aws-sdk-wafv2 1.53.0 → 1.55.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/CHANGELOG.md +10 -0
- data/VERSION +1 -1
- data/lib/aws-sdk-wafv2/client.rb +316 -84
- data/lib/aws-sdk-wafv2/client_api.rb +99 -0
- data/lib/aws-sdk-wafv2/endpoints.rb +42 -0
- data/lib/aws-sdk-wafv2/plugins/endpoints.rb +6 -0
- data/lib/aws-sdk-wafv2/types.rb +587 -199
- data/lib/aws-sdk-wafv2.rb +1 -1
- metadata +2 -2
data/lib/aws-sdk-wafv2/types.rb
CHANGED
@@ -10,6 +10,44 @@
|
|
10
10
|
module Aws::WAFV2
|
11
11
|
module Types
|
12
12
|
|
13
|
+
# Information for a single API key.
|
14
|
+
#
|
15
|
+
# @!attribute [rw] token_domains
|
16
|
+
# The token domains that are defined in this API key.
|
17
|
+
# @return [Array<String>]
|
18
|
+
#
|
19
|
+
# @!attribute [rw] api_key
|
20
|
+
# The generated, encrypted API key. You can copy this for use in your
|
21
|
+
# JavaScript CAPTCHA integration.
|
22
|
+
#
|
23
|
+
# For information about how to use this in your CAPTCHA JavaScript
|
24
|
+
# integration, see [WAF client application integration][1] in the *WAF
|
25
|
+
# Developer Guide*.
|
26
|
+
#
|
27
|
+
#
|
28
|
+
#
|
29
|
+
# [1]: https://docs.aws.amazon.com/waf/latest/developerguide/waf-application-integration.html
|
30
|
+
# @return [String]
|
31
|
+
#
|
32
|
+
# @!attribute [rw] creation_timestamp
|
33
|
+
# The date and time that the key was created.
|
34
|
+
# @return [Time]
|
35
|
+
#
|
36
|
+
# @!attribute [rw] version
|
37
|
+
# Internal value used by WAF to manage the key.
|
38
|
+
# @return [Integer]
|
39
|
+
#
|
40
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/APIKeySummary AWS API Documentation
|
41
|
+
#
|
42
|
+
class APIKeySummary < Struct.new(
|
43
|
+
:token_domains,
|
44
|
+
:api_key,
|
45
|
+
:creation_timestamp,
|
46
|
+
:version)
|
47
|
+
SENSITIVE = []
|
48
|
+
include Aws::Structure
|
49
|
+
end
|
50
|
+
|
13
51
|
# Details for your use of the account takeover prevention managed rule
|
14
52
|
# group, `AWSManagedRulesATPRuleSet`. This configuration is used in
|
15
53
|
# `ManagedRuleGroupConfig`.
|
@@ -63,7 +101,8 @@ module Aws::WAFV2
|
|
63
101
|
# The inspection level to use for the Bot Control rule group. The
|
64
102
|
# common level is the least expensive. The targeted level includes all
|
65
103
|
# common level rules and adds rules with more advanced inspection
|
66
|
-
# criteria. For details, see [WAF Bot Control rule group][1]
|
104
|
+
# criteria. For details, see [WAF Bot Control rule group][1] in the
|
105
|
+
# *WAF Developer Guide*.
|
67
106
|
#
|
68
107
|
#
|
69
108
|
#
|
@@ -137,13 +176,12 @@ module Aws::WAFV2
|
|
137
176
|
# Defines custom handling for the web request.
|
138
177
|
#
|
139
178
|
# For information about customizing web requests and responses, see
|
140
|
-
# [Customizing web requests and responses in WAF][1] in the
|
141
|
-
# Developer Guide
|
179
|
+
# [Customizing web requests and responses in WAF][1] in the *WAF
|
180
|
+
# Developer Guide*.
|
142
181
|
#
|
143
182
|
#
|
144
183
|
#
|
145
184
|
# [1]: https://docs.aws.amazon.com/waf/latest/developerguide/waf-custom-request-response.html
|
146
|
-
# [2]: https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html
|
147
185
|
# @return [Types::CustomRequestHandling]
|
148
186
|
#
|
149
187
|
# @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/AllowAction AWS API Documentation
|
@@ -183,20 +221,22 @@ module Aws::WAFV2
|
|
183
221
|
# The ARN must be in one of the following formats:
|
184
222
|
#
|
185
223
|
# * For an Application Load Balancer:
|
186
|
-
# `arn:
|
224
|
+
# `arn:partition:elasticloadbalancing:region:account-id:loadbalancer/app/load-balancer-name/load-balancer-id
|
187
225
|
# `
|
188
226
|
#
|
189
227
|
# * For an Amazon API Gateway REST API:
|
190
|
-
# `arn:
|
228
|
+
# `arn:partition:apigateway:region::/restapis/api-id/stages/stage-name
|
229
|
+
# `
|
191
230
|
#
|
192
231
|
# * For an AppSync GraphQL API:
|
193
|
-
# `arn:
|
232
|
+
# `arn:partition:appsync:region:account-id:apis/GraphQLApiId `
|
194
233
|
#
|
195
234
|
# * For an Amazon Cognito user pool:
|
196
|
-
# `arn:
|
235
|
+
# `arn:partition:cognito-idp:region:account-id:userpool/user-pool-id
|
236
|
+
# `
|
197
237
|
#
|
198
238
|
# * For an App Runner service:
|
199
|
-
# `arn:
|
239
|
+
# `arn:partition:apprunner:region:account-id:service/apprunner-service-name/apprunner-service-id
|
200
240
|
# `
|
201
241
|
# @return [String]
|
202
242
|
#
|
@@ -213,6 +253,47 @@ module Aws::WAFV2
|
|
213
253
|
#
|
214
254
|
class AssociateWebACLResponse < Aws::EmptyStructure; end
|
215
255
|
|
256
|
+
# Specifies custom configurations for the associations between the web
|
257
|
+
# ACL and protected resources.
|
258
|
+
#
|
259
|
+
# Use this to customize the maximum size of the request body that your
|
260
|
+
# protected CloudFront distributions forward to WAF for inspection. The
|
261
|
+
# default is 16 KB (16,384 kilobytes).
|
262
|
+
#
|
263
|
+
# <note markdown="1"> You are charged additional fees when your protected resources forward
|
264
|
+
# body sizes that are larger than the default. For more information, see
|
265
|
+
# [WAF Pricing][1].
|
266
|
+
#
|
267
|
+
# </note>
|
268
|
+
#
|
269
|
+
#
|
270
|
+
#
|
271
|
+
# [1]: http://aws.amazon.com/waf/pricing/
|
272
|
+
#
|
273
|
+
# @!attribute [rw] request_body
|
274
|
+
# Customizes the maximum size of the request body that your protected
|
275
|
+
# CloudFront distributions forward to WAF for inspection. The default
|
276
|
+
# size is 16 KB (16,384 kilobytes).
|
277
|
+
#
|
278
|
+
# <note markdown="1"> You are charged additional fees when your protected resources
|
279
|
+
# forward body sizes that are larger than the default. For more
|
280
|
+
# information, see [WAF Pricing][1].
|
281
|
+
#
|
282
|
+
# </note>
|
283
|
+
#
|
284
|
+
#
|
285
|
+
#
|
286
|
+
# [1]: http://aws.amazon.com/waf/pricing/
|
287
|
+
# @return [Hash<String,Types::RequestBodyAssociatedResourceTypeConfig>]
|
288
|
+
#
|
289
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/AssociationConfig AWS API Documentation
|
290
|
+
#
|
291
|
+
class AssociationConfig < Struct.new(
|
292
|
+
:request_body)
|
293
|
+
SENSITIVE = []
