aws-sdk-wafv2 1.2.0 → 1.3.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/lib/aws-sdk-wafv2.rb +1 -1
- data/lib/aws-sdk-wafv2/client.rb +326 -100
- data/lib/aws-sdk-wafv2/client_api.rb +144 -0
- data/lib/aws-sdk-wafv2/errors.rb +32 -0
- data/lib/aws-sdk-wafv2/resource.rb +1 -7
- data/lib/aws-sdk-wafv2/types.rb +538 -148
- metadata +2 -2
data/lib/aws-sdk-wafv2/errors.rb
CHANGED
@@ -28,7 +28,9 @@ module Aws::WAFV2
|
|
28
28
|
# * {WAFAssociatedItemException}
|
29
29
|
# * {WAFDuplicateItemException}
|
30
30
|
# * {WAFInternalErrorException}
|
31
|
+
# * {WAFInvalidOperationException}
|
31
32
|
# * {WAFInvalidParameterException}
|
33
|
+
# * {WAFInvalidPermissionPolicyException}
|
32
34
|
# * {WAFInvalidResourceException}
|
33
35
|
# * {WAFLimitsExceededException}
|
34
36
|
# * {WAFNonexistentItemException}
|
@@ -90,6 +92,21 @@ module Aws::WAFV2
|
|
90
92
|
end
|
91
93
|
end
|
92
94
|
|
95
|
+
class WAFInvalidOperationException < ServiceError
|
96
|
+
|
97
|
+
# @param [Seahorse::Client::RequestContext] context
|
98
|
+
# @param [String] message
|
99
|
+
# @param [Aws::WAFV2::Types::WAFInvalidOperationException] data
|
100
|
+
def initialize(context, message, data = Aws::EmptyStructure.new)
|
101
|
+
super(context, message, data)
|
102
|
+
end
|
103
|
+
|
104
|
+
# @return [String]
|
105
|
+
def message
|
106
|
+
@message || @data[:message]
|
107
|
+
end
|
108
|
+
end
|
109
|
+
|
93
110
|
class WAFInvalidParameterException < ServiceError
|
94
111
|
|
95
112
|
# @param [Seahorse::Client::RequestContext] context
|
@@ -120,6 +137,21 @@ module Aws::WAFV2
|
|
120
137
|
end
|
121
138
|
end
|
122
139
|
|
140
|
+
class WAFInvalidPermissionPolicyException < ServiceError
|
141
|
+
|
142
|
+
# @param [Seahorse::Client::RequestContext] context
|
143
|
+
# @param [String] message
|
144
|
+
# @param [Aws::WAFV2::Types::WAFInvalidPermissionPolicyException] data
|
145
|
+
def initialize(context, message, data = Aws::EmptyStructure.new)
|
146
|
+
super(context, message, data)
|
147
|
+
end
|
148
|
+
|
149
|
+
# @return [String]
|
150
|
+
def message
|
151
|
+
@message || @data[:message]
