aws-sdk-wafv2 1.39.0 → 1.40.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG.md +5 -0
- data/VERSION +1 -1
- data/lib/aws-sdk-wafv2/client.rb +16 -4
- data/lib/aws-sdk-wafv2/client_api.rb +2 -0
- data/lib/aws-sdk-wafv2/types.rb +107 -88
- data/lib/aws-sdk-wafv2.rb +1 -1
- metadata +2 -2
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 4855a0e2977f335d6c1140cd0f82c060f271d768115ca22040c0ebc6d3e66910
|
4
|
+
data.tar.gz: 94864a8664f62a351becbbd152a65bbf3ef59eeda88ccf74c0fef1ca2cc4f3e0
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: d625cd9710e00169c4325b34dae5673af20a5aae346087dcb82a09a83223700aa605c488839cd7678911d9029e8227b60f61c2f066cbcbe4f72609c579acfff2
|
7
|
+
data.tar.gz: e399714ade4f8ee4402d179f35e45dd362d87d86307a31849689f1aa06aa0d029b6daf9edea06ad9dc689a9ff4aff038e5395b79af2f61221cbb0a59ac691b12
|
data/CHANGELOG.md
CHANGED
data/VERSION
CHANGED
@@ -1 +1 @@
|
|
1
|
-
1.
|
1
|
+
1.40.0
|
data/lib/aws-sdk-wafv2/client.rb
CHANGED
@@ -586,6 +586,7 @@ module Aws::WAFV2
|
|
586
586
|
# type: "NONE", # required, accepts NONE, COMPRESS_WHITE_SPACE, HTML_ENTITY_DECODE, LOWERCASE, CMD_LINE, URL_DECODE, BASE64_DECODE, HEX_DECODE, MD5, REPLACE_COMMENTS, ESCAPE_SEQ_DECODE, SQL_HEX_DECODE, CSS_DECODE, JS_DECODE, NORMALIZE_PATH, NORMALIZE_PATH_WIN, REMOVE_NULLS, REPLACE_NULLS, BASE64_DECODE_EXT, URL_DECODE_UNI, UTF8_TO_UNICODE
|
587
587
|
# },
|
588
588
|
# ],
|
589
|
+
# sensitivity_level: "LOW", # accepts LOW, HIGH
|
589
590
|
# },
|
590
591
|
# xss_match_statement: {
|
591
592
|
# field_to_match: { # required
|
@@ -1383,6 +1384,7 @@ module Aws::WAFV2
|
|
1383
1384
|
# type: "NONE", # required, accepts NONE, COMPRESS_WHITE_SPACE, HTML_ENTITY_DECODE, LOWERCASE, CMD_LINE, URL_DECODE, BASE64_DECODE, HEX_DECODE, MD5, REPLACE_COMMENTS, ESCAPE_SEQ_DECODE, SQL_HEX_DECODE, CSS_DECODE, JS_DECODE, NORMALIZE_PATH, NORMALIZE_PATH_WIN, REMOVE_NULLS, REPLACE_NULLS, BASE64_DECODE_EXT, URL_DECODE_UNI, UTF8_TO_UNICODE
|
1384
1385
|
# },
|
1385
1386
|
# ],
|
1387
|
+
# sensitivity_level: "LOW", # accepts LOW, HIGH
|
1386
1388
|
# },
|
1387
1389
|
# xss_match_statement: {
|
1388
1390
|
# field_to_match: { # required
|
@@ -2040,6 +2042,7 @@ module Aws::WAFV2
|
|
2040
2042
|
# type: "NONE", # required, accepts NONE, COMPRESS_WHITE_SPACE, HTML_ENTITY_DECODE, LOWERCASE, CMD_LINE, URL_DECODE, BASE64_DECODE, HEX_DECODE, MD5, REPLACE_COMMENTS, ESCAPE_SEQ_DECODE, SQL_HEX_DECODE, CSS_DECODE, JS_DECODE, NORMALIZE_PATH, NORMALIZE_PATH_WIN, REMOVE_NULLS, REPLACE_NULLS, BASE64_DECODE_EXT, URL_DECODE_UNI, UTF8_TO_UNICODE
|
2041
2043
|
# },
|
2042
2044
|
# ],
|
2045
|
+
# sensitivity_level: "LOW", # accepts LOW, HIGH
|
2043
2046
|
# },
|
2044
2047
|
# xss_match_statement: {
|
2045
2048
|
# field_to_match: { # required
|
@@ -3510,6 +3513,7 @@ module Aws::WAFV2
|
|
3510
3513
|
# resp.rule_group.rules[0].statement.sqli_match_statement.text_transformations #=> Array
|
3511
3514
|
# resp.rule_group.rules[0].statement.sqli_match_statement.text_transformations[0].priority #=> Integer
|
3512
3515
|
# resp.rule_group.rules[0].statement.sqli_match_statement.text_transformations[0].type #=> String, one of "NONE", "COMPRESS_WHITE_SPACE", "HTML_ENTITY_DECODE", "LOWERCASE", "CMD_LINE", "URL_DECODE", "BASE64_DECODE", "HEX_DECODE", "MD5", "REPLACE_COMMENTS", "ESCAPE_SEQ_DECODE", "SQL_HEX_DECODE", "CSS_DECODE", "JS_DECODE", "NORMALIZE_PATH", "NORMALIZE_PATH_WIN", "REMOVE_NULLS", "REPLACE_NULLS", "BASE64_DECODE_EXT", "URL_DECODE_UNI", "UTF8_TO_UNICODE"
|
3516
|
+
# resp.rule_group.rules[0].statement.sqli_match_statement.sensitivity_level #=> String, one of "LOW", "HIGH"
|
3513
3517
|
# resp.rule_group.rules[0].statement.xss_match_statement.field_to_match.single_header.name #=> String
|
3514
3518
|
# resp.rule_group.rules[0].statement.xss_match_statement.field_to_match.single_query_argument.name #=> String
|
3515
3519
|
# resp.rule_group.rules[0].statement.xss_match_statement.field_to_match.body.oversize_handling #=> String, one of "CONTINUE", "MATCH", "NO_MATCH"
|
@@ -3896,6 +3900,7 @@ module Aws::WAFV2
|
|
3896
3900
|
# resp.web_acl.rules[0].statement.sqli_match_statement.text_transformations #=> Array
|
3897
3901
|
# resp.web_acl.rules[0].statement.sqli_match_statement.text_transformations[0].priority #=> Integer
|
3898
3902
|
# resp.web_acl.rules[0].statement.sqli_match_statement.text_transformations[0].type #=> String, one of "NONE", "COMPRESS_WHITE_SPACE", "HTML_ENTITY_DECODE", "LOWERCASE", "CMD_LINE", "URL_DECODE", "BASE64_DECODE", "HEX_DECODE", "MD5", "REPLACE_COMMENTS", "ESCAPE_SEQ_DECODE", "SQL_HEX_DECODE", "CSS_DECODE", "JS_DECODE", "NORMALIZE_PATH", "NORMALIZE_PATH_WIN", "REMOVE_NULLS", "REPLACE_NULLS", "BASE64_DECODE_EXT", "URL_DECODE_UNI", "UTF8_TO_UNICODE"
|
3903
|
+
# resp.web_acl.rules[0].statement.sqli_match_statement.sensitivity_level #=> String, one of "LOW", "HIGH"
|
3899
3904
|
# resp.web_acl.rules[0].statement.xss_match_statement.field_to_match.single_header.name #=> String
|
3900
3905
|
# resp.web_acl.rules[0].statement.xss_match_statement.field_to_match.single_query_argument.name #=> String
|
3901
3906
|
# resp.web_acl.rules[0].statement.xss_match_statement.field_to_match.body.oversize_handling #=> String, one of "CONTINUE", "MATCH", "NO_MATCH"
|
@@ -4109,6 +4114,7 @@ module Aws::WAFV2
|
|
4109
4114
|
# resp.web_acl.pre_process_firewall_manager_rule_groups[0].firewall_manager_statement.managed_rule_group_statement.scope_down_statement.sqli_match_statement.text_transformations #=> Array
|
4110
4115
|
# resp.web_acl.pre_process_firewall_manager_rule_groups[0].firewall_manager_statement.managed_rule_group_statement.scope_down_statement.sqli_match_statement.text_transformations[0].priority #=> Integer
|
4111
4116
|
# resp.web_acl.pre_process_firewall_manager_rule_groups[0].firewall_manager_statement.managed_rule_group_statement.scope_down_statement.sqli_match_statement.text_transformations[0].type #=> String, one of "NONE", "COMPRESS_WHITE_SPACE", "HTML_ENTITY_DECODE", "LOWERCASE", "CMD_LINE", "URL_DECODE", "BASE64_DECODE", "HEX_DECODE", "MD5", "REPLACE_COMMENTS", "ESCAPE_SEQ_DECODE", "SQL_HEX_DECODE", "CSS_DECODE", "JS_DECODE", "NORMALIZE_PATH", "NORMALIZE_PATH_WIN", "REMOVE_NULLS", "REPLACE_NULLS", "BASE64_DECODE_EXT", "URL_DECODE_UNI", "UTF8_TO_UNICODE"
|
