aws-sdk-wafv2 1.75.0 → 1.77.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: e6c0526bed2397001d1035e8adc2a6ddc5e32e310b2da79e3f1e66adb81de9ba
-  data.tar.gz: ce6837f26875f0ed40fda4effe82f895eb05ed9d5559f35d2d0f68e3ea93bb5a
+  metadata.gz: 3ca25bdbc616a3ad598be11f0cfb8b0069553506813f7731fa40bd85c003a526
+  data.tar.gz: b401bfd6fd24c0934e335472b1a7ba181222549f7edb40a09177a7bed3aaaca6
 SHA512:
-  metadata.gz: e33aec85e5a12ba2088ac3d0bb655392e94f8507f347d5527009ea4df3e3a4b7de8328fe1d9e378d8e0bb9dff1289b7071257a0cb0ab5b1858c71b8f34f3d8d4
-  data.tar.gz: c2e80370d0d3cb02ddbd31d2cbf92c5cbb7bd06185da21160c8e7e63becc44a7c43401d0d2705d317d75894dcac9a51f94a7a434a5e38748943080ff3cf0943a
+  metadata.gz: 6b06a228da5f349710e31a01a5023991048e3d5c5b11d0d5d837343a3009e77efa578a279bd8d24b89c22359bb39cd92100f746477db6dc21161fbd6df64bd56
+  data.tar.gz: 62f93d04f9e389dd76f6d1f10d6d659051bbdd2522c3962dd82b5102e4566443e3344ac8738173aa9dc46162838daefbeb0c54a8afbc565162c29d8dd8abc088

data/CHANGELOG.md

@@ -1,6 +1,16 @@
 Unreleased Changes
 ------------------
 
+1.77.0 (2024-02-28)
+------------------
+
+* Feature - AWS WAF now supports configurable time windows for request aggregation with rate-based rules. Customers can now select time windows of 1 minute, 2 minutes or 10 minutes, in addition to the previously supported 5 minutes.
+
+1.76.0 (2024-02-06)
+------------------
+
+* Feature - You can now delete an API key that you've created for use with your CAPTCHA JavaScript integration API.
+
 1.75.0 (2024-01-26)
 ------------------
 

data/VERSION

@@ -1 +1 @@
-1.75.0
+1.77.0

data/lib/aws-sdk-wafv2/client.rb

@@ -950,6 +950,7 @@ module Aws::WAFV2
     #           },
     #           rate_based_statement: {
     #             limit: 1, # required
+    #             evaluation_window_sec: 1,
     #             aggregate_key_type: "IP", # required, accepts IP, FORWARDED_IP, CUSTOM_KEYS, CONSTANT
     #             scope_down_statement: {
     #               # recursive Statement
@@ -1412,7 +1413,7 @@ module Aws::WAFV2
     #
     #   Example JSON: `"TokenDomains": ["abc.com", "store.abc.com"]`
     #
-    #   Public suffixes aren't allowed. For example, you can't use `usa.gov`
+    #   Public suffixes aren't allowed. For example, you can't use `gov.au`
     #   or `co.uk` as token domains.
     #
     # @return [Types::CreateAPIKeyResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
@@ -2128,6 +2129,7 @@ module Aws::WAFV2
     #           },
     #           rate_based_statement: {
     #             limit: 1, # required
+    #             evaluation_window_sec: 1,
     #             aggregate_key_type: "IP", # required, accepts IP, FORWARDED_IP, CUSTOM_KEYS, CONSTANT
     #             scope_down_statement: {
     #               # recursive Statement
@@ -2671,7 +2673,7 @@ module Aws::WAFV2
     #   Example JSON: `"TokenDomains": \{ "mywebsite.com",
     #   "myotherwebsite.com" \}`
     #
-    #   Public suffixes aren't allowed. For example, you can't use `usa.gov`
+    #   Public suffixes aren't allowed. For example, you can't use `gov.au`
     #   or `co.uk` as token domains.
     #
     # @option params [Types::AssociationConfig] :association_config
@@ -3136,6 +3138,7 @@ module Aws::WAFV2
     #           },
     #           rate_based_statement: {
     #             limit: 1, # required
+    #             evaluation_window_sec: 1,
     #             aggregate_key_type: "IP", # required, accepts IP, FORWARDED_IP, CUSTOM_KEYS, CONSTANT
     #             scope_down_statement: {
     #               # recursive Statement
@@ -3601,6 +3604,47 @@ module Aws::WAFV2
       req.send_request(options)
     end
 
