aws-sdk-wafv2 1.2.0 → 1.7.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +5 -5
- data/lib/aws-sdk-wafv2.rb +3 -1
- data/lib/aws-sdk-wafv2/client.rb +333 -103
- data/lib/aws-sdk-wafv2/client_api.rb +146 -0
- data/lib/aws-sdk-wafv2/errors.rb +34 -0
- data/lib/aws-sdk-wafv2/resource.rb +3 -7
- data/lib/aws-sdk-wafv2/types.rb +669 -148
- metadata +5 -5
data/lib/aws-sdk-wafv2/errors.rb
CHANGED
@@ -1,3 +1,5 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
1
3
|
# WARNING ABOUT GENERATED CODE
|
2
4
|
#
|
3
5
|
# This file is generated. See the contributing guide for more information:
|
@@ -28,7 +30,9 @@ module Aws::WAFV2
|
|
28
30
|
# * {WAFAssociatedItemException}
|
29
31
|
# * {WAFDuplicateItemException}
|
30
32
|
# * {WAFInternalErrorException}
|
33
|
+
# * {WAFInvalidOperationException}
|
31
34
|
# * {WAFInvalidParameterException}
|
35
|
+
# * {WAFInvalidPermissionPolicyException}
|
32
36
|
# * {WAFInvalidResourceException}
|
33
37
|
# * {WAFLimitsExceededException}
|
34
38
|
# * {WAFNonexistentItemException}
|
@@ -90,6 +94,21 @@ module Aws::WAFV2
|
|
90
94
|
end
|
91
95
|
end
|
92
96
|
|
97
|
+
class WAFInvalidOperationException < ServiceError
|
98
|
+
|
99
|
+
# @param [Seahorse::Client::RequestContext] context
|
100
|
+
# @param [String] message
|
101
|
+
# @param [Aws::WAFV2::Types::WAFInvalidOperationException] data
|
102
|
+
def initialize(context, message, data = Aws::EmptyStructure.new)
|
103
|
+
super(context, message, data)
|
104
|
+
end
|
105
|
+
|
106
|
+
# @return [String]
|
107
|
+
def message
|
108
|
+
@message || @data[:message]
|
109
|
+
end
|
110
|
+
end
|
111
|
+
|
93
112
|
class WAFInvalidParameterException < ServiceError
|
94
113
|
|
95
114
|
# @param [Seahorse::Client::RequestContext] context
|
@@ -120,6 +139,21 @@ module Aws::WAFV2
|
|
120
139
|
end
|
121
140
|
end
|
122
141
|
|
142
|
+
class WAFInvalidPermissionPolicyException < ServiceError
|
143
|
+
|
144
|
+
# @param [Seahorse::Client::RequestContext] context
|
145
|
+
# @param [String] message
|
146
|
+
# @param [Aws::WAFV2::Types::WAFInvalidPermissionPolicyException] data
|
147
|
+
def initialize(context, message, data = Aws::EmptyStructure.new)
|
148
|
+
super(context, message, data)
|
149
|
+
end
|
150
|
+
|
151
|
+
# @return [String]
|
152
|
+
def message
|
153
|
+
@message || @data[:message]
|
154
|
+
end
|
155
|
+
end
|
156
|
+
|
123
157
|
class WAFInvalidResourceException < ServiceError
|
124
158
|
|
125
159
|
# @param [Seahorse::Client::RequestContext] context
|
@@ -1,3 +1,5 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
1
3
|
# WARNING ABOUT GENERATED CODE
|
2
4
|
#
|
3
5
|
# This file is generated. See the contributing guide for more information:
|
@@ -6,13 +8,7 @@
|
|
6
8
|
# WARNING ABOUT GENERATED CODE
|
7
9
|
|
8
10
|
module Aws::WAFV2
|
9
|
-
|
10
|
-
# To create a resource object:
|
11
|
-
# resource = Aws::WAFV2::Resource.new(region: 'us-west-2')
|
12
|
-
# You can supply a client object with custom configuration that will be used for all resource operations.
|
13
|
-
# If you do not pass +:client+, a default client will be constructed.
|
14
|
-
# client = Aws::WAFV2::Client.new(region: 'us-west-2')
|
15
|
-
# resource = Aws::WAFV2::Resource.new(client: client)
|
11
|
+
|
16
12
|
class Resource
|
17
13
|
|
18
14
|
# @param options ({})
|
data/lib/aws-sdk-wafv2/types.rb
CHANGED
@@ -1,3 +1,5 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
1
3
|
# WARNING ABOUT GENERATED CODE
|
2
4
|
#
|
3
5
|
# This file is generated. See the contributing guide for more information:
|
@@ -266,6 +268,7 @@ module Aws::WAFV2
|
|
266
268
|
#
|
267
269
|
class AndStatement < Struct.new(
|
268
270
|
:statements)
|
271
|
+
SENSITIVE = []
|
269
272
|
include Aws::Structure
|
270
273
|
end
|
271
274
|
|
@@ -301,6 +304,7 @@ module Aws::WAFV2
|
|
301
304
|
class AssociateWebACLRequest < Struct.new(
|
302
305
|
:web_acl_arn,
|
303
306
|
:resource_arn)
|
307
|
+
SENSITIVE = []
|
304
308
|
include Aws::Structure
|
305
309
|
end
|
306
310
|
|
@@ -408,8 +412,8 @@ module Aws::WAFV2
|
|
408
412
|
# only in the part of web requests that you designate for inspection
|
409
413
|
# in FieldToMatch. The maximum length of the value is 50 bytes.
|
410
414
|
#
|
411
|
-
# Valid values depend on the
|
412
|
-
# `FieldToMatch`\:
|
415
|
+
# Valid values depend on the component that you specify for inspection
|
416
|
+
# in `FieldToMatch`\:
|
413
417
|
#
|
414
418
|
# * `Method`\: The HTTP method that you want AWS WAF to search for.
|
415
419
|
# This indicates the type of operation specified in the request.
|
@@ -446,9 +450,9 @@ module Aws::WAFV2
|
|
446
450
|
# Text transformations eliminate some of the unusual formatting that
|
447
451
|
# attackers use in web requests in an effort to bypass detection. If
|
448
452
|
# you specify one or more transformations in a rule statement, AWS WAF
|
449
|
-
# performs all transformations on the content
|
450
|
-
# `FieldToMatch`, starting from the lowest priority
|
451
|
-
# inspecting the content for a match.
|
453
|
+
# performs all transformations on the content of the request component
|
454
|
+
# identified by `FieldToMatch`, starting from the lowest priority
|
455
|
+
# setting, before inspecting the content for a match.
|
452
456
|
# @return [Array<Types::TextTransformation>]
|
453
457
|
#
|
454
458
|
# @!attribute [rw] positional_constraint
|
@@ -501,6 +505,7 @@ module Aws::WAFV2
|
|
501
505
|
:field_to_match,
|
502
506
|
:text_transformations,
|
503
507
|
:positional_constraint)
|
508
|
+
SENSITIVE = []
|
504
509
|
include Aws::Structure
|
505
510
|
end
|
506
511
|
|
@@ -730,7 +735,7 @@ module Aws::WAFV2
|
|
730
735
|
# To work with CloudFront, you must also specify the Region US East
|
731
736
|
# (N. Virginia) as follows:
|
732
737
|
#
|
733
|
-
# * CLI - Specify the
|
738
|
+
# * CLI - Specify the Region when you use the CloudFront scope:
|
734
739
|
# `--scope=CLOUDFRONT --region=us-east-1`.
|
735
740
|
#
|
736
741
|
# * API and SDKs - For all calls, use the Region endpoint us-east-1.
|
@@ -746,6 +751,7 @@ module Aws::WAFV2
|
|
746
751
|
class CheckCapacityRequest < Struct.new(
|
747
752
|
:scope,
|
748
753
|
:rules)
|
754
|
+
SENSITIVE = []
|
749
755
|
include Aws::Structure
|
750
756
|
end
|
751
757
|
|
@@ -757,6 +763,7 @@ module Aws::WAFV2
|
|
757
763
|
#
|
758
764
|
class CheckCapacityResponse < Struct.new(
|
759
765
|
:capacity)
|
766
|
+
SENSITIVE = []
|
760
767
|
include Aws::Structure
|
761
768
|
end
|
762
769
|
|
@@ -800,8 +807,8 @@ module Aws::WAFV2
|
|
800
807
|
# }
|
801
808
|
#
|
802
809
|
# @!attribute [rw] name
|
803
|
-
#
|
804
|
-
#
|
810
|
+
# The name of the IP set. You cannot change the name of an `IPSet`
|
811
|
+
# after you create it.
|
805
812
|
# @return [String]
|
806
813
|
#
|
807
814
|
# @!attribute [rw] scope
|
@@ -812,15 +819,15 @@ module Aws::WAFV2
|
|
812
819
|
# To work with CloudFront, you must also specify the Region US East
|
813
820
|
# (N. Virginia) as follows:
|
814
821
|
#
|
815
|
-
# * CLI - Specify the
|
822
|
+
# * CLI - Specify the Region when you use the CloudFront scope:
|
816
823
|
# `--scope=CLOUDFRONT --region=us-east-1`.
|
817
824
|
#
|
818
825
|
# * API and SDKs - For all calls, use the Region endpoint us-east-1.
|
819
826
|
# @return [String]
|
820
827
|
#
|
821
828
|
# @!attribute [rw] description
|
822
|
-
# A
|
823
|
-
# description of an IP set after you create it.
|
829
|
+
# A description of the IP set that helps with identification. You
|
830
|
+
# cannot change the description of an IP set after you create it.
|
824
831
|
# @return [String]
|
825
832
|
#
|
826
833
|
# @!attribute [rw] ip_address_version
|
@@ -875,6 +882,7 @@ module Aws::WAFV2
|
|
875
882
|
:ip_address_version,
|
876
883
|
:addresses,
|
877
884
|
:tags)
|
885
|
+
SENSITIVE = []
|
878
886
|
include Aws::Structure
|
879
887
|
end
|
880
888
|
|
@@ -889,6 +897,7 @@ module Aws::WAFV2
|
|
889
897
|
#
|
890
898
|
class CreateIPSetResponse < Struct.new(
|
891
899
|
:summary)
|
900
|
+
SENSITIVE = []
|
892
901
|
include Aws::Structure
|
893
902
|
end
|
894
903
|
|
@@ -913,8 +922,8 @@ module Aws::WAFV2
|
|
913
922
|
# }
|
914
923
|
#
|
915
924
|
# @!attribute [rw] name
|
916
|
-
#
|
917
|
-
#
|
925
|
+
# The name of the set. You cannot change the name after you create the
|
926
|
+
# set.
|
918
927
|
# @return [String]
|
919
928
|
#
|
920
929
|
# @!attribute [rw] scope
|
@@ -925,15 +934,15 @@ module Aws::WAFV2
|
|
925
934
|
# To work with CloudFront, you must also specify the Region US East
|
926
935
|
# (N. Virginia) as follows:
|
927
936
|
#
|
928
|
-
# * CLI - Specify the
|
937
|
+
# * CLI - Specify the Region when you use the CloudFront scope:
|
929
938
|
# `--scope=CLOUDFRONT --region=us-east-1`.
|
930
939
|
#
|
931
940
|
# * API and SDKs - For all calls, use the Region endpoint us-east-1.
|
932
941
|
# @return [String]
|
933
942
|
#
|
934
943
|
# @!attribute [rw] description
|
935
|
-
# A
|
936
|
-
# of a set after you create it.
|
944
|
+
# A description of the set that helps with identification. You cannot
|
945
|
+
# change the description of a set after you create it.
|
937
946
|
# @return [String]
|
938
947
|
#
|
939
948
|
# @!attribute [rw] regular_expression_list
|
@@ -952,6 +961,7 @@ module Aws::WAFV2
|
|
952
961
|
:description,
|
953
962
|
:regular_expression_list,
|
954
963
|
:tags)
|
964
|
+
SENSITIVE = []
|
955
965
|
include Aws::Structure
|
956
966
|
end
|
957
967
|
|
@@ -967,6 +977,7 @@ module Aws::WAFV2
|
|
967
977
|
#
|
968
978
|
class CreateRegexPatternSetResponse < Struct.new(
|
969
979
|
:summary)
|
980
|
+
SENSITIVE = []
