aws-sdk-wafv2 1.68.0 → 1.69.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG.md +5 -0
- data/VERSION +1 -1
- data/lib/aws-sdk-wafv2/client.rb +161 -57
- data/lib/aws-sdk-wafv2/client_api.rb +5 -0
- data/lib/aws-sdk-wafv2/types.rb +162 -214
- data/lib/aws-sdk-wafv2.rb +1 -1
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: f159993614dfc0b2e74f8acfc8e623dfbfd72392d54952ee2b572700b39da53e
|
|
4
|
+
data.tar.gz: 3e35418199afa443c85d88ac64daaf5487aa92966c4e978d8429974d935976b1
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 1843c4c836d7d3db31c5b161b4ada940e32acf1b9281a5500d5e1c25be4403662652423888df27c97d525ed78a1baffaaaaae09196050072cbec76760b37266a
|
|
7
|
+
data.tar.gz: 5328f18b64890f79f90e151910bcc3639a9a5e6e5e742e33054f795e13e9b257e6a89be75373a88b398253ec645095caed9dd146a9b97ae9261a02b9d7acd20f
|
data/CHANGELOG.md
CHANGED
data/VERSION
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
1.
|
|
1
|
+
1.69.0
|
data/lib/aws-sdk-wafv2/client.rb
CHANGED
|
@@ -580,6 +580,9 @@ module Aws::WAFV2
|
|
|
580
580
|
# header_order: {
|
|
581
581
|
# oversize_handling: "CONTINUE", # required, accepts CONTINUE, MATCH, NO_MATCH
|
|
582
582
|
# },
|
|
583
|
+
# ja3_fingerprint: {
|
|
584
|
+
# fallback_behavior: "MATCH", # required, accepts MATCH, NO_MATCH
|
|
585
|
+
# },
|
|
583
586
|
# },
|
|
584
587
|
# text_transformations: [ # required
|
|
585
588
|
# {
|
|
@@ -641,6 +644,9 @@ module Aws::WAFV2
|
|
|
641
644
|
# header_order: {
|
|
642
645
|
# oversize_handling: "CONTINUE", # required, accepts CONTINUE, MATCH, NO_MATCH
|
|
643
646
|
# },
|
|
647
|
+
# ja3_fingerprint: {
|
|
648
|
+
# fallback_behavior: "MATCH", # required, accepts MATCH, NO_MATCH
|
|
649
|
+
# },
|
|
644
650
|
# },
|
|
645
651
|
# text_transformations: [ # required
|
|
646
652
|
# {
|
|
@@ -702,6 +708,9 @@ module Aws::WAFV2
|
|
|
702
708
|
# header_order: {
|
|
703
709
|
# oversize_handling: "CONTINUE", # required, accepts CONTINUE, MATCH, NO_MATCH
|
|
704
710
|
# },
|
|
711
|
+
# ja3_fingerprint: {
|
|
712
|
+
# fallback_behavior: "MATCH", # required, accepts MATCH, NO_MATCH
|
|
713
|
+
# },
|
|
705
714
|
# },
|
|
706
715
|
# text_transformations: [ # required
|
|
707
716
|
# {
|
|
@@ -762,6 +771,9 @@ module Aws::WAFV2
|
|
|
762
771
|
# header_order: {
|
|
763
772
|
# oversize_handling: "CONTINUE", # required, accepts CONTINUE, MATCH, NO_MATCH
|
|
764
773
|
# },
|
|
774
|
+
# ja3_fingerprint: {
|
|
775
|
+
# fallback_behavior: "MATCH", # required, accepts MATCH, NO_MATCH
|
|
776
|
+
# },
|
|
765
777
|
# },
|
|
766
778
|
# comparison_operator: "EQ", # required, accepts EQ, NE, LE, LT, GE, GT
|
|
767
779
|
# size: 1, # required
|
|
@@ -907,6 +919,9 @@ module Aws::WAFV2
|
|
|
907
919
|
# header_order: {
|
|
908
920
|
# oversize_handling: "CONTINUE", # required, accepts CONTINUE, MATCH, NO_MATCH
|
|
909
921
|
# },
|
|
922
|
+
# ja3_fingerprint: {
|
|
923
|
+
# fallback_behavior: "MATCH", # required, accepts MATCH, NO_MATCH
|
|
924
|
+
# },
|
|
910
925
|
# },
|
|
911
926
|
# text_transformations: [ # required
|
|
912
927
|
# {
|
|
@@ -1226,6 +1241,9 @@ module Aws::WAFV2
|
|
|
1226
1241
|
# header_order: {
|
|
1227
1242
|
# oversize_handling: "CONTINUE", # required, accepts CONTINUE, MATCH, NO_MATCH
|
|
1228
1243
|
# },
|
|
1244
|
+
# ja3_fingerprint: {
|
|
1245
|
+
# fallback_behavior: "MATCH", # required, accepts MATCH, NO_MATCH
|
|
1246
|
+
# },
|
|
1229
1247
|
# },
|
|
1230
1248
|
# text_transformations: [ # required
|
|
1231
1249
|
# {
|
|
@@ -1436,25 +1454,25 @@ module Aws::WAFV2
|
|
|
1436
1454
|
#
|
|
1437
1455
|
# @option params [required, Array<String>] :addresses
|
|
1438
1456
|
# Contains an array of strings that specifies zero or more IP addresses
|
|
1439
|
-
# or blocks of IP addresses
|
|
1440
|
-
#
|
|
1441
|
-
# and IPv6 CIDR ranges
|
|
1457
|
+
# or blocks of IP addresses that you want WAF to inspect for in incoming
|
|
1458
|
+
# requests. All addresses must be specified using Classless Inter-Domain
|
|
1459
|
+
# Routing (CIDR) notation. WAF supports all IPv4 and IPv6 CIDR ranges
|
|
1460
|
+
# except for `/0`.
|
|
1442
1461
|
#
|
|
1443
1462
|
# Example address strings:
|
|
1444
1463
|
#
|
|
1445
|
-
# *
|
|
1446
|
-
#
|
|
1464
|
+
# * For requests that originated from the IP address 192.0.2.44, specify
|
|
1465
|
+
# `192.0.2.44/32`.
|
|
1447
1466
|
#
|
|
1448
|
-
# *
|
|
1449
|
-
#
|
|
1450
|
-
# `192.0.2.0/24`.
|
|
1467
|
+
# * For requests that originated from IP addresses from 192.0.2.0 to
|
|
1468
|
+
# 192.0.2.255, specify `192.0.2.0/24`.
|
|
1451
1469
|
#
|
|
1452
|
-
# *
|
|
1453
|
-
#
|
|
1470
|
+
# * For requests that originated from the IP address
|
|
1471
|
+
# 1111:0000:0000:0000:0000:0000:0000:0111, specify
|
|
1454
1472
|
# `1111:0000:0000:0000:0000:0000:0000:0111/128`.
|
|
1455
1473
|
#
|
|
1456
|
-
# *
|
|
1457
|
-
#
|
|
1474
|
+
# * For requests that originated from IP addresses
|
|
1475
|
+
# 1111:0000:0000:0000:0000:0000:0000:0000 to
|
|
1458
1476
|
# 1111:0000:0000:0000:ffff:ffff:ffff:ffff, specify
|
|
1459
1477
|
# `1111:0000:0000:0000:0000:0000:0000:0000/64`.
|
|
1460
1478
|
#
|
|
@@ -1641,9 +1659,9 @@ module Aws::WAFV2
|
|
|
1641
1659
|
#
|
|
1642
1660
|
# @option params [Array<Types::Rule>] :rules
|
|
1643
1661
|
# The Rule statements used to identify the web requests that you want to
|
|
1644
|
-
#
|
|
1645
|
-
#
|
|
1646
|
-
#
|
|
1662
|
+
# manage. Each rule includes one top-level statement that WAF uses to
|
|
1663
|
+
# identify matching web requests, and parameters that govern how WAF
|
|
1664
|
+
# handles them.
|
|
1647
1665
|
#
|
|
1648
1666
|
# @option params [required, Types::VisibilityConfig] :visibility_config
|
|
1649
1667
|
# Defines and enables Amazon CloudWatch metrics and web request sample
|
|
@@ -1740,6 +1758,9 @@ module Aws::WAFV2
|
|
|
1740
1758
|
# header_order: {
|
|
1741
1759
|
# oversize_handling: "CONTINUE", # required, accepts CONTINUE, MATCH, NO_MATCH
|
|
1742
1760
|
# },
|
|
1761
|
+
# ja3_fingerprint: {
|
|
1762
|
+
# fallback_behavior: "MATCH", # required, accepts MATCH, NO_MATCH
|
|
1763
|
+
# },
|
|
1743
1764
|
# },
|
|
1744
1765
|
# text_transformations: [ # required
|
|
1745
1766
|
# {
|
|
@@ -1801,6 +1822,9 @@ module Aws::WAFV2
|
|
|
1801
1822
|
# header_order: {
|
|
1802
1823
|
# oversize_handling: "CONTINUE", # required, accepts CONTINUE, MATCH, NO_MATCH
|
|
1803
1824
|
# },
|
|
1825
|
+
# ja3_fingerprint: {
|
|
1826
|
+
# fallback_behavior: "MATCH", # required, accepts MATCH, NO_MATCH
|
|
1827
|
+
# },
|
|
1804
1828
|
# },
|
|
1805
1829
|
# text_transformations: [ # required
|
|
1806
1830
|
# {
|
|
@@ -1862,6 +1886,9 @@ module Aws::WAFV2
|
|
|
1862
1886
|
# header_order: {
|
|
1863
1887
|
# oversize_handling: "CONTINUE", # required, accepts CONTINUE, MATCH, NO_MATCH
|
|
1864
1888
|
# },
|
|
1889
|
+
# ja3_fingerprint: {
|
|
1890
|
+
# fallback_behavior: "MATCH", # required, accepts MATCH, NO_MATCH
|
|
1891
|
+
# },
|
|
1865
1892
|
# },
|
|
1866
1893
|
# text_transformations: [ # required
|
|
1867
1894
|
# {
|
|
@@ -1922,6 +1949,9 @@ module Aws::WAFV2
|
|
|
1922
1949
|
# header_order: {
|
|
1923
1950
|
# oversize_handling: "CONTINUE", # required, accepts CONTINUE, MATCH, NO_MATCH
|
|
1924
1951
|
# },
|
|
1952
|
+
# ja3_fingerprint: {
|
|
1953
|
+
# fallback_behavior: "MATCH", # required, accepts MATCH, NO_MATCH
|
|
1954
|
+
# },
|
|
1925
1955
|
# },
|
|
1926
1956
|
# comparison_operator: "EQ", # required, accepts EQ, NE, LE, LT, GE, GT
|
|
1927
1957
|
# size: 1, # required
|
|
@@ -2067,6 +2097,9 @@ module Aws::WAFV2
|
|
|
2067
2097
|
# header_order: {
|
|
2068
2098
|
# oversize_handling: "CONTINUE", # required, accepts CONTINUE, MATCH, NO_MATCH
|
|
2069
2099
|
# },
|
|
2100
|
+
# ja3_fingerprint: {
|
|
2101
|
+
# fallback_behavior: "MATCH", # required, accepts MATCH, NO_MATCH
|
|
2102
|
+
# },
|
|
2070
2103
|
# },
|
|
2071
2104
|
# text_transformations: [ # required
|
|
2072
2105
|
# {
|
|
@@ -2386,6 +2419,9 @@ module Aws::WAFV2
|
|
|
2386
2419
|
