aws-sdk-wafv2 1.26.0 → 1.30.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG.md +20 -0
- data/VERSION +1 -1
- data/lib/aws-sdk-wafv2/client.rb +381 -7
- data/lib/aws-sdk-wafv2/client_api.rb +36 -1
- data/lib/aws-sdk-wafv2/types.rb +1096 -107
- data/lib/aws-sdk-wafv2.rb +1 -1
- metadata +4 -4
data/lib/aws-sdk-wafv2/types.rb
CHANGED
@@ -16,7 +16,7 @@ module Aws::WAFV2
|
|
16
16
|
# data as a hash:
|
17
17
|
#
|
18
18
|
# {
|
19
|
-
# action: "ALLOW", # required, accepts ALLOW, BLOCK, COUNT
|
19
|
+
# action: "ALLOW", # required, accepts ALLOW, BLOCK, COUNT, CAPTCHA, EXCLUDED_AS_COUNT
|
20
20
|
# }
|
21
21
|
#
|
22
22
|
# @!attribute [rw] action
|
@@ -357,6 +357,42 @@ module Aws::WAFV2
|
|
357
357
|
# scope: "LABEL", # required, accepts LABEL, NAMESPACE
|
358
358
|
# key: "LabelMatchKey", # required
|
359
359
|
# },
|
360
|
+
# regex_match_statement: {
|
361
|
+
# regex_string: "RegexPatternString", # required
|
362
|
+
# field_to_match: { # required
|
363
|
+
# single_header: {
|
364
|
+
# name: "FieldToMatchData", # required
|
365
|
+
# },
|
366
|
+
# single_query_argument: {
|
367
|
+
# name: "FieldToMatchData", # required
|
368
|
+
# },
|
369
|
+
# all_query_arguments: {
|
370
|
+
# },
|
371
|
+
# uri_path: {
|
372
|
+
# },
|
373
|
+
# query_string: {
|
374
|
+
# },
|
375
|
+
# body: {
|
376
|
+
# },
|
377
|
+
# method: {
|
378
|
+
# },
|
379
|
+
# json_body: {
|
380
|
+
# match_pattern: { # required
|
381
|
+
# all: {
|
382
|
+
# },
|
383
|
+
# included_paths: ["JsonPointerPath"],
|
384
|
+
# },
|
385
|
+
# match_scope: "ALL", # required, accepts ALL, KEY, VALUE
|
386
|
+
# invalid_fallback_behavior: "MATCH", # accepts MATCH, NO_MATCH, EVALUATE_AS_STRING
|
387
|
+
# },
|
388
|
+
# },
|
389
|
+
# text_transformations: [ # required
|
390
|
+
# {
|
391
|
+
# priority: 1, # required
|
392
|
+
# type: "NONE", # required, accepts NONE, COMPRESS_WHITE_SPACE, HTML_ENTITY_DECODE, LOWERCASE, CMD_LINE, URL_DECODE, BASE64_DECODE, HEX_DECODE, MD5, REPLACE_COMMENTS, ESCAPE_SEQ_DECODE, SQL_HEX_DECODE, CSS_DECODE, JS_DECODE, NORMALIZE_PATH, NORMALIZE_PATH_WIN, REMOVE_NULLS, REPLACE_NULLS, BASE64_DECODE_EXT, URL_DECODE_UNI, UTF8_TO_UNICODE
|
393
|
+
# },
|
394
|
+
# ],
|
395
|
+
# },
|
360
396
|
# },
|
361
397
|
# ],
|
362
398
|
# }
|
@@ -624,6 +660,125 @@ module Aws::WAFV2
|
|
624
660
|
include Aws::Structure
|
625
661
|
end
|
626
662
|
|
663
|
+
# Specifies that WAF should run a `CAPTCHA` check against the request:
|
664
|
+
#
|
665
|
+
# * If the request includes a valid, unexpired `CAPTCHA` token, WAF
|
666
|
+
# allows the web request inspection to proceed to the next rule,
|
667
|
+
# similar to a `CountAction`.
|
668
|
+
#
|
669
|
+
# * If the request doesn't include a valid, unexpired `CAPTCHA` token,
|
670
|
+
# WAF discontinues the web ACL evaluation of the request and blocks it
|
671
|
+
# from going to its intended destination.
|
672
|
+
#
|
673
|
+
# WAF generates a response that it sends back to the client, which
|
674
|
+
# includes the following:
|
675
|
+
#
|
676
|
+
# * The header `x-amzn-waf-action` with a value of `captcha`.
|
677
|
+
#
|
678
|
+
# * The HTTP status code `405 Method Not Allowed`.
|
679
|
+
#
|
680
|
+
# * If the request contains an `Accept` header with a value of
|
681
|
+
# `text/html`, the response includes a `CAPTCHA` challenge.
|
682
|
+
#
|
683
|
+
# You can configure the expiration time in the `CaptchaConfig`
|
684
|
+
# `ImmunityTimeProperty` setting at the rule and web ACL level. The rule
|
685
|
+
# setting overrides the web ACL setting.
|
686
|
+
#
|
687
|
+
# This action option is available for rules. It isn't available for web
|
688
|
+
# ACL default actions.
|
689
|
+
#
|
690
|
+
# This is used in the context of other settings, for example to specify
|
691
|
+
# values for RuleAction and web ACL DefaultAction.
|
692
|
+
#
|
693
|
+
# @note When making an API call, you may pass CaptchaAction
|
694
|
+
# data as a hash:
|
695
|
+
#
|
696
|
+
# {
|
697
|
+
# custom_request_handling: {
|
698
|
+
# insert_headers: [ # required
|
699
|
+
# {
|
700
|
+
# name: "CustomHTTPHeaderName", # required
|
701
|
+
# value: "CustomHTTPHeaderValue", # required
|
702
|
+
# },
|
703
|
+
# ],
|
704
|
+
# },
|
705
|
+
# }
|
706
|
+
#
|
707
|
+
# @!attribute [rw] custom_request_handling
|
708
|
+
# Defines custom handling for the web request.
|
709
|
+
#
|
710
|
+
# For information about customizing web requests and responses, see
|
711
|
+
# [Customizing web requests and responses in WAF][1] in the [WAF
|
712
|
+
# Developer Guide][2].
|
713
|
+
#
|
714
|
+
#
|
715
|
+
#
|
716
|
+
# [1]: https://docs.aws.amazon.com/waf/latest/developerguide/waf-custom-request-response.html
|
717
|
+
# [2]: https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html
|
718
|
+
# @return [Types::CustomRequestHandling]
|
719
|
+
#
|
720
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/CaptchaAction AWS API Documentation
|
721
|
+
#
|
722
|
+
class CaptchaAction < Struct.new(
|
723
|
+
:custom_request_handling)
|
724
|
+
SENSITIVE = []
|
725
|
+
include Aws::Structure
|
726
|
+
end
|
727
|
+
|
728
|
+
# Specifies how WAF should handle `CAPTCHA` evaluations. This is
|
729
|
+
# available at the web ACL level and in each rule.
|
730
|
+
#
|
731
|
+
# @note When making an API call, you may pass CaptchaConfig
|
732
|
+
# data as a hash:
|
733
|
+
#
|
734
|
+
# {
|
735
|
+
# immunity_time_property: {
|
736
|
+
# immunity_time: 1, # required
|
737
|
+
# },
|
738
|
+
# }
|
739
|
+
#
|
740
|
+
# @!attribute [rw] immunity_time_property
|
741
|
+
# Determines how long a `CAPTCHA` token remains valid after the client
|
742
|
+
# successfully solves a `CAPTCHA` puzzle.
|
743
|
+
# @return [Types::ImmunityTimeProperty]
|
744
|
+
#
|
745
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/CaptchaConfig AWS API Documentation
|
746
|
+
#
|
747
|
+
class CaptchaConfig < Struct.new(
|
748
|
+
:immunity_time_property)
|
749
|
+
SENSITIVE = []
