aws-sdk-wafv2 1.68.0 → 1.70.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG.md +10 -0
- data/VERSION +1 -1
- data/lib/aws-sdk-wafv2/client.rb +161 -57
- data/lib/aws-sdk-wafv2/client_api.rb +5 -0
- data/lib/aws-sdk-wafv2/types.rb +162 -214
- data/lib/aws-sdk-wafv2.rb +1 -1
- metadata +4 -4
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 709fa74d545a9bd5a3313ce44f8e5d2598cbcf703eb04f1cc41e28cd60125506
|
4
|
+
data.tar.gz: bb19fdda06d4593e0cb4423c85f934918d6b6176cf789cfb4a5f7180ce91b279
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: ba7f965bdadb365aabcf1763dd783dedc8c95d0e76d3674962e28452a598dcf2777c24bed0c862e903f649052b60fb61db8b3f71106c81bd28d16da612af5059
|
7
|
+
data.tar.gz: b255ec9c6c0c478e56f92d62708273fc2ff0e5988ebb606d2fc4cbb1246b3c40bcd9a9a0d1b4d5a31901171ecaee1d4be0e31a012ffe95393e1306a77ffe19fa
|
data/CHANGELOG.md
CHANGED
@@ -1,6 +1,16 @@
|
|
1
1
|
Unreleased Changes
|
2
2
|
------------------
|
3
3
|
|
4
|
+
1.70.0 (2023-09-27)
|
5
|
+
------------------
|
6
|
+
|
7
|
+
* Feature - Code Generated Changes, see `./build_tools` or `aws-sdk-core`'s CHANGELOG.md for details.
|
8
|
+
|
9
|
+
1.69.0 (2023-09-25)
|
10
|
+
------------------
|
11
|
+
|
12
|
+
* Feature - You can now perform an exact match against the web request's JA3 fingerprint.
|
13
|
+
|
4
14
|
1.68.0 (2023-09-06)
|
5
15
|
------------------
|
6
16
|
|
data/VERSION
CHANGED
@@ -1 +1 @@
|
|
1
|
-
1.
