/** * Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. * SPDX-License-Identifier: Apache-2.0. */ #pragma once #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include namespace Aws { namespace Utils { namespace Json { class JsonValue; class JsonView; } // namespace Json } // namespace Utils namespace WAFV2 { namespace Model { class RateBasedStatement; class NotStatement; /** *

This is the latest version of AWS WAF, named AWS WAFV2, * released in November, 2019. For information, including how to migrate your AWS * WAF resources from the prior release, see the AWS * WAF Developer Guide.

The processing guidance for a * Rule, used by AWS WAF to determine whether a web request matches the * rule.

See Also:

AWS API * Reference

*/ class AWS_WAFV2_API Statement { public: Statement(); Statement(Aws::Utils::Json::JsonView jsonValue); Statement& operator=(Aws::Utils::Json::JsonView jsonValue); Aws::Utils::Json::JsonValue Jsonize() const; /** *

A rule statement that defines a string match search for AWS WAF to apply to * web requests. The byte match statement provides the bytes to search for, the * location in requests that you want AWS WAF to search, and other settings. The * bytes to search for are typically a string that corresponds with ASCII * characters. In the AWS WAF console and the developer guide, this is refered to * as a string match statement.

*/ inline const ByteMatchStatement& GetByteMatchStatement() const{ return m_byteMatchStatement; } /** *

A rule statement that defines a string match search for AWS WAF to apply to * web requests. The byte match statement provides the bytes to search for, the * location in requests that you want AWS WAF to search, and other settings. The * bytes to search for are typically a string that corresponds with ASCII * characters. In the AWS WAF console and the developer guide, this is refered to * as a string match statement.

*/ inline bool ByteMatchStatementHasBeenSet() const { return m_byteMatchStatementHasBeenSet; } /** *

A rule statement that defines a string match search for AWS WAF to apply to * web requests. The byte match statement provides the bytes to search for, the * location in requests that you want AWS WAF to search, and other settings. The * bytes to search for are typically a string that corresponds with ASCII * characters. In the AWS WAF console and the developer guide, this is refered to * as a string match statement.

*/ inline void SetByteMatchStatement(const ByteMatchStatement& value) { m_byteMatchStatementHasBeenSet = true; m_byteMatchStatement = value; } /** *

A rule statement that defines a string match search for AWS WAF to apply to * web requests. The byte match statement provides the bytes to search for, the * location in requests that you want AWS WAF to search, and other settings. The * bytes to search for are typically a string that corresponds with ASCII * characters. In the AWS WAF console and the developer guide, this is refered to * as a string match statement.

*/ inline void SetByteMatchStatement(ByteMatchStatement&& value) { m_byteMatchStatementHasBeenSet = true; m_byteMatchStatement = std::move(value); } /** *

A rule statement that defines a string match search for AWS WAF to apply to * web requests. The byte match statement provides the bytes to search for, the * location in requests that you want AWS WAF to search, and other settings. The * bytes to search for are typically a string that corresponds with ASCII * characters. In the AWS WAF console and the developer guide, this is refered to * as a string match statement.

*/ inline Statement& WithByteMatchStatement(const ByteMatchStatement& value) { SetByteMatchStatement(value); return *this;} /** *

A rule statement that defines a string match search for AWS WAF to apply to * web requests. The byte match statement provides the bytes to search for, the * location in requests that you want AWS WAF to search, and other settings. The * bytes to search for are typically a string that corresponds with ASCII * characters. In the AWS WAF console and the developer guide, this is refered to * as a string match statement.

*/ inline Statement& WithByteMatchStatement(ByteMatchStatement&& value) { SetByteMatchStatement(std::move(value)); return *this;} /** *

Attackers sometimes insert malicious SQL code into web requests in an effort * to extract data from your database. To allow or block web requests that appear * to contain malicious SQL code, create one or more SQL injection match * conditions. An SQL injection match condition identifies the part of web * requests, such as the URI or the query string, that you want AWS WAF to inspect. * Later in the process, when you create a web ACL, you specify whether to allow or * block requests that appear to contain malicious SQL code.

*/ inline const SqliMatchStatement& GetSqliMatchStatement() const{ return m_sqliMatchStatement; } /** *

Attackers sometimes insert malicious SQL code into web requests in an effort * to extract data from your database. To allow or block web requests that appear * to contain malicious SQL code, create one or more SQL injection match * conditions. An SQL injection match condition identifies the part of web * requests, such as the URI or the query string, that you want AWS WAF to inspect. * Later in the process, when you create a web ACL, you specify whether to allow or * block requests that appear to contain malicious SQL code.

*/ inline bool SqliMatchStatementHasBeenSet() const { return m_sqliMatchStatementHasBeenSet; } /** *

Attackers sometimes insert malicious SQL code into web requests in an effort * to extract data from your database. To allow or block web requests that appear * to contain malicious SQL code, create one or more SQL injection match * conditions. An SQL injection match condition identifies the part of web * requests, such as the URI or the query string, that you want AWS WAF to inspect. * Later in the process, when you create a web ACL, you specify whether to allow or * block requests that appear to contain malicious SQL code.

