aws-sdk-wafv2 1.67.0 → 1.69.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/CHANGELOG.md +10 -0
- data/VERSION +1 -1
- data/lib/aws-sdk-wafv2/client.rb +169 -59
- data/lib/aws-sdk-wafv2/client_api.rb +6 -0
- data/lib/aws-sdk-wafv2/types.rb +221 -244
- data/lib/aws-sdk-wafv2.rb +1 -1
- metadata +2 -2
data/lib/aws-sdk-wafv2/types.rb
CHANGED
@@ -60,8 +60,13 @@ module Aws::WAFV2
|
|
60
60
|
# is the page on your website that accepts the completed registration
|
61
61
|
# form for a new user. This page must accept `POST` requests.
|
62
62
|
#
|
63
|
-
# For example, for the URL `https://example.com/web/
|
64
|
-
# provide the path `/web/
|
63
|
+
# For example, for the URL `https://example.com/web/newaccount`, you
|
64
|
+
# would provide the path `/web/newaccount`. Account creation page
|
65
|
+
# paths that start with the path that you provide are considered a
|
66
|
+
# match. For example `/web/newaccount` matches the account creation
|
67
|
+
# paths `/web/newaccount`, `/web/newaccount/`, `/web/newaccountPage`,
|
68
|
+
# and `/web/newaccount/thisPage`, but doesn't match the path
|
69
|
+
# `/home/web/newaccount` or `/website/newaccount`.
|
65
70
|
# @return [String]
|
66
71
|
#
|
67
72
|
# @!attribute [rw] registration_page_path
|
@@ -73,8 +78,13 @@ module Aws::WAFV2
|
|
73
78
|
#
|
74
79
|
# </note>
|
75
80
|
#
|
76
|
-
# For example, for the URL `https://example.com/web/
|
77
|
-
# would provide the path `/web/
|
81
|
+
# For example, for the URL `https://example.com/web/registration`, you
|
82
|
+
# would provide the path `/web/registration`. Registration page paths
|
83
|
+
# that start with the path that you provide are considered a match.
|
84
|
+
# For example `/web/registration` matches the registration paths
|
85
|
+
# `/web/registration`, `/web/registration/`, `/web/registrationPage`,
|
86
|
+
# and `/web/registration/thisPage`, but doesn't match the path
|
87
|
+
# `/home/web/registration` or `/website/registration`.
|
78
88
|
# @return [String]
|
79
89
|
#
|
80
90
|
# @!attribute [rw] request_inspection
|
@@ -124,7 +134,11 @@ module Aws::WAFV2
|
|
124
134
|
# @!attribute [rw] login_path
|
125
135
|
# The path of the login endpoint for your application. For example,
|
126
136
|
# for the URL `https://example.com/web/login`, you would provide the
|
127
|
-
# path `/web/login`.
|
137
|
+
# path `/web/login`. Login paths that start with the path that you
|
138
|
+
# provide are considered a match. For example `/web/login` matches the
|
139
|
+
# login paths `/web/login`, `/web/login/`, `/web/loginPage`, and
|
140
|
+
# `/web/login/thisPage`, but doesn't match the login path
|
141
|
+
# `/home/web/login` or `/website/login`.
|
128
142
|
#
|
129
143
|
# The rule group inspects only HTTP `POST` requests to your specified
|
130
144
|
# login endpoint.
|
@@ -183,10 +197,31 @@ module Aws::WAFV2
|
|
183
197
|
# [1]: https://docs.aws.amazon.com/waf/latest/developerguide/aws-managed-rule-groups-bot.html
|
184
198
|
# @return [String]
|
185
199
|
#
|
200
|
+
# @!attribute [rw] enable_machine_learning
|
201
|
+
# Applies only to the targeted inspection level.
|
202
|
+
#
|
203
|
+
# Determines whether to use machine learning (ML) to analyze your web
|
204
|
+
# traffic for bot-related activity. Machine learning is required for
|
205
|
+
# the Bot Control rules `TGT_ML_CoordinatedActivityLow` and
|
206
|
+
# `TGT_ML_CoordinatedActivityMedium`, which inspect for anomalous
|
207
|
+
# behavior that might indicate distributed, coordinated bot activity.
|
208
|
+
#
|
209
|
+
# For more information about this choice, see the listing for these
|
210
|
+
# rules in the table at [Bot Control rules listing][1] in the *WAF
|
211
|
+
# Developer Guide*.
|
212
|
+
#
|
213
|
+
# Default: `TRUE`
|
214
|
+
#
|
215
|
+
#
|
216
|
+
#
|
217
|
+
# [1]: https://docs.aws.amazon.com/waf/latest/developerguide/aws-managed-rule-groups-bot.html#aws-managed-rule-groups-bot-rules
|
218
|
+
# @return [Boolean]
|
219
|
+
#
|
186
220
|
# @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/AWSManagedRulesBotControlRuleSet AWS API Documentation
|
187
221
|
#
|
188
222
|
class AWSManagedRulesBotControlRuleSet < Struct.new(
|
189
|
-
:inspection_level
|
223
|
+
:inspection_level,
|
224
|
+
:enable_machine_learning)
|
190
225
|
SENSITIVE = []
