aws-sdk-wafv2 1.43.0 → 1.45.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG.md +10 -0
- data/VERSION +1 -1
- data/lib/aws-sdk-wafv2/client.rb +1120 -18
- data/lib/aws-sdk-wafv2/client_api.rb +45 -0
- data/lib/aws-sdk-wafv2/types.rb +2785 -98
- data/lib/aws-sdk-wafv2.rb +1 -1
- metadata +2 -2
data/lib/aws-sdk-wafv2/types.rb
CHANGED
@@ -10,18 +10,53 @@
|
|
10
10
|
module Aws::WAFV2
|
11
11
|
module Types
|
12
12
|
|
13
|
+
# Details for your use of the Bot Control managed rule group, used in
|
14
|
+
# `ManagedRuleGroupConfig`.
|
15
|
+
#
|
16
|
+
# @note When making an API call, you may pass AWSManagedRulesBotControlRuleSet
|
17
|
+
# data as a hash:
|
18
|
+
#
|
19
|
+
# {
|
20
|
+
# inspection_level: "COMMON", # required, accepts COMMON, TARGETED
|
21
|
+
# }
|
22
|
+
#
|
23
|
+
# @!attribute [rw] inspection_level
|
24
|
+
# The inspection level to use for the Bot Control rule group. The
|
25
|
+
# common level is the least expensive. The targeted level includes all
|
26
|
+
# common level rules and adds rules with more advanced inspection
|
27
|
+
# criteria. For details, see [WAF Bot Control rule group][1].
|
28
|
+
#
|
29
|
+
#
|
30
|
+
#
|
31
|
+
# [1]: https://docs.aws.amazon.com/waf/latest/developerguide/aws-managed-rule-groups-bot.html
|
32
|
+
# @return [String]
|
33
|
+
#
|
34
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/AWSManagedRulesBotControlRuleSet AWS API Documentation
|
35
|
+
#
|
36
|
+
class AWSManagedRulesBotControlRuleSet < Struct.new(
|
37
|
+
:inspection_level)
|
38
|
+
SENSITIVE = []
|
39
|
+
include Aws::Structure
|
40
|
+
end
|
41
|
+
|
13
42
|
# A single action condition for a Condition in a logging filter.
|
14
43
|
#
|
15
44
|
# @note When making an API call, you may pass ActionCondition
|
16
45
|
# data as a hash:
|
17
46
|
#
|
18
47
|
# {
|
19
|
-
# action: "ALLOW", # required, accepts ALLOW, BLOCK, COUNT, CAPTCHA, EXCLUDED_AS_COUNT
|
48
|
+
# action: "ALLOW", # required, accepts ALLOW, BLOCK, COUNT, CAPTCHA, CHALLENGE, EXCLUDED_AS_COUNT
|
20
49
|
# }
|
21
50
|
#
|
22
51
|
# @!attribute [rw] action
|
23
52
|
# The action setting that a log record must contain in order to meet
|
24
|
-
# the condition.
|
53
|
+
# the condition. This is the action that WAF applied to the web
|
54
|
+
# request.
|
55
|
+
#
|
56
|
+
# For rule groups, this is either the configured rule action setting,
|
57
|
+
# or if you've applied a rule action override to the rule, it's the
|
58
|
+
# override action. The value `EXCLUDED_AS_COUNT` matches on excluded
|
59
|
+
# rules and also on rules that have a rule action override of Count.
|
25
60
|
# @return [String]
|
26
61
|
#
|
27
62
|
# @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/ActionCondition AWS API Documentation
|
@@ -358,6 +393,65 @@ module Aws::WAFV2
|
|
358
393
|
# name: "EntityName", # required
|
359
394
|
# },
|
360
395
|
# ],
|
396
|
+
# rule_action_overrides: [
|
397
|
+
# {
|
398
|
+
# name: "EntityName", # required
|
399
|
+
# action_to_use: { # required
|
400
|
+
# block: {
|
401
|
+
# custom_response: {
|
402
|
+
# response_code: 1, # required
|
403
|
+
# custom_response_body_key: "EntityName",
|
404
|
+
# response_headers: [
|
405
|
+
# {
|
406
|
+
# name: "CustomHTTPHeaderName", # required
|
407
|
+
# value: "CustomHTTPHeaderValue", # required
|
408
|
+
# },
|
409
|
+
# ],
|
410
|
+
# },
|
411
|
+
# },
|
412
|
+
# allow: {
|
413
|
+
# custom_request_handling: {
|
414
|
+
# insert_headers: [ # required
|
415
|
+
# {
|
416
|
+
# name: "CustomHTTPHeaderName", # required
|
417
|
+
# value: "CustomHTTPHeaderValue", # required
|
418
|
+
# },
|
419
|
+
# ],
|
420
|
+
# },
|
421
|
+
# },
|
422
|
+
# count: {
|
423
|
+
# custom_request_handling: {
|
424
|
+
# insert_headers: [ # required
|
425
|
+
# {
|
426
|
+
# name: "CustomHTTPHeaderName", # required
|
427
|
+
# value: "CustomHTTPHeaderValue", # required
|
428
|
+
# },
|
429
|
+
# ],
|
430
|
+
# },
|
431
|
+
# },
|
432
|
+
# captcha: {
|
433
|
+
# custom_request_handling: {
|
434
|
+
# insert_headers: [ # required
|
435
|
+
# {
|
436
|
+
# name: "CustomHTTPHeaderName", # required
|
437
|
+
# value: "CustomHTTPHeaderValue", # required
|
438
|
+
# },
|
439
|
+
# ],
|
440
|
+
# },
|
441
|
+
# },
|
442
|
+
# challenge: {
|
443
|
+
# custom_request_handling: {
|
444
|
+
# insert_headers: [ # required
|
445
|
+
# {
|
446
|
+
# name: "CustomHTTPHeaderName", # required
|
447
|
+
# value: "CustomHTTPHeaderValue", # required
|
448
|
+
# },
|
449
|
+
# ],
|
450
|
+
# },
|
451
|
+
# },
|
452
|
+
# },
|
453
|
+
# },
|
454
|
+
# ],
|
361
455
|
# },
|
362
456
|
# ip_set_reference_statement: {
|
363
457
|
# arn: "ResourceArn", # required
|
@@ -473,6 +567,68 @@ module Aws::WAFV2
|
|
473
567
|
# password_field: {
|
474
568
|
# identifier: "FieldIdentifier", # required
|
475
569
|
# },
|
570
|
+
# aws_managed_rules_bot_control_rule_set: {
|
571
|
+
# inspection_level: "COMMON", # required, accepts COMMON, TARGETED
|
572
|
+
# },
|
573
|
+
# },
|
574
|
+
# ],
|
575
|
+
# rule_action_overrides: [
|
576
|
+
# {
|
577
|
+
# name: "EntityName", # required
|
578
|
+
# action_to_use: { # required
|
579
|
+
# block: {
|
580
|
+
# custom_response: {
|
581
|
+
# response_code: 1, # required
|
582
|
+
# custom_response_body_key: "EntityName",
|
583
|
+
# response_headers: [
|
584
|
+
# {
|
585
|
+
# name: "CustomHTTPHeaderName", # required
|
586
|
+
# value: "CustomHTTPHeaderValue", # required
|
587
|
+
# },
|
588
|
+
# ],
|
589
|
+
# },
|
590
|
+
# },
|
591
|
+
# allow: {
|
592
|
+
# custom_request_handling: {
|
593
|
+
# insert_headers: [ # required
|
594
|
+
# {
|
595
|
+
# name: "CustomHTTPHeaderName", # required
|
596
|
+
# value: "CustomHTTPHeaderValue", # required
|
597
|
+
# },
|
598
|
+
# ],
|
599
|
+
# },
|
600
|
+
# },
|
601
|
+
# count: {
|
602
|
+
# custom_request_handling: {
|
603
|
+
# insert_headers: [ # required
|
604
|
+
# {
|
605
|
+
# name: "CustomHTTPHeaderName", # required
|
606
|
+
# value: "CustomHTTPHeaderValue", # required
|
607
|
+
# },
|
608
|
+
# ],
|
609
|
+
# },
|
610
|
+
# },
|
611
|
+
# captcha: {
|
612
|
+
# custom_request_handling: {
|
613
|
+
# insert_headers: [ # required
|
614
|
+
# {
|
615
|
+
# name: "CustomHTTPHeaderName", # required
|
616
|
+
# value: "CustomHTTPHeaderValue", # required
|
617
|
+
# },
|
618
|
+
# ],
|
619
|
+
# },
|
620
|
+
# },
|
621
|
+
# challenge: {
|
622
|
+
# custom_request_handling: {
|
623
|
+
# insert_headers: [ # required
|
624
|
+
# {
|
625
|
+
# name: "CustomHTTPHeaderName", # required
|
626
|
+
# value: "CustomHTTPHeaderValue", # required
|
627
|
+
# },
|
628
|
+
# ],
|
629
|
+
# },
|
630
|
+
# },
|
631
|
+
# },
|
476
632
|
# },
|
477
633
|
# ],
|
478
634
|
# },
|
@@ -864,11 +1020,12 @@ module Aws::WAFV2
|
|
864
1020
|
# Specifies that WAF should run a `CAPTCHA` check against the request:
|
865
1021
|
#
|
866
1022
|
# * If the request includes a valid, unexpired `CAPTCHA` token, WAF
|
867
|
-
#
|
868
|
-
#
|
1023
|
+
# applies any custom request handling and labels that you've
|
1024
|
+
# configured and then allows the web request inspection to proceed to
|
1025
|
+
# the next rule, similar to a `CountAction`.
|
869
1026
|
#
|
870
|
-
# * If the request doesn't include a valid, unexpired
|
871
|
-
#
|
1027
|
+
# * If the request doesn't include a valid, unexpired token, WAF
|
1028
|
+
# discontinues the web ACL evaluation of the request and blocks it
|
872
1029
|
# from going to its intended destination.
|
873
1030
|
#
|
874
1031
|
# WAF generates a response that it sends back to the client, which
|
@@ -879,7 +1036,8 @@ module Aws::WAFV2
|
|
879
1036
|
# * The HTTP status code `405 Method Not Allowed`.
|
880
1037
|
#
|
881
1038
|
# * If the request contains an `Accept` header with a value of
|
882
|
-
# `text/html`, the response includes a `CAPTCHA`
|
1039
|
+
# `text/html`, the response includes a `CAPTCHA` JavaScript page
|
1040
|
+
# interstitial.
|
883
1041
|
#
|
884
1042
|
# You can configure the expiration time in the `CaptchaConfig`
|
885
1043
|
# `ImmunityTimeProperty` setting at the rule and web ACL level. The rule
|
@@ -903,7 +1061,9 @@ module Aws::WAFV2
|
|
903
1061
|
# }
|
904
1062
|
#
|
905
1063
|
# @!attribute [rw] custom_request_handling
|
906
|
-
# Defines custom handling for the web request
|
1064
|
+
# Defines custom handling for the web request, used when the `CAPTCHA`
|
1065
|
+
# inspection determines that the request's token is valid and
|
1066
|
+
# unexpired.
|
907
1067
|
#
|
908
1068
|
# For information about customizing web requests and responses, see
|
909
1069
|
# [Customizing web requests and responses in WAF][1] in the [WAF
|
@@ -936,8 +1096,8 @@ module Aws::WAFV2
|
|
936
1096
|
# }
|
937
1097
|
#
|
938
1098
|
# @!attribute [rw] immunity_time_property
|
939
|
-
# Determines how long a `CAPTCHA` token remains valid
|
940
|
-
# successfully solves a `CAPTCHA` puzzle.
|
1099
|
+
# Determines how long a `CAPTCHA` timestamp in the token remains valid
|
1100
|
+
# after the client successfully solves a `CAPTCHA` puzzle.
|
941
1101
|
# @return [Types::ImmunityTimeProperty]
|
942
1102
|
#
|
943
1103
|
# @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/CaptchaConfig AWS API Documentation
|
@@ -958,8 +1118,7 @@ module Aws::WAFV2
|
|
958
1118
|
# @return [Integer]
|
959
1119
|
#
|
960
1120
|
# @!attribute [rw] solve_timestamp
|
961
|
-
# The time that the `CAPTCHA`
|
962
|
-
# token.
|
1121
|
+
# The time that the `CAPTCHA` was last solved for the supplied token.
|
963
1122
|
# @return [Integer]
|
964
1123
|
#
|
965
1124
|
# @!attribute [rw] failure_reason
|
@@ -977,6 +1136,138 @@ module Aws::WAFV2
|
|
977
1136
|
include Aws::Structure
|
978
1137
|
end
|
979
1138
|
|
1139
|
+
# Specifies that WAF should run a `Challenge` check against the request
|
1140
|
+
# to verify that the request is coming from a legitimate client session:
|
1141
|
+
#
|
1142
|
+
# * If the request includes a valid, unexpired challenge token, WAF
|
1143
|
+
# applies any custom request handling and labels that you've
|
1144
|
+
# configured and then allows the web request inspection to proceed to
|
1145
|
+
# the next rule, similar to a `CountAction`.
|
1146
|
+
#
|
1147
|
+
# * If the request doesn't include a valid, unexpired challenge token,
|
1148
|
+
# WAF discontinues the web ACL evaluation of the request and blocks it
|
1149
|
+
# from going to its intended destination.
|
1150
|
+
#
|
1151
|
+
# WAF then generates a challenge response that it sends back to the
|
1152
|
+
# client, which includes the following:
|
1153
|
+
#
|
1154
|
+
# * The header `x-amzn-waf-action` with a value of `challenge`.
|
1155
|
+
#
|
1156
|
+
# * The HTTP status code `202 Request Accepted`.
|
1157
|
+
#
|
1158
|
+
# * If the request contains an `Accept` header with a value of
|
1159
|
+
# `text/html`, the response includes a JavaScript page interstitial
|
1160
|
+
# with a challenge script.
|
1161
|
+
#
|
1162
|
+
# Challenges run silent browser interrogations in the background, and
|
1163
|
+
# don't generally affect the end user experience.
|
1164
|
+
#
|
1165
|
+
# A challenge enforces token acquisition using an interstitial
|
1166
|
+
# JavaScript challenge that inspects the client session for legitimate
|
1167
|
+
# behavior. The challenge blocks bots or at least increases the cost
|
1168
|
+
# of operating sophisticated bots.
|
1169
|
+
#
|
1170
|
+
# After the client session successfully responds to the challenge, it
|
1171
|
+
# receives a new token from WAF, which the challenge script uses to
|
1172
|
+
# resubmit the original request.
|
1173
|
+
#
|
1174
|
+
# You can configure the expiration time in the `ChallengeConfig`
|
1175
|
+
# `ImmunityTimeProperty` setting at the rule and web ACL level. The rule
|
1176
|
+
# setting overrides the web ACL setting.
|
1177
|
+
#
|
1178
|
+
# This action option is available for rules. It isn't available for web
|
1179
|
+
# ACL default actions.
|
1180
|
+
#
|
1181
|
+
# @note When making an API call, you may pass ChallengeAction
|
1182
|
+
# data as a hash:
|
1183
|
+
#
|
1184
|
+
# {
|
1185
|
+
# custom_request_handling: {
|
1186
|
+
# insert_headers: [ # required
|
1187
|
+
# {
|
1188
|
+
# name: "CustomHTTPHeaderName", # required
|
1189
|
+
# value: "CustomHTTPHeaderValue", # required
|
1190
|
+
# },
|
1191
|
+
# ],
|
1192
|
+
# },
|
1193
|
+
# }
|
1194
|
+
#
|
1195
|
+
# @!attribute [rw] custom_request_handling
|
1196
|
+
# Defines custom handling for the web request, used when the challenge
|
1197
|
+
# inspection determines that the request's token is valid and
|
1198
|
+
# unexpired.
|
1199
|
+
#
|
1200
|
+
# For information about customizing web requests and responses, see
|
1201
|
+
# [Customizing web requests and responses in WAF][1] in the [WAF
|
1202
|
+
# Developer Guide][2].
|
1203
|
+
#
|
1204
|
+
#
|
1205
|
+
#
|
1206
|
+
# [1]: https://docs.aws.amazon.com/waf/latest/developerguide/waf-custom-request-response.html
|
1207
|
+
# [2]: https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html
|
1208
|
+
# @return [Types::CustomRequestHandling]
|
1209
|
+
#
|
1210
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/ChallengeAction AWS API Documentation
|
1211
|
+
#
|
1212
|
+
class ChallengeAction < Struct.new(
|
1213
|
+
:custom_request_handling)
|
1214
|
+
SENSITIVE = []
|
1215
|
+
include Aws::Structure
|
1216
|
+
end
|
1217
|
+
|
1218
|
+
# Specifies how WAF should handle `Challenge` evaluations. This is
|
1219
|
+
# available at the web ACL level and in each rule.
|
1220
|
+
#
|
1221
|
+
# @note When making an API call, you may pass ChallengeConfig
|
1222
|
+
# data as a hash:
|
1223
|
+
#
|
1224
|
+
# {
|
1225
|
+
# immunity_time_property: {
|
1226
|
+
# immunity_time: 1, # required
|
1227
|
+
# },
|
1228
|
+
# }
|
1229
|
+
#
|
1230
|
+
# @!attribute [rw] immunity_time_property
|
1231
|
+
# Determines how long a challenge timestamp in the token remains valid
|
1232
|
+
# after the client successfully responds to a challenge.
|
1233
|
+
# @return [Types::ImmunityTimeProperty]
|
1234
|
+
#
|
1235
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/ChallengeConfig AWS API Documentation
|
1236
|
+
#
|
1237
|
+
class ChallengeConfig < Struct.new(
|
1238
|
+
:immunity_time_property)
|
1239
|
+
SENSITIVE = []
