aws-sdk-wafv2 1.76.0 → 1.78.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 58aab4cae5a9a4c8ae7201eb885b84f12a345db0b09d83112552d6a65b44f3ad
-  data.tar.gz: 84d0468c41f15343de45e232455f1bff31b67827664a7478fcd333fce795da61
+  metadata.gz: e8bf795fa4c93cbb5310aaf9daf187ec4f0fdead19edd0be36f31b0d16c222c1
+  data.tar.gz: 70f1d02ed01de29eb95fe70b7118dd5b377b407d5a2694714629b95042378001
 SHA512:
-  metadata.gz: a2f660d0b4ff4a2aa8a31f773701140ba653c13caa92b81cc284dc62c42a5ef747705f159abed8661fcac1c3e9659b28c75cf24ac323e0503b788b9d6750b37b
-  data.tar.gz: fbb743e861e90cafbf28efcb6e343a859e15ba8c22c9ef7763d5a40ae2c65ee975037d54a6f770ce85da904cda8bf2c88821abf3cf38f317afddbaaa4a45db01
+  metadata.gz: 61596cc89b387893e056787d09ce444f2ca9594ed5dc619521892dc1b8113ad10f83c3a9b42145e92cc5e911fde56c4a90e4df25df6b194bc1fcfee724db65ab
+  data.tar.gz: f3a2dc8fe9b6ef5b91007170af2bd2d49ed2ca380ce8453559ab75b22af907c11c4043c502f75a77b5ae29e85b52a2da8ddfb1cf7684caf376659bcd53c01030

data/CHANGELOG.md

@@ -1,6 +1,16 @@
 Unreleased Changes
 ------------------
 
+1.78.0 (2024-03-07)
+------------------
+
+* Feature - You can increase the max request body inspection size for some regional resources. The size setting is in the web ACL association config. Also, the AWSManagedRulesBotControlRuleSet EnableMachineLearning setting now takes a Boolean instead of a primitive boolean type, for languages like Java.
+
+1.77.0 (2024-02-28)
+------------------
+
+* Feature - AWS WAF now supports configurable time windows for request aggregation with rate-based rules. Customers can now select time windows of 1 minute, 2 minutes or 10 minutes, in addition to the previously supported 5 minutes.
+
 1.76.0 (2024-02-06)
 ------------------
 

