aws-sdk-waf 1.5.0 → 1.6.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: e843d55c0efd39ca17cd051c6cca7325e698e6a5
-  data.tar.gz: e365adf4e76d8b34c70b67b555fb5659c3e251f0
+  metadata.gz: 0e4500b76f21c7e2eb0fc18f9093d0c532fec3cf
+  data.tar.gz: 85a39a68a09f98148f03563b45a7d9f20fd078b4
 SHA512:
-  metadata.gz: 8d9620c0f588e2934011f7848ff5303d69a7675bb61ed13d785c7c59998bb3a7da35581ff7b642a86ca74221b66d28ca03a3e2cf271113601751b30aa03f06fa
-  data.tar.gz: 871887bdba3e737098d70875350a463f807c8113f09a4f3f45045744125fdd781a2b39ec1ce8b8adfb99c29129a666f0b8a4c754fbd267bda78d6603b3dea47e
+  metadata.gz: 6b688c9ba241af2287ddb3ca1becf1ea723abd993162b3c0f58bb8793d47f4c2225c3cc46bca0b8b5547d1aa54c5381c72b11ce5781be0f69534d9159fe51060
+  data.tar.gz: a10c716deef78d9bb9f482eb4bcc3f573fa6cc067119899f5df79f363d9e98b05207c7fcad15d16285b974b43d8c3b5039183acaca45f9d475bdeb5d296c6117

data/lib/aws-sdk-waf.rb

@@ -42,6 +42,6 @@ require_relative 'aws-sdk-waf/customizations'
 # @service
 module Aws::WAF
 
-  GEM_VERSION = '1.5.0'
+  GEM_VERSION = '1.6.0'
 
 end

data/lib/aws-sdk-waf/client.rb

@@ -218,7 +218,7 @@ module Aws::WAF
     #   resp.byte_match_set.byte_match_set_id #=> String
     #   resp.byte_match_set.name #=> String
     #   resp.byte_match_set.byte_match_tuples #=> Array
-    #   resp.byte_match_set.byte_match_tuples[0].field_to_match.type #=> String, one of "URI", "QUERY_STRING", "HEADER", "METHOD", "BODY"
+    #   resp.byte_match_set.byte_match_tuples[0].field_to_match.type #=> String, one of "URI", "QUERY_STRING", "HEADER", "METHOD", "BODY", "SINGLE_QUERY_ARG", "ALL_QUERY_ARGS"
     #   resp.byte_match_set.byte_match_tuples[0].field_to_match.data #=> String
     #   resp.byte_match_set.byte_match_tuples[0].target_string #=> String
     #   resp.byte_match_set.byte_match_tuples[0].text_transformation #=> String, one of "NONE", "COMPRESS_WHITE_SPACE", "HTML_ENTITY_DECODE", "LOWERCASE", "CMD_LINE", "URL_DECODE"
@@ -580,7 +580,7 @@ module Aws::WAF
     #   resp.regex_match_set.regex_match_set_id #=> String
     #   resp.regex_match_set.name #=> String
     #   resp.regex_match_set.regex_match_tuples #=> Array
-    #   resp.regex_match_set.regex_match_tuples[0].field_to_match.type #=> String, one of "URI", "QUERY_STRING", "HEADER", "METHOD", "BODY"
+    #   resp.regex_match_set.regex_match_tuples[0].field_to_match.type #=> String, one of "URI", "QUERY_STRING", "HEADER", "METHOD", "BODY", "SINGLE_QUERY_ARG", "ALL_QUERY_ARGS"
     #   resp.regex_match_set.regex_match_tuples[0].field_to_match.data #=> String
     #   resp.regex_match_set.regex_match_tuples[0].text_transformation #=> String, one of "NONE", "COMPRESS_WHITE_SPACE", "HTML_ENTITY_DECODE", "LOWERCASE", "CMD_LINE", "URL_DECODE"
     #   resp.regex_match_set.regex_match_tuples[0].regex_pattern_set_id #=> String
@@ -919,7 +919,7 @@ module Aws::WAF
     #   resp.size_constraint_set.size_constraint_set_id #=> String
     #   resp.size_constraint_set.name #=> String
     #   resp.size_constraint_set.size_constraints #=> Array
-    #   resp.size_constraint_set.size_constraints[0].field_to_match.type #=> String, one of "URI", "QUERY_STRING", "HEADER", "METHOD", "BODY"
+    #   resp.size_constraint_set.size_constraints[0].field_to_match.type #=> String, one of "URI", "QUERY_STRING", "HEADER", "METHOD", "BODY", "SINGLE_QUERY_ARG", "ALL_QUERY_ARGS"
     #   resp.size_constraint_set.size_constraints[0].field_to_match.data #=> String
     #   resp.size_constraint_set.size_constraints[0].text_transformation #=> String, one of "NONE", "COMPRESS_WHITE_SPACE", "HTML_ENTITY_DECODE", "LOWERCASE", "CMD_LINE", "URL_DECODE"
     #   resp.size_constraint_set.size_constraints[0].comparison_operator #=> String, one of "EQ", "NE", "LE", "LT", "GE", "GT"
@@ -1015,7 +1015,7 @@ module Aws::WAF
     #   resp.sql_injection_match_set.sql_injection_match_set_id #=> String
     #   resp.sql_injection_match_set.name #=> String
     #   resp.sql_injection_match_set.sql_injection_match_tuples #=> Array
-    #   resp.sql_injection_match_set.sql_injection_match_tuples[0].field_to_match.type #=> String, one of "URI", "QUERY_STRING", "HEADER", "METHOD", "BODY"
+    #   resp.sql_injection_match_set.sql_injection_match_tuples[0].field_to_match.type #=> String, one of "URI", "QUERY_STRING", "HEADER", "METHOD", "BODY", "SINGLE_QUERY_ARG", "ALL_QUERY_ARGS"
     #   resp.sql_injection_match_set.sql_injection_match_tuples[0].field_to_match.data #=> String
     #   resp.sql_injection_match_set.sql_injection_match_tuples[0].text_transformation #=> String, one of "NONE", "COMPRESS_WHITE_SPACE", "HTML_ENTITY_DECODE", "LOWERCASE", "CMD_LINE", "URL_DECODE"
     #   resp.change_token #=> String
@@ -1237,7 +1237,7 @@ module Aws::WAF
     #   resp.xss_match_set.xss_match_set_id #=> String
     #   resp.xss_match_set.name #=> String
     #   resp.xss_match_set.xss_match_tuples #=> Array
-    #   resp.xss_match_set.xss_match_tuples[0].field_to_match.type #=> String, one of "URI", "QUERY_STRING", "HEADER", "METHOD", "BODY"
+    #   resp.xss_match_set.xss_match_tuples[0].field_to_match.type #=> String, one of "URI", "QUERY_STRING", "HEADER", "METHOD", "BODY", "SINGLE_QUERY_ARG", "ALL_QUERY_ARGS"
     #   resp.xss_match_set.xss_match_tuples[0].field_to_match.data #=> String
     #   resp.xss_match_set.xss_match_tuples[0].text_transformation #=> String, one of "NONE", "COMPRESS_WHITE_SPACE", "HTML_ENTITY_DECODE", "LOWERCASE", "CMD_LINE", "URL_DECODE"
     #   resp.change_token #=> String
@@ -1427,6 +1427,30 @@ module Aws::WAF
       req.send_request(options)
     end
 
+    # Permanently deletes the LoggingConfiguration from the specified web
+    # ACL.
+    #
+    # @option params [required, String] :resource_arn
+    #   The Amazon Resource Name (ARN) of the web ACL from which you want to
+    #   delete the LoggingConfiguration.
+    #
+    # @return [Struct] Returns an empty {Seahorse::Client::Response response}.
+    #
+    # @example Request syntax with placeholder values
+    #
+    #   resp = client.delete_logging_configuration({
+    #     resource_arn: "ResourceArn", # required
+    #   })
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/waf-2015-08-24/DeleteLoggingConfiguration AWS API Documentation
+    #
+    # @overload delete_logging_configuration(params = {})
+    # @param [Hash] params ({})
+    def delete_logging_configuration(params = {}, options = {})
+      req = build_request(:delete_logging_configuration, params)
+      req.send_request(options)
+    end
+
     # Permanently deletes an IAM policy from the specified RuleGroup.
     #
     # The user making the request must be the owner of the RuleGroup.
@@ -2003,7 +2027,7 @@ module Aws::WAF
     #   resp.byte_match_set.byte_match_set_id #=> String
     #   resp.byte_match_set.name #=> String
     #   resp.byte_match_set.byte_match_tuples #=> Array
-    #   resp.byte_match_set.byte_match_tuples[0].field_to_match.type #=> String, one of "URI", "QUERY_STRING", "HEADER", "METHOD", "BODY"
+    #   resp.byte_match_set.byte_match_tuples[0].field_to_match.type #=> String, one of "URI", "QUERY_STRING", "HEADER", "METHOD", "BODY", "SINGLE_QUERY_ARG", "ALL_QUERY_ARGS"
     #   resp.byte_match_set.byte_match_tuples[0].field_to_match.data #=> String
     #   resp.byte_match_set.byte_match_tuples[0].target_string #=> String
     #   resp.byte_match_set.byte_match_tuples[0].text_transformation #=> String, one of "NONE", "COMPRESS_WHITE_SPACE", "HTML_ENTITY_DECODE", "LOWERCASE", "CMD_LINE", "URL_DECODE"
@@ -2207,6 +2231,40 @@ module Aws::WAF
       req.send_request(options)
     end
 