|
294
|
+
include Aws::Structure
|
295
|
+
end
|
296
|
+
|
216
297
|
# Specifies that WAF should block the request and optionally defines
|
217
298
|
# additional custom handling for the response to the web request.
|
218
299
|
#
|
@@ -223,13 +304,12 @@ module Aws::WAFV2
|
|
223
304
|
# Defines a custom response for the web request.
|
224
305
|
#
|
225
306
|
# For information about customizing web requests and responses, see
|
226
|
-
# [Customizing web requests and responses in WAF][1] in the
|
227
|
-
# Developer Guide
|
307
|
+
# [Customizing web requests and responses in WAF][1] in the *WAF
|
308
|
+
# Developer Guide*.
|
228
309
|
#
|
229
310
|
#
|
230
311
|
#
|
231
312
|
# [1]: https://docs.aws.amazon.com/waf/latest/developerguide/waf-custom-request-response.html
|
232
|
-
# [2]: https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html
|
233
313
|
# @return [Types::CustomResponse]
|
234
314
|
#
|
235
315
|
# @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/BlockAction AWS API Documentation
|
@@ -248,10 +328,16 @@ module Aws::WAFV2
|
|
248
328
|
#
|
249
329
|
# @!attribute [rw] oversize_handling
|
250
330
|
# What WAF should do if the body is larger than WAF can inspect. WAF
|
251
|
-
# does not support inspecting the entire contents of the
|
252
|
-
#
|
253
|
-
#
|
254
|
-
#
|
331
|
+
# does not support inspecting the entire contents of the web request
|
332
|
+
# body if the body exceeds the limit for the resource type. If the
|
333
|
+
# body is larger than the limit, the underlying host service only
|
334
|
+
# forwards the contents that are below the limit to WAF for
|
335
|
+
# inspection.
|
336
|
+
#
|
337
|
+
# The default limit is 8 KB (8,192 kilobytes) for regional resources
|
338
|
+
# and 16 KB (16,384 kilobytes) for CloudFront distributions. For
|
339
|
+
# CloudFront distributions, you can increase the limit in the web ACL
|
340
|
+
# `AssociationConfig`, for additional processing fees.
|
255
341
|
#
|
256
342
|
# The options for oversize handling are the following:
|
257
343
|
#
|
@@ -266,7 +352,7 @@ module Aws::WAFV2
|
|
266
352
|
#
|
267
353
|
# You can combine the `MATCH` or `NO_MATCH` settings for oversize
|
268
354
|
# handling with your rule and web ACL action settings, so that you
|
269
|
-
# block any request whose body is over
|
355
|
+
# block any request whose body is over the limit.
|
270
356
|
#
|
271
357
|
# Default: `CONTINUE`
|
272
358
|
# @return [String]
|
@@ -422,13 +508,12 @@ module Aws::WAFV2
|
|
422
508
|
# unexpired.
|
423
509
|
#
|
424
510
|
# For information about customizing web requests and responses, see
|
425
|
-
# [Customizing web requests and responses in WAF][1] in the
|
426
|
-
# Developer Guide
|
511
|
+
# [Customizing web requests and responses in WAF][1] in the *WAF
|
512
|
+
# Developer Guide*.
|
427
513
|
#
|
428
514
|
#
|
429
515
|
#
|
430
516
|
# [1]: https://docs.aws.amazon.com/waf/latest/developerguide/waf-custom-request-response.html
|
431
|
-
# [2]: https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html
|
432
517
|
# @return [Types::CustomRequestHandling]
|
433
518
|
#
|
434
519
|
# @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/CaptchaAction AWS API Documentation
|
@@ -531,13 +616,12 @@ module Aws::WAFV2
|
|
531
616
|
# unexpired.
|
532
617
|
#
|
533
618
|
# For information about customizing web requests and responses, see
|
534
|
-
# [Customizing web requests and responses in WAF][1] in the
|
535
|
-
# Developer Guide
|
619
|
+
# [Customizing web requests and responses in WAF][1] in the *WAF
|
620
|
+
# Developer Guide*.
|
536
621
|
#
|
537
622
|
#
|
538
623
|
#
|
539
624
|
# [1]: https://docs.aws.amazon.com/waf/latest/developerguide/waf-custom-request-response.html
|
540
|
-
# [2]: https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html
|
541
625
|
# @return [Types::CustomRequestHandling]
|
542
626
|
#
|
543
627
|
# @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/ChallengeAction AWS API Documentation
|
@@ -596,7 +680,7 @@ module Aws::WAFV2
|
|
596
680
|
# Specifies whether this is for an Amazon CloudFront distribution or
|
597
681
|
# for a regional application. A regional application can be an
|
598
682
|
# Application Load Balancer (ALB), an Amazon API Gateway REST API, an
|
599
|
-
# AppSync GraphQL API,
|
683
|
+
# AppSync GraphQL API, an Amazon Cognito user pool, or an App Runner
|
600
684
|
# service.
|
601
685
|
#
|
602
686
|
# To work with CloudFront, you must also specify the Region US East
|
@@ -756,13 +840,12 @@ module Aws::WAFV2
|
|
756
840
|
# Defines custom handling for the web request.
|
757
841
|
#
|
758
842
|
# For information about customizing web requests and responses, see
|
759
|
-
# [Customizing web requests and responses in WAF][1] in the
|
760
|
-
# Developer Guide
|
843
|
+
# [Customizing web requests and responses in WAF][1] in the *WAF
|
844
|
+
# Developer Guide*.
|
761
845
|
#
|
762
846
|
#
|
763
847
|
#
|
764
848
|
# [1]: https://docs.aws.amazon.com/waf/latest/developerguide/waf-custom-request-response.html
|
765
|
-
# [2]: https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html
|
766
849
|
# @return [Types::CustomRequestHandling]
|
767
850
|
#
|
768
851
|
# @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/CountAction AWS API Documentation
|
@@ -773,6 +856,57 @@ module Aws::WAFV2
|
|
773
856
|
include Aws::Structure
|
774
857
|
end
|
775
858
|
|
859
|
+
# @!attribute [rw] scope
|
860
|
+
# Specifies whether this is for an Amazon CloudFront distribution or
|
861
|
+
# for a regional application. A regional application can be an
|
862
|
+
# Application Load Balancer (ALB), an Amazon API Gateway REST API, an
|
863
|
+
# AppSync GraphQL API, an Amazon Cognito user pool, or an App Runner
|
864
|
+
# service.
|
865
|
+
#
|
866
|
+
# To work with CloudFront, you must also specify the Region US East
|
867
|
+
# (N. Virginia) as follows:
|
868
|
+
#
|
869
|
+
# * CLI - Specify the Region when you use the CloudFront scope:
|
870
|
+
# `--scope=CLOUDFRONT --region=us-east-1`.
|
871
|
+
#
|
872
|
+
# * API and SDKs - For all calls, use the Region endpoint us-east-1.
|
873
|
+
# @return [String]
|
874
|
+
#
|
875
|
+
# @!attribute [rw] token_domains
|
876
|
+
# The client application domains that you want to use this API key
|
877
|
+
# for.
|
878
|
+
# @return [Array<String>]
|
879
|
+
#
|
880
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/CreateAPIKeyRequest AWS API Documentation
|
881
|
+
#
|
882
|
+
class CreateAPIKeyRequest < Struct.new(
|
883
|
+
:scope,
|
884
|
+
:token_domains)
|
885
|
+
SENSITIVE = []
|
886
|
+
include Aws::Structure
|
887
|
+
end
|
888
|
+
|
889
|
+
# @!attribute [rw] api_key
|
890
|
+
# The generated, encrypted API key. You can copy this for use in your
|
891
|
+
# JavaScript CAPTCHA integration.
|
892
|
+
#
|
893
|
+
# For information about how to use this in your CAPTCHA JavaScript
|
894
|
+
# integration, see [WAF client application integration][1] in the *WAF
|
895
|
+
# Developer Guide*.
|
896
|
+
#
|
897
|
+
#
|
898
|
+
#
|
899
|
+
# [1]: https://docs.aws.amazon.com/waf/latest/developerguide/waf-application-integration.html
|
900
|
+
# @return [String]
|
901
|
+
#
|
902
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/CreateAPIKeyResponse AWS API Documentation
|
903
|
+
#
|
904
|
+
class CreateAPIKeyResponse < Struct.new(
|
905
|
+
:api_key)
|
906
|
+
SENSITIVE = []
