aws-sdk-wafv2 1.49.0 → 1.51.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG.md +10 -0
- data/VERSION +1 -1
- data/lib/aws-sdk-wafv2/client.rb +159 -83
- data/lib/aws-sdk-wafv2/client_api.rb +17 -0
- data/lib/aws-sdk-wafv2/endpoint_provider.rb +0 -78
- data/lib/aws-sdk-wafv2/types.rb +409 -258
- data/lib/aws-sdk-wafv2.rb +1 -1
- metadata +2 -2
data/lib/aws-sdk-wafv2/client.rb
CHANGED
@@ -381,13 +381,13 @@ module Aws::WAFV2
|
|
381
381
|
# Associates a web ACL with a regional application resource, to protect
|
382
382
|
# the resource. A regional application can be an Application Load
|
383
383
|
# Balancer (ALB), an Amazon API Gateway REST API, an AppSync GraphQL
|
384
|
-
# API,
|
384
|
+
# API, an Amazon Cognito user pool, or an App Runner service.
|
385
385
|
#
|
386
386
|
# For Amazon CloudFront, don't use this call. Instead, use your
|
387
387
|
# CloudFront distribution configuration. To associate a web ACL, in the
|
388
388
|
# CloudFront call `UpdateDistribution`, set the web ACL ID to the Amazon
|
389
389
|
# Resource Name (ARN) of the web ACL. For information, see
|
390
|
-
# [UpdateDistribution][1]
|
390
|
+
# [UpdateDistribution][1] in the *Amazon CloudFront Developer Guide*.
|
391
391
|
#
|
392
392
|
# When you make changes to web ACLs or web ACL components, like rules
|
393
393
|
# and rule groups, WAF propagates the changes everywhere that the web
|
@@ -418,17 +418,22 @@ module Aws::WAFV2
|
|
418
418
|
# The ARN must be in one of the following formats:
|
419
419
|
#
|
420
420
|
# * For an Application Load Balancer:
|
421
|
-
# `arn:
|
421
|
+
# `arn:partition:elasticloadbalancing:region:account-id:loadbalancer/app/load-balancer-name/load-balancer-id
|
422
422
|
# `
|
423
423
|
#
|
424
424
|
# * For an Amazon API Gateway REST API:
|
425
|
-
# `arn:
|
425
|
+
# `arn:partition:apigateway:region::/restapis/api-id/stages/stage-name
|
426
|
+
# `
|
426
427
|
#
|
427
428
|
# * For an AppSync GraphQL API:
|
428
|
-
# `arn:
|
429
|
+
# `arn:partition:appsync:region:account-id:apis/GraphQLApiId `
|
429
430
|
#
|
430
431
|
# * For an Amazon Cognito user pool:
|
431
|
-
# `arn:
|
432
|
+
# `arn:partition:cognito-idp:region:account-id:userpool/user-pool-id `
|
433
|
+
#
|
434
|
+
# * For an App Runner service:
|
435
|
+
# `arn:partition:apprunner:region:account-id:service/apprunner-service-name/apprunner-service-id
|
436
|
+
# `
|
432
437
|
#
|
433
438
|
# @return [Struct] Returns an empty {Seahorse::Client::Response response}.
|
434
439
|
#
|
@@ -458,13 +463,18 @@ module Aws::WAFV2
|
|
458
463
|
# of each rule. Simple rules that cost little to run use fewer WCUs than
|
459
464
|
# more complex rules that use more processing power. Rule group capacity
|
460
465
|
# is fixed at creation, which helps users plan their web ACL WCU usage
|
461
|
-
# when they use a rule group.
|
466
|
+
# when they use a rule group. For more information, see [WAF web ACL
|
467
|
+
# capacity units (WCU)][1] in the *WAF Developer Guide*.
|
468
|
+
#
|
469
|
+
#
|
470
|
+
#
|
471
|
+
# [1]: https://docs.aws.amazon.com/waf/latest/developerguide/aws-waf-capacity-units.html
|
462
472
|
#
|
463
473
|
# @option params [required, String] :scope
|
464
474
|
# Specifies whether this is for an Amazon CloudFront distribution or for
|
465
475
|
# a regional application. A regional application can be an Application
|
466
476
|
# Load Balancer (ALB), an Amazon API Gateway REST API, an AppSync
|
467
|
-
# GraphQL API,
|
477
|
+
# GraphQL API, an Amazon Cognito user pool, or an App Runner service.
|
468
478
|
#
|
469
479
|
# To work with CloudFront, you must also specify the Region US East (N.
|
470
480
|
# Virginia) as follows:
|
@@ -1195,7 +1205,7 @@ module Aws::WAFV2
|
|
1195
1205
|
# Specifies whether this is for an Amazon CloudFront distribution or for
|
1196
1206
|
# a regional application. A regional application can be an Application
|
1197
1207
|
# Load Balancer (ALB), an Amazon API Gateway REST API, an AppSync
|
1198
|
-
# GraphQL API,
|
1208
|
+
# GraphQL API, an Amazon Cognito user pool, or an App Runner service.
|
1199
1209
|
#
|
1200
1210
|
# To work with CloudFront, you must also specify the Region US East (N.
|
1201
1211
|
# Virginia) as follows:
|
@@ -1305,7 +1315,7 @@ module Aws::WAFV2
|
|
1305
1315
|
# Specifies whether this is for an Amazon CloudFront distribution or for
|
1306
1316
|
# a regional application. A regional application can be an Application
|
1307
1317
|
# Load Balancer (ALB), an Amazon API Gateway REST API, an AppSync
|
1308
|
-
# GraphQL API,
|
1318
|
+
# GraphQL API, an Amazon Cognito user pool, or an App Runner service.
|
