aws-sdk-wafv2 1.24.0 → 1.28.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG.md +20 -0
- data/VERSION +1 -1
- data/lib/aws-sdk-wafv2/client.rb +285 -12
- data/lib/aws-sdk-wafv2/client_api.rb +8 -0
- data/lib/aws-sdk-wafv2/types.rb +780 -30
- data/lib/aws-sdk-wafv2.rb +1 -1
- metadata +5 -5
data/lib/aws-sdk-wafv2/types.rb
CHANGED
@@ -39,6 +39,8 @@ module Aws::WAFV2
|
|
39
39
|
# This is used only to indicate the web request component for WAF to
|
40
40
|
# inspect, in the FieldToMatch specification.
|
41
41
|
#
|
42
|
+
# JSON specification: `"All": \{\}`
|
43
|
+
#
|
42
44
|
# @api private
|
43
45
|
#
|
44
46
|
# @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/All AWS API Documentation
|
@@ -50,6 +52,8 @@ module Aws::WAFV2
|
|
50
52
|
# This is used only to indicate the web request component for WAF to
|
51
53
|
# inspect, in the FieldToMatch specification.
|
52
54
|
#
|
55
|
+
# JSON specification: `"AllQueryArguments": \{\}`
|
56
|
+
#
|
53
57
|
# @api private
|
54
58
|
#
|
55
59
|
# @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/AllQueryArguments AWS API Documentation
|
@@ -353,6 +357,42 @@ module Aws::WAFV2
|
|
353
357
|
# scope: "LABEL", # required, accepts LABEL, NAMESPACE
|
354
358
|
# key: "LabelMatchKey", # required
|
355
359
|
# },
|
360
|
+
# regex_match_statement: {
|
361
|
+
# regex_string: "RegexPatternString", # required
|
362
|
+
# field_to_match: { # required
|
363
|
+
# single_header: {
|
364
|
+
# name: "FieldToMatchData", # required
|
365
|
+
# },
|
366
|
+
# single_query_argument: {
|
367
|
+
# name: "FieldToMatchData", # required
|
368
|
+
# },
|
369
|
+
# all_query_arguments: {
|
370
|
+
# },
|
371
|
+
# uri_path: {
|
372
|
+
# },
|
373
|
+
# query_string: {
|
374
|
+
# },
|
375
|
+
# body: {
|
376
|
+
# },
|
377
|
+
# method: {
|
378
|
+
# },
|
379
|
+
# json_body: {
|
380
|
+
# match_pattern: { # required
|
381
|
+
# all: {
|
382
|
+
# },
|
383
|
+
# included_paths: ["JsonPointerPath"],
|
384
|
+
# },
|
385
|
+
# match_scope: "ALL", # required, accepts ALL, KEY, VALUE
|
386
|
+
# invalid_fallback_behavior: "MATCH", # accepts MATCH, NO_MATCH, EVALUATE_AS_STRING
|
387
|
+
# },
|
388
|
+
# },
|
389
|
+
# text_transformations: [ # required
|
390
|
+
# {
|
391
|
+
# priority: 1, # required
|
392
|
+
# type: "NONE", # required, accepts NONE, COMPRESS_WHITE_SPACE, HTML_ENTITY_DECODE, LOWERCASE, CMD_LINE, URL_DECODE, BASE64_DECODE, HEX_DECODE, MD5, REPLACE_COMMENTS, ESCAPE_SEQ_DECODE, SQL_HEX_DECODE, CSS_DECODE, JS_DECODE, NORMALIZE_PATH, NORMALIZE_PATH_WIN, REMOVE_NULLS, REPLACE_NULLS, BASE64_DECODE_EXT, URL_DECODE_UNI, UTF8_TO_UNICODE
|
393
|
+
# },
|
394
|
+
# ],
|
395
|
+
# },
|
356
396
|
# },
|
357
397
|
# ],
|
358
398
|
# }
|
@@ -462,6 +502,8 @@ module Aws::WAFV2
|
|
462
502
|
# This is used only to indicate the web request component for WAF to
|
463
503
|
# inspect, in the FieldToMatch specification.
|
464
504
|
#
|
505
|
+
# JSON specification: `"Body": \{\}`
|
506
|
+
#
|
465
507
|
# @api private
|
466
508
|
#
|
467
509
|
# @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/Body AWS API Documentation
|
@@ -878,6 +920,42 @@ module Aws::WAFV2
|
|
878
920
|
# scope: "LABEL", # required, accepts LABEL, NAMESPACE
|
879
921
|
# key: "LabelMatchKey", # required
|
880
922
|
# },
|
923
|
+
# regex_match_statement: {
|
924
|
+
# regex_string: "RegexPatternString", # required
|
925
|
+
# field_to_match: { # required
|
926
|
+
# single_header: {
|
927
|
+
# name: "FieldToMatchData", # required
|
928
|
+
# },
|
929
|
+
# single_query_argument: {
|
930
|
+
# name: "FieldToMatchData", # required
|
931
|
+
# },
|
932
|
+
# all_query_arguments: {
|
933
|
+
# },
|
934
|
+
# uri_path: {
|
935
|
+
# },
|
936
|
+
# query_string: {
|
937
|
+
# },
|
938
|
+
# body: {
|
939
|
+
# },
|
940
|
+
# method: {
|
941
|
+
# },
|
942
|
+
# json_body: {
|
943
|
+
# match_pattern: { # required
|
944
|
+
# all: {
|
945
|
+
# },
|
946
|
+
# included_paths: ["JsonPointerPath"],
|
947
|
+
# },
|
948
|
+
# match_scope: "ALL", # required, accepts ALL, KEY, VALUE
|
949
|
+
# invalid_fallback_behavior: "MATCH", # accepts MATCH, NO_MATCH, EVALUATE_AS_STRING
|
950
|
+
# },
|
951
|
+
# },
|
952
|
+
# text_transformations: [ # required
|
953
|
+
# {
|
954
|
+
# priority: 1, # required
|
955
|
+
# type: "NONE", # required, accepts NONE, COMPRESS_WHITE_SPACE, HTML_ENTITY_DECODE, LOWERCASE, CMD_LINE, URL_DECODE, BASE64_DECODE, HEX_DECODE, MD5, REPLACE_COMMENTS, ESCAPE_SEQ_DECODE, SQL_HEX_DECODE, CSS_DECODE, JS_DECODE, NORMALIZE_PATH, NORMALIZE_PATH_WIN, REMOVE_NULLS, REPLACE_NULLS, BASE64_DECODE_EXT, URL_DECODE_UNI, UTF8_TO_UNICODE
|
956
|
+
# },
|
957
|
+
# ],
|
958
|
+
# },
|
881
959
|
# },
|
882
960
|
# action: {
|
883
961
|
# block: {
|
@@ -1508,6 +1586,42 @@ module Aws::WAFV2
|
|
1508
1586
|
# scope: "LABEL", # required, accepts LABEL, NAMESPACE
|
1509
1587
|
# key: "LabelMatchKey", # required
|
1510
1588
|
# },
|
1589
|
+
# regex_match_statement: {
|
1590
|
+
# regex_string: "RegexPatternString", # required
|
1591
|
+
# field_to_match: { # required
|
1592
|
+
# single_header: {
|
1593
|
+
# name: "FieldToMatchData", # required
|
1594
|
+
# },
|
1595
|
+
# single_query_argument: {
|
1596
|
+
# name: "FieldToMatchData", # required
|
1597
|
+
# },
|
1598
|
+
# all_query_arguments: {
|
1599
|
+
# },
|
1600
|
+
# uri_path: {
|
1601
|
+
# },
|
1602
|
+
# query_string: {
|
1603
|
+
# },
|
1604
|
+
# body: {
|
1605
|
+
# },
|
1606
|
+
# method: {
|
1607
|
+
# },
|
