aws-sdk-wafv2 1.51.0 → 1.53.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG.md +10 -0
- data/VERSION +1 -1
- data/lib/aws-sdk-wafv2/client.rb +84 -148
- data/lib/aws-sdk-wafv2/client_api.rb +0 -17
- data/lib/aws-sdk-wafv2/types.rb +193 -353
- data/lib/aws-sdk-wafv2.rb +1 -1
- metadata +2 -2
data/lib/aws-sdk-wafv2/types.rb
CHANGED
@@ -63,8 +63,7 @@ module Aws::WAFV2
|
|
63
63
|
# The inspection level to use for the Bot Control rule group. The
|
64
64
|
# common level is the least expensive. The targeted level includes all
|
65
65
|
# common level rules and adds rules with more advanced inspection
|
66
|
-
# criteria. For details, see [WAF Bot Control rule group][1]
|
67
|
-
# *WAF Developer Guide*.
|
66
|
+
# criteria. For details, see [WAF Bot Control rule group][1].
|
68
67
|
#
|
69
68
|
#
|
70
69
|
#
|
@@ -138,12 +137,13 @@ module Aws::WAFV2
|
|
138
137
|
# Defines custom handling for the web request.
|
139
138
|
#
|
140
139
|
# For information about customizing web requests and responses, see
|
141
|
-
# [Customizing web requests and responses in WAF][1] in the
|
142
|
-
# Developer Guide
|
140
|
+
# [Customizing web requests and responses in WAF][1] in the [WAF
|
141
|
+
# Developer Guide][2].
|
143
142
|
#
|
144
143
|
#
|
145
144
|
#
|
146
145
|
# [1]: https://docs.aws.amazon.com/waf/latest/developerguide/waf-custom-request-response.html
|
146
|
+
# [2]: https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html
|
147
147
|
# @return [Types::CustomRequestHandling]
|
148
148
|
#
|
149
149
|
# @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/AllowAction AWS API Documentation
|
@@ -183,22 +183,20 @@ module Aws::WAFV2
|
|
183
183
|
# The ARN must be in one of the following formats:
|
184
184
|
#
|
185
185
|
# * For an Application Load Balancer:
|
186
|
-
# `arn:
|
186
|
+
# `arn:aws:elasticloadbalancing:region:account-id:loadbalancer/app/load-balancer-name/load-balancer-id
|
187
187
|
# `
|
188
188
|
#
|
189
189
|
# * For an Amazon API Gateway REST API:
|
190
|
-
# `arn:
|
191
|
-
# `
|
190
|
+
# `arn:aws:apigateway:region::/restapis/api-id/stages/stage-name `
|
192
191
|
#
|
193
192
|
# * For an AppSync GraphQL API:
|
194
|
-
# `arn:
|
193
|
+
# `arn:aws:appsync:region:account-id:apis/GraphQLApiId `
|
195
194
|
#
|
196
195
|
# * For an Amazon Cognito user pool:
|
197
|
-
# `arn:
|
198
|
-
# `
|
196
|
+
# `arn:aws:cognito-idp:region:account-id:userpool/user-pool-id `
|
199
197
|
#
|
200
198
|
# * For an App Runner service:
|
201
|
-
# `arn:
|
199
|
+
# `arn:aws:apprunner:region:account-id:service/apprunner-service-name/apprunner-service-id
|
202
200
|
# `
|
203
201
|
# @return [String]
|
204
202
|
#
|
@@ -215,47 +213,6 @@ module Aws::WAFV2
|
|
215
213
|
#
|
216
214
|
class AssociateWebACLResponse < Aws::EmptyStructure; end
|
217
215
|
|
218
|
-
# Specifies custom configurations for the associations between the web
|
219
|
-
# ACL and protected resources.
|
220
|
-
#
|
221
|
-
# Use this to customize the maximum size of the request body that your
|
222
|
-
# protected CloudFront distributions forward to WAF for inspection. The
|
223
|
-
# default is 16 KB (16,384 kilobytes).
|
224
|
-
#
|
225
|
-
# <note markdown="1"> You are charged additional fees when your protected resources forward
|
226
|
-
# body sizes that are larger than the default. For more information, see
|
227
|
-
# [WAF Pricing][1].
|
228
|
-
#
|
229
|
-
# </note>
|
230
|
-
#
|
231
|
-
#
|
232
|
-
#
|
233
|
-
# [1]: http://aws.amazon.com/waf/pricing/
|
234
|
-
#
|
235
|
-
# @!attribute [rw] request_body
|
236
|
-
# Customizes the maximum size of the request body that your protected
|
237
|
-
# CloudFront distributions forward to WAF for inspection. The default
|
238
|
-
# size is 16 KB (16,384 kilobytes).
|
239
|
-
#
|
240
|
-
# <note markdown="1"> You are charged additional fees when your protected resources
|
241
|
-
# forward body sizes that are larger than the default. For more
|
242
|
-
# information, see [WAF Pricing][1].
|
243
|
-
#
|
244
|
-
# </note>
|
245
|
-
#
|
246
|
-
#
|
247
|
-
#
|
248
|
-
# [1]: http://aws.amazon.com/waf/pricing/
|
249
|
-
# @return [Hash<String,Types::RequestBodyAssociatedResourceTypeConfig>]
|
250
|
-
#
|
251
|
-
# @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/AssociationConfig AWS API Documentation
|
252
|
-
#
|
253
|
-
class AssociationConfig < Struct.new(
|
254
|
-
:request_body)
|
255
|
-
SENSITIVE = []