|
750
|
+
include Aws::Structure
|
751
|
+
end
|
752
|
+
|
753
|
+
# The result from the inspection of the web request for a valid
|
754
|
+
# `CAPTCHA` token.
|
755
|
+
#
|
756
|
+
# @!attribute [rw] response_code
|
757
|
+
# The HTTP response code indicating the status of the `CAPTCHA` token
|
758
|
+
# in the web request. If the token is missing, invalid, or expired,
|
759
|
+
# this code is `405 Method Not Allowed`.
|
760
|
+
# @return [Integer]
|
761
|
+
#
|
762
|
+
# @!attribute [rw] solve_timestamp
|
763
|
+
# The time that the `CAPTCHA` puzzle was solved for the supplied
|
764
|
+
# token.
|
765
|
+
# @return [Integer]
|
766
|
+
#
|
767
|
+
# @!attribute [rw] failure_reason
|
768
|
+
# The reason for failure, populated when the evaluation of the token
|
769
|
+
# fails.
|
770
|
+
# @return [String]
|
771
|
+
#
|
772
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/CaptchaResponse AWS API Documentation
|
773
|
+
#
|
774
|
+
class CaptchaResponse < Struct.new(
|
775
|
+
:response_code,
|
776
|
+
:solve_timestamp,
|
777
|
+
:failure_reason)
|
778
|
+
SENSITIVE = []
|
779
|
+
include Aws::Structure
|
780
|
+
end
|
781
|
+
|
627
782
|
# @note When making an API call, you may pass CheckCapacityRequest
|
628
783
|
# data as a hash:
|
629
784
|
#
|
@@ -884,6 +1039,42 @@ module Aws::WAFV2
|
|
884
1039
|
# scope: "LABEL", # required, accepts LABEL, NAMESPACE
|
885
1040
|
# key: "LabelMatchKey", # required
|
886
1041
|
# },
|
1042
|
+
# regex_match_statement: {
|
1043
|
+
# regex_string: "RegexPatternString", # required
|
1044
|
+
# field_to_match: { # required
|
1045
|
+
# single_header: {
|
1046
|
+
# name: "FieldToMatchData", # required
|
1047
|
+
# },
|
1048
|
+
# single_query_argument: {
|
1049
|
+
# name: "FieldToMatchData", # required
|
1050
|
+
# },
|
1051
|
+
# all_query_arguments: {
|
1052
|
+
# },
|
1053
|
+
# uri_path: {
|
1054
|
+
# },
|
1055
|
+
# query_string: {
|
1056
|
+
# },
|
1057
|
+
# body: {
|
1058
|
+
# },
|
1059
|
+
# method: {
|
1060
|
+
# },
|
1061
|
+
# json_body: {
|
1062
|
+
# match_pattern: { # required
|
1063
|
+
# all: {
|
1064
|
+
# },
|
1065
|
+
# included_paths: ["JsonPointerPath"],
|
1066
|
+
# },
|
1067
|
+
# match_scope: "ALL", # required, accepts ALL, KEY, VALUE
|
1068
|
+
# invalid_fallback_behavior: "MATCH", # accepts MATCH, NO_MATCH, EVALUATE_AS_STRING
|
1069
|
+
# },
|
1070
|
+
# },
|
1071
|
+
# text_transformations: [ # required
|
1072
|
+
# {
|
1073
|
+
# priority: 1, # required
|
1074
|
+
# type: "NONE", # required, accepts NONE, COMPRESS_WHITE_SPACE, HTML_ENTITY_DECODE, LOWERCASE, CMD_LINE, URL_DECODE, BASE64_DECODE, HEX_DECODE, MD5, REPLACE_COMMENTS, ESCAPE_SEQ_DECODE, SQL_HEX_DECODE, CSS_DECODE, JS_DECODE, NORMALIZE_PATH, NORMALIZE_PATH_WIN, REMOVE_NULLS, REPLACE_NULLS, BASE64_DECODE_EXT, URL_DECODE_UNI, UTF8_TO_UNICODE
|
1075
|
+
# },
|
1076
|
+
# ],
|
1077
|
+
# },
|
887
1078
|
# },
|
888
1079
|
# action: {
|
889
1080
|
# block: {
|
@@ -918,6 +1109,16 @@ module Aws::WAFV2
|
|
918
1109
|
# ],
|
919
1110
|
# },
|
920
1111
|
# },
|
1112
|
+
# captcha: {
|
1113
|
+
# custom_request_handling: {
|
1114
|
+
# insert_headers: [ # required
|
1115
|
+
# {
|
1116
|
+
# name: "CustomHTTPHeaderName", # required
|
1117
|
+
# value: "CustomHTTPHeaderValue", # required
|
1118
|
+
# },
|
1119
|
+
# ],
|
1120
|
+
# },
|
1121
|
+
# },
|
921
1122
|
# },
|
922
1123
|
# override_action: {
|
923
1124
|
# count: {
|
@@ -943,6 +1144,11 @@ module Aws::WAFV2
|
|
943
1144
|
# cloud_watch_metrics_enabled: false, # required
|
944
1145
|
# metric_name: "MetricName", # required
|
945
1146
|
# },
|
1147
|
+
# captcha_config: {
|
1148
|
+
# immunity_time_property: {
|
1149
|
+
# immunity_time: 1, # required
|
1150
|
+
# },
|
1151
|
+
# },
|
946
1152
|
# },
|
947
1153
|
# ],
|
948
1154
|
# }
|
@@ -995,7 +1201,7 @@ module Aws::WAFV2
|
|
995
1201
|
#
|
996
1202
|
# {
|
997
1203
|
# action_condition: {
|
998
|
-
# action: "ALLOW", # required, accepts ALLOW, BLOCK, COUNT
|
1204
|
+
# action: "ALLOW", # required, accepts ALLOW, BLOCK, COUNT, CAPTCHA, EXCLUDED_AS_COUNT
|
999
1205
|
# },
|
1000
1206
|
# label_name_condition: {
|
1001
1207
|
# label_name: "LabelName", # required
|
@@ -1514,6 +1720,42 @@ module Aws::WAFV2
|
|
1514
1720
|
# scope: "LABEL", # required, accepts LABEL, NAMESPACE
|
1515
1721
|
# key: "LabelMatchKey", # required
|
1516
1722
|
# },
|
1723
|
+
# regex_match_statement: {
|
1724
|
+
# regex_string: "RegexPatternString", # required
|
1725
|
+
# field_to_match: { # required
|
1726
|
+
# single_header: {
|
1727
|
+
# name: "FieldToMatchData", # required
|
1728
|
+
# },
|
1729
|
+
# single_query_argument: {
|
1730
|
+
# name: "FieldToMatchData", # required
|
1731
|
+
# },
|
1732
|
+
# all_query_arguments: {
|
1733
|
+
# },
|
1734
|
+
# uri_path: {
|
1735
|
+
# },
|
1736
|
+
# query_string: {
|
1737
|
+
# },
|
1738
|
+
# body: {
|
1739
|
+
# },
|
1740
|
+
# method: {
|
1741
|
+
# },
|
1742
|
+
# json_body: {
|
1743
|
+
# match_pattern: { # required
|
1744
|
+
# all: {
|
1745
|
+
# },
|
1746
|
+
# included_paths: ["JsonPointerPath"],
|
1747
|
+
# },
|
1748
|
+
# match_scope: "ALL", # required, accepts ALL, KEY, VALUE
|
1749
|
+
# invalid_fallback_behavior: "MATCH", # accepts MATCH, NO_MATCH, EVALUATE_AS_STRING
|
1750
|
+
# },
|
1751
|
+
# },
|
1752
|
+
# text_transformations: [ # required
|
1753
|
+
# {
|
1754
|
+
# priority: 1, # required
|
1755
|
+
# type: "NONE", # required, accepts NONE, COMPRESS_WHITE_SPACE, HTML_ENTITY_DECODE, LOWERCASE, CMD_LINE, URL_DECODE, BASE64_DECODE, HEX_DECODE, MD5, REPLACE_COMMENTS, ESCAPE_SEQ_DECODE, SQL_HEX_DECODE, CSS_DECODE, JS_DECODE, NORMALIZE_PATH, NORMALIZE_PATH_WIN, REMOVE_NULLS, REPLACE_NULLS, BASE64_DECODE_EXT, URL_DECODE_UNI, UTF8_TO_UNICODE
|
1756
|
+
# },
|
1757
|
+
# ],
|
1758
|
+
# },
|
1517
1759
|
# },
|
1518
1760
|
# action: {
|
1519
1761
|
# block: {
|
@@ -1548,6 +1790,16 @@ module Aws::WAFV2
|
|
1548
1790
|
# ],
|
1549
1791
|
# },
|
1550
1792
|
# },
|
1793
|
+
# captcha: {
|
1794
|
+
# custom_request_handling: {
|
1795
|
+
# insert_headers: [ # required
|
1796
|
+
# {
|
1797
|
+
# name: "CustomHTTPHeaderName", # required
|
1798
|
+
# value: "CustomHTTPHeaderValue", # required
|
1799
|
+
# },
|
1800
|
+
# ],
|
1801
|
+
# },
|
1802
|
+
# },
|
1551
1803
|
# },
|
1552
1804
|
# override_action: {
|
1553
1805
|
# count: {
|
@@ -1573,6 +1825,11 @@ module Aws::WAFV2
|
|
1573
1825
|
# cloud_watch_metrics_enabled: false, # required
|
1574
1826
|
# metric_name: "MetricName", # required
|
1575
1827
|
# },
|
1828
|
+
# captcha_config: {
|
1829
|
+
# immunity_time_property: {
|
1830
|
+
# immunity_time: 1, # required
|
1831
|
+
# },
|
1832
|
+
# },
|
1576
1833
|
# },
|
1577
1834
|
# ],
|
1578
1835
|
# visibility_config: { # required
|
@@ -1990,6 +2247,42 @@ module Aws::WAFV2
|
|
1990
2247
|
# scope: "LABEL", # required, accepts LABEL, NAMESPACE
|
1991
2248
|
# key: "LabelMatchKey", # required
|
1992
2249
|
# },
|
2250
|
+
# regex_match_statement: {
|
2251
|
+
# regex_string: "RegexPatternString", # required
|
2252
|
+
# field_to_match: { # required
|
2253
|
+
# single_header: {
|
2254
|
+
# name: "FieldToMatchData", # required
|
2255
|
+
# },
|
2256
|
+
# single_query_argument: {
|
2257
|
+
# name: "FieldToMatchData", # required
|
2258
|
+
# },
|
2259
|
+
# all_query_arguments: {
|
2260
|
+
# },
|
2261
|
+
# uri_path: {
|
2262
|
+
# },
|
2263
|
+
# query_string: {
|
2264
|
+
# },
|
2265
|
+
# body: {
|
2266
|
+
# },
|
2267
|
+
# method: {
|
2268
|
+
# },
|
2269
|
+
# json_body: {
|
2270
|
+
# match_pattern: { # required
|
2271
|
+
# all: {
|
2272
|
+
# },
|
2273
|
+
# included_paths: ["JsonPointerPath"],
|
2274
|
+
# },
|
2275
|
+
# match_scope: "ALL", # required, accepts ALL, KEY, VALUE
|
2276
|
+
# invalid_fallback_behavior: "MATCH", # accepts MATCH, NO_MATCH, EVALUATE_AS_STRING
|
2277
|
+
# },
|
2278
|
+
# },
|
2279
|
+
# text_transformations: [ # required
|
2280
|
+
# {
|
2281
|
+
# priority: 1, # required
|
2282
|
+
# type: "NONE", # required, accepts NONE, COMPRESS_WHITE_SPACE, HTML_ENTITY_DECODE, LOWERCASE, CMD_LINE, URL_DECODE, BASE64_DECODE, HEX_DECODE, MD5, REPLACE_COMMENTS, ESCAPE_SEQ_DECODE, SQL_HEX_DECODE, CSS_DECODE, JS_DECODE, NORMALIZE_PATH, NORMALIZE_PATH_WIN, REMOVE_NULLS, REPLACE_NULLS, BASE64_DECODE_EXT, URL_DECODE_UNI, UTF8_TO_UNICODE