+    # Deletes the specified API key.
+    #
+    # After you delete a key, it can take up to 24 hours for WAF to disallow
+    # use of the key in all regions.
+    #
+    # @option params [required, String] :scope
+    #   Specifies whether this is for an Amazon CloudFront distribution or for
+    #   a regional application. A regional application can be an Application
+    #   Load Balancer (ALB), an Amazon API Gateway REST API, an AppSync
+    #   GraphQL API, an Amazon Cognito user pool, an App Runner service, or an
+    #   Amazon Web Services Verified Access instance.
+    #
+    #   To work with CloudFront, you must also specify the Region US East (N.
+    #   Virginia) as follows:
+    #
+    #   * CLI - Specify the Region when you use the CloudFront scope:
+    #     `--scope=CLOUDFRONT --region=us-east-1`.
+    #
+    #   * API and SDKs - For all calls, use the Region endpoint us-east-1.
+    #
+    # @option params [required, String] :api_key
+    #   The encrypted API key that you want to delete.
+    #
+    # @return [Struct] Returns an empty {Seahorse::Client::Response response}.
+    #
+    # @example Request syntax with placeholder values
+    #
+    #   resp = client.delete_api_key({
+    #     scope: "CLOUDFRONT", # required, accepts CLOUDFRONT, REGIONAL
+    #     api_key: "APIKey", # required
+    #   })
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/DeleteAPIKey AWS API Documentation
+    #
+    # @overload delete_api_key(params = {})
+    # @param [Hash] params ({})
+    def delete_api_key(params = {}, options = {})
+      req = build_request(:delete_api_key, params)
+      req.send_request(options)
+    end
+
     # Deletes all rule groups that are managed by Firewall Manager for the
     # specified web ACL.
     #
@@ -4957,6 +5001,7 @@ module Aws::WAFV2
     #   resp.rule_group.rules[0].statement.regex_pattern_set_reference_statement.text_transformations[0].priority #=> Integer
     #   resp.rule_group.rules[0].statement.regex_pattern_set_reference_statement.text_transformations[0].type #=> String, one of "NONE", "COMPRESS_WHITE_SPACE", "HTML_ENTITY_DECODE", "LOWERCASE", "CMD_LINE", "URL_DECODE", "BASE64_DECODE", "HEX_DECODE", "MD5", "REPLACE_COMMENTS", "ESCAPE_SEQ_DECODE", "SQL_HEX_DECODE", "CSS_DECODE", "JS_DECODE", "NORMALIZE_PATH", "NORMALIZE_PATH_WIN", "REMOVE_NULLS", "REPLACE_NULLS", "BASE64_DECODE_EXT", "URL_DECODE_UNI", "UTF8_TO_UNICODE"
     #   resp.rule_group.rules[0].statement.rate_based_statement.limit #=> Integer
+    #   resp.rule_group.rules[0].statement.rate_based_statement.evaluation_window_sec #=> Integer
     #   resp.rule_group.rules[0].statement.rate_based_statement.aggregate_key_type #=> String, one of "IP", "FORWARDED_IP", "CUSTOM_KEYS", "CONSTANT"
     #   resp.rule_group.rules[0].statement.rate_based_statement.scope_down_statement #=> Types::Statement
     #   resp.rule_group.rules[0].statement.rate_based_statement.forwarded_ip_config.header_name #=> String
@@ -7504,6 +7549,7 @@ module Aws::WAFV2
     #           },
     #           rate_based_statement: {
     #             limit: 1, # required
+    #             evaluation_window_sec: 1,
     #             aggregate_key_type: "IP", # required, accepts IP, FORWARDED_IP, CUSTOM_KEYS, CONSTANT
     #             scope_down_statement: {
     #               # recursive Statement
@@ -8091,7 +8137,7 @@ module Aws::WAFV2
     #   Example JSON: `"TokenDomains": \{ "mywebsite.com",
     #   "myotherwebsite.com" \}`
     #
-    #   Public suffixes aren't allowed. For example, you can't use `usa.gov`
+    #   Public suffixes aren't allowed. For example, you can't use `gov.au`
     #   or `co.uk` as token domains.
     #
     # @option params [Types::AssociationConfig] :association_config
@@ -8557,6 +8603,7 @@ module Aws::WAFV2
     #           },
     #           rate_based_statement: {
     #             limit: 1, # required
+    #             evaluation_window_sec: 1,
     #             aggregate_key_type: "IP", # required, accepts IP, FORWARDED_IP, CUSTOM_KEYS, CONSTANT
     #             scope_down_statement: {
     #               # recursive Statement
@@ -9026,7 +9073,7 @@ module Aws::WAFV2
         params: params,
         config: config)
       context[:gem_name] = 'aws-sdk-wafv2'
-      context[:gem_version] = '1.75.0'
+      context[:gem_version] = '1.77.0'
       Seahorse::Client::Request.new(handlers, context)
     end
 

