aws-sdk-wafv2 1.53.0 → 1.55.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG.md +10 -0
- data/VERSION +1 -1
- data/lib/aws-sdk-wafv2/client.rb +316 -84
- data/lib/aws-sdk-wafv2/client_api.rb +99 -0
- data/lib/aws-sdk-wafv2/endpoints.rb +42 -0
- data/lib/aws-sdk-wafv2/plugins/endpoints.rb +6 -0
- data/lib/aws-sdk-wafv2/types.rb +587 -199
- data/lib/aws-sdk-wafv2.rb +1 -1
- metadata +2 -2
data/lib/aws-sdk-wafv2/types.rb
CHANGED
@@ -10,6 +10,44 @@
|
|
10
10
|
module Aws::WAFV2
|
11
11
|
module Types
|
12
12
|
|
13
|
+
# Information for a single API key.
|
14
|
+
#
|
15
|
+
# @!attribute [rw] token_domains
|
16
|
+
# The token domains that are defined in this API key.
|
17
|
+
# @return [Array<String>]
|
18
|
+
#
|
19
|
+
# @!attribute [rw] api_key
|
20
|
+
# The generated, encrypted API key. You can copy this for use in your
|
21
|
+
# JavaScript CAPTCHA integration.
|
22
|
+
#
|
23
|
+
# For information about how to use this in your CAPTCHA JavaScript
|
24
|
+
# integration, see [WAF client application integration][1] in the *WAF
|
25
|
+
# Developer Guide*.
|
26
|
+
#
|
27
|
+
#
|
28
|
+
#
|
29
|
+
# [1]: https://docs.aws.amazon.com/waf/latest/developerguide/waf-application-integration.html
|
30
|
+
# @return [String]
|
31
|
+
#
|
32
|
+
# @!attribute [rw] creation_timestamp
|
33
|
+
# The date and time that the key was created.
|
34
|
+
# @return [Time]
|
35
|
+
#
|
36
|
+
# @!attribute [rw] version
|
37
|
+
# Internal value used by WAF to manage the key.
|
38
|
+
# @return [Integer]
|
39
|
+
#
|
40
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/APIKeySummary AWS API Documentation
|
41
|
+
#
|
42
|
+
class APIKeySummary < Struct.new(
|
43
|
+
:token_domains,
|
44
|
+
:api_key,
|
45
|
+
:creation_timestamp,
|
46
|
+
:version)
|
47
|
+
SENSITIVE = []
|
48
|
+
include Aws::Structure
|
49
|
+
end
|
50
|
+
|
13
51
|
# Details for your use of the account takeover prevention managed rule
|
14
52
|
# group, `AWSManagedRulesATPRuleSet`. This configuration is used in
|
15
53
|
# `ManagedRuleGroupConfig`.
|
@@ -63,7 +101,8 @@ module Aws::WAFV2
|
|
63
101
|
# The inspection level to use for the Bot Control rule group. The
|
64
102
|
# common level is the least expensive. The targeted level includes all
|
65
103
|
# common level rules and adds rules with more advanced inspection
|
66
|
-
# criteria. For details, see [WAF Bot Control rule group][1]
|
104
|
+
# criteria. For details, see [WAF Bot Control rule group][1] in the
|
105
|
+
# *WAF Developer Guide*.
|
67
106
|
#
|
68
107
|
#
|
69
108
|
#
|
@@ -137,13 +176,12 @@ module Aws::WAFV2
|
|
137
176
|
# Defines custom handling for the web request.
|
138
177
|
#
|
139
178
|
# For information about customizing web requests and responses, see
|
140
|
-
# [Customizing web requests and responses in WAF][1] in the
|
141
|
-
# Developer Guide
|
179
|
+
# [Customizing web requests and responses in WAF][1] in the *WAF
|
180
|
+
# Developer Guide*.
|
142
181
|
#
|
143
182
|
#
|
144
183
|
#
|
145
184
|
# [1]: https://docs.aws.amazon.com/waf/latest/developerguide/waf-custom-request-response.html
|
146
|
-
# [2]: https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html
|
147
185
|
# @return [Types::CustomRequestHandling]
|
148
186
|
#
|
149
187
|
# @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/AllowAction AWS API Documentation
|
@@ -183,20 +221,22 @@ module Aws::WAFV2
|
|
183
221
|
# The ARN must be in one of the following formats:
|
184
222
|
#
|
185
223
|
# * For an Application Load Balancer:
|
186
|
-
# `arn:
|
224
|
+
# `arn:partition:elasticloadbalancing:region:account-id:loadbalancer/app/load-balancer-name/load-balancer-id
|
187
225
|
# `
|
188
226
|
#
|
189
227
|
# * For an Amazon API Gateway REST API:
|
190
|
-
# `arn:
|
228
|
+
# `arn:partition:apigateway:region::/restapis/api-id/stages/stage-name
|
229
|
+
# `
|
191
230
|
#
|
192
231
|
# * For an AppSync GraphQL API:
|
193
|
-
# `arn:
|
232
|
+
# `arn:partition:appsync:region:account-id:apis/GraphQLApiId `
|
194
233
|
#
|
195
234
|
# * For an Amazon Cognito user pool:
|
196
|
-
# `arn:
|
235
|
+
# `arn:partition:cognito-idp:region:account-id:userpool/user-pool-id
|
236
|
+
# `
|
197
237
|
#
|
198
238
|
# * For an App Runner service:
|
199
|
-
# `arn:
|
239
|
+
# `arn:partition:apprunner:region:account-id:service/apprunner-service-name/apprunner-service-id
|
200
240
|
# `
|
201
241
|
# @return [String]
|
202
242
|
#
|
@@ -213,6 +253,47 @@ module Aws::WAFV2
|
|
213
253
|
#
|
214
254
|
class AssociateWebACLResponse < Aws::EmptyStructure; end
|
215
255
|
|
256
|
+
# Specifies custom configurations for the associations between the web
|
257
|
+
# ACL and protected resources.
|
258
|
+
#
|
259
|
+
# Use this to customize the maximum size of the request body that your
|
260
|
+
# protected CloudFront distributions forward to WAF for inspection. The
|
261
|
+
# default is 16 KB (16,384 kilobytes).
|
262
|
+
#
|
263
|
+
# <note markdown="1"> You are charged additional fees when your protected resources forward
|
264
|
+
# body sizes that are larger than the default. For more information, see
|
265
|
+
# [WAF Pricing][1].
|
266
|
+
#
|
267
|
+
# </note>
|
268
|
+
#
|
269
|
+
#
|
270
|
+
#
|
271
|
+
# [1]: http://aws.amazon.com/waf/pricing/
|
272
|
+
#
|
273
|
+
# @!attribute [rw] request_body
|
274
|
+
# Customizes the maximum size of the request body that your protected
|
275
|
+
# CloudFront distributions forward to WAF for inspection. The default
|
276
|
+
# size is 16 KB (16,384 kilobytes).
|
277
|
+
#
|
278
|
+
# <note markdown="1"> You are charged additional fees when your protected resources
|
279
|
+
# forward body sizes that are larger than the default. For more
|
280
|
+
# information, see [WAF Pricing][1].
|
281
|
+
#
|
282
|
+
# </note>
|
283
|
+
#
|
284
|
+
#
|
285
|
+
#
|
286
|
+
# [1]: http://aws.amazon.com/waf/pricing/
|
287
|
+
# @return [Hash<String,Types::RequestBodyAssociatedResourceTypeConfig>]
|
288
|
+
#
|
289
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/AssociationConfig AWS API Documentation
|
290
|
+
#
|
291
|
+
class AssociationConfig < Struct.new(
|
292
|
+
:request_body)
|
293
|
+
SENSITIVE = []