|
970
981
|
include Aws::Structure
|
971
982
|
end
|
972
983
|
|
@@ -1203,8 +1214,8 @@ module Aws::WAFV2
|
|
1203
1214
|
# }
|
1204
1215
|
#
|
1205
1216
|
# @!attribute [rw] name
|
1206
|
-
#
|
1207
|
-
#
|
1217
|
+
# The name of the rule group. You cannot change the name of a rule
|
1218
|
+
# group after you create it.
|
1208
1219
|
# @return [String]
|
1209
1220
|
#
|
1210
1221
|
# @!attribute [rw] scope
|
@@ -1215,7 +1226,7 @@ module Aws::WAFV2
|
|
1215
1226
|
# To work with CloudFront, you must also specify the Region US East
|
1216
1227
|
# (N. Virginia) as follows:
|
1217
1228
|
#
|
1218
|
-
# * CLI - Specify the
|
1229
|
+
# * CLI - Specify the Region when you use the CloudFront scope:
|
1219
1230
|
# `--scope=CLOUDFRONT --region=us-east-1`.
|
1220
1231
|
#
|
1221
1232
|
# * API and SDKs - For all calls, use the Region endpoint us-east-1.
|
@@ -1240,8 +1251,8 @@ module Aws::WAFV2
|
|
1240
1251
|
# @return [Integer]
|
1241
1252
|
#
|
1242
1253
|
# @!attribute [rw] description
|
1243
|
-
# A
|
1244
|
-
# description of a rule group after you create it.
|
1254
|
+
# A description of the rule group that helps with identification. You
|
1255
|
+
# cannot change the description of a rule group after you create it.
|
1245
1256
|
# @return [String]
|
1246
1257
|
#
|
1247
1258
|
# @!attribute [rw] rules
|
@@ -1270,6 +1281,7 @@ module Aws::WAFV2
|
|
1270
1281
|
:rules,
|
1271
1282
|
:visibility_config,
|
1272
1283
|
:tags)
|
1284
|
+
SENSITIVE = []
|
1273
1285
|
include Aws::Structure
|
1274
1286
|
end
|
1275
1287
|
|
@@ -1285,6 +1297,7 @@ module Aws::WAFV2
|
|
1285
1297
|
#
|
1286
1298
|
class CreateRuleGroupResponse < Struct.new(
|
1287
1299
|
:summary)
|
1300
|
+
SENSITIVE = []
|
1288
1301
|
include Aws::Structure
|
1289
1302
|
end
|
1290
1303
|
|
@@ -1526,8 +1539,8 @@ module Aws::WAFV2
|
|
1526
1539
|
# }
|
1527
1540
|
#
|
1528
1541
|
# @!attribute [rw] name
|
1529
|
-
#
|
1530
|
-
#
|
1542
|
+
# The name of the Web ACL. You cannot change the name of a Web ACL
|
1543
|
+
# after you create it.
|
1531
1544
|
# @return [String]
|
1532
1545
|
#
|
1533
1546
|
# @!attribute [rw] scope
|
@@ -1538,7 +1551,7 @@ module Aws::WAFV2
|
|
1538
1551
|
# To work with CloudFront, you must also specify the Region US East
|
1539
1552
|
# (N. Virginia) as follows:
|
1540
1553
|
#
|
1541
|
-
# * CLI - Specify the
|
1554
|
+
# * CLI - Specify the Region when you use the CloudFront scope:
|
1542
1555
|
# `--scope=CLOUDFRONT --region=us-east-1`.
|
1543
1556
|
#
|
1544
1557
|
# * API and SDKs - For all calls, use the Region endpoint us-east-1.
|
@@ -1550,8 +1563,8 @@ module Aws::WAFV2
|
|
1550
1563
|
# @return [Types::DefaultAction]
|
1551
1564
|
#
|
1552
1565
|
# @!attribute [rw] description
|
1553
|
-
# A
|
1554
|
-
# description of a Web ACL after you create it.
|
1566
|
+
# A description of the Web ACL that helps with identification. You
|
1567
|
+
# cannot change the description of a Web ACL after you create it.
|
1555
1568
|
# @return [String]
|
1556
1569
|
#
|
1557
1570
|
# @!attribute [rw] rules
|
@@ -1580,6 +1593,7 @@ module Aws::WAFV2
|
|
1580
1593
|
:rules,
|
1581
1594
|
:visibility_config,
|
1582
1595
|
:tags)
|
1596
|
+
SENSITIVE = []
|
1583
1597
|
include Aws::Structure
|
1584
1598
|
end
|
1585
1599
|
|
@@ -1594,6 +1608,7 @@ module Aws::WAFV2
|
|
1594
1608
|
#
|
1595
1609
|
class CreateWebACLResponse < Struct.new(
|
1596
1610
|
:summary)
|
1611
|
+
SENSITIVE = []
|
1597
1612
|
include Aws::Structure
|
1598
1613
|
end
|
1599
1614
|
|
@@ -1635,6 +1650,60 @@ module Aws::WAFV2
|
|
1635
1650
|
class DefaultAction < Struct.new(
|
1636
1651
|
:block,
|
1637
1652
|
:allow)
|
1653
|
+
SENSITIVE = []
|
1654
|
+
include Aws::Structure
|
1655
|
+
end
|
1656
|
+
|
1657
|
+
# @note When making an API call, you may pass DeleteFirewallManagerRuleGroupsRequest
|
1658
|
+
# data as a hash:
|
1659
|
+
#
|
1660
|
+
# {
|
1661
|
+
# web_acl_arn: "ResourceArn", # required
|
1662
|
+
# web_acl_lock_token: "LockToken", # required
|
1663
|
+
# }
|
1664
|
+
#
|
1665
|
+
# @!attribute [rw] web_acl_arn
|
1666
|
+
# The Amazon Resource Name (ARN) of the web ACL.
|
1667
|
+
# @return [String]
|
1668
|
+
#
|
1669
|
+
# @!attribute [rw] web_acl_lock_token
|
1670
|
+
# A token used for optimistic locking. AWS WAF returns a token to your
|
1671
|
+
# get and list requests, to mark the state of the entity at the time
|
1672
|
+
# of the request. To make changes to the entity associated with the
|
1673
|
+
# token, you provide the token to operations like update and delete.
|
1674
|
+
# AWS WAF uses the token to ensure that no changes have been made to
|
1675
|
+
# the entity since you last retrieved it. If a change has been made,
|
1676
|
+
# the update fails with a `WAFOptimisticLockException`. If this
|
1677
|
+
# happens, perform another get, and use the new token returned by that
|
1678
|
+
# operation.
|
1679
|
+
# @return [String]
|
1680
|
+
#
|
1681
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/DeleteFirewallManagerRuleGroupsRequest AWS API Documentation
|
1682
|
+
#
|
1683
|
+
class DeleteFirewallManagerRuleGroupsRequest < Struct.new(
|
1684
|
+
:web_acl_arn,
|
1685
|
+
:web_acl_lock_token)
|
1686
|
+
SENSITIVE = []
|
1687
|
+
include Aws::Structure
|
1688
|
+
end
|
1689
|
+
|
1690
|
+
# @!attribute [rw] next_web_acl_lock_token
|
1691
|
+
# A token used for optimistic locking. AWS WAF returns a token to your
|
1692
|
+
# get and list requests, to mark the state of the entity at the time
|
1693
|
+
# of the request. To make changes to the entity associated with the
|
1694
|
+
# token, you provide the token to operations like update and delete.
|
1695
|
+
# AWS WAF uses the token to ensure that no changes have been made to
|
1696
|
+
# the entity since you last retrieved it. If a change has been made,
|
1697
|
+
# the update fails with a `WAFOptimisticLockException`. If this
|
1698
|
+
# happens, perform another get, and use the new token returned by that
|
1699
|
+
# operation.
|
1700
|
+
# @return [String]
|
1701
|
+
#
|
1702
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/DeleteFirewallManagerRuleGroupsResponse AWS API Documentation
|
1703
|
+
#
|
1704
|
+
class DeleteFirewallManagerRuleGroupsResponse < Struct.new(
|
1705
|
+
:next_web_acl_lock_token)
|
1706
|
+
SENSITIVE = []
|
1638
1707
|
include Aws::Structure
|
1639
1708
|
end
|
1640
1709
|
|
@@ -1649,8 +1718,8 @@ module Aws::WAFV2
|
|
1649
1718
|
# }
|
1650
1719
|
#
|
1651
1720
|
# @!attribute [rw] name
|
1652
|
-
#
|
1653
|
-
#
|
1721
|
+
# The name of the IP set. You cannot change the name of an `IPSet`
|
1722
|
+
# after you create it.
|
1654
1723
|
# @return [String]
|
1655
1724
|
#
|
1656
1725
|
# @!attribute [rw] scope
|
@@ -1661,7 +1730,7 @@ module Aws::WAFV2
|
|
1661
1730
|
# To work with CloudFront, you must also specify the Region US East
|
1662
1731
|
# (N. Virginia) as follows:
|
1663
1732
|
#
|
1664
|
-
# * CLI - Specify the
|
1733
|
+
# * CLI - Specify the Region when you use the CloudFront scope:
|
1665
1734
|
# `--scope=CLOUDFRONT --region=us-east-1`.
|
1666
1735
|
#
|
1667
1736
|
# * API and SDKs - For all calls, use the Region endpoint us-east-1.
|
@@ -1692,6 +1761,7 @@ module Aws::WAFV2
|
|
1692
1761
|
:scope,
|
1693
1762
|
:id,
|
1694
1763
|
:lock_token)
|
1764
|
+
SENSITIVE = []
|
1695
1765
|
include Aws::Structure
|
1696
1766
|
end
|
1697
1767
|
|
@@ -1715,6 +1785,7 @@ module Aws::WAFV2
|
|
1715
1785
|
#
|
1716
1786
|
class DeleteLoggingConfigurationRequest < Struct.new(
|
1717
1787
|
:resource_arn)
|
1788
|
+
SENSITIVE = []
|
1718
1789
|
include Aws::Structure
|
1719
1790
|
end
|
1720
1791
|
|
@@ -1722,6 +1793,32 @@ module Aws::WAFV2
|
|
1722
1793
|
#
|
1723
1794
|
class DeleteLoggingConfigurationResponse < Aws::EmptyStructure; end
|
1724
1795
|
|
1796
|
+
# @note When making an API call, you may pass DeletePermissionPolicyRequest
|
1797
|
+
# data as a hash:
|
1798
|
+
#
|
1799
|
+
# {
|
1800
|
+
# resource_arn: "ResourceArn", # required
|
1801
|
+
# }
|
1802
|
+
#
|
1803
|
+
# @!attribute [rw] resource_arn
|
1804
|
+
# The Amazon Resource Name (ARN) of the rule group from which you want
|
1805
|
+
# to delete the policy.
|
1806
|
+
#
|
1807
|
+
# You must be the owner of the rule group to perform this operation.
|
1808
|
+
# @return [String]
|
1809
|
+
#
|
1810
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/DeletePermissionPolicyRequest AWS API Documentation
|
1811
|
+
#
|
1812
|
+
class DeletePermissionPolicyRequest < Struct.new(
|
1813
|
+
:resource_arn)
|
1814
|
+
SENSITIVE = []
|
1815
|
+
include Aws::Structure
|
1816
|
+
end
|
1817
|
+
|
1818
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/DeletePermissionPolicyResponse AWS API Documentation
|
1819
|
+
#
|
1820
|
+
class DeletePermissionPolicyResponse < Aws::EmptyStructure; end
|
1821
|
+
|
1725
1822
|
# @note When making an API call, you may pass DeleteRegexPatternSetRequest
|
1726
1823
|
# data as a hash:
|
1727
1824
|
#
|
@@ -1733,8 +1830,8 @@ module Aws::WAFV2
|
|
1733
1830
|
# }
|
1734
1831
|
#
|
1735
1832
|
# @!attribute [rw] name
|
1736
|
-
#
|
1737
|
-
#
|
1833
|
+
# The name of the set. You cannot change the name after you create the
|
1834
|
+
# set.
|
1738
1835
|
# @return [String]
|
1739
1836
|
#
|
1740
1837
|
# @!attribute [rw] scope
|
@@ -1745,7 +1842,7 @@ module Aws::WAFV2
|
|
1745
1842
|
# To work with CloudFront, you must also specify the Region US East
|
1746
1843
|
# (N. Virginia) as follows:
|
1747
1844
|
#
|
1748
|
-
# * CLI - Specify the
|
1845
|
+
# * CLI - Specify the Region when you use the CloudFront scope:
|
1749
1846
|
# `--scope=CLOUDFRONT --region=us-east-1`.
|
1750
1847
|
#
|
1751
1848
|
# * API and SDKs - For all calls, use the Region endpoint us-east-1.
|
@@ -1776,6 +1873,7 @@ module Aws::WAFV2
|
|
1776
1873
|
:scope,
|
1777
1874
|
:id,
|
1778
1875
|
:lock_token)
|
1876
|
+
SENSITIVE = []
|
1779
1877
|
include Aws::Structure
|
1780
1878
|
end
|
1781
1879
|
|
@@ -1794,8 +1892,8 @@ module Aws::WAFV2
|
|
1794
1892
|
# }
|
1795
1893
|
#
|
1796
1894
|
# @!attribute [rw] name
|
1797
|
-
#
|
1798
|
-
#
|
1895
|
+
# The name of the rule group. You cannot change the name of a rule
|
1896
|
+
# group after you create it.
|
1799
1897
|
# @return [String]
|
1800
1898
|
#
|
1801
1899
|
# @!attribute [rw] scope
|
@@ -1806,7 +1904,7 @@ module Aws::WAFV2
|
|
1806
1904
|
# To work with CloudFront, you must also specify the Region US East
|
1807
1905
|
# (N. Virginia) as follows:
|
1808
1906
|
#
|
1809
|
-
# * CLI - Specify the
|
1907
|
+
# * CLI - Specify the Region when you use the CloudFront scope:
|
1810
1908
|
# `--scope=CLOUDFRONT --region=us-east-1`.
|
1811
1909
|
#
|
1812
1910
|
# * API and SDKs - For all calls, use the Region endpoint us-east-1.
|
@@ -1837,6 +1935,7 @@ module Aws::WAFV2
|
|
1837
1935
|
:scope,
|
1838
1936
|
:id,
|
1839
1937
|
:lock_token)
|
1938
|
+
SENSITIVE = []
|
1840
1939
|
include Aws::Structure
|
1841
1940
|
end
|
1842
1941
|
|
@@ -1855,8 +1954,8 @@ module Aws::WAFV2
|
|
1855
1954
|
# }
|
1856
1955
|
#
|
1857
1956
|
# @!attribute [rw] name
|
1858
|
-
#
|
1859
|
-
#
|
1957
|
+
# The name of the Web ACL. You cannot change the name of a Web ACL
|
1958
|
+
# after you create it.
|
1860
1959
|
# @return [String]
|
1861
1960
|
#
|
1862
1961
|
# @!attribute [rw] scope
|
@@ -1867,7 +1966,7 @@ module Aws::WAFV2
|
|
1867
1966
|
# To work with CloudFront, you must also specify the Region US East
|
1868
1967
|
# (N. Virginia) as follows:
|
1869
1968
|
#
|
1870
|
-
# * CLI - Specify the
|
1969
|
+
# * CLI - Specify the Region when you use the CloudFront scope:
|
1871
1970
|
# `--scope=CLOUDFRONT --region=us-east-1`.
|
1872
1971
|
#
|
1873
1972
|
# * API and SDKs - For all calls, use the Region endpoint us-east-1.
|
@@ -1898,6 +1997,7 @@ module Aws::WAFV2
|
|
1898
1997
|
:scope,
|
1899
1998
|
:id,
|
1900
1999
|
:lock_token)
|
2000
|
+
SENSITIVE = []
