aws-sdk-waf 1.3.0 → 1.4.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 5245d973d9eea223e03e9a16c9db77af60e27b33
-  data.tar.gz: d8508271ba6b39384c9d02c395748689b00ddcda
+  metadata.gz: 4821014b81bb10189a3856fde1c4676fc93ec0b6
+  data.tar.gz: c8555e25418439ff37b5df0f39b24b2f3c2cf45c
 SHA512:
-  metadata.gz: fbdbb5c2645dff421f31a1a73235860c1c215c7a9a2c3212dd025d64746a08326306bc7443224f929973312c7c4dff2f44058a4588c154f692f8d3434e95e070
-  data.tar.gz: c336a8e98274745bde5424c2a47a76051f97550fb4785738bfc3100ef6bf85bfb15f0d58df5bb84e0c3a3fc411115573b1ccb5f8d2082eea30302effa3908aa2
+  metadata.gz: 58505a85f4bbf80568c9da2145b3cbcd640b4ff6fa7f4dff5729602daa8bd6b3112463c114607943e082da46d7987372e7f87a6b43f215a0b0599a9d5ddbba19
+  data.tar.gz: 976d2e351b160866aacb7fcabcf1ff0a3ca0b5e6086c37d8ac1de4f53be524297ded0b6f6f4efc5d94d9b59f7553a34fa6e111a487e380c43b6a8c7fc88bcf3b

data/lib/aws-sdk-waf.rb

@@ -42,6 +42,6 @@ require_relative 'aws-sdk-waf/customizations'
 # @service
 module Aws::WAF
 
-  GEM_VERSION = '1.3.0'
+  GEM_VERSION = '1.4.0'
 
 end

data/lib/aws-sdk-waf/client.rb

@@ -1416,6 +1416,33 @@ module Aws::WAF
       req.send_request(options)
     end
 
+    # Permanently deletes an IAM policy from the specified RuleGroup.
+    #
+    # The user making the request must be the owner of the RuleGroup.
+    #
+    # @option params [required, String] :resource_arn
+    #   The Amazon Resource Name (ARN) of the RuleGroup from which you want to
+    #   delete the policy.
+    #
+    #   The user making the request must be the owner of the RuleGroup.
+    #
+    # @return [Struct] Returns an empty {Seahorse::Client::Response response}.
+    #
+    # @example Request syntax with placeholder values
+    #
+    #   resp = client.delete_permission_policy({
+    #     resource_arn: "ResourceArn", # required
+    #   })
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/waf-2015-08-24/DeletePermissionPolicy AWS API Documentation
+    #
+    # @overload delete_permission_policy(params = {})
+    # @param [Hash] params ({})
+    def delete_permission_policy(params = {}, options = {})
+      req = build_request(:delete_permission_policy, params)
+      req.send_request(options)
+    end
+
     # Permanently deletes a RateBasedRule. You can't delete a rule if it's
     # still used in any `WebACL` objects or if it still includes any
     # predicates, such as `ByteMatchSet` objects.
@@ -2169,6 +2196,35 @@ module Aws::WAF
       req.send_request(options)
     end
 
+    # Returns the IAM policy attached to the RuleGroup.
+    #
+    # @option params [required, String] :resource_arn
+    #   The Amazon Resource Name (ARN) of the RuleGroup for which you want to
+    #   get the policy.
+    #
+    # @return [Types::GetPermissionPolicyResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
+    #
+    #   * {Types::GetPermissionPolicyResponse#policy #policy} => String
+    #
+    # @example Request syntax with placeholder values
+    #
+    #   resp = client.get_permission_policy({
+    #     resource_arn: "ResourceArn", # required
+    #   })
+    #
+    # @example Response structure
+    #
+    #   resp.policy #=> String
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/waf-2015-08-24/GetPermissionPolicy AWS API Documentation
+    #
+    # @overload get_permission_policy(params = {})
+    # @param [Hash] params ({})
+    def get_permission_policy(params = {}, options = {})
+      req = build_request(:get_permission_policy, params)
+      req.send_request(options)
+    end
+
     # Returns the RateBasedRule that is specified by the `RuleId` that you
     # included in the `GetRateBasedRule` request.
     #
@@ -3552,6 +3608,65 @@ module Aws::WAF
       req.send_request(options)
     end
 