data/VERSION

@@ -1 +1 @@
-1.76.0
+1.78.0

data/lib/aws-sdk-wafv2/client.rb

@@ -950,6 +950,7 @@ module Aws::WAFV2
     #           },
     #           rate_based_statement: {
     #             limit: 1, # required
+    #             evaluation_window_sec: 1,
     #             aggregate_key_type: "IP", # required, accepts IP, FORWARDED_IP, CUSTOM_KEYS, CONSTANT
     #             scope_down_statement: {
     #               # recursive Statement
@@ -2128,6 +2129,7 @@ module Aws::WAFV2
     #           },
     #           rate_based_statement: {
     #             limit: 1, # required
+    #             evaluation_window_sec: 1,
     #             aggregate_key_type: "IP", # required, accepts IP, FORWARDED_IP, CUSTOM_KEYS, CONSTANT
     #             scope_down_statement: {
     #               # recursive Statement
@@ -2679,8 +2681,10 @@ module Aws::WAFV2
     #   ACL and protected resources.
     #
     #   Use this to customize the maximum size of the request body that your
-    #   protected CloudFront distributions forward to WAF for inspection. The
-    #   default is 16 KB (16,384 bytes).
+    #   protected resources forward to WAF for inspection. You can customize
+    #   this setting for CloudFront, API Gateway, Amazon Cognito, App Runner,
+    #   or Verified Access resources. The default setting is 16 KB (16,384
+    #   bytes).
     #
     #   <note markdown="1"> You are charged additional fees when your protected resources forward
     #   body sizes that are larger than the default. For more information, see
@@ -2688,6 +2692,9 @@ module Aws::WAFV2
     #
     #    </note>
     #
+    #   For Application Load Balancer and AppSync, the limit is fixed at 8 KB
+    #   (8,192 bytes).
+    #
     #
     #
     #   [1]: http://aws.amazon.com/waf/pricing/
@@ -3136,6 +3143,7 @@ module Aws::WAFV2
     #           },
     #           rate_based_statement: {
     #             limit: 1, # required
+    #             evaluation_window_sec: 1,
     #             aggregate_key_type: "IP", # required, accepts IP, FORWARDED_IP, CUSTOM_KEYS, CONSTANT
     #             scope_down_statement: {
     #               # recursive Statement
@@ -4998,6 +5006,7 @@ module Aws::WAFV2
     #   resp.rule_group.rules[0].statement.regex_pattern_set_reference_statement.text_transformations[0].priority #=> Integer
     #   resp.rule_group.rules[0].statement.regex_pattern_set_reference_statement.text_transformations[0].type #=> String, one of "NONE", "COMPRESS_WHITE_SPACE", "HTML_ENTITY_DECODE", "LOWERCASE", "CMD_LINE", "URL_DECODE", "BASE64_DECODE", "HEX_DECODE", "MD5", "REPLACE_COMMENTS", "ESCAPE_SEQ_DECODE", "SQL_HEX_DECODE", "CSS_DECODE", "JS_DECODE", "NORMALIZE_PATH", "NORMALIZE_PATH_WIN", "REMOVE_NULLS", "REPLACE_NULLS", "BASE64_DECODE_EXT", "URL_DECODE_UNI", "UTF8_TO_UNICODE"
     #   resp.rule_group.rules[0].statement.rate_based_statement.limit #=> Integer
+    #   resp.rule_group.rules[0].statement.rate_based_statement.evaluation_window_sec #=> Integer
     #   resp.rule_group.rules[0].statement.rate_based_statement.aggregate_key_type #=> String, one of "IP", "FORWARDED_IP", "CUSTOM_KEYS", "CONSTANT"
     #   resp.rule_group.rules[0].statement.rate_based_statement.scope_down_statement #=> Types::Statement
     #   resp.rule_group.rules[0].statement.rate_based_statement.forwarded_ip_config.header_name #=> String
@@ -7545,6 +7554,7 @@ module Aws::WAFV2
     #           },
     #           rate_based_statement: {
     #             limit: 1, # required
+    #             evaluation_window_sec: 1,
     #             aggregate_key_type: "IP", # required, accepts IP, FORWARDED_IP, CUSTOM_KEYS, CONSTANT
     #             scope_down_statement: {
     #               # recursive Statement
@@ -8140,8 +8150,10 @@ module Aws::WAFV2
     #   ACL and protected resources.
     #
     #   Use this to customize the maximum size of the request body that your
-    #   protected CloudFront distributions forward to WAF for inspection. The
-    #   default is 16 KB (16,384 bytes).
+    #   protected resources forward to WAF for inspection. You can customize
+    #   this setting for CloudFront, API Gateway, Amazon Cognito, App Runner,
+    #   or Verified Access resources. The default setting is 16 KB (16,384
+    #   bytes).
     #
     #   <note markdown="1"> You are charged additional fees when your protected resources forward
     #   body sizes that are larger than the default. For more information, see
@@ -8149,6 +8161,9 @@ module Aws::WAFV2
     #
     #    </note>
     #
+    #   For Application Load Balancer and AppSync, the limit is fixed at 8 KB
+    #   (8,192 bytes).
+    #
     #
     #
     #   [1]: http://aws.amazon.com/waf/pricing/
@@ -8598,6 +8613,7 @@ module Aws::WAFV2
     #           },
     #           rate_based_statement: {
     #             limit: 1, # required
+    #             evaluation_window_sec: 1,
     #             aggregate_key_type: "IP", # required, accepts IP, FORWARDED_IP, CUSTOM_KEYS, CONSTANT
     #             scope_down_statement: {
     #               # recursive Statement
@@ -9067,7 +9083,7 @@ module Aws::WAFV2
         params: params,
         config: config)
       context[:gem_name] = 'aws-sdk-wafv2'
-      context[:gem_version] = '1.76.0'
+      context[:gem_version] = '1.78.0'
       Seahorse::Client::Request.new(handlers, context)
     end
 

data/lib/aws-sdk-wafv2/client_api.rb

@@ -105,11 +105,13 @@ module Aws::WAFV2
     DisassociateWebACLResponse = Shapes::StructureShape.new(name: 'DisassociateWebACLResponse')
     DownloadUrl = Shapes::StringShape.new(name: 'DownloadUrl')
     EmailField = Shapes::StructureShape.new(name: 'EmailField')
+    EnableMachineLearning = Shapes::BooleanShape.new(name: 'EnableMachineLearning')
     EntityDescription = Shapes::StringShape.new(name: 'EntityDescription')
     EntityId = Shapes::StringShape.new(name: 'EntityId')
     EntityName = Shapes::StringShape.new(name: 'EntityName')
     ErrorMessage = Shapes::StringShape.new(name: 'ErrorMessage')
     ErrorReason = Shapes::StringShape.new(name: 'ErrorReason')
+    EvaluationWindowSec = Shapes::IntegerShape.new(name: 'EvaluationWindowSec')
     ExcludedRule = Shapes::StructureShape.new(name: 'ExcludedRule')
     ExcludedRules = Shapes::ListShape.new(name: 'ExcludedRules')
     FailureCode = Shapes::IntegerShape.new(name: 'FailureCode')
@@ -350,6 +352,7 @@ module Aws::WAFV2
     SizeConstraintStatement = Shapes::StructureShape.new(name: 'SizeConstraintStatement')
     SizeInspectionLimit = Shapes::StringShape.new(name: 'SizeInspectionLimit')
     SolveTimestamp = Shapes::IntegerShape.new(name: 'SolveTimestamp')
+    SourceType = Shapes::StringShape.new(name: 'SourceType')
     SqliMatchStatement = Shapes::StructureShape.new(name: 'SqliMatchStatement')
     Statement = Shapes::StructureShape.new(name: 'Statement')
     Statements = Shapes::ListShape.new(name: 'Statements')
@@ -442,7 +445,7 @@ module Aws::WAFV2
     AWSManagedRulesATPRuleSet.struct_class = Types::AWSManagedRulesATPRuleSet
 
