aws-sdk-wafv2 1.0.0 → 1.5.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +5 -5
- data/lib/aws-sdk-wafv2.rb +7 -4
- data/lib/aws-sdk-wafv2/client.rb +388 -115
- data/lib/aws-sdk-wafv2/client_api.rb +156 -0
- data/lib/aws-sdk-wafv2/errors.rb +79 -9
- data/lib/aws-sdk-wafv2/resource.rb +1 -0
- data/lib/aws-sdk-wafv2/types.rb +602 -177
- metadata +3 -3
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
|
-
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
2
|
+
SHA256:
|
3
|
+
metadata.gz: 2077638b25cf3919dab9362a681e653474f771b027596f490bcec08cb33c2662
|
4
|
+
data.tar.gz: 2a25517f8ff27ce7db985966ba97013fa065707193c1be8819389dfcb5fb39eb
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: aca3d8b7fcd0343bd7df3dd77d336eae5a5c0b103ddfa63aff6afde49240d336cc68346a1a464b2441da003071aa8d4a6760140f0a83b341158e30df0b587221
|
7
|
+
data.tar.gz: 11cda57e146aff37eddb310c99ed45e389b7a77aba57b2fb5d61aa711dd479076af6c8f5b7feb3f486fddcfdbbe6b8e81e6a02769735ed871d97f5b9e9e08f51
|
data/lib/aws-sdk-wafv2.rb
CHANGED
@@ -24,17 +24,20 @@ require_relative 'aws-sdk-wafv2/customizations'
|
|
24
24
|
# methods each accept a hash of request parameters and return a response
|
25
25
|
# structure.
|
26
26
|
#
|
27
|
+
# wafv2 = Aws::WAFV2::Client.new
|
28
|
+
# resp = wafv2.associate_web_acl(params)
|
29
|
+
#
|
27
30
|
# See {Client} for more information.
|
28
31
|
#
|
29
32
|
# # Errors
|
30
33
|
#
|
31
|
-
# Errors returned from AWS WAFV2
|
32
|
-
# extend {Errors::ServiceError}.
|
34
|
+
# Errors returned from AWS WAFV2 are defined in the
|
35
|
+
# {Errors} module and all extend {Errors::ServiceError}.
|
33
36
|
#
|
34
37
|
# begin
|
35
38
|
# # do stuff
|
36
39
|
# rescue Aws::WAFV2::Errors::ServiceError
|
37
|
-
# # rescues all
|
40
|
+
# # rescues all AWS WAFV2 API errors
|
38
41
|
# end
|
39
42
|
#
|
40
43
|
# See {Errors} for more information.
|
@@ -42,6 +45,6 @@ require_relative 'aws-sdk-wafv2/customizations'
|
|
42
45
|
# @service
|
43
46
|
module Aws::WAFV2
|
44
47
|
|
45
|
-
GEM_VERSION = '1.
|
48
|
+
GEM_VERSION = '1.5.0'
|
46
49
|
|
47
50
|
end
|
data/lib/aws-sdk-wafv2/client.rb
CHANGED
@@ -30,6 +30,18 @@ require 'aws-sdk-core/plugins/protocols/json_rpc.rb'
|
|
30
30
|
Aws::Plugins::GlobalConfiguration.add_identifier(:wafv2)
