aws-sdk-waf 1.0.0.rc1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +7 -0
- data/lib/aws-sdk-waf.rb +47 -0
- data/lib/aws-sdk-waf/client.rb +2168 -0
- data/lib/aws-sdk-waf/client_api.rb +1190 -0
- data/lib/aws-sdk-waf/customizations.rb +0 -0
- data/lib/aws-sdk-waf/errors.rb +23 -0
- data/lib/aws-sdk-waf/resource.rb +25 -0
- data/lib/aws-sdk-waf/types.rb +3189 -0
- metadata +80 -0
File without changes
|
@@ -0,0 +1,23 @@
|
|
1
|
+
# WARNING ABOUT GENERATED CODE
|
2
|
+
#
|
3
|
+
# This file is generated. See the contributing for info on making contributions:
|
4
|
+
# https://github.com/aws/aws-sdk-ruby/blob/master/CONTRIBUTING.md
|
5
|
+
#
|
6
|
+
# WARNING ABOUT GENERATED CODE
|
7
|
+
|
8
|
+
module Aws
|
9
|
+
module WAF
|
10
|
+
module Errors
|
11
|
+
|
12
|
+
extend Aws::Errors::DynamicErrors
|
13
|
+
|
14
|
+
# Raised when calling #load or #data on a resource class that can not be
|
15
|
+
# loaded. This can happen when:
|
16
|
+
#
|
17
|
+
# * A resource class has identifiers, but no data attributes.
|
18
|
+
# * Resource data is only available when making an API call that
|
19
|
+
# enumerates all resources of that type.
|
20
|
+
class ResourceNotLoadable < RuntimeError; end
|
21
|
+
end
|
22
|
+
end
|
23
|
+
end
|
@@ -0,0 +1,25 @@
|
|
1
|
+
# WARNING ABOUT GENERATED CODE
|
2
|
+
#
|
3
|
+
# This file is generated. See the contributing for info on making contributions:
|
4
|
+
# https://github.com/aws/aws-sdk-ruby/blob/master/CONTRIBUTING.md
|
5
|
+
#
|
6
|
+
# WARNING ABOUT GENERATED CODE
|
7
|
+
|
8
|
+
module Aws
|
9
|
+
module WAF
|
10
|
+
class Resource
|
11
|
+
|
12
|
+
# @param options ({})
|
13
|
+
# @option options [Client] :client
|
14
|
+
def initialize(options = {})
|
15
|
+
@client = options[:client] || Client.new(options)
|
16
|
+
end
|
17
|
+
|
18
|
+
# @return [Client]
|
19
|
+
def client
|
20
|
+
@client
|
21
|
+
end
|
22
|
+
|
23
|
+
end
|
24
|
+
end
|
25
|
+
end
|
@@ -0,0 +1,3189 @@
|
|
1
|
+
# WARNING ABOUT GENERATED CODE
|
2
|
+
#
|
3
|
+
# This file is generated. See the contributing for info on making contributions:
|
4
|
+
# https://github.com/aws/aws-sdk-ruby/blob/master/CONTRIBUTING.md
|
5
|
+
#
|
6
|
+
# WARNING ABOUT GENERATED CODE
|
7
|
+
|
8
|
+
module Aws
|
9
|
+
module WAF
|
10
|
+
module Types
|
11
|
+
|
12
|
+
# The `ActivatedRule` object in an UpdateWebACL request specifies a
|
13
|
+
# `Rule` that you want to insert or delete, the priority of the `Rule`
|
14
|
+
# in the `WebACL`, and the action that you want AWS WAF to take when a
|
15
|
+
# web request matches the `Rule` (`ALLOW`, `BLOCK`, or `COUNT`).
|
16
|
+
#
|
17
|
+
# To specify whether to insert or delete a `Rule`, use the `Action`
|
18
|
+
# parameter in the WebACLUpdate data type.
|
19
|
+
# @note When making an API call, pass ActivatedRule
|
20
|
+
# data as a hash:
|
21
|
+
#
|
22
|
+
# {
|
23
|
+
# priority: 1, # required
|
24
|
+
# rule_id: "ResourceId", # required
|
25
|
+
# action: { # required
|
26
|
+
# type: "BLOCK", # required, accepts BLOCK, ALLOW, COUNT
|
27
|
+
# },
|
28
|
+
# }
|
29
|
+
# @!attribute [rw] priority
|
30
|
+
# Specifies the order in which the `Rules` in a `WebACL` are
|
31
|
+
# evaluated. Rules with a lower value for `Priority` are evaluated
|
32
|
+
# before `Rules` with a higher value. The value must be a unique
|
33
|
+
# integer. If you add multiple `Rules` to a `WebACL`, the values
|
34
|
+
# don't need to be consecutive.
|
35
|
+
# @return [Integer]
|
36
|
+
#
|
37
|
+
# @!attribute [rw] rule_id
|
38
|
+
# The `RuleId` for a `Rule`. You use `RuleId` to get more information
|
39
|
+
# about a `Rule` (see GetRule), update a `Rule` (see UpdateRule),
|
40
|
+
# insert a `Rule` into a `WebACL` or delete a one from a `WebACL` (see
|
41
|
+
# UpdateWebACL), or delete a `Rule` from AWS WAF (see DeleteRule).
|
42
|
+
#
|
43
|
+
# `RuleId` is returned by CreateRule and by ListRules.
|
44
|
+
# @return [String]
|
45
|
+
#
|
46
|
+
# @!attribute [rw] action
|
47
|
+
# Specifies the action that CloudFront or AWS WAF takes when a web
|
48
|
+
# request matches the conditions in the `Rule`. Valid values for
|
49
|
+
# `Action` include the following:
|
50
|
+
#
|
51
|
+
# * `ALLOW`\: CloudFront responds with the requested object.
|
52
|
+
#
|
53
|
+
# * `BLOCK`\: CloudFront responds with an HTTP 403 (Forbidden) status
|
54
|
+
# code.
|
55
|
+
#
|
56
|
+
# * `COUNT`\: AWS WAF increments a counter of requests that match the
|
57
|
+
# conditions in the rule and then continues to inspect the web
|
58
|
+
# request based on the remaining rules in the web ACL.
|
59
|
+
# @return [Types::WafAction]
|
60
|
+
class ActivatedRule < Struct.new(
|
61
|
+
:priority,
|
62
|
+
:rule_id,
|
63
|
+
:action)
|
64
|
+
include Aws::Structure
|
65
|
+
end
|
66
|
+
|
67
|
+
# In a GetByteMatchSet request, `ByteMatchSet` is a complex type that
|
68
|
+
# contains the `ByteMatchSetId` and `Name` of a `ByteMatchSet`, and the
|
69
|
+
# values that you specified when you updated the `ByteMatchSet`.
|
70
|
+
#
|
71
|
+
# A complex type that contains `ByteMatchTuple` objects, which specify
|
72
|
+
# the parts of web requests that you want AWS WAF to inspect and the
|
73
|
+
# values that you want AWS WAF to search for. If a `ByteMatchSet`
|
74
|
+
# contains more than one `ByteMatchTuple` object, a request needs to
|
75
|
+
# match the settings in only one `ByteMatchTuple` to be considered a
|
76
|
+
# match.
|
77
|
+
# @!attribute [rw] byte_match_set_id
|
78
|
+
# The `ByteMatchSetId` for a `ByteMatchSet`. You use `ByteMatchSetId`
|
79
|
+
# to get information about a `ByteMatchSet` (see GetByteMatchSet),
|
80
|
+
# update a `ByteMatchSet` (see UpdateByteMatchSet), insert a
|
81
|
+
# `ByteMatchSet` into a `Rule` or delete one from a `Rule` (see
|
82
|
+
# UpdateRule), and delete a `ByteMatchSet` from AWS WAF (see
|
83
|
+
# DeleteByteMatchSet).
|
84
|
+
#
|
85
|
+
# `ByteMatchSetId` is returned by CreateByteMatchSet and by
|
86
|
+
# ListByteMatchSets.
|
87
|
+
# @return [String]
|
88
|
+
#
|
89
|
+
# @!attribute [rw] name
|
90
|
+
# A friendly name or description of the ByteMatchSet. You can't
|
91
|
+
# change `Name` after you create a `ByteMatchSet`.
|
92
|
+
# @return [String]
|
93
|
+
#
|
94
|
+
# @!attribute [rw] byte_match_tuples
|
95
|
+
# Specifies the bytes (typically a string that corresponds with ASCII
|
96
|
+
# characters) that you want AWS WAF to search for in web requests, the
|
97
|
+
# location in requests that you want AWS WAF to search, and other
|
98
|
+
# settings.
|
99
|
+
# @return [Array<Types::ByteMatchTuple>]
|
100
|
+
class ByteMatchSet < Struct.new(
|
101
|
+
:byte_match_set_id,
|
102
|
+
:name,
|
103
|
+
:byte_match_tuples)
|
104
|
+
include Aws::Structure
|
105
|
+
end
|
106
|
+
|
107
|
+
# Returned by ListByteMatchSets. Each `ByteMatchSetSummary` object
|
108
|
+
# includes the `Name` and `ByteMatchSetId` for one ByteMatchSet.
|
109
|
+
# @!attribute [rw] byte_match_set_id
|
110
|
+
# The `ByteMatchSetId` for a `ByteMatchSet`. You use `ByteMatchSetId`
|
111
|
+
# to get information about a `ByteMatchSet`, update a `ByteMatchSet`,
|
112
|
+
# remove a `ByteMatchSet` from a `Rule`, and delete a `ByteMatchSet`
|
113
|
+
# from AWS WAF.
|
114
|
+
#
|
115
|
+
# `ByteMatchSetId` is returned by CreateByteMatchSet and by
|
116
|
+
# ListByteMatchSets.
|
117
|
+
# @return [String]
|
118
|
+
#
|
119
|
+
# @!attribute [rw] name
|
120
|
+
# A friendly name or description of the ByteMatchSet. You can't
|
121
|
+
# change `Name` after you create a `ByteMatchSet`.
|
122
|
+
# @return [String]
|
123
|
+
class ByteMatchSetSummary < Struct.new(
|
124
|
+
:byte_match_set_id,
|
125
|
+
:name)
|
126
|
+
include Aws::Structure
|
127
|
+
end
|
128
|
+
|
129
|
+
# In an UpdateByteMatchSet request, `ByteMatchSetUpdate` specifies
|
130
|
+
# whether to insert or delete a ByteMatchTuple and includes the settings
|
131
|
+
# for the `ByteMatchTuple`.
|
132
|
+
# @note When making an API call, pass ByteMatchSetUpdate
|
133
|
+
# data as a hash:
|
134
|
+
#
|
135
|
+
# {
|
136
|
+
# action: "INSERT", # required, accepts INSERT, DELETE
|
137
|
+
# byte_match_tuple: { # required
|
138
|
+
# field_to_match: { # required
|
139
|
+
# type: "URI", # required, accepts URI, QUERY_STRING, HEADER, METHOD, BODY
|
140
|
+
# data: "MatchFieldData",
|
141
|
+
# },
|
142
|
+
# target_string: "data", # required
|
143
|
+
# text_transformation: "NONE", # required, accepts NONE, COMPRESS_WHITE_SPACE, HTML_ENTITY_DECODE, LOWERCASE, CMD_LINE, URL_DECODE
|
144
|
+
# positional_constraint: "EXACTLY", # required, accepts EXACTLY, STARTS_WITH, ENDS_WITH, CONTAINS, CONTAINS_WORD
|
145
|
+
# },
|
146
|
+
# }
|
147
|
+
# @!attribute [rw] action
|
148
|
+
# Specifies whether to insert or delete a ByteMatchTuple.
|
149
|
+
# @return [String]
|
150
|
+
#
|
151
|
+
# @!attribute [rw] byte_match_tuple
|
152
|
+
# Information about the part of a web request that you want AWS WAF to
|
153
|
+
# inspect and the value that you want AWS WAF to search for. If you
|
154
|
+
# specify `DELETE` for the value of `Action`, the `ByteMatchTuple`
|
155
|
+
# values must exactly match the values in the `ByteMatchTuple` that
|
156
|
+
# you want to delete from the `ByteMatchSet`.
|
157
|
+
# @return [Types::ByteMatchTuple]
|
158
|
+
class ByteMatchSetUpdate < Struct.new(
|
159
|
+
:action,
|
160
|
+
:byte_match_tuple)
|
161
|
+
include Aws::Structure
|
162
|
+
end
|
163
|
+
|
164
|
+
# The bytes (typically a string that corresponds with ASCII characters)
|
165
|
+
# that you want AWS WAF to search for in web requests, the location in
|
166
|
+
# requests that you want AWS WAF to search, and other settings.
|
167
|
+
# @note When making an API call, pass ByteMatchTuple
|
168
|
+
# data as a hash:
|
169
|
+
#
|
170
|
+
# {
|
171
|
+
# field_to_match: { # required
|
172
|
+
# type: "URI", # required, accepts URI, QUERY_STRING, HEADER, METHOD, BODY
|
173
|
+
# data: "MatchFieldData",
|
174
|
+
# },
|
175
|
+
# target_string: "data", # required
|
176
|
+
# text_transformation: "NONE", # required, accepts NONE, COMPRESS_WHITE_SPACE, HTML_ENTITY_DECODE, LOWERCASE, CMD_LINE, URL_DECODE