# header_order: {
|
|
2387
2420
|
# oversize_handling: "CONTINUE", # required, accepts CONTINUE, MATCH, NO_MATCH
|
|
2388
2421
|
# },
|
|
2422
|
+
# ja3_fingerprint: {
|
|
2423
|
+
# fallback_behavior: "MATCH", # required, accepts MATCH, NO_MATCH
|
|
2424
|
+
# },
|
|
2389
2425
|
# },
|
|
2390
2426
|
# text_transformations: [ # required
|
|
2391
2427
|
# {
|
|
@@ -2524,16 +2560,17 @@ module Aws::WAFV2
|
|
|
2524
2560
|
# Creates a WebACL per the specifications provided.
|
|
2525
2561
|
#
|
|
2526
2562
|
# A web ACL defines a collection of rules to use to inspect and control
|
|
2527
|
-
# web requests. Each rule has
|
|
2528
|
-
#
|
|
2529
|
-
# assign a default action to take
|
|
2530
|
-
# does not match any of the rules.
|
|
2531
|
-
# combination of the types Rule,
|
|
2532
|
-
# can associate a web ACL with
|
|
2533
|
-
#
|
|
2534
|
-
#
|
|
2535
|
-
#
|
|
2536
|
-
# Amazon Web Services
|
|
2563
|
+
# web requests. Each rule has a statement that defines what to look for
|
|
2564
|
+
# in web requests and an action that WAF applies to requests that match
|
|
2565
|
+
# the statement. In the web ACL, you assign a default action to take
|
|
2566
|
+
# (allow, block) for any request that does not match any of the rules.
|
|
2567
|
+
# The rules in a web ACL can be a combination of the types Rule,
|
|
2568
|
+
# RuleGroup, and managed rule group. You can associate a web ACL with
|
|
2569
|
+
# one or more Amazon Web Services resources to protect. The resources
|
|
2570
|
+
# can be an Amazon CloudFront distribution, an Amazon API Gateway REST
|
|
2571
|
+
# API, an Application Load Balancer, an AppSync GraphQL API, an Amazon
|
|
2572
|
+
# Cognito user pool, an App Runner service, or an Amazon Web Services
|
|
2573
|
+
# Verified Access instance.
|
|
2537
2574
|
#
|
|
2538
2575
|
# @option params [required, String] :name
|
|
2539
2576
|
# The name of the web ACL. You cannot change the name of a web ACL after
|
|
@@ -2563,9 +2600,9 @@ module Aws::WAFV2
|
|
|
2563
2600
|
#
|
|
2564
2601
|
# @option params [Array<Types::Rule>] :rules
|
|
2565
2602
|
# The Rule statements used to identify the web requests that you want to
|
|
2566
|
-
#
|
|
2567
|
-
#
|
|
2568
|
-
#
|
|
2603
|
+
# manage. Each rule includes one top-level statement that WAF uses to
|
|
2604
|
+
# identify matching web requests, and parameters that govern how WAF
|
|
2605
|
+
# handles them.
|
|
2569
2606
|
#
|
|
2570
2607
|
# @option params [required, Types::VisibilityConfig] :visibility_config
|
|
2571
2608
|
# Defines and enables Amazon CloudWatch metrics and web request sample
|
|
@@ -2729,6 +2766,9 @@ module Aws::WAFV2
|
|
|
2729
2766
|
# header_order: {
|
|
2730
2767
|
# oversize_handling: "CONTINUE", # required, accepts CONTINUE, MATCH, NO_MATCH
|
|
2731
2768
|
# },
|
|
2769
|
+
# ja3_fingerprint: {
|
|
2770
|
+
# fallback_behavior: "MATCH", # required, accepts MATCH, NO_MATCH
|
|
2771
|
+
# },
|
|
2732
2772
|
# },
|
|
2733
2773
|
# text_transformations: [ # required
|
|
2734
2774
|
# {
|
|
@@ -2790,6 +2830,9 @@ module Aws::WAFV2
|
|
|
2790
2830
|
# header_order: {
|
|
2791
2831
|
# oversize_handling: "CONTINUE", # required, accepts CONTINUE, MATCH, NO_MATCH
|
|
2792
2832
|
# },
|
|
2833
|
+
# ja3_fingerprint: {
|
|
2834
|
+
# fallback_behavior: "MATCH", # required, accepts MATCH, NO_MATCH
|
|
2835
|
+
# },
|
|
2793
2836
|
# },
|
|
2794
2837
|
# text_transformations: [ # required
|
|
2795
2838
|
# {
|
|
@@ -2851,6 +2894,9 @@ module Aws::WAFV2
|
|
|
2851
2894
|
# header_order: {
|
|
2852
2895
|
# oversize_handling: "CONTINUE", # required, accepts CONTINUE, MATCH, NO_MATCH
|
|
2853
2896
|
# },
|
|
2897
|
+
# ja3_fingerprint: {
|
|
2898
|
+
# fallback_behavior: "MATCH", # required, accepts MATCH, NO_MATCH
|
|
2899
|
+
# },
|
|
2854
2900
|
# },
|
|
2855
2901
|
# text_transformations: [ # required
|
|
2856
2902
|
# {
|
|
@@ -2911,6 +2957,9 @@ module Aws::WAFV2
|
|
|
2911
2957
|
# header_order: {
|
|
2912
2958
|
# oversize_handling: "CONTINUE", # required, accepts CONTINUE, MATCH, NO_MATCH
|
|
2913
2959
|
# },
|
|
2960
|
+
# ja3_fingerprint: {
|
|
2961
|
+
# fallback_behavior: "MATCH", # required, accepts MATCH, NO_MATCH
|
|
2962
|
+
# },
|
|
2914
2963
|
# },
|
|
2915
2964
|
# comparison_operator: "EQ", # required, accepts EQ, NE, LE, LT, GE, GT
|
|
2916
2965
|
# size: 1, # required
|
|
@@ -3056,6 +3105,9 @@ module Aws::WAFV2
|
|
|
3056
3105
|
# header_order: {
|
|
3057
3106
|
# oversize_handling: "CONTINUE", # required, accepts CONTINUE, MATCH, NO_MATCH
|
|
3058
3107
|
# },
|
|
3108
|
+
# ja3_fingerprint: {
|
|
3109
|
+
# fallback_behavior: "MATCH", # required, accepts MATCH, NO_MATCH
|
|
3110
|
+
# },
|
|
3059
3111
|
# },
|
|
3060
3112
|
# text_transformations: [ # required
|
|
3061
3113
|
# {
|
|
@@ -3375,6 +3427,9 @@ module Aws::WAFV2
|
|
|
3375
3427
|
# header_order: {
|
|
3376
3428
|
# oversize_handling: "CONTINUE", # required, accepts CONTINUE, MATCH, NO_MATCH
|
|
3377
3429
|
# },
|
|
3430
|
+
# ja3_fingerprint: {
|
|
3431
|
+
# fallback_behavior: "MATCH", # required, accepts MATCH, NO_MATCH
|
|
3432
|
+
# },
|
|
3378
3433
|
# },
|
|
3379
3434
|
# text_transformations: [ # required
|
|
3380
3435
|
# {
|
|
@@ -4337,6 +4392,7 @@ module Aws::WAFV2
|
|
|
4337
4392
|
# resp.logging_configuration.redacted_fields[0].cookies.match_scope #=> String, one of "ALL", "KEY", "VALUE"
|
|
4338
4393
|
# resp.logging_configuration.redacted_fields[0].cookies.oversize_handling #=> String, one of "CONTINUE", "MATCH", "NO_MATCH"
|
|
4339
4394
|
# resp.logging_configuration.redacted_fields[0].header_order.oversize_handling #=> String, one of "CONTINUE", "MATCH", "NO_MATCH"
|
|
4395
|
+
# resp.logging_configuration.redacted_fields[0].ja3_fingerprint.fallback_behavior #=> String, one of "MATCH", "NO_MATCH"
|
|
4340
4396
|
# resp.logging_configuration.managed_by_firewall_manager #=> Boolean
|
|
4341
4397
|
# resp.logging_configuration.logging_filter.filters #=> Array
|
|
4342
4398
|
# resp.logging_configuration.logging_filter.filters[0].behavior #=> String, one of "KEEP", "DROP"
|
|
@@ -4736,6 +4792,7 @@ module Aws::WAFV2
|
|
|
4736
4792
|
# resp.rule_group.rules[0].statement.byte_match_statement.field_to_match.cookies.match_scope #=> String, one of "ALL", "KEY", "VALUE"
|
|
4737
4793
|
# resp.rule_group.rules[0].statement.byte_match_statement.field_to_match.cookies.oversize_handling #=> String, one of "CONTINUE", "MATCH", "NO_MATCH"
|
|
4738
4794
|
# resp.rule_group.rules[0].statement.byte_match_statement.field_to_match.header_order.oversize_handling #=> String, one of "CONTINUE", "MATCH", "NO_MATCH"
|
|
4795
|
+
# resp.rule_group.rules[0].statement.byte_match_statement.field_to_match.ja3_fingerprint.fallback_behavior #=> String, one of "MATCH", "NO_MATCH"
|
|
4739
4796
|
# resp.rule_group.rules[0].statement.byte_match_statement.text_transformations #=> Array
|
|
4740
4797
|
# resp.rule_group.rules[0].statement.byte_match_statement.text_transformations[0].priority #=> Integer
|
|
4741
4798
|
# resp.rule_group.rules[0].statement.byte_match_statement.text_transformations[0].type #=> String, one of "NONE", "COMPRESS_WHITE_SPACE", "HTML_ENTITY_DECODE", "LOWERCASE", "CMD_LINE", "URL_DECODE", "BASE64_DECODE", "HEX_DECODE", "MD5", "REPLACE_COMMENTS", "ESCAPE_SEQ_DECODE", "SQL_HEX_DECODE", "CSS_DECODE", "JS_DECODE", "NORMALIZE_PATH", "NORMALIZE_PATH_WIN", "REMOVE_NULLS", "REPLACE_NULLS", "BASE64_DECODE_EXT", "URL_DECODE_UNI", "UTF8_TO_UNICODE"
|
|
@@ -4761,6 +4818,7 @@ module Aws::WAFV2
|
|
|
4761
4818
|
# resp.rule_group.rules[0].statement.sqli_match_statement.field_to_match.cookies.match_scope #=> String, one of "ALL", "KEY", "VALUE"
|
|
4762
4819
|
# resp.rule_group.rules[0].statement.sqli_match_statement.field_to_match.cookies.oversize_handling #=> String, one of "CONTINUE", "MATCH", "NO_MATCH"
|
|
4763
4820
|
# resp.rule_group.rules[0].statement.sqli_match_statement.field_to_match.header_order.oversize_handling #=> String, one of "CONTINUE", "MATCH", "NO_MATCH"
|
|
4821
|
+