+    # Returns the LoggingConfiguration for the specified web ACL.
+    #
+    # @option params [required, String] :resource_arn
+    #   The Amazon Resource Name (ARN) of the web ACL for which you want to
+    #   get the LoggingConfiguration.
+    #
+    # @return [Types::GetLoggingConfigurationResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
+    #
+    #   * {Types::GetLoggingConfigurationResponse#logging_configuration #logging_configuration} => Types::LoggingConfiguration
+    #
+    # @example Request syntax with placeholder values
+    #
+    #   resp = client.get_logging_configuration({
+    #     resource_arn: "ResourceArn", # required
+    #   })
+    #
+    # @example Response structure
+    #
+    #   resp.logging_configuration.resource_arn #=> String
+    #   resp.logging_configuration.log_destination_configs #=> Array
+    #   resp.logging_configuration.log_destination_configs[0] #=> String
+    #   resp.logging_configuration.redacted_fields #=> Array
+    #   resp.logging_configuration.redacted_fields[0].type #=> String, one of "URI", "QUERY_STRING", "HEADER", "METHOD", "BODY", "SINGLE_QUERY_ARG", "ALL_QUERY_ARGS"
+    #   resp.logging_configuration.redacted_fields[0].data #=> String
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/waf-2015-08-24/GetLoggingConfiguration AWS API Documentation
+    #
+    # @overload get_logging_configuration(params = {})
+    # @param [Hash] params ({})
+    def get_logging_configuration(params = {}, options = {})
+      req = build_request(:get_logging_configuration, params)
+      req.send_request(options)
+    end
+
     # Returns the IAM policy attached to the RuleGroup.
     #
     # @option params [required, String] :resource_arn
@@ -2338,7 +2396,7 @@ module Aws::WAF
     #   resp.regex_match_set.regex_match_set_id #=> String
     #   resp.regex_match_set.name #=> String
     #   resp.regex_match_set.regex_match_tuples #=> Array
-    #   resp.regex_match_set.regex_match_tuples[0].field_to_match.type #=> String, one of "URI", "QUERY_STRING", "HEADER", "METHOD", "BODY"
+    #   resp.regex_match_set.regex_match_tuples[0].field_to_match.type #=> String, one of "URI", "QUERY_STRING", "HEADER", "METHOD", "BODY", "SINGLE_QUERY_ARG", "ALL_QUERY_ARGS"
     #   resp.regex_match_set.regex_match_tuples[0].field_to_match.data #=> String
     #   resp.regex_match_set.regex_match_tuples[0].text_transformation #=> String, one of "NONE", "COMPRESS_WHITE_SPACE", "HTML_ENTITY_DECODE", "LOWERCASE", "CMD_LINE", "URL_DECODE"
     #   resp.regex_match_set.regex_match_tuples[0].regex_pattern_set_id #=> String
@@ -2663,7 +2721,7 @@ module Aws::WAF
     #   resp.size_constraint_set.size_constraint_set_id #=> String
     #   resp.size_constraint_set.name #=> String
     #   resp.size_constraint_set.size_constraints #=> Array
-    #   resp.size_constraint_set.size_constraints[0].field_to_match.type #=> String, one of "URI", "QUERY_STRING", "HEADER", "METHOD", "BODY"
+    #   resp.size_constraint_set.size_constraints[0].field_to_match.type #=> String, one of "URI", "QUERY_STRING", "HEADER", "METHOD", "BODY", "SINGLE_QUERY_ARG", "ALL_QUERY_ARGS"
     #   resp.size_constraint_set.size_constraints[0].field_to_match.data #=> String
     #   resp.size_constraint_set.size_constraints[0].text_transformation #=> String, one of "NONE", "COMPRESS_WHITE_SPACE", "HTML_ENTITY_DECODE", "LOWERCASE", "CMD_LINE", "URL_DECODE"
     #   resp.size_constraint_set.size_constraints[0].comparison_operator #=> String, one of "EQ", "NE", "LE", "LT", "GE", "GT"
@@ -2727,7 +2785,7 @@ module Aws::WAF
     #   resp.sql_injection_match_set.sql_injection_match_set_id #=> String
     #   resp.sql_injection_match_set.name #=> String
     #   resp.sql_injection_match_set.sql_injection_match_tuples #=> Array
-    #   resp.sql_injection_match_set.sql_injection_match_tuples[0].field_to_match.type #=> String, one of "URI", "QUERY_STRING", "HEADER", "METHOD", "BODY"
+    #   resp.sql_injection_match_set.sql_injection_match_tuples[0].field_to_match.type #=> String, one of "URI", "QUERY_STRING", "HEADER", "METHOD", "BODY", "SINGLE_QUERY_ARG", "ALL_QUERY_ARGS"
     #   resp.sql_injection_match_set.sql_injection_match_tuples[0].field_to_match.data #=> String
     #   resp.sql_injection_match_set.sql_injection_match_tuples[0].text_transformation #=> String, one of "NONE", "COMPRESS_WHITE_SPACE", "HTML_ENTITY_DECODE", "LOWERCASE", "CMD_LINE", "URL_DECODE"
     #
@@ -2855,7 +2913,7 @@ module Aws::WAF
     #   resp.xss_match_set.xss_match_set_id #=> String
     #   resp.xss_match_set.name #=> String
     #   resp.xss_match_set.xss_match_tuples #=> Array
-    #   resp.xss_match_set.xss_match_tuples[0].field_to_match.type #=> String, one of "URI", "QUERY_STRING", "HEADER", "METHOD", "BODY"
+    #   resp.xss_match_set.xss_match_tuples[0].field_to_match.type #=> String, one of "URI", "QUERY_STRING", "HEADER", "METHOD", "BODY", "SINGLE_QUERY_ARG", "ALL_QUERY_ARGS"
     #   resp.xss_match_set.xss_match_tuples[0].field_to_match.data #=> String
     #   resp.xss_match_set.xss_match_tuples[0].text_transformation #=> String, one of "NONE", "COMPRESS_WHITE_SPACE", "HTML_ENTITY_DECODE", "LOWERCASE", "CMD_LINE", "URL_DECODE"
     #
@@ -3074,6 +3132,56 @@ module Aws::WAF
       req.send_request(options)
     end
 
+    # Returns an array of LoggingConfiguration objects.
+    #
+    # @option params [String] :next_marker
+    #   If you specify a value for `Limit` and you have more
+    #   `LoggingConfigurations` than the value of `Limit`, AWS WAF returns a
+    #   `NextMarker` value in the response that allows you to list another
+    #   group of `LoggingConfigurations`. For the second and subsequent
+    #   `ListLoggingConfigurations` requests, specify the value of
+    #   `NextMarker` from the previous response to get information about
+    #   another batch of `ListLoggingConfigurations`.
+    #
+    # @option params [Integer] :limit
+    #   Specifies the number of `LoggingConfigurations` that you want AWS WAF
+    #   to return for this request. If you have more `LoggingConfigurations`
+    #   than the number that you specify for `Limit`, the response includes a
+    #   `NextMarker` value that you can use to get another batch of
+    #   `LoggingConfigurations`.
+    #
+    # @return [Types::ListLoggingConfigurationsResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
+    #
+    #   * {Types::ListLoggingConfigurationsResponse#logging_configurations #logging_configurations} => Array<Types::LoggingConfiguration>
+    #   * {Types::ListLoggingConfigurationsResponse#next_marker #next_marker} => String
+    #
+    # @example Request syntax with placeholder values
+    #
+    #   resp = client.list_logging_configurations({
+    #     next_marker: "NextMarker",
+    #     limit: 1,
+    #   })
+    #
+    # @example Response structure
+    #
+    #   resp.logging_configurations #=> Array
+    #   resp.logging_configurations[0].resource_arn #=> String
+    #   resp.logging_configurations[0].log_destination_configs #=> Array
+    #   resp.logging_configurations[0].log_destination_configs[0] #=> String
+    #   resp.logging_configurations[0].redacted_fields #=> Array
+    #   resp.logging_configurations[0].redacted_fields[0].type #=> String, one of "URI", "QUERY_STRING", "HEADER", "METHOD", "BODY", "SINGLE_QUERY_ARG", "ALL_QUERY_ARGS"
+    #   resp.logging_configurations[0].redacted_fields[0].data #=> String
+    #   resp.next_marker #=> String
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/waf-2015-08-24/ListLoggingConfigurations AWS API Documentation
+    #
+    # @overload list_logging_configurations(params = {})
+    # @param [Hash] params ({})
+    def list_logging_configurations(params = {}, options = {})
+      req = build_request(:list_logging_configurations, params)
+      req.send_request(options)
+    end
+
     # Returns an array of RuleSummary objects.
     #
     # @option params [String] :next_marker
@@ -3619,6 +3727,71 @@ module Aws::WAF
       req.send_request(options)
     end
 