|
1240
|
+
include Aws::Structure
|
1241
|
+
end
|
1242
|
+
|
1243
|
+
# The result from the inspection of the web request for a valid
|
1244
|
+
# challenge token.
|
1245
|
+
#
|
1246
|
+
# @!attribute [rw] response_code
|
1247
|
+
# The HTTP response code indicating the status of the challenge token
|
1248
|
+
# in the web request. If the token is missing, invalid, or expired,
|
1249
|
+
# this code is `202 Request Accepted`.
|
1250
|
+
# @return [Integer]
|
1251
|
+
#
|
1252
|
+
# @!attribute [rw] solve_timestamp
|
1253
|
+
# The time that the challenge was last solved for the supplied token.
|
1254
|
+
# @return [Integer]
|
1255
|
+
#
|
1256
|
+
# @!attribute [rw] failure_reason
|
1257
|
+
# The reason for failure, populated when the evaluation of the token
|
1258
|
+
# fails.
|
1259
|
+
# @return [String]
|
1260
|
+
#
|
1261
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/ChallengeResponse AWS API Documentation
|
1262
|
+
#
|
1263
|
+
class ChallengeResponse < Struct.new(
|
1264
|
+
:response_code,
|
1265
|
+
:solve_timestamp,
|
1266
|
+
:failure_reason)
|
1267
|
+
SENSITIVE = []