*/ inline void SetSqliMatchStatement(const SqliMatchStatement& value) { m_sqliMatchStatementHasBeenSet = true; m_sqliMatchStatement = value; } /** *

Attackers sometimes insert malicious SQL code into web requests in an effort * to extract data from your database. To allow or block web requests that appear * to contain malicious SQL code, create one or more SQL injection match * conditions. An SQL injection match condition identifies the part of web * requests, such as the URI or the query string, that you want AWS WAF to inspect. * Later in the process, when you create a web ACL, you specify whether to allow or * block requests that appear to contain malicious SQL code.

*/ inline void SetSqliMatchStatement(SqliMatchStatement&& value) { m_sqliMatchStatementHasBeenSet = true; m_sqliMatchStatement = std::move(value); } /** *

Attackers sometimes insert malicious SQL code into web requests in an effort * to extract data from your database. To allow or block web requests that appear * to contain malicious SQL code, create one or more SQL injection match * conditions. An SQL injection match condition identifies the part of web * requests, such as the URI or the query string, that you want AWS WAF to inspect. * Later in the process, when you create a web ACL, you specify whether to allow or * block requests that appear to contain malicious SQL code.

*/ inline Statement& WithSqliMatchStatement(const SqliMatchStatement& value) { SetSqliMatchStatement(value); return *this;} /** *

Attackers sometimes insert malicious SQL code into web requests in an effort * to extract data from your database. To allow or block web requests that appear * to contain malicious SQL code, create one or more SQL injection match * conditions. An SQL injection match condition identifies the part of web * requests, such as the URI or the query string, that you want AWS WAF to inspect. * Later in the process, when you create a web ACL, you specify whether to allow or * block requests that appear to contain malicious SQL code.

*/ inline Statement& WithSqliMatchStatement(SqliMatchStatement&& value) { SetSqliMatchStatement(std::move(value)); return *this;} /** *

A rule statement that defines a cross-site scripting (XSS) match search for * AWS WAF to apply to web requests. XSS attacks are those where the attacker uses * vulnerabilities in a benign website as a vehicle to inject malicious client-site * scripts into other legitimate web browsers. The XSS match statement provides the * location in requests that you want AWS WAF to search and text transformations to * use on the search area before AWS WAF searches for character sequences that are * likely to be malicious strings.

*/ inline const XssMatchStatement& GetXssMatchStatement() const{ return m_xssMatchStatement; } /** *

A rule statement that defines a cross-site scripting (XSS) match search for * AWS WAF to apply to web requests. XSS attacks are those where the attacker uses * vulnerabilities in a benign website as a vehicle to inject malicious client-site * scripts into other legitimate web browsers. The XSS match statement provides the * location in requests that you want AWS WAF to search and text transformations to * use on the search area before AWS WAF searches for character sequences that are * likely to be malicious strings.

*/ inline bool XssMatchStatementHasBeenSet() const { return m_xssMatchStatementHasBeenSet; } /** *

A rule statement that defines a cross-site scripting (XSS) match search for * AWS WAF to apply to web requests. XSS attacks are those where the attacker uses * vulnerabilities in a benign website as a vehicle to inject malicious client-site * scripts into other legitimate web browsers. The XSS match statement provides the * location in requests that you want AWS WAF to search and text transformations to * use on the search area before AWS WAF searches for character sequences that are * likely to be malicious strings.

*/ inline void SetXssMatchStatement(const XssMatchStatement& value) { m_xssMatchStatementHasBeenSet = true; m_xssMatchStatement = value; } /** *

A rule statement that defines a cross-site scripting (XSS) match search for * AWS WAF to apply to web requests. XSS attacks are those where the attacker uses * vulnerabilities in a benign website as a vehicle to inject malicious client-site * scripts into other legitimate web browsers. The XSS match statement provides the * location in requests that you want AWS WAF to search and text transformations to * use on the search area before AWS WAF searches for character sequences that are * likely to be malicious strings.

*/ inline void SetXssMatchStatement(XssMatchStatement&& value) { m_xssMatchStatementHasBeenSet = true; m_xssMatchStatement = std::move(value); } /** *

A rule statement that defines a cross-site scripting (XSS) match search for * AWS WAF to apply to web requests. XSS attacks are those where the attacker uses * vulnerabilities in a benign website as a vehicle to inject malicious client-site * scripts into other legitimate web browsers. The XSS match statement provides the * location in requests that you want AWS WAF to search and text transformations to * use on the search area before AWS WAF searches for character sequences that are * likely to be malicious strings.

*/ inline Statement& WithXssMatchStatement(const XssMatchStatement& value) { SetXssMatchStatement(value); return *this;} /** *

A rule statement that defines a cross-site scripting (XSS) match search for * AWS WAF to apply to web requests. XSS attacks are those where the attacker uses * vulnerabilities in a benign website as a vehicle to inject malicious client-site * scripts into other legitimate web browsers. The XSS match statement provides the * location in requests that you want AWS WAF to search and text transformations to * use on the search area before AWS WAF searches for character sequences that are * likely to be malicious strings.

*/ inline Statement& WithXssMatchStatement(XssMatchStatement&& value) { SetXssMatchStatement(std::move(value)); return *this;} /** *

A rule statement that compares a number of bytes against the size of a * request component, using a comparison operator, such as greater than (>) or * less than (<). For example, you can use a size constraint statement to look * for query strings that are longer than 100 bytes.

If you configure AWS * WAF to inspect the request body, AWS WAF inspects only the first 8192 bytes (8 * KB). If the request body for your web requests never exceeds 8192 bytes, you can * create a size constraint condition and block requests that have a request body * greater than 8192 bytes.