+    # Associates a LoggingConfiguration with a specified web ACL.
+    #
+    # You can access information about all traffic that AWS WAF inspects
+    # using the following steps:
+    #
+    # 1.  Create an Amazon Kinesis Data Firehose delivery stream. For more
+    #     information, see [Creating an Amazon Kinesis Data Firehose
+    #     Delivery Stream][1].
+    #
+    # 2.  Associate that delivery stream to your web ACL using a
+    #     `PutLoggingConfiguration` request.
+    #
+    # When you successfully enable logging using a `PutLoggingConfiguration`
+    # request, AWS WAF will create a service linked role with the necessary
+    # permissions to write logs to the Amazon Kinesis Data Firehose delivery
+    # stream. For more information, see [Logging Web ACL Traffic
+    # Information][2] in the *AWS WAF Developer Guide*.
+    #
+    #
+    #
+    # [1]: https://docs.aws.amazon.com/firehose/latest/dev/what-is-this-service.html
+    # [2]: http://docs.aws.amazon.com/waf/latest/developerguide/logging.html
+    #
+    # @option params [required, Types::LoggingConfiguration] :logging_configuration
+    #   The Amazon Kinesis Data Firehose delivery streams that contains the
+    #   inspected traffic information, the redacted fields details, and the
+    #   Amazon Resource Name (ARN) of the web ACL to monitor.
+    #
+    # @return [Types::PutLoggingConfigurationResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
+    #
+    #   * {Types::PutLoggingConfigurationResponse#logging_configuration #logging_configuration} => Types::LoggingConfiguration
+    #
+    # @example Request syntax with placeholder values
+    #
+    #   resp = client.put_logging_configuration({
+    #     logging_configuration: { # required
+    #       resource_arn: "ResourceArn", # required
+    #       log_destination_configs: ["ResourceArn"], # required
+    #       redacted_fields: [
+    #         {
+    #           type: "URI", # required, accepts URI, QUERY_STRING, HEADER, METHOD, BODY, SINGLE_QUERY_ARG, ALL_QUERY_ARGS
+    #           data: "MatchFieldData",
+    #         },
+    #       ],
+    #     },
+    #   })
+    #
+    # @example Response structure
+    #
+    #   resp.logging_configuration.resource_arn #=> String
+    #   resp.logging_configuration.log_destination_configs #=> Array
+    #   resp.logging_configuration.log_destination_configs[0] #=> String
+    #   resp.logging_configuration.redacted_fields #=> Array
+    #   resp.logging_configuration.redacted_fields[0].type #=> String, one of "URI", "QUERY_STRING", "HEADER", "METHOD", "BODY", "SINGLE_QUERY_ARG", "ALL_QUERY_ARGS"
+    #   resp.logging_configuration.redacted_fields[0].data #=> String
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/waf-2015-08-24/PutLoggingConfiguration AWS API Documentation
+    #
+    # @overload put_logging_configuration(params = {})
+    # @param [Hash] params ({})
+    def put_logging_configuration(params = {}, options = {})
+      req = build_request(:put_logging_configuration, params)
+      req.send_request(options)
+    end
+
     # Attaches a IAM policy to the specified resource. The only supported
     # use for this action is to share a RuleGroup across accounts.
     #
@@ -3631,8 +3804,9 @@ module Aws::WAF
     #
     # * `Effect` must specify `Allow`.
     #
-    # * The `Action` in the policy must be `waf:UpdateWebACL` and
-    #   `waf-regional:UpdateWebACL`. Any extra or wildcard actions in the
+    # * The `Action` in the policy must be `waf:UpdateWebACL`,
+    #   `waf-regional:UpdateWebACL`, `waf:GetRuleGroup` and
+    #   `waf-regional:GetRuleGroup` . Any extra or wildcard actions in the
     #   policy will be rejected.
     #
     # * The policy cannot include a `Resource` parameter.
@@ -3787,7 +3961,7 @@ module Aws::WAF
     #         action: "INSERT", # required, accepts INSERT, DELETE
     #         byte_match_tuple: { # required
     #           field_to_match: { # required
-    #             type: "URI", # required, accepts URI, QUERY_STRING, HEADER, METHOD, BODY
+    #             type: "URI", # required, accepts URI, QUERY_STRING, HEADER, METHOD, BODY, SINGLE_QUERY_ARG, ALL_QUERY_ARGS
     #             data: "MatchFieldData",
     #           },
     #           target_string: "data", # required
@@ -3912,10 +4086,10 @@ module Aws::WAF
     #   the range of IP addresses from `192.0.2.0` to `192.0.2.255`) or
     #   `192.0.2.44/32` (for the individual IP address `192.0.2.44`).
     #
-    # AWS WAF supports /8, /16, /24, and /32 IP address ranges for IPv4, and
-    # /24, /32, /48, /56, /64 and /128 for IPv6. For more information about
-    # CIDR notation, see the Wikipedia entry [Classless Inter-Domain
-    # Routing][1].
+    # AWS WAF supports IPv4 address ranges: /8 and any range between /16
+    # through /32. AWS WAF supports IPv6 address ranges: /16, /24, /32, /48,
+    # /56, /64, and /128. For more information about CIDR notation, see the
+    # Wikipedia entry [Classless Inter-Domain Routing][1].
     #
     # IPv6 addresses can be represented using any of the following formats:
     #
@@ -3949,6 +4123,8 @@ module Aws::WAF
     # change an IP address, you delete the existing IP address and add the
     # new one.
     #
+    # You can insert a maximum of 1000 addresses in a single request.
+    #
     # For more information about how to use the AWS WAF API to allow or
     # block HTTP requests, see the [AWS WAF Developer Guide][2].
     #
@@ -3973,6 +4149,8 @@ module Aws::WAF
     #
     #   * IPSetDescriptor: Contains `Type` and `Value`
     #
+    #   You can insert a maximum of 1000 addresses in a single request.
+    #
     # @return [Types::UpdateIPSetResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
     #
     #   * {Types::UpdateIPSetResponse#change_token #change_token} => String
@@ -4197,7 +4375,7 @@ module Aws::WAF
     #         action: "INSERT", # required, accepts INSERT, DELETE
     #         regex_match_tuple: { # required
     #           field_to_match: { # required
-    #             type: "URI", # required, accepts URI, QUERY_STRING, HEADER, METHOD, BODY
+    #             type: "URI", # required, accepts URI, QUERY_STRING, HEADER, METHOD, BODY, SINGLE_QUERY_ARG, ALL_QUERY_ARGS
     #             data: "MatchFieldData",
     #           },
     #           text_transformation: "NONE", # required, accepts NONE, COMPRESS_WHITE_SPACE, HTML_ENTITY_DECODE, LOWERCASE, CMD_LINE, URL_DECODE
@@ -4528,6 +4706,8 @@ module Aws::WAF
     #   AWS resource forwards only the first `8192` bytes of your request to
     #   AWS WAF.
     #
+    #   You can only specify a single type of TextTransformation.
+    #
     # * A `ComparisonOperator` used for evaluating the selected part of the
     #   request against the specified `Size`, such as equals, greater than,
     #   less than, and so on.
@@ -4625,7 +4805,7 @@ module Aws::WAF
     #         action: "INSERT", # required, accepts INSERT, DELETE
     #         size_constraint: { # required
     #           field_to_match: { # required
-    #             type: "URI", # required, accepts URI, QUERY_STRING, HEADER, METHOD, BODY
+    #             type: "URI", # required, accepts URI, QUERY_STRING, HEADER, METHOD, BODY, SINGLE_QUERY_ARG, ALL_QUERY_ARGS
     #             data: "MatchFieldData",
     #           },
     #           text_transformation: "NONE", # required, accepts NONE, COMPRESS_WHITE_SPACE, HTML_ENTITY_DECODE, LOWERCASE, CMD_LINE, URL_DECODE
@@ -4658,13 +4838,15 @@ module Aws::WAF
     #   existing object and add a new one.
     #
     # * `FieldToMatch`\: The part of web requests that you want AWS WAF to
-    #   inspect and, if you want AWS WAF to inspect a header, the name of
-    #   the header.
+    #   inspect and, if you want AWS WAF to inspect a header or custom query
+    #   parameter, the name of the header or parameter.
     #
     # * `TextTransformation`\: Which text transformation, if any, to perform
     #   on the web request before inspecting the request for snippets of
     #   malicious SQL code.
     #
+    #   You can only specify a single type of TextTransformation.
+    #
     # You use `SqlInjectionMatchSet` objects to specify which CloudFront
     # requests you want to allow, block, or count. For example, if you're
     # receiving requests that contain snippets of SQL code in the query
@@ -4753,7 +4935,7 @@ module Aws::WAF
     #         action: "INSERT", # required, accepts INSERT, DELETE
     #         sql_injection_match_tuple: { # required
     #           field_to_match: { # required
-    #             type: "URI", # required, accepts URI, QUERY_STRING, HEADER, METHOD, BODY
+    #             type: "URI", # required, accepts URI, QUERY_STRING, HEADER, METHOD, BODY, SINGLE_QUERY_ARG, ALL_QUERY_ARGS
     #             data: "MatchFieldData",
     #           },
     #           text_transformation: "NONE", # required, accepts NONE, COMPRESS_WHITE_SPACE, HTML_ENTITY_DECODE, LOWERCASE, CMD_LINE, URL_DECODE
@@ -4943,13 +5125,15 @@ module Aws::WAF
     #   object and add a new one.
     #
     # * `FieldToMatch`\: The part of web requests that you want AWS WAF to
-    #   inspect and, if you want AWS WAF to inspect a header, the name of
-    #   the header.
+    #   inspect and, if you want AWS WAF to inspect a header or custom query
+    #   parameter, the name of the header or parameter.
     #
     # * `TextTransformation`\: Which text transformation, if any, to perform
     #   on the web request before inspecting the request for cross-site
     #   scripting attacks.
     #
+    #   You can only specify a single type of TextTransformation.
+    #
     # You use `XssMatchSet` objects to specify which CloudFront requests you
     # want to allow, block, or count. For example, if you're receiving
     # requests that contain cross-site scripting attacks in the request body
@@ -5035,7 +5219,7 @@ module Aws::WAF
     #         action: "INSERT", # required, accepts INSERT, DELETE
     #         xss_match_tuple: { # required
     #           field_to_match: { # required
-    #             type: "URI", # required, accepts URI, QUERY_STRING, HEADER, METHOD, BODY
+    #             type: "URI", # required, accepts URI, QUERY_STRING, HEADER, METHOD, BODY, SINGLE_QUERY_ARG, ALL_QUERY_ARGS
     #             data: "MatchFieldData",
     #           },
     #           text_transformation: "NONE", # required, accepts NONE, COMPRESS_WHITE_SPACE, HTML_ENTITY_DECODE, LOWERCASE, CMD_LINE, URL_DECODE
@@ -5070,7 +5254,7 @@ module Aws::WAF
         params: params,
         config: config)
       context[:gem_name] = 'aws-sdk-waf'
-      context[:gem_version] = '1.5.0'
+      context[:gem_version] = '1.6.0'
       Seahorse::Client::Request.new(handlers, context)
     end
 