data/lib/aws-sdk-wafv2/client_api.rb

@@ -79,6 +79,8 @@ module Aws::WAFV2
     CustomResponseBodies = Shapes::MapShape.new(name: 'CustomResponseBodies')
     CustomResponseBody = Shapes::StructureShape.new(name: 'CustomResponseBody')
     DefaultAction = Shapes::StructureShape.new(name: 'DefaultAction')
+    DeleteAPIKeyRequest = Shapes::StructureShape.new(name: 'DeleteAPIKeyRequest')
+    DeleteAPIKeyResponse = Shapes::StructureShape.new(name: 'DeleteAPIKeyResponse')
     DeleteFirewallManagerRuleGroupsRequest = Shapes::StructureShape.new(name: 'DeleteFirewallManagerRuleGroupsRequest')
     DeleteFirewallManagerRuleGroupsResponse = Shapes::StructureShape.new(name: 'DeleteFirewallManagerRuleGroupsResponse')
     DeleteIPSetRequest = Shapes::StructureShape.new(name: 'DeleteIPSetRequest')
@@ -108,6 +110,7 @@ module Aws::WAFV2
     EntityName = Shapes::StringShape.new(name: 'EntityName')
     ErrorMessage = Shapes::StringShape.new(name: 'ErrorMessage')
     ErrorReason = Shapes::StringShape.new(name: 'ErrorReason')
+    EvaluationWindowSec = Shapes::IntegerShape.new(name: 'EvaluationWindowSec')
     ExcludedRule = Shapes::StructureShape.new(name: 'ExcludedRule')
     ExcludedRules = Shapes::ListShape.new(name: 'ExcludedRules')
     FailureCode = Shapes::IntegerShape.new(name: 'FailureCode')
@@ -617,6 +620,12 @@ module Aws::WAFV2
     DefaultAction.add_member(:allow, Shapes::ShapeRef.new(shape: AllowAction, location_name: "Allow"))
     DefaultAction.struct_class = Types::DefaultAction
 
+    DeleteAPIKeyRequest.add_member(:scope, Shapes::ShapeRef.new(shape: Scope, required: true, location_name: "Scope"))
+    DeleteAPIKeyRequest.add_member(:api_key, Shapes::ShapeRef.new(shape: APIKey, required: true, location_name: "APIKey"))
+    DeleteAPIKeyRequest.struct_class = Types::DeleteAPIKeyRequest
+
+    DeleteAPIKeyResponse.struct_class = Types::DeleteAPIKeyResponse
+
     DeleteFirewallManagerRuleGroupsRequest.add_member(:web_acl_arn, Shapes::ShapeRef.new(shape: ResourceArn, required: true, location_name: "WebACLArn"))
     DeleteFirewallManagerRuleGroupsRequest.add_member(:web_acl_lock_token, Shapes::ShapeRef.new(shape: LockToken, required: true, location_name: "WebACLLockToken"))
     DeleteFirewallManagerRuleGroupsRequest.struct_class = Types::DeleteFirewallManagerRuleGroupsRequest
@@ -1207,6 +1216,7 @@ module Aws::WAFV2
     QueryString.struct_class = Types::QueryString
 