|
1901
2001
|
include Aws::Structure
|
1902
2002
|
end
|
1903
2003
|
|
@@ -1932,7 +2032,7 @@ module Aws::WAFV2
|
|
1932
2032
|
# To work with CloudFront, you must also specify the Region US East
|
1933
2033
|
# (N. Virginia) as follows:
|
1934
2034
|
#
|
1935
|
-
# * CLI - Specify the
|
2035
|
+
# * CLI - Specify the Region when you use the CloudFront scope:
|
1936
2036
|
# `--scope=CLOUDFRONT --region=us-east-1`.
|
1937
2037
|
#
|
1938
2038
|
# * API and SDKs - For all calls, use the Region endpoint us-east-1.
|
@@ -1944,6 +2044,7 @@ module Aws::WAFV2
|
|
1944
2044
|
:vendor_name,
|
1945
2045
|
:name,
|
1946
2046
|
:scope)
|
2047
|
+
SENSITIVE = []
|
1947
2048
|
include Aws::Structure
|
1948
2049
|
end
|
1949
2050
|
|
@@ -1965,6 +2066,7 @@ module Aws::WAFV2
|
|
1965
2066
|
class DescribeManagedRuleGroupResponse < Struct.new(
|
1966
2067
|
:capacity,
|
1967
2068
|
:rules)
|
2069
|
+
SENSITIVE = []
|
1968
2070
|
include Aws::Structure
|
1969
2071
|
end
|
1970
2072
|
|
@@ -1993,6 +2095,7 @@ module Aws::WAFV2
|
|
1993
2095
|
#
|
1994
2096
|
class DisassociateWebACLRequest < Struct.new(
|
1995
2097
|
:resource_arn)
|
2098
|
+
SENSITIVE = []
|
1996
2099
|
include Aws::Structure
|
1997
2100
|
end
|
1998
2101
|
|
@@ -2031,6 +2134,7 @@ module Aws::WAFV2
|
|
2031
2134
|
#
|
2032
2135
|
class ExcludedRule < Struct.new(
|
2033
2136
|
:name)
|
2137
|
+
SENSITIVE = []
|
2034
2138
|
include Aws::Structure
|
2035
2139
|
end
|
2036
2140
|
|
@@ -2042,8 +2146,11 @@ module Aws::WAFV2
|
|
2042
2146
|
# </note>
|
2043
2147
|
#
|
2044
2148
|
# The part of a web request that you want AWS WAF to inspect. Include
|
2045
|
-
# the `FieldToMatch`
|
2046
|
-
# specifications as needed, according to the type.
|
2149
|
+
# the single `FieldToMatch` type that you want to inspect, with
|
2150
|
+
# additional specifications as needed, according to the type. You
|
2151
|
+
# specify a single request component in `FieldToMatch` for each rule
|
2152
|
+
# statement that requires it. To inspect more than one component of a
|
2153
|
+
# web request, create a separate rule statement for each component.
|
2047
2154
|
#
|
2048
2155
|
#
|
2049
2156
|
#
|
@@ -2132,6 +2239,131 @@ module Aws::WAFV2
|
|
2132
2239
|
:query_string,
|
2133
2240
|
:body,
|
2134
2241
|
:method)
|
2242
|
+
SENSITIVE = []
|
2243
|
+
include Aws::Structure
|
2244
|
+
end
|
2245
|
+
|
2246
|
+
# A rule group that's defined for an AWS Firewall Manager WAF policy.
|
2247
|
+
#
|
2248
|
+
# @!attribute [rw] name
|
2249
|
+
# The name of the rule group. You cannot change the name of a rule
|
2250
|
+
# group after you create it.
|
2251
|
+
# @return [String]
|
2252
|
+
#
|
2253
|
+
# @!attribute [rw] priority
|
2254
|
+
# If you define more than one rule group in the first or last Firewall
|
2255
|
+
# Manager rule groups, AWS WAF evaluates each request against the rule
|
2256
|
+
# groups in order, starting from the lowest priority setting. The
|
2257
|
+
# priorities don't need to be consecutive, but they must all be
|
2258
|
+
# different.
|
2259
|
+
# @return [Integer]
|
2260
|
+
#
|
2261
|
+
# @!attribute [rw] firewall_manager_statement
|
2262
|
+
# The processing guidance for an AWS Firewall Manager rule. This is
|
2263
|
+
# like a regular rule Statement, but it can only contain a rule group
|
2264
|
+
# reference.
|
2265
|
+
# @return [Types::FirewallManagerStatement]
|
2266
|
+
#
|
2267
|
+
# @!attribute [rw] override_action
|
2268
|
+
# The override action to apply to the rules in a rule group. Used only
|
2269
|
+
# for rule statements that reference a rule group, like
|
2270
|
+
# `RuleGroupReferenceStatement` and `ManagedRuleGroupStatement`.
|
2271
|
+
#
|
2272
|
+
# Set the override action to none to leave the rule actions in effect.
|
2273
|
+
# Set it to count to only count matches, regardless of the rule action
|
2274
|
+
# settings.
|
2275
|
+
#
|
2276
|
+
# In a Rule, you must specify either this `OverrideAction` setting or
|
2277
|
+
# the rule `Action` setting, but not both:
|
2278
|
+
#
|
2279
|
+
# * If the rule statement references a rule group, use this override
|
2280
|
+
# action setting and not the action setting.
|
2281
|
+
#
|
2282
|
+
# * If the rule statement does not reference a rule group, use the
|
2283
|
+
# rule action setting and not this rule override action setting.
|
2284
|
+
# @return [Types::OverrideAction]
|
2285
|
+
#
|
2286
|
+
# @!attribute [rw] visibility_config
|
2287
|
+
# <note markdown="1"> This is the latest version of **AWS WAF**, named AWS WAFV2, released
|
2288
|
+
# in November, 2019. For information, including how to migrate your
|
2289
|
+
# AWS WAF resources from the prior release, see the [AWS WAF Developer
|
2290
|
+
# Guide][1].
|
2291
|
+
#
|
2292
|
+
# </note>
|
2293
|
+
#
|
2294
|
+
# Defines and enables Amazon CloudWatch metrics and web request sample
|
2295
|
+
# collection.
|
2296
|
+
#
|
2297
|
+
#
|
2298
|
+
#
|
2299
|
+
# [1]: https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html
|
2300
|
+
# @return [Types::VisibilityConfig]
|
2301
|
+
#
|
2302
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/FirewallManagerRuleGroup AWS API Documentation
|
2303
|
+
#
|
2304
|
+
class FirewallManagerRuleGroup < Struct.new(
|
2305
|
+
:name,
|
2306
|
+
:priority,
|
2307
|
+
:firewall_manager_statement,
|
2308
|
+
:override_action,
|
2309
|
+
:visibility_config)
|
2310
|
+
SENSITIVE = []
|
2311
|
+
include Aws::Structure
|
2312
|
+
end
|
2313
|
+
|
2314
|
+
# The processing guidance for an AWS Firewall Manager rule. This is like
|
2315
|
+
# a regular rule Statement, but it can only contain a rule group
|
2316
|
+
# reference.
|
2317
|
+
#
|
2318
|
+
# @!attribute [rw] managed_rule_group_statement
|
2319
|
+
# <note markdown="1"> This is the latest version of **AWS WAF**, named AWS WAFV2, released
|
2320
|
+
# in November, 2019. For information, including how to migrate your
|
2321
|
+
# AWS WAF resources from the prior release, see the [AWS WAF Developer
|
2322
|
+
# Guide][1].
|
2323
|
+
#
|
2324
|
+
# </note>
|
2325
|
+
#
|
2326
|
+
# A rule statement used to run the rules that are defined in a managed
|
2327
|
+
# rule group. To use this, provide the vendor name and the name of the
|
2328
|
+
# rule group in this statement. You can retrieve the required names by
|
2329
|
+
# calling ListAvailableManagedRuleGroups.
|
2330
|
+
#
|
2331
|
+
# You can't nest a `ManagedRuleGroupStatement`, for example for use
|
2332
|
+
# inside a `NotStatement` or `OrStatement`. It can only be referenced
|
2333
|
+
# as a top-level statement within a rule.
|
2334
|
+
#
|
2335
|
+
#
|
2336
|
+
#
|
2337
|
+
# [1]: https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html
|
2338
|
+
# @return [Types::ManagedRuleGroupStatement]
|
2339
|
+
#
|
2340
|
+
# @!attribute [rw] rule_group_reference_statement
|
2341
|
+
# <note markdown="1"> This is the latest version of **AWS WAF**, named AWS WAFV2, released
|
2342
|
+
# in November, 2019. For information, including how to migrate your
|
2343
|
+
# AWS WAF resources from the prior release, see the [AWS WAF Developer
|
2344
|
+
# Guide][1].
|
2345
|
+
#
|
2346
|
+
# </note>
|
2347
|
+
#
|
2348
|
+
# A rule statement used to run the rules that are defined in a
|
2349
|
+
# RuleGroup. To use this, create a rule group with your rules, then
|
2350
|
+
# provide the ARN of the rule group in this statement.
|
2351
|
+
#
|
2352
|
+
# You cannot nest a `RuleGroupReferenceStatement`, for example for use
|
2353
|
+
# inside a `NotStatement` or `OrStatement`. It can only be referenced
|
2354
|
+
# as a top-level statement within a rule.
|
2355
|
+
#
|
2356
|
+
#
|
2357
|
+
#
|
2358
|
+
# [1]: https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html
|
2359
|
+
# @return [Types::RuleGroupReferenceStatement]
|
2360
|
+
#
|
2361
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/FirewallManagerStatement AWS API Documentation
|
2362
|
+
#
|
2363
|
+
class FirewallManagerStatement < Struct.new(
|
2364
|
+
:managed_rule_group_statement,
|
2365
|
+
:rule_group_reference_statement)
|
2366
|
+
SENSITIVE = []
|
2135
2367
|
include Aws::Structure
|
2136
2368
|
end
|
2137
2369
|
|
@@ -2166,6 +2398,7 @@ module Aws::WAFV2
|
|
2166
2398
|
#
|
2167
2399
|
class GeoMatchStatement < Struct.new(
|
2168
2400
|
:country_codes)
|
2401
|
+
SENSITIVE = []
|
2169
2402
|
include Aws::Structure
|
2170
2403
|
end
|
2171
2404
|
|
@@ -2179,8 +2412,8 @@ module Aws::WAFV2
|
|
2179
2412
|
# }
|
2180
2413
|
#
|
2181
2414
|
# @!attribute [rw] name
|
2182
|
-
#
|
2183
|
-
#
|
2415
|
+
# The name of the IP set. You cannot change the name of an `IPSet`
|
2416
|
+
# after you create it.
|
2184
2417
|
# @return [String]
|
2185
2418
|
#
|
2186
2419
|
# @!attribute [rw] scope
|
@@ -2191,7 +2424,7 @@ module Aws::WAFV2
|
|
2191
2424
|
# To work with CloudFront, you must also specify the Region US East
|
2192
2425
|
# (N. Virginia) as follows:
|
2193
2426
|
#
|
2194
|
-
# * CLI - Specify the
|
2427
|
+
# * CLI - Specify the Region when you use the CloudFront scope:
|
2195
2428
|
# `--scope=CLOUDFRONT --region=us-east-1`.
|
2196
2429
|
#
|
2197
2430
|
# * API and SDKs - For all calls, use the Region endpoint us-east-1.
|
@@ -2209,6 +2442,7 @@ module Aws::WAFV2
|
|
2209
2442
|
:name,
|
2210
2443
|
:scope,
|
2211
2444
|
:id)
|
2445
|
+
SENSITIVE = []
|
2212
2446
|
include Aws::Structure
|
2213
2447
|
end
|
2214
2448
|
|
@@ -2232,6 +2466,7 @@ module Aws::WAFV2
|
|
2232
2466
|
class GetIPSetResponse < Struct.new(
|
2233
2467
|
:ip_set,
|
2234
2468
|
:lock_token)
|
2469
|
+
SENSITIVE = []
|
2235
2470
|
include Aws::Structure
|
2236
2471
|
end
|
2237
2472
|
|
@@ -2251,6 +2486,7 @@ module Aws::WAFV2
|
|
2251
2486
|
#
|
2252
2487
|
class GetLoggingConfigurationRequest < Struct.new(
|
2253
2488
|
:resource_arn)
|
2489
|
+
SENSITIVE = []
|
2254
2490
|
include Aws::Structure
|
2255
2491
|
end
|
2256
2492
|
|
@@ -2262,6 +2498,39 @@ module Aws::WAFV2
|
|
2262
2498
|
#
|
2263
2499
|
class GetLoggingConfigurationResponse < Struct.new(
|
2264
2500
|
:logging_configuration)
|
2501
|
+
SENSITIVE = []
|
2502
|
+
include Aws::Structure
|
2503
|
+
end
|
2504
|
+
|
2505
|
+
# @note When making an API call, you may pass GetPermissionPolicyRequest
|
2506
|
+
# data as a hash:
|
2507
|
+
#
|
2508
|
+
# {
|
2509
|
+
# resource_arn: "ResourceArn", # required
|
2510
|
+
# }
|
2511
|
+
#
|
2512
|
+
# @!attribute [rw] resource_arn
|
2513
|
+
# The Amazon Resource Name (ARN) of the rule group for which you want
|
2514
|
+
# to get the policy.
|
2515
|
+
# @return [String]
|
2516
|
+
#
|
2517
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/GetPermissionPolicyRequest AWS API Documentation
|
2518
|
+
#
|
2519
|
+
class GetPermissionPolicyRequest < Struct.new(
|
2520
|
+
:resource_arn)
|
2521
|
+
SENSITIVE = []
|
2522
|
+
include Aws::Structure
|
2523
|
+
end
|
2524
|
+
|
2525
|
+
# @!attribute [rw] policy
|
2526
|
+
# The IAM policy that is attached to the specified rule group.
|
2527
|
+
# @return [String]
|
2528
|
+
#
|
2529
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/GetPermissionPolicyResponse AWS API Documentation
|
2530
|
+
#
|
2531
|
+
class GetPermissionPolicyResponse < Struct.new(
|
2532
|
+
:policy)
|
2533
|
+
SENSITIVE = []
