aws-sdk-wafv2 1.67.0 → 1.69.0

Sign up to get free protection for your applications and to get access to all the features.
Files changed (8) hide show
  1. checksums.yaml +4 -4
  2. data/CHANGELOG.md +10 -0
  3. data/VERSION +1 -1
  4. data/lib/aws-sdk-wafv2/client.rb +169 -59
  5. data/lib/aws-sdk-wafv2/client_api.rb +6 -0
  6. data/lib/aws-sdk-wafv2/types.rb +221 -244
  7. data/lib/aws-sdk-wafv2.rb +1 -1
  8. metadata +2 -2
data/lib/aws-sdk-wafv2/client.rb CHANGED
@@ -580,6 +580,9 @@ module Aws::WAFV2
580
580
  # header_order: {
581
581
  # oversize_handling: "CONTINUE", # required, accepts CONTINUE, MATCH, NO_MATCH
582
582
  # },
583
+ # ja3_fingerprint: {
584
+ # fallback_behavior: "MATCH", # required, accepts MATCH, NO_MATCH
585
+ # },
583
586
  # },
584
587
  # text_transformations: [ # required
585
588
  # {
@@ -641,6 +644,9 @@ module Aws::WAFV2
641
644
  # header_order: {
642
645
  # oversize_handling: "CONTINUE", # required, accepts CONTINUE, MATCH, NO_MATCH
643
646
  # },
647
+ # ja3_fingerprint: {
648
+ # fallback_behavior: "MATCH", # required, accepts MATCH, NO_MATCH
649
+ # },
644
650
  # },
645
651
  # text_transformations: [ # required
646
652
  # {
@@ -702,6 +708,9 @@ module Aws::WAFV2
702
708
  # header_order: {
703
709
  # oversize_handling: "CONTINUE", # required, accepts CONTINUE, MATCH, NO_MATCH
704
710
  # },
711
+ # ja3_fingerprint: {
712
+ # fallback_behavior: "MATCH", # required, accepts MATCH, NO_MATCH
713
+ # },
705
714
  # },
706
715
  # text_transformations: [ # required
707
716
  # {
@@ -762,6 +771,9 @@ module Aws::WAFV2
762
771
  # header_order: {
763
772
  # oversize_handling: "CONTINUE", # required, accepts CONTINUE, MATCH, NO_MATCH
764
773
  # },
774
+ # ja3_fingerprint: {
775
+ # fallback_behavior: "MATCH", # required, accepts MATCH, NO_MATCH
776
+ # },
765
777
  # },
766
778
  # comparison_operator: "EQ", # required, accepts EQ, NE, LE, LT, GE, GT
767
779
  # size: 1, # required
@@ -907,6 +919,9 @@ module Aws::WAFV2
907
919
  # header_order: {
908
920
  # oversize_handling: "CONTINUE", # required, accepts CONTINUE, MATCH, NO_MATCH
909
921
  # },
922
+ # ja3_fingerprint: {
923
+ # fallback_behavior: "MATCH", # required, accepts MATCH, NO_MATCH
924
+ # },
910
925
  # },
911
926
  # text_transformations: [ # required
912
927
  # {
@@ -1025,6 +1040,7 @@ module Aws::WAFV2
1025
1040
  # },
1026
1041
  # aws_managed_rules_bot_control_rule_set: {
1027
1042
  # inspection_level: "COMMON", # required, accepts COMMON, TARGETED
1043
+ # enable_machine_learning: false,
1028
1044
  # },
1029
1045
  # aws_managed_rules_atp_rule_set: {
1030
1046
  # login_path: "String", # required
@@ -1225,6 +1241,9 @@ module Aws::WAFV2
1225
1241
  # header_order: {
1226
1242
  # oversize_handling: "CONTINUE", # required, accepts CONTINUE, MATCH, NO_MATCH
1227
1243
  # },
1244
+ # ja3_fingerprint: {
1245
+ # fallback_behavior: "MATCH", # required, accepts MATCH, NO_MATCH
1246
+ # },
1228
1247
  # },
1229
1248
  # text_transformations: [ # required
1230
1249
  # {
@@ -1435,25 +1454,25 @@ module Aws::WAFV2
1435
1454
  #
1436
1455
  # @option params [required, Array<String>] :addresses
1437
1456
  # Contains an array of strings that specifies zero or more IP addresses
1438
- # or blocks of IP addresses. All addresses must be specified using
1439
- # Classless Inter-Domain Routing (CIDR) notation. WAF supports all IPv4
1440
- # and IPv6 CIDR ranges except for `/0`.
1457
+ # or blocks of IP addresses that you want WAF to inspect for in incoming
1458
+ # requests. All addresses must be specified using Classless Inter-Domain
1459
+ # Routing (CIDR) notation. WAF supports all IPv4 and IPv6 CIDR ranges
1460
+ # except for `/0`.
1441
1461
  #
1442
1462
  # Example address strings:
1443
1463
  #
1444
- # * To configure WAF to allow, block, or count requests that originated
1445
- # from the IP address 192.0.2.44, specify `192.0.2.44/32`.
1464
+ # * For requests that originated from the IP address 192.0.2.44, specify
1465
+ # `192.0.2.44/32`.
1446
1466
  #
1447
- # * To configure WAF to allow, block, or count requests that originated
1448
- # from IP addresses from 192.0.2.0 to 192.0.2.255, specify
1449
- # `192.0.2.0/24`.
1467
+ # * For requests that originated from IP addresses from 192.0.2.0 to
1468
+ # 192.0.2.255, specify `192.0.2.0/24`.