|
191
226
|
include Aws::Structure
|
192
227
|
end
|
@@ -379,7 +414,7 @@ module Aws::WAFV2
|
|
379
414
|
#
|
380
415
|
# Use this to customize the maximum size of the request body that your
|
381
416
|
# protected CloudFront distributions forward to WAF for inspection. The
|
382
|
-
# default is 16 KB (16,384
|
417
|
+
# default is 16 KB (16,384 bytes).
|
383
418
|
#
|
384
419
|
# <note markdown="1"> You are charged additional fees when your protected resources forward
|
385
420
|
# body sizes that are larger than the default. For more information, see
|
@@ -394,7 +429,7 @@ module Aws::WAFV2
|
|
394
429
|
# @!attribute [rw] request_body
|
395
430
|
# Customizes the maximum size of the request body that your protected
|
396
431
|
# CloudFront distributions forward to WAF for inspection. The default
|
397
|
-
# size is 16 KB (16,384
|
432
|
+
# size is 16 KB (16,384 bytes).
|
398
433
|
#
|
399
434
|
# <note markdown="1"> You are charged additional fees when your protected resources
|
400
435
|
# forward body sizes that are larger than the default. For more
|
@@ -455,9 +490,9 @@ module Aws::WAFV2
|
|
455
490
|
# forwards the contents that are below the limit to WAF for
|
456
491
|
# inspection.
|
457
492
|
#
|
458
|
-
# The default limit is 8 KB (8,192
|
459
|
-
#
|
460
|
-
#
|
493
|
+
# The default limit is 8 KB (8,192 bytes) for regional resources and
|
494
|
+
# 16 KB (16,384 bytes) for CloudFront distributions. For CloudFront
|
495
|
+
# distributions, you can increase the limit in the web ACL
|
461
496
|
# `AssociationConfig`, for additional processing fees.
|
462
497
|
#
|
463
498
|
# The options for oversize handling are the following:
|
@@ -507,6 +542,10 @@ module Aws::WAFV2
|
|
507
542
|
# * `UriPath`: The value that you want WAF to search for in the URI
|
508
543
|
# path, for example, `/images/daily-ad.jpg`.
|
509
544
|
#
|
545
|
+
# * `JA3Fingerprint`: The string to match against the web request's
|
546
|
+
# JA3 fingerprint header. The header contains a hash fingerprint of
|
547
|
+
# the TLS Client Hello packet for the request.
|
548
|
+
#
|
510
549
|
# * `HeaderOrder`: The comma-separated list of header names to match
|
511
550
|
# for. WAF creates a string that contains the ordered list of header
|
512
551
|
# names, from the headers in the web request, and then matches
|
@@ -545,7 +584,7 @@ module Aws::WAFV2
|
|
545
584
|
# before using them as custom aggregation keys. If you specify one or
|
546
585
|
# more transformations to apply, WAF performs all transformations on
|
547
586
|
# the specified content, starting from the lowest priority setting,
|
548
|
-
# and then uses the component contents.
|
587
|
+
# and then uses the transformed component contents.
|
549
588
|
# @return [Array<Types::TextTransformation>]
|
550
589
|
#
|
551
590
|
# @!attribute [rw] positional_constraint
|
@@ -1064,27 +1103,24 @@ module Aws::WAFV2
|
|
1064
1103
|
#
|
1065
1104
|
# @!attribute [rw] addresses
|
1066
1105
|
# Contains an array of strings that specifies zero or more IP
|
1067
|
-
# addresses or blocks of IP addresses
|
1068
|
-
#
|
1069
|
-
#
|
1106
|
+
# addresses or blocks of IP addresses that you want WAF to inspect for
|
1107
|
+
# in incoming requests. All addresses must be specified using
|
1108
|
+
# Classless Inter-Domain Routing (CIDR) notation. WAF supports all
|
1109
|
+
# IPv4 and IPv6 CIDR ranges except for `/0`.
|
1070
1110
|
#
|
1071
1111
|
# Example address strings:
|
1072
1112
|
#
|
1073
|
-
# *
|
1074
|
-
#
|
1075
|
-
# `192.0.2.44/32`.
|
1113
|
+
# * For requests that originated from the IP address 192.0.2.44,
|
1114
|
+
# specify `192.0.2.44/32`.
|
1076
1115
|
#
|
1077
|
-
# *
|
1078
|
-
#
|
1079
|
-
# specify `192.0.2.0/24`.
|
1116
|
+
# * For requests that originated from IP addresses from 192.0.2.0 to
|
1117
|
+
# 192.0.2.255, specify `192.0.2.0/24`.
|
1080
1118
|
#
|
1081
|
-
# *
|
1082
|
-
# originated from the IP address
|
1119
|
+
# * For requests that originated from the IP address
|
1083
1120
|
# 1111:0000:0000:0000:0000:0000:0000:0111, specify
|
1084
1121
|
# `1111:0000:0000:0000:0000:0000:0000:0111/128`.
|
1085
1122
|
#
|
1086
|
-
# *
|
1087
|
-
# originated from IP addresses
|
1123
|
+
# * For requests that originated from IP addresses
|
1088
1124
|
# 1111:0000:0000:0000:0000:0000:0000:0000 to
|
1089
1125
|
# 1111:0000:0000:0000:ffff:ffff:ffff:ffff, specify
|
1090
1126
|
# `1111:0000:0000:0000:0000:0000:0000:0000/64`.
|
@@ -1251,9 +1287,9 @@ module Aws::WAFV2
|
|
1251
1287
|
#
|
1252
1288
|
# @!attribute [rw] rules
|
1253
1289
|
# The Rule statements used to identify the web requests that you want
|
1254
|
-
# to
|
1255
|
-
#
|
1256
|
-
#
|
1290
|
+
# to manage. Each rule includes one top-level statement that WAF uses
|
1291
|
+
# to identify matching web requests, and parameters that govern how
|
1292
|
+
# WAF handles them.
|
1257
1293
|
# @return [Array<Types::Rule>]
|
1258
1294
|
#
|
1259
1295
|
# @!attribute [rw] visibility_config
|
@@ -1348,9 +1384,9 @@ module Aws::WAFV2
|
|
1348
1384
|
#
|
1349
1385
|
# @!attribute [rw] rules
|
1350
1386
|
# The Rule statements used to identify the web requests that you want
|
1351
|
-
# to
|
1352
|
-
#
|
1353
|
-
#
|
1387
|
+
# to manage. Each rule includes one top-level statement that WAF uses
|
1388
|
+
# to identify matching web requests, and parameters that govern how
|
1389
|
+
# WAF handles them.
|
1354
1390
|
# @return [Array<Types::Rule>]
|
1355
1391
|
#
|
1356
1392
|
# @!attribute [rw] visibility_config
|
@@ -1417,7 +1453,7 @@ module Aws::WAFV2
|
|
1417
1453
|
#
|
1418
1454
|
# Use this to customize the maximum size of the request body that your
|
1419
1455
|
# protected CloudFront distributions forward to WAF for inspection.
|
1420
|
-
# The default is 16 KB (16,384
|
1456
|
+
# The default is 16 KB (16,384 bytes).
|
1421
1457
|
#
|
1422
1458
|
# <note markdown="1"> You are charged additional fees when your protected resources
|
1423
1459
|
# forward body sizes that are larger than the default. For more
|
@@ -1560,8 +1596,9 @@ module Aws::WAFV2
|
|
1560
1596
|
# @return [String]
|
1561
1597
|
#
|
1562
1598
|
# @!attribute [rw] response_headers
|
1563
|
-
# The HTTP headers to use in the response.
|
1564
|
-
# not
|
1599
|
+
# The HTTP headers to use in the response. You can specify any header
|
1600
|
+
# name except for `content-type`. Duplicate header names are not
|
1601
|
+
# allowed.
|
1565
1602
|
#
|
1566
1603
|
# For information about the limits on count and size for custom
|
1567
1604
|
# request and response settings, see [WAF quotas][1] in the *WAF
|
@@ -2293,10 +2330,10 @@ module Aws::WAFV2
|
|
2293
2330
|
#
|
2294
2331
|
# A limited amount of the request body is forwarded to WAF for
|
2295
2332
|
# inspection by the underlying host service. For regional resources,
|
2296
|
-
# the limit is 8 KB (8,192
|
2297
|
-
#
|
2298
|
-
#
|
2299
|
-
#
|
2333
|
+
# the limit is 8 KB (8,192 bytes) and for CloudFront distributions,
|
2334
|
+
# the limit is 16 KB (16,384 bytes). For CloudFront distributions, you
|
2335
|
+
# can increase the limit in the web ACL's `AssociationConfig`, for
|
2336
|
+
# additional processing fees.
|
2300
2337
|
#
|
2301
2338
|
# For information about how to handle oversized request bodies, see
|
2302
2339
|
# the `Body` object configuration.
|
@@ -2315,10 +2352,10 @@ module Aws::WAFV2
|
|
2315
2352
|
#
|
2316
2353
|
# A limited amount of the request body is forwarded to WAF for
|
2317
2354
|
# inspection by the underlying host service. For regional resources,
|
2318
|
-
# the limit is 8 KB (8,192
|
2319
|
-
#
|
2320
|
-
#
|
2321
|
-
#
|
2355
|
+
# the limit is 8 KB (8,192 bytes) and for CloudFront distributions,
|
2356
|
+
# the limit is 16 KB (16,384 bytes). For CloudFront distributions, you
|
2357
|
+
# can increase the limit in the web ACL's `AssociationConfig`, for
|
2358
|
+
# additional processing fees.
|
2322
2359
|
#
|
2323
2360
|
# For information about how to handle oversized request bodies, see
|
2324
2361
|
# the `JsonBody` object configuration.
|
@@ -2359,6 +2396,18 @@ module Aws::WAFV2
|
|
2359
2396
|
# `host:user-agent:accept:authorization:referer`.
|
2360
2397
|
# @return [Types::HeaderOrder]
|
2361
2398
|
#
|
2399
|
+
# @!attribute [rw] ja3_fingerprint
|
2400
|
+
# Match against the request's JA3 fingerprint header. The header
|
2401
|
+
# contains a hash fingerprint of the TLS Client Hello packet for the
|
2402
|
+
# request.
|
2403
|
+
#
|
2404
|
+
# <note markdown="1"> You can use this choice only with a string match
|
2405
|
+
# `ByteMatchStatement` with the `PositionalConstraint` set to
|
2406
|
+
# `EXACTLY`.
|
2407
|
+
#
|
2408
|
+
# </note>
|
2409
|
+
# @return [Types::JA3Fingerprint]
|
2410
|
+
#
|
2362
2411
|
# @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/FieldToMatch AWS API Documentation
|
2363
2412
|
#
|
2364
2413
|
class FieldToMatch < Struct.new(
|
@@ -2372,7 +2421,8 @@ module Aws::WAFV2
|
|
2372
2421
|
:json_body,
|
2373
2422
|
:headers,
|
2374
2423
|
:cookies,
|
2375
|
-
:header_order
|
2424
|
+
:header_order,
|
2425
|
+
:ja3_fingerprint)
|
2376
2426
|
SENSITIVE = []
