Create Web Acl
waf_create_web_acl | R Documentation |
This is AWS WAF Classic documentation¶
Description¶
This is AWS WAF Classic documentation. For more information, see AWS WAF Classic in the developer guide.
For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS WAF Developer Guide. With the latest version, AWS WAF has a single set of endpoints for regional and global use.
Creates a WebACL
, which contains the Rules
that identify the
CloudFront web requests that you want to allow, block, or count. AWS WAF
evaluates Rules
in order based on the value of Priority
for each
Rule
.
You also specify a default action, either ALLOW
or BLOCK
. If a web
request doesn't match any of the Rules
in a WebACL
, AWS WAF responds
to the request with the default action.
To create and configure a WebACL
, perform the following steps:
-
Create and update the
ByteMatchSet
objects and other predicates that you want to include inRules
. For more information, seecreate_byte_match_set
,update_byte_match_set
,create_ip_set
,update_ip_set
,create_sql_injection_match_set
, andupdate_sql_injection_match_set
. -
Create and update the
Rules
that you want to include in theWebACL
. For more information, seecreate_rule
andupdate_rule
. -
Use
get_change_token
to get the change token that you provide in theChangeToken
parameter of acreate_web_acl
request. -
Submit a
create_web_acl
request. -
Use
get_change_token
to get the change token that you provide in theChangeToken
parameter of anupdate_web_acl
request. -
Submit an
update_web_acl
request to specify theRules
that you want to include in theWebACL
, to specify the default action, and to associate theWebACL
with a CloudFront distribution.
For more information about how to use the AWS WAF API, see the AWS WAF Developer Guide.
Usage¶
Arguments¶
Name
[required] A friendly name or description of the WebACL. You can't change
Name
after you create theWebACL
.MetricName
[required] A friendly name or description for the metrics for this
WebACL
.The name can contain only alphanumeric characters (A-Z, a-z, 0-9), with maximum length 128 and minimum length one. It can't contain whitespace or metric names reserved for AWS WAF, including "All" and "Default_Action." You can't changeMetricName
after you create theWebACL
.DefaultAction
[required] The action that you want AWS WAF to take when a request doesn't match the criteria specified in any of the
Rule
objects that are associated with theWebACL
.ChangeToken
[required] The value returned by the most recent call to
get_change_token
.Tags
Value¶
A list with the following syntax:
list(
WebACL = list(
WebACLId = "string",
Name = "string",
MetricName = "string",
DefaultAction = list(
Type = "BLOCK"|"ALLOW"|"COUNT"
),
Rules = list(
list(
Priority = 123,
RuleId = "string",
Action = list(
Type = "BLOCK"|"ALLOW"|"COUNT"
),
OverrideAction = list(
Type = "NONE"|"COUNT"
),
Type = "REGULAR"|"RATE_BASED"|"GROUP",
ExcludedRules = list(
list(
RuleId = "string"
)
)
)
),
WebACLArn = "string"
),
ChangeToken = "string"
)
Request syntax¶
svc$create_web_acl(
Name = "string",
MetricName = "string",
DefaultAction = list(
Type = "BLOCK"|"ALLOW"|"COUNT"
),
ChangeToken = "string",
Tags = list(
list(
Key = "string",
Value = "string"
)
)
)
Examples¶
## Not run:
# The following example creates a web ACL named CreateExample.
svc$create_web_acl(
ChangeToken = "abcd12f2-46da-4fdb-b8d5-fbd4c466928f",
DefaultAction = list(
Type = "ALLOW"
),
MetricName = "CreateExample",
Name = "CreateExample"
)
## End(Not run)