Top / Amazon Web Service / AWS WAF V2 / Web ACL

AWS WAF V2 Web ACL

This page shows how to write Terraform and CloudFormation for AWS WAF V2 Web ACL and write them securely.

Review your .tf file for AWS best practices

Shisho Cloud, our free checker to make sure your Terraform configuration follows best practices, is available (beta).

aws_wafv2_web_acl (Terraform)

The Web ACL in AWS WAF V2 can be configured in Terraform with the resource name aws_wafv2_web_acl. The following sections describe 4 examples of how to use the resource and its parameters.

Example Usage from GitHub

andrzejsydor/aws

main.tf#L1

resource "aws_wafv2_web_acl" "aws_wafv2_web_acl_REGIONAL" {
  name        = "REGIONAL-managed-rule"
  description = "Example of a REGIONAL managed rule."
  scope       = "REGIONAL"

  default_action {

Find out how to use this setting securely with Shisho Cloud

Ndomi/terraform

waf.tf#L2

resource "aws_wafv2_web_acl" "wec_acl" {
  name = "web-acl"
  scope = "REGIONAL"

  default_action {
    allow {}

Find out how to use this setting securely with Shisho Cloud

bridgecrewio/checkov

waf2.tf#L1

resource "aws_wafv2_web_acl" "pass" {
  name        = "managed-rule-example"
  description = "Example of a managed rule."
  scope       = "REGIONAL"

  default_action {

Find out how to use this setting securely with Shisho Cloud

cds-snc/covid-alert-portal

waf.tf#L5

resource "aws_wafv2_web_acl" "covidportal_acl" {
  name  = "covid_portal"
  scope = "REGIONAL"

  default_action {
    allow {}

Find out how to use this setting securely with Shisho Cloud

Review your Terraform file for AWS best practices

Shisho Cloud, our free checker to make sure your Terraform configuration follows best practices, is available (beta).

