Skip to content
Alchemy
GitHubXDiscord

Rule

The Rule resource allows you to manage AWS WAF Rules for protecting your web applications from common web exploits.

Minimal Example

Section titled “Minimal Example”

Create a basic WAF Rule with required properties and one optional predicate:

import AWS from "alchemy/aws/control";


const basicRule = await AWS.WAF.Rule("basicWafRule", {
  name: "BasicWafRule",
  metricName: "BasicWafMetric",
  predicates: [
    {
      dataId: "examplePredicateId",
      negated: false,
      type: "IPMatch"
    }
  ]
});

Advanced Configuration

Section titled “Advanced Configuration”

Configure a WAF Rule with multiple predicates to define more complex matching conditions:

const advancedRule = await AWS.WAF.Rule("advancedWafRule", {
  name: "AdvancedWafRule",
  metricName: "AdvancedWafMetric",
  predicates: [
    {
      dataId: "exampleIPMatchId",
      negated: false,
      type: "IPMatch"
    },
    {
      dataId: "exampleSizeConstraintId",
      negated: true,
      type: "SizeConstraint"
    }
  ]
});

Adoption of Existing Rules

Section titled “Adoption of Existing Rules”

If you want to adopt an existing WAF Rule instead of creating a new one, set the adopt property to true:

const adoptExistingRule = await AWS.WAF.Rule("adoptExistingWafRule", {
  name: "ExistingWafRule",
  metricName: "ExistingWafMetric",
  adopt: true
});

Combining Multiple Conditions

Section titled “Combining Multiple Conditions”

Create a rule that combines multiple conditions with both IP and size constraints:

const combinedRule = await AWS.WAF.Rule("combinedWafRule", {
  name: "CombinedWafRule",
  metricName: "CombinedWafMetric",
  predicates: [
    {
      dataId: "exampleIPMatchId",
      negated: false,
      type: "IPMatch"
    },
    {
      dataId: "exampleSizeConstraintId",
      negated: false,
      type: "SizeConstraint"
    },
    {
      dataId: "exampleRegexPatternSetId",
      negated: true,
      type: "RegexMatch"
    }
  ]
});