|
2283
|
+
# },
|
2284
|
+
# ],
|
2285
|
+
# },
|
1993
2286
|
# },
|
1994
2287
|
# action: {
|
1995
2288
|
# block: {
|
@@ -2024,6 +2317,16 @@ module Aws::WAFV2
|
|
2024
2317
|
# ],
|
2025
2318
|
# },
|
2026
2319
|
# },
|
2320
|
+
# captcha: {
|
2321
|
+
# custom_request_handling: {
|
2322
|
+
# insert_headers: [ # required
|
2323
|
+
# {
|
2324
|
+
# name: "CustomHTTPHeaderName", # required
|
2325
|
+
# value: "CustomHTTPHeaderValue", # required
|
2326
|
+
# },
|
2327
|
+
# ],
|
2328
|
+
# },
|
2329
|
+
# },
|
2027
2330
|
# },
|
2028
2331
|
# override_action: {
|
2029
2332
|
# count: {
|
@@ -2049,6 +2352,11 @@ module Aws::WAFV2
|
|
2049
2352
|
# cloud_watch_metrics_enabled: false, # required
|
2050
2353
|
# metric_name: "MetricName", # required
|
2051
2354
|
# },
|
2355
|
+
# captcha_config: {
|
2356
|
+
# immunity_time_property: {
|
2357
|
+
# immunity_time: 1, # required
|
2358
|
+
# },
|
2359
|
+
# },
|
2052
2360
|
# },
|
2053
2361
|
# ],
|
2054
2362
|
# visibility_config: { # required
|
@@ -2068,6 +2376,11 @@ module Aws::WAFV2
|
|
2068
2376
|
# content: "ResponseContent", # required
|
2069
2377
|
# },
|
2070
2378
|
# },
|
2379
|
+
# captcha_config: {
|
2380
|
+
# immunity_time_property: {
|
2381
|
+
# immunity_time: 1, # required
|
2382
|
+
# },
|
2383
|
+
# },
|
2071
2384
|
# }
|
2072
2385
|
#
|
2073
2386
|
# @!attribute [rw] name
|
@@ -2136,6 +2449,12 @@ module Aws::WAFV2
|
|
2136
2449
|
# [3]: https://docs.aws.amazon.com/waf/latest/developerguide/limits.html
|
2137
2450
|
# @return [Hash<String,Types::CustomResponseBody>]
|
2138
2451
|
#
|
2452
|
+
# @!attribute [rw] captcha_config
|
2453
|
+
# Specifies how WAF should handle `CAPTCHA` evaluations for rules that
|
2454
|
+
# don't have their own `CaptchaConfig` settings. If you don't
|
2455
|
+
# specify this, WAF uses its default settings for `CaptchaConfig`.
|
2456
|
+
# @return [Types::CaptchaConfig]
|
2457
|
+
#
|
2139
2458
|
# @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/CreateWebACLRequest AWS API Documentation
|
2140
2459
|
#
|
2141
2460
|
class CreateWebACLRequest < Struct.new(
|
@@ -2146,7 +2465,8 @@ module Aws::WAFV2
|
|
2146
2465
|
:rules,
|
2147
2466
|
:visibility_config,
|
2148
2467
|
:tags,
|
2149
|
-
:custom_response_bodies
|
2468
|
+
:custom_response_bodies,
|
2469
|
+
:captcha_config)
|
2150
2470
|
SENSITIVE = []
|
2151
2471
|
include Aws::Structure
|
2152
2472
|
end
|
@@ -2929,10 +3249,11 @@ module Aws::WAFV2
|
|
2929
3249
|
#
|
2930
3250
|
class DisassociateWebACLResponse < Aws::EmptyStructure; end
|
2931
3251
|
|
2932
|
-
# Specifies a single rule
|
2933
|
-
#
|
2934
|
-
#
|
2935
|
-
#
|
3252
|
+
# Specifies a single rule in a rule group whose action you want to
|
3253
|
+
# override to `Count`. When you exclude a rule, WAF evaluates it exactly
|
3254
|
+
# as it would if the rule action setting were `Count`. This is a useful
|
3255
|
+
# option for testing the rules in a rule group without modifying how
|
3256
|
+
# they handle your web traffic.
|
2936
3257
|
#
|
2937
3258
|
# @note When making an API call, you may pass ExcludedRule
|
2938
3259
|
# data as a hash:
|
@@ -2942,7 +3263,7 @@ module Aws::WAFV2
|
|
2942
3263
|
# }
|
2943
3264
|
#
|
2944
3265
|
# @!attribute [rw] name
|
2945
|
-
# The name of the rule to
|
3266
|
+
# The name of the rule whose action you want to override to `Count`.
|
2946
3267
|
# @return [String]
|
2947
3268
|
#
|
2948
3269
|
# @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/ExcludedRule AWS API Documentation
|
@@ -3097,7 +3418,7 @@ module Aws::WAFV2
|
|
3097
3418
|
# conditions: [ # required
|
3098
3419
|
# {
|
3099
3420
|
# action_condition: {
|
3100
|
-
# action: "ALLOW", # required, accepts ALLOW, BLOCK, COUNT
|
3421
|
+
# action: "ALLOW", # required, accepts ALLOW, BLOCK, COUNT, CAPTCHA, EXCLUDED_AS_COUNT
|
3101
3422
|
# },
|
3102
3423
|
# label_name_condition: {
|
3103
3424
|
# label_name: "LabelName", # required
|
@@ -3153,22 +3474,21 @@ module Aws::WAFV2
|
|
3153
3474
|
# @return [Types::FirewallManagerStatement]
|
3154
3475
|
#
|
3155
3476
|
# @!attribute [rw] override_action
|
3156
|
-
# The
|
3157
|
-
#
|
3158
|
-
#
|
3477
|
+
# The action to use in the place of the action that results from the
|
3478
|
+
# rule group evaluation. Set the override action to none to leave the
|
3479
|
+
# result of the rule group alone. Set it to count to override the
|
3480
|
+
# result to count only.
|
3159
3481
|
#
|
3160
|
-
#
|
3161
|
-
#
|
3162
|
-
#
|
3482
|
+
# You can only use this for rule statements that reference a rule
|
3483
|
+
# group, like `RuleGroupReferenceStatement` and
|
3484
|
+
# `ManagedRuleGroupStatement`.
|
3163
3485
|
#
|
3164
|
-
#
|
3165
|
-
# the rule
|
3486
|
+
# <note markdown="1"> This option is usually set to none. It does not affect how the rules
|
3487
|
+
# in the rule group are evaluated. If you want the rules in the rule
|
3488
|
+
# group to only count matches, do not use this and instead exclude
|
3489
|
+
# those rules in your rule group reference statement settings.
|
3166
3490
|
#
|
3167
|
-
#
|
3168
|
-
# action setting and not the action setting.
|
3169
|
-
#
|
3170
|
-
# * If the rule statement does not reference a rule group, use the
|
3171
|
-
# rule action setting and not this rule override action setting.
|
3491
|
+
# </note>
|
3172
3492
|
# @return [Types::OverrideAction]
|
3173
3493
|
#
|
3174
3494
|
# @!attribute [rw] visibility_config
|
@@ -4299,14 +4619,37 @@ module Aws::WAFV2
|
|
4299
4619
|
include Aws::Structure
|
4300
4620
|
end
|
4301
4621
|
|
4302
|
-
#
|
4303
|
-
#
|
4304
|
-
# specification.
|
4622
|
+
# Determines how long a `CAPTCHA` token remains valid after the client
|
4623
|
+
# successfully solves a `CAPTCHA` puzzle.
|
4305
4624
|
#
|
4306
|
-
#
|
4307
|
-
#
|
4308
|
-
#
|
4309
|
-
#
|
4625
|
+
# @note When making an API call, you may pass ImmunityTimeProperty
|
4626
|
+
# data as a hash:
|
4627
|
+
#
|
4628
|
+
# {
|
4629
|
+
# immunity_time: 1, # required
|
4630
|
+
# }
|
4631
|
+
#
|
4632
|
+
# @!attribute [rw] immunity_time
|
4633
|
+
# The amount of time, in seconds, that a `CAPTCHA` token is valid. The
|
4634
|
+
# default setting is 300.
|
4635
|
+
# @return [Integer]
|
4636
|
+
#
|
4637
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/ImmunityTimeProperty AWS API Documentation
|
4638
|
+
#
|
4639
|
+
class ImmunityTimeProperty < Struct.new(
|
4640
|
+
:immunity_time)
|
4641
|
+
SENSITIVE = []
|
4642
|
+
include Aws::Structure
|
4643
|
+
end
|
4644
|
+
|
4645
|
+
# The body of a web request, inspected as JSON. The body immediately
|
4646
|
+
# follows the request headers. This is used in the FieldToMatch
|
4647
|
+
# specification.
|
4648
|
+
#
|
4649
|
+
# Use the specifications in this object to indicate which parts of the
|
4650
|
+
# JSON body to inspect using the rule's inspection criteria. WAF
|
4651
|
+
# inspects only the parts of the JSON that result from the matches that
|
4652
|
+
# you indicate.
|
4310
4653
|
#
|
4311
4654
|
# Example JSON: `"JsonBody": \{ "MatchPattern": \{ "All": \{\} \},
|
4312
4655
|
# "MatchScope": "ALL" \}`
|
@@ -4779,7 +5122,7 @@ module Aws::WAFV2
|
|
4779
5122
|
# data as a hash:
|
4780
5123
|
#
|
4781
5124
|
# {
|
4782
|
-
# scope: "CLOUDFRONT", # accepts CLOUDFRONT, REGIONAL
|
5125
|
+
# scope: "CLOUDFRONT", # required, accepts CLOUDFRONT, REGIONAL
|
4783
5126
|
# next_marker: "NextMarker",
|
4784
5127
|
# limit: 1,
|
4785
5128
|
# }
|
@@ -5270,7 +5613,7 @@ module Aws::WAFV2
|
|
5270
5613
|
# conditions: [ # required
|
5271
5614
|
# {
|
5272
5615
|
# action_condition: {
|
5273
|
-
# action: "ALLOW", # required, accepts ALLOW, BLOCK, COUNT
|
5616
|
+
# action: "ALLOW", # required, accepts ALLOW, BLOCK, COUNT, CAPTCHA, EXCLUDED_AS_COUNT
|
5274
5617
|
# },
|
5275
5618
|
# label_name_condition: {
|
5276
5619
|
# label_name: "LabelName", # required
|
@@ -5346,7 +5689,7 @@ module Aws::WAFV2
|
|
5346
5689
|
# conditions: [ # required
|
5347
5690
|
# {
|
5348
5691
|
# action_condition: {
|
5349
|
-
# action: "ALLOW", # required, accepts ALLOW, BLOCK, COUNT
|
5692
|
+
# action: "ALLOW", # required, accepts ALLOW, BLOCK, COUNT, CAPTCHA, EXCLUDED_AS_COUNT
|
5350
5693
|
# },
|
5351
5694
|
# label_name_condition: {
|
5352
5695
|
# label_name: "LabelName", # required
|
@@ -5648,6 +5991,42 @@ module Aws::WAFV2
|
|
5648
5991
|
# scope: "LABEL", # required, accepts LABEL, NAMESPACE
|
5649
5992
|
# key: "LabelMatchKey", # required
|
5650
5993
|
# },
|
5994
|
+
# regex_match_statement: {
|
5995
|
+
# regex_string: "RegexPatternString", # required
|
5996
|
+
# field_to_match: { # required
|
5997
|
+
# single_header: {
|
5998
|
+
# name: "FieldToMatchData", # required
|
5999
|
+
# },
|
6000
|
+
# single_query_argument: {
|
6001
|
+
# name: "FieldToMatchData", # required
|
6002
|
+
# },
|
6003
|
+
# all_query_arguments: {
|
6004
|
+
# },
|
6005
|
+
# uri_path: {
|
6006
|
+
# },
|
6007
|
+
# query_string: {
|
6008
|
+
# },
|
6009
|
+
# body: {
|
6010
|
+
# },
|
6011
|
+
# method: {
|
6012
|
+
# },
|
6013
|
+
# json_body: {
|
6014
|
+
# match_pattern: { # required
|
6015
|
+
# all: {
|
6016
|
+
# },
|
6017
|
+
# included_paths: ["JsonPointerPath"],
|
6018
|
+
# },
|
6019
|
+
# match_scope: "ALL", # required, accepts ALL, KEY, VALUE
|
6020
|
+
# invalid_fallback_behavior: "MATCH", # accepts MATCH, NO_MATCH, EVALUATE_AS_STRING
|
6021
|
+
# },
|
6022
|
+
# },
|
6023
|
+
# text_transformations: [ # required
|
6024
|
+
# {
|
6025
|
+
# priority: 1, # required
|
6026
|
+
# type: "NONE", # required, accepts NONE, COMPRESS_WHITE_SPACE, HTML_ENTITY_DECODE, LOWERCASE, CMD_LINE, URL_DECODE, BASE64_DECODE, HEX_DECODE, MD5, REPLACE_COMMENTS, ESCAPE_SEQ_DECODE, SQL_HEX_DECODE, CSS_DECODE, JS_DECODE, NORMALIZE_PATH, NORMALIZE_PATH_WIN, REMOVE_NULLS, REPLACE_NULLS, BASE64_DECODE_EXT, URL_DECODE_UNI, UTF8_TO_UNICODE
