aws-sdk-wafv2 1.28.0 → 1.32.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 4b206f6136550394175f6892d68f5251ed144656d69ab4c49e759fe2fb5b9902
-  data.tar.gz: c38b69a9983aa54e12a3ff37636030b2fd05613a616ca15c62f9fdcddb148135
+  metadata.gz: b49fb00fb3091146492c357b33ab6fae6ac653e6827c49b7b191c88001c57bec
+  data.tar.gz: 93180ac25984d733e1b91f6d347af72919bed70b7b005107e2ca8f2a12b9c307
 SHA512:
-  metadata.gz: f9cbccf2304cf36306c10754fb6f666b6182d5a21e94a9295b542da7342473e5729aba5b6debdd5ea540442b3e161a9f76065961cd8b134d837c836298410c16
-  data.tar.gz: 5ee2b369a09ab087c4cba82fc694946630a16ea0be2c59b1be322feff647713d1be2ab916b217bc1d8b5c70220fb032f66ee61a51e2a98ca16d98d8cc6153f11
+  metadata.gz: 147eef6c9cc48fcdd1917e34af5674be72d4976ad459eaa4184051178e4194014c56f4a8515061e5e1a8700b49fa7bcf4ce71754fe19e8f45abb2325c638e682
+  data.tar.gz: 81a142ea9622e96022a69ae9669ab58c6214f753d29b9177385b6a8a1f1ebba2250c58744275f1bf291fb503318d4d4869451df5f4c5402aa002c040eeccecf0

data/CHANGELOG.md

@@ -1,6 +1,26 @@
 Unreleased Changes
 ------------------
 
+1.32.0 (2021-11-30)
+------------------
+
+* Feature - Code Generated Changes, see `./build_tools` or `aws-sdk-core`'s CHANGELOG.md for details.
+
+1.31.0 (2021-11-15)
+------------------
+
+* Feature - Your options for logging web ACL traffic now include Amazon CloudWatch Logs log groups and Amazon S3 buckets.
+
+1.30.0 (2021-11-08)
+------------------
+
+* Feature - You can now configure rules to run a CAPTCHA check against web requests and, as needed, send a CAPTCHA challenge to the client.
+
+1.29.0 (2021-11-04)
+------------------
+
+* Feature - Code Generated Changes, see `./build_tools` or `aws-sdk-core`'s CHANGELOG.md for details.
+
 1.28.0 (2021-10-18)
 ------------------
 

