import * as wafv2 from "aws-cdk-lib/aws-wafv2";
const wafAclCloudFront = new wafv2.CfnWebACL(scope,id,props)
The constructor signature for above
CfnWebACL.constructor(scope: constructs.Construct,id: string,props: CfnWebACLProps)
Where CfnWebACLProps are defined as shown below as per https://docs.aws.amazon.com/cdk/api/v2/docs/aws-cdk-lib.aws_waf.CfnWebACLProps.html
const cfnWebACLProps: waf.CfnWebACLProps = {
defaultAction: {
type: 'type',
},
metricName: 'metricName',
name: 'name',
// the properties below are optional
rules: [{
priority: 123,
ruleId: 'ruleId',
// the properties below are optional
action: {
type: 'type',
},
}],
};
But then in my global waf2.generated.d.ts file, I see :
export interface CfnWebACLProps {
/**
* The action to perform if none of the `Rules` contained in the `WebACL` match.
*
* @link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-wafv2-webacl.html#cfn-wafv2-webacl-defaultaction
*/
readonly defaultAction: CfnWebACL.DefaultActionProperty | cdk.IResolvable;
/**
* Specifies whether this is for an Amazon CloudFront distribution or for a regional application. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, or an AWS AppSync GraphQL API. Valid Values are `CLOUDFRONT` and `REGIONAL` .
*
* > For `CLOUDFRONT` , you must create your WAFv2 resources in the US East (N. Virginia) Region, `us-east-1` .
*
* For information about how to define the association of the web ACL with your resource, see `WebACLAssociation` .
*
* @link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-wafv2-webacl.html#cfn-wafv2-webacl-scope
*/
readonly scope: string;
/**
* Defines and enables Amazon CloudWatch metrics and web request sample collection.
*
* @link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-wafv2-webacl.html#cfn-wafv2-webacl-visibilityconfig
*/
readonly visibilityConfig: CfnWebACL.VisibilityConfigProperty | cdk.IResolvable;
/**
* Specifies how AWS WAF should handle `CAPTCHA` evaluations for rules that don't have their own `CaptchaConfig` settings. If you don't specify this, AWS WAF uses its default settings for `CaptchaConfig` .
*
* @link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-wafv2-webacl.html#cfn-wafv2-webacl-captchaconfig
*/
readonly captchaConfig?: CfnWebACL.CaptchaConfigProperty | cdk.IResolvable;
/**
* A map of custom response keys and content bodies. When you create a rule with a block action, you can send a custom response to the web request. You define these for the web ACL, and then use them in the rules and default actions that you define in the web ACL.
*
* For information about customizing web requests and responses, see [Customizing web requests and responses in AWS WAF](https://docs.aws.amazon.com/waf/latest/developerguide/waf-custom-request-response.html) in the [AWS WAF Developer Guide](https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html) .
*
* For information about the limits on count and size for custom request and response settings, see [AWS WAF quotas](https://docs.aws.amazon.com/waf/latest/developerguide/limits.html) in the [AWS WAF Developer Guide](https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html) .
*
* @link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-wafv2-webacl.html#cfn-wafv2-webacl-customresponsebodies
*/
readonly customResponseBodies?: {
[key: string]: (CfnWebACL.CustomResponseBodyProperty | cdk.IResolvable);
} | cdk.IResolvable;
/**
* A description of the web ACL that helps with identification.
*
* @link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-wafv2-webacl.html#cfn-wafv2-webacl-description
*/
readonly description?: string;
/**
* The name of the web ACL. You cannot change the name of a web ACL after you create it.
*
* @link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-wafv2-webacl.html#cfn-wafv2-webacl-name
*/
readonly name?: string;
/**
* The rule statements used to identify the web requests that you want to allow, block, or count. Each rule includes one top-level statement that AWS WAF uses to identify matching web requests, and parameters that govern how AWS WAF handles them.
*
* @link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-wafv2-webacl.html#cfn-wafv2-webacl-rules
*/
readonly rules?: Array<CfnWebACL.RuleProperty | cdk.IResolvable> | cdk.IResolvable;
/**
* Key:value pairs associated with an AWS resource. The key:value pair can be anything you define. Typically, the tag key represents a category (such as "environment") and the tag value represents a specific value within that category (such as "test," "development," or "production"). You can add up to 50 tags to each AWS resource.
*
* > To modify tags on existing resources, use the AWS WAF APIs or command line interface. With AWS CloudFormation , you can only add tags to AWS WAF resources during resource creation.
*
* @link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-wafv2-webacl.html#cfn-wafv2-webacl-tags
*/
readonly tags?: cdk.CfnTag[];
}
Why interface CfnWebACLProps differs
CodePudding user response:
Because the documentation link in the question refers to aws-waf
, and you're using aws-wafv2
, which is different. Here's the documentation on CfnWebACLProps
in aws-wafv2
, which matches the generated code you're seeing.