|
31
31
|
|
32
32
|
module Aws::WAFV2
|
33
|
+
# An API client for WAFV2. To construct a client, you need to configure a `:region` and `:credentials`.
|
34
|
+
#
|
35
|
+
# client = Aws::WAFV2::Client.new(
|
36
|
+
# region: region_name,
|
37
|
+
# credentials: credentials,
|
38
|
+
# # ...
|
39
|
+
# )
|
40
|
+
#
|
41
|
+
# For details on configuring region and credentials see
|
42
|
+
# the [developer guide](/sdk-for-ruby/v3/developer-guide/setup-config.html).
|
43
|
+
#
|
44
|
+
# See {#initialize} for a full list of supported configuration options.
|
33
45
|
class Client < Seahorse::Client::Base
|
34
46
|
|
35
47
|
include Aws::ClientStubs
|
@@ -93,7 +105,7 @@ module Aws::WAFV2
|
|
93
105
|
# @option options [required, String] :region
|
94
106
|
# The AWS region to connect to. The configured `:region` is
|
95
107
|
# used to determine the service `:endpoint`. When not passed,
|
96
|
-
# a default `:region` is
|
108
|
+
# a default `:region` is searched for in the following locations:
|
97
109
|
#
|
98
110
|
# * `Aws.config[:region]`
|
99
111
|
# * `ENV['AWS_REGION']`
|
@@ -108,6 +120,12 @@ module Aws::WAFV2
|
|
108
120
|
# When set to `true`, a thread polling for endpoints will be running in
|
109
121
|
# the background every 60 secs (default). Defaults to `false`.
|
110
122
|
#
|
123
|
+
# @option options [Boolean] :adaptive_retry_wait_to_fill (true)
|
124
|
+
# Used only in `adaptive` retry mode. When true, the request will sleep
|
125
|
+
# until there is sufficent client side capacity to retry the request.
|
126
|
+
# When false, the request will raise a `RetryCapacityNotAvailableError` and will
|
127
|
+
# not retry instead of sleeping.
|
128
|
+
#
|
111
129
|
# @option options [Boolean] :client_side_monitoring (false)
|
112
130
|
# When `true`, client-side metrics will be collected for all API requests from
|
113
131
|
# this client.
|
@@ -132,6 +150,10 @@ module Aws::WAFV2
|
|
132
150
|
# When `true`, an attempt is made to coerce request parameters into
|
133
151
|
# the required types.
|
134
152
|
#
|
153
|
+
# @option options [Boolean] :correct_clock_skew (true)
|
154
|
+
# Used only in `standard` and adaptive retry modes. Specifies whether to apply
|
155
|
+
# a clock skew correction and retry requests with skewed client clocks.
|
156
|
+
#
|
135
157
|
# @option options [Boolean] :disable_host_prefix_injection (false)
|
136
158
|
# Set to true to disable SDK automatically adding host prefix
|
137
159
|
# to default service endpoint when available.
|
@@ -139,7 +161,7 @@ module Aws::WAFV2
|
|
139
161
|
# @option options [String] :endpoint
|
140
162
|
# The client endpoint is normally constructed from the `:region`
|
141
163
|
# option. You should only configure an `:endpoint` when connecting
|
142
|
-
# to test endpoints. This should be
|
164
|
+
# to test endpoints. This should be a valid HTTP(S) URI.
|
143
165
|
#
|
144
166
|
# @option options [Integer] :endpoint_cache_max_entries (1000)
|
145
167
|
# Used for the maximum size limit of the LRU cache storing endpoints data
|
@@ -154,7 +176,7 @@ module Aws::WAFV2
|
|
154
176
|
# requests fetching endpoints information. Defaults to 60 sec.
|
155
177
|
#
|
156
178
|
# @option options [Boolean] :endpoint_discovery (false)
|
157
|
-
# When set to `true`, endpoint discovery will be enabled for operations when available.
|
179
|
+
# When set to `true`, endpoint discovery will be enabled for operations when available.
|
158
180
|
#
|
159
181
|
# @option options [Aws::Log::Formatter] :log_formatter (Aws::Log::Formatter.default)
|
160
182
|
# The log formatter.
|
@@ -166,15 +188,29 @@ module Aws::WAFV2
|
|
166
188
|
# The Logger instance to send log messages to. If this option
|
167
189
|
# is not set, logging will be disabled.
|
168
190
|
#
|
191
|
+
# @option options [Integer] :max_attempts (3)
|
192
|
+
# An integer representing the maximum number attempts that will be made for
|
193
|
+
# a single request, including the initial attempt. For example,
|
194
|
+
# setting this value to 5 will result in a request being retried up to
|
195
|
+
# 4 times. Used in `standard` and `adaptive` retry modes.
|
196
|
+
#
|
169
197
|
# @option options [String] :profile ("default")
|
170
198
|
# Used when loading credentials from the shared credentials file
|
171
199
|
# at HOME/.aws/credentials. When not specified, 'default' is used.
|
172
200
|
#
|
201
|
+
# @option options [Proc] :retry_backoff
|
202
|
+
# A proc or lambda used for backoff. Defaults to 2**retries * retry_base_delay.
|
203
|
+
# This option is only used in the `legacy` retry mode.
|
204
|
+
#
|
173
205
|
# @option options [Float] :retry_base_delay (0.3)
|
174
|
-
# The base delay in seconds used by the default backoff function.
|
206
|
+
# The base delay in seconds used by the default backoff function. This option
|
207
|
+
# is only used in the `legacy` retry mode.
|
175
208
|
#
|
176
209
|
# @option options [Symbol] :retry_jitter (:none)
|
177
|
-
# A delay randomiser function used by the default backoff function.
|
210
|
+
# A delay randomiser function used by the default backoff function.
|
211
|
+
# Some predefined functions can be referenced by name - :none, :equal, :full,
|
212
|
+
# otherwise a Proc that takes and returns a number. This option is only used
|
213
|
+
# in the `legacy` retry mode.
|
178
214
|
#
|
179
215
|
# @see https://www.awsarchitectureblog.com/2015/03/backoff.html
|
180
216
|
#
|
@@ -182,11 +218,30 @@ module Aws::WAFV2
|
|
182
218
|
# The maximum number of times to retry failed requests. Only
|
183
219
|
# ~ 500 level server errors and certain ~ 400 level client errors
|
184
220
|
# are retried. Generally, these are throttling errors, data
|
185
|
-
# checksum errors, networking errors, timeout errors
|
186
|
-
# errors from expired credentials.
|
221
|
+
# checksum errors, networking errors, timeout errors, auth errors,
|
222
|
+
# endpoint discovery, and errors from expired credentials.
|
223
|
+
# This option is only used in the `legacy` retry mode.
|
187
224
|
#
|
188
225
|
# @option options [Integer] :retry_max_delay (0)
|
189
|
-
# The maximum number of seconds to delay between retries (0 for no limit)
|
226
|
+
# The maximum number of seconds to delay between retries (0 for no limit)
|
227
|
+
# used by the default backoff function. This option is only used in the
|
228
|
+
# `legacy` retry mode.
|
229
|
+
#
|
230
|
+
# @option options [String] :retry_mode ("legacy")
|
231
|
+
# Specifies which retry algorithm to use. Values are:
|
232
|
+
#
|
233
|
+
# * `legacy` - The pre-existing retry behavior. This is default value if
|
234
|
+
# no retry mode is provided.
|
235
|
+
#
|
236
|
+
# * `standard` - A standardized set of retry rules across the AWS SDKs.
|
237
|
+
# This includes support for retry quotas, which limit the number of
|
238
|
+
# unsuccessful retries a client can make.
|
239
|
+
#
|
240
|
+
# * `adaptive` - An experimental retry mode that includes all the
|
241
|
+
# functionality of `standard` mode along with automatic client side
|
242
|
+
# throttling. This is a provisional mode that may change behavior
|
243
|
+
# in the future.
|
244
|
+
#
|
190
245
|
#
|
191
246
|
# @option options [String] :secret_access_key
|
192
247
|
#
|
@@ -219,16 +274,15 @@ module Aws::WAFV2
|
|
219
274
|
# requests through. Formatted like 'http://proxy.com:123'.
|
220
275
|
#
|
221
276
|
# @option options [Float] :http_open_timeout (15) The number of
|
222
|
-
# seconds to wait when opening a HTTP session before
|
277
|
+
# seconds to wait when opening a HTTP session before raising a
|
223
278
|
# `Timeout::Error`.
|
224
279
|
#
|
225
280
|
# @option options [Integer] :http_read_timeout (60) The default
|
226
281
|
# number of seconds to wait for response data. This value can
|
227
|
-
# safely be set
|
228
|
-
# per-request on the session yeidled by {#session_for}.
|
282
|
+
# safely be set per-request on the session.
|
229
283
|
#
|
230
284
|
# @option options [Float] :http_idle_timeout (5) The number of
|
231
|
-
# seconds a connection is allowed to sit
|
285
|
+
# seconds a connection is allowed to sit idle before it is
|
232
286
|
# considered stale. Stale connections are closed and removed
|
233
287
|
# from the pool before making a request.
|
234
288
|
#
|
@@ -237,7 +291,7 @@ module Aws::WAFV2
|
|
237
291
|
# request body. This option has no effect unless the request has
|
238
292
|
# "Expect" header set to "100-continue". Defaults to `nil` which
|
239
293
|
# disables this behaviour. This value can safely be set per
|
240
|
-
# request on the session
|
294
|
+
# request on the session.
|
241
295
|
#
|
242
296
|
# @option options [Boolean] :http_wire_trace (false) When `true`,
|
243
297
|
# HTTP debug output will be sent to the `:logger`.
|
@@ -275,9 +329,11 @@ module Aws::WAFV2
|
|
275
329
|
# the resource. A regional application can be an Application Load
|
276
330
|
# Balancer (ALB) or an API Gateway stage.
|
277
331
|
#
|
278
|
-
# For AWS CloudFront,
|
279
|
-
#
|
280
|
-
#
|
332
|
+
# For AWS CloudFront, don't use this call. Instead, use your CloudFront
|
333
|
+
# distribution configuration. To associate a Web ACL, in the CloudFront
|
334
|
+
# call `UpdateDistribution`, set the web ACL ID to the Amazon Resource
|
335
|
+
# Name (ARN) of the Web ACL. For information, see
|
336
|
+
# [UpdateDistribution][2].
|
281
337
|
#
|
282
338
|
#
|
283
339
|
#
|
@@ -294,15 +350,12 @@ module Aws::WAFV2