|
152
|
+
end
|
153
|
+
end
|
154
|
+
|
123
155
|
class WAFInvalidResourceException < ServiceError
|
124
156
|
|
125
157
|
# @param [Seahorse::Client::RequestContext] context
|
@@ -6,13 +6,7 @@
|
|
6
6
|
# WARNING ABOUT GENERATED CODE
|
7
7
|
|
8
8
|
module Aws::WAFV2
|
9
|
-
|
10
|
-
# To create a resource object:
|
11
|
-
# resource = Aws::WAFV2::Resource.new(region: 'us-west-2')
|
12
|
-
# You can supply a client object with custom configuration that will be used for all resource operations.
|
13
|
-
# If you do not pass +:client+, a default client will be constructed.
|
14
|
-
# client = Aws::WAFV2::Client.new(region: 'us-west-2')
|
15
|
-
# resource = Aws::WAFV2::Resource.new(client: client)
|
9
|
+
|
16
10
|
class Resource
|
17
11
|
|
18
12
|
# @param options ({})
|
data/lib/aws-sdk-wafv2/types.rb
CHANGED
@@ -408,8 +408,8 @@ module Aws::WAFV2
|
|
408
408
|
# only in the part of web requests that you designate for inspection
|
409
409
|
# in FieldToMatch. The maximum length of the value is 50 bytes.
|
410
410
|
#
|
411
|
-
# Valid values depend on the
|
412
|
-
# `FieldToMatch`\:
|
411
|
+
# Valid values depend on the component that you specify for inspection
|
412
|
+
# in `FieldToMatch`\:
|
413
413
|
#
|
414
414
|
# * `Method`\: The HTTP method that you want AWS WAF to search for.
|
415
415
|
# This indicates the type of operation specified in the request.
|
@@ -446,9 +446,9 @@ module Aws::WAFV2
|
|
446
446
|
# Text transformations eliminate some of the unusual formatting that
|
447
447
|
# attackers use in web requests in an effort to bypass detection. If
|
448
448
|
# you specify one or more transformations in a rule statement, AWS WAF
|
449
|
-
# performs all transformations on the content
|
450
|
-
# `FieldToMatch`, starting from the lowest priority
|
451
|
-
# inspecting the content for a match.
|
449
|
+
# performs all transformations on the content of the request component
|
450
|
+
# identified by `FieldToMatch`, starting from the lowest priority
|
451
|
+
# setting, before inspecting the content for a match.
|
452
452
|
# @return [Array<Types::TextTransformation>]
|
453
453
|
#
|
454
454
|
# @!attribute [rw] positional_constraint
|
@@ -730,7 +730,7 @@ module Aws::WAFV2
|
|
730
730
|
# To work with CloudFront, you must also specify the Region US East
|
731
731
|
# (N. Virginia) as follows:
|
732
732
|
#
|
733
|
-
# * CLI - Specify the
|
733
|
+
# * CLI - Specify the Region when you use the CloudFront scope:
|
734
734
|
# `--scope=CLOUDFRONT --region=us-east-1`.
|
735
735
|
#
|
736
736
|
# * API and SDKs - For all calls, use the Region endpoint us-east-1.
|
@@ -800,8 +800,8 @@ module Aws::WAFV2
|
|
800
800
|
# }
|
801
801
|
#
|
802
802
|
# @!attribute [rw] name
|
803
|
-
#
|
804
|
-
#
|
803
|
+
# The name of the IP set. You cannot change the name of an `IPSet`
|
804
|
+
# after you create it.
|
805
805
|
# @return [String]
|
806
806
|
#
|
807
807
|
# @!attribute [rw] scope
|
@@ -812,15 +812,15 @@ module Aws::WAFV2
|
|
812
812
|
# To work with CloudFront, you must also specify the Region US East
|
813
813
|
# (N. Virginia) as follows:
|
814
814
|
#
|
815
|
-
# * CLI - Specify the
|
815
|
+
# * CLI - Specify the Region when you use the CloudFront scope:
|
816
816
|
# `--scope=CLOUDFRONT --region=us-east-1`.
|
817
817
|
#
|
818
818
|
# * API and SDKs - For all calls, use the Region endpoint us-east-1.
|
819
819
|
# @return [String]
|
820
820
|
#
|
821
821
|
# @!attribute [rw] description
|
822
|
-
# A
|
823
|
-
# description of an IP set after you create it.
|
822
|
+
# A description of the IP set that helps with identification. You
|
823
|
+
# cannot change the description of an IP set after you create it.
|
824
824
|
# @return [String]
|
825
825
|
#
|
826
826
|
# @!attribute [rw] ip_address_version
|
@@ -913,8 +913,8 @@ module Aws::WAFV2
|
|
913
913
|
# }
|
914
914
|
#
|
915
915
|
# @!attribute [rw] name
|
916
|
-
#
|
917
|
-
#
|
916
|
+
# The name of the set. You cannot change the name after you create the
|
917
|
+
# set.
|
918
918
|
# @return [String]
|
919
919
|
#
|
920
920
|
# @!attribute [rw] scope
|
@@ -925,15 +925,15 @@ module Aws::WAFV2
|
|
925
925
|
# To work with CloudFront, you must also specify the Region US East
|
926
926
|
# (N. Virginia) as follows:
|
927
927
|
#
|
928
|
-
# * CLI - Specify the
|
928
|
+
# * CLI - Specify the Region when you use the CloudFront scope:
|
929
929
|
# `--scope=CLOUDFRONT --region=us-east-1`.
|
930
930
|
#
|
931
931
|
# * API and SDKs - For all calls, use the Region endpoint us-east-1.
|
932
932
|
# @return [String]
|
933
933
|
#
|
934
934
|
# @!attribute [rw] description
|
935
|
-
# A
|
936
|
-
# of a set after you create it.
|
935
|
+
# A description of the set that helps with identification. You cannot
|
936
|
+
# change the description of a set after you create it.
|
937
937
|
# @return [String]
|
938
938
|
#
|
939
939
|
# @!attribute [rw] regular_expression_list
|
@@ -1203,8 +1203,8 @@ module Aws::WAFV2
|
|
1203
1203
|
# }
|
1204
1204
|
#
|
1205
1205
|
# @!attribute [rw] name
|
1206
|
-
#
|
1207
|
-
#
|
1206
|
+
# The name of the rule group. You cannot change the name of a rule
|
1207
|
+
# group after you create it.
|
1208
1208
|
# @return [String]
|
1209
1209
|
#
|
1210
1210
|
# @!attribute [rw] scope
|
@@ -1215,7 +1215,7 @@ module Aws::WAFV2
|
|
1215
1215
|
# To work with CloudFront, you must also specify the Region US East
|
1216
1216
|
# (N. Virginia) as follows:
|
1217
1217
|
#
|
1218
|
-
# * CLI - Specify the
|
1218
|
+
# * CLI - Specify the Region when you use the CloudFront scope:
|
1219
1219
|
# `--scope=CLOUDFRONT --region=us-east-1`.
|
1220
1220
|
#
|
1221
1221
|
# * API and SDKs - For all calls, use the Region endpoint us-east-1.
|
@@ -1240,8 +1240,8 @@ module Aws::WAFV2
|
|
1240
1240
|
# @return [Integer]
|
1241
1241
|
#
|
1242
1242
|
# @!attribute [rw] description
|
1243
|
-
# A
|
1244
|
-
# description of a rule group after you create it.
|
1243
|
+
# A description of the rule group that helps with identification. You
|
1244
|
+
# cannot change the description of a rule group after you create it.
|
1245
1245
|
# @return [String]
|
1246
1246
|
#
|
1247
1247
|
# @!attribute [rw] rules
|
@@ -1526,8 +1526,8 @@ module Aws::WAFV2
|
|
1526
1526
|
# }
|
1527
1527
|
#
|
1528
1528
|
# @!attribute [rw] name
|
1529
|
-
#
|
1530
|
-
#
|
1529
|
+
# The name of the Web ACL. You cannot change the name of a Web ACL
|
1530
|
+
# after you create it.
|
1531
1531
|
# @return [String]
|
1532
1532
|
#
|
1533
1533
|
# @!attribute [rw] scope
|
@@ -1538,7 +1538,7 @@ module Aws::WAFV2
|
|
1538
1538
|
# To work with CloudFront, you must also specify the Region US East
|
1539
1539
|
# (N. Virginia) as follows:
|
1540
1540
|
#
|
1541
|
-
# * CLI - Specify the
|
1541
|
+
# * CLI - Specify the Region when you use the CloudFront scope:
|
1542
1542
|
# `--scope=CLOUDFRONT --region=us-east-1`.
|
1543
1543
|
#
|
1544
1544
|
# * API and SDKs - For all calls, use the Region endpoint us-east-1.
|
@@ -1550,8 +1550,8 @@ module Aws::WAFV2
|
|
1550
1550
|
# @return [Types::DefaultAction]
|
1551
1551
|
#
|
1552
1552
|
# @!attribute [rw] description
|
1553
|
-
# A
|
1554
|
-
# description of a Web ACL after you create it.
|
1553
|
+
# A description of the Web ACL that helps with identification. You
|
1554
|
+
# cannot change the description of a Web ACL after you create it.
|
1555
1555
|
# @return [String]
|
1556
1556
|
#
|
1557
1557
|
# @!attribute [rw] rules
|
@@ -1638,6 +1638,57 @@ module Aws::WAFV2
|
|
1638
1638
|
include Aws::Structure
|
1639
1639
|
end
|
1640
1640
|
|
1641
|
+
# @note When making an API call, you may pass DeleteFirewallManagerRuleGroupsRequest
|
1642
|
+
# data as a hash:
|
1643
|
+
#
|
1644
|
+
# {
|
1645
|
+
# web_acl_arn: "ResourceArn", # required
|
1646
|
+
# web_acl_lock_token: "LockToken", # required
|
1647
|
+
# }
|
1648
|
+
#
|
1649
|
+
# @!attribute [rw] web_acl_arn
|
1650
|
+
# The Amazon Resource Name (ARN) of the web ACL.
|
1651
|
+
# @return [String]
|
1652
|
+
#
|
1653
|
+
# @!attribute [rw] web_acl_lock_token
|
1654
|
+
# A token used for optimistic locking. AWS WAF returns a token to your
|
1655
|
+
# get and list requests, to mark the state of the entity at the time
|
1656
|
+
# of the request. To make changes to the entity associated with the
|
1657
|
+
# token, you provide the token to operations like update and delete.
|
1658
|
+
# AWS WAF uses the token to ensure that no changes have been made to
|
1659
|
+
# the entity since you last retrieved it. If a change has been made,
|
1660
|
+
# the update fails with a `WAFOptimisticLockException`. If this
|
1661
|
+
# happens, perform another get, and use the new token returned by that
|
1662
|
+
# operation.
|
1663
|
+
# @return [String]
|
1664
|
+
#
|
1665
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/DeleteFirewallManagerRuleGroupsRequest AWS API Documentation
|
1666
|
+
#
|
1667
|
+
class DeleteFirewallManagerRuleGroupsRequest < Struct.new(
|
1668
|
+
:web_acl_arn,
|
1669
|
+
:web_acl_lock_token)
|
1670
|
+
include Aws::Structure
|
1671
|
+
end
|
1672
|
+
|
1673
|
+
# @!attribute [rw] next_web_acl_lock_token
|
1674
|
+
# A token used for optimistic locking. AWS WAF returns a token to your
|
1675
|
+
# get and list requests, to mark the state of the entity at the time
|
1676
|
+
# of the request. To make changes to the entity associated with the
|
1677
|
+
# token, you provide the token to operations like update and delete.
|
1678
|
+
# AWS WAF uses the token to ensure that no changes have been made to
|
1679
|
+
# the entity since you last retrieved it. If a change has been made,
|
1680
|
+
# the update fails with a `WAFOptimisticLockException`. If this
|
1681
|
+
# happens, perform another get, and use the new token returned by that
|
1682
|
+
# operation.
|
1683
|
+
# @return [String]
|
1684
|
+
#
|
1685
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/DeleteFirewallManagerRuleGroupsResponse AWS API Documentation
|
1686
|
+
#
|
1687
|
+
class DeleteFirewallManagerRuleGroupsResponse < Struct.new(
|
1688
|
+
:next_web_acl_lock_token)
|
1689
|
+
include Aws::Structure
|
1690
|
+
end
|
1691
|
+
|
1641
1692
|
# @note When making an API call, you may pass DeleteIPSetRequest
|
1642
1693
|
# data as a hash:
|
1643
1694
|
#
|
@@ -1649,8 +1700,8 @@ module Aws::WAFV2
|
|
1649
1700
|
# }
|
1650
1701
|
#
|
1651
1702
|
# @!attribute [rw] name
|
1652
|
-
#
|
1653
|
-
#
|
1703
|
+
# The name of the IP set. You cannot change the name of an `IPSet`
|
1704
|
+
# after you create it.
|
1654
1705
|
# @return [String]
|
1655
1706
|
#
|
1656
1707
|
# @!attribute [rw] scope
|
@@ -1661,7 +1712,7 @@ module Aws::WAFV2
|
|
1661
1712
|
# To work with CloudFront, you must also specify the Region US East
|
1662
1713
|
# (N. Virginia) as follows:
|
1663
1714
|
#
|
1664
|
-
# * CLI - Specify the
|
1715
|
+
# * CLI - Specify the Region when you use the CloudFront scope:
|
1665
1716
|
# `--scope=CLOUDFRONT --region=us-east-1`.
|
1666
1717
|
#
|
1667
1718
|
# * API and SDKs - For all calls, use the Region endpoint us-east-1.
|
@@ -1722,6 +1773,31 @@ module Aws::WAFV2
|
|
1722
1773
|
#
|
1723
1774
|
class DeleteLoggingConfigurationResponse < Aws::EmptyStructure; end
|
1724
1775
|
|
1776
|
+
# @note When making an API call, you may pass DeletePermissionPolicyRequest
|
1777
|
+
# data as a hash:
|
1778
|
+
#
|
1779
|
+
# {
|
1780
|
+
# resource_arn: "ResourceArn", # required
|
1781
|
+
# }
|
1782
|
+
#
|
1783
|
+
# @!attribute [rw] resource_arn
|
1784
|
+
# The Amazon Resource Name (ARN) of the rule group from which you want
|
1785
|
+
# to delete the policy.
|
1786
|
+
#
|
1787
|
+
# You must be the owner of the rule group to perform this operation.
|
1788
|
+
# @return [String]
|
1789
|
+
#
|
1790
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/DeletePermissionPolicyRequest AWS API Documentation
|
1791
|
+
#
|
1792
|
+
class DeletePermissionPolicyRequest < Struct.new(
|
1793
|
+
:resource_arn)
|
1794
|
+
include Aws::Structure
|
1795
|
+
end
|
1796
|
+
|
1797
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/DeletePermissionPolicyResponse AWS API Documentation
