aws-sdk-wafv2 1.23.0 → 1.27.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG.md +20 -0
- data/VERSION +1 -1
- data/lib/aws-sdk-wafv2/client.rb +795 -81
- data/lib/aws-sdk-wafv2/client_api.rb +196 -0
- data/lib/aws-sdk-wafv2/errors.rb +16 -0
- data/lib/aws-sdk-wafv2/types.rb +1802 -250
- data/lib/aws-sdk-wafv2.rb +1 -1
- metadata +5 -5
data/lib/aws-sdk-wafv2/types.rb
CHANGED
@@ -39,6 +39,8 @@ module Aws::WAFV2
|
|
39
39
|
# This is used only to indicate the web request component for WAF to
|
40
40
|
# inspect, in the FieldToMatch specification.
|
41
41
|
#
|
42
|
+
# JSON specification: `"All": \{\}`
|
43
|
+
#
|
42
44
|
# @api private
|
43
45
|
#
|
44
46
|
# @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/All AWS API Documentation
|
@@ -50,6 +52,8 @@ module Aws::WAFV2
|
|
50
52
|
# This is used only to indicate the web request component for WAF to
|
51
53
|
# inspect, in the FieldToMatch specification.
|
52
54
|
#
|
55
|
+
# JSON specification: `"AllQueryArguments": \{\}`
|
56
|
+
#
|
53
57
|
# @api private
|
54
58
|
#
|
55
59
|
# @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/AllQueryArguments AWS API Documentation
|
@@ -339,6 +343,7 @@ module Aws::WAFV2
|
|
339
343
|
# managed_rule_group_statement: {
|
340
344
|
# vendor_name: "VendorName", # required
|
341
345
|
# name: "EntityName", # required
|
346
|
+
# version: "VersionKeyString",
|
342
347
|
# excluded_rules: [
|
343
348
|
# {
|
344
349
|
# name: "EntityName", # required
|
@@ -352,6 +357,42 @@ module Aws::WAFV2
|
|
352
357
|
# scope: "LABEL", # required, accepts LABEL, NAMESPACE
|
353
358
|
# key: "LabelMatchKey", # required
|
354
359
|
# },
|
360
|
+
# regex_match_statement: {
|
361
|
+
# regex_string: "RegexPatternString", # required
|
362
|
+
# field_to_match: { # required
|
363
|
+
# single_header: {
|
364
|
+
# name: "FieldToMatchData", # required
|
365
|
+
# },
|
366
|
+
# single_query_argument: {
|
367
|
+
# name: "FieldToMatchData", # required
|
368
|
+
# },
|
369
|
+
# all_query_arguments: {
|
370
|
+
# },
|
371
|
+
# uri_path: {
|
372
|
+
# },
|
373
|
+
# query_string: {
|
374
|
+
# },
|
375
|
+
# body: {
|
376
|
+
# },
|
377
|
+
# method: {
|
378
|
+
# },
|
379
|
+
# json_body: {
|
380
|
+
# match_pattern: { # required
|
381
|
+
# all: {
|
382
|
+
# },
|
383
|
+
# included_paths: ["JsonPointerPath"],
|
384
|
+
# },
|
385
|
+
# match_scope: "ALL", # required, accepts ALL, KEY, VALUE
|
386
|
+
# invalid_fallback_behavior: "MATCH", # accepts MATCH, NO_MATCH, EVALUATE_AS_STRING
|
387
|
+
# },
|
388
|
+
# },
|
389
|
+
# text_transformations: [ # required
|
390
|
+
# {
|
391
|
+
# priority: 1, # required
|
392
|
+
# type: "NONE", # required, accepts NONE, COMPRESS_WHITE_SPACE, HTML_ENTITY_DECODE, LOWERCASE, CMD_LINE, URL_DECODE, BASE64_DECODE, HEX_DECODE, MD5, REPLACE_COMMENTS, ESCAPE_SEQ_DECODE, SQL_HEX_DECODE, CSS_DECODE, JS_DECODE, NORMALIZE_PATH, NORMALIZE_PATH_WIN, REMOVE_NULLS, REPLACE_NULLS, BASE64_DECODE_EXT, URL_DECODE_UNI, UTF8_TO_UNICODE
|
393
|
+
# },
|
394
|
+
# ],
|
395
|
+
# },
|
355
396
|
# },
|
356
397
|
# ],
|
357
398
|
# }
|
@@ -461,6 +502,8 @@ module Aws::WAFV2
|
|
461
502
|
# This is used only to indicate the web request component for WAF to
|
462
503
|
# inspect, in the FieldToMatch specification.
|
463
504
|
#
|
505
|
+
# JSON specification: `"Body": \{\}`
|
506
|
+
#
|
464
507
|
# @api private
|
465
508
|
#
|
466
509
|
# @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/Body AWS API Documentation
|
@@ -863,6 +906,7 @@ module Aws::WAFV2
|
|
863
906
|
# managed_rule_group_statement: {
|
864
907
|
# vendor_name: "VendorName", # required
|
865
908
|
# name: "EntityName", # required
|
909
|
+
# version: "VersionKeyString",
|
866
910
|
# excluded_rules: [
|
867
911
|
# {
|
868
912
|
# name: "EntityName", # required
|
@@ -876,6 +920,42 @@ module Aws::WAFV2
|
|
876
920
|
# scope: "LABEL", # required, accepts LABEL, NAMESPACE
|
877
921
|
# key: "LabelMatchKey", # required
|
878
922
|
# },
|
923
|
+
# regex_match_statement: {
|
924
|
+
# regex_string: "RegexPatternString", # required
|
925
|
+
# field_to_match: { # required
|
926
|
+
# single_header: {
|
927
|
+
# name: "FieldToMatchData", # required
|
928
|
+
# },
|
929
|
+
# single_query_argument: {
|
930
|
+
# name: "FieldToMatchData", # required
|
931
|
+
# },
|
932
|
+
# all_query_arguments: {
|
933
|
+
# },
|
934
|
+
# uri_path: {
|
935
|
+
# },
|
936
|
+
# query_string: {
|
937
|
+
# },
|
938
|
+
# body: {
|
939
|
+
# },
|
940
|
+
# method: {
|
941
|
+
# },
|
942
|
+
# json_body: {
|
943
|
+
# match_pattern: { # required
|
944
|
+
# all: {
|
945
|
+
# },
|
946
|
+
# included_paths: ["JsonPointerPath"],
|
947
|
+
# },
|
948
|
+
# match_scope: "ALL", # required, accepts ALL, KEY, VALUE
|
949
|
+
# invalid_fallback_behavior: "MATCH", # accepts MATCH, NO_MATCH, EVALUATE_AS_STRING
|
950
|
+
# },
|
951
|
+
# },
|
952
|
+
# text_transformations: [ # required
|
953
|
+
# {
|
954
|
+
# priority: 1, # required
|
955
|
+
# type: "NONE", # required, accepts NONE, COMPRESS_WHITE_SPACE, HTML_ENTITY_DECODE, LOWERCASE, CMD_LINE, URL_DECODE, BASE64_DECODE, HEX_DECODE, MD5, REPLACE_COMMENTS, ESCAPE_SEQ_DECODE, SQL_HEX_DECODE, CSS_DECODE, JS_DECODE, NORMALIZE_PATH, NORMALIZE_PATH_WIN, REMOVE_NULLS, REPLACE_NULLS, BASE64_DECODE_EXT, URL_DECODE_UNI, UTF8_TO_UNICODE
|
956
|
+
# },
|
957
|
+
# ],
|
958
|
+
# },
|
879
959
|
# },
|
880
960
|
# action: {
|
881
961
|
# block: {
|
@@ -1094,7 +1174,7 @@ module Aws::WAFV2
|
|
1094
1174
|
# @return [String]
|
1095
1175
|
#
|
1096
1176
|
# @!attribute [rw] ip_address_version
|
1097
|
-
#
|
1177
|
+
# The version of the IP addresses, either `IPV4` or `IPV6`.
|
1098
1178
|
# @return [String]
|
1099
1179
|
#
|
1100
1180
|
# @!attribute [rw] addresses
|
@@ -1492,6 +1572,7 @@ module Aws::WAFV2
|
|
1492
1572
|
# managed_rule_group_statement: {
|
1493
1573
|
# vendor_name: "VendorName", # required
|
1494
1574
|
# name: "EntityName", # required
|
1575
|
+
# version: "VersionKeyString",
|
1495
1576
|
# excluded_rules: [
|
1496
1577
|
# {
|
1497
1578
|
# name: "EntityName", # required
|
@@ -1505,6 +1586,42 @@ module Aws::WAFV2
|
|
1505
1586
|
# scope: "LABEL", # required, accepts LABEL, NAMESPACE
|
1506
1587
|
# key: "LabelMatchKey", # required
|
1507
1588
|
# },
|
1589
|
+
# regex_match_statement: {
|
1590
|
+
# regex_string: "RegexPatternString", # required
|
1591
|
+
# field_to_match: { # required
|
1592
|
+
# single_header: {
|
1593
|
+
# name: "FieldToMatchData", # required
|
1594
|
+
# },
|
1595
|
+
# single_query_argument: {
|
1596
|
+
# name: "FieldToMatchData", # required
|
1597
|
+
# },
|
1598
|
+
# all_query_arguments: {
|
1599
|
+
# },
|
1600
|
+
# uri_path: {
|
1601
|
+
# },
|
1602
|
+
# query_string: {
|
1603
|
+
# },
|
1604
|
+
# body: {
|
1605
|
+
# },
|
1606
|
+
# method: {
|
1607
|
+
# },
|
1608
|
+
# json_body: {
|
1609
|
+
# match_pattern: { # required
|
1610
|
+
# all: {
|
1611
|
+
# },
|
1612
|
+
# included_paths: ["JsonPointerPath"],
|
1613
|
+
# },
|
1614
|
+
# match_scope: "ALL", # required, accepts ALL, KEY, VALUE
|
1615
|
+
# invalid_fallback_behavior: "MATCH", # accepts MATCH, NO_MATCH, EVALUATE_AS_STRING
|
1616
|
+
# },
|
1617
|
+
# },
|
1618
|
+
# text_transformations: [ # required
|
1619
|
+
# {
|
1620
|
+
# priority: 1, # required
|
1621
|
+
# type: "NONE", # required, accepts NONE, COMPRESS_WHITE_SPACE, HTML_ENTITY_DECODE, LOWERCASE, CMD_LINE, URL_DECODE, BASE64_DECODE, HEX_DECODE, MD5, REPLACE_COMMENTS, ESCAPE_SEQ_DECODE, SQL_HEX_DECODE, CSS_DECODE, JS_DECODE, NORMALIZE_PATH, NORMALIZE_PATH_WIN, REMOVE_NULLS, REPLACE_NULLS, BASE64_DECODE_EXT, URL_DECODE_UNI, UTF8_TO_UNICODE
|
1622
|
+
# },
|
1623
|
+
# ],
|
1624
|
+
# },
|
1508
1625
|
# },
|
1509
1626
|
# action: {
|
1510
1627
|
# block: {
|
@@ -1967,6 +2084,7 @@ module Aws::WAFV2
|
|
1967
2084
|
# managed_rule_group_statement: {
|
1968
2085
|
# vendor_name: "VendorName", # required
|
1969
2086
|
# name: "EntityName", # required
|
2087
|
+
# version: "VersionKeyString",
|
1970
2088
|
# excluded_rules: [
|
1971
2089
|
# {
|
1972
2090
|
# name: "EntityName", # required
|
@@ -1980,6 +2098,42 @@ module Aws::WAFV2
|
|
1980
2098
|
# scope: "LABEL", # required, accepts LABEL, NAMESPACE
|
1981
2099
|
# key: "LabelMatchKey", # required
|
1982
2100
|
# },
|
2101
|
+
# regex_match_statement: {
|
2102
|
+
# regex_string: "RegexPatternString", # required
|
2103
|
+
# field_to_match: { # required
|
2104
|
+
# single_header: {
|
2105
|
+
# name: "FieldToMatchData", # required
|
2106
|
+
# },
|
2107
|
+
# single_query_argument: {
|
2108
|
+
# name: "FieldToMatchData", # required
|
2109
|
+
# },
|
2110
|
+
# all_query_arguments: {
|
2111
|
+
# },
|
2112
|
+
# uri_path: {
|
2113
|
+
# },
|
2114
|
+
# query_string: {
|
2115
|
+
# },
|
2116
|
+
# body: {
|
2117
|
+
# },
|
2118
|
+
# method: {
|
2119
|
+
# },
|
2120
|
+
# json_body: {
|
2121
|
+
# match_pattern: { # required
|
2122
|
+
# all: {
|
2123
|
+
# },
|
2124
|
+
# included_paths: ["JsonPointerPath"],
|
2125
|
+
# },
|
2126
|
+
# match_scope: "ALL", # required, accepts ALL, KEY, VALUE
|
2127
|
+
# invalid_fallback_behavior: "MATCH", # accepts MATCH, NO_MATCH, EVALUATE_AS_STRING
|
2128
|
+
# },
|
2129
|
+
# },
|
2130
|
+
# text_transformations: [ # required
|
2131
|
+
# {
|
2132
|
+
# priority: 1, # required
|
2133
|
+
# type: "NONE", # required, accepts NONE, COMPRESS_WHITE_SPACE, HTML_ENTITY_DECODE, LOWERCASE, CMD_LINE, URL_DECODE, BASE64_DECODE, HEX_DECODE, MD5, REPLACE_COMMENTS, ESCAPE_SEQ_DECODE, SQL_HEX_DECODE, CSS_DECODE, JS_DECODE, NORMALIZE_PATH, NORMALIZE_PATH_WIN, REMOVE_NULLS, REPLACE_NULLS, BASE64_DECODE_EXT, URL_DECODE_UNI, UTF8_TO_UNICODE