# resp.rule_group.rules[0].statement.sqli_match_statement.field_to_match.ja3_fingerprint.fallback_behavior #=> String, one of "MATCH", "NO_MATCH"
|
|
4764
4822
|
# resp.rule_group.rules[0].statement.sqli_match_statement.text_transformations #=> Array
|
|
4765
4823
|
# resp.rule_group.rules[0].statement.sqli_match_statement.text_transformations[0].priority #=> Integer
|
|
4766
4824
|
# resp.rule_group.rules[0].statement.sqli_match_statement.text_transformations[0].type #=> String, one of "NONE", "COMPRESS_WHITE_SPACE", "HTML_ENTITY_DECODE", "LOWERCASE", "CMD_LINE", "URL_DECODE", "BASE64_DECODE", "HEX_DECODE", "MD5", "REPLACE_COMMENTS", "ESCAPE_SEQ_DECODE", "SQL_HEX_DECODE", "CSS_DECODE", "JS_DECODE", "NORMALIZE_PATH", "NORMALIZE_PATH_WIN", "REMOVE_NULLS", "REPLACE_NULLS", "BASE64_DECODE_EXT", "URL_DECODE_UNI", "UTF8_TO_UNICODE"
|
|
@@ -4786,6 +4844,7 @@ module Aws::WAFV2
|
|
|
4786
4844
|
# resp.rule_group.rules[0].statement.xss_match_statement.field_to_match.cookies.match_scope #=> String, one of "ALL", "KEY", "VALUE"
|
|
4787
4845
|
# resp.rule_group.rules[0].statement.xss_match_statement.field_to_match.cookies.oversize_handling #=> String, one of "CONTINUE", "MATCH", "NO_MATCH"
|
|
4788
4846
|
# resp.rule_group.rules[0].statement.xss_match_statement.field_to_match.header_order.oversize_handling #=> String, one of "CONTINUE", "MATCH", "NO_MATCH"
|
|
4847
|
+
# resp.rule_group.rules[0].statement.xss_match_statement.field_to_match.ja3_fingerprint.fallback_behavior #=> String, one of "MATCH", "NO_MATCH"
|
|
4789
4848
|
# resp.rule_group.rules[0].statement.xss_match_statement.text_transformations #=> Array
|
|
4790
4849
|
# resp.rule_group.rules[0].statement.xss_match_statement.text_transformations[0].priority #=> Integer
|
|
4791
4850
|
# resp.rule_group.rules[0].statement.xss_match_statement.text_transformations[0].type #=> String, one of "NONE", "COMPRESS_WHITE_SPACE", "HTML_ENTITY_DECODE", "LOWERCASE", "CMD_LINE", "URL_DECODE", "BASE64_DECODE", "HEX_DECODE", "MD5", "REPLACE_COMMENTS", "ESCAPE_SEQ_DECODE", "SQL_HEX_DECODE", "CSS_DECODE", "JS_DECODE", "NORMALIZE_PATH", "NORMALIZE_PATH_WIN", "REMOVE_NULLS", "REPLACE_NULLS", "BASE64_DECODE_EXT", "URL_DECODE_UNI", "UTF8_TO_UNICODE"
|
|
@@ -4810,6 +4869,7 @@ module Aws::WAFV2
|
|
|
4810
4869
|
# resp.rule_group.rules[0].statement.size_constraint_statement.field_to_match.cookies.match_scope #=> String, one of "ALL", "KEY", "VALUE"
|
|
4811
4870
|
# resp.rule_group.rules[0].statement.size_constraint_statement.field_to_match.cookies.oversize_handling #=> String, one of "CONTINUE", "MATCH", "NO_MATCH"
|
|
4812
4871
|
# resp.rule_group.rules[0].statement.size_constraint_statement.field_to_match.header_order.oversize_handling #=> String, one of "CONTINUE", "MATCH", "NO_MATCH"
|
|
4872
|
+
# resp.rule_group.rules[0].statement.size_constraint_statement.field_to_match.ja3_fingerprint.fallback_behavior #=> String, one of "MATCH", "NO_MATCH"
|
|
4813
4873
|
# resp.rule_group.rules[0].statement.size_constraint_statement.comparison_operator #=> String, one of "EQ", "NE", "LE", "LT", "GE", "GT"
|
|
4814
4874
|
# resp.rule_group.rules[0].statement.size_constraint_statement.size #=> Integer
|
|
4815
4875
|
# resp.rule_group.rules[0].statement.size_constraint_statement.text_transformations #=> Array
|
|
@@ -4867,6 +4927,7 @@ module Aws::WAFV2
|
|
|
4867
4927
|
# resp.rule_group.rules[0].statement.regex_pattern_set_reference_statement.field_to_match.cookies.match_scope #=> String, one of "ALL", "KEY", "VALUE"
|
|
4868
4928
|
# resp.rule_group.rules[0].statement.regex_pattern_set_reference_statement.field_to_match.cookies.oversize_handling #=> String, one of "CONTINUE", "MATCH", "NO_MATCH"
|
|
4869
4929
|
# resp.rule_group.rules[0].statement.regex_pattern_set_reference_statement.field_to_match.header_order.oversize_handling #=> String, one of "CONTINUE", "MATCH", "NO_MATCH"
|
|
4930
|
+
# resp.rule_group.rules[0].statement.regex_pattern_set_reference_statement.field_to_match.ja3_fingerprint.fallback_behavior #=> String, one of "MATCH", "NO_MATCH"
|
|
4870
4931
|
# resp.rule_group.rules[0].statement.regex_pattern_set_reference_statement.text_transformations #=> Array
|
|
4871
4932
|
# resp.rule_group.rules[0].statement.regex_pattern_set_reference_statement.text_transformations[0].priority #=> Integer
|
|
4872
4933
|
# resp.rule_group.rules[0].statement.regex_pattern_set_reference_statement.text_transformations[0].type #=> String, one of "NONE", "COMPRESS_WHITE_SPACE", "HTML_ENTITY_DECODE", "LOWERCASE", "CMD_LINE", "URL_DECODE", "BASE64_DECODE", "HEX_DECODE", "MD5", "REPLACE_COMMENTS", "ESCAPE_SEQ_DECODE", "SQL_HEX_DECODE", "CSS_DECODE", "JS_DECODE", "NORMALIZE_PATH", "NORMALIZE_PATH_WIN", "REMOVE_NULLS", "REPLACE_NULLS", "BASE64_DECODE_EXT", "URL_DECODE_UNI", "UTF8_TO_UNICODE"
|
|
@@ -5008,6 +5069,7 @@ module Aws::WAFV2
|
|
|
5008
5069
|
# resp.rule_group.rules[0].statement.regex_match_statement.field_to_match.cookies.match_scope #=> String, one of "ALL", "KEY", "VALUE"
|
|
5009
5070
|
# resp.rule_group.rules[0].statement.regex_match_statement.field_to_match.cookies.oversize_handling #=> String, one of "CONTINUE", "MATCH", "NO_MATCH"
|
|
5010
5071
|
# resp.rule_group.rules[0].statement.regex_match_statement.field_to_match.header_order.oversize_handling #=> String, one of "CONTINUE", "MATCH", "NO_MATCH"
|
|
5072
|
+
# resp.rule_group.rules[0].statement.regex_match_statement.field_to_match.ja3_fingerprint.fallback_behavior #=> String, one of "MATCH", "NO_MATCH"
|
|
5011
5073
|
# resp.rule_group.rules[0].statement.regex_match_statement.text_transformations #=> Array
|
|
5012
5074
|
# resp.rule_group.rules[0].statement.regex_match_statement.text_transformations[0].priority #=> Integer
|
|
5013
5075
|
# resp.rule_group.rules[0].statement.regex_match_statement.text_transformations[0].type #=> String, one of "NONE", "COMPRESS_WHITE_SPACE", "HTML_ENTITY_DECODE", "LOWERCASE", "CMD_LINE", "URL_DECODE", "BASE64_DECODE", "HEX_DECODE", "MD5", "REPLACE_COMMENTS", "ESCAPE_SEQ_DECODE", "SQL_HEX_DECODE", "CSS_DECODE", "JS_DECODE", "NORMALIZE_PATH", "NORMALIZE_PATH_WIN", "REMOVE_NULLS", "REPLACE_NULLS", "BASE64_DECODE_EXT", "URL_DECODE_UNI", "UTF8_TO_UNICODE"
|
|
@@ -5616,6 +5678,7 @@ module Aws::WAFV2
|
|
|
5616
5678
|
# resp.logging_configurations[0].redacted_fields[0].cookies.match_scope #=> String, one of "ALL", "KEY", "VALUE"
|
|
5617
5679
|
# resp.logging_configurations[0].redacted_fields[0].cookies.oversize_handling #=> String, one of "CONTINUE", "MATCH", "NO_MATCH"
|
|
5618
5680
|
# resp.logging_configurations[0].redacted_fields[0].header_order.oversize_handling #=> String, one of "CONTINUE", "MATCH", "NO_MATCH"
|
|
5681
|
+
# resp.logging_configurations[0].redacted_fields[0].ja3_fingerprint.fallback_behavior #=> String, one of "MATCH", "NO_MATCH"
|
|
5619
5682
|
# resp.logging_configurations[0].managed_by_firewall_manager #=> Boolean
|
|
5620
5683
|
# resp.logging_configurations[0].logging_filter.filters #=> Array
|
|
5621
5684
|
# resp.logging_configurations[0].logging_filter.filters[0].behavior #=> String, one of "KEEP", "DROP"
|
|
@@ -6178,6 +6241,9 @@ module Aws::WAFV2
|
|
|
6178
6241
|
# header_order: {
|
|
6179
6242
|
# oversize_handling: "CONTINUE", # required, accepts CONTINUE, MATCH, NO_MATCH
|
|
6180
6243
|
# },
|
|
6244
|
+
# ja3_fingerprint: {
|
|
6245
|
+
# fallback_behavior: "MATCH", # required, accepts MATCH, NO_MATCH
|
|
6246
|
+
# },
|
|
6181
6247
|
# },
|
|
6182
6248
|
# ],
|
|
6183
6249
|
# managed_by_firewall_manager: false,
|
|
@@ -6230,6 +6296,7 @@ module Aws::WAFV2
|
|
|
6230
6296
|
# resp.logging_configuration.redacted_fields[0].cookies.match_scope #=> String, one of "ALL", "KEY", "VALUE"
|
|
6231
6297
|
# resp.logging_configuration.redacted_fields[0].cookies.oversize_handling #=> String, one of "CONTINUE", "MATCH", "NO_MATCH"
|
|
6232
6298
|
# resp.logging_configuration.redacted_fields[0].header_order.oversize_handling #=> String, one of "CONTINUE", "MATCH", "NO_MATCH"