1309
1319
|
#
|
1310
1320
|
# To work with CloudFront, you must also specify the Region US East (N.
|
1311
1321
|
# Virginia) as follows:
|
@@ -1380,7 +1390,7 @@ module Aws::WAFV2
|
|
1380
1390
|
# Specifies whether this is for an Amazon CloudFront distribution or for
|
1381
1391
|
# a regional application. A regional application can be an Application
|
1382
1392
|
# Load Balancer (ALB), an Amazon API Gateway REST API, an AppSync
|
1383
|
-
# GraphQL API,
|
1393
|
+
# GraphQL API, an Amazon Cognito user pool, or an App Runner service.
|
1384
1394
|
#
|
1385
1395
|
# To work with CloudFront, you must also specify the Region US East (N.
|
1386
1396
|
# Virginia) as follows:
|
@@ -1404,7 +1414,12 @@ module Aws::WAFV2
|
|
1404
1414
|
# of each rule. Simple rules that cost little to run use fewer WCUs than
|
1405
1415
|
# more complex rules that use more processing power. Rule group capacity
|
1406
1416
|
# is fixed at creation, which helps users plan their web ACL WCU usage
|
1407
|
-
# when they use a rule group.
|
1417
|
+
# when they use a rule group. For more information, see [WAF web ACL
|
1418
|
+
# capacity units (WCU)][1] in the *WAF Developer Guide*.
|
1419
|
+
#
|
1420
|
+
#
|
1421
|
+
#
|
1422
|
+
# [1]: https://docs.aws.amazon.com/waf/latest/developerguide/aws-waf-capacity-units.html
|
1408
1423
|
#
|
1409
1424
|
# @option params [String] :description
|
1410
1425
|
# A description of the rule group that helps with identification.
|
@@ -1429,18 +1444,17 @@ module Aws::WAFV2
|
|
1429
1444
|
# rules that you define in the rule group.
|
1430
1445
|
#
|
1431
1446
|
# For information about customizing web requests and responses, see
|
1432
|
-
# [Customizing web requests and responses in WAF][1] in the
|
1433
|
-
# Developer Guide
|
1447
|
+
# [Customizing web requests and responses in WAF][1] in the *WAF
|
1448
|
+
# Developer Guide*.
|
1434
1449
|
#
|
1435
1450
|
# For information about the limits on count and size for custom request
|
1436
|
-
# and response settings, see [WAF quotas][
|
1437
|
-
# Guide
|
1451
|
+
# and response settings, see [WAF quotas][2] in the *WAF Developer
|
1452
|
+
# Guide*.
|
1438
1453
|
#
|
1439
1454
|
#
|
1440
1455
|
#
|
1441
1456
|
# [1]: https://docs.aws.amazon.com/waf/latest/developerguide/waf-custom-request-response.html
|
1442
|
-
# [2]: https://docs.aws.amazon.com/waf/latest/developerguide/
|
1443
|
-
# [3]: https://docs.aws.amazon.com/waf/latest/developerguide/limits.html
|
1457
|
+
# [2]: https://docs.aws.amazon.com/waf/latest/developerguide/limits.html
|
1444
1458
|
#
|
1445
1459
|
# @return [Types::CreateRuleGroupResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
1446
1460
|
#
|
@@ -2180,7 +2194,7 @@ module Aws::WAFV2
|
|
2180
2194
|
# can associate a web ACL with one or more Amazon Web Services resources
|
2181
2195
|
# to protect. The resources can be an Amazon CloudFront distribution, an
|
2182
2196
|
# Amazon API Gateway REST API, an Application Load Balancer, an AppSync
|
2183
|
-
# GraphQL API,
|
2197
|
+
# GraphQL API, an Amazon Cognito user pool, or an App Runner service.
|
2184
2198
|
#
|
2185
2199
|
# @option params [required, String] :name
|
2186
2200
|
# The name of the web ACL. You cannot change the name of a web ACL after
|
@@ -2190,7 +2204,7 @@ module Aws::WAFV2
|
|
2190
2204
|
# Specifies whether this is for an Amazon CloudFront distribution or for
|
2191
2205
|
# a regional application. A regional application can be an Application
|
2192
2206
|
# Load Balancer (ALB), an Amazon API Gateway REST API, an AppSync
|
2193
|
-
# GraphQL API,
|
2207
|
+
# GraphQL API, an Amazon Cognito user pool, or an App Runner service.
|
2194
2208
|
#
|
2195
2209
|
# To work with CloudFront, you must also specify the Region US East (N.
|
2196
2210
|
# Virginia) as follows:
|
@@ -2227,18 +2241,17 @@ module Aws::WAFV2
|
|
2227
2241
|
# rules and default actions that you define in the web ACL.
|
2228
2242
|
#
|
2229
2243
|
# For information about customizing web requests and responses, see
|
2230
|
-
# [Customizing web requests and responses in WAF][1] in the
|
2231
|
-
# Developer Guide
|
2244
|
+
# [Customizing web requests and responses in WAF][1] in the *WAF
|
2245
|
+
# Developer Guide*.
|
2232
2246
|
#
|
2233
2247
|
# For information about the limits on count and size for custom request
|
2234
|
-
# and response settings, see [WAF quotas][
|
2235
|
-
# Guide
|
2248
|
+
# and response settings, see [WAF quotas][2] in the *WAF Developer
|
2249
|
+
# Guide*.
|
2236
2250
|
#
|
2237
2251
|
#
|
2238
2252
|
#
|
2239
2253
|