|
2377
2427
|
include Aws::Structure
|
2378
2428
|
end
|
@@ -3552,27 +3602,24 @@ module Aws::WAFV2
|
|
3552
3602
|
#
|
3553
3603
|
# @!attribute [rw] addresses
|
3554
3604
|
# Contains an array of strings that specifies zero or more IP
|
3555
|
-
# addresses or blocks of IP addresses
|
3556
|
-
#
|
3557
|
-
#
|
3605
|
+
# addresses or blocks of IP addresses that you want WAF to inspect for
|
3606
|
+
# in incoming requests. All addresses must be specified using
|
3607
|
+
# Classless Inter-Domain Routing (CIDR) notation. WAF supports all
|
3608
|
+
# IPv4 and IPv6 CIDR ranges except for `/0`.
|
3558
3609
|
#
|
3559
3610
|
# Example address strings:
|
3560
3611
|
#
|
3561
|
-
# *
|
3562
|
-
#
|
3563
|
-
# `192.0.2.44/32`.
|
3612
|
+
# * For requests that originated from the IP address 192.0.2.44,
|
3613
|
+
# specify `192.0.2.44/32`.
|
3564
3614
|
#
|
3565
|
-
# *
|
3566
|
-
#
|
3567
|
-
# specify `192.0.2.0/24`.
|
3615
|
+
# * For requests that originated from IP addresses from 192.0.2.0 to
|
3616
|
+
# 192.0.2.255, specify `192.0.2.0/24`.
|
3568
3617
|
#
|
3569
|
-
# *
|
3570
|
-
# originated from the IP address
|
3618
|
+
# * For requests that originated from the IP address
|
3571
3619
|
# 1111:0000:0000:0000:0000:0000:0000:0111, specify
|
3572
3620
|
# `1111:0000:0000:0000:0000:0000:0000:0111/128`.
|
3573
3621
|
#
|
3574
|
-
# *
|
3575
|
-
# originated from IP addresses
|
3622
|
+
# * For requests that originated from IP addresses
|
3576
3623
|
# 1111:0000:0000:0000:0000:0000:0000:0000 to
|
3577
3624
|
# 1111:0000:0000:0000:ffff:ffff:ffff:ffff, specify
|
3578
3625
|
# `1111:0000:0000:0000:0000:0000:0000:0000/64`.
|
@@ -3785,6 +3832,36 @@ module Aws::WAFV2
|
|
3785
3832
|
include Aws::Structure
|
3786
3833
|
end
|
3787
3834
|
|
3835
|
+
# Match against the request's JA3 fingerprint header. The header
|
3836
|
+
# contains a hash fingerprint of the TLS Client Hello packet for the
|
3837
|
+
# request.
|
3838
|
+
#
|
3839
|
+
# <note markdown="1"> You can use this choice only with a string match `ByteMatchStatement`
|
3840
|
+
# with the `PositionalConstraint` set to `EXACTLY`.
|
3841
|
+
#
|
3842
|
+
# </note>
|
3843
|
+
#
|
3844
|
+
# @!attribute [rw] fallback_behavior
|
3845
|
+
# The match status to assign to the web request if the request
|
3846
|
+
# doesn't have a JA3 fingerprint.
|
3847
|
+
#
|
3848
|
+
# You can specify the following fallback behaviors:
|
3849
|
+
#
|
3850
|
+
# * `MATCH` - Treat the web request as matching the rule statement.
|
3851
|
+
# WAF applies the rule action to the request.
|
3852
|
+
#
|
3853
|
+
# * `NO_MATCH` - Treat the web request as not matching the rule
|
3854
|
+
# statement.
|
3855
|
+
# @return [String]
|
3856
|
+
#
|
3857
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/JA3Fingerprint AWS API Documentation
|
3858
|
+
#
|
3859
|
+
class JA3Fingerprint < Struct.new(
|
3860
|
+
:fallback_behavior)
|
3861
|
+
SENSITIVE = []