|
1
|
+
1.70.0
|
data/lib/aws-sdk-wafv2/client.rb
CHANGED
@@ -580,6 +580,9 @@ module Aws::WAFV2
|
|
580
580
|
# header_order: {
|
581
581
|
# oversize_handling: "CONTINUE", # required, accepts CONTINUE, MATCH, NO_MATCH
|
582
582
|
# },
|
583
|
+
# ja3_fingerprint: {
|
584
|
+
# fallback_behavior: "MATCH", # required, accepts MATCH, NO_MATCH
|
585
|
+
# },
|
583
586
|
# },
|
584
587
|
# text_transformations: [ # required
|
585
588
|
# {
|
@@ -641,6 +644,9 @@ module Aws::WAFV2
|
|
641
644
|
# header_order: {
|
642
645
|
# oversize_handling: "CONTINUE", # required, accepts CONTINUE, MATCH, NO_MATCH
|
643
646
|
# },
|
647
|
+
# ja3_fingerprint: {
|
648
|
+
# fallback_behavior: "MATCH", # required, accepts MATCH, NO_MATCH
|
649
|
+
# },
|
644
650
|
# },
|
645
651
|
# text_transformations: [ # required
|
646
652
|
# {
|
@@ -702,6 +708,9 @@ module Aws::WAFV2
|
|
702
708
|
# header_order: {
|
703
709
|
# oversize_handling: "CONTINUE", # required, accepts CONTINUE, MATCH, NO_MATCH
|
704
710
|
# },
|
711
|
+
# ja3_fingerprint: {
|
712
|
+
# fallback_behavior: "MATCH", # required, accepts MATCH, NO_MATCH
|
713
|
+
# },
|
705
714
|
# },
|
706
715
|
# text_transformations: [ # required
|
707
716
|
# {
|
@@ -762,6 +771,9 @@ module Aws::WAFV2
|
|
762
771
|
# header_order: {
|
763
772
|
# oversize_handling: "CONTINUE", # required, accepts CONTINUE, MATCH, NO_MATCH
|
764
773
|
# },
|
774
|
+
# ja3_fingerprint: {
|
775
|
+
# fallback_behavior: "MATCH", # required, accepts MATCH, NO_MATCH
|
776
|
+
# },
|
765
777
|
# },
|
766
778
|
# comparison_operator: "EQ", # required, accepts EQ, NE, LE, LT, GE, GT
|
767
779
|
# size: 1, # required
|
@@ -907,6 +919,9 @@ module Aws::WAFV2
|
|
907
919
|
# header_order: {
|
908
920
|
# oversize_handling: "CONTINUE", # required, accepts CONTINUE, MATCH, NO_MATCH
|
909
921
|
# },
|
922
|
+
# ja3_fingerprint: {
|
923
|
+
# fallback_behavior: "MATCH", # required, accepts MATCH, NO_MATCH
|
924
|
+
# },
|
910
925
|
# },
|
911
926
|
# text_transformations: [ # required
|
912
927
|
# {
|
@@ -1226,6 +1241,9 @@ module Aws::WAFV2
|
|
1226
1241
|
# header_order: {
|
1227
1242
|
# oversize_handling: "CONTINUE", # required, accepts CONTINUE, MATCH, NO_MATCH
|
1228
1243
|
# },
|
1244
|
+
# ja3_fingerprint: {
|
1245
|
+
# fallback_behavior: "MATCH", # required, accepts MATCH, NO_MATCH
|
1246
|
+
# },
|
1229
1247
|
# },
|
1230
1248
|
# text_transformations: [ # required
|
1231
1249
|
# {
|
@@ -1436,25 +1454,25 @@ module Aws::WAFV2
|
|
1436
1454
|
#
|
1437
1455
|
# @option params [required, Array<String>] :addresses
|
1438
1456
|
# Contains an array of strings that specifies zero or more IP addresses
|
1439
|
-
# or blocks of IP addresses
|
1440
|
-
#
|
1441
|
-
# and IPv6 CIDR ranges
|
1457
|
+
# or blocks of IP addresses that you want WAF to inspect for in incoming
|
1458
|
+
# requests. All addresses must be specified using Classless Inter-Domain
|
1459
|
+
# Routing (CIDR) notation. WAF supports all IPv4 and IPv6 CIDR ranges
|
1460
|
+
# except for `/0`.
|
1442
1461
|
#
|
1443
1462
|
# Example address strings:
|
1444
1463
|
#
|
1445
|
-
# *
|
1446
|
-
#
|
1464
|
+
# * For requests that originated from the IP address 192.0.2.44, specify
|
1465
|
+
# `192.0.2.44/32`.
|
1447
1466
|
#
|
1448
|
-
# *
|
1449
|
-
#
|
1450
|
-
# `192.0.2.0/24`.
|
1467
|
+
# * For requests that originated from IP addresses from 192.0.2.0 to
|
1468
|
+
# 192.0.2.255, specify `192.0.2.0/24`.
|
1451
1469
|
#
|
1452
|
-
# *
|
1453
|
-
#
|
1470
|
+
# * For requests that originated from the IP address
|
1471
|
+
# 1111:0000:0000:0000:0000:0000:0000:0111, specify
|
1454
1472
|
# `1111:0000:0000:0000:0000:0000:0000:0111/128`.
|
1455
1473
|
#
|
1456
|
-
# *
|
1457
|
-
#
|
1474
|
+
# * For requests that originated from IP addresses
|
1475
|
+
# 1111:0000:0000:0000:0000:0000:0000:0000 to
|
1458
1476
|
# 1111:0000:0000:0000:ffff:ffff:ffff:ffff, specify
|
1459
1477
|
# `1111:0000:0000:0000:0000:0000:0000:0000/64`.
|
1460
1478
|
#
|
@@ -1641,9 +1659,9 @@ module Aws::WAFV2
|
|
1641
1659
|
#
|
1642
1660
|
# @option params [Array<Types::Rule>] :rules
|
1643
1661
|
# The Rule statements used to identify the web requests that you want to
|
1644
|
-
#
|
1645
|
-
#
|
1646
|
-
#
|
1662
|
+
# manage. Each rule includes one top-level statement that WAF uses to
|
1663
|
+
# identify matching web requests, and parameters that govern how WAF
|
1664
|
+
# handles them.
|
1647
1665
|
#
|
1648
1666
|