4117
|
+
# resp.web_acl.pre_process_firewall_manager_rule_groups[0].firewall_manager_statement.managed_rule_group_statement.scope_down_statement.sqli_match_statement.sensitivity_level #=> String, one of "LOW", "HIGH"
|
4112
4118
|
# resp.web_acl.pre_process_firewall_manager_rule_groups[0].firewall_manager_statement.managed_rule_group_statement.scope_down_statement.xss_match_statement.field_to_match.single_header.name #=> String
|
4113
4119
|
# resp.web_acl.pre_process_firewall_manager_rule_groups[0].firewall_manager_statement.managed_rule_group_statement.scope_down_statement.xss_match_statement.field_to_match.single_query_argument.name #=> String
|
4114
4120
|
# resp.web_acl.pre_process_firewall_manager_rule_groups[0].firewall_manager_statement.managed_rule_group_statement.scope_down_statement.xss_match_statement.field_to_match.body.oversize_handling #=> String, one of "CONTINUE", "MATCH", "NO_MATCH"
|
@@ -4299,6 +4305,7 @@ module Aws::WAFV2
|
|
4299
4305
|
# resp.web_acl.post_process_firewall_manager_rule_groups[0].firewall_manager_statement.managed_rule_group_statement.scope_down_statement.sqli_match_statement.text_transformations #=> Array
|
4300
4306
|
# resp.web_acl.post_process_firewall_manager_rule_groups[0].firewall_manager_statement.managed_rule_group_statement.scope_down_statement.sqli_match_statement.text_transformations[0].priority #=> Integer
|
4301
4307
|
# resp.web_acl.post_process_firewall_manager_rule_groups[0].firewall_manager_statement.managed_rule_group_statement.scope_down_statement.sqli_match_statement.text_transformations[0].type #=> String, one of "NONE", "COMPRESS_WHITE_SPACE", "HTML_ENTITY_DECODE", "LOWERCASE", "CMD_LINE", "URL_DECODE", "BASE64_DECODE", "HEX_DECODE", "MD5", "REPLACE_COMMENTS", "ESCAPE_SEQ_DECODE", "SQL_HEX_DECODE", "CSS_DECODE", "JS_DECODE", "NORMALIZE_PATH", "NORMALIZE_PATH_WIN", "REMOVE_NULLS", "REPLACE_NULLS", "BASE64_DECODE_EXT", "URL_DECODE_UNI", "UTF8_TO_UNICODE"
|
4308
|
+
# resp.web_acl.post_process_firewall_manager_rule_groups[0].firewall_manager_statement.managed_rule_group_statement.scope_down_statement.sqli_match_statement.sensitivity_level #=> String, one of "LOW", "HIGH"
|
4302
4309
|
# resp.web_acl.post_process_firewall_manager_rule_groups[0].firewall_manager_statement.managed_rule_group_statement.scope_down_statement.xss_match_statement.field_to_match.single_header.name #=> String
|
4303
4310
|
# resp.web_acl.post_process_firewall_manager_rule_groups[0].firewall_manager_statement.managed_rule_group_statement.scope_down_statement.xss_match_statement.field_to_match.single_query_argument.name #=> String
|
4304
4311
|
# resp.web_acl.post_process_firewall_manager_rule_groups[0].firewall_manager_statement.managed_rule_group_statement.scope_down_statement.xss_match_statement.field_to_match.body.oversize_handling #=> String, one of "CONTINUE", "MATCH", "NO_MATCH"
|
@@ -4531,6 +4538,7 @@ module Aws::WAFV2
|
|
4531
4538
|
# resp.web_acl.rules[0].statement.sqli_match_statement.text_transformations #=> Array
|
4532
4539
|
# resp.web_acl.rules[0].statement.sqli_match_statement.text_transformations[0].priority #=> Integer
|
4533
4540
|
# resp.web_acl.rules[0].statement.sqli_match_statement.text_transformations[0].type #=> String, one of "NONE", "COMPRESS_WHITE_SPACE", "HTML_ENTITY_DECODE", "LOWERCASE", "CMD_LINE", "URL_DECODE", "BASE64_DECODE", "HEX_DECODE", "MD5", "REPLACE_COMMENTS", "ESCAPE_SEQ_DECODE", "SQL_HEX_DECODE", "CSS_DECODE", "JS_DECODE", "NORMALIZE_PATH", "NORMALIZE_PATH_WIN", "REMOVE_NULLS", "REPLACE_NULLS", "BASE64_DECODE_EXT", "URL_DECODE_UNI", "UTF8_TO_UNICODE"
|
4541
|
+
# resp.web_acl.rules[0].statement.sqli_match_statement.sensitivity_level #=> String, one of "LOW", "HIGH"
|
4534
4542
|
# resp.web_acl.rules[0].statement.xss_match_statement.field_to_match.single_header.name #=> String
|
4535
4543
|
# resp.web_acl.rules[0].statement.xss_match_statement.field_to_match.single_query_argument.name #=> String
|
4536
4544
|
# resp.web_acl.rules[0].statement.xss_match_statement.field_to_match.body.oversize_handling #=> String, one of "CONTINUE", "MATCH", "NO_MATCH"
|
@@ -4744,6 +4752,7 @@ module Aws::WAFV2
|
|
4744
4752
|
# resp.web_acl.pre_process_firewall_manager_rule_groups[0].firewall_manager_statement.managed_rule_group_statement.scope_down_statement.sqli_match_statement.text_transformations #=> Array
|
4745
4753
|
# resp.web_acl.pre_process_firewall_manager_rule_groups[0].firewall_manager_statement.managed_rule_group_statement.scope_down_statement.sqli_match_statement.text_transformations[0].priority #=> Integer
|
4746
4754
|
# resp.web_acl.pre_process_firewall_manager_rule_groups[0].firewall_manager_statement.managed_rule_group_statement.scope_down_statement.sqli_match_statement.text_transformations[0].type #=> String, one of "NONE", "COMPRESS_WHITE_SPACE", "HTML_ENTITY_DECODE", "LOWERCASE", "CMD_LINE", "URL_DECODE", "BASE64_DECODE", "HEX_DECODE", "MD5", "REPLACE_COMMENTS", "ESCAPE_SEQ_DECODE", "SQL_HEX_DECODE", "CSS_DECODE", "JS_DECODE", "NORMALIZE_PATH", "NORMALIZE_PATH_WIN", "REMOVE_NULLS", "REPLACE_NULLS", "BASE64_DECODE_EXT", "URL_DECODE_UNI", "UTF8_TO_UNICODE"
|
4755
|
+
# resp.web_acl.pre_process_firewall_manager_rule_groups[0].firewall_manager_statement.managed_rule_group_statement.scope_down_statement.sqli_match_statement.sensitivity_level #=> String, one of "LOW", "HIGH"
|
4747
4756
|
# resp.web_acl.pre_process_firewall_manager_rule_groups[0].firewall_manager_statement.managed_rule_group_statement.scope_down_statement.xss_match_statement.field_to_match.single_header.name #=> String
|
4748
4757
|
# resp.web_acl.pre_process_firewall_manager_rule_groups[0].firewall_manager_statement.managed_rule_group_statement.scope_down_statement.xss_match_statement.field_to_match.single_query_argument.name #=> String
|
4749
4758
|
# resp.web_acl.pre_process_firewall_manager_rule_groups[0].firewall_manager_statement.managed_rule_group_statement.scope_down_statement.xss_match_statement.field_to_match.body.oversize_handling #=> String, one of "CONTINUE", "MATCH", "NO_MATCH"
|
@@ -4934,6 +4943,7 @@ module Aws::WAFV2
|
|
4934
4943
|
# resp.web_acl.post_process_firewall_manager_rule_groups[0].firewall_manager_statement.managed_rule_group_statement.scope_down_statement.sqli_match_statement.text_transformations #=> Array
|
