Interface CreateWebAclRequest.Builder
- All Superinterfaces:
AwsRequest.Builder
,Buildable
,CopyableBuilder<CreateWebAclRequest.Builder,
,CreateWebAclRequest> SdkBuilder<CreateWebAclRequest.Builder,
,CreateWebAclRequest> SdkPojo
,SdkRequest.Builder
,Wafv2Request.Builder
- Enclosing class:
CreateWebAclRequest
-
Method Summary
Modifier and TypeMethodDescriptiondefault CreateWebAclRequest.Builder
applicationConfig
(Consumer<ApplicationConfig.Builder> applicationConfig) Configures the ability for the WAF console to store and retrieve application attributes during the web ACL creation process.applicationConfig
(ApplicationConfig applicationConfig) Configures the ability for the WAF console to store and retrieve application attributes during the web ACL creation process.default CreateWebAclRequest.Builder
associationConfig
(Consumer<AssociationConfig.Builder> associationConfig) Specifies custom configurations for the associations between the web ACL and protected resources.associationConfig
(AssociationConfig associationConfig) Specifies custom configurations for the associations between the web ACL and protected resources.default CreateWebAclRequest.Builder
captchaConfig
(Consumer<CaptchaConfig.Builder> captchaConfig) Specifies how WAF should handleCAPTCHA
evaluations for rules that don't have their ownCaptchaConfig
settings.captchaConfig
(CaptchaConfig captchaConfig) Specifies how WAF should handleCAPTCHA
evaluations for rules that don't have their ownCaptchaConfig
settings.default CreateWebAclRequest.Builder
challengeConfig
(Consumer<ChallengeConfig.Builder> challengeConfig) Specifies how WAF should handle challenge evaluations for rules that don't have their ownChallengeConfig
settings.challengeConfig
(ChallengeConfig challengeConfig) Specifies how WAF should handle challenge evaluations for rules that don't have their ownChallengeConfig
settings.customResponseBodies
(Map<String, CustomResponseBody> customResponseBodies) A map of custom response keys and content bodies.default CreateWebAclRequest.Builder
dataProtectionConfig
(Consumer<DataProtectionConfig.Builder> dataProtectionConfig) Specifies data protection to apply to the web request data for the web ACL.dataProtectionConfig
(DataProtectionConfig dataProtectionConfig) Specifies data protection to apply to the web request data for the web ACL.default CreateWebAclRequest.Builder
defaultAction
(Consumer<DefaultAction.Builder> defaultAction) The action to perform if none of theRules
contained in theWebACL
match.defaultAction
(DefaultAction defaultAction) The action to perform if none of theRules
contained in theWebACL
match.description
(String description) A description of the web ACL that helps with identification.The name of the web ACL.default CreateWebAclRequest.Builder
onSourceDDoSProtectionConfig
(Consumer<OnSourceDDoSProtectionConfig.Builder> onSourceDDoSProtectionConfig) Specifies the type of DDoS protection to apply to web request data for a web ACL.onSourceDDoSProtectionConfig
(OnSourceDDoSProtectionConfig onSourceDDoSProtectionConfig) Specifies the type of DDoS protection to apply to web request data for a web ACL.overrideConfiguration
(Consumer<AwsRequestOverrideConfiguration.Builder> builderConsumer) Add an optional request override configuration.overrideConfiguration
(AwsRequestOverrideConfiguration overrideConfiguration) Add an optional request override configuration.rules
(Collection<Rule> rules) The Rule statements used to identify the web requests that you want to manage.rules
(Consumer<Rule.Builder>... rules) The Rule statements used to identify the web requests that you want to manage.The Rule statements used to identify the web requests that you want to manage.Specifies whether this is for a global resource type, such as a Amazon CloudFront distribution.Specifies whether this is for a global resource type, such as a Amazon CloudFront distribution.tags
(Collection<Tag> tags) An array of key:value pairs to associate with the resource.tags
(Consumer<Tag.Builder>... tags) An array of key:value pairs to associate with the resource.An array of key:value pairs to associate with the resource.tokenDomains
(String... tokenDomains) Specifies the domains that WAF should accept in a web request token.tokenDomains
(Collection<String> tokenDomains) Specifies the domains that WAF should accept in a web request token.default CreateWebAclRequest.Builder
visibilityConfig
(Consumer<VisibilityConfig.Builder> visibilityConfig) Defines and enables Amazon CloudWatch metrics and web request sample collection.visibilityConfig
(VisibilityConfig visibilityConfig) Defines and enables Amazon CloudWatch metrics and web request sample collection.Methods inherited from interface software.amazon.awssdk.awscore.AwsRequest.Builder
overrideConfiguration
Methods inherited from interface software.amazon.awssdk.utils.builder.CopyableBuilder
copy
Methods inherited from interface software.amazon.awssdk.utils.builder.SdkBuilder
applyMutation, build
Methods inherited from interface software.amazon.awssdk.core.SdkPojo
equalsBySdkFields, sdkFieldNameToField, sdkFields
Methods inherited from interface software.amazon.awssdk.services.wafv2.model.Wafv2Request.Builder
build
-
Method Details
-
name
The name of the web ACL. You cannot change the name of a web ACL after you create it.