# @option params [required, Types::VisibilityConfig] :visibility_config
|
1649
1667
|
# Defines and enables Amazon CloudWatch metrics and web request sample
|
@@ -1740,6 +1758,9 @@ module Aws::WAFV2
|
|
1740
1758
|
# header_order: {
|
1741
1759
|
# oversize_handling: "CONTINUE", # required, accepts CONTINUE, MATCH, NO_MATCH
|
1742
1760
|
# },
|
1761
|
+
# ja3_fingerprint: {
|
1762
|
+
# fallback_behavior: "MATCH", # required, accepts MATCH, NO_MATCH
|
1763
|
+
# },
|
1743
1764
|
# },
|
1744
1765
|
# text_transformations: [ # required
|
1745
1766
|
# {
|
@@ -1801,6 +1822,9 @@ module Aws::WAFV2
|
|
1801
1822
|
# header_order: {
|
1802
1823
|
# oversize_handling: "CONTINUE", # required, accepts CONTINUE, MATCH, NO_MATCH
|
1803
1824
|
# },
|
1825
|
+
# ja3_fingerprint: {
|
1826
|
+
# fallback_behavior: "MATCH", # required, accepts MATCH, NO_MATCH
|
1827
|
+
# },
|
1804
1828
|
# },
|
1805
1829
|
# text_transformations: [ # required
|
1806
1830
|
# {
|
@@ -1862,6 +1886,9 @@ module Aws::WAFV2
|
|
1862
1886
|
# header_order: {
|
1863
1887
|
# oversize_handling: "CONTINUE", # required, accepts CONTINUE, MATCH, NO_MATCH
|
1864
1888
|
# },
|
1889
|
+
# ja3_fingerprint: {
|
1890
|
+
# fallback_behavior: "MATCH", # required, accepts MATCH, NO_MATCH
|
1891
|
+
# },
|
1865
1892
|
# },
|
1866
1893
|
# text_transformations: [ # required
|
1867
1894
|
# {
|
@@ -1922,6 +1949,9 @@ module Aws::WAFV2
|
|
1922
1949
|
# header_order: {
|
1923
1950
|
# oversize_handling: "CONTINUE", # required, accepts CONTINUE, MATCH, NO_MATCH
|
1924
1951
|
# },
|
1952
|
+
# ja3_fingerprint: {
|
1953
|
+
# fallback_behavior: "MATCH", # required, accepts MATCH, NO_MATCH
|
1954
|
+
# },
|
1925
1955
|
# },
|
1926
1956
|
# comparison_operator: "EQ", # required, accepts EQ, NE, LE, LT, GE, GT
|
1927
1957
|
# size: 1, # required
|
@@ -2067,6 +2097,9 @@ module Aws::WAFV2
|
|
2067
2097
|
# header_order: {
|
2068
2098
|
# oversize_handling: "CONTINUE", # required, accepts CONTINUE, MATCH, NO_MATCH
|
2069
2099
|
# },
|
2100
|
+
# ja3_fingerprint: {
|
2101
|
+
# fallback_behavior: "MATCH", # required, accepts MATCH, NO_MATCH
|
2102
|
+
# },
|
2070
2103
|
# },
|
2071
2104
|
# text_transformations: [ # required
|
2072
2105
|
# {
|
@@ -2386,6 +2419,9 @@ module Aws::WAFV2
|
|
2386
2419
|
# header_order: {
|
2387
2420
|
# oversize_handling: "CONTINUE", # required, accepts CONTINUE, MATCH, NO_MATCH
|
2388
2421
|
# },
|
2422
|
+
# ja3_fingerprint: {
|
2423
|
+
# fallback_behavior: "MATCH", # required, accepts MATCH, NO_MATCH
|
2424
|
+
# },
|
2389
2425
|
# },
|
2390
2426
|
# text_transformations: [ # required
|
2391
2427
|
# {
|
@@ -2524,16 +2560,17 @@ module Aws::WAFV2
|
|
2524
2560
|
# Creates a WebACL per the specifications provided.
|
2525
2561
|
#
|
2526
2562
|
# A web ACL defines a collection of rules to use to inspect and control
|
2527
|
-
# web requests. Each rule has
|
2528
|
-
#
|
2529
|
-
# assign a default action to take
|
2530
|
-
# does not match any of the rules.
|
2531
|
-
# combination of the types Rule,
|
2532
|
-
# can associate a web ACL with
|
2533
|
-
#
|
2534
|
-
#
|
2535
|
-
#
|
2536
|
-
# Amazon Web Services
|
2563
|
+
# web requests. Each rule has a statement that defines what to look for
|
2564
|
+
# in web requests and an action that WAF applies to requests that match
|
2565
|
+
# the statement. In the web ACL, you assign a default action to take
|
2566
|
+
# (allow, block) for any request that does not match any of the rules.
|
2567
|
+
# The rules in a web ACL can be a combination of the types Rule,
|
2568
|
+
# RuleGroup, and managed rule group. You can associate a web ACL with
|
2569
|
+
# one or more Amazon Web Services resources to protect. The resources
|
2570
|
+
# can be an Amazon CloudFront distribution, an Amazon API Gateway REST
|
2571
|
+
# API, an Application Load Balancer, an AppSync GraphQL API, an Amazon
|
2572
|
+
# Cognito user pool, an App Runner service, or an Amazon Web Services
|
2573
|
+
# Verified Access instance.
|
2537
2574
|
#
|
2538
2575
|
# @option params [required, String] :name
|
2539
2576
|
# The name of the web ACL. You cannot change the name of a web ACL after
|
@@ -2563,9 +2600,9 @@ module Aws::WAFV2
|
|
2563
2600
|
#
|
2564
2601
|
# @option params [Array<Types::Rule>] :rules
|
2565
2602
|
# The Rule statements used to identify the web requests that you want to
|
2566
|
-
#
|
2567
|
-
#
|
2568
|
-
#
|
2603
|
+
# manage. Each rule includes one top-level statement that WAF uses to
|
2604
