aws-sdk-wafv2 1.2.0 → 1.7.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +5 -5
- data/lib/aws-sdk-wafv2.rb +3 -1
- data/lib/aws-sdk-wafv2/client.rb +333 -103
- data/lib/aws-sdk-wafv2/client_api.rb +146 -0
- data/lib/aws-sdk-wafv2/errors.rb +34 -0
- data/lib/aws-sdk-wafv2/resource.rb +3 -7
- data/lib/aws-sdk-wafv2/types.rb +669 -148
- metadata +5 -5
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
|
-
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
2
|
+
SHA256:
|
3
|
+
metadata.gz: e35a1c5718ef3862e8853531a6ebf4c8579527fa7dc619ecf084a3216944bb39
|
4
|
+
data.tar.gz: 41d1b386598022436ba393455e9f07f81f9997420f085c1cb8dcfe5f5292d10b
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: '06916b576a81130f82ccc835751a72eeb573709673560f09b06d5cd7445d2888608cb28cb8bdf2704a8425c0147a6a3e478500d202638319dd46f4fd5dd54893'
|
7
|
+
data.tar.gz: aaf15f2e7fd6b7c85d325a3060d22c8606971d70502debf3bffa2faa2b4d253a7c5a5e5656f415a757dde588e023e5f128f2c1eccc55b6fc3a2a18f8b3375a90
|
data/lib/aws-sdk-wafv2.rb
CHANGED
@@ -1,3 +1,5 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
1
3
|
# WARNING ABOUT GENERATED CODE
|
2
4
|
#
|
3
5
|
# This file is generated. See the contributing guide for more information:
|
@@ -45,6 +47,6 @@ require_relative 'aws-sdk-wafv2/customizations'
|
|
45
47
|
# @service
|
46
48
|
module Aws::WAFV2
|
47
49
|
|
48
|
-
GEM_VERSION = '1.
|
50
|
+
GEM_VERSION = '1.7.0'
|
49
51
|
|
50
52
|
end
|
data/lib/aws-sdk-wafv2/client.rb
CHANGED
@@ -1,3 +1,5 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
1
3
|
# WARNING ABOUT GENERATED CODE
|
2
4
|
#
|
3
5
|
# This file is generated. See the contributing guide for more information:
|
@@ -24,6 +26,7 @@ require 'aws-sdk-core/plugins/jsonvalue_converter.rb'
|
|
24
26
|
require 'aws-sdk-core/plugins/client_metrics_plugin.rb'
|
25
27
|
require 'aws-sdk-core/plugins/client_metrics_send_plugin.rb'
|
26
28
|
require 'aws-sdk-core/plugins/transfer_encoding.rb'
|
29
|
+
require 'aws-sdk-core/plugins/http_checksum.rb'
|
27
30
|
require 'aws-sdk-core/plugins/signature_v4.rb'
|
28
31
|
require 'aws-sdk-core/plugins/protocols/json_rpc.rb'
|
29
32
|
|
@@ -32,11 +35,11 @@ Aws::Plugins::GlobalConfiguration.add_identifier(:wafv2)
|
|
32
35
|
module Aws::WAFV2
|
33
36
|
# An API client for WAFV2. To construct a client, you need to configure a `:region` and `:credentials`.
|
34
37
|
#
|
35
|
-
#
|
36
|
-
#
|
37
|
-
#
|
38
|
-
#
|
39
|
-
#
|
38
|
+
# client = Aws::WAFV2::Client.new(
|
39
|
+
# region: region_name,
|
40
|
+
# credentials: credentials,
|
41
|
+
# # ...
|
42
|
+
# )
|
40
43
|
#
|
41
44
|
# For details on configuring region and credentials see
|
42
45
|
# the [developer guide](/sdk-for-ruby/v3/developer-guide/setup-config.html).
|
@@ -69,6 +72,7 @@ module Aws::WAFV2
|
|
69
72
|
add_plugin(Aws::Plugins::ClientMetricsPlugin)
|
70
73
|
add_plugin(Aws::Plugins::ClientMetricsSendPlugin)
|
71
74
|
add_plugin(Aws::Plugins::TransferEncoding)
|
75
|
+
add_plugin(Aws::Plugins::HttpChecksum)
|
72
76
|
add_plugin(Aws::Plugins::SignatureV4)
|
73
77
|
add_plugin(Aws::Plugins::Protocols::JsonRpc)