|
|
6299
|
+
# resp.logging_configuration.redacted_fields[0].ja3_fingerprint.fallback_behavior #=> String, one of "MATCH", "NO_MATCH"
|
|
6233
6300
|
# resp.logging_configuration.managed_by_firewall_manager #=> Boolean
|
|
6234
6301
|
# resp.logging_configuration.logging_filter.filters #=> Array
|
|
6235
6302
|
# resp.logging_configuration.logging_filter.filters[0].behavior #=> String, one of "KEEP", "DROP"
|
|
@@ -6546,25 +6613,25 @@ module Aws::WAFV2
|
|
|
6546
6613
|
#
|
|
6547
6614
|
# @option params [required, Array<String>] :addresses
|
|
6548
6615
|
# Contains an array of strings that specifies zero or more IP addresses
|
|
6549
|
-
# or blocks of IP addresses
|
|
6550
|
-
#
|
|
6551
|
-
# and IPv6 CIDR ranges
|
|
6616
|
+
# or blocks of IP addresses that you want WAF to inspect for in incoming
|
|
6617
|
+
# requests. All addresses must be specified using Classless Inter-Domain
|
|
6618
|
+
# Routing (CIDR) notation. WAF supports all IPv4 and IPv6 CIDR ranges
|
|
6619
|
+
# except for `/0`.
|
|
6552
6620
|
#
|
|
6553
6621
|
# Example address strings:
|
|
6554
6622
|
#
|
|
6555
|
-
# *
|
|
6556
|
-
#
|
|
6623
|
+
# * For requests that originated from the IP address 192.0.2.44, specify
|
|
6624
|
+
# `192.0.2.44/32`.
|
|
6557
6625
|
#
|
|
6558
|
-
# *
|
|
6559
|
-
#
|
|
6560
|
-
# `192.0.2.0/24`.
|
|
6626
|
+
# * For requests that originated from IP addresses from 192.0.2.0 to
|
|
6627
|
+
# 192.0.2.255, specify `192.0.2.0/24`.
|
|
6561
6628
|
#
|
|
6562
|
-
# *
|
|
6563
|
-
#
|
|
6629
|
+
# * For requests that originated from the IP address
|
|
6630
|
+
# 1111:0000:0000:0000:0000:0000:0000:0111, specify
|
|
6564
6631
|
# `1111:0000:0000:0000:0000:0000:0000:0111/128`.
|
|
6565
6632
|
#
|
|
6566
|
-
# *
|
|
6567
|
-
#
|
|
6633
|
+
# * For requests that originated from IP addresses
|
|
6634
|
+
# 1111:0000:0000:0000:0000:0000:0000:0000 to
|
|
6568
6635
|
# 1111:0000:0000:0000:ffff:ffff:ffff:ffff, specify
|
|
6569
6636
|
# `1111:0000:0000:0000:0000:0000:0000:0000/64`.
|
|
6570
6637
|
#
|
|
@@ -6886,9 +6953,9 @@ module Aws::WAFV2
|
|
|
6886
6953
|
#
|
|
6887
6954
|
# @option params [Array<Types::Rule>] :rules
|
|
6888
6955
|
# The Rule statements used to identify the web requests that you want to
|
|
6889
|
-
#
|
|
6890
|
-
#
|
|
6891
|
-
#
|
|
6956
|
+
# manage. Each rule includes one top-level statement that WAF uses to
|
|
6957
|
+
# identify matching web requests, and parameters that govern how WAF
|
|
6958
|
+
# handles them.
|
|
6892
6959
|
#
|
|
6893
6960
|
# @option params [required, Types::VisibilityConfig] :visibility_config
|
|
6894
6961
|
# Defines and enables Amazon CloudWatch metrics and web request sample
|
|
@@ -6992,6 +7059,9 @@ module Aws::WAFV2
|
|
|
6992
7059
|
# header_order: {
|
|
6993
7060
|
# oversize_handling: "CONTINUE", # required, accepts CONTINUE, MATCH, NO_MATCH
|
|
6994
7061
|
# },
|
|
7062
|
+
# ja3_fingerprint: {
|
|
7063
|
+
# fallback_behavior: "MATCH", # required, accepts MATCH, NO_MATCH
|
|
7064
|
+
# },
|
|
6995
7065
|
# },
|
|
6996
7066
|
# text_transformations: [ # required
|
|
6997
7067
|
# {
|
|
@@ -7053,6 +7123,9 @@ module Aws::WAFV2
|
|
|
7053
7123
|
# header_order: {
|
|
7054
7124
|
# oversize_handling: "CONTINUE", # required, accepts CONTINUE, MATCH, NO_MATCH
|
|
7055
7125
|
# },
|
|
7126
|
+
# ja3_fingerprint: {
|
|
7127
|
+
# fallback_behavior: "MATCH", # required, accepts MATCH, NO_MATCH
|
|
7128
|
+
# },
|
|
7056
7129
|
# },
|
|
7057
7130
|
# text_transformations: [ # required
|
|
7058
7131
|
# {
|
|
@@ -7114,6 +7187,9 @@ module Aws::WAFV2
|
|
|
7114
7187
|
# header_order: {
|
|
7115
7188
|
# oversize_handling: "CONTINUE", # required, accepts CONTINUE, MATCH, NO_MATCH
|
|
7116
7189
|
# },
|
|
7190
|
+
# ja3_fingerprint: {
|
|
7191
|
+
# fallback_behavior: "MATCH", # required, accepts MATCH, NO_MATCH
|
|
7192
|
+
# },
|
|
7117
7193
|
# },
|
|
7118
7194
|
# text_transformations: [ # required
|
|
7119
7195
|
# {
|
|
@@ -7174,6 +7250,9 @@ module Aws::WAFV2
|
|
|
7174
7250
|
# header_order: {
|
|
7175
7251
|
# oversize_handling: "CONTINUE", # required, accepts CONTINUE, MATCH, NO_MATCH
|
|
7176
7252
|
# },
|
|
7253
|
+
# ja3_fingerprint: {
|
|
7254
|
+
# fallback_behavior: "MATCH", # required, accepts MATCH, NO_MATCH
|
|
7255
|
+
# },
|
|
7177
7256
|
# },
|
|
7178
7257
|
# comparison_operator: "EQ", # required, accepts EQ, NE, LE, LT, GE, GT
|
|
7179
7258
|
# size: 1, # required
|
|
@@ -7319,6 +7398,9 @@ module Aws::WAFV2
|
|
|
7319
7398
|
# header_order: {
|
|
7320
7399
|
# oversize_handling: "CONTINUE", # required, accepts CONTINUE, MATCH, NO_MATCH
|
|
7321
7400
|
# },
|
|
7401
|
+
# ja3_fingerprint: {
|
|
7402
|
+
# fallback_behavior: "MATCH", # required, accepts MATCH, NO_MATCH
|
|
7403
|
+
# },
|
|
7322
7404
|
# },
|
|
7323
7405
|
# text_transformations: [ # required
|
|
7324
7406
|
# {
|
|
@@ -7638,6 +7720,9 @@ module Aws::WAFV2
|
|
|
7638
7720
|
# header_order: {
|
|
7639
7721
|
# oversize_handling: "CONTINUE", # required, accepts CONTINUE, MATCH, NO_MATCH
|
|
7640
7722
|
# },
|
|
7723
|
+
# ja3_fingerprint: {
|
|
7724
|
+
# fallback_behavior: "MATCH", # required, accepts MATCH, NO_MATCH
|
|
7725
|
+
# },
|
|
7641
7726
|
# },
|
|
7642
7727
|
# text_transformations: [ # required
|
|
7643
7728
|
# {
|
|
@@ -7797,16 +7882,17 @@ module Aws::WAFV2
|
|
|
7797
7882
|
# Generally, any inconsistencies of this type last only a few seconds.
|
|
7798
7883
|
#
|
|
7799
7884
|
# A web ACL defines a collection of rules to use to inspect and control
|
|
7800
|
-
# web requests. Each rule has
|
|
7801
|
-
#
|
|
7802
|
-
# assign a default action to take
|
|
7803
|
-
# does not match any of the rules.
|
|
7804
|
-
# combination of the types Rule,
|
|
7805
|
-
# can associate a web ACL with
|
|
7806
|
-
#
|
|
7807
|
-
#
|
|
7808
|
-
#
|
|
7809
|
-
# Amazon Web Services
|
|
7885
|
+
# web requests. Each rule has a statement that defines what to look for
|
|
7886
|
+
# in web requests and an action that WAF applies to requests that match
|
|
7887
|
+
# the statement. In the web ACL, you assign a default action to take
|
|
7888
|
+
# (allow, block) for any request that does not match any of the rules.
|
|
7889
|
+
# The rules in a web ACL can be a combination of the types Rule,
|
|
7890
|
+
# RuleGroup, and managed rule group. You can associate a web ACL with
|
|
7891
|
+
# one or more Amazon Web Services resources to protect. The resources
|
|
7892
|
+
# can be an Amazon CloudFront distribution, an Amazon API Gateway REST
|
|
7893
|
+
# API, an Application Load Balancer, an AppSync GraphQL API, an Amazon
|
|
7894
|
+
# Cognito user pool, an App Runner service, or an Amazon Web Services
|
|
7895
|
+
# Verified Access instance.
|
|
7810
7896
|
#
|
|
7811
7897
|
# @option params [required, String] :name
|
|
7812
7898
|
# The name of the web ACL. You cannot change the name of a web ACL after
|
|
@@ -7841,9 +7927,9 @@ module Aws::WAFV2
|
|
|
7841
7927
|
#
|
|
7842
7928
|
# @option params [Array<Types::Rule>] :rules
|
|
7843
7929
|
# The Rule statements used to identify the web requests that you want to
|
|
7844
|
-
#
|
|
7845
|
-
#
|
|
7846
|
-
#
|
|
7930
|
+
# manage. Each rule includes one top-level statement that WAF uses to
|
|
7931
|
+
# identify matching web requests, and parameters that govern how WAF
|
|
7932
|
+
# handles them.
|
|
7847
7933
|
#
|
|
7848
7934
|
# @option params [required, Types::VisibilityConfig] :visibility_config
|
|
7849
7935
|
# Defines and enables Amazon CloudWatch metrics and web request sample
|
|
@@ -8015,6 +8101,9 @@ module Aws::WAFV2
|
|
|
8015
8101
|
# header_order: {
|
|
8016
8102
|
# oversize_handling: "CONTINUE", # required, accepts CONTINUE, MATCH, NO_MATCH
|
|
8017
8103
|
# },
|
|
8104
|
+
# ja3_fingerprint: {
|
|
8105
|
+
# fallback_behavior: "MATCH", # required, accepts MATCH, NO_MATCH
|
|
8106
|
+
# },
|
|
8018
8107
|
# },
|
|
8019
8108
|
# text_transformations: [ # required
|
|
8020
8109
|
# {
|
|
@@ -8076,6 +8165,9 @@ module Aws::WAFV2
|
|
|
8076
8165
|
# header_order: {
|
|
8077
8166
|
# oversize_handling: "CONTINUE", # required, accepts CONTINUE, MATCH, NO_MATCH
|
|
8078
8167
|
# },
|
|
8168
|
+
# ja3_fingerprint: {
|
|
8169
|
+
# fallback_behavior: "MATCH", # required, accepts MATCH, NO_MATCH
|
|
8170
|
+
# },
|
|
8079
8171
|
# },
|
|
8080
8172
|
# text_transformations: [ # required
|
|
8081
8173
|
# {
|
|
@@ -8137,6 +8229,9 @@ module Aws::WAFV2
|
|
|
8137
8229
|
# header_order: {
|
|
8138
8230
|
# oversize_handling: "CONTINUE", # required, accepts CONTINUE, MATCH, NO_MATCH
|
|
8139
8231
|
# },
|
|
8232
|
+
# ja3_fingerprint: {
|
|
8233
|
+
# fallback_behavior: "MATCH", # required, accepts MATCH, NO_MATCH
|
|
8234
|
+
# },
|
|
8140
8235
|
# },
|
|
8141
8236
|
# text_transformations: [ # required
|
|
8142
8237
|
# {
|
|
@@ -8197,6 +8292,9 @@ module Aws::WAFV2
|
|
|
8197
8292
|
# header_order: {
|
|
8198
8293
|
# oversize_handling: "CONTINUE", # required, accepts CONTINUE, MATCH, NO_MATCH
|
|
8199
8294
|
# },
|
|
8295
|
+
# ja3_fingerprint: {
|
|
8296
|
+
# fallback_behavior: "MATCH", # required, accepts MATCH, NO_MATCH
|
|
8297
|
+
# },
|
|
8200
8298
|
# },
|
|
8201
8299
|
# comparison_operator: "EQ", # required, accepts EQ, NE, LE, LT, GE, GT
|
|
8202
8300
|
# size: 1, # required
|
|
@@ -8342,6 +8440,9 @@ module Aws::WAFV2
|
|
|
8342
8440
|
# header_order: {
|
|
8343
8441
|
# oversize_handling: "CONTINUE", # required, accepts CONTINUE, MATCH, NO_MATCH
|
|
8344
8442
|
# },
|
|
8443
|
+
# ja3_fingerprint: {
|
|
8444
|
+
# fallback_behavior: "MATCH", # required, accepts MATCH, NO_MATCH
|
|
8445
|
+
# },
|
|
8345
8446
|
# },
|
|
8346
8447
|
# text_transformations: [ # required
|
|
8347
8448
|
# {
|
|
@@ -8661,6 +8762,9 @@ module Aws::WAFV2
|
|
|
8661
8762
|
# header_order: {
|
|
8662
8763
|
# oversize_handling: "CONTINUE", # required, accepts CONTINUE, MATCH, NO_MATCH
|
|
8663
8764
|
# },
|
|
8765
|
+
# ja3_fingerprint: {
|
|
8766
|
+
# fallback_behavior: "MATCH", # required, accepts MATCH, NO_MATCH
|
|
8767
|
+
# },
|
|
8664
8768
|
# },
|
|
8665
8769
|
# text_transformations: [ # required
|
|
8666
8770
|
# {
|
|
@@ -8818,7 +8922,7 @@ module Aws::WAFV2
|
|
|
8818
8922
|
params: params,
|
|
8819
8923
|
config: config)
|
|
8820
8924
|
context[:gem_name] = 'aws-sdk-wafv2'
|
|
8821
|
-
context[:gem_version] = '1.