If you choose URI for the value of Part of the * request to filter on, the slash (/) in the URI counts as one character. For * example, the URI /logo.jpg is nine characters long.

*/ inline const SizeConstraintStatement& GetSizeConstraintStatement() const{ return m_sizeConstraintStatement; } /** *

A rule statement that compares a number of bytes against the size of a * request component, using a comparison operator, such as greater than (>) or * less than (<). For example, you can use a size constraint statement to look * for query strings that are longer than 100 bytes.

If you configure AWS * WAF to inspect the request body, AWS WAF inspects only the first 8192 bytes (8 * KB). If the request body for your web requests never exceeds 8192 bytes, you can * create a size constraint condition and block requests that have a request body * greater than 8192 bytes.

If you choose URI for the value of Part of the * request to filter on, the slash (/) in the URI counts as one character. For * example, the URI /logo.jpg is nine characters long.

*/ inline bool SizeConstraintStatementHasBeenSet() const { return m_sizeConstraintStatementHasBeenSet; } /** *

A rule statement that compares a number of bytes against the size of a * request component, using a comparison operator, such as greater than (>) or * less than (<). For example, you can use a size constraint statement to look * for query strings that are longer than 100 bytes.

If you configure AWS * WAF to inspect the request body, AWS WAF inspects only the first 8192 bytes (8 * KB). If the request body for your web requests never exceeds 8192 bytes, you can * create a size constraint condition and block requests that have a request body * greater than 8192 bytes.

If you choose URI for the value of Part of the * request to filter on, the slash (/) in the URI counts as one character. For * example, the URI /logo.jpg is nine characters long.

*/ inline void SetSizeConstraintStatement(const SizeConstraintStatement& value) { m_sizeConstraintStatementHasBeenSet = true; m_sizeConstraintStatement = value; } /** *

A rule statement that compares a number of bytes against the size of a * request component, using a comparison operator, such as greater than (>) or * less than (<). For example, you can use a size constraint statement to look * for query strings that are longer than 100 bytes.

If you configure AWS * WAF to inspect the request body, AWS WAF inspects only the first 8192 bytes (8 * KB). If the request body for your web requests never exceeds 8192 bytes, you can * create a size constraint condition and block requests that have a request body * greater than 8192 bytes.

If you choose URI for the value of Part of the * request to filter on, the slash (/) in the URI counts as one character. For * example, the URI /logo.jpg is nine characters long.

*/ inline void SetSizeConstraintStatement(SizeConstraintStatement&& value) { m_sizeConstraintStatementHasBeenSet = true; m_sizeConstraintStatement = std::move(value); } /** *

A rule statement that compares a number of bytes against the size of a * request component, using a comparison operator, such as greater than (>) or * less than (<). For example, you can use a size constraint statement to look * for query strings that are longer than 100 bytes.

If you configure AWS * WAF to inspect the request body, AWS WAF inspects only the first 8192 bytes (8 * KB). If the request body for your web requests never exceeds 8192 bytes, you can * create a size constraint condition and block requests that have a request body * greater than 8192 bytes.

If you choose URI for the value of Part of the * request to filter on, the slash (/) in the URI counts as one character. For * example, the URI /logo.jpg is nine characters long.

*/ inline Statement& WithSizeConstraintStatement(const SizeConstraintStatement& value) { SetSizeConstraintStatement(value); return *this;} /** *

A rule statement that compares a number of bytes against the size of a * request component, using a comparison operator, such as greater than (>) or * less than (<). For example, you can use a size constraint statement to look * for query strings that are longer than 100 bytes.

If you configure AWS * WAF to inspect the request body, AWS WAF inspects only the first 8192 bytes (8 * KB). If the request body for your web requests never exceeds 8192 bytes, you can * create a size constraint condition and block requests that have a request body * greater than 8192 bytes.

If you choose URI for the value of Part of the * request to filter on, the slash (/) in the URI counts as one character. For * example, the URI /logo.jpg is nine characters long.

*/ inline Statement& WithSizeConstraintStatement(SizeConstraintStatement&& value) { SetSizeConstraintStatement(std::move(value)); return *this;} /** *

A rule statement used to identify web requests based on country of origin. *

*/ inline const GeoMatchStatement& GetGeoMatchStatement() const{ return m_geoMatchStatement; } /** *

A rule statement used to identify web requests based on country of origin. *

*/ inline bool GeoMatchStatementHasBeenSet() const { return m_geoMatchStatementHasBeenSet; } /** *

A rule statement used to identify web requests based on country of origin. *

*/ inline void SetGeoMatchStatement(const GeoMatchStatement& value) { m_geoMatchStatementHasBeenSet = true; m_geoMatchStatement = value; } /** *

A rule statement used to identify web requests based on country of origin. *

*/ inline void SetGeoMatchStatement(GeoMatchStatement&& value) { m_geoMatchStatementHasBeenSet = true; m_geoMatchStatement = std::move(value); } /** *

A rule statement used to identify web requests based on country of origin. *

*/ inline Statement& WithGeoMatchStatement(const GeoMatchStatement& value) { SetGeoMatchStatement(value); return *this;} /** *

A rule statement used to identify web requests based on country of origin. *

*/ inline Statement& WithGeoMatchStatement(GeoMatchStatement&& value) { SetGeoMatchStatement(std::move(value)); return *this;} /** *

A rule statement used to run the rules that are defined in a * RuleGroup. To use this, create a rule group with your rules, then provide * the ARN of the rule group in this statement.

