github.com/ves/terraform@v0.8.0-beta2/website/source/docs/providers/aws/r/waf_web_acl.html.markdown (about) 1 --- 2 layout: "aws" 3 page_title: "AWS: aws_waf_web_acl" 4 sidebar_current: "docs-aws-resource-waf-webacl" 5 description: |- 6 Provides a AWS WAF web access control group (ACL) resource. 7 --- 8 9 # aws\_waf\_web\_acl 10 11 Provides a WAF Web ACL Resource 12 13 ## Example Usage 14 15 ``` 16 resource "aws_waf_ipset" "ipset" { 17 name = "tfIPSet" 18 ip_set_descriptors { 19 type = "IPV4" 20 value = "192.0.7.0/24" 21 } 22 } 23 24 resource "aws_waf_rule" "wafrule" { 25 depends_on = ["aws_waf_ipset.ipset"] 26 name = "tfWAFRule" 27 metric_name = "tfWAFRule" 28 predicates { 29 data_id = "${aws_waf_ipset.ipset.id}" 30 negated = false 31 type = "IPMatch" 32 } 33 } 34 resource "aws_waf_web_acl" "waf_acl" { 35 depends_on = ["aws_waf_ipset.ipset", "aws_waf_rule.wafrule"] 36 name = "tfWebACL" 37 metric_name = "tfWebACL" 38 default_action { 39 type = "ALLOW" 40 } 41 rules { 42 action { 43 type = "BLOCK" 44 } 45 priority = 1 46 rule_id = "${aws_waf_rule.wafrule.id}" 47 } 48 } 49 ``` 50 51 ## Argument Reference 52 53 The following arguments are supported: 54 55 * `default_action` - (Required) The action that you want AWS WAF to take when a request doesn't match the criteria in any of the rules that are associated with the web ACL. 56 * `metric_name` - (Required) The name or description for the Amazon CloudWatch metric of this web ACL. 57 * `name` - (Required) The name or description of the web ACL. 58 * `rules` - (Required) The rules to associate with the web ACL and the settings for each rule. 59 60 61 ## Attributes Reference 62 63 The following attributes are exported: 64 65 * `id` - The ID of the WAF WebACL.