+    # Attaches a IAM policy to the specified resource. The only supported
+    # use for this action is to share a RuleGroup across accounts.
+    #
+    # The `PutPermissionPolicy` is subject to the following restrictions:
+    #
+    # * You can attach only one policy with each `PutPermissionPolicy`
+    #   request.
+    #
+    # * The policy must include an `Effect`, `Action` and `Principal`.
+    #
+    # * `Effect` must specify `Allow`.
+    #
+    # * The `Action` in the policy must be `waf:UpdateWebACL` and
+    #   `waf-regional:UpdateWebACL`. Any extra or wildcard actions in the
+    #   policy will be rejected.
+    #
+    # * The policy cannot include a `Resource` parameter.
+    #
+    # * The ARN in the request must be a valid WAF RuleGroup ARN and the
+    #   RuleGroup must exist in the same region.
+    #
+    # * The user making the request must be the owner of the RuleGroup.
+    #
+    # * Your policy must be composed using IAM Policy version 2012-10-17.
+    #
+    # For more information, see [IAM Policies][1].
+    #
+    # An example of a valid policy parameter is shown in the Examples
+    # section below.
+    #
+    #
+    #
+    # [1]: https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html
+    #
+    # @option params [required, String] :resource_arn
+    #   The Amazon Resource Name (ARN) of the RuleGroup to which you want to
+    #   attach the policy.
+    #
+    # @option params [required, String] :policy
+    #   The policy to attach to the specified RuleGroup.
+    #
+    # @return [Struct] Returns an empty {Seahorse::Client::Response response}.
+    #
+    # @example Request syntax with placeholder values
+    #
+    #   resp = client.put_permission_policy({
+    #     resource_arn: "ResourceArn", # required
+    #     policy: "PolicyString", # required
+    #   })
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/waf-2015-08-24/PutPermissionPolicy AWS API Documentation
+    #
+    # @overload put_permission_policy(params = {})
+    # @param [Hash] params ({})
+    def put_permission_policy(params = {}, options = {})
+      req = build_request(:put_permission_policy, params)
+      req.send_request(options)
+    end
+
     # Inserts or deletes ByteMatchTuple objects (filters) in a ByteMatchSet.
     # For each `ByteMatchTuple` object, you specify the following values:
     #
@@ -4335,9 +4450,11 @@ module Aws::WAF
     #
     #   You can only insert `REGULAR` rules into a rule group.
     #
-    #   The `Action` data type within `ActivatedRule` is used only when
-    #   submitting an `UpdateWebACL` request. `ActivatedRule|Action` is not
-    #   applicable and therefore not available for `UpdateRuleGroup`.
+    #   `ActivatedRule|OverrideAction` applies only when updating or adding a
+    #   `RuleGroup` to a `WebACL`. In this case you do not use
+    #   `ActivatedRule|Action`. For all other update requests,
+    #   `ActivatedRule|Action` is used instead of
+    #   `ActivatedRule|OverrideAction`.
     #
     # @option params [required, String] :change_token
     #   The value returned by the most recent call to GetChangeToken.
@@ -4720,11 +4837,12 @@ module Aws::WAF
     #
     #   * WebACLUpdate: Contains `Action` and `ActivatedRule`
     #
-    #   * ActivatedRule: Contains `Action`, `Priority`, `RuleId`, and `Type`.
-    #     The `OverrideAction` data type within `ActivatedRule` is used only
-    #     when submitting an `UpdateRuleGroup` request.
-    #     `ActivatedRule|OverrideAction` is not applicable and therefore not
-    #     available for `UpdateWebACL`.
+    #   * ActivatedRule: Contains `Action`, `OverrideAction`, `Priority`,
+    #     `RuleId`, and `Type`. `ActivatedRule|OverrideAction` applies only
+    #     when updating or adding a `RuleGroup` to a `WebACL`. In this case
+    #     you do not use `ActivatedRule|Action`. For all other update
+    #     requests, `ActivatedRule|Action` is used instead of
+    #     `ActivatedRule|OverrideAction`.
     #
     #   * WafAction: Contains `Type`
     #
@@ -4941,7 +5059,7 @@ module Aws::WAF
         params: params,
         config: config)
       context[:gem_name] = 'aws-sdk-waf'
-      context[:gem_version] = '1.3.0'
+      context[:gem_version] = '1.4.0'
       Seahorse::Client::Request.new(handlers, context)
     end
 