|
+
# identify matching web requests, and parameters that govern how WAF
|
2605
|
+
# handles them.
|
2569
2606
|
#
|
2570
2607
|
# @option params [required, Types::VisibilityConfig] :visibility_config
|
2571
2608
|
# Defines and enables Amazon CloudWatch metrics and web request sample
|
@@ -2729,6 +2766,9 @@ module Aws::WAFV2
|
|
2729
2766
|
# header_order: {
|
2730
2767
|
# oversize_handling: "CONTINUE", # required, accepts CONTINUE, MATCH, NO_MATCH
|
2731
2768
|
# },
|
2769
|
+
# ja3_fingerprint: {
|
2770
|
+
# fallback_behavior: "MATCH", # required, accepts MATCH, NO_MATCH
|
2771
|
+
# },
|
2732
2772
|
# },
|
2733
2773
|
# text_transformations: [ # required
|
2734
2774
|
# {
|
@@ -2790,6 +2830,9 @@ module Aws::WAFV2
|
|
2790
2830
|
# header_order: {
|
2791
2831
|
# oversize_handling: "CONTINUE", # required, accepts CONTINUE, MATCH, NO_MATCH
|
2792
2832
|
# },
|
2833
|
+
# ja3_fingerprint: {
|
2834
|
+
# fallback_behavior: "MATCH", # required, accepts MATCH, NO_MATCH
|
2835
|
+
# },
|
2793
2836
|
# },
|
2794
2837
|
# text_transformations: [ # required
|
2795
2838
|
# {
|
@@ -2851,6 +2894,9 @@ module Aws::WAFV2
|
|
2851
2894
|
# header_order: {
|
2852
2895
|
# oversize_handling: "CONTINUE", # required, accepts CONTINUE, MATCH, NO_MATCH
|
2853
2896
|
# },
|
2897
|
+
# ja3_fingerprint: {
|
2898
|
+
# fallback_behavior: "MATCH", # required, accepts MATCH, NO_MATCH
|
2899
|
+
# },
|
2854
2900
|
# },
|
2855
2901
|
# text_transformations: [ # required
|
2856
2902
|
# {
|
@@ -2911,6 +2957,9 @@ module Aws::WAFV2
|
|
2911
2957
|
# header_order: {
|
2912
2958
|
# oversize_handling: "CONTINUE", # required, accepts CONTINUE, MATCH, NO_MATCH
|
2913
2959
|
# },
|
2960
|
+
# ja3_fingerprint: {
|
2961
|
+
# fallback_behavior: "MATCH", # required, accepts MATCH, NO_MATCH
|
2962
|
+
# },
|
2914
2963
|
# },
|
2915
2964
|
# comparison_operator: "EQ", # required, accepts EQ, NE, LE, LT, GE, GT
|
2916
2965
|
# size: 1, # required
|
@@ -3056,6 +3105,9 @@ module Aws::WAFV2
|
|
3056
3105
|
# header_order: {
|
3057
3106
|
# oversize_handling: "CONTINUE", # required, accepts CONTINUE, MATCH, NO_MATCH
|
3058
3107
|
# },
|
3108
|
+
# ja3_fingerprint: {
|
3109
|
+
# fallback_behavior: "MATCH", # required, accepts MATCH, NO_MATCH
|
3110
|
+
# },
|
3059
3111
|
# },
|
3060
3112
|
# text_transformations: [ # required
|
3061
3113
|
# {
|
@@ -3375,6 +3427,9 @@ module Aws::WAFV2
|
|
3375
3427
|
# header_order: {
|
3376
3428
|
# oversize_handling: "CONTINUE", # required, accepts CONTINUE, MATCH, NO_MATCH
|
3377
3429
|
# },
|
3430
|
+
# ja3_fingerprint: {
|
3431
|
+
# fallback_behavior: "MATCH", # required, accepts MATCH, NO_MATCH
|
3432
|
+
# },
|
3378
3433
|
# },
|
3379
3434
|
# text_transformations: [ # required
|
3380
3435
|
# {
|
@@ -4337,6 +4392,7 @@ module Aws::WAFV2
|
|
4337
4392
|
# resp.logging_configuration.redacted_fields[0].cookies.match_scope #=> String, one of "ALL", "KEY", "VALUE"
|
4338
4393
|
# resp.logging_configuration.redacted_fields[0].cookies.oversize_handling #=> String, one of "CONTINUE", "MATCH", "NO_MATCH"
|
4339
4394
|
# resp.logging_configuration.redacted_fields[0].header_order.oversize_handling #=> String, one of "CONTINUE", "MATCH", "NO_MATCH"
|
4395
|
+
# resp.logging_configuration.redacted_fields[0].ja3_fingerprint.fallback_behavior #=> String, one of "MATCH", "NO_MATCH"
|
4340
4396
|
# resp.logging_configuration.managed_by_firewall_manager #=> Boolean
|
4341
4397
|
# resp.logging_configuration.logging_filter.filters #=> Array
|
4342
4398
|
# resp.logging_configuration.logging_filter.filters[0].behavior #=> String, one of "KEEP", "DROP"
|
@@ -4736,6 +4792,7 @@ module Aws::WAFV2
|
|
4736
4792
|
# resp.rule_group.rules[0].statement.byte_match_statement.field_to_match.cookies.match_scope #=> String, one of "ALL", "KEY", "VALUE"
|
4737
4793
|
# resp.rule_group.rules[0].statement.byte_match_statement.field_to_match.cookies.oversize_handling #=> String, one of "CONTINUE", "MATCH", "NO_MATCH"
|
4738
4794
|
# resp.rule_group.rules[0].statement.byte_match_statement.field_to_match.header_order.oversize_handling #=> String, one of "CONTINUE", "MATCH", "NO_MATCH"
|
4795
|
+
# resp.rule_group.rules[0].statement.byte_match_statement.field_to_match.ja3_fingerprint.fallback_behavior #=> String, one of "MATCH", "NO_MATCH"
|
4739
4796
|
# resp.rule_group.rules[0].statement.byte_match_statement.text_transformations #=> Array
|
4740
4797
|