# [1]: https://docs.aws.amazon.com/waf/latest/developerguide/waf-custom-request-response.html
|
2240
|
-
# [2]: https://docs.aws.amazon.com/waf/latest/developerguide/
|
2241
|
-
# [3]: https://docs.aws.amazon.com/waf/latest/developerguide/limits.html
|
2254
|
+
# [2]: https://docs.aws.amazon.com/waf/latest/developerguide/limits.html
|
2242
2255
|
#
|
2243
2256
|
# @option params [Types::CaptchaConfig] :captcha_config
|
2244
2257
|
# Specifies how WAF should handle `CAPTCHA` evaluations for rules that
|
@@ -2266,6 +2279,24 @@ module Aws::WAFV2
|
|
2266
2279
|
# Public suffixes aren't allowed. For example, you can't use `usa.gov`
|
2267
2280
|
# or `co.uk` as token domains.
|
2268
2281
|
#
|
2282
|
+
# @option params [Types::AssociationConfig] :association_config
|
2283
|
+
# Specifies custom configurations for the associations between the web
|
2284
|
+
# ACL and protected resources.
|
2285
|
+
#
|
2286
|
+
# Use this to customize the maximum size of the request body that your
|
2287
|
+
# protected CloudFront distributions forward to WAF for inspection. The
|
2288
|
+
# default is 16 KB (16,384 kilobytes).
|
2289
|
+
#
|
2290
|
+
# <note markdown="1"> You are charged additional fees when your protected resources forward
|
2291
|
+
# body sizes that are larger than the default. For more information, see
|
2292
|
+
# [WAF Pricing][1].
|
2293
|
+
#
|
2294
|
+
# </note>
|
2295
|
+
#
|
2296
|
+
#
|
2297
|
+
#
|
2298
|
+
# [1]: http://aws.amazon.com/waf/pricing/
|
2299
|
+
#
|
2269
2300
|
# @return [Types::CreateWebACLResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
2270
2301
|
#
|
2271
2302
|
# * {Types::CreateWebACLResponse#summary #summary} => Types::WebACLSummary
|
@@ -3008,6 +3039,13 @@ module Aws::WAFV2
|
|
3008
3039
|
# },
|
3009
3040
|
# },
|
3010
3041
|
# token_domains: ["TokenDomain"],
|
3042
|
+
# association_config: {
|
3043
|
+
# request_body: {
|
3044
|
+
# "CLOUDFRONT" => {
|
3045
|
+
# default_size_inspection_limit: "KB_16", # required, accepts KB_16, KB_32, KB_48, KB_64
|
3046
|
+
# },
|
3047
|
+
# },
|
3048
|
+
# },
|
3011
3049
|
# })
|
3012
3050
|
#
|
3013
3051
|
# @example Response structure
|
@@ -3080,7 +3118,7 @@ module Aws::WAFV2
|
|
3080
3118
|
# Specifies whether this is for an Amazon CloudFront distribution or for
|
3081
3119
|
# a regional application. A regional application can be an Application
|
3082
3120
|
# Load Balancer (ALB), an Amazon API Gateway REST API, an AppSync
|
3083
|
-
# GraphQL API,
|
3121
|
+
# GraphQL API, an Amazon Cognito user pool, or an App Runner service.
|
3084
3122
|
#
|
3085
3123
|
# To work with CloudFront, you must also specify the Region US East (N.
|
3086
3124
|
# Virginia) as follows:
|
@@ -3185,7 +3223,7 @@ module Aws::WAFV2
|
|
3185
3223
|
# Specifies whether this is for an Amazon CloudFront distribution or for
|
3186
3224
|
# a regional application. A regional application can be an Application
|
3187
3225
|
# Load Balancer (ALB), an Amazon API Gateway REST API, an AppSync
|
3188
|
-
# GraphQL API,
|
3226
|
+
# GraphQL API, an Amazon Cognito user pool, or an App Runner service.
|
3189
3227
|
#
|
3190
3228
|
# To work with CloudFront, you must also specify the Region US East (N.
|
3191
3229
|
# Virginia) as follows:
|
@@ -3240,7 +3278,7 @@ module Aws::WAFV2
|
|
3240
3278
|
# Specifies whether this is for an Amazon CloudFront distribution or for
|
3241
3279
|
# a regional application. A regional application can be an Application
|
3242
3280
|
# Load Balancer (ALB), an Amazon API Gateway REST API, an AppSync
|
3243
|
-
# GraphQL API,
|
3281
|
+
# GraphQL API, an Amazon Cognito user pool, or an App Runner service.
|
3244
3282
|
#
|
3245
3283
|
# To work with CloudFront, you must also specify the Region US East (N.
|
3246
3284
|
# Virginia) as follows:
|
@@ -3299,7 +3337,8 @@ module Aws::WAFV2
|
|
3299
3337
|
#
|
3300
3338
|
# * For Amazon CloudFront distributions, use the CloudFront call
|
3301
3339
|
# `ListDistributionsByWebACLId`. For information, see
|
3302
|
-
# [ListDistributionsByWebACLId][1]
|
3340
|
+
# [ListDistributionsByWebACLId][1] in the *Amazon CloudFront API
|
3341
|
+
# Reference*.
|
3303
3342
|
#
|
3304
3343
|
# * To disassociate a resource from a web ACL, use the following calls:
|
3305
3344
|
#
|
@@ -3307,7 +3346,7 @@ module Aws::WAFV2
|
|
3307
3346
|
#
|
3308
3347
|
# * For Amazon CloudFront distributions, provide an empty web ACL ID
|
3309
3348
|
# in the CloudFront call `UpdateDistribution`. For information, see
|
3310
|
-
# [UpdateDistribution][2]
|
3349
|
+
# [UpdateDistribution][2] in the *Amazon CloudFront API Reference*.
|
3311
3350
|
#
|
3312
3351
|
