aws-sdk-wafv2 1.29.0 → 1.30.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 80f32a5d5b5bb24d6105d309f463402492ccc75367e724647e162f03e40c05d8
-  data.tar.gz: e1f486eeb68663f87370d6d93e9f312d4cee9c2ed98f5004c63cdb7e59a0e97f
+  metadata.gz: 98b51813c9f78ac6f0365cc3dc004f07ffe648292e2d94a97e5bd61c65154168
+  data.tar.gz: 5996ef24059d82e2dd2544c99a69fe8bfe4d87d3ecef6191e44091b2c836555f
 SHA512:
-  metadata.gz: 6a78933de6304c54d06c1eba810136755f0a603f5ff95f9128881fcedd9795b4fa481754055993f9627471633a1e24bc32dbed796b5bdefde3ce546eb44c0a8d
-  data.tar.gz: 7e1310c6d2d7968902fcb4522125c3ba94e8c5c30eb7d148393d08b46ff0fc60a2af975b4864ef59927c6bae032202821851fcae617aeda8b3089b25794d4b8b
+  metadata.gz: e8bb8b44f34f925ef9b19554fa968f54df6501511e95bd948e7692b36ab756bc3bf6b2b9b02e00ce0abed38204f85bc955d8cdf127b7bbc2337009dc1a59c1ba
+  data.tar.gz: 6eeece73c0fbfd8a2ae12b0c6b77017aff7a86c35f5bcadf9dc31ec9daf38a6c6b2b80312102fb2195c04a9c7bacf3aa16e2d30ec3e183f0e48cc78c2c571156

data/CHANGELOG.md

@@ -1,6 +1,11 @@
 Unreleased Changes
 ------------------
 
+1.30.0 (2021-11-08)
+------------------
+
+* Feature - You can now configure rules to run a CAPTCHA check against web requests and, as needed, send a CAPTCHA challenge to the client.
+
 1.29.0 (2021-11-04)
 ------------------
 