|
256
|
-
include Aws::Structure
|
257
|
-
end
|
258
|
-
|
259
216
|
# Specifies that WAF should block the request and optionally defines
|
260
217
|
# additional custom handling for the response to the web request.
|
261
218
|
#
|
@@ -266,12 +223,13 @@ module Aws::WAFV2
|
|
266
223
|
# Defines a custom response for the web request.
|
267
224
|
#
|
268
225
|
# For information about customizing web requests and responses, see
|
269
|
-
# [Customizing web requests and responses in WAF][1] in the
|
270
|
-
# Developer Guide
|
226
|
+
# [Customizing web requests and responses in WAF][1] in the [WAF
|
227
|
+
# Developer Guide][2].
|
271
228
|
#
|
272
229
|
#
|
273
230
|
#
|
274
231
|
# [1]: https://docs.aws.amazon.com/waf/latest/developerguide/waf-custom-request-response.html
|
232
|
+
# [2]: https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html
|
275
233
|
# @return [Types::CustomResponse]
|
276
234
|
#
|
277
235
|
# @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/BlockAction AWS API Documentation
|
@@ -290,16 +248,10 @@ module Aws::WAFV2
|
|
290
248
|
#
|
291
249
|
# @!attribute [rw] oversize_handling
|
292
250
|
# What WAF should do if the body is larger than WAF can inspect. WAF
|
293
|
-
# does not support inspecting the entire contents of the web
|
294
|
-
#
|
295
|
-
# body
|
296
|
-
#
|
297
|
-
# inspection.
|
298
|
-
#
|
299
|
-
# The default limit is 8 KB (8,192 kilobytes) for regional resources
|
300
|
-
# and 16 KB (16,384 kilobytes) for CloudFront distributions. For
|
301
|
-
# CloudFront distributions, you can increase the limit in the web ACL
|
302
|
-
# `AssociationConfig`, for additional processing fees.
|
251
|
+
# does not support inspecting the entire contents of the body of a web
|
252
|
+
# request when the body exceeds 8 KB (8192 bytes). Only the first 8 KB
|
253
|
+
# of the request body are forwarded to WAF by the underlying host
|
254
|
+
# service.
|
303
255
|
#
|
304
256
|
# The options for oversize handling are the following:
|
305
257
|
#
|
@@ -314,7 +266,7 @@ module Aws::WAFV2
|
|
314
266
|
#
|
315
267
|
# You can combine the `MATCH` or `NO_MATCH` settings for oversize
|
316
268
|
# handling with your rule and web ACL action settings, so that you
|
317
|
-
# block any request whose body is over
|
269
|
+
# block any request whose body is over 8 KB.
|
318
270
|
#
|
319
271
|
# Default: `CONTINUE`
|
320
272
|
# @return [String]
|
@@ -470,12 +422,13 @@ module Aws::WAFV2
|
|
470
422
|
# unexpired.
|
471
423
|
#
|
472
424
|
# For information about customizing web requests and responses, see
|
473
|
-
# [Customizing web requests and responses in WAF][1] in the
|
474
|
-
# Developer Guide
|
425
|
+
# [Customizing web requests and responses in WAF][1] in the [WAF
|
426
|
+
# Developer Guide][2].
|
475
427
|
#
|
476
428
|
#
|
477
429
|
#
|
478
430
|
# [1]: https://docs.aws.amazon.com/waf/latest/developerguide/waf-custom-request-response.html
|
431
|
+
# [2]: https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html
|
479
432
|
# @return [Types::CustomRequestHandling]
|
480
433
|
#
|
481
434
|
# @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/CaptchaAction AWS API Documentation
|
@@ -578,12 +531,13 @@ module Aws::WAFV2
|
|
578
531
|
# unexpired.
|
579
532
|
#
|
580
533
|
# For information about customizing web requests and responses, see
|
581
|
-
# [Customizing web requests and responses in WAF][1] in the
|
582
|
-
# Developer Guide
|
534
|
+
# [Customizing web requests and responses in WAF][1] in the [WAF
|
535
|
+
# Developer Guide][2].
|
583
536
|
#
|
584
537
|
#
|
585
538
|
#
|
586
539
|
# [1]: https://docs.aws.amazon.com/waf/latest/developerguide/waf-custom-request-response.html
|
540
|
+
# [2]: https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html
|
587
541
|
# @return [Types::CustomRequestHandling]
|
588
542
|
#
|
589
543
|
# @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/ChallengeAction AWS API Documentation
|
@@ -642,7 +596,7 @@ module Aws::WAFV2
|
|
642
596
|
# Specifies whether this is for an Amazon CloudFront distribution or
|
643
597
|
# for a regional application. A regional application can be an
|
644
598
|
# Application Load Balancer (ALB), an Amazon API Gateway REST API, an
|
645
|
-
# AppSync GraphQL API,
|
599
|
+
# AppSync GraphQL API, a Amazon Cognito user pool, or an App Runner
|
646
600
|
# service.
|
647
601
|
#
|
648
602
|
# To work with CloudFront, you must also specify the Region US East
|
@@ -802,12 +756,13 @@ module Aws::WAFV2
|
|
802
756
|
# Defines custom handling for the web request.
|
803
757
|
#
|
804
758
|
# For information about customizing web requests and responses, see
|
805
|
-
# [Customizing web requests and responses in WAF][1] in the
|
806
|
-
# Developer Guide
|
759
|
+
# [Customizing web requests and responses in WAF][1] in the [WAF
|
760
|
+
# Developer Guide][2].
|
807
761
|
#
|
808
762
|
#
|
809
763
|
#
|
810
764
|
# [1]: https://docs.aws.amazon.com/waf/latest/developerguide/waf-custom-request-response.html
|
765
|
+
# [2]: https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html
|
811
766
|
# @return [Types::CustomRequestHandling]
|
812
767
|
#
|
813
768
|
# @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/CountAction AWS API Documentation
|
@@ -827,7 +782,7 @@ module Aws::WAFV2
|
|
827
782
|
# Specifies whether this is for an Amazon CloudFront distribution or
|
828
783
|
# for a regional application. A regional application can be an
|
829
784
|
# Application Load Balancer (ALB), an Amazon API Gateway REST API, an
|
830
|
-
# AppSync GraphQL API,
|
785
|
+
# AppSync GraphQL API, a Amazon Cognito user pool, or an App Runner
|
831
786
|
# service.
|
832
787
|
#
|
833
788
|
# To work with CloudFront, you must also specify the Region US East
|
@@ -934,7 +889,7 @@ module Aws::WAFV2
|
|
934
889
|
# Specifies whether this is for an Amazon CloudFront distribution or
|
935
890
|
# for a regional application. A regional application can be an
|
936
891
|
# Application Load Balancer (ALB), an Amazon API Gateway REST API, an
|
937
|
-
# AppSync GraphQL API,
|
892
|
+
# AppSync GraphQL API, a Amazon Cognito user pool, or an App Runner
|
938
893
|
# service.
|
939
894
|
#
|
940
895
|
# To work with CloudFront, you must also specify the Region US East
|
@@ -995,7 +950,7 @@ module Aws::WAFV2
|
|
995
950
|
# Specifies whether this is for an Amazon CloudFront distribution or
|
996
951
|
# for a regional application. A regional application can be an
|
997
952
|
# Application Load Balancer (ALB), an Amazon API Gateway REST API, an
|
998
|
-
# AppSync GraphQL API,
|
953
|
+
# AppSync GraphQL API, a Amazon Cognito user pool, or an App Runner
|
999
954
|
# service.
|
1000
955
|
#
|
1001
956
|
# To work with CloudFront, you must also specify the Region US East
|
@@ -1021,13 +976,8 @@ module Aws::WAFV2
|
|
1021
976
|
# relative cost of each rule. Simple rules that cost little to run use
|
1022
977
|
# fewer WCUs than more complex rules that use more processing power.
|
1023
978
|
# Rule group capacity is fixed at creation, which helps users plan
|
1024
|
-
# their web ACL WCU usage when they use a rule group.
|
1025
|
-
#
|
1026
|
-
# Developer Guide*.
|
1027
|
-
#
|
1028
|
-
#
|
1029
|
-
#
|
1030
|
-
# [1]: https://docs.aws.amazon.com/waf/latest/developerguide/aws-waf-capacity-units.html
|
979
|
+
# their web ACL WCU usage when they use a rule group. The WCU limit
|
980
|
+
# for web ACLs is 1,500.
|
1031
981
|
# @return [Integer]
|
1032
982
|
#
|
1033
983
|
# @!attribute [rw] description
|
@@ -1057,17 +1007,18 @@ module Aws::WAFV2
|
|
1057
1007
|
# the rules that you define in the rule group.
|
1058
1008
|
#
|
1059
1009
|
# For information about customizing web requests and responses, see
|
1060
|
-
# [Customizing web requests and responses in WAF][1] in the
|
1061
|
-
# Developer Guide
|
1010
|
+
# [Customizing web requests and responses in WAF][1] in the [WAF
|
1011
|
+
# Developer Guide][2].
|
1062
1012
|
#
|
1063
1013
|
# For information about the limits on count and size for custom
|
1064
|
-
# request and response settings, see [WAF quotas][
|
1065
|
-
# Developer Guide
|
1014
|
+
# request and response settings, see [WAF quotas][3] in the [WAF
|
1015
|
+
# Developer Guide][2].
|
1066
1016
|
#
|
1067
1017
|
#
|
1068
1018
|
#
|
1069
1019
|
# [1]: https://docs.aws.amazon.com/waf/latest/developerguide/waf-custom-request-response.html
|
1070
|
-
# [2]: https://docs.aws.amazon.com/waf/latest/developerguide/
|
1020
|
+
# [2]: https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html
|
1021
|
+
# [3]: https://docs.aws.amazon.com/waf/latest/developerguide/limits.html
|
1071
1022
|
# @return [Hash<String,Types::CustomResponseBody>]
|
1072
1023
|
#
|
1073
1024
|
# @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/CreateRuleGroupRequest AWS API Documentation
|
@@ -1110,7 +1061,7 @@ module Aws::WAFV2
|
|
1110
1061
|
# Specifies whether this is for an Amazon CloudFront distribution or
|
1111
1062
|
# for a regional application. A regional application can be an
|
1112
1063
|
# Application Load Balancer (ALB), an Amazon API Gateway REST API, an
|
1113
|
-
# AppSync GraphQL API,
|
1064
|
+
# AppSync GraphQL API, a Amazon Cognito user pool, or an App Runner
|
1114
1065
|
# service.
|
1115
1066
|
#
|
1116
1067
|
# To work with CloudFront, you must also specify the Region US East
|
@@ -1154,17 +1105,18 @@ module Aws::WAFV2
|
|
1154
1105
|
# rules and default actions that you define in the web ACL.
|
1155
1106
|
#
|
1156
1107
|
# For information about customizing web requests and responses, see
|
1157
|
-
# [Customizing web requests and responses in WAF][1] in the
|
1158
|
-
# Developer Guide
|
1108
|
+
# [Customizing web requests and responses in WAF][1] in the [WAF
|
1109
|
+
# Developer Guide][2].
|
1159
1110
|
#
|
1160
1111
|
# For information about the limits on count and size for custom
|
1161
|
-
# request and response settings, see [WAF quotas][
|
1162
|
-
# Developer Guide
|
1112
|
+
# request and response settings, see [WAF quotas][3] in the [WAF
|
1113
|
+
# Developer Guide][2].
|
1163
1114
|
#
|
1164
1115
|
#
|
1165
1116
|
#
|
1166
1117
|
# [1]: https://docs.aws.amazon.com/waf/latest/developerguide/waf-custom-request-response.html
|
1167
|
-
# [2]: https://docs.aws.amazon.com/waf/latest/developerguide/
|
1118
|
+
# [2]: https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html
|
1119
|
+
# [3]: https://docs.aws.amazon.com/waf/latest/developerguide/limits.html
|
1168
1120
|
# @return [Hash<String,Types::CustomResponseBody>]
|
1169
1121
|
#
|
1170
1122
|
# @!attribute [rw] captcha_config
|
@@ -1196,25 +1148,6 @@ module Aws::WAFV2
|
|
1196
1148
|
# `usa.gov` or `co.uk` as token domains.
|
1197
1149
|
# @return [Array<String>]
|
1198
1150
|
#
|
1199
|
-
# @!attribute [rw] association_config
|
1200
|
-
# Specifies custom configurations for the associations between the web
|
1201
|
-
# ACL and protected resources.
|
1202
|
-
#
|
1203
|
-
# Use this to customize the maximum size of the request body that your
|
1204
|
-
# protected CloudFront distributions forward to WAF for inspection.
|
1205
|
-
# The default is 16 KB (16,384 kilobytes).
|
1206
|
-
#
|
1207
|
-
# <note markdown="1"> You are charged additional fees when your protected resources
|
1208
|
-
# forward body sizes that are larger than the default. For more
|
1209
|
-
# information, see [WAF Pricing][1].
|
1210
|
-
#
|
1211
|
-
# </note>
|
1212
|
-
#
|
1213
|
-
#
|
1214
|
-
#
|
1215
|
-
# [1]: http://aws.amazon.com/waf/pricing/
|
1216
|
-
# @return [Types::AssociationConfig]
|
1217
|
-
#
|
1218
1151
|
# @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/CreateWebACLRequest AWS API Documentation
|
1219
1152
|
#
|
1220
1153
|
class CreateWebACLRequest < Struct.new(
|
@@ -1228,8 +1161,7 @@ module Aws::WAFV2
|
|
1228
1161
|
:custom_response_bodies,
|
1229
1162
|
:captcha_config,
|
1230
1163
|
:challenge_config,
|
1231
|
-
:token_domains
|
1232
|
-
:association_config)
|
1164
|
+
:token_domains)
|
1233
1165
|
SENSITIVE = []