1450
1469
  #
1451
- # * To configure WAF to allow, block, or count requests that originated
1452
- # from the IP address 1111:0000:0000:0000:0000:0000:0000:0111, specify
1470
+ # * For requests that originated from the IP address
1471
+ # 1111:0000:0000:0000:0000:0000:0000:0111, specify
1453
1472
  # `1111:0000:0000:0000:0000:0000:0000:0111/128`.
1454
1473
  #
1455
- # * To configure WAF to allow, block, or count requests that originated
1456
- # from IP addresses 1111:0000:0000:0000:0000:0000:0000:0000 to
1474
+ # * For requests that originated from IP addresses
1475
+ # 1111:0000:0000:0000:0000:0000:0000:0000 to
1457
1476
  # 1111:0000:0000:0000:ffff:ffff:ffff:ffff, specify
1458
1477
  # `1111:0000:0000:0000:0000:0000:0000:0000/64`.
1459
1478
  #
@@ -1640,9 +1659,9 @@ module Aws::WAFV2
1640
1659
  #
1641
1660
  # @option params [Array<Types::Rule>] :rules
1642
1661
  # The Rule statements used to identify the web requests that you want to
1643
- # allow, block, or count. Each rule includes one top-level statement
1644
- # that WAF uses to identify matching web requests, and parameters that
1645
- # govern how WAF handles them.
1662
+ # manage. Each rule includes one top-level statement that WAF uses to
1663
+ # identify matching web requests, and parameters that govern how WAF
1664
+ # handles them.
1646
1665
  #
1647
1666
  # @option params [required, Types::VisibilityConfig] :visibility_config
1648
1667
  # Defines and enables Amazon CloudWatch metrics and web request sample
@@ -1739,6 +1758,9 @@ module Aws::WAFV2
1739
1758
  # header_order: {
1740
1759
  # oversize_handling: "CONTINUE", # required, accepts CONTINUE, MATCH, NO_MATCH
1741
1760
  # },
1761
+ # ja3_fingerprint: {
1762
+ # fallback_behavior: "MATCH", # required, accepts MATCH, NO_MATCH
1763
+ # },
1742
1764
  # },
1743
1765
  # text_transformations: [ # required
1744
1766
  # {
@@ -1800,6 +1822,9 @@ module Aws::WAFV2
1800
1822
  # header_order: {
1801
1823
  # oversize_handling: "CONTINUE", # required, accepts CONTINUE, MATCH, NO_MATCH
1802
1824
  # },
1825
+ # ja3_fingerprint: {
1826
+ # fallback_behavior: "MATCH", # required, accepts MATCH, NO_MATCH
1827
+ # },
1803
1828
  # },
1804
1829
  # text_transformations: [ # required
1805
1830
  # {
@@ -1861,6 +1886,9 @@ module Aws::WAFV2
1861
1886
  # header_order: {
1862
1887
  # oversize_handling: "CONTINUE", # required, accepts CONTINUE, MATCH, NO_MATCH
1863
1888
  # },
1889
+ # ja3_fingerprint: {
1890
+ # fallback_behavior: "MATCH", # required, accepts MATCH, NO_MATCH
1891
+ # },
1864
1892
  # },
1865
1893
  # text_transformations: [ # required
1866
1894
  # {
@@ -1921,6 +1949,9 @@ module Aws::WAFV2
1921
1949
  # header_order: {
1922
1950
  # oversize_handling: "CONTINUE", # required, accepts CONTINUE, MATCH, NO_MATCH
1923
1951
  # },
1952
+ # ja3_fingerprint: {
1953
+ # fallback_behavior: "MATCH", # required, accepts MATCH, NO_MATCH
1954
+ # },
1924
1955
  # },
1925
1956
  # comparison_operator: "EQ", # required, accepts EQ, NE, LE, LT, GE, GT
1926
1957
  # size: 1, # required
@@ -2066,6 +2097,9 @@ module Aws::WAFV2
2066
2097
  # header_order: {
2067
2098
  # oversize_handling: "CONTINUE", # required, accepts CONTINUE, MATCH, NO_MATCH
2068
2099
  # },
2100
+ # ja3_fingerprint: {
2101
+ # fallback_behavior: "MATCH", # required, accepts MATCH, NO_MATCH
2102
+ # },
2069
2103
  # },
2070
2104
  # text_transformations: [ # required
2071
2105
  # {
@@ -2184,6 +2218,7 @@ module Aws::WAFV2
2184
2218
  # },
2185
2219
  # aws_managed_rules_bot_control_rule_set: {
2186
2220
  # inspection_level: "COMMON", # required, accepts COMMON, TARGETED
2221
+ # enable_machine_learning: false,
2187
2222
  # },
2188
2223
  # aws_managed_rules_atp_rule_set: {
2189
2224
  # login_path: "String", # required
@@ -2384,6 +2419,9 @@ module Aws::WAFV2
2384
2419
  # header_order: {
2385
2420
  # oversize_handling: "CONTINUE", # required, accepts CONTINUE, MATCH, NO_MATCH
2386
2421
  # },
2422
+ # ja3_fingerprint: {
2423
+ # fallback_behavior: "MATCH", # required, accepts MATCH, NO_MATCH
2424
+ # },
2387
2425
  # },
2388
2426
  # text_transformations: [ # required
2389
2427
  # {
@@ -2522,16 +2560,17 @@ module Aws::WAFV2
2522
2560
  # Creates a WebACL per the specifications provided.
2523
2561
  #
2524
2562
  # A web ACL defines a collection of rules to use to inspect and control
2525
- # web requests. Each rule has an action defined (allow, block, or count)
2526
- # for requests that match the statement of the rule. In the web ACL, you
2527
- # assign a default action to take (allow, block) for any request that
2528
- # does not match any of the rules. The rules in a web ACL can be a
2529
- # combination of the types Rule, RuleGroup, and managed rule group. You
2530
- # can associate a web ACL with one or more Amazon Web Services resources
2531
- # to protect. The resources can be an Amazon CloudFront distribution, an
2532
- # Amazon API Gateway REST API, an Application Load Balancer, an AppSync
2533
- # GraphQL API, an Amazon Cognito user pool, an App Runner service, or an
2534
- # Amazon Web Services Verified Access instance.