|
1268
|
+
include Aws::Structure
|
1269
|
+
end
|
1270
|
+
|
980
1271
|
# @note When making an API call, you may pass CheckCapacityRequest
|
981
1272
|
# data as a hash:
|
982
1273
|
#
|
@@ -1234,6 +1525,65 @@ module Aws::WAFV2
|
|
1234
1525
|
# name: "EntityName", # required
|
1235
1526
|
# },
|
1236
1527
|
# ],
|
1528
|
+
# rule_action_overrides: [
|
1529
|
+
# {
|
1530
|
+
# name: "EntityName", # required
|
1531
|
+
# action_to_use: { # required
|
1532
|
+
# block: {
|
1533
|
+
# custom_response: {
|
1534
|
+
# response_code: 1, # required
|
1535
|
+
# custom_response_body_key: "EntityName",
|
1536
|
+
# response_headers: [
|
1537
|
+
# {
|
1538
|
+
# name: "CustomHTTPHeaderName", # required
|
1539
|
+
# value: "CustomHTTPHeaderValue", # required
|
1540
|
+
# },
|
1541
|
+
# ],
|
1542
|
+
# },
|
1543
|
+
# },
|
1544
|
+
# allow: {
|
1545
|
+
# custom_request_handling: {
|
1546
|
+
# insert_headers: [ # required
|
1547
|
+
# {
|
1548
|
+
# name: "CustomHTTPHeaderName", # required
|
1549
|
+
# value: "CustomHTTPHeaderValue", # required
|
1550
|
+
# },
|
1551
|
+
# ],
|
1552
|
+
# },
|
1553
|
+
# },
|
1554
|
+
# count: {
|
1555
|
+
# custom_request_handling: {
|
1556
|
+
# insert_headers: [ # required
|
1557
|
+
# {
|
1558
|
+
# name: "CustomHTTPHeaderName", # required
|
1559
|
+
# value: "CustomHTTPHeaderValue", # required
|
1560
|
+
# },
|
1561
|
+
# ],
|
1562
|
+
# },
|
1563
|
+
# },
|
1564
|
+
# captcha: {
|
1565
|
+
# custom_request_handling: {
|
1566
|
+
# insert_headers: [ # required
|
1567
|
+
# {
|
1568
|
+
# name: "CustomHTTPHeaderName", # required
|
1569
|
+
# value: "CustomHTTPHeaderValue", # required
|
1570
|
+
# },
|
1571
|
+
# ],
|
1572
|
+
# },
|
1573
|
+
# },
|
1574
|
+
# challenge: {
|
1575
|
+
# custom_request_handling: {
|
1576
|
+
# insert_headers: [ # required
|
1577
|
+
# {
|
1578
|
+
# name: "CustomHTTPHeaderName", # required
|
1579
|
+
# value: "CustomHTTPHeaderValue", # required
|
1580
|
+
# },
|
1581
|
+
# ],
|
1582
|
+
# },
|
1583
|
+
# },
|
1584
|
+
# },
|
1585
|
+
# },
|
1586
|
+
# ],
|
1237
1587
|
# },
|
1238
1588
|
# ip_set_reference_statement: {
|
1239
1589
|
# arn: "ResourceArn", # required
|
@@ -1353,6 +1703,68 @@ module Aws::WAFV2
|
|
1353
1703
|
# password_field: {
|
1354
1704
|
# identifier: "FieldIdentifier", # required
|
1355
1705
|
# },
|
1706
|
+
# aws_managed_rules_bot_control_rule_set: {
|
1707
|
+
# inspection_level: "COMMON", # required, accepts COMMON, TARGETED
|
1708
|
+
# },
|
1709
|
+
# },
|
1710
|
+
# ],
|
1711
|
+
# rule_action_overrides: [
|
1712
|
+
# {
|
1713
|
+
# name: "EntityName", # required
|
1714
|
+
# action_to_use: { # required
|
1715
|
+
# block: {
|
1716
|
+
# custom_response: {
|
1717
|
+
# response_code: 1, # required
|
1718
|
+
# custom_response_body_key: "EntityName",
|
1719
|
+
# response_headers: [
|
1720
|
+
# {
|
1721
|
+
# name: "CustomHTTPHeaderName", # required
|
1722
|
+
# value: "CustomHTTPHeaderValue", # required
|
1723
|
+
# },
|
1724
|
+
# ],
|
1725
|
+
# },
|
1726
|
+
# },
|
1727
|
+
# allow: {
|
1728
|
+
# custom_request_handling: {
|
1729
|
+
# insert_headers: [ # required
|
1730
|
+
# {
|
1731
|
+
# name: "CustomHTTPHeaderName", # required
|
1732
|
+
# value: "CustomHTTPHeaderValue", # required
|
1733
|
+
# },
|
1734
|
+
# ],
|
1735
|
+
# },
|
1736
|
+
# },
|
1737
|
+
# count: {
|
1738
|
+
# custom_request_handling: {
|
1739
|
+
# insert_headers: [ # required
|
1740
|
+
# {
|
1741
|
+
# name: "CustomHTTPHeaderName", # required
|
1742
|
+
# value: "CustomHTTPHeaderValue", # required
|
1743
|
+
# },
|
1744
|
+
# ],
|
1745
|
+
# },
|
1746
|
+
# },
|
1747
|
+
# captcha: {
|
1748
|
+
# custom_request_handling: {
|
1749
|
+
# insert_headers: [ # required
|
1750
|
+
# {
|
1751
|
+
# name: "CustomHTTPHeaderName", # required
|
1752
|
+
# value: "CustomHTTPHeaderValue", # required
|
1753
|
+
# },
|
1754
|
+
# ],
|
1755
|
+
# },
|
1756
|
+
# },
|
1757
|
+
# challenge: {
|
1758
|
+
# custom_request_handling: {
|
1759
|
+
# insert_headers: [ # required
|
1760
|
+
# {
|
1761
|
+
# name: "CustomHTTPHeaderName", # required
|
1762
|
+
# value: "CustomHTTPHeaderValue", # required
|
1763
|
+
# },
|
1764
|
+
# ],
|
1765
|
+
# },
|
1766
|
+
# },
|
1767
|
+
# },
|
1356
1768
|
# },
|
1357
1769
|
# ],
|
1358
1770
|
# },
|
@@ -1462,6 +1874,16 @@ module Aws::WAFV2
|
|
1462
1874
|
# ],
|
1463
1875
|
# },
|
1464
1876
|
# },
|
1877
|
+
# challenge: {
|
1878
|
+
# custom_request_handling: {
|
1879
|
+
# insert_headers: [ # required
|
1880
|
+
# {
|
1881
|
+
# name: "CustomHTTPHeaderName", # required
|
1882
|
+
# value: "CustomHTTPHeaderValue", # required
|
1883
|
+
# },
|
1884
|
+
# ],
|
1885
|
+
# },
|
1886
|
+
# },
|
1465
1887
|
# },
|
1466
1888
|
# override_action: {
|
1467
1889
|
# count: {
|
@@ -1492,6 +1914,11 @@ module Aws::WAFV2
|
|
1492
1914
|
# immunity_time: 1, # required
|
1493
1915
|
# },
|
1494
1916
|
# },
|
1917
|
+
# challenge_config: {
|
1918
|
+
# immunity_time_property: {
|
1919
|
+
# immunity_time: 1, # required
|
1920
|
+
# },
|
1921
|
+
# },
|
1495
1922
|
# },
|
1496
1923
|
# ],
|
1497
1924
|
# }
|
@@ -1544,7 +1971,7 @@ module Aws::WAFV2
|
|
1544
1971
|
#
|
1545
1972
|
# {
|
1546
1973
|
# action_condition: {
|
1547
|
-
# action: "ALLOW", # required, accepts ALLOW, BLOCK, COUNT, CAPTCHA, EXCLUDED_AS_COUNT
|
1974
|
+
# action: "ALLOW", # required, accepts ALLOW, BLOCK, COUNT, CAPTCHA, CHALLENGE, EXCLUDED_AS_COUNT
|
1548
1975
|
# },
|
1549
1976
|
# label_name_condition: {
|
1550
1977
|
# label_name: "LabelName", # required
|
@@ -2189,6 +2616,65 @@ module Aws::WAFV2
|
|
2189
2616
|
# name: "EntityName", # required
|
2190
2617
|
# },
|
2191
2618
|
# ],
|
2619
|
+
# rule_action_overrides: [
|
2620
|
+
# {
|
2621
|
+
# name: "EntityName", # required
|
2622
|
+
# action_to_use: { # required
|
2623
|
+
# block: {
|
2624
|
+
# custom_response: {
|
2625
|
+
# response_code: 1, # required
|
2626
|
+
# custom_response_body_key: "EntityName",
|
2627
|
+
# response_headers: [
|
2628
|
+
# {
|
2629
|
+
# name: "CustomHTTPHeaderName", # required
|
2630
|
+
# value: "CustomHTTPHeaderValue", # required
|
2631
|
+
# },
|
2632
|
+
# ],
|
2633
|
+
# },
|
2634
|
+
# },
|
2635
|
+
# allow: {
|
2636
|
+
# custom_request_handling: {
|
2637
|
+
# insert_headers: [ # required
|
2638
|
+
# {
|
2639
|
+
# name: "CustomHTTPHeaderName", # required
|
2640
|
+
# value: "CustomHTTPHeaderValue", # required
|
2641
|
+
# },
|
2642
|
+
# ],
|
2643
|
+
# },
|
2644
|
+
# },
|
2645
|
+
# count: {
|
2646
|
+
# custom_request_handling: {
|
2647
|
+
# insert_headers: [ # required
|
2648
|
+
# {
|
2649
|
+
# name: "CustomHTTPHeaderName", # required
|
2650
|
+
# value: "CustomHTTPHeaderValue", # required
|
2651
|
+
# },
|
2652
|
+
# ],
|
2653
|
+
# },
|
2654
|
+
# },
|
2655
|
+
# captcha: {
|
2656
|
+
# custom_request_handling: {
|
2657
|
+
# insert_headers: [ # required
|
2658
|
+
# {
|
2659
|
+
# name: "CustomHTTPHeaderName", # required
|
2660
|
+
# value: "CustomHTTPHeaderValue", # required
|
2661
|
+
# },
|
2662
|
+
# ],
|
2663
|
+
# },
|
2664
|
+
# },
|
2665
|
+
# challenge: {
|
2666
|
+
# custom_request_handling: {
|
2667
|
+
# insert_headers: [ # required
|
2668
|
+
# {
|
2669
|
+
# name: "CustomHTTPHeaderName", # required
|
2670
|
+
# value: "CustomHTTPHeaderValue", # required
|
2671
|
+
# },
|
2672
|
+
# ],
|
2673
|
+
# },
|
2674
|
+
# },
|
2675
|
+
# },
|
2676
|
+
# },
|
2677
|
+
# ],
|
2192
2678
|
# },
|
2193
2679
|
# ip_set_reference_statement: {
|
2194
2680
|
# arn: "ResourceArn", # required
|
@@ -2308,6 +2794,68 @@ module Aws::WAFV2
|
|
2308
2794
|
# password_field: {
|
2309
2795
|
# identifier: "FieldIdentifier", # required
|
2310
2796
|
# },
|
2797
|
+
# aws_managed_rules_bot_control_rule_set: {
|
2798
|
+
# inspection_level: "COMMON", # required, accepts COMMON, TARGETED
|
2799
|
+
# },
|
2800
|
+
# },
|
2801
|
+
# ],
|
2802
|
+
# rule_action_overrides: [
|
2803
|
+
# {
|
2804
|
+
# name: "EntityName", # required
|
2805
|
+
# action_to_use: { # required
|
2806
|
+
# block: {
|
2807
|
+
# custom_response: {
|
2808
|
+
# response_code: 1, # required
|
2809
|
+
# custom_response_body_key: "EntityName",
|
2810
|
+
# response_headers: [
|
2811
|
+
# {
|
2812
|
+
# name: "CustomHTTPHeaderName", # required
|
2813
|
+
# value: "CustomHTTPHeaderValue", # required
|
2814
|
+
# },
|
2815
|
+
# ],
|
2816
|
+
# },
|
2817
|
+
# },
|
2818
|
+
# allow: {
|
2819
|
+
# custom_request_handling: {
|
2820
|
+
# insert_headers: [ # required
|
2821
|
+
# {
|
2822
|
+
# name: "CustomHTTPHeaderName", # required
|
2823
|
+
# value: "CustomHTTPHeaderValue", # required
|
2824
|
+
# },
|
2825
|
+
# ],
|
2826
|
+
# },
|
2827
|
+
# },
|
2828
|
+
# count: {
|
2829
|
+
# custom_request_handling: {
|
2830
|
+
# insert_headers: [ # required
|
2831
|
+
# {
|
2832
|
+
# name: "CustomHTTPHeaderName", # required
|
2833
|
+
# value: "CustomHTTPHeaderValue", # required
|
2834
|
+
# },
|
2835
|
+
# ],
|
2836
|
+
# },
|
2837
|
+
# },
|
2838
|
+
# captcha: {
|
2839
|
+
# custom_request_handling: {
|
2840
|
+
# insert_headers: [ # required
|
2841
|
+
# {
|
2842
|
+
# name: "CustomHTTPHeaderName", # required
|
2843
|
+
# value: "CustomHTTPHeaderValue", # required
|
2844
|
+
# },
|
2845
|
+
# ],
|
2846
|
+
# },
|
2847
|
+
# },
|
2848
|
+
# challenge: {
|
2849
|
+
# custom_request_handling: {
|
2850
|
+
# insert_headers: [ # required
|
2851
|
+
# {
|
2852
|
+
# name: "CustomHTTPHeaderName", # required
|
2853
|
+
# value: "CustomHTTPHeaderValue", # required
|
2854
|
+
# },
|
2855
|
+
# ],
|
2856
|
+
# },
|
2857
|
+
# },
|
2858
|
+
# },
|
2311
2859
|
# },
|
2312
2860
|
# ],
|
2313
2861
|
# },
|
@@ -2417,6 +2965,16 @@ module Aws::WAFV2
|
|
2417
2965
|
# ],
|
2418
2966
|
# },
|
2419
2967
|
# },
|
2968
|
+
# challenge: {
|
2969
|
+
# custom_request_handling: {
|
2970
|
+
# insert_headers: [ # required
|
2971
|
+
# {
|
2972
|
+
# name: "CustomHTTPHeaderName", # required
|
2973
|
+
# value: "CustomHTTPHeaderValue", # required
|
2974
|
+
# },
|
2975
|
+
# ],
|
2976
|
+
# },
|
2977
|
+
# },
|
2420
2978
|
# },
|
2421
2979
|
# override_action: {
|
2422
2980
|
# count: {
|
@@ -2447,6 +3005,11 @@ module Aws::WAFV2
|
|
2447
3005
|
# immunity_time: 1, # required
|
2448
3006
|
# },
|
2449
3007
|
# },
|
3008
|
+
# challenge_config: {
|
3009
|
+
# immunity_time_property: {
|
3010
|
+
# immunity_time: 1, # required
|
3011
|
+
# },
|
3012
|
+
# },
|
2450
3013
|
# },
|
2451
3014
|
# ],
|
2452
3015
|
# visibility_config: { # required
|
@@ -2861,6 +3424,65 @@ module Aws::WAFV2
|
|
2861
3424
|
# name: "EntityName", # required
|
2862
3425
|
# },
|
2863
3426
|
# ],
|
3427
|
+
# rule_action_overrides: [
|
3428
|
+
# {
|
3429
|
+
# name: "EntityName", # required
|
3430
|
+
# action_to_use: { # required
|
3431
|
+
# block: {
|
3432
|
+
# custom_response: {
|
3433
|
+
# response_code: 1, # required
|
3434
|
+
# custom_response_body_key: "EntityName",
|
3435
|
+
# response_headers: [
|
3436
|
+
# {
|
3437
|
+
# name: "CustomHTTPHeaderName", # required
|
3438
|
+
# value: "CustomHTTPHeaderValue", # required
|
3439
|
+
# },
|
3440
|
+
# ],
|
3441
|
+
# },
|
3442
|
+
# },
|
3443
|
+
# allow: {
|
3444
|
+
# custom_request_handling: {
|
3445
|
+
# insert_headers: [ # required
|
3446
|
+
# {
|
3447
|
+
# name: "CustomHTTPHeaderName", # required
|
3448
|
+
# value: "CustomHTTPHeaderValue", # required
|
3449
|
+
# },
|
3450
|
+
# ],
|
3451
|
+
# },
|
3452
|
+
# },
|
3453
|
+
# count: {
|
3454
|
+
# custom_request_handling: {
|
3455
|
+
# insert_headers: [ # required
|
3456
|
+
# {
|
3457
|
+
# name: "CustomHTTPHeaderName", # required
|
3458
|
+
# value: "CustomHTTPHeaderValue", # required
|
3459
|
+
# },
|
3460
|
+
# ],
|
3461
|
+
# },
|
3462
|
+
# },
|
3463
|
+
# captcha: {
|
3464
|
+
# custom_request_handling: {
|
3465
|
+
# insert_headers: [ # required
|
3466
|
+
# {
|
3467
|
+
# name: "CustomHTTPHeaderName", # required
|
3468
|
+
# value: "CustomHTTPHeaderValue", # required
|
3469
|
+
# },
|
3470
|
+
# ],
|
3471
|
+
# },
|
3472
|
+
# },
|
3473
|
+
# challenge: {
|
3474
|
+
# custom_request_handling: {
|
3475
|
+
# insert_headers: [ # required
|
3476
|
+
# {
|
3477
|
+
# name: "CustomHTTPHeaderName", # required
|
3478
|
+
# value: "CustomHTTPHeaderValue", # required
|
3479
|
+
# },
|
3480
|
+
# ],
|
3481
|
+
# },
|
3482
|
+
# },
|
3483
|
+
# },
|
3484
|
+
# },
|
3485
|
+
# ],
|
2864
3486
|
# },
|
2865
3487
|
# ip_set_reference_statement: {
|
2866
3488
|
# arn: "ResourceArn", # required
|
@@ -2980,6 +3602,68 @@ module Aws::WAFV2
|
|
2980
3602
|
# password_field: {
|
2981
3603
|
# identifier: "FieldIdentifier", # required
|
2982
3604
|
# },
|
3605
|
+
# aws_managed_rules_bot_control_rule_set: {
|
3606
|
+
# inspection_level: "COMMON", # required, accepts COMMON, TARGETED
|
3607
|
+
# },
|
3608
|
+
# },
|
3609
|
+
# ],
|
3610
|
+
# rule_action_overrides: [
|
3611
|
+
# {
|
3612
|
+
# name: "EntityName", # required
|
3613
|
+
# action_to_use: { # required
|
3614
|
+
# block: {
|
3615
|
+
# custom_response: {
|
3616
|
+
# response_code: 1, # required
|
3617
|
+
# custom_response_body_key: "EntityName",
|
3618
|
+
# response_headers: [
|
3619
|
+
# {
|
3620
|
+
# name: "CustomHTTPHeaderName", # required
|
3621
|
+
# value: "CustomHTTPHeaderValue", # required
|
3622
|
+
# },
|
3623
|
+
# ],
|
3624
|
+
# },
|
3625
|
+
# },
|
3626
|
+
# allow: {
|
3627
|
+
# custom_request_handling: {
|
3628
|
+
# insert_headers: [ # required
|
3629
|
+
# {
|
3630
|
+
# name: "CustomHTTPHeaderName", # required
|
3631
|
+
# value: "CustomHTTPHeaderValue", # required
|
3632
|
+
# },
|
3633
|
+
# ],
|
3634
|
+
# },
|
3635
|
+
# },
|
3636
|
+
# count: {
|
3637
|
+
# custom_request_handling: {
|
3638
|
+
# insert_headers: [ # required
|
3639
|
+
# {
|
3640
|
+
# name: "CustomHTTPHeaderName", # required
|
3641
|
+
# value: "CustomHTTPHeaderValue", # required
|
3642
|
+
# },
|
3643
|
+
# ],
|
3644
|
+
# },
|
3645
|
+
# },
|
3646
|
+
# captcha: {
|
3647
|
+
# custom_request_handling: {
|
3648
|
+
# insert_headers: [ # required
|
3649
|
+
# {
|
3650
|
+
# name: "CustomHTTPHeaderName", # required
|
3651
|
+
# value: "CustomHTTPHeaderValue", # required
|
3652
|
+
# },
|
3653
|
+
# ],
|
3654
|
+
# },
|
3655
|
+
# },
|
3656
|
+
# challenge: {
|
3657
|
+
# custom_request_handling: {
|
3658
|
+
# insert_headers: [ # required
|
3659
|
+
# {
|
3660
|
+
# name: "CustomHTTPHeaderName", # required
|
3661
|
+
# value: "CustomHTTPHeaderValue", # required
|
3662
|
+
# },
|
3663
|
+
# ],
|
3664
|
+
# },
|
3665
|
+
# },
|
3666
|
+
# },
|
2983
3667
|
# },
|
2984
3668
|
# ],
|
2985
3669
|
# },
|
@@ -3089,6 +3773,16 @@ module Aws::WAFV2
|
|
3089
3773
|
# ],
|
3090
3774
|
# },
|
3091
3775
|
# },
|
3776
|
+
# challenge: {
|
3777
|
+
# custom_request_handling: {
|
3778
|
+
# insert_headers: [ # required
|
3779
|
+
# {
|
3780
|
+
# name: "CustomHTTPHeaderName", # required
|
3781
|
+
# value: "CustomHTTPHeaderValue", # required
|
3782
|
+
# },
|
3783
|
+
# ],
|
3784
|
+
# },
|
3785
|
+
# },
|
3092
3786
|
# },
|
3093
3787
|
# override_action: {
|
3094
3788
|
# count: {
|
@@ -3119,6 +3813,11 @@ module Aws::WAFV2
|
|
3119
3813
|
# immunity_time: 1, # required
|
3120
3814
|
# },
|
3121
3815
|
# },
|
3816
|
+
# challenge_config: {
|
3817
|
+
# immunity_time_property: {
|
3818
|
+
# immunity_time: 1, # required
|
3819
|
+
# },
|
3820
|
+
# },
|
3122
3821
|
# },
|
3123
3822
|
# ],
|
3124
3823
|
# visibility_config: { # required
|
@@ -3143,6 +3842,12 @@ module Aws::WAFV2
|
|
3143
3842
|
# immunity_time: 1, # required
|
3144
3843
|
# },
|
3145
3844
|
# },
|
3845
|
+
# challenge_config: {
|
3846
|
+
# immunity_time_property: {
|
3847
|
+
# immunity_time: 1, # required
|
3848
|
+
# },
|
3849
|
+
# },
|
3850
|
+
# token_domains: ["TokenDomain"],
|
3146
3851
|
# }
|
3147
3852
|
#
|
3148
3853
|
# @!attribute [rw] name
|
@@ -3217,6 +3922,26 @@ module Aws::WAFV2
|
|
3217
3922
|
# specify this, WAF uses its default settings for `CaptchaConfig`.
|
3218
3923
|
# @return [Types::CaptchaConfig]
|
3219
3924
|
#
|
3925
|
+
# @!attribute [rw] challenge_config
|
3926
|
+
# Specifies how WAF should handle challenge evaluations for rules that
|
3927
|
+
# don't have their own `ChallengeConfig` settings. If you don't
|
3928
|
+
# specify this, WAF uses its default settings for `ChallengeConfig`.
|
3929
|
+
# @return [Types::ChallengeConfig]
|
3930
|
+
#
|
3931
|
+
# @!attribute [rw] token_domains
|
3932
|
+
# Specifies the domains that WAF should accept in a web request token.
|
3933
|
+
# This enables the use of tokens across multiple protected websites.
|
3934
|
+
# When WAF provides a token, it uses the domain of the Amazon Web
|
3935
|
+
# Services resource that the web ACL is protecting. If you don't
|
3936
|
+
# specify a list of token domains, WAF accepts tokens only for the
|
3937
|
+
# domain of the protected resource. With a token domain list, WAF
|
3938
|
+
# accepts the resource's host domain plus all domains in the token
|
3939
|
+
# domain list, including their prefixed subdomains.
|
3940
|
+
#
|
3941
|
+
# Example JSON: `"TokenDomains": \{ "mywebsite.com",
|
3942
|
+
# "myotherwebsite.com" \}`
|
3943
|
+
# @return [Array<String>]
|
3944
|
+
#
|
3220
3945
|
# @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/CreateWebACLRequest AWS API Documentation
|
3221
3946
|
#
|
3222
3947
|
class CreateWebACLRequest < Struct.new(
|
@@ -3228,7 +3953,9 @@ module Aws::WAFV2
|
|
3228
3953
|
:visibility_config,
|
3229
3954
|
:tags,
|
3230
3955
|
:custom_response_bodies,
|
3231
|
-
:captcha_config
|
3956
|
+
:captcha_config,
|
3957
|
+
:challenge_config,
|
3958
|
+
:token_domains)
|
3232
3959
|
SENSITIVE = []
|
3233
3960
|
include Aws::Structure
|
3234
3961
|
end
|
@@ -3283,8 +4010,9 @@ module Aws::WAFV2
|
|
3283
4010
|
end
|
3284
4011
|
|
3285
4012
|
# Custom request handling behavior that inserts custom headers into a
|
3286
|
-
# web request. You can add custom request handling for
|
3287
|
-
#
|
4013
|
+
# web request. You can add custom request handling for WAF to use when
|
4014
|
+
# the rule action doesn't block the request. For example,
|
4015
|
+
# `CaptchaAction` for requests with valid t okens, and `AllowAction`.
|
3288
4016
|
#
|
3289
4017
|
# For information about customizing web requests and responses, see
|
3290
4018
|
# [Customizing web requests and responses in WAF][1] in the [WAF
|
@@ -4015,10 +4743,12 @@ module Aws::WAFV2
|
|
4015
4743
|
class DisassociateWebACLResponse < Aws::EmptyStructure; end
|
4016
4744
|
|
4017
4745
|
# Specifies a single rule in a rule group whose action you want to
|
4018
|
-
# override to `Count`.
|
4019
|
-
#
|
4020
|
-
#
|
4021
|
-
#
|
4746
|
+
# override to `Count`.
|
4747
|
+
#
|
4748
|
+
# <note markdown="1"> Instead of this option, use `RuleActionOverrides`. It accepts any
|
4749
|
+
# valid action setting, including `Count`.
|
4750
|
+
#
|
4751
|
+
# </note>
|
4022
4752
|
#
|
4023
4753
|
# @note When making an API call, you may pass ExcludedRule
|
4024
4754
|
# data as a hash:
|
@@ -4223,7 +4953,7 @@ module Aws::WAFV2
|
|
4223
4953
|
# conditions: [ # required
|
4224
4954
|
# {
|
4225
4955
|
# action_condition: {
|
4226
|
-
# action: "ALLOW", # required, accepts ALLOW, BLOCK, COUNT, CAPTCHA, EXCLUDED_AS_COUNT
|
4956
|
+
# action: "ALLOW", # required, accepts ALLOW, BLOCK, COUNT, CAPTCHA, CHALLENGE, EXCLUDED_AS_COUNT
|
4227
4957
|
# },
|
4228
4958
|
# label_name_condition: {
|
4229
4959
|
# label_name: "LabelName", # required
|
@@ -4290,8 +5020,9 @@ module Aws::WAFV2
|
|
4290
5020
|
#
|
4291
5021
|
# <note markdown="1"> This option is usually set to none. It does not affect how the rules
|
4292
5022
|
# in the rule group are evaluated. If you want the rules in the rule
|
4293
|
-
# group to only count matches, do not use this and instead
|
4294
|
-
#
|
5023
|
+
# group to only count matches, do not use this and instead use the
|
5024
|
+
# rule action override option, with `Count` action, in your rule group
|
5025
|
+
# reference statement settings.
|
4295
5026
|
#
|
4296
5027
|
# </note>
|
4297
5028
|
# @return [Types::OverrideAction]
|
@@ -4460,13 +5191,46 @@ module Aws::WAFV2
|
|
4460
5191
|
include Aws::Structure
|
4461
5192
|
end
|
4462
5193
|
|
4463
|
-
# A rule statement
|
4464
|
-
#
|
5194
|
+
# A rule statement that labels web requests by country and region and
|
5195
|
+
# that matches against web requests based on country code. A geo match
|
5196
|
+
# rule labels every request that it inspects regardless of whether it
|
5197
|
+
# finds a match.
|
4465
5198
|
#
|
4466
|
-
#
|
4467
|
-
#
|
5199
|
+
# * To manage requests only by country, you can use this statement by
|
5200
|
+
# itself and specify the countries that you want to match against in
|
5201
|
+
# the `CountryCodes` array.
|
4468
5202
|
#
|
4469
|
-
#
|
5203
|
+
# * Otherwise, configure your geo match rule with Count action so that
|
5204
|
+
# it only labels requests. Then, add one or more label match rules to
|
5205
|
+
# run after the geo match rule and configure them to match against the
|
5206
|
+
# geographic labels and handle the requests as needed.
|
5207
|
+
#
|
5208
|
+
# WAF labels requests using the alpha-2 country and region codes from
|
5209
|
+
# the International Organization for Standardization (ISO) 3166
|
5210
|
+
# standard. WAF determines the codes using either the IP address in the
|
5211
|
+
# web request origin or, if you specify it, the address in the geo match
|
5212
|
+
# `ForwardedIPConfig`.
|
5213
|
+
#
|
5214
|
+
# If you use the web request origin, the label formats are
|
5215
|
+
# `awswaf:clientip:geo:region:<ISO country code>-<ISO region code>` and
|
5216
|
+
# `awswaf:clientip:geo:country:<ISO country code>`.
|
5217
|
+
#
|
5218
|
+
# If you use a forwarded IP address, the label formats are
|
5219
|
+
# `awswaf:forwardedip:geo:region:<ISO country code>-<ISO region code>`
|
5220
|
+
# and `awswaf:forwardedip:geo:country:<ISO country code>`.
|
5221
|
+
#
|
5222
|
+
# For additional details, see [Geographic match rule statement][1] in
|
5223
|
+
# the [WAF Developer Guide][2].
|
5224
|
+
#
|
5225
|
+
#
|
5226
|
+
#
|
5227
|
+
# [1]: https://docs.aws.amazon.com/waf/latest/developerguide/waf-rule-statement-type-geo-match.html
|
5228
|
+
# [2]: https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html
|
5229
|
+
#
|
5230
|
+
# @note When making an API call, you may pass GeoMatchStatement
|
5231
|
+
# data as a hash:
|
5232
|
+
#
|
5233
|
+
# {
|
4470
5234
|
# country_codes: ["AF"], # accepts AF, AX, AL, DZ, AS, AD, AO, AI, AQ, AG, AR, AM, AW, AU, AT, AZ, BS, BH, BD, BB, BY, BE, BZ, BJ, BM, BT, BO, BQ, BA, BW, BV, BR, IO, BN, BG, BF, BI, KH, CM, CA, CV, KY, CF, TD, CL, CN, CX, CC, CO, KM, CG, CD, CK, CR, CI, HR, CU, CW, CY, CZ, DK, DJ, DM, DO, EC, EG, SV, GQ, ER, EE, ET, FK, FO, FJ, FI, FR, GF, PF, TF, GA, GM, GE, DE, GH, GI, GR, GL, GD, GP, GU, GT, GG, GN, GW, GY, HT, HM, VA, HN, HK, HU, IS, IN, ID, IR, IQ, IE, IM, IL, IT, JM, JP, JE, JO, KZ, KE, KI, KP, KR, KW, KG, LA, LV, LB, LS, LR, LY, LI, LT, LU, MO, MK, MG, MW, MY, MV, ML, MT, MH, MQ, MR, MU, YT, MX, FM, MD, MC, MN, ME, MS, MA, MZ, MM, NA, NR, NP, NL, NC, NZ, NI, NE, NG, NU, NF, MP, NO, OM, PK, PW, PS, PA, PG, PY, PE, PH, PN, PL, PT, PR, QA, RE, RO, RU, RW, BL, SH, KN, LC, MF, PM, VC, WS, SM, ST, SA, SN, RS, SC, SL, SG, SX, SK, SI, SB, SO, ZA, GS, SS, ES, LK, SD, SR, SJ, SZ, SE, CH, SY, TW, TJ, TZ, TH, TL, TG, TK, TO, TT, TN, TR, TM, TC, TV, UG, UA, AE, GB, US, UM, UY, UZ, VU, VE, VN, VG, VI, WF, EH, YE, ZM, ZW, XK