data/VERSION

@@ -1 +1 @@
-1.28.0
+1.32.0

data/lib/aws-sdk-wafv2/client.rb

@@ -119,7 +119,9 @@ module Aws::WAFV2
     #     * EC2/ECS IMDS instance profile - When used by default, the timeouts
     #       are very aggressive. Construct and pass an instance of
     #       `Aws::InstanceProfileCredentails` or `Aws::ECSCredentials` to
-    #       enable retries and extended timeouts.
+    #       enable retries and extended timeouts. Instance profile credential
+    #       fetching can be disabled by setting ENV['AWS_EC2_METADATA_DISABLED']
+    #       to true.
     #
     #   @option options [required, String] :region
     #     The AWS region to connect to.  The configured `:region` is
@@ -285,6 +287,15 @@ module Aws::WAFV2
     #     ** Please note ** When response stubbing is enabled, no HTTP
     #     requests are made, and retries are disabled.
     #
+    #   @option options [Boolean] :use_dualstack_endpoint
+    #     When set to `true`, dualstack enabled endpoints (with `.aws` TLD)
+    #     will be used if available.
+    #
+    #   @option options [Boolean] :use_fips_endpoint
+    #     When set to `true`, fips compatible endpoints will be used if available.
+    #     When a `fips` region is used, the region is normalized and this config
+    #     is set to `true`.
+    #
     #   @option options [Boolean] :validate_params (true)
     #     When `true`, request parameters are validated before
     #     sending the request.
@@ -753,6 +764,16 @@ module Aws::WAFV2
     #               ],
     #             },
     #           },
+    #           captcha: {
+    #             custom_request_handling: {
+    #               insert_headers: [ # required
+    #                 {
+    #                   name: "CustomHTTPHeaderName", # required
+    #                   value: "CustomHTTPHeaderValue", # required
+    #                 },
+    #               ],
+    #             },
+    #           },
     #         },
     #         override_action: {
     #           count: {
@@ -778,6 +799,11 @@ module Aws::WAFV2
     #           cloud_watch_metrics_enabled: false, # required
     #           metric_name: "MetricName", # required
     #         },
+    #         captcha_config: {
+    #           immunity_time_property: {
+    #             immunity_time: 1, # required
+    #           },
+    #         },
     #       },
     #     ],
     #   })
@@ -1380,6 +1406,16 @@ module Aws::WAFV2
     #               ],
     #             },
     #           },
+    #           captcha: {
+    #             custom_request_handling: {
+    #               insert_headers: [ # required
+    #                 {
+    #                   name: "CustomHTTPHeaderName", # required
+    #                   value: "CustomHTTPHeaderValue", # required
+    #                 },
+    #               ],
+    #             },
+    #           },
     #         },
     #         override_action: {
     #           count: {
@@ -1405,6 +1441,11 @@ module Aws::WAFV2
     #           cloud_watch_metrics_enabled: false, # required
     #           metric_name: "MetricName", # required
     #         },
+    #         captcha_config: {
+    #           immunity_time_property: {
+    #             immunity_time: 1, # required
+    #           },
+    #         },
     #       },
     #     ],
     #     visibility_config: { # required
@@ -1514,6 +1555,11 @@ module Aws::WAFV2
     #   [2]: https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html
     #   [3]: https://docs.aws.amazon.com/waf/latest/developerguide/limits.html
     #
+    # @option params [Types::CaptchaConfig] :captcha_config
+    #   Specifies how WAF should handle `CAPTCHA` evaluations for rules that
+    #   don't have their own `CaptchaConfig` settings. If you don't specify
+    #   this, WAF uses its default settings for `CaptchaConfig`.
+    #
     # @return [Types::CreateWebACLResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
     #
     #   * {Types::CreateWebACLResponse#summary #summary} => Types::WebACLSummary
@@ -1873,6 +1919,16 @@ module Aws::WAFV2
     #               ],
     #             },
     #           },
+    #           captcha: {
+    #             custom_request_handling: {
+    #               insert_headers: [ # required
+    #                 {
+    #                   name: "CustomHTTPHeaderName", # required
+    #                   value: "CustomHTTPHeaderValue", # required
+    #                 },