data/VERSION

@@ -1 +1 @@
-1.29.0
+1.30.0

data/lib/aws-sdk-wafv2/client.rb

@@ -762,6 +762,16 @@ module Aws::WAFV2
     #               ],
     #             },
     #           },
+    #           captcha: {
+    #             custom_request_handling: {
+    #               insert_headers: [ # required
+    #                 {
+    #                   name: "CustomHTTPHeaderName", # required
+    #                   value: "CustomHTTPHeaderValue", # required
+    #                 },
+    #               ],
+    #             },
+    #           },
     #         },
     #         override_action: {
     #           count: {
@@ -787,6 +797,11 @@ module Aws::WAFV2
     #           cloud_watch_metrics_enabled: false, # required
     #           metric_name: "MetricName", # required
     #         },
+    #         captcha_config: {
+    #           immunity_time_property: {
+    #             immunity_time: 1, # required
+    #           },
+    #         },
     #       },
     #     ],
     #   })
@@ -1389,6 +1404,16 @@ module Aws::WAFV2
     #               ],
     #             },
     #           },
+    #           captcha: {
+    #             custom_request_handling: {
+    #               insert_headers: [ # required
+    #                 {
+    #                   name: "CustomHTTPHeaderName", # required
+    #                   value: "CustomHTTPHeaderValue", # required
+    #                 },
+    #               ],
+    #             },
+    #           },
     #         },
     #         override_action: {
     #           count: {
@@ -1414,6 +1439,11 @@ module Aws::WAFV2
     #           cloud_watch_metrics_enabled: false, # required
     #           metric_name: "MetricName", # required
     #         },
+    #         captcha_config: {
+    #           immunity_time_property: {
+    #             immunity_time: 1, # required
+    #           },
+    #         },
     #       },
     #     ],
     #     visibility_config: { # required
@@ -1523,6 +1553,11 @@ module Aws::WAFV2
     #   [2]: https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html
     #   [3]: https://docs.aws.amazon.com/waf/latest/developerguide/limits.html
     #
+    # @option params [Types::CaptchaConfig] :captcha_config
+    #   Specifies how WAF should handle `CAPTCHA` evaluations for rules that
+    #   don't have their own `CaptchaConfig` settings. If you don't specify
+    #   this, WAF uses its default settings for `CaptchaConfig`.
+    #
     # @return [Types::CreateWebACLResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
     #
     #   * {Types::CreateWebACLResponse#summary #summary} => Types::WebACLSummary
@@ -1882,6 +1917,16 @@ module Aws::WAFV2
     #               ],
     #             },
     #           },
+    #           captcha: {
+    #             custom_request_handling: {
+    #               insert_headers: [ # required
+    #                 {
+    #                   name: "CustomHTTPHeaderName", # required
+    #                   value: "CustomHTTPHeaderValue", # required
+    #                 },
+    #               ],
+    #             },
+    #           },
     #         },
     #         override_action: {
     #           count: {
@@ -1907,6 +1952,11 @@ module Aws::WAFV2
     #           cloud_watch_metrics_enabled: false, # required
     #           metric_name: "MetricName", # required
     #         },
+    #         captcha_config: {
+    #           immunity_time_property: {
+    #             immunity_time: 1, # required
+    #           },
+    #         },
     #       },
     #     ],
     #     visibility_config: { # required
@@ -1926,6 +1976,11 @@ module Aws::WAFV2
     #         content: "ResponseContent", # required
     #       },
     #     },
+    #     captcha_config: {
+    #       immunity_time_property: {
+    #         immunity_time: 1, # required
+    #       },
+    #     },
     #   })
     #
     # @example Response structure
@@ -2328,6 +2383,9 @@ module Aws::WAFV2
     #   resp.rules[0].action.count.custom_request_handling.insert_headers #=> Array
     #   resp.rules[0].action.count.custom_request_handling.insert_headers[0].name #=> String
     #   resp.rules[0].action.count.custom_request_handling.insert_headers[0].value #=> String
+    #   resp.rules[0].action.captcha.custom_request_handling.insert_headers #=> Array
+    #   resp.rules[0].action.captcha.custom_request_handling.insert_headers[0].name #=> String
+    #   resp.rules[0].action.captcha.custom_request_handling.insert_headers[0].value #=> String
     #   resp.label_namespace #=> String
     #   resp.available_labels #=> Array
     #   resp.available_labels[0].name #=> String
@@ -2480,7 +2538,7 @@ module Aws::WAFV2
     #   resp.logging_configuration.logging_filter.filters[0].behavior #=> String, one of "KEEP", "DROP"
     #   resp.logging_configuration.logging_filter.filters[0].requirement #=> String, one of "MEETS_ALL", "MEETS_ANY"
     #   resp.logging_configuration.logging_filter.filters[0].conditions #=> Array
-    #   resp.logging_configuration.logging_filter.filters[0].conditions[0].action_condition.action #=> String, one of "ALLOW", "BLOCK", "COUNT"
+    #   resp.logging_configuration.logging_filter.filters[0].conditions[0].action_condition.action #=> String, one of "ALLOW", "BLOCK", "COUNT", "CAPTCHA", "EXCLUDED_AS_COUNT"
     #   resp.logging_configuration.logging_filter.filters[0].conditions[0].label_name_condition.label_name #=> String
     #   resp.logging_configuration.logging_filter.default_behavior #=> String, one of "KEEP", "DROP"
     #
@@ -2897,6 +2955,9 @@ module Aws::WAFV2
     #   resp.rule_group.rules[0].action.count.custom_request_handling.insert_headers #=> Array
     #   resp.rule_group.rules[0].action.count.custom_request_handling.insert_headers[0].name #=> String
     #   resp.rule_group.rules[0].action.count.custom_request_handling.insert_headers[0].value #=> String
+    #   resp.rule_group.rules[0].action.captcha.custom_request_handling.insert_headers #=> Array
+    #   resp.rule_group.rules[0].action.captcha.custom_request_handling.insert_headers[0].name #=> String
+    #   resp.rule_group.rules[0].action.captcha.custom_request_handling.insert_headers[0].value #=> String
     #   resp.rule_group.rules[0].override_action.count.custom_request_handling.insert_headers #=> Array
     #   resp.rule_group.rules[0].override_action.count.custom_request_handling.insert_headers[0].name #=> String
     #   resp.rule_group.rules[0].override_action.count.custom_request_handling.insert_headers[0].value #=> String
@@ -2905,6 +2966,7 @@ module Aws::WAFV2
     #   resp.rule_group.rules[0].visibility_config.sampled_requests_enabled #=> Boolean
     #   resp.rule_group.rules[0].visibility_config.cloud_watch_metrics_enabled #=> Boolean
     #   resp.rule_group.rules[0].visibility_config.metric_name #=> String
+    #   resp.rule_group.rules[0].captcha_config.immunity_time_property.immunity_time #=> Integer
     #   resp.rule_group.visibility_config.sampled_requests_enabled #=> Boolean
     #   resp.rule_group.visibility_config.cloud_watch_metrics_enabled #=> Boolean
     #   resp.rule_group.visibility_config.metric_name #=> String
@@ -3018,6 +3080,9 @@ module Aws::WAFV2
     #   resp.sampled_requests[0].response_code_sent #=> Integer
     #   resp.sampled_requests[0].labels #=> Array
     #   resp.sampled_requests[0].labels[0].name #=> String
+    #   resp.sampled_requests[0].captcha_response.response_code #=> Integer
+    #   resp.sampled_requests[0].captcha_response.solve_timestamp #=> Integer
+    #   resp.sampled_requests[0].captcha_response.failure_reason #=> String, one of "TOKEN_MISSING", "TOKEN_EXPIRED"
     #   resp.population_size #=> Integer
     #   resp.time_window.start_time #=> Time
     #   resp.time_window.end_time #=> Time
@@ -3186,6 +3251,9 @@ module Aws::WAFV2
     #   resp.web_acl.rules[0].action.count.custom_request_handling.insert_headers #=> Array
     #   resp.web_acl.rules[0].action.count.custom_request_handling.insert_headers[0].name #=> String
     #   resp.web_acl.rules[0].action.count.custom_request_handling.insert_headers[0].value #=> String
+    #   resp.web_acl.rules[0].action.captcha.custom_request_handling.insert_headers #=> Array
+    #   resp.web_acl.rules[0].action.captcha.custom_request_handling.insert_headers[0].name #=> String
+    #   resp.web_acl.rules[0].action.captcha.custom_request_handling.insert_headers[0].value #=> String
     #   resp.web_acl.rules[0].override_action.count.custom_request_handling.insert_headers #=> Array
     #   resp.web_acl.rules[0].override_action.count.custom_request_handling.insert_headers[0].name #=> String
     #   resp.web_acl.rules[0].override_action.count.custom_request_handling.insert_headers[0].value #=> String
@@ -3194,6 +3262,7 @@ module Aws::WAFV2
     #   resp.web_acl.rules[0].visibility_config.sampled_requests_enabled #=> Boolean
     #   resp.web_acl.rules[0].visibility_config.cloud_watch_metrics_enabled #=> Boolean
     #   resp.web_acl.rules[0].visibility_config.metric_name #=> String
+    #   resp.web_acl.rules[0].captcha_config.immunity_time_property.immunity_time #=> Integer
     #   resp.web_acl.visibility_config.sampled_requests_enabled #=> Boolean
     #   resp.web_acl.visibility_config.cloud_watch_metrics_enabled #=> Boolean
     #   resp.web_acl.visibility_config.metric_name #=> String
@@ -3405,6 +3474,7 @@ module Aws::WAFV2
     #   resp.web_acl.custom_response_bodies #=> Hash
     #   resp.web_acl.custom_response_bodies["EntityName"].content_type #=> String, one of "TEXT_PLAIN", "TEXT_HTML", "APPLICATION_JSON"
     #   resp.web_acl.custom_response_bodies["EntityName"].content #=> String
+    #   resp.web_acl.captcha_config.immunity_time_property.immunity_time #=> Integer
     #   resp.lock_token #=> String
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/GetWebACL AWS API Documentation
@@ -3548,6 +3618,9 @@ module Aws::WAFV2
     #   resp.web_acl.rules[0].action.count.custom_request_handling.insert_headers #=> Array
     #   resp.web_acl.rules[0].action.count.custom_request_handling.insert_headers[0].name #=> String
     #   resp.web_acl.rules[0].action.count.custom_request_handling.insert_headers[0].value #=> String
+    #   resp.web_acl.rules[0].action.captcha.custom_request_handling.insert_headers #=> Array
+    #   resp.web_acl.rules[0].action.captcha.custom_request_handling.insert_headers[0].name #=> String
+    #   resp.web_acl.rules[0].action.captcha.custom_request_handling.insert_headers[0].value #=> String
     #   resp.web_acl.rules[0].override_action.count.custom_request_handling.insert_headers #=> Array
     #   resp.web_acl.rules[0].override_action.count.custom_request_handling.insert_headers[0].name #=> String
     #   resp.web_acl.rules[0].override_action.count.custom_request_handling.insert_headers[0].value #=> String
@@ -3556,6 +3629,7 @@ module Aws::WAFV2
     #   resp.web_acl.rules[0].visibility_config.sampled_requests_enabled #=> Boolean
     #   resp.web_acl.rules[0].visibility_config.cloud_watch_metrics_enabled #=> Boolean
     #   resp.web_acl.rules[0].visibility_config.metric_name #=> String
+    #   resp.web_acl.rules[0].captcha_config.immunity_time_property.immunity_time #=> Integer
     #   resp.web_acl.visibility_config.sampled_requests_enabled #=> Boolean
     #   resp.web_acl.visibility_config.cloud_watch_metrics_enabled #=> Boolean
     #   resp.web_acl.visibility_config.metric_name #=> String
@@ -3767,6 +3841,7 @@ module Aws::WAFV2
     #   resp.web_acl.custom_response_bodies #=> Hash
     #   resp.web_acl.custom_response_bodies["EntityName"].content_type #=> String, one of "TEXT_PLAIN", "TEXT_HTML", "APPLICATION_JSON"
     #   resp.web_acl.custom_response_bodies["EntityName"].content #=> String
+    #   resp.web_acl.captcha_config.immunity_time_property.immunity_time #=> Integer
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/GetWebACLForResource AWS API Documentation
     #
@@ -3972,7 +4047,7 @@ module Aws::WAFV2
 