4935
4944
|
# resp.web_acl.post_process_firewall_manager_rule_groups[0].firewall_manager_statement.managed_rule_group_statement.scope_down_statement.sqli_match_statement.text_transformations[0].priority #=> Integer
|
4936
4945
|
# resp.web_acl.post_process_firewall_manager_rule_groups[0].firewall_manager_statement.managed_rule_group_statement.scope_down_statement.sqli_match_statement.text_transformations[0].type #=> String, one of "NONE", "COMPRESS_WHITE_SPACE", "HTML_ENTITY_DECODE", "LOWERCASE", "CMD_LINE", "URL_DECODE", "BASE64_DECODE", "HEX_DECODE", "MD5", "REPLACE_COMMENTS", "ESCAPE_SEQ_DECODE", "SQL_HEX_DECODE", "CSS_DECODE", "JS_DECODE", "NORMALIZE_PATH", "NORMALIZE_PATH_WIN", "REMOVE_NULLS", "REPLACE_NULLS", "BASE64_DECODE_EXT", "URL_DECODE_UNI", "UTF8_TO_UNICODE"
|
4946
|
+
# resp.web_acl.post_process_firewall_manager_rule_groups[0].firewall_manager_statement.managed_rule_group_statement.scope_down_statement.sqli_match_statement.sensitivity_level #=> String, one of "LOW", "HIGH"
|
4937
4947
|
# resp.web_acl.post_process_firewall_manager_rule_groups[0].firewall_manager_statement.managed_rule_group_statement.scope_down_statement.xss_match_statement.field_to_match.single_header.name #=> String
|
4938
4948
|
# resp.web_acl.post_process_firewall_manager_rule_groups[0].firewall_manager_statement.managed_rule_group_statement.scope_down_statement.xss_match_statement.field_to_match.single_query_argument.name #=> String
|
4939
4949
|
# resp.web_acl.post_process_firewall_manager_rule_groups[0].firewall_manager_statement.managed_rule_group_statement.scope_down_statement.xss_match_statement.field_to_match.body.oversize_handling #=> String, one of "CONTINUE", "MATCH", "NO_MATCH"
|
@@ -6323,8 +6333,8 @@ module Aws::WAFV2
|
|
6323
6333
|
|
6324
6334
|
# Updates the expiration information for your managed rule set. Use this
|
6325
6335
|
# to initiate the expiration of a managed rule group version. After you
|
6326
|
-
# initiate expiration for a version, WAF excludes it from the
|
6327
|
-
# ListAvailableManagedRuleGroupVersions for the managed rule group.
|
6336
|
+
# initiate expiration for a version, WAF excludes it from the response
|
6337
|
+
# to ListAvailableManagedRuleGroupVersions for the managed rule group.
|
6328
6338
|
#
|
6329
6339
|
# <note markdown="1"> This is intended for use only by vendors of managed rule sets. Vendors
|
6330
6340
|
# are Amazon Web Services and Amazon Web Services Marketplace sellers.
|
@@ -6737,6 +6747,7 @@ module Aws::WAFV2
|
|
6737
6747
|
# type: "NONE", # required, accepts NONE, COMPRESS_WHITE_SPACE, HTML_ENTITY_DECODE, LOWERCASE, CMD_LINE, URL_DECODE, BASE64_DECODE, HEX_DECODE, MD5, REPLACE_COMMENTS, ESCAPE_SEQ_DECODE, SQL_HEX_DECODE, CSS_DECODE, JS_DECODE, NORMALIZE_PATH, NORMALIZE_PATH_WIN, REMOVE_NULLS, REPLACE_NULLS, BASE64_DECODE_EXT, URL_DECODE_UNI, UTF8_TO_UNICODE
|
6738
6748
|
# },
|
6739
6749
|
# ],
|
6750
|
+
# sensitivity_level: "LOW", # accepts LOW, HIGH
|
6740
6751
|
# },
|
6741
6752
|
# xss_match_statement: {
|
6742
6753
|
# field_to_match: { # required
|
@@ -7156,7 +7167,7 @@ module Aws::WAFV2
|
|
7156
7167
|
end
|
7157
7168
|
|
7158
7169
|
# Updates the specified WebACL. While updating a web ACL, WAF provides
|
7159
|
-
#
|
7170
|
+
# continuous coverage to the resources that you have associated with the
|
7160
7171
|
# web ACL.
|
7161
7172
|
#
|
7162
7173
|
# When you make changes to web ACLs or web ACL components, like rules
|
@@ -7422,6 +7433,7 @@ module Aws::WAFV2
|
|
7422
7433
|
# type: "NONE", # required, accepts NONE, COMPRESS_WHITE_SPACE, HTML_ENTITY_DECODE, LOWERCASE, CMD_LINE, URL_DECODE, BASE64_DECODE, HEX_DECODE, MD5, REPLACE_COMMENTS, ESCAPE_SEQ_DECODE, SQL_HEX_DECODE, CSS_DECODE, JS_DECODE, NORMALIZE_PATH, NORMALIZE_PATH_WIN, REMOVE_NULLS, REPLACE_NULLS, BASE64_DECODE_EXT, URL_DECODE_UNI, UTF8_TO_UNICODE
|
7423
7434
|
# },
|
7424
7435
|
# ],
|
7436
|
+
# sensitivity_level: "LOW", # accepts LOW, HIGH
|
7425
7437
|
# },
|
7426
7438
|
# xss_match_statement: {
|
7427
7439
|
# field_to_match: { # required
|
@@ -7858,7 +7870,7 @@ module Aws::WAFV2
|
|
7858
7870
|
params: params,
|
7859
7871
|
config: config)
|
7860
7872
|
context[:gem_name] = 'aws-sdk-wafv2'
|
7861
|
-
context[:gem_version] = '1.
|
7873
|
+
context[:gem_version] = '1.40.0'
|
7862
7874
|
Seahorse::Client::Request.new(handlers, context)
|
7863
7875
|
end
|
7864
7876
|
|
@@ -267,6 +267,7 @@ module Aws::WAFV2
|
|
267
267
|
SampledHTTPRequests = Shapes::ListShape.new(name: 'SampledHTTPRequests')
|
268
268
|
Scope = Shapes::StringShape.new(name: 'Scope')
|
269
269
|
SearchString = Shapes::BlobShape.new(name: 'SearchString')
|
270
|
+
SensitivityLevel = Shapes::StringShape.new(name: 'SensitivityLevel')
|
270
271
|
SingleCookieName = Shapes::StringShape.new(name: 'SingleCookieName')
|
271
272
|
SingleHeader = Shapes::StructureShape.new(name: 'SingleHeader')
|
272
273
|
SingleQueryArgument = Shapes::StructureShape.new(name: 'SingleQueryArgument')
|
@@ -1133,6 +1134,7 @@ module Aws::WAFV2
|
|
1133
1134
|
|
1134
1135
|
SqliMatchStatement.add_member(:field_to_match, Shapes::ShapeRef.new(shape: FieldToMatch, required: true, location_name: "FieldToMatch"))
|
1135
1136
|
SqliMatchStatement.add_member(:text_transformations, Shapes::ShapeRef.new(shape: TextTransformations, required: true, location_name: "TextTransformations"))
|
1137
|
+
SqliMatchStatement.add_member(:sensitivity_level, Shapes::ShapeRef.new(shape: SensitivityLevel, location_name: "SensitivityLevel"))
|
1136
1138
|
SqliMatchStatement.struct_class = Types::SqliMatchStatement
|
1137
1139
|
|
1138
1140
|
Statement.add_member(:byte_match_statement, Shapes::ShapeRef.new(shape: ByteMatchStatement, location_name: "ByteMatchStatement"))
|
data/lib/aws-sdk-wafv2/types.rb
CHANGED
@@ -226,6 +226,7 @@ module Aws::WAFV2
|
|
226
226
|
# type: "NONE", # required, accepts NONE, COMPRESS_WHITE_SPACE, HTML_ENTITY_DECODE, LOWERCASE, CMD_LINE, URL_DECODE, BASE64_DECODE, HEX_DECODE, MD5, REPLACE_COMMENTS, ESCAPE_SEQ_DECODE, SQL_HEX_DECODE, CSS_DECODE, JS_DECODE, NORMALIZE_PATH, NORMALIZE_PATH_WIN, REMOVE_NULLS, REPLACE_NULLS, BASE64_DECODE_EXT, URL_DECODE_UNI, UTF8_TO_UNICODE