- Parameters:
name
- The name of the web ACL. You cannot change the name of a web ACL after you create it.- Returns:
- Returns a reference to this object so that method calls can be chained together.
-
scope
Specifies whether this is for a global resource type, such as a Amazon CloudFront distribution. For an Amplify application, use
CLOUDFRONT
.To work with CloudFront, you must also specify the Region US East (N. Virginia) as follows:
-
CLI - Specify the Region when you use the CloudFront scope:
--scope=CLOUDFRONT --region=us-east-1
. -
API and SDKs - For all calls, use the Region endpoint us-east-1.
- Parameters:
scope
- Specifies whether this is for a global resource type, such as a Amazon CloudFront distribution. For an Amplify application, useCLOUDFRONT
.To work with CloudFront, you must also specify the Region US East (N. Virginia) as follows:
-
CLI - Specify the Region when you use the CloudFront scope:
--scope=CLOUDFRONT --region=us-east-1
. -
API and SDKs - For all calls, use the Region endpoint us-east-1.
-
- Returns:
- Returns a reference to this object so that method calls can be chained together.
- See Also:
-
-
scope
Specifies whether this is for a global resource type, such as a Amazon CloudFront distribution. For an Amplify application, use
CLOUDFRONT
.To work with CloudFront, you must also specify the Region US East (N. Virginia) as follows:
-
CLI - Specify the Region when you use the CloudFront scope:
--scope=CLOUDFRONT --region=us-east-1
. -
API and SDKs - For all calls, use the Region endpoint us-east-1.
- Parameters:
scope
- Specifies whether this is for a global resource type, such as a Amazon CloudFront distribution. For an Amplify application, useCLOUDFRONT
.To work with CloudFront, you must also specify the Region US East (N. Virginia) as follows:
-
CLI - Specify the Region when you use the CloudFront scope:
--scope=CLOUDFRONT --region=us-east-1
. -
API and SDKs - For all calls, use the Region endpoint us-east-1.
-
- Returns:
- Returns a reference to this object so that method calls can be chained together.
- See Also:
-
-
defaultAction
The action to perform if none of the
Rules
contained in theWebACL
match.- Parameters:
defaultAction
- The action to perform if none of theRules
contained in theWebACL
match.- Returns:
- Returns a reference to this object so that method calls can be chained together.
-
defaultAction
The action to perform if none of the
This is a convenience method that creates an instance of theRules
contained in theWebACL
match.DefaultAction.Builder
avoiding the need to create one manually viaDefaultAction.builder()
.When the
Consumer
completes,SdkBuilder.build()
is called immediately and its result is passed todefaultAction(DefaultAction)
.- Parameters:
defaultAction
- a consumer that will call methods onDefaultAction.Builder
- Returns:
- Returns a reference to this object so that method calls can be chained together.
- See Also:
-
description
A description of the web ACL that helps with identification.
- Parameters:
description
- A description of the web ACL that helps with identification.- Returns:
- Returns a reference to this object so that method calls can be chained together.
-
rules
The Rule statements used to identify the web requests that you want to manage. Each rule includes one top-level statement that WAF uses to identify matching web requests, and parameters that govern how WAF handles them.