|
907
|
+
include Aws::Structure
|
908
|
+
end
|
909
|
+
|
776
910
|
# @!attribute [rw] name
|
777
911
|
# The name of the IP set. You cannot change the name of an `IPSet`
|
778
912
|
# after you create it.
|
@@ -782,7 +916,7 @@ module Aws::WAFV2
|
|
782
916
|
# Specifies whether this is for an Amazon CloudFront distribution or
|
783
917
|
# for a regional application. A regional application can be an
|
784
918
|
# Application Load Balancer (ALB), an Amazon API Gateway REST API, an
|
785
|
-
# AppSync GraphQL API,
|
919
|
+
# AppSync GraphQL API, an Amazon Cognito user pool, or an App Runner
|
786
920
|
# service.
|
787
921
|
#
|
788
922
|
# To work with CloudFront, you must also specify the Region US East
|
@@ -889,7 +1023,7 @@ module Aws::WAFV2
|
|
889
1023
|
# Specifies whether this is for an Amazon CloudFront distribution or
|
890
1024
|
# for a regional application. A regional application can be an
|
891
1025
|
# Application Load Balancer (ALB), an Amazon API Gateway REST API, an
|
892
|
-
# AppSync GraphQL API,
|
1026
|
+
# AppSync GraphQL API, an Amazon Cognito user pool, or an App Runner
|
893
1027
|
# service.
|
894
1028
|
#
|
895
1029
|
# To work with CloudFront, you must also specify the Region US East
|
@@ -950,7 +1084,7 @@ module Aws::WAFV2
|
|
950
1084
|
# Specifies whether this is for an Amazon CloudFront distribution or
|
951
1085
|
# for a regional application. A regional application can be an
|
952
1086
|
# Application Load Balancer (ALB), an Amazon API Gateway REST API, an
|
953
|
-
# AppSync GraphQL API,
|
1087
|
+
# AppSync GraphQL API, an Amazon Cognito user pool, or an App Runner
|
954
1088
|
# service.
|
955
1089
|
#
|
956
1090
|
# To work with CloudFront, you must also specify the Region US East
|
@@ -976,8 +1110,13 @@ module Aws::WAFV2
|
|
976
1110
|
# relative cost of each rule. Simple rules that cost little to run use
|
977
1111
|
# fewer WCUs than more complex rules that use more processing power.
|
978
1112
|
# Rule group capacity is fixed at creation, which helps users plan
|
979
|
-
# their web ACL WCU usage when they use a rule group.
|
980
|
-
#
|
1113
|
+
# their web ACL WCU usage when they use a rule group. For more
|
1114
|
+
# information, see [WAF web ACL capacity units (WCU)][1] in the *WAF
|
1115
|
+
# Developer Guide*.
|
1116
|
+
#
|
1117
|
+
#
|
1118
|
+
#
|
1119
|
+
# [1]: https://docs.aws.amazon.com/waf/latest/developerguide/aws-waf-capacity-units.html
|
981
1120
|
# @return [Integer]
|
982
1121
|
#
|
983
1122
|
# @!attribute [rw] description
|
@@ -1007,18 +1146,17 @@ module Aws::WAFV2
|
|
1007
1146
|
# the rules that you define in the rule group.
|
1008
1147
|
#
|
1009
1148
|
# For information about customizing web requests and responses, see
|
1010
|
-
# [Customizing web requests and responses in WAF][1] in the
|
1011
|
-
# Developer Guide
|
1149
|
+
# [Customizing web requests and responses in WAF][1] in the *WAF
|
1150
|
+
# Developer Guide*.
|
1012
1151
|
#
|
1013
1152
|
# For information about the limits on count and size for custom
|
1014
|
-
# request and response settings, see [WAF quotas][
|
1015
|
-
# Developer Guide
|
1153
|
+
# request and response settings, see [WAF quotas][2] in the *WAF
|
1154
|
+
# Developer Guide*.
|
1016
1155
|
#
|
1017
1156
|
#
|
1018
1157
|
#
|
1019
1158
|
# [1]: https://docs.aws.amazon.com/waf/latest/developerguide/waf-custom-request-response.html
|
1020
|
-
# [2]: https://docs.aws.amazon.com/waf/latest/developerguide/
|
1021
|
-
# [3]: https://docs.aws.amazon.com/waf/latest/developerguide/limits.html
|
1159
|
+
# [2]: https://docs.aws.amazon.com/waf/latest/developerguide/limits.html
|
1022
1160
|
# @return [Hash<String,Types::CustomResponseBody>]
|
1023
1161
|
#
|
1024
1162
|
# @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/CreateRuleGroupRequest AWS API Documentation
|
@@ -1061,7 +1199,7 @@ module Aws::WAFV2
|
|
1061
1199
|
# Specifies whether this is for an Amazon CloudFront distribution or
|
1062
1200
|
# for a regional application. A regional application can be an
|
1063
1201
|
# Application Load Balancer (ALB), an Amazon API Gateway REST API, an
|
1064
|
-
# AppSync GraphQL API,
|
1202
|
+
# AppSync GraphQL API, an Amazon Cognito user pool, or an App Runner
|
1065
1203
|
# service.
|
1066
1204
|
#
|
1067
1205
|
# To work with CloudFront, you must also specify the Region US East
|
@@ -1105,18 +1243,17 @@ module Aws::WAFV2
|
|
1105
1243
|
# rules and default actions that you define in the web ACL.
|
1106
1244
|
#
|
1107
1245
|
# For information about customizing web requests and responses, see
|
1108
|
-
# [Customizing web requests and responses in WAF][1] in the
|
1109
|
-
# Developer Guide
|
1246
|
+
# [Customizing web requests and responses in WAF][1] in the *WAF
|
1247
|
+
# Developer Guide*.
|
1110
1248
|
#
|
1111
1249
|
# For information about the limits on count and size for custom
|
1112
|
-
# request and response settings, see [WAF quotas][
|
1113
|
-
# Developer Guide
|
1250
|
+
# request and response settings, see [WAF quotas][2] in the *WAF
|
1251
|
+
# Developer Guide*.
|
1114
1252
|
#
|
1115
1253
|
#
|
1116
1254
|
#
|
1117
1255
|
# [1]: https://docs.aws.amazon.com/waf/latest/developerguide/waf-custom-request-response.html
|
1118
|
-
# [2]: https://docs.aws.amazon.com/waf/latest/developerguide/
|
1119
|
-
# [3]: https://docs.aws.amazon.com/waf/latest/developerguide/limits.html
|
1256
|
+
# [2]: https://docs.aws.amazon.com/waf/latest/developerguide/limits.html
|
1120
1257
|
# @return [Hash<String,Types::CustomResponseBody>]
|
1121
1258
|
#
|
1122
1259
|
# @!attribute [rw] captcha_config
|
@@ -1148,6 +1285,25 @@ module Aws::WAFV2
|
|
1148
1285
|
# `usa.gov` or `co.uk` as token domains.
|
1149
1286
|
# @return [Array<String>]
|
1150
1287
|
#
|
1288
|
+
# @!attribute [rw] association_config
|
1289
|
+
# Specifies custom configurations for the associations between the web
|
1290
|
+
# ACL and protected resources.
|
1291
|
+
#
|
1292
|
+
# Use this to customize the maximum size of the request body that your
|
1293
|
+
# protected CloudFront distributions forward to WAF for inspection.
|
1294
|
+
# The default is 16 KB (16,384 kilobytes).
|
1295
|
+
#
|
1296
|
+
# <note markdown="1"> You are charged additional fees when your protected resources
|
1297
|
+
# forward body sizes that are larger than the default. For more
|
1298
|
+
# information, see [WAF Pricing][1].
|
1299
|
+
#
|
1300
|
+
# </note>
|
1301
|
+
#
|
1302
|
+
#
|
1303
|
+
#
|
1304
|
+
# [1]: http://aws.amazon.com/waf/pricing/
|
1305
|
+
# @return [Types::AssociationConfig]
|
1306
|
+
#
|
1151
1307
|
# @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/CreateWebACLRequest AWS API Documentation
|
1152
1308
|
#
|
1153
1309
|
class CreateWebACLRequest < Struct.new(
|
@@ -1161,7 +1317,8 @@ module Aws::WAFV2
|
|
1161
1317
|
:custom_response_bodies,
|
1162
1318
|
:captcha_config,
|
1163
1319
|
:challenge_config,
|
1164
|
-
:token_domains
|
1320
|
+
:token_domains,
|
1321
|
+
:association_config)
|
1165
1322
|
SENSITIVE = []