You cannot nest a * RuleGroupReferenceStatement, for example for use inside a * NotStatement or OrStatement. It can only be referenced * as a top-level statement within a rule.

*/ inline const RuleGroupReferenceStatement& GetRuleGroupReferenceStatement() const{ return m_ruleGroupReferenceStatement; } /** *

A rule statement used to run the rules that are defined in a * RuleGroup. To use this, create a rule group with your rules, then provide * the ARN of the rule group in this statement.

You cannot nest a * RuleGroupReferenceStatement, for example for use inside a * NotStatement or OrStatement. It can only be referenced * as a top-level statement within a rule.

*/ inline bool RuleGroupReferenceStatementHasBeenSet() const { return m_ruleGroupReferenceStatementHasBeenSet; } /** *

A rule statement used to run the rules that are defined in a * RuleGroup. To use this, create a rule group with your rules, then provide * the ARN of the rule group in this statement.

You cannot nest a * RuleGroupReferenceStatement, for example for use inside a * NotStatement or OrStatement. It can only be referenced * as a top-level statement within a rule.

*/ inline void SetRuleGroupReferenceStatement(const RuleGroupReferenceStatement& value) { m_ruleGroupReferenceStatementHasBeenSet = true; m_ruleGroupReferenceStatement = value; } /** *

A rule statement used to run the rules that are defined in a * RuleGroup. To use this, create a rule group with your rules, then provide * the ARN of the rule group in this statement.

You cannot nest a * RuleGroupReferenceStatement, for example for use inside a * NotStatement or OrStatement. It can only be referenced * as a top-level statement within a rule.

*/ inline void SetRuleGroupReferenceStatement(RuleGroupReferenceStatement&& value) { m_ruleGroupReferenceStatementHasBeenSet = true; m_ruleGroupReferenceStatement = std::move(value); } /** *

A rule statement used to run the rules that are defined in a * RuleGroup. To use this, create a rule group with your rules, then provide * the ARN of the rule group in this statement.

You cannot nest a * RuleGroupReferenceStatement, for example for use inside a * NotStatement or OrStatement. It can only be referenced * as a top-level statement within a rule.

*/ inline Statement& WithRuleGroupReferenceStatement(const RuleGroupReferenceStatement& value) { SetRuleGroupReferenceStatement(value); return *this;} /** *

A rule statement used to run the rules that are defined in a * RuleGroup. To use this, create a rule group with your rules, then provide * the ARN of the rule group in this statement.

You cannot nest a * RuleGroupReferenceStatement, for example for use inside a * NotStatement or OrStatement. It can only be referenced * as a top-level statement within a rule.

*/ inline Statement& WithRuleGroupReferenceStatement(RuleGroupReferenceStatement&& value) { SetRuleGroupReferenceStatement(std::move(value)); return *this;} /** *

A rule statement used to detect web requests coming from particular IP * addresses or address ranges. To use this, create an IPSet that specifies * the addresses you want to detect, then use the ARN of that set in this * statement. To create an IP set, see CreateIPSet.

Each IP set rule * statement references an IP set. You create and maintain the set independent of * your rules. This allows you to use the single set in multiple rules. When you * update the referenced set, AWS WAF automatically updates all rules that * reference it.

*/ inline const IPSetReferenceStatement& GetIPSetReferenceStatement() const{ return m_iPSetReferenceStatement; } /** *

A rule statement used to detect web requests coming from particular IP * addresses or address ranges. To use this, create an IPSet that specifies * the addresses you want to detect, then use the ARN of that set in this * statement. To create an IP set, see CreateIPSet.

Each IP set rule * statement references an IP set. You create and maintain the set independent of * your rules. This allows you to use the single set in multiple rules. When you * update the referenced set, AWS WAF automatically updates all rules that * reference it.

*/ inline bool IPSetReferenceStatementHasBeenSet() const { return m_iPSetReferenceStatementHasBeenSet; } /** *

A rule statement used to detect web requests coming from particular IP * addresses or address ranges. To use this, create an IPSet that specifies * the addresses you want to detect, then use the ARN of that set in this * statement. To create an IP set, see CreateIPSet.

Each IP set rule * statement references an IP set. You create and maintain the set independent of * your rules. This allows you to use the single set in multiple rules. When you * update the referenced set, AWS WAF automatically updates all rules that * reference it.

*/ inline void SetIPSetReferenceStatement(const IPSetReferenceStatement& value) { m_iPSetReferenceStatementHasBeenSet = true; m_iPSetReferenceStatement = value; } /** *

A rule statement used to detect web requests coming from particular IP * addresses or address ranges. To use this, create an IPSet that specifies * the addresses you want to detect, then use the ARN of that set in this * statement. To create an IP set, see CreateIPSet.

Each IP set rule * statement references an IP set. You create and maintain the set independent of * your rules. This allows you to use the single set in multiple rules. When you * update the referenced set, AWS WAF automatically updates all rules that * reference it.

*/ inline void SetIPSetReferenceStatement(IPSetReferenceStatement&& value) { m_iPSetReferenceStatementHasBeenSet = true; m_iPSetReferenceStatement = std::move(value); } /** *

A rule statement used to detect web requests coming from particular IP * addresses or address ranges. To use this, create an IPSet that specifies * the addresses you want to detect, then use the ARN of that set in this * statement. To create an IP set, see CreateIPSet.