+    #               ],
+    #             },
+    #           },
     #         },
     #         override_action: {
     #           count: {
@@ -1898,6 +1954,11 @@ module Aws::WAFV2
     #           cloud_watch_metrics_enabled: false, # required
     #           metric_name: "MetricName", # required
     #         },
+    #         captcha_config: {
+    #           immunity_time_property: {
+    #             immunity_time: 1, # required
+    #           },
+    #         },
     #       },
     #     ],
     #     visibility_config: { # required
@@ -1917,6 +1978,11 @@ module Aws::WAFV2
     #         content: "ResponseContent", # required
     #       },
     #     },
+    #     captcha_config: {
+    #       immunity_time_property: {
+    #         immunity_time: 1, # required
+    #       },
+    #     },
     #   })
     #
     # @example Response structure
@@ -2319,6 +2385,9 @@ module Aws::WAFV2
     #   resp.rules[0].action.count.custom_request_handling.insert_headers #=> Array
     #   resp.rules[0].action.count.custom_request_handling.insert_headers[0].name #=> String
     #   resp.rules[0].action.count.custom_request_handling.insert_headers[0].value #=> String
+    #   resp.rules[0].action.captcha.custom_request_handling.insert_headers #=> Array
+    #   resp.rules[0].action.captcha.custom_request_handling.insert_headers[0].name #=> String
+    #   resp.rules[0].action.captcha.custom_request_handling.insert_headers[0].value #=> String
     #   resp.label_namespace #=> String
     #   resp.available_labels #=> Array
     #   resp.available_labels[0].name #=> String
@@ -2471,7 +2540,7 @@ module Aws::WAFV2
     #   resp.logging_configuration.logging_filter.filters[0].behavior #=> String, one of "KEEP", "DROP"
     #   resp.logging_configuration.logging_filter.filters[0].requirement #=> String, one of "MEETS_ALL", "MEETS_ANY"
     #   resp.logging_configuration.logging_filter.filters[0].conditions #=> Array
-    #   resp.logging_configuration.logging_filter.filters[0].conditions[0].action_condition.action #=> String, one of "ALLOW", "BLOCK", "COUNT"
+    #   resp.logging_configuration.logging_filter.filters[0].conditions[0].action_condition.action #=> String, one of "ALLOW", "BLOCK", "COUNT", "CAPTCHA", "EXCLUDED_AS_COUNT"
     #   resp.logging_configuration.logging_filter.filters[0].conditions[0].label_name_condition.label_name #=> String
     #   resp.logging_configuration.logging_filter.default_behavior #=> String, one of "KEEP", "DROP"
     #
@@ -2888,6 +2957,9 @@ module Aws::WAFV2
     #   resp.rule_group.rules[0].action.count.custom_request_handling.insert_headers #=> Array
     #   resp.rule_group.rules[0].action.count.custom_request_handling.insert_headers[0].name #=> String
     #   resp.rule_group.rules[0].action.count.custom_request_handling.insert_headers[0].value #=> String
+    #   resp.rule_group.rules[0].action.captcha.custom_request_handling.insert_headers #=> Array
+    #   resp.rule_group.rules[0].action.captcha.custom_request_handling.insert_headers[0].name #=> String
+    #   resp.rule_group.rules[0].action.captcha.custom_request_handling.insert_headers[0].value #=> String
     #   resp.rule_group.rules[0].override_action.count.custom_request_handling.insert_headers #=> Array
     #   resp.rule_group.rules[0].override_action.count.custom_request_handling.insert_headers[0].name #=> String
     #   resp.rule_group.rules[0].override_action.count.custom_request_handling.insert_headers[0].value #=> String
@@ -2896,6 +2968,7 @@ module Aws::WAFV2
     #   resp.rule_group.rules[0].visibility_config.sampled_requests_enabled #=> Boolean
     #   resp.rule_group.rules[0].visibility_config.cloud_watch_metrics_enabled #=> Boolean
     #   resp.rule_group.rules[0].visibility_config.metric_name #=> String
+    #   resp.rule_group.rules[0].captcha_config.immunity_time_property.immunity_time #=> Integer
     #   resp.rule_group.visibility_config.sampled_requests_enabled #=> Boolean
     #   resp.rule_group.visibility_config.cloud_watch_metrics_enabled #=> Boolean
     #   resp.rule_group.visibility_config.metric_name #=> String
@@ -3009,6 +3082,9 @@ module Aws::WAFV2
     #   resp.sampled_requests[0].response_code_sent #=> Integer
     #   resp.sampled_requests[0].labels #=> Array
     #   resp.sampled_requests[0].labels[0].name #=> String
+    #   resp.sampled_requests[0].captcha_response.response_code #=> Integer
+    #   resp.sampled_requests[0].captcha_response.solve_timestamp #=> Integer
