aws-sdk-wafregional 1.0.0.rc2

Sign up to get free protection for your applications and to get access to all the features.
Files changed (9) hide show
  1. checksums.yaml +7 -0
  2. data/lib/aws-sdk-wafregional.rb +47 -0
  3. data/lib/aws-sdk-wafregional/client.rb +2259 -0
  4. data/lib/aws-sdk-wafregional/client_api.rb +1275 -0
  5. data/lib/aws-sdk-wafregional/customizations.rb +0 -0
  6. data/lib/aws-sdk-wafregional/errors.rb +23 -0
  7. data/lib/aws-sdk-wafregional/resource.rb +25 -0
  8. data/lib/aws-sdk-wafregional/types.rb +3304 -0
  9. metadata +80 -0
data/lib/aws-sdk-wafregional/customizations.rb ADDED
File without changes
data/lib/aws-sdk-wafregional/errors.rb ADDED
@@ -0,0 +1,23 @@
1
+ # WARNING ABOUT GENERATED CODE
2
+ #
3
+ # This file is generated. See the contributing for info on making contributions:
4
+ # https://github.com/aws/aws-sdk-ruby/blob/master/CONTRIBUTING.md
5
+ #
6
+ # WARNING ABOUT GENERATED CODE
7
+
8
+ module Aws
9
+ module WAFRegional
10
+ module Errors
11
+
12
+ extend Aws::Errors::DynamicErrors
13
+
14
+ # Raised when calling #load or #data on a resource class that can not be
15
+ # loaded. This can happen when:
16
+ #
17
+ # * A resource class has identifiers, but no data attributes.
18
+ # * Resource data is only available when making an API call that
19
+ # enumerates all resources of that type.
20
+ class ResourceNotLoadable < RuntimeError; end
21
+ end
22
+ end
23
+ end
data/lib/aws-sdk-wafregional/resource.rb ADDED
@@ -0,0 +1,25 @@
1
+ # WARNING ABOUT GENERATED CODE
2
+ #
3
+ # This file is generated. See the contributing for info on making contributions:
4
+ # https://github.com/aws/aws-sdk-ruby/blob/master/CONTRIBUTING.md
5
+ #
6
+ # WARNING ABOUT GENERATED CODE
7
+
8
+ module Aws
9
+ module WAFRegional
10
+ class Resource
11
+
12
+ # @param options ({})
13
+ # @option options [Client] :client
14
+ def initialize(options = {})
15
+ @client = options[:client] || Client.new(options)
16
+ end
17
+
18
+ # @return [Client]
19
+ def client
20
+ @client
21
+ end
22
+
23
+ end
24
+ end
25
+ end
data/lib/aws-sdk-wafregional/types.rb ADDED
@@ -0,0 +1,3304 @@
1
+ # WARNING ABOUT GENERATED CODE
2
+ #
3
+ # This file is generated. See the contributing for info on making contributions:
4
+ # https://github.com/aws/aws-sdk-ruby/blob/master/CONTRIBUTING.md
5
+ #
6
+ # WARNING ABOUT GENERATED CODE
7
+
8
+ module Aws
9
+ module WAFRegional
10
+ module Types
11
+
12
+ # The `ActivatedRule` object in an UpdateWebACL request specifies a
13
+ # `Rule` that you want to insert or delete, the priority of the `Rule`
14
+ # in the `WebACL`, and the action that you want AWS WAF to take when a
15
+ # web request matches the `Rule` (`ALLOW`, `BLOCK`, or `COUNT`).
16
+ #
17
+ # To specify whether to insert or delete a `Rule`, use the `Action`
18
+ # parameter in the WebACLUpdate data type.
19
+ # @note When making an API call, pass ActivatedRule
20
+ # data as a hash:
21
+ #
22
+ # {
23
+ # priority: 1, # required
24
+ # rule_id: "ResourceId", # required
25
+ # action: { # required
26
+ # type: "BLOCK", # required, accepts BLOCK, ALLOW, COUNT
27
+ # },
28
+ # }
29
+ # @!attribute [rw] priority
30
+ # Specifies the order in which the `Rules` in a `WebACL` are
31
+ # evaluated. Rules with a lower value for `Priority` are evaluated
32
+ # before `Rules` with a higher value. The value must be a unique
33
+ # integer. If you add multiple `Rules` to a `WebACL`, the values
34
+ # don't need to be consecutive.
35
+ # @return [Integer]
36
+ #
37
+ # @!attribute [rw] rule_id
38
+ # The `RuleId` for a `Rule`. You use `RuleId` to get more information
39
+ # about a `Rule` (see GetRule), update a `Rule` (see UpdateRule),
40
+ # insert a `Rule` into a `WebACL` or delete a one from a `WebACL` (see
41
+ # UpdateWebACL), or delete a `Rule` from AWS WAF (see DeleteRule).
42
+ #
43
+ # `RuleId` is returned by CreateRule and by ListRules.
44
+ # @return [String]
45
+ #
46
+ # @!attribute [rw] action
47
+ # Specifies the action that CloudFront or AWS WAF takes when a web
48
+ # request matches the conditions in the `Rule`. Valid values for
49
+ # `Action` include the following:
50
+ #
51
+ # * `ALLOW`\: CloudFront responds with the requested object.
52
+ #
53
+ # * `BLOCK`\: CloudFront responds with an HTTP 403 (Forbidden) status
54
+ # code.
55
+ #
56
+ # * `COUNT`\: AWS WAF increments a counter of requests that match the
57
+ # conditions in the rule and then continues to inspect the web
58
+ # request based on the remaining rules in the web ACL.
59
+ # @return [Types::WafAction]
60
+ class ActivatedRule < Struct.new(
61
+ :priority,
62
+ :rule_id,
63
+ :action)
64
+ include Aws::Structure
65
+ end
66
+
67
+ # @note When making an API call, pass AssociateWebACLRequest
68
+ # data as a hash:
69
+ #
70
+ # {
71
+ # web_acl_id: "ResourceId", # required
72
+ # resource_arn: "ResourceArn", # required
73
+ # }
74
+ # @!attribute [rw] web_acl_id
75
+ # A unique identifier (ID) for the web ACL.
76
+ # @return [String]
77
+ #
78
+ # @!attribute [rw] resource_arn
79
+ # The ARN (Amazon Resource Name) of the resource to be protected.
80
+ # @return [String]
81
+ class AssociateWebACLRequest < Struct.new(
82
+ :web_acl_id,
83
+ :resource_arn)
84
+ include Aws::Structure
85
+ end
86
+
87
+ class AssociateWebACLResponse < Aws::EmptyStructure; end
88
+
89
+ # In a GetByteMatchSet request, `ByteMatchSet` is a complex type that
90
+ # contains the `ByteMatchSetId` and `Name` of a `ByteMatchSet`, and the
91
+ # values that you specified when you updated the `ByteMatchSet`.
92
+ #
93
+ # A complex type that contains `ByteMatchTuple` objects, which specify
94
+ # the parts of web requests that you want AWS WAF to inspect and the
95
+ # values that you want AWS WAF to search for. If a `ByteMatchSet`
96
+ # contains more than one `ByteMatchTuple` object, a request needs to
97
+ # match the settings in only one `ByteMatchTuple` to be considered a
98
+ # match.
99
+ # @!attribute [rw] byte_match_set_id
100
+ # The `ByteMatchSetId` for a `ByteMatchSet`. You use `ByteMatchSetId`
101
+ # to get information about a `ByteMatchSet` (see GetByteMatchSet),
102
+ # update a `ByteMatchSet` (see UpdateByteMatchSet), insert a
103
+ # `ByteMatchSet` into a `Rule` or delete one from a `Rule` (see
104
+ # UpdateRule), and delete a `ByteMatchSet` from AWS WAF (see
105
+ # DeleteByteMatchSet).
106
+ #
107
+ # `ByteMatchSetId` is returned by CreateByteMatchSet and by
108
+ # ListByteMatchSets.
109
+ # @return [String]
110
+ #
111
+ # @!attribute [rw] name
112
+ # A friendly name or description of the ByteMatchSet. You can't
113
+ # change `Name` after you create a `ByteMatchSet`.
114
+ # @return [String]
115
+ #
116
+ # @!attribute [rw] byte_match_tuples
117
+ # Specifies the bytes (typically a string that corresponds with ASCII
118
+ # characters) that you want AWS WAF to search for in web requests, the
119
+ # location in requests that you want AWS WAF to search, and other
120
+ # settings.
121
+ # @return [Array<Types::ByteMatchTuple>]
122
+ class ByteMatchSet < Struct.new(
123
+ :byte_match_set_id,
124
+ :name,
125
+ :byte_match_tuples)
126
+ include Aws::Structure
127
+ end
128
+
129
+ # Returned by ListByteMatchSets. Each `ByteMatchSetSummary` object
130
+ # includes the `Name` and `ByteMatchSetId` for one ByteMatchSet.
131
+ # @!attribute [rw] byte_match_set_id
132
+ # The `ByteMatchSetId` for a `ByteMatchSet`. You use `ByteMatchSetId`
133
+ # to get information about a `ByteMatchSet`, update a `ByteMatchSet`,
134
+ # remove a `ByteMatchSet` from a `Rule`, and delete a `ByteMatchSet`
135
+ # from AWS WAF.
136
+ #
137
+ # `ByteMatchSetId` is returned by CreateByteMatchSet and by
138
+ # ListByteMatchSets.
139
+ # @return [String]
140
+ #
141
+ # @!attribute [rw] name
142
+ # A friendly name or description of the ByteMatchSet. You can't
143
+ # change `Name` after you create a `ByteMatchSet`.
144
+ # @return [String]
145
+ class ByteMatchSetSummary < Struct.new(
146
+ :byte_match_set_id,
147
+ :name)
148
+ include Aws::Structure
149
+ end
150
+
151
+ # In an UpdateByteMatchSet request, `ByteMatchSetUpdate` specifies
152
+ # whether to insert or delete a ByteMatchTuple and includes the settings
153
+ # for the `ByteMatchTuple`.
154
+ # @note When making an API call, pass ByteMatchSetUpdate
155
+ # data as a hash:
156
+ #
157
+ # {
158
+ # action: "INSERT", # required, accepts INSERT, DELETE
159
+ # byte_match_tuple: { # required
160
+ # field_to_match: { # required
161
+ # type: "URI", # required, accepts URI, QUERY_STRING, HEADER, METHOD, BODY
162
+ # data: "MatchFieldData",
163
+ # },
164
+ # target_string: "data", # required
165
+ # text_transformation: "NONE", # required, accepts NONE, COMPRESS_WHITE_SPACE, HTML_ENTITY_DECODE, LOWERCASE, CMD_LINE, URL_DECODE
166
+ # positional_constraint: "EXACTLY", # required, accepts EXACTLY, STARTS_WITH, ENDS_WITH, CONTAINS, CONTAINS_WORD
167
+ # },
168
+ # }
169
+ # @!attribute [rw] action
170
+ # Specifies whether to insert or delete a ByteMatchTuple.
171
+ # @return [String]
172
+ #
173
+ # @!attribute [rw] byte_match_tuple
174
+ # Information about the part of a web request that you want AWS WAF to
175
+ # inspect and the value that you want AWS WAF to search for. If you
176
+ # specify `DELETE` for the value of `Action`, the `ByteMatchTuple`
177
+ # values must exactly match the values in the `ByteMatchTuple` that
178
+ # you want to delete from the `ByteMatchSet`.
179
+ # @return [Types::ByteMatchTuple]
180
+ class ByteMatchSetUpdate < Struct.new(
181
+ :action,
182
+ :byte_match_tuple)
183
+ include Aws::Structure
184
+ end
185
+
186
+ # The bytes (typically a string that corresponds with ASCII characters)
187
+ # that you want AWS WAF to search for in web requests, the location in
188
+ # requests that you want AWS WAF to search, and other settings.
189
+ # @note When making an API call, pass ByteMatchTuple
190
+ # data as a hash:
191
+ #
192
+ # {
193
+ # field_to_match: { # required
194
+ # type: "URI", # required, accepts URI, QUERY_STRING, HEADER, METHOD, BODY
195
+ # data: "MatchFieldData",
196
+ # },
197
+ # target_string: "data", # required
198
+ # text_transformation: "NONE", # required, accepts NONE, COMPRESS_WHITE_SPACE, HTML_ENTITY_DECODE, LOWERCASE, CMD_LINE, URL_DECODE
199
+ # positional_constraint: "EXACTLY", # required, accepts EXACTLY, STARTS_WITH, ENDS_WITH, CONTAINS, CONTAINS_WORD
200
+ # }
201
+ # @!attribute [rw] field_to_match
202
+ # The part of a web request that you want AWS WAF to search, such as a
203
+ # specified header or a query string. For more information, see
204
+ # FieldToMatch.
205
+ # @return [Types::FieldToMatch]
206
+ #
207
+ # @!attribute [rw] target_string
208
+ # The value that you want AWS WAF to search for. AWS WAF searches for
209
+ # the specified string in the part of web requests that you specified
210
+ # in `FieldToMatch`. The maximum length of the value is 50 bytes.
211
+ #
212
+ # Valid values depend on the values that you specified for
213
+ # `FieldToMatch`\:
214
+ #
215
+ # * `HEADER`\: The value that you want AWS WAF to search for in the
216
+ # request header that you specified in FieldToMatch, for example,
217
+ # the value of the `User-Agent` or `Referer` header.
218
+ #
219
+ # * `METHOD`\: The HTTP method, which indicates the type of operation
220
+ # specified in the request. CloudFront supports the following
221
+ # methods: `DELETE`, `GET`, `HEAD`, `OPTIONS`, `PATCH`, `POST`, and
222
+ # `PUT`.
223
+ #
224
+ # * `QUERY_STRING`\: The value that you want AWS WAF to search for in
225
+ # the query string, which is the part of a URL that appears after a
226
+ # `?` character.
227
+ #
228
+ # * `URI`\: The value that you want AWS WAF to search for in the part
229
+ # of a URL that identifies a resource, for example,
230
+ # `/images/daily-ad.jpg`.
231
+ #
232
+ # * `BODY`\: The part of a request that contains any additional data
233
+ # that you want to send to your web server as the HTTP request body,
234
+ # such as data from a form. The request body immediately follows the
235
+ # request headers. Note that only the first `8192` bytes of the
236
+ # request body are forwarded to AWS WAF for inspection. To allow or
237
+ # block requests based on the length of the body, you can create a
238
+ # size constraint set. For more information, see
239
+ # CreateSizeConstraintSet.
240
+ #
241
+ # If `TargetString` includes alphabetic characters A-Z and a-z, note
242
+ # that the value is case sensitive.
243
+ #
244
+ # **If you're using the AWS WAF API**
245
+ #
246
+ # Specify a base64-encoded version of the value. The maximum length of
247
+ # the value before you base64-encode it is 50 bytes.
248
+ #
249
+ # For example, suppose the value of `Type` is `HEADER` and the value
250
+ # of `Data` is `User-Agent`. If you want to search the `User-Agent`
251
+ # header for the value `BadBot`, you base64-encode `BadBot` using MIME
252
+ # base64 encoding and include the resulting value, `QmFkQm90`, in the
253
+ # value of `TargetString`.
254
+ #
255
+ # **If you're using the AWS CLI or one of the AWS SDKs**
256
+ #
257
+ # The value that you want AWS WAF to search for. The SDK automatically
258
+ # base64 encodes the value.
259
+ # @return [String]
260
+ #
261
+ # @!attribute [rw] text_transformation
262
+ # Text transformations eliminate some of the unusual formatting that
263
+ # attackers use in web requests in an effort to bypass AWS WAF. If you
264
+ # specify a transformation, AWS WAF performs the transformation on
265
+ # `TargetString` before inspecting a request for a match.
266
+ #
267
+ # **CMD\_LINE**
268
+ #
269
+ # When you're concerned that attackers are injecting an operating
270
+ # system commandline command and using unusual formatting to disguise
271
+ # some or all of the command, use this option to perform the following
272
+ # transformations:
273
+ #
274
+ # * Delete the following characters: \\ " ' ^
275
+ #
276
+ # * Delete spaces before the following characters: / (
277
+ #
278
+ # * Replace the following characters with a space: , ;
279
+ #
280
+ # * Replace multiple spaces with one space
281
+ #
282
+ # * Convert uppercase letters (A-Z) to lowercase (a-z)
283
+ #
284
+ # **COMPRESS\_WHITE\_SPACE**
285
+ #
286
+ # Use this option to replace the following characters with a space
287
+ # character (decimal 32):
288
+ #
289
+ # * \\f, formfeed, decimal 12
290
+ #
291
+ # * \\t, tab, decimal 9
292
+ #
293
+ # * \\n, newline, decimal 10
294
+ #
295
+ # * \\r, carriage return, decimal 13
296
+ #
297
+ # * \\v, vertical tab, decimal 11
298
+ #
299
+ # * non-breaking space, decimal 160
300
+ #
301
+ # `COMPRESS_WHITE_SPACE` also replaces multiple spaces with one space.
302
+ #
303
+ # **HTML\_ENTITY\_DECODE**
304
+ #
305
+ # Use this option to replace HTML-encoded characters with unencoded
306
+ # characters. `HTML_ENTITY_DECODE` performs the following operations:
307
+ #
308
+ # * Replaces `(ampersand)quot;` with `"`
309
+ #
310
+ # * Replaces `(ampersand)nbsp;` with a non-breaking space, decimal 160
311
+ #
312
+ # * Replaces `(ampersand)lt;` with a "less than" symbol
313
+ #
314
+ # * Replaces `(ampersand)gt;` with `>`
315
+ #
316
+ # * Replaces characters that are represented in hexadecimal format,
317
+ # `(ampersand)#xhhhh;`, with the corresponding characters
318
+ #
319
+ # * Replaces characters that are represented in decimal format,
320
+ # `(ampersand)#nnnn;`, with the corresponding characters
321
+ #
322
+ # **LOWERCASE**
323
+ #
324
+ # Use this option to convert uppercase letters (A-Z) to lowercase
325
+ # (a-z).
326
+ #
327
+ # **URL\_DECODE**
328
+ #
329
+ # Use this option to decode a URL-encoded value.
330
+ #
331
+ # **NONE**
332
+ #
333
+ # Specify `NONE` if you don't want to perform any text
334
+ # transformations.
335
+ # @return [String]
336
+ #
337
+ # @!attribute [rw] positional_constraint
338
+ # Within the portion of a web request that you want to search (for
339
+ # example, in the query string, if any), specify where you want AWS
340
+ # WAF to search. Valid values include the following:
341
+ #
342
+ # **CONTAINS**
343
+ #
344
+ # The specified part of the web request must include the value of
345
+ # `TargetString`, but the location doesn't matter.
346
+ #
347
+ # **CONTAINS\_WORD**
348
+ #
349
+ # The specified part of the web request must include the value of
350
+ # `TargetString`, and `TargetString` must contain only alphanumeric
351
+ # characters or underscore (A-Z, a-z, 0-9, or \_). In addition,
352
+ # `TargetString` must be a word, which means one of the following:
353
+ #
354
+ # * `TargetString` exactly matches the value of the specified part of
355
+ # the web request, such as the value of a header.
