@aws-sdk/client-wafv2 3.142.0 → 3.150.0

package/CHANGELOG.md

@@ -3,6 +3,33 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+# [3.150.0](https://github.com/aws/aws-sdk-js-v3/compare/v3.149.0...v3.150.0) (2022-08-15)
+
+**Note:** Version bump only for package @aws-sdk/client-wafv2
+
+
+
+
+
+# [3.145.0](https://github.com/aws/aws-sdk-js-v3/compare/v3.144.0...v3.145.0) (2022-08-08)
+
+**Note:** Version bump only for package @aws-sdk/client-wafv2
+
+
+
+
+
+# [3.143.0](https://github.com/aws/aws-sdk-js-v3/compare/v3.142.0...v3.143.0) (2022-08-03)
+
+
+### Features
+
+* **client-wafv2:** You can now associate an AWS WAF web ACL with an Amazon Cognito user pool. ([81aeece](https://github.com/aws/aws-sdk-js-v3/commit/81aeeceae2444f9a8cd0ae933f5645bf83f0ab5e))
+
+
+
+
+
 # [3.142.0](https://github.com/aws/aws-sdk-js-v3/compare/v3.141.0...v3.142.0) (2022-08-02)
 
 

package/README.md

@@ -25,11 +25,11 @@ have retained the prior names, endpoints, and namespaces. </p>
 see the <a href="https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html">WAF Developer Guide</a>. </p>
 </note>
 <p>WAF is a web application firewall that lets you monitor the HTTP and HTTPS
-requests that are forwarded to Amazon CloudFront, an Amazon API Gateway REST API, an Application Load Balancer, or an AppSync
-GraphQL API. WAF also lets you control access to your content. Based on criteria that
+requests that are forwarded to Amazon CloudFront, an Amazon API Gateway REST API, an Application Load Balancer, an AppSync
+GraphQL API, or an Amazon Cognito user pool. WAF also lets you control access to your content. Based on conditions that
 you specify, such as the IP addresses that requests originate from or the values of query
-strings, the Amazon API Gateway REST API, CloudFront distribution, the Application Load Balancer, or the AppSync GraphQL
-API responds to requests either with the requested content or with an HTTP 403 status code
+strings, the Amazon API Gateway REST API, CloudFront distribution, the Application Load Balancer, the AppSync GraphQL
+API, or the Amazon Cognito user pool responds to requests either with the requested content or with an HTTP 403 status code
 (Forbidden). You also can configure CloudFront to return a custom error page when a request is
 blocked.</p>
 <p>This API guide is for developers who need detailed information about WAF API actions,
@@ -40,7 +40,7 @@ Guide</a>.</p>
 <ul>
 <li>
 <p>For regional applications, you can use any of the endpoints in the list.
-A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, or an AppSync GraphQL API. </p>
+A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, an AppSync GraphQL API, or an Amazon Cognito user pool. </p>
 </li>
 <li>
 <p>For Amazon CloudFront applications, you must use the API endpoint listed for

package/dist-cjs/models/models_0.js

@@ -682,6 +682,7 @@ var ResourceType;
     ResourceType["API_GATEWAY"] = "API_GATEWAY";
     ResourceType["APPLICATION_LOAD_BALANCER"] = "APPLICATION_LOAD_BALANCER";
     ResourceType["APPSYNC"] = "APPSYNC";
+    ResourceType["COGNITIO_USER_POOL"] = "COGNITO_USER_POOL";
 })(ResourceType = exports.ResourceType || (exports.ResourceType = {}));
 class WAFLogDestinationPermissionIssueException extends WAFV2ServiceException_1.WAFV2ServiceException {
     constructor(opts) {

package/dist-cjs/protocols/Aws_json1_1.js

@@ -559,6 +559,9 @@ const deserializeAws_json1_1CheckCapacityCommandError = async (output, context)
         case "WAFInternalErrorException":
         case "com.amazonaws.wafv2#WAFInternalErrorException":
             throw await deserializeAws_json1_1WAFInternalErrorExceptionResponse(parsedOutput, context);
+        case "WAFInvalidOperationException":
+        case "com.amazonaws.wafv2#WAFInvalidOperationException":
+            throw await deserializeAws_json1_1WAFInvalidOperationExceptionResponse(parsedOutput, context);
         case "WAFInvalidParameterException":
         case "com.amazonaws.wafv2#WAFInvalidParameterException":
             throw await deserializeAws_json1_1WAFInvalidParameterExceptionResponse(parsedOutput, context);