|
|
294
350
|
#
|
295
351
|
# The ARN must be in one of the following formats:
|
296
352
|
#
|
297
|
-
# * For
|
298
|
-
# `arn:aws:
|
353
|
+
# * For an Application Load Balancer:
|
354
|
+
# `arn:aws:elasticloadbalancing:region:account-id:loadbalancer/app/load-balancer-name/load-balancer-id
|
355
|
+
# `
|
299
356
|
#
|
300
|
-
# * For an
|
301
|
-
# region
|
302
|
-
# /load-balancer-id `
|
303
|
-
#
|
304
|
-
# * For an Amazon API Gateway stage: `arn:aws:apigateway:region
|
305
|
-
# ::/restapis/api-id/stages/stage-name `
|
357
|
+
# * For an Amazon API Gateway stage:
|
358
|
+
# `arn:aws:apigateway:region::/restapis/api-id/stages/stage-name `
|
306
359
|
#
|
307
360
|
# @return [Struct] Returns an empty {Seahorse::Client::Response response}.
|
308
361
|
#
|
@@ -354,7 +407,7 @@ module Aws::WAFV2
|
|
354
407
|
# To work with CloudFront, you must also specify the Region US East (N.
|
355
408
|
# Virginia) as follows:
|
356
409
|
#
|
357
|
-
# * CLI - Specify the
|
410
|
+
# * CLI - Specify the Region when you use the CloudFront scope:
|
358
411
|
# `--scope=CLOUDFRONT --region=us-east-1`.
|
359
412
|
#
|
360
413
|
# * API and SDKs - For all calls, use the Region endpoint us-east-1.
|
@@ -615,8 +668,8 @@ module Aws::WAFV2
|
|
615
668
|
# [1]: https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html
|
616
669
|
#
|
617
670
|
# @option params [required, String] :name
|
618
|
-
#
|
619
|
-
#
|
671
|
+
# The name of the IP set. You cannot change the name of an `IPSet` after
|
672
|
+
# you create it.
|
620
673
|
#
|
621
674
|
# @option params [required, String] :scope
|
622
675
|
# Specifies whether this is for an AWS CloudFront distribution or for a
|
@@ -626,14 +679,14 @@ module Aws::WAFV2
|
|
626
679
|
# To work with CloudFront, you must also specify the Region US East (N.
|
627
680
|
# Virginia) as follows:
|
628
681
|
#
|
629
|
-
# * CLI - Specify the
|
682
|
+
# * CLI - Specify the Region when you use the CloudFront scope:
|
630
683
|
# `--scope=CLOUDFRONT --region=us-east-1`.
|
631
684
|
#
|
632
685
|
# * API and SDKs - For all calls, use the Region endpoint us-east-1.
|
633
686
|
#
|
634
687
|
# @option params [String] :description
|
635
|
-
# A
|
636
|
-
# description of an IP set after you create it.
|
688
|
+
# A description of the IP set that helps with identification. You cannot
|
689
|
+
# change the description of an IP set after you create it.
|
637
690
|
#
|
638
691
|
# @option params [required, String] :ip_address_version
|
639
692
|
# Specify IPV4 or IPV6.
|
@@ -717,15 +770,17 @@ module Aws::WAFV2
|
|
717
770
|
#
|
718
771
|
# </note>
|
719
772
|
#
|
720
|
-
# Creates a RegexPatternSet
|
773
|
+
# Creates a RegexPatternSet, which you reference in a
|
774
|
+
# RegexPatternSetReferenceStatement, to have AWS WAF inspect a web
|
775
|
+
# request component for the specified patterns.
|
721
776
|
#
|
722
777
|
#
|
723
778
|
#
|
724
779
|
# [1]: https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html
|
725
780
|
#
|
726
781
|
# @option params [required, String] :name
|
727
|
-
#
|
728
|
-
#
|
782
|
+
# The name of the set. You cannot change the name after you create the
|
783
|
+
# set.
|
729
784
|
#
|
730
785
|
# @option params [required, String] :scope
|
731
786
|
# Specifies whether this is for an AWS CloudFront distribution or for a
|
@@ -735,14 +790,14 @@ module Aws::WAFV2
|
|
735
790
|
# To work with CloudFront, you must also specify the Region US East (N.
|
736
791
|
# Virginia) as follows:
|
737
792
|
#
|
738
|
-
# * CLI - Specify the
|
793
|
+
# * CLI - Specify the Region when you use the CloudFront scope:
|
739
794
|
# `--scope=CLOUDFRONT --region=us-east-1`.
|
740
795
|
#
|
741
796
|
# * API and SDKs - For all calls, use the Region endpoint us-east-1.
|
742
797
|
#
|
743
798
|
# @option params [String] :description
|
744
|
-
# A
|
745
|
-
# of a set after you create it.
|
799
|
+
# A description of the set that helps with identification. You cannot
|
800
|
+
# change the description of a set after you create it.
|
746
801
|
#
|
747
802
|
# @option params [required, Array<Types::Regex>] :regular_expression_list
|
748
803
|
# Array of regular expression strings.
|
@@ -810,8 +865,8 @@ module Aws::WAFV2
|
|
810
865
|
# [1]: https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html
|
811
866
|
#
|
812
867
|
# @option params [required, String] :name
|
813
|
-
#
|
814
|
-
#
|
868
|
+
# The name of the rule group. You cannot change the name of a rule group
|
869
|
+
# after you create it.
|
815
870
|
#
|
816
871
|
# @option params [required, String] :scope
|
817
872
|
# Specifies whether this is for an AWS CloudFront distribution or for a
|
@@ -821,7 +876,7 @@ module Aws::WAFV2
|
|
821
876
|
# To work with CloudFront, you must also specify the Region US East (N.
|
822
877
|
# Virginia) as follows:
|
823
878
|
#
|
824
|
-
# * CLI - Specify the
|
879
|
+
# * CLI - Specify the Region when you use the CloudFront scope:
|
825
880
|
# `--scope=CLOUDFRONT --region=us-east-1`.
|
826
881
|
#
|
827
882
|
# * API and SDKs - For all calls, use the Region endpoint us-east-1.
|
@@ -844,8 +899,8 @@ module Aws::WAFV2
|
|
844
899
|
# ACLs is 1,500.
|
845
900
|
#
|
846
901
|
# @option params [String] :description
|
847
|
-
# A
|
848
|
-
# description of a rule group after you create it.
|
902
|
+
# A description of the rule group that helps with identification. You
|
903
|
+
# cannot change the description of a rule group after you create it.
|
849
904
|
#
|
850
905
|
# @option params [Array<Types::Rule>] :rules
|
851
906
|
# The Rule statements used to identify the web requests that you want to
|
@@ -1136,8 +1191,8 @@ module Aws::WAFV2
|
|
1136
1191
|
# [1]: https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html
|
1137
1192
|
#
|
1138
1193
|
# @option params [required, String] :name
|
1139
|
-
#
|
1140
|
-
#
|
1194
|
+
# The name of the Web ACL. You cannot change the name of a Web ACL after
|
1195
|
+
# you create it.
|
1141
1196
|
#
|
1142
1197
|
# @option params [required, String] :scope
|
1143
1198
|
# Specifies whether this is for an AWS CloudFront distribution or for a
|
@@ -1147,7 +1202,7 @@ module Aws::WAFV2
|
|
1147
1202
|
# To work with CloudFront, you must also specify the Region US East (N.
|
1148
1203
|
# Virginia) as follows:
|
1149
1204
|
#
|
1150
|
-
# * CLI - Specify the
|
1205
|
+
# * CLI - Specify the Region when you use the CloudFront scope:
|
1151
1206
|
# `--scope=CLOUDFRONT --region=us-east-1`.
|
1152
1207
|
#
|
1153
1208
|
# * API and SDKs - For all calls, use the Region endpoint us-east-1.
|
@@ -1157,8 +1212,8 @@ module Aws::WAFV2
|
|
1157
1212
|
# match.
|
1158
1213
|
#
|
1159
1214
|
# @option params [String] :description
|
1160
|
-
# A
|
1161
|
-
# description of a Web ACL after you create it.
|
1215
|
+
# A description of the Web ACL that helps with identification. You
|
1216
|
+
# cannot change the description of a Web ACL after you create it.
|
1162
1217
|
#
|
1163
1218
|
# @option params [Array<Types::Rule>] :rules
|
1164
1219
|
# The Rule statements used to identify the web requests that you want to
|
@@ -1430,6 +1485,49 @@ module Aws::WAFV2
|
|
1430
1485
|
req.send_request(options)
|
1431
1486
|
end
|
1432
1487
|
|
1488
|
+
# Deletes all rule groups that are managed by AWS Firewall Manager for
|
1489
|
+
# the specified web ACL.
|
1490
|
+
#
|
1491
|
+
# You can only use this if `ManagedByFirewallManager` is false in the
|
1492
|
+
# specified WebACL.
|
1493
|
+
#
|
1494
|
+
# @option params [required, String] :web_acl_arn
|
1495
|
+
# The Amazon Resource Name (ARN) of the web ACL.
|
1496
|
+
#
|
1497
|
+
# @option params [required, String] :web_acl_lock_token
|
1498
|
+
# A token used for optimistic locking. AWS WAF returns a token to your
|
1499
|
+
# get and list requests, to mark the state of the entity at the time of
|
1500
|
+
# the request. To make changes to the entity associated with the token,
|
1501
|
+
# you provide the token to operations like update and delete. AWS WAF
|
1502
|
+
# uses the token to ensure that no changes have been made to the entity
|
1503
|
+
# since you last retrieved it. If a change has been made, the update
|
1504
|
+
# fails with a `WAFOptimisticLockException`. If this happens, perform
|
1505
|
+
# another get, and use the new token returned by that operation.
|
1506
|
+
#
|
1507
|
+
# @return [Types::DeleteFirewallManagerRuleGroupsResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
1508
|
+
#
|
1509
|
+
# * {Types::DeleteFirewallManagerRuleGroupsResponse#next_web_acl_lock_token #next_web_acl_lock_token} => String
|
1510
|
+
#
|
1511
|
+
# @example Request syntax with placeholder values
|
1512
|
+
#
|
1513
|
+
# resp = client.delete_firewall_manager_rule_groups({
|
1514
|
+
# web_acl_arn: "ResourceArn", # required
|
1515
|
+
# web_acl_lock_token: "LockToken", # required
|
1516
|
+
# })
|
1517
|
+
#
|
1518
|
+
# @example Response structure
|
1519
|
+
#
|
1520
|
+
# resp.next_web_acl_lock_token #=> String
|
1521
|
+
#
|
1522
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/DeleteFirewallManagerRuleGroups AWS API Documentation
|
1523
|
+
#
|
1524
|
+
# @overload delete_firewall_manager_rule_groups(params = {})
|
1525
|
+
# @param [Hash] params ({})
|
1526
|
+
def delete_firewall_manager_rule_groups(params = {}, options = {})
|
1527
|
+
req = build_request(:delete_firewall_manager_rule_groups, params)
|
1528
|
+
req.send_request(options)