|
2265
2534
|
include Aws::Structure
|
2266
2535
|
end
|
2267
2536
|
|
@@ -2283,15 +2552,15 @@ module Aws::WAFV2
|
|
2283
2552
|
# To work with CloudFront, you must also specify the Region US East
|
2284
2553
|
# (N. Virginia) as follows:
|
2285
2554
|
#
|
2286
|
-
# * CLI - Specify the
|
2555
|
+
# * CLI - Specify the Region when you use the CloudFront scope:
|
2287
2556
|
# `--scope=CLOUDFRONT --region=us-east-1`.
|
2288
2557
|
#
|
2289
2558
|
# * API and SDKs - For all calls, use the Region endpoint us-east-1.
|
2290
2559
|
# @return [String]
|
2291
2560
|
#
|
2292
2561
|
# @!attribute [rw] web_acl_name
|
2293
|
-
#
|
2294
|
-
#
|
2562
|
+
# The name of the Web ACL. You cannot change the name of a Web ACL
|
2563
|
+
# after you create it.
|
2295
2564
|
# @return [String]
|
2296
2565
|
#
|
2297
2566
|
# @!attribute [rw] web_acl_id
|
@@ -2311,6 +2580,7 @@ module Aws::WAFV2
|
|
2311
2580
|
:web_acl_name,
|
2312
2581
|
:web_acl_id,
|
2313
2582
|
:rule_name)
|
2583
|
+
SENSITIVE = []
|
2314
2584
|
include Aws::Structure
|
2315
2585
|
end
|
2316
2586
|
|
@@ -2327,6 +2597,7 @@ module Aws::WAFV2
|
|
2327
2597
|
class GetRateBasedStatementManagedKeysResponse < Struct.new(
|
2328
2598
|
:managed_keys_ipv4,
|
2329
2599
|
:managed_keys_ipv6)
|
2600
|
+
SENSITIVE = []
|
2330
2601
|
include Aws::Structure
|
2331
2602
|
end
|
2332
2603
|
|
@@ -2340,8 +2611,8 @@ module Aws::WAFV2
|
|
2340
2611
|
# }
|
2341
2612
|
#
|
2342
2613
|
# @!attribute [rw] name
|
2343
|
-
#
|
2344
|
-
#
|
2614
|
+
# The name of the set. You cannot change the name after you create the
|
2615
|
+
# set.
|
2345
2616
|
# @return [String]
|
2346
2617
|
#
|
2347
2618
|
# @!attribute [rw] scope
|
@@ -2352,7 +2623,7 @@ module Aws::WAFV2
|
|
2352
2623
|
# To work with CloudFront, you must also specify the Region US East
|
2353
2624
|
# (N. Virginia) as follows:
|
2354
2625
|
#
|
2355
|
-
# * CLI - Specify the
|
2626
|
+
# * CLI - Specify the Region when you use the CloudFront scope:
|
2356
2627
|
# `--scope=CLOUDFRONT --region=us-east-1`.
|
2357
2628
|
#
|
2358
2629
|
# * API and SDKs - For all calls, use the Region endpoint us-east-1.
|
@@ -2370,6 +2641,7 @@ module Aws::WAFV2
|
|
2370
2641
|
:name,
|
2371
2642
|
:scope,
|
2372
2643
|
:id)
|
2644
|
+
SENSITIVE = []
|
2373
2645
|
include Aws::Structure
|
2374
2646
|
end
|
2375
2647
|
|
@@ -2393,6 +2665,7 @@ module Aws::WAFV2
|
|
2393
2665
|
class GetRegexPatternSetResponse < Struct.new(
|
2394
2666
|
:regex_pattern_set,
|
2395
2667
|
:lock_token)
|
2668
|
+
SENSITIVE = []
|
2396
2669
|
include Aws::Structure
|
2397
2670
|
end
|
2398
2671
|
|
@@ -2406,8 +2679,8 @@ module Aws::WAFV2
|
|
2406
2679
|
# }
|
2407
2680
|
#
|
2408
2681
|
# @!attribute [rw] name
|
2409
|
-
#
|
2410
|
-
#
|
2682
|
+
# The name of the rule group. You cannot change the name of a rule
|
2683
|
+
# group after you create it.
|
2411
2684
|
# @return [String]
|
2412
2685
|
#
|
2413
2686
|
# @!attribute [rw] scope
|
@@ -2418,7 +2691,7 @@ module Aws::WAFV2
|
|
2418
2691
|
# To work with CloudFront, you must also specify the Region US East
|
2419
2692
|
# (N. Virginia) as follows:
|
2420
2693
|
#
|
2421
|
-
# * CLI - Specify the
|
2694
|
+
# * CLI - Specify the Region when you use the CloudFront scope:
|
2422
2695
|
# `--scope=CLOUDFRONT --region=us-east-1`.
|
2423
2696
|
#
|
2424
2697
|
# * API and SDKs - For all calls, use the Region endpoint us-east-1.
|
@@ -2436,6 +2709,7 @@ module Aws::WAFV2
|
|
2436
2709
|
:name,
|
2437
2710
|
:scope,
|
2438
2711
|
:id)
|
2712
|
+
SENSITIVE = []
|
2439
2713
|
include Aws::Structure
|
2440
2714
|
end
|
2441
2715
|
|
@@ -2459,6 +2733,7 @@ module Aws::WAFV2
|
|
2459
2733
|
class GetRuleGroupResponse < Struct.new(
|
2460
2734
|
:rule_group,
|
2461
2735
|
:lock_token)
|
2736
|
+
SENSITIVE = []
|
2462
2737
|
include Aws::Structure
|
2463
2738
|
end
|
2464
2739
|
|
@@ -2494,7 +2769,7 @@ module Aws::WAFV2
|
|
2494
2769
|
# To work with CloudFront, you must also specify the Region US East
|
2495
2770
|
# (N. Virginia) as follows:
|
2496
2771
|
#
|
2497
|
-
# * CLI - Specify the
|
2772
|
+
# * CLI - Specify the Region when you use the CloudFront scope:
|
2498
2773
|
# `--scope=CLOUDFRONT --region=us-east-1`.
|
2499
2774
|
#
|
2500
2775
|
# * API and SDKs - For all calls, use the Region endpoint us-east-1.
|
@@ -2524,6 +2799,7 @@ module Aws::WAFV2
|
|
2524
2799
|
:scope,
|
2525
2800
|
:time_window,
|
2526
2801
|
:max_items)
|
2802
|
+
SENSITIVE = []
|
2527
2803
|
include Aws::Structure
|
2528
2804
|
end
|
2529
2805
|
|
@@ -2553,6 +2829,7 @@ module Aws::WAFV2
|
|
2553
2829
|
:sampled_requests,
|
2554
2830
|
:population_size,
|
2555
2831
|
:time_window)
|
2832
|
+
SENSITIVE = []
|
2556
2833
|
include Aws::Structure
|
2557
2834
|
end
|
2558
2835
|
|
@@ -2571,6 +2848,7 @@ module Aws::WAFV2
|
|
2571
2848
|
#
|
2572
2849
|
class GetWebACLForResourceRequest < Struct.new(
|
2573
2850
|
:resource_arn)
|
2851
|
+
SENSITIVE = []
|
2574
2852
|
include Aws::Structure
|
2575
2853
|
end
|
2576
2854
|
|
@@ -2583,6 +2861,7 @@ module Aws::WAFV2
|
|
2583
2861
|
#
|
2584
2862
|
class GetWebACLForResourceResponse < Struct.new(
|
2585
2863
|
:web_acl)
|
2864
|
+
SENSITIVE = []
|
2586
2865
|
include Aws::Structure
|
2587
2866
|
end
|
2588
2867
|
|
@@ -2596,8 +2875,8 @@ module Aws::WAFV2
|
|
2596
2875
|
# }
|
2597
2876
|
#
|
2598
2877
|
# @!attribute [rw] name
|
2599
|
-
#
|
2600
|
-
#
|
2878
|
+
# The name of the Web ACL. You cannot change the name of a Web ACL
|
2879
|
+
# after you create it.
|
2601
2880
|
# @return [String]
|
2602
2881
|
#
|
2603
2882
|
# @!attribute [rw] scope
|
@@ -2608,7 +2887,7 @@ module Aws::WAFV2
|
|
2608
2887
|
# To work with CloudFront, you must also specify the Region US East
|
2609
2888
|
# (N. Virginia) as follows:
|
2610
2889
|
#
|
2611
|
-
# * CLI - Specify the
|
2890
|
+
# * CLI - Specify the Region when you use the CloudFront scope:
|
2612
2891
|
# `--scope=CLOUDFRONT --region=us-east-1`.
|
2613
2892
|
#
|
2614
2893
|
# * API and SDKs - For all calls, use the Region endpoint us-east-1.
|
@@ -2626,6 +2905,7 @@ module Aws::WAFV2
|
|
2626
2905
|
:name,
|
2627
2906
|
:scope,
|
2628
2907
|
:id)
|
2908
|
+
SENSITIVE = []
|
2629
2909
|
include Aws::Structure
|
2630
2910
|
end
|
2631
2911
|
|
@@ -2651,6 +2931,7 @@ module Aws::WAFV2
|
|
2651
2931
|
class GetWebACLResponse < Struct.new(
|
2652
2932
|
:web_acl,
|
2653
2933
|
:lock_token)
|
2934
|
+
SENSITIVE = []
|
2654
2935
|
include Aws::Structure
|
2655
2936
|
end
|
2656
2937
|
|
@@ -2683,6 +2964,7 @@ module Aws::WAFV2
|
|
2683
2964
|
class HTTPHeader < Struct.new(
|
2684
2965
|
:name,
|
2685
2966
|
:value)
|
2967
|
+
SENSITIVE = []
|
2686
2968
|
include Aws::Structure
|
2687
2969
|
end
|
2688
2970
|
|
@@ -2751,6 +3033,7 @@ module Aws::WAFV2
|
|
2751
3033
|
:method,
|
2752
3034
|
:http_version,
|
2753
3035
|
:headers)
|
3036
|
+
SENSITIVE = []
|
2754
3037
|
include Aws::Structure
|
2755
3038
|
end
|
2756
3039
|
|
@@ -2776,8 +3059,8 @@ module Aws::WAFV2
|
|
2776
3059
|
# [2]: https://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing
|
2777
3060
|
#
|
2778
3061
|
# @!attribute [rw] name
|
2779
|
-
#
|
2780
|
-
#
|
3062
|
+
# The name of the IP set. You cannot change the name of an `IPSet`
|
3063
|
+
# after you create it.
|
2781
3064
|
# @return [String]
|
2782
3065
|
#
|
2783
3066
|
# @!attribute [rw] id
|
@@ -2791,8 +3074,8 @@ module Aws::WAFV2
|
|
2791
3074
|
# @return [String]
|
2792
3075
|
#
|
2793
3076
|
# @!attribute [rw] description
|
2794
|
-
# A
|
2795
|
-
# description of an IP set after you create it.
|
3077
|
+
# A description of the IP set that helps with identification. You
|
3078
|
+
# cannot change the description of an IP set after you create it.
|
2796
3079
|
# @return [String]
|
2797
3080
|
#
|
2798
3081
|
# @!attribute [rw] ip_address_version
|
@@ -2843,6 +3126,7 @@ module Aws::WAFV2
|
|
2843
3126
|
:description,
|
2844
3127
|
:ip_address_version,
|
2845
3128
|
:addresses)
|
3129
|
+
SENSITIVE = []
|
2846
3130
|
include Aws::Structure
|
2847
3131
|
end
|
2848
3132
|
|
@@ -2883,6 +3167,7 @@ module Aws::WAFV2
|
|
2883
3167
|
#
|
2884
3168
|
class IPSetReferenceStatement < Struct.new(
|
2885
3169
|
:arn)
|
3170
|
+
SENSITIVE = []
|
2886
3171
|
include Aws::Structure
|
2887
3172
|
end
|
2888
3173
|
|
@@ -2903,8 +3188,8 @@ module Aws::WAFV2
|
|
2903
3188
|
# [1]: https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html
|
2904
3189
|
#
|
2905
3190
|
# @!attribute [rw] name
|
2906
|
-
#
|
2907
|
-
#
|
3191
|
+
# The name of the IP set. You cannot change the name of an `IPSet`
|
3192
|
+
# after you create it.
|
2908
3193
|
# @return [String]
|
2909
3194
|
#
|
2910
3195
|
# @!attribute [rw] id
|
@@ -2914,8 +3199,8 @@ module Aws::WAFV2
|
|
2914
3199
|
# @return [String]
|
2915
3200
|
#
|
2916
3201
|
# @!attribute [rw] description
|
2917
|
-
# A
|
2918
|
-
# description of an IP set after you create it.
|
3202
|
+
# A description of the IP set that helps with identification. You
|
3203
|
+
# cannot change the description of an IP set after you create it.
|
2919
3204
|
# @return [String]
|
2920
3205
|
#
|
2921
3206
|
# @!attribute [rw] lock_token
|
@@ -2942,6 +3227,7 @@ module Aws::WAFV2
|
|
2942
3227
|
:description,
|
2943
3228
|
:lock_token,
|
2944
3229
|
:arn)
|
3230
|
+
SENSITIVE = []
|
2945
3231
|
include Aws::Structure
|
2946
3232
|
end
|
2947
3233
|
|
@@ -2962,7 +3248,7 @@ module Aws::WAFV2
|
|
2962
3248
|
# To work with CloudFront, you must also specify the Region US East
|
2963
3249
|
# (N. Virginia) as follows:
|
2964
3250
|
#
|
2965
|
-
# * CLI - Specify the
|
3251
|
+
# * CLI - Specify the Region when you use the CloudFront scope:
|
2966
3252
|
# `--scope=CLOUDFRONT --region=us-east-1`.
|
2967
3253
|
#
|
2968
3254
|
# * API and SDKs - For all calls, use the Region endpoint us-east-1.
|
@@ -2989,6 +3275,7 @@ module Aws::WAFV2
|
|
2989
3275
|
:scope,
|
2990
3276
|
:next_marker,
|
2991
3277
|
:limit)
|
3278
|
+
SENSITIVE = []
|
2992
3279
|
include Aws::Structure
|
2993
3280
|
end
|
2994
3281
|
|
@@ -3008,6 +3295,7 @@ module Aws::WAFV2
|
|
3008
3295
|
class ListAvailableManagedRuleGroupsResponse < Struct.new(
|
3009
3296
|
:next_marker,
|
3010
3297
|
:managed_rule_groups)
|
3298
|
+
SENSITIVE = []
