{-# LANGUAGE DeriveGeneric #-}
{-# LANGUAGE DuplicateRecordFields #-}
{-# LANGUAGE NamedFieldPuns #-}
{-# LANGUAGE OverloadedStrings #-}
{-# LANGUAGE RecordWildCards #-}
{-# LANGUAGE StrictData #-}
{-# LANGUAGE NoImplicitPrelude #-}
{-# OPTIONS_GHC -fno-warn-unused-imports #-}
{-# OPTIONS_GHC -fno-warn-unused-matches #-}

-- Derived from AWS service descriptions, licensed under Apache 2.0.

-- |
-- Module      : Amazonka.WAF.Types.RateBasedRule
-- Copyright   : (c) 2013-2021 Brendan Hay
-- License     : Mozilla Public License, v. 2.0.
-- Maintainer  : Brendan Hay <brendan.g.hay+amazonka@gmail.com>
-- Stability   : auto-generated
-- Portability : non-portable (GHC extensions)
module Amazonka.WAF.Types.RateBasedRule where

import qualified Amazonka.Core as Core
import qualified Amazonka.Lens as Lens
import qualified Amazonka.Prelude as Prelude
import Amazonka.WAF.Types.Predicate
import Amazonka.WAF.Types.RateKey

-- | This is __AWS WAF Classic__ documentation. For more information, see
-- <https://docs.aws.amazon.com/waf/latest/developerguide/classic-waf-chapter.html AWS WAF Classic>
-- in the developer guide.
--
-- __For the latest version of AWS WAF__, use the AWS WAFV2 API and see the
-- <https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html AWS WAF Developer Guide>.
-- With the latest version, AWS WAF has a single set of endpoints for
-- regional and global use.
--
-- A @RateBasedRule@ is identical to a regular Rule, with one addition: a
-- @RateBasedRule@ counts the number of requests that arrive from a
-- specified IP address every five minutes. For example, based on recent
-- requests that you\'ve seen from an attacker, you might create a
-- @RateBasedRule@ that includes the following conditions:
--
-- -   The requests come from 192.0.2.44.
--
-- -   They contain the value @BadBot@ in the @User-Agent@ header.
--
-- In the rule, you also define the rate limit as 1,000.
--
-- Requests that meet both of these conditions and exceed 1,000 requests
-- every five minutes trigger the rule\'s action (block or count), which is
-- defined in the web ACL.
--
-- /See:/ 'newRateBasedRule' smart constructor.
data RateBasedRule = RateBasedRule'
  { -- | A friendly name or description for the metrics for a @RateBasedRule@.
    -- The name can contain only alphanumeric characters (A-Z, a-z, 0-9), with
    -- maximum length 128 and minimum length one. It can\'t contain whitespace
    -- or metric names reserved for AWS WAF, including \"All\" and
    -- \"Default_Action.\" You can\'t change the name of the metric after you
    -- create the @RateBasedRule@.
    RateBasedRule -> Maybe Text
metricName :: Prelude.Maybe Prelude.Text,
    -- | A friendly name or description for a @RateBasedRule@. You can\'t change
    -- the name of a @RateBasedRule@ after you create it.
    RateBasedRule -> Maybe Text
name :: Prelude.Maybe Prelude.Text,
    -- | A unique identifier for a @RateBasedRule@. You use @RuleId@ to get more
    -- information about a @RateBasedRule@ (see GetRateBasedRule), update a
    -- @RateBasedRule@ (see UpdateRateBasedRule), insert a @RateBasedRule@ into
    -- a @WebACL@ or delete one from a @WebACL@ (see UpdateWebACL), or delete a
    -- @RateBasedRule@ from AWS WAF (see DeleteRateBasedRule).
    RateBasedRule -> Text
ruleId :: Prelude.Text,
    -- | The @Predicates@ object contains one @Predicate@ element for each
    -- ByteMatchSet, IPSet, or SqlInjectionMatchSet object that you want to
    -- include in a @RateBasedRule@.
    RateBasedRule -> [Predicate]
matchPredicates :: [Predicate],
    -- | The field that AWS WAF uses to determine if requests are likely arriving
    -- from single source and thus subject to rate monitoring. The only valid
    -- value for @RateKey@ is @IP@. @IP@ indicates that requests arriving from
    -- the same IP address are subject to the @RateLimit@ that is specified in
    -- the @RateBasedRule@.
    RateBasedRule -> RateKey
rateKey :: RateKey,
    -- | The maximum number of requests, which have an identical value in the
    -- field specified by the @RateKey@, allowed in a five-minute period. If
    -- the number of requests exceeds the @RateLimit@ and the other predicates
    -- specified in the rule are also met, AWS WAF triggers the action that is
    -- specified for this rule.
    RateBasedRule -> Natural
rateLimit :: Prelude.Natural
  }
  deriving (RateBasedRule -> RateBasedRule -> Bool
(RateBasedRule -> RateBasedRule -> Bool)
-> (RateBasedRule -> RateBasedRule -> Bool) -> Eq RateBasedRule
forall a. (a -> a -> Bool) -> (a -> a -> Bool) -> Eq a
/= :: RateBasedRule -> RateBasedRule -> Bool
$c/= :: RateBasedRule -> RateBasedRule -> Bool
== :: RateBasedRule -> RateBasedRule -> Bool
$c== :: RateBasedRule -> RateBasedRule -> Bool
Prelude.Eq, ReadPrec [RateBasedRule]
ReadPrec RateBasedRule
Int -> ReadS RateBasedRule
ReadS [RateBasedRule]
(Int -> ReadS RateBasedRule)
-> ReadS [RateBasedRule]
-> ReadPrec RateBasedRule
-> ReadPrec [RateBasedRule]
-> Read RateBasedRule
forall a.
(Int -> ReadS a)
-> ReadS [a] -> ReadPrec a -> ReadPrec [a] -> Read a
readListPrec :: ReadPrec [RateBasedRule]
$creadListPrec :: ReadPrec [RateBasedRule]
readPrec :: ReadPrec RateBasedRule
$creadPrec :: ReadPrec RateBasedRule
readList :: ReadS [RateBasedRule]
$creadList :: ReadS [RateBasedRule]
readsPrec :: Int -> ReadS RateBasedRule
$creadsPrec :: Int -> ReadS RateBasedRule
Prelude.Read, Int -> RateBasedRule -> ShowS
[RateBasedRule] -> ShowS
RateBasedRule -> String
(Int -> RateBasedRule -> ShowS)
-> (RateBasedRule -> String)
-> ([RateBasedRule] -> ShowS)
-> Show RateBasedRule
forall a.
(Int -> a -> ShowS) -> (a -> String) -> ([a] -> ShowS) -> Show a
showList :: [RateBasedRule] -> ShowS
$cshowList :: [RateBasedRule] -> ShowS
show :: RateBasedRule -> String
$cshow :: RateBasedRule -> String
showsPrec :: Int -> RateBasedRule -> ShowS
$cshowsPrec :: Int -> RateBasedRule -> ShowS
Prelude.Show, (forall x. RateBasedRule -> Rep RateBasedRule x)
-> (forall x. Rep RateBasedRule x -> RateBasedRule)
-> Generic RateBasedRule
forall x. Rep RateBasedRule x -> RateBasedRule
forall x. RateBasedRule -> Rep RateBasedRule x
forall a.
(forall x. a -> Rep a x) -> (forall x. Rep a x -> a) -> Generic a
$cto :: forall x. Rep RateBasedRule x -> RateBasedRule
$cfrom :: forall x. RateBasedRule -> Rep RateBasedRule x
Prelude.Generic)