     RateBasedStatement.add_member(:limit, Shapes::ShapeRef.new(shape: RateLimit, required: true, location_name: "Limit"))
+    RateBasedStatement.add_member(:evaluation_window_sec, Shapes::ShapeRef.new(shape: EvaluationWindowSec, location_name: "EvaluationWindowSec"))
     RateBasedStatement.add_member(:aggregate_key_type, Shapes::ShapeRef.new(shape: RateBasedStatementAggregateKeyType, required: true, location_name: "AggregateKeyType"))
     RateBasedStatement.add_member(:scope_down_statement, Shapes::ShapeRef.new(shape: Statement, location_name: "ScopeDownStatement"))
     RateBasedStatement.add_member(:forwarded_ip_config, Shapes::ShapeRef.new(shape: ForwardedIPConfig, location_name: "ForwardedIPConfig"))
@@ -1812,6 +1822,19 @@ module Aws::WAFV2
         o.errors << Shapes::ShapeRef.new(shape: WAFExpiredManagedRuleGroupVersionException)
       end)
 
+      api.add_operation(:delete_api_key, Seahorse::Model::Operation.new.tap do |o|
+        o.name = "DeleteAPIKey"
+        o.http_method = "POST"
+        o.http_request_uri = "/"
+        o.input = Shapes::ShapeRef.new(shape: DeleteAPIKeyRequest)
+        o.output = Shapes::ShapeRef.new(shape: DeleteAPIKeyResponse)
+        o.errors << Shapes::ShapeRef.new(shape: WAFInternalErrorException)
+        o.errors << Shapes::ShapeRef.new(shape: WAFNonexistentItemException)
+        o.errors << Shapes::ShapeRef.new(shape: WAFOptimisticLockException)
+        o.errors << Shapes::ShapeRef.new(shape: WAFInvalidParameterException)
+        o.errors << Shapes::ShapeRef.new(shape: WAFInvalidOperationException)
+      end)
+
       api.add_operation(:delete_firewall_manager_rule_groups, Seahorse::Model::Operation.new.tap do |o|
         o.name = "DeleteFirewallManagerRuleGroups"
         o.http_method = "POST"

data/lib/aws-sdk-wafv2/endpoints.rb

@@ -110,6 +110,20 @@ module Aws::WAFV2
       end
     end
 
+    class DeleteAPIKey
+      def self.build(context)
+        unless context.config.regional_endpoint
+          endpoint = context.config.endpoint.to_s
+        end
+        Aws::WAFV2::EndpointParameters.new(
+          region: context.config.region,
+          use_dual_stack: context.config.use_dualstack_endpoint,
+          use_fips: context.config.use_fips_endpoint,
+          endpoint: endpoint,
+        )
+      end
+    end
+
     class DeleteFirewallManagerRuleGroups
       def self.build(context)
         unless context.config.regional_endpoint

data/lib/aws-sdk-wafv2/plugins/endpoints.rb

@@ -72,6 +72,8 @@ module Aws::WAFV2
             Aws::WAFV2::Endpoints::CreateRuleGroup.build(context)
           when :create_web_acl
             Aws::WAFV2::Endpoints::CreateWebACL.build(context)
+          when :delete_api_key
+            Aws::WAFV2::Endpoints::DeleteAPIKey.build(context)
           when :delete_firewall_manager_rule_groups
             Aws::WAFV2::Endpoints::DeleteFirewallManagerRuleGroups.build(context)
           when :delete_ip_set

data/lib/aws-sdk-wafv2/types.rb

@@ -1065,7 +1065,7 @@ module Aws::WAFV2
     #   Example JSON: `"TokenDomains": ["abc.com", "store.abc.com"]`
     #
     #   Public suffixes aren't allowed. For example, you can't use
-    #   `usa.gov` or `co.uk` as token domains.
+    #   `gov.au` or `co.uk` as token domains.
     #   @return [Array<String>]
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/CreateAPIKeyRequest AWS API Documentation
@@ -1462,7 +1462,7 @@ module Aws::WAFV2
     #   "myotherwebsite.com" \}`
     #
     #   Public suffixes aren't allowed. For example, you can't use
-    #   `usa.gov` or `co.uk` as token domains.
+    #   `gov.au` or `co.uk` as token domains.
     #   @return [Array<String>]
     #
     # @!attribute [rw] association_config
@@ -1690,6 +1690,39 @@ module Aws::WAFV2
       include Aws::Structure
     end
 