|
1798
|
+
#
|
1799
|
+
class DeletePermissionPolicyResponse < Aws::EmptyStructure; end
|
1800
|
+
|
1725
1801
|
# @note When making an API call, you may pass DeleteRegexPatternSetRequest
|
1726
1802
|
# data as a hash:
|
1727
1803
|
#
|
@@ -1733,8 +1809,8 @@ module Aws::WAFV2
|
|
1733
1809
|
# }
|
1734
1810
|
#
|
1735
1811
|
# @!attribute [rw] name
|
1736
|
-
#
|
1737
|
-
#
|
1812
|
+
# The name of the set. You cannot change the name after you create the
|
1813
|
+
# set.
|
1738
1814
|
# @return [String]
|
1739
1815
|
#
|
1740
1816
|
# @!attribute [rw] scope
|
@@ -1745,7 +1821,7 @@ module Aws::WAFV2
|
|
1745
1821
|
# To work with CloudFront, you must also specify the Region US East
|
1746
1822
|
# (N. Virginia) as follows:
|
1747
1823
|
#
|
1748
|
-
# * CLI - Specify the
|
1824
|
+
# * CLI - Specify the Region when you use the CloudFront scope:
|
1749
1825
|
# `--scope=CLOUDFRONT --region=us-east-1`.
|
1750
1826
|
#
|
1751
1827
|
# * API and SDKs - For all calls, use the Region endpoint us-east-1.
|
@@ -1794,8 +1870,8 @@ module Aws::WAFV2
|
|
1794
1870
|
# }
|
1795
1871
|
#
|
1796
1872
|
# @!attribute [rw] name
|
1797
|
-
#
|
1798
|
-
#
|
1873
|
+
# The name of the rule group. You cannot change the name of a rule
|
1874
|
+
# group after you create it.
|
1799
1875
|
# @return [String]
|
1800
1876
|
#
|
1801
1877
|
# @!attribute [rw] scope
|
@@ -1806,7 +1882,7 @@ module Aws::WAFV2
|
|
1806
1882
|
# To work with CloudFront, you must also specify the Region US East
|
1807
1883
|
# (N. Virginia) as follows:
|
1808
1884
|
#
|
1809
|
-
# * CLI - Specify the
|
1885
|
+
# * CLI - Specify the Region when you use the CloudFront scope:
|
1810
1886
|
# `--scope=CLOUDFRONT --region=us-east-1`.
|
1811
1887
|
#
|
1812
1888
|
# * API and SDKs - For all calls, use the Region endpoint us-east-1.
|
@@ -1855,8 +1931,8 @@ module Aws::WAFV2
|
|
1855
1931
|
# }
|
1856
1932
|
#
|
1857
1933
|
# @!attribute [rw] name
|
1858
|
-
#
|
1859
|
-
#
|
1934
|
+
# The name of the Web ACL. You cannot change the name of a Web ACL
|
1935
|
+
# after you create it.
|
1860
1936
|
# @return [String]
|
1861
1937
|
#
|
1862
1938
|
# @!attribute [rw] scope
|
@@ -1867,7 +1943,7 @@ module Aws::WAFV2
|
|
1867
1943
|
# To work with CloudFront, you must also specify the Region US East
|
1868
1944
|
# (N. Virginia) as follows:
|
1869
1945
|
#
|
1870
|
-
# * CLI - Specify the
|
1946
|
+
# * CLI - Specify the Region when you use the CloudFront scope:
|
1871
1947
|
# `--scope=CLOUDFRONT --region=us-east-1`.
|
1872
1948
|
#
|
1873
1949
|
# * API and SDKs - For all calls, use the Region endpoint us-east-1.
|
@@ -1932,7 +2008,7 @@ module Aws::WAFV2
|
|
1932
2008
|
# To work with CloudFront, you must also specify the Region US East
|
1933
2009
|
# (N. Virginia) as follows:
|
1934
2010
|
#
|
1935
|
-
# * CLI - Specify the
|
2011
|
+
# * CLI - Specify the Region when you use the CloudFront scope:
|
1936
2012
|
# `--scope=CLOUDFRONT --region=us-east-1`.
|
1937
2013
|
#
|
1938
2014
|
# * API and SDKs - For all calls, use the Region endpoint us-east-1.
|
@@ -2042,8 +2118,11 @@ module Aws::WAFV2
|
|
2042
2118
|
# </note>
|
2043
2119
|
#
|
2044
2120
|
# The part of a web request that you want AWS WAF to inspect. Include
|
2045
|
-
# the `FieldToMatch`
|
2046
|
-
# specifications as needed, according to the type.
|
2121
|
+
# the single `FieldToMatch` type that you want to inspect, with
|
2122
|
+
# additional specifications as needed, according to the type. You
|
2123
|
+
# specify a single request component in `FieldToMatch` for each rule
|
2124
|
+
# statement that requires it. To inspect more than one component of a
|
2125
|
+
# web request, create a separate rule statement for each component.
|
2047
2126
|
#
|
2048
2127
|
#
|
2049
2128
|
#
|
@@ -2135,6 +2214,128 @@ module Aws::WAFV2
|
|
2135
2214
|
include Aws::Structure
|
2136
2215
|
end
|
2137
2216
|
|
2217
|
+
# A rule group that's defined for an AWS Firewall Manager WAF policy.
|
2218
|
+
#
|
2219
|
+
# @!attribute [rw] name
|
2220
|
+
# The name of the rule group. You cannot change the name of a rule
|
2221
|
+
# group after you create it.
|
2222
|
+
# @return [String]
|
2223
|
+
#
|
2224
|
+
# @!attribute [rw] priority
|
2225
|
+
# If you define more than one rule group in the first or last Firewall
|
2226
|
+
# Manager rule groups, AWS WAF evaluates each request against the rule
|
2227
|
+
# groups in order, starting from the lowest priority setting. The
|
2228
|
+
# priorities don't need to be consecutive, but they must all be
|
2229
|
+
# different.
|
2230
|
+
# @return [Integer]
|
2231
|
+
#
|
2232
|
+
# @!attribute [rw] firewall_manager_statement
|
2233
|
+
# The processing guidance for an AWS Firewall Manager rule. This is
|
2234
|
+
# like a regular rule Statement, but it can only contain a rule group
|
2235
|
+
# reference.
|
2236
|
+
# @return [Types::FirewallManagerStatement]
|
2237
|
+
#
|
2238
|
+
# @!attribute [rw] override_action
|
2239
|
+
# The override action to apply to the rules in a rule group. Used only
|
2240
|
+
# for rule statements that reference a rule group, like
|
2241
|
+
# `RuleGroupReferenceStatement` and `ManagedRuleGroupStatement`.
|
2242
|
+
#
|
2243
|
+
# Set the override action to none to leave the rule actions in effect.
|
2244
|
+
# Set it to count to only count matches, regardless of the rule action
|
2245
|
+
# settings.
|
2246
|
+
#
|
2247
|
+
# In a Rule, you must specify either this `OverrideAction` setting or
|
2248
|
+
# the rule `Action` setting, but not both:
|
2249
|
+
#
|
2250
|
+
# * If the rule statement references a rule group, use this override
|
2251
|
+
# action setting and not the action setting.
|
2252
|
+
#
|
2253
|
+
# * If the rule statement does not reference a rule group, use the
|
2254
|
+
# rule action setting and not this rule override action setting.
|
2255
|
+
# @return [Types::OverrideAction]
|
2256
|
+
#
|
2257
|
+
# @!attribute [rw] visibility_config
|
2258
|
+
# <note markdown="1"> This is the latest version of **AWS WAF**, named AWS WAFV2, released
|
2259
|
+
# in November, 2019. For information, including how to migrate your
|
2260
|
+
# AWS WAF resources from the prior release, see the [AWS WAF Developer
|
2261
|
+
# Guide][1].
|
2262
|
+
#
|
2263
|
+
# </note>
|
2264
|
+
#
|
2265
|
+
# Defines and enables Amazon CloudWatch metrics and web request sample
|
2266
|
+
# collection.
|
2267
|
+
#
|
2268
|
+
#
|
2269
|
+
#
|
2270
|
+
# [1]: https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html
|
2271
|
+
# @return [Types::VisibilityConfig]
|
2272
|
+
#
|
2273
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/FirewallManagerRuleGroup AWS API Documentation
|
2274
|
+
#
|
2275
|
+
class FirewallManagerRuleGroup < Struct.new(
|
2276
|
+
:name,
|
2277
|
+
:priority,
|
2278
|
+
:firewall_manager_statement,
|
2279
|
+
:override_action,
|
2280
|
+
:visibility_config)
