AWS::WAFv2::WebACL ManagedRuleGroupConfig

Additional information that's used by a managed rule group. Many managed rule groups don't require this.

Use the AWSManagedRulesBotControlRuleSet configuration object to configure the protection level that you want the Bot Control rule group to use.

Syntax

To declare this entity in your Amazon CloudFormation template, use the following syntax:

JSON


{
  "AWSManagedRulesATPRuleSet" : AWSManagedRulesATPRuleSet,
  "AWSManagedRulesBotControlRuleSet" : AWSManagedRulesBotControlRuleSet,
  "LoginPath" : String,
  "PasswordField" : FieldIdentifier,
  "PayloadType" : String,
  "UsernameField" : FieldIdentifier
}

YAML


  AWSManagedRulesATPRuleSet: 
    AWSManagedRulesATPRuleSet
  AWSManagedRulesBotControlRuleSet: 
    AWSManagedRulesBotControlRuleSet
  LoginPath: String
  PasswordField: 
    FieldIdentifier
  PayloadType: String
  UsernameField: 
    FieldIdentifier

Properties

AWSManagedRulesATPRuleSet

Additional configuration for using the account takeover prevention (ATP) managed rule group, AWSManagedRulesATPRuleSet. Use this to provide login request information to the rule group. For web ACLs that protect CloudFront distributions, use this to also provide the information about how your distribution responds to login requests.

This configuration replaces the individual configuration fields in ManagedRuleGroupConfig and provides additional feature configuration.

For information about using the ATP managed rule group, see Amazon WAF Fraud Control account takeover prevention (ATP) rule group and Amazon WAF Fraud Control account takeover prevention (ATP) in the Amazon WAF Developer Guide.

Required: No

Type: AWSManagedRulesATPRuleSet

Update requires: No interruption

AWSManagedRulesBotControlRuleSet

Additional configuration for using the Bot Control managed rule group. Use this to specify the inspection level that you want to use. For information about using the Bot Control managed rule group, see Amazon WAF Bot Control rule group and Amazon WAF Bot Control in the Amazon WAF Developer Guide.

Required: No

Type: AWSManagedRulesBotControlRuleSet

Update requires: No interruption

LoginPath

Note

Instead of this setting, provide your configuration under AWSManagedRulesATPRuleSet.

Required: No

Type: String

Minimum: 1

Maximum: 256

Pattern: .*\S.*

Update requires: No interruption

PasswordField

Note

Instead of this setting, provide your configuration under AWSManagedRulesATPRuleSet RequestInspection.

Required: No

Type: FieldIdentifier

Update requires: No interruption

PayloadType

Note

Instead of this setting, provide your configuration under AWSManagedRulesATPRuleSet RequestInspection.

Required: No

Type: String

Allowed values: FORM_ENCODED | JSON

Update requires: No interruption

UsernameField

Note

Instead of this setting, provide your configuration under AWSManagedRulesATPRuleSet RequestInspection.

Required: No

Type: FieldIdentifier

Update requires: No interruption

Javascript is disabled or is unavailable in your browser.

To use the Amazon Web Services Documentation, Javascript must be enabled. Please refer to your browser's Help pages for instructions.

LabelMatchStatement

ManagedRuleGroupStatement