     # Retrieves an array of your LoggingConfiguration objects.
     #
-    # @option params [String] :scope
+    # @option params [required, String] :scope
     #   Specifies whether this is for an Amazon CloudFront distribution or for
     #   a regional application. A regional application can be an Application
     #   Load Balancer (ALB), an Amazon API Gateway REST API, or an AppSync
@@ -4007,7 +4082,7 @@ module Aws::WAFV2
     # @example Request syntax with placeholder values
     #
     #   resp = client.list_logging_configurations({
-    #     scope: "CLOUDFRONT", # accepts CLOUDFRONT, REGIONAL
+    #     scope: "CLOUDFRONT", # required, accepts CLOUDFRONT, REGIONAL
     #     next_marker: "NextMarker",
     #     limit: 1,
     #   })
@@ -4030,7 +4105,7 @@ module Aws::WAFV2
     #   resp.logging_configurations[0].logging_filter.filters[0].behavior #=> String, one of "KEEP", "DROP"
     #   resp.logging_configurations[0].logging_filter.filters[0].requirement #=> String, one of "MEETS_ALL", "MEETS_ANY"
     #   resp.logging_configurations[0].logging_filter.filters[0].conditions #=> Array
-    #   resp.logging_configurations[0].logging_filter.filters[0].conditions[0].action_condition.action #=> String, one of "ALLOW", "BLOCK", "COUNT"
+    #   resp.logging_configurations[0].logging_filter.filters[0].conditions[0].action_condition.action #=> String, one of "ALLOW", "BLOCK", "COUNT", "CAPTCHA", "EXCLUDED_AS_COUNT"
     #   resp.logging_configurations[0].logging_filter.filters[0].conditions[0].label_name_condition.label_name #=> String
     #   resp.logging_configurations[0].logging_filter.default_behavior #=> String, one of "KEEP", "DROP"
     #   resp.next_marker #=> String
@@ -4490,7 +4565,7 @@ module Aws::WAFV2
     #             conditions: [ # required
     #               {
     #                 action_condition: {
-    #                   action: "ALLOW", # required, accepts ALLOW, BLOCK, COUNT
+    #                   action: "ALLOW", # required, accepts ALLOW, BLOCK, COUNT, CAPTCHA, EXCLUDED_AS_COUNT
     #                 },
     #                 label_name_condition: {
     #                   label_name: "LabelName", # required
@@ -4521,7 +4596,7 @@ module Aws::WAFV2
     #   resp.logging_configuration.logging_filter.filters[0].behavior #=> String, one of "KEEP", "DROP"
     #   resp.logging_configuration.logging_filter.filters[0].requirement #=> String, one of "MEETS_ALL", "MEETS_ANY"
     #   resp.logging_configuration.logging_filter.filters[0].conditions #=> Array
-    #   resp.logging_configuration.logging_filter.filters[0].conditions[0].action_condition.action #=> String, one of "ALLOW", "BLOCK", "COUNT"
+    #   resp.logging_configuration.logging_filter.filters[0].conditions[0].action_condition.action #=> String, one of "ALLOW", "BLOCK", "COUNT", "CAPTCHA", "EXCLUDED_AS_COUNT"
     #   resp.logging_configuration.logging_filter.filters[0].conditions[0].label_name_condition.label_name #=> String
     #   resp.logging_configuration.logging_filter.default_behavior #=> String, one of "KEEP", "DROP"
     #
@@ -5469,6 +5544,16 @@ module Aws::WAFV2
     #               ],
     #             },
     #           },
+    #           captcha: {
+    #             custom_request_handling: {
+    #               insert_headers: [ # required
+    #                 {
+    #                   name: "CustomHTTPHeaderName", # required
+    #                   value: "CustomHTTPHeaderValue", # required
+    #                 },
+    #               ],
+    #             },
+    #           },
     #         },
     #         override_action: {
     #           count: {
@@ -5494,6 +5579,11 @@ module Aws::WAFV2
     #           cloud_watch_metrics_enabled: false, # required
     #           metric_name: "MetricName", # required
     #         },
+    #         captcha_config: {
+    #           immunity_time_property: {
+    #             immunity_time: 1, # required
+    #           },
+    #         },
     #       },
     #     ],
     #     visibility_config: { # required
@@ -5614,6 +5704,11 @@ module Aws::WAFV2
     #   [2]: https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html
     #   [3]: https://docs.aws.amazon.com/waf/latest/developerguide/limits.html
     #
+    # @option params [Types::CaptchaConfig] :captcha_config
+    #   Specifies how WAF should handle `CAPTCHA` evaluations for rules that
+    #   don't have their own `CaptchaConfig` settings. If you don't specify
+    #   this, WAF uses its default settings for `CaptchaConfig`.
+    #
     # @return [Types::UpdateWebACLResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
     #
     #   * {Types::UpdateWebACLResponse#next_lock_token #next_lock_token} => String
@@ -5974,6 +6069,16 @@ module Aws::WAFV2
     #               ],
     #             },
     #           },
+    #           captcha: {
+    #             custom_request_handling: {
+    #               insert_headers: [ # required
+    #                 {
+    #                   name: "CustomHTTPHeaderName", # required
+    #                   value: "CustomHTTPHeaderValue", # required
+    #                 },
+    #               ],
+    #             },
+    #           },
     #         },
     #         override_action: {
     #           count: {
@@ -5999,6 +6104,11 @@ module Aws::WAFV2
     #           cloud_watch_metrics_enabled: false, # required
     #           metric_name: "MetricName", # required
     #         },
+    #         captcha_config: {
+    #           immunity_time_property: {
+    #             immunity_time: 1, # required
+    #           },
+    #         },
     #       },
     #     ],
     #     visibility_config: { # required
@@ -6013,6 +6123,11 @@ module Aws::WAFV2
     #         content: "ResponseContent", # required
     #       },
     #     },
+    #     captcha_config: {
+    #       immunity_time_property: {
+    #         immunity_time: 1, # required
+    #       },
+    #     },
     #   })
     #
     # @example Response structure
@@ -6041,7 +6156,7 @@ module Aws::WAFV2
         params: params,
         config: config)
       context[:gem_name] = 'aws-sdk-wafv2'
-      context[:gem_version] = '1.29.0'
+      context[:gem_version] = '1.30.0'
       Seahorse::Client::Request.new(handlers, context)
     end
 

data/lib/aws-sdk-wafv2/client_api.rb

@@ -28,6 +28,9 @@ module Aws::WAFV2
     Boolean = Shapes::BooleanShape.new(name: 'Boolean')
     ByteMatchStatement = Shapes::StructureShape.new(name: 'ByteMatchStatement')
     CapacityUnit = Shapes::IntegerShape.new(name: 'CapacityUnit')
+    CaptchaAction = Shapes::StructureShape.new(name: 'CaptchaAction')
+    CaptchaConfig = Shapes::StructureShape.new(name: 'CaptchaConfig')
+    CaptchaResponse = Shapes::StructureShape.new(name: 'CaptchaResponse')
     CheckCapacityRequest = Shapes::StructureShape.new(name: 'CheckCapacityRequest')
     CheckCapacityResponse = Shapes::StructureShape.new(name: 'CheckCapacityResponse')
     ComparisonOperator = Shapes::StringShape.new(name: 'ComparisonOperator')
@@ -80,6 +83,7 @@ module Aws::WAFV2
     ErrorReason = Shapes::StringShape.new(name: 'ErrorReason')
     ExcludedRule = Shapes::StructureShape.new(name: 'ExcludedRule')
     ExcludedRules = Shapes::ListShape.new(name: 'ExcludedRules')
+    FailureReason = Shapes::StringShape.new(name: 'FailureReason')
     FallbackBehavior = Shapes::StringShape.new(name: 'FallbackBehavior')
     FieldToMatch = Shapes::StructureShape.new(name: 'FieldToMatch')
     FieldToMatchData = Shapes::StringShape.new(name: 'FieldToMatchData')
@@ -130,6 +134,7 @@ module Aws::WAFV2
     IPSetSummaries = Shapes::ListShape.new(name: 'IPSetSummaries')
     IPSetSummary = Shapes::StructureShape.new(name: 'IPSetSummary')
     IPString = Shapes::StringShape.new(name: 'IPString')
+    ImmunityTimeProperty = Shapes::StructureShape.new(name: 'ImmunityTimeProperty')
     JsonBody = Shapes::StructureShape.new(name: 'JsonBody')
     JsonMatchPattern = Shapes::StructureShape.new(name: 'JsonMatchPattern')
     JsonMatchScope = Shapes::StringShape.new(name: 'JsonMatchScope')
@@ -216,6 +221,7 @@ module Aws::WAFV2
     ResourceArn = Shapes::StringShape.new(name: 'ResourceArn')
     ResourceArns = Shapes::ListShape.new(name: 'ResourceArns')
     ResourceType = Shapes::StringShape.new(name: 'ResourceType')
+    ResponseCode = Shapes::IntegerShape.new(name: 'ResponseCode')
     ResponseContent = Shapes::StringShape.new(name: 'ResponseContent')
     ResponseContentType = Shapes::StringShape.new(name: 'ResponseContentType')
     ResponseStatusCode = Shapes::IntegerShape.new(name: 'ResponseStatusCode')
@@ -238,6 +244,7 @@ module Aws::WAFV2
     SingleQueryArgument = Shapes::StructureShape.new(name: 'SingleQueryArgument')
     Size = Shapes::IntegerShape.new(name: 'Size')
     SizeConstraintStatement = Shapes::StructureShape.new(name: 'SizeConstraintStatement')
+    SolveTimestamp = Shapes::IntegerShape.new(name: 'SolveTimestamp')
     SqliMatchStatement = Shapes::StructureShape.new(name: 'SqliMatchStatement')
     Statement = Shapes::StructureShape.new(name: 'Statement')
     Statements = Shapes::ListShape.new(name: 'Statements')
@@ -255,6 +262,7 @@ module Aws::WAFV2
     TextTransformations = Shapes::ListShape.new(name: 'TextTransformations')
     TimeWindow = Shapes::StructureShape.new(name: 'TimeWindow')
     TimeWindowDay = Shapes::IntegerShape.new(name: 'TimeWindowDay')
+    TimeWindowSecond = Shapes::IntegerShape.new(name: 'TimeWindowSecond')
     Timestamp = Shapes::TimestampShape.new(name: 'Timestamp')
     URIString = Shapes::StringShape.new(name: 'URIString')
     UntagResourceRequest = Shapes::StructureShape.new(name: 'UntagResourceRequest')
@@ -326,6 +334,17 @@ module Aws::WAFV2
     ByteMatchStatement.add_member(:positional_constraint, Shapes::ShapeRef.new(shape: PositionalConstraint, required: true, location_name: "PositionalConstraint"))
     ByteMatchStatement.struct_class = Types::ByteMatchStatement
 