|
3011
3299
|
include Aws::Structure
|
3012
3300
|
end
|
3013
3301
|
|
@@ -3028,7 +3316,7 @@ module Aws::WAFV2
|
|
3028
3316
|
# To work with CloudFront, you must also specify the Region US East
|
3029
3317
|
# (N. Virginia) as follows:
|
3030
3318
|
#
|
3031
|
-
# * CLI - Specify the
|
3319
|
+
# * CLI - Specify the Region when you use the CloudFront scope:
|
3032
3320
|
# `--scope=CLOUDFRONT --region=us-east-1`.
|
3033
3321
|
#
|
3034
3322
|
# * API and SDKs - For all calls, use the Region endpoint us-east-1.
|
@@ -3055,6 +3343,7 @@ module Aws::WAFV2
|
|
3055
3343
|
:scope,
|
3056
3344
|
:next_marker,
|
3057
3345
|
:limit)
|
3346
|
+
SENSITIVE = []
|
3058
3347
|
include Aws::Structure
|
3059
3348
|
end
|
3060
3349
|
|
@@ -3076,6 +3365,7 @@ module Aws::WAFV2
|
|
3076
3365
|
class ListIPSetsResponse < Struct.new(
|
3077
3366
|
:next_marker,
|
3078
3367
|
:ip_sets)
|
3368
|
+
SENSITIVE = []
|
3079
3369
|
include Aws::Structure
|
3080
3370
|
end
|
3081
3371
|
|
@@ -3096,7 +3386,7 @@ module Aws::WAFV2
|
|
3096
3386
|
# To work with CloudFront, you must also specify the Region US East
|
3097
3387
|
# (N. Virginia) as follows:
|
3098
3388
|
#
|
3099
|
-
# * CLI - Specify the
|
3389
|
+
# * CLI - Specify the Region when you use the CloudFront scope:
|
3100
3390
|
# `--scope=CLOUDFRONT --region=us-east-1`.
|
3101
3391
|
#
|
3102
3392
|
# * API and SDKs - For all calls, use the Region endpoint us-east-1.
|
@@ -3123,6 +3413,7 @@ module Aws::WAFV2
|
|
3123
3413
|
:scope,
|
3124
3414
|
:next_marker,
|
3125
3415
|
:limit)
|
3416
|
+
SENSITIVE = []
|
3126
3417
|
include Aws::Structure
|
3127
3418
|
end
|
3128
3419
|
|
@@ -3142,6 +3433,7 @@ module Aws::WAFV2
|
|
3142
3433
|
class ListLoggingConfigurationsResponse < Struct.new(
|
3143
3434
|
:logging_configurations,
|
3144
3435
|
:next_marker)
|
3436
|
+
SENSITIVE = []
|
3145
3437
|
include Aws::Structure
|
3146
3438
|
end
|
3147
3439
|
|
@@ -3162,7 +3454,7 @@ module Aws::WAFV2
|
|
3162
3454
|
# To work with CloudFront, you must also specify the Region US East
|
3163
3455
|
# (N. Virginia) as follows:
|
3164
3456
|
#
|
3165
|
-
# * CLI - Specify the
|
3457
|
+
# * CLI - Specify the Region when you use the CloudFront scope:
|
3166
3458
|
# `--scope=CLOUDFRONT --region=us-east-1`.
|
3167
3459
|
#
|
3168
3460
|
# * API and SDKs - For all calls, use the Region endpoint us-east-1.
|
@@ -3189,6 +3481,7 @@ module Aws::WAFV2
|
|
3189
3481
|
:scope,
|
3190
3482
|
:next_marker,
|
3191
3483
|
:limit)
|
3484
|
+
SENSITIVE = []
|
3192
3485
|
include Aws::Structure
|
3193
3486
|
end
|
3194
3487
|
|
@@ -3208,6 +3501,7 @@ module Aws::WAFV2
|
|
3208
3501
|
class ListRegexPatternSetsResponse < Struct.new(
|
3209
3502
|
:next_marker,
|
3210
3503
|
:regex_pattern_sets)
|
3504
|
+
SENSITIVE = []
|
3211
3505
|
include Aws::Structure
|
3212
3506
|
end
|
3213
3507
|
|
@@ -3234,6 +3528,7 @@ module Aws::WAFV2
|
|
3234
3528
|
class ListResourcesForWebACLRequest < Struct.new(
|
3235
3529
|
:web_acl_arn,
|
3236
3530
|
:resource_type)
|
3531
|
+
SENSITIVE = []
|
3237
3532
|
include Aws::Structure
|
3238
3533
|
end
|
3239
3534
|
|
@@ -3246,6 +3541,7 @@ module Aws::WAFV2
|
|
3246
3541
|
#
|
3247
3542
|
class ListResourcesForWebACLResponse < Struct.new(
|
3248
3543
|
:resource_arns)
|
3544
|
+
SENSITIVE = []
|
3249
3545
|
include Aws::Structure
|
3250
3546
|
end
|
3251
3547
|
|
@@ -3266,7 +3562,7 @@ module Aws::WAFV2
|
|
3266
3562
|
# To work with CloudFront, you must also specify the Region US East
|
3267
3563
|
# (N. Virginia) as follows:
|
3268
3564
|
#
|
3269
|
-
# * CLI - Specify the
|
3565
|
+
# * CLI - Specify the Region when you use the CloudFront scope:
|
3270
3566
|
# `--scope=CLOUDFRONT --region=us-east-1`.
|
3271
3567
|
#
|
3272
3568
|
# * API and SDKs - For all calls, use the Region endpoint us-east-1.
|
@@ -3293,6 +3589,7 @@ module Aws::WAFV2
|
|
3293
3589
|
:scope,
|
3294
3590
|
:next_marker,
|
3295
3591
|
:limit)
|
3592
|
+
SENSITIVE = []
|
3296
3593
|
include Aws::Structure
|
3297
3594
|
end
|
3298
3595
|
|
@@ -3312,6 +3609,7 @@ module Aws::WAFV2
|
|
3312
3609
|
class ListRuleGroupsResponse < Struct.new(
|
3313
3610
|
:next_marker,
|
3314
3611
|
:rule_groups)
|
3612
|
+
SENSITIVE = []
|
3315
3613
|
include Aws::Structure
|
3316
3614
|
end
|
3317
3615
|
|
@@ -3349,6 +3647,7 @@ module Aws::WAFV2
|
|
3349
3647
|
:next_marker,
|
3350
3648
|
:limit,
|
3351
3649
|
:resource_arn)
|
3650
|
+
SENSITIVE = []
|
3352
3651
|
include Aws::Structure
|
3353
3652
|
end
|
3354
3653
|
|
@@ -3369,6 +3668,7 @@ module Aws::WAFV2
|
|
3369
3668
|
class ListTagsForResourceResponse < Struct.new(
|
3370
3669
|
:next_marker,
|
3371
3670
|
:tag_info_for_resource)
|
3671
|
+
SENSITIVE = []
|
3372
3672
|
include Aws::Structure
|
3373
3673
|
end
|
3374
3674
|
|
@@ -3389,7 +3689,7 @@ module Aws::WAFV2
|
|
3389
3689
|
# To work with CloudFront, you must also specify the Region US East
|
3390
3690
|
# (N. Virginia) as follows:
|
3391
3691
|
#
|
3392
|
-
# * CLI - Specify the
|
3692
|
+
# * CLI - Specify the Region when you use the CloudFront scope:
|
3393
3693
|
# `--scope=CLOUDFRONT --region=us-east-1`.
|
3394
3694
|
#
|
3395
3695
|
# * API and SDKs - For all calls, use the Region endpoint us-east-1.
|
@@ -3416,6 +3716,7 @@ module Aws::WAFV2
|
|
3416
3716
|
:scope,
|
3417
3717
|
:next_marker,
|
3418
3718
|
:limit)
|
3719
|
+
SENSITIVE = []
|
3419
3720
|
include Aws::Structure
|
3420
3721
|
end
|
3421
3722
|
|
@@ -3435,6 +3736,7 @@ module Aws::WAFV2
|
|
3435
3736
|
class ListWebACLsResponse < Struct.new(
|
3436
3737
|
:next_marker,
|
3437
3738
|
:web_acls)
|
3739
|
+
SENSITIVE = []
|
3438
3740
|
include Aws::Structure
|
3439
3741
|
end
|
3440
3742
|
|
@@ -3504,6 +3806,7 @@ module Aws::WAFV2
|
|
3504
3806
|
:resource_arn,
|
3505
3807
|
:log_destination_configs,
|
3506
3808
|
:redacted_fields)
|
3809
|
+
SENSITIVE = []
|
3507
3810
|
include Aws::Structure
|
3508
3811
|
end
|
3509
3812
|
|
@@ -3562,6 +3865,7 @@ module Aws::WAFV2
|
|
3562
3865
|
:vendor_name,
|
3563
3866
|
:name,
|
3564
3867
|
:excluded_rules)
|
3868
|
+
SENSITIVE = []
|
3565
3869
|
include Aws::Structure
|
3566
3870
|
end
|
3567
3871
|
|
@@ -3605,6 +3909,7 @@ module Aws::WAFV2
|
|
3605
3909
|
:vendor_name,
|
3606
3910
|
:name,
|
3607
3911
|
:description)
|
3912
|
+
SENSITIVE = []
|
3608
3913
|
include Aws::Structure
|
3609
3914
|
end
|
3610
3915
|
|
@@ -3870,6 +4175,7 @@ module Aws::WAFV2
|
|
3870
4175
|
#
|
3871
4176
|
class NotStatement < Struct.new(
|
3872
4177
|
:statement)
|
4178
|
+
SENSITIVE = []
|
3873
4179
|
include Aws::Structure
|
3874
4180
|
end
|
3875
4181
|
|
@@ -4086,24 +4392,26 @@ module Aws::WAFV2
|
|
4086
4392
|
#
|
4087
4393
|
class OrStatement < Struct.new(
|
4088
4394
|
:statements)
|
4395
|
+
SENSITIVE = []
|
4089
4396
|
include Aws::Structure
|
4090
4397
|
end
|
4091
4398
|
|
4092
|
-
#
|
4093
|
-
#
|
4094
|
-
#
|
4095
|
-
# Guide][1].
|
4096
|
-
#
|
4097
|
-
# </note>
|
4399
|
+
# The override action to apply to the rules in a rule group. Used only
|
4400
|
+
# for rule statements that reference a rule group, like
|
4401
|
+
# `RuleGroupReferenceStatement` and `ManagedRuleGroupStatement`.
|
4098
4402
|
#
|
4099
|
-
#
|
4100
|
-
#
|
4101
|
-
#
|
4102
|
-
# counts the match.
|
4403
|
+
# Set the override action to none to leave the rule actions in effect.
|
4404
|
+
# Set it to count to only count matches, regardless of the rule action
|
4405
|
+
# settings.
|
4103
4406
|
#
|
4407
|
+
# In a Rule, you must specify either this `OverrideAction` setting or
|
4408
|
+
# the rule `Action` setting, but not both:
|
4104
4409
|
#
|
4410
|
+
# * If the rule statement references a rule group, use this override
|
4411
|
+
# action setting and not the action setting.
|
4105
4412
|
#
|
4106
|
-
#
|
4413
|
+
# * If the rule statement does not reference a rule group, use the rule
|
4414
|
+
# action setting and not this rule override action setting.
|
4107
4415
|
#
|
4108
4416
|
# @note When making an API call, you may pass OverrideAction
|
4109
4417
|
# data as a hash:
|
@@ -4128,6 +4436,7 @@ module Aws::WAFV2
|
|
4128
4436
|
class OverrideAction < Struct.new(
|
4129
4437
|
:count,
|
4130
4438
|
:none)
|
4439
|
+
SENSITIVE = []
|
4131
4440
|
include Aws::Structure
|
4132
4441
|
end
|
4133
4442
|
|
@@ -4168,6 +4477,7 @@ module Aws::WAFV2
|
|
4168
4477
|
#
|
4169
4478
|
class PutLoggingConfigurationRequest < Struct.new(
|
4170
4479
|
:logging_configuration)
|
4480
|
+
SENSITIVE = []
|
4171
4481
|
include Aws::Structure
|
4172
4482
|
end
|
4173
4483
|
|
@@ -4178,9 +4488,62 @@ module Aws::WAFV2
|
|
4178
4488
|
#
|
4179
4489
|
class PutLoggingConfigurationResponse < Struct.new(
|
4180
4490
|
:logging_configuration)
|
4491
|
+
SENSITIVE = []
