aws-sdk-wafv2 1.68.0 → 1.70.0

Sign up to get free protection for your applications and to get access to all the features.
Files changed (8) hide show
  1. checksums.yaml +4 -4
  2. data/CHANGELOG.md +10 -0
  3. data/VERSION +1 -1
  4. data/lib/aws-sdk-wafv2/client.rb +161 -57
  5. data/lib/aws-sdk-wafv2/client_api.rb +5 -0
  6. data/lib/aws-sdk-wafv2/types.rb +162 -214
  7. data/lib/aws-sdk-wafv2.rb +1 -1
  8. metadata +4 -4
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 55bfda004eba480991c75c6b64ae9e27a276f5634a2a642a5fb5250b1b528c75
4
- data.tar.gz: 6be1ea7c0b782202a5eeb080fc572df75da8fb2c56cb16d886ce65fa6ed2aaad
3
+ metadata.gz: 709fa74d545a9bd5a3313ce44f8e5d2598cbcf703eb04f1cc41e28cd60125506
4
+ data.tar.gz: bb19fdda06d4593e0cb4423c85f934918d6b6176cf789cfb4a5f7180ce91b279
5
5
  SHA512:
6
- metadata.gz: 0ede4328b57c11dfdc743583e0ebff19b960a04426ffaf0b8b35d975e68b4e53eff3272e3e979583eaa286ad09adec2a69b5c78f8ea981b66683d80687789403
7
- data.tar.gz: ae1f655544dd8bb38e75cde4079ff7bc9bb75abb57abdd6b81e3377e7ad68dd31dd46a6c2650b508872672c07dfaf087369e89dc4f874620c4fdafa578195c8d
6
+ metadata.gz: ba7f965bdadb365aabcf1763dd783dedc8c95d0e76d3674962e28452a598dcf2777c24bed0c862e903f649052b60fb61db8b3f71106c81bd28d16da612af5059
7
+ data.tar.gz: b255ec9c6c0c478e56f92d62708273fc2ff0e5988ebb606d2fc4cbb1246b3c40bcd9a9a0d1b4d5a31901171ecaee1d4be0e31a012ffe95393e1306a77ffe19fa
data/CHANGELOG.md CHANGED
@@ -1,6 +1,16 @@
1
1
  Unreleased Changes
2
2
  ------------------
3
3
 
4
+ 1.70.0 (2023-09-27)
5
+ ------------------
6
+
7
+ * Feature - Code Generated Changes, see `./build_tools` or `aws-sdk-core`'s CHANGELOG.md for details.
8
+
9
+ 1.69.0 (2023-09-25)
10
+ ------------------
11
+
12
+ * Feature - You can now perform an exact match against the web request's JA3 fingerprint.
13
+
4
14
  1.68.0 (2023-09-06)
5
15
  ------------------
6
16
 
data/VERSION CHANGED
@@ -1 +1 @@
1
- 1.68.0
1
+ 1.70.0
data/lib/aws-sdk-wafv2/client.rb CHANGED
@@ -580,6 +580,9 @@ module Aws::WAFV2
580
580
  # header_order: {
581
581
  # oversize_handling: "CONTINUE", # required, accepts CONTINUE, MATCH, NO_MATCH
582
582
  # },
583
+ # ja3_fingerprint: {
584
+ # fallback_behavior: "MATCH", # required, accepts MATCH, NO_MATCH
585
+ # },
583
586
  # },
584
587
  # text_transformations: [ # required
585
588
  # {
@@ -641,6 +644,9 @@ module Aws::WAFV2
641
644
  # header_order: {
642
645
  # oversize_handling: "CONTINUE", # required, accepts CONTINUE, MATCH, NO_MATCH
643
646
  # },
647
+ # ja3_fingerprint: {
648
+ # fallback_behavior: "MATCH", # required, accepts MATCH, NO_MATCH
649
+ # },
644
650
  # },
645
651
  # text_transformations: [ # required
646
652
  # {
@@ -702,6 +708,9 @@ module Aws::WAFV2
702
708
  # header_order: {
703
709
  # oversize_handling: "CONTINUE", # required, accepts CONTINUE, MATCH, NO_MATCH
704
710
  # },
711
+ # ja3_fingerprint: {
712
+ # fallback_behavior: "MATCH", # required, accepts MATCH, NO_MATCH
713
+ # },
705
714
  # },
706
715
  # text_transformations: [ # required
707
716
  # {
@@ -762,6 +771,9 @@ module Aws::WAFV2
762
771
  # header_order: {
763
772
  # oversize_handling: "CONTINUE", # required, accepts CONTINUE, MATCH, NO_MATCH
764
773
  # },
774
+ # ja3_fingerprint: {
775
+ # fallback_behavior: "MATCH", # required, accepts MATCH, NO_MATCH
776
+ # },
765
777
  # },
766
778
  # comparison_operator: "EQ", # required, accepts EQ, NE, LE, LT, GE, GT
767
779
  # size: 1, # required
@@ -907,6 +919,9 @@ module Aws::WAFV2
907
919
  # header_order: {
908
920
  # oversize_handling: "CONTINUE", # required, accepts CONTINUE, MATCH, NO_MATCH
909
921
  # },
922
+ # ja3_fingerprint: {
923
+ # fallback_behavior: "MATCH", # required, accepts MATCH, NO_MATCH
924
+ # },
910
925
  # },
911
926
  # text_transformations: [ # required
912
927
  # {
@@ -1226,6 +1241,9 @@ module Aws::WAFV2
1226
1241
  # header_order: {
1227
1242
  # oversize_handling: "CONTINUE", # required, accepts CONTINUE, MATCH, NO_MATCH
1228
1243
  # },
1244
+ # ja3_fingerprint: {
1245
+ # fallback_behavior: "MATCH", # required, accepts MATCH, NO_MATCH
1246
+ # },
1229
1247
  # },
1230
1248
  # text_transformations: [ # required
1231
1249
  # {
@@ -1436,25 +1454,25 @@ module Aws::WAFV2
1436
1454
  #
1437
1455
  # @option params [required, Array<String>] :addresses
1438
1456
  # Contains an array of strings that specifies zero or more IP addresses
1439
- # or blocks of IP addresses. All addresses must be specified using
1440
- # Classless Inter-Domain Routing (CIDR) notation. WAF supports all IPv4
1441
- # and IPv6 CIDR ranges except for `/0`.