-- |
-- Create a value of 'RateBasedRule' with all optional fields omitted.
--
-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
--
-- The following record fields are available, with the corresponding lenses provided
-- for backwards compatibility:
--
-- 'metricName', 'rateBasedRule_metricName' - A friendly name or description for the metrics for a @RateBasedRule@.
-- The name can contain only alphanumeric characters (A-Z, a-z, 0-9), with
-- maximum length 128 and minimum length one. It can\'t contain whitespace
-- or metric names reserved for AWS WAF, including \"All\" and
-- \"Default_Action.\" You can\'t change the name of the metric after you
-- create the @RateBasedRule@.
--
-- 'name', 'rateBasedRule_name' - A friendly name or description for a @RateBasedRule@. You can\'t change
-- the name of a @RateBasedRule@ after you create it.
--
-- 'ruleId', 'rateBasedRule_ruleId' - A unique identifier for a @RateBasedRule@. You use @RuleId@ to get more
-- information about a @RateBasedRule@ (see GetRateBasedRule), update a
-- @RateBasedRule@ (see UpdateRateBasedRule), insert a @RateBasedRule@ into
-- a @WebACL@ or delete one from a @WebACL@ (see UpdateWebACL), or delete a
-- @RateBasedRule@ from AWS WAF (see DeleteRateBasedRule).
--
-- 'matchPredicates', 'rateBasedRule_matchPredicates' - The @Predicates@ object contains one @Predicate@ element for each
-- ByteMatchSet, IPSet, or SqlInjectionMatchSet object that you want to
-- include in a @RateBasedRule@.
--
-- 'rateKey', 'rateBasedRule_rateKey' - The field that AWS WAF uses to determine if requests are likely arriving
-- from single source and thus subject to rate monitoring. The only valid
-- value for @RateKey@ is @IP@. @IP@ indicates that requests arriving from
-- the same IP address are subject to the @RateLimit@ that is specified in
-- the @RateBasedRule@.
--
-- 'rateLimit', 'rateBasedRule_rateLimit' - The maximum number of requests, which have an identical value in the
-- field specified by the @RateKey@, allowed in a five-minute period. If
-- the number of requests exceeds the @RateLimit@ and the other predicates
-- specified in the rule are also met, AWS WAF triggers the action that is
-- specified for this rule.
newRateBasedRule ::
  -- | 'ruleId'
  Prelude.Text ->
  -- | 'rateKey'
  RateKey ->
  -- | 'rateLimit'
  Prelude.Natural ->
  RateBasedRule
newRateBasedRule :: Text -> RateKey -> Natural -> RateBasedRule
newRateBasedRule Text
pRuleId_ RateKey
pRateKey_ Natural
pRateLimit_ =
  RateBasedRule' :: Maybe Text
-> Maybe Text
-> Text
-> [Predicate]
-> RateKey
-> Natural
-> RateBasedRule
RateBasedRule'
    { $sel:metricName:RateBasedRule' :: Maybe Text
metricName = Maybe Text
forall a. Maybe a
Prelude.Nothing,
      $sel:name:RateBasedRule' :: Maybe Text
name = Maybe Text
forall a. Maybe a
Prelude.Nothing,
      $sel:ruleId:RateBasedRule' :: Text
ruleId = Text
pRuleId_,
      $sel:matchPredicates:RateBasedRule' :: [Predicate]
matchPredicates = [Predicate]
forall a. Monoid a => a
Prelude.mempty,
      $sel:rateKey:RateBasedRule' :: RateKey
rateKey = RateKey
pRateKey_,
      $sel:rateLimit:RateBasedRule' :: Natural
rateLimit = Natural
pRateLimit_
    }