356
+ #
357
+ # * `TargetString` is at the beginning of the specified part of the
358
+ # web request and is followed by a character other than an
359
+ # alphanumeric character or underscore (\_), for example, `BadBot;`.
360
+ #
361
+ # * `TargetString` is at the end of the specified part of the web
362
+ # request and is preceded by a character other than an alphanumeric
363
+ # character or underscore (\_), for example, `;BadBot`.
364
+ #
365
+ # * `TargetString` is in the middle of the specified part of the web
366
+ # request and is preceded and followed by characters other than
367
+ # alphanumeric characters or underscore (\_), for example,
368
+ # `-BadBot;`.
369
+ #
370
+ # **EXACTLY**
371
+ #
372
+ # The value of the specified part of the web request must exactly
373
+ # match the value of `TargetString`.
374
+ #
375
+ # **STARTS\_WITH**
376
+ #
377
+ # The value of `TargetString` must appear at the beginning of the
378
+ # specified part of the web request.
379
+ #
380
+ # **ENDS\_WITH**
381
+ #
382
+ # The value of `TargetString` must appear at the end of the specified
383
+ # part of the web request.
384
+ # @return [String]
385
+ class ByteMatchTuple < Struct.new(
386
+ :field_to_match,
387
+ :target_string,
388
+ :text_transformation,
389
+ :positional_constraint)
390
+ include Aws::Structure
391
+ end
392
+
393
+ # @note When making an API call, pass CreateByteMatchSetRequest
394
+ # data as a hash:
395
+ #
396
+ # {
397
+ # name: "ResourceName", # required
398
+ # change_token: "ChangeToken", # required
399
+ # }
400
+ # @!attribute [rw] name
401
+ # A friendly name or description of the ByteMatchSet. You can't
402
+ # change `Name` after you create a `ByteMatchSet`.
403
+ # @return [String]
404
+ #
405
+ # @!attribute [rw] change_token
406
+ # The value returned by the most recent call to GetChangeToken.
407
+ # @return [String]
408
+ class CreateByteMatchSetRequest < Struct.new(
409
+ :name,
410
+ :change_token)
411
+ include Aws::Structure
412
+ end
413
+
414
+ # @!attribute [rw] byte_match_set
415
+ # A ByteMatchSet that contains no `ByteMatchTuple` objects.
416
+ # @return [Types::ByteMatchSet]
417
+ #
418
+ # @!attribute [rw] change_token
419
+ # The `ChangeToken` that you used to submit the `CreateByteMatchSet`
420
+ # request. You can also use this value to query the status of the
421
+ # request. For more information, see GetChangeTokenStatus.
422
+ # @return [String]
423
+ class CreateByteMatchSetResponse < Struct.new(
424
+ :byte_match_set,
425
+ :change_token)
426
+ include Aws::Structure
427
+ end
428
+
429
+ # @note When making an API call, pass CreateIPSetRequest
430
+ # data as a hash:
431
+ #
432
+ # {
433
+ # name: "ResourceName", # required
434
+ # change_token: "ChangeToken", # required
435
+ # }
436
+ # @!attribute [rw] name
437
+ # A friendly name or description of the IPSet. You can't change
438
+ # `Name` after you create the `IPSet`.
439
+ # @return [String]
440
+ #
441
+ # @!attribute [rw] change_token
442
+ # The value returned by the most recent call to GetChangeToken.
443
+ # @return [String]
444
+ class CreateIPSetRequest < Struct.new(
445
+ :name,
446
+ :change_token)
447
+ include Aws::Structure
448
+ end
449
+
450
+ # @!attribute [rw] ip_set
451
+ # The IPSet returned in the `CreateIPSet` response.
452
+ # @return [Types::IPSet]
453
+ #
454
+ # @!attribute [rw] change_token
455
+ # The `ChangeToken` that you used to submit the `CreateIPSet` request.
456
+ # You can also use this value to query the status of the request. For
457
+ # more information, see GetChangeTokenStatus.
458
+ # @return [String]
459
+ class CreateIPSetResponse < Struct.new(
460
+ :ip_set,
461
+ :change_token)
462
+ include Aws::Structure
463
+ end
464
+
465
+ # @note When making an API call, pass CreateRuleRequest
466
+ # data as a hash:
467
+ #
468
+ # {
469
+ # name: "ResourceName", # required
470
+ # metric_name: "MetricName", # required
471
+ # change_token: "ChangeToken", # required
472
+ # }
473
+ # @!attribute [rw] name
474
+ # A friendly name or description of the Rule. You can't change the
475
+ # name of a `Rule` after you create it.
476
+ # @return [String]
477
+ #
478
+ # @!attribute [rw] metric_name
479
+ # A friendly name or description for the metrics for this `Rule`. The
480
+ # name can contain only alphanumeric characters (A-Z, a-z, 0-9); the
481
+ # name can't contain whitespace. You can't change the name of the
482
+ # metric after you create the `Rule`.
483
+ # @return [String]
484
+ #
485
+ # @!attribute [rw] change_token
486
+ # The value returned by the most recent call to GetChangeToken.
487
+ # @return [String]
488
+ class CreateRuleRequest < Struct.new(
489
+ :name,
490
+ :metric_name,
491
+ :change_token)
492
+ include Aws::Structure
493
+ end
494
+
495
+ # @!attribute [rw] rule
496
+ # The Rule returned in the `CreateRule` response.
497
+ # @return [Types::Rule]
498
+ #
499
+ # @!attribute [rw] change_token
500
+ # The `ChangeToken` that you used to submit the `CreateRule` request.
501
+ # You can also use this value to query the status of the request. For
502
+ # more information, see GetChangeTokenStatus.
503
+ # @return [String]
504
+ class CreateRuleResponse < Struct.new(
505
+ :rule,
506
+ :change_token)
507
+ include Aws::Structure
508
+ end
509
+
510
+ # @note When making an API call, pass CreateSizeConstraintSetRequest
511
+ # data as a hash:
512
+ #
513
+ # {
514
+ # name: "ResourceName", # required
515
+ # change_token: "ChangeToken", # required
516
+ # }
517
+ # @!attribute [rw] name
518
+ # A friendly name or description of the SizeConstraintSet. You can't
519
+ # change `Name` after you create a `SizeConstraintSet`.
520
+ # @return [String]
521
+ #
522
+ # @!attribute [rw] change_token
523
+ # The value returned by the most recent call to GetChangeToken.
524
+ # @return [String]
525
+ class CreateSizeConstraintSetRequest < Struct.new(
526
+ :name,
527
+ :change_token)
528
+ include Aws::Structure
529
+ end
530
+
531
+ # @!attribute [rw] size_constraint_set
532
+ # A SizeConstraintSet that contains no `SizeConstraint` objects.
533
+ # @return [Types::SizeConstraintSet]
534
+ #
535
+ # @!attribute [rw] change_token
536
+ # The `ChangeToken` that you used to submit the
537
+ # `CreateSizeConstraintSet` request. You can also use this value to
538
+ # query the status of the request. For more information, see
539
+ # GetChangeTokenStatus.
540
+ # @return [String]
541
+ class CreateSizeConstraintSetResponse < Struct.new(
542
+ :size_constraint_set,
543
+ :change_token)
544
+ include Aws::Structure
545
+ end
546
+
547
+ # A request to create a SqlInjectionMatchSet.
548
+ # @note When making an API call, pass CreateSqlInjectionMatchSetRequest
549
+ # data as a hash:
550
+ #
551
+ # {
552
+ # name: "ResourceName", # required
553
+ # change_token: "ChangeToken", # required
554
+ # }
555
+ # @!attribute [rw] name
556
+ # A friendly name or description for the SqlInjectionMatchSet that
557
+ # you're creating. You can't change `Name` after you create the
558
+ # `SqlInjectionMatchSet`.
559
+ # @return [String]
560
+ #
561
+ # @!attribute [rw] change_token
562
+ # The value returned by the most recent call to GetChangeToken.
563
+ # @return [String]
564
+ class CreateSqlInjectionMatchSetRequest < Struct.new(
565
+ :name,
566
+ :change_token)
567
+ include Aws::Structure
568
+ end
569
+
570
+ # The response to a `CreateSqlInjectionMatchSet` request.
571
+ # @!attribute [rw] sql_injection_match_set
572
+ # A SqlInjectionMatchSet.
573
+ # @return [Types::SqlInjectionMatchSet]
574
+ #
575
+ # @!attribute [rw] change_token
576
+ # The `ChangeToken` that you used to submit the
577
+ # `CreateSqlInjectionMatchSet` request. You can also use this value to
578
+ # query the status of the request. For more information, see
579
+ # GetChangeTokenStatus.
580
+ # @return [String]
581
+ class CreateSqlInjectionMatchSetResponse < Struct.new(
582
+ :sql_injection_match_set,
583
+ :change_token)
584
+ include Aws::Structure
585
+ end
586
+
587
+ # @note When making an API call, pass CreateWebACLRequest
588
+ # data as a hash:
589
+ #
590
+ # {
591
+ # name: "ResourceName", # required
592
+ # metric_name: "MetricName", # required
593
+ # default_action: { # required
594
+ # type: "BLOCK", # required, accepts BLOCK, ALLOW, COUNT
595
+ # },
596
+ # change_token: "ChangeToken", # required
597
+ # }
598
+ # @!attribute [rw] name
599
+ # A friendly name or description of the WebACL. You can't change
600
+ # `Name` after you create the `WebACL`.
601
+ # @return [String]
602
+ #
603
+ # @!attribute [rw] metric_name
604
+ # A friendly name or description for the metrics for this `WebACL`.
605
+ # The name can contain only alphanumeric characters (A-Z, a-z, 0-9);
606
+ # the name can't contain whitespace. You can't change `MetricName`
607
+ # after you create the `WebACL`.
608
+ # @return [String]
609
+ #
610
+ # @!attribute [rw] default_action
611
+ # The action that you want AWS WAF to take when a request doesn't
612
+ # match the criteria specified in any of the `Rule` objects that are
613
+ # associated with the `WebACL`.
614
+ # @return [Types::WafAction]
615
+ #
616
+ # @!attribute [rw] change_token
617
+ # The value returned by the most recent call to GetChangeToken.
618
+ # @return [String]
619
+ class CreateWebACLRequest < Struct.new(
620
+ :name,
621
+ :metric_name,
622
+ :default_action,
623
+ :change_token)
624
+ include Aws::Structure
625
+ end
626
+
627
+ # @!attribute [rw] web_acl
628
+ # The WebACL returned in the `CreateWebACL` response.
629
+ # @return [Types::WebACL]
630
+ #
631
+ # @!attribute [rw] change_token
632
+ # The `ChangeToken` that you used to submit the `CreateWebACL`
633
+ # request. You can also use this value to query the status of the
634
+ # request. For more information, see GetChangeTokenStatus.
635
+ # @return [String]
636
+ class CreateWebACLResponse < Struct.new(
637
+ :web_acl,
638
+ :change_token)
639
+ include Aws::Structure
640
+ end
641
+
642
+ # A request to create an XssMatchSet.
643
+ # @note When making an API call, pass CreateXssMatchSetRequest
644
+ # data as a hash:
645
+ #
646
+ # {
647
+ # name: "ResourceName", # required
648
+ # change_token: "ChangeToken", # required
649
+ # }
650
+ # @!attribute [rw] name
651
+ # A friendly name or description for the XssMatchSet that you're
652
+ # creating. You can't change `Name` after you create the
653
+ # `XssMatchSet`.
654
+ # @return [String]
655
+ #
656
+ # @!attribute [rw] change_token
657
+ # The value returned by the most recent call to GetChangeToken.
658
+ # @return [String]
659
+ class CreateXssMatchSetRequest < Struct.new(
660
+ :name,
661
+ :change_token)
662
+ include Aws::Structure
663
+ end
664
+
665
+ # The response to a `CreateXssMatchSet` request.
666
+ # @!attribute [rw] xss_match_set
667
+ # An XssMatchSet.
668
+ # @return [Types::XssMatchSet]
669
+ #
670
+ # @!attribute [rw] change_token
671
+ # The `ChangeToken` that you used to submit the `CreateXssMatchSet`
672
+ # request. You can also use this value to query the status of the
673
+ # request. For more information, see GetChangeTokenStatus.
674
+ # @return [String]
675
+ class CreateXssMatchSetResponse < Struct.new(
676
+ :xss_match_set,
677
+ :change_token)
678
+ include Aws::Structure
679
+ end
680
+
681
+ # @note When making an API call, pass DeleteByteMatchSetRequest
682
+ # data as a hash:
683
+ #
684
+ # {
685
+ # byte_match_set_id: "ResourceId", # required
686
+ # change_token: "ChangeToken", # required
687
+ # }
688
+ # @!attribute [rw] byte_match_set_id
689
+ # The `ByteMatchSetId` of the ByteMatchSet that you want to delete.
690
+ # `ByteMatchSetId` is returned by CreateByteMatchSet and by
691
+ # ListByteMatchSets.
692
+ # @return [String]
693
+ #
694
+ # @!attribute [rw] change_token
695
+ # The value returned by the most recent call to GetChangeToken.
696
+ # @return [String]
697
+ class DeleteByteMatchSetRequest < Struct.new(
698
+ :byte_match_set_id,
699
+ :change_token)
700
+ include Aws::Structure
701
+ end
702
+
703
+ # @!attribute [rw] change_token
704
+ # The `ChangeToken` that you used to submit the `DeleteByteMatchSet`
705
+ # request. You can also use this value to query the status of the
706
+ # request. For more information, see GetChangeTokenStatus.
707
+ # @return [String]
708
+ class DeleteByteMatchSetResponse < Struct.new(
709
+ :change_token)
710
+ include Aws::Structure
711
+ end
712
+
713
+ # @note When making an API call, pass DeleteIPSetRequest
714
+ # data as a hash:
715
+ #
716
+ # {
717
+ # ip_set_id: "ResourceId", # required
718
+ # change_token: "ChangeToken", # required
719
+ # }
720
+ # @!attribute [rw] ip_set_id
721
+ # The `IPSetId` of the IPSet that you want to delete. `IPSetId` is
722
+ # returned by CreateIPSet and by ListIPSets.
723
+ # @return [String]
724
+ #
725
+ # @!attribute [rw] change_token
726
+ # The value returned by the most recent call to GetChangeToken.
727
+ # @return [String]
728
+ class DeleteIPSetRequest < Struct.new(
729
+ :ip_set_id,
730
+ :change_token)
731
+ include Aws::Structure
732
+ end
733
+
734
+ # @!attribute [rw] change_token
735
+ # The `ChangeToken` that you used to submit the `DeleteIPSet` request.
736
+ # You can also use this value to query the status of the request. For
737
+ # more information, see GetChangeTokenStatus.
738
+ # @return [String]
739
+ class DeleteIPSetResponse < Struct.new(
740
+ :change_token)
741
+ include Aws::Structure
742
+ end
743
+
744
+ # @note When making an API call, pass DeleteRuleRequest
745
+ # data as a hash:
746
+ #
747
+ # {
748
+ # rule_id: "ResourceId", # required
749
+ # change_token: "ChangeToken", # required
750
+ # }
751
+ # @!attribute [rw] rule_id
752
+ # The `RuleId` of the Rule that you want to delete. `RuleId` is
753
+ # returned by CreateRule and by ListRules.
754
+ # @return [String]
755
+ #
756
+ # @!attribute [rw] change_token
757
+ # The value returned by the most recent call to GetChangeToken.
758
+ # @return [String]
759
+ class DeleteRuleRequest < Struct.new(
760
+ :rule_id,
761
+ :change_token)
762
+ include Aws::Structure
763
+ end
764
+
765
+ # @!attribute [rw] change_token
766
+ # The `ChangeToken` that you used to submit the `DeleteRule` request.
767
+ # You can also use this value to query the status of the request. For
768
+ # more information, see GetChangeTokenStatus.
769
+ # @return [String]
770
+ class DeleteRuleResponse < Struct.new(
771
+ :change_token)
772
+ include Aws::Structure
773
+ end
774
+
775
+ # @note When making an API call, pass DeleteSizeConstraintSetRequest
776
+ # data as a hash:
777
+ #
778
+ # {
779
+ # size_constraint_set_id: "ResourceId", # required
780
+ # change_token: "ChangeToken", # required
781
+ # }
782
+ # @!attribute [rw] size_constraint_set_id
783
+ # The `SizeConstraintSetId` of the SizeConstraintSet that you want to
784
+ # delete. `SizeConstraintSetId` is returned by CreateSizeConstraintSet
785
+ # and by ListSizeConstraintSets.
786
+ # @return [String]
787
+ #
788
+ # @!attribute [rw] change_token
789
+ # The value returned by the most recent call to GetChangeToken.
790
+ # @return [String]
791
+ class DeleteSizeConstraintSetRequest < Struct.new(
792
+ :size_constraint_set_id,
793
+ :change_token)
794
+ include Aws::Structure
795
+ end
796
+
797
+ # @!attribute [rw] change_token
798
+ # The `ChangeToken` that you used to submit the
799
+ # `DeleteSizeConstraintSet` request. You can also use this value to
800
+ # query the status of the request. For more information, see
801
+ # GetChangeTokenStatus.
802
+ # @return [String]
803
+ class DeleteSizeConstraintSetResponse < Struct.new(
804
+ :change_token)
805
+ include Aws::Structure
806
+ end
807
+
808
+ # A request to delete a SqlInjectionMatchSet from AWS WAF.
809
+ # @note When making an API call, pass DeleteSqlInjectionMatchSetRequest
810
+ # data as a hash:
811
+ #
812
+ # {
813
+ # sql_injection_match_set_id: "ResourceId", # required
814
+ # change_token: "ChangeToken", # required
815
+ # }
816
+ # @!attribute [rw] sql_injection_match_set_id
817
+ # The `SqlInjectionMatchSetId` of the SqlInjectionMatchSet that you
818
+ # want to delete. `SqlInjectionMatchSetId` is returned by
819
+ # CreateSqlInjectionMatchSet and by ListSqlInjectionMatchSets.
820
+ # @return [String]
821
+ #
822
+ # @!attribute [rw] change_token
823
+ # The value returned by the most recent call to GetChangeToken.
824
+ # @return [String]
825
+ class DeleteSqlInjectionMatchSetRequest < Struct.new(
826
+ :sql_injection_match_set_id,
827
+ :change_token)
828
+ include Aws::Structure
829
+ end
830
+
831
+ # The response to a request to delete a SqlInjectionMatchSet from AWS
832
+ # WAF.
833
+ # @!attribute [rw] change_token
834
+ # The `ChangeToken` that you used to submit the
835
+ # `DeleteSqlInjectionMatchSet` request. You can also use this value to
836
+ # query the status of the request. For more information, see
837
+ # GetChangeTokenStatus.