|
294
|
+
include Aws::Structure
|
295
|
+
end
|
296
|
+
|
216
297
|
# Specifies that WAF should block the request and optionally defines
|
217
298
|
# additional custom handling for the response to the web request.
|
218
299
|
#
|
@@ -223,13 +304,12 @@ module Aws::WAFV2
|
|
223
304
|
# Defines a custom response for the web request.
|
224
305
|
#
|
225
306
|
# For information about customizing web requests and responses, see
|
226
|
-
# [Customizing web requests and responses in WAF][1] in the
|
227
|
-
# Developer Guide
|
307
|
+
# [Customizing web requests and responses in WAF][1] in the *WAF
|
308
|
+
# Developer Guide*.
|
228
309
|
#
|
229
310
|
#
|
230
311
|
#
|
231
312
|
# [1]: https://docs.aws.amazon.com/waf/latest/developerguide/waf-custom-request-response.html
|
232
|
-
# [2]: https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html
|
233
313
|
# @return [Types::CustomResponse]
|
234
314
|
#
|
235
315
|
# @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/BlockAction AWS API Documentation
|
@@ -248,10 +328,16 @@ module Aws::WAFV2
|
|
248
328
|
#
|
249
329
|
# @!attribute [rw] oversize_handling
|
250
330
|
# What WAF should do if the body is larger than WAF can inspect. WAF
|
251
|
-
# does not support inspecting the entire contents of the
|
252
|
-
#
|
253
|
-
#
|
254
|
-
#
|
331
|
+
# does not support inspecting the entire contents of the web request
|
332
|
+
# body if the body exceeds the limit for the resource type. If the
|
333
|
+
# body is larger than the limit, the underlying host service only
|
334
|
+
# forwards the contents that are below the limit to WAF for
|
335
|
+
# inspection.
|
336
|
+
#
|
337
|
+
# The default limit is 8 KB (8,192 kilobytes) for regional resources
|
338
|
+
# and 16 KB (16,384 kilobytes) for CloudFront distributions. For
|
339
|
+
# CloudFront distributions, you can increase the limit in the web ACL
|
340
|
+
# `AssociationConfig`, for additional processing fees.
|
255
341
|
#
|
256
342
|
# The options for oversize handling are the following:
|
257
343
|
#
|
@@ -266,7 +352,7 @@ module Aws::WAFV2
|
|
266
352
|
#
|
267
353
|
# You can combine the `MATCH` or `NO_MATCH` settings for oversize
|
268
354
|
# handling with your rule and web ACL action settings, so that you
|
269
|
-
# block any request whose body is over
|
355
|
+
# block any request whose body is over the limit.
|
270
356
|
#
|
271
357
|
# Default: `CONTINUE`
|
272
358
|
# @return [String]
|
@@ -422,13 +508,12 @@ module Aws::WAFV2
|
|
422
508
|
# unexpired.
|
423
509
|
#
|
424
510
|
# For information about customizing web requests and responses, see
|
425
|
-
# [Customizing web requests and responses in WAF][1] in the
|
426
|
-
# Developer Guide
|
511
|
+
# [Customizing web requests and responses in WAF][1] in the *WAF
|
512
|
+
# Developer Guide*.
|
427
513
|
#
|
428
514
|
#
|
429
515
|
#
|
430
516
|
# [1]: https://docs.aws.amazon.com/waf/latest/developerguide/waf-custom-request-response.html
|
431
|
-
# [2]: https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html
|
432
517
|
# @return [Types::CustomRequestHandling]
|
433
518
|
#
|
434
519
|
# @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/CaptchaAction AWS API Documentation
|
@@ -531,13 +616,12 @@ module Aws::WAFV2
|
|
531
616
|
# unexpired.
|
532
617
|
#
|
533
618
|
# For information about customizing web requests and responses, see
|
534
|
-
# [Customizing web requests and responses in WAF][1] in the
|
535
|
-
# Developer Guide
|
619
|
+
# [Customizing web requests and responses in WAF][1] in the *WAF
|
620
|
+
# Developer Guide*.
|
536
621
|
#
|
537
622
|
#
|
538
623
|
#
|
539
624
|
# [1]: https://docs.aws.amazon.com/waf/latest/developerguide/waf-custom-request-response.html
|
540
|
-
# [2]: https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html
|
541
625
|
# @return [Types::CustomRequestHandling]
|
542
626
|
#
|
543
627
|
# @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/ChallengeAction AWS API Documentation
|
@@ -596,7 +680,7 @@ module Aws::WAFV2
|
|
596
680
|
# Specifies whether this is for an Amazon CloudFront distribution or
|
597
681
|
# for a regional application. A regional application can be an
|
598
682
|
# Application Load Balancer (ALB), an Amazon API Gateway REST API, an
|
599
|
-
# AppSync GraphQL API,
|
683
|
+
# AppSync GraphQL API, an Amazon Cognito user pool, or an App Runner
|
600
684
|
# service.
|
601
685
|
#
|
602
686
|
# To work with CloudFront, you must also specify the Region US East
|
@@ -756,13 +840,12 @@ module Aws::WAFV2
|
|
756
840
|
# Defines custom handling for the web request.
|
757
841
|
#
|
758
842
|
# For information about customizing web requests and responses, see
|
759
|
-
# [Customizing web requests and responses in WAF][1] in the
|
760
|
-
# Developer Guide
|
843
|
+
# [Customizing web requests and responses in WAF][1] in the *WAF
|
844
|
+
# Developer Guide*.
|
761
845
|
#
|
762
846
|
#
|
763
847
|
#
|
764
848
|
# [1]: https://docs.aws.amazon.com/waf/latest/developerguide/waf-custom-request-response.html
|
765
|
-
# [2]: https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html
|
766
849
|
# @return [Types::CustomRequestHandling]
|
767
850
|
#
|
768
851
|
# @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/CountAction AWS API Documentation
|
@@ -773,6 +856,57 @@ module Aws::WAFV2
|
|
773
856
|
include Aws::Structure
|
774
857
|
end
|
775
858
|
|
859
|
+
# @!attribute [rw] scope
|
860
|
+
# Specifies whether this is for an Amazon CloudFront distribution or
|
861
|
+
# for a regional application. A regional application can be an
|
862
|
+
# Application Load Balancer (ALB), an Amazon API Gateway REST API, an
|
863
|
+
# AppSync GraphQL API, an Amazon Cognito user pool, or an App Runner
|
864
|
+
# service.
|
865
|
+
#
|
866
|
+
# To work with CloudFront, you must also specify the Region US East
|
867
|
+
# (N. Virginia) as follows:
|
868
|
+
#
|
869
|
+
# * CLI - Specify the Region when you use the CloudFront scope:
|
870
|
+
# `--scope=CLOUDFRONT --region=us-east-1`.
|
871
|
+
#
|
872
|
+
# * API and SDKs - For all calls, use the Region endpoint us-east-1.
|
873
|
+
# @return [String]
|
874
|
+
#
|
875
|
+
# @!attribute [rw] token_domains
|
876
|
+
# The client application domains that you want to use this API key
|
877
|
+
# for.
|
878
|
+
# @return [Array<String>]
|
879
|
+
#
|
880
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/CreateAPIKeyRequest AWS API Documentation
|
881
|
+
#
|
882
|
+
class CreateAPIKeyRequest < Struct.new(
|
883
|
+
:scope,
|
884
|
+
:token_domains)
|
885
|
+
SENSITIVE = []
|
886
|
+
include Aws::Structure
|
887
|
+
end
|
888
|
+
|
889
|
+
# @!attribute [rw] api_key
|
890
|
+
# The generated, encrypted API key. You can copy this for use in your
|
891
|
+
# JavaScript CAPTCHA integration.
|
892
|
+
#
|
893
|
+
# For information about how to use this in your CAPTCHA JavaScript
|
894
|
+
# integration, see [WAF client application integration][1] in the *WAF
|
895
|
+
# Developer Guide*.
|
896
|
+
#
|
897
|
+
#
|
898
|
+
#
|
899
|
+
# [1]: https://docs.aws.amazon.com/waf/latest/developerguide/waf-application-integration.html
|
900
|
+
# @return [String]
|
901
|
+
#
|
902
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/CreateAPIKeyResponse AWS API Documentation
|
903
|
+
#
|
904
|
+
class CreateAPIKeyResponse < Struct.new(
|
905
|
+
:api_key)
|
906
|
+
SENSITIVE = []