1608
|
+
# json_body: {
|
1609
|
+
# match_pattern: { # required
|
1610
|
+
# all: {
|
1611
|
+
# },
|
1612
|
+
# included_paths: ["JsonPointerPath"],
|
1613
|
+
# },
|
1614
|
+
# match_scope: "ALL", # required, accepts ALL, KEY, VALUE
|
1615
|
+
# invalid_fallback_behavior: "MATCH", # accepts MATCH, NO_MATCH, EVALUATE_AS_STRING
|
1616
|
+
# },
|
1617
|
+
# },
|
1618
|
+
# text_transformations: [ # required
|
1619
|
+
# {
|
1620
|
+
# priority: 1, # required
|
1621
|
+
# type: "NONE", # required, accepts NONE, COMPRESS_WHITE_SPACE, HTML_ENTITY_DECODE, LOWERCASE, CMD_LINE, URL_DECODE, BASE64_DECODE, HEX_DECODE, MD5, REPLACE_COMMENTS, ESCAPE_SEQ_DECODE, SQL_HEX_DECODE, CSS_DECODE, JS_DECODE, NORMALIZE_PATH, NORMALIZE_PATH_WIN, REMOVE_NULLS, REPLACE_NULLS, BASE64_DECODE_EXT, URL_DECODE_UNI, UTF8_TO_UNICODE
|
1622
|
+
# },
|
1623
|
+
# ],
|
1624
|
+
# },
|
1511
1625
|
# },
|
1512
1626
|
# action: {
|
1513
1627
|
# block: {
|
@@ -1984,6 +2098,42 @@ module Aws::WAFV2
|
|
1984
2098
|
# scope: "LABEL", # required, accepts LABEL, NAMESPACE
|
1985
2099
|
# key: "LabelMatchKey", # required
|
1986
2100
|
# },
|
2101
|
+
# regex_match_statement: {
|
2102
|
+
# regex_string: "RegexPatternString", # required
|
2103
|
+
# field_to_match: { # required
|
2104
|
+
# single_header: {
|
2105
|
+
# name: "FieldToMatchData", # required
|
2106
|
+
# },
|
2107
|
+
# single_query_argument: {
|
2108
|
+
# name: "FieldToMatchData", # required
|
2109
|
+
# },
|
2110
|
+
# all_query_arguments: {
|
2111
|
+
# },
|
2112
|
+
# uri_path: {
|
2113
|
+
# },
|
2114
|
+
# query_string: {
|
2115
|
+
# },
|
2116
|
+
# body: {
|
2117
|
+
# },
|
2118
|
+
# method: {
|
2119
|
+
# },
|
2120
|
+
# json_body: {
|
2121
|
+
# match_pattern: { # required
|
2122
|
+
# all: {
|
2123
|
+
# },
|
2124
|
+
# included_paths: ["JsonPointerPath"],
|
2125
|
+
# },
|
2126
|
+
# match_scope: "ALL", # required, accepts ALL, KEY, VALUE
|
2127
|
+
# invalid_fallback_behavior: "MATCH", # accepts MATCH, NO_MATCH, EVALUATE_AS_STRING
|
2128
|
+
# },
|
2129
|
+
# },
|
2130
|
+
# text_transformations: [ # required
|
2131
|
+
# {
|
2132
|
+
# priority: 1, # required
|
2133
|
+
# type: "NONE", # required, accepts NONE, COMPRESS_WHITE_SPACE, HTML_ENTITY_DECODE, LOWERCASE, CMD_LINE, URL_DECODE, BASE64_DECODE, HEX_DECODE, MD5, REPLACE_COMMENTS, ESCAPE_SEQ_DECODE, SQL_HEX_DECODE, CSS_DECODE, JS_DECODE, NORMALIZE_PATH, NORMALIZE_PATH_WIN, REMOVE_NULLS, REPLACE_NULLS, BASE64_DECODE_EXT, URL_DECODE_UNI, UTF8_TO_UNICODE
|
2134
|
+
# },
|
2135
|
+
# ],
|
2136
|
+
# },
|
1987
2137
|
# },
|
1988
2138
|
# action: {
|
1989
2139
|
# block: {
|
@@ -2954,6 +3104,14 @@ module Aws::WAFV2
|
|
2954
3104
|
# requires it. To inspect more than one component of a web request,
|
2955
3105
|
# create a separate rule statement for each component.
|
2956
3106
|
#
|
3107
|
+
# JSON specification for a `QueryString` field to match:
|
3108
|
+
#
|
3109
|
+
# ` "FieldToMatch": \{ "QueryString": \{\} \}`
|
3110
|
+
#
|
3111
|
+
# Example JSON for a `Method` field to match specification:
|
3112
|
+
#
|
3113
|
+
# ` "FieldToMatch": \{ "Method": \{ "Name": "DELETE" \} \}`
|
3114
|
+
#
|
2957
3115
|
# @note When making an API call, you may pass FieldToMatch
|
2958
3116
|
# data as a hash:
|
2959
3117
|
#
|
@@ -3195,8 +3353,8 @@ module Aws::WAFV2
|
|
3195
3353
|
# provide the ARN of the rule group in this statement.
|
3196
3354
|
#
|
3197
3355
|
# You cannot nest a `RuleGroupReferenceStatement`, for example for use
|
3198
|
-
# inside a `NotStatement` or `OrStatement`.
|
3199
|
-
#
|
3356
|
+
# inside a `NotStatement` or `OrStatement`. You can only use a rule
|
3357
|
+
# group reference statement at the top level inside a web ACL.
|
3200
3358
|
# @return [Types::RuleGroupReferenceStatement]
|
3201
3359
|
#
|
3202
3360
|
# @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/FirewallManagerStatement AWS API Documentation
|
@@ -3525,6 +3683,7 @@ module Aws::WAFV2
|
|
3525
3683
|
# scope: "CLOUDFRONT", # required, accepts CLOUDFRONT, REGIONAL
|
3526
3684
|
# web_acl_name: "EntityName", # required
|
3527
3685
|
# web_acl_id: "EntityId", # required
|
3686
|
+
# rule_group_rule_name: "EntityName",
|
3528
3687
|
# rule_name: "EntityName", # required
|
3529
3688
|
# }
|
3530
3689
|
#
|
@@ -3554,8 +3713,17 @@ module Aws::WAFV2
|
|
3554
3713
|
# like update and delete.
|
3555
3714
|
# @return [String]
|
3556
3715
|
#
|
3716
|
+
# @!attribute [rw] rule_group_rule_name
|
3717
|
+
# The name of the rule group reference statement in your web ACL. This
|
3718
|
+
# is required only when you have the rate-based rule nested inside a
|
3719
|
+
# rule group.
|
3720
|
+
# @return [String]
|
3721
|
+
#
|
3557
3722
|
# @!attribute [rw] rule_name
|
3558
|
-
# The name of the rate-based rule to get the keys for.
|
3723
|
+
# The name of the rate-based rule to get the keys for. If you have the
|
3724
|
+
# rule defined inside a rule group that you're using in your web ACL,
|
3725
|
+
# also provide the name of the rule group reference statement in the
|
3726
|
+
# request parameter `RuleGroupRuleName`.
|
3559
3727
|
# @return [String]
|
3560
3728
|
#
|
3561
3729
|
# @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/GetRateBasedStatementManagedKeysRequest AWS API Documentation
|
@@ -3564,6 +3732,7 @@ module Aws::WAFV2
|
|
3564
3732
|
:scope,
|
3565
3733
|
:web_acl_name,
|
3566
3734
|
:web_acl_id,
|
3735
|
+
:rule_group_rule_name,
|
3567
3736
|
:rule_name)
|
3568
3737
|
SENSITIVE = []
