Amazon WAF · Schema
AWS WAF Web ACL
Schema representing an AWS WAF Web ACL (Access Control List) resource.
Bot ManagementDdos ProtectionSecurityWAFWeb Application Firewall
Properties
| Name | Type | Description |
|---|---|---|
| Name | string | The name of the web ACL. |
| Id | string | A unique identifier for the web ACL. |
| ARN | string | The Amazon Resource Name (ARN) of the web ACL. |
| Scope | string | Specifies whether this is for CloudFront or for a regional application. |
| DefaultAction | object | The action to perform if none of the rules match. |
| Rules | array | The rules associated with the web ACL. |
| VisibilityConfig | object | Defines the CloudWatch metrics and sampling configuration. |
| Capacity | integer | The web ACL capacity units (WCUs) consumed by this web ACL. |
| LockToken | string | A token for optimistic locking. |
| Tags | array | Tags associated with the web ACL. |
JSON Schema
{
"$schema": "https://json-schema.org/draft/2020-12/schema",
"$id": "https://wafv2.amazonaws.com/schemas/web-acl",
"title": "AWS WAF Web ACL",
"description": "Schema representing an AWS WAF Web ACL (Access Control List) resource.",
"type": "object",
"required": [
"Name",
"Scope",
"DefaultAction",
"VisibilityConfig"
],
"properties": {
"Name": {
"type": "string",
"description": "The name of the web ACL.",
"minLength": 1,
"maxLength": 128,
"pattern": "^[\\w+=:#@/\\-,.][\\w+=:#@/\\-,.\\s]+[\\w+=:#@/\\-,.]$"
},
"Id": {
"type": "string",
"description": "A unique identifier for the web ACL.",
"minLength": 1,
"maxLength": 36,
"pattern": "^[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}$"
},
"ARN": {
"type": "string",
"description": "The Amazon Resource Name (ARN) of the web ACL.",
"pattern": "^arn:aws:wafv2:.+:.+:.*/(web)?acl/.+"
},
"Scope": {
"type": "string",
"description": "Specifies whether this is for CloudFront or for a regional application.",
"enum": [
"CLOUDFRONT",
"REGIONAL"
]
},
"DefaultAction": {
"type": "object",
"description": "The action to perform if none of the rules match.",
"properties": {
"Allow": {
"type": "object",
"description": "Allow the request."
},
"Block": {
"type": "object",
"description": "Block the request."
}
}
},
"Rules": {
"type": "array",
"description": "The rules associated with the web ACL.",
"items": {
"$ref": "#/$defs/Rule"
}
},
"VisibilityConfig": {
"$ref": "#/$defs/VisibilityConfig",
"description": "Defines the CloudWatch metrics and sampling configuration."
},
"Capacity": {
"type": "integer",
"description": "The web ACL capacity units (WCUs) consumed by this web ACL."
},
"LockToken": {
"type": "string",
"description": "A token for optimistic locking."
},
"Tags": {
"type": "array",
"description": "Tags associated with the web ACL.",
"items": {
"$ref": "#/$defs/Tag"
}
}
},
"$defs": {
"Rule": {
"type": "object",
"description": "A single rule in a web ACL.",
"required": [
"Name",
"Priority",
"VisibilityConfig"
],
"properties": {
"Name": {
"type": "string",
"description": "The name of the rule."
},
"Priority": {
"type": "integer",
"description": "The processing priority of the rule."
},
"Action": {
"type": "object",
"description": "The action to perform when the rule matches."
},
"OverrideAction": {
"type": "object",
"description": "The override action to apply to rules in a rule group."
},
"VisibilityConfig": {
"$ref": "#/$defs/VisibilityConfig"
}
}
},
"VisibilityConfig": {
"type": "object",
"description": "Visibility configuration for CloudWatch metrics and request sampling.",
"required": [
"SampledRequestsEnabled",
"CloudWatchMetricsEnabled",
"MetricName"
],
"properties": {
"SampledRequestsEnabled": {
"type": "boolean"
},
"CloudWatchMetricsEnabled": {
"type": "boolean"
},
"MetricName": {
"type": "string"
}
}
},
"Tag": {
"type": "object",
"required": [
"Key",
"Value"
],
"properties": {
"Key": {
"type": "string",
"minLength": 1,
"maxLength": 128
},
"Value": {
"type": "string",
"minLength": 0,
"maxLength": 256
}
}
}
}
}