Package com.pulumi.aws.wafregional
Class WebAcl
- java.lang.Object
-
- com.pulumi.resources.Resource
-
- com.pulumi.resources.CustomResource
-
- com.pulumi.aws.wafregional.WebAcl
-
public class WebAcl extends com.pulumi.resources.CustomResourceProvides a WAF Regional Web ACL Resource for use with Application Load Balancer. ## Example Usage ### Regular Rule <!--Start PulumiCodeChooser -->
<!--End PulumiCodeChooser --> ### Group Rule <!--Start PulumiCodeChooser -->package generated_program; import com.pulumi.Context; import com.pulumi.Pulumi; import com.pulumi.core.Output; import com.pulumi.aws.wafregional.IpSet; import com.pulumi.aws.wafregional.IpSetArgs; import com.pulumi.aws.wafregional.inputs.IpSetIpSetDescriptorArgs; import com.pulumi.aws.wafregional.Rule; import com.pulumi.aws.wafregional.RuleArgs; import com.pulumi.aws.wafregional.inputs.RulePredicateArgs; import com.pulumi.aws.wafregional.WebAcl; import com.pulumi.aws.wafregional.WebAclArgs; import com.pulumi.aws.wafregional.inputs.WebAclDefaultActionArgs; import com.pulumi.aws.wafregional.inputs.WebAclRuleArgs; import com.pulumi.aws.wafregional.inputs.WebAclRuleActionArgs; import java.util.List; import java.util.ArrayList; import java.util.Map; import java.io.File; import java.nio.file.Files; import java.nio.file.Paths; public class App { public static void main(String[] args) { Pulumi.run(App::stack); } public static void stack(Context ctx) { var ipset = new IpSet("ipset", IpSetArgs.builder() .name("tfIPSet") .ipSetDescriptors(IpSetIpSetDescriptorArgs.builder() .type("IPV4") .value("192.0.7.0/24") .build()) .build()); var wafrule = new Rule("wafrule", RuleArgs.builder() .name("tfWAFRule") .metricName("tfWAFRule") .predicates(RulePredicateArgs.builder() .dataId(ipset.id()) .negated(false) .type("IPMatch") .build()) .build()); var wafacl = new WebAcl("wafacl", WebAclArgs.builder() .name("tfWebACL") .metricName("tfWebACL") .defaultAction(WebAclDefaultActionArgs.builder() .type("ALLOW") .build()) .rules(WebAclRuleArgs.builder() .action(WebAclRuleActionArgs.builder() .type("BLOCK") .build()) .priority(1) .ruleId(wafrule.id()) .type("REGULAR") .build()) .build()); } }
<!--End PulumiCodeChooser --> ### Logging > *NOTE:* The Kinesis Firehose Delivery Stream name must begin with `aws-waf-logs-`. See the [AWS WAF Developer Guide](https://docs.aws.amazon.com/waf/latest/developerguide/logging.html) for more information about enabling WAF logging. <!--Start PulumiCodeChooser -->package generated_program; import com.pulumi.Context; import com.pulumi.Pulumi; import com.pulumi.core.Output; import com.pulumi.aws.wafregional.WebAcl; import com.pulumi.aws.wafregional.WebAclArgs; import com.pulumi.aws.wafregional.inputs.WebAclDefaultActionArgs; import com.pulumi.aws.wafregional.inputs.WebAclRuleArgs; import com.pulumi.aws.wafregional.inputs.WebAclRuleOverrideActionArgs; import java.util.List; import java.util.ArrayList; import java.util.Map; import java.io.File; import java.nio.file.Files; import java.nio.file.Paths; public class App { public static void main(String[] args) { Pulumi.run(App::stack); } public static void stack(Context ctx) { var example = new WebAcl("example", WebAclArgs.builder() .name("example") .metricName("example") .defaultAction(WebAclDefaultActionArgs.builder() .type("ALLOW") .build()) .rules(WebAclRuleArgs.builder() .priority(1) .ruleId(exampleAwsWafregionalRuleGroup.id()) .type("GROUP") .overrideAction(WebAclRuleOverrideActionArgs.builder() .type("NONE") .build()) .build()) .build()); } }
<!--End PulumiCodeChooser --> ## Import Using `pulumi import`, import WAF Regional Web ACL using the id. For example: ```sh $ pulumi import aws:wafregional/webAcl:WebAcl wafacl a1b2c3d4-d5f6-7777-8888-9999aaaabbbbcccc ```package generated_program; import com.pulumi.Context; import com.pulumi.Pulumi; import com.pulumi.core.Output; import com.pulumi.aws.wafregional.WebAcl; import com.pulumi.aws.wafregional.WebAclArgs; import com.pulumi.aws.wafregional.inputs.WebAclLoggingConfigurationArgs; import com.pulumi.aws.wafregional.inputs.WebAclLoggingConfigurationRedactedFieldsArgs; import java.util.List; import java.util.ArrayList; import java.util.Map; import java.io.File; import java.nio.file.Files; import java.nio.file.Paths; public class App { public static void main(String[] args) { Pulumi.run(App::stack); } public static void stack(Context ctx) { var example = new WebAcl("example", WebAclArgs.builder() .loggingConfiguration(WebAclLoggingConfigurationArgs.builder() .logDestination(exampleAwsKinesisFirehoseDeliveryStream.arn()) .redactedFields(WebAclLoggingConfigurationRedactedFieldsArgs.builder() .fieldToMatches( WebAclLoggingConfigurationRedactedFieldsFieldToMatchArgs.builder() .type("URI") .build(), WebAclLoggingConfigurationRedactedFieldsFieldToMatchArgs.builder() .data("referer") .type("HEADER") .build()) .build()) .build()) .build()); } }