|
2134
|
+
# },
|
2135
|
+
# ],
|
2136
|
+
# },
|
1983
2137
|
# },
|
1984
2138
|
# action: {
|
1985
2139
|
# block: {
|
@@ -2415,15 +2569,15 @@ module Aws::WAFV2
|
|
2415
2569
|
# @return [String]
|
2416
2570
|
#
|
2417
2571
|
# @!attribute [rw] web_acl_lock_token
|
2418
|
-
# A token used for optimistic locking. WAF returns a token to your
|
2419
|
-
# and list requests, to mark the state of the entity at the
|
2420
|
-
# the request. To make changes to the entity associated with
|
2421
|
-
# token, you provide the token to operations like update and
|
2422
|
-
# WAF uses the token to ensure that no changes have been
|
2423
|
-
# entity since you last retrieved it. If a change has been
|
2424
|
-
# update fails with a `WAFOptimisticLockException`. If this
|
2425
|
-
# perform another get
|
2426
|
-
# operation.
|
2572
|
+
# A token used for optimistic locking. WAF returns a token to your
|
2573
|
+
# `get` and `list` requests, to mark the state of the entity at the
|
2574
|
+
# time of the request. To make changes to the entity associated with
|
2575
|
+
# the token, you provide the token to operations like `update` and
|
2576
|
+
# `delete`. WAF uses the token to ensure that no changes have been
|
2577
|
+
# made to the entity since you last retrieved it. If a change has been
|
2578
|
+
# made, the update fails with a `WAFOptimisticLockException`. If this
|
2579
|
+
# happens, perform another `get`, and use the new token returned by
|
2580
|
+
# that operation.
|
2427
2581
|
# @return [String]
|
2428
2582
|
#
|
2429
2583
|
# @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/DeleteFirewallManagerRuleGroupsRequest AWS API Documentation
|
@@ -2436,15 +2590,15 @@ module Aws::WAFV2
|
|
2436
2590
|
end
|
2437
2591
|
|
2438
2592
|
# @!attribute [rw] next_web_acl_lock_token
|
2439
|
-
# A token used for optimistic locking. WAF returns a token to your
|
2440
|
-
# and list requests, to mark the state of the entity at the
|
2441
|
-
# the request. To make changes to the entity associated with
|
2442
|
-
# token, you provide the token to operations like update and
|
2443
|
-
# WAF uses the token to ensure that no changes have been
|
2444
|
-
# entity since you last retrieved it. If a change has been
|
2445
|
-
# update fails with a `WAFOptimisticLockException`. If this
|
2446
|
-
# perform another get
|
2447
|
-
# operation.
|
2593
|
+
# A token used for optimistic locking. WAF returns a token to your
|
2594
|
+
# `get` and `list` requests, to mark the state of the entity at the
|
2595
|
+
# time of the request. To make changes to the entity associated with
|
2596
|
+
# the token, you provide the token to operations like `update` and
|
2597
|
+
# `delete`. WAF uses the token to ensure that no changes have been
|
2598
|
+
# made to the entity since you last retrieved it. If a change has been
|
2599
|
+
# made, the update fails with a `WAFOptimisticLockException`. If this
|
2600
|
+
# happens, perform another `get`, and use the new token returned by
|
2601
|
+
# that operation.
|
2448
2602
|
# @return [String]
|
2449
2603
|
#
|
2450
2604
|
# @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/DeleteFirewallManagerRuleGroupsResponse AWS API Documentation
|
@@ -2492,15 +2646,15 @@ module Aws::WAFV2
|
|
2492
2646
|
# @return [String]
|
2493
2647
|
#
|
2494
2648
|
# @!attribute [rw] lock_token
|
2495
|
-
# A token used for optimistic locking. WAF returns a token to your
|
2496
|
-
# and list requests, to mark the state of the entity at the
|
2497
|
-
# the request. To make changes to the entity associated with
|
2498
|
-
# token, you provide the token to operations like update and
|
2499
|
-
# WAF uses the token to ensure that no changes have been
|
2500
|
-
# entity since you last retrieved it. If a change has been
|
2501
|
-
# update fails with a `WAFOptimisticLockException`. If this
|
2502
|
-
# perform another get
|
2503
|
-
# operation.
|
2649
|
+
# A token used for optimistic locking. WAF returns a token to your
|
2650
|
+
# `get` and `list` requests, to mark the state of the entity at the
|
2651
|
+
# time of the request. To make changes to the entity associated with
|
2652
|
+
# the token, you provide the token to operations like `update` and
|
2653
|
+
# `delete`. WAF uses the token to ensure that no changes have been
|
2654
|
+
# made to the entity since you last retrieved it. If a change has been
|
2655
|
+
# made, the update fails with a `WAFOptimisticLockException`. If this
|
2656
|
+
# happens, perform another `get`, and use the new token returned by
|
2657
|
+
# that operation.
|
2504
2658
|
# @return [String]
|
2505
2659
|
#
|
2506
2660
|
# @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/DeleteIPSetRequest AWS API Documentation
|
@@ -2605,15 +2759,15 @@ module Aws::WAFV2
|
|
2605
2759
|
# @return [String]
|
2606
2760
|
#
|
2607
2761
|
# @!attribute [rw] lock_token
|
2608
|
-
# A token used for optimistic locking. WAF returns a token to your
|
2609
|
-
# and list requests, to mark the state of the entity at the
|
2610
|
-
# the request. To make changes to the entity associated with
|
2611
|
-
# token, you provide the token to operations like update and
|
2612
|
-
# WAF uses the token to ensure that no changes have been
|
2613
|
-
# entity since you last retrieved it. If a change has been
|
2614
|
-
# update fails with a `WAFOptimisticLockException`. If this
|
2615
|
-
# perform another get
|
2616
|
-
# operation.
|
2762
|
+
# A token used for optimistic locking. WAF returns a token to your
|
2763
|
+
# `get` and `list` requests, to mark the state of the entity at the
|
2764
|
+
# time of the request. To make changes to the entity associated with
|
2765
|
+
# the token, you provide the token to operations like `update` and
|
2766
|
+
# `delete`. WAF uses the token to ensure that no changes have been
|
2767
|
+
# made to the entity since you last retrieved it. If a change has been
|
2768
|
+
# made, the update fails with a `WAFOptimisticLockException`. If this
|
2769
|
+
# happens, perform another `get`, and use the new token returned by
|
2770
|
+
# that operation.
|
2617
2771
|
# @return [String]
|
2618
2772
|
#
|
2619
2773
|
# @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/DeleteRegexPatternSetRequest AWS API Documentation
|
@@ -2668,15 +2822,15 @@ module Aws::WAFV2
|
|
2668
2822
|
# @return [String]
|
2669
2823
|
#
|
2670
2824
|
# @!attribute [rw] lock_token
|
2671
|
-
# A token used for optimistic locking. WAF returns a token to your
|
2672
|
-
# and list requests, to mark the state of the entity at the
|
2673
|
-
# the request. To make changes to the entity associated with
|
2674
|
-
# token, you provide the token to operations like update and
|
2675
|
-
# WAF uses the token to ensure that no changes have been
|
2676
|
-
# entity since you last retrieved it. If a change has been
|
2677
|
-
# update fails with a `WAFOptimisticLockException`. If this
|
2678
|
-
# perform another get
|
2679
|
-
# operation.
|
2825
|
+
# A token used for optimistic locking. WAF returns a token to your
|
2826
|
+
# `get` and `list` requests, to mark the state of the entity at the
|
2827
|
+
# time of the request. To make changes to the entity associated with
|
2828
|
+
# the token, you provide the token to operations like `update` and
|
2829
|
+
# `delete`. WAF uses the token to ensure that no changes have been
|
2830
|
+
# made to the entity since you last retrieved it. If a change has been
|
2831
|
+
# made, the update fails with a `WAFOptimisticLockException`. If this
|
2832
|
+
# happens, perform another `get`, and use the new token returned by
|
2833
|
+
# that operation.
|
2680
2834
|
# @return [String]
|
2681
2835
|
#
|
2682
2836
|
# @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/DeleteRuleGroupRequest AWS API Documentation
|
@@ -2731,15 +2885,15 @@ module Aws::WAFV2
|
|
2731
2885
|
# @return [String]
|
2732
2886
|
#
|
2733
2887
|
# @!attribute [rw] lock_token
|
2734
|
-
# A token used for optimistic locking. WAF returns a token to your
|
2735
|
-
# and list requests, to mark the state of the entity at the
|
2736
|
-
# the request. To make changes to the entity associated with
|
2737
|
-
# token, you provide the token to operations like update and
|
2738
|
-
# WAF uses the token to ensure that no changes have been
|
2739
|
-
# entity since you last retrieved it. If a change has been
|
2740
|
-
# update fails with a `WAFOptimisticLockException`. If this
|
2741
|
-
# perform another get
|
2742
|
-
# operation.
|
2888
|
+
# A token used for optimistic locking. WAF returns a token to your
|
2889
|
+
# `get` and `list` requests, to mark the state of the entity at the
|
2890
|
+
# time of the request. To make changes to the entity associated with
|
2891
|
+
# the token, you provide the token to operations like `update` and
|
2892
|
+
# `delete`. WAF uses the token to ensure that no changes have been
|
2893
|
+
# made to the entity since you last retrieved it. If a change has been
|
2894
|
+
# made, the update fails with a `WAFOptimisticLockException`. If this
|
2895
|
+
# happens, perform another `get`, and use the new token returned by
|
2896
|
+
# that operation.
|
2743
2897
|
# @return [String]
|
2744
2898
|
#
|
2745
2899
|
# @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/DeleteWebACLRequest AWS API Documentation
|
@@ -2764,6 +2918,7 @@ module Aws::WAFV2
|
|
2764
2918
|
# vendor_name: "VendorName", # required
|
2765
2919
|
# name: "EntityName", # required
|
2766
2920
|
# scope: "CLOUDFRONT", # required, accepts CLOUDFRONT, REGIONAL
|
2921
|
+
# version_name: "VersionKeyString",
|
2767
2922
|
# }
|
2768
2923
|
#
|
2769
2924
|
# @!attribute [rw] vendor_name
|
@@ -2791,16 +2946,40 @@ module Aws::WAFV2
|
|
2791
2946
|
# * API and SDKs - For all calls, use the Region endpoint us-east-1.
|
2792
2947
|
# @return [String]
|
2793
2948
|
#
|
2949
|
+
# @!attribute [rw] version_name
|
2950
|
+
# The version of the rule group. You can only use a version that is
|
2951
|
+
# not scheduled for expiration. If you don't provide this, WAF uses
|
2952
|
+
# the vendor's default version.
|
2953
|
+
# @return [String]
|
2954
|
+
#
|
2794
2955
|
# @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/DescribeManagedRuleGroupRequest AWS API Documentation
|
2795
2956
|
#
|
2796
2957
|
class DescribeManagedRuleGroupRequest < Struct.new(
|
2797
2958
|
:vendor_name,
|
2798
2959
|
:name,
|
2799
|
-
:scope
|
2960
|
+
:scope,
|
2961
|
+
:version_name)
|
2800
2962
|
SENSITIVE = []
|
2801
2963
|
include Aws::Structure
|
2802
2964
|
end
|
2803
2965
|
|
2966
|
+
# @!attribute [rw] version_name
|
2967
|
+
# The managed rule group's version.
|
2968
|
+
# @return [String]
|
2969
|
+
#
|
2970
|
+
# @!attribute [rw] sns_topic_arn
|
2971
|
+
# The Amazon resource name (ARN) of the Amazon Simple Notification
|
2972
|
+
# Service SNS topic that's used to record changes to the managed rule
|
2973
|
+
# group. You can subscribe to the SNS topic to receive notifications
|
2974
|
+
# when the managed rule group is modified, such as for new versions
|
2975
|
+
# and for version expiration. For more information, see the [Amazon
|
2976
|
+
# Simple Notification Service Developer Guide][1].
|
2977
|
+
#
|
2978
|
+
#
|
2979
|
+
#
|
2980
|
+
# [1]: https://docs.aws.amazon.com/sns/latest/dg/welcome.html
|
2981
|
+
# @return [String]
|
2982
|
+
#
|
2804
2983
|
# @!attribute [rw] capacity
|
2805
2984
|
# The web ACL capacity units (WCUs) required for this rule group. WAF
|
2806
2985
|
# uses web ACL capacity units (WCU) to calculate and control the
|
@@ -2847,6 +3026,8 @@ module Aws::WAFV2
|
|
2847
3026
|
# @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/DescribeManagedRuleGroupResponse AWS API Documentation
|
2848
3027
|
#
|
2849
3028
|
class DescribeManagedRuleGroupResponse < Struct.new(
|
3029
|
+
:version_name,
|
3030
|
+
:sns_topic_arn,
|
2850
3031
|
:capacity,
|
2851
3032
|
:rules,
|
2852
3033
|
:label_namespace,
|
@@ -2923,6 +3104,14 @@ module Aws::WAFV2
|
|
2923
3104
|
# requires it. To inspect more than one component of a web request,
|
2924
3105
|
# create a separate rule statement for each component.
|
2925
3106
|
#
|
3107
|
+
# JSON specification for a `QueryString` field to match:
|
3108
|
+
#
|
3109
|
+
# ` "FieldToMatch": \{ "QueryString": \{\} \}`
|
3110
|
+
#
|
3111
|
+
# Example JSON for a `Method` field to match specification:
|
3112
|
+
#
|
3113
|
+
# ` "FieldToMatch": \{ "Method": \{ "Name": "DELETE" \} \}`
|
3114
|
+
#
|
2926
3115
|
# @note When making an API call, you may pass FieldToMatch
|
2927
3116
|
# data as a hash:
|
2928
3117
|
#
|
@@ -3164,8 +3353,8 @@ module Aws::WAFV2
|
|
3164
3353
|
# provide the ARN of the rule group in this statement.
|
3165
3354
|
#
|
3166
3355
|
# You cannot nest a `RuleGroupReferenceStatement`, for example for use
|
3167
|
-
# inside a `NotStatement` or `OrStatement`.
|
3168
|
-
#
|
3356
|
+
# inside a `NotStatement` or `OrStatement`. You can only use a rule
|
3357
|
+
# group reference statement at the top level inside a web ACL.
|
3169
3358
|
# @return [Types::RuleGroupReferenceStatement]
|
3170
3359
|
#
|
3171
3360
|
# @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/FirewallManagerStatement AWS API Documentation
|
@@ -3330,15 +3519,15 @@ module Aws::WAFV2
|
|
3330
3519
|
# @return [Types::IPSet]
|
3331
3520
|
#
|
3332
3521
|
# @!attribute [rw] lock_token
|
3333
|
-
# A token used for optimistic locking. WAF returns a token to your
|
3334
|
-
# and list requests, to mark the state of the entity at the
|
3335
|
-
# the request. To make changes to the entity associated with
|
3336
|
-
# token, you provide the token to operations like update and
|
3337
|
-
# WAF uses the token to ensure that no changes have been
|
3338
|
-
# entity since you last retrieved it. If a change has been
|
3339
|
-
# update fails with a `WAFOptimisticLockException`. If this
|
3340
|
-
# perform another get
|
3341
|
-
# operation.
|
3522
|
+
# A token used for optimistic locking. WAF returns a token to your
|
3523
|
+
# `get` and `list` requests, to mark the state of the entity at the
|
3524
|
+
# time of the request. To make changes to the entity associated with
|
3525
|
+
# the token, you provide the token to operations like `update` and
|
3526
|
+
# `delete`. WAF uses the token to ensure that no changes have been
|
3527
|
+
# made to the entity since you last retrieved it. If a change has been
|
3528
|
+
# made, the update fails with a `WAFOptimisticLockException`. If this
|
3529
|
+
# happens, perform another `get`, and use the new token returned by
|
3530
|
+
# that operation.
|
3342
3531
|
# @return [String]
|
3343
3532
|
#
|
3344
3533
|
# @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/GetIPSetResponse AWS API Documentation
|
@@ -3382,6 +3571,79 @@ module Aws::WAFV2
|
|
3382
3571
|
include Aws::Structure
|
3383
3572
|
end
|
3384
3573
|
|
3574
|
+
# @note When making an API call, you may pass GetManagedRuleSetRequest
|
3575
|
+
# data as a hash:
|
3576
|
+
#
|
3577
|
+
# {
|
3578
|
+
# name: "EntityName", # required
|
3579
|
+
# scope: "CLOUDFRONT", # required, accepts CLOUDFRONT, REGIONAL
|
3580
|
+
# id: "EntityId", # required
|
3581
|
+
# }
|
3582
|
+
#
|
3583
|
+
# @!attribute [rw] name
|
3584
|
+
# The name of the managed rule set. You use this, along with the rule
|
3585
|
+
# set ID, to identify the rule set.
|
3586
|
+
#
|
3587
|
+
# This name is assigned to the corresponding managed rule group, which
|
3588
|
+
# your customers can access and use.
|
3589
|
+
# @return [String]
|
3590
|
+
#
|
3591
|
+
# @!attribute [rw] scope
|
3592
|
+
# Specifies whether this is for an Amazon CloudFront distribution or
|
3593
|
+
# for a regional application. A regional application can be an
|
3594
|
+
# Application Load Balancer (ALB), an Amazon API Gateway REST API, or
|
3595
|
+
# an AppSync GraphQL API.
|
3596
|
+
#
|
3597
|
+
# To work with CloudFront, you must also specify the Region US East
|
3598
|
+
# (N. Virginia) as follows:
|
3599
|
+
#
|
3600
|
+
# * CLI - Specify the Region when you use the CloudFront scope:
|
3601
|
+
# `--scope=CLOUDFRONT --region=us-east-1`.
|
3602
|
+
#
|
3603
|
+
# * API and SDKs - For all calls, use the Region endpoint us-east-1.
|
3604
|
+
# @return [String]
|
3605
|
+
#
|
3606
|
+
# @!attribute [rw] id
|
3607
|
+
# A unique identifier for the managed rule set. The ID is returned in
|
3608
|
+
# the responses to commands like `list`. You provide it to operations
|
3609
|
+
# like `get` and `update`.
|
3610
|
+
# @return [String]
|
3611
|
+
#
|
3612
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/GetManagedRuleSetRequest AWS API Documentation
|
3613
|
+
#
|
3614
|
+
class GetManagedRuleSetRequest < Struct.new(
|
3615
|
+
:name,
|
3616
|
+
:scope,
|
3617
|
+
:id)
|
3618
|
+
SENSITIVE = []
|
3619
|
+
include Aws::Structure
|
3620
|
+
end
|
3621
|
+
|
3622
|
+
# @!attribute [rw] managed_rule_set
|
3623
|
+
# The managed rule set that you requested.
|
3624
|
+
# @return [Types::ManagedRuleSet]
|
3625
|
+
#
|
3626
|
+
# @!attribute [rw] lock_token
|
3627
|
+
# A token used for optimistic locking. WAF returns a token to your
|
3628
|
+
# `get` and `list` requests, to mark the state of the entity at the
|
3629
|
+
# time of the request. To make changes to the entity associated with
|
3630
|
+
# the token, you provide the token to operations like `update` and
|
3631
|
+
# `delete`. WAF uses the token to ensure that no changes have been
|
3632
|
+
# made to the entity since you last retrieved it. If a change has been
|
3633
|
+
# made, the update fails with a `WAFOptimisticLockException`. If this
|
3634
|
+
# happens, perform another `get`, and use the new token returned by
|
3635
|
+
# that operation.
|
3636
|
+
# @return [String]
|
3637
|
+
#
|
3638
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/GetManagedRuleSetResponse AWS API Documentation
|
3639
|
+
#
|
3640
|
+
class GetManagedRuleSetResponse < Struct.new(
|
3641
|
+
:managed_rule_set,
|
3642
|
+
:lock_token)
|
3643
|
+
SENSITIVE = []
|
3644
|
+
include Aws::Structure
|
3645
|
+
end
|
3646
|
+
|
3385
3647
|
# @note When making an API call, you may pass GetPermissionPolicyRequest
|
3386
3648
|
# data as a hash:
|
3387
3649
|
#
|
@@ -3421,6 +3683,7 @@ module Aws::WAFV2
|
|
3421
3683
|
# scope: "CLOUDFRONT", # required, accepts CLOUDFRONT, REGIONAL
|
3422
3684
|
# web_acl_name: "EntityName", # required
|
3423
3685
|
# web_acl_id: "EntityId", # required
|
3686
|
+
# rule_group_rule_name: "EntityName",
|
3424
3687
|
# rule_name: "EntityName", # required
|
3425
3688
|
# }
|
3426
3689
|
#
|
@@ -3450,8 +3713,17 @@ module Aws::WAFV2
|
|
3450
3713
|
# like update and delete.
|
3451
3714
|
# @return [String]
|
3452
3715
|
#
|
3716
|
+
# @!attribute [rw] rule_group_rule_name
|
3717
|
+
# The name of the rule group reference statement in your web ACL. This
|
3718
|
+
# is required only when you have the rate-based rule nested inside a
|
3719
|
+
# rule group.
|
3720
|
+
# @return [String]
|
3721
|
+
#
|
3453
3722
|
# @!attribute [rw] rule_name
|
3454
|
-
# The name of the rate-based rule to get the keys for.
|
3723
|
+
# The name of the rate-based rule to get the keys for. If you have the
|
3724
|
+
# rule defined inside a rule group that you're using in your web ACL,
|
3725
|
+
# also provide the name of the rule group reference statement in the
|
3726
|
+
# request parameter `RuleGroupRuleName`.
|
3455
3727
|
# @return [String]
|
3456
3728
|
#
|
3457
3729
|
# @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/GetRateBasedStatementManagedKeysRequest AWS API Documentation
|
@@ -3460,6 +3732,7 @@ module Aws::WAFV2
|
|
3460
3732
|
:scope,
|
3461
3733
|
:web_acl_name,
|
3462
3734
|
:web_acl_id,
|
3735
|
+
:rule_group_rule_name,
|
3463
3736
|
:rule_name)
|
3464
3737
|
SENSITIVE = []
