aws-sdk-wafv2 1.1.0 → 1.6.1

checksums.yaml

@@ -1,7 +1,7 @@
 ---
-SHA1:
-  metadata.gz: ca8f4cd6356b4a82e5a2ae1940075b1257364b7b
-  data.tar.gz: 345d69380ddf284f3950a92808f0c741c97c5d93
+SHA256:
+  metadata.gz: 74e014fca8307c8c91cc8b574384bb8251dc7a4305d7708755d537e6a94a28ab
+  data.tar.gz: d185c5eb15490fc40218b3f44a76c6363441e14c2f1ace5bd6393e27c9f76557
 SHA512:
-  metadata.gz: 6286f80bb1f3a5ff9336551cbea6ce7117c970a3ea1274474a272bda833ae0efbc5b9f8d9006ee2c5f21db0be774d96e1b9393f5d3ea7e69c43bb198c63df1cd
-  data.tar.gz: 6988c818e2d346710e7c866a139fc44f5e8432e1bde877843f6d8fb970f2ab908c0605bcdd1717281ba0b2ce23575b7bdabda679f8df3ee42f89596bbf94f8ce
+  metadata.gz: 1b4bd6d6721e9097723da9b4e077a50b0a2fa60beb18e3aa4467eda9a5ffc4d3c2b24c3e777bd883ee9c0fefb7519fd6838efb07dd51cc04b54a70465b6dffb4
+  data.tar.gz: c2339044da229d3b3599b3ef521a136453cfe38a3e7d99e45d11754fe560dd36e9c0d8e135c66a0da04e1bc9136b353e64b08321a2a896ac0387d172f5c1ef7e

data/lib/aws-sdk-wafv2.rb

@@ -24,17 +24,20 @@ require_relative 'aws-sdk-wafv2/customizations'
 # methods each accept a hash of request parameters and return a response
 # structure.
 #
+#     wafv2 = Aws::WAFV2::Client.new
+#     resp = wafv2.associate_web_acl(params)
+#
 # See {Client} for more information.
 #
 # # Errors
 #
-# Errors returned from AWS WAFV2 all
-# extend {Errors::ServiceError}.
+# Errors returned from AWS WAFV2 are defined in the
+# {Errors} module and all extend {Errors::ServiceError}.
 #
 #     begin
 #       # do stuff
 #     rescue Aws::WAFV2::Errors::ServiceError
-#       # rescues all service API errors
+#       # rescues all AWS WAFV2 API errors
 #     end
 #
 # See {Errors} for more information.
@@ -42,6 +45,6 @@ require_relative 'aws-sdk-wafv2/customizations'
 # @service
 module Aws::WAFV2
 
-  GEM_VERSION = '1.1.0'
+  GEM_VERSION = '1.6.1'
 
 end

data/lib/aws-sdk-wafv2/client.rb

@@ -24,12 +24,25 @@ require 'aws-sdk-core/plugins/jsonvalue_converter.rb'
 require 'aws-sdk-core/plugins/client_metrics_plugin.rb'
 require 'aws-sdk-core/plugins/client_metrics_send_plugin.rb'
 require 'aws-sdk-core/plugins/transfer_encoding.rb'
+require 'aws-sdk-core/plugins/http_checksum.rb'
 require 'aws-sdk-core/plugins/signature_v4.rb'
 require 'aws-sdk-core/plugins/protocols/json_rpc.rb'
 
 Aws::Plugins::GlobalConfiguration.add_identifier(:wafv2)
 
 module Aws::WAFV2
+  # An API client for WAFV2.  To construct a client, you need to configure a `:region` and `:credentials`.
+  #
+  #     client = Aws::WAFV2::Client.new(
+  #       region: region_name,
+  #       credentials: credentials,
+  #       # ...
+  #     )
+  #
+  # For details on configuring region and credentials see
+  # the [developer guide](/sdk-for-ruby/v3/developer-guide/setup-config.html).
+  #
+  # See {#initialize} for a full list of supported configuration options.
   class Client < Seahorse::Client::Base
 
     include Aws::ClientStubs
@@ -57,6 +70,7 @@ module Aws::WAFV2
     add_plugin(Aws::Plugins::ClientMetricsPlugin)
     add_plugin(Aws::Plugins::ClientMetricsSendPlugin)
     add_plugin(Aws::Plugins::TransferEncoding)
+    add_plugin(Aws::Plugins::HttpChecksum)
     add_plugin(Aws::Plugins::SignatureV4)
     add_plugin(Aws::Plugins::Protocols::JsonRpc)
 