|
74
78
|
|
@@ -105,7 +109,7 @@ module Aws::WAFV2
|
|
105
109
|
# @option options [required, String] :region
|
106
110
|
# The AWS region to connect to. The configured `:region` is
|
107
111
|
# used to determine the service `:endpoint`. When not passed,
|
108
|
-
# a default `:region` is
|
112
|
+
# a default `:region` is searched for in the following locations:
|
109
113
|
#
|
110
114
|
# * `Aws.config[:region]`
|
111
115
|
# * `ENV['AWS_REGION']`
|
@@ -161,7 +165,7 @@ module Aws::WAFV2
|
|
161
165
|
# @option options [String] :endpoint
|
162
166
|
# The client endpoint is normally constructed from the `:region`
|
163
167
|
# option. You should only configure an `:endpoint` when connecting
|
164
|
-
# to test endpoints. This should be
|
168
|
+
# to test or custom endpoints. This should be a valid HTTP(S) URI.
|
165
169
|
#
|
166
170
|
# @option options [Integer] :endpoint_cache_max_entries (1000)
|
167
171
|
# Used for the maximum size limit of the LRU cache storing endpoints data
|
@@ -176,7 +180,7 @@ module Aws::WAFV2
|
|
176
180
|
# requests fetching endpoints information. Defaults to 60 sec.
|
177
181
|
#
|
178
182
|
# @option options [Boolean] :endpoint_discovery (false)
|
179
|
-
# When set to `true`, endpoint discovery will be enabled for operations when available.
|
183
|
+
# When set to `true`, endpoint discovery will be enabled for operations when available.
|
180
184
|
#
|
181
185
|
# @option options [Aws::Log::Formatter] :log_formatter (Aws::Log::Formatter.default)
|
182
186
|
# The log formatter.
|
@@ -229,15 +233,19 @@ module Aws::WAFV2
|
|
229
233
|
#
|
230
234
|
# @option options [String] :retry_mode ("legacy")
|
231
235
|
# Specifies which retry algorithm to use. Values are:
|
232
|
-
#
|
233
|
-
#
|
234
|
-
#
|
235
|
-
#
|
236
|
-
#
|
237
|
-
#
|
238
|
-
#
|
239
|
-
#
|
240
|
-
#
|
236
|
+
#
|
237
|
+
# * `legacy` - The pre-existing retry behavior. This is default value if
|
238
|
+
# no retry mode is provided.
|
239
|
+
#
|
240
|
+
# * `standard` - A standardized set of retry rules across the AWS SDKs.
|
241
|
+
# This includes support for retry quotas, which limit the number of
|
242
|
+
# unsuccessful retries a client can make.
|
243
|
+
#
|
244
|
+
# * `adaptive` - An experimental retry mode that includes all the
|
245
|
+
# functionality of `standard` mode along with automatic client side
|
246
|
+
# throttling. This is a provisional mode that may change behavior
|
247
|
+
# in the future.
|
248
|
+
#
|
241
249
|
#
|
242
250
|
# @option options [String] :secret_access_key
|
243
251
|
#
|
@@ -275,8 +283,7 @@ module Aws::WAFV2
|
|
275
283
|
#
|
276
284
|
# @option options [Integer] :http_read_timeout (60) The default
|
277
285
|
# number of seconds to wait for response data. This value can
|
278
|
-
# safely be set
|
279
|
-
# per-request on the session yielded by {#session_for}.
|
286
|
+
# safely be set per-request on the session.
|
280
287
|
#
|
281
288
|
# @option options [Float] :http_idle_timeout (5) The number of
|
282
289
|
# seconds a connection is allowed to sit idle before it is
|
@@ -288,7 +295,7 @@ module Aws::WAFV2
|
|
288
295
|
# request body. This option has no effect unless the request has
|
289
296
|
# "Expect" header set to "100-continue". Defaults to `nil` which
|
290
297
|
# disables this behaviour. This value can safely be set per
|
291
|
-
# request on the session
|
298
|
+
# request on the session.
|
292
299
|
#
|
293
300
|
# @option options [Boolean] :http_wire_trace (false) When `true`,
|
294
301
|
# HTTP debug output will be sent to the `:logger`.
|
@@ -326,9 +333,11 @@ module Aws::WAFV2
|
|
326
333
|
# the resource. A regional application can be an Application Load
|
327
334
|
# Balancer (ALB) or an API Gateway stage.
|
328
335
|
#
|
329
|
-
# For AWS CloudFront,
|
330
|
-
#
|
331
|
-
#
|
336
|
+
# For AWS CloudFront, don't use this call. Instead, use your CloudFront
|
337
|
+
# distribution configuration. To associate a Web ACL, in the CloudFront
|
338
|
+
# call `UpdateDistribution`, set the web ACL ID to the Amazon Resource
|
339
|
+
# Name (ARN) of the Web ACL. For information, see
|
340
|
+
# [UpdateDistribution][2].
|
332
341
|
#
|
333
342
|
#
|
334
343
|
#
|
@@ -402,7 +411,7 @@ module Aws::WAFV2
|
|
402
411
|
# To work with CloudFront, you must also specify the Region US East (N.
|
403
412
|
# Virginia) as follows:
|
404
413
|
#
|
405
|
-
# * CLI - Specify the
|
414
|
+
# * CLI - Specify the Region when you use the CloudFront scope:
|
406
415
|
# `--scope=CLOUDFRONT --region=us-east-1`.
|
407
416
|
#
|
408
417
|
# * API and SDKs - For all calls, use the Region endpoint us-east-1.
|
@@ -663,8 +672,8 @@ module Aws::WAFV2
|
|
663
672
|
# [1]: https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html
|
664
673
|
#
|
665
674
|
# @option params [required, String] :name
|
666
|
-
#
|
667
|
-
#
|
675
|
+
# The name of the IP set. You cannot change the name of an `IPSet` after
|
676
|
+
# you create it.
|
668
677
|
#
|
669
678
|
# @option params [required, String] :scope
|
670
679
|
# Specifies whether this is for an AWS CloudFront distribution or for a
|
@@ -674,14 +683,14 @@ module Aws::WAFV2
|
|
674
683
|
# To work with CloudFront, you must also specify the Region US East (N.
|
675
684
|
# Virginia) as follows:
|
676
685
|
#
|
677
|
-
# * CLI - Specify the
|
686
|
+
# * CLI - Specify the Region when you use the CloudFront scope:
|
678
687
|
# `--scope=CLOUDFRONT --region=us-east-1`.
|
679
688
|
#
|
680
689
|
# * API and SDKs - For all calls, use the Region endpoint us-east-1.
|
681
690
|
#
|
682
691
|
# @option params [String] :description
|
683
|
-
# A
|
684
|
-
# description of an IP set after you create it.
|
692
|
+
# A description of the IP set that helps with identification. You cannot
|
693
|
+
# change the description of an IP set after you create it.
|
685
694
|
#
|
686
695
|
# @option params [required, String] :ip_address_version
|
687
696
|
# Specify IPV4 or IPV6.
|
@@ -774,8 +783,8 @@ module Aws::WAFV2
|
|
774
783
|
# [1]: https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html
|
775
784
|
#
|
776
785
|
# @option params [required, String] :name
|
777
|
-
#
|
778
|
-
#
|
786
|
+
# The name of the set. You cannot change the name after you create the
|
787
|
+
# set.
|
779
788
|
#
|
780
789
|
# @option params [required, String] :scope
|
781
790
|
# Specifies whether this is for an AWS CloudFront distribution or for a
|
@@ -785,14 +794,14 @@ module Aws::WAFV2
|
|
785
794
|
# To work with CloudFront, you must also specify the Region US East (N.
|
786
795
|
# Virginia) as follows:
|
787
796
|
#
|
788
|
-
# * CLI - Specify the
|
797
|
+
# * CLI - Specify the Region when you use the CloudFront scope:
|
789
798
|
# `--scope=CLOUDFRONT --region=us-east-1`.
|
790
799
|
#
|
791
800
|
# * API and SDKs - For all calls, use the Region endpoint us-east-1.
|
792
801
|
#
|
793
802
|
# @option params [String] :description
|
794
|
-
# A
|
795
|
-
# of a set after you create it.
|
803
|
+
# A description of the set that helps with identification. You cannot
|
804
|
+
# change the description of a set after you create it.
|
796
805
|
#
|
797
806
|
# @option params [required, Array<Types::Regex>] :regular_expression_list
|
798
807
|
# Array of regular expression strings.
|
@@ -860,8 +869,8 @@ module Aws::WAFV2
|
|
860
869
|
# [1]: https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html
|
861
870
|
#
|
862
871
|
# @option params [required, String] :name
|
863
|
-
#
|
864
|
-
#
|
872
|
+
