github.com/pulumi/pulumi-aws/sdk/v6@v6.32.0/go/aws/wafv2/webAcl.go

// Code generated by the Pulumi Terraform Bridge (tfgen) Tool DO NOT EDIT.
// *** WARNING: Do not edit by hand unless you're certain you know what you are doing! ***

package wafv2

import (
	"context"
	"reflect"

	"errors"
	"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/internal"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

type WebAcl struct {
	pulumi.CustomResourceState

	// The URL to use in SDK integrations with managed rule groups.
	ApplicationIntegrationUrl pulumi.StringOutput `pulumi:"applicationIntegrationUrl"`
	// The Amazon Resource Name (ARN) of the IP Set that this statement references.
	Arn pulumi.StringOutput `pulumi:"arn"`
	// Specifies custom configurations for the associations between the web ACL and protected resources. See `associationConfig` below for details.
	AssociationConfig WebAclAssociationConfigPtrOutput `pulumi:"associationConfig"`
	// Web ACL capacity units (WCUs) currently being used by this web ACL.
	Capacity pulumi.IntOutput `pulumi:"capacity"`
	// Specifies how AWS WAF should handle CAPTCHA evaluations on the ACL level (used by [AWS Bot Control](https://docs.aws.amazon.com/waf/latest/developerguide/aws-managed-rule-groups-bot.html)). See `captchaConfig` below for details.
	CaptchaConfig WebAclCaptchaConfigPtrOutput `pulumi:"captchaConfig"`
	// Specifies how AWS WAF should handle Challenge evaluations on the ACL level (used by [AWS Bot Control](https://docs.aws.amazon.com/waf/latest/developerguide/aws-managed-rule-groups-bot.html)). See `challengeConfig` below for details.
	ChallengeConfig WebAclChallengeConfigPtrOutput `pulumi:"challengeConfig"`
	// Defines custom response bodies that can be referenced by `customResponse` actions. See `customResponseBody` below for details.
	CustomResponseBodies WebAclCustomResponseBodyArrayOutput `pulumi:"customResponseBodies"`
	// Action to perform if none of the `rules` contained in the WebACL match. See `defaultAction` below for details.
	DefaultAction WebAclDefaultActionOutput `pulumi:"defaultAction"`
	// Friendly description of the WebACL.
	Description pulumi.StringPtrOutput `pulumi:"description"`
	LockToken   pulumi.StringOutput    `pulumi:"lockToken"`
	// Friendly name of the WebACL.
	Name pulumi.StringOutput `pulumi:"name"`
	// Rule blocks used to identify the web requests that you want to `allow`, `block`, or `count`. See `rule` below for details.
	Rules WebAclRuleArrayOutput `pulumi:"rules"`
	// Specifies whether this is for an AWS CloudFront distribution or for a regional application. Valid values are `CLOUDFRONT` or `REGIONAL`. To work with CloudFront, you must also specify the region `us-east-1` (N. Virginia) on the AWS provider.
	Scope pulumi.StringOutput `pulumi:"scope"`
	// Map of key-value pairs to associate with the resource. If configured with a provider `defaultTags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.
	Tags pulumi.StringMapOutput `pulumi:"tags"`
	// Map of tags assigned to the resource, including those inherited from the provider `defaultTags` configuration block.
	//
	// Deprecated: Please use `tags` instead.
	TagsAll pulumi.StringMapOutput `pulumi:"tagsAll"`
	// Specifies the domains that AWS WAF should accept in a web request token. This enables the use of tokens across multiple protected websites. When AWS WAF provides a token, it uses the domain of the AWS resource that the web ACL is protecting. If you don't specify a list of token domains, AWS WAF accepts tokens only for the domain of the protected resource. With a token domain list, AWS WAF accepts the resource's host domain plus all domains in the token domain list, including their prefixed subdomains.
	TokenDomains pulumi.StringArrayOutput `pulumi:"tokenDomains"`
	// Defines and enables Amazon CloudWatch metrics and web request sample collection. See `visibilityConfig` below for details.
	VisibilityConfig WebAclVisibilityConfigOutput `pulumi:"visibilityConfig"`
}

