aws-sdk-wafv2 1.46.0 → 1.48.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG.md +13 -1
- data/VERSION +1 -1
- data/lib/aws-sdk-wafv2/client.rb +373 -29
- data/lib/aws-sdk-wafv2/client_api.rb +76 -4
- data/lib/aws-sdk-wafv2/endpoint_parameters.rb +0 -3
- data/lib/aws-sdk-wafv2/endpoint_provider.rb +116 -94
- data/lib/aws-sdk-wafv2/types.rb +379 -24
- data/lib/aws-sdk-wafv2.rb +1 -1
- metadata +2 -2
data/lib/aws-sdk-wafv2/types.rb
CHANGED
@@ -10,7 +10,53 @@
|
|
10
10
|
module Aws::WAFV2
|
11
11
|
module Types
|
12
12
|
|
13
|
-
# Details for your use of the
|
13
|
+
# Details for your use of the account takeover prevention managed rule
|
14
|
+
# group, `AWSManagedRulesATPRuleSet`. This configuration is used in
|
15
|
+
# `ManagedRuleGroupConfig`.
|
16
|
+
#
|
17
|
+
# @!attribute [rw] login_path
|
18
|
+
# The path of the login endpoint for your application. For example,
|
19
|
+
# for the URL `https://example.com/web/login`, you would provide the
|
20
|
+
# path `/web/login`.
|
21
|
+
#
|
22
|
+
# The rule group inspects only HTTP `POST` requests to your specified
|
23
|
+
# login endpoint.
|
24
|
+
# @return [String]
|
25
|
+
#
|
26
|
+
# @!attribute [rw] request_inspection
|
27
|
+
# The criteria for inspecting login requests, used by the ATP rule
|
28
|
+
# group to validate credentials usage.
|
29
|
+
# @return [Types::RequestInspection]
|
30
|
+
#
|
31
|
+
# @!attribute [rw] response_inspection
|
32
|
+
# The criteria for inspecting responses to login requests, used by the
|
33
|
+
# ATP rule group to track login failure rates.
|
34
|
+
#
|
35
|
+
# The ATP rule group evaluates the responses that your protected
|
36
|
+
# resources send back to client login attempts, keeping count of
|
37
|
+
# successful and failed attempts from each IP address and client
|
38
|
+
# session. Using this information, the rule group labels and mitigates
|
39
|
+
# requests from client sessions and IP addresses that submit too many
|
40
|
+
# failed login attempts in a short amount of time.
|
41
|
+
#
|
42
|
+
# <note markdown="1"> Response inspection is available only in web ACLs that protect
|
43
|
+
# Amazon CloudFront distributions.
|
44
|
+
#
|
45
|
+
# </note>
|
46
|
+
# @return [Types::ResponseInspection]
|
47
|
+
#
|
48
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/AWSManagedRulesATPRuleSet AWS API Documentation
|
49
|
+
#
|
50
|
+
class AWSManagedRulesATPRuleSet < Struct.new(
|
51
|
+
:login_path,
|
52
|
+
:request_inspection,
|
53
|
+
:response_inspection)
|
54
|
+
SENSITIVE = []