# resp.rule_group.rules[0].statement.byte_match_statement.text_transformations[0].priority #=> Integer
|
4741
4798
|
# resp.rule_group.rules[0].statement.byte_match_statement.text_transformations[0].type #=> String, one of "NONE", "COMPRESS_WHITE_SPACE", "HTML_ENTITY_DECODE", "LOWERCASE", "CMD_LINE", "URL_DECODE", "BASE64_DECODE", "HEX_DECODE", "MD5", "REPLACE_COMMENTS", "ESCAPE_SEQ_DECODE", "SQL_HEX_DECODE", "CSS_DECODE", "JS_DECODE", "NORMALIZE_PATH", "NORMALIZE_PATH_WIN", "REMOVE_NULLS", "REPLACE_NULLS", "BASE64_DECODE_EXT", "URL_DECODE_UNI", "UTF8_TO_UNICODE"
|
@@ -4761,6 +4818,7 @@ module Aws::WAFV2
|
|
4761
4818
|
# resp.rule_group.rules[0].statement.sqli_match_statement.field_to_match.cookies.match_scope #=> String, one of "ALL", "KEY", "VALUE"
|
4762
4819
|
# resp.rule_group.rules[0].statement.sqli_match_statement.field_to_match.cookies.oversize_handling #=> String, one of "CONTINUE", "MATCH", "NO_MATCH"
|
4763
4820
|
# resp.rule_group.rules[0].statement.sqli_match_statement.field_to_match.header_order.oversize_handling #=> String, one of "CONTINUE", "MATCH", "NO_MATCH"
|
4821
|
+
# resp.rule_group.rules[0].statement.sqli_match_statement.field_to_match.ja3_fingerprint.fallback_behavior #=> String, one of "MATCH", "NO_MATCH"
|
4764
4822
|
# resp.rule_group.rules[0].statement.sqli_match_statement.text_transformations #=> Array
|
4765
4823
|
# resp.rule_group.rules[0].statement.sqli_match_statement.text_transformations[0].priority #=> Integer
|
4766
4824
|
# resp.rule_group.rules[0].statement.sqli_match_statement.text_transformations[0].type #=> String, one of "NONE", "COMPRESS_WHITE_SPACE", "HTML_ENTITY_DECODE", "LOWERCASE", "CMD_LINE", "URL_DECODE", "BASE64_DECODE", "HEX_DECODE", "MD5", "REPLACE_COMMENTS", "ESCAPE_SEQ_DECODE", "SQL_HEX_DECODE", "CSS_DECODE", "JS_DECODE", "NORMALIZE_PATH", "NORMALIZE_PATH_WIN", "REMOVE_NULLS", "REPLACE_NULLS", "BASE64_DECODE_EXT", "URL_DECODE_UNI", "UTF8_TO_UNICODE"
|
@@ -4786,6 +4844,7 @@ module Aws::WAFV2
|
|
4786
4844
|
# resp.rule_group.rules[0].statement.xss_match_statement.field_to_match.cookies.match_scope #=> String, one of "ALL", "KEY", "VALUE"
|
4787
4845
|
# resp.rule_group.rules[0].statement.xss_match_statement.field_to_match.cookies.oversize_handling #=> String, one of "CONTINUE", "MATCH", "NO_MATCH"
|
4788
4846
|
# resp.rule_group.rules[0].statement.xss_match_statement.field_to_match.header_order.oversize_handling #=> String, one of "CONTINUE", "MATCH", "NO_MATCH"
|
4847
|
+
# resp.rule_group.rules[0].statement.xss_match_statement.field_to_match.ja3_fingerprint.fallback_behavior #=> String, one of "MATCH", "NO_MATCH"
|
4789
4848
|
# resp.rule_group.rules[0].statement.xss_match_statement.text_transformations #=> Array
|
4790
4849
|
# resp.rule_group.rules[0].statement.xss_match_statement.text_transformations[0].priority #=> Integer
|
4791
4850
|
# resp.rule_group.rules[0].statement.xss_match_statement.text_transformations[0].type #=> String, one of "NONE", "COMPRESS_WHITE_SPACE", "HTML_ENTITY_DECODE", "LOWERCASE", "CMD_LINE", "URL_DECODE", "BASE64_DECODE", "HEX_DECODE", "MD5", "REPLACE_COMMENTS", "ESCAPE_SEQ_DECODE", "SQL_HEX_DECODE", "CSS_DECODE", "JS_DECODE", "NORMALIZE_PATH", "NORMALIZE_PATH_WIN", "REMOVE_NULLS", "REPLACE_NULLS", "BASE64_DECODE_EXT", "URL_DECODE_UNI", "UTF8_TO_UNICODE"
|
@@ -4810,6 +4869,7 @@ module Aws::WAFV2
|
|
4810
4869
|
# resp.rule_group.rules[0].statement.size_constraint_statement.field_to_match.cookies.match_scope #=> String, one of "ALL", "KEY", "VALUE"
|
4811
4870
|
# resp.rule_group.rules[0].statement.size_constraint_statement.field_to_match.cookies.oversize_handling #=> String, one of "CONTINUE", "MATCH", "NO_MATCH"
|
4812
4871
|
# resp.rule_group.rules[0].statement.size_constraint_statement.field_to_match.header_order.oversize_handling #=> String, one of "CONTINUE", "MATCH", "NO_MATCH"
|
4872
|
+
# resp.rule_group.rules[0].statement.size_constraint_statement.field_to_match.ja3_fingerprint.fallback_behavior #=> String, one of "MATCH", "NO_MATCH"
|
4813
4873
|
# resp.rule_group.rules[0].statement.size_constraint_statement.comparison_operator #=> String, one of "EQ", "NE", "LE", "LT", "GE", "GT"
|
4814
4874
|
# resp.rule_group.rules[0].statement.size_constraint_statement.size #=> Integer
|
4815
4875
|
# resp.rule_group.rules[0].statement.size_constraint_statement.text_transformations #=> Array
|
@@ -4867,6 +4927,7 @@ module Aws::WAFV2
|
|
4867
4927
|
# resp.rule_group.rules[0].statement.regex_pattern_set_reference_statement.field_to_match.cookies.match_scope #=> String, one of "ALL", "KEY", "VALUE"
|