|
907
|
+
include Aws::Structure
|
908
|
+
end
|
909
|
+
|
776
910
|
# @!attribute [rw] name
|
777
911
|
# The name of the IP set. You cannot change the name of an `IPSet`
|
778
912
|
# after you create it.
|
@@ -782,7 +916,7 @@ module Aws::WAFV2
|
|
782
916
|
# Specifies whether this is for an Amazon CloudFront distribution or
|
783
917
|
# for a regional application. A regional application can be an
|
784
918
|
# Application Load Balancer (ALB), an Amazon API Gateway REST API, an
|
785
|
-
# AppSync GraphQL API,
|
919
|
+
# AppSync GraphQL API, an Amazon Cognito user pool, or an App Runner
|
786
920
|
# service.
|
787
921
|
#
|
788
922
|
# To work with CloudFront, you must also specify the Region US East
|
@@ -889,7 +1023,7 @@ module Aws::WAFV2
|
|
889
1023
|
# Specifies whether this is for an Amazon CloudFront distribution or
|
890
1024
|
# for a regional application. A regional application can be an
|
891
1025
|
# Application Load Balancer (ALB), an Amazon API Gateway REST API, an
|
892
|
-
# AppSync GraphQL API,
|
1026
|
+
# AppSync GraphQL API, an Amazon Cognito user pool, or an App Runner
|
893
1027
|
# service.
|
894
1028
|
#
|
895
1029
|
# To work with CloudFront, you must also specify the Region US East
|
@@ -950,7 +1084,7 @@ module Aws::WAFV2
|
|
950
1084
|
# Specifies whether this is for an Amazon CloudFront distribution or
|
951
1085
|
# for a regional application. A regional application can be an
|
952
1086
|
# Application Load Balancer (ALB), an Amazon API Gateway REST API, an
|
953
|
-
# AppSync GraphQL API,
|
1087
|
+
# AppSync GraphQL API, an Amazon Cognito user pool, or an App Runner
|
954
1088
|
# service.
|
955
1089
|
#
|
956
1090
|
# To work with CloudFront, you must also specify the Region US East
|
@@ -976,8 +1110,13 @@ module Aws::WAFV2
|
|
976
1110
|
# relative cost of each rule. Simple rules that cost little to run use
|
977
1111
|
# fewer WCUs than more complex rules that use more processing power.
|
978
1112
|
# Rule group capacity is fixed at creation, which helps users plan
|
979
|
-
# their web ACL WCU usage when they use a rule group.
|
980
|
-
#
|
1113
|
+
# their web ACL WCU usage when they use a rule group. For more
|
1114
|
+
# information, see [WAF web ACL capacity units (WCU)][1] in the *WAF
|
1115
|
+
# Developer Guide*.
|
1116
|
+
#
|
1117
|
+
#
|
1118
|
+
#
|
1119
|
+
# [1]: https://docs.aws.amazon.com/waf/latest/developerguide/aws-waf-capacity-units.html
|
981
1120
|
# @return [Integer]
|
982
1121
|
#
|
983
1122
|
# @!attribute [rw] description
|
@@ -1007,18 +1146,17 @@ module Aws::WAFV2
|
|
1007
1146
|
# the rules that you define in the rule group.
|
1008
1147
|
#
|
1009
1148
|
# For information about customizing web requests and responses, see
|
1010
|
-
# [Customizing web requests and responses in WAF][1] in the
|
1011
|
-
# Developer Guide
|
1149
|
+
# [Customizing web requests and responses in WAF][1] in the *WAF
|
1150
|
+
# Developer Guide*.
|
1012
1151
|
#
|
1013
1152
|
# For information about the limits on count and size for custom
|
1014
|
-
# request and response settings, see [WAF quotas][
|
1015
|
-
# Developer Guide
|
1153
|
+
# request and response settings, see [WAF quotas][2] in the *WAF
|
1154
|
+
# Developer Guide*.
|
1016
1155
|
#
|
1017
1156
|
#
|
1018
1157
|
#
|
1019
1158
|
# [1]: https://docs.aws.amazon.com/waf/latest/developerguide/waf-custom-request-response.html
|
1020
|
-
# [2]: https://docs.aws.amazon.com/waf/latest/developerguide/
|
1021
|
-
# [3]: https://docs.aws.amazon.com/waf/latest/developerguide/limits.html
|
1159
|
+
# [2]: https://docs.aws.amazon.com/waf/latest/developerguide/limits.html
|
1022
1160
|
# @return [Hash<String,Types::CustomResponseBody>]
|
1023
1161
|
#
|
1024
1162
|
# @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/CreateRuleGroupRequest AWS API Documentation
|
@@ -1061,7 +1199,7 @@ module Aws::WAFV2
|
|
1061
1199
|
# Specifies whether this is for an Amazon CloudFront distribution or
|
1062
1200
|
# for a regional application. A regional application can be an
|
1063
1201
|
# Application Load Balancer (ALB), an Amazon API Gateway REST API, an
|
1064
|
-
# AppSync GraphQL API,
|
1202
|
+
# AppSync GraphQL API, an Amazon Cognito user pool, or an App Runner
|
1065
1203
|
# service.
|
1066
1204
|
#
|
1067
1205
|
# To work with CloudFront, you must also specify the Region US East
|
@@ -1105,18 +1243,17 @@ module Aws::WAFV2
|
|
1105
1243
|
# rules and default actions that you define in the web ACL.
|
1106
1244
|
#
|
1107
1245
|
# For information about customizing web requests and responses, see
|
1108
|
-
# [Customizing web requests and responses in WAF][1] in the
|
1109
|
-
# Developer Guide
|
1246
|
+
# [Customizing web requests and responses in WAF][1] in the *WAF
|
1247
|
+
# Developer Guide*.
|
1110
1248
|
#
|
1111
1249
|
# For information about the limits on count and size for custom
|
1112
|
-
# request and response settings, see [WAF quotas][
|
1113
|
-
# Developer Guide
|
1250
|
+
# request and response settings, see [WAF quotas][2] in the *WAF
|
1251
|
+
# Developer Guide*.
|
1114
1252
|
#
|
1115
1253
|
#
|
1116
1254
|
#
|
1117
1255
|
# [1]: https://docs.aws.amazon.com/waf/latest/developerguide/waf-custom-request-response.html
|
1118
|
-
# [2]: https://docs.aws.amazon.com/waf/latest/developerguide/
|
1119
|
-
# [3]: https://docs.aws.amazon.com/waf/latest/developerguide/limits.html
|
1256
|
+
# [2]: https://docs.aws.amazon.com/waf/latest/developerguide/limits.html
|
1120
1257
|
# @return [Hash<String,Types::CustomResponseBody>]
|
1121
1258
|
#
|
1122
1259
|
# @!attribute [rw] captcha_config
|
@@ -1148,6 +1285,25 @@ module Aws::WAFV2
|
|
1148
1285
|
# `usa.gov` or `co.uk` as token domains.
|
1149
1286
|
# @return [Array<String>]
|
1150
1287
|
#
|
1288
|
+
# @!attribute [rw] association_config
|
1289
|
+
# Specifies custom configurations for the associations between the web
|
1290
|
+
# ACL and protected resources.
|
1291
|
+
#
|
1292
|
+
# Use this to customize the maximum size of the request body that your
|
1293
|
+
# protected CloudFront distributions forward to WAF for inspection.
|
1294
|
+
# The default is 16 KB (16,384 kilobytes).
|
1295
|
+
#
|
1296
|
+
# <note markdown="1"> You are charged additional fees when your protected resources
|
1297
|
+
# forward body sizes that are larger than the default. For more
|
1298
|
+
# information, see [WAF Pricing][1].
|
1299
|
+
#
|
1300
|
+
# </note>
|
1301
|
+
#
|
1302
|
+
#
|
1303
|
+
#
|
1304
|
+
# [1]: http://aws.amazon.com/waf/pricing/
|
1305
|
+
# @return [Types::AssociationConfig]
|
1306
|
+
#
|
1151
1307
|
# @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/CreateWebACLRequest AWS API Documentation
|
1152
1308
|
#
|
1153
1309
|
class CreateWebACLRequest < Struct.new(
|
@@ -1161,7 +1317,8 @@ module Aws::WAFV2
|
|
1161
1317
|
:custom_response_bodies,
|
1162
1318
|
:captcha_config,
|
1163
1319
|
:challenge_config,
|
1164
|
-
:token_domains
|
1320
|
+
:token_domains,
|
1321
|
+
:association_config)
|
1165
1322
|
SENSITIVE = []