# The name of the rule group. You cannot change the name of a rule group
|
873
|
+
# after you create it.
|
865
874
|
#
|
866
875
|
# @option params [required, String] :scope
|
867
876
|
# Specifies whether this is for an AWS CloudFront distribution or for a
|
@@ -871,7 +880,7 @@ module Aws::WAFV2
|
|
871
880
|
# To work with CloudFront, you must also specify the Region US East (N.
|
872
881
|
# Virginia) as follows:
|
873
882
|
#
|
874
|
-
# * CLI - Specify the
|
883
|
+
# * CLI - Specify the Region when you use the CloudFront scope:
|
875
884
|
# `--scope=CLOUDFRONT --region=us-east-1`.
|
876
885
|
#
|
877
886
|
# * API and SDKs - For all calls, use the Region endpoint us-east-1.
|
@@ -894,8 +903,8 @@ module Aws::WAFV2
|
|
894
903
|
# ACLs is 1,500.
|
895
904
|
#
|
896
905
|
# @option params [String] :description
|
897
|
-
# A
|
898
|
-
# description of a rule group after you create it.
|
906
|
+
# A description of the rule group that helps with identification. You
|
907
|
+
# cannot change the description of a rule group after you create it.
|
899
908
|
#
|
900
909
|
# @option params [Array<Types::Rule>] :rules
|
901
910
|
# The Rule statements used to identify the web requests that you want to
|
@@ -1186,8 +1195,8 @@ module Aws::WAFV2
|
|
1186
1195
|
# [1]: https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html
|
1187
1196
|
#
|
1188
1197
|
# @option params [required, String] :name
|
1189
|
-
#
|
1190
|
-
#
|
1198
|
+
# The name of the Web ACL. You cannot change the name of a Web ACL after
|
1199
|
+
# you create it.
|
1191
1200
|
#
|
1192
1201
|
# @option params [required, String] :scope
|
1193
1202
|
# Specifies whether this is for an AWS CloudFront distribution or for a
|
@@ -1197,7 +1206,7 @@ module Aws::WAFV2
|
|
1197
1206
|
# To work with CloudFront, you must also specify the Region US East (N.
|
1198
1207
|
# Virginia) as follows:
|
1199
1208
|
#
|
1200
|
-
# * CLI - Specify the
|
1209
|
+
# * CLI - Specify the Region when you use the CloudFront scope:
|
1201
1210
|
# `--scope=CLOUDFRONT --region=us-east-1`.
|
1202
1211
|
#
|
1203
1212
|
# * API and SDKs - For all calls, use the Region endpoint us-east-1.
|
@@ -1207,8 +1216,8 @@ module Aws::WAFV2
|
|
1207
1216
|
# match.
|
1208
1217
|
#
|
1209
1218
|
# @option params [String] :description
|
1210
|
-
# A
|
1211
|
-
# description of a Web ACL after you create it.
|
1219
|
+
# A description of the Web ACL that helps with identification. You
|
1220
|
+
# cannot change the description of a Web ACL after you create it.
|
1212
1221
|
#
|
1213
1222
|
# @option params [Array<Types::Rule>] :rules
|
1214
1223
|
# The Rule statements used to identify the web requests that you want to
|
@@ -1480,6 +1489,49 @@ module Aws::WAFV2
|
|
1480
1489
|
req.send_request(options)
|
1481
1490
|
end
|
1482
1491
|
|
1492
|
+
# Deletes all rule groups that are managed by AWS Firewall Manager for
|
1493
|
+
# the specified web ACL.
|
1494
|
+
#
|
1495
|
+
# You can only use this if `ManagedByFirewallManager` is false in the
|
1496
|
+
# specified WebACL.
|
1497
|
+
#
|
1498
|
+
# @option params [required, String] :web_acl_arn
|
1499
|
+
# The Amazon Resource Name (ARN) of the web ACL.
|
1500
|
+
#
|
1501
|
+
# @option params [required, String] :web_acl_lock_token
|
1502
|
+
# A token used for optimistic locking. AWS WAF returns a token to your
|
1503
|
+
# get and list requests, to mark the state of the entity at the time of
|
1504
|
+
# the request. To make changes to the entity associated with the token,
|
1505
|
+
# you provide the token to operations like update and delete. AWS WAF
|
1506
|
+
# uses the token to ensure that no changes have been made to the entity
|
1507
|
+
# since you last retrieved it. If a change has been made, the update
|
1508
|
+
# fails with a `WAFOptimisticLockException`. If this happens, perform
|
1509
|
+
# another get, and use the new token returned by that operation.
|
1510
|
+
#
|
1511
|
+
# @return [Types::DeleteFirewallManagerRuleGroupsResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
1512
|
+
#
|
1513
|
+
# * {Types::DeleteFirewallManagerRuleGroupsResponse#next_web_acl_lock_token #next_web_acl_lock_token} => String
|
1514
|
+
#
|
1515
|
+
# @example Request syntax with placeholder values
|
1516
|
+
#
|
1517
|
+
# resp = client.delete_firewall_manager_rule_groups({
|
1518
|
+
# web_acl_arn: "ResourceArn", # required
|
1519
|
+
# web_acl_lock_token: "LockToken", # required
|
1520
|
+
# })
|
1521
|
+
#
|
1522
|
+
# @example Response structure
|
1523
|
+
#
|
1524
|
+
# resp.next_web_acl_lock_token #=> String
|
1525
|
+
#
|
1526
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/DeleteFirewallManagerRuleGroups AWS API Documentation
|
1527
|
+
#
|
1528
|
+
# @overload delete_firewall_manager_rule_groups(params = {})
|
1529
|
+
# @param [Hash] params ({})
|
1530
|
+
def delete_firewall_manager_rule_groups(params = {}, options = {})
|
1531
|
+
req = build_request(:delete_firewall_manager_rule_groups, params)
|
1532
|
+
req.send_request(options)
|
1533
|
+
end
|
1534
|
+
|
1483
1535
|
# <note markdown="1"> This is the latest version of **AWS WAF**, named AWS WAFV2, released
|
1484
1536
|
# in November, 2019. For information, including how to migrate your AWS
|
1485
1537
|
# WAF resources from the prior release, see the [AWS WAF Developer
|
@@ -1494,8 +1546,8 @@ module Aws::WAFV2
|
|
1494
1546
|
# [1]: https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html
|
1495
1547
|
#
|
1496
1548
|
# @option params [required, String] :name
|
1497
|
-
#
|
1498
|
-
#
|
1549
|
+
# The name of the IP set. You cannot change the name of an `IPSet` after
|
1550
|
+
# you create it.
|
1499
1551
|
#
|
1500
1552
|
# @option params [required, String] :scope
|
1501
1553
|
# Specifies whether this is for an AWS CloudFront distribution or for a
|
@@ -1505,7 +1557,7 @@ module Aws::WAFV2
|
|
1505
1557
|
# To work with CloudFront, you must also specify the Region US East (N.
|
1506
1558
|
# Virginia) as follows:
|
1507
1559
|
#
|
1508
|
-
# * CLI - Specify the
|
1560
|
+
# * CLI - Specify the Region when you use the CloudFront scope:
|
1509
1561
|
# `--scope=CLOUDFRONT --region=us-east-1`.
|
1510
1562
|
#
|
1511
1563
|
# * API and SDKs - For all calls, use the Region endpoint us-east-1.
|
@@ -1579,6 +1631,33 @@ module Aws::WAFV2
|
|
1579
1631
|
req.send_request(options)
|
1580
1632
|
end
|
1581
1633
|
|
1634
|
+
# Permanently deletes an IAM policy from the specified rule group.
|
1635
|
+
#
|
1636
|
+
# You must be the owner of the rule group to perform this operation.
|
1637
|
+
#
|
1638
|
+
# @option params [required, String] :resource_arn
|
1639
|
+
# The Amazon Resource Name (ARN) of the rule group from which you want
|
1640
|
+
# to delete the policy.
|
1641
|
+
#
|
1642
|
+
# You must be the owner of the rule group to perform this operation.
|
1643
|
+
#
|
1644
|
+
# @return [Struct] Returns an empty {Seahorse::Client::Response response}.
|
1645
|
+
#
|
1646
|
+
# @example Request syntax with placeholder values
|
1647
|
+
#
|
1648
|
+
# resp = client.delete_permission_policy({
|
1649
|
+
# resource_arn: "ResourceArn", # required
|
1650
|
+
# })
|
1651
|
+
#
|
1652
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/DeletePermissionPolicy AWS API Documentation
|
1653
|
+
#
|
1654
|
+
# @overload delete_permission_policy(params = {})
|
1655
|
+
# @param [Hash] params ({})
|
1656
|
+
def delete_permission_policy(params = {}, options = {})
|
1657
|
+
req = build_request(:delete_permission_policy, params)
|
1658
|
+
req.send_request(options)