1457
+ # or blocks of IP addresses that you want WAF to inspect for in incoming
1458
+ # requests. All addresses must be specified using Classless Inter-Domain
1459
+ # Routing (CIDR) notation. WAF supports all IPv4 and IPv6 CIDR ranges
1460
+ # except for `/0`.
1442
1461
  #
1443
1462
  # Example address strings:
1444
1463
  #
1445
- # * To configure WAF to allow, block, or count requests that originated
1446
- # from the IP address 192.0.2.44, specify `192.0.2.44/32`.
1464
+ # * For requests that originated from the IP address 192.0.2.44, specify
1465
+ # `192.0.2.44/32`.
1447
1466
  #
1448
- # * To configure WAF to allow, block, or count requests that originated
1449
- # from IP addresses from 192.0.2.0 to 192.0.2.255, specify
1450
- # `192.0.2.0/24`.
1467
+ # * For requests that originated from IP addresses from 192.0.2.0 to
1468
+ # 192.0.2.255, specify `192.0.2.0/24`.
1451
1469
  #
1452
- # * To configure WAF to allow, block, or count requests that originated
1453
- # from the IP address 1111:0000:0000:0000:0000:0000:0000:0111, specify
1470
+ # * For requests that originated from the IP address
1471
+ # 1111:0000:0000:0000:0000:0000:0000:0111, specify
1454
1472
  # `1111:0000:0000:0000:0000:0000:0000:0111/128`.
1455
1473
  #
1456
- # * To configure WAF to allow, block, or count requests that originated
1457
- # from IP addresses 1111:0000:0000:0000:0000:0000:0000:0000 to
1474
+ # * For requests that originated from IP addresses
1475
+ # 1111:0000:0000:0000:0000:0000:0000:0000 to
1458
1476
  # 1111:0000:0000:0000:ffff:ffff:ffff:ffff, specify
1459
1477
  # `1111:0000:0000:0000:0000:0000:0000:0000/64`.
1460
1478
  #
@@ -1641,9 +1659,9 @@ module Aws::WAFV2
1641
1659
  #
1642
1660
  # @option params [Array<Types::Rule>] :rules
1643
1661
  # The Rule statements used to identify the web requests that you want to
1644
- # allow, block, or count. Each rule includes one top-level statement
1645
- # that WAF uses to identify matching web requests, and parameters that
1646
- # govern how WAF handles them.
1662
+ # manage. Each rule includes one top-level statement that WAF uses to
1663
+ # identify matching web requests, and parameters that govern how WAF
1664
+ # handles them.