2563
+ # web requests. Each rule has a statement that defines what to look for
2564
+ # in web requests and an action that WAF applies to requests that match
2565
+ # the statement. In the web ACL, you assign a default action to take
2566
+ # (allow, block) for any request that does not match any of the rules.
2567
+ # The rules in a web ACL can be a combination of the types Rule,
2568
+ # RuleGroup, and managed rule group. You can associate a web ACL with
2569
+ # one or more Amazon Web Services resources to protect. The resources
2570
+ # can be an Amazon CloudFront distribution, an Amazon API Gateway REST
2571
+ # API, an Application Load Balancer, an AppSync GraphQL API, an Amazon
2572
+ # Cognito user pool, an App Runner service, or an Amazon Web Services
2573
+ # Verified Access instance.
2535
2574
  #
2536
2575
  # @option params [required, String] :name
2537
2576
  # The name of the web ACL. You cannot change the name of a web ACL after
@@ -2561,9 +2600,9 @@ module Aws::WAFV2
2561
2600
  #
2562
2601
  # @option params [Array<Types::Rule>] :rules
2563
2602
  # The Rule statements used to identify the web requests that you want to
2564
- # allow, block, or count. Each rule includes one top-level statement
2565
- # that WAF uses to identify matching web requests, and parameters that
2566
- # govern how WAF handles them.
2603
+ # manage. Each rule includes one top-level statement that WAF uses to
2604
+ # identify matching web requests, and parameters that govern how WAF
2605
+ # handles them.
2567
2606
  #
2568
2607
  # @option params [required, Types::VisibilityConfig] :visibility_config
2569
2608
  # Defines and enables Amazon CloudWatch metrics and web request sample
@@ -2623,7 +2662,7 @@ module Aws::WAFV2
2623
2662
  #
2624
2663
  # Use this to customize the maximum size of the request body that your
2625
2664
  # protected CloudFront distributions forward to WAF for inspection. The
2626
- # default is 16 KB (16,384 kilobytes).
2665
+ # default is 16 KB (16,384 bytes).
2627
2666
  #
2628
2667
  # <note markdown="1"> You are charged additional fees when your protected resources forward
2629
2668
  # body sizes that are larger than the default. For more information, see
@@ -2727,6 +2766,9 @@ module Aws::WAFV2
2727
2766
  # header_order: {
2728
2767
  # oversize_handling: "CONTINUE", # required, accepts CONTINUE, MATCH, NO_MATCH
2729
2768
  # },
2769
+ # ja3_fingerprint: {
2770
+ # fallback_behavior: "MATCH", # required, accepts MATCH, NO_MATCH
2771
+ # },
2730
2772
  # },
2731
2773
  # text_transformations: [ # required
2732
2774
  # {
@@ -2788,6 +2830,9 @@ module Aws::WAFV2
2788
2830
  # header_order: {
2789
2831
  # oversize_handling: "CONTINUE", # required, accepts CONTINUE, MATCH, NO_MATCH
2790
2832
  # },
2833
+ # ja3_fingerprint: {
2834
+ # fallback_behavior: "MATCH", # required, accepts MATCH, NO_MATCH
2835
+ # },
2791
2836
  # },
2792
2837
  # text_transformations: [ # required
2793
2838
  # {
@@ -2849,6 +2894,9 @@ module Aws::WAFV2
2849
2894
  # header_order: {
2850
2895
  # oversize_handling: "CONTINUE", # required, accepts CONTINUE, MATCH, NO_MATCH
2851
2896
  # },
2897
+ # ja3_fingerprint: {
2898
+ # fallback_behavior: "MATCH", # required, accepts MATCH, NO_MATCH
2899
+ # },
2852
2900
  # },
2853
2901
  # text_transformations: [ # required
2854
2902
  # {
@@ -2909,6 +2957,9 @@ module Aws::WAFV2
2909
2957
  # header_order: {
2910
2958
  # oversize_handling: "CONTINUE", # required, accepts CONTINUE, MATCH, NO_MATCH
2911
2959
  # },
2960
+ # ja3_fingerprint: {
2961
+ # fallback_behavior: "MATCH", # required, accepts MATCH, NO_MATCH
2962
+ # },
2912
2963
  # },
2913
2964
  # comparison_operator: "EQ", # required, accepts EQ, NE, LE, LT, GE, GT
2914
2965
  # size: 1, # required
@@ -3054,6 +3105,9 @@ module Aws::WAFV2
3054
3105
  # header_order: {
3055
3106
  # oversize_handling: "CONTINUE", # required, accepts CONTINUE, MATCH, NO_MATCH
3056
3107
  # },
3108
+ # ja3_fingerprint: {
3109
+ # fallback_behavior: "MATCH", # required, accepts MATCH, NO_MATCH
3110
+ # },
3057
3111
  # },
3058
3112
  # text_transformations: [ # required
3059
3113
  # {
@@ -3172,6 +3226,7 @@ module Aws::WAFV2
3172
3226
  # },
3173
3227
  # aws_managed_rules_bot_control_rule_set: {
3174
3228
  # inspection_level: "COMMON", # required, accepts COMMON, TARGETED
3229
+ # enable_machine_learning: false,
3175
3230
  # },
3176
3231
  # aws_managed_rules_atp_rule_set: {
3177
3232
  # login_path: "String", # required
@@ -3372,6 +3427,9 @@ module Aws::WAFV2
3372
3427
  # header_order: {
3373
3428
  # oversize_handling: "CONTINUE", # required, accepts CONTINUE, MATCH, NO_MATCH
3374
3429
  # },
3430
+ # ja3_fingerprint: {
3431
+ # fallback_behavior: "MATCH", # required, accepts MATCH, NO_MATCH
3432
+ # },
3375
3433
  # },
3376
3434
  # text_transformations: [ # required
3377
3435