+    #   resp.sampled_requests[0].captcha_response.failure_reason #=> String, one of "TOKEN_MISSING", "TOKEN_EXPIRED"
     #   resp.population_size #=> Integer
     #   resp.time_window.start_time #=> Time
     #   resp.time_window.end_time #=> Time
@@ -3177,6 +3253,9 @@ module Aws::WAFV2
     #   resp.web_acl.rules[0].action.count.custom_request_handling.insert_headers #=> Array
     #   resp.web_acl.rules[0].action.count.custom_request_handling.insert_headers[0].name #=> String
     #   resp.web_acl.rules[0].action.count.custom_request_handling.insert_headers[0].value #=> String
+    #   resp.web_acl.rules[0].action.captcha.custom_request_handling.insert_headers #=> Array
+    #   resp.web_acl.rules[0].action.captcha.custom_request_handling.insert_headers[0].name #=> String
+    #   resp.web_acl.rules[0].action.captcha.custom_request_handling.insert_headers[0].value #=> String
     #   resp.web_acl.rules[0].override_action.count.custom_request_handling.insert_headers #=> Array
     #   resp.web_acl.rules[0].override_action.count.custom_request_handling.insert_headers[0].name #=> String
     #   resp.web_acl.rules[0].override_action.count.custom_request_handling.insert_headers[0].value #=> String
@@ -3185,6 +3264,7 @@ module Aws::WAFV2
     #   resp.web_acl.rules[0].visibility_config.sampled_requests_enabled #=> Boolean
     #   resp.web_acl.rules[0].visibility_config.cloud_watch_metrics_enabled #=> Boolean
     #   resp.web_acl.rules[0].visibility_config.metric_name #=> String
+    #   resp.web_acl.rules[0].captcha_config.immunity_time_property.immunity_time #=> Integer
     #   resp.web_acl.visibility_config.sampled_requests_enabled #=> Boolean
     #   resp.web_acl.visibility_config.cloud_watch_metrics_enabled #=> Boolean
     #   resp.web_acl.visibility_config.metric_name #=> String
@@ -3396,6 +3476,7 @@ module Aws::WAFV2
     #   resp.web_acl.custom_response_bodies #=> Hash
     #   resp.web_acl.custom_response_bodies["EntityName"].content_type #=> String, one of "TEXT_PLAIN", "TEXT_HTML", "APPLICATION_JSON"
     #   resp.web_acl.custom_response_bodies["EntityName"].content #=> String
+    #   resp.web_acl.captcha_config.immunity_time_property.immunity_time #=> Integer
     #   resp.lock_token #=> String
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/GetWebACL AWS API Documentation
@@ -3539,6 +3620,9 @@ module Aws::WAFV2
     #   resp.web_acl.rules[0].action.count.custom_request_handling.insert_headers #=> Array
     #   resp.web_acl.rules[0].action.count.custom_request_handling.insert_headers[0].name #=> String
     #   resp.web_acl.rules[0].action.count.custom_request_handling.insert_headers[0].value #=> String
+    #   resp.web_acl.rules[0].action.captcha.custom_request_handling.insert_headers #=> Array
+    #   resp.web_acl.rules[0].action.captcha.custom_request_handling.insert_headers[0].name #=> String
+    #   resp.web_acl.rules[0].action.captcha.custom_request_handling.insert_headers[0].value #=> String
     #   resp.web_acl.rules[0].override_action.count.custom_request_handling.insert_headers #=> Array
     #   resp.web_acl.rules[0].override_action.count.custom_request_handling.insert_headers[0].name #=> String
     #   resp.web_acl.rules[0].override_action.count.custom_request_handling.insert_headers[0].value #=> String
@@ -3547,6 +3631,7 @@ module Aws::WAFV2
     #   resp.web_acl.rules[0].visibility_config.sampled_requests_enabled #=> Boolean
     #   resp.web_acl.rules[0].visibility_config.cloud_watch_metrics_enabled #=> Boolean
     #   resp.web_acl.rules[0].visibility_config.metric_name #=> String
+    #   resp.web_acl.rules[0].captcha_config.immunity_time_property.immunity_time #=> Integer
     #   resp.web_acl.visibility_config.sampled_requests_enabled #=> Boolean
     #   resp.web_acl.visibility_config.cloud_watch_metrics_enabled #=> Boolean
     #   resp.web_acl.visibility_config.metric_name #=> String
@@ -3758,6 +3843,7 @@ module Aws::WAFV2
     #   resp.web_acl.custom_response_bodies #=> Hash
     #   resp.web_acl.custom_response_bodies["EntityName"].content_type #=> String, one of "TEXT_PLAIN", "TEXT_HTML", "APPLICATION_JSON"
     #   resp.web_acl.custom_response_bodies["EntityName"].content #=> String
+    #   resp.web_acl.captcha_config.immunity_time_property.immunity_time #=> Integer
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/GetWebACLForResource AWS API Documentation
     #
@@ -3963,7 +4049,7 @@ module Aws::WAFV2
 