1647
1665
  #
1648
1666
  # @option params [required, Types::VisibilityConfig] :visibility_config
1649
1667
  # Defines and enables Amazon CloudWatch metrics and web request sample
@@ -1740,6 +1758,9 @@ module Aws::WAFV2
1740
1758
  # header_order: {
1741
1759
  # oversize_handling: "CONTINUE", # required, accepts CONTINUE, MATCH, NO_MATCH
1742
1760
  # },
1761
+ # ja3_fingerprint: {
1762
+ # fallback_behavior: "MATCH", # required, accepts MATCH, NO_MATCH
1763
+ # },
1743
1764
  # },
1744
1765
  # text_transformations: [ # required
1745
1766
  # {
@@ -1801,6 +1822,9 @@ module Aws::WAFV2
1801
1822
  # header_order: {
1802
1823
  # oversize_handling: "CONTINUE", # required, accepts CONTINUE, MATCH, NO_MATCH
1803
1824
  # },
1825
+ # ja3_fingerprint: {
1826
+ # fallback_behavior: "MATCH", # required, accepts MATCH, NO_MATCH
1827
+ # },
1804
1828
  # },
1805
1829
  # text_transformations: [ # required
1806
1830
  # {
@@ -1862,6 +1886,9 @@ module Aws::WAFV2
1862
1886
  # header_order: {
1863
1887
  # oversize_handling: "CONTINUE", # required, accepts CONTINUE, MATCH, NO_MATCH
1864
1888
  # },
1889
+ # ja3_fingerprint: {
1890
+ # fallback_behavior: "MATCH", # required, accepts MATCH, NO_MATCH
1891
+ # },
1865
1892
  # },
1866
1893
  # text_transformations: [ # required
1867
1894
  # {
@@ -1922,6 +1949,9 @@ module Aws::WAFV2
1922
1949
  # header_order: {
1923
1950
  # oversize_handling: "CONTINUE", # required, accepts CONTINUE, MATCH, NO_MATCH
1924
1951
  # },
1952
+ # ja3_fingerprint: {
1953
+ # fallback_behavior: "MATCH", # required, accepts MATCH, NO_MATCH
1954
+ # },
1925
1955
  # },
1926
1956
  # comparison_operator: "EQ", # required, accepts EQ, NE, LE, LT, GE, GT
1927
1957
  # size: 1, # required
@@ -2067,6 +2097,9 @@ module Aws::WAFV2
2067
2097
  # header_order: {
2068
2098
  # oversize_handling: "CONTINUE", # required, accepts CONTINUE, MATCH, NO_MATCH
2069
2099
  # },
2100
+ # ja3_fingerprint: {
2101
+ # fallback_behavior: "MATCH", # required, accepts MATCH, NO_MATCH
2102
+ # },
2070
2103
  # },
2071
2104
  # text_transformations: [ # required
2072
2105
  # {
@@ -2386,6 +2419,9 @@ module Aws::WAFV2
2386
2419
  # header_order: {
2387
2420
  # oversize_handling: "CONTINUE", # required, accepts CONTINUE, MATCH, NO_MATCH
2388
2421
  # },
2422
+ # ja3_fingerprint: {
2423
+ # fallback_behavior: "MATCH", # required, accepts MATCH, NO_MATCH
2424
+ # },
2389
2425
  # },
2390
2426
  # text_transformations: [ # required
2391
2427
  # {
@@ -2524,16 +2560,17 @@ module Aws::WAFV2
2524
2560
  # Creates a WebACL per the specifications provided.
2525
2561
  #
2526
2562
  # A web ACL defines a collection of rules to use to inspect and control
2527
- # web requests. Each rule has an action defined (allow, block, or count)
2528
- # for requests that match the statement of the rule. In the web ACL, you
2529
- # assign a default action to take (allow, block) for any request that
2530
- # does not match any of the rules. The rules in a web ACL can be a
2531
- # combination of the types Rule, RuleGroup, and managed rule group. You
2532
- # can associate a web ACL with one or more Amazon Web Services resources
2533
- # to protect. The resources can be an Amazon CloudFront distribution, an
2534
- # Amazon API Gateway REST API, an Application Load Balancer, an AppSync
2535
- # GraphQL API, an Amazon Cognito user pool, an App Runner service, or an
2536
- # Amazon Web Services Verified Access instance.
2563
+ # web requests. Each rule has a statement that defines what to look for
2564
+ # in web requests and an action that WAF applies to requests that match
2565
+ # the statement. In the web ACL, you assign a default action to take
2566
+ # (allow, block) for any request that does not match any of the rules.
2567
+ # The rules in a web ACL can be a combination of the types Rule,
2568
+ # RuleGroup, and managed rule group. You can associate a web ACL with
2569
+ # one or more Amazon Web Services resources to protect. The resources
2570
+ # can be an Amazon CloudFront distribution, an Amazon API Gateway REST
2571
+ # API, an Application Load Balancer, an AppSync GraphQL API, an Amazon
2572
+ # Cognito user pool, an App Runner service, or an Amazon Web Services
2573
+ # Verified Access instance.
2537
2574
  #
2538
2575
  # @option params [required, String] :name
2539
2576
  # The name of the web ACL. You cannot change the name of a web ACL after
@@ -2563,9 +2600,9 @@ module Aws::WAFV2
2563
2600
  #
2564
2601
  # @option params [Array<Types::Rule>] :rules
2565
2602
  # The Rule statements used to identify the web requests that you want to
2566
- # allow, block, or count. Each rule includes one top-level statement
2567
- # that WAF uses to identify matching web requests, and parameters that
2568
- # govern how WAF handles them.
2603
+ # manage. Each rule includes one top-level statement that WAF uses to
2604
+ # identify matching web requests, and parameters that govern how WAF
2605
+ # handles them.
2569
2606
  #
2570
2607
  # @option params [required, Types::VisibilityConfig] :visibility_config
2571
2608
  # Defines and enables Amazon CloudWatch metrics and web request sample
@@ -2729,6 +2766,9 @@ module Aws::WAFV2
2729
2766
  # header_order: {
2730