     AWSManagedRulesBotControlRuleSet.add_member(:inspection_level, Shapes::ShapeRef.new(shape: InspectionLevel, required: true, location_name: "InspectionLevel"))
-    AWSManagedRulesBotControlRuleSet.add_member(:enable_machine_learning, Shapes::ShapeRef.new(shape: Boolean, location_name: "EnableMachineLearning"))
+    AWSManagedRulesBotControlRuleSet.add_member(:enable_machine_learning, Shapes::ShapeRef.new(shape: EnableMachineLearning, location_name: "EnableMachineLearning"))
     AWSManagedRulesBotControlRuleSet.struct_class = Types::AWSManagedRulesBotControlRuleSet
 
     ActionCondition.add_member(:action, Shapes::ShapeRef.new(shape: ActionValue, required: true, location_name: "Action"))
@@ -1215,6 +1218,7 @@ module Aws::WAFV2
     QueryString.struct_class = Types::QueryString
 
     RateBasedStatement.add_member(:limit, Shapes::ShapeRef.new(shape: RateLimit, required: true, location_name: "Limit"))
+    RateBasedStatement.add_member(:evaluation_window_sec, Shapes::ShapeRef.new(shape: EvaluationWindowSec, location_name: "EvaluationWindowSec"))
     RateBasedStatement.add_member(:aggregate_key_type, Shapes::ShapeRef.new(shape: RateBasedStatementAggregateKeyType, required: true, location_name: "AggregateKeyType"))
     RateBasedStatement.add_member(:scope_down_statement, Shapes::ShapeRef.new(shape: Statement, location_name: "ScopeDownStatement"))
     RateBasedStatement.add_member(:forwarded_ip_config, Shapes::ShapeRef.new(shape: ForwardedIPConfig, location_name: "ForwardedIPConfig"))
@@ -1625,6 +1629,7 @@ module Aws::WAFV2
     WAFInvalidResourceException.struct_class = Types::WAFInvalidResourceException
 
     WAFLimitsExceededException.add_member(:message, Shapes::ShapeRef.new(shape: ErrorMessage, location_name: "Message"))
+    WAFLimitsExceededException.add_member(:source_type, Shapes::ShapeRef.new(shape: SourceType, location_name: "SourceType"))
     WAFLimitsExceededException.struct_class = Types::WAFLimitsExceededException
 
     WAFLogDestinationPermissionIssueException.add_member(:message, Shapes::ShapeRef.new(shape: ErrorMessage, location_name: "Message"))
@@ -1942,6 +1947,7 @@ module Aws::WAFV2
         o.output = Shapes::ShapeRef.new(shape: DescribeAllManagedProductsResponse)
         o.errors << Shapes::ShapeRef.new(shape: WAFInvalidOperationException)
         o.errors << Shapes::ShapeRef.new(shape: WAFInternalErrorException)
+        o.errors << Shapes::ShapeRef.new(shape: WAFInvalidParameterException)
       end)
 
       api.add_operation(:describe_managed_products_by_vendor, Seahorse::Model::Operation.new.tap do |o|
@@ -2000,6 +2006,7 @@ module Aws::WAFV2
         o.input = Shapes::ShapeRef.new(shape: GetDecryptedAPIKeyRequest)
         o.output = Shapes::ShapeRef.new(shape: GetDecryptedAPIKeyResponse)
         o.errors << Shapes::ShapeRef.new(shape: WAFInternalErrorException)
+        o.errors << Shapes::ShapeRef.new(shape: WAFNonexistentItemException)
         o.errors << Shapes::ShapeRef.new(shape: WAFInvalidParameterException)
         o.errors << Shapes::ShapeRef.new(shape: WAFInvalidOperationException)
         o.errors << Shapes::ShapeRef.new(shape: WAFInvalidResourceException)

data/lib/aws-sdk-wafv2/errors.rb

@@ -216,6 +216,11 @@ module Aws::WAFV2
       def message
         @message || @data[:message]
       end
+
+      # @return [String]
+      def source_type
+        @data[:source_type]
+      end
     end
 