|
1529
|
+
end
|
1530
|
+
|
1433
1531
|
# <note markdown="1"> This is the latest version of **AWS WAF**, named AWS WAFV2, released
|
1434
1532
|
# in November, 2019. For information, including how to migrate your AWS
|
1435
1533
|
# WAF resources from the prior release, see the [AWS WAF Developer
|
@@ -1444,8 +1542,8 @@ module Aws::WAFV2
|
|
1444
1542
|
# [1]: https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html
|
1445
1543
|
#
|
1446
1544
|
# @option params [required, String] :name
|
1447
|
-
#
|
1448
|
-
#
|
1545
|
+
# The name of the IP set. You cannot change the name of an `IPSet` after
|
1546
|
+
# you create it.
|
1449
1547
|
#
|
1450
1548
|
# @option params [required, String] :scope
|
1451
1549
|
# Specifies whether this is for an AWS CloudFront distribution or for a
|
@@ -1455,7 +1553,7 @@ module Aws::WAFV2
|
|
1455
1553
|
# To work with CloudFront, you must also specify the Region US East (N.
|
1456
1554
|
# Virginia) as follows:
|
1457
1555
|
#
|
1458
|
-
# * CLI - Specify the
|
1556
|
+
# * CLI - Specify the Region when you use the CloudFront scope:
|
1459
1557
|
# `--scope=CLOUDFRONT --region=us-east-1`.
|
1460
1558
|
#
|
1461
1559
|
# * API and SDKs - For all calls, use the Region endpoint us-east-1.
|
@@ -1529,6 +1627,33 @@ module Aws::WAFV2
|
|
1529
1627
|
req.send_request(options)
|
1530
1628
|
end
|
1531
1629
|
|
1630
|
+
# Permanently deletes an IAM policy from the specified rule group.
|
1631
|
+
#
|
1632
|
+
# You must be the owner of the rule group to perform this operation.
|
1633
|
+
#
|
1634
|
+
# @option params [required, String] :resource_arn
|
1635
|
+
# The Amazon Resource Name (ARN) of the rule group from which you want
|
1636
|
+
# to delete the policy.
|
1637
|
+
#
|
1638
|
+
# You must be the owner of the rule group to perform this operation.
|
1639
|
+
#
|
1640
|
+
# @return [Struct] Returns an empty {Seahorse::Client::Response response}.
|
1641
|
+
#
|
1642
|
+
# @example Request syntax with placeholder values
|
1643
|
+
#
|
1644
|
+
# resp = client.delete_permission_policy({
|
1645
|
+
# resource_arn: "ResourceArn", # required
|
1646
|
+
# })
|
1647
|
+
#
|
1648
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/DeletePermissionPolicy AWS API Documentation
|
1649
|
+
#
|
1650
|
+
# @overload delete_permission_policy(params = {})
|
1651
|
+
# @param [Hash] params ({})
|
1652
|
+
def delete_permission_policy(params = {}, options = {})
|
1653
|
+
req = build_request(:delete_permission_policy, params)
|
1654
|
+
req.send_request(options)