2767
  # oversize_handling: "CONTINUE", # required, accepts CONTINUE, MATCH, NO_MATCH
2731
2768
  # },
2769
+ # ja3_fingerprint: {
2770
+ # fallback_behavior: "MATCH", # required, accepts MATCH, NO_MATCH
2771
+ # },
2732
2772
  # },
2733
2773
  # text_transformations: [ # required
2734
2774
  # {
@@ -2790,6 +2830,9 @@ module Aws::WAFV2
2790
2830
  # header_order: {
2791
2831
  # oversize_handling: "CONTINUE", # required, accepts CONTINUE, MATCH, NO_MATCH
2792
2832
  # },
2833
+ # ja3_fingerprint: {
2834
+ # fallback_behavior: "MATCH", # required, accepts MATCH, NO_MATCH
2835
+ # },
2793
2836
  # },
2794
2837
  # text_transformations: [ # required
2795
2838
  # {
@@ -2851,6 +2894,9 @@ module Aws::WAFV2
2851
2894
  # header_order: {
2852
2895
  # oversize_handling: "CONTINUE", # required, accepts CONTINUE, MATCH, NO_MATCH
2853
2896
  # },
2897
+ # ja3_fingerprint: {
2898
+ # fallback_behavior: "MATCH", # required, accepts MATCH, NO_MATCH
2899
+ # },
2854
2900
  # },
2855
2901
  # text_transformations: [ # required
2856
2902
  # {
@@ -2911,6 +2957,9 @@ module Aws::WAFV2
2911
2957
  # header_order: {
2912
2958
  # oversize_handling: "CONTINUE", # required, accepts CONTINUE, MATCH, NO_MATCH
2913
2959
  # },
2960
+ # ja3_fingerprint: {
2961
+ # fallback_behavior: "MATCH", # required, accepts MATCH, NO_MATCH
2962
+ # },
2914
2963
  # },
2915
2964
  # comparison_operator: "EQ", # required, accepts EQ, NE, LE, LT, GE, GT
2916
2965
  # size: 1, # required
@@ -3056,6 +3105,9 @@ module Aws::WAFV2
3056
3105
  # header_order: {
3057
3106
  # oversize_handling: "CONTINUE", # required, accepts CONTINUE, MATCH, NO_MATCH
3058
3107
  # },
3108
+ # ja3_fingerprint: {
3109
+ # fallback_behavior: "MATCH", # required, accepts MATCH, NO_MATCH
3110
+ # },
3059
3111
  # },
3060
3112
  # text_transformations: [ # required
3061
3113
  # {
@@ -3375,6 +3427,9 @@ module Aws::WAFV2
3375
3427
  # header_order: {
3376
3428
  # oversize_handling: "CONTINUE", # required, accepts CONTINUE, MATCH, NO_MATCH
3377
3429
  # },
3430
+ # ja3_fingerprint: {
3431
+ # fallback_behavior: "MATCH", # required, accepts MATCH, NO_MATCH
3432
+ # },
3378
3433
  # },
3379
3434
  # text_transformations: [ # required
3380
3435
  # {
@@ -4337,6 +4392,7 @@ module Aws::WAFV2
4337
4392
  # resp.logging_configuration.redacted_fields[0].cookies.match_scope #=> String, one of "ALL", "KEY", "VALUE"
4338
4393
  # resp.logging_configuration.redacted_fields[0].cookies.oversize_handling #=> String, one of "CONTINUE", "MATCH", "NO_MATCH"
4339
4394
  # resp.logging_configuration.redacted_fields[0].header_order.oversize_handling #=> String, one of "CONTINUE", "MATCH", "NO_MATCH"
4395
+ # resp.logging_configuration.redacted_fields[0].ja3_fingerprint.fallback_behavior #=> String, one of "MATCH", "NO_MATCH"
4340
4396
  # resp.logging_configuration.managed_by_firewall_manager #=> Boolean
4341
4397
  # resp.logging_configuration.logging_filter.filters #=> Array
4342
4398
  # resp.logging_configuration.logging_filter.filters[0].behavior #=> String, one of "KEEP", "DROP"
@@ -4736,6 +4792,7 @@ module Aws::WAFV2
4736
4792
  # resp.rule_group.rules[0].statement.byte_match_statement.field_to_match.cookies.match_scope #=> String, one of "ALL", "KEY", "VALUE"
4737
4793
  # resp.rule_group.rules[0].statement.byte_match_statement.field_to_match.cookies.oversize_handling #=> String, one of "CONTINUE", "MATCH", "NO_MATCH"
4738
4794
  # resp.rule_group.rules[0].statement.byte_match_statement.field_to_match.header_order.oversize_handling #=> String, one of "CONTINUE", "MATCH", "NO_MATCH"
4795
+ # resp.rule_group.rules[0].statement.byte_match_statement.field_to_match.ja3_fingerprint.fallback_behavior #=> String, one of "MATCH", "NO_MATCH"
4739
4796
  # resp.rule_group.rules[0].statement.byte_match_statement.text_transformations #=> Array
4740
4797
  # resp.rule_group.rules[0].statement.byte_match_statement.text_transformations[0].priority #=> Integer
4741
4798
  # resp.rule_group.rules[0].statement.byte_match_statement.text_transformations[0].type #=> String, one of "NONE", "COMPRESS_WHITE_SPACE", "HTML_ENTITY_DECODE", "LOWERCASE", "CMD_LINE", "URL_DECODE", "BASE64_DECODE", "HEX_DECODE", "MD5", "REPLACE_COMMENTS", "ESCAPE_SEQ_DECODE", "SQL_HEX_DECODE", "CSS_DECODE", "JS_DECODE", "NORMALIZE_PATH", "NORMALIZE_PATH_WIN", "REMOVE_NULLS", "REPLACE_NULLS", "BASE64_DECODE_EXT", "URL_DECODE_UNI", "UTF8_TO_UNICODE"
@@ -4761,6 +4818,7 @@ module Aws::WAFV2
4761
4818
  # resp.rule_group.rules[0].statement.sqli_match_statement.field_to_match.cookies.match_scope #=> String, one of "ALL", "KEY", "VALUE"
4762
4819
  # resp.rule_group.rules[0].statement.sqli_match_statement.field_to_match.cookies.oversize_handling #=> String, one of "CONTINUE", "MATCH", "NO_MATCH"
4763
4820
  # resp.rule_group.rules[0].statement.sqli_match_statement.field_to_match.header_order.oversize_handling #=> String, one of "CONTINUE", "MATCH", "NO_MATCH"
4821
+ # resp.rule_group.rules[0].statement.sqli_match_statement.field_to_match.ja3_fingerprint.fallback_behavior #=> String, one of "MATCH", "NO_MATCH"
4764
4822
  # resp.rule_group.rules[0].statement.sqli_match_statement.text_transformations #=> Array
4765
4823