|
55
|
+
include Aws::Structure
|
56
|
+
end
|
57
|
+
|
58
|
+
# Details for your use of the Bot Control managed rule group,
|
59
|
+
# `AWSManagedRulesBotControlRuleSet`. This configuration is used in
|
14
60
|
# `ManagedRuleGroupConfig`.
|
15
61
|
#
|
16
62
|
# @!attribute [rw] inspection_level
|
@@ -239,7 +285,7 @@ module Aws::WAFV2
|
|
239
285
|
# @!attribute [rw] search_string
|
240
286
|
# A string value that you want WAF to search for. WAF searches only in
|
241
287
|
# the part of web requests that you designate for inspection in
|
242
|
-
# FieldToMatch. The maximum length of the value is
|
288
|
+
# FieldToMatch. The maximum length of the value is 200 bytes.
|
243
289
|
#
|
244
290
|
# Valid values depend on the component that you specify for inspection
|
245
291
|
# in `FieldToMatch`\:
|
@@ -256,7 +302,7 @@ module Aws::WAFV2
|
|
256
302
|
# **If you're using the WAF API**
|
257
303
|
#
|
258
304
|
# Specify a base64-encoded version of the value. The maximum length of
|
259
|
-
# the value before you base64-encode it is
|
305
|
+
# the value before you base64-encode it is 200 bytes.
|
260
306
|
#
|
261
307
|
# For example, suppose the value of `Type` is `HEADER` and the value
|
262
308
|
# of `Data` is `User-Agent`. If you want to search the `User-Agent`
|
@@ -2574,8 +2620,8 @@ module Aws::WAFV2
|
|
2574
2620
|
# @return [String]
|
2575
2621
|
#
|
2576
2622
|
# @!attribute [rw] rule_metric_name
|
2577
|
-
# The metric name assigned to the `Rule` or `RuleGroup` for
|
2578
|
-
# want a sample of requests.
|
2623
|
+
# The metric name assigned to the `Rule` or `RuleGroup` dimension for
|
2624
|
+
# which you want a sample of requests.
|
2579
2625
|
# @return [String]
|
2580
2626
|
#
|
2581
2627
|
# @!attribute [rw] scope
|
@@ -4209,6 +4255,11 @@ module Aws::WAFV2
|
|
4209
4255
|
# Additional information that's used by a managed rule group. Many
|
4210
4256
|
# managed rule groups don't require this.
|
4211
4257
|
#
|
4258
|
+
# Use the `AWSManagedRulesATPRuleSet` configuration object for the
|
4259
|
+
# account takeover prevention managed rule group, to provide information
|
4260
|
+
# such as the sign-in page of your application and the type of content
|
4261
|
+
# to accept or reject from the client.
|
4262
|
+
#
|
4212
4263
|
# Use the `AWSManagedRulesBotControlRuleSet` configuration object to
|
4213
4264
|
# configure the protection level that you want the Bot Control rule
|
4214
4265
|
# group to use.
|
@@ -4216,22 +4267,31 @@ module Aws::WAFV2
|
|
4216
4267
|
# For example specifications, see the examples section of CreateWebACL.
|
4217
4268
|
#
|
4218
4269
|
# @!attribute [rw] login_path
|
4219
|
-
#
|
4220
|
-
#
|
4221
|
-
#
|
4270
|
+
# <note markdown="1"> Instead of this setting, provide your configuration under
|
4271
|
+
# `AWSManagedRulesATPRuleSet`.
|
4272
|
+
#
|
4273
|
+
# </note>
|
4222
4274
|
# @return [String]
|
4223
4275
|
#
|
4224
4276
|