|
2281
|
+
include Aws::Structure
|
2282
|
+
end
|
2283
|
+
|
2284
|
+
# The processing guidance for an AWS Firewall Manager rule. This is like
|
2285
|
+
# a regular rule Statement, but it can only contain a rule group
|
2286
|
+
# reference.
|
2287
|
+
#
|
2288
|
+
# @!attribute [rw] managed_rule_group_statement
|
2289
|
+
# <note markdown="1"> This is the latest version of **AWS WAF**, named AWS WAFV2, released
|
2290
|
+
# in November, 2019. For information, including how to migrate your
|
2291
|
+
# AWS WAF resources from the prior release, see the [AWS WAF Developer
|
2292
|
+
# Guide][1].
|
2293
|
+
#
|
2294
|
+
# </note>
|
2295
|
+
#
|
2296
|
+
# A rule statement used to run the rules that are defined in a managed
|
2297
|
+
# rule group. To use this, provide the vendor name and the name of the
|
2298
|
+
# rule group in this statement. You can retrieve the required names by
|
2299
|
+
# calling ListAvailableManagedRuleGroups.
|
2300
|
+
#
|
2301
|
+
# You can't nest a `ManagedRuleGroupStatement`, for example for use
|
2302
|
+
# inside a `NotStatement` or `OrStatement`. It can only be referenced
|
2303
|
+
# as a top-level statement within a rule.
|
2304
|
+
#
|
2305
|
+
#
|
2306
|
+
#
|
2307
|
+
# [1]: https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html
|
2308
|
+
# @return [Types::ManagedRuleGroupStatement]
|
2309
|
+
#
|
2310
|
+
# @!attribute [rw] rule_group_reference_statement
|
2311
|
+
# <note markdown="1"> This is the latest version of **AWS WAF**, named AWS WAFV2, released
|
2312
|
+
# in November, 2019. For information, including how to migrate your
|
2313
|
+
# AWS WAF resources from the prior release, see the [AWS WAF Developer
|
2314
|
+
# Guide][1].
|
2315
|
+
#
|
2316
|
+
# </note>
|
2317
|
+
#
|
2318
|
+
# A rule statement used to run the rules that are defined in a
|
2319
|
+
# RuleGroup. To use this, create a rule group with your rules, then
|
2320
|
+
# provide the ARN of the rule group in this statement.
|
2321
|
+
#
|
2322
|
+
# You cannot nest a `RuleGroupReferenceStatement`, for example for use
|
2323
|
+
# inside a `NotStatement` or `OrStatement`. It can only be referenced
|
2324
|
+
# as a top-level statement within a rule.
|
2325
|
+
#
|
2326
|
+
#
|
2327
|
+
#
|
2328
|
+
# [1]: https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html
|
2329
|
+
# @return [Types::RuleGroupReferenceStatement]
|
2330
|
+
#
|
2331
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/FirewallManagerStatement AWS API Documentation
|
2332
|
+
#
|
2333
|
+
class FirewallManagerStatement < Struct.new(
|
2334
|
+
:managed_rule_group_statement,
|
2335
|
+
:rule_group_reference_statement)
|
2336
|
+
include Aws::Structure
|
2337
|
+
end
|
2338
|
+
|
2138
2339
|
# <note markdown="1"> This is the latest version of **AWS WAF**, named AWS WAFV2, released
|
2139
2340
|
# in November, 2019. For information, including how to migrate your AWS
|
2140
2341
|
# WAF resources from the prior release, see the [AWS WAF Developer
|
@@ -2179,8 +2380,8 @@ module Aws::WAFV2
|
|
2179
2380
|
# }
|
2180
2381
|
#
|
2181
2382
|
# @!attribute [rw] name
|
2182
|
-
#
|
2183
|
-
#
|
2383
|
+
# The name of the IP set. You cannot change the name of an `IPSet`
|
2384
|
+
# after you create it.
|
2184
2385
|
# @return [String]
|
2185
2386
|
#
|
2186
2387
|
# @!attribute [rw] scope
|
@@ -2191,7 +2392,7 @@ module Aws::WAFV2
|
|
2191
2392
|
# To work with CloudFront, you must also specify the Region US East
|
2192
2393
|
# (N. Virginia) as follows:
|
2193
2394
|
#
|
2194
|
-
# * CLI - Specify the
|
2395
|
+
# * CLI - Specify the Region when you use the CloudFront scope:
|
2195
2396
|
# `--scope=CLOUDFRONT --region=us-east-1`.
|
2196
2397
|
#
|
2197
2398
|
# * API and SDKs - For all calls, use the Region endpoint us-east-1.
|
@@ -2265,6 +2466,36 @@ module Aws::WAFV2
|
|
2265
2466
|
include Aws::Structure
|
2266
2467
|
end
|
2267
2468
|
|
2469
|
+
# @note When making an API call, you may pass GetPermissionPolicyRequest
|
2470
|
+
# data as a hash:
|
2471
|
+
#
|
2472
|
+
# {
|
2473
|
+
# resource_arn: "ResourceArn", # required
|
2474
|
+
# }
|
2475
|
+
#
|
2476
|
+
# @!attribute [rw] resource_arn
|
2477
|
+
# The Amazon Resource Name (ARN) of the rule group for which you want
|
2478
|
+
# to get the policy.
|
2479
|
+
# @return [String]
|
2480
|
+
#
|
2481
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/GetPermissionPolicyRequest AWS API Documentation
|
2482
|
+
#
|
2483
|
+
class GetPermissionPolicyRequest < Struct.new(
|
2484
|
+
:resource_arn)
|
2485
|
+
include Aws::Structure
|
2486
|
+
end
|
2487
|
+
|
2488
|
+
# @!attribute [rw] policy
|
2489
|
+
# The IAM policy that is attached to the specified rule group.
|
2490
|
+
# @return [String]
|
2491
|
+
#
|
2492
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/GetPermissionPolicyResponse AWS API Documentation
|
2493
|
+
#
|
2494
|
+
class GetPermissionPolicyResponse < Struct.new(
|
2495
|
+
:policy)