  # resp.rule_group.rules[0].statement.sqli_match_statement.text_transformations[0].priority #=> Integer
4766
4824
  # resp.rule_group.rules[0].statement.sqli_match_statement.text_transformations[0].type #=> String, one of "NONE", "COMPRESS_WHITE_SPACE", "HTML_ENTITY_DECODE", "LOWERCASE", "CMD_LINE", "URL_DECODE", "BASE64_DECODE", "HEX_DECODE", "MD5", "REPLACE_COMMENTS", "ESCAPE_SEQ_DECODE", "SQL_HEX_DECODE", "CSS_DECODE", "JS_DECODE", "NORMALIZE_PATH", "NORMALIZE_PATH_WIN", "REMOVE_NULLS", "REPLACE_NULLS", "BASE64_DECODE_EXT", "URL_DECODE_UNI", "UTF8_TO_UNICODE"
@@ -4786,6 +4844,7 @@ module Aws::WAFV2
4786
4844
  # resp.rule_group.rules[0].statement.xss_match_statement.field_to_match.cookies.match_scope #=> String, one of "ALL", "KEY", "VALUE"
4787
4845
  # resp.rule_group.rules[0].statement.xss_match_statement.field_to_match.cookies.oversize_handling #=> String, one of "CONTINUE", "MATCH", "NO_MATCH"
4788
4846
  # resp.rule_group.rules[0].statement.xss_match_statement.field_to_match.header_order.oversize_handling #=> String, one of "CONTINUE", "MATCH", "NO_MATCH"
4847
+ # resp.rule_group.rules[0].statement.xss_match_statement.field_to_match.ja3_fingerprint.fallback_behavior #=> String, one of "MATCH", "NO_MATCH"
4789
4848
  # resp.rule_group.rules[0].statement.xss_match_statement.text_transformations #=> Array
4790
4849
  # resp.rule_group.rules[0].statement.xss_match_statement.text_transformations[0].priority #=> Integer
4791
4850
  # resp.rule_group.rules[0].statement.xss_match_statement.text_transformations[0].type #=> String, one of "NONE", "COMPRESS_WHITE_SPACE", "HTML_ENTITY_DECODE", "LOWERCASE", "CMD_LINE", "URL_DECODE", "BASE64_DECODE", "HEX_DECODE", "MD5", "REPLACE_COMMENTS", "ESCAPE_SEQ_DECODE", "SQL_HEX_DECODE", "CSS_DECODE", "JS_DECODE", "NORMALIZE_PATH", "NORMALIZE_PATH_WIN", "REMOVE_NULLS", "REPLACE_NULLS", "BASE64_DECODE_EXT", "URL_DECODE_UNI", "UTF8_TO_UNICODE"
@@ -4810,6 +4869,7 @@ module Aws::WAFV2
4810
4869
  # resp.rule_group.rules[0].statement.size_constraint_statement.field_to_match.cookies.match_scope #=> String, one of "ALL", "KEY", "VALUE"
4811
4870
  # resp.rule_group.rules[0].statement.size_constraint_statement.field_to_match.cookies.oversize_handling #=> String, one of "CONTINUE", "MATCH", "NO_MATCH"
4812
4871
  # resp.rule_group.rules[0].statement.size_constraint_statement.field_to_match.header_order.oversize_handling #=> String, one of "CONTINUE", "MATCH", "NO_MATCH"
4872
+ # resp.rule_group.rules[0].statement.size_constraint_statement.field_to_match.ja3_fingerprint.fallback_behavior #=> String, one of "MATCH", "NO_MATCH"
4813
4873
  # resp.rule_group.rules[0].statement.size_constraint_statement.comparison_operator #=> String, one of "EQ", "NE", "LE", "LT", "GE", "GT"
4814
4874
  # resp.rule_group.rules[0].statement.size_constraint_statement.size #=> Integer
4815
4875
  # resp.rule_group.rules[0].statement.size_constraint_statement.text_transformations #=> Array
@@ -4867,6 +4927,7 @@ module Aws::WAFV2
4867
4927
  # resp.rule_group.rules[0].statement.regex_pattern_set_reference_statement.field_to_match.cookies.match_scope #=> String, one of "ALL", "KEY", "VALUE"
4868
4928
  # resp.rule_group.rules[0].statement.regex_pattern_set_reference_statement.field_to_match.cookies.oversize_handling #=> String, one of "CONTINUE", "MATCH", "NO_MATCH"
4869
4929
  # resp.rule_group.rules[0].statement.regex_pattern_set_reference_statement.field_to_match.header_order.oversize_handling #=> String, one of "CONTINUE", "MATCH", "NO_MATCH"
4930
+ # resp.rule_group.rules[0].statement.regex_pattern_set_reference_statement.field_to_match.ja3_fingerprint.fallback_behavior #=> String, one of "MATCH", "NO_MATCH"
4870
4931
  # resp.rule_group.rules[0].statement.regex_pattern_set_reference_statement.text_transformations #=> Array
4871
4932
  # resp.rule_group.rules[0].statement.regex_pattern_set_reference_statement.text_transformations[0].priority #=> Integer
4872
4933
  # resp.rule_group.rules[0].statement.regex_pattern_set_reference_statement.text_transformations[0].type #=> String, one of "NONE", "COMPRESS_WHITE_SPACE", "HTML_ENTITY_DECODE", "LOWERCASE", "CMD_LINE", "URL_DECODE", "BASE64_DECODE", "HEX_DECODE", "MD5", "REPLACE_COMMENTS", "ESCAPE_SEQ_DECODE", "SQL_HEX_DECODE", "CSS_DECODE", "JS_DECODE", "NORMALIZE_PATH", "NORMALIZE_PATH_WIN", "REMOVE_NULLS", "REPLACE_NULLS", "BASE64_DECODE_EXT", "URL_DECODE_UNI", "UTF8_TO_UNICODE"
@@ -5008,6 +5069,7 @@ module Aws::WAFV2
5008
5069
  # resp.rule_group.rules[0].statement.regex_match_statement.field_to_match.cookies.match_scope #=> String, one of "ALL", "KEY", "VALUE"
5009
5070
  # resp.rule_group.rules[0].statement.regex_match_statement.field_to_match.cookies.oversize_handling #=> String, one of "CONTINUE", "MATCH", "NO_MATCH"
5010
5071
  # resp.rule_group.rules[0].statement.regex_match_statement.field_to_match.header_order.oversize_handling #=> String, one of "CONTINUE", "MATCH", "NO_MATCH"
5072
+ # resp.rule_group.rules[0].statement.regex_match_statement.field_to_match.ja3_fingerprint.fallback_behavior #=> String, one of "MATCH", "NO_MATCH"
5011
5073
  # resp.rule_group.rules[0].statement.regex_match_statement.text_transformations #=> Array
5012
5074