     # Retrieves an array of your LoggingConfiguration objects.
     #
-    # @option params [String] :scope
+    # @option params [required, String] :scope
     #   Specifies whether this is for an Amazon CloudFront distribution or for
     #   a regional application. A regional application can be an Application
     #   Load Balancer (ALB), an Amazon API Gateway REST API, or an AppSync
@@ -3998,7 +4084,7 @@ module Aws::WAFV2
     # @example Request syntax with placeholder values
     #
     #   resp = client.list_logging_configurations({
-    #     scope: "CLOUDFRONT", # accepts CLOUDFRONT, REGIONAL
+    #     scope: "CLOUDFRONT", # required, accepts CLOUDFRONT, REGIONAL
     #     next_marker: "NextMarker",
     #     limit: 1,
     #   })
@@ -4021,7 +4107,7 @@ module Aws::WAFV2
     #   resp.logging_configurations[0].logging_filter.filters[0].behavior #=> String, one of "KEEP", "DROP"
     #   resp.logging_configurations[0].logging_filter.filters[0].requirement #=> String, one of "MEETS_ALL", "MEETS_ANY"
     #   resp.logging_configurations[0].logging_filter.filters[0].conditions #=> Array
-    #   resp.logging_configurations[0].logging_filter.filters[0].conditions[0].action_condition.action #=> String, one of "ALLOW", "BLOCK", "COUNT"
+    #   resp.logging_configurations[0].logging_filter.filters[0].conditions[0].action_condition.action #=> String, one of "ALLOW", "BLOCK", "COUNT", "CAPTCHA", "EXCLUDED_AS_COUNT"
     #   resp.logging_configurations[0].logging_filter.filters[0].conditions[0].label_name_condition.label_name #=> String
     #   resp.logging_configurations[0].logging_filter.default_behavior #=> String, one of "KEEP", "DROP"
     #   resp.next_marker #=> String
@@ -4395,28 +4481,22 @@ module Aws::WAFV2
     # You can access information about all traffic that WAF inspects using
     # the following steps:
     #
-    # 1.  Create an Amazon Kinesis Data Firehose.
-    #
-    #     Create the data firehose with a PUT source and in the Region that
-    #     you are operating. If you are capturing logs for Amazon
-    #     CloudFront, always create the firehose in US East (N. Virginia).
-    #
-    #     Give the data firehose a name that starts with the prefix
-    #     `aws-waf-logs-`. For example, `aws-waf-logs-us-east-2-analytics`.
+    # 1.  Create your logging destination. You can use an Amazon CloudWatch
+    #     Logs log group, an Amazon Simple Storage Service (Amazon S3)
+    #     bucket, or an Amazon Kinesis Data Firehose. For information about
+    #     configuring logging destinations and the permissions that are
+    #     required for each, see [Logging web ACL traffic information][1] in
+    #     the *WAF Developer Guide*.
     #
-    #     <note markdown="1"> Do not create the data firehose using a `Kinesis stream` as your
-    #     source.
-    #
-    #      </note>
-    #
-    # 2.  Associate that firehose to your web ACL using a
+    # 2.  Associate your logging destination to your web ACL using a
     #     `PutLoggingConfiguration` request.
     #
     # When you successfully enable logging using a `PutLoggingConfiguration`
-    # request, WAF will create a service linked role with the necessary
-    # permissions to write logs to the Amazon Kinesis Data Firehose. For
-    # more information, see [Logging Web ACL Traffic Information][1] in the
-    # *WAF Developer Guide*.
+    # request, WAF creates an additional role or policy that is required to
+    # write logs to the logging destination. For an Amazon CloudWatch Logs
+    # log group, WAF creates a resource policy on the log group. For an
+    # Amazon S3 bucket, WAF creates a bucket policy. For an Amazon Kinesis
+    # Data Firehose, WAF creates a service-linked role.
     #
     # <note markdown="1"> This operation completely replaces the mutable specifications that you
     # already have for the logging configuration with the ones that you
@@ -4481,7 +4561,7 @@ module Aws::WAFV2
     #             conditions: [ # required
     #               {
     #                 action_condition: {
-    #                   action: "ALLOW", # required, accepts ALLOW, BLOCK, COUNT
+    #                   action: "ALLOW", # required, accepts ALLOW, BLOCK, COUNT, CAPTCHA, EXCLUDED_AS_COUNT
     #                 },
     #                 label_name_condition: {
     #                   label_name: "LabelName", # required
@@ -4512,7 +4592,7 @@ module Aws::WAFV2
     #   resp.logging_configuration.logging_filter.filters[0].behavior #=> String, one of "KEEP", "DROP"
     #   resp.logging_configuration.logging_filter.filters[0].requirement #=> String, one of "MEETS_ALL", "MEETS_ANY"
     #   resp.logging_configuration.logging_filter.filters[0].conditions #=> Array
-    #   resp.logging_configuration.logging_filter.filters[0].conditions[0].action_condition.action #=> String, one of "ALLOW", "BLOCK", "COUNT"
+    #   resp.logging_configuration.logging_filter.filters[0].conditions[0].action_condition.action #=> String, one of "ALLOW", "BLOCK", "COUNT", "CAPTCHA", "EXCLUDED_AS_COUNT"
     #   resp.logging_configuration.logging_filter.filters[0].conditions[0].label_name_condition.label_name #=> String
     #   resp.logging_configuration.logging_filter.default_behavior #=> String, one of "KEEP", "DROP"
     #
@@ -5460,6 +5540,16 @@ module Aws::WAFV2
     #               ],
     #             },
     #           },
+    #           captcha: {
+    #             custom_request_handling: {
+    #               insert_headers: [ # required
+    #                 {
+    #                   name: "CustomHTTPHeaderName", # required
+    #                   value: "CustomHTTPHeaderValue", # required
+    #                 },
+    #               ],
+    #             },
+    #           },
     #         },
     #         override_action: {
     #           count: {
@@ -5485,6 +5575,11 @@ module Aws::WAFV2
     #           cloud_watch_metrics_enabled: false, # required
     #           metric_name: "MetricName", # required
     #         },
+    #         captcha_config: {
+    #           immunity_time_property: {
+    #             immunity_time: 1, # required
+    #           },
+    #         },
     #       },
     #     ],
     #     visibility_config: { # required
@@ -5605,6 +5700,11 @@ module Aws::WAFV2
     #   [2]: https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html
     #   [3]: https://docs.aws.amazon.com/waf/latest/developerguide/limits.html
     #
+    # @option params [Types::CaptchaConfig] :captcha_config
+    #   Specifies how WAF should handle `CAPTCHA` evaluations for rules that
+    #   don't have their own `CaptchaConfig` settings. If you don't specify
+    #   this, WAF uses its default settings for `CaptchaConfig`.
+    #
     # @return [Types::UpdateWebACLResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
     #
     #   * {Types::UpdateWebACLResponse#next_lock_token #next_lock_token} => String
@@ -5965,6 +6065,16 @@ module Aws::WAFV2
     #               ],
     #             },
     #           },
+    #           captcha: {
+    #             custom_request_handling: {
+    #               insert_headers: [ # required
+    #                 {
+    #                   name: "CustomHTTPHeaderName", # required
+    #                   value: "CustomHTTPHeaderValue", # required
+    #                 },
+    #               ],
+    #             },
+    #           },
     #         },
     #         override_action: {
     #           count: {
@@ -5990,6 +6100,11 @@ module Aws::WAFV2
     #           cloud_watch_metrics_enabled: false, # required
     #           metric_name: "MetricName", # required
     #         },
+    #         captcha_config: {
+    #           immunity_time_property: {
+    #             immunity_time: 1, # required
+    #           },
+    #         },
     #       },
     #     ],
     #     visibility_config: { # required
@@ -6004,6 +6119,11 @@ module Aws::WAFV2
     #         content: "ResponseContent", # required
     #       },
     #     },
+    #     captcha_config: {
+    #       immunity_time_property: {
+    #         immunity_time: 1, # required
+    #       },
+    #     },
     #   })
     #
     # @example Response structure
@@ -6032,7 +6152,7 @@ module Aws::WAFV2
         params: params,
         config: config)
       context[:gem_name] = 'aws-sdk-wafv2'
-      context[:gem_version] = '1.28.0'
+      context[:gem_version] = '1.32.0'
       Seahorse::Client::Request.new(handlers, context)
     end
 

