aws-sdk-waf 1.0.0.rc1

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml ADDED
@@ -0,0 +1,7 @@
1
+ ---
2
+ SHA1:
3
+ metadata.gz: 076cc5edce8a83211ff83fd7f51134fee59095e7
4
+ data.tar.gz: 8920c018fd2074393f5cda683868b20035d39729
5
+ SHA512:
6
+ metadata.gz: 47c8054e08d5a065eacac2eba211b261533e7fbbe278d7a688a23f6caeb3b9f0ed4d901956ff011a17561221713c47506a4973f45dc9ef84efab35450457aaf9
7
+ data.tar.gz: 15bf14a790ffe0589fcf0019545418e678981dd9879e7062e94c74bbfd18614f75889715130063f95b06f6b8dc56236a6e1c28545f5cbd810370abeaf2b2fef7
@@ -0,0 +1,47 @@
1
+ # WARNING ABOUT GENERATED CODE
2
+ #
3
+ # This file is generated. See the contributing for info on making contributions:
4
+ # https://github.com/aws/aws-sdk-ruby/blob/master/CONTRIBUTING.md
5
+ #
6
+ # WARNING ABOUT GENERATED CODE
7
+
8
+ require 'aws-sdk-core'
9
+ require 'aws-sigv4'
10
+
11
+ require_relative 'aws-sdk-waf/types'
12
+ require_relative 'aws-sdk-waf/client_api'
13
+ require_relative 'aws-sdk-waf/client'
14
+ require_relative 'aws-sdk-waf/errors'
15
+ require_relative 'aws-sdk-waf/resource'
16
+ require_relative 'aws-sdk-waf/customizations'
17
+
18
+ # This module provides support for AWS WAF. This module is available in the
19
+ # `aws-sdk-waf` gem.
20
+ #
21
+ # # Client
22
+ #
23
+ # The {Client} class provides one method for each API operation. Operation
24
+ # methods each accept a hash of request parameters and return a response
25
+ # structure.
26
+ #
27
+ # See {Client} for more information.
28
+ #
29
+ # # Errors
30
+ #
31
+ # Errors returned from AWS WAF all
32
+ # extend {Errors::ServiceError}.
33
+ #
34
+ # begin
35
+ # # do stuff
36
+ # rescue Aws::WAF::Errors::ServiceError
37
+ # # rescues all service API errors
38
+ # end
39
+ #
40
+ # See {Errors} for more information.
41
+ #
42
+ # @service
43
+ module Aws::WAF
44
+
45
+ GEM_VERSION = '1.0.0.rc1'
46
+
47
+ end
@@ -0,0 +1,2168 @@
1
+ # WARNING ABOUT GENERATED CODE
2
+ #
3
+ # This file is generated. See the contributing for info on making contributions:
4
+ # https://github.com/aws/aws-sdk-ruby/blob/master/CONTRIBUTING.md
5
+ #
6
+ # WARNING ABOUT GENERATED CODE
7
+
8
+ require 'seahorse/client/plugins/content_length.rb'
9
+ require 'aws-sdk-core/plugins/credentials_configuration.rb'
10
+ require 'aws-sdk-core/plugins/logging.rb'
11
+ require 'aws-sdk-core/plugins/param_converter.rb'
12
+ require 'aws-sdk-core/plugins/param_validator.rb'
13
+ require 'aws-sdk-core/plugins/user_agent.rb'
14
+ require 'aws-sdk-core/plugins/helpful_socket_errors.rb'
15
+ require 'aws-sdk-core/plugins/retry_errors.rb'
16
+ require 'aws-sdk-core/plugins/global_configuration.rb'
17
+ require 'aws-sdk-core/plugins/regional_endpoint.rb'
18
+ require 'aws-sdk-core/plugins/response_paging.rb'
19
+ require 'aws-sdk-core/plugins/stub_responses.rb'
20
+ require 'aws-sdk-core/plugins/idempotency_token.rb'
21
+ require 'aws-sdk-core/plugins/signature_v4.rb'
22
+ require 'aws-sdk-core/plugins/protocols/json_rpc.rb'
23
+
24
+ Aws::Plugins::GlobalConfiguration.add_identifier(:waf)
25
+
26
+ module Aws
27
+ module WAF
28
+ class Client < Seahorse::Client::Base
29
+
30
+ include Aws::ClientStubs
31
+
32
+ @identifier = :waf
33
+
34
+ set_api(ClientApi::API)
35
+
36
+ add_plugin(Seahorse::Client::Plugins::ContentLength)
37
+ add_plugin(Aws::Plugins::CredentialsConfiguration)
38
+ add_plugin(Aws::Plugins::Logging)
39
+ add_plugin(Aws::Plugins::ParamConverter)
40
+ add_plugin(Aws::Plugins::ParamValidator)
41
+ add_plugin(Aws::Plugins::UserAgent)
42
+ add_plugin(Aws::Plugins::HelpfulSocketErrors)
43
+ add_plugin(Aws::Plugins::RetryErrors)
44
+ add_plugin(Aws::Plugins::GlobalConfiguration)
45
+ add_plugin(Aws::Plugins::RegionalEndpoint)
46
+ add_plugin(Aws::Plugins::ResponsePaging)
47
+ add_plugin(Aws::Plugins::StubResponses)
48
+ add_plugin(Aws::Plugins::IdempotencyToken)
49
+ add_plugin(Aws::Plugins::SignatureV4)
50
+ add_plugin(Aws::Plugins::Protocols::JsonRpc)
51
+
52
+ # @option options [required, Aws::CredentialProvider] :credentials
53
+ # Your AWS credentials. This can be an instance of any one of the
54
+ # following classes:
55
+ #
56
+ # * `Aws::Credentials` - Used for configuring static, non-refreshing
57
+ # credentials.
58
+ #
59
+ # * `Aws::InstanceProfileCredentials` - Used for loading credentials
60
+ # from an EC2 IMDS on an EC2 instance.
61
+ #
62
+ # * `Aws::SharedCredentials` - Used for loading credentials from a
63
+ # shared file, such as `~/.aws/config`.
64
+ #
65
+ # * `Aws::AssumeRoleCredentials` - Used when you need to assume a role.
66
+ #
67
+ # When `:credentials` are not configured directly, the following
68
+ # locations will be searched for credentials:
69
+ #
70
+ # * `Aws.config[:credentials]`
71
+ # * The `:access_key_id`, `:secret_access_key`, and `:session_token` options.
72
+ # * ENV['AWS_ACCESS_KEY_ID'], ENV['AWS_SECRET_ACCESS_KEY']
73
+ # * `~/.aws/credentials`
74
+ # * `~/.aws/config`
75
+ # * EC2 IMDS instance profile - When used by default, the timeouts are
76
+ # very aggressive. Construct and pass an instance of
77
+ # `Aws::InstanceProfileCredentails` to enable retries and extended
78
+ # timeouts.
79
+ # @option options [required, String] :region
80
+ # The AWS region to connect to. The configured `:region` is
81
+ # used to determine the service `:endpoint`. When not passed,
82
+ # a default `:region` is search for in the following locations:
83
+ #
84
+ # * `Aws.config[:region]`
85
+ # * `ENV['AWS_REGION']`
86
+ # * `ENV['AMAZON_REGION']`
87
+ # * `ENV['AWS_DEFAULT_REGION']`
88
+ # * `~/.aws/credentials`
89
+ # * `~/.aws/config`
90
+ # @option options [String] :access_key_id
91
+ # @option options [Boolean] :convert_params (true)
92
+ # When `true`, an attempt is made to coerce request parameters into
93
+ # the required types.
94
+ # @option options [String] :endpoint
95
+ # The client endpoint is normally constructed from the `:region`
96
+ # option. You should only configure an `:endpoint` when connecting
97
+ # to test endpoints. This should be avalid HTTP(S) URI.
98
+ # @option options [Aws::Log::Formatter] :log_formatter (Aws::Log::Formatter.default)
99
+ # The log formatter.
100
+ # @option options [Symbol] :log_level (:info)
101
+ # The log level to send messages to the `:logger` at.
102
+ # @option options [Logger] :logger
103
+ # The Logger instance to send log messages to. If this option
104
+ # is not set, logging will be disabled.
105
+ # @option options [String] :profile ("default")
106
+ # Used when loading credentials from the shared credentials file
107
+ # at HOME/.aws/credentials. When not specified, 'default' is used.
108
+ # @option options [Integer] :retry_limit (3)
109
+ # The maximum number of times to retry failed requests. Only
110
+ # ~ 500 level server errors and certain ~ 400 level client errors
111
+ # are retried. Generally, these are throttling errors, data
112
+ # checksum errors, networking errors, timeout errors and auth
113
+ # errors from expired credentials.
114
+ # @option options [String] :secret_access_key
115
+ # @option options [String] :session_token
116
+ # @option options [Boolean] :simple_json (false)
117
+ # Disables request parameter conversion, validation, and formatting.
118
+ # Also disable response data type conversions. This option is useful
119
+ # when you want to ensure the highest level of performance by
120
+ # avoiding overhead of walking request parameters and response data
121
+ # structures.
122
+ #
123
+ # When `:simple_json` is enabled, the request parameters hash must
124
+ # be formatted exactly as the DynamoDB API expects.
125
+ # @option options [Boolean] :stub_responses (false)
126
+ # Causes the client to return stubbed responses. By default
127
+ # fake responses are generated and returned. You can specify
128
+ # the response data to return or errors to raise by calling
129
+ # {ClientStubs#stub_responses}. See {ClientStubs} for more information.
130
+ #
131
+ # ** Please note ** When response stubbing is enabled, no HTTP
132
+ # requests are made, and retries are disabled.
133
+ # @option options [Boolean] :validate_params (true)
134
+ # When `true`, request parameters are validated before
135
+ # sending the request.
136
+ def initialize(*args)
137
+ super
138
+ end
139
+
140
+ # @!group API Operations
141
+
142
+ # Creates a `ByteMatchSet`. You then use UpdateByteMatchSet to identify
143
+ # the part of a web request that you want AWS WAF to inspect, such as
144
+ # the values of the `User-Agent` header or the query string. For
145
+ # example, you can create a `ByteMatchSet` that matches any requests
146
+ # with `User-Agent` headers that contain the string `BadBot`. You can
147
+ # then configure AWS WAF to reject those requests.
148
+ #
149
+ # To create and configure a `ByteMatchSet`, perform the following steps:
150
+ #
151
+ # 1. Use GetChangeToken to get the change token that you provide in the
152
+ # `ChangeToken` parameter of a `CreateByteMatchSet` request.
153
+ #
154
+ # 2. Submit a `CreateByteMatchSet` request.
155
+ #
156
+ # 3. Use `GetChangeToken` to get the change token that you provide in
157
+ # the `ChangeToken` parameter of an `UpdateByteMatchSet` request.
158
+ #
159
+ # 4. Submit an UpdateByteMatchSet request to specify the part of the
160
+ # request that you want AWS WAF to inspect (for example, the header
161
+ # or the URI) and the value that you want AWS WAF to watch for.
162
+ #
163
+ # For more information about how to use the AWS WAF API to allow or
164
+ # block HTTP requests, see the [AWS WAF Developer Guide][1].
165
+ #
166
+ #
167
+ #
168
+ # [1]: http://docs.aws.amazon.com/waf/latest/developerguide/
169
+ # @option params [required, String] :name
170
+ # A friendly name or description of the ByteMatchSet. You can't change
171
+ # `Name` after you create a `ByteMatchSet`.
172
+ # @option params [required, String] :change_token
173
+ # The value returned by the most recent call to GetChangeToken.
174
+ # @return [Types::CreateByteMatchSetResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
175
+ #
176
+ # * {Types::CreateByteMatchSetResponse#byte_match_set #ByteMatchSet} => Types::ByteMatchSet
177
+ # * {Types::CreateByteMatchSetResponse#change_token #ChangeToken} => String
178
+ #
179
+ # @example Request syntax with placeholder values
180
+ # resp = client.create_byte_match_set({
181
+ # name: "ResourceName", # required
182
+ # change_token: "ChangeToken", # required
183
+ # })
184
+ #
185
+ # @example Response structure
186
+ # resp.byte_match_set.byte_match_set_id #=> String
187
+ # resp.byte_match_set.name #=> String
188
+ # resp.byte_match_set.byte_match_tuples #=> Array
189
+ # resp.byte_match_set.byte_match_tuples[0].field_to_match.type #=> String, one of "URI", "QUERY_STRING", "HEADER", "METHOD", "BODY"
190
+ # resp.byte_match_set.byte_match_tuples[0].field_to_match.data #=> String
191
+ # resp.byte_match_set.byte_match_tuples[0].target_string #=> String
192
+ # resp.byte_match_set.byte_match_tuples[0].text_transformation #=> String, one of "NONE", "COMPRESS_WHITE_SPACE", "HTML_ENTITY_DECODE", "LOWERCASE", "CMD_LINE", "URL_DECODE"
193
+ # resp.byte_match_set.byte_match_tuples[0].positional_constraint #=> String, one of "EXACTLY", "STARTS_WITH", "ENDS_WITH", "CONTAINS", "CONTAINS_WORD"
194
+ # resp.change_token #=> String
195
+ # @overload create_byte_match_set(params = {})
196
+ # @param [Hash] params ({})
197
+ def create_byte_match_set(params = {}, options = {})
198
+ req = build_request(:create_byte_match_set, params)
199
+ req.send_request(options)
200
+ end
201
+
202
+ # Creates an IPSet, which you use to specify which web requests you want
203
+ # to allow or block based on the IP addresses that the requests
204
+ # originate from. For example, if you're receiving a lot of requests
205
+ # from one or more individual IP addresses or one or more ranges of IP
206
+ # addresses and you want to block the requests, you can create an
207
+ # `IPSet` that contains those IP addresses and then configure AWS WAF to
208
+ # block the requests.
209
+ #
210
+ # To create and configure an `IPSet`, perform the following steps:
211
+ #
212
+ # 1. Use GetChangeToken to get the change token that you provide in the
213
+ # `ChangeToken` parameter of a `CreateIPSet` request.
214
+ #
215
+ # 2. Submit a `CreateIPSet` request.
216
+ #
217
+ # 3. Use `GetChangeToken` to get the change token that you provide in
218
+ # the `ChangeToken` parameter of an UpdateIPSet request.
219
+ #
220
+ # 4. Submit an `UpdateIPSet` request to specify the IP addresses that
221
+ # you want AWS WAF to watch for.