|
3569
3738
|
include Aws::Structure
|
@@ -4283,6 +4452,9 @@ module Aws::WAFV2
|
|
4283
4452
|
# inspects only the parts of the JSON that result from the matches that
|
4284
4453
|
# you indicate.
|
4285
4454
|
#
|
4455
|
+
# Example JSON: `"JsonBody": \{ "MatchPattern": \{ "All": \{\} \},
|
4456
|
+
# "MatchScope": "ALL" \}`
|
4457
|
+
#
|
4286
4458
|
# @note When making an API call, you may pass JsonBody
|
4287
4459
|
# data as a hash:
|
4288
4460
|
#
|
@@ -5267,11 +5439,11 @@ module Aws::WAFV2
|
|
5267
5439
|
#
|
5268
5440
|
# @!attribute [rw] redacted_fields
|
5269
5441
|
# The parts of the request that you want to keep out of the logs. For
|
5270
|
-
# example, if you redact the `
|
5271
|
-
# firehose will be `xxx`.
|
5442
|
+
# example, if you redact the `SingleHeader` field, the `HEADER` field
|
5443
|
+
# in the firehose will be `xxx`.
|
5272
5444
|
#
|
5273
|
-
# <note markdown="1"> You
|
5274
|
-
# `
|
5445
|
+
# <note markdown="1"> You can specify only the following fields for redaction: `UriPath`,
|
5446
|
+
# `QueryString`, `SingleHeader`, `Method`, and `JsonBody`.
|
5275
5447
|
#
|
5276
5448
|
# </note>
|
5277
5449
|
# @return [Array<Types::FieldToMatch>]
|
@@ -5620,6 +5792,42 @@ module Aws::WAFV2
|
|
5620
5792
|
# scope: "LABEL", # required, accepts LABEL, NAMESPACE
|
5621
5793
|
# key: "LabelMatchKey", # required
|
5622
5794
|
# },
|
5795
|
+
# regex_match_statement: {
|
5796
|
+
# regex_string: "RegexPatternString", # required
|
5797
|
+
# field_to_match: { # required
|
5798
|
+
# single_header: {
|
5799
|
+
# name: "FieldToMatchData", # required
|
5800
|
+
# },
|
5801
|
+
# single_query_argument: {
|
5802
|
+
# name: "FieldToMatchData", # required
|
5803
|
+
# },
|
5804
|
+
# all_query_arguments: {
|
5805
|
+
# },
|
5806
|
+
# uri_path: {
|
5807
|
+
# },
|
5808
|
+
# query_string: {
|
5809
|
+
# },
|
5810
|
+
# body: {
|
5811
|
+
# },
|
5812
|
+
# method: {
|
5813
|
+
# },
|
5814
|
+
# json_body: {
|
5815
|
+
# match_pattern: { # required
|
5816
|
+
# all: {
|
5817
|
+
# },
|
5818
|
+
# included_paths: ["JsonPointerPath"],
|
5819
|
+
# },
|
5820
|
+
# match_scope: "ALL", # required, accepts ALL, KEY, VALUE
|
5821
|
+
# invalid_fallback_behavior: "MATCH", # accepts MATCH, NO_MATCH, EVALUATE_AS_STRING
|
5822
|
+
# },
|
5823
|
+
# },
|
5824
|
+
# text_transformations: [ # required
|
5825
|
+
# {
|
5826
|
+
# priority: 1, # required
|
5827
|
+
# type: "NONE", # required, accepts NONE, COMPRESS_WHITE_SPACE, HTML_ENTITY_DECODE, LOWERCASE, CMD_LINE, URL_DECODE, BASE64_DECODE, HEX_DECODE, MD5, REPLACE_COMMENTS, ESCAPE_SEQ_DECODE, SQL_HEX_DECODE, CSS_DECODE, JS_DECODE, NORMALIZE_PATH, NORMALIZE_PATH_WIN, REMOVE_NULLS, REPLACE_NULLS, BASE64_DECODE_EXT, URL_DECODE_UNI, UTF8_TO_UNICODE
