{-# LANGUAGE DeriveGeneric #-}
{-# LANGUAGE DuplicateRecordFields #-}
{-# LANGUAGE NamedFieldPuns #-}
{-# LANGUAGE OverloadedStrings #-}
{-# LANGUAGE RecordWildCards #-}
{-# LANGUAGE StrictData #-}
{-# LANGUAGE NoImplicitPrelude #-}
{-# OPTIONS_GHC -fno-warn-unused-imports #-}
{-# OPTIONS_GHC -fno-warn-unused-matches #-}

-- Derived from AWS service descriptions, licensed under Apache 2.0.

-- |
-- Module      : Amazonka.WAF.Types.ActivatedRule
-- Copyright   : (c) 2013-2021 Brendan Hay
-- License     : Mozilla Public License, v. 2.0.
-- Maintainer  : Brendan Hay <brendan.g.hay+amazonka@gmail.com>
-- Stability   : auto-generated
-- Portability : non-portable (GHC extensions)
module Amazonka.WAF.Types.ActivatedRule where

import qualified Amazonka.Core as Core
import qualified Amazonka.Lens as Lens
import qualified Amazonka.Prelude as Prelude
import Amazonka.WAF.Types.ExcludedRule
import Amazonka.WAF.Types.WafAction
import Amazonka.WAF.Types.WafOverrideAction
import Amazonka.WAF.Types.WafRuleType