package/dist-es/models/models_0.js

@@ -661,6 +661,7 @@ export var ResourceType;
     ResourceType["API_GATEWAY"] = "API_GATEWAY";
     ResourceType["APPLICATION_LOAD_BALANCER"] = "APPLICATION_LOAD_BALANCER";
     ResourceType["APPSYNC"] = "APPSYNC";
+    ResourceType["COGNITIO_USER_POOL"] = "COGNITO_USER_POOL";
 })(ResourceType || (ResourceType = {}));
 var WAFLogDestinationPermissionIssueException = (function (_super) {
     __extends(WAFLogDestinationPermissionIssueException, _super);

package/dist-es/protocols/Aws_json1_1.js

@@ -634,37 +634,41 @@ var deserializeAws_json1_1CheckCapacityCommandError = function (output, context)
                     case "com.amazonaws.wafv2#WAFExpiredManagedRuleGroupVersionException": return [3, 2];
                     case "WAFInternalErrorException": return [3, 4];
                     case "com.amazonaws.wafv2#WAFInternalErrorException": return [3, 4];
-                    case "WAFInvalidParameterException": return [3, 6];
-                    case "com.amazonaws.wafv2#WAFInvalidParameterException": return [3, 6];
-                    case "WAFInvalidResourceException": return [3, 8];
-                    case "com.amazonaws.wafv2#WAFInvalidResourceException": return [3, 8];
-                    case "WAFLimitsExceededException": return [3, 10];
-                    case "com.amazonaws.wafv2#WAFLimitsExceededException": return [3, 10];
-                    case "WAFNonexistentItemException": return [3, 12];
-                    case "com.amazonaws.wafv2#WAFNonexistentItemException": return [3, 12];
-                    case "WAFSubscriptionNotFoundException": return [3, 14];
-                    case "com.amazonaws.wafv2#WAFSubscriptionNotFoundException": return [3, 14];
-                    case "WAFUnavailableEntityException": return [3, 16];
-                    case "com.amazonaws.wafv2#WAFUnavailableEntityException": return [3, 16];
+                    case "WAFInvalidOperationException": return [3, 6];
+                    case "com.amazonaws.wafv2#WAFInvalidOperationException": return [3, 6];
+                    case "WAFInvalidParameterException": return [3, 8];
+                    case "com.amazonaws.wafv2#WAFInvalidParameterException": return [3, 8];
+                    case "WAFInvalidResourceException": return [3, 10];
+                    case "com.amazonaws.wafv2#WAFInvalidResourceException": return [3, 10];
+                    case "WAFLimitsExceededException": return [3, 12];
+                    case "com.amazonaws.wafv2#WAFLimitsExceededException": return [3, 12];
+                    case "WAFNonexistentItemException": return [3, 14];
+                    case "com.amazonaws.wafv2#WAFNonexistentItemException": return [3, 14];
+                    case "WAFSubscriptionNotFoundException": return [3, 16];
+                    case "com.amazonaws.wafv2#WAFSubscriptionNotFoundException": return [3, 16];
+                    case "WAFUnavailableEntityException": return [3, 18];
+                    case "com.amazonaws.wafv2#WAFUnavailableEntityException": return [3, 18];
                 }
-                return [3, 18];
+                return [3, 20];
             case 2: return [4, deserializeAws_json1_1WAFExpiredManagedRuleGroupVersionExceptionResponse(parsedOutput, context)];
             case 3: throw _d.sent();
             case 4: return [4, deserializeAws_json1_1WAFInternalErrorExceptionResponse(parsedOutput, context)];
             case 5: throw _d.sent();
-            case 6: return [4, deserializeAws_json1_1WAFInvalidParameterExceptionResponse(parsedOutput, context)];
+            case 6: return [4, deserializeAws_json1_1WAFInvalidOperationExceptionResponse(parsedOutput, context)];
             case 7: throw _d.sent();
-            case 8: return [4, deserializeAws_json1_1WAFInvalidResourceExceptionResponse(parsedOutput, context)];
+            case 8: return [4, deserializeAws_json1_1WAFInvalidParameterExceptionResponse(parsedOutput, context)];
             case 9: throw _d.sent();
-            case 10: return [4, deserializeAws_json1_1WAFLimitsExceededExceptionResponse(parsedOutput, context)];
+            case 10: return [4, deserializeAws_json1_1WAFInvalidResourceExceptionResponse(parsedOutput, context)];
             case 11: throw _d.sent();
-            case 12: return [4, deserializeAws_json1_1WAFNonexistentItemExceptionResponse(parsedOutput, context)];
+            case 12: return [4, deserializeAws_json1_1WAFLimitsExceededExceptionResponse(parsedOutput, context)];
             case 13: throw _d.sent();
-            case 14: return [4, deserializeAws_json1_1WAFSubscriptionNotFoundExceptionResponse(parsedOutput, context)];
+            case 14: return [4, deserializeAws_json1_1WAFNonexistentItemExceptionResponse(parsedOutput, context)];
             case 15: throw _d.sent();
-            case 16: return [4, deserializeAws_json1_1WAFUnavailableEntityExceptionResponse(parsedOutput, context)];
+            case 16: return [4, deserializeAws_json1_1WAFSubscriptionNotFoundExceptionResponse(parsedOutput, context)];
             case 17: throw _d.sent();
-            case 18:
+            case 18: return [4, deserializeAws_json1_1WAFUnavailableEntityExceptionResponse(parsedOutput, context)];
+            case 19: throw _d.sent();
+            case 20:
                 parsedBody = parsedOutput.body;
                 throwDefaultError({
                     output: output,
@@ -672,8 +676,8 @@ var deserializeAws_json1_1CheckCapacityCommandError = function (output, context)
                     exceptionCtor: __BaseException,
                     errorCode: errorCode,
                 });
-                _d.label = 19;
-            case 19: return [2];
+                _d.label = 21;
+            case 21: return [2];
         }
     });
 }); };