// NewWebAcl registers a new resource with the given unique name, arguments, and options.
func NewWebAcl(ctx *pulumi.Context,
	name string, args *WebAclArgs, opts ...pulumi.ResourceOption) (*WebAcl, error) {
	if args == nil {
		return nil, errors.New("missing one or more required arguments")
	}

	if args.DefaultAction == nil {
		return nil, errors.New("invalid value for required argument 'DefaultAction'")
	}
	if args.Scope == nil {
		return nil, errors.New("invalid value for required argument 'Scope'")
	}
	if args.VisibilityConfig == nil {
		return nil, errors.New("invalid value for required argument 'VisibilityConfig'")
	}
	opts = internal.PkgResourceDefaultOpts(opts)
	var resource WebAcl
	err := ctx.RegisterResource("aws:wafv2/webAcl:WebAcl", name, args, &resource, opts...)
	if err != nil {
		return nil, err
	}
	return &resource, nil
}

// GetWebAcl gets an existing WebAcl resource's state with the given name, ID, and optional
// state properties that are used to uniquely qualify the lookup (nil if not required).
func GetWebAcl(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *WebAclState, opts ...pulumi.ResourceOption) (*WebAcl, error) {
	var resource WebAcl
	err := ctx.ReadResource("aws:wafv2/webAcl:WebAcl", name, id, state, &resource, opts...)
	if err != nil {
		return nil, err
	}
	return &resource, nil
}

// Input properties used for looking up and filtering WebAcl resources.
type webAclState struct {
	// The URL to use in SDK integrations with managed rule groups.
	ApplicationIntegrationUrl *string `pulumi:"applicationIntegrationUrl"`
	// The Amazon Resource Name (ARN) of the IP Set that this statement references.
	Arn *string `pulumi:"arn"`
	// Specifies custom configurations for the associations between the web ACL and protected resources. See `associationConfig` below for details.
	AssociationConfig *WebAclAssociationConfig `pulumi:"associationConfig"`
	// Web ACL capacity units (WCUs) currently being used by this web ACL.
	Capacity *int `pulumi:"capacity"`
	// Specifies how AWS WAF should handle CAPTCHA evaluations on the ACL level (used by [AWS Bot Control](https://docs.aws.amazon.com/waf/latest/developerguide/aws-managed-rule-groups-bot.html)). See `captchaConfig` below for details.
	CaptchaConfig *WebAclCaptchaConfig `pulumi:"captchaConfig"`
	// Specifies how AWS WAF should handle Challenge evaluations on the ACL level (used by [AWS Bot Control](https://docs.aws.amazon.com/waf/latest/developerguide/aws-managed-rule-groups-bot.html)). See `challengeConfig` below for details.
	ChallengeConfig *WebAclChallengeConfig `pulumi:"challengeConfig"`
	// Defines custom response bodies that can be referenced by `customResponse` actions. See `customResponseBody` below for details.
	CustomResponseBodies []WebAclCustomResponseBody `pulumi:"customResponseBodies"`
	// Action to perform if none of the `rules` contained in the WebACL match. See `defaultAction` below for details.
	DefaultAction *WebAclDefaultAction `pulumi:"defaultAction"`
	// Friendly description of the WebACL.
	Description *string `pulumi:"description"`
	LockToken   *string `pulumi:"lockToken"`
	// Friendly name of the WebACL.
	Name *string `pulumi:"name"`
	// Rule blocks used to identify the web requests that you want to `allow`, `block`, or `count`. See `rule` below for details.
	Rules []WebAclRule `pulumi:"rules"`
	// Specifies whether this is for an AWS CloudFront distribution or for a regional application. Valid values are `CLOUDFRONT` or `REGIONAL`. To work with CloudFront, you must also specify the region `us-east-1` (N. Virginia) on the AWS provider.
	Scope *string `pulumi:"scope"`
	// Map of key-value pairs to associate with the resource. If configured with a provider `defaultTags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.
	Tags map[string]string `pulumi:"tags"`
	// Map of tags assigned to the resource, including those inherited from the provider `defaultTags` configuration block.
	//
	// Deprecated: Please use `tags` instead.
	TagsAll map[string]string `pulumi:"tagsAll"`
	// Specifies the domains that AWS WAF should accept in a web request token. This enables the use of tokens across multiple protected websites. When AWS WAF provides a token, it uses the domain of the AWS resource that the web ACL is protecting. If you don't specify a list of token domains, AWS WAF accepts tokens only for the domain of the protected resource. With a token domain list, AWS WAF accepts the resource's host domain plus all domains in the token domain list, including their prefixed subdomains.
	TokenDomains []string `pulumi:"tokenDomains"`
	// Defines and enables Amazon CloudWatch metrics and web request sample collection. See `visibilityConfig` below for details.
	VisibilityConfig *WebAclVisibilityConfig `pulumi:"visibilityConfig"`
}