data/lib/aws-sdk-waf/client_api.rb

@@ -57,6 +57,8 @@ module Aws::WAF
     DeleteGeoMatchSetResponse = Shapes::StructureShape.new(name: 'DeleteGeoMatchSetResponse')
     DeleteIPSetRequest = Shapes::StructureShape.new(name: 'DeleteIPSetRequest')
     DeleteIPSetResponse = Shapes::StructureShape.new(name: 'DeleteIPSetResponse')
+    DeletePermissionPolicyRequest = Shapes::StructureShape.new(name: 'DeletePermissionPolicyRequest')
+    DeletePermissionPolicyResponse = Shapes::StructureShape.new(name: 'DeletePermissionPolicyResponse')
     DeleteRateBasedRuleRequest = Shapes::StructureShape.new(name: 'DeleteRateBasedRuleRequest')
     DeleteRateBasedRuleResponse = Shapes::StructureShape.new(name: 'DeleteRateBasedRuleResponse')
     DeleteRegexMatchSetRequest = Shapes::StructureShape.new(name: 'DeleteRegexMatchSetRequest')
@@ -95,6 +97,8 @@ module Aws::WAF
     GetGeoMatchSetResponse = Shapes::StructureShape.new(name: 'GetGeoMatchSetResponse')
     GetIPSetRequest = Shapes::StructureShape.new(name: 'GetIPSetRequest')
     GetIPSetResponse = Shapes::StructureShape.new(name: 'GetIPSetResponse')
+    GetPermissionPolicyRequest = Shapes::StructureShape.new(name: 'GetPermissionPolicyRequest')
+    GetPermissionPolicyResponse = Shapes::StructureShape.new(name: 'GetPermissionPolicyResponse')
     GetRateBasedRuleManagedKeysRequest = Shapes::StructureShape.new(name: 'GetRateBasedRuleManagedKeysRequest')
     GetRateBasedRuleManagedKeysResponse = Shapes::StructureShape.new(name: 'GetRateBasedRuleManagedKeysResponse')
     GetRateBasedRuleRequest = Shapes::StructureShape.new(name: 'GetRateBasedRuleRequest')
@@ -174,11 +178,14 @@ module Aws::WAF
     ParameterExceptionField = Shapes::StringShape.new(name: 'ParameterExceptionField')
     ParameterExceptionParameter = Shapes::StringShape.new(name: 'ParameterExceptionParameter')
     ParameterExceptionReason = Shapes::StringShape.new(name: 'ParameterExceptionReason')
+    PolicyString = Shapes::StringShape.new(name: 'PolicyString')
     PopulationSize = Shapes::IntegerShape.new(name: 'PopulationSize')
     PositionalConstraint = Shapes::StringShape.new(name: 'PositionalConstraint')
     Predicate = Shapes::StructureShape.new(name: 'Predicate')
     PredicateType = Shapes::StringShape.new(name: 'PredicateType')
     Predicates = Shapes::ListShape.new(name: 'Predicates')
+    PutPermissionPolicyRequest = Shapes::StructureShape.new(name: 'PutPermissionPolicyRequest')
+    PutPermissionPolicyResponse = Shapes::StructureShape.new(name: 'PutPermissionPolicyResponse')
     RateBasedRule = Shapes::StructureShape.new(name: 'RateBasedRule')
     RateKey = Shapes::StringShape.new(name: 'RateKey')
     RateLimit = Shapes::IntegerShape.new(name: 'RateLimit')
@@ -196,6 +203,7 @@ module Aws::WAF
     RegexPatternSetUpdates = Shapes::ListShape.new(name: 'RegexPatternSetUpdates')
     RegexPatternString = Shapes::StringShape.new(name: 'RegexPatternString')
     RegexPatternStrings = Shapes::ListShape.new(name: 'RegexPatternStrings')
+    ResourceArn = Shapes::StringShape.new(name: 'ResourceArn')
     ResourceId = Shapes::StringShape.new(name: 'ResourceId')
     ResourceName = Shapes::StringShape.new(name: 'ResourceName')
     Rule = Shapes::StructureShape.new(name: 'Rule')
@@ -262,6 +270,7 @@ module Aws::WAF
     WAFInvalidAccountException = Shapes::StructureShape.new(name: 'WAFInvalidAccountException')
     WAFInvalidOperationException = Shapes::StructureShape.new(name: 'WAFInvalidOperationException')
     WAFInvalidParameterException = Shapes::StructureShape.new(name: 'WAFInvalidParameterException')
+    WAFInvalidPermissionPolicyException = Shapes::StructureShape.new(name: 'WAFInvalidPermissionPolicyException')
     WAFInvalidRegexPatternException = Shapes::StructureShape.new(name: 'WAFInvalidRegexPatternException')
     WAFLimitsExceededException = Shapes::StructureShape.new(name: 'WAFLimitsExceededException')
     WAFNonEmptyEntityException = Shapes::StructureShape.new(name: 'WAFNonEmptyEntityException')
@@ -447,6 +456,11 @@ module Aws::WAF
     DeleteIPSetResponse.add_member(:change_token, Shapes::ShapeRef.new(shape: ChangeToken, location_name: "ChangeToken"))
     DeleteIPSetResponse.struct_class = Types::DeleteIPSetResponse
 