# @!attribute [rw] payload_type
|
4225
|
-
#
|
4226
|
-
#
|
4277
|
+
# <note markdown="1"> Instead of this setting, provide your configuration under
|
4278
|
+
# `AWSManagedRulesATPRuleSet` `RequestInspection`.
|
4279
|
+
#
|
4280
|
+
# </note>
|
4227
4281
|
# @return [String]
|
4228
4282
|
#
|
4229
4283
|
# @!attribute [rw] username_field
|
4230
|
-
#
|
4284
|
+
# <note markdown="1"> Instead of this setting, provide your configuration under
|
4285
|
+
# `AWSManagedRulesATPRuleSet` `RequestInspection`.
|
4286
|
+
#
|
4287
|
+
# </note>
|
4231
4288
|
# @return [Types::UsernameField]
|
4232
4289
|
#
|
4233
4290
|
# @!attribute [rw] password_field
|
4234
|
-
#
|
4291
|
+
# <note markdown="1"> Instead of this setting, provide your configuration under
|
4292
|
+
# `AWSManagedRulesATPRuleSet` `RequestInspection`.
|
4293
|
+
#
|
4294
|
+
# </note>
|
4235
4295
|
# @return [Types::PasswordField]
|
4236
4296
|
#
|
4237
4297
|
# @!attribute [rw] aws_managed_rules_bot_control_rule_set
|
@@ -4247,6 +4307,27 @@ module Aws::WAFV2
|
|
4247
4307
|
# [2]: https://docs.aws.amazon.com/waf/latest/developerguide/waf-bot-control.html
|
4248
4308
|
# @return [Types::AWSManagedRulesBotControlRuleSet]
|
4249
4309
|
#
|
4310
|
+
# @!attribute [rw] aws_managed_rules_atp_rule_set
|
4311
|
+
# Additional configuration for using the account takeover prevention
|
4312
|
+
# (ATP) managed rule group, `AWSManagedRulesATPRuleSet`. Use this to
|
4313
|
+
# provide login request information to the rule group. For web ACLs
|
4314
|
+
# that protect CloudFront distributions, use this to also provide the
|
4315
|
+
# information about how your distribution responds to login requests.
|
4316
|
+
# This configuration replaces the individual configuration fields in
|
4317
|
+
# `ManagedRuleGroupConfig` and provides additional feature
|
4318
|
+
# configuration.
|
4319
|
+
#
|
4320
|
+
# For information about using the ATP managed rule group, see [WAF
|
4321
|
+
# Fraud Control account takeover prevention (ATP) rule group][1] and
|
4322
|
+
# [WAF Fraud Control account takeover prevention (ATP)][2] in the *WAF
|
4323
|
+
# Developer Guide*.
|
4324
|
+
#
|
4325
|
+
#
|
4326
|
+
#
|
4327
|
+
# [1]: https://docs.aws.amazon.com/waf/latest/developerguide/aws-managed-rule-groups-atp.html
|
4328
|
+
# [2]: https://docs.aws.amazon.com/waf/latest/developerguide/waf-atp.html
|
4329
|
+
# @return [Types::AWSManagedRulesATPRuleSet]
|
4330
|
+
#
|
4250
4331
|
# @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/ManagedRuleGroupConfig AWS API Documentation
|
4251
4332
|
#
|
4252
4333
|
class ManagedRuleGroupConfig < Struct.new(
|
@@ -4254,7 +4335,8 @@ module Aws::WAFV2
|
|
4254
4335
|
:payload_type,
|
4255
4336
|
:username_field,
|
4256
4337
|
:password_field,
|
4257
|
-
:aws_managed_rules_bot_control_rule_set
|
4338
|
+
:aws_managed_rules_bot_control_rule_set,
|
4339
|
+
:aws_managed_rules_atp_rule_set)
|
4258
4340
|
SENSITIVE = []