@@ -93,7 +107,7 @@ module Aws::WAFV2
     #   @option options [required, String] :region
     #     The AWS region to connect to.  The configured `:region` is
     #     used to determine the service `:endpoint`. When not passed,
-    #     a default `:region` is search for in the following locations:
+    #     a default `:region` is searched for in the following locations:
     #
     #     * `Aws.config[:region]`
     #     * `ENV['AWS_REGION']`
@@ -108,6 +122,12 @@ module Aws::WAFV2
     #     When set to `true`, a thread polling for endpoints will be running in
     #     the background every 60 secs (default). Defaults to `false`.
     #
+    #   @option options [Boolean] :adaptive_retry_wait_to_fill (true)
+    #     Used only in `adaptive` retry mode.  When true, the request will sleep
+    #     until there is sufficent client side capacity to retry the request.
+    #     When false, the request will raise a `RetryCapacityNotAvailableError` and will
+    #     not retry instead of sleeping.
+    #
     #   @option options [Boolean] :client_side_monitoring (false)
     #     When `true`, client-side metrics will be collected for all API requests from
     #     this client.
@@ -132,6 +152,10 @@ module Aws::WAFV2
     #     When `true`, an attempt is made to coerce request parameters into
     #     the required types.
     #
+    #   @option options [Boolean] :correct_clock_skew (true)
+    #     Used only in `standard` and adaptive retry modes. Specifies whether to apply
+    #     a clock skew correction and retry requests with skewed client clocks.
+    #
     #   @option options [Boolean] :disable_host_prefix_injection (false)
     #     Set to true to disable SDK automatically adding host prefix
     #     to default service endpoint when available.
@@ -139,7 +163,7 @@ module Aws::WAFV2
     #   @option options [String] :endpoint
     #     The client endpoint is normally constructed from the `:region`
     #     option. You should only configure an `:endpoint` when connecting
-    #     to test endpoints. This should be avalid HTTP(S) URI.
+    #     to test or custom endpoints. This should be a valid HTTP(S) URI.
     #
     #   @option options [Integer] :endpoint_cache_max_entries (1000)
     #     Used for the maximum size limit of the LRU cache storing endpoints data
@@ -154,7 +178,7 @@ module Aws::WAFV2
     #     requests fetching endpoints information. Defaults to 60 sec.
     #
     #   @option options [Boolean] :endpoint_discovery (false)
-    #     When set to `true`, endpoint discovery will be enabled for operations when available. Defaults to `false`.
+    #     When set to `true`, endpoint discovery will be enabled for operations when available.
     #
     #   @option options [Aws::Log::Formatter] :log_formatter (Aws::Log::Formatter.default)
     #     The log formatter.
@@ -166,15 +190,29 @@ module Aws::WAFV2
     #     The Logger instance to send log messages to.  If this option
     #     is not set, logging will be disabled.
     #
+    #   @option options [Integer] :max_attempts (3)
+    #     An integer representing the maximum number attempts that will be made for
+    #     a single request, including the initial attempt.  For example,
+    #     setting this value to 5 will result in a request being retried up to
+    #     4 times. Used in `standard` and `adaptive` retry modes.
+    #
     #   @option options [String] :profile ("default")
     #     Used when loading credentials from the shared credentials file
     #     at HOME/.aws/credentials.  When not specified, 'default' is used.
     #
+    #   @option options [Proc] :retry_backoff
+    #     A proc or lambda used for backoff. Defaults to 2**retries * retry_base_delay.
+    #     This option is only used in the `legacy` retry mode.
+    #
     #   @option options [Float] :retry_base_delay (0.3)
-    #     The base delay in seconds used by the default backoff function.
+    #     The base delay in seconds used by the default backoff function. This option
+    #     is only used in the `legacy` retry mode.
     #
     #   @option options [Symbol] :retry_jitter (:none)
-    #     A delay randomiser function used by the default backoff function. Some predefined functions can be referenced by name - :none, :equal, :full, otherwise a Proc that takes and returns a number.
+    #     A delay randomiser function used by the default backoff function.
+    #     Some predefined functions can be referenced by name - :none, :equal, :full,
+    #     otherwise a Proc that takes and returns a number. This option is only used
+    #     in the `legacy` retry mode.
     #
     #     @see https://www.awsarchitectureblog.com/2015/03/backoff.html
     #
@@ -182,11 +220,30 @@ module Aws::WAFV2
     #     The maximum number of times to retry failed requests.  Only
     #     ~ 500 level server errors and certain ~ 400 level client errors
     #     are retried.  Generally, these are throttling errors, data
-    #     checksum errors, networking errors, timeout errors and auth
-    #     errors from expired credentials.
+    #     checksum errors, networking errors, timeout errors, auth errors,
+    #     endpoint discovery, and errors from expired credentials.
+    #     This option is only used in the `legacy` retry mode.
     #
     #   @option options [Integer] :retry_max_delay (0)
-    #     The maximum number of seconds to delay between retries (0 for no limit) used by the default backoff function.
+    #     The maximum number of seconds to delay between retries (0 for no limit)
+    #     used by the default backoff function. This option is only used in the
+    #     `legacy` retry mode.
+    #
+    #   @option options [String] :retry_mode ("legacy")
+    #     Specifies which retry algorithm to use. Values are:
+    #
+    #     * `legacy` - The pre-existing retry behavior.  This is default value if
+    #       no retry mode is provided.
+    #
+    #     * `standard` - A standardized set of retry rules across the AWS SDKs.
+    #       This includes support for retry quotas, which limit the number of
+    #       unsuccessful retries a client can make.
+    #
+    #     * `adaptive` - An experimental retry mode that includes all the
+    #       functionality of `standard` mode along with automatic client side
+    #       throttling.  This is a provisional mode that may change behavior
+    #       in the future.
+    #
     #
     #   @option options [String] :secret_access_key
     #
@@ -219,16 +276,15 @@ module Aws::WAFV2
     #     requests through.  Formatted like 'http://proxy.com:123'.
     #
     #   @option options [Float] :http_open_timeout (15) The number of
-    #     seconds to wait when opening a HTTP session before rasing a
+    #     seconds to wait when opening a HTTP session before raising a
     #     `Timeout::Error`.
     #
     #   @option options [Integer] :http_read_timeout (60) The default
     #     number of seconds to wait for response data.  This value can
-    #     safely be set
-    #     per-request on the session yeidled by {#session_for}.
+    #     safely be set per-request on the session.
     #
     #   @option options [Float] :http_idle_timeout (5) The number of
-    #     seconds a connection is allowed to sit idble before it is
+    #     seconds a connection is allowed to sit idle before it is
     #     considered stale.  Stale connections are closed and removed