Parameters

arn optional computed - string
capacity optional computed - number
description optional - string
id optional computed - string
lock_token optional computed - string
name required - string
scope required - string
tags optional - map from string to string
default_action list block
- allow list block
- block list block
rule set block
- name required - string
- priority required - number
- action list block
  - allow list block
  - block list block
  - count list block
- override_action list block
  - count list block
  - none list block
- statement list block
  - and_statement list block
    - statement list block
      - and_statement list block
        statement list block
        and_statement list block
        statement list block
        byte_match_statement list block
        positional_constraint required - string
        search_string required - string
        field_to_match list block
        all_query_arguments list block
        body list block
        method list block
        query_string list block
        single_header list block
        name required - string
        single_query_argument list block
        name required - string
        uri_path list block
        text_transformation set block
        priority required - number
        type required - string
        geo_match_statement list block
        country_codes required - list of string
        forwarded_ip_config list block
        fallback_behavior required - string
        header_name required - string
        ip_set_reference_statement list block
        arn required - string
        ip_set_forwarded_ip_config list block
        fallback_behavior required - string
        header_name required - string
        position required - string
        regex_pattern_set_reference_statement list block
        arn required - string
        field_to_match list block
        all_query_arguments list block
        body list block
        method list block
        query_string list block
        single_header list block
        name required - string
        single_query_argument list block
        name required - string
        uri_path list block
        text_transformation set block
        priority required - number
        type required - string
        size_constraint_statement list block
        comparison_operator required - string
        size required - number
        field_to_match list block
        all_query_arguments list block
        body list block
        method list block
        query_string list block
        single_header list block
        name required - string
        single_query_argument list block
        name required - string
        uri_path list block
        text_transformation set block
        priority required - number
        type required - string
        sqli_match_statement list block
        field_to_match list block
        all_query_arguments list block
        body list block
        method list block
        query_string list block
        single_header list block
        name required - string
        single_query_argument list block
        name required - string
        uri_path list block
        text_transformation set block
        priority required - number
        type required - string
        xss_match_statement list block
        field_to_match list block
        all_query_arguments list block
        body list block
        method list block
        query_string list block
        single_header list block
        name required - string
        single_query_argument list block
        name required - string
        uri_path list block
        text_transformation set block
        priority required - number
        type required - string
        byte_match_statement list block
        positional_constraint required - string
        search_string required - string
        field_to_match list block
        all_query_arguments list block
        body list block
        method list block
        query_string list block
        single_header list block
        name required - string
        single_query_argument list block
        name required - string
        uri_path list block
        text_transformation set block
        priority required - number
        type required - string
        geo_match_statement list block
        country_codes required - list of string
        forwarded_ip_config list block
        fallback_behavior required - string
        header_name required - string
        ip_set_reference_statement list block
        arn required - string
        ip_set_forwarded_ip_config list block
        fallback_behavior required - string
        header_name required - string
        position required - string
        not_statement list block
        statement list block
        byte_match_statement list block
        positional_constraint required - string
        search_string required - string
        field_to_match list block
        all_query_arguments list block
        body list block
        method list block
        query_string list block
        single_header list block
        name required - string
        single_query_argument list block
        name required - string
        uri_path list block
        text_transformation set block
        priority required - number
        type required - string
        geo_match_statement list block
        country_codes required - list of string
        forwarded_ip_config list block
        fallback_behavior required - string
        header_name required - string
        ip_set_reference_statement list block
        arn required - string
        ip_set_forwarded_ip_config list block
        fallback_behavior required - string
        header_name required - string
        position required - string
        regex_pattern_set_reference_statement list block
        arn required - string
        field_to_match list block
        all_query_arguments list block
        body list block
        method list block
        query_string list block
        single_header list block
        name required - string
        single_query_argument list block
        name required - string
        uri_path list block
        text_transformation set block
        priority required - number
        type required - string
        size_constraint_statement list block
        comparison_operator required - string
        size required - number
        field_to_match list block
        all_query_arguments list block
        body list block
        method list block
        query_string list block
        single_header list block
        name required - string
        single_query_argument list block
        name required - string
        uri_path list block
        text_transformation set block
        priority required - number
        type required - string
        sqli_match_statement list block
        field_to_match list block
        all_query_arguments list block
        body list block
        method list block
        query_string list block
        single_header list block
        name required - string
        single_query_argument list block
        name required - string
        uri_path list block
        text_transformation set block
        priority required - number
        type required - string
        xss_match_statement list block
        field_to_match list block
        all_query_arguments list block
        body list block
        method list block
        query_string list block
        single_header list block
        name required - string
        single_query_argument list block
        name required - string
        uri_path list block
        text_transformation set block
        priority required - number
        type required - string
        or_statement list block
        statement list block
        byte_match_statement list block
        positional_constraint required - string
        search_string required - string
        field_to_match list block
        all_query_arguments list block
        body list block
        method list block
        query_string list block
        single_header list block
        name required - string
        single_query_argument list block
        name required - string
        uri_path list block
        text_transformation set block
        priority required - number
        type required - string
        geo_match_statement list block
        country_codes required - list of string
        forwarded_ip_config list block
        fallback_behavior required - string
        header_name required - string
        ip_set_reference_statement list block
        arn required - string
        ip_set_forwarded_ip_config list block
        fallback_behavior required - string
        header_name required - string
        position required - string
        regex_pattern_set_reference_statement list block
        arn required - string
        field_to_match list block
        all_query_arguments list block
        body list block
        method list block
        query_string list block
        single_header list block
        name required - string
        single_query_argument list block
        name required - string
        uri_path list block
        text_transformation set block
        priority required - number
        type required - string
        size_constraint_statement list block
        comparison_operator required - string
        size required - number
        field_to_match list block
        all_query_arguments list block
        body list block
        method list block
        query_string list block
        single_header list block
        name required - string
        single_query_argument list block
        name required - string
        uri_path list block
        text_transformation set block
        priority required - number
        type required - string
        sqli_match_statement list block
        field_to_match list block
        all_query_arguments list block
        body list block
        method list block
        query_string list block
        single_header list block
        name required - string
        single_query_argument list block
        name required - string
        uri_path list block
        text_transformation set block
        priority required - number
        type required - string
        xss_match_statement list block
        field_to_match list block
        all_query_arguments list block
        body list block
        method list block
        query_string list block
        single_header list block
        name required - string
        single_query_argument list block
        name required - string
        uri_path list block
        text_transformation set block
        priority required - number
        type required - string
        regex_pattern_set_reference_statement list block
        arn required - string
        field_to_match list block
        all_query_arguments list block
        body list block
        method list block
        query_string list block
        single_header list block
        name required - string
        single_query_argument list block
        name required - string
        uri_path list block
        text_transformation set block
        priority required - number
        type required - string
        size_constraint_statement list block
        comparison_operator required - string
        size required - number
        field_to_match list block
        all_query_arguments list block
        body list block
        method list block
        query_string list block
        single_header list block
        name required - string
        single_query_argument list block
        name required - string
        uri_path list block
        text_transformation set block
        priority required - number
        type required - string
        sqli_match_statement list block
        field_to_match list block
        all_query_arguments list block
        body list block
        method list block
        query_string list block
        single_header list block
        name required - string
        single_query_argument list block
        name required - string
        uri_path list block
        text_transformation set block
        priority required - number
        type required - string
        xss_match_statement list block
        field_to_match list block
        all_query_arguments list block
        body list block
        method list block
        query_string list block
        single_header list block
        name required - string
        single_query_argument list block
        name required - string
        uri_path list block
        text_transformation set block
        priority required - number
        type required - string
      - byte_match_statement list block
        positional_constraint required - string
        search_string required - string
        field_to_match list block
        all_query_arguments list block
        body list block
        method list block
        query_string list block
        single_header list block
        name required - string
        single_query_argument list block
        name required - string
        uri_path list block
        text_transformation set block
        priority required - number
        type required - string
      - geo_match_statement list block
        country_codes required - list of string
        forwarded_ip_config list block
        fallback_behavior required - string
        header_name required - string
      - ip_set_reference_statement list block
        arn required - string
        ip_set_forwarded_ip_config list block
        fallback_behavior required - string
        header_name required - string
        position required - string
      - not_statement list block
        statement list block
        and_statement list block
        statement list block
        byte_match_statement list block
        positional_constraint required - string
        search_string required - string
        field_to_match list block
        all_query_arguments list block
        body list block
        method list block
        query_string list block
        single_header list block
        name required - string
        single_query_argument list block
        name required - string
        uri_path list block
        text_transformation set block
        priority required - number
        type required - string
        geo_match_statement list block
        country_codes required - list of string
        forwarded_ip_config list block
        fallback_behavior required - string
        header_name required - string
        ip_set_reference_statement list block
        arn required - string
        ip_set_forwarded_ip_config list block
        fallback_behavior required - string
        header_name required - string
        position required - string
        regex_pattern_set_reference_statement list block
        arn required - string
        field_to_match list block
        all_query_arguments list block
        body list block
        method list block
        query_string list block
        single_header list block
        name required - string
        single_query_argument list block
        name required - string
        uri_path list block
        text_transformation set block
        priority required - number
        type required - string
        size_constraint_statement list block
        comparison_operator required - string
        size required - number
        field_to_match list block
        all_query_arguments list block
        body list block
        method list block
        query_string list block
        single_header list block
        name required - string
        single_query_argument list block
        name required - string
        uri_path list block
        text_transformation set block
        priority required - number
        type required - string
        sqli_match_statement list block
        field_to_match list block
        all_query_arguments list block
        body list block
        method list block
        query_string list block
        single_header list block
        name required - string
        single_query_argument list block
        name required - string
        uri_path list block
        text_transformation set block
        priority required - number
        type required - string
        xss_match_statement list block
        field_to_match list block
        all_query_arguments list block
        body list block
        method list block
        query_string list block
        single_header list block
        name required - string
        single_query_argument list block
        name required - string
        uri_path list block
        text_transformation set block
        priority required - number
        type required - string
        byte_match_statement list block
        positional_constraint required - string
        search_string required - string
        field_to_match list block
        all_query_arguments list block
        body list block
        method list block
        query_string list block
        single_header list block
        name required - string
        single_query_argument list block
        name required - string
        uri_path list block
        text_transformation set block
        priority required - number
        type required - string
        geo_match_statement list block
        country_codes required - list of string
        forwarded_ip_config list block
        fallback_behavior required - string
        header_name required - string
        ip_set_reference_statement list block
        arn required - string
        ip_set_forwarded_ip_config list block
        fallback_behavior required - string
        header_name required - string
        position required - string
        not_statement list block
        statement list block
        byte_match_statement list block
        positional_constraint required - string
        search_string required - string
        field_to_match list block
        all_query_arguments list block
        body list block
        method list block
        query_string list block
        single_header list block
        name required - string
        single_query_argument list block
        name required - string
        uri_path list block
        text_transformation set block
        priority required - number
        type required - string
        geo_match_statement list block
        country_codes required - list of string
        forwarded_ip_config list block
        fallback_behavior required - string
        header_name required - string
        ip_set_reference_statement list block
        arn required - string
        ip_set_forwarded_ip_config list block
        fallback_behavior required - string
        header_name required - string
        position required - string
        regex_pattern_set_reference_statement list block
        arn required - string
        field_to_match list block
        all_query_arguments list block
        body list block
        method list block
        query_string list block
        single_header list block
        name required - string
        single_query_argument list block
        name required - string
        uri_path list block
        text_transformation set block
        priority required - number
        type required - string
        size_constraint_statement list block
        comparison_operator required - string
        size required - number
        field_to_match list block
        all_query_arguments list block
        body list block
        method list block
        query_string list block
        single_header list block
        name required - string
        single_query_argument list block
        name required - string
        uri_path list block
        text_transformation set block
        priority required - number
        type required - string
        sqli_match_statement list block
        field_to_match list block
        all_query_arguments list block
        body list block
        method list block
        query_string list block
        single_header list block
        name required - string
        single_query_argument list block
        name required - string
        uri_path list block
        text_transformation set block
        priority required - number
        type required - string
        xss_match_statement list block
        field_to_match list block
        all_query_arguments list block
        body list block
        method list block
        query_string list block
        single_header list block
        name required - string
        single_query_argument list block
        name required - string
        uri_path list block
        text_transformation set block
        priority required - number
        type required - string
        or_statement list block
        statement list block
        byte_match_statement list block
        positional_constraint required - string
        search_string required - string
        field_to_match list block
        all_query_arguments list block
        body list block
        method list block
        query_string list block
        single_header list block
        name required - string
        single_query_argument list block
        name required - string
        uri_path list block
        text_transformation set block
        priority required - number
        type required - string
        geo_match_statement list block
        country_codes required - list of string
        forwarded_ip_config list block
        fallback_behavior required - string
        header_name required - string
        ip_set_reference_statement list block
        arn required - string
        ip_set_forwarded_ip_config list block
        fallback_behavior required - string
        header_name required - string
        position required - string
        regex_pattern_set_reference_statement list block
        arn required - string
        field_to_match list block
        all_query_arguments list block
        body list block
        method list block
        query_string list block
        single_header list block
        name required - string
        single_query_argument list block
        name required - string
        uri_path list block
        text_transformation set block
        priority required - number
        type required - string
        size_constraint_statement list block
        comparison_operator required - string
        size required - number
        field_to_match list block
        all_query_arguments list block
        body list block
        method list block
        query_string list block
        single_header list block
        name required - string
        single_query_argument list block
        name required - string
        uri_path list block
        text_transformation set block
        priority required - number
        type required - string
        sqli_match_statement list block
        field_to_match list block
        all_query_arguments list block
        body list block
        method list block
        query_string list block
        single_header list block
        name required - string
        single_query_argument list block
        name required - string
        uri_path list block
        text_transformation set block
        priority required - number
        type required - string
        xss_match_statement list block
        field_to_match list block
        all_query_arguments list block
        body list block
        method list block
        query_string list block
        single_header list block
        name required - string
        single_query_argument list block
        name required - string
        uri_path list block
        text_transformation set block
        priority required - number
        type required - string
        regex_pattern_set_reference_statement list block
        arn required - string
        field_to_match list block
        all_query_arguments list block
        body list block
        method list block
        query_string list block
        single_header list block
        name required - string
        single_query_argument list block
        name required - string
        uri_path list block
        text_transformation set block
        priority required - number
        type required - string
        size_constraint_statement list block
        comparison_operator required - string
        size required - number
        field_to_match list block
        all_query_arguments list block
        body list block
        method list block
        query_string list block
        single_header list block
        name required - string
        single_query_argument list block
        name required - string
        uri_path list block
        text_transformation set block
        priority required - number
        type required - string
        sqli_match_statement list block
        field_to_match list block
        all_query_arguments list block
        body list block
        method list block
        query_string list block
        single_header list block
        name required - string
        single_query_argument list block
        name required - string
        uri_path list block
        text_transformation set block
        priority required - number
        type required - string
        xss_match_statement list block
        field_to_match list block
        all_query_arguments list block
        body list block
        method list block
        query_string list block
        single_header list block
        name required - string
        single_query_argument list block
        name required - string
        uri_path list block
        text_transformation set block
        priority required - number
        type required - string
      - or_statement list block
        statement list block
        and_statement list block
        statement list block
        byte_match_statement list block
        positional_constraint required - string
        search_string required - string
        field_to_match list block
        all_query_arguments list block
        body list block
        method list block
        query_string list block
        single_header list block
        name required - string
        single_query_argument list block
        name required - string
        uri_path list block
        text_transformation set block
        priority required - number
        type required - string
        geo_match_statement list block
        country_codes required - list of string
        forwarded_ip_config list block
        fallback_behavior required - string
        header_name required - string
        ip_set_reference_statement list block
        arn required - string
        ip_set_forwarded_ip_config list block
        fallback_behavior required - string
        header_name required - string
        position required - string