|
1166
1323
|
include Aws::Structure
|
1167
1324
|
end
|
@@ -1213,26 +1370,24 @@ module Aws::WAFV2
|
|
1213
1370
|
# `CaptchaAction` for requests with valid t okens, and `AllowAction`.
|
1214
1371
|
#
|
1215
1372
|
# For information about customizing web requests and responses, see
|
1216
|
-
# [Customizing web requests and responses in WAF][1] in the
|
1217
|
-
# Developer Guide
|
1373
|
+
# [Customizing web requests and responses in WAF][1] in the *WAF
|
1374
|
+
# Developer Guide*.
|
1218
1375
|
#
|
1219
1376
|
#
|
1220
1377
|
#
|
1221
1378
|
# [1]: https://docs.aws.amazon.com/waf/latest/developerguide/waf-custom-request-response.html
|
1222
|
-
# [2]: https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html
|
1223
1379
|
#
|
1224
1380
|
# @!attribute [rw] insert_headers
|
1225
1381
|
# The HTTP headers to insert into the request. Duplicate header names
|
1226
1382
|
# are not allowed.
|
1227
1383
|
#
|
1228
1384
|
# For information about the limits on count and size for custom
|
1229
|
-
# request and response settings, see [WAF quotas][1] in the
|
1230
|
-
# Developer Guide
|
1385
|
+
# request and response settings, see [WAF quotas][1] in the *WAF
|
1386
|
+
# Developer Guide*.
|
1231
1387
|
#
|
1232
1388
|
#
|
1233
1389
|
#
|
1234
1390
|
# [1]: https://docs.aws.amazon.com/waf/latest/developerguide/limits.html
|
1235
|
-
# [2]: https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html
|
1236
1391
|
# @return [Array<Types::CustomHTTPHeader>]
|
1237
1392
|
#
|
1238
1393
|
# @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/CustomRequestHandling AWS API Documentation
|
@@ -1248,25 +1403,23 @@ module Aws::WAFV2
|
|
1248
1403
|
# BlockAction.
|
1249
1404
|
#
|
1250
1405
|
# For information about customizing web requests and responses, see
|
1251
|
-
# [Customizing web requests and responses in WAF][1] in the
|
1252
|
-
# Developer Guide
|
1406
|
+
# [Customizing web requests and responses in WAF][1] in the *WAF
|
1407
|
+
# Developer Guide*.
|
1253
1408
|
#
|
1254
1409
|
#
|
1255
1410
|
#
|
1256
1411
|
# [1]: https://docs.aws.amazon.com/waf/latest/developerguide/waf-custom-request-response.html
|
1257
|
-
# [2]: https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html
|
1258
1412
|
#
|
1259
1413
|
# @!attribute [rw] response_code
|
1260
1414
|
# The HTTP status code to return to the client.
|
1261
1415
|
#
|
1262
1416
|
# For a list of status codes that you can use in your custom
|
1263
1417
|
# responses, see [Supported status codes for custom response][1] in
|
1264
|
-
# the
|
1418
|
+
# the *WAF Developer Guide*.
|
1265
1419
|
#
|
1266
1420
|
#
|
1267
1421
|
#
|
1268
1422
|
# [1]: https://docs.aws.amazon.com/waf/latest/developerguide/customizing-the-response-status-codes.html
|
1269
|
-
# [2]: https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html
|
1270
1423
|
# @return [Integer]
|
1271
1424
|
#
|
1272
1425
|
# @!attribute [rw] custom_response_body_key
|
@@ -1285,13 +1438,12 @@ module Aws::WAFV2
|
|
1285
1438
|
# not allowed.
|
1286
1439
|
#
|
1287
1440
|
# For information about the limits on count and size for custom
|
1288
|
-
# request and response settings, see [WAF quotas][1] in the
|
1289
|
-
# Developer Guide
|
1441
|
+
# request and response settings, see [WAF quotas][1] in the *WAF
|
1442
|
+
# Developer Guide*.
|
1290
1443
|
#
|
1291
1444
|
#
|
1292
1445
|
#
|
1293
1446
|
# [1]: https://docs.aws.amazon.com/waf/latest/developerguide/limits.html
|
1294
|
-
# [2]: https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html
|
1295
1447
|
# @return [Array<Types::CustomHTTPHeader>]
|
1296
1448
|
#
|
1297
1449
|
# @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/CustomResponse AWS API Documentation
|
@@ -1319,13 +1471,12 @@ module Aws::WAFV2
|
|
1319
1471
|
# must specify JSON content in the `ContentType` setting.
|
1320
1472
|
#
|
1321
1473
|
# For information about the limits on count and size for custom
|
1322
|
-
# request and response settings, see [WAF quotas][1] in the
|
1323
|
-
# Developer Guide
|
1474
|
+
# request and response settings, see [WAF quotas][1] in the *WAF
|
1475
|
+
# Developer Guide*.
|
1324
1476
|
#
|
1325
1477
|
#
|
1326
1478
|
#
|
1327
1479
|
# [1]: https://docs.aws.amazon.com/waf/latest/developerguide/limits.html
|
1328
|
-
# [2]: https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html
|
1329
1480
|
# @return [String]
|
1330
1481
|
#
|
1331
1482
|
# @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/CustomResponseBody AWS API Documentation
|
@@ -1412,7 +1563,7 @@ module Aws::WAFV2
|
|
1412
1563
|
# Specifies whether this is for an Amazon CloudFront distribution or
|
1413
1564
|
# for a regional application. A regional application can be an
|
1414
1565
|
# Application Load Balancer (ALB), an Amazon API Gateway REST API, an
|
1415
|
-
# AppSync GraphQL API,
|
1566
|
+
# AppSync GraphQL API, an Amazon Cognito user pool, or an App Runner
|
1416
1567
|
# service.
|
1417
1568
|
#
|
1418
1569
|
# To work with CloudFront, you must also specify the Region US East
|
@@ -1502,7 +1653,7 @@ module Aws::WAFV2
|
|
1502
1653
|
# Specifies whether this is for an Amazon CloudFront distribution or
|
1503
1654
|
# for a regional application. A regional application can be an
|
1504
1655
|
# Application Load Balancer (ALB), an Amazon API Gateway REST API, an
|
1505
|
-
# AppSync GraphQL API,
|
1656
|
+
# AppSync GraphQL API, an Amazon Cognito user pool, or an App Runner
|
1506
1657
|
# service.
|
1507
1658
|
#
|
1508
1659
|
# To work with CloudFront, you must also specify the Region US East
|
@@ -1556,7 +1707,7 @@ module Aws::WAFV2
|
|
1556
1707
|
# Specifies whether this is for an Amazon CloudFront distribution or
|
1557
1708
|
# for a regional application. A regional application can be an
|
1558
1709
|
# Application Load Balancer (ALB), an Amazon API Gateway REST API, an
|
1559
|
-
# AppSync GraphQL API,
|
1710
|
+
# AppSync GraphQL API, an Amazon Cognito user pool, or an App Runner
|
1560
1711
|
# service.
|
1561
1712
|
#
|
1562
1713
|
# To work with CloudFront, you must also specify the Region US East
|
@@ -1610,7 +1761,7 @@ module Aws::WAFV2
|
|
1610
1761
|
# Specifies whether this is for an Amazon CloudFront distribution or
|
1611
1762
|
# for a regional application. A regional application can be an
|
1612
1763
|
# Application Load Balancer (ALB), an Amazon API Gateway REST API, an
|
1613
|
-
# AppSync GraphQL API,
|
1764
|
+
# AppSync GraphQL API, an Amazon Cognito user pool, or an App Runner
|
1614
1765
|
# service.
|
1615
1766
|
#
|
1616
1767
|
# To work with CloudFront, you must also specify the Region US East
|
@@ -1669,7 +1820,7 @@ module Aws::WAFV2
|
|
1669
1820
|
# Specifies whether this is for an Amazon CloudFront distribution or
|
1670
1821
|
# for a regional application. A regional application can be an
|
1671
1822
|
# Application Load Balancer (ALB), an Amazon API Gateway REST API, an
|
1672
|
-
# AppSync GraphQL API,
|
1823
|
+
# AppSync GraphQL API, an Amazon Cognito user pool, or an App Runner
|
1673
1824
|
# service.
|
1674
1825
|
#
|
1675
1826
|
# To work with CloudFront, you must also specify the Region US East
|
@@ -1716,13 +1867,21 @@ module Aws::WAFV2
|
|
1716
1867
|
# @return [String]
|
1717
1868
|
#
|
1718
1869
|
# @!attribute [rw] capacity
|
1719
|
-
# The web ACL capacity units (WCUs) required for this rule group.
|
1720
|
-
#
|
1721
|
-
#
|
1722
|
-
#
|
1723
|
-
#
|
1724
|
-
#
|
1725
|
-
#
|
1870
|
+
# The web ACL capacity units (WCUs) required for this rule group.
|
1871
|
+
#
|
1872
|
+
# WAF uses WCUs to calculate and control the operating resources that
|
1873
|
+
# are used to run your rules, rule groups, and web ACLs. WAF
|
1874
|
+
# calculates capacity differently for each rule type, to reflect the
|
1875
|
+
# relative cost of each rule. Simple rules that cost little to run use
|
1876
|
+
# fewer WCUs than more complex rules that use more processing power.
|
1877
|
+
# Rule group capacity is fixed at creation, which helps users plan
|
1878
|
+
# their web ACL WCU usage when they use a rule group. For more
|
1879
|
+
# information, see [WAF web ACL capacity units (WCU)][1] in the *WAF
|
1880
|
+
# Developer Guide*.
|
1881
|
+
#
|
1882
|
+
#
|
1883
|
+
#
|
1884
|
+
# [1]: https://docs.aws.amazon.com/waf/latest/developerguide/aws-waf-capacity-units.html
|
1726
1885
|
# @return [Integer]
|
1727
1886
|
#
|
1728
1887
|
# @!attribute [rw] rules
|
@@ -1779,20 +1938,22 @@ module Aws::WAFV2
|
|
1779
1938
|
# The ARN must be in one of the following formats:
|
1780
1939
|
#
|
1781
1940
|
# * For an Application Load Balancer:
|
1782
|
-
# `arn:
|
1941
|
+
# `arn:partition:elasticloadbalancing:region:account-id:loadbalancer/app/load-balancer-name/load-balancer-id
|
1783
1942
|
# `
|
1784
1943
|
#
|
1785
1944
|
# * For an Amazon API Gateway REST API:
|
1786
|
-
# `arn:
|
1945
|
+
# `arn:partition:apigateway:region::/restapis/api-id/stages/stage-name
|
1946
|
+
# `
|
1787
1947
|
#
|
1788
1948
|
# * For an AppSync GraphQL API:
|
1789
|
-
# `arn:
|
1949
|
+
# `arn:partition:appsync:region:account-id:apis/GraphQLApiId `
|
1790
1950
|
#
|
1791
1951
|
# * For an Amazon Cognito user pool:
|
1792
|
-
# `arn:
|
1952
|
+
# `arn:partition:cognito-idp:region:account-id:userpool/user-pool-id
|
1953
|
+
# `
|
1793
1954
|
#
|
1794
1955
|
# * For an App Runner service:
|
1795
|
-
# `arn:
|
1956
|
+
# `arn:partition:apprunner:region:account-id:service/apprunner-service-name/apprunner-service-id
|
1796
1957
|
# `
|
1797
1958
|
# @return [String]
|
1798
1959
|
#
|
@@ -1882,10 +2043,15 @@ module Aws::WAFV2
|
|
1882
2043
|
# contains any additional data that you want to send to your web
|
1883
2044
|
# server as the HTTP request body, such as data from a form.
|
1884
2045
|
#
|
1885
|
-
#
|
1886
|
-
#
|
1887
|
-
#
|
1888
|
-
#
|
2046
|
+
# A limited amount of the request body is forwarded to WAF for
|
2047
|
+
# inspection by the underlying host service. For regional resources,
|
2048
|
+
# the limit is 8 KB (8,192 kilobytes) and for CloudFront
|
2049
|
+
# distributions, the limit is 16 KB (16,384 kilobytes). For CloudFront
|
2050
|
+
# distributions, you can increase the limit in the web ACL's
|
2051
|
+
# `AssociationConfig`, for additional processing fees.
|
2052
|
+
#
|
2053
|
+
# For information about how to handle oversized request bodies, see
|
2054
|
+
# the `Body` object configuration.
|
1889
2055
|
# @return [Types::Body]
|
1890
2056
|
#
|
1891
2057
|
# @!attribute [rw] method
|
@@ -1899,10 +2065,15 @@ module Aws::WAFV2
|
|
1899
2065
|
# contains any additional data that you want to send to your web
|
1900
2066
|
# server as the HTTP request body, such as data from a form.
|
1901
2067
|
#
|
1902
|
-
#
|
1903
|
-
#
|
1904
|
-
#
|
1905
|
-
#
|
2068
|
+
# A limited amount of the request body is forwarded to WAF for
|
2069
|
+
# inspection by the underlying host service. For regional resources,
|
2070
|
+
# the limit is 8 KB (8,192 kilobytes) and for CloudFront
|
2071
|
+
# distributions, the limit is 16 KB (16,384 kilobytes). For CloudFront
|
2072
|
+
# distributions, you can increase the limit in the web ACL's
|
2073
|
+
# `AssociationConfig`, for additional processing fees.
|
2074
|
+
#
|
2075
|
+
# For information about how to handle oversized request bodies, see
|
2076
|
+
# the `JsonBody` object configuration.
|
1906
2077
|
# @return [Types::JsonBody]
|
1907
2078
|
#
|
1908
2079
|
# @!attribute [rw] headers
|
@@ -2033,40 +2204,19 @@ module Aws::WAFV2
|
|
2033
2204
|
end
|
2034
2205
|
|
2035
2206
|
# The processing guidance for an Firewall Manager rule. This is like a
|
2036
|
-
# regular rule Statement, but it can only contain a rule group
|
2207
|
+
# regular rule Statement, but it can only contain a single rule group
|
2037
2208
|
# reference.
|
2038
2209
|
#
|
2039
2210
|
# @!attribute [rw] managed_rule_group_statement
|
2040
|
-
# A
|
2041
|
-
#
|
2042
|
-
#
|
2043
|
-
# calling ListAvailableManagedRuleGroups.
|
2044
|
-
#
|
2045
|
-
# You cannot nest a `ManagedRuleGroupStatement`, for example for use
|
2046
|
-
# inside a `NotStatement` or `OrStatement`. It can only be referenced
|
2047
|
-
# as a top-level statement within a rule.
|
2048
|
-
#
|
2049
|
-
# <note markdown="1"> You are charged additional fees when you use the WAF Bot Control
|
2050
|
-
# managed rule group `AWSManagedRulesBotControlRuleSet` or the WAF
|
2051
|
-
# Fraud Control account takeover prevention (ATP) managed rule group
|
2052
|
-
# `AWSManagedRulesATPRuleSet`. For more information, see [WAF
|
2053
|
-
# Pricing][1].
|
2054
|
-
#
|
2055
|
-
# </note>
|
2056
|
-
#
|
2057
|
-
#
|
2058
|
-
#
|
2059
|
-
# [1]: http://aws.amazon.com/waf/pricing/
|
2211
|
+
# A statement used by Firewall Manager to run the rules that are
|
2212
|
+
# defined in a managed rule group. This is managed by Firewall Manager
|
2213
|
+
# for an Firewall Manager WAF policy.
|
2060
2214
|
# @return [Types::ManagedRuleGroupStatement]
|
2061
2215
|
#
|
2062
2216
|
# @!attribute [rw] rule_group_reference_statement
|
2063
|
-
# A
|
2064
|
-
#
|
2065
|
-
#
|
2066
|
-
#
|
2067
|
-
# You cannot nest a `RuleGroupReferenceStatement`, for example for use
|
2068
|
-
# inside a `NotStatement` or `OrStatement`. You can only use a rule
|
2069
|
-
# group reference statement at the top level inside a web ACL.
|
2217
|
+
# A statement used by Firewall Manager to run the rules that are
|
2218
|
+
# defined in a rule group. This is managed by Firewall Manager for an
|
2219
|
+
# Firewall Manager WAF policy.
|
2070
2220
|
# @return [Types::RuleGroupReferenceStatement]
|
2071
2221
|
#
|
2072
2222
|
# @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/FirewallManagerStatement AWS API Documentation
|
@@ -2234,6 +2384,52 @@ module Aws::WAFV2
|
|
2234
2384
|
include Aws::Structure
|
2235
2385
|
end
|
2236
2386
|
|
2387
|
+
# @!attribute [rw] scope
|
2388
|
+
# Specifies whether this is for an Amazon CloudFront distribution or
|
2389
|
+
# for a regional application. A regional application can be an
|
2390
|
+
# Application Load Balancer (ALB), an Amazon API Gateway REST API, an
|
2391
|
+
# AppSync GraphQL API, an Amazon Cognito user pool, or an App Runner
|
2392
|
+
# service.
|
2393
|
+
#
|
2394
|
+
# To work with CloudFront, you must also specify the Region US East
|
2395
|
+
# (N. Virginia) as follows:
|
2396
|
+
#
|
2397
|
+
# * CLI - Specify the Region when you use the CloudFront scope:
|
2398
|
+
# `--scope=CLOUDFRONT --region=us-east-1`.
|
2399
|
+
#
|
2400
|
+
# * API and SDKs - For all calls, use the Region endpoint us-east-1.
|
2401
|
+
# @return [String]
|
2402
|
+
#
|
2403
|
+
# @!attribute [rw] api_key
|
2404
|
+
# The encrypted API key.
|
2405
|
+
# @return [String]
|
2406
|
+
#
|
2407
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/GetDecryptedAPIKeyRequest AWS API Documentation
|
2408
|
+
#
|
2409
|
+
class GetDecryptedAPIKeyRequest < Struct.new(
|
2410
|
+
:scope,
|
2411
|
+
:api_key)
|
2412
|
+
SENSITIVE = []
|
2413
|
+
include Aws::Structure
|
2414
|
+
end
|
2415
|
+
|
2416
|
+
# @!attribute [rw] token_domains
|
2417
|
+
# The token domains that are defined in this API key.
|
2418
|
+
# @return [Array<String>]
|
2419
|
+
#
|
2420
|
+
# @!attribute [rw] creation_timestamp
|
2421
|
+
# The date and time that the key was created.
|
2422
|
+
# @return [Time]
|
2423
|
+
#
|
2424
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/GetDecryptedAPIKeyResponse AWS API Documentation
|
2425
|
+
#
|
2426
|
+
class GetDecryptedAPIKeyResponse < Struct.new(
|
2427
|
+
:token_domains,
|
2428
|
+
:creation_timestamp)
|
2429
|
+
SENSITIVE = []