|
2496
|
+
include Aws::Structure
|
2497
|
+
end
|
2498
|
+
|
2268
2499
|
# @note When making an API call, you may pass GetRateBasedStatementManagedKeysRequest
|
2269
2500
|
# data as a hash:
|
2270
2501
|
#
|
@@ -2283,15 +2514,15 @@ module Aws::WAFV2
|
|
2283
2514
|
# To work with CloudFront, you must also specify the Region US East
|
2284
2515
|
# (N. Virginia) as follows:
|
2285
2516
|
#
|
2286
|
-
# * CLI - Specify the
|
2517
|
+
# * CLI - Specify the Region when you use the CloudFront scope:
|
2287
2518
|
# `--scope=CLOUDFRONT --region=us-east-1`.
|
2288
2519
|
#
|
2289
2520
|
# * API and SDKs - For all calls, use the Region endpoint us-east-1.
|
2290
2521
|
# @return [String]
|
2291
2522
|
#
|
2292
2523
|
# @!attribute [rw] web_acl_name
|
2293
|
-
#
|
2294
|
-
#
|
2524
|
+
# The name of the Web ACL. You cannot change the name of a Web ACL
|
2525
|
+
# after you create it.
|
2295
2526
|
# @return [String]
|
2296
2527
|
#
|
2297
2528
|
# @!attribute [rw] web_acl_id
|
@@ -2340,8 +2571,8 @@ module Aws::WAFV2
|
|
2340
2571
|
# }
|
2341
2572
|
#
|
2342
2573
|
# @!attribute [rw] name
|
2343
|
-
#
|
2344
|
-
#
|
2574
|
+
# The name of the set. You cannot change the name after you create the
|
2575
|
+
# set.
|
2345
2576
|
# @return [String]
|
2346
2577
|
#
|
2347
2578
|
# @!attribute [rw] scope
|
@@ -2352,7 +2583,7 @@ module Aws::WAFV2
|
|
2352
2583
|
# To work with CloudFront, you must also specify the Region US East
|
2353
2584
|
# (N. Virginia) as follows:
|
2354
2585
|
#
|
2355
|
-
# * CLI - Specify the
|
2586
|
+
# * CLI - Specify the Region when you use the CloudFront scope:
|
2356
2587
|
# `--scope=CLOUDFRONT --region=us-east-1`.
|
2357
2588
|
#
|
2358
2589
|
# * API and SDKs - For all calls, use the Region endpoint us-east-1.
|
@@ -2406,8 +2637,8 @@ module Aws::WAFV2
|
|
2406
2637
|
# }
|
2407
2638
|
#
|
2408
2639
|
# @!attribute [rw] name
|
2409
|
-
#
|
2410
|
-
#
|
2640
|
+
# The name of the rule group. You cannot change the name of a rule
|
2641
|
+
# group after you create it.
|
2411
2642
|
# @return [String]
|
2412
2643
|
#
|
2413
2644
|
# @!attribute [rw] scope
|
@@ -2418,7 +2649,7 @@ module Aws::WAFV2
|
|
2418
2649
|
# To work with CloudFront, you must also specify the Region US East
|
2419
2650
|
# (N. Virginia) as follows:
|
2420
2651
|
#
|
2421
|
-
# * CLI - Specify the
|
2652
|
+
# * CLI - Specify the Region when you use the CloudFront scope:
|
2422
2653
|
# `--scope=CLOUDFRONT --region=us-east-1`.
|
2423
2654
|
#
|
2424
2655
|
# * API and SDKs - For all calls, use the Region endpoint us-east-1.
|
@@ -2494,7 +2725,7 @@ module Aws::WAFV2
|
|
2494
2725
|
# To work with CloudFront, you must also specify the Region US East
|
2495
2726
|
# (N. Virginia) as follows:
|
2496
2727
|
#
|
2497
|
-
# * CLI - Specify the
|
2728
|
+
# * CLI - Specify the Region when you use the CloudFront scope:
|
2498
2729
|
# `--scope=CLOUDFRONT --region=us-east-1`.
|
2499
2730
|
#
|
2500
2731
|
# * API and SDKs - For all calls, use the Region endpoint us-east-1.
|
@@ -2596,8 +2827,8 @@ module Aws::WAFV2
|
|
2596
2827
|
# }
|
2597
2828
|
#
|
2598
2829
|
# @!attribute [rw] name
|
2599
|
-
#
|
2600
|
-
#
|
2830
|
+
# The name of the Web ACL. You cannot change the name of a Web ACL
|
2831
|
+
# after you create it.
|
2601
2832
|
# @return [String]
|
2602
2833
|
#
|
2603
2834
|
# @!attribute [rw] scope
|
@@ -2608,7 +2839,7 @@ module Aws::WAFV2
|
|
2608
2839
|
# To work with CloudFront, you must also specify the Region US East
|
2609
2840
|
# (N. Virginia) as follows:
|
2610
2841
|
#
|
2611
|
-
# * CLI - Specify the
|
2842
|
+
# * CLI - Specify the Region when you use the CloudFront scope:
|
2612
2843
|
# `--scope=CLOUDFRONT --region=us-east-1`.
|
2613
2844
|
#
|
2614
2845
|
# * API and SDKs - For all calls, use the Region endpoint us-east-1.
|
@@ -2776,8 +3007,8 @@ module Aws::WAFV2
|
|
2776
3007
|
# [2]: https://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing
|
2777
3008
|
#
|
2778
3009
|
# @!attribute [rw] name
|
2779
|
-
#
|
2780
|
-
#
|
3010
|
+
# The name of the IP set. You cannot change the name of an `IPSet`
|
3011
|
+
# after you create it.
|
2781
3012
|
# @return [String]
|
2782
3013
|
#
|
2783
3014
|
# @!attribute [rw] id
|
@@ -2791,8 +3022,8 @@ module Aws::WAFV2
|
|
2791
3022
|
# @return [String]
|
2792
3023
|
#
|
2793
3024
|
# @!attribute [rw] description
|
2794
|
-
# A
|
2795
|
-
# description of an IP set after you create it.
|
3025
|
+
# A description of the IP set that helps with identification. You
|
3026
|
+
# cannot change the description of an IP set after you create it.
|
2796
3027
|
# @return [String]
|
2797
3028
|
#
|
2798
3029
|
# @!attribute [rw] ip_address_version
|
@@ -2903,8 +3134,8 @@ module Aws::WAFV2
|
|
2903
3134
|
# [1]: https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html
|
2904
3135
|
#
|
2905
3136
|
# @!attribute [rw] name
|
2906
|
-
#
|
2907
|
-
#
|
3137
|
+
# The name of the IP set. You cannot change the name of an `IPSet`
|
3138
|
+
# after you create it.
|
2908
3139
|
# @return [String]
|
2909
3140
|
#
|
2910
3141
|
# @!attribute [rw] id
|
@@ -2914,8 +3145,8 @@ module Aws::WAFV2
|
|
2914
3145
|
# @return [String]
|
2915
3146
|
#
|
2916
3147
|
# @!attribute [rw] description
|
2917
|
-
# A
|
2918
|
-
# description of an IP set after you create it.
|
3148
|
+
# A description of the IP set that helps with identification. You
|
3149
|
+
# cannot change the description of an IP set after you create it.
|
2919
3150
|
# @return [String]
|
2920
3151
|
#
|
2921
3152
|
# @!attribute [rw] lock_token
|
@@ -2962,7 +3193,7 @@ module Aws::WAFV2
|
|
2962
3193
|
# To work with CloudFront, you must also specify the Region US East
|
2963
3194
|
# (N. Virginia) as follows:
|
2964
3195
|
#
|
2965
|
-
# * CLI - Specify the
|
3196
|
+
# * CLI - Specify the Region when you use the CloudFront scope:
|
2966
3197
|
# `--scope=CLOUDFRONT --region=us-east-1`.
|
2967
3198
|
#
|
2968
3199
|
# * API and SDKs - For all calls, use the Region endpoint us-east-1.
|
@@ -3028,7 +3259,7 @@ module Aws::WAFV2
|
|
3028
3259
|
# To work with CloudFront, you must also specify the Region US East
|
3029
3260
|
# (N. Virginia) as follows:
|
3030
3261
|
#
|
3031
|
-
# * CLI - Specify the
|
3262
|
+
# * CLI - Specify the Region when you use the CloudFront scope:
|
3032
3263
|
# `--scope=CLOUDFRONT --region=us-east-1`.
|
3033
3264
|
#
|
3034
3265
|
# * API and SDKs - For all calls, use the Region endpoint us-east-1.
|
@@ -3096,7 +3327,7 @@ module Aws::WAFV2
|
|
3096
3327
|
# To work with CloudFront, you must also specify the Region US East
|
3097
3328
|
# (N. Virginia) as follows:
|
3098
3329
|
#
|
3099
|
-
# * CLI - Specify the
|
3330
|
+
# * CLI - Specify the Region when you use the CloudFront scope:
|
3100
3331
|
# `--scope=CLOUDFRONT --region=us-east-1`.
|
3101
3332
|
#
|
3102
3333
|
# * API and SDKs - For all calls, use the Region endpoint us-east-1.
|
@@ -3162,7 +3393,7 @@ module Aws::WAFV2
|
|
3162
3393
|
# To work with CloudFront, you must also specify the Region US East
|
3163
3394
|
# (N. Virginia) as follows:
|
3164
3395
|
#
|
3165
|
-
# * CLI - Specify the
|
3396
|
+
# * CLI - Specify the Region when you use the CloudFront scope:
|
3166
3397
|
# `--scope=CLOUDFRONT --region=us-east-1`.
|
3167
3398
|
#
|
3168
3399
|
# * API and SDKs - For all calls, use the Region endpoint us-east-1.
|
@@ -3266,7 +3497,7 @@ module Aws::WAFV2
|
|
3266
3497
|
# To work with CloudFront, you must also specify the Region US East
|
3267
3498
|
# (N. Virginia) as follows:
|
3268
3499
|
#
|
3269
|
-
# * CLI - Specify the
|
3500
|
+
# * CLI - Specify the Region when you use the CloudFront scope:
|
3270
3501
|
# `--scope=CLOUDFRONT --region=us-east-1`.
|
3271
3502
|
#
|
3272
3503
|
# * API and SDKs - For all calls, use the Region endpoint us-east-1.
|
@@ -3389,7 +3620,7 @@ module Aws::WAFV2
|
|
3389
3620
|
# To work with CloudFront, you must also specify the Region US East
|
3390
3621
|
# (N. Virginia) as follows:
|
3391
3622
|
#
|
3392
|
-
# * CLI - Specify the
|
3623
|
+
# * CLI - Specify the Region when you use the CloudFront scope:
|
3393
3624
|
# `--scope=CLOUDFRONT --region=us-east-1`.
|
3394
3625
|
#
|
3395
3626
|
# * API and SDKs - For all calls, use the Region endpoint us-east-1.
|
@@ -4089,21 +4320,22 @@ module Aws::WAFV2
|
|
4089
4320
|
include Aws::Structure
|
4090
4321
|
end
|
4091
4322
|
|
4092
|
-
#
|
4093
|
-
#
|
4094
|
-
#
|
4095
|
-
# Guide][1].
|
4096
|
-
#
|
4097
|
-
# </note>
|
4323
|
+
# The override action to apply to the rules in a rule group. Used only
|
4324
|
+
# for rule statements that reference a rule group, like
|
4325
|
+
# `RuleGroupReferenceStatement` and `ManagedRuleGroupStatement`.
|
4098
4326
|
#
|
4099
|
-
#
|
4100
|
-
#
|
4101
|
-
#
|
4102
|
-
# counts the match.
|
4327
|
+
# Set the override action to none to leave the rule actions in effect.
|
4328
|
+
# Set it to count to only count matches, regardless of the rule action
|
4329
|
+
# settings.
|
4103
4330
|
#
|
4331
|
+
# In a Rule, you must specify either this `OverrideAction` setting or
|
4332
|
+
# the rule `Action` setting, but not both:
|
4104
4333
|
#
|
4334
|
+
# * If the rule statement references a rule group, use this override
|
4335
|
+
# action setting and not the action setting.
|
4105
4336
|
#
|
4106
|
-
#
|
4337
|
+
# * If the rule statement does not reference a rule group, use the rule
|
4338
|
+
# action setting and not this rule override action setting.
|
4107
4339
|
#
|
4108
4340
|
# @note When making an API call, you may pass OverrideAction
|
4109
4341
|
# data as a hash:
|
@@ -4181,6 +4413,57 @@ module Aws::WAFV2
|
|
4181
4413
|
include Aws::Structure
|
4182
4414
|
end
|
4183
4415
|
|
4416
|
+
# @note When making an API call, you may pass PutPermissionPolicyRequest
|
4417
|
+
# data as a hash:
|
4418
|
+
#
|
4419
|
+
# {
|
4420
|
+
# resource_arn: "ResourceArn", # required
|
4421
|
+
# policy: "PolicyString", # required
|
4422
|
+
# }
|
4423
|
+
#
|
4424
|
+
# @!attribute [rw] resource_arn
|
4425
|
+
# The Amazon Resource Name (ARN) of the RuleGroup to which you want to
|
4426
|
+
# attach the policy.
|
4427
|
+
# @return [String]
|
4428
|
+
#
|
4429
|
+
# @!attribute [rw] policy
|
4430
|
+
# The policy to attach to the specified rule group.
|
4431
|
+
#
|
4432
|
+
# The policy specifications must conform to the following:
|
4433
|
+
#
|
4434
|
+
# * The policy must be composed using IAM Policy version 2012-10-17 or
|
4435
|
+
# version 2015-01-01.
|
4436
|
+
#
|
4437
|
+
# * The policy must include specifications for `Effect`, `Action`, and
|
4438
|
+
# `Principal`.
|
4439
|
+
#
|
4440
|
+
# * `Effect` must specify `Allow`.
|
4441
|
+
#
|
4442
|
+
# * `Action` must specify `wafv2:CreateWebACL`, `wafv2:UpdateWebACL`,
|
4443
|
+
# and `wafv2:PutFirewallManagerRuleGroups`. AWS WAF rejects any
|
4444
|
+
# extra actions or wildcard actions in the policy.
|
4445
|
+
#
|
4446
|
+
# * The policy must not include a `Resource` parameter.
|
4447
|
+
#
|
4448
|
+
# For more information, see [IAM Policies][1].
|
4449
|
+
#
|
4450
|
+
#
|
4451
|
+
#
|
4452
|
+
# [1]: https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html
|
4453
|
+
# @return [String]
|
4454
|
+
#
|
4455
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/PutPermissionPolicyRequest AWS API Documentation
|
4456
|
+
#
|
4457
|
+
class PutPermissionPolicyRequest < Struct.new(
|
4458
|
+
:resource_arn,
|
4459
|
+
:policy)
|
4460
|
+
include Aws::Structure
|
4461
|
+
end
|
4462
|
+
|
4463
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/PutPermissionPolicyResponse AWS API Documentation