+    CaptchaAction.add_member(:custom_request_handling, Shapes::ShapeRef.new(shape: CustomRequestHandling, location_name: "CustomRequestHandling"))
+    CaptchaAction.struct_class = Types::CaptchaAction
+
+    CaptchaConfig.add_member(:immunity_time_property, Shapes::ShapeRef.new(shape: ImmunityTimeProperty, location_name: "ImmunityTimeProperty"))
+    CaptchaConfig.struct_class = Types::CaptchaConfig
+
+    CaptchaResponse.add_member(:response_code, Shapes::ShapeRef.new(shape: ResponseCode, location_name: "ResponseCode"))
+    CaptchaResponse.add_member(:solve_timestamp, Shapes::ShapeRef.new(shape: SolveTimestamp, location_name: "SolveTimestamp"))
+    CaptchaResponse.add_member(:failure_reason, Shapes::ShapeRef.new(shape: FailureReason, location_name: "FailureReason"))
+    CaptchaResponse.struct_class = Types::CaptchaResponse
+
     CheckCapacityRequest.add_member(:scope, Shapes::ShapeRef.new(shape: Scope, required: true, location_name: "Scope"))
     CheckCapacityRequest.add_member(:rules, Shapes::ShapeRef.new(shape: Rules, required: true, location_name: "Rules"))
     CheckCapacityRequest.struct_class = Types::CheckCapacityRequest
@@ -386,6 +405,7 @@ module Aws::WAFV2
     CreateWebACLRequest.add_member(:visibility_config, Shapes::ShapeRef.new(shape: VisibilityConfig, required: true, location_name: "VisibilityConfig"))
     CreateWebACLRequest.add_member(:tags, Shapes::ShapeRef.new(shape: TagList, location_name: "Tags"))
     CreateWebACLRequest.add_member(:custom_response_bodies, Shapes::ShapeRef.new(shape: CustomResponseBodies, location_name: "CustomResponseBodies"))
+    CreateWebACLRequest.add_member(:captcha_config, Shapes::ShapeRef.new(shape: CaptchaConfig, location_name: "CaptchaConfig"))
     CreateWebACLRequest.struct_class = Types::CreateWebACLRequest
 
     CreateWebACLResponse.add_member(:summary, Shapes::ShapeRef.new(shape: WebACLSummary, location_name: "Summary"))
@@ -657,6 +677,9 @@ module Aws::WAFV2
     IPSetSummary.add_member(:arn, Shapes::ShapeRef.new(shape: ResourceArn, location_name: "ARN"))
     IPSetSummary.struct_class = Types::IPSetSummary
 
+    ImmunityTimeProperty.add_member(:immunity_time, Shapes::ShapeRef.new(shape: TimeWindowSecond, required: true, location_name: "ImmunityTime"))
+    ImmunityTimeProperty.struct_class = Types::ImmunityTimeProperty
+
     JsonBody.add_member(:match_pattern, Shapes::ShapeRef.new(shape: JsonMatchPattern, required: true, location_name: "MatchPattern"))
     JsonBody.add_member(:match_scope, Shapes::ShapeRef.new(shape: JsonMatchScope, required: true, location_name: "MatchScope"))
     JsonBody.add_member(:invalid_fallback_behavior, Shapes::ShapeRef.new(shape: BodyParsingFallbackBehavior, location_name: "InvalidFallbackBehavior"))
@@ -714,7 +737,7 @@ module Aws::WAFV2
     ListIPSetsResponse.add_member(:ip_sets, Shapes::ShapeRef.new(shape: IPSetSummaries, location_name: "IPSets"))
     ListIPSetsResponse.struct_class = Types::ListIPSetsResponse
 
-    ListLoggingConfigurationsRequest.add_member(:scope, Shapes::ShapeRef.new(shape: Scope, location_name: "Scope"))
+    ListLoggingConfigurationsRequest.add_member(:scope, Shapes::ShapeRef.new(shape: Scope, required: true, location_name: "Scope"))
     ListLoggingConfigurationsRequest.add_member(:next_marker, Shapes::ShapeRef.new(shape: NextMarker, location_name: "NextMarker"))
     ListLoggingConfigurationsRequest.add_member(:limit, Shapes::ShapeRef.new(shape: PaginationLimit, location_name: "Limit"))
     ListLoggingConfigurationsRequest.struct_class = Types::ListLoggingConfigurationsRequest
@@ -931,11 +954,13 @@ module Aws::WAFV2
     Rule.add_member(:override_action, Shapes::ShapeRef.new(shape: OverrideAction, location_name: "OverrideAction"))
     Rule.add_member(:rule_labels, Shapes::ShapeRef.new(shape: Labels, location_name: "RuleLabels"))
     Rule.add_member(:visibility_config, Shapes::ShapeRef.new(shape: VisibilityConfig, required: true, location_name: "VisibilityConfig"))
+    Rule.add_member(:captcha_config, Shapes::ShapeRef.new(shape: CaptchaConfig, location_name: "CaptchaConfig"))
     Rule.struct_class = Types::Rule
 
     RuleAction.add_member(:block, Shapes::ShapeRef.new(shape: BlockAction, location_name: "Block"))
     RuleAction.add_member(:allow, Shapes::ShapeRef.new(shape: AllowAction, location_name: "Allow"))
     RuleAction.add_member(:count, Shapes::ShapeRef.new(shape: CountAction, location_name: "Count"))
+    RuleAction.add_member(:captcha, Shapes::ShapeRef.new(shape: CaptchaAction, location_name: "Captcha"))
     RuleAction.struct_class = Types::RuleAction
 