|
5828
|
+
# },
|
5829
|
+
# ],
|
5830
|
+
# },
|
5623
5831
|
# },
|
5624
5832
|
# }
|
5625
5833
|
#
|
@@ -5673,8 +5881,9 @@ module Aws::WAFV2
|
|
5673
5881
|
# name and vendor name, that you provide when you add a
|
5674
5882
|
# ManagedRuleGroupStatement to a web ACL. Managed rule groups include
|
5675
5883
|
# Amazon Web Services Managed Rules rule groups, which are free of
|
5676
|
-
# charge to WAF customers, and
|
5677
|
-
# you can subscribe to through
|
5884
|
+
# charge to WAF customers, and Amazon Web Services Marketplace managed
|
5885
|
+
# rule groups, which you can subscribe to through Amazon Web Services
|
5886
|
+
# Marketplace.
|
5678
5887
|
#
|
5679
5888
|
# @!attribute [rw] vendor_name
|
5680
5889
|
# The name of the managed rule group vendor. You use this, along with
|
@@ -5688,7 +5897,8 @@ module Aws::WAFV2
|
|
5688
5897
|
#
|
5689
5898
|
# @!attribute [rw] description
|
5690
5899
|
# The description of the managed rule group, provided by Amazon Web
|
5691
|
-
# Services Managed Rules or the
|
5900
|
+
# Services Managed Rules or the Amazon Web Services Marketplace seller
|
5901
|
+
# who manages it.
|
5692
5902
|
# @return [String]
|
5693
5903
|
#
|
5694
5904
|
# @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/ManagedRuleGroupSummary AWS API Documentation
|
@@ -5721,11 +5931,12 @@ module Aws::WAFV2
|
|
5721
5931
|
include Aws::Structure
|
5722
5932
|
end
|
5723
5933
|
|
5724
|
-
# A set of rules that is managed by Amazon Web Services and
|
5725
|
-
# sellers to provide versioned managed rule groups
|
5934
|
+
# A set of rules that is managed by Amazon Web Services and Amazon Web
|
5935
|
+
# Services Marketplace sellers to provide versioned managed rule groups
|
5936
|
+
# for customers of WAF.
|
5726
5937
|
#
|
5727
5938
|
# <note markdown="1"> This is intended for use only by vendors of managed rule sets. Vendors
|
5728
|
-
# are Amazon Web Services and Marketplace sellers.
|
5939
|
+
# are Amazon Web Services and Amazon Web Services Marketplace sellers.
|
5729
5940
|
#
|
5730
5941
|
# Vendors, you can use the managed rule set APIs to provide controlled
|
5731
5942
|
# rollout of your versioned managed rule group offerings for your
|
@@ -5801,7 +6012,7 @@ module Aws::WAFV2
|
|
5801
6012
|
# High-level information for a managed rule set.
|
5802
6013
|
#
|
5803
6014
|
# <note markdown="1"> This is intended for use only by vendors of managed rule sets. Vendors
|
5804
|
-
# are Amazon Web Services and Marketplace sellers.
|
6015
|
+
# are Amazon Web Services and Amazon Web Services Marketplace sellers.
|
5805
6016
|
#
|
5806
6017
|
# Vendors, you can use the managed rule set APIs to provide controlled
|
5807
6018
|
# rollout of your versioned managed rule group offerings for your
|
@@ -5879,7 +6090,7 @@ module Aws::WAFV2
|
|
5879
6090
|
# Information for a single version of a managed rule set.
|
5880
6091
|
#
|
5881
6092
|
# <note markdown="1"> This is intended for use only by vendors of managed rule sets. Vendors
|
5882
|
-
# are Amazon Web Services and Marketplace sellers.
|
6093
|
+
# are Amazon Web Services and Amazon Web Services Marketplace sellers.
|
5883
6094
|
#
|
5884
6095
|
# Vendors, you can use the managed rule set APIs to provide controlled
|
5885
6096
|
# rollout of your versioned managed rule group offerings for your
|
@@ -5955,6 +6166,8 @@ module Aws::WAFV2
|
|
5955
6166
|
# This is used only to indicate the web request component for WAF to
|
5956
6167
|
# inspect, in the FieldToMatch specification.
|
5957
6168
|
#
|
6169
|
+
# JSON specification: `"Method": \{\}`
|
6170
|
+
#
|
5958
6171
|
# @api private
|
5959
6172
|
#
|
5960
6173
|
# @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/Method AWS API Documentation
|
@@ -5968,6 +6181,8 @@ module Aws::WAFV2
|
|
5968
6181
|
# This is used in the context of other settings, for example to specify
|
5969
6182
|
# values for RuleAction and web ACL DefaultAction.
|
5970
6183
|
#
|
6184
|
+
# JSON specification: `"None": \{\}`
|
6185
|
+
#
|
5971
6186
|
# @api private
|
5972
6187
|
#
|
5973
6188
|
# @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/NoneAction AWS API Documentation
|
@@ -6232,6 +6447,42 @@ module Aws::WAFV2
|
|
6232
6447
|
# scope: "LABEL", # required, accepts LABEL, NAMESPACE
|
6233
6448
|
# key: "LabelMatchKey", # required
|
6234
6449
|
# },
|
6450
|
+
# regex_match_statement: {
|
6451
|
+
# regex_string: "RegexPatternString", # required
|
6452
|
+
# field_to_match: { # required
|
6453
|
+
# single_header: {
|
6454
|
+
# name: "FieldToMatchData", # required
|
6455
|
+
# },
|
6456
|
+
# single_query_argument: {
|
6457
|
+
# name: "FieldToMatchData", # required
|
6458
|
+
# },
|
6459
|
+
# all_query_arguments: {
|
6460
|
+
# },
|
6461
|
+
# uri_path: {
|
6462
|
+
# },
|
6463
|
+
# query_string: {
|
6464
|
+
# },
|
6465
|
+
# body: {
|
6466
|
+
# },
|
6467
|
+
# method: {
|
6468
|
+
# },
|
6469
|
+
# json_body: {
|
6470
|
+
# match_pattern: { # required
|
6471
|
+
# all: {
|
6472
|
+
# },
|
6473
|
+
# included_paths: ["JsonPointerPath"],
|
6474
|
+
# },
|
6475
|
+
# match_scope: "ALL", # required, accepts ALL, KEY, VALUE
|
6476
|
+
# invalid_fallback_behavior: "MATCH", # accepts MATCH, NO_MATCH, EVALUATE_AS_STRING
|
6477
|
+
# },
|
6478
|
+
# },
|
6479
|
+
# text_transformations: [ # required
|
6480
|
+
# {
|
6481
|
+
# priority: 1, # required
|
6482
|
+
# type: "NONE", # required, accepts NONE, COMPRESS_WHITE_SPACE, HTML_ENTITY_DECODE, LOWERCASE, CMD_LINE, URL_DECODE, BASE64_DECODE, HEX_DECODE, MD5, REPLACE_COMMENTS, ESCAPE_SEQ_DECODE, SQL_HEX_DECODE, CSS_DECODE, JS_DECODE, NORMALIZE_PATH, NORMALIZE_PATH_WIN, REMOVE_NULLS, REPLACE_NULLS, BASE64_DECODE_EXT, URL_DECODE_UNI, UTF8_TO_UNICODE
|
6483
|
+
# },
|
6484
|
+
# ],
|
6485
|
+
# },
|
6235
6486
|
# },
|
6236
6487
|
# }
|
6237
6488
|
#
|
@@ -6503,6 +6754,42 @@ module Aws::WAFV2
|
|
6503
6754
|
# scope: "LABEL", # required, accepts LABEL, NAMESPACE
|
6504
6755
|
# key: "LabelMatchKey", # required
|
6505
6756
|
# },
|
6757
|
+
# regex_match_statement: {
|
6758
|
+
# regex_string: "RegexPatternString", # required
|
6759
|
+
# field_to_match: { # required
|
6760
|
+
# single_header: {
|
6761
|
+
# name: "FieldToMatchData", # required
|
6762
|
+
# },
|
6763
|
+
# single_query_argument: {
|
6764
|
+
# name: "FieldToMatchData", # required
|
6765
|
+
# },
|
6766
|
+
# all_query_arguments: {
|
6767
|
+
# },
|
6768
|
+
# uri_path: {
|
6769
|
+
# },
|
6770
|
+
# query_string: {
|
6771
|
+
# },
|
6772
|
+
# body: {
|
6773
|
+
# },
|
6774
|
+
# method: {
|
6775
|
+
# },
|
6776
|
+
# json_body: {
|
6777
|
+
# match_pattern: { # required
|
6778
|
+
# all: {
|
6779
|
+
# },
|
6780
|
+
# included_paths: ["JsonPointerPath"],
|
6781
|
+
# },
|
6782
|
+
# match_scope: "ALL", # required, accepts ALL, KEY, VALUE
|
6783
|
+
# invalid_fallback_behavior: "MATCH", # accepts MATCH, NO_MATCH, EVALUATE_AS_STRING
|
6784
|
+
# },
|
6785
|
+
# },
|
6786
|
+
# text_transformations: [ # required
|
6787
|
+
# {
|
6788
|
+
# priority: 1, # required
|
6789
|
+
# type: "NONE", # required, accepts NONE, COMPRESS_WHITE_SPACE, HTML_ENTITY_DECODE, LOWERCASE, CMD_LINE, URL_DECODE, BASE64_DECODE, HEX_DECODE, MD5, REPLACE_COMMENTS, ESCAPE_SEQ_DECODE, SQL_HEX_DECODE, CSS_DECODE, JS_DECODE, NORMALIZE_PATH, NORMALIZE_PATH_WIN, REMOVE_NULLS, REPLACE_NULLS, BASE64_DECODE_EXT, URL_DECODE_UNI, UTF8_TO_UNICODE
|
6790
|
+
# },
|
6791
|
+
# ],
|
6792
|
+
# },
|
6506
6793
|
# },
|
6507
6794
|
# ],
|
6508
6795
|
# }
|
@@ -6812,6 +7099,8 @@ module Aws::WAFV2
|
|
6812
7099
|
# This is used only to indicate the web request component for WAF to
|
6813
7100
|
# inspect, in the FieldToMatch specification.
|
6814
7101
|
#
|
7102
|
+
# JSON specification: `"QueryString": \{\}`
|
7103
|
+
#
|
6815
7104
|
# @api private
|
6816
7105
|
#
|
6817
7106
|
# @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/QueryString AWS API Documentation
|
@@ -6824,6 +7113,15 @@ module Aws::WAFV2
|
|
6824
7113
|
# You can use this to put a temporary block on requests from an IP
|
6825
7114
|
# address that is sending excessive requests.
|
6826
7115
|
#
|
7116
|
+
# WAF tracks and manages web requests separately for each instance of a
|
7117
|
+
# rate-based rule that you use. For example, if you provide the same
|
7118
|
+
# rate-based rule settings in two web ACLs, each of the two rule
|
7119
|
+
# statements represents a separate instance of the rate-based rule and
|
7120
|
+
# gets its own tracking and management by WAF. If you define a
|
7121
|
+
# rate-based rule inside a rule group, and then use that rule group in
|
7122
|
+
# multiple places, each use creates a separate instance of the
|
7123
|
+
# rate-based rule that gets its own tracking and management by WAF.
|
7124
|
+
#
|
6827
7125
|
# When the rule action triggers, WAF blocks additional requests from the
|
6828
7126
|
# IP address until the request rate falls below the limit.
|
6829
7127
|
#
|
@@ -6847,9 +7145,9 @@ module Aws::WAFV2
|
|
6847
7145
|
# not meet both conditions are not counted towards the rate limit and
|
6848
7146
|
# are not affected by this rule.
|
6849
7147
|
#
|
6850
|
-
# You cannot nest a `RateBasedStatement
|
6851
|
-
# `NotStatement` or `OrStatement`.
|
6852
|
-
#
|
7148
|
+
# You cannot nest a `RateBasedStatement` inside another statement, for
|
7149
|
+
# example inside a `NotStatement` or `OrStatement`. You can define a
|
7150
|
+
# `RateBasedStatement` inside a web ACL and inside a rule group.
|
6853
7151
|
#
|
6854
7152
|
# @note When making an API call, you may pass RateBasedStatement
|
6855
7153
|
# data as a hash:
|
@@ -7108,7 +7406,43 @@ module Aws::WAFV2
|
|
7108
7406
|
# scope: "LABEL", # required, accepts LABEL, NAMESPACE
|
7109
7407
|
# key: "LabelMatchKey", # required
|
7110
7408
|
# },
|
7111
|
-
#
|
7409
|
+
# regex_match_statement: {
|
7410
|
+
# regex_string: "RegexPatternString", # required
|
7411
|
+
# field_to_match: { # required
|
7412
|
+
# single_header: {
|
7413
|
+
# name: "FieldToMatchData", # required
|
7414
|
+
# },
|
7415
|
+
# single_query_argument: {
|
7416
|
+
# name: "FieldToMatchData", # required
|
7417
|
+
# },
|
7418
|
+
# all_query_arguments: {
|
7419
|
+
# },
|
7420
|
+
# uri_path: {
|
7421
|
+
# },
|
7422
|
+
# query_string: {
|
7423
|
+
# },
|
7424
|
+
# body: {
|
7425
|
+
# },
|
7426
|
+
# method: {
|
7427
|
+
# },
|
7428
|
+
# json_body: {
|
7429
|
+
# match_pattern: { # required
|
7430
|
+
# all: {
|
7431
|
+
# },
|
7432
|
+
# included_paths: ["JsonPointerPath"],
|
7433
|
+
# },
|
7434
|
+
# match_scope: "ALL", # required, accepts ALL, KEY, VALUE
|
7435
|
+
# invalid_fallback_behavior: "MATCH", # accepts MATCH, NO_MATCH, EVALUATE_AS_STRING
|
7436
|
+
# },
|
7437
|
+
# },
|
7438
|
+
# text_transformations: [ # required
|
7439
|
+
# {
|
7440
|
+
# priority: 1, # required
|
7441
|
+
# type: "NONE", # required, accepts NONE, COMPRESS_WHITE_SPACE, HTML_ENTITY_DECODE, LOWERCASE, CMD_LINE, URL_DECODE, BASE64_DECODE, HEX_DECODE, MD5, REPLACE_COMMENTS, ESCAPE_SEQ_DECODE, SQL_HEX_DECODE, CSS_DECODE, JS_DECODE, NORMALIZE_PATH, NORMALIZE_PATH_WIN, REMOVE_NULLS, REPLACE_NULLS, BASE64_DECODE_EXT, URL_DECODE_UNI, UTF8_TO_UNICODE