-- | This is __AWS WAF Classic__ documentation. For more information, see
-- <https://docs.aws.amazon.com/waf/latest/developerguide/classic-waf-chapter.html AWS WAF Classic>
-- in the developer guide.
--
-- __For the latest version of AWS WAF__, use the AWS WAFV2 API and see the
-- <https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html AWS WAF Developer Guide>.
-- With the latest version, AWS WAF has a single set of endpoints for
-- regional and global use.
--
-- The @ActivatedRule@ object in an UpdateWebACL request specifies a @Rule@
-- that you want to insert or delete, the priority of the @Rule@ in the
-- @WebACL@, and the action that you want AWS WAF to take when a web
-- request matches the @Rule@ (@ALLOW@, @BLOCK@, or @COUNT@).
--
-- To specify whether to insert or delete a @Rule@, use the @Action@
-- parameter in the WebACLUpdate data type.
--
-- /See:/ 'newActivatedRule' smart constructor.
data ActivatedRule = ActivatedRule'
  { -- | Use the @OverrideAction@ to test your @RuleGroup@.
    --
    -- Any rule in a @RuleGroup@ can potentially block a request. If you set
    -- the @OverrideAction@ to @None@, the @RuleGroup@ will block a request if
    -- any individual rule in the @RuleGroup@ matches the request and is
    -- configured to block that request. However if you first want to test the
    -- @RuleGroup@, set the @OverrideAction@ to @Count@. The @RuleGroup@ will
    -- then override any block action specified by individual rules contained
    -- within the group. Instead of blocking matching requests, those requests
    -- will be counted. You can view a record of counted requests using
    -- GetSampledRequests.
    --
    -- @ActivatedRule|OverrideAction@ applies only when updating or adding a
    -- @RuleGroup@ to a @WebACL@. In this case you do not use
    -- @ActivatedRule|Action@. For all other update requests,
    -- @ActivatedRule|Action@ is used instead of
    -- @ActivatedRule|OverrideAction@.
    ActivatedRule -> Maybe WafOverrideAction
overrideAction :: Prelude.Maybe WafOverrideAction,
    -- | Specifies the action that CloudFront or AWS WAF takes when a web request
    -- matches the conditions in the @Rule@. Valid values for @Action@ include
    -- the following:
    --
    -- -   @ALLOW@: CloudFront responds with the requested object.
    --
    -- -   @BLOCK@: CloudFront responds with an HTTP 403 (Forbidden) status
    --     code.
    --
    -- -   @COUNT@: AWS WAF increments a counter of requests that match the
    --     conditions in the rule and then continues to inspect the web request
    --     based on the remaining rules in the web ACL.
    --
    -- @ActivatedRule|OverrideAction@ applies only when updating or adding a
    -- @RuleGroup@ to a @WebACL@. In this case, you do not use
    -- @ActivatedRule|Action@. For all other update requests,
    -- @ActivatedRule|Action@ is used instead of
    -- @ActivatedRule|OverrideAction@.
    ActivatedRule -> Maybe WafAction
action :: Prelude.Maybe WafAction,
    -- | An array of rules to exclude from a rule group. This is applicable only
    -- when the @ActivatedRule@ refers to a @RuleGroup@.
    --
    -- Sometimes it is necessary to troubleshoot rule groups that are blocking
    -- traffic unexpectedly (false positives). One troubleshooting technique is
    -- to identify the specific rule within the rule group that is blocking the
    -- legitimate traffic and then disable (exclude) that particular rule. You
    -- can exclude rules from both your own rule groups and AWS Marketplace
    -- rule groups that have been associated with a web ACL.
    --
    -- Specifying @ExcludedRules@ does not remove those rules from the rule
    -- group. Rather, it changes the action for the rules to @COUNT@.
    -- Therefore, requests that match an @ExcludedRule@ are counted but not
    -- blocked. The @RuleGroup@ owner will receive COUNT metrics for each
    -- @ExcludedRule@.
    --
    -- If you want to exclude rules from a rule group that is already
    -- associated with a web ACL, perform the following steps:
    --
    -- 1.  Use the AWS WAF logs to identify the IDs of the rules that you want
    --     to exclude. For more information about the logs, see
    --     <https://docs.aws.amazon.com/waf/latest/developerguide/logging.html Logging Web ACL Traffic Information>.
    --
    -- 2.  Submit an UpdateWebACL request that has two actions:
    --
    --     -   The first action deletes the existing rule group from the web
    --         ACL. That is, in the UpdateWebACL request, the first
    --         @Updates:Action@ should be @DELETE@ and
    --         @Updates:ActivatedRule:RuleId@ should be the rule group that
    --         contains the rules that you want to exclude.
    --
    --     -   The second action inserts the same rule group back in, but
    --         specifying the rules to exclude. That is, the second
    --         @Updates:Action@ should be @INSERT@,
    --         @Updates:ActivatedRule:RuleId@ should be the rule group that you
    --         just removed, and @ExcludedRules@ should contain the rules that
    --         you want to exclude.
    ActivatedRule -> Maybe [ExcludedRule]
excludedRules :: Prelude.Maybe [ExcludedRule],
    -- | The rule type, either @REGULAR@, as defined by Rule, @RATE_BASED@, as
    -- defined by RateBasedRule, or @GROUP@, as defined by RuleGroup. The
    -- default is REGULAR. Although this field is optional, be aware that if
    -- you try to add a RATE_BASED rule to a web ACL without setting the type,
    -- the UpdateWebACL request will fail because the request tries to add a
    -- REGULAR rule with the specified ID, which does not exist.
    ActivatedRule -> Maybe WafRuleType
type' :: Prelude.Maybe WafRuleType,
    -- | Specifies the order in which the @Rules@ in a @WebACL@ are evaluated.
    -- Rules with a lower value for @Priority@ are evaluated before @Rules@
    -- with a higher value. The value must be a unique integer. If you add
    -- multiple @Rules@ to a @WebACL@, the values don\'t need to be
    -- consecutive.
    ActivatedRule -> Int
priority :: Prelude.Int,
    -- | The @RuleId@ for a @Rule@. You use @RuleId@ to get more information
    -- about a @Rule@ (see GetRule), update a @Rule@ (see UpdateRule), insert a
    -- @Rule@ into a @WebACL@ or delete a one from a @WebACL@ (see
    -- UpdateWebACL), or delete a @Rule@ from AWS WAF (see DeleteRule).
    --
    -- @RuleId@ is returned by CreateRule and by ListRules.
    ActivatedRule -> Text
ruleId :: Prelude.Text
  }
  deriving (ActivatedRule -> ActivatedRule -> Bool
(ActivatedRule -> ActivatedRule -> Bool)
-> (ActivatedRule -> ActivatedRule -> Bool) -> Eq ActivatedRule
forall a. (a -> a -> Bool) -> (a -> a -> Bool) -> Eq a
/= :: ActivatedRule -> ActivatedRule -> Bool
$c/= :: ActivatedRule -> ActivatedRule -> Bool
== :: ActivatedRule -> ActivatedRule -> Bool
$c== :: ActivatedRule -> ActivatedRule -> Bool
Prelude.Eq, ReadPrec [ActivatedRule]
ReadPrec ActivatedRule
Int -> ReadS ActivatedRule
ReadS [ActivatedRule]
(Int -> ReadS ActivatedRule)
-> ReadS [ActivatedRule]
-> ReadPrec ActivatedRule
-> ReadPrec [ActivatedRule]
-> Read ActivatedRule
forall a.
(Int -> ReadS a)
-> ReadS [a] -> ReadPrec a -> ReadPrec [a] -> Read a
readListPrec :: ReadPrec [ActivatedRule]
$creadListPrec :: ReadPrec [ActivatedRule]
readPrec :: ReadPrec ActivatedRule
$creadPrec :: ReadPrec ActivatedRule
readList :: ReadS [ActivatedRule]
$creadList :: ReadS [ActivatedRule]
readsPrec :: Int -> ReadS ActivatedRule
$creadsPrec :: Int -> ReadS ActivatedRule
Prelude.Read, Int -> ActivatedRule -> ShowS
[ActivatedRule] -> ShowS
ActivatedRule -> String
(Int -> ActivatedRule -> ShowS)
-> (ActivatedRule -> String)
-> ([ActivatedRule] -> ShowS)
-> Show ActivatedRule
forall a.
(Int -> a -> ShowS) -> (a -> String) -> ([a] -> ShowS) -> Show a
showList :: [ActivatedRule] -> ShowS
$cshowList :: [ActivatedRule] -> ShowS
show :: ActivatedRule -> String
$cshow :: ActivatedRule -> String
showsPrec :: Int -> ActivatedRule -> ShowS
$cshowsPrec :: Int -> ActivatedRule -> ShowS
Prelude.Show, (forall x. ActivatedRule -> Rep ActivatedRule x)
-> (forall x. Rep ActivatedRule x -> ActivatedRule)
-> Generic ActivatedRule
forall x. Rep ActivatedRule x -> ActivatedRule
forall x. ActivatedRule -> Rep ActivatedRule x
forall a.
(forall x. a -> Rep a x) -> (forall x. Rep a x -> a) -> Generic a
$cto :: forall x. Rep ActivatedRule x -> ActivatedRule
$cfrom :: forall x. ActivatedRule -> Rep ActivatedRule x
Prelude.Generic)