|
1234
1166
|
include Aws::Structure
|
1235
1167
|
end
|
@@ -1281,24 +1213,26 @@ module Aws::WAFV2
|
|
1281
1213
|
# `CaptchaAction` for requests with valid t okens, and `AllowAction`.
|
1282
1214
|
#
|
1283
1215
|
# For information about customizing web requests and responses, see
|
1284
|
-
# [Customizing web requests and responses in WAF][1] in the
|
1285
|
-
# Developer Guide
|
1216
|
+
# [Customizing web requests and responses in WAF][1] in the [WAF
|
1217
|
+
# Developer Guide][2].
|
1286
1218
|
#
|
1287
1219
|
#
|
1288
1220
|
#
|
1289
1221
|
# [1]: https://docs.aws.amazon.com/waf/latest/developerguide/waf-custom-request-response.html
|
1222
|
+
# [2]: https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html
|
1290
1223
|
#
|
1291
1224
|
# @!attribute [rw] insert_headers
|
1292
1225
|
# The HTTP headers to insert into the request. Duplicate header names
|
1293
1226
|
# are not allowed.
|
1294
1227
|
#
|
1295
1228
|
# For information about the limits on count and size for custom
|
1296
|
-
# request and response settings, see [WAF quotas][1] in the
|
1297
|
-
# Developer Guide
|
1229
|
+
# request and response settings, see [WAF quotas][1] in the [WAF
|
1230
|
+
# Developer Guide][2].
|
1298
1231
|
#
|
1299
1232
|
#
|
1300
1233
|
#
|
1301
1234
|
# [1]: https://docs.aws.amazon.com/waf/latest/developerguide/limits.html
|
1235
|
+
# [2]: https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html
|
1302
1236
|
# @return [Array<Types::CustomHTTPHeader>]
|
1303
1237
|
#
|
1304
1238
|
# @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/CustomRequestHandling AWS API Documentation
|
@@ -1314,23 +1248,25 @@ module Aws::WAFV2
|
|
1314
1248
|
# BlockAction.
|
1315
1249
|
#
|
1316
1250
|
# For information about customizing web requests and responses, see
|
1317
|
-
# [Customizing web requests and responses in WAF][1] in the
|
1318
|
-
# Developer Guide
|
1251
|
+
# [Customizing web requests and responses in WAF][1] in the [WAF
|
1252
|
+
# Developer Guide][2].
|
1319
1253
|
#
|
1320
1254
|
#
|
1321
1255
|
#
|
1322
1256
|
# [1]: https://docs.aws.amazon.com/waf/latest/developerguide/waf-custom-request-response.html
|
1257
|
+
# [2]: https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html
|
1323
1258
|
#
|
1324
1259
|
# @!attribute [rw] response_code
|
1325
1260
|
# The HTTP status code to return to the client.
|
1326
1261
|
#
|
1327
1262
|
# For a list of status codes that you can use in your custom
|
1328
1263
|
# responses, see [Supported status codes for custom response][1] in
|
1329
|
-
# the
|
1264
|
+
# the [WAF Developer Guide][2].
|
1330
1265
|
#
|
1331
1266
|
#
|
1332
1267
|
#
|
1333
1268
|
# [1]: https://docs.aws.amazon.com/waf/latest/developerguide/customizing-the-response-status-codes.html
|
1269
|
+
# [2]: https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html
|
1334
1270
|
# @return [Integer]
|
1335
1271
|
#
|
1336
1272
|
# @!attribute [rw] custom_response_body_key
|
@@ -1349,12 +1285,13 @@ module Aws::WAFV2
|
|
1349
1285
|
# not allowed.
|
1350
1286
|
#
|
1351
1287
|
# For information about the limits on count and size for custom
|
1352
|
-
# request and response settings, see [WAF quotas][1] in the
|
1353
|
-
# Developer Guide
|
1288
|
+
# request and response settings, see [WAF quotas][1] in the [WAF
|
1289
|
+
# Developer Guide][2].
|
1354
1290
|
#
|
1355
1291
|
#
|
1356
1292
|
#
|
1357
1293
|
# [1]: https://docs.aws.amazon.com/waf/latest/developerguide/limits.html
|
1294
|
+
# [2]: https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html
|
1358
1295
|
# @return [Array<Types::CustomHTTPHeader>]
|
1359
1296
|
#
|
1360
1297
|
# @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/CustomResponse AWS API Documentation
|
@@ -1382,12 +1319,13 @@ module Aws::WAFV2
|
|
1382
1319
|
# must specify JSON content in the `ContentType` setting.
|
1383
1320
|
#
|
1384
1321
|
# For information about the limits on count and size for custom
|
1385
|
-
# request and response settings, see [WAF quotas][1] in the
|
1386
|
-
# Developer Guide
|
1322
|
+
# request and response settings, see [WAF quotas][1] in the [WAF
|
1323
|
+
# Developer Guide][2].
|
1387
1324
|
#
|
1388
1325
|
#
|
1389
1326
|
#
|
1390
1327
|
# [1]: https://docs.aws.amazon.com/waf/latest/developerguide/limits.html
|
1328
|
+
# [2]: https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html
|
1391
1329
|
# @return [String]
|
1392
1330
|
#
|
1393
1331
|
# @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/CustomResponseBody AWS API Documentation
|
@@ -1474,7 +1412,7 @@ module Aws::WAFV2
|
|
1474
1412
|
# Specifies whether this is for an Amazon CloudFront distribution or
|
1475
1413
|
# for a regional application. A regional application can be an
|
1476
1414
|
# Application Load Balancer (ALB), an Amazon API Gateway REST API, an
|
1477
|
-
# AppSync GraphQL API,
|
1415
|
+
# AppSync GraphQL API, a Amazon Cognito user pool, or an App Runner
|
1478
1416
|
# service.
|
1479
1417
|
#
|
1480
1418
|
# To work with CloudFront, you must also specify the Region US East
|
@@ -1564,7 +1502,7 @@ module Aws::WAFV2
|
|
1564
1502
|
# Specifies whether this is for an Amazon CloudFront distribution or
|
1565
1503
|
# for a regional application. A regional application can be an
|
1566
1504
|
# Application Load Balancer (ALB), an Amazon API Gateway REST API, an
|
1567
|
-
# AppSync GraphQL API,
|
1505
|
+
# AppSync GraphQL API, a Amazon Cognito user pool, or an App Runner
|
1568
1506
|
# service.
|
1569
1507
|
#
|
1570
1508
|
# To work with CloudFront, you must also specify the Region US East
|
@@ -1618,7 +1556,7 @@ module Aws::WAFV2
|
|
1618
1556
|
# Specifies whether this is for an Amazon CloudFront distribution or
|
1619
1557
|
# for a regional application. A regional application can be an
|
1620
1558
|
# Application Load Balancer (ALB), an Amazon API Gateway REST API, an
|
1621
|
-
# AppSync GraphQL API,
|
1559
|
+
# AppSync GraphQL API, a Amazon Cognito user pool, or an App Runner
|
1622
1560
|
# service.
|
1623
1561
|
#
|
1624
1562
|
# To work with CloudFront, you must also specify the Region US East
|
@@ -1672,7 +1610,7 @@ module Aws::WAFV2
|
|
1672
1610
|
# Specifies whether this is for an Amazon CloudFront distribution or
|
1673
1611
|
# for a regional application. A regional application can be an
|
1674
1612
|
# Application Load Balancer (ALB), an Amazon API Gateway REST API, an
|
1675
|
-
# AppSync GraphQL API,
|
1613
|
+
# AppSync GraphQL API, a Amazon Cognito user pool, or an App Runner
|
1676
1614
|
# service.
|
1677
1615
|
#
|
1678
1616
|
# To work with CloudFront, you must also specify the Region US East
|
@@ -1731,7 +1669,7 @@ module Aws::WAFV2
|
|
1731
1669
|
# Specifies whether this is for an Amazon CloudFront distribution or
|
1732
1670
|
# for a regional application. A regional application can be an
|
1733
1671
|
# Application Load Balancer (ALB), an Amazon API Gateway REST API, an
|
1734
|
-
# AppSync GraphQL API,
|
1672
|
+
# AppSync GraphQL API, a Amazon Cognito user pool, or an App Runner
|