|
2430
|
+
include Aws::Structure
|
2431
|
+
end
|
2432
|
+
|
2237
2433
|
# @!attribute [rw] name
|
2238
2434
|
# The name of the IP set. You cannot change the name of an `IPSet`
|
2239
2435
|
# after you create it.
|
@@ -2243,7 +2439,7 @@ module Aws::WAFV2
|
|
2243
2439
|
# Specifies whether this is for an Amazon CloudFront distribution or
|
2244
2440
|
# for a regional application. A regional application can be an
|
2245
2441
|
# Application Load Balancer (ALB), an Amazon API Gateway REST API, an
|
2246
|
-
# AppSync GraphQL API,
|
2442
|
+
# AppSync GraphQL API, an Amazon Cognito user pool, or an App Runner
|
2247
2443
|
# service.
|
2248
2444
|
#
|
2249
2445
|
# To work with CloudFront, you must also specify the Region US East
|
@@ -2332,7 +2528,7 @@ module Aws::WAFV2
|
|
2332
2528
|
# Specifies whether this is for an Amazon CloudFront distribution or
|
2333
2529
|
# for a regional application. A regional application can be an
|
2334
2530
|
# Application Load Balancer (ALB), an Amazon API Gateway REST API, an
|
2335
|
-
# AppSync GraphQL API,
|
2531
|
+
# AppSync GraphQL API, an Amazon Cognito user pool, or an App Runner
|
2336
2532
|
# service.
|
2337
2533
|
#
|
2338
2534
|
# To work with CloudFront, you must also specify the Region US East
|
@@ -2445,7 +2641,7 @@ module Aws::WAFV2
|
|
2445
2641
|
# Specifies whether this is for an Amazon CloudFront distribution or
|
2446
2642
|
# for a regional application. A regional application can be an
|
2447
2643
|
# Application Load Balancer (ALB), an Amazon API Gateway REST API, an
|
2448
|
-
# AppSync GraphQL API,
|
2644
|
+
# AppSync GraphQL API, an Amazon Cognito user pool, or an App Runner
|
2449
2645
|
# service.
|
2450
2646
|
#
|
2451
2647
|
# To work with CloudFront, you must also specify the Region US East
|
@@ -2519,7 +2715,7 @@ module Aws::WAFV2
|
|
2519
2715
|
# Specifies whether this is for an Amazon CloudFront distribution or
|
2520
2716
|
# for a regional application. A regional application can be an
|
2521
2717
|
# Application Load Balancer (ALB), an Amazon API Gateway REST API, an
|
2522
|
-
# AppSync GraphQL API,
|
2718
|
+
# AppSync GraphQL API, an Amazon Cognito user pool, or an App Runner
|
2523
2719
|
# service.
|
2524
2720
|
#
|
2525
2721
|
# To work with CloudFront, you must also specify the Region US East
|
@@ -2580,7 +2776,7 @@ module Aws::WAFV2
|
|
2580
2776
|
# Specifies whether this is for an Amazon CloudFront distribution or
|
2581
2777
|
# for a regional application. A regional application can be an
|
2582
2778
|
# Application Load Balancer (ALB), an Amazon API Gateway REST API, an
|
2583
|
-
# AppSync GraphQL API,
|
2779
|
+
# AppSync GraphQL API, an Amazon Cognito user pool, or an App Runner
|
2584
2780
|
# service.
|
2585
2781
|
#
|
2586
2782
|
# To work with CloudFront, you must also specify the Region US East
|
@@ -2651,7 +2847,7 @@ module Aws::WAFV2
|
|
2651
2847
|
# Specifies whether this is for an Amazon CloudFront distribution or
|
2652
2848
|
# for a regional application. A regional application can be an
|
2653
2849
|
# Application Load Balancer (ALB), an Amazon API Gateway REST API, an
|
2654
|
-
# AppSync GraphQL API,
|
2850
|
+
# AppSync GraphQL API, an Amazon Cognito user pool, or an App Runner
|
2655
2851
|
# service.
|
2656
2852
|
#
|
2657
2853
|
# To work with CloudFront, you must also specify the Region US East
|
@@ -2731,20 +2927,22 @@ module Aws::WAFV2
|
|
2731
2927
|
# The ARN must be in one of the following formats:
|
2732
2928
|
#
|
2733
2929
|
# * For an Application Load Balancer:
|
2734
|
-
# `arn:
|
2930
|
+
# `arn:partition:elasticloadbalancing:region:account-id:loadbalancer/app/load-balancer-name/load-balancer-id
|
2735
2931
|
# `
|
2736
2932
|
#
|
2737
2933
|
# * For an Amazon API Gateway REST API:
|
2738
|
-
# `arn:
|
2934
|
+
# `arn:partition:apigateway:region::/restapis/api-id/stages/stage-name
|
2935
|
+
# `
|
2739
2936
|
#
|
2740
2937
|
# * For an AppSync GraphQL API:
|
2741
|
-
# `arn:
|
2938
|
+
# `arn:partition:appsync:region:account-id:apis/GraphQLApiId `
|
2742
2939
|
#
|
2743
2940
|
# * For an Amazon Cognito user pool:
|
2744
|
-
# `arn:
|
2941
|
+
# `arn:partition:cognito-idp:region:account-id:userpool/user-pool-id
|
2942
|
+
# `
|
2745
2943
|
#
|
2746
2944
|
# * For an App Runner service:
|
2747
|
-
# `arn:
|
2945
|
+
# `arn:partition:apprunner:region:account-id:service/apprunner-service-name/apprunner-service-id
|
2748
2946
|
# `
|
2749
2947
|
# @return [String]
|
2750
2948
|
#
|
@@ -2778,7 +2976,7 @@ module Aws::WAFV2
|
|
2778
2976
|
# Specifies whether this is for an Amazon CloudFront distribution or
|
2779
2977
|
# for a regional application. A regional application can be an
|
2780
2978
|
# Application Load Balancer (ALB), an Amazon API Gateway REST API, an
|
2781
|
-
# AppSync GraphQL API,
|
2979
|
+
# AppSync GraphQL API, an Amazon Cognito user pool, or an App Runner
|
2782
2980
|
# service.
|
2783
2981
|
#
|
2784
2982
|
# To work with CloudFront, you must also specify the Region US East
|
@@ -3347,10 +3545,16 @@ module Aws::WAFV2
|
|
3347
3545
|
#
|
3348
3546
|
# @!attribute [rw] oversize_handling
|
3349
3547
|
# What WAF should do if the body is larger than WAF can inspect. WAF
|
3350
|
-
# does not support inspecting the entire contents of the
|
3351
|
-
#
|
3352
|
-
#
|
3353
|
-
#
|
3548
|
+
# does not support inspecting the entire contents of the web request
|
3549
|
+
# body if the body exceeds the limit for the resource type. If the
|
3550
|
+
# body is larger than the limit, the underlying host service only
|
3551
|
+
# forwards the contents that are below the limit to WAF for
|
3552
|
+
# inspection.
|
3553
|
+
#
|
3554
|
+
# The default limit is 8 KB (8,192 kilobytes) for regional resources
|
3555
|
+
# and 16 KB (16,384 kilobytes) for CloudFront distributions. For
|
3556
|
+
# CloudFront distributions, you can increase the limit in the web ACL
|
3557
|
+
# `AssociationConfig`, for additional processing fees.
|
3354
3558
|
#
|
3355
3559
|
# The options for oversize handling are the following:
|
3356
3560
|
#
|
@@ -3365,7 +3569,7 @@ module Aws::WAFV2
|
|
3365
3569
|
#
|
3366
3570
|
# You can combine the `MATCH` or `NO_MATCH` settings for oversize
|
3367
3571
|
# handling with your rule and web ACL action settings, so that you
|
3368
|
-
# block any request whose body is over
|
3572
|
+
# block any request whose body is over the limit.
|
3369
3573
|
#
|
3370
3574
|
# Default: `CONTINUE`
|
3371
3575
|
# @return [String]
|
@@ -3523,6 +3727,83 @@ module Aws::WAFV2
|
|
3523
3727
|
include Aws::Structure
|
3524
3728
|
end
|
3525
3729
|
|
3730
|
+
# @!attribute [rw] scope
|
3731
|
+
# Specifies whether this is for an Amazon CloudFront distribution or
|
3732
|
+
# for a regional application. A regional application can be an
|
3733
|
+
# Application Load Balancer (ALB), an Amazon API Gateway REST API, an
|
3734
|
+
# AppSync GraphQL API, an Amazon Cognito user pool, or an App Runner
|
3735
|
+
# service.
|
3736
|
+
#
|
3737
|
+
# To work with CloudFront, you must also specify the Region US East
|
3738
|
+
# (N. Virginia) as follows:
|
3739
|
+
#
|
3740
|
+
# * CLI - Specify the Region when you use the CloudFront scope:
|
3741
|
+
# `--scope=CLOUDFRONT --region=us-east-1`.
|
3742
|
+
#
|
3743
|
+
# * API and SDKs - For all calls, use the Region endpoint us-east-1.
|
3744
|
+
# @return [String]
|
3745
|
+
#
|
3746
|
+
# @!attribute [rw] next_marker
|
3747
|
+
# When you request a list of objects with a `Limit` setting, if the
|
3748
|
+
# number of objects that are still available for retrieval exceeds the
|
3749
|
+
# limit, WAF returns a `NextMarker` value in the response. To retrieve
|
3750
|
+
# the next batch of objects, provide the marker from the prior call in
|
3751
|
+
# your next request.
|
3752
|
+
# @return [String]
|
3753
|
+
#
|
3754
|
+
# @!attribute [rw] limit
|
3755
|
+
# The maximum number of objects that you want WAF to return for this
|
3756
|
+
# request. If more objects are available, in the response, WAF
|
3757
|
+
# provides a `NextMarker` value that you can use in a subsequent call
|
3758
|
+
# to get the next batch of objects.
|
3759
|
+
# @return [Integer]
|
3760
|
+
#
|
3761
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/ListAPIKeysRequest AWS API Documentation
|
3762
|
+
#
|
3763
|
+
class ListAPIKeysRequest < Struct.new(
|
3764
|
+
:scope,
|
3765
|
+
:next_marker,
|
3766
|
+
:limit)
|
3767
|
+
SENSITIVE = []
|
3768
|
+
include Aws::Structure
|
3769
|
+
end
|
3770
|
+
|
3771
|
+
# @!attribute [rw] next_marker
|
3772
|
+
# When you request a list of objects with a `Limit` setting, if the
|
3773
|
+
# number of objects that are still available for retrieval exceeds the
|
3774
|
+
# limit, WAF returns a `NextMarker` value in the response. To retrieve
|
3775
|
+
# the next batch of objects, provide the marker from the prior call in
|
3776
|
+
# your next request.
|
3777
|
+
# @return [String]
|
3778
|
+
#
|
3779
|
+
# @!attribute [rw] api_key_summaries
|
3780
|
+
# The array of key summaries. If you specified a `Limit` in your
|
3781
|
+
# request, this might not be the full list.
|
3782
|
+
# @return [Array<Types::APIKeySummary>]
|
3783
|
+
#
|
3784
|
+
# @!attribute [rw] application_integration_url
|
3785
|
+
# The CAPTCHA application integration URL, for use in your JavaScript
|
3786
|
+
# implementation.
|
3787
|
+
#
|
3788
|
+
# For information about how to use this in your CAPTCHA JavaScript
|
3789
|
+
# integration, see [WAF client application integration][1] in the *WAF
|
3790
|
+
# Developer Guide*.
|
3791
|
+
#
|
3792
|
+
#
|
3793
|
+
#
|
3794
|
+
# [1]: https://docs.aws.amazon.com/waf/latest/developerguide/waf-application-integration.html
|
3795
|
+
# @return [String]
|
3796
|
+
#
|
3797
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/ListAPIKeysResponse AWS API Documentation
|
3798
|
+
#
|
3799
|
+
class ListAPIKeysResponse < Struct.new(
|
3800
|
+
:next_marker,
|
3801
|
+
:api_key_summaries,
|
3802
|
+
:application_integration_url)
|
3803
|
+
SENSITIVE = []