222
+ #
223
+ # For more information about how to use the AWS WAF API to allow or
224
+ # block HTTP requests, see the [AWS WAF Developer Guide][1].
225
+ #
226
+ #
227
+ #
228
+ # [1]: http://docs.aws.amazon.com/waf/latest/developerguide/
229
+ # @option params [required, String] :name
230
+ # A friendly name or description of the IPSet. You can't change `Name`
231
+ # after you create the `IPSet`.
232
+ # @option params [required, String] :change_token
233
+ # The value returned by the most recent call to GetChangeToken.
234
+ # @return [Types::CreateIPSetResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
235
+ #
236
+ # * {Types::CreateIPSetResponse#ip_set #IPSet} => Types::IPSet
237
+ # * {Types::CreateIPSetResponse#change_token #ChangeToken} => String
238
+ #
239
+ # @example Request syntax with placeholder values
240
+ # resp = client.create_ip_set({
241
+ # name: "ResourceName", # required
242
+ # change_token: "ChangeToken", # required
243
+ # })
244
+ #
245
+ # @example Response structure
246
+ # resp.ip_set.ip_set_id #=> String
247
+ # resp.ip_set.name #=> String
248
+ # resp.ip_set.ip_set_descriptors #=> Array
249
+ # resp.ip_set.ip_set_descriptors[0].type #=> String, one of "IPV4", "IPV6"
250
+ # resp.ip_set.ip_set_descriptors[0].value #=> String
251
+ # resp.change_token #=> String
252
+ # @overload create_ip_set(params = {})
253
+ # @param [Hash] params ({})
254
+ def create_ip_set(params = {}, options = {})
255
+ req = build_request(:create_ip_set, params)
256
+ req.send_request(options)
257
+ end
258
+
259
+ # Creates a `Rule`, which contains the `IPSet` objects, `ByteMatchSet`
260
+ # objects, and other predicates that identify the requests that you want
261
+ # to block. If you add more than one predicate to a `Rule`, a request
262
+ # must match all of the specifications to be allowed or blocked. For
263
+ # example, suppose you add the following to a `Rule`\:
264
+ #
265
+ # * An `IPSet` that matches the IP address `192.0.2.44/32`
266
+ #
267
+ # * A `ByteMatchSet` that matches `BadBot` in the `User-Agent` header
268
+ #
269
+ # You then add the `Rule` to a `WebACL` and specify that you want to
270
+ # blocks requests that satisfy the `Rule`. For a request to be blocked,
271
+ # it must come from the IP address 192.0.2.44 *and* the `User-Agent`
272
+ # header in the request must contain the value `BadBot`.
273
+ #
274
+ # To create and configure a `Rule`, perform the following steps:
275
+ #
276
+ # 1. Create and update the predicates that you want to include in the
277
+ # `Rule`. For more information, see CreateByteMatchSet, CreateIPSet,
278
+ # and CreateSqlInjectionMatchSet.
279
+ #
280
+ # 2. Use GetChangeToken to get the change token that you provide in the
281
+ # `ChangeToken` parameter of a `CreateRule` request.
282
+ #
283
+ # 3. Submit a `CreateRule` request.
284
+ #
285
+ # 4. Use `GetChangeToken` to get the change token that you provide in
286
+ # the `ChangeToken` parameter of an UpdateRule request.
287
+ #
288
+ # 5. Submit an `UpdateRule` request to specify the predicates that you
289
+ # want to include in the `Rule`.
290
+ #
291
+ # 6. Create and update a `WebACL` that contains the `Rule`. For more
292
+ # information, see CreateWebACL.
293
+ #
294
+ # For more information about how to use the AWS WAF API to allow or
295
+ # block HTTP requests, see the [AWS WAF Developer Guide][1].
296
+ #
297
+ #
298
+ #
299
+ # [1]: http://docs.aws.amazon.com/waf/latest/developerguide/
300
+ # @option params [required, String] :name
301
+ # A friendly name or description of the Rule. You can't change the name
302
+ # of a `Rule` after you create it.
303
+ # @option params [required, String] :metric_name
304
+ # A friendly name or description for the metrics for this `Rule`. The
305
+ # name can contain only alphanumeric characters (A-Z, a-z, 0-9); the
306
+ # name can't contain whitespace. You can't change the name of the
307
+ # metric after you create the `Rule`.
308
+ # @option params [required, String] :change_token
309
+ # The value returned by the most recent call to GetChangeToken.
310
+ # @return [Types::CreateRuleResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
311
+ #
312
+ # * {Types::CreateRuleResponse#rule #Rule} => Types::Rule
313
+ # * {Types::CreateRuleResponse#change_token #ChangeToken} => String
314
+ #
315
+ # @example Request syntax with placeholder values
316
+ # resp = client.create_rule({
317
+ # name: "ResourceName", # required
318
+ # metric_name: "MetricName", # required
319
+ # change_token: "ChangeToken", # required
320
+ # })
321
+ #
322
+ # @example Response structure
323
+ # resp.rule.rule_id #=> String
324
+ # resp.rule.name #=> String
325
+ # resp.rule.metric_name #=> String
326
+ # resp.rule.predicates #=> Array
327
+ # resp.rule.predicates[0].negated #=> Boolean
328
+ # resp.rule.predicates[0].type #=> String, one of "IPMatch", "ByteMatch", "SqlInjectionMatch", "SizeConstraint", "XssMatch"
329
+ # resp.rule.predicates[0].data_id #=> String
330
+ # resp.change_token #=> String
331
+ # @overload create_rule(params = {})
332
+ # @param [Hash] params ({})
333
+ def create_rule(params = {}, options = {})
334
+ req = build_request(:create_rule, params)
335
+ req.send_request(options)
336
+ end
337
+
338
+ # Creates a `SizeConstraintSet`. You then use UpdateSizeConstraintSet to
339
+ # identify the part of a web request that you want AWS WAF to check for
340
+ # length, such as the length of the `User-Agent` header or the length of
341
+ # the query string. For example, you can create a `SizeConstraintSet`
342
+ # that matches any requests that have a query string that is longer than
343
+ # 100 bytes. You can then configure AWS WAF to reject those requests.
344
+ #
345
+ # To create and configure a `SizeConstraintSet`, perform the following
346
+ # steps:
347
+ #
348
+ # 1. Use GetChangeToken to get the change token that you provide in the
349
+ # `ChangeToken` parameter of a `CreateSizeConstraintSet` request.
350
+ #
351
+ # 2. Submit a `CreateSizeConstraintSet` request.
352
+ #
353
+ # 3. Use `GetChangeToken` to get the change token that you provide in
354
+ # the `ChangeToken` parameter of an `UpdateSizeConstraintSet`
355
+ # request.
356
+ #
357
+ # 4. Submit an UpdateSizeConstraintSet request to specify the part of
358
+ # the request that you want AWS WAF to inspect (for example, the
359
+ # header or the URI) and the value that you want AWS WAF to watch
360
+ # for.
361
+ #
362
+ # For more information about how to use the AWS WAF API to allow or
363
+ # block HTTP requests, see the [AWS WAF Developer Guide][1].
364
+ #
365
+ #
366
+ #
367
+ # [1]: http://docs.aws.amazon.com/waf/latest/developerguide/
368
+ # @option params [required, String] :name
369
+ # A friendly name or description of the SizeConstraintSet. You can't
370
+ # change `Name` after you create a `SizeConstraintSet`.
371
+ # @option params [required, String] :change_token
372
+ # The value returned by the most recent call to GetChangeToken.
373
+ # @return [Types::CreateSizeConstraintSetResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
374
+ #
375
+ # * {Types::CreateSizeConstraintSetResponse#size_constraint_set #SizeConstraintSet} => Types::SizeConstraintSet
376
+ # * {Types::CreateSizeConstraintSetResponse#change_token #ChangeToken} => String
377
+ #
378
+ # @example Request syntax with placeholder values
379
+ # resp = client.create_size_constraint_set({
380
+ # name: "ResourceName", # required
381
+ # change_token: "ChangeToken", # required
382
+ # })
383
+ #
384
+ # @example Response structure
385
+ # resp.size_constraint_set.size_constraint_set_id #=> String
386
+ # resp.size_constraint_set.name #=> String
387
+ # resp.size_constraint_set.size_constraints #=> Array
388
+ # resp.size_constraint_set.size_constraints[0].field_to_match.type #=> String, one of "URI", "QUERY_STRING", "HEADER", "METHOD", "BODY"
389
+ # resp.size_constraint_set.size_constraints[0].field_to_match.data #=> String
390
+ # resp.size_constraint_set.size_constraints[0].text_transformation #=> String, one of "NONE", "COMPRESS_WHITE_SPACE", "HTML_ENTITY_DECODE", "LOWERCASE", "CMD_LINE", "URL_DECODE"
391
+ # resp.size_constraint_set.size_constraints[0].comparison_operator #=> String, one of "EQ", "NE", "LE", "LT", "GE", "GT"
392
+ # resp.size_constraint_set.size_constraints[0].size #=> Integer
393
+ # resp.change_token #=> String
394
+ # @overload create_size_constraint_set(params = {})
395
+ # @param [Hash] params ({})
396
+ def create_size_constraint_set(params = {}, options = {})
397
+ req = build_request(:create_size_constraint_set, params)
398
+ req.send_request(options)
399
+ end
400
+
401
+ # Creates a SqlInjectionMatchSet, which you use to allow, block, or
402
+ # count requests that contain snippets of SQL code in a specified part
403
+ # of web requests. AWS WAF searches for character sequences that are
404
+ # likely to be malicious strings.
405
+ #
406
+ # To create and configure a `SqlInjectionMatchSet`, perform the
407
+ # following steps:
408
+ #
409
+ # 1. Use GetChangeToken to get the change token that you provide in the
410
+ # `ChangeToken` parameter of a `CreateSqlInjectionMatchSet` request.
411
+ #
412
+ # 2. Submit a `CreateSqlInjectionMatchSet` request.
413
+ #
414
+ # 3. Use `GetChangeToken` to get the change token that you provide in
415
+ # the `ChangeToken` parameter of an UpdateSqlInjectionMatchSet
416
+ # request.
417
+ #
418
+ # 4. Submit an UpdateSqlInjectionMatchSet request to specify the parts
419
+ # of web requests in which you want to allow, block, or count
420
+ # malicious SQL code.
421
+ #
422
+ # For more information about how to use the AWS WAF API to allow or
423
+ # block HTTP requests, see the [AWS WAF Developer Guide][1].
424
+ #
425
+ #
426
+ #
427
+ # [1]: http://docs.aws.amazon.com/waf/latest/developerguide/
428
+ # @option params [required, String] :name
429
+ # A friendly name or description for the SqlInjectionMatchSet that
430
+ # you're creating. You can't change `Name` after you create the
431
+ # `SqlInjectionMatchSet`.
432
+ # @option params [required, String] :change_token
433
+ # The value returned by the most recent call to GetChangeToken.
434
+ # @return [Types::CreateSqlInjectionMatchSetResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
435
+ #
436
+ # * {Types::CreateSqlInjectionMatchSetResponse#sql_injection_match_set #SqlInjectionMatchSet} => Types::SqlInjectionMatchSet
437
+ # * {Types::CreateSqlInjectionMatchSetResponse#change_token #ChangeToken} => String
438
+ #
439
+ # @example Request syntax with placeholder values
440
+ # resp = client.create_sql_injection_match_set({
441
+ # name: "ResourceName", # required
442
+ # change_token: "ChangeToken", # required
443
+ # })
444
+ #
445
+ # @example Response structure
446
+ # resp.sql_injection_match_set.sql_injection_match_set_id #=> String
447
+ # resp.sql_injection_match_set.name #=> String
448
+ # resp.sql_injection_match_set.sql_injection_match_tuples #=> Array
449
+ # resp.sql_injection_match_set.sql_injection_match_tuples[0].field_to_match.type #=> String, one of "URI", "QUERY_STRING", "HEADER", "METHOD", "BODY"
450
+ # resp.sql_injection_match_set.sql_injection_match_tuples[0].field_to_match.data #=> String
451
+ # resp.sql_injection_match_set.sql_injection_match_tuples[0].text_transformation #=> String, one of "NONE", "COMPRESS_WHITE_SPACE", "HTML_ENTITY_DECODE", "LOWERCASE", "CMD_LINE", "URL_DECODE"
452
+ # resp.change_token #=> String
453
+ # @overload create_sql_injection_match_set(params = {})
454
+ # @param [Hash] params ({})
455
+ def create_sql_injection_match_set(params = {}, options = {})
456
+ req = build_request(:create_sql_injection_match_set, params)
457
+ req.send_request(options)
458
+ end
459
+
460
+ # Creates a `WebACL`, which contains the `Rules` that identify the
461
+ # CloudFront web requests that you want to allow, block, or count. AWS
462
+ # WAF evaluates `Rules` in order based on the value of `Priority` for
463
+ # each `Rule`.
464
+ #
465
+ # You also specify a default action, either `ALLOW` or `BLOCK`. If a web
466
+ # request doesn't match any of the `Rules` in a `WebACL`, AWS WAF
467
+ # responds to the request with the default action.
468
+ #
469
+ # To create and configure a `WebACL`, perform the following steps:
470
+ #
471
+ # 1. Create and update the `ByteMatchSet` objects and other predicates
472
+ # that you want to include in `Rules`. For more information, see
473
+ # CreateByteMatchSet, UpdateByteMatchSet, CreateIPSet, UpdateIPSet,
474
+ # CreateSqlInjectionMatchSet, and UpdateSqlInjectionMatchSet.
475
+ #
476
+ # 2. Create and update the `Rules` that you want to include in the
477
+ # `WebACL`. For more information, see CreateRule and UpdateRule.
478
+ #
479
+ # 3. Use GetChangeToken to get the change token that you provide in the
480
+ # `ChangeToken` parameter of a `CreateWebACL` request.
481
+ #
482
+ # 4. Submit a `CreateWebACL` request.
483
+ #
484
+ # 5. Use `GetChangeToken` to get the change token that you provide in
485
+ # the `ChangeToken` parameter of an UpdateWebACL request.
486
+ #
487
+ # 6. Submit an UpdateWebACL request to specify the `Rules` that you
488
+ # want to include in the `WebACL`, to specify the default action,
489
+ # and to associate the `WebACL` with a CloudFront distribution.
490
+ #
491
+ # For more information about how to use the AWS WAF API, see the [AWS
492
+ # WAF Developer Guide][1].