|
3465
3738
|
include Aws::Structure
|
@@ -3531,15 +3804,15 @@ module Aws::WAFV2
|
|
3531
3804
|
# @return [Types::RegexPatternSet]
|
3532
3805
|
#
|
3533
3806
|
# @!attribute [rw] lock_token
|
3534
|
-
# A token used for optimistic locking. WAF returns a token to your
|
3535
|
-
# and list requests, to mark the state of the entity at the
|
3536
|
-
# the request. To make changes to the entity associated with
|
3537
|
-
# token, you provide the token to operations like update and
|
3538
|
-
# WAF uses the token to ensure that no changes have been
|
3539
|
-
# entity since you last retrieved it. If a change has been
|
3540
|
-
# update fails with a `WAFOptimisticLockException`. If this
|
3541
|
-
# perform another get
|
3542
|
-
# operation.
|
3807
|
+
# A token used for optimistic locking. WAF returns a token to your
|
3808
|
+
# `get` and `list` requests, to mark the state of the entity at the
|
3809
|
+
# time of the request. To make changes to the entity associated with
|
3810
|
+
# the token, you provide the token to operations like `update` and
|
3811
|
+
# `delete`. WAF uses the token to ensure that no changes have been
|
3812
|
+
# made to the entity since you last retrieved it. If a change has been
|
3813
|
+
# made, the update fails with a `WAFOptimisticLockException`. If this
|
3814
|
+
# happens, perform another `get`, and use the new token returned by
|
3815
|
+
# that operation.
|
3543
3816
|
# @return [String]
|
3544
3817
|
#
|
3545
3818
|
# @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/GetRegexPatternSetResponse AWS API Documentation
|
@@ -3606,15 +3879,15 @@ module Aws::WAFV2
|
|
3606
3879
|
# @return [Types::RuleGroup]
|
3607
3880
|
#
|
3608
3881
|
# @!attribute [rw] lock_token
|
3609
|
-
# A token used for optimistic locking. WAF returns a token to your
|
3610
|
-
# and list requests, to mark the state of the entity at the
|
3611
|
-
# the request. To make changes to the entity associated with
|
3612
|
-
# token, you provide the token to operations like update and
|
3613
|
-
# WAF uses the token to ensure that no changes have been
|
3614
|
-
# entity since you last retrieved it. If a change has been
|
3615
|
-
# update fails with a `WAFOptimisticLockException`. If this
|
3616
|
-
# perform another get
|
3617
|
-
# operation.
|
3882
|
+
# A token used for optimistic locking. WAF returns a token to your
|
3883
|
+
# `get` and `list` requests, to mark the state of the entity at the
|
3884
|
+
# time of the request. To make changes to the entity associated with
|
3885
|
+
# the token, you provide the token to operations like `update` and
|
3886
|
+
# `delete`. WAF uses the token to ensure that no changes have been
|
3887
|
+
# made to the entity since you last retrieved it. If a change has been
|
3888
|
+
# made, the update fails with a `WAFOptimisticLockException`. If this
|
3889
|
+
# happens, perform another `get`, and use the new token returned by
|
3890
|
+
# that operation.
|
3618
3891
|
# @return [String]
|
3619
3892
|
#
|
3620
3893
|
# @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/GetRuleGroupResponse AWS API Documentation
|
@@ -3809,15 +4082,15 @@ module Aws::WAFV2
|
|
3809
4082
|
# @return [Types::WebACL]
|
3810
4083
|
#
|
3811
4084
|
# @!attribute [rw] lock_token
|
3812
|
-
# A token used for optimistic locking. WAF returns a token to your
|
3813
|
-
# and list requests, to mark the state of the entity at the
|
3814
|
-
# the request. To make changes to the entity associated with
|
3815
|
-
# token, you provide the token to operations like update and
|
3816
|
-
# WAF uses the token to ensure that no changes have been
|
3817
|
-
# entity since you last retrieved it. If a change has been
|
3818
|
-
# update fails with a `WAFOptimisticLockException`. If this
|
3819
|
-
# perform another get
|
3820
|
-
# operation.
|
4085
|
+
# A token used for optimistic locking. WAF returns a token to your
|
4086
|
+
# `get` and `list` requests, to mark the state of the entity at the
|
4087
|
+
# time of the request. To make changes to the entity associated with
|
4088
|
+
# the token, you provide the token to operations like `update` and
|
4089
|
+
# `delete`. WAF uses the token to ensure that no changes have been
|
4090
|
+
# made to the entity since you last retrieved it. If a change has been
|
4091
|
+
# made, the update fails with a `WAFOptimisticLockException`. If this
|
4092
|
+
# happens, perform another `get`, and use the new token returned by
|
4093
|
+
# that operation.
|
3821
4094
|
# @return [String]
|
3822
4095
|
#
|
3823
4096
|
# @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/GetWebACLResponse AWS API Documentation
|
@@ -3942,7 +4215,7 @@ module Aws::WAFV2
|
|
3942
4215
|
# @return [String]
|
3943
4216
|
#
|
3944
4217
|
# @!attribute [rw] ip_address_version
|
3945
|
-
#
|
4218
|
+
# The version of the IP addresses, either `IPV4` or `IPV6`.
|
3946
4219
|
# @return [String]
|
3947
4220
|
#
|
3948
4221
|
# @!attribute [rw] addresses
|
@@ -4143,15 +4416,15 @@ module Aws::WAFV2
|
|
4143
4416
|
# @return [String]
|
4144
4417
|
#
|
4145
4418
|
# @!attribute [rw] lock_token
|
4146
|
-
# A token used for optimistic locking. WAF returns a token to your
|
4147
|
-
# and list requests, to mark the state of the entity at the
|
4148
|
-
# the request. To make changes to the entity associated with
|
4149
|
-
# token, you provide the token to operations like update and
|
4150
|
-
# WAF uses the token to ensure that no changes have been
|
4151
|
-
# entity since you last retrieved it. If a change has been
|
4152
|
-
# update fails with a `WAFOptimisticLockException`. If this
|
4153
|
-
# perform another get
|
4154
|
-
# operation.
|
4419
|
+
# A token used for optimistic locking. WAF returns a token to your
|
4420
|
+
# `get` and `list` requests, to mark the state of the entity at the
|
4421
|
+
# time of the request. To make changes to the entity associated with
|
4422
|
+
# the token, you provide the token to operations like `update` and
|
4423
|
+
# `delete`. WAF uses the token to ensure that no changes have been
|
4424
|
+
# made to the entity since you last retrieved it. If a change has been
|
4425
|
+
# made, the update fails with a `WAFOptimisticLockException`. If this
|
4426
|
+
# happens, perform another `get`, and use the new token returned by
|
4427
|
+
# that operation.
|
4155
4428
|
# @return [String]
|
4156
4429
|
#
|
4157
4430
|
# @!attribute [rw] arn
|
@@ -4179,6 +4452,9 @@ module Aws::WAFV2
|
|
4179
4452
|
# inspects only the parts of the JSON that result from the matches that
|
4180
4453
|
# you indicate.
|
4181
4454
|
#
|
4455
|
+
# Example JSON: `"JsonBody": \{ "MatchPattern": \{ "All": \{\} \},
|
4456
|
+
# "MatchScope": "ALL" \}`
|
4457
|
+
#
|
4182
4458
|
# @note When making an API call, you may pass JsonBody
|
4183
4459
|
# data as a hash:
|
4184
4460
|
#
|
@@ -4220,9 +4496,9 @@ module Aws::WAFV2
|
|
4220
4496
|
# content only up to the first parsing failure that it encounters.
|
4221
4497
|
#
|
4222
4498
|
# WAF does its best to parse the entire JSON body, but might be forced
|
4223
|
-
# to stop for reasons such as characters
|
4224
|
-
#
|
4225
|
-
#
|
4499
|
+
# to stop for reasons such as invalid characters, duplicate keys,
|
4500
|
+
# truncation, and any content whose root node isn't an object or an
|
4501
|
+
# array.
|
4226
4502
|
#
|
4227
4503
|
# WAF parses the JSON in the following examples as two valid key,
|
4228
4504
|
# value pairs:
|
@@ -4418,15 +4694,27 @@ module Aws::WAFV2
|
|
4418
4694
|
include Aws::Structure
|
4419
4695
|
end
|
4420
4696
|
|
4421
|
-
# @note When making an API call, you may pass
|
4697
|
+
# @note When making an API call, you may pass ListAvailableManagedRuleGroupVersionsRequest
|
4422
4698
|
# data as a hash:
|
4423
4699
|
#
|
4424
4700
|
# {
|
4701
|
+
# vendor_name: "VendorName", # required
|
4702
|
+
# name: "EntityName", # required
|
4425
4703
|
# scope: "CLOUDFRONT", # required, accepts CLOUDFRONT, REGIONAL
|
4426
4704
|
# next_marker: "NextMarker",
|
4427
4705
|
# limit: 1,
|
4428
4706
|
# }
|
4429
4707
|
#
|
4708
|
+
# @!attribute [rw] vendor_name
|
4709
|
+
# The name of the managed rule group vendor. You use this, along with
|
4710
|
+
# the rule group name, to identify the rule group.
|
4711
|
+
# @return [String]
|
4712
|
+
#
|
4713
|
+
# @!attribute [rw] name
|
4714
|
+
# The name of the managed rule group. You use this, along with the
|
4715
|
+
# vendor name, to identify the rule group.
|
4716
|
+
# @return [String]
|
4717
|
+
#
|
4430
4718
|
# @!attribute [rw] scope
|
4431
4719
|
# Specifies whether this is for an Amazon CloudFront distribution or
|
4432
4720
|
# for a regional application. A regional application can be an
|
@@ -4457,9 +4745,11 @@ module Aws::WAFV2
|
|
4457
4745
|
# to get the next batch of objects.
|
4458
4746
|
# @return [Integer]
|
4459
4747
|
#
|
4460
|
-
# @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/
|
4748
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/ListAvailableManagedRuleGroupVersionsRequest AWS API Documentation
|
4461
4749
|
#
|
4462
|
-
class
|
4750
|
+
class ListAvailableManagedRuleGroupVersionsRequest < Struct.new(
|
4751
|
+
:vendor_name,
|
4752
|
+
:name,
|
4463
4753
|
:scope,
|
4464
4754
|
:next_marker,
|
4465
4755
|
:limit)
|
@@ -4475,19 +4765,21 @@ module Aws::WAFV2
|
|
4475
4765
|
# your next request.
|
4476
4766
|
# @return [String]
|
4477
4767
|
#
|
4478
|
-
# @!attribute [rw]
|
4479
|
-
#
|
4768
|
+
# @!attribute [rw] versions
|
4769
|
+
# The versions that are currently available for the specified managed
|
4770
|
+
# rule group.
|
4771
|
+
# @return [Array<Types::ManagedRuleGroupVersion>]
|
4480
4772
|
#
|
4481
|
-
# @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/
|
4773
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/ListAvailableManagedRuleGroupVersionsResponse AWS API Documentation
|
4482
4774
|
#
|
4483
|
-
class
|
4775
|
+
class ListAvailableManagedRuleGroupVersionsResponse < Struct.new(
|
4484
4776
|
:next_marker,
|
4485
|
-
:
|
4777
|
+
:versions)
|
4486
4778
|
SENSITIVE = []
|
4487
4779
|
include Aws::Structure
|
4488
4780
|
end
|
4489
4781
|
|
4490
|
-
# @note When making an API call, you may pass
|
4782
|
+
# @note When making an API call, you may pass ListAvailableManagedRuleGroupsRequest
|
4491
4783
|
# data as a hash:
|
4492
4784
|
#
|
4493
4785
|
# {
|
@@ -4526,9 +4818,9 @@ module Aws::WAFV2
|
|
4526
4818
|
# to get the next batch of objects.
|
4527
4819
|
# @return [Integer]
|
4528
4820
|
#
|
4529
|
-
# @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/
|
4821
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/ListAvailableManagedRuleGroupsRequest AWS API Documentation
|
4530
4822
|
#
|
4531
|
-
class
|
4823
|
+
class ListAvailableManagedRuleGroupsRequest < Struct.new(
|
4532
4824
|
:scope,
|
4533
4825
|
:next_marker,
|
4534
4826
|
:limit)
|
@@ -4544,25 +4836,23 @@ module Aws::WAFV2
|
|
4544
4836
|
# your next request.
|
4545
4837
|
# @return [String]
|
4546
4838
|
#
|
4547
|
-
# @!attribute [rw]
|
4548
|
-
# Array
|
4549
|
-
# have defined. See the `Limit` specification for this request.
|
4550
|
-
# @return [Array<Types::IPSetSummary>]
|
4839
|
+
# @!attribute [rw] managed_rule_groups
|
4840
|
+
# @return [Array<Types::ManagedRuleGroupSummary>]
|
4551
4841
|
#
|
4552
|
-
# @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/
|
4842
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/ListAvailableManagedRuleGroupsResponse AWS API Documentation
|
4553
4843
|
#
|
4554
|
-
class
|
4844
|
+
class ListAvailableManagedRuleGroupsResponse < Struct.new(
|
4555
4845
|
:next_marker,
|
4556
|
-
:
|
4846
|
+
:managed_rule_groups)
|
4557
4847
|
SENSITIVE = []
|
4558
4848
|
include Aws::Structure
|
4559
4849
|
end
|
4560
4850
|
|
4561
|
-
# @note When making an API call, you may pass
|
4851
|
+
# @note When making an API call, you may pass ListIPSetsRequest
|
4562
4852
|
# data as a hash:
|
4563
4853
|
#
|
4564
4854
|
# {
|
4565
|
-
# scope: "CLOUDFRONT", # accepts CLOUDFRONT, REGIONAL
|
4855
|
+
# scope: "CLOUDFRONT", # required, accepts CLOUDFRONT, REGIONAL
|
4566
4856
|
# next_marker: "NextMarker",
|
4567
4857
|
# limit: 1,
|
4568
4858
|
# }
|
@@ -4597,9 +4887,9 @@ module Aws::WAFV2
|
|
4597
4887
|
# to get the next batch of objects.
|
4598
4888
|
# @return [Integer]
|
4599
4889
|
#
|
4600
|
-
# @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/
|
4890
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/ListIPSetsRequest AWS API Documentation
|
4601
4891
|
#
|
4602
|
-
class
|
4892
|
+
class ListIPSetsRequest < Struct.new(
|
4603
4893
|
:scope,
|
4604
4894
|
:next_marker,
|
4605
4895
|
:limit)
|
@@ -4607,8 +4897,79 @@ module Aws::WAFV2
|
|
4607
4897
|
include Aws::Structure
|
4608
4898
|
end
|
4609
4899
|
|
4610
|
-
# @!attribute [rw]
|
4611
|
-
#
|
4900
|
+
# @!attribute [rw] next_marker
|
4901
|
+
# When you request a list of objects with a `Limit` setting, if the
|
4902
|
+
# number of objects that are still available for retrieval exceeds the
|
4903
|
+
# limit, WAF returns a `NextMarker` value in the response. To retrieve
|
4904
|
+
# the next batch of objects, provide the marker from the prior call in
|
4905
|
+
# your next request.
|
4906
|
+
# @return [String]
|
4907
|
+
#
|
4908
|
+
# @!attribute [rw] ip_sets
|
4909
|
+
# Array of IPSets. This may not be the full list of IPSets that you
|
4910
|
+
# have defined. See the `Limit` specification for this request.
|
4911
|
+
# @return [Array<Types::IPSetSummary>]
|
4912
|
+
#
|
4913
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/ListIPSetsResponse AWS API Documentation
|
4914
|
+
#
|
4915
|
+
class ListIPSetsResponse < Struct.new(
|
4916
|
+
:next_marker,
|
4917
|
+
:ip_sets)
|
4918
|
+
SENSITIVE = []
|
4919
|
+
include Aws::Structure
|
4920
|
+
end
|
4921
|
+
|
4922
|
+
# @note When making an API call, you may pass ListLoggingConfigurationsRequest
|
4923
|
+
# data as a hash:
|
4924
|
+
#
|
4925
|
+
# {
|
4926
|
+
# scope: "CLOUDFRONT", # accepts CLOUDFRONT, REGIONAL
|
4927
|
+
# next_marker: "NextMarker",
|
4928
|
+
# limit: 1,
|
4929
|
+
# }
|
4930
|
+
#
|
4931
|
+
# @!attribute [rw] scope
|
4932
|
+
# Specifies whether this is for an Amazon CloudFront distribution or
|
4933
|
+
# for a regional application. A regional application can be an
|
4934
|
+
# Application Load Balancer (ALB), an Amazon API Gateway REST API, or
|
4935
|
+
# an AppSync GraphQL API.
|
4936
|
+
#
|
4937
|
+
# To work with CloudFront, you must also specify the Region US East
|
4938
|
+
# (N. Virginia) as follows:
|
4939
|
+
#
|
4940
|
+
# * CLI - Specify the Region when you use the CloudFront scope:
|
4941
|
+
# `--scope=CLOUDFRONT --region=us-east-1`.
|
4942
|
+
#
|
4943
|
+
# * API and SDKs - For all calls, use the Region endpoint us-east-1.
|
4944
|
+
# @return [String]
|
4945
|
+
#
|
4946
|
+
# @!attribute [rw] next_marker
|
4947
|
+
# When you request a list of objects with a `Limit` setting, if the
|
4948
|
+
# number of objects that are still available for retrieval exceeds the
|
4949
|
+
# limit, WAF returns a `NextMarker` value in the response. To retrieve
|
4950
|
+
# the next batch of objects, provide the marker from the prior call in
|
4951
|
+
# your next request.
|
4952
|
+
# @return [String]
|
4953
|
+
#
|
4954
|
+
# @!attribute [rw] limit
|
4955
|
+
# The maximum number of objects that you want WAF to return for this
|
4956
|
+
# request. If more objects are available, in the response, WAF
|
4957
|
+
# provides a `NextMarker` value that you can use in a subsequent call
|
4958
|
+
# to get the next batch of objects.
|
4959
|
+
# @return [Integer]
|
4960
|
+
#
|
4961
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/ListLoggingConfigurationsRequest AWS API Documentation
|
4962
|
+
#
|
4963
|
+
class ListLoggingConfigurationsRequest < Struct.new(
|
4964
|
+
:scope,
|
4965
|
+
:next_marker,
|
4966
|
+
:limit)
|
4967
|
+
SENSITIVE = []
|
4968
|
+
include Aws::Structure
|
4969
|
+
end
|
4970
|
+
|
4971
|
+
# @!attribute [rw] logging_configurations
|
4972
|
+
# @return [Array<Types::LoggingConfiguration>]
|
4612
4973
|
#
|
4613
4974
|
# @!attribute [rw] next_marker
|
4614
4975
|
# When you request a list of objects with a `Limit` setting, if the
|
@@ -4627,6 +4988,76 @@ module Aws::WAFV2
|
|
4627
4988
|
include Aws::Structure
|
4628
4989
|
end
|
4629
4990
|
|
4991
|
+
# @note When making an API call, you may pass ListManagedRuleSetsRequest
|
4992
|
+
# data as a hash:
|
4993
|
+
#
|
4994
|
+
# {
|
4995
|
+
# scope: "CLOUDFRONT", # required, accepts CLOUDFRONT, REGIONAL
|
4996
|
+
# next_marker: "NextMarker",
|
4997
|
+
# limit: 1,
|
4998
|
+
# }
|
4999
|
+
#
|
5000
|
+
# @!attribute [rw] scope
|
5001
|
+
# Specifies whether this is for an Amazon CloudFront distribution or
|
5002
|
+
# for a regional application. A regional application can be an
|
5003
|
+
# Application Load Balancer (ALB), an Amazon API Gateway REST API, or
|
5004
|
+
# an AppSync GraphQL API.
|
5005
|
+
#
|
5006
|
+
# To work with CloudFront, you must also specify the Region US East
|
5007
|
+
# (N. Virginia) as follows:
|
5008
|
+
#
|
5009
|
+
# * CLI - Specify the Region when you use the CloudFront scope:
|
5010
|
+
# `--scope=CLOUDFRONT --region=us-east-1`.
|
5011
|
+
#
|
5012
|
+
# * API and SDKs - For all calls, use the Region endpoint us-east-1.
|
5013
|
+
# @return [String]
|
5014
|
+
#
|
5015
|
+
# @!attribute [rw] next_marker
|
5016
|
+
# When you request a list of objects with a `Limit` setting, if the
|
5017
|
+
# number of objects that are still available for retrieval exceeds the
|
5018
|
+
# limit, WAF returns a `NextMarker` value in the response. To retrieve
|
5019
|
+
# the next batch of objects, provide the marker from the prior call in
|
5020
|
+
# your next request.
|
5021
|
+
# @return [String]
|
5022
|
+
#
|
5023
|
+
# @!attribute [rw] limit
|
5024
|
+
# The maximum number of objects that you want WAF to return for this
|
5025
|
+
# request. If more objects are available, in the response, WAF
|
5026
|
+
# provides a `NextMarker` value that you can use in a subsequent call
|
5027
|
+
# to get the next batch of objects.
|
5028
|
+
# @return [Integer]
|
5029
|
+
#
|
5030
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/ListManagedRuleSetsRequest AWS API Documentation
|
5031
|
+
#
|
5032
|
+
class ListManagedRuleSetsRequest < Struct.new(
|
5033
|
+
:scope,
|
5034
|
+
:next_marker,
|
5035
|
+
:limit)
|
5036
|
+
SENSITIVE = []
|
5037
|
+
include Aws::Structure
|
5038
|
+
end
|
5039
|
+
|
5040
|
+
# @!attribute [rw] next_marker
|
5041
|
+
# When you request a list of objects with a `Limit` setting, if the
|
5042
|
+
# number of objects that are still available for retrieval exceeds the
|
5043
|
+
# limit, WAF returns a `NextMarker` value in the response. To retrieve
|
5044
|
+
# the next batch of objects, provide the marker from the prior call in
|
5045
|
+
# your next request.
|
5046
|
+
# @return [String]
|
5047
|
+
#
|
5048
|
+
# @!attribute [rw] managed_rule_sets
|
5049
|
+
# Your managed rule sets.
|
5050
|
+
# @return [Array<Types::ManagedRuleSetSummary>]
|
5051
|
+
#
|
5052
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/ListManagedRuleSetsResponse AWS API Documentation
|
5053
|
+
#
|
5054
|
+
class ListManagedRuleSetsResponse < Struct.new(
|
5055
|
+
:next_marker,
|
5056
|
+
:managed_rule_sets)
|
5057
|
+
SENSITIVE = []