- Parameters:
rules
- The Rule statements used to identify the web requests that you want to manage. Each rule includes one top-level statement that WAF uses to identify matching web requests, and parameters that govern how WAF handles them.- Returns:
- Returns a reference to this object so that method calls can be chained together.
-
rules
The Rule statements used to identify the web requests that you want to manage. Each rule includes one top-level statement that WAF uses to identify matching web requests, and parameters that govern how WAF handles them.
- Parameters:
rules
- The Rule statements used to identify the web requests that you want to manage. Each rule includes one top-level statement that WAF uses to identify matching web requests, and parameters that govern how WAF handles them.- Returns:
- Returns a reference to this object so that method calls can be chained together.
-
rules
The Rule statements used to identify the web requests that you want to manage. Each rule includes one top-level statement that WAF uses to identify matching web requests, and parameters that govern how WAF handles them.
This is a convenience method that creates an instance of theRule.Builder
avoiding the need to create one manually viaRule.builder()
.When the
Consumer
completes,SdkBuilder.build()
is called immediately and its result is passed torules(List<Rule>)
.- Parameters:
rules
- a consumer that will call methods onRule.Builder
- Returns:
- Returns a reference to this object so that method calls can be chained together.
- See Also:
-
visibilityConfig
Defines and enables Amazon CloudWatch metrics and web request sample collection.
- Parameters:
visibilityConfig
- Defines and enables Amazon CloudWatch metrics and web request sample collection.- Returns:
- Returns a reference to this object so that method calls can be chained together.
-
visibilityConfig
default CreateWebAclRequest.Builder visibilityConfig(Consumer<VisibilityConfig.Builder> visibilityConfig) Defines and enables Amazon CloudWatch metrics and web request sample collection.
This is a convenience method that creates an instance of theVisibilityConfig.Builder
avoiding the need to create one manually viaVisibilityConfig.builder()
.When the
Consumer
completes,SdkBuilder.build()
is called immediately and its result is passed tovisibilityConfig(VisibilityConfig)
.- Parameters:
visibilityConfig
- a consumer that will call methods onVisibilityConfig.Builder
- Returns:
- Returns a reference to this object so that method calls can be chained together.
- See Also:
-
dataProtectionConfig
Specifies data protection to apply to the web request data for the web ACL. This is a web ACL level data protection option.
The data protection that you configure for the web ACL alters the data that's available for any other data collection activity, including your WAF logging destinations, web ACL request sampling, and Amazon Security Lake data collection and management. Your other option for data protection is in the logging configuration, which only affects logging.
- Parameters:
dataProtectionConfig
- Specifies data protection to apply to the web request data for the web ACL. This is a web ACL level data protection option.The data protection that you configure for the web ACL alters the data that's available for any other data collection activity, including your WAF logging destinations, web ACL request sampling, and Amazon Security Lake data collection and management. Your other option for data protection is in the logging configuration, which only affects logging.
- Returns:
- Returns a reference to this object so that method calls can be chained together.
-
dataProtectionConfig
default CreateWebAclRequest.Builder dataProtectionConfig(Consumer<DataProtectionConfig.Builder> dataProtectionConfig) Specifies data protection to apply to the web request data for the web ACL. This is a web ACL level data protection option.
The data protection that you configure for the web ACL alters the data that's available for any other data collection activity, including your WAF logging destinations, web ACL request sampling, and Amazon Security Lake data collection and management. Your other option for data protection is in the logging configuration, which only affects logging.
This is a convenience method that creates an instance of theDataProtectionConfig.Builder
avoiding the need to create one manually viaDataProtectionConfig.builder()
.When the
Consumer
completes,SdkBuilder.build()
is called immediately and its result is passed todataProtectionConfig(DataProtectionConfig)
.- Parameters:
dataProtectionConfig
- a consumer that will call methods onDataProtectionConfig.Builder
- Returns:
- Returns a reference to this object so that method calls can be chained together.
- See Also:
-
tags
An array of key:value pairs to associate with the resource.
- Parameters:
tags
- An array of key:value pairs to associate with the resource.- Returns:
- Returns a reference to this object so that method calls can be chained together.
-
tags
An array of key:value pairs to associate with the resource.
- Parameters:
tags
- An array of key:value pairs to associate with the resource.- Returns:
- Returns a reference to this object so that method calls can be chained together.