493
+ #
494
+ #
495
+ #
496
+ # [1]: http://docs.aws.amazon.com/waf/latest/developerguide/
497
+ # @option params [required, String] :name
498
+ # A friendly name or description of the WebACL. You can't change `Name`
499
+ # after you create the `WebACL`.
500
+ # @option params [required, String] :metric_name
501
+ # A friendly name or description for the metrics for this `WebACL`. The
502
+ # name can contain only alphanumeric characters (A-Z, a-z, 0-9); the
503
+ # name can't contain whitespace. You can't change `MetricName` after
504
+ # you create the `WebACL`.
505
+ # @option params [required, Types::WafAction] :default_action
506
+ # The action that you want AWS WAF to take when a request doesn't match
507
+ # the criteria specified in any of the `Rule` objects that are
508
+ # associated with the `WebACL`.
509
+ # @option params [required, String] :change_token
510
+ # The value returned by the most recent call to GetChangeToken.
511
+ # @return [Types::CreateWebACLResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
512
+ #
513
+ # * {Types::CreateWebACLResponse#web_acl #WebACL} => Types::WebACL
514
+ # * {Types::CreateWebACLResponse#change_token #ChangeToken} => String
515
+ #
516
+ # @example Request syntax with placeholder values
517
+ # resp = client.create_web_acl({
518
+ # name: "ResourceName", # required
519
+ # metric_name: "MetricName", # required
520
+ # default_action: { # required
521
+ # type: "BLOCK", # required, accepts BLOCK, ALLOW, COUNT
522
+ # },
523
+ # change_token: "ChangeToken", # required
524
+ # })
525
+ #
526
+ # @example Response structure
527
+ # resp.web_acl.web_acl_id #=> String
528
+ # resp.web_acl.name #=> String
529
+ # resp.web_acl.metric_name #=> String
530
+ # resp.web_acl.default_action.type #=> String, one of "BLOCK", "ALLOW", "COUNT"
531
+ # resp.web_acl.rules #=> Array
532
+ # resp.web_acl.rules[0].priority #=> Integer
533
+ # resp.web_acl.rules[0].rule_id #=> String
534
+ # resp.web_acl.rules[0].action.type #=> String, one of "BLOCK", "ALLOW", "COUNT"
535
+ # resp.change_token #=> String
536
+ # @overload create_web_acl(params = {})
537
+ # @param [Hash] params ({})
538
+ def create_web_acl(params = {}, options = {})
539
+ req = build_request(:create_web_acl, params)
540
+ req.send_request(options)
541
+ end
542
+
543
+ # Creates an XssMatchSet, which you use to allow, block, or count
544
+ # requests that contain cross-site scripting attacks in the specified
545
+ # part of web requests. AWS WAF searches for character sequences that
546
+ # are likely to be malicious strings.
547
+ #
548
+ # To create and configure an `XssMatchSet`, perform the following steps:
549
+ #
550
+ # 1. Use GetChangeToken to get the change token that you provide in the
551
+ # `ChangeToken` parameter of a `CreateXssMatchSet` request.
552
+ #
553
+ # 2. Submit a `CreateXssMatchSet` request.
554
+ #
555
+ # 3. Use `GetChangeToken` to get the change token that you provide in
556
+ # the `ChangeToken` parameter of an UpdateXssMatchSet request.
557
+ #
558
+ # 4. Submit an UpdateXssMatchSet request to specify the parts of web
559
+ # requests in which you want to allow, block, or count cross-site
560
+ # scripting attacks.
561
+ #
562
+ # For more information about how to use the AWS WAF API to allow or
563
+ # block HTTP requests, see the [AWS WAF Developer Guide][1].
564
+ #
565
+ #
566
+ #
567
+ # [1]: http://docs.aws.amazon.com/waf/latest/developerguide/
568
+ # @option params [required, String] :name
569
+ # A friendly name or description for the XssMatchSet that you're
570
+ # creating. You can't change `Name` after you create the `XssMatchSet`.
571
+ # @option params [required, String] :change_token
572
+ # The value returned by the most recent call to GetChangeToken.
573
+ # @return [Types::CreateXssMatchSetResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
574
+ #
575
+ # * {Types::CreateXssMatchSetResponse#xss_match_set #XssMatchSet} => Types::XssMatchSet
576
+ # * {Types::CreateXssMatchSetResponse#change_token #ChangeToken} => String
577
+ #
578
+ # @example Request syntax with placeholder values
579
+ # resp = client.create_xss_match_set({
580
+ # name: "ResourceName", # required
581
+ # change_token: "ChangeToken", # required
582
+ # })
583
+ #
584
+ # @example Response structure
585
+ # resp.xss_match_set.xss_match_set_id #=> String
586
+ # resp.xss_match_set.name #=> String
587
+ # resp.xss_match_set.xss_match_tuples #=> Array
588
+ # resp.xss_match_set.xss_match_tuples[0].field_to_match.type #=> String, one of "URI", "QUERY_STRING", "HEADER", "METHOD", "BODY"
589
+ # resp.xss_match_set.xss_match_tuples[0].field_to_match.data #=> String
590
+ # resp.xss_match_set.xss_match_tuples[0].text_transformation #=> String, one of "NONE", "COMPRESS_WHITE_SPACE", "HTML_ENTITY_DECODE", "LOWERCASE", "CMD_LINE", "URL_DECODE"
591
+ # resp.change_token #=> String
592
+ # @overload create_xss_match_set(params = {})
593
+ # @param [Hash] params ({})
594
+ def create_xss_match_set(params = {}, options = {})
595
+ req = build_request(:create_xss_match_set, params)
596
+ req.send_request(options)
597
+ end
598
+
599
+ # Permanently deletes a ByteMatchSet. You can't delete a `ByteMatchSet`
600
+ # if it's still used in any `Rules` or if it still includes any
601
+ # ByteMatchTuple objects (any filters).
602
+ #
603
+ # If you just want to remove a `ByteMatchSet` from a `Rule`, use
604
+ # UpdateRule.
605
+ #
606
+ # To permanently delete a `ByteMatchSet`, perform the following steps:
607
+ #
608
+ # 1. Update the `ByteMatchSet` to remove filters, if any. For more
609
+ # information, see UpdateByteMatchSet.
610
+ #
611
+ # 2. Use GetChangeToken to get the change token that you provide in the
612
+ # `ChangeToken` parameter of a `DeleteByteMatchSet` request.
613
+ #
614
+ # 3. Submit a `DeleteByteMatchSet` request.
615
+ # @option params [required, String] :byte_match_set_id
616
+ # The `ByteMatchSetId` of the ByteMatchSet that you want to delete.
617
+ # `ByteMatchSetId` is returned by CreateByteMatchSet and by
618
+ # ListByteMatchSets.
619
+ # @option params [required, String] :change_token
620
+ # The value returned by the most recent call to GetChangeToken.
621
+ # @return [Types::DeleteByteMatchSetResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
622
+ #
623
+ # * {Types::DeleteByteMatchSetResponse#change_token #ChangeToken} => String
624
+ #
625
+ # @example Request syntax with placeholder values
626
+ # resp = client.delete_byte_match_set({
627
+ # byte_match_set_id: "ResourceId", # required
628
+ # change_token: "ChangeToken", # required
629
+ # })
630
+ #
631
+ # @example Response structure
632
+ # resp.change_token #=> String
633
+ # @overload delete_byte_match_set(params = {})
634
+ # @param [Hash] params ({})
635
+ def delete_byte_match_set(params = {}, options = {})
636
+ req = build_request(:delete_byte_match_set, params)
637
+ req.send_request(options)
638
+ end
639
+
640
+ # Permanently deletes an IPSet. You can't delete an `IPSet` if it's
641
+ # still used in any `Rules` or if it still includes any IP addresses.
642
+ #
643
+ # If you just want to remove an `IPSet` from a `Rule`, use UpdateRule.
644
+ #
645
+ # To permanently delete an `IPSet` from AWS WAF, perform the following
646
+ # steps:
647
+ #
648
+ # 1. Update the `IPSet` to remove IP address ranges, if any. For more
649
+ # information, see UpdateIPSet.
650
+ #
651
+ # 2. Use GetChangeToken to get the change token that you provide in the
652
+ # `ChangeToken` parameter of a `DeleteIPSet` request.
653
+ #
654
+ # 3. Submit a `DeleteIPSet` request.
655
+ # @option params [required, String] :ip_set_id
656
+ # The `IPSetId` of the IPSet that you want to delete. `IPSetId` is
657
+ # returned by CreateIPSet and by ListIPSets.
658
+ # @option params [required, String] :change_token
659
+ # The value returned by the most recent call to GetChangeToken.
660
+ # @return [Types::DeleteIPSetResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
661
+ #
662
+ # * {Types::DeleteIPSetResponse#change_token #ChangeToken} => String
663
+ #
664
+ # @example Request syntax with placeholder values
665
+ # resp = client.delete_ip_set({
666
+ # ip_set_id: "ResourceId", # required
667
+ # change_token: "ChangeToken", # required
668
+ # })
669
+ #
670
+ # @example Response structure
671
+ # resp.change_token #=> String
672
+ # @overload delete_ip_set(params = {})
673
+ # @param [Hash] params ({})
674
+ def delete_ip_set(params = {}, options = {})
675
+ req = build_request(:delete_ip_set, params)
676
+ req.send_request(options)
677
+ end
678
+
679
+ # Permanently deletes a Rule. You can't delete a `Rule` if it's still
680
+ # used in any `WebACL` objects or if it still includes any predicates,
681
+ # such as `ByteMatchSet` objects.
682
+ #
683
+ # If you just want to remove a `Rule` from a `WebACL`, use UpdateWebACL.
684
+ #
685
+ # To permanently delete a `Rule` from AWS WAF, perform the following
686
+ # steps:
687
+ #
688
+ # 1. Update the `Rule` to remove predicates, if any. For more
689
+ # information, see UpdateRule.
690
+ #
691
+ # 2. Use GetChangeToken to get the change token that you provide in the
692
+ # `ChangeToken` parameter of a `DeleteRule` request.
693
+ #
694
+ # 3. Submit a `DeleteRule` request.
695
+ # @option params [required, String] :rule_id
696
+ # The `RuleId` of the Rule that you want to delete. `RuleId` is returned
697
+ # by CreateRule and by ListRules.
698
+ # @option params [required, String] :change_token
699
+ # The value returned by the most recent call to GetChangeToken.
700
+ # @return [Types::DeleteRuleResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
701
+ #
702
+ # * {Types::DeleteRuleResponse#change_token #ChangeToken} => String
703
+ #
704
+ # @example Request syntax with placeholder values
705
+ # resp = client.delete_rule({
706
+ # rule_id: "ResourceId", # required
707
+ # change_token: "ChangeToken", # required
708
+ # })
709
+ #
710
+ # @example Response structure
711
+ # resp.change_token #=> String
712
+ # @overload delete_rule(params = {})
713
+ # @param [Hash] params ({})
714
+ def delete_rule(params = {}, options = {})
715
+ req = build_request(:delete_rule, params)
716
+ req.send_request(options)
717
+ end
718
+
719
+ # Permanently deletes a SizeConstraintSet. You can't delete a
720
+ # `SizeConstraintSet` if it's still used in any `Rules` or if it still
721
+ # includes any SizeConstraint objects (any filters).
722
+ #
723
+ # If you just want to remove a `SizeConstraintSet` from a `Rule`, use
724
+ # UpdateRule.
725
+ #
726
+ # To permanently delete a `SizeConstraintSet`, perform the following
727
+ # steps:
728
+ #
729
+ # 1. Update the `SizeConstraintSet` to remove filters, if any. For more
730
+ # information, see UpdateSizeConstraintSet.
731
+ #
732
+ # 2. Use GetChangeToken to get the change token that you provide in the
733
+ # `ChangeToken` parameter of a `DeleteSizeConstraintSet` request.
734
+ #
735
+ # 3. Submit a `DeleteSizeConstraintSet` request.
736
+ # @option params [required, String] :size_constraint_set_id
737
+ # The `SizeConstraintSetId` of the SizeConstraintSet that you want to
738
+ # delete. `SizeConstraintSetId` is returned by CreateSizeConstraintSet
739
+ # and by ListSizeConstraintSets.
740
+ # @option params [required, String] :change_token
741
+ # The value returned by the most recent call to GetChangeToken.
742
+ # @return [Types::DeleteSizeConstraintSetResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
743
+ #
744
+ # * {Types::DeleteSizeConstraintSetResponse#change_token #ChangeToken} => String
745
+ #
746
+ # @example Request syntax with placeholder values
747
+ # resp = client.delete_size_constraint_set({
748
+ # size_constraint_set_id: "ResourceId", # required
749
+ # change_token: "ChangeToken", # required
750
+ # })
751
+ #
752
+ # @example Response structure
753
+ # resp.change_token #=> String
754
+ # @overload delete_size_constraint_set(params = {})
755
+ # @param [Hash] params ({})
756
+ def delete_size_constraint_set(params = {}, options = {})
757
+ req = build_request(:delete_size_constraint_set, params)
758
+ req.send_request(options)
759
+ end
760
+
761
+ # Permanently deletes a SqlInjectionMatchSet. You can't delete a
762
+ # `SqlInjectionMatchSet` if it's still used in any `Rules` or if it
763
+ # still contains any SqlInjectionMatchTuple objects.
764
+ #
765
+ # If you just want to remove a `SqlInjectionMatchSet` from a `Rule`, use
766
+ # UpdateRule.
767
+ #
768
+ # To permanently delete a `SqlInjectionMatchSet` from AWS WAF, perform
769
+ # the following steps:
770
+ #
771
+ # 1. Update the `SqlInjectionMatchSet` to remove filters, if any. For
772
+ # more information, see UpdateSqlInjectionMatchSet.
773
+ #
774
+ # 2. Use GetChangeToken to get the change token that you provide in the
775
+ # `ChangeToken` parameter of a `DeleteSqlInjectionMatchSet` request.
776
+ #
777
+ # 3. Submit a `DeleteSqlInjectionMatchSet` request.
778
+ # @option params [required, String] :sql_injection_match_set_id
779
+ # The `SqlInjectionMatchSetId` of the SqlInjectionMatchSet that you want
780
+ # to delete. `SqlInjectionMatchSetId` is returned by
781
+ # CreateSqlInjectionMatchSet and by ListSqlInjectionMatchSets.