|
4464
|
+
#
|
4465
|
+
class PutPermissionPolicyResponse < Aws::EmptyStructure; end
|
4466
|
+
|
4184
4467
|
# <note markdown="1"> This is the latest version of **AWS WAF**, named AWS WAFV2, released
|
4185
4468
|
# in November, 2019. For information, including how to migrate your AWS
|
4186
4469
|
# WAF resources from the prior release, see the [AWS WAF Developer
|
@@ -4548,8 +4831,8 @@ module Aws::WAFV2
|
|
4548
4831
|
# [1]: https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html
|
4549
4832
|
#
|
4550
4833
|
# @!attribute [rw] name
|
4551
|
-
#
|
4552
|
-
#
|
4834
|
+
# The name of the set. You cannot change the name after you create the
|
4835
|
+
# set.
|
4553
4836
|
# @return [String]
|
4554
4837
|
#
|
4555
4838
|
# @!attribute [rw] id
|
@@ -4563,8 +4846,8 @@ module Aws::WAFV2
|
|
4563
4846
|
# @return [String]
|
4564
4847
|
#
|
4565
4848
|
# @!attribute [rw] description
|
4566
|
-
# A
|
4567
|
-
# of a set after you create it.
|
4849
|
+
# A description of the set that helps with identification. You cannot
|
4850
|
+
# change the description of a set after you create it.
|
4568
4851
|
# @return [String]
|
4569
4852
|
#
|
4570
4853
|
# @!attribute [rw] regular_expression_list
|
@@ -4651,9 +4934,9 @@ module Aws::WAFV2
|
|
4651
4934
|
# Text transformations eliminate some of the unusual formatting that
|
4652
4935
|
# attackers use in web requests in an effort to bypass detection. If
|
4653
4936
|
# you specify one or more transformations in a rule statement, AWS WAF
|
4654
|
-
# performs all transformations on the content
|
4655
|
-
# `FieldToMatch`, starting from the lowest priority
|
4656
|
-
# inspecting the content for a match.
|
4937
|
+
# performs all transformations on the content of the request component
|
4938
|
+
# identified by `FieldToMatch`, starting from the lowest priority
|
4939
|
+
# setting, before inspecting the content for a match.
|
4657
4940
|
# @return [Array<Types::TextTransformation>]
|
4658
4941
|
#
|
4659
4942
|
# @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/RegexPatternSetReferenceStatement AWS API Documentation
|
@@ -4683,8 +4966,8 @@ module Aws::WAFV2
|
|
4683
4966
|
# [1]: https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html
|
4684
4967
|
#
|
4685
4968
|
# @!attribute [rw] name
|
4686
|
-
#
|
4687
|
-
#
|
4969
|
+
# The name of the data type instance. You cannot change the name after
|
4970
|
+
# you create the instance.
|
4688
4971
|
# @return [String]
|
4689
4972
|
#
|
4690
4973
|
# @!attribute [rw] id
|
@@ -4694,8 +4977,8 @@ module Aws::WAFV2
|
|
4694
4977
|
# @return [String]
|
4695
4978
|
#
|
4696
4979
|
# @!attribute [rw] description
|
4697
|
-
# A
|
4698
|
-
# of a set after you create it.
|
4980
|
+
# A description of the set that helps with identification. You cannot
|
4981
|
+
# change the description of a set after you create it.
|
4699
4982
|
# @return [String]
|
4700
4983
|
#
|
4701
4984
|
# @!attribute [rw] lock_token
|
@@ -4956,8 +5239,8 @@ module Aws::WAFV2
|
|
4956
5239
|
# }
|
4957
5240
|
#
|
4958
5241
|
# @!attribute [rw] name
|
4959
|
-
#
|
4960
|
-
#
|
5242
|
+
# The name of the rule. You can't change the name of a `Rule` after
|
5243
|
+
# you create it.
|
4961
5244
|
# @return [String]
|
4962
5245
|
#
|
4963
5246
|
# @!attribute [rw] priority
|
@@ -4975,15 +5258,40 @@ module Aws::WAFV2
|
|
4975
5258
|
#
|
4976
5259
|
# @!attribute [rw] action
|
4977
5260
|
# The action that AWS WAF should take on a web request when it matches
|
4978
|
-
# the rule
|
4979
|
-
#
|
5261
|
+
# the rule statement. Settings at the web ACL level can override the
|
5262
|
+
# rule action setting.
|
5263
|
+
#
|
5264
|
+
# This is used only for rules whose statements do not reference a rule
|
5265
|
+
# group. Rule statements that reference a rule group include
|
5266
|
+
# `RuleGroupReferenceStatement` and `ManagedRuleGroupStatement`.
|
5267
|
+
#
|
5268
|
+
# You must specify either this `Action` setting or the rule
|
5269
|
+
# `OverrideAction` setting, but not both:
|
5270
|
+
#
|
5271
|
+
# * If the rule statement does not reference a rule group, use this
|
5272
|
+
# rule action setting and not the rule override action setting.
|
5273
|
+
#
|
5274
|
+
# * If the rule statement references a rule group, use the override
|
5275
|
+
# action setting and not this action setting.
|
4980
5276
|
# @return [Types::RuleAction]
|
4981
5277
|
#
|
4982
5278
|
# @!attribute [rw] override_action
|
4983
|
-
# The action to
|
4984
|
-
#
|
4985
|
-
#
|
4986
|
-
#
|
5279
|
+
# The override action to apply to the rules in a rule group. Used only
|
5280
|
+
# for rule statements that reference a rule group, like
|
5281
|
+
# `RuleGroupReferenceStatement` and `ManagedRuleGroupStatement`.
|
5282
|
+
#
|
5283
|
+
# Set the override action to none to leave the rule actions in effect.
|
5284
|
+
# Set it to count to only count matches, regardless of the rule action
|
5285
|
+
# settings.
|
5286
|
+
#
|
5287
|
+
# In a Rule, you must specify either this `OverrideAction` setting or
|
5288
|
+
# the rule `Action` setting, but not both:
|
5289
|
+
#
|
5290
|
+
# * If the rule statement references a rule group, use this override
|
5291
|
+
# action setting and not the action setting.
|
5292
|
+
#
|
5293
|
+
# * If the rule statement does not reference a rule group, use the
|
5294
|
+
# rule action setting and not this rule override action setting.
|
4987
5295
|
# @return [Types::OverrideAction]
|
4988
5296
|
#
|
4989
5297
|
# @!attribute [rw] visibility_config
|
@@ -5069,8 +5377,8 @@ module Aws::WAFV2
|
|
5069
5377
|
# [1]: https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html
|
5070
5378
|
#
|
5071
5379
|
# @!attribute [rw] name
|
5072
|
-
#
|
5073
|
-
#
|
5380
|
+
# The name of the rule group. You cannot change the name of a rule
|
5381
|
+
# group after you create it.
|
5074
5382
|
# @return [String]
|
5075
5383
|
#
|
5076
5384
|
# @!attribute [rw] id
|
@@ -5102,8 +5410,8 @@ module Aws::WAFV2
|
|
5102
5410
|
# @return [String]
|
5103
5411
|
#
|
5104
5412
|
# @!attribute [rw] description
|
5105
|
-
# A
|
5106
|
-
# description of a rule group after you create it.
|
5413
|
+
# A description of the rule group that helps with identification. You
|
5414
|
+
# cannot change the description of a rule group after you create it.
|
5107
5415
|
# @return [String]
|
5108
5416
|
#
|
5109
5417
|
# @!attribute [rw] rules
|
@@ -5197,8 +5505,8 @@ module Aws::WAFV2
|
|
5197
5505
|
# [1]: https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html
|
5198
5506
|
#
|
5199
5507
|
# @!attribute [rw] name
|
5200
|
-
#
|
5201
|
-
#
|
5508
|
+
# The name of the data type instance. You cannot change the name after
|
5509
|
+
# you create the instance.
|
5202
5510
|
# @return [String]
|
5203
5511
|
#
|
5204
5512
|
# @!attribute [rw] id
|
@@ -5208,8 +5516,8 @@ module Aws::WAFV2
|
|
5208
5516
|
# @return [String]
|
5209
5517
|
#
|
5210
5518
|
# @!attribute [rw] description
|
5211
|
-
# A
|
5212
|
-
# description of a rule group after you create it.
|
5519
|
+
# A description of the rule group that helps with identification. You
|
5520
|
+
# cannot change the description of a rule group after you create it.
|
5213
5521
|
# @return [String]
|
5214
5522
|
#
|
5215
5523
|
# @!attribute [rw] lock_token
|
@@ -5486,9 +5794,9 @@ module Aws::WAFV2
|
|
5486
5794
|
# Text transformations eliminate some of the unusual formatting that
|