-
tags
An array of key:value pairs to associate with the resource.
This is a convenience method that creates an instance of theTag.Builder
avoiding the need to create one manually viaTag.builder()
.When the
Consumer
completes,SdkBuilder.build()
is called immediately and its result is passed totags(List<Tag>)
.- Parameters:
tags
- a consumer that will call methods onTag.Builder
- Returns:
- Returns a reference to this object so that method calls can be chained together.
- See Also:
-
customResponseBodies
CreateWebAclRequest.Builder customResponseBodies(Map<String, CustomResponseBody> customResponseBodies) A map of custom response keys and content bodies. When you create a rule with a block action, you can send a custom response to the web request. You define these for the web ACL, and then use them in the rules and default actions that you define in the web ACL.
For information about customizing web requests and responses, see Customizing web requests and responses in WAF in the WAF Developer Guide.
For information about the limits on count and size for custom request and response settings, see WAF quotas in the WAF Developer Guide.
- Parameters:
customResponseBodies
- A map of custom response keys and content bodies. When you create a rule with a block action, you can send a custom response to the web request. You define these for the web ACL, and then use them in the rules and default actions that you define in the web ACL.For information about customizing web requests and responses, see Customizing web requests and responses in WAF in the WAF Developer Guide.
For information about the limits on count and size for custom request and response settings, see WAF quotas in the WAF Developer Guide.
- Returns:
- Returns a reference to this object so that method calls can be chained together.
-
captchaConfig
Specifies how WAF should handle
CAPTCHA
evaluations for rules that don't have their ownCaptchaConfig
settings. If you don't specify this, WAF uses its default settings forCaptchaConfig
.- Parameters:
captchaConfig
- Specifies how WAF should handleCAPTCHA
evaluations for rules that don't have their ownCaptchaConfig
settings. If you don't specify this, WAF uses its default settings forCaptchaConfig
.- Returns:
- Returns a reference to this object so that method calls can be chained together.
-
captchaConfig
Specifies how WAF should handle
This is a convenience method that creates an instance of theCAPTCHA
evaluations for rules that don't have their ownCaptchaConfig
settings. If you don't specify this, WAF uses its default settings forCaptchaConfig
.CaptchaConfig.Builder
avoiding the need to create one manually viaCaptchaConfig.builder()
.When the
Consumer
completes,SdkBuilder.build()
is called immediately and its result is passed tocaptchaConfig(CaptchaConfig)
.- Parameters:
captchaConfig
- a consumer that will call methods onCaptchaConfig.Builder
- Returns:
- Returns a reference to this object so that method calls can be chained together.
- See Also:
-
challengeConfig
Specifies how WAF should handle challenge evaluations for rules that don't have their own
ChallengeConfig
settings. If you don't specify this, WAF uses its default settings forChallengeConfig
.- Parameters:
challengeConfig
- Specifies how WAF should handle challenge evaluations for rules that don't have their ownChallengeConfig
settings. If you don't specify this, WAF uses its default settings forChallengeConfig
.- Returns:
- Returns a reference to this object so that method calls can be chained together.
-
challengeConfig
default CreateWebAclRequest.Builder challengeConfig(Consumer<ChallengeConfig.Builder> challengeConfig) Specifies how WAF should handle challenge evaluations for rules that don't have their own
This is a convenience method that creates an instance of theChallengeConfig
settings. If you don't specify this, WAF uses its default settings forChallengeConfig
.ChallengeConfig.Builder
avoiding the need to create one manually viaChallengeConfig.builder()
.When the
Consumer
completes,SdkBuilder.build()
is called immediately and its result is passed tochallengeConfig(ChallengeConfig)
.- Parameters:
challengeConfig
- a consumer that will call methods onChallengeConfig.Builder
- Returns:
- Returns a reference to this object so that method calls can be chained together.
- See Also:
-
tokenDomains
Specifies the domains that WAF should accept in a web request token. This enables the use of tokens across multiple protected websites. When WAF provides a token, it uses the domain of the Amazon Web Services resource that the web ACL is protecting. If you don't specify a list of token domains, WAF accepts tokens only for the domain of the protected resource. With a token domain list, WAF accepts the resource's host domain plus all domains in the token domain list, including their prefixed subdomains.