|
7442
|
+
# },
|
7443
|
+
# ],
|
7444
|
+
# },
|
7445
|
+
# },
|
7112
7446
|
# forwarded_ip_config: {
|
7113
7447
|
# header_name: "ForwardedIPHeaderName", # required
|
7114
7448
|
# fallback_behavior: "MATCH", # required, accepts MATCH, NO_MATCH
|
@@ -7167,8 +7501,8 @@ module Aws::WAFV2
|
|
7167
7501
|
include Aws::Structure
|
7168
7502
|
end
|
7169
7503
|
|
7170
|
-
# The set of IP addresses that are currently blocked for a
|
7171
|
-
#
|
7504
|
+
# The set of IP addresses that are currently blocked for a
|
7505
|
+
# RateBasedStatement.
|
7172
7506
|
#
|
7173
7507
|
# @!attribute [rw] ip_address_version
|
7174
7508
|
# The version of the IP addresses, either `IPV4` or `IPV6`.
|
@@ -7208,6 +7542,77 @@ module Aws::WAFV2
|
|
7208
7542
|
include Aws::Structure
|
7209
7543
|
end
|
7210
7544
|
|
7545
|
+
# A rule statement used to search web request components for a match
|
7546
|
+
# against a single regular expression.
|
7547
|
+
#
|
7548
|
+
# @note When making an API call, you may pass RegexMatchStatement
|
7549
|
+
# data as a hash:
|
7550
|
+
#
|
7551
|
+
# {
|
7552
|
+
# regex_string: "RegexPatternString", # required
|
7553
|
+
# field_to_match: { # required
|
7554
|
+
# single_header: {
|
7555
|
+
# name: "FieldToMatchData", # required
|
7556
|
+
# },
|
7557
|
+
# single_query_argument: {
|
7558
|
+
# name: "FieldToMatchData", # required
|
7559
|
+
# },
|
7560
|
+
# all_query_arguments: {
|
7561
|
+
# },
|
7562
|
+
# uri_path: {
|
7563
|
+
# },
|
7564
|
+
# query_string: {
|
7565
|
+
# },
|
7566
|
+
# body: {
|
7567
|
+
# },
|
7568
|
+
# method: {
|
7569
|
+
# },
|
7570
|
+
# json_body: {
|
7571
|
+
# match_pattern: { # required
|
7572
|
+
# all: {
|
7573
|
+
# },
|
7574
|
+
# included_paths: ["JsonPointerPath"],
|
7575
|
+
# },
|
7576
|
+
# match_scope: "ALL", # required, accepts ALL, KEY, VALUE
|
7577
|
+
# invalid_fallback_behavior: "MATCH", # accepts MATCH, NO_MATCH, EVALUATE_AS_STRING
|
7578
|
+
# },
|
7579
|
+
# },
|
7580
|
+
# text_transformations: [ # required
|
7581
|
+
# {
|
7582
|
+
# priority: 1, # required
|
7583
|
+
# type: "NONE", # required, accepts NONE, COMPRESS_WHITE_SPACE, HTML_ENTITY_DECODE, LOWERCASE, CMD_LINE, URL_DECODE, BASE64_DECODE, HEX_DECODE, MD5, REPLACE_COMMENTS, ESCAPE_SEQ_DECODE, SQL_HEX_DECODE, CSS_DECODE, JS_DECODE, NORMALIZE_PATH, NORMALIZE_PATH_WIN, REMOVE_NULLS, REPLACE_NULLS, BASE64_DECODE_EXT, URL_DECODE_UNI, UTF8_TO_UNICODE
|
7584
|
+
# },
|
7585
|
+
# ],
|
7586
|
+
# }
|
7587
|
+
#
|
7588
|
+
# @!attribute [rw] regex_string
|
7589
|
+
# The string representing the regular expression.
|
7590
|
+
# @return [String]
|
7591
|
+
#
|
7592
|
+
# @!attribute [rw] field_to_match
|
7593
|
+
# The part of a web request that you want WAF to inspect. For more
|
7594
|
+
# information, see FieldToMatch.
|
7595
|
+
# @return [Types::FieldToMatch]
|
7596
|
+
#
|
7597
|
+
# @!attribute [rw] text_transformations
|
7598
|
+
# Text transformations eliminate some of the unusual formatting that
|
7599
|
+
# attackers use in web requests in an effort to bypass detection. If
|
7600
|
+
# you specify one or more transformations in a rule statement, WAF
|
7601
|
+
# performs all transformations on the content of the request component
|
7602
|
+
# identified by `FieldToMatch`, starting from the lowest priority
|
7603
|
+
# setting, before inspecting the content for a match.
|
7604
|
+
# @return [Array<Types::TextTransformation>]
|
7605
|
+
#
|
7606
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/RegexMatchStatement AWS API Documentation
|
7607
|
+
#
|
7608
|
+
class RegexMatchStatement < Struct.new(
|
7609
|
+
:regex_string,
|
7610
|
+
:field_to_match,
|
7611
|
+
:text_transformations)
|
7612
|
+
SENSITIVE = []
|
7613
|
+
include Aws::Structure
|
7614
|
+
end
|
7615
|
+
|
7211
7616
|
# Contains one or more regular expressions.
|
7212
7617
|
#
|
7213
7618
|
# WAF assigns an ARN to each `RegexPatternSet` that you create. To use a
|
@@ -7641,6 +8046,42 @@ module Aws::WAFV2
|
|
7641
8046
|
# scope: "LABEL", # required, accepts LABEL, NAMESPACE
|
7642
8047
|
# key: "LabelMatchKey", # required
|
7643
8048
|
# },
|
8049
|
+
# regex_match_statement: {
|
8050
|
+
# regex_string: "RegexPatternString", # required
|
8051
|
+
# field_to_match: { # required
|
8052
|
+
# single_header: {
|
8053
|
+
# name: "FieldToMatchData", # required
|
8054
|
+
# },
|
8055
|
+
# single_query_argument: {
|
8056
|
+
# name: "FieldToMatchData", # required
|
8057
|
+
# },
|
8058
|
+
# all_query_arguments: {
|
8059
|
+
# },
|
8060
|
+
# uri_path: {
|
8061
|
+
# },
|
8062
|
+
# query_string: {
|
8063
|
+
# },
|
8064
|
+
# body: {
|
8065
|
+
# },
|
8066
|
+
# method: {
|
8067
|
+
# },
|
8068
|
+
# json_body: {
|
8069
|
+
# match_pattern: { # required
|
8070
|
+
# all: {
|
8071
|
+
# },
|
8072
|
+
# included_paths: ["JsonPointerPath"],
|
8073
|
+
# },
|
8074
|
+
# match_scope: "ALL", # required, accepts ALL, KEY, VALUE
|
8075
|
+
# invalid_fallback_behavior: "MATCH", # accepts MATCH, NO_MATCH, EVALUATE_AS_STRING
|
8076
|
+
# },
|
8077
|
+
# },
|
8078
|
+
# text_transformations: [ # required
|
8079
|
+
# {
|
8080
|
+
# priority: 1, # required
|
8081
|
+
# type: "NONE", # required, accepts NONE, COMPRESS_WHITE_SPACE, HTML_ENTITY_DECODE, LOWERCASE, CMD_LINE, URL_DECODE, BASE64_DECODE, HEX_DECODE, MD5, REPLACE_COMMENTS, ESCAPE_SEQ_DECODE, SQL_HEX_DECODE, CSS_DECODE, JS_DECODE, NORMALIZE_PATH, NORMALIZE_PATH_WIN, REMOVE_NULLS, REPLACE_NULLS, BASE64_DECODE_EXT, URL_DECODE_UNI, UTF8_TO_UNICODE