|
6027
|
+
# },
|
6028
|
+
# ],
|
6029
|
+
# },
|
5651
6030
|
# },
|
5652
6031
|
# }
|
5653
6032
|
#
|
@@ -5670,9 +6049,11 @@ module Aws::WAFV2
|
|
5670
6049
|
# @return [String]
|
5671
6050
|
#
|
5672
6051
|
# @!attribute [rw] excluded_rules
|
5673
|
-
# The rules whose actions are set to
|
5674
|
-
#
|
5675
|
-
#
|
6052
|
+
# The rules in the referenced rule group whose actions are set to
|
6053
|
+
# `Count`. When you exclude a rule, WAF evaluates it exactly as it
|
6054
|
+
# would if the rule action setting were `Count`. This is a useful
|
6055
|
+
# option for testing the rules in a rule group without modifying how
|
6056
|
+
# they handle your web traffic.
|
5676
6057
|
# @return [Array<Types::ExcludedRule>]
|
5677
6058
|
#
|
5678
6059
|
# @!attribute [rw] scope_down_statement
|
@@ -5994,9 +6375,9 @@ module Aws::WAFV2
|
|
5994
6375
|
#
|
5995
6376
|
class Method < Aws::EmptyStructure; end
|
5996
6377
|
|
5997
|
-
# Specifies that WAF should do nothing. This is
|
5998
|
-
#
|
5999
|
-
#
|
6378
|
+
# Specifies that WAF should do nothing. This is used for the
|
6379
|
+
# `OverrideAction` setting on a Rule when the rule uses a rule group
|
6380
|
+
# reference statement.
|
6000
6381
|
#
|
6001
6382
|
# This is used in the context of other settings, for example to specify
|
6002
6383
|
# values for RuleAction and web ACL DefaultAction.
|
@@ -6267,6 +6648,42 @@ module Aws::WAFV2
|
|
6267
6648
|
# scope: "LABEL", # required, accepts LABEL, NAMESPACE
|
6268
6649
|
# key: "LabelMatchKey", # required
|
6269
6650
|
# },
|
6651
|
+
# regex_match_statement: {
|
6652
|
+
# regex_string: "RegexPatternString", # required
|
6653
|
+
# field_to_match: { # required
|
6654
|
+
# single_header: {
|
6655
|
+
# name: "FieldToMatchData", # required
|
6656
|
+
# },
|
6657
|
+
# single_query_argument: {
|
6658
|
+
# name: "FieldToMatchData", # required
|
6659
|
+
# },
|
6660
|
+
# all_query_arguments: {
|
6661
|
+
# },
|
6662
|
+
# uri_path: {
|
6663
|
+
# },
|
6664
|
+
# query_string: {
|
6665
|
+
# },
|
6666
|
+
# body: {
|
6667
|
+
# },
|
6668
|
+
# method: {
|
6669
|
+
# },
|
6670
|
+
# json_body: {
|
6671
|
+
# match_pattern: { # required
|
6672
|
+
# all: {
|
6673
|
+
# },
|
6674
|
+
# included_paths: ["JsonPointerPath"],
|
6675
|
+
# },
|
6676
|
+
# match_scope: "ALL", # required, accepts ALL, KEY, VALUE
|
6677
|
+
# invalid_fallback_behavior: "MATCH", # accepts MATCH, NO_MATCH, EVALUATE_AS_STRING
|
6678
|
+
# },
|
6679
|
+
# },
|
6680
|
+
# text_transformations: [ # required
|
6681
|
+
# {
|
6682
|
+
# priority: 1, # required
|
6683
|
+
# type: "NONE", # required, accepts NONE, COMPRESS_WHITE_SPACE, HTML_ENTITY_DECODE, LOWERCASE, CMD_LINE, URL_DECODE, BASE64_DECODE, HEX_DECODE, MD5, REPLACE_COMMENTS, ESCAPE_SEQ_DECODE, SQL_HEX_DECODE, CSS_DECODE, JS_DECODE, NORMALIZE_PATH, NORMALIZE_PATH_WIN, REMOVE_NULLS, REPLACE_NULLS, BASE64_DECODE_EXT, URL_DECODE_UNI, UTF8_TO_UNICODE
|
6684
|
+
# },
|
6685
|
+
# ],
|
6686
|
+
# },
|
6270
6687
|
# },
|
6271
6688
|
# }
|
6272
6689
|
#
|
@@ -6538,6 +6955,42 @@ module Aws::WAFV2
|
|
6538
6955
|
# scope: "LABEL", # required, accepts LABEL, NAMESPACE
|
6539
6956
|
# key: "LabelMatchKey", # required
|
6540
6957
|
# },
|
6958
|
+
# regex_match_statement: {
|
6959
|
+
# regex_string: "RegexPatternString", # required
|
6960
|
+
# field_to_match: { # required
|
6961
|
+
# single_header: {
|
6962
|
+
# name: "FieldToMatchData", # required
|
6963
|
+
# },
|
6964
|
+
# single_query_argument: {
|
6965
|
+
# name: "FieldToMatchData", # required
|
6966
|
+
# },
|
6967
|
+
# all_query_arguments: {
|
6968
|
+
# },
|
6969
|
+
# uri_path: {
|
6970
|
+
# },
|
6971
|
+
# query_string: {
|
6972
|
+
# },
|
6973
|
+
# body: {
|
6974
|
+
# },
|
6975
|
+
# method: {
|
6976
|
+
# },
|
6977
|
+
# json_body: {
|
6978
|
+
# match_pattern: { # required
|
6979
|
+
# all: {
|
6980
|
+
# },
|
6981
|
+
# included_paths: ["JsonPointerPath"],
|
6982
|
+
# },
|
6983
|
+
# match_scope: "ALL", # required, accepts ALL, KEY, VALUE
|
6984
|
+
# invalid_fallback_behavior: "MATCH", # accepts MATCH, NO_MATCH, EVALUATE_AS_STRING
|
6985
|
+
# },
|
6986
|
+
# },
|
6987
|
+
# text_transformations: [ # required
|
6988
|
+
# {
|
6989
|
+
# priority: 1, # required
|
6990
|
+
# type: "NONE", # required, accepts NONE, COMPRESS_WHITE_SPACE, HTML_ENTITY_DECODE, LOWERCASE, CMD_LINE, URL_DECODE, BASE64_DECODE, HEX_DECODE, MD5, REPLACE_COMMENTS, ESCAPE_SEQ_DECODE, SQL_HEX_DECODE, CSS_DECODE, JS_DECODE, NORMALIZE_PATH, NORMALIZE_PATH_WIN, REMOVE_NULLS, REPLACE_NULLS, BASE64_DECODE_EXT, URL_DECODE_UNI, UTF8_TO_UNICODE
|
6991
|
+
# },
|
6992
|
+
# ],
|
6993
|
+
# },
|
6541
6994
|
# },
|
6542
6995
|
# ],
|
6543
6996
|
# }
|
@@ -6555,22 +7008,20 @@ module Aws::WAFV2
|
|
6555
7008
|
include Aws::Structure
|
6556
7009
|
end
|
6557
7010
|
|
6558
|
-
# The
|
6559
|
-
#
|
6560
|
-
#
|
6561
|
-
#
|
6562
|
-
# Set the override action to none to leave the rule actions in effect.
|
6563
|
-
# Set it to count to only count matches, regardless of the rule action
|
6564
|
-
# settings.
|
7011
|
+
# The action to use in the place of the action that results from the
|
7012
|
+
# rule group evaluation. Set the override action to none to leave the
|
7013
|
+
# result of the rule group alone. Set it to count to override the result
|
7014
|
+
# to count only.
|
6565
7015
|
#
|
6566
|
-
#
|
6567
|
-
#
|
7016
|
+
# You can only use this for rule statements that reference a rule group,
|
7017
|
+
# like `RuleGroupReferenceStatement` and `ManagedRuleGroupStatement`.
|
6568
7018
|
#
|
6569
|
-
#
|
6570
|
-
#
|
7019
|
+
# <note markdown="1"> This option is usually set to none. It does not affect how the rules
|
7020
|
+
# in the rule group are evaluated. If you want the rules in the rule
|
7021
|
+
# group to only count matches, do not use this and instead exclude those
|
7022
|
+
# rules in your rule group reference statement settings.
|
6571
7023
|
#
|
6572
|
-
#
|
6573
|
-
# action setting and not this rule override action setting.
|
7024
|
+
# </note>
|
6574
7025
|
#
|
6575
7026
|
# @note When making an API call, you may pass OverrideAction
|
6576
7027
|
# data as a hash:
|
@@ -6591,11 +7042,19 @@ module Aws::WAFV2
|
|
6591
7042
|
# }
|
6592
7043
|
#
|
6593
7044
|
# @!attribute [rw] count
|
6594
|
-
# Override the rule
|
7045
|
+
# Override the rule group evaluation result to count only.
|
7046
|
+
#
|
7047
|
+
# <note markdown="1"> This option is usually set to none. It does not affect how the rules
|
7048
|
+
# in the rule group are evaluated. If you want the rules in the rule
|
7049
|
+
# group to only count matches, do not use this and instead exclude
|
7050
|
+
# those rules in your rule group reference statement settings.
|
7051
|
+
#
|
7052
|
+
# </note>
|
6595
7053
|
# @return [Types::CountAction]
|
6596
7054
|
#
|
6597
7055
|
# @!attribute [rw] none
|
6598
|
-
# Don't override the rule
|
7056
|
+
# Don't override the rule group evaluation result. This is the most
|
7057
|
+
# common setting.
|
6599
7058
|
# @return [Types::NoneAction]
|
6600
7059
|
#
|
6601
7060
|
# @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/OverrideAction AWS API Documentation
|
@@ -6652,7 +7111,7 @@ module Aws::WAFV2
|
|
6652
7111
|
# conditions: [ # required
|
6653
7112
|
# {
|
6654
7113
|
# action_condition: {
|
6655
|
-
# action: "ALLOW", # required, accepts ALLOW, BLOCK, COUNT
|
7114
|
+
# action: "ALLOW", # required, accepts ALLOW, BLOCK, COUNT, CAPTCHA, EXCLUDED_AS_COUNT
|
6656
7115
|
# },
|
6657
7116
|
# label_name_condition: {
|
6658
7117
|
# label_name: "LabelName", # required
|
@@ -7154,6 +7613,42 @@ module Aws::WAFV2
|
|
7154
7613
|
# scope: "LABEL", # required, accepts LABEL, NAMESPACE
|
7155
7614
|
# key: "LabelMatchKey", # required
|
7156
7615
|
# },
|
7616
|
+
# regex_match_statement: {
|
7617
|
+
# regex_string: "RegexPatternString", # required
|
7618
|
+
# field_to_match: { # required
|
7619
|
+
# single_header: {
|
7620
|
+
# name: "FieldToMatchData", # required
|
7621
|
+
# },
|
7622
|
+
# single_query_argument: {
|
7623
|
+
# name: "FieldToMatchData", # required
|
7624
|
+
# },
|
7625
|
+
# all_query_arguments: {
|
7626
|
+
# },
|
7627
|
+
# uri_path: {
|
7628
|
+
# },
|
7629
|
+
# query_string: {
|
7630
|
+
# },
|
7631
|
+
# body: {
|
7632
|
+
# },
|
7633
|
+
# method: {
|
7634
|
+
# },
|
7635
|
+
# json_body: {
|
7636
|
+
# match_pattern: { # required
|
7637
|
+
# all: {
|
7638
|
+
# },
|
7639
|
+
# included_paths: ["JsonPointerPath"],
|
7640
|
+
# },
|
7641
|
+
# match_scope: "ALL", # required, accepts ALL, KEY, VALUE
|
7642
|
+
# invalid_fallback_behavior: "MATCH", # accepts MATCH, NO_MATCH, EVALUATE_AS_STRING
|
7643
|
+
# },
|
7644
|
+
# },
|
7645
|
+
# text_transformations: [ # required
|
7646
|
+
# {
|
7647
|
+
# priority: 1, # required
|
7648
|
+
# type: "NONE", # required, accepts NONE, COMPRESS_WHITE_SPACE, HTML_ENTITY_DECODE, LOWERCASE, CMD_LINE, URL_DECODE, BASE64_DECODE, HEX_DECODE, MD5, REPLACE_COMMENTS, ESCAPE_SEQ_DECODE, SQL_HEX_DECODE, CSS_DECODE, JS_DECODE, NORMALIZE_PATH, NORMALIZE_PATH_WIN, REMOVE_NULLS, REPLACE_NULLS, BASE64_DECODE_EXT, URL_DECODE_UNI, UTF8_TO_UNICODE