data/lib/aws-sdk-wafv2/client_api.rb

@@ -28,6 +28,9 @@ module Aws::WAFV2
     Boolean = Shapes::BooleanShape.new(name: 'Boolean')
     ByteMatchStatement = Shapes::StructureShape.new(name: 'ByteMatchStatement')
     CapacityUnit = Shapes::IntegerShape.new(name: 'CapacityUnit')
+    CaptchaAction = Shapes::StructureShape.new(name: 'CaptchaAction')
+    CaptchaConfig = Shapes::StructureShape.new(name: 'CaptchaConfig')
+    CaptchaResponse = Shapes::StructureShape.new(name: 'CaptchaResponse')
     CheckCapacityRequest = Shapes::StructureShape.new(name: 'CheckCapacityRequest')
     CheckCapacityResponse = Shapes::StructureShape.new(name: 'CheckCapacityResponse')
     ComparisonOperator = Shapes::StringShape.new(name: 'ComparisonOperator')
@@ -80,6 +83,7 @@ module Aws::WAFV2
     ErrorReason = Shapes::StringShape.new(name: 'ErrorReason')
     ExcludedRule = Shapes::StructureShape.new(name: 'ExcludedRule')
     ExcludedRules = Shapes::ListShape.new(name: 'ExcludedRules')
+    FailureReason = Shapes::StringShape.new(name: 'FailureReason')
     FallbackBehavior = Shapes::StringShape.new(name: 'FallbackBehavior')
     FieldToMatch = Shapes::StructureShape.new(name: 'FieldToMatch')
     FieldToMatchData = Shapes::StringShape.new(name: 'FieldToMatchData')
@@ -130,6 +134,7 @@ module Aws::WAFV2
     IPSetSummaries = Shapes::ListShape.new(name: 'IPSetSummaries')
     IPSetSummary = Shapes::StructureShape.new(name: 'IPSetSummary')
     IPString = Shapes::StringShape.new(name: 'IPString')
+    ImmunityTimeProperty = Shapes::StructureShape.new(name: 'ImmunityTimeProperty')
     JsonBody = Shapes::StructureShape.new(name: 'JsonBody')
     JsonMatchPattern = Shapes::StructureShape.new(name: 'JsonMatchPattern')
     JsonMatchScope = Shapes::StringShape.new(name: 'JsonMatchScope')
@@ -216,6 +221,7 @@ module Aws::WAFV2
     ResourceArn = Shapes::StringShape.new(name: 'ResourceArn')
     ResourceArns = Shapes::ListShape.new(name: 'ResourceArns')
     ResourceType = Shapes::StringShape.new(name: 'ResourceType')
+    ResponseCode = Shapes::IntegerShape.new(name: 'ResponseCode')
     ResponseContent = Shapes::StringShape.new(name: 'ResponseContent')
     ResponseContentType = Shapes::StringShape.new(name: 'ResponseContentType')
     ResponseStatusCode = Shapes::IntegerShape.new(name: 'ResponseStatusCode')
@@ -238,6 +244,7 @@ module Aws::WAFV2
     SingleQueryArgument = Shapes::StructureShape.new(name: 'SingleQueryArgument')
     Size = Shapes::IntegerShape.new(name: 'Size')
     SizeConstraintStatement = Shapes::StructureShape.new(name: 'SizeConstraintStatement')
+    SolveTimestamp = Shapes::IntegerShape.new(name: 'SolveTimestamp')
     SqliMatchStatement = Shapes::StructureShape.new(name: 'SqliMatchStatement')
     Statement = Shapes::StructureShape.new(name: 'Statement')
     Statements = Shapes::ListShape.new(name: 'Statements')
@@ -255,6 +262,7 @@ module Aws::WAFV2
     TextTransformations = Shapes::ListShape.new(name: 'TextTransformations')
     TimeWindow = Shapes::StructureShape.new(name: 'TimeWindow')
     TimeWindowDay = Shapes::IntegerShape.new(name: 'TimeWindowDay')
+    TimeWindowSecond = Shapes::IntegerShape.new(name: 'TimeWindowSecond')
     Timestamp = Shapes::TimestampShape.new(name: 'Timestamp')
     URIString = Shapes::StringShape.new(name: 'URIString')
     UntagResourceRequest = Shapes::StructureShape.new(name: 'UntagResourceRequest')
@@ -284,6 +292,7 @@ module Aws::WAFV2
     WAFInvalidPermissionPolicyException = Shapes::StructureShape.new(name: 'WAFInvalidPermissionPolicyException')
     WAFInvalidResourceException = Shapes::StructureShape.new(name: 'WAFInvalidResourceException')
     WAFLimitsExceededException = Shapes::StructureShape.new(name: 'WAFLimitsExceededException')
+    WAFLogDestinationPermissionIssueException = Shapes::StructureShape.new(name: 'WAFLogDestinationPermissionIssueException')
     WAFNonexistentItemException = Shapes::StructureShape.new(name: 'WAFNonexistentItemException')
     WAFOptimisticLockException = Shapes::StructureShape.new(name: 'WAFOptimisticLockException')
     WAFServiceLinkedRoleErrorException = Shapes::StructureShape.new(name: 'WAFServiceLinkedRoleErrorException')
@@ -326,6 +335,17 @@ module Aws::WAFV2
     ByteMatchStatement.add_member(:positional_constraint, Shapes::ShapeRef.new(shape: PositionalConstraint, required: true, location_name: "PositionalConstraint"))
     ByteMatchStatement.struct_class = Types::ByteMatchStatement
 