# </note>
|
3313
3352
|
#
|
@@ -3324,7 +3363,7 @@ module Aws::WAFV2
|
|
3324
3363
|
# Specifies whether this is for an Amazon CloudFront distribution or for
|
3325
3364
|
# a regional application. A regional application can be an Application
|
3326
3365
|
# Load Balancer (ALB), an Amazon API Gateway REST API, an AppSync
|
3327
|
-
# GraphQL API,
|
3366
|
+
# GraphQL API, an Amazon Cognito user pool, or an App Runner service.
|
3328
3367
|
#
|
3329
3368
|
# To work with CloudFront, you must also specify the Region US East (N.
|
3330
3369
|
# Virginia) as follows:
|
@@ -3384,7 +3423,7 @@ module Aws::WAFV2
|
|
3384
3423
|
# Specifies whether this is for an Amazon CloudFront distribution or for
|
3385
3424
|
# a regional application. A regional application can be an Application
|
3386
3425
|
# Load Balancer (ALB), an Amazon API Gateway REST API, an AppSync
|
3387
|
-
# GraphQL API,
|
3426
|
+
# GraphQL API, an Amazon Cognito user pool, or an App Runner service.
|
3388
3427
|
#
|
3389
3428
|
# To work with CloudFront, you must also specify the Region US East (N.
|
3390
3429
|
# Virginia) as follows:
|
@@ -3461,12 +3500,13 @@ module Aws::WAFV2
|
|
3461
3500
|
# existing web ACL association. A resource can have at most one web ACL
|
3462
3501
|
# association. A regional application can be an Application Load
|
3463
3502
|
# Balancer (ALB), an Amazon API Gateway REST API, an AppSync GraphQL
|
3464
|
-
# API,
|
3503
|
+
# API, an Amazon Cognito user pool, or an App Runner service.
|
3465
3504
|
#
|
3466
3505
|
# For Amazon CloudFront, don't use this call. Instead, use your
|
3467
3506
|
# CloudFront distribution configuration. To disassociate a web ACL,
|
3468
3507
|
# provide an empty web ACL ID in the CloudFront call
|
3469
|
-
# `UpdateDistribution`. For information, see [UpdateDistribution][1]
|
3508
|
+
# `UpdateDistribution`. For information, see [UpdateDistribution][1] in
|
3509
|
+
# the *Amazon CloudFront API Reference*.
|
3470
3510
|
#
|
3471
3511
|
#
|
3472
3512
|
#
|
@@ -3479,17 +3519,22 @@ module Aws::WAFV2
|
|
3479
3519
|
# The ARN must be in one of the following formats:
|
3480
3520
|
#
|
3481
3521
|
# * For an Application Load Balancer:
|
3482
|
-
# `arn:
|
3522
|
+
# `arn:partition:elasticloadbalancing:region:account-id:loadbalancer/app/load-balancer-name/load-balancer-id
|
3483
3523
|
# `
|
3484
3524
|
#
|
3485
3525
|
# * For an Amazon API Gateway REST API:
|
3486
|
-
# `arn:
|
3526
|
+
# `arn:partition:apigateway:region::/restapis/api-id/stages/stage-name
|
3527
|
+
# `
|
3487
3528
|
#
|
3488
3529
|
# * For an AppSync GraphQL API:
|
3489
|
-
# `arn:
|
3530
|
+
# `arn:partition:appsync:region:account-id:apis/GraphQLApiId `
|
3490
3531
|
#
|
3491
3532
|
# * For an Amazon Cognito user pool:
|
3492
|
-
# `arn:
|
3533
|
+
# `arn:partition:cognito-idp:region:account-id:userpool/user-pool-id `
|
3534
|
+
#
|
3535
|
+
# * For an App Runner service:
|
3536
|
+
# `arn:partition:apprunner:region:account-id:service/apprunner-service-name/apprunner-service-id
|
3537
|
+
# `
|
3493
3538
|
#
|
3494
3539
|
# @return [Struct] Returns an empty {Seahorse::Client::Response response}.
|
3495
3540
|
#
|
@@ -3562,7 +3607,7 @@ module Aws::WAFV2
|
|
3562
3607
|
# Specifies whether this is for an Amazon CloudFront distribution or for
|
3563
3608
|
# a regional application. A regional application can be an Application
|
3564
3609
|
# Load Balancer (ALB), an Amazon API Gateway REST API, an AppSync
|
3565
|
-
# GraphQL API,
|
3610
|
+
# GraphQL API, an Amazon Cognito user pool, or an App Runner service.
|
3566
3611
|
#
|
3567
3612
|
# To work with CloudFront, you must also specify the Region US East (N.
|
3568
3613
|
# Virginia) as follows:
|
@@ -3694,7 +3739,7 @@ module Aws::WAFV2
|
|
3694
3739
|
# Specifies whether this is for an Amazon CloudFront distribution or for
|
3695
3740
|
# a regional application. A regional application can be an Application
|
3696
3741
|
# Load Balancer (ALB), an Amazon API Gateway REST API, an AppSync
|
3697
|
-
# GraphQL API,
|
3742
|
+
# GraphQL API, an Amazon Cognito user pool, or an App Runner service.
|
3698
3743
|
#
|
3699
3744
|
# To work with CloudFront, you must also specify the Region US East (N.
|
3700
3745
|
# Virginia) as follows:
|
@@ -3851,7 +3896,7 @@ module Aws::WAFV2
|
|
3851
3896
|
# Specifies whether this is for an Amazon CloudFront distribution or for
|
3852
3897
|
# a regional application. A regional application can be an Application
|
3853
3898
|
# Load Balancer (ALB), an Amazon API Gateway REST API, an AppSync
|
3854
|
-
# GraphQL API,
|
3899
|
+