4868
4928
|
# resp.rule_group.rules[0].statement.regex_pattern_set_reference_statement.field_to_match.cookies.oversize_handling #=> String, one of "CONTINUE", "MATCH", "NO_MATCH"
|
4869
4929
|
# resp.rule_group.rules[0].statement.regex_pattern_set_reference_statement.field_to_match.header_order.oversize_handling #=> String, one of "CONTINUE", "MATCH", "NO_MATCH"
|
4930
|
+
# resp.rule_group.rules[0].statement.regex_pattern_set_reference_statement.field_to_match.ja3_fingerprint.fallback_behavior #=> String, one of "MATCH", "NO_MATCH"
|
4870
4931
|
# resp.rule_group.rules[0].statement.regex_pattern_set_reference_statement.text_transformations #=> Array
|
4871
4932
|
# resp.rule_group.rules[0].statement.regex_pattern_set_reference_statement.text_transformations[0].priority #=> Integer
|
4872
4933
|
# resp.rule_group.rules[0].statement.regex_pattern_set_reference_statement.text_transformations[0].type #=> String, one of "NONE", "COMPRESS_WHITE_SPACE", "HTML_ENTITY_DECODE", "LOWERCASE", "CMD_LINE", "URL_DECODE", "BASE64_DECODE", "HEX_DECODE", "MD5", "REPLACE_COMMENTS", "ESCAPE_SEQ_DECODE", "SQL_HEX_DECODE", "CSS_DECODE", "JS_DECODE", "NORMALIZE_PATH", "NORMALIZE_PATH_WIN", "REMOVE_NULLS", "REPLACE_NULLS", "BASE64_DECODE_EXT", "URL_DECODE_UNI", "UTF8_TO_UNICODE"
|
@@ -5008,6 +5069,7 @@ module Aws::WAFV2
|
|
5008
5069
|
# resp.rule_group.rules[0].statement.regex_match_statement.field_to_match.cookies.match_scope #=> String, one of "ALL", "KEY", "VALUE"
|
5009
5070
|
# resp.rule_group.rules[0].statement.regex_match_statement.field_to_match.cookies.oversize_handling #=> String, one of "CONTINUE", "MATCH", "NO_MATCH"
|
5010
5071
|
# resp.rule_group.rules[0].statement.regex_match_statement.field_to_match.header_order.oversize_handling #=> String, one of "CONTINUE", "MATCH", "NO_MATCH"
|
5072
|
+
# resp.rule_group.rules[0].statement.regex_match_statement.field_to_match.ja3_fingerprint.fallback_behavior #=> String, one of "MATCH", "NO_MATCH"
|
5011
5073
|
# resp.rule_group.rules[0].statement.regex_match_statement.text_transformations #=> Array
|
5012
5074
|
# resp.rule_group.rules[0].statement.regex_match_statement.text_transformations[0].priority #=> Integer
|
5013
5075
|
# resp.rule_group.rules[0].statement.regex_match_statement.text_transformations[0].type #=> String, one of "NONE", "COMPRESS_WHITE_SPACE", "HTML_ENTITY_DECODE", "LOWERCASE", "CMD_LINE", "URL_DECODE", "BASE64_DECODE", "HEX_DECODE", "MD5", "REPLACE_COMMENTS", "ESCAPE_SEQ_DECODE", "SQL_HEX_DECODE", "CSS_DECODE", "JS_DECODE", "NORMALIZE_PATH", "NORMALIZE_PATH_WIN", "REMOVE_NULLS", "REPLACE_NULLS", "BASE64_DECODE_EXT", "URL_DECODE_UNI", "UTF8_TO_UNICODE"
|
@@ -5616,6 +5678,7 @@ module Aws::WAFV2
|
|
5616
5678
|
# resp.logging_configurations[0].redacted_fields[0].cookies.match_scope #=> String, one of "ALL", "KEY", "VALUE"
|
5617
5679
|
# resp.logging_configurations[0].redacted_fields[0].cookies.oversize_handling #=> String, one of "CONTINUE", "MATCH", "NO_MATCH"
|
5618
5680
|
# resp.logging_configurations[0].redacted_fields[0].header_order.oversize_handling #=> String, one of "CONTINUE", "MATCH", "NO_MATCH"
|
5681
|
+
# resp.logging_configurations[0].redacted_fields[0].ja3_fingerprint.fallback_behavior #=> String, one of "MATCH", "NO_MATCH"
|
5619
5682
|
# resp.logging_configurations[0].managed_by_firewall_manager #=> Boolean
|
5620
5683
|
# resp.logging_configurations[0].logging_filter.filters #=> Array
|
5621
5684
|
# resp.logging_configurations[0].logging_filter.filters[0].behavior #=> String, one of "KEEP", "DROP"
|
@@ -6178,6 +6241,9 @@ module Aws::WAFV2
|
|
6178
6241
|
# header_order: {
|
6179
6242
|
# oversize_handling: "CONTINUE", # required, accepts CONTINUE, MATCH, NO_MATCH
|
6180
6243
|
# },
|
6244
|
+
# ja3_fingerprint: {
|
6245
|
+
# fallback_behavior: "MATCH", # required, accepts MATCH, NO_MATCH
|
6246
|
+
# },
|
6181
6247
|
# },
|
6182
6248
|
# ],
|
6183
6249
|
# managed_by_firewall_manager: false,
|
@@ -6230,6 +6296,7 @@ module Aws::WAFV2
|
|
6230
6296
|
# resp.logging_configuration.redacted_fields[0].cookies.match_scope #=> String, one of "ALL", "KEY", "VALUE"
|
6231
6297
|
# resp.logging_configuration.redacted_fields[0].cookies.oversize_handling #=> String, one of "CONTINUE", "MATCH", "NO_MATCH"
|
6232
6298
|
# resp.logging_configuration.redacted_fields[0].header_order.oversize_handling #=> String, one of "CONTINUE", "MATCH", "NO_MATCH"