        regex_pattern_set_reference_statement list block
        arn required - string
        field_to_match list block
        all_query_arguments list block
        body list block
        method list block
        query_string list block
        single_header list block
        name required - string
        single_query_argument list block
        name required - string
        uri_path list block
        text_transformation set block
        priority required - number
        type required - string
        size_constraint_statement list block
        comparison_operator required - string
        size required - number
        field_to_match list block
        all_query_arguments list block
        body list block
        method list block
        query_string list block
        single_header list block
        name required - string
        single_query_argument list block
        name required - string
        uri_path list block
        text_transformation set block
        priority required - number
        type required - string
        sqli_match_statement list block
        field_to_match list block
        all_query_arguments list block
        body list block
        method list block
        query_string list block
        single_header list block
        name required - string
        single_query_argument list block
        name required - string
        uri_path list block
        text_transformation set block
        priority required - number
        type required - string
        xss_match_statement list block
        field_to_match list block
        all_query_arguments list block
        body list block
        method list block
        query_string list block
        single_header list block
        name required - string
        single_query_argument list block
        name required - string
        uri_path list block
        text_transformation set block
        priority required - number
        type required - string
        byte_match_statement list block
        positional_constraint required - string
        search_string required - string
        field_to_match list block
        all_query_arguments list block
        body list block
        method list block
        query_string list block
        single_header list block
        name required - string
        single_query_argument list block
        name required - string
        uri_path list block
        text_transformation set block
        priority required - number
        type required - string
        geo_match_statement list block
        country_codes required - list of string
        forwarded_ip_config list block
        fallback_behavior required - string
        header_name required - string
        ip_set_reference_statement list block
        arn required - string
        ip_set_forwarded_ip_config list block
        fallback_behavior required - string
        header_name required - string
        position required - string
        not_statement list block
        statement list block
        byte_match_statement list block
        positional_constraint required - string
        search_string required - string
        field_to_match list block
        all_query_arguments list block
        body list block
        method list block
        query_string list block
        single_header list block
        name required - string
        single_query_argument list block
        name required - string
        uri_path list block
        text_transformation set block
        priority required - number
        type required - string
        geo_match_statement list block
        country_codes required - list of string
        forwarded_ip_config list block
        fallback_behavior required - string
        header_name required - string
        ip_set_reference_statement list block
        arn required - string
        ip_set_forwarded_ip_config list block
        fallback_behavior required - string
        header_name required - string
        position required - string
        regex_pattern_set_reference_statement list block
        arn required - string
        field_to_match list block
        all_query_arguments list block
        body list block
        method list block
        query_string list block
        single_header list block
        name required - string
        single_query_argument list block
        name required - string
        uri_path list block
        text_transformation set block
        priority required - number
        type required - string
        size_constraint_statement list block
        comparison_operator required - string
        size required - number
        field_to_match list block
        all_query_arguments list block
        body list block
        method list block
        query_string list block
        single_header list block
        name required - string
        single_query_argument list block
        name required - string
        uri_path list block
        text_transformation set block
        priority required - number
        type required - string
        sqli_match_statement list block
        field_to_match list block
        all_query_arguments list block
        body list block
        method list block
        query_string list block
        single_header list block
        name required - string
        single_query_argument list block
        name required - string
        uri_path list block
        text_transformation set block
        priority required - number
        type required - string
        xss_match_statement list block
        field_to_match list block
        all_query_arguments list block
        body list block
        method list block
        query_string list block
        single_header list block
        name required - string
        single_query_argument list block
        name required - string
        uri_path list block
        text_transformation set block
        priority required - number
        type required - string
        or_statement list block
        statement list block
        byte_match_statement list block
        positional_constraint required - string
        search_string required - string
        field_to_match list block
        all_query_arguments list block
        body list block
        method list block
        query_string list block
        single_header list block
        name required - string
        single_query_argument list block
        name required - string
        uri_path list block
        text_transformation set block
        priority required - number
        type required - string
        geo_match_statement list block
        country_codes required - list of string
        forwarded_ip_config list block
        fallback_behavior required - string
        header_name required - string
        ip_set_reference_statement list block
        arn required - string
        ip_set_forwarded_ip_config list block
        fallback_behavior required - string
        header_name required - string
        position required - string
        regex_pattern_set_reference_statement list block
        arn required - string
        field_to_match list block
        all_query_arguments list block
        body list block
        method list block
        query_string list block
        single_header list block
        name required - string
        single_query_argument list block
        name required - string
        uri_path list block
        text_transformation set block
        priority required - number
        type required - string
        size_constraint_statement list block
        comparison_operator required - string
        size required - number
        field_to_match list block
        all_query_arguments list block
        body list block
        method list block
        query_string list block
        single_header list block
        name required - string
        single_query_argument list block
        name required - string
        uri_path list block
        text_transformation set block
        priority required - number
        type required - string
        sqli_match_statement list block
        field_to_match list block
        all_query_arguments list block
        body list block
        method list block
        query_string list block
        single_header list block
        name required - string
        single_query_argument list block
        name required - string
        uri_path list block
        text_transformation set block
        priority required - number
        type required - string
        xss_match_statement list block
        field_to_match list block
        all_query_arguments list block
        body list block
        method list block
        query_string list block
        single_header list block
        name required - string
        single_query_argument list block
        name required - string
        uri_path list block
        text_transformation set block
        priority required - number
        type required - string
        regex_pattern_set_reference_statement list block
        arn required - string
        field_to_match list block
        all_query_arguments list block
        body list block
        method list block
        query_string list block
        single_header list block
        name required - string
        single_query_argument list block
        name required - string
        uri_path list block
        text_transformation set block
        priority required - number
        type required - string
        size_constraint_statement list block
        comparison_operator required - string
        size required - number
        field_to_match list block
        all_query_arguments list block
        body list block
        method list block
        query_string list block
        single_header list block
        name required - string
        single_query_argument list block
        name required - string
        uri_path list block
        text_transformation set block
        priority required - number
        type required - string
        sqli_match_statement list block
        field_to_match list block
        all_query_arguments list block
        body list block
        method list block
        query_string list block
        single_header list block
        name required - string
        single_query_argument list block
        name required - string
        uri_path list block
        text_transformation set block
        priority required - number
        type required - string
        xss_match_statement list block
        field_to_match list block
        all_query_arguments list block
        body list block
        method list block
        query_string list block
        single_header list block
        name required - string
        single_query_argument list block
        name required - string
        uri_path list block
        text_transformation set block
        priority required - number
        type required - string
      - regex_pattern_set_reference_statement list block
        arn required - string
        field_to_match list block
        all_query_arguments list block
        body list block
        method list block
        query_string list block
        single_header list block
        name required - string
        single_query_argument list block
        name required - string
        uri_path list block
        text_transformation set block
        priority required - number
        type required - string
      - size_constraint_statement list block
        comparison_operator required - string
        size required - number
        field_to_match list block
        all_query_arguments list block
        body list block
        method list block
        query_string list block
        single_header list block
        name required - string
        single_query_argument list block
        name required - string
        uri_path list block
        text_transformation set block
        priority required - number
        type required - string
      - sqli_match_statement list block
        field_to_match list block
        all_query_arguments list block
        body list block
        method list block
        query_string list block
        single_header list block
        name required - string
        single_query_argument list block
        name required - string
        uri_path list block
        text_transformation set block
        priority required - number
        type required - string
      - xss_match_statement list block
        field_to_match list block
        all_query_arguments list block
        body list block
        method list block
        query_string list block
        single_header list block
        name required - string
        single_query_argument list block
        name required - string
        uri_path list block
        text_transformation set block
        priority required - number
        type required - string
  - byte_match_statement list block
    - positional_constraint required - string
    - search_string required - string
    - field_to_match list block
      - all_query_arguments list block
      - body list block
      - method list block
      - query_string list block
      - single_header list block
        name required - string
      - single_query_argument list block
        name required - string
      - uri_path list block
    - text_transformation set block
      - priority required - number
      - type required - string
  - geo_match_statement list block
    - country_codes required - list of string
    - forwarded_ip_config list block
      - fallback_behavior required - string
      - header_name required - string
  - ip_set_reference_statement list block
    - arn required - string
    - ip_set_forwarded_ip_config list block
      - fallback_behavior required - string
      - header_name required - string
      - position required - string
  - managed_rule_group_statement list block
    - name required - string
    - vendor_name required - string
    - excluded_rule list block
      - name required - string
  - not_statement list block
    - statement list block
      - and_statement list block
        statement list block
        and_statement list block
        statement list block
        byte_match_statement list block
        positional_constraint required - string
        search_string required - string
        field_to_match list block
        all_query_arguments list block
        body list block
        method list block
        query_string list block
        single_header list block
        name required - string
        single_query_argument list block
        name required - string
        uri_path list block
        text_transformation set block
        priority required - number
        type required - string
        geo_match_statement list block
        country_codes required - list of string
        forwarded_ip_config list block
        fallback_behavior required - string
        header_name required - string
        ip_set_reference_statement list block
        arn required - string
        ip_set_forwarded_ip_config list block
        fallback_behavior required - string
        header_name required - string
        position required - string
        regex_pattern_set_reference_statement list block
        arn required - string
        field_to_match list block
        all_query_arguments list block
        body list block
        method list block
        query_string list block
        single_header list block
        name required - string
        single_query_argument list block
        name required - string
        uri_path list block
        text_transformation set block
        priority required - number
        type required - string
        size_constraint_statement list block
        comparison_operator required - string
        size required - number
        field_to_match list block
        all_query_arguments list block
        body list block
        method list block
        query_string list block
        single_header list block
        name required - string
        single_query_argument list block
        name required - string
        uri_path list block
        text_transformation set block
        priority required - number
        type required - string
        sqli_match_statement list block
        field_to_match list block
        all_query_arguments list block
        body list block
        method list block
        query_string list block
        single_header list block
        name required - string
        single_query_argument list block
        name required - string
        uri_path list block
        text_transformation set block
        priority required - number
        type required - string
        xss_match_statement list block
        field_to_match list block
        all_query_arguments list block
        body list block
        method list block
        query_string list block
        single_header list block
        name required - string
        single_query_argument list block
        name required - string
        uri_path list block
        text_transformation set block
        priority required - number
        type required - string
        byte_match_statement list block
        positional_constraint required - string
        search_string required - string
        field_to_match list block
        all_query_arguments list block
        body list block
        method list block
        query_string list block
        single_header list block
        name required - string
        single_query_argument list block
        name required - string
        uri_path list block
        text_transformation set block
        priority required - number
        type required - string
        geo_match_statement list block
        country_codes required - list of string
        forwarded_ip_config list block
        fallback_behavior required - string
        header_name required - string
        ip_set_reference_statement list block
        arn required - string
        ip_set_forwarded_ip_config list block
        fallback_behavior required - string
        header_name required - string
        position required - string
        not_statement list block
        statement list block
        byte_match_statement list block
        positional_constraint required - string
        search_string required - string
        field_to_match list block
        all_query_arguments list block
        body list block
        method list block
        query_string list block
        single_header list block
        name required - string
        single_query_argument list block
        name required - string
        uri_path list block
        text_transformation set block
        priority required - number
        type required - string
        geo_match_statement list block
        country_codes required - list of string
        forwarded_ip_config list block
        fallback_behavior required - string
        header_name required - string
        ip_set_reference_statement list block
        arn required - string
        ip_set_forwarded_ip_config list block
        fallback_behavior required - string
        header_name required - string
        position required - string
        regex_pattern_set_reference_statement list block
        arn required - string
        field_to_match list block
        all_query_arguments list block
        body list block
        method list block
        query_string list block
        single_header list block
        name required - string
        single_query_argument list block
        name required - string
        uri_path list block
        text_transformation set block
        priority required - number
        type required - string
        size_constraint_statement list block
        comparison_operator required - string
        size required - number
        field_to_match list block
        all_query_arguments list block
        body list block
        method list block
        query_string list block
        single_header list block
        name required - string
        single_query_argument list block
        name required - string
        uri_path list block
        text_transformation set block
        priority required - number
        type required - string
        sqli_match_statement list block
        field_to_match list block
        all_query_arguments list block
        body list block
        method list block
        query_string list block
        single_header list block
        name required - string
        single_query_argument list block
        name required - string
        uri_path list block
        text_transformation set block
        priority required - number
        type required - string
        xss_match_statement list block
        field_to_match list block
        all_query_arguments list block
        body list block
        method list block
        query_string list block
        single_header list block
        name required - string
        single_query_argument list block
        name required - string
        uri_path list block
        text_transformation set block
        priority required - number
        type required - string
        or_statement list block
        statement list block
        byte_match_statement list block
        positional_constraint required - string
        search_string required - string
        field_to_match list block
        all_query_arguments list block
        body list block
        method list block
        query_string list block
        single_header list block
        name required - string
        single_query_argument list block
        name required - string
        uri_path list block
        text_transformation set block
        priority required - number
        type required - string
        geo_match_statement list block
        country_codes required - list of string
        forwarded_ip_config list block
        fallback_behavior required - string
        header_name required - string
        ip_set_reference_statement list block
        arn required - string
        ip_set_forwarded_ip_config list block
        fallback_behavior required - string
        header_name required - string
        position required - string
        regex_pattern_set_reference_statement list block
        arn required - string
        field_to_match list block
        all_query_arguments list block
        body list block
        method list block
        query_string list block
        single_header list block
        name required - string
        single_query_argument list block
        name required - string
        uri_path list block
        text_transformation set block
        priority required - number
        type required - string
        size_constraint_statement list block
        comparison_operator required - string
        size required - number
        field_to_match list block
        all_query_arguments list block
        body list block
        method list block
        query_string list block
        single_header list block
        name required - string
        single_query_argument list block
        name required - string
        uri_path list block
        text_transformation set block
        priority required - number
        type required - string
        sqli_match_statement list block
        field_to_match list block
        all_query_arguments list block
        body list block
        method list block
        query_string list block
        single_header list block
        name required - string
        single_query_argument list block
        name required - string
        uri_path list block
        text_transformation set block
        priority required - number
        type required - string
        xss_match_statement list block
        field_to_match list block
        all_query_arguments list block
        body list block
        method list block
        query_string list block
        single_header list block
        name required - string
        single_query_argument list block
        name required - string
        uri_path list block
        text_transformation set block
        priority required - number
        type required - string
        regex_pattern_set_reference_statement list block
        arn required - string
        field_to_match list block
        all_query_arguments list block
        body list block
        method list block
        query_string list block
        single_header list block
        name required - string
        single_query_argument list block
        name required - string
        uri_path list block
        text_transformation set block
        priority required - number
        type required - string
        size_constraint_statement list block
        comparison_operator required - string
        size required - number
        field_to_match list block
        all_query_arguments list block
        body list block
        method list block
        query_string list block
        single_header list block
        name required - string
        single_query_argument list block
        name required - string
        uri_path list block
        text_transformation set block
        priority required - number
        type required - string
        sqli_match_statement list block
        field_to_match list block
        all_query_arguments list block
        body list block
        method list block
        query_string list block
        single_header list block
        name required - string
        single_query_argument list block
        name required - string
        uri_path list block
        text_transformation set block
        priority required - number
        type required - string
        xss_match_statement list block
        field_to_match list block
        all_query_arguments list block
        body list block
        method list block
        query_string list block
        single_header list block
        name required - string
        single_query_argument list block
        name required - string
        uri_path list block
        text_transformation set block
        priority required - number
        type required - string
      - byte_match_statement list block
        positional_constraint required - string
        search_string required - string
        field_to_match list block
        all_query_arguments list block
        body list block
        method list block
        query_string list block
        single_header list block
        name required - string
        single_query_argument list block
        name required - string
        uri_path list block
        text_transformation set block
        priority required - number
        type required - string
      - geo_match_statement list block
        country_codes required - list of string
        forwarded_ip_config list block