|
3862
|
+
include Aws::Structure
|
3863
|
+
end
|
3864
|
+
|
3788
3865
|
# Inspect the body of the web request as JSON. The body immediately
|
3789
3866
|
# follows the request headers.
|
3790
3867
|
#
|
@@ -3849,9 +3926,9 @@ module Aws::WAFV2
|
|
3849
3926
|
# forwards the contents that are below the limit to WAF for
|
3850
3927
|
# inspection.
|
3851
3928
|
#
|
3852
|
-
# The default limit is 8 KB (8,192
|
3853
|
-
#
|
3854
|
-
#
|
3929
|
+
# The default limit is 8 KB (8,192 bytes) for regional resources and
|
3930
|
+
# 16 KB (16,384 bytes) for CloudFront distributions. For CloudFront
|
3931
|
+
# distributions, you can increase the limit in the web ACL
|
3855
3932
|
# `AssociationConfig`, for additional processing fees.
|
3856
3933
|
#
|
3857
3934
|
# The options for oversize handling are the following:
|
@@ -5086,8 +5163,10 @@ module Aws::WAFV2
|
|
5086
5163
|
# calling ListAvailableManagedRuleGroups.
|
5087
5164
|
#
|
5088
5165
|
# You cannot nest a `ManagedRuleGroupStatement`, for example for use
|
5089
|
-
# inside a `NotStatement` or `OrStatement`.
|
5090
|
-
#
|
5166
|
+
# inside a `NotStatement` or `OrStatement`. You cannot use a managed
|
5167
|
+
# rule group inside another rule group. You can only reference a managed
|
5168
|
+
# rule group as a top-level statement within a rule that you define in a
|
5169
|
+
# web ACL.
|
5091
5170
|
#
|
5092
5171
|
# <note markdown="1"> You are charged additional fees when you use the WAF Bot Control
|
5093
5172
|
# managed rule group `AWSManagedRulesBotControlRuleSet`, the WAF Fraud
|
@@ -6232,7 +6311,7 @@ module Aws::WAFV2
|
|
6232
6311
|
# before using them as custom aggregation keys. If you specify one or
|
6233
6312
|
# more transformations to apply, WAF performs all transformations on
|
6234
6313
|
# the specified content, starting from the lowest priority setting,
|
6235
|
-
# and then uses the component contents.
|
6314
|
+
# and then uses the transformed component contents.
|
6236
6315
|
# @return [Array<Types::TextTransformation>]
|
6237
6316
|
#
|
6238
6317
|
# @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/RateLimitCookie AWS API Documentation
|
@@ -6302,7 +6381,7 @@ module Aws::WAFV2
|
|
6302
6381
|
# before using them as custom aggregation keys. If you specify one or
|
6303
6382
|
# more transformations to apply, WAF performs all transformations on
|
6304
6383
|
# the specified content, starting from the lowest priority setting,
|
6305
|
-
# and then uses the component contents.
|
6384
|
+
# and then uses the transformed component contents.
|
6306
6385
|
# @return [Array<Types::TextTransformation>]
|
6307
6386
|
#
|
6308
6387
|
# @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/RateLimitHeader AWS API Documentation
|
@@ -6379,7 +6458,7 @@ module Aws::WAFV2
|
|
6379
6458
|
# before using them as custom aggregation keys. If you specify one or
|
6380
6459
|
# more transformations to apply, WAF performs all transformations on
|
6381
6460
|
# the specified content, starting from the lowest priority setting,
|
6382
|
-
# and then uses the component contents.
|
6461
|
+
# and then uses the transformed component contents.
|
6383
6462
|
# @return [Array<Types::TextTransformation>]
|
6384
6463
|
#
|
6385
6464
|
# @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/RateLimitQueryArgument AWS API Documentation
|
@@ -6405,7 +6484,7 @@ module Aws::WAFV2
|
|
6405
6484
|
# before using them as custom aggregation keys. If you specify one or
|
6406
6485
|
# more transformations to apply, WAF performs all transformations on
|
6407
6486
|
# the specified content, starting from the lowest priority setting,
|
6408
|
-
# and then uses the component contents.
|
6487
|
+
# and then uses the transformed component contents.
|
6409
6488
|
# @return [Array<Types::TextTransformation>]
|
6410
6489
|
#
|
6411
6490
|
# @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/RateLimitQueryString AWS API Documentation
|
@@ -6430,7 +6509,7 @@ module Aws::WAFV2
|
|
6430
6509
|
# before using them as custom aggregation keys. If you specify one or
|
6431
6510
|
# more transformations to apply, WAF performs all transformations on
|
6432
6511
|
# the specified content, starting from the lowest priority setting,
|
6433
|
-
# and then uses the component contents.
|
6512
|
+
# and then uses the transformed component contents.
|
6434
6513
|
# @return [Array<Types::TextTransformation>]
|
6435
6514
|
#
|
6436
6515
|
# @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/RateLimitUriPath AWS API Documentation
|
@@ -6475,7 +6554,7 @@ module Aws::WAFV2
|
|
6475
6554
|
# before using them as custom aggregation keys. If you specify one or
|
6476
6555
|
# more transformations to apply, WAF performs all transformations on
|
6477
6556
|
# the specified content, starting from the lowest priority setting,
|
6478
|
-
# and then uses the component contents.
|
6557
|
+
# and then uses the transformed component contents.
|
6479
6558
|
# @return [Array<Types::TextTransformation>]
|
6480
6559
|
#
|
6481
6560
|
# @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/RegexMatchStatement AWS API Documentation
|
@@ -6559,7 +6638,7 @@ module Aws::WAFV2
|
|
6559
6638
|
# before using them as custom aggregation keys. If you specify one or
|