|
1659
|
+
end
|
1660
|
+
|
1582
1661
|
# <note markdown="1"> This is the latest version of **AWS WAF**, named AWS WAFV2, released
|
1583
1662
|
# in November, 2019. For information, including how to migrate your AWS
|
1584
1663
|
# WAF resources from the prior release, see the [AWS WAF Developer
|
@@ -1593,8 +1672,8 @@ module Aws::WAFV2
|
|
1593
1672
|
# [1]: https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html
|
1594
1673
|
#
|
1595
1674
|
# @option params [required, String] :name
|
1596
|
-
#
|
1597
|
-
#
|
1675
|
+
# The name of the set. You cannot change the name after you create the
|
1676
|
+
# set.
|
1598
1677
|
#
|
1599
1678
|
# @option params [required, String] :scope
|
1600
1679
|
# Specifies whether this is for an AWS CloudFront distribution or for a
|
@@ -1604,7 +1683,7 @@ module Aws::WAFV2
|
|
1604
1683
|
# To work with CloudFront, you must also specify the Region US East (N.
|
1605
1684
|
# Virginia) as follows:
|
1606
1685
|
#
|
1607
|
-
# * CLI - Specify the
|
1686
|
+
# * CLI - Specify the Region when you use the CloudFront scope:
|
1608
1687
|
# `--scope=CLOUDFRONT --region=us-east-1`.
|
1609
1688
|
#
|
1610
1689
|
# * API and SDKs - For all calls, use the Region endpoint us-east-1.
|
@@ -1658,8 +1737,8 @@ module Aws::WAFV2
|
|
1658
1737
|
# [1]: https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html
|
1659
1738
|
#
|
1660
1739
|
# @option params [required, String] :name
|
1661
|
-
#
|
1662
|
-
#
|
1740
|
+
# The name of the rule group. You cannot change the name of a rule group
|
1741
|
+
# after you create it.
|
1663
1742
|
#
|
1664
1743
|
# @option params [required, String] :scope
|
1665
1744
|
# Specifies whether this is for an AWS CloudFront distribution or for a
|
@@ -1669,7 +1748,7 @@ module Aws::WAFV2
|
|
1669
1748
|
# To work with CloudFront, you must also specify the Region US East (N.
|
1670
1749
|
# Virginia) as follows:
|
1671
1750
|
#
|
1672
|
-
# * CLI - Specify the
|
1751
|
+
# * CLI - Specify the Region when you use the CloudFront scope:
|
1673
1752
|
# `--scope=CLOUDFRONT --region=us-east-1`.
|
1674
1753
|
#
|
1675
1754
|
# * API and SDKs - For all calls, use the Region endpoint us-east-1.
|
@@ -1718,13 +1797,16 @@ module Aws::WAFV2
|
|
1718
1797
|
#
|
1719
1798
|
# Deletes the specified WebACL.
|
1720
1799
|
#
|
1800
|
+
# You can only use this if `ManagedByFirewallManager` is false in the
|
1801
|
+
# specified WebACL.
|
1802
|
+
#
|
1721
1803
|
#
|
1722
1804
|
#
|
1723
1805
|
# [1]: https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html
|
1724
1806
|
#
|
1725
1807
|
# @option params [required, String] :name
|
1726
|
-
#
|
1727
|
-
#
|
1808
|
+
# The name of the Web ACL. You cannot change the name of a Web ACL after
|
1809
|
+
# you create it.
|
1728
1810
|
#
|
1729
1811
|
# @option params [required, String] :scope
|
1730
1812
|
# Specifies whether this is for an AWS CloudFront distribution or for a
|
@@ -1734,7 +1816,7 @@ module Aws::WAFV2
|
|
1734
1816
|
# To work with CloudFront, you must also specify the Region US East (N.
|
1735
1817
|
# Virginia) as follows:
|
1736
1818
|
#
|
1737
|
-
# * CLI - Specify the
|
1819
|
+
# * CLI - Specify the Region when you use the CloudFront scope:
|
1738
1820
|
# `--scope=CLOUDFRONT --region=us-east-1`.
|
1739
1821
|
#
|
1740
1822
|
# * API and SDKs - For all calls, use the Region endpoint us-east-1.
|
@@ -1804,7 +1886,7 @@ module Aws::WAFV2
|
|
1804
1886
|
# To work with CloudFront, you must also specify the Region US East (N.
|
1805
1887
|
# Virginia) as follows:
|
1806
1888
|
#
|
1807
|
-
# * CLI - Specify the
|
1889
|
+
# * CLI - Specify the Region when you use the CloudFront scope:
|
1808
1890
|
# `--scope=CLOUDFRONT --region=us-east-1`.
|
1809
1891
|
#
|
1810
1892
|
# * API and SDKs - For all calls, use the Region endpoint us-east-1.
|
@@ -1848,8 +1930,9 @@ module Aws::WAFV2
|
|
1848
1930
|
# regional application can be an Application Load Balancer (ALB) or an
|
1849
1931
|
# API Gateway stage.
|
1850
1932
|
#
|
1851
|
-
# For AWS CloudFront,
|
1852
|
-
#
|
1933
|
+
# For AWS CloudFront, don't use this call. Instead, use your CloudFront
|
1934
|
+
# distribution configuration. To disassociate a Web ACL, provide an
|
1935
|
+
# empty web ACL ID in the CloudFront call `UpdateDistribution`. For
|
1853
1936
|
# information, see [UpdateDistribution][2].
|
1854
1937
|
#
|
1855
1938
|
#
|
@@ -1901,8 +1984,8 @@ module Aws::WAFV2
|
|
1901
1984
|
# [1]: https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html
|
1902
1985
|
#
|
1903
1986
|
# @option params [required, String] :name
|
1904
|
-
#
|
1905
|
-
#
|
1987
|
+
# The name of the IP set. You cannot change the name of an `IPSet` after
|
1988
|
+
# you create it.
|
1906
1989
|
#
|
1907
1990
|
# @option params [required, String] :scope
|
1908
1991
|
# Specifies whether this is for an AWS CloudFront distribution or for a
|
@@ -1912,7 +1995,7 @@ module Aws::WAFV2
|
|
1912
1995
|
# To work with CloudFront, you must also specify the Region US East (N.
|
1913
1996
|
# Virginia) as follows:
|
1914
1997
|
#
|
1915
|
-
# * CLI - Specify the
|
1998
|
+
# * CLI - Specify the Region when you use the CloudFront scope:
|
1916
1999
|
# `--scope=CLOUDFRONT --region=us-east-1`.
|
1917
2000
|
#
|
1918
2001
|
# * API and SDKs - For all calls, use the Region endpoint us-east-1.
|
@@ -2000,6 +2083,37 @@ module Aws::WAFV2
|
|
2000
2083
|
req.send_request(options)
|
2001
2084
|
end
|
2002
2085
|
|
2086
|
+
# Returns the IAM policy that is attached to the specified rule group.
|
2087
|
+
#
|
2088
|
+
# You must be the owner of the rule group to perform this operation.
|
2089
|
+
#
|
2090
|
+
# @option params [required, String] :resource_arn
|
2091
|
+
# The Amazon Resource Name (ARN) of the rule group for which you want to
|
2092
|
+
# get the policy.
|
2093
|
+
#
|
2094
|
+
# @return [Types::GetPermissionPolicyResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
2095
|
+
#
|
2096
|
+
# * {Types::GetPermissionPolicyResponse#policy #policy} => String
|
2097
|
+
#
|
2098
|
+
# @example Request syntax with placeholder values
|
2099
|
+
#
|
2100
|
+
# resp = client.get_permission_policy({
|
2101
|
+
# resource_arn: "ResourceArn", # required
|
2102
|
+
# })
|
2103
|
+
#
|
2104
|
+
# @example Response structure
|
2105
|
+
#
|
2106
|
+
# resp.policy #=> String
|
2107
|
+
#
|
2108
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/GetPermissionPolicy AWS API Documentation
|
2109
|
+
#
|
2110
|
+
# @overload get_permission_policy(params = {})
|
2111
|
+
# @param [Hash] params ({})
|
2112
|
+
def get_permission_policy(params = {}, options = {})
|
2113
|
+
req = build_request(:get_permission_policy, params)
|
2114
|
+
req.send_request(options)