-
-
Constructor Summary
Constructors Constructor Description WebAcl(java.lang.String name)WebAcl(java.lang.String name, WebAclArgs args)WebAcl(java.lang.String name, WebAclArgs args, com.pulumi.resources.CustomResourceOptions options)
-
Method Summary
All Methods Static Methods Instance Methods Concrete Methods Modifier and Type Method Description com.pulumi.core.Output<java.lang.String>arn()com.pulumi.core.Output<WebAclDefaultAction>defaultAction()static WebAclget(java.lang.String name, com.pulumi.core.Output<java.lang.String> id, WebAclState state, com.pulumi.resources.CustomResourceOptions options)Get an existing Host resource's state with the given name, ID, and optional extra properties used to qualify the lookup.com.pulumi.core.Output<java.util.Optional<WebAclLoggingConfiguration>>loggingConfiguration()com.pulumi.core.Output<java.lang.String>metricName()com.pulumi.core.Output<java.lang.String>name()com.pulumi.core.Output<java.util.Optional<java.util.List<WebAclRule>>>rules()com.pulumi.core.Output<java.util.Optional<java.util.Map<java.lang.String,java.lang.String>>>tags()com.pulumi.core.Output<java.util.Map<java.lang.String,java.lang.String>>tagsAll()
-
-
-
Constructor Detail
-
WebAcl
public WebAcl(java.lang.String name)
- Parameters:
name- The _unique_ name of the resulting resource.
-
WebAcl
public WebAcl(java.lang.String name, WebAclArgs args)- Parameters:
name- The _unique_ name of the resulting resource.args- The arguments to use to populate this resource's properties.
-
WebAcl
public WebAcl(java.lang.String name, WebAclArgs args, @Nullable com.pulumi.resources.CustomResourceOptions options)- Parameters:
name- The _unique_ name of the resulting resource.args- The arguments to use to populate this resource's properties.options- A bag of options that control this resource's behavior.
-
-
Method Detail
-
arn
public com.pulumi.core.Output<java.lang.String> arn()
- Returns:
- Amazon Resource Name (ARN) of the WAF Regional WebACL.
-
defaultAction
public com.pulumi.core.Output<WebAclDefaultAction> defaultAction()
- Returns:
- The action that you want AWS WAF Regional to take when a request doesn't match the criteria in any of the rules that are associated with the web ACL.
-
loggingConfiguration
public com.pulumi.core.Output<java.util.Optional<WebAclLoggingConfiguration>> loggingConfiguration()
- Returns:
- Configuration block to enable WAF logging. Detailed below.
-
metricName
public com.pulumi.core.Output<java.lang.String> metricName()
- Returns:
- The name or description for the Amazon CloudWatch metric of this web ACL.
-
name
public com.pulumi.core.Output<java.lang.String> name()
- Returns:
- The name or description of the web ACL.
-
rules
public com.pulumi.core.Output<java.util.Optional<java.util.List<WebAclRule>>> rules()
- Returns:
- Set of configuration blocks containing rules for the web ACL. Detailed below.
-
tags
public com.pulumi.core.Output<java.util.Optional<java.util.Map<java.lang.String,java.lang.String>>> tags()
- Returns:
- Key-value map of resource tags. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.
-
tagsAll
public com.pulumi.core.Output<java.util.Map<java.lang.String,java.lang.String>> tagsAll()
- Returns:
- A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.
-
get
public static WebAcl get(java.lang.String name, com.pulumi.core.Output<java.lang.String> id, @Nullable WebAclState state, @Nullable com.pulumi.resources.CustomResourceOptions options)
Get an existing Host resource's state with the given name, ID, and optional extra properties used to qualify the lookup.- Parameters:
name- The _unique_ name of the resulting resource.id- The _unique_ provider ID of the resource to lookup.state-options- Optional settings to control the behavior of the CustomResource.
-
-