782
+ # @option params [required, String] :change_token
783
+ # The value returned by the most recent call to GetChangeToken.
784
+ # @return [Types::DeleteSqlInjectionMatchSetResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
785
+ #
786
+ # * {Types::DeleteSqlInjectionMatchSetResponse#change_token #ChangeToken} => String
787
+ #
788
+ # @example Request syntax with placeholder values
789
+ # resp = client.delete_sql_injection_match_set({
790
+ # sql_injection_match_set_id: "ResourceId", # required
791
+ # change_token: "ChangeToken", # required
792
+ # })
793
+ #
794
+ # @example Response structure
795
+ # resp.change_token #=> String
796
+ # @overload delete_sql_injection_match_set(params = {})
797
+ # @param [Hash] params ({})
798
+ def delete_sql_injection_match_set(params = {}, options = {})
799
+ req = build_request(:delete_sql_injection_match_set, params)
800
+ req.send_request(options)
801
+ end
802
+
803
+ # Permanently deletes a WebACL. You can't delete a `WebACL` if it still
804
+ # contains any `Rules`.
805
+ #
806
+ # To delete a `WebACL`, perform the following steps:
807
+ #
808
+ # 1. Update the `WebACL` to remove `Rules`, if any. For more
809
+ # information, see UpdateWebACL.
810
+ #
811
+ # 2. Use GetChangeToken to get the change token that you provide in the
812
+ # `ChangeToken` parameter of a `DeleteWebACL` request.
813
+ #
814
+ # 3. Submit a `DeleteWebACL` request.
815
+ # @option params [required, String] :web_acl_id
816
+ # The `WebACLId` of the WebACL that you want to delete. `WebACLId` is
817
+ # returned by CreateWebACL and by ListWebACLs.
818
+ # @option params [required, String] :change_token
819
+ # The value returned by the most recent call to GetChangeToken.
820
+ # @return [Types::DeleteWebACLResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
821
+ #
822
+ # * {Types::DeleteWebACLResponse#change_token #ChangeToken} => String
823
+ #
824
+ # @example Request syntax with placeholder values
825
+ # resp = client.delete_web_acl({
826
+ # web_acl_id: "ResourceId", # required
827
+ # change_token: "ChangeToken", # required
828
+ # })
829
+ #
830
+ # @example Response structure
831
+ # resp.change_token #=> String
832
+ # @overload delete_web_acl(params = {})
833
+ # @param [Hash] params ({})
834
+ def delete_web_acl(params = {}, options = {})
835
+ req = build_request(:delete_web_acl, params)
836
+ req.send_request(options)
837
+ end
838
+
839
+ # Permanently deletes an XssMatchSet. You can't delete an `XssMatchSet`
840
+ # if it's still used in any `Rules` or if it still contains any
841
+ # XssMatchTuple objects.
842
+ #
843
+ # If you just want to remove an `XssMatchSet` from a `Rule`, use
844
+ # UpdateRule.
845
+ #
846
+ # To permanently delete an `XssMatchSet` from AWS WAF, perform the
847
+ # following steps:
848
+ #
849
+ # 1. Update the `XssMatchSet` to remove filters, if any. For more
850
+ # information, see UpdateXssMatchSet.
851
+ #
852
+ # 2. Use GetChangeToken to get the change token that you provide in the
853
+ # `ChangeToken` parameter of a `DeleteXssMatchSet` request.
854
+ #
855
+ # 3. Submit a `DeleteXssMatchSet` request.
856
+ # @option params [required, String] :xss_match_set_id
857
+ # The `XssMatchSetId` of the XssMatchSet that you want to delete.
858
+ # `XssMatchSetId` is returned by CreateXssMatchSet and by
859
+ # ListXssMatchSets.
860
+ # @option params [required, String] :change_token
861
+ # The value returned by the most recent call to GetChangeToken.
862
+ # @return [Types::DeleteXssMatchSetResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
863
+ #
864
+ # * {Types::DeleteXssMatchSetResponse#change_token #ChangeToken} => String
865
+ #
866
+ # @example Request syntax with placeholder values
867
+ # resp = client.delete_xss_match_set({
868
+ # xss_match_set_id: "ResourceId", # required
869
+ # change_token: "ChangeToken", # required
870
+ # })
871
+ #
872
+ # @example Response structure
873
+ # resp.change_token #=> String
874
+ # @overload delete_xss_match_set(params = {})
875
+ # @param [Hash] params ({})
876
+ def delete_xss_match_set(params = {}, options = {})
877
+ req = build_request(:delete_xss_match_set, params)
878
+ req.send_request(options)
879
+ end
880
+
881
+ # Returns the ByteMatchSet specified by `ByteMatchSetId`.
882
+ # @option params [required, String] :byte_match_set_id
883
+ # The `ByteMatchSetId` of the ByteMatchSet that you want to get.
884
+ # `ByteMatchSetId` is returned by CreateByteMatchSet and by
885
+ # ListByteMatchSets.
886
+ # @return [Types::GetByteMatchSetResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
887
+ #
888
+ # * {Types::GetByteMatchSetResponse#byte_match_set #ByteMatchSet} => Types::ByteMatchSet
889
+ #
890
+ # @example Request syntax with placeholder values
891
+ # resp = client.get_byte_match_set({
892
+ # byte_match_set_id: "ResourceId", # required
893
+ # })
894
+ #
895
+ # @example Response structure
896
+ # resp.byte_match_set.byte_match_set_id #=> String
897
+ # resp.byte_match_set.name #=> String
898
+ # resp.byte_match_set.byte_match_tuples #=> Array
899
+ # resp.byte_match_set.byte_match_tuples[0].field_to_match.type #=> String, one of "URI", "QUERY_STRING", "HEADER", "METHOD", "BODY"
900
+ # resp.byte_match_set.byte_match_tuples[0].field_to_match.data #=> String
901
+ # resp.byte_match_set.byte_match_tuples[0].target_string #=> String
902
+ # resp.byte_match_set.byte_match_tuples[0].text_transformation #=> String, one of "NONE", "COMPRESS_WHITE_SPACE", "HTML_ENTITY_DECODE", "LOWERCASE", "CMD_LINE", "URL_DECODE"
903
+ # resp.byte_match_set.byte_match_tuples[0].positional_constraint #=> String, one of "EXACTLY", "STARTS_WITH", "ENDS_WITH", "CONTAINS", "CONTAINS_WORD"
904
+ # @overload get_byte_match_set(params = {})
905
+ # @param [Hash] params ({})
906
+ def get_byte_match_set(params = {}, options = {})
907
+ req = build_request(:get_byte_match_set, params)
908
+ req.send_request(options)
909
+ end
910
+
911
+ # When you want to create, update, or delete AWS WAF objects, get a
912
+ # change token and include the change token in the create, update, or
913
+ # delete request. Change tokens ensure that your application doesn't
914
+ # submit conflicting requests to AWS WAF.
915
+ #
916
+ # Each create, update, or delete request must use a unique change token.
917
+ # If your application submits a `GetChangeToken` request and then
918
+ # submits a second `GetChangeToken` request before submitting a create,
919
+ # update, or delete request, the second `GetChangeToken` request returns
920
+ # the same value as the first `GetChangeToken` request.
921
+ #
922
+ # When you use a change token in a create, update, or delete request,
923
+ # the status of the change token changes to `PENDING`, which indicates
924
+ # that AWS WAF is propagating the change to all AWS WAF servers. Use
925
+ # `GetChangeTokenStatus` to determine the status of your change token.
926
+ # @return [Types::GetChangeTokenResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
927
+ #
928
+ # * {Types::GetChangeTokenResponse#change_token #ChangeToken} => String
929
+ #
930
+ # @example Request syntax with placeholder values
931
+ # resp = client.get_change_token()
932
+ #
933
+ # @example Response structure
934
+ # resp.change_token #=> String
935
+ # @overload get_change_token(params = {})
936
+ # @param [Hash] params ({})
937
+ def get_change_token(params = {}, options = {})
938
+ req = build_request(:get_change_token, params)
939
+ req.send_request(options)
940
+ end
941
+
942
+ # Returns the status of a `ChangeToken` that you got by calling
943
+ # GetChangeToken. `ChangeTokenStatus` is one of the following values:
944
+ #
945
+ # * `PROVISIONED`\: You requested the change token by calling
946
+ # `GetChangeToken`, but you haven't used it yet in a call to create,
947
+ # update, or delete an AWS WAF object.
948
+ #
949
+ # * `PENDING`\: AWS WAF is propagating the create, update, or delete
950
+ # request to all AWS WAF servers.
951
+ #
952
+ # * `IN_SYNC`\: Propagation is complete.
953
+ # @option params [required, String] :change_token
954
+ # The change token for which you want to get the status. This change
955
+ # token was previously returned in the `GetChangeToken` response.
956
+ # @return [Types::GetChangeTokenStatusResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
957
+ #
958
+ # * {Types::GetChangeTokenStatusResponse#change_token_status #ChangeTokenStatus} => String
959
+ #
960
+ # @example Request syntax with placeholder values
961
+ # resp = client.get_change_token_status({
962
+ # change_token: "ChangeToken", # required
963
+ # })
964
+ #
965
+ # @example Response structure
966
+ # resp.change_token_status #=> String, one of "PROVISIONED", "PENDING", "INSYNC"
967
+ # @overload get_change_token_status(params = {})
968
+ # @param [Hash] params ({})
969
+ def get_change_token_status(params = {}, options = {})
970
+ req = build_request(:get_change_token_status, params)
971
+ req.send_request(options)
972
+ end
973
+
974
+ # Returns the IPSet that is specified by `IPSetId`.
975
+ # @option params [required, String] :ip_set_id
976
+ # The `IPSetId` of the IPSet that you want to get. `IPSetId` is returned
977
+ # by CreateIPSet and by ListIPSets.
978
+ # @return [Types::GetIPSetResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
979
+ #
980
+ # * {Types::GetIPSetResponse#ip_set #IPSet} => Types::IPSet
981
+ #
982
+ # @example Request syntax with placeholder values
983
+ # resp = client.get_ip_set({
984
+ # ip_set_id: "ResourceId", # required
985
+ # })
986
+ #
987
+ # @example Response structure
988
+ # resp.ip_set.ip_set_id #=> String
989
+ # resp.ip_set.name #=> String
990
+ # resp.ip_set.ip_set_descriptors #=> Array
991
+ # resp.ip_set.ip_set_descriptors[0].type #=> String, one of "IPV4", "IPV6"
992
+ # resp.ip_set.ip_set_descriptors[0].value #=> String
993
+ # @overload get_ip_set(params = {})
994
+ # @param [Hash] params ({})
995
+ def get_ip_set(params = {}, options = {})
996
+ req = build_request(:get_ip_set, params)
997
+ req.send_request(options)
998
+ end
999
+
1000
+ # Returns the Rule that is specified by the `RuleId` that you included
1001
+ # in the `GetRule` request.
1002
+ # @option params [required, String] :rule_id
1003
+ # The `RuleId` of the Rule that you want to get. `RuleId` is returned by
1004
+ # CreateRule and by ListRules.
1005
+ # @return [Types::GetRuleResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
1006
+ #
1007
+ # * {Types::GetRuleResponse#rule #Rule} => Types::Rule
1008
+ #
1009
+ # @example Request syntax with placeholder values
1010
+ # resp = client.get_rule({
1011
+ # rule_id: "ResourceId", # required
1012
+ # })
1013
+ #
1014
+ # @example Response structure
1015
+ # resp.rule.rule_id #=> String
1016
+ # resp.rule.name #=> String
1017
+ # resp.rule.metric_name #=> String
1018
+ # resp.rule.predicates #=> Array
1019
+ # resp.rule.predicates[0].negated #=> Boolean
1020
+ # resp.rule.predicates[0].type #=> String, one of "IPMatch", "ByteMatch", "SqlInjectionMatch", "SizeConstraint", "XssMatch"
1021
+ # resp.rule.predicates[0].data_id #=> String
1022
+ # @overload get_rule(params = {})
1023
+ # @param [Hash] params ({})
1024
+ def get_rule(params = {}, options = {})
1025
+ req = build_request(:get_rule, params)
1026
+ req.send_request(options)
1027
+ end
1028
+
1029
+ # Gets detailed information about a specified number of requests--a
1030
+ # sample--that AWS WAF randomly selects from among the first 5,000
1031
+ # requests that your AWS resource received during a time range that you
1032
+ # choose. You can specify a sample size of up to 100 requests, and you
1033
+ # can specify any time range in the previous three hours.
1034
+ #
1035
+ # `GetSampledRequests` returns a time range, which is usually the time
1036
+ # range that you specified. However, if your resource (such as a
1037
+ # CloudFront distribution) received 5,000 requests before the specified
1038
+ # time range elapsed, `GetSampledRequests` returns an updated time
1039
+ # range. This new time range indicates the actual period during which
1040
+ # AWS WAF selected the requests in the sample.
1041
+ # @option params [required, String] :web_acl_id
1042
+ # The `WebACLId` of the `WebACL` for which you want `GetSampledRequests`
1043
+ # to return a sample of requests.
1044
+ # @option params [required, String] :rule_id
1045
+ # `RuleId` is one of two values:
1046
+ #
1047
+ # * The `RuleId` of the `Rule` for which you want `GetSampledRequests`
1048
+ # to return a sample of requests.
1049
+ #
1050
+ # * `Default_Action`, which causes `GetSampledRequests` to return a
1051
+ # sample of the requests that didn't match any of the rules in the
1052
+ # specified `WebACL`.
1053
+ # @option params [required, Types::TimeWindow] :time_window
1054
+ # The start date and time and the end date and time of the range for
1055
+ # which you want `GetSampledRequests` to return a sample of requests.
1056
+ # Specify the date and time in Unix time format (in seconds). You can
1057
+ # specify any time range in the previous three hours.
1058
+ # @option params [required, Integer] :max_items
1059
+ # The number of requests that you want AWS WAF to return from among the
1060
+ # first 5,000 requests that your AWS resource received during the time
1061
+ # range. If your resource received fewer requests than the value of
1062
+ # `MaxItems`, `GetSampledRequests` returns information about all of
1063
+ # them.