Each IP set rule * statement references an IP set. You create and maintain the set independent of * your rules. This allows you to use the single set in multiple rules. When you * update the referenced set, AWS WAF automatically updates all rules that * reference it.

*/ inline Statement& WithIPSetReferenceStatement(const IPSetReferenceStatement& value) { SetIPSetReferenceStatement(value); return *this;} /** *

A rule statement used to detect web requests coming from particular IP * addresses or address ranges. To use this, create an IPSet that specifies * the addresses you want to detect, then use the ARN of that set in this * statement. To create an IP set, see CreateIPSet.

Each IP set rule * statement references an IP set. You create and maintain the set independent of * your rules. This allows you to use the single set in multiple rules. When you * update the referenced set, AWS WAF automatically updates all rules that * reference it.

*/ inline Statement& WithIPSetReferenceStatement(IPSetReferenceStatement&& value) { SetIPSetReferenceStatement(std::move(value)); return *this;} /** *

A rule statement used to search web request components for matches with * regular expressions. To use this, create a RegexPatternSet that specifies * the expressions that you want to detect, then use the ARN of that set in this * statement. A web request matches the pattern set rule statement if the request * component matches any of the patterns in the set. To create a regex pattern set, * see CreateRegexPatternSet.

Each regex pattern set rule statement * references a regex pattern set. You create and maintain the set independent of * your rules. This allows you to use the single set in multiple rules. When you * update the referenced set, AWS WAF automatically updates all rules that * reference it.

*/ inline const RegexPatternSetReferenceStatement& GetRegexPatternSetReferenceStatement() const{ return m_regexPatternSetReferenceStatement; } /** *

A rule statement used to search web request components for matches with * regular expressions. To use this, create a RegexPatternSet that specifies * the expressions that you want to detect, then use the ARN of that set in this * statement. A web request matches the pattern set rule statement if the request * component matches any of the patterns in the set. To create a regex pattern set, * see CreateRegexPatternSet.

Each regex pattern set rule statement * references a regex pattern set. You create and maintain the set independent of * your rules. This allows you to use the single set in multiple rules. When you * update the referenced set, AWS WAF automatically updates all rules that * reference it.

*/ inline bool RegexPatternSetReferenceStatementHasBeenSet() const { return m_regexPatternSetReferenceStatementHasBeenSet; } /** *

A rule statement used to search web request components for matches with * regular expressions. To use this, create a RegexPatternSet that specifies * the expressions that you want to detect, then use the ARN of that set in this * statement. A web request matches the pattern set rule statement if the request * component matches any of the patterns in the set. To create a regex pattern set, * see CreateRegexPatternSet.

Each regex pattern set rule statement * references a regex pattern set. You create and maintain the set independent of * your rules. This allows you to use the single set in multiple rules. When you * update the referenced set, AWS WAF automatically updates all rules that * reference it.

*/ inline void SetRegexPatternSetReferenceStatement(const RegexPatternSetReferenceStatement& value) { m_regexPatternSetReferenceStatementHasBeenSet = true; m_regexPatternSetReferenceStatement = value; } /** *

A rule statement used to search web request components for matches with * regular expressions. To use this, create a RegexPatternSet that specifies * the expressions that you want to detect, then use the ARN of that set in this * statement. A web request matches the pattern set rule statement if the request * component matches any of the patterns in the set. To create a regex pattern set, * see CreateRegexPatternSet.

Each regex pattern set rule statement * references a regex pattern set. You create and maintain the set independent of * your rules. This allows you to use the single set in multiple rules. When you * update the referenced set, AWS WAF automatically updates all rules that * reference it.

*/ inline void SetRegexPatternSetReferenceStatement(RegexPatternSetReferenceStatement&& value) { m_regexPatternSetReferenceStatementHasBeenSet = true; m_regexPatternSetReferenceStatement = std::move(value); } /** *

A rule statement used to search web request components for matches with * regular expressions. To use this, create a RegexPatternSet that specifies * the expressions that you want to detect, then use the ARN of that set in this * statement. A web request matches the pattern set rule statement if the request * component matches any of the patterns in the set. To create a regex pattern set, * see CreateRegexPatternSet.

Each regex pattern set rule statement * references a regex pattern set. You create and maintain the set independent of * your rules. This allows you to use the single set in multiple rules. When you * update the referenced set, AWS WAF automatically updates all rules that * reference it.

*/ inline Statement& WithRegexPatternSetReferenceStatement(const RegexPatternSetReferenceStatement& value) { SetRegexPatternSetReferenceStatement(value); return *this;} /** *

A rule statement used to search web request components for matches with * regular expressions. To use this, create a RegexPatternSet that specifies * the expressions that you want to detect, then use the ARN of that set in this * statement. A web request matches the pattern set rule statement if the request * component matches any of the patterns in the set. To create a regex pattern set, * see CreateRegexPatternSet.

Each regex pattern set rule statement * references a regex pattern set. You create and maintain the set independent of * your rules. This allows you to use the single set in multiple rules. When you * update the referenced set, AWS WAF automatically updates all rules that * reference it.