  # {
@@ -4334,6 +4392,7 @@ module Aws::WAFV2
4334
4392
  # resp.logging_configuration.redacted_fields[0].cookies.match_scope #=> String, one of "ALL", "KEY", "VALUE"
4335
4393
  # resp.logging_configuration.redacted_fields[0].cookies.oversize_handling #=> String, one of "CONTINUE", "MATCH", "NO_MATCH"
4336
4394
  # resp.logging_configuration.redacted_fields[0].header_order.oversize_handling #=> String, one of "CONTINUE", "MATCH", "NO_MATCH"
4395
+ # resp.logging_configuration.redacted_fields[0].ja3_fingerprint.fallback_behavior #=> String, one of "MATCH", "NO_MATCH"
4337
4396
  # resp.logging_configuration.managed_by_firewall_manager #=> Boolean
4338
4397
  # resp.logging_configuration.logging_filter.filters #=> Array
4339
4398
  # resp.logging_configuration.logging_filter.filters[0].behavior #=> String, one of "KEEP", "DROP"
@@ -4733,6 +4792,7 @@ module Aws::WAFV2
4733
4792
  # resp.rule_group.rules[0].statement.byte_match_statement.field_to_match.cookies.match_scope #=> String, one of "ALL", "KEY", "VALUE"
4734
4793
  # resp.rule_group.rules[0].statement.byte_match_statement.field_to_match.cookies.oversize_handling #=> String, one of "CONTINUE", "MATCH", "NO_MATCH"
4735
4794
  # resp.rule_group.rules[0].statement.byte_match_statement.field_to_match.header_order.oversize_handling #=> String, one of "CONTINUE", "MATCH", "NO_MATCH"
4795
+ # resp.rule_group.rules[0].statement.byte_match_statement.field_to_match.ja3_fingerprint.fallback_behavior #=> String, one of "MATCH", "NO_MATCH"
4736
4796
  # resp.rule_group.rules[0].statement.byte_match_statement.text_transformations #=> Array
4737
4797
  # resp.rule_group.rules[0].statement.byte_match_statement.text_transformations[0].priority #=> Integer
4738
4798
  # resp.rule_group.rules[0].statement.byte_match_statement.text_transformations[0].type #=> String, one of "NONE", "COMPRESS_WHITE_SPACE", "HTML_ENTITY_DECODE", "LOWERCASE", "CMD_LINE", "URL_DECODE", "BASE64_DECODE", "HEX_DECODE", "MD5", "REPLACE_COMMENTS", "ESCAPE_SEQ_DECODE", "SQL_HEX_DECODE", "CSS_DECODE", "JS_DECODE", "NORMALIZE_PATH", "NORMALIZE_PATH_WIN", "REMOVE_NULLS", "REPLACE_NULLS", "BASE64_DECODE_EXT", "URL_DECODE_UNI", "UTF8_TO_UNICODE"
@@ -4758,6 +4818,7 @@ module Aws::WAFV2
4758
4818
  # resp.rule_group.rules[0].statement.sqli_match_statement.field_to_match.cookies.match_scope #=> String, one of "ALL", "KEY", "VALUE"
4759
4819
  # resp.rule_group.rules[0].statement.sqli_match_statement.field_to_match.cookies.oversize_handling #=> String, one of "CONTINUE", "MATCH", "NO_MATCH"
4760
4820
  # resp.rule_group.rules[0].statement.sqli_match_statement.field_to_match.header_order.oversize_handling #=> String, one of "CONTINUE", "MATCH", "NO_MATCH"
4821
+ # resp.rule_group.rules[0].statement.sqli_match_statement.field_to_match.ja3_fingerprint.fallback_behavior #=> String, one of "MATCH", "NO_MATCH"
4761
4822
  # resp.rule_group.rules[0].statement.sqli_match_statement.text_transformations #=> Array
4762
4823
  # resp.rule_group.rules[0].statement.sqli_match_statement.text_transformations[0].priority #=> Integer
4763
4824
  # resp.rule_group.rules[0].statement.sqli_match_statement.text_transformations[0].type #=> String, one of "NONE", "COMPRESS_WHITE_SPACE", "HTML_ENTITY_DECODE", "LOWERCASE", "CMD_LINE", "URL_DECODE", "BASE64_DECODE", "HEX_DECODE", "MD5", "REPLACE_COMMENTS", "ESCAPE_SEQ_DECODE", "SQL_HEX_DECODE", "CSS_DECODE", "JS_DECODE", "NORMALIZE_PATH", "NORMALIZE_PATH_WIN", "REMOVE_NULLS", "REPLACE_NULLS", "BASE64_DECODE_EXT", "URL_DECODE_UNI", "UTF8_TO_UNICODE"
@@ -4783,6 +4844,7 @@ module Aws::WAFV2
4783
4844
  # resp.rule_group.rules[0].statement.xss_match_statement.field_to_match.cookies.match_scope #=> String, one of "ALL", "KEY", "VALUE"
4784
4845
  # resp.rule_group.rules[0].statement.xss_match_statement.field_to_match.cookies.oversize_handling #=> String, one of "CONTINUE", "MATCH", "NO_MATCH"
4785
4846
  # resp.rule_group.rules[0].statement.xss_match_statement.field_to_match.header_order.oversize_handling #=> String, one of "CONTINUE", "MATCH", "NO_MATCH"
4847
+ # resp.rule_group.rules[0].statement.xss_match_statement.field_to_match.ja3_fingerprint.fallback_behavior #=> String, one of "MATCH", "NO_MATCH"
4786
4848
  # resp.rule_group.rules[0].statement.xss_match_statement.text_transformations #=> Array
4787
4849
  # resp.rule_group.rules[0].statement.xss_match_statement.text_transformations[0].priority #=> Integer
4788
4850
  # resp.rule_group.rules[0].statement.xss_match_statement.text_transformations[0].type #=> String, one of "NONE", "COMPRESS_WHITE_SPACE", "HTML_ENTITY_DECODE", "LOWERCASE", "CMD_LINE", "URL_DECODE", "BASE64_DECODE", "HEX_DECODE", "MD5", "REPLACE_COMMENTS", "ESCAPE_SEQ_DECODE", "SQL_HEX_DECODE", "CSS_DECODE", "JS_DECODE", "NORMALIZE_PATH", "NORMALIZE_PATH_WIN", "REMOVE_NULLS", "REPLACE_NULLS", "BASE64_DECODE_EXT", "URL_DECODE_UNI", "UTF8_TO_UNICODE"
@@ -4807,6 +4869,7 @@ module Aws::WAFV2