|
177
|
+
# positional_constraint: "EXACTLY", # required, accepts EXACTLY, STARTS_WITH, ENDS_WITH, CONTAINS, CONTAINS_WORD
|
178
|
+
# }
|
179
|
+
# @!attribute [rw] field_to_match
|
180
|
+
# The part of a web request that you want AWS WAF to search, such as a
|
181
|
+
# specified header or a query string. For more information, see
|
182
|
+
# FieldToMatch.
|
183
|
+
# @return [Types::FieldToMatch]
|
184
|
+
#
|
185
|
+
# @!attribute [rw] target_string
|
186
|
+
# The value that you want AWS WAF to search for. AWS WAF searches for
|
187
|
+
# the specified string in the part of web requests that you specified
|
188
|
+
# in `FieldToMatch`. The maximum length of the value is 50 bytes.
|
189
|
+
#
|
190
|
+
# Valid values depend on the values that you specified for
|
191
|
+
# `FieldToMatch`\:
|
192
|
+
#
|
193
|
+
# * `HEADER`\: The value that you want AWS WAF to search for in the
|
194
|
+
# request header that you specified in FieldToMatch, for example,
|
195
|
+
# the value of the `User-Agent` or `Referer` header.
|
196
|
+
#
|
197
|
+
# * `METHOD`\: The HTTP method, which indicates the type of operation
|
198
|
+
# specified in the request. CloudFront supports the following
|
199
|
+
# methods: `DELETE`, `GET`, `HEAD`, `OPTIONS`, `PATCH`, `POST`, and
|
200
|
+
# `PUT`.
|
201
|
+
#
|
202
|
+
# * `QUERY_STRING`\: The value that you want AWS WAF to search for in
|
203
|
+
# the query string, which is the part of a URL that appears after a
|
204
|
+
# `?` character.
|
205
|
+
#
|
206
|
+
# * `URI`\: The value that you want AWS WAF to search for in the part
|
207
|
+
# of a URL that identifies a resource, for example,
|
208
|
+
# `/images/daily-ad.jpg`.
|
209
|
+
#
|
210
|
+
# * `BODY`\: The part of a request that contains any additional data
|
211
|
+
# that you want to send to your web server as the HTTP request body,
|
212
|
+
# such as data from a form. The request body immediately follows the
|
213
|
+
# request headers. Note that only the first `8192` bytes of the
|
214
|
+
# request body are forwarded to AWS WAF for inspection. To allow or
|
215
|
+
# block requests based on the length of the body, you can create a
|
216
|
+
# size constraint set. For more information, see
|
217
|
+
# CreateSizeConstraintSet.
|
218
|
+
#
|
219
|
+
# If `TargetString` includes alphabetic characters A-Z and a-z, note
|
220
|
+
# that the value is case sensitive.
|
221
|
+
#
|
222
|
+
# **If you're using the AWS WAF API**
|
223
|
+
#
|
224
|
+
# Specify a base64-encoded version of the value. The maximum length of
|
225
|
+
# the value before you base64-encode it is 50 bytes.
|
226
|
+
#
|
227
|
+
# For example, suppose the value of `Type` is `HEADER` and the value
|
228
|
+
# of `Data` is `User-Agent`. If you want to search the `User-Agent`
|
229
|
+
# header for the value `BadBot`, you base64-encode `BadBot` using MIME
|
230
|
+
# base64 encoding and include the resulting value, `QmFkQm90`, in the
|
231
|
+
# value of `TargetString`.
|
232
|
+
#
|
233
|
+
# **If you're using the AWS CLI or one of the AWS SDKs**
|
234
|
+
#
|
235
|
+
# The value that you want AWS WAF to search for. The SDK automatically
|
236
|
+
# base64 encodes the value.
|
237
|
+
# @return [String]
|
238
|
+
#
|
239
|
+
# @!attribute [rw] text_transformation
|
240
|
+
# Text transformations eliminate some of the unusual formatting that
|
241
|
+
# attackers use in web requests in an effort to bypass AWS WAF. If you
|
242
|
+
# specify a transformation, AWS WAF performs the transformation on
|
243
|
+
# `TargetString` before inspecting a request for a match.
|
244
|
+
#
|
245
|
+
# **CMD\_LINE**
|
246
|
+
#
|
247
|
+
# When you're concerned that attackers are injecting an operating
|
248
|
+
# system commandline command and using unusual formatting to disguise
|
249
|
+
# some or all of the command, use this option to perform the following
|
250
|
+
# transformations:
|
251
|
+
#
|
252
|
+
# * Delete the following characters: \\ " ' ^
|
253
|
+
#
|
254
|
+
# * Delete spaces before the following characters: / (
|
255
|
+
#
|
256
|
+
# * Replace the following characters with a space: , ;
|
257
|
+
#
|
258
|
+
# * Replace multiple spaces with one space
|
259
|
+
#
|
260
|
+
# * Convert uppercase letters (A-Z) to lowercase (a-z)
|
261
|
+
#
|
262
|
+
# **COMPRESS\_WHITE\_SPACE**
|
263
|
+
#
|
264
|
+
# Use this option to replace the following characters with a space
|
265
|
+
# character (decimal 32):
|
266
|
+
#
|
267
|
+
# * \\f, formfeed, decimal 12
|
268
|
+
#
|
269
|
+
# * \\t, tab, decimal 9
|
270
|
+
#
|
271
|
+
# * \\n, newline, decimal 10
|
272
|
+
#
|
273
|
+
# * \\r, carriage return, decimal 13
|
274
|
+
#
|
275
|
+
# * \\v, vertical tab, decimal 11
|
276
|
+
#
|
277
|
+
# * non-breaking space, decimal 160
|
278
|
+
#
|
279
|
+
# `COMPRESS_WHITE_SPACE` also replaces multiple spaces with one space.
|
280
|
+
#
|
281
|
+
# **HTML\_ENTITY\_DECODE**
|
282
|
+
#
|
283
|
+
# Use this option to replace HTML-encoded characters with unencoded
|
284
|
+
# characters. `HTML_ENTITY_DECODE` performs the following operations:
|
285
|
+
#
|
286
|
+
# * Replaces `(ampersand)quot;` with `"`
|
287
|
+
#
|
288
|
+
# * Replaces `(ampersand)nbsp;` with a non-breaking space, decimal 160
|
289
|
+
#
|
290
|
+
# * Replaces `(ampersand)lt;` with a "less than" symbol
|
291
|
+
#
|
292
|
+
# * Replaces `(ampersand)gt;` with `>`
|
293
|
+
#
|
294
|
+
# * Replaces characters that are represented in hexadecimal format,
|
295
|
+
# `(ampersand)#xhhhh;`, with the corresponding characters
|
296
|
+
#
|
297
|
+
# * Replaces characters that are represented in decimal format,
|
298
|
+
# `(ampersand)#nnnn;`, with the corresponding characters
|
299
|
+
#
|
300
|
+
# **LOWERCASE**
|
301
|
+
#
|
302
|
+
# Use this option to convert uppercase letters (A-Z) to lowercase
|
303
|
+
# (a-z).
|
304
|
+
#
|
305
|
+
# **URL\_DECODE**
|
306
|
+
#
|
307
|
+
# Use this option to decode a URL-encoded value.
|
308
|
+
#
|
309
|
+
# **NONE**
|
310
|
+
#
|
311
|
+
# Specify `NONE` if you don't want to perform any text
|
312
|
+
# transformations.
|
313
|
+
# @return [String]
|
314
|
+
#
|
315
|
+
# @!attribute [rw] positional_constraint
|
316
|
+
# Within the portion of a web request that you want to search (for
|
317
|
+
# example, in the query string, if any), specify where you want AWS
|
318
|
+
# WAF to search. Valid values include the following:
|
319
|
+
#
|
320
|
+
# **CONTAINS**
|
321
|
+
#
|
322
|
+
# The specified part of the web request must include the value of
|
323
|
+
# `TargetString`, but the location doesn't matter.
|
324
|
+
#
|
325
|
+
# **CONTAINS\_WORD**
|
326
|
+
#
|
327
|
+
# The specified part of the web request must include the value of
|
328
|
+
# `TargetString`, and `TargetString` must contain only alphanumeric
|
329
|
+
# characters or underscore (A-Z, a-z, 0-9, or \_). In addition,
|
330
|
+
# `TargetString` must be a word, which means one of the following:
|
331
|
+
#
|
332
|
+
# * `TargetString` exactly matches the value of the specified part of
|
333
|
+
# the web request, such as the value of a header.
|
334
|
+
#
|
335
|
+
# * `TargetString` is at the beginning of the specified part of the
|
336
|
+
# web request and is followed by a character other than an
|
337
|
+
# alphanumeric character or underscore (\_), for example, `BadBot;`.
|
338
|
+
#
|
339
|
+
# * `TargetString` is at the end of the specified part of the web
|
340
|
+
# request and is preceded by a character other than an alphanumeric
|
341
|
+
# character or underscore (\_), for example, `;BadBot`.
|
342
|
+
#
|
343
|
+
# * `TargetString` is in the middle of the specified part of the web
|
344
|
+
# request and is preceded and followed by characters other than
|
345
|
+
# alphanumeric characters or underscore (\_), for example,
|
346
|
+
# `-BadBot;`.
|
347
|
+
#
|
348
|
+
# **EXACTLY**
|
349
|
+
#
|
350
|
+
# The value of the specified part of the web request must exactly
|
351
|
+
# match the value of `TargetString`.
|
352
|
+
#
|
353
|
+
# **STARTS\_WITH**
|
354
|
+
#
|
355
|
+
# The value of `TargetString` must appear at the beginning of the
|
356
|
+
# specified part of the web request.
|
357
|
+
#
|
358
|
+
# **ENDS\_WITH**
|
359
|
+
#
|
360
|
+
# The value of `TargetString` must appear at the end of the specified
|
361
|
+
# part of the web request.
|
362
|
+
# @return [String]
|
363
|
+
class ByteMatchTuple < Struct.new(
|
364
|
+
:field_to_match,
|
365
|
+
:target_string,
|
366
|
+
:text_transformation,
|
367
|
+
:positional_constraint)
|
368
|
+
include Aws::Structure
|
369
|
+
end
|
370
|
+
|
371
|
+
# @note When making an API call, pass CreateByteMatchSetRequest
|
372
|
+
# data as a hash:
|
373
|
+
#
|
374
|
+
# {
|
375
|
+
# name: "ResourceName", # required
|
376
|
+
# change_token: "ChangeToken", # required
|
377
|
+
# }
|
378
|
+
# @!attribute [rw] name
|
379
|
+
# A friendly name or description of the ByteMatchSet. You can't
|
380
|
+
# change `Name` after you create a `ByteMatchSet`.
|
381
|
+
# @return [String]
|
382
|
+
#
|
383
|
+
# @!attribute [rw] change_token
|
384
|
+
# The value returned by the most recent call to GetChangeToken.
|
385
|
+
# @return [String]
|
386
|
+
class CreateByteMatchSetRequest < Struct.new(
|
387
|
+
:name,
|
388
|
+
:change_token)
|
389
|
+
include Aws::Structure
|
390
|
+
end
|
391
|
+
|
392
|
+
# @!attribute [rw] byte_match_set
|
393
|
+
# A ByteMatchSet that contains no `ByteMatchTuple` objects.
|
394
|
+
# @return [Types::ByteMatchSet]
|
395
|
+
#
|
396
|
+
# @!attribute [rw] change_token
|
397
|
+
# The `ChangeToken` that you used to submit the `CreateByteMatchSet`
|
398
|
+
# request. You can also use this value to query the status of the
|
399
|
+
# request. For more information, see GetChangeTokenStatus.
|
400
|
+
# @return [String]
|
401
|
+
class CreateByteMatchSetResponse < Struct.new(
|
402
|
+
:byte_match_set,
|
403
|
+
:change_token)
|
404
|
+
include Aws::Structure
|
405
|
+
end
|
406
|
+
|
407
|
+
# @note When making an API call, pass CreateIPSetRequest
|
408
|
+
# data as a hash:
|
409
|
+
#
|
410
|
+
# {
|
411
|
+
# name: "ResourceName", # required
|
412
|
+
# change_token: "ChangeToken", # required
|
413
|
+
# }
|
414
|
+
# @!attribute [rw] name
|
415
|
+
# A friendly name or description of the IPSet. You can't change
|
416
|
+
# `Name` after you create the `IPSet`.
|
417
|
+
# @return [String]
|
418
|
+
#
|
419
|
+
# @!attribute [rw] change_token
|
420
|
+
# The value returned by the most recent call to GetChangeToken.
|
421
|
+
# @return [String]
|
422
|
+
class CreateIPSetRequest < Struct.new(
|
423
|
+
:name,
|
424
|
+
:change_token)
|
425
|
+
include Aws::Structure
|
426
|
+
end
|
427
|
+
|
428
|
+
# @!attribute [rw] ip_set
|
429
|
+
# The IPSet returned in the `CreateIPSet` response.
|
430
|
+
# @return [Types::IPSet]
|
431
|
+
#
|
432
|
+
# @!attribute [rw] change_token
|
433
|
+
# The `ChangeToken` that you used to submit the `CreateIPSet` request.
|
434
|
+
# You can also use this value to query the status of the request. For
|
435
|
+
# more information, see GetChangeTokenStatus.
|
436
|
+
# @return [String]
|
437
|
+
class CreateIPSetResponse < Struct.new(
|
438
|
+
:ip_set,
|
439
|
+
:change_token)
|
440
|
+
include Aws::Structure
|
441
|
+
end
|
442
|
+
|
443
|
+
# @note When making an API call, pass CreateRuleRequest
|
444
|
+
# data as a hash:
|
445
|
+
#
|
446
|
+
# {
|
447
|
+
# name: "ResourceName", # required
|
448
|
+
# metric_name: "MetricName", # required
|
449
|
+
# change_token: "ChangeToken", # required
|
450
|
+
# }
|
451
|
+
# @!attribute [rw] name
|
452
|
+
# A friendly name or description of the Rule. You can't change the
|
453
|
+
# name of a `Rule` after you create it.
|
454
|
+
# @return [String]
|
455
|
+
#
|
456
|
+
# @!attribute [rw] metric_name
|
457
|
+
# A friendly name or description for the metrics for this `Rule`. The
|
458
|
+
# name can contain only alphanumeric characters (A-Z, a-z, 0-9); the
|
459
|
+
# name can't contain whitespace. You can't change the name of the
|
460
|
+
# metric after you create the `Rule`.
|
461
|
+
# @return [String]
|
462
|
+
#
|
463
|
+
# @!attribute [rw] change_token
|
464
|
+
# The value returned by the most recent call to GetChangeToken.
|
465
|
+
# @return [String]
|
466
|
+
class CreateRuleRequest < Struct.new(
|
467
|
+
:name,
|
468
|
+
:metric_name,
|
469
|
+
:change_token)
|
470
|
+
include Aws::Structure
|
471
|
+
end
|
472
|
+
|
473
|
+
# @!attribute [rw] rule
|
474
|
+
# The Rule returned in the `CreateRule` response.
|
475
|
+
# @return [Types::Rule]
|
476
|
+
#
|
477
|
+
# @!attribute [rw] change_token
|
478
|
+
# The `ChangeToken` that you used to submit the `CreateRule` request.
|
479
|
+
# You can also use this value to query the status of the request. For
|
480
|
+
# more information, see GetChangeTokenStatus.
|
481
|
+
# @return [String]
|
482
|
+
class CreateRuleResponse < Struct.new(
|
483
|
+
:rule,
|
484
|
+
:change_token)
|
485
|
+
include Aws::Structure
|
486
|
+
end
|
487
|
+
|
488
|
+
# @note When making an API call, pass CreateSizeConstraintSetRequest
|
489
|
+
# data as a hash:
|
490
|
+
#
|
491
|
+
# {
|
492
|
+
# name: "ResourceName", # required
|
493
|
+
# change_token: "ChangeToken", # required
|
494
|
+
# }
|
495
|
+
# @!attribute [rw] name
|
496
|
+
# A friendly name or description of the SizeConstraintSet. You can't
|
497
|
+
# change `Name` after you create a `SizeConstraintSet`.
|
498
|
+
# @return [String]
|
499
|
+
#
|
500
|
+
# @!attribute [rw] change_token
|
501
|
+
# The value returned by the most recent call to GetChangeToken.
|
502
|
+
# @return [String]
|
503
|
+
class CreateSizeConstraintSetRequest < Struct.new(
|
504
|
+
:name,
|
505
|
+
:change_token)
|
506
|
+
include Aws::Structure
|
507
|
+
end
|
508
|
+
|
509
|
+
# @!attribute [rw] size_constraint_set
|
510
|
+
# A SizeConstraintSet that contains no `SizeConstraint` objects.
|
511
|
+
# @return [Types::SizeConstraintSet]
|
512
|
+
#
|
513
|
+
# @!attribute [rw] change_token
|
514
|
+
# The `ChangeToken` that you used to submit the
|
515
|
+
# `CreateSizeConstraintSet` request. You can also use this value to
|
516
|
+
# query the status of the request. For more information, see
|
517
|
+
# GetChangeTokenStatus.
|
518
|
+
# @return [String]
|
519
|
+
class CreateSizeConstraintSetResponse < Struct.new(
|
520
|
+
:size_constraint_set,
|
521
|
+
:change_token)
|
522
|
+
include Aws::Structure
|
523
|
+
end
|
524
|
+
|
525
|
+
# A request to create a SqlInjectionMatchSet.
|
526
|
+
# @note When making an API call, pass CreateSqlInjectionMatchSetRequest
|
527
|
+
# data as a hash:
|
528
|
+
#
|
529
|
+
# {
|
530
|
+
# name: "ResourceName", # required
|
531
|
+
# change_token: "ChangeToken", # required
|
532
|
+
# }
|
533
|
+
# @!attribute [rw] name
|
534
|
+
# A friendly name or description for the SqlInjectionMatchSet that
|
535
|
+
# you're creating. You can't change `Name` after you create the
|
536
|
+
# `SqlInjectionMatchSet`.
|
537
|
+
# @return [String]
|
538
|
+
#
|
539
|
+
# @!attribute [rw] change_token
|
540
|
+
# The value returned by the most recent call to GetChangeToken.
|
541
|
+
# @return [String]
|
542
|
+
class CreateSqlInjectionMatchSetRequest < Struct.new(
|
543
|
+
:name,
|
544
|
+
:change_token)
|
545
|
+
include Aws::Structure
|
546
|
+
end
|
547
|
+
|
548
|
+
# The response to a `CreateSqlInjectionMatchSet` request.
|
549
|
+
# @!attribute [rw] sql_injection_match_set
|
550
|
+
# A SqlInjectionMatchSet.
|
551
|
+
# @return [Types::SqlInjectionMatchSet]
|
552
|
+
#
|
553
|
+
# @!attribute [rw] change_token
|
554
|
+
# The `ChangeToken` that you used to submit the
|
555
|
+
# `CreateSqlInjectionMatchSet` request. You can also use this value to
|
556
|
+
# query the status of the request. For more information, see
|
557
|
+
# GetChangeTokenStatus.
|
558
|
+
# @return [String]
|
559
|
+
class CreateSqlInjectionMatchSetResponse < Struct.new(
|
560
|
+
:sql_injection_match_set,
|
561
|
+
:change_token)
|
562
|
+
include Aws::Structure
|
563
|
+
end
|
564
|
+
|
565
|
+
# @note When making an API call, pass CreateWebACLRequest
|
566
|
+
# data as a hash:
|
567
|
+
#
|
568
|
+
# {
|
569
|
+
# name: "ResourceName", # required
|
570
|
+
# metric_name: "MetricName", # required
|
571
|
+
# default_action: { # required
|
572
|
+
# type: "BLOCK", # required, accepts BLOCK, ALLOW, COUNT
|
573
|
+
# },
|
574
|
+
# change_token: "ChangeToken", # required
|
575
|
+
# }
|
576
|
+
# @!attribute [rw] name
|
577
|
+
# A friendly name or description of the WebACL. You can't change
|
578
|
+
# `Name` after you create the `WebACL`.
|
579
|
+
# @return [String]
|
580
|
+
#
|
581
|
+
# @!attribute [rw] metric_name
|
582
|
+
# A friendly name or description for the metrics for this `WebACL`.
|
583
|
+
# The name can contain only alphanumeric characters (A-Z, a-z, 0-9);
|
584
|
+
# the name can't contain whitespace. You can't change `MetricName`
|
585
|
+
# after you create the `WebACL`.
|
586
|
+
# @return [String]
|
587
|
+
#
|
588
|
+
# @!attribute [rw] default_action
|
589
|
+
# The action that you want AWS WAF to take when a request doesn't
|
590
|
+
# match the criteria specified in any of the `Rule` objects that are
|
591
|
+
# associated with the `WebACL`.
|
592
|
+
# @return [Types::WafAction]
|
593
|
+
#
|
594
|
+
# @!attribute [rw] change_token
|
595
|
+
# The value returned by the most recent call to GetChangeToken.
|
596
|
+
# @return [String]
|
597
|
+
class CreateWebACLRequest < Struct.new(
|
598
|
+
:name,
|
599
|
+
:metric_name,
|
600
|
+
:default_action,
|
601
|
+
:change_token)
|
602
|
+
include Aws::Structure
|
603
|
+
end
|
604
|
+
|
605
|
+
# @!attribute [rw] web_acl
|
606
|
+
# The WebACL returned in the `CreateWebACL` response.
|
607
|
+
# @return [Types::WebACL]
|
608
|
+
#
|
609
|
+
# @!attribute [rw] change_token
|
610
|
+
# The `ChangeToken` that you used to submit the `CreateWebACL`
|
611
|
+
# request. You can also use this value to query the status of the
|
612
|
+
# request. For more information, see GetChangeTokenStatus.
|
613
|
+
# @return [String]
|
614
|
+
class CreateWebACLResponse < Struct.new(
|
615
|
+
:web_acl,
|
616
|
+
:change_token)
|
617
|
+
include Aws::Structure
|
618
|
+
end
|
619
|
+
|
620
|
+
# A request to create an XssMatchSet.
|
621
|
+
# @note When making an API call, pass CreateXssMatchSetRequest
|
622
|
+
# data as a hash:
|
623
|
+
#
|
624
|
+
# {
|
625
|
+
# name: "ResourceName", # required
|
626
|
+
# change_token: "ChangeToken", # required
|
627
|
+
# }
|
628
|
+
# @!attribute [rw] name
|
629
|
+
# A friendly name or description for the XssMatchSet that you're
|
630
|
+
# creating. You can't change `Name` after you create the
|
631
|
+
# `XssMatchSet`.
|
632
|
+
# @return [String]
|
633
|
+
#
|
634
|
+
# @!attribute [rw] change_token
|
635
|
+
# The value returned by the most recent call to GetChangeToken.
|
636
|
+
# @return [String]
|
637
|
+
class CreateXssMatchSetRequest < Struct.new(
|
638
|
+
:name,
|
639
|
+
:change_token)
|
640
|
+
include Aws::Structure
|
641
|
+
end
|
642
|
+
|
643
|
+
# The response to a `CreateXssMatchSet` request.
|
644
|
+
# @!attribute [rw] xss_match_set
|
645
|
+
# An XssMatchSet.
|
646
|
+
# @return [Types::XssMatchSet]
|
647
|
+
#
|
648
|
+
# @!attribute [rw] change_token
|
649
|
+
# The `ChangeToken` that you used to submit the `CreateXssMatchSet`
|
650
|
+
# request. You can also use this value to query the status of the
|
651
|
+
# request. For more information, see GetChangeTokenStatus.
|
652
|
+
# @return [String]
|
653
|
+
class CreateXssMatchSetResponse < Struct.new(
|
654
|
+
:xss_match_set,
|
655
|
+
:change_token)
|
656
|
+
include Aws::Structure
|
657
|
+
end
|
658
|
+
|
659
|
+
# @note When making an API call, pass DeleteByteMatchSetRequest
|
660
|
+
# data as a hash:
|
661
|
+
#
|
662
|
+
# {
|
663
|
+
# byte_match_set_id: "ResourceId", # required
|
664
|
+
# change_token: "ChangeToken", # required
|
665
|
+
# }
|
666
|
+
# @!attribute [rw] byte_match_set_id
|
667
|
+
# The `ByteMatchSetId` of the ByteMatchSet that you want to delete.
|
668
|
+
# `ByteMatchSetId` is returned by CreateByteMatchSet and by
|
669
|
+
# ListByteMatchSets.
|
670
|
+
# @return [String]
|
671
|
+
#
|
672
|
+
# @!attribute [rw] change_token
|
673
|
+
# The value returned by the most recent call to GetChangeToken.
|
674
|
+
# @return [String]
|
675
|
+
class DeleteByteMatchSetRequest < Struct.new(
|
676
|
+
:byte_match_set_id,
|
677
|
+
:change_token)
|
678
|
+
include Aws::Structure
|
679
|
+
end
|
680
|
+
|
681
|
+
# @!attribute [rw] change_token
|
682
|
+
# The `ChangeToken` that you used to submit the `DeleteByteMatchSet`
|
683
|
+
# request. You can also use this value to query the status of the
|
684
|
+
# request. For more information, see GetChangeTokenStatus.
|
685
|
+
# @return [String]
|
686
|
+
class DeleteByteMatchSetResponse < Struct.new(
|
687
|
+
:change_token)
|
688
|
+
include Aws::Structure
|
689
|
+
end
|
690
|
+
|
691
|
+
# @note When making an API call, pass DeleteIPSetRequest
|
692
|
+
# data as a hash:
|
693
|
+
#
|
694
|
+
# {
|
695
|
+
# ip_set_id: "ResourceId", # required
|
696
|
+
# change_token: "ChangeToken", # required
|
697
|
+
# }
|
698
|
+
# @!attribute [rw] ip_set_id
|
699
|
+
# The `IPSetId` of the IPSet that you want to delete. `IPSetId` is
|
700
|
+
# returned by CreateIPSet and by ListIPSets.
|
701
|
+
# @return [String]
|
702
|
+
#
|
703
|
+
# @!attribute [rw] change_token
|
704
|
+
# The value returned by the most recent call to GetChangeToken.
|
705
|
+
# @return [String]
|
706
|
+
class DeleteIPSetRequest < Struct.new(
|
707
|
+
:ip_set_id,
|
708
|
+
:change_token)
|
709
|
+
include Aws::Structure
|
710
|
+
end
|
711
|
+
|
712
|
+
# @!attribute [rw] change_token
|
713
|
+
# The `ChangeToken` that you used to submit the `DeleteIPSet` request.
|
714
|
+
# You can also use this value to query the status of the request. For
|
715
|
+
# more information, see GetChangeTokenStatus.
|
716
|
+
# @return [String]
|
717
|
+
class DeleteIPSetResponse < Struct.new(
|
718
|
+
:change_token)
|
719
|
+
include Aws::Structure
|
720
|
+
end
|
721
|
+
|
722
|
+
# @note When making an API call, pass DeleteRuleRequest
|
723
|
+
# data as a hash:
|
724
|
+
#
|
725
|
+
# {
|
726
|
+
# rule_id: "ResourceId", # required
|
727
|
+
# change_token: "ChangeToken", # required
|
728
|
+
# }
|
729
|
+
# @!attribute [rw] rule_id
|
730
|
+
# The `RuleId` of the Rule that you want to delete. `RuleId` is
|
731
|
+
# returned by CreateRule and by ListRules.
|
732
|
+
# @return [String]
|
733
|
+
#
|
734
|
+
# @!attribute [rw] change_token
|
735
|
+
# The value returned by the most recent call to GetChangeToken.
|
736
|
+
# @return [String]
|
737
|
+
class DeleteRuleRequest < Struct.new(
|
738
|
+
:rule_id,
|
739
|
+
:change_token)
|
740
|
+
include Aws::Structure
|
741
|
+
end
|
742
|
+
|
743
|
+
# @!attribute [rw] change_token
|
744
|
+
# The `ChangeToken` that you used to submit the `DeleteRule` request.
|
745
|
+
# You can also use this value to query the status of the request. For
|
746
|
+
# more information, see GetChangeTokenStatus.
|
747
|
+
# @return [String]
|
748
|
+
class DeleteRuleResponse < Struct.new(
|
749
|
+
:change_token)
|
750
|
+
include Aws::Structure
|
751
|
+
end
|
752
|
+
|
753
|
+
# @note When making an API call, pass DeleteSizeConstraintSetRequest
|
754
|
+
# data as a hash:
|
755
|
+
#
|
756
|
+
# {
|
757
|
+
# size_constraint_set_id: "ResourceId", # required
|
758
|
+
# change_token: "ChangeToken", # required
|
759
|
+
# }
|
760
|
+
# @!attribute [rw] size_constraint_set_id
|
761
|
+
# The `SizeConstraintSetId` of the SizeConstraintSet that you want to
|
762
|
+
# delete. `SizeConstraintSetId` is returned by CreateSizeConstraintSet
|
763
|
+
# and by ListSizeConstraintSets.
|
764
|
+
# @return [String]
|
765
|
+
#
|
766
|
+
# @!attribute [rw] change_token
|
767
|
+
# The value returned by the most recent call to GetChangeToken.
|
768
|
+
# @return [String]
|
769
|
+
class DeleteSizeConstraintSetRequest < Struct.new(
|
770
|
+
:size_constraint_set_id,
|
771
|
+
:change_token)
|
772
|
+
include Aws::Structure
|
773
|
+
end
|
774
|
+
|
775
|
+
# @!attribute [rw] change_token
|
776
|
+
# The `ChangeToken` that you used to submit the
|
777
|
+
# `DeleteSizeConstraintSet` request. You can also use this value to
|
778
|
+
# query the status of the request. For more information, see
|
779
|
+
# GetChangeTokenStatus.
|
780
|
+
# @return [String]
|
781
|
+
class DeleteSizeConstraintSetResponse < Struct.new(
|
782
|
+
:change_token)