data/lib/aws-sdk-waf/client_api.rb

@@ -57,6 +57,8 @@ module Aws::WAF
     DeleteGeoMatchSetResponse = Shapes::StructureShape.new(name: 'DeleteGeoMatchSetResponse')
     DeleteIPSetRequest = Shapes::StructureShape.new(name: 'DeleteIPSetRequest')
     DeleteIPSetResponse = Shapes::StructureShape.new(name: 'DeleteIPSetResponse')
+    DeleteLoggingConfigurationRequest = Shapes::StructureShape.new(name: 'DeleteLoggingConfigurationRequest')
+    DeleteLoggingConfigurationResponse = Shapes::StructureShape.new(name: 'DeleteLoggingConfigurationResponse')
     DeletePermissionPolicyRequest = Shapes::StructureShape.new(name: 'DeletePermissionPolicyRequest')
     DeletePermissionPolicyResponse = Shapes::StructureShape.new(name: 'DeletePermissionPolicyResponse')
     DeleteRateBasedRuleRequest = Shapes::StructureShape.new(name: 'DeleteRateBasedRuleRequest')
@@ -97,6 +99,8 @@ module Aws::WAF
     GetGeoMatchSetResponse = Shapes::StructureShape.new(name: 'GetGeoMatchSetResponse')
     GetIPSetRequest = Shapes::StructureShape.new(name: 'GetIPSetRequest')
     GetIPSetResponse = Shapes::StructureShape.new(name: 'GetIPSetResponse')
+    GetLoggingConfigurationRequest = Shapes::StructureShape.new(name: 'GetLoggingConfigurationRequest')
+    GetLoggingConfigurationResponse = Shapes::StructureShape.new(name: 'GetLoggingConfigurationResponse')
     GetPermissionPolicyRequest = Shapes::StructureShape.new(name: 'GetPermissionPolicyRequest')
     GetPermissionPolicyResponse = Shapes::StructureShape.new(name: 'GetPermissionPolicyResponse')
     GetRateBasedRuleManagedKeysRequest = Shapes::StructureShape.new(name: 'GetRateBasedRuleManagedKeysRequest')
@@ -147,6 +151,8 @@ module Aws::WAF
     ListGeoMatchSetsResponse = Shapes::StructureShape.new(name: 'ListGeoMatchSetsResponse')
     ListIPSetsRequest = Shapes::StructureShape.new(name: 'ListIPSetsRequest')
     ListIPSetsResponse = Shapes::StructureShape.new(name: 'ListIPSetsResponse')
+    ListLoggingConfigurationsRequest = Shapes::StructureShape.new(name: 'ListLoggingConfigurationsRequest')
+    ListLoggingConfigurationsResponse = Shapes::StructureShape.new(name: 'ListLoggingConfigurationsResponse')
     ListRateBasedRulesRequest = Shapes::StructureShape.new(name: 'ListRateBasedRulesRequest')
     ListRateBasedRulesResponse = Shapes::StructureShape.new(name: 'ListRateBasedRulesResponse')
     ListRegexMatchSetsRequest = Shapes::StructureShape.new(name: 'ListRegexMatchSetsRequest')
@@ -167,6 +173,9 @@ module Aws::WAF
     ListWebACLsResponse = Shapes::StructureShape.new(name: 'ListWebACLsResponse')
     ListXssMatchSetsRequest = Shapes::StructureShape.new(name: 'ListXssMatchSetsRequest')
     ListXssMatchSetsResponse = Shapes::StructureShape.new(name: 'ListXssMatchSetsResponse')
+    LogDestinationConfigs = Shapes::ListShape.new(name: 'LogDestinationConfigs')
+    LoggingConfiguration = Shapes::StructureShape.new(name: 'LoggingConfiguration')
+    LoggingConfigurations = Shapes::ListShape.new(name: 'LoggingConfigurations')
     ManagedKey = Shapes::StringShape.new(name: 'ManagedKey')
     ManagedKeys = Shapes::ListShape.new(name: 'ManagedKeys')
     MatchFieldData = Shapes::StringShape.new(name: 'MatchFieldData')
@@ -184,11 +193,14 @@ module Aws::WAF
     Predicate = Shapes::StructureShape.new(name: 'Predicate')
     PredicateType = Shapes::StringShape.new(name: 'PredicateType')
     Predicates = Shapes::ListShape.new(name: 'Predicates')
+    PutLoggingConfigurationRequest = Shapes::StructureShape.new(name: 'PutLoggingConfigurationRequest')
+    PutLoggingConfigurationResponse = Shapes::StructureShape.new(name: 'PutLoggingConfigurationResponse')
     PutPermissionPolicyRequest = Shapes::StructureShape.new(name: 'PutPermissionPolicyRequest')
     PutPermissionPolicyResponse = Shapes::StructureShape.new(name: 'PutPermissionPolicyResponse')
     RateBasedRule = Shapes::StructureShape.new(name: 'RateBasedRule')
     RateKey = Shapes::StringShape.new(name: 'RateKey')
     RateLimit = Shapes::IntegerShape.new(name: 'RateLimit')
+    RedactedFields = Shapes::ListShape.new(name: 'RedactedFields')
     RegexMatchSet = Shapes::StructureShape.new(name: 'RegexMatchSet')
     RegexMatchSetSummaries = Shapes::ListShape.new(name: 'RegexMatchSetSummaries')
     RegexMatchSetSummary = Shapes::StructureShape.new(name: 'RegexMatchSetSummary')
@@ -456,6 +468,11 @@ module Aws::WAF
     DeleteIPSetResponse.add_member(:change_token, Shapes::ShapeRef.new(shape: ChangeToken, location_name: "ChangeToken"))
     DeleteIPSetResponse.struct_class = Types::DeleteIPSetResponse
 
+    DeleteLoggingConfigurationRequest.add_member(:resource_arn, Shapes::ShapeRef.new(shape: ResourceArn, required: true, location_name: "ResourceArn"))
+    DeleteLoggingConfigurationRequest.struct_class = Types::DeleteLoggingConfigurationRequest
+
+    DeleteLoggingConfigurationResponse.struct_class = Types::DeleteLoggingConfigurationResponse
+
     DeletePermissionPolicyRequest.add_member(:resource_arn, Shapes::ShapeRef.new(shape: ResourceArn, required: true, location_name: "ResourceArn"))
     DeletePermissionPolicyRequest.struct_class = Types::DeletePermissionPolicyRequest
 
@@ -580,6 +597,12 @@ module Aws::WAF
     GetIPSetResponse.add_member(:ip_set, Shapes::ShapeRef.new(shape: IPSet, location_name: "IPSet"))
     GetIPSetResponse.struct_class = Types::GetIPSetResponse
 