+    # @!attribute [rw] scope
+    #   Specifies whether this is for an Amazon CloudFront distribution or
+    #   for a regional application. A regional application can be an
+    #   Application Load Balancer (ALB), an Amazon API Gateway REST API, an
+    #   AppSync GraphQL API, an Amazon Cognito user pool, an App Runner
+    #   service, or an Amazon Web Services Verified Access instance.
+    #
+    #   To work with CloudFront, you must also specify the Region US East
+    #   (N. Virginia) as follows:
+    #
+    #   * CLI - Specify the Region when you use the CloudFront scope:
+    #     `--scope=CLOUDFRONT --region=us-east-1`.
+    #
+    #   * API and SDKs - For all calls, use the Region endpoint us-east-1.
+    #   @return [String]
+    #
+    # @!attribute [rw] api_key
+    #   The encrypted API key that you want to delete.
+    #   @return [String]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/DeleteAPIKeyRequest AWS API Documentation
+    #
+    class DeleteAPIKeyRequest < Struct.new(
+      :scope,
+      :api_key)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
+    # @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/DeleteAPIKeyResponse AWS API Documentation
+    #
+    class DeleteAPIKeyResponse < Aws::EmptyStructure; end
+
     # @!attribute [rw] web_acl_arn
     #   The Amazon Resource Name (ARN) of the web ACL.
     #   @return [String]
@@ -6128,6 +6161,20 @@ module Aws::WAFV2
     #     method, city pair.
     #   @return [Integer]
     #
+    # @!attribute [rw] evaluation_window_sec
+    #   The amount of time, in seconds, that WAF should include in its
+    #   request counts, looking back from the current time. For example, for
+    #   a setting of 120, when WAF checks the rate, it counts the requests
+    #   for the 2 minutes immediately preceding the current time. Valid
+    #   settings are 60, 120, 300, and 600.
+    #
+    #   This setting doesn't determine how often WAF checks the rate, but
+    #   how far back it looks each time it checks. WAF checks the rate about
+    #   every 10 seconds.
+    #
+    #   Default: `300` (5 minutes)
+    #   @return [Integer]
+    #
     # @!attribute [rw] aggregate_key_type
     #   Setting that indicates how to aggregate the request counts.
     #
@@ -6207,6 +6254,7 @@ module Aws::WAFV2
     #
     class RateBasedStatement < Struct.new(
       :limit,
+      :evaluation_window_sec,
       :aggregate_key_type,
       :scope_down_statement,
       :forwarded_ip_config,
@@ -8959,7 +9007,7 @@ module Aws::WAFV2
     #   "myotherwebsite.com" \}`
     #
     #   Public suffixes aren't allowed. For example, you can't use
-    #   `usa.gov` or `co.uk` as token domains.
+    #   `gov.au` or `co.uk` as token domains.
     #   @return [Array<String>]
     #
     # @!attribute [rw] association_config

data/lib/aws-sdk-wafv2.rb

@@ -52,6 +52,6 @@ require_relative 'aws-sdk-wafv2/customizations'
 # @!group service
 module Aws::WAFV2
 