|
783
|
+
include Aws::Structure
|
784
|
+
end
|
785
|
+
|
786
|
+
# A request to delete a SqlInjectionMatchSet from AWS WAF.
|
787
|
+
# @note When making an API call, pass DeleteSqlInjectionMatchSetRequest
|
788
|
+
# data as a hash:
|
789
|
+
#
|
790
|
+
# {
|
791
|
+
# sql_injection_match_set_id: "ResourceId", # required
|
792
|
+
# change_token: "ChangeToken", # required
|
793
|
+
# }
|
794
|
+
# @!attribute [rw] sql_injection_match_set_id
|
795
|
+
# The `SqlInjectionMatchSetId` of the SqlInjectionMatchSet that you
|
796
|
+
# want to delete. `SqlInjectionMatchSetId` is returned by
|
797
|
+
# CreateSqlInjectionMatchSet and by ListSqlInjectionMatchSets.
|
798
|
+
# @return [String]
|
799
|
+
#
|
800
|
+
# @!attribute [rw] change_token
|
801
|
+
# The value returned by the most recent call to GetChangeToken.
|
802
|
+
# @return [String]
|
803
|
+
class DeleteSqlInjectionMatchSetRequest < Struct.new(
|
804
|
+
:sql_injection_match_set_id,
|
805
|
+
:change_token)
|
806
|
+
include Aws::Structure
|
807
|
+
end
|
808
|
+
|
809
|
+
# The response to a request to delete a SqlInjectionMatchSet from AWS
|
810
|
+
# WAF.
|
811
|
+
# @!attribute [rw] change_token
|
812
|
+
# The `ChangeToken` that you used to submit the
|
813
|
+
# `DeleteSqlInjectionMatchSet` request. You can also use this value to
|
814
|
+
# query the status of the request. For more information, see
|
815
|
+
# GetChangeTokenStatus.
|
816
|
+
# @return [String]
|
817
|
+
class DeleteSqlInjectionMatchSetResponse < Struct.new(
|
818
|
+
:change_token)
|
819
|
+
include Aws::Structure
|
820
|
+
end
|
821
|
+
|
822
|
+
# @note When making an API call, pass DeleteWebACLRequest
|
823
|
+
# data as a hash:
|
824
|
+
#
|
825
|
+
# {
|
826
|
+
# web_acl_id: "ResourceId", # required
|
827
|
+
# change_token: "ChangeToken", # required
|
828
|
+
# }
|
829
|
+
# @!attribute [rw] web_acl_id
|
830
|
+
# The `WebACLId` of the WebACL that you want to delete. `WebACLId` is
|
831
|
+
# returned by CreateWebACL and by ListWebACLs.
|
832
|
+
# @return [String]
|
833
|
+
#
|
834
|
+
# @!attribute [rw] change_token
|
835
|
+
# The value returned by the most recent call to GetChangeToken.
|
836
|
+
# @return [String]
|
837
|
+
class DeleteWebACLRequest < Struct.new(
|
838
|
+
:web_acl_id,
|
839
|
+
:change_token)
|
840
|
+
include Aws::Structure
|
841
|
+
end
|
842
|
+
|
843
|
+
# @!attribute [rw] change_token
|
844
|
+
# The `ChangeToken` that you used to submit the `DeleteWebACL`
|
845
|
+
# request. You can also use this value to query the status of the
|
846
|
+
# request. For more information, see GetChangeTokenStatus.
|
847
|
+
# @return [String]
|
848
|
+
class DeleteWebACLResponse < Struct.new(
|
849
|
+
:change_token)
|
850
|
+
include Aws::Structure
|
851
|
+
end
|
852
|
+
|
853
|
+
# A request to delete an XssMatchSet from AWS WAF.
|
854
|
+
# @note When making an API call, pass DeleteXssMatchSetRequest
|
855
|
+
# data as a hash:
|
856
|
+
#
|
857
|
+
# {
|
858
|
+
# xss_match_set_id: "ResourceId", # required
|
859
|
+
# change_token: "ChangeToken", # required
|
860
|
+
# }
|
861
|
+
# @!attribute [rw] xss_match_set_id
|
862
|
+
# The `XssMatchSetId` of the XssMatchSet that you want to delete.
|
863
|
+
# `XssMatchSetId` is returned by CreateXssMatchSet and by
|
864
|
+
# ListXssMatchSets.
|
865
|
+
# @return [String]
|
866
|
+
#
|
867
|
+
# @!attribute [rw] change_token
|
868
|
+
# The value returned by the most recent call to GetChangeToken.
|
869
|
+
# @return [String]
|
870
|
+
class DeleteXssMatchSetRequest < Struct.new(
|
871
|
+
:xss_match_set_id,
|
872
|
+
:change_token)
|
873
|
+
include Aws::Structure
|
874
|
+
end
|
875
|
+
|
876
|
+
# The response to a request to delete an XssMatchSet from AWS WAF.
|
877
|
+
# @!attribute [rw] change_token
|
878
|
+
# The `ChangeToken` that you used to submit the `DeleteXssMatchSet`
|
879
|
+
# request. You can also use this value to query the status of the
|
880
|
+
# request. For more information, see GetChangeTokenStatus.
|
881
|
+
# @return [String]
|
882
|
+
class DeleteXssMatchSetResponse < Struct.new(
|
883
|
+
:change_token)
|
884
|
+
include Aws::Structure
|
885
|
+
end
|
886
|
+
|
887
|
+
# Specifies where in a web request to look for `TargetString`.
|
888
|
+
# @note When making an API call, pass FieldToMatch
|
889
|
+
# data as a hash:
|
890
|
+
#
|
891
|
+
# {
|
892
|
+
# type: "URI", # required, accepts URI, QUERY_STRING, HEADER, METHOD, BODY
|
893
|
+
# data: "MatchFieldData",
|
894
|
+
# }
|
895
|
+
# @!attribute [rw] type
|
896
|
+
# The part of the web request that you want AWS WAF to search for a
|
897
|
+
# specified string. Parts of a request that you can search include the
|
898
|
+
# following:
|
899
|
+
#
|
900
|
+
# * `HEADER`\: A specified request header, for example, the value of
|
901
|
+
# the `User-Agent` or `Referer` header. If you choose `HEADER` for
|
902
|
+
# the type, specify the name of the header in `Data`.
|
903
|
+
#
|
904
|
+
# * `METHOD`\: The HTTP method, which indicated the type of operation
|
905
|
+
# that the request is asking the origin to perform. Amazon
|
906
|
+
# CloudFront supports the following methods: `DELETE`, `GET`,
|
907
|
+
# `HEAD`, `OPTIONS`, `PATCH`, `POST`, and `PUT`.
|
908
|
+
#
|
909
|
+
# * `QUERY_STRING`\: A query string, which is the part of a URL that
|
910
|
+
# appears after a `?` character, if any.
|
911
|
+
#
|
912
|
+
# * `URI`\: The part of a web request that identifies a resource, for
|
913
|
+
# example, `/images/daily-ad.jpg`.
|
914
|
+
#
|
915
|
+
# * `BODY`\: The part of a request that contains any additional data
|
916
|
+
# that you want to send to your web server as the HTTP request body,
|
917
|
+
# such as data from a form. The request body immediately follows the
|
918
|
+
# request headers. Note that only the first `8192` bytes of the
|
919
|
+
# request body are forwarded to AWS WAF for inspection. To allow or
|
920
|
+
# block requests based on the length of the body, you can create a
|
921
|
+
# size constraint set. For more information, see
|
922
|
+
# CreateSizeConstraintSet.
|
923
|
+
# @return [String]
|
924
|
+
#
|
925
|
+
# @!attribute [rw] data
|
926
|
+
# When the value of `Type` is `HEADER`, enter the name of the header
|
927
|
+
# that you want AWS WAF to search, for example, `User-Agent` or
|
928
|
+
# `Referer`. If the value of `Type` is any other value, omit `Data`.
|
929
|
+
#
|
930
|
+
# The name of the header is not case sensitive.
|
931
|
+
# @return [String]
|
932
|
+
class FieldToMatch < Struct.new(
|
933
|
+
:type,
|
934
|
+
:data)
|
935
|
+
include Aws::Structure
|
936
|
+
end
|
937
|
+
|
938
|
+
# @note When making an API call, pass GetByteMatchSetRequest
|
939
|
+
# data as a hash:
|
940
|
+
#
|
941
|
+
# {
|
942
|
+
# byte_match_set_id: "ResourceId", # required
|
943
|
+
# }
|
944
|
+
# @!attribute [rw] byte_match_set_id
|
945
|
+
# The `ByteMatchSetId` of the ByteMatchSet that you want to get.
|
946
|
+
# `ByteMatchSetId` is returned by CreateByteMatchSet and by
|
947
|
+
# ListByteMatchSets.
|
948
|
+
# @return [String]
|
949
|
+
class GetByteMatchSetRequest < Struct.new(
|
950
|
+
:byte_match_set_id)
|
951
|
+
include Aws::Structure
|
952
|
+
end
|
953
|
+
|
954
|
+
# @!attribute [rw] byte_match_set
|
955
|
+
# Information about the ByteMatchSet that you specified in the
|
956
|
+
# `GetByteMatchSet` request. For more information, see the following
|
957
|
+
# topics:
|
958
|
+
#
|
959
|
+
# * ByteMatchSet: Contains `ByteMatchSetId`, `ByteMatchTuples`, and
|
960
|
+
# `Name`
|
961
|
+
#
|
962
|
+
# * `ByteMatchTuples`\: Contains an array of ByteMatchTuple objects.
|
963
|
+
# Each `ByteMatchTuple` object contains FieldToMatch,
|
964
|
+
# `PositionalConstraint`, `TargetString`, and `TextTransformation`
|
965
|
+
#
|
966
|
+
# * FieldToMatch: Contains `Data` and `Type`
|
967
|
+
# @return [Types::ByteMatchSet]
|
968
|
+
class GetByteMatchSetResponse < Struct.new(
|
969
|
+
:byte_match_set)
|
970
|
+
include Aws::Structure
|
971
|
+
end
|
972
|
+
|
973
|
+
# @api private
|
974
|
+
class GetChangeTokenRequest < Aws::EmptyStructure; end
|
975
|
+
|
976
|
+
# @!attribute [rw] change_token
|
977
|
+
# The `ChangeToken` that you used in the request. Use this value in a
|
978
|
+
# `GetChangeTokenStatus` request to get the current status of the
|
979
|
+
# request.
|
980
|
+
# @return [String]
|
981
|
+
class GetChangeTokenResponse < Struct.new(
|
982
|
+
:change_token)
|
983
|
+
include Aws::Structure
|
984
|
+
end
|
985
|
+
|
986
|
+
# @note When making an API call, pass GetChangeTokenStatusRequest
|
987
|
+
# data as a hash:
|
988
|
+
#
|
989
|
+
# {
|
990
|
+
# change_token: "ChangeToken", # required
|
991
|
+
# }
|
992
|
+
# @!attribute [rw] change_token
|
993
|
+
# The change token for which you want to get the status. This change
|
994
|
+
# token was previously returned in the `GetChangeToken` response.
|
995
|
+
# @return [String]
|
996
|
+
class GetChangeTokenStatusRequest < Struct.new(
|
997
|
+
:change_token)
|
998
|
+
include Aws::Structure
|
999
|
+
end
|
1000
|
+
|
1001
|
+
# @!attribute [rw] change_token_status
|
1002
|
+
# The status of the change token.
|
1003
|
+
# @return [String]
|
1004
|
+
class GetChangeTokenStatusResponse < Struct.new(
|
1005
|
+
:change_token_status)
|
1006
|
+
include Aws::Structure
|
1007
|
+
end
|
1008
|
+
|
1009
|
+
# @note When making an API call, pass GetIPSetRequest
|
1010
|
+
# data as a hash:
|
1011
|
+
#
|
1012
|
+
# {
|
1013
|
+
# ip_set_id: "ResourceId", # required
|
1014
|
+
# }
|
1015
|
+
# @!attribute [rw] ip_set_id
|
1016
|
+
# The `IPSetId` of the IPSet that you want to get. `IPSetId` is
|
1017
|
+
# returned by CreateIPSet and by ListIPSets.
|
1018
|
+
# @return [String]
|
1019
|
+
class GetIPSetRequest < Struct.new(
|
1020
|
+
:ip_set_id)
|
1021
|
+
include Aws::Structure
|
1022
|
+
end
|
1023
|
+
|
1024
|
+
# @!attribute [rw] ip_set
|
1025
|
+
# Information about the IPSet that you specified in the `GetIPSet`
|
1026
|
+
# request. For more information, see the following topics:
|
1027
|
+
#
|
1028
|
+
# * IPSet: Contains `IPSetDescriptors`, `IPSetId`, and `Name`
|
1029
|
+
#
|
1030
|
+
# * `IPSetDescriptors`\: Contains an array of IPSetDescriptor objects.
|
1031
|
+
# Each `IPSetDescriptor` object contains `Type` and `Value`
|
1032
|
+
# @return [Types::IPSet]
|
1033
|
+
class GetIPSetResponse < Struct.new(
|
1034
|
+
:ip_set)
|
1035
|
+
include Aws::Structure
|
1036
|
+
end
|
1037
|
+
|
1038
|
+
# @note When making an API call, pass GetRuleRequest
|
1039
|
+
# data as a hash:
|
1040
|
+
#
|
1041
|
+
# {
|
1042
|
+
# rule_id: "ResourceId", # required
|
1043
|
+
# }
|
1044
|
+
# @!attribute [rw] rule_id
|
1045
|
+
# The `RuleId` of the Rule that you want to get. `RuleId` is returned
|
1046
|
+
# by CreateRule and by ListRules.
|
1047
|
+
# @return [String]
|
1048
|
+
class GetRuleRequest < Struct.new(
|
1049
|
+
:rule_id)
|
1050
|
+
include Aws::Structure
|
1051
|
+
end
|
1052
|
+
|
1053
|
+
# @!attribute [rw] rule
|
1054
|
+
# Information about the Rule that you specified in the `GetRule`
|
1055
|
+
# request. For more information, see the following topics:
|
1056
|
+
#
|
1057
|
+
# * Rule: Contains `MetricName`, `Name`, an array of `Predicate`
|
1058
|
+
# objects, and `RuleId`
|
1059
|
+
#
|
1060
|
+
# * Predicate: Each `Predicate` object contains `DataId`, `Negated`,
|
1061
|
+
# and `Type`
|
1062
|
+
# @return [Types::Rule]
|
1063
|
+
class GetRuleResponse < Struct.new(
|
1064
|
+
:rule)
|
1065
|
+
include Aws::Structure
|
1066
|
+
end
|
1067
|
+
|
1068
|
+
# @note When making an API call, pass GetSampledRequestsRequest
|
1069
|
+
# data as a hash:
|
1070
|
+
#
|
1071
|
+
# {
|
1072
|
+
# web_acl_id: "ResourceId", # required
|
1073
|
+
# rule_id: "ResourceId", # required
|
1074
|
+
# time_window: { # required
|
1075
|
+
# start_time: Time.now, # required
|
1076
|
+
# end_time: Time.now, # required
|
1077
|
+
# },
|
1078
|
+
# max_items: 1, # required
|
1079
|
+
# }
|
1080
|
+
# @!attribute [rw] web_acl_id
|
1081
|
+
# The `WebACLId` of the `WebACL` for which you want
|
1082
|
+
# `GetSampledRequests` to return a sample of requests.
|
1083
|
+
# @return [String]
|
1084
|
+
#
|
1085
|
+
# @!attribute [rw] rule_id
|
1086
|
+
# `RuleId` is one of two values:
|
1087
|
+
#
|
1088
|
+
# * The `RuleId` of the `Rule` for which you want `GetSampledRequests`
|
1089
|
+
# to return a sample of requests.
|
1090
|
+
#
|
1091
|
+
# * `Default_Action`, which causes `GetSampledRequests` to return a
|
1092
|
+
# sample of the requests that didn't match any of the rules in the
|
1093
|
+
# specified `WebACL`.
|
1094
|
+
# @return [String]
|
1095
|
+
#
|
1096
|
+
# @!attribute [rw] time_window
|
1097
|
+
# The start date and time and the end date and time of the range for
|
1098
|
+
# which you want `GetSampledRequests` to return a sample of requests.
|
1099
|
+
# Specify the date and time in Unix time format (in seconds). You can
|
1100
|
+
# specify any time range in the previous three hours.
|
1101
|
+
# @return [Types::TimeWindow]
|
1102
|
+
#
|
1103
|
+
# @!attribute [rw] max_items
|
1104
|
+
# The number of requests that you want AWS WAF to return from among
|
1105
|
+
# the first 5,000 requests that your AWS resource received during the
|
1106
|
+
# time range. If your resource received fewer requests than the value
|
1107
|
+
# of `MaxItems`, `GetSampledRequests` returns information about all of
|
1108
|
+
# them.
|
1109
|
+
# @return [Integer]
|
1110
|
+
class GetSampledRequestsRequest < Struct.new(
|
1111
|
+
:web_acl_id,
|
1112
|
+
:rule_id,
|
1113
|
+
:time_window,
|
1114
|
+
:max_items)
|
1115
|
+
include Aws::Structure
|
1116
|
+
end
|
1117
|
+
|
1118
|
+
# @!attribute [rw] sampled_requests
|
1119
|
+
# A complex type that contains detailed information about each of the
|
1120
|
+
# requests in the sample.
|
1121
|
+
# @return [Array<Types::SampledHTTPRequest>]
|
1122
|
+
#
|
1123
|
+
# @!attribute [rw] population_size
|
1124
|
+
# The total number of requests from which `GetSampledRequests` got a
|
1125
|
+
# sample of `MaxItems` requests. If `PopulationSize` is less than
|
1126
|
+
# `MaxItems`, the sample includes every request that your AWS resource
|
1127
|
+
# received during the specified time range.
|
1128
|
+
# @return [Integer]
|
1129
|
+
#
|
1130
|
+
# @!attribute [rw] time_window
|
1131
|
+
# Usually, `TimeWindow` is the time range that you specified in the
|
1132
|
+
# `GetSampledRequests` request. However, if your AWS resource received
|
1133
|
+
# more than 5,000 requests during the time range that you specified in
|
1134
|
+
# the request, `GetSampledRequests` returns the time range for the
|
1135
|
+
# first 5,000 requests.
|
1136
|
+
# @return [Types::TimeWindow]
|
1137
|
+
class GetSampledRequestsResponse < Struct.new(
|
1138
|
+
:sampled_requests,
|
1139
|
+
:population_size,
|
1140
|
+
:time_window)
|
1141
|
+
include Aws::Structure
|
1142
|
+
end
|
1143
|
+
|
1144
|
+
# @note When making an API call, pass GetSizeConstraintSetRequest
|
1145
|
+
# data as a hash:
|
1146
|
+
#
|
1147
|
+
# {
|
1148
|
+
# size_constraint_set_id: "ResourceId", # required
|
1149
|
+
# }
|
1150
|
+
# @!attribute [rw] size_constraint_set_id
|
1151
|
+
# The `SizeConstraintSetId` of the SizeConstraintSet that you want to
|
1152
|
+
# get. `SizeConstraintSetId` is returned by CreateSizeConstraintSet
|
1153
|
+
# and by ListSizeConstraintSets.
|
1154
|
+
# @return [String]
|
1155
|
+
class GetSizeConstraintSetRequest < Struct.new(
|
1156
|
+
:size_constraint_set_id)
|
1157
|
+
include Aws::Structure
|
1158
|
+
end
|
1159
|
+
|
1160
|
+
# @!attribute [rw] size_constraint_set
|
1161
|
+
# Information about the SizeConstraintSet that you specified in the
|
1162
|
+
# `GetSizeConstraintSet` request. For more information, see the
|
1163
|
+
# following topics:
|
1164
|
+
#
|
1165
|
+
# * SizeConstraintSet: Contains `SizeConstraintSetId`,
|
1166
|
+
# `SizeConstraints`, and `Name`
|
1167
|
+
#
|
1168
|
+
# * `SizeConstraints`\: Contains an array of SizeConstraint objects.
|
1169
|
+
# Each `SizeConstraint` object contains FieldToMatch,
|
1170
|
+
# `TextTransformation`, `ComparisonOperator`, and `Size`
|
1171
|
+
#
|
1172
|
+
# * FieldToMatch: Contains `Data` and `Type`
|
1173
|
+
# @return [Types::SizeConstraintSet]
|
1174
|
+
class GetSizeConstraintSetResponse < Struct.new(
|
1175
|
+
:size_constraint_set)
|
1176
|
+
include Aws::Structure
|
1177
|
+
end
|
1178
|
+
|
1179
|
+
# A request to get a SqlInjectionMatchSet.
|
1180
|
+
# @note When making an API call, pass GetSqlInjectionMatchSetRequest
|
1181
|
+
# data as a hash:
|
1182
|
+
#
|
1183
|
+
# {
|
1184
|
+
# sql_injection_match_set_id: "ResourceId", # required
|
1185
|
+
# }
|
1186
|
+
# @!attribute [rw] sql_injection_match_set_id
|
1187
|
+
# The `SqlInjectionMatchSetId` of the SqlInjectionMatchSet that you
|
1188
|
+
# want to get. `SqlInjectionMatchSetId` is returned by
|
1189
|
+
# CreateSqlInjectionMatchSet and by ListSqlInjectionMatchSets.
|
1190
|
+
# @return [String]
|
1191
|
+
class GetSqlInjectionMatchSetRequest < Struct.new(
|
1192
|
+
:sql_injection_match_set_id)
|
1193
|
+
include Aws::Structure
|
1194
|
+
end
|
1195
|
+
|
1196
|
+
# The response to a GetSqlInjectionMatchSet request.
|
1197
|
+
# @!attribute [rw] sql_injection_match_set
|
1198
|
+
# Information about the SqlInjectionMatchSet that you specified in the
|
1199
|
+
# `GetSqlInjectionMatchSet` request. For more information, see the
|
1200
|
+
# following topics:
|
1201
|
+
#
|
1202
|
+
# * SqlInjectionMatchSet: Contains `Name`, `SqlInjectionMatchSetId`,
|
1203
|
+
# and an array of `SqlInjectionMatchTuple` objects
|
1204
|
+
#
|
1205
|
+
# * SqlInjectionMatchTuple: Each `SqlInjectionMatchTuple` object
|
1206
|
+
# contains `FieldToMatch` and `TextTransformation`
|
1207
|
+
#
|
1208
|
+
# * FieldToMatch: Contains `Data` and `Type`
|
1209
|
+
# @return [Types::SqlInjectionMatchSet]
|
1210
|
+
class GetSqlInjectionMatchSetResponse < Struct.new(
|
1211
|
+
:sql_injection_match_set)