type WebAclState struct {
	// The URL to use in SDK integrations with managed rule groups.
	ApplicationIntegrationUrl pulumi.StringPtrInput
	// The Amazon Resource Name (ARN) of the IP Set that this statement references.
	Arn pulumi.StringPtrInput
	// Specifies custom configurations for the associations between the web ACL and protected resources. See `associationConfig` below for details.
	AssociationConfig WebAclAssociationConfigPtrInput
	// Web ACL capacity units (WCUs) currently being used by this web ACL.
	Capacity pulumi.IntPtrInput
	// Specifies how AWS WAF should handle CAPTCHA evaluations on the ACL level (used by [AWS Bot Control](https://docs.aws.amazon.com/waf/latest/developerguide/aws-managed-rule-groups-bot.html)). See `captchaConfig` below for details.
	CaptchaConfig WebAclCaptchaConfigPtrInput
	// Specifies how AWS WAF should handle Challenge evaluations on the ACL level (used by [AWS Bot Control](https://docs.aws.amazon.com/waf/latest/developerguide/aws-managed-rule-groups-bot.html)). See `challengeConfig` below for details.
	ChallengeConfig WebAclChallengeConfigPtrInput
	// Defines custom response bodies that can be referenced by `customResponse` actions. See `customResponseBody` below for details.
	CustomResponseBodies WebAclCustomResponseBodyArrayInput
	// Action to perform if none of the `rules` contained in the WebACL match. See `defaultAction` below for details.
	DefaultAction WebAclDefaultActionPtrInput
	// Friendly description of the WebACL.
	Description pulumi.StringPtrInput
	LockToken   pulumi.StringPtrInput
	// Friendly name of the WebACL.
	Name pulumi.StringPtrInput
	// Rule blocks used to identify the web requests that you want to `allow`, `block`, or `count`. See `rule` below for details.
	Rules WebAclRuleArrayInput
	// Specifies whether this is for an AWS CloudFront distribution or for a regional application. Valid values are `CLOUDFRONT` or `REGIONAL`. To work with CloudFront, you must also specify the region `us-east-1` (N. Virginia) on the AWS provider.
	Scope pulumi.StringPtrInput
	// Map of key-value pairs to associate with the resource. If configured with a provider `defaultTags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.
	Tags pulumi.StringMapInput
	// Map of tags assigned to the resource, including those inherited from the provider `defaultTags` configuration block.
	//
	// Deprecated: Please use `tags` instead.
	TagsAll pulumi.StringMapInput
	// Specifies the domains that AWS WAF should accept in a web request token. This enables the use of tokens across multiple protected websites. When AWS WAF provides a token, it uses the domain of the AWS resource that the web ACL is protecting. If you don't specify a list of token domains, AWS WAF accepts tokens only for the domain of the protected resource. With a token domain list, AWS WAF accepts the resource's host domain plus all domains in the token domain list, including their prefixed subdomains.
	TokenDomains pulumi.StringArrayInput
	// Defines and enables Amazon CloudWatch metrics and web request sample collection. See `visibilityConfig` below for details.
	VisibilityConfig WebAclVisibilityConfigPtrInput
}

func (WebAclState) ElementType() reflect.Type {
	return reflect.TypeOf((*webAclState)(nil)).Elem()
}