|
1655
|
+
end
|
1656
|
+
|
1532
1657
|
# <note markdown="1"> This is the latest version of **AWS WAF**, named AWS WAFV2, released
|
1533
1658
|
# in November, 2019. For information, including how to migrate your AWS
|
1534
1659
|
# WAF resources from the prior release, see the [AWS WAF Developer
|
@@ -1543,8 +1668,8 @@ module Aws::WAFV2
|
|
1543
1668
|
# [1]: https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html
|
1544
1669
|
#
|
1545
1670
|
# @option params [required, String] :name
|
1546
|
-
#
|
1547
|
-
#
|
1671
|
+
# The name of the set. You cannot change the name after you create the
|
1672
|
+
# set.
|
1548
1673
|
#
|
1549
1674
|
# @option params [required, String] :scope
|
1550
1675
|
# Specifies whether this is for an AWS CloudFront distribution or for a
|
@@ -1554,7 +1679,7 @@ module Aws::WAFV2
|
|
1554
1679
|
# To work with CloudFront, you must also specify the Region US East (N.
|
1555
1680
|
# Virginia) as follows:
|
1556
1681
|
#
|
1557
|
-
# * CLI - Specify the
|
1682
|
+
# * CLI - Specify the Region when you use the CloudFront scope:
|
1558
1683
|
# `--scope=CLOUDFRONT --region=us-east-1`.
|
1559
1684
|
#
|
1560
1685
|
# * API and SDKs - For all calls, use the Region endpoint us-east-1.
|
@@ -1608,8 +1733,8 @@ module Aws::WAFV2
|
|
1608
1733
|
# [1]: https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html
|
1609
1734
|
#
|
1610
1735
|
# @option params [required, String] :name
|
1611
|
-
#
|
1612
|
-
#
|
1736
|
+
# The name of the rule group. You cannot change the name of a rule group
|
1737
|
+
# after you create it.
|
1613
1738
|
#
|
1614
1739
|
# @option params [required, String] :scope
|
1615
1740
|
# Specifies whether this is for an AWS CloudFront distribution or for a
|
@@ -1619,7 +1744,7 @@ module Aws::WAFV2
|
|
1619
1744
|
# To work with CloudFront, you must also specify the Region US East (N.
|
1620
1745
|
# Virginia) as follows:
|
1621
1746
|
#
|
1622
|
-
# * CLI - Specify the
|
1747
|
+
# * CLI - Specify the Region when you use the CloudFront scope:
|
1623
1748
|
# `--scope=CLOUDFRONT --region=us-east-1`.
|
1624
1749
|
#
|
1625
1750
|
# * API and SDKs - For all calls, use the Region endpoint us-east-1.
|
@@ -1668,13 +1793,16 @@ module Aws::WAFV2
|
|
1668
1793
|
#
|
1669
1794
|
# Deletes the specified WebACL.
|
1670
1795
|
#
|
1796
|
+
# You can only use this if `ManagedByFirewallManager` is false in the
|
1797
|
+
# specified WebACL.
|
1798
|
+
#
|
1671
1799
|
#
|
1672
1800
|
#
|
1673
1801
|
# [1]: https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html
|
1674
1802
|
#
|
1675
1803
|
# @option params [required, String] :name
|
1676
|
-
#
|
1677
|
-
#
|
1804
|
+
# The name of the Web ACL. You cannot change the name of a Web ACL after
|
1805
|
+
# you create it.
|
1678
1806
|
#
|
1679
1807
|
# @option params [required, String] :scope
|
1680
1808
|
# Specifies whether this is for an AWS CloudFront distribution or for a
|
@@ -1684,7 +1812,7 @@ module Aws::WAFV2
|
|
1684
1812
|
# To work with CloudFront, you must also specify the Region US East (N.
|
1685
1813
|
# Virginia) as follows:
|
1686
1814
|
#
|
1687
|
-
# * CLI - Specify the
|
1815
|
+
# * CLI - Specify the Region when you use the CloudFront scope:
|
1688
1816
|
# `--scope=CLOUDFRONT --region=us-east-1`.
|
1689
1817
|
#
|
1690
1818
|
# * API and SDKs - For all calls, use the Region endpoint us-east-1.
|
@@ -1754,7 +1882,7 @@ module Aws::WAFV2
|
|
1754
1882
|
# To work with CloudFront, you must also specify the Region US East (N.
|
1755
1883
|
# Virginia) as follows:
|
1756
1884
|
#
|
1757
|
-
# * CLI - Specify the
|
1885
|
+
# * CLI - Specify the Region when you use the CloudFront scope:
|
1758
1886
|
# `--scope=CLOUDFRONT --region=us-east-1`.
|
1759
1887
|
#
|
1760
1888
|
# * API and SDKs - For all calls, use the Region endpoint us-east-1.
|
@@ -1798,8 +1926,9 @@ module Aws::WAFV2
|
|
1798
1926
|
# regional application can be an Application Load Balancer (ALB) or an
|
1799
1927
|
# API Gateway stage.
|
1800
1928
|
#
|
1801
|
-
# For AWS CloudFront,
|
1802
|
-
#
|
1929
|
+
# For AWS CloudFront, don't use this call. Instead, use your CloudFront
|
1930
|
+
# distribution configuration. To disassociate a Web ACL, provide an
|
1931
|
+
# empty web ACL ID in the CloudFront call `UpdateDistribution`. For
|
1803
1932
|
# information, see [UpdateDistribution][2].
|
1804
1933
|
#
|
1805
1934
|
#
|
@@ -1813,15 +1942,12 @@ module Aws::WAFV2
|
|
1813
1942
|
#
|
1814
1943
|
# The ARN must be in one of the following formats:
|
1815
1944
|
#
|
1816
|
-
# * For
|
1817
|
-
# `arn:aws:
|
1945
|
+
# * For an Application Load Balancer:
|
1946
|
+
# `arn:aws:elasticloadbalancing:region:account-id:loadbalancer/app/load-balancer-name/load-balancer-id
|
1947
|
+
# `
|
1818
1948
|
#
|
1819
|
-
# * For an
|
1820
|
-
# region
|
1821
|
-
# /load-balancer-id `
|
1822
|
-
#
|
1823
|
-
# * For an Amazon API Gateway stage: `arn:aws:apigateway:region
|
1824
|
-
# ::/restapis/api-id/stages/stage-name `
|
1949
|
+
# * For an Amazon API Gateway stage:
|
1950
|
+
# `arn:aws:apigateway:region::/restapis/api-id/stages/stage-name `
|
1825
1951
|
#
|
1826
1952
|
# @return [Struct] Returns an empty {Seahorse::Client::Response response}.
|
1827
1953
|
#
|
@@ -1854,8 +1980,8 @@ module Aws::WAFV2
|
|
1854
1980
|
# [1]: https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html
|
1855
1981
|
#
|
1856
1982
|
# @option params [required, String] :name
|
1857
|
-
#
|
1858
|
-
#
|
1983
|
+
# The name of the IP set. You cannot change the name of an `IPSet` after
|
1984
|
+
# you create it.
|
1859
1985
|
#
|
1860
1986
|
# @option params [required, String] :scope
|
1861
1987
|
# Specifies whether this is for an AWS CloudFront distribution or for a
|
@@ -1865,7 +1991,7 @@ module Aws::WAFV2
|
|
1865
1991
|
# To work with CloudFront, you must also specify the Region US East (N.
|
1866
1992
|
# Virginia) as follows:
|
1867
1993
|
#
|
1868
|
-
# * CLI - Specify the
|
1994
|
+
# * CLI - Specify the Region when you use the CloudFront scope:
|
1869
1995
|
# `--scope=CLOUDFRONT --region=us-east-1`.
|
1870
1996
|
#
|
1871
1997
|
# * API and SDKs - For all calls, use the Region endpoint us-east-1.
|
@@ -1953,6 +2079,37 @@ module Aws::WAFV2
|
|
1953
2079
|
req.send_request(options)
|
1954
2080
|
end
|
1955
2081
|
|
2082
|
+
# Returns the IAM policy that is attached to the specified rule group.
|
2083
|
+
#
|
2084
|
+
# You must be the owner of the rule group to perform this operation.
|
2085
|
+
#
|
2086
|
+
# @option params [required, String] :resource_arn
|
2087
|
+
# The Amazon Resource Name (ARN) of the rule group for which you want to
|
2088
|
+
# get the policy.
|
2089
|
+
#
|
2090
|
+
# @return [Types::GetPermissionPolicyResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
2091
|
+
#
|
2092
|
+
# * {Types::GetPermissionPolicyResponse#policy #policy} => String
|
2093
|
+
#
|
2094
|
+
# @example Request syntax with placeholder values
|
2095
|
+
#
|
2096
|
+
# resp = client.get_permission_policy({
|
2097
|
+
# resource_arn: "ResourceArn", # required
|
2098
|
+
# })
|
2099
|
+
#
|
2100
|
+
# @example Response structure
|
2101
|
+
#
|
2102
|
+
# resp.policy #=> String
|
2103
|
+
#
|
2104
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/GetPermissionPolicy AWS API Documentation
|
2105
|
+
#
|
2106
|
+
# @overload get_permission_policy(params = {})
|
2107
|
+
# @param [Hash] params ({})
|
2108
|
+
def get_permission_policy(params = {}, options = {})
|
2109
|
+
req = build_request(:get_permission_policy, params)
|
2110
|
+
req.send_request(options)