|
1166
1323
|
include Aws::Structure
|
1167
1324
|
end
|
@@ -1213,26 +1370,24 @@ module Aws::WAFV2
|
|
1213
1370
|
# `CaptchaAction` for requests with valid t okens, and `AllowAction`.
|
1214
1371
|
#
|
1215
1372
|
# For information about customizing web requests and responses, see
|
1216
|
-
# [Customizing web requests and responses in WAF][1] in the
|
1217
|
-
# Developer Guide
|
1373
|
+
# [Customizing web requests and responses in WAF][1] in the *WAF
|
1374
|
+
# Developer Guide*.
|
1218
1375
|
#
|
1219
1376
|
#
|
1220
1377
|
#
|
1221
1378
|
# [1]: https://docs.aws.amazon.com/waf/latest/developerguide/waf-custom-request-response.html
|
1222
|
-
# [2]: https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html
|
1223
1379
|
#
|
1224
1380
|
# @!attribute [rw] insert_headers
|
1225
1381
|
# The HTTP headers to insert into the request. Duplicate header names
|
1226
1382
|
# are not allowed.
|
1227
1383
|
#
|
1228
1384
|
# For information about the limits on count and size for custom
|
1229
|
-
# request and response settings, see [WAF quotas][1] in the
|
1230
|
-
# Developer Guide
|
1385
|
+
# request and response settings, see [WAF quotas][1] in the *WAF
|
1386
|
+
# Developer Guide*.
|
1231
1387
|
#
|
1232
1388
|
#
|
1233
1389
|
#
|
1234
1390
|
# [1]: https://docs.aws.amazon.com/waf/latest/developerguide/limits.html
|
1235
|
-
# [2]: https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html
|
1236
1391
|
# @return [Array<Types::CustomHTTPHeader>]
|
1237
1392
|
#
|
1238
1393
|
# @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/CustomRequestHandling AWS API Documentation
|
@@ -1248,25 +1403,23 @@ module Aws::WAFV2
|
|
1248
1403
|
# BlockAction.
|
1249
1404
|
#
|
1250
1405
|
# For information about customizing web requests and responses, see
|
1251
|
-
# [Customizing web requests and responses in WAF][1] in the
|
1252
|
-
# Developer Guide
|
1406
|
+
# [Customizing web requests and responses in WAF][1] in the *WAF
|
1407
|
+
# Developer Guide*.
|
1253
1408
|
#
|
1254
1409
|
#
|
1255
1410
|
#
|
1256
1411
|
# [1]: https://docs.aws.amazon.com/waf/latest/developerguide/waf-custom-request-response.html
|
1257
|
-
# [2]: https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html
|
1258
1412
|
#
|
1259
1413
|
# @!attribute [rw] response_code
|
1260
1414
|
# The HTTP status code to return to the client.
|
1261
1415
|
#
|
1262
1416
|
# For a list of status codes that you can use in your custom
|
1263
1417
|
# responses, see [Supported status codes for custom response][1] in
|
1264
|
-
# the
|
1418
|
+
# the *WAF Developer Guide*.
|
1265
1419
|
#
|
1266
1420
|
#
|
1267
1421
|
#
|
1268
1422
|
# [1]: https://docs.aws.amazon.com/waf/latest/developerguide/customizing-the-response-status-codes.html
|
1269
|
-
# [2]: https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html
|
1270
1423
|
# @return [Integer]
|
1271
1424
|
#
|
1272
1425
|
# @!attribute [rw] custom_response_body_key
|
@@ -1285,13 +1438,12 @@ module Aws::WAFV2
|
|
1285
1438
|
# not allowed.
|
1286
1439
|
#
|
1287
1440
|
# For information about the limits on count and size for custom
|
1288
|
-
# request and response settings, see [WAF quotas][1] in the
|
1289
|
-
# Developer Guide
|
1441
|
+
# request and response settings, see [WAF quotas][1] in the *WAF
|
1442
|
+
# Developer Guide*.
|
1290
1443
|
#
|
1291
1444
|
#
|
1292
1445
|
#
|
1293
1446
|
# [1]: https://docs.aws.amazon.com/waf/latest/developerguide/limits.html
|
1294
|
-
# [2]: https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html
|
1295
1447
|
# @return [Array<Types::CustomHTTPHeader>]
|
1296
1448
|
#
|
1297
1449
|
# @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/CustomResponse AWS API Documentation
|
@@ -1319,13 +1471,12 @@ module Aws::WAFV2
|
|
1319
1471
|
# must specify JSON content in the `ContentType` setting.
|
1320
1472
|
#
|
1321
1473
|
# For information about the limits on count and size for custom
|
1322
|
-
# request and response settings, see [WAF quotas][1] in the
|
1323
|
-
# Developer Guide
|
1474
|
+
# request and response settings, see [WAF quotas][1] in the *WAF
|
1475
|
+
# Developer Guide*.
|
1324
1476
|
#
|
1325
1477
|
#
|
1326
1478
|
#
|
1327
1479
|
# [1]: https://docs.aws.amazon.com/waf/latest/developerguide/limits.html
|
1328
|
-
# [2]: https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html
|
1329
1480
|
# @return [String]
|
1330
1481
|
#
|
1331
1482
|
# @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/CustomResponseBody AWS API Documentation
|
@@ -1412,7 +1563,7 @@ module Aws::WAFV2
|
|
1412
1563
|
# Specifies whether this is for an Amazon CloudFront distribution or
|
1413
1564
|
# for a regional application. A regional application can be an
|
1414
1565
|
# Application Load Balancer (ALB), an Amazon API Gateway REST API, an
|
1415
|
-
# AppSync GraphQL API,
|
1566
|
+
# AppSync GraphQL API, an Amazon Cognito user pool, or an App Runner
|
1416
1567
|
# service.
|
1417
1568
|
#
|
1418
1569
|
# To work with CloudFront, you must also specify the Region US East
|
@@ -1502,7 +1653,7 @@ module Aws::WAFV2
|
|
1502
1653
|
# Specifies whether this is for an Amazon CloudFront distribution or
|
1503
1654
|
# for a regional application. A regional application can be an
|
1504
1655
|
# Application Load Balancer (ALB), an Amazon API Gateway REST API, an
|
1505
|
-
# AppSync GraphQL API,
|
1656
|
+
# AppSync GraphQL API, an Amazon Cognito user pool, or an App Runner
|
1506
1657
|
# service.
|
1507
1658
|
#
|
1508
1659
|
# To work with CloudFront, you must also specify the Region US East
|
@@ -1556,7 +1707,7 @@ module Aws::WAFV2
|
|
1556
1707
|
# Specifies whether this is for an Amazon CloudFront distribution or
|
1557
1708
|
# for a regional application. A regional application can be an
|
1558
1709
|
# Application Load Balancer (ALB), an Amazon API Gateway REST API, an
|
1559
|
-
# AppSync GraphQL API,
|
1710
|
+
# AppSync GraphQL API, an Amazon Cognito user pool, or an App Runner
|
1560
1711
|
# service.
|
1561
1712
|
#
|
1562
1713
|
# To work with CloudFront, you must also specify the Region US East
|
@@ -1610,7 +1761,7 @@ module Aws::WAFV2
|
|
1610
1761
|
# Specifies whether this is for an Amazon CloudFront distribution or
|
1611
1762
|
# for a regional application. A regional application can be an
|
1612
1763
|
# Application Load Balancer (ALB), an Amazon API Gateway REST API, an
|
1613
|
-
# AppSync GraphQL API,
|
1764
|
+
# AppSync GraphQL API, an Amazon Cognito user pool, or an App Runner
|
1614
1765
|
# service.
|
1615
1766
|
#
|
1616
1767
|
# To work with CloudFront, you must also specify the Region US East
|
@@ -1669,7 +1820,7 @@ module Aws::WAFV2
|
|
1669
1820
|
# Specifies whether this is for an Amazon CloudFront distribution or
|
1670
1821
|
# for a regional application. A regional application can be an
|
1671
1822
|
# Application Load Balancer (ALB), an Amazon API Gateway REST API, an
|
1672
|
-
# AppSync GraphQL API,
|
1823
|
+
# AppSync GraphQL API, an Amazon Cognito user pool, or an App Runner
|
1673
1824
|
# service.
|
1674
1825
|
#
|
1675
1826
|
# To work with CloudFront, you must also specify the Region US East
|
@@ -1716,13 +1867,21 @@ module Aws::WAFV2
|
|
1716
1867
|
# @return [String]
|
1717
1868
|
#
|
1718
1869
|
# @!attribute [rw] capacity
|
1719
|
-
# The web ACL capacity units (WCUs) required for this rule group.
|
1720
|
-
#
|
1721
|
-
#
|
1722
|
-
#
|
1723
|
-
#
|
1724
|
-
#
|
1725
|
-
#
|
1870
|
+
# The web ACL capacity units (WCUs) required for this rule group.
|
1871
|
+
#
|
1872
|
+
# WAF uses WCUs to calculate and control the operating resources that
|
1873
|
+
# are used to run your rules, rule groups, and web ACLs. WAF
|
1874
|
+
# calculates capacity differently for each rule type, to reflect the
|
1875
|
+
# relative cost of each rule. Simple rules that cost little to run use
|
1876
|
+
# fewer WCUs than more complex rules that use more processing power.
|
1877
|
+
# Rule group capacity is fixed at creation, which helps users plan
|
1878
|
+
# their web ACL WCU usage when they use a rule group. For more
|
1879
|
+
# information, see [WAF web ACL capacity units (WCU)][1] in the *WAF
|
1880
|
+
# Developer Guide*.
|
1881
|
+
#
|
1882
|
+
#
|
1883
|
+
#
|
1884
|
+
# [1]: https://docs.aws.amazon.com/waf/latest/developerguide/aws-waf-capacity-units.html
|
1726
1885
|
# @return [Integer]
|
1727
1886
|
#
|
1728
1887
|
# @!attribute [rw] rules
|
@@ -1779,20 +1938,22 @@ module Aws::WAFV2
|
|
1779
1938
|
# The ARN must be in one of the following formats:
|
1780
1939
|
#
|
1781
1940
|
# * For an Application Load Balancer:
|
1782
|
-
# `arn:
|
1941
|
+
# `arn:partition:elasticloadbalancing:region:account-id:loadbalancer/app/load-balancer-name/load-balancer-id
|
1783
1942
|
# `
|
1784
1943
|
#
|
1785
1944
|
# * For an Amazon API Gateway REST API:
|
1786
|
-
# `arn:
|
1945
|
+
# `arn:partition:apigateway:region::/restapis/api-id/stages/stage-name
|
1946
|
+
# `
|
1787
1947
|
#
|
1788
1948
|
# * For an AppSync GraphQL API:
|
1789
|
-
# `arn:
|
1949
|
+
# `arn:partition:appsync:region:account-id:apis/GraphQLApiId `
|
1790
1950
|
#
|
1791
1951
|
# * For an Amazon Cognito user pool:
|
1792
|
-
# `arn:
|
1952
|
+
# `arn:partition:cognito-idp:region:account-id:userpool/user-pool-id
|
1953
|
+
# `
|
1793
1954
|
#
|
1794
1955
|
# * For an App Runner service:
|
1795
|
-
# `arn:
|
1956
|
+
# `arn:partition:apprunner:region:account-id:service/apprunner-service-name/apprunner-service-id
|
1796
1957
|
# `
|
1797
1958
|
# @return [String]
|
1798
1959
|
#
|
@@ -1882,10 +2043,15 @@ module Aws::WAFV2
|
|
1882
2043
|
# contains any additional data that you want to send to your web
|
1883
2044
|
# server as the HTTP request body, such as data from a form.
|
1884
2045
|
#
|
1885
|
-
#
|
1886
|
-
#
|
1887
|
-
#
|
1888
|
-
#
|
2046
|
+
# A limited amount of the request body is forwarded to WAF for
|
2047
|
+
# inspection by the underlying host service. For regional resources,
|
2048
|
+
# the limit is 8 KB (8,192 kilobytes) and for CloudFront
|
2049
|
+
# distributions, the limit is 16 KB (16,384 kilobytes). For CloudFront
|
2050
|
+
# distributions, you can increase the limit in the web ACL's
|
2051
|
+
# `AssociationConfig`, for additional processing fees.
|
2052
|
+
#
|
2053
|
+
# For information about how to handle oversized request bodies, see
|
2054
|
+
# the `Body` object configuration.
|
1889
2055
|
# @return [Types::Body]
|
1890
2056
|
#
|
1891
2057
|
# @!attribute [rw] method
|
@@ -1899,10 +2065,15 @@ module Aws::WAFV2
|
|
1899
2065
|
# contains any additional data that you want to send to your web
|
1900
2066
|
# server as the HTTP request body, such as data from a form.
|
1901
2067
|
#
|
1902
|
-
#
|
1903
|
-
#
|
1904
|
-
#
|
1905
|
-
#
|
2068
|
+
# A limited amount of the request body is forwarded to WAF for
|
2069
|
+
# inspection by the underlying host service. For regional resources,
|
2070
|
+
# the limit is 8 KB (8,192 kilobytes) and for CloudFront
|
2071
|
+
# distributions, the limit is 16 KB (16,384 kilobytes). For CloudFront
|
2072
|
+
# distributions, you can increase the limit in the web ACL's
|
2073
|
+
# `AssociationConfig`, for additional processing fees.
|
2074
|
+
#
|
2075
|
+
# For information about how to handle oversized request bodies, see
|
2076
|
+
# the `JsonBody` object configuration.
|
1906
2077
|
# @return [Types::JsonBody]
|
1907
2078
|
#
|
1908
2079
|
# @!attribute [rw] headers
|
@@ -2033,40 +2204,19 @@ module Aws::WAFV2
|
|
2033
2204
|
end
|
2034
2205
|
|
2035
2206
|
# The processing guidance for an Firewall Manager rule. This is like a
|
2036
|
-
# regular rule Statement, but it can only contain a rule group
|
2207
|
+
# regular rule Statement, but it can only contain a single rule group
|
2037
2208
|
# reference.
|
2038
2209
|
#
|
2039
2210
|
# @!attribute [rw] managed_rule_group_statement
|
2040
|
-
# A
|
2041
|
-
#
|
2042
|
-
#
|
2043
|
-
# calling ListAvailableManagedRuleGroups.
|
2044
|
-
#
|
2045
|
-
# You cannot nest a `ManagedRuleGroupStatement`, for example for use
|
2046
|
-
# inside a `NotStatement` or `OrStatement`. It can only be referenced
|
2047
|
-
# as a top-level statement within a rule.
|
2048
|
-
#
|
2049
|
-
# <note markdown="1"> You are charged additional fees when you use the WAF Bot Control
|
2050
|
-
# managed rule group `AWSManagedRulesBotControlRuleSet` or the WAF
|
2051
|
-
# Fraud Control account takeover prevention (ATP) managed rule group
|
2052
|
-
# `AWSManagedRulesATPRuleSet`. For more information, see [WAF
|
2053
|
-
# Pricing][1].
|
2054
|
-
#
|
2055
|
-
# </note>
|
2056
|
-
#
|
2057
|
-
#
|
2058
|
-
#
|
2059
|
-
# [1]: http://aws.amazon.com/waf/pricing/
|
2211
|
+
# A statement used by Firewall Manager to run the rules that are
|
2212
|
+
# defined in a managed rule group. This is managed by Firewall Manager
|
2213
|
+
# for an Firewall Manager WAF policy.
|
2060
2214
|
# @return [Types::ManagedRuleGroupStatement]
|
2061
2215
|
#
|
2062
2216
|
# @!attribute [rw] rule_group_reference_statement
|
2063
|
-
# A
|
2064
|
-
#
|
2065
|
-
#
|
2066
|
-
#
|
2067
|
-
# You cannot nest a `RuleGroupReferenceStatement`, for example for use
|
2068
|
-
# inside a `NotStatement` or `OrStatement`. You can only use a rule
|
2069
|
-
# group reference statement at the top level inside a web ACL.
|
2217
|
+
# A statement used by Firewall Manager to run the rules that are
|
2218
|
+
# defined in a rule group. This is managed by Firewall Manager for an
|
2219
|
+
# Firewall Manager WAF policy.
|
2070
2220
|
# @return [Types::RuleGroupReferenceStatement]
|
2071
2221
|
#
|
2072
2222
|
# @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/FirewallManagerStatement AWS API Documentation
|
@@ -2234,6 +2384,52 @@ module Aws::WAFV2
|
|
2234
2384
|
include Aws::Structure
|
2235
2385
|
end
|
2236
2386
|
|
2387
|
+
# @!attribute [rw] scope
|
2388
|
+
# Specifies whether this is for an Amazon CloudFront distribution or
|
2389
|
+
# for a regional application. A regional application can be an
|
2390
|
+
# Application Load Balancer (ALB), an Amazon API Gateway REST API, an
|
2391
|
+
# AppSync GraphQL API, an Amazon Cognito user pool, or an App Runner
|
2392
|
+
# service.
|
2393
|
+
#
|
2394
|
+
# To work with CloudFront, you must also specify the Region US East
|
2395
|
+
# (N. Virginia) as follows:
|
2396
|
+
#
|
2397
|
+
# * CLI - Specify the Region when you use the CloudFront scope:
|
2398
|
+
# `--scope=CLOUDFRONT --region=us-east-1`.
|
2399
|
+
#
|
2400
|
+
# * API and SDKs - For all calls, use the Region endpoint us-east-1.
|
2401
|
+
# @return [String]
|
2402
|
+
#
|
2403
|
+
# @!attribute [rw] api_key
|
2404
|
+
# The encrypted API key.
|
2405
|
+
# @return [String]
|
2406
|
+
#
|
2407
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/GetDecryptedAPIKeyRequest AWS API Documentation
|
2408
|
+
#
|
2409
|
+
class GetDecryptedAPIKeyRequest < Struct.new(
|
2410
|
+
:scope,
|
2411
|
+
:api_key)
|
2412
|
+
SENSITIVE = []
|
2413
|
+
include Aws::Structure
|
2414
|
+
end
|
2415
|
+
|
2416
|
+
# @!attribute [rw] token_domains
|
2417
|
+
# The token domains that are defined in this API key.
|
2418
|
+
# @return [Array<String>]
|
2419
|
+
#
|
2420
|
+
# @!attribute [rw] creation_timestamp
|
2421
|
+
# The date and time that the key was created.
|
2422
|
+
# @return [Time]
|
2423
|
+
#
|
2424
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/GetDecryptedAPIKeyResponse AWS API Documentation
|
2425
|
+
#
|
2426
|
+
class GetDecryptedAPIKeyResponse < Struct.new(
|
2427
|
+
:token_domains,
|
2428
|
+
:creation_timestamp)
|
2429
|
+
SENSITIVE = []