|
1212
|
+
include Aws::Structure
|
1213
|
+
end
|
1214
|
+
|
1215
|
+
# @note When making an API call, pass GetWebACLRequest
|
1216
|
+
# data as a hash:
|
1217
|
+
#
|
1218
|
+
# {
|
1219
|
+
# web_acl_id: "ResourceId", # required
|
1220
|
+
# }
|
1221
|
+
# @!attribute [rw] web_acl_id
|
1222
|
+
# The `WebACLId` of the WebACL that you want to get. `WebACLId` is
|
1223
|
+
# returned by CreateWebACL and by ListWebACLs.
|
1224
|
+
# @return [String]
|
1225
|
+
class GetWebACLRequest < Struct.new(
|
1226
|
+
:web_acl_id)
|
1227
|
+
include Aws::Structure
|
1228
|
+
end
|
1229
|
+
|
1230
|
+
# @!attribute [rw] web_acl
|
1231
|
+
# Information about the WebACL that you specified in the `GetWebACL`
|
1232
|
+
# request. For more information, see the following topics:
|
1233
|
+
#
|
1234
|
+
# * WebACL: Contains `DefaultAction`, `MetricName`, `Name`, an array
|
1235
|
+
# of `Rule` objects, and `WebACLId`
|
1236
|
+
#
|
1237
|
+
# * `DefaultAction` (Data type is WafAction): Contains `Type`
|
1238
|
+
#
|
1239
|
+
# * `Rules`\: Contains an array of `ActivatedRule` objects, which
|
1240
|
+
# contain `Action`, `Priority`, and `RuleId`
|
1241
|
+
#
|
1242
|
+
# * `Action`\: Contains `Type`
|
1243
|
+
# @return [Types::WebACL]
|
1244
|
+
class GetWebACLResponse < Struct.new(
|
1245
|
+
:web_acl)
|
1246
|
+
include Aws::Structure
|
1247
|
+
end
|
1248
|
+
|
1249
|
+
# A request to get an XssMatchSet.
|
1250
|
+
# @note When making an API call, pass GetXssMatchSetRequest
|
1251
|
+
# data as a hash:
|
1252
|
+
#
|
1253
|
+
# {
|
1254
|
+
# xss_match_set_id: "ResourceId", # required
|
1255
|
+
# }
|
1256
|
+
# @!attribute [rw] xss_match_set_id
|
1257
|
+
# The `XssMatchSetId` of the XssMatchSet that you want to get.
|
1258
|
+
# `XssMatchSetId` is returned by CreateXssMatchSet and by
|
1259
|
+
# ListXssMatchSets.
|
1260
|
+
# @return [String]
|
1261
|
+
class GetXssMatchSetRequest < Struct.new(
|
1262
|
+
:xss_match_set_id)
|
1263
|
+
include Aws::Structure
|
1264
|
+
end
|
1265
|
+
|
1266
|
+
# The response to a GetXssMatchSet request.
|
1267
|
+
# @!attribute [rw] xss_match_set
|
1268
|
+
# Information about the XssMatchSet that you specified in the
|
1269
|
+
# `GetXssMatchSet` request. For more information, see the following
|
1270
|
+
# topics:
|
1271
|
+
#
|
1272
|
+
# * XssMatchSet: Contains `Name`, `XssMatchSetId`, and an array of
|
1273
|
+
# `XssMatchTuple` objects
|
1274
|
+
#
|
1275
|
+
# * XssMatchTuple: Each `XssMatchTuple` object contains `FieldToMatch`
|
1276
|
+
# and `TextTransformation`
|
1277
|
+
#
|
1278
|
+
# * FieldToMatch: Contains `Data` and `Type`
|
1279
|
+
# @return [Types::XssMatchSet]
|
1280
|
+
class GetXssMatchSetResponse < Struct.new(
|
1281
|
+
:xss_match_set)
|
1282
|
+
include Aws::Structure
|
1283
|
+
end
|
1284
|
+
|
1285
|
+
# The response from a GetSampledRequests request includes an
|
1286
|
+
# `HTTPHeader` complex type that appears as `Headers` in the response
|
1287
|
+
# syntax. `HTTPHeader` contains the names and values of all of the
|
1288
|
+
# headers that appear in one of the web requests that were returned by
|
1289
|
+
# `GetSampledRequests`.
|
1290
|
+
# @!attribute [rw] name
|
1291
|
+
# The name of one of the headers in the sampled web request.
|
1292
|
+
# @return [String]
|
1293
|
+
#
|
1294
|
+
# @!attribute [rw] value
|
1295
|
+
# The value of one of the headers in the sampled web request.
|
1296
|
+
# @return [String]
|
1297
|
+
class HTTPHeader < Struct.new(
|
1298
|
+
:name,
|
1299
|
+
:value)
|
1300
|
+
include Aws::Structure
|
1301
|
+
end
|
1302
|
+
|
1303
|
+
# The response from a GetSampledRequests request includes an
|
1304
|
+
# `HTTPRequest` complex type that appears as `Request` in the response
|
1305
|
+
# syntax. `HTTPRequest` contains information about one of the web
|
1306
|
+
# requests that were returned by `GetSampledRequests`.
|
1307
|
+
# @!attribute [rw] client_ip
|
1308
|
+
# The IP address that the request originated from. If the `WebACL` is
|
1309
|
+
# associated with a CloudFront distribution, this is the value of one
|
1310
|
+
# of the following fields in CloudFront access logs:
|
1311
|
+
#
|
1312
|
+
# * `c-ip`, if the viewer did not use an HTTP proxy or a load balancer
|
1313
|
+
# to send the request
|
1314
|
+
#
|
1315
|
+
# * `x-forwarded-for`, if the viewer did use an HTTP proxy or a load
|
1316
|
+
# balancer to send the request
|
1317
|
+
# @return [String]
|
1318
|
+
#
|
1319
|
+
# @!attribute [rw] country
|
1320
|
+
# The two-letter country code for the country that the request
|
1321
|
+
# originated from. For a current list of country codes, see the
|
1322
|
+
# Wikipedia entry [ISO 3166-1 alpha-2][1].
|
1323
|
+
#
|
1324
|
+
#
|
1325
|
+
#
|
1326
|
+
# [1]: https://en.wikipedia.org/wiki/ISO_3166-1_alpha-2
|
1327
|
+
# @return [String]
|
1328
|
+
#
|
1329
|
+
# @!attribute [rw] uri
|
1330
|
+
# The part of a web request that identifies the resource, for example,
|
1331
|
+
# `/images/daily-ad.jpg`.
|
1332
|
+
# @return [String]
|
1333
|
+
#
|
1334
|
+
# @!attribute [rw] method
|
1335
|
+
# The HTTP method specified in the sampled web request. CloudFront
|
1336
|
+
# supports the following methods: `DELETE`, `GET`, `HEAD`, `OPTIONS`,
|
1337
|
+
# `PATCH`, `POST`, and `PUT`.
|
1338
|
+
# @return [String]
|
1339
|
+
#
|
1340
|
+
# @!attribute [rw] http_version
|
1341
|
+
# The HTTP version specified in the sampled web request, for example,
|
1342
|
+
# `HTTP/1.1`.
|
1343
|
+
# @return [String]
|
1344
|
+
#
|
1345
|
+
# @!attribute [rw] headers
|
1346
|
+
# A complex type that contains two values for each header in the
|
1347
|
+
# sampled web request: the name of the header and the value of the
|
1348
|
+
# header.
|
1349
|
+
# @return [Array<Types::HTTPHeader>]
|
1350
|
+
class HTTPRequest < Struct.new(
|
1351
|
+
:client_ip,
|
1352
|
+
:country,
|
1353
|
+
:uri,
|
1354
|
+
:method,
|
1355
|
+
:http_version,
|
1356
|
+
:headers)
|
1357
|
+
include Aws::Structure
|
1358
|
+
end
|
1359
|
+
|
1360
|
+
# Contains one or more IP addresses or blocks of IP addresses specified
|
1361
|
+
# in Classless Inter-Domain Routing (CIDR) notation. To specify an
|
1362
|
+
# individual IP address, you specify the four-part IP address followed
|
1363
|
+
# by a `/32`, for example, 192.0.2.0/31. To block a range of IP
|
1364
|
+
# addresses, you can specify a `/24`, a `/16`, or a `/8` CIDR. For more
|
1365
|
+
# information about CIDR notation, perform an Internet search on `cidr
|
1366
|
+
# notation`.
|
1367
|
+
# @!attribute [rw] ip_set_id
|
1368
|
+
# The `IPSetId` for an `IPSet`. You use `IPSetId` to get information
|
1369
|
+
# about an `IPSet` (see GetIPSet), update an `IPSet` (see
|
1370
|
+
# UpdateIPSet), insert an `IPSet` into a `Rule` or delete one from a
|
1371
|
+
# `Rule` (see UpdateRule), and delete an `IPSet` from AWS WAF (see
|
1372
|
+
# DeleteIPSet).
|
1373
|
+
#
|
1374
|
+
# `IPSetId` is returned by CreateIPSet and by ListIPSets.
|
1375
|
+
# @return [String]
|
1376
|
+
#
|
1377
|
+
# @!attribute [rw] name
|
1378
|
+
# A friendly name or description of the IPSet. You can't change the
|
1379
|
+
# name of an `IPSet` after you create it.
|
1380
|
+
# @return [String]
|
1381
|
+
#
|
1382
|
+
# @!attribute [rw] ip_set_descriptors
|
1383
|
+
# The IP address type (`IPV4`) and the IP address range (in CIDR
|
1384
|
+
# notation) that web requests originate from. If the `WebACL` is
|
1385
|
+
# associated with a CloudFront distribution, this is the value of one
|
1386
|
+
# of the following fields in CloudFront access logs:
|
1387
|
+
#
|
1388
|
+
# * `c-ip`, if the viewer did not use an HTTP proxy or a load balancer
|
1389
|
+
# to send the request
|
1390
|
+
#
|
1391
|
+
# * `x-forwarded-for`, if the viewer did use an HTTP proxy or a load
|
1392
|
+
# balancer to send the request
|
1393
|
+
# @return [Array<Types::IPSetDescriptor>]
|
1394
|
+
class IPSet < Struct.new(
|
1395
|
+
:ip_set_id,
|
1396
|
+
:name,
|
1397
|
+
:ip_set_descriptors)
|
1398
|
+
include Aws::Structure
|
1399
|
+
end
|
1400
|
+
|
1401
|
+
# Specifies the IP address type (`IPV4`) and the IP address range (in
|
1402
|
+
# CIDR format) that web requests originate from.
|
1403
|
+
# @note When making an API call, pass IPSetDescriptor
|
1404
|
+
# data as a hash:
|
1405
|
+
#
|
1406
|
+
# {
|
1407
|
+
# type: "IPV4", # required, accepts IPV4, IPV6
|
1408
|
+
# value: "IPSetDescriptorValue", # required
|
1409
|
+
# }
|
1410
|
+
# @!attribute [rw] type
|
1411
|
+
# Specify `IPV4`.
|
1412
|
+
# @return [String]
|
1413
|
+
#
|
1414
|
+
# @!attribute [rw] value
|
1415
|
+
# Specify an IPv4 address by using CIDR notation. For example:
|
1416
|
+
#
|
1417
|
+
# * To configure AWS WAF to allow, block, or count requests that
|
1418
|
+
# originated from the IP address 192.0.2.44, specify
|
1419
|
+
# `192.0.2.44/32`.
|
1420
|
+
#
|
1421
|
+
# * To configure AWS WAF to allow, block, or count requests that
|
1422
|
+
# originated from IP addresses from 192.0.2.0 to 192.0.2.255,
|
1423
|
+
# specify `192.0.2.0/24`.
|
1424
|
+
#
|
1425
|
+
# AWS WAF supports only /8, /16, /24, and /32 IP addresses.
|
1426
|
+
#
|
1427
|
+
# For more information about CIDR notation, see the Wikipedia entry
|
1428
|
+
# [Classless Inter-Domain Routing][1].
|
1429
|
+
#
|
1430
|
+
#
|
1431
|
+
#
|
1432
|
+
# [1]: https://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing
|
1433
|
+
# @return [String]
|
1434
|
+
class IPSetDescriptor < Struct.new(
|
1435
|
+
:type,
|
1436
|
+
:value)
|
1437
|
+
include Aws::Structure
|
1438
|
+
end
|
1439
|
+
|
1440
|
+
# Contains the identifier and the name of the `IPSet`.
|
1441
|
+
# @!attribute [rw] ip_set_id
|
1442
|
+
# The `IPSetId` for an IPSet. You can use `IPSetId` in a GetIPSet
|
1443
|
+
# request to get detailed information about an IPSet.
|
1444
|
+
# @return [String]
|
1445
|
+
#
|
1446
|
+
# @!attribute [rw] name
|
1447
|
+
# A friendly name or description of the IPSet. You can't change the
|
1448
|
+
# name of an `IPSet` after you create it.
|
1449
|
+
# @return [String]
|
1450
|
+
class IPSetSummary < Struct.new(
|
1451
|
+
:ip_set_id,
|
1452
|
+
:name)
|
1453
|
+
include Aws::Structure
|
1454
|
+
end
|
1455
|
+
|
1456
|
+
# Specifies the type of update to perform to an IPSet with UpdateIPSet.
|
1457
|
+
# @note When making an API call, pass IPSetUpdate
|
1458
|
+
# data as a hash:
|
1459
|
+
#
|
1460
|
+
# {
|
1461
|
+
# action: "INSERT", # required, accepts INSERT, DELETE
|
1462
|
+
# ip_set_descriptor: { # required
|
1463
|
+
# type: "IPV4", # required, accepts IPV4, IPV6
|
1464
|
+
# value: "IPSetDescriptorValue", # required
|
1465
|
+
# },
|
1466
|
+
# }
|
1467
|
+
# @!attribute [rw] action
|
1468
|
+
# Specifies whether to insert or delete an IP address with
|
1469
|
+
# UpdateIPSet.
|
1470
|
+
# @return [String]
|
1471
|
+
#
|
1472
|
+
# @!attribute [rw] ip_set_descriptor
|
1473
|
+
# The IP address type (`IPV4`) and the IP address range (in CIDR
|
1474
|
+
# notation) that web requests originate from.
|
1475
|
+
# @return [Types::IPSetDescriptor]
|
1476
|
+
class IPSetUpdate < Struct.new(
|
1477
|
+
:action,
|
1478
|
+
:ip_set_descriptor)
|
1479
|
+
include Aws::Structure
|
1480
|
+
end
|
1481
|
+
|
1482
|
+
# @note When making an API call, pass ListByteMatchSetsRequest
|
1483
|
+
# data as a hash:
|
1484
|
+
#
|
1485
|
+
# {
|
1486
|
+
# next_marker: "NextMarker",
|
1487
|
+
# limit: 1,
|
1488
|
+
# }
|
1489
|
+
# @!attribute [rw] next_marker
|
1490
|
+
# If you specify a value for `Limit` and you have more `ByteMatchSets`
|
1491
|
+
# than the value of `Limit`, AWS WAF returns a `NextMarker` value in
|
1492
|
+
# the response that allows you to list another group of
|
1493
|
+
# `ByteMatchSets`. For the second and subsequent `ListByteMatchSets`
|
1494
|
+
# requests, specify the value of `NextMarker` from the previous
|
1495
|
+
# response to get information about another batch of `ByteMatchSets`.
|
1496
|
+
# @return [String]
|
1497
|
+
#
|
1498
|
+
# @!attribute [rw] limit
|
1499
|
+
# Specifies the number of `ByteMatchSet` objects that you want AWS WAF
|
1500
|
+
# to return for this request. If you have more `ByteMatchSets` objects
|
1501
|
+
# than the number you specify for `Limit`, the response includes a
|
1502
|
+
# `NextMarker` value that you can use to get another batch of
|
1503
|
+
# `ByteMatchSet` objects.
|
1504
|
+
# @return [Integer]
|
1505
|
+
class ListByteMatchSetsRequest < Struct.new(
|
1506
|
+
:next_marker,
|
1507
|
+
:limit)
|
1508
|
+
include Aws::Structure
|
1509
|
+
end
|
1510
|
+
|
1511
|
+
# @!attribute [rw] next_marker
|
1512
|
+
# If you have more `ByteMatchSet` objects than the number that you
|
1513
|
+
# specified for `Limit` in the request, the response includes a
|
1514
|
+
# `NextMarker` value. To list more `ByteMatchSet` objects, submit
|
1515
|
+
# another `ListByteMatchSets` request, and specify the `NextMarker`
|
1516
|
+
# value from the response in the `NextMarker` value in the next
|
1517
|
+
# request.
|
1518
|
+
# @return [String]
|
1519
|
+
#
|
1520
|
+
# @!attribute [rw] byte_match_sets
|
1521
|
+
# An array of ByteMatchSetSummary objects.
|
1522
|
+
# @return [Array<Types::ByteMatchSetSummary>]
|
1523
|
+
class ListByteMatchSetsResponse < Struct.new(
|
1524
|
+
:next_marker,
|
1525
|
+
:byte_match_sets)
|
1526
|
+
include Aws::Structure
|
1527
|
+
end
|
1528
|
+
|
1529
|
+
# @note When making an API call, pass ListIPSetsRequest
|
1530
|
+
# data as a hash:
|
1531
|
+
#
|
1532
|
+
# {
|
1533
|
+
# next_marker: "NextMarker",
|
1534
|
+
# limit: 1,
|
1535
|
+
# }
|
1536
|
+
# @!attribute [rw] next_marker
|
1537
|
+
# If you specify a value for `Limit` and you have more `IPSets` than
|
1538
|
+
# the value of `Limit`, AWS WAF returns a `NextMarker` value in the
|
1539
|
+
# response that allows you to list another group of `IPSets`. For the
|
1540
|
+
# second and subsequent `ListIPSets` requests, specify the value of
|
1541
|
+
# `NextMarker` from the previous response to get information about
|
1542
|
+
# another batch of `ByteMatchSets`.
|
1543
|
+
# @return [String]
|
1544
|
+
#
|
1545
|
+
# @!attribute [rw] limit
|
1546
|
+
# Specifies the number of `IPSet` objects that you want AWS WAF to
|
1547
|
+
# return for this request. If you have more `IPSet` objects than the
|
1548
|
+
# number you specify for `Limit`, the response includes a `NextMarker`
|
1549
|
+
# value that you can use to get another batch of `IPSet` objects.
|
1550
|
+
# @return [Integer]
|
1551
|
+
class ListIPSetsRequest < Struct.new(
|
1552
|
+
:next_marker,
|
1553
|
+
:limit)
|
1554
|
+
include Aws::Structure
|
1555
|
+
end
|
1556
|
+
|
1557
|
+
# @!attribute [rw] next_marker
|
1558
|
+
# If you have more `IPSet` objects than the number that you specified
|
1559
|
+
# for `Limit` in the request, the response includes a `NextMarker`
|
1560
|
+
# value. To list more `IPSet` objects, submit another `ListIPSets`
|
1561
|
+
# request, and specify the `NextMarker` value from the response in the
|
1562
|
+
# `NextMarker` value in the next request.
|
1563
|
+
# @return [String]
|
1564
|
+
#
|
1565
|
+
# @!attribute [rw] ip_sets
|
1566
|
+
# An array of IPSetSummary objects.
|
1567
|
+
# @return [Array<Types::IPSetSummary>]
|
1568
|
+
class ListIPSetsResponse < Struct.new(
|
1569
|
+
:next_marker,
|
1570
|
+
:ip_sets)
|
1571
|
+
include Aws::Structure
|
1572
|
+
end
|
1573
|
+
|
1574
|
+
# @note When making an API call, pass ListRulesRequest
|
1575
|
+
# data as a hash:
|
1576
|
+
#
|
1577
|
+
# {
|
1578
|
+
# next_marker: "NextMarker",
|
1579
|
+
# limit: 1,
|
1580
|
+
# }
|
1581
|
+
# @!attribute [rw] next_marker
|
1582
|
+
# If you specify a value for `Limit` and you have more `Rules` than
|
1583
|
+
# the value of `Limit`, AWS WAF returns a `NextMarker` value in the
|
1584
|
+
# response that allows you to list another group of `Rules`. For the
|
1585
|
+
# second and subsequent `ListRules` requests, specify the value of
|
1586
|
+
# `NextMarker` from the previous response to get information about
|
1587
|
+
# another batch of `Rules`.
|
1588
|
+
# @return [String]
|
1589
|
+
#
|
1590
|
+
# @!attribute [rw] limit
|
1591
|
+
# Specifies the number of `Rules` that you want AWS WAF to return for
|
1592
|
+
# this request. If you have more `Rules` than the number that you
|
1593
|
+
# specify for `Limit`, the response includes a `NextMarker` value that
|
1594
|
+
# you can use to get another batch of `Rules`.
|
1595
|
+
# @return [Integer]
|
1596
|
+
class ListRulesRequest < Struct.new(
|
1597
|
+
:next_marker,
|
1598
|
+
:limit)
|
1599
|
+
include Aws::Structure
|
1600
|
+
end
|
1601
|
+
|
1602
|
+
# @!attribute [rw] next_marker
|
1603
|
+
# If you have more `Rules` than the number that you specified for
|
1604
|
+
# `Limit` in the request, the response includes a `NextMarker` value.
|
1605
|
+
# To list more `Rules`, submit another `ListRules` request, and
|
1606
|
+
# specify the `NextMarker` value from the response in the `NextMarker`
|
1607
|
+
# value in the next request.
|
1608
|
+
# @return [String]
|
1609
|
+
#
|
1610
|
+
# @!attribute [rw] rules
|
1611
|
+
# An array of RuleSummary objects.
|
1612
|
+
# @return [Array<Types::RuleSummary>]
|
1613
|
+
class ListRulesResponse < Struct.new(
|
1614
|
+
:next_marker,
|
1615
|
+
:rules)