1064
+ # @return [Types::GetSampledRequestsResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
1065
+ #
1066
+ # * {Types::GetSampledRequestsResponse#sampled_requests #SampledRequests} => Array&lt;Types::SampledHTTPRequest&gt;
1067
+ # * {Types::GetSampledRequestsResponse#population_size #PopulationSize} => Integer
1068
+ # * {Types::GetSampledRequestsResponse#time_window #TimeWindow} => Types::TimeWindow
1069
+ #
1070
+ # @example Request syntax with placeholder values
1071
+ # resp = client.get_sampled_requests({
1072
+ # web_acl_id: "ResourceId", # required
1073
+ # rule_id: "ResourceId", # required
1074
+ # time_window: { # required
1075
+ # start_time: Time.now, # required
1076
+ # end_time: Time.now, # required
1077
+ # },
1078
+ # max_items: 1, # required
1079
+ # })
1080
+ #
1081
+ # @example Response structure
1082
+ # resp.sampled_requests #=> Array
1083
+ # resp.sampled_requests[0].request.client_ip #=> String
1084
+ # resp.sampled_requests[0].request.country #=> String
1085
+ # resp.sampled_requests[0].request.uri #=> String
1086
+ # resp.sampled_requests[0].request.method #=> String
1087
+ # resp.sampled_requests[0].request.http_version #=> String
1088
+ # resp.sampled_requests[0].request.headers #=> Array
1089
+ # resp.sampled_requests[0].request.headers[0].name #=> String
1090
+ # resp.sampled_requests[0].request.headers[0].value #=> String
1091
+ # resp.sampled_requests[0].weight #=> Integer
1092
+ # resp.sampled_requests[0].timestamp #=> Time
1093
+ # resp.sampled_requests[0].action #=> String
1094
+ # resp.population_size #=> Integer
1095
+ # resp.time_window.start_time #=> Time
1096
+ # resp.time_window.end_time #=> Time
1097
+ # @overload get_sampled_requests(params = {})
1098
+ # @param [Hash] params ({})
1099
+ def get_sampled_requests(params = {}, options = {})
1100
+ req = build_request(:get_sampled_requests, params)
1101
+ req.send_request(options)
1102
+ end
1103
+
1104
+ # Returns the SizeConstraintSet specified by `SizeConstraintSetId`.
1105
+ # @option params [required, String] :size_constraint_set_id
1106
+ # The `SizeConstraintSetId` of the SizeConstraintSet that you want to
1107
+ # get. `SizeConstraintSetId` is returned by CreateSizeConstraintSet and
1108
+ # by ListSizeConstraintSets.
1109
+ # @return [Types::GetSizeConstraintSetResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
1110
+ #
1111
+ # * {Types::GetSizeConstraintSetResponse#size_constraint_set #SizeConstraintSet} => Types::SizeConstraintSet
1112
+ #
1113
+ # @example Request syntax with placeholder values
1114
+ # resp = client.get_size_constraint_set({
1115
+ # size_constraint_set_id: "ResourceId", # required
1116
+ # })
1117
+ #
1118
+ # @example Response structure
1119
+ # resp.size_constraint_set.size_constraint_set_id #=> String
1120
+ # resp.size_constraint_set.name #=> String
1121
+ # resp.size_constraint_set.size_constraints #=> Array
1122
+ # resp.size_constraint_set.size_constraints[0].field_to_match.type #=> String, one of "URI", "QUERY_STRING", "HEADER", "METHOD", "BODY"
1123
+ # resp.size_constraint_set.size_constraints[0].field_to_match.data #=> String
1124
+ # resp.size_constraint_set.size_constraints[0].text_transformation #=> String, one of "NONE", "COMPRESS_WHITE_SPACE", "HTML_ENTITY_DECODE", "LOWERCASE", "CMD_LINE", "URL_DECODE"
1125
+ # resp.size_constraint_set.size_constraints[0].comparison_operator #=> String, one of "EQ", "NE", "LE", "LT", "GE", "GT"
1126
+ # resp.size_constraint_set.size_constraints[0].size #=> Integer
1127
+ # @overload get_size_constraint_set(params = {})
1128
+ # @param [Hash] params ({})
1129
+ def get_size_constraint_set(params = {}, options = {})
1130
+ req = build_request(:get_size_constraint_set, params)
1131
+ req.send_request(options)
1132
+ end
1133
+
1134
+ # Returns the SqlInjectionMatchSet that is specified by
1135
+ # `SqlInjectionMatchSetId`.
1136
+ # @option params [required, String] :sql_injection_match_set_id
1137
+ # The `SqlInjectionMatchSetId` of the SqlInjectionMatchSet that you want
1138
+ # to get. `SqlInjectionMatchSetId` is returned by
1139
+ # CreateSqlInjectionMatchSet and by ListSqlInjectionMatchSets.
1140
+ # @return [Types::GetSqlInjectionMatchSetResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
1141
+ #
1142
+ # * {Types::GetSqlInjectionMatchSetResponse#sql_injection_match_set #SqlInjectionMatchSet} => Types::SqlInjectionMatchSet
1143
+ #
1144
+ # @example Request syntax with placeholder values
1145
+ # resp = client.get_sql_injection_match_set({
1146
+ # sql_injection_match_set_id: "ResourceId", # required
1147
+ # })
1148
+ #
1149
+ # @example Response structure
1150
+ # resp.sql_injection_match_set.sql_injection_match_set_id #=> String
1151
+ # resp.sql_injection_match_set.name #=> String
1152
+ # resp.sql_injection_match_set.sql_injection_match_tuples #=> Array
1153
+ # resp.sql_injection_match_set.sql_injection_match_tuples[0].field_to_match.type #=> String, one of "URI", "QUERY_STRING", "HEADER", "METHOD", "BODY"
1154
+ # resp.sql_injection_match_set.sql_injection_match_tuples[0].field_to_match.data #=> String
1155
+ # resp.sql_injection_match_set.sql_injection_match_tuples[0].text_transformation #=> String, one of "NONE", "COMPRESS_WHITE_SPACE", "HTML_ENTITY_DECODE", "LOWERCASE", "CMD_LINE", "URL_DECODE"
1156
+ # @overload get_sql_injection_match_set(params = {})
1157
+ # @param [Hash] params ({})
1158
+ def get_sql_injection_match_set(params = {}, options = {})
1159
+ req = build_request(:get_sql_injection_match_set, params)
1160
+ req.send_request(options)
1161
+ end
1162
+
1163
+ # Returns the WebACL that is specified by `WebACLId`.
1164
+ # @option params [required, String] :web_acl_id
1165
+ # The `WebACLId` of the WebACL that you want to get. `WebACLId` is
1166
+ # returned by CreateWebACL and by ListWebACLs.
1167
+ # @return [Types::GetWebACLResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
1168
+ #
1169
+ # * {Types::GetWebACLResponse#web_acl #WebACL} => Types::WebACL
1170
+ #
1171
+ # @example Request syntax with placeholder values
1172
+ # resp = client.get_web_acl({
1173
+ # web_acl_id: "ResourceId", # required
1174
+ # })
1175
+ #
1176
+ # @example Response structure
1177
+ # resp.web_acl.web_acl_id #=> String
1178
+ # resp.web_acl.name #=> String
1179
+ # resp.web_acl.metric_name #=> String
1180
+ # resp.web_acl.default_action.type #=> String, one of "BLOCK", "ALLOW", "COUNT"
1181
+ # resp.web_acl.rules #=> Array
1182
+ # resp.web_acl.rules[0].priority #=> Integer
1183
+ # resp.web_acl.rules[0].rule_id #=> String
1184
+ # resp.web_acl.rules[0].action.type #=> String, one of "BLOCK", "ALLOW", "COUNT"
1185
+ # @overload get_web_acl(params = {})
1186
+ # @param [Hash] params ({})
1187
+ def get_web_acl(params = {}, options = {})
1188
+ req = build_request(:get_web_acl, params)
1189
+ req.send_request(options)
1190
+ end
1191
+
1192
+ # Returns the XssMatchSet that is specified by `XssMatchSetId`.
1193
+ # @option params [required, String] :xss_match_set_id
1194
+ # The `XssMatchSetId` of the XssMatchSet that you want to get.
1195
+ # `XssMatchSetId` is returned by CreateXssMatchSet and by
1196
+ # ListXssMatchSets.
1197
+ # @return [Types::GetXssMatchSetResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
1198
+ #
1199
+ # * {Types::GetXssMatchSetResponse#xss_match_set #XssMatchSet} => Types::XssMatchSet
1200
+ #
1201
+ # @example Request syntax with placeholder values
1202
+ # resp = client.get_xss_match_set({
1203
+ # xss_match_set_id: "ResourceId", # required
1204
+ # })
1205
+ #
1206
+ # @example Response structure
1207
+ # resp.xss_match_set.xss_match_set_id #=> String
1208
+ # resp.xss_match_set.name #=> String
1209
+ # resp.xss_match_set.xss_match_tuples #=> Array
1210
+ # resp.xss_match_set.xss_match_tuples[0].field_to_match.type #=> String, one of "URI", "QUERY_STRING", "HEADER", "METHOD", "BODY"
1211
+ # resp.xss_match_set.xss_match_tuples[0].field_to_match.data #=> String
1212
+ # resp.xss_match_set.xss_match_tuples[0].text_transformation #=> String, one of "NONE", "COMPRESS_WHITE_SPACE", "HTML_ENTITY_DECODE", "LOWERCASE", "CMD_LINE", "URL_DECODE"
1213
+ # @overload get_xss_match_set(params = {})
1214
+ # @param [Hash] params ({})
1215
+ def get_xss_match_set(params = {}, options = {})
1216
+ req = build_request(:get_xss_match_set, params)
1217
+ req.send_request(options)
1218
+ end
1219
+
1220
+ # Returns an array of ByteMatchSetSummary objects.
1221
+ # @option params [String] :next_marker
1222
+ # If you specify a value for `Limit` and you have more `ByteMatchSets`
1223
+ # than the value of `Limit`, AWS WAF returns a `NextMarker` value in the
1224
+ # response that allows you to list another group of `ByteMatchSets`. For
1225
+ # the second and subsequent `ListByteMatchSets` requests, specify the
1226
+ # value of `NextMarker` from the previous response to get information
1227
+ # about another batch of `ByteMatchSets`.
1228
+ # @option params [Integer] :limit
1229
+ # Specifies the number of `ByteMatchSet` objects that you want AWS WAF
1230
+ # to return for this request. If you have more `ByteMatchSets` objects
1231
+ # than the number you specify for `Limit`, the response includes a
1232
+ # `NextMarker` value that you can use to get another batch of
1233
+ # `ByteMatchSet` objects.
1234
+ # @return [Types::ListByteMatchSetsResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
1235
+ #
1236
+ # * {Types::ListByteMatchSetsResponse#next_marker #NextMarker} => String
1237
+ # * {Types::ListByteMatchSetsResponse#byte_match_sets #ByteMatchSets} => Array&lt;Types::ByteMatchSetSummary&gt;
1238
+ #
1239
+ # @example Request syntax with placeholder values
1240
+ # resp = client.list_byte_match_sets({
1241
+ # next_marker: "NextMarker",
1242
+ # limit: 1,
1243
+ # })
1244
+ #
1245
+ # @example Response structure
1246
+ # resp.next_marker #=> String
1247
+ # resp.byte_match_sets #=> Array
1248
+ # resp.byte_match_sets[0].byte_match_set_id #=> String
1249
+ # resp.byte_match_sets[0].name #=> String
1250
+ # @overload list_byte_match_sets(params = {})
1251
+ # @param [Hash] params ({})
1252
+ def list_byte_match_sets(params = {}, options = {})
1253
+ req = build_request(:list_byte_match_sets, params)
1254
+ req.send_request(options)
1255
+ end
1256
+
1257
+ # Returns an array of IPSetSummary objects in the response.
1258
+ # @option params [String] :next_marker
1259
+ # If you specify a value for `Limit` and you have more `IPSets` than the
1260
+ # value of `Limit`, AWS WAF returns a `NextMarker` value in the response
1261
+ # that allows you to list another group of `IPSets`. For the second and
1262
+ # subsequent `ListIPSets` requests, specify the value of `NextMarker`
1263
+ # from the previous response to get information about another batch of
1264
+ # `ByteMatchSets`.
1265
+ # @option params [Integer] :limit
1266
+ # Specifies the number of `IPSet` objects that you want AWS WAF to
1267
+ # return for this request. If you have more `IPSet` objects than the
1268
+ # number you specify for `Limit`, the response includes a `NextMarker`
1269
+ # value that you can use to get another batch of `IPSet` objects.
1270
+ # @return [Types::ListIPSetsResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
1271
+ #
1272
+ # * {Types::ListIPSetsResponse#next_marker #NextMarker} => String
1273
+ # * {Types::ListIPSetsResponse#ip_sets #IPSets} => Array&lt;Types::IPSetSummary&gt;
1274
+ #
1275
+ # @example Request syntax with placeholder values
1276
+ # resp = client.list_ip_sets({
1277
+ # next_marker: "NextMarker",
1278
+ # limit: 1,
1279
+ # })
1280
+ #
1281
+ # @example Response structure
1282
+ # resp.next_marker #=> String
1283
+ # resp.ip_sets #=> Array
1284
+ # resp.ip_sets[0].ip_set_id #=> String
1285
+ # resp.ip_sets[0].name #=> String
1286
+ # @overload list_ip_sets(params = {})
1287
+ # @param [Hash] params ({})
1288
+ def list_ip_sets(params = {}, options = {})
1289
+ req = build_request(:list_ip_sets, params)
1290
+ req.send_request(options)
1291
+ end
1292
+
1293
+ # Returns an array of RuleSummary objects.
1294
+ # @option params [String] :next_marker
1295
+ # If you specify a value for `Limit` and you have more `Rules` than the
1296
+ # value of `Limit`, AWS WAF returns a `NextMarker` value in the response
1297
+ # that allows you to list another group of `Rules`. For the second and
1298
+ # subsequent `ListRules` requests, specify the value of `NextMarker`
1299
+ # from the previous response to get information about another batch of
1300
+ # `Rules`.
1301
+ # @option params [Integer] :limit
1302
+ # Specifies the number of `Rules` that you want AWS WAF to return for
1303
+ # this request. If you have more `Rules` than the number that you
1304
+ # specify for `Limit`, the response includes a `NextMarker` value that
1305
+ # you can use to get another batch of `Rules`.