|
2430
|
+
include Aws::Structure
|
2431
|
+
end
|
2432
|
+
|
2237
2433
|
# @!attribute [rw] name
|
2238
2434
|
# The name of the IP set. You cannot change the name of an `IPSet`
|
2239
2435
|
# after you create it.
|
@@ -2243,7 +2439,7 @@ module Aws::WAFV2
|
|
2243
2439
|
# Specifies whether this is for an Amazon CloudFront distribution or
|
2244
2440
|
# for a regional application. A regional application can be an
|
2245
2441
|
# Application Load Balancer (ALB), an Amazon API Gateway REST API, an
|
2246
|
-
# AppSync GraphQL API,
|
2442
|
+
# AppSync GraphQL API, an Amazon Cognito user pool, or an App Runner
|
2247
2443
|
# service.
|
2248
2444
|
#
|
2249
2445
|
# To work with CloudFront, you must also specify the Region US East
|
@@ -2332,7 +2528,7 @@ module Aws::WAFV2
|
|
2332
2528
|
# Specifies whether this is for an Amazon CloudFront distribution or
|
2333
2529
|
# for a regional application. A regional application can be an
|
2334
2530
|
# Application Load Balancer (ALB), an Amazon API Gateway REST API, an
|
2335
|
-
# AppSync GraphQL API,
|
2531
|
+
# AppSync GraphQL API, an Amazon Cognito user pool, or an App Runner
|
2336
2532
|
# service.
|
2337
2533
|
#
|
2338
2534
|
# To work with CloudFront, you must also specify the Region US East
|
@@ -2445,7 +2641,7 @@ module Aws::WAFV2
|
|
2445
2641
|
# Specifies whether this is for an Amazon CloudFront distribution or
|
2446
2642
|
# for a regional application. A regional application can be an
|
2447
2643
|
# Application Load Balancer (ALB), an Amazon API Gateway REST API, an
|
2448
|
-
# AppSync GraphQL API,
|
2644
|
+
# AppSync GraphQL API, an Amazon Cognito user pool, or an App Runner
|
2449
2645
|
# service.
|
2450
2646
|
#
|
2451
2647
|
# To work with CloudFront, you must also specify the Region US East
|
@@ -2519,7 +2715,7 @@ module Aws::WAFV2
|
|
2519
2715
|
# Specifies whether this is for an Amazon CloudFront distribution or
|
2520
2716
|
# for a regional application. A regional application can be an
|
2521
2717
|
# Application Load Balancer (ALB), an Amazon API Gateway REST API, an
|
2522
|
-
# AppSync GraphQL API,
|
2718
|
+
# AppSync GraphQL API, an Amazon Cognito user pool, or an App Runner
|
2523
2719
|
# service.
|
2524
2720
|
#
|
2525
2721
|
# To work with CloudFront, you must also specify the Region US East
|
@@ -2580,7 +2776,7 @@ module Aws::WAFV2
|
|
2580
2776
|
# Specifies whether this is for an Amazon CloudFront distribution or
|
2581
2777
|
# for a regional application. A regional application can be an
|
2582
2778
|
# Application Load Balancer (ALB), an Amazon API Gateway REST API, an
|
2583
|
-
# AppSync GraphQL API,
|
2779
|
+
# AppSync GraphQL API, an Amazon Cognito user pool, or an App Runner
|
2584
2780
|
# service.
|
2585
2781
|
#
|
2586
2782
|
# To work with CloudFront, you must also specify the Region US East
|
@@ -2651,7 +2847,7 @@ module Aws::WAFV2
|
|
2651
2847
|
# Specifies whether this is for an Amazon CloudFront distribution or
|
2652
2848
|
# for a regional application. A regional application can be an
|
2653
2849
|
# Application Load Balancer (ALB), an Amazon API Gateway REST API, an
|
2654
|
-
# AppSync GraphQL API,
|
2850
|
+
# AppSync GraphQL API, an Amazon Cognito user pool, or an App Runner
|
2655
2851
|
# service.
|
2656
2852
|
#
|
2657
2853
|
# To work with CloudFront, you must also specify the Region US East
|
@@ -2731,20 +2927,22 @@ module Aws::WAFV2
|
|
2731
2927
|
# The ARN must be in one of the following formats:
|
2732
2928
|
#
|
2733
2929
|
# * For an Application Load Balancer:
|
2734
|
-
# `arn:
|
2930
|
+
# `arn:partition:elasticloadbalancing:region:account-id:loadbalancer/app/load-balancer-name/load-balancer-id
|
2735
2931
|
# `
|
2736
2932
|
#
|
2737
2933
|
# * For an Amazon API Gateway REST API:
|
2738
|
-
# `arn:
|
2934
|
+
# `arn:partition:apigateway:region::/restapis/api-id/stages/stage-name
|
2935
|
+
# `
|
2739
2936
|
#
|
2740
2937
|
# * For an AppSync GraphQL API:
|
2741
|
-
# `arn:
|
2938
|
+
# `arn:partition:appsync:region:account-id:apis/GraphQLApiId `
|
2742
2939
|
#
|
2743
2940
|
# * For an Amazon Cognito user pool:
|
2744
|
-
# `arn:
|
2941
|
+
# `arn:partition:cognito-idp:region:account-id:userpool/user-pool-id
|
2942
|
+
# `
|
2745
2943
|
#
|
2746
2944
|
# * For an App Runner service:
|
2747
|
-
# `arn:
|
2945
|
+
# `arn:partition:apprunner:region:account-id:service/apprunner-service-name/apprunner-service-id
|
2748
2946
|
# `
|
2749
2947
|
# @return [String]
|
2750
2948
|
#
|
@@ -2778,7 +2976,7 @@ module Aws::WAFV2
|
|
2778
2976
|
# Specifies whether this is for an Amazon CloudFront distribution or
|
2779
2977
|
# for a regional application. A regional application can be an
|
2780
2978
|
# Application Load Balancer (ALB), an Amazon API Gateway REST API, an
|
2781
|
-
# AppSync GraphQL API,
|
2979
|
+
# AppSync GraphQL API, an Amazon Cognito user pool, or an App Runner
|
2782
2980
|
# service.
|
2783
2981
|
#
|
2784
2982
|
# To work with CloudFront, you must also specify the Region US East
|
@@ -3347,10 +3545,16 @@ module Aws::WAFV2
|
|
3347
3545
|
#
|
3348
3546
|
# @!attribute [rw] oversize_handling
|
3349
3547
|
# What WAF should do if the body is larger than WAF can inspect. WAF
|
3350
|
-
# does not support inspecting the entire contents of the
|
3351
|
-
#
|
3352
|
-
#
|
3353
|
-
#
|
3548
|
+
# does not support inspecting the entire contents of the web request
|
3549
|
+
# body if the body exceeds the limit for the resource type. If the
|
3550
|
+
# body is larger than the limit, the underlying host service only
|
3551
|
+
# forwards the contents that are below the limit to WAF for
|
3552
|
+
# inspection.
|
3553
|
+
#
|
3554
|
+
# The default limit is 8 KB (8,192 kilobytes) for regional resources
|
3555
|
+
# and 16 KB (16,384 kilobytes) for CloudFront distributions. For
|
3556
|
+
# CloudFront distributions, you can increase the limit in the web ACL
|
3557
|
+
# `AssociationConfig`, for additional processing fees.
|
3354
3558
|
#
|
3355
3559
|
# The options for oversize handling are the following:
|
3356
3560
|
#
|
@@ -3365,7 +3569,7 @@ module Aws::WAFV2
|
|
3365
3569
|
#
|
3366
3570
|
# You can combine the `MATCH` or `NO_MATCH` settings for oversize
|
3367
3571
|
# handling with your rule and web ACL action settings, so that you
|
3368
|
-
# block any request whose body is over
|
3572
|
+
# block any request whose body is over the limit.
|
3369
3573
|
#
|
3370
3574
|
# Default: `CONTINUE`
|
3371
3575
|
# @return [String]
|
@@ -3523,6 +3727,83 @@ module Aws::WAFV2
|
|
3523
3727
|
include Aws::Structure
|
3524
3728
|
end
|
3525
3729
|
|
3730
|
+
# @!attribute [rw] scope
|
3731
|
+
# Specifies whether this is for an Amazon CloudFront distribution or
|
3732
|
+
# for a regional application. A regional application can be an
|
3733
|
+
# Application Load Balancer (ALB), an Amazon API Gateway REST API, an
|
3734
|
+
# AppSync GraphQL API, an Amazon Cognito user pool, or an App Runner
|
3735
|
+
# service.
|
3736
|
+
#
|
3737
|
+
# To work with CloudFront, you must also specify the Region US East
|
3738
|
+
# (N. Virginia) as follows:
|
3739
|
+
#
|
3740
|
+
# * CLI - Specify the Region when you use the CloudFront scope:
|
3741
|
+
# `--scope=CLOUDFRONT --region=us-east-1`.
|
3742
|
+
#
|
3743
|
+
# * API and SDKs - For all calls, use the Region endpoint us-east-1.
|
3744
|
+
# @return [String]
|
3745
|
+
#
|
3746
|
+
# @!attribute [rw] next_marker
|
3747
|
+
# When you request a list of objects with a `Limit` setting, if the
|
3748
|
+
# number of objects that are still available for retrieval exceeds the
|
3749
|
+
# limit, WAF returns a `NextMarker` value in the response. To retrieve
|
3750
|
+
# the next batch of objects, provide the marker from the prior call in
|
3751
|
+
# your next request.
|
3752
|
+
# @return [String]
|
3753
|
+
#
|
3754
|
+
# @!attribute [rw] limit
|
3755
|
+
# The maximum number of objects that you want WAF to return for this
|
3756
|
+
# request. If more objects are available, in the response, WAF
|
3757
|
+
# provides a `NextMarker` value that you can use in a subsequent call
|
3758
|
+
# to get the next batch of objects.
|
3759
|
+
# @return [Integer]
|
3760
|
+
#
|
3761
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/ListAPIKeysRequest AWS API Documentation
|
3762
|
+
#
|
3763
|
+
class ListAPIKeysRequest < Struct.new(
|
3764
|
+
:scope,
|
3765
|
+
:next_marker,
|
3766
|
+
:limit)
|
3767
|
+
SENSITIVE = []
|
3768
|
+
include Aws::Structure
|
3769
|
+
end
|
3770
|
+
|
3771
|
+
# @!attribute [rw] next_marker
|
3772
|
+
# When you request a list of objects with a `Limit` setting, if the
|
3773
|
+
# number of objects that are still available for retrieval exceeds the
|
3774
|
+
# limit, WAF returns a `NextMarker` value in the response. To retrieve
|
3775
|
+
# the next batch of objects, provide the marker from the prior call in
|
3776
|
+
# your next request.
|
3777
|
+
# @return [String]
|
3778
|
+
#
|
3779
|
+
# @!attribute [rw] api_key_summaries
|
3780
|
+
# The array of key summaries. If you specified a `Limit` in your
|
3781
|
+
# request, this might not be the full list.
|
3782
|
+
# @return [Array<Types::APIKeySummary>]
|
3783
|
+
#
|
3784
|
+
# @!attribute [rw] application_integration_url
|
3785
|
+
# The CAPTCHA application integration URL, for use in your JavaScript
|
3786
|
+
# implementation.
|
3787
|
+
#
|
3788
|
+
# For information about how to use this in your CAPTCHA JavaScript
|
3789
|
+
# integration, see [WAF client application integration][1] in the *WAF
|
3790
|
+
# Developer Guide*.
|
3791
|
+
#
|
3792
|
+
#
|
3793
|
+
#
|
3794
|
+
# [1]: https://docs.aws.amazon.com/waf/latest/developerguide/waf-application-integration.html
|
3795
|
+
# @return [String]
|
3796
|
+
#
|
3797
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/ListAPIKeysResponse AWS API Documentation
|
3798
|
+
#
|
3799
|
+
class ListAPIKeysResponse < Struct.new(
|
3800
|
+
:next_marker,
|
3801
|
+
:api_key_summaries,
|
3802
|
+
:application_integration_url)
|
3803
|
+
SENSITIVE = []