+    GetLoggingConfigurationRequest.add_member(:resource_arn, Shapes::ShapeRef.new(shape: ResourceArn, required: true, location_name: "ResourceArn"))
+    GetLoggingConfigurationRequest.struct_class = Types::GetLoggingConfigurationRequest
+
+    GetLoggingConfigurationResponse.add_member(:logging_configuration, Shapes::ShapeRef.new(shape: LoggingConfiguration, location_name: "LoggingConfiguration"))
+    GetLoggingConfigurationResponse.struct_class = Types::GetLoggingConfigurationResponse
+
     GetPermissionPolicyRequest.add_member(:resource_arn, Shapes::ShapeRef.new(shape: ResourceArn, required: true, location_name: "ResourceArn"))
     GetPermissionPolicyRequest.struct_class = Types::GetPermissionPolicyRequest
 
@@ -729,6 +752,14 @@ module Aws::WAF
     ListIPSetsResponse.add_member(:ip_sets, Shapes::ShapeRef.new(shape: IPSetSummaries, location_name: "IPSets"))
     ListIPSetsResponse.struct_class = Types::ListIPSetsResponse
 
+    ListLoggingConfigurationsRequest.add_member(:next_marker, Shapes::ShapeRef.new(shape: NextMarker, location_name: "NextMarker"))
+    ListLoggingConfigurationsRequest.add_member(:limit, Shapes::ShapeRef.new(shape: PaginationLimit, location_name: "Limit"))
+    ListLoggingConfigurationsRequest.struct_class = Types::ListLoggingConfigurationsRequest
+
+    ListLoggingConfigurationsResponse.add_member(:logging_configurations, Shapes::ShapeRef.new(shape: LoggingConfigurations, location_name: "LoggingConfigurations"))
+    ListLoggingConfigurationsResponse.add_member(:next_marker, Shapes::ShapeRef.new(shape: NextMarker, location_name: "NextMarker"))
+    ListLoggingConfigurationsResponse.struct_class = Types::ListLoggingConfigurationsResponse
+
     ListRateBasedRulesRequest.add_member(:next_marker, Shapes::ShapeRef.new(shape: NextMarker, location_name: "NextMarker"))
     ListRateBasedRulesRequest.add_member(:limit, Shapes::ShapeRef.new(shape: PaginationLimit, location_name: "Limit"))
     ListRateBasedRulesRequest.struct_class = Types::ListRateBasedRulesRequest
@@ -809,6 +840,15 @@ module Aws::WAF
     ListXssMatchSetsResponse.add_member(:xss_match_sets, Shapes::ShapeRef.new(shape: XssMatchSetSummaries, location_name: "XssMatchSets"))
     ListXssMatchSetsResponse.struct_class = Types::ListXssMatchSetsResponse
 
+    LogDestinationConfigs.member = Shapes::ShapeRef.new(shape: ResourceArn)
+
+    LoggingConfiguration.add_member(:resource_arn, Shapes::ShapeRef.new(shape: ResourceArn, required: true, location_name: "ResourceArn"))
+    LoggingConfiguration.add_member(:log_destination_configs, Shapes::ShapeRef.new(shape: LogDestinationConfigs, required: true, location_name: "LogDestinationConfigs"))
+    LoggingConfiguration.add_member(:redacted_fields, Shapes::ShapeRef.new(shape: RedactedFields, location_name: "RedactedFields"))
+    LoggingConfiguration.struct_class = Types::LoggingConfiguration
+
+    LoggingConfigurations.member = Shapes::ShapeRef.new(shape: LoggingConfiguration)
+
     ManagedKeys.member = Shapes::ShapeRef.new(shape: ManagedKey)
 
     Predicate.add_member(:negated, Shapes::ShapeRef.new(shape: Negated, required: true, location_name: "Negated"))
@@ -818,6 +858,12 @@ module Aws::WAF
 
     Predicates.member = Shapes::ShapeRef.new(shape: Predicate)
 
+    PutLoggingConfigurationRequest.add_member(:logging_configuration, Shapes::ShapeRef.new(shape: LoggingConfiguration, required: true, location_name: "LoggingConfiguration"))
+    PutLoggingConfigurationRequest.struct_class = Types::PutLoggingConfigurationRequest
+
+    PutLoggingConfigurationResponse.add_member(:logging_configuration, Shapes::ShapeRef.new(shape: LoggingConfiguration, location_name: "LoggingConfiguration"))
+    PutLoggingConfigurationResponse.struct_class = Types::PutLoggingConfigurationResponse
+
     PutPermissionPolicyRequest.add_member(:resource_arn, Shapes::ShapeRef.new(shape: ResourceArn, required: true, location_name: "ResourceArn"))
     PutPermissionPolicyRequest.add_member(:policy, Shapes::ShapeRef.new(shape: PolicyString, required: true, location_name: "Policy"))
     PutPermissionPolicyRequest.struct_class = Types::PutPermissionPolicyRequest
@@ -832,6 +878,8 @@ module Aws::WAF
     RateBasedRule.add_member(:rate_limit, Shapes::ShapeRef.new(shape: RateLimit, required: true, location_name: "RateLimit"))
     RateBasedRule.struct_class = Types::RateBasedRule
 
+    RedactedFields.member = Shapes::ShapeRef.new(shape: FieldToMatch)
+
     RegexMatchSet.add_member(:regex_match_set_id, Shapes::ShapeRef.new(shape: ResourceId, location_name: "RegexMatchSetId"))
     RegexMatchSet.add_member(:name, Shapes::ShapeRef.new(shape: ResourceName, location_name: "Name"))
     RegexMatchSet.add_member(:regex_match_tuples, Shapes::ShapeRef.new(shape: RegexMatchTuples, location_name: "RegexMatchTuples"))
@@ -1341,6 +1389,17 @@ module Aws::WAF
         o.errors << Shapes::ShapeRef.new(shape: WAFNonEmptyEntityException)
       end)
 
+      api.add_operation(:delete_logging_configuration, Seahorse::Model::Operation.new.tap do |o|
+        o.name = "DeleteLoggingConfiguration"
+        o.http_method = "POST"
+        o.http_request_uri = "/"
+        o.input = Shapes::ShapeRef.new(shape: DeleteLoggingConfigurationRequest)
+        o.output = Shapes::ShapeRef.new(shape: DeleteLoggingConfigurationResponse)
+        o.errors << Shapes::ShapeRef.new(shape: WAFInternalErrorException)
+        o.errors << Shapes::ShapeRef.new(shape: WAFNonexistentItemException)
+        o.errors << Shapes::ShapeRef.new(shape: WAFStaleDataException)
+      end)
+
       api.add_operation(:delete_permission_policy, Seahorse::Model::Operation.new.tap do |o|
         o.name = "DeletePermissionPolicy"
         o.http_method = "POST"
@@ -1419,6 +1478,7 @@ module Aws::WAF
         o.errors << Shapes::ShapeRef.new(shape: WAFNonexistentItemException)
         o.errors << Shapes::ShapeRef.new(shape: WAFReferencedItemException)
         o.errors << Shapes::ShapeRef.new(shape: WAFNonEmptyEntityException)
+        o.errors << Shapes::ShapeRef.new(shape: WAFInvalidOperationException)
       end)
 
       api.add_operation(:delete_size_constraint_set, Seahorse::Model::Operation.new.tap do |o|
@@ -1529,6 +1589,16 @@ module Aws::WAF
         o.errors << Shapes::ShapeRef.new(shape: WAFNonexistentItemException)
       end)
 
+      api.add_operation(:get_logging_configuration, Seahorse::Model::Operation.new.tap do |o|
+        o.name = "GetLoggingConfiguration"
+        o.http_method = "POST"
+        o.http_request_uri = "/"
+        o.input = Shapes::ShapeRef.new(shape: GetLoggingConfigurationRequest)
+        o.output = Shapes::ShapeRef.new(shape: GetLoggingConfigurationResponse)
+        o.errors << Shapes::ShapeRef.new(shape: WAFInternalErrorException)
+        o.errors << Shapes::ShapeRef.new(shape: WAFNonexistentItemException)
+      end)
+
       api.add_operation(:get_permission_policy, Seahorse::Model::Operation.new.tap do |o|
         o.name = "GetPermissionPolicy"
         o.http_method = "POST"
@@ -1700,6 +1770,17 @@ module Aws::WAF
         o.errors << Shapes::ShapeRef.new(shape: WAFInvalidAccountException)
       end)
 
+      api.add_operation(:list_logging_configurations, Seahorse::Model::Operation.new.tap do |o|
+        o.name = "ListLoggingConfigurations"
+        o.http_method = "POST"
+        o.http_request_uri = "/"
+        o.input = Shapes::ShapeRef.new(shape: ListLoggingConfigurationsRequest)
+        o.output = Shapes::ShapeRef.new(shape: ListLoggingConfigurationsResponse)
+        o.errors << Shapes::ShapeRef.new(shape: WAFInternalErrorException)
+        o.errors << Shapes::ShapeRef.new(shape: WAFNonexistentItemException)
+        o.errors << Shapes::ShapeRef.new(shape: WAFInvalidParameterException)
+      end)
+
       api.add_operation(:list_rate_based_rules, Seahorse::Model::Operation.new.tap do |o|
         o.name = "ListRateBasedRules"
         o.http_method = "POST"
@@ -1799,6 +1880,17 @@ module Aws::WAF
         o.errors << Shapes::ShapeRef.new(shape: WAFInvalidAccountException)
       end)
 