4807
4869
  # resp.rule_group.rules[0].statement.size_constraint_statement.field_to_match.cookies.match_scope #=> String, one of "ALL", "KEY", "VALUE"
4808
4870
  # resp.rule_group.rules[0].statement.size_constraint_statement.field_to_match.cookies.oversize_handling #=> String, one of "CONTINUE", "MATCH", "NO_MATCH"
4809
4871
  # resp.rule_group.rules[0].statement.size_constraint_statement.field_to_match.header_order.oversize_handling #=> String, one of "CONTINUE", "MATCH", "NO_MATCH"
4872
+ # resp.rule_group.rules[0].statement.size_constraint_statement.field_to_match.ja3_fingerprint.fallback_behavior #=> String, one of "MATCH", "NO_MATCH"
4810
4873
  # resp.rule_group.rules[0].statement.size_constraint_statement.comparison_operator #=> String, one of "EQ", "NE", "LE", "LT", "GE", "GT"
4811
4874
  # resp.rule_group.rules[0].statement.size_constraint_statement.size #=> Integer
4812
4875
  # resp.rule_group.rules[0].statement.size_constraint_statement.text_transformations #=> Array
@@ -4864,6 +4927,7 @@ module Aws::WAFV2
4864
4927
  # resp.rule_group.rules[0].statement.regex_pattern_set_reference_statement.field_to_match.cookies.match_scope #=> String, one of "ALL", "KEY", "VALUE"
4865
4928
  # resp.rule_group.rules[0].statement.regex_pattern_set_reference_statement.field_to_match.cookies.oversize_handling #=> String, one of "CONTINUE", "MATCH", "NO_MATCH"
4866
4929
  # resp.rule_group.rules[0].statement.regex_pattern_set_reference_statement.field_to_match.header_order.oversize_handling #=> String, one of "CONTINUE", "MATCH", "NO_MATCH"
4930
+ # resp.rule_group.rules[0].statement.regex_pattern_set_reference_statement.field_to_match.ja3_fingerprint.fallback_behavior #=> String, one of "MATCH", "NO_MATCH"
4867
4931
  # resp.rule_group.rules[0].statement.regex_pattern_set_reference_statement.text_transformations #=> Array
4868
4932
  # resp.rule_group.rules[0].statement.regex_pattern_set_reference_statement.text_transformations[0].priority #=> Integer
4869
4933
  # resp.rule_group.rules[0].statement.regex_pattern_set_reference_statement.text_transformations[0].type #=> String, one of "NONE", "COMPRESS_WHITE_SPACE", "HTML_ENTITY_DECODE", "LOWERCASE", "CMD_LINE", "URL_DECODE", "BASE64_DECODE", "HEX_DECODE", "MD5", "REPLACE_COMMENTS", "ESCAPE_SEQ_DECODE", "SQL_HEX_DECODE", "CSS_DECODE", "JS_DECODE", "NORMALIZE_PATH", "NORMALIZE_PATH_WIN", "REMOVE_NULLS", "REPLACE_NULLS", "BASE64_DECODE_EXT", "URL_DECODE_UNI", "UTF8_TO_UNICODE"
@@ -4909,6 +4973,7 @@ module Aws::WAFV2
4909
4973
  # resp.rule_group.rules[0].statement.managed_rule_group_statement.managed_rule_group_configs[0].username_field.identifier #=> String
4910
4974
  # resp.rule_group.rules[0].statement.managed_rule_group_statement.managed_rule_group_configs[0].password_field.identifier #=> String
4911
4975
  # resp.rule_group.rules[0].statement.managed_rule_group_statement.managed_rule_group_configs[0].aws_managed_rules_bot_control_rule_set.inspection_level #=> String, one of "COMMON", "TARGETED"
4976
+ # resp.rule_group.rules[0].statement.managed_rule_group_statement.managed_rule_group_configs[0].aws_managed_rules_bot_control_rule_set.enable_machine_learning #=> Boolean
4912
4977
  # resp.rule_group.rules[0].statement.managed_rule_group_statement.managed_rule_group_configs[0].aws_managed_rules_atp_rule_set.login_path #=> String
4913
4978
  # resp.rule_group.rules[0].statement.managed_rule_group_statement.managed_rule_group_configs[0].aws_managed_rules_atp_rule_set.request_inspection.payload_type #=> String, one of "JSON", "FORM_ENCODED"
4914
4979
  # resp.rule_group.rules[0].statement.managed_rule_group_statement.managed_rule_group_configs[0].aws_managed_rules_atp_rule_set.request_inspection.username_field.identifier #=> String
@@ -5004,6 +5069,7 @@ module Aws::WAFV2
5004
5069
  # resp.rule_group.rules[0].statement.regex_match_statement.field_to_match.cookies.match_scope #=> String, one of "ALL", "KEY", "VALUE"
5005
5070
  # resp.rule_group.rules[0].statement.regex_match_statement.field_to_match.cookies.oversize_handling #=> String, one of "CONTINUE", "MATCH", "NO_MATCH"
5006
5071
  # resp.rule_group.rules[0].statement.regex_match_statement.field_to_match.header_order.oversize_handling #=> String, one of "CONTINUE", "MATCH", "NO_MATCH"
5072
+ # resp.rule_group.rules[0].statement.regex_match_statement.field_to_match.ja3_fingerprint.fallback_behavior #=> String, one of "MATCH", "NO_MATCH"
5007
5073
  # resp.rule_group.rules[0].statement.regex_match_statement.text_transformations #=> Array
5008
5074
  # resp.rule_group.rules[0].statement.regex_match_statement.text_transformations[0].priority #=> Integer
5009
5075