-- |
-- Create a value of 'ActivatedRule' with all optional fields omitted.
--
-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
--
-- The following record fields are available, with the corresponding lenses provided
-- for backwards compatibility:
--
-- 'overrideAction', 'activatedRule_overrideAction' - Use the @OverrideAction@ to test your @RuleGroup@.
--
-- Any rule in a @RuleGroup@ can potentially block a request. If you set
-- the @OverrideAction@ to @None@, the @RuleGroup@ will block a request if
-- any individual rule in the @RuleGroup@ matches the request and is
-- configured to block that request. However if you first want to test the
-- @RuleGroup@, set the @OverrideAction@ to @Count@. The @RuleGroup@ will
-- then override any block action specified by individual rules contained
-- within the group. Instead of blocking matching requests, those requests
-- will be counted. You can view a record of counted requests using
-- GetSampledRequests.
--
-- @ActivatedRule|OverrideAction@ applies only when updating or adding a
-- @RuleGroup@ to a @WebACL@. In this case you do not use
-- @ActivatedRule|Action@. For all other update requests,
-- @ActivatedRule|Action@ is used instead of
-- @ActivatedRule|OverrideAction@.
--
-- 'action', 'activatedRule_action' - Specifies the action that CloudFront or AWS WAF takes when a web request
-- matches the conditions in the @Rule@. Valid values for @Action@ include
-- the following:
--
-- -   @ALLOW@: CloudFront responds with the requested object.
--
-- -   @BLOCK@: CloudFront responds with an HTTP 403 (Forbidden) status
--     code.
--
-- -   @COUNT@: AWS WAF increments a counter of requests that match the
--     conditions in the rule and then continues to inspect the web request
--     based on the remaining rules in the web ACL.
--
-- @ActivatedRule|OverrideAction@ applies only when updating or adding a
-- @RuleGroup@ to a @WebACL@. In this case, you do not use
-- @ActivatedRule|Action@. For all other update requests,
-- @ActivatedRule|Action@ is used instead of
-- @ActivatedRule|OverrideAction@.
--
-- 'excludedRules', 'activatedRule_excludedRules' - An array of rules to exclude from a rule group. This is applicable only
-- when the @ActivatedRule@ refers to a @RuleGroup@.
--
-- Sometimes it is necessary to troubleshoot rule groups that are blocking
-- traffic unexpectedly (false positives). One troubleshooting technique is
-- to identify the specific rule within the rule group that is blocking the
-- legitimate traffic and then disable (exclude) that particular rule. You
-- can exclude rules from both your own rule groups and AWS Marketplace
-- rule groups that have been associated with a web ACL.
--
-- Specifying @ExcludedRules@ does not remove those rules from the rule
-- group. Rather, it changes the action for the rules to @COUNT@.
-- Therefore, requests that match an @ExcludedRule@ are counted but not
-- blocked. The @RuleGroup@ owner will receive COUNT metrics for each
-- @ExcludedRule@.
--
-- If you want to exclude rules from a rule group that is already
-- associated with a web ACL, perform the following steps:
--
-- 1.  Use the AWS WAF logs to identify the IDs of the rules that you want
--     to exclude. For more information about the logs, see
--     <https://docs.aws.amazon.com/waf/latest/developerguide/logging.html Logging Web ACL Traffic Information>.
--
-- 2.  Submit an UpdateWebACL request that has two actions:
--
--     -   The first action deletes the existing rule group from the web
--         ACL. That is, in the UpdateWebACL request, the first
--         @Updates:Action@ should be @DELETE@ and
--         @Updates:ActivatedRule:RuleId@ should be the rule group that
--         contains the rules that you want to exclude.
--
--     -   The second action inserts the same rule group back in, but
--         specifying the rules to exclude. That is, the second
--         @Updates:Action@ should be @INSERT@,
--         @Updates:ActivatedRule:RuleId@ should be the rule group that you
--         just removed, and @ExcludedRules@ should contain the rules that
--         you want to exclude.
--
-- 'type'', 'activatedRule_type' - The rule type, either @REGULAR@, as defined by Rule, @RATE_BASED@, as
-- defined by RateBasedRule, or @GROUP@, as defined by RuleGroup. The
-- default is REGULAR. Although this field is optional, be aware that if
-- you try to add a RATE_BASED rule to a web ACL without setting the type,
-- the UpdateWebACL request will fail because the request tries to add a
-- REGULAR rule with the specified ID, which does not exist.
--
-- 'priority', 'activatedRule_priority' - Specifies the order in which the @Rules@ in a @WebACL@ are evaluated.
-- Rules with a lower value for @Priority@ are evaluated before @Rules@
-- with a higher value. The value must be a unique integer. If you add
-- multiple @Rules@ to a @WebACL@, the values don\'t need to be
-- consecutive.
--
-- 'ruleId', 'activatedRule_ruleId' - The @RuleId@ for a @Rule@. You use @RuleId@ to get more information
-- about a @Rule@ (see GetRule), update a @Rule@ (see UpdateRule), insert a
-- @Rule@ into a @WebACL@ or delete a one from a @WebACL@ (see
-- UpdateWebACL), or delete a @Rule@ from AWS WAF (see DeleteRule).
--
-- @RuleId@ is returned by CreateRule and by ListRules.
newActivatedRule ::
  -- | 'priority'
  Prelude.Int ->
  -- | 'ruleId'
  Prelude.Text ->
  ActivatedRule
newActivatedRule :: Int -> Text -> ActivatedRule
newActivatedRule Int
pPriority_ Text
pRuleId_ =
  ActivatedRule' :: Maybe WafOverrideAction
-> Maybe WafAction
-> Maybe [ExcludedRule]
-> Maybe WafRuleType
-> Int
-> Text
-> ActivatedRule
ActivatedRule'
    { $sel:overrideAction:ActivatedRule' :: Maybe WafOverrideAction
overrideAction = Maybe WafOverrideAction
forall a. Maybe a
Prelude.Nothing,
      $sel:action:ActivatedRule' :: Maybe WafAction
action = Maybe WafAction
forall a. Maybe a
Prelude.Nothing,
      $sel:excludedRules:ActivatedRule' :: Maybe [ExcludedRule]
excludedRules = Maybe [ExcludedRule]
forall a. Maybe a
Prelude.Nothing,
      $sel:type':ActivatedRule' :: Maybe WafRuleType
type' = Maybe WafRuleType
forall a. Maybe a
Prelude.Nothing,
      $sel:priority:ActivatedRule' :: Int
priority = Int
pPriority_,
      $sel:ruleId:ActivatedRule' :: Text
ruleId = Text
pRuleId_
    }