+      api.add_operation(:put_logging_configuration, Seahorse::Model::Operation.new.tap do |o|
+        o.name = "PutLoggingConfiguration"
+        o.http_method = "POST"
+        o.http_request_uri = "/"
+        o.input = Shapes::ShapeRef.new(shape: PutLoggingConfigurationRequest)
+        o.output = Shapes::ShapeRef.new(shape: PutLoggingConfigurationResponse)
+        o.errors << Shapes::ShapeRef.new(shape: WAFInternalErrorException)
+        o.errors << Shapes::ShapeRef.new(shape: WAFNonexistentItemException)
+        o.errors << Shapes::ShapeRef.new(shape: WAFStaleDataException)
+      end)
+
       api.add_operation(:put_permission_policy, Seahorse::Model::Operation.new.tap do |o|
         o.name = "PutPermissionPolicy"
         o.http_method = "POST"

data/lib/aws-sdk-waf/types.rb

@@ -191,7 +191,7 @@ module Aws::WAF
     #         action: "INSERT", # required, accepts INSERT, DELETE
     #         byte_match_tuple: { # required
     #           field_to_match: { # required
-    #             type: "URI", # required, accepts URI, QUERY_STRING, HEADER, METHOD, BODY
+    #             type: "URI", # required, accepts URI, QUERY_STRING, HEADER, METHOD, BODY, SINGLE_QUERY_ARG, ALL_QUERY_ARGS
     #             data: "MatchFieldData",
     #           },
     #           target_string: "data", # required
@@ -229,7 +229,7 @@ module Aws::WAF
     #
     #       {
     #         field_to_match: { # required
-    #           type: "URI", # required, accepts URI, QUERY_STRING, HEADER, METHOD, BODY
+    #           type: "URI", # required, accepts URI, QUERY_STRING, HEADER, METHOD, BODY, SINGLE_QUERY_ARG, ALL_QUERY_ARGS
     #           data: "MatchFieldData",
     #         },
     #         target_string: "data", # required
@@ -277,6 +277,15 @@ module Aws::WAF
     #     size constraint set. For more information, see
     #     CreateSizeConstraintSet.
     #
+    #   * `SINGLE_QUERY_ARG`\: The parameter in the query string that you
+    #     will inspect, such as *UserName* or *SalesRegion*. The maximum
+    #     length for `SINGLE_QUERY_ARG` is 30 characters.
+    #
+    #   * `ALL_QUERY_ARGS`\: Similar to `SINGLE_QUERY_ARG`, but instead of
+    #     inspecting a single parameter, AWS WAF inspects all parameters
+    #     within the query string for the value or regex pattern that you
+    #     specify in `TargetString`.
+    #
     #   If `TargetString` includes alphabetic characters A-Z and a-z, note
     #   that the value is case sensitive.
     #
@@ -303,10 +312,12 @@ module Aws::WAF
     #   specify a transformation, AWS WAF performs the transformation on
     #   `TargetString` before inspecting a request for a match.
     #
+    #   You can only specify a single type of TextTransformation.
+    #
     #   **CMD\_LINE**
     #
     #   When you're concerned that attackers are injecting an operating
-    #   system commandline command and using unusual formatting to disguise
+    #   system command line command and using unusual formatting to disguise
     #   some or all of the command, use this option to perform the following
     #   transformations:
     #
@@ -1147,6 +1158,29 @@ module Aws::WAF
       include Aws::Structure
     end
 
+    # @note When making an API call, you may pass DeleteLoggingConfigurationRequest
+    #   data as a hash:
+    #
+    #       {
+    #         resource_arn: "ResourceArn", # required
+    #       }
+    #
+    # @!attribute [rw] resource_arn
+    #   The Amazon Resource Name (ARN) of the web ACL from which you want to
+    #   delete the LoggingConfiguration.
+    #   @return [String]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/waf-2015-08-24/DeleteLoggingConfigurationRequest AWS API Documentation
+    #
+    class DeleteLoggingConfigurationRequest < Struct.new(
+      :resource_arn)
+      include Aws::Structure
+    end
+
+    # @see http://docs.aws.amazon.com/goto/WebAPI/waf-2015-08-24/DeleteLoggingConfigurationResponse AWS API Documentation
+    #
+    class DeleteLoggingConfigurationResponse < Aws::EmptyStructure; end
+
     # @note When making an API call, you may pass DeletePermissionPolicyRequest
     #   data as a hash:
     #
@@ -1537,7 +1571,7 @@ module Aws::WAF
     #   data as a hash:
     #
     #       {
-    #         type: "URI", # required, accepts URI, QUERY_STRING, HEADER, METHOD, BODY
+    #         type: "URI", # required, accepts URI, QUERY_STRING, HEADER, METHOD, BODY, SINGLE_QUERY_ARG, ALL_QUERY_ARGS
     #         data: "MatchFieldData",
     #       }
     #
@@ -1569,14 +1603,28 @@ module Aws::WAF
     #     block requests based on the length of the body, you can create a
     #     size constraint set. For more information, see
     #     CreateSizeConstraintSet.
+    #
+    #   * `SINGLE_QUERY_ARG`\: The parameter in the query string that you
+    #     will inspect, such as *UserName* or *SalesRegion*. The maximum
+    #     length for `SINGLE_QUERY_ARG` is 30 characters.
+    #
+    #   * `ALL_QUERY_ARGS`\: Similar to `SINGLE_QUERY_ARG`, but rather than
+    #     inspecting a single parameter, AWS WAF will inspect all parameters
+    #     within the query for the value or regex pattern that you specify
+    #     in `TargetString`.
     #   @return [String]
     #
     # @!attribute [rw] data
     #   When the value of `Type` is `HEADER`, enter the name of the header
     #   that you want AWS WAF to search, for example, `User-Agent` or
-    #   `Referer`. If the value of `Type` is any other value, omit `Data`.
+    #   `Referer`. The name of the header is not case sensitive.
+    #
+    #   When the value of `Type` is `SINGLE_QUERY_ARG`, enter the name of
+    #   the parameter that you want AWS WAF to search, for example,
+    #   `UserName` or `SalesRegion`. The parameter name is not case
+    #   sensitive.
     #
-    #   The name of the header is not case sensitive.
+    #   If the value of `Type` is any other value, omit `Data`.
     #   @return [String]
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/waf-2015-08-24/FieldToMatch AWS API Documentation
@@ -1861,6 +1909,36 @@ module Aws::WAF
       include Aws::Structure
     end
 
+    # @note When making an API call, you may pass GetLoggingConfigurationRequest
+    #   data as a hash:
+    #
+    #       {
+    #         resource_arn: "ResourceArn", # required
+    #       }
+    #
+    # @!attribute [rw] resource_arn
+    #   The Amazon Resource Name (ARN) of the web ACL for which you want to
+    #   get the LoggingConfiguration.
+    #   @return [String]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/waf-2015-08-24/GetLoggingConfigurationRequest AWS API Documentation
+    #
+    class GetLoggingConfigurationRequest < Struct.new(
+      :resource_arn)
+      include Aws::Structure
+    end
+
+    # @!attribute [rw] logging_configuration
+    #   The LoggingConfiguration for the specified web ACL.
+    #   @return [Types::LoggingConfiguration]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/waf-2015-08-24/GetLoggingConfigurationResponse AWS API Documentation
+    #
+    class GetLoggingConfigurationResponse < Struct.new(
+      :logging_configuration)
+      include Aws::Structure
+    end
+
     # @note When making an API call, you may pass GetPermissionPolicyRequest
     #   data as a hash:
     #
@@ -2444,14 +2522,15 @@ module Aws::WAF
 
     # Contains one or more IP addresses or blocks of IP addresses specified
     # in Classless Inter-Domain Routing (CIDR) notation. AWS WAF supports
-    # /8, /16, /24, and /32 IP address ranges for IPv4, and /24, /32, /48,
-    # /56, /64 and /128 for IPv6.
+    # IPv4 address ranges: /8 and any range between /16 through /32. AWS WAF
+    # supports IPv6 address ranges: /16, /24, /32, /48, /56, /64, and /128.
     #
     # To specify an individual IP address, you specify the four-part IP
     # address followed by a `/32`, for example, 192.0.2.0/31. To block a
-    # range of IP addresses, you can specify a `/128`, `/64`, `/56`, `/48`,
-    # `/32`, `/24`, `/16`, or `/8` CIDR. For more information about CIDR
-    # notation, see the Wikipedia entry [Classless Inter-Domain Routing][1].
+    # range of IP addresses, you can specify /8 or any range between /16
+    # through /32 (for IPv4) or /16, /24, /32, /48, /56, /64, or /128 (for
+    # IPv6). For more information about CIDR notation, see the Wikipedia
+    # entry [Classless Inter-Domain Routing][1].
     #
     #
     #
@@ -2817,6 +2896,61 @@ module Aws::WAF
       include Aws::Structure
     end
 