|
6299
|
+
# resp.logging_configuration.redacted_fields[0].ja3_fingerprint.fallback_behavior #=> String, one of "MATCH", "NO_MATCH"
|
6233
6300
|
# resp.logging_configuration.managed_by_firewall_manager #=> Boolean
|
6234
6301
|
# resp.logging_configuration.logging_filter.filters #=> Array
|
6235
6302
|
# resp.logging_configuration.logging_filter.filters[0].behavior #=> String, one of "KEEP", "DROP"
|
@@ -6546,25 +6613,25 @@ module Aws::WAFV2
|
|
6546
6613
|
#
|
6547
6614
|
# @option params [required, Array<String>] :addresses
|
6548
6615
|
# Contains an array of strings that specifies zero or more IP addresses
|
6549
|
-
# or blocks of IP addresses
|
6550
|
-
#
|
6551
|
-
# and IPv6 CIDR ranges
|
6616
|
+
# or blocks of IP addresses that you want WAF to inspect for in incoming
|
6617
|
+
# requests. All addresses must be specified using Classless Inter-Domain
|
6618
|
+
# Routing (CIDR) notation. WAF supports all IPv4 and IPv6 CIDR ranges
|
6619
|
+
# except for `/0`.
|
6552
6620
|
#
|
6553
6621
|
# Example address strings:
|
6554
6622
|
#
|
6555
|
-
# *
|
6556
|
-
#
|
6623
|
+
# * For requests that originated from the IP address 192.0.2.44, specify
|
6624
|
+
# `192.0.2.44/32`.
|
6557
6625
|
#
|
6558
|
-
# *
|
6559
|
-
#
|
6560
|
-
# `192.0.2.0/24`.
|
6626
|
+
# * For requests that originated from IP addresses from 192.0.2.0 to
|
6627
|
+
# 192.0.2.255, specify `192.0.2.0/24`.
|
6561
6628
|
#
|
6562
|
-
# *
|
6563
|
-
#
|
6629
|
+
# * For requests that originated from the IP address
|
6630
|
+
# 1111:0000:0000:0000:0000:0000:0000:0111, specify
|
6564
6631
|
# `1111:0000:0000:0000:0000:0000:0000:0111/128`.
|
6565
6632
|
#
|
6566
|
-
# *
|
6567
|
-
#
|
6633
|
+
# * For requests that originated from IP addresses
|
6634
|
+
# 1111:0000:0000:0000:0000:0000:0000:0000 to
|
6568
6635
|
# 1111:0000:0000:0000:ffff:ffff:ffff:ffff, specify
|
6569
6636
|
# `1111:0000:0000:0000:0000:0000:0000:0000/64`.
|
6570
6637
|
#
|
@@ -6886,9 +6953,9 @@ module Aws::WAFV2
|
|
6886
6953
|
#
|
6887
6954
|
# @option params [Array<Types::Rule>] :rules
|
6888
6955
|
# The Rule statements used to identify the web requests that you want to
|
6889
|
-
#
|
6890
|
-
#
|
6891
|
-
#
|
6956
|
+
# manage. Each rule includes one top-level statement that WAF uses to
|
6957
|
+
# identify matching web requests, and parameters that govern how WAF
|
6958
|
+
# handles them.
|
6892
6959
|
#
|
6893
6960
|
# @option params [required, Types::VisibilityConfig] :visibility_config
|
6894
6961
|
# Defines and enables Amazon CloudWatch metrics and web request sample
|
@@ -6992,6 +7059,9 @@ module Aws::WAFV2
|
|
6992
7059
|
# header_order: {
|
6993
7060
|
# oversize_handling: "CONTINUE", # required, accepts CONTINUE, MATCH, NO_MATCH
|
6994
7061
|
# },
|
7062
|
+
# ja3_fingerprint: {
|
7063
|
+
# fallback_behavior: "MATCH", # required, accepts MATCH, NO_MATCH
|
7064
|
+
# },
|
6995
7065
|
# },
|
6996
7066
|
# text_transformations: [ # required
|
6997
7067
|
# {
|
@@ -7053,6 +7123,9 @@ module Aws::WAFV2
|
|
7053
7123
|
# header_order: {
|
7054
7124
|
# oversize_handling: "CONTINUE", # required, accepts CONTINUE, MATCH, NO_MATCH
|
7055
7125
|
# },
|
7126
|
+
# ja3_fingerprint: {
|
7127
|
+
# fallback_behavior: "MATCH", # required, accepts MATCH, NO_MATCH
|
7128
|
+
# },
|
7056
7129
|
# },
|
7057
7130
|
# text_transformations: [ # required
|
7058
7131
|
# {
|
@@ -7114,6 +7187,9 @@ module Aws::WAFV2
|
|
7114
7187
|
# header_order: {
|
7115
7188
|
# oversize_handling: "CONTINUE", # required, accepts CONTINUE, MATCH, NO_MATCH
|
7116
7189
|
# },
|
7190
|
+
# ja3_fingerprint: {
|
7191
|
+
# fallback_behavior: "MATCH", # required, accepts MATCH, NO_MATCH
|
7192
|
+
# },
|
7117
7193
|
# },
|
7118
7194
|
# text_transformations: [ # required
|
7119
7195
|
# {
|
@@ -7174,6 +7250,9 @@ module Aws::WAFV2
|
|
7174
7250
|
# header_order: {
|
7175
7251
|
# oversize_handling: "CONTINUE", # required, accepts CONTINUE, MATCH, NO_MATCH
|
7176
7252
|
# },
|
7253
|
+
# ja3_fingerprint: {
|
7254
|
+
# fallback_behavior: "MATCH", # required, accepts MATCH, NO_MATCH
|
7255
|
+
# },
|
7177
7256
|
# },
|
7178
7257
|
# comparison_operator: "EQ", # required, accepts EQ, NE, LE, LT, GE, GT
|
7179
7258
|
# size: 1, # required
|
@@ -7319,6 +7398,9 @@ module Aws::WAFV2
|
|
7319
7398
|
# header_order: {
|
7320
7399
|
# oversize_handling: "CONTINUE", # required, accepts CONTINUE, MATCH, NO_MATCH
|
7321
7400
|
# },
|
7401
|
+
# ja3_fingerprint: {
|
7402
|
+
# fallback_behavior: "MATCH", # required, accepts MATCH, NO_MATCH
|
7403
|
+
# },
|
7322
7404
|
# },
|
7323
7405
|
# text_transformations: [ # required
|
7324
7406
|
# {
|
@@ -7638,6 +7720,9 @@ module Aws::WAFV2
|
|
7638
7720
|
# header_order: {
|
7639
7721
|
# oversize_handling: "CONTINUE", # required, accepts CONTINUE, MATCH, NO_MATCH
|
7640
7722
|
# },
|
7723
|
+
# ja3_fingerprint: {
|
7724
|
+
# fallback_behavior: "MATCH", # required, accepts MATCH, NO_MATCH
|
7725
|
+
# },
|
7641
7726
|
# },
|
7642
7727
|
# text_transformations: [ # required
|
7643
7728
|
# {
|
@@ -7797,16 +7882,17 @@ module Aws::WAFV2
|
|
7797
7882
|
# Generally, any inconsistencies of this type last only a few seconds.
|
7798
7883
|
#
|
7799
7884
|
# A web ACL defines a collection of rules to use to inspect and control
|
7800
|
-
# web requests. Each rule has
|
7801
|
-
#
|
7802
|
-
# assign a default action to take
|
7803
|
-
# does not match any of the rules.
|
7804
|
-
# combination of the types Rule,
|
7805
|
-
# can associate a web ACL with
|
7806
|
-
#
|
7807
|
-
#
|
7808
|
-
#
|
7809
|
-
# Amazon Web Services
|
7885
|
+
# web requests. Each rule has a statement that defines what to look for
|
7886
|
+
# in web requests and an action that WAF applies to requests that match
|
7887
|
+
# the statement. In the web ACL, you assign a default action to take
|
7888
|
+
# (allow, block) for any request that does not match any of the rules.
|
7889
|
+
# The rules in a web ACL can be a combination of the types Rule,
|
7890
|
+
# RuleGroup, and managed rule group. You can associate a web ACL with
|
7891
|
+
# one or more Amazon Web Services resources to protect. The resources
|