     #     from the pool before making a request.
     #
@@ -237,7 +293,7 @@ module Aws::WAFV2
     #     request body.  This option has no effect unless the request has
     #     "Expect" header set to "100-continue".  Defaults to `nil` which
     #     disables this behaviour.  This value can safely be set per
-    #     request on the session yeidled by {#session_for}.
+    #     request on the session.
     #
     #   @option options [Boolean] :http_wire_trace (false) When `true`,
     #     HTTP debug output will be sent to the `:logger`.
@@ -275,9 +331,11 @@ module Aws::WAFV2
     # the resource. A regional application can be an Application Load
     # Balancer (ALB) or an API Gateway stage.
     #
-    # For AWS CloudFront, you can associate the Web ACL by providing the
-    # `ARN` of the WebACL to the CloudFront API call `UpdateDistribution`.
-    # For information, see [UpdateDistribution][2].
+    # For AWS CloudFront, don't use this call. Instead, use your CloudFront
+    # distribution configuration. To associate a Web ACL, in the CloudFront
+    # call `UpdateDistribution`, set the web ACL ID to the Amazon Resource
+    # Name (ARN) of the Web ACL. For information, see
+    # [UpdateDistribution][2].
     #
     #
     #
@@ -351,7 +409,7 @@ module Aws::WAFV2
     #   To work with CloudFront, you must also specify the Region US East (N.
     #   Virginia) as follows:
     #
-    #   * CLI - Specify the region when you use the CloudFront scope:
+    #   * CLI - Specify the Region when you use the CloudFront scope:
     #     `--scope=CLOUDFRONT --region=us-east-1`.
     #
     #   * API and SDKs - For all calls, use the Region endpoint us-east-1.
@@ -612,8 +670,8 @@ module Aws::WAFV2
     # [1]: https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html
     #
     # @option params [required, String] :name
-    #   A friendly name of the IP set. You cannot change the name of an
-    #   `IPSet` after you create it.
+    #   The name of the IP set. You cannot change the name of an `IPSet` after
+    #   you create it.
     #
     # @option params [required, String] :scope
     #   Specifies whether this is for an AWS CloudFront distribution or for a
@@ -623,14 +681,14 @@ module Aws::WAFV2
     #   To work with CloudFront, you must also specify the Region US East (N.
     #   Virginia) as follows:
     #
-    #   * CLI - Specify the region when you use the CloudFront scope:
+    #   * CLI - Specify the Region when you use the CloudFront scope:
     #     `--scope=CLOUDFRONT --region=us-east-1`.
     #
     #   * API and SDKs - For all calls, use the Region endpoint us-east-1.
     #
     # @option params [String] :description
-    #   A friendly description of the IP set. You cannot change the
-    #   description of an IP set after you create it.
+    #   A description of the IP set that helps with identification. You cannot
+    #   change the description of an IP set after you create it.
     #
     # @option params [required, String] :ip_address_version
     #   Specify IPV4 or IPV6.
@@ -723,8 +781,8 @@ module Aws::WAFV2
     # [1]: https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html
     #
     # @option params [required, String] :name
-    #   A friendly name of the set. You cannot change the name after you
-    #   create the set.
+    #   The name of the set. You cannot change the name after you create the
+    #   set.
     #
     # @option params [required, String] :scope
     #   Specifies whether this is for an AWS CloudFront distribution or for a
@@ -734,14 +792,14 @@ module Aws::WAFV2
     #   To work with CloudFront, you must also specify the Region US East (N.
     #   Virginia) as follows:
     #
-    #   * CLI - Specify the region when you use the CloudFront scope:
+    #   * CLI - Specify the Region when you use the CloudFront scope:
     #     `--scope=CLOUDFRONT --region=us-east-1`.
     #
     #   * API and SDKs - For all calls, use the Region endpoint us-east-1.
     #
     # @option params [String] :description
-    #   A friendly description of the set. You cannot change the description
-    #   of a set after you create it.
+    #   A description of the set that helps with identification. You cannot
+    #   change the description of a set after you create it.
     #
     # @option params [required, Array<Types::Regex>] :regular_expression_list
     #   Array of regular expression strings.
@@ -809,8 +867,8 @@ module Aws::WAFV2
     # [1]: https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html
     #
     # @option params [required, String] :name
-    #   A friendly name of the rule group. You cannot change the name of a
-    #   rule group after you create it.
+    #   The name of the rule group. You cannot change the name of a rule group
+    #   after you create it.
     #
     # @option params [required, String] :scope
     #   Specifies whether this is for an AWS CloudFront distribution or for a
@@ -820,7 +878,7 @@ module Aws::WAFV2
     #   To work with CloudFront, you must also specify the Region US East (N.
     #   Virginia) as follows:
     #
-    #   * CLI - Specify the region when you use the CloudFront scope:
+    #   * CLI - Specify the Region when you use the CloudFront scope:
     #     `--scope=CLOUDFRONT --region=us-east-1`.
     #
     #   * API and SDKs - For all calls, use the Region endpoint us-east-1.
@@ -843,8 +901,8 @@ module Aws::WAFV2
     #   ACLs is 1,500.
     #
     # @option params [String] :description
-    #   A friendly description of the rule group. You cannot change the
-    #   description of a rule group after you create it.
+    #   A description of the rule group that helps with identification. You
+    #   cannot change the description of a rule group after you create it.
     #
     # @option params [Array<Types::Rule>] :rules
     #   The Rule statements used to identify the web requests that you want to
@@ -1135,8 +1193,8 @@ module Aws::WAFV2
     # [1]: https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html
     #
     # @option params [required, String] :name
-    #   A friendly name of the Web ACL. You cannot change the name of a Web
-    #   ACL after you create it.
+    #   The name of the Web ACL. You cannot change the name of a Web ACL after
+    #   you create it.
     #
     # @option params [required, String] :scope
     #   Specifies whether this is for an AWS CloudFront distribution or for a
@@ -1146,7 +1204,7 @@ module Aws::WAFV2
     #   To work with CloudFront, you must also specify the Region US East (N.
     #   Virginia) as follows:
     #
-    #   * CLI - Specify the region when you use the CloudFront scope:
+    #   * CLI - Specify the Region when you use the CloudFront scope:
     #     `--scope=CLOUDFRONT --region=us-east-1`.
     #
     #   * API and SDKs - For all calls, use the Region endpoint us-east-1.
@@ -1156,8 +1214,8 @@ module Aws::WAFV2
     #   match.
     #
     # @option params [String] :description
-    #   A friendly description of the Web ACL. You cannot change the
-    #   description of a Web ACL after you create it.
+    #   A description of the Web ACL that helps with identification. You
+    #   cannot change the description of a Web ACL after you create it.
     #
     # @option params [Array<Types::Rule>] :rules
     #   The Rule statements used to identify the web requests that you want to
@@ -1429,6 +1487,49 @@ module Aws::WAFV2
       req.send_request(options)
     end
 