|
|
8925
|
+
context[:gem_version] = '1.69.0'
|
|
8822
8926
|
Seahorse::Client::Request.new(handlers, context)
|
|
8823
8927
|
end
|
|
8824
8928
|
|
|
@@ -176,6 +176,7 @@ module Aws::WAFV2
|
|
|
176
176
|
IPString = Shapes::StringShape.new(name: 'IPString')
|
|
177
177
|
ImmunityTimeProperty = Shapes::StructureShape.new(name: 'ImmunityTimeProperty')
|
|
178
178
|
InspectionLevel = Shapes::StringShape.new(name: 'InspectionLevel')
|
|
179
|
+
JA3Fingerprint = Shapes::StructureShape.new(name: 'JA3Fingerprint')
|
|
179
180
|
JsonBody = Shapes::StructureShape.new(name: 'JsonBody')
|
|
180
181
|
JsonMatchPattern = Shapes::StructureShape.new(name: 'JsonMatchPattern')
|
|
181
182
|
JsonMatchScope = Shapes::StringShape.new(name: 'JsonMatchScope')
|
|
@@ -717,6 +718,7 @@ module Aws::WAFV2
|
|
|
717
718
|
FieldToMatch.add_member(:headers, Shapes::ShapeRef.new(shape: Headers, location_name: "Headers"))
|
|
718
719
|
FieldToMatch.add_member(:cookies, Shapes::ShapeRef.new(shape: Cookies, location_name: "Cookies"))
|
|
719
720
|
FieldToMatch.add_member(:header_order, Shapes::ShapeRef.new(shape: HeaderOrder, location_name: "HeaderOrder"))
|
|
721
|
+
FieldToMatch.add_member(:ja3_fingerprint, Shapes::ShapeRef.new(shape: JA3Fingerprint, location_name: "JA3Fingerprint"))
|
|
720
722
|
FieldToMatch.struct_class = Types::FieldToMatch
|
|
721
723
|
|
|
722
724
|
Filter.add_member(:behavior, Shapes::ShapeRef.new(shape: FilterBehavior, required: true, location_name: "Behavior"))
|
|
@@ -917,6 +919,9 @@ module Aws::WAFV2
|
|
|
917
919
|
ImmunityTimeProperty.add_member(:immunity_time, Shapes::ShapeRef.new(shape: TimeWindowSecond, required: true, location_name: "ImmunityTime"))
|
|
918
920
|
ImmunityTimeProperty.struct_class = Types::ImmunityTimeProperty
|
|
919
921
|
|
|
922
|
+
JA3Fingerprint.add_member(:fallback_behavior, Shapes::ShapeRef.new(shape: FallbackBehavior, required: true, location_name: "FallbackBehavior"))
|
|
923
|
+
JA3Fingerprint.struct_class = Types::JA3Fingerprint
|
|
924
|
+
|
|
920
925
|
JsonBody.add_member(:match_pattern, Shapes::ShapeRef.new(shape: JsonMatchPattern, required: true, location_name: "MatchPattern"))
|
|
921
926
|
JsonBody.add_member(:match_scope, Shapes::ShapeRef.new(shape: JsonMatchScope, required: true, location_name: "MatchScope"))
|
|
922
927
|
JsonBody.add_member(:invalid_fallback_behavior, Shapes::ShapeRef.new(shape: BodyParsingFallbackBehavior, location_name: "InvalidFallbackBehavior"))