        fallback_behavior required - string
        header_name required - string
      - ip_set_reference_statement list block
        arn required - string
        ip_set_forwarded_ip_config list block
        fallback_behavior required - string
        header_name required - string
        position required - string
      - not_statement list block
        statement list block
        and_statement list block
        statement list block
        byte_match_statement list block
        positional_constraint required - string
        search_string required - string
        field_to_match list block
        all_query_arguments list block
        body list block
        method list block
        query_string list block
        single_header list block
        name required - string
        single_query_argument list block
        name required - string
        uri_path list block
        text_transformation set block
        priority required - number
        type required - string
        geo_match_statement list block
        country_codes required - list of string
        forwarded_ip_config list block
        fallback_behavior required - string
        header_name required - string
        ip_set_reference_statement list block
        arn required - string
        ip_set_forwarded_ip_config list block
        fallback_behavior required - string
        header_name required - string
        position required - string
        regex_pattern_set_reference_statement list block
        arn required - string
        field_to_match list block
        all_query_arguments list block
        body list block
        method list block
        query_string list block
        single_header list block
        name required - string
        single_query_argument list block
        name required - string
        uri_path list block
        text_transformation set block
        priority required - number
        type required - string
        size_constraint_statement list block
        comparison_operator required - string
        size required - number
        field_to_match list block
        all_query_arguments list block
        body list block
        method list block
        query_string list block
        single_header list block
        name required - string
        single_query_argument list block
        name required - string
        uri_path list block
        text_transformation set block
        priority required - number
        type required - string
        sqli_match_statement list block
        field_to_match list block
        all_query_arguments list block
        body list block
        method list block
        query_string list block
        single_header list block
        name required - string
        single_query_argument list block
        name required - string
        uri_path list block
        text_transformation set block
        priority required - number
        type required - string
        xss_match_statement list block
        field_to_match list block
        all_query_arguments list block
        body list block
        method list block
        query_string list block
        single_header list block
        name required - string
        single_query_argument list block
        name required - string
        uri_path list block
        text_transformation set block
        priority required - number
        type required - string
        byte_match_statement list block
        positional_constraint required - string
        search_string required - string
        field_to_match list block
        all_query_arguments list block
        body list block
        method list block
        query_string list block
        single_header list block
        name required - string
        single_query_argument list block
        name required - string
        uri_path list block
        text_transformation set block
        priority required - number
        type required - string
        geo_match_statement list block
        country_codes required - list of string
        forwarded_ip_config list block
        fallback_behavior required - string
        header_name required - string
        ip_set_reference_statement list block
        arn required - string
        ip_set_forwarded_ip_config list block
        fallback_behavior required - string
        header_name required - string
        position required - string
        not_statement list block
        statement list block
        byte_match_statement list block
        positional_constraint required - string
        search_string required - string
        field_to_match list block
        all_query_arguments list block
        body list block
        method list block
        query_string list block
        single_header list block
        name required - string
        single_query_argument list block
        name required - string
        uri_path list block
        text_transformation set block
        priority required - number
        type required - string
        geo_match_statement list block
        country_codes required - list of string
        forwarded_ip_config list block
        fallback_behavior required - string
        header_name required - string
        ip_set_reference_statement list block
        arn required - string
        ip_set_forwarded_ip_config list block
        fallback_behavior required - string
        header_name required - string
        position required - string
        regex_pattern_set_reference_statement list block
        arn required - string
        field_to_match list block
        all_query_arguments list block
        body list block
        method list block
        query_string list block
        single_header list block
        name required - string
        single_query_argument list block
        name required - string
        uri_path list block
        text_transformation set block
        priority required - number
        type required - string
        size_constraint_statement list block
        comparison_operator required - string
        size required - number
        field_to_match list block
        all_query_arguments list block
        body list block
        method list block
        query_string list block
        single_header list block
        name required - string
        single_query_argument list block
        name required - string
        uri_path list block
        text_transformation set block
        priority required - number
        type required - string
        sqli_match_statement list block
        field_to_match list block
        all_query_arguments list block
        body list block
        method list block
        query_string list block
        single_header list block
        name required - string
        single_query_argument list block
        name required - string
        uri_path list block
        text_transformation set block
        priority required - number
        type required - string
        xss_match_statement list block
        field_to_match list block
        all_query_arguments list block
        body list block
        method list block
        query_string list block
        single_header list block
        name required - string
        single_query_argument list block
        name required - string
        uri_path list block
        text_transformation set block
        priority required - number
        type required - string
        or_statement list block
        statement list block
        byte_match_statement list block
        positional_constraint required - string
        search_string required - string
        field_to_match list block
        all_query_arguments list block
        body list block
        method list block
        query_string list block
        single_header list block
        name required - string
        single_query_argument list block
        name required - string
        uri_path list block
        text_transformation set block
        priority required - number
        type required - string
        geo_match_statement list block
        country_codes required - list of string
        forwarded_ip_config list block
        fallback_behavior required - string
        header_name required - string
        ip_set_reference_statement list block
        arn required - string
        ip_set_forwarded_ip_config list block
        fallback_behavior required - string
        header_name required - string
        position required - string
        regex_pattern_set_reference_statement list block
        arn required - string
        field_to_match list block
        all_query_arguments list block
        body list block
        method list block
        query_string list block
        single_header list block
        name required - string
        single_query_argument list block
        name required - string
        uri_path list block
        text_transformation set block
        priority required - number
        type required - string
        size_constraint_statement list block
        comparison_operator required - string
        size required - number
        field_to_match list block
        all_query_arguments list block
        body list block
        method list block
        query_string list block
        single_header list block
        name required - string
        single_query_argument list block
        name required - string
        uri_path list block
        text_transformation set block
        priority required - number
        type required - string
        sqli_match_statement list block
        field_to_match list block
        all_query_arguments list block
        body list block
        method list block
        query_string list block
        single_header list block
        name required - string
        single_query_argument list block
        name required - string
        uri_path list block
        text_transformation set block
        priority required - number
        type required - string
        xss_match_statement list block
        field_to_match list block
        all_query_arguments list block
        body list block
        method list block
        query_string list block
        single_header list block
        name required - string
        single_query_argument list block
        name required - string
        uri_path list block
        text_transformation set block
        priority required - number
        type required - string
        regex_pattern_set_reference_statement list block
        arn required - string
        field_to_match list block
        all_query_arguments list block
        body list block
        method list block
        query_string list block
        single_header list block
        name required - string
        single_query_argument list block
        name required - string
        uri_path list block
        text_transformation set block
        priority required - number
        type required - string
        size_constraint_statement list block
        comparison_operator required - string
        size required - number
        field_to_match list block
        all_query_arguments list block
        body list block
        method list block
        query_string list block
        single_header list block
        name required - string
        single_query_argument list block
        name required - string
        uri_path list block
        text_transformation set block
        priority required - number
        type required - string
        sqli_match_statement list block
        field_to_match list block
        all_query_arguments list block
        body list block
        method list block
        query_string list block
        single_header list block
        name required - string
        single_query_argument list block
        name required - string
        uri_path list block
        text_transformation set block
        priority required - number
        type required - string
        xss_match_statement list block
        field_to_match list block
        all_query_arguments list block
        body list block
        method list block
        query_string list block
        single_header list block
        name required - string
        single_query_argument list block
        name required - string
        uri_path list block
        text_transformation set block
        priority required - number
        type required - string
      - or_statement list block
        statement list block
        and_statement list block
        statement list block
        byte_match_statement list block
        positional_constraint required - string
        search_string required - string
        field_to_match list block
        all_query_arguments list block
        body list block
        method list block
        query_string list block
        single_header list block
        name required - string
        single_query_argument list block
        name required - string
        uri_path list block
        text_transformation set block
        priority required - number
        type required - string
        geo_match_statement list block
        country_codes required - list of string
        forwarded_ip_config list block
        fallback_behavior required - string
        header_name required - string
        ip_set_reference_statement list block
        arn required - string
        ip_set_forwarded_ip_config list block
        fallback_behavior required - string
        header_name required - string
        position required - string
        regex_pattern_set_reference_statement list block
        arn required - string
        field_to_match list block
        all_query_arguments list block
        body list block
        method list block
        query_string list block
        single_header list block
        name required - string
        single_query_argument list block
        name required - string
        uri_path list block
        text_transformation set block
        priority required - number
        type required - string
        size_constraint_statement list block
        comparison_operator required - string
        size required - number
        field_to_match list block
        all_query_arguments list block
        body list block
        method list block
        query_string list block
        single_header list block
        name required - string
        single_query_argument list block
        name required - string
        uri_path list block
        text_transformation set block
        priority required - number
        type required - string
        sqli_match_statement list block
        field_to_match list block
        all_query_arguments list block
        body list block
        method list block
        query_string list block
        single_header list block
        name required - string
        single_query_argument list block
        name required - string
        uri_path list block
        text_transformation set block
        priority required - number
        type required - string
        xss_match_statement list block
        field_to_match list block
        all_query_arguments list block
        body list block
        method list block
        query_string list block
        single_header list block
        name required - string
        single_query_argument list block
        name required - string
        uri_path list block
        text_transformation set block
        priority required - number
        type required - string
        byte_match_statement list block
        positional_constraint required - string
        search_string required - string
        field_to_match list block
        all_query_arguments list block
        body list block
        method list block
        query_string list block
        single_header list block
        name required - string
        single_query_argument list block
        name required - string
        uri_path list block
        text_transformation set block
        priority required - number
        type required - string
        geo_match_statement list block
        country_codes required - list of string
        forwarded_ip_config list block
        fallback_behavior required - string
        header_name required - string
        ip_set_reference_statement list block
        arn required - string
        ip_set_forwarded_ip_config list block
        fallback_behavior required - string
        header_name required - string
        position required - string
        not_statement list block
        statement list block
        byte_match_statement list block
        positional_constraint required - string
        search_string required - string
        field_to_match list block
        all_query_arguments list block
        body list block
        method list block
        query_string list block
        single_header list block
        name required - string
        single_query_argument list block
        name required - string
        uri_path list block
        text_transformation set block
        priority required - number
        type required - string
        geo_match_statement list block
        country_codes required - list of string
        forwarded_ip_config list block
        fallback_behavior required - string
        header_name required - string
        ip_set_reference_statement list block
        arn required - string
        ip_set_forwarded_ip_config list block
        fallback_behavior required - string
        header_name required - string
        position required - string
        regex_pattern_set_reference_statement list block
        arn required - string
        field_to_match list block
        all_query_arguments list block
        body list block
        method list block
        query_string list block
        single_header list block
        name required - string
        single_query_argument list block
        name required - string
        uri_path list block
        text_transformation set block
        priority required - number
        type required - string
        size_constraint_statement list block
        comparison_operator required - string
        size required - number
        field_to_match list block
        all_query_arguments list block
        body list block
        method list block
        query_string list block
        single_header list block
        name required - string
        single_query_argument list block
        name required - string
        uri_path list block
        text_transformation set block
        priority required - number
        type required - string
        sqli_match_statement list block
        field_to_match list block
        all_query_arguments list block
        body list block
        method list block
        query_string list block
        single_header list block
        name required - string
        single_query_argument list block
        name required - string
        uri_path list block
        text_transformation set block
        priority required - number
        type required - string
        xss_match_statement list block
        field_to_match list block
        all_query_arguments list block
        body list block
        method list block
        query_string list block
        single_header list block
        name required - string
        single_query_argument list block
        name required - string
        uri_path list block
        text_transformation set block
        priority required - number
        type required - string
        or_statement list block
        statement list block
        byte_match_statement list block
        positional_constraint required - string
        search_string required - string
        field_to_match list block
        all_query_arguments list block
        body list block
        method list block
        query_string list block
        single_header list block
        name required - string
        single_query_argument list block
        name required - string
        uri_path list block
        text_transformation set block
        priority required - number
        type required - string
        geo_match_statement list block
        country_codes required - list of string
        forwarded_ip_config list block
        fallback_behavior required - string
        header_name required - string
        ip_set_reference_statement list block
        arn required - string
        ip_set_forwarded_ip_config list block
        fallback_behavior required - string
        header_name required - string
        position required - string
        regex_pattern_set_reference_statement list block
        arn required - string
        field_to_match list block
        all_query_arguments list block
        body list block
        method list block
        query_string list block
        single_header list block
        name required - string
        single_query_argument list block
        name required - string
        uri_path list block
        text_transformation set block
        priority required - number
        type required - string
        size_constraint_statement list block
        comparison_operator required - string
        size required - number
        field_to_match list block
        all_query_arguments list block
        body list block
        method list block
        query_string list block
        single_header list block
        name required - string
        single_query_argument list block
        name required - string
        uri_path list block
        text_transformation set block
        priority required - number
        type required - string
        sqli_match_statement list block
        field_to_match list block
        all_query_arguments list block
        body list block
        method list block
        query_string list block
        single_header list block
        name required - string
        single_query_argument list block
        name required - string
        uri_path list block
        text_transformation set block
        priority required - number
        type required - string
        xss_match_statement list block
        field_to_match list block
        all_query_arguments list block
        body list block
        method list block
        query_string list block
        single_header list block
        name required - string
        single_query_argument list block
        name required - string
        uri_path list block
        text_transformation set block
        priority required - number
        type required - string
        regex_pattern_set_reference_statement list block
        arn required - string
        field_to_match list block
        all_query_arguments list block
        body list block
        method list block
        query_string list block
        single_header list block
        name required - string
        single_query_argument list block
        name required - string
        uri_path list block
        text_transformation set block
        priority required - number
        type required - string
        size_constraint_statement list block
        comparison_operator required - string
        size required - number
        field_to_match list block
        all_query_arguments list block
        body list block
        method list block
        query_string list block
        single_header list block
        name required - string
        single_query_argument list block
        name required - string
        uri_path list block
        text_transformation set block
        priority required - number
        type required - string
        sqli_match_statement list block
        field_to_match list block
        all_query_arguments list block
        body list block
        method list block
        query_string list block
        single_header list block
        name required - string
        single_query_argument list block
        name required - string
        uri_path list block
        text_transformation set block
        priority required - number
        type required - string
        xss_match_statement list block
        field_to_match list block
        all_query_arguments list block
        body list block
        method list block
        query_string list block
        single_header list block
        name required - string
        single_query_argument list block
        name required - string
        uri_path list block
        text_transformation set block
        priority required - number
        type required - string
      - regex_pattern_set_reference_statement list block
        arn required - string
        field_to_match list block
        all_query_arguments list block
        body list block
        method list block
        query_string list block
        single_header list block
        name required - string
        single_query_argument list block
        name required - string
        uri_path list block
        text_transformation set block
        priority required - number
        type required - string
      - size_constraint_statement list block
        comparison_operator required - string
        size required - number
        field_to_match list block
        all_query_arguments list block
        body list block
        method list block
        query_string list block
        single_header list block
        name required - string
        single_query_argument list block
        name required - string
        uri_path list block
        text_transformation set block
        priority required - number
        type required - string
      - sqli_match_statement list block
        field_to_match list block
        all_query_arguments list block
        body list block
        method list block
        query_string list block
        single_header list block
        name required - string
        single_query_argument list block
        name required - string
        uri_path list block
        text_transformation set block
        priority required - number
        type required - string
      - xss_match_statement list block
        field_to_match list block
        all_query_arguments list block
        body list block
        method list block
        query_string list block
        single_header list block
        name required - string
        single_query_argument list block
        name required - string
        uri_path list block
        text_transformation set block
        priority required - number
        type required - string
  - or_statement list block
    - statement list block
      - and_statement list block
        statement list block
        and_statement list block
        statement list block
        byte_match_statement list block
        positional_constraint required - string
        search_string required - string
        field_to_match list block
        all_query_arguments list block
        body list block
        method list block