838
+ # @return [String]
839
+ class DeleteSqlInjectionMatchSetResponse < Struct.new(
840
+ :change_token)
841
+ include Aws::Structure
842
+ end
843
+
844
+ # @note When making an API call, pass DeleteWebACLRequest
845
+ # data as a hash:
846
+ #
847
+ # {
848
+ # web_acl_id: "ResourceId", # required
849
+ # change_token: "ChangeToken", # required
850
+ # }
851
+ # @!attribute [rw] web_acl_id
852
+ # The `WebACLId` of the WebACL that you want to delete. `WebACLId` is
853
+ # returned by CreateWebACL and by ListWebACLs.
854
+ # @return [String]
855
+ #
856
+ # @!attribute [rw] change_token
857
+ # The value returned by the most recent call to GetChangeToken.
858
+ # @return [String]
859
+ class DeleteWebACLRequest < Struct.new(
860
+ :web_acl_id,
861
+ :change_token)
862
+ include Aws::Structure
863
+ end
864
+
865
+ # @!attribute [rw] change_token
866
+ # The `ChangeToken` that you used to submit the `DeleteWebACL`
867
+ # request. You can also use this value to query the status of the
868
+ # request. For more information, see GetChangeTokenStatus.
869
+ # @return [String]
870
+ class DeleteWebACLResponse < Struct.new(
871
+ :change_token)
872
+ include Aws::Structure
873
+ end
874
+
875
+ # A request to delete an XssMatchSet from AWS WAF.
876
+ # @note When making an API call, pass DeleteXssMatchSetRequest
877
+ # data as a hash:
878
+ #
879
+ # {
880
+ # xss_match_set_id: "ResourceId", # required
881
+ # change_token: "ChangeToken", # required
882
+ # }
883
+ # @!attribute [rw] xss_match_set_id
884
+ # The `XssMatchSetId` of the XssMatchSet that you want to delete.
885
+ # `XssMatchSetId` is returned by CreateXssMatchSet and by
886
+ # ListXssMatchSets.
887
+ # @return [String]
888
+ #
889
+ # @!attribute [rw] change_token
890
+ # The value returned by the most recent call to GetChangeToken.
891
+ # @return [String]
892
+ class DeleteXssMatchSetRequest < Struct.new(
893
+ :xss_match_set_id,
894
+ :change_token)
895
+ include Aws::Structure
896
+ end
897
+
898
+ # The response to a request to delete an XssMatchSet from AWS WAF.
899
+ # @!attribute [rw] change_token
900
+ # The `ChangeToken` that you used to submit the `DeleteXssMatchSet`
901
+ # request. You can also use this value to query the status of the
902
+ # request. For more information, see GetChangeTokenStatus.
903
+ # @return [String]
904
+ class DeleteXssMatchSetResponse < Struct.new(
905
+ :change_token)
906
+ include Aws::Structure
907
+ end
908
+
909
+ # @note When making an API call, pass DisassociateWebACLRequest
910
+ # data as a hash:
911
+ #
912
+ # {
913
+ # resource_arn: "ResourceArn", # required
914
+ # }
915
+ # @!attribute [rw] resource_arn
916
+ # The ARN (Amazon Resource Name) of the resource from which the web
917
+ # ACL is being removed.
918
+ # @return [String]
919
+ class DisassociateWebACLRequest < Struct.new(
920
+ :resource_arn)
921
+ include Aws::Structure
922
+ end
923
+
924
+ class DisassociateWebACLResponse < Aws::EmptyStructure; end
925
+
926
+ # Specifies where in a web request to look for `TargetString`.
927
+ # @note When making an API call, pass FieldToMatch
928
+ # data as a hash:
929
+ #
930
+ # {
931
+ # type: "URI", # required, accepts URI, QUERY_STRING, HEADER, METHOD, BODY
932
+ # data: "MatchFieldData",
933
+ # }
934
+ # @!attribute [rw] type
935
+ # The part of the web request that you want AWS WAF to search for a
936
+ # specified string. Parts of a request that you can search include the
937
+ # following:
938
+ #
939
+ # * `HEADER`\: A specified request header, for example, the value of
940
+ # the `User-Agent` or `Referer` header. If you choose `HEADER` for
941
+ # the type, specify the name of the header in `Data`.
942
+ #
943
+ # * `METHOD`\: The HTTP method, which indicated the type of operation
944
+ # that the request is asking the origin to perform. Amazon
945
+ # CloudFront supports the following methods: `DELETE`, `GET`,
946
+ # `HEAD`, `OPTIONS`, `PATCH`, `POST`, and `PUT`.
947
+ #
948
+ # * `QUERY_STRING`\: A query string, which is the part of a URL that
949
+ # appears after a `?` character, if any.
950
+ #
951
+ # * `URI`\: The part of a web request that identifies a resource, for
952
+ # example, `/images/daily-ad.jpg`.
953
+ #
954
+ # * `BODY`\: The part of a request that contains any additional data
955
+ # that you want to send to your web server as the HTTP request body,
956
+ # such as data from a form. The request body immediately follows the
957
+ # request headers. Note that only the first `8192` bytes of the
958
+ # request body are forwarded to AWS WAF for inspection. To allow or
959
+ # block requests based on the length of the body, you can create a
960
+ # size constraint set. For more information, see
961
+ # CreateSizeConstraintSet.
962
+ # @return [String]
963
+ #
964
+ # @!attribute [rw] data
965
+ # When the value of `Type` is `HEADER`, enter the name of the header
966
+ # that you want AWS WAF to search, for example, `User-Agent` or
967
+ # `Referer`. If the value of `Type` is any other value, omit `Data`.
968
+ #
969
+ # The name of the header is not case sensitive.
970
+ # @return [String]
971
+ class FieldToMatch < Struct.new(
972
+ :type,
973
+ :data)
974
+ include Aws::Structure
975
+ end
976
+
977
+ # @note When making an API call, pass GetByteMatchSetRequest
978
+ # data as a hash:
979
+ #
980
+ # {
981
+ # byte_match_set_id: "ResourceId", # required
982
+ # }
983
+ # @!attribute [rw] byte_match_set_id
984
+ # The `ByteMatchSetId` of the ByteMatchSet that you want to get.
985
+ # `ByteMatchSetId` is returned by CreateByteMatchSet and by
986
+ # ListByteMatchSets.
987
+ # @return [String]
988
+ class GetByteMatchSetRequest < Struct.new(
989
+ :byte_match_set_id)
990
+ include Aws::Structure
991
+ end
992
+
993
+ # @!attribute [rw] byte_match_set
994
+ # Information about the ByteMatchSet that you specified in the
995
+ # `GetByteMatchSet` request. For more information, see the following
996
+ # topics:
997
+ #
998
+ # * ByteMatchSet: Contains `ByteMatchSetId`, `ByteMatchTuples`, and
999
+ # `Name`
1000
+ #
1001
+ # * `ByteMatchTuples`\: Contains an array of ByteMatchTuple objects.
1002
+ # Each `ByteMatchTuple` object contains FieldToMatch,
1003
+ # `PositionalConstraint`, `TargetString`, and `TextTransformation`
1004
+ #
1005
+ # * FieldToMatch: Contains `Data` and `Type`
1006
+ # @return [Types::ByteMatchSet]
1007
+ class GetByteMatchSetResponse < Struct.new(
1008
+ :byte_match_set)
1009
+ include Aws::Structure
1010
+ end
1011
+
1012
+ # @api private
1013
+ class GetChangeTokenRequest < Aws::EmptyStructure; end
1014
+
1015
+ # @!attribute [rw] change_token
1016
+ # The `ChangeToken` that you used in the request. Use this value in a
1017
+ # `GetChangeTokenStatus` request to get the current status of the
1018
+ # request.
1019
+ # @return [String]
1020
+ class GetChangeTokenResponse < Struct.new(
1021
+ :change_token)
1022
+ include Aws::Structure
1023
+ end
1024
+
1025
+ # @note When making an API call, pass GetChangeTokenStatusRequest
1026
+ # data as a hash:
1027
+ #
1028
+ # {
1029
+ # change_token: "ChangeToken", # required
1030
+ # }
1031
+ # @!attribute [rw] change_token
1032
+ # The change token for which you want to get the status. This change
1033
+ # token was previously returned in the `GetChangeToken` response.
1034
+ # @return [String]
1035
+ class GetChangeTokenStatusRequest < Struct.new(
1036
+ :change_token)
1037
+ include Aws::Structure
1038
+ end
1039
+
1040
+ # @!attribute [rw] change_token_status
1041
+ # The status of the change token.
1042
+ # @return [String]
1043
+ class GetChangeTokenStatusResponse < Struct.new(
1044
+ :change_token_status)
1045
+ include Aws::Structure
1046
+ end
1047
+
1048
+ # @note When making an API call, pass GetIPSetRequest
1049
+ # data as a hash:
1050
+ #
1051
+ # {
1052
+ # ip_set_id: "ResourceId", # required
1053
+ # }
1054
+ # @!attribute [rw] ip_set_id
1055
+ # The `IPSetId` of the IPSet that you want to get. `IPSetId` is
1056
+ # returned by CreateIPSet and by ListIPSets.
1057
+ # @return [String]
1058
+ class GetIPSetRequest < Struct.new(
1059
+ :ip_set_id)
1060
+ include Aws::Structure
1061
+ end
1062
+
1063
+ # @!attribute [rw] ip_set
1064
+ # Information about the IPSet that you specified in the `GetIPSet`
1065
+ # request. For more information, see the following topics:
1066
+ #
1067
+ # * IPSet: Contains `IPSetDescriptors`, `IPSetId`, and `Name`
1068
+ #
1069
+ # * `IPSetDescriptors`\: Contains an array of IPSetDescriptor objects.
1070
+ # Each `IPSetDescriptor` object contains `Type` and `Value`
1071
+ # @return [Types::IPSet]
1072
+ class GetIPSetResponse < Struct.new(
1073
+ :ip_set)
1074
+ include Aws::Structure
1075
+ end
1076
+
1077
+ # @note When making an API call, pass GetRuleRequest
1078
+ # data as a hash:
1079
+ #
1080
+ # {
1081
+ # rule_id: "ResourceId", # required
1082
+ # }
1083
+ # @!attribute [rw] rule_id
1084
+ # The `RuleId` of the Rule that you want to get. `RuleId` is returned
1085
+ # by CreateRule and by ListRules.
1086
+ # @return [String]
1087
+ class GetRuleRequest < Struct.new(
1088
+ :rule_id)
1089
+ include Aws::Structure
1090
+ end
1091
+
1092
+ # @!attribute [rw] rule
1093
+ # Information about the Rule that you specified in the `GetRule`
1094
+ # request. For more information, see the following topics:
1095
+ #
1096
+ # * Rule: Contains `MetricName`, `Name`, an array of `Predicate`
1097
+ # objects, and `RuleId`
1098
+ #
1099
+ # * Predicate: Each `Predicate` object contains `DataId`, `Negated`,
1100
+ # and `Type`
1101
+ # @return [Types::Rule]
1102
+ class GetRuleResponse < Struct.new(
1103
+ :rule)
1104
+ include Aws::Structure
1105
+ end
1106
+
1107
+ # @note When making an API call, pass GetSampledRequestsRequest
1108
+ # data as a hash:
1109
+ #
1110
+ # {
1111
+ # web_acl_id: "ResourceId", # required
1112
+ # rule_id: "ResourceId", # required
1113
+ # time_window: { # required
1114
+ # start_time: Time.now, # required
1115
+ # end_time: Time.now, # required
1116
+ # },
1117
+ # max_items: 1, # required
1118
+ # }
1119
+ # @!attribute [rw] web_acl_id
1120
+ # The `WebACLId` of the `WebACL` for which you want
1121
+ # `GetSampledRequests` to return a sample of requests.
1122
+ # @return [String]
1123
+ #
1124
+ # @!attribute [rw] rule_id
1125
+ # `RuleId` is one of two values:
1126
+ #
1127
+ # * The `RuleId` of the `Rule` for which you want `GetSampledRequests`
1128
+ # to return a sample of requests.
1129
+ #
1130
+ # * `Default_Action`, which causes `GetSampledRequests` to return a
1131
+ # sample of the requests that didn't match any of the rules in the
1132
+ # specified `WebACL`.
1133
+ # @return [String]
1134
+ #
1135
+ # @!attribute [rw] time_window
1136
+ # The start date and time and the end date and time of the range for
1137
+ # which you want `GetSampledRequests` to return a sample of requests.
1138
+ # Specify the date and time in the following format:
1139
+ # `"2016-09-27T14:50Z"`. You can specify any time range in the
1140
+ # previous three hours.
1141
+ # @return [Types::TimeWindow]
1142
+ #
1143
+ # @!attribute [rw] max_items
1144
+ # The number of requests that you want AWS WAF to return from among
1145
+ # the first 5,000 requests that your AWS resource received during the
1146
+ # time range. If your resource received fewer requests than the value
1147
+ # of `MaxItems`, `GetSampledRequests` returns information about all of
1148
+ # them.
1149
+ # @return [Integer]
1150
+ class GetSampledRequestsRequest < Struct.new(
1151
+ :web_acl_id,
1152
+ :rule_id,
1153
+ :time_window,
1154
+ :max_items)
1155
+ include Aws::Structure
1156
+ end
1157
+
1158
+ # @!attribute [rw] sampled_requests
1159
+ # A complex type that contains detailed information about each of the
1160
+ # requests in the sample.
1161
+ # @return [Array<Types::SampledHTTPRequest>]
1162
+ #
1163
+ # @!attribute [rw] population_size
1164
+ # The total number of requests from which `GetSampledRequests` got a
1165
+ # sample of `MaxItems` requests. If `PopulationSize` is less than
1166
+ # `MaxItems`, the sample includes every request that your AWS resource
1167
+ # received during the specified time range.
1168
+ # @return [Integer]
1169
+ #
1170
+ # @!attribute [rw] time_window
1171
+ # Usually, `TimeWindow` is the time range that you specified in the
1172
+ # `GetSampledRequests` request. However, if your AWS resource received
1173
+ # more than 5,000 requests during the time range that you specified in
1174
+ # the request, `GetSampledRequests` returns the time range for the
1175
+ # first 5,000 requests.
1176
+ # @return [Types::TimeWindow]
1177
+ class GetSampledRequestsResponse < Struct.new(
1178
+ :sampled_requests,
1179
+ :population_size,
1180
+ :time_window)
1181
+ include Aws::Structure
1182
+ end
1183
+
1184
+ # @note When making an API call, pass GetSizeConstraintSetRequest
1185
+ # data as a hash:
1186
+ #
1187
+ # {
1188
+ # size_constraint_set_id: "ResourceId", # required
1189
+ # }
1190
+ # @!attribute [rw] size_constraint_set_id
1191
+ # The `SizeConstraintSetId` of the SizeConstraintSet that you want to
1192
+ # get. `SizeConstraintSetId` is returned by CreateSizeConstraintSet
1193
+ # and by ListSizeConstraintSets.
1194
+ # @return [String]
1195
+ class GetSizeConstraintSetRequest < Struct.new(
1196
+ :size_constraint_set_id)
1197
+ include Aws::Structure
1198
+ end
1199
+
1200
+ # @!attribute [rw] size_constraint_set
1201
+ # Information about the SizeConstraintSet that you specified in the
1202
+ # `GetSizeConstraintSet` request. For more information, see the
1203
+ # following topics:
1204
+ #
1205
+ # * SizeConstraintSet: Contains `SizeConstraintSetId`,
1206
+ # `SizeConstraints`, and `Name`
1207
+ #
1208
+ # * `SizeConstraints`\: Contains an array of SizeConstraint objects.
1209
+ # Each `SizeConstraint` object contains FieldToMatch,
1210
+ # `TextTransformation`, `ComparisonOperator`, and `Size`
1211
+ #
1212
+ # * FieldToMatch: Contains `Data` and `Type`
1213
+ # @return [Types::SizeConstraintSet]
1214
+ class GetSizeConstraintSetResponse < Struct.new(
1215
+ :size_constraint_set)
1216
+ include Aws::Structure
1217
+ end
1218
+
1219
+ # A request to get a SqlInjectionMatchSet.
1220
+ # @note When making an API call, pass GetSqlInjectionMatchSetRequest
1221
+ # data as a hash:
1222
+ #
1223
+ # {
1224
+ # sql_injection_match_set_id: "ResourceId", # required
1225
+ # }
1226
+ # @!attribute [rw] sql_injection_match_set_id
1227
+ # The `SqlInjectionMatchSetId` of the SqlInjectionMatchSet that you
1228
+ # want to get. `SqlInjectionMatchSetId` is returned by
1229
+ # CreateSqlInjectionMatchSet and by ListSqlInjectionMatchSets.
1230
+ # @return [String]
1231
+ class GetSqlInjectionMatchSetRequest < Struct.new(
1232
+ :sql_injection_match_set_id)
1233
+ include Aws::Structure
1234
+ end
1235
+
1236
+ # The response to a GetSqlInjectionMatchSet request.
1237
+ # @!attribute [rw] sql_injection_match_set
1238
+ # Information about the SqlInjectionMatchSet that you specified in the
1239
+ # `GetSqlInjectionMatchSet` request. For more information, see the
1240
+ # following topics:
1241
+ #
1242
+ # * SqlInjectionMatchSet: Contains `Name`, `SqlInjectionMatchSetId`,
1243
+ # and an array of `SqlInjectionMatchTuple` objects
1244
+ #
1245
+ # * SqlInjectionMatchTuple: Each `SqlInjectionMatchTuple` object
1246
+ # contains `FieldToMatch` and `TextTransformation`
1247
+ #
1248
+ # * FieldToMatch: Contains `Data` and `Type`
1249
+ # @return [Types::SqlInjectionMatchSet]
1250
+ class GetSqlInjectionMatchSetResponse < Struct.new(
1251
+ :sql_injection_match_set)
1252
+ include Aws::Structure
1253
+ end
1254
+
1255
+ # @note When making an API call, pass GetWebACLForResourceRequest
1256
+ # data as a hash:
1257
+ #
1258
+ # {
1259
+ # resource_arn: "ResourceArn", # required
1260
+ # }
1261
+ # @!attribute [rw] resource_arn
1262
+ # The ARN (Amazon Resource Name) of the resource for which to get the
1263
+ # web ACL.
1264
+ # @return [String]
1265
+ class GetWebACLForResourceRequest < Struct.new(
1266
+ :resource_arn)
1267
+ include Aws::Structure
1268
+ end
1269
+
1270
+ # @!attribute [rw] web_acl_summary
1271
+ # Information about the web ACL that you specified in the
1272
+ # `GetWebACLForResource` request. If there is no associated resource,
1273
+ # a null WebACLSummary is returned.