|
4259
4341
|
include Aws::Structure
|
4260
4342
|
end
|
@@ -4320,6 +4402,11 @@ module Aws::WAFV2
|
|
4320
4402
|
# Additional information that's used by a managed rule group. Many
|
4321
4403
|
# managed rule groups don't require this.
|
4322
4404
|
#
|
4405
|
+
# Use the `AWSManagedRulesATPRuleSet` configuration object for the
|
4406
|
+
# account takeover prevention managed rule group, to provide
|
4407
|
+
# information such as the sign-in page of your application and the
|
4408
|
+
# type of content to accept or reject from the client.
|
4409
|
+
#
|
4323
4410
|
# Use the `AWSManagedRulesBotControlRuleSet` configuration object to
|
4324
4411
|
# configure the protection level that you want the Bot Control rule
|
4325
4412
|
# group to use.
|
@@ -4785,8 +4872,9 @@ module Aws::WAFV2
|
|
4785
4872
|
include Aws::Structure
|
4786
4873
|
end
|
4787
4874
|
|
4788
|
-
# Details about your login page password field
|
4789
|
-
# `
|
4875
|
+
# Details about your login page password field for request inspection,
|
4876
|
+
# used in the `AWSManagedRulesATPRuleSet` `RequestInspection`
|
4877
|
+
# configuration.
|
4790
4878
|
#
|
4791
4879
|
# @!attribute [rw] identifier
|
4792
4880
|
# The name of the password field. For example `/form/password`.
|
@@ -4990,7 +5078,7 @@ module Aws::WAFV2
|
|
4990
5078
|
# rate-based rule with a nested AND rule statement that contains the
|
4991
5079
|
# following nested statements:
|
4992
5080
|
#
|
4993
|
-
# * An IP match statement with an IP set that
|
5081
|
+
# * An IP match statement with an IP set that specifies the address
|
4994
5082
|
# 192.0.2.44.
|
4995
5083
|
#
|
4996
5084
|
# * A string match statement that searches in the User-Agent header for
|
@@ -5272,6 +5360,272 @@ module Aws::WAFV2
|
|
5272
5360
|
include Aws::Structure
|
5273
5361
|
end
|
5274
5362
|
|
5363
|
+
# The criteria for inspecting login requests, used by the ATP rule group
|
5364
|
+
# to validate credentials usage.
|
5365
|
+
#
|
5366
|
+
# This is part of the `AWSManagedRulesATPRuleSet` configuration in
|
5367
|
+
# `ManagedRuleGroupConfig`.
|
5368
|
+
#
|
5369
|
+
# In these settings, you specify how your application accepts login
|
5370
|
+
# attempts by providing the request payload type and the names of the
|
5371
|
+
# fields within the request body where the username and password are
|
5372
|
+
# provided.
|
5373
|
+
#
|
5374
|
+
# @!attribute [rw] payload_type
|
5375
|
+
# The payload type for your login endpoint, either JSON or form
|
5376
|
+
# encoded.
|
5377
|
+
# @return [String]
|
5378
|
+
#
|
5379
|
+
# @!attribute [rw] username_field
|
5380
|
+
# Details about your login page username field.
|
5381
|
+
#
|
5382
|
+
# How you specify this depends on the payload type.
|
5383
|
+
#
|
5384
|
+
# * For JSON payloads, specify the field name in JSON pointer syntax.
|
5385
|
+
# For information about the JSON Pointer syntax, see the Internet
|
5386
|
+
# Engineering Task Force (IETF) documentation [JavaScript Object
|
5387
|
+
# Notation (JSON) Pointer][1].
|
5388
|
+
#
|
5389
|
+
# For example, for the JSON payload `\{ "login": \{ "username":
|
5390
|
+
# "THE_USERNAME", "password": "THE_PASSWORD" \} \}`, the username
|
5391
|
+
# field specification is `/login/username` and the password field
|
5392
|
+
# specification is `/login/password`.
|
5393
|
+
#
|
5394
|
+
# * For form encoded payload types, use the HTML form names.
|
5395
|
+
#
|
5396
|
+
# For example, for an HTML form with input elements named
|
5397
|
+
# `username1` and `password1`, the username field specification is
|
5398
|
+
# `username1` and the password field specification is `password1`.
|
5399
|
+
#
|
5400
|
+
#
|
5401
|
+
#
|
5402
|
+
# [1]: https://tools.ietf.org/html/rfc6901
|
5403
|
+
# @return [Types::UsernameField]
|
5404
|
+
#
|
5405
|
+
# @!attribute [rw] password_field
|
5406
|
+
# Details about your login page password field.
|
5407
|
+
#
|
5408
|
+
# How you specify this depends on the payload type.
|
5409
|
+
#
|
5410
|
+
# * For JSON payloads, specify the field name in JSON pointer syntax.
|
5411
|
+
# For information about the JSON Pointer syntax, see the Internet
|
5412
|
+
# Engineering Task Force (IETF) documentation [JavaScript Object
|
5413
|
+
# Notation (JSON) Pointer][1].
|
5414
|
+
#
|
5415
|
+
# For example, for the JSON payload `\{ "login": \{ "username":
|
5416
|
+
# "THE_USERNAME", "password": "THE_PASSWORD" \} \}`, the username
|
5417
|
+
# field specification is `/login/username` and the password field
|
5418
|
+
# specification is `/login/password`.
|
5419
|
+
#
|
5420
|
+
# * For form encoded payload types, use the HTML form names.
|
5421
|
+
#
|
5422
|
+
# For example, for an HTML form with input elements named
|
5423
|
+
# `username1` and `password1`, the username field specification is
|
5424
|
+
# `username1` and the password field specification is `password1`.
|
5425
|
+
#
|
5426
|
+
#
|
5427
|
+
#
|
5428
|
+
# [1]: https://tools.ietf.org/html/rfc6901
|
5429
|
+
# @return [Types::PasswordField]
|
5430
|
+
#
|
5431
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/RequestInspection AWS API Documentation
|
5432
|
+
#
|
5433
|
+
class RequestInspection < Struct.new(
|
5434
|
+
:payload_type,
|
5435
|
+
:username_field,
|
5436
|
+
:password_field)
|
5437
|
+
SENSITIVE = []
