line |
stmt |
bran |
cond |
sub |
pod |
time |
code |
1
|
|
|
|
|
|
|
package Paws::WAF::RateBasedRule; |
2
|
1
|
|
|
1
|
|
453
|
use Moose; |
|
1
|
|
|
|
|
4
|
|
|
1
|
|
|
|
|
8
|
|
3
|
|
|
|
|
|
|
has MatchPredicates => (is => 'ro', isa => 'ArrayRef[Paws::WAF::Predicate]', required => 1); |
4
|
|
|
|
|
|
|
has MetricName => (is => 'ro', isa => 'Str'); |
5
|
|
|
|
|
|
|
has Name => (is => 'ro', isa => 'Str'); |
6
|
|
|
|
|
|
|
has RateKey => (is => 'ro', isa => 'Str', required => 1); |
7
|
|
|
|
|
|
|
has RateLimit => (is => 'ro', isa => 'Int', required => 1); |
8
|
|
|
|
|
|
|
has RuleId => (is => 'ro', isa => 'Str', required => 1); |
9
|
|
|
|
|
|
|
1; |
10
|
|
|
|
|
|
|
|
11
|
|
|
|
|
|
|
### main pod documentation begin ### |
12
|
|
|
|
|
|
|
|
13
|
|
|
|
|
|
|
=head1 NAME |
14
|
|
|
|
|
|
|
|
15
|
|
|
|
|
|
|
Paws::WAF::RateBasedRule |
16
|
|
|
|
|
|
|
|
17
|
|
|
|
|
|
|
=head1 USAGE |
18
|
|
|
|
|
|
|
|
19
|
|
|
|
|
|
|
This class represents one of two things: |
20
|
|
|
|
|
|
|
|
21
|
|
|
|
|
|
|
=head3 Arguments in a call to a service |
22
|
|
|
|
|
|
|
|
23
|
|
|
|
|
|
|
Use the attributes of this class as arguments to methods. You shouldn't make instances of this class. |
24
|
|
|
|
|
|
|
Each attribute should be used as a named argument in the calls that expect this type of object. |
25
|
|
|
|
|
|
|
|
26
|
|
|
|
|
|
|
As an example, if Att1 is expected to be a Paws::WAF::RateBasedRule object: |
27
|
|
|
|
|
|
|
|
28
|
|
|
|
|
|
|
$service_obj->Method(Att1 => { MatchPredicates => $value, ..., RuleId => $value }); |
29
|
|
|
|
|
|
|
|
30
|
|
|
|
|
|
|
=head3 Results returned from an API call |
31
|
|
|
|
|
|
|
|
32
|
|
|
|
|
|
|
Use accessors for each attribute. If Att1 is expected to be an Paws::WAF::RateBasedRule object: |
33
|
|
|
|
|
|
|
|
34
|
|
|
|
|
|
|
$result = $service_obj->Method(...); |
35
|
|
|
|
|
|
|
$result->Att1->MatchPredicates |
36
|
|
|
|
|
|
|
|
37
|
|
|
|
|
|
|
=head1 DESCRIPTION |
38
|
|
|
|
|
|
|
|
39
|
|
|
|
|
|
|
A C<RateBasedRule> is identical to a regular Rule, with one addition: a |
40
|
|
|
|
|
|
|
C<RateBasedRule> counts the number of requests that arrive from a |
41
|
|
|
|
|
|
|
specified IP address every five minutes. For example, based on recent |
42
|
|
|
|
|
|
|
requests that you've seen from an attacker, you might create a |
43
|
|
|
|
|
|
|
C<RateBasedRule> that includes the following conditions: |
44
|
|
|
|
|
|
|
|
45
|
|
|
|
|
|
|
=over |
46
|
|
|
|
|
|
|
|
47
|
|
|
|
|
|
|
=item * |
48
|
|
|
|
|
|
|
|
49
|
|
|
|
|
|
|
The requests come from 192.0.2.44. |
50
|
|
|
|
|
|
|
|
51
|
|
|
|
|
|
|
=item * |
52
|
|
|
|
|
|
|
|
53
|
|
|
|
|
|
|
They contain the value C<BadBot> in the C<User-Agent> header. |
54
|
|
|
|
|
|
|
|
55
|
|
|
|
|
|
|
=back |
56
|
|
|
|
|
|
|
|
57
|
|
|
|
|
|
|
In the rule, you also define the rate limit as 15,000. |
58
|
|
|
|
|
|
|
|
59
|
|
|
|
|
|
|
Requests that meet both of these conditions and exceed 15,000 requests |
60
|
|
|
|
|
|
|
every five minutes trigger the rule's action (block or count), which is |
61
|
|
|
|
|
|
|
defined in the web ACL. |
62
|
|
|
|
|
|
|
|
63
|
|
|
|
|
|
|
=head1 ATTRIBUTES |
64
|
|
|
|
|
|
|
|
65
|
|
|
|
|
|
|
|
66
|
|
|
|
|
|
|