|
1616
|
+
include Aws::Structure
|
1617
|
+
end
|
1618
|
+
|
1619
|
+
# @note When making an API call, pass ListSizeConstraintSetsRequest
|
1620
|
+
# data as a hash:
|
1621
|
+
#
|
1622
|
+
# {
|
1623
|
+
# next_marker: "NextMarker",
|
1624
|
+
# limit: 1,
|
1625
|
+
# }
|
1626
|
+
# @!attribute [rw] next_marker
|
1627
|
+
# If you specify a value for `Limit` and you have more
|
1628
|
+
# `SizeConstraintSets` than the value of `Limit`, AWS WAF returns a
|
1629
|
+
# `NextMarker` value in the response that allows you to list another
|
1630
|
+
# group of `SizeConstraintSets`. For the second and subsequent
|
1631
|
+
# `ListSizeConstraintSets` requests, specify the value of `NextMarker`
|
1632
|
+
# from the previous response to get information about another batch of
|
1633
|
+
# `SizeConstraintSets`.
|
1634
|
+
# @return [String]
|
1635
|
+
#
|
1636
|
+
# @!attribute [rw] limit
|
1637
|
+
# Specifies the number of `SizeConstraintSet` objects that you want
|
1638
|
+
# AWS WAF to return for this request. If you have more
|
1639
|
+
# `SizeConstraintSets` objects than the number you specify for
|
1640
|
+
# `Limit`, the response includes a `NextMarker` value that you can use
|
1641
|
+
# to get another batch of `SizeConstraintSet` objects.
|
1642
|
+
# @return [Integer]
|
1643
|
+
class ListSizeConstraintSetsRequest < Struct.new(
|
1644
|
+
:next_marker,
|
1645
|
+
:limit)
|
1646
|
+
include Aws::Structure
|
1647
|
+
end
|
1648
|
+
|
1649
|
+
# @!attribute [rw] next_marker
|
1650
|
+
# If you have more `SizeConstraintSet` objects than the number that
|
1651
|
+
# you specified for `Limit` in the request, the response includes a
|
1652
|
+
# `NextMarker` value. To list more `SizeConstraintSet` objects, submit
|
1653
|
+
# another `ListSizeConstraintSets` request, and specify the
|
1654
|
+
# `NextMarker` value from the response in the `NextMarker` value in
|
1655
|
+
# the next request.
|
1656
|
+
# @return [String]
|
1657
|
+
#
|
1658
|
+
# @!attribute [rw] size_constraint_sets
|
1659
|
+
# An array of SizeConstraintSetSummary objects.
|
1660
|
+
# @return [Array<Types::SizeConstraintSetSummary>]
|
1661
|
+
class ListSizeConstraintSetsResponse < Struct.new(
|
1662
|
+
:next_marker,
|
1663
|
+
:size_constraint_sets)
|
1664
|
+
include Aws::Structure
|
1665
|
+
end
|
1666
|
+
|
1667
|
+
# A request to list the SqlInjectionMatchSet objects created by the
|
1668
|
+
# current AWS account.
|
1669
|
+
# @note When making an API call, pass ListSqlInjectionMatchSetsRequest
|
1670
|
+
# data as a hash:
|
1671
|
+
#
|
1672
|
+
# {
|
1673
|
+
# next_marker: "NextMarker",
|
1674
|
+
# limit: 1,
|
1675
|
+
# }
|
1676
|
+
# @!attribute [rw] next_marker
|
1677
|
+
# If you specify a value for `Limit` and you have more
|
1678
|
+
# SqlInjectionMatchSet objects than the value of `Limit`, AWS WAF
|
1679
|
+
# returns a `NextMarker` value in the response that allows you to list
|
1680
|
+
# another group of `SqlInjectionMatchSets`. For the second and
|
1681
|
+
# subsequent `ListSqlInjectionMatchSets` requests, specify the value
|
1682
|
+
# of `NextMarker` from the previous response to get information about
|
1683
|
+
# another batch of `SqlInjectionMatchSets`.
|
1684
|
+
# @return [String]
|
1685
|
+
#
|
1686
|
+
# @!attribute [rw] limit
|
1687
|
+
# Specifies the number of SqlInjectionMatchSet objects that you want
|
1688
|
+
# AWS WAF to return for this request. If you have more
|
1689
|
+
# `SqlInjectionMatchSet` objects than the number you specify for
|
1690
|
+
# `Limit`, the response includes a `NextMarker` value that you can use
|
1691
|
+
# to get another batch of `Rules`.
|
1692
|
+
# @return [Integer]
|
1693
|
+
class ListSqlInjectionMatchSetsRequest < Struct.new(
|
1694
|
+
:next_marker,
|
1695
|
+
:limit)
|
1696
|
+
include Aws::Structure
|
1697
|
+
end
|
1698
|
+
|
1699
|
+
# The response to a ListSqlInjectionMatchSets request.
|
1700
|
+
# @!attribute [rw] next_marker
|
1701
|
+
# If you have more SqlInjectionMatchSet objects than the number that
|
1702
|
+
# you specified for `Limit` in the request, the response includes a
|
1703
|
+
# `NextMarker` value. To list more `SqlInjectionMatchSet` objects,
|
1704
|
+
# submit another `ListSqlInjectionMatchSets` request, and specify the
|
1705
|
+
# `NextMarker` value from the response in the `NextMarker` value in
|
1706
|
+
# the next request.
|
1707
|
+
# @return [String]
|
1708
|
+
#
|
1709
|
+
# @!attribute [rw] sql_injection_match_sets
|
1710
|
+
# An array of SqlInjectionMatchSetSummary objects.
|
1711
|
+
# @return [Array<Types::SqlInjectionMatchSetSummary>]
|
1712
|
+
class ListSqlInjectionMatchSetsResponse < Struct.new(
|
1713
|
+
:next_marker,
|
1714
|
+
:sql_injection_match_sets)
|
1715
|
+
include Aws::Structure
|
1716
|
+
end
|
1717
|
+
|
1718
|
+
# @note When making an API call, pass ListWebACLsRequest
|
1719
|
+
# data as a hash:
|
1720
|
+
#
|
1721
|
+
# {
|
1722
|
+
# next_marker: "NextMarker",
|
1723
|
+
# limit: 1,
|
1724
|
+
# }
|
1725
|
+
# @!attribute [rw] next_marker
|
1726
|
+
# If you specify a value for `Limit` and you have more `WebACL`
|
1727
|
+
# objects than the number that you specify for `Limit`, AWS WAF
|
1728
|
+
# returns a `NextMarker` value in the response that allows you to list
|
1729
|
+
# another group of `WebACL` objects. For the second and subsequent
|
1730
|
+
# `ListWebACLs` requests, specify the value of `NextMarker` from the
|
1731
|
+
# previous response to get information about another batch of `WebACL`
|
1732
|
+
# objects.
|
1733
|
+
# @return [String]
|
1734
|
+
#
|
1735
|
+
# @!attribute [rw] limit
|
1736
|
+
# Specifies the number of `WebACL` objects that you want AWS WAF to
|
1737
|
+
# return for this request. If you have more `WebACL` objects than the
|
1738
|
+
# number that you specify for `Limit`, the response includes a
|
1739
|
+
# `NextMarker` value that you can use to get another batch of `WebACL`
|
1740
|
+
# objects.
|
1741
|
+
# @return [Integer]
|
1742
|
+
class ListWebACLsRequest < Struct.new(
|
1743
|
+
:next_marker,
|
1744
|
+
:limit)
|
1745
|
+
include Aws::Structure
|
1746
|
+
end
|
1747
|
+
|
1748
|
+
# @!attribute [rw] next_marker
|
1749
|
+
# If you have more `WebACL` objects than the number that you specified
|
1750
|
+
# for `Limit` in the request, the response includes a `NextMarker`
|
1751
|
+
# value. To list more `WebACL` objects, submit another `ListWebACLs`
|
1752
|
+
# request, and specify the `NextMarker` value from the response in the
|
1753
|
+
# `NextMarker` value in the next request.
|
1754
|
+
# @return [String]
|
1755
|
+
#
|
1756
|
+
# @!attribute [rw] web_acls
|
1757
|
+
# An array of WebACLSummary objects.
|
1758
|
+
# @return [Array<Types::WebACLSummary>]
|
1759
|
+
class ListWebACLsResponse < Struct.new(
|
1760
|
+
:next_marker,
|
1761
|
+
:web_acls)
|
1762
|
+
include Aws::Structure
|
1763
|
+
end
|
1764
|
+
|
1765
|
+
# A request to list the XssMatchSet objects created by the current AWS
|
1766
|
+
# account.
|
1767
|
+
# @note When making an API call, pass ListXssMatchSetsRequest
|
1768
|
+
# data as a hash:
|
1769
|
+
#
|
1770
|
+
# {
|
1771
|
+
# next_marker: "NextMarker",
|
1772
|
+
# limit: 1,
|
1773
|
+
# }
|
1774
|
+
# @!attribute [rw] next_marker
|
1775
|
+
# If you specify a value for `Limit` and you have more XssMatchSet
|
1776
|
+
# objects than the value of `Limit`, AWS WAF returns a `NextMarker`
|
1777
|
+
# value in the response that allows you to list another group of
|
1778
|
+
# `XssMatchSets`. For the second and subsequent `ListXssMatchSets`
|
1779
|
+
# requests, specify the value of `NextMarker` from the previous
|
1780
|
+
# response to get information about another batch of `XssMatchSets`.
|
1781
|
+
# @return [String]
|
1782
|
+
#
|
1783
|
+
# @!attribute [rw] limit
|
1784
|
+
# Specifies the number of XssMatchSet objects that you want AWS WAF to
|
1785
|
+
# return for this request. If you have more `XssMatchSet` objects than
|
1786
|
+
# the number you specify for `Limit`, the response includes a
|
1787
|
+
# `NextMarker` value that you can use to get another batch of `Rules`.
|
1788
|
+
# @return [Integer]
|
1789
|
+
class ListXssMatchSetsRequest < Struct.new(
|
1790
|
+
:next_marker,
|
1791
|
+
:limit)
|
1792
|
+
include Aws::Structure
|
1793
|
+
end
|
1794
|
+
|
1795
|
+
# The response to a ListXssMatchSets request.
|
1796
|
+
# @!attribute [rw] next_marker
|
1797
|
+
# If you have more XssMatchSet objects than the number that you
|
1798
|
+
# specified for `Limit` in the request, the response includes a
|
1799
|
+
# `NextMarker` value. To list more `XssMatchSet` objects, submit
|
1800
|
+
# another `ListXssMatchSets` request, and specify the `NextMarker`
|
1801
|
+
# value from the response in the `NextMarker` value in the next
|
1802
|
+
# request.
|
1803
|
+
# @return [String]
|
1804
|
+
#
|
1805
|
+
# @!attribute [rw] xss_match_sets
|
1806
|
+
# An array of XssMatchSetSummary objects.
|
1807
|
+
# @return [Array<Types::XssMatchSetSummary>]
|
1808
|
+
class ListXssMatchSetsResponse < Struct.new(
|
1809
|
+
:next_marker,
|
1810
|
+
:xss_match_sets)
|
1811
|
+
include Aws::Structure
|
1812
|
+
end
|
1813
|
+
|
1814
|
+
# Specifies the ByteMatchSet, IPSet, SqlInjectionMatchSet, XssMatchSet,
|
1815
|
+
# and SizeConstraintSet objects that you want to add to a `Rule` and,
|
1816
|
+
# for each object, indicates whether you want to negate the settings,
|
1817
|
+
# for example, requests that do NOT originate from the IP address
|
1818
|
+
# 192.0.2.44.
|
1819
|
+
# @note When making an API call, pass Predicate
|
1820
|
+
# data as a hash:
|
1821
|
+
#
|
1822
|
+
# {
|
1823
|
+
# negated: false, # required
|
1824
|
+
# type: "IPMatch", # required, accepts IPMatch, ByteMatch, SqlInjectionMatch, SizeConstraint, XssMatch
|
1825
|
+
# data_id: "ResourceId", # required
|
1826
|
+
# }
|
1827
|
+
# @!attribute [rw] negated
|
1828
|
+
# Set `Negated` to `False` if you want AWS WAF to allow, block, or
|
1829
|
+
# count requests based on the settings in the specified ByteMatchSet,
|
1830
|
+
# IPSet, SqlInjectionMatchSet, XssMatchSet, or SizeConstraintSet. For
|
1831
|
+
# example, if an `IPSet` includes the IP address `192.0.2.44`, AWS WAF
|
1832
|
+
# will allow or block requests based on that IP address.
|
1833
|
+
#
|
1834
|
+
# Set `Negated` to `True` if you want AWS WAF to allow or block a
|
1835
|
+
# request based on the negation of the settings in the ByteMatchSet,
|
1836
|
+
# IPSet, SqlInjectionMatchSet, XssMatchSet, or SizeConstraintSet. For
|
1837
|
+
# example, if an `IPSet` includes the IP address `192.0.2.44`, AWS WAF
|
1838
|
+
# will allow, block, or count requests based on all IP addresses
|
1839
|
+
# *except* `192.0.2.44`.
|
1840
|
+
# @return [Boolean]
|
1841
|
+
#
|
1842
|
+
# @!attribute [rw] type
|
1843
|
+
# The type of predicate in a `Rule`, such as `ByteMatchSet` or
|
1844
|
+
# `IPSet`.
|
1845
|
+
# @return [String]
|
1846
|
+
#
|
1847
|
+
# @!attribute [rw] data_id
|
1848
|
+
# A unique identifier for a predicate in a `Rule`, such as
|
1849
|
+
# `ByteMatchSetId` or `IPSetId`. The ID is returned by the
|
1850
|
+
# corresponding `Create` or `List` command.
|
1851
|
+
# @return [String]
|
1852
|
+
class Predicate < Struct.new(
|
1853
|
+
:negated,
|
1854
|
+
:type,
|
1855
|
+
:data_id)
|
1856
|
+
include Aws::Structure
|
1857
|
+
end
|
1858
|
+
|
1859
|
+
# A combination of ByteMatchSet, IPSet, and/or SqlInjectionMatchSet
|
1860
|
+
# objects that identify the web requests that you want to allow, block,
|
1861
|
+
# or count. For example, you might create a `Rule` that includes the
|
1862
|
+
# following predicates:
|
1863
|
+
#
|
1864
|
+
# * An `IPSet` that causes AWS WAF to search for web requests that
|
1865
|
+
# originate from the IP address `192.0.2.44`
|
1866
|
+
#
|
1867
|
+
# * A `ByteMatchSet` that causes AWS WAF to search for web requests for
|
1868
|
+
# which the value of the `User-Agent` header is `BadBot`.
|
1869
|
+
#
|
1870
|
+
# To match the settings in this `Rule`, a request must originate from
|
1871
|
+
# `192.0.2.44` AND include a `User-Agent` header for which the value is
|
1872
|
+
# `BadBot`.
|
1873
|
+
# @!attribute [rw] rule_id
|
1874
|
+
# A unique identifier for a `Rule`. You use `RuleId` to get more
|
1875
|
+
# information about a `Rule` (see GetRule), update a `Rule` (see
|
1876
|
+
# UpdateRule), insert a `Rule` into a `WebACL` or delete a one from a
|
1877
|
+
# `WebACL` (see UpdateWebACL), or delete a `Rule` from AWS WAF (see
|
1878
|
+
# DeleteRule).
|
1879
|
+
#
|
1880
|
+
# `RuleId` is returned by CreateRule and by ListRules.
|
1881
|
+
# @return [String]
|
1882
|
+
#
|
1883
|
+
# @!attribute [rw] name
|
1884
|
+
# The friendly name or description for the `Rule`. You can't change
|
1885
|
+
# the name of a `Rule` after you create it.
|
1886
|
+
# @return [String]
|
1887
|
+
#
|
1888
|
+
# @!attribute [rw] metric_name
|
1889
|
+
# @return [String]
|
1890
|
+
#
|
1891
|
+
# @!attribute [rw] predicates
|
1892
|
+
# The `Predicates` object contains one `Predicate` element for each
|
1893
|
+
# ByteMatchSet, IPSet, or SqlInjectionMatchSet object that you want to
|
1894
|
+
# include in a `Rule`.
|
1895
|
+
# @return [Array<Types::Predicate>]
|
1896
|
+
class Rule < Struct.new(
|
1897
|
+
:rule_id,
|
1898
|
+
:name,
|
1899
|
+
:metric_name,
|
1900
|
+
:predicates)
|
1901
|
+
include Aws::Structure
|
1902
|
+
end
|
1903
|
+
|
1904
|
+
# Contains the identifier and the friendly name or description of the
|
1905
|
+
# `Rule`.
|
1906
|
+
# @!attribute [rw] rule_id
|
1907
|
+
# A unique identifier for a `Rule`. You use `RuleId` to get more
|
1908
|
+
# information about a `Rule` (see GetRule), update a `Rule` (see
|
1909
|
+
# UpdateRule), insert a `Rule` into a `WebACL` or delete one from a
|
1910
|
+
# `WebACL` (see UpdateWebACL), or delete a `Rule` from AWS WAF (see
|
1911
|
+
# DeleteRule).
|
1912
|
+
#
|
1913
|
+
# `RuleId` is returned by CreateRule and by ListRules.
|
1914
|
+
# @return [String]
|
1915
|
+
#
|
1916
|
+
# @!attribute [rw] name
|
1917
|
+
# A friendly name or description of the Rule. You can't change the
|
1918
|
+
# name of a `Rule` after you create it.
|
1919
|
+
# @return [String]
|
1920
|
+
class RuleSummary < Struct.new(
|
1921
|
+
:rule_id,
|
1922
|
+
:name)
|
1923
|
+
include Aws::Structure
|
1924
|
+
end
|
1925
|
+
|
1926
|
+
# Specifies a `Predicate` (such as an `IPSet`) and indicates whether you
|
1927
|
+
# want to add it to a `Rule` or delete it from a `Rule`.
|
1928
|
+
# @note When making an API call, pass RuleUpdate
|
1929
|
+
# data as a hash:
|
1930
|
+
#
|
1931
|
+
# {
|
1932
|
+
# action: "INSERT", # required, accepts INSERT, DELETE
|
1933
|
+
# predicate: { # required
|
1934
|
+
# negated: false, # required
|
1935
|
+
# type: "IPMatch", # required, accepts IPMatch, ByteMatch, SqlInjectionMatch, SizeConstraint, XssMatch
|
1936
|
+
# data_id: "ResourceId", # required
|
1937
|
+
# },
|
1938
|
+
# }
|
1939
|
+
# @!attribute [rw] action
|
1940
|
+
# Specify `INSERT` to add a `Predicate` to a `Rule`. Use `DELETE` to
|
1941
|
+
# remove a `Predicate` from a `Rule`.
|
1942
|
+
# @return [String]
|
1943
|
+
#
|
1944
|
+
# @!attribute [rw] predicate
|
1945
|
+
# The ID of the `Predicate` (such as an `IPSet`) that you want to add
|
1946
|
+
# to a `Rule`.
|
1947
|
+
# @return [Types::Predicate]
|
1948
|
+
class RuleUpdate < Struct.new(
|
1949
|
+
:action,
|
1950
|
+
:predicate)
|
1951
|
+
include Aws::Structure
|
1952
|
+
end
|
1953
|
+
|
1954
|
+
# The response from a GetSampledRequests request includes a
|
1955
|
+
# `SampledHTTPRequests` complex type that appears as `SampledRequests`
|
1956
|
+
# in the response syntax. `SampledHTTPRequests` contains one
|
1957
|
+
# `SampledHTTPRequest` object for each web request that is returned by
|
1958
|
+
# `GetSampledRequests`.
|
1959
|
+
# @!attribute [rw] request
|
1960
|
+
# A complex type that contains detailed information about the request.
|
1961
|
+
# @return [Types::HTTPRequest]
|
1962
|
+
#
|
1963
|
+
# @!attribute [rw] weight
|
1964
|
+
# A value that indicates how one result in the response relates
|
1965
|
+
# proportionally to other results in the response. A result that has a
|
1966
|
+
# weight of `2` represents roughly twice as many CloudFront web
|
1967
|
+
# requests as a result that has a weight of `1`.
|
1968
|
+
# @return [Integer]
|
1969
|
+
#
|
1970
|
+
# @!attribute [rw] timestamp
|
1971
|
+
# The time at which AWS WAF received the request from your AWS
|
1972
|
+
# resource, in Unix time format (in seconds).
|
1973
|
+
# @return [Time]
|
1974
|
+
#
|
1975
|
+
# @!attribute [rw] action
|
1976
|
+
# The action for the `Rule` that the request matched: `ALLOW`,
|
1977
|
+
# `BLOCK`, or `COUNT`.
|
1978
|
+
# @return [String]
|
1979
|
+
class SampledHTTPRequest < Struct.new(
|
1980
|
+
:request,
|
1981
|
+
:weight,
|
1982
|
+
:timestamp,
|
1983
|
+
:action)
|
1984
|
+
include Aws::Structure
|
1985
|
+
end
|
1986
|
+
|
1987
|
+
# Specifies a constraint on the size of a part of the web request. AWS
|
1988
|
+
# WAF uses the `Size`, `ComparisonOperator`, and `FieldToMatch` to build
|
1989
|
+
# an expression in the form of "`Size` `ComparisonOperator` size in
|
1990
|
+
# bytes of `FieldToMatch`". If that expression is true, the
|
1991
|
+
# `SizeConstraint` is considered to match.
|
1992
|
+
# @note When making an API call, pass SizeConstraint
|
1993
|
+
# data as a hash:
|
1994
|
+
#
|
1995
|
+
# {
|
1996
|
+
# field_to_match: { # required
|
1997
|
+
# type: "URI", # required, accepts URI, QUERY_STRING, HEADER, METHOD, BODY
|
1998
|
+
# data: "MatchFieldData",
|
1999
|
+
# },
|
2000
|
+
# text_transformation: "NONE", # required, accepts NONE, COMPRESS_WHITE_SPACE, HTML_ENTITY_DECODE, LOWERCASE, CMD_LINE, URL_DECODE