1274
+ # @return [Types::WebACLSummary]
1275
+ class GetWebACLForResourceResponse < Struct.new(
1276
+ :web_acl_summary)
1277
+ include Aws::Structure
1278
+ end
1279
+
1280
+ # @note When making an API call, pass GetWebACLRequest
1281
+ # data as a hash:
1282
+ #
1283
+ # {
1284
+ # web_acl_id: "ResourceId", # required
1285
+ # }
1286
+ # @!attribute [rw] web_acl_id
1287
+ # The `WebACLId` of the WebACL that you want to get. `WebACLId` is
1288
+ # returned by CreateWebACL and by ListWebACLs.
1289
+ # @return [String]
1290
+ class GetWebACLRequest < Struct.new(
1291
+ :web_acl_id)
1292
+ include Aws::Structure
1293
+ end
1294
+
1295
+ # @!attribute [rw] web_acl
1296
+ # Information about the WebACL that you specified in the `GetWebACL`
1297
+ # request. For more information, see the following topics:
1298
+ #
1299
+ # * WebACL: Contains `DefaultAction`, `MetricName`, `Name`, an array
1300
+ # of `Rule` objects, and `WebACLId`
1301
+ #
1302
+ # * `DefaultAction` (Data type is WafAction): Contains `Type`
1303
+ #
1304
+ # * `Rules`\: Contains an array of `ActivatedRule` objects, which
1305
+ # contain `Action`, `Priority`, and `RuleId`
1306
+ #
1307
+ # * `Action`\: Contains `Type`
1308
+ # @return [Types::WebACL]
1309
+ class GetWebACLResponse < Struct.new(
1310
+ :web_acl)
1311
+ include Aws::Structure
1312
+ end
1313
+
1314
+ # A request to get an XssMatchSet.
1315
+ # @note When making an API call, pass GetXssMatchSetRequest
1316
+ # data as a hash:
1317
+ #
1318
+ # {
1319
+ # xss_match_set_id: "ResourceId", # required
1320
+ # }
1321
+ # @!attribute [rw] xss_match_set_id
1322
+ # The `XssMatchSetId` of the XssMatchSet that you want to get.
1323
+ # `XssMatchSetId` is returned by CreateXssMatchSet and by
1324
+ # ListXssMatchSets.
1325
+ # @return [String]
1326
+ class GetXssMatchSetRequest < Struct.new(
1327
+ :xss_match_set_id)
1328
+ include Aws::Structure
1329
+ end
1330
+
1331
+ # The response to a GetXssMatchSet request.
1332
+ # @!attribute [rw] xss_match_set
1333
+ # Information about the XssMatchSet that you specified in the
1334
+ # `GetXssMatchSet` request. For more information, see the following
1335
+ # topics:
1336
+ #
1337
+ # * XssMatchSet: Contains `Name`, `XssMatchSetId`, and an array of
1338
+ # `XssMatchTuple` objects
1339
+ #
1340
+ # * XssMatchTuple: Each `XssMatchTuple` object contains `FieldToMatch`
1341
+ # and `TextTransformation`
1342
+ #
1343
+ # * FieldToMatch: Contains `Data` and `Type`
1344
+ # @return [Types::XssMatchSet]
1345
+ class GetXssMatchSetResponse < Struct.new(
1346
+ :xss_match_set)
1347
+ include Aws::Structure
1348
+ end
1349
+
1350
+ # The response from a GetSampledRequests request includes an
1351
+ # `HTTPHeader` complex type that appears as `Headers` in the response
1352
+ # syntax. `HTTPHeader` contains the names and values of all of the
1353
+ # headers that appear in one of the web requests that were returned by
1354
+ # `GetSampledRequests`.
1355
+ # @!attribute [rw] name
1356
+ # The name of one of the headers in the sampled web request.
1357
+ # @return [String]
1358
+ #
1359
+ # @!attribute [rw] value
1360
+ # The value of one of the headers in the sampled web request.
1361
+ # @return [String]
1362
+ class HTTPHeader < Struct.new(
1363
+ :name,
1364
+ :value)
1365
+ include Aws::Structure
1366
+ end
1367
+
1368
+ # The response from a GetSampledRequests request includes an
1369
+ # `HTTPRequest` complex type that appears as `Request` in the response
1370
+ # syntax. `HTTPRequest` contains information about one of the web
1371
+ # requests that were returned by `GetSampledRequests`.
1372
+ # @!attribute [rw] client_ip
1373
+ # The IP address that the request originated from. If the `WebACL` is
1374
+ # associated with a CloudFront distribution, this is the value of one
1375
+ # of the following fields in CloudFront access logs:
1376
+ #
1377
+ # * `c-ip`, if the viewer did not use an HTTP proxy or a load balancer
1378
+ # to send the request
1379
+ #
1380
+ # * `x-forwarded-for`, if the viewer did use an HTTP proxy or a load
1381
+ # balancer to send the request
1382
+ # @return [String]
1383
+ #
1384
+ # @!attribute [rw] country
1385
+ # The two-letter country code for the country that the request
1386
+ # originated from. For a current list of country codes, see the
1387
+ # Wikipedia entry [ISO 3166-1 alpha-2][1].
1388
+ #
1389
+ #
1390
+ #
1391
+ # [1]: https://en.wikipedia.org/wiki/ISO_3166-1_alpha-2
1392
+ # @return [String]
1393
+ #
1394
+ # @!attribute [rw] uri
1395
+ # The part of a web request that identifies the resource, for example,
1396
+ # `/images/daily-ad.jpg`.
1397
+ # @return [String]
1398
+ #
1399
+ # @!attribute [rw] method
1400
+ # The HTTP method specified in the sampled web request. CloudFront
1401
+ # supports the following methods: `DELETE`, `GET`, `HEAD`, `OPTIONS`,
1402
+ # `PATCH`, `POST`, and `PUT`.
1403
+ # @return [String]
1404
+ #
1405
+ # @!attribute [rw] http_version
1406
+ # The HTTP version specified in the sampled web request, for example,
1407
+ # `HTTP/1.1`.
1408
+ # @return [String]
1409
+ #
1410
+ # @!attribute [rw] headers
1411
+ # A complex type that contains two values for each header in the
1412
+ # sampled web request: the name of the header and the value of the
1413
+ # header.
1414
+ # @return [Array<Types::HTTPHeader>]
1415
+ class HTTPRequest < Struct.new(
1416
+ :client_ip,
1417
+ :country,
1418
+ :uri,
1419
+ :method,
1420
+ :http_version,
1421
+ :headers)
1422
+ include Aws::Structure
1423
+ end
1424
+
1425
+ # Contains one or more IP addresses or blocks of IP addresses specified
1426
+ # in Classless Inter-Domain Routing (CIDR) notation. AWS WAF supports
1427
+ # /8, /16, /24, and /32 IP address ranges for IPv4, and /24, /32, /48,
1428
+ # /56, /64 and /128 for IPv6.
1429
+ #
1430
+ # To specify an individual IP address, you specify the four-part IP
1431
+ # address followed by a `/32`, for example, 192.0.2.0/31. To block a
1432
+ # range of IP addresses, you can specify a `/128`, `/64`, `/56`, `/48`,
1433
+ # `/32`, `/24`, `/16`, or `/8` CIDR. For more information about CIDR
1434
+ # notation, see the Wikipedia entry [Classless Inter-Domain Routing][1].
1435
+ #
1436
+ #
1437
+ #
1438
+ # [1]: https://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing
1439
+ # @!attribute [rw] ip_set_id
1440
+ # The `IPSetId` for an `IPSet`. You use `IPSetId` to get information
1441
+ # about an `IPSet` (see GetIPSet), update an `IPSet` (see
1442
+ # UpdateIPSet), insert an `IPSet` into a `Rule` or delete one from a
1443
+ # `Rule` (see UpdateRule), and delete an `IPSet` from AWS WAF (see
1444
+ # DeleteIPSet).
1445
+ #
1446
+ # `IPSetId` is returned by CreateIPSet and by ListIPSets.
1447
+ # @return [String]
1448
+ #
1449
+ # @!attribute [rw] name
1450
+ # A friendly name or description of the IPSet. You can't change the
1451
+ # name of an `IPSet` after you create it.
1452
+ # @return [String]
1453
+ #
1454
+ # @!attribute [rw] ip_set_descriptors
1455
+ # The IP address type (`IPV4` or `IPV6`) and the IP address range (in
1456
+ # CIDR notation) that web requests originate from. If the `WebACL` is
1457
+ # associated with a CloudFront distribution, this is the value of one
1458
+ # of the following fields in CloudFront access logs:
1459
+ #
1460
+ # * `c-ip`, if the viewer did not use an HTTP proxy or a load balancer
1461
+ # to send the request
1462
+ #
1463
+ # * `x-forwarded-for`, if the viewer did use an HTTP proxy or a load
1464
+ # balancer to send the request
1465
+ # @return [Array<Types::IPSetDescriptor>]
1466
+ class IPSet < Struct.new(
1467
+ :ip_set_id,
1468
+ :name,
1469
+ :ip_set_descriptors)
1470
+ include Aws::Structure
1471
+ end
1472
+
1473
+ # Specifies the IP address type (`IPV4` or `IPV6`) and the IP address
1474
+ # range (in CIDR format) that web requests originate from.
1475
+ # @note When making an API call, pass IPSetDescriptor
1476
+ # data as a hash:
1477
+ #
1478
+ # {
1479
+ # type: "IPV4", # required, accepts IPV4, IPV6
1480
+ # value: "IPSetDescriptorValue", # required
1481
+ # }
1482
+ # @!attribute [rw] type
1483
+ # Specify `IPV4` or `IPV6`.
1484
+ # @return [String]
1485
+ #
1486
+ # @!attribute [rw] value
1487
+ # Specify an IPv4 address by using CIDR notation. For example:
1488
+ #
1489
+ # * To configure AWS WAF to allow, block, or count requests that
1490
+ # originated from the IP address 192.0.2.44, specify
1491
+ # `192.0.2.44/32`.
1492
+ #
1493
+ # * To configure AWS WAF to allow, block, or count requests that
1494
+ # originated from IP addresses from 192.0.2.0 to 192.0.2.255,
1495
+ # specify `192.0.2.0/24`.
1496
+ #
1497
+ # For more information about CIDR notation, see the Wikipedia entry
1498
+ # [Classless Inter-Domain Routing][1].
1499
+ #
1500
+ # Specify an IPv6 address by using CIDR notation. For example:
1501
+ #
1502
+ # * To configure AWS WAF to allow, block, or count requests that
1503
+ # originated from the IP address
1504
+ # 1111:0000:0000:0000:0000:0000:0000:0111, specify
1505
+ # `1111:0000:0000:0000:0000:0000:0000:0111/128`.
1506
+ #
1507
+ # * To configure AWS WAF to allow, block, or count requests that
1508
+ # originated from IP addresses
1509
+ # 1111:0000:0000:0000:0000:0000:0000:0000 to
1510
+ # 1111:0000:0000:0000:ffff:ffff:ffff:ffff, specify
1511
+ # `1111:0000:0000:0000:0000:0000:0000:0000/64`.
1512
+ #
1513
+ #
1514
+ #
1515
+ # [1]: https://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing
1516
+ # @return [String]
1517
+ class IPSetDescriptor < Struct.new(
1518
+ :type,
1519
+ :value)
1520
+ include Aws::Structure
1521
+ end
1522
+
1523
+ # Contains the identifier and the name of the `IPSet`.
1524
+ # @!attribute [rw] ip_set_id
1525
+ # The `IPSetId` for an IPSet. You can use `IPSetId` in a GetIPSet
1526
+ # request to get detailed information about an IPSet.
1527
+ # @return [String]
1528
+ #
1529
+ # @!attribute [rw] name
1530
+ # A friendly name or description of the IPSet. You can't change the
1531
+ # name of an `IPSet` after you create it.
1532
+ # @return [String]
1533
+ class IPSetSummary < Struct.new(
1534
+ :ip_set_id,
1535
+ :name)
1536
+ include Aws::Structure
1537
+ end
1538
+
1539
+ # Specifies the type of update to perform to an IPSet with UpdateIPSet.
1540
+ # @note When making an API call, pass IPSetUpdate
1541
+ # data as a hash:
1542
+ #
1543
+ # {
1544
+ # action: "INSERT", # required, accepts INSERT, DELETE
1545
+ # ip_set_descriptor: { # required
1546
+ # type: "IPV4", # required, accepts IPV4, IPV6
1547
+ # value: "IPSetDescriptorValue", # required
1548
+ # },
1549
+ # }
1550
+ # @!attribute [rw] action
1551
+ # Specifies whether to insert or delete an IP address with
1552
+ # UpdateIPSet.
1553
+ # @return [String]
1554
+ #
1555
+ # @!attribute [rw] ip_set_descriptor
1556
+ # The IP address type (`IPV4` or `IPV6`) and the IP address range (in
1557
+ # CIDR notation) that web requests originate from.
1558
+ # @return [Types::IPSetDescriptor]
1559
+ class IPSetUpdate < Struct.new(
1560
+ :action,
1561
+ :ip_set_descriptor)
1562
+ include Aws::Structure
1563
+ end
1564
+
1565
+ # @note When making an API call, pass ListByteMatchSetsRequest
1566
+ # data as a hash:
1567
+ #
1568
+ # {
1569
+ # next_marker: "NextMarker",
1570
+ # limit: 1,
1571
+ # }
1572
+ # @!attribute [rw] next_marker
1573
+ # If you specify a value for `Limit` and you have more `ByteMatchSets`
1574
+ # than the value of `Limit`, AWS WAF returns a `NextMarker` value in
1575
+ # the response that allows you to list another group of
1576
+ # `ByteMatchSets`. For the second and subsequent `ListByteMatchSets`
1577
+ # requests, specify the value of `NextMarker` from the previous
1578
+ # response to get information about another batch of `ByteMatchSets`.
1579
+ # @return [String]
1580
+ #
1581
+ # @!attribute [rw] limit
1582
+ # Specifies the number of `ByteMatchSet` objects that you want AWS WAF
1583
+ # to return for this request. If you have more `ByteMatchSets` objects
1584
+ # than the number you specify for `Limit`, the response includes a
1585
+ # `NextMarker` value that you can use to get another batch of
1586
+ # `ByteMatchSet` objects.
1587
+ # @return [Integer]
1588
+ class ListByteMatchSetsRequest < Struct.new(
1589
+ :next_marker,
1590
+ :limit)
1591
+ include Aws::Structure
1592
+ end
1593
+
1594
+ # @!attribute [rw] next_marker
1595
+ # If you have more `ByteMatchSet` objects than the number that you
1596
+ # specified for `Limit` in the request, the response includes a
1597
+ # `NextMarker` value. To list more `ByteMatchSet` objects, submit
1598
+ # another `ListByteMatchSets` request, and specify the `NextMarker`
1599
+ # value from the response in the `NextMarker` value in the next
1600
+ # request.
1601
+ # @return [String]
1602
+ #
1603
+ # @!attribute [rw] byte_match_sets
1604
+ # An array of ByteMatchSetSummary objects.
1605
+ # @return [Array<Types::ByteMatchSetSummary>]
1606
+ class ListByteMatchSetsResponse < Struct.new(
1607
+ :next_marker,
1608
+ :byte_match_sets)
1609
+ include Aws::Structure
1610
+ end
1611
+
1612
+ # @note When making an API call, pass ListIPSetsRequest
1613
+ # data as a hash:
1614
+ #
1615
+ # {
1616
+ # next_marker: "NextMarker",
1617
+ # limit: 1,
1618
+ # }
1619
+ # @!attribute [rw] next_marker
1620
+ # If you specify a value for `Limit` and you have more `IPSets` than
1621
+ # the value of `Limit`, AWS WAF returns a `NextMarker` value in the
1622
+ # response that allows you to list another group of `IPSets`. For the
1623
+ # second and subsequent `ListIPSets` requests, specify the value of
1624
+ # `NextMarker` from the previous response to get information about
1625
+ # another batch of `ByteMatchSets`.
1626
+ # @return [String]
1627
+ #
1628
+ # @!attribute [rw] limit
1629
+ # Specifies the number of `IPSet` objects that you want AWS WAF to
1630
+ # return for this request. If you have more `IPSet` objects than the
1631
+ # number you specify for `Limit`, the response includes a `NextMarker`
1632
+ # value that you can use to get another batch of `IPSet` objects.
1633
+ # @return [Integer]
1634
+ class ListIPSetsRequest < Struct.new(
1635
+ :next_marker,
1636
+ :limit)
1637
+ include Aws::Structure
1638
+ end
1639
+
1640
+ # @!attribute [rw] next_marker
1641
+ # If you have more `IPSet` objects than the number that you specified
1642
+ # for `Limit` in the request, the response includes a `NextMarker`
1643
+ # value. To list more `IPSet` objects, submit another `ListIPSets`
1644
+ # request, and specify the `NextMarker` value from the response in the
1645
+ # `NextMarker` value in the next request.
1646
+ # @return [String]
1647
+ #
1648
+ # @!attribute [rw] ip_sets
1649
+ # An array of IPSetSummary objects.
1650
+ # @return [Array<Types::IPSetSummary>]
1651
+ class ListIPSetsResponse < Struct.new(
1652
+ :next_marker,
1653
+ :ip_sets)
1654
+ include Aws::Structure
1655
+ end
1656
+
1657
+ # @note When making an API call, pass ListResourcesForWebACLRequest
1658
+ # data as a hash:
1659
+ #
1660
+ # {
1661
+ # web_acl_id: "ResourceId", # required
1662
+ # }
1663
+ # @!attribute [rw] web_acl_id
1664
+ # The unique identifier (ID) of the web ACL for which to list the
1665
+ # associated resources.
1666
+ # @return [String]
1667
+ class ListResourcesForWebACLRequest < Struct.new(
1668
+ :web_acl_id)
1669
+ include Aws::Structure
1670
+ end
1671
+
1672
+ # @!attribute [rw] resource_arns
1673
+ # An array of ARNs (Amazon Resource Names) of the resources associated
1674
+ # with the specified web ACL. An array with zero elements is returned
1675
+ # if there are no resources associated with the web ACL.
1676
+ # @return [Array<String>]
1677
+ class ListResourcesForWebACLResponse < Struct.new(
1678
+ :resource_arns)
1679
+ include Aws::Structure
1680
+ end
1681
+
1682
+ # @note When making an API call, pass ListRulesRequest
1683
+ # data as a hash:
1684
+ #
1685
+ # {
1686
+ # next_marker: "NextMarker",
1687
+ # limit: 1,
1688
+ # }
1689
+ # @!attribute [rw] next_marker
1690
+ # If you specify a value for `Limit` and you have more `Rules` than
1691
+ # the value of `Limit`, AWS WAF returns a `NextMarker` value in the
1692
+ # response that allows you to list another group of `Rules`. For the
1693
+ # second and subsequent `ListRules` requests, specify the value of
1694
+ # `NextMarker` from the previous response to get information about
1695
+ # another batch of `Rules`.
1696
+ # @return [String]
1697
+ #
1698
+ # @!attribute [rw] limit
1699
+ # Specifies the number of `Rules` that you want AWS WAF to return for
1700
+ # this request. If you have more `Rules` than the number that you
1701
+ # specify for `Limit`, the response includes a `NextMarker` value that
1702
+ # you can use to get another batch of `Rules`.