|
data/lib/aws-sdk-wafv2/types.rb
CHANGED
|
@@ -60,8 +60,13 @@ module Aws::WAFV2
|
|
|
60
60
|
# is the page on your website that accepts the completed registration
|
|
61
61
|
# form for a new user. This page must accept `POST` requests.
|
|
62
62
|
#
|
|
63
|
-
# For example, for the URL `https://example.com/web/
|
|
64
|
-
# provide the path `/web/
|
|
63
|
+
# For example, for the URL `https://example.com/web/newaccount`, you
|
|
64
|
+
# would provide the path `/web/newaccount`. Account creation page
|
|
65
|
+
# paths that start with the path that you provide are considered a
|
|
66
|
+
# match. For example `/web/newaccount` matches the account creation
|
|
67
|
+
# paths `/web/newaccount`, `/web/newaccount/`, `/web/newaccountPage`,
|
|
68
|
+
# and `/web/newaccount/thisPage`, but doesn't match the path
|
|
69
|
+
# `/home/web/newaccount` or `/website/newaccount`.
|
|
65
70
|
# @return [String]
|
|
66
71
|
#
|
|
67
72
|
# @!attribute [rw] registration_page_path
|
|
@@ -73,8 +78,13 @@ module Aws::WAFV2
|
|
|
73
78
|
#
|
|
74
79
|
# </note>
|
|
75
80
|
#
|
|
76
|
-
# For example, for the URL `https://example.com/web/
|
|
77
|
-
# would provide the path `/web/
|
|
81
|
+
# For example, for the URL `https://example.com/web/registration`, you
|
|
82
|
+
# would provide the path `/web/registration`. Registration page paths
|
|
83
|
+
# that start with the path that you provide are considered a match.
|
|
84
|
+
# For example `/web/registration` matches the registration paths
|
|
85
|
+
# `/web/registration`, `/web/registration/`, `/web/registrationPage`,
|
|
86
|
+
# and `/web/registration/thisPage`, but doesn't match the path
|
|
87
|
+
# `/home/web/registration` or `/website/registration`.
|
|
78
88
|
# @return [String]
|
|
79
89
|
#
|
|
80
90
|
# @!attribute [rw] request_inspection
|
|
@@ -124,7 +134,11 @@ module Aws::WAFV2
|
|
|
124
134
|
# @!attribute [rw] login_path
|
|
125
135
|
# The path of the login endpoint for your application. For example,
|
|
126
136
|
# for the URL `https://example.com/web/login`, you would provide the
|
|
127
|
-
# path `/web/login`.
|
|
137
|
+
# path `/web/login`. Login paths that start with the path that you
|
|
138
|
+
# provide are considered a match. For example `/web/login` matches the
|
|
139
|
+
# login paths `/web/login`, `/web/login/`, `/web/loginPage`, and
|
|
140
|
+
# `/web/login/thisPage`, but doesn't match the login path
|
|
141
|
+
# `/home/web/login` or `/website/login`.
|
|
128
142
|
#
|
|
129
143
|
# The rule group inspects only HTTP `POST` requests to your specified
|
|
130
144
|
# login endpoint.
|
|
@@ -528,6 +542,10 @@ module Aws::WAFV2
|
|
|
528
542
|
# * `UriPath`: The value that you want WAF to search for in the URI
|
|
529
543
|
# path, for example, `/images/daily-ad.jpg`.
|
|
530
544
|
#
|
|
545
|
+
# * `JA3Fingerprint`: The string to match against the web request's
|
|
546
|
+
# JA3 fingerprint header. The header contains a hash fingerprint of
|
|
547
|
+
# the TLS Client Hello packet for the request.
|
|
548
|
+
#
|
|
531
549
|
# * `HeaderOrder`: The comma-separated list of header names to match
|
|
532
550
|
# for. WAF creates a string that contains the ordered list of header
|
|
533
551
|
# names, from the headers in the web request, and then matches
|
|
@@ -566,7 +584,7 @@ module Aws::WAFV2
|
|
|
566
584
|
# before using them as custom aggregation keys. If you specify one or
|
|
567
585
|
# more transformations to apply, WAF performs all transformations on
|
|
568
586
|
# the specified content, starting from the lowest priority setting,
|
|
569
|
-
# and then uses the component contents.
|
|
587
|
+
# and then uses the transformed component contents.
|
|
570
588
|
# @return [Array<Types::TextTransformation>]
|
|
571
589
|
#
|
|
572
590
|
# @!attribute [rw] positional_constraint
|
|
@@ -1085,27 +1103,24 @@ module Aws::WAFV2
|
|
|
1085
1103
|
#
|
|
1086
1104
|
# @!attribute [rw] addresses
|
|
1087
1105
|
# Contains an array of strings that specifies zero or more IP
|
|
1088
|
-
# addresses or blocks of IP addresses
|
|
1089
|
-
#
|
|
1090
|
-
#
|
|
1106
|
+
# addresses or blocks of IP addresses that you want WAF to inspect for
|
|
1107
|
+
# in incoming requests. All addresses must be specified using
|
|
1108
|
+
# Classless Inter-Domain Routing (CIDR) notation. WAF supports all
|
|
1109
|
+
# IPv4 and IPv6 CIDR ranges except for `/0`.
|
|
1091
1110
|
#
|
|
1092
1111
|
# Example address strings:
|
|
1093
1112
|
#
|
|
1094
|
-
# *
|
|
1095
|
-
#
|
|
1096
|
-
# `192.0.2.44/32`.
|
|
1113
|
+
# * For requests that originated from the IP address 192.0.2.44,
|
|
1114
|
+
# specify `192.0.2.44/32`.
|
|
1097
1115
|
#
|
|
1098
|
-
# *
|
|
1099
|
-
#
|
|
1100
|
-
# specify `192.0.2.0/24`.
|
|
1116
|
+
# * For requests that originated from IP addresses from 192.0.2.0 to
|
|
1117
|
+
# 192.0.2.255, specify `192.0.2.0/24`.
|
|
1101
1118
|
#
|
|
1102
|
-
# *
|
|
1103
|
-
# originated from the IP address
|
|
1119
|
+
# * For requests that originated from the IP address
|
|
1104
1120
|
# 1111:0000:0000:0000:0000:0000:0000:0111, specify
|
|
1105
1121
|
# `1111:0000:0000:0000:0000:0000:0000:0111/128`.
|
|
1106
1122
|
#
|
|
1107
|
-
# *
|
|
1108
|
-
# originated from IP addresses
|
|
1123
|
+
# * For requests that originated from IP addresses
|
|
1109
1124
|
# 1111:0000:0000:0000:0000:0000:0000:0000 to
|
|
1110
1125
|
# 1111:0000:0000:0000:ffff:ffff:ffff:ffff, specify
|
|
1111
1126
|
# `1111:0000:0000:0000:0000:0000:0000:0000/64`.
|
|
@@ -1272,9 +1287,9 @@ module Aws::WAFV2
|
|
|
1272
1287
|
#
|
|
1273
1288
|
# @!attribute [rw] rules
|
|
1274
1289
|
# The Rule statements used to identify the web requests that you want
|
|
1275
|
-
# to
|
|
1276
|
-
#
|
|
1277
|
-
#
|
|
1290
|
+
# to manage. Each rule includes one top-level statement that WAF uses
|
|
1291
|
+
# to identify matching web requests, and parameters that govern how
|
|
1292
|
+
# WAF handles them.
|
|
1278
1293
|
# @return [Array<Types::Rule>]
|
|
1279
1294
|
#
|
|
1280
1295
|
# @!attribute [rw] visibility_config
|
|
@@ -1369,9 +1384,9 @@ module Aws::WAFV2
|
|
|
1369
1384
|
#
|
|
1370
1385
|
# @!attribute [rw] rules
|
|
1371
1386
|
# The Rule statements used to identify the web requests that you want
|
|
1372
|
-
# to
|
|
1373
|
-
#
|
|
1374
|
-
#
|
|
1387
|
+
# to manage. Each rule includes one top-level statement that WAF uses
|
|
1388
|
+
# to identify matching web requests, and parameters that govern how
|
|
1389
|
+
# WAF handles them.
|
|
1375
1390
|
# @return [Array<Types::Rule>]
|
|
1376
1391
|
#
|
|
1377
1392
|
# @!attribute [rw] visibility_config
|
|
@@ -1581,8 +1596,9 @@ module Aws::WAFV2
|
|
|
1581
1596
|
# @return [String]
|
|
1582
1597
|
#
|
|
1583
1598
|
# @!attribute [rw] response_headers
|
|
1584
|
-
# The HTTP headers to use in the response.
|
|
1585
|
-
# not
|
|
1599
|
+
# The HTTP headers to use in the response. You can specify any header
|
|
1600
|
+
# name except for `content-type`. Duplicate header names are not
|
|
1601
|
+
# allowed.
|
|
1586
1602
|
#
|
|
1587
1603
|
# For information about the limits on count and size for custom
|
|
1588
1604
|
# request and response settings, see [WAF quotas][1] in the *WAF
|
|
@@ -2380,6 +2396,18 @@ module Aws::WAFV2
|
|
|
2380
2396
|
# `host:user-agent:accept:authorization:referer`.
|
|
2381
2397
|
# @return [Types::HeaderOrder]
|
|
2382
2398
|
#
|
|
2399
|
+
# @!attribute [rw] ja3_fingerprint
|
|
2400
|
+
# Match against the request's JA3 fingerprint header. The header
|
|
2401
|
+
# contains a hash fingerprint of the TLS Client Hello packet for the
|
|
2402
|
+
# request.
|
|
2403
|
+
#
|
|
2404
|
+
# <note markdown="1"> You can use this choice only with a string match
|
|
2405
|
+
# `ByteMatchStatement` with the `PositionalConstraint` set to
|
|
2406
|
+
# `EXACTLY`.
|
|
2407
|
+
#
|
|
2408
|
+
# </note>
|
|
2409
|
+
# @return [Types::JA3Fingerprint]
|
|
2410
|
+
#
|
|
2383
2411
|
# @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/FieldToMatch AWS API Documentation
|
|
2384
2412
|
#
|
|
2385
2413
|
class FieldToMatch < Struct.new(
|
|
@@ -2393,7 +2421,8 @@ module Aws::WAFV2
|
|
|
2393
2421
|
:json_body,
|
|
2394
2422
|
:headers,
|
|
2395
2423
|
:cookies,
|
|
2396
|
-
:header_order
|
|
2424
|
+
:header_order,
|
|
2425
|
+
:ja3_fingerprint)
|
|
2397
2426
|
SENSITIVE = []
|
|
2398
2427
|
include Aws::Structure
|
|
2399
2428
|
end
|
|
@@ -3573,27 +3602,24 @@ module Aws::WAFV2
|
|
|
3573
3602
|
#
|
|
3574
3603
|
# @!attribute [rw] addresses
|
|
3575
3604
|
# Contains an array of strings that specifies zero or more IP
|
|
3576
|
-
# addresses or blocks of IP addresses
|
|
3577
|
-
#
|
|
3578
|
-
#
|
|
3605
|
+
# addresses or blocks of IP addresses that you want WAF to inspect for
|
|
3606
|
+
# in incoming requests. All addresses must be specified using
|
|
3607
|
+
# Classless Inter-Domain Routing (CIDR) notation. WAF supports all
|
|
3608
|
+
# IPv4 and IPv6 CIDR ranges except for `/0`.
|
|
3579
3609
|
#
|
|
3580
3610
|
# Example address strings:
|
|
3581
3611
|
#
|
|
3582
|
-
# *
|
|
3583
|
-
#
|
|
3584
|
-
# `192.0.2.44/32`.
|
|
3612
|
+
# * For requests that originated from the IP address 192.0.2.44,
|
|
3613
|
+
# specify `192.0.2.44/32`.
|
|
3585
3614
|
#
|
|
3586
|
-
# *
|
|
3587
|
-
#
|
|
3588
|
-
# specify `192.0.2.0/24`.
|
|
3615
|
+
# * For requests that originated from IP addresses from 192.0.2.0 to
|
|
3616
|
+
# 192.0.2.255, specify `192.0.2.0/24`.
|
|
3589
3617
|
#
|
|
3590
|
-
# *
|
|
3591
|
-
# originated from the IP address
|
|
3618
|
+
# * For requests that originated from the IP address
|
|
3592
3619
|
# 1111:0000:0000:0000:0000:0000:0000:0111, specify
|
|
3593
3620
|
# `1111:0000:0000:0000:0000:0000:0000:0111/128`.
|
|
3594
3621
|
#
|
|
3595
|
-
# *
|
|
3596
|
-
# originated from IP addresses
|
|
3622
|
+
# * For requests that originated from IP addresses
|
|
3597
3623
|
# 1111:0000:0000:0000:0000:0000:0000:0000 to
|
|
3598
3624
|
# 1111:0000:0000:0000:ffff:ffff:ffff:ffff, specify
|
|
3599
3625
|
# `1111:0000:0000:0000:0000:0000:0000:0000/64`.
|
|
@@ -3806,6 +3832,36 @@ module Aws::WAFV2
|
|
|
3806
3832
|
include Aws::Structure
|
|
3807
3833
|
end
|
|
3808
3834
|
|
|
3835
|
+
# Match against the request's JA3 fingerprint header. The header
|
|
3836
|
+
# contains a hash fingerprint of the TLS Client Hello packet for the
|
|
3837
|
+
# request.
|
|
3838
|
+
#
|
|
3839
|
+
# <note markdown="1"> You can use this choice only with a string match `ByteMatchStatement`
|
|
3840
|
+
# with the `PositionalConstraint` set to `EXACTLY`.
|
|
3841
|
+
#
|
|
3842
|
+
# </note>
|
|
3843
|
+
#
|
|
3844
|
+
# @!attribute [rw] fallback_behavior
|
|
3845
|
+
# The match status to assign to the web request if the request
|
|
3846
|
+
# doesn't have a JA3 fingerprint.
|
|
3847
|
+
#
|
|
3848
|
+
# You can specify the following fallback behaviors:
|
|
3849
|
+
#
|
|
3850
|
+
# * `MATCH` - Treat the web request as matching the rule statement.
|
|
3851
|
+
# WAF applies the rule action to the request.
|
|
3852
|
+
#
|
|
3853
|
+
# * `NO_MATCH` - Treat the web request as not matching the rule
|
|
3854
|
+
# statement.
|
|
3855
|
+
# @return [String]
|
|
3856
|
+
#
|
|
3857
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/JA3Fingerprint AWS API Documentation
|
|
3858
|
+
#
|
|
3859
|
+
class JA3Fingerprint < Struct.new(
|
|
3860
|
+
:fallback_behavior)
|
|
3861
|
+
SENSITIVE = []