|
2001
|
+
# comparison_operator: "EQ", # required, accepts EQ, NE, LE, LT, GE, GT
|
2002
|
+
# size: 1, # required
|
2003
|
+
# }
|
2004
|
+
# @!attribute [rw] field_to_match
|
2005
|
+
# Specifies where in a web request to look for `TargetString`.
|
2006
|
+
# @return [Types::FieldToMatch]
|
2007
|
+
#
|
2008
|
+
# @!attribute [rw] text_transformation
|
2009
|
+
# Text transformations eliminate some of the unusual formatting that
|
2010
|
+
# attackers use in web requests in an effort to bypass AWS WAF. If you
|
2011
|
+
# specify a transformation, AWS WAF performs the transformation on
|
2012
|
+
# `FieldToMatch` before inspecting a request for a match.
|
2013
|
+
#
|
2014
|
+
# Note that if you choose `BODY` for the value of `Type`, you must
|
2015
|
+
# choose `NONE` for `TextTransformation` because CloudFront forwards
|
2016
|
+
# only the first 8192 bytes for inspection.
|
2017
|
+
#
|
2018
|
+
# **NONE**
|
2019
|
+
#
|
2020
|
+
# Specify `NONE` if you don't want to perform any text
|
2021
|
+
# transformations.
|
2022
|
+
#
|
2023
|
+
# **CMD\_LINE**
|
2024
|
+
#
|
2025
|
+
# When you're concerned that attackers are injecting an operating
|
2026
|
+
# system command line command and using unusual formatting to disguise
|
2027
|
+
# some or all of the command, use this option to perform the following
|
2028
|
+
# transformations:
|
2029
|
+
#
|
2030
|
+
# * Delete the following characters: \\ " ' ^
|
2031
|
+
#
|
2032
|
+
# * Delete spaces before the following characters: / (
|
2033
|
+
#
|
2034
|
+
# * Replace the following characters with a space: , ;
|
2035
|
+
#
|
2036
|
+
# * Replace multiple spaces with one space
|
2037
|
+
#
|
2038
|
+
# * Convert uppercase letters (A-Z) to lowercase (a-z)
|
2039
|
+
#
|
2040
|
+
# **COMPRESS\_WHITE\_SPACE**
|
2041
|
+
#
|
2042
|
+
# Use this option to replace the following characters with a space
|
2043
|
+
# character (decimal 32):
|
2044
|
+
#
|
2045
|
+
# * \\f, formfeed, decimal 12
|
2046
|
+
#
|
2047
|
+
# * \\t, tab, decimal 9
|
2048
|
+
#
|
2049
|
+
# * \\n, newline, decimal 10
|
2050
|
+
#
|
2051
|
+
# * \\r, carriage return, decimal 13
|
2052
|
+
#
|
2053
|
+
# * \\v, vertical tab, decimal 11
|
2054
|
+
#
|
2055
|
+
# * non-breaking space, decimal 160
|
2056
|
+
#
|
2057
|
+
# `COMPRESS_WHITE_SPACE` also replaces multiple spaces with one space.
|
2058
|
+
#
|
2059
|
+
# **HTML\_ENTITY\_DECODE**
|
2060
|
+
#
|
2061
|
+
# Use this option to replace HTML-encoded characters with unencoded
|
2062
|
+
# characters. `HTML_ENTITY_DECODE` performs the following operations:
|
2063
|
+
#
|
2064
|
+
# * Replaces `(ampersand)quot;` with `"`
|
2065
|
+
#
|
2066
|
+
# * Replaces `(ampersand)nbsp;` with a non-breaking space, decimal 160
|
2067
|
+
#
|
2068
|
+
# * Replaces `(ampersand)lt;` with a "less than" symbol
|
2069
|
+
#
|
2070
|
+
# * Replaces `(ampersand)gt;` with `>`
|
2071
|
+
#
|
2072
|
+
# * Replaces characters that are represented in hexadecimal format,
|
2073
|
+
# `(ampersand)#xhhhh;`, with the corresponding characters
|
2074
|
+
#
|
2075
|
+
# * Replaces characters that are represented in decimal format,
|
2076
|
+
# `(ampersand)#nnnn;`, with the corresponding characters
|
2077
|
+
#
|
2078
|
+
# **LOWERCASE**
|
2079
|
+
#
|
2080
|
+
# Use this option to convert uppercase letters (A-Z) to lowercase
|
2081
|
+
# (a-z).
|
2082
|
+
#
|
2083
|
+
# **URL\_DECODE**
|
2084
|
+
#
|
2085
|
+
# Use this option to decode a URL-encoded value.
|
2086
|
+
# @return [String]
|
2087
|
+
#
|
2088
|
+
# @!attribute [rw] comparison_operator
|
2089
|
+
# The type of comparison you want AWS WAF to perform. AWS WAF uses
|
2090
|
+
# this in combination with the provided `Size` and `FieldToMatch` to
|
2091
|
+
# build an expression in the form of "`Size` `ComparisonOperator`
|
2092
|
+
# size in bytes of `FieldToMatch`". If that expression is true, the
|
2093
|
+
# `SizeConstraint` is considered to match.
|
2094
|
+
#
|
2095
|
+
# **EQ**\: Used to test if the `Size` is equal to the size of the
|
2096
|
+
# `FieldToMatch`
|
2097
|
+
#
|
2098
|
+
# **NE**\: Used to test if the `Size` is not equal to the size of the
|
2099
|
+
# `FieldToMatch`
|
2100
|
+
#
|
2101
|
+
# **LE**\: Used to test if the `Size` is less than or equal to the
|
2102
|
+
# size of the `FieldToMatch`
|
2103
|
+
#
|
2104
|
+
# **LT**\: Used to test if the `Size` is strictly less than the size
|
2105
|
+
# of the `FieldToMatch`
|
2106
|
+
#
|
2107
|
+
# **GE**\: Used to test if the `Size` is greater than or equal to the
|
2108
|
+
# size of the `FieldToMatch`
|
2109
|
+
#
|
2110
|
+
# **GT**\: Used to test if the `Size` is strictly greater than the
|
2111
|
+
# size of the `FieldToMatch`
|
2112
|
+
# @return [String]
|
2113
|
+
#
|
2114
|
+
# @!attribute [rw] size
|
2115
|
+
# The size in bytes that you want AWS WAF to compare against the size
|
2116
|
+
# of the specified `FieldToMatch`. AWS WAF uses this in combination
|
2117
|
+
# with `ComparisonOperator` and `FieldToMatch` to build an expression
|
2118
|
+
# in the form of "`Size` `ComparisonOperator` size in bytes of
|
2119
|
+
# `FieldToMatch`". If that expression is true, the `SizeConstraint`
|
2120
|
+
# is considered to match.
|
2121
|
+
#
|
2122
|
+
# Valid values for size are 0 - 21474836480 bytes (0 - 20 GB).
|
2123
|
+
#
|
2124
|
+
# If you specify `URI` for the value of `Type`, the / in the URI
|
2125
|
+
# counts as one character. For example, the URI `/logo.jpg` is nine
|
2126
|
+
# characters long.
|
2127
|
+
# @return [Integer]
|
2128
|
+
class SizeConstraint < Struct.new(
|
2129
|
+
:field_to_match,
|
2130
|
+
:text_transformation,
|
2131
|
+
:comparison_operator,
|
2132
|
+
:size)
|
2133
|
+
include Aws::Structure
|
2134
|
+
end
|
2135
|
+
|
2136
|
+
# A complex type that contains `SizeConstraint` objects, which specify
|
2137
|
+
# the parts of web requests that you want AWS WAF to inspect the size
|
2138
|
+
# of. If a `SizeConstraintSet` contains more than one `SizeConstraint`
|
2139
|
+
# object, a request only needs to match one constraint to be considered
|
2140
|
+
# a match.
|
2141
|
+
# @!attribute [rw] size_constraint_set_id
|
2142
|
+
# A unique identifier for a `SizeConstraintSet`. You use
|
2143
|
+
# `SizeConstraintSetId` to get information about a `SizeConstraintSet`
|
2144
|
+
# (see GetSizeConstraintSet), update a `SizeConstraintSet` (see
|
2145
|
+
# UpdateSizeConstraintSet), insert a `SizeConstraintSet` into a `Rule`
|
2146
|
+
# or delete one from a `Rule` (see UpdateRule), and delete a
|
2147
|
+
# `SizeConstraintSet` from AWS WAF (see DeleteSizeConstraintSet).
|
2148
|
+
#
|
2149
|
+
# `SizeConstraintSetId` is returned by CreateSizeConstraintSet and by
|
2150
|
+
# ListSizeConstraintSets.
|
2151
|
+
# @return [String]
|
2152
|
+
#
|
2153
|
+
# @!attribute [rw] name
|
2154
|
+
# The name, if any, of the `SizeConstraintSet`.
|
2155
|
+
# @return [String]
|
2156
|
+
#
|
2157
|
+
# @!attribute [rw] size_constraints
|
2158
|
+
# Specifies the parts of web requests that you want to inspect the
|
2159
|
+
# size of.
|
2160
|
+
# @return [Array<Types::SizeConstraint>]
|
2161
|
+
class SizeConstraintSet < Struct.new(
|
2162
|
+
:size_constraint_set_id,
|
2163
|
+
:name,
|
2164
|
+
:size_constraints)
|
2165
|
+
include Aws::Structure
|
2166
|
+
end
|
2167
|
+
|
2168
|
+
# The `Id` and `Name` of a `SizeConstraintSet`.
|
2169
|
+
# @!attribute [rw] size_constraint_set_id
|
2170
|
+
# A unique identifier for a `SizeConstraintSet`. You use
|
2171
|
+
# `SizeConstraintSetId` to get information about a `SizeConstraintSet`
|
2172
|
+
# (see GetSizeConstraintSet), update a `SizeConstraintSet` (see
|
2173
|
+
# UpdateSizeConstraintSet), insert a `SizeConstraintSet` into a `Rule`
|
2174
|
+
# or delete one from a `Rule` (see UpdateRule), and delete a
|
2175
|
+
# `SizeConstraintSet` from AWS WAF (see DeleteSizeConstraintSet).
|
2176
|
+
#
|
2177
|
+
# `SizeConstraintSetId` is returned by CreateSizeConstraintSet and by
|
2178
|
+
# ListSizeConstraintSets.
|
2179
|
+
# @return [String]
|
2180
|
+
#
|
2181
|
+
# @!attribute [rw] name
|
2182
|
+
# The name of the `SizeConstraintSet`, if any.
|
2183
|
+
# @return [String]
|
2184
|
+
class SizeConstraintSetSummary < Struct.new(
|
2185
|
+
:size_constraint_set_id,
|
2186
|
+
:name)
|
2187
|
+
include Aws::Structure
|
2188
|
+
end
|
2189
|
+
|
2190
|
+
# Specifies the part of a web request that you want to inspect the size
|
2191
|
+
# of and indicates whether you want to add the specification to a
|
2192
|
+
# SizeConstraintSet or delete it from a `SizeConstraintSet`.
|
2193
|
+
# @note When making an API call, pass SizeConstraintSetUpdate
|
2194
|
+
# data as a hash:
|
2195
|
+
#
|
2196
|
+
# {
|
2197
|
+
# action: "INSERT", # required, accepts INSERT, DELETE
|
2198
|
+
# size_constraint: { # required
|
2199
|
+
# field_to_match: { # required
|
2200
|
+
# type: "URI", # required, accepts URI, QUERY_STRING, HEADER, METHOD, BODY
|
2201
|
+
# data: "MatchFieldData",
|
2202
|
+
# },
|
2203
|
+
# text_transformation: "NONE", # required, accepts NONE, COMPRESS_WHITE_SPACE, HTML_ENTITY_DECODE, LOWERCASE, CMD_LINE, URL_DECODE
|
2204
|
+
# comparison_operator: "EQ", # required, accepts EQ, NE, LE, LT, GE, GT
|
2205
|
+
# size: 1, # required
|
2206
|
+
# },
|
2207
|
+
# }
|
2208
|
+
# @!attribute [rw] action
|
2209
|
+
# Specify `INSERT` to add a SizeConstraintSetUpdate to a
|
2210
|
+
# SizeConstraintSet. Use `DELETE` to remove a
|
2211
|
+
# `SizeConstraintSetUpdate` from a `SizeConstraintSet`.
|
2212
|
+
# @return [String]
|
2213
|
+
#
|
2214
|
+
# @!attribute [rw] size_constraint
|
2215
|
+
# Specifies a constraint on the size of a part of the web request. AWS
|
2216
|
+
# WAF uses the `Size`, `ComparisonOperator`, and `FieldToMatch` to
|
2217
|
+
# build an expression in the form of "`Size` `ComparisonOperator`
|
2218
|
+
# size in bytes of `FieldToMatch`". If that expression is true, the
|
2219
|
+
# `SizeConstraint` is considered to match.
|
2220
|
+
# @return [Types::SizeConstraint]
|
2221
|
+
class SizeConstraintSetUpdate < Struct.new(
|
2222
|
+
:action,
|
2223
|
+
:size_constraint)
|
2224
|
+
include Aws::Structure
|
2225
|
+
end
|
2226
|
+
|
2227
|
+
# A complex type that contains `SqlInjectionMatchTuple` objects, which
|
2228
|
+
# specify the parts of web requests that you want AWS WAF to inspect for
|
2229
|
+
# snippets of malicious SQL code and, if you want AWS WAF to inspect a
|
2230
|
+
# header, the name of the header. If a `SqlInjectionMatchSet` contains
|
2231
|
+
# more than one `SqlInjectionMatchTuple` object, a request needs to
|
2232
|
+
# include snippets of SQL code in only one of the specified parts of the
|
2233
|
+
# request to be considered a match.
|
2234
|
+
# @!attribute [rw] sql_injection_match_set_id
|
2235
|
+
# A unique identifier for a `SqlInjectionMatchSet`. You use
|
2236
|
+
# `SqlInjectionMatchSetId` to get information about a
|
2237
|
+
# `SqlInjectionMatchSet` (see GetSqlInjectionMatchSet), update a
|
2238
|
+
# `SqlInjectionMatchSet` (see UpdateSqlInjectionMatchSet), insert a
|
2239
|
+
# `SqlInjectionMatchSet` into a `Rule` or delete one from a `Rule`
|
2240
|
+
# (see UpdateRule), and delete a `SqlInjectionMatchSet` from AWS WAF
|
2241
|
+
# (see DeleteSqlInjectionMatchSet).
|
2242
|
+
#
|
2243
|
+
# `SqlInjectionMatchSetId` is returned by CreateSqlInjectionMatchSet
|
2244
|
+
# and by ListSqlInjectionMatchSets.
|
2245
|
+
# @return [String]
|
2246
|
+
#
|
2247
|
+
# @!attribute [rw] name
|
2248
|
+
# The name, if any, of the `SqlInjectionMatchSet`.
|
2249
|
+
# @return [String]
|
2250
|
+
#
|
2251
|
+
# @!attribute [rw] sql_injection_match_tuples
|
2252
|
+
# Specifies the parts of web requests that you want to inspect for
|
2253
|
+
# snippets of malicious SQL code.
|
2254
|
+
# @return [Array<Types::SqlInjectionMatchTuple>]
|
2255
|
+
class SqlInjectionMatchSet < Struct.new(
|
2256
|
+
:sql_injection_match_set_id,
|
2257
|
+
:name,
|
2258
|
+
:sql_injection_match_tuples)
|
2259
|
+
include Aws::Structure
|
2260
|
+
end
|
2261
|
+
|
2262
|
+
# The `Id` and `Name` of a `SqlInjectionMatchSet`.
|
2263
|
+
# @!attribute [rw] sql_injection_match_set_id
|
2264
|
+
# A unique identifier for a `SqlInjectionMatchSet`. You use
|
2265
|
+
# `SqlInjectionMatchSetId` to get information about a
|
2266
|
+
# `SqlInjectionMatchSet` (see GetSqlInjectionMatchSet), update a
|
2267
|
+
# `SqlInjectionMatchSet` (see UpdateSqlInjectionMatchSet), insert a
|
2268
|
+
# `SqlInjectionMatchSet` into a `Rule` or delete one from a `Rule`
|
2269
|
+
# (see UpdateRule), and delete a `SqlInjectionMatchSet` from AWS WAF
|
2270
|
+
# (see DeleteSqlInjectionMatchSet).
|
2271
|
+
#
|
2272
|
+
# `SqlInjectionMatchSetId` is returned by CreateSqlInjectionMatchSet
|
2273
|
+
# and by ListSqlInjectionMatchSets.
|
2274
|
+
# @return [String]
|
2275
|
+
#
|
2276
|
+
# @!attribute [rw] name
|
2277
|
+
# The name of the `SqlInjectionMatchSet`, if any, specified by `Id`.
|
2278
|
+
# @return [String]
|
2279
|
+
class SqlInjectionMatchSetSummary < Struct.new(
|
2280
|
+
:sql_injection_match_set_id,
|
2281
|
+
:name)
|
2282
|
+
include Aws::Structure
|
2283
|
+
end
|
2284
|
+
|
2285
|
+
# Specifies the part of a web request that you want to inspect for
|
2286
|
+
# snippets of malicious SQL code and indicates whether you want to add
|
2287
|
+
# the specification to a SqlInjectionMatchSet or delete it from a
|
2288
|
+
# `SqlInjectionMatchSet`.
|
2289
|
+
# @note When making an API call, pass SqlInjectionMatchSetUpdate
|
2290
|
+
# data as a hash:
|
2291
|
+
#
|
2292
|
+
# {
|
2293
|
+
# action: "INSERT", # required, accepts INSERT, DELETE
|
2294
|
+
# sql_injection_match_tuple: { # required
|
2295
|
+
# field_to_match: { # required
|
2296
|
+
# type: "URI", # required, accepts URI, QUERY_STRING, HEADER, METHOD, BODY
|
2297
|
+
# data: "MatchFieldData",
|
2298
|
+
# },
|
2299
|
+
# text_transformation: "NONE", # required, accepts NONE, COMPRESS_WHITE_SPACE, HTML_ENTITY_DECODE, LOWERCASE, CMD_LINE, URL_DECODE
|
2300
|
+
# },
|
2301
|
+
# }
|
2302
|
+
# @!attribute [rw] action
|
2303
|
+
# Specify `INSERT` to add a SqlInjectionMatchSetUpdate to a
|
2304
|
+
# SqlInjectionMatchSet. Use `DELETE` to remove a
|
2305
|
+
# `SqlInjectionMatchSetUpdate` from a `SqlInjectionMatchSet`.
|
2306
|
+
# @return [String]
|
2307
|
+
#
|
2308
|
+
# @!attribute [rw] sql_injection_match_tuple
|
2309
|
+
# Specifies the part of a web request that you want AWS WAF to inspect
|
2310
|
+
# for snippets of malicious SQL code and, if you want AWS WAF to
|
2311
|
+
# inspect a header, the name of the header.
|
2312
|
+
# @return [Types::SqlInjectionMatchTuple]
|
2313
|
+
class SqlInjectionMatchSetUpdate < Struct.new(
|
2314
|
+
:action,
|
2315
|
+
:sql_injection_match_tuple)
|
2316
|
+
include Aws::Structure
|
2317
|
+
end
|
2318
|
+
|
2319
|
+
# Specifies the part of a web request that you want AWS WAF to inspect
|
2320
|
+
# for snippets of malicious SQL code and, if you want AWS WAF to inspect
|
2321
|
+
# a header, the name of the header.
|
2322
|
+
# @note When making an API call, pass SqlInjectionMatchTuple
|
2323
|
+
# data as a hash:
|
2324
|
+
#
|
2325
|
+
# {
|
2326
|
+
# field_to_match: { # required
|
2327
|
+
# type: "URI", # required, accepts URI, QUERY_STRING, HEADER, METHOD, BODY
|
2328
|
+
# data: "MatchFieldData",
|
2329
|
+
# },
|
2330
|
+
# text_transformation: "NONE", # required, accepts NONE, COMPRESS_WHITE_SPACE, HTML_ENTITY_DECODE, LOWERCASE, CMD_LINE, URL_DECODE