package/dist-types/WAFV2.d.ts

@@ -64,11 +64,11 @@ import { WAFV2Client } from "./WAFV2Client";
  *             see the <a href="https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html">WAF Developer Guide</a>. </p>
  *          </note>
  *          <p>WAF is a web application firewall that lets you monitor the HTTP and HTTPS
- *          requests that are forwarded to Amazon CloudFront, an Amazon API Gateway REST API, an Application Load Balancer, or an AppSync
- *          GraphQL API. WAF also lets you control access to your content. Based on criteria that
+ *          requests that are forwarded to Amazon CloudFront, an Amazon API Gateway REST API, an Application Load Balancer, an AppSync
+ *          GraphQL API, or an Amazon Cognito user pool. WAF also lets you control access to your content. Based on conditions that
  *          you specify, such as the IP addresses that requests originate from or the values of query
- *          strings, the Amazon API Gateway REST API, CloudFront distribution, the Application Load Balancer, or the AppSync GraphQL
- *          API responds to requests either with the requested content or with an HTTP 403 status code
+ *          strings, the Amazon API Gateway REST API, CloudFront distribution, the Application Load Balancer, the AppSync GraphQL
+ *          API, or the Amazon Cognito user pool responds to requests either with the requested content or with an HTTP 403 status code
  *          (Forbidden). You also can configure CloudFront to return a custom error page when a request is
  *          blocked.</p>
  *          <p>This API guide is for developers who need detailed information about WAF API actions,
@@ -79,7 +79,7 @@ import { WAFV2Client } from "./WAFV2Client";
  *          <ul>
  *             <li>
  *                <p>For regional applications, you can use any of the endpoints in the list.
- *                A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, or an AppSync GraphQL API. </p>
+ *                A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, an AppSync GraphQL API, or an Amazon Cognito user pool. </p>
  *             </li>
  *             <li>
  *                <p>For Amazon CloudFront applications, you must use the API endpoint listed for
@@ -112,7 +112,7 @@ import { WAFV2Client } from "./WAFV2Client";
 export declare class WAFV2 extends WAFV2Client {
     /**
      * <p>Associates a web ACL with a regional application resource, to protect the resource.
-     *          A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, or an AppSync GraphQL API.  </p>
+     *          A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, an AppSync GraphQL API, or an Amazon Cognito user pool.  </p>
      *          <p>For Amazon CloudFront, don't use this call. Instead, use your CloudFront distribution configuration. To
      *          associate a web ACL, in the CloudFront call <code>UpdateDistribution</code>, set the web ACL ID
      *          to the Amazon Resource Name (ARN) of the web ACL. For information, see <a href="https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_UpdateDistribution.html">UpdateDistribution</a>.</p>
@@ -164,7 +164,7 @@ export declare class WAFV2 extends WAFV2Client {
     createRuleGroup(args: CreateRuleGroupCommandInput, options: __HttpHandlerOptions, cb: (err: any, data?: CreateRuleGroupCommandOutput) => void): void;
     /**
      * <p>Creates a <a>WebACL</a> per the specifications provided.</p>
-     *          <p> A web ACL defines a collection of rules to use to inspect and control web requests. Each rule has an action defined (allow, block, or count) for requests that match the statement of the rule. In the web ACL, you assign a default action to take (allow, block) for any request that does not match any of the rules. The rules in a web ACL can be a combination of the types <a>Rule</a>, <a>RuleGroup</a>, and managed rule group. You can associate a web ACL with one or more Amazon Web Services resources to protect. The resources can be an Amazon CloudFront distribution, an Amazon API Gateway REST API, an Application Load Balancer, or an AppSync GraphQL API.  </p>