+    # Deletes all rule groups that are managed by AWS Firewall Manager for
+    # the specified web ACL.
+    #
+    # You can only use this if `ManagedByFirewallManager` is false in the
+    # specified WebACL.
+    #
+    # @option params [required, String] :web_acl_arn
+    #   The Amazon Resource Name (ARN) of the web ACL.
+    #
+    # @option params [required, String] :web_acl_lock_token
+    #   A token used for optimistic locking. AWS WAF returns a token to your
+    #   get and list requests, to mark the state of the entity at the time of
+    #   the request. To make changes to the entity associated with the token,
+    #   you provide the token to operations like update and delete. AWS WAF
+    #   uses the token to ensure that no changes have been made to the entity
+    #   since you last retrieved it. If a change has been made, the update
+    #   fails with a `WAFOptimisticLockException`. If this happens, perform
+    #   another get, and use the new token returned by that operation.
+    #
+    # @return [Types::DeleteFirewallManagerRuleGroupsResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
+    #
+    #   * {Types::DeleteFirewallManagerRuleGroupsResponse#next_web_acl_lock_token #next_web_acl_lock_token} => String
+    #
+    # @example Request syntax with placeholder values
+    #
+    #   resp = client.delete_firewall_manager_rule_groups({
+    #     web_acl_arn: "ResourceArn", # required
+    #     web_acl_lock_token: "LockToken", # required
+    #   })
+    #
+    # @example Response structure
+    #
+    #   resp.next_web_acl_lock_token #=> String
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/DeleteFirewallManagerRuleGroups AWS API Documentation
+    #
+    # @overload delete_firewall_manager_rule_groups(params = {})
+    # @param [Hash] params ({})
+    def delete_firewall_manager_rule_groups(params = {}, options = {})
+      req = build_request(:delete_firewall_manager_rule_groups, params)
+      req.send_request(options)
+    end
+
     # <note markdown="1"> This is the latest version of **AWS WAF**, named AWS WAFV2, released
     # in November, 2019. For information, including how to migrate your AWS
     # WAF resources from the prior release, see the [AWS WAF Developer
@@ -1443,8 +1544,8 @@ module Aws::WAFV2
     # [1]: https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html
     #
     # @option params [required, String] :name
-    #   A friendly name of the IP set. You cannot change the name of an
-    #   `IPSet` after you create it.
+    #   The name of the IP set. You cannot change the name of an `IPSet` after
+    #   you create it.
     #
     # @option params [required, String] :scope
     #   Specifies whether this is for an AWS CloudFront distribution or for a
@@ -1454,7 +1555,7 @@ module Aws::WAFV2
     #   To work with CloudFront, you must also specify the Region US East (N.
     #   Virginia) as follows:
     #
-    #   * CLI - Specify the region when you use the CloudFront scope:
+    #   * CLI - Specify the Region when you use the CloudFront scope:
     #     `--scope=CLOUDFRONT --region=us-east-1`.
     #
     #   * API and SDKs - For all calls, use the Region endpoint us-east-1.
@@ -1528,6 +1629,33 @@ module Aws::WAFV2
       req.send_request(options)
     end
 