|
2111
|
+
end
|
2112
|
+
|
1956
2113
|
# <note markdown="1"> This is the latest version of **AWS WAF**, named AWS WAFV2, released
|
1957
2114
|
# in November, 2019. For information, including how to migrate your AWS
|
1958
2115
|
# WAF resources from the prior release, see the [AWS WAF Developer
|
@@ -1977,14 +2134,14 @@ module Aws::WAFV2
|
|
1977
2134
|
# To work with CloudFront, you must also specify the Region US East (N.
|
1978
2135
|
# Virginia) as follows:
|
1979
2136
|
#
|
1980
|
-
# * CLI - Specify the
|
2137
|
+
# * CLI - Specify the Region when you use the CloudFront scope:
|
1981
2138
|
# `--scope=CLOUDFRONT --region=us-east-1`.
|
1982
2139
|
#
|
1983
2140
|
# * API and SDKs - For all calls, use the Region endpoint us-east-1.
|
1984
2141
|
#
|
1985
2142
|
# @option params [required, String] :web_acl_name
|
1986
|
-
#
|
1987
|
-
#
|
2143
|
+
# The name of the Web ACL. You cannot change the name of a Web ACL after
|
2144
|
+
# you create it.
|
1988
2145
|
#
|
1989
2146
|
# @option params [required, String] :web_acl_id
|
1990
2147
|
# The unique identifier for the Web ACL. This ID is returned in the
|
@@ -2040,8 +2197,8 @@ module Aws::WAFV2
|
|
2040
2197
|
# [1]: https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html
|
2041
2198
|
#
|
2042
2199
|
# @option params [required, String] :name
|
2043
|
-
#
|
2044
|
-
#
|
2200
|
+
# The name of the set. You cannot change the name after you create the
|
2201
|
+
# set.
|
2045
2202
|
#
|
2046
2203
|
# @option params [required, String] :scope
|
2047
2204
|
# Specifies whether this is for an AWS CloudFront distribution or for a
|
@@ -2051,7 +2208,7 @@ module Aws::WAFV2
|
|
2051
2208
|
# To work with CloudFront, you must also specify the Region US East (N.
|
2052
2209
|
# Virginia) as follows:
|
2053
2210
|
#
|
2054
|
-
# * CLI - Specify the
|
2211
|
+
# * CLI - Specify the Region when you use the CloudFront scope:
|
2055
2212
|
# `--scope=CLOUDFRONT --region=us-east-1`.
|
2056
2213
|
#
|
2057
2214
|
# * API and SDKs - For all calls, use the Region endpoint us-east-1.
|
@@ -2107,8 +2264,8 @@ module Aws::WAFV2
|
|
2107
2264
|
# [1]: https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html
|
2108
2265
|
#
|
2109
2266
|
# @option params [required, String] :name
|
2110
|
-
#
|
2111
|
-
#
|
2267
|
+
# The name of the rule group. You cannot change the name of a rule group
|
2268
|
+
# after you create it.
|
2112
2269
|
#
|
2113
2270
|
# @option params [required, String] :scope
|
2114
2271
|
# Specifies whether this is for an AWS CloudFront distribution or for a
|
@@ -2118,7 +2275,7 @@ module Aws::WAFV2
|
|
2118
2275
|
# To work with CloudFront, you must also specify the Region US East (N.
|
2119
2276
|
# Virginia) as follows:
|
2120
2277
|
#
|
2121
|
-
# * CLI - Specify the
|
2278
|
+
# * CLI - Specify the Region when you use the CloudFront scope:
|
2122
2279
|
# `--scope=CLOUDFRONT --region=us-east-1`.
|
2123
2280
|
#
|
2124
2281
|
# * API and SDKs - For all calls, use the Region endpoint us-east-1.
|
@@ -2256,7 +2413,7 @@ module Aws::WAFV2
|
|
2256
2413
|
# To work with CloudFront, you must also specify the Region US East (N.
|
2257
2414
|
# Virginia) as follows:
|
2258
2415
|
#
|
2259
|
-
# * CLI - Specify the
|
2416
|
+
# * CLI - Specify the Region when you use the CloudFront scope:
|
2260
2417
|
# `--scope=CLOUDFRONT --region=us-east-1`.
|
2261
2418
|
#
|
2262
2419
|
# * API and SDKs - For all calls, use the Region endpoint us-east-1.
|
@@ -2336,8 +2493,8 @@ module Aws::WAFV2
|
|
2336
2493
|
# [1]: https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html
|
2337
2494
|
#
|
2338
2495
|
# @option params [required, String] :name
|
2339
|
-
#
|
2340
|
-
#
|
2496
|
+
# The name of the Web ACL. You cannot change the name of a Web ACL after
|
2497
|
+
# you create it.
|
2341
2498
|
#
|
2342
2499
|
# @option params [required, String] :scope
|
2343
2500
|
# Specifies whether this is for an AWS CloudFront distribution or for a
|
@@ -2347,7 +2504,7 @@ module Aws::WAFV2
|
|
2347
2504
|
# To work with CloudFront, you must also specify the Region US East (N.
|
2348
2505
|
# Virginia) as follows:
|
2349
2506
|
#
|
2350
|
-
# * CLI - Specify the
|
2507
|
+
# * CLI - Specify the Region when you use the CloudFront scope:
|
2351
2508
|
# `--scope=CLOUDFRONT --region=us-east-1`.
|
2352
2509
|
#
|
2353
2510
|
# * API and SDKs - For all calls, use the Region endpoint us-east-1.
|
@@ -2434,6 +2591,33 @@ module Aws::WAFV2
|
|
2434
2591
|
# resp.web_acl.visibility_config.cloud_watch_metrics_enabled #=> Boolean
|
2435
2592
|
# resp.web_acl.visibility_config.metric_name #=> String
|
2436
2593
|
# resp.web_acl.capacity #=> Integer
|
2594
|
+
# resp.web_acl.pre_process_firewall_manager_rule_groups #=> Array
|
2595
|
+
# resp.web_acl.pre_process_firewall_manager_rule_groups[0].name #=> String
|
2596
|
+
# resp.web_acl.pre_process_firewall_manager_rule_groups[0].priority #=> Integer
|
2597
|
+
# resp.web_acl.pre_process_firewall_manager_rule_groups[0].firewall_manager_statement.managed_rule_group_statement.vendor_name #=> String
|
2598
|
+
# resp.web_acl.pre_process_firewall_manager_rule_groups[0].firewall_manager_statement.managed_rule_group_statement.name #=> String
|
2599
|
+
# resp.web_acl.pre_process_firewall_manager_rule_groups[0].firewall_manager_statement.managed_rule_group_statement.excluded_rules #=> Array
|
2600
|
+
# resp.web_acl.pre_process_firewall_manager_rule_groups[0].firewall_manager_statement.managed_rule_group_statement.excluded_rules[0].name #=> String
|
2601
|
+
# resp.web_acl.pre_process_firewall_manager_rule_groups[0].firewall_manager_statement.rule_group_reference_statement.arn #=> String
|
2602
|
+
# resp.web_acl.pre_process_firewall_manager_rule_groups[0].firewall_manager_statement.rule_group_reference_statement.excluded_rules #=> Array
|
2603
|
+
# resp.web_acl.pre_process_firewall_manager_rule_groups[0].firewall_manager_statement.rule_group_reference_statement.excluded_rules[0].name #=> String
|
2604
|
+
# resp.web_acl.pre_process_firewall_manager_rule_groups[0].visibility_config.sampled_requests_enabled #=> Boolean
|
2605
|
+
# resp.web_acl.pre_process_firewall_manager_rule_groups[0].visibility_config.cloud_watch_metrics_enabled #=> Boolean
|
2606
|
+
# resp.web_acl.pre_process_firewall_manager_rule_groups[0].visibility_config.metric_name #=> String
|
2607
|
+
# resp.web_acl.post_process_firewall_manager_rule_groups #=> Array
|
2608
|
+
# resp.web_acl.post_process_firewall_manager_rule_groups[0].name #=> String
|
2609
|
+
# resp.web_acl.post_process_firewall_manager_rule_groups[0].priority #=> Integer
|
2610
|
+
# resp.web_acl.post_process_firewall_manager_rule_groups[0].firewall_manager_statement.managed_rule_group_statement.vendor_name #=> String
|
2611
|
+
# resp.web_acl.post_process_firewall_manager_rule_groups[0].firewall_manager_statement.managed_rule_group_statement.name #=> String
|
2612
|
+
# resp.web_acl.post_process_firewall_manager_rule_groups[0].firewall_manager_statement.managed_rule_group_statement.excluded_rules #=> Array
|
2613
|
+
# resp.web_acl.post_process_firewall_manager_rule_groups[0].firewall_manager_statement.managed_rule_group_statement.excluded_rules[0].name #=> String
|
2614
|
+
# resp.web_acl.post_process_firewall_manager_rule_groups[0].firewall_manager_statement.rule_group_reference_statement.arn #=> String
|
2615
|
+
# resp.web_acl.post_process_firewall_manager_rule_groups[0].firewall_manager_statement.rule_group_reference_statement.excluded_rules #=> Array
|
2616
|
+
# resp.web_acl.post_process_firewall_manager_rule_groups[0].firewall_manager_statement.rule_group_reference_statement.excluded_rules[0].name #=> String
|
2617
|
+
# resp.web_acl.post_process_firewall_manager_rule_groups[0].visibility_config.sampled_requests_enabled #=> Boolean
|
2618
|
+
# resp.web_acl.post_process_firewall_manager_rule_groups[0].visibility_config.cloud_watch_metrics_enabled #=> Boolean
|
2619
|
+
# resp.web_acl.post_process_firewall_manager_rule_groups[0].visibility_config.metric_name #=> String
|
2620
|
+
# resp.web_acl.managed_by_firewall_manager #=> Boolean
|
2437
2621
|
# resp.lock_token #=> String
|
2438
2622
|
#
|
2439
2623
|
# @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/GetWebACL AWS API Documentation
|
@@ -2535,6 +2719,33 @@ module Aws::WAFV2
|
|
2535
2719
|
# resp.web_acl.visibility_config.cloud_watch_metrics_enabled #=> Boolean
|
2536
2720
|
# resp.web_acl.visibility_config.metric_name #=> String
|
2537
2721
|
# resp.web_acl.capacity #=> Integer
|
2722
|
+
# resp.web_acl.pre_process_firewall_manager_rule_groups #=> Array
|
2723
|
+
# resp.web_acl.pre_process_firewall_manager_rule_groups[0].name #=> String
|
2724
|
+
# resp.web_acl.pre_process_firewall_manager_rule_groups[0].priority #=> Integer
|
2725
|
+
# resp.web_acl.pre_process_firewall_manager_rule_groups[0].firewall_manager_statement.managed_rule_group_statement.vendor_name #=> String
|
2726
|
+
# resp.web_acl.pre_process_firewall_manager_rule_groups[0].firewall_manager_statement.managed_rule_group_statement.name #=> String
|
2727
|
+
# resp.web_acl.pre_process_firewall_manager_rule_groups[0].firewall_manager_statement.managed_rule_group_statement.excluded_rules #=> Array
|
2728
|
+
# resp.web_acl.pre_process_firewall_manager_rule_groups[0].firewall_manager_statement.managed_rule_group_statement.excluded_rules[0].name #=> String
|
2729
|
+
# resp.web_acl.pre_process_firewall_manager_rule_groups[0].firewall_manager_statement.rule_group_reference_statement.arn #=> String
|
2730
|
+
# resp.web_acl.pre_process_firewall_manager_rule_groups[0].firewall_manager_statement.rule_group_reference_statement.excluded_rules #=> Array
|
2731
|
+
# resp.web_acl.pre_process_firewall_manager_rule_groups[0].firewall_manager_statement.rule_group_reference_statement.excluded_rules[0].name #=> String
|
2732
|
+
# resp.web_acl.pre_process_firewall_manager_rule_groups[0].visibility_config.sampled_requests_enabled #=> Boolean
|
2733
|
+
# resp.web_acl.pre_process_firewall_manager_rule_groups[0].visibility_config.cloud_watch_metrics_enabled #=> Boolean
|
2734
|
+
# resp.web_acl.pre_process_firewall_manager_rule_groups[0].visibility_config.metric_name #=> String
|
2735
|
+
# resp.web_acl.post_process_firewall_manager_rule_groups #=> Array
|
2736
|
+
# resp.web_acl.post_process_firewall_manager_rule_groups[0].name #=> String
|
2737
|
+
# resp.web_acl.post_process_firewall_manager_rule_groups[0].priority #=> Integer
|
2738
|
+
# resp.web_acl.post_process_firewall_manager_rule_groups[0].firewall_manager_statement.managed_rule_group_statement.vendor_name #=> String
|
2739
|
+
# resp.web_acl.post_process_firewall_manager_rule_groups[0].firewall_manager_statement.managed_rule_group_statement.name #=> String
|
2740
|
+
# resp.web_acl.post_process_firewall_manager_rule_groups[0].firewall_manager_statement.managed_rule_group_statement.excluded_rules #=> Array
|
2741
|
+
# resp.web_acl.post_process_firewall_manager_rule_groups[0].firewall_manager_statement.managed_rule_group_statement.excluded_rules[0].name #=> String
|
2742
|
+
# resp.web_acl.post_process_firewall_manager_rule_groups[0].firewall_manager_statement.rule_group_reference_statement.arn #=> String
|
2743
|
+
# resp.web_acl.post_process_firewall_manager_rule_groups[0].firewall_manager_statement.rule_group_reference_statement.excluded_rules #=> Array
|
2744
|
+
# resp.web_acl.post_process_firewall_manager_rule_groups[0].firewall_manager_statement.rule_group_reference_statement.excluded_rules[0].name #=> String