1735
1673
|
# service.
|
1736
1674
|
#
|
1737
1675
|
# To work with CloudFront, you must also specify the Region US East
|
@@ -1778,21 +1716,13 @@ module Aws::WAFV2
|
|
1778
1716
|
# @return [String]
|
1779
1717
|
#
|
1780
1718
|
# @!attribute [rw] capacity
|
1781
|
-
# The web ACL capacity units (WCUs) required for this rule group.
|
1782
|
-
#
|
1783
|
-
#
|
1784
|
-
#
|
1785
|
-
#
|
1786
|
-
#
|
1787
|
-
#
|
1788
|
-
# Rule group capacity is fixed at creation, which helps users plan
|
1789
|
-
# their web ACL WCU usage when they use a rule group. For more
|
1790
|
-
# information, see [WAF web ACL capacity units (WCU)][1] in the *WAF
|
1791
|
-
# Developer Guide*.
|
1792
|
-
#
|
1793
|
-
#
|
1794
|
-
#
|
1795
|
-
# [1]: https://docs.aws.amazon.com/waf/latest/developerguide/aws-waf-capacity-units.html
|
1719
|
+
# The web ACL capacity units (WCUs) required for this rule group. WAF
|
1720
|
+
# uses web ACL capacity units (WCU) to calculate and control the
|
1721
|
+
# operating resources that are used to run your rules, rule groups,
|
1722
|
+
# and web ACLs. WAF calculates capacity differently for each rule
|
1723
|
+
# type, to reflect each rule's relative cost. Rule group capacity is
|
1724
|
+
# fixed at creation, so users can plan their web ACL WCU usage when
|
1725
|
+
# they use a rule group. The WCU limit for web ACLs is 1,500.
|
1796
1726
|
# @return [Integer]
|
1797
1727
|
#
|
1798
1728
|
# @!attribute [rw] rules
|
@@ -1849,22 +1779,20 @@ module Aws::WAFV2
|
|
1849
1779
|
# The ARN must be in one of the following formats:
|
1850
1780
|
#
|
1851
1781
|
# * For an Application Load Balancer:
|
1852
|
-
# `arn:
|
1782
|
+
# `arn:aws:elasticloadbalancing:region:account-id:loadbalancer/app/load-balancer-name/load-balancer-id
|
1853
1783
|
# `
|
1854
1784
|
#
|
1855
1785
|
# * For an Amazon API Gateway REST API:
|
1856
|
-
# `arn:
|
1857
|
-
# `
|
1786
|
+
# `arn:aws:apigateway:region::/restapis/api-id/stages/stage-name `
|
1858
1787
|
#
|
1859
1788
|
# * For an AppSync GraphQL API:
|
1860
|
-
# `arn:
|
1789
|
+
# `arn:aws:appsync:region:account-id:apis/GraphQLApiId `
|
1861
1790
|
#
|
1862
1791
|
# * For an Amazon Cognito user pool:
|
1863
|
-
# `arn:
|
1864
|
-
# `
|
1792
|
+
# `arn:aws:cognito-idp:region:account-id:userpool/user-pool-id `
|
1865
1793
|
#
|
1866
1794
|
# * For an App Runner service:
|
1867
|
-
# `arn:
|
1795
|
+
# `arn:aws:apprunner:region:account-id:service/apprunner-service-name/apprunner-service-id
|
1868
1796
|
# `
|
1869
1797
|
# @return [String]
|
1870
1798
|
#
|
@@ -1954,15 +1882,10 @@ module Aws::WAFV2
|
|
1954
1882
|
# contains any additional data that you want to send to your web
|
1955
1883
|
# server as the HTTP request body, such as data from a form.
|
1956
1884
|
#
|
1957
|
-
#
|
1958
|
-
# inspection by the underlying host service. For
|
1959
|
-
#
|
1960
|
-
#
|
1961
|
-
# distributions, you can increase the limit in the web ACL's
|
1962
|
-
# `AssociationConfig`, for additional processing fees.
|
1963
|
-
#
|
1964
|
-
# For information about how to handle oversized request bodies, see
|
1965
|
-
# the `Body` object configuration.
|
1885
|
+
# Only the first 8 KB (8192 bytes) of the request body are forwarded
|
1886
|
+
# to WAF for inspection by the underlying host service. For
|
1887
|
+
# information about how to handle oversized request bodies, see the
|
1888
|
+
# `Body` object configuration.
|
1966
1889
|
# @return [Types::Body]
|
1967
1890
|
#
|
1968
1891
|
# @!attribute [rw] method
|
@@ -1976,15 +1899,10 @@ module Aws::WAFV2
|
|
1976
1899
|
# contains any additional data that you want to send to your web
|
1977
1900
|
# server as the HTTP request body, such as data from a form.
|
1978
1901
|
#
|
1979
|
-
#
|
1980
|
-
# inspection by the underlying host service. For
|
1981
|
-
#
|
1982
|
-
#
|
1983
|
-
# distributions, you can increase the limit in the web ACL's
|
1984
|
-
# `AssociationConfig`, for additional processing fees.
|
1985
|
-
#
|
1986
|
-
# For information about how to handle oversized request bodies, see
|
1987
|
-
# the `JsonBody` object configuration.
|
1902
|
+
# Only the first 8 KB (8192 bytes) of the request body are forwarded
|
1903
|
+
# to WAF for inspection by the underlying host service. For
|
1904
|
+
# information about how to handle oversized request bodies, see the
|
1905
|
+
# `JsonBody` object configuration.
|
1988
1906
|
# @return [Types::JsonBody]
|
1989
1907
|
#
|
1990
1908
|
# @!attribute [rw] headers
|
@@ -2115,19 +2033,40 @@ module Aws::WAFV2
|
|
2115
2033
|
end
|
2116
2034
|
|
2117
2035
|
# The processing guidance for an Firewall Manager rule. This is like a
|
2118
|
-
# regular rule Statement, but it can only contain a
|
2036
|
+
# regular rule Statement, but it can only contain a rule group
|
2119
2037
|
# reference.
|
2120
2038
|
#
|
2121
2039
|
# @!attribute [rw] managed_rule_group_statement
|
2122
|
-
# A statement used
|
2123
|
-
#
|
2124
|
-
#
|
2040
|
+
# A rule statement used to run the rules that are defined in a managed
|
2041
|
+
# rule group. To use this, provide the vendor name and the name of the
|
2042
|
+
# rule group in this statement. You can retrieve the required names by
|
2043
|
+
# calling ListAvailableManagedRuleGroups.
|
2044
|
+
#
|
2045
|
+
# You cannot nest a `ManagedRuleGroupStatement`, for example for use
|
2046
|
+
# inside a `NotStatement` or `OrStatement`. It can only be referenced
|
2047
|
+
# as a top-level statement within a rule.
|
2048
|
+
#
|
2049
|
+
# <note markdown="1"> You are charged additional fees when you use the WAF Bot Control
|
2050
|
+
# managed rule group `AWSManagedRulesBotControlRuleSet` or the WAF
|
2051
|
+
# Fraud Control account takeover prevention (ATP) managed rule group
|
2052
|
+
# `AWSManagedRulesATPRuleSet`. For more information, see [WAF
|
2053
|
+
# Pricing][1].
|
2054
|
+
#
|
2055
|
+
# </note>
|
2056
|
+
#
|
2057
|
+
#
|
2058
|
+
#
|
2059
|
+
# [1]: http://aws.amazon.com/waf/pricing/
|
2125
2060
|
# @return [Types::ManagedRuleGroupStatement]
|
2126
2061
|
#
|
2127
2062
|
# @!attribute [rw] rule_group_reference_statement
|
2128
|
-
# A statement used
|
2129
|
-
#
|
2130
|
-
#
|
2063
|
+
# A rule statement used to run the rules that are defined in a
|
2064
|
+
# RuleGroup. To use this, create a rule group with your rules, then
|
2065
|
+
# provide the ARN of the rule group in this statement.
|
2066
|
+
#
|
2067
|
+
# You cannot nest a `RuleGroupReferenceStatement`, for example for use
|
2068
|
+
# inside a `NotStatement` or `OrStatement`. You can only use a rule
|
2069
|
+
# group reference statement at the top level inside a web ACL.
|
2131
2070
|
# @return [Types::RuleGroupReferenceStatement]
|
2132
2071
|
#
|
2133
2072
|
# @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/FirewallManagerStatement AWS API Documentation
|
@@ -2304,7 +2243,7 @@ module Aws::WAFV2
|
|
2304
2243
|
# Specifies whether this is for an Amazon CloudFront distribution or
|
2305
2244
|
# for a regional application. A regional application can be an
|