7892
|
+
# can be an Amazon CloudFront distribution, an Amazon API Gateway REST
|
7893
|
+
# API, an Application Load Balancer, an AppSync GraphQL API, an Amazon
|
7894
|
+
# Cognito user pool, an App Runner service, or an Amazon Web Services
|
7895
|
+
# Verified Access instance.
|
7810
7896
|
#
|
7811
7897
|
# @option params [required, String] :name
|
7812
7898
|
# The name of the web ACL. You cannot change the name of a web ACL after
|
@@ -7841,9 +7927,9 @@ module Aws::WAFV2
|
|
7841
7927
|
#
|
7842
7928
|
# @option params [Array<Types::Rule>] :rules
|
7843
7929
|
# The Rule statements used to identify the web requests that you want to
|
7844
|
-
#
|
7845
|
-
#
|
7846
|
-
#
|
7930
|
+
# manage. Each rule includes one top-level statement that WAF uses to
|
7931
|
+
# identify matching web requests, and parameters that govern how WAF
|
7932
|
+
# handles them.
|
7847
7933
|
#
|
7848
7934
|
# @option params [required, Types::VisibilityConfig] :visibility_config
|
7849
7935
|
# Defines and enables Amazon CloudWatch metrics and web request sample
|
@@ -8015,6 +8101,9 @@ module Aws::WAFV2
|
|
8015
8101
|
# header_order: {
|
8016
8102
|
# oversize_handling: "CONTINUE", # required, accepts CONTINUE, MATCH, NO_MATCH
|
8017
8103
|
# },
|
8104
|
+
# ja3_fingerprint: {
|
8105
|
+
# fallback_behavior: "MATCH", # required, accepts MATCH, NO_MATCH
|
8106
|
+
# },
|
8018
8107
|
# },
|
8019
8108
|
# text_transformations: [ # required
|
8020
8109
|
# {
|
@@ -8076,6 +8165,9 @@ module Aws::WAFV2
|
|
8076
8165
|
# header_order: {
|
8077
8166
|
# oversize_handling: "CONTINUE", # required, accepts CONTINUE, MATCH, NO_MATCH
|
8078
8167
|
# },
|
8168
|
+
# ja3_fingerprint: {
|
8169
|
+
# fallback_behavior: "MATCH", # required, accepts MATCH, NO_MATCH
|
8170
|
+
# },
|
8079
8171
|
# },
|
8080
8172
|
# text_transformations: [ # required
|
8081
8173
|
# {
|
@@ -8137,6 +8229,9 @@ module Aws::WAFV2
|
|
8137
8229
|
# header_order: {
|
8138
8230
|
# oversize_handling: "CONTINUE", # required, accepts CONTINUE, MATCH, NO_MATCH
|
8139
8231
|
# },
|
8232
|
+
# ja3_fingerprint: {
|
8233
|
+
# fallback_behavior: "MATCH", # required, accepts MATCH, NO_MATCH
|
8234
|
+
# },
|
8140
8235
|
# },
|
8141
8236
|
# text_transformations: [ # required
|
8142
8237
|
# {
|
@@ -8197,6 +8292,9 @@ module Aws::WAFV2
|
|
8197
8292
|
# header_order: {
|
8198
8293
|
# oversize_handling: "CONTINUE", # required, accepts CONTINUE, MATCH, NO_MATCH
|
8199
8294
|
# },
|
8295
|
+
# ja3_fingerprint: {
|
8296
|
+
# fallback_behavior: "MATCH", # required, accepts MATCH, NO_MATCH
|
8297
|
+
# },
|
8200
8298
|
# },
|
8201
8299
|
# comparison_operator: "EQ", # required, accepts EQ, NE, LE, LT, GE, GT
|
8202
8300
|
# size: 1, # required
|
@@ -8342,6 +8440,9 @@ module Aws::WAFV2
|
|
8342
8440
|
# header_order: {
|
8343
8441
|
# oversize_handling: "CONTINUE", # required, accepts CONTINUE, MATCH, NO_MATCH
|
8344
8442
|
# },
|
8443
|
+
# ja3_fingerprint: {
|
8444
|
+
# fallback_behavior: "MATCH", # required, accepts MATCH, NO_MATCH
|
8445
|
+
# },
|
8345
8446
|
# },
|
8346
8447
|
# text_transformations: [ # required
|
8347
8448
|
# {
|
@@ -8661,6 +8762,9 @@ module Aws::WAFV2
|
|
8661
8762
|
# header_order: {
|
8662
8763
|
# oversize_handling: "CONTINUE", # required, accepts CONTINUE, MATCH, NO_MATCH
|
8663
8764
|
# },
|
8765
|
+
# ja3_fingerprint: {
|
8766
|
+
# fallback_behavior: "MATCH", # required, accepts MATCH, NO_MATCH
|
8767
|
+
# },
|
8664
8768
|
# },
|
8665
8769
|
# text_transformations: [ # required
|
8666
8770
|
# {
|
@@ -8818,7 +8922,7 @@ module Aws::WAFV2
|
|
8818
8922
|
params: params,
|
8819
8923
|
config: config)
|
8820
8924
|
context[:gem_name] = 'aws-sdk-wafv2'
|
8821
|
-
context[:gem_version] = '1.
|
8925
|
+
context[:gem_version] = '1.70.0'
|
8822
8926
|
Seahorse::Client::Request.new(handlers, context)
|
8823
8927
|
end
|
8824
8928
|
|
@@ -176,6 +176,7 @@ module Aws::WAFV2
|
|
176
176
|
IPString = Shapes::StringShape.new(name: 'IPString')
|
177
177
|
ImmunityTimeProperty = Shapes::StructureShape.new(name: 'ImmunityTimeProperty')
|
178
178
|
InspectionLevel = Shapes::StringShape.new(name: 'InspectionLevel')
|
179
|
+
JA3Fingerprint = Shapes::StructureShape.new(name: 'JA3Fingerprint')
|
179
180
|
JsonBody = Shapes::StructureShape.new(name: 'JsonBody')
|
180
181
|
JsonMatchPattern = Shapes::StructureShape.new(name: 'JsonMatchPattern')
|
181
182
|
JsonMatchScope = Shapes::StringShape.new(name: 'JsonMatchScope')
|
@@ -717,6 +718,7 @@ module Aws::WAFV2
|
|
717
718
|
FieldToMatch.add_member(:headers, Shapes::ShapeRef.new(shape: Headers, location_name: "Headers"))
|
718
719
|
FieldToMatch.add_member(:cookies, Shapes::ShapeRef.new(shape: Cookies, location_name: "Cookies"))
|
719
720
|
FieldToMatch.add_member(:header_order, Shapes::ShapeRef.new(shape: HeaderOrder, location_name: "HeaderOrder"))
|
721
|
+
FieldToMatch.add_member(:ja3_fingerprint, Shapes::ShapeRef.new(shape: JA3Fingerprint, location_name: "JA3Fingerprint"))
|
720
722
|
FieldToMatch.struct_class = Types::FieldToMatch
|
721
723
|
|
722
724
|
Filter.add_member(:behavior, Shapes::ShapeRef.new(shape: FilterBehavior, required: true, location_name: "Behavior"))
|
@@ -917,6 +919,9 @@ module Aws::WAFV2
|
|
917
919
|
ImmunityTimeProperty.add_member(:immunity_time, Shapes::ShapeRef.new(shape: TimeWindowSecond, required: true, location_name: "ImmunityTime"))
|
918
920
|
ImmunityTimeProperty.struct_class = Types::ImmunityTimeProperty
|
919
921
|
|
922
|
+
JA3Fingerprint.add_member(:fallback_behavior, Shapes::ShapeRef.new(shape: FallbackBehavior, required: true, location_name: "FallbackBehavior"))
|
923
|
+
JA3Fingerprint.struct_class = Types::JA3Fingerprint
|
924
|
+
|
920
925
|
JsonBody.add_member(:match_pattern, Shapes::ShapeRef.new(shape: JsonMatchPattern, required: true, location_name: "MatchPattern"))
|
921
926
|
JsonBody.add_member(:match_scope, Shapes::ShapeRef.new(shape: JsonMatchScope, required: true, location_name: "MatchScope"))
|
922
927
|
JsonBody.add_member(:invalid_fallback_behavior, Shapes::ShapeRef.new(shape: BodyParsingFallbackBehavior, location_name: "InvalidFallbackBehavior"))
|