|
5058
|
+
include Aws::Structure
|
5059
|
+
end
|
5060
|
+
|
4630
5061
|
# @note When making an API call, you may pass ListRegexPatternSetsRequest
|
4631
5062
|
# data as a hash:
|
4632
5063
|
#
|
@@ -5008,11 +5439,11 @@ module Aws::WAFV2
|
|
5008
5439
|
#
|
5009
5440
|
# @!attribute [rw] redacted_fields
|
5010
5441
|
# The parts of the request that you want to keep out of the logs. For
|
5011
|
-
# example, if you redact the `
|
5012
|
-
# firehose will be `xxx`.
|
5442
|
+
# example, if you redact the `SingleHeader` field, the `HEADER` field
|
5443
|
+
# in the firehose will be `xxx`.
|
5013
5444
|
#
|
5014
|
-
# <note markdown="1"> You
|
5015
|
-
# `
|
5445
|
+
# <note markdown="1"> You can specify only the following fields for redaction: `UriPath`,
|
5446
|
+
# `QueryString`, `SingleHeader`, `Method`, and `JsonBody`.
|
5016
5447
|
#
|
5017
5448
|
# </note>
|
5018
5449
|
# @return [Array<Types::FieldToMatch>]
|
@@ -5104,6 +5535,7 @@ module Aws::WAFV2
|
|
5104
5535
|
# {
|
5105
5536
|
# vendor_name: "VendorName", # required
|
5106
5537
|
# name: "EntityName", # required
|
5538
|
+
# version: "VersionKeyString",
|
5107
5539
|
# excluded_rules: [
|
5108
5540
|
# {
|
5109
5541
|
# name: "EntityName", # required
|
@@ -5346,6 +5778,7 @@ module Aws::WAFV2
|
|
5346
5778
|
# managed_rule_group_statement: {
|
5347
5779
|
# vendor_name: "VendorName", # required
|
5348
5780
|
# name: "EntityName", # required
|
5781
|
+
# version: "VersionKeyString",
|
5349
5782
|
# excluded_rules: [
|
5350
5783
|
# {
|
5351
5784
|
# name: "EntityName", # required
|
@@ -5359,6 +5792,42 @@ module Aws::WAFV2
|
|
5359
5792
|
# scope: "LABEL", # required, accepts LABEL, NAMESPACE
|
5360
5793
|
# key: "LabelMatchKey", # required
|
5361
5794
|
# },
|
5795
|
+
# regex_match_statement: {
|
5796
|
+
# regex_string: "RegexPatternString", # required
|
5797
|
+
# field_to_match: { # required
|
5798
|
+
# single_header: {
|
5799
|
+
# name: "FieldToMatchData", # required
|
5800
|
+
# },
|
5801
|
+
# single_query_argument: {
|
5802
|
+
# name: "FieldToMatchData", # required
|
5803
|
+
# },
|
5804
|
+
# all_query_arguments: {
|
5805
|
+
# },
|
5806
|
+
# uri_path: {
|
5807
|
+
# },
|
5808
|
+
# query_string: {
|
5809
|
+
# },
|
5810
|
+
# body: {
|
5811
|
+
# },
|
5812
|
+
# method: {
|
5813
|
+
# },
|
5814
|
+
# json_body: {
|
5815
|
+
# match_pattern: { # required
|
5816
|
+
# all: {
|
5817
|
+
# },
|
5818
|
+
# included_paths: ["JsonPointerPath"],
|
5819
|
+
# },
|
5820
|
+
# match_scope: "ALL", # required, accepts ALL, KEY, VALUE
|
5821
|
+
# invalid_fallback_behavior: "MATCH", # accepts MATCH, NO_MATCH, EVALUATE_AS_STRING
|
5822
|
+
# },
|
5823
|
+
# },
|
5824
|
+
# text_transformations: [ # required
|
5825
|
+
# {
|
5826
|
+
# priority: 1, # required
|
5827
|
+
# type: "NONE", # required, accepts NONE, COMPRESS_WHITE_SPACE, HTML_ENTITY_DECODE, LOWERCASE, CMD_LINE, URL_DECODE, BASE64_DECODE, HEX_DECODE, MD5, REPLACE_COMMENTS, ESCAPE_SEQ_DECODE, SQL_HEX_DECODE, CSS_DECODE, JS_DECODE, NORMALIZE_PATH, NORMALIZE_PATH_WIN, REMOVE_NULLS, REPLACE_NULLS, BASE64_DECODE_EXT, URL_DECODE_UNI, UTF8_TO_UNICODE
|
5828
|
+
# },
|
5829
|
+
# ],
|
5830
|
+
# },
|
5362
5831
|
# },
|
5363
5832
|
# }
|
5364
5833
|
#
|
@@ -5372,6 +5841,14 @@ module Aws::WAFV2
|
|
5372
5841
|
# vendor name, to identify the rule group.
|
5373
5842
|
# @return [String]
|
5374
5843
|
#
|
5844
|
+
# @!attribute [rw] version
|
5845
|
+
# The version of the managed rule group to use. If you specify this,
|
5846
|
+
# the version setting is fixed until you change it. If you don't
|
5847
|
+
# specify this, WAF uses the vendor's default version, and then keeps
|
5848
|
+
# the version at the vendor's default when the vendor updates the
|
5849
|
+
# managed rule group settings.
|
5850
|
+
# @return [String]
|
5851
|
+
#
|
5375
5852
|
# @!attribute [rw] excluded_rules
|
5376
5853
|
# The rules whose actions are set to `COUNT` by the web ACL,
|
5377
5854
|
# regardless of the action that is set on the rule. This effectively
|
@@ -5392,6 +5869,7 @@ module Aws::WAFV2
|
|
5392
5869
|
class ManagedRuleGroupStatement < Struct.new(
|
5393
5870
|
:vendor_name,
|
5394
5871
|
:name,
|
5872
|
+
:version,
|
5395
5873
|
:excluded_rules,
|
5396
5874
|
:scope_down_statement)
|
5397
5875
|
SENSITIVE = []
|
@@ -5403,8 +5881,9 @@ module Aws::WAFV2
|
|
5403
5881
|
# name and vendor name, that you provide when you add a
|
5404
5882
|
# ManagedRuleGroupStatement to a web ACL. Managed rule groups include
|
5405
5883
|
# Amazon Web Services Managed Rules rule groups, which are free of
|
5406
|
-
# charge to WAF customers, and
|
5407
|
-
# you can subscribe to through
|
5884
|
+
# charge to WAF customers, and Amazon Web Services Marketplace managed
|
5885
|
+
# rule groups, which you can subscribe to through Amazon Web Services
|
5886
|
+
# Marketplace.
|
5408
5887
|
#
|
5409
5888
|
# @!attribute [rw] vendor_name
|
5410
5889
|
# The name of the managed rule group vendor. You use this, along with
|
@@ -5418,7 +5897,8 @@ module Aws::WAFV2
|
|
5418
5897
|
#
|
5419
5898
|
# @!attribute [rw] description
|
5420
5899
|
# The description of the managed rule group, provided by Amazon Web
|
5421
|
-
# Services Managed Rules or the
|
5900
|
+
# Services Managed Rules or the Amazon Web Services Marketplace seller
|
5901
|
+
# who manages it.
|
5422
5902
|
# @return [String]
|
5423
5903
|
#
|
5424
5904
|
# @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/ManagedRuleGroupSummary AWS API Documentation
|
@@ -5431,12 +5911,263 @@ module Aws::WAFV2
|
|
5431
5911
|
include Aws::Structure
|
5432
5912
|
end
|
5433
5913
|
|
5914
|
+
# Describes a single version of a managed rule group.
|
5915
|
+
#
|
5916
|
+
# @!attribute [rw] name
|
5917
|
+
# The version name.
|
5918
|
+
# @return [String]
|
5919
|
+
#
|
5920
|
+
# @!attribute [rw] last_update_timestamp
|
5921
|
+
# The date and time that the managed rule group owner updated the rule
|
5922
|
+
# group version information.
|
5923
|
+
# @return [Time]
|
5924
|
+
#
|
5925
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/ManagedRuleGroupVersion AWS API Documentation
|
5926
|
+
#
|
5927
|
+
class ManagedRuleGroupVersion < Struct.new(
|
5928
|
+
:name,
|
5929
|
+
:last_update_timestamp)
|
5930
|
+
SENSITIVE = []
|
5931
|
+
include Aws::Structure
|
5932
|
+
end
|
5933
|
+
|
5934
|
+
# A set of rules that is managed by Amazon Web Services and Amazon Web
|
5935
|
+
# Services Marketplace sellers to provide versioned managed rule groups
|
5936
|
+
# for customers of WAF.
|
5937
|
+
#
|
5938
|
+
# <note markdown="1"> This is intended for use only by vendors of managed rule sets. Vendors
|
5939
|
+
# are Amazon Web Services and Amazon Web Services Marketplace sellers.
|
5940
|
+
#
|
5941
|
+
# Vendors, you can use the managed rule set APIs to provide controlled
|
5942
|
+
# rollout of your versioned managed rule group offerings for your
|
5943
|
+
# customers. The APIs are `ListManagedRuleSets`, `GetManagedRuleSet`,
|
5944
|
+
# `PutManagedRuleSetVersions`, and
|
5945
|
+
# `UpdateManagedRuleSetVersionExpiryDate`.
|
5946
|
+
#
|
5947
|
+
# </note>
|
5948
|
+
#
|
5949
|
+
# @!attribute [rw] name
|
5950
|
+
# The name of the managed rule set. You use this, along with the rule
|
5951
|
+
# set ID, to identify the rule set.
|
5952
|
+
#
|
5953
|
+
# This name is assigned to the corresponding managed rule group, which
|
5954
|
+
# your customers can access and use.
|
5955
|
+
# @return [String]
|
5956
|
+
#
|
5957
|
+
# @!attribute [rw] id
|
5958
|
+
# A unique identifier for the managed rule set. The ID is returned in
|
5959
|
+
# the responses to commands like `list`. You provide it to operations
|
5960
|
+
# like `get` and `update`.
|
5961
|
+
# @return [String]
|
5962
|
+
#
|
5963
|
+
# @!attribute [rw] arn
|
5964
|
+
# The Amazon Resource Name (ARN) of the entity.
|
5965
|
+
# @return [String]
|
5966
|
+
#
|
5967
|
+
# @!attribute [rw] description
|
5968
|
+
# A description of the set that helps with identification.
|
5969
|
+
# @return [String]
|
5970
|
+
#
|
5971
|
+
# @!attribute [rw] published_versions
|
5972
|
+
# The versions of this managed rule set that are available for use by
|
5973
|
+
# customers.
|
5974
|
+
# @return [Hash<String,Types::ManagedRuleSetVersion>]
|
5975
|
+
#
|
5976
|
+
# @!attribute [rw] recommended_version
|
5977
|
+
# The version that you would like your customers to use.
|
5978
|
+
# @return [String]
|
5979
|
+
#
|
5980
|
+
# @!attribute [rw] label_namespace
|
5981
|
+
# The label namespace prefix for the managed rule groups that are
|
5982
|
+
# offered to customers from this managed rule set. All labels that are
|
5983
|
+
# added by rules in the managed rule group have this prefix.
|
5984
|
+
#
|
5985
|
+
# * The syntax for the label namespace prefix for a managed rule group
|
5986
|
+
# is the following:
|
5987
|
+
#
|
5988
|
+
# `awswaf:managed:<vendor>:<rule group name>`\:
|
5989
|
+
#
|
5990
|
+
# * When a rule with a label matches a web request, WAF adds the fully
|
5991
|
+
# qualified label to the request. A fully qualified label is made up
|
5992
|
+
# of the label namespace from the rule group or web ACL where the
|
5993
|
+
# rule is defined and the label from the rule, separated by a colon:
|
5994
|
+
#
|
5995
|
+
# `<label namespace>:<label from rule>`
|
5996
|
+
# @return [String]
|
5997
|
+
#
|
5998
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/ManagedRuleSet AWS API Documentation
|
5999
|
+
#
|
6000
|
+
class ManagedRuleSet < Struct.new(
|
6001
|
+
:name,
|
6002
|
+
:id,
|
6003
|
+
:arn,
|
6004
|
+
:description,
|
6005
|
+
:published_versions,
|
6006
|
+
:recommended_version,
|
6007
|
+
:label_namespace)
|
6008
|
+
SENSITIVE = []
|
6009
|
+
include Aws::Structure
|
6010
|
+
end
|
6011
|
+
|
6012
|
+
# High-level information for a managed rule set.
|
6013
|
+
#
|
6014
|
+
# <note markdown="1"> This is intended for use only by vendors of managed rule sets. Vendors
|
6015
|
+
# are Amazon Web Services and Amazon Web Services Marketplace sellers.
|
6016
|
+
#
|
6017
|
+
# Vendors, you can use the managed rule set APIs to provide controlled
|
6018
|
+
# rollout of your versioned managed rule group offerings for your
|
6019
|
+
# customers. The APIs are `ListManagedRuleSets`, `GetManagedRuleSet`,
|
6020
|
+
# `PutManagedRuleSetVersions`, and
|
6021
|
+
# `UpdateManagedRuleSetVersionExpiryDate`.
|
6022
|
+
#
|
6023
|
+
# </note>
|
6024
|
+
#
|
6025
|
+
# @!attribute [rw] name
|
6026
|
+
# The name of the managed rule set. You use this, along with the rule
|
6027
|
+
# set ID, to identify the rule set.
|
6028
|
+
#
|
6029
|
+
# This name is assigned to the corresponding managed rule group, which
|
6030
|
+
# your customers can access and use.
|
6031
|
+
# @return [String]
|
6032
|
+
#
|
6033
|
+
# @!attribute [rw] id
|
6034
|
+
# A unique identifier for the managed rule set. The ID is returned in
|
6035
|
+
# the responses to commands like `list`. You provide it to operations
|
6036
|
+
# like `get` and `update`.
|
6037
|
+
# @return [String]
|
6038
|
+
#
|
6039
|
+
# @!attribute [rw] description
|
6040
|
+
# A description of the set that helps with identification.
|
6041
|
+
# @return [String]
|
6042
|
+
#
|
6043
|
+
# @!attribute [rw] lock_token
|
6044
|
+
# A token used for optimistic locking. WAF returns a token to your
|
6045
|
+
# `get` and `list` requests, to mark the state of the entity at the
|
6046
|
+
# time of the request. To make changes to the entity associated with
|
6047
|
+
# the token, you provide the token to operations like `update` and
|
6048
|
+
# `delete`. WAF uses the token to ensure that no changes have been
|
6049
|
+
# made to the entity since you last retrieved it. If a change has been
|
6050
|
+
# made, the update fails with a `WAFOptimisticLockException`. If this
|
6051
|
+
# happens, perform another `get`, and use the new token returned by
|
6052
|
+
# that operation.
|
6053
|
+
# @return [String]
|
6054
|
+
#
|
6055
|
+
# @!attribute [rw] arn
|
6056
|
+
# The Amazon Resource Name (ARN) of the entity.
|
6057
|
+
# @return [String]
|
6058
|
+
#
|
6059
|
+
# @!attribute [rw] label_namespace
|
6060
|
+
# The label namespace prefix for the managed rule groups that are
|
6061
|
+
# offered to customers from this managed rule set. All labels that are
|
6062
|
+
# added by rules in the managed rule group have this prefix.
|
6063
|
+
#
|
6064
|
+
# * The syntax for the label namespace prefix for a managed rule group
|
6065
|
+
# is the following:
|
6066
|
+
#
|
6067
|
+
# `awswaf:managed:<vendor>:<rule group name>`\:
|
6068
|
+
#
|
6069
|
+
# * When a rule with a label matches a web request, WAF adds the fully
|
6070
|
+
# qualified label to the request. A fully qualified label is made up
|
6071
|
+
# of the label namespace from the rule group or web ACL where the
|
6072
|
+
# rule is defined and the label from the rule, separated by a colon:
|
6073
|
+
#
|
6074
|
+
# `<label namespace>:<label from rule>`
|
6075
|
+
# @return [String]
|
6076
|
+
#
|
6077
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/ManagedRuleSetSummary AWS API Documentation
|
6078
|
+
#
|
6079
|
+
class ManagedRuleSetSummary < Struct.new(
|
6080
|
+
:name,
|
6081
|
+
:id,
|
6082
|
+
:description,
|
6083
|
+
:lock_token,
|
6084
|
+
:arn,
|
6085
|
+
:label_namespace)
|
6086
|
+
SENSITIVE = []
|
6087
|
+
include Aws::Structure
|
6088
|
+
end
|
6089
|
+
|
6090
|
+
# Information for a single version of a managed rule set.
|
6091
|
+
#
|
6092
|
+
# <note markdown="1"> This is intended for use only by vendors of managed rule sets. Vendors
|
6093
|
+
# are Amazon Web Services and Amazon Web Services Marketplace sellers.
|
6094
|
+
#
|
6095
|
+
# Vendors, you can use the managed rule set APIs to provide controlled
|
6096
|
+
# rollout of your versioned managed rule group offerings for your
|
6097
|
+
# customers. The APIs are `ListManagedRuleSets`, `GetManagedRuleSet`,
|
6098
|
+
# `PutManagedRuleSetVersions`, and
|
6099
|
+
# `UpdateManagedRuleSetVersionExpiryDate`.
|
6100
|
+
#
|
6101
|
+
# </note>
|
6102
|
+
#
|
6103
|
+
# @!attribute [rw] associated_rule_group_arn
|
6104
|
+
# The Amazon Resource Name (ARN) of the vendor rule group that's used
|
6105
|
+
# to define the published version of your managed rule group.
|
6106
|
+
# @return [String]
|
6107
|
+
#
|
6108
|
+
# @!attribute [rw] capacity
|
6109
|
+
# The web ACL capacity units (WCUs) required for this rule group.
|
6110
|
+
#
|
6111
|
+
# WAF uses WCUs to calculate and control the operating resources that
|
6112
|
+
# are used to run your rules, rule groups, and web ACLs. WAF
|
6113
|
+
# calculates capacity differently for each rule type, to reflect the
|
6114
|
+
# relative cost of each rule. Simple rules that cost little to run use
|
6115
|
+
# fewer WCUs than more complex rules that use more processing power.
|
6116
|
+
# Rule group capacity is fixed at creation, which helps users plan
|
6117
|
+
# their web ACL WCU usage when they use a rule group. The WCU limit
|
6118
|
+
# for web ACLs is 1,500.
|
6119
|
+
# @return [Integer]
|
6120
|
+
#
|
6121
|
+
# @!attribute [rw] forecasted_lifetime
|
6122
|
+
# The amount of time you expect this version of your managed rule
|
6123
|
+
# group to last, in days.
|
6124
|
+
# @return [Integer]
|
6125
|
+
#
|
6126
|
+
# @!attribute [rw] publish_timestamp
|
6127
|
+
# The time that you first published this version.
|
6128
|
+
#
|
6129
|
+
# Times are in Coordinated Universal Time (UTC) format. UTC format
|
6130
|
+
# includes the special designator, Z. For example,
|
6131
|
+
# "2016-09-27T14:50Z".
|
6132
|
+
# @return [Time]
|
6133
|
+
#
|
6134
|
+
# @!attribute [rw] last_update_timestamp
|
6135
|
+
# The last time that you updated this version.
|
6136
|
+
#
|
6137
|
+
# Times are in Coordinated Universal Time (UTC) format. UTC format
|
6138
|
+
# includes the special designator, Z. For example,
|
6139
|
+
# "2016-09-27T14:50Z".
|
6140
|
+
# @return [Time]
|
6141
|
+
#
|
6142
|
+
# @!attribute [rw] expiry_timestamp
|
6143
|
+
# The time that this version is set to expire.
|
6144
|
+
#
|
6145
|
+
# Times are in Coordinated Universal Time (UTC) format. UTC format
|
6146
|
+
# includes the special designator, Z. For example,
|
6147
|
+
# "2016-09-27T14:50Z".
|
6148
|
+
# @return [Time]
|
6149
|
+
#
|
6150
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/ManagedRuleSetVersion AWS API Documentation
|
6151
|
+
#
|
6152
|
+
class ManagedRuleSetVersion < Struct.new(
|
6153
|
+
:associated_rule_group_arn,
|
6154
|
+
:capacity,
|
6155
|
+
:forecasted_lifetime,
|
6156
|
+
:publish_timestamp,
|
6157
|
+
:last_update_timestamp,
|
6158
|
+
:expiry_timestamp)
|
6159
|
+
SENSITIVE = []