+    # Permanently deletes an IAM policy from the specified rule group.
+    #
+    # You must be the owner of the rule group to perform this operation.
+    #
+    # @option params [required, String] :resource_arn
+    #   The Amazon Resource Name (ARN) of the rule group from which you want
+    #   to delete the policy.
+    #
+    #   You must be the owner of the rule group to perform this operation.
+    #
+    # @return [Struct] Returns an empty {Seahorse::Client::Response response}.
+    #
+    # @example Request syntax with placeholder values
+    #
+    #   resp = client.delete_permission_policy({
+    #     resource_arn: "ResourceArn", # required
+    #   })
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/DeletePermissionPolicy AWS API Documentation
+    #
+    # @overload delete_permission_policy(params = {})
+    # @param [Hash] params ({})
+    def delete_permission_policy(params = {}, options = {})
+      req = build_request(:delete_permission_policy, params)
+      req.send_request(options)
+    end
+
     # <note markdown="1"> This is the latest version of **AWS WAF**, named AWS WAFV2, released
     # in November, 2019. For information, including how to migrate your AWS
     # WAF resources from the prior release, see the [AWS WAF Developer
@@ -1542,8 +1670,8 @@ module Aws::WAFV2
     # [1]: https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html
     #
     # @option params [required, String] :name
-    #   A friendly name of the set. You cannot change the name after you
-    #   create the set.
+    #   The name of the set. You cannot change the name after you create the
+    #   set.
     #
     # @option params [required, String] :scope
     #   Specifies whether this is for an AWS CloudFront distribution or for a
@@ -1553,7 +1681,7 @@ module Aws::WAFV2
     #   To work with CloudFront, you must also specify the Region US East (N.
     #   Virginia) as follows:
     #
-    #   * CLI - Specify the region when you use the CloudFront scope:
+    #   * CLI - Specify the Region when you use the CloudFront scope:
     #     `--scope=CLOUDFRONT --region=us-east-1`.
     #
     #   * API and SDKs - For all calls, use the Region endpoint us-east-1.
@@ -1607,8 +1735,8 @@ module Aws::WAFV2
     # [1]: https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html
     #
     # @option params [required, String] :name
-    #   A friendly name of the rule group. You cannot change the name of a
-    #   rule group after you create it.
+    #   The name of the rule group. You cannot change the name of a rule group
+    #   after you create it.
     #
     # @option params [required, String] :scope
     #   Specifies whether this is for an AWS CloudFront distribution or for a
@@ -1618,7 +1746,7 @@ module Aws::WAFV2
     #   To work with CloudFront, you must also specify the Region US East (N.
     #   Virginia) as follows:
     #
-    #   * CLI - Specify the region when you use the CloudFront scope:
+    #   * CLI - Specify the Region when you use the CloudFront scope:
     #     `--scope=CLOUDFRONT --region=us-east-1`.
     #
     #   * API and SDKs - For all calls, use the Region endpoint us-east-1.
@@ -1667,13 +1795,16 @@ module Aws::WAFV2
     #
     # Deletes the specified WebACL.
     #
+    # You can only use this if `ManagedByFirewallManager` is false in the
+    # specified WebACL.
+    #
     #
     #
     # [1]: https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html
     #
     # @option params [required, String] :name
-    #   A friendly name of the Web ACL. You cannot change the name of a Web
-    #   ACL after you create it.
+    #   The name of the Web ACL. You cannot change the name of a Web ACL after
+    #   you create it.
     #
     # @option params [required, String] :scope
     #   Specifies whether this is for an AWS CloudFront distribution or for a
@@ -1683,7 +1814,7 @@ module Aws::WAFV2
     #   To work with CloudFront, you must also specify the Region US East (N.
     #   Virginia) as follows:
     #
-    #   * CLI - Specify the region when you use the CloudFront scope:
+    #   * CLI - Specify the Region when you use the CloudFront scope:
     #     `--scope=CLOUDFRONT --region=us-east-1`.
     #
     #   * API and SDKs - For all calls, use the Region endpoint us-east-1.
@@ -1753,7 +1884,7 @@ module Aws::WAFV2
     #   To work with CloudFront, you must also specify the Region US East (N.
     #   Virginia) as follows:
     #
-    #   * CLI - Specify the region when you use the CloudFront scope:
+    #   * CLI - Specify the Region when you use the CloudFront scope:
     #     `--scope=CLOUDFRONT --region=us-east-1`.
     #
     #   * API and SDKs - For all calls, use the Region endpoint us-east-1.
@@ -1797,8 +1928,9 @@ module Aws::WAFV2
     # regional application can be an Application Load Balancer (ALB) or an
     # API Gateway stage.
     #
-    # For AWS CloudFront, you can disassociate the Web ACL by providing an
-    # empty web ACL ARN in the CloudFront API call `UpdateDistribution`. For
+    # For AWS CloudFront, don't use this call. Instead, use your CloudFront
+    # distribution configuration. To disassociate a Web ACL, provide an
+    # empty web ACL ID in the CloudFront call `UpdateDistribution`. For
     # information, see [UpdateDistribution][2].
     #
     #
@@ -1850,8 +1982,8 @@ module Aws::WAFV2
     # [1]: https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html
     #
     # @option params [required, String] :name
-    #   A friendly name of the IP set. You cannot change the name of an
-    #   `IPSet` after you create it.
+    #   The name of the IP set. You cannot change the name of an `IPSet` after
+    #   you create it.
     #
     # @option params [required, String] :scope
     #   Specifies whether this is for an AWS CloudFront distribution or for a
@@ -1861,7 +1993,7 @@ module Aws::WAFV2
     #   To work with CloudFront, you must also specify the Region US East (N.
     #   Virginia) as follows:
     #
-    #   * CLI - Specify the region when you use the CloudFront scope:
+    #   * CLI - Specify the Region when you use the CloudFront scope:
     #     `--scope=CLOUDFRONT --region=us-east-1`.
     #
     #   * API and SDKs - For all calls, use the Region endpoint us-east-1.
@@ -1949,6 +2081,37 @@ module Aws::WAFV2
       req.send_request(options)
     end
 