6560
6639
|
# more transformations to apply, WAF performs all transformations on
|
6561
6640
|
# the specified content, starting from the lowest priority setting,
|
6562
|
-
# and then uses the component contents.
|
6641
|
+
# and then uses the transformed component contents.
|
6563
6642
|
# @return [Array<Types::TextTransformation>]
|
6564
6643
|
#
|
6565
6644
|
# @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/RegexPatternSetReferenceStatement AWS API Documentation
|
@@ -6642,7 +6721,7 @@ module Aws::WAFV2
|
|
6642
6721
|
|
6643
6722
|
# Customizes the maximum size of the request body that your protected
|
6644
6723
|
# CloudFront distributions forward to WAF for inspection. The default
|
6645
|
-
# size is 16 KB (16,384
|
6724
|
+
# size is 16 KB (16,384 bytes).
|
6646
6725
|
#
|
6647
6726
|
# <note markdown="1"> You are charged additional fees when your protected resources forward
|
6648
6727
|
# body sizes that are larger than the default. For more information, see
|
@@ -6662,7 +6741,7 @@ module Aws::WAFV2
|
|
6662
6741
|
# inspection. This applies to statements in the web ACL that inspect
|
6663
6742
|
# the body or JSON body.
|
6664
6743
|
#
|
6665
|
-
# Default: `16 KB (16,384
|
6744
|
+
# Default: `16 KB (16,384 bytes)`
|
6666
6745
|
# @return [String]
|
6667
6746
|
#
|
6668
6747
|
# @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/RequestBodyAssociatedResourceTypeConfig AWS API Documentation
|
@@ -7150,13 +7229,17 @@ module Aws::WAFV2
|
|
7150
7229
|
end
|
7151
7230
|
|
7152
7231
|
# A single rule, which you can use in a WebACL or RuleGroup to identify
|
7153
|
-
# web requests that you want to
|
7154
|
-
#
|
7155
|
-
#
|
7232
|
+
# web requests that you want to manage in some way. Each rule includes
|
7233
|
+
# one top-level Statement that WAF uses to identify matching web
|
7234
|
+
# requests, and parameters that govern how WAF handles them.
|
7156
7235
|
#
|
7157
7236
|
# @!attribute [rw] name
|
7158
|
-
# The name of the rule.
|
7159
|
-
#
|
7237
|
+
# The name of the rule.
|
7238
|
+
#
|
7239
|
+
# If you change the name of a `Rule` after you create it and you want
|
7240
|
+
# the rule's metric name to reflect the change, update the metric
|
7241
|
+
# name in the rule's `VisibilityConfig` settings. WAF doesn't
|
7242
|
+
# automatically update the metric name when you update the rule name.
|
7160
7243
|
# @return [String]
|
7161
7244
|
#
|
7162
7245
|
# @!attribute [rw] priority
|
@@ -7239,6 +7322,10 @@ module Aws::WAFV2
|
|
7239
7322
|
# @!attribute [rw] visibility_config
|
7240
7323
|
# Defines and enables Amazon CloudWatch metrics and web request sample
|
7241
7324
|
# collection.
|
7325
|
+
#
|
7326
|
+
# If you change the name of a `Rule` after you create it and you want
|
7327
|
+
# the rule's metric name to reflect the change, update the metric
|
7328
|
+
# name as well. WAF doesn't automatically update the metric name.
|
7242
7329
|
# @return [Types::VisibilityConfig]
|
7243
7330
|
#
|
7244
7331
|
# @!attribute [rw] captcha_config
|
@@ -7384,9 +7471,9 @@ module Aws::WAFV2
|
|
7384
7471
|
#
|
7385
7472
|
# @!attribute [rw] rules
|
7386
7473
|
# The Rule statements used to identify the web requests that you want
|
7387
|
-
# to
|
7388
|
-
#
|
7389
|
-
#
|
7474
|
+
# to manage. Each rule includes one top-level statement that WAF uses
|
7475
|
+
# to identify matching web requests, and parameters that govern how
|
7476
|
+
# WAF handles them.
|
7390
7477
|
# @return [Array<Types::Rule>]
|
7391
7478
|
#
|
7392
7479
|
# @!attribute [rw] visibility_config
|
@@ -7467,8 +7554,10 @@ module Aws::WAFV2
|
|
7467
7554
|
# provide the ARN of the rule group in this statement.
|
7468
7555
|
#
|
7469
7556
|
# You cannot nest a `RuleGroupReferenceStatement`, for example for use
|
7470
|
-
# inside a `NotStatement` or `OrStatement`. You
|
7471
|
-
#
|
7557
|
+
# inside a `NotStatement` or `OrStatement`. You cannot use a rule group
|
7558
|
+
# reference statement inside another rule group. You can only reference
|
7559
|
+
# a rule group as a top-level statement within a rule that you define in
|
7560
|
+
# a web ACL.
|
7472
7561
|
#
|
7473
7562
|
# @!attribute [rw] arn
|
7474
7563
|
# The Amazon Resource Name (ARN) of the entity.
|
@@ -7716,9 +7805,9 @@ module Aws::WAFV2
|
|
7716
7805
|
#
|
7717
7806
|
# If you configure WAF to inspect the request body, WAF inspects only
|
7718
7807
|
# the number of bytes of the body up to the limit for the web ACL. By
|
7719
|
-
# default, for regional web ACLs, this limit is 8 KB (8,192
|
7720
|
-
#
|
7721
|
-
#
|
7808
|
+
# default, for regional web ACLs, this limit is 8 KB (8,192 bytes) and
|
7809
|
+
# for CloudFront web ACLs, this limit is 16 KB (16,384 bytes). For
|
7810
|
+
# CloudFront web ACLs, you can increase the limit in the web ACL
|
7722
7811
|
# `AssociationConfig`, for additional fees. If you know that the request
|
7723
7812
|
# body for your web requests should never exceed the inspection limit,
|
7724
7813
|
# you could use a size constraint statement to block requests that have
|
@@ -7750,7 +7839,7 @@ module Aws::WAFV2
|
|
7750
7839
|
# before using them as custom aggregation keys. If you specify one or
|
7751
7840
|
# more transformations to apply, WAF performs all transformations on
|