        query_string list block
        single_header list block
        name required - string
        single_query_argument list block
        name required - string
        uri_path list block
        text_transformation set block
        priority required - number
        type required - string
        geo_match_statement list block
        country_codes required - list of string
        forwarded_ip_config list block
        fallback_behavior required - string
        header_name required - string
        ip_set_reference_statement list block
        arn required - string
        ip_set_forwarded_ip_config list block
        fallback_behavior required - string
        header_name required - string
        position required - string
        regex_pattern_set_reference_statement list block
        arn required - string
        field_to_match list block
        all_query_arguments list block
        body list block
        method list block
        query_string list block
        single_header list block
        name required - string
        single_query_argument list block
        name required - string
        uri_path list block
        text_transformation set block
        priority required - number
        type required - string
        size_constraint_statement list block
        comparison_operator required - string
        size required - number
        field_to_match list block
        all_query_arguments list block
        body list block
        method list block
        query_string list block
        single_header list block
        name required - string
        single_query_argument list block
        name required - string
        uri_path list block
        text_transformation set block
        priority required - number
        type required - string
        sqli_match_statement list block
        field_to_match list block
        all_query_arguments list block
        body list block
        method list block
        query_string list block
        single_header list block
        name required - string
        single_query_argument list block
        name required - string
        uri_path list block
        text_transformation set block
        priority required - number
        type required - string
        xss_match_statement list block
        field_to_match list block
        all_query_arguments list block
        body list block
        method list block
        query_string list block
        single_header list block
        name required - string
        single_query_argument list block
        name required - string
        uri_path list block
        text_transformation set block
        priority required - number
        type required - string
        byte_match_statement list block
        positional_constraint required - string
        search_string required - string
        field_to_match list block
        all_query_arguments list block
        body list block
        method list block
        query_string list block
        single_header list block
        name required - string
        single_query_argument list block
        name required - string
        uri_path list block
        text_transformation set block
        priority required - number
        type required - string
        geo_match_statement list block
        country_codes required - list of string
        forwarded_ip_config list block
        fallback_behavior required - string
        header_name required - string
        ip_set_reference_statement list block
        arn required - string
        ip_set_forwarded_ip_config list block
        fallback_behavior required - string
        header_name required - string
        position required - string
        not_statement list block
        statement list block
        byte_match_statement list block
        positional_constraint required - string
        search_string required - string
        field_to_match list block
        all_query_arguments list block
        body list block
        method list block
        query_string list block
        single_header list block
        name required - string
        single_query_argument list block
        name required - string
        uri_path list block
        text_transformation set block
        priority required - number
        type required - string
        geo_match_statement list block
        country_codes required - list of string
        forwarded_ip_config list block
        fallback_behavior required - string
        header_name required - string
        ip_set_reference_statement list block
        arn required - string
        ip_set_forwarded_ip_config list block
        fallback_behavior required - string
        header_name required - string
        position required - string
        regex_pattern_set_reference_statement list block
        arn required - string
        field_to_match list block
        all_query_arguments list block
        body list block
        method list block
        query_string list block
        single_header list block
        name required - string
        single_query_argument list block
        name required - string
        uri_path list block
        text_transformation set block
        priority required - number
        type required - string
        size_constraint_statement list block
        comparison_operator required - string
        size required - number
        field_to_match list block
        all_query_arguments list block
        body list block
        method list block
        query_string list block
        single_header list block
        name required - string
        single_query_argument list block
        name required - string
        uri_path list block
        text_transformation set block
        priority required - number
        type required - string
        sqli_match_statement list block
        field_to_match list block
        all_query_arguments list block
        body list block
        method list block
        query_string list block
        single_header list block
        name required - string
        single_query_argument list block
        name required - string
        uri_path list block
        text_transformation set block
        priority required - number
        type required - string
        xss_match_statement list block
        field_to_match list block
        all_query_arguments list block
        body list block
        method list block
        query_string list block
        single_header list block
        name required - string
        single_query_argument list block
        name required - string
        uri_path list block
        text_transformation set block
        priority required - number
        type required - string
        or_statement list block
        statement list block
        byte_match_statement list block
        positional_constraint required - string
        search_string required - string
        field_to_match list block
        all_query_arguments list block
        body list block
        method list block
        query_string list block
        single_header list block
        name required - string
        single_query_argument list block
        name required - string
        uri_path list block
        text_transformation set block
        priority required - number
        type required - string
        geo_match_statement list block
        country_codes required - list of string
        forwarded_ip_config list block
        fallback_behavior required - string
        header_name required - string
        ip_set_reference_statement list block
        arn required - string
        ip_set_forwarded_ip_config list block
        fallback_behavior required - string
        header_name required - string
        position required - string
        regex_pattern_set_reference_statement list block
        arn required - string
        field_to_match list block
        all_query_arguments list block
        body list block
        method list block
        query_string list block
        single_header list block
        name required - string
        single_query_argument list block
        name required - string
        uri_path list block
        text_transformation set block
        priority required - number
        type required - string
        size_constraint_statement list block
        comparison_operator required - string
        size required - number
        field_to_match list block
        all_query_arguments list block
        body list block
        method list block
        query_string list block
        single_header list block
        name required - string
        single_query_argument list block
        name required - string
        uri_path list block
        text_transformation set block
        priority required - number
        type required - string
        sqli_match_statement list block
        field_to_match list block
        all_query_arguments list block
        body list block
        method list block
        query_string list block
        single_header list block
        name required - string
        single_query_argument list block
        name required - string
        uri_path list block
        text_transformation set block
        priority required - number
        type required - string
        xss_match_statement list block
        field_to_match list block
        all_query_arguments list block
        body list block
        method list block
        query_string list block
        single_header list block
        name required - string
        single_query_argument list block
        name required - string
        uri_path list block
        text_transformation set block
        priority required - number
        type required - string
        regex_pattern_set_reference_statement list block
        arn required - string
        field_to_match list block
        all_query_arguments list block
        body list block
        method list block
        query_string list block
        single_header list block
        name required - string
        single_query_argument list block
        name required - string
        uri_path list block
        text_transformation set block
        priority required - number
        type required - string
        size_constraint_statement list block
        comparison_operator required - string
        size required - number
        field_to_match list block
        all_query_arguments list block
        body list block
        method list block
        query_string list block
        single_header list block
        name required - string
        single_query_argument list block
        name required - string
        uri_path list block
        text_transformation set block
        priority required - number
        type required - string
        sqli_match_statement list block
        field_to_match list block
        all_query_arguments list block
        body list block
        method list block
        query_string list block
        single_header list block
        name required - string
        single_query_argument list block
        name required - string
        uri_path list block
        text_transformation set block
        priority required - number
        type required - string
        xss_match_statement list block
        field_to_match list block
        all_query_arguments list block
        body list block
        method list block
        query_string list block
        single_header list block
        name required - string
        single_query_argument list block
        name required - string
        uri_path list block
        text_transformation set block
        priority required - number
        type required - string
      - byte_match_statement list block
        positional_constraint required - string
        search_string required - string
        field_to_match list block
        all_query_arguments list block
        body list block
        method list block
        query_string list block
        single_header list block
        name required - string
        single_query_argument list block
        name required - string
        uri_path list block
        text_transformation set block
        priority required - number
        type required - string
      - geo_match_statement list block
        country_codes required - list of string
        forwarded_ip_config list block
        fallback_behavior required - string
        header_name required - string
      - ip_set_reference_statement list block
        arn required - string
        ip_set_forwarded_ip_config list block
        fallback_behavior required - string
        header_name required - string
        position required - string
      - not_statement list block
        statement list block
        and_statement list block
        statement list block
        byte_match_statement list block
        positional_constraint required - string
        search_string required - string
        field_to_match list block
        all_query_arguments list block
        body list block
        method list block
        query_string list block
        single_header list block
        name required - string
        single_query_argument list block
        name required - string
        uri_path list block
        text_transformation set block
        priority required - number
        type required - string
        geo_match_statement list block
        country_codes required - list of string
        forwarded_ip_config list block
        fallback_behavior required - string
        header_name required - string
        ip_set_reference_statement list block
        arn required - string
        ip_set_forwarded_ip_config list block
        fallback_behavior required - string
        header_name required - string
        position required - string
        regex_pattern_set_reference_statement list block
        arn required - string
        field_to_match list block
        all_query_arguments list block
        body list block
        method list block
        query_string list block
        single_header list block
        name required - string
        single_query_argument list block
        name required - string
        uri_path list block
        text_transformation set block
        priority required - number
        type required - string
        size_constraint_statement list block
        comparison_operator required - string
        size required - number
        field_to_match list block
        all_query_arguments list block
        body list block
        method list block
        query_string list block
        single_header list block
        name required - string
        single_query_argument list block
        name required - string
        uri_path list block
        text_transformation set block
        priority required - number
        type required - string
        sqli_match_statement list block
        field_to_match list block
        all_query_arguments list block
        body list block
        method list block
        query_string list block
        single_header list block
        name required - string
        single_query_argument list block
        name required - string
        uri_path list block
        text_transformation set block
        priority required - number
        type required - string
        xss_match_statement list block
        field_to_match list block
        all_query_arguments list block
        body list block
        method list block
        query_string list block
        single_header list block
        name required - string
        single_query_argument list block
        name required - string
        uri_path list block
        text_transformation set block
        priority required - number
        type required - string
        byte_match_statement list block
        positional_constraint required - string
        search_string required - string
        field_to_match list block
        all_query_arguments list block
        body list block
        method list block
        query_string list block
        single_header list block
        name required - string
        single_query_argument list block
        name required - string
        uri_path list block
        text_transformation set block
        priority required - number
        type required - string
        geo_match_statement list block
        country_codes required - list of string
        forwarded_ip_config list block
        fallback_behavior required - string
        header_name required - string
        ip_set_reference_statement list block
        arn required - string
        ip_set_forwarded_ip_config list block
        fallback_behavior required - string
        header_name required - string
        position required - string
        not_statement list block
        statement list block
        byte_match_statement list block
        positional_constraint required - string
        search_string required - string
        field_to_match list block
        all_query_arguments list block
        body list block
        method list block
        query_string list block
        single_header list block
        name required - string
        single_query_argument list block
        name required - string
        uri_path list block
        text_transformation set block
        priority required - number
        type required - string
        geo_match_statement list block
        country_codes required - list of string
        forwarded_ip_config list block
        fallback_behavior required - string
        header_name required - string
        ip_set_reference_statement list block
        arn required - string
        ip_set_forwarded_ip_config list block
        fallback_behavior required - string
        header_name required - string
        position required - string
        regex_pattern_set_reference_statement list block
        arn required - string
        field_to_match list block
        all_query_arguments list block
        body list block
        method list block
        query_string list block
        single_header list block
        name required - string
        single_query_argument list block
        name required - string
        uri_path list block
        text_transformation set block
        priority required - number
        type required - string
        size_constraint_statement list block
        comparison_operator required - string
        size required - number
        field_to_match list block
        all_query_arguments list block
        body list block
        method list block
        query_string list block
        single_header list block
        name required - string
        single_query_argument list block
        name required - string
        uri_path list block
        text_transformation set block
        priority required - number
        type required - string
        sqli_match_statement list block
        field_to_match list block
        all_query_arguments list block
        body list block
        method list block
        query_string list block
        single_header list block
        name required - string
        single_query_argument list block
        name required - string
        uri_path list block
        text_transformation set block
        priority required - number
        type required - string
        xss_match_statement list block
        field_to_match list block
        all_query_arguments list block
        body list block
        method list block
        query_string list block
        single_header list block
        name required - string
        single_query_argument list block
        name required - string
        uri_path list block
        text_transformation set block
        priority required - number
        type required - string
        or_statement list block
        statement list block
        byte_match_statement list block
        positional_constraint required - string
        search_string required - string
        field_to_match list block
        all_query_arguments list block
        body list block
        method list block
        query_string list block
        single_header list block
        name required - string
        single_query_argument list block
        name required - string
        uri_path list block
        text_transformation set block
        priority required - number
        type required - string
        geo_match_statement list block
        country_codes required - list of string
        forwarded_ip_config list block
        fallback_behavior required - string
        header_name required - string
        ip_set_reference_statement list block
        arn required - string
        ip_set_forwarded_ip_config list block
        fallback_behavior required - string
        header_name required - string
        position required - string
        regex_pattern_set_reference_statement list block
        arn required - string
        field_to_match list block
        all_query_arguments list block
        body list block
        method list block
        query_string list block
        single_header list block
        name required - string
        single_query_argument list block
        name required - string
        uri_path list block
        text_transformation set block
        priority required - number
        type required - string
        size_constraint_statement list block
        comparison_operator required - string
        size required - number
        field_to_match list block
        all_query_arguments list block
        body list block
        method list block
        query_string list block
        single_header list block
        name required - string
        single_query_argument list block
        name required - string
        uri_path list block
        text_transformation set block
        priority required - number
        type required - string
        sqli_match_statement list block
        field_to_match list block
        all_query_arguments list block
        body list block
        method list block
        query_string list block
        single_header list block
        name required - string
        single_query_argument list block
        name required - string
        uri_path list block
        text_transformation set block
        priority required - number
        type required - string
        xss_match_statement list block
        field_to_match list block
        all_query_arguments list block
        body list block
        method list block
        query_string list block
        single_header list block
        name required - string
        single_query_argument list block
        name required - string
        uri_path list block
        text_transformation set block
        priority required - number
        type required - string
        regex_pattern_set_reference_statement list block
        arn required - string
        field_to_match list block
        all_query_arguments list block
        body list block
        method list block
        query_string list block
        single_header list block
        name required - string
        single_query_argument list block
        name required - string
        uri_path list block
        text_transformation set block
        priority required - number
        type required - string
        size_constraint_statement list block
        comparison_operator required - string
        size required - number
        field_to_match list block
        all_query_arguments list block
        body list block
        method list block
        query_string list block
        single_header list block
        name required - string
        single_query_argument list block
        name required - string
        uri_path list block
        text_transformation set block
        priority required - number
        type required - string
        sqli_match_statement list block
        field_to_match list block
        all_query_arguments list block
        body list block
        method list block
        query_string list block
        single_header list block
        name required - string
        single_query_argument list block
        name required - string
        uri_path list block
        text_transformation set block
        priority required - number
        type required - string
        xss_match_statement list block
        field_to_match list block
        all_query_arguments list block
        body list block
        method list block
        query_string list block
        single_header list block
        name required - string
        single_query_argument list block
        name required - string
        uri_path list block
        text_transformation set block
        priority required - number
        type required - string
      - or_statement list block
        statement list block
        and_statement list block
        statement list block
        byte_match_statement list block
        positional_constraint required - string
        search_string required - string
        field_to_match list block
        all_query_arguments list block
        body list block
        method list block
        query_string list block
        single_header list block
        name required - string
        single_query_argument list block
        name required - string
        uri_path list block
        text_transformation set block
        priority required - number
        type required - string
        geo_match_statement list block
        country_codes required - list of string
        forwarded_ip_config list block
        fallback_behavior required - string
        header_name required - string
        ip_set_reference_statement list block
        arn required - string
        ip_set_forwarded_ip_config list block
        fallback_behavior required - string
        header_name required - string
        position required - string
        regex_pattern_set_reference_statement list block
        arn required - string
        field_to_match list block
        all_query_arguments list block
        body list block
        method list block
        query_string list block
        single_header list block
        name required - string
        single_query_argument list block
        name required - string
        uri_path list block
        text_transformation set block
        priority required - number
        type required - string
        size_constraint_statement list block
        comparison_operator required - string
        size required - number
        field_to_match list block
        all_query_arguments list block
        body list block
        method list block
        query_string list block
        single_header list block
        name required - string
        single_query_argument list block
        name required - string
        uri_path list block
        text_transformation set block