|
8082
|
+
# },
|
8083
|
+
# ],
|
8084
|
+
# },
|
7644
8085
|
# },
|
7645
8086
|
# action: {
|
7646
8087
|
# block: {
|
@@ -7996,8 +8437,8 @@ module Aws::WAFV2
|
|
7996
8437
|
# provide the ARN of the rule group in this statement.
|
7997
8438
|
#
|
7998
8439
|
# You cannot nest a `RuleGroupReferenceStatement`, for example for use
|
7999
|
-
# inside a `NotStatement` or `OrStatement`.
|
8000
|
-
#
|
8440
|
+
# inside a `NotStatement` or `OrStatement`. You can only use a rule
|
8441
|
+
# group reference statement at the top level inside a web ACL.
|
8001
8442
|
#
|
8002
8443
|
# @note When making an API call, you may pass RuleGroupReferenceStatement
|
8003
8444
|
# data as a hash:
|
@@ -8179,6 +8620,8 @@ module Aws::WAFV2
|
|
8179
8620
|
# This is used only to indicate the web request component for WAF to
|
8180
8621
|
# inspect, in the FieldToMatch specification.
|
8181
8622
|
#
|
8623
|
+
# Example JSON: `"SingleHeader": \{ "Name": "haystack" \}`
|
8624
|
+
#
|
8182
8625
|
# @note When making an API call, you may pass SingleHeader
|
8183
8626
|
# data as a hash:
|
8184
8627
|
#
|
@@ -8202,6 +8645,8 @@ module Aws::WAFV2
|
|
8202
8645
|
# *UserName* or *SalesRegion*. The name can be up to 30 characters long
|
8203
8646
|
# and isn't case sensitive.
|
8204
8647
|
#
|
8648
|
+
# Example JSON: `"SingleQueryArgument": \{ "Name": "myArgument" \}`
|
8649
|
+
#
|
8205
8650
|
# @note When making an API call, you may pass SingleQueryArgument
|
8206
8651
|
# data as a hash:
|
8207
8652
|
#
|
@@ -8837,6 +9282,42 @@ module Aws::WAFV2
|
|
8837
9282
|
# scope: "LABEL", # required, accepts LABEL, NAMESPACE
|
8838
9283
|
# key: "LabelMatchKey", # required
|
8839
9284
|
# },
|
9285
|
+
# regex_match_statement: {
|
9286
|
+
# regex_string: "RegexPatternString", # required
|
9287
|
+
# field_to_match: { # required
|
9288
|
+
# single_header: {
|
9289
|
+
# name: "FieldToMatchData", # required
|
9290
|
+
# },
|
9291
|
+
# single_query_argument: {
|
9292
|
+
# name: "FieldToMatchData", # required
|
9293
|
+
# },
|
9294
|
+
# all_query_arguments: {
|
9295
|
+
# },
|
9296
|
+
# uri_path: {
|
9297
|
+
# },
|
9298
|
+
# query_string: {
|
9299
|
+
# },
|
9300
|
+
# body: {
|
9301
|
+
# },
|
9302
|
+
# method: {
|
9303
|
+
# },
|
9304
|
+
# json_body: {
|
9305
|
+
# match_pattern: { # required
|
9306
|
+
# all: {
|
9307
|
+
# },
|
9308
|
+
# included_paths: ["JsonPointerPath"],
|
9309
|
+
# },
|
9310
|
+
# match_scope: "ALL", # required, accepts ALL, KEY, VALUE
|
9311
|
+
# invalid_fallback_behavior: "MATCH", # accepts MATCH, NO_MATCH, EVALUATE_AS_STRING
|
9312
|
+
# },
|
9313
|
+
# },
|
9314
|
+
# text_transformations: [ # required
|
9315
|
+
# {
|
9316
|
+
# priority: 1, # required
|
9317
|
+
# type: "NONE", # required, accepts NONE, COMPRESS_WHITE_SPACE, HTML_ENTITY_DECODE, LOWERCASE, CMD_LINE, URL_DECODE, BASE64_DECODE, HEX_DECODE, MD5, REPLACE_COMMENTS, ESCAPE_SEQ_DECODE, SQL_HEX_DECODE, CSS_DECODE, JS_DECODE, NORMALIZE_PATH, NORMALIZE_PATH_WIN, REMOVE_NULLS, REPLACE_NULLS, BASE64_DECODE_EXT, URL_DECODE_UNI, UTF8_TO_UNICODE
|
9318
|
+
# },
|
9319
|
+
# ],
|
9320
|
+
# },
|
8840
9321
|
# },
|
8841
9322
|
# forwarded_ip_config: {
|
8842
9323
|
# header_name: "ForwardedIPHeaderName", # required
|
@@ -9090,6 +9571,42 @@ module Aws::WAFV2
|
|
9090
9571
|
# scope: "LABEL", # required, accepts LABEL, NAMESPACE
|
9091
9572
|
# key: "LabelMatchKey", # required
|
9092
9573
|
# },
|
9574
|
+
# regex_match_statement: {
|
9575
|
+
# regex_string: "RegexPatternString", # required
|
9576
|
+
# field_to_match: { # required
|
9577
|
+
# single_header: {
|
9578
|
+
# name: "FieldToMatchData", # required
|
9579
|
+
# },
|
9580
|
+
# single_query_argument: {
|
9581
|
+
# name: "FieldToMatchData", # required
|
9582
|
+
# },
|
9583
|
+
# all_query_arguments: {
|
9584
|
+
# },
|
9585
|
+
# uri_path: {
|
9586
|
+
# },
|
9587
|
+
# query_string: {
|
9588
|
+
# },
|
9589
|
+
# body: {
|
9590
|
+
# },
|
9591
|
+
# method: {
|
9592
|
+
# },
|
9593
|
+
# json_body: {
|
9594
|
+
# match_pattern: { # required
|
9595
|
+
# all: {
|
9596
|
+
# },
|
9597
|
+
# included_paths: ["JsonPointerPath"],
|
9598
|
+
# },
|
9599
|
+
# match_scope: "ALL", # required, accepts ALL, KEY, VALUE
|
9600
|
+
# invalid_fallback_behavior: "MATCH", # accepts MATCH, NO_MATCH, EVALUATE_AS_STRING
|
9601
|
+
# },
|
9602
|
+
# },
|
9603
|
+
# text_transformations: [ # required
|
9604
|
+
# {
|
9605
|
+
# priority: 1, # required
|
9606
|
+
# type: "NONE", # required, accepts NONE, COMPRESS_WHITE_SPACE, HTML_ENTITY_DECODE, LOWERCASE, CMD_LINE, URL_DECODE, BASE64_DECODE, HEX_DECODE, MD5, REPLACE_COMMENTS, ESCAPE_SEQ_DECODE, SQL_HEX_DECODE, CSS_DECODE, JS_DECODE, NORMALIZE_PATH, NORMALIZE_PATH_WIN, REMOVE_NULLS, REPLACE_NULLS, BASE64_DECODE_EXT, URL_DECODE_UNI, UTF8_TO_UNICODE
|
9607
|
+
# },
|
9608
|
+
# ],
|
9609
|
+
# },
|
9093
9610
|
# },
|
9094
9611
|
# ],
|
9095
9612
|
# },
|
@@ -9340,6 +9857,42 @@ module Aws::WAFV2
|
|
9340
9857
|
# scope: "LABEL", # required, accepts LABEL, NAMESPACE
|
9341
9858
|
# key: "LabelMatchKey", # required
|
9342
9859
|
# },
|
9860
|
+
# regex_match_statement: {
|
9861
|
+
# regex_string: "RegexPatternString", # required
|
9862
|
+
# field_to_match: { # required
|
9863
|
+
# single_header: {
|
9864
|
+
# name: "FieldToMatchData", # required
|
9865
|
+
# },
|
9866
|
+
# single_query_argument: {
|
9867
|
+
# name: "FieldToMatchData", # required
|
9868
|
+
# },
|
9869
|
+
# all_query_arguments: {
|
9870
|
+
# },
|
9871
|
+
# uri_path: {
|
9872
|
+
# },
|
9873
|
+
# query_string: {
|
9874
|
+
# },
|
9875
|
+
# body: {
|
9876
|
+
# },
|
9877
|
+
# method: {
|
9878
|
+
# },
|
9879
|
+
# json_body: {
|
9880
|
+
# match_pattern: { # required
|
9881
|
+
# all: {
|
9882
|
+
# },
|
9883
|
+
# included_paths: ["JsonPointerPath"],
|