     class WAFLogDestinationPermissionIssueException < ServiceError

data/lib/aws-sdk-wafv2/types.rb

@@ -413,8 +413,10 @@ module Aws::WAFV2
     # ACL and protected resources.
     #
     # Use this to customize the maximum size of the request body that your
-    # protected CloudFront distributions forward to WAF for inspection. The
-    # default is 16 KB (16,384 bytes).
+    # protected resources forward to WAF for inspection. You can customize
+    # this setting for CloudFront, API Gateway, Amazon Cognito, App Runner,
+    # or Verified Access resources. The default setting is 16 KB (16,384
+    # bytes).
     #
     # <note markdown="1"> You are charged additional fees when your protected resources forward
     # body sizes that are larger than the default. For more information, see
@@ -422,14 +424,19 @@ module Aws::WAFV2
     #
     #  </note>
     #
+    # For Application Load Balancer and AppSync, the limit is fixed at 8 KB
+    # (8,192 bytes).
+    #
     #
     #
     # [1]: http://aws.amazon.com/waf/pricing/
     #
     # @!attribute [rw] request_body
     #   Customizes the maximum size of the request body that your protected
-    #   CloudFront distributions forward to WAF for inspection. The default
-    #   size is 16 KB (16,384 bytes).
+    #   CloudFront, API Gateway, Amazon Cognito, App Runner, and Verified
+    #   Access resources forward to WAF for inspection. The default size is
+    #   16 KB (16,384 bytes). You can change the setting for any of the
+    #   available resource types.
     #
     #   <note markdown="1"> You are charged additional fees when your protected resources
     #   forward body sizes that are larger than the default. For more
@@ -437,6 +444,12 @@ module Aws::WAFV2
     #
     #    </note>
     #
+    #   Example JSON: ` \{ "API_GATEWAY": "KB_48", "APP_RUNNER_SERVICE":
+    #   "KB_32" \}`
+    #
+    #   For Application Load Balancer and AppSync, the limit is fixed at 8
+    #   KB (8,192 bytes).
+    #
     #
     #
     #   [1]: http://aws.amazon.com/waf/pricing/
@@ -483,17 +496,21 @@ module Aws::WAFV2
     # FieldToMatch specification.
     #
     # @!attribute [rw] oversize_handling
-    #   What WAF should do if the body is larger than WAF can inspect. WAF
-    #   does not support inspecting the entire contents of the web request
-    #   body if the body exceeds the limit for the resource type. If the
-    #   body is larger than the limit, the underlying host service only
-    #   forwards the contents that are below the limit to WAF for
-    #   inspection.
-    #
-    #   The default limit is 8 KB (8,192 bytes) for regional resources and
-    #   16 KB (16,384 bytes) for CloudFront distributions. For CloudFront
-    #   distributions, you can increase the limit in the web ACL
-    #   `AssociationConfig`, for additional processing fees.
+    #   What WAF should do if the body is larger than WAF can inspect.
+    #
+    #   WAF does not support inspecting the entire contents of the web
+    #   request body if the body exceeds the limit for the resource type.
+    #   When a web request body is larger than the limit, the underlying
+    #   host service only forwards the contents that are within the limit to
+    #   WAF for inspection.
+    #
+    #   * For Application Load Balancer and AppSync, the limit is fixed at 8
+    #     KB (8,192 bytes).
+    #
+    #   * For CloudFront, API Gateway, Amazon Cognito, App Runner, and
+    #     Verified Access, the default limit is 16 KB (16,384 bytes), and
+    #     you can increase the limit for each resource type in the web ACL
+    #     `AssociationConfig`, for additional processing fees.
     #
     #   The options for oversize handling are the following:
     #
@@ -1470,8 +1487,10 @@ module Aws::WAFV2
     #   ACL and protected resources.
     #
     #   Use this to customize the maximum size of the request body that your
-    #   protected CloudFront distributions forward to WAF for inspection.
-    #   The default is 16 KB (16,384 bytes).
+    #   protected resources forward to WAF for inspection. You can customize
+    #   this setting for CloudFront, API Gateway, Amazon Cognito, App
+    #   Runner, or Verified Access resources. The default setting is 16 KB
+    #   (16,384 bytes).
     #
     #   <note markdown="1"> You are charged additional fees when your protected resources
     #   forward body sizes that are larger than the default. For more
@@ -1479,6 +1498,9 @@ module Aws::WAFV2
     #
     #    </note>
     #
+    #   For Application Load Balancer and AppSync, the limit is fixed at 8
+    #   KB (8,192 bytes).
+    #
     #
     #
     #   [1]: http://aws.amazon.com/waf/pricing/
@@ -2325,20 +2347,37 @@ module Aws::WAFV2
       include Aws::Structure
     end
 