2306
2245
|
# Application Load Balancer (ALB), an Amazon API Gateway REST API, an
|
2307
|
-
# AppSync GraphQL API,
|
2246
|
+
# AppSync GraphQL API, a Amazon Cognito user pool, or an App Runner
|
2308
2247
|
# service.
|
2309
2248
|
#
|
2310
2249
|
# To work with CloudFront, you must also specify the Region US East
|
@@ -2393,7 +2332,7 @@ module Aws::WAFV2
|
|
2393
2332
|
# Specifies whether this is for an Amazon CloudFront distribution or
|
2394
2333
|
# for a regional application. A regional application can be an
|
2395
2334
|
# Application Load Balancer (ALB), an Amazon API Gateway REST API, an
|
2396
|
-
# AppSync GraphQL API,
|
2335
|
+
# AppSync GraphQL API, a Amazon Cognito user pool, or an App Runner
|
2397
2336
|
# service.
|
2398
2337
|
#
|
2399
2338
|
# To work with CloudFront, you must also specify the Region US East
|
@@ -2506,7 +2445,7 @@ module Aws::WAFV2
|
|
2506
2445
|
# Specifies whether this is for an Amazon CloudFront distribution or
|
2507
2446
|
# for a regional application. A regional application can be an
|
2508
2447
|
# Application Load Balancer (ALB), an Amazon API Gateway REST API, an
|
2509
|
-
# AppSync GraphQL API,
|
2448
|
+
# AppSync GraphQL API, a Amazon Cognito user pool, or an App Runner
|
2510
2449
|
# service.
|
2511
2450
|
#
|
2512
2451
|
# To work with CloudFront, you must also specify the Region US East
|
@@ -2580,7 +2519,7 @@ module Aws::WAFV2
|
|
2580
2519
|
# Specifies whether this is for an Amazon CloudFront distribution or
|
2581
2520
|
# for a regional application. A regional application can be an
|
2582
2521
|
# Application Load Balancer (ALB), an Amazon API Gateway REST API, an
|
2583
|
-
# AppSync GraphQL API,
|
2522
|
+
# AppSync GraphQL API, a Amazon Cognito user pool, or an App Runner
|
2584
2523
|
# service.
|
2585
2524
|
#
|
2586
2525
|
# To work with CloudFront, you must also specify the Region US East
|
@@ -2641,7 +2580,7 @@ module Aws::WAFV2
|
|
2641
2580
|
# Specifies whether this is for an Amazon CloudFront distribution or
|
2642
2581
|
# for a regional application. A regional application can be an
|
2643
2582
|
# Application Load Balancer (ALB), an Amazon API Gateway REST API, an
|
2644
|
-
# AppSync GraphQL API,
|
2583
|
+
# AppSync GraphQL API, a Amazon Cognito user pool, or an App Runner
|
2645
2584
|
# service.
|
2646
2585
|
#
|
2647
2586
|
# To work with CloudFront, you must also specify the Region US East
|
@@ -2712,7 +2651,7 @@ module Aws::WAFV2
|
|
2712
2651
|
# Specifies whether this is for an Amazon CloudFront distribution or
|
2713
2652
|
# for a regional application. A regional application can be an
|
2714
2653
|
# Application Load Balancer (ALB), an Amazon API Gateway REST API, an
|
2715
|
-
# AppSync GraphQL API,
|
2654
|
+
# AppSync GraphQL API, a Amazon Cognito user pool, or an App Runner
|
2716
2655
|
# service.
|
2717
2656
|
#
|
2718
2657
|
# To work with CloudFront, you must also specify the Region US East
|
@@ -2792,22 +2731,20 @@ module Aws::WAFV2
|
|
2792
2731
|
# The ARN must be in one of the following formats:
|
2793
2732
|
#
|
2794
2733
|
# * For an Application Load Balancer:
|
2795
|
-
# `arn:
|
2734
|
+
# `arn:aws:elasticloadbalancing:region:account-id:loadbalancer/app/load-balancer-name/load-balancer-id
|
2796
2735
|
# `
|
2797
2736
|
#
|
2798
2737
|
# * For an Amazon API Gateway REST API:
|
2799
|
-
# `arn:
|
2800
|
-
# `
|
2738
|
+
# `arn:aws:apigateway:region::/restapis/api-id/stages/stage-name `
|
2801
2739
|
#
|
2802
2740
|
# * For an AppSync GraphQL API:
|
2803
|
-
# `arn:
|
2741
|
+
# `arn:aws:appsync:region:account-id:apis/GraphQLApiId `
|
2804
2742
|
#
|
2805
2743
|
# * For an Amazon Cognito user pool:
|
2806
|
-
# `arn:
|
2807
|
-
# `
|
2744
|
+
# `arn:aws:cognito-idp:region:account-id:userpool/user-pool-id `
|
2808
2745
|
#
|
2809
2746
|
# * For an App Runner service:
|
2810
|
-
# `arn:
|
2747
|
+
# `arn:aws:apprunner:region:account-id:service/apprunner-service-name/apprunner-service-id
|
2811
2748
|
# `
|
2812
2749
|
# @return [String]
|
2813
2750
|
#
|
@@ -2841,7 +2778,7 @@ module Aws::WAFV2
|
|
2841
2778
|
# Specifies whether this is for an Amazon CloudFront distribution or
|
2842
2779
|
# for a regional application. A regional application can be an
|
2843
2780
|
# Application Load Balancer (ALB), an Amazon API Gateway REST API, an
|
2844
|
-
# AppSync GraphQL API,
|
2781
|
+
# AppSync GraphQL API, a Amazon Cognito user pool, or an App Runner
|
2845
2782
|
# service.
|
2846
2783
|
#
|
2847
2784
|
# To work with CloudFront, you must also specify the Region US East
|
@@ -3410,16 +3347,10 @@ module Aws::WAFV2
|
|
3410
3347
|
#
|
3411
3348
|
# @!attribute [rw] oversize_handling
|
3412
3349
|
# What WAF should do if the body is larger than WAF can inspect. WAF
|
3413
|
-
# does not support inspecting the entire contents of the web
|
3414
|
-
#
|
3415
|
-
# body
|
3416
|
-
#
|
3417
|
-
# inspection.
|
3418
|
-
#
|
3419
|
-
# The default limit is 8 KB (8,192 kilobytes) for regional resources
|
3420
|
-
# and 16 KB (16,384 kilobytes) for CloudFront distributions. For
|
3421
|
-
# CloudFront distributions, you can increase the limit in the web ACL
|
3422
|
-
# `AssociationConfig`, for additional processing fees.
|
3350
|
+
# does not support inspecting the entire contents of the body of a web
|
3351
|
+
# request when the body exceeds 8 KB (8192 bytes). Only the first 8 KB
|
3352
|
+
# of the request body are forwarded to WAF by the underlying host
|
3353
|
+
# service.
|
3423
3354
|
#
|
3424
3355
|
# The options for oversize handling are the following:
|
3425
3356
|
#
|
@@ -3434,7 +3365,7 @@ module Aws::WAFV2
|
|
3434
3365
|
#
|
3435
3366
|
# You can combine the `MATCH` or `NO_MATCH` settings for oversize
|
3436
3367
|
# handling with your rule and web ACL action settings, so that you
|
3437
|
-
# block any request whose body is over
|
3368
|
+
# block any request whose body is over 8 KB.
|
3438
3369
|
#
|
3439
3370
|
# Default: `CONTINUE`
|
3440
3371
|
# @return [String]
|
@@ -3606,7 +3537,7 @@ module Aws::WAFV2
|
|
3606
3537
|
# Specifies whether this is for an Amazon CloudFront distribution or
|
3607
3538
|
# for a regional application. A regional application can be an
|
3608
3539
|
# Application Load Balancer (ALB), an Amazon API Gateway REST API, an
|
3609
|
-
# AppSync GraphQL API,
|
3540
|
+
# AppSync GraphQL API, a Amazon Cognito user pool, or an App Runner
|
3610
3541
|
# service.
|
3611
3542
|
#
|
3612
3543
|
# To work with CloudFront, you must also specify the Region US East
|
@@ -3676,7 +3607,7 @@ module Aws::WAFV2
|
|
3676
3607
|
# Specifies whether this is for an Amazon CloudFront distribution or
|
3677
3608
|
# for a regional application. A regional application can be an
|
3678
3609
|
# Application Load Balancer (ALB), an Amazon API Gateway REST API, an
|
3679
|
-
# AppSync GraphQL API,
|
3610
|
+
# AppSync GraphQL API, a Amazon Cognito user pool, or an App Runner
|
3680
3611
|
# service.
|
3681
3612
|
#
|
3682
3613
|