        priority required - number
        type required - string
        sqli_match_statement list block
        field_to_match list block
        all_query_arguments list block
        body list block
        method list block
        query_string list block
        single_header list block
        name required - string
        single_query_argument list block
        name required - string
        uri_path list block
        text_transformation set block
        priority required - number
        type required - string
        xss_match_statement list block
        field_to_match list block
        all_query_arguments list block
        body list block
        method list block
        query_string list block
        single_header list block
        name required - string
        single_query_argument list block
        name required - string
        uri_path list block
        text_transformation set block
        priority required - number
        type required - string
        byte_match_statement list block
        positional_constraint required - string
        search_string required - string
        field_to_match list block
        all_query_arguments list block
        body list block
        method list block
        query_string list block
        single_header list block
        name required - string
        single_query_argument list block
        name required - string
        uri_path list block
        text_transformation set block
        priority required - number
        type required - string
        geo_match_statement list block
        country_codes required - list of string
        forwarded_ip_config list block
        fallback_behavior required - string
        header_name required - string
        ip_set_reference_statement list block
        arn required - string
        ip_set_forwarded_ip_config list block
        fallback_behavior required - string
        header_name required - string
        position required - string
        not_statement list block
        statement list block
        byte_match_statement list block
        positional_constraint required - string
        search_string required - string
        field_to_match list block
        all_query_arguments list block
        body list block
        method list block
        query_string list block
        single_header list block
        name required - string
        single_query_argument list block
        name required - string
        uri_path list block
        text_transformation set block
        priority required - number
        type required - string
        geo_match_statement list block
        country_codes required - list of string
        forwarded_ip_config list block
        fallback_behavior required - string
        header_name required - string
        ip_set_reference_statement list block
        arn required - string
        ip_set_forwarded_ip_config list block
        fallback_behavior required - string
        header_name required - string
        position required - string
        regex_pattern_set_reference_statement list block
        arn required - string
        field_to_match list block
        all_query_arguments list block
        body list block
        method list block
        query_string list block
        single_header list block
        name required - string
        single_query_argument list block
        name required - string
        uri_path list block
        text_transformation set block
        priority required - number
        type required - string
        size_constraint_statement list block
        comparison_operator required - string
        size required - number
        field_to_match list block
        all_query_arguments list block
        body list block
        method list block
        query_string list block
        single_header list block
        name required - string
        single_query_argument list block
        name required - string
        uri_path list block
        text_transformation set block
        priority required - number
        type required - string
        sqli_match_statement list block
        field_to_match list block
        all_query_arguments list block
        body list block
        method list block
        query_string list block
        single_header list block
        name required - string
        single_query_argument list block
        name required - string
        uri_path list block
        text_transformation set block
        priority required - number
        type required - string
        xss_match_statement list block
        field_to_match list block
        all_query_arguments list block
        body list block
        method list block
        query_string list block
        single_header list block
        name required - string
        single_query_argument list block
        name required - string
        uri_path list block
        text_transformation set block
        priority required - number
        type required - string
        or_statement list block
        statement list block
        byte_match_statement list block
        positional_constraint required - string
        search_string required - string
        field_to_match list block
        all_query_arguments list block
        body list block
        method list block
        query_string list block
        single_header list block
        name required - string
        single_query_argument list block
        name required - string
        uri_path list block
        text_transformation set block
        priority required - number
        type required - string
        geo_match_statement list block
        country_codes required - list of string
        forwarded_ip_config list block
        fallback_behavior required - string
        header_name required - string
        ip_set_reference_statement list block
        arn required - string
        ip_set_forwarded_ip_config list block
        fallback_behavior required - string
        header_name required - string
        position required - string
        regex_pattern_set_reference_statement list block
        arn required - string
        field_to_match list block
        all_query_arguments list block
        body list block
        method list block
        query_string list block
        single_header list block
        name required - string
        single_query_argument list block
        name required - string
        uri_path list block
        text_transformation set block
        priority required - number
        type required - string
        size_constraint_statement list block
        comparison_operator required - string
        size required - number
        field_to_match list block
        all_query_arguments list block
        body list block
        method list block
        query_string list block
        single_header list block
        name required - string
        single_query_argument list block
        name required - string
        uri_path list block
        text_transformation set block
        priority required - number
        type required - string
        sqli_match_statement list block
        field_to_match list block
        all_query_arguments list block
        body list block
        method list block
        query_string list block
        single_header list block
        name required - string
        single_query_argument list block
        name required - string
        uri_path list block
        text_transformation set block
        priority required - number
        type required - string
        xss_match_statement list block
        field_to_match list block
        all_query_arguments list block
        body list block
        method list block
        query_string list block
        single_header list block
        name required - string
        single_query_argument list block
        name required - string
        uri_path list block
        text_transformation set block
        priority required - number
        type required - string
        regex_pattern_set_reference_statement list block
        arn required - string
        field_to_match list block
        all_query_arguments list block
        body list block
        method list block
        query_string list block
        single_header list block
        name required - string
        single_query_argument list block
        name required - string
        uri_path list block
        text_transformation set block
        priority required - number
        type required - string
        size_constraint_statement list block
        comparison_operator required - string
        size required - number
        field_to_match list block
        all_query_arguments list block
        body list block
        method list block
        query_string list block
        single_header list block
        name required - string
        single_query_argument list block
        name required - string
        uri_path list block
        text_transformation set block
        priority required - number
        type required - string
        sqli_match_statement list block
        field_to_match list block
        all_query_arguments list block
        body list block
        method list block
        query_string list block
        single_header list block
        name required - string
        single_query_argument list block
        name required - string
        uri_path list block
        text_transformation set block
        priority required - number
        type required - string
        xss_match_statement list block
        field_to_match list block
        all_query_arguments list block
        body list block
        method list block
        query_string list block
        single_header list block
        name required - string
        single_query_argument list block
        name required - string
        uri_path list block
        text_transformation set block
        priority required - number
        type required - string
      - regex_pattern_set_reference_statement list block
        arn required - string
        field_to_match list block
        all_query_arguments list block
        body list block
        method list block
        query_string list block
        single_header list block
        name required - string
        single_query_argument list block
        name required - string
        uri_path list block
        text_transformation set block
        priority required - number
        type required - string
      - size_constraint_statement list block
        comparison_operator required - string
        size required - number
        field_to_match list block
        all_query_arguments list block
        body list block
        method list block
        query_string list block
        single_header list block
        name required - string
        single_query_argument list block
        name required - string
        uri_path list block
        text_transformation set block
        priority required - number
        type required - string
      - sqli_match_statement list block
        field_to_match list block
        all_query_arguments list block
        body list block
        method list block
        query_string list block
        single_header list block
        name required - string
        single_query_argument list block
        name required - string
        uri_path list block
        text_transformation set block
        priority required - number
        type required - string
      - xss_match_statement list block
        field_to_match list block
        all_query_arguments list block
        body list block
        method list block
        query_string list block
        single_header list block
        name required - string
        single_query_argument list block
        name required - string
        uri_path list block
        text_transformation set block
        priority required - number
        type required - string
  - rate_based_statement list block
    - aggregate_key_type optional - string
    - limit required - number
    - forwarded_ip_config list block
      - fallback_behavior required - string
      - header_name required - string
    - scope_down_statement list block
      - and_statement list block
        statement list block
        and_statement list block
        statement list block
        byte_match_statement list block
        positional_constraint required - string
        search_string required - string
        field_to_match list block
        all_query_arguments list block
        body list block
        method list block
        query_string list block
        single_header list block
        name required - string
        single_query_argument list block
        name required - string
        uri_path list block
        text_transformation set block
        priority required - number
        type required - string
        geo_match_statement list block
        country_codes required - list of string
        forwarded_ip_config list block
        fallback_behavior required - string
        header_name required - string
        ip_set_reference_statement list block
        arn required - string
        ip_set_forwarded_ip_config list block
        fallback_behavior required - string
        header_name required - string
        position required - string
        regex_pattern_set_reference_statement list block
        arn required - string
        field_to_match list block
        all_query_arguments list block
        body list block
        method list block
        query_string list block
        single_header list block
        name required - string
        single_query_argument list block
        name required - string
        uri_path list block
        text_transformation set block
        priority required - number
        type required - string
        size_constraint_statement list block
        comparison_operator required - string
        size required - number
        field_to_match list block
        all_query_arguments list block
        body list block
        method list block
        query_string list block
        single_header list block
        name required - string
        single_query_argument list block
        name required - string
        uri_path list block
        text_transformation set block
        priority required - number
        type required - string
        sqli_match_statement list block
        field_to_match list block
        all_query_arguments list block
        body list block
        method list block
        query_string list block
        single_header list block
        name required - string
        single_query_argument list block
        name required - string
        uri_path list block
        text_transformation set block
        priority required - number
        type required - string
        xss_match_statement list block
        field_to_match list block
        all_query_arguments list block
        body list block
        method list block
        query_string list block
        single_header list block
        name required - string
        single_query_argument list block
        name required - string
        uri_path list block
        text_transformation set block
        priority required - number
        type required - string
        byte_match_statement list block
        positional_constraint required - string
        search_string required - string
        field_to_match list block
        all_query_arguments list block
        body list block
        method list block
        query_string list block
        single_header list block
        name required - string
        single_query_argument list block
        name required - string
        uri_path list block
        text_transformation set block
        priority required - number
        type required - string
        geo_match_statement list block
        country_codes required - list of string
        forwarded_ip_config list block
        fallback_behavior required - string
        header_name required - string
        ip_set_reference_statement list block
        arn required - string
        ip_set_forwarded_ip_config list block
        fallback_behavior required - string
        header_name required - string
        position required - string
        not_statement list block
        statement list block
        byte_match_statement list block
        positional_constraint required - string
        search_string required - string
        field_to_match list block
        all_query_arguments list block
        body list block
        method list block
        query_string list block
        single_header list block
        name required - string
        single_query_argument list block
        name required - string
        uri_path list block
        text_transformation set block
        priority required - number
        type required - string
        geo_match_statement list block
        country_codes required - list of string
        forwarded_ip_config list block
        fallback_behavior required - string
        header_name required - string
        ip_set_reference_statement list block
        arn required - string
        ip_set_forwarded_ip_config list block
        fallback_behavior required - string
        header_name required - string
        position required - string
        regex_pattern_set_reference_statement list block
        arn required - string
        field_to_match list block
        all_query_arguments list block
        body list block
        method list block
        query_string list block
        single_header list block
        name required - string
        single_query_argument list block
        name required - string
        uri_path list block
        text_transformation set block
        priority required - number
        type required - string
        size_constraint_statement list block
        comparison_operator required - string
        size required - number
        field_to_match list block
        all_query_arguments list block
        body list block
        method list block
        query_string list block
        single_header list block
        name required - string
        single_query_argument list block
        name required - string
        uri_path list block
        text_transformation set block
        priority required - number
        type required - string
        sqli_match_statement list block
        field_to_match list block
        all_query_arguments list block
        body list block
        method list block
        query_string list block
        single_header list block
        name required - string
        single_query_argument list block
        name required - string
        uri_path list block
        text_transformation set block
        priority required - number
        type required - string
        xss_match_statement list block
        field_to_match list block
        all_query_arguments list block
        body list block
        method list block
        query_string list block
        single_header list block
        name required - string
        single_query_argument list block
        name required - string
        uri_path list block
        text_transformation set block
        priority required - number
        type required - string
        or_statement list block
        statement list block
        byte_match_statement list block
        positional_constraint required - string
        search_string required - string
        field_to_match list block
        all_query_arguments list block
        body list block
        method list block
        query_string list block
        single_header list block
        name required - string
        single_query_argument list block
        name required - string
        uri_path list block
        text_transformation set block
        priority required - number
        type required - string
        geo_match_statement list block
        country_codes required - list of string
        forwarded_ip_config list block
        fallback_behavior required - string
        header_name required - string
        ip_set_reference_statement list block
        arn required - string
        ip_set_forwarded_ip_config list block
        fallback_behavior required - string
        header_name required - string
        position required - string
        regex_pattern_set_reference_statement list block
        arn required - string
        field_to_match list block
        all_query_arguments list block
        body list block
        method list block
        query_string list block
        single_header list block
        name required - string
        single_query_argument list block
        name required - string
        uri_path list block
        text_transformation set block
        priority required - number
        type required - string
        size_constraint_statement list block
        comparison_operator required - string
        size required - number
        field_to_match list block
        all_query_arguments list block
        body list block
        method list block
        query_string list block
        single_header list block
        name required - string
        single_query_argument list block
        name required - string
        uri_path list block
        text_transformation set block
        priority required - number
        type required - string
        sqli_match_statement list block
        field_to_match list block
        all_query_arguments list block
        body list block
        method list block
        query_string list block
        single_header list block
        name required - string
        single_query_argument list block
        name required - string
        uri_path list block
        text_transformation set block
        priority required - number
        type required - string
        xss_match_statement list block
        field_to_match list block
        all_query_arguments list block
        body list block
        method list block
        query_string list block
        single_header list block
        name required - string
        single_query_argument list block
        name required - string
        uri_path list block
        text_transformation set block
        priority required - number
        type required - string
        regex_pattern_set_reference_statement list block
        arn required - string
        field_to_match list block
        all_query_arguments list block
        body list block
        method list block
        query_string list block
        single_header list block
        name required - string
        single_query_argument list block
        name required - string
        uri_path list block
        text_transformation set block
        priority required - number
        type required - string
        size_constraint_statement list block
        comparison_operator required - string
        size required - number
        field_to_match list block
        all_query_arguments list block
        body list block
        method list block
        query_string list block
        single_header list block
        name required - string
        single_query_argument list block
        name required - string
        uri_path list block
        text_transformation set block
        priority required - number
        type required - string
        sqli_match_statement list block
        field_to_match list block
        all_query_arguments list block
        body list block
        method list block
        query_string list block
        single_header list block
        name required - string
        single_query_argument list block
        name required - string
        uri_path list block
        text_transformation set block
        priority required - number
        type required - string
        xss_match_statement list block
        field_to_match list block
        all_query_arguments list block
        body list block
        method list block
        query_string list block
        single_header list block
        name required - string
        single_query_argument list block
        name required - string
        uri_path list block
        text_transformation set block
        priority required - number
        type required - string
      - byte_match_statement list block
        positional_constraint required - string
        search_string required - string
        field_to_match list block
        all_query_arguments list block
        body list block
        method list block
        query_string list block
        single_header list block
        name required - string
        single_query_argument list block
        name required - string
        uri_path list block
        text_transformation set block
        priority required - number
        type required - string
      - geo_match_statement list block
        country_codes required - list of string
        forwarded_ip_config list block
        fallback_behavior required - string
        header_name required - string
      - ip_set_reference_statement list block
        arn required - string
        ip_set_forwarded_ip_config list block
        fallback_behavior required - string
        header_name required - string
        position required - string
      - not_statement list block
        statement list block
        and_statement list block
        statement list block
        byte_match_statement list block
        positional_constraint required - string
        search_string required - string
        field_to_match list block
        all_query_arguments list block
        body list block
        method list block
        query_string list block
        single_header list block
        name required - string
        single_query_argument list block
        name required - string
        uri_path list block
        text_transformation set block
        priority required - number
        type required - string
        geo_match_statement list block
        country_codes required - list of string
        forwarded_ip_config list block
        fallback_behavior required - string
        header_name required - string
        ip_set_reference_statement list block
        arn required - string
        ip_set_forwarded_ip_config list block
        fallback_behavior required - string
        header_name required - string
        position required - string
        regex_pattern_set_reference_statement list block
        arn required - string
        field_to_match list block
        all_query_arguments list block
        body list block
        method list block
        query_string list block
        single_header list block
        name required - string
        single_query_argument list block
        name required - string
        uri_path list block
        text_transformation set block
        priority required - number
        type required - string