5487
5795
|
# attackers use in web requests in an effort to bypass detection. If
|
5488
5796
|
# you specify one or more transformations in a rule statement, AWS WAF
|
5489
|
-
# performs all transformations on the content
|
5490
|
-
# `FieldToMatch`, starting from the lowest priority
|
5491
|
-
# inspecting the content for a match.
|
5797
|
+
# performs all transformations on the content of the request component
|
5798
|
+
# identified by `FieldToMatch`, starting from the lowest priority
|
5799
|
+
# setting, before inspecting the content for a match.
|
5492
5800
|
# @return [Array<Types::TextTransformation>]
|
5493
5801
|
#
|
5494
5802
|
# @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/SizeConstraintStatement AWS API Documentation
|
@@ -5560,9 +5868,9 @@ module Aws::WAFV2
|
|
5560
5868
|
# Text transformations eliminate some of the unusual formatting that
|
5561
5869
|
# attackers use in web requests in an effort to bypass detection. If
|
5562
5870
|
# you specify one or more transformations in a rule statement, AWS WAF
|
5563
|
-
# performs all transformations on the content
|
5564
|
-
# `FieldToMatch`, starting from the lowest priority
|
5565
|
-
# inspecting the content for a match.
|
5871
|
+
# performs all transformations on the content of the request component
|
5872
|
+
# identified by `FieldToMatch`, starting from the lowest priority
|
5873
|
+
# setting, before inspecting the content for a match.
|
5566
5874
|
# @return [Array<Types::TextTransformation>]
|
5567
5875
|
#
|
5568
5876
|
# @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/SqliMatchStatement AWS API Documentation
|
@@ -6982,8 +7290,8 @@ module Aws::WAFV2
|
|
6982
7290
|
# }
|
6983
7291
|
#
|
6984
7292
|
# @!attribute [rw] name
|
6985
|
-
#
|
6986
|
-
#
|
7293
|
+
# The name of the IP set. You cannot change the name of an `IPSet`
|
7294
|
+
# after you create it.
|
6987
7295
|
# @return [String]
|
6988
7296
|
#
|
6989
7297
|
# @!attribute [rw] scope
|
@@ -6994,7 +7302,7 @@ module Aws::WAFV2
|
|
6994
7302
|
# To work with CloudFront, you must also specify the Region US East
|
6995
7303
|
# (N. Virginia) as follows:
|
6996
7304
|
#
|
6997
|
-
# * CLI - Specify the
|
7305
|
+
# * CLI - Specify the Region when you use the CloudFront scope:
|
6998
7306
|
# `--scope=CLOUDFRONT --region=us-east-1`.
|
6999
7307
|
#
|
7000
7308
|
# * API and SDKs - For all calls, use the Region endpoint us-east-1.
|
@@ -7007,8 +7315,8 @@ module Aws::WAFV2
|
|
7007
7315
|
# @return [String]
|
7008
7316
|
#
|
7009
7317
|
# @!attribute [rw] description
|
7010
|
-
# A
|
7011
|
-
# description of an IP set after you create it.
|
7318
|
+
# A description of the IP set that helps with identification. You
|
7319
|
+
# cannot change the description of an IP set after you create it.
|
7012
7320
|
# @return [String]
|
7013
7321
|
#
|
7014
7322
|
# @!attribute [rw] addresses
|
@@ -7100,8 +7408,8 @@ module Aws::WAFV2
|
|
7100
7408
|
# }
|
7101
7409
|
#
|
7102
7410
|
# @!attribute [rw] name
|
7103
|
-
#
|
7104
|
-
#
|
7411
|
+
# The name of the set. You cannot change the name after you create the
|
7412
|
+
# set.
|
7105
7413
|
# @return [String]
|
7106
7414
|
#
|
7107
7415
|
# @!attribute [rw] scope
|
@@ -7112,7 +7420,7 @@ module Aws::WAFV2
|
|
7112
7420
|
# To work with CloudFront, you must also specify the Region US East
|
7113
7421
|
# (N. Virginia) as follows:
|
7114
7422
|
#
|
7115
|
-
# * CLI - Specify the
|
7423
|
+
# * CLI - Specify the Region when you use the CloudFront scope:
|
7116
7424
|
# `--scope=CLOUDFRONT --region=us-east-1`.
|
7117
7425
|
#
|
7118
7426
|
# * API and SDKs - For all calls, use the Region endpoint us-east-1.
|
@@ -7125,8 +7433,8 @@ module Aws::WAFV2
|
|
7125
7433
|
# @return [String]
|
7126
7434
|
#
|
7127
7435
|
# @!attribute [rw] description
|
7128
|
-
# A
|
7129
|
-
# of a set after you create it.
|
7436
|
+
# A description of the set that helps with identification. You cannot
|
7437
|
+
# change the description of a set after you create it.
|
7130
7438
|
# @return [String]
|
7131
7439
|
#
|
7132
7440
|
# @!attribute [rw] regular_expression_list
|
@@ -7397,8 +7705,8 @@ module Aws::WAFV2
|
|
7397
7705
|
# }
|
7398
7706
|
#
|
7399
7707
|
# @!attribute [rw] name
|
7400
|
-
#
|
7401
|
-
#
|
7708
|
+
# The name of the rule group. You cannot change the name of a rule
|
7709
|
+
# group after you create it.
|
7402
7710
|
# @return [String]
|
7403
7711
|
#
|
7404
7712
|
# @!attribute [rw] scope
|
@@ -7409,7 +7717,7 @@ module Aws::WAFV2
|
|
7409
7717
|
# To work with CloudFront, you must also specify the Region US East
|
7410
7718
|
# (N. Virginia) as follows:
|
7411
7719
|
#
|
7412
|
-
# * CLI - Specify the
|
7720
|
+
# * CLI - Specify the Region when you use the CloudFront scope:
|
7413
7721
|
# `--scope=CLOUDFRONT --region=us-east-1`.
|
7414
7722
|
#
|
7415
7723
|
# * API and SDKs - For all calls, use the Region endpoint us-east-1.
|
@@ -7422,8 +7730,8 @@ module Aws::WAFV2
|
|
7422
7730
|
# @return [String]
|
7423
7731
|
#
|
7424
7732
|
# @!attribute [rw] description
|
7425
|
-
# A
|
7426
|
-
# description of a rule group after you create it.
|
7733
|
+
# A description of the rule group that helps with identification. You
|
7734
|
+
# cannot change the description of a rule group after you create it.
|
7427
7735
|
# @return [String]
|
7428
7736
|
#
|
7429
7737
|
# @!attribute [rw] rules
|
@@ -7710,8 +8018,8 @@ module Aws::WAFV2
|
|
7710
8018
|
# }
|
7711
8019
|
#
|
7712
8020
|
# @!attribute [rw] name
|
7713
|
-
#
|
7714
|
-
#
|
8021
|
+
# The name of the Web ACL. You cannot change the name of a Web ACL
|
8022
|
+
# after you create it.
|
7715
8023
|
# @return [String]
|
7716
8024
|
#
|
7717
8025
|
# @!attribute [rw] scope
|
@@ -7722,7 +8030,7 @@ module Aws::WAFV2
|
|
7722
8030
|
# To work with CloudFront, you must also specify the Region US East
|
7723
8031
|
# (N. Virginia) as follows:
|
7724
8032
|
#
|
7725
|
-
# * CLI - Specify the
|
8033
|
+
# * CLI - Specify the Region when you use the CloudFront scope:
|
7726
8034
|
# `--scope=CLOUDFRONT --region=us-east-1`.
|
7727
8035
|
#
|
7728
8036
|
# * API and SDKs - For all calls, use the Region endpoint us-east-1.
|
@@ -7740,8 +8048,8 @@ module Aws::WAFV2
|
|
7740
8048
|
# @return [Types::DefaultAction]
|
7741
8049
|
#
|
7742
8050
|
# @!attribute [rw] description
|
7743
|
-
# A
|
7744
|
-
# description of a Web ACL after you create it.
|
8051
|
+
# A description of the Web ACL that helps with identification. You
|
8052
|
+
# cannot change the description of a Web ACL after you create it.
|
7745
8053
|
# @return [String]
|
7746
8054
|
#
|
7747
8055
|
# @!attribute [rw] rules
|
@@ -7859,7 +8167,7 @@ module Aws::WAFV2
|
|
7859
8167
|
# @return [Boolean]
|
7860
8168
|
#
|
7861
8169
|
# @!attribute [rw] metric_name
|
7862
|
-
# A
|
8170
|
+
# A name of the CloudWatch metric. The name can contain only
|
7863
8171
|
# alphanumeric characters (A-Z, a-z, 0-9), with length from one to 128
|
7864
8172
|
# characters. It can't contain whitespace or metric names reserved
|
7865
8173
|
# for AWS WAF, for example "All" and "Default\_Action." You can't
|
@@ -7914,6 +8222,18 @@ module Aws::WAFV2
|
|
7914
8222
|
include Aws::Structure
|
7915
8223
|
end
|
7916
8224
|
|
8225
|
+
# The operation isn't valid.
|
8226
|
+
#
|
8227
|
+
# @!attribute [rw] message
|
8228
|
+
# @return [String]
|