|
4492
|
+
include Aws::Structure
|
4493
|
+
end
|
4494
|
+
|
4495
|
+
# @note When making an API call, you may pass PutPermissionPolicyRequest
|
4496
|
+
# data as a hash:
|
4497
|
+
#
|
4498
|
+
# {
|
4499
|
+
# resource_arn: "ResourceArn", # required
|
4500
|
+
# policy: "PolicyString", # required
|
4501
|
+
# }
|
4502
|
+
#
|
4503
|
+
# @!attribute [rw] resource_arn
|
4504
|
+
# The Amazon Resource Name (ARN) of the RuleGroup to which you want to
|
4505
|
+
# attach the policy.
|
4506
|
+
# @return [String]
|
4507
|
+
#
|
4508
|
+
# @!attribute [rw] policy
|
4509
|
+
# The policy to attach to the specified rule group.
|
4510
|
+
#
|
4511
|
+
# The policy specifications must conform to the following:
|
4512
|
+
#
|
4513
|
+
# * The policy must be composed using IAM Policy version 2012-10-17 or
|
4514
|
+
# version 2015-01-01.
|
4515
|
+
#
|
4516
|
+
# * The policy must include specifications for `Effect`, `Action`, and
|
4517
|
+
# `Principal`.
|
4518
|
+
#
|
4519
|
+
# * `Effect` must specify `Allow`.
|
4520
|
+
#
|
4521
|
+
# * `Action` must specify `wafv2:CreateWebACL`, `wafv2:UpdateWebACL`,
|
4522
|
+
# and `wafv2:PutFirewallManagerRuleGroups`. AWS WAF rejects any
|
4523
|
+
# extra actions or wildcard actions in the policy.
|
4524
|
+
#
|
4525
|
+
# * The policy must not include a `Resource` parameter.
|
4526
|
+
#
|
4527
|
+
# For more information, see [IAM Policies][1].
|
4528
|
+
#
|
4529
|
+
#
|
4530
|
+
#
|
4531
|
+
# [1]: https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html
|
4532
|
+
# @return [String]
|
4533
|
+
#
|
4534
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/PutPermissionPolicyRequest AWS API Documentation
|
4535
|
+
#
|
4536
|
+
class PutPermissionPolicyRequest < Struct.new(
|
4537
|
+
:resource_arn,
|
4538
|
+
:policy)
|
4539
|
+
SENSITIVE = []
|
4181
4540
|
include Aws::Structure
|
4182
4541
|
end
|
4183
4542
|
|
4543
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/PutPermissionPolicyResponse AWS API Documentation
|
4544
|
+
#
|
4545
|
+
class PutPermissionPolicyResponse < Aws::EmptyStructure; end
|
4546
|
+
|
4184
4547
|
# <note markdown="1"> This is the latest version of **AWS WAF**, named AWS WAFV2, released
|
4185
4548
|
# in November, 2019. For information, including how to migrate your AWS
|
4186
4549
|
# WAF resources from the prior release, see the [AWS WAF Developer
|
@@ -4467,6 +4830,7 @@ module Aws::WAFV2
|
|
4467
4830
|
:limit,
|
4468
4831
|
:aggregate_key_type,
|
4469
4832
|
:scope_down_statement)
|
4833
|
+
SENSITIVE = []
|
4470
4834
|
include Aws::Structure
|
4471
4835
|
end
|
4472
4836
|
|
@@ -4496,6 +4860,7 @@ module Aws::WAFV2
|
|
4496
4860
|
class RateBasedStatementManagedKeysIPSet < Struct.new(
|
4497
4861
|
:ip_address_version,
|
4498
4862
|
:addresses)
|
4863
|
+
SENSITIVE = []
|
4499
4864
|
include Aws::Structure
|
4500
4865
|
end
|
4501
4866
|
|
@@ -4527,6 +4892,7 @@ module Aws::WAFV2
|
|
4527
4892
|
#
|
4528
4893
|
class Regex < Struct.new(
|
4529
4894
|
:regex_string)
|
4895
|
+
SENSITIVE = []
|
4530
4896
|
include Aws::Structure
|
4531
4897
|
end
|
4532
4898
|
|
@@ -4548,8 +4914,8 @@ module Aws::WAFV2
|
|
4548
4914
|
# [1]: https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html
|
4549
4915
|
#
|
4550
4916
|
# @!attribute [rw] name
|
4551
|
-
#
|
4552
|
-
#
|
4917
|
+
# The name of the set. You cannot change the name after you create the
|
4918
|
+
# set.
|
4553
4919
|
# @return [String]
|
4554
4920
|
#
|
4555
4921
|
# @!attribute [rw] id
|
@@ -4563,8 +4929,8 @@ module Aws::WAFV2
|
|
4563
4929
|
# @return [String]
|
4564
4930
|
#
|
4565
4931
|
# @!attribute [rw] description
|
4566
|
-
# A
|
4567
|
-
# of a set after you create it.
|
4932
|
+
# A description of the set that helps with identification. You cannot
|
4933
|
+
# change the description of a set after you create it.
|
4568
4934
|
# @return [String]
|
4569
4935
|
#
|
4570
4936
|
# @!attribute [rw] regular_expression_list
|
@@ -4579,6 +4945,7 @@ module Aws::WAFV2
|
|
4579
4945
|
:arn,
|
4580
4946
|
:description,
|
4581
4947
|
:regular_expression_list)
|
4948
|
+
SENSITIVE = []
|
4582
4949
|
include Aws::Structure
|
4583
4950
|
end
|
4584
4951
|
|
@@ -4651,9 +5018,9 @@ module Aws::WAFV2
|
|
4651
5018
|
# Text transformations eliminate some of the unusual formatting that
|
4652
5019
|
# attackers use in web requests in an effort to bypass detection. If
|
4653
5020
|
# you specify one or more transformations in a rule statement, AWS WAF
|
4654
|
-
# performs all transformations on the content
|
4655
|
-
# `FieldToMatch`, starting from the lowest priority
|
4656
|
-
# inspecting the content for a match.
|
5021
|
+
# performs all transformations on the content of the request component
|
5022
|
+
# identified by `FieldToMatch`, starting from the lowest priority
|
5023
|
+
# setting, before inspecting the content for a match.
|
4657
5024
|
# @return [Array<Types::TextTransformation>]
|
4658
5025
|
#
|
4659
5026
|
# @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/RegexPatternSetReferenceStatement AWS API Documentation
|
@@ -4662,6 +5029,7 @@ module Aws::WAFV2
|
|
4662
5029
|
:arn,
|
4663
5030
|
:field_to_match,
|
4664
5031
|
:text_transformations)
|
5032
|
+
SENSITIVE = []
|
4665
5033
|
include Aws::Structure
|
4666
5034
|
end
|
4667
5035
|
|
@@ -4683,8 +5051,8 @@ module Aws::WAFV2
|
|
4683
5051
|
# [1]: https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html
|
4684
5052
|
#
|
4685
5053
|
# @!attribute [rw] name
|
4686
|
-
#
|
4687
|
-
#
|
5054
|
+
# The name of the data type instance. You cannot change the name after
|
5055
|
+
# you create the instance.
|
4688
5056
|
# @return [String]
|
4689
5057
|
#
|
4690
5058
|
# @!attribute [rw] id
|
@@ -4694,8 +5062,8 @@ module Aws::WAFV2
|
|
4694
5062
|
# @return [String]
|
4695
5063
|
#
|
4696
5064
|
# @!attribute [rw] description
|
4697
|
-
# A
|
4698
|
-
# of a set after you create it.
|
5065
|
+
# A description of the set that helps with identification. You cannot
|
5066
|
+
# change the description of a set after you create it.
|
4699
5067
|
# @return [String]
|
4700
5068
|
#
|
4701
5069
|
# @!attribute [rw] lock_token
|
@@ -4722,6 +5090,7 @@ module Aws::WAFV2
|
|
4722
5090
|
:description,
|
4723
5091
|
:lock_token,
|
4724
5092
|
:arn)
|
5093
|
+
SENSITIVE = []
|
4725
5094
|
include Aws::Structure
|
4726
5095
|
end
|
4727
5096
|
|
@@ -4956,8 +5325,8 @@ module Aws::WAFV2
|
|
4956
5325
|
# }
|
4957
5326
|
#
|
4958
5327
|
# @!attribute [rw] name
|
4959
|
-
#
|
4960
|
-
#
|
5328
|
+
# The name of the rule. You can't change the name of a `Rule` after
|
5329
|
+
# you create it.
|
4961
5330
|
# @return [String]
|
4962
5331
|
#
|
4963
5332
|
# @!attribute [rw] priority
|
@@ -4975,15 +5344,40 @@ module Aws::WAFV2
|
|
4975
5344
|
#
|
4976
5345
|
# @!attribute [rw] action
|
4977
5346
|
# The action that AWS WAF should take on a web request when it matches
|
4978
|
-
# the rule
|
4979
|
-
#
|
5347
|
+
# the rule statement. Settings at the web ACL level can override the
|
5348
|
+
# rule action setting.
|
5349
|
+
#
|
5350
|
+
# This is used only for rules whose statements do not reference a rule
|
5351
|
+
# group. Rule statements that reference a rule group include
|
5352
|
+
# `RuleGroupReferenceStatement` and `ManagedRuleGroupStatement`.
|
5353
|
+
#
|
5354
|
+
# You must specify either this `Action` setting or the rule
|
5355
|
+
# `OverrideAction` setting, but not both:
|
5356
|
+
#
|
5357
|
+
# * If the rule statement does not reference a rule group, use this
|
5358
|
+
# rule action setting and not the rule override action setting.
|
5359
|
+
#
|
5360
|
+
# * If the rule statement references a rule group, use the override
|
5361
|
+
# action setting and not this action setting.
|
4980
5362
|
# @return [Types::RuleAction]
|
4981
5363
|
#
|
4982
5364
|
# @!attribute [rw] override_action
|
4983
|
-
# The action to
|
4984
|
-
#
|
4985
|
-
#
|
4986
|
-
#
|
5365
|
+
# The override action to apply to the rules in a rule group. Used only
|
5366
|
+
# for rule statements that reference a rule group, like
|
5367
|
+
# `RuleGroupReferenceStatement` and `ManagedRuleGroupStatement`.
|
5368
|
+
#
|
5369
|
+
# Set the override action to none to leave the rule actions in effect.
|
5370
|
+
# Set it to count to only count matches, regardless of the rule action
|
5371
|
+
# settings.
|
5372
|
+
#
|
5373
|
+
# In a Rule, you must specify either this `OverrideAction` setting or
|
5374
|
+
# the rule `Action` setting, but not both:
|
5375
|
+
#
|
5376
|
+
# * If the rule statement references a rule group, use this override
|
5377
|
+
# action setting and not the action setting.
|
5378
|
+
#
|
5379
|
+
# * If the rule statement does not reference a rule group, use the
|
5380
|
+
# rule action setting and not this rule override action setting.
|
4987
5381
|
# @return [Types::OverrideAction]
|
4988
5382
|
#
|
4989
5383
|
# @!attribute [rw] visibility_config
|
@@ -5000,6 +5394,7 @@ module Aws::WAFV2
|
|
5000
5394
|
:action,
|
5001
5395
|
:override_action,
|
5002
5396
|
:visibility_config)
|
5397
|
+
SENSITIVE = []
|
5003
5398
|
include Aws::Structure
|
5004
5399
|
end
|
5005
5400
|
|
@@ -5048,6 +5443,7 @@ module Aws::WAFV2
|
|
5048
5443
|
:block,
|
5049
5444
|
:allow,
|
5050
5445
|
:count)
|
5446
|
+
SENSITIVE = []
|
5051
5447
|
include Aws::Structure
|
5052
5448
|
end
|
5053
5449
|
|
@@ -5069,8 +5465,8 @@ module Aws::WAFV2
|
|
5069
5465
|
# [1]: https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html
|
5070
5466
|
#
|
5071
5467
|
# @!attribute [rw] name
|
5072
|
-
#
|
5073
|
-
#
|
5468
|
+
# The name of the rule group. You cannot change the name of a rule
|
5469
|
+
# group after you create it.
|
5074
5470
|
# @return [String]
|
5075
5471
|
#
|
5076
5472
|
# @!attribute [rw] id
|
@@ -5102,8 +5498,8 @@ module Aws::WAFV2
|
|
5102
5498
|
# @return [String]
|
5103
5499
|
#
|
5104
5500
|
# @!attribute [rw] description
|
5105
|
-
# A
|
5106
|
-
# description of a rule group after you create it.
|
5501
|
+
# A description of the rule group that helps with identification. You
|
5502
|
+
# cannot change the description of a rule group after you create it.
|
5107
5503
|
# @return [String]
|
5108
5504
|
#
|
5109
5505
|
# @!attribute [rw] rules
|
@@ -5128,6 +5524,7 @@ module Aws::WAFV2
|
|
5128
5524
|
:description,
|
5129
5525
|
:rules,
|
5130
5526
|
:visibility_config)
|
5527
|
+
SENSITIVE = []
|
5131
5528
|
include Aws::Structure
|
5132
5529
|
end
|
5133
5530
|
|
@@ -5176,6 +5573,7 @@ module Aws::WAFV2
|
|
5176
5573
|
class RuleGroupReferenceStatement < Struct.new(
|
5177
5574
|
:arn,
|
5178
5575
|
:excluded_rules)
|
5576
|
+
SENSITIVE = []
|
5179
5577
|
include Aws::Structure
|
5180
5578
|
end
|
5181
5579
|
|
@@ -5197,8 +5595,8 @@ module Aws::WAFV2
|
|
5197
5595
|
# [1]: https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html
|
5198
5596
|
#
|
5199
5597
|
# @!attribute [rw] name
|
5200
|
-
#
|
5201
|
-
#
|
5598
|
+
# The name of the data type instance. You cannot change the name after
|
5599
|
+
# you create the instance.
|
5202
5600
|
# @return [String]
|
5203
5601
|
#
|
5204
5602
|
# @!attribute [rw] id
|
@@ -5208,8 +5606,8 @@ module Aws::WAFV2
|
|
5208
5606
|
# @return [String]
|
5209
5607
|
#
|
5210
5608
|
# @!attribute [rw] description
|
5211
|
-
# A
|
5212
|
-
# description of a rule group after you create it.
|
5609
|
+
# A description of the rule group that helps with identification. You
|
5610
|
+
# cannot change the description of a rule group after you create it.
|
5213
5611
|
# @return [String]
|
5214
5612
|
#
|
5215
5613
|
# @!attribute [rw] lock_token
|
@@ -5236,6 +5634,7 @@ module Aws::WAFV2
|
|
5236
5634
|
:description,
|
5237
5635
|
:lock_token,
|
5238
5636
|
:arn)
|
5637
|
+
SENSITIVE = []
|
5239
5638
|
include Aws::Structure
|
5240
5639
|
end
|
5241
5640
|
|
@@ -5282,6 +5681,7 @@ module Aws::WAFV2
|
|
5282
5681
|
class RuleSummary < Struct.new(
|
5283
5682
|
:name,
|
5284
5683
|
:action)
|
5684
|
+
SENSITIVE = []
|
5285
5685
|
include Aws::Structure
|
5286
5686
|
end
|
5287
5687
|
|
@@ -5339,6 +5739,7 @@ module Aws::WAFV2
|
|
5339
5739
|
:timestamp,
|
5340
5740
|
:action,
|
5341
5741
|
:rule_name_within_rule_group)
|
5742
|
+
SENSITIVE = []
|
5342
5743
|
include Aws::Structure
|
5343
5744
|
end
|
5344
5745
|
|
@@ -5374,6 +5775,7 @@ module Aws::WAFV2
|
|
5374
5775
|
#
|
5375
5776
|
class SingleHeader < Struct.new(
|
5376
5777
|
:name)
|
5778
|
+
SENSITIVE = []
|
5377
5779
|
include Aws::Structure
|
5378
5780
|
end
|
5379
5781
|
|
@@ -5407,6 +5809,7 @@ module Aws::WAFV2
|
|
5407
5809
|
#
|
5408
5810
|
class SingleQueryArgument < Struct.new(
|
5409
5811
|
:name)
|
5812
|
+
SENSITIVE = []