*/ inline Statement& WithRegexPatternSetReferenceStatement(RegexPatternSetReferenceStatement&& value) { SetRegexPatternSetReferenceStatement(std::move(value)); return *this;} /** *

A rate-based rule tracks the rate of requests for each originating IP * address, and triggers the rule action when the rate exceeds a limit that you * specify on the number of requests in any 5-minute time span. You can use this to * put a temporary block on requests from an IP address that is sending excessive * requests.

When the rule action triggers, AWS WAF blocks additional * requests from the IP address until the request rate falls below the limit.

*

You can optionally nest another statement inside the rate-based statement, to * narrow the scope of the rule so that it only counts requests that match the * nested statement. For example, based on recent requests that you have seen from * an attacker, you might create a rate-based rule with a nested AND rule statement * that contains the following nested statements:

  • An IP match * statement with an IP set that specified the address 192.0.2.44.

  • *

    A string match statement that searches in the User-Agent header for the * string BadBot.

In this rate-based rule, you also define a * rate limit. For this example, the rate limit is 1,000. Requests that meet both * of the conditions in the statements are counted. If the count exceeds 1,000 * requests per five minutes, the rule action triggers. Requests that do not meet * both conditions are not counted towards the rate limit and are not affected by * this rule.

You cannot nest a RateBasedStatement, for example * for use inside a NotStatement or OrStatement. It can * only be referenced as a top-level statement within a rule.

*/ const RateBasedStatement& GetRateBasedStatement() const; /** *

A rate-based rule tracks the rate of requests for each originating IP * address, and triggers the rule action when the rate exceeds a limit that you * specify on the number of requests in any 5-minute time span. You can use this to * put a temporary block on requests from an IP address that is sending excessive * requests.

When the rule action triggers, AWS WAF blocks additional * requests from the IP address until the request rate falls below the limit.

*

You can optionally nest another statement inside the rate-based statement, to * narrow the scope of the rule so that it only counts requests that match the * nested statement. For example, based on recent requests that you have seen from * an attacker, you might create a rate-based rule with a nested AND rule statement * that contains the following nested statements:

  • An IP match * statement with an IP set that specified the address 192.0.2.44.

  • *

    A string match statement that searches in the User-Agent header for the * string BadBot.

In this rate-based rule, you also define a * rate limit. For this example, the rate limit is 1,000. Requests that meet both * of the conditions in the statements are counted. If the count exceeds 1,000 * requests per five minutes, the rule action triggers. Requests that do not meet * both conditions are not counted towards the rate limit and are not affected by * this rule.

You cannot nest a RateBasedStatement, for example * for use inside a NotStatement or OrStatement. It can * only be referenced as a top-level statement within a rule.

*/ bool RateBasedStatementHasBeenSet() const; /** *

A rate-based rule tracks the rate of requests for each originating IP * address, and triggers the rule action when the rate exceeds a limit that you * specify on the number of requests in any 5-minute time span. You can use this to * put a temporary block on requests from an IP address that is sending excessive * requests.

When the rule action triggers, AWS WAF blocks additional * requests from the IP address until the request rate falls below the limit.

*

You can optionally nest another statement inside the rate-based statement, to * narrow the scope of the rule so that it only counts requests that match the * nested statement. For example, based on recent requests that you have seen from * an attacker, you might create a rate-based rule with a nested AND rule statement * that contains the following nested statements:

  • An IP match * statement with an IP set that specified the address 192.0.2.44.

  • *

    A string match statement that searches in the User-Agent header for the * string BadBot.

In this rate-based rule, you also define a * rate limit. For this example, the rate limit is 1,000. Requests that meet both * of the conditions in the statements are counted. If the count exceeds 1,000 * requests per five minutes, the rule action triggers. Requests that do not meet * both conditions are not counted towards the rate limit and are not affected by * this rule.

You cannot nest a RateBasedStatement, for example * for use inside a NotStatement or OrStatement. It can * only be referenced as a top-level statement within a rule.

*/ void SetRateBasedStatement(const RateBasedStatement& value); /** *

A rate-based rule tracks the rate of requests for each originating IP * address, and triggers the rule action when the rate exceeds a limit that you * specify on the number of requests in any 5-minute time span. You can use this to * put a temporary block on requests from an IP address that is sending excessive * requests.

When the rule action triggers, AWS WAF blocks additional * requests from the IP address until the request rate falls below the limit.

*

You can optionally nest another statement inside the rate-based statement, to * narrow the scope of the rule so that it only counts requests that match the * nested statement. For example, based on recent requests that you have seen from * an attacker, you might create a rate-based rule with a nested AND rule statement * that contains the following nested statements:

  • An IP match * statement with an IP set that specified the address 192.0.2.44.

  • *

    A string match statement that searches in the User-Agent header for the * string BadBot.

In this rate-based rule, you also define a * rate limit. For this example, the rate limit is 1,000. Requests that meet both * of the conditions in the statements are counted. If the count exceeds 1,000 * requests per five minutes, the rule action triggers. Requests that do not meet * both conditions are not counted towards the rate limit and are not affected by * this rule.

You cannot nest a RateBasedStatement, for example * for use inside a NotStatement or OrStatement. It can * only be referenced as a top-level statement within a rule.

*/ void SetRateBasedStatement(RateBasedStatement&& value); /** *

A rate-based rule tracks the rate of requests for each originating IP * address, and triggers the rule action when the rate exceeds a limit that you * specify on the number of requests in any 5-minute time span. You can use this to * put a temporary block on requests from an IP address that is sending excessive * requests.