8229
|
+
#
|
8230
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/WAFInvalidOperationException AWS API Documentation
|
8231
|
+
#
|
8232
|
+
class WAFInvalidOperationException < Struct.new(
|
8233
|
+
:message)
|
8234
|
+
include Aws::Structure
|
8235
|
+
end
|
8236
|
+
|
7917
8237
|
# The operation failed because AWS WAF didn't recognize a parameter in
|
7918
8238
|
# the request. For example:
|
7919
8239
|
#
|
@@ -7950,6 +8270,41 @@ module Aws::WAFV2
|
|
7950
8270
|
include Aws::Structure
|
7951
8271
|
end
|
7952
8272
|
|
8273
|
+
# The operation failed because the specified policy isn't in the proper
|
8274
|
+
# format.
|
8275
|
+
#
|
8276
|
+
# The policy specifications must conform to the following:
|
8277
|
+
#
|
8278
|
+
# * The policy must be composed using IAM Policy version 2012-10-17 or
|
8279
|
+
# version 2015-01-01.
|
8280
|
+
#
|
8281
|
+
# * The policy must include specifications for `Effect`, `Action`, and
|
8282
|
+
# `Principal`.
|
8283
|
+
#
|
8284
|
+
# * `Effect` must specify `Allow`.
|
8285
|
+
#
|
8286
|
+
# * `Action` must specify `wafv2:CreateWebACL`, `wafv2:UpdateWebACL`,
|
8287
|
+
# and `wafv2:PutFirewallManagerRuleGroups`. AWS WAF rejects any extra
|
8288
|
+
# actions or wildcard actions in the policy.
|
8289
|
+
#
|
8290
|
+
# * The policy must not include a `Resource` parameter.
|
8291
|
+
#
|
8292
|
+
# For more information, see [IAM Policies][1].
|
8293
|
+
#
|
8294
|
+
#
|
8295
|
+
#
|
8296
|
+
# [1]: https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html
|
8297
|
+
#
|
8298
|
+
# @!attribute [rw] message
|
8299
|
+
# @return [String]
|
8300
|
+
#
|
8301
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/WAFInvalidPermissionPolicyException AWS API Documentation
|
8302
|
+
#
|
8303
|
+
class WAFInvalidPermissionPolicyException < Struct.new(
|
8304
|
+
:message)
|
8305
|
+
include Aws::Structure
|
8306
|
+
end
|
8307
|
+
|
7953
8308
|
# AWS WAF couldn’t perform the operation because the resource that you
|
7954
8309
|
# requested isn’t valid. Check the resource, and try again.
|
7955
8310
|
#
|
@@ -8100,8 +8455,8 @@ module Aws::WAFV2
|
|
8100
8455
|
# [1]: https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html
|
8101
8456
|
#
|
8102
8457
|
# @!attribute [rw] name
|
8103
|
-
#
|
8104
|
-
#
|
8458
|
+
# The name of the Web ACL. You cannot change the name of a Web ACL
|
8459
|
+
# after you create it.
|
8105
8460
|
# @return [String]
|
8106
8461
|
#
|
8107
8462
|
# @!attribute [rw] id
|
@@ -8121,8 +8476,8 @@ module Aws::WAFV2
|
|
8121
8476
|
# @return [Types::DefaultAction]
|
8122
8477
|
#
|
8123
8478
|
# @!attribute [rw] description
|
8124
|
-
# A
|
8125
|
-
# description of a Web ACL after you create it.
|
8479
|
+
# A description of the Web ACL that helps with identification. You
|
8480
|
+
# cannot change the description of a Web ACL after you create it.
|
8126
8481
|
# @return [String]
|
8127
8482
|
#
|
8128
8483
|
# @!attribute [rw] rules
|
@@ -8151,6 +8506,38 @@ module Aws::WAFV2
|
|
8151
8506
|
# for web ACLs is 1,500.
|
8152
8507
|
# @return [Integer]
|
8153
8508
|
#
|
8509
|
+
# @!attribute [rw] pre_process_firewall_manager_rule_groups
|
8510
|
+
# The first set of rules for AWS WAF to process in the web ACL. This
|
8511
|
+
# is defined in an AWS Firewall Manager WAF policy and contains only
|
8512
|
+
# rule group references. You can't alter these. Any rules and rule
|
8513
|
+
# groups that you define for the web ACL are prioritized after these.
|
8514
|
+
#
|
8515
|
+
# In the Firewall Manager WAF policy, the Firewall Manager
|
8516
|
+
# administrator can define a set of rule groups to run first in the
|
8517
|
+
# web ACL and a set of rule groups to run last. Within each set, the
|
8518
|
+
# administrator prioritizes the rule groups, to determine their
|
8519
|
+
# relative processing order.
|
8520
|
+
# @return [Array<Types::FirewallManagerRuleGroup>]
|
8521
|
+
#
|
8522
|
+
# @!attribute [rw] post_process_firewall_manager_rule_groups
|
8523
|
+
# The last set of rules for AWS WAF to process in the web ACL. This is
|
8524
|
+
# defined in an AWS Firewall Manager WAF policy and contains only rule
|
8525
|
+
# group references. You can't alter these. Any rules and rule groups
|
8526
|
+
# that you define for the web ACL are prioritized before these.
|
8527
|
+
#
|
8528
|
+
# In the Firewall Manager WAF policy, the Firewall Manager
|
8529
|
+
# administrator can define a set of rule groups to run first in the
|
8530
|
+
# web ACL and a set of rule groups to run last. Within each set, the
|
8531
|
+
# administrator prioritizes the rule groups, to determine their
|
8532
|
+
# relative processing order.
|
8533
|
+
# @return [Array<Types::FirewallManagerRuleGroup>]
|
8534
|
+
#
|
8535
|
+
# @!attribute [rw] managed_by_firewall_manager
|
8536
|
+
# Indicates whether this web ACL is managed by AWS Firewall Manager.
|
8537
|
+
# If true, then only AWS Firewall Manager can delete the web ACL or
|
8538
|
+
# any Firewall Manager rule groups in the web ACL.
|
8539
|
+
# @return [Boolean]
|
8540
|
+
#
|
8154
8541
|
# @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/WebACL AWS API Documentation
|
8155
8542
|
#
|
8156
8543
|
class WebACL < Struct.new(
|
@@ -8161,7 +8548,10 @@ module Aws::WAFV2
|
|
8161
8548
|
:description,
|
8162
8549
|
:rules,
|
8163
8550
|
:visibility_config,
|
8164
|
-
:capacity
|
8551
|
+
:capacity,
|
8552
|
+
:pre_process_firewall_manager_rule_groups,
|
8553
|
+
:post_process_firewall_manager_rule_groups,
|
8554
|
+
:managed_by_firewall_manager)
|
8165
8555
|
include Aws::Structure
|
8166
8556
|
end
|
8167
8557
|
|
@@ -8182,8 +8572,8 @@ module Aws::WAFV2
|
|
8182
8572
|
# [1]: https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html
|
8183
8573
|
#
|
8184
8574
|
# @!attribute [rw] name
|
8185
|
-
#
|
8186
|
-
#
|
8575
|
+
# The name of the Web ACL. You cannot change the name of a Web ACL
|
8576
|
+
# after you create it.
|
8187
8577
|
# @return [String]
|
8188
8578
|
#
|
8189
8579
|
# @!attribute [rw] id
|
@@ -8193,8 +8583,8 @@ module Aws::WAFV2
|
|
8193
8583
|
# @return [String]
|
8194
8584
|
#
|
8195
8585
|
# @!attribute [rw] description
|
8196
|
-
# A
|
8197
|
-
# description of a Web ACL after you create it.
|
8586
|
+
# A description of the Web ACL that helps with identification. You
|
8587
|
+
# cannot change the description of a Web ACL after you create it.
|
8198
8588
|
# @return [String]
|
8199
8589
|
#
|
8200
8590
|
# @!attribute [rw] lock_token
|
@@ -8283,9 +8673,9 @@ module Aws::WAFV2
|
|
8283
8673
|
# Text transformations eliminate some of the unusual formatting that
|
8284
8674
|
# attackers use in web requests in an effort to bypass detection. If
|
8285
8675
|
# you specify one or more transformations in a rule statement, AWS WAF
|
8286
|
-
# performs all transformations on the content
|
8287
|
-
# `FieldToMatch`, starting from the lowest priority
|
8288
|
-
# inspecting the content for a match.
|
8676
|
+
# performs all transformations on the content of the request component
|
8677
|
+
# identified by `FieldToMatch`, starting from the lowest priority
|
8678
|
+
# setting, before inspecting the content for a match.
|
8289
8679
|
# @return [Array<Types::TextTransformation>]
|
8290
8680
|
#
|
8291
8681
|
# @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/XssMatchStatement AWS API Documentation
|