|
6160
|
+
include Aws::Structure
|
6161
|
+
end
|
6162
|
+
|
5434
6163
|
# The HTTP method of a web request. The method indicates the type of
|
5435
6164
|
# operation that the request is asking the origin to perform.
|
5436
6165
|
#
|
5437
6166
|
# This is used only to indicate the web request component for WAF to
|
5438
6167
|
# inspect, in the FieldToMatch specification.
|
5439
6168
|
#
|
6169
|
+
# JSON specification: `"Method": \{\}`
|
6170
|
+
#
|
5440
6171
|
# @api private
|
5441
6172
|
#
|
5442
6173
|
# @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/Method AWS API Documentation
|
@@ -5450,6 +6181,8 @@ module Aws::WAFV2
|
|
5450
6181
|
# This is used in the context of other settings, for example to specify
|
5451
6182
|
# values for RuleAction and web ACL DefaultAction.
|
5452
6183
|
#
|
6184
|
+
# JSON specification: `"None": \{\}`
|
6185
|
+
#
|
5453
6186
|
# @api private
|
5454
6187
|
#
|
5455
6188
|
# @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/NoneAction AWS API Documentation
|
@@ -5700,6 +6433,7 @@ module Aws::WAFV2
|
|
5700
6433
|
# managed_rule_group_statement: {
|
5701
6434
|
# vendor_name: "VendorName", # required
|
5702
6435
|
# name: "EntityName", # required
|
6436
|
+
# version: "VersionKeyString",
|
5703
6437
|
# excluded_rules: [
|
5704
6438
|
# {
|
5705
6439
|
# name: "EntityName", # required
|
@@ -5713,6 +6447,42 @@ module Aws::WAFV2
|
|
5713
6447
|
# scope: "LABEL", # required, accepts LABEL, NAMESPACE
|
5714
6448
|
# key: "LabelMatchKey", # required
|
5715
6449
|
# },
|
6450
|
+
# regex_match_statement: {
|
6451
|
+
# regex_string: "RegexPatternString", # required
|
6452
|
+
# field_to_match: { # required
|
6453
|
+
# single_header: {
|
6454
|
+
# name: "FieldToMatchData", # required
|
6455
|
+
# },
|
6456
|
+
# single_query_argument: {
|
6457
|
+
# name: "FieldToMatchData", # required
|
6458
|
+
# },
|
6459
|
+
# all_query_arguments: {
|
6460
|
+
# },
|
6461
|
+
# uri_path: {
|
6462
|
+
# },
|
6463
|
+
# query_string: {
|
6464
|
+
# },
|
6465
|
+
# body: {
|
6466
|
+
# },
|
6467
|
+
# method: {
|
6468
|
+
# },
|
6469
|
+
# json_body: {
|
6470
|
+
# match_pattern: { # required
|
6471
|
+
# all: {
|
6472
|
+
# },
|
6473
|
+
# included_paths: ["JsonPointerPath"],
|
6474
|
+
# },
|
6475
|
+
# match_scope: "ALL", # required, accepts ALL, KEY, VALUE
|
6476
|
+
# invalid_fallback_behavior: "MATCH", # accepts MATCH, NO_MATCH, EVALUATE_AS_STRING
|
6477
|
+
# },
|
6478
|
+
# },
|
6479
|
+
# text_transformations: [ # required
|
6480
|
+
# {
|
6481
|
+
# priority: 1, # required
|
6482
|
+
# type: "NONE", # required, accepts NONE, COMPRESS_WHITE_SPACE, HTML_ENTITY_DECODE, LOWERCASE, CMD_LINE, URL_DECODE, BASE64_DECODE, HEX_DECODE, MD5, REPLACE_COMMENTS, ESCAPE_SEQ_DECODE, SQL_HEX_DECODE, CSS_DECODE, JS_DECODE, NORMALIZE_PATH, NORMALIZE_PATH_WIN, REMOVE_NULLS, REPLACE_NULLS, BASE64_DECODE_EXT, URL_DECODE_UNI, UTF8_TO_UNICODE
|
6483
|
+
# },
|
6484
|
+
# ],
|
6485
|
+
# },
|
5716
6486
|
# },
|
5717
6487
|
# }
|
5718
6488
|
#
|
@@ -5970,6 +6740,7 @@ module Aws::WAFV2
|
|
5970
6740
|
# managed_rule_group_statement: {
|
5971
6741
|
# vendor_name: "VendorName", # required
|
5972
6742
|
# name: "EntityName", # required
|
6743
|
+
# version: "VersionKeyString",
|
5973
6744
|
# excluded_rules: [
|
5974
6745
|
# {
|
5975
6746
|
# name: "EntityName", # required
|
@@ -5983,6 +6754,42 @@ module Aws::WAFV2
|
|
5983
6754
|
# scope: "LABEL", # required, accepts LABEL, NAMESPACE
|
5984
6755
|
# key: "LabelMatchKey", # required
|
5985
6756
|
# },
|
6757
|
+
# regex_match_statement: {
|
6758
|
+
# regex_string: "RegexPatternString", # required
|
6759
|
+
# field_to_match: { # required
|
6760
|
+
# single_header: {
|
6761
|
+
# name: "FieldToMatchData", # required
|
6762
|
+
# },
|
6763
|
+
# single_query_argument: {
|
6764
|
+
# name: "FieldToMatchData", # required
|
6765
|
+
# },
|
6766
|
+
# all_query_arguments: {
|
6767
|
+
# },
|
6768
|
+
# uri_path: {
|
6769
|
+
# },
|
6770
|
+
# query_string: {
|
6771
|
+
# },
|
6772
|
+
# body: {
|
6773
|
+
# },
|
6774
|
+
# method: {
|
6775
|
+
# },
|
6776
|
+
# json_body: {
|
6777
|
+
# match_pattern: { # required
|
6778
|
+
# all: {
|
6779
|
+
# },
|
6780
|
+
# included_paths: ["JsonPointerPath"],
|
6781
|
+
# },
|
6782
|
+
# match_scope: "ALL", # required, accepts ALL, KEY, VALUE
|
6783
|
+
# invalid_fallback_behavior: "MATCH", # accepts MATCH, NO_MATCH, EVALUATE_AS_STRING
|
6784
|
+
# },
|
6785
|
+
# },
|
6786
|
+
# text_transformations: [ # required
|
6787
|
+
# {
|
6788
|
+
# priority: 1, # required
|
6789
|
+
# type: "NONE", # required, accepts NONE, COMPRESS_WHITE_SPACE, HTML_ENTITY_DECODE, LOWERCASE, CMD_LINE, URL_DECODE, BASE64_DECODE, HEX_DECODE, MD5, REPLACE_COMMENTS, ESCAPE_SEQ_DECODE, SQL_HEX_DECODE, CSS_DECODE, JS_DECODE, NORMALIZE_PATH, NORMALIZE_PATH_WIN, REMOVE_NULLS, REPLACE_NULLS, BASE64_DECODE_EXT, URL_DECODE_UNI, UTF8_TO_UNICODE
|
6790
|
+
# },
|
6791
|
+
# ],
|
6792
|
+
# },
|
5986
6793
|
# },
|
5987
6794
|
# ],
|
5988
6795
|
# }
|
@@ -6133,6 +6940,107 @@ module Aws::WAFV2
|
|
6133
6940
|
include Aws::Structure
|
6134
6941
|
end
|
6135
6942
|
|
6943
|
+
# @note When making an API call, you may pass PutManagedRuleSetVersionsRequest
|
6944
|
+
# data as a hash:
|
6945
|
+
#
|
6946
|
+
# {
|
6947
|
+
# name: "EntityName", # required
|
6948
|
+
# scope: "CLOUDFRONT", # required, accepts CLOUDFRONT, REGIONAL
|
6949
|
+
# id: "EntityId", # required
|
6950
|
+
# lock_token: "LockToken", # required
|
6951
|
+
# recommended_version: "VersionKeyString",
|
6952
|
+
# versions_to_publish: {
|
6953
|
+
# "VersionKeyString" => {
|
6954
|
+
# associated_rule_group_arn: "ResourceArn",
|
6955
|
+
# forecasted_lifetime: 1,
|
6956
|
+
# },
|
6957
|
+
# },
|
6958
|
+
# }
|
6959
|
+
#
|
6960
|
+
# @!attribute [rw] name
|
6961
|
+
# The name of the managed rule set. You use this, along with the rule
|
6962
|
+
# set ID, to identify the rule set.
|
6963
|
+
#
|
6964
|
+
# This name is assigned to the corresponding managed rule group, which
|
6965
|
+
# your customers can access and use.
|
6966
|
+
# @return [String]
|
6967
|
+
#
|
6968
|
+
# @!attribute [rw] scope
|
6969
|
+
# Specifies whether this is for an Amazon CloudFront distribution or
|
6970
|
+
# for a regional application. A regional application can be an
|
6971
|
+
# Application Load Balancer (ALB), an Amazon API Gateway REST API, or
|
6972
|
+
# an AppSync GraphQL API.
|
6973
|
+
#
|
6974
|
+
# To work with CloudFront, you must also specify the Region US East
|
6975
|
+
# (N. Virginia) as follows:
|
6976
|
+
#
|
6977
|
+
# * CLI - Specify the Region when you use the CloudFront scope:
|
6978
|
+
# `--scope=CLOUDFRONT --region=us-east-1`.
|
6979
|
+
#
|
6980
|
+
# * API and SDKs - For all calls, use the Region endpoint us-east-1.
|
6981
|
+
# @return [String]
|
6982
|
+
#
|
6983
|
+
# @!attribute [rw] id
|
6984
|
+
# A unique identifier for the managed rule set. The ID is returned in
|
6985
|
+
# the responses to commands like `list`. You provide it to operations
|
6986
|
+
# like `get` and `update`.
|
6987
|
+
# @return [String]
|
6988
|
+
#
|
6989
|
+
# @!attribute [rw] lock_token
|
6990
|
+
# A token used for optimistic locking. WAF returns a token to your
|
6991
|
+
# `get` and `list` requests, to mark the state of the entity at the
|
6992
|
+
# time of the request. To make changes to the entity associated with
|
6993
|
+
# the token, you provide the token to operations like `update` and
|
6994
|
+
# `delete`. WAF uses the token to ensure that no changes have been
|
6995
|
+
# made to the entity since you last retrieved it. If a change has been
|
6996
|
+
# made, the update fails with a `WAFOptimisticLockException`. If this
|
6997
|
+
# happens, perform another `get`, and use the new token returned by
|
6998
|
+
# that operation.
|
6999
|
+
# @return [String]
|
7000
|
+
#
|
7001
|
+
# @!attribute [rw] recommended_version
|
7002
|
+
# The version of the named managed rule group that you'd like your
|
7003
|
+
# customers to choose, from among your version offerings.
|
7004
|
+
# @return [String]
|
7005
|
+
#
|
7006
|
+
# @!attribute [rw] versions_to_publish
|
7007
|
+
# The versions of the named managed rule group that you want to offer
|
7008
|
+
# to your customers.
|
7009
|
+
# @return [Hash<String,Types::VersionToPublish>]
|
7010
|
+
#
|
7011
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/PutManagedRuleSetVersionsRequest AWS API Documentation
|
7012
|
+
#
|
7013
|
+
class PutManagedRuleSetVersionsRequest < Struct.new(
|
7014
|
+
:name,
|
7015
|
+
:scope,
|
7016
|
+
:id,
|
7017
|
+
:lock_token,
|
7018
|
+
:recommended_version,
|
7019
|
+
:versions_to_publish)
|
7020
|
+
SENSITIVE = []
|
7021
|
+
include Aws::Structure
|
7022
|
+
end
|
7023
|
+
|
7024
|
+
# @!attribute [rw] next_lock_token
|
7025
|
+
# A token used for optimistic locking. WAF returns a token to your
|
7026
|
+
# `get` and `list` requests, to mark the state of the entity at the
|
7027
|
+
# time of the request. To make changes to the entity associated with
|
7028
|
+
# the token, you provide the token to operations like `update` and
|
7029
|
+
# `delete`. WAF uses the token to ensure that no changes have been
|
7030
|
+
# made to the entity since you last retrieved it. If a change has been
|
7031
|
+
# made, the update fails with a `WAFOptimisticLockException`. If this
|
7032
|
+
# happens, perform another `get`, and use the new token returned by
|
7033
|
+
# that operation.
|
7034
|
+
# @return [String]
|
7035
|
+
#
|
7036
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/PutManagedRuleSetVersionsResponse AWS API Documentation
|
7037
|
+
#
|
7038
|
+
class PutManagedRuleSetVersionsResponse < Struct.new(
|
7039
|
+
:next_lock_token)
|
7040
|
+
SENSITIVE = []
|
7041
|
+
include Aws::Structure
|
7042
|
+
end
|
7043
|
+
|
6136
7044
|
# @note When making an API call, you may pass PutPermissionPolicyRequest
|
6137
7045
|
# data as a hash:
|
6138
7046
|
#
|
@@ -6191,6 +7099,8 @@ module Aws::WAFV2
|
|
6191
7099
|
# This is used only to indicate the web request component for WAF to
|
6192
7100
|
# inspect, in the FieldToMatch specification.
|
6193
7101
|
#
|
7102
|
+
# JSON specification: `"QueryString": \{\}`
|
7103
|
+
#
|
6194
7104
|
# @api private
|
6195
7105
|
#
|
6196
7106
|
# @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/QueryString AWS API Documentation
|
@@ -6203,6 +7113,15 @@ module Aws::WAFV2
|
|
6203
7113
|
# You can use this to put a temporary block on requests from an IP
|
6204
7114
|
# address that is sending excessive requests.
|
6205
7115
|
#
|
7116
|
+
# WAF tracks and manages web requests separately for each instance of a
|
7117
|
+
# rate-based rule that you use. For example, if you provide the same
|
7118
|
+
# rate-based rule settings in two web ACLs, each of the two rule
|
7119
|
+
# statements represents a separate instance of the rate-based rule and
|
7120
|
+
# gets its own tracking and management by WAF. If you define a
|
7121
|
+
# rate-based rule inside a rule group, and then use that rule group in
|
7122
|
+
# multiple places, each use creates a separate instance of the
|
7123
|
+
# rate-based rule that gets its own tracking and management by WAF.
|
7124
|
+
#
|
6206
7125
|
# When the rule action triggers, WAF blocks additional requests from the
|
6207
7126
|
# IP address until the request rate falls below the limit.
|
6208
7127
|
#
|
@@ -6226,9 +7145,9 @@ module Aws::WAFV2
|
|
6226
7145
|
# not meet both conditions are not counted towards the rate limit and
|
6227
7146
|
# are not affected by this rule.
|
6228
7147
|
#
|
6229
|
-
# You cannot nest a `RateBasedStatement
|
6230
|
-
# `NotStatement` or `OrStatement`.
|
6231
|
-
#
|
7148
|
+
# You cannot nest a `RateBasedStatement` inside another statement, for
|
7149
|
+
# example inside a `NotStatement` or `OrStatement`. You can define a
|
7150
|
+
# `RateBasedStatement` inside a web ACL and inside a rule group.
|
6232
7151
|
#
|
6233
7152
|
# @note When making an API call, you may pass RateBasedStatement
|
6234
7153
|
# data as a hash:
|
@@ -6473,18 +7392,55 @@ module Aws::WAFV2
|
|
6473
7392
|
# managed_rule_group_statement: {
|
6474
7393
|
# vendor_name: "VendorName", # required
|
6475
7394
|
# name: "EntityName", # required
|
7395
|
+
# version: "VersionKeyString",
|
6476
7396
|
# excluded_rules: [
|
6477
7397
|
# {
|
6478
|
-
# name: "EntityName", # required
|
7398
|
+
# name: "EntityName", # required
|
7399
|
+
# },
|
7400
|
+
# ],
|
7401
|
+
# scope_down_statement: {
|
7402
|
+
# # recursive Statement
|
7403
|
+
# },
|
7404
|
+
# },
|
7405
|
+
# label_match_statement: {
|
7406
|
+
# scope: "LABEL", # required, accepts LABEL, NAMESPACE
|
7407
|
+
# key: "LabelMatchKey", # required
|
7408
|
+
# },
|
7409
|
+
# regex_match_statement: {
|
7410
|
+
# regex_string: "RegexPatternString", # required
|
7411
|
+
# field_to_match: { # required
|
7412
|
+
# single_header: {
|
7413
|
+
# name: "FieldToMatchData", # required
|
7414
|
+
# },
|
7415
|
+
# single_query_argument: {
|
7416
|
+
# name: "FieldToMatchData", # required
|
7417
|
+
# },
|
7418
|
+
# all_query_arguments: {
|
7419
|
+
# },
|
7420
|
+
# uri_path: {
|
7421
|
+
# },
|
7422
|
+
# query_string: {
|
7423
|
+
# },
|
7424
|
+
# body: {
|
7425
|
+
# },
|
7426
|
+
# method: {
|
7427
|
+
# },
|
7428
|
+
# json_body: {
|
7429
|
+
# match_pattern: { # required
|
7430
|
+
# all: {
|
7431
|
+
# },
|
7432
|
+
# included_paths: ["JsonPointerPath"],
|
7433
|
+
# },
|
7434
|
+
# match_scope: "ALL", # required, accepts ALL, KEY, VALUE
|
7435
|
+
# invalid_fallback_behavior: "MATCH", # accepts MATCH, NO_MATCH, EVALUATE_AS_STRING
|
7436
|
+
# },
|
7437
|
+
# },
|
7438
|
+
# text_transformations: [ # required
|
7439
|
+
# {
|
7440
|
+
# priority: 1, # required
|
7441
|
+
# type: "NONE", # required, accepts NONE, COMPRESS_WHITE_SPACE, HTML_ENTITY_DECODE, LOWERCASE, CMD_LINE, URL_DECODE, BASE64_DECODE, HEX_DECODE, MD5, REPLACE_COMMENTS, ESCAPE_SEQ_DECODE, SQL_HEX_DECODE, CSS_DECODE, JS_DECODE, NORMALIZE_PATH, NORMALIZE_PATH_WIN, REMOVE_NULLS, REPLACE_NULLS, BASE64_DECODE_EXT, URL_DECODE_UNI, UTF8_TO_UNICODE
|
6479
7442
|
# },
|
6480
7443
|
# ],
|
6481
|
-
# scope_down_statement: {
|
6482
|
-
# # recursive Statement
|
6483
|
-
# },
|
6484
|
-
# },
|
6485
|
-
# label_match_statement: {
|
6486
|
-
# scope: "LABEL", # required, accepts LABEL, NAMESPACE
|
6487
|
-
# key: "LabelMatchKey", # required
|
6488
7444
|
# },
|
6489
7445
|
# },
|
6490
7446
|
# forwarded_ip_config: {
|
@@ -6545,10 +7501,11 @@ module Aws::WAFV2
|
|
6545
7501
|
include Aws::Structure
|
6546
7502
|
end
|
6547
7503
|
|
6548
|
-
# The set of IP addresses that are currently blocked for a
|
6549
|
-
#
|
7504
|
+
# The set of IP addresses that are currently blocked for a
|
7505
|
+
# RateBasedStatement.
|
6550
7506
|
#
|
6551
7507
|
# @!attribute [rw] ip_address_version
|
7508
|
+
# The version of the IP addresses, either `IPV4` or `IPV6`.
|
6552
7509
|
# @return [String]
|
6553
7510
|
#
|
6554
7511
|
# @!attribute [rw] addresses
|
@@ -6585,6 +7542,77 @@ module Aws::WAFV2
|
|
6585
7542
|
include Aws::Structure
|
6586
7543
|
end
|
6587
7544
|
|
7545
|
+
# A rule statement used to search web request components for a match
|
7546
|
+
# against a single regular expression.
|
7547
|
+
#
|
7548
|
+
# @note When making an API call, you may pass RegexMatchStatement
|
7549
|
+
# data as a hash:
|
7550
|
+
#
|
7551
|
+
# {
|
7552
|
+
# regex_string: "RegexPatternString", # required
|
7553
|
+
# field_to_match: { # required
|
7554
|
+
# single_header: {
|
7555
|
+
# name: "FieldToMatchData", # required
|
7556
|
+
# },
|
7557
|
+
# single_query_argument: {
|
7558
|
+
# name: "FieldToMatchData", # required
|
7559
|
+
# },
|
7560
|
+
# all_query_arguments: {
|
7561
|
+
# },
|
7562
|
+
# uri_path: {
|
7563
|
+
# },
|
7564
|
+
# query_string: {
|
7565
|
+
# },
|
7566
|
+
# body: {
|
7567
|
+
# },
|
7568
|
+
# method: {
|
7569
|
+
# },
|
7570
|
+
# json_body: {
|
7571
|
+
# match_pattern: { # required
|
7572
|
+
# all: {
|
7573
|
+
# },
|
7574
|
+
# included_paths: ["JsonPointerPath"],
|
7575
|
+
# },
|
7576
|
+
# match_scope: "ALL", # required, accepts ALL, KEY, VALUE
|
7577
|
+
# invalid_fallback_behavior: "MATCH", # accepts MATCH, NO_MATCH, EVALUATE_AS_STRING
|
7578
|
+
# },
|
7579
|
+
# },
|
7580
|
+
# text_transformations: [ # required
|
7581
|
+
# {
|
7582
|
+
# priority: 1, # required
|
7583
|
+
# type: "NONE", # required, accepts NONE, COMPRESS_WHITE_SPACE, HTML_ENTITY_DECODE, LOWERCASE, CMD_LINE, URL_DECODE, BASE64_DECODE, HEX_DECODE, MD5, REPLACE_COMMENTS, ESCAPE_SEQ_DECODE, SQL_HEX_DECODE, CSS_DECODE, JS_DECODE, NORMALIZE_PATH, NORMALIZE_PATH_WIN, REMOVE_NULLS, REPLACE_NULLS, BASE64_DECODE_EXT, URL_DECODE_UNI, UTF8_TO_UNICODE