|
5438
|
+
include Aws::Structure
|
5439
|
+
end
|
5440
|
+
|
5441
|
+
# The criteria for inspecting responses to login requests, used by the
|
5442
|
+
# ATP rule group to track login failure rates.
|
5443
|
+
#
|
5444
|
+
# The ATP rule group evaluates the responses that your protected
|
5445
|
+
# resources send back to client login attempts, keeping count of
|
5446
|
+
# successful and failed attempts from each IP address and client
|
5447
|
+
# session. Using this information, the rule group labels and mitigates
|
5448
|
+
# requests from client sessions and IP addresses that submit too many
|
5449
|
+
# failed login attempts in a short amount of time.
|
5450
|
+
#
|
5451
|
+
# <note markdown="1"> Response inspection is available only in web ACLs that protect Amazon
|
5452
|
+
# CloudFront distributions.
|
5453
|
+
#
|
5454
|
+
# </note>
|
5455
|
+
#
|
5456
|
+
# This is part of the `AWSManagedRulesATPRuleSet` configuration in
|
5457
|
+
# `ManagedRuleGroupConfig`.
|
5458
|
+
#
|
5459
|
+
# Enable login response inspection by configuring exactly one component
|
5460
|
+
# of the response to inspect. You can't configure more than one. If you
|
5461
|
+
# don't configure any of the response inspection options, response
|
5462
|
+
# inspection is disabled.
|
5463
|
+
#
|
5464
|
+
# @!attribute [rw] status_code
|
5465
|
+
# Configures inspection of the response status code.
|
5466
|
+
# @return [Types::ResponseInspectionStatusCode]
|
5467
|
+
#
|
5468
|
+
# @!attribute [rw] header
|
5469
|
+
# Configures inspection of the response header.
|
5470
|
+
# @return [Types::ResponseInspectionHeader]
|
5471
|
+
#
|
5472
|
+
# @!attribute [rw] body_contains
|
5473
|
+
# Configures inspection of the response body.
|
5474
|
+
# @return [Types::ResponseInspectionBodyContains]
|
5475
|
+
#
|
5476
|
+
# @!attribute [rw] json
|
5477
|
+
# Configures inspection of the response JSON.
|
5478
|
+
# @return [Types::ResponseInspectionJson]
|
5479
|
+
#
|
5480
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/ResponseInspection AWS API Documentation
|
5481
|
+
#
|
5482
|
+
class ResponseInspection < Struct.new(
|
5483
|
+
:status_code,
|
5484
|
+
:header,
|
5485
|
+
:body_contains,
|
5486
|
+
:json)
|
5487
|
+
SENSITIVE = []
|
5488
|
+
include Aws::Structure
|
5489
|
+
end
|
5490
|
+
|
5491
|
+
# Configures inspection of the response body. This is part of the
|
5492
|
+
# `ResponseInspection` configuration for `AWSManagedRulesATPRuleSet`.
|
5493
|
+
#
|
5494
|
+
# @!attribute [rw] success_strings
|
5495
|
+
# Strings in the body of the response that indicate a successful login
|
5496
|
+
# attempt. To be counted as a successful login, the string can be
|
5497
|
+
# anywhere in the body and must be an exact match, including case.
|
5498
|
+
# Each string must be unique among the success and failure strings.
|
5499
|
+
#
|
5500
|
+
# JSON example: `"SuccessStrings": [ "Login successful", "Welcome to
|
5501
|
+
# our site!" ]`
|
5502
|
+
# @return [Array<String>]
|
5503
|
+
#
|
5504
|
+
# @!attribute [rw] failure_strings
|
5505
|
+
# Strings in the body of the response that indicate a failed login
|
5506
|
+
# attempt. To be counted as a failed login, the string can be anywhere
|
5507
|
+
# in the body and must be an exact match, including case. Each string
|
5508
|
+
# must be unique among the success and failure strings.
|
5509
|
+
#
|
5510
|
+
# JSON example: `"FailureStrings": [ "Login failed" ]`
|
5511
|
+
# @return [Array<String>]
|
5512
|
+
#
|
5513
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/ResponseInspectionBodyContains AWS API Documentation
|
5514
|
+
#
|
5515
|
+
class ResponseInspectionBodyContains < Struct.new(
|
5516
|
+
:success_strings,
|
5517
|
+
:failure_strings)
|
5518
|
+
SENSITIVE = []