-- | Use the @OverrideAction@ to test your @RuleGroup@.
--
-- Any rule in a @RuleGroup@ can potentially block a request. If you set
-- the @OverrideAction@ to @None@, the @RuleGroup@ will block a request if
-- any individual rule in the @RuleGroup@ matches the request and is
-- configured to block that request. However if you first want to test the
-- @RuleGroup@, set the @OverrideAction@ to @Count@. The @RuleGroup@ will
-- then override any block action specified by individual rules contained
-- within the group. Instead of blocking matching requests, those requests
-- will be counted. You can view a record of counted requests using
-- GetSampledRequests.
--
-- @ActivatedRule|OverrideAction@ applies only when updating or adding a
-- @RuleGroup@ to a @WebACL@. In this case you do not use
-- @ActivatedRule|Action@. For all other update requests,
-- @ActivatedRule|Action@ is used instead of
-- @ActivatedRule|OverrideAction@.
activatedRule_overrideAction :: Lens.Lens' ActivatedRule (Prelude.Maybe WafOverrideAction)
activatedRule_overrideAction :: (Maybe WafOverrideAction -> f (Maybe WafOverrideAction))
-> ActivatedRule -> f ActivatedRule
activatedRule_overrideAction = (ActivatedRule -> Maybe WafOverrideAction)
-> (ActivatedRule -> Maybe WafOverrideAction -> ActivatedRule)
-> Lens
     ActivatedRule
     ActivatedRule
     (Maybe WafOverrideAction)
     (Maybe WafOverrideAction)
forall s a b t. (s -> a) -> (s -> b -> t) -> Lens s t a b
Lens.lens (\ActivatedRule' {Maybe WafOverrideAction
overrideAction :: Maybe WafOverrideAction
$sel:overrideAction:ActivatedRule' :: ActivatedRule -> Maybe WafOverrideAction
overrideAction} -> Maybe WafOverrideAction
overrideAction) (\s :: ActivatedRule
s@ActivatedRule' {} Maybe WafOverrideAction
a -> ActivatedRule
s {$sel:overrideAction:ActivatedRule' :: Maybe WafOverrideAction
overrideAction = Maybe WafOverrideAction
a} :: ActivatedRule)