|
|
3862
|
+
include Aws::Structure
|
|
3863
|
+
end
|
|
3864
|
+
|
|
3809
3865
|
# Inspect the body of the web request as JSON. The body immediately
|
|
3810
3866
|
# follows the request headers.
|
|
3811
3867
|
#
|
|
@@ -5107,8 +5163,10 @@ module Aws::WAFV2
|
|
|
5107
5163
|
# calling ListAvailableManagedRuleGroups.
|
|
5108
5164
|
#
|
|
5109
5165
|
# You cannot nest a `ManagedRuleGroupStatement`, for example for use
|
|
5110
|
-
# inside a `NotStatement` or `OrStatement`.
|
|
5111
|
-
#
|
|
5166
|
+
# inside a `NotStatement` or `OrStatement`. You cannot use a managed
|
|
5167
|
+
# rule group inside another rule group. You can only reference a managed
|
|
5168
|
+
# rule group as a top-level statement within a rule that you define in a
|
|
5169
|
+
# web ACL.
|
|
5112
5170
|
#
|
|
5113
5171
|
# <note markdown="1"> You are charged additional fees when you use the WAF Bot Control
|
|
5114
5172
|
# managed rule group `AWSManagedRulesBotControlRuleSet`, the WAF Fraud
|
|
@@ -6253,7 +6311,7 @@ module Aws::WAFV2
|
|
|
6253
6311
|
# before using them as custom aggregation keys. If you specify one or
|
|
6254
6312
|
# more transformations to apply, WAF performs all transformations on
|
|
6255
6313
|
# the specified content, starting from the lowest priority setting,
|
|
6256
|
-
# and then uses the component contents.
|
|
6314
|
+
# and then uses the transformed component contents.
|
|
6257
6315
|
# @return [Array<Types::TextTransformation>]
|
|
6258
6316
|
#
|
|
6259
6317
|
# @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/RateLimitCookie AWS API Documentation
|
|
@@ -6323,7 +6381,7 @@ module Aws::WAFV2
|
|
|
6323
6381
|
# before using them as custom aggregation keys. If you specify one or
|
|
6324
6382
|
# more transformations to apply, WAF performs all transformations on
|
|
6325
6383
|
# the specified content, starting from the lowest priority setting,
|
|
6326
|
-
# and then uses the component contents.
|
|
6384
|
+
# and then uses the transformed component contents.
|
|
6327
6385
|
# @return [Array<Types::TextTransformation>]
|
|
6328
6386
|
#
|
|
6329
6387
|
# @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/RateLimitHeader AWS API Documentation
|
|
@@ -6400,7 +6458,7 @@ module Aws::WAFV2
|
|
|
6400
6458
|
# before using them as custom aggregation keys. If you specify one or
|
|
6401
6459
|
# more transformations to apply, WAF performs all transformations on
|
|
6402
6460
|
# the specified content, starting from the lowest priority setting,
|
|
6403
|
-
# and then uses the component contents.
|
|
6461
|
+
# and then uses the transformed component contents.
|
|
6404
6462
|
# @return [Array<Types::TextTransformation>]
|
|
6405
6463
|
#
|
|
6406
6464
|
# @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/RateLimitQueryArgument AWS API Documentation
|
|
@@ -6426,7 +6484,7 @@ module Aws::WAFV2
|
|
|
6426
6484
|
# before using them as custom aggregation keys. If you specify one or
|
|
6427
6485
|
# more transformations to apply, WAF performs all transformations on
|
|
6428
6486
|
# the specified content, starting from the lowest priority setting,
|
|
6429
|
-
# and then uses the component contents.
|
|
6487
|
+
# and then uses the transformed component contents.
|
|
6430
6488
|
# @return [Array<Types::TextTransformation>]
|
|
6431
6489
|
#
|
|
6432
6490
|
# @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/RateLimitQueryString AWS API Documentation
|
|
@@ -6451,7 +6509,7 @@ module Aws::WAFV2
|
|
|
6451
6509
|
# before using them as custom aggregation keys. If you specify one or
|
|
6452
6510
|
# more transformations to apply, WAF performs all transformations on
|
|
6453
6511
|
# the specified content, starting from the lowest priority setting,
|
|
6454
|
-
# and then uses the component contents.
|
|
6512
|
+
# and then uses the transformed component contents.
|
|
6455
6513
|
# @return [Array<Types::TextTransformation>]
|
|
6456
6514
|
#
|
|
6457
6515
|
# @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/RateLimitUriPath AWS API Documentation
|
|
@@ -6496,7 +6554,7 @@ module Aws::WAFV2
|
|
|
6496
6554
|
# before using them as custom aggregation keys. If you specify one or
|
|
6497
6555
|
# more transformations to apply, WAF performs all transformations on
|
|
6498
6556
|
# the specified content, starting from the lowest priority setting,
|
|
6499
|
-
# and then uses the component contents.
|
|
6557
|
+
# and then uses the transformed component contents.
|
|
6500
6558
|
# @return [Array<Types::TextTransformation>]
|
|
6501
6559
|
#
|
|
6502
6560
|
# @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/RegexMatchStatement AWS API Documentation
|
|
@@ -6580,7 +6638,7 @@ module Aws::WAFV2
|
|
|
6580
6638
|
# before using them as custom aggregation keys. If you specify one or
|
|
6581
6639
|
# more transformations to apply, WAF performs all transformations on
|
|
6582
6640
|
# the specified content, starting from the lowest priority setting,
|
|
6583
|
-
# and then uses the component contents.
|
|
6641
|
+
# and then uses the transformed component contents.
|
|
6584
6642
|
# @return [Array<Types::TextTransformation>]
|
|
6585
6643
|
#
|
|
6586
6644
|
# @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/RegexPatternSetReferenceStatement AWS API Documentation
|
|
@@ -7171,9 +7229,9 @@ module Aws::WAFV2
|
|
|
7171
7229
|
end
|
|
7172
7230
|
|
|
7173
7231
|
# A single rule, which you can use in a WebACL or RuleGroup to identify
|
|
7174
|
-
# web requests that you want to
|
|
7175
|
-
#
|
|
7176
|
-
#
|
|
7232
|
+
# web requests that you want to manage in some way. Each rule includes
|
|
7233
|
+
# one top-level Statement that WAF uses to identify matching web
|
|
7234
|
+
# requests, and parameters that govern how WAF handles them.
|
|
7177
7235
|
#
|
|
7178
7236
|
# @!attribute [rw] name
|
|
7179
7237
|
# The name of the rule.
|
|
@@ -7413,9 +7471,9 @@ module Aws::WAFV2
|
|
|
7413
7471
|
#
|
|
7414
7472
|
# @!attribute [rw] rules
|
|
7415
7473
|
# The Rule statements used to identify the web requests that you want
|
|
7416
|
-
# to
|
|
7417
|
-
#
|
|
7418
|
-
#
|
|
7474
|
+
# to manage. Each rule includes one top-level statement that WAF uses
|
|
7475
|
+
# to identify matching web requests, and parameters that govern how
|
|
7476
|
+
# WAF handles them.
|
|
7419
7477
|
# @return [Array<Types::Rule>]
|
|
7420
7478
|
#
|
|
7421
7479
|
# @!attribute [rw] visibility_config
|
|
@@ -7496,8 +7554,10 @@ module Aws::WAFV2
|
|
|
7496
7554
|
# provide the ARN of the rule group in this statement.
|
|
7497
7555
|
#
|
|
7498
7556
|
# You cannot nest a `RuleGroupReferenceStatement`, for example for use
|
|
7499
|
-
# inside a `NotStatement` or `OrStatement`. You
|
|
7500
|
-
#
|
|
7557
|
+
# inside a `NotStatement` or `OrStatement`. You cannot use a rule group
|
|
7558
|
+
# reference statement inside another rule group. You can only reference
|
|
7559
|
+
# a rule group as a top-level statement within a rule that you define in
|
|
7560
|
+
# a web ACL.
|
|
7501
7561
|
#
|
|
7502
7562
|
# @!attribute [rw] arn
|
|
7503
7563
|
# The Amazon Resource Name (ARN) of the entity.
|
|
@@ -7779,7 +7839,7 @@ module Aws::WAFV2
|
|
|
7779
7839
|
# before using them as custom aggregation keys. If you specify one or
|
|
7780
7840
|
# more transformations to apply, WAF performs all transformations on
|
|
7781
7841
|
# the specified content, starting from the lowest priority setting,
|
|
7782
|
-
# and then uses the component contents.
|
|
7842
|
+
# and then uses the transformed component contents.
|
|
7783
7843
|
# @return [Array<Types::TextTransformation>]
|
|
7784
7844
|
#
|
|
7785
7845
|
# @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/SizeConstraintStatement AWS API Documentation
|
|
@@ -7810,7 +7870,7 @@ module Aws::WAFV2
|
|
|
7810
7870
|
# before using them as custom aggregation keys. If you specify one or
|
|
7811
7871
|
# more transformations to apply, WAF performs all transformations on
|
|
7812
7872
|
# the specified content, starting from the lowest priority setting,
|
|
7813
|
-
# and then uses the component contents.
|
|
7873
|
+
# and then uses the transformed component contents.
|
|
7814
7874
|
# @return [Array<Types::TextTransformation>]
|
|
7815
7875
|
#
|
|
7816
7876
|
# @!attribute [rw] sensitivity_level
|
|
@@ -7937,8 +7997,10 @@ module Aws::WAFV2
|
|
|
7937
7997
|
# provide the ARN of the rule group in this statement.
|
|
7938
7998
|
#
|
|
7939
7999
|
# You cannot nest a `RuleGroupReferenceStatement`, for example for use
|
|
7940
|
-
# inside a `NotStatement` or `OrStatement`. You
|
|
7941
|
-
# group reference statement
|
|
8000
|
+
# inside a `NotStatement` or `OrStatement`. You cannot use a rule
|
|
8001
|
+
# group reference statement inside another rule group. You can only
|
|
8002
|
+
# reference a rule group as a top-level statement within a rule that
|
|
8003
|
+
# you define in a web ACL.
|
|
7942
8004
|
# @return [Types::RuleGroupReferenceStatement]
|
|
7943
8005
|
#
|
|
7944
8006
|
# @!attribute [rw] ip_set_reference_statement
|
|
@@ -8091,8 +8153,10 @@ module Aws::WAFV2
|
|
|
8091
8153
|
# calling ListAvailableManagedRuleGroups.
|
|
8092
8154
|
#
|
|
8093
8155
|
# You cannot nest a `ManagedRuleGroupStatement`, for example for use
|
|
8094
|
-
# inside a `NotStatement` or `OrStatement`.
|
|
8095
|
-
#
|
|
8156
|
+
# inside a `NotStatement` or `OrStatement`. You cannot use a managed
|
|
8157
|
+
# rule group inside another rule group. You can only reference a
|
|
8158
|
+
# managed rule group as a top-level statement within a rule that you
|
|
8159
|
+
# define in a web ACL.
|
|
8096
8160
|
#
|
|
8097
8161
|
# <note markdown="1"> You are charged additional fees when you use the WAF Bot Control
|
|
8098
8162
|
# managed rule group `AWSManagedRulesBotControlRuleSet`, the WAF Fraud
|
|
@@ -8248,126 +8312,12 @@ module Aws::WAFV2
|
|
|
8248
8312
|
# @return [Integer]
|
|
8249
8313
|
#
|
|
8250
8314
|
# @!attribute [rw] type
|
|
8251
|
-
#
|
|
8252
|
-
#
|
|
8253
|
-
# **BASE64\_DECODE** - Decode a `Base64`-encoded string.
|
|
8254
|
-
#
|
|
8255
|
-
# **BASE64\_DECODE\_EXT** - Decode a `Base64`-encoded string, but use
|
|
8256
|
-
# a forgiving implementation that ignores characters that aren't
|
|
8257
|
-
# valid.
|
|
8258
|
-
#
|
|
8259
|
-
# **CMD\_LINE** - Command-line transformations. These are helpful in
|
|
8260
|
-
# reducing effectiveness of attackers who inject an operating system
|
|
8261
|
-
# command-line command and use unusual formatting to disguise some or
|
|
8262
|
-
# all of the command.
|
|
8263
|
-
#
|
|
8264
|
-
# * Delete the following characters: `\ " ' ^`
|
|
8265
|
-
#
|
|
8266
|
-
# * Delete spaces before the following characters: `/ (`
|
|
8267
|
-
#
|
|
8268
|
-
# * Replace the following characters with a space: `, ;`
|
|
8269
|
-
#
|
|
8270
|
-
# * Replace multiple spaces with one space
|
|
8271
|
-
#
|
|
8272
|
-
# * Convert uppercase letters (A-Z) to lowercase (a-z)
|
|
8273
|
-
#
|
|
8274
|
-
# **COMPRESS\_WHITE\_SPACE** - Replace these characters with a space
|
|
8275
|
-
# character (decimal 32):
|
|
8276
|
-
#
|
|
8277
|
-