|
3804
|
+
include Aws::Structure
|
3805
|
+
end
|
3806
|
+
|
3526
3807
|
# @!attribute [rw] vendor_name
|
3527
3808
|
# The name of the managed rule group vendor. You use this, along with
|
3528
3809
|
# the rule group name, to identify the rule group.
|
@@ -3537,7 +3818,7 @@ module Aws::WAFV2
|
|
3537
3818
|
# Specifies whether this is for an Amazon CloudFront distribution or
|
3538
3819
|
# for a regional application. A regional application can be an
|
3539
3820
|
# Application Load Balancer (ALB), an Amazon API Gateway REST API, an
|
3540
|
-
# AppSync GraphQL API,
|
3821
|
+
# AppSync GraphQL API, an Amazon Cognito user pool, or an App Runner
|
3541
3822
|
# service.
|
3542
3823
|
#
|
3543
3824
|
# To work with CloudFront, you must also specify the Region US East
|
@@ -3586,7 +3867,8 @@ module Aws::WAFV2
|
|
3586
3867
|
#
|
3587
3868
|
# @!attribute [rw] versions
|
3588
3869
|
# The versions that are currently available for the specified managed
|
3589
|
-
# rule group.
|
3870
|
+
# rule group. If you specified a `Limit` in your request, this might
|
3871
|
+
# not be the full list.
|
3590
3872
|
# @return [Array<Types::ManagedRuleGroupVersion>]
|
3591
3873
|
#
|
3592
3874
|
# @!attribute [rw] current_default_version
|
@@ -3607,7 +3889,7 @@ module Aws::WAFV2
|
|
3607
3889
|
# Specifies whether this is for an Amazon CloudFront distribution or
|
3608
3890
|
# for a regional application. A regional application can be an
|
3609
3891
|
# Application Load Balancer (ALB), an Amazon API Gateway REST API, an
|
3610
|
-
# AppSync GraphQL API,
|
3892
|
+
# AppSync GraphQL API, an Amazon Cognito user pool, or an App Runner
|
3611
3893
|
# service.
|
3612
3894
|
#
|
3613
3895
|
# To work with CloudFront, you must also specify the Region US East
|
@@ -3653,6 +3935,8 @@ module Aws::WAFV2
|
|
3653
3935
|
# @return [String]
|
3654
3936
|
#
|
3655
3937
|
# @!attribute [rw] managed_rule_groups
|
3938
|
+
# Array of managed rule groups that you can use. If you specified a
|
3939
|
+
# `Limit` in your request, this might not be the full list.
|
3656
3940
|
# @return [Array<Types::ManagedRuleGroupSummary>]
|
3657
3941
|
#
|
3658
3942
|
# @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/ListAvailableManagedRuleGroupsResponse AWS API Documentation
|
@@ -3668,7 +3952,7 @@ module Aws::WAFV2
|
|
3668
3952
|
# Specifies whether this is for an Amazon CloudFront distribution or
|
3669
3953
|
# for a regional application. A regional application can be an
|
3670
3954
|
# Application Load Balancer (ALB), an Amazon API Gateway REST API, an
|
3671
|
-
# AppSync GraphQL API,
|
3955
|
+
# AppSync GraphQL API, an Amazon Cognito user pool, or an App Runner
|
3672
3956
|
# service.
|
3673
3957
|
#
|
3674
3958
|
# To work with CloudFront, you must also specify the Region US East
|
@@ -3714,8 +3998,8 @@ module Aws::WAFV2
|
|
3714
3998
|
# @return [String]
|
3715
3999
|
#
|
3716
4000
|
# @!attribute [rw] ip_sets
|
3717
|
-
# Array of IPSets.
|
3718
|
-
#
|
4001
|
+
# Array of IPSets. If you specified a `Limit` in your request, this
|
4002
|
+
# might not be the full list.
|
3719
4003
|
# @return [Array<Types::IPSetSummary>]
|
3720
4004
|
#
|
3721
4005
|
# @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/ListIPSetsResponse AWS API Documentation
|
@@ -3731,7 +4015,7 @@ module Aws::WAFV2
|
|
3731
4015
|
# Specifies whether this is for an Amazon CloudFront distribution or
|
3732
4016
|
# for a regional application. A regional application can be an
|
3733
4017
|
# Application Load Balancer (ALB), an Amazon API Gateway REST API, an
|
3734
|
-
# AppSync GraphQL API,
|
4018
|
+
# AppSync GraphQL API, an Amazon Cognito user pool, or an App Runner
|
3735
4019
|
# service.
|
3736
4020
|
#
|
3737
4021
|
# To work with CloudFront, you must also specify the Region US East
|
@@ -3769,6 +4053,8 @@ module Aws::WAFV2
|
|
3769
4053
|
end
|
3770
4054
|
|
3771
4055
|
# @!attribute [rw] logging_configurations
|
4056
|
+
# Array of logging configurations. If you specified a `Limit` in your
|
4057
|
+
# request, this might not be the full list.
|
3772
4058
|
# @return [Array<Types::LoggingConfiguration>]
|
3773
4059
|
#
|
3774
4060
|
# @!attribute [rw] next_marker
|
@@ -3792,7 +4078,7 @@ module Aws::WAFV2
|
|
3792
4078
|
# Specifies whether this is for an Amazon CloudFront distribution or
|
3793
4079
|
# for a regional application. A regional application can be an
|
3794
4080
|
# Application Load Balancer (ALB), an Amazon API Gateway REST API, an
|
3795
|
-
# AppSync GraphQL API,
|
4081
|
+
# AppSync GraphQL API, an Amazon Cognito user pool, or an App Runner
|
3796
4082
|
# service.
|
3797
4083
|
#
|
3798
4084
|
# To work with CloudFront, you must also specify the Region US East
|
@@ -3838,7 +4124,8 @@ module Aws::WAFV2
|
|
3838
4124
|
# @return [String]
|
3839
4125
|
#
|
3840
4126
|
# @!attribute [rw] managed_rule_sets
|
3841
|
-
# Your managed rule sets.
|
4127
|
+
# Your managed rule sets. If you specified a `Limit` in your request,
|
4128
|
+
# this might not be the full list.
|
3842
4129
|
# @return [Array<Types::ManagedRuleSetSummary>]
|
3843
4130
|
#
|
3844
4131
|
# @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/ListManagedRuleSetsResponse AWS API Documentation
|
@@ -3880,7 +4167,9 @@ module Aws::WAFV2
|
|
3880
4167
|
end
|
3881
4168
|
|
3882
4169
|
# @!attribute [rw] release_summaries
|
3883
|
-
#
|
4170
|
+
# The high level information for the available SDK releases. If you
|
4171
|
+
# specified a `Limit` in your request, this might not be the full
|
4172
|
+
# list.
|
3884
4173
|
# @return [Array<Types::ReleaseSummary>]
|
3885
4174
|
#
|
3886
4175
|
# @!attribute [rw] next_marker
|
@@ -3904,7 +4193,7 @@ module Aws::WAFV2
|
|
3904
4193
|
# Specifies whether this is for an Amazon CloudFront distribution or
|
3905
4194
|
# for a regional application. A regional application can be an
|
3906
4195
|
# Application Load Balancer (ALB), an Amazon API Gateway REST API, an
|
3907
|
-
# AppSync GraphQL API,
|
4196
|
+
# AppSync GraphQL API, an Amazon Cognito user pool, or an App Runner
|
3908
4197
|
# service.
|
3909
4198
|
#
|
3910
4199
|
# To work with CloudFront, you must also specify the Region US East
|
@@ -3950,6 +4239,8 @@ module Aws::WAFV2
|
|
3950
4239
|
# @return [String]
|
3951
4240
|
#
|
3952
4241
|
# @!attribute [rw] regex_pattern_sets
|
4242
|
+
# Array of regex pattern sets. If you specified a `Limit` in your
|
4243
|
+
# request, this might not be the full list.
|
3953
4244
|
# @return [Array<Types::RegexPatternSetSummary>]
|
3954
4245
|
#
|
3955
4246
|
# @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/ListRegexPatternSetsResponse AWS API Documentation
|
@@ -3968,7 +4259,7 @@ module Aws::WAFV2
|
|
3968
4259
|
# @!attribute [rw] resource_type
|
3969
4260
|
# Used for web ACLs that are scoped for regional applications. A
|
3970
4261
|
# regional application can be an Application Load Balancer (ALB), an
|
3971
|
-
# Amazon API Gateway REST API, an AppSync GraphQL API,
|
4262
|
+
# Amazon API Gateway REST API, an AppSync GraphQL API, an Amazon
|
3972
4263
|
# Cognito user pool, or an App Runner service.
|
3973
4264
|
#
|
3974
4265
|
# <note markdown="1"> If you don't provide a resource type, the call uses the resource
|
@@ -4005,7 +4296,7 @@ module Aws::WAFV2
|
|
4005
4296
|
# Specifies whether this is for an Amazon CloudFront distribution or
|
4006
4297
|
# for a regional application. A regional application can be an
|
4007
4298
|
# Application Load Balancer (ALB), an Amazon API Gateway REST API, an
|
4008
|
-
# AppSync GraphQL API,
|
4299
|
+
# AppSync GraphQL API, an Amazon Cognito user pool, or an App Runner
|
4009
4300
|
# service.
|
4010
4301
|
#
|
4011
4302
|
# To work with CloudFront, you must also specify the Region US East
|
@@ -4051,6 +4342,8 @@ module Aws::WAFV2
|
|
4051
4342
|
# @return [String]
|
4052
4343
|
#
|
4053
4344
|
# @!attribute [rw] rule_groups
|
4345
|
+
# Array of rule groups. If you specified a `Limit` in your request,
|
4346
|
+
# this might not be the full list.
|
4054
4347
|
# @return [Array<Types::RuleGroupSummary>]
|
4055
4348
|
#
|
4056
4349
|
# @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/ListRuleGroupsResponse AWS API Documentation
|
@@ -4100,7 +4393,9 @@ module Aws::WAFV2
|
|
4100
4393
|
# @return [String]
|
4101
4394
|
#
|
4102
4395
|
# @!attribute [rw] tag_info_for_resource
|
4103
|
-
# The collection of tagging definitions for the resource.
|
4396
|
+
# The collection of tagging definitions for the resource. If you
|
4397
|
+
# specified a `Limit` in your request, this might not be the full
|
4398
|
+
# list.
|
4104
4399
|
# @return [Types::TagInfoForResource]
|
4105
4400
|
#
|
4106
4401
|
# @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/ListTagsForResourceResponse AWS API Documentation
|
@@ -4116,7 +4411,7 @@ module Aws::WAFV2
|
|
4116
4411
|
# Specifies whether this is for an Amazon CloudFront distribution or
|
4117
4412
|
# for a regional application. A regional application can be an
|
4118
4413
|
# Application Load Balancer (ALB), an Amazon API Gateway REST API, an
|
4119
|
-
# AppSync GraphQL API,
|
4414
|
+
# AppSync GraphQL API, an Amazon Cognito user pool, or an App Runner
|
4120
4415
|
# service.
|
4121
4416
|
#
|
4122
4417
|
# To work with CloudFront, you must also specify the Region US East
|
@@ -4162,6 +4457,8 @@ module Aws::WAFV2
|
|
4162
4457
|
# @return [String]
|
4163
4458
|
#
|
4164
4459
|
# @!attribute [rw] web_acls
|
4460
|
+
# Array of web ACLs. If you specified a `Limit` in your request, this
|
4461
|
+
# might not be the full list.
|
4165
4462
|
# @return [Array<Types::WebACLSummary>]
|
4166
4463
|
#
|
4167
4464
|
# @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/ListWebACLsResponse AWS API Documentation
|
@@ -4721,8 +5018,13 @@ module Aws::WAFV2
|
|
4721
5018
|
# relative cost of each rule. Simple rules that cost little to run use
|
4722
5019
|
# fewer WCUs than more complex rules that use more processing power.
|
4723
5020
|
# Rule group capacity is fixed at creation, which helps users plan
|
4724
|
-
# their web ACL WCU usage when they use a rule group.
|
4725
|
-
#
|
5021
|
+
# their web ACL WCU usage when they use a rule group. For more
|
5022
|
+
# information, see [WAF web ACL capacity units (WCU)][1] in the *WAF
|
5023
|
+
# Developer Guide*.
|
5024
|
+
#
|
5025
|
+
#
|
5026
|
+
#
|
5027
|
+
# [1]: https://docs.aws.amazon.com/waf/latest/developerguide/aws-waf-capacity-units.html
|
4726
5028
|
# @return [Integer]
|
4727
5029
|
#
|
4728
5030
|
# @!attribute [rw] forecasted_lifetime
|
@@ -4960,7 +5262,7 @@ module Aws::WAFV2
|
|
4960
5262
|
# Specifies whether this is for an Amazon CloudFront distribution or
|
4961
5263
|
# for a regional application. A regional application can be an
|
4962
5264
|
# Application Load Balancer (ALB), an Amazon API Gateway REST API, an
|
4963
|
-
# AppSync GraphQL API,
|
5265
|
+
# AppSync GraphQL API, an Amazon Cognito user pool, or an App Runner
|
4964
5266
|
# service.
|
4965
5267
|
#
|
4966
5268
|
# To work with CloudFront, you must also specify the Region US East
|
@@ -5043,8 +5345,7 @@ module Aws::WAFV2
|
|
5043
5345
|
#
|
5044
5346
|
# The policy specifications must conform to the following:
|
5045
5347
|
#
|
5046
|
-
# * The policy must be composed using IAM Policy version 2012-10-17
|
5047
|
-
# version 2015-01-01.
|
5348
|
+
# * The policy must be composed using IAM Policy version 2012-10-17.
|
5048
5349
|
#
|
5049
5350
|
# * The policy must include specifications for `Effect`, `Action`, and
|
5050
5351
|
# `Principal`.
|
@@ -5399,6 +5700,39 @@ module Aws::WAFV2
|
|
5399
5700
|
include Aws::Structure
|
5400
5701
|
end
|
5401
5702
|
|
5703
|
+
# Customizes the maximum size of the request body that your protected
|
5704
|
+
# CloudFront distributions forward to WAF for inspection. The default
|
5705
|
+
# size is 16 KB (16,384 kilobytes).
|
5706
|
+
#
|
5707
|
+
# <note markdown="1"> You are charged additional fees when your protected resources forward
|
5708
|
+
# body sizes that are larger than the default. For more information, see
|
5709
|
+
# [WAF Pricing][1].
|
5710
|
+
#
|
5711
|
+
# </note>
|
5712
|
+
#
|
5713
|
+
# This is used in the `AssociationConfig` of the web ACL.
|
5714
|
+
#
|
5715
|
+
#
|
5716
|
+
#
|
5717
|
+
# [1]: http://aws.amazon.com/waf/pricing/
|
5718
|
+
#
|
5719
|
+
# @!attribute [rw] default_size_inspection_limit
|
5720
|
+
# Specifies the maximum size of the web request body component that an
|
5721
|
+
# associated CloudFront distribution should send to WAF for
|
5722
|
+
# inspection. This applies to statements in the web ACL that inspect
|
5723
|
+
# the body or JSON body.
|
5724
|
+
#
|
5725
|
+
# Default: `16 KB (16,384 kilobytes)`
|
5726
|
+
# @return [String]
|
5727
|
+
#
|
5728
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/RequestBodyAssociatedResourceTypeConfig AWS API Documentation
|
5729
|
+
#
|
5730
|
+
class RequestBodyAssociatedResourceTypeConfig < Struct.new(
|
5731
|
+
:default_size_inspection_limit)
|
5732
|
+
SENSITIVE = []