  # resp.rule_group.rules[0].statement.regex_match_statement.text_transformations[0].priority #=> Integer
5013
5075
  # resp.rule_group.rules[0].statement.regex_match_statement.text_transformations[0].type #=> String, one of "NONE", "COMPRESS_WHITE_SPACE", "HTML_ENTITY_DECODE", "LOWERCASE", "CMD_LINE", "URL_DECODE", "BASE64_DECODE", "HEX_DECODE", "MD5", "REPLACE_COMMENTS", "ESCAPE_SEQ_DECODE", "SQL_HEX_DECODE", "CSS_DECODE", "JS_DECODE", "NORMALIZE_PATH", "NORMALIZE_PATH_WIN", "REMOVE_NULLS", "REPLACE_NULLS", "BASE64_DECODE_EXT", "URL_DECODE_UNI", "UTF8_TO_UNICODE"
@@ -5616,6 +5678,7 @@ module Aws::WAFV2
5616
5678
  # resp.logging_configurations[0].redacted_fields[0].cookies.match_scope #=> String, one of "ALL", "KEY", "VALUE"
5617
5679
  # resp.logging_configurations[0].redacted_fields[0].cookies.oversize_handling #=> String, one of "CONTINUE", "MATCH", "NO_MATCH"
5618
5680
  # resp.logging_configurations[0].redacted_fields[0].header_order.oversize_handling #=> String, one of "CONTINUE", "MATCH", "NO_MATCH"
5681
+ # resp.logging_configurations[0].redacted_fields[0].ja3_fingerprint.fallback_behavior #=> String, one of "MATCH", "NO_MATCH"
5619
5682
  # resp.logging_configurations[0].managed_by_firewall_manager #=> Boolean
5620
5683
  # resp.logging_configurations[0].logging_filter.filters #=> Array
5621
5684
  # resp.logging_configurations[0].logging_filter.filters[0].behavior #=> String, one of "KEEP", "DROP"
@@ -6178,6 +6241,9 @@ module Aws::WAFV2
6178
6241
  # header_order: {
6179
6242
  # oversize_handling: "CONTINUE", # required, accepts CONTINUE, MATCH, NO_MATCH
6180
6243
  # },
6244
+ # ja3_fingerprint: {
6245
+ # fallback_behavior: "MATCH", # required, accepts MATCH, NO_MATCH
6246
+ # },
6181
6247
  # },
6182
6248
  # ],
6183
6249
  # managed_by_firewall_manager: false,
@@ -6230,6 +6296,7 @@ module Aws::WAFV2
6230
6296
  # resp.logging_configuration.redacted_fields[0].cookies.match_scope #=> String, one of "ALL", "KEY", "VALUE"
6231
6297
  # resp.logging_configuration.redacted_fields[0].cookies.oversize_handling #=> String, one of "CONTINUE", "MATCH", "NO_MATCH"
6232
6298
  # resp.logging_configuration.redacted_fields[0].header_order.oversize_handling #=> String, one of "CONTINUE", "MATCH", "NO_MATCH"
6299
+ # resp.logging_configuration.redacted_fields[0].ja3_fingerprint.fallback_behavior #=> String, one of "MATCH", "NO_MATCH"
6233
6300
  # resp.logging_configuration.managed_by_firewall_manager #=> Boolean
6234
6301
  # resp.logging_configuration.logging_filter.filters #=> Array
6235
6302
  # resp.logging_configuration.logging_filter.filters[0].behavior #=> String, one of "KEEP", "DROP"
@@ -6546,25 +6613,25 @@ module Aws::WAFV2
6546
6613
  #
6547
6614
  # @option params [required, Array<String>] :addresses
6548
6615
  # Contains an array of strings that specifies zero or more IP addresses
6549
- # or blocks of IP addresses. All addresses must be specified using
6550
- # Classless Inter-Domain Routing (CIDR) notation. WAF supports all IPv4
6551
- # and IPv6 CIDR ranges except for `/0`.
6616
+ # or blocks of IP addresses that you want WAF to inspect for in incoming
6617
+ # requests. All addresses must be specified using Classless Inter-Domain
6618
+ # Routing (CIDR) notation. WAF supports all IPv4 and IPv6 CIDR ranges
6619
+ # except for `/0`.
6552
6620
  #
6553
6621
  # Example address strings:
6554
6622
  #
6555
- # * To configure WAF to allow, block, or count requests that originated
6556
- # from the IP address 192.0.2.44, specify `192.0.2.44/32`.
6623
+ # * For requests that originated from the IP address 192.0.2.44, specify
6624
+ # `192.0.2.44/32`.
6557
6625
  #
6558
- # * To configure WAF to allow, block, or count requests that originated
6559
- # from IP addresses from 192.0.2.0 to 192.0.2.255, specify
6560
- # `192.0.2.0/24`.
6626
+ # * For requests that originated from IP addresses from 192.0.2.0 to
6627
+ # 192.0.2.255, specify `192.0.2.0/24`.
6561
6628
  #
6562
- # * To configure WAF to allow, block, or count requests that originated
6563
- # from the IP address 1111:0000:0000:0000:0000:0000:0000:0111, specify
6629
+ # * For requests that originated from the IP address
6630
+ # 1111:0000:0000:0000:0000:0000:0000:0111, specify
6564
6631
  # `1111:0000:0000:0000:0000:0000:0000:0111/128`.
6565
6632
  #
6566
- # * To configure WAF to allow, block, or count requests that originated
6567
- # from IP addresses 1111:0000:0000:0000:0000:0000:0000:0000 to
6633
+ # * For requests that originated from IP addresses
6634
+ # 1111:0000:0000:0000:0000:0000:0000:0000 to
6568
6635
  # 1111:0000:0000:0000:ffff:ffff:ffff:ffff, specify
6569
6636
  # `1111:0000:0000:0000:0000:0000:0000:0000/64`.
6570
6637
  #
@@ -6886,9 +6953,9 @@ module Aws::WAFV2
6886
6953
  #
6887
6954
  # @option params [Array<Types::Rule>] :rules
6888
6955
  # The Rule statements used to identify the web requests that you want to
6889
- # allow, block, or count. Each rule includes one top-level statement
6890
- # that WAF uses to identify matching web requests, and parameters that
6891
- # govern how WAF handles them.
6956
+ # manage. Each rule includes one top-level statement that WAF uses to
6957
+ # identify matching web requests, and parameters that govern how WAF
6958
+ # handles them.