|
5410
5813
|
include Aws::Structure
|
5411
5814
|
end
|
5412
5815
|
|
@@ -5486,9 +5889,9 @@ module Aws::WAFV2
|
|
5486
5889
|
# Text transformations eliminate some of the unusual formatting that
|
5487
5890
|
# attackers use in web requests in an effort to bypass detection. If
|
5488
5891
|
# you specify one or more transformations in a rule statement, AWS WAF
|
5489
|
-
# performs all transformations on the content
|
5490
|
-
# `FieldToMatch`, starting from the lowest priority
|
5491
|
-
# inspecting the content for a match.
|
5892
|
+
# performs all transformations on the content of the request component
|
5893
|
+
# identified by `FieldToMatch`, starting from the lowest priority
|
5894
|
+
# setting, before inspecting the content for a match.
|
5492
5895
|
# @return [Array<Types::TextTransformation>]
|
5493
5896
|
#
|
5494
5897
|
# @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/SizeConstraintStatement AWS API Documentation
|
@@ -5498,6 +5901,7 @@ module Aws::WAFV2
|
|
5498
5901
|
:comparison_operator,
|
5499
5902
|
:size,
|
5500
5903
|
:text_transformations)
|
5904
|
+
SENSITIVE = []
|
5501
5905
|
include Aws::Structure
|
5502
5906
|
end
|
5503
5907
|
|
@@ -5560,9 +5964,9 @@ module Aws::WAFV2
|
|
5560
5964
|
# Text transformations eliminate some of the unusual formatting that
|
5561
5965
|
# attackers use in web requests in an effort to bypass detection. If
|
5562
5966
|
# you specify one or more transformations in a rule statement, AWS WAF
|
5563
|
-
# performs all transformations on the content
|
5564
|
-
# `FieldToMatch`, starting from the lowest priority
|
5565
|
-
# inspecting the content for a match.
|
5967
|
+
# performs all transformations on the content of the request component
|
5968
|
+
# identified by `FieldToMatch`, starting from the lowest priority
|
5969
|
+
# setting, before inspecting the content for a match.
|
5566
5970
|
# @return [Array<Types::TextTransformation>]
|
5567
5971
|
#
|
5568
5972
|
# @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/SqliMatchStatement AWS API Documentation
|
@@ -5570,6 +5974,7 @@ module Aws::WAFV2
|
|
5570
5974
|
class SqliMatchStatement < Struct.new(
|
5571
5975
|
:field_to_match,
|
5572
5976
|
:text_transformations)
|
5977
|
+
SENSITIVE = []
|
5573
5978
|
include Aws::Structure
|
5574
5979
|
end
|
5575
5980
|
|
@@ -6663,6 +7068,7 @@ module Aws::WAFV2
|
|
6663
7068
|
:or_statement,
|
6664
7069
|
:not_statement,
|
6665
7070
|
:managed_rule_group_statement)
|
7071
|
+
SENSITIVE = []
|
6666
7072
|
include Aws::Structure
|
6667
7073
|
end
|
6668
7074
|
|
@@ -6709,6 +7115,7 @@ module Aws::WAFV2
|
|
6709
7115
|
class Tag < Struct.new(
|
6710
7116
|
:key,
|
6711
7117
|
:value)
|
7118
|
+
SENSITIVE = []
|
6712
7119
|
include Aws::Structure
|
6713
7120
|
end
|
6714
7121
|
|
@@ -6738,6 +7145,7 @@ module Aws::WAFV2
|
|
6738
7145
|
class TagInfoForResource < Struct.new(
|
6739
7146
|
:resource_arn,
|
6740
7147
|
:tag_list)
|
7148
|
+
SENSITIVE = []
|
6741
7149
|
include Aws::Structure
|
6742
7150
|
end
|
6743
7151
|
|
@@ -6767,6 +7175,7 @@ module Aws::WAFV2
|
|
6767
7175
|
class TagResourceRequest < Struct.new(
|
6768
7176
|
:resource_arn,
|
6769
7177
|
:tags)
|
7178
|
+
SENSITIVE = []
|
6770
7179
|
include Aws::Structure
|
6771
7180
|
end
|
6772
7181
|
|
@@ -6881,6 +7290,7 @@ module Aws::WAFV2
|
|
6881
7290
|
class TextTransformation < Struct.new(
|
6882
7291
|
:priority,
|
6883
7292
|
:type)
|
7293
|
+
SENSITIVE = []
|
6884
7294
|
include Aws::Structure
|
6885
7295
|
end
|
6886
7296
|
|
@@ -6937,6 +7347,7 @@ module Aws::WAFV2
|
|
6937
7347
|
class TimeWindow < Struct.new(
|
6938
7348
|
:start_time,
|
6939
7349
|
:end_time)
|
7350
|
+
SENSITIVE = []
|
6940
7351
|
include Aws::Structure
|
6941
7352
|
end
|
6942
7353
|
|
@@ -6962,6 +7373,7 @@ module Aws::WAFV2
|
|
6962
7373
|
class UntagResourceRequest < Struct.new(
|
6963
7374
|
:resource_arn,
|
6964
7375
|
:tag_keys)
|
7376
|
+
SENSITIVE = []
|
6965
7377
|
include Aws::Structure
|
6966
7378
|
end
|
6967
7379
|
|
@@ -6982,8 +7394,8 @@ module Aws::WAFV2
|
|
6982
7394
|
# }
|
6983
7395
|
#
|
6984
7396
|
# @!attribute [rw] name
|
6985
|
-
#
|
6986
|
-
#
|
7397
|
+
# The name of the IP set. You cannot change the name of an `IPSet`
|
7398
|
+
# after you create it.
|
6987
7399
|
# @return [String]
|
6988
7400
|
#
|
6989
7401
|
# @!attribute [rw] scope
|
@@ -6994,7 +7406,7 @@ module Aws::WAFV2
|
|
6994
7406
|
# To work with CloudFront, you must also specify the Region US East
|
6995
7407
|
# (N. Virginia) as follows:
|
6996
7408
|
#
|
6997
|
-
# * CLI - Specify the
|
7409
|
+
# * CLI - Specify the Region when you use the CloudFront scope:
|
6998
7410
|
# `--scope=CLOUDFRONT --region=us-east-1`.
|
6999
7411
|
#
|
7000
7412
|
# * API and SDKs - For all calls, use the Region endpoint us-east-1.
|
@@ -7007,8 +7419,8 @@ module Aws::WAFV2
|
|
7007
7419
|
# @return [String]
|
7008
7420
|
#
|
7009
7421
|
# @!attribute [rw] description
|
7010
|
-
# A
|
7011
|
-
# description of an IP set after you create it.
|
7422
|
+
# A description of the IP set that helps with identification. You
|
7423
|
+
# cannot change the description of an IP set after you create it.
|
7012
7424
|
# @return [String]
|
7013
7425
|
#
|
7014
7426
|
# @!attribute [rw] addresses
|
@@ -7067,6 +7479,7 @@ module Aws::WAFV2
|
|
7067
7479
|
:description,
|
7068
7480
|
:addresses,
|
7069
7481
|
:lock_token)
|
7482
|
+
SENSITIVE = []
|
7070
7483
|
include Aws::Structure
|
7071
7484
|
end
|
7072
7485
|
|
@@ -7080,6 +7493,7 @@ module Aws::WAFV2
|
|
7080
7493
|
#
|
7081
7494
|
class UpdateIPSetResponse < Struct.new(
|
7082
7495
|
:next_lock_token)
|
7496
|
+
SENSITIVE = []
|
7083
7497
|
include Aws::Structure
|
7084
7498
|
end
|
7085
7499
|
|
@@ -7100,8 +7514,8 @@ module Aws::WAFV2
|
|
7100
7514
|
# }
|
7101
7515
|
#
|
7102
7516
|
# @!attribute [rw] name
|
7103
|
-
#
|
7104
|
-
#
|
7517
|
+
# The name of the set. You cannot change the name after you create the
|
7518
|
+
# set.
|
7105
7519
|
# @return [String]
|
7106
7520
|
#
|
7107
7521
|
# @!attribute [rw] scope
|
@@ -7112,7 +7526,7 @@ module Aws::WAFV2
|
|
7112
7526
|
# To work with CloudFront, you must also specify the Region US East
|
7113
7527
|
# (N. Virginia) as follows:
|
7114
7528
|
#
|
7115
|
-
# * CLI - Specify the
|
7529
|
+
# * CLI - Specify the Region when you use the CloudFront scope:
|
7116
7530
|
# `--scope=CLOUDFRONT --region=us-east-1`.
|
7117
7531
|
#
|
7118
7532
|
# * API and SDKs - For all calls, use the Region endpoint us-east-1.
|
@@ -7125,8 +7539,8 @@ module Aws::WAFV2
|
|
7125
7539
|
# @return [String]
|
7126
7540
|
#
|
7127
7541
|
# @!attribute [rw] description
|
7128
|
-
# A
|
7129
|
-
# of a set after you create it.
|
7542
|
+
# A description of the set that helps with identification. You cannot
|
7543
|
+
# change the description of a set after you create it.
|
7130
7544
|
# @return [String]
|
7131
7545
|
#
|
7132
7546
|
# @!attribute [rw] regular_expression_list
|
@@ -7153,6 +7567,7 @@ module Aws::WAFV2
|
|
7153
7567
|
:description,
|
7154
7568
|
:regular_expression_list,
|
7155
7569
|
:lock_token)
|
7570
|
+
SENSITIVE = []
|
7156
7571
|
include Aws::Structure
|
7157
7572
|
end
|
7158
7573
|
|
@@ -7166,6 +7581,7 @@ module Aws::WAFV2
|
|
7166
7581
|
#
|
7167
7582
|
class UpdateRegexPatternSetResponse < Struct.new(
|
7168
7583
|
:next_lock_token)
|
7584
|
+
SENSITIVE = []
|
7169
7585
|
include Aws::Structure
|
7170
7586
|
end
|
7171
7587
|
|
@@ -7397,8 +7813,8 @@ module Aws::WAFV2
|
|
7397
7813
|
# }
|
7398
7814
|
#
|
7399
7815
|
# @!attribute [rw] name
|
7400
|
-
#
|
7401
|
-
#
|
7816
|
+
# The name of the rule group. You cannot change the name of a rule
|
7817
|
+
# group after you create it.
|
7402
7818
|
# @return [String]
|
7403
7819
|
#
|
7404
7820
|
# @!attribute [rw] scope
|
@@ -7409,7 +7825,7 @@ module Aws::WAFV2
|
|
7409
7825
|
# To work with CloudFront, you must also specify the Region US East
|
7410
7826
|
# (N. Virginia) as follows:
|
7411
7827
|
#
|
7412
|
-
# * CLI - Specify the
|
7828
|
+
# * CLI - Specify the Region when you use the CloudFront scope:
|
7413
7829
|
# `--scope=CLOUDFRONT --region=us-east-1`.
|
7414
7830
|
#
|
7415
7831
|
# * API and SDKs - For all calls, use the Region endpoint us-east-1.
|
@@ -7422,8 +7838,8 @@ module Aws::WAFV2
|
|
7422
7838
|
# @return [String]
|
7423
7839
|
#
|
7424
7840
|
# @!attribute [rw] description
|
7425
|
-
# A
|
7426
|
-
# description of a rule group after you create it.
|
7841
|
+
# A description of the rule group that helps with identification. You
|
7842
|
+
# cannot change the description of a rule group after you create it.
|
7427
7843
|
# @return [String]
|
7428
7844
|
#
|
7429
7845
|
# @!attribute [rw] rules
|
@@ -7460,6 +7876,7 @@ module Aws::WAFV2
|
|
7460
7876
|
:rules,
|
7461
7877
|
:visibility_config,
|
7462
7878
|
:lock_token)
|
7879
|
+
SENSITIVE = []
|
7463
7880
|
include Aws::Structure
|
7464
7881
|
end
|
7465
7882
|
|
@@ -7473,6 +7890,7 @@ module Aws::WAFV2
|
|
7473
7890
|
#
|
7474
7891
|
class UpdateRuleGroupResponse < Struct.new(
|
7475
7892
|
:next_lock_token)
|
7893
|
+
SENSITIVE = []