|
7584
|
+
# },
|
7585
|
+
# ],
|
7586
|
+
# }
|
7587
|
+
#
|
7588
|
+
# @!attribute [rw] regex_string
|
7589
|
+
# The string representing the regular expression.
|
7590
|
+
# @return [String]
|
7591
|
+
#
|
7592
|
+
# @!attribute [rw] field_to_match
|
7593
|
+
# The part of a web request that you want WAF to inspect. For more
|
7594
|
+
# information, see FieldToMatch.
|
7595
|
+
# @return [Types::FieldToMatch]
|
7596
|
+
#
|
7597
|
+
# @!attribute [rw] text_transformations
|
7598
|
+
# Text transformations eliminate some of the unusual formatting that
|
7599
|
+
# attackers use in web requests in an effort to bypass detection. If
|
7600
|
+
# you specify one or more transformations in a rule statement, WAF
|
7601
|
+
# performs all transformations on the content of the request component
|
7602
|
+
# identified by `FieldToMatch`, starting from the lowest priority
|
7603
|
+
# setting, before inspecting the content for a match.
|
7604
|
+
# @return [Array<Types::TextTransformation>]
|
7605
|
+
#
|
7606
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/RegexMatchStatement AWS API Documentation
|
7607
|
+
#
|
7608
|
+
class RegexMatchStatement < Struct.new(
|
7609
|
+
:regex_string,
|
7610
|
+
:field_to_match,
|
7611
|
+
:text_transformations)
|
7612
|
+
SENSITIVE = []
|
7613
|
+
include Aws::Structure
|
7614
|
+
end
|
7615
|
+
|
6588
7616
|
# Contains one or more regular expressions.
|
6589
7617
|
#
|
6590
7618
|
# WAF assigns an ARN to each `RegexPatternSet` that you create. To use a
|
@@ -6729,15 +7757,15 @@ module Aws::WAFV2
|
|
6729
7757
|
# @return [String]
|
6730
7758
|
#
|
6731
7759
|
# @!attribute [rw] lock_token
|
6732
|
-
# A token used for optimistic locking. WAF returns a token to your
|
6733
|
-
# and list requests, to mark the state of the entity at the
|
6734
|
-
# the request. To make changes to the entity associated with
|
6735
|
-
# token, you provide the token to operations like update and
|
6736
|
-
# WAF uses the token to ensure that no changes have been
|
6737
|
-
# entity since you last retrieved it. If a change has been
|
6738
|
-
# update fails with a `WAFOptimisticLockException`. If this
|
6739
|
-
# perform another get
|
6740
|
-
# operation.
|
7760
|
+
# A token used for optimistic locking. WAF returns a token to your
|
7761
|
+
# `get` and `list` requests, to mark the state of the entity at the
|
7762
|
+
# time of the request. To make changes to the entity associated with
|
7763
|
+
# the token, you provide the token to operations like `update` and
|
7764
|
+
# `delete`. WAF uses the token to ensure that no changes have been
|
7765
|
+
# made to the entity since you last retrieved it. If a change has been
|
7766
|
+
# made, the update fails with a `WAFOptimisticLockException`. If this
|
7767
|
+
# happens, perform another `get`, and use the new token returned by
|
7768
|
+
# that operation.
|
6741
7769
|
# @return [String]
|
6742
7770
|
#
|
6743
7771
|
# @!attribute [rw] arn
|
@@ -7004,6 +8032,7 @@ module Aws::WAFV2
|
|
7004
8032
|
# managed_rule_group_statement: {
|
7005
8033
|
# vendor_name: "VendorName", # required
|
7006
8034
|
# name: "EntityName", # required
|
8035
|
+
# version: "VersionKeyString",
|
7007
8036
|
# excluded_rules: [
|
7008
8037
|
# {
|
7009
8038
|
# name: "EntityName", # required
|
@@ -7017,6 +8046,42 @@ module Aws::WAFV2
|
|
7017
8046
|
# scope: "LABEL", # required, accepts LABEL, NAMESPACE
|
7018
8047
|
# key: "LabelMatchKey", # required
|
7019
8048
|
# },
|
8049
|
+
# regex_match_statement: {
|
8050
|
+
# regex_string: "RegexPatternString", # required
|
8051
|
+
# field_to_match: { # required
|
8052
|
+
# single_header: {
|
8053
|
+
# name: "FieldToMatchData", # required
|
8054
|
+
# },
|
8055
|
+
# single_query_argument: {
|
8056
|
+
# name: "FieldToMatchData", # required
|
8057
|
+
# },
|
8058
|
+
# all_query_arguments: {
|
8059
|
+
# },
|
8060
|
+
# uri_path: {
|
8061
|
+
# },
|
8062
|
+
# query_string: {
|
8063
|
+
# },
|
8064
|
+
# body: {
|
8065
|
+
# },
|
8066
|
+
# method: {
|
8067
|
+
# },
|
8068
|
+
# json_body: {
|
8069
|
+
# match_pattern: { # required
|
8070
|
+
# all: {
|
8071
|
+
# },
|
8072
|
+
# included_paths: ["JsonPointerPath"],
|
8073
|
+
# },
|
8074
|
+
# match_scope: "ALL", # required, accepts ALL, KEY, VALUE
|
8075
|
+
# invalid_fallback_behavior: "MATCH", # accepts MATCH, NO_MATCH, EVALUATE_AS_STRING
|
8076
|
+
# },
|
8077
|
+
# },
|
8078
|
+
# text_transformations: [ # required
|
8079
|
+
# {
|
8080
|
+
# priority: 1, # required
|
8081
|
+
# type: "NONE", # required, accepts NONE, COMPRESS_WHITE_SPACE, HTML_ENTITY_DECODE, LOWERCASE, CMD_LINE, URL_DECODE, BASE64_DECODE, HEX_DECODE, MD5, REPLACE_COMMENTS, ESCAPE_SEQ_DECODE, SQL_HEX_DECODE, CSS_DECODE, JS_DECODE, NORMALIZE_PATH, NORMALIZE_PATH_WIN, REMOVE_NULLS, REPLACE_NULLS, BASE64_DECODE_EXT, URL_DECODE_UNI, UTF8_TO_UNICODE
|
8082
|
+
# },
|
8083
|
+
# ],
|
8084
|
+
# },
|
7020
8085
|
# },
|
7021
8086
|
# action: {
|
7022
8087
|
# block: {
|
@@ -7372,8 +8437,8 @@ module Aws::WAFV2
|
|
7372
8437
|
# provide the ARN of the rule group in this statement.
|
7373
8438
|
#
|
7374
8439
|
# You cannot nest a `RuleGroupReferenceStatement`, for example for use
|
7375
|
-
# inside a `NotStatement` or `OrStatement`.
|
7376
|
-
#
|
8440
|
+
# inside a `NotStatement` or `OrStatement`. You can only use a rule
|
8441
|
+
# group reference statement at the top level inside a web ACL.
|
7377
8442
|
#
|
7378
8443
|
# @note When making an API call, you may pass RuleGroupReferenceStatement
|
7379
8444
|
# data as a hash:
|
@@ -7427,15 +8492,15 @@ module Aws::WAFV2
|
|
7427
8492
|
# @return [String]
|
7428
8493
|
#
|
7429
8494
|
# @!attribute [rw] lock_token
|
7430
|
-
# A token used for optimistic locking. WAF returns a token to your
|
7431
|
-
# and list requests, to mark the state of the entity at the
|
7432
|
-
# the request. To make changes to the entity associated with
|
7433
|
-
# token, you provide the token to operations like update and
|
7434
|
-
# WAF uses the token to ensure that no changes have been
|
7435
|
-
# entity since you last retrieved it. If a change has been
|
7436
|
-
# update fails with a `WAFOptimisticLockException`. If this
|
7437
|
-
# perform another get
|
7438
|
-
# operation.
|
8495
|
+
# A token used for optimistic locking. WAF returns a token to your
|
8496
|
+
# `get` and `list` requests, to mark the state of the entity at the
|
8497
|
+
# time of the request. To make changes to the entity associated with
|
8498
|
+
# the token, you provide the token to operations like `update` and
|
8499
|
+
# `delete`. WAF uses the token to ensure that no changes have been
|
8500
|
+
# made to the entity since you last retrieved it. If a change has been
|
8501
|
+
# made, the update fails with a `WAFOptimisticLockException`. If this
|
8502
|
+
# happens, perform another `get`, and use the new token returned by
|
8503
|
+
# that operation.
|
7439
8504
|
# @return [String]
|
7440
8505
|
#
|
7441
8506
|
# @!attribute [rw] arn
|
@@ -7555,6 +8620,8 @@ module Aws::WAFV2
|
|
7555
8620
|
# This is used only to indicate the web request component for WAF to
|
7556
8621
|
# inspect, in the FieldToMatch specification.
|
7557
8622
|
#
|
8623
|
+
# Example JSON: `"SingleHeader": \{ "Name": "haystack" \}`
|
8624
|
+
#
|
7558
8625
|
# @note When making an API call, you may pass SingleHeader
|
7559
8626
|
# data as a hash:
|
7560
8627
|
#
|
@@ -7578,6 +8645,8 @@ module Aws::WAFV2
|
|
7578
8645
|
# *UserName* or *SalesRegion*. The name can be up to 30 characters long
|
7579
8646
|
# and isn't case sensitive.
|
7580
8647
|
#
|
8648
|
+
# Example JSON: `"SingleQueryArgument": \{ "Name": "myArgument" \}`
|
8649
|
+
#
|
7581
8650
|
# @note When making an API call, you may pass SingleQueryArgument
|
7582
8651
|
# data as a hash:
|
7583
8652
|
#
|
@@ -8199,6 +9268,7 @@ module Aws::WAFV2
|
|
8199
9268
|
# managed_rule_group_statement: {
|
8200
9269
|
# vendor_name: "VendorName", # required
|
8201
9270
|
# name: "EntityName", # required
|
9271
|
+
# version: "VersionKeyString",
|
8202
9272
|
# excluded_rules: [
|
8203
9273
|
# {
|
8204
9274
|
# name: "EntityName", # required
|
@@ -8212,6 +9282,42 @@ module Aws::WAFV2
|
|
8212
9282
|
# scope: "LABEL", # required, accepts LABEL, NAMESPACE
|
8213
9283
|
# key: "LabelMatchKey", # required
|
8214
9284
|
# },
|
9285
|
+
# regex_match_statement: {
|
9286
|
+
# regex_string: "RegexPatternString", # required
|
9287
|
+
# field_to_match: { # required
|
9288
|
+
# single_header: {
|
9289
|
+
# name: "FieldToMatchData", # required
|
9290
|
+
# },
|
9291
|
+
# single_query_argument: {
|
9292
|
+
# name: "FieldToMatchData", # required
|
9293
|
+
# },
|
9294
|
+
# all_query_arguments: {
|
9295
|
+
# },
|
9296
|
+
# uri_path: {
|
9297
|
+
# },
|
9298
|
+
# query_string: {
|
9299
|
+
# },
|
9300
|
+
# body: {
|
9301
|
+
# },
|
9302
|
+
# method: {
|
9303
|
+
# },
|
9304
|
+
# json_body: {
|
9305
|
+
# match_pattern: { # required
|
9306
|
+
# all: {
|
9307
|
+
# },
|
9308
|
+
# included_paths: ["JsonPointerPath"],
|
9309
|
+
# },
|
9310
|
+
# match_scope: "ALL", # required, accepts ALL, KEY, VALUE
|
9311
|
+
# invalid_fallback_behavior: "MATCH", # accepts MATCH, NO_MATCH, EVALUATE_AS_STRING
|
9312
|
+
# },
|
9313
|
+
# },
|
9314
|
+
# text_transformations: [ # required
|
9315
|
+
# {
|
9316
|
+
# priority: 1, # required
|
9317
|
+
# type: "NONE", # required, accepts NONE, COMPRESS_WHITE_SPACE, HTML_ENTITY_DECODE, LOWERCASE, CMD_LINE, URL_DECODE, BASE64_DECODE, HEX_DECODE, MD5, REPLACE_COMMENTS, ESCAPE_SEQ_DECODE, SQL_HEX_DECODE, CSS_DECODE, JS_DECODE, NORMALIZE_PATH, NORMALIZE_PATH_WIN, REMOVE_NULLS, REPLACE_NULLS, BASE64_DECODE_EXT, URL_DECODE_UNI, UTF8_TO_UNICODE
|
9318
|
+
# },
|
9319
|
+
# ],
|
9320
|
+
# },
|
8215
9321
|
# },
|
8216
9322
|
# forwarded_ip_config: {
|
8217
9323
|
# header_name: "ForwardedIPHeaderName", # required
|
@@ -8451,6 +9557,7 @@ module Aws::WAFV2
|
|
8451
9557
|
# managed_rule_group_statement: {
|
8452
9558
|
# vendor_name: "VendorName", # required
|
8453
9559
|
# name: "EntityName", # required
|
9560
|
+
# version: "VersionKeyString",
|
8454
9561
|
# excluded_rules: [
|
8455
9562
|
# {
|
8456
9563
|
# name: "EntityName", # required
|
@@ -8464,6 +9571,42 @@ module Aws::WAFV2
|
|
8464
9571
|
# scope: "LABEL", # required, accepts LABEL, NAMESPACE
|
8465
9572
|
# key: "LabelMatchKey", # required
|
8466
9573
|
# },
|
9574
|
+
# regex_match_statement: {
|
9575
|
+
# regex_string: "RegexPatternString", # required
|
9576
|
+
# field_to_match: { # required
|
9577
|
+
# single_header: {
|
9578
|
+
# name: "FieldToMatchData", # required
|
9579
|
+
# },
|
9580
|
+
# single_query_argument: {
|
9581
|
+
# name: "FieldToMatchData", # required
|
9582
|
+
# },
|
9583
|
+
# all_query_arguments: {
|
9584
|
+
# },
|
9585
|
+
# uri_path: {
|
9586
|
+
# },
|
9587
|
+
# query_string: {
|
9588
|
+
# },
|
9589
|
+
# body: {
|
9590
|
+
# },
|
9591
|
+
# method: {
|
9592
|
+
# },
|
9593
|
+
# json_body: {
|
9594
|
+
# match_pattern: { # required
|
9595
|
+
# all: {
|
9596
|
+
# },
|
9597
|
+
# included_paths: ["JsonPointerPath"],
|
9598
|
+
# },
|
9599
|
+
# match_scope: "ALL", # required, accepts ALL, KEY, VALUE
|
9600
|
+
# invalid_fallback_behavior: "MATCH", # accepts MATCH, NO_MATCH, EVALUATE_AS_STRING
|
9601
|
+
# },
|
9602
|
+
# },
|
9603
|
+
# text_transformations: [ # required
|
9604
|
+
# {
|
9605
|
+
# priority: 1, # required
|
9606
|
+
# type: "NONE", # required, accepts NONE, COMPRESS_WHITE_SPACE, HTML_ENTITY_DECODE, LOWERCASE, CMD_LINE, URL_DECODE, BASE64_DECODE, HEX_DECODE, MD5, REPLACE_COMMENTS, ESCAPE_SEQ_DECODE, SQL_HEX_DECODE, CSS_DECODE, JS_DECODE, NORMALIZE_PATH, NORMALIZE_PATH_WIN, REMOVE_NULLS, REPLACE_NULLS, BASE64_DECODE_EXT, URL_DECODE_UNI, UTF8_TO_UNICODE
|
9607
|
+
# },
|
9608
|
+
# ],
|
9609
|
+
# },
|
8467
9610
|
# },
|
8468
9611
|
# ],
|
8469
9612
|
# },
|
@@ -8700,6 +9843,7 @@ module Aws::WAFV2
|
|
8700
9843
|
# managed_rule_group_statement: {
|
8701
9844
|
# vendor_name: "VendorName", # required
|
8702
9845
|
# name: "EntityName", # required
|
9846
|
+
# version: "VersionKeyString",
|
8703
9847
|
# excluded_rules: [
|
8704
9848
|
# {
|
8705
9849
|
# name: "EntityName", # required
|
@@ -8713,6 +9857,42 @@ module Aws::WAFV2
|
|
8713
9857
|
# scope: "LABEL", # required, accepts LABEL, NAMESPACE
|
8714
9858
|
# key: "LabelMatchKey", # required
|
8715
9859
|
# },
|
9860
|
+
# regex_match_statement: {
|
9861
|
+
# regex_string: "RegexPatternString", # required
|
9862
|
+
# field_to_match: { # required
|
9863
|
+
# single_header: {
|
9864
|
+
# name: "FieldToMatchData", # required
|
9865
|
+
# },
|
9866
|
+
# single_query_argument: {
|
9867
|
+
# name: "FieldToMatchData", # required
|
9868
|
+
# },
|
9869
|
+
# all_query_arguments: {
|
9870
|
+
# },
|
9871
|
+
# uri_path: {
|
9872
|
+
# },
|
9873
|
+
# query_string: {
|
9874
|
+
# },
|
9875
|
+
# body: {
|
9876
|
+
# },
|
9877
|
+
# method: {
|
9878
|
+
# },
|
9879
|
+
# json_body: {
|
9880
|
+
# match_pattern: { # required
|
9881
|
+
# all: {
|
9882
|
+
# },
|
9883
|
+
# included_paths: ["JsonPointerPath"],
|
9884
|
+
# },
|
9885
|
+
# match_scope: "ALL", # required, accepts ALL, KEY, VALUE
|
9886
|
+
# invalid_fallback_behavior: "MATCH", # accepts MATCH, NO_MATCH, EVALUATE_AS_STRING
|
9887
|
+
# },
|
9888
|
+
# },
|
9889
|
+
# text_transformations: [ # required
|
9890
|
+
# {
|
9891
|
+
# priority: 1, # required
|
9892
|
+
# type: "NONE", # required, accepts NONE, COMPRESS_WHITE_SPACE, HTML_ENTITY_DECODE, LOWERCASE, CMD_LINE, URL_DECODE, BASE64_DECODE, HEX_DECODE, MD5, REPLACE_COMMENTS, ESCAPE_SEQ_DECODE, SQL_HEX_DECODE, CSS_DECODE, JS_DECODE, NORMALIZE_PATH, NORMALIZE_PATH_WIN, REMOVE_NULLS, REPLACE_NULLS, BASE64_DECODE_EXT, URL_DECODE_UNI, UTF8_TO_UNICODE
|
9893
|
+
# },
|
9894
|
+
# ],
|
9895
|
+
# },
|
8716
9896
|
# },
|
8717
9897
|
# ],
|
8718
9898
|
# },
|
@@ -8944,32 +10124,70 @@ module Aws::WAFV2
|
|
8944
10124
|
# {
|
8945
10125
|
# # recursive Statement
|
8946
10126
|
# },
|
8947
|
-
# ],
|
8948
|
-
# },
|
8949
|
-
# not_statement: {
|
8950
|
-
# # recursive NotStatement
|
8951
|
-
# },
|
8952
|
-
# managed_rule_group_statement: {
|
8953
|
-
# vendor_name: "VendorName", # required
|
8954
|
-
# name: "EntityName", # required
|
8955
|
-
#
|
10127
|
+
# ],
|
10128
|
+
# },
|
10129
|
+
# not_statement: {
|
10130
|
+
# # recursive NotStatement
|
10131
|
+
# },
|
10132
|
+
# managed_rule_group_statement: {
|
10133
|
+
# vendor_name: "VendorName", # required
|
10134
|
+
# name: "EntityName", # required
|
10135
|
+
# version: "VersionKeyString",
|
10136
|
+
# excluded_rules: [
|
10137
|
+
# {
|
10138
|
+
# name: "EntityName", # required
|
10139
|
+
# },
|
10140
|
+
# ],
|
10141
|
+
# scope_down_statement: {
|
10142
|
+
# # recursive Statement
|
10143
|
+
# },
|
10144
|
+
# },
|
10145
|
+
# label_match_statement: {
|
10146
|
+
# scope: "LABEL", # required, accepts LABEL, NAMESPACE
|
10147
|
+
# key: "LabelMatchKey", # required
|
10148
|
+
# },
|
10149
|
+
# regex_match_statement: {
|