|
227
227
|
# },
|
228
228
|
# ],
|
229
|
+
# sensitivity_level: "LOW", # accepts LOW, HIGH
|
229
230
|
# },
|
230
231
|
# xss_match_statement: {
|
231
232
|
# field_to_match: { # required
|
@@ -643,8 +644,8 @@ module Aws::WAFV2
|
|
643
644
|
# Inspect the body of the web request. The body immediately follows the
|
644
645
|
# request headers.
|
645
646
|
#
|
646
|
-
# This is used to indicate the web request component
|
647
|
-
#
|
647
|
+
# This is used to indicate the web request component to inspect, in the
|
648
|
+
# FieldToMatch specification.
|
648
649
|
#
|
649
650
|
# @note When making an API call, you may pass Body
|
650
651
|
# data as a hash:
|
@@ -691,7 +692,7 @@ module Aws::WAFV2
|
|
691
692
|
# for, the location in requests that you want WAF to search, and other
|
692
693
|
# settings. The bytes to search for are typically a string that
|
693
694
|
# corresponds with ASCII characters. In the WAF console and the
|
694
|
-
# developer guide, this is
|
695
|
+
# developer guide, this is called a string match statement.
|
695
696
|
#
|
696
697
|
# @note When making an API call, you may pass ByteMatchStatement
|
697
698
|
# data as a hash:
|
@@ -791,8 +792,7 @@ module Aws::WAFV2
|
|
791
792
|
# @return [String]
|
792
793
|
#
|
793
794
|
# @!attribute [rw] field_to_match
|
794
|
-
# The part of the web request that you want WAF to inspect.
|
795
|
-
# information, see FieldToMatch.
|
795
|
+
# The part of the web request that you want WAF to inspect.
|
796
796
|
# @return [Types::FieldToMatch]
|
797
797
|
#
|
798
798
|
# @!attribute [rw] text_transformations
|
@@ -885,9 +885,6 @@ module Aws::WAFV2
|
|
885
885
|
# This action option is available for rules. It isn't available for web
|
886
886
|
# ACL default actions.
|
887
887
|
#
|
888
|
-
# This is used in the context of other settings, for example to specify
|
889
|
-
# values for RuleAction and web ACL DefaultAction.
|
890
|
-
#
|
891
888
|
# @note When making an API call, you may pass CaptchaAction
|
892
889
|
# data as a hash:
|
893
890
|
#
|
@@ -1102,6 +1099,7 @@ module Aws::WAFV2
|
|
1102
1099
|
# type: "NONE", # required, accepts NONE, COMPRESS_WHITE_SPACE, HTML_ENTITY_DECODE, LOWERCASE, CMD_LINE, URL_DECODE, BASE64_DECODE, HEX_DECODE, MD5, REPLACE_COMMENTS, ESCAPE_SEQ_DECODE, SQL_HEX_DECODE, CSS_DECODE, JS_DECODE, NORMALIZE_PATH, NORMALIZE_PATH_WIN, REMOVE_NULLS, REPLACE_NULLS, BASE64_DECODE_EXT, URL_DECODE_UNI, UTF8_TO_UNICODE
|
1103
1100
|
# },
|
1104
1101
|
# ],
|
1102
|
+
# sensitivity_level: "LOW", # accepts LOW, HIGH
|
1105
1103
|
# },
|
1106
1104
|
# xss_match_statement: {
|
1107
1105
|
# field_to_match: { # required
|
@@ -1551,11 +1549,16 @@ module Aws::WAFV2
|
|
1551
1549
|
# }
|
1552
1550
|
#
|
1553
1551
|
# @!attribute [rw] action_condition
|
1554
|
-
# A single action condition.
|
1552
|
+
# A single action condition. This is the action setting that a log
|
1553
|
+
# record must contain in order to meet the condition.
|
1555
1554
|
# @return [Types::ActionCondition]
|
1556
1555
|
#
|
1557
1556
|
# @!attribute [rw] label_name_condition
|
1558
|
-
# A single label name condition.
|
1557
|
+
# A single label name condition. This is the fully qualified label
|
1558
|
+
# name that a log record must contain in order to meet the condition.
|
1559
|
+
# Fully qualified labels have a prefix, optional namespaces, and label
|
1560
|
+
# name. The prefix identifies the rule group or web ACL context of the
|
1561
|
+
# rule that added the label.
|
1559
1562
|
# @return [Types::LabelNameCondition]
|
1560
1563
|
#
|
1561
1564
|
# @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/Condition AWS API Documentation
|
@@ -1573,7 +1576,7 @@ module Aws::WAFV2
|
|
1573
1576
|
# You must specify exactly one setting: either `All`, `IncludedCookies`,
|
1574
1577
|
# or `ExcludedCookies`.
|
1575
1578
|
#
|
1576
|
-
# Example JSON: `"
|
1579
|
+
# Example JSON: `"MatchPattern": \{ "IncludedCookies":
|
1577
1580
|
# \{"KeyToInclude1", "KeyToInclude2", "KeyToInclude3"\} \}`
|
1578
1581
|
#
|
1579
1582
|
# @note When making an API call, you may pass CookieMatchPattern
|
@@ -1614,8 +1617,8 @@ module Aws::WAFV2
|
|
1614
1617
|
# the cookies to inspect and you can narrow the set of cookies to
|
1615
1618
|
# inspect by including or excluding specific keys.
|
1616
1619
|
#
|
1617
|
-
# This is used to indicate the web request component
|
1618
|
-
#
|
1620
|
+
# This is used to indicate the web request component to inspect, in the
|
1621
|
+
# FieldToMatch specification.
|
1619
1622
|
#
|
1620
1623
|
# Example JSON: `"Cookies": \{ "MatchPattern": \{ "All": \{\} \},
|
1621
1624
|
# "MatchScope": "KEY", "OversizeHandling": "MATCH" \}`
|
@@ -1641,7 +1644,7 @@ module Aws::WAFV2
|
|
1641
1644
|
# You must specify exactly one setting: either `All`,
|
1642
1645
|
# `IncludedCookies`, or `ExcludedCookies`.
|
1643
1646
|
#
|
1644
|
-
# Example JSON: `"
|
1647
|
+
# Example JSON: `"MatchPattern": \{ "IncludedCookies":
|
1645
1648
|
# \{"KeyToInclude1", "KeyToInclude2", "KeyToInclude3"\} \}`
|
1646
1649
|
# @return [Types::CookieMatchPattern]
|
1647
1650
|
#
|
@@ -2051,6 +2054,7 @@ module Aws::WAFV2
|
|
2051
2054
|
# type: "NONE", # required, accepts NONE, COMPRESS_WHITE_SPACE, HTML_ENTITY_DECODE, LOWERCASE, CMD_LINE, URL_DECODE, BASE64_DECODE, HEX_DECODE, MD5, REPLACE_COMMENTS, ESCAPE_SEQ_DECODE, SQL_HEX_DECODE, CSS_DECODE, JS_DECODE, NORMALIZE_PATH, NORMALIZE_PATH_WIN, REMOVE_NULLS, REPLACE_NULLS, BASE64_DECODE_EXT, URL_DECODE_UNI, UTF8_TO_UNICODE
|
2052
2055
|
# },
|
2053
2056
|
# ],
|
2057
|
+
# sensitivity_level: "LOW", # accepts LOW, HIGH
|
2054
2058
|
# },
|
2055
2059
|
# xss_match_statement: {
|
2056
2060
|
# field_to_match: { # required
|
@@ -2722,6 +2726,7 @@ module Aws::WAFV2
|
|
2722
2726
|
# type: "NONE", # required, accepts NONE, COMPRESS_WHITE_SPACE, HTML_ENTITY_DECODE, LOWERCASE, CMD_LINE, URL_DECODE, BASE64_DECODE, HEX_DECODE, MD5, REPLACE_COMMENTS, ESCAPE_SEQ_DECODE, SQL_HEX_DECODE, CSS_DECODE, JS_DECODE, NORMALIZE_PATH, NORMALIZE_PATH_WIN, REMOVE_NULLS, REPLACE_NULLS, BASE64_DECODE_EXT, URL_DECODE_UNI, UTF8_TO_UNICODE