-- | A friendly name or description for the metrics for a @RateBasedRule@.
-- The name can contain only alphanumeric characters (A-Z, a-z, 0-9), with
-- maximum length 128 and minimum length one. It can\'t contain whitespace
-- or metric names reserved for AWS WAF, including \"All\" and
-- \"Default_Action.\" You can\'t change the name of the metric after you
-- create the @RateBasedRule@.
rateBasedRule_metricName :: Lens.Lens' RateBasedRule (Prelude.Maybe Prelude.Text)
rateBasedRule_metricName :: (Maybe Text -> f (Maybe Text)) -> RateBasedRule -> f RateBasedRule
rateBasedRule_metricName = (RateBasedRule -> Maybe Text)
-> (RateBasedRule -> Maybe Text -> RateBasedRule)
-> Lens RateBasedRule RateBasedRule (Maybe Text) (Maybe Text)
forall s a b t. (s -> a) -> (s -> b -> t) -> Lens s t a b
Lens.lens (\RateBasedRule' {Maybe Text
metricName :: Maybe Text
$sel:metricName:RateBasedRule' :: RateBasedRule -> Maybe Text
metricName} -> Maybe Text
metricName) (\s :: RateBasedRule
s@RateBasedRule' {} Maybe Text
a -> RateBasedRule
s {$sel:metricName:RateBasedRule' :: Maybe Text
metricName = Maybe Text
a} :: RateBasedRule)

-- | A friendly name or description for a @RateBasedRule@. You can\'t change
-- the name of a @RateBasedRule@ after you create it.
rateBasedRule_name :: Lens.Lens' RateBasedRule (Prelude.Maybe Prelude.Text)
rateBasedRule_name :: (Maybe Text -> f (Maybe Text)) -> RateBasedRule -> f RateBasedRule
rateBasedRule_name = (RateBasedRule -> Maybe Text)
-> (RateBasedRule -> Maybe Text -> RateBasedRule)
-> Lens RateBasedRule RateBasedRule (Maybe Text) (Maybe Text)
forall s a b t. (s -> a) -> (s -> b -> t) -> Lens s t a b
Lens.lens (\RateBasedRule' {Maybe Text
name :: Maybe Text
$sel:name:RateBasedRule' :: RateBasedRule -> Maybe Text
name} -> Maybe Text
name) (\s :: RateBasedRule
s@RateBasedRule' {} Maybe Text
a -> RateBasedRule
s {$sel:name:RateBasedRule' :: Maybe Text
name = Maybe Text
a} :: RateBasedRule)