     RuleGroup.add_member(:name, Shapes::ShapeRef.new(shape: EntityName, required: true, location_name: "Name"))
@@ -980,6 +1005,7 @@ module Aws::WAFV2
     SampledHTTPRequest.add_member(:request_headers_inserted, Shapes::ShapeRef.new(shape: HTTPHeaders, location_name: "RequestHeadersInserted"))
     SampledHTTPRequest.add_member(:response_code_sent, Shapes::ShapeRef.new(shape: ResponseStatusCode, location_name: "ResponseCodeSent"))
     SampledHTTPRequest.add_member(:labels, Shapes::ShapeRef.new(shape: Labels, location_name: "Labels"))
+    SampledHTTPRequest.add_member(:captcha_response, Shapes::ShapeRef.new(shape: CaptchaResponse, location_name: "CaptchaResponse"))
     SampledHTTPRequest.struct_class = Types::SampledHTTPRequest
 
     SampledHTTPRequests.member = Shapes::ShapeRef.new(shape: SampledHTTPRequest)
@@ -1110,6 +1136,7 @@ module Aws::WAFV2
     UpdateWebACLRequest.add_member(:visibility_config, Shapes::ShapeRef.new(shape: VisibilityConfig, required: true, location_name: "VisibilityConfig"))
     UpdateWebACLRequest.add_member(:lock_token, Shapes::ShapeRef.new(shape: LockToken, required: true, location_name: "LockToken"))
     UpdateWebACLRequest.add_member(:custom_response_bodies, Shapes::ShapeRef.new(shape: CustomResponseBodies, location_name: "CustomResponseBodies"))
+    UpdateWebACLRequest.add_member(:captcha_config, Shapes::ShapeRef.new(shape: CaptchaConfig, location_name: "CaptchaConfig"))
     UpdateWebACLRequest.struct_class = Types::UpdateWebACLRequest
 
     UpdateWebACLResponse.add_member(:next_lock_token, Shapes::ShapeRef.new(shape: LockToken, location_name: "NextLockToken"))
@@ -1193,6 +1220,7 @@ module Aws::WAFV2
     WebACL.add_member(:managed_by_firewall_manager, Shapes::ShapeRef.new(shape: Boolean, location_name: "ManagedByFirewallManager"))
     WebACL.add_member(:label_namespace, Shapes::ShapeRef.new(shape: LabelName, location_name: "LabelNamespace"))
     WebACL.add_member(:custom_response_bodies, Shapes::ShapeRef.new(shape: CustomResponseBodies, location_name: "CustomResponseBodies"))
+    WebACL.add_member(:captcha_config, Shapes::ShapeRef.new(shape: CaptchaConfig, location_name: "CaptchaConfig"))
     WebACL.struct_class = Types::WebACL
 
     WebACLSummaries.member = Shapes::ShapeRef.new(shape: WebACLSummary)

data/lib/aws-sdk-wafv2/types.rb

@@ -16,7 +16,7 @@ module Aws::WAFV2
     #   data as a hash:
     #
     #       {
-    #         action: "ALLOW", # required, accepts ALLOW, BLOCK, COUNT
+    #         action: "ALLOW", # required, accepts ALLOW, BLOCK, COUNT, CAPTCHA, EXCLUDED_AS_COUNT
     #       }
     #
     # @!attribute [rw] action
@@ -660,6 +660,125 @@ module Aws::WAFV2
       include Aws::Structure
     end
 
+    # Specifies that WAF should run a `CAPTCHA` check against the request:
+    #
+    # * If the request includes a valid, unexpired `CAPTCHA` token, WAF
+    #   allows the web request inspection to proceed to the next rule,
+    #   similar to a `CountAction`.
+    #
+    # * If the request doesn't include a valid, unexpired `CAPTCHA` token,
+    #   WAF discontinues the web ACL evaluation of the request and blocks it
+    #   from going to its intended destination.
+    #
+    #   WAF generates a response that it sends back to the client, which
+    #   includes the following:
+    #
+    #   * The header `x-amzn-waf-action` with a value of `captcha`.
+    #
+    #   * The HTTP status code `405 Method Not Allowed`.
+    #
+    #   * If the request contains an `Accept` header with a value of
+    #     `text/html`, the response includes a `CAPTCHA` challenge.
+    #
+    # You can configure the expiration time in the `CaptchaConfig`
+    # `ImmunityTimeProperty` setting at the rule and web ACL level. The rule
+    # setting overrides the web ACL setting.
+    #
+    # This action option is available for rules. It isn't available for web
+    # ACL default actions.
+    #
+    # This is used in the context of other settings, for example to specify
+    # values for RuleAction and web ACL DefaultAction.
+    #
+    # @note When making an API call, you may pass CaptchaAction
+    #   data as a hash:
+    #
+    #       {
+    #         custom_request_handling: {
+    #           insert_headers: [ # required
+    #             {
+    #               name: "CustomHTTPHeaderName", # required
+    #               value: "CustomHTTPHeaderValue", # required
+    #             },
+    #           ],
+    #         },
+    #       }
+    #
+    # @!attribute [rw] custom_request_handling
+    #   Defines custom handling for the web request.
+    #
+    #   For information about customizing web requests and responses, see
+    #   [Customizing web requests and responses in WAF][1] in the [WAF
+    #   Developer Guide][2].
+    #
+    #
+    #
+    #   [1]: https://docs.aws.amazon.com/waf/latest/developerguide/waf-custom-request-response.html
+    #   [2]: https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html
+    #   @return [Types::CustomRequestHandling]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/CaptchaAction AWS API Documentation
+    #
+    class CaptchaAction < Struct.new(
+      :custom_request_handling)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
+    # Specifies how WAF should handle `CAPTCHA` evaluations. This is
+    # available at the web ACL level and in each rule.
+    #
+    # @note When making an API call, you may pass CaptchaConfig
+    #   data as a hash:
+    #
+    #       {
+    #         immunity_time_property: {
+    #           immunity_time: 1, # required
+    #         },
+    #       }
+    #
+    # @!attribute [rw] immunity_time_property
+    #   Determines how long a `CAPTCHA` token remains valid after the client
+    #   successfully solves a `CAPTCHA` puzzle.
+    #   @return [Types::ImmunityTimeProperty]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/CaptchaConfig AWS API Documentation
+    #
+    class CaptchaConfig < Struct.new(
+      :immunity_time_property)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
+    # The result from the inspection of the web request for a valid
+    # `CAPTCHA` token.
+    #
+    # @!attribute [rw] response_code
+    #   The HTTP response code indicating the status of the `CAPTCHA` token
+    #   in the web request. If the token is missing, invalid, or expired,
+    #   this code is `405 Method Not Allowed`.
+    #   @return [Integer]
+    #
+    # @!attribute [rw] solve_timestamp
+    #   The time that the `CAPTCHA` puzzle was solved for the supplied
+    #   token.
+    #   @return [Integer]
+    #
+    # @!attribute [rw] failure_reason
+    #   The reason for failure, populated when the evaluation of the token
+    #   fails.
+    #   @return [String]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/CaptchaResponse AWS API Documentation
+    #
+    class CaptchaResponse < Struct.new(
+      :response_code,
+      :solve_timestamp,
+      :failure_reason)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
     # @note When making an API call, you may pass CheckCapacityRequest
     #   data as a hash:
     #
@@ -990,6 +1109,16 @@ module Aws::WAFV2
     #                   ],
     #                 },
     #               },
+    #               captcha: {
+    #                 custom_request_handling: {
+    #                   insert_headers: [ # required
+    #                     {
+    #                       name: "CustomHTTPHeaderName", # required
+    #                       value: "CustomHTTPHeaderValue", # required
+    #                     },
+    #                   ],
+    #                 },
+    #               },
     #             },
     #             override_action: {
     #               count: {
@@ -1015,6 +1144,11 @@ module Aws::WAFV2
     #               cloud_watch_metrics_enabled: false, # required
     #               metric_name: "MetricName", # required
     #             },
+    #             captcha_config: {
+    #               immunity_time_property: {
+    #                 immunity_time: 1, # required
+    #               },
+    #             },
     #           },
     #         ],
     #       }
@@ -1067,7 +1201,7 @@ module Aws::WAFV2
     #
     #       {
     #         action_condition: {
-    #           action: "ALLOW", # required, accepts ALLOW, BLOCK, COUNT
+    #           action: "ALLOW", # required, accepts ALLOW, BLOCK, COUNT, CAPTCHA, EXCLUDED_AS_COUNT
     #         },
     #         label_name_condition: {
     #           label_name: "LabelName", # required
@@ -1656,6 +1790,16 @@ module Aws::WAFV2
     #                   ],
     #                 },
     #               },
+    #               captcha: {
+    #                 custom_request_handling: {
+    #                   insert_headers: [ # required
+    #                     {
+    #                       name: "CustomHTTPHeaderName", # required
+    #                       value: "CustomHTTPHeaderValue", # required
+    #                     },
+    #                   ],
+    #                 },
+    #               },
     #             },
     #             override_action: {
     #               count: {
@@ -1681,6 +1825,11 @@ module Aws::WAFV2
     #               cloud_watch_metrics_enabled: false, # required
     #               metric_name: "MetricName", # required
     #             },
+    #             captcha_config: {
+    #               immunity_time_property: {
+    #                 immunity_time: 1, # required
+    #               },
+    #             },
     #           },
     #         ],
     #         visibility_config: { # required
@@ -2168,6 +2317,16 @@ module Aws::WAFV2
     #                   ],
     #                 },
     #               },
+    #               captcha: {
+    #                 custom_request_handling: {
+    #                   insert_headers: [ # required
+    #                     {
+    #                       name: "CustomHTTPHeaderName", # required
+    #                       value: "CustomHTTPHeaderValue", # required
+    #                     },
+    #                   ],
+    #                 },
+    #               },
     #             },
     #             override_action: {
     #               count: {
@@ -2193,6 +2352,11 @@ module Aws::WAFV2
     #               cloud_watch_metrics_enabled: false, # required
     #               metric_name: "MetricName", # required
     #             },
+    #             captcha_config: {
+    #               immunity_time_property: {
+    #                 immunity_time: 1, # required
+    #               },
+    #             },
     #           },
     #         ],
     #         visibility_config: { # required
@@ -2212,6 +2376,11 @@ module Aws::WAFV2
     #             content: "ResponseContent", # required
     #           },
     #         },
+    #         captcha_config: {
+    #           immunity_time_property: {
+    #             immunity_time: 1, # required
+    #           },
+    #         },
     #       }
     #
     # @!attribute [rw] name
@@ -2280,6 +2449,12 @@ module Aws::WAFV2
     #   [3]: https://docs.aws.amazon.com/waf/latest/developerguide/limits.html
     #   @return [Hash<String,Types::CustomResponseBody>]
     #
+    # @!attribute [rw] captcha_config
+    #   Specifies how WAF should handle `CAPTCHA` evaluations for rules that
+    #   don't have their own `CaptchaConfig` settings. If you don't
+    #   specify this, WAF uses its default settings for `CaptchaConfig`.
+    #   @return [Types::CaptchaConfig]
+    #
     # @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/CreateWebACLRequest AWS API Documentation
     #
     class CreateWebACLRequest < Struct.new(
@@ -2290,7 +2465,8 @@ module Aws::WAFV2
       :rules,
       :visibility_config,
       :tags,
-      :custom_response_bodies)
+      :custom_response_bodies,
+      :captcha_config)
       SENSITIVE = []
       include Aws::Structure
     end
@@ -3073,10 +3249,11 @@ module Aws::WAFV2
     #
     class DisassociateWebACLResponse < Aws::EmptyStructure; end
 