7752
7841
|
# the specified content, starting from the lowest priority setting,
|
7753
|
-
# and then uses the component contents.
|
7842
|
+
# and then uses the transformed component contents.
|
7754
7843
|
# @return [Array<Types::TextTransformation>]
|
7755
7844
|
#
|
7756
7845
|
# @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/SizeConstraintStatement AWS API Documentation
|
@@ -7781,7 +7870,7 @@ module Aws::WAFV2
|
|
7781
7870
|
# before using them as custom aggregation keys. If you specify one or
|
7782
7871
|
# more transformations to apply, WAF performs all transformations on
|
7783
7872
|
# the specified content, starting from the lowest priority setting,
|
7784
|
-
# and then uses the component contents.
|
7873
|
+
# and then uses the transformed component contents.
|
7785
7874
|
# @return [Array<Types::TextTransformation>]
|
7786
7875
|
#
|
7787
7876
|
# @!attribute [rw] sensitivity_level
|
@@ -7851,9 +7940,9 @@ module Aws::WAFV2
|
|
7851
7940
|
#
|
7852
7941
|
# If you configure WAF to inspect the request body, WAF inspects only
|
7853
7942
|
# the number of bytes of the body up to the limit for the web ACL. By
|
7854
|
-
# default, for regional web ACLs, this limit is 8 KB (8,192
|
7855
|
-
#
|
7856
|
-
#
|
7943
|
+
# default, for regional web ACLs, this limit is 8 KB (8,192 bytes) and
|
7944
|
+
# for CloudFront web ACLs, this limit is 16 KB (16,384 bytes). For
|
7945
|
+
# CloudFront web ACLs, you can increase the limit in the web ACL
|
7857
7946
|
# `AssociationConfig`, for additional fees. If you know that the
|
7858
7947
|
# request body for your web requests should never exceed the
|
7859
7948
|
# inspection limit, you could use a size constraint statement to block
|
@@ -7908,8 +7997,10 @@ module Aws::WAFV2
|
|
7908
7997
|
# provide the ARN of the rule group in this statement.
|
7909
7998
|
#
|
7910
7999
|
# You cannot nest a `RuleGroupReferenceStatement`, for example for use
|
7911
|
-
# inside a `NotStatement` or `OrStatement`. You
|
7912
|
-
# group reference statement
|
8000
|
+
# inside a `NotStatement` or `OrStatement`. You cannot use a rule
|
8001
|
+
# group reference statement inside another rule group. You can only
|
8002
|
+
# reference a rule group as a top-level statement within a rule that
|
8003
|
+
# you define in a web ACL.
|
7913
8004
|
# @return [Types::RuleGroupReferenceStatement]
|
7914
8005
|
#
|
7915
8006
|
# @!attribute [rw] ip_set_reference_statement
|
@@ -8062,8 +8153,10 @@ module Aws::WAFV2
|
|
8062
8153
|
# calling ListAvailableManagedRuleGroups.
|
8063
8154
|
#
|
8064
8155
|
# You cannot nest a `ManagedRuleGroupStatement`, for example for use
|
8065
|
-
# inside a `NotStatement` or `OrStatement`.
|
8066
|
-
#
|
8156
|
+
# inside a `NotStatement` or `OrStatement`. You cannot use a managed
|
8157
|
+
# rule group inside another rule group. You can only reference a
|
8158
|
+
# managed rule group as a top-level statement within a rule that you
|
8159
|
+
# define in a web ACL.
|
8067
8160
|
#
|
8068
8161
|
# <note markdown="1"> You are charged additional fees when you use the WAF Bot Control
|
8069
8162
|
# managed rule group `AWSManagedRulesBotControlRuleSet`, the WAF Fraud
|
@@ -8219,126 +8312,12 @@ module Aws::WAFV2
|
|
8219
8312
|
# @return [Integer]
|
8220
8313
|
#
|
8221
8314
|
# @!attribute [rw] type
|
8222
|
-
#
|
8223
|
-
#
|
8224
|
-
# **BASE64\_DECODE** - Decode a `Base64`-encoded string.
|
8225
|
-
#
|
8226
|
-
# **BASE64\_DECODE\_EXT** - Decode a `Base64`-encoded string, but use
|
8227
|
-
# a forgiving implementation that ignores characters that aren't
|
8228
|
-
# valid.
|
8229
|
-
#
|
8230
|
-
# **CMD\_LINE** - Command-line transformations. These are helpful in
|
8231
|
-
# reducing effectiveness of attackers who inject an operating system
|
8232
|
-
# command-line command and use unusual formatting to disguise some or
|
8233
|
-
# all of the command.
|
8234
|
-
#
|
8235
|
-
# * Delete the following characters: `\ " ' ^`
|
8236
|
-
#
|
8237
|
-
# * Delete spaces before the following characters: `/ (`
|
8238
|
-
#
|
8239
|
-
# * Replace the following characters with a space: `, ;`
|
8240
|
-
#
|
8241
|
-
# * Replace multiple spaces with one space
|
8242
|
-
#
|
8243
|
-
# * Convert uppercase letters (A-Z) to lowercase (a-z)
|
8244
|
-
#
|
8245
|
-
# **COMPRESS\_WHITE\_SPACE** - Replace these characters with a space
|
8246
|
-
# character (decimal 32):
|
8247
|
-
#
|
8248
|
-
# * `\f`, formfeed, decimal 12
|
8249
|
-
#
|
8250
|
-
# * `\t`, tab, decimal 9
|
8251
|
-
#
|
8252
|
-
# * `\n`, newline, decimal 10
|
8253
|
-
#
|
8254
|
-
# * `\r`, carriage return, decimal 13
|
8255
|
-
#
|
8256
|
-
# * `\v`, vertical tab, decimal 11
|
8257
|
-
#
|
8258
|
-
# * Non-breaking space, decimal 160
|
8259
|
-
#
|
8260
|
-
# `COMPRESS_WHITE_SPACE` also replaces multiple spaces with one space.
|
8261
|
-
#
|
8262
|
-
# **CSS\_DECODE** - Decode characters that were encoded using CSS 2.x
|
8263
|
-
# escape rules `syndata.html#characters`. This function uses up to two
|
8264
|
-
# bytes in the decoding process, so it can help to uncover ASCII
|
8265
|
-
# characters that were encoded using CSS encoding that wouldn’t
|
8266
|
-
# typically be encoded. It's also useful in countering evasion, which
|
