aws-cdk-lib.aws_wafregional.CfnRule.PredicateProperty

interface PredicateProperty

LanguageType name
.NETAmazon.CDK.AWS.WAFRegional.CfnRule.PredicateProperty
Gogithub.com/aws/aws-cdk-go/awscdk/v2/awswafregional#CfnRule_PredicateProperty
Javasoftware.amazon.awscdk.services.waf.regional.CfnRule.PredicateProperty
Pythonaws_cdk.aws_wafregional.CfnRule.PredicateProperty
TypeScript aws-cdk-lib » aws_wafregional » CfnRule » PredicateProperty

Specifies the ByteMatchSet , IPSet , SqlInjectionMatchSet , XssMatchSet , RegexMatchSet , GeoMatchSet , and SizeConstraintSet objects that you want to add to a Rule and, for each object, indicates whether you want to negate the settings, for example, requests that do NOT originate from the IP address 192.0.2.44.

Example

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import { aws_wafregional as wafregional } from 'aws-cdk-lib';
const predicateProperty: wafregional.CfnRule.PredicateProperty = {
  dataId: 'dataId',
  negated: false,
  type: 'type',
};

Properties

NameTypeDescription
dataIdstringA unique identifier for a predicate in a Rule , such as ByteMatchSetId or IPSetId .
negatedboolean | IResolvableSet Negated to False if you want AWS WAF to allow, block, or count requests based on the settings in the specified ByteMatchSet , IPSet , SqlInjectionMatchSet , XssMatchSet , RegexMatchSet , GeoMatchSet , or SizeConstraintSet .
typestringThe type of predicate in a Rule , such as ByteMatch or IPSet .

dataId

Type: string

A unique identifier for a predicate in a Rule , such as ByteMatchSetId or IPSetId .

The ID is returned by the corresponding Create or List command.


negated

Type: boolean | IResolvable

Set Negated to False if you want AWS WAF to allow, block, or count requests based on the settings in the specified ByteMatchSet , IPSet , SqlInjectionMatchSet , XssMatchSet , RegexMatchSet , GeoMatchSet , or SizeConstraintSet .

For example, if an IPSet includes the IP address 192.0.2.44 , AWS WAF will allow or block requests based on that IP address.

Set Negated to True if you want AWS WAF to allow or block a request based on the negation of the settings in the ByteMatchSet , IPSet , SqlInjectionMatchSet , XssMatchSet , RegexMatchSet , GeoMatchSet , or SizeConstraintSet . For example, if an IPSet includes the IP address 192.0.2.44 , AWS WAF will allow, block, or count requests based on all IP addresses except 192.0.2.44 .


type

Type: string

The type of predicate in a Rule , such as ByteMatch or IPSet .