-    # The part of the web request that you want WAF to inspect. Include the
-    # single `FieldToMatch` type that you want to inspect, with additional
-    # specifications as needed, according to the type. You specify a single
-    # request component in `FieldToMatch` for each rule statement that
-    # requires it. To inspect more than one component of the web request,
-    # create a separate rule statement for each component.
+    # Specifies a web request component to be used in a rule match statement
+    # or in a logging configuration.
+    #
+    # * In a rule statement, this is the part of the web request that you
+    #   want WAF to inspect. Include the single `FieldToMatch` type that you
+    #   want to inspect, with additional specifications as needed, according
+    #   to the type. You specify a single request component in
+    #   `FieldToMatch` for each rule statement that requires it. To inspect
+    #   more than one component of the web request, create a separate rule
+    #   statement for each component.
+    #
+    #   Example JSON for a `QueryString` field to match:
     #
-    # Example JSON for a `QueryString` field to match:
+    #   ` "FieldToMatch": \{ "QueryString": \{\} \}`
     #
-    # ` "FieldToMatch": \{ "QueryString": \{\} \}`
+    #   Example JSON for a `Method` field to match specification:
     #
-    # Example JSON for a `Method` field to match specification:
+    #   ` "FieldToMatch": \{ "Method": \{ "Name": "DELETE" \} \}`
     #
-    # ` "FieldToMatch": \{ "Method": \{ "Name": "DELETE" \} \}`
+    # * In a logging configuration, this is used in the `RedactedFields`
+    #   property to specify a field to redact from the logging records. For
+    #   this use case, note the following:
+    #
+    #   * Even though all `FieldToMatch` settings are available, the only
+    #     valid settings for field redaction are `UriPath`, `QueryString`,
+    #     `SingleHeader`, and `Method`.
+    #
+    #   * In this documentation, the descriptions of the individual fields
+    #     talk about specifying the web request component to inspect, but
+    #     for field redaction, you are specifying the component type to
+    #     redact from the logs.
     #
     # @!attribute [rw] single_header
     #   Inspect a single header. Provide the name of the header to inspect,
@@ -2379,12 +2418,19 @@ module Aws::WAFV2
     #   contains any additional data that you want to send to your web
     #   server as the HTTP request body, such as data from a form.
     #
-    #   A limited amount of the request body is forwarded to WAF for
-    #   inspection by the underlying host service. For regional resources,
-    #   the limit is 8 KB (8,192 bytes) and for CloudFront distributions,
-    #   the limit is 16 KB (16,384 bytes). For CloudFront distributions, you
-    #   can increase the limit in the web ACL's `AssociationConfig`, for
-    #   additional processing fees.
+    #   WAF does not support inspecting the entire contents of the web
+    #   request body if the body exceeds the limit for the resource type.
+    #   When a web request body is larger than the limit, the underlying
+    #   host service only forwards the contents that are within the limit to
+    #   WAF for inspection.
+    #
+    #   * For Application Load Balancer and AppSync, the limit is fixed at 8
+    #     KB (8,192 bytes).
+    #
+    #   * For CloudFront, API Gateway, Amazon Cognito, App Runner, and
+    #     Verified Access, the default limit is 16 KB (16,384 bytes), and
+    #     you can increase the limit for each resource type in the web ACL
+    #     `AssociationConfig`, for additional processing fees.
     #
     #   For information about how to handle oversized request bodies, see
     #   the `Body` object configuration.
@@ -2401,12 +2447,19 @@ module Aws::WAFV2
     #   contains any additional data that you want to send to your web
     #   server as the HTTP request body, such as data from a form.
     #
-    #   A limited amount of the request body is forwarded to WAF for
-    #   inspection by the underlying host service. For regional resources,
-    #   the limit is 8 KB (8,192 bytes) and for CloudFront distributions,
-    #   the limit is 16 KB (16,384 bytes). For CloudFront distributions, you
-    #   can increase the limit in the web ACL's `AssociationConfig`, for
-    #   additional processing fees.