|
7649
|
+
# },
|
7650
|
+
# ],
|
7651
|
+
# },
|
7157
7652
|
# },
|
7158
7653
|
# forwarded_ip_config: {
|
7159
7654
|
# header_name: "ForwardedIPHeaderName", # required
|
@@ -7254,6 +7749,77 @@ module Aws::WAFV2
|
|
7254
7749
|
include Aws::Structure
|
7255
7750
|
end
|
7256
7751
|
|
7752
|
+
# A rule statement used to search web request components for a match
|
7753
|
+
# against a single regular expression.
|
7754
|
+
#
|
7755
|
+
# @note When making an API call, you may pass RegexMatchStatement
|
7756
|
+
# data as a hash:
|
7757
|
+
#
|
7758
|
+
# {
|
7759
|
+
# regex_string: "RegexPatternString", # required
|
7760
|
+
# field_to_match: { # required
|
7761
|
+
# single_header: {
|
7762
|
+
# name: "FieldToMatchData", # required
|
7763
|
+
# },
|
7764
|
+
# single_query_argument: {
|
7765
|
+
# name: "FieldToMatchData", # required
|
7766
|
+
# },
|
7767
|
+
# all_query_arguments: {
|
7768
|
+
# },
|
7769
|
+
# uri_path: {
|
7770
|
+
# },
|
7771
|
+
# query_string: {
|
7772
|
+
# },
|
7773
|
+
# body: {
|
7774
|
+
# },
|
7775
|
+
# method: {
|
7776
|
+
# },
|
7777
|
+
# json_body: {
|
7778
|
+
# match_pattern: { # required
|
7779
|
+
# all: {
|
7780
|
+
# },
|
7781
|
+
# included_paths: ["JsonPointerPath"],
|
7782
|
+
# },
|
7783
|
+
# match_scope: "ALL", # required, accepts ALL, KEY, VALUE
|
7784
|
+
# invalid_fallback_behavior: "MATCH", # accepts MATCH, NO_MATCH, EVALUATE_AS_STRING
|
7785
|
+
# },
|
7786
|
+
# },
|
7787
|
+
# text_transformations: [ # required
|
7788
|
+
# {
|
7789
|
+
# priority: 1, # required
|
7790
|
+
# type: "NONE", # required, accepts NONE, COMPRESS_WHITE_SPACE, HTML_ENTITY_DECODE, LOWERCASE, CMD_LINE, URL_DECODE, BASE64_DECODE, HEX_DECODE, MD5, REPLACE_COMMENTS, ESCAPE_SEQ_DECODE, SQL_HEX_DECODE, CSS_DECODE, JS_DECODE, NORMALIZE_PATH, NORMALIZE_PATH_WIN, REMOVE_NULLS, REPLACE_NULLS, BASE64_DECODE_EXT, URL_DECODE_UNI, UTF8_TO_UNICODE
|
7791
|
+
# },
|
7792
|
+
# ],
|
7793
|
+
# }
|
7794
|
+
#
|
7795
|
+
# @!attribute [rw] regex_string
|
7796
|
+
# The string representing the regular expression.
|
7797
|
+
# @return [String]
|
7798
|
+
#
|
7799
|
+
# @!attribute [rw] field_to_match
|
7800
|
+
# The part of a web request that you want WAF to inspect. For more
|
7801
|
+
# information, see FieldToMatch.
|
7802
|
+
# @return [Types::FieldToMatch]
|
7803
|
+
#
|
7804
|
+
# @!attribute [rw] text_transformations
|
7805
|
+
# Text transformations eliminate some of the unusual formatting that
|
7806
|
+
# attackers use in web requests in an effort to bypass detection. If
|
7807
|
+
# you specify one or more transformations in a rule statement, WAF
|
7808
|
+
# performs all transformations on the content of the request component
|
7809
|
+
# identified by `FieldToMatch`, starting from the lowest priority
|
7810
|
+
# setting, before inspecting the content for a match.
|
7811
|
+
# @return [Array<Types::TextTransformation>]
|
7812
|
+
#
|
7813
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/RegexMatchStatement AWS API Documentation
|
7814
|
+
#
|
7815
|
+
class RegexMatchStatement < Struct.new(
|
7816
|
+
:regex_string,
|
7817
|
+
:field_to_match,
|
7818
|
+
:text_transformations)
|
7819
|
+
SENSITIVE = []
|
7820
|
+
include Aws::Structure
|
7821
|
+
end
|
7822
|
+
|
7257
7823
|
# Contains one or more regular expressions.
|
7258
7824
|
#
|
7259
7825
|
# WAF assigns an ARN to each `RegexPatternSet` that you create. To use a
|
@@ -7687,36 +8253,82 @@ module Aws::WAFV2
|
|
7687
8253
|
# scope: "LABEL", # required, accepts LABEL, NAMESPACE
|
7688
8254
|
# key: "LabelMatchKey", # required
|
7689
8255
|
# },
|
7690
|
-
#
|
7691
|
-
#
|
7692
|
-
#
|
7693
|
-
#
|
7694
|
-
#
|
7695
|
-
#
|
7696
|
-
#
|
7697
|
-
#
|
7698
|
-
#
|
7699
|
-
#
|
7700
|
-
#
|
7701
|
-
#
|
7702
|
-
#
|
7703
|
-
#
|
7704
|
-
#
|
7705
|
-
#
|
7706
|
-
#
|
7707
|
-
#
|
7708
|
-
#
|
7709
|
-
#
|
7710
|
-
#
|
7711
|
-
#
|
7712
|
-
#
|
7713
|
-
#
|
7714
|
-
#
|
7715
|
-
#
|
7716
|
-
#
|
7717
|
-
#
|
7718
|
-
#
|
7719
|
-
#
|
8256
|
+
# regex_match_statement: {
|
8257
|
+
# regex_string: "RegexPatternString", # required
|
8258
|
+
# field_to_match: { # required
|
8259
|
+
# single_header: {
|
8260
|
+
# name: "FieldToMatchData", # required
|
8261
|
+
# },
|
8262
|
+
# single_query_argument: {
|
8263
|
+
# name: "FieldToMatchData", # required
|
8264
|
+
# },
|
8265
|
+
# all_query_arguments: {
|
8266
|
+
# },
|
8267
|
+
# uri_path: {
|
8268
|
+
# },
|
8269
|
+
# query_string: {
|
8270
|
+
# },
|
8271
|
+
# body: {
|
8272
|
+
# },
|
8273
|
+
# method: {
|
8274
|
+
# },
|
8275
|
+
# json_body: {
|
8276
|
+
# match_pattern: { # required
|
8277
|
+
# all: {
|
8278
|
+
# },
|
8279
|
+
# included_paths: ["JsonPointerPath"],
|
8280
|
+
# },
|
8281
|
+
# match_scope: "ALL", # required, accepts ALL, KEY, VALUE
|
8282
|
+
# invalid_fallback_behavior: "MATCH", # accepts MATCH, NO_MATCH, EVALUATE_AS_STRING
|
8283
|
+
# },
|
8284
|
+
# },
|
8285
|
+
# text_transformations: [ # required
|
8286
|
+
# {
|
8287
|
+
# priority: 1, # required
|
8288
|
+
# type: "NONE", # required, accepts NONE, COMPRESS_WHITE_SPACE, HTML_ENTITY_DECODE, LOWERCASE, CMD_LINE, URL_DECODE, BASE64_DECODE, HEX_DECODE, MD5, REPLACE_COMMENTS, ESCAPE_SEQ_DECODE, SQL_HEX_DECODE, CSS_DECODE, JS_DECODE, NORMALIZE_PATH, NORMALIZE_PATH_WIN, REMOVE_NULLS, REPLACE_NULLS, BASE64_DECODE_EXT, URL_DECODE_UNI, UTF8_TO_UNICODE