type webAclArgs struct {
	// Specifies custom configurations for the associations between the web ACL and protected resources. See `associationConfig` below for details.
	AssociationConfig *WebAclAssociationConfig `pulumi:"associationConfig"`
	// Specifies how AWS WAF should handle CAPTCHA evaluations on the ACL level (used by [AWS Bot Control](https://docs.aws.amazon.com/waf/latest/developerguide/aws-managed-rule-groups-bot.html)). See `captchaConfig` below for details.
	CaptchaConfig *WebAclCaptchaConfig `pulumi:"captchaConfig"`
	// Specifies how AWS WAF should handle Challenge evaluations on the ACL level (used by [AWS Bot Control](https://docs.aws.amazon.com/waf/latest/developerguide/aws-managed-rule-groups-bot.html)). See `challengeConfig` below for details.
	ChallengeConfig *WebAclChallengeConfig `pulumi:"challengeConfig"`
	// Defines custom response bodies that can be referenced by `customResponse` actions. See `customResponseBody` below for details.
	CustomResponseBodies []WebAclCustomResponseBody `pulumi:"customResponseBodies"`
	// Action to perform if none of the `rules` contained in the WebACL match. See `defaultAction` below for details.
	DefaultAction WebAclDefaultAction `pulumi:"defaultAction"`
	// Friendly description of the WebACL.
	Description *string `pulumi:"description"`
	// Friendly name of the WebACL.
	Name *string `pulumi:"name"`
	// Rule blocks used to identify the web requests that you want to `allow`, `block`, or `count`. See `rule` below for details.
	Rules []WebAclRule `pulumi:"rules"`
	// Specifies whether this is for an AWS CloudFront distribution or for a regional application. Valid values are `CLOUDFRONT` or `REGIONAL`. To work with CloudFront, you must also specify the region `us-east-1` (N. Virginia) on the AWS provider.
	Scope string `pulumi:"scope"`
	// Map of key-value pairs to associate with the resource. If configured with a provider `defaultTags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.
	Tags map[string]string `pulumi:"tags"`
	// Specifies the domains that AWS WAF should accept in a web request token. This enables the use of tokens across multiple protected websites. When AWS WAF provides a token, it uses the domain of the AWS resource that the web ACL is protecting. If you don't specify a list of token domains, AWS WAF accepts tokens only for the domain of the protected resource. With a token domain list, AWS WAF accepts the resource's host domain plus all domains in the token domain list, including their prefixed subdomains.
	TokenDomains []string `pulumi:"tokenDomains"`
	// Defines and enables Amazon CloudWatch metrics and web request sample collection. See `visibilityConfig` below for details.
	VisibilityConfig WebAclVisibilityConfig `pulumi:"visibilityConfig"`
}

// The set of arguments for constructing a WebAcl resource.
type WebAclArgs struct {
	// Specifies custom configurations for the associations between the web ACL and protected resources. See `associationConfig` below for details.
	AssociationConfig WebAclAssociationConfigPtrInput
	// Specifies how AWS WAF should handle CAPTCHA evaluations on the ACL level (used by [AWS Bot Control](https://docs.aws.amazon.com/waf/latest/developerguide/aws-managed-rule-groups-bot.html)). See `captchaConfig` below for details.
	CaptchaConfig WebAclCaptchaConfigPtrInput
	// Specifies how AWS WAF should handle Challenge evaluations on the ACL level (used by [AWS Bot Control](https://docs.aws.amazon.com/waf/latest/developerguide/aws-managed-rule-groups-bot.html)). See `challengeConfig` below for details.
	ChallengeConfig WebAclChallengeConfigPtrInput
	// Defines custom response bodies that can be referenced by `customResponse` actions. See `customResponseBody` below for details.
	CustomResponseBodies WebAclCustomResponseBodyArrayInput
	// Action to perform if none of the `rules` contained in the WebACL match. See `defaultAction` below for details.
	DefaultAction WebAclDefaultActionInput
	// Friendly description of the WebACL.
	Description pulumi.StringPtrInput
	// Friendly name of the WebACL.
	Name pulumi.StringPtrInput
	// Rule blocks used to identify the web requests that you want to `allow`, `block`, or `count`. See `rule` below for details.
	Rules WebAclRuleArrayInput
	// Specifies whether this is for an AWS CloudFront distribution or for a regional application. Valid values are `CLOUDFRONT` or `REGIONAL`. To work with CloudFront, you must also specify the region `us-east-1` (N. Virginia) on the AWS provider.
	Scope pulumi.StringInput
	// Map of key-value pairs to associate with the resource. If configured with a provider `defaultTags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.
	Tags pulumi.StringMapInput
	// Specifies the domains that AWS WAF should accept in a web request token. This enables the use of tokens across multiple protected websites. When AWS WAF provides a token, it uses the domain of the AWS resource that the web ACL is protecting. If you don't specify a list of token domains, AWS WAF accepts tokens only for the domain of the protected resource. With a token domain list, AWS WAF accepts the resource's host domain plus all domains in the token domain list, including their prefixed subdomains.
	TokenDomains pulumi.StringArrayInput
	// Defines and enables Amazon CloudWatch metrics and web request sample collection. See `visibilityConfig` below for details.
	VisibilityConfig WebAclVisibilityConfigInput
}