# GraphQL API, an Amazon Cognito user pool, or an App Runner service.
|
3855
3900
|
#
|
3856
3901
|
# To work with CloudFront, you must also specify the Region US East (N.
|
3857
3902
|
# Virginia) as follows:
|
@@ -3924,7 +3969,7 @@ module Aws::WAFV2
|
|
3924
3969
|
# Specifies whether this is for an Amazon CloudFront distribution or for
|
3925
3970
|
# a regional application. A regional application can be an Application
|
3926
3971
|
# Load Balancer (ALB), an Amazon API Gateway REST API, an AppSync
|
3927
|
-
# GraphQL API,
|
3972
|
+
# GraphQL API, an Amazon Cognito user pool, or an App Runner service.
|
3928
3973
|
#
|
3929
3974
|
# To work with CloudFront, you must also specify the Region US East (N.
|
3930
3975
|
# Virginia) as follows:
|
@@ -3981,7 +4026,7 @@ module Aws::WAFV2
|
|
3981
4026
|
# Specifies whether this is for an Amazon CloudFront distribution or for
|
3982
4027
|
# a regional application. A regional application can be an Application
|
3983
4028
|
# Load Balancer (ALB), an Amazon API Gateway REST API, an AppSync
|
3984
|
-
# GraphQL API,
|
4029
|
+
# GraphQL API, an Amazon Cognito user pool, or an App Runner service.
|
3985
4030
|
#
|
3986
4031
|
# To work with CloudFront, you must also specify the Region US East (N.
|
3987
4032
|
# Virginia) as follows:
|
@@ -4337,7 +4382,7 @@ module Aws::WAFV2
|
|
4337
4382
|
# Specifies whether this is for an Amazon CloudFront distribution or for
|
4338
4383
|
# a regional application. A regional application can be an Application
|
4339
4384
|
# Load Balancer (ALB), an Amazon API Gateway REST API, an AppSync
|
4340
|
-
# GraphQL API,
|
4385
|
+
# GraphQL API, an Amazon Cognito user pool, or an App Runner service.
|
4341
4386
|
#
|
4342
4387
|
# To work with CloudFront, you must also specify the Region US East (N.
|
4343
4388
|
# Virginia) as follows:
|
@@ -4433,7 +4478,7 @@ module Aws::WAFV2
|
|
4433
4478
|
# Specifies whether this is for an Amazon CloudFront distribution or for
|
4434
4479
|
# a regional application. A regional application can be an Application
|
4435
4480
|
# Load Balancer (ALB), an Amazon API Gateway REST API, an AppSync
|
4436
|
-
# GraphQL API,
|
4481
|
+
# GraphQL API, an Amazon Cognito user pool, or an App Runner service.
|
4437
4482
|
#
|
4438
4483
|
# To work with CloudFront, you must also specify the Region US East (N.
|
4439
4484
|
# Virginia) as follows:
|
@@ -5301,6 +5346,8 @@ module Aws::WAFV2
|
|
5301
5346
|
# resp.web_acl.challenge_config.immunity_time_property.immunity_time #=> Integer
|
5302
5347
|
# resp.web_acl.token_domains #=> Array
|
5303
5348
|
# resp.web_acl.token_domains[0] #=> String
|
5349
|
+
# resp.web_acl.association_config.request_body #=> Hash
|
5350
|
+
# resp.web_acl.association_config.request_body["AssociatedResourceType"].default_size_inspection_limit #=> String, one of "KB_16", "KB_32", "KB_48", "KB_64"
|
5304
5351
|
# resp.lock_token #=> String
|
5305
5352
|
# resp.application_integration_url #=> String
|
5306
5353
|
#
|
@@ -5322,17 +5369,22 @@ module Aws::WAFV2
|
|
5322
5369
|
# The ARN must be in one of the following formats:
|
5323
5370
|
#
|
5324
5371
|
# * For an Application Load Balancer:
|
5325
|
-
# `arn:
|
5372
|
+
# `arn:partition:elasticloadbalancing:region:account-id:loadbalancer/app/load-balancer-name/load-balancer-id
|
5326
5373
|
# `
|
5327
5374
|
#
|
5328
5375
|
# * For an Amazon API Gateway REST API:
|
5329
|
-
# `arn:
|
5376
|
+
# `arn:partition:apigateway:region::/restapis/api-id/stages/stage-name
|
5377
|
+
# `
|
5330
5378
|
#
|
5331
5379
|
# * For an AppSync GraphQL API:
|
5332
|
-
# `arn:
|
5380
|
+
# `arn:partition:appsync:region:account-id:apis/GraphQLApiId `
|
5333
5381
|
#
|
5334
5382
|
# * For an Amazon Cognito user pool:
|
5335
|
-
# `arn:
|
5383
|
+
# `arn:partition:cognito-idp:region:account-id:userpool/user-pool-id `
|
5384
|
+
#
|
5385
|
+
# * For an App Runner service:
|
5386
|
+
# `arn:partition:apprunner:region:account-id:service/apprunner-service-name/apprunner-service-id
|
5387
|
+
# `
|
5336
5388
|
#
|
5337
5389
|
# @return [Types::GetWebACLForResourceResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
5338
5390
|
#
|
@@ -6183,6 +6235,8 @@ module Aws::WAFV2
|
|
6183
6235
|
# resp.web_acl.challenge_config.immunity_time_property.immunity_time #=> Integer
|
6184
6236
|
# resp.web_acl.token_domains #=> Array
|
6185
6237
|
# resp.web_acl.token_domains[0] #=> String
|
6238
|
+
# resp.web_acl.association_config.request_body #=> Hash
|
6239
|
+
# resp.web_acl.association_config.request_body["AssociatedResourceType"].default_size_inspection_limit #=> String, one of "KB_16", "KB_32", "KB_48", "KB_64"