When the rule action triggers, AWS WAF blocks additional * requests from the IP address until the request rate falls below the limit.

*

You can optionally nest another statement inside the rate-based statement, to * narrow the scope of the rule so that it only counts requests that match the * nested statement. For example, based on recent requests that you have seen from * an attacker, you might create a rate-based rule with a nested AND rule statement * that contains the following nested statements:

  • An IP match * statement with an IP set that specified the address 192.0.2.44.

  • *

    A string match statement that searches in the User-Agent header for the * string BadBot.

In this rate-based rule, you also define a * rate limit. For this example, the rate limit is 1,000. Requests that meet both * of the conditions in the statements are counted. If the count exceeds 1,000 * requests per five minutes, the rule action triggers. Requests that do not meet * both conditions are not counted towards the rate limit and are not affected by * this rule.

You cannot nest a RateBasedStatement, for example * for use inside a NotStatement or OrStatement. It can * only be referenced as a top-level statement within a rule.

*/ Statement& WithRateBasedStatement(const RateBasedStatement& value); /** *

A rate-based rule tracks the rate of requests for each originating IP * address, and triggers the rule action when the rate exceeds a limit that you * specify on the number of requests in any 5-minute time span. You can use this to * put a temporary block on requests from an IP address that is sending excessive * requests.

When the rule action triggers, AWS WAF blocks additional * requests from the IP address until the request rate falls below the limit.

*

You can optionally nest another statement inside the rate-based statement, to * narrow the scope of the rule so that it only counts requests that match the * nested statement. For example, based on recent requests that you have seen from * an attacker, you might create a rate-based rule with a nested AND rule statement * that contains the following nested statements:

  • An IP match * statement with an IP set that specified the address 192.0.2.44.

  • *

    A string match statement that searches in the User-Agent header for the * string BadBot.

In this rate-based rule, you also define a * rate limit. For this example, the rate limit is 1,000. Requests that meet both * of the conditions in the statements are counted. If the count exceeds 1,000 * requests per five minutes, the rule action triggers. Requests that do not meet * both conditions are not counted towards the rate limit and are not affected by * this rule.

You cannot nest a RateBasedStatement, for example * for use inside a NotStatement or OrStatement. It can * only be referenced as a top-level statement within a rule.

*/ Statement& WithRateBasedStatement(RateBasedStatement&& value); /** *

A logical rule statement used to combine other rule statements with AND * logic. You provide more than one Statement within the * AndStatement.

*/ inline const AndStatement& GetAndStatement() const{ return m_andStatement; } /** *

A logical rule statement used to combine other rule statements with AND * logic. You provide more than one Statement within the * AndStatement.

*/ inline bool AndStatementHasBeenSet() const { return m_andStatementHasBeenSet; } /** *

A logical rule statement used to combine other rule statements with AND * logic. You provide more than one Statement within the * AndStatement.

*/ inline void SetAndStatement(const AndStatement& value) { m_andStatementHasBeenSet = true; m_andStatement = value; } /** *

A logical rule statement used to combine other rule statements with AND * logic. You provide more than one Statement within the * AndStatement.

*/ inline void SetAndStatement(AndStatement&& value) { m_andStatementHasBeenSet = true; m_andStatement = std::move(value); } /** *

A logical rule statement used to combine other rule statements with AND * logic. You provide more than one Statement within the * AndStatement.

*/ inline Statement& WithAndStatement(const AndStatement& value) { SetAndStatement(value); return *this;} /** *

A logical rule statement used to combine other rule statements with AND * logic. You provide more than one Statement within the * AndStatement.

*/ inline Statement& WithAndStatement(AndStatement&& value) { SetAndStatement(std::move(value)); return *this;} /** *

A logical rule statement used to combine other rule statements with OR logic. * You provide more than one Statement within the OrStatement. *

*/ inline const OrStatement& GetOrStatement() const{ return m_orStatement; } /** *

A logical rule statement used to combine other rule statements with OR logic. * You provide more than one Statement within the OrStatement. *

*/ inline bool OrStatementHasBeenSet() const { return m_orStatementHasBeenSet; } /** *

A logical rule statement used to combine other rule statements with OR logic. * You provide more than one Statement within the OrStatement. *

*/ inline void SetOrStatement(const OrStatement& value) { m_orStatementHasBeenSet = true; m_orStatement = value; } /** *

A logical rule statement used to combine other rule statements with OR logic. * You provide more than one Statement within the OrStatement. *

*/ inline void SetOrStatement(OrStatement&& value) { m_orStatementHasBeenSet = true; m_orStatement = std::move(value); } /** *

A logical rule statement used to combine other rule statements with OR logic. * You provide more than one Statement within the OrStatement. *

*/ inline Statement& WithOrStatement(const OrStatement& value) { SetOrStatement(value); return *this;} /** *

A logical rule statement used to combine other rule statements with OR logic. * You provide more than one Statement within the OrStatement. *

*/ inline Statement& WithOrStatement(OrStatement&& value) { SetOrStatement(std::move(value)); return *this;} /** *

A logical rule statement used to negate the results of another rule * statement. You provide one Statement within the * NotStatement.

*/ const NotStatement& GetNotStatement() const; /** *

A logical rule statement used to negate the results of another rule * statement. You provide one Statement within the * NotStatement.