        size_constraint_statement list block
        comparison_operator required - string
        size required - number
        field_to_match list block
        all_query_arguments list block
        body list block
        method list block
        query_string list block
        single_header list block
        name required - string
        single_query_argument list block
        name required - string
        uri_path list block
        text_transformation set block
        priority required - number
        type required - string
        sqli_match_statement list block
        field_to_match list block
        all_query_arguments list block
        body list block
        method list block
        query_string list block
        single_header list block
        name required - string
        single_query_argument list block
        name required - string
        uri_path list block
        text_transformation set block
        priority required - number
        type required - string
        xss_match_statement list block
        field_to_match list block
        all_query_arguments list block
        body list block
        method list block
        query_string list block
        single_header list block
        name required - string
        single_query_argument list block
        name required - string
        uri_path list block
        text_transformation set block
        priority required - number
        type required - string
        byte_match_statement list block
        positional_constraint required - string
        search_string required - string
        field_to_match list block
        all_query_arguments list block
        body list block
        method list block
        query_string list block
        single_header list block
        name required - string
        single_query_argument list block
        name required - string
        uri_path list block
        text_transformation set block
        priority required - number
        type required - string
        geo_match_statement list block
        country_codes required - list of string
        forwarded_ip_config list block
        fallback_behavior required - string
        header_name required - string
        ip_set_reference_statement list block
        arn required - string
        ip_set_forwarded_ip_config list block
        fallback_behavior required - string
        header_name required - string
        position required - string
        not_statement list block
        statement list block
        byte_match_statement list block
        positional_constraint required - string
        search_string required - string
        field_to_match list block
        all_query_arguments list block
        body list block
        method list block
        query_string list block
        single_header list block
        name required - string
        single_query_argument list block
        name required - string
        uri_path list block
        text_transformation set block
        priority required - number
        type required - string
        geo_match_statement list block
        country_codes required - list of string
        forwarded_ip_config list block
        fallback_behavior required - string
        header_name required - string
        ip_set_reference_statement list block
        arn required - string
        ip_set_forwarded_ip_config list block
        fallback_behavior required - string
        header_name required - string
        position required - string
        regex_pattern_set_reference_statement list block
        arn required - string
        field_to_match list block
        all_query_arguments list block
        body list block
        method list block
        query_string list block
        single_header list block
        name required - string
        single_query_argument list block
        name required - string
        uri_path list block
        text_transformation set block
        priority required - number
        type required - string
        size_constraint_statement list block
        comparison_operator required - string
        size required - number
        field_to_match list block
        all_query_arguments list block
        body list block
        method list block
        query_string list block
        single_header list block
        name required - string
        single_query_argument list block
        name required - string
        uri_path list block
        text_transformation set block
        priority required - number
        type required - string
        sqli_match_statement list block
        field_to_match list block
        all_query_arguments list block
        body list block
        method list block
        query_string list block
        single_header list block
        name required - string
        single_query_argument list block
        name required - string
        uri_path list block
        text_transformation set block
        priority required - number
        type required - string
        xss_match_statement list block
        field_to_match list block
        all_query_arguments list block
        body list block
        method list block
        query_string list block
        single_header list block
        name required - string
        single_query_argument list block
        name required - string
        uri_path list block
        text_transformation set block
        priority required - number
        type required - string
        or_statement list block
        statement list block
        byte_match_statement list block
        positional_constraint required - string
        search_string required - string
        field_to_match list block
        all_query_arguments list block
        body list block
        method list block
        query_string list block
        single_header list block
        name required - string
        single_query_argument list block
        name required - string
        uri_path list block
        text_transformation set block
        priority required - number
        type required - string
        geo_match_statement list block
        country_codes required - list of string
        forwarded_ip_config list block
        fallback_behavior required - string
        header_name required - string
        ip_set_reference_statement list block
        arn required - string
        ip_set_forwarded_ip_config list block
        fallback_behavior required - string
        header_name required - string
        position required - string
        regex_pattern_set_reference_statement list block
        arn required - string
        field_to_match list block
        all_query_arguments list block
        body list block
        method list block
        query_string list block
        single_header list block
        name required - string
        single_query_argument list block
        name required - string
        uri_path list block
        text_transformation set block
        priority required - number
        type required - string
        size_constraint_statement list block
        comparison_operator required - string
        size required - number
        field_to_match list block
        all_query_arguments list block
        body list block
        method list block
        query_string list block
        single_header list block
        name required - string
        single_query_argument list block
        name required - string
        uri_path list block
        text_transformation set block
        priority required - number
        type required - string
        sqli_match_statement list block
        field_to_match list block
        all_query_arguments list block
        body list block
        method list block
        query_string list block
        single_header list block
        name required - string
        single_query_argument list block
        name required - string
        uri_path list block
        text_transformation set block
        priority required - number
        type required - string
        xss_match_statement list block
        field_to_match list block
        all_query_arguments list block
        body list block
        method list block
        query_string list block
        single_header list block
        name required - string
        single_query_argument list block
        name required - string
        uri_path list block
        text_transformation set block
        priority required - number
        type required - string
        regex_pattern_set_reference_statement list block
        arn required - string
        field_to_match list block
        all_query_arguments list block
        body list block
        method list block
        query_string list block
        single_header list block
        name required - string
        single_query_argument list block
        name required - string
        uri_path list block
        text_transformation set block
        priority required - number
        type required - string
        size_constraint_statement list block
        comparison_operator required - string
        size required - number
        field_to_match list block
        all_query_arguments list block
        body list block
        method list block
        query_string list block
        single_header list block
        name required - string
        single_query_argument list block
        name required - string
        uri_path list block
        text_transformation set block
        priority required - number
        type required - string
        sqli_match_statement list block
        field_to_match list block
        all_query_arguments list block
        body list block
        method list block
        query_string list block
        single_header list block
        name required - string
        single_query_argument list block
        name required - string
        uri_path list block
        text_transformation set block
        priority required - number
        type required - string
        xss_match_statement list block
        field_to_match list block
        all_query_arguments list block
        body list block
        method list block
        query_string list block
        single_header list block
        name required - string
        single_query_argument list block
        name required - string
        uri_path list block
        text_transformation set block
        priority required - number
        type required - string
      - or_statement list block
        statement list block
        and_statement list block
        statement list block
        byte_match_statement list block
        positional_constraint required - string
        search_string required - string
        field_to_match list block
        all_query_arguments list block
        body list block
        method list block
        query_string list block
        single_header list block
        name required - string
        single_query_argument list block
        name required - string
        uri_path list block
        text_transformation set block
        priority required - number
        type required - string
        geo_match_statement list block
        country_codes required - list of string
        forwarded_ip_config list block
        fallback_behavior required - string
        header_name required - string
        ip_set_reference_statement list block
        arn required - string
        ip_set_forwarded_ip_config list block
        fallback_behavior required - string
        header_name required - string
        position required - string
        regex_pattern_set_reference_statement list block
        arn required - string
        field_to_match list block
        all_query_arguments list block
        body list block
        method list block
        query_string list block
        single_header list block
        name required - string
        single_query_argument list block
        name required - string
        uri_path list block
        text_transformation set block
        priority required - number
        type required - string
        size_constraint_statement list block
        comparison_operator required - string
        size required - number
        field_to_match list block
        all_query_arguments list block
        body list block
        method list block
        query_string list block
        single_header list block
        name required - string
        single_query_argument list block
        name required - string
        uri_path list block
        text_transformation set block
        priority required - number
        type required - string
        sqli_match_statement list block
        field_to_match list block
        all_query_arguments list block
        body list block
        method list block
        query_string list block
        single_header list block
        name required - string
        single_query_argument list block
        name required - string
        uri_path list block
        text_transformation set block
        priority required - number
        type required - string
        xss_match_statement list block
        field_to_match list block
        all_query_arguments list block
        body list block
        method list block
        query_string list block
        single_header list block
        name required - string
        single_query_argument list block
        name required - string
        uri_path list block
        text_transformation set block
        priority required - number
        type required - string
        byte_match_statement list block
        positional_constraint required - string
        search_string required - string
        field_to_match list block
        all_query_arguments list block
        body list block
        method list block
        query_string list block
        single_header list block
        name required - string
        single_query_argument list block
        name required - string
        uri_path list block
        text_transformation set block
        priority required - number
        type required - string
        geo_match_statement list block
        country_codes required - list of string
        forwarded_ip_config list block
        fallback_behavior required - string
        header_name required - string
        ip_set_reference_statement list block
        arn required - string
        ip_set_forwarded_ip_config list block
        fallback_behavior required - string
        header_name required - string
        position required - string
        not_statement list block
        statement list block
        byte_match_statement list block
        positional_constraint required - string
        search_string required - string
        field_to_match list block
        all_query_arguments list block
        body list block
        method list block
        query_string list block
        single_header list block
        name required - string
        single_query_argument list block
        name required - string
        uri_path list block
        text_transformation set block
        priority required - number
        type required - string
        geo_match_statement list block
        country_codes required - list of string
        forwarded_ip_config list block
        fallback_behavior required - string
        header_name required - string
        ip_set_reference_statement list block
        arn required - string
        ip_set_forwarded_ip_config list block
        fallback_behavior required - string
        header_name required - string
        position required - string
        regex_pattern_set_reference_statement list block
        arn required - string
        field_to_match list block
        all_query_arguments list block
        body list block
        method list block
        query_string list block
        single_header list block
        name required - string
        single_query_argument list block
        name required - string
        uri_path list block
        text_transformation set block
        priority required - number
        type required - string
        size_constraint_statement list block
        comparison_operator required - string
        size required - number
        field_to_match list block
        all_query_arguments list block
        body list block
        method list block
        query_string list block
        single_header list block
        name required - string
        single_query_argument list block
        name required - string
        uri_path list block
        text_transformation set block
        priority required - number
        type required - string
        sqli_match_statement list block
        field_to_match list block
        all_query_arguments list block
        body list block
        method list block
        query_string list block
        single_header list block
        name required - string
        single_query_argument list block
        name required - string
        uri_path list block
        text_transformation set block
        priority required - number
        type required - string
        xss_match_statement list block
        field_to_match list block
        all_query_arguments list block
        body list block
        method list block
        query_string list block
        single_header list block
        name required - string
        single_query_argument list block
        name required - string
        uri_path list block
        text_transformation set block
        priority required - number
        type required - string
        or_statement list block
        statement list block
        byte_match_statement list block
        positional_constraint required - string
        search_string required - string
        field_to_match list block
        all_query_arguments list block
        body list block
        method list block
        query_string list block
        single_header list block
        name required - string
        single_query_argument list block
        name required - string
        uri_path list block
        text_transformation set block
        priority required - number
        type required - string
        geo_match_statement list block
        country_codes required - list of string
        forwarded_ip_config list block
        fallback_behavior required - string
        header_name required - string
        ip_set_reference_statement list block
        arn required - string
        ip_set_forwarded_ip_config list block
        fallback_behavior required - string
        header_name required - string
        position required - string
        regex_pattern_set_reference_statement list block
        arn required - string
        field_to_match list block
        all_query_arguments list block
        body list block
        method list block
        query_string list block
        single_header list block
        name required - string
        single_query_argument list block
        name required - string
        uri_path list block
        text_transformation set block
        priority required - number
        type required - string
        size_constraint_statement list block
        comparison_operator required - string
        size required - number
        field_to_match list block
        all_query_arguments list block
        body list block
        method list block
        query_string list block
        single_header list block
        name required - string
        single_query_argument list block
        name required - string
        uri_path list block
        text_transformation set block
        priority required - number
        type required - string
        sqli_match_statement list block
        field_to_match list block
        all_query_arguments list block
        body list block
        method list block
        query_string list block
        single_header list block
        name required - string
        single_query_argument list block
        name required - string
        uri_path list block
        text_transformation set block
        priority required - number
        type required - string
        xss_match_statement list block
        field_to_match list block
        all_query_arguments list block
        body list block
        method list block
        query_string list block
        single_header list block
        name required - string
        single_query_argument list block
        name required - string
        uri_path list block
        text_transformation set block
        priority required - number
        type required - string
        regex_pattern_set_reference_statement list block
        arn required - string
        field_to_match list block
        all_query_arguments list block
        body list block
        method list block
        query_string list block
        single_header list block
        name required - string
        single_query_argument list block
        name required - string
        uri_path list block
        text_transformation set block
        priority required - number
        type required - string
        size_constraint_statement list block
        comparison_operator required - string
        size required - number
        field_to_match list block
        all_query_arguments list block
        body list block
        method list block
        query_string list block
        single_header list block
        name required - string
        single_query_argument list block
        name required - string
        uri_path list block
        text_transformation set block
        priority required - number
        type required - string
        sqli_match_statement list block
        field_to_match list block
        all_query_arguments list block
        body list block
        method list block
        query_string list block
        single_header list block
        name required - string
        single_query_argument list block
        name required - string
        uri_path list block
        text_transformation set block
        priority required - number
        type required - string
        xss_match_statement list block
        field_to_match list block
        all_query_arguments list block
        body list block
        method list block
        query_string list block
        single_header list block
        name required - string
        single_query_argument list block
        name required - string
        uri_path list block
        text_transformation set block
        priority required - number
        type required - string
      - regex_pattern_set_reference_statement list block
        arn required - string
        field_to_match list block
        all_query_arguments list block
        body list block
        method list block
        query_string list block
        single_header list block
        name required - string
        single_query_argument list block
        name required - string
        uri_path list block
        text_transformation set block
        priority required - number
        type required - string
      - size_constraint_statement list block
        comparison_operator required - string
        size required - number
        field_to_match list block
        all_query_arguments list block
        body list block
        method list block
        query_string list block
        single_header list block
        name required - string
        single_query_argument list block
        name required - string
        uri_path list block
        text_transformation set block
        priority required - number
        type required - string
      - sqli_match_statement list block
        field_to_match list block
        all_query_arguments list block
        body list block
        method list block
        query_string list block
        single_header list block
        name required - string
        single_query_argument list block
        name required - string
        uri_path list block
        text_transformation set block
        priority required - number
        type required - string
      - xss_match_statement list block
        field_to_match list block
        all_query_arguments list block
        body list block
        method list block
        query_string list block
        single_header list block
        name required - string
        single_query_argument list block
        name required - string
        uri_path list block
        text_transformation set block
        priority required - number
        type required - string
  - regex_pattern_set_reference_statement list block
    - arn required - string
    - field_to_match list block
      - all_query_arguments list block
      - body list block
      - method list block
      - query_string list block
      - single_header list block
        name required - string
      - single_query_argument list block
        name required - string
      - uri_path list block
    - text_transformation set block
      - priority required - number
      - type required - string
  - rule_group_reference_statement list block
    - arn required - string
    - excluded_rule list block
      - name required - string
  - size_constraint_statement list block
    - comparison_operator required - string
    - size required - number
    - field_to_match list block
      - all_query_arguments list block
      - body list block
      - method list block
      - query_string list block
      - single_header list block
        name required - string
      - single_query_argument list block
        name required - string
      - uri_path list block
    - text_transformation set block
      - priority required - number
      - type required - string
  - sqli_match_statement list block
    - field_to_match list block
      - all_query_arguments list block
      - body list block
      - method list block
      - query_string list block
      - single_header list block
        name required - string
      - single_query_argument list block
        name required - string
      - uri_path list block
    - text_transformation set block
      - priority required - number
      - type required - string
  - xss_match_statement list block
    - field_to_match list block
      - all_query_arguments list block
      - body list block
      - method list block
      - query_string list block
      - single_header list block
        name required - string
      - single_query_argument list block
        name required - string
      - uri_path list block
    - text_transformation set block
      - priority required - number
      - type required - string
- visibility_config list block
  - cloudwatch_metrics_enabled required - bool
  - metric_name required - string
  - sampled_requests_enabled required - bool
visibility_config list block
- cloudwatch_metrics_enabled required - bool
- metric_name required - string
- sampled_requests_enabled required - bool