1703
+ # @return [Integer]
1704
+ class ListRulesRequest < Struct.new(
1705
+ :next_marker,
1706
+ :limit)
1707
+ include Aws::Structure
1708
+ end
1709
+
1710
+ # @!attribute [rw] next_marker
1711
+ # If you have more `Rules` than the number that you specified for
1712
+ # `Limit` in the request, the response includes a `NextMarker` value.
1713
+ # To list more `Rules`, submit another `ListRules` request, and
1714
+ # specify the `NextMarker` value from the response in the `NextMarker`
1715
+ # value in the next request.
1716
+ # @return [String]
1717
+ #
1718
+ # @!attribute [rw] rules
1719
+ # An array of RuleSummary objects.
1720
+ # @return [Array<Types::RuleSummary>]
1721
+ class ListRulesResponse < Struct.new(
1722
+ :next_marker,
1723
+ :rules)
1724
+ include Aws::Structure
1725
+ end
1726
+
1727
+ # @note When making an API call, pass ListSizeConstraintSetsRequest
1728
+ # data as a hash:
1729
+ #
1730
+ # {
1731
+ # next_marker: "NextMarker",
1732
+ # limit: 1,
1733
+ # }
1734
+ # @!attribute [rw] next_marker
1735
+ # If you specify a value for `Limit` and you have more
1736
+ # `SizeConstraintSets` than the value of `Limit`, AWS WAF returns a
1737
+ # `NextMarker` value in the response that allows you to list another
1738
+ # group of `SizeConstraintSets`. For the second and subsequent
1739
+ # `ListSizeConstraintSets` requests, specify the value of `NextMarker`
1740
+ # from the previous response to get information about another batch of
1741
+ # `SizeConstraintSets`.
1742
+ # @return [String]
1743
+ #
1744
+ # @!attribute [rw] limit
1745
+ # Specifies the number of `SizeConstraintSet` objects that you want
1746
+ # AWS WAF to return for this request. If you have more
1747
+ # `SizeConstraintSets` objects than the number you specify for
1748
+ # `Limit`, the response includes a `NextMarker` value that you can use
1749
+ # to get another batch of `SizeConstraintSet` objects.
1750
+ # @return [Integer]
1751
+ class ListSizeConstraintSetsRequest < Struct.new(
1752
+ :next_marker,
1753
+ :limit)
1754
+ include Aws::Structure
1755
+ end
1756
+
1757
+ # @!attribute [rw] next_marker
1758
+ # If you have more `SizeConstraintSet` objects than the number that
1759
+ # you specified for `Limit` in the request, the response includes a
1760
+ # `NextMarker` value. To list more `SizeConstraintSet` objects, submit
1761
+ # another `ListSizeConstraintSets` request, and specify the
1762
+ # `NextMarker` value from the response in the `NextMarker` value in
1763
+ # the next request.
1764
+ # @return [String]
1765
+ #
1766
+ # @!attribute [rw] size_constraint_sets
1767
+ # An array of SizeConstraintSetSummary objects.
1768
+ # @return [Array<Types::SizeConstraintSetSummary>]
1769
+ class ListSizeConstraintSetsResponse < Struct.new(
1770
+ :next_marker,
1771
+ :size_constraint_sets)
1772
+ include Aws::Structure
1773
+ end
1774
+
1775
+ # A request to list the SqlInjectionMatchSet objects created by the
1776
+ # current AWS account.
1777
+ # @note When making an API call, pass ListSqlInjectionMatchSetsRequest
1778
+ # data as a hash:
1779
+ #
1780
+ # {
1781
+ # next_marker: "NextMarker",
1782
+ # limit: 1,
1783
+ # }
1784
+ # @!attribute [rw] next_marker
1785
+ # If you specify a value for `Limit` and you have more
1786
+ # SqlInjectionMatchSet objects than the value of `Limit`, AWS WAF
1787
+ # returns a `NextMarker` value in the response that allows you to list
1788
+ # another group of `SqlInjectionMatchSets`. For the second and
1789
+ # subsequent `ListSqlInjectionMatchSets` requests, specify the value
1790
+ # of `NextMarker` from the previous response to get information about
1791
+ # another batch of `SqlInjectionMatchSets`.
1792
+ # @return [String]
1793
+ #
1794
+ # @!attribute [rw] limit
1795
+ # Specifies the number of SqlInjectionMatchSet objects that you want
1796
+ # AWS WAF to return for this request. If you have more
1797
+ # `SqlInjectionMatchSet` objects than the number you specify for
1798
+ # `Limit`, the response includes a `NextMarker` value that you can use
1799
+ # to get another batch of `Rules`.
1800
+ # @return [Integer]
1801
+ class ListSqlInjectionMatchSetsRequest < Struct.new(
1802
+ :next_marker,
1803
+ :limit)
1804
+ include Aws::Structure
1805
+ end
1806
+
1807
+ # The response to a ListSqlInjectionMatchSets request.
1808
+ # @!attribute [rw] next_marker
1809
+ # If you have more SqlInjectionMatchSet objects than the number that
1810
+ # you specified for `Limit` in the request, the response includes a
1811
+ # `NextMarker` value. To list more `SqlInjectionMatchSet` objects,
1812
+ # submit another `ListSqlInjectionMatchSets` request, and specify the
1813
+ # `NextMarker` value from the response in the `NextMarker` value in
1814
+ # the next request.
1815
+ # @return [String]
1816
+ #
1817
+ # @!attribute [rw] sql_injection_match_sets
1818
+ # An array of SqlInjectionMatchSetSummary objects.
1819
+ # @return [Array<Types::SqlInjectionMatchSetSummary>]
1820
+ class ListSqlInjectionMatchSetsResponse < Struct.new(
1821
+ :next_marker,
1822
+ :sql_injection_match_sets)
1823
+ include Aws::Structure
1824
+ end
1825
+
1826
+ # @note When making an API call, pass ListWebACLsRequest
1827
+ # data as a hash:
1828
+ #
1829
+ # {
1830
+ # next_marker: "NextMarker",
1831
+ # limit: 1,
1832
+ # }
1833
+ # @!attribute [rw] next_marker
1834
+ # If you specify a value for `Limit` and you have more `WebACL`
1835
+ # objects than the number that you specify for `Limit`, AWS WAF
1836
+ # returns a `NextMarker` value in the response that allows you to list
1837
+ # another group of `WebACL` objects. For the second and subsequent
1838
+ # `ListWebACLs` requests, specify the value of `NextMarker` from the
1839
+ # previous response to get information about another batch of `WebACL`
1840
+ # objects.
1841
+ # @return [String]
1842
+ #
1843
+ # @!attribute [rw] limit
1844
+ # Specifies the number of `WebACL` objects that you want AWS WAF to
1845
+ # return for this request. If you have more `WebACL` objects than the
1846
+ # number that you specify for `Limit`, the response includes a
1847
+ # `NextMarker` value that you can use to get another batch of `WebACL`
1848
+ # objects.
1849
+ # @return [Integer]
1850
+ class ListWebACLsRequest < Struct.new(
1851
+ :next_marker,
1852
+ :limit)
1853
+ include Aws::Structure
1854
+ end
1855
+
1856
+ # @!attribute [rw] next_marker
1857
+ # If you have more `WebACL` objects than the number that you specified
1858
+ # for `Limit` in the request, the response includes a `NextMarker`
1859
+ # value. To list more `WebACL` objects, submit another `ListWebACLs`
1860
+ # request, and specify the `NextMarker` value from the response in the
1861
+ # `NextMarker` value in the next request.
1862
+ # @return [String]
1863
+ #
1864
+ # @!attribute [rw] web_acls
1865
+ # An array of WebACLSummary objects.
1866
+ # @return [Array<Types::WebACLSummary>]
1867
+ class ListWebACLsResponse < Struct.new(
1868
+ :next_marker,
1869
+ :web_acls)
1870
+ include Aws::Structure
1871
+ end
1872
+
1873
+ # A request to list the XssMatchSet objects created by the current AWS
1874
+ # account.
1875
+ # @note When making an API call, pass ListXssMatchSetsRequest
1876
+ # data as a hash:
1877
+ #
1878
+ # {
1879
+ # next_marker: "NextMarker",
1880
+ # limit: 1,
1881
+ # }
1882
+ # @!attribute [rw] next_marker
1883
+ # If you specify a value for `Limit` and you have more XssMatchSet
1884
+ # objects than the value of `Limit`, AWS WAF returns a `NextMarker`
1885
+ # value in the response that allows you to list another group of
1886
+ # `XssMatchSets`. For the second and subsequent `ListXssMatchSets`
1887
+ # requests, specify the value of `NextMarker` from the previous
1888
+ # response to get information about another batch of `XssMatchSets`.
1889
+ # @return [String]
1890
+ #
1891
+ # @!attribute [rw] limit
1892
+ # Specifies the number of XssMatchSet objects that you want AWS WAF to
1893
+ # return for this request. If you have more `XssMatchSet` objects than
1894
+ # the number you specify for `Limit`, the response includes a
1895
+ # `NextMarker` value that you can use to get another batch of `Rules`.
1896
+ # @return [Integer]
1897
+ class ListXssMatchSetsRequest < Struct.new(
1898
+ :next_marker,
1899
+ :limit)
1900
+ include Aws::Structure
1901
+ end
1902
+
1903
+ # The response to a ListXssMatchSets request.
1904
+ # @!attribute [rw] next_marker
1905
+ # If you have more XssMatchSet objects than the number that you
1906
+ # specified for `Limit` in the request, the response includes a
1907
+ # `NextMarker` value. To list more `XssMatchSet` objects, submit
1908
+ # another `ListXssMatchSets` request, and specify the `NextMarker`
1909
+ # value from the response in the `NextMarker` value in the next
1910
+ # request.
1911
+ # @return [String]
1912
+ #
1913
+ # @!attribute [rw] xss_match_sets
1914
+ # An array of XssMatchSetSummary objects.
1915
+ # @return [Array<Types::XssMatchSetSummary>]
1916
+ class ListXssMatchSetsResponse < Struct.new(
1917
+ :next_marker,
1918
+ :xss_match_sets)
1919
+ include Aws::Structure
1920
+ end
1921
+
1922
+ # Specifies the ByteMatchSet, IPSet, SqlInjectionMatchSet, XssMatchSet,
1923
+ # and SizeConstraintSet objects that you want to add to a `Rule` and,
1924
+ # for each object, indicates whether you want to negate the settings,
1925
+ # for example, requests that do NOT originate from the IP address
1926
+ # 192.0.2.44.
1927
+ # @note When making an API call, pass Predicate
1928
+ # data as a hash:
1929
+ #
1930
+ # {
1931
+ # negated: false, # required
1932
+ # type: "IPMatch", # required, accepts IPMatch, ByteMatch, SqlInjectionMatch, SizeConstraint, XssMatch
1933
+ # data_id: "ResourceId", # required
1934
+ # }
1935
+ # @!attribute [rw] negated
1936
+ # Set `Negated` to `False` if you want AWS WAF to allow, block, or
1937
+ # count requests based on the settings in the specified ByteMatchSet,
1938
+ # IPSet, SqlInjectionMatchSet, XssMatchSet, or SizeConstraintSet. For
1939
+ # example, if an `IPSet` includes the IP address `192.0.2.44`, AWS WAF
1940
+ # will allow or block requests based on that IP address.
1941
+ #
1942
+ # Set `Negated` to `True` if you want AWS WAF to allow or block a
1943
+ # request based on the negation of the settings in the ByteMatchSet,
1944
+ # IPSet, SqlInjectionMatchSet, XssMatchSet, or SizeConstraintSet. For
1945
+ # example, if an `IPSet` includes the IP address `192.0.2.44`, AWS WAF
1946
+ # will allow, block, or count requests based on all IP addresses
1947
+ # *except* `192.0.2.44`.
1948
+ # @return [Boolean]
1949
+ #
1950
+ # @!attribute [rw] type
1951
+ # The type of predicate in a `Rule`, such as `ByteMatchSet` or
1952
+ # `IPSet`.
1953
+ # @return [String]
1954
+ #
1955
+ # @!attribute [rw] data_id
1956
+ # A unique identifier for a predicate in a `Rule`, such as
1957
+ # `ByteMatchSetId` or `IPSetId`. The ID is returned by the
1958
+ # corresponding `Create` or `List` command.
1959
+ # @return [String]
1960
+ class Predicate < Struct.new(
1961
+ :negated,
1962
+ :type,
1963
+ :data_id)
1964
+ include Aws::Structure
1965
+ end
1966
+
1967
+ # A combination of ByteMatchSet, IPSet, and/or SqlInjectionMatchSet
1968
+ # objects that identify the web requests that you want to allow, block,
1969
+ # or count. For example, you might create a `Rule` that includes the
1970
+ # following predicates:
1971
+ #
1972
+ # * An `IPSet` that causes AWS WAF to search for web requests that
1973
+ # originate from the IP address `192.0.2.44`
1974
+ #
1975
+ # * A `ByteMatchSet` that causes AWS WAF to search for web requests for
1976
+ # which the value of the `User-Agent` header is `BadBot`.
1977
+ #
1978
+ # To match the settings in this `Rule`, a request must originate from
1979
+ # `192.0.2.44` AND include a `User-Agent` header for which the value is
1980
+ # `BadBot`.
1981
+ # @!attribute [rw] rule_id
1982
+ # A unique identifier for a `Rule`. You use `RuleId` to get more
1983
+ # information about a `Rule` (see GetRule), update a `Rule` (see
1984
+ # UpdateRule), insert a `Rule` into a `WebACL` or delete a one from a
1985
+ # `WebACL` (see UpdateWebACL), or delete a `Rule` from AWS WAF (see
1986
+ # DeleteRule).
1987
+ #
1988
+ # `RuleId` is returned by CreateRule and by ListRules.
1989
+ # @return [String]
1990
+ #
1991
+ # @!attribute [rw] name
1992
+ # The friendly name or description for the `Rule`. You can't change
1993
+ # the name of a `Rule` after you create it.
1994
+ # @return [String]
1995
+ #
1996
+ # @!attribute [rw] metric_name
1997
+ # A friendly name or description for the metrics for this `Rule`. The
1998
+ # name can contain only alphanumeric characters (A-Z, a-z, 0-9); the
1999
+ # name can't contain whitespace. You can't change `MetricName` after
2000
+ # you create the `Rule`.
2001
+ # @return [String]
2002
+ #
2003
+ # @!attribute [rw] predicates
2004
+ # The `Predicates` object contains one `Predicate` element for each
2005
+ # ByteMatchSet, IPSet, or SqlInjectionMatchSet object that you want to
2006
+ # include in a `Rule`.
2007
+ # @return [Array<Types::Predicate>]
2008
+ class Rule < Struct.new(
2009
+ :rule_id,
2010
+ :name,
2011
+ :metric_name,
2012
+ :predicates)
2013
+ include Aws::Structure
2014
+ end
2015
+
2016
+ # Contains the identifier and the friendly name or description of the
2017
+ # `Rule`.
2018
+ # @!attribute [rw] rule_id
2019
+ # A unique identifier for a `Rule`. You use `RuleId` to get more
2020
+ # information about a `Rule` (see GetRule), update a `Rule` (see
2021
+ # UpdateRule), insert a `Rule` into a `WebACL` or delete one from a
2022
+ # `WebACL` (see UpdateWebACL), or delete a `Rule` from AWS WAF (see
2023
+ # DeleteRule).
2024
+ #
2025
+ # `RuleId` is returned by CreateRule and by ListRules.
2026
+ # @return [String]
2027
+ #
2028
+ # @!attribute [rw] name
2029
+ # A friendly name or description of the Rule. You can't change the
2030
+ # name of a `Rule` after you create it.
2031
+ # @return [String]
2032
+ class RuleSummary < Struct.new(
2033
+ :rule_id,
2034
+ :name)
2035
+ include Aws::Structure
2036
+ end
2037
+
2038
+ # Specifies a `Predicate` (such as an `IPSet`) and indicates whether you
2039
+ # want to add it to a `Rule` or delete it from a `Rule`.
2040
+ # @note When making an API call, pass RuleUpdate
2041
+ # data as a hash:
2042
+ #
2043
+ # {
2044
+ # action: "INSERT", # required, accepts INSERT, DELETE
2045
+ # predicate: { # required
2046
+ # negated: false, # required
2047
+ # type: "IPMatch", # required, accepts IPMatch, ByteMatch, SqlInjectionMatch, SizeConstraint, XssMatch
2048
+ # data_id: "ResourceId", # required
2049
+ # },
2050
+ # }
2051
+ # @!attribute [rw] action
2052
+ # Specify `INSERT` to add a `Predicate` to a `Rule`. Use `DELETE` to
2053
+ # remove a `Predicate` from a `Rule`.
2054
+ # @return [String]
2055
+ #
2056
+ # @!attribute [rw] predicate
2057
+ # The ID of the `Predicate` (such as an `IPSet`) that you want to add
2058
+ # to a `Rule`.
2059
+ # @return [Types::Predicate]
2060
+ class RuleUpdate < Struct.new(
2061
+ :action,
2062
+ :predicate)
2063
+ include Aws::Structure
2064
+ end
2065
+
2066
+ # The response from a GetSampledRequests request includes a
2067
+ # `SampledHTTPRequests` complex type that appears as `SampledRequests`
2068
+ # in the response syntax. `SampledHTTPRequests` contains one
2069
+ # `SampledHTTPRequest` object for each web request that is returned by
2070
+ # `GetSampledRequests`.
2071
+ # @!attribute [rw] request
2072
+ # A complex type that contains detailed information about the request.
2073
+ # @return [Types::HTTPRequest]
2074
+ #
2075
+ # @!attribute [rw] weight
2076
+ # A value that indicates how one result in the response relates
2077
+ # proportionally to other results in the response. A result that has a
2078
+ # weight of `2` represents roughly twice as many CloudFront web
2079
+ # requests as a result that has a weight of `1`.
2080
+ # @return [Integer]
2081
+ #
2082
+ # @!attribute [rw] timestamp
2083
+ # The time at which AWS WAF received the request from your AWS
2084
+ # resource, in Unix time format (in seconds).
2085
+ # @return [Time]
2086
+ #
2087
+ # @!attribute [rw] action
2088
+ # The action for the `Rule` that the request matched: `ALLOW`,
2089
+ # `BLOCK`, or `COUNT`.
2090
+ # @return [String]
2091
+ class SampledHTTPRequest < Struct.new(
2092
+ :request,
2093
+ :weight,
2094
+ :timestamp,
2095
+ :action)
2096
+ include Aws::Structure
2097
+ end
2098
+
2099
+ # Specifies a constraint on the size of a part of the web request. AWS
2100
+ # WAF uses the `Size`, `ComparisonOperator`, and `FieldToMatch` to build
2101
+ # an expression in the form of "`Size` `ComparisonOperator` size in
2102
+ # bytes of `FieldToMatch`". If that expression is true, the
2103
+ # `SizeConstraint` is considered to match.