func (WebAclArgs) ElementType() reflect.Type {
	return reflect.TypeOf((*webAclArgs)(nil)).Elem()
}

type WebAclInput interface {
	pulumi.Input

	ToWebAclOutput() WebAclOutput
	ToWebAclOutputWithContext(ctx context.Context) WebAclOutput
}

func (*WebAcl) ElementType() reflect.Type {
	return reflect.TypeOf((**WebAcl)(nil)).Elem()
}

func (i *WebAcl) ToWebAclOutput() WebAclOutput {
	return i.ToWebAclOutputWithContext(context.Background())
}

func (i *WebAcl) ToWebAclOutputWithContext(ctx context.Context) WebAclOutput {
	return pulumi.ToOutputWithContext(ctx, i).(WebAclOutput)
}

// WebAclArrayInput is an input type that accepts WebAclArray and WebAclArrayOutput values.
// You can construct a concrete instance of `WebAclArrayInput` via:
//
//	WebAclArray{ WebAclArgs{...} }
type WebAclArrayInput interface {
	pulumi.Input

	ToWebAclArrayOutput() WebAclArrayOutput
	ToWebAclArrayOutputWithContext(context.Context) WebAclArrayOutput
}

type WebAclArray []WebAclInput

func (WebAclArray) ElementType() reflect.Type {
	return reflect.TypeOf((*[]*WebAcl)(nil)).Elem()
}

func (i WebAclArray) ToWebAclArrayOutput() WebAclArrayOutput {
	return i.ToWebAclArrayOutputWithContext(context.Background())
}

func (i WebAclArray) ToWebAclArrayOutputWithContext(ctx context.Context) WebAclArrayOutput {
	return pulumi.ToOutputWithContext(ctx, i).(WebAclArrayOutput)
}

// WebAclMapInput is an input type that accepts WebAclMap and WebAclMapOutput values.
// You can construct a concrete instance of `WebAclMapInput` via:
//
//	WebAclMap{ "key": WebAclArgs{...} }
type WebAclMapInput interface {
	pulumi.Input

	ToWebAclMapOutput() WebAclMapOutput
	ToWebAclMapOutputWithContext(context.Context) WebAclMapOutput
}

type WebAclMap map[string]WebAclInput

func (WebAclMap) ElementType() reflect.Type {
	return reflect.TypeOf((*map[string]*WebAcl)(nil)).Elem()
}

func (i WebAclMap) ToWebAclMapOutput() WebAclMapOutput {
	return i.ToWebAclMapOutputWithContext(context.Background())
}

func (i WebAclMap) ToWebAclMapOutputWithContext(ctx context.Context) WebAclMapOutput {
	return pulumi.ToOutputWithContext(ctx, i).(WebAclMapOutput)
}

type WebAclOutput struct{ *pulumi.OutputState }

func (WebAclOutput) ElementType() reflect.Type {
	return reflect.TypeOf((**WebAcl)(nil)).Elem()
}

func (o WebAclOutput) ToWebAclOutput() WebAclOutput {
	return o
}

func (o WebAclOutput) ToWebAclOutputWithContext(ctx context.Context) WebAclOutput {
	return o
}