|
2115
|
+
end
|
2116
|
+
|
2003
2117
|
# <note markdown="1"> This is the latest version of **AWS WAF**, named AWS WAFV2, released
|
2004
2118
|
# in November, 2019. For information, including how to migrate your AWS
|
2005
2119
|
# WAF resources from the prior release, see the [AWS WAF Developer
|
@@ -2024,14 +2138,14 @@ module Aws::WAFV2
|
|
2024
2138
|
# To work with CloudFront, you must also specify the Region US East (N.
|
2025
2139
|
# Virginia) as follows:
|
2026
2140
|
#
|
2027
|
-
# * CLI - Specify the
|
2141
|
+
# * CLI - Specify the Region when you use the CloudFront scope:
|
2028
2142
|
# `--scope=CLOUDFRONT --region=us-east-1`.
|
2029
2143
|
#
|
2030
2144
|
# * API and SDKs - For all calls, use the Region endpoint us-east-1.
|
2031
2145
|
#
|
2032
2146
|
# @option params [required, String] :web_acl_name
|
2033
|
-
#
|
2034
|
-
#
|
2147
|
+
# The name of the Web ACL. You cannot change the name of a Web ACL after
|
2148
|
+
# you create it.
|
2035
2149
|
#
|
2036
2150
|
# @option params [required, String] :web_acl_id
|
2037
2151
|
# The unique identifier for the Web ACL. This ID is returned in the
|
@@ -2087,8 +2201,8 @@ module Aws::WAFV2
|
|
2087
2201
|
# [1]: https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html
|
2088
2202
|
#
|
2089
2203
|
# @option params [required, String] :name
|
2090
|
-
#
|
2091
|
-
#
|
2204
|
+
# The name of the set. You cannot change the name after you create the
|
2205
|
+
# set.
|
2092
2206
|
#
|
2093
2207
|
# @option params [required, String] :scope
|
2094
2208
|
# Specifies whether this is for an AWS CloudFront distribution or for a
|
@@ -2098,7 +2212,7 @@ module Aws::WAFV2
|
|
2098
2212
|
# To work with CloudFront, you must also specify the Region US East (N.
|
2099
2213
|
# Virginia) as follows:
|
2100
2214
|
#
|
2101
|
-
# * CLI - Specify the
|
2215
|
+
# * CLI - Specify the Region when you use the CloudFront scope:
|
2102
2216
|
# `--scope=CLOUDFRONT --region=us-east-1`.
|
2103
2217
|
#
|
2104
2218
|
# * API and SDKs - For all calls, use the Region endpoint us-east-1.
|
@@ -2154,8 +2268,8 @@ module Aws::WAFV2
|
|
2154
2268
|
# [1]: https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html
|
2155
2269
|
#
|
2156
2270
|
# @option params [required, String] :name
|
2157
|
-
#
|
2158
|
-
#
|
2271
|
+
# The name of the rule group. You cannot change the name of a rule group
|
2272
|
+
# after you create it.
|
2159
2273
|
#
|
2160
2274
|
# @option params [required, String] :scope
|
2161
2275
|
# Specifies whether this is for an AWS CloudFront distribution or for a
|
@@ -2165,7 +2279,7 @@ module Aws::WAFV2
|
|
2165
2279
|
# To work with CloudFront, you must also specify the Region US East (N.
|
2166
2280
|
# Virginia) as follows:
|
2167
2281
|
#
|
2168
|
-
# * CLI - Specify the
|
2282
|
+
# * CLI - Specify the Region when you use the CloudFront scope:
|
2169
2283
|
# `--scope=CLOUDFRONT --region=us-east-1`.
|
2170
2284
|
#
|
2171
2285
|
# * API and SDKs - For all calls, use the Region endpoint us-east-1.
|
@@ -2303,7 +2417,7 @@ module Aws::WAFV2
|
|
2303
2417
|
# To work with CloudFront, you must also specify the Region US East (N.
|
2304
2418
|
# Virginia) as follows:
|
2305
2419
|
#
|
2306
|
-
# * CLI - Specify the
|
2420
|
+
# * CLI - Specify the Region when you use the CloudFront scope:
|
2307
2421
|
# `--scope=CLOUDFRONT --region=us-east-1`.
|
2308
2422
|
#
|
2309
2423
|
# * API and SDKs - For all calls, use the Region endpoint us-east-1.
|
@@ -2383,8 +2497,8 @@ module Aws::WAFV2
|
|
2383
2497
|
# [1]: https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html
|
2384
2498
|
#
|
2385
2499
|
# @option params [required, String] :name
|
2386
|
-
#
|
2387
|
-
#
|
2500
|
+
# The name of the Web ACL. You cannot change the name of a Web ACL after
|
2501
|
+
# you create it.
|
2388
2502
|
#
|
2389
2503
|
# @option params [required, String] :scope
|
2390
2504
|
# Specifies whether this is for an AWS CloudFront distribution or for a
|
@@ -2394,7 +2508,7 @@ module Aws::WAFV2
|
|
2394
2508
|
# To work with CloudFront, you must also specify the Region US East (N.
|
2395
2509
|
# Virginia) as follows:
|
2396
2510
|
#
|
2397
|
-
# * CLI - Specify the
|
2511
|
+
# * CLI - Specify the Region when you use the CloudFront scope:
|
2398
2512
|
# `--scope=CLOUDFRONT --region=us-east-1`.
|
2399
2513
|
#
|
2400
2514
|
# * API and SDKs - For all calls, use the Region endpoint us-east-1.
|
@@ -2481,6 +2595,33 @@ module Aws::WAFV2
|
|
2481
2595
|
# resp.web_acl.visibility_config.cloud_watch_metrics_enabled #=> Boolean
|
2482
2596
|
# resp.web_acl.visibility_config.metric_name #=> String
|
2483
2597
|
# resp.web_acl.capacity #=> Integer
|
2598
|
+
# resp.web_acl.pre_process_firewall_manager_rule_groups #=> Array
|
2599
|
+
# resp.web_acl.pre_process_firewall_manager_rule_groups[0].name #=> String
|
2600
|
+
# resp.web_acl.pre_process_firewall_manager_rule_groups[0].priority #=> Integer
|
2601
|
+
# resp.web_acl.pre_process_firewall_manager_rule_groups[0].firewall_manager_statement.managed_rule_group_statement.vendor_name #=> String
|
2602
|
+
# resp.web_acl.pre_process_firewall_manager_rule_groups[0].firewall_manager_statement.managed_rule_group_statement.name #=> String
|
2603
|
+
# resp.web_acl.pre_process_firewall_manager_rule_groups[0].firewall_manager_statement.managed_rule_group_statement.excluded_rules #=> Array
|
2604
|
+
# resp.web_acl.pre_process_firewall_manager_rule_groups[0].firewall_manager_statement.managed_rule_group_statement.excluded_rules[0].name #=> String
|
2605
|
+
# resp.web_acl.pre_process_firewall_manager_rule_groups[0].firewall_manager_statement.rule_group_reference_statement.arn #=> String
|
2606
|
+
# resp.web_acl.pre_process_firewall_manager_rule_groups[0].firewall_manager_statement.rule_group_reference_statement.excluded_rules #=> Array
|