|
3804
|
+
include Aws::Structure
|
3805
|
+
end
|
3806
|
+
|
3526
3807
|
# @!attribute [rw] vendor_name
|
3527
3808
|
# The name of the managed rule group vendor. You use this, along with
|
3528
3809
|
# the rule group name, to identify the rule group.
|
@@ -3537,7 +3818,7 @@ module Aws::WAFV2
|
|
3537
3818
|
# Specifies whether this is for an Amazon CloudFront distribution or
|
3538
3819
|
# for a regional application. A regional application can be an
|
3539
3820
|
# Application Load Balancer (ALB), an Amazon API Gateway REST API, an
|
3540
|
-
# AppSync GraphQL API,
|
3821
|
+
# AppSync GraphQL API, an Amazon Cognito user pool, or an App Runner
|
3541
3822
|
# service.
|
3542
3823
|
#
|
3543
3824
|
# To work with CloudFront, you must also specify the Region US East
|
@@ -3586,7 +3867,8 @@ module Aws::WAFV2
|
|
3586
3867
|
#
|
3587
3868
|
# @!attribute [rw] versions
|
3588
3869
|
# The versions that are currently available for the specified managed
|
3589
|
-
# rule group.
|
3870
|
+
# rule group. If you specified a `Limit` in your request, this might
|
3871
|
+
# not be the full list.
|
3590
3872
|
# @return [Array<Types::ManagedRuleGroupVersion>]
|
3591
3873
|
#
|
3592
3874
|
# @!attribute [rw] current_default_version
|
@@ -3607,7 +3889,7 @@ module Aws::WAFV2
|
|
3607
3889
|
# Specifies whether this is for an Amazon CloudFront distribution or
|
3608
3890
|
# for a regional application. A regional application can be an
|
3609
3891
|
# Application Load Balancer (ALB), an Amazon API Gateway REST API, an
|
3610
|
-
# AppSync GraphQL API,
|
3892
|
+
# AppSync GraphQL API, an Amazon Cognito user pool, or an App Runner
|
3611
3893
|
# service.
|
3612
3894
|
#
|
3613
3895
|
# To work with CloudFront, you must also specify the Region US East
|
@@ -3653,6 +3935,8 @@ module Aws::WAFV2
|
|
3653
3935
|
# @return [String]
|
3654
3936
|
#
|
3655
3937
|
# @!attribute [rw] managed_rule_groups
|
3938
|
+
# Array of managed rule groups that you can use. If you specified a
|
3939
|
+
# `Limit` in your request, this might not be the full list.
|
3656
3940
|
# @return [Array<Types::ManagedRuleGroupSummary>]
|
3657
3941
|
#
|
3658
3942
|
# @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/ListAvailableManagedRuleGroupsResponse AWS API Documentation
|
@@ -3668,7 +3952,7 @@ module Aws::WAFV2
|
|
3668
3952
|
# Specifies whether this is for an Amazon CloudFront distribution or
|
3669
3953
|
# for a regional application. A regional application can be an
|
3670
3954
|
# Application Load Balancer (ALB), an Amazon API Gateway REST API, an
|
3671
|
-
# AppSync GraphQL API,
|
3955
|
+
# AppSync GraphQL API, an Amazon Cognito user pool, or an App Runner
|
3672
3956
|
# service.
|
3673
3957
|
#
|
3674
3958
|
# To work with CloudFront, you must also specify the Region US East
|
@@ -3714,8 +3998,8 @@ module Aws::WAFV2
|
|
3714
3998
|
# @return [String]
|
3715
3999
|
#
|
3716
4000
|
# @!attribute [rw] ip_sets
|
3717
|
-
# Array of IPSets.
|
3718
|
-
#
|
4001
|
+
# Array of IPSets. If you specified a `Limit` in your request, this
|
4002
|
+
# might not be the full list.
|
3719
4003
|
# @return [Array<Types::IPSetSummary>]
|
3720
4004
|
#
|
3721
4005
|
# @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/ListIPSetsResponse AWS API Documentation
|
@@ -3731,7 +4015,7 @@ module Aws::WAFV2
|
|
3731
4015
|
# Specifies whether this is for an Amazon CloudFront distribution or
|
3732
4016
|
# for a regional application. A regional application can be an
|
3733
4017
|
# Application Load Balancer (ALB), an Amazon API Gateway REST API, an
|
3734
|
-
# AppSync GraphQL API,
|
4018
|
+
# AppSync GraphQL API, an Amazon Cognito user pool, or an App Runner
|
3735
4019
|
# service.
|
3736
4020
|
#
|
3737
4021
|
# To work with CloudFront, you must also specify the Region US East
|
@@ -3769,6 +4053,8 @@ module Aws::WAFV2
|
|
3769
4053
|
end
|
3770
4054
|
|
3771
4055
|
# @!attribute [rw] logging_configurations
|
4056
|
+
# Array of logging configurations. If you specified a `Limit` in your
|
4057
|
+
# request, this might not be the full list.
|
3772
4058
|
# @return [Array<Types::LoggingConfiguration>]
|
3773
4059
|
#
|
3774
4060
|
# @!attribute [rw] next_marker
|
@@ -3792,7 +4078,7 @@ module Aws::WAFV2
|
|
3792
4078
|
# Specifies whether this is for an Amazon CloudFront distribution or
|
3793
4079
|
# for a regional application. A regional application can be an
|
3794
4080
|
# Application Load Balancer (ALB), an Amazon API Gateway REST API, an
|
3795
|
-
# AppSync GraphQL API,
|
4081
|
+
# AppSync GraphQL API, an Amazon Cognito user pool, or an App Runner
|
3796
4082
|
# service.
|
3797
4083
|
#
|
3798
4084
|
# To work with CloudFront, you must also specify the Region US East
|
@@ -3838,7 +4124,8 @@ module Aws::WAFV2
|
|
3838
4124
|
# @return [String]
|
3839
4125
|
#
|
3840
4126
|
# @!attribute [rw] managed_rule_sets
|
3841
|
-
# Your managed rule sets.
|
4127
|
+
# Your managed rule sets. If you specified a `Limit` in your request,
|
4128
|
+
# this might not be the full list.
|
3842
4129
|
# @return [Array<Types::ManagedRuleSetSummary>]
|
3843
4130
|
#
|
3844
4131
|
# @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/ListManagedRuleSetsResponse AWS API Documentation
|
@@ -3880,7 +4167,9 @@ module Aws::WAFV2
|
|
3880
4167
|
end
|
3881
4168
|
|
3882
4169
|
# @!attribute [rw] release_summaries
|
3883
|
-
#
|
4170
|
+
# The high level information for the available SDK releases. If you
|
4171
|
+
# specified a `Limit` in your request, this might not be the full
|
4172
|
+
# list.
|
3884
4173
|
# @return [Array<Types::ReleaseSummary>]
|
3885
4174
|
#
|
3886
4175
|
# @!attribute [rw] next_marker
|
@@ -3904,7 +4193,7 @@ module Aws::WAFV2
|
|
3904
4193
|
# Specifies whether this is for an Amazon CloudFront distribution or
|
3905
4194
|
# for a regional application. A regional application can be an
|
3906
4195
|
# Application Load Balancer (ALB), an Amazon API Gateway REST API, an
|
3907
|
-
# AppSync GraphQL API,
|
4196
|
+
# AppSync GraphQL API, an Amazon Cognito user pool, or an App Runner
|
3908
4197
|
# service.
|
3909
4198
|
#
|
3910
4199
|
# To work with CloudFront, you must also specify the Region US East
|
@@ -3950,6 +4239,8 @@ module Aws::WAFV2
|
|
3950
4239
|
# @return [String]
|
3951
4240
|
#
|
3952
4241
|
# @!attribute [rw] regex_pattern_sets
|
4242
|
+
# Array of regex pattern sets. If you specified a `Limit` in your
|
4243
|
+
# request, this might not be the full list.
|
3953
4244
|
# @return [Array<Types::RegexPatternSetSummary>]
|
3954
4245
|
#
|
3955
4246
|
# @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/ListRegexPatternSetsResponse AWS API Documentation
|
@@ -3968,7 +4259,7 @@ module Aws::WAFV2
|
|
3968
4259
|
# @!attribute [rw] resource_type
|
3969
4260
|
# Used for web ACLs that are scoped for regional applications. A
|
3970
4261
|
# regional application can be an Application Load Balancer (ALB), an
|
3971
|
-
# Amazon API Gateway REST API, an AppSync GraphQL API,
|
4262
|
+
# Amazon API Gateway REST API, an AppSync GraphQL API, an Amazon
|
3972
4263
|
# Cognito user pool, or an App Runner service.
|
3973
4264
|
#
|
3974
4265
|
# <note markdown="1"> If you don't provide a resource type, the call uses the resource
|
@@ -4005,7 +4296,7 @@ module Aws::WAFV2
|
|
4005
4296
|
# Specifies whether this is for an Amazon CloudFront distribution or
|
4006
4297
|
# for a regional application. A regional application can be an
|
4007
4298
|
# Application Load Balancer (ALB), an Amazon API Gateway REST API, an
|
4008
|
-
# AppSync GraphQL API,
|
4299
|
+
# AppSync GraphQL API, an Amazon Cognito user pool, or an App Runner
|
4009
4300
|
# service.
|
4010
4301
|
#
|
4011
4302
|
# To work with CloudFront, you must also specify the Region US East
|
@@ -4051,6 +4342,8 @@ module Aws::WAFV2
|
|
4051
4342
|
# @return [String]
|
4052
4343
|
#
|
4053
4344
|
# @!attribute [rw] rule_groups
|
4345
|
+
# Array of rule groups. If you specified a `Limit` in your request,
|
4346
|
+
# this might not be the full list.
|
4054
4347
|
# @return [Array<Types::RuleGroupSummary>]
|
4055
4348
|
#
|
4056
4349
|
# @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/ListRuleGroupsResponse AWS API Documentation
|
@@ -4100,7 +4393,9 @@ module Aws::WAFV2
|
|
4100
4393
|
# @return [String]
|
4101
4394
|
#
|
4102
4395
|
# @!attribute [rw] tag_info_for_resource
|
4103
|
-
# The collection of tagging definitions for the resource.
|
4396
|
+
# The collection of tagging definitions for the resource. If you
|
4397
|
+
# specified a `Limit` in your request, this might not be the full
|
4398
|
+
# list.
|
4104
4399
|
# @return [Types::TagInfoForResource]
|
4105
4400
|
#
|
4106
4401
|
# @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/ListTagsForResourceResponse AWS API Documentation
|
@@ -4116,7 +4411,7 @@ module Aws::WAFV2
|
|
4116
4411
|
# Specifies whether this is for an Amazon CloudFront distribution or
|
4117
4412
|
# for a regional application. A regional application can be an
|
4118
4413
|
# Application Load Balancer (ALB), an Amazon API Gateway REST API, an
|
4119
|
-
# AppSync GraphQL API,
|
4414
|
+
# AppSync GraphQL API, an Amazon Cognito user pool, or an App Runner
|
4120
4415
|
# service.
|
4121
4416
|
#
|
4122
4417
|
# To work with CloudFront, you must also specify the Region US East
|
@@ -4162,6 +4457,8 @@ module Aws::WAFV2
|
|
4162
4457
|
# @return [String]
|
4163
4458
|
#
|
4164
4459
|
# @!attribute [rw] web_acls
|
4460
|
+
# Array of web ACLs. If you specified a `Limit` in your request, this
|
4461
|
+
# might not be the full list.
|
4165
4462
|
# @return [Array<Types::WebACLSummary>]
|
4166
4463
|
#
|
4167
4464
|
# @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/ListWebACLsResponse AWS API Documentation
|
@@ -4721,8 +5018,13 @@ module Aws::WAFV2
|
|
4721
5018
|
# relative cost of each rule. Simple rules that cost little to run use
|
4722
5019
|
# fewer WCUs than more complex rules that use more processing power.
|
4723
5020
|
# Rule group capacity is fixed at creation, which helps users plan
|
4724
|
-
# their web ACL WCU usage when they use a rule group.
|
4725
|
-
#
|
5021
|
+
# their web ACL WCU usage when they use a rule group. For more
|
5022
|
+
# information, see [WAF web ACL capacity units (WCU)][1] in the *WAF
|
5023
|
+
# Developer Guide*.
|
5024
|
+
#
|
5025
|
+
#
|
5026
|
+
#
|
5027
|
+
# [1]: https://docs.aws.amazon.com/waf/latest/developerguide/aws-waf-capacity-units.html
|
4726
5028
|
# @return [Integer]
|
4727
5029
|
#
|
4728
5030
|
# @!attribute [rw] forecasted_lifetime
|
@@ -4960,7 +5262,7 @@ module Aws::WAFV2
|
|
4960
5262
|
# Specifies whether this is for an Amazon CloudFront distribution or
|
4961
5263
|
# for a regional application. A regional application can be an
|
4962
5264
|
# Application Load Balancer (ALB), an Amazon API Gateway REST API, an
|
4963
|
-
# AppSync GraphQL API,
|
5265
|
+
# AppSync GraphQL API, an Amazon Cognito user pool, or an App Runner
|
4964
5266
|
# service.
|
4965
5267
|
#
|
4966
5268
|
# To work with CloudFront, you must also specify the Region US East
|
@@ -5043,8 +5345,7 @@ module Aws::WAFV2
|
|
5043
5345
|
#
|
5044
5346
|
# The policy specifications must conform to the following:
|
5045
5347
|
#
|
5046
|
-
# * The policy must be composed using IAM Policy version 2012-10-17
|
5047
|
-
# version 2015-01-01.
|
5348
|
+
# * The policy must be composed using IAM Policy version 2012-10-17.
|
5048
5349
|
#
|
5049
5350
|
# * The policy must include specifications for `Effect`, `Action`, and
|
5050
5351
|
# `Principal`.
|
@@ -5399,6 +5700,39 @@ module Aws::WAFV2
|
|
5399
5700
|
include Aws::Structure
|
5400
5701
|
end
|
5401
5702
|
|
5703
|
+
# Customizes the maximum size of the request body that your protected
|
5704
|
+
# CloudFront distributions forward to WAF for inspection. The default
|
5705
|
+
# size is 16 KB (16,384 kilobytes).
|
5706
|
+
#
|
5707
|
+
# <note markdown="1"> You are charged additional fees when your protected resources forward
|
5708
|
+
# body sizes that are larger than the default. For more information, see
|
5709
|
+
# [WAF Pricing][1].
|
5710
|
+
#
|
5711
|
+
# </note>
|
5712
|
+
#
|
5713
|
+
# This is used in the `AssociationConfig` of the web ACL.
|
5714
|
+
#
|
5715
|
+
#
|
5716
|
+
#
|
5717
|
+
# [1]: http://aws.amazon.com/waf/pricing/
|
5718
|
+
#
|
5719
|
+
# @!attribute [rw] default_size_inspection_limit
|
5720
|
+
# Specifies the maximum size of the web request body component that an
|
5721
|
+
# associated CloudFront distribution should send to WAF for
|
5722
|
+
# inspection. This applies to statements in the web ACL that inspect
|
5723
|
+
# the body or JSON body.
|
5724
|
+
#
|
5725
|
+
# Default: `16 KB (16,384 kilobytes)`
|
5726
|
+
# @return [String]
|
5727
|
+
#
|
5728
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/RequestBodyAssociatedResourceTypeConfig AWS API Documentation
|
5729
|
+
#
|
5730
|
+
class RequestBodyAssociatedResourceTypeConfig < Struct.new(
|
5731
|
+
:default_size_inspection_limit)
|
5732
|
+
SENSITIVE = []