|
8289
|
+
# },
|
8290
|
+
# ],
|
8291
|
+
# },
|
8292
|
+
# },
|
8293
|
+
# action: {
|
8294
|
+
# block: {
|
8295
|
+
# custom_response: {
|
8296
|
+
# response_code: 1, # required
|
8297
|
+
# custom_response_body_key: "EntityName",
|
8298
|
+
# response_headers: [
|
8299
|
+
# {
|
8300
|
+
# name: "CustomHTTPHeaderName", # required
|
8301
|
+
# value: "CustomHTTPHeaderValue", # required
|
8302
|
+
# },
|
8303
|
+
# ],
|
8304
|
+
# },
|
8305
|
+
# },
|
8306
|
+
# allow: {
|
8307
|
+
# custom_request_handling: {
|
8308
|
+
# insert_headers: [ # required
|
8309
|
+
# {
|
8310
|
+
# name: "CustomHTTPHeaderName", # required
|
8311
|
+
# value: "CustomHTTPHeaderValue", # required
|
8312
|
+
# },
|
8313
|
+
# ],
|
8314
|
+
# },
|
8315
|
+
# },
|
8316
|
+
# count: {
|
8317
|
+
# custom_request_handling: {
|
8318
|
+
# insert_headers: [ # required
|
8319
|
+
# {
|
8320
|
+
# name: "CustomHTTPHeaderName", # required
|
8321
|
+
# value: "CustomHTTPHeaderValue", # required
|
8322
|
+
# },
|
8323
|
+
# ],
|
8324
|
+
# },
|
8325
|
+
# },
|
8326
|
+
# captcha: {
|
8327
|
+
# custom_request_handling: {
|
8328
|
+
# insert_headers: [ # required
|
8329
|
+
# {
|
8330
|
+
# name: "CustomHTTPHeaderName", # required
|
8331
|
+
# value: "CustomHTTPHeaderValue", # required
|
7720
8332
|
# },
|
7721
8333
|
# ],
|
7722
8334
|
# },
|
@@ -7746,6 +8358,11 @@ module Aws::WAFV2
|
|
7746
8358
|
# cloud_watch_metrics_enabled: false, # required
|
7747
8359
|
# metric_name: "MetricName", # required
|
7748
8360
|
# },
|
8361
|
+
# captcha_config: {
|
8362
|
+
# immunity_time_property: {
|
8363
|
+
# immunity_time: 1, # required
|
8364
|
+
# },
|
8365
|
+
# },
|
7749
8366
|
# }
|
7750
8367
|
#
|
7751
8368
|
# @!attribute [rw] name
|
@@ -7786,22 +8403,21 @@ module Aws::WAFV2
|
|
7786
8403
|
# @return [Types::RuleAction]
|
7787
8404
|
#
|
7788
8405
|
# @!attribute [rw] override_action
|
7789
|
-
# The
|
7790
|
-
#
|
7791
|
-
#
|
7792
|
-
#
|
7793
|
-
# Set the override action to none to leave the rule actions in effect.
|
7794
|
-
# Set it to count to only count matches, regardless of the rule action
|
7795
|
-
# settings.
|
8406
|
+
# The action to use in the place of the action that results from the
|
8407
|
+
# rule group evaluation. Set the override action to none to leave the
|
8408
|
+
# result of the rule group alone. Set it to count to override the
|
8409
|
+
# result to count only.
|
7796
8410
|
#
|
7797
|
-
#
|
7798
|
-
#
|
8411
|
+
# You can only use this for rule statements that reference a rule
|
8412
|
+
# group, like `RuleGroupReferenceStatement` and
|
8413
|
+
# `ManagedRuleGroupStatement`.
|
7799
8414
|
#
|
7800
|
-
#
|
7801
|
-
#
|
8415
|
+
# <note markdown="1"> This option is usually set to none. It does not affect how the rules
|
8416
|
+
# in the rule group are evaluated. If you want the rules in the rule
|
8417
|
+
# group to only count matches, do not use this and instead exclude
|
8418
|
+
# those rules in your rule group reference statement settings.
|
7802
8419
|
#
|
7803
|
-
#
|
7804
|
-
# rule action setting and not this rule override action setting.
|
8420
|
+
# </note>
|
7805
8421
|
# @return [Types::OverrideAction]
|
7806
8422
|
#
|
7807
8423
|
# @!attribute [rw] rule_labels
|
@@ -7835,6 +8451,12 @@ module Aws::WAFV2
|
|
7835
8451
|
# collection.
|
7836
8452
|
# @return [Types::VisibilityConfig]
|
7837
8453
|
#
|
8454
|
+
# @!attribute [rw] captcha_config
|
8455
|
+
# Specifies how WAF should handle `CAPTCHA` evaluations. If you don't
|
8456
|
+
# specify this, WAF uses the `CAPTCHA` configuration that's defined
|
8457
|
+
# for the web ACL.
|
8458
|
+
# @return [Types::CaptchaConfig]
|
8459
|
+
#
|
7838
8460
|
# @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/Rule AWS API Documentation
|
7839
8461
|
#
|
7840
8462
|
class Rule < Struct.new(
|
@@ -7844,7 +8466,8 @@ module Aws::WAFV2
|
|
7844
8466
|
:action,
|
7845
8467
|
:override_action,
|
7846
8468
|
:rule_labels,
|
7847
|
-
:visibility_config
|
8469
|
+
:visibility_config,
|
8470
|
+
:captcha_config)
|
7848
8471
|
SENSITIVE = []
|
7849
8472
|
include Aws::Structure
|
7850
8473
|
end
|
@@ -7889,6 +8512,16 @@ module Aws::WAFV2
|
|
7889
8512
|
# ],
|
7890
8513
|
# },
|
7891
8514
|
# },
|
8515
|
+
# captcha: {
|
8516
|
+
# custom_request_handling: {
|
8517
|
+
# insert_headers: [ # required
|
8518
|
+
# {
|
8519
|
+
# name: "CustomHTTPHeaderName", # required
|
8520
|
+
# value: "CustomHTTPHeaderValue", # required
|
8521
|
+
# },
|
8522
|
+
# ],
|
8523
|
+
# },
|
8524
|
+
# },
|
7892
8525
|
# }
|
7893
8526
|
#
|
7894
8527
|
# @!attribute [rw] block
|
@@ -7903,12 +8536,17 @@ module Aws::WAFV2
|
|
7903
8536
|
# Instructs WAF to count the web request and allow it.
|
7904
8537
|
# @return [Types::CountAction]
|
7905
8538
|
#
|
8539
|
+
# @!attribute [rw] captcha
|
8540
|
+
# Instructs WAF to run a `CAPTCHA` check against the web request.
|
8541
|
+
# @return [Types::CaptchaAction]
|
8542
|
+
#
|
7906
8543
|
# @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/RuleAction AWS API Documentation
|
7907
8544
|
#
|
7908
8545
|
class RuleAction < Struct.new(
|
7909
8546
|
:block,
|
7910
8547
|
:allow,
|
7911
|
-
:count
|
8548
|
+
:count,
|
8549
|
+
:captcha)
|
7912
8550
|
SENSITIVE = []
|
7913
8551
|
include Aws::Structure
|
7914
8552
|
end
|
@@ -8062,8 +8700,11 @@ module Aws::WAFV2
|
|
8062
8700
|
# @return [String]
|
8063
8701
|
#
|
8064
8702
|
# @!attribute [rw] excluded_rules
|
8065
|
-
# The
|
8066
|
-
# you
|
8703
|
+
# The rules in the referenced rule group whose actions are set to
|
8704
|
+
# `Count`. When you exclude a rule, WAF evaluates it exactly as it
|
8705
|
+
# would if the rule action setting were `Count`. This is a useful
|
8706
|
+
# option for testing the rules in a rule group without modifying how
|
8707
|
+
# they handle your web traffic.
|
8067
8708
|
# @return [Array<Types::ExcludedRule>]
|
8068
8709
|
#
|
8069
8710
|
# @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/RuleGroupReferenceStatement AWS API Documentation
|
@@ -8172,8 +8813,8 @@ module Aws::WAFV2
|
|
8172
8813
|
# @return [Time]
|
8173
8814
|
#
|
8174
8815
|
# @!attribute [rw] action
|
8175
|
-
# The action for the `Rule` that the request matched: `
|
8176
|
-
# `
|
8816
|
+
# The action for the `Rule` that the request matched: `Allow`,
|
8817
|
+
# `Block`, or `Count`.
|
8177
8818
|
# @return [String]
|
8178
8819
|
#
|
8179
8820
|
# @!attribute [rw] rule_name_within_rule_group
|
@@ -8204,6 +8845,10 @@ module Aws::WAFV2
|
|
8204
8845
|
# or `awswaf:managed:aws:managed-rule-set:header:encoding:utf8`.
|
8205
8846
|
# @return [Array<Types::Label>]
|
8206
8847
|
#
|
8848
|
+
# @!attribute [rw] captcha_response
|
8849
|
+
# The `CAPTCHA` response for the request.
|
8850
|
+
# @return [Types::CaptchaResponse]
|
8851
|
+
#
|
8207
8852
|
# @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/SampledHTTPRequest AWS API Documentation
|
8208
8853
|
#
|
8209
8854
|
class SampledHTTPRequest < Struct.new(
|
@@ -8214,7 +8859,8 @@ module Aws::WAFV2
|
|
8214
8859
|
:rule_name_within_rule_group,
|
8215
8860
|
:request_headers_inserted,
|
8216
8861
|
:response_code_sent,
|
8217
|
-
:labels
|
8862
|
+
:labels,
|
8863
|
+
:captcha_response)
|
8218
8864
|
SENSITIVE = []
|
8219
8865
|
include Aws::Structure
|
8220
8866
|
end
|
@@ -8887,6 +9533,42 @@ module Aws::WAFV2
|
|
8887
9533
|
# scope: "LABEL", # required, accepts LABEL, NAMESPACE
|
8888
9534
|
# key: "LabelMatchKey", # required
|
8889
9535
|
# },
|
9536
|
+
# regex_match_statement: {
|
9537
|
+
# regex_string: "RegexPatternString", # required
|
9538
|
+
# field_to_match: { # required
|
9539
|
+
# single_header: {
|
9540
|
+
# name: "FieldToMatchData", # required
|
9541
|
+
# },
|
9542
|
+
# single_query_argument: {
|
9543
|
+
# name: "FieldToMatchData", # required
|
9544
|
+
# },
|
9545
|
+
# all_query_arguments: {
|
9546
|
+
# },
|
9547
|
+
# uri_path: {
|
9548
|
+
# },
|
9549
|
+
# query_string: {
|
9550
|
+
# },
|
9551
|
+
# body: {
|
9552
|
+
# },
|
9553
|
+
# method: {
|
9554
|
+
# },
|
9555
|
+
# json_body: {
|
9556
|
+
# match_pattern: { # required
|
9557
|
+
# all: {
|
9558
|
+
# },
|
9559
|
+
# included_paths: ["JsonPointerPath"],
|
9560
|
+
# },
|
9561
|
+
# match_scope: "ALL", # required, accepts ALL, KEY, VALUE
|
9562
|
+
# invalid_fallback_behavior: "MATCH", # accepts MATCH, NO_MATCH, EVALUATE_AS_STRING
|
9563
|
+
# },
|
9564
|
+
# },
|
9565
|
+
# text_transformations: [ # required
|
9566
|
+
# {
|
9567
|
+
# priority: 1, # required
|
9568
|
+
# type: "NONE", # required, accepts NONE, COMPRESS_WHITE_SPACE, HTML_ENTITY_DECODE, LOWERCASE, CMD_LINE, URL_DECODE, BASE64_DECODE, HEX_DECODE, MD5, REPLACE_COMMENTS, ESCAPE_SEQ_DECODE, SQL_HEX_DECODE, CSS_DECODE, JS_DECODE, NORMALIZE_PATH, NORMALIZE_PATH_WIN, REMOVE_NULLS, REPLACE_NULLS, BASE64_DECODE_EXT, URL_DECODE_UNI, UTF8_TO_UNICODE
|