|
4471
5235
|
# forwarded_ip_config: {
|
4472
5236
|
# header_name: "ForwardedIPHeaderName", # required
|
@@ -4475,9 +5239,17 @@ module Aws::WAFV2
|
|
4475
5239
|
# }
|
4476
5240
|
#
|
4477
5241
|
# @!attribute [rw] country_codes
|
4478
|
-
# An array of two-character country codes
|
4479
|
-
# ]`, from the alpha-2 country ISO
|
4480
|
-
# standard.
|
5242
|
+
# An array of two-character country codes that you want to match
|
5243
|
+
# against, for example, `[ "US", "CN" ]`, from the alpha-2 country ISO
|
5244
|
+
# codes of the ISO 3166 international standard.
|
5245
|
+
#
|
5246
|
+
# When you use a geo match statement just for the region and country
|
5247
|
+
# labels that it adds to requests, you still have to supply a country
|
5248
|
+
# code for the rule to evaluate. In this case, you configure the rule
|
5249
|
+
# to only count matching requests, but it will still generate logging
|
5250
|
+
# and count metrics for any matches. You can reduce the logging and
|
5251
|
+
# metrics that the rule produces by specifying a country that's
|
5252
|
+
# unlikely to be a source of traffic to your site.
|
4481
5253
|
# @return [Array<String>]
|
4482
5254
|
#
|
4483
5255
|
# @!attribute [rw] forwarded_ip_config
|
@@ -5671,8 +6443,9 @@ module Aws::WAFV2
|
|
5671
6443
|
include Aws::Structure
|
5672
6444
|
end
|
5673
6445
|
|
5674
|
-
#
|
5675
|
-
#
|
6446
|
+
# Used for CAPTCHA and challenge token settings. Determines how long a
|
6447
|
+
# `CAPTCHA` or challenge timestamp remains valid after WAF updates it
|
6448
|
+
# for a successful `CAPTCHA` or challenge response.
|
5676
6449
|
#
|
5677
6450
|
# @note When making an API call, you may pass ImmunityTimeProperty
|
5678
6451
|
# data as a hash:
|
@@ -5682,8 +6455,10 @@ module Aws::WAFV2
|
|
5682
6455
|
# }
|
5683
6456
|
#
|
5684
6457
|
# @!attribute [rw] immunity_time
|
5685
|
-
# The amount of time, in seconds, that a `CAPTCHA`
|
5686
|
-
# default setting is 300.
|
6458
|
+
# The amount of time, in seconds, that a `CAPTCHA` or challenge
|
6459
|
+
# timestamp is considered valid by WAF. The default setting is 300.
|
6460
|
+
#
|
6461
|
+
# For the Challenge action, the minimum setting is 300.
|
5687
6462
|
# @return [Integer]
|
5688
6463
|
#
|
5689
6464
|
# @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/ImmunityTimeProperty AWS API Documentation
|
@@ -5874,9 +6649,8 @@ module Aws::WAFV2
|
|
5874
6649
|
include Aws::Structure
|
5875
6650
|
end
|
5876
6651
|
|
5877
|
-
# A rule statement
|
5878
|
-
#
|
5879
|
-
# in the web ACL.
|
6652
|
+
# A rule statement to match against labels that have been added to the
|
6653
|
+
# web request by rules that have already run in the web ACL.
|
5880
6654
|
#
|
5881
6655
|
# The label match statement provides the label or namespace string to
|
5882
6656
|
# search for. The label string can represent a part or all of the fully
|
@@ -6819,7 +7593,7 @@ module Aws::WAFV2
|
|
6819
7593
|
# conditions: [ # required
|
6820
7594
|
# {
|
6821
7595
|
# action_condition: {
|
6822
|
-
# action: "ALLOW", # required, accepts ALLOW, BLOCK, COUNT, CAPTCHA, EXCLUDED_AS_COUNT
|
7596
|
+
# action: "ALLOW", # required, accepts ALLOW, BLOCK, COUNT, CAPTCHA, CHALLENGE, EXCLUDED_AS_COUNT
|
6823
7597
|
# },
|
6824
7598
|
# label_name_condition: {
|
6825
7599
|
# label_name: "LabelName", # required
|
@@ -6899,7 +7673,7 @@ module Aws::WAFV2
|
|
6899
7673
|
# conditions: [ # required
|
6900
7674
|
# {
|
6901
7675
|
# action_condition: {
|
6902
|
-
# action: "ALLOW", # required, accepts ALLOW, BLOCK, COUNT, CAPTCHA, EXCLUDED_AS_COUNT
|
7676
|
+
# action: "ALLOW", # required, accepts ALLOW, BLOCK, COUNT, CAPTCHA, CHALLENGE, EXCLUDED_AS_COUNT
|
6903
7677
|
# },
|
6904
7678
|
# label_name_condition: {
|
6905
7679
|
# label_name: "LabelName", # required
|
@@ -6929,19 +7703,12 @@ module Aws::WAFV2
|
|
6929
7703
|
include Aws::Structure
|
6930
7704
|
end
|
6931
7705
|
|
6932
|
-
# Additional information that's used by a managed rule group.
|
7706
|
+
# Additional information that's used by a managed rule group. Many
|
6933
7707
|
# managed rule groups don't require this.
|
6934
7708
|
#
|
6935
|
-
# Use
|
6936
|
-
#
|
6937
|
-
#
|
6938
|
-
#
|
6939
|
-
# You can provide multiple individual `ManagedRuleGroupConfig` objects
|
6940
|
-
# for any rule group configuration, for example `UsernameField` and
|
6941
|
-
# `PasswordField`. The configuration that you provide depends on the
|
6942
|
-
# needs of the managed rule group. For the ATP managed rule group, you
|
6943
|
-
# provide the following individual configuration objects: `LoginPath`,
|
6944
|
-
# `PasswordField`, `PayloadType` and `UsernameField`.
|
7709
|
+
# Use the `AWSManagedRulesBotControlRuleSet` configuration object to
|
7710
|
+
# configure the protection level that you want the Bot Control rule
|
7711
|
+
# group to use.
|
6945
7712
|
#
|
6946
7713
|
# For example specifications, see the examples section of CreateWebACL.
|
6947
7714
|
#
|
@@ -6957,6 +7724,9 @@ module Aws::WAFV2
|
|
6957
7724
|
# password_field: {
|
6958
7725
|
# identifier: "FieldIdentifier", # required
|
6959
7726
|
# },
|
7727
|
+
# aws_managed_rules_bot_control_rule_set: {
|
7728
|
+
# inspection_level: "COMMON", # required, accepts COMMON, TARGETED
|
7729
|
+
# },
|
6960
7730
|
# }
|
6961
7731
|
#
|
6962
7732
|
# @!attribute [rw] login_path
|
@@ -6978,13 +7748,27 @@ module Aws::WAFV2
|
|
6978
7748
|
# Details about your login page password field.
|
6979
7749
|
# @return [Types::PasswordField]
|
6980
7750
|
#
|
7751
|
+
# @!attribute [rw] aws_managed_rules_bot_control_rule_set
|
7752
|
+
# Additional configuration for using the Bot Control managed rule
|
7753
|
+
# group. Use this to specify the inspection level that you want to
|
7754
|
+
# use. For information about using the Bot Control managed rule group,
|
7755
|
+
# see [WAF Bot Control rule group][1] and [WAF Bot Control][2] in the
|
7756
|
+
# *WAF Developer Guide*.
|
7757
|
+
#
|
7758
|
+
#
|
7759
|
+
#
|
7760
|
+
# [1]: https://docs.aws.amazon.com/waf/latest/developerguide/aws-managed-rule-groups-bot.html
|
7761
|
+
# [2]: https://docs.aws.amazon.com/waf/latest/developerguide/waf-bot-control.html
|
7762
|
+
# @return [Types::AWSManagedRulesBotControlRuleSet]
|
7763
|
+
#
|
6981
7764
|
# @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/ManagedRuleGroupConfig AWS API Documentation
|
6982
7765
|
#
|
6983
7766
|
class ManagedRuleGroupConfig < Struct.new(
|
6984
7767
|
:login_path,
|
6985
7768
|
:payload_type,
|
6986
7769
|
:username_field,
|
6987
|
-
:password_field
|
7770
|
+
:password_field,
|
7771
|
+
:aws_managed_rules_bot_control_rule_set)
|
6988
7772
|
SENSITIVE = []
|
6989
7773
|
include Aws::Structure
|
6990
7774
|
end
|
@@ -7270,6 +8054,65 @@ module Aws::WAFV2
|
|
7270
8054
|
# name: "EntityName", # required
|
7271
8055
|
# },
|
7272
8056
|
# ],
|
8057
|
+
# rule_action_overrides: [
|
8058
|
+
# {
|
8059
|
+
# name: "EntityName", # required
|
8060
|
+
# action_to_use: { # required
|
8061
|
+
# block: {
|
8062
|
+
# custom_response: {
|
8063
|
+
# response_code: 1, # required
|
8064
|
+
# custom_response_body_key: "EntityName",
|
8065
|
+
# response_headers: [
|
8066
|
+
# {
|
8067
|
+
# name: "CustomHTTPHeaderName", # required
|
8068
|
+
# value: "CustomHTTPHeaderValue", # required
|
8069
|
+
# },
|
8070
|
+
# ],
|
8071
|
+
# },
|
8072
|
+
# },
|
8073
|
+
# allow: {
|
8074
|
+
# custom_request_handling: {
|
8075
|
+
# insert_headers: [ # required
|
8076
|
+
# {
|
8077
|
+
# name: "CustomHTTPHeaderName", # required
|
8078
|
+
# value: "CustomHTTPHeaderValue", # required
|
8079
|
+
# },
|
8080
|
+
# ],
|
8081
|
+
# },
|
8082
|
+
# },
|
8083
|
+
# count: {
|
8084
|
+
# custom_request_handling: {
|
8085
|
+
# insert_headers: [ # required
|
8086
|
+
# {
|
8087
|
+
# name: "CustomHTTPHeaderName", # required
|
8088
|
+
# value: "CustomHTTPHeaderValue", # required
|
8089
|
+
# },
|
8090
|
+
# ],
|
8091
|
+
# },
|
8092
|
+
# },
|
8093
|
+
# captcha: {
|
8094
|
+
# custom_request_handling: {
|
8095
|
+
# insert_headers: [ # required
|
8096
|
+
# {
|
8097
|
+
# name: "CustomHTTPHeaderName", # required
|
8098
|
+
# value: "CustomHTTPHeaderValue", # required
|
8099
|
+
# },
|
8100
|
+
# ],
|
8101
|
+
# },
|
8102
|
+
# },
|
8103
|
+
# challenge: {
|
8104
|
+
# custom_request_handling: {
|
8105
|
+
# insert_headers: [ # required
|
8106
|
+
# {
|
8107
|
+
# name: "CustomHTTPHeaderName", # required
|
8108
|
+
# value: "CustomHTTPHeaderValue", # required
|
8109
|
+
# },
|
8110
|
+
# ],
|
8111
|
+
# },
|
8112
|
+
# },
|
8113
|
+
# },
|
8114
|
+
# },
|
8115
|
+
# ],
|
7273
8116
|
# },
|
7274
8117
|
# ip_set_reference_statement: {
|
7275
8118
|
# arn: "ResourceArn", # required
|
@@ -7389,6 +8232,68 @@ module Aws::WAFV2
|
|
7389
8232
|
# password_field: {
|
7390
8233
|
# identifier: "FieldIdentifier", # required
|
7391
8234
|
# },
|
8235
|
+
# aws_managed_rules_bot_control_rule_set: {
|
8236
|
+
# inspection_level: "COMMON", # required, accepts COMMON, TARGETED
|
8237
|
+
# },
|
8238
|
+
# },
|
8239
|
+
# ],
|
8240
|
+
# rule_action_overrides: [
|
8241
|
+
# {
|
8242
|
+
# name: "EntityName", # required
|
8243
|
+
# action_to_use: { # required
|
8244
|
+
# block: {
|
8245
|
+
# custom_response: {
|
8246
|
+
# response_code: 1, # required
|
8247
|
+
# custom_response_body_key: "EntityName",
|
8248
|
+
# response_headers: [
|
8249
|
+
# {
|
8250
|
+
# name: "CustomHTTPHeaderName", # required
|
8251
|
+
# value: "CustomHTTPHeaderValue", # required
|
8252
|
+
# },
|
8253
|
+
# ],
|
8254
|
+
# },
|
8255
|
+
# },
|
8256
|
+
# allow: {
|
8257
|
+
# custom_request_handling: {
|
8258
|
+
# insert_headers: [ # required
|
8259
|
+
# {
|
8260
|
+
# name: "CustomHTTPHeaderName", # required
|
8261
|
+
# value: "CustomHTTPHeaderValue", # required
|
8262
|
+
# },
|
8263
|
+
# ],
|
8264
|
+
# },
|
8265
|
+
# },
|
8266
|
+
# count: {
|
8267
|
+
# custom_request_handling: {
|
8268
|
+
# insert_headers: [ # required
|
8269
|
+
# {
|
8270
|
+
# name: "CustomHTTPHeaderName", # required
|
8271
|
+
# value: "CustomHTTPHeaderValue", # required
|
8272
|
+
# },
|
8273
|
+
# ],
|
8274
|
+
# },
|
8275
|
+
# },
|
8276
|
+
# captcha: {
|
8277
|
+
# custom_request_handling: {
|
8278
|
+
# insert_headers: [ # required
|
8279
|
+
# {
|
8280
|
+
# name: "CustomHTTPHeaderName", # required
|
8281
|
+
# value: "CustomHTTPHeaderValue", # required
|
8282
|
+
# },
|
8283
|
+
# ],
|
8284
|
+
# },
|
8285
|
+
# },
|
8286
|
+
# challenge: {
|
8287
|
+
# custom_request_handling: {
|
8288
|
+
# insert_headers: [ # required
|
8289
|
+
# {
|
8290
|
+
# name: "CustomHTTPHeaderName", # required
|
8291
|
+
# value: "CustomHTTPHeaderValue", # required
|
8292
|
+
# },
|
8293
|
+
# ],
|
8294
|
+
# },
|
8295
|
+
# },
|
8296
|
+
# },
|
7392
8297
|
# },
|
7393
8298
|
# ],
|
7394
8299
|
# },
|
@@ -7465,6 +8370,68 @@ module Aws::WAFV2
|
|
7465
8370
|
# password_field: {
|
7466
8371
|
# identifier: "FieldIdentifier", # required
|
7467
8372
|
# },
|
8373
|
+
# aws_managed_rules_bot_control_rule_set: {
|
8374
|
+
# inspection_level: "COMMON", # required, accepts COMMON, TARGETED
|
8375
|
+
# },
|
8376
|
+
# },
|
8377
|
+
# ],
|
8378
|
+
# rule_action_overrides: [
|
8379
|
+
# {
|
8380
|
+
# name: "EntityName", # required
|
8381
|
+
# action_to_use: { # required
|
8382
|
+
# block: {
|
8383
|
+
# custom_response: {
|
8384
|
+
# response_code: 1, # required
|
8385
|
+
# custom_response_body_key: "EntityName",
|
8386
|
+
# response_headers: [
|
8387
|
+
# {
|
8388
|
+
# name: "CustomHTTPHeaderName", # required
|
8389
|
+
# value: "CustomHTTPHeaderValue", # required
|
8390
|
+
# },
|
8391
|
+
# ],
|
8392
|
+
# },
|
8393
|
+
# },
|
8394
|
+
# allow: {
|
8395
|
+
# custom_request_handling: {
|
8396
|
+
# insert_headers: [ # required
|
8397
|
+
# {
|
8398
|
+
# name: "CustomHTTPHeaderName", # required
|
8399
|
+
# value: "CustomHTTPHeaderValue", # required
|
8400
|
+
# },
|
8401
|
+
# ],
|
8402
|
+
# },
|
8403
|
+
# },
|
8404
|
+
# count: {
|
8405
|
+
# custom_request_handling: {
|
8406
|
+
# insert_headers: [ # required
|
8407
|
+
# {
|
8408
|
+
# name: "CustomHTTPHeaderName", # required
|
8409
|
+
# value: "CustomHTTPHeaderValue", # required
|
8410
|
+
# },
|
8411
|
+
# ],
|
8412
|
+
# },
|
8413
|
+
# },
|
8414
|
+
# captcha: {
|
8415
|
+
# custom_request_handling: {
|
8416
|
+
# insert_headers: [ # required
|
8417
|
+
# {
|
8418
|
+
# name: "CustomHTTPHeaderName", # required
|
8419
|
+
# value: "CustomHTTPHeaderValue", # required
|
8420
|
+
# },
|
8421
|
+
# ],
|
8422
|
+
# },
|
8423
|
+
# },
|
8424
|
+
# challenge: {
|
8425
|
+
# custom_request_handling: {
|
8426
|
+
# insert_headers: [ # required
|
8427
|
+
# {
|
8428
|
+
# name: "CustomHTTPHeaderName", # required
|
8429
|
+
# value: "CustomHTTPHeaderValue", # required
|
8430
|
+
# },
|
8431
|
+
# ],
|
8432
|
+
# },
|
8433
|
+
# },
|
8434
|
+
# },
|
7468
8435
|
# },
|
7469
8436
|
# ],
|
7470
8437
|
# }
|
@@ -7488,11 +8455,12 @@ module Aws::WAFV2
|
|
7488
8455
|
# @return [String]
|
7489
8456
|
#
|
7490
8457
|
# @!attribute [rw] excluded_rules
|
7491
|
-
#
|
7492
|
-
#
|
7493
|
-
#
|
7494
|
-
#
|
7495
|
-
#
|
8458
|
+
# Rules in the referenced rule group whose actions are set to `Count`.
|
8459
|
+
#
|
8460
|
+
# <note markdown="1"> Instead of this option, use `RuleActionOverrides`. It accepts any
|
8461
|
+
# valid action setting, including `Count`.
|
8462
|
+
#
|
8463
|
+
# </note>
|
7496
8464
|
# @return [Array<Types::ExcludedRule>]
|
7497
8465
|
#
|
7498
8466
|
# @!attribute [rw] scope_down_statement
|
@@ -7505,21 +8473,26 @@ module Aws::WAFV2
|
|
7505
8473
|
# @return [Types::Statement]
|
7506
8474
|
#
|
7507
8475
|
# @!attribute [rw] managed_rule_group_configs
|
7508
|
-
# Additional information that's used by a managed rule group.
|
8476
|
+
# Additional information that's used by a managed rule group. Many
|
7509
8477
|
# managed rule groups don't require this.
|
7510
8478
|
#
|
7511
|
-
# Use
|
7512
|
-
#
|
7513
|
-
#
|
7514
|
-
#
|
7515
|
-
# You can provide multiple individual `ManagedRuleGroupConfig` objects
|
7516
|
-
# for any rule group configuration, for example `UsernameField` and
|
7517
|
-
# `PasswordField`. The configuration that you provide depends on the
|
7518
|
-
# needs of the managed rule group. For the ATP managed rule group, you
|
7519
|
-
# provide the following individual configuration objects: `LoginPath`,
|
7520
|
-
# `PasswordField`, `PayloadType` and `UsernameField`.
|
8479
|
+
# Use the `AWSManagedRulesBotControlRuleSet` configuration object to
|
8480
|
+
# configure the protection level that you want the Bot Control rule
|
8481
|
+
# group to use.
|
7521
8482
|
# @return [Array<Types::ManagedRuleGroupConfig>]
|
7522
8483
|
#
|
8484
|
+
# @!attribute [rw] rule_action_overrides
|
8485
|
+
# Action settings to use in the place of the rule actions that are
|
8486
|
+
# configured inside the rule group. You specify one override for each
|
8487
|
+
# rule whose action you want to change.
|
8488
|
+
#
|
8489
|
+
# You can use overrides for testing, for example you can override all
|
8490
|
+
# of rule actions to `Count` and then monitor the resulting count
|
8491
|
+
# metrics to understand how the rule group would handle your web
|
8492
|
+
# traffic. You can also permanently override some or all actions, to
|
8493
|
+
# modify how the rule group manages your web traffic.
|
8494
|
+
# @return [Array<Types::RuleActionOverride>]
|
8495
|
+
#
|
7523
8496
|
# @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/ManagedRuleGroupStatement AWS API Documentation
|
7524
8497
|
#
|
7525
8498
|
class ManagedRuleGroupStatement < Struct.new(
|
@@ -7528,7 +8501,8 @@ module Aws::WAFV2
|
|
7528
8501
|
:version,
|
7529
8502
|
:excluded_rules,
|
7530
8503
|
:scope_down_statement,
|
7531
|
-
:managed_rule_group_configs
|
8504
|
+
:managed_rule_group_configs,
|
8505
|
+
:rule_action_overrides)
|
7532
8506
|
SENSITIVE = []