+    # @note When making an API call, you may pass ListLoggingConfigurationsRequest
+    #   data as a hash:
+    #
+    #       {
+    #         next_marker: "NextMarker",
+    #         limit: 1,
+    #       }
+    #
+    # @!attribute [rw] next_marker
+    #   If you specify a value for `Limit` and you have more
+    #   `LoggingConfigurations` than the value of `Limit`, AWS WAF returns a
+    #   `NextMarker` value in the response that allows you to list another
+    #   group of `LoggingConfigurations`. For the second and subsequent
+    #   `ListLoggingConfigurations` requests, specify the value of
+    #   `NextMarker` from the previous response to get information about
+    #   another batch of `ListLoggingConfigurations`.
+    #   @return [String]
+    #
+    # @!attribute [rw] limit
+    #   Specifies the number of `LoggingConfigurations` that you want AWS
+    #   WAF to return for this request. If you have more
+    #   `LoggingConfigurations` than the number that you specify for
+    #   `Limit`, the response includes a `NextMarker` value that you can use
+    #   to get another batch of `LoggingConfigurations`.
+    #   @return [Integer]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/waf-2015-08-24/ListLoggingConfigurationsRequest AWS API Documentation
+    #
+    class ListLoggingConfigurationsRequest < Struct.new(
+      :next_marker,
+      :limit)
+      include Aws::Structure
+    end
+
+    # @!attribute [rw] logging_configurations
+    #   An array of LoggingConfiguration objects.
+    #   @return [Array<Types::LoggingConfiguration>]
+    #
+    # @!attribute [rw] next_marker
+    #   If you have more `LoggingConfigurations` than the number that you
+    #   specified for `Limit` in the request, the response includes a
+    #   `NextMarker` value. To list more `LoggingConfigurations`, submit
+    #   another `ListLoggingConfigurations` request, and specify the
+    #   `NextMarker` value from the response in the `NextMarker` value in
+    #   the next request.
+    #   @return [String]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/waf-2015-08-24/ListLoggingConfigurationsResponse AWS API Documentation
+    #
+    class ListLoggingConfigurationsResponse < Struct.new(
+      :logging_configurations,
+      :next_marker)
+      include Aws::Structure
+    end
+
     # @note When making an API call, you may pass ListRateBasedRulesRequest
     #   data as a hash:
     #
@@ -3363,6 +3497,47 @@ module Aws::WAF
       include Aws::Structure
     end
 
+    # The Amazon Kinesis Data Firehose delivery streams, `RedactedFields`
+    # information, and the web ACL Amazon Resource Name (ARN).
+    #
+    # @note When making an API call, you may pass LoggingConfiguration
+    #   data as a hash:
+    #
+    #       {
+    #         resource_arn: "ResourceArn", # required
+    #         log_destination_configs: ["ResourceArn"], # required
+    #         redacted_fields: [
+    #           {
+    #             type: "URI", # required, accepts URI, QUERY_STRING, HEADER, METHOD, BODY, SINGLE_QUERY_ARG, ALL_QUERY_ARGS
+    #             data: "MatchFieldData",
+    #           },
+    #         ],
+    #       }
+    #
+    # @!attribute [rw] resource_arn
+    #   The Amazon Resource Name (ARN) of the web ACL that you want to
+    #   associate with `LogDestinationConfigs`.
+    #   @return [String]
+    #
+    # @!attribute [rw] log_destination_configs
+    #   An array of Amazon Kinesis Data Firehose delivery stream ARNs.
+    #   @return [Array<String>]
+    #
+    # @!attribute [rw] redacted_fields
+    #   The parts of the request that you want redacted from the logs. For
+    #   example, if you redact the cookie field, the cookie field in the
+    #   delivery stream will be `xxx`.
+    #   @return [Array<Types::FieldToMatch>]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/waf-2015-08-24/LoggingConfiguration AWS API Documentation
+    #
+    class LoggingConfiguration < Struct.new(
+      :resource_arn,
+      :log_destination_configs,
+      :redacted_fields)
+      include Aws::Structure
+    end
+
     # Specifies the ByteMatchSet, IPSet, SqlInjectionMatchSet, XssMatchSet,
     # RegexMatchSet, GeoMatchSet, and SizeConstraintSet objects that you
     # want to add to a `Rule` and, for each object, indicates whether you
@@ -3395,8 +3570,7 @@ module Aws::WAF
     #   @return [Boolean]
     #
     # @!attribute [rw] type
-    #   The type of predicate in a `Rule`, such as `ByteMatchSet` or
-    #   `IPSet`.
+    #   The type of predicate in a `Rule`, such as `ByteMatch` or `IPSet`.
     #   @return [String]
     #
     # @!attribute [rw] data_id
@@ -3414,6 +3588,46 @@ module Aws::WAF
       include Aws::Structure
     end
 