|
7476
7894
|
include Aws::Structure
|
7477
7895
|
end
|
7478
7896
|
|
@@ -7710,8 +8128,8 @@ module Aws::WAFV2
|
|
7710
8128
|
# }
|
7711
8129
|
#
|
7712
8130
|
# @!attribute [rw] name
|
7713
|
-
#
|
7714
|
-
#
|
8131
|
+
# The name of the Web ACL. You cannot change the name of a Web ACL
|
8132
|
+
# after you create it.
|
7715
8133
|
# @return [String]
|
7716
8134
|
#
|
7717
8135
|
# @!attribute [rw] scope
|
@@ -7722,7 +8140,7 @@ module Aws::WAFV2
|
|
7722
8140
|
# To work with CloudFront, you must also specify the Region US East
|
7723
8141
|
# (N. Virginia) as follows:
|
7724
8142
|
#
|
7725
|
-
# * CLI - Specify the
|
8143
|
+
# * CLI - Specify the Region when you use the CloudFront scope:
|
7726
8144
|
# `--scope=CLOUDFRONT --region=us-east-1`.
|
7727
8145
|
#
|
7728
8146
|
# * API and SDKs - For all calls, use the Region endpoint us-east-1.
|
@@ -7740,8 +8158,8 @@ module Aws::WAFV2
|
|
7740
8158
|
# @return [Types::DefaultAction]
|
7741
8159
|
#
|
7742
8160
|
# @!attribute [rw] description
|
7743
|
-
# A
|
7744
|
-
# description of a Web ACL after you create it.
|
8161
|
+
# A description of the Web ACL that helps with identification. You
|
8162
|
+
# cannot change the description of a Web ACL after you create it.
|
7745
8163
|
# @return [String]
|
7746
8164
|
#
|
7747
8165
|
# @!attribute [rw] rules
|
@@ -7779,6 +8197,7 @@ module Aws::WAFV2
|
|
7779
8197
|
:rules,
|
7780
8198
|
:visibility_config,
|
7781
8199
|
:lock_token)
|
8200
|
+
SENSITIVE = []
|
7782
8201
|
include Aws::Structure
|
7783
8202
|
end
|
7784
8203
|
|
@@ -7792,6 +8211,7 @@ module Aws::WAFV2
|
|
7792
8211
|
#
|
7793
8212
|
class UpdateWebACLResponse < Struct.new(
|
7794
8213
|
:next_lock_token)
|
8214
|
+
SENSITIVE = []
|
7795
8215
|
include Aws::Structure
|
7796
8216
|
end
|
7797
8217
|
|
@@ -7859,7 +8279,7 @@ module Aws::WAFV2
|
|
7859
8279
|
# @return [Boolean]
|
7860
8280
|
#
|
7861
8281
|
# @!attribute [rw] metric_name
|
7862
|
-
# A
|
8282
|
+
# A name of the CloudWatch metric. The name can contain only
|
7863
8283
|
# alphanumeric characters (A-Z, a-z, 0-9), with length from one to 128
|
7864
8284
|
# characters. It can't contain whitespace or metric names reserved
|
7865
8285
|
# for AWS WAF, for example "All" and "Default\_Action." You can't
|
@@ -7872,6 +8292,7 @@ module Aws::WAFV2
|
|
7872
8292
|
:sampled_requests_enabled,
|
7873
8293
|
:cloud_watch_metrics_enabled,
|
7874
8294
|
:metric_name)
|
8295
|
+
SENSITIVE = []
|
7875
8296
|
include Aws::Structure
|
7876
8297
|
end
|
7877
8298
|
|
@@ -7885,6 +8306,7 @@ module Aws::WAFV2
|
|
7885
8306
|
#
|
7886
8307
|
class WAFAssociatedItemException < Struct.new(
|
7887
8308
|
:message)
|
8309
|
+
SENSITIVE = []
|
7888
8310
|
include Aws::Structure
|
7889
8311
|
end
|
7890
8312
|
|
@@ -7898,6 +8320,7 @@ module Aws::WAFV2
|
|
7898
8320
|
#
|
7899
8321
|
class WAFDuplicateItemException < Struct.new(
|
7900
8322
|
:message)
|
8323
|
+
SENSITIVE = []
|
7901
8324
|
include Aws::Structure
|
7902
8325
|
end
|
7903
8326
|
|
@@ -7911,6 +8334,20 @@ module Aws::WAFV2
|
|
7911
8334
|
#
|
7912
8335
|
class WAFInternalErrorException < Struct.new(
|
7913
8336
|
:message)
|
8337
|
+
SENSITIVE = []
|
8338
|
+
include Aws::Structure
|
8339
|
+
end
|
8340
|
+
|
8341
|
+
# The operation isn't valid.
|
8342
|
+
#
|
8343
|
+
# @!attribute [rw] message
|
8344
|
+
# @return [String]
|
8345
|
+
#
|
8346
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/WAFInvalidOperationException AWS API Documentation
|
8347
|
+
#
|
8348
|
+
class WAFInvalidOperationException < Struct.new(
|
8349
|
+
:message)
|
8350
|
+
SENSITIVE = []
|
7914
8351
|
include Aws::Structure
|
7915
8352
|
end
|
7916
8353
|
|
@@ -7947,6 +8384,43 @@ module Aws::WAFV2
|
|
7947
8384
|
:field,
|
7948
8385
|
:parameter,
|
7949
8386
|
:reason)
|
8387
|
+
SENSITIVE = []
|
8388
|
+
include Aws::Structure
|
8389
|
+
end
|
8390
|
+
|
8391
|
+
# The operation failed because the specified policy isn't in the proper
|
8392
|
+
# format.
|
8393
|
+
#
|
8394
|
+
# The policy specifications must conform to the following:
|
8395
|
+
#
|
8396
|
+
# * The policy must be composed using IAM Policy version 2012-10-17 or
|
8397
|
+
# version 2015-01-01.
|
8398
|
+
#
|
8399
|
+
# * The policy must include specifications for `Effect`, `Action`, and
|
8400
|
+
# `Principal`.
|
8401
|
+
#
|
8402
|
+
# * `Effect` must specify `Allow`.
|
8403
|
+
#
|
8404
|
+
# * `Action` must specify `wafv2:CreateWebACL`, `wafv2:UpdateWebACL`,
|
8405
|
+
# and `wafv2:PutFirewallManagerRuleGroups`. AWS WAF rejects any extra
|
8406
|
+
# actions or wildcard actions in the policy.
|
8407
|
+
#
|
8408
|
+
# * The policy must not include a `Resource` parameter.
|
8409
|
+
#
|
8410
|
+
# For more information, see [IAM Policies][1].
|
8411
|
+
#
|
8412
|
+
#
|
8413
|
+
#
|
8414
|
+
# [1]: https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html
|
8415
|
+
#
|
8416
|
+
# @!attribute [rw] message
|
8417
|
+
# @return [String]
|
8418
|
+
#
|
8419
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/WAFInvalidPermissionPolicyException AWS API Documentation
|
8420
|
+
#
|
8421
|
+
class WAFInvalidPermissionPolicyException < Struct.new(
|
8422
|
+
:message)
|
8423
|
+
SENSITIVE = []
|
7950
8424
|
include Aws::Structure
|
7951
8425
|
end
|
7952
8426
|
|
@@ -7960,6 +8434,7 @@ module Aws::WAFV2
|
|
7960
8434
|
#
|
7961
8435
|
class WAFInvalidResourceException < Struct.new(
|
7962
8436
|
:message)
|
8437
|
+
SENSITIVE = []
|
7963
8438
|
include Aws::Structure
|
7964
8439
|
end
|
7965
8440
|
|
@@ -7979,6 +8454,7 @@ module Aws::WAFV2
|
|
7979
8454
|
#
|
7980
8455
|
class WAFLimitsExceededException < Struct.new(
|
7981
8456
|
:message)
|
8457
|
+
SENSITIVE = []
|
7982
8458
|
include Aws::Structure
|
7983
8459
|
end
|
7984
8460
|
|
@@ -7992,6 +8468,7 @@ module Aws::WAFV2
|
|
7992
8468
|
#
|
7993
8469
|
class WAFNonexistentItemException < Struct.new(
|
7994
8470
|
:message)
|
8471
|
+
SENSITIVE = []
|
7995
8472
|
include Aws::Structure
|
7996
8473
|
end
|
7997
8474
|
|
@@ -8007,6 +8484,7 @@ module Aws::WAFV2
|
|
8007
8484
|
#
|
8008
8485
|
class WAFOptimisticLockException < Struct.new(
|
8009
8486
|
:message)
|
8487
|
+
SENSITIVE = []
|
8010
8488
|
include Aws::Structure
|
8011
8489
|
end
|
8012
8490
|
|
@@ -8027,6 +8505,7 @@ module Aws::WAFV2
|
|
8027
8505
|
#
|
8028
8506
|
class WAFServiceLinkedRoleErrorException < Struct.new(
|
8029
8507
|
:message)
|
8508
|
+
SENSITIVE = []
|
8030
8509
|
include Aws::Structure
|
8031
8510
|
end
|
8032
8511
|
|
@@ -8037,6 +8516,7 @@ module Aws::WAFV2
|
|
8037
8516
|
#
|
8038
8517
|
class WAFSubscriptionNotFoundException < Struct.new(
|
8039
8518
|
:message)
|
8519
|
+
SENSITIVE = []
|
8040
8520
|
include Aws::Structure
|
8041
8521
|
end
|
8042
8522
|
|
@@ -8049,6 +8529,7 @@ module Aws::WAFV2
|
|
8049
8529
|
#
|
8050
8530
|
class WAFTagOperationException < Struct.new(
|
8051
8531
|
:message)
|
8532
|
+
SENSITIVE = []
|
8052
8533
|
include Aws::Structure
|
8053
8534
|
end
|
8054
8535
|
|
@@ -8062,6 +8543,7 @@ module Aws::WAFV2
|
|
8062
8543
|
#
|
8063
8544
|
class WAFTagOperationInternalErrorException < Struct.new(
|
8064
8545
|
:message)
|
8546
|
+
SENSITIVE = []
|
8065
8547
|
include Aws::Structure
|
8066
8548
|
end
|
8067
8549
|
|
@@ -8075,6 +8557,7 @@ module Aws::WAFV2
|
|
8075
8557
|
#
|
8076
8558
|
class WAFUnavailableEntityException < Struct.new(
|
8077
8559
|
:message)
|
8560
|
+
SENSITIVE = []
|
8078
8561
|
include Aws::Structure
|
8079
8562
|
end
|
8080
8563
|
|
@@ -8100,8 +8583,8 @@ module Aws::WAFV2
|
|
8100
8583
|
# [1]: https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html
|
8101
8584
|
#
|
8102
8585
|
# @!attribute [rw] name
|
8103
|
-
#
|
8104
|
-
#
|
8586
|
+
# The name of the Web ACL. You cannot change the name of a Web ACL
|
8587
|
+
# after you create it.
|
8105
8588
|
# @return [String]
|
8106
8589
|
#
|
8107
8590
|
# @!attribute [rw] id
|
@@ -8121,8 +8604,8 @@ module Aws::WAFV2
|
|
8121
8604
|
# @return [Types::DefaultAction]
|
8122
8605
|
#
|
8123
8606
|
# @!attribute [rw] description
|
8124
|
-
# A
|
8125
|
-
# description of a Web ACL after you create it.
|
8607
|
+
# A description of the Web ACL that helps with identification. You
|
8608
|
+
# cannot change the description of a Web ACL after you create it.
|
8126
8609
|
# @return [String]
|
8127
8610
|
#
|
8128
8611
|
# @!attribute [rw] rules
|
@@ -8151,6 +8634,38 @@ module Aws::WAFV2
|
|
8151
8634
|
# for web ACLs is 1,500.
|
8152
8635
|
# @return [Integer]
|
8153
8636
|
#
|
8637
|
+
# @!attribute [rw] pre_process_firewall_manager_rule_groups
|
8638
|
+
# The first set of rules for AWS WAF to process in the web ACL. This
|
8639
|
+
# is defined in an AWS Firewall Manager WAF policy and contains only
|
8640
|
+
# rule group references. You can't alter these. Any rules and rule
|
8641
|
+
# groups that you define for the web ACL are prioritized after these.
|
8642
|
+
#
|
8643
|
+
# In the Firewall Manager WAF policy, the Firewall Manager
|
8644
|
+
# administrator can define a set of rule groups to run first in the
|
8645
|
+
# web ACL and a set of rule groups to run last. Within each set, the
|
8646
|
+
# administrator prioritizes the rule groups, to determine their
|
8647
|
+
# relative processing order.
|
8648
|
+
# @return [Array<Types::FirewallManagerRuleGroup>]
|
8649
|
+
#
|
8650
|
+
# @!attribute [rw] post_process_firewall_manager_rule_groups
|
8651
|
+
# The last set of rules for AWS WAF to process in the web ACL. This is
|
8652
|
+
# defined in an AWS Firewall Manager WAF policy and contains only rule
|
8653
|
+
# group references. You can't alter these. Any rules and rule groups
|
8654
|
+
# that you define for the web ACL are prioritized before these.
|
8655
|
+
#
|
8656
|
+
# In the Firewall Manager WAF policy, the Firewall Manager
|
8657
|
+
# administrator can define a set of rule groups to run first in the
|
8658
|
+
# web ACL and a set of rule groups to run last. Within each set, the
|
8659
|
+
# administrator prioritizes the rule groups, to determine their
|
8660
|
+
# relative processing order.
|
8661
|
+
# @return [Array<Types::FirewallManagerRuleGroup>]
|
8662
|
+
#
|
8663
|
+
# @!attribute [rw] managed_by_firewall_manager
|
8664
|
+
# Indicates whether this web ACL is managed by AWS Firewall Manager.
|
8665
|
+
# If true, then only AWS Firewall Manager can delete the web ACL or
|
8666
|
+
# any Firewall Manager rule groups in the web ACL.
|
8667
|
+
# @return [Boolean]
|
8668
|
+
#
|
8154
8669
|
# @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/WebACL AWS API Documentation
|
8155
8670
|
#
|
8156
8671
|
class WebACL < Struct.new(
|
@@ -8161,7 +8676,11 @@ module Aws::WAFV2
|
|
8161
8676
|
:description,
|
8162
8677
|
:rules,
|
8163
8678
|
:visibility_config,
|
8164
|
-
:capacity
|
8679
|
+
:capacity,
|
8680
|
+
:pre_process_firewall_manager_rule_groups,
|
8681
|
+
:post_process_firewall_manager_rule_groups,
|
8682
|
+
:managed_by_firewall_manager)
|
8683
|
+
SENSITIVE = []
|
8165
8684
|
include Aws::Structure
|
8166
8685
|
end
|
8167
8686
|
|
@@ -8182,8 +8701,8 @@ module Aws::WAFV2
|
|
8182
8701
|
# [1]: https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html
|
8183
8702
|
#
|
8184
8703
|
# @!attribute [rw] name
|
8185
|
-
#
|
8186
|
-
#
|
8704
|
+
# The name of the Web ACL. You cannot change the name of a Web ACL
|
8705
|
+
# after you create it.
|
8187
8706
|
# @return [String]
|
8188
8707
|
#
|
8189
8708
|
# @!attribute [rw] id
|
@@ -8193,8 +8712,8 @@ module Aws::WAFV2
|
|
8193
8712
|
# @return [String]
|
8194
8713
|
#
|
8195
8714
|
# @!attribute [rw] description
|
8196
|
-
# A
|
8197
|
-
# description of a Web ACL after you create it.
|
8715
|
+
# A description of the Web ACL that helps with identification. You
|
8716
|
+
# cannot change the description of a Web ACL after you create it.
|
8198
8717
|
# @return [String]
|
8199
8718
|
#
|
8200
8719
|
# @!attribute [rw] lock_token
|
@@ -8221,6 +8740,7 @@ module Aws::WAFV2
|
|
8221
8740
|
:description,
|
8222
8741
|
:lock_token,
|
8223
8742
|
:arn)
|
8743
|
+
SENSITIVE = []
|
8224
8744
|
include Aws::Structure
|
8225
8745
|
end
|
8226
8746
|
|
@@ -8283,9 +8803,9 @@ module Aws::WAFV2
|
|
8283
8803
|
# Text transformations eliminate some of the unusual formatting that
|
8284
8804
|
# attackers use in web requests in an effort to bypass detection. If
|
8285
8805
|
# you specify one or more transformations in a rule statement, AWS WAF
|
8286
|
-
# performs all transformations on the content
|
8287
|
-
# `FieldToMatch`, starting from the lowest priority
|
8288
|
-
# inspecting the content for a match.
|
8806
|
+
# performs all transformations on the content of the request component
|
8807
|
+
# identified by `FieldToMatch`, starting from the lowest priority
|
8808
|
+
# setting, before inspecting the content for a match.
|
8289
8809
|
# @return [Array<Types::TextTransformation>]
|
8290
8810
|
#
|
8291
8811
|
# @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/XssMatchStatement AWS API Documentation
|
@@ -8293,6 +8813,7 @@ module Aws::WAFV2
|
|
8293
8813
|
class XssMatchStatement < Struct.new(
|
8294
8814
|
:field_to_match,
|
8295
8815
|
:text_transformations)
|
8816
|
+
SENSITIVE = []
|
8296
8817
|
include Aws::Structure
|
8297
8818
|
end
|
8298
8819
|
|