|
2745
|
+
# resp.web_acl.post_process_firewall_manager_rule_groups[0].visibility_config.sampled_requests_enabled #=> Boolean
|
2746
|
+
# resp.web_acl.post_process_firewall_manager_rule_groups[0].visibility_config.cloud_watch_metrics_enabled #=> Boolean
|
2747
|
+
# resp.web_acl.post_process_firewall_manager_rule_groups[0].visibility_config.metric_name #=> String
|
2748
|
+
# resp.web_acl.managed_by_firewall_manager #=> Boolean
|
2538
2749
|
#
|
2539
2750
|
# @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/GetWebACLForResource AWS API Documentation
|
2540
2751
|
#
|
@@ -2553,8 +2764,8 @@ module Aws::WAFV2
|
|
2553
2764
|
# </note>
|
2554
2765
|
#
|
2555
2766
|
# Retrieves an array of managed rule groups that are available for you
|
2556
|
-
# to use. This list includes all AWS
|
2557
|
-
# Marketplace managed rule groups that you're subscribed to.
|
2767
|
+
# to use. This list includes all AWS Managed Rules rule groups and the
|
2768
|
+
# AWS Marketplace managed rule groups that you're subscribed to.
|
2558
2769
|
#
|
2559
2770
|
#
|
2560
2771
|
#
|
@@ -2568,7 +2779,7 @@ module Aws::WAFV2
|
|
2568
2779
|
# To work with CloudFront, you must also specify the Region US East (N.
|
2569
2780
|
# Virginia) as follows:
|
2570
2781
|
#
|
2571
|
-
# * CLI - Specify the
|
2782
|
+
# * CLI - Specify the Region when you use the CloudFront scope:
|
2572
2783
|
# `--scope=CLOUDFRONT --region=us-east-1`.
|
2573
2784
|
#
|
2574
2785
|
# * API and SDKs - For all calls, use the Region endpoint us-east-1.
|
@@ -2638,7 +2849,7 @@ module Aws::WAFV2
|
|
2638
2849
|
# To work with CloudFront, you must also specify the Region US East (N.
|
2639
2850
|
# Virginia) as follows:
|
2640
2851
|
#
|
2641
|
-
# * CLI - Specify the
|
2852
|
+
# * CLI - Specify the Region when you use the CloudFront scope:
|
2642
2853
|
# `--scope=CLOUDFRONT --region=us-east-1`.
|
2643
2854
|
#
|
2644
2855
|
# * API and SDKs - For all calls, use the Region endpoint us-east-1.
|
@@ -2709,7 +2920,7 @@ module Aws::WAFV2
|
|
2709
2920
|
# To work with CloudFront, you must also specify the Region US East (N.
|
2710
2921
|
# Virginia) as follows:
|
2711
2922
|
#
|
2712
|
-
# * CLI - Specify the
|
2923
|
+
# * CLI - Specify the Region when you use the CloudFront scope:
|
2713
2924
|
# `--scope=CLOUDFRONT --region=us-east-1`.
|
2714
2925
|
#
|
2715
2926
|
# * API and SDKs - For all calls, use the Region endpoint us-east-1.
|
@@ -2782,7 +2993,7 @@ module Aws::WAFV2
|
|
2782
2993
|
# To work with CloudFront, you must also specify the Region US East (N.
|
2783
2994
|
# Virginia) as follows:
|
2784
2995
|
#
|
2785
|
-
# * CLI - Specify the
|
2996
|
+
# * CLI - Specify the Region when you use the CloudFront scope:
|
2786
2997
|
# `--scope=CLOUDFRONT --region=us-east-1`.
|
2787
2998
|
#
|
2788
2999
|
# * API and SDKs - For all calls, use the Region endpoint us-east-1.
|
@@ -2903,7 +3114,7 @@ module Aws::WAFV2
|
|
2903
3114
|
# To work with CloudFront, you must also specify the Region US East (N.
|
2904
3115
|
# Virginia) as follows:
|
2905
3116
|
#
|
2906
|
-
# * CLI - Specify the
|
3117
|
+
# * CLI - Specify the Region when you use the CloudFront scope:
|
2907
3118
|
# `--scope=CLOUDFRONT --region=us-east-1`.
|
2908
3119
|
#
|
2909
3120
|
# * API and SDKs - For all calls, use the Region endpoint us-east-1.
|
@@ -3034,7 +3245,7 @@ module Aws::WAFV2
|
|
3034
3245
|
# To work with CloudFront, you must also specify the Region US East (N.
|
3035
3246
|
# Virginia) as follows:
|
3036
3247
|
#
|
3037
|
-
# * CLI - Specify the
|
3248
|
+
# * CLI - Specify the Region when you use the CloudFront scope:
|
3038
3249
|
# `--scope=CLOUDFRONT --region=us-east-1`.
|
3039
3250
|
#
|
3040
3251
|
# * API and SDKs - For all calls, use the Region endpoint us-east-1.
|
@@ -3099,7 +3310,7 @@ module Aws::WAFV2
|
|
3099
3310
|
#
|
3100
3311
|
# 1. Create an Amazon Kinesis Data Firehose.
|
3101
3312
|
#
|
3102
|
-
# Create the data firehose with a PUT source and in the
|
3313
|
+
# Create the data firehose with a PUT source and in the Region that
|
3103
3314
|
# you are operating. If you are capturing logs for Amazon
|
3104
3315
|
# CloudFront, always create the firehose in US East (N. Virginia).
|
3105
3316
|
#
|
@@ -3175,6 +3386,68 @@ module Aws::WAFV2
|
|
3175
3386
|
req.send_request(options)