// The URL to use in SDK integrations with managed rule groups.
func (o WebAclOutput) ApplicationIntegrationUrl() pulumi.StringOutput {
	return o.ApplyT(func(v *WebAcl) pulumi.StringOutput { return v.ApplicationIntegrationUrl }).(pulumi.StringOutput)
}

// The Amazon Resource Name (ARN) of the IP Set that this statement references.
func (o WebAclOutput) Arn() pulumi.StringOutput {
	return o.ApplyT(func(v *WebAcl) pulumi.StringOutput { return v.Arn }).(pulumi.StringOutput)
}

// Specifies custom configurations for the associations between the web ACL and protected resources. See `associationConfig` below for details.
func (o WebAclOutput) AssociationConfig() WebAclAssociationConfigPtrOutput {
	return o.ApplyT(func(v *WebAcl) WebAclAssociationConfigPtrOutput { return v.AssociationConfig }).(WebAclAssociationConfigPtrOutput)
}

// Web ACL capacity units (WCUs) currently being used by this web ACL.
func (o WebAclOutput) Capacity() pulumi.IntOutput {
	return o.ApplyT(func(v *WebAcl) pulumi.IntOutput { return v.Capacity }).(pulumi.IntOutput)
}

// Specifies how AWS WAF should handle CAPTCHA evaluations on the ACL level (used by [AWS Bot Control](https://docs.aws.amazon.com/waf/latest/developerguide/aws-managed-rule-groups-bot.html)). See `captchaConfig` below for details.
func (o WebAclOutput) CaptchaConfig() WebAclCaptchaConfigPtrOutput {
	return o.ApplyT(func(v *WebAcl) WebAclCaptchaConfigPtrOutput { return v.CaptchaConfig }).(WebAclCaptchaConfigPtrOutput)
}

// Specifies how AWS WAF should handle Challenge evaluations on the ACL level (used by [AWS Bot Control](https://docs.aws.amazon.com/waf/latest/developerguide/aws-managed-rule-groups-bot.html)). See `challengeConfig` below for details.
func (o WebAclOutput) ChallengeConfig() WebAclChallengeConfigPtrOutput {
	return o.ApplyT(func(v *WebAcl) WebAclChallengeConfigPtrOutput { return v.ChallengeConfig }).(WebAclChallengeConfigPtrOutput)
}

// Defines custom response bodies that can be referenced by `customResponse` actions. See `customResponseBody` below for details.
func (o WebAclOutput) CustomResponseBodies() WebAclCustomResponseBodyArrayOutput {
	return o.ApplyT(func(v *WebAcl) WebAclCustomResponseBodyArrayOutput { return v.CustomResponseBodies }).(WebAclCustomResponseBodyArrayOutput)
}

// Action to perform if none of the `rules` contained in the WebACL match. See `defaultAction` below for details.
func (o WebAclOutput) DefaultAction() WebAclDefaultActionOutput {
	return o.ApplyT(func(v *WebAcl) WebAclDefaultActionOutput { return v.DefaultAction }).(WebAclDefaultActionOutput)
}

// Friendly description of the WebACL.
func (o WebAclOutput) Description() pulumi.StringPtrOutput {
	return o.ApplyT(func(v *WebAcl) pulumi.StringPtrOutput { return v.Description }).(pulumi.StringPtrOutput)
}

func (o WebAclOutput) LockToken() pulumi.StringOutput {
	return o.ApplyT(func(v *WebAcl) pulumi.StringOutput { return v.LockToken }).(pulumi.StringOutput)
}

// Friendly name of the WebACL.
func (o WebAclOutput) Name() pulumi.StringOutput {
	return o.ApplyT(func(v *WebAcl) pulumi.StringOutput { return v.Name }).(pulumi.StringOutput)
}

// Rule blocks used to identify the web requests that you want to `allow`, `block`, or `count`. See `rule` below for details.
func (o WebAclOutput) Rules() WebAclRuleArrayOutput {
	return o.ApplyT(func(v *WebAcl) WebAclRuleArrayOutput { return v.Rules }).(WebAclRuleArrayOutput)
}