-- | Specifies the action that CloudFront or AWS WAF takes when a web request
-- matches the conditions in the @Rule@. Valid values for @Action@ include
-- the following:
--
-- -   @ALLOW@: CloudFront responds with the requested object.
--
-- -   @BLOCK@: CloudFront responds with an HTTP 403 (Forbidden) status
--     code.
--
-- -   @COUNT@: AWS WAF increments a counter of requests that match the
--     conditions in the rule and then continues to inspect the web request
--     based on the remaining rules in the web ACL.
--
-- @ActivatedRule|OverrideAction@ applies only when updating or adding a
-- @RuleGroup@ to a @WebACL@. In this case, you do not use
-- @ActivatedRule|Action@. For all other update requests,
-- @ActivatedRule|Action@ is used instead of
-- @ActivatedRule|OverrideAction@.
activatedRule_action :: Lens.Lens' ActivatedRule (Prelude.Maybe WafAction)
activatedRule_action :: (Maybe WafAction -> f (Maybe WafAction))
-> ActivatedRule -> f ActivatedRule
activatedRule_action = (ActivatedRule -> Maybe WafAction)
-> (ActivatedRule -> Maybe WafAction -> ActivatedRule)
-> Lens
     ActivatedRule ActivatedRule (Maybe WafAction) (Maybe WafAction)
forall s a b t. (s -> a) -> (s -> b -> t) -> Lens s t a b
Lens.lens (\ActivatedRule' {Maybe WafAction
action :: Maybe WafAction
$sel:action:ActivatedRule' :: ActivatedRule -> Maybe WafAction
action} -> Maybe WafAction
action) (\s :: ActivatedRule
s@ActivatedRule' {} Maybe WafAction
a -> ActivatedRule
s {$sel:action:ActivatedRule' :: Maybe WafAction
action = Maybe WafAction
a} :: ActivatedRule)