-    # Specifies a single rule to exclude from the rule group. Excluding a
-    # rule overrides its action setting for the rule group in the web ACL,
-    # setting it to `COUNT`. This effectively excludes the rule from acting
-    # on web requests.
+    # Specifies a single rule in a rule group whose action you want to
+    # override to `Count`. When you exclude a rule, WAF evaluates it exactly
+    # as it would if the rule action setting were `Count`. This is a useful
+    # option for testing the rules in a rule group without modifying how
+    # they handle your web traffic.
     #
     # @note When making an API call, you may pass ExcludedRule
     #   data as a hash:
@@ -3086,7 +3263,7 @@ module Aws::WAFV2
     #       }
     #
     # @!attribute [rw] name
-    #   The name of the rule to exclude.
+    #   The name of the rule whose action you want to override to `Count`.
     #   @return [String]
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/ExcludedRule AWS API Documentation
@@ -3241,7 +3418,7 @@ module Aws::WAFV2
     #         conditions: [ # required
     #           {
     #             action_condition: {
-    #               action: "ALLOW", # required, accepts ALLOW, BLOCK, COUNT
+    #               action: "ALLOW", # required, accepts ALLOW, BLOCK, COUNT, CAPTCHA, EXCLUDED_AS_COUNT
     #             },
     #             label_name_condition: {
     #               label_name: "LabelName", # required
@@ -3297,22 +3474,21 @@ module Aws::WAFV2
     #   @return [Types::FirewallManagerStatement]
     #
     # @!attribute [rw] override_action
-    #   The override action to apply to the rules in a rule group. Used only
-    #   for rule statements that reference a rule group, like
-    #   `RuleGroupReferenceStatement` and `ManagedRuleGroupStatement`.
-    #
-    #   Set the override action to none to leave the rule actions in effect.
-    #   Set it to count to only count matches, regardless of the rule action
-    #   settings.
+    #   The action to use in the place of the action that results from the
+    #   rule group evaluation. Set the override action to none to leave the
+    #   result of the rule group alone. Set it to count to override the
+    #   result to count only.
     #
-    #   In a Rule, you must specify either this `OverrideAction` setting or
-    #   the rule `Action` setting, but not both:
+    #   You can only use this for rule statements that reference a rule
+    #   group, like `RuleGroupReferenceStatement` and
+    #   `ManagedRuleGroupStatement`.
     #
-    #   * If the rule statement references a rule group, use this override
-    #     action setting and not the action setting.
+    #   <note markdown="1"> This option is usually set to none. It does not affect how the rules
+    #   in the rule group are evaluated. If you want the rules in the rule
+    #   group to only count matches, do not use this and instead exclude
+    #   those rules in your rule group reference statement settings.
     #
-    #   * If the rule statement does not reference a rule group, use the
-    #     rule action setting and not this rule override action setting.
+    #    </note>
     #   @return [Types::OverrideAction]
     #
     # @!attribute [rw] visibility_config
@@ -4443,6 +4619,29 @@ module Aws::WAFV2
       include Aws::Structure
     end
 