-- | A unique identifier for a @RateBasedRule@. You use @RuleId@ to get more
-- information about a @RateBasedRule@ (see GetRateBasedRule), update a
-- @RateBasedRule@ (see UpdateRateBasedRule), insert a @RateBasedRule@ into
-- a @WebACL@ or delete one from a @WebACL@ (see UpdateWebACL), or delete a
-- @RateBasedRule@ from AWS WAF (see DeleteRateBasedRule).
rateBasedRule_ruleId :: Lens.Lens' RateBasedRule Prelude.Text
rateBasedRule_ruleId :: (Text -> f Text) -> RateBasedRule -> f RateBasedRule
rateBasedRule_ruleId = (RateBasedRule -> Text)
-> (RateBasedRule -> Text -> RateBasedRule)
-> Lens RateBasedRule RateBasedRule Text Text
forall s a b t. (s -> a) -> (s -> b -> t) -> Lens s t a b
Lens.lens (\RateBasedRule' {Text
ruleId :: Text
$sel:ruleId:RateBasedRule' :: RateBasedRule -> Text
ruleId} -> Text
ruleId) (\s :: RateBasedRule
s@RateBasedRule' {} Text
a -> RateBasedRule
s {$sel:ruleId:RateBasedRule' :: Text
ruleId = Text
a} :: RateBasedRule)

-- | The @Predicates@ object contains one @Predicate@ element for each
-- ByteMatchSet, IPSet, or SqlInjectionMatchSet object that you want to
-- include in a @RateBasedRule@.
rateBasedRule_matchPredicates :: Lens.Lens' RateBasedRule [Predicate]
rateBasedRule_matchPredicates :: ([Predicate] -> f [Predicate]) -> RateBasedRule -> f RateBasedRule
rateBasedRule_matchPredicates = (RateBasedRule -> [Predicate])
-> (RateBasedRule -> [Predicate] -> RateBasedRule)
-> Lens RateBasedRule RateBasedRule [Predicate] [Predicate]
forall s a b t. (s -> a) -> (s -> b -> t) -> Lens s t a b
Lens.lens (\RateBasedRule' {[Predicate]
matchPredicates :: [Predicate]
$sel:matchPredicates:RateBasedRule' :: RateBasedRule -> [Predicate]
matchPredicates} -> [Predicate]
matchPredicates) (\s :: RateBasedRule
s@RateBasedRule' {} [Predicate]
a -> RateBasedRule
s {$sel:matchPredicates:RateBasedRule' :: [Predicate]
matchPredicates = [Predicate]
a} :: RateBasedRule) (([Predicate] -> f [Predicate])
 -> RateBasedRule -> f RateBasedRule)
-> (([Predicate] -> f [Predicate]) -> [Predicate] -> f [Predicate])
-> ([Predicate] -> f [Predicate])
-> RateBasedRule
-> f RateBasedRule
forall b c a. (b -> c) -> (a -> b) -> a -> c
Prelude.. ([Predicate] -> f [Predicate]) -> [Predicate] -> f [Predicate]
forall s t a b. (Coercible s a, Coercible t b) => Iso s t a b
Lens.coerced

-- | The field that AWS WAF uses to determine if requests are likely arriving
-- from single source and thus subject to rate monitoring. The only valid
-- value for @RateKey@ is @IP@. @IP@ indicates that requests arriving from
-- the same IP address are subject to the @RateLimit@ that is specified in
-- the @RateBasedRule@.
rateBasedRule_rateKey :: Lens.Lens' RateBasedRule RateKey
rateBasedRule_rateKey :: (RateKey -> f RateKey) -> RateBasedRule -> f RateBasedRule
rateBasedRule_rateKey = (RateBasedRule -> RateKey)
-> (RateBasedRule -> RateKey -> RateBasedRule)
-> Lens RateBasedRule RateBasedRule RateKey RateKey
forall s a b t. (s -> a) -> (s -> b -> t) -> Lens s t a b
Lens.lens (\RateBasedRule' {RateKey
rateKey :: RateKey
$sel:rateKey:RateBasedRule' :: RateBasedRule -> RateKey
rateKey} -> RateKey
rateKey) (\s :: RateBasedRule
s@RateBasedRule' {} RateKey
a -> RateBasedRule
s {$sel:rateKey:RateBasedRule' :: RateKey
rateKey = RateKey
a} :: RateBasedRule)