  # resp.rule_group.rules[0].statement.regex_match_statement.text_transformations[0].type #=> String, one of "NONE", "COMPRESS_WHITE_SPACE", "HTML_ENTITY_DECODE", "LOWERCASE", "CMD_LINE", "URL_DECODE", "BASE64_DECODE", "HEX_DECODE", "MD5", "REPLACE_COMMENTS", "ESCAPE_SEQ_DECODE", "SQL_HEX_DECODE", "CSS_DECODE", "JS_DECODE", "NORMALIZE_PATH", "NORMALIZE_PATH_WIN", "REMOVE_NULLS", "REPLACE_NULLS", "BASE64_DECODE_EXT", "URL_DECODE_UNI", "UTF8_TO_UNICODE"
@@ -5612,6 +5678,7 @@ module Aws::WAFV2
5612
5678
  # resp.logging_configurations[0].redacted_fields[0].cookies.match_scope #=> String, one of "ALL", "KEY", "VALUE"
5613
5679
  # resp.logging_configurations[0].redacted_fields[0].cookies.oversize_handling #=> String, one of "CONTINUE", "MATCH", "NO_MATCH"
5614
5680
  # resp.logging_configurations[0].redacted_fields[0].header_order.oversize_handling #=> String, one of "CONTINUE", "MATCH", "NO_MATCH"
5681
+ # resp.logging_configurations[0].redacted_fields[0].ja3_fingerprint.fallback_behavior #=> String, one of "MATCH", "NO_MATCH"
5615
5682
  # resp.logging_configurations[0].managed_by_firewall_manager #=> Boolean
5616
5683
  # resp.logging_configurations[0].logging_filter.filters #=> Array
5617
5684
  # resp.logging_configurations[0].logging_filter.filters[0].behavior #=> String, one of "KEEP", "DROP"
@@ -6174,6 +6241,9 @@ module Aws::WAFV2
6174
6241
  # header_order: {
6175
6242
  # oversize_handling: "CONTINUE", # required, accepts CONTINUE, MATCH, NO_MATCH
6176
6243
  # },
6244
+ # ja3_fingerprint: {
6245
+ # fallback_behavior: "MATCH", # required, accepts MATCH, NO_MATCH
6246
+ # },
6177
6247
  # },
6178
6248
  # ],
6179
6249
  # managed_by_firewall_manager: false,
@@ -6226,6 +6296,7 @@ module Aws::WAFV2
6226
6296
  # resp.logging_configuration.redacted_fields[0].cookies.match_scope #=> String, one of "ALL", "KEY", "VALUE"
6227
6297
  # resp.logging_configuration.redacted_fields[0].cookies.oversize_handling #=> String, one of "CONTINUE", "MATCH", "NO_MATCH"
6228
6298
  # resp.logging_configuration.redacted_fields[0].header_order.oversize_handling #=> String, one of "CONTINUE", "MATCH", "NO_MATCH"
6299
+ # resp.logging_configuration.redacted_fields[0].ja3_fingerprint.fallback_behavior #=> String, one of "MATCH", "NO_MATCH"
6229
6300
  # resp.logging_configuration.managed_by_firewall_manager #=> Boolean
6230
6301
  # resp.logging_configuration.logging_filter.filters #=> Array
6231
6302
  # resp.logging_configuration.logging_filter.filters[0].behavior #=> String, one of "KEEP", "DROP"
@@ -6542,25 +6613,25 @@ module Aws::WAFV2
6542
6613
  #
6543
6614
  # @option params [required, Array<String>] :addresses
6544
6615
  # Contains an array of strings that specifies zero or more IP addresses
6545
- # or blocks of IP addresses. All addresses must be specified using
6546
- # Classless Inter-Domain Routing (CIDR) notation. WAF supports all IPv4
6547
- # and IPv6 CIDR ranges except for `/0`.
6616
+ # or blocks of IP addresses that you want WAF to inspect for in incoming
6617
+ # requests. All addresses must be specified using Classless Inter-Domain
6618
+ # Routing (CIDR) notation. WAF supports all IPv4 and IPv6 CIDR ranges
6619
+ # except for `/0`.
6548
6620
  #
6549
6621
  # Example address strings:
6550
6622
  #
6551
- # * To configure WAF to allow, block, or count requests that originated
6552
- # from the IP address 192.0.2.44, specify `192.0.2.44/32`.
6623
+ # * For requests that originated from the IP address 192.0.2.44, specify
6624
+ # `192.0.2.44/32`.
6553
6625
  #
6554
- # * To configure WAF to allow, block, or count requests that originated
6555
- # from IP addresses from 192.0.2.0 to 192.0.2.255, specify
6556
- # `192.0.2.0/24`.
6626
+ # * For requests that originated from IP addresses from 192.0.2.0 to
6627
+ # 192.0.2.255, specify `192.0.2.0/24`.
6557
6628
  #
6558
- # * To configure WAF to allow, block, or count requests that originated
6559
- # from the IP address 1111:0000:0000:0000:0000:0000:0000:0111, specify
6629
+ # * For requests that originated from the IP address
6630
+ # 1111:0000:0000:0000:0000:0000:0000:0111, specify
6560
6631
  # `1111:0000:0000:0000:0000:0000:0000:0111/128`.
6561
6632
  #
6562
- # * To configure WAF to allow, block, or count requests that originated
6563
- # from IP addresses 1111:0000:0000:0000:0000:0000:0000:0000 to
6633
+ # * For requests that originated from IP addresses
6634
+ # 1111:0000:0000:0000:0000:0000:0000:0000 to
6564
6635
  # 1111:0000:0000:0000:ffff:ffff:ffff:ffff, specify
6565
6636
  # `1111:0000:0000:0000:0000:0000:0000:0000/64`.
6566
6637
  #
@@ -6882,9 +6953,9 @@ module Aws::WAFV2
6882
6953
  #
6883
6954
  # @option params [Array<Types::Rule>] :rules
6884
6955
  # The Rule statements used to identify the web requests that you want to
6885
- # allow, block, or count. Each rule includes one top-level statement
6886
- # that WAF uses to identify matching web requests, and parameters that
6887
- # govern how WAF handles them.