10150
|
+
# regex_string: "RegexPatternString", # required
|
10151
|
+
# field_to_match: { # required
|
10152
|
+
# single_header: {
|
10153
|
+
# name: "FieldToMatchData", # required
|
10154
|
+
# },
|
10155
|
+
# single_query_argument: {
|
10156
|
+
# name: "FieldToMatchData", # required
|
10157
|
+
# },
|
10158
|
+
# all_query_arguments: {
|
10159
|
+
# },
|
10160
|
+
# uri_path: {
|
10161
|
+
# },
|
10162
|
+
# query_string: {
|
10163
|
+
# },
|
10164
|
+
# body: {
|
10165
|
+
# },
|
10166
|
+
# method: {
|
10167
|
+
# },
|
10168
|
+
# json_body: {
|
10169
|
+
# match_pattern: { # required
|
10170
|
+
# all: {
|
10171
|
+
# },
|
10172
|
+
# included_paths: ["JsonPointerPath"],
|
10173
|
+
# },
|
10174
|
+
# match_scope: "ALL", # required, accepts ALL, KEY, VALUE
|
10175
|
+
# invalid_fallback_behavior: "MATCH", # accepts MATCH, NO_MATCH, EVALUATE_AS_STRING
|
10176
|
+
# },
|
10177
|
+
# },
|
10178
|
+
# text_transformations: [ # required
|
8956
10179
|
# {
|
8957
|
-
#
|
10180
|
+
# priority: 1, # required
|
10181
|
+
# type: "NONE", # required, accepts NONE, COMPRESS_WHITE_SPACE, HTML_ENTITY_DECODE, LOWERCASE, CMD_LINE, URL_DECODE, BASE64_DECODE, HEX_DECODE, MD5, REPLACE_COMMENTS, ESCAPE_SEQ_DECODE, SQL_HEX_DECODE, CSS_DECODE, JS_DECODE, NORMALIZE_PATH, NORMALIZE_PATH_WIN, REMOVE_NULLS, REPLACE_NULLS, BASE64_DECODE_EXT, URL_DECODE_UNI, UTF8_TO_UNICODE
|
8958
10182
|
# },
|
8959
10183
|
# ],
|
8960
|
-
# scope_down_statement: {
|
8961
|
-
# # recursive Statement
|
8962
|
-
# },
|
8963
|
-
# },
|
8964
|
-
# label_match_statement: {
|
8965
|
-
# scope: "LABEL", # required, accepts LABEL, NAMESPACE
|
8966
|
-
# key: "LabelMatchKey", # required
|
8967
10184
|
# },
|
8968
10185
|
# },
|
8969
10186
|
# },
|
8970
10187
|
# managed_rule_group_statement: {
|
8971
10188
|
# vendor_name: "VendorName", # required
|
8972
10189
|
# name: "EntityName", # required
|
10190
|
+
# version: "VersionKeyString",
|
8973
10191
|
# excluded_rules: [
|
8974
10192
|
# {
|
8975
10193
|
# name: "EntityName", # required
|
@@ -9216,12 +10434,84 @@ module Aws::WAFV2
|
|
9216
10434
|
# scope: "LABEL", # required, accepts LABEL, NAMESPACE
|
9217
10435
|
# key: "LabelMatchKey", # required
|
9218
10436
|
# },
|
10437
|
+
# regex_match_statement: {
|
10438
|
+
# regex_string: "RegexPatternString", # required
|
10439
|
+
# field_to_match: { # required
|
10440
|
+
# single_header: {
|
10441
|
+
# name: "FieldToMatchData", # required
|
10442
|
+
# },
|
10443
|
+
# single_query_argument: {
|
10444
|
+
# name: "FieldToMatchData", # required
|
10445
|
+
# },
|
10446
|
+
# all_query_arguments: {
|
10447
|
+
# },
|
10448
|
+
# uri_path: {
|
10449
|
+
# },
|
10450
|
+
# query_string: {
|
10451
|
+
# },
|
10452
|
+
# body: {
|
10453
|
+
# },
|
10454
|
+
# method: {
|
10455
|
+
# },
|
10456
|
+
# json_body: {
|
10457
|
+
# match_pattern: { # required
|
10458
|
+
# all: {
|
10459
|
+
# },
|
10460
|
+
# included_paths: ["JsonPointerPath"],
|
10461
|
+
# },
|
10462
|
+
# match_scope: "ALL", # required, accepts ALL, KEY, VALUE
|
10463
|
+
# invalid_fallback_behavior: "MATCH", # accepts MATCH, NO_MATCH, EVALUATE_AS_STRING
|
10464
|
+
# },
|
10465
|
+
# },
|
10466
|
+
# text_transformations: [ # required
|
10467
|
+
# {
|
10468
|
+
# priority: 1, # required
|
10469
|
+
# type: "NONE", # required, accepts NONE, COMPRESS_WHITE_SPACE, HTML_ENTITY_DECODE, LOWERCASE, CMD_LINE, URL_DECODE, BASE64_DECODE, HEX_DECODE, MD5, REPLACE_COMMENTS, ESCAPE_SEQ_DECODE, SQL_HEX_DECODE, CSS_DECODE, JS_DECODE, NORMALIZE_PATH, NORMALIZE_PATH_WIN, REMOVE_NULLS, REPLACE_NULLS, BASE64_DECODE_EXT, URL_DECODE_UNI, UTF8_TO_UNICODE
|
10470
|
+
# },
|
10471
|
+
# ],
|
10472
|
+
# },
|
9219
10473
|
# },
|
9220
10474
|
# },
|
9221
10475
|
# label_match_statement: {
|
9222
10476
|
# scope: "LABEL", # required, accepts LABEL, NAMESPACE
|
9223
10477
|
# key: "LabelMatchKey", # required
|
9224
10478
|
# },
|
10479
|
+
# regex_match_statement: {
|
10480
|
+
# regex_string: "RegexPatternString", # required
|
10481
|
+
# field_to_match: { # required
|
10482
|
+
# single_header: {
|
10483
|
+
# name: "FieldToMatchData", # required
|
10484
|
+
# },
|
10485
|
+
# single_query_argument: {
|
10486
|
+
# name: "FieldToMatchData", # required
|
10487
|
+
# },
|
10488
|
+
# all_query_arguments: {
|
10489
|
+
# },
|
10490
|
+
# uri_path: {
|
10491
|
+
# },
|
10492
|
+
# query_string: {
|
10493
|
+
# },
|
10494
|
+
# body: {
|
10495
|
+
# },
|
10496
|
+
# method: {
|
10497
|
+
# },
|
10498
|
+
# json_body: {
|
10499
|
+
# match_pattern: { # required
|
10500
|
+
# all: {
|
10501
|
+
# },
|
10502
|
+
# included_paths: ["JsonPointerPath"],
|
10503
|
+
# },
|
10504
|
+
# match_scope: "ALL", # required, accepts ALL, KEY, VALUE
|
10505
|
+
# invalid_fallback_behavior: "MATCH", # accepts MATCH, NO_MATCH, EVALUATE_AS_STRING
|
10506
|
+
# },
|
10507
|
+
# },
|
10508
|
+
# text_transformations: [ # required
|
10509
|
+
# {
|
10510
|
+
# priority: 1, # required
|
10511
|
+
# type: "NONE", # required, accepts NONE, COMPRESS_WHITE_SPACE, HTML_ENTITY_DECODE, LOWERCASE, CMD_LINE, URL_DECODE, BASE64_DECODE, HEX_DECODE, MD5, REPLACE_COMMENTS, ESCAPE_SEQ_DECODE, SQL_HEX_DECODE, CSS_DECODE, JS_DECODE, NORMALIZE_PATH, NORMALIZE_PATH_WIN, REMOVE_NULLS, REPLACE_NULLS, BASE64_DECODE_EXT, URL_DECODE_UNI, UTF8_TO_UNICODE
|
10512
|
+
# },
|
10513
|
+
# ],
|
10514
|
+
# },
|
9225
10515
|
# }
|
9226
10516
|
#
|
9227
10517
|
# @!attribute [rw] byte_match_statement
|
@@ -9284,8 +10574,8 @@ module Aws::WAFV2
|
|
9284
10574
|
# provide the ARN of the rule group in this statement.
|
9285
10575
|
#
|
9286
10576
|
# You cannot nest a `RuleGroupReferenceStatement`, for example for use
|
9287
|
-
# inside a `NotStatement` or `OrStatement`.
|
9288
|
-
#
|
10577
|
+
# inside a `NotStatement` or `OrStatement`. You can only use a rule
|
10578
|
+
# group reference statement at the top level inside a web ACL.
|
9289
10579
|
# @return [Types::RuleGroupReferenceStatement]
|
9290
10580
|
#
|
9291
10581
|
# @!attribute [rw] ip_set_reference_statement
|
@@ -9323,6 +10613,15 @@ module Aws::WAFV2
|
|
9323
10613
|
# time span. You can use this to put a temporary block on requests
|
9324
10614
|
# from an IP address that is sending excessive requests.
|
9325
10615
|
#
|
10616
|
+
# WAF tracks and manages web requests separately for each instance of
|
10617
|
+
# a rate-based rule that you use. For example, if you provide the same
|
10618
|
+
# rate-based rule settings in two web ACLs, each of the two rule
|
10619
|
+
# statements represents a separate instance of the rate-based rule and
|
10620
|
+
# gets its own tracking and management by WAF. If you define a
|
10621
|
+
# rate-based rule inside a rule group, and then use that rule group in
|
10622
|
+
# multiple places, each use creates a separate instance of the
|
10623
|
+
# rate-based rule that gets its own tracking and management by WAF.
|
10624
|
+
#
|
9326
10625
|
# When the rule action triggers, WAF blocks additional requests from
|
9327
10626
|
# the IP address until the request rate falls below the limit.
|
9328
10627
|
#
|
@@ -9346,9 +10645,9 @@ module Aws::WAFV2
|
|
9346
10645
|
# do not meet both conditions are not counted towards the rate limit
|
9347
10646
|
# and are not affected by this rule.
|
9348
10647
|
#
|
9349
|
-
# You cannot nest a `RateBasedStatement
|
9350
|
-
# `NotStatement` or `OrStatement`.
|
9351
|
-
#
|
10648
|
+
# You cannot nest a `RateBasedStatement` inside another statement, for
|
10649
|
+
# example inside a `NotStatement` or `OrStatement`. You can define a
|
10650
|
+
# `RateBasedStatement` inside a web ACL and inside a rule group.
|
9352
10651
|
# @return [Types::RateBasedStatement]
|
9353
10652
|
#
|
9354
10653
|
# @!attribute [rw] and_statement
|
@@ -9394,6 +10693,11 @@ module Aws::WAFV2
|
|
9394
10693
|
# that were added in the same context as the label match statement.
|
9395
10694
|
# @return [Types::LabelMatchStatement]
|
9396
10695
|
#
|
10696
|
+
# @!attribute [rw] regex_match_statement
|
10697
|
+
# A rule statement used to search web request components for a match
|
10698
|
+
# against a single regular expression.
|
10699
|
+
# @return [Types::RegexMatchStatement]
|
10700
|
+
#
|
9397
10701
|
# @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/Statement AWS API Documentation
|
9398
10702
|
#
|
9399
10703
|
class Statement < Struct.new(
|
@@ -9410,7 +10714,8 @@ module Aws::WAFV2
|
|
9410
10714
|
:or_statement,
|
9411
10715
|
:not_statement,
|
9412
10716
|
:managed_rule_group_statement,
|
9413
|
-
:label_match_statement
|
10717
|
+
:label_match_statement,
|
10718
|
+
:regex_match_statement)
|
9414
10719
|
SENSITIVE = []
|
9415
10720
|
include Aws::Structure
|
9416
10721
|
end
|
@@ -9649,10 +10954,8 @@ module Aws::WAFV2
|
|
9649
10954
|
# **REPLACE\_NULLS** - Replace NULL bytes in the input with space
|
9650
10955
|
# characters (ASCII `0x20`).
|
9651
10956
|
#
|
9652
|
-
# **SQL\_HEX\_DECODE** - Decode
|
9653
|
-
#
|
9654
|
-
# `\xHH` (hexadecimal), `\0OOO` (octal). Encodings that aren't valid
|
9655
|
-
# remain in the output.
|
10957
|
+
# **SQL\_HEX\_DECODE** - Decode SQL hex data. Example (`0x414243`)
|
10958
|
+
# will be decoded to (`ABC`).
|
9656
10959
|
#
|
9657
10960
|
# **URL\_DECODE** - Decode a URL-encoded value.
|
9658
10961
|
#
|
@@ -9836,15 +11139,15 @@ module Aws::WAFV2
|
|
9836
11139
|
# @return [Array<String>]
|
9837
11140
|
#
|
9838
11141
|
# @!attribute [rw] lock_token
|
9839
|
-
# A token used for optimistic locking. WAF returns a token to your
|
9840
|
-
# and list requests, to mark the state of the entity at the
|
9841
|
-
# the request. To make changes to the entity associated with
|
9842
|
-
# token, you provide the token to operations like update and
|
9843
|
-
# WAF uses the token to ensure that no changes have been
|
9844
|
-
# entity since you last retrieved it. If a change has been
|
9845
|
-
# update fails with a `WAFOptimisticLockException`. If this
|
9846
|
-
# perform another get
|
9847
|
-
# operation.
|
11142
|
+
# A token used for optimistic locking. WAF returns a token to your
|
11143
|
+
# `get` and `list` requests, to mark the state of the entity at the
|
11144
|
+
# time of the request. To make changes to the entity associated with
|
11145
|
+
# the token, you provide the token to operations like `update` and
|
11146
|
+
# `delete`. WAF uses the token to ensure that no changes have been
|
11147
|
+
# made to the entity since you last retrieved it. If a change has been
|
11148
|
+
# made, the update fails with a `WAFOptimisticLockException`. If this
|
11149
|
+
# happens, perform another `get`, and use the new token returned by
|
11150
|
+
# that operation.
|
9848
11151
|
# @return [String]
|
9849
11152
|
#
|
9850
11153
|
# @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/UpdateIPSetRequest AWS API Documentation
|
@@ -9862,7 +11165,7 @@ module Aws::WAFV2
|
|
9862
11165
|
|
9863
11166
|
# @!attribute [rw] next_lock_token
|
9864
11167
|
# A token used for optimistic locking. WAF returns this token to your
|
9865
|
-
# update requests. You use `NextLockToken` in the same manner as you
|
11168
|
+
# `update` requests. You use `NextLockToken` in the same manner as you
|
9866
11169
|
# use `LockToken`.
|
9867
11170
|
# @return [String]
|
9868
11171
|
#
|
@@ -9874,6 +11177,119 @@ module Aws::WAFV2
|
|
9874
11177
|
include Aws::Structure
|
9875
11178
|
end
|
9876
11179
|
|
11180
|
+
# @note When making an API call, you may pass UpdateManagedRuleSetVersionExpiryDateRequest
|
11181
|
+
# data as a hash:
|
11182
|
+
#
|
11183
|
+
# {
|
11184
|
+
# name: "EntityName", # required
|
11185
|
+
# scope: "CLOUDFRONT", # required, accepts CLOUDFRONT, REGIONAL
|
11186
|
+
# id: "EntityId", # required
|
11187
|
+
# lock_token: "LockToken", # required
|
11188
|
+
# version_to_expire: "VersionKeyString", # required
|
11189
|
+
# expiry_timestamp: Time.now, # required
|
11190
|
+
# }
|
11191
|
+
#
|
11192
|
+
# @!attribute [rw] name
|
11193
|
+
# The name of the managed rule set. You use this, along with the rule
|
11194
|
+
# set ID, to identify the rule set.
|
11195
|
+
#
|
11196
|
+
# This name is assigned to the corresponding managed rule group, which
|
11197
|
+
# your customers can access and use.
|
11198
|
+
# @return [String]
|
11199
|
+
#
|
11200
|
+
# @!attribute [rw] scope
|
11201
|
+
# Specifies whether this is for an Amazon CloudFront distribution or
|
11202
|
+
# for a regional application. A regional application can be an
|
11203
|
+
# Application Load Balancer (ALB), an Amazon API Gateway REST API, or
|
11204
|
+
# an AppSync GraphQL API.
|
11205
|
+
#
|
11206
|
+
# To work with CloudFront, you must also specify the Region US East
|
11207
|
+
# (N. Virginia) as follows:
|
11208
|
+
#
|
11209
|
+
# * CLI - Specify the Region when you use the CloudFront scope:
|
11210
|
+
# `--scope=CLOUDFRONT --region=us-east-1`.
|
11211
|
+
#
|
11212
|
+
# * API and SDKs - For all calls, use the Region endpoint us-east-1.
|
11213
|
+
# @return [String]
|
11214
|
+
#
|
11215
|
+
# @!attribute [rw] id
|
11216
|
+
# A unique identifier for the managed rule set. The ID is returned in
|
11217
|
+
# the responses to commands like `list`. You provide it to operations
|
11218
|
+
# like `get` and `update`.
|
11219
|
+
# @return [String]
|
11220
|
+
#
|
11221
|
+
# @!attribute [rw] lock_token
|
11222
|
+
# A token used for optimistic locking. WAF returns a token to your
|
11223
|
+
# `get` and `list` requests, to mark the state of the entity at the
|
11224
|
+
# time of the request. To make changes to the entity associated with
|
11225
|
+
# the token, you provide the token to operations like `update` and
|
11226
|
+
# `delete`. WAF uses the token to ensure that no changes have been
|
11227
|
+
# made to the entity since you last retrieved it. If a change has been
|
11228
|
+
# made, the update fails with a `WAFOptimisticLockException`. If this
|
11229
|
+
# happens, perform another `get`, and use the new token returned by
|
11230
|
+
# that operation.
|
11231
|
+
# @return [String]
|
11232
|
+
#
|
11233
|
+
# @!attribute [rw] version_to_expire
|
11234
|
+
# The version that you want to remove from your list of offerings for
|
11235
|
+
# the named managed rule group.
|
11236
|
+
# @return [String]
|
11237
|
+
#
|
11238
|
+
# @!attribute [rw] expiry_timestamp
|
11239
|
+
# The time that you want the version to expire.
|
11240
|
+
#
|
11241
|
+
# Times are in Coordinated Universal Time (UTC) format. UTC format
|
11242
|
+
# includes the special designator, Z. For example,
|
11243
|
+
# "2016-09-27T14:50Z".
|
11244
|
+
# @return [Time]
|
11245
|
+
#
|
11246
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/UpdateManagedRuleSetVersionExpiryDateRequest AWS API Documentation
|
11247
|
+
#
|
11248
|
+
class UpdateManagedRuleSetVersionExpiryDateRequest < Struct.new(
|
11249
|
+
:name,
|
11250
|
+
:scope,
|
11251
|
+
:id,
|
11252
|
+
:lock_token,
|
11253
|
+
:version_to_expire,
|
11254
|
+
:expiry_timestamp)
|
11255
|
+
SENSITIVE = []