2104
+ # @note When making an API call, pass SizeConstraint
2105
+ # data as a hash:
2106
+ #
2107
+ # {
2108
+ # field_to_match: { # required
2109
+ # type: "URI", # required, accepts URI, QUERY_STRING, HEADER, METHOD, BODY
2110
+ # data: "MatchFieldData",
2111
+ # },
2112
+ # text_transformation: "NONE", # required, accepts NONE, COMPRESS_WHITE_SPACE, HTML_ENTITY_DECODE, LOWERCASE, CMD_LINE, URL_DECODE
2113
+ # comparison_operator: "EQ", # required, accepts EQ, NE, LE, LT, GE, GT
2114
+ # size: 1, # required
2115
+ # }
2116
+ # @!attribute [rw] field_to_match
2117
+ # Specifies where in a web request to look for the size constraint.
2118
+ # @return [Types::FieldToMatch]
2119
+ #
2120
+ # @!attribute [rw] text_transformation
2121
+ # Text transformations eliminate some of the unusual formatting that
2122
+ # attackers use in web requests in an effort to bypass AWS WAF. If you
2123
+ # specify a transformation, AWS WAF performs the transformation on
2124
+ # `FieldToMatch` before inspecting a request for a match.
2125
+ #
2126
+ # Note that if you choose `BODY` for the value of `Type`, you must
2127
+ # choose `NONE` for `TextTransformation` because CloudFront forwards
2128
+ # only the first 8192 bytes for inspection.
2129
+ #
2130
+ # **NONE**
2131
+ #
2132
+ # Specify `NONE` if you don't want to perform any text
2133
+ # transformations.
2134
+ #
2135
+ # **CMD\_LINE**
2136
+ #
2137
+ # When you're concerned that attackers are injecting an operating
2138
+ # system command line command and using unusual formatting to disguise
2139
+ # some or all of the command, use this option to perform the following
2140
+ # transformations:
2141
+ #
2142
+ # * Delete the following characters: \\ " ' ^
2143
+ #
2144
+ # * Delete spaces before the following characters: / (
2145
+ #
2146
+ # * Replace the following characters with a space: , ;
2147
+ #
2148
+ # * Replace multiple spaces with one space
2149
+ #
2150
+ # * Convert uppercase letters (A-Z) to lowercase (a-z)
2151
+ #
2152
+ # **COMPRESS\_WHITE\_SPACE**
2153
+ #
2154
+ # Use this option to replace the following characters with a space
2155
+ # character (decimal 32):
2156
+ #
2157
+ # * \\f, formfeed, decimal 12
2158
+ #
2159
+ # * \\t, tab, decimal 9
2160
+ #
2161
+ # * \\n, newline, decimal 10
2162
+ #
2163
+ # * \\r, carriage return, decimal 13
2164
+ #
2165
+ # * \\v, vertical tab, decimal 11
2166
+ #
2167
+ # * non-breaking space, decimal 160
2168
+ #
2169
+ # `COMPRESS_WHITE_SPACE` also replaces multiple spaces with one space.
2170
+ #
2171
+ # **HTML\_ENTITY\_DECODE**
2172
+ #
2173
+ # Use this option to replace HTML-encoded characters with unencoded
2174
+ # characters. `HTML_ENTITY_DECODE` performs the following operations:
2175
+ #
2176
+ # * Replaces `(ampersand)quot;` with `"`
2177
+ #
2178
+ # * Replaces `(ampersand)nbsp;` with a non-breaking space, decimal 160
2179
+ #
2180
+ # * Replaces `(ampersand)lt;` with a "less than" symbol
2181
+ #
2182
+ # * Replaces `(ampersand)gt;` with `>`
2183
+ #
2184
+ # * Replaces characters that are represented in hexadecimal format,
2185
+ # `(ampersand)#xhhhh;`, with the corresponding characters
2186
+ #
2187
+ # * Replaces characters that are represented in decimal format,
2188
+ # `(ampersand)#nnnn;`, with the corresponding characters
2189
+ #
2190
+ # **LOWERCASE**
2191
+ #
2192
+ # Use this option to convert uppercase letters (A-Z) to lowercase
2193
+ # (a-z).
2194
+ #
2195
+ # **URL\_DECODE**
2196
+ #
2197
+ # Use this option to decode a URL-encoded value.
2198
+ # @return [String]
2199
+ #
2200
+ # @!attribute [rw] comparison_operator
2201
+ # The type of comparison you want AWS WAF to perform. AWS WAF uses
2202
+ # this in combination with the provided `Size` and `FieldToMatch` to
2203
+ # build an expression in the form of "`Size` `ComparisonOperator`
2204
+ # size in bytes of `FieldToMatch`". If that expression is true, the
2205
+ # `SizeConstraint` is considered to match.
2206
+ #
2207
+ # **EQ**\: Used to test if the `Size` is equal to the size of the
2208
+ # `FieldToMatch`
2209
+ #
2210
+ # **NE**\: Used to test if the `Size` is not equal to the size of the
2211
+ # `FieldToMatch`
2212
+ #
2213
+ # **LE**\: Used to test if the `Size` is less than or equal to the
2214
+ # size of the `FieldToMatch`
2215
+ #
2216
+ # **LT**\: Used to test if the `Size` is strictly less than the size
2217
+ # of the `FieldToMatch`
2218
+ #
2219
+ # **GE**\: Used to test if the `Size` is greater than or equal to the
2220
+ # size of the `FieldToMatch`
2221
+ #
2222
+ # **GT**\: Used to test if the `Size` is strictly greater than the
2223
+ # size of the `FieldToMatch`
2224
+ # @return [String]
2225
+ #
2226
+ # @!attribute [rw] size
2227
+ # The size in bytes that you want AWS WAF to compare against the size
2228
+ # of the specified `FieldToMatch`. AWS WAF uses this in combination
2229
+ # with `ComparisonOperator` and `FieldToMatch` to build an expression
2230
+ # in the form of "`Size` `ComparisonOperator` size in bytes of
2231
+ # `FieldToMatch`". If that expression is true, the `SizeConstraint`
2232
+ # is considered to match.
2233
+ #
2234
+ # Valid values for size are 0 - 21474836480 bytes (0 - 20 GB).
2235
+ #
2236
+ # If you specify `URI` for the value of `Type`, the / in the URI
2237
+ # counts as one character. For example, the URI `/logo.jpg` is nine
2238
+ # characters long.
2239
+ # @return [Integer]
2240
+ class SizeConstraint < Struct.new(
2241
+ :field_to_match,
2242
+ :text_transformation,
2243
+ :comparison_operator,
2244
+ :size)
2245
+ include Aws::Structure
2246
+ end
2247
+
2248
+ # A complex type that contains `SizeConstraint` objects, which specify
2249
+ # the parts of web requests that you want AWS WAF to inspect the size
2250
+ # of. If a `SizeConstraintSet` contains more than one `SizeConstraint`
2251
+ # object, a request only needs to match one constraint to be considered
2252
+ # a match.
2253
+ # @!attribute [rw] size_constraint_set_id
2254
+ # A unique identifier for a `SizeConstraintSet`. You use
2255
+ # `SizeConstraintSetId` to get information about a `SizeConstraintSet`
2256
+ # (see GetSizeConstraintSet), update a `SizeConstraintSet` (see
2257
+ # UpdateSizeConstraintSet), insert a `SizeConstraintSet` into a `Rule`
2258
+ # or delete one from a `Rule` (see UpdateRule), and delete a
2259
+ # `SizeConstraintSet` from AWS WAF (see DeleteSizeConstraintSet).
2260
+ #
2261
+ # `SizeConstraintSetId` is returned by CreateSizeConstraintSet and by
2262
+ # ListSizeConstraintSets.
2263
+ # @return [String]
2264
+ #
2265
+ # @!attribute [rw] name
2266
+ # The name, if any, of the `SizeConstraintSet`.
2267
+ # @return [String]
2268
+ #
2269
+ # @!attribute [rw] size_constraints
2270
+ # Specifies the parts of web requests that you want to inspect the
2271
+ # size of.
2272
+ # @return [Array<Types::SizeConstraint>]
2273
+ class SizeConstraintSet < Struct.new(
2274
+ :size_constraint_set_id,
2275
+ :name,
2276
+ :size_constraints)
2277
+ include Aws::Structure
2278
+ end
2279
+
2280
+ # The `Id` and `Name` of a `SizeConstraintSet`.
2281
+ # @!attribute [rw] size_constraint_set_id
2282
+ # A unique identifier for a `SizeConstraintSet`. You use
2283
+ # `SizeConstraintSetId` to get information about a `SizeConstraintSet`
2284
+ # (see GetSizeConstraintSet), update a `SizeConstraintSet` (see
2285
+ # UpdateSizeConstraintSet), insert a `SizeConstraintSet` into a `Rule`
2286
+ # or delete one from a `Rule` (see UpdateRule), and delete a
2287
+ # `SizeConstraintSet` from AWS WAF (see DeleteSizeConstraintSet).
2288
+ #
2289
+ # `SizeConstraintSetId` is returned by CreateSizeConstraintSet and by
2290
+ # ListSizeConstraintSets.
2291
+ # @return [String]
2292
+ #
2293
+ # @!attribute [rw] name
2294
+ # The name of the `SizeConstraintSet`, if any.
2295
+ # @return [String]
2296
+ class SizeConstraintSetSummary < Struct.new(
2297
+ :size_constraint_set_id,
2298
+ :name)
2299
+ include Aws::Structure
2300
+ end
2301
+
2302
+ # Specifies the part of a web request that you want to inspect the size
2303
+ # of and indicates whether you want to add the specification to a
2304
+ # SizeConstraintSet or delete it from a `SizeConstraintSet`.
2305
+ # @note When making an API call, pass SizeConstraintSetUpdate
2306
+ # data as a hash:
2307
+ #
2308
+ # {
2309
+ # action: "INSERT", # required, accepts INSERT, DELETE
2310
+ # size_constraint: { # required
2311
+ # field_to_match: { # required
2312
+ # type: "URI", # required, accepts URI, QUERY_STRING, HEADER, METHOD, BODY
2313
+ # data: "MatchFieldData",
2314
+ # },
2315
+ # text_transformation: "NONE", # required, accepts NONE, COMPRESS_WHITE_SPACE, HTML_ENTITY_DECODE, LOWERCASE, CMD_LINE, URL_DECODE
2316
+ # comparison_operator: "EQ", # required, accepts EQ, NE, LE, LT, GE, GT
2317
+ # size: 1, # required
2318
+ # },
2319
+ # }
2320
+ # @!attribute [rw] action
2321
+ # Specify `INSERT` to add a SizeConstraintSetUpdate to a
2322
+ # SizeConstraintSet. Use `DELETE` to remove a
2323
+ # `SizeConstraintSetUpdate` from a `SizeConstraintSet`.
2324
+ # @return [String]
2325
+ #
2326
+ # @!attribute [rw] size_constraint
2327
+ # Specifies a constraint on the size of a part of the web request. AWS
2328
+ # WAF uses the `Size`, `ComparisonOperator`, and `FieldToMatch` to
2329
+ # build an expression in the form of "`Size` `ComparisonOperator`
2330
+ # size in bytes of `FieldToMatch`". If that expression is true, the
2331
+ # `SizeConstraint` is considered to match.
2332
+ # @return [Types::SizeConstraint]
2333
+ class SizeConstraintSetUpdate < Struct.new(
2334
+ :action,
2335
+ :size_constraint)
2336
+ include Aws::Structure
2337
+ end
2338
+
2339
+ # A complex type that contains `SqlInjectionMatchTuple` objects, which
2340
+ # specify the parts of web requests that you want AWS WAF to inspect for
2341
+ # snippets of malicious SQL code and, if you want AWS WAF to inspect a
2342
+ # header, the name of the header. If a `SqlInjectionMatchSet` contains
2343
+ # more than one `SqlInjectionMatchTuple` object, a request needs to
2344
+ # include snippets of SQL code in only one of the specified parts of the
2345
+ # request to be considered a match.
2346
+ # @!attribute [rw] sql_injection_match_set_id
2347
+ # A unique identifier for a `SqlInjectionMatchSet`. You use
2348
+ # `SqlInjectionMatchSetId` to get information about a
2349
+ # `SqlInjectionMatchSet` (see GetSqlInjectionMatchSet), update a
2350
+ # `SqlInjectionMatchSet` (see UpdateSqlInjectionMatchSet), insert a
2351
+ # `SqlInjectionMatchSet` into a `Rule` or delete one from a `Rule`
2352
+ # (see UpdateRule), and delete a `SqlInjectionMatchSet` from AWS WAF
2353
+ # (see DeleteSqlInjectionMatchSet).
2354
+ #
2355
+ # `SqlInjectionMatchSetId` is returned by CreateSqlInjectionMatchSet
2356
+ # and by ListSqlInjectionMatchSets.
2357
+ # @return [String]
2358
+ #
2359
+ # @!attribute [rw] name
2360
+ # The name, if any, of the `SqlInjectionMatchSet`.
2361
+ # @return [String]
2362
+ #
2363
+ # @!attribute [rw] sql_injection_match_tuples
2364
+ # Specifies the parts of web requests that you want to inspect for
2365
+ # snippets of malicious SQL code.
2366
+ # @return [Array<Types::SqlInjectionMatchTuple>]
2367
+ class SqlInjectionMatchSet < Struct.new(
2368
+ :sql_injection_match_set_id,
2369
+ :name,
2370
+ :sql_injection_match_tuples)
2371
+ include Aws::Structure
2372
+ end
2373
+
2374
+ # The `Id` and `Name` of a `SqlInjectionMatchSet`.
2375
+ # @!attribute [rw] sql_injection_match_set_id
2376
+ # A unique identifier for a `SqlInjectionMatchSet`. You use
2377
+ # `SqlInjectionMatchSetId` to get information about a
2378
+ # `SqlInjectionMatchSet` (see GetSqlInjectionMatchSet), update a
2379
+ # `SqlInjectionMatchSet` (see UpdateSqlInjectionMatchSet), insert a
2380
+ # `SqlInjectionMatchSet` into a `Rule` or delete one from a `Rule`
2381
+ # (see UpdateRule), and delete a `SqlInjectionMatchSet` from AWS WAF
2382
+ # (see DeleteSqlInjectionMatchSet).
2383
+ #
2384
+ # `SqlInjectionMatchSetId` is returned by CreateSqlInjectionMatchSet
2385
+ # and by ListSqlInjectionMatchSets.
2386
+ # @return [String]
2387
+ #
2388
+ # @!attribute [rw] name
2389
+ # The name of the `SqlInjectionMatchSet`, if any, specified by `Id`.
2390
+ # @return [String]
2391
+ class SqlInjectionMatchSetSummary < Struct.new(
2392
+ :sql_injection_match_set_id,
2393
+ :name)
2394
+ include Aws::Structure
2395
+ end
2396
+
2397
+ # Specifies the part of a web request that you want to inspect for
2398
+ # snippets of malicious SQL code and indicates whether you want to add
2399
+ # the specification to a SqlInjectionMatchSet or delete it from a
2400
+ # `SqlInjectionMatchSet`.
2401
+ # @note When making an API call, pass SqlInjectionMatchSetUpdate
2402
+ # data as a hash:
2403
+ #
2404
+ # {
2405
+ # action: "INSERT", # required, accepts INSERT, DELETE
2406
+ # sql_injection_match_tuple: { # required
2407
+ # field_to_match: { # required
2408
+ # type: "URI", # required, accepts URI, QUERY_STRING, HEADER, METHOD, BODY
2409
+ # data: "MatchFieldData",
2410
+ # },
2411
+ # text_transformation: "NONE", # required, accepts NONE, COMPRESS_WHITE_SPACE, HTML_ENTITY_DECODE, LOWERCASE, CMD_LINE, URL_DECODE
2412
+ # },
2413
+ # }
2414
+ # @!attribute [rw] action
2415
+ # Specify `INSERT` to add a SqlInjectionMatchSetUpdate to a
2416
+ # SqlInjectionMatchSet. Use `DELETE` to remove a
2417
+ # `SqlInjectionMatchSetUpdate` from a `SqlInjectionMatchSet`.
2418
+ # @return [String]
2419
+ #
2420
+ # @!attribute [rw] sql_injection_match_tuple
2421
+ # Specifies the part of a web request that you want AWS WAF to inspect
2422
+ # for snippets of malicious SQL code and, if you want AWS WAF to
2423
+ # inspect a header, the name of the header.
2424
+ # @return [Types::SqlInjectionMatchTuple]
2425
+ class SqlInjectionMatchSetUpdate < Struct.new(
2426
+ :action,
2427
+ :sql_injection_match_tuple)
2428
+ include Aws::Structure
2429
+ end
2430
+
2431
+ # Specifies the part of a web request that you want AWS WAF to inspect
2432
+ # for snippets of malicious SQL code and, if you want AWS WAF to inspect
2433
+ # a header, the name of the header.
2434
+ # @note When making an API call, pass SqlInjectionMatchTuple
2435
+ # data as a hash:
2436
+ #
2437
+ # {
2438
+ # field_to_match: { # required
2439
+ # type: "URI", # required, accepts URI, QUERY_STRING, HEADER, METHOD, BODY
2440
+ # data: "MatchFieldData",
2441
+ # },
2442
+ # text_transformation: "NONE", # required, accepts NONE, COMPRESS_WHITE_SPACE, HTML_ENTITY_DECODE, LOWERCASE, CMD_LINE, URL_DECODE
2443
+ # }
2444
+ # @!attribute [rw] field_to_match
2445
+ # Specifies where in a web request to look for snippets of malicious
2446
+ # SQL code.
2447
+ # @return [Types::FieldToMatch]
2448
+ #
2449
+ # @!attribute [rw] text_transformation
2450
+ # Text transformations eliminate some of the unusual formatting that
2451
+ # attackers use in web requests in an effort to bypass AWS WAF. If you
2452
+ # specify a transformation, AWS WAF performs the transformation on
2453
+ # `FieldToMatch` before inspecting a request for a match.
2454
+ #
2455
+ # **CMD\_LINE**
2456
+ #
2457
+ # When you're concerned that attackers are injecting an operating
2458
+ # system commandline command and using unusual formatting to disguise
2459
+ # some or all of the command, use this option to perform the following
2460
+ # transformations:
2461
+ #
2462
+ # * Delete the following characters: \\ " ' ^
2463
+ #
2464
+ # * Delete spaces before the following characters: / (
2465
+ #
2466
+ # * Replace the following characters with a space: , ;
2467
+ #
2468
+ # * Replace multiple spaces with one space
2469
+ #
2470
+ # * Convert uppercase letters (A-Z) to lowercase (a-z)
2471
+ #
2472
+ # **COMPRESS\_WHITE\_SPACE**
2473
+ #
2474
+ # Use this option to replace the following characters with a space
2475
+ # character (decimal 32):
2476
+ #
2477
+ # * \\f, formfeed, decimal 12
2478
+ #
2479
+ # * \\t, tab, decimal 9
2480
+ #
2481
+ # * \\n, newline, decimal 10
2482
+ #
2483
+ # * \\r, carriage return, decimal 13
2484
+ #
2485
+ # * \\v, vertical tab, decimal 11
2486
+ #
2487
+ # * non-breaking space, decimal 160
2488
+ #
2489
+ # `COMPRESS_WHITE_SPACE` also replaces multiple spaces with one space.