9884
|
+
# },
|
9885
|
+
# match_scope: "ALL", # required, accepts ALL, KEY, VALUE
|
9886
|
+
# invalid_fallback_behavior: "MATCH", # accepts MATCH, NO_MATCH, EVALUATE_AS_STRING
|
9887
|
+
# },
|
9888
|
+
# },
|
9889
|
+
# text_transformations: [ # required
|
9890
|
+
# {
|
9891
|
+
# priority: 1, # required
|
9892
|
+
# type: "NONE", # required, accepts NONE, COMPRESS_WHITE_SPACE, HTML_ENTITY_DECODE, LOWERCASE, CMD_LINE, URL_DECODE, BASE64_DECODE, HEX_DECODE, MD5, REPLACE_COMMENTS, ESCAPE_SEQ_DECODE, SQL_HEX_DECODE, CSS_DECODE, JS_DECODE, NORMALIZE_PATH, NORMALIZE_PATH_WIN, REMOVE_NULLS, REPLACE_NULLS, BASE64_DECODE_EXT, URL_DECODE_UNI, UTF8_TO_UNICODE
|
9893
|
+
# },
|
9894
|
+
# ],
|
9895
|
+
# },
|
9343
9896
|
# },
|
9344
9897
|
# ],
|
9345
9898
|
# },
|
@@ -9593,6 +10146,42 @@ module Aws::WAFV2
|
|
9593
10146
|
# scope: "LABEL", # required, accepts LABEL, NAMESPACE
|
9594
10147
|
# key: "LabelMatchKey", # required
|
9595
10148
|
# },
|
10149
|
+
# regex_match_statement: {
|
10150
|
+
# regex_string: "RegexPatternString", # required
|
10151
|
+
# field_to_match: { # required
|
10152
|
+
# single_header: {
|
10153
|
+
# name: "FieldToMatchData", # required
|
10154
|
+
# },
|
10155
|
+
# single_query_argument: {
|
10156
|
+
# name: "FieldToMatchData", # required
|
10157
|
+
# },
|
10158
|
+
# all_query_arguments: {
|
10159
|
+
# },
|
10160
|
+
# uri_path: {
|
10161
|
+
# },
|
10162
|
+
# query_string: {
|
10163
|
+
# },
|
10164
|
+
# body: {
|
10165
|
+
# },
|
10166
|
+
# method: {
|
10167
|
+
# },
|
10168
|
+
# json_body: {
|
10169
|
+
# match_pattern: { # required
|
10170
|
+
# all: {
|
10171
|
+
# },
|
10172
|
+
# included_paths: ["JsonPointerPath"],
|
10173
|
+
# },
|
10174
|
+
# match_scope: "ALL", # required, accepts ALL, KEY, VALUE
|
10175
|
+
# invalid_fallback_behavior: "MATCH", # accepts MATCH, NO_MATCH, EVALUATE_AS_STRING
|
10176
|
+
# },
|
10177
|
+
# },
|
10178
|
+
# text_transformations: [ # required
|
10179
|
+
# {
|
10180
|
+
# priority: 1, # required
|
10181
|
+
# type: "NONE", # required, accepts NONE, COMPRESS_WHITE_SPACE, HTML_ENTITY_DECODE, LOWERCASE, CMD_LINE, URL_DECODE, BASE64_DECODE, HEX_DECODE, MD5, REPLACE_COMMENTS, ESCAPE_SEQ_DECODE, SQL_HEX_DECODE, CSS_DECODE, JS_DECODE, NORMALIZE_PATH, NORMALIZE_PATH_WIN, REMOVE_NULLS, REPLACE_NULLS, BASE64_DECODE_EXT, URL_DECODE_UNI, UTF8_TO_UNICODE
|
10182
|
+
# },
|
10183
|
+
# ],
|
10184
|
+
# },
|
9596
10185
|
# },
|
9597
10186
|
# },
|
9598
10187
|
# managed_rule_group_statement: {
|
@@ -9845,12 +10434,84 @@ module Aws::WAFV2
|
|
9845
10434
|
# scope: "LABEL", # required, accepts LABEL, NAMESPACE
|
9846
10435
|
# key: "LabelMatchKey", # required
|
9847
10436
|
# },
|
10437
|
+
# regex_match_statement: {
|
10438
|
+
# regex_string: "RegexPatternString", # required
|
10439
|
+
# field_to_match: { # required
|
10440
|
+
# single_header: {
|
10441
|
+
# name: "FieldToMatchData", # required
|
10442
|
+
# },
|
10443
|
+
# single_query_argument: {
|
10444
|
+
# name: "FieldToMatchData", # required
|
10445
|
+
# },
|
10446
|
+
# all_query_arguments: {
|
10447
|
+
# },
|
10448
|
+
# uri_path: {
|
10449
|
+
# },
|
10450
|
+
# query_string: {
|
10451
|
+
# },
|
10452
|
+
# body: {
|
10453
|
+
# },
|
10454
|
+
# method: {
|
10455
|
+
# },
|
10456
|
+
# json_body: {
|
10457
|
+
# match_pattern: { # required
|
10458
|
+
# all: {
|
10459
|
+
# },
|
10460
|
+
# included_paths: ["JsonPointerPath"],
|
10461
|
+
# },
|
10462
|
+
# match_scope: "ALL", # required, accepts ALL, KEY, VALUE
|
10463
|
+
# invalid_fallback_behavior: "MATCH", # accepts MATCH, NO_MATCH, EVALUATE_AS_STRING
|
10464
|
+
# },
|
10465
|
+
# },
|
10466
|
+
# text_transformations: [ # required
|
10467
|
+
# {
|
10468
|
+
# priority: 1, # required
|
10469
|
+
# type: "NONE", # required, accepts NONE, COMPRESS_WHITE_SPACE, HTML_ENTITY_DECODE, LOWERCASE, CMD_LINE, URL_DECODE, BASE64_DECODE, HEX_DECODE, MD5, REPLACE_COMMENTS, ESCAPE_SEQ_DECODE, SQL_HEX_DECODE, CSS_DECODE, JS_DECODE, NORMALIZE_PATH, NORMALIZE_PATH_WIN, REMOVE_NULLS, REPLACE_NULLS, BASE64_DECODE_EXT, URL_DECODE_UNI, UTF8_TO_UNICODE
|
10470
|
+
# },
|
10471
|
+
# ],
|
10472
|
+
# },
|
9848
10473
|
# },
|
9849
10474
|
# },
|
9850
10475
|
# label_match_statement: {
|
9851
10476
|
# scope: "LABEL", # required, accepts LABEL, NAMESPACE
|
9852
10477
|
# key: "LabelMatchKey", # required
|
9853
10478
|
# },
|
10479
|
+
# regex_match_statement: {
|
10480
|
+
# regex_string: "RegexPatternString", # required
|
10481
|
+
# field_to_match: { # required
|
10482
|
+
# single_header: {
|
10483
|
+
# name: "FieldToMatchData", # required
|
10484
|
+
# },
|
10485
|
+
# single_query_argument: {
|
10486
|
+
# name: "FieldToMatchData", # required
|
10487
|
+
# },
|
10488
|
+
# all_query_arguments: {
|
10489
|
+
# },
|
10490
|
+
# uri_path: {
|
10491
|
+
# },
|
10492
|
+
# query_string: {
|
10493
|
+
# },
|
10494
|
+
# body: {
|
10495
|
+
# },
|
10496
|
+
# method: {
|
10497
|
+
# },
|
10498
|
+
# json_body: {
|
10499
|
+
# match_pattern: { # required
|
10500
|
+
# all: {
|
10501
|
+
# },
|
10502
|
+
# included_paths: ["JsonPointerPath"],
|
10503
|
+
# },
|
10504
|
+
# match_scope: "ALL", # required, accepts ALL, KEY, VALUE
|
10505
|
+
# invalid_fallback_behavior: "MATCH", # accepts MATCH, NO_MATCH, EVALUATE_AS_STRING
|
10506
|
+
# },
|
10507
|
+
# },
|
10508
|
+
# text_transformations: [ # required
|
10509
|
+
# {
|
10510
|
+
# priority: 1, # required
|
10511
|
+
# type: "NONE", # required, accepts NONE, COMPRESS_WHITE_SPACE, HTML_ENTITY_DECODE, LOWERCASE, CMD_LINE, URL_DECODE, BASE64_DECODE, HEX_DECODE, MD5, REPLACE_COMMENTS, ESCAPE_SEQ_DECODE, SQL_HEX_DECODE, CSS_DECODE, JS_DECODE, NORMALIZE_PATH, NORMALIZE_PATH_WIN, REMOVE_NULLS, REPLACE_NULLS, BASE64_DECODE_EXT, URL_DECODE_UNI, UTF8_TO_UNICODE