|
6186
6240
|
#
|
6187
6241
|
# @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/GetWebACLForResource AWS API Documentation
|
6188
6242
|
#
|
@@ -6208,7 +6262,7 @@ module Aws::WAFV2
|
|
6208
6262
|
# Specifies whether this is for an Amazon CloudFront distribution or for
|
6209
6263
|
# a regional application. A regional application can be an Application
|
6210
6264
|
# Load Balancer (ALB), an Amazon API Gateway REST API, an AppSync
|
6211
|
-
# GraphQL API,
|
6265
|
+
# GraphQL API, an Amazon Cognito user pool, or an App Runner service.
|
6212
6266
|
#
|
6213
6267
|
# To work with CloudFront, you must also specify the Region US East (N.
|
6214
6268
|
# Virginia) as follows:
|
@@ -6273,7 +6327,7 @@ module Aws::WAFV2
|
|
6273
6327
|
# Specifies whether this is for an Amazon CloudFront distribution or for
|
6274
6328
|
# a regional application. A regional application can be an Application
|
6275
6329
|
# Load Balancer (ALB), an Amazon API Gateway REST API, an AppSync
|
6276
|
-
# GraphQL API,
|
6330
|
+
# GraphQL API, an Amazon Cognito user pool, or an App Runner service.
|
6277
6331
|
#
|
6278
6332
|
# To work with CloudFront, you must also specify the Region US East (N.
|
6279
6333
|
# Virginia) as follows:
|
@@ -6334,7 +6388,7 @@ module Aws::WAFV2
|
|
6334
6388
|
# Specifies whether this is for an Amazon CloudFront distribution or for
|
6335
6389
|
# a regional application. A regional application can be an Application
|
6336
6390
|
# Load Balancer (ALB), an Amazon API Gateway REST API, an AppSync
|
6337
|
-
# GraphQL API,
|
6391
|
+
# GraphQL API, an Amazon Cognito user pool, or an App Runner service.
|
6338
6392
|
#
|
6339
6393
|
# To work with CloudFront, you must also specify the Region US East (N.
|
6340
6394
|
# Virginia) as follows:
|
@@ -6395,7 +6449,7 @@ module Aws::WAFV2
|
|
6395
6449
|
# Specifies whether this is for an Amazon CloudFront distribution or for
|
6396
6450
|
# a regional application. A regional application can be an Application
|
6397
6451
|
# Load Balancer (ALB), an Amazon API Gateway REST API, an AppSync
|
6398
|
-
# GraphQL API,
|
6452
|
+
# GraphQL API, an Amazon Cognito user pool, or an App Runner service.
|
6399
6453
|
#
|
6400
6454
|
# To work with CloudFront, you must also specify the Region US East (N.
|
6401
6455
|
# Virginia) as follows:
|
@@ -6494,7 +6548,7 @@ module Aws::WAFV2
|
|
6494
6548
|
# Specifies whether this is for an Amazon CloudFront distribution or for
|
6495
6549
|
# a regional application. A regional application can be an Application
|
6496
6550
|
# Load Balancer (ALB), an Amazon API Gateway REST API, an AppSync
|
6497
|
-
# GraphQL API,
|
6551
|
+
# GraphQL API, an Amazon Cognito user pool, or an App Runner service.
|
6498
6552
|
#
|
6499
6553
|
# To work with CloudFront, you must also specify the Region US East (N.
|
6500
6554
|
# Virginia) as follows:
|
@@ -6615,7 +6669,7 @@ module Aws::WAFV2
|
|
6615
6669
|
# Specifies whether this is for an Amazon CloudFront distribution or for
|
6616
6670
|
# a regional application. A regional application can be an Application
|
6617
6671
|
# Load Balancer (ALB), an Amazon API Gateway REST API, an AppSync
|
6618
|
-
# GraphQL API,
|
6672
|
+
# GraphQL API, an Amazon Cognito user pool, or an App Runner service.
|
6619
6673
|
#
|
6620
6674
|
# To work with CloudFront, you must also specify the Region US East (N.
|
6621
6675
|
# Virginia) as follows:
|
@@ -6681,8 +6735,8 @@ module Aws::WAFV2
|
|
6681
6735
|
# @option params [String] :resource_type
|
6682
6736
|
# Used for web ACLs that are scoped for regional applications. A
|
6683
6737
|
# regional application can be an Application Load Balancer (ALB), an
|
6684
|
-
# Amazon API Gateway REST API, an AppSync GraphQL API,
|
6685
|
-
#
|
6738
|
+
# Amazon API Gateway REST API, an AppSync GraphQL API, an Amazon Cognito
|
6739
|
+
# user pool, or an App Runner service.
|
6686
6740
|
#
|
6687
6741
|
# <note markdown="1"> If you don't provide a resource type, the call uses the resource type
|
6688
6742
|
# `APPLICATION_LOAD_BALANCER`.
|
@@ -6699,7 +6753,7 @@ module Aws::WAFV2
|
|
6699
6753
|
#
|
6700
6754
|
# resp = client.list_resources_for_web_acl({
|
6701
6755
|
# web_acl_arn: "ResourceArn", # required
|
6702
|
-
# resource_type: "APPLICATION_LOAD_BALANCER", # accepts APPLICATION_LOAD_BALANCER, API_GATEWAY, APPSYNC, COGNITO_USER_POOL
|
6756
|
+
# resource_type: "APPLICATION_LOAD_BALANCER", # accepts APPLICATION_LOAD_BALANCER, API_GATEWAY, APPSYNC, COGNITO_USER_POOL, APP_RUNNER_SERVICE