+    #   WAF does not support inspecting the entire contents of the web
+    #   request body if the body exceeds the limit for the resource type.
+    #   When a web request body is larger than the limit, the underlying
+    #   host service only forwards the contents that are within the limit to
+    #   WAF for inspection.
+    #
+    #   * For Application Load Balancer and AppSync, the limit is fixed at 8
+    #     KB (8,192 bytes).
+    #
+    #   * For CloudFront, API Gateway, Amazon Cognito, App Runner, and
+    #     Verified Access, the default limit is 16 KB (16,384 bytes), and
+    #     you can increase the limit for each resource type in the web ACL
+    #     `AssociationConfig`, for additional processing fees.
     #
     #   For information about how to handle oversized request bodies, see
     #   the `JsonBody` object configuration.
@@ -4017,17 +4070,21 @@ module Aws::WAFV2
     #   @return [String]
     #
     # @!attribute [rw] oversize_handling
-    #   What WAF should do if the body is larger than WAF can inspect. WAF
-    #   does not support inspecting the entire contents of the web request
-    #   body if the body exceeds the limit for the resource type. If the
-    #   body is larger than the limit, the underlying host service only
-    #   forwards the contents that are below the limit to WAF for
-    #   inspection.
-    #
-    #   The default limit is 8 KB (8,192 bytes) for regional resources and
-    #   16 KB (16,384 bytes) for CloudFront distributions. For CloudFront
-    #   distributions, you can increase the limit in the web ACL
-    #   `AssociationConfig`, for additional processing fees.
+    #   What WAF should do if the body is larger than WAF can inspect.
+    #
+    #   WAF does not support inspecting the entire contents of the web
+    #   request body if the body exceeds the limit for the resource type.
+    #   When a web request body is larger than the limit, the underlying
+    #   host service only forwards the contents that are within the limit to
+    #   WAF for inspection.
+    #
+    #   * For Application Load Balancer and AppSync, the limit is fixed at 8
+    #     KB (8,192 bytes).
+    #
+    #   * For CloudFront, API Gateway, Amazon Cognito, App Runner, and
+    #     Verified Access, the default limit is 16 KB (16,384 bytes), and
+    #     you can increase the limit for each resource type in the web ACL
+    #     `AssociationConfig`, for additional processing fees.
     #
     #   The options for oversize handling are the following:
     #
@@ -6056,6 +6113,12 @@ module Aws::WAFV2
     # according to your aggregation criteria, collects them into aggregation
     # instances, and counts and rate limits the requests for each instance.
     #
+    # <note markdown="1"> If you change any of these settings in a rule that's currently in
+    # use, the change resets the rule's rate limiting counts. This can
+    # pause the rule's rate limiting activities for up to a minute.
+    #
+    #  </note>
+    #
     # You can specify individual aggregation keys, like IP address or HTTP
     # method. You can also specify aggregation key combinations, like IP
     # address and HTTP method, or HTTP method, query argument, and cookie.
@@ -6161,6 +6224,20 @@ module Aws::WAFV2
     #     method, city pair.
     #   @return [Integer]
     #
+    # @!attribute [rw] evaluation_window_sec
+    #   The amount of time, in seconds, that WAF should include in its
+    #   request counts, looking back from the current time. For example, for
+    #   a setting of 120, when WAF checks the rate, it counts the requests
+    #   for the 2 minutes immediately preceding the current time. Valid
+    #   settings are 60, 120, 300, and 600.
+    #
+    #   This setting doesn't determine how often WAF checks the rate, but
+    #   how far back it looks each time it checks. WAF checks the rate about
+    #   every 10 seconds.
+    #
+    #   Default: `300` (5 minutes)
+    #   @return [Integer]
+    #
     # @!attribute [rw] aggregate_key_type
     #   Setting that indicates how to aggregate the request counts.
     #
@@ -6240,6 +6317,7 @@ module Aws::WAFV2
     #
     class RateBasedStatement < Struct.new(
       :limit,
+      :evaluation_window_sec,
       :aggregate_key_type,
       :scope_down_statement,
       :forwarded_ip_config,
@@ -6818,8 +6896,10 @@ module Aws::WAFV2
     end
 