=head2 B<REQUIRED> MatchPredicates => ArrayRef[L<Paws::WAF::Predicate>] |
67
|
|
|
|
|
|
|
|
68
|
|
|
|
|
|
|
The C<Predicates> object contains one C<Predicate> element for each |
69
|
|
|
|
|
|
|
ByteMatchSet, IPSet, or SqlInjectionMatchSet object that you want to |
70
|
|
|
|
|
|
|
include in a C<RateBasedRule>. |
71
|
|
|
|
|
|
|
|
72
|
|
|
|
|
|
|
|
73
|
|
|
|
|
|
|
=head2 MetricName => Str |
74
|
|
|
|
|
|
|
|
75
|
|
|
|
|
|
|
A friendly name or description for the metrics for a C<RateBasedRule>. |
76
|
|
|
|
|
|
|
The name can contain only alphanumeric characters (A-Z, a-z, 0-9); the |
77
|
|
|
|
|
|
|
name can't contain whitespace. You can't change the name of the metric |
78
|
|
|
|
|
|
|
after you create the C<RateBasedRule>. |
79
|
|
|
|
|
|
|
|
80
|
|
|
|
|
|
|
|
81
|
|
|
|
|
|
|
=head2 Name => Str |
82
|
|
|
|
|
|
|
|
83
|
|
|
|
|
|
|
A friendly name or description for a C<RateBasedRule>. You can't change |
84
|
|
|
|
|
|
|
the name of a C<RateBasedRule> after you create it. |
85
|
|
|
|
|
|
|
|
86
|
|
|
|
|
|
|
|
87
|
|
|
|
|
|
|
=head2 B<REQUIRED> RateKey => Str |
88
|
|
|
|
|
|
|
|
89
|
|
|
|
|
|
|
The field that AWS WAF uses to determine if requests are likely |
90
|
|
|
|
|
|
|
arriving from single source and thus subject to rate monitoring. The |
91
|
|
|
|
|
|
|
only valid value for C<RateKey> is C<IP>. C<IP> indicates that requests |
92
|
|
|
|
|
|
|
arriving from the same IP address are subject to the C<RateLimit> that |
93
|
|
|
|
|
|
|
is specified in the C<RateBasedRule>. |
94
|
|
|
|
|
|
|
|
95
|
|
|
|
|
|
|
|
96
|
|
|
|
|
|
|
=head2 B<REQUIRED> RateLimit => Int |
97
|
|
|
|
|
|
|
|
98
|
|
|
|
|
|
|
The maximum number of requests, which have an identical value in the |
99
|
|
|
|
|
|
|
field specified by the C<RateKey>, allowed in a five-minute period. If |
100
|
|
|
|
|
|
|
the number of requests exceeds the C<RateLimit> and the other |
101
|
|
|
|
|
|
|
predicates specified in the rule are also met, AWS WAF triggers the |
102
|
|
|
|
|
|
|
action that is specified for this rule. |
103
|
|
|
|
|
|
|
|
104
|
|
|
|
|
|
|
|
105
|
|
|
|
|
|
|
=head2 B<REQUIRED> RuleId => Str |
106
|
|
|
|
|
|
|
|
107
|
|
|
|
|
|
|
A unique identifier for a C<RateBasedRule>. You use C<RuleId> to get |
108
|
|
|
|
|
|
|
more information about a C<RateBasedRule> (see GetRateBasedRule), |
109
|
|
|
|
|
|
|
update a C<RateBasedRule> (see UpdateRateBasedRule), insert a |
110
|
|
|
|
|
|
|
C<RateBasedRule> into a C<WebACL> or delete one from a C<WebACL> (see |
111
|
|
|
|
|
|
|
UpdateWebACL), or delete a C<RateBasedRule> from AWS WAF (see |
112
|
|
|
|
|
|
|
DeleteRateBasedRule). |
113
|
|
|
|
|
|
|
|
114
|
|
|
|
|
|
|
|
115
|
|
|
|
|
|
|
|
116
|
|
|
|
|
|
|
=head1 SEE ALSO |
117
|
|
|
|
|
|
|
|
118
|
|
|
|
|
|
|
This class forms part of L<Paws>, describing an object used in L<Paws::WAF> |
119
|
|
|
|
|
|
|
|
120
|
|
|
|
|
|
|
=head1 BUGS and CONTRIBUTIONS |
121
|
|
|
|
|
|
|
|
122
|
|
|
|
|
|
|
The source code is located here: https://github.com/pplu/aws-sdk-perl |
123
|
|
|
|
|
|
|
|
124
|
|
|
|
|
|
|
Please report bugs to: https://github.com/pplu/aws-sdk-perl/issues |
125
|
|
|
|
|
|
|
|
126
|
|
|
|
|
|
|
=cut |
127
|
|
|
|
|
|
|
|