|
7533
8507
|
include Aws::Structure
|
7534
8508
|
end
|
@@ -7842,10 +8816,10 @@ module Aws::WAFV2
|
|
7842
8816
|
# and tags.
|
7843
8817
|
#
|
7844
8818
|
# The mobile SDK is not generally available. Customers who have access
|
7845
|
-
# to the mobile SDK can use it to establish and manage
|
7846
|
-
#
|
7847
|
-
#
|
7848
|
-
#
|
8819
|
+
# to the mobile SDK can use it to establish and manage WAF tokens for
|
8820
|
+
# use in HTTP(S) requests from a mobile device to WAF. For more
|
8821
|
+
# information, see [WAF client application integration][1] in the *WAF
|
8822
|
+
# Developer Guide*.
|
7849
8823
|
#
|
7850
8824
|
#
|
7851
8825
|
#
|
@@ -8148,6 +9122,65 @@ module Aws::WAFV2
|
|
8148
9122
|
# name: "EntityName", # required
|
8149
9123
|
# },
|
8150
9124
|
# ],
|
9125
|
+
# rule_action_overrides: [
|
9126
|
+
# {
|
9127
|
+
# name: "EntityName", # required
|
9128
|
+
# action_to_use: { # required
|
9129
|
+
# block: {
|
9130
|
+
# custom_response: {
|
9131
|
+
# response_code: 1, # required
|
9132
|
+
# custom_response_body_key: "EntityName",
|
9133
|
+
# response_headers: [
|
9134
|
+
# {
|
9135
|
+
# name: "CustomHTTPHeaderName", # required
|
9136
|
+
# value: "CustomHTTPHeaderValue", # required
|
9137
|
+
# },
|
9138
|
+
# ],
|
9139
|
+
# },
|
9140
|
+
# },
|
9141
|
+
# allow: {
|
9142
|
+
# custom_request_handling: {
|
9143
|
+
# insert_headers: [ # required
|
9144
|
+
# {
|
9145
|
+
# name: "CustomHTTPHeaderName", # required
|
9146
|
+
# value: "CustomHTTPHeaderValue", # required
|
9147
|
+
# },
|
9148
|
+
# ],
|
9149
|
+
# },
|
9150
|
+
# },
|
9151
|
+
# count: {
|
9152
|
+
# custom_request_handling: {
|
9153
|
+
# insert_headers: [ # required
|
9154
|
+
# {
|
9155
|
+
# name: "CustomHTTPHeaderName", # required
|
9156
|
+
# value: "CustomHTTPHeaderValue", # required
|
9157
|
+
# },
|
9158
|
+
# ],
|
9159
|
+
# },
|
9160
|
+
# },
|
9161
|
+
# captcha: {
|
9162
|
+
# custom_request_handling: {
|
9163
|
+
# insert_headers: [ # required
|
9164
|
+
# {
|
9165
|
+
# name: "CustomHTTPHeaderName", # required
|
9166
|
+
# value: "CustomHTTPHeaderValue", # required
|
9167
|
+
# },
|
9168
|
+
# ],
|
9169
|
+
# },
|
9170
|
+
# },
|
9171
|
+
# challenge: {
|
9172
|
+
# custom_request_handling: {
|
9173
|
+
# insert_headers: [ # required
|
9174
|
+
# {
|
9175
|
+
# name: "CustomHTTPHeaderName", # required
|
9176
|
+
# value: "CustomHTTPHeaderValue", # required
|
9177
|
+
# },
|
9178
|
+
# ],
|
9179
|
+
# },
|
9180
|
+
# },
|
9181
|
+
# },
|
9182
|
+
# },
|
9183
|
+
# ],
|
8151
9184
|
# },
|
8152
9185
|
# ip_set_reference_statement: {
|
8153
9186
|
# arn: "ResourceArn", # required
|
@@ -8267,6 +9300,68 @@ module Aws::WAFV2
|
|
8267
9300
|
# password_field: {
|
8268
9301
|
# identifier: "FieldIdentifier", # required
|
8269
9302
|
# },
|
9303
|
+
# aws_managed_rules_bot_control_rule_set: {
|
9304
|
+
# inspection_level: "COMMON", # required, accepts COMMON, TARGETED
|
9305
|
+
# },
|
9306
|
+
# },
|
9307
|
+
# ],
|
9308
|
+
# rule_action_overrides: [
|
9309
|
+
# {
|
9310
|
+
# name: "EntityName", # required
|
9311
|
+
# action_to_use: { # required
|
9312
|
+
# block: {
|
9313
|
+
# custom_response: {
|
9314
|
+
# response_code: 1, # required
|
9315
|
+
# custom_response_body_key: "EntityName",
|
9316
|
+
# response_headers: [
|
9317
|
+
# {
|
9318
|
+
# name: "CustomHTTPHeaderName", # required
|
9319
|
+
# value: "CustomHTTPHeaderValue", # required
|
9320
|
+
# },
|
9321
|
+
# ],
|
9322
|
+
# },
|
9323
|
+
# },
|
9324
|
+
# allow: {
|
9325
|
+
# custom_request_handling: {
|
9326
|
+
# insert_headers: [ # required
|
9327
|
+
# {
|
9328
|
+
# name: "CustomHTTPHeaderName", # required
|
9329
|
+
# value: "CustomHTTPHeaderValue", # required
|
9330
|
+
# },
|
9331
|
+
# ],
|
9332
|
+
# },
|
9333
|
+
# },
|
9334
|
+
# count: {
|
9335
|
+
# custom_request_handling: {
|
9336
|
+
# insert_headers: [ # required
|
9337
|
+
# {
|
9338
|
+
# name: "CustomHTTPHeaderName", # required
|
9339
|
+
# value: "CustomHTTPHeaderValue", # required
|
9340
|
+
# },
|
9341
|
+
# ],
|
9342
|
+
# },
|
9343
|
+
# },
|
9344
|
+
# captcha: {
|
9345
|
+
# custom_request_handling: {
|
9346
|
+
# insert_headers: [ # required
|
9347
|
+
# {
|
9348
|
+
# name: "CustomHTTPHeaderName", # required
|
9349
|
+
# value: "CustomHTTPHeaderValue", # required
|
9350
|
+
# },
|
9351
|
+
# ],
|
9352
|
+
# },
|
9353
|
+
# },
|
9354
|
+
# challenge: {
|
9355
|
+
# custom_request_handling: {
|
9356
|
+
# insert_headers: [ # required
|
9357
|
+
# {
|
9358
|
+
# name: "CustomHTTPHeaderName", # required
|
9359
|
+
# value: "CustomHTTPHeaderValue", # required
|
9360
|
+
# },
|
9361
|
+
# ],
|
9362
|
+
# },
|
9363
|
+
# },
|
9364
|
+
# },
|
8270
9365
|
# },
|
8271
9366
|
# ],
|
8272
9367
|
# },
|
@@ -8604,6 +9699,65 @@ module Aws::WAFV2
|
|
8604
9699
|
# name: "EntityName", # required
|
8605
9700
|
# },
|
8606
9701
|
# ],
|
9702
|
+
# rule_action_overrides: [
|
9703
|
+
# {
|
9704
|
+
# name: "EntityName", # required
|
9705
|
+
# action_to_use: { # required
|
9706
|
+
# block: {
|
9707
|
+
# custom_response: {
|
9708
|
+
# response_code: 1, # required
|
9709
|
+
# custom_response_body_key: "EntityName",
|
9710
|
+
# response_headers: [
|
9711
|
+
# {
|
9712
|
+
# name: "CustomHTTPHeaderName", # required
|
9713
|
+
# value: "CustomHTTPHeaderValue", # required
|
9714
|
+
# },
|
9715
|
+
# ],
|
9716
|
+
# },
|
9717
|
+
# },
|
9718
|
+
# allow: {
|
9719
|
+
# custom_request_handling: {
|
9720
|
+
# insert_headers: [ # required
|
9721
|
+
# {
|
9722
|
+
# name: "CustomHTTPHeaderName", # required
|
9723
|
+
# value: "CustomHTTPHeaderValue", # required
|
9724
|
+
# },
|
9725
|
+
# ],
|
9726
|
+
# },
|
9727
|
+
# },
|
9728
|
+
# count: {
|
9729
|
+
# custom_request_handling: {
|
9730
|
+
# insert_headers: [ # required
|
9731
|
+
# {
|
9732
|
+
# name: "CustomHTTPHeaderName", # required
|
9733
|
+
# value: "CustomHTTPHeaderValue", # required
|
9734
|
+
# },
|
9735
|
+
# ],
|
9736
|
+
# },
|
9737
|
+
# },
|
9738
|
+
# captcha: {
|
9739
|
+
# custom_request_handling: {
|
9740
|
+
# insert_headers: [ # required
|
9741
|
+
# {
|
9742
|
+
# name: "CustomHTTPHeaderName", # required
|
9743
|
+
# value: "CustomHTTPHeaderValue", # required
|
9744
|
+
# },
|
9745
|
+
# ],
|
9746
|
+
# },
|
9747
|
+
# },
|
9748
|
+
# challenge: {
|
9749
|
+
# custom_request_handling: {
|
9750
|
+
# insert_headers: [ # required
|
9751
|
+
# {
|
9752
|
+
# name: "CustomHTTPHeaderName", # required
|
9753
|
+
# value: "CustomHTTPHeaderValue", # required
|
9754
|
+
# },
|
9755
|
+
# ],
|
9756
|
+
# },
|
9757
|
+
# },
|
9758
|
+
# },
|
9759
|
+
# },
|
9760
|
+
# ],
|
8607
9761
|
# },
|
8608
9762
|
# ip_set_reference_statement: {
|
8609
9763
|
# arn: "ResourceArn", # required
|
@@ -8719,6 +9873,68 @@ module Aws::WAFV2
|
|
8719
9873
|
# password_field: {
|
8720
9874
|
# identifier: "FieldIdentifier", # required
|
8721
9875
|
# },
|
9876
|
+
# aws_managed_rules_bot_control_rule_set: {
|
9877
|
+
# inspection_level: "COMMON", # required, accepts COMMON, TARGETED
|
9878
|
+
# },
|
9879
|
+
# },
|
9880
|
+
# ],
|
9881
|
+
# rule_action_overrides: [
|
9882
|
+
# {
|
9883
|
+
# name: "EntityName", # required
|
9884
|
+
# action_to_use: { # required
|
9885
|
+
# block: {
|
9886
|
+
# custom_response: {
|
9887
|
+
# response_code: 1, # required
|
9888
|
+
# custom_response_body_key: "EntityName",
|
9889
|
+
# response_headers: [
|
9890
|
+
# {
|
9891
|
+
# name: "CustomHTTPHeaderName", # required
|
9892
|
+
# value: "CustomHTTPHeaderValue", # required
|
9893
|
+
# },
|
9894
|
+
# ],
|
9895
|
+
# },
|
9896
|
+
# },
|
9897
|
+
# allow: {
|
9898
|
+
# custom_request_handling: {
|
9899
|
+
# insert_headers: [ # required
|
9900
|
+
# {
|
9901
|
+
# name: "CustomHTTPHeaderName", # required
|
9902
|
+
# value: "CustomHTTPHeaderValue", # required
|
9903
|
+
# },
|
9904
|
+
# ],
|
9905
|
+
# },
|
9906
|
+
# },
|
9907
|
+
# count: {
|
9908
|
+
# custom_request_handling: {
|
9909
|
+
# insert_headers: [ # required
|
9910
|
+
# {
|
9911
|
+
# name: "CustomHTTPHeaderName", # required
|
9912
|
+
# value: "CustomHTTPHeaderValue", # required
|
9913
|
+
# },
|
9914
|
+
# ],
|
9915
|
+
# },
|
9916
|
+
# },
|
9917
|
+
# captcha: {
|
9918
|
+
# custom_request_handling: {
|
9919
|
+
# insert_headers: [ # required
|
9920
|
+
# {
|
9921
|
+
# name: "CustomHTTPHeaderName", # required
|
9922
|
+
# value: "CustomHTTPHeaderValue", # required
|
9923
|
+
# },
|
9924
|
+
# ],
|
9925
|
+
# },
|
9926
|
+
# },
|
9927
|
+
# challenge: {
|
9928
|
+
# custom_request_handling: {
|
9929
|
+
# insert_headers: [ # required
|
9930
|
+
# {
|
9931
|
+
# name: "CustomHTTPHeaderName", # required
|
9932
|
+
# value: "CustomHTTPHeaderValue", # required
|
9933
|
+
# },
|
9934
|
+
# ],
|
9935
|
+
# },
|
9936
|
+
# },
|
9937
|
+
# },
|
8722
9938
|
# },
|
8723
9939
|
# ],
|
8724
9940
|
# },
|
@@ -8811,8 +10027,9 @@ module Aws::WAFV2
|
|
8811
10027
|
#
|
8812
10028
|
# <note markdown="1"> This option is usually set to none. It does not affect how the rules
|
8813
10029
|
# in the rule group are evaluated. If you want the rules in the rule
|
8814
|
-
# group to only count matches, do not use this and instead
|
8815
|
-
#
|
10030
|
+
# group to only count matches, do not use this and instead use the rule
|
10031
|
+
# action override option, with `Count` action, in your rule group
|
10032
|
+
# reference statement settings.
|
8816
10033
|
#
|
8817
10034
|
# </note>
|
8818
10035
|
#
|
@@ -8839,8 +10056,9 @@ module Aws::WAFV2
|
|
8839
10056
|
#
|
8840
10057
|
# <note markdown="1"> This option is usually set to none. It does not affect how the rules
|
8841
10058
|
# in the rule group are evaluated. If you want the rules in the rule
|
8842
|
-
# group to only count matches, do not use this and instead
|
8843
|
-
#
|
10059
|
+
# group to only count matches, do not use this and instead use the
|
10060
|
+
# rule action override option, with `Count` action, in your rule group
|
10061
|
+
# reference statement settings.
|
8844
10062
|
#
|
8845
10063
|
# </note>
|
8846
10064
|
# @return [Types::CountAction]
|
@@ -8948,7 +10166,7 @@ module Aws::WAFV2
|
|
8948
10166
|
# conditions: [ # required
|
8949
10167
|
# {
|
8950
10168
|
# action_condition: {
|
8951
|
-
# action: "ALLOW", # required, accepts ALLOW, BLOCK, COUNT, CAPTCHA, EXCLUDED_AS_COUNT
|
10169
|
+
# action: "ALLOW", # required, accepts ALLOW, BLOCK, COUNT, CAPTCHA, CHALLENGE, EXCLUDED_AS_COUNT
|
8952
10170
|
# },
|
8953
10171
|
# label_name_condition: {
|
8954
10172
|
# label_name: "LabelName", # required
|
@@ -9448,6 +10666,65 @@ module Aws::WAFV2
|
|
9448
10666
|
# name: "EntityName", # required
|
9449
10667
|
# },
|
9450
10668
|
# ],
|
10669
|
+
# rule_action_overrides: [
|
10670
|
+
# {
|
10671
|
+
# name: "EntityName", # required
|
10672
|
+
# action_to_use: { # required
|
10673
|
+
# block: {
|
10674
|
+
# custom_response: {
|
10675
|
+
# response_code: 1, # required
|
10676
|
+
# custom_response_body_key: "EntityName",
|
10677
|
+
# response_headers: [
|
10678
|
+
# {
|
10679
|
+
# name: "CustomHTTPHeaderName", # required
|
10680
|
+
# value: "CustomHTTPHeaderValue", # required
|
10681
|
+
# },
|
10682
|
+
# ],
|
10683
|
+
# },
|
10684
|
+
# },
|
10685
|
+
# allow: {
|
10686
|
+
# custom_request_handling: {
|
10687
|
+
# insert_headers: [ # required
|
10688
|
+
# {
|
10689
|
+
# name: "CustomHTTPHeaderName", # required
|
10690
|
+
# value: "CustomHTTPHeaderValue", # required
|
10691
|
+
# },
|
10692
|
+
# ],
|
10693
|
+
# },
|
10694
|
+
# },
|
10695
|
+
# count: {
|
10696
|
+
# custom_request_handling: {
|
10697
|
+
# insert_headers: [ # required
|
10698
|
+
# {
|
10699
|
+
# name: "CustomHTTPHeaderName", # required
|
10700
|
+
# value: "CustomHTTPHeaderValue", # required
|
10701
|
+
# },
|
10702
|
+
# ],
|
10703
|
+
# },
|
10704
|
+
# },
|
10705
|
+
# captcha: {
|
10706
|
+
# custom_request_handling: {
|
10707
|
+
# insert_headers: [ # required
|
10708
|
+
# {
|
10709
|
+
# name: "CustomHTTPHeaderName", # required
|
10710
|
+
# value: "CustomHTTPHeaderValue", # required
|
10711
|
+
# },
|
10712
|
+
# ],
|
10713
|
+
# },
|
10714
|
+
# },
|
10715
|
+
# challenge: {
|
10716
|
+
# custom_request_handling: {
|
10717
|
+
# insert_headers: [ # required
|
10718
|
+
# {
|
10719
|
+
# name: "CustomHTTPHeaderName", # required
|
10720
|
+
# value: "CustomHTTPHeaderValue", # required
|
10721
|
+
# },
|
10722
|
+
# ],
|
10723
|
+
# },
|
10724
|
+
# },
|
10725
|
+
# },
|
10726
|
+
# },
|
10727
|
+
# ],
|
9451
10728
|
# },
|
9452
10729
|
# ip_set_reference_statement: {
|
9453
10730
|
# arn: "ResourceArn", # required
|
@@ -9567,6 +10844,68 @@ module Aws::WAFV2
|
|
9567
10844
|
# password_field: {
|
9568
10845
|
# identifier: "FieldIdentifier", # required
|
9569
10846
|
# },
|
10847
|
+
# aws_managed_rules_bot_control_rule_set: {
|
10848
|
+
# inspection_level: "COMMON", # required, accepts COMMON, TARGETED
|
10849
|
+
# },
|
10850
|
+
# },
|
10851
|
+
# ],
|
10852
|
+
# rule_action_overrides: [
|
10853
|
+
# {
|
10854
|
+
# name: "EntityName", # required
|
10855
|
+
# action_to_use: { # required
|
10856
|
+
# block: {
|
10857
|
+
# custom_response: {
|
10858
|
+
# response_code: 1, # required
|
10859
|
+
# custom_response_body_key: "EntityName",
|
10860
|
+
# response_headers: [
|
10861
|
+
# {
|
10862
|
+
# name: "CustomHTTPHeaderName", # required
|
10863
|
+
# value: "CustomHTTPHeaderValue", # required
|
10864
|
+
# },
|
10865
|
+
# ],
|
10866
|
+
# },
|
10867
|
+
# },
|
10868
|
+
# allow: {
|
10869
|
+
# custom_request_handling: {
|
10870
|
+
# insert_headers: [ # required
|
10871
|
+
# {
|
10872
|
+
# name: "CustomHTTPHeaderName", # required
|
10873
|
+
# value: "CustomHTTPHeaderValue", # required
|
10874
|
+
# },
|
10875
|
+
# ],
|
10876
|
+
# },
|
10877
|
+
# },
|
10878
|
+
# count: {
|
10879
|
+
# custom_request_handling: {
|
10880
|
+
# insert_headers: [ # required
|
10881
|
+
# {
|
10882
|
+
# name: "CustomHTTPHeaderName", # required
|
10883
|
+
# value: "CustomHTTPHeaderValue", # required
|
10884
|
+
# },
|
10885
|
+
# ],
|
10886
|
+
# },
|
10887
|
+
# },
|
10888
|
+
# captcha: {
|
10889
|
+
# custom_request_handling: {
|
10890
|
+
# insert_headers: [ # required
|
10891
|
+
# {
|
10892
|
+
# name: "CustomHTTPHeaderName", # required
|
10893
|
+
# value: "CustomHTTPHeaderValue", # required
|
10894
|
+
# },
|
10895
|
+
# ],
|
10896
|
+
# },
|
10897
|
+
# },
|
10898
|
+
# challenge: {
|
10899
|
+
# custom_request_handling: {
|
10900
|
+
# insert_headers: [ # required
|
10901
|
+
# {
|
10902
|
+
# name: "CustomHTTPHeaderName", # required
|
10903
|
+
# value: "CustomHTTPHeaderValue", # required
|
10904
|
+
# },
|
10905
|
+
# ],
|
10906
|
+
# },
|
10907
|
+
# },
|
10908
|
+
# },
|
9570
10909
|
# },
|
9571
10910
|
# ],
|
9572
10911
|
# },
|
@@ -10294,6 +11633,65 @@ module Aws::WAFV2
|
|
10294
11633
|
# name: "EntityName", # required
|
10295
11634
|
# },
|
10296
11635
|
# ],
|
11636
|
+
# rule_action_overrides: [
|
11637
|
+
# {
|
11638
|
+
# name: "EntityName", # required
|
11639
|
+
# action_to_use: { # required
|
11640
|
+
# block: {
|
11641
|
+
# custom_response: {
|
11642
|
+
# response_code: 1, # required
|
11643
|
+
# custom_response_body_key: "EntityName",
|
11644
|
+
# response_headers: [
|
11645
|
+
# {
|
11646
|
+
# name: "CustomHTTPHeaderName", # required
|
11647
|
+
# value: "CustomHTTPHeaderValue", # required
|
11648
|
+
# },
|
11649
|
+
# ],
|
11650
|
+
# },
|
11651
|
+
# },
|
11652
|
+
# allow: {
|
11653
|
+
# custom_request_handling: {
|
11654
|
+
# insert_headers: [ # required
|
11655
|
+
# {
|
11656
|
+
# name: "CustomHTTPHeaderName", # required
|
11657
|
+
# value: "CustomHTTPHeaderValue", # required
|
11658
|
+
# },
|
11659
|
+
# ],
|
11660
|
+
# },
|
11661
|
+
# },
|
11662
|
+
# count: {
|
11663
|
+
# custom_request_handling: {
|
11664
|
+
# insert_headers: [ # required
|
11665
|
+
# {
|
11666
|
+
# name: "CustomHTTPHeaderName", # required
|
11667
|
+
# value: "CustomHTTPHeaderValue", # required
|
11668
|
+
# },
|
11669
|
+
# ],
|
11670
|
+
# },
|
11671
|
+
# },
|
11672
|
+
# captcha: {
|
11673
|
+
# custom_request_handling: {
|
11674
|
+
# insert_headers: [ # required
|
11675
|
+
# {
|
11676
|
+
# name: "CustomHTTPHeaderName", # required
|
11677
|
+
# value: "CustomHTTPHeaderValue", # required
|
11678
|
+
# },
|
11679
|
+
# ],
|
11680
|
+
# },
|
11681
|
+
# },
|
11682
|
+
# challenge: {
|
11683
|
+
# custom_request_handling: {
|
11684
|
+
# insert_headers: [ # required
|
11685
|
+
# {
|
11686
|
+
# name: "CustomHTTPHeaderName", # required
|
11687
|
+
# value: "CustomHTTPHeaderValue", # required
|
11688
|
+
# },
|
11689
|
+
# ],
|
11690
|
+
# },
|
11691
|
+
# },
|
11692
|
+
# },
|
11693
|
+
# },
|
11694
|
+
# ],
|
10297
11695
|
# },
|
10298
11696
|
# ip_set_reference_statement: {
|
10299
11697
|
# arn: "ResourceArn", # required
|
@@ -10413,6 +11811,68 @@ module Aws::WAFV2
|
|
10413
11811
|
# password_field: {
|
10414
11812
|
# identifier: "FieldIdentifier", # required
|
10415
11813
|
# },
|
11814
|
+
# aws_managed_rules_bot_control_rule_set: {
|
11815
|
+
# inspection_level: "COMMON", # required, accepts COMMON, TARGETED
|
11816
|
+
# },
|
11817
|
+
# },
|
11818
|
+
# ],
|
11819
|
+
# rule_action_overrides: [
|
11820
|
+
# {
|
11821
|
+
# name: "EntityName", # required
|
11822
|
+
# action_to_use: { # required
|
11823
|
+
# block: {
|
11824
|
+
# custom_response: {
|
11825
|
+
# response_code: 1, # required
|
11826
|
+
# custom_response_body_key: "EntityName",
|
11827
|
+
# response_headers: [
|
11828
|
+
# {
|
11829
|
+
# name: "CustomHTTPHeaderName", # required
|
11830
|
+
# value: "CustomHTTPHeaderValue", # required
|
11831
|
+
# },
|
11832
|
+
# ],
|
11833
|
+
# },
|
11834
|
+
# },
|
11835
|
+
# allow: {
|
11836
|
+
# custom_request_handling: {
|
11837
|
+
# insert_headers: [ # required
|
11838
|
+
# {
|
11839
|
+
# name: "CustomHTTPHeaderName", # required
|
11840
|
+
# value: "CustomHTTPHeaderValue", # required
|
11841
|
+
# },
|
11842
|
+
# ],
|
11843
|
+
# },
|
11844
|
+
# },
|
11845
|
+
# count: {
|
11846
|
+
# custom_request_handling: {
|
11847
|
+
# insert_headers: [ # required
|
11848
|
+
# {
|
11849
|
+
# name: "CustomHTTPHeaderName", # required
|
11850
|
+
# value: "CustomHTTPHeaderValue", # required
|
11851
|
+
# },
|
11852
|
+
# ],
|
11853
|
+
# },
|
11854
|
+
# },
|
11855
|
+
# captcha: {
|
11856
|
+
# custom_request_handling: {
|
11857
|
+
# insert_headers: [ # required
|
11858
|
+
# {
|
11859
|
+
# name: "CustomHTTPHeaderName", # required
|
11860
|
+
# value: "CustomHTTPHeaderValue", # required
|
11861
|
+
# },
|
11862
|
+
# ],
|
11863
|
+
# },
|
11864
|
+
# },
|
11865
|
+
# challenge: {
|
11866
|
+
# custom_request_handling: {
|
11867
|
+
# insert_headers: [ # required
|
11868
|
+
# {
|
11869
|
+
# name: "CustomHTTPHeaderName", # required
|
11870
|
+
# value: "CustomHTTPHeaderValue", # required
|
11871
|
+
# },
|
11872
|
+
# ],
|
11873
|
+
# },
|
11874
|
+
# },
|
11875
|
+
# },
|
10416
11876
|
# },
|
10417
11877
|
# ],
|
10418
11878
|
# },
|
@@ -10522,6 +11982,16 @@ module Aws::WAFV2
|
|
10522
11982
|
# ],
|
10523
11983
|
# },
|
10524
11984
|
# },
|
11985
|
+
# challenge: {
|
11986
|
+
# custom_request_handling: {
|
11987
|
+
# insert_headers: [ # required
|
11988
|
+
# {
|
11989
|
+
# name: "CustomHTTPHeaderName", # required
|
11990
|
+
# value: "CustomHTTPHeaderValue", # required
|
11991
|
+
# },
|
11992
|
+
# ],
|
11993
|
+
# },
|
11994
|
+
# },
|
10525
11995
|
# },
|
10526
11996
|
# override_action: {
|
10527
11997
|
# count: {
|
@@ -10552,6 +12022,11 @@ module Aws::WAFV2
|
|
10552
12022
|
# immunity_time: 1, # required
|
10553
12023
|
# },
|
10554
12024
|
# },
|
12025
|
+
# challenge_config: {
|
12026
|
+
# immunity_time_property: {
|
12027
|
+
# immunity_time: 1, # required
|
12028
|
+
# },
|
12029
|
+
# },
|
10555
12030
|
# }
|
10556
12031
|
#
|
10557
12032
|
# @!attribute [rw] name
|
@@ -10603,8 +12078,9 @@ module Aws::WAFV2
|
|
10603
12078
|
#
|
10604
12079
|
# <note markdown="1"> This option is usually set to none. It does not affect how the rules
|
10605
12080
|
# in the rule group are evaluated. If you want the rules in the rule
|
10606
|
-
# group to only count matches, do not use this and instead
|
10607
|
-
#
|
12081
|
+
# group to only count matches, do not use this and instead use the
|
12082
|
+
# rule action override option, with `Count` action, in your rule group
|
12083
|
+
# reference statement settings.
|
10608
12084
|
#
|
10609
12085
|
# </note>
|
10610
12086
|
# @return [Types::OverrideAction]
|
@@ -10646,6 +12122,12 @@ module Aws::WAFV2
|
|
10646
12122
|
# for the web ACL.
|
10647
12123
|
# @return [Types::CaptchaConfig]
|
10648
12124
|
#
|
12125
|
+
# @!attribute [rw] challenge_config
|
12126
|
+
# Specifies how WAF should handle `Challenge` evaluations. If you
|
12127
|
+
# don't specify this, WAF uses the challenge configuration that's
|
12128
|
+
# defined for the web ACL.
|
12129
|
+
# @return [Types::ChallengeConfig]
|
12130
|
+
#
|
10649
12131
|
# @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/Rule AWS API Documentation
|
10650
12132
|
#
|
10651
12133
|
class Rule < Struct.new(
|
@@ -10656,7 +12138,8 @@ module Aws::WAFV2
|
|
10656
12138
|
:override_action,
|
10657
12139
|
:rule_labels,
|
10658
12140
|
:visibility_config,
|
10659
|
-
:captcha_config
|
12141
|
+
:captcha_config,
|
12142
|
+
:challenge_config)
|
10660
12143
|
SENSITIVE = []
|
10661
12144
|
include Aws::Structure
|
10662
12145
|
end
|
@@ -10711,6 +12194,16 @@ module Aws::WAFV2
|
|
10711
12194
|
# ],
|
10712
12195
|
# },
|
10713
12196
|
# },
|
12197
|
+
# challenge: {
|
12198
|
+
# custom_request_handling: {
|
12199
|
+
# insert_headers: [ # required
|
12200
|
+
# {
|
12201
|
+
# name: "CustomHTTPHeaderName", # required
|
12202
|
+
# value: "CustomHTTPHeaderValue", # required
|
12203
|
+
# },
|
12204
|
+
# ],
|
12205
|
+
# },
|
12206
|
+
# },
|
10714
12207
|
# }
|
10715
12208
|
#
|
10716
12209
|
# @!attribute [rw] block
|
@@ -10730,13 +12223,107 @@ module Aws::WAFV2
|
|
10730
12223
|
# Instructs WAF to run a `CAPTCHA` check against the web request.
|
10731
12224
|
# @return [Types::CaptchaAction]
|
10732
12225
|
#
|
12226
|
+
# @!attribute [rw] challenge
|
12227
|
+
# Instructs WAF to run a `Challenge` check against the web request.
|
12228
|
+
# @return [Types::ChallengeAction]
|
12229
|
+
#
|
10733
12230
|
# @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/RuleAction AWS API Documentation
|
10734
12231
|
#
|
10735
12232
|
class RuleAction < Struct.new(
|
10736
12233
|
:block,
|
10737
12234
|
:allow,
|
10738
12235
|
:count,
|
10739
|
-
:captcha
|
12236
|
+
:captcha,
|
12237
|
+
:challenge)
|
12238
|
+
SENSITIVE = []