9569
|
+
# },
|
9570
|
+
# ],
|
9571
|
+
# },
|
8890
9572
|
# },
|
8891
9573
|
# forwarded_ip_config: {
|
8892
9574
|
# header_name: "ForwardedIPHeaderName", # required
|
@@ -9140,6 +9822,42 @@ module Aws::WAFV2
|
|
9140
9822
|
# scope: "LABEL", # required, accepts LABEL, NAMESPACE
|
9141
9823
|
# key: "LabelMatchKey", # required
|
9142
9824
|
# },
|
9825
|
+
# regex_match_statement: {
|
9826
|
+
# regex_string: "RegexPatternString", # required
|
9827
|
+
# field_to_match: { # required
|
9828
|
+
# single_header: {
|
9829
|
+
# name: "FieldToMatchData", # required
|
9830
|
+
# },
|
9831
|
+
# single_query_argument: {
|
9832
|
+
# name: "FieldToMatchData", # required
|
9833
|
+
# },
|
9834
|
+
# all_query_arguments: {
|
9835
|
+
# },
|
9836
|
+
# uri_path: {
|
9837
|
+
# },
|
9838
|
+
# query_string: {
|
9839
|
+
# },
|
9840
|
+
# body: {
|
9841
|
+
# },
|
9842
|
+
# method: {
|
9843
|
+
# },
|
9844
|
+
# json_body: {
|
9845
|
+
# match_pattern: { # required
|
9846
|
+
# all: {
|
9847
|
+
# },
|
9848
|
+
# included_paths: ["JsonPointerPath"],
|
9849
|
+
# },
|
9850
|
+
# match_scope: "ALL", # required, accepts ALL, KEY, VALUE
|
9851
|
+
# invalid_fallback_behavior: "MATCH", # accepts MATCH, NO_MATCH, EVALUATE_AS_STRING
|
9852
|
+
# },
|
9853
|
+
# },
|
9854
|
+
# text_transformations: [ # required
|
9855
|
+
# {
|
9856
|
+
# priority: 1, # required
|
9857
|
+
# type: "NONE", # required, accepts NONE, COMPRESS_WHITE_SPACE, HTML_ENTITY_DECODE, LOWERCASE, CMD_LINE, URL_DECODE, BASE64_DECODE, HEX_DECODE, MD5, REPLACE_COMMENTS, ESCAPE_SEQ_DECODE, SQL_HEX_DECODE, CSS_DECODE, JS_DECODE, NORMALIZE_PATH, NORMALIZE_PATH_WIN, REMOVE_NULLS, REPLACE_NULLS, BASE64_DECODE_EXT, URL_DECODE_UNI, UTF8_TO_UNICODE
|
9858
|
+
# },
|
9859
|
+
# ],
|
9860
|
+
# },
|
9143
9861
|
# },
|
9144
9862
|
# ],
|
9145
9863
|
# },
|
@@ -9390,6 +10108,42 @@ module Aws::WAFV2
|
|
9390
10108
|
# scope: "LABEL", # required, accepts LABEL, NAMESPACE
|
9391
10109
|
# key: "LabelMatchKey", # required
|
9392
10110
|
# },
|
10111
|
+
# regex_match_statement: {
|
10112
|
+
# regex_string: "RegexPatternString", # required
|
10113
|
+
# field_to_match: { # required
|
10114
|
+
# single_header: {
|
10115
|
+
# name: "FieldToMatchData", # required
|
10116
|
+
# },
|
10117
|
+
# single_query_argument: {
|
10118
|
+
# name: "FieldToMatchData", # required
|
10119
|
+
# },
|
10120
|
+
# all_query_arguments: {
|
10121
|
+
# },
|
10122
|
+
# uri_path: {
|
10123
|
+
# },
|
10124
|
+
# query_string: {
|
10125
|
+
# },
|
10126
|
+
# body: {
|
10127
|
+
# },
|
10128
|
+
# method: {
|
10129
|
+
# },
|
10130
|
+
# json_body: {
|
10131
|
+
# match_pattern: { # required
|
10132
|
+
# all: {
|
10133
|
+
# },
|
10134
|
+
# included_paths: ["JsonPointerPath"],
|
10135
|
+
# },
|
10136
|
+
# match_scope: "ALL", # required, accepts ALL, KEY, VALUE
|
10137
|
+
# invalid_fallback_behavior: "MATCH", # accepts MATCH, NO_MATCH, EVALUATE_AS_STRING
|
10138
|
+
# },
|
10139
|
+
# },
|
10140
|
+
# text_transformations: [ # required
|
10141
|
+
# {
|
10142
|
+
# priority: 1, # required
|
10143
|
+
# type: "NONE", # required, accepts NONE, COMPRESS_WHITE_SPACE, HTML_ENTITY_DECODE, LOWERCASE, CMD_LINE, URL_DECODE, BASE64_DECODE, HEX_DECODE, MD5, REPLACE_COMMENTS, ESCAPE_SEQ_DECODE, SQL_HEX_DECODE, CSS_DECODE, JS_DECODE, NORMALIZE_PATH, NORMALIZE_PATH_WIN, REMOVE_NULLS, REPLACE_NULLS, BASE64_DECODE_EXT, URL_DECODE_UNI, UTF8_TO_UNICODE
|
10144
|
+
# },
|
10145
|
+
# ],
|
10146
|
+
# },
|
9393
10147
|
# },
|
9394
10148
|
# ],
|
9395
10149
|
# },
|
@@ -9643,6 +10397,42 @@ module Aws::WAFV2
|
|
9643
10397
|
# scope: "LABEL", # required, accepts LABEL, NAMESPACE
|
9644
10398
|
# key: "LabelMatchKey", # required
|
9645
10399
|
# },
|
10400
|
+
# regex_match_statement: {
|
10401
|
+
# regex_string: "RegexPatternString", # required
|
10402
|
+
# field_to_match: { # required
|
10403
|
+
# single_header: {
|
10404
|
+
# name: "FieldToMatchData", # required
|
10405
|
+
# },
|
10406
|
+
# single_query_argument: {
|
10407
|
+
# name: "FieldToMatchData", # required
|
10408
|
+
# },
|
10409
|
+
# all_query_arguments: {
|
10410
|
+
# },
|
10411
|
+
# uri_path: {
|
10412
|
+
# },
|
10413
|
+
# query_string: {
|
10414
|
+
# },
|
10415
|
+
# body: {
|
10416
|
+
# },
|
10417
|
+
# method: {
|
10418
|
+
# },
|
10419
|
+
# json_body: {
|
10420
|
+
# match_pattern: { # required
|
10421
|
+
# all: {
|
10422
|
+
# },
|
10423
|
+
# included_paths: ["JsonPointerPath"],
|
10424
|
+
# },
|
10425
|
+
# match_scope: "ALL", # required, accepts ALL, KEY, VALUE
|
10426
|
+
# invalid_fallback_behavior: "MATCH", # accepts MATCH, NO_MATCH, EVALUATE_AS_STRING
|
10427
|
+
# },
|
10428
|
+
# },
|
10429
|
+
# text_transformations: [ # required
|
10430
|
+
# {
|
10431
|
+
# priority: 1, # required
|
10432
|
+
# type: "NONE", # required, accepts NONE, COMPRESS_WHITE_SPACE, HTML_ENTITY_DECODE, LOWERCASE, CMD_LINE, URL_DECODE, BASE64_DECODE, HEX_DECODE, MD5, REPLACE_COMMENTS, ESCAPE_SEQ_DECODE, SQL_HEX_DECODE, CSS_DECODE, JS_DECODE, NORMALIZE_PATH, NORMALIZE_PATH_WIN, REMOVE_NULLS, REPLACE_NULLS, BASE64_DECODE_EXT, URL_DECODE_UNI, UTF8_TO_UNICODE
|
10433
|
+
# },
|
10434
|
+
# ],
|
10435
|
+
# },
|
9646
10436
|
# },
|
9647
10437
|
# },
|
9648
10438
|
# managed_rule_group_statement: {
|
@@ -9895,12 +10685,84 @@ module Aws::WAFV2
|
|
9895
10685
|
# scope: "LABEL", # required, accepts LABEL, NAMESPACE
|
9896
10686
|
# key: "LabelMatchKey", # required
|
9897
10687
|
# },
|
10688
|
+
# regex_match_statement: {
|
10689
|
+
# regex_string: "RegexPatternString", # required
|
10690
|
+
# field_to_match: { # required
|
10691
|
+
# single_header: {
|
10692
|
+
# name: "FieldToMatchData", # required
|
10693
|
+
# },
|
10694
|
+
# single_query_argument: {
|
10695
|
+
# name: "FieldToMatchData", # required
|
10696
|
+
# },
|
10697
|
+
# all_query_arguments: {
|
10698
|
+
# },
|
10699
|
+
# uri_path: {
|
10700
|
+
# },
|
10701
|
+
# query_string: {
|
10702
|
+
# },
|
10703
|
+
# body: {
|
10704
|
+
# },
|
10705
|
+
# method: {
|
10706
|
+
# },
|
10707
|
+
# json_body: {
|
10708
|
+
# match_pattern: { # required
|
10709
|
+
# all: {
|
10710
|
+
# },
|
10711
|
+
# included_paths: ["JsonPointerPath"],
|
10712
|
+
# },
|
10713
|
+
# match_scope: "ALL", # required, accepts ALL, KEY, VALUE
|
10714
|
+
# invalid_fallback_behavior: "MATCH", # accepts MATCH, NO_MATCH, EVALUATE_AS_STRING
|
10715
|
+
# },
|
10716
|
+
# },
|
10717
|
+
# text_transformations: [ # required
|
10718
|
+
# {
|
10719
|
+
# priority: 1, # required
|
10720
|
+
# type: "NONE", # required, accepts NONE, COMPRESS_WHITE_SPACE, HTML_ENTITY_DECODE, LOWERCASE, CMD_LINE, URL_DECODE, BASE64_DECODE, HEX_DECODE, MD5, REPLACE_COMMENTS, ESCAPE_SEQ_DECODE, SQL_HEX_DECODE, CSS_DECODE, JS_DECODE, NORMALIZE_PATH, NORMALIZE_PATH_WIN, REMOVE_NULLS, REPLACE_NULLS, BASE64_DECODE_EXT, URL_DECODE_UNI, UTF8_TO_UNICODE
|
10721
|
+
# },
|
10722
|
+
# ],
|
10723
|
+
# },
|
9898
10724
|
# },
|
9899
10725
|
# },
|
9900
10726
|
# label_match_statement: {
|
9901
10727
|
# scope: "LABEL", # required, accepts LABEL, NAMESPACE
|
9902
10728
|
# key: "LabelMatchKey", # required
|
9903
10729
|
# },
|
10730
|
+
# regex_match_statement: {
|
10731
|
+
# regex_string: "RegexPatternString", # required
|
10732
|
+
# field_to_match: { # required
|
10733
|
+
# single_header: {
|
10734
|
+
# name: "FieldToMatchData", # required
|
10735
|
+
# },
|
10736
|
+
# single_query_argument: {
|
10737
|
+
# name: "FieldToMatchData", # required
|
10738
|
+
# },
|
10739
|
+
# all_query_arguments: {
|
10740
|
+
# },
|
10741
|
+
# uri_path: {
|
10742
|
+
# },
|
10743
|
+
# query_string: {
|
10744
|
+
# },
|
10745
|
+
# body: {
|
10746
|
+
# },
|
10747
|
+
# method: {
|
10748
|
+
# },
|
10749
|
+
# json_body: {
|
10750
|
+
# match_pattern: { # required
|
10751
|
+
# all: {
|
10752
|
+
# },
|
10753
|
+
# included_paths: ["JsonPointerPath"],
|
10754
|
+
# },
|
10755
|
+
# match_scope: "ALL", # required, accepts ALL, KEY, VALUE
|
10756
|
+
# invalid_fallback_behavior: "MATCH", # accepts MATCH, NO_MATCH, EVALUATE_AS_STRING
|
10757
|
+
# },
|
10758
|
+
# },
|
10759
|
+
# text_transformations: [ # required
|
10760
|
+
# {
|
10761
|
+
# priority: 1, # required
|
10762
|
+
# type: "NONE", # required, accepts NONE, COMPRESS_WHITE_SPACE, HTML_ENTITY_DECODE, LOWERCASE, CMD_LINE, URL_DECODE, BASE64_DECODE, HEX_DECODE, MD5, REPLACE_COMMENTS, ESCAPE_SEQ_DECODE, SQL_HEX_DECODE, CSS_DECODE, JS_DECODE, NORMALIZE_PATH, NORMALIZE_PATH_WIN, REMOVE_NULLS, REPLACE_NULLS, BASE64_DECODE_EXT, URL_DECODE_UNI, UTF8_TO_UNICODE