6892
6959
  #
6893
6960
  # @option params [required, Types::VisibilityConfig] :visibility_config
6894
6961
  # Defines and enables Amazon CloudWatch metrics and web request sample
@@ -6992,6 +7059,9 @@ module Aws::WAFV2
6992
7059
  # header_order: {
6993
7060
  # oversize_handling: "CONTINUE", # required, accepts CONTINUE, MATCH, NO_MATCH
6994
7061
  # },
7062
+ # ja3_fingerprint: {
7063
+ # fallback_behavior: "MATCH", # required, accepts MATCH, NO_MATCH
7064
+ # },
6995
7065
  # },
6996
7066
  # text_transformations: [ # required
6997
7067
  # {
@@ -7053,6 +7123,9 @@ module Aws::WAFV2
7053
7123
  # header_order: {
7054
7124
  # oversize_handling: "CONTINUE", # required, accepts CONTINUE, MATCH, NO_MATCH
7055
7125
  # },
7126
+ # ja3_fingerprint: {
7127
+ # fallback_behavior: "MATCH", # required, accepts MATCH, NO_MATCH
7128
+ # },
7056
7129
  # },
7057
7130
  # text_transformations: [ # required
7058
7131
  # {
@@ -7114,6 +7187,9 @@ module Aws::WAFV2
7114
7187
  # header_order: {
7115
7188
  # oversize_handling: "CONTINUE", # required, accepts CONTINUE, MATCH, NO_MATCH
7116
7189
  # },
7190
+ # ja3_fingerprint: {
7191
+ # fallback_behavior: "MATCH", # required, accepts MATCH, NO_MATCH
7192
+ # },
7117
7193
  # },
7118
7194
  # text_transformations: [ # required
7119
7195
  # {
@@ -7174,6 +7250,9 @@ module Aws::WAFV2
7174
7250
  # header_order: {
7175
7251
  # oversize_handling: "CONTINUE", # required, accepts CONTINUE, MATCH, NO_MATCH
7176
7252
  # },
7253
+ # ja3_fingerprint: {
7254
+ # fallback_behavior: "MATCH", # required, accepts MATCH, NO_MATCH
7255
+ # },
7177
7256
  # },
7178
7257
  # comparison_operator: "EQ", # required, accepts EQ, NE, LE, LT, GE, GT
7179
7258
  # size: 1, # required
@@ -7319,6 +7398,9 @@ module Aws::WAFV2
7319
7398
  # header_order: {
7320
7399
  # oversize_handling: "CONTINUE", # required, accepts CONTINUE, MATCH, NO_MATCH
7321
7400
  # },
7401
+ # ja3_fingerprint: {
7402
+ # fallback_behavior: "MATCH", # required, accepts MATCH, NO_MATCH
7403
+ # },
7322
7404
  # },
7323
7405
  # text_transformations: [ # required
7324
7406
  # {
@@ -7638,6 +7720,9 @@ module Aws::WAFV2
7638
7720
  # header_order: {
7639
7721
  # oversize_handling: "CONTINUE", # required, accepts CONTINUE, MATCH, NO_MATCH
7640
7722
  # },
7723
+ # ja3_fingerprint: {
7724
+ # fallback_behavior: "MATCH", # required, accepts MATCH, NO_MATCH
7725
+ # },
7641
7726
  # },
7642
7727
  # text_transformations: [ # required
7643
7728
  # {
@@ -7797,16 +7882,17 @@ module Aws::WAFV2
7797
7882
  # Generally, any inconsistencies of this type last only a few seconds.
7798
7883
  #
7799
7884
  # A web ACL defines a collection of rules to use to inspect and control
7800
- # web requests. Each rule has an action defined (allow, block, or count)
7801
- # for requests that match the statement of the rule. In the web ACL, you
7802
- # assign a default action to take (allow, block) for any request that
7803
- # does not match any of the rules. The rules in a web ACL can be a
7804
- # combination of the types Rule, RuleGroup, and managed rule group. You
7805
- # can associate a web ACL with one or more Amazon Web Services resources
7806
- # to protect. The resources can be an Amazon CloudFront distribution, an
7807
- # Amazon API Gateway REST API, an Application Load Balancer, an AppSync
7808
- # GraphQL API, an Amazon Cognito user pool, an App Runner service, or an
7809
- # Amazon Web Services Verified Access instance.
7885
+ # web requests. Each rule has a statement that defines what to look for
7886
+ # in web requests and an action that WAF applies to requests that match
7887
+ # the statement. In the web ACL, you assign a default action to take
7888
+ # (allow, block) for any request that does not match any of the rules.
7889
+ # The rules in a web ACL can be a combination of the types Rule,
7890
+ # RuleGroup, and managed rule group. You can associate a web ACL with
7891
+ # one or more Amazon Web Services resources to protect. The resources
7892
+ # can be an Amazon CloudFront distribution, an Amazon API Gateway REST
7893
+ # API, an Application Load Balancer, an AppSync GraphQL API, an Amazon
7894
+ # Cognito user pool, an App Runner service, or an Amazon Web Services
7895
+ # Verified Access instance.
7810
7896
  #
7811
7897
  # @option params [required, String] :name
7812
7898
  # The name of the web ACL. You cannot change the name of a web ACL after
@@ -7841,9 +7927,9 @@ module Aws::WAFV2
7841
7927
  #
7842
7928
  # @option params [Array<Types::Rule>] :rules
7843
7929
  # The Rule statements used to identify the web requests that you want to
7844
- # allow, block, or count. Each rule includes one top-level statement
7845
- # that WAF uses to identify matching web requests, and parameters that
7846
- # govern how WAF handles them.
7930
+ # manage. Each rule includes one top-level statement that WAF uses to
7931
+ # identify matching web requests, and parameters that govern how WAF
7932
+ # handles them.