|
5519
|
+
include Aws::Structure
|
5520
|
+
end
|
5521
|
+
|
5522
|
+
# Configures inspection of the response header. This is part of the
|
5523
|
+
# `ResponseInspection` configuration for `AWSManagedRulesATPRuleSet`.
|
5524
|
+
#
|
5525
|
+
# @!attribute [rw] name
|
5526
|
+
# The name of the header to match against. The name must be an exact
|
5527
|
+
# match, including case.
|
5528
|
+
#
|
5529
|
+
# JSON example: `"Name": [ "LoginResult" ]`
|
5530
|
+
# @return [String]
|
5531
|
+
#
|
5532
|
+
# @!attribute [rw] success_values
|
5533
|
+
# Values in the response header with the specified name that indicate
|
5534
|
+
# a successful login attempt. To be counted as a successful login, the
|
5535
|
+
# value must be an exact match, including case. Each value must be
|
5536
|
+
# unique among the success and failure values.
|
5537
|
+
#
|
5538
|
+
# JSON example: `"SuccessValues": [ "LoginPassed", "Successful login"
|
5539
|
+
# ]`
|
5540
|
+
# @return [Array<String>]
|
5541
|
+
#
|
5542
|
+
# @!attribute [rw] failure_values
|
5543
|
+
# Values in the response header with the specified name that indicate
|
5544
|
+
# a failed login attempt. To be counted as a failed login, the value
|
5545
|
+
# must be an exact match, including case. Each value must be unique
|
5546
|
+
# among the success and failure values.
|
5547
|
+
#
|
5548
|
+
# JSON example: `"FailureValues": [ "LoginFailed", "Failed login" ]`
|
5549
|
+
# @return [Array<String>]
|
5550
|
+
#
|
5551
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/ResponseInspectionHeader AWS API Documentation
|
5552
|
+
#
|
5553
|
+
class ResponseInspectionHeader < Struct.new(
|
5554
|
+
:name,
|
5555
|
+
:success_values,
|
5556
|
+
:failure_values)
|
5557
|
+
SENSITIVE = []
|
5558
|
+
include Aws::Structure
|
5559
|
+
end
|
5560
|
+
|
5561
|
+
# Configures inspection of the response JSON. This is part of the
|
5562
|
+
# `ResponseInspection` configuration for `AWSManagedRulesATPRuleSet`.
|
5563
|
+
#
|
5564
|
+
# @!attribute [rw] identifier
|
5565
|
+
# The identifier for the value to match against in the JSON. The
|
5566
|
+
# identifier must be an exact match, including case.
|
5567
|
+
#
|
5568
|
+
# JSON example: `"Identifier": [ "/login/success" ]`
|
5569
|
+
# @return [String]
|
5570
|
+
#
|
5571
|
+
# @!attribute [rw] success_values
|
5572
|
+
# Values for the specified identifier in the response JSON that
|
5573
|
+
# indicate a successful login attempt. To be counted as a successful
|
5574
|
+
# login, the value must be an exact match, including case. Each value
|
5575
|
+
# must be unique among the success and failure values.
|
5576
|
+
#
|
5577
|
+
# JSON example: `"SuccessValues": [ "True", "Succeeded" ]`
|
5578
|
+
# @return [Array<String>]
|
5579
|
+
#
|
5580
|
+
# @!attribute [rw] failure_values
|
5581
|
+
# Values for the specified identifier in the response JSON that
|
5582
|
+
# indicate a failed login attempt. To be counted as a failed login,
|
5583
|
+
# the value must be an exact match, including case. Each value must be
|
5584
|
+
# unique among the success and failure values.
|
5585
|
+
#
|
5586
|
+
# JSON example: `"FailureValues": [ "False", "Failed" ]`
|
5587
|
+
# @return [Array<String>]
|
5588
|
+
#
|
5589
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/ResponseInspectionJson AWS API Documentation
|
5590
|
+
#
|
5591
|
+
class ResponseInspectionJson < Struct.new(
|
5592
|
+
:identifier,
|
5593
|
+
:success_values,
|
5594
|
+
:failure_values)
|
5595
|
+
SENSITIVE = []