|
12239
|
+
include Aws::Structure
|
12240
|
+
end
|
12241
|
+
|
12242
|
+
# Action setting to use in the place of a rule action that is configured
|
12243
|
+
# inside the rule group. You specify one override for each rule whose
|
12244
|
+
# action you want to change.
|
12245
|
+
#
|
12246
|
+
# You can use overrides for testing, for example you can override all of
|
12247
|
+
# rule actions to `Count` and then monitor the resulting count metrics
|
12248
|
+
# to understand how the rule group would handle your web traffic. You
|
12249
|
+
# can also permanently override some or all actions, to modify how the
|
12250
|
+
# rule group manages your web traffic.
|
12251
|
+
#
|
12252
|
+
# @note When making an API call, you may pass RuleActionOverride
|
12253
|
+
# data as a hash:
|
12254
|
+
#
|
12255
|
+
# {
|
12256
|
+
# name: "EntityName", # required
|
12257
|
+
# action_to_use: { # required
|
12258
|
+
# block: {
|
12259
|
+
# custom_response: {
|
12260
|
+
# response_code: 1, # required
|
12261
|
+
# custom_response_body_key: "EntityName",
|
12262
|
+
# response_headers: [
|
12263
|
+
# {
|
12264
|
+
# name: "CustomHTTPHeaderName", # required
|
12265
|
+
# value: "CustomHTTPHeaderValue", # required
|
12266
|
+
# },
|
12267
|
+
# ],
|
12268
|
+
# },
|
12269
|
+
# },
|
12270
|
+
# allow: {
|
12271
|
+
# custom_request_handling: {
|
12272
|
+
# insert_headers: [ # required
|
12273
|
+
# {
|
12274
|
+
# name: "CustomHTTPHeaderName", # required
|
12275
|
+
# value: "CustomHTTPHeaderValue", # required
|
12276
|
+
# },
|
12277
|
+
# ],
|
12278
|
+
# },
|
12279
|
+
# },
|
12280
|
+
# count: {
|
12281
|
+
# custom_request_handling: {
|
12282
|
+
# insert_headers: [ # required
|
12283
|
+
# {
|
12284
|
+
# name: "CustomHTTPHeaderName", # required
|
12285
|
+
# value: "CustomHTTPHeaderValue", # required
|
12286
|
+
# },
|
12287
|
+
# ],
|
12288
|
+
# },
|
12289
|
+
# },
|
12290
|
+
# captcha: {
|
12291
|
+
# custom_request_handling: {
|
12292
|
+
# insert_headers: [ # required
|
12293
|
+
# {
|
12294
|
+
# name: "CustomHTTPHeaderName", # required
|
12295
|
+
# value: "CustomHTTPHeaderValue", # required
|
12296
|
+
# },
|
12297
|
+
# ],
|
12298
|
+
# },
|
12299
|
+
# },
|
12300
|
+
# challenge: {
|
12301
|
+
# custom_request_handling: {
|
12302
|
+
# insert_headers: [ # required
|
12303
|
+
# {
|
12304
|
+
# name: "CustomHTTPHeaderName", # required
|
12305
|
+
# value: "CustomHTTPHeaderValue", # required
|
12306
|
+
# },
|
12307
|
+
# ],
|
12308
|
+
# },
|
12309
|
+
# },
|
12310
|
+
# },
|
12311
|
+
# }
|
12312
|
+
#
|
12313
|
+
# @!attribute [rw] name
|
12314
|
+
# The name of the rule to override.
|
12315
|
+
# @return [String]
|
12316
|
+
#
|
12317
|
+
# @!attribute [rw] action_to_use
|
12318
|
+
# The override action to use, in place of the configured action of the
|
12319
|
+
# rule in the rule group.
|
12320
|
+
# @return [Types::RuleAction]
|
12321
|
+
#
|
12322
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/RuleActionOverride AWS API Documentation
|
12323
|
+
#
|
12324
|
+
class RuleActionOverride < Struct.new(
|
12325
|
+
:name,
|
12326
|
+
:action_to_use)
|
10740
12327
|
SENSITIVE = []
|
10741
12328
|
include Aws::Structure
|
10742
12329
|
end
|
@@ -10883,6 +12470,65 @@ module Aws::WAFV2
|
|
10883
12470
|
# name: "EntityName", # required
|
10884
12471
|
# },
|
10885
12472
|
# ],
|
12473
|
+
# rule_action_overrides: [
|
12474
|
+
# {
|
12475
|
+
# name: "EntityName", # required
|
12476
|
+
# action_to_use: { # required
|
12477
|
+
# block: {
|
12478
|
+
# custom_response: {
|
12479
|
+
# response_code: 1, # required
|
12480
|
+
# custom_response_body_key: "EntityName",
|
12481
|
+
# response_headers: [
|
12482
|
+
# {
|
12483
|
+
# name: "CustomHTTPHeaderName", # required
|
12484
|
+
# value: "CustomHTTPHeaderValue", # required
|
12485
|
+
# },
|
12486
|
+
# ],
|
12487
|
+
# },
|
12488
|
+
# },
|
12489
|
+
# allow: {
|
12490
|
+
# custom_request_handling: {
|
12491
|
+
# insert_headers: [ # required
|
12492
|
+
# {
|
12493
|
+
# name: "CustomHTTPHeaderName", # required
|
12494
|
+
# value: "CustomHTTPHeaderValue", # required
|
12495
|
+
# },
|
12496
|
+
# ],
|
12497
|
+
# },
|
12498
|
+
# },
|
12499
|
+
# count: {
|
12500
|
+
# custom_request_handling: {
|
12501
|
+
# insert_headers: [ # required
|
12502
|
+
# {
|
12503
|
+
# name: "CustomHTTPHeaderName", # required
|
12504
|
+
# value: "CustomHTTPHeaderValue", # required
|
12505
|
+
# },
|
12506
|
+
# ],
|
12507
|
+
# },
|
12508
|
+
# },
|
12509
|
+
# captcha: {
|
12510
|
+
# custom_request_handling: {
|
12511
|
+
# insert_headers: [ # required
|
12512
|
+
# {
|
12513
|
+
# name: "CustomHTTPHeaderName", # required
|
12514
|
+
# value: "CustomHTTPHeaderValue", # required
|
12515
|
+
# },
|
12516
|
+
# ],
|
12517
|
+
# },
|
12518
|
+
# },
|
12519
|
+
# challenge: {
|
12520
|
+
# custom_request_handling: {
|
12521
|
+
# insert_headers: [ # required
|
12522
|
+
# {
|
12523
|
+
# name: "CustomHTTPHeaderName", # required
|
12524
|
+
# value: "CustomHTTPHeaderValue", # required
|
12525
|
+
# },
|
12526
|
+
# ],
|
12527
|
+
# },
|
12528
|
+
# },
|
12529
|
+
# },
|
12530
|
+
# },
|
12531
|
+
# ],
|
10886
12532
|
# }
|
10887
12533
|
#
|
10888
12534
|
# @!attribute [rw] arn
|
@@ -10890,18 +12536,32 @@ module Aws::WAFV2
|
|
10890
12536
|
# @return [String]
|
10891
12537
|
#
|
10892
12538
|
# @!attribute [rw] excluded_rules
|
10893
|
-
#
|
10894
|
-
#
|
10895
|
-
#
|
10896
|
-
#
|
10897
|
-
#
|
12539
|
+
# Rules in the referenced rule group whose actions are set to `Count`.
|
12540
|
+
#
|
12541
|
+
# <note markdown="1"> Instead of this option, use `RuleActionOverrides`. It accepts any
|
12542
|
+
# valid action setting, including `Count`.
|
12543
|
+
#
|
12544
|
+
# </note>
|
10898
12545
|
# @return [Array<Types::ExcludedRule>]
|
10899
12546
|
#
|
12547
|
+
# @!attribute [rw] rule_action_overrides
|
12548
|
+
# Action settings to use in the place of the rule actions that are
|
12549
|
+
# configured inside the rule group. You specify one override for each
|
12550
|
+
# rule whose action you want to change.
|
12551
|
+
#
|
12552
|
+
# You can use overrides for testing, for example you can override all
|
12553
|
+
# of rule actions to `Count` and then monitor the resulting count
|
12554
|
+
# metrics to understand how the rule group would handle your web
|
12555
|
+
# traffic. You can also permanently override some or all actions, to
|
12556
|
+
# modify how the rule group manages your web traffic.
|
12557
|
+
# @return [Array<Types::RuleActionOverride>]
|
12558
|
+
#
|
10900
12559
|
# @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/RuleGroupReferenceStatement AWS API Documentation
|
10901
12560
|
#
|
10902
12561
|
class RuleGroupReferenceStatement < Struct.new(
|
10903
12562
|
:arn,
|
10904
|
-
:excluded_rules
|
12563
|
+
:excluded_rules,
|
12564
|
+
:rule_action_overrides)
|
10905
12565
|
SENSITIVE = []
|
10906
12566
|
include Aws::Structure
|
10907
12567
|
end
|
@@ -11003,8 +12663,7 @@ module Aws::WAFV2
|
|
11003
12663
|
# @return [Time]
|
11004
12664
|
#
|
11005
12665
|
# @!attribute [rw] action
|
11006
|
-
# The action
|
11007
|
-
# `Block`, or `Count`.
|
12666
|
+
# The action that WAF applied to the request.
|
11008
12667
|
# @return [String]
|
11009
12668
|
#
|
11010
12669
|
# @!attribute [rw] rule_name_within_rule_group
|
@@ -11039,6 +12698,17 @@ module Aws::WAFV2
|
|
11039
12698
|
# The `CAPTCHA` response for the request.
|
11040
12699
|
# @return [Types::CaptchaResponse]
|
11041
12700
|
#
|
12701
|
+
# @!attribute [rw] challenge_response
|
12702
|
+
# The `Challenge` response for the request.
|
12703
|
+
# @return [Types::ChallengeResponse]
|
12704
|
+
#
|
12705
|
+
# @!attribute [rw] overridden_action
|
12706
|
+
# Used only for rule group rules that have a rule action override in
|
12707
|
+
# place in the web ACL. This is the action that the rule group rule is
|
12708
|
+
# configured for, and not the action that was applied to the request.
|
12709
|
+
# The action that WAF applied is the `Action` value.
|
12710
|
+
# @return [String]
|
12711
|
+
#
|
11042
12712
|
# @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/SampledHTTPRequest AWS API Documentation
|
11043
12713
|
#
|
11044
12714
|
class SampledHTTPRequest < Struct.new(
|
@@ -11050,7 +12720,9 @@ module Aws::WAFV2
|
|
11050
12720
|
:request_headers_inserted,
|
11051
12721
|
:response_code_sent,
|
11052
12722
|
:labels,
|
11053
|
-
:captcha_response
|
12723
|
+
:captcha_response,
|
12724
|
+
:challenge_response,
|
12725
|
+
:overridden_action)
|
11054
12726
|
SENSITIVE = []