-- | The maximum number of requests, which have an identical value in the
-- field specified by the @RateKey@, allowed in a five-minute period. If
-- the number of requests exceeds the @RateLimit@ and the other predicates
-- specified in the rule are also met, AWS WAF triggers the action that is
-- specified for this rule.
rateBasedRule_rateLimit :: Lens.Lens' RateBasedRule Prelude.Natural
rateBasedRule_rateLimit :: (Natural -> f Natural) -> RateBasedRule -> f RateBasedRule
rateBasedRule_rateLimit = (RateBasedRule -> Natural)
-> (RateBasedRule -> Natural -> RateBasedRule)
-> Lens RateBasedRule RateBasedRule Natural Natural
forall s a b t. (s -> a) -> (s -> b -> t) -> Lens s t a b
Lens.lens (\RateBasedRule' {Natural
rateLimit :: Natural
$sel:rateLimit:RateBasedRule' :: RateBasedRule -> Natural
rateLimit} -> Natural
rateLimit) (\s :: RateBasedRule
s@RateBasedRule' {} Natural
a -> RateBasedRule
s {$sel:rateLimit:RateBasedRule' :: Natural
rateLimit = Natural
a} :: RateBasedRule)

instance Core.FromJSON RateBasedRule where
  parseJSON :: Value -> Parser RateBasedRule
parseJSON =
    String
-> (Object -> Parser RateBasedRule)
-> Value
-> Parser RateBasedRule
forall a. String -> (Object -> Parser a) -> Value -> Parser a
Core.withObject
      String
"RateBasedRule"
      ( \Object
x ->
          Maybe Text
-> Maybe Text
-> Text
-> [Predicate]
-> RateKey
-> Natural
-> RateBasedRule
RateBasedRule'
            (Maybe Text
 -> Maybe Text
 -> Text
 -> [Predicate]
 -> RateKey
 -> Natural
 -> RateBasedRule)
-> Parser (Maybe Text)
-> Parser
     (Maybe Text
      -> Text -> [Predicate] -> RateKey -> Natural -> RateBasedRule)
forall (f :: * -> *) a b. Functor f => (a -> b) -> f a -> f b
Prelude.<$> (Object
x Object -> Text -> Parser (Maybe Text)
forall a. FromJSON a => Object -> Text -> Parser (Maybe a)
Core..:? Text
"MetricName")
            Parser
  (Maybe Text
   -> Text -> [Predicate] -> RateKey -> Natural -> RateBasedRule)
-> Parser (Maybe Text)
-> Parser
     (Text -> [Predicate] -> RateKey -> Natural -> RateBasedRule)
forall (f :: * -> *) a b. Applicative f => f (a -> b) -> f a -> f b
Prelude.<*> (Object
x Object -> Text -> Parser (Maybe Text)
forall a. FromJSON a => Object -> Text -> Parser (Maybe a)
Core..:? Text
"Name")
            Parser (Text -> [Predicate] -> RateKey -> Natural -> RateBasedRule)
-> Parser Text
-> Parser ([Predicate] -> RateKey -> Natural -> RateBasedRule)
forall (f :: * -> *) a b. Applicative f => f (a -> b) -> f a -> f b
Prelude.<*> (Object
x Object -> Text -> Parser Text
forall a. FromJSON a => Object -> Text -> Parser a
Core..: Text
"RuleId")
            Parser ([Predicate] -> RateKey -> Natural -> RateBasedRule)
-> Parser [Predicate]
-> Parser (RateKey -> Natural -> RateBasedRule)
forall (f :: * -> *) a b. Applicative f => f (a -> b) -> f a -> f b
Prelude.<*> ( Object
x Object -> Text -> Parser (Maybe [Predicate])
forall a. FromJSON a => Object -> Text -> Parser (Maybe a)
Core..:? Text
"MatchPredicates"
                            Parser (Maybe [Predicate]) -> [Predicate] -> Parser [Predicate]
forall a. Parser (Maybe a) -> a -> Parser a
Core..!= [Predicate]
forall a. Monoid a => a
Prelude.mempty
                        )
            Parser (RateKey -> Natural -> RateBasedRule)
-> Parser RateKey -> Parser (Natural -> RateBasedRule)
forall (f :: * -> *) a b. Applicative f => f (a -> b) -> f a -> f b
Prelude.<*> (Object
x Object -> Text -> Parser RateKey
forall a. FromJSON a => Object -> Text -> Parser a
Core..: Text
"RateKey")
            Parser (Natural -> RateBasedRule)
-> Parser Natural -> Parser RateBasedRule
forall (f :: * -> *) a b. Applicative f => f (a -> b) -> f a -> f b
Prelude.<*> (Object
x Object -> Text -> Parser Natural
forall a. FromJSON a => Object -> Text -> Parser a
Core..: Text
"RateLimit")
      )

instance Prelude.Hashable RateBasedRule

instance Prelude.NFData RateBasedRule