# To work with CloudFront, you must also specify the Region US East
|
@@ -3737,7 +3668,7 @@ module Aws::WAFV2
|
|
3737
3668
|
# Specifies whether this is for an Amazon CloudFront distribution or
|
3738
3669
|
# for a regional application. A regional application can be an
|
3739
3670
|
# Application Load Balancer (ALB), an Amazon API Gateway REST API, an
|
3740
|
-
# AppSync GraphQL API,
|
3671
|
+
# AppSync GraphQL API, a Amazon Cognito user pool, or an App Runner
|
3741
3672
|
# service.
|
3742
3673
|
#
|
3743
3674
|
# To work with CloudFront, you must also specify the Region US East
|
@@ -3800,7 +3731,7 @@ module Aws::WAFV2
|
|
3800
3731
|
# Specifies whether this is for an Amazon CloudFront distribution or
|
3801
3732
|
# for a regional application. A regional application can be an
|
3802
3733
|
# Application Load Balancer (ALB), an Amazon API Gateway REST API, an
|
3803
|
-
# AppSync GraphQL API,
|
3734
|
+
# AppSync GraphQL API, a Amazon Cognito user pool, or an App Runner
|
3804
3735
|
# service.
|
3805
3736
|
#
|
3806
3737
|
# To work with CloudFront, you must also specify the Region US East
|
@@ -3861,7 +3792,7 @@ module Aws::WAFV2
|
|
3861
3792
|
# Specifies whether this is for an Amazon CloudFront distribution or
|
3862
3793
|
# for a regional application. A regional application can be an
|
3863
3794
|
# Application Load Balancer (ALB), an Amazon API Gateway REST API, an
|
3864
|
-
# AppSync GraphQL API,
|
3795
|
+
# AppSync GraphQL API, a Amazon Cognito user pool, or an App Runner
|
3865
3796
|
# service.
|
3866
3797
|
#
|
3867
3798
|
# To work with CloudFront, you must also specify the Region US East
|
@@ -3973,7 +3904,7 @@ module Aws::WAFV2
|
|
3973
3904
|
# Specifies whether this is for an Amazon CloudFront distribution or
|
3974
3905
|
# for a regional application. A regional application can be an
|
3975
3906
|
# Application Load Balancer (ALB), an Amazon API Gateway REST API, an
|
3976
|
-
# AppSync GraphQL API,
|
3907
|
+
# AppSync GraphQL API, a Amazon Cognito user pool, or an App Runner
|
3977
3908
|
# service.
|
3978
3909
|
#
|
3979
3910
|
# To work with CloudFront, you must also specify the Region US East
|
@@ -4037,7 +3968,7 @@ module Aws::WAFV2
|
|
4037
3968
|
# @!attribute [rw] resource_type
|
4038
3969
|
# Used for web ACLs that are scoped for regional applications. A
|
4039
3970
|
# regional application can be an Application Load Balancer (ALB), an
|
4040
|
-
# Amazon API Gateway REST API, an AppSync GraphQL API,
|
3971
|
+
# Amazon API Gateway REST API, an AppSync GraphQL API, a Amazon
|
4041
3972
|
# Cognito user pool, or an App Runner service.
|
4042
3973
|
#
|
4043
3974
|
# <note markdown="1"> If you don't provide a resource type, the call uses the resource
|
@@ -4074,7 +4005,7 @@ module Aws::WAFV2
|
|
4074
4005
|
# Specifies whether this is for an Amazon CloudFront distribution or
|
4075
4006
|
# for a regional application. A regional application can be an
|
4076
4007
|
# Application Load Balancer (ALB), an Amazon API Gateway REST API, an
|
4077
|
-
# AppSync GraphQL API,
|
4008
|
+
# AppSync GraphQL API, a Amazon Cognito user pool, or an App Runner
|
4078
4009
|
# service.
|
4079
4010
|
#
|
4080
4011
|
# To work with CloudFront, you must also specify the Region US East
|
@@ -4185,7 +4116,7 @@ module Aws::WAFV2
|
|
4185
4116
|
# Specifies whether this is for an Amazon CloudFront distribution or
|
4186
4117
|
# for a regional application. A regional application can be an
|
4187
4118
|
# Application Load Balancer (ALB), an Amazon API Gateway REST API, an
|
4188
|
-
# AppSync GraphQL API,
|
4119
|
+
# AppSync GraphQL API, a Amazon Cognito user pool, or an App Runner
|
4189
4120
|
# service.
|
4190
4121
|
#
|
4191
4122
|
# To work with CloudFront, you must also specify the Region US East
|
@@ -4790,13 +4721,8 @@ module Aws::WAFV2
|
|
4790
4721
|
# relative cost of each rule. Simple rules that cost little to run use
|
4791
4722
|
# fewer WCUs than more complex rules that use more processing power.
|
4792
4723
|
# Rule group capacity is fixed at creation, which helps users plan
|
4793
|
-
# their web ACL WCU usage when they use a rule group.
|
4794
|
-
#
|
4795
|
-
# Developer Guide*.
|
4796
|
-
#
|
4797
|
-
#
|
4798
|
-
#
|
4799
|
-
# [1]: https://docs.aws.amazon.com/waf/latest/developerguide/aws-waf-capacity-units.html
|
4724
|
+
# their web ACL WCU usage when they use a rule group. The WCU limit
|
4725
|
+
# for web ACLs is 1,500.
|
4800
4726
|
# @return [Integer]
|
4801
4727
|
#
|
4802
4728
|
# @!attribute [rw] forecasted_lifetime
|
@@ -5034,7 +4960,7 @@ module Aws::WAFV2
|
|
5034
4960
|
# Specifies whether this is for an Amazon CloudFront distribution or
|
5035
4961
|
# for a regional application. A regional application can be an
|
5036
4962
|
# Application Load Balancer (ALB), an Amazon API Gateway REST API, an
|
5037
|
-
# AppSync GraphQL API,
|
4963
|
+
# AppSync GraphQL API, a Amazon Cognito user pool, or an App Runner
|
5038
4964
|
# service.
|
5039
4965
|
#
|
5040
4966
|
# To work with CloudFront, you must also specify the Region US East
|
@@ -5117,7 +5043,8 @@ module Aws::WAFV2
|
|
5117
5043
|
#
|
5118
5044
|
# The policy specifications must conform to the following:
|
5119
5045
|
#
|
5120
|
-
# * The policy must be composed using IAM Policy version 2012-10-17
|
5046
|
+
# * The policy must be composed using IAM Policy version 2012-10-17 or
|
5047
|
+
# version 2015-01-01.
|
5121
5048
|
#
|
5122
5049
|
# * The policy must include specifications for `Effect`, `Action`, and
|
5123
5050
|
# `Principal`.
|
@@ -5472,39 +5399,6 @@ module Aws::WAFV2
|
|
5472
5399
|
include Aws::Structure
|
5473
5400
|
end
|
5474
5401
|
|
5475
|
-
# Customizes the maximum size of the request body that your protected
|
5476
|
-
# CloudFront distributions forward to WAF for inspection. The default
|
5477
|
-
# size is 16 KB (16,384 kilobytes).
|
5478
|
-
#
|
5479
|
-
# <note markdown="1"> You are charged additional fees when your protected resources forward
|
5480
|
-
# body sizes that are larger than the default. For more information, see
|
5481
|
-
# [WAF Pricing][1].
|
5482
|
-
#
|
5483
|
-
# </note>
|
5484
|
-
#
|
5485
|
-
# This is used in the `AssociationConfig` of the web ACL.
|
5486
|
-
#
|
5487
|
-
#
|
5488
|
-
#
|
5489
|
-
# [1]: http://aws.amazon.com/waf/pricing/
|
5490
|
-
#
|
5491
|
-
# @!attribute [rw] default_size_inspection_limit
|
5492
|
-
# Specifies the maximum size of the web request body component that an
|
5493
|
-
# associated CloudFront distribution should send to WAF for
|
5494
|
-
# inspection. This applies to statements in the web ACL that inspect
|
5495
|
-
# the body or JSON body.
|
5496
|
-
#
|
5497
|
-
# Default: `16 KB (16,384 kilobytes)`
|
5498
|
-
# @return [String]
|
5499
|
-
#
|
5500
|
-
# @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/RequestBodyAssociatedResourceTypeConfig AWS API Documentation
|
5501
|
-
#
|
5502
|
-
class RequestBodyAssociatedResourceTypeConfig < Struct.new(
|
5503
|
-
:default_size_inspection_limit)
|
5504
|
-
SENSITIVE = []