8267
|
-
# is a combination of a backslash and non-hexadecimal characters. For
|
8268
|
-
# example, `ja\vascript` for javascript.
|
8269
|
-
#
|
8270
|
-
# **ESCAPE\_SEQ\_DECODE** - Decode the following ANSI C escape
|
8271
|
-
# sequences: `\a`, `\b`, `\f`, `\n`, `\r`, `\t`, `\v`, `\`, `\?`,
|
8272
|
-
# `'`, `"`, `\xHH` (hexadecimal), `\0OOO` (octal). Encodings that
|
8273
|
-
# aren't valid remain in the output.
|
8274
|
-
#
|
8275
|
-
# **HEX\_DECODE** - Decode a string of hexadecimal characters into a
|
8276
|
-
# binary.
|
8277
|
-
#
|
8278
|
-
# **HTML\_ENTITY\_DECODE** - Replace HTML-encoded characters with
|
8279
|
-
# unencoded characters. `HTML_ENTITY_DECODE` performs these
|
8280
|
-
# operations:
|
8281
|
-
#
|
8282
|
-
# * Replaces `(ampersand)quot;` with `"`
|
8283
|
-
#
|
8284
|
-
# * Replaces `(ampersand)nbsp;` with a non-breaking space, decimal 160
|
8285
|
-
#
|
8286
|
-
# * Replaces `(ampersand)lt;` with a "less than" symbol
|
8287
|
-
#
|
8288
|
-
# * Replaces `(ampersand)gt;` with `>`
|
8289
|
-
#
|
8290
|
-
# * Replaces characters that are represented in hexadecimal format,
|
8291
|
-
# `(ampersand)#xhhhh;`, with the corresponding characters
|
8292
|
-
#
|
8293
|
-
# * Replaces characters that are represented in decimal format,
|
8294
|
-
# `(ampersand)#nnnn;`, with the corresponding characters
|
8295
|
-
#
|
8296
|
-
# **JS\_DECODE** - Decode JavaScript escape sequences. If a `` `u`
|
8297
|
-
# `HHHH` code is in the full-width ASCII code range of `FF01-FF5E`,
|
8298
|
-
# then the higher byte is used to detect and adjust the lower byte. If
|
8299
|
-
# not, only the lower byte is used and the higher byte is zeroed,
|
8300
|
-
# causing a possible loss of information.
|
8301
|
-
#
|
8302
|
-
# **LOWERCASE** - Convert uppercase letters (A-Z) to lowercase (a-z).
|
8303
|
-
#
|
8304
|
-
# **MD5** - Calculate an MD5 hash from the data in the input. The
|
8305
|
-
# computed hash is in a raw binary form.
|
8306
|
-
#
|
8307
|
-
# **NONE** - Specify `NONE` if you don't want any text
|
8308
|
-
# transformations.
|
8309
|
-
#
|
8310
|
-
# **NORMALIZE\_PATH** - Remove multiple slashes, directory
|
8311
|
-
# self-references, and directory back-references that are not at the
|
8312
|
-
# beginning of the input from an input string.
|
8313
|
-
#
|
8314
|
-
# **NORMALIZE\_PATH\_WIN** - This is the same as `NORMALIZE_PATH`, but
|
8315
|
-
# first converts backslash characters to forward slashes.
|
8316
|
-
#
|
8317
|
-
# **REMOVE\_NULLS** - Remove all `NULL` bytes from the input.
|
8318
|
-
#
|
8319
|
-
# **REPLACE\_COMMENTS** - Replace each occurrence of a C-style comment
|
8320
|
-
# (`/* ... */`) with a single space. Multiple consecutive occurrences
|
8321
|
-
# are not compressed. Unterminated comments are also replaced with a
|
8322
|
-
# space (ASCII 0x20). However, a standalone termination of a comment
|
8323
|
-
# (`*/`) is not acted upon.
|
8324
|
-
#
|
8325
|
-
# **REPLACE\_NULLS** - Replace NULL bytes in the input with space
|
8326
|
-
# characters (ASCII `0x20`).
|
8327
|
-
#
|
8328
|
-
# **SQL\_HEX\_DECODE** - Decode SQL hex data. Example (`0x414243`)
|
8329
|
-
# will be decoded to (`ABC`).
|
8315
|
+
# For detailed descriptions of each of the transformation types, see
|
8316
|
+
# [Text transformations][1] in the *WAF Developer Guide*.
|
8330
8317
|
#
|
8331
|
-
# **URL\_DECODE** - Decode a URL-encoded value.
|
8332
8318
|
#
|
8333
|
-
# **URL\_DECODE\_UNI** - Like `URL_DECODE`, but with support for
|
8334
|
-
# Microsoft-specific `%u` encoding. If the code is in the full-width
|
8335
|
-
# ASCII code range of `FF01-FF5E`, the higher byte is used to detect
|
8336
|
-
# and adjust the lower byte. Otherwise, only the lower byte is used
|
8337
|
-
# and the higher byte is zeroed.
|
8338
8319
|
#
|
8339
|
-
#
|
8340
|
-
# Unicode. This helps input normalization, and minimizing
|
8341
|
-
# false-positives and false-negatives for non-English languages.
|
8320
|
+
# [1]: https://docs.aws.amazon.com/waf/latest/developerguide/waf-rule-statement-transformation.html
|
8342
8321
|
# @return [String]
|
8343
8322
|
#
|
8344
8323
|
# @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/TextTransformation AWS API Documentation
|
@@ -8450,27 +8429,24 @@ module Aws::WAFV2
|
|
8450
8429
|
#
|
8451
8430
|
# @!attribute [rw] addresses
|
8452
8431
|
# Contains an array of strings that specifies zero or more IP
|
8453
|
-
# addresses or blocks of IP addresses
|
8454
|
-
#
|
8455
|
-
#
|
8432
|
+
# addresses or blocks of IP addresses that you want WAF to inspect for
|
8433
|
+
# in incoming requests. All addresses must be specified using
|
8434
|
+
# Classless Inter-Domain Routing (CIDR) notation. WAF supports all
|
8435
|
+
# IPv4 and IPv6 CIDR ranges except for `/0`.
|
8456
8436
|
#
|
8457
8437
|
# Example address strings:
|
8458
8438
|
#
|
8459
|
-
# *
|
8460
|
-
#
|
8461
|
-
# `192.0.2.44/32`.
|
8439
|
+
# * For requests that originated from the IP address 192.0.2.44,
|
8440
|
+
# specify `192.0.2.44/32`.
|
8462
8441
|
#
|
8463
|
-
# *
|
8464
|
-
#
|
8465
|
-
# specify `192.0.2.0/24`.
|
8442
|
+
# * For requests that originated from IP addresses from 192.0.2.0 to
|
8443
|
+
# 192.0.2.255, specify `192.0.2.0/24`.
|