+    DeletePermissionPolicyRequest.add_member(:resource_arn, Shapes::ShapeRef.new(shape: ResourceArn, required: true, location_name: "ResourceArn"))
+    DeletePermissionPolicyRequest.struct_class = Types::DeletePermissionPolicyRequest
+
+    DeletePermissionPolicyResponse.struct_class = Types::DeletePermissionPolicyResponse
+
     DeleteRateBasedRuleRequest.add_member(:rule_id, Shapes::ShapeRef.new(shape: ResourceId, required: true, location_name: "RuleId"))
     DeleteRateBasedRuleRequest.add_member(:change_token, Shapes::ShapeRef.new(shape: ChangeToken, required: true, location_name: "ChangeToken"))
     DeleteRateBasedRuleRequest.struct_class = Types::DeleteRateBasedRuleRequest
@@ -566,6 +580,12 @@ module Aws::WAF
     GetIPSetResponse.add_member(:ip_set, Shapes::ShapeRef.new(shape: IPSet, location_name: "IPSet"))
     GetIPSetResponse.struct_class = Types::GetIPSetResponse
 
+    GetPermissionPolicyRequest.add_member(:resource_arn, Shapes::ShapeRef.new(shape: ResourceArn, required: true, location_name: "ResourceArn"))
+    GetPermissionPolicyRequest.struct_class = Types::GetPermissionPolicyRequest
+
+    GetPermissionPolicyResponse.add_member(:policy, Shapes::ShapeRef.new(shape: PolicyString, location_name: "Policy"))
+    GetPermissionPolicyResponse.struct_class = Types::GetPermissionPolicyResponse
+
     GetRateBasedRuleManagedKeysRequest.add_member(:rule_id, Shapes::ShapeRef.new(shape: ResourceId, required: true, location_name: "RuleId"))
     GetRateBasedRuleManagedKeysRequest.add_member(:next_marker, Shapes::ShapeRef.new(shape: NextMarker, location_name: "NextMarker"))
     GetRateBasedRuleManagedKeysRequest.struct_class = Types::GetRateBasedRuleManagedKeysRequest
@@ -798,6 +818,12 @@ module Aws::WAF
 