2607
|
+
# resp.web_acl.pre_process_firewall_manager_rule_groups[0].firewall_manager_statement.rule_group_reference_statement.excluded_rules[0].name #=> String
|
2608
|
+
# resp.web_acl.pre_process_firewall_manager_rule_groups[0].visibility_config.sampled_requests_enabled #=> Boolean
|
2609
|
+
# resp.web_acl.pre_process_firewall_manager_rule_groups[0].visibility_config.cloud_watch_metrics_enabled #=> Boolean
|
2610
|
+
# resp.web_acl.pre_process_firewall_manager_rule_groups[0].visibility_config.metric_name #=> String
|
2611
|
+
# resp.web_acl.post_process_firewall_manager_rule_groups #=> Array
|
2612
|
+
# resp.web_acl.post_process_firewall_manager_rule_groups[0].name #=> String
|
2613
|
+
# resp.web_acl.post_process_firewall_manager_rule_groups[0].priority #=> Integer
|
2614
|
+
# resp.web_acl.post_process_firewall_manager_rule_groups[0].firewall_manager_statement.managed_rule_group_statement.vendor_name #=> String
|
2615
|
+
# resp.web_acl.post_process_firewall_manager_rule_groups[0].firewall_manager_statement.managed_rule_group_statement.name #=> String
|
2616
|
+
# resp.web_acl.post_process_firewall_manager_rule_groups[0].firewall_manager_statement.managed_rule_group_statement.excluded_rules #=> Array
|
2617
|
+
# resp.web_acl.post_process_firewall_manager_rule_groups[0].firewall_manager_statement.managed_rule_group_statement.excluded_rules[0].name #=> String
|
2618
|
+
# resp.web_acl.post_process_firewall_manager_rule_groups[0].firewall_manager_statement.rule_group_reference_statement.arn #=> String
|
2619
|
+
# resp.web_acl.post_process_firewall_manager_rule_groups[0].firewall_manager_statement.rule_group_reference_statement.excluded_rules #=> Array
|
2620
|
+
# resp.web_acl.post_process_firewall_manager_rule_groups[0].firewall_manager_statement.rule_group_reference_statement.excluded_rules[0].name #=> String
|
2621
|
+
# resp.web_acl.post_process_firewall_manager_rule_groups[0].visibility_config.sampled_requests_enabled #=> Boolean
|
2622
|
+
# resp.web_acl.post_process_firewall_manager_rule_groups[0].visibility_config.cloud_watch_metrics_enabled #=> Boolean
|
2623
|
+
# resp.web_acl.post_process_firewall_manager_rule_groups[0].visibility_config.metric_name #=> String
|
2624
|
+
# resp.web_acl.managed_by_firewall_manager #=> Boolean
|
2484
2625
|
# resp.lock_token #=> String
|
2485
2626
|
#
|
2486
2627
|
# @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/GetWebACL AWS API Documentation
|
@@ -2582,6 +2723,33 @@ module Aws::WAFV2
|
|
2582
2723
|
# resp.web_acl.visibility_config.cloud_watch_metrics_enabled #=> Boolean
|
2583
2724
|
# resp.web_acl.visibility_config.metric_name #=> String
|
2584
2725
|
# resp.web_acl.capacity #=> Integer
|
2726
|
+
# resp.web_acl.pre_process_firewall_manager_rule_groups #=> Array
|
2727
|
+
# resp.web_acl.pre_process_firewall_manager_rule_groups[0].name #=> String
|
2728
|
+
# resp.web_acl.pre_process_firewall_manager_rule_groups[0].priority #=> Integer
|
2729
|
+
# resp.web_acl.pre_process_firewall_manager_rule_groups[0].firewall_manager_statement.managed_rule_group_statement.vendor_name #=> String
|
2730
|
+
# resp.web_acl.pre_process_firewall_manager_rule_groups[0].firewall_manager_statement.managed_rule_group_statement.name #=> String
|
2731
|
+
# resp.web_acl.pre_process_firewall_manager_rule_groups[0].firewall_manager_statement.managed_rule_group_statement.excluded_rules #=> Array
|
2732
|
+
# resp.web_acl.pre_process_firewall_manager_rule_groups[0].firewall_manager_statement.managed_rule_group_statement.excluded_rules[0].name #=> String
|
2733
|
+
# resp.web_acl.pre_process_firewall_manager_rule_groups[0].firewall_manager_statement.rule_group_reference_statement.arn #=> String
|
2734
|
+
# resp.web_acl.pre_process_firewall_manager_rule_groups[0].firewall_manager_statement.rule_group_reference_statement.excluded_rules #=> Array
|
2735
|
+
# resp.web_acl.pre_process_firewall_manager_rule_groups[0].firewall_manager_statement.rule_group_reference_statement.excluded_rules[0].name #=> String
|
2736
|
+
# resp.web_acl.pre_process_firewall_manager_rule_groups[0].visibility_config.sampled_requests_enabled #=> Boolean
|
2737
|
+
# resp.web_acl.pre_process_firewall_manager_rule_groups[0].visibility_config.cloud_watch_metrics_enabled #=> Boolean
|
2738
|
+
# resp.web_acl.pre_process_firewall_manager_rule_groups[0].visibility_config.metric_name #=> String
|
2739
|
+
# resp.web_acl.post_process_firewall_manager_rule_groups #=> Array
|
2740
|
+
# resp.web_acl.post_process_firewall_manager_rule_groups[0].name #=> String
|
2741
|
+
# resp.web_acl.post_process_firewall_manager_rule_groups[0].priority #=> Integer
|
2742
|
+
# resp.web_acl.post_process_firewall_manager_rule_groups[0].firewall_manager_statement.managed_rule_group_statement.vendor_name #=> String
|
2743
|
+
# resp.web_acl.post_process_firewall_manager_rule_groups[0].firewall_manager_statement.managed_rule_group_statement.name #=> String
|
2744
|
+
# resp.web_acl.post_process_firewall_manager_rule_groups[0].firewall_manager_statement.managed_rule_group_statement.excluded_rules #=> Array
|
2745
|
+
# resp.web_acl.post_process_firewall_manager_rule_groups[0].firewall_manager_statement.managed_rule_group_statement.excluded_rules[0].name #=> String
|
2746
|
+
# resp.web_acl.post_process_firewall_manager_rule_groups[0].firewall_manager_statement.rule_group_reference_statement.arn #=> String
|
2747
|
+
# resp.web_acl.post_process_firewall_manager_rule_groups[0].firewall_manager_statement.rule_group_reference_statement.excluded_rules #=> Array
|
2748
|
+
# resp.web_acl.post_process_firewall_manager_rule_groups[0].firewall_manager_statement.rule_group_reference_statement.excluded_rules[0].name #=> String