|
5596
|
+
include Aws::Structure
|
5597
|
+
end
|
5598
|
+
|
5599
|
+
# Configures inspection of the response status code. This is part of the
|
5600
|
+
# `ResponseInspection` configuration for `AWSManagedRulesATPRuleSet`.
|
5601
|
+
#
|
5602
|
+
# @!attribute [rw] success_codes
|
5603
|
+
# Status codes in the response that indicate a successful login
|
5604
|
+
# attempt. To be counted as a successful login, the response status
|
5605
|
+
# code must match one of these. Each code must be unique among the
|
5606
|
+
# success and failure status codes.
|
5607
|
+
#
|
5608
|
+
# JSON example: `"SuccessCodes": [ 200, 201 ]`
|
5609
|
+
# @return [Array<Integer>]
|
5610
|
+
#
|
5611
|
+
# @!attribute [rw] failure_codes
|
5612
|
+
# Status codes in the response that indicate a failed login attempt.
|
5613
|
+
# To be counted as a failed login, the response status code must match
|
5614
|
+
# one of these. Each code must be unique among the success and failure
|
5615
|
+
# status codes.
|
5616
|
+
#
|
5617
|
+
# JSON example: `"FailureCodes": [ 400, 404 ]`
|
5618
|
+
# @return [Array<Integer>]
|
5619
|
+
#
|
5620
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/ResponseInspectionStatusCode AWS API Documentation
|
5621
|
+
#
|
5622
|
+
class ResponseInspectionStatusCode < Struct.new(
|
5623
|
+
:success_codes,
|
5624
|
+
:failure_codes)
|
5625
|
+
SENSITIVE = []
|
5626
|
+
include Aws::Structure
|
5627
|
+
end
|
5628
|
+
|
5275
5629
|
# A single rule, which you can use in a WebACL or RuleGroup to identify
|
5276
5630
|
# web requests that you want to allow, block, or count. Each rule
|
5277
5631
|
# includes one top-level Statement that WAF uses to identify matching
|
@@ -6070,7 +6424,7 @@ module Aws::WAFV2
|
|
6070
6424
|
# create a rate-based rule with a nested AND rule statement that
|
6071
6425
|
# contains the following nested statements:
|
6072
6426
|
#
|
6073
|
-
# * An IP match statement with an IP set that
|
6427
|
+
# * An IP match statement with an IP set that specifies the address
|
6074
6428
|
# 192.0.2.44.
|
6075
6429
|
#
|
6076
6430
|
# * A string match statement that searches in the User-Agent header
|
@@ -7016,8 +7370,9 @@ module Aws::WAFV2
|
|
7016
7370
|
#
|
7017
7371
|
class UriPath < Aws::EmptyStructure; end
|
7018
7372
|
|
7019
|
-
# Details about your login page username field
|
7020
|
-
# `
|
7373
|
+
# Details about your login page username field for request inspection,
|
7374
|
+
# used in the `AWSManagedRulesATPRuleSet` `RequestInspection`
|
7375
|
+
# configuration.
|
7021
7376
|
#
|
7022
7377
|
# @!attribute [rw] identifier
|
7023
7378
|
# The name of the username field. For example `/form/username`.
|
@@ -7084,11 +7439,11 @@ module Aws::WAFV2
|
|
7084
7439
|
# @return [Boolean]
|
7085
7440
|
#
|
7086
7441
|
# @!attribute [rw] metric_name
|
7087
|
-
# A name of the Amazon CloudWatch metric. The name can
|
7088
|
-
# the characters: A-Z, a-z, 0-9, - (hyphen), and \_
|
7089
|
-
# name can be from one to 128 characters long. It
|
7090
|
-
# whitespace or metric names reserved for WAF,
|
7091
|
-
# `Default_Action`.
|
7442
|
+
# A name of the Amazon CloudWatch metric dimension. The name can
|
7443
|
+
# contain only the characters: A-Z, a-z, 0-9, - (hyphen), and \_
|
7444
|
+
# (underscore). The name can be from one to 128 characters long. It
|
7445
|
+
# can't contain whitespace or metric names that are reserved for WAF,
|
7446
|
+
# for example `All` and `Default_Action`.
|
7092
7447
|
# @return [String]
|
7093
7448
|
#
|
7094
7449
|
# @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/VisibilityConfig AWS API Documentation
|
data/lib/aws-sdk-wafv2.rb
CHANGED
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: aws-sdk-wafv2
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 1.
|
4
|
+
version: 1.48.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Amazon Web Services
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date:
|
11
|
+
date: 2023-02-15 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: aws-sdk-core
|