# * `\f`, formfeed, decimal 12
|
|
8278
|
-
#
|
|
8279
|
-
# * `\t`, tab, decimal 9
|
|
8280
|
-
#
|
|
8281
|
-
# * `\n`, newline, decimal 10
|
|
8282
|
-
#
|
|
8283
|
-
# * `\r`, carriage return, decimal 13
|
|
8284
|
-
#
|
|
8285
|
-
# * `\v`, vertical tab, decimal 11
|
|
8286
|
-
#
|
|
8287
|
-
# * Non-breaking space, decimal 160
|
|
8288
|
-
#
|
|
8289
|
-
# `COMPRESS_WHITE_SPACE` also replaces multiple spaces with one space.
|
|
8290
|
-
#
|
|
8291
|
-
# **CSS\_DECODE** - Decode characters that were encoded using CSS 2.x
|
|
8292
|
-
# escape rules `syndata.html#characters`. This function uses up to two
|
|
8293
|
-
# bytes in the decoding process, so it can help to uncover ASCII
|
|
8294
|
-
# characters that were encoded using CSS encoding that wouldn’t
|
|
8295
|
-
# typically be encoded. It's also useful in countering evasion, which
|
|
8296
|
-
# is a combination of a backslash and non-hexadecimal characters. For
|
|
8297
|
-
# example, `ja\vascript` for javascript.
|
|
8298
|
-
#
|
|
8299
|
-
# **ESCAPE\_SEQ\_DECODE** - Decode the following ANSI C escape
|
|
8300
|
-
# sequences: `\a`, `\b`, `\f`, `\n`, `\r`, `\t`, `\v`, `\`, `\?`,
|
|
8301
|
-
# `'`, `"`, `\xHH` (hexadecimal), `\0OOO` (octal). Encodings that
|
|
8302
|
-
# aren't valid remain in the output.
|
|
8303
|
-
#
|
|
8304
|
-
# **HEX\_DECODE** - Decode a string of hexadecimal characters into a
|
|
8305
|
-
# binary.
|
|
8306
|
-
#
|
|
8307
|
-
# **HTML\_ENTITY\_DECODE** - Replace HTML-encoded characters with
|
|
8308
|
-
# unencoded characters. `HTML_ENTITY_DECODE` performs these
|
|
8309
|
-
# operations:
|
|
8310
|
-
#
|
|
8311
|
-
# * Replaces `(ampersand)quot;` with `"`
|
|
8312
|
-
#
|
|
8313
|
-
# * Replaces `(ampersand)nbsp;` with a non-breaking space, decimal 160
|
|
8314
|
-
#
|
|
8315
|
-
# * Replaces `(ampersand)lt;` with a "less than" symbol
|
|
8316
|
-
#
|
|
8317
|
-
# * Replaces `(ampersand)gt;` with `>`
|
|
8318
|
-
#
|
|
8319
|
-
# * Replaces characters that are represented in hexadecimal format,
|
|
8320
|
-
# `(ampersand)#xhhhh;`, with the corresponding characters
|
|
8321
|
-
#
|
|
8322
|
-
# * Replaces characters that are represented in decimal format,
|
|
8323
|
-
# `(ampersand)#nnnn;`, with the corresponding characters
|
|
8324
|
-
#
|
|
8325
|
-
# **JS\_DECODE** - Decode JavaScript escape sequences. If a `` `u`
|
|
8326
|
-
# `HHHH` code is in the full-width ASCII code range of `FF01-FF5E`,
|
|
8327
|
-
# then the higher byte is used to detect and adjust the lower byte. If
|
|
8328
|
-
# not, only the lower byte is used and the higher byte is zeroed,
|
|
8329
|
-
# causing a possible loss of information.
|
|
8330
|
-
#
|
|
8331
|
-
# **LOWERCASE** - Convert uppercase letters (A-Z) to lowercase (a-z).
|
|
8332
|
-
#
|
|
8333
|
-
# **MD5** - Calculate an MD5 hash from the data in the input. The
|
|
8334
|
-
# computed hash is in a raw binary form.
|
|
8335
|
-
#
|
|
8336
|
-
# **NONE** - Specify `NONE` if you don't want any text
|
|
8337
|
-
# transformations.
|
|
8338
|
-
#
|
|
8339
|
-
# **NORMALIZE\_PATH** - Remove multiple slashes, directory
|
|
8340
|
-
# self-references, and directory back-references that are not at the
|
|
8341
|
-
# beginning of the input from an input string.
|
|
8342
|
-
#
|
|
8343
|
-
# **NORMALIZE\_PATH\_WIN** - This is the same as `NORMALIZE_PATH`, but
|
|
8344
|
-
# first converts backslash characters to forward slashes.
|
|
8345
|
-
#
|
|
8346
|
-
# **REMOVE\_NULLS** - Remove all `NULL` bytes from the input.
|
|
8347
|
-
#
|
|
8348
|
-
# **REPLACE\_COMMENTS** - Replace each occurrence of a C-style comment
|
|
8349
|
-
# (`/* ... */`) with a single space. Multiple consecutive occurrences
|
|
8350
|
-
# are not compressed. Unterminated comments are also replaced with a
|
|
8351
|
-
# space (ASCII 0x20). However, a standalone termination of a comment
|
|
8352
|
-
# (`*/`) is not acted upon.
|
|
8353
|
-
#
|
|
8354
|
-
# **REPLACE\_NULLS** - Replace NULL bytes in the input with space
|
|
8355
|
-
# characters (ASCII `0x20`).
|
|
8356
|
-
#
|
|
8357
|
-
# **SQL\_HEX\_DECODE** - Decode SQL hex data. Example (`0x414243`)
|
|
8358
|
-
# will be decoded to (`ABC`).
|
|
8315
|
+
# For detailed descriptions of each of the transformation types, see
|
|
8316
|
+
# [Text transformations][1] in the *WAF Developer Guide*.
|
|
8359
8317
|
#
|
|
8360
|
-
# **URL\_DECODE** - Decode a URL-encoded value.
|
|
8361
8318
|
#
|
|
8362
|
-
# **URL\_DECODE\_UNI** - Like `URL_DECODE`, but with support for
|
|
8363
|
-
# Microsoft-specific `%u` encoding. If the code is in the full-width
|
|
8364
|
-
# ASCII code range of `FF01-FF5E`, the higher byte is used to detect
|
|
8365
|
-
# and adjust the lower byte. Otherwise, only the lower byte is used
|
|
8366
|
-
# and the higher byte is zeroed.
|
|
8367
8319
|
#
|
|
8368
|
-
#
|
|
8369
|
-
# Unicode. This helps input normalization, and minimizing
|
|
8370
|
-
# false-positives and false-negatives for non-English languages.
|
|
8320
|
+
# [1]: https://docs.aws.amazon.com/waf/latest/developerguide/waf-rule-statement-transformation.html
|
|
8371
8321
|
# @return [String]
|
|
8372
8322
|
#
|
|
8373
8323
|
# @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/TextTransformation AWS API Documentation
|
|
@@ -8479,27 +8429,24 @@ module Aws::WAFV2
|
|
|
8479
8429
|
#
|
|
8480
8430
|
# @!attribute [rw] addresses
|
|
8481
8431
|
# Contains an array of strings that specifies zero or more IP
|
|
8482
|
-
# addresses or blocks of IP addresses
|
|
8483
|
-
#
|
|
8484
|
-
#
|
|
8432
|
+
# addresses or blocks of IP addresses that you want WAF to inspect for
|
|
8433
|
+
# in incoming requests. All addresses must be specified using
|
|
8434
|
+
# Classless Inter-Domain Routing (CIDR) notation. WAF supports all
|
|
8435
|
+
# IPv4 and IPv6 CIDR ranges except for `/0`.
|
|
8485
8436
|
#
|
|
8486
8437
|
# Example address strings:
|
|
8487
8438
|
#
|
|
8488
|
-
# *
|
|
8489
|
-
#
|
|
8490
|
-
# `192.0.2.44/32`.
|
|
8439
|
+
# * For requests that originated from the IP address 192.0.2.44,
|
|
8440
|
+
# specify `192.0.2.44/32`.
|
|
8491
8441
|
#
|
|
8492
|
-
# *
|
|
8493
|
-
#
|
|
8494
|
-
# specify `192.0.2.0/24`.
|
|
8442
|
+
# * For requests that originated from IP addresses from 192.0.2.0 to
|
|
8443
|
+
# 192.0.2.255, specify `192.0.2.0/24`.
|
|
8495
8444
|
#
|
|
8496
|
-
# *
|
|
8497
|
-
# originated from the IP address
|
|
8445
|
+
# * For requests that originated from the IP address
|
|
8498
8446
|
# 1111:0000:0000:0000:0000:0000:0000:0111, specify
|
|
8499
8447
|
# `1111:0000:0000:0000:0000:0000:0000:0111/128`.
|
|
8500
8448
|
#
|
|
8501
|
-
# *
|
|
8502
|
-
# originated from IP addresses
|
|
8449
|
+
# * For requests that originated from IP addresses
|
|
8503
8450
|
# 1111:0000:0000:0000:0000:0000:0000:0000 to
|
|
8504
8451
|
# 1111:0000:0000:0000:ffff:ffff:ffff:ffff, specify
|
|
8505
8452
|
# `1111:0000:0000:0000:0000:0000:0000:0000/64`.
|
|
@@ -8770,9 +8717,9 @@ module Aws::WAFV2
|
|
|
8770
8717
|
#
|
|
8771
8718
|
# @!attribute [rw] rules
|
|
8772
8719
|
# The Rule statements used to identify the web requests that you want
|
|
8773
|
-
# to
|
|
8774
|
-
#
|
|
8775
|
-
#
|
|
8720
|
+
# to manage. Each rule includes one top-level statement that WAF uses
|
|
8721
|
+
# to identify matching web requests, and parameters that govern how
|
|
8722
|
+
# WAF handles them.
|
|
8776
8723
|
# @return [Array<Types::Rule>]
|
|
8777
8724
|
#
|
|
8778
8725
|
# @!attribute [rw] visibility_config
|
|
@@ -8879,9 +8826,9 @@ module Aws::WAFV2
|
|
|
8879
8826
|
#
|
|
8880
8827
|
# @!attribute [rw] rules
|
|
8881
8828
|
# The Rule statements used to identify the web requests that you want
|
|
8882
|
-
# to
|
|
8883
|
-
#
|
|
8884
|
-
#
|
|
8829
|
+
# to manage. Each rule includes one top-level statement that WAF uses
|
|
8830
|
+
# to identify matching web requests, and parameters that govern how
|
|
8831
|
+
# WAF handles them.
|
|
8885
8832
|
# @return [Array<Types::Rule>]
|
|
8886
8833
|
#
|
|
8887
8834
|
# @!attribute [rw] visibility_config
|
|
@@ -9487,16 +9434,17 @@ module Aws::WAFV2
|
|
|
9487
9434
|
end
|
|
9488
9435
|
|
|
9489
9436
|
# A web ACL defines a collection of rules to use to inspect and control
|
|
9490
|
-
# web requests. Each rule has
|
|
9491
|
-
#
|
|
9492
|
-
# assign a default action to take
|
|
9493
|
-
# does not match any of the rules.
|
|
9494
|
-
# combination of the types Rule,
|
|
9495
|
-
# can associate a web ACL with
|
|
9496
|
-
#
|
|
9497
|
-
#
|
|
9498
|
-
#
|
|
9499
|
-
# Amazon Web Services
|
|
9437
|
+
# web requests. Each rule has a statement that defines what to look for
|
|
9438
|
+
# in web requests and an action that WAF applies to requests that match
|
|
9439
|
+
# the statement. In the web ACL, you assign a default action to take
|
|
9440
|
+
# (allow, block) for any request that does not match any of the rules.
|
|
9441
|
+
# The rules in a web ACL can be a combination of the types Rule,
|
|
9442
|
+
# RuleGroup, and managed rule group. You can associate a web ACL with
|
|
9443
|
+
# one or more Amazon Web Services resources to protect. The resources
|
|
9444
|
+
# can be an Amazon CloudFront distribution, an Amazon API Gateway REST
|
|
9445
|
+
# API, an Application Load Balancer, an AppSync GraphQL API, an Amazon
|
|
9446
|
+
# Cognito user pool, an App Runner service, or an Amazon Web Services
|
|
9447
|
+
# Verified Access instance.
|
|
9500
9448
|
#
|
|
9501
9449
|
# @!attribute [rw] name
|
|
9502
9450
|
# The name of the web ACL. You cannot change the name of a web ACL
|
|
@@ -9525,9 +9473,9 @@ module Aws::WAFV2
|
|
|
9525
9473
|
#
|
|
9526
9474
|
# @!attribute [rw] rules
|
|
9527
9475
|
# The Rule statements used to identify the web requests that you want
|
|
9528
|
-
# to
|
|
9529
|
-
#
|
|
9530
|
-
#
|
|
9476
|
+
# to manage. Each rule includes one top-level statement that WAF uses
|
|
9477
|
+
# to identify matching web requests, and parameters that govern how
|
|
9478
|
+
# WAF handles them.
|
|
9531
9479
|
# @return [Array<Types::Rule>]
|
|
9532
9480
|
#
|
|
9533
9481
|
# @!attribute [rw] visibility_config
|
|
@@ -9755,7 +9703,7 @@ module Aws::WAFV2
|
|
|
9755
9703
|
# before using them as custom aggregation keys. If you specify one or
|
|
9756
9704
|
# more transformations to apply, WAF performs all transformations on
|
|
9757
9705
|
# the specified content, starting from the lowest priority setting,
|
|
9758
|
-
# and then uses the component contents.
|
|
9706
|
+
# and then uses the transformed component contents.
|
|
9759
9707
|
# @return [Array<Types::TextTransformation>]
|
|
9760
9708
|
#
|
|
9761
9709
|
# @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/XssMatchStatement AWS API Documentation
|
data/lib/aws-sdk-wafv2.rb
CHANGED
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: aws-sdk-wafv2
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 1.
|
|
4
|
+
version: 1.69.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Amazon Web Services
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2023-09-
|
|
11
|
+
date: 2023-09-25 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: aws-sdk-core
|