// Specifies whether this is for an AWS CloudFront distribution or for a regional application. Valid values are `CLOUDFRONT` or `REGIONAL`. To work with CloudFront, you must also specify the region `us-east-1` (N. Virginia) on the AWS provider.
func (o WebAclOutput) Scope() pulumi.StringOutput {
	return o.ApplyT(func(v *WebAcl) pulumi.StringOutput { return v.Scope }).(pulumi.StringOutput)
}

// Map of key-value pairs to associate with the resource. If configured with a provider `defaultTags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.
func (o WebAclOutput) Tags() pulumi.StringMapOutput {
	return o.ApplyT(func(v *WebAcl) pulumi.StringMapOutput { return v.Tags }).(pulumi.StringMapOutput)
}

// Map of tags assigned to the resource, including those inherited from the provider `defaultTags` configuration block.
//
// Deprecated: Please use `tags` instead.
func (o WebAclOutput) TagsAll() pulumi.StringMapOutput {
	return o.ApplyT(func(v *WebAcl) pulumi.StringMapOutput { return v.TagsAll }).(pulumi.StringMapOutput)
}

// Specifies the domains that AWS WAF should accept in a web request token. This enables the use of tokens across multiple protected websites. When AWS WAF provides a token, it uses the domain of the AWS resource that the web ACL is protecting. If you don't specify a list of token domains, AWS WAF accepts tokens only for the domain of the protected resource. With a token domain list, AWS WAF accepts the resource's host domain plus all domains in the token domain list, including their prefixed subdomains.
func (o WebAclOutput) TokenDomains() pulumi.StringArrayOutput {
	return o.ApplyT(func(v *WebAcl) pulumi.StringArrayOutput { return v.TokenDomains }).(pulumi.StringArrayOutput)
}

// Defines and enables Amazon CloudWatch metrics and web request sample collection. See `visibilityConfig` below for details.
func (o WebAclOutput) VisibilityConfig() WebAclVisibilityConfigOutput {
	return o.ApplyT(func(v *WebAcl) WebAclVisibilityConfigOutput { return v.VisibilityConfig }).(WebAclVisibilityConfigOutput)
}

type WebAclArrayOutput struct{ *pulumi.OutputState }

func (WebAclArrayOutput) ElementType() reflect.Type {
	return reflect.TypeOf((*[]*WebAcl)(nil)).Elem()
}

func (o WebAclArrayOutput) ToWebAclArrayOutput() WebAclArrayOutput {
	return o
}

func (o WebAclArrayOutput) ToWebAclArrayOutputWithContext(ctx context.Context) WebAclArrayOutput {
	return o
}

func (o WebAclArrayOutput) Index(i pulumi.IntInput) WebAclOutput {
	return pulumi.All(o, i).ApplyT(func(vs []interface{}) *WebAcl {
		return vs[0].([]*WebAcl)[vs[1].(int)]
	}).(WebAclOutput)
}

type WebAclMapOutput struct{ *pulumi.OutputState }

func (WebAclMapOutput) ElementType() reflect.Type {
	return reflect.TypeOf((*map[string]*WebAcl)(nil)).Elem()
}

func (o WebAclMapOutput) ToWebAclMapOutput() WebAclMapOutput {
	return o
}

func (o WebAclMapOutput) ToWebAclMapOutputWithContext(ctx context.Context) WebAclMapOutput {
	return o
}

func (o WebAclMapOutput) MapIndex(k pulumi.StringInput) WebAclOutput {
	return pulumi.All(o, k).ApplyT(func(vs []interface{}) *WebAcl {
		return vs[0].(map[string]*WebAcl)[vs[1].(string)]
	}).(WebAclOutput)
}

func init() {
	pulumi.RegisterInputType(reflect.TypeOf((*WebAclInput)(nil)).Elem(), &WebAcl{})
	pulumi.RegisterInputType(reflect.TypeOf((*WebAclArrayInput)(nil)).Elem(), WebAclArray{})
	pulumi.RegisterInputType(reflect.TypeOf((*WebAclMapInput)(nil)).Elem(), WebAclMap{})
	pulumi.RegisterOutputType(WebAclOutput{})
	pulumi.RegisterOutputType(WebAclArrayOutput{})
	pulumi.RegisterOutputType(WebAclMapOutput{})
}