|
6703
6757
|
# })
|
6704
6758
|
#
|
6705
6759
|
# @example Response structure
|
@@ -6723,7 +6777,7 @@ module Aws::WAFV2
|
|
6723
6777
|
# Specifies whether this is for an Amazon CloudFront distribution or for
|
6724
6778
|
# a regional application. A regional application can be an Application
|
6725
6779
|
# Load Balancer (ALB), an Amazon API Gateway REST API, an AppSync
|
6726
|
-
# GraphQL API,
|
6780
|
+
# GraphQL API, an Amazon Cognito user pool, or an App Runner service.
|
6727
6781
|
#
|
6728
6782
|
# To work with CloudFront, you must also specify the Region US East (N.
|
6729
6783
|
# Virginia) as follows:
|
@@ -6842,7 +6896,7 @@ module Aws::WAFV2
|
|
6842
6896
|
# Specifies whether this is for an Amazon CloudFront distribution or for
|
6843
6897
|
# a regional application. A regional application can be an Application
|
6844
6898
|
# Load Balancer (ALB), an Amazon API Gateway REST API, an AppSync
|
6845
|
-
# GraphQL API,
|
6899
|
+
# GraphQL API, an Amazon Cognito user pool, or an App Runner service.
|
6846
6900
|
#
|
6847
6901
|
# To work with CloudFront, you must also specify the Region US East (N.
|
6848
6902
|
# Virginia) as follows:
|
@@ -7119,7 +7173,7 @@ module Aws::WAFV2
|
|
7119
7173
|
# Specifies whether this is for an Amazon CloudFront distribution or for
|
7120
7174
|
# a regional application. A regional application can be an Application
|
7121
7175
|
# Load Balancer (ALB), an Amazon API Gateway REST API, an AppSync
|
7122
|
-
# GraphQL API,
|
7176
|
+
# GraphQL API, an Amazon Cognito user pool, or an App Runner service.
|
7123
7177
|
#
|
7124
7178
|
# To work with CloudFront, you must also specify the Region US East (N.
|
7125
7179
|
# Virginia) as follows:
|
@@ -7209,8 +7263,7 @@ module Aws::WAFV2
|
|
7209
7263
|
#
|
7210
7264
|
# The policy specifications must conform to the following:
|
7211
7265
|
#
|
7212
|
-
# * The policy must be composed using IAM Policy version 2012-10-17
|
7213
|
-
# version 2015-01-01.
|
7266
|
+
# * The policy must be composed using IAM Policy version 2012-10-17.
|
7214
7267
|
#
|
7215
7268
|
# * The policy must include specifications for `Effect`, `Action`, and
|
7216
7269
|
# `Principal`.
|
@@ -7358,7 +7411,7 @@ module Aws::WAFV2
|
|
7358
7411
|
# Specifies whether this is for an Amazon CloudFront distribution or for
|
7359
7412
|
# a regional application. A regional application can be an Application
|
7360
7413
|
# Load Balancer (ALB), an Amazon API Gateway REST API, an AppSync
|
7361
|
-
# GraphQL API,
|
7414
|
+
# GraphQL API, an Amazon Cognito user pool, or an App Runner service.
|
7362
7415
|
#
|
7363
7416
|
# To work with CloudFront, you must also specify the Region US East (N.
|
7364
7417
|
# Virginia) as follows:
|
@@ -7483,7 +7536,7 @@ module Aws::WAFV2
|
|
7483
7536
|
# Specifies whether this is for an Amazon CloudFront distribution or for
|
7484
7537
|
# a regional application. A regional application can be an Application
|
7485
7538
|
# Load Balancer (ALB), an Amazon API Gateway REST API, an AppSync
|
7486
|
-
# GraphQL API,
|
7539
|
+
# GraphQL API, an Amazon Cognito user pool, or an App Runner service.
|
7487
7540
|
#
|
7488
7541
|
# To work with CloudFront, you must also specify the Region US East (N.
|
7489
7542
|
# Virginia) as follows:
|
@@ -7589,7 +7642,7 @@ module Aws::WAFV2
|
|
7589
7642
|
# Specifies whether this is for an Amazon CloudFront distribution or for
|
7590
7643
|
# a regional application. A regional application can be an Application
|
7591
7644
|
# Load Balancer (ALB), an Amazon API Gateway REST API, an AppSync
|
7592
|
-
# GraphQL API,
|
7645
|
+
# GraphQL API, an Amazon Cognito user pool, or an App Runner service.
|
7593
7646
|
#
|
7594
7647
|
# To work with CloudFront, you must also specify the Region US East (N.
|
7595
7648
|
# Virginia) as follows:
|
@@ -7695,7 +7748,7 @@ module Aws::WAFV2
|
|
7695
7748
|
# Specifies whether this is for an Amazon CloudFront distribution or for
|
7696
7749
|
# a regional application. A regional application can be an Application
|
7697
7750
|
# Load Balancer (ALB), an Amazon API Gateway REST API, an AppSync
|
7698
|
-
# GraphQL API,
|
7751
|
+
# GraphQL API, an Amazon Cognito user pool, or an App Runner service.
|
7699
7752
|
#
|
7700
7753
|
# To work with CloudFront, you must also specify the Region US East (N.
|
7701
7754
|
# Virginia) as follows:
|
@@ -7740,18 +7793,17 @@ module Aws::WAFV2
|
|
7740
7793
|
# rules that you define in the rule group.
|
7741
7794
|
#
|
7742
7795
|
# For information about customizing web requests and responses, see
|
7743
|
-
# [Customizing web requests and responses in WAF][1] in the
|
7744
|
-
# Developer Guide
|
7796
|
+
# [Customizing web requests and responses in WAF][1] in the *WAF
|
7797
|
+
# Developer Guide*.
|
7745
7798
|
#
|
7746
7799
|
# For information about the limits on count and size for custom request
|
7747
|
-
# and response settings, see [WAF quotas][
|
7748
|
-
# Guide
|
7800
|
+