|
2331
|
+
# }
|
2332
|
+
# @!attribute [rw] field_to_match
|
2333
|
+
# Specifies where in a web request to look for `TargetString`.
|
2334
|
+
# @return [Types::FieldToMatch]
|
2335
|
+
#
|
2336
|
+
# @!attribute [rw] text_transformation
|
2337
|
+
# Text transformations eliminate some of the unusual formatting that
|
2338
|
+
# attackers use in web requests in an effort to bypass AWS WAF. If you
|
2339
|
+
# specify a transformation, AWS WAF performs the transformation on
|
2340
|
+
# `FieldToMatch` before inspecting a request for a match.
|
2341
|
+
#
|
2342
|
+
# **CMD\_LINE**
|
2343
|
+
#
|
2344
|
+
# When you're concerned that attackers are injecting an operating
|
2345
|
+
# system commandline command and using unusual formatting to disguise
|
2346
|
+
# some or all of the command, use this option to perform the following
|
2347
|
+
# transformations:
|
2348
|
+
#
|
2349
|
+
# * Delete the following characters: \\ " ' ^
|
2350
|
+
#
|
2351
|
+
# * Delete spaces before the following characters: / (
|
2352
|
+
#
|
2353
|
+
# * Replace the following characters with a space: , ;
|
2354
|
+
#
|
2355
|
+
# * Replace multiple spaces with one space
|
2356
|
+
#
|
2357
|
+
# * Convert uppercase letters (A-Z) to lowercase (a-z)
|
2358
|
+
#
|
2359
|
+
# **COMPRESS\_WHITE\_SPACE**
|
2360
|
+
#
|
2361
|
+
# Use this option to replace the following characters with a space
|
2362
|
+
# character (decimal 32):
|
2363
|
+
#
|
2364
|
+
# * \\f, formfeed, decimal 12
|
2365
|
+
#
|
2366
|
+
# * \\t, tab, decimal 9
|
2367
|
+
#
|
2368
|
+
# * \\n, newline, decimal 10
|
2369
|
+
#
|
2370
|
+
# * \\r, carriage return, decimal 13
|
2371
|
+
#
|
2372
|
+
# * \\v, vertical tab, decimal 11
|
2373
|
+
#
|
2374
|
+
# * non-breaking space, decimal 160
|
2375
|
+
#
|
2376
|
+
# `COMPRESS_WHITE_SPACE` also replaces multiple spaces with one space.
|
2377
|
+
#
|
2378
|
+
# **HTML\_ENTITY\_DECODE**
|
2379
|
+
#
|
2380
|
+
# Use this option to replace HTML-encoded characters with unencoded
|
2381
|
+
# characters. `HTML_ENTITY_DECODE` performs the following operations:
|
2382
|
+
#
|
2383
|
+
# * Replaces `(ampersand)quot;` with `"`
|
2384
|
+
#
|
2385
|
+
# * Replaces `(ampersand)nbsp;` with a non-breaking space, decimal 160
|
2386
|
+
#
|
2387
|
+
# * Replaces `(ampersand)lt;` with a "less than" symbol
|
2388
|
+
#
|
2389
|
+
# * Replaces `(ampersand)gt;` with `>`
|
2390
|
+
#
|
2391
|
+
# * Replaces characters that are represented in hexadecimal format,
|
2392
|
+
# `(ampersand)#xhhhh;`, with the corresponding characters
|
2393
|
+
#
|
2394
|
+
# * Replaces characters that are represented in decimal format,
|
2395
|
+
# `(ampersand)#nnnn;`, with the corresponding characters
|
2396
|
+
#
|
2397
|
+
# **LOWERCASE**
|
2398
|
+
#
|
2399
|
+
# Use this option to convert uppercase letters (A-Z) to lowercase
|
2400
|
+
# (a-z).
|
2401
|
+
#
|
2402
|
+
# **URL\_DECODE**
|
2403
|
+
#
|
2404
|
+
# Use this option to decode a URL-encoded value.
|
2405
|
+
#
|
2406
|
+
# **NONE**
|
2407
|
+
#
|
2408
|
+
# Specify `NONE` if you don't want to perform any text
|
2409
|
+
# transformations.
|
2410
|
+
# @return [String]
|
2411
|
+
class SqlInjectionMatchTuple < Struct.new(
|
2412
|
+
:field_to_match,
|
2413
|
+
:text_transformation)
|
2414
|
+
include Aws::Structure
|
2415
|
+
end
|
2416
|
+
|
2417
|
+
# In a GetSampledRequests request, the `StartTime` and `EndTime` objects
|
2418
|
+
# specify the time range for which you want AWS WAF to return a sample
|
2419
|
+
# of web requests.
|
2420
|
+
#
|
2421
|
+
# In a GetSampledRequests response, the `StartTime` and `EndTime`
|
2422
|
+
# objects specify the time range for which AWS WAF actually returned a
|
2423
|
+
# sample of web requests. AWS WAF gets the specified number of requests
|
2424
|
+
# from among the first 5,000 requests that your AWS resource receives
|
2425
|
+
# during the specified time period. If your resource receives more than
|
2426
|
+
# 5,000 requests during that period, AWS WAF stops sampling after the
|
2427
|
+
# 5,000th request. In that case, `EndTime` is the time that AWS WAF
|
2428
|
+
# received the 5,000th request.
|
2429
|
+
# @note When making an API call, pass TimeWindow
|
2430
|
+
# data as a hash:
|
2431
|
+
#
|
2432
|
+
# {
|
2433
|
+
# start_time: Time.now, # required
|
2434
|
+
# end_time: Time.now, # required
|
2435
|
+
# }
|
2436
|
+
# @!attribute [rw] start_time
|
2437
|
+
# The beginning of the time range from which you want
|
2438
|
+
# `GetSampledRequests` to return a sample of the requests that your
|
2439
|
+
# AWS resource received. You can specify any time range in the
|
2440
|
+
# previous three hours.
|
2441
|
+
# @return [Time]
|
2442
|
+
#
|
2443
|
+
# @!attribute [rw] end_time
|
2444
|
+
# The end of the time range from which you want `GetSampledRequests`
|
2445
|
+
# to return a sample of the requests that your AWS resource received.
|
2446
|
+
# You can specify any time range in the previous three hours.
|
2447
|
+
# @return [Time]
|
2448
|
+
class TimeWindow < Struct.new(
|
2449
|
+
:start_time,
|
2450
|
+
:end_time)
|
2451
|
+
include Aws::Structure
|
2452
|
+
end
|
2453
|
+
|
2454
|
+
# @note When making an API call, pass UpdateByteMatchSetRequest
|
2455
|
+
# data as a hash:
|
2456
|
+
#
|
2457
|
+
# {
|
2458
|
+
# byte_match_set_id: "ResourceId", # required
|
2459
|
+
# change_token: "ChangeToken", # required
|
2460
|
+
# updates: [ # required
|
2461
|
+
# {
|
2462
|
+
# action: "INSERT", # required, accepts INSERT, DELETE
|
2463
|
+
# byte_match_tuple: { # required
|
2464
|
+
# field_to_match: { # required
|
2465
|
+
# type: "URI", # required, accepts URI, QUERY_STRING, HEADER, METHOD, BODY
|
2466
|
+
# data: "MatchFieldData",
|
2467
|
+
# },
|
2468
|
+
# target_string: "data", # required
|
2469
|
+
# text_transformation: "NONE", # required, accepts NONE, COMPRESS_WHITE_SPACE, HTML_ENTITY_DECODE, LOWERCASE, CMD_LINE, URL_DECODE
|
2470
|
+
# positional_constraint: "EXACTLY", # required, accepts EXACTLY, STARTS_WITH, ENDS_WITH, CONTAINS, CONTAINS_WORD
|
2471
|
+
# },
|
2472
|
+
# },
|
2473
|
+
# ],
|
2474
|
+
# }
|
2475
|
+
# @!attribute [rw] byte_match_set_id
|
2476
|
+
# The `ByteMatchSetId` of the ByteMatchSet that you want to update.
|
2477
|
+
# `ByteMatchSetId` is returned by CreateByteMatchSet and by
|
2478
|
+
# ListByteMatchSets.
|
2479
|
+
# @return [String]
|
2480
|
+
#
|
2481
|
+
# @!attribute [rw] change_token
|
2482
|
+
# The value returned by the most recent call to GetChangeToken.
|
2483
|
+
# @return [String]
|
2484
|
+
#
|
2485
|
+
# @!attribute [rw] updates
|
2486
|
+
# An array of `ByteMatchSetUpdate` objects that you want to insert
|
2487
|
+
# into or delete from a ByteMatchSet. For more information, see the
|
2488
|
+
# applicable data types:
|
2489
|
+
#
|
2490
|
+
# * ByteMatchSetUpdate: Contains `Action` and `ByteMatchTuple`
|
2491
|
+
#
|
2492
|
+
# * ByteMatchTuple: Contains `FieldToMatch`, `PositionalConstraint`,
|
2493
|
+
# `TargetString`, and `TextTransformation`
|
2494
|
+
#
|
2495
|
+
# * FieldToMatch: Contains `Data` and `Type`
|
2496
|
+
# @return [Array<Types::ByteMatchSetUpdate>]
|
2497
|
+
class UpdateByteMatchSetRequest < Struct.new(
|
2498
|
+
:byte_match_set_id,
|
2499
|
+
:change_token,
|
2500
|
+
:updates)
|
2501
|
+
include Aws::Structure
|
2502
|
+
end
|
2503
|
+
|
2504
|
+
# @!attribute [rw] change_token
|
2505
|
+
# The `ChangeToken` that you used to submit the `UpdateByteMatchSet`
|
2506
|
+
# request. You can also use this value to query the status of the
|
2507
|
+
# request. For more information, see GetChangeTokenStatus.
|
2508
|
+
# @return [String]
|
2509
|
+
class UpdateByteMatchSetResponse < Struct.new(
|
2510
|
+
:change_token)
|
2511
|
+
include Aws::Structure
|
2512
|
+
end
|
2513
|
+
|
2514
|
+
# @note When making an API call, pass UpdateIPSetRequest
|
2515
|
+
# data as a hash:
|
2516
|
+
#
|
2517
|
+
# {
|
2518
|
+
# ip_set_id: "ResourceId", # required
|
2519
|
+
# change_token: "ChangeToken", # required
|
2520
|
+
# updates: [ # required
|
2521
|
+
# {
|
2522
|
+
# action: "INSERT", # required, accepts INSERT, DELETE
|
2523
|
+
# ip_set_descriptor: { # required
|
2524
|
+
# type: "IPV4", # required, accepts IPV4, IPV6
|
2525
|
+
# value: "IPSetDescriptorValue", # required
|
2526
|
+
# },
|
2527
|
+
# },
|
2528
|
+
# ],
|
2529
|
+
# }
|
2530
|
+
# @!attribute [rw] ip_set_id
|
2531
|
+
# The `IPSetId` of the IPSet that you want to update. `IPSetId` is
|
2532
|
+
# returned by CreateIPSet and by ListIPSets.
|
2533
|
+
# @return [String]
|
2534
|
+
#
|
2535
|
+
# @!attribute [rw] change_token
|
2536
|
+
# The value returned by the most recent call to GetChangeToken.
|
2537
|
+
# @return [String]
|
2538
|
+
#
|
2539
|
+
# @!attribute [rw] updates
|
2540
|
+
# An array of `IPSetUpdate` objects that you want to insert into or
|
2541
|
+
# delete from an IPSet. For more information, see the applicable data
|
2542
|
+
# types:
|
2543
|
+
#
|
2544
|
+
# * IPSetUpdate: Contains `Action` and `IPSetDescriptor`
|
2545
|
+
#
|
2546
|
+
# * IPSetDescriptor: Contains `Type` and `Value`
|
2547
|
+
# @return [Array<Types::IPSetUpdate>]
|
2548
|
+
class UpdateIPSetRequest < Struct.new(
|
2549
|
+
:ip_set_id,
|
2550
|
+
:change_token,
|
2551
|
+
:updates)
|
2552
|
+
include Aws::Structure
|
2553
|
+
end
|
2554
|
+
|
2555
|
+
# @!attribute [rw] change_token
|
2556
|
+
# The `ChangeToken` that you used to submit the `UpdateIPSet` request.
|
2557
|
+
# You can also use this value to query the status of the request. For
|
2558
|
+
# more information, see GetChangeTokenStatus.
|
2559
|
+
# @return [String]
|
2560
|
+
class UpdateIPSetResponse < Struct.new(
|
2561
|
+
:change_token)
|
2562
|
+
include Aws::Structure
|
2563
|
+
end
|
2564
|
+
|
2565
|
+
# @note When making an API call, pass UpdateRuleRequest
|
2566
|
+
# data as a hash:
|
2567
|
+
#
|
2568
|
+
# {
|
2569
|
+
# rule_id: "ResourceId", # required
|
2570
|
+
# change_token: "ChangeToken", # required
|
2571
|
+
# updates: [ # required
|
2572
|
+
# {
|
2573
|
+
# action: "INSERT", # required, accepts INSERT, DELETE
|
2574
|
+
# predicate: { # required
|
2575
|
+
# negated: false, # required
|
2576
|
+
# type: "IPMatch", # required, accepts IPMatch, ByteMatch, SqlInjectionMatch, SizeConstraint, XssMatch
|
2577
|
+
# data_id: "ResourceId", # required
|
2578
|
+
# },
|
2579
|
+
# },
|
2580
|
+
# ],
|
2581
|
+
# }
|
2582
|
+
# @!attribute [rw] rule_id
|
2583
|
+
# The `RuleId` of the `Rule` that you want to update. `RuleId` is
|
2584
|
+
# returned by `CreateRule` and by ListRules.
|
2585
|
+
# @return [String]
|
2586
|
+
#
|
2587
|
+
# @!attribute [rw] change_token
|
2588
|
+
# The value returned by the most recent call to GetChangeToken.
|
2589
|
+
# @return [String]
|
2590
|
+
#
|
2591
|
+
# @!attribute [rw] updates
|
2592
|
+
# An array of `RuleUpdate` objects that you want to insert into or
|
2593
|
+
# delete from a Rule. For more information, see the applicable data
|
2594
|
+
# types:
|
2595
|
+
#
|
2596
|
+
# * RuleUpdate: Contains `Action` and `Predicate`
|
2597
|
+
#
|
2598
|
+
# * Predicate: Contains `DataId`, `Negated`, and `Type`
|
2599
|
+
#
|
2600
|
+
# * FieldToMatch: Contains `Data` and `Type`
|
2601
|
+
# @return [Array<Types::RuleUpdate>]
|
2602
|
+
class UpdateRuleRequest < Struct.new(
|
2603
|
+
:rule_id,
|
2604
|
+
:change_token,
|
2605
|
+
:updates)
|
2606
|
+
include Aws::Structure
|
2607
|
+
end
|
2608
|
+
|
2609
|
+
# @!attribute [rw] change_token
|
2610
|
+
# The `ChangeToken` that you used to submit the `UpdateRule` request.
|
2611
|
+
# You can also use this value to query the status of the request. For
|
2612
|
+
# more information, see GetChangeTokenStatus.
|
2613
|
+
# @return [String]
|
2614
|
+
class UpdateRuleResponse < Struct.new(
|
2615
|
+
:change_token)
|
2616
|
+
include Aws::Structure
|
2617
|
+
end
|
2618
|
+
|
2619
|
+
# @note When making an API call, pass UpdateSizeConstraintSetRequest
|
2620
|
+
# data as a hash:
|
2621
|
+
#
|
2622
|
+
# {
|
2623
|
+
# size_constraint_set_id: "ResourceId", # required
|
2624
|
+
# change_token: "ChangeToken", # required
|
2625
|
+
# updates: [ # required
|
2626
|
+
# {
|
2627
|
+
# action: "INSERT", # required, accepts INSERT, DELETE
|
2628
|
+
# size_constraint: { # required
|
2629
|
+
# field_to_match: { # required
|
2630
|
+
# type: "URI", # required, accepts URI, QUERY_STRING, HEADER, METHOD, BODY
|
2631
|
+
# data: "MatchFieldData",
|
2632
|
+
# },
|
2633
|
+
# text_transformation: "NONE", # required, accepts NONE, COMPRESS_WHITE_SPACE, HTML_ENTITY_DECODE, LOWERCASE, CMD_LINE, URL_DECODE
|
2634
|
+
# comparison_operator: "EQ", # required, accepts EQ, NE, LE, LT, GE, GT
|
2635
|
+
# size: 1, # required
|
2636
|
+
# },
|
2637
|
+
# },
|
2638
|
+
# ],
|
2639
|
+
# }
|
2640
|
+
# @!attribute [rw] size_constraint_set_id
|
2641
|
+
# The `SizeConstraintSetId` of the SizeConstraintSet that you want to
|
2642
|
+
# update. `SizeConstraintSetId` is returned by CreateSizeConstraintSet
|
2643
|
+
# and by ListSizeConstraintSets.
|
2644
|
+
# @return [String]
|
2645
|
+
#
|
2646
|
+
# @!attribute [rw] change_token
|
2647
|
+
# The value returned by the most recent call to GetChangeToken.
|
2648
|
+
# @return [String]
|
2649
|
+
#
|
2650
|
+
# @!attribute [rw] updates
|
2651
|
+
# An array of `SizeConstraintSetUpdate` objects that you want to
|
2652
|
+
# insert into or delete from a SizeConstraintSet. For more
|
2653
|
+
# information, see the applicable data types:
|
2654
|
+
#
|
2655
|
+
# * SizeConstraintSetUpdate: Contains `Action` and `SizeConstraint`
|
2656
|
+
#
|
2657
|
+
# * SizeConstraint: Contains `FieldToMatch`, `TextTransformation`,
|
2658
|
+
# `ComparisonOperator`, and `Size`
|
2659
|
+
#
|
2660
|
+
# * FieldToMatch: Contains `Data` and `Type`
|
2661
|
+
# @return [Array<Types::SizeConstraintSetUpdate>]
|
2662
|
+
class UpdateSizeConstraintSetRequest < Struct.new(
|
2663
|
+
:size_constraint_set_id,
|
2664
|
+
:change_token,
|
2665
|
+
:updates)
|
2666
|
+
include Aws::Structure
|
2667
|
+
end
|
2668
|
+
|
2669
|
+
# @!attribute [rw] change_token
|
2670
|
+
# The `ChangeToken` that you used to submit the
|
2671
|
+
# `UpdateSizeConstraintSet` request. You can also use this value to
|
2672
|
+
# query the status of the request. For more information, see
|
2673
|
+
# GetChangeTokenStatus.
|
2674
|
+
# @return [String]
|
2675
|
+
class UpdateSizeConstraintSetResponse < Struct.new(
|
2676
|
+
:change_token)
|
2677
|
+
include Aws::Structure
|
2678
|
+
end
|
2679
|
+
|
2680
|
+
# A request to update a SqlInjectionMatchSet.
|
2681
|
+
# @note When making an API call, pass UpdateSqlInjectionMatchSetRequest
|
2682
|
+
# data as a hash:
|
2683
|
+
#
|
2684
|
+
# {
|
2685
|
+
# sql_injection_match_set_id: "ResourceId", # required
|
2686
|
+
# change_token: "ChangeToken", # required
|
2687
|
+
# updates: [ # required
|
2688
|
+
# {
|
2689
|
+
# action: "INSERT", # required, accepts INSERT, DELETE
|
2690
|
+
# sql_injection_match_tuple: { # required
|
2691
|
+
# field_to_match: { # required
|
2692
|
+
# type: "URI", # required, accepts URI, QUERY_STRING, HEADER, METHOD, BODY
|
2693
|
+
# data: "MatchFieldData",
|
2694
|
+
# },
|
2695
|
+
# text_transformation: "NONE", # required, accepts NONE, COMPRESS_WHITE_SPACE, HTML_ENTITY_DECODE, LOWERCASE, CMD_LINE, URL_DECODE
|
2696
|
+
# },
|
2697
|
+
# },
|
2698
|
+
# ],
|
2699
|
+
# }
|
2700
|
+
# @!attribute [rw] sql_injection_match_set_id
|
2701
|
+
# The `SqlInjectionMatchSetId` of the `SqlInjectionMatchSet` that you
|
2702
|
+
# want to update. `SqlInjectionMatchSetId` is returned by
|
2703
|
+
# CreateSqlInjectionMatchSet and by ListSqlInjectionMatchSets.
|
2704
|
+
# @return [String]
|
2705
|
+
#
|
2706
|
+
# @!attribute [rw] change_token
|
2707
|
+
# The value returned by the most recent call to GetChangeToken.
|
2708
|
+
# @return [String]
|
2709
|
+
#
|
2710
|
+
# @!attribute [rw] updates
|
2711
|
+
# An array of `SqlInjectionMatchSetUpdate` objects that you want to
|
2712
|
+
# insert into or delete from a SqlInjectionMatchSet. For more
|
2713
|
+
# information, see the applicable data types:
|
2714
|
+
#
|
2715
|
+
# * SqlInjectionMatchSetUpdate: Contains `Action` and
|
2716
|
+
# `SqlInjectionMatchTuple`
|
2717
|
+
#
|
2718
|
+
# * SqlInjectionMatchTuple: Contains `FieldToMatch` and
|
2719
|
+
# `TextTransformation`
|
2720
|
+
#
|
2721
|
+
# * FieldToMatch: Contains `Data` and `Type`
|
2722
|
+
# @return [Array<Types::SqlInjectionMatchSetUpdate>]
|
2723
|
+
class UpdateSqlInjectionMatchSetRequest < Struct.new(
|
2724
|
+
:sql_injection_match_set_id,
|
2725
|
+
:change_token,
|
2726
|
+
:updates)
|
2727
|
+
include Aws::Structure
|
2728
|
+
end
|
2729
|
+
|
2730
|
+
# The response to an UpdateSqlInjectionMatchSets request.
|
2731
|
+
# @!attribute [rw] change_token
|
2732
|
+
# The `ChangeToken` that you used to submit the
|
2733
|
+
# `UpdateSqlInjectionMatchSet` request. You can also use this value to
|
2734
|
+
# query the status of the request. For more information, see
|
2735
|
+
# GetChangeTokenStatus.
|
2736
|
+
# @return [String]
|
2737
|
+
class UpdateSqlInjectionMatchSetResponse < Struct.new(
|
2738
|
+
:change_token)
