed at 8 KB (8,192 bytes).
*/
public val associationConfig: Output?
get() = javaResource.associationConfig().applyValue({ args0 ->
args0.map({ args0 ->
args0.let({ args0 -> webAclAssociationConfigToKotlin(args0) })
}).orElse(null)
})
/**
* The ID of the web ACL.
*/
public val awsId: Output
get() = javaResource.awsId().applyValue({ args0 -> args0 })
/**
* The web ACL capacity units (WCUs) currently being used by this web ACL.
* AWS WAF uses WCUs to calculate and control the operating resources that are used to run your rules, rule groups, and web ACLs. AWS WAF calculates capacity differently for each rule type, to reflect the relative cost of each rule. Simple rules that cost little to run use fewer WCUs than more complex rules that use more processing power. Rule group capacity is fixed at creation, which helps users plan their web ACL WCU usage when they use a rule group. The WCU limit for web ACLs is 1,500.
*/
public val capacity: Output
get() = javaResource.capacity().applyValue({ args0 -> args0 })
/**
* Specifies how AWS WAF should handle `CAPTCHA` evaluations for rules that don't have their own `CaptchaConfig` settings. If you don't specify this, AWS WAF uses its default settings for `CaptchaConfig` .
*/
public val captchaConfig: Output?
get() = javaResource.captchaConfig().applyValue({ args0 ->
args0.map({ args0 ->
args0.let({ args0 -> webAclCaptchaConfigToKotlin(args0) })
}).orElse(null)
})
/**
* Specifies how AWS WAF should handle challenge evaluations for rules that don't have their own `ChallengeConfig` settings. If you don't specify this, AWS WAF uses its default settings for `ChallengeConfig` .
*/
public val challengeConfig: Output?
get() = javaResource.challengeConfig().applyValue({ args0 ->
args0.map({ args0 ->
args0.let({ args0 -> webAclChallengeConfigToKotlin(args0) })
}).orElse(null)
})
/**
* A map of custom response keys and content bodies. When you create a rule with a block action, you can send a custom response to the web request. You define these for the web ACL, and then use them in the rules and default actions that you define in the web ACL.
* For information about customizing web requests and responses, see [Customizing web requests and responses in AWS WAF](https://docs.aws.amazon.com/waf/latest/developerguide/waf-custom-request-response.html) in the *AWS WAF Developer Guide* .
* For information about the limits on count and size for custom request and response settings, see [AWS WAF quotas](https://docs.aws.amazon.com/waf/latest/developerguide/limits.html) in the *AWS WAF Developer Guide* .
*/
public val customResponseBodies: Output>?
get() = javaResource.customResponseBodies().applyValue({ args0 ->
args0.map({ args0 ->
args0.map({ args0 ->
args0.key.to(
args0.value.let({ args0 ->
webAclCustomResponseBodyToKotlin(args0)
}),
)
}).toMap()
}).orElse(null)
})
/**
* The action to perform if none of the `Rules` contained in the `WebACL` match.
*/
public val defaultAction: Output
get() = javaResource.defaultAction().applyValue({ args0 ->
args0.let({ args0 ->
webAclDefaultActionToKotlin(args0)
})
})
/**
* A description of the web ACL that helps with identification.
*/
public val description: Output?
get() = javaResource.description().applyValue({ args0 ->
args0.map({ args0 ->
args0
}).orElse(null)
})
/**
* The label namespace prefix for this web ACL. All labels added by rules in this web ACL have this prefix.
* The syntax for the label namespace prefix for a web ACL is the following: `awswaf::webacl::`
* When a rule with a label matches a web request, AWS WAF adds the fully qualified label to the request. A fully qualified label is made up of the label namespace from the rule group or web ACL where the rule is defined and the label from the rule, separated by a colon.
*/
public val labelNamespace: Output
get() = javaResource.labelNamespace().applyValue({ args0 -> args0 })
/**
* The name of the web ACL. You cannot change the name of a web ACL after you create it.
*/
public val name: Output?
get() = javaResource.name().applyValue({ args0 -> args0.map({ args0 -> args0 }).orElse(null) })
/**
* Collection of Rules.
*/
public val rules: Output>?
get() = javaResource.rules().applyValue({ args0 ->
args0.map({ args0 ->
args0.map({ args0 ->
args0.let({ args0 -> webAclRuleToKotlin(args0) })
})
}).orElse(null)
})
/**
* Specifies whether this is for an Amazon CloudFront distribution or for a regional application. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, an AWS AppSync GraphQL API, an Amazon Cognito user pool, an AWS App Runner service, or an AWS Verified Access instance. Valid Values are `CLOUDFRONT` and `REGIONAL` .
* > For `CLOUDFRONT` , you must create your WAFv2 resources in the US East (N. Virginia) Region, `us-east-1` .
* For information about how to define the association of the web ACL with your resource, see `WebACLAssociation` .
*/
public val scope: Output
get() = javaResource.scope().applyValue({ args0 ->
args0.let({ args0 ->
webAclScopeToKotlin(args0)
})
})
/**
* Key:value pairs associated with an AWS resource. The key:value pair can be anything you define. Typically, the tag key represents a category (such as "environment") and the tag value represents a specific value within that category (such as "test," "development," or "production"). You can add up to 50 tags to each AWS resource.
* > To modify tags on existing resources, use the AWS WAF APIs or command line interface. With AWS CloudFormation , you can only add tags to AWS WAF resources during resource creation.
*/
public val tags: Output>?
get() = javaResource.tags().applyValue({ args0 ->
args0.map({ args0 ->
args0.map({ args0 ->
args0.let({ args0 -> tagToKotlin(args0) })
})
}).orElse(null)
})
/**
* Specifies the domains that AWS WAF should accept in a web request token. This enables the use of tokens across multiple protected websites. When AWS WAF provides a token, it uses the domain of the AWS resource that the web ACL is protecting. If you don't specify a list of token domains, AWS WAF accepts tokens only for the domain of the protected resource. With a token domain list, AWS WAF accepts the resource's host domain plus all domains in the token domain list, including their prefixed subdomains.
*/
public val tokenDomains: Output>?
get() = javaResource.tokenDomains().applyValue({ args0 ->
args0.map({ args0 ->
args0.map({ args0 ->
args0
})
}).orElse(null)
})
/**
* Defines and enables Amazon CloudWatch metrics and web request sample collection.
*/
public val visibilityConfig: Output
get() = javaResource.visibilityConfig().applyValue({ args0 ->
args0.let({ args0 ->
webAclVisibilityConfigToKotlin(args0)
})
})
}
public object WebAclMapper : ResourceMapper {
override fun supportsMappingOfType(javaResource: Resource): Boolean =
com.pulumi.awsnative.wafv2.WebAcl::class == javaResource::class
override fun map(javaResource: Resource): WebAcl = WebAcl(
javaResource as
com.pulumi.awsnative.wafv2.WebAcl,
)
}
/**
* @see [WebAcl].
* @param name The _unique_ name of the resulting resource.
* @param block Builder for [WebAcl].
*/
public suspend fun webAcl(name: String, block: suspend WebAclResourceBuilder.() -> Unit): WebAcl {
val builder = WebAclResourceBuilder()
builder.name(name)
block(builder)
return builder.build()
}
/**
* @see [WebAcl].
* @param name The _unique_ name of the resulting resource.
*/
public fun webAcl(name: String): WebAcl {
val builder = WebAclResourceBuilder()
builder.name(name)
return builder.build()
}