     # Customizes the maximum size of the request body that your protected
-    # CloudFront distributions forward to WAF for inspection. The default
-    # size is 16 KB (16,384 bytes).
+    # CloudFront, API Gateway, Amazon Cognito, App Runner, and Verified
+    # Access resources forward to WAF for inspection. The default size is 16
+    # KB (16,384 bytes). You can change the setting for any of the available
+    # resource types.
     #
     # <note markdown="1"> You are charged additional fees when your protected resources forward
     # body sizes that are larger than the default. For more information, see
@@ -6827,6 +6907,12 @@ module Aws::WAFV2
     #
     #  </note>
     #
+    # Example JSON: ` \{ "API_GATEWAY": "KB_48", "APP_RUNNER_SERVICE":
+    # "KB_32" \}`
+    #
+    # For Application Load Balancer and AppSync, the limit is fixed at 8 KB
+    # (8,192 bytes).
+    #
     # This is used in the `AssociationConfig` of the web ACL.
     #
     #
@@ -6835,9 +6921,10 @@ module Aws::WAFV2
     #
     # @!attribute [rw] default_size_inspection_limit
     #   Specifies the maximum size of the web request body component that an
-    #   associated CloudFront distribution should send to WAF for
-    #   inspection. This applies to statements in the web ACL that inspect
-    #   the body or JSON body.
+    #   associated CloudFront, API Gateway, Amazon Cognito, App Runner, or
+    #   Verified Access resource should send to WAF for inspection. This
+    #   applies to statements in the web ACL that inspect the body or JSON
+    #   body.
     #
     #   Default: `16 KB (16,384 bytes)`
     #   @return [String]
@@ -7902,14 +7989,12 @@ module Aws::WAFV2
     # statement to look for query strings that are longer than 100 bytes.
     #
     # If you configure WAF to inspect the request body, WAF inspects only
-    # the number of bytes of the body up to the limit for the web ACL. By
-    # default, for regional web ACLs, this limit is 8 KB (8,192 bytes) and
-    # for CloudFront web ACLs, this limit is 16 KB (16,384 bytes). For
-    # CloudFront web ACLs, you can increase the limit in the web ACL
-    # `AssociationConfig`, for additional fees. If you know that the request
-    # body for your web requests should never exceed the inspection limit,
-    # you could use a size constraint statement to block requests that have
-    # a larger request body size.
+    # the number of bytes in the body up to the limit for the web ACL and
+    # protected resource type. If you know that the request body for your
+    # web requests should never exceed the inspection limit, you can use a
+    # size constraint statement to block requests that have a larger request
+    # body size. For more information about the inspection limits, see
+    # `Body` and `JsonBody` settings for the `FieldToMatch` data type.
     #
     # If you choose URI for the value of Part of the request to filter on,
     # the slash (/) in the URI counts as one character. For example, the URI
@@ -8037,14 +8122,12 @@ module Aws::WAFV2
     #   100 bytes.
     #
     #   If you configure WAF to inspect the request body, WAF inspects only
-    #   the number of bytes of the body up to the limit for the web ACL. By
-    #   default, for regional web ACLs, this limit is 8 KB (8,192 bytes) and
-    #   for CloudFront web ACLs, this limit is 16 KB (16,384 bytes). For
-    #   CloudFront web ACLs, you can increase the limit in the web ACL
-    #   `AssociationConfig`, for additional fees. If you know that the
-    #   request body for your web requests should never exceed the
-    #   inspection limit, you could use a size constraint statement to block
-    #   requests that have a larger request body size.
+    #   the number of bytes in the body up to the limit for the web ACL and
+    #   protected resource type. If you know that the request body for your
+    #   web requests should never exceed the inspection limit, you can use a
+    #   size constraint statement to block requests that have a larger
+    #   request body size. For more information about the inspection limits,
+    #   see `Body` and `JsonBody` settings for the `FieldToMatch` data type.
     #
     #   If you choose URI for the value of Part of the request to filter on,
     #   the slash (/) in the URI counts as one character. For example, the
@@ -8136,6 +8219,12 @@ module Aws::WAFV2
     #   aggregation instances, and counts and rate limits the requests for
     #   each instance.
     #
+    #   <note markdown="1"> If you change any of these settings in a rule that's currently in
+    #   use, the change resets the rule's rate limiting counts. This can
+    #   pause the rule's rate limiting activities for up to a minute.
+    #
+    #    </note>
+    #
     #   You can specify individual aggregation keys, like IP address or HTTP
     #   method. You can also specify aggregation key combinations, like IP
     #   address and HTTP method, or HTTP method, query argument, and cookie.
@@ -9000,8 +9089,10 @@ module Aws::WAFV2
     #   ACL and protected resources.
     #
     #   Use this to customize the maximum size of the request body that your
-    #   protected CloudFront distributions forward to WAF for inspection.
-    #   The default is 16 KB (16,384 bytes).
+    #   protected resources forward to WAF for inspection. You can customize
+    #   this setting for CloudFront, API Gateway, Amazon Cognito, App
+    #   Runner, or Verified Access resources. The default setting is 16 KB
+    #   (16,384 bytes).
     #
     #   <note markdown="1"> You are charged additional fees when your protected resources
     #   forward body sizes that are larger than the default. For more
@@ -9009,6 +9100,9 @@ module Aws::WAFV2
     #
     #    </note>
     #
+    #   For Application Load Balancer and AppSync, the limit is fixed at 8
+    #   KB (8,192 bytes).
+    #
     #
     #
     #   [1]: http://aws.amazon.com/waf/pricing/
@@ -9376,10 +9470,15 @@ module Aws::WAFV2
     # @!attribute [rw] message
     #   @return [String]
     #
+    # @!attribute [rw] source_type
+    #   Source type for the exception.
+    #   @return [String]
+    #
     # @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/WAFLimitsExceededException AWS API Documentation
     #
     class WAFLimitsExceededException < Struct.new(
-      :message)
+      :message,
+      :source_type)
       SENSITIVE = []
       include Aws::Structure
     end
@@ -9697,8 +9796,10 @@ module Aws::WAFV2
     #   ACL and protected resources.
     #
     #   Use this to customize the maximum size of the request body that your
-    #   protected CloudFront distributions forward to WAF for inspection.
-    #   The default is 16 KB (16,384 bytes).
+    #   protected resources forward to WAF for inspection. You can customize
+    #   this setting for CloudFront, API Gateway, Amazon Cognito, App
+    #   Runner, or Verified Access resources. The default setting is 16 KB
+    #   (16,384 bytes).
     #
     #   <note markdown="1"> You are charged additional fees when your protected resources
     #   forward body sizes that are larger than the default. For more
@@ -9706,6 +9807,9 @@ module Aws::WAFV2
     #
     #    </note>
     #
+    #   For Application Load Balancer and AppSync, the limit is fixed at 8
+    #   KB (8,192 bytes).
+    #
     #
     #
     #   [1]: http://aws.amazon.com/waf/pricing/