Example JSON:
"TokenDomains": { "mywebsite.com", "myotherwebsite.com" }
Public suffixes aren't allowed. For example, you can't use
gov.au
orco.uk
as token domains.- Parameters:
tokenDomains
- Specifies the domains that WAF should accept in a web request token. This enables the use of tokens across multiple protected websites. When WAF provides a token, it uses the domain of the Amazon Web Services resource that the web ACL is protecting. If you don't specify a list of token domains, WAF accepts tokens only for the domain of the protected resource. With a token domain list, WAF accepts the resource's host domain plus all domains in the token domain list, including their prefixed subdomains.Example JSON:
"TokenDomains": { "mywebsite.com", "myotherwebsite.com" }
Public suffixes aren't allowed. For example, you can't use
gov.au
orco.uk
as token domains.- Returns:
- Returns a reference to this object so that method calls can be chained together.
-
tokenDomains
Specifies the domains that WAF should accept in a web request token. This enables the use of tokens across multiple protected websites. When WAF provides a token, it uses the domain of the Amazon Web Services resource that the web ACL is protecting. If you don't specify a list of token domains, WAF accepts tokens only for the domain of the protected resource. With a token domain list, WAF accepts the resource's host domain plus all domains in the token domain list, including their prefixed subdomains.
Example JSON:
"TokenDomains": { "mywebsite.com", "myotherwebsite.com" }
Public suffixes aren't allowed. For example, you can't use
gov.au
orco.uk
as token domains.- Parameters:
tokenDomains
- Specifies the domains that WAF should accept in a web request token. This enables the use of tokens across multiple protected websites. When WAF provides a token, it uses the domain of the Amazon Web Services resource that the web ACL is protecting. If you don't specify a list of token domains, WAF accepts tokens only for the domain of the protected resource. With a token domain list, WAF accepts the resource's host domain plus all domains in the token domain list, including their prefixed subdomains.Example JSON:
"TokenDomains": { "mywebsite.com", "myotherwebsite.com" }
Public suffixes aren't allowed. For example, you can't use
gov.au
orco.uk
as token domains.- Returns:
- Returns a reference to this object so that method calls can be chained together.
-
associationConfig
Specifies custom configurations for the associations between the web ACL and protected resources.
Use this to customize the maximum size of the request body that your protected resources forward to WAF for inspection. You can customize this setting for CloudFront, API Gateway, Amazon Cognito, App Runner, or Verified Access resources. The default setting is 16 KB (16,384 bytes).
You are charged additional fees when your protected resources forward body sizes that are larger than the default. For more information, see WAF Pricing.
For Application Load Balancer and AppSync, the limit is fixed at 8 KB (8,192 bytes).
- Parameters:
associationConfig
- Specifies custom configurations for the associations between the web ACL and protected resources.Use this to customize the maximum size of the request body that your protected resources forward to WAF for inspection. You can customize this setting for CloudFront, API Gateway, Amazon Cognito, App Runner, or Verified Access resources. The default setting is 16 KB (16,384 bytes).
You are charged additional fees when your protected resources forward body sizes that are larger than the default. For more information, see WAF Pricing.
For Application Load Balancer and AppSync, the limit is fixed at 8 KB (8,192 bytes).
- Returns:
- Returns a reference to this object so that method calls can be chained together.
-
associationConfig
default CreateWebAclRequest.Builder associationConfig(Consumer<AssociationConfig.Builder> associationConfig) Specifies custom configurations for the associations between the web ACL and protected resources.
Use this to customize the maximum size of the request body that your protected resources forward to WAF for inspection. You can customize this setting for CloudFront, API Gateway, Amazon Cognito, App Runner, or Verified Access resources. The default setting is 16 KB (16,384 bytes).
You are charged additional fees when your protected resources forward body sizes that are larger than the default. For more information, see WAF Pricing.
For Application Load Balancer and AppSync, the limit is fixed at 8 KB (8,192 bytes).
This is a convenience method that creates an instance of theAssociationConfig.Builder
avoiding the need to create one manually viaAssociationConfig.builder()
.When the
Consumer
completes,SdkBuilder.build()
is called immediately and its result is passed toassociationConfig(AssociationConfig)
.- Parameters:
associationConfig
- a consumer that will call methods onAssociationConfig.Builder
- Returns:
- Returns a reference to this object so that method calls can be chained together.