>> from Terraform Registry

Explanation in Terraform Registry

Creates a WAFv2 Web ACL resource.

>> from Terraform Registry

AWS::WAFv2::WebACL (CloudFormation)

The WebACL in WAFv2 can be configured in CloudFormation with the resource name AWS::WAFv2::WebACL. The following sections describe 10 examples of how to use the resource and its parameters.

Example Usage from GitHub

seunremi/WAF-DEPLOYMENT

WAF.yml#L5

    Type: AWS::WAFv2::WebACL
    Properties:
      Name: name-WAF
      Scope: REGIONAL
      Description: This is the Peoplesoft92 ALB WAF
      DefaultAction:

bcx-exa/template_micro_frontend_core

website-waf.yml#L3

    Type: AWS::WAFv2::WebACL
    Properties:
      Name: ExampleWebACL
      Scope: REGIONAL
      Description: This is an example WebACL
      DefaultAction:

bcx-exa/open_source_triple_continent_traditional

waf.serverless.yml#L3

    Type: AWS::WAFv2::WebACL
    Properties:
      Name: ${env:REGION}-waf
      Scope: CLOUDFRONT
      Description: Waf Used by Cloudfront
      DefaultAction:

fares-data-build-tool/fdbt-aws

waf.yml#L29

    Type: AWS::WAFv2::WebACL
    Properties:
      Name: !Sub ${ProductName}-waf-restrict-cloudfront-access-${Stage}
      Scope: REGIONAL
      Description: Restricts access to CloudFront
      DefaultAction:

nekoze-climber/slsTestWebApp

waf.yml#L12

    Type: AWS::WAFv2::WebACL
    Properties:
      DefaultAction:
        BLOCK: {}
      Description: WebACL for SlsTestWebApp Access.
      Name: SlsTestWebAppWebACL

elifesciences/builder

project-with-waf.json#L84

            "Type": "AWS::WAFv2::WebACL"
        },
        "WAFAssociation1": {
            "Properties": {
                "ResourceArn": "arn:aws:iam::...:...",
                "WebACLArn": {

aws-quickstart/qs-cfn-lint-rules

EWAFv2WebACLProhibited.json#L6

      "Type": "AWS::WAFv2::WebACL",
      "Properties": {
        "DefaultAction": {
          "Allow": [
            "Stuff"
          ]

fireflycons/Firefly.CloudFormationParser

api-enhanced-observability-variables_template.json#L35

            "Type": "AWS::WAFv2::WebACL",
            "Properties": {
                "DefaultAction": {
                    "Allow": {}
                },
                "Description": "Application WAF",

awslabs/performance-dashboard-on-aws

WAF-enterprise-only.json#L34

      "Type": "AWS::WAFv2::WebACL",
      "Condition": "RestrictPublicDashboardToEnterprise",
      "Properties": {
        "DefaultAction": {
          "Allow": {}
        },

GovTechSG/terraform-waf-v2-es

wafv2.json#L33

      "Type": "AWS::WAFv2::WebACL",
      "Properties": {
        "DefaultAction": {
          "Allow": {}
        },
        "Name": {

Parameters

DefaultAction required - DefaultAction
Description optional - String
Name optional - String
Scope required - String
Rules optional - List of Rule
VisibilityConfig required - VisibilityConfig
Tags optional - List of Tag
CustomResponseBodies optional - Map of CustomResponseBody

>> from AWS CloudFormation Documentation

Explanation in CloudFormation Registry

Note This is the latest version of AWS WAF, named AWS WAFV2, released in November, 2019. For information, including how to migrate your AWS WAF resources from the prior release, see the AWS WAF Developer Guide. Use an AWS::WAFv2::WebACL to define a collection of rules to use to inspect and control web requests. Each rule has an action defined (allow, block, or count) for requests that match the statement of the rule. In the web ACL, you assign a default action to take (allow, block) for any request that does not match any of the rules. The rules in a web ACL can contain rule statements that you define explicitly and rule statements that reference rule groups and managed rule groups. You can associate a web ACL with one or more AWS resources to protect. The resources can be an Amazon CloudFront distribution, an Amazon API Gateway REST API, an Application Load Balancer, or an AWS AppSync GraphQL API.

>> from AWS CloudFormation Documentation

The Other Related AWS WAF V2 Resources

AWS WAF V2 IP Set

AWS WAF V2 Regex Pattern Set

AWS WAF V2 Rule Group

AWS WAF V2 Web ACL Association

AWS WAF V2 Web ACL Logging Configuration

Frequently asked questions

What is AWS WAF V2 Web ACL?

AWS WAF V2 Web ACL is a resource for WAF V2 of Amazon Web Service. Settings can be wrote in Terraform and CloudFormation.

Where can I find the example code for the AWS WAF V2 Web ACL?

For Terraform, the andrzejsydor/aws, Ndomi/terraform and bridgecrewio/checkov source code examples are useful. See the Terraform Example section for further details.

For CloudFormation, the seunremi/WAF-DEPLOYMENT, bcx-exa/template_micro_frontend_core and bcx-exa/open_source_triple_continent_traditional source code examples are useful. See the CloudFormation Example section for further details.

Automate config file reviews on your commits

Fix issues in your infrastructure as code with auto-generated patches.

aws_wafv2_web_acl
AWS::WAFv2::WebACL
Frequently asked questions

AWS WAF V2 Web ACL

Review your .tf file for AWS best practices

aws_wafv2_web_acl (Terraform)

Example Usage from GitHub

Review your Terraform file for AWS best practices

Parameters

Explanation in Terraform Registry

AWS::WAFv2::WebACL (CloudFormation)

Example Usage from GitHub

Parameters

Explanation in CloudFormation Registry

The Other Related AWS WAF V2 Resources

Frequently asked questions

What is AWS WAF V2 Web ACL?

Where can I find the example code for the AWS WAF V2 Web ACL?

Automate config file reviews on your commits

Table of Contents