+    CaptchaAction.add_member(:custom_request_handling, Shapes::ShapeRef.new(shape: CustomRequestHandling, location_name: "CustomRequestHandling"))
+    CaptchaAction.struct_class = Types::CaptchaAction
+
+    CaptchaConfig.add_member(:immunity_time_property, Shapes::ShapeRef.new(shape: ImmunityTimeProperty, location_name: "ImmunityTimeProperty"))
+    CaptchaConfig.struct_class = Types::CaptchaConfig
+
+    CaptchaResponse.add_member(:response_code, Shapes::ShapeRef.new(shape: ResponseCode, location_name: "ResponseCode"))
+    CaptchaResponse.add_member(:solve_timestamp, Shapes::ShapeRef.new(shape: SolveTimestamp, location_name: "SolveTimestamp"))
+    CaptchaResponse.add_member(:failure_reason, Shapes::ShapeRef.new(shape: FailureReason, location_name: "FailureReason"))
+    CaptchaResponse.struct_class = Types::CaptchaResponse
+
     CheckCapacityRequest.add_member(:scope, Shapes::ShapeRef.new(shape: Scope, required: true, location_name: "Scope"))
     CheckCapacityRequest.add_member(:rules, Shapes::ShapeRef.new(shape: Rules, required: true, location_name: "Rules"))
     CheckCapacityRequest.struct_class = Types::CheckCapacityRequest
@@ -386,6 +406,7 @@ module Aws::WAFV2
     CreateWebACLRequest.add_member(:visibility_config, Shapes::ShapeRef.new(shape: VisibilityConfig, required: true, location_name: "VisibilityConfig"))
     CreateWebACLRequest.add_member(:tags, Shapes::ShapeRef.new(shape: TagList, location_name: "Tags"))
     CreateWebACLRequest.add_member(:custom_response_bodies, Shapes::ShapeRef.new(shape: CustomResponseBodies, location_name: "CustomResponseBodies"))
+    CreateWebACLRequest.add_member(:captcha_config, Shapes::ShapeRef.new(shape: CaptchaConfig, location_name: "CaptchaConfig"))
     CreateWebACLRequest.struct_class = Types::CreateWebACLRequest
 
     CreateWebACLResponse.add_member(:summary, Shapes::ShapeRef.new(shape: WebACLSummary, location_name: "Summary"))
@@ -657,6 +678,9 @@ module Aws::WAFV2
     IPSetSummary.add_member(:arn, Shapes::ShapeRef.new(shape: ResourceArn, location_name: "ARN"))
     IPSetSummary.struct_class = Types::IPSetSummary
 
+    ImmunityTimeProperty.add_member(:immunity_time, Shapes::ShapeRef.new(shape: TimeWindowSecond, required: true, location_name: "ImmunityTime"))
+    ImmunityTimeProperty.struct_class = Types::ImmunityTimeProperty
+
     JsonBody.add_member(:match_pattern, Shapes::ShapeRef.new(shape: JsonMatchPattern, required: true, location_name: "MatchPattern"))
     JsonBody.add_member(:match_scope, Shapes::ShapeRef.new(shape: JsonMatchScope, required: true, location_name: "MatchScope"))
     JsonBody.add_member(:invalid_fallback_behavior, Shapes::ShapeRef.new(shape: BodyParsingFallbackBehavior, location_name: "InvalidFallbackBehavior"))
@@ -714,7 +738,7 @@ module Aws::WAFV2
     ListIPSetsResponse.add_member(:ip_sets, Shapes::ShapeRef.new(shape: IPSetSummaries, location_name: "IPSets"))
     ListIPSetsResponse.struct_class = Types::ListIPSetsResponse
 
-    ListLoggingConfigurationsRequest.add_member(:scope, Shapes::ShapeRef.new(shape: Scope, location_name: "Scope"))
+    ListLoggingConfigurationsRequest.add_member(:scope, Shapes::ShapeRef.new(shape: Scope, required: true, location_name: "Scope"))
     ListLoggingConfigurationsRequest.add_member(:next_marker, Shapes::ShapeRef.new(shape: NextMarker, location_name: "NextMarker"))
     ListLoggingConfigurationsRequest.add_member(:limit, Shapes::ShapeRef.new(shape: PaginationLimit, location_name: "Limit"))
     ListLoggingConfigurationsRequest.struct_class = Types::ListLoggingConfigurationsRequest
@@ -931,11 +955,13 @@ module Aws::WAFV2
     Rule.add_member(:override_action, Shapes::ShapeRef.new(shape: OverrideAction, location_name: "OverrideAction"))
     Rule.add_member(:rule_labels, Shapes::ShapeRef.new(shape: Labels, location_name: "RuleLabels"))
     Rule.add_member(:visibility_config, Shapes::ShapeRef.new(shape: VisibilityConfig, required: true, location_name: "VisibilityConfig"))
+    Rule.add_member(:captcha_config, Shapes::ShapeRef.new(shape: CaptchaConfig, location_name: "CaptchaConfig"))
     Rule.struct_class = Types::Rule
 
     RuleAction.add_member(:block, Shapes::ShapeRef.new(shape: BlockAction, location_name: "Block"))
     RuleAction.add_member(:allow, Shapes::ShapeRef.new(shape: AllowAction, location_name: "Allow"))
     RuleAction.add_member(:count, Shapes::ShapeRef.new(shape: CountAction, location_name: "Count"))
+    RuleAction.add_member(:captcha, Shapes::ShapeRef.new(shape: CaptchaAction, location_name: "Captcha"))
     RuleAction.struct_class = Types::RuleAction
 