|
2723
2727
|
# },
|
2724
2728
|
# ],
|
2729
|
+
# sensitivity_level: "LOW", # accepts LOW, HIGH
|
2725
2730
|
# },
|
2726
2731
|
# xss_match_statement: {
|
2727
2732
|
# field_to_match: { # required
|
@@ -3352,7 +3357,7 @@ module Aws::WAFV2
|
|
3352
3357
|
# The HTTP status code to return to the client.
|
3353
3358
|
#
|
3354
3359
|
# For a list of status codes that you can use in your custom
|
3355
|
-
#
|
3360
|
+
# responses, see [Supported status codes for custom response][1] in
|
3356
3361
|
# the [WAF Developer Guide][2].
|
3357
3362
|
#
|
3358
3363
|
#
|
@@ -5250,7 +5255,7 @@ module Aws::WAFV2
|
|
5250
5255
|
# You must specify exactly one setting: either `All`, `IncludedHeaders`,
|
5251
5256
|
# or `ExcludedHeaders`.
|
5252
5257
|
#
|
5253
|
-
# Example JSON: `"
|
5258
|
+
# Example JSON: `"MatchPattern": \{ "ExcludedHeaders":
|
5254
5259
|
# \{"KeyToExclude1", "KeyToExclude2"\} \}`
|
5255
5260
|
#
|
5256
5261
|
# @note When making an API call, you may pass HeaderMatchPattern
|
@@ -5287,15 +5292,15 @@ module Aws::WAFV2
|
|
5287
5292
|
include Aws::Structure
|
5288
5293
|
end
|
5289
5294
|
|
5290
|
-
# Inspect
|
5295
|
+
# Inspect all headers in the web request. You can specify the parts of
|
5291
5296
|
# the headers to inspect and you can narrow the set of headers to
|
5292
5297
|
# inspect by including or excluding specific keys.
|
5293
5298
|
#
|
5294
|
-
# This is used to indicate the web request component
|
5295
|
-
#
|
5299
|
+
# This is used to indicate the web request component to inspect, in the
|
5300
|
+
# FieldToMatch specification.
|
5296
5301
|
#
|
5297
|
-
#
|
5298
|
-
#
|
5302
|
+
# If you want to inspect just the value of a single header, use the
|
5303
|
+
# `SingleHeader` `FieldToMatch` setting instead.
|
5299
5304
|
#
|
5300
5305
|
# Example JSON: `"Headers": \{ "MatchPattern": \{ "All": \{\} \},
|
5301
5306
|
# "MatchScope": "KEY", "OversizeHandling": "MATCH" \}`
|
@@ -5321,7 +5326,7 @@ module Aws::WAFV2
|
|
5321
5326
|
# You must specify exactly one setting: either `All`,
|
5322
5327
|
# `IncludedHeaders`, or `ExcludedHeaders`.
|
5323
5328
|
#
|
5324
|
-
# Example JSON: `"
|
5329
|
+
# Example JSON: `"MatchPattern": \{ "ExcludedHeaders":
|
5325
5330
|
# \{"KeyToExclude1", "KeyToExclude2"\} \}`
|
5326
5331
|
# @return [Types::HeaderMatchPattern]
|
5327
5332
|
#
|
@@ -5658,8 +5663,8 @@ module Aws::WAFV2
|
|
5658
5663
|
# Inspect the body of the web request as JSON. The body immediately
|
5659
5664
|
# follows the request headers.
|
5660
5665
|
#
|
5661
|
-
# This is used to indicate the web request component
|
5662
|
-
#
|
5666
|
+
# This is used to indicate the web request component to inspect, in the
|
5667
|
+
# FieldToMatch specification.
|
5663
5668
|
#
|
5664
5669
|
# Use the specifications in this object to indicate which parts of the
|
5665
5670
|
# JSON body to inspect using the rule's inspection criteria. WAF
|
@@ -7077,6 +7082,7 @@ module Aws::WAFV2
|
|
7077
7082
|
# type: "NONE", # required, accepts NONE, COMPRESS_WHITE_SPACE, HTML_ENTITY_DECODE, LOWERCASE, CMD_LINE, URL_DECODE, BASE64_DECODE, HEX_DECODE, MD5, REPLACE_COMMENTS, ESCAPE_SEQ_DECODE, SQL_HEX_DECODE, CSS_DECODE, JS_DECODE, NORMALIZE_PATH, NORMALIZE_PATH_WIN, REMOVE_NULLS, REPLACE_NULLS, BASE64_DECODE_EXT, URL_DECODE_UNI, UTF8_TO_UNICODE
|
7078
7083
|
# },
|
7079
7084
|
# ],
|
7085
|
+
# sensitivity_level: "LOW", # accepts LOW, HIGH
|
7080
7086
|
# },
|
7081
7087
|
# xss_match_statement: {
|
7082
7088
|
# field_to_match: { # required
|
@@ -7954,6 +7960,7 @@ module Aws::WAFV2
|
|
7954
7960
|
# type: "NONE", # required, accepts NONE, COMPRESS_WHITE_SPACE, HTML_ENTITY_DECODE, LOWERCASE, CMD_LINE, URL_DECODE, BASE64_DECODE, HEX_DECODE, MD5, REPLACE_COMMENTS, ESCAPE_SEQ_DECODE, SQL_HEX_DECODE, CSS_DECODE, JS_DECODE, NORMALIZE_PATH, NORMALIZE_PATH_WIN, REMOVE_NULLS, REPLACE_NULLS, BASE64_DECODE_EXT, URL_DECODE_UNI, UTF8_TO_UNICODE
|
7955
7961
|
# },
|
7956
7962
|
# ],
|
7963
|
+
# sensitivity_level: "LOW", # accepts LOW, HIGH
|
7957
7964
|
# },
|
7958
7965
|
# xss_match_statement: {
|
7959
7966
|
# field_to_match: { # required
|
@@ -8409,6 +8416,7 @@ module Aws::WAFV2
|
|
8409
8416
|
# type: "NONE", # required, accepts NONE, COMPRESS_WHITE_SPACE, HTML_ENTITY_DECODE, LOWERCASE, CMD_LINE, URL_DECODE, BASE64_DECODE, HEX_DECODE, MD5, REPLACE_COMMENTS, ESCAPE_SEQ_DECODE, SQL_HEX_DECODE, CSS_DECODE, JS_DECODE, NORMALIZE_PATH, NORMALIZE_PATH_WIN, REMOVE_NULLS, REPLACE_NULLS, BASE64_DECODE_EXT, URL_DECODE_UNI, UTF8_TO_UNICODE