+    # Returns the IAM policy that is attached to the specified rule group.
+    #
+    # You must be the owner of the rule group to perform this operation.
+    #
+    # @option params [required, String] :resource_arn
+    #   The Amazon Resource Name (ARN) of the rule group for which you want to
+    #   get the policy.
+    #
+    # @return [Types::GetPermissionPolicyResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
+    #
+    #   * {Types::GetPermissionPolicyResponse#policy #policy} => String
+    #
+    # @example Request syntax with placeholder values
+    #
+    #   resp = client.get_permission_policy({
+    #     resource_arn: "ResourceArn", # required
+    #   })
+    #
+    # @example Response structure
+    #
+    #   resp.policy #=> String
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/GetPermissionPolicy AWS API Documentation
+    #
+    # @overload get_permission_policy(params = {})
+    # @param [Hash] params ({})
+    def get_permission_policy(params = {}, options = {})
+      req = build_request(:get_permission_policy, params)
+      req.send_request(options)
+    end
+
     # <note markdown="1"> This is the latest version of **AWS WAF**, named AWS WAFV2, released
     # in November, 2019. For information, including how to migrate your AWS
     # WAF resources from the prior release, see the [AWS WAF Developer
@@ -1973,14 +2136,14 @@ module Aws::WAFV2
     #   To work with CloudFront, you must also specify the Region US East (N.
     #   Virginia) as follows:
     #
-    #   * CLI - Specify the region when you use the CloudFront scope:
+    #   * CLI - Specify the Region when you use the CloudFront scope:
     #     `--scope=CLOUDFRONT --region=us-east-1`.
     #
     #   * API and SDKs - For all calls, use the Region endpoint us-east-1.
     #
     # @option params [required, String] :web_acl_name
-    #   A friendly name of the Web ACL. You cannot change the name of a Web
-    #   ACL after you create it.
+    #   The name of the Web ACL. You cannot change the name of a Web ACL after
+    #   you create it.
     #
     # @option params [required, String] :web_acl_id
     #   The unique identifier for the Web ACL. This ID is returned in the
@@ -2036,8 +2199,8 @@ module Aws::WAFV2
     # [1]: https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html
     #
     # @option params [required, String] :name
-    #   A friendly name of the set. You cannot change the name after you
-    #   create the set.
+    #   The name of the set. You cannot change the name after you create the
+    #   set.
     #
     # @option params [required, String] :scope
     #   Specifies whether this is for an AWS CloudFront distribution or for a
@@ -2047,7 +2210,7 @@ module Aws::WAFV2
     #   To work with CloudFront, you must also specify the Region US East (N.
     #   Virginia) as follows:
     #
-    #   * CLI - Specify the region when you use the CloudFront scope:
+    #   * CLI - Specify the Region when you use the CloudFront scope:
     #     `--scope=CLOUDFRONT --region=us-east-1`.
     #
     #   * API and SDKs - For all calls, use the Region endpoint us-east-1.
@@ -2103,8 +2266,8 @@ module Aws::WAFV2
     # [1]: https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html
     #
     # @option params [required, String] :name
-    #   A friendly name of the rule group. You cannot change the name of a
-    #   rule group after you create it.
+    #   The name of the rule group. You cannot change the name of a rule group
+    #   after you create it.
     #
     # @option params [required, String] :scope
     #   Specifies whether this is for an AWS CloudFront distribution or for a
@@ -2114,7 +2277,7 @@ module Aws::WAFV2
     #   To work with CloudFront, you must also specify the Region US East (N.
     #   Virginia) as follows:
     #
-    #   * CLI - Specify the region when you use the CloudFront scope:
+    #   * CLI - Specify the Region when you use the CloudFront scope:
     #     `--scope=CLOUDFRONT --region=us-east-1`.
     #
     #   * API and SDKs - For all calls, use the Region endpoint us-east-1.
@@ -2252,7 +2415,7 @@ module Aws::WAFV2
     #   To work with CloudFront, you must also specify the Region US East (N.
     #   Virginia) as follows:
     #
-    #   * CLI - Specify the region when you use the CloudFront scope:
+    #   * CLI - Specify the Region when you use the CloudFront scope:
     #     `--scope=CLOUDFRONT --region=us-east-1`.
     #
     #   * API and SDKs - For all calls, use the Region endpoint us-east-1.
@@ -2332,8 +2495,8 @@ module Aws::WAFV2
     # [1]: https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html
     #
     # @option params [required, String] :name
-    #   A friendly name of the Web ACL. You cannot change the name of a Web
-    #   ACL after you create it.
+    #   The name of the Web ACL. You cannot change the name of a Web ACL after
+    #   you create it.
     #
     # @option params [required, String] :scope
     #   Specifies whether this is for an AWS CloudFront distribution or for a
@@ -2343,7 +2506,7 @@ module Aws::WAFV2
     #   To work with CloudFront, you must also specify the Region US East (N.
     #   Virginia) as follows:
     #
-    #   * CLI - Specify the region when you use the CloudFront scope:
+    #   * CLI - Specify the Region when you use the CloudFront scope:
     #     `--scope=CLOUDFRONT --region=us-east-1`.
     #
     #   * API and SDKs - For all calls, use the Region endpoint us-east-1.
@@ -2430,6 +2593,33 @@ module Aws::WAFV2
     #   resp.web_acl.visibility_config.cloud_watch_metrics_enabled #=> Boolean
     #   resp.web_acl.visibility_config.metric_name #=> String
     #   resp.web_acl.capacity #=> Integer
+    #   resp.web_acl.pre_process_firewall_manager_rule_groups #=> Array
+    #   resp.web_acl.pre_process_firewall_manager_rule_groups[0].name #=> String
+    #   resp.web_acl.pre_process_firewall_manager_rule_groups[0].priority #=> Integer
+    #   resp.web_acl.pre_process_firewall_manager_rule_groups[0].firewall_manager_statement.managed_rule_group_statement.vendor_name #=> String
+    #   resp.web_acl.pre_process_firewall_manager_rule_groups[0].firewall_manager_statement.managed_rule_group_statement.name #=> String
+    #   resp.web_acl.pre_process_firewall_manager_rule_groups[0].firewall_manager_statement.managed_rule_group_statement.excluded_rules #=> Array
+    #   resp.web_acl.pre_process_firewall_manager_rule_groups[0].firewall_manager_statement.managed_rule_group_statement.excluded_rules[0].name #=> String
+    #   resp.web_acl.pre_process_firewall_manager_rule_groups[0].firewall_manager_statement.rule_group_reference_statement.arn #=> String
+    #   resp.web_acl.pre_process_firewall_manager_rule_groups[0].firewall_manager_statement.rule_group_reference_statement.excluded_rules #=> Array
+    #   resp.web_acl.pre_process_firewall_manager_rule_groups[0].firewall_manager_statement.rule_group_reference_statement.excluded_rules[0].name #=> String
+    #   resp.web_acl.pre_process_firewall_manager_rule_groups[0].visibility_config.sampled_requests_enabled #=> Boolean
+    #   resp.web_acl.pre_process_firewall_manager_rule_groups[0].visibility_config.cloud_watch_metrics_enabled #=> Boolean
+    #   resp.web_acl.pre_process_firewall_manager_rule_groups[0].visibility_config.metric_name #=> String
+    #   resp.web_acl.post_process_firewall_manager_rule_groups #=> Array
+    #   resp.web_acl.post_process_firewall_manager_rule_groups[0].name #=> String
+    #   resp.web_acl.post_process_firewall_manager_rule_groups[0].priority #=> Integer
+    #   resp.web_acl.post_process_firewall_manager_rule_groups[0].firewall_manager_statement.managed_rule_group_statement.vendor_name #=> String
+    #   resp.web_acl.post_process_firewall_manager_rule_groups[0].firewall_manager_statement.managed_rule_group_statement.name #=> String
+    #   resp.web_acl.post_process_firewall_manager_rule_groups[0].firewall_manager_statement.managed_rule_group_statement.excluded_rules #=> Array