     Predicates.member = Shapes::ShapeRef.new(shape: Predicate)
 
+    PutPermissionPolicyRequest.add_member(:resource_arn, Shapes::ShapeRef.new(shape: ResourceArn, required: true, location_name: "ResourceArn"))
+    PutPermissionPolicyRequest.add_member(:policy, Shapes::ShapeRef.new(shape: PolicyString, required: true, location_name: "Policy"))
+    PutPermissionPolicyRequest.struct_class = Types::PutPermissionPolicyRequest
+
+    PutPermissionPolicyResponse.struct_class = Types::PutPermissionPolicyResponse
+
     RateBasedRule.add_member(:rule_id, Shapes::ShapeRef.new(shape: ResourceId, required: true, location_name: "RuleId"))
     RateBasedRule.add_member(:name, Shapes::ShapeRef.new(shape: ResourceName, location_name: "Name"))
     RateBasedRule.add_member(:metric_name, Shapes::ShapeRef.new(shape: MetricName, location_name: "MetricName"))
@@ -1315,6 +1341,17 @@ module Aws::WAF
         o.errors << Shapes::ShapeRef.new(shape: WAFNonEmptyEntityException)
       end)
 
+      api.add_operation(:delete_permission_policy, Seahorse::Model::Operation.new.tap do |o|
+        o.name = "DeletePermissionPolicy"
+        o.http_method = "POST"
+        o.http_request_uri = "/"
+        o.input = Shapes::ShapeRef.new(shape: DeletePermissionPolicyRequest)
+        o.output = Shapes::ShapeRef.new(shape: DeletePermissionPolicyResponse)
+        o.errors << Shapes::ShapeRef.new(shape: WAFInternalErrorException)
+        o.errors << Shapes::ShapeRef.new(shape: WAFStaleDataException)
+        o.errors << Shapes::ShapeRef.new(shape: WAFNonexistentItemException)
+      end)
+
       api.add_operation(:delete_rate_based_rule, Seahorse::Model::Operation.new.tap do |o|
         o.name = "DeleteRateBasedRule"
         o.http_method = "POST"
@@ -1492,6 +1529,16 @@ module Aws::WAF
         o.errors << Shapes::ShapeRef.new(shape: WAFNonexistentItemException)
       end)
 
+      api.add_operation(:get_permission_policy, Seahorse::Model::Operation.new.tap do |o|
+        o.name = "GetPermissionPolicy"
+        o.http_method = "POST"
+        o.http_request_uri = "/"
+        o.input = Shapes::ShapeRef.new(shape: GetPermissionPolicyRequest)
+        o.output = Shapes::ShapeRef.new(shape: GetPermissionPolicyResponse)
+        o.errors << Shapes::ShapeRef.new(shape: WAFInternalErrorException)
+        o.errors << Shapes::ShapeRef.new(shape: WAFNonexistentItemException)
+      end)
+
       api.add_operation(:get_rate_based_rule, Seahorse::Model::Operation.new.tap do |o|
         o.name = "GetRateBasedRule"
         o.http_method = "POST"
@@ -1752,6 +1799,18 @@ module Aws::WAF
         o.errors << Shapes::ShapeRef.new(shape: WAFInvalidAccountException)
       end)
 