|
5505
|
-
include Aws::Structure
|
5506
|
-
end
|
5507
|
-
|
5508
5402
|
# The criteria for inspecting login requests, used by the ATP rule group
|
5509
5403
|
# to validate credentials usage.
|
5510
5404
|
#
|
@@ -6011,13 +5905,8 @@ module Aws::WAFV2
|
|
6011
5905
|
# relative cost of each rule. Simple rules that cost little to run use
|
6012
5906
|
# fewer WCUs than more complex rules that use more processing power.
|
6013
5907
|
# Rule group capacity is fixed at creation, which helps users plan
|
6014
|
-
# their web ACL WCU usage when they use a rule group.
|
6015
|
-
#
|
6016
|
-
# Developer Guide*.
|
6017
|
-
#
|
6018
|
-
#
|
6019
|
-
#
|
6020
|
-
# [1]: https://docs.aws.amazon.com/waf/latest/developerguide/aws-waf-capacity-units.html
|
5908
|
+
# their web ACL WCU usage when they use a rule group. The WCU limit
|
5909
|
+
# for web ACLs is 1,500.
|
6021
5910
|
# @return [Integer]
|
6022
5911
|
#
|
6023
5912
|
# @!attribute [rw] arn
|
@@ -6064,17 +5953,18 @@ module Aws::WAFV2
|
|
6064
5953
|
# the rules that you define in the rule group.
|
6065
5954
|
#
|
6066
5955
|
# For information about customizing web requests and responses, see
|
6067
|
-
# [Customizing web requests and responses in WAF][1] in the
|
6068
|
-
# Developer Guide
|
5956
|
+
# [Customizing web requests and responses in WAF][1] in the [WAF
|
5957
|
+
# Developer Guide][2].
|
6069
5958
|
#
|
6070
5959
|
# For information about the limits on count and size for custom
|
6071
|
-
# request and response settings, see [WAF quotas][
|
6072
|
-
# Developer Guide
|
5960
|
+
# request and response settings, see [WAF quotas][3] in the [WAF
|
5961
|
+
# Developer Guide][2].
|
6073
5962
|
#
|
6074
5963
|
#
|
6075
5964
|
#
|
6076
5965
|
# [1]: https://docs.aws.amazon.com/waf/latest/developerguide/waf-custom-request-response.html
|
6077
|
-
# [2]: https://docs.aws.amazon.com/waf/latest/developerguide/
|
5966
|
+
# [2]: https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html
|
5967
|
+
# [3]: https://docs.aws.amazon.com/waf/latest/developerguide/limits.html
|
6078
5968
|
# @return [Hash<String,Types::CustomResponseBody>]
|
6079
5969
|
#
|
6080
5970
|
# @!attribute [rw] available_labels
|
@@ -6361,14 +6251,9 @@ module Aws::WAFV2
|
|
6361
6251
|
# statement to look for query strings that are longer than 100 bytes.
|
6362
6252
|
#
|
6363
6253
|
# If you configure WAF to inspect the request body, WAF inspects only
|
6364
|
-
# the
|
6365
|
-
#
|
6366
|
-
#
|
6367
|
-
# For CloudFront web ACLs, you can increase the limit in the web ACL
|
6368
|
-
# `AssociationConfig`, for additional fees. If you know that the request
|
6369
|
-
# body for your web requests should never exceed the inspection limit,
|
6370
|
-
# you could use a size constraint statement to block requests that have
|
6371
|
-
# a larger request body size.
|
6254
|
+
# the first 8192 bytes (8 KB). If the request body for your web requests
|
6255
|
+
# never exceeds 8192 bytes, you could use a size constraint statement to
|
6256
|
+
# block requests that have a request body greater than 8192 bytes.
|
6372
6257
|
#
|
6373
6258
|
# If you choose URI for the value of Part of the request to filter on,
|
6374
6259
|
# the slash (/) in the URI counts as one character. For example, the URI
|
@@ -6490,14 +6375,10 @@ module Aws::WAFV2
|
|
6490
6375
|
# 100 bytes.
|
6491
6376
|
#
|
6492
6377
|
# If you configure WAF to inspect the request body, WAF inspects only
|
6493
|
-
# the
|
6494
|
-
#
|
6495
|
-
#
|
6496
|
-
#
|
6497
|
-
# `AssociationConfig`, for additional fees. If you know that the
|
6498
|
-
# request body for your web requests should never exceed the
|
6499
|
-
# inspection limit, you could use a size constraint statement to block
|
6500
|
-
# requests that have a larger request body size.
|
6378
|
+
# the first 8192 bytes (8 KB). If the request body for your web
|
6379
|
+
# requests never exceeds 8192 bytes, you could use a size constraint
|
6380
|
+
# statement to block requests that have a request body greater than
|
6381
|
+
# 8192 bytes.
|
6501
6382
|
#
|
6502
6383
|
# If you choose URI for the value of Part of the request to filter on,
|
6503
6384
|
# the slash (/) in the URI counts as one character. For example, the
|
@@ -7012,7 +6893,7 @@ module Aws::WAFV2
|
|
7012
6893
|
# Specifies whether this is for an Amazon CloudFront distribution or
|
7013
6894
|
# for a regional application. A regional application can be an
|
7014
6895
|
# Application Load Balancer (ALB), an Amazon API Gateway REST API, an
|
7015
|
-
# AppSync GraphQL API,
|
6896
|
+
# AppSync GraphQL API, a Amazon Cognito user pool, or an App Runner
|
7016
6897
|
# service.
|
7017
6898
|
#
|
7018
6899
|
# To work with CloudFront, you must also specify the Region US East
|
@@ -7131,7 +7012,7 @@ module Aws::WAFV2
|
|
7131
7012
|
# Specifies whether this is for an Amazon CloudFront distribution or
|
7132
7013
|
# for a regional application. A regional application can be an
|
7133
7014
|
# Application Load Balancer (ALB), an Amazon API Gateway REST API, an
|
7134
|
-
# AppSync GraphQL API,
|
7015
|
+
# AppSync GraphQL API, a Amazon Cognito user pool, or an App Runner
|
7135
7016
|
# service.
|
7136
7017
|
#
|
7137
7018
|
# To work with CloudFront, you must also specify the Region US East
|
@@ -7230,7 +7111,7 @@ module Aws::WAFV2
|
|
7230
7111
|
# Specifies whether this is for an Amazon CloudFront distribution or
|
7231
7112
|
# for a regional application. A regional application can be an
|
7232
7113
|
# Application Load Balancer (ALB), an Amazon API Gateway REST API, an
|
7233
|
-
# AppSync GraphQL API,
|
7114
|
+
# AppSync GraphQL API, a Amazon Cognito user pool, or an App Runner
|
7234
7115
|
# service.
|
7235
7116
|
#
|
7236
7117
|
# To work with CloudFront, you must also specify the Region US East
|
@@ -7303,7 +7184,7 @@ module Aws::WAFV2
|
|
7303
7184
|
# Specifies whether this is for an Amazon CloudFront distribution or
|
7304
7185
|
# for a regional application. A regional application can be an
|
7305
7186
|
# Application Load Balancer (ALB), an Amazon API Gateway REST API, an
|
7306
|
-
# AppSync GraphQL API,
|
7187
|
+
# AppSync GraphQL API, a Amazon Cognito user pool, or an App Runner
|
7307
7188
|
# service.
|
7308
7189
|
#
|
7309
7190
|
# To work with CloudFront, you must also specify the Region US East
|
@@ -7356,17 +7237,18 @@ module Aws::WAFV2
|
|
7356
7237
|
# the rules that you define in the rule group.
|
7357
7238
|
#
|
7358
7239
|
# For information about customizing web requests and responses, see
|
7359
|
-
# [Customizing web requests and responses in WAF][1] in the
|
7360
|
-
# Developer Guide
|
7240
|
+
# [Customizing web requests and responses in WAF][1] in the [WAF
|
7241
|
+
# Developer Guide][2].
|
7361
7242
|
#
|
7362
7243
|
# For information about the limits on count and size for custom
|
7363
|
-
# request and response settings, see [WAF quotas][
|
7364
|
-
# Developer Guide
|
7244
|
+
# request and response settings, see [WAF quotas][3] in the [WAF
|
7245
|
+
# Developer Guide][2].
|
7365
7246
|
#
|
7366
7247
|
#
|
7367
7248
|
#
|
7368
7249
|
# [1]: https://docs.aws.amazon.com/waf/latest/developerguide/waf-custom-request-response.html
|
7369
|
-
# [2]: https://docs.aws.amazon.com/waf/latest/developerguide/
|
7250
|
+
# [2]: https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html
|
7251
|
+
# [3]: https://docs.aws.amazon.com/waf/latest/developerguide/limits.html
|
7370
7252
|
# @return [Hash<String,Types::CustomResponseBody>]
|
7371
7253
|
#
|
7372
7254
|
# @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/UpdateRuleGroupRequest AWS API Documentation
|
@@ -7407,7 +7289,7 @@ module Aws::WAFV2
|
|
7407
7289
|
# Specifies whether this is for an Amazon CloudFront distribution or
|
7408
7290
|
# for a regional application. A regional application can be an
|
7409
7291
|