+    # Determines how long a `CAPTCHA` token remains valid after the client
+    # successfully solves a `CAPTCHA` puzzle.
+    #
+    # @note When making an API call, you may pass ImmunityTimeProperty
+    #   data as a hash:
+    #
+    #       {
+    #         immunity_time: 1, # required
+    #       }
+    #
+    # @!attribute [rw] immunity_time
+    #   The amount of time, in seconds, that a `CAPTCHA` token is valid. The
+    #   default setting is 300.
+    #   @return [Integer]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/ImmunityTimeProperty AWS API Documentation
+    #
+    class ImmunityTimeProperty < Struct.new(
+      :immunity_time)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
     # The body of a web request, inspected as JSON. The body immediately
     # follows the request headers. This is used in the FieldToMatch
     # specification.
@@ -4923,7 +5122,7 @@ module Aws::WAFV2
     #   data as a hash:
     #
     #       {
-    #         scope: "CLOUDFRONT", # accepts CLOUDFRONT, REGIONAL
+    #         scope: "CLOUDFRONT", # required, accepts CLOUDFRONT, REGIONAL
     #         next_marker: "NextMarker",
     #         limit: 1,
     #       }
@@ -5414,7 +5613,7 @@ module Aws::WAFV2
     #               conditions: [ # required
     #                 {
     #                   action_condition: {
-    #                     action: "ALLOW", # required, accepts ALLOW, BLOCK, COUNT
+    #                     action: "ALLOW", # required, accepts ALLOW, BLOCK, COUNT, CAPTCHA, EXCLUDED_AS_COUNT
     #                   },
     #                   label_name_condition: {
     #                     label_name: "LabelName", # required
@@ -5490,7 +5689,7 @@ module Aws::WAFV2
     #             conditions: [ # required
     #               {
     #                 action_condition: {
-    #                   action: "ALLOW", # required, accepts ALLOW, BLOCK, COUNT
+    #                   action: "ALLOW", # required, accepts ALLOW, BLOCK, COUNT, CAPTCHA, EXCLUDED_AS_COUNT
     #                 },
     #                 label_name_condition: {
     #                   label_name: "LabelName", # required
@@ -5850,9 +6049,11 @@ module Aws::WAFV2
     #   @return [String]
     #
     # @!attribute [rw] excluded_rules
-    #   The rules whose actions are set to `COUNT` by the web ACL,
-    #   regardless of the action that is set on the rule. This effectively
-    #   excludes the rule from acting on web requests.
+    #   The rules in the referenced rule group whose actions are set to
+    #   `Count`. When you exclude a rule, WAF evaluates it exactly as it
+    #   would if the rule action setting were `Count`. This is a useful
+    #   option for testing the rules in a rule group without modifying how
+    #   they handle your web traffic.
     #   @return [Array<Types::ExcludedRule>]
     #
     # @!attribute [rw] scope_down_statement
@@ -6174,9 +6375,9 @@ module Aws::WAFV2
     #
     class Method < Aws::EmptyStructure; end
 
-    # Specifies that WAF should do nothing. This is generally used to try
-    # out a rule without performing any actions. You set the
-    # `OverrideAction` on the Rule.
+    # Specifies that WAF should do nothing. This is used for the
+    # `OverrideAction` setting on a Rule when the rule uses a rule group
+    # reference statement.
     #
     # This is used in the context of other settings, for example to specify
     # values for RuleAction and web ACL DefaultAction.
@@ -6807,22 +7008,20 @@ module Aws::WAFV2
       include Aws::Structure
     end
 