+    # @note When making an API call, you may pass PutLoggingConfigurationRequest
+    #   data as a hash:
+    #
+    #       {
+    #         logging_configuration: { # required
+    #           resource_arn: "ResourceArn", # required
+    #           log_destination_configs: ["ResourceArn"], # required
+    #           redacted_fields: [
+    #             {
+    #               type: "URI", # required, accepts URI, QUERY_STRING, HEADER, METHOD, BODY, SINGLE_QUERY_ARG, ALL_QUERY_ARGS
+    #               data: "MatchFieldData",
+    #             },
+    #           ],
+    #         },
+    #       }
+    #
+    # @!attribute [rw] logging_configuration
+    #   The Amazon Kinesis Data Firehose delivery streams that contains the
+    #   inspected traffic information, the redacted fields details, and the
+    #   Amazon Resource Name (ARN) of the web ACL to monitor.
+    #   @return [Types::LoggingConfiguration]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/waf-2015-08-24/PutLoggingConfigurationRequest AWS API Documentation
+    #
+    class PutLoggingConfigurationRequest < Struct.new(
+      :logging_configuration)
+      include Aws::Structure
+    end
+
+    # @!attribute [rw] logging_configuration
+    #   The LoggingConfiguration that you submitted in the request.
+    #   @return [Types::LoggingConfiguration]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/waf-2015-08-24/PutLoggingConfigurationResponse AWS API Documentation
+    #
+    class PutLoggingConfigurationResponse < Struct.new(
+      :logging_configuration)
+      include Aws::Structure
+    end
+
     # @note When making an API call, you may pass PutPermissionPolicyRequest
     #   data as a hash:
     #
@@ -3603,7 +3817,7 @@ module Aws::WAF
     #         action: "INSERT", # required, accepts INSERT, DELETE
     #         regex_match_tuple: { # required
     #           field_to_match: { # required
-    #             type: "URI", # required, accepts URI, QUERY_STRING, HEADER, METHOD, BODY
+    #             type: "URI", # required, accepts URI, QUERY_STRING, HEADER, METHOD, BODY, SINGLE_QUERY_ARG, ALL_QUERY_ARGS
     #             data: "MatchFieldData",
     #           },
     #           text_transformation: "NONE", # required, accepts NONE, COMPRESS_WHITE_SPACE, HTML_ENTITY_DECODE, LOWERCASE, CMD_LINE, URL_DECODE
@@ -3651,7 +3865,7 @@ module Aws::WAF
     #
     #       {
     #         field_to_match: { # required
-    #           type: "URI", # required, accepts URI, QUERY_STRING, HEADER, METHOD, BODY
+    #           type: "URI", # required, accepts URI, QUERY_STRING, HEADER, METHOD, BODY, SINGLE_QUERY_ARG, ALL_QUERY_ARGS
     #           data: "MatchFieldData",
     #         },
     #         text_transformation: "NONE", # required, accepts NONE, COMPRESS_WHITE_SPACE, HTML_ENTITY_DECODE, LOWERCASE, CMD_LINE, URL_DECODE
@@ -3668,6 +3882,8 @@ module Aws::WAF
     #   specify a transformation, AWS WAF performs the transformation on
     #   `RegexPatternSet` before inspecting a request for a match.
     #
+    #   You can only specify a single type of TextTransformation.
+    #
     #   **CMD\_LINE**
     #
     #   When you're concerned that attackers are injecting an operating
@@ -4125,7 +4341,7 @@ module Aws::WAF
     #
     #       {
     #         field_to_match: { # required
-    #           type: "URI", # required, accepts URI, QUERY_STRING, HEADER, METHOD, BODY
+    #           type: "URI", # required, accepts URI, QUERY_STRING, HEADER, METHOD, BODY, SINGLE_QUERY_ARG, ALL_QUERY_ARGS
     #           data: "MatchFieldData",
     #         },
     #         text_transformation: "NONE", # required, accepts NONE, COMPRESS_WHITE_SPACE, HTML_ENTITY_DECODE, LOWERCASE, CMD_LINE, URL_DECODE
@@ -4143,6 +4359,8 @@ module Aws::WAF
     #   specify a transformation, AWS WAF performs the transformation on
     #   `FieldToMatch` before inspecting a request for a match.
     #
+    #   You can only specify a single type of TextTransformation.
+    #
     #   Note that if you choose `BODY` for the value of `Type`, you must
     #   choose `NONE` for `TextTransformation` because CloudFront forwards
     #   only the first 8192 bytes for inspection.
@@ -4341,7 +4559,7 @@ module Aws::WAF
     #         action: "INSERT", # required, accepts INSERT, DELETE
     #         size_constraint: { # required
     #           field_to_match: { # required
-    #             type: "URI", # required, accepts URI, QUERY_STRING, HEADER, METHOD, BODY
+    #             type: "URI", # required, accepts URI, QUERY_STRING, HEADER, METHOD, BODY, SINGLE_QUERY_ARG, ALL_QUERY_ARGS
     #             data: "MatchFieldData",
     #           },
     #           text_transformation: "NONE", # required, accepts NONE, COMPRESS_WHITE_SPACE, HTML_ENTITY_DECODE, LOWERCASE, CMD_LINE, URL_DECODE
@@ -4450,7 +4668,7 @@ module Aws::WAF
     #         action: "INSERT", # required, accepts INSERT, DELETE
     #         sql_injection_match_tuple: { # required
     #           field_to_match: { # required
-    #             type: "URI", # required, accepts URI, QUERY_STRING, HEADER, METHOD, BODY
+    #             type: "URI", # required, accepts URI, QUERY_STRING, HEADER, METHOD, BODY, SINGLE_QUERY_ARG, ALL_QUERY_ARGS
     #             data: "MatchFieldData",
     #           },
     #           text_transformation: "NONE", # required, accepts NONE, COMPRESS_WHITE_SPACE, HTML_ENTITY_DECODE, LOWERCASE, CMD_LINE, URL_DECODE
@@ -4486,7 +4704,7 @@ module Aws::WAF
     #
     #       {
     #         field_to_match: { # required
-    #           type: "URI", # required, accepts URI, QUERY_STRING, HEADER, METHOD, BODY
+    #           type: "URI", # required, accepts URI, QUERY_STRING, HEADER, METHOD, BODY, SINGLE_QUERY_ARG, ALL_QUERY_ARGS
     #           data: "MatchFieldData",
     #         },
     #         text_transformation: "NONE", # required, accepts NONE, COMPRESS_WHITE_SPACE, HTML_ENTITY_DECODE, LOWERCASE, CMD_LINE, URL_DECODE
@@ -4503,10 +4721,12 @@ module Aws::WAF
     #   specify a transformation, AWS WAF performs the transformation on
     #   `FieldToMatch` before inspecting a request for a match.
     #
+    #   You can only specify a single type of TextTransformation.
+    #
     #   **CMD\_LINE**
     #
     #   When you're concerned that attackers are injecting an operating
-    #   system commandline command and using unusual formatting to disguise
+    #   system command line command and using unusual formatting to disguise
     #   some or all of the command, use this option to perform the following
     #   transformations:
     #
@@ -4664,7 +4884,7 @@ module Aws::WAF
     #             action: "INSERT", # required, accepts INSERT, DELETE
     #             byte_match_tuple: { # required
     #               field_to_match: { # required
-    #                 type: "URI", # required, accepts URI, QUERY_STRING, HEADER, METHOD, BODY
+    #                 type: "URI", # required, accepts URI, QUERY_STRING, HEADER, METHOD, BODY, SINGLE_QUERY_ARG, ALL_QUERY_ARGS
     #                 data: "MatchFieldData",
     #               },
     #               target_string: "data", # required
@@ -4817,6 +5037,8 @@ module Aws::WAF
     #   * IPSetUpdate: Contains `Action` and `IPSetDescriptor`
     #
     #   * IPSetDescriptor: Contains `Type` and `Value`
+    #
+    #   You can insert a maximum of 1000 addresses in a single request.
     #   @return [Array<Types::IPSetUpdate>]
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/waf-2015-08-24/UpdateIPSetRequest AWS API Documentation
@@ -4916,7 +5138,7 @@ module Aws::WAF
     #             action: "INSERT", # required, accepts INSERT, DELETE
     #             regex_match_tuple: { # required
     #               field_to_match: { # required
-    #                 type: "URI", # required, accepts URI, QUERY_STRING, HEADER, METHOD, BODY
+    #                 type: "URI", # required, accepts URI, QUERY_STRING, HEADER, METHOD, BODY, SINGLE_QUERY_ARG, ALL_QUERY_ARGS
     #                 data: "MatchFieldData",
     #               },
     #               text_transformation: "NONE", # required, accepts NONE, COMPRESS_WHITE_SPACE, HTML_ENTITY_DECODE, LOWERCASE, CMD_LINE, URL_DECODE
@@ -5157,7 +5379,7 @@ module Aws::WAF
     #             action: "INSERT", # required, accepts INSERT, DELETE
     #             size_constraint: { # required
     #               field_to_match: { # required
-    #                 type: "URI", # required, accepts URI, QUERY_STRING, HEADER, METHOD, BODY
+    #                 type: "URI", # required, accepts URI, QUERY_STRING, HEADER, METHOD, BODY, SINGLE_QUERY_ARG, ALL_QUERY_ARGS
     #                 data: "MatchFieldData",
     #               },
     #               text_transformation: "NONE", # required, accepts NONE, COMPRESS_WHITE_SPACE, HTML_ENTITY_DECODE, LOWERCASE, CMD_LINE, URL_DECODE
@@ -5227,7 +5449,7 @@ module Aws::WAF
     #             action: "INSERT", # required, accepts INSERT, DELETE
     #             sql_injection_match_tuple: { # required
     #               field_to_match: { # required
-    #                 type: "URI", # required, accepts URI, QUERY_STRING, HEADER, METHOD, BODY
+    #                 type: "URI", # required, accepts URI, QUERY_STRING, HEADER, METHOD, BODY, SINGLE_QUERY_ARG, ALL_QUERY_ARGS
     #                 data: "MatchFieldData",
     #               },
     #               text_transformation: "NONE", # required, accepts NONE, COMPRESS_WHITE_SPACE, HTML_ENTITY_DECODE, LOWERCASE, CMD_LINE, URL_DECODE
@@ -5382,7 +5604,7 @@ module Aws::WAF
     #             action: "INSERT", # required, accepts INSERT, DELETE
     #             xss_match_tuple: { # required
     #               field_to_match: { # required
-    #                 type: "URI", # required, accepts URI, QUERY_STRING, HEADER, METHOD, BODY
+    #                 type: "URI", # required, accepts URI, QUERY_STRING, HEADER, METHOD, BODY, SINGLE_QUERY_ARG, ALL_QUERY_ARGS
     #                 data: "MatchFieldData",
     #               },
     #               text_transformation: "NONE", # required, accepts NONE, COMPRESS_WHITE_SPACE, HTML_ENTITY_DECODE, LOWERCASE, CMD_LINE, URL_DECODE
@@ -5687,7 +5909,7 @@ module Aws::WAF
     #         action: "INSERT", # required, accepts INSERT, DELETE
     #         xss_match_tuple: { # required
     #           field_to_match: { # required
-    #             type: "URI", # required, accepts URI, QUERY_STRING, HEADER, METHOD, BODY
+    #             type: "URI", # required, accepts URI, QUERY_STRING, HEADER, METHOD, BODY, SINGLE_QUERY_ARG, ALL_QUERY_ARGS
     #             data: "MatchFieldData",
     #           },
     #           text_transformation: "NONE", # required, accepts NONE, COMPRESS_WHITE_SPACE, HTML_ENTITY_DECODE, LOWERCASE, CMD_LINE, URL_DECODE
@@ -5722,7 +5944,7 @@ module Aws::WAF
     #
     #       {
     #         field_to_match: { # required
-    #           type: "URI", # required, accepts URI, QUERY_STRING, HEADER, METHOD, BODY
+    #           type: "URI", # required, accepts URI, QUERY_STRING, HEADER, METHOD, BODY, SINGLE_QUERY_ARG, ALL_QUERY_ARGS
     #           data: "MatchFieldData",
     #         },
     #         text_transformation: "NONE", # required, accepts NONE, COMPRESS_WHITE_SPACE, HTML_ENTITY_DECODE, LOWERCASE, CMD_LINE, URL_DECODE
@@ -5739,10 +5961,12 @@ module Aws::WAF
     #   specify a transformation, AWS WAF performs the transformation on
     #   `FieldToMatch` before inspecting a request for a match.
     #
+    #   You can only specify a single type of TextTransformation.
+    #
     #   **CMD\_LINE**
     #
     #   When you're concerned that attackers are injecting an operating
-    #   system commandline command and using unusual formatting to disguise
+    #   system command line command and using unusual formatting to disguise
     #   some or all of the command, use this option to perform the following
     #   transformations:
     #

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: aws-sdk-waf
 version: !ruby/object:Gem::Version
-  version: 1.5.0
+  version: 1.6.0
 platform: ruby
 authors:
 - Amazon Web Services
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2018-06-26 00:00:00.000000000 Z
+date: 2018-08-31 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: aws-sdk-core