data/lib/aws-sdk-wafv2.rb

@@ -52,6 +52,6 @@ require_relative 'aws-sdk-wafv2/customizations'
 # @!group service
 module Aws::WAFV2
 
-  GEM_VERSION = '1.76.0'
+  GEM_VERSION = '1.78.0'
 
 end

data/sig/client.rbs

@@ -500,6 +500,7 @@ module Aws
                                   }?,
                                   rate_based_statement: {
                                     limit: ::Integer,
+                                    evaluation_window_sec: ::Integer?,
                                     aggregate_key_type: ("IP" | "FORWARDED_IP" | "CUSTOM_KEYS" | "CONSTANT"),
                                     scope_down_statement: untyped?,
                                     forwarded_ip_config: {
@@ -1378,6 +1379,7 @@ module Aws
                                      }?,
                                      rate_based_statement: {
                                        limit: ::Integer,
+                                       evaluation_window_sec: ::Integer?,
                                        aggregate_key_type: ("IP" | "FORWARDED_IP" | "CUSTOM_KEYS" | "CONSTANT"),
                                        scope_down_statement: untyped?,
                                        forwarded_ip_config: {
@@ -2240,6 +2242,7 @@ module Aws
                                   }?,
                                   rate_based_statement: {
                                     limit: ::Integer,
+                                    evaluation_window_sec: ::Integer?,
                                     aggregate_key_type: ("IP" | "FORWARDED_IP" | "CUSTOM_KEYS" | "CONSTANT"),
                                     scope_down_statement: untyped?,
                                     forwarded_ip_config: {
@@ -2668,7 +2671,7 @@ module Aws
                             },
                             ?token_domains: Array[::String],
                             ?association_config: {
-                              request_body: Hash[("CLOUDFRONT"), {
+                              request_body: Hash[("CLOUDFRONT" | "API_GATEWAY" | "COGNITO_USER_POOL" | "APP_RUNNER_SERVICE" | "VERIFIED_ACCESS_INSTANCE"), {
                                   default_size_inspection_limit: ("KB_16" | "KB_32" | "KB_48" | "KB_64")
                                 }]?
                             }
@@ -3748,6 +3751,7 @@ module Aws
                                      }?,
                                      rate_based_statement: {
                                        limit: ::Integer,
+                                       evaluation_window_sec: ::Integer?,
                                        aggregate_key_type: ("IP" | "FORWARDED_IP" | "CUSTOM_KEYS" | "CONSTANT"),
                                        scope_down_statement: untyped?,
                                        forwarded_ip_config: {
@@ -4606,6 +4610,7 @@ module Aws
                                   }?,
                                   rate_based_statement: {
                                     limit: ::Integer,
+                                    evaluation_window_sec: ::Integer?,
                                     aggregate_key_type: ("IP" | "FORWARDED_IP" | "CUSTOM_KEYS" | "CONSTANT"),
                                     scope_down_statement: untyped?,
                                     forwarded_ip_config: {
@@ -5029,7 +5034,7 @@ module Aws
                             },
                             ?token_domains: Array[::String],
                             ?association_config: {
-                              request_body: Hash[("CLOUDFRONT"), {
+                              request_body: Hash[("CLOUDFRONT" | "API_GATEWAY" | "COGNITO_USER_POOL" | "APP_RUNNER_SERVICE" | "VERIFIED_ACCESS_INSTANCE"), {
                                   default_size_inspection_limit: ("KB_16" | "KB_32" | "KB_48" | "KB_64")
                                 }]?
                             }

data/sig/errors.rbs

@@ -43,6 +43,7 @@ module Aws
       end
       class WAFLimitsExceededException < ::Aws::Errors::ServiceError
         def message: () -> ::String
+        def source_type: () -> ::String
       end
       class WAFLogDestinationPermissionIssueException < ::Aws::Errors::ServiceError
         def message: () -> ::String

data/sig/types.rbs

@@ -75,7 +75,7 @@ module Aws::WAFV2
     end
 
     class AssociationConfig
-      attr_accessor request_body: ::Hash[("CLOUDFRONT"), Types::RequestBodyAssociatedResourceTypeConfig]
+      attr_accessor request_body: ::Hash[("CLOUDFRONT" | "API_GATEWAY" | "COGNITO_USER_POOL" | "APP_RUNNER_SERVICE" | "VERIFIED_ACCESS_INSTANCE"), Types::RequestBodyAssociatedResourceTypeConfig]
       SENSITIVE: []
     end
 
@@ -1069,6 +1069,7 @@ module Aws::WAFV2
 
     class RateBasedStatement
       attr_accessor limit: ::Integer
+      attr_accessor evaluation_window_sec: ::Integer
       attr_accessor aggregate_key_type: ("IP" | "FORWARDED_IP" | "CUSTOM_KEYS" | "CONSTANT")
       attr_accessor scope_down_statement: Types::Statement
       attr_accessor forwarded_ip_config: Types::ForwardedIPConfig
@@ -1559,6 +1560,7 @@ module Aws::WAFV2
 
     class WAFLimitsExceededException
       attr_accessor message: ::String
+      attr_accessor source_type: ::String
       SENSITIVE: []
     end
 

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: aws-sdk-wafv2
 version: !ruby/object:Gem::Version
-  version: 1.76.0
+  version: 1.78.0
 platform: ruby
 authors:
 - Amazon Web Services
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2024-02-06 00:00:00.000000000 Z
+date: 2024-03-07 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: aws-sdk-core