6956
+ # manage. Each rule includes one top-level statement that WAF uses to
6957
+ # identify matching web requests, and parameters that govern how WAF
6958
+ # handles them.
6888
6959
  #
6889
6960
  # @option params [required, Types::VisibilityConfig] :visibility_config
6890
6961
  # Defines and enables Amazon CloudWatch metrics and web request sample
@@ -6988,6 +7059,9 @@ module Aws::WAFV2
6988
7059
  # header_order: {
6989
7060
  # oversize_handling: "CONTINUE", # required, accepts CONTINUE, MATCH, NO_MATCH
6990
7061
  # },
7062
+ # ja3_fingerprint: {
7063
+ # fallback_behavior: "MATCH", # required, accepts MATCH, NO_MATCH
7064
+ # },
6991
7065
  # },
6992
7066
  # text_transformations: [ # required
6993
7067
  # {
@@ -7049,6 +7123,9 @@ module Aws::WAFV2
7049
7123
  # header_order: {
7050
7124
  # oversize_handling: "CONTINUE", # required, accepts CONTINUE, MATCH, NO_MATCH
7051
7125
  # },
7126
+ # ja3_fingerprint: {
7127
+ # fallback_behavior: "MATCH", # required, accepts MATCH, NO_MATCH
7128
+ # },
7052
7129
  # },
7053
7130
  # text_transformations: [ # required
7054
7131
  # {
@@ -7110,6 +7187,9 @@ module Aws::WAFV2
7110
7187
  # header_order: {
7111
7188
  # oversize_handling: "CONTINUE", # required, accepts CONTINUE, MATCH, NO_MATCH
7112
7189
  # },
7190
+ # ja3_fingerprint: {
7191
+ # fallback_behavior: "MATCH", # required, accepts MATCH, NO_MATCH
7192
+ # },
7113
7193
  # },
7114
7194
  # text_transformations: [ # required
7115
7195
  # {
@@ -7170,6 +7250,9 @@ module Aws::WAFV2
7170
7250
  # header_order: {
7171
7251
  # oversize_handling: "CONTINUE", # required, accepts CONTINUE, MATCH, NO_MATCH
7172
7252
  # },
7253
+ # ja3_fingerprint: {
7254
+ # fallback_behavior: "MATCH", # required, accepts MATCH, NO_MATCH
7255
+ # },
7173
7256
  # },
7174
7257
  # comparison_operator: "EQ", # required, accepts EQ, NE, LE, LT, GE, GT
7175
7258
  # size: 1, # required
@@ -7315,6 +7398,9 @@ module Aws::WAFV2
7315
7398
  # header_order: {
7316
7399
  # oversize_handling: "CONTINUE", # required, accepts CONTINUE, MATCH, NO_MATCH
7317
7400
  # },
7401
+ # ja3_fingerprint: {
7402
+ # fallback_behavior: "MATCH", # required, accepts MATCH, NO_MATCH
7403
+ # },
7318
7404
  # },
7319
7405
  # text_transformations: [ # required
7320
7406
  # {
@@ -7433,6 +7519,7 @@ module Aws::WAFV2
7433
7519
  # },
7434
7520
  # aws_managed_rules_bot_control_rule_set: {
7435
7521
  # inspection_level: "COMMON", # required, accepts COMMON, TARGETED
7522
+ # enable_machine_learning: false,
7436
7523
  # },
7437
7524
  # aws_managed_rules_atp_rule_set: {
7438
7525
  # login_path: "String", # required
@@ -7633,6 +7720,9 @@ module Aws::WAFV2
7633
7720
  # header_order: {
7634
7721
  # oversize_handling: "CONTINUE", # required, accepts CONTINUE, MATCH, NO_MATCH
7635
7722
  # },
7723
+ # ja3_fingerprint: {
7724
+ # fallback_behavior: "MATCH", # required, accepts MATCH, NO_MATCH
7725
+ # },
7636
7726
  # },
7637
7727
  # text_transformations: [ # required
7638
7728
  # {
@@ -7792,16 +7882,17 @@ module Aws::WAFV2
7792
7882
  # Generally, any inconsistencies of this type last only a few seconds.
7793
7883
  #
7794
7884
  # A web ACL defines a collection of rules to use to inspect and control
7795
- # web requests. Each rule has an action defined (allow, block, or count)
7796
- # for requests that match the statement of the rule. In the web ACL, you
7797
- # assign a default action to take (allow, block) for any request that
7798
- # does not match any of the rules. The rules in a web ACL can be a
7799
- # combination of the types Rule, RuleGroup, and managed rule group. You
7800
- # can associate a web ACL with one or more Amazon Web Services resources
7801
- # to protect. The resources can be an Amazon CloudFront distribution, an
7802
- # Amazon API Gateway REST API, an Application Load Balancer, an AppSync
7803
- # GraphQL API, an Amazon Cognito user pool, an App Runner service, or an
7804
- # Amazon Web Services Verified Access instance.
7885
+ # web requests. Each rule has a statement that defines what to look for
7886
+ # in web requests and an action that WAF applies to requests that match
7887
+ # the statement. In the web ACL, you assign a default action to take
7888
+ # (allow, block) for any request that does not match any of the rules.