|
3176
3387
|
end
|
3177
3388
|
|
3389
|
+
# Attaches an IAM policy to the specified resource. Use this to share a
|
3390
|
+
# rule group across accounts.
|
3391
|
+
#
|
3392
|
+
# You must be the owner of the rule group to perform this operation.
|
3393
|
+
#
|
3394
|
+
# This action is subject to the following restrictions:
|
3395
|
+
#
|
3396
|
+
# * You can attach only one policy with each `PutPermissionPolicy`
|
3397
|
+
# request.
|
3398
|
+
#
|
3399
|
+
# * The ARN in the request must be a valid WAF RuleGroup ARN and the
|
3400
|
+
# rule group must exist in the same region.
|
3401
|
+
#
|
3402
|
+
# * The user making the request must be the owner of the rule group.
|
3403
|
+
#
|
3404
|
+
# @option params [required, String] :resource_arn
|
3405
|
+
# The Amazon Resource Name (ARN) of the RuleGroup to which you want to
|
3406
|
+
# attach the policy.
|
3407
|
+
#
|
3408
|
+
# @option params [required, String] :policy
|
3409
|
+
# The policy to attach to the specified rule group.
|
3410
|
+
#
|
3411
|
+
# The policy specifications must conform to the following:
|
3412
|
+
#
|
3413
|
+
# * The policy must be composed using IAM Policy version 2012-10-17 or
|
3414
|
+
# version 2015-01-01.
|
3415
|
+
#
|
3416
|
+
# * The policy must include specifications for `Effect`, `Action`, and
|
3417
|
+
# `Principal`.
|
3418
|
+
#
|
3419
|
+
# * `Effect` must specify `Allow`.
|
3420
|
+
#
|
3421
|
+
# * `Action` must specify `wafv2:CreateWebACL`, `wafv2:UpdateWebACL`,
|
3422
|
+
# and `wafv2:PutFirewallManagerRuleGroups`. AWS WAF rejects any extra
|
3423
|
+
# actions or wildcard actions in the policy.
|
3424
|
+
#
|
3425
|
+
# * The policy must not include a `Resource` parameter.
|
3426
|
+
#
|
3427
|
+
# For more information, see [IAM Policies][1].
|
3428
|
+
#
|
3429
|
+
#
|
3430
|
+
#
|
3431
|
+
# [1]: https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html
|
3432
|
+
#
|
3433
|
+
# @return [Struct] Returns an empty {Seahorse::Client::Response response}.
|
3434
|
+
#
|
3435
|
+
# @example Request syntax with placeholder values
|
3436
|
+
#
|
3437
|
+
# resp = client.put_permission_policy({
|
3438
|
+
# resource_arn: "ResourceArn", # required
|
3439
|
+
# policy: "PolicyString", # required
|
3440
|
+
# })
|
3441
|
+
#
|
3442
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/PutPermissionPolicy AWS API Documentation
|
3443
|
+
#
|
3444
|
+
# @overload put_permission_policy(params = {})
|
3445
|
+
# @param [Hash] params ({})
|
3446
|
+
def put_permission_policy(params = {}, options = {})
|
3447
|
+
req = build_request(:put_permission_policy, params)
|
3448
|
+
req.send_request(options)
|
3449
|
+
end
|
3450
|
+
|
3178
3451
|
# <note markdown="1"> This is the latest version of **AWS WAF**, named AWS WAFV2, released
|
3179
3452
|
# in November, 2019. For information, including how to migrate your AWS
|
3180
3453
|
# WAF resources from the prior release, see the [AWS WAF Developer
|
@@ -3277,8 +3550,8 @@ module Aws::WAFV2
|
|
3277
3550
|
# [1]: https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html
|
3278
3551
|
#
|
3279
3552
|
# @option params [required, String] :name
|
3280
|
-
#
|
3281
|
-
#
|
3553
|
+
# The name of the IP set. You cannot change the name of an `IPSet` after
|
3554
|
+
# you create it.
|
3282
3555
|
#
|
3283
3556
|
# @option params [required, String] :scope
|
3284
3557
|
# Specifies whether this is for an AWS CloudFront distribution or for a
|
@@ -3288,7 +3561,7 @@ module Aws::WAFV2
|
|
3288
3561
|
# To work with CloudFront, you must also specify the Region US East (N.
|
3289
3562
|
# Virginia) as follows:
|
3290
3563
|
#
|
3291
|
-
# * CLI - Specify the
|
3564
|
+
# * CLI - Specify the Region when you use the CloudFront scope:
|
3292
3565
|
# `--scope=CLOUDFRONT --region=us-east-1`.
|
3293
3566
|
#
|
3294
3567
|
# * API and SDKs - For all calls, use the Region endpoint us-east-1.
|
@@ -3299,8 +3572,8 @@ module Aws::WAFV2
|
|
3299
3572
|
# and delete.
|
3300
3573
|
#
|
3301
3574
|
# @option params [String] :description
|
3302
|
-
# A
|
3303
|
-
# description of an IP set after you create it.
|
3575
|
+
# A description of the IP set that helps with identification. You cannot
|
3576
|
+
# change the description of an IP set after you create it.
|
3304
3577
|
#
|
3305
3578
|
# @option params [required, Array<String>] :addresses
|
3306
3579
|
# Contains an array of strings that specify one or more IP addresses or
|
@@ -3386,8 +3659,8 @@ module Aws::WAFV2
|
|
3386
3659
|
# [1]: https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html
|
3387
3660
|
#
|
3388
3661
|
# @option params [required, String] :name
|
3389
|
-
#
|
3390
|
-
#
|
3662
|
+
# The name of the set. You cannot change the name after you create the
|
3663
|
+
# set.
|
3391
3664
|
#
|
3392
3665
|
# @option params [required, String] :scope
|
3393
3666
|
# Specifies whether this is for an AWS CloudFront distribution or for a
|
@@ -3397,7 +3670,7 @@ module Aws::WAFV2
|
|
3397
3670
|
# To work with CloudFront, you must also specify the Region US East (N.
|
3398
3671
|
# Virginia) as follows:
|
3399
3672
|
#
|
3400
|
-
# * CLI - Specify the
|
3673
|
+
# * CLI - Specify the Region when you use the CloudFront scope:
|
3401
3674
|
# `--scope=CLOUDFRONT --region=us-east-1`.
|
3402
3675
|
#
|
3403
3676
|
# * API and SDKs - For all calls, use the Region endpoint us-east-1.
|
@@ -3408,8 +3681,8 @@ module Aws::WAFV2
|
|
3408
3681
|
# and delete.
|
3409
3682
|
#
|
3410
3683
|
# @option params [String] :description
|
3411
|
-
# A
|
3412
|
-
# of a set after you create it.
|
3684
|
+
# A description of the set that helps with identification. You cannot
|
3685
|
+
# change the description of a set after you create it.
|
3413
3686
|
#
|
3414
3687
|
# @option params [required, Array<Types::Regex>] :regular_expression_list
|
3415
3688
|
#
|
@@ -3475,8 +3748,8 @@ module Aws::WAFV2
|
|
3475
3748
|
# [1]: https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html
|
3476
3749
|
#
|
3477
3750
|
# @option params [required, String] :name
|
3478
|
-
#
|
3479
|
-
#
|
3751
|
+
# The name of the rule group. You cannot change the name of a rule group
|
3752
|
+
# after you create it.
|
3480
3753
|
#
|
3481
3754
|
# @option params [required, String] :scope
|
3482
3755
|
# Specifies whether this is for an AWS CloudFront distribution or for a
|
@@ -3486,7 +3759,7 @@ module Aws::WAFV2
|
|
3486
3759
|
# To work with CloudFront, you must also specify the Region US East (N.
|
3487
3760
|
# Virginia) as follows:
|
3488
3761
|
#
|
3489
|
-
# * CLI - Specify the
|
3762
|
+
# * CLI - Specify the Region when you use the CloudFront scope:
|
3490
3763
|
# `--scope=CLOUDFRONT --region=us-east-1`.
|
3491
3764
|
#
|
3492
3765
|
# * API and SDKs - For all calls, use the Region endpoint us-east-1.
|
@@ -3497,8 +3770,8 @@ module Aws::WAFV2
|
|
3497
3770
|
# like update and delete.
|
3498
3771
|
#
|
3499
3772
|
# @option params [String] :description
|
3500
|
-
# A
|
3501
|
-
# description of a rule group after you create it.
|
3773
|
+
# A description of the rule group that helps with identification. You
|
3774
|
+
# cannot change the description of a rule group after you create it.
|
3502
3775
|
#
|
3503
3776
|
# @option params [Array<Types::Rule>] :rules
|
3504
3777
|
# The Rule statements used to identify the web requests that you want to
|
@@ -3787,8 +4060,8 @@ module Aws::WAFV2
|
|
3787
4060
|
# [1]: https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html
|
3788
4061
|
#
|
3789
4062
|
# @option params [required, String] :name
|
3790
|
-
#
|
3791
|
-
#
|
4063
|
+
# The name of the Web ACL. You cannot change the name of a Web ACL after
|
4064
|
+
# you create it.
|
3792
4065
|
#
|
3793
4066
|
# @option params [required, String] :scope
|
3794
4067
|
# Specifies whether this is for an AWS CloudFront distribution or for a
|
@@ -3798,7 +4071,7 @@ module Aws::WAFV2
|
|
3798
4071
|
# To work with CloudFront, you must also specify the Region US East (N.
|
3799
4072
|
# Virginia) as follows:
|
3800
4073
|
#
|
3801
|
-
# * CLI - Specify the
|
4074
|
+
# * CLI - Specify the Region when you use the CloudFront scope:
|
3802
4075
|
# `--scope=CLOUDFRONT --region=us-east-1`.
|
3803
4076
|
#
|
3804
4077
|
# * API and SDKs - For all calls, use the Region endpoint us-east-1.
|
@@ -3813,8 +4086,8 @@ module Aws::WAFV2
|
|
3813
4086
|
# match.
|
3814
4087
|
#
|
3815
4088
|
# @option params [String] :description
|
3816
|
-
# A
|
3817
|
-
# description of a Web ACL after you create it.
|
4089
|
+
# A description of the Web ACL that helps with identification. You
|
4090
|
+
# cannot change the description of a Web ACL after you create it.
|
3818
4091
|
#
|
3819
4092
|
# @option params [Array<Types::Rule>] :rules
|
3820
4093
|
# The Rule statements used to identify the web requests that you want to
|
@@ -4098,7 +4371,7 @@ module Aws::WAFV2
|
|
4098
4371
|
params: params,
|
4099
4372
|
config: config)
|
4100
4373
|
context[:gem_name] = 'aws-sdk-wafv2'
|
4101
|
-
context[:gem_version] = '1.
|
4374
|
+
context[:gem_version] = '1.5.0'
|
4102
4375
|
Seahorse::Client::Request.new(handlers, context)
|
4103
4376
|
end
|
4104
4377
|
|