8466
8444
|
#
|
8467
|
-
# *
|
8468
|
-
# originated from the IP address
|
8445
|
+
# * For requests that originated from the IP address
|
8469
8446
|
# 1111:0000:0000:0000:0000:0000:0000:0111, specify
|
8470
8447
|
# `1111:0000:0000:0000:0000:0000:0000:0111/128`.
|
8471
8448
|
#
|
8472
|
-
# *
|
8473
|
-
# originated from IP addresses
|
8449
|
+
# * For requests that originated from IP addresses
|
8474
8450
|
# 1111:0000:0000:0000:0000:0000:0000:0000 to
|
8475
8451
|
# 1111:0000:0000:0000:ffff:ffff:ffff:ffff, specify
|
8476
8452
|
# `1111:0000:0000:0000:0000:0000:0000:0000/64`.
|
@@ -8741,9 +8717,9 @@ module Aws::WAFV2
|
|
8741
8717
|
#
|
8742
8718
|
# @!attribute [rw] rules
|
8743
8719
|
# The Rule statements used to identify the web requests that you want
|
8744
|
-
# to
|
8745
|
-
#
|
8746
|
-
#
|
8720
|
+
# to manage. Each rule includes one top-level statement that WAF uses
|
8721
|
+
# to identify matching web requests, and parameters that govern how
|
8722
|
+
# WAF handles them.
|
8747
8723
|
# @return [Array<Types::Rule>]
|
8748
8724
|
#
|
8749
8725
|
# @!attribute [rw] visibility_config
|
@@ -8850,9 +8826,9 @@ module Aws::WAFV2
|
|
8850
8826
|
#
|
8851
8827
|
# @!attribute [rw] rules
|
8852
8828
|
# The Rule statements used to identify the web requests that you want
|
8853
|
-
# to
|
8854
|
-
#
|
8855
|
-
#
|
8829
|
+
# to manage. Each rule includes one top-level statement that WAF uses
|
8830
|
+
# to identify matching web requests, and parameters that govern how
|
8831
|
+
# WAF handles them.
|
8856
8832
|
# @return [Array<Types::Rule>]
|
8857
8833
|
#
|
8858
8834
|
# @!attribute [rw] visibility_config
|
@@ -8927,7 +8903,7 @@ module Aws::WAFV2
|
|
8927
8903
|
#
|
8928
8904
|
# Use this to customize the maximum size of the request body that your
|
8929
8905
|
# protected CloudFront distributions forward to WAF for inspection.
|
8930
|
-
# The default is 16 KB (16,384
|
8906
|
+
# The default is 16 KB (16,384 bytes).
|
8931
8907
|
#
|
8932
8908
|
# <note markdown="1"> You are charged additional fees when your protected resources
|
8933
8909
|
# forward body sizes that are larger than the default. For more
|
@@ -9458,16 +9434,17 @@ module Aws::WAFV2
|
|
9458
9434
|
end
|
9459
9435
|
|
9460
9436
|
# A web ACL defines a collection of rules to use to inspect and control
|
9461
|
-
# web requests. Each rule has
|
9462
|
-
#
|
9463
|
-
# assign a default action to take
|
9464
|
-
# does not match any of the rules.
|
9465
|
-
# combination of the types Rule,
|
9466
|
-
# can associate a web ACL with
|
9467
|
-
#
|
9468
|
-
#
|
9469
|
-
#
|
9470
|
-
# Amazon Web Services
|
9437
|
+
# web requests. Each rule has a statement that defines what to look for
|
9438
|
+
# in web requests and an action that WAF applies to requests that match
|
9439
|
+
# the statement. In the web ACL, you assign a default action to take
|
9440
|
+
# (allow, block) for any request that does not match any of the rules.
|
9441
|
+
# The rules in a web ACL can be a combination of the types Rule,
|
9442
|
+
# RuleGroup, and managed rule group. You can associate a web ACL with
|
9443
|
+
# one or more Amazon Web Services resources to protect. The resources
|
9444
|
+
# can be an Amazon CloudFront distribution, an Amazon API Gateway REST
|
9445
|
+
# API, an Application Load Balancer, an AppSync GraphQL API, an Amazon
|
9446
|
+
# Cognito user pool, an App Runner service, or an Amazon Web Services
|
9447
|
+
# Verified Access instance.
|
9471
9448
|
#
|
9472
9449
|
# @!attribute [rw] name
|
9473
9450
|
# The name of the web ACL. You cannot change the name of a web ACL
|
@@ -9496,9 +9473,9 @@ module Aws::WAFV2
|
|
9496
9473
|
#
|
9497
9474
|
# @!attribute [rw] rules
|
9498
9475
|
# The Rule statements used to identify the web requests that you want
|
9499
|
-
# to
|
9500
|
-
#
|
9501
|
-
#
|
9476
|
+
# to manage. Each rule includes one top-level statement that WAF uses
|
9477
|
+
# to identify matching web requests, and parameters that govern how
|
9478
|
+
# WAF handles them.
|
9502
9479
|
# @return [Array<Types::Rule>]
|
9503
9480
|
#
|
9504
9481
|
# @!attribute [rw] visibility_config
|
@@ -9623,7 +9600,7 @@ module Aws::WAFV2
|
|
9623
9600
|
#
|
9624
9601
|
# Use this to customize the maximum size of the request body that your
|
9625
9602
|
# protected CloudFront distributions forward to WAF for inspection.
|
9626
|
-
# The default is 16 KB (16,384
|
9603
|
+
# The default is 16 KB (16,384 bytes).
|
9627
9604
|
#
|
9628
9605
|
# <note markdown="1"> You are charged additional fees when your protected resources
|
9629
9606
|
# forward body sizes that are larger than the default. For more
|
@@ -9726,7 +9703,7 @@ module Aws::WAFV2
|
|
9726
9703
|
# before using them as custom aggregation keys. If you specify one or
|
9727
9704
|
# more transformations to apply, WAF performs all transformations on
|
9728
9705
|
# the specified content, starting from the lowest priority setting,
|
9729
|
-
# and then uses the component contents.
|
9706
|
+
# and then uses the transformed component contents.
|
9730
9707
|
# @return [Array<Types::TextTransformation>]
|
9731
9708
|
#
|
9732
9709
|
# @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/XssMatchStatement AWS API Documentation
|