|
8410
8417
|
# },
|
8411
8418
|
# ],
|
8419
|
+
# sensitivity_level: "LOW", # accepts LOW, HIGH
|
8412
8420
|
# },
|
8413
8421
|
# xss_match_statement: {
|
8414
8422
|
# field_to_match: { # required
|
@@ -9120,11 +9128,11 @@ module Aws::WAFV2
|
|
9120
9128
|
# the string BadBot.
|
9121
9129
|
#
|
9122
9130
|
# In this rate-based rule, you also define a rate limit. For this
|
9123
|
-
# example, the rate limit is 1,000. Requests that meet
|
9124
|
-
#
|
9131
|
+
# example, the rate limit is 1,000. Requests that meet the criteria of
|
9132
|
+
# both of the nested statements are counted. If the count exceeds 1,000
|
9125
9133
|
# requests per five minutes, the rule action triggers. Requests that do
|
9126
|
-
# not meet
|
9127
|
-
# are not affected by this rule.
|
9134
|
+
# not meet the criteria of both of the nested statements are not counted
|
9135
|
+
# towards the rate limit and are not affected by this rule.
|
9128
9136
|
#
|
9129
9137
|
# You cannot nest a `RateBasedStatement` inside another statement, for
|
9130
9138
|
# example inside a `NotStatement` or `OrStatement`. You can define a
|
@@ -9252,6 +9260,7 @@ module Aws::WAFV2
|
|
9252
9260
|
# type: "NONE", # required, accepts NONE, COMPRESS_WHITE_SPACE, HTML_ENTITY_DECODE, LOWERCASE, CMD_LINE, URL_DECODE, BASE64_DECODE, HEX_DECODE, MD5, REPLACE_COMMENTS, ESCAPE_SEQ_DECODE, SQL_HEX_DECODE, CSS_DECODE, JS_DECODE, NORMALIZE_PATH, NORMALIZE_PATH_WIN, REMOVE_NULLS, REPLACE_NULLS, BASE64_DECODE_EXT, URL_DECODE_UNI, UTF8_TO_UNICODE
|
9253
9261
|
# },
|
9254
9262
|
# ],
|
9263
|
+
# sensitivity_level: "LOW", # accepts LOW, HIGH
|
9255
9264
|
# },
|
9256
9265
|
# xss_match_statement: {
|
9257
9266
|
# field_to_match: { # required
|
@@ -9737,8 +9746,7 @@ module Aws::WAFV2
|
|
9737
9746
|
# @return [String]
|
9738
9747
|
#
|
9739
9748
|
# @!attribute [rw] field_to_match
|
9740
|
-
# The part of the web request that you want WAF to inspect.
|
9741
|
-
# information, see FieldToMatch.
|
9749
|
+
# The part of the web request that you want WAF to inspect.
|
9742
9750
|
# @return [Types::FieldToMatch]
|
9743
9751
|
#
|
9744
9752
|
# @!attribute [rw] text_transformations
|
@@ -9881,8 +9889,7 @@ module Aws::WAFV2
|
|
9881
9889
|
# @return [String]
|
9882
9890
|
#
|
9883
9891
|
# @!attribute [rw] field_to_match
|
9884
|
-
# The part of the web request that you want WAF to inspect.
|
9885
|
-
# information, see FieldToMatch.
|
9892
|
+
# The part of the web request that you want WAF to inspect.
|
9886
9893
|
# @return [Types::FieldToMatch]
|
9887
9894
|
#
|
9888
9895
|
# @!attribute [rw] text_transformations
|
@@ -10099,6 +10106,7 @@ module Aws::WAFV2
|
|
10099
10106
|
# type: "NONE", # required, accepts NONE, COMPRESS_WHITE_SPACE, HTML_ENTITY_DECODE, LOWERCASE, CMD_LINE, URL_DECODE, BASE64_DECODE, HEX_DECODE, MD5, REPLACE_COMMENTS, ESCAPE_SEQ_DECODE, SQL_HEX_DECODE, CSS_DECODE, JS_DECODE, NORMALIZE_PATH, NORMALIZE_PATH_WIN, REMOVE_NULLS, REPLACE_NULLS, BASE64_DECODE_EXT, URL_DECODE_UNI, UTF8_TO_UNICODE
|
10100
10107
|
# },
|
10101
10108
|
# ],
|
10109
|
+
# sensitivity_level: "LOW", # accepts LOW, HIGH
|
10102
10110
|
# },
|
10103
10111
|
# xss_match_statement: {
|
10104
10112
|
# field_to_match: { # required
|
@@ -10996,8 +11004,8 @@ module Aws::WAFV2
|
|
10996
11004
|
# You can filter and inspect all headers with the `FieldToMatch` setting
|
10997
11005
|
# `Headers`.
|
10998
11006
|
#
|
10999
|
-
# This is used to indicate the web request component
|
11000
|
-
#
|
11007
|
+
# This is used to indicate the web request component to inspect, in the
|
11008
|
+
# FieldToMatch specification.
|
11001
11009
|
#
|
11002
11010
|
# Example JSON: `"SingleHeader": \{ "Name": "haystack" \}`
|
11003
11011
|
#
|
@@ -11023,8 +11031,8 @@ module Aws::WAFV2
|
|
11023
11031
|
# Inspect one query argument in the web request, identified by name, for
|
11024
11032
|
# example *UserName* or *SalesRegion*. The name isn't case sensitive.
|
11025
11033
|
#
|
11026
|
-
# This is used to indicate the web request component
|
11027
|
-
#
|
11034
|
+
# This is used to indicate the web request component to inspect, in the
|
11035
|
+
# FieldToMatch specification.
|
11028
11036
|
#
|
11029
11037
|
# Example JSON: `"SingleQueryArgument": \{ "Name": "myArgument" \}`
|
11030
11038
|
#
|
@@ -11054,8 +11062,8 @@ module Aws::WAFV2
|
|
11054
11062
|
#
|
11055
11063
|
# If you configure WAF to inspect the request body, WAF inspects only
|
11056
11064
|
# the first 8192 bytes (8 KB). If the request body for your web requests
|
11057
|
-
# never exceeds 8192 bytes, you
|
11058
|
-
#
|
11065
|
+
# never exceeds 8192 bytes, you could use a size constraint statement to
|
11066
|
+
# block requests that have a request body greater than 8192 bytes.
|
11059
11067
|
#
|
11060
11068
|
# If you choose URI for the value of Part of the request to filter on,
|
11061
11069
|
# the slash (/) in the URI counts as one character. For example, the URI
|
@@ -11125,8 +11133,7 @@ module Aws::WAFV2
|
|
11125
11133
|
# }
|
11126
11134
|
#
|
11127
11135
|
# @!attribute [rw] field_to_match
|
11128
|
-
# The part of the web request that you want WAF to inspect.
|
11129
|
-
# information, see FieldToMatch.
|
11136
|
+
# The part of the web request that you want WAF to inspect.
|
11130
11137
|
# @return [Types::FieldToMatch]
|
11131
11138
|
#
|
11132
11139
|
# @!attribute [rw] comparison_operator
|
@@ -11158,14 +11165,9 @@ module Aws::WAFV2
|
|
11158
11165
|
include Aws::Structure
|
11159
11166
|
end
|
11160
11167
|
|
11161
|
-
#
|
11162
|
-
#
|
11163
|
-
#
|
11164
|
-
# SQL injection match conditions. An SQL injection match condition
|
11165
|
-
# identifies the part of web requests, such as the URI or the query
|
11166
|
-
# string, that you want WAF to inspect. Later in the process, when you
|
11167
|
-
# create a web ACL, you specify whether to allow or block requests that
|
11168
|
-
# appear to contain malicious SQL code.
|
11168
|
+
# A rule statement that inspects for malicious SQL code. Attackers
|
11169
|
+
# insert malicious SQL code into web requests to do things like modify
|
11170
|
+
# your database or extract data from it.
|
11169
11171
|
#
|
11170
11172
|
# @note When making an API call, you may pass SqliMatchStatement
|
11171
11173
|
# data as a hash:
|
@@ -11226,11 +11228,11 @@ module Aws::WAFV2
|
|
11226
11228
|
# type: "NONE", # required, accepts NONE, COMPRESS_WHITE_SPACE, HTML_ENTITY_DECODE, LOWERCASE, CMD_LINE, URL_DECODE, BASE64_DECODE, HEX_DECODE, MD5, REPLACE_COMMENTS, ESCAPE_SEQ_DECODE, SQL_HEX_DECODE, CSS_DECODE, JS_DECODE, NORMALIZE_PATH, NORMALIZE_PATH_WIN, REMOVE_NULLS, REPLACE_NULLS, BASE64_DECODE_EXT, URL_DECODE_UNI, UTF8_TO_UNICODE