-- | An array of rules to exclude from a rule group. This is applicable only
-- when the @ActivatedRule@ refers to a @RuleGroup@.
--
-- Sometimes it is necessary to troubleshoot rule groups that are blocking
-- traffic unexpectedly (false positives). One troubleshooting technique is
-- to identify the specific rule within the rule group that is blocking the
-- legitimate traffic and then disable (exclude) that particular rule. You
-- can exclude rules from both your own rule groups and AWS Marketplace
-- rule groups that have been associated with a web ACL.
--
-- Specifying @ExcludedRules@ does not remove those rules from the rule
-- group. Rather, it changes the action for the rules to @COUNT@.
-- Therefore, requests that match an @ExcludedRule@ are counted but not
-- blocked. The @RuleGroup@ owner will receive COUNT metrics for each
-- @ExcludedRule@.
--
-- If you want to exclude rules from a rule group that is already
-- associated with a web ACL, perform the following steps:
--
-- 1.  Use the AWS WAF logs to identify the IDs of the rules that you want
--     to exclude. For more information about the logs, see
--     <https://docs.aws.amazon.com/waf/latest/developerguide/logging.html Logging Web ACL Traffic Information>.
--
-- 2.  Submit an UpdateWebACL request that has two actions:
--
--     -   The first action deletes the existing rule group from the web
--         ACL. That is, in the UpdateWebACL request, the first
--         @Updates:Action@ should be @DELETE@ and
--         @Updates:ActivatedRule:RuleId@ should be the rule group that
--         contains the rules that you want to exclude.
--
--     -   The second action inserts the same rule group back in, but
--         specifying the rules to exclude. That is, the second
--         @Updates:Action@ should be @INSERT@,
--         @Updates:ActivatedRule:RuleId@ should be the rule group that you
--         just removed, and @ExcludedRules@ should contain the rules that
--         you want to exclude.
activatedRule_excludedRules :: Lens.Lens' ActivatedRule (Prelude.Maybe [ExcludedRule])
activatedRule_excludedRules :: (Maybe [ExcludedRule] -> f (Maybe [ExcludedRule]))
-> ActivatedRule -> f ActivatedRule
activatedRule_excludedRules = (ActivatedRule -> Maybe [ExcludedRule])
-> (ActivatedRule -> Maybe [ExcludedRule] -> ActivatedRule)
-> Lens
     ActivatedRule
     ActivatedRule
     (Maybe [ExcludedRule])
     (Maybe [ExcludedRule])
forall s a b t. (s -> a) -> (s -> b -> t) -> Lens s t a b
Lens.lens (\ActivatedRule' {Maybe [ExcludedRule]
excludedRules :: Maybe [ExcludedRule]
$sel:excludedRules:ActivatedRule' :: ActivatedRule -> Maybe [ExcludedRule]
excludedRules} -> Maybe [ExcludedRule]
excludedRules) (\s :: ActivatedRule
s@ActivatedRule' {} Maybe [ExcludedRule]
a -> ActivatedRule
s {$sel:excludedRules:ActivatedRule' :: Maybe [ExcludedRule]
excludedRules = Maybe [ExcludedRule]
a} :: ActivatedRule) ((Maybe [ExcludedRule] -> f (Maybe [ExcludedRule]))
 -> ActivatedRule -> f ActivatedRule)
-> ((Maybe [ExcludedRule] -> f (Maybe [ExcludedRule]))
    -> Maybe [ExcludedRule] -> f (Maybe [ExcludedRule]))
-> (Maybe [ExcludedRule] -> f (Maybe [ExcludedRule]))
-> ActivatedRule
-> f ActivatedRule
forall b c a. (b -> c) -> (a -> b) -> a -> c
Prelude.. AnIso [ExcludedRule] [ExcludedRule] [ExcludedRule] [ExcludedRule]
-> Iso
     (Maybe [ExcludedRule])
     (Maybe [ExcludedRule])
     (Maybe [ExcludedRule])
     (Maybe [ExcludedRule])
forall (f :: * -> *) (g :: * -> *) s t a b.
(Functor f, Functor g) =>
AnIso s t a b -> Iso (f s) (g t) (f a) (g b)
Lens.mapping AnIso [ExcludedRule] [ExcludedRule] [ExcludedRule] [ExcludedRule]
forall s t a b. (Coercible s a, Coercible t b) => Iso s t a b
Lens.coerced

-- | The rule type, either @REGULAR@, as defined by Rule, @RATE_BASED@, as
-- defined by RateBasedRule, or @GROUP@, as defined by RuleGroup. The
-- default is REGULAR. Although this field is optional, be aware that if
-- you try to add a RATE_BASED rule to a web ACL without setting the type,
-- the UpdateWebACL request will fail because the request tries to add a
-- REGULAR rule with the specified ID, which does not exist.
activatedRule_type :: Lens.Lens' ActivatedRule (Prelude.Maybe WafRuleType)
activatedRule_type :: (Maybe WafRuleType -> f (Maybe WafRuleType))
-> ActivatedRule -> f ActivatedRule
activatedRule_type = (ActivatedRule -> Maybe WafRuleType)
-> (ActivatedRule -> Maybe WafRuleType -> ActivatedRule)
-> Lens
     ActivatedRule ActivatedRule (Maybe WafRuleType) (Maybe WafRuleType)
forall s a b t. (s -> a) -> (s -> b -> t) -> Lens s t a b
Lens.lens (\ActivatedRule' {Maybe WafRuleType
type' :: Maybe WafRuleType
$sel:type':ActivatedRule' :: ActivatedRule -> Maybe WafRuleType
type'} -> Maybe WafRuleType
type') (\s :: ActivatedRule
s@ActivatedRule' {} Maybe WafRuleType
a -> ActivatedRule
s {$sel:type':ActivatedRule' :: Maybe WafRuleType
type' = Maybe WafRuleType
a} :: ActivatedRule)

-- | Specifies the order in which the @Rules@ in a @WebACL@ are evaluated.
-- Rules with a lower value for @Priority@ are evaluated before @Rules@
-- with a higher value. The value must be a unique integer. If you add
-- multiple @Rules@ to a @WebACL@, the values don\'t need to be
-- consecutive.
activatedRule_priority :: Lens.Lens' ActivatedRule Prelude.Int
activatedRule_priority :: (Int -> f Int) -> ActivatedRule -> f ActivatedRule
activatedRule_priority = (ActivatedRule -> Int)
-> (ActivatedRule -> Int -> ActivatedRule)
-> Lens ActivatedRule ActivatedRule Int Int
forall s a b t. (s -> a) -> (s -> b -> t) -> Lens s t a b
Lens.lens (\ActivatedRule' {Int
priority :: Int
$sel:priority:ActivatedRule' :: ActivatedRule -> Int
priority} -> Int
priority) (\s :: ActivatedRule
s@ActivatedRule' {} Int
a -> ActivatedRule
s {$sel:priority:ActivatedRule' :: Int
priority = Int
a} :: ActivatedRule)