- See Also:
-
onSourceDDoSProtectionConfig
CreateWebAclRequest.Builder onSourceDDoSProtectionConfig(OnSourceDDoSProtectionConfig onSourceDDoSProtectionConfig) Specifies the type of DDoS protection to apply to web request data for a web ACL. For most scenarios, it is recommended to use the default protection level,
ACTIVE_UNDER_DDOS
. If a web ACL is associated with multiple Application Load Balancers, the changes you make to DDoS protection in that web ACL will apply to all associated Application Load Balancers.- Parameters:
onSourceDDoSProtectionConfig
- Specifies the type of DDoS protection to apply to web request data for a web ACL. For most scenarios, it is recommended to use the default protection level,ACTIVE_UNDER_DDOS
. If a web ACL is associated with multiple Application Load Balancers, the changes you make to DDoS protection in that web ACL will apply to all associated Application Load Balancers.- Returns:
- Returns a reference to this object so that method calls can be chained together.
-
onSourceDDoSProtectionConfig
default CreateWebAclRequest.Builder onSourceDDoSProtectionConfig(Consumer<OnSourceDDoSProtectionConfig.Builder> onSourceDDoSProtectionConfig) Specifies the type of DDoS protection to apply to web request data for a web ACL. For most scenarios, it is recommended to use the default protection level,
This is a convenience method that creates an instance of theACTIVE_UNDER_DDOS
. If a web ACL is associated with multiple Application Load Balancers, the changes you make to DDoS protection in that web ACL will apply to all associated Application Load Balancers.OnSourceDDoSProtectionConfig.Builder
avoiding the need to create one manually viaOnSourceDDoSProtectionConfig.builder()
.When the
Consumer
completes,SdkBuilder.build()
is called immediately and its result is passed toonSourceDDoSProtectionConfig(OnSourceDDoSProtectionConfig)
.- Parameters:
onSourceDDoSProtectionConfig
- a consumer that will call methods onOnSourceDDoSProtectionConfig.Builder
- Returns:
- Returns a reference to this object so that method calls can be chained together.
- See Also:
-
applicationConfig
Configures the ability for the WAF console to store and retrieve application attributes during the web ACL creation process. Application attributes help WAF give recommendations for protection packs.
- Parameters:
applicationConfig
- Configures the ability for the WAF console to store and retrieve application attributes during the web ACL creation process. Application attributes help WAF give recommendations for protection packs.- Returns:
- Returns a reference to this object so that method calls can be chained together.
-
applicationConfig
default CreateWebAclRequest.Builder applicationConfig(Consumer<ApplicationConfig.Builder> applicationConfig) Configures the ability for the WAF console to store and retrieve application attributes during the web ACL creation process. Application attributes help WAF give recommendations for protection packs.
This is a convenience method that creates an instance of theApplicationConfig.Builder
avoiding the need to create one manually viaApplicationConfig.builder()
.When the
Consumer
completes,SdkBuilder.build()
is called immediately and its result is passed toapplicationConfig(ApplicationConfig)
.- Parameters:
applicationConfig
- a consumer that will call methods onApplicationConfig.Builder
- Returns:
- Returns a reference to this object so that method calls can be chained together.
- See Also:
-
overrideConfiguration
CreateWebAclRequest.Builder overrideConfiguration(AwsRequestOverrideConfiguration overrideConfiguration) Description copied from interface:AwsRequest.Builder
Add an optional request override configuration.- Specified by:
overrideConfiguration
in interfaceAwsRequest.Builder
- Parameters:
overrideConfiguration
- The override configuration.- Returns:
- This object for method chaining.
-
overrideConfiguration
CreateWebAclRequest.Builder overrideConfiguration(Consumer<AwsRequestOverrideConfiguration.Builder> builderConsumer) Description copied from interface:AwsRequest.Builder
Add an optional request override configuration.- Specified by:
overrideConfiguration
in interfaceAwsRequest.Builder
- Parameters:
builderConsumer
- AConsumer
to which an emptyAwsRequestOverrideConfiguration.Builder
will be given.- Returns:
- This object for method chaining.
-