|
2749
|
+
# resp.web_acl.post_process_firewall_manager_rule_groups[0].visibility_config.sampled_requests_enabled #=> Boolean
|
2750
|
+
# resp.web_acl.post_process_firewall_manager_rule_groups[0].visibility_config.cloud_watch_metrics_enabled #=> Boolean
|
2751
|
+
# resp.web_acl.post_process_firewall_manager_rule_groups[0].visibility_config.metric_name #=> String
|
2752
|
+
# resp.web_acl.managed_by_firewall_manager #=> Boolean
|
2585
2753
|
#
|
2586
2754
|
# @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/GetWebACLForResource AWS API Documentation
|
2587
2755
|
#
|
@@ -2615,7 +2783,7 @@ module Aws::WAFV2
|
|
2615
2783
|
# To work with CloudFront, you must also specify the Region US East (N.
|
2616
2784
|
# Virginia) as follows:
|
2617
2785
|
#
|
2618
|
-
# * CLI - Specify the
|
2786
|
+
# * CLI - Specify the Region when you use the CloudFront scope:
|
2619
2787
|
# `--scope=CLOUDFRONT --region=us-east-1`.
|
2620
2788
|
#
|
2621
2789
|
# * API and SDKs - For all calls, use the Region endpoint us-east-1.
|
@@ -2685,7 +2853,7 @@ module Aws::WAFV2
|
|
2685
2853
|
# To work with CloudFront, you must also specify the Region US East (N.
|
2686
2854
|
# Virginia) as follows:
|
2687
2855
|
#
|
2688
|
-
# * CLI - Specify the
|
2856
|
+
# * CLI - Specify the Region when you use the CloudFront scope:
|
2689
2857
|
# `--scope=CLOUDFRONT --region=us-east-1`.
|
2690
2858
|
#
|
2691
2859
|
# * API and SDKs - For all calls, use the Region endpoint us-east-1.
|
@@ -2756,7 +2924,7 @@ module Aws::WAFV2
|
|
2756
2924
|
# To work with CloudFront, you must also specify the Region US East (N.
|
2757
2925
|
# Virginia) as follows:
|
2758
2926
|
#
|
2759
|
-
# * CLI - Specify the
|
2927
|
+
# * CLI - Specify the Region when you use the CloudFront scope:
|
2760
2928
|
# `--scope=CLOUDFRONT --region=us-east-1`.
|
2761
2929
|
#
|
2762
2930
|
# * API and SDKs - For all calls, use the Region endpoint us-east-1.
|
@@ -2829,7 +2997,7 @@ module Aws::WAFV2
|
|
2829
2997
|
# To work with CloudFront, you must also specify the Region US East (N.
|
2830
2998
|
# Virginia) as follows:
|
2831
2999
|
#
|
2832
|
-
# * CLI - Specify the
|
3000
|
+
# * CLI - Specify the Region when you use the CloudFront scope:
|
2833
3001
|
# `--scope=CLOUDFRONT --region=us-east-1`.
|
2834
3002
|
#
|
2835
3003
|
# * API and SDKs - For all calls, use the Region endpoint us-east-1.
|
@@ -2950,7 +3118,7 @@ module Aws::WAFV2
|
|
2950
3118
|
# To work with CloudFront, you must also specify the Region US East (N.
|
2951
3119
|
# Virginia) as follows:
|
2952
3120
|
#
|
2953
|
-
# * CLI - Specify the
|
3121
|
+
# * CLI - Specify the Region when you use the CloudFront scope:
|
2954
3122
|
# `--scope=CLOUDFRONT --region=us-east-1`.
|
2955
3123
|
#
|
2956
3124
|
# * API and SDKs - For all calls, use the Region endpoint us-east-1.
|
@@ -3081,7 +3249,7 @@ module Aws::WAFV2
|
|
3081
3249
|
# To work with CloudFront, you must also specify the Region US East (N.
|
3082
3250
|
# Virginia) as follows:
|
3083
3251
|
#
|
3084
|
-
# * CLI - Specify the
|
3252
|
+
# * CLI - Specify the Region when you use the CloudFront scope:
|
3085
3253
|
# `--scope=CLOUDFRONT --region=us-east-1`.
|
3086
3254
|
#
|
3087
3255
|
# * API and SDKs - For all calls, use the Region endpoint us-east-1.
|
@@ -3146,7 +3314,7 @@ module Aws::WAFV2
|
|
3146
3314
|
#
|
3147
3315
|
# 1. Create an Amazon Kinesis Data Firehose.
|
3148
3316
|
#
|
3149
|
-
# Create the data firehose with a PUT source and in the
|
3317
|
+
# Create the data firehose with a PUT source and in the Region that
|
3150
3318
|
# you are operating. If you are capturing logs for Amazon
|
3151
3319
|
# CloudFront, always create the firehose in US East (N. Virginia).
|
3152
3320
|
#
|
@@ -3222,6 +3390,68 @@ module Aws::WAFV2
|
|
3222
3390
|
req.send_request(options)
|
3223
3391
|
end
|
3224
3392
|
|
3393
|
+
# Attaches an IAM policy to the specified resource. Use this to share a
|
3394
|
+
# rule group across accounts.
|
3395
|
+
#
|
3396
|
+
# You must be the owner of the rule group to perform this operation.
|
3397
|
+
#
|
3398
|
+
# This action is subject to the following restrictions:
|
3399
|
+
#
|
3400
|
+
# * You can attach only one policy with each `PutPermissionPolicy`
|
3401
|
+
# request.
|
3402
|
+
#
|
3403
|
+
# * The ARN in the request must be a valid WAF RuleGroup ARN and the
|
3404
|
+
# rule group must exist in the same region.
|
3405
|
+
#
|
3406
|
+
# * The user making the request must be the owner of the rule group.
|
3407
|
+
#
|
3408
|
+
# @option params [required, String] :resource_arn
|
3409
|
+
# The Amazon Resource Name (ARN) of the RuleGroup to which you want to
|
3410
|
+
# attach the policy.
|
3411
|
+
#
|
3412
|
+
# @option params [required, String] :policy
|
3413
|
+
# The policy to attach to the specified rule group.
|
3414
|
+
#
|
3415
|
+
# The policy specifications must conform to the following:
|
3416
|
+
#
|
3417
|
+
# * The policy must be composed using IAM Policy version 2012-10-17 or
|
3418
|
+
# version 2015-01-01.
|
3419
|
+
#
|
3420
|
+
# * The policy must include specifications for `Effect`, `Action`, and
|
3421
|
+
# `Principal`.
|
3422
|
+
#
|
3423
|
+
# * `Effect` must specify `Allow`.
|
3424
|
+
#
|
3425
|
+
# * `Action` must specify `wafv2:CreateWebACL`, `wafv2:UpdateWebACL`,
|
3426
|
+
# and `wafv2:PutFirewallManagerRuleGroups`. AWS WAF rejects any extra
|
3427
|
+
# actions or wildcard actions in the policy.
|
3428
|
+
#
|
3429
|
+
# * The policy must not include a `Resource` parameter.
|
3430
|
+
#
|
3431
|
+
# For more information, see [IAM Policies][1].
|
3432
|
+
#
|
3433
|
+
#
|
3434
|
+
#
|
3435
|
+
# [1]: https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html
|
3436
|
+
#
|
3437
|
+
# @return [Struct] Returns an empty {Seahorse::Client::Response response}.
|
3438
|
+
#
|
3439
|
+
# @example Request syntax with placeholder values
|
3440
|
+
#
|
3441
|
+
# resp = client.put_permission_policy({
|
3442
|
+
# resource_arn: "ResourceArn", # required
|
3443
|
+
# policy: "PolicyString", # required
|
3444
|
+
# })
|
3445
|
+
#
|
3446
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/PutPermissionPolicy AWS API Documentation
|
3447
|
+
#
|
3448
|
+
# @overload put_permission_policy(params = {})
|
3449
|
+
# @param [Hash] params ({})
|
3450
|
+
def put_permission_policy(params = {}, options = {})
|
3451
|
+
req = build_request(:put_permission_policy, params)
|
3452
|
+
req.send_request(options)