|
5733
|
+
include Aws::Structure
|
5734
|
+
end
|
5735
|
+
|
5402
5736
|
# The criteria for inspecting login requests, used by the ATP rule group
|
5403
5737
|
# to validate credentials usage.
|
5404
5738
|
#
|
@@ -5905,8 +6239,13 @@ module Aws::WAFV2
|
|
5905
6239
|
# relative cost of each rule. Simple rules that cost little to run use
|
5906
6240
|
# fewer WCUs than more complex rules that use more processing power.
|
5907
6241
|
# Rule group capacity is fixed at creation, which helps users plan
|
5908
|
-
# their web ACL WCU usage when they use a rule group.
|
5909
|
-
#
|
6242
|
+
# their web ACL WCU usage when they use a rule group. For more
|
6243
|
+
# information, see [WAF web ACL capacity units (WCU)][1] in the *WAF
|
6244
|
+
# Developer Guide*.
|
6245
|
+
#
|
6246
|
+
#
|
6247
|
+
#
|
6248
|
+
# [1]: https://docs.aws.amazon.com/waf/latest/developerguide/aws-waf-capacity-units.html
|
5910
6249
|
# @return [Integer]
|
5911
6250
|
#
|
5912
6251
|
# @!attribute [rw] arn
|
@@ -5953,18 +6292,17 @@ module Aws::WAFV2
|
|
5953
6292
|
# the rules that you define in the rule group.
|
5954
6293
|
#
|
5955
6294
|
# For information about customizing web requests and responses, see
|
5956
|
-
# [Customizing web requests and responses in WAF][1] in the
|
5957
|
-
# Developer Guide
|
6295
|
+
# [Customizing web requests and responses in WAF][1] in the *WAF
|
6296
|
+
# Developer Guide*.
|
5958
6297
|
#
|
5959
6298
|
# For information about the limits on count and size for custom
|
5960
|
-
# request and response settings, see [WAF quotas][
|
5961
|
-
# Developer Guide
|
6299
|
+
# request and response settings, see [WAF quotas][2] in the *WAF
|
6300
|
+
# Developer Guide*.
|
5962
6301
|
#
|
5963
6302
|
#
|
5964
6303
|
#
|
5965
6304
|
# [1]: https://docs.aws.amazon.com/waf/latest/developerguide/waf-custom-request-response.html
|
5966
|
-
# [2]: https://docs.aws.amazon.com/waf/latest/developerguide/
|
5967
|
-
# [3]: https://docs.aws.amazon.com/waf/latest/developerguide/limits.html
|
6305
|
+
# [2]: https://docs.aws.amazon.com/waf/latest/developerguide/limits.html
|
5968
6306
|
# @return [Hash<String,Types::CustomResponseBody>]
|
5969
6307
|
#
|
5970
6308
|
# @!attribute [rw] available_labels
|
@@ -6251,9 +6589,14 @@ module Aws::WAFV2
|
|
6251
6589
|
# statement to look for query strings that are longer than 100 bytes.
|
6252
6590
|
#
|
6253
6591
|
# If you configure WAF to inspect the request body, WAF inspects only
|
6254
|
-
# the
|
6255
|
-
#
|
6256
|
-
#
|
6592
|
+
# the number of bytes of the body up to the limit for the web ACL. By
|
6593
|
+
# default, for regional web ACLs, this limit is 8 KB (8,192 kilobytes)
|
6594
|
+
# and for CloudFront web ACLs, this limit is 16 KB (16,384 kilobytes).
|
6595
|
+
# For CloudFront web ACLs, you can increase the limit in the web ACL
|
6596
|
+
# `AssociationConfig`, for additional fees. If you know that the request
|
6597
|
+
# body for your web requests should never exceed the inspection limit,
|
6598
|
+
# you could use a size constraint statement to block requests that have
|
6599
|
+
# a larger request body size.
|
6257
6600
|
#
|
6258
6601
|
# If you choose URI for the value of Part of the request to filter on,
|
6259
6602
|
# the slash (/) in the URI counts as one character. For example, the URI
|
@@ -6375,10 +6718,14 @@ module Aws::WAFV2
|
|
6375
6718
|
# 100 bytes.
|
6376
6719
|
#
|
6377
6720
|
# If you configure WAF to inspect the request body, WAF inspects only
|
6378
|
-
# the
|
6379
|
-
#
|
6380
|
-
#
|
6381
|
-
#
|
6721
|
+
# the number of bytes of the body up to the limit for the web ACL. By
|
6722
|
+
# default, for regional web ACLs, this limit is 8 KB (8,192 kilobytes)
|
6723
|
+
# and for CloudFront web ACLs, this limit is 16 KB (16,384 kilobytes).
|
6724
|
+
# For CloudFront web ACLs, you can increase the limit in the web ACL
|
6725
|
+
# `AssociationConfig`, for additional fees. If you know that the
|
6726
|
+
# request body for your web requests should never exceed the
|
6727
|
+
# inspection limit, you could use a size constraint statement to block
|
6728
|
+
# requests that have a larger request body size.
|
6382
6729
|
#
|
6383
6730
|
# If you choose URI for the value of Part of the request to filter on,
|
6384
6731
|
# the slash (/) in the URI counts as one character. For example, the
|
@@ -6893,7 +7240,7 @@ module Aws::WAFV2
|
|
6893
7240
|
# Specifies whether this is for an Amazon CloudFront distribution or
|
6894
7241
|
# for a regional application. A regional application can be an
|
6895
7242
|
# Application Load Balancer (ALB), an Amazon API Gateway REST API, an
|
6896
|
-
# AppSync GraphQL API,
|
7243
|
+
# AppSync GraphQL API, an Amazon Cognito user pool, or an App Runner
|
6897
7244
|
# service.
|
6898
7245
|
#
|
6899
7246
|
# To work with CloudFront, you must also specify the Region US East
|
@@ -7012,7 +7359,7 @@ module Aws::WAFV2
|
|
7012
7359
|
# Specifies whether this is for an Amazon CloudFront distribution or
|
7013
7360
|
# for a regional application. A regional application can be an
|
7014
7361
|
# Application Load Balancer (ALB), an Amazon API Gateway REST API, an
|
7015
|
-
# AppSync GraphQL API,
|
7362
|
+
# AppSync GraphQL API, an Amazon Cognito user pool, or an App Runner
|
7016
7363
|
# service.
|
7017
7364
|
#
|
7018
7365
|
# To work with CloudFront, you must also specify the Region US East
|
@@ -7111,7 +7458,7 @@ module Aws::WAFV2
|
|
7111
7458
|
# Specifies whether this is for an Amazon CloudFront distribution or
|
7112
7459
|
# for a regional application. A regional application can be an
|
7113
7460
|
# Application Load Balancer (ALB), an Amazon API Gateway REST API, an
|
7114
|
-
# AppSync GraphQL API,
|
7461
|
+
# AppSync GraphQL API, an Amazon Cognito user pool, or an App Runner
|
7115
7462
|
# service.
|
7116
7463
|
#
|
7117
7464
|
# To work with CloudFront, you must also specify the Region US East
|
@@ -7184,7 +7531,7 @@ module Aws::WAFV2
|
|
7184
7531
|
# Specifies whether this is for an Amazon CloudFront distribution or
|
7185
7532
|
# for a regional application. A regional application can be an
|
7186
7533
|
# Application Load Balancer (ALB), an Amazon API Gateway REST API, an
|
7187
|
-
# AppSync GraphQL API,
|
7534
|
+
# AppSync GraphQL API, an Amazon Cognito user pool, or an App Runner
|
7188
7535
|
# service.
|
7189
7536
|
#
|
7190
7537
|
# To work with CloudFront, you must also specify the Region US East
|
@@ -7237,18 +7584,17 @@ module Aws::WAFV2
|
|
7237
7584
|
# the rules that you define in the rule group.
|
7238
7585
|
#
|
7239
7586
|
# For information about customizing web requests and responses, see
|
7240
|
-
# [Customizing web requests and responses in WAF][1] in the
|
7241
|
-
# Developer Guide
|
7587
|
+
# [Customizing web requests and responses in WAF][1] in the *WAF
|
7588
|
+
# Developer Guide*.
|
7242
7589
|
#
|
7243
7590
|
# For information about the limits on count and size for custom
|
7244
|
-
# request and response settings, see [WAF quotas][
|
7245
|
-
# Developer Guide
|
7591
|
+
# request and response settings, see [WAF quotas][2] in the *WAF
|
7592
|
+
# Developer Guide*.
|
7246
7593
|
#
|
7247
7594
|
#
|
7248
7595
|
#
|
7249
7596
|
# [1]: https://docs.aws.amazon.com/waf/latest/developerguide/waf-custom-request-response.html
|
7250
|
-
# [2]: https://docs.aws.amazon.com/waf/latest/developerguide/
|
7251
|
-
# [3]: https://docs.aws.amazon.com/waf/latest/developerguide/limits.html
|
7597
|
+
# [2]: https://docs.aws.amazon.com/waf/latest/developerguide/limits.html
|
7252
7598
|
# @return [Hash<String,Types::CustomResponseBody>]
|
7253
7599
|
#
|
7254
7600
|
# @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/UpdateRuleGroupRequest AWS API Documentation
|
@@ -7289,7 +7635,7 @@ module Aws::WAFV2
|
|
7289
7635
|
# Specifies whether this is for an Amazon CloudFront distribution or
|
7290
7636
|
# for a regional application. A regional application can be an
|
7291
7637
|