# Application Load Balancer (ALB), an Amazon API Gateway REST API, an
|
7410
|
-
# AppSync GraphQL API,
|
7292
|
+
# AppSync GraphQL API, a Amazon Cognito user pool, or an App Runner
|
7411
7293
|
# service.
|
7412
7294
|
#
|
7413
7295
|
# To work with CloudFront, you must also specify the Region US East
|
@@ -7465,17 +7347,18 @@ module Aws::WAFV2
|
|
7465
7347
|
# rules and default actions that you define in the web ACL.
|
7466
7348
|
#
|
7467
7349
|
# For information about customizing web requests and responses, see
|
7468
|
-
# [Customizing web requests and responses in WAF][1] in the
|
7469
|
-
# Developer Guide
|
7350
|
+
# [Customizing web requests and responses in WAF][1] in the [WAF
|
7351
|
+
# Developer Guide][2].
|
7470
7352
|
#
|
7471
7353
|
# For information about the limits on count and size for custom
|
7472
|
-
# request and response settings, see [WAF quotas][
|
7473
|
-
# Developer Guide
|
7354
|
+
# request and response settings, see [WAF quotas][3] in the [WAF
|
7355
|
+
# Developer Guide][2].
|
7474
7356
|
#
|
7475
7357
|
#
|
7476
7358
|
#
|
7477
7359
|
# [1]: https://docs.aws.amazon.com/waf/latest/developerguide/waf-custom-request-response.html
|
7478
|
-
# [2]: https://docs.aws.amazon.com/waf/latest/developerguide/
|
7360
|
+
# [2]: https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html
|
7361
|
+
# [3]: https://docs.aws.amazon.com/waf/latest/developerguide/limits.html
|
7479
7362
|
# @return [Hash<String,Types::CustomResponseBody>]
|
7480
7363
|
#
|
7481
7364
|
# @!attribute [rw] captcha_config
|
@@ -7507,25 +7390,6 @@ module Aws::WAFV2
|
|
7507
7390
|
# `usa.gov` or `co.uk` as token domains.
|
7508
7391
|
# @return [Array<String>]
|
7509
7392
|
#
|
7510
|
-
# @!attribute [rw] association_config
|
7511
|
-
# Specifies custom configurations for the associations between the web
|
7512
|
-
# ACL and protected resources.
|
7513
|
-
#
|
7514
|
-
# Use this to customize the maximum size of the request body that your
|
7515
|
-
# protected CloudFront distributions forward to WAF for inspection.
|
7516
|
-
# The default is 16 KB (16,384 kilobytes).
|
7517
|
-
#
|
7518
|
-
# <note markdown="1"> You are charged additional fees when your protected resources
|
7519
|
-
# forward body sizes that are larger than the default. For more
|
7520
|
-
# information, see [WAF Pricing][1].
|
7521
|
-
#
|
7522
|
-
# </note>
|
7523
|
-
#
|
7524
|
-
#
|
7525
|
-
#
|
7526
|
-
# [1]: http://aws.amazon.com/waf/pricing/
|
7527
|
-
# @return [Types::AssociationConfig]
|
7528
|
-
#
|
7529
7393
|
# @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/UpdateWebACLRequest AWS API Documentation
|
7530
7394
|
#
|
7531
7395
|
class UpdateWebACLRequest < Struct.new(
|
@@ -7540,8 +7404,7 @@ module Aws::WAFV2
|
|
7540
7404
|
:custom_response_bodies,
|
7541
7405
|
:captcha_config,
|
7542
7406
|
:challenge_config,
|
7543
|
-
:token_domains
|
7544
|
-
:association_config)
|
7407
|
+
:token_domains)
|
7545
7408
|
SENSITIVE = []
|
7546
7409
|
include Aws::Structure
|
7547
7410
|
end
|
@@ -7636,7 +7499,7 @@ module Aws::WAFV2
|
|
7636
7499
|
# @!attribute [rw] cloud_watch_metrics_enabled
|
7637
7500
|
# A boolean indicating whether the associated resource sends metrics
|
7638
7501
|
# to Amazon CloudWatch. For the list of available metrics, see [WAF
|
7639
|
-
# Metrics][1]
|
7502
|
+
# Metrics][1].
|
7640
7503
|
#
|
7641
7504
|
#
|
7642
7505
|
#
|
@@ -7802,7 +7665,8 @@ module Aws::WAFV2
|
|
7802
7665
|
#
|
7803
7666
|
# The policy specifications must conform to the following:
|
7804
7667
|
#
|
7805
|
-
# * The policy must be composed using IAM Policy version 2012-10-17
|
7668
|
+
# * The policy must be composed using IAM Policy version 2012-10-17 or
|
7669
|
+
# version 2015-01-01.
|
7806
7670
|
#
|
7807
7671
|
# * The policy must include specifications for `Effect`, `Action`, and
|
7808
7672
|
# `Principal`.
|
@@ -8007,7 +7871,7 @@ module Aws::WAFV2
|
|
8007
7871
|
# can associate a web ACL with one or more Amazon Web Services resources
|
8008
7872
|
# to protect. The resources can be an Amazon CloudFront distribution, an
|
8009
7873
|
# Amazon API Gateway REST API, an Application Load Balancer, an AppSync
|
8010
|
-
# GraphQL API,
|
7874
|
+
# GraphQL API, Amazon Cognito user pool, or an App Runner service.
|
8011
7875
|
#
|
8012
7876
|
# @!attribute [rw] name
|
8013
7877
|
# The name of the web ACL. You cannot change the name of a web ACL
|
@@ -8056,13 +7920,8 @@ module Aws::WAFV2
|
|
8056
7920
|
# relative cost of each rule. Simple rules that cost little to run use
|
8057
7921
|
# fewer WCUs than more complex rules that use more processing power.
|
8058
7922
|
# Rule group capacity is fixed at creation, which helps users plan
|
8059
|
-
# their web ACL WCU usage when they use a rule group.
|
8060
|
-
#
|
8061
|
-
# Developer Guide*.
|
8062
|
-
#
|
8063
|
-
#
|
8064
|
-
#
|
8065
|
-
# [1]: https://docs.aws.amazon.com/waf/latest/developerguide/aws-waf-capacity-units.html
|
7923
|
+
# their web ACL WCU usage when they use a rule group. The WCU limit
|
7924
|
+
# for web ACLs is 1,500.
|
8066
7925
|
# @return [Integer]
|
8067
7926
|
#
|
8068
7927
|
# @!attribute [rw] pre_process_firewall_manager_rule_groups
|
@@ -8121,17 +7980,18 @@ module Aws::WAFV2
|
|
8121
7980
|
# rules and default actions that you define in the web ACL.
|
8122
7981
|
#
|
8123
7982
|
# For information about customizing web requests and responses, see
|
8124
|
-
# [Customizing web requests and responses in WAF][1] in the
|
8125
|
-
# Developer Guide
|
7983
|
+
# [Customizing web requests and responses in WAF][1] in the [WAF
|
7984
|
+
# Developer Guide][2].
|
8126
7985
|
#
|
8127
7986
|
# For information about the limits on count and size for custom
|
8128
|
-
# request and response settings, see [WAF quotas][
|
8129
|
-
# Developer Guide
|
7987
|
+
# request and response settings, see [WAF quotas][3] in the [WAF
|
7988
|
+
# Developer Guide][2].
|
8130
7989
|
#
|
8131
7990
|
#
|
8132
7991
|
#
|
8133
7992
|
# [1]: https://docs.aws.amazon.com/waf/latest/developerguide/waf-custom-request-response.html
|
8134
|
-
# [2]: https://docs.aws.amazon.com/waf/latest/developerguide/
|
7993
|
+
# [2]: https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html
|
7994
|
+
# [3]: https://docs.aws.amazon.com/waf/latest/developerguide/limits.html
|
8135
7995
|
# @return [Hash<String,Types::CustomResponseBody>]
|
8136
7996
|
#
|
8137
7997
|
# @!attribute [rw] captcha_config
|
@@ -8157,25 +8017,6 @@ module Aws::WAFV2
|
|
8157
8017
|
# domain list, including their prefixed subdomains.
|
8158
8018
|
# @return [Array<String>]
|
8159
8019
|
#
|
8160
|
-
# @!attribute [rw] association_config
|
8161
|
-
# Specifies custom configurations for the associations between the web
|
8162
|
-
# ACL and protected resources.
|
8163
|
-
#
|
8164
|
-
# Use this to customize the maximum size of the request body that your
|
8165
|
-
# protected CloudFront distributions forward to WAF for inspection.
|
8166
|
-
# The default is 16 KB (16,384 kilobytes).
|
8167
|
-
#
|
8168
|
-
# <note markdown="1"> You are charged additional fees when your protected resources
|
8169
|
-
# forward body sizes that are larger than the default. For more
|
8170
|
-
# information, see [WAF Pricing][1].
|
8171
|
-
#
|
8172
|
-
# </note>
|
8173
|
-
#
|
8174
|
-
#
|
8175
|
-
#
|
8176
|
-
# [1]: http://aws.amazon.com/waf/pricing/
|
8177
|
-
# @return [Types::AssociationConfig]
|
8178
|
-
#
|
8179
8020
|
# @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/WebACL AWS API Documentation
|
8180
8021
|
#
|
8181
8022
|
class WebACL < Struct.new(
|
@@ -8194,8 +8035,7 @@ module Aws::WAFV2
|
|
8194
8035
|
:custom_response_bodies,
|
8195
8036
|
:captcha_config,
|
8196
8037
|
:challenge_config,
|
8197
|
-
:token_domains
|
8198
|
-
:association_config)
|
8038
|
+
:token_domains)
|
8199
8039
|
SENSITIVE = []
|
8200
8040
|
include Aws::Structure
|
8201
8041
|
end
|