-- | The @RuleId@ for a @Rule@. You use @RuleId@ to get more information
-- about a @Rule@ (see GetRule), update a @Rule@ (see UpdateRule), insert a
-- @Rule@ into a @WebACL@ or delete a one from a @WebACL@ (see
-- UpdateWebACL), or delete a @Rule@ from AWS WAF (see DeleteRule).
--
-- @RuleId@ is returned by CreateRule and by ListRules.
activatedRule_ruleId :: Lens.Lens' ActivatedRule Prelude.Text
activatedRule_ruleId :: (Text -> f Text) -> ActivatedRule -> f ActivatedRule
activatedRule_ruleId = (ActivatedRule -> Text)
-> (ActivatedRule -> Text -> ActivatedRule)
-> Lens ActivatedRule ActivatedRule Text Text
forall s a b t. (s -> a) -> (s -> b -> t) -> Lens s t a b
Lens.lens (\ActivatedRule' {Text
ruleId :: Text
$sel:ruleId:ActivatedRule' :: ActivatedRule -> Text
ruleId} -> Text
ruleId) (\s :: ActivatedRule
s@ActivatedRule' {} Text
a -> ActivatedRule
s {$sel:ruleId:ActivatedRule' :: Text
ruleId = Text
a} :: ActivatedRule)

instance Core.FromJSON ActivatedRule where
  parseJSON :: Value -> Parser ActivatedRule
parseJSON =
    String
-> (Object -> Parser ActivatedRule)
-> Value
-> Parser ActivatedRule
forall a. String -> (Object -> Parser a) -> Value -> Parser a
Core.withObject
      String
"ActivatedRule"
      ( \Object
x ->
          Maybe WafOverrideAction
-> Maybe WafAction
-> Maybe [ExcludedRule]
-> Maybe WafRuleType
-> Int
-> Text
-> ActivatedRule
ActivatedRule'
            (Maybe WafOverrideAction
 -> Maybe WafAction
 -> Maybe [ExcludedRule]
 -> Maybe WafRuleType
 -> Int
 -> Text
 -> ActivatedRule)
-> Parser (Maybe WafOverrideAction)
-> Parser
     (Maybe WafAction
      -> Maybe [ExcludedRule]
      -> Maybe WafRuleType
      -> Int
      -> Text
      -> ActivatedRule)
forall (f :: * -> *) a b. Functor f => (a -> b) -> f a -> f b
Prelude.<$> (Object
x Object -> Text -> Parser (Maybe WafOverrideAction)
forall a. FromJSON a => Object -> Text -> Parser (Maybe a)
Core..:? Text
"OverrideAction")
            Parser
  (Maybe WafAction
   -> Maybe [ExcludedRule]
   -> Maybe WafRuleType
   -> Int
   -> Text
   -> ActivatedRule)
-> Parser (Maybe WafAction)
-> Parser
     (Maybe [ExcludedRule]
      -> Maybe WafRuleType -> Int -> Text -> ActivatedRule)
forall (f :: * -> *) a b. Applicative f => f (a -> b) -> f a -> f b
Prelude.<*> (Object
x Object -> Text -> Parser (Maybe WafAction)
forall a. FromJSON a => Object -> Text -> Parser (Maybe a)
Core..:? Text
"Action")
            Parser
  (Maybe [ExcludedRule]
   -> Maybe WafRuleType -> Int -> Text -> ActivatedRule)
-> Parser (Maybe [ExcludedRule])
-> Parser (Maybe WafRuleType -> Int -> Text -> ActivatedRule)
forall (f :: * -> *) a b. Applicative f => f (a -> b) -> f a -> f b
Prelude.<*> (Object
x Object -> Text -> Parser (Maybe (Maybe [ExcludedRule]))
forall a. FromJSON a => Object -> Text -> Parser (Maybe a)
Core..:? Text
"ExcludedRules" Parser (Maybe (Maybe [ExcludedRule]))
-> Maybe [ExcludedRule] -> Parser (Maybe [ExcludedRule])
forall a. Parser (Maybe a) -> a -> Parser a
Core..!= Maybe [ExcludedRule]
forall a. Monoid a => a
Prelude.mempty)
            Parser (Maybe WafRuleType -> Int -> Text -> ActivatedRule)
-> Parser (Maybe WafRuleType)
-> Parser (Int -> Text -> ActivatedRule)
forall (f :: * -> *) a b. Applicative f => f (a -> b) -> f a -> f b
Prelude.<*> (Object
x Object -> Text -> Parser (Maybe WafRuleType)
forall a. FromJSON a => Object -> Text -> Parser (Maybe a)
Core..:? Text
"Type")
            Parser (Int -> Text -> ActivatedRule)
-> Parser Int -> Parser (Text -> ActivatedRule)
forall (f :: * -> *) a b. Applicative f => f (a -> b) -> f a -> f b
Prelude.<*> (Object
x Object -> Text -> Parser Int
forall a. FromJSON a => Object -> Text -> Parser a
Core..: Text
"Priority")
            Parser (Text -> ActivatedRule)
-> Parser Text -> Parser ActivatedRule
forall (f :: * -> *) a b. Applicative f => f (a -> b) -> f a -> f b
Prelude.<*> (Object
x Object -> Text -> Parser Text
forall a. FromJSON a => Object -> Text -> Parser a
Core..: Text
"RuleId")
      )