# Application Load Balancer (ALB), an Amazon API Gateway REST API, an
|
7292
|
-
# AppSync GraphQL API,
|
7638
|
+
# AppSync GraphQL API, an Amazon Cognito user pool, or an App Runner
|
7293
7639
|
# service.
|
7294
7640
|
#
|
7295
7641
|
# To work with CloudFront, you must also specify the Region US East
|
@@ -7347,18 +7693,17 @@ module Aws::WAFV2
|
|
7347
7693
|
# rules and default actions that you define in the web ACL.
|
7348
7694
|
#
|
7349
7695
|
# For information about customizing web requests and responses, see
|
7350
|
-
# [Customizing web requests and responses in WAF][1] in the
|
7351
|
-
# Developer Guide
|
7696
|
+
# [Customizing web requests and responses in WAF][1] in the *WAF
|
7697
|
+
# Developer Guide*.
|
7352
7698
|
#
|
7353
7699
|
# For information about the limits on count and size for custom
|
7354
|
-
# request and response settings, see [WAF quotas][
|
7355
|
-
# Developer Guide
|
7700
|
+
# request and response settings, see [WAF quotas][2] in the *WAF
|
7701
|
+
# Developer Guide*.
|
7356
7702
|
#
|
7357
7703
|
#
|
7358
7704
|
#
|
7359
7705
|
# [1]: https://docs.aws.amazon.com/waf/latest/developerguide/waf-custom-request-response.html
|
7360
|
-
# [2]: https://docs.aws.amazon.com/waf/latest/developerguide/
|
7361
|
-
# [3]: https://docs.aws.amazon.com/waf/latest/developerguide/limits.html
|
7706
|
+
# [2]: https://docs.aws.amazon.com/waf/latest/developerguide/limits.html
|
7362
7707
|
# @return [Hash<String,Types::CustomResponseBody>]
|
7363
7708
|
#
|
7364
7709
|
# @!attribute [rw] captcha_config
|
@@ -7390,6 +7735,25 @@ module Aws::WAFV2
|
|
7390
7735
|
# `usa.gov` or `co.uk` as token domains.
|
7391
7736
|
# @return [Array<String>]
|
7392
7737
|
#
|
7738
|
+
# @!attribute [rw] association_config
|
7739
|
+
# Specifies custom configurations for the associations between the web
|
7740
|
+
# ACL and protected resources.
|
7741
|
+
#
|
7742
|
+
# Use this to customize the maximum size of the request body that your
|
7743
|
+
# protected CloudFront distributions forward to WAF for inspection.
|
7744
|
+
# The default is 16 KB (16,384 kilobytes).
|
7745
|
+
#
|
7746
|
+
# <note markdown="1"> You are charged additional fees when your protected resources
|
7747
|
+
# forward body sizes that are larger than the default. For more
|
7748
|
+
# information, see [WAF Pricing][1].
|
7749
|
+
#
|
7750
|
+
# </note>
|
7751
|
+
#
|
7752
|
+
#
|
7753
|
+
#
|
7754
|
+
# [1]: http://aws.amazon.com/waf/pricing/
|
7755
|
+
# @return [Types::AssociationConfig]
|
7756
|
+
#
|
7393
7757
|
# @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/UpdateWebACLRequest AWS API Documentation
|
7394
7758
|
#
|
7395
7759
|
class UpdateWebACLRequest < Struct.new(
|
@@ -7404,7 +7768,8 @@ module Aws::WAFV2
|
|
7404
7768
|
:custom_response_bodies,
|
7405
7769
|
:captcha_config,
|
7406
7770
|
:challenge_config,
|
7407
|
-
:token_domains
|
7771
|
+
:token_domains,
|
7772
|
+
:association_config)
|
7408
7773
|
SENSITIVE = []
|
7409
7774
|
include Aws::Structure
|
7410
7775
|
end
|
@@ -7499,7 +7864,7 @@ module Aws::WAFV2
|
|
7499
7864
|
# @!attribute [rw] cloud_watch_metrics_enabled
|
7500
7865
|
# A boolean indicating whether the associated resource sends metrics
|
7501
7866
|
# to Amazon CloudWatch. For the list of available metrics, see [WAF
|
7502
|
-
# Metrics][1]
|
7867
|
+
# Metrics][1] in the *WAF Developer Guide*.
|
7503
7868
|
#
|
7504
7869
|
#
|
7505
7870
|
#
|
@@ -7665,8 +8030,7 @@ module Aws::WAFV2
|
|
7665
8030
|
#
|
7666
8031
|
# The policy specifications must conform to the following:
|
7667
8032
|
#
|
7668
|
-
# * The policy must be composed using IAM Policy version 2012-10-17
|
7669
|
-
# version 2015-01-01.
|
8033
|
+
# * The policy must be composed using IAM Policy version 2012-10-17.
|
7670
8034
|
#
|
7671
8035
|
# * The policy must include specifications for `Effect`, `Action`, and
|
7672
8036
|
# `Principal`.
|
@@ -7871,7 +8235,7 @@ module Aws::WAFV2
|
|
7871
8235
|
# can associate a web ACL with one or more Amazon Web Services resources
|
7872
8236
|
# to protect. The resources can be an Amazon CloudFront distribution, an
|
7873
8237
|
# Amazon API Gateway REST API, an Application Load Balancer, an AppSync
|
7874
|
-
# GraphQL API, Amazon Cognito user pool, or an App Runner service.
|
8238
|
+
# GraphQL API, an Amazon Cognito user pool, or an App Runner service.
|
7875
8239
|
#
|
7876
8240
|
# @!attribute [rw] name
|
7877
8241
|
# The name of the web ACL. You cannot change the name of a web ACL
|
@@ -7920,8 +8284,13 @@ module Aws::WAFV2
|
|
7920
8284
|
# relative cost of each rule. Simple rules that cost little to run use
|
7921
8285
|
# fewer WCUs than more complex rules that use more processing power.
|
7922
8286
|
# Rule group capacity is fixed at creation, which helps users plan
|
7923
|
-
# their web ACL WCU usage when they use a rule group.
|
7924
|
-
#
|
8287
|
+
# their web ACL WCU usage when they use a rule group. For more
|
8288
|
+
# information, see [WAF web ACL capacity units (WCU)][1] in the *WAF
|
8289
|
+
# Developer Guide*.
|
8290
|
+
#
|
8291
|
+
#
|
8292
|
+
#
|
8293
|
+
# [1]: https://docs.aws.amazon.com/waf/latest/developerguide/aws-waf-capacity-units.html
|
7925
8294
|
# @return [Integer]
|
7926
8295
|
#
|
7927
8296
|
# @!attribute [rw] pre_process_firewall_manager_rule_groups
|
@@ -7980,18 +8349,17 @@ module Aws::WAFV2
|
|
7980
8349
|
# rules and default actions that you define in the web ACL.
|
7981
8350
|
#
|
7982
8351
|
# For information about customizing web requests and responses, see
|
7983
|
-
# [Customizing web requests and responses in WAF][1] in the
|
7984
|
-
# Developer Guide
|
8352
|
+
# [Customizing web requests and responses in WAF][1] in the *WAF
|
8353
|
+
# Developer Guide*.
|
7985
8354
|
#
|
7986
8355
|
# For information about the limits on count and size for custom
|
7987
|
-
# request and response settings, see [WAF quotas][
|
7988
|
-
# Developer Guide
|
8356
|
+
# request and response settings, see [WAF quotas][2] in the *WAF
|
8357
|
+
# Developer Guide*.
|
7989
8358
|
#
|
7990
8359
|
#
|
7991
8360
|
#
|
7992
8361
|
# [1]: https://docs.aws.amazon.com/waf/latest/developerguide/waf-custom-request-response.html
|
7993
|
-
# [2]: https://docs.aws.amazon.com/waf/latest/developerguide/
|
7994
|
-
# [3]: https://docs.aws.amazon.com/waf/latest/developerguide/limits.html
|
8362
|
+
# [2]: https://docs.aws.amazon.com/waf/latest/developerguide/limits.html
|
7995
8363
|
# @return [Hash<String,Types::CustomResponseBody>]
|
7996
8364
|
#
|
7997
8365
|
# @!attribute [rw] captcha_config
|
@@ -8017,6 +8385,25 @@ module Aws::WAFV2
|
|
8017
8385
|
# domain list, including their prefixed subdomains.
|
8018
8386
|
# @return [Array<String>]
|
8019
8387
|
#
|
8388
|
+
# @!attribute [rw] association_config
|
8389
|
+
# Specifies custom configurations for the associations between the web
|
8390
|
+
# ACL and protected resources.
|
8391
|
+
#
|
8392
|
+
# Use this to customize the maximum size of the request body that your
|
8393
|
+
# protected CloudFront distributions forward to WAF for inspection.
|
8394
|
+
# The default is 16 KB (16,384 kilobytes).
|
8395
|
+
#
|
8396
|
+
# <note markdown="1"> You are charged additional fees when your protected resources
|
8397
|
+
# forward body sizes that are larger than the default. For more
|
8398
|
+
# information, see [WAF Pricing][1].
|
8399
|
+
#
|
8400
|
+
# </note>
|
8401
|
+
#
|
8402
|
+
#
|
8403
|
+
#
|
8404
|
+
# [1]: http://aws.amazon.com/waf/pricing/
|
8405
|
+
# @return [Types::AssociationConfig]
|
8406
|
+
#
|
8020
8407
|
# @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/WebACL AWS API Documentation
|
8021
8408
|
#
|
8022
8409
|
class WebACL < Struct.new(
|
@@ -8035,7 +8422,8 @@ module Aws::WAFV2
|
|
8035
8422
|
:custom_response_bodies,
|
8036
8423
|
:captcha_config,
|
8037
8424
|
:challenge_config,
|
8038
|
-
:token_domains
|
8425
|
+
:token_domains,
|
8426
|
+
:association_config)
|
8039
8427
|
SENSITIVE = []
|
8040
8428
|
include Aws::Structure
|
8041
8429
|
end
|