|
11055
12727
|
include Aws::Structure
|
11056
12728
|
end
|
@@ -11588,6 +13260,65 @@ module Aws::WAFV2
|
|
11588
13260
|
# name: "EntityName", # required
|
11589
13261
|
# },
|
11590
13262
|
# ],
|
13263
|
+
# rule_action_overrides: [
|
13264
|
+
# {
|
13265
|
+
# name: "EntityName", # required
|
13266
|
+
# action_to_use: { # required
|
13267
|
+
# block: {
|
13268
|
+
# custom_response: {
|
13269
|
+
# response_code: 1, # required
|
13270
|
+
# custom_response_body_key: "EntityName",
|
13271
|
+
# response_headers: [
|
13272
|
+
# {
|
13273
|
+
# name: "CustomHTTPHeaderName", # required
|
13274
|
+
# value: "CustomHTTPHeaderValue", # required
|
13275
|
+
# },
|
13276
|
+
# ],
|
13277
|
+
# },
|
13278
|
+
# },
|
13279
|
+
# allow: {
|
13280
|
+
# custom_request_handling: {
|
13281
|
+
# insert_headers: [ # required
|
13282
|
+
# {
|
13283
|
+
# name: "CustomHTTPHeaderName", # required
|
13284
|
+
# value: "CustomHTTPHeaderValue", # required
|
13285
|
+
# },
|
13286
|
+
# ],
|
13287
|
+
# },
|
13288
|
+
# },
|
13289
|
+
# count: {
|
13290
|
+
# custom_request_handling: {
|
13291
|
+
# insert_headers: [ # required
|
13292
|
+
# {
|
13293
|
+
# name: "CustomHTTPHeaderName", # required
|
13294
|
+
# value: "CustomHTTPHeaderValue", # required
|
13295
|
+
# },
|
13296
|
+
# ],
|
13297
|
+
# },
|
13298
|
+
# },
|
13299
|
+
# captcha: {
|
13300
|
+
# custom_request_handling: {
|
13301
|
+
# insert_headers: [ # required
|
13302
|
+
# {
|
13303
|
+
# name: "CustomHTTPHeaderName", # required
|
13304
|
+
# value: "CustomHTTPHeaderValue", # required
|
13305
|
+
# },
|
13306
|
+
# ],
|
13307
|
+
# },
|
13308
|
+
# },
|
13309
|
+
# challenge: {
|
13310
|
+
# custom_request_handling: {
|
13311
|
+
# insert_headers: [ # required
|
13312
|
+
# {
|
13313
|
+
# name: "CustomHTTPHeaderName", # required
|
13314
|
+
# value: "CustomHTTPHeaderValue", # required
|
13315
|
+
# },
|
13316
|
+
# ],
|
13317
|
+
# },
|
13318
|
+
# },
|
13319
|
+
# },
|
13320
|
+
# },
|
13321
|
+
# ],
|
11591
13322
|
# },
|
11592
13323
|
# ip_set_reference_statement: {
|
11593
13324
|
# arn: "ResourceArn", # required
|
@@ -11906,6 +13637,65 @@ module Aws::WAFV2
|
|
11906
13637
|
# name: "EntityName", # required
|
11907
13638
|
# },
|
11908
13639
|
# ],
|
13640
|
+
# rule_action_overrides: [
|
13641
|
+
# {
|
13642
|
+
# name: "EntityName", # required
|
13643
|
+
# action_to_use: { # required
|
13644
|
+
# block: {
|
13645
|
+
# custom_response: {
|
13646
|
+
# response_code: 1, # required
|
13647
|
+
# custom_response_body_key: "EntityName",
|
13648
|
+
# response_headers: [
|
13649
|
+
# {
|
13650
|
+
# name: "CustomHTTPHeaderName", # required
|
13651
|
+
# value: "CustomHTTPHeaderValue", # required
|
13652
|
+
# },
|
13653
|
+
# ],
|
13654
|
+
# },
|
13655
|
+
# },
|
13656
|
+
# allow: {
|
13657
|
+
# custom_request_handling: {
|
13658
|
+
# insert_headers: [ # required
|
13659
|
+
# {
|
13660
|
+
# name: "CustomHTTPHeaderName", # required
|
13661
|
+
# value: "CustomHTTPHeaderValue", # required
|
13662
|
+
# },
|
13663
|
+
# ],
|
13664
|
+
# },
|
13665
|
+
# },
|
13666
|
+
# count: {
|
13667
|
+
# custom_request_handling: {
|
13668
|
+
# insert_headers: [ # required
|
13669
|
+
# {
|
13670
|
+
# name: "CustomHTTPHeaderName", # required
|
13671
|
+
# value: "CustomHTTPHeaderValue", # required
|
13672
|
+
# },
|
13673
|
+
# ],
|
13674
|
+
# },
|
13675
|
+
# },
|
13676
|
+
# captcha: {
|
13677
|
+
# custom_request_handling: {
|
13678
|
+
# insert_headers: [ # required
|
13679
|
+
# {
|
13680
|
+
# name: "CustomHTTPHeaderName", # required
|
13681
|
+
# value: "CustomHTTPHeaderValue", # required
|
13682
|
+
# },
|
13683
|
+
# ],
|
13684
|
+
# },
|
13685
|
+
# },
|
13686
|
+
# challenge: {
|
13687
|
+
# custom_request_handling: {
|
13688
|
+
# insert_headers: [ # required
|
13689
|
+
# {
|
13690
|
+
# name: "CustomHTTPHeaderName", # required
|
13691
|
+
# value: "CustomHTTPHeaderValue", # required
|
13692
|
+
# },
|
13693
|
+
# ],
|
13694
|
+
# },
|
13695
|
+
# },
|
13696
|
+
# },
|
13697
|
+
# },
|
13698
|
+
# ],
|
11909
13699
|
# },
|
11910
13700
|
# ip_set_reference_statement: {
|
11911
13701
|
# arn: "ResourceArn", # required
|
@@ -12017,6 +13807,68 @@ module Aws::WAFV2
|
|
12017
13807
|
# password_field: {
|
12018
13808
|
# identifier: "FieldIdentifier", # required
|
12019
13809
|
# },
|
13810
|
+
# aws_managed_rules_bot_control_rule_set: {
|
13811
|
+
# inspection_level: "COMMON", # required, accepts COMMON, TARGETED
|
13812
|
+
# },
|
13813
|
+
# },
|
13814
|
+
# ],
|
13815
|
+
# rule_action_overrides: [
|
13816
|
+
# {
|
13817
|
+
# name: "EntityName", # required
|
13818
|
+
# action_to_use: { # required
|
13819
|
+
# block: {
|
13820
|
+
# custom_response: {
|
13821
|
+
# response_code: 1, # required
|
13822
|
+
# custom_response_body_key: "EntityName",
|
13823
|
+
# response_headers: [
|
13824
|
+
# {
|
13825
|
+
# name: "CustomHTTPHeaderName", # required
|
13826
|
+
# value: "CustomHTTPHeaderValue", # required
|
13827
|
+
# },
|
13828
|
+
# ],
|
13829
|
+
# },
|
13830
|
+
# },
|
13831
|
+
# allow: {
|
13832
|
+
# custom_request_handling: {
|
13833
|
+
# insert_headers: [ # required
|
13834
|
+
# {
|
13835
|
+
# name: "CustomHTTPHeaderName", # required
|
13836
|
+
# value: "CustomHTTPHeaderValue", # required
|
13837
|
+
# },
|
13838
|
+
# ],
|
13839
|
+
# },
|
13840
|
+
# },
|
13841
|
+
# count: {
|
13842
|
+
# custom_request_handling: {
|
13843
|
+
# insert_headers: [ # required
|
13844
|
+
# {
|
13845
|
+
# name: "CustomHTTPHeaderName", # required
|
13846
|
+
# value: "CustomHTTPHeaderValue", # required
|
13847
|
+
# },
|
13848
|
+
# ],
|
13849
|
+
# },
|
13850
|
+
# },
|
13851
|
+
# captcha: {
|
13852
|
+
# custom_request_handling: {
|
13853
|
+
# insert_headers: [ # required
|
13854
|
+
# {
|
13855
|
+
# name: "CustomHTTPHeaderName", # required
|
13856
|
+
# value: "CustomHTTPHeaderValue", # required
|
13857
|
+
# },
|
13858
|
+
# ],
|
13859
|
+
# },
|
13860
|
+
# },
|
13861
|
+
# challenge: {
|
13862
|
+
# custom_request_handling: {
|
13863
|
+
# insert_headers: [ # required
|
13864
|
+
# {
|
13865
|
+
# name: "CustomHTTPHeaderName", # required
|
13866
|
+
# value: "CustomHTTPHeaderValue", # required
|
13867
|
+
# },
|
13868
|
+
# ],
|
13869
|
+
# },
|
13870
|
+
# },
|
13871
|
+
# },
|
12020
13872
|
# },
|
12021
13873
|
# ],
|
12022
13874
|
# },
|
@@ -12338,6 +14190,65 @@ module Aws::WAFV2
|
|
12338
14190
|
# name: "EntityName", # required
|
12339
14191
|
# },
|
12340
14192
|
# ],
|
14193
|
+
# rule_action_overrides: [
|
14194
|
+
# {
|
14195
|
+
# name: "EntityName", # required
|
14196
|
+
# action_to_use: { # required
|
14197
|
+
# block: {
|
14198
|
+
# custom_response: {
|
14199
|
+
# response_code: 1, # required
|
14200
|
+
# custom_response_body_key: "EntityName",
|
14201
|
+
# response_headers: [
|
14202
|
+
# {
|
14203
|
+
# name: "CustomHTTPHeaderName", # required
|
14204
|
+
# value: "CustomHTTPHeaderValue", # required
|
14205
|
+
# },
|
14206
|
+
# ],
|
14207
|
+
# },
|
14208
|
+
# },
|
14209
|
+
# allow: {
|
14210
|
+
# custom_request_handling: {
|
14211
|
+
# insert_headers: [ # required
|
14212
|
+
# {
|
14213
|
+
# name: "CustomHTTPHeaderName", # required
|
14214
|
+
# value: "CustomHTTPHeaderValue", # required
|
14215
|
+
# },
|
14216
|
+
# ],
|
14217
|
+
# },
|
14218
|
+
# },
|
14219
|
+
# count: {
|
14220
|
+
# custom_request_handling: {
|
14221
|
+
# insert_headers: [ # required
|
14222
|
+
# {
|
14223
|
+
# name: "CustomHTTPHeaderName", # required
|
14224
|
+
# value: "CustomHTTPHeaderValue", # required
|
14225
|
+
# },
|
14226
|
+
# ],
|
14227
|
+
# },
|
14228
|
+
# },
|
14229
|
+
# captcha: {
|
14230
|
+
# custom_request_handling: {
|
14231
|
+
# insert_headers: [ # required
|
14232
|
+
# {
|
14233
|
+
# name: "CustomHTTPHeaderName", # required
|
14234
|
+
# value: "CustomHTTPHeaderValue", # required
|
14235
|
+
# },
|
14236
|
+
# ],
|
14237
|
+
# },
|
14238
|
+
# },
|
14239
|
+
# challenge: {
|
14240
|
+
# custom_request_handling: {
|
14241
|
+
# insert_headers: [ # required
|
14242
|
+
# {
|
14243
|
+
# name: "CustomHTTPHeaderName", # required
|
14244
|
+
# value: "CustomHTTPHeaderValue", # required
|
14245
|
+
# },
|
14246
|
+
# ],
|
14247
|
+
# },
|
14248
|
+
# },
|
14249
|
+
# },
|
14250
|
+
# },
|
14251
|
+
# ],
|
12341
14252
|
# },
|
12342
14253
|
# ip_set_reference_statement: {
|
12343
14254
|
# arn: "ResourceArn", # required
|
@@ -12451,6 +14362,68 @@ module Aws::WAFV2
|
|
12451
14362
|
# password_field: {
|
12452
14363
|
# identifier: "FieldIdentifier", # required
|
12453
14364
|
# },
|
14365
|
+
# aws_managed_rules_bot_control_rule_set: {
|
14366
|
+
# inspection_level: "COMMON", # required, accepts COMMON, TARGETED
|
14367
|
+
# },
|
14368
|
+
# },
|
14369
|
+
# ],
|
14370
|
+
# rule_action_overrides: [
|
14371
|
+
# {
|
14372
|
+
# name: "EntityName", # required
|
14373
|
+
# action_to_use: { # required
|
14374
|
+
# block: {
|
14375
|
+
# custom_response: {
|
14376
|
+
# response_code: 1, # required
|
14377
|
+
# custom_response_body_key: "EntityName",
|
14378
|
+
# response_headers: [
|
14379
|
+
# {
|
14380
|
+
# name: "CustomHTTPHeaderName", # required
|
14381
|
+
# value: "CustomHTTPHeaderValue", # required
|
14382
|
+
# },
|
14383
|
+
# ],
|
14384
|
+
# },
|
14385
|
+
# },
|
14386
|
+
# allow: {
|
14387
|
+
# custom_request_handling: {
|
14388
|
+
# insert_headers: [ # required
|
14389
|
+
# {
|
14390
|
+
# name: "CustomHTTPHeaderName", # required
|
14391
|
+
# value: "CustomHTTPHeaderValue", # required
|
14392
|
+
# },
|
14393
|
+
# ],
|
14394
|
+
# },
|
14395
|
+
# },
|
14396
|
+
# count: {
|
14397
|
+
# custom_request_handling: {
|
14398
|
+
# insert_headers: [ # required
|
14399
|
+
# {
|
14400
|
+
# name: "CustomHTTPHeaderName", # required
|
14401
|
+
# value: "CustomHTTPHeaderValue", # required
|
14402
|
+
# },
|
14403
|
+
# ],
|
14404
|
+
# },
|
14405
|
+
# },
|
14406
|
+
# captcha: {
|
14407
|
+
# custom_request_handling: {
|
14408
|
+
# insert_headers: [ # required
|
14409
|
+
# {
|
14410
|
+
# name: "CustomHTTPHeaderName", # required
|
14411
|
+
# value: "CustomHTTPHeaderValue", # required
|
14412
|
+
# },
|
14413
|
+
# ],
|
14414
|
+
# },
|
14415
|
+
# },
|
14416
|
+
# challenge: {
|
14417
|
+
# custom_request_handling: {
|
14418
|
+
# insert_headers: [ # required
|
14419
|
+
# {
|
14420
|
+
# name: "CustomHTTPHeaderName", # required
|
14421
|
+
# value: "CustomHTTPHeaderValue", # required
|
14422
|
+
# },
|
14423
|
+
# ],
|
14424
|
+
# },
|
14425
|
+
# },
|
14426
|
+
# },
|
12454
14427
|
# },
|
12455
14428
|
# ],
|
12456
14429
|
# },
|
@@ -12769,6 +14742,65 @@ module Aws::WAFV2
|
|
12769
14742
|
# name: "EntityName", # required
|
12770
14743
|
# },
|
12771
14744
|
# ],
|
14745
|
+
# rule_action_overrides: [
|
14746
|
+
# {
|
14747
|
+
# name: "EntityName", # required
|
14748
|
+
# action_to_use: { # required
|
14749
|
+
# block: {
|
14750
|
+
# custom_response: {
|
14751
|
+
# response_code: 1, # required
|
14752
|
+
# custom_response_body_key: "EntityName",
|
14753
|
+
# response_headers: [
|
14754
|
+
# {
|
14755
|
+
# name: "CustomHTTPHeaderName", # required
|
14756
|
+
# value: "CustomHTTPHeaderValue", # required
|
14757
|
+
# },
|
14758
|
+
# ],
|
14759
|
+
# },
|
14760
|
+
# },
|
14761
|
+
# allow: {
|
14762
|
+
# custom_request_handling: {
|
14763
|
+
# insert_headers: [ # required
|
14764
|
+
# {
|
14765
|
+
# name: "CustomHTTPHeaderName", # required
|
14766
|
+
# value: "CustomHTTPHeaderValue", # required
|
14767
|
+
# },
|
14768
|
+
# ],
|
14769
|
+
# },
|
14770
|
+
# },
|
14771
|
+
# count: {
|
14772
|
+
# custom_request_handling: {
|
14773
|
+
# insert_headers: [ # required
|
14774
|
+
# {
|
14775
|
+
# name: "CustomHTTPHeaderName", # required
|
14776
|
+
# value: "CustomHTTPHeaderValue", # required
|
14777
|
+
# },
|
14778
|
+
# ],
|
14779
|
+
# },
|
14780
|
+
# },
|
14781
|
+
# captcha: {
|
14782
|
+
# custom_request_handling: {
|
14783
|
+
# insert_headers: [ # required
|
14784
|
+
# {
|
14785
|
+
# name: "CustomHTTPHeaderName", # required
|
14786
|
+
# value: "CustomHTTPHeaderValue", # required
|
14787
|
+
# },
|
14788
|
+
# ],
|
14789
|
+
# },
|
14790
|
+
# },
|
14791
|
+
# challenge: {
|
14792
|
+
# custom_request_handling: {
|
14793
|
+
# insert_headers: [ # required
|
14794
|
+
# {
|
14795
|
+
# name: "CustomHTTPHeaderName", # required
|
14796
|
+
# value: "CustomHTTPHeaderValue", # required
|
14797
|
+
# },
|
14798
|
+
# ],
|
14799
|
+
# },
|
14800
|
+
# },
|
14801
|
+
# },
|
14802
|
+
# },
|
14803
|
+
# ],
|
12772
14804
|
# },
|
12773
14805
|
# ip_set_reference_statement: {
|
12774
14806
|
# arn: "ResourceArn", # required
|
@@ -12882,6 +14914,68 @@ module Aws::WAFV2
|
|
12882
14914
|
# password_field: {
|
12883
14915
|
# identifier: "FieldIdentifier", # required
|
12884
14916
|
# },
|
14917
|
+
# aws_managed_rules_bot_control_rule_set: {
|
14918
|
+
# inspection_level: "COMMON", # required, accepts COMMON, TARGETED
|
14919
|
+
# },
|
14920
|
+
# },
|
14921
|
+
# ],
|
14922
|
+
# rule_action_overrides: [
|
14923
|
+
# {
|
14924
|
+
# name: "EntityName", # required
|
14925
|
+
# action_to_use: { # required
|
14926
|
+
# block: {
|
14927
|
+
# custom_response: {
|
14928
|
+
# response_code: 1, # required
|
14929
|
+
# custom_response_body_key: "EntityName",
|
14930
|
+
# response_headers: [
|
14931
|
+
# {
|
14932
|
+
# name: "CustomHTTPHeaderName", # required
|
14933
|
+
# value: "CustomHTTPHeaderValue", # required
|
14934
|
+
# },
|
14935
|
+
# ],
|
14936
|
+
# },
|
14937
|
+
# },
|
14938
|
+
# allow: {
|
14939
|
+
# custom_request_handling: {
|
14940
|
+
# insert_headers: [ # required
|
14941
|
+
# {
|
14942
|
+
# name: "CustomHTTPHeaderName", # required
|
14943
|
+
# value: "CustomHTTPHeaderValue", # required
|
14944
|
+
# },
|
14945
|
+
# ],
|
14946
|
+
# },
|
14947
|
+
# },
|
14948
|
+
# count: {
|
14949
|
+
# custom_request_handling: {
|
14950
|
+
# insert_headers: [ # required
|
14951
|
+
# {
|
14952
|
+
# name: "CustomHTTPHeaderName", # required
|
14953
|
+
# value: "CustomHTTPHeaderValue", # required
|
14954
|
+
# },
|
14955
|
+
# ],
|
14956
|
+
# },
|
14957
|
+
# },
|
14958
|
+
# captcha: {
|
14959
|
+
# custom_request_handling: {
|
14960
|
+
# insert_headers: [ # required
|
14961
|
+
# {
|
14962
|
+
# name: "CustomHTTPHeaderName", # required
|
14963
|
+
# value: "CustomHTTPHeaderValue", # required
|
14964
|
+
# },
|
14965
|
+
# ],
|
14966
|
+
# },
|
14967
|
+
# },
|
14968
|
+
# challenge: {
|
14969
|
+
# custom_request_handling: {
|
14970
|
+
# insert_headers: [ # required
|
14971
|
+
# {
|
14972
|
+
# name: "CustomHTTPHeaderName", # required
|
14973
|
+
# value: "CustomHTTPHeaderValue", # required
|
14974
|
+
# },
|
14975
|
+
# ],
|
14976
|
+
# },
|
14977
|
+
# },
|
14978
|
+
# },
|
12885
14979
|
# },
|
12886
14980
|
# ],
|
12887
14981
|
# },
|
@@ -13199,6 +15293,65 @@ module Aws::WAFV2
|
|
13199
15293
|
# name: "EntityName", # required
|
13200
15294
|
# },
|
13201
15295
|
# ],
|
15296
|
+
# rule_action_overrides: [
|
15297
|
+
# {
|
15298
|
+
# name: "EntityName", # required
|
15299
|
+
# action_to_use: { # required
|
15300
|
+
# block: {
|
15301
|
+
# custom_response: {
|
15302
|
+
# response_code: 1, # required
|
15303
|
+
# custom_response_body_key: "EntityName",
|
15304
|
+
# response_headers: [
|
15305
|
+
# {
|
15306
|
+
# name: "CustomHTTPHeaderName", # required
|
15307
|
+
# value: "CustomHTTPHeaderValue", # required
|
15308
|
+
# },
|
15309
|
+
# ],
|
15310
|
+
# },
|
15311
|
+
# },
|
15312
|
+
# allow: {
|
15313
|
+
# custom_request_handling: {
|
15314
|
+
# insert_headers: [ # required
|
15315
|
+
# {
|
15316
|
+
# name: "CustomHTTPHeaderName", # required
|
15317
|
+
# value: "CustomHTTPHeaderValue", # required
|
15318
|
+
# },
|
15319
|
+
# ],
|
15320
|
+
# },
|
15321
|
+
# },
|
15322
|
+
# count: {
|
15323
|
+
# custom_request_handling: {
|
15324
|
+
# insert_headers: [ # required
|
15325
|
+
# {
|
15326
|
+
# name: "CustomHTTPHeaderName", # required
|
15327
|
+
# value: "CustomHTTPHeaderValue", # required
|
15328
|
+
# },
|
15329
|
+
# ],
|
15330
|
+
# },
|
15331
|
+
# },
|
15332
|
+
# captcha: {
|
15333
|
+
# custom_request_handling: {
|
15334
|
+
# insert_headers: [ # required
|
15335
|
+
# {
|
15336
|
+
# name: "CustomHTTPHeaderName", # required
|
15337
|
+
# value: "CustomHTTPHeaderValue", # required
|
15338
|
+
# },
|
15339
|
+
# ],
|
15340
|
+
# },
|
15341
|
+
# },
|
15342
|
+
# challenge: {
|
15343
|
+
# custom_request_handling: {
|
15344
|
+
# insert_headers: [ # required
|
15345
|
+
# {
|
15346
|
+
# name: "CustomHTTPHeaderName", # required
|
15347
|
+
# value: "CustomHTTPHeaderValue", # required
|
15348
|
+
# },
|
15349
|
+
# ],
|
15350
|
+
# },
|
15351
|
+
# },
|
15352
|
+
# },
|
15353
|
+
# },
|
15354
|
+
# ],
|
13202
15355
|
# },
|
13203
15356
|
# ip_set_reference_statement: {
|
13204
15357
|
# arn: "ResourceArn", # required
|
@@ -13316,6 +15469,68 @@ module Aws::WAFV2
|
|
13316
15469
|
# password_field: {
|
13317
15470
|
# identifier: "FieldIdentifier", # required
|
13318
15471
|
# },
|
15472
|
+
# aws_managed_rules_bot_control_rule_set: {
|
15473
|
+
# inspection_level: "COMMON", # required, accepts COMMON, TARGETED
|
15474
|
+
# },
|
15475
|
+
# },
|
15476
|
+
# ],
|
15477
|
+
# rule_action_overrides: [
|
15478
|
+
# {
|
15479
|
+
# name: "EntityName", # required
|
15480
|
+
# action_to_use: { # required
|
15481
|
+
# block: {
|
15482
|
+
# custom_response: {
|
15483
|
+
# response_code: 1, # required
|
15484
|
+
# custom_response_body_key: "EntityName",
|
15485
|
+
# response_headers: [
|
15486
|
+
# {
|
15487
|
+
# name: "CustomHTTPHeaderName", # required
|
15488
|
+
# value: "CustomHTTPHeaderValue", # required
|
15489
|
+
# },
|
15490
|
+
# ],
|
15491
|
+
# },
|
15492
|
+
# },
|
15493
|
+
# allow: {
|
15494
|
+
# custom_request_handling: {
|
15495
|
+
# insert_headers: [ # required
|
15496
|
+
# {
|
15497
|
+
# name: "CustomHTTPHeaderName", # required
|
15498
|
+
# value: "CustomHTTPHeaderValue", # required
|
15499
|
+
# },
|
15500
|
+
# ],
|
15501
|
+
# },
|
15502
|
+
# },
|
15503
|
+
# count: {
|
15504
|
+
# custom_request_handling: {
|
15505
|
+
# insert_headers: [ # required
|
15506
|
+
# {
|
15507
|
+
# name: "CustomHTTPHeaderName", # required
|
15508
|
+
# value: "CustomHTTPHeaderValue", # required
|
15509
|
+
# },
|
15510
|
+
# ],
|
15511
|
+
# },
|
15512
|
+
# },
|
15513
|
+
# captcha: {
|
15514
|
+
# custom_request_handling: {
|
15515
|
+
# insert_headers: [ # required
|
15516
|
+
# {
|
15517
|
+
# name: "CustomHTTPHeaderName", # required
|
15518
|
+
# value: "CustomHTTPHeaderValue", # required
|
15519
|
+
# },
|
15520
|
+
# ],
|
15521
|
+
# },
|
15522
|
+
# },
|
15523
|
+
# challenge: {
|
15524
|
+
# custom_request_handling: {
|
15525
|
+
# insert_headers: [ # required
|
15526
|
+
# {
|
15527
|
+
# name: "CustomHTTPHeaderName", # required
|
15528
|
+
# value: "CustomHTTPHeaderValue", # required
|
15529
|
+
# },
|
15530
|
+
# ],
|
15531
|
+
# },
|
15532
|
+
# },
|
15533
|
+
# },
|
13319
15534
|
# },
|
13320
15535
|
# ],
|
13321
15536
|
# },
|
@@ -13640,6 +15855,65 @@ module Aws::WAFV2
|
|
13640
15855
|
# name: "EntityName", # required
|
13641
15856
|
# },
|
13642
15857
|
# ],
|
15858
|
+
# rule_action_overrides: [
|
15859
|
+
# {
|
15860
|
+
# name: "EntityName", # required
|
15861
|
+
# action_to_use: { # required
|
15862
|
+
# block: {
|
15863
|
+
# custom_response: {
|
15864
|
+
# response_code: 1, # required
|
15865
|
+
# custom_response_body_key: "EntityName",
|
15866
|
+
# response_headers: [
|
15867
|
+
# {
|
15868
|
+
# name: "CustomHTTPHeaderName", # required
|
15869
|
+
# value: "CustomHTTPHeaderValue", # required
|
15870
|
+
# },
|
15871
|
+
# ],
|
15872
|
+
# },
|
15873
|
+
# },
|
15874
|
+
# allow: {
|
15875
|
+
# custom_request_handling: {
|
15876
|
+
# insert_headers: [ # required
|
15877
|
+
# {
|
15878
|
+
# name: "CustomHTTPHeaderName", # required
|
15879
|
+
# value: "CustomHTTPHeaderValue", # required
|
15880
|
+
# },
|
15881
|
+
# ],
|
15882
|
+
# },
|
15883
|
+
# },
|
15884
|
+
# count: {
|
15885
|
+
# custom_request_handling: {
|
15886
|
+
# insert_headers: [ # required
|
15887
|
+
# {
|
15888
|
+
# name: "CustomHTTPHeaderName", # required
|
15889
|
+
# value: "CustomHTTPHeaderValue", # required
|
15890
|
+
# },
|
15891
|
+
# ],
|
15892
|
+
# },
|
15893
|
+
# },
|
15894
|
+