|
11227
11229
|
# },
|
11228
11230
|
# ],
|
11231
|
+
# sensitivity_level: "LOW", # accepts LOW, HIGH
|
11229
11232
|
# }
|
11230
11233
|
#
|
11231
11234
|
# @!attribute [rw] field_to_match
|
11232
|
-
# The part of the web request that you want WAF to inspect.
|
11233
|
-
# information, see FieldToMatch.
|
11235
|
+
# The part of the web request that you want WAF to inspect.
|
11234
11236
|
# @return [Types::FieldToMatch]
|
11235
11237
|
#
|
11236
11238
|
# @!attribute [rw] text_transformations
|
@@ -11242,11 +11244,33 @@ module Aws::WAFV2
|
|
11242
11244
|
# setting, before inspecting the content for a match.
|
11243
11245
|
# @return [Array<Types::TextTransformation>]
|
11244
11246
|
#
|
11247
|
+
# @!attribute [rw] sensitivity_level
|
11248
|
+
# The sensitivity that you want WAF to use to inspect for SQL
|
11249
|
+
# injection attacks.
|
11250
|
+
#
|
11251
|
+
# `HIGH` detects more attacks, but might generate more false
|
11252
|
+
# positives, especially if your web requests frequently contain
|
11253
|
+
# unusual strings. For information about identifying and mitigating
|
11254
|
+
# false positives, see [Testing and tuning][1] in the *WAF Developer
|
11255
|
+
# Guide*.
|
11256
|
+
#
|
11257
|
+
# `LOW` is generally a better choice for resources that already have
|
11258
|
+
# other protections against SQL injection attacks or that have a low
|
11259
|
+
# tolerance for false positives.
|
11260
|
+
#
|
11261
|
+
# Default: `LOW`
|
11262
|
+
#
|
11263
|
+
#
|
11264
|
+
#
|
11265
|
+
# [1]: https://docs.aws.amazon.com/waf/latest/developerguide/web-acl-testing.html
|
11266
|
+
# @return [String]
|
11267
|
+
#
|
11245
11268
|
# @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/SqliMatchStatement AWS API Documentation
|
11246
11269
|
#
|
11247
11270
|
class SqliMatchStatement < Struct.new(
|
11248
11271
|
:field_to_match,
|
11249
|
-
:text_transformations
|
11272
|
+
:text_transformations,
|
11273
|
+
:sensitivity_level)
|
11250
11274
|
SENSITIVE = []
|
11251
11275
|
include Aws::Structure
|
11252
11276
|
end
|
@@ -11373,6 +11397,7 @@ module Aws::WAFV2
|
|
11373
11397
|
# type: "NONE", # required, accepts NONE, COMPRESS_WHITE_SPACE, HTML_ENTITY_DECODE, LOWERCASE, CMD_LINE, URL_DECODE, BASE64_DECODE, HEX_DECODE, MD5, REPLACE_COMMENTS, ESCAPE_SEQ_DECODE, SQL_HEX_DECODE, CSS_DECODE, JS_DECODE, NORMALIZE_PATH, NORMALIZE_PATH_WIN, REMOVE_NULLS, REPLACE_NULLS, BASE64_DECODE_EXT, URL_DECODE_UNI, UTF8_TO_UNICODE
|
11374
11398
|
# },
|
11375
11399
|
# ],
|
11400
|
+
# sensitivity_level: "LOW", # accepts LOW, HIGH
|
11376
11401
|
# },
|
11377
11402
|
# xss_match_statement: {
|
11378
11403
|
# field_to_match: { # required
|
@@ -11690,6 +11715,7 @@ module Aws::WAFV2
|
|
11690
11715
|
# type: "NONE", # required, accepts NONE, COMPRESS_WHITE_SPACE, HTML_ENTITY_DECODE, LOWERCASE, CMD_LINE, URL_DECODE, BASE64_DECODE, HEX_DECODE, MD5, REPLACE_COMMENTS, ESCAPE_SEQ_DECODE, SQL_HEX_DECODE, CSS_DECODE, JS_DECODE, NORMALIZE_PATH, NORMALIZE_PATH_WIN, REMOVE_NULLS, REPLACE_NULLS, BASE64_DECODE_EXT, URL_DECODE_UNI, UTF8_TO_UNICODE
|
11691
11716
|
# },
|
11692
11717
|
# ],
|
11718
|
+
# sensitivity_level: "LOW", # accepts LOW, HIGH
|
11693
11719
|
# },
|
11694
11720
|
# xss_match_statement: {
|
11695
11721
|
# field_to_match: { # required
|
@@ -12121,6 +12147,7 @@ module Aws::WAFV2
|
|
12121
12147
|
# type: "NONE", # required, accepts NONE, COMPRESS_WHITE_SPACE, HTML_ENTITY_DECODE, LOWERCASE, CMD_LINE, URL_DECODE, BASE64_DECODE, HEX_DECODE, MD5, REPLACE_COMMENTS, ESCAPE_SEQ_DECODE, SQL_HEX_DECODE, CSS_DECODE, JS_DECODE, NORMALIZE_PATH, NORMALIZE_PATH_WIN, REMOVE_NULLS, REPLACE_NULLS, BASE64_DECODE_EXT, URL_DECODE_UNI, UTF8_TO_UNICODE
|
12122
12148
|
# },
|
12123
12149
|
# ],
|
12150
|
+
# sensitivity_level: "LOW", # accepts LOW, HIGH
|
12124
12151
|
# },
|
12125
12152
|
# xss_match_statement: {
|
12126
12153
|
# field_to_match: { # required
|
@@ -12551,6 +12578,7 @@ module Aws::WAFV2
|
|
12551
12578
|
# type: "NONE", # required, accepts NONE, COMPRESS_WHITE_SPACE, HTML_ENTITY_DECODE, LOWERCASE, CMD_LINE, URL_DECODE, BASE64_DECODE, HEX_DECODE, MD5, REPLACE_COMMENTS, ESCAPE_SEQ_DECODE, SQL_HEX_DECODE, CSS_DECODE, JS_DECODE, NORMALIZE_PATH, NORMALIZE_PATH_WIN, REMOVE_NULLS, REPLACE_NULLS, BASE64_DECODE_EXT, URL_DECODE_UNI, UTF8_TO_UNICODE
|
12552
12579
|
# },
|
12553
12580
|
# ],
|
12581
|
+
# sensitivity_level: "LOW", # accepts LOW, HIGH
|
12554
12582
|
# },
|
12555
12583
|
# xss_match_statement: {
|
12556
12584
|
# field_to_match: { # required
|
@@ -12980,6 +13008,7 @@ module Aws::WAFV2
|
|
12980
13008
|
# type: "NONE", # required, accepts NONE, COMPRESS_WHITE_SPACE, HTML_ENTITY_DECODE, LOWERCASE, CMD_LINE, URL_DECODE, BASE64_DECODE, HEX_DECODE, MD5, REPLACE_COMMENTS, ESCAPE_SEQ_DECODE, SQL_HEX_DECODE, CSS_DECODE, JS_DECODE, NORMALIZE_PATH, NORMALIZE_PATH_WIN, REMOVE_NULLS, REPLACE_NULLS, BASE64_DECODE_EXT, URL_DECODE_UNI, UTF8_TO_UNICODE
|
12981
13009
|
# },
|
12982
13010
|
# ],
|
13011
|
+
# sensitivity_level: "LOW", # accepts LOW, HIGH
|
12983
13012
|
# },
|
12984
13013
|
# xss_match_statement: {
|
12985
13014
|
# field_to_match: { # required
|
@@ -13420,6 +13449,7 @@ module Aws::WAFV2
|
|
13420
13449
|
# type: "NONE", # required, accepts NONE, COMPRESS_WHITE_SPACE, HTML_ENTITY_DECODE, LOWERCASE, CMD_LINE, URL_DECODE, BASE64_DECODE, HEX_DECODE, MD5, REPLACE_COMMENTS, ESCAPE_SEQ_DECODE, SQL_HEX_DECODE, CSS_DECODE, JS_DECODE, NORMALIZE_PATH, NORMALIZE_PATH_WIN, REMOVE_NULLS, REPLACE_NULLS, BASE64_DECODE_EXT, URL_DECODE_UNI, UTF8_TO_UNICODE