+    #   resp.web_acl.post_process_firewall_manager_rule_groups[0].firewall_manager_statement.managed_rule_group_statement.excluded_rules[0].name #=> String
+    #   resp.web_acl.post_process_firewall_manager_rule_groups[0].firewall_manager_statement.rule_group_reference_statement.arn #=> String
+    #   resp.web_acl.post_process_firewall_manager_rule_groups[0].firewall_manager_statement.rule_group_reference_statement.excluded_rules #=> Array
+    #   resp.web_acl.post_process_firewall_manager_rule_groups[0].firewall_manager_statement.rule_group_reference_statement.excluded_rules[0].name #=> String
+    #   resp.web_acl.post_process_firewall_manager_rule_groups[0].visibility_config.sampled_requests_enabled #=> Boolean
+    #   resp.web_acl.post_process_firewall_manager_rule_groups[0].visibility_config.cloud_watch_metrics_enabled #=> Boolean
+    #   resp.web_acl.post_process_firewall_manager_rule_groups[0].visibility_config.metric_name #=> String
+    #   resp.web_acl.managed_by_firewall_manager #=> Boolean
     #   resp.lock_token #=> String
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/GetWebACL AWS API Documentation
@@ -2531,6 +2721,33 @@ module Aws::WAFV2
     #   resp.web_acl.visibility_config.cloud_watch_metrics_enabled #=> Boolean
     #   resp.web_acl.visibility_config.metric_name #=> String
     #   resp.web_acl.capacity #=> Integer
+    #   resp.web_acl.pre_process_firewall_manager_rule_groups #=> Array
+    #   resp.web_acl.pre_process_firewall_manager_rule_groups[0].name #=> String
+    #   resp.web_acl.pre_process_firewall_manager_rule_groups[0].priority #=> Integer
+    #   resp.web_acl.pre_process_firewall_manager_rule_groups[0].firewall_manager_statement.managed_rule_group_statement.vendor_name #=> String
+    #   resp.web_acl.pre_process_firewall_manager_rule_groups[0].firewall_manager_statement.managed_rule_group_statement.name #=> String
+    #   resp.web_acl.pre_process_firewall_manager_rule_groups[0].firewall_manager_statement.managed_rule_group_statement.excluded_rules #=> Array
+    #   resp.web_acl.pre_process_firewall_manager_rule_groups[0].firewall_manager_statement.managed_rule_group_statement.excluded_rules[0].name #=> String
+    #   resp.web_acl.pre_process_firewall_manager_rule_groups[0].firewall_manager_statement.rule_group_reference_statement.arn #=> String
+    #   resp.web_acl.pre_process_firewall_manager_rule_groups[0].firewall_manager_statement.rule_group_reference_statement.excluded_rules #=> Array
+    #   resp.web_acl.pre_process_firewall_manager_rule_groups[0].firewall_manager_statement.rule_group_reference_statement.excluded_rules[0].name #=> String
+    #   resp.web_acl.pre_process_firewall_manager_rule_groups[0].visibility_config.sampled_requests_enabled #=> Boolean
+    #   resp.web_acl.pre_process_firewall_manager_rule_groups[0].visibility_config.cloud_watch_metrics_enabled #=> Boolean
+    #   resp.web_acl.pre_process_firewall_manager_rule_groups[0].visibility_config.metric_name #=> String
+    #   resp.web_acl.post_process_firewall_manager_rule_groups #=> Array
+    #   resp.web_acl.post_process_firewall_manager_rule_groups[0].name #=> String
+    #   resp.web_acl.post_process_firewall_manager_rule_groups[0].priority #=> Integer
+    #   resp.web_acl.post_process_firewall_manager_rule_groups[0].firewall_manager_statement.managed_rule_group_statement.vendor_name #=> String
+    #   resp.web_acl.post_process_firewall_manager_rule_groups[0].firewall_manager_statement.managed_rule_group_statement.name #=> String
+    #   resp.web_acl.post_process_firewall_manager_rule_groups[0].firewall_manager_statement.managed_rule_group_statement.excluded_rules #=> Array
+    #   resp.web_acl.post_process_firewall_manager_rule_groups[0].firewall_manager_statement.managed_rule_group_statement.excluded_rules[0].name #=> String
+    #   resp.web_acl.post_process_firewall_manager_rule_groups[0].firewall_manager_statement.rule_group_reference_statement.arn #=> String
+    #   resp.web_acl.post_process_firewall_manager_rule_groups[0].firewall_manager_statement.rule_group_reference_statement.excluded_rules #=> Array
+    #   resp.web_acl.post_process_firewall_manager_rule_groups[0].firewall_manager_statement.rule_group_reference_statement.excluded_rules[0].name #=> String
+    #   resp.web_acl.post_process_firewall_manager_rule_groups[0].visibility_config.sampled_requests_enabled #=> Boolean
+    #   resp.web_acl.post_process_firewall_manager_rule_groups[0].visibility_config.cloud_watch_metrics_enabled #=> Boolean
+    #   resp.web_acl.post_process_firewall_manager_rule_groups[0].visibility_config.metric_name #=> String
+    #   resp.web_acl.managed_by_firewall_manager #=> Boolean
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/GetWebACLForResource AWS API Documentation
     #
@@ -2564,7 +2781,7 @@ module Aws::WAFV2
     #   To work with CloudFront, you must also specify the Region US East (N.
     #   Virginia) as follows:
     #
-    #   * CLI - Specify the region when you use the CloudFront scope:
+    #   * CLI - Specify the Region when you use the CloudFront scope:
     #     `--scope=CLOUDFRONT --region=us-east-1`.
     #
     #   * API and SDKs - For all calls, use the Region endpoint us-east-1.
@@ -2634,7 +2851,7 @@ module Aws::WAFV2
     #   To work with CloudFront, you must also specify the Region US East (N.
     #   Virginia) as follows:
     #
-    #   * CLI - Specify the region when you use the CloudFront scope:
+    #   * CLI - Specify the Region when you use the CloudFront scope:
     #     `--scope=CLOUDFRONT --region=us-east-1`.
     #
     #   * API and SDKs - For all calls, use the Region endpoint us-east-1.
@@ -2705,7 +2922,7 @@ module Aws::WAFV2
     #   To work with CloudFront, you must also specify the Region US East (N.
     #   Virginia) as follows:
     #
-    #   * CLI - Specify the region when you use the CloudFront scope:
+    #   * CLI - Specify the Region when you use the CloudFront scope:
     #     `--scope=CLOUDFRONT --region=us-east-1`.
     #
     #   * API and SDKs - For all calls, use the Region endpoint us-east-1.
@@ -2778,7 +2995,7 @@ module Aws::WAFV2
     #   To work with CloudFront, you must also specify the Region US East (N.
     #   Virginia) as follows:
     #
-    #   * CLI - Specify the region when you use the CloudFront scope:
+    #   * CLI - Specify the Region when you use the CloudFront scope:
     #     `--scope=CLOUDFRONT --region=us-east-1`.
     #
     #   * API and SDKs - For all calls, use the Region endpoint us-east-1.
@@ -2899,7 +3116,7 @@ module Aws::WAFV2
     #   To work with CloudFront, you must also specify the Region US East (N.
     #   Virginia) as follows:
     #
-    #   * CLI - Specify the region when you use the CloudFront scope:
+    #   * CLI - Specify the Region when you use the CloudFront scope:
     #     `--scope=CLOUDFRONT --region=us-east-1`.
     #
     #   * API and SDKs - For all calls, use the Region endpoint us-east-1.
@@ -3030,7 +3247,7 @@ module Aws::WAFV2
     #   To work with CloudFront, you must also specify the Region US East (N.
     #   Virginia) as follows:
     #
-    #   * CLI - Specify the region when you use the CloudFront scope:
+    #   * CLI - Specify the Region when you use the CloudFront scope:
     #     `--scope=CLOUDFRONT --region=us-east-1`.
     #
     #   * API and SDKs - For all calls, use the Region endpoint us-east-1.
@@ -3095,7 +3312,7 @@ module Aws::WAFV2
     #
     # 1.  Create an Amazon Kinesis Data Firehose.
     #
-    #     Create the data firehose with a PUT source and in the region that
+    #     Create the data firehose with a PUT source and in the Region that
     #     you are operating. If you are capturing logs for Amazon
     #     CloudFront, always create the firehose in US East (N. Virginia).
     #
@@ -3171,6 +3388,68 @@ module Aws::WAFV2
       req.send_request(options)
     end
 
