github.com/nathanielks/terraform@v0.6.1-0.20170509030759-13e1a62319dc/website/source/docs/providers/aws/r/waf_rule.html.markdown (about) 1 --- 2 layout: "aws" 3 page_title: "AWS: waf_rule" 4 sidebar_current: "docs-aws-resource-waf-rule" 5 description: |- 6 Provides a AWS WAF rule resource. 7 --- 8 9 # aws\_waf\_rule 10 11 Provides a WAF Rule Resource 12 13 ## Example Usage 14 15 ```hcl 16 resource "aws_waf_ipset" "ipset" { 17 name = "tfIPSet" 18 19 ip_set_descriptors { 20 type = "IPV4" 21 value = "192.0.7.0/24" 22 } 23 } 24 25 resource "aws_waf_rule" "wafrule" { 26 depends_on = ["aws_waf_ipset.ipset"] 27 name = "tfWAFRule" 28 metric_name = "tfWAFRule" 29 30 predicates { 31 data_id = "${aws_waf_ipset.ipset.id}" 32 negated = false 33 type = "IPMatch" 34 } 35 } 36 ``` 37 38 ## Argument Reference 39 40 The following arguments are supported: 41 42 * `metric_name` - (Required) The name or description for the Amazon CloudWatch metric of this rule. 43 * `name` - (Required) The name or description of the rule. 44 * `predicates` - (Optional) One of ByteMatchSet, IPSet, SizeConstraintSet, SqlInjectionMatchSet, or XssMatchSet objects to include in a rule. 45 46 ## Nested Blocks 47 48 ### `predicates` 49 50 #### Arguments 51 52 * `negated` - (Required) Set this to `false` if you want to allow, block, or count requests 53 based on the settings in the specified `ByteMatchSet`, `IPSet`, `SqlInjectionMatchSet`, `XssMatchSet`, or `SizeConstraintSet`. 54 For example, if an IPSet includes the IP address `192.0.2.44`, AWS WAF will allow or block requests based on that IP address. 55 If set to `true`, AWS WAF will allow, block, or count requests based on all IP addresses _except_ `192.0.2.44`. 56 * `data_id` - (Optional) A unique identifier for a predicate in the rule, such as Byte Match Set ID or IPSet ID. 57 * `type` - (Required) The type of predicate in a rule, such as `ByteMatchSet` or `IPSet` 58 59 ## Remarks 60 61 ## Attributes Reference 62 63 The following attributes are exported: 64 65 * `id` - The ID of the WAF rule.