-    # The override action to apply to the rules in a rule group. Used only
-    # for rule statements that reference a rule group, like
-    # `RuleGroupReferenceStatement` and `ManagedRuleGroupStatement`.
-    #
-    # Set the override action to none to leave the rule actions in effect.
-    # Set it to count to only count matches, regardless of the rule action
-    # settings.
+    # The action to use in the place of the action that results from the
+    # rule group evaluation. Set the override action to none to leave the
+    # result of the rule group alone. Set it to count to override the result
+    # to count only.
     #
-    # In a Rule, you must specify either this `OverrideAction` setting or
-    # the rule `Action` setting, but not both:
+    # You can only use this for rule statements that reference a rule group,
+    # like `RuleGroupReferenceStatement` and `ManagedRuleGroupStatement`.
     #
-    # * If the rule statement references a rule group, use this override
-    #   action setting and not the action setting.
+    # <note markdown="1"> This option is usually set to none. It does not affect how the rules
+    # in the rule group are evaluated. If you want the rules in the rule
+    # group to only count matches, do not use this and instead exclude those
+    # rules in your rule group reference statement settings.
     #
-    # * If the rule statement does not reference a rule group, use the rule
-    #   action setting and not this rule override action setting.
+    #  </note>
     #
     # @note When making an API call, you may pass OverrideAction
     #   data as a hash:
@@ -6843,11 +7042,19 @@ module Aws::WAFV2
     #       }
     #
     # @!attribute [rw] count
-    #   Override the rule action setting to count.
+    #   Override the rule group evaluation result to count only.
+    #
+    #   <note markdown="1"> This option is usually set to none. It does not affect how the rules
+    #   in the rule group are evaluated. If you want the rules in the rule
+    #   group to only count matches, do not use this and instead exclude
+    #   those rules in your rule group reference statement settings.
+    #
+    #    </note>
     #   @return [Types::CountAction]
     #
     # @!attribute [rw] none
-    #   Don't override the rule action setting.
+    #   Don't override the rule group evaluation result. This is the most
+    #   common setting.
     #   @return [Types::NoneAction]
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/OverrideAction AWS API Documentation
@@ -6904,7 +7111,7 @@ module Aws::WAFV2
     #                 conditions: [ # required
     #                   {
     #                     action_condition: {
-    #                       action: "ALLOW", # required, accepts ALLOW, BLOCK, COUNT
+    #                       action: "ALLOW", # required, accepts ALLOW, BLOCK, COUNT, CAPTCHA, EXCLUDED_AS_COUNT
     #                     },
     #                     label_name_condition: {
     #                       label_name: "LabelName", # required
@@ -8116,6 +8323,16 @@ module Aws::WAFV2
     #               ],
     #             },
     #           },
+    #           captcha: {
+    #             custom_request_handling: {
+    #               insert_headers: [ # required
+    #                 {
+    #                   name: "CustomHTTPHeaderName", # required
+    #                   value: "CustomHTTPHeaderValue", # required
+    #                 },
+    #               ],
+    #             },
+    #           },
     #         },
     #         override_action: {
     #           count: {
@@ -8141,6 +8358,11 @@ module Aws::WAFV2
     #           cloud_watch_metrics_enabled: false, # required
     #           metric_name: "MetricName", # required
     #         },
+    #         captcha_config: {
+    #           immunity_time_property: {
+    #             immunity_time: 1, # required
+    #           },
+    #         },
     #       }
     #
     # @!attribute [rw] name
@@ -8181,22 +8403,21 @@ module Aws::WAFV2
     #   @return [Types::RuleAction]
     #
     # @!attribute [rw] override_action
-    #   The override action to apply to the rules in a rule group. Used only
-    #   for rule statements that reference a rule group, like
-    #   `RuleGroupReferenceStatement` and `ManagedRuleGroupStatement`.
+    #   The action to use in the place of the action that results from the
+    #   rule group evaluation. Set the override action to none to leave the
+    #   result of the rule group alone. Set it to count to override the
+    #   result to count only.
     #
-    #   Set the override action to none to leave the rule actions in effect.
-    #   Set it to count to only count matches, regardless of the rule action
-    #   settings.
+    #   You can only use this for rule statements that reference a rule
+    #   group, like `RuleGroupReferenceStatement` and
+    #   `ManagedRuleGroupStatement`.
     #
-    #   In a Rule, you must specify either this `OverrideAction` setting or
-    #   the rule `Action` setting, but not both:
+    #   <note markdown="1"> This option is usually set to none. It does not affect how the rules
+    #   in the rule group are evaluated. If you want the rules in the rule
+    #   group to only count matches, do not use this and instead exclude
+    #   those rules in your rule group reference statement settings.
     #
-    #   * If the rule statement references a rule group, use this override
-    #     action setting and not the action setting.
-    #
-    #   * If the rule statement does not reference a rule group, use the
-    #     rule action setting and not this rule override action setting.
+    #    </note>
     #   @return [Types::OverrideAction]
     #
     # @!attribute [rw] rule_labels
@@ -8230,6 +8451,12 @@ module Aws::WAFV2
     #   collection.
     #   @return [Types::VisibilityConfig]
     #
+    # @!attribute [rw] captcha_config
+    #   Specifies how WAF should handle `CAPTCHA` evaluations. If you don't
+    #   specify this, WAF uses the `CAPTCHA` configuration that's defined
+    #   for the web ACL.
+    #   @return [Types::CaptchaConfig]
+    #
     # @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/Rule AWS API Documentation
     #
     class Rule < Struct.new(
@@ -8239,7 +8466,8 @@ module Aws::WAFV2
       :action,
       :override_action,
       :rule_labels,
-      :visibility_config)
+      :visibility_config,
+      :captcha_config)
       SENSITIVE = []
       include Aws::Structure
     end
@@ -8284,6 +8512,16 @@ module Aws::WAFV2
     #             ],
     #           },
     #         },
+    #         captcha: {
+    #           custom_request_handling: {
+    #             insert_headers: [ # required
+    #               {
+    #                 name: "CustomHTTPHeaderName", # required
+    #                 value: "CustomHTTPHeaderValue", # required
+    #               },
+    #             ],
+    #           },
+    #         },
     #       }
     #
     # @!attribute [rw] block
@@ -8298,12 +8536,17 @@ module Aws::WAFV2
     #   Instructs WAF to count the web request and allow it.
     #   @return [Types::CountAction]
     #
+    # @!attribute [rw] captcha
+    #   Instructs WAF to run a `CAPTCHA` check against the web request.
+    #   @return [Types::CaptchaAction]
+    #
     # @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/RuleAction AWS API Documentation
     #
     class RuleAction < Struct.new(
       :block,
       :allow,
-      :count)
+      :count,
+      :captcha)
       SENSITIVE = []
       include Aws::Structure
     end
@@ -8457,8 +8700,11 @@ module Aws::WAFV2
     #   @return [String]
     #
     # @!attribute [rw] excluded_rules
-    #   The names of rules that are in the referenced rule group, but that
-    #   you want WAF to exclude from processing for this rule statement.
+    #   The rules in the referenced rule group whose actions are set to
+    #   `Count`. When you exclude a rule, WAF evaluates it exactly as it
+    #   would if the rule action setting were `Count`. This is a useful
+    #   option for testing the rules in a rule group without modifying how
+    #   they handle your web traffic.
     #   @return [Array<Types::ExcludedRule>]
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/RuleGroupReferenceStatement AWS API Documentation
@@ -8567,8 +8813,8 @@ module Aws::WAFV2
     #   @return [Time]
     #
     # @!attribute [rw] action
-    #   The action for the `Rule` that the request matched: `ALLOW`,
-    #   `BLOCK`, or `COUNT`.
+    #   The action for the `Rule` that the request matched: `Allow`,
+    #   `Block`, or `Count`.
     #   @return [String]
     #
     # @!attribute [rw] rule_name_within_rule_group
@@ -8599,6 +8845,10 @@ module Aws::WAFV2
     #   or `awswaf:managed:aws:managed-rule-set:header:encoding:utf8`.
     #   @return [Array<Types::Label>]
     #
+    # @!attribute [rw] captcha_response
+    #   The `CAPTCHA` response for the request.
+    #   @return [Types::CaptchaResponse]
+    #
     # @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/SampledHTTPRequest AWS API Documentation
     #
     class SampledHTTPRequest < Struct.new(
@@ -8609,7 +8859,8 @@ module Aws::WAFV2
       :rule_name_within_rule_group,
       :request_headers_inserted,
       :response_code_sent,
-      :labels)
+      :labels,
+      :captcha_response)
       SENSITIVE = []
       include Aws::Structure
     end
@@ -11711,6 +11962,16 @@ module Aws::WAFV2
     #                   ],
     #                 },
     #               },
+    #               captcha: {
+    #                 custom_request_handling: {
+    #                   insert_headers: [ # required
+    #                     {
+    #                       name: "CustomHTTPHeaderName", # required
+    #                       value: "CustomHTTPHeaderValue", # required
+    #                     },
+    #                   ],
+    #                 },
+    #               },
     #             },
     #             override_action: {
     #               count: {
@@ -11736,6 +11997,11 @@ module Aws::WAFV2
     #               cloud_watch_metrics_enabled: false, # required
     #               metric_name: "MetricName", # required
     #             },
+    #             captcha_config: {
+    #               immunity_time_property: {
+    #                 immunity_time: 1, # required
+    #               },
+    #             },
     #           },
     #         ],
     #         visibility_config: { # required
@@ -12213,6 +12479,16 @@ module Aws::WAFV2
     #                   ],
     #                 },
     #               },
+    #               captcha: {
+    #                 custom_request_handling: {
+    #                   insert_headers: [ # required
+    #                     {
+    #                       name: "CustomHTTPHeaderName", # required
+    #                       value: "CustomHTTPHeaderValue", # required
+    #                     },
+    #                   ],
+    #                 },
+    #               },
     #             },
     #             override_action: {
     #               count: {
@@ -12238,6 +12514,11 @@ module Aws::WAFV2
     #               cloud_watch_metrics_enabled: false, # required
     #               metric_name: "MetricName", # required
     #             },
+    #             captcha_config: {
+    #               immunity_time_property: {
+    #                 immunity_time: 1, # required
+    #               },
+    #             },
     #           },
     #         ],
     #         visibility_config: { # required
@@ -12252,6 +12533,11 @@ module Aws::WAFV2
     #             content: "ResponseContent", # required
     #           },
     #         },
+    #         captcha_config: {
+    #           immunity_time_property: {
+    #             immunity_time: 1, # required
+    #           },
+    #         },
     #       }
     #
     # @!attribute [rw] name
@@ -12334,6 +12620,12 @@ module Aws::WAFV2
     #   [3]: https://docs.aws.amazon.com/waf/latest/developerguide/limits.html
     #   @return [Hash<String,Types::CustomResponseBody>]
     #
+    # @!attribute [rw] captcha_config
+    #   Specifies how WAF should handle `CAPTCHA` evaluations for rules that
+    #   don't have their own `CaptchaConfig` settings. If you don't
+    #   specify this, WAF uses its default settings for `CaptchaConfig`.
+    #   @return [Types::CaptchaConfig]
+    #
     # @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/UpdateWebACLRequest AWS API Documentation
     #
     class UpdateWebACLRequest < Struct.new(
@@ -12345,7 +12637,8 @@ module Aws::WAFV2
       :rules,
       :visibility_config,
       :lock_token,
-      :custom_response_bodies)
+      :custom_response_bodies,
+      :captcha_config)
       SENSITIVE = []
       include Aws::Structure
     end
@@ -12885,6 +13178,12 @@ module Aws::WAFV2
     #   [3]: https://docs.aws.amazon.com/waf/latest/developerguide/limits.html
     #   @return [Hash<String,Types::CustomResponseBody>]
     #
+    # @!attribute [rw] captcha_config
+    #   Specifies how WAF should handle `CAPTCHA` evaluations for rules that
+    #   don't have their own `CaptchaConfig` settings. If you don't
+    #   specify this, WAF uses its default settings for `CaptchaConfig`.
+    #   @return [Types::CaptchaConfig]
+    #
     # @see http://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/WebACL AWS API Documentation
     #
     class WebACL < Struct.new(
@@ -12900,7 +13199,8 @@ module Aws::WAFV2
       :post_process_firewall_manager_rule_groups,
       :managed_by_firewall_manager,
       :label_namespace,
-      :custom_response_bodies)
+      :custom_response_bodies,
+      :captcha_config)
       SENSITIVE = []
       include Aws::Structure
     end

data/lib/aws-sdk-wafv2.rb

@@ -48,6 +48,6 @@ require_relative 'aws-sdk-wafv2/customizations'
 # @!group service
 module Aws::WAFV2
 
-  GEM_VERSION = '1.29.0'
+  GEM_VERSION = '1.30.0'
 
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: aws-sdk-wafv2
 version: !ruby/object:Gem::Version
-  version: 1.29.0
+  version: 1.30.0
 platform: ruby
 authors:
 - Amazon Web Services
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2021-11-04 00:00:00.000000000 Z
+date: 2021-11-08 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: aws-sdk-core