# captcha: {
|
15895
|
+
# custom_request_handling: {
|
15896
|
+
# insert_headers: [ # required
|
15897
|
+
# {
|
15898
|
+
# name: "CustomHTTPHeaderName", # required
|
15899
|
+
# value: "CustomHTTPHeaderValue", # required
|
15900
|
+
# },
|
15901
|
+
# ],
|
15902
|
+
# },
|
15903
|
+
# },
|
15904
|
+
# challenge: {
|
15905
|
+
# custom_request_handling: {
|
15906
|
+
# insert_headers: [ # required
|
15907
|
+
# {
|
15908
|
+
# name: "CustomHTTPHeaderName", # required
|
15909
|
+
# value: "CustomHTTPHeaderValue", # required
|
15910
|
+
# },
|
15911
|
+
# ],
|
15912
|
+
# },
|
15913
|
+
# },
|
15914
|
+
# },
|
15915
|
+
# },
|
15916
|
+
# ],
|
13643
15917
|
# },
|
13644
15918
|
# ip_set_reference_statement: {
|
13645
15919
|
# arn: "ResourceArn", # required
|
@@ -13813,6 +16087,68 @@ module Aws::WAFV2
|
|
13813
16087
|
# password_field: {
|
13814
16088
|
# identifier: "FieldIdentifier", # required
|
13815
16089
|
# },
|
16090
|
+
# aws_managed_rules_bot_control_rule_set: {
|
16091
|
+
# inspection_level: "COMMON", # required, accepts COMMON, TARGETED
|
16092
|
+
# },
|
16093
|
+
# },
|
16094
|
+
# ],
|
16095
|
+
# rule_action_overrides: [
|
16096
|
+
# {
|
16097
|
+
# name: "EntityName", # required
|
16098
|
+
# action_to_use: { # required
|
16099
|
+
# block: {
|
16100
|
+
# custom_response: {
|
16101
|
+
# response_code: 1, # required
|
16102
|
+
# custom_response_body_key: "EntityName",
|
16103
|
+
# response_headers: [
|
16104
|
+
# {
|
16105
|
+
# name: "CustomHTTPHeaderName", # required
|
16106
|
+
# value: "CustomHTTPHeaderValue", # required
|
16107
|
+
# },
|
16108
|
+
# ],
|
16109
|
+
# },
|
16110
|
+
# },
|
16111
|
+
# allow: {
|
16112
|
+
# custom_request_handling: {
|
16113
|
+
# insert_headers: [ # required
|
16114
|
+
# {
|
16115
|
+
# name: "CustomHTTPHeaderName", # required
|
16116
|
+
# value: "CustomHTTPHeaderValue", # required
|
16117
|
+
# },
|
16118
|
+
# ],
|
16119
|
+
# },
|
16120
|
+
# },
|
16121
|
+
# count: {
|
16122
|
+
# custom_request_handling: {
|
16123
|
+
# insert_headers: [ # required
|
16124
|
+
# {
|
16125
|
+
# name: "CustomHTTPHeaderName", # required
|
16126
|
+
# value: "CustomHTTPHeaderValue", # required
|
16127
|
+
# },
|
16128
|
+
# ],
|
16129
|
+
# },
|
16130
|
+
# },
|
16131
|
+
# captcha: {
|
16132
|
+
# custom_request_handling: {
|
16133
|
+
# insert_headers: [ # required
|
16134
|
+
# {
|
16135
|
+
# name: "CustomHTTPHeaderName", # required
|
16136
|
+
# value: "CustomHTTPHeaderValue", # required
|
16137
|
+
# },
|
16138
|
+
# ],
|
16139
|
+
# },
|
16140
|
+
# },
|
16141
|
+
# challenge: {
|
16142
|
+
# custom_request_handling: {
|
16143
|
+
# insert_headers: [ # required
|
16144
|
+
# {
|
16145
|
+
# name: "CustomHTTPHeaderName", # required
|
16146
|
+
# value: "CustomHTTPHeaderValue", # required
|
16147
|
+
# },
|
16148
|
+
# ],
|
16149
|
+
# },
|
16150
|
+
# },
|
16151
|
+
# },
|
13816
16152
|
# },
|
13817
16153
|
# ],
|
13818
16154
|
# },
|
@@ -13921,8 +16257,41 @@ module Aws::WAFV2
|
|
13921
16257
|
# @return [Types::SizeConstraintStatement]
|
13922
16258
|
#
|
13923
16259
|
# @!attribute [rw] geo_match_statement
|
13924
|
-
# A rule statement
|
13925
|
-
#
|
16260
|
+
# A rule statement that labels web requests by country and region and
|
16261
|
+
# that matches against web requests based on country code. A geo match
|
16262
|
+
# rule labels every request that it inspects regardless of whether it
|
16263
|
+
# finds a match.
|
16264
|
+
#
|
16265
|
+
# * To manage requests only by country, you can use this statement by
|
16266
|
+
# itself and specify the countries that you want to match against in
|
16267
|
+
# the `CountryCodes` array.
|
16268
|
+
#
|
16269
|
+
# * Otherwise, configure your geo match rule with Count action so that
|
16270
|
+
# it only labels requests. Then, add one or more label match rules
|
16271
|
+
# to run after the geo match rule and configure them to match
|
16272
|
+
# against the geographic labels and handle the requests as needed.
|
16273
|
+
#
|
16274
|
+
# WAF labels requests using the alpha-2 country and region codes from
|
16275
|
+
# the International Organization for Standardization (ISO) 3166
|
16276
|
+
# standard. WAF determines the codes using either the IP address in
|
16277
|
+
# the web request origin or, if you specify it, the address in the geo
|
16278
|
+
# match `ForwardedIPConfig`.
|
16279
|
+
#
|
16280
|
+
# If you use the web request origin, the label formats are
|
16281
|
+
# `awswaf:clientip:geo:region:<ISO country code>-<ISO region code>`
|
16282
|
+
# and `awswaf:clientip:geo:country:<ISO country code>`.
|
16283
|
+
#
|
16284
|
+
# If you use a forwarded IP address, the label formats are
|
16285
|
+
# `awswaf:forwardedip:geo:region:<ISO country code>-<ISO region code>`
|
16286
|
+
# and `awswaf:forwardedip:geo:country:<ISO country code>`.
|
16287
|
+
#
|
16288
|
+
# For additional details, see [Geographic match rule statement][1] in
|
16289
|
+
# the [WAF Developer Guide][2].
|
16290
|
+
#
|
16291
|
+
#
|
16292
|
+
#
|
16293
|
+
# [1]: https://docs.aws.amazon.com/waf/latest/developerguide/waf-rule-statement-type-geo-match.html
|
16294
|
+
# [2]: https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html
|
13926
16295
|
# @return [Types::GeoMatchStatement]
|
13927
16296
|
#
|
13928
16297
|
# @!attribute [rw] rule_group_reference_statement
|
@@ -14049,9 +16418,8 @@ module Aws::WAFV2
|
|
14049
16418
|
# @return [Types::ManagedRuleGroupStatement]
|
14050
16419
|
#
|
14051
16420
|
# @!attribute [rw] label_match_statement
|
14052
|
-
# A rule statement
|
14053
|
-
#
|
14054
|
-
# run in the web ACL.
|
16421
|
+
# A rule statement to match against labels that have been added to the
|
16422
|
+
# web request by rules that have already run in the web ACL.
|
14055
16423
|
#
|
14056
16424
|
# The label match statement provides the label or namespace string to
|
14057
16425
|
# search for. The label string can represent a part or all of the
|
@@ -15020,6 +17388,65 @@ module Aws::WAFV2
|
|
15020
17388
|
# name: "EntityName", # required
|
15021
17389
|
# },
|
15022
17390
|
# ],
|
17391
|
+
# rule_action_overrides: [
|
17392
|
+
# {
|
17393
|
+
# name: "EntityName", # required
|
17394
|
+
# action_to_use: { # required
|
17395
|
+
# block: {
|
17396
|
+
# custom_response: {
|
17397
|
+
# response_code: 1, # required
|
17398
|
+
# custom_response_body_key: "EntityName",
|
17399
|
+
# response_headers: [
|
17400
|
+
# {
|
17401
|
+
# name: "CustomHTTPHeaderName", # required
|
17402
|
+
# value: "CustomHTTPHeaderValue", # required
|
17403
|
+
# },
|
17404
|
+
# ],
|
17405
|
+
# },
|
17406
|
+
# },
|
17407
|
+
# allow: {
|
17408
|
+
# custom_request_handling: {
|
17409
|
+
# insert_headers: [ # required
|
17410
|
+
# {
|
17411
|
+
# name: "CustomHTTPHeaderName", # required
|
17412
|
+
# value: "CustomHTTPHeaderValue", # required
|
17413
|
+
# },
|
17414
|
+
# ],
|
17415
|
+
# },
|
17416
|
+
# },
|
17417
|
+
# count: {
|
17418
|
+
# custom_request_handling: {
|
17419
|
+
# insert_headers: [ # required
|
17420
|
+
# {
|
17421
|
+
# name: "CustomHTTPHeaderName", # required
|
17422
|
+
# value: "CustomHTTPHeaderValue", # required
|
17423
|
+
# },
|
17424
|
+
# ],
|
17425
|
+
# },
|
17426
|
+
# },
|
17427
|
+
# captcha: {
|
17428
|
+
# custom_request_handling: {
|
17429
|
+
# insert_headers: [ # required
|
17430
|
+
# {
|
17431
|
+
# name: "CustomHTTPHeaderName", # required
|
17432
|
+
# value: "CustomHTTPHeaderValue", # required
|
17433
|
+
# },
|
17434
|
+
# ],
|
17435
|
+
# },
|
17436
|
+
# },
|
17437
|
+
# challenge: {
|
17438
|
+
# custom_request_handling: {
|
17439
|
+
# insert_headers: [ # required
|
17440
|
+
# {
|
17441
|
+
# name: "CustomHTTPHeaderName", # required
|
17442
|
+
# value: "CustomHTTPHeaderValue", # required
|
17443
|
+
# },
|
17444
|
+
# ],
|
17445
|
+
# },
|
17446
|
+
# },
|
17447
|
+
# },
|
17448
|
+
# },
|
17449
|
+
# ],
|
15023
17450
|
# },
|
15024
17451
|
# ip_set_reference_statement: {
|
15025
17452
|
# arn: "ResourceArn", # required
|
@@ -15139,6 +17566,68 @@ module Aws::WAFV2
|
|
15139
17566
|
# password_field: {
|
15140
17567
|
# identifier: "FieldIdentifier", # required
|
15141
17568
|
# },
|
17569
|
+
# aws_managed_rules_bot_control_rule_set: {
|
17570
|
+
# inspection_level: "COMMON", # required, accepts COMMON, TARGETED
|
17571
|
+
# },
|
17572
|
+
# },
|
17573
|
+
# ],
|
17574
|
+
# rule_action_overrides: [
|
17575
|
+
# {
|
17576
|
+
# name: "EntityName", # required
|
17577
|
+
# action_to_use: { # required
|
17578
|
+
# block: {
|
17579
|
+
# custom_response: {
|
17580
|
+
# response_code: 1, # required
|
17581
|
+
# custom_response_body_key: "EntityName",
|
17582
|
+
# response_headers: [
|
17583
|
+
# {
|
17584
|
+
# name: "CustomHTTPHeaderName", # required
|
17585
|
+
# value: "CustomHTTPHeaderValue", # required
|
17586
|
+
# },
|
17587
|
+
# ],
|
17588
|
+
# },
|
17589
|
+
# },
|
17590
|
+
# allow: {
|
17591
|
+
# custom_request_handling: {
|
17592
|
+
# insert_headers: [ # required
|
17593
|
+
# {
|
17594
|
+
# name: "CustomHTTPHeaderName", # required
|
17595
|
+
# value: "CustomHTTPHeaderValue", # required
|
17596
|
+
# },
|
17597
|
+
# ],
|
17598
|
+
# },
|
17599
|
+
# },
|
17600
|
+
# count: {
|
17601
|
+
# custom_request_handling: {
|
17602
|
+
# insert_headers: [ # required
|
17603
|
+
# {
|
17604
|
+
# name: "CustomHTTPHeaderName", # required
|
17605
|
+
# value: "CustomHTTPHeaderValue", # required
|
17606
|
+
# },
|
17607
|
+
# ],
|
17608
|
+
# },
|
17609
|
+
# },
|
17610
|
+
# captcha: {
|
17611
|
+
# custom_request_handling: {
|
17612
|
+
# insert_headers: [ # required
|
17613
|
+
# {
|
17614
|
+
# name: "CustomHTTPHeaderName", # required
|
17615
|
+
# value: "CustomHTTPHeaderValue", # required
|
17616
|
+
# },
|
17617
|
+
# ],
|
17618
|
+
# },
|
17619
|
+
# },
|
17620
|
+
# challenge: {
|
17621
|
+
# custom_request_handling: {
|
17622
|
+
# insert_headers: [ # required
|
17623
|
+
# {
|
17624
|
+
# name: "CustomHTTPHeaderName", # required
|
17625
|
+
# value: "CustomHTTPHeaderValue", # required
|
17626
|
+
# },
|
17627
|
+
# ],
|
17628
|
+
# },
|
17629
|
+
# },
|
17630
|
+
# },
|
15142
17631
|
# },
|
15143
17632
|
# ],
|
15144
17633
|
# },
|
@@ -15248,6 +17737,16 @@ module Aws::WAFV2
|
|
15248
17737
|
# ],
|
15249
17738
|
# },
|
15250
17739
|
# },
|
17740
|
+
# challenge: {
|
17741
|
+
# custom_request_handling: {
|
17742
|
+
# insert_headers: [ # required
|
17743
|
+
# {
|
17744
|
+
# name: "CustomHTTPHeaderName", # required
|
17745
|
+
# value: "CustomHTTPHeaderValue", # required
|
17746
|
+
# },
|
17747
|
+
# ],
|
17748
|
+
# },
|
17749
|
+
# },
|
15251
17750
|
# },
|
15252
17751
|
# override_action: {
|
15253
17752
|
# count: {
|
@@ -15278,6 +17777,11 @@ module Aws::WAFV2
|
|
15278
17777
|
# immunity_time: 1, # required
|
15279
17778
|
# },
|
15280
17779
|
# },
|
17780
|
+
# challenge_config: {
|
17781
|
+
# immunity_time_property: {
|
17782
|
+
# immunity_time: 1, # required
|
17783
|
+
# },
|
17784
|
+
# },
|
15281
17785
|
# },
|
15282
17786
|
# ],
|
15283
17787
|
# visibility_config: { # required
|
@@ -15682,6 +18186,65 @@ module Aws::WAFV2
|
|
15682
18186
|
# name: "EntityName", # required
|
15683
18187
|
# },
|
15684
18188
|
# ],
|
18189
|
+
# rule_action_overrides: [
|
18190
|
+
# {
|
18191
|
+
# name: "EntityName", # required
|
18192
|
+
# action_to_use: { # required
|
18193
|
+
# block: {
|
18194
|
+
# custom_response: {
|
18195
|
+
# response_code: 1, # required
|
18196
|
+
# custom_response_body_key: "EntityName",
|
18197
|
+
# response_headers: [
|
18198
|
+
# {
|
18199
|
+
# name: "CustomHTTPHeaderName", # required
|
18200
|
+
# value: "CustomHTTPHeaderValue", # required
|
18201
|
+
# },
|
18202
|
+
# ],
|
18203
|
+
# },
|
18204
|
+
# },
|
18205
|
+
# allow: {
|
18206
|
+
# custom_request_handling: {
|
18207
|
+
# insert_headers: [ # required
|
18208
|
+
# {
|
18209
|
+
# name: "CustomHTTPHeaderName", # required
|
18210
|
+
# value: "CustomHTTPHeaderValue", # required
|
18211
|
+
# },
|
18212
|
+
# ],
|
18213
|
+
# },
|
18214
|
+
# },
|
18215
|
+
# count: {
|
18216
|
+
# custom_request_handling: {
|
18217
|
+
# insert_headers: [ # required
|
18218
|
+
# {
|
18219
|
+
# name: "CustomHTTPHeaderName", # required
|
18220
|
+
# value: "CustomHTTPHeaderValue", # required
|
18221
|
+
# },
|
18222
|
+
# ],
|
18223
|
+
# },
|
18224
|
+
# },
|
18225
|
+
# captcha: {
|
18226
|
+
# custom_request_handling: {
|
18227
|
+
# insert_headers: [ # required
|
18228
|
+
# {
|
18229
|
+
# name: "CustomHTTPHeaderName", # required
|
18230
|
+
# value: "CustomHTTPHeaderValue", # required
|
18231
|
+
# },
|
18232
|
+
# ],
|
18233
|
+
# },
|
18234
|
+
# },
|
18235
|
+
# challenge: {
|
18236
|
+
# custom_request_handling: {
|
18237
|
+
# insert_headers: [ # required
|
18238
|
+
# {
|
18239
|
+
# name: "CustomHTTPHeaderName", # required
|
18240
|
+
# value: "CustomHTTPHeaderValue", # required
|
18241
|
+
# },
|
18242
|
+
# ],
|
18243
|
+
# },
|
18244
|
+
# },
|
18245
|
+
# },
|
18246
|
+
# },
|
18247
|
+
# ],
|
15685
18248
|
# },
|
15686
18249
|
# ip_set_reference_statement: {
|
15687
18250
|
# arn: "ResourceArn", # required
|
@@ -15801,6 +18364,68 @@ module Aws::WAFV2
|
|
15801
18364
|
# password_field: {
|
15802
18365
|
# identifier: "FieldIdentifier", # required
|
15803
18366
|
# },
|
18367
|
+
# aws_managed_rules_bot_control_rule_set: {
|
18368
|
+
# inspection_level: "COMMON", # required, accepts COMMON, TARGETED
|
18369
|
+
# },
|
18370
|
+
# },
|
18371
|
+
# ],
|
18372
|
+
# rule_action_overrides: [
|
18373
|
+
# {
|
18374
|
+
# name: "EntityName", # required
|
18375
|
+
# action_to_use: { # required
|
18376
|
+
# block: {
|
18377
|
+
# custom_response: {
|
18378
|
+
# response_code: 1, # required
|
18379
|
+
# custom_response_body_key: "EntityName",
|
18380
|
+
# response_headers: [
|
18381
|
+
# {
|
18382
|
+
# name: "CustomHTTPHeaderName", # required
|
18383
|
+
# value: "CustomHTTPHeaderValue", # required
|
18384
|
+
# },
|
18385
|
+
# ],
|
18386
|
+
# },
|
18387
|
+
# },
|
18388
|
+
# allow: {
|
18389
|
+
# custom_request_handling: {
|
18390
|
+
# insert_headers: [ # required
|
18391
|
+
# {
|
18392
|
+
# name: "CustomHTTPHeaderName", # required
|
18393
|
+
# value: "CustomHTTPHeaderValue", # required
|
18394
|
+
# },
|
18395
|
+
# ],
|
18396
|
+
# },
|
18397
|
+
# },
|
18398
|
+
# count: {
|
18399
|
+
# custom_request_handling: {
|
18400
|
+
# insert_headers: [ # required
|
18401
|
+
# {
|
18402
|
+
# name: "CustomHTTPHeaderName", # required
|
18403
|
+
# value: "CustomHTTPHeaderValue", # required
|
18404
|
+
# },
|
18405
|
+
# ],
|
18406
|
+
# },
|
18407
|
+
# },
|
18408
|
+
# captcha: {
|
18409
|
+
# custom_request_handling: {
|
18410
|
+
# insert_headers: [ # required
|
18411
|
+
# {
|
18412
|
+
# name: "CustomHTTPHeaderName", # required
|
18413
|
+
# value: "CustomHTTPHeaderValue", # required
|
18414
|
+
# },
|
18415
|
+
# ],
|
18416
|
+
# },
|
18417
|
+
# },
|
18418
|
+
# challenge: {
|
18419
|
+
# custom_request_handling: {
|
18420
|
+
# insert_headers: [ # required
|
18421
|
+
# {
|
18422
|
+
# name: "CustomHTTPHeaderName", # required
|
18423
|
+
# value: "CustomHTTPHeaderValue", # required
|
18424
|
+
# },
|
18425
|
+
# ],
|
18426
|
+
# },
|
18427
|
+
# },
|
18428
|
+
# },
|
15804
18429
|
# },
|
15805
18430
|
# ],
|
15806
18431
|
# },
|
@@ -15910,6 +18535,16 @@ module Aws::WAFV2
|
|
15910
18535
|
# ],
|
15911
18536
|
# },
|
15912
18537
|
# },
|
18538
|
+
# challenge: {
|
18539
|
+
# custom_request_handling: {
|
18540
|
+
# insert_headers: [ # required
|
18541
|
+
# {
|
18542
|
+
# name: "CustomHTTPHeaderName", # required
|
18543
|
+
# value: "CustomHTTPHeaderValue", # required
|
18544
|
+
# },
|
18545
|
+
# ],
|
18546
|
+
# },
|
18547
|
+
# },
|
15913
18548
|
# },
|
15914
18549
|
# override_action: {
|
15915
18550
|
# count: {
|
@@ -15940,6 +18575,11 @@ module Aws::WAFV2
|
|
15940
18575
|
# immunity_time: 1, # required
|
15941
18576
|
# },
|
15942
18577
|
# },
|
18578
|
+
# challenge_config: {
|
18579
|
+
# immunity_time_property: {
|
18580
|
+
# immunity_time: 1, # required
|
18581
|
+
# },
|
18582
|
+
# },
|
15943
18583
|
# },
|
15944
18584
|
# ],
|
15945
18585
|
# visibility_config: { # required
|
@@ -15959,6 +18599,12 @@ module Aws::WAFV2
|
|
15959
18599
|
# immunity_time: 1, # required
|
15960
18600
|
# },
|
15961
18601
|
# },
|
18602
|
+
# challenge_config: {
|
18603
|
+
# immunity_time_property: {
|
18604
|
+
# immunity_time: 1, # required
|
18605
|
+
# },
|
18606
|
+
# },
|
18607
|
+
# token_domains: ["TokenDomain"],
|
15962
18608
|
# }
|
15963
18609
|
#
|
15964
18610
|
# @!attribute [rw] name
|
@@ -16047,6 +18693,26 @@ module Aws::WAFV2
|
|
16047
18693
|
# specify this, WAF uses its default settings for `CaptchaConfig`.
|
16048
18694
|
# @return [Types::CaptchaConfig]
|
16049
18695
|
#
|
18696
|
+
# @!attribute [rw] challenge_config
|
18697
|
+
# Specifies how WAF should handle challenge evaluations for rules that
|
18698
|
+
# don't have their own `ChallengeConfig` settings. If you don't
|
18699
|
+
# specify this, WAF uses its default settings for `ChallengeConfig`.
|
18700
|
+
# @return [Types::ChallengeConfig]
|
18701
|
+
#
|
18702
|
+
# @!attribute [rw] token_domains
|
18703
|
+
# Specifies the domains that WAF should accept in a web request token.
|
18704
|
+
# This enables the use of tokens across multiple protected websites.
|
18705
|
+
# When WAF provides a token, it uses the domain of the Amazon Web
|
18706
|
+
# Services resource that the web ACL is protecting. If you don't
|
18707
|
+
# specify a list of token domains, WAF accepts tokens only for the
|
18708
|
+
# domain of the protected resource. With a token domain list, WAF
|
18709
|
+
# accepts the resource's host domain plus all domains in the token
|
18710
|
+
# domain list, including their prefixed subdomains.
|
18711
|
+
#
|
18712
|
+
# Example JSON: `"TokenDomains": \{ "mywebsite.com",
|
18713
|
+
# "myotherwebsite.com" \}`
|
18714
|
+
# @return [Array<String>]
|
18715
|
+
#
|
16050
18716
|
# @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/UpdateWebACLRequest AWS API Documentation
|
16051
18717
|
#
|
16052
18718
|
class UpdateWebACLRequest < Struct.new(
|
@@ -16059,7 +18725,9 @@ module Aws::WAFV2
|
|
16059
18725
|
:visibility_config,
|
16060
18726
|
:lock_token,
|
16061
18727
|
:custom_response_bodies,
|
16062
|
-
:captcha_config
|
18728
|
+
:captcha_config,
|
18729
|
+
:challenge_config,
|
18730
|
+
:token_domains)
|
16063
18731
|
SENSITIVE = []
|
16064
18732
|
include Aws::Structure
|
16065
18733
|
end
|
@@ -16678,6 +19346,23 @@ module Aws::WAFV2
|
|
16678
19346
|
# specify this, WAF uses its default settings for `CaptchaConfig`.
|
16679
19347
|
# @return [Types::CaptchaConfig]
|
16680
19348
|
#
|
19349
|
+
# @!attribute [rw] challenge_config
|
19350
|
+
# Specifies how WAF should handle challenge evaluations for rules that
|
19351
|
+
# don't have their own `ChallengeConfig` settings. If you don't
|
19352
|
+
# specify this, WAF uses its default settings for `ChallengeConfig`.
|
19353
|
+
# @return [Types::ChallengeConfig]
|
19354
|
+
#
|
19355
|
+
# @!attribute [rw] token_domains
|
19356
|
+
# Specifies the domains that WAF should accept in a web request token.
|
19357
|
+
# This enables the use of tokens across multiple protected websites.
|
19358
|
+
# When WAF provides a token, it uses the domain of the Amazon Web
|
19359
|
+
# Services resource that the web ACL is protecting. If you don't
|
19360
|
+
# specify a list of token domains, WAF accepts tokens only for the
|
19361
|
+
# domain of the protected resource. With a token domain list, WAF
|
19362
|
+
# accepts the resource's host domain plus all domains in the token
|
19363
|
+
# domain list, including their prefixed subdomains.
|
19364
|
+
# @return [Array<String>]
|
19365
|
+
#
|
16681
19366
|
# @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/WebACL AWS API Documentation
|
16682
19367
|
#
|
16683
19368
|
class WebACL < Struct.new(
|
@@ -16694,7 +19379,9 @@ module Aws::WAFV2
|
|
16694
19379
|
:managed_by_firewall_manager,
|
16695
19380
|
:label_namespace,
|
16696
19381
|
:custom_response_bodies,
|
16697
|
-
:captcha_config
|
19382
|
+
:captcha_config,
|
19383
|
+
:challenge_config,
|
19384
|
+
:token_domains)
|
16698
19385
|
SENSITIVE = []
|
16699
19386
|
include Aws::Structure
|
16700
19387
|
end
|