     RuleGroup.add_member(:name, Shapes::ShapeRef.new(shape: EntityName, required: true, location_name: "Name"))
@@ -980,6 +1006,7 @@ module Aws::WAFV2
     SampledHTTPRequest.add_member(:request_headers_inserted, Shapes::ShapeRef.new(shape: HTTPHeaders, location_name: "RequestHeadersInserted"))
     SampledHTTPRequest.add_member(:response_code_sent, Shapes::ShapeRef.new(shape: ResponseStatusCode, location_name: "ResponseCodeSent"))
     SampledHTTPRequest.add_member(:labels, Shapes::ShapeRef.new(shape: Labels, location_name: "Labels"))
+    SampledHTTPRequest.add_member(:captcha_response, Shapes::ShapeRef.new(shape: CaptchaResponse, location_name: "CaptchaResponse"))
     SampledHTTPRequest.struct_class = Types::SampledHTTPRequest
 
     SampledHTTPRequests.member = Shapes::ShapeRef.new(shape: SampledHTTPRequest)
@@ -1110,6 +1137,7 @@ module Aws::WAFV2
     UpdateWebACLRequest.add_member(:visibility_config, Shapes::ShapeRef.new(shape: VisibilityConfig, required: true, location_name: "VisibilityConfig"))
     UpdateWebACLRequest.add_member(:lock_token, Shapes::ShapeRef.new(shape: LockToken, required: true, location_name: "LockToken"))
     UpdateWebACLRequest.add_member(:custom_response_bodies, Shapes::ShapeRef.new(shape: CustomResponseBodies, location_name: "CustomResponseBodies"))
+    UpdateWebACLRequest.add_member(:captcha_config, Shapes::ShapeRef.new(shape: CaptchaConfig, location_name: "CaptchaConfig"))
     UpdateWebACLRequest.struct_class = Types::UpdateWebACLRequest
 
     UpdateWebACLResponse.add_member(:next_lock_token, Shapes::ShapeRef.new(shape: LockToken, location_name: "NextLockToken"))
@@ -1159,6 +1187,9 @@ module Aws::WAFV2
     WAFLimitsExceededException.add_member(:message, Shapes::ShapeRef.new(shape: ErrorMessage, location_name: "Message"))
     WAFLimitsExceededException.struct_class = Types::WAFLimitsExceededException
 
+    WAFLogDestinationPermissionIssueException.add_member(:message, Shapes::ShapeRef.new(shape: ErrorMessage, location_name: "Message"))
+    WAFLogDestinationPermissionIssueException.struct_class = Types::WAFLogDestinationPermissionIssueException
+
     WAFNonexistentItemException.add_member(:message, Shapes::ShapeRef.new(shape: ErrorMessage, location_name: "Message"))
     WAFNonexistentItemException.struct_class = Types::WAFNonexistentItemException
 
@@ -1193,6 +1224,7 @@ module Aws::WAFV2
     WebACL.add_member(:managed_by_firewall_manager, Shapes::ShapeRef.new(shape: Boolean, location_name: "ManagedByFirewallManager"))
     WebACL.add_member(:label_namespace, Shapes::ShapeRef.new(shape: LabelName, location_name: "LabelNamespace"))
     WebACL.add_member(:custom_response_bodies, Shapes::ShapeRef.new(shape: CustomResponseBodies, location_name: "CustomResponseBodies"))
+    WebACL.add_member(:captcha_config, Shapes::ShapeRef.new(shape: CaptchaConfig, location_name: "CaptchaConfig"))
     WebACL.struct_class = Types::WebACL
 
     WebACLSummaries.member = Shapes::ShapeRef.new(shape: WebACLSummary)
@@ -1700,6 +1732,7 @@ module Aws::WAFV2
         o.errors << Shapes::ShapeRef.new(shape: WAFInvalidParameterException)
         o.errors << Shapes::ShapeRef.new(shape: WAFInvalidOperationException)
         o.errors << Shapes::ShapeRef.new(shape: WAFLimitsExceededException)
+        o.errors << Shapes::ShapeRef.new(shape: WAFLogDestinationPermissionIssueException)
       end)
 
       api.add_operation(:put_managed_rule_set_versions, Seahorse::Model::Operation.new.tap do |o|

data/lib/aws-sdk-wafv2/errors.rb

@@ -36,6 +36,7 @@ module Aws::WAFV2
   # * {WAFInvalidPermissionPolicyException}
   # * {WAFInvalidResourceException}
   # * {WAFLimitsExceededException}
+  # * {WAFLogDestinationPermissionIssueException}
   # * {WAFNonexistentItemException}
   # * {WAFOptimisticLockException}
   # * {WAFServiceLinkedRoleErrorException}
@@ -200,6 +201,21 @@ module Aws::WAFV2
       end
     end
 
+    class WAFLogDestinationPermissionIssueException < ServiceError
+
+      # @param [Seahorse::Client::RequestContext] context
+      # @param [String] message
+      # @param [Aws::WAFV2::Types::WAFLogDestinationPermissionIssueException] data
+      def initialize(context, message, data = Aws::EmptyStructure.new)
+        super(context, message, data)
+      end
+
+      # @return [String]
+      def message
+        @message || @data[:message]
+      end
+    end
+
     class WAFNonexistentItemException < ServiceError
 
       # @param [Seahorse::Client::RequestContext] context