|
10512
|
+
# },
|
10513
|
+
# ],
|
10514
|
+
# },
|
9854
10515
|
# }
|
9855
10516
|
#
|
9856
10517
|
# @!attribute [rw] byte_match_statement
|
@@ -9913,8 +10574,8 @@ module Aws::WAFV2
|
|
9913
10574
|
# provide the ARN of the rule group in this statement.
|
9914
10575
|
#
|
9915
10576
|
# You cannot nest a `RuleGroupReferenceStatement`, for example for use
|
9916
|
-
# inside a `NotStatement` or `OrStatement`.
|
9917
|
-
#
|
10577
|
+
# inside a `NotStatement` or `OrStatement`. You can only use a rule
|
10578
|
+
# group reference statement at the top level inside a web ACL.
|
9918
10579
|
# @return [Types::RuleGroupReferenceStatement]
|
9919
10580
|
#
|
9920
10581
|
# @!attribute [rw] ip_set_reference_statement
|
@@ -9952,6 +10613,15 @@ module Aws::WAFV2
|
|
9952
10613
|
# time span. You can use this to put a temporary block on requests
|
9953
10614
|
# from an IP address that is sending excessive requests.
|
9954
10615
|
#
|
10616
|
+
# WAF tracks and manages web requests separately for each instance of
|
10617
|
+
# a rate-based rule that you use. For example, if you provide the same
|
10618
|
+
# rate-based rule settings in two web ACLs, each of the two rule
|
10619
|
+
# statements represents a separate instance of the rate-based rule and
|
10620
|
+
# gets its own tracking and management by WAF. If you define a
|
10621
|
+
# rate-based rule inside a rule group, and then use that rule group in
|
10622
|
+
# multiple places, each use creates a separate instance of the
|
10623
|
+
# rate-based rule that gets its own tracking and management by WAF.
|
10624
|
+
#
|
9955
10625
|
# When the rule action triggers, WAF blocks additional requests from
|
9956
10626
|
# the IP address until the request rate falls below the limit.
|
9957
10627
|
#
|
@@ -9975,9 +10645,9 @@ module Aws::WAFV2
|
|
9975
10645
|
# do not meet both conditions are not counted towards the rate limit
|
9976
10646
|
# and are not affected by this rule.
|
9977
10647
|
#
|
9978
|
-
# You cannot nest a `RateBasedStatement
|
9979
|
-
# `NotStatement` or `OrStatement`.
|
9980
|
-
#
|
10648
|
+
# You cannot nest a `RateBasedStatement` inside another statement, for
|
10649
|
+
# example inside a `NotStatement` or `OrStatement`. You can define a
|
10650
|
+
# `RateBasedStatement` inside a web ACL and inside a rule group.
|
9981
10651
|
# @return [Types::RateBasedStatement]
|
9982
10652
|
#
|
9983
10653
|
# @!attribute [rw] and_statement
|
@@ -10023,6 +10693,11 @@ module Aws::WAFV2
|
|
10023
10693
|
# that were added in the same context as the label match statement.
|
10024
10694
|
# @return [Types::LabelMatchStatement]
|
10025
10695
|
#
|
10696
|
+
# @!attribute [rw] regex_match_statement
|
10697
|
+
# A rule statement used to search web request components for a match
|
10698
|
+
# against a single regular expression.
|
10699
|
+
# @return [Types::RegexMatchStatement]
|
10700
|
+
#
|
10026
10701
|
# @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/Statement AWS API Documentation
|
10027
10702
|
#
|
10028
10703
|
class Statement < Struct.new(
|
@@ -10039,7 +10714,8 @@ module Aws::WAFV2
|
|
10039
10714
|
:or_statement,
|
10040
10715
|
:not_statement,
|
10041
10716
|
:managed_rule_group_statement,
|
10042
|
-
:label_match_statement
|
10717
|
+
:label_match_statement,
|
10718
|
+
:regex_match_statement)
|
10043
10719
|
SENSITIVE = []
|
10044
10720
|
include Aws::Structure
|
10045
10721
|
end
|
@@ -10965,6 +11641,42 @@ module Aws::WAFV2
|
|
10965
11641
|
# scope: "LABEL", # required, accepts LABEL, NAMESPACE
|
10966
11642
|
# key: "LabelMatchKey", # required
|
10967
11643
|
# },
|
11644
|
+
# regex_match_statement: {
|
11645
|
+
# regex_string: "RegexPatternString", # required
|
11646
|
+
# field_to_match: { # required
|
11647
|
+
# single_header: {
|
11648
|
+
# name: "FieldToMatchData", # required
|
11649
|
+
# },
|
11650
|
+
# single_query_argument: {
|
11651
|
+
# name: "FieldToMatchData", # required
|
11652
|
+
# },
|
11653
|
+
# all_query_arguments: {
|
11654
|
+
# },
|
11655
|
+
# uri_path: {
|
11656
|
+
# },
|
11657
|
+
# query_string: {
|
11658
|
+
# },
|
11659
|
+
# body: {
|
11660
|
+
# },
|
11661
|
+
# method: {
|
11662
|
+
# },
|
11663
|
+
# json_body: {
|
11664
|
+
# match_pattern: { # required
|
11665
|
+
# all: {
|
11666
|
+
# },
|
11667
|
+
# included_paths: ["JsonPointerPath"],
|
11668
|
+
# },
|
11669
|
+
# match_scope: "ALL", # required, accepts ALL, KEY, VALUE
|
11670
|
+
# invalid_fallback_behavior: "MATCH", # accepts MATCH, NO_MATCH, EVALUATE_AS_STRING
|
11671
|
+
# },
|
11672
|
+
# },
|
11673
|
+
# text_transformations: [ # required
|
11674
|
+
# {
|
11675
|
+
# priority: 1, # required
|
11676
|
+
# type: "NONE", # required, accepts NONE, COMPRESS_WHITE_SPACE, HTML_ENTITY_DECODE, LOWERCASE, CMD_LINE, URL_DECODE, BASE64_DECODE, HEX_DECODE, MD5, REPLACE_COMMENTS, ESCAPE_SEQ_DECODE, SQL_HEX_DECODE, CSS_DECODE, JS_DECODE, NORMALIZE_PATH, NORMALIZE_PATH_WIN, REMOVE_NULLS, REPLACE_NULLS, BASE64_DECODE_EXT, URL_DECODE_UNI, UTF8_TO_UNICODE
|
11677
|
+
# },
|
11678
|
+
# ],
|
11679
|
+
# },
|
10968
11680
|
# },
|
10969
11681
|
# action: {
|
10970
11682
|
# block: {
|
@@ -11431,6 +12143,42 @@ module Aws::WAFV2
|
|
11431
12143
|
# scope: "LABEL", # required, accepts LABEL, NAMESPACE
|
11432
12144
|
# key: "LabelMatchKey", # required
|
11433
12145
|
# },
|
12146
|
+
# regex_match_statement: {
|
12147
|
+
# regex_string: "RegexPatternString", # required
|
12148
|
+
# field_to_match: { # required
|
12149
|
+
# single_header: {
|
12150
|
+
# name: "FieldToMatchData", # required
|
12151
|
+
# },
|
12152
|
+
# single_query_argument: {
|
12153
|
+
# name: "FieldToMatchData", # required
|
12154
|
+
# },
|
12155
|
+
# all_query_arguments: {
|
12156
|
+
# },
|
12157
|
+
# uri_path: {
|
12158
|
+
# },
|
12159
|
+
# query_string: {
|
12160
|
+
# },
|
12161
|
+
# body: {
|
12162
|
+
# },
|
12163
|
+
# method: {
|
12164
|
+
# },
|
12165
|
+
# json_body: {
|
12166
|
+
# match_pattern: { # required
|
12167
|
+
# all: {
|
12168
|
+
# },
|
12169
|
+
# included_paths: ["JsonPointerPath"],
|
12170
|
+
# },
|
12171
|
+
# match_scope: "ALL", # required, accepts ALL, KEY, VALUE
|
12172
|
+
# invalid_fallback_behavior: "MATCH", # accepts MATCH, NO_MATCH, EVALUATE_AS_STRING
|
12173
|
+
# },
|
12174
|
+
# },
|
12175
|
+
# text_transformations: [ # required
|
12176
|
+
# {
|
12177
|
+
# priority: 1, # required
|
12178
|
+
# type: "NONE", # required, accepts NONE, COMPRESS_WHITE_SPACE, HTML_ENTITY_DECODE, LOWERCASE, CMD_LINE, URL_DECODE, BASE64_DECODE, HEX_DECODE, MD5, REPLACE_COMMENTS, ESCAPE_SEQ_DECODE, SQL_HEX_DECODE, CSS_DECODE, JS_DECODE, NORMALIZE_PATH, NORMALIZE_PATH_WIN, REMOVE_NULLS, REPLACE_NULLS, BASE64_DECODE_EXT, URL_DECODE_UNI, UTF8_TO_UNICODE
|
12179
|
+
# },
|
12180
|
+
# ],
|
12181
|
+
# },
|
11434
12182
|
# },
|
11435
12183
|
# action: {
|
11436
12184
|
# block: {
|
@@ -11623,6 +12371,8 @@ module Aws::WAFV2
|
|
11623
12371
|
# This is used only to indicate the web request component for WAF to
|
11624
12372
|
# inspect, in the FieldToMatch specification.
|
11625
12373
|
#
|
12374
|
+
# JSON specification: `"UriPath": \{\}`
|
12375
|
+
#
|
11626
12376
|
# @api private
|
11627
12377
|
#
|
11628
12378
|
# @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/UriPath AWS API Documentation
|
@@ -11633,7 +12383,7 @@ module Aws::WAFV2
|
|
11633
12383
|
# vendor publishes for use by customers.
|
11634
12384
|
#
|
11635
12385
|
# <note markdown="1"> This is intended for use only by vendors of managed rule sets. Vendors
|
11636
|
-
# are Amazon Web Services and Marketplace sellers.
|
12386
|
+
# are Amazon Web Services and Amazon Web Services Marketplace sellers.
|
11637
12387
|
#
|
11638
12388
|
# Vendors, you can use the managed rule set APIs to provide controlled
|
11639
12389
|
# rollout of your versioned managed rule group offerings for your
|