|
3453
|
+
end
|
3454
|
+
|
3225
3455
|
# <note markdown="1"> This is the latest version of **AWS WAF**, named AWS WAFV2, released
|
3226
3456
|
# in November, 2019. For information, including how to migrate your AWS
|
3227
3457
|
# WAF resources from the prior release, see the [AWS WAF Developer
|
@@ -3324,8 +3554,8 @@ module Aws::WAFV2
|
|
3324
3554
|
# [1]: https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html
|
3325
3555
|
#
|
3326
3556
|
# @option params [required, String] :name
|
3327
|
-
#
|
3328
|
-
#
|
3557
|
+
# The name of the IP set. You cannot change the name of an `IPSet` after
|
3558
|
+
# you create it.
|
3329
3559
|
#
|
3330
3560
|
# @option params [required, String] :scope
|
3331
3561
|
# Specifies whether this is for an AWS CloudFront distribution or for a
|
@@ -3335,7 +3565,7 @@ module Aws::WAFV2
|
|
3335
3565
|
# To work with CloudFront, you must also specify the Region US East (N.
|
3336
3566
|
# Virginia) as follows:
|
3337
3567
|
#
|
3338
|
-
# * CLI - Specify the
|
3568
|
+
# * CLI - Specify the Region when you use the CloudFront scope:
|
3339
3569
|
# `--scope=CLOUDFRONT --region=us-east-1`.
|
3340
3570
|
#
|
3341
3571
|
# * API and SDKs - For all calls, use the Region endpoint us-east-1.
|
@@ -3346,8 +3576,8 @@ module Aws::WAFV2
|
|
3346
3576
|
# and delete.
|
3347
3577
|
#
|
3348
3578
|
# @option params [String] :description
|
3349
|
-
# A
|
3350
|
-
# description of an IP set after you create it.
|
3579
|
+
# A description of the IP set that helps with identification. You cannot
|
3580
|
+
# change the description of an IP set after you create it.
|
3351
3581
|
#
|
3352
3582
|
# @option params [required, Array<String>] :addresses
|
3353
3583
|
# Contains an array of strings that specify one or more IP addresses or
|
@@ -3433,8 +3663,8 @@ module Aws::WAFV2
|
|
3433
3663
|
# [1]: https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html
|
3434
3664
|
#
|
3435
3665
|
# @option params [required, String] :name
|
3436
|
-
#
|
3437
|
-
#
|
3666
|
+
# The name of the set. You cannot change the name after you create the
|
3667
|
+
# set.
|
3438
3668
|
#
|
3439
3669
|
# @option params [required, String] :scope
|
3440
3670
|
# Specifies whether this is for an AWS CloudFront distribution or for a
|
@@ -3444,7 +3674,7 @@ module Aws::WAFV2
|
|
3444
3674
|
# To work with CloudFront, you must also specify the Region US East (N.
|
3445
3675
|
# Virginia) as follows:
|
3446
3676
|
#
|
3447
|
-
# * CLI - Specify the
|
3677
|
+
# * CLI - Specify the Region when you use the CloudFront scope:
|
3448
3678
|
# `--scope=CLOUDFRONT --region=us-east-1`.
|
3449
3679
|
#
|
3450
3680
|
# * API and SDKs - For all calls, use the Region endpoint us-east-1.
|
@@ -3455,8 +3685,8 @@ module Aws::WAFV2
|
|
3455
3685
|
# and delete.
|
3456
3686
|
#
|
3457
3687
|
# @option params [String] :description
|
3458
|
-
# A
|
3459
|
-
# of a set after you create it.
|
3688
|
+
# A description of the set that helps with identification. You cannot
|
3689
|
+
# change the description of a set after you create it.
|
3460
3690
|
#
|
3461
3691
|
# @option params [required, Array<Types::Regex>] :regular_expression_list
|
3462
3692
|
#
|
@@ -3522,8 +3752,8 @@ module Aws::WAFV2
|
|
3522
3752
|
# [1]: https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html
|
3523
3753
|
#
|
3524
3754
|
# @option params [required, String] :name
|
3525
|
-
#
|
3526
|
-
#
|
3755
|
+
# The name of the rule group. You cannot change the name of a rule group
|
3756
|
+
# after you create it.
|
3527
3757
|
#
|
3528
3758
|
# @option params [required, String] :scope
|
3529
3759
|
# Specifies whether this is for an AWS CloudFront distribution or for a
|
@@ -3533,7 +3763,7 @@ module Aws::WAFV2
|
|
3533
3763
|
# To work with CloudFront, you must also specify the Region US East (N.
|
3534
3764
|
# Virginia) as follows:
|
3535
3765
|
#
|
3536
|
-
# * CLI - Specify the
|
3766
|
+
# * CLI - Specify the Region when you use the CloudFront scope:
|
3537
3767
|
# `--scope=CLOUDFRONT --region=us-east-1`.
|
3538
3768
|
#
|
3539
3769
|
# * API and SDKs - For all calls, use the Region endpoint us-east-1.
|
@@ -3544,8 +3774,8 @@ module Aws::WAFV2
|
|
3544
3774
|
# like update and delete.
|
3545
3775
|
#
|
3546
3776
|
# @option params [String] :description
|
3547
|
-
# A
|
3548
|
-
# description of a rule group after you create it.
|
3777
|
+
# A description of the rule group that helps with identification. You
|
3778
|
+
# cannot change the description of a rule group after you create it.
|
3549
3779
|
#
|
3550
3780
|
# @option params [Array<Types::Rule>] :rules
|
3551
3781
|
# The Rule statements used to identify the web requests that you want to
|
@@ -3834,8 +4064,8 @@ module Aws::WAFV2
|
|
3834
4064
|
# [1]: https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html
|
3835
4065
|
#
|
3836
4066
|
# @option params [required, String] :name
|
3837
|
-
#
|
3838
|
-
#
|
4067
|
+
# The name of the Web ACL. You cannot change the name of a Web ACL after
|
4068
|
+
# you create it.
|
3839
4069
|
#
|
3840
4070
|
# @option params [required, String] :scope
|
3841
4071
|
# Specifies whether this is for an AWS CloudFront distribution or for a
|
@@ -3845,7 +4075,7 @@ module Aws::WAFV2
|
|
3845
4075
|
# To work with CloudFront, you must also specify the Region US East (N.
|
3846
4076
|
# Virginia) as follows:
|
3847
4077
|
#
|
3848
|
-
# * CLI - Specify the
|
4078
|
+
# * CLI - Specify the Region when you use the CloudFront scope:
|
3849
4079
|
# `--scope=CLOUDFRONT --region=us-east-1`.
|
3850
4080
|
#
|
3851
4081
|
# * API and SDKs - For all calls, use the Region endpoint us-east-1.
|
@@ -3860,8 +4090,8 @@ module Aws::WAFV2
|
|
3860
4090
|
# match.
|
3861
4091
|
#
|
3862
4092
|
# @option params [String] :description
|
3863
|
-
# A
|
3864
|
-
# description of a Web ACL after you create it.
|
4093
|
+
# A description of the Web ACL that helps with identification. You
|
4094
|
+
# cannot change the description of a Web ACL after you create it.
|
3865
4095
|
#
|
3866
4096
|
# @option params [Array<Types::Rule>] :rules
|
3867
4097
|
# The Rule statements used to identify the web requests that you want to
|
@@ -4145,7 +4375,7 @@ module Aws::WAFV2
|
|
4145
4375
|
params: params,
|
4146
4376
|
config: config)
|
4147
4377
|
context[:gem_name] = 'aws-sdk-wafv2'
|
4148
|
-
context[:gem_version] = '1.
|
4378
|
+
context[:gem_version] = '1.7.0'
|
4149
4379
|
Seahorse::Client::Request.new(handlers, context)
|
4150
4380
|
end
|
4151
4381
|
|