|
2739
|
+
include Aws::Structure
|
2740
|
+
end
|
2741
|
+
|
2742
|
+
# @note When making an API call, pass UpdateWebACLRequest
|
2743
|
+
# data as a hash:
|
2744
|
+
#
|
2745
|
+
# {
|
2746
|
+
# web_acl_id: "ResourceId", # required
|
2747
|
+
# change_token: "ChangeToken", # required
|
2748
|
+
# updates: [
|
2749
|
+
# {
|
2750
|
+
# action: "INSERT", # required, accepts INSERT, DELETE
|
2751
|
+
# activated_rule: { # required
|
2752
|
+
# priority: 1, # required
|
2753
|
+
# rule_id: "ResourceId", # required
|
2754
|
+
# action: { # required
|
2755
|
+
# type: "BLOCK", # required, accepts BLOCK, ALLOW, COUNT
|
2756
|
+
# },
|
2757
|
+
# },
|
2758
|
+
# },
|
2759
|
+
# ],
|
2760
|
+
# default_action: {
|
2761
|
+
# type: "BLOCK", # required, accepts BLOCK, ALLOW, COUNT
|
2762
|
+
# },
|
2763
|
+
# }
|
2764
|
+
# @!attribute [rw] web_acl_id
|
2765
|
+
# The `WebACLId` of the WebACL that you want to update. `WebACLId` is
|
2766
|
+
# returned by CreateWebACL and by ListWebACLs.
|
2767
|
+
# @return [String]
|
2768
|
+
#
|
2769
|
+
# @!attribute [rw] change_token
|
2770
|
+
# The value returned by the most recent call to GetChangeToken.
|
2771
|
+
# @return [String]
|
2772
|
+
#
|
2773
|
+
# @!attribute [rw] updates
|
2774
|
+
# An array of updates to make to the WebACL.
|
2775
|
+
#
|
2776
|
+
# An array of `WebACLUpdate` objects that you want to insert into or
|
2777
|
+
# delete from a WebACL. For more information, see the applicable data
|
2778
|
+
# types:
|
2779
|
+
#
|
2780
|
+
# * WebACLUpdate: Contains `Action` and `ActivatedRule`
|
2781
|
+
#
|
2782
|
+
# * ActivatedRule: Contains `Action`, `Priority`, and `RuleId`
|
2783
|
+
#
|
2784
|
+
# * WafAction: Contains `Type`
|
2785
|
+
# @return [Array<Types::WebACLUpdate>]
|
2786
|
+
#
|
2787
|
+
# @!attribute [rw] default_action
|
2788
|
+
# For the action that is associated with a rule in a `WebACL`,
|
2789
|
+
# specifies the action that you want AWS WAF to perform when a web
|
2790
|
+
# request matches all of the conditions in a rule. For the default
|
2791
|
+
# action in a `WebACL`, specifies the action that you want AWS WAF to
|
2792
|
+
# take when a web request doesn't match all of the conditions in any
|
2793
|
+
# of the rules in a `WebACL`.
|
2794
|
+
# @return [Types::WafAction]
|
2795
|
+
class UpdateWebACLRequest < Struct.new(
|
2796
|
+
:web_acl_id,
|
2797
|
+
:change_token,
|
2798
|
+
:updates,
|
2799
|
+
:default_action)
|
2800
|
+
include Aws::Structure
|
2801
|
+
end
|
2802
|
+
|
2803
|
+
# @!attribute [rw] change_token
|
2804
|
+
# The `ChangeToken` that you used to submit the `UpdateWebACL`
|
2805
|
+
# request. You can also use this value to query the status of the
|
2806
|
+
# request. For more information, see GetChangeTokenStatus.
|
2807
|
+
# @return [String]
|
2808
|
+
class UpdateWebACLResponse < Struct.new(
|
2809
|
+
:change_token)
|
2810
|
+
include Aws::Structure
|
2811
|
+
end
|
2812
|
+
|
2813
|
+
# A request to update an XssMatchSet.
|
2814
|
+
# @note When making an API call, pass UpdateXssMatchSetRequest
|
2815
|
+
# data as a hash:
|
2816
|
+
#
|
2817
|
+
# {
|
2818
|
+
# xss_match_set_id: "ResourceId", # required
|
2819
|
+
# change_token: "ChangeToken", # required
|
2820
|
+
# updates: [ # required
|
2821
|
+
# {
|
2822
|
+
# action: "INSERT", # required, accepts INSERT, DELETE
|
2823
|
+
# xss_match_tuple: { # required
|
2824
|
+
# field_to_match: { # required
|
2825
|
+
# type: "URI", # required, accepts URI, QUERY_STRING, HEADER, METHOD, BODY
|
2826
|
+
# data: "MatchFieldData",
|
2827
|
+
# },
|
2828
|
+
# text_transformation: "NONE", # required, accepts NONE, COMPRESS_WHITE_SPACE, HTML_ENTITY_DECODE, LOWERCASE, CMD_LINE, URL_DECODE
|
2829
|
+
# },
|
2830
|
+
# },
|
2831
|
+
# ],
|
2832
|
+
# }
|
2833
|
+
# @!attribute [rw] xss_match_set_id
|
2834
|
+
# The `XssMatchSetId` of the `XssMatchSet` that you want to update.
|
2835
|
+
# `XssMatchSetId` is returned by CreateXssMatchSet and by
|
2836
|
+
# ListXssMatchSets.
|
2837
|
+
# @return [String]
|
2838
|
+
#
|
2839
|
+
# @!attribute [rw] change_token
|
2840
|
+
# The value returned by the most recent call to GetChangeToken.
|
2841
|
+
# @return [String]
|
2842
|
+
#
|
2843
|
+
# @!attribute [rw] updates
|
2844
|
+
# An array of `XssMatchSetUpdate` objects that you want to insert into
|
2845
|
+
# or delete from a XssMatchSet. For more information, see the
|
2846
|
+
# applicable data types:
|
2847
|
+
#
|
2848
|
+
# * XssMatchSetUpdate: Contains `Action` and `XssMatchTuple`
|
2849
|
+
#
|
2850
|
+
# * XssMatchTuple: Contains `FieldToMatch` and `TextTransformation`
|
2851
|
+
#
|
2852
|
+
# * FieldToMatch: Contains `Data` and `Type`
|
2853
|
+
# @return [Array<Types::XssMatchSetUpdate>]
|
2854
|
+
class UpdateXssMatchSetRequest < Struct.new(
|
2855
|
+
:xss_match_set_id,
|
2856
|
+
:change_token,
|
2857
|
+
:updates)
|
2858
|
+
include Aws::Structure
|
2859
|
+
end
|
2860
|
+
|
2861
|
+
# The response to an UpdateXssMatchSets request.
|
2862
|
+
# @!attribute [rw] change_token
|
2863
|
+
# The `ChangeToken` that you used to submit the `UpdateXssMatchSet`
|
2864
|
+
# request. You can also use this value to query the status of the
|
2865
|
+
# request. For more information, see GetChangeTokenStatus.
|
2866
|
+
# @return [String]
|
2867
|
+
class UpdateXssMatchSetResponse < Struct.new(
|
2868
|
+
:change_token)
|
2869
|
+
include Aws::Structure
|
2870
|
+
end
|
2871
|
+
|
2872
|
+
# For the action that is associated with a rule in a `WebACL`, specifies
|
2873
|
+
# the action that you want AWS WAF to perform when a web request matches
|
2874
|
+
# all of the conditions in a rule. For the default action in a `WebACL`,
|
2875
|
+
# specifies the action that you want AWS WAF to take when a web request
|
2876
|
+
# doesn't match all of the conditions in any of the rules in a
|
2877
|
+
# `WebACL`.
|
2878
|
+
# @note When making an API call, pass WafAction
|
2879
|
+
# data as a hash:
|
2880
|
+
#
|
2881
|
+
# {
|
2882
|
+
# type: "BLOCK", # required, accepts BLOCK, ALLOW, COUNT
|
2883
|
+
# }
|
2884
|
+
# @!attribute [rw] type
|
2885
|
+
# Specifies how you want AWS WAF to respond to requests that match the
|
2886
|
+
# settings in a `Rule`. Valid settings include the following:
|
2887
|
+
#
|
2888
|
+
# * `ALLOW`\: AWS WAF allows requests
|
2889
|
+
#
|
2890
|
+
# * `BLOCK`\: AWS WAF blocks requests
|
2891
|
+
#
|
2892
|
+
# * `COUNT`\: AWS WAF increments a counter of the requests that match
|
2893
|
+
# all of the conditions in the rule. AWS WAF then continues to
|
2894
|
+
# inspect the web request based on the remaining rules in the web
|
2895
|
+
# ACL. You can't specify `COUNT` for the default action for a
|
2896
|
+
# `WebACL`.
|
2897
|
+
# @return [String]
|
2898
|
+
class WafAction < Struct.new(
|
2899
|
+
:type)
|
2900
|
+
include Aws::Structure
|
2901
|
+
end
|
2902
|
+
|
2903
|
+
# Contains the `Rules` that identify the requests that you want to
|
2904
|
+
# allow, block, or count. In a `WebACL`, you also specify a default
|
2905
|
+
# action (`ALLOW` or `BLOCK`), and the action for each `Rule` that you
|
2906
|
+
# add to a `WebACL`, for example, block requests from specified IP
|
2907
|
+
# addresses or block requests from specified referrers. You also
|
2908
|
+
# associate the `WebACL` with a CloudFront distribution to identify the
|
2909
|
+
# requests that you want AWS WAF to filter. If you add more than one
|
2910
|
+
# `Rule` to a `WebACL`, a request needs to match only one of the
|
2911
|
+
# specifications to be allowed, blocked, or counted. For more
|
2912
|
+
# information, see UpdateWebACL.
|
2913
|
+
# @!attribute [rw] web_acl_id
|
2914
|
+
# A unique identifier for a `WebACL`. You use `WebACLId` to get
|
2915
|
+
# information about a `WebACL` (see GetWebACL), update a `WebACL` (see
|
2916
|
+
# UpdateWebACL), and delete a `WebACL` from AWS WAF (see
|
2917
|
+
# DeleteWebACL).
|
2918
|
+
#
|
2919
|
+
# `WebACLId` is returned by CreateWebACL and by ListWebACLs.
|
2920
|
+
# @return [String]
|
2921
|
+
#
|
2922
|
+
# @!attribute [rw] name
|
2923
|
+
# A friendly name or description of the `WebACL`. You can't change
|
2924
|
+
# the name of a `WebACL` after you create it.
|
2925
|
+
# @return [String]
|
2926
|
+
#
|
2927
|
+
# @!attribute [rw] metric_name
|
2928
|
+
# @return [String]
|
2929
|
+
#
|
2930
|
+
# @!attribute [rw] default_action
|
2931
|
+
# The action to perform if none of the `Rules` contained in the
|
2932
|
+
# `WebACL` match. The action is specified by the WafAction object.
|
2933
|
+
# @return [Types::WafAction]
|
2934
|
+
#
|
2935
|
+
# @!attribute [rw] rules
|
2936
|
+
# An array that contains the action for each `Rule` in a `WebACL`, the
|
2937
|
+
# priority of the `Rule`, and the ID of the `Rule`.
|
2938
|
+
# @return [Array<Types::ActivatedRule>]
|
2939
|
+
class WebACL < Struct.new(
|
2940
|
+
:web_acl_id,
|
2941
|
+
:name,
|
2942
|
+
:metric_name,
|
2943
|
+
:default_action,
|
2944
|
+
:rules)
|
2945
|
+
include Aws::Structure
|
2946
|
+
end
|
2947
|
+
|
2948
|
+
# Contains the identifier and the name or description of the WebACL.
|
2949
|
+
# @!attribute [rw] web_acl_id
|
2950
|
+
# A unique identifier for a `WebACL`. You use `WebACLId` to get
|
2951
|
+
# information about a `WebACL` (see GetWebACL), update a `WebACL` (see
|
2952
|
+
# UpdateWebACL), and delete a `WebACL` from AWS WAF (see
|
2953
|
+
# DeleteWebACL).
|
2954
|
+
#
|
2955
|
+
# `WebACLId` is returned by CreateWebACL and by ListWebACLs.
|
2956
|
+
# @return [String]
|
2957
|
+
#
|
2958
|
+
# @!attribute [rw] name
|
2959
|
+
# A friendly name or description of the WebACL. You can't change the
|
2960
|
+
# name of a `WebACL` after you create it.
|
2961
|
+
# @return [String]
|
2962
|
+
class WebACLSummary < Struct.new(
|
2963
|
+
:web_acl_id,
|
2964
|
+
:name)
|
2965
|
+
include Aws::Structure
|
2966
|
+
end
|
2967
|
+
|
2968
|
+
# Specifies whether to insert a `Rule` into or delete a `Rule` from a
|
2969
|
+
# `WebACL`.
|
2970
|
+
# @note When making an API call, pass WebACLUpdate
|
2971
|
+
# data as a hash:
|
2972
|
+
#
|
2973
|
+
# {
|
2974
|
+
# action: "INSERT", # required, accepts INSERT, DELETE
|
2975
|
+
# activated_rule: { # required
|
2976
|
+
# priority: 1, # required
|
2977
|
+
# rule_id: "ResourceId", # required
|
2978
|
+
# action: { # required
|
2979
|
+
# type: "BLOCK", # required, accepts BLOCK, ALLOW, COUNT
|
2980
|
+
# },
|
2981
|
+
# },
|
2982
|
+
# }
|
2983
|
+
# @!attribute [rw] action
|
2984
|
+
# Specifies whether to insert a `Rule` into or delete a `Rule` from a
|
2985
|
+
# `WebACL`.
|
2986
|
+
# @return [String]
|
2987
|
+
#
|
2988
|
+
# @!attribute [rw] activated_rule
|
2989
|
+
# The `ActivatedRule` object in an UpdateWebACL request specifies a
|
2990
|
+
# `Rule` that you want to insert or delete, the priority of the `Rule`
|
2991
|
+
# in the `WebACL`, and the action that you want AWS WAF to take when a
|
2992
|
+
# web request matches the `Rule` (`ALLOW`, `BLOCK`, or `COUNT`).
|
2993
|
+
#
|
2994
|
+
# To specify whether to insert or delete a `Rule`, use the `Action`
|
2995
|
+
# parameter in the WebACLUpdate data type.
|
2996
|
+
# @return [Types::ActivatedRule]
|
2997
|
+
class WebACLUpdate < Struct.new(
|
2998
|
+
:action,
|
2999
|
+
:activated_rule)
|
3000
|
+
include Aws::Structure
|
3001
|
+
end
|
3002
|
+
|
3003
|
+
# A complex type that contains `XssMatchTuple` objects, which specify
|
3004
|
+
# the parts of web requests that you want AWS WAF to inspect for
|
3005
|
+
# cross-site scripting attacks and, if you want AWS WAF to inspect a
|
3006
|
+
# header, the name of the header. If a `XssMatchSet` contains more than
|
3007
|
+
# one `XssMatchTuple` object, a request needs to include cross-site
|
3008
|
+
# scripting attacks in only one of the specified parts of the request to
|
3009
|
+
# be considered a match.
|
3010
|
+
# @!attribute [rw] xss_match_set_id
|
3011
|
+
# A unique identifier for an `XssMatchSet`. You use `XssMatchSetId` to
|
3012
|
+
# get information about an `XssMatchSet` (see GetXssMatchSet), update
|
3013
|
+
# an `XssMatchSet` (see UpdateXssMatchSet), insert an `XssMatchSet`
|
3014
|
+
# into a `Rule` or delete one from a `Rule` (see UpdateRule), and
|
3015
|
+
# delete an `XssMatchSet` from AWS WAF (see DeleteXssMatchSet).
|
3016
|
+
#
|
3017
|
+
# `XssMatchSetId` is returned by CreateXssMatchSet and by
|
3018
|
+
# ListXssMatchSets.
|
3019
|
+
# @return [String]
|
3020
|
+
#
|
3021
|
+
# @!attribute [rw] name
|
3022
|
+
# The name, if any, of the `XssMatchSet`.
|
3023
|
+
# @return [String]
|
3024
|
+
#
|
3025
|
+
# @!attribute [rw] xss_match_tuples
|
3026
|
+
# Specifies the parts of web requests that you want to inspect for
|
3027
|
+
# cross-site scripting attacks.
|
3028
|
+
# @return [Array<Types::XssMatchTuple>]
|
3029
|
+
class XssMatchSet < Struct.new(
|
3030
|
+
:xss_match_set_id,
|
3031
|
+
:name,
|
3032
|
+
:xss_match_tuples)
|
3033
|
+
include Aws::Structure
|
3034
|
+
end
|
3035
|
+
|
3036
|
+
# The `Id` and `Name` of an `XssMatchSet`.
|
3037
|
+
# @!attribute [rw] xss_match_set_id
|
3038
|
+
# A unique identifier for an `XssMatchSet`. You use `XssMatchSetId` to
|
3039
|
+
# get information about a `XssMatchSet` (see GetXssMatchSet), update
|
3040
|
+
# an `XssMatchSet` (see UpdateXssMatchSet), insert an `XssMatchSet`
|
3041
|
+
# into a `Rule` or delete one from a `Rule` (see UpdateRule), and
|
3042
|
+
# delete an `XssMatchSet` from AWS WAF (see DeleteXssMatchSet).
|
3043
|
+
#
|
3044
|
+
# `XssMatchSetId` is returned by CreateXssMatchSet and by
|
3045
|
+
# ListXssMatchSets.
|
3046
|
+
# @return [String]
|
3047
|
+
#
|
3048
|
+
# @!attribute [rw] name
|
3049
|
+
# The name of the `XssMatchSet`, if any, specified by `Id`.
|
3050
|
+
# @return [String]
|
3051
|
+
class XssMatchSetSummary < Struct.new(
|
3052
|
+
:xss_match_set_id,
|
3053
|
+
:name)
|
3054
|
+
include Aws::Structure
|
3055
|
+
end
|
3056
|
+
|
3057
|
+
# Specifies the part of a web request that you want to inspect for
|
3058
|
+
# cross-site scripting attacks and indicates whether you want to add the
|
3059
|
+
# specification to an XssMatchSet or delete it from an `XssMatchSet`.
|
3060
|
+
# @note When making an API call, pass XssMatchSetUpdate
|
3061
|
+
# data as a hash:
|
3062
|
+
#
|
3063
|
+
# {
|
3064
|
+
# action: "INSERT", # required, accepts INSERT, DELETE
|
3065
|
+
# xss_match_tuple: { # required
|
3066
|
+
# field_to_match: { # required
|
3067
|
+
# type: "URI", # required, accepts URI, QUERY_STRING, HEADER, METHOD, BODY
|
3068
|
+
# data: "MatchFieldData",
|
3069
|
+
# },
|
3070
|
+
# text_transformation: "NONE", # required, accepts NONE, COMPRESS_WHITE_SPACE, HTML_ENTITY_DECODE, LOWERCASE, CMD_LINE, URL_DECODE
|
3071
|
+
# },
|
3072
|
+
# }
|
3073
|
+
# @!attribute [rw] action
|
3074
|
+
# Specify `INSERT` to add a XssMatchSetUpdate to an XssMatchSet. Use
|
3075
|
+
# `DELETE` to remove a `XssMatchSetUpdate` from an `XssMatchSet`.
|
3076
|
+
# @return [String]
|
3077
|
+
#
|
3078
|
+
# @!attribute [rw] xss_match_tuple
|
3079
|
+
# Specifies the part of a web request that you want AWS WAF to inspect
|
3080
|
+
# for cross-site scripting attacks and, if you want AWS WAF to inspect
|
3081
|
+
# a header, the name of the header.
|
3082
|
+
# @return [Types::XssMatchTuple]
|
3083
|
+
class XssMatchSetUpdate < Struct.new(
|
3084
|
+
:action,
|
3085
|
+
:xss_match_tuple)
|
3086
|
+
include Aws::Structure
|
3087
|
+
end
|
3088
|
+
|
3089
|
+
# Specifies the part of a web request that you want AWS WAF to inspect
|
3090
|
+
# for cross-site scripting attacks and, if you want AWS WAF to inspect a
|
3091
|
+
# header, the name of the header.
|
3092
|
+
# @note When making an API call, pass XssMatchTuple
|
3093
|
+
# data as a hash:
|
3094
|
+
#
|
3095
|
+
# {
|
3096
|
+
# field_to_match: { # required
|
3097
|
+
# type: "URI", # required, accepts URI, QUERY_STRING, HEADER, METHOD, BODY
|
3098
|
+
# data: "MatchFieldData",
|
3099
|
+
# },
|
3100
|
+
# text_transformation: "NONE", # required, accepts NONE, COMPRESS_WHITE_SPACE, HTML_ENTITY_DECODE, LOWERCASE, CMD_LINE, URL_DECODE
|
3101
|
+
# }
|
3102
|
+
# @!attribute [rw] field_to_match
|
3103
|
+
# Specifies where in a web request to look for `TargetString`.
|
3104
|
+
# @return [Types::FieldToMatch]
|
3105
|
+
#
|
3106
|
+
# @!attribute [rw] text_transformation
|
3107
|
+
# Text transformations eliminate some of the unusual formatting that
|
3108
|
+
# attackers use in web requests in an effort to bypass AWS WAF. If you
|
3109
|
+
# specify a transformation, AWS WAF performs the transformation on
|
3110
|
+
# `FieldToMatch` before inspecting a request for a match.
|
3111
|
+
#
|
3112
|
+
# **CMD\_LINE**
|
3113
|
+
#
|
3114
|
+
# When you're concerned that attackers are injecting an operating
|
3115
|
+
# system commandline command and using unusual formatting to disguise
|
3116
|
+
# some or all of the command, use this option to perform the following
|
3117
|
+
# transformations:
|
3118
|
+
#
|
3119
|
+
# * Delete the following characters: \\ " ' ^
|
3120
|
+
#
|
3121
|
+
# * Delete spaces before the following characters: / (
|
3122
|
+
#
|
3123
|
+
# * Replace the following characters with a space: , ;
|
3124
|
+
#
|
3125
|
+
# * Replace multiple spaces with one space
|
3126
|
+
#
|
3127
|
+
# * Convert uppercase letters (A-Z) to lowercase (a-z)
|
3128
|
+
#
|
3129
|
+
# **COMPRESS\_WHITE\_SPACE**
|
3130
|
+
#
|
3131
|
+
# Use this option to replace the following characters with a space
|
3132
|
+
# character (decimal 32):
|
3133
|
+
#
|
3134
|
+
# * \\f, formfeed, decimal 12
|
3135
|
+
#
|
3136
|
+
# * \\t, tab, decimal 9
|
3137
|
+
#
|
3138
|
+
# * \\n, newline, decimal 10
|
3139
|
+
#
|
3140
|
+
# * \\r, carriage return, decimal 13
|
3141
|
+
#
|
3142
|
+
# * \\v, vertical tab, decimal 11
|
3143
|
+
#
|
3144
|
+
# * non-breaking space, decimal 160
|
3145
|
+
#
|
3146
|
+
# `COMPRESS_WHITE_SPACE` also replaces multiple spaces with one space.
|
3147
|
+
#
|
3148
|
+
# **HTML\_ENTITY\_DECODE**
|
3149
|
+
#
|
3150
|
+
# Use this option to replace HTML-encoded characters with unencoded
|
3151
|
+
# characters. `HTML_ENTITY_DECODE` performs the following operations:
|
3152
|
+
#
|
3153
|
+
# * Replaces `(ampersand)quot;` with `"`
|
3154
|
+
#
|
3155
|
+
# * Replaces `(ampersand)nbsp;` with a non-breaking space, decimal 160
|
3156
|
+
#
|
3157
|
+
# * Replaces `(ampersand)lt;` with a "less than" symbol
|
3158
|
+
#
|
3159
|
+
# * Replaces `(ampersand)gt;` with `>`
|
3160
|
+
#
|
3161
|
+
# * Replaces characters that are represented in hexadecimal format,
|
3162
|
+
# `(ampersand)#xhhhh;`, with the corresponding characters
|
3163
|
+
#
|
3164
|
+
# * Replaces characters that are represented in decimal format,
|
3165
|
+
# `(ampersand)#nnnn;`, with the corresponding characters
|
3166
|
+
#
|
3167
|
+
# **LOWERCASE**
|
3168
|
+
#
|
3169
|
+
# Use this option to convert uppercase letters (A-Z) to lowercase
|
3170
|
+
# (a-z).
|
3171
|
+
#
|
3172
|
+
# **URL\_DECODE**
|
3173
|
+
#
|
3174
|
+
# Use this option to decode a URL-encoded value.
|
3175
|
+
#
|
3176
|
+
# **NONE**
|
3177
|
+
#
|
3178
|
+
# Specify `NONE` if you don't want to perform any text
|
3179
|
+
# transformations.
|
3180
|
+
# @return [String]
|
3181
|
+
class XssMatchTuple < Struct.new(
|
3182
|
+
:field_to_match,
|
3183
|
+
:text_transformation)
|
3184
|
+
include Aws::Structure
|
3185
|
+
end
|
3186
|
+
|
3187
|
+
end
|
3188
|
+
end
|
3189
|
+
end
|