|
13421
13450
|
# },
|
13422
13451
|
# ],
|
13452
|
+
# sensitivity_level: "LOW", # accepts LOW, HIGH
|
13423
13453
|
# },
|
13424
13454
|
# xss_match_statement: {
|
13425
13455
|
# field_to_match: { # required
|
@@ -13797,29 +13827,20 @@ module Aws::WAFV2
|
|
13797
13827
|
# search for, the location in requests that you want WAF to search,
|
13798
13828
|
# and other settings. The bytes to search for are typically a string
|
13799
13829
|
# that corresponds with ASCII characters. In the WAF console and the
|
13800
|
-
# developer guide, this is
|
13830
|
+
# developer guide, this is called a string match statement.
|
13801
13831
|
# @return [Types::ByteMatchStatement]
|
13802
13832
|
#
|
13803
13833
|
# @!attribute [rw] sqli_match_statement
|
13804
|
-
#
|
13805
|
-
#
|
13806
|
-
#
|
13807
|
-
# more SQL injection match conditions. An SQL injection match
|
13808
|
-
# condition identifies the part of web requests, such as the URI or
|
13809
|
-
# the query string, that you want WAF to inspect. Later in the
|
13810
|
-
# process, when you create a web ACL, you specify whether to allow or
|
13811
|
-
# block requests that appear to contain malicious SQL code.
|
13834
|
+
# A rule statement that inspects for malicious SQL code. Attackers
|
13835
|
+
# insert malicious SQL code into web requests to do things like modify
|
13836
|
+
# your database or extract data from it.
|
13812
13837
|
# @return [Types::SqliMatchStatement]
|
13813
13838
|
#
|
13814
13839
|
# @!attribute [rw] xss_match_statement
|
13815
|
-
# A rule statement that
|
13816
|
-
#
|
13817
|
-
#
|
13818
|
-
#
|
13819
|
-
# browsers. The XSS match statement provides the location in requests
|
13820
|
-
# that you want WAF to search and text transformations to use on the
|
13821
|
-
# search area before WAF searches for character sequences that are
|
13822
|
-
# likely to be malicious strings.
|
13840
|
+
# A rule statement that inspects for cross-site scripting (XSS)
|
13841
|
+
# attacks. In XSS attacks, the attacker uses vulnerabilities in a
|
13842
|
+
# benign website as a vehicle to inject malicious client-site scripts
|
13843
|
+
# into other legitimate web browsers.
|
13823
13844
|
# @return [Types::XssMatchStatement]
|
13824
13845
|
#
|
13825
13846
|
# @!attribute [rw] size_constraint_statement
|
@@ -13831,8 +13852,8 @@ module Aws::WAFV2
|
|
13831
13852
|
#
|
13832
13853
|
# If you configure WAF to inspect the request body, WAF inspects only
|
13833
13854
|
# the first 8192 bytes (8 KB). If the request body for your web
|
13834
|
-
# requests never exceeds 8192 bytes, you
|
13835
|
-
#
|
13855
|
+
# requests never exceeds 8192 bytes, you could use a size constraint
|
13856
|
+
# statement to block requests that have a request body greater than
|
13836
13857
|
# 8192 bytes.
|
13837
13858
|
#
|
13838
13859
|
# If you choose URI for the value of Part of the request to filter on,
|
@@ -13916,11 +13937,12 @@ module Aws::WAFV2
|
|
13916
13937
|
# for the string BadBot.
|
13917
13938
|
#
|
13918
13939
|
# In this rate-based rule, you also define a rate limit. For this
|
13919
|
-
# example, the rate limit is 1,000. Requests that meet
|
13920
|
-
#
|
13921
|
-
# requests per five minutes, the rule action triggers. Requests
|
13922
|
-
# do not meet
|
13923
|
-
# and are not affected by this
|
13940
|
+
# example, the rate limit is 1,000. Requests that meet the criteria of
|
13941
|
+
# both of the nested statements are counted. If the count exceeds
|
13942
|
+
# 1,000 requests per five minutes, the rule action triggers. Requests
|
13943
|
+
# that do not meet the criteria of both of the nested statements are
|
13944
|
+
# not counted towards the rate limit and are not affected by this
|
13945
|
+
# rule.
|
13924
13946
|
#
|
13925
13947
|
# You cannot nest a `RateBasedStatement` inside another statement, for
|
13926
13948
|
# example inside a `NotStatement` or `OrStatement`. You can define a
|
@@ -14795,6 +14817,7 @@ module Aws::WAFV2
|
|
14795
14817
|
# type: "NONE", # required, accepts NONE, COMPRESS_WHITE_SPACE, HTML_ENTITY_DECODE, LOWERCASE, CMD_LINE, URL_DECODE, BASE64_DECODE, HEX_DECODE, MD5, REPLACE_COMMENTS, ESCAPE_SEQ_DECODE, SQL_HEX_DECODE, CSS_DECODE, JS_DECODE, NORMALIZE_PATH, NORMALIZE_PATH_WIN, REMOVE_NULLS, REPLACE_NULLS, BASE64_DECODE_EXT, URL_DECODE_UNI, UTF8_TO_UNICODE
|
14796
14818
|
# },
|
14797
14819
|
# ],
|
14820
|
+
# sensitivity_level: "LOW", # accepts LOW, HIGH
|
14798
14821
|
# },
|
14799
14822
|
# xss_match_statement: {
|
14800
14823
|
# field_to_match: { # required
|
@@ -15456,6 +15479,7 @@ module Aws::WAFV2
|
|
15456
15479
|
# type: "NONE", # required, accepts NONE, COMPRESS_WHITE_SPACE, HTML_ENTITY_DECODE, LOWERCASE, CMD_LINE, URL_DECODE, BASE64_DECODE, HEX_DECODE, MD5, REPLACE_COMMENTS, ESCAPE_SEQ_DECODE, SQL_HEX_DECODE, CSS_DECODE, JS_DECODE, NORMALIZE_PATH, NORMALIZE_PATH_WIN, REMOVE_NULLS, REPLACE_NULLS, BASE64_DECODE_EXT, URL_DECODE_UNI, UTF8_TO_UNICODE
|
15457
15480
|
# },
|
15458
15481
|
# ],
|
15482
|
+
# sensitivity_level: "LOW", # accepts LOW, HIGH
|
15459
15483
|
# },
|
15460
15484
|
# xss_match_statement: {
|
15461
15485
|
# field_to_match: { # required
|
@@ -16093,8 +16117,8 @@ module Aws::WAFV2
|
|
16093
16117
|
# A name of the Amazon CloudWatch metric. The name can contain only
|
16094
16118
|
# the characters: A-Z, a-z, 0-9, - (hyphen), and \_ (underscore). The
|
16095
16119
|
# name can be from one to 128 characters long. It can't contain
|
16096
|
-
# whitespace or metric names reserved for WAF, for example
|
16097
|
-
#
|
16120
|
+
# whitespace or metric names reserved for WAF, for example `All` and
|
16121
|
+
# `Default_Action`.
|
16098
16122
|
# @return [String]
|
16099
16123
|
#
|
16100
16124
|
# @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/VisibilityConfig AWS API Documentation
|
@@ -16417,7 +16441,7 @@ module Aws::WAFV2
|
|
16417
16441
|
end
|
16418
16442
|
|
16419
16443
|
# WAF couldn’t perform your tagging operation because of an internal
|
16420
|
-
# error. Retry
|
16444
|
+
# error. Retry your request.
|
16421
16445
|
#
|
16422
16446
|
# @!attribute [rw] message
|
16423
16447
|
# @return [String]
|
@@ -16652,14 +16676,10 @@ module Aws::WAFV2
|
|
16652
16676
|
include Aws::Structure
|
16653
16677
|
end
|
16654
16678
|
|
16655
|
-
# A rule statement that
|
16656
|
-
#
|
16657
|
-
#
|
16658
|
-
#
|
16659
|
-
# browsers. The XSS match statement provides the location in requests
|
16660
|
-
# that you want WAF to search and text transformations to use on the
|
16661
|
-
# search area before WAF searches for character sequences that are
|
16662
|
-
# likely to be malicious strings.
|
16679
|
+
# A rule statement that inspects for cross-site scripting (XSS) attacks.
|
16680
|
+
# In XSS attacks, the attacker uses vulnerabilities in a benign website
|
16681
|
+
# as a vehicle to inject malicious client-site scripts into other
|
16682
|
+
# legitimate web browsers.
|
16663
16683
|
#
|
16664
16684
|
# @note When making an API call, you may pass XssMatchStatement
|
16665
16685
|
# data as a hash:
|
@@ -16723,8 +16743,7 @@ module Aws::WAFV2
|
|
16723
16743
|
# }
|
16724
16744
|
#
|
16725
16745
|
# @!attribute [rw] field_to_match
|
16726
|
-
# The part of the web request that you want WAF to inspect.
|
16727
|
-
# information, see FieldToMatch.
|
16746
|
+
# The part of the web request that you want WAF to inspect.
|
16728
16747
|
# @return [Types::FieldToMatch]
|
16729
16748
|
#
|
16730
16749
|
# @!attribute [rw] text_transformations
|
data/lib/aws-sdk-wafv2.rb
CHANGED
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: aws-sdk-wafv2
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 1.
|
4
|
+
version: 1.40.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Amazon Web Services
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2022-
|
11
|
+
date: 2022-07-15 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: aws-sdk-core
|