-  GEM_VERSION = '1.75.0'
+  GEM_VERSION = '1.77.0'
 
 end

data/sig/client.rbs

@@ -500,6 +500,7 @@ module Aws
                                   }?,
                                   rate_based_statement: {
                                     limit: ::Integer,
+                                    evaluation_window_sec: ::Integer?,
                                     aggregate_key_type: ("IP" | "FORWARDED_IP" | "CUSTOM_KEYS" | "CONSTANT"),
                                     scope_down_statement: untyped?,
                                     forwarded_ip_config: {
@@ -1378,6 +1379,7 @@ module Aws
                                      }?,
                                      rate_based_statement: {
                                        limit: ::Integer,
+                                       evaluation_window_sec: ::Integer?,
                                        aggregate_key_type: ("IP" | "FORWARDED_IP" | "CUSTOM_KEYS" | "CONSTANT"),
                                        scope_down_statement: untyped?,
                                        forwarded_ip_config: {
@@ -2240,6 +2242,7 @@ module Aws
                                   }?,
                                   rate_based_statement: {
                                     limit: ::Integer,
+                                    evaluation_window_sec: ::Integer?,
                                     aggregate_key_type: ("IP" | "FORWARDED_IP" | "CUSTOM_KEYS" | "CONSTANT"),
                                     scope_down_statement: untyped?,
                                     forwarded_ip_config: {
@@ -2675,6 +2678,16 @@ module Aws
                           ) -> _CreateWebACLResponseSuccess
                         | (Hash[Symbol, untyped] params, ?Hash[Symbol, untyped] options) -> _CreateWebACLResponseSuccess
 
+      interface _DeleteAPIKeyResponseSuccess
+        include ::Seahorse::Client::_ResponseSuccess[Types::DeleteAPIKeyResponse]
+      end
+      # https://docs.aws.amazon.com/sdk-for-ruby/v3/api/Aws/WAFV2/Client.html#delete_api_key-instance_method
+      def delete_api_key: (
+                            scope: ("CLOUDFRONT" | "REGIONAL"),
+                            api_key: ::String
+                          ) -> _DeleteAPIKeyResponseSuccess
+                        | (Hash[Symbol, untyped] params, ?Hash[Symbol, untyped] options) -> _DeleteAPIKeyResponseSuccess
+
       interface _DeleteFirewallManagerRuleGroupsResponseSuccess
         include ::Seahorse::Client::_ResponseSuccess[Types::DeleteFirewallManagerRuleGroupsResponse]
         def next_web_acl_lock_token: () -> ::String
@@ -3738,6 +3751,7 @@ module Aws
                                      }?,
                                      rate_based_statement: {
                                        limit: ::Integer,
+                                       evaluation_window_sec: ::Integer?,
                                        aggregate_key_type: ("IP" | "FORWARDED_IP" | "CUSTOM_KEYS" | "CONSTANT"),
                                        scope_down_statement: untyped?,
                                        forwarded_ip_config: {
@@ -4596,6 +4610,7 @@ module Aws
                                   }?,
                                   rate_based_statement: {
                                     limit: ::Integer,
+                                    evaluation_window_sec: ::Integer?,
                                     aggregate_key_type: ("IP" | "FORWARDED_IP" | "CUSTOM_KEYS" | "CONSTANT"),
                                     scope_down_statement: untyped?,
                                     forwarded_ip_config: {

data/sig/types.rbs

@@ -275,6 +275,15 @@ module Aws::WAFV2
       SENSITIVE: []
     end
 
+    class DeleteAPIKeyRequest
+      attr_accessor scope: ("CLOUDFRONT" | "REGIONAL")
+      attr_accessor api_key: ::String
+      SENSITIVE: []
+    end
+
+    class DeleteAPIKeyResponse < Aws::EmptyStructure
+    end
+
     class DeleteFirewallManagerRuleGroupsRequest
       attr_accessor web_acl_arn: ::String
       attr_accessor web_acl_lock_token: ::String
@@ -1060,6 +1069,7 @@ module Aws::WAFV2
 
     class RateBasedStatement
       attr_accessor limit: ::Integer
+      attr_accessor evaluation_window_sec: ::Integer
       attr_accessor aggregate_key_type: ("IP" | "FORWARDED_IP" | "CUSTOM_KEYS" | "CONSTANT")
       attr_accessor scope_down_statement: Types::Statement
       attr_accessor forwarded_ip_config: Types::ForwardedIPConfig

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: aws-sdk-wafv2
 version: !ruby/object:Gem::Version
-  version: 1.75.0
+  version: 1.77.0
 platform: ruby
 authors:
 - Amazon Web Services
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2024-01-26 00:00:00.000000000 Z
+date: 2024-02-28 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: aws-sdk-core