1306
+ # @return [Types::ListRulesResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
1307
+ #
1308
+ # * {Types::ListRulesResponse#next_marker #NextMarker} => String
1309
+ # * {Types::ListRulesResponse#rules #Rules} => Array&lt;Types::RuleSummary&gt;
1310
+ #
1311
+ # @example Request syntax with placeholder values
1312
+ # resp = client.list_rules({
1313
+ # next_marker: "NextMarker",
1314
+ # limit: 1,
1315
+ # })
1316
+ #
1317
+ # @example Response structure
1318
+ # resp.next_marker #=> String
1319
+ # resp.rules #=> Array
1320
+ # resp.rules[0].rule_id #=> String
1321
+ # resp.rules[0].name #=> String
1322
+ # @overload list_rules(params = {})
1323
+ # @param [Hash] params ({})
1324
+ def list_rules(params = {}, options = {})
1325
+ req = build_request(:list_rules, params)
1326
+ req.send_request(options)
1327
+ end
1328
+
1329
+ # Returns an array of SizeConstraintSetSummary objects.
1330
+ # @option params [String] :next_marker
1331
+ # If you specify a value for `Limit` and you have more
1332
+ # `SizeConstraintSets` than the value of `Limit`, AWS WAF returns a
1333
+ # `NextMarker` value in the response that allows you to list another
1334
+ # group of `SizeConstraintSets`. For the second and subsequent
1335
+ # `ListSizeConstraintSets` requests, specify the value of `NextMarker`
1336
+ # from the previous response to get information about another batch of
1337
+ # `SizeConstraintSets`.
1338
+ # @option params [Integer] :limit
1339
+ # Specifies the number of `SizeConstraintSet` objects that you want AWS
1340
+ # WAF to return for this request. If you have more `SizeConstraintSets`
1341
+ # objects than the number you specify for `Limit`, the response includes
1342
+ # a `NextMarker` value that you can use to get another batch of
1343
+ # `SizeConstraintSet` objects.
1344
+ # @return [Types::ListSizeConstraintSetsResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
1345
+ #
1346
+ # * {Types::ListSizeConstraintSetsResponse#next_marker #NextMarker} => String
1347
+ # * {Types::ListSizeConstraintSetsResponse#size_constraint_sets #SizeConstraintSets} => Array&lt;Types::SizeConstraintSetSummary&gt;
1348
+ #
1349
+ # @example Request syntax with placeholder values
1350
+ # resp = client.list_size_constraint_sets({
1351
+ # next_marker: "NextMarker",
1352
+ # limit: 1,
1353
+ # })
1354
+ #
1355
+ # @example Response structure
1356
+ # resp.next_marker #=> String
1357
+ # resp.size_constraint_sets #=> Array
1358
+ # resp.size_constraint_sets[0].size_constraint_set_id #=> String
1359
+ # resp.size_constraint_sets[0].name #=> String
1360
+ # @overload list_size_constraint_sets(params = {})
1361
+ # @param [Hash] params ({})
1362
+ def list_size_constraint_sets(params = {}, options = {})
1363
+ req = build_request(:list_size_constraint_sets, params)
1364
+ req.send_request(options)
1365
+ end
1366
+
1367
+ # Returns an array of SqlInjectionMatchSet objects.
1368
+ # @option params [String] :next_marker
1369
+ # If you specify a value for `Limit` and you have more
1370
+ # SqlInjectionMatchSet objects than the value of `Limit`, AWS WAF
1371
+ # returns a `NextMarker` value in the response that allows you to list
1372
+ # another group of `SqlInjectionMatchSets`. For the second and
1373
+ # subsequent `ListSqlInjectionMatchSets` requests, specify the value of
1374
+ # `NextMarker` from the previous response to get information about
1375
+ # another batch of `SqlInjectionMatchSets`.
1376
+ # @option params [Integer] :limit
1377
+ # Specifies the number of SqlInjectionMatchSet objects that you want AWS
1378
+ # WAF to return for this request. If you have more
1379
+ # `SqlInjectionMatchSet` objects than the number you specify for
1380
+ # `Limit`, the response includes a `NextMarker` value that you can use
1381
+ # to get another batch of `Rules`.
1382
+ # @return [Types::ListSqlInjectionMatchSetsResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
1383
+ #
1384
+ # * {Types::ListSqlInjectionMatchSetsResponse#next_marker #NextMarker} => String
1385
+ # * {Types::ListSqlInjectionMatchSetsResponse#sql_injection_match_sets #SqlInjectionMatchSets} => Array&lt;Types::SqlInjectionMatchSetSummary&gt;
1386
+ #
1387
+ # @example Request syntax with placeholder values
1388
+ # resp = client.list_sql_injection_match_sets({
1389
+ # next_marker: "NextMarker",
1390
+ # limit: 1,
1391
+ # })
1392
+ #
1393
+ # @example Response structure
1394
+ # resp.next_marker #=> String
1395
+ # resp.sql_injection_match_sets #=> Array
1396
+ # resp.sql_injection_match_sets[0].sql_injection_match_set_id #=> String
1397
+ # resp.sql_injection_match_sets[0].name #=> String
1398
+ # @overload list_sql_injection_match_sets(params = {})
1399
+ # @param [Hash] params ({})
1400
+ def list_sql_injection_match_sets(params = {}, options = {})
1401
+ req = build_request(:list_sql_injection_match_sets, params)
1402
+ req.send_request(options)
1403
+ end
1404
+
1405
+ # Returns an array of WebACLSummary objects in the response.
1406
+ # @option params [String] :next_marker
1407
+ # If you specify a value for `Limit` and you have more `WebACL` objects
1408
+ # than the number that you specify for `Limit`, AWS WAF returns a
1409
+ # `NextMarker` value in the response that allows you to list another
1410
+ # group of `WebACL` objects. For the second and subsequent `ListWebACLs`
1411
+ # requests, specify the value of `NextMarker` from the previous response
1412
+ # to get information about another batch of `WebACL` objects.
1413
+ # @option params [Integer] :limit
1414
+ # Specifies the number of `WebACL` objects that you want AWS WAF to
1415
+ # return for this request. If you have more `WebACL` objects than the
1416
+ # number that you specify for `Limit`, the response includes a
1417
+ # `NextMarker` value that you can use to get another batch of `WebACL`
1418
+ # objects.
1419
+ # @return [Types::ListWebACLsResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
1420
+ #
1421
+ # * {Types::ListWebACLsResponse#next_marker #NextMarker} => String
1422
+ # * {Types::ListWebACLsResponse#web_acls #WebACLs} => Array&lt;Types::WebACLSummary&gt;
1423
+ #
1424
+ # @example Request syntax with placeholder values
1425
+ # resp = client.list_web_acls({
1426
+ # next_marker: "NextMarker",
1427
+ # limit: 1,
1428
+ # })
1429
+ #
1430
+ # @example Response structure
1431
+ # resp.next_marker #=> String
1432
+ # resp.web_acls #=> Array
1433
+ # resp.web_acls[0].web_acl_id #=> String
1434
+ # resp.web_acls[0].name #=> String
1435
+ # @overload list_web_acls(params = {})
1436
+ # @param [Hash] params ({})
1437
+ def list_web_acls(params = {}, options = {})
1438
+ req = build_request(:list_web_acls, params)
1439
+ req.send_request(options)
1440
+ end
1441
+
1442
+ # Returns an array of XssMatchSet objects.
1443
+ # @option params [String] :next_marker
1444
+ # If you specify a value for `Limit` and you have more XssMatchSet
1445
+ # objects than the value of `Limit`, AWS WAF returns a `NextMarker`
1446
+ # value in the response that allows you to list another group of
1447
+ # `XssMatchSets`. For the second and subsequent `ListXssMatchSets`
1448
+ # requests, specify the value of `NextMarker` from the previous response
1449
+ # to get information about another batch of `XssMatchSets`.
1450
+ # @option params [Integer] :limit
1451
+ # Specifies the number of XssMatchSet objects that you want AWS WAF to
1452
+ # return for this request. If you have more `XssMatchSet` objects than
1453
+ # the number you specify for `Limit`, the response includes a
1454
+ # `NextMarker` value that you can use to get another batch of `Rules`.
1455
+ # @return [Types::ListXssMatchSetsResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
1456
+ #
1457
+ # * {Types::ListXssMatchSetsResponse#next_marker #NextMarker} => String
1458
+ # * {Types::ListXssMatchSetsResponse#xss_match_sets #XssMatchSets} => Array&lt;Types::XssMatchSetSummary&gt;
1459
+ #
1460
+ # @example Request syntax with placeholder values
1461
+ # resp = client.list_xss_match_sets({
1462
+ # next_marker: "NextMarker",
1463
+ # limit: 1,
1464
+ # })
1465
+ #
1466
+ # @example Response structure
1467
+ # resp.next_marker #=> String
1468
+ # resp.xss_match_sets #=> Array
1469
+ # resp.xss_match_sets[0].xss_match_set_id #=> String
1470
+ # resp.xss_match_sets[0].name #=> String
1471
+ # @overload list_xss_match_sets(params = {})
1472
+ # @param [Hash] params ({})
1473
+ def list_xss_match_sets(params = {}, options = {})
1474
+ req = build_request(:list_xss_match_sets, params)
1475
+ req.send_request(options)
1476
+ end
1477
+
1478
+ # Inserts or deletes ByteMatchTuple objects (filters) in a ByteMatchSet.
1479
+ # For each `ByteMatchTuple` object, you specify the following values:
1480
+ #
1481
+ # * Whether to insert or delete the object from the array. If you want
1482
+ # to change a `ByteMatchSetUpdate` object, you delete the existing
1483
+ # object and add a new one.
1484
+ #
1485
+ # * The part of a web request that you want AWS WAF to inspect, such as
1486
+ # a query string or the value of the `User-Agent` header.
1487
+ #
1488
+ # * The bytes (typically a string that corresponds with ASCII
1489
+ # characters) that you want AWS WAF to look for. For more information,
1490
+ # including how you specify the values for the AWS WAF API and the AWS
1491
+ # CLI or SDKs, see `TargetString` in the ByteMatchTuple data type.
1492
+ #
1493
+ # * Where to look, such as at the beginning or the end of a query
1494
+ # string.
1495
+ #
1496
+ # * Whether to perform any conversions on the request, such as
1497
+ # converting it to lowercase, before inspecting it for the specified
1498
+ # string.
1499
+ #
1500
+ # For example, you can add a `ByteMatchSetUpdate` object that matches
1501
+ # web requests in which `User-Agent` headers contain the string
1502
+ # `BadBot`. You can then configure AWS WAF to block those requests.
1503
+ #
1504
+ # To create and configure a `ByteMatchSet`, perform the following steps:
1505
+ #
1506
+ # 1. Create a `ByteMatchSet.` For more information, see
1507
+ # CreateByteMatchSet.
1508
+ #
1509
+ # 2. Use GetChangeToken to get the change token that you provide in the
1510
+ # `ChangeToken` parameter of an `UpdateByteMatchSet` request.
1511
+ #
1512
+ # 3. Submit an `UpdateByteMatchSet` request to specify the part of the
1513
+ # request that you want AWS WAF to inspect (for example, the header
1514
+ # or the URI) and the value that you want AWS WAF to watch for.
1515
+ #
1516
+ # For more information about how to use the AWS WAF API to allow or
1517
+ # block HTTP requests, see the [AWS WAF Developer Guide][1].
1518
+ #
1519
+ #
1520
+ #
1521
+ # [1]: http://docs.aws.amazon.com/waf/latest/developerguide/
1522
+ # @option params [required, String] :byte_match_set_id
1523
+ # The `ByteMatchSetId` of the ByteMatchSet that you want to update.
1524
+ # `ByteMatchSetId` is returned by CreateByteMatchSet and by
1525
+ # ListByteMatchSets.
1526
+ # @option params [required, String] :change_token
1527
+ # The value returned by the most recent call to GetChangeToken.
1528
+ # @option params [required, Array<Types::ByteMatchSetUpdate>] :updates
1529
+ # An array of `ByteMatchSetUpdate` objects that you want to insert into
1530
+ # or delete from a ByteMatchSet. For more information, see the
1531
+ # applicable data types:
1532
+ #
1533
+ # * ByteMatchSetUpdate: Contains `Action` and `ByteMatchTuple`
1534
+ #
1535
+ # * ByteMatchTuple: Contains `FieldToMatch`, `PositionalConstraint`,
1536
+ # `TargetString`, and `TextTransformation`
1537
+ #
1538
+ # * FieldToMatch: Contains `Data` and `Type`
1539
+ # @return [Types::UpdateByteMatchSetResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
1540
+ #
1541
+ # * {Types::UpdateByteMatchSetResponse#change_token #ChangeToken} => String
1542
+ #
1543
+ # @example Request syntax with placeholder values
1544
+ # resp = client.update_byte_match_set({
1545
+ # byte_match_set_id: "ResourceId", # required
1546
+ # change_token: "ChangeToken", # required
1547
+ # updates: [ # required
1548
+ # {
1549
+ # action: "INSERT", # required, accepts INSERT, DELETE
1550
+ # byte_match_tuple: { # required
1551
+ # field_to_match: { # required
1552
+ # type: "URI", # required, accepts URI, QUERY_STRING, HEADER, METHOD, BODY
1553
+ # data: "MatchFieldData",
1554
+ # },
1555
+ # target_string: "data", # required
1556
+ # text_transformation: "NONE", # required, accepts NONE, COMPRESS_WHITE_SPACE, HTML_ENTITY_DECODE, LOWERCASE, CMD_LINE, URL_DECODE
1557
+ # positional_constraint: "EXACTLY", # required, accepts EXACTLY, STARTS_WITH, ENDS_WITH, CONTAINS, CONTAINS_WORD
1558
+ # },
1559
+ # },
1560
+ # ],
1561
+ # })
1562
+ #
1563
+ # @example Response structure
1564
+ # resp.change_token #=> String
1565
+ # @overload update_byte_match_set(params = {})
1566
+ # @param [Hash] params ({})
1567
+ def update_byte_match_set(params = {}, options = {})
1568
+ req = build_request(:update_byte_match_set, params)
1569
+ req.send_request(options)
1570
+ end
1571
+
1572
+ # Inserts or deletes IPSetDescriptor objects in an `IPSet`. For each
1573
+ # `IPSetDescriptor` object, you specify the following values:
1574
+ #
1575
+ # * Whether to insert or delete the object from the array. If you want
1576
+ # to change an `IPSetDescriptor` object, you delete the existing
1577
+ # object and add a new one.
1578
+ #
1579
+ # * The IP address version, `IPv4`.