# and response settings, see [WAF quotas][2] in the *WAF Developer
|
7801
|
+
# Guide*.
|
7749
7802
|
#
|
7750
7803
|
#
|
7751
7804
|
#
|
7752
7805
|
# [1]: https://docs.aws.amazon.com/waf/latest/developerguide/waf-custom-request-response.html
|
7753
|
-
# [2]: https://docs.aws.amazon.com/waf/latest/developerguide/
|
7754
|
-
# [3]: https://docs.aws.amazon.com/waf/latest/developerguide/limits.html
|
7806
|
+
# [2]: https://docs.aws.amazon.com/waf/latest/developerguide/limits.html
|
7755
7807
|
#
|
7756
7808
|
# @return [Types::UpdateRuleGroupResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
7757
7809
|
#
|
@@ -8512,7 +8564,7 @@ module Aws::WAFV2
|
|
8512
8564
|
# can associate a web ACL with one or more Amazon Web Services resources
|
8513
8565
|
# to protect. The resources can be an Amazon CloudFront distribution, an
|
8514
8566
|
# Amazon API Gateway REST API, an Application Load Balancer, an AppSync
|
8515
|
-
# GraphQL API,
|
8567
|
+
# GraphQL API, an Amazon Cognito user pool, or an App Runner service.
|
8516
8568
|
#
|
8517
8569
|
# @option params [required, String] :name
|
8518
8570
|
# The name of the web ACL. You cannot change the name of a web ACL after
|
@@ -8522,7 +8574,7 @@ module Aws::WAFV2
|
|
8522
8574
|
# Specifies whether this is for an Amazon CloudFront distribution or for
|
8523
8575
|
# a regional application. A regional application can be an Application
|
8524
8576
|
# Load Balancer (ALB), an Amazon API Gateway REST API, an AppSync
|
8525
|
-
# GraphQL API,
|
8577
|
+
# GraphQL API, an Amazon Cognito user pool, or an App Runner service.
|
8526
8578
|
#
|
8527
8579
|
# To work with CloudFront, you must also specify the Region US East (N.
|
8528
8580
|
# Virginia) as follows:
|
@@ -8571,18 +8623,17 @@ module Aws::WAFV2
|
|
8571
8623
|
# rules and default actions that you define in the web ACL.
|
8572
8624
|
#
|
8573
8625
|
# For information about customizing web requests and responses, see
|
8574
|
-
# [Customizing web requests and responses in WAF][1] in the
|
8575
|
-
# Developer Guide
|
8626
|
+
# [Customizing web requests and responses in WAF][1] in the *WAF
|
8627
|
+
# Developer Guide*.
|
8576
8628
|
#
|
8577
8629
|
# For information about the limits on count and size for custom request
|
8578
|
-
# and response settings, see [WAF quotas][
|
8579
|
-
# Guide
|
8630
|
+
# and response settings, see [WAF quotas][2] in the *WAF Developer
|
8631
|
+
# Guide*.
|
8580
8632
|
#
|
8581
8633
|
#
|
8582
8634
|
#
|
8583
8635
|
# [1]: https://docs.aws.amazon.com/waf/latest/developerguide/waf-custom-request-response.html
|
8584
|
-
# [2]: https://docs.aws.amazon.com/waf/latest/developerguide/
|
8585
|
-
# [3]: https://docs.aws.amazon.com/waf/latest/developerguide/limits.html
|
8636
|
+
# [2]: https://docs.aws.amazon.com/waf/latest/developerguide/limits.html
|
8586
8637
|
#
|
8587
8638
|
# @option params [Types::CaptchaConfig] :captcha_config
|
8588
8639
|
# Specifies how WAF should handle `CAPTCHA` evaluations for rules that
|
@@ -8610,6 +8661,24 @@ module Aws::WAFV2
|
|
8610
8661
|
# Public suffixes aren't allowed. For example, you can't use `usa.gov`
|
8611
8662
|
# or `co.uk` as token domains.
|
8612
8663
|
#
|
8664
|
+
# @option params [Types::AssociationConfig] :association_config
|
8665
|
+
# Specifies custom configurations for the associations between the web
|
8666
|
+
# ACL and protected resources.
|
8667
|
+
#
|
8668
|
+
# Use this to customize the maximum size of the request body that your
|
8669
|
+
# protected CloudFront distributions forward to WAF for inspection. The
|
8670
|
+
# default is 16 KB (16,384 kilobytes).
|
8671
|
+
#
|
8672
|
+
# <note markdown="1"> You are charged additional fees when your protected resources forward
|
8673
|
+
# body sizes that are larger than the default. For more information, see
|
8674
|
+
# [WAF Pricing][1].
|
8675
|
+
#
|
8676
|
+
# </note>
|
8677
|
+
#
|
8678
|
+
#
|
8679
|
+
#
|
8680
|
+
# [1]: http://aws.amazon.com/waf/pricing/
|
8681
|
+
#
|
8613
8682
|
# @return [Types::UpdateWebACLResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
8614
8683
|
#
|
8615
8684
|
# * {Types::UpdateWebACLResponse#next_lock_token #next_lock_token} => String
|
@@ -9348,6 +9417,13 @@ module Aws::WAFV2
|
|
9348
9417
|
# },
|
9349
9418
|
# },
|
9350
9419
|
# token_domains: ["TokenDomain"],
|
9420
|
+
# association_config: {
|
9421
|
+
# request_body: {
|
9422
|
+
# "CLOUDFRONT" => {
|
9423
|
+
# default_size_inspection_limit: "KB_16", # required, accepts KB_16, KB_32, KB_48, KB_64
|
9424
|
+
# },
|
9425
|
+
# },
|
9426
|
+
# },
|
9351
9427
|
# })
|
9352
9428
|
#
|
9353
9429
|
# @example Response structure
|
@@ -9376,7 +9452,7 @@ module Aws::WAFV2
|
|
9376
9452
|
params: params,
|
9377
9453
|
config: config)
|
9378
9454
|
context[:gem_name] = 'aws-sdk-wafv2'
|
9379
|
-
context[:gem_version] = '1.
|
9455
|
+
context[:gem_version] = '1.51.0'
|
9380
9456
|
Seahorse::Client::Request.new(handlers, context)
|
9381
9457
|
end
|
9382
9458
|
|