7889
+ # The rules in a web ACL can be a combination of the types Rule,
7890
+ # RuleGroup, and managed rule group. You can associate a web ACL with
7891
+ # one or more Amazon Web Services resources to protect. The resources
7892
+ # can be an Amazon CloudFront distribution, an Amazon API Gateway REST
7893
+ # API, an Application Load Balancer, an AppSync GraphQL API, an Amazon
7894
+ # Cognito user pool, an App Runner service, or an Amazon Web Services
7895
+ # Verified Access instance.
7805
7896
  #
7806
7897
  # @option params [required, String] :name
7807
7898
  # The name of the web ACL. You cannot change the name of a web ACL after
@@ -7836,9 +7927,9 @@ module Aws::WAFV2
7836
7927
  #
7837
7928
  # @option params [Array<Types::Rule>] :rules
7838
7929
  # The Rule statements used to identify the web requests that you want to
7839
- # allow, block, or count. Each rule includes one top-level statement
7840
- # that WAF uses to identify matching web requests, and parameters that
7841
- # govern how WAF handles them.
7930
+ # manage. Each rule includes one top-level statement that WAF uses to
7931
+ # identify matching web requests, and parameters that govern how WAF
7932
+ # handles them.
7842
7933
  #
7843
7934
  # @option params [required, Types::VisibilityConfig] :visibility_config
7844
7935
  # Defines and enables Amazon CloudWatch metrics and web request sample
@@ -7905,7 +7996,7 @@ module Aws::WAFV2
7905
7996
  #
7906
7997
  # Use this to customize the maximum size of the request body that your
7907
7998
  # protected CloudFront distributions forward to WAF for inspection. The
7908
- # default is 16 KB (16,384 kilobytes).
7999
+ # default is 16 KB (16,384 bytes).
7909
8000
  #
7910
8001
  # <note markdown="1"> You are charged additional fees when your protected resources forward
7911
8002
  # body sizes that are larger than the default. For more information, see
@@ -8010,6 +8101,9 @@ module Aws::WAFV2
8010
8101
  # header_order: {
8011
8102
  # oversize_handling: "CONTINUE", # required, accepts CONTINUE, MATCH, NO_MATCH
8012
8103
  # },
8104
+ # ja3_fingerprint: {
8105
+ # fallback_behavior: "MATCH", # required, accepts MATCH, NO_MATCH
8106
+ # },
8013
8107
  # },
8014
8108
  # text_transformations: [ # required
8015
8109
  # {
@@ -8071,6 +8165,9 @@ module Aws::WAFV2
8071
8165
  # header_order: {
8072
8166
  # oversize_handling: "CONTINUE", # required, accepts CONTINUE, MATCH, NO_MATCH
8073
8167
  # },
8168
+ # ja3_fingerprint: {
8169
+ # fallback_behavior: "MATCH", # required, accepts MATCH, NO_MATCH
8170
+ # },
8074
8171
  # },
8075
8172
  # text_transformations: [ # required
8076
8173
  # {
@@ -8132,6 +8229,9 @@ module Aws::WAFV2
8132
8229
  # header_order: {
8133
8230
  # oversize_handling: "CONTINUE", # required, accepts CONTINUE, MATCH, NO_MATCH
8134
8231
  # },
8232
+ # ja3_fingerprint: {
8233
+ # fallback_behavior: "MATCH", # required, accepts MATCH, NO_MATCH
8234
+ # },
8135
8235
  # },
8136
8236
  # text_transformations: [ # required
8137
8237
  # {
@@ -8192,6 +8292,9 @@ module Aws::WAFV2
8192
8292
  # header_order: {
8193
8293
  # oversize_handling: "CONTINUE", # required, accepts CONTINUE, MATCH, NO_MATCH
8194
8294
  # },
8295
+ # ja3_fingerprint: {
8296
+ # fallback_behavior: "MATCH", # required, accepts MATCH, NO_MATCH
8297
+ # },
8195
8298
  # },
8196
8299
  # comparison_operator: "EQ", # required, accepts EQ, NE, LE, LT, GE, GT
8197
8300
  # size: 1, # required
@@ -8337,6 +8440,9 @@ module Aws::WAFV2
8337
8440
  # header_order: {
8338
8441
  # oversize_handling: "CONTINUE", # required, accepts CONTINUE, MATCH, NO_MATCH
8339
8442
  # },
8443
+ # ja3_fingerprint: {
8444
+ # fallback_behavior: "MATCH", # required, accepts MATCH, NO_MATCH
8445
+ # },
8340
8446
  # },
8341
8447
  # text_transformations: [ # required
8342
8448
  # {
@@ -8455,6 +8561,7 @@ module Aws::WAFV2
8455
8561
  # },
8456
8562
  # aws_managed_rules_bot_control_rule_set: {
8457
8563
  # inspection_level: "COMMON", # required, accepts COMMON, TARGETED
8564
+ # enable_machine_learning: false,
8458
8565
  # },
8459
8566
  # aws_managed_rules_atp_rule_set: {
8460
8567
  # login_path: "String", # required
@@ -8655,6 +8762,9 @@ module Aws::WAFV2
8655
8762
  # header_order: {
8656
8763
  # oversize_handling: "CONTINUE", # required, accepts CONTINUE, MATCH, NO_MATCH
8657
8764
  # },
8765
+ # ja3_fingerprint: {
8766
+ # fallback_behavior: "MATCH", # required, accepts MATCH, NO_MATCH
8767
+ # },
8658
8768
  # },
8659
8769
  # text_transformations: [ # required
8660
8770
  # {
@@ -8812,7 +8922,7 @@ module Aws::WAFV2
8812
8922
  params: params,
8813
8923
  config: config)
8814
8924
  context[:gem_name] = 'aws-sdk-wafv2'
8815
- context[:gem_version] = '1.67.0'
8925
+ context[:gem_version] = '1.69.0'
8816
8926
  Seahorse::Client::Request.new(handlers, context)
8817
8927
  end
8818
8928