1580
+ #
1581
+ # * The IP address in CIDR notation, for example, `192.0.2.0/24` (for
1582
+ # the range of IP addresses from `192.0.2.0` to `192.0.2.255`) or
1583
+ # `192.0.2.44/32` (for the individual IP address `192.0.2.44`).
1584
+ #
1585
+ # AWS WAF supports /8, /16, /24, and /32 IP address ranges. For more
1586
+ # information about CIDR notation, see the Wikipedia entry [Classless
1587
+ # Inter-Domain Routing][1].
1588
+ #
1589
+ # You use an `IPSet` to specify which web requests you want to allow or
1590
+ # block based on the IP addresses that the requests originated from. For
1591
+ # example, if you're receiving a lot of requests from one or a small
1592
+ # number of IP addresses and you want to block the requests, you can
1593
+ # create an `IPSet` that specifies those IP addresses, and then
1594
+ # configure AWS WAF to block the requests.
1595
+ #
1596
+ # To create and configure an `IPSet`, perform the following steps:
1597
+ #
1598
+ # 1. Submit a CreateIPSet request.
1599
+ #
1600
+ # 2. Use GetChangeToken to get the change token that you provide in the
1601
+ # `ChangeToken` parameter of an UpdateIPSet request.
1602
+ #
1603
+ # 3. Submit an `UpdateIPSet` request to specify the IP addresses that
1604
+ # you want AWS WAF to watch for.
1605
+ #
1606
+ # When you update an `IPSet`, you specify the IP addresses that you want
1607
+ # to add and/or the IP addresses that you want to delete. If you want to
1608
+ # change an IP address, you delete the existing IP address and add the
1609
+ # new one.
1610
+ #
1611
+ # For more information about how to use the AWS WAF API to allow or
1612
+ # block HTTP requests, see the [AWS WAF Developer Guide][2].
1613
+ #
1614
+ #
1615
+ #
1616
+ # [1]: https://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing
1617
+ # [2]: http://docs.aws.amazon.com/waf/latest/developerguide/
1618
+ # @option params [required, String] :ip_set_id
1619
+ # The `IPSetId` of the IPSet that you want to update. `IPSetId` is
1620
+ # returned by CreateIPSet and by ListIPSets.
1621
+ # @option params [required, String] :change_token
1622
+ # The value returned by the most recent call to GetChangeToken.
1623
+ # @option params [required, Array<Types::IPSetUpdate>] :updates
1624
+ # An array of `IPSetUpdate` objects that you want to insert into or
1625
+ # delete from an IPSet. For more information, see the applicable data
1626
+ # types:
1627
+ #
1628
+ # * IPSetUpdate: Contains `Action` and `IPSetDescriptor`
1629
+ #
1630
+ # * IPSetDescriptor: Contains `Type` and `Value`
1631
+ # @return [Types::UpdateIPSetResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
1632
+ #
1633
+ # * {Types::UpdateIPSetResponse#change_token #ChangeToken} => String
1634
+ #
1635
+ # @example Request syntax with placeholder values
1636
+ # resp = client.update_ip_set({
1637
+ # ip_set_id: "ResourceId", # required
1638
+ # change_token: "ChangeToken", # required
1639
+ # updates: [ # required
1640
+ # {
1641
+ # action: "INSERT", # required, accepts INSERT, DELETE
1642
+ # ip_set_descriptor: { # required
1643
+ # type: "IPV4", # required, accepts IPV4, IPV6
1644
+ # value: "IPSetDescriptorValue", # required
1645
+ # },
1646
+ # },
1647
+ # ],
1648
+ # })
1649
+ #
1650
+ # @example Response structure
1651
+ # resp.change_token #=> String
1652
+ # @overload update_ip_set(params = {})
1653
+ # @param [Hash] params ({})
1654
+ def update_ip_set(params = {}, options = {})
1655
+ req = build_request(:update_ip_set, params)
1656
+ req.send_request(options)
1657
+ end
1658
+
1659
+ # Inserts or deletes Predicate objects in a `Rule`. Each `Predicate`
1660
+ # object identifies a predicate, such as a ByteMatchSet or an IPSet,
1661
+ # that specifies the web requests that you want to allow, block, or
1662
+ # count. If you add more than one predicate to a `Rule`, a request must
1663
+ # match all of the specifications to be allowed, blocked, or counted.
1664
+ # For example, suppose you add the following to a `Rule`\:
1665
+ #
1666
+ # * A `ByteMatchSet` that matches the value `BadBot` in the `User-Agent`
1667
+ # header
1668
+ #
1669
+ # * An `IPSet` that matches the IP address `192.0.2.44`
1670
+ #
1671
+ # You then add the `Rule` to a `WebACL` and specify that you want to
1672
+ # block requests that satisfy the `Rule`. For a request to be blocked,
1673
+ # the `User-Agent` header in the request must contain the value `BadBot`
1674
+ # *and* the request must originate from the IP address 192.0.2.44.
1675
+ #
1676
+ # To create and configure a `Rule`, perform the following steps:
1677
+ #
1678
+ # 1. Create and update the predicates that you want to include in the
1679
+ # `Rule`.
1680
+ #
1681
+ # 2. Create the `Rule`. See CreateRule.
1682
+ #
1683
+ # 3. Use `GetChangeToken` to get the change token that you provide in
1684
+ # the `ChangeToken` parameter of an UpdateRule request.
1685
+ #
1686
+ # 4. Submit an `UpdateRule` request to add predicates to the `Rule`.
1687
+ #
1688
+ # 5. Create and update a `WebACL` that contains the `Rule`. See
1689
+ # CreateWebACL.
1690
+ #
1691
+ # If you want to replace one `ByteMatchSet` or `IPSet` with another, you
1692
+ # delete the existing one and add the new one.
1693
+ #
1694
+ # For more information about how to use the AWS WAF API to allow or
1695
+ # block HTTP requests, see the [AWS WAF Developer Guide][1].
1696
+ #
1697
+ #
1698
+ #
1699
+ # [1]: http://docs.aws.amazon.com/waf/latest/developerguide/
1700
+ # @option params [required, String] :rule_id
1701
+ # The `RuleId` of the `Rule` that you want to update. `RuleId` is
1702
+ # returned by `CreateRule` and by ListRules.
1703
+ # @option params [required, String] :change_token
1704
+ # The value returned by the most recent call to GetChangeToken.
1705
+ # @option params [required, Array<Types::RuleUpdate>] :updates
1706
+ # An array of `RuleUpdate` objects that you want to insert into or
1707
+ # delete from a Rule. For more information, see the applicable data
1708
+ # types:
1709
+ #
1710
+ # * RuleUpdate: Contains `Action` and `Predicate`
1711
+ #
1712
+ # * Predicate: Contains `DataId`, `Negated`, and `Type`
1713
+ #
1714
+ # * FieldToMatch: Contains `Data` and `Type`
1715
+ # @return [Types::UpdateRuleResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
1716
+ #
1717
+ # * {Types::UpdateRuleResponse#change_token #ChangeToken} => String
1718
+ #
1719
+ # @example Request syntax with placeholder values
1720
+ # resp = client.update_rule({
1721
+ # rule_id: "ResourceId", # required
1722
+ # change_token: "ChangeToken", # required
1723
+ # updates: [ # required
1724
+ # {
1725
+ # action: "INSERT", # required, accepts INSERT, DELETE
1726
+ # predicate: { # required
1727
+ # negated: false, # required
1728
+ # type: "IPMatch", # required, accepts IPMatch, ByteMatch, SqlInjectionMatch, SizeConstraint, XssMatch
1729
+ # data_id: "ResourceId", # required
1730
+ # },
1731
+ # },
1732
+ # ],
1733
+ # })
1734
+ #
1735
+ # @example Response structure
1736
+ # resp.change_token #=> String
1737
+ # @overload update_rule(params = {})
1738
+ # @param [Hash] params ({})
1739
+ def update_rule(params = {}, options = {})
1740
+ req = build_request(:update_rule, params)
1741
+ req.send_request(options)
1742
+ end
1743
+
1744
+ # Inserts or deletes SizeConstraint objects (filters) in a
1745
+ # SizeConstraintSet. For each `SizeConstraint` object, you specify the
1746
+ # following values:
1747
+ #
1748
+ # * Whether to insert or delete the object from the array. If you want
1749
+ # to change a `SizeConstraintSetUpdate` object, you delete the
1750
+ # existing object and add a new one.
1751
+ #
1752
+ # * The part of a web request that you want AWS WAF to evaluate, such as
1753
+ # the length of a query string or the length of the `User-Agent`
1754
+ # header.
1755
+ #
1756
+ # * Whether to perform any transformations on the request, such as
1757
+ # converting it to lowercase, before checking its length. Note that
1758
+ # transformations of the request body are not supported because the
1759
+ # AWS resource forwards only the first `8192` bytes of your request to
1760
+ # AWS WAF.
1761
+ #
1762
+ # * A `ComparisonOperator` used for evaluating the selected part of the
1763
+ # request against the specified `Size`, such as equals, greater than,
1764
+ # less than, and so on.
1765
+ #
1766
+ # * The length, in bytes, that you want AWS WAF to watch for in selected
1767
+ # part of the request. The length is computed after applying the
1768
+ # transformation.
1769
+ #
1770
+ # For example, you can add a `SizeConstraintSetUpdate` object that
1771
+ # matches web requests in which the length of the `User-Agent` header is
1772
+ # greater than 100 bytes. You can then configure AWS WAF to block those
1773
+ # requests.
1774
+ #
1775
+ # To create and configure a `SizeConstraintSet`, perform the following
1776
+ # steps:
1777
+ #
1778
+ # 1. Create a `SizeConstraintSet.` For more information, see
1779
+ # CreateSizeConstraintSet.
1780
+ #
1781
+ # 2. Use GetChangeToken to get the change token that you provide in the
1782
+ # `ChangeToken` parameter of an `UpdateSizeConstraintSet` request.
1783
+ #
1784
+ # 3. Submit an `UpdateSizeConstraintSet` request to specify the part of
1785
+ # the request that you want AWS WAF to inspect (for example, the
1786
+ # header or the URI) and the value that you want AWS WAF to watch
1787
+ # for.
1788
+ #
1789
+ # For more information about how to use the AWS WAF API to allow or
1790
+ # block HTTP requests, see the [AWS WAF Developer Guide][1].
1791
+ #
1792
+ #
1793
+ #
1794
+ # [1]: http://docs.aws.amazon.com/waf/latest/developerguide/
1795
+ # @option params [required, String] :size_constraint_set_id
1796
+ # The `SizeConstraintSetId` of the SizeConstraintSet that you want to
1797
+ # update. `SizeConstraintSetId` is returned by CreateSizeConstraintSet
1798
+ # and by ListSizeConstraintSets.
1799
+ # @option params [required, String] :change_token
1800
+ # The value returned by the most recent call to GetChangeToken.
1801
+ # @option params [required, Array<Types::SizeConstraintSetUpdate>] :updates
1802
+ # An array of `SizeConstraintSetUpdate` objects that you want to insert
1803
+ # into or delete from a SizeConstraintSet. For more information, see the
1804
+ # applicable data types:
1805
+ #
1806
+ # * SizeConstraintSetUpdate: Contains `Action` and `SizeConstraint`
1807
+ #
1808
+ # * SizeConstraint: Contains `FieldToMatch`, `TextTransformation`,
1809
+ # `ComparisonOperator`, and `Size`
1810
+ #
1811
+ # * FieldToMatch: Contains `Data` and `Type`
1812
+ # @return [Types::UpdateSizeConstraintSetResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
1813
+ #
1814
+ # * {Types::UpdateSizeConstraintSetResponse#change_token #ChangeToken} => String
1815
+ #
1816
+ # @example Request syntax with placeholder values
1817
+ # resp = client.update_size_constraint_set({
1818
+ # size_constraint_set_id: "ResourceId", # required
1819
+ # change_token: "ChangeToken", # required
1820
+ # updates: [ # required
1821
+ # {
1822
+ # action: "INSERT", # required, accepts INSERT, DELETE
1823
+ # size_constraint: { # required
1824
+ # field_to_match: { # required
1825
+ # type: "URI", # required, accepts URI, QUERY_STRING, HEADER, METHOD, BODY
1826
+ # data: "MatchFieldData",
1827
+ # },
1828
+ # text_transformation: "NONE", # required, accepts NONE, COMPRESS_WHITE_SPACE, HTML_ENTITY_DECODE, LOWERCASE, CMD_LINE, URL_DECODE
1829
+ # comparison_operator: "EQ", # required, accepts EQ, NE, LE, LT, GE, GT
1830
+ # size: 1, # required
1831
+ # },
1832
+ # },
1833
+ # ],
1834
+ # })
1835
+ #
1836
+ # @example Response structure
1837
+ # resp.change_token #=> String
1838
+ # @overload update_size_constraint_set(params = {})
1839
+ # @param [Hash] params ({})
1840
+ def update_size_constraint_set(params = {}, options = {})
1841
+ req = build_request(:update_size_constraint_set, params)
1842
+ req.send_request(options)
1843
+ end
1844
+
1845
+ # Inserts or deletes SqlInjectionMatchTuple objects (filters) in a
1846
+ # SqlInjectionMatchSet. For each `SqlInjectionMatchTuple` object, you
1847
+ # specify the following values:
1848
+ #
1849
+ # * `Action`\: Whether to insert the object into or delete the object
1850
+ # from the array. To change a `SqlInjectionMatchTuple`, you delete the
1851
+ # existing object and add a new one.
1852
+ #
1853
+ # * `FieldToMatch`\: The part of web requests that you want AWS WAF to
1854
+ # inspect and, if you want AWS WAF to inspect a header, the name of
1855
+ # the header.
1856
+ #
1857
+ # * `TextTransformation`\: Which text transformation, if any, to perform
1858
+ # on the web request before inspecting the request for snippets of
1859
+ # malicious SQL code.
1860
+ #
1861
+ # You use `SqlInjectionMatchSet` objects to specify which CloudFront
1862
+ # requests you want to allow, block, or count. For example, if you're
1863
+ # receiving requests that contain snippets of SQL code in the query
1864
+ # string and you want to block the requests, you can create a
1865
+ # `SqlInjectionMatchSet` with the applicable settings, and then
1866
+ # configure AWS WAF to block the requests.
1867
+ #
1868
+ # To create and configure a `SqlInjectionMatchSet`, perform the
1869
+ # following steps:
1870
+ #
1871
+ # 1. Submit a CreateSqlInjectionMatchSet request.