|
10763
|
+
# },
|
10764
|
+
# ],
|
10765
|
+
# },
|
9904
10766
|
# }
|
9905
10767
|
#
|
9906
10768
|
# @!attribute [rw] byte_match_statement
|
@@ -10082,6 +10944,11 @@ module Aws::WAFV2
|
|
10082
10944
|
# that were added in the same context as the label match statement.
|
10083
10945
|
# @return [Types::LabelMatchStatement]
|
10084
10946
|
#
|
10947
|
+
# @!attribute [rw] regex_match_statement
|
10948
|
+
# A rule statement used to search web request components for a match
|
10949
|
+
# against a single regular expression.
|
10950
|
+
# @return [Types::RegexMatchStatement]
|
10951
|
+
#
|
10085
10952
|
# @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/Statement AWS API Documentation
|
10086
10953
|
#
|
10087
10954
|
class Statement < Struct.new(
|
@@ -10098,7 +10965,8 @@ module Aws::WAFV2
|
|
10098
10965
|
:or_statement,
|
10099
10966
|
:not_statement,
|
10100
10967
|
:managed_rule_group_statement,
|
10101
|
-
:label_match_statement
|
10968
|
+
:label_match_statement,
|
10969
|
+
:regex_match_statement)
|
10102
10970
|
SENSITIVE = []
|
10103
10971
|
include Aws::Structure
|
10104
10972
|
end
|
@@ -11024,6 +11892,42 @@ module Aws::WAFV2
|
|
11024
11892
|
# scope: "LABEL", # required, accepts LABEL, NAMESPACE
|
11025
11893
|
# key: "LabelMatchKey", # required
|
11026
11894
|
# },
|
11895
|
+
# regex_match_statement: {
|
11896
|
+
# regex_string: "RegexPatternString", # required
|
11897
|
+
# field_to_match: { # required
|
11898
|
+
# single_header: {
|
11899
|
+
# name: "FieldToMatchData", # required
|
11900
|
+
# },
|
11901
|
+
# single_query_argument: {
|
11902
|
+
# name: "FieldToMatchData", # required
|
11903
|
+
# },
|
11904
|
+
# all_query_arguments: {
|
11905
|
+
# },
|
11906
|
+
# uri_path: {
|
11907
|
+
# },
|
11908
|
+
# query_string: {
|
11909
|
+
# },
|
11910
|
+
# body: {
|
11911
|
+
# },
|
11912
|
+
# method: {
|
11913
|
+
# },
|
11914
|
+
# json_body: {
|
11915
|
+
# match_pattern: { # required
|
11916
|
+
# all: {
|
11917
|
+
# },
|
11918
|
+
# included_paths: ["JsonPointerPath"],
|
11919
|
+
# },
|
11920
|
+
# match_scope: "ALL", # required, accepts ALL, KEY, VALUE
|
11921
|
+
# invalid_fallback_behavior: "MATCH", # accepts MATCH, NO_MATCH, EVALUATE_AS_STRING
|
11922
|
+
# },
|
11923
|
+
# },
|
11924
|
+
# text_transformations: [ # required
|
11925
|
+
# {
|
11926
|
+
# priority: 1, # required
|
11927
|
+
# type: "NONE", # required, accepts NONE, COMPRESS_WHITE_SPACE, HTML_ENTITY_DECODE, LOWERCASE, CMD_LINE, URL_DECODE, BASE64_DECODE, HEX_DECODE, MD5, REPLACE_COMMENTS, ESCAPE_SEQ_DECODE, SQL_HEX_DECODE, CSS_DECODE, JS_DECODE, NORMALIZE_PATH, NORMALIZE_PATH_WIN, REMOVE_NULLS, REPLACE_NULLS, BASE64_DECODE_EXT, URL_DECODE_UNI, UTF8_TO_UNICODE
|
11928
|
+
# },
|
11929
|
+
# ],
|
11930
|
+
# },
|
11027
11931
|
# },
|
11028
11932
|
# action: {
|
11029
11933
|
# block: {
|
@@ -11058,6 +11962,16 @@ module Aws::WAFV2
|
|
11058
11962
|
# ],
|
11059
11963
|
# },
|
11060
11964
|
# },
|
11965
|
+
# captcha: {
|
11966
|
+
# custom_request_handling: {
|
11967
|
+
# insert_headers: [ # required
|
11968
|
+
# {
|
11969
|
+
# name: "CustomHTTPHeaderName", # required
|
11970
|
+
# value: "CustomHTTPHeaderValue", # required
|
11971
|
+
# },
|
11972
|
+
# ],
|
11973
|
+
# },
|
11974
|
+
# },
|
11061
11975
|
# },
|
11062
11976
|
# override_action: {
|
11063
11977
|
# count: {
|
@@ -11083,6 +11997,11 @@ module Aws::WAFV2
|
|
11083
11997
|
# cloud_watch_metrics_enabled: false, # required
|
11084
11998
|
# metric_name: "MetricName", # required
|
11085
11999
|
# },
|
12000
|
+
# captcha_config: {
|
12001
|
+
# immunity_time_property: {
|
12002
|
+
# immunity_time: 1, # required
|
12003
|
+
# },
|
12004
|
+
# },
|
11086
12005
|
# },
|
11087
12006
|
# ],
|
11088
12007
|
# visibility_config: { # required
|
@@ -11490,6 +12409,42 @@ module Aws::WAFV2
|
|
11490
12409
|
# scope: "LABEL", # required, accepts LABEL, NAMESPACE
|
11491
12410
|
# key: "LabelMatchKey", # required
|
11492
12411
|
# },
|
12412
|
+
# regex_match_statement: {
|
12413
|
+
# regex_string: "RegexPatternString", # required
|
12414
|
+
# field_to_match: { # required
|
12415
|
+
# single_header: {
|
12416
|
+
# name: "FieldToMatchData", # required
|
12417
|
+
# },
|
12418
|
+
# single_query_argument: {
|
12419
|
+
# name: "FieldToMatchData", # required
|
12420
|
+
# },
|
12421
|
+
# all_query_arguments: {
|
12422
|
+
# },
|
12423
|
+
# uri_path: {
|
12424
|
+
# },
|
12425
|
+
# query_string: {
|
12426
|
+
# },
|
12427
|
+
# body: {
|
12428
|
+
# },
|
12429
|
+
# method: {
|
12430
|
+
# },
|
12431
|
+
# json_body: {
|
12432
|
+
# match_pattern: { # required
|
12433
|
+
# all: {
|
12434
|
+
# },
|
12435
|
+
# included_paths: ["JsonPointerPath"],
|
12436
|
+
# },
|
12437
|
+
# match_scope: "ALL", # required, accepts ALL, KEY, VALUE
|
12438
|
+
# invalid_fallback_behavior: "MATCH", # accepts MATCH, NO_MATCH, EVALUATE_AS_STRING
|
12439
|
+
# },
|
12440
|
+
# },
|
12441
|
+
# text_transformations: [ # required
|
12442
|
+
# {
|
12443
|
+
# priority: 1, # required
|
12444
|
+
# type: "NONE", # required, accepts NONE, COMPRESS_WHITE_SPACE, HTML_ENTITY_DECODE, LOWERCASE, CMD_LINE, URL_DECODE, BASE64_DECODE, HEX_DECODE, MD5, REPLACE_COMMENTS, ESCAPE_SEQ_DECODE, SQL_HEX_DECODE, CSS_DECODE, JS_DECODE, NORMALIZE_PATH, NORMALIZE_PATH_WIN, REMOVE_NULLS, REPLACE_NULLS, BASE64_DECODE_EXT, URL_DECODE_UNI, UTF8_TO_UNICODE
|
12445
|
+
# },
|
12446
|
+
# ],
|
12447
|
+
# },
|
11493
12448
|
# },
|
11494
12449
|
# action: {
|
11495
12450
|
# block: {
|
@@ -11524,6 +12479,16 @@ module Aws::WAFV2
|
|
11524
12479
|
# ],
|
11525
12480
|
# },
|
11526
12481
|
# },
|
12482
|
+
# captcha: {
|
12483
|
+
# custom_request_handling: {
|
12484
|
+
# insert_headers: [ # required
|
12485
|
+
# {
|
12486
|
+
# name: "CustomHTTPHeaderName", # required
|
12487
|
+
# value: "CustomHTTPHeaderValue", # required
|
12488
|
+
# },
|
12489
|
+
# ],
|
12490
|
+
# },
|
12491
|
+
# },
|
11527
12492
|
# },
|
11528
12493
|
# override_action: {
|
11529
12494
|
# count: {
|
@@ -11549,6 +12514,11 @@ module Aws::WAFV2
|
|
11549
12514
|
# cloud_watch_metrics_enabled: false, # required
|
11550
12515
|
# metric_name: "MetricName", # required
|
11551
12516
|
# },
|
12517
|
+
# captcha_config: {
|
12518
|
+
# immunity_time_property: {
|
12519
|
+
# immunity_time: 1, # required
|
12520
|
+
# },
|
12521
|
+
# },
|
11552
12522
|
# },
|
11553
12523
|
# ],
|
11554
12524
|
# visibility_config: { # required
|
@@ -11563,6 +12533,11 @@ module Aws::WAFV2
|
|
11563
12533
|
# content: "ResponseContent", # required
|
11564
12534
|
# },
|
11565
12535
|
# },
|
12536
|
+
# captcha_config: {
|
12537
|
+
# immunity_time_property: {
|
12538
|
+
# immunity_time: 1, # required
|
12539
|
+
# },
|
12540
|
+
# },
|
11566
12541
|
# }
|
11567
12542
|
#
|
11568
12543
|
# @!attribute [rw] name
|
@@ -11645,6 +12620,12 @@ module Aws::WAFV2
|
|
11645
12620
|
# [3]: https://docs.aws.amazon.com/waf/latest/developerguide/limits.html
|
11646
12621
|
# @return [Hash<String,Types::CustomResponseBody>]
|
11647
12622
|
#
|
12623
|
+
# @!attribute [rw] captcha_config
|
12624
|
+
# Specifies how WAF should handle `CAPTCHA` evaluations for rules that
|
12625
|
+
# don't have their own `CaptchaConfig` settings. If you don't
|
12626
|
+
# specify this, WAF uses its default settings for `CaptchaConfig`.
|
12627
|
+
# @return [Types::CaptchaConfig]
|
12628
|
+
#
|
11648
12629
|
# @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/UpdateWebACLRequest AWS API Documentation
|
11649
12630
|
#
|
11650
12631
|
class UpdateWebACLRequest < Struct.new(
|
@@ -11656,7 +12637,8 @@ module Aws::WAFV2
|
|
11656
12637
|
:rules,
|
11657
12638
|
:visibility_config,
|
11658
12639
|
:lock_token,
|
11659
|
-
:custom_response_bodies
|
12640
|
+
:custom_response_bodies,
|
12641
|
+
:captcha_config)
|
11660
12642
|
SENSITIVE = []
|
11661
12643
|
include Aws::Structure
|
11662
12644
|
end
|
@@ -12196,6 +13178,12 @@ module Aws::WAFV2
|
|
12196
13178
|
# [3]: https://docs.aws.amazon.com/waf/latest/developerguide/limits.html
|
12197
13179
|
# @return [Hash<String,Types::CustomResponseBody>]
|
12198
13180
|
#
|
13181
|
+
# @!attribute [rw] captcha_config
|
13182
|
+
# Specifies how WAF should handle `CAPTCHA` evaluations for rules that
|
13183
|
+
# don't have their own `CaptchaConfig` settings. If you don't
|
13184
|
+
# specify this, WAF uses its default settings for `CaptchaConfig`.
|
13185
|
+
# @return [Types::CaptchaConfig]
|
13186
|
+
#
|
12199
13187
|
# @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/WebACL AWS API Documentation
|
12200
13188
|
#
|
12201
13189
|
class WebACL < Struct.new(
|
@@ -12211,7 +13199,8 @@ module Aws::WAFV2
|
|
12211
13199
|
:post_process_firewall_manager_rule_groups,
|
12212
13200
|
:managed_by_firewall_manager,
|
12213
13201
|
:label_namespace,
|
12214
|
-
:custom_response_bodies
|
13202
|
+
:custom_response_bodies,
|
13203
|
+
:captcha_config)
|
12215
13204
|
SENSITIVE = []
|
12216
13205
|
include Aws::Structure
|
12217
13206
|
end
|