|
5733
|
+
include Aws::Structure
|
5734
|
+
end
|
5735
|
+
|
5402
5736
|
# The criteria for inspecting login requests, used by the ATP rule group
|
5403
5737
|
# to validate credentials usage.
|
5404
5738
|
#
|
@@ -5905,8 +6239,13 @@ module Aws::WAFV2
|
|
5905
6239
|
# relative cost of each rule. Simple rules that cost little to run use
|
5906
6240
|
# fewer WCUs than more complex rules that use more processing power.
|
5907
6241
|
# Rule group capacity is fixed at creation, which helps users plan
|
5908
|
-
# their web ACL WCU usage when they use a rule group.
|
5909
|
-
#
|
6242
|
+
# their web ACL WCU usage when they use a rule group. For more
|
6243
|
+
# information, see [WAF web ACL capacity units (WCU)][1] in the *WAF
|
6244
|
+
# Developer Guide*.
|
6245
|
+
#
|
6246
|
+
#
|
6247
|
+
#
|
6248
|
+
# [1]: https://docs.aws.amazon.com/waf/latest/developerguide/aws-waf-capacity-units.html
|
5910
6249
|
# @return [Integer]
|
5911
6250
|
#
|
5912
6251
|
# @!attribute [rw] arn
|
@@ -5953,18 +6292,17 @@ module Aws::WAFV2
|
|
5953
6292
|
# the rules that you define in the rule group.
|
5954
6293
|
#
|
5955
6294
|
# For information about customizing web requests and responses, see
|
5956
|
-
# [Customizing web requests and responses in WAF][1] in the
|
5957
|
-
# Developer Guide
|
6295
|
+
# [Customizing web requests and responses in WAF][1] in the *WAF
|
6296
|
+
# Developer Guide*.
|
5958
6297
|
#
|
5959
6298
|
# For information about the limits on count and size for custom
|
5960
|
-
# request and response settings, see [WAF quotas][
|
5961
|
-
# Developer Guide
|
6299
|
+
# request and response settings, see [WAF quotas][2] in the *WAF
|
6300
|
+
# Developer Guide*.
|
5962
6301
|
#
|
5963
6302
|
#
|
5964
6303
|
#
|
5965
6304
|
# [1]: https://docs.aws.amazon.com/waf/latest/developerguide/waf-custom-request-response.html
|
5966
|
-
# [2]: https://docs.aws.amazon.com/waf/latest/developerguide/
|
5967
|
-
# [3]: https://docs.aws.amazon.com/waf/latest/developerguide/limits.html
|
6305
|
+
# [2]: https://docs.aws.amazon.com/waf/latest/developerguide/limits.html
|
5968
6306
|
# @return [Hash<String,Types::CustomResponseBody>]
|
5969
6307
|
#
|
5970
6308
|
# @!attribute [rw] available_labels
|
@@ -6251,9 +6589,14 @@ module Aws::WAFV2
|
|
6251
6589
|
# statement to look for query strings that are longer than 100 bytes.
|
6252
6590
|
#
|
6253
6591
|
# If you configure WAF to inspect the request body, WAF inspects only
|
6254
|
-
# the
|
6255
|
-
#
|
6256
|
-
#
|
6592
|
+
# the number of bytes of the body up to the limit for the web ACL. By
|
6593
|
+
# default, for regional web ACLs, this limit is 8 KB (8,192 kilobytes)
|
6594
|
+
# and for CloudFront web ACLs, this limit is 16 KB (16,384 kilobytes).
|
6595
|
+
# For CloudFront web ACLs, you can increase the limit in the web ACL
|
6596
|
+
# `AssociationConfig`, for additional fees. If you know that the request
|
6597
|
+
# body for your web requests should never exceed the inspection limit,
|
6598
|
+
# you could use a size constraint statement to block requests that have
|
6599
|
+
# a larger request body size.
|
6257
6600
|
#
|
6258
6601
|
# If you choose URI for the value of Part of the request to filter on,
|
6259
6602
|
# the slash (/) in the URI counts as one character. For example, the URI
|
@@ -6375,10 +6718,14 @@ module Aws::WAFV2
|
|
6375
6718
|
# 100 bytes.
|
6376
6719
|
#
|
6377
6720
|
# If you configure WAF to inspect the request body, WAF inspects only
|
6378
|
-
# the
|
6379
|
-
#
|
6380
|
-
#
|
6381
|
-
#
|
6721
|
+
# the number of bytes of the body up to the limit for the web ACL. By
|
6722
|
+
# default, for regional web ACLs, this limit is 8 KB (8,192 kilobytes)
|
6723
|
+
# and for CloudFront web ACLs, this limit is 16 KB (16,384 kilobytes).
|
6724
|
+
# For CloudFront web ACLs, you can increase the limit in the web ACL
|
6725
|
+
# `AssociationConfig`, for additional fees. If you know that the
|
6726
|
+
# request body for your web requests should never exceed the
|
6727
|
+
# inspection limit, you could use a size constraint statement to block
|
6728
|
+
# requests that have a larger request body size.
|
6382
6729
|
#
|
6383
6730
|
# If you choose URI for the value of Part of the request to filter on,
|
6384
6731
|
# the slash (/) in the URI counts as one character. For example, the
|
@@ -6893,7 +7240,7 @@ module Aws::WAFV2
|
|
6893
7240
|
# Specifies whether this is for an Amazon CloudFront distribution or
|
6894
7241
|
# for a regional application. A regional application can be an
|
6895
7242
|
# Application Load Balancer (ALB), an Amazon API Gateway REST API, an
|
6896
|
-
# AppSync GraphQL API,
|
7243
|
+
# AppSync GraphQL API, an Amazon Cognito user pool, or an App Runner
|
6897
7244
|
# service.
|
6898
7245
|
#
|
6899
7246
|
# To work with CloudFront, you must also specify the Region US East
|
@@ -7012,7 +7359,7 @@ module Aws::WAFV2
|
|
7012
7359
|
# Specifies whether this is for an Amazon CloudFront distribution or
|
7013
7360
|
# for a regional application. A regional application can be an
|
7014
7361
|
# Application Load Balancer (ALB), an Amazon API Gateway REST API, an
|
7015
|
-
# AppSync GraphQL API,
|
7362
|
+
# AppSync GraphQL API, an Amazon Cognito user pool, or an App Runner
|
7016
7363
|
# service.
|
7017
7364
|
#
|
7018
7365
|
# To work with CloudFront, you must also specify the Region US East
|
@@ -7111,7 +7458,7 @@ module Aws::WAFV2
|
|
7111
7458
|
# Specifies whether this is for an Amazon CloudFront distribution or
|
7112
7459
|
# for a regional application. A regional application can be an
|
7113
7460
|
# Application Load Balancer (ALB), an Amazon API Gateway REST API, an
|
7114
|
-
# AppSync GraphQL API,
|
7461
|
+
# AppSync GraphQL API, an Amazon Cognito user pool, or an App Runner
|
7115
7462
|
# service.
|
7116
7463
|
#
|
7117
7464
|
# To work with CloudFront, you must also specify the Region US East
|
@@ -7184,7 +7531,7 @@ module Aws::WAFV2
|
|
7184
7531
|
# Specifies whether this is for an Amazon CloudFront distribution or
|
7185
7532
|
# for a regional application. A regional application can be an
|
7186
7533
|
# Application Load Balancer (ALB), an Amazon API Gateway REST API, an
|
7187
|
-
# AppSync GraphQL API,
|
7534
|
+
# AppSync GraphQL API, an Amazon Cognito user pool, or an App Runner
|
7188
7535
|
# service.
|
7189
7536
|
#
|
7190
7537
|
# To work with CloudFront, you must also specify the Region US East
|
@@ -7237,18 +7584,17 @@ module Aws::WAFV2
|
|
7237
7584
|
# the rules that you define in the rule group.
|
7238
7585
|
#
|
7239
7586
|
# For information about customizing web requests and responses, see
|
7240
|
-
# [Customizing web requests and responses in WAF][1] in the
|
7241
|
-
# Developer Guide
|
7587
|
+
# [Customizing web requests and responses in WAF][1] in the *WAF
|
7588
|
+
# Developer Guide*.
|
7242
7589
|
#
|
7243
7590
|
# For information about the limits on count and size for custom
|
7244
|
-
# request and response settings, see [WAF quotas][
|
7245
|
-
# Developer Guide
|
7591
|
+
# request and response settings, see [WAF quotas][2] in the *WAF
|
7592
|
+
# Developer Guide*.
|
7246
7593
|
#
|
7247
7594
|
#
|
7248
7595
|
#
|
7249
7596
|
# [1]: https://docs.aws.amazon.com/waf/latest/developerguide/waf-custom-request-response.html
|
7250
|
-
# [2]: https://docs.aws.amazon.com/waf/latest/developerguide/
|
7251
|
-
# [3]: https://docs.aws.amazon.com/waf/latest/developerguide/limits.html
|
7597
|
+
# [2]: https://docs.aws.amazon.com/waf/latest/developerguide/limits.html
|
7252
7598
|
# @return [Hash<String,Types::CustomResponseBody>]
|
7253
7599
|
#
|
7254
7600
|
# @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/UpdateRuleGroupRequest AWS API Documentation
|
@@ -7289,7 +7635,7 @@ module Aws::WAFV2
|
|
7289
7635
|
# Specifies whether this is for an Amazon CloudFront distribution or
|
7290
7636
|
# for a regional application. A regional application can be an
|
7291
7637
|