|
11256
|
+
include Aws::Structure
|
11257
|
+
end
|
11258
|
+
|
11259
|
+
# @!attribute [rw] expiring_version
|
11260
|
+
# The version that is set to expire.
|
11261
|
+
# @return [String]
|
11262
|
+
#
|
11263
|
+
# @!attribute [rw] expiry_timestamp
|
11264
|
+
# The time that the version will expire.
|
11265
|
+
#
|
11266
|
+
# Times are in Coordinated Universal Time (UTC) format. UTC format
|
11267
|
+
# includes the special designator, Z. For example,
|
11268
|
+
# "2016-09-27T14:50Z".
|
11269
|
+
# @return [Time]
|
11270
|
+
#
|
11271
|
+
# @!attribute [rw] next_lock_token
|
11272
|
+
# A token used for optimistic locking. WAF returns a token to your
|
11273
|
+
# `get` and `list` requests, to mark the state of the entity at the
|
11274
|
+
# time of the request. To make changes to the entity associated with
|
11275
|
+
# the token, you provide the token to operations like `update` and
|
11276
|
+
# `delete`. WAF uses the token to ensure that no changes have been
|
11277
|
+
# made to the entity since you last retrieved it. If a change has been
|
11278
|
+
# made, the update fails with a `WAFOptimisticLockException`. If this
|
11279
|
+
# happens, perform another `get`, and use the new token returned by
|
11280
|
+
# that operation.
|
11281
|
+
# @return [String]
|
11282
|
+
#
|
11283
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/UpdateManagedRuleSetVersionExpiryDateResponse AWS API Documentation
|
11284
|
+
#
|
11285
|
+
class UpdateManagedRuleSetVersionExpiryDateResponse < Struct.new(
|
11286
|
+
:expiring_version,
|
11287
|
+
:expiry_timestamp,
|
11288
|
+
:next_lock_token)
|
11289
|
+
SENSITIVE = []
|
11290
|
+
include Aws::Structure
|
11291
|
+
end
|
11292
|
+
|
9877
11293
|
# @note When making an API call, you may pass UpdateRegexPatternSetRequest
|
9878
11294
|
# data as a hash:
|
9879
11295
|
#
|
@@ -9924,15 +11340,15 @@ module Aws::WAFV2
|
|
9924
11340
|
# @return [Array<Types::Regex>]
|
9925
11341
|
#
|
9926
11342
|
# @!attribute [rw] lock_token
|
9927
|
-
# A token used for optimistic locking. WAF returns a token to your
|
9928
|
-
# and list requests, to mark the state of the entity at the
|
9929
|
-
# the request. To make changes to the entity associated with
|
9930
|
-
# token, you provide the token to operations like update and
|
9931
|
-
# WAF uses the token to ensure that no changes have been
|
9932
|
-
# entity since you last retrieved it. If a change has been
|
9933
|
-
# update fails with a `WAFOptimisticLockException`. If this
|
9934
|
-
# perform another get
|
9935
|
-
# operation.
|
11343
|
+
# A token used for optimistic locking. WAF returns a token to your
|
11344
|
+
# `get` and `list` requests, to mark the state of the entity at the
|
11345
|
+
# time of the request. To make changes to the entity associated with
|
11346
|
+
# the token, you provide the token to operations like `update` and
|
11347
|
+
# `delete`. WAF uses the token to ensure that no changes have been
|
11348
|
+
# made to the entity since you last retrieved it. If a change has been
|
11349
|
+
# made, the update fails with a `WAFOptimisticLockException`. If this
|
11350
|
+
# happens, perform another `get`, and use the new token returned by
|
11351
|
+
# that operation.
|
9936
11352
|
# @return [String]
|
9937
11353
|
#
|
9938
11354
|
# @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/UpdateRegexPatternSetRequest AWS API Documentation
|
@@ -9950,7 +11366,7 @@ module Aws::WAFV2
|
|
9950
11366
|
|
9951
11367
|
# @!attribute [rw] next_lock_token
|
9952
11368
|
# A token used for optimistic locking. WAF returns this token to your
|
9953
|
-
# update requests. You use `NextLockToken` in the same manner as you
|
11369
|
+
# `update` requests. You use `NextLockToken` in the same manner as you
|
9954
11370
|
# use `LockToken`.
|
9955
11371
|
# @return [String]
|
9956
11372
|
#
|
@@ -10211,6 +11627,7 @@ module Aws::WAFV2
|
|
10211
11627
|
# managed_rule_group_statement: {
|
10212
11628
|
# vendor_name: "VendorName", # required
|
10213
11629
|
# name: "EntityName", # required
|
11630
|
+
# version: "VersionKeyString",
|
10214
11631
|
# excluded_rules: [
|
10215
11632
|
# {
|
10216
11633
|
# name: "EntityName", # required
|
@@ -10224,6 +11641,42 @@ module Aws::WAFV2
|
|
10224
11641
|
# scope: "LABEL", # required, accepts LABEL, NAMESPACE
|
10225
11642
|
# key: "LabelMatchKey", # required
|
10226
11643
|
# },
|
11644
|
+
# regex_match_statement: {
|
11645
|
+
# regex_string: "RegexPatternString", # required
|
11646
|
+
# field_to_match: { # required
|
11647
|
+
# single_header: {
|
11648
|
+
# name: "FieldToMatchData", # required
|
11649
|
+
# },
|
11650
|
+
# single_query_argument: {
|
11651
|
+
# name: "FieldToMatchData", # required
|
11652
|
+
# },
|
11653
|
+
# all_query_arguments: {
|
11654
|
+
# },
|
11655
|
+
# uri_path: {
|
11656
|
+
# },
|
11657
|
+
# query_string: {
|
11658
|
+
# },
|
11659
|
+
# body: {
|
11660
|
+
# },
|
11661
|
+
# method: {
|
11662
|
+
# },
|
11663
|
+
# json_body: {
|
11664
|
+
# match_pattern: { # required
|
11665
|
+
# all: {
|
11666
|
+
# },
|
11667
|
+
# included_paths: ["JsonPointerPath"],
|
11668
|
+
# },
|
11669
|
+
# match_scope: "ALL", # required, accepts ALL, KEY, VALUE
|
11670
|
+
# invalid_fallback_behavior: "MATCH", # accepts MATCH, NO_MATCH, EVALUATE_AS_STRING
|
11671
|
+
# },
|
11672
|
+
# },
|
11673
|
+
# text_transformations: [ # required
|
11674
|
+
# {
|
11675
|
+
# priority: 1, # required
|
11676
|
+
# type: "NONE", # required, accepts NONE, COMPRESS_WHITE_SPACE, HTML_ENTITY_DECODE, LOWERCASE, CMD_LINE, URL_DECODE, BASE64_DECODE, HEX_DECODE, MD5, REPLACE_COMMENTS, ESCAPE_SEQ_DECODE, SQL_HEX_DECODE, CSS_DECODE, JS_DECODE, NORMALIZE_PATH, NORMALIZE_PATH_WIN, REMOVE_NULLS, REPLACE_NULLS, BASE64_DECODE_EXT, URL_DECODE_UNI, UTF8_TO_UNICODE
|
11677
|
+
# },
|
11678
|
+
# ],
|
11679
|
+
# },
|
10227
11680
|
# },
|
10228
11681
|
# action: {
|
10229
11682
|
# block: {
|
@@ -10342,15 +11795,15 @@ module Aws::WAFV2
|
|
10342
11795
|
# @return [Types::VisibilityConfig]
|
10343
11796
|
#
|
10344
11797
|
# @!attribute [rw] lock_token
|
10345
|
-
# A token used for optimistic locking. WAF returns a token to your
|
10346
|
-
# and list requests, to mark the state of the entity at the
|
10347
|
-
# the request. To make changes to the entity associated with
|
10348
|
-
# token, you provide the token to operations like update and
|
10349
|
-
# WAF uses the token to ensure that no changes have been
|
10350
|
-
# entity since you last retrieved it. If a change has been
|
10351
|
-
# update fails with a `WAFOptimisticLockException`. If this
|
10352
|
-
# perform another get
|
10353
|
-
# operation.
|
11798
|
+
# A token used for optimistic locking. WAF returns a token to your
|
11799
|
+
# `get` and `list` requests, to mark the state of the entity at the
|
11800
|
+
# time of the request. To make changes to the entity associated with
|
11801
|
+
# the token, you provide the token to operations like `update` and
|
11802
|
+
# `delete`. WAF uses the token to ensure that no changes have been
|
11803
|
+
# made to the entity since you last retrieved it. If a change has been
|
11804
|
+
# made, the update fails with a `WAFOptimisticLockException`. If this
|
11805
|
+
# happens, perform another `get`, and use the new token returned by
|
11806
|
+
# that operation.
|
10354
11807
|
# @return [String]
|
10355
11808
|
#
|
10356
11809
|
# @!attribute [rw] custom_response_bodies
|
@@ -10391,7 +11844,7 @@ module Aws::WAFV2
|
|
10391
11844
|
|
10392
11845
|
# @!attribute [rw] next_lock_token
|
10393
11846
|
# A token used for optimistic locking. WAF returns this token to your
|
10394
|
-
# update requests. You use `NextLockToken` in the same manner as you
|
11847
|
+
# `update` requests. You use `NextLockToken` in the same manner as you
|
10395
11848
|
# use `LockToken`.
|
10396
11849
|
# @return [String]
|
10397
11850
|
#
|
@@ -10676,6 +12129,7 @@ module Aws::WAFV2
|
|
10676
12129
|
# managed_rule_group_statement: {
|
10677
12130
|
# vendor_name: "VendorName", # required
|
10678
12131
|
# name: "EntityName", # required
|
12132
|
+
# version: "VersionKeyString",
|
10679
12133
|
# excluded_rules: [
|
10680
12134
|
# {
|
10681
12135
|
# name: "EntityName", # required
|
@@ -10689,6 +12143,42 @@ module Aws::WAFV2
|
|
10689
12143
|
# scope: "LABEL", # required, accepts LABEL, NAMESPACE
|
10690
12144
|
# key: "LabelMatchKey", # required
|
10691
12145
|
# },
|
12146
|
+
# regex_match_statement: {
|
12147
|
+
# regex_string: "RegexPatternString", # required
|
12148
|
+
# field_to_match: { # required
|
12149
|
+
# single_header: {
|
12150
|
+
# name: "FieldToMatchData", # required
|
12151
|
+
# },
|
12152
|
+
# single_query_argument: {
|
12153
|
+
# name: "FieldToMatchData", # required
|
12154
|
+
# },
|
12155
|
+
# all_query_arguments: {
|
12156
|
+
# },
|
12157
|
+
# uri_path: {
|
12158
|
+
# },
|
12159
|
+
# query_string: {
|
12160
|
+
# },
|
12161
|
+
# body: {
|
12162
|
+
# },
|
12163
|
+
# method: {
|
12164
|
+
# },
|
12165
|
+
# json_body: {
|
12166
|
+
# match_pattern: { # required
|
12167
|
+
# all: {
|
12168
|
+
# },
|
12169
|
+
# included_paths: ["JsonPointerPath"],
|
12170
|
+
# },
|
12171
|
+
# match_scope: "ALL", # required, accepts ALL, KEY, VALUE
|
12172
|
+
# invalid_fallback_behavior: "MATCH", # accepts MATCH, NO_MATCH, EVALUATE_AS_STRING
|
12173
|
+
# },
|
12174
|
+
# },
|
12175
|
+
# text_transformations: [ # required
|
12176
|
+
# {
|
12177
|
+
# priority: 1, # required
|
12178
|
+
# type: "NONE", # required, accepts NONE, COMPRESS_WHITE_SPACE, HTML_ENTITY_DECODE, LOWERCASE, CMD_LINE, URL_DECODE, BASE64_DECODE, HEX_DECODE, MD5, REPLACE_COMMENTS, ESCAPE_SEQ_DECODE, SQL_HEX_DECODE, CSS_DECODE, JS_DECODE, NORMALIZE_PATH, NORMALIZE_PATH_WIN, REMOVE_NULLS, REPLACE_NULLS, BASE64_DECODE_EXT, URL_DECODE_UNI, UTF8_TO_UNICODE
|
12179
|
+
# },
|
12180
|
+
# ],
|
12181
|
+
# },
|
10692
12182
|
# },
|
10693
12183
|
# action: {
|
10694
12184
|
# block: {
|
@@ -10812,15 +12302,15 @@ module Aws::WAFV2
|
|
10812
12302
|
# @return [Types::VisibilityConfig]
|
10813
12303
|
#
|
10814
12304
|
# @!attribute [rw] lock_token
|
10815
|
-
# A token used for optimistic locking. WAF returns a token to your
|
10816
|
-
# and list requests, to mark the state of the entity at the
|
10817
|
-
# the request. To make changes to the entity associated with
|
10818
|
-
# token, you provide the token to operations like update and
|
10819
|
-
# WAF uses the token to ensure that no changes have been
|
10820
|
-
# entity since you last retrieved it. If a change has been
|
10821
|
-
# update fails with a `WAFOptimisticLockException`. If this
|
10822
|
-
# perform another get
|
10823
|
-
# operation.
|
12305
|
+
# A token used for optimistic locking. WAF returns a token to your
|
12306
|
+
# `get` and `list` requests, to mark the state of the entity at the
|
12307
|
+
# time of the request. To make changes to the entity associated with
|
12308
|
+
# the token, you provide the token to operations like `update` and
|
12309
|
+
# `delete`. WAF uses the token to ensure that no changes have been
|
12310
|
+
# made to the entity since you last retrieved it. If a change has been
|
12311
|
+
# made, the update fails with a `WAFOptimisticLockException`. If this
|
12312
|
+
# happens, perform another `get`, and use the new token returned by
|
12313
|
+
# that operation.
|
10824
12314
|
# @return [String]
|
10825
12315
|
#
|
10826
12316
|
# @!attribute [rw] custom_response_bodies
|
@@ -10862,7 +12352,7 @@ module Aws::WAFV2
|
|
10862
12352
|
|
10863
12353
|
# @!attribute [rw] next_lock_token
|
10864
12354
|
# A token used for optimistic locking. WAF returns this token to your
|
10865
|
-
# update requests. You use `NextLockToken` in the same manner as you
|
12355
|
+
# `update` requests. You use `NextLockToken` in the same manner as you
|
10866
12356
|
# use `LockToken`.
|
10867
12357
|
# @return [String]
|
10868
12358
|
#
|
@@ -10881,12 +12371,55 @@ module Aws::WAFV2
|
|
10881
12371
|
# This is used only to indicate the web request component for WAF to
|
10882
12372
|
# inspect, in the FieldToMatch specification.
|
10883
12373
|
#
|
12374
|
+
# JSON specification: `"UriPath": \{\}`
|
12375
|
+
#
|
10884
12376
|
# @api private
|
10885
12377
|
#
|
10886
12378
|
# @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/UriPath AWS API Documentation
|
10887
12379
|
#
|
10888
12380
|
class UriPath < Aws::EmptyStructure; end
|
10889
12381
|
|
12382
|
+
# A version of the named managed rule group, that the rule group's
|
12383
|
+
# vendor publishes for use by customers.
|
12384
|
+
#
|
12385
|
+
# <note markdown="1"> This is intended for use only by vendors of managed rule sets. Vendors
|
12386
|
+
# are Amazon Web Services and Amazon Web Services Marketplace sellers.
|
12387
|
+
#
|
12388
|
+
# Vendors, you can use the managed rule set APIs to provide controlled
|
12389
|
+
# rollout of your versioned managed rule group offerings for your
|
12390
|
+
# customers. The APIs are `ListManagedRuleSets`, `GetManagedRuleSet`,
|
12391
|
+
# `PutManagedRuleSetVersions`, and
|
12392
|
+
# `UpdateManagedRuleSetVersionExpiryDate`.
|
12393
|
+
#
|
12394
|
+
# </note>
|
12395
|
+
#
|
12396
|
+
# @note When making an API call, you may pass VersionToPublish
|
12397
|
+
# data as a hash:
|
12398
|
+
#
|
12399
|
+
# {
|
12400
|
+
# associated_rule_group_arn: "ResourceArn",
|
12401
|
+
# forecasted_lifetime: 1,
|
12402
|
+
# }
|
12403
|
+
#
|
12404
|
+
# @!attribute [rw] associated_rule_group_arn
|
12405
|
+
# The Amazon Resource Name (ARN) of the vendor's rule group that's
|
12406
|
+
# used in the published managed rule group version.
|
12407
|
+
# @return [String]
|
12408
|
+
#
|
12409
|
+
# @!attribute [rw] forecasted_lifetime
|
12410
|
+
# The amount of time the vendor expects this version of the managed
|
12411
|
+
# rule group to last, in days.
|
12412
|
+
# @return [Integer]
|
12413
|
+
#
|
12414
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/VersionToPublish AWS API Documentation
|
12415
|
+
#
|
12416
|
+
class VersionToPublish < Struct.new(
|
12417
|
+
:associated_rule_group_arn,
|
12418
|
+
:forecasted_lifetime)
|
12419
|
+
SENSITIVE = []
|
12420
|
+
include Aws::Structure
|
12421
|
+
end
|
12422
|
+
|
10890
12423
|
# Defines and enables Amazon CloudWatch metrics and web request sample
|
10891
12424
|
# collection.
|
10892
12425
|
#
|
@@ -10961,6 +12494,22 @@ module Aws::WAFV2
|
|
10961
12494
|
include Aws::Structure
|
10962
12495
|
end
|
10963
12496
|
|
12497
|
+
# The operation failed because the specified version for the managed
|
12498
|
+
# rule group has expired. You can retrieve the available versions for
|
12499
|
+
# the managed rule group by calling
|
12500
|
+
# ListAvailableManagedRuleGroupVersions.
|
12501
|
+
#
|
12502
|
+
# @!attribute [rw] message
|
12503
|
+
# @return [String]
|
12504
|
+
#
|
12505
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/WAFExpiredManagedRuleGroupVersionException AWS API Documentation
|
12506
|
+
#
|
12507
|
+
class WAFExpiredManagedRuleGroupVersionException < Struct.new(
|
12508
|
+
:message)
|
12509
|
+
SENSITIVE = []
|
12510
|
+
include Aws::Structure
|
12511
|
+
end
|
12512
|
+
|
10964
12513
|
# Your request is valid, but WAF couldn’t perform the operation because
|
10965
12514
|
# of a system problem. Retry your request.
|
10966
12515
|
#
|
@@ -11006,12 +12555,15 @@ module Aws::WAFV2
|
|
11006
12555
|
# @return [String]
|
11007
12556
|
#
|
11008
12557
|
# @!attribute [rw] field
|
12558
|
+
# The settings where the invalid parameter was found.
|
11009
12559
|
# @return [String]
|
11010
12560
|
#
|
11011
12561
|
# @!attribute [rw] parameter
|
12562
|
+
# The invalid parameter that resulted in the exception.
|
11012
12563
|
# @return [String]
|
11013
12564
|
#
|
11014
12565
|
# @!attribute [rw] reason
|
12566
|
+
# Additional information about the exception.
|
11015
12567
|
# @return [String]
|
11016
12568
|
#
|
11017
12569
|
# @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/WAFInvalidParameterException AWS API Documentation
|
@@ -11077,8 +12629,8 @@ module Aws::WAFV2
|
|
11077
12629
|
|
11078
12630
|
# WAF couldn’t perform the operation because you exceeded your resource
|
11079
12631
|
# limit. For example, the maximum number of `WebACL` objects that you
|
11080
|
-
# can create for an account. For more information,
|
11081
|
-
# the *WAF Developer Guide*.
|
12632
|
+
# can create for an Amazon Web Services account. For more information,
|
12633
|
+
# see [WAF quotas][1] in the *WAF Developer Guide*.
|
11082
12634
|
#
|
11083
12635
|
#
|
11084
12636
|
#
|
@@ -11374,15 +12926,15 @@ module Aws::WAFV2
|
|
11374
12926
|
# @return [String]
|
11375
12927
|
#
|
11376
12928
|
# @!attribute [rw] lock_token
|
11377
|
-
# A token used for optimistic locking. WAF returns a token to your
|
11378
|
-
# and list requests, to mark the state of the entity at the
|
11379
|
-
# the request. To make changes to the entity associated with
|
11380
|
-
# token, you provide the token to operations like update and
|
11381
|
-
# WAF uses the token to ensure that no changes have been
|
11382
|
-
# entity since you last retrieved it. If a change has been
|
11383
|
-
# update fails with a `WAFOptimisticLockException`. If this
|
11384
|
-
# perform another get
|
11385
|
-
# operation.
|
12929
|
+
# A token used for optimistic locking. WAF returns a token to your
|
12930
|
+
# `get` and `list` requests, to mark the state of the entity at the
|
12931
|
+
# time of the request. To make changes to the entity associated with
|
12932
|
+
# the token, you provide the token to operations like `update` and
|
12933
|
+
# `delete`. WAF uses the token to ensure that no changes have been
|
12934
|
+
# made to the entity since you last retrieved it. If a change has been
|
12935
|
+
# made, the update fails with a `WAFOptimisticLockException`. If this
|
12936
|
+
# happens, perform another `get`, and use the new token returned by
|
12937
|
+
# that operation.
|
11386
12938
|
# @return [String]
|
11387
12939
|
#
|
11388
12940
|
# @!attribute [rw] arn
|