instance Prelude.Hashable ActivatedRule

instance Prelude.NFData ActivatedRule

instance Core.ToJSON ActivatedRule where
  toJSON :: ActivatedRule -> Value
toJSON ActivatedRule' {Int
Maybe [ExcludedRule]
Maybe WafAction
Maybe WafOverrideAction
Maybe WafRuleType
Text
ruleId :: Text
priority :: Int
type' :: Maybe WafRuleType
excludedRules :: Maybe [ExcludedRule]
action :: Maybe WafAction
overrideAction :: Maybe WafOverrideAction
$sel:ruleId:ActivatedRule' :: ActivatedRule -> Text
$sel:priority:ActivatedRule' :: ActivatedRule -> Int
$sel:type':ActivatedRule' :: ActivatedRule -> Maybe WafRuleType
$sel:excludedRules:ActivatedRule' :: ActivatedRule -> Maybe [ExcludedRule]
$sel:action:ActivatedRule' :: ActivatedRule -> Maybe WafAction
$sel:overrideAction:ActivatedRule' :: ActivatedRule -> Maybe WafOverrideAction
..} =
    [Pair] -> Value
Core.object
      ( [Maybe Pair] -> [Pair]
forall a. [Maybe a] -> [a]
Prelude.catMaybes
          [ (Text
"OverrideAction" Text -> WafOverrideAction -> Pair
forall kv v. (KeyValue kv, ToJSON v) => Text -> v -> kv
Core..=)
              (WafOverrideAction -> Pair)
-> Maybe WafOverrideAction -> Maybe Pair
forall (f :: * -> *) a b. Functor f => (a -> b) -> f a -> f b
Prelude.<$> Maybe WafOverrideAction
overrideAction,
            (Text
"Action" Text -> WafAction -> Pair
forall kv v. (KeyValue kv, ToJSON v) => Text -> v -> kv
Core..=) (WafAction -> Pair) -> Maybe WafAction -> Maybe Pair
forall (f :: * -> *) a b. Functor f => (a -> b) -> f a -> f b
Prelude.<$> Maybe WafAction
action,
            (Text
"ExcludedRules" Text -> [ExcludedRule] -> Pair
forall kv v. (KeyValue kv, ToJSON v) => Text -> v -> kv
Core..=) ([ExcludedRule] -> Pair) -> Maybe [ExcludedRule] -> Maybe Pair
forall (f :: * -> *) a b. Functor f => (a -> b) -> f a -> f b
Prelude.<$> Maybe [ExcludedRule]
excludedRules,
            (Text
"Type" Text -> WafRuleType -> Pair
forall kv v. (KeyValue kv, ToJSON v) => Text -> v -> kv
Core..=) (WafRuleType -> Pair) -> Maybe WafRuleType -> Maybe Pair
forall (f :: * -> *) a b. Functor f => (a -> b) -> f a -> f b
Prelude.<$> Maybe WafRuleType
type',
            Pair -> Maybe Pair
forall a. a -> Maybe a
Prelude.Just (Text
"Priority" Text -> Int -> Pair
forall kv v. (KeyValue kv, ToJSON v) => Text -> v -> kv
Core..= Int
priority),
            Pair -> Maybe Pair
forall a. a -> Maybe a
Prelude.Just (Text
"RuleId" Text -> Text -> Pair
forall kv v. (KeyValue kv, ToJSON v) => Text -> v -> kv
Core..= Text
ruleId)
          ]
      )