2490
+ #
2491
+ # **HTML\_ENTITY\_DECODE**
2492
+ #
2493
+ # Use this option to replace HTML-encoded characters with unencoded
2494
+ # characters. `HTML_ENTITY_DECODE` performs the following operations:
2495
+ #
2496
+ # * Replaces `(ampersand)quot;` with `"`
2497
+ #
2498
+ # * Replaces `(ampersand)nbsp;` with a non-breaking space, decimal 160
2499
+ #
2500
+ # * Replaces `(ampersand)lt;` with a "less than" symbol
2501
+ #
2502
+ # * Replaces `(ampersand)gt;` with `>`
2503
+ #
2504
+ # * Replaces characters that are represented in hexadecimal format,
2505
+ # `(ampersand)#xhhhh;`, with the corresponding characters
2506
+ #
2507
+ # * Replaces characters that are represented in decimal format,
2508
+ # `(ampersand)#nnnn;`, with the corresponding characters
2509
+ #
2510
+ # **LOWERCASE**
2511
+ #
2512
+ # Use this option to convert uppercase letters (A-Z) to lowercase
2513
+ # (a-z).
2514
+ #
2515
+ # **URL\_DECODE**
2516
+ #
2517
+ # Use this option to decode a URL-encoded value.
2518
+ #
2519
+ # **NONE**
2520
+ #
2521
+ # Specify `NONE` if you don't want to perform any text
2522
+ # transformations.
2523
+ # @return [String]
2524
+ class SqlInjectionMatchTuple < Struct.new(
2525
+ :field_to_match,
2526
+ :text_transformation)
2527
+ include Aws::Structure
2528
+ end
2529
+
2530
+ # In a GetSampledRequests request, the `StartTime` and `EndTime` objects
2531
+ # specify the time range for which you want AWS WAF to return a sample
2532
+ # of web requests.
2533
+ #
2534
+ # In a GetSampledRequests response, the `StartTime` and `EndTime`
2535
+ # objects specify the time range for which AWS WAF actually returned a
2536
+ # sample of web requests. AWS WAF gets the specified number of requests
2537
+ # from among the first 5,000 requests that your AWS resource receives
2538
+ # during the specified time period. If your resource receives more than
2539
+ # 5,000 requests during that period, AWS WAF stops sampling after the
2540
+ # 5,000th request. In that case, `EndTime` is the time that AWS WAF
2541
+ # received the 5,000th request.
2542
+ # @note When making an API call, pass TimeWindow
2543
+ # data as a hash:
2544
+ #
2545
+ # {
2546
+ # start_time: Time.now, # required
2547
+ # end_time: Time.now, # required
2548
+ # }
2549
+ # @!attribute [rw] start_time
2550
+ # The beginning of the time range from which you want
2551
+ # `GetSampledRequests` to return a sample of the requests that your
2552
+ # AWS resource received. Specify the date and time in the following
2553
+ # format: `"2016-09-27T14:50Z"`. You can specify any time range in the
2554
+ # previous three hours.
2555
+ # @return [Time]
2556
+ #
2557
+ # @!attribute [rw] end_time
2558
+ # The end of the time range from which you want `GetSampledRequests`
2559
+ # to return a sample of the requests that your AWS resource received.
2560
+ # Specify the date and time in the following format:
2561
+ # `"2016-09-27T14:50Z"`. You can specify any time range in the
2562
+ # previous three hours.
2563
+ # @return [Time]
2564
+ class TimeWindow < Struct.new(
2565
+ :start_time,
2566
+ :end_time)
2567
+ include Aws::Structure
2568
+ end
2569
+
2570
+ # @note When making an API call, pass UpdateByteMatchSetRequest
2571
+ # data as a hash:
2572
+ #
2573
+ # {
2574
+ # byte_match_set_id: "ResourceId", # required
2575
+ # change_token: "ChangeToken", # required
2576
+ # updates: [ # required
2577
+ # {
2578
+ # action: "INSERT", # required, accepts INSERT, DELETE
2579
+ # byte_match_tuple: { # required
2580
+ # field_to_match: { # required
2581
+ # type: "URI", # required, accepts URI, QUERY_STRING, HEADER, METHOD, BODY
2582
+ # data: "MatchFieldData",
2583
+ # },
2584
+ # target_string: "data", # required
2585
+ # text_transformation: "NONE", # required, accepts NONE, COMPRESS_WHITE_SPACE, HTML_ENTITY_DECODE, LOWERCASE, CMD_LINE, URL_DECODE
2586
+ # positional_constraint: "EXACTLY", # required, accepts EXACTLY, STARTS_WITH, ENDS_WITH, CONTAINS, CONTAINS_WORD
2587
+ # },
2588
+ # },
2589
+ # ],
2590
+ # }
2591
+ # @!attribute [rw] byte_match_set_id
2592
+ # The `ByteMatchSetId` of the ByteMatchSet that you want to update.
2593
+ # `ByteMatchSetId` is returned by CreateByteMatchSet and by
2594
+ # ListByteMatchSets.
2595
+ # @return [String]
2596
+ #
2597
+ # @!attribute [rw] change_token
2598
+ # The value returned by the most recent call to GetChangeToken.
2599
+ # @return [String]
2600
+ #
2601
+ # @!attribute [rw] updates
2602
+ # An array of `ByteMatchSetUpdate` objects that you want to insert
2603
+ # into or delete from a ByteMatchSet. For more information, see the
2604
+ # applicable data types:
2605
+ #
2606
+ # * ByteMatchSetUpdate: Contains `Action` and `ByteMatchTuple`
2607
+ #
2608
+ # * ByteMatchTuple: Contains `FieldToMatch`, `PositionalConstraint`,
2609
+ # `TargetString`, and `TextTransformation`
2610
+ #
2611
+ # * FieldToMatch: Contains `Data` and `Type`
2612
+ # @return [Array<Types::ByteMatchSetUpdate>]
2613
+ class UpdateByteMatchSetRequest < Struct.new(
2614
+ :byte_match_set_id,
2615
+ :change_token,
2616
+ :updates)
2617
+ include Aws::Structure
2618
+ end
2619
+
2620
+ # @!attribute [rw] change_token
2621
+ # The `ChangeToken` that you used to submit the `UpdateByteMatchSet`
2622
+ # request. You can also use this value to query the status of the
2623
+ # request. For more information, see GetChangeTokenStatus.
2624
+ # @return [String]
2625
+ class UpdateByteMatchSetResponse < Struct.new(
2626
+ :change_token)
2627
+ include Aws::Structure
2628
+ end
2629
+
2630
+ # @note When making an API call, pass UpdateIPSetRequest
2631
+ # data as a hash:
2632
+ #
2633
+ # {
2634
+ # ip_set_id: "ResourceId", # required
2635
+ # change_token: "ChangeToken", # required
2636
+ # updates: [ # required
2637
+ # {
2638
+ # action: "INSERT", # required, accepts INSERT, DELETE
2639
+ # ip_set_descriptor: { # required
2640
+ # type: "IPV4", # required, accepts IPV4, IPV6
2641
+ # value: "IPSetDescriptorValue", # required
2642
+ # },
2643
+ # },
2644
+ # ],
2645
+ # }
2646
+ # @!attribute [rw] ip_set_id
2647
+ # The `IPSetId` of the IPSet that you want to update. `IPSetId` is
2648
+ # returned by CreateIPSet and by ListIPSets.
2649
+ # @return [String]
2650
+ #
2651
+ # @!attribute [rw] change_token
2652
+ # The value returned by the most recent call to GetChangeToken.
2653
+ # @return [String]
2654
+ #
2655
+ # @!attribute [rw] updates
2656
+ # An array of `IPSetUpdate` objects that you want to insert into or
2657
+ # delete from an IPSet. For more information, see the applicable data
2658
+ # types:
2659
+ #
2660
+ # * IPSetUpdate: Contains `Action` and `IPSetDescriptor`
2661
+ #
2662
+ # * IPSetDescriptor: Contains `Type` and `Value`
2663
+ # @return [Array<Types::IPSetUpdate>]
2664
+ class UpdateIPSetRequest < Struct.new(
2665
+ :ip_set_id,
2666
+ :change_token,
2667
+ :updates)
2668
+ include Aws::Structure
2669
+ end
2670
+
2671
+ # @!attribute [rw] change_token
2672
+ # The `ChangeToken` that you used to submit the `UpdateIPSet` request.
2673
+ # You can also use this value to query the status of the request. For
2674
+ # more information, see GetChangeTokenStatus.
2675
+ # @return [String]
2676
+ class UpdateIPSetResponse < Struct.new(
2677
+ :change_token)
2678
+ include Aws::Structure
2679
+ end
2680
+
2681
+ # @note When making an API call, pass UpdateRuleRequest
2682
+ # data as a hash:
2683
+ #
2684
+ # {
2685
+ # rule_id: "ResourceId", # required
2686
+ # change_token: "ChangeToken", # required
2687
+ # updates: [ # required
2688
+ # {
2689
+ # action: "INSERT", # required, accepts INSERT, DELETE
2690
+ # predicate: { # required
2691
+ # negated: false, # required
2692
+ # type: "IPMatch", # required, accepts IPMatch, ByteMatch, SqlInjectionMatch, SizeConstraint, XssMatch
2693
+ # data_id: "ResourceId", # required
2694
+ # },
2695
+ # },
2696
+ # ],
2697
+ # }
2698
+ # @!attribute [rw] rule_id
2699
+ # The `RuleId` of the `Rule` that you want to update. `RuleId` is
2700
+ # returned by `CreateRule` and by ListRules.
2701
+ # @return [String]
2702
+ #
2703
+ # @!attribute [rw] change_token
2704
+ # The value returned by the most recent call to GetChangeToken.
2705
+ # @return [String]
2706
+ #
2707
+ # @!attribute [rw] updates
2708
+ # An array of `RuleUpdate` objects that you want to insert into or
2709
+ # delete from a Rule. For more information, see the applicable data
2710
+ # types:
2711
+ #
2712
+ # * RuleUpdate: Contains `Action` and `Predicate`
2713
+ #
2714
+ # * Predicate: Contains `DataId`, `Negated`, and `Type`
2715
+ #
2716
+ # * FieldToMatch: Contains `Data` and `Type`
2717
+ # @return [Array<Types::RuleUpdate>]
2718
+ class UpdateRuleRequest < Struct.new(
2719
+ :rule_id,
2720
+ :change_token,
2721
+ :updates)
2722
+ include Aws::Structure
2723
+ end
2724
+
2725
+ # @!attribute [rw] change_token
2726
+ # The `ChangeToken` that you used to submit the `UpdateRule` request.
2727
+ # You can also use this value to query the status of the request. For
2728
+ # more information, see GetChangeTokenStatus.
2729
+ # @return [String]
2730
+ class UpdateRuleResponse < Struct.new(
2731
+ :change_token)
2732
+ include Aws::Structure
2733
+ end
2734
+
2735
+ # @note When making an API call, pass UpdateSizeConstraintSetRequest
2736
+ # data as a hash:
2737
+ #
2738
+ # {
2739
+ # size_constraint_set_id: "ResourceId", # required
2740
+ # change_token: "ChangeToken", # required
2741
+ # updates: [ # required
2742
+ # {
2743
+ # action: "INSERT", # required, accepts INSERT, DELETE
2744
+ # size_constraint: { # required
2745
+ # field_to_match: { # required
2746
+ # type: "URI", # required, accepts URI, QUERY_STRING, HEADER, METHOD, BODY
2747
+ # data: "MatchFieldData",
2748
+ # },
2749
+ # text_transformation: "NONE", # required, accepts NONE, COMPRESS_WHITE_SPACE, HTML_ENTITY_DECODE, LOWERCASE, CMD_LINE, URL_DECODE
2750
+ # comparison_operator: "EQ", # required, accepts EQ, NE, LE, LT, GE, GT
2751
+ # size: 1, # required
2752
+ # },
2753
+ # },
2754
+ # ],
2755
+ # }
2756
+ # @!attribute [rw] size_constraint_set_id
2757
+ # The `SizeConstraintSetId` of the SizeConstraintSet that you want to
2758
+ # update. `SizeConstraintSetId` is returned by CreateSizeConstraintSet
2759
+ # and by ListSizeConstraintSets.
2760
+ # @return [String]
2761
+ #
2762
+ # @!attribute [rw] change_token
2763
+ # The value returned by the most recent call to GetChangeToken.
2764
+ # @return [String]
2765
+ #
2766
+ # @!attribute [rw] updates
2767
+ # An array of `SizeConstraintSetUpdate` objects that you want to
2768
+ # insert into or delete from a SizeConstraintSet. For more
2769
+ # information, see the applicable data types:
2770
+ #
2771
+ # * SizeConstraintSetUpdate: Contains `Action` and `SizeConstraint`
2772
+ #
2773
+ # * SizeConstraint: Contains `FieldToMatch`, `TextTransformation`,
2774
+ # `ComparisonOperator`, and `Size`
2775
+ #
2776
+ # * FieldToMatch: Contains `Data` and `Type`
2777
+ # @return [Array<Types::SizeConstraintSetUpdate>]
2778
+ class UpdateSizeConstraintSetRequest < Struct.new(
2779
+ :size_constraint_set_id,
2780
+ :change_token,
2781
+ :updates)
2782
+ include Aws::Structure
2783
+ end
2784
+
2785
+ # @!attribute [rw] change_token
2786
+ # The `ChangeToken` that you used to submit the
2787
+ # `UpdateSizeConstraintSet` request. You can also use this value to
2788
+ # query the status of the request. For more information, see
2789
+ # GetChangeTokenStatus.
2790
+ # @return [String]
2791
+ class UpdateSizeConstraintSetResponse < Struct.new(
2792
+ :change_token)
2793
+ include Aws::Structure
2794
+ end
2795
+
2796
+ # A request to update a SqlInjectionMatchSet.
2797
+ # @note When making an API call, pass UpdateSqlInjectionMatchSetRequest
2798
+ # data as a hash:
2799
+ #
2800
+ # {
2801
+ # sql_injection_match_set_id: "ResourceId", # required
2802
+ # change_token: "ChangeToken", # required
2803
+ # updates: [ # required
2804
+ # {
2805
+ # action: "INSERT", # required, accepts INSERT, DELETE
2806
+ # sql_injection_match_tuple: { # required
2807
+ # field_to_match: { # required
2808
+ # type: "URI", # required, accepts URI, QUERY_STRING, HEADER, METHOD, BODY
2809
+ # data: "MatchFieldData",
2810
+ # },
2811
+ # text_transformation: "NONE", # required, accepts NONE, COMPRESS_WHITE_SPACE, HTML_ENTITY_DECODE, LOWERCASE, CMD_LINE, URL_DECODE
2812
+ # },
2813
+ # },
2814
+ # ],
2815
+ # }
2816
+ # @!attribute [rw] sql_injection_match_set_id
2817
+ # The `SqlInjectionMatchSetId` of the `SqlInjectionMatchSet` that you
2818
+ # want to update. `SqlInjectionMatchSetId` is returned by
2819
+ # CreateSqlInjectionMatchSet and by ListSqlInjectionMatchSets.
2820
+ # @return [String]
2821
+ #
2822
+ # @!attribute [rw] change_token
2823
+ # The value returned by the most recent call to GetChangeToken.
2824
+ # @return [String]
2825
+ #
2826
+ # @!attribute [rw] updates
2827
+ # An array of `SqlInjectionMatchSetUpdate` objects that you want to
2828
+ # insert into or delete from a SqlInjectionMatchSet. For more
2829
+ # information, see the applicable data types:
2830
+ #
2831
+ # * SqlInjectionMatchSetUpdate: Contains `Action` and
2832
+ # `SqlInjectionMatchTuple`
2833
+ #
2834
+ # * SqlInjectionMatchTuple: Contains `FieldToMatch` and
2835
+ # `TextTransformation`
2836
+ #
2837
+ # * FieldToMatch: Contains `Data` and `Type`
2838
+ # @return [Array<Types::SqlInjectionMatchSetUpdate>]
2839
+ class UpdateSqlInjectionMatchSetRequest < Struct.new(
2840
+ :sql_injection_match_set_id,
2841
+ :change_token,
2842
+ :updates)
2843
+ include Aws::Structure
2844
+ end
2845
+
2846
+ # The response to an UpdateSqlInjectionMatchSets request.
2847
+ # @!attribute [rw] change_token
2848
+ # The `ChangeToken` that you used to submit the
2849
+ # `UpdateSqlInjectionMatchSet` request. You can also use this value to
2850
+ # query the status of the request. For more information, see
2851
+ # GetChangeTokenStatus.
2852
+ # @return [String]
2853
+ class UpdateSqlInjectionMatchSetResponse < Struct.new(
2854
+ :change_token)
2855
+ include Aws::Structure
2856
+ end
2857
+
2858
+ # @note When making an API call, pass UpdateWebACLRequest
2859
+ # data as a hash:
2860
+ #
2861
+ # {
2862
+ # web_acl_id: "ResourceId", # required
2863
+ # change_token: "ChangeToken", # required
2864
+ # updates: [
2865
+ # {
2866
+ # action: "INSERT", # required, accepts INSERT, DELETE
2867
+ # activated_rule: { # required
2868
+ # priority: 1, # required
2869
+ # rule_id: "ResourceId", # required
2870
+ # action: { # required
2871
+ # type: "BLOCK", # required, accepts BLOCK, ALLOW, COUNT
2872
+ # },
2873
+ # },
2874
+ # },
2875
+ # ],
2876
+ # default_action: {
2877
+ # type: "BLOCK", # required, accepts BLOCK, ALLOW, COUNT
2878
+ # },
2879
+ # }
2880
+ # @!attribute [rw] web_acl_id
2881
+ # The `WebACLId` of the WebACL that you want to update. `WebACLId` is
2882
+ # returned by CreateWebACL and by ListWebACLs.
2883
+ # @return [String]
2884
+ #
2885
+ # @!attribute [rw] change_token
2886
+ # The value returned by the most recent call to GetChangeToken.
2887
+ # @return [String]
2888
+ #
2889
+ # @!attribute [rw] updates
2890
+ # An array of updates to make to the WebACL.
2891
+ #
2892
+ # An array of `WebACLUpdate` objects that you want to insert into or
2893
+ # delete from a WebACL. For more information, see the applicable data
2894
+ # types:
2895
+ #
2896
+ # * WebACLUpdate: Contains `Action` and `ActivatedRule`
2897
+ #
2898
+ # * ActivatedRule: Contains `Action`, `Priority`, and `RuleId`
2899
+ #
2900
+ # * WafAction: Contains `Type`
2901
+ # @return [Array<Types::WebACLUpdate>]
2902
+ #
2903
+ # @!attribute [rw] default_action
2904
+ # A default action for the web ACL, either ALLOW or BLOCK. AWS WAF
2905
+ # performs the default action if a request doesn't match the criteria
2906
+ # in any of the rules in a web ACL.