+      api.add_operation(:put_permission_policy, Seahorse::Model::Operation.new.tap do |o|
+        o.name = "PutPermissionPolicy"
+        o.http_method = "POST"
+        o.http_request_uri = "/"
+        o.input = Shapes::ShapeRef.new(shape: PutPermissionPolicyRequest)
+        o.output = Shapes::ShapeRef.new(shape: PutPermissionPolicyResponse)
+        o.errors << Shapes::ShapeRef.new(shape: WAFInternalErrorException)
+        o.errors << Shapes::ShapeRef.new(shape: WAFStaleDataException)
+        o.errors << Shapes::ShapeRef.new(shape: WAFNonexistentItemException)
+        o.errors << Shapes::ShapeRef.new(shape: WAFInvalidPermissionPolicyException)
+      end)
+
       api.add_operation(:update_byte_match_set, Seahorse::Model::Operation.new.tap do |o|
         o.name = "UpdateByteMatchSet"
         o.http_method = "POST"

data/lib/aws-sdk-waf/types.rb

@@ -62,9 +62,11 @@ module Aws::WAF
     #     conditions in the rule and then continues to inspect the web
     #     request based on the remaining rules in the web ACL.
     #
-    #   The `Action` data type within `ActivatedRule` is used only when
-    #   submitting an `UpdateWebACL` request. `ActivatedRule|Action` is not
-    #   applicable and therefore not available for `UpdateRuleGroup`.
+    #   `ActivatedRule|OverrideAction` applies only when updating or adding
+    #   a `RuleGroup` to a `WebACL`. In this case you do not use
+    #   `ActivatedRule|Action`. For all other update requests,
+    #   `ActivatedRule|Action` is used instead of
+    #   `ActivatedRule|OverrideAction`.
     #   @return [Types::WafAction]
     #
     # @!attribute [rw] override_action
@@ -80,10 +82,11 @@ module Aws::WAF
     #   blocking matching requests, those requests will be counted. You can
     #   view a record of counted requests using GetSampledRequests.
     #
-    #   The `OverrideAction` data type within `ActivatedRule` is used only
-    #   when submitting an `UpdateRuleGroup` request.
-    #   `ActivatedRule|OverrideAction` is not applicable and therefore not
-    #   available for `UpdateWebACL`.
+    #   `ActivatedRule|OverrideAction` applies only when updating or adding
+    #   a `RuleGroup` to a `WebACL`. In this case you do not use
+    #   `ActivatedRule|Action`. For all other update requests,
+    #   `ActivatedRule|Action` is used instead of
+    #   `ActivatedRule|OverrideAction`.
     #   @return [Types::WafOverrideAction]
     #
     # @!attribute [rw] type
@@ -1144,6 +1147,31 @@ module Aws::WAF
       include Aws::Structure
     end
 
+    # @note When making an API call, you may pass DeletePermissionPolicyRequest
+    #   data as a hash:
+    #
+    #       {
+    #         resource_arn: "ResourceArn", # required
+    #       }
+    #
+    # @!attribute [rw] resource_arn
+    #   The Amazon Resource Name (ARN) of the RuleGroup from which you want
+    #   to delete the policy.
+    #
+    #   The user making the request must be the owner of the RuleGroup.
+    #   @return [String]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/waf-2015-08-24/DeletePermissionPolicyRequest AWS API Documentation
+    #
+    class DeletePermissionPolicyRequest < Struct.new(
+      :resource_arn)
+      include Aws::Structure
+    end
+
+    # @see http://docs.aws.amazon.com/goto/WebAPI/waf-2015-08-24/DeletePermissionPolicyResponse AWS API Documentation
+    #
+    class DeletePermissionPolicyResponse < Aws::EmptyStructure; end
+
     # @note When making an API call, you may pass DeleteRateBasedRuleRequest
     #   data as a hash:
     #
@@ -1833,6 +1861,36 @@ module Aws::WAF
       include Aws::Structure
     end
 
+    # @note When making an API call, you may pass GetPermissionPolicyRequest
+    #   data as a hash:
+    #
+    #       {
+    #         resource_arn: "ResourceArn", # required
+    #       }
+    #
+    # @!attribute [rw] resource_arn
+    #   The Amazon Resource Name (ARN) of the RuleGroup for which you want
+    #   to get the policy.
+    #   @return [String]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/waf-2015-08-24/GetPermissionPolicyRequest AWS API Documentation
+    #
+    class GetPermissionPolicyRequest < Struct.new(
+      :resource_arn)
+      include Aws::Structure
+    end
+
+    # @!attribute [rw] policy
+    #   The IAM policy attached to the specified RuleGroup.
+    #   @return [String]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/waf-2015-08-24/GetPermissionPolicyResponse AWS API Documentation
+    #
+    class GetPermissionPolicyResponse < Struct.new(
+      :policy)
+      include Aws::Structure
+    end
+
     # @note When making an API call, you may pass GetRateBasedRuleManagedKeysRequest
     #   data as a hash:
     #
@@ -3356,6 +3414,35 @@ module Aws::WAF
       include Aws::Structure
     end
 