*/ bool NotStatementHasBeenSet() const; /** *

A logical rule statement used to negate the results of another rule * statement. You provide one Statement within the * NotStatement.

*/ void SetNotStatement(const NotStatement& value); /** *

A logical rule statement used to negate the results of another rule * statement. You provide one Statement within the * NotStatement.

*/ void SetNotStatement(NotStatement&& value); /** *

A logical rule statement used to negate the results of another rule * statement. You provide one Statement within the * NotStatement.

*/ Statement& WithNotStatement(const NotStatement& value); /** *

A logical rule statement used to negate the results of another rule * statement. You provide one Statement within the * NotStatement.

*/ Statement& WithNotStatement(NotStatement&& value); /** *

A rule statement used to run the rules that are defined in a managed rule * group. To use this, provide the vendor name and the name of the rule group in * this statement. You can retrieve the required names by calling * ListAvailableManagedRuleGroups.

You can't nest a * ManagedRuleGroupStatement, for example for use inside a * NotStatement or OrStatement. It can only be referenced * as a top-level statement within a rule.

*/ inline const ManagedRuleGroupStatement& GetManagedRuleGroupStatement() const{ return m_managedRuleGroupStatement; } /** *

A rule statement used to run the rules that are defined in a managed rule * group. To use this, provide the vendor name and the name of the rule group in * this statement. You can retrieve the required names by calling * ListAvailableManagedRuleGroups.

You can't nest a * ManagedRuleGroupStatement, for example for use inside a * NotStatement or OrStatement. It can only be referenced * as a top-level statement within a rule.

*/ inline bool ManagedRuleGroupStatementHasBeenSet() const { return m_managedRuleGroupStatementHasBeenSet; } /** *

A rule statement used to run the rules that are defined in a managed rule * group. To use this, provide the vendor name and the name of the rule group in * this statement. You can retrieve the required names by calling * ListAvailableManagedRuleGroups.

You can't nest a * ManagedRuleGroupStatement, for example for use inside a * NotStatement or OrStatement. It can only be referenced * as a top-level statement within a rule.

*/ inline void SetManagedRuleGroupStatement(const ManagedRuleGroupStatement& value) { m_managedRuleGroupStatementHasBeenSet = true; m_managedRuleGroupStatement = value; } /** *

A rule statement used to run the rules that are defined in a managed rule * group. To use this, provide the vendor name and the name of the rule group in * this statement. You can retrieve the required names by calling * ListAvailableManagedRuleGroups.

You can't nest a * ManagedRuleGroupStatement, for example for use inside a * NotStatement or OrStatement. It can only be referenced * as a top-level statement within a rule.

*/ inline void SetManagedRuleGroupStatement(ManagedRuleGroupStatement&& value) { m_managedRuleGroupStatementHasBeenSet = true; m_managedRuleGroupStatement = std::move(value); } /** *

A rule statement used to run the rules that are defined in a managed rule * group. To use this, provide the vendor name and the name of the rule group in * this statement. You can retrieve the required names by calling * ListAvailableManagedRuleGroups.

You can't nest a * ManagedRuleGroupStatement, for example for use inside a * NotStatement or OrStatement. It can only be referenced * as a top-level statement within a rule.

*/ inline Statement& WithManagedRuleGroupStatement(const ManagedRuleGroupStatement& value) { SetManagedRuleGroupStatement(value); return *this;} /** *

A rule statement used to run the rules that are defined in a managed rule * group. To use this, provide the vendor name and the name of the rule group in * this statement. You can retrieve the required names by calling * ListAvailableManagedRuleGroups.

You can't nest a * ManagedRuleGroupStatement, for example for use inside a * NotStatement or OrStatement. It can only be referenced * as a top-level statement within a rule.

*/ inline Statement& WithManagedRuleGroupStatement(ManagedRuleGroupStatement&& value) { SetManagedRuleGroupStatement(std::move(value)); return *this;} private: ByteMatchStatement m_byteMatchStatement; bool m_byteMatchStatementHasBeenSet; SqliMatchStatement m_sqliMatchStatement; bool m_sqliMatchStatementHasBeenSet; XssMatchStatement m_xssMatchStatement; bool m_xssMatchStatementHasBeenSet; SizeConstraintStatement m_sizeConstraintStatement; bool m_sizeConstraintStatementHasBeenSet; GeoMatchStatement m_geoMatchStatement; bool m_geoMatchStatementHasBeenSet; RuleGroupReferenceStatement m_ruleGroupReferenceStatement; bool m_ruleGroupReferenceStatementHasBeenSet; IPSetReferenceStatement m_iPSetReferenceStatement; bool m_iPSetReferenceStatementHasBeenSet; RegexPatternSetReferenceStatement m_regexPatternSetReferenceStatement; bool m_regexPatternSetReferenceStatementHasBeenSet; Aws::Vector m_rateBasedStatement; bool m_rateBasedStatementHasBeenSet; AndStatement m_andStatement; bool m_andStatementHasBeenSet; OrStatement m_orStatement; bool m_orStatementHasBeenSet; Aws::Vector m_notStatement; bool m_notStatementHasBeenSet; ManagedRuleGroupStatement m_managedRuleGroupStatement; bool m_managedRuleGroupStatementHasBeenSet; }; } // namespace Model } // namespace WAFV2 } // namespace Aws