2907
+ # @return [Types::WafAction]
2908
+ class UpdateWebACLRequest < Struct.new(
2909
+ :web_acl_id,
2910
+ :change_token,
2911
+ :updates,
2912
+ :default_action)
2913
+ include Aws::Structure
2914
+ end
2915
+
2916
+ # @!attribute [rw] change_token
2917
+ # The `ChangeToken` that you used to submit the `UpdateWebACL`
2918
+ # request. You can also use this value to query the status of the
2919
+ # request. For more information, see GetChangeTokenStatus.
2920
+ # @return [String]
2921
+ class UpdateWebACLResponse < Struct.new(
2922
+ :change_token)
2923
+ include Aws::Structure
2924
+ end
2925
+
2926
+ # A request to update an XssMatchSet.
2927
+ # @note When making an API call, pass UpdateXssMatchSetRequest
2928
+ # data as a hash:
2929
+ #
2930
+ # {
2931
+ # xss_match_set_id: "ResourceId", # required
2932
+ # change_token: "ChangeToken", # required
2933
+ # updates: [ # required
2934
+ # {
2935
+ # action: "INSERT", # required, accepts INSERT, DELETE
2936
+ # xss_match_tuple: { # required
2937
+ # field_to_match: { # required
2938
+ # type: "URI", # required, accepts URI, QUERY_STRING, HEADER, METHOD, BODY
2939
+ # data: "MatchFieldData",
2940
+ # },
2941
+ # text_transformation: "NONE", # required, accepts NONE, COMPRESS_WHITE_SPACE, HTML_ENTITY_DECODE, LOWERCASE, CMD_LINE, URL_DECODE
2942
+ # },
2943
+ # },
2944
+ # ],
2945
+ # }
2946
+ # @!attribute [rw] xss_match_set_id
2947
+ # The `XssMatchSetId` of the `XssMatchSet` that you want to update.
2948
+ # `XssMatchSetId` is returned by CreateXssMatchSet and by
2949
+ # ListXssMatchSets.
2950
+ # @return [String]
2951
+ #
2952
+ # @!attribute [rw] change_token
2953
+ # The value returned by the most recent call to GetChangeToken.
2954
+ # @return [String]
2955
+ #
2956
+ # @!attribute [rw] updates
2957
+ # An array of `XssMatchSetUpdate` objects that you want to insert into
2958
+ # or delete from a XssMatchSet. For more information, see the
2959
+ # applicable data types:
2960
+ #
2961
+ # * XssMatchSetUpdate: Contains `Action` and `XssMatchTuple`
2962
+ #
2963
+ # * XssMatchTuple: Contains `FieldToMatch` and `TextTransformation`
2964
+ #
2965
+ # * FieldToMatch: Contains `Data` and `Type`
2966
+ # @return [Array<Types::XssMatchSetUpdate>]
2967
+ class UpdateXssMatchSetRequest < Struct.new(
2968
+ :xss_match_set_id,
2969
+ :change_token,
2970
+ :updates)
2971
+ include Aws::Structure
2972
+ end
2973
+
2974
+ # The response to an UpdateXssMatchSets request.
2975
+ # @!attribute [rw] change_token
2976
+ # The `ChangeToken` that you used to submit the `UpdateXssMatchSet`
2977
+ # request. You can also use this value to query the status of the
2978
+ # request. For more information, see GetChangeTokenStatus.
2979
+ # @return [String]
2980
+ class UpdateXssMatchSetResponse < Struct.new(
2981
+ :change_token)
2982
+ include Aws::Structure
2983
+ end
2984
+
2985
+ # For the action that is associated with a rule in a `WebACL`, specifies
2986
+ # the action that you want AWS WAF to perform when a web request matches
2987
+ # all of the conditions in a rule. For the default action in a `WebACL`,
2988
+ # specifies the action that you want AWS WAF to take when a web request
2989
+ # doesn't match all of the conditions in any of the rules in a
2990
+ # `WebACL`.
2991
+ # @note When making an API call, pass WafAction
2992
+ # data as a hash:
2993
+ #
2994
+ # {
2995
+ # type: "BLOCK", # required, accepts BLOCK, ALLOW, COUNT
2996
+ # }
2997
+ # @!attribute [rw] type
2998
+ # Specifies how you want AWS WAF to respond to requests that match the
2999
+ # settings in a `Rule`. Valid settings include the following:
3000
+ #
3001
+ # * `ALLOW`\: AWS WAF allows requests
3002
+ #
3003
+ # * `BLOCK`\: AWS WAF blocks requests
3004
+ #
3005
+ # * `COUNT`\: AWS WAF increments a counter of the requests that match
3006
+ # all of the conditions in the rule. AWS WAF then continues to
3007
+ # inspect the web request based on the remaining rules in the web
3008
+ # ACL. You can't specify `COUNT` for the default action for a
3009
+ # `WebACL`.
3010
+ # @return [String]
3011
+ class WafAction < Struct.new(
3012
+ :type)
3013
+ include Aws::Structure
3014
+ end
3015
+
3016
+ # Contains the `Rules` that identify the requests that you want to
3017
+ # allow, block, or count. In a `WebACL`, you also specify a default
3018
+ # action (`ALLOW` or `BLOCK`), and the action for each `Rule` that you
3019
+ # add to a `WebACL`, for example, block requests from specified IP
3020
+ # addresses or block requests from specified referrers. You also
3021
+ # associate the `WebACL` with a CloudFront distribution to identify the
3022
+ # requests that you want AWS WAF to filter. If you add more than one
3023
+ # `Rule` to a `WebACL`, a request needs to match only one of the
3024
+ # specifications to be allowed, blocked, or counted. For more
3025
+ # information, see UpdateWebACL.
3026
+ # @!attribute [rw] web_acl_id
3027
+ # A unique identifier for a `WebACL`. You use `WebACLId` to get
3028
+ # information about a `WebACL` (see GetWebACL), update a `WebACL` (see
3029
+ # UpdateWebACL), and delete a `WebACL` from AWS WAF (see
3030
+ # DeleteWebACL).
3031
+ #
3032
+ # `WebACLId` is returned by CreateWebACL and by ListWebACLs.
3033
+ # @return [String]
3034
+ #
3035
+ # @!attribute [rw] name
3036
+ # A friendly name or description of the `WebACL`. You can't change
3037
+ # the name of a `WebACL` after you create it.
3038
+ # @return [String]
3039
+ #
3040
+ # @!attribute [rw] metric_name
3041
+ # A friendly name or description for the metrics for this `WebACL`.
3042
+ # The name can contain only alphanumeric characters (A-Z, a-z, 0-9);
3043
+ # the name can't contain whitespace. You can't change `MetricName`
3044
+ # after you create the `WebACL`.
3045
+ # @return [String]
3046
+ #
3047
+ # @!attribute [rw] default_action
3048
+ # The action to perform if none of the `Rules` contained in the
3049
+ # `WebACL` match. The action is specified by the WafAction object.
3050
+ # @return [Types::WafAction]
3051
+ #
3052
+ # @!attribute [rw] rules
3053
+ # An array that contains the action for each `Rule` in a `WebACL`, the
3054
+ # priority of the `Rule`, and the ID of the `Rule`.
3055
+ # @return [Array<Types::ActivatedRule>]
3056
+ class WebACL < Struct.new(
3057
+ :web_acl_id,
3058
+ :name,
3059
+ :metric_name,
3060
+ :default_action,
3061
+ :rules)
3062
+ include Aws::Structure
3063
+ end
3064
+
3065
+ # Contains the identifier and the name or description of the WebACL.
3066
+ # @!attribute [rw] web_acl_id
3067
+ # A unique identifier for a `WebACL`. You use `WebACLId` to get
3068
+ # information about a `WebACL` (see GetWebACL), update a `WebACL` (see
3069
+ # UpdateWebACL), and delete a `WebACL` from AWS WAF (see
3070
+ # DeleteWebACL).
3071
+ #
3072
+ # `WebACLId` is returned by CreateWebACL and by ListWebACLs.
3073
+ # @return [String]
3074
+ #
3075
+ # @!attribute [rw] name
3076
+ # A friendly name or description of the WebACL. You can't change the
3077
+ # name of a `WebACL` after you create it.
3078
+ # @return [String]
3079
+ class WebACLSummary < Struct.new(
3080
+ :web_acl_id,
3081
+ :name)
3082
+ include Aws::Structure
3083
+ end
3084
+
3085
+ # Specifies whether to insert a `Rule` into or delete a `Rule` from a
3086
+ # `WebACL`.
3087
+ # @note When making an API call, pass WebACLUpdate
3088
+ # data as a hash:
3089
+ #
3090
+ # {
3091
+ # action: "INSERT", # required, accepts INSERT, DELETE
3092
+ # activated_rule: { # required
3093
+ # priority: 1, # required
3094
+ # rule_id: "ResourceId", # required
3095
+ # action: { # required
3096
+ # type: "BLOCK", # required, accepts BLOCK, ALLOW, COUNT
3097
+ # },
3098
+ # },
3099
+ # }
3100
+ # @!attribute [rw] action
3101
+ # Specifies whether to insert a `Rule` into or delete a `Rule` from a
3102
+ # `WebACL`.
3103
+ # @return [String]
3104
+ #
3105
+ # @!attribute [rw] activated_rule
3106
+ # The `ActivatedRule` object in an UpdateWebACL request specifies a
3107
+ # `Rule` that you want to insert or delete, the priority of the `Rule`
3108
+ # in the `WebACL`, and the action that you want AWS WAF to take when a
3109
+ # web request matches the `Rule` (`ALLOW`, `BLOCK`, or `COUNT`).
3110
+ # @return [Types::ActivatedRule]
3111
+ class WebACLUpdate < Struct.new(
3112
+ :action,
3113
+ :activated_rule)
3114
+ include Aws::Structure
3115
+ end
3116
+
3117
+ # A complex type that contains `XssMatchTuple` objects, which specify
3118
+ # the parts of web requests that you want AWS WAF to inspect for
3119
+ # cross-site scripting attacks and, if you want AWS WAF to inspect a
3120
+ # header, the name of the header. If a `XssMatchSet` contains more than
3121
+ # one `XssMatchTuple` object, a request needs to include cross-site
3122
+ # scripting attacks in only one of the specified parts of the request to
3123
+ # be considered a match.
3124
+ # @!attribute [rw] xss_match_set_id
3125
+ # A unique identifier for an `XssMatchSet`. You use `XssMatchSetId` to
3126
+ # get information about an `XssMatchSet` (see GetXssMatchSet), update
3127
+ # an `XssMatchSet` (see UpdateXssMatchSet), insert an `XssMatchSet`
3128
+ # into a `Rule` or delete one from a `Rule` (see UpdateRule), and
3129
+ # delete an `XssMatchSet` from AWS WAF (see DeleteXssMatchSet).
3130
+ #
3131
+ # `XssMatchSetId` is returned by CreateXssMatchSet and by
3132
+ # ListXssMatchSets.
3133
+ # @return [String]
3134
+ #
3135
+ # @!attribute [rw] name
3136
+ # The name, if any, of the `XssMatchSet`.
3137
+ # @return [String]
3138
+ #
3139
+ # @!attribute [rw] xss_match_tuples
3140
+ # Specifies the parts of web requests that you want to inspect for
3141
+ # cross-site scripting attacks.
3142
+ # @return [Array<Types::XssMatchTuple>]
3143
+ class XssMatchSet < Struct.new(
3144
+ :xss_match_set_id,
3145
+ :name,
3146
+ :xss_match_tuples)
3147
+ include Aws::Structure
3148
+ end
3149
+
3150
+ # The `Id` and `Name` of an `XssMatchSet`.
3151
+ # @!attribute [rw] xss_match_set_id
3152
+ # A unique identifier for an `XssMatchSet`. You use `XssMatchSetId` to
3153
+ # get information about a `XssMatchSet` (see GetXssMatchSet), update
3154
+ # an `XssMatchSet` (see UpdateXssMatchSet), insert an `XssMatchSet`
3155
+ # into a `Rule` or delete one from a `Rule` (see UpdateRule), and
3156
+ # delete an `XssMatchSet` from AWS WAF (see DeleteXssMatchSet).
3157
+ #
3158
+ # `XssMatchSetId` is returned by CreateXssMatchSet and by
3159
+ # ListXssMatchSets.
3160
+ # @return [String]
3161
+ #
3162
+ # @!attribute [rw] name
3163
+ # The name of the `XssMatchSet`, if any, specified by `Id`.
3164
+ # @return [String]
3165
+ class XssMatchSetSummary < Struct.new(
3166
+ :xss_match_set_id,
3167
+ :name)
3168
+ include Aws::Structure
3169
+ end
3170
+
3171
+ # Specifies the part of a web request that you want to inspect for
3172
+ # cross-site scripting attacks and indicates whether you want to add the
3173
+ # specification to an XssMatchSet or delete it from an `XssMatchSet`.
3174
+ # @note When making an API call, pass XssMatchSetUpdate
3175
+ # data as a hash:
3176
+ #
3177
+ # {
3178
+ # action: "INSERT", # required, accepts INSERT, DELETE
3179
+ # xss_match_tuple: { # required
3180
+ # field_to_match: { # required
3181
+ # type: "URI", # required, accepts URI, QUERY_STRING, HEADER, METHOD, BODY
3182
+ # data: "MatchFieldData",
3183
+ # },
3184
+ # text_transformation: "NONE", # required, accepts NONE, COMPRESS_WHITE_SPACE, HTML_ENTITY_DECODE, LOWERCASE, CMD_LINE, URL_DECODE
3185
+ # },
3186
+ # }
3187
+ # @!attribute [rw] action
3188
+ # Specify `INSERT` to add a XssMatchSetUpdate to an XssMatchSet. Use
3189
+ # `DELETE` to remove a `XssMatchSetUpdate` from an `XssMatchSet`.
3190
+ # @return [String]
3191
+ #
3192
+ # @!attribute [rw] xss_match_tuple
3193
+ # Specifies the part of a web request that you want AWS WAF to inspect
3194
+ # for cross-site scripting attacks and, if you want AWS WAF to inspect
3195
+ # a header, the name of the header.
3196
+ # @return [Types::XssMatchTuple]
3197
+ class XssMatchSetUpdate < Struct.new(
3198
+ :action,
3199
+ :xss_match_tuple)
3200
+ include Aws::Structure
3201
+ end
3202
+
3203
+ # Specifies the part of a web request that you want AWS WAF to inspect
3204
+ # for cross-site scripting attacks and, if you want AWS WAF to inspect a
3205
+ # header, the name of the header.
3206
+ # @note When making an API call, pass XssMatchTuple
3207
+ # data as a hash:
3208
+ #
3209
+ # {
3210
+ # field_to_match: { # required
3211
+ # type: "URI", # required, accepts URI, QUERY_STRING, HEADER, METHOD, BODY
3212
+ # data: "MatchFieldData",
3213
+ # },
3214
+ # text_transformation: "NONE", # required, accepts NONE, COMPRESS_WHITE_SPACE, HTML_ENTITY_DECODE, LOWERCASE, CMD_LINE, URL_DECODE
3215
+ # }
3216
+ # @!attribute [rw] field_to_match
3217
+ # Specifies where in a web request to look for cross-site scripting
3218
+ # attacks.
3219
+ # @return [Types::FieldToMatch]
3220
+ #
3221
+ # @!attribute [rw] text_transformation
3222
+ # Text transformations eliminate some of the unusual formatting that
3223
+ # attackers use in web requests in an effort to bypass AWS WAF. If you
3224
+ # specify a transformation, AWS WAF performs the transformation on
3225
+ # `FieldToMatch` before inspecting a request for a match.
3226
+ #
3227
+ # **CMD\_LINE**
3228
+ #
3229
+ # When you're concerned that attackers are injecting an operating
3230
+ # system commandline command and using unusual formatting to disguise
3231
+ # some or all of the command, use this option to perform the following
3232
+ # transformations:
3233
+ #
3234
+ # * Delete the following characters: \\ " ' ^
3235
+ #
3236
+ # * Delete spaces before the following characters: / (
3237
+ #
3238
+ # * Replace the following characters with a space: , ;
3239
+ #
3240
+ # * Replace multiple spaces with one space
3241
+ #
3242
+ # * Convert uppercase letters (A-Z) to lowercase (a-z)
3243
+ #
3244
+ # **COMPRESS\_WHITE\_SPACE**
3245
+ #
3246
+ # Use this option to replace the following characters with a space
3247
+ # character (decimal 32):
3248
+ #
3249
+ # * \\f, formfeed, decimal 12
3250
+ #
3251
+ # * \\t, tab, decimal 9
3252
+ #
3253
+ # * \\n, newline, decimal 10
3254
+ #
3255
+ # * \\r, carriage return, decimal 13
3256
+ #
3257
+ # * \\v, vertical tab, decimal 11
3258
+ #
3259
+ # * non-breaking space, decimal 160
3260
+ #
3261
+ # `COMPRESS_WHITE_SPACE` also replaces multiple spaces with one space.
3262
+ #
3263
+ # **HTML\_ENTITY\_DECODE**
3264
+ #
3265
+ # Use this option to replace HTML-encoded characters with unencoded
3266
+ # characters. `HTML_ENTITY_DECODE` performs the following operations:
3267
+ #
3268
+ # * Replaces `(ampersand)quot;` with `"`
3269
+ #
3270
+ # * Replaces `(ampersand)nbsp;` with a non-breaking space, decimal 160
3271
+ #
3272
+ # * Replaces `(ampersand)lt;` with a "less than" symbol
3273
+ #
3274
+ # * Replaces `(ampersand)gt;` with `>`
3275
+ #
3276
+ # * Replaces characters that are represented in hexadecimal format,
3277
+ # `(ampersand)#xhhhh;`, with the corresponding characters
3278
+ #
3279
+ # * Replaces characters that are represented in decimal format,
3280
+ # `(ampersand)#nnnn;`, with the corresponding characters
3281
+ #
3282
+ # **LOWERCASE**
3283
+ #
3284
+ # Use this option to convert uppercase letters (A-Z) to lowercase
3285
+ # (a-z).
3286
+ #
3287
+ # **URL\_DECODE**
3288
+ #
3289
+ # Use this option to decode a URL-encoded value.
3290
+ #
3291
+ # **NONE**
3292
+ #
3293
+ # Specify `NONE` if you don't want to perform any text
3294
+ # transformations.
3295
+ # @return [String]
3296
+ class XssMatchTuple < Struct.new(
3297
+ :field_to_match,
3298
+ :text_transformation)
3299
+ include Aws::Structure
3300
+ end
3301
+
3302
+ end
3303
+ end
3304
+ end