+    # @note When making an API call, you may pass PutPermissionPolicyRequest
+    #   data as a hash:
+    #
+    #       {
+    #         resource_arn: "ResourceArn", # required
+    #         policy: "PolicyString", # required
+    #       }
+    #
+    # @!attribute [rw] resource_arn
+    #   The Amazon Resource Name (ARN) of the RuleGroup to which you want to
+    #   attach the policy.
+    #   @return [String]
+    #
+    # @!attribute [rw] policy
+    #   The policy to attach to the specified RuleGroup.
+    #   @return [String]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/waf-2015-08-24/PutPermissionPolicyRequest AWS API Documentation
+    #
+    class PutPermissionPolicyRequest < Struct.new(
+      :resource_arn,
+      :policy)
+      include Aws::Structure
+    end
+
+    # @see http://docs.aws.amazon.com/goto/WebAPI/waf-2015-08-24/PutPermissionPolicyResponse AWS API Documentation
+    #
+    class PutPermissionPolicyResponse < Aws::EmptyStructure; end
+
     # A `RateBasedRule` is identical to a regular Rule, with one addition: a
     # `RateBasedRule` counts the number of requests that arrive from a
     # specified IP address every five minutes. For example, based on recent
@@ -4965,9 +5052,11 @@ module Aws::WAF
     #
     #   You can only insert `REGULAR` rules into a rule group.
     #
-    #   The `Action` data type within `ActivatedRule` is used only when
-    #   submitting an `UpdateWebACL` request. `ActivatedRule|Action` is not
-    #   applicable and therefore not available for `UpdateRuleGroup`.
+    #   `ActivatedRule|OverrideAction` applies only when updating or adding
+    #   a `RuleGroup` to a `WebACL`. In this case you do not use
+    #   `ActivatedRule|Action`. For all other update requests,
+    #   `ActivatedRule|Action` is used instead of
+    #   `ActivatedRule|OverrideAction`.
     #   @return [Array<Types::RuleGroupUpdate>]
     #
     # @!attribute [rw] change_token
@@ -5241,11 +5330,12 @@ module Aws::WAF
     #
     #   * WebACLUpdate: Contains `Action` and `ActivatedRule`
     #
-    #   * ActivatedRule: Contains `Action`, `Priority`, `RuleId`, and
-    #     `Type`. The `OverrideAction` data type within `ActivatedRule` is
-    #     used only when submitting an `UpdateRuleGroup` request.
-    #     `ActivatedRule|OverrideAction` is not applicable and therefore not
-    #     available for `UpdateWebACL`.
+    #   * ActivatedRule: Contains `Action`, `OverrideAction`, `Priority`,
+    #     `RuleId`, and `Type`. `ActivatedRule|OverrideAction` applies only
+    #     when updating or adding a `RuleGroup` to a `WebACL`. In this case
+    #     you do not use `ActivatedRule|Action`. For all other update
+    #     requests, `ActivatedRule|Action` is used instead of
+    #     `ActivatedRule|OverrideAction`.
     #
     #   * WafAction: Contains `Type`
     #   @return [Array<Types::WebACLUpdate>]

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: aws-sdk-waf
 version: !ruby/object:Gem::Version
-  version: 1.3.0
+  version: 1.4.0
 platform: ruby
 authors:
 - Amazon Web Services
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2017-11-30 00:00:00.000000000 Z
+date: 2018-02-20 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: aws-sdk-core