# Application Load Balancer (ALB), an Amazon API Gateway REST API, an
|
7292
|
-
# AppSync GraphQL API,
|
7638
|
+
# AppSync GraphQL API, an Amazon Cognito user pool, or an App Runner
|
7293
7639
|
# service.
|
7294
7640
|
#
|
7295
7641
|
# To work with CloudFront, you must also specify the Region US East
|
@@ -7347,18 +7693,17 @@ module Aws::WAFV2
|
|
7347
7693
|
# rules and default actions that you define in the web ACL.
|
7348
7694
|
#
|
7349
7695
|
# For information about customizing web requests and responses, see
|
7350
|
-
# [Customizing web requests and responses in WAF][1] in the
|
7351
|
-
# Developer Guide
|
7696
|
+
# [Customizing web requests and responses in WAF][1] in the *WAF
|
7697
|
+
# Developer Guide*.
|
7352
7698
|
#
|
7353
7699
|
# For information about the limits on count and size for custom
|
7354
|
-
# request and response settings, see [WAF quotas][
|
7355
|
-
# Developer Guide
|
7700
|
+
# request and response settings, see [WAF quotas][2] in the *WAF
|
7701
|
+
# Developer Guide*.
|
7356
7702
|
#
|
7357
7703
|
#
|
7358
7704
|
#
|
7359
7705
|
# [1]: https://docs.aws.amazon.com/waf/latest/developerguide/waf-custom-request-response.html
|
7360
|
-
# [2]: https://docs.aws.amazon.com/waf/latest/developerguide/
|
7361
|
-
# [3]: https://docs.aws.amazon.com/waf/latest/developerguide/limits.html
|
7706
|
+
# [2]: https://docs.aws.amazon.com/waf/latest/developerguide/limits.html
|
7362
7707
|
# @return [Hash<String,Types::CustomResponseBody>]
|
7363
7708
|
#
|
7364
7709
|
# @!attribute [rw] captcha_config
|
@@ -7390,6 +7735,25 @@ module Aws::WAFV2
|
|
7390
7735
|
# `usa.gov` or `co.uk` as token domains.
|
7391
7736
|
# @return [Array<String>]
|
7392
7737
|
#
|
7738
|
+
# @!attribute [rw] association_config
|
7739
|
+
# Specifies custom configurations for the associations between the web
|
7740
|
+
# ACL and protected resources.
|
7741
|
+
#
|
7742
|
+
# Use this to customize the maximum size of the request body that your
|
7743
|
+
# protected CloudFront distributions forward to WAF for inspection.
|
7744
|
+
# The default is 16 KB (16,384 kilobytes).
|
7745
|
+
#
|
7746
|
+
# <note markdown="1"> You are charged additional fees when your protected resources
|
7747
|
+
# forward body sizes that are larger than the default. For more
|
7748
|
+
# information, see [WAF Pricing][1].
|
7749
|
+
#
|
7750
|
+
# </note>
|
7751
|
+
#
|
7752
|
+
#
|
7753
|
+
#
|
7754
|
+
# [1]: http://aws.amazon.com/waf/pricing/
|
7755
|
+
# @return [Types::AssociationConfig]
|
7756
|
+
#
|
7393
7757
|
# @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/UpdateWebACLRequest AWS API Documentation
|
7394
7758
|
#
|
7395
7759
|
class UpdateWebACLRequest < Struct.new(
|
@@ -7404,7 +7768,8 @@ module Aws::WAFV2
|
|
7404
7768
|
:custom_response_bodies,
|
7405
7769
|
:captcha_config,
|
7406
7770
|
:challenge_config,
|
7407
|
-
:token_domains
|
7771
|
+
:token_domains,
|
7772
|
+
:association_config)
|
7408
7773
|
SENSITIVE = []
|
7409
7774
|
include Aws::Structure
|
7410
7775
|
end
|
@@ -7499,7 +7864,7 @@ module Aws::WAFV2
|
|
7499
7864
|
# @!attribute [rw] cloud_watch_metrics_enabled
|
7500
7865
|
# A boolean indicating whether the associated resource sends metrics
|
7501
7866
|
# to Amazon CloudWatch. For the list of available metrics, see [WAF
|
7502
|
-
# Metrics][1]
|
7867
|
+
# Metrics][1] in the *WAF Developer Guide*.
|
7503
7868
|
#
|
7504
7869
|
#
|
7505
7870
|
#
|
@@ -7665,8 +8030,7 @@ module Aws::WAFV2
|
|
7665
8030
|
#
|
7666
8031
|
# The policy specifications must conform to the following:
|
7667
8032
|
#
|
7668
|
-
# * The policy must be composed using IAM Policy version 2012-10-17
|
7669
|
-
# version 2015-01-01.
|
8033
|
+
# * The policy must be composed using IAM Policy version 2012-10-17.
|
7670
8034
|
#
|
7671
8035
|
# * The policy must include specifications for `Effect`, `Action`, and
|
7672
8036
|
# `Principal`.
|
@@ -7871,7 +8235,7 @@ module Aws::WAFV2
|
|
7871
8235
|
# can associate a web ACL with one or more Amazon Web Services resources
|
7872
8236
|
# to protect. The resources can be an Amazon CloudFront distribution, an
|
7873
8237
|
# Amazon API Gateway REST API, an Application Load Balancer, an AppSync
|
7874
|
-
# GraphQL API, Amazon Cognito user pool, or an App Runner service.
|
8238
|
+
# GraphQL API, an Amazon Cognito user pool, or an App Runner service.
|
7875
8239
|
#
|
7876
8240
|
# @!attribute [rw] name
|
7877
8241
|
# The name of the web ACL. You cannot change the name of a web ACL
|
@@ -7920,8 +8284,13 @@ module Aws::WAFV2
|
|
7920
8284
|
# relative cost of each rule. Simple rules that cost little to run use
|
7921
8285
|
# fewer WCUs than more complex rules that use more processing power.
|
7922
8286
|
# Rule group capacity is fixed at creation, which helps users plan
|
7923
|
-
# their web ACL WCU usage when they use a rule group.
|
7924
|
-
#
|
8287
|
+
# their web ACL WCU usage when they use a rule group. For more
|
8288
|
+
# information, see [WAF web ACL capacity units (WCU)][1] in the *WAF
|
8289
|
+
# Developer Guide*.
|
8290
|
+
#
|
8291
|
+
#
|
8292
|
+
#
|
8293
|
+
# [1]: https://docs.aws.amazon.com/waf/latest/developerguide/aws-waf-capacity-units.html
|
7925
8294
|
# @return [Integer]
|
7926
8295
|
#
|
7927
8296
|
# @!attribute [rw] pre_process_firewall_manager_rule_groups
|
@@ -7980,18 +8349,17 @@ module Aws::WAFV2
|
|
7980
8349
|
# rules and default actions that you define in the web ACL.
|
7981
8350
|
#
|
7982
8351
|
# For information about customizing web requests and responses, see
|
7983
|
-
# [Customizing web requests and responses in WAF][1] in the
|
7984
|
-
# Developer Guide
|
8352
|
+
# [Customizing web requests and responses in WAF][1] in the *WAF
|
8353
|
+
# Developer Guide*.
|
7985
8354
|
#
|
7986
8355
|
# For information about the limits on count and size for custom
|
7987
|
-
# request and response settings, see [WAF quotas][
|
7988
|
-
# Developer Guide
|
8356
|
+
# request and response settings, see [WAF quotas][2] in the *WAF
|
8357
|
+
# Developer Guide*.
|
7989
8358
|
#
|
7990
8359
|
#
|
7991
8360
|
#
|
7992
8361
|
# [1]: https://docs.aws.amazon.com/waf/latest/developerguide/waf-custom-request-response.html
|
7993
|
-
# [2]: https://docs.aws.amazon.com/waf/latest/developerguide/
|
7994
|
-
# [3]: https://docs.aws.amazon.com/waf/latest/developerguide/limits.html
|
8362
|
+
# [2]: https://docs.aws.amazon.com/waf/latest/developerguide/limits.html
|
7995
8363
|
# @return [Hash<String,Types::CustomResponseBody>]
|
7996
8364
|
#
|
7997
8365
|
# @!attribute [rw] captcha_config
|
@@ -8017,6 +8385,25 @@ module Aws::WAFV2
|
|
8017
8385
|
# domain list, including their prefixed subdomains.
|
8018
8386
|
# @return [Array<String>]
|
8019
8387
|
#
|
8388
|
+
# @!attribute [rw] association_config
|
8389
|
+
# Specifies custom configurations for the associations between the web
|
8390
|
+
# ACL and protected resources.
|
8391
|
+
#
|
8392
|
+
# Use this to customize the maximum size of the request body that your
|
8393
|
+
# protected CloudFront distributions forward to WAF for inspection.
|
8394
|
+
# The default is 16 KB (16,384 kilobytes).
|
8395
|
+
#
|
8396
|
+
# <note markdown="1"> You are charged additional fees when your protected resources
|
8397
|
+
# forward body sizes that are larger than the default. For more
|
8398
|
+
# information, see [WAF Pricing][1].
|
8399
|
+
#
|
8400
|
+
# </note>
|
8401
|
+
#
|
8402
|
+
#
|
8403
|
+
#
|
8404
|
+
# [1]: http://aws.amazon.com/waf/pricing/
|
8405
|
+
# @return [Types::AssociationConfig]
|
8406
|
+
#
|
8020
8407
|
# @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/WebACL AWS API Documentation
|
8021
8408
|
#
|
8022
8409
|
class WebACL < Struct.new(
|
@@ -8035,7 +8422,8 @@ module Aws::WAFV2
|
|
8035
8422
|
:custom_response_bodies,
|
8036
8423
|
:captcha_config,
|
8037
8424
|
:challenge_config,
|
8038
|
-
:token_domains
|
8425
|
+
:token_domains,
|
8426
|
+
:association_config)
|
8039
8427
|
SENSITIVE = []
|
8040
8428
|
include Aws::Structure
|
8041
8429
|
end
|