+    # Attaches an IAM policy to the specified resource. Use this to share a
+    # rule group across accounts.
+    #
+    # You must be the owner of the rule group to perform this operation.
+    #
+    # This action is subject to the following restrictions:
+    #
+    # * You can attach only one policy with each `PutPermissionPolicy`
+    #   request.
+    #
+    # * The ARN in the request must be a valid WAF RuleGroup ARN and the
+    #   rule group must exist in the same region.
+    #
+    # * The user making the request must be the owner of the rule group.
+    #
+    # @option params [required, String] :resource_arn
+    #   The Amazon Resource Name (ARN) of the RuleGroup to which you want to
+    #   attach the policy.
+    #
+    # @option params [required, String] :policy
+    #   The policy to attach to the specified rule group.
+    #
+    #   The policy specifications must conform to the following:
+    #
+    #   * The policy must be composed using IAM Policy version 2012-10-17 or
+    #     version 2015-01-01.
+    #
+    #   * The policy must include specifications for `Effect`, `Action`, and
+    #     `Principal`.
+    #
+    #   * `Effect` must specify `Allow`.
+    #
+    #   * `Action` must specify `wafv2:CreateWebACL`, `wafv2:UpdateWebACL`,
+    #     and `wafv2:PutFirewallManagerRuleGroups`. AWS WAF rejects any extra
+    #     actions or wildcard actions in the policy.
+    #
+    #   * The policy must not include a `Resource` parameter.
+    #
+    #   For more information, see [IAM Policies][1].
+    #
+    #
+    #
+    #   [1]: https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html
+    #
+    # @return [Struct] Returns an empty {Seahorse::Client::Response response}.
+    #
+    # @example Request syntax with placeholder values
+    #
+    #   resp = client.put_permission_policy({
+    #     resource_arn: "ResourceArn", # required
+    #     policy: "PolicyString", # required
+    #   })
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/PutPermissionPolicy AWS API Documentation
+    #
+    # @overload put_permission_policy(params = {})
+    # @param [Hash] params ({})
+    def put_permission_policy(params = {}, options = {})
+      req = build_request(:put_permission_policy, params)
+      req.send_request(options)
+    end
+
     # <note markdown="1"> This is the latest version of **AWS WAF**, named AWS WAFV2, released
     # in November, 2019. For information, including how to migrate your AWS
     # WAF resources from the prior release, see the [AWS WAF Developer
@@ -3273,8 +3552,8 @@ module Aws::WAFV2
     # [1]: https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html
     #
     # @option params [required, String] :name
-    #   A friendly name of the IP set. You cannot change the name of an
-    #   `IPSet` after you create it.
+    #   The name of the IP set. You cannot change the name of an `IPSet` after
+    #   you create it.
     #
     # @option params [required, String] :scope
     #   Specifies whether this is for an AWS CloudFront distribution or for a
@@ -3284,7 +3563,7 @@ module Aws::WAFV2
     #   To work with CloudFront, you must also specify the Region US East (N.
     #   Virginia) as follows:
     #
-    #   * CLI - Specify the region when you use the CloudFront scope:
+    #   * CLI - Specify the Region when you use the CloudFront scope:
     #     `--scope=CLOUDFRONT --region=us-east-1`.
     #
     #   * API and SDKs - For all calls, use the Region endpoint us-east-1.
@@ -3295,8 +3574,8 @@ module Aws::WAFV2
     #   and delete.
     #
     # @option params [String] :description
-    #   A friendly description of the IP set. You cannot change the
-    #   description of an IP set after you create it.
+    #   A description of the IP set that helps with identification. You cannot
+    #   change the description of an IP set after you create it.
     #
     # @option params [required, Array<String>] :addresses
     #   Contains an array of strings that specify one or more IP addresses or
@@ -3382,8 +3661,8 @@ module Aws::WAFV2
     # [1]: https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html
     #
     # @option params [required, String] :name
-    #   A friendly name of the set. You cannot change the name after you
-    #   create the set.
+    #   The name of the set. You cannot change the name after you create the
+    #   set.
     #
     # @option params [required, String] :scope
     #   Specifies whether this is for an AWS CloudFront distribution or for a
@@ -3393,7 +3672,7 @@ module Aws::WAFV2
     #   To work with CloudFront, you must also specify the Region US East (N.
     #   Virginia) as follows:
     #
-    #   * CLI - Specify the region when you use the CloudFront scope:
+    #   * CLI - Specify the Region when you use the CloudFront scope:
     #     `--scope=CLOUDFRONT --region=us-east-1`.
     #
     #   * API and SDKs - For all calls, use the Region endpoint us-east-1.
@@ -3404,8 +3683,8 @@ module Aws::WAFV2
     #   and delete.
     #
     # @option params [String] :description
-    #   A friendly description of the set. You cannot change the description
-    #   of a set after you create it.
+    #   A description of the set that helps with identification. You cannot
+    #   change the description of a set after you create it.
     #
     # @option params [required, Array<Types::Regex>] :regular_expression_list
     #
@@ -3471,8 +3750,8 @@ module Aws::WAFV2
     # [1]: https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html
     #
     # @option params [required, String] :name
-    #   A friendly name of the rule group. You cannot change the name of a
-    #   rule group after you create it.
+    #   The name of the rule group. You cannot change the name of a rule group
+    #   after you create it.
     #
     # @option params [required, String] :scope
     #   Specifies whether this is for an AWS CloudFront distribution or for a
@@ -3482,7 +3761,7 @@ module Aws::WAFV2
     #   To work with CloudFront, you must also specify the Region US East (N.
     #   Virginia) as follows:
     #
-    #   * CLI - Specify the region when you use the CloudFront scope:
+    #   * CLI - Specify the Region when you use the CloudFront scope:
     #     `--scope=CLOUDFRONT --region=us-east-1`.
     #
     #   * API and SDKs - For all calls, use the Region endpoint us-east-1.
@@ -3493,8 +3772,8 @@ module Aws::WAFV2
     #   like update and delete.
     #
     # @option params [String] :description
-    #   A friendly description of the rule group. You cannot change the
-    #   description of a rule group after you create it.
+    #   A description of the rule group that helps with identification. You
+    #   cannot change the description of a rule group after you create it.
     #
     # @option params [Array<Types::Rule>] :rules
     #   The Rule statements used to identify the web requests that you want to
@@ -3783,8 +4062,8 @@ module Aws::WAFV2
     # [1]: https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html
     #
     # @option params [required, String] :name
-    #   A friendly name of the Web ACL. You cannot change the name of a Web
-    #   ACL after you create it.
+    #   The name of the Web ACL. You cannot change the name of a Web ACL after
+    #   you create it.
     #
     # @option params [required, String] :scope
     #   Specifies whether this is for an AWS CloudFront distribution or for a
@@ -3794,7 +4073,7 @@ module Aws::WAFV2
     #   To work with CloudFront, you must also specify the Region US East (N.
     #   Virginia) as follows:
     #
-    #   * CLI - Specify the region when you use the CloudFront scope:
+    #   * CLI - Specify the Region when you use the CloudFront scope:
     #     `--scope=CLOUDFRONT --region=us-east-1`.
     #
     #   * API and SDKs - For all calls, use the Region endpoint us-east-1.
@@ -3809,8 +4088,8 @@ module Aws::WAFV2
     #   match.
     #
     # @option params [String] :description
-    #   A friendly description of the Web ACL. You cannot change the
-    #   description of a Web ACL after you create it.
+    #   A description of the Web ACL that helps with identification. You
+    #   cannot change the description of a Web ACL after you create it.
     #
     # @option params [Array<Types::Rule>] :rules
     #   The Rule statements used to identify the web requests that you want to
@@ -4094,7 +4373,7 @@ module Aws::WAFV2
         params: params,
         config: config)
       context[:gem_name] = 'aws-sdk-wafv2'
-      context[:gem_version] = '1.1.0'
+      context[:gem_version] = '1.6.1'
       Seahorse::Client::Request.new(handlers, context)
     end