7847
7933
  #
7848
7934
  # @option params [required, Types::VisibilityConfig] :visibility_config
7849
7935
  # Defines and enables Amazon CloudWatch metrics and web request sample
@@ -8015,6 +8101,9 @@ module Aws::WAFV2
8015
8101
  # header_order: {
8016
8102
  # oversize_handling: "CONTINUE", # required, accepts CONTINUE, MATCH, NO_MATCH
8017
8103
  # },
8104
+ # ja3_fingerprint: {
8105
+ # fallback_behavior: "MATCH", # required, accepts MATCH, NO_MATCH
8106
+ # },
8018
8107
  # },
8019
8108
  # text_transformations: [ # required
8020
8109
  # {
@@ -8076,6 +8165,9 @@ module Aws::WAFV2
8076
8165
  # header_order: {
8077
8166
  # oversize_handling: "CONTINUE", # required, accepts CONTINUE, MATCH, NO_MATCH
8078
8167
  # },
8168
+ # ja3_fingerprint: {
8169
+ # fallback_behavior: "MATCH", # required, accepts MATCH, NO_MATCH
8170
+ # },
8079
8171
  # },
8080
8172
  # text_transformations: [ # required
8081
8173
  # {
@@ -8137,6 +8229,9 @@ module Aws::WAFV2
8137
8229
  # header_order: {
8138
8230
  # oversize_handling: "CONTINUE", # required, accepts CONTINUE, MATCH, NO_MATCH
8139
8231
  # },
8232
+ # ja3_fingerprint: {
8233
+ # fallback_behavior: "MATCH", # required, accepts MATCH, NO_MATCH
8234
+ # },
8140
8235
  # },
8141
8236
  # text_transformations: [ # required
8142
8237
  # {
@@ -8197,6 +8292,9 @@ module Aws::WAFV2
8197
8292
  # header_order: {
8198
8293
  # oversize_handling: "CONTINUE", # required, accepts CONTINUE, MATCH, NO_MATCH
8199
8294
  # },
8295
+ # ja3_fingerprint: {
8296
+ # fallback_behavior: "MATCH", # required, accepts MATCH, NO_MATCH
8297
+ # },
8200
8298
  # },
8201
8299
  # comparison_operator: "EQ", # required, accepts EQ, NE, LE, LT, GE, GT
8202
8300
  # size: 1, # required
@@ -8342,6 +8440,9 @@ module Aws::WAFV2
8342
8440
  # header_order: {
8343
8441
  # oversize_handling: "CONTINUE", # required, accepts CONTINUE, MATCH, NO_MATCH
8344
8442
  # },
8443
+ # ja3_fingerprint: {
8444
+ # fallback_behavior: "MATCH", # required, accepts MATCH, NO_MATCH
8445
+ # },
8345
8446
  # },
8346
8447
  # text_transformations: [ # required
8347
8448
  # {
@@ -8661,6 +8762,9 @@ module Aws::WAFV2
8661
8762
  # header_order: {
8662
8763
  # oversize_handling: "CONTINUE", # required, accepts CONTINUE, MATCH, NO_MATCH
8663
8764
  # },
8765
+ # ja3_fingerprint: {
8766
+ # fallback_behavior: "MATCH", # required, accepts MATCH, NO_MATCH
8767
+ # },
8664
8768
  # },
8665
8769
  # text_transformations: [ # required
8666
8770
  # {
@@ -8818,7 +8922,7 @@ module Aws::WAFV2
8818
8922
  params: params,
8819
8923
  config: config)
8820
8924
  context[:gem_name] = 'aws-sdk-wafv2'
8821
- context[:gem_version] = '1.68.0'
8925
+ context[:gem_version] = '1.70.0'
8822
8926
  Seahorse::Client::Request.new(handlers, context)
8823
8927
  end
8824
8928
 
data/lib/aws-sdk-wafv2/client_api.rb CHANGED
@@ -176,6 +176,7 @@ module Aws::WAFV2
176
176
  IPString = Shapes::StringShape.new(name: 'IPString')
177
177
  ImmunityTimeProperty = Shapes::StructureShape.new(name: 'ImmunityTimeProperty')
178
178
  InspectionLevel = Shapes::StringShape.new(name: 'InspectionLevel')
179
+ JA3Fingerprint = Shapes::StructureShape.new(name: 'JA3Fingerprint')
179
180
  JsonBody = Shapes::StructureShape.new(name: 'JsonBody')
180
181
  JsonMatchPattern = Shapes::StructureShape.new(name: 'JsonMatchPattern')
181
182
  JsonMatchScope = Shapes::StringShape.new(name: 'JsonMatchScope')
@@ -717,6 +718,7 @@ module Aws::WAFV2
717
718
  FieldToMatch.add_member(:headers, Shapes::ShapeRef.new(shape: Headers, location_name: "Headers"))
718
719
  FieldToMatch.add_member(:cookies, Shapes::ShapeRef.new(shape: Cookies, location_name: "Cookies"))
719
720
  FieldToMatch.add_member(:header_order, Shapes::ShapeRef.new(shape: HeaderOrder, location_name: "HeaderOrder"))
721
+ FieldToMatch.add_member(:ja3_fingerprint, Shapes::ShapeRef.new(shape: JA3Fingerprint, location_name: "JA3Fingerprint"))
720
722
  FieldToMatch.struct_class = Types::FieldToMatch
721
723
 
722
724
  Filter.add_member(:behavior, Shapes::ShapeRef.new(shape: FilterBehavior, required: true, location_name: "Behavior"))
@@ -917,6 +919,9 @@ module Aws::WAFV2
917
919
  ImmunityTimeProperty.add_member(:immunity_time, Shapes::ShapeRef.new(shape: TimeWindowSecond, required: true, location_name: "ImmunityTime"))
918
920
  ImmunityTimeProperty.struct_class = Types::ImmunityTimeProperty
919
921
 
922
+ JA3Fingerprint.add_member(:fallback_behavior, Shapes::ShapeRef.new(shape: FallbackBehavior, required: true, location_name: "FallbackBehavior"))
923
+ JA3Fingerprint.struct_class = Types::JA3Fingerprint
924
+
920
925
  JsonBody.add_member(:match_pattern, Shapes::ShapeRef.new(shape: JsonMatchPattern, required: true, location_name: "MatchPattern"))
921
926
  JsonBody.add_member(:match_scope, Shapes::ShapeRef.new(shape: JsonMatchScope, required: true, location_name: "MatchScope"))
922
927
  JsonBody.add_member(:invalid_fallback_behavior, Shapes::ShapeRef.new(shape: BodyParsingFallbackBehavior, location_name: "InvalidFallbackBehavior"))