1872
+ #
1873
+ # 2. Use GetChangeToken to get the change token that you provide in the
1874
+ # `ChangeToken` parameter of an UpdateIPSet request.
1875
+ #
1876
+ # 3. Submit an `UpdateSqlInjectionMatchSet` request to specify the
1877
+ # parts of web requests that you want AWS WAF to inspect for
1878
+ # snippets of SQL code.
1879
+ #
1880
+ # For more information about how to use the AWS WAF API to allow or
1881
+ # block HTTP requests, see the [AWS WAF Developer Guide][1].
1882
+ #
1883
+ #
1884
+ #
1885
+ # [1]: http://docs.aws.amazon.com/waf/latest/developerguide/
1886
+ # @option params [required, String] :sql_injection_match_set_id
1887
+ # The `SqlInjectionMatchSetId` of the `SqlInjectionMatchSet` that you
1888
+ # want to update. `SqlInjectionMatchSetId` is returned by
1889
+ # CreateSqlInjectionMatchSet and by ListSqlInjectionMatchSets.
1890
+ # @option params [required, String] :change_token
1891
+ # The value returned by the most recent call to GetChangeToken.
1892
+ # @option params [required, Array<Types::SqlInjectionMatchSetUpdate>] :updates
1893
+ # An array of `SqlInjectionMatchSetUpdate` objects that you want to
1894
+ # insert into or delete from a SqlInjectionMatchSet. For more
1895
+ # information, see the applicable data types:
1896
+ #
1897
+ # * SqlInjectionMatchSetUpdate: Contains `Action` and
1898
+ # `SqlInjectionMatchTuple`
1899
+ #
1900
+ # * SqlInjectionMatchTuple: Contains `FieldToMatch` and
1901
+ # `TextTransformation`
1902
+ #
1903
+ # * FieldToMatch: Contains `Data` and `Type`
1904
+ # @return [Types::UpdateSqlInjectionMatchSetResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
1905
+ #
1906
+ # * {Types::UpdateSqlInjectionMatchSetResponse#change_token #ChangeToken} => String
1907
+ #
1908
+ # @example Request syntax with placeholder values
1909
+ # resp = client.update_sql_injection_match_set({
1910
+ # sql_injection_match_set_id: "ResourceId", # required
1911
+ # change_token: "ChangeToken", # required
1912
+ # updates: [ # required
1913
+ # {
1914
+ # action: "INSERT", # required, accepts INSERT, DELETE
1915
+ # sql_injection_match_tuple: { # required
1916
+ # field_to_match: { # required
1917
+ # type: "URI", # required, accepts URI, QUERY_STRING, HEADER, METHOD, BODY
1918
+ # data: "MatchFieldData",
1919
+ # },
1920
+ # text_transformation: "NONE", # required, accepts NONE, COMPRESS_WHITE_SPACE, HTML_ENTITY_DECODE, LOWERCASE, CMD_LINE, URL_DECODE
1921
+ # },
1922
+ # },
1923
+ # ],
1924
+ # })
1925
+ #
1926
+ # @example Response structure
1927
+ # resp.change_token #=> String
1928
+ # @overload update_sql_injection_match_set(params = {})
1929
+ # @param [Hash] params ({})
1930
+ def update_sql_injection_match_set(params = {}, options = {})
1931
+ req = build_request(:update_sql_injection_match_set, params)
1932
+ req.send_request(options)
1933
+ end
1934
+
1935
+ # Inserts or deletes ActivatedRule objects in a `WebACL`. Each `Rule`
1936
+ # identifies web requests that you want to allow, block, or count. When
1937
+ # you update a `WebACL`, you specify the following values:
1938
+ #
1939
+ # * A default action for the `WebACL`, either `ALLOW` or `BLOCK`. AWS
1940
+ # WAF performs the default action if a request doesn't match the
1941
+ # criteria in any of the `Rules` in a `WebACL`.
1942
+ #
1943
+ # * The `Rules` that you want to add and/or delete. If you want to
1944
+ # replace one `Rule` with another, you delete the existing `Rule` and
1945
+ # add the new one.
1946
+ #
1947
+ # * For each `Rule`, whether you want AWS WAF to allow requests, block
1948
+ # requests, or count requests that match the conditions in the `Rule`.
1949
+ #
1950
+ # * The order in which you want AWS WAF to evaluate the `Rules` in a
1951
+ # `WebACL`. If you add more than one `Rule` to a `WebACL`, AWS WAF
1952
+ # evaluates each request against the `Rules` in order based on the
1953
+ # value of `Priority`. (The `Rule` that has the lowest value for
1954
+ # `Priority` is evaluated first.) When a web request matches all of
1955
+ # the predicates (such as `ByteMatchSets` and `IPSets`) in a `Rule`,
1956
+ # AWS WAF immediately takes the corresponding action, allow or block,
1957
+ # and doesn't evaluate the request against the remaining `Rules` in
1958
+ # the `WebACL`, if any.
1959
+ #
1960
+ # * The CloudFront distribution that you want to associate with the
1961
+ # `WebACL`.
1962
+ #
1963
+ # To create and configure a `WebACL`, perform the following steps:
1964
+ #
1965
+ # 1. Create and update the predicates that you want to include in
1966
+ # `Rules`. For more information, see CreateByteMatchSet,
1967
+ # UpdateByteMatchSet, CreateIPSet, UpdateIPSet,
1968
+ # CreateSqlInjectionMatchSet, and UpdateSqlInjectionMatchSet.
1969
+ #
1970
+ # 2. Create and update the `Rules` that you want to include in the
1971
+ # `WebACL`. For more information, see CreateRule and UpdateRule.
1972
+ #
1973
+ # 3. Create a `WebACL`. See CreateWebACL.
1974
+ #
1975
+ # 4. Use `GetChangeToken` to get the change token that you provide in
1976
+ # the `ChangeToken` parameter of an UpdateWebACL request.
1977
+ #
1978
+ # 5. Submit an `UpdateWebACL` request to specify the `Rules` that you
1979
+ # want to include in the `WebACL`, to specify the default action,
1980
+ # and to associate the `WebACL` with a CloudFront distribution.
1981
+ #
1982
+ # For more information about how to use the AWS WAF API to allow or
1983
+ # block HTTP requests, see the [AWS WAF Developer Guide][1].
1984
+ #
1985
+ #
1986
+ #
1987
+ # [1]: http://docs.aws.amazon.com/waf/latest/developerguide/
1988
+ # @option params [required, String] :web_acl_id
1989
+ # The `WebACLId` of the WebACL that you want to update. `WebACLId` is
1990
+ # returned by CreateWebACL and by ListWebACLs.
1991
+ # @option params [required, String] :change_token
1992
+ # The value returned by the most recent call to GetChangeToken.
1993
+ # @option params [Array<Types::WebACLUpdate>] :updates
1994
+ # An array of updates to make to the WebACL.
1995
+ #
1996
+ # An array of `WebACLUpdate` objects that you want to insert into or
1997
+ # delete from a WebACL. For more information, see the applicable data
1998
+ # types:
1999
+ #
2000
+ # * WebACLUpdate: Contains `Action` and `ActivatedRule`
2001
+ #
2002
+ # * ActivatedRule: Contains `Action`, `Priority`, and `RuleId`
2003
+ #
2004
+ # * WafAction: Contains `Type`
2005
+ # @option params [Types::WafAction] :default_action
2006
+ # For the action that is associated with a rule in a `WebACL`, specifies
2007
+ # the action that you want AWS WAF to perform when a web request matches
2008
+ # all of the conditions in a rule. For the default action in a `WebACL`,
2009
+ # specifies the action that you want AWS WAF to take when a web request
2010
+ # doesn't match all of the conditions in any of the rules in a
2011
+ # `WebACL`.
2012
+ # @return [Types::UpdateWebACLResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
2013
+ #
2014
+ # * {Types::UpdateWebACLResponse#change_token #ChangeToken} => String
2015
+ #
2016
+ # @example Request syntax with placeholder values
2017
+ # resp = client.update_web_acl({
2018
+ # web_acl_id: "ResourceId", # required
2019
+ # change_token: "ChangeToken", # required
2020
+ # updates: [
2021
+ # {
2022
+ # action: "INSERT", # required, accepts INSERT, DELETE
2023
+ # activated_rule: { # required
2024
+ # priority: 1, # required
2025
+ # rule_id: "ResourceId", # required
2026
+ # action: { # required
2027
+ # type: "BLOCK", # required, accepts BLOCK, ALLOW, COUNT
2028
+ # },
2029
+ # },
2030
+ # },
2031
+ # ],
2032
+ # default_action: {
2033
+ # type: "BLOCK", # required, accepts BLOCK, ALLOW, COUNT
2034
+ # },
2035
+ # })
2036
+ #
2037
+ # @example Response structure
2038
+ # resp.change_token #=> String
2039
+ # @overload update_web_acl(params = {})
2040
+ # @param [Hash] params ({})
2041
+ def update_web_acl(params = {}, options = {})
2042
+ req = build_request(:update_web_acl, params)
2043
+ req.send_request(options)
2044
+ end
2045
+
2046
+ # Inserts or deletes XssMatchTuple objects (filters) in an XssMatchSet.
2047
+ # For each `XssMatchTuple` object, you specify the following values:
2048
+ #
2049
+ # * `Action`\: Whether to insert the object into or delete the object
2050
+ # from the array. To change a `XssMatchTuple`, you delete the existing
2051
+ # object and add a new one.
2052
+ #
2053
+ # * `FieldToMatch`\: The part of web requests that you want AWS WAF to
2054
+ # inspect and, if you want AWS WAF to inspect a header, the name of
2055
+ # the header.
2056
+ #
2057
+ # * `TextTransformation`\: Which text transformation, if any, to perform
2058
+ # on the web request before inspecting the request for cross-site
2059
+ # scripting attacks.
2060
+ #
2061
+ # You use `XssMatchSet` objects to specify which CloudFront requests you
2062
+ # want to allow, block, or count. For example, if you're receiving
2063
+ # requests that contain cross-site scripting attacks in the request body
2064
+ # and you want to block the requests, you can create an `XssMatchSet`
2065
+ # with the applicable settings, and then configure AWS WAF to block the
2066
+ # requests.
2067
+ #
2068
+ # To create and configure an `XssMatchSet`, perform the following steps:
2069
+ #
2070
+ # 1. Submit a CreateXssMatchSet request.
2071
+ #
2072
+ # 2. Use GetChangeToken to get the change token that you provide in the
2073
+ # `ChangeToken` parameter of an UpdateIPSet request.
2074
+ #
2075
+ # 3. Submit an `UpdateXssMatchSet` request to specify the parts of web
2076
+ # requests that you want AWS WAF to inspect for cross-site scripting
2077
+ # attacks.
2078
+ #
2079
+ # For more information about how to use the AWS WAF API to allow or
2080
+ # block HTTP requests, see the [AWS WAF Developer Guide][1].
2081
+ #
2082
+ #
2083
+ #
2084
+ # [1]: http://docs.aws.amazon.com/waf/latest/developerguide/
2085
+ # @option params [required, String] :xss_match_set_id
2086
+ # The `XssMatchSetId` of the `XssMatchSet` that you want to update.
2087
+ # `XssMatchSetId` is returned by CreateXssMatchSet and by
2088
+ # ListXssMatchSets.
2089
+ # @option params [required, String] :change_token
2090
+ # The value returned by the most recent call to GetChangeToken.
2091
+ # @option params [required, Array<Types::XssMatchSetUpdate>] :updates
2092
+ # An array of `XssMatchSetUpdate` objects that you want to insert into
2093
+ # or delete from a XssMatchSet. For more information, see the applicable
2094
+ # data types:
2095
+ #
2096
+ # * XssMatchSetUpdate: Contains `Action` and `XssMatchTuple`
2097
+ #
2098
+ # * XssMatchTuple: Contains `FieldToMatch` and `TextTransformation`
2099
+ #
2100
+ # * FieldToMatch: Contains `Data` and `Type`
2101
+ # @return [Types::UpdateXssMatchSetResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
2102
+ #
2103
+ # * {Types::UpdateXssMatchSetResponse#change_token #ChangeToken} => String
2104
+ #
2105
+ # @example Request syntax with placeholder values
2106
+ # resp = client.update_xss_match_set({
2107
+ # xss_match_set_id: "ResourceId", # required
2108
+ # change_token: "ChangeToken", # required
2109
+ # updates: [ # required
2110
+ # {
2111
+ # action: "INSERT", # required, accepts INSERT, DELETE
2112
+ # xss_match_tuple: { # required
2113
+ # field_to_match: { # required
2114
+ # type: "URI", # required, accepts URI, QUERY_STRING, HEADER, METHOD, BODY
2115
+ # data: "MatchFieldData",
2116
+ # },
2117
+ # text_transformation: "NONE", # required, accepts NONE, COMPRESS_WHITE_SPACE, HTML_ENTITY_DECODE, LOWERCASE, CMD_LINE, URL_DECODE
2118
+ # },
2119
+ # },
2120
+ # ],
2121
+ # })
2122
+ #
2123
+ # @example Response structure
2124
+ # resp.change_token #=> String
2125
+ # @overload update_xss_match_set(params = {})
2126
+ # @param [Hash] params ({})
2127
+ def update_xss_match_set(params = {}, options = {})
2128
+ req = build_request(:update_xss_match_set, params)
2129
+ req.send_request(options)
2130
+ end
2131
+
2132
+ # @!endgroup
2133
+
2134
+ # @param params ({})
2135
+ # @api private
2136
+ def build_request(operation_name, params = {})
2137
+ handlers = @handlers.for(operation_name)
2138
+ context = Seahorse::Client::RequestContext.new(
2139
+ operation_name: operation_name,
2140
+ operation: config.api.operation(operation_name),
2141
+ client: self,
2142
+ params: params,
2143
+ config: config)
2144
+ context[:gem_name] = 'aws-sdk-waf'
2145
+ context[:gem_version] = '1.0.0.rc1'
2146
+ Seahorse::Client::Request.new(handlers, context)
2147
+ end
2148
+
2149
+ # @api private
2150
+ # @deprecated
2151
+ def waiter_names
2152
+ []
2153
+ end
2154
+
2155
+ class << self
2156
+
2157
+ # @api private
2158
+ attr_reader :identifier
2159
+
2160
+ # @api private
2161
+ def errors_module
2162
+ Errors
2163
+ end
2164
+
2165
+ end
2166
+ end
2167
+ end
2168
+ end