+     *          <p> A web ACL defines a collection of rules to use to inspect and control web requests. Each rule has an action defined (allow, block, or count) for requests that match the statement of the rule. In the web ACL, you assign a default action to take (allow, block) for any request that does not match any of the rules. The rules in a web ACL can be a combination of the types <a>Rule</a>, <a>RuleGroup</a>, and managed rule group. You can associate a web ACL with one or more Amazon Web Services resources to protect. The resources can be an Amazon CloudFront distribution, an Amazon API Gateway REST API, an Application Load Balancer, an AppSync GraphQL API, or an Amazon Cognito user pool.  </p>
      */
     createWebACL(args: CreateWebACLCommandInput, options?: __HttpHandlerOptions): Promise<CreateWebACLCommandOutput>;
     createWebACL(args: CreateWebACLCommandInput, cb: (err: any, data?: CreateWebACLCommandOutput) => void): void;
@@ -255,7 +255,7 @@ export declare class WAFV2 extends WAFV2Client {
     describeManagedRuleGroup(args: DescribeManagedRuleGroupCommandInput, options: __HttpHandlerOptions, cb: (err: any, data?: DescribeManagedRuleGroupCommandOutput) => void): void;
     /**
      * <p>Disassociates the specified regional application resource from any existing web ACL
-     *          association. A resource can have at most one web ACL association. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, or an AppSync GraphQL API.  </p>
+     *          association. A resource can have at most one web ACL association. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, an AppSync GraphQL API, or an Amazon Cognito user pool.  </p>
      *          <p>For Amazon CloudFront, don't use this call. Instead, use your CloudFront distribution configuration. To
      *          disassociate a web ACL, provide an empty web ACL ID in the CloudFront call
      *             <code>UpdateDistribution</code>. For information, see <a href="https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_UpdateDistribution.html">UpdateDistribution</a>.</p>
@@ -604,7 +604,7 @@ export declare class WAFV2 extends WAFV2Client {
      *          <note>
      *             <p>This operation completely replaces the mutable specifications that you already have for the web ACL with the ones that you provide to this call. To modify the web ACL, retrieve it by calling <a>GetWebACL</a>, update the settings as needed, and then provide the complete web ACL specification to this call.</p>
      *          </note>
-     *          <p> A web ACL defines a collection of rules to use to inspect and control web requests. Each rule has an action defined (allow, block, or count) for requests that match the statement of the rule. In the web ACL, you assign a default action to take (allow, block) for any request that does not match any of the rules. The rules in a web ACL can be a combination of the types <a>Rule</a>, <a>RuleGroup</a>, and managed rule group. You can associate a web ACL with one or more Amazon Web Services resources to protect. The resources can be an Amazon CloudFront distribution, an Amazon API Gateway REST API, an Application Load Balancer, or an AppSync GraphQL API.  </p>
+     *          <p> A web ACL defines a collection of rules to use to inspect and control web requests. Each rule has an action defined (allow, block, or count) for requests that match the statement of the rule. In the web ACL, you assign a default action to take (allow, block) for any request that does not match any of the rules. The rules in a web ACL can be a combination of the types <a>Rule</a>, <a>RuleGroup</a>, and managed rule group. You can associate a web ACL with one or more Amazon Web Services resources to protect. The resources can be an Amazon CloudFront distribution, an Amazon API Gateway REST API, an Application Load Balancer, an AppSync GraphQL API, or an Amazon Cognito user pool.  </p>
      */
     updateWebACL(args: UpdateWebACLCommandInput, options?: __HttpHandlerOptions): Promise<UpdateWebACLCommandOutput>;
     updateWebACL(args: UpdateWebACLCommandInput, cb: (err: any, data?: UpdateWebACLCommandOutput) => void): void;

package/dist-types/WAFV2Client.d.ts

@@ -189,11 +189,11 @@ export interface WAFV2ClientResolvedConfig extends WAFV2ClientResolvedConfigType
  *             see the <a href="https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html">WAF Developer Guide</a>. </p>
  *          </note>
  *          <p>WAF is a web application firewall that lets you monitor the HTTP and HTTPS
- *          requests that are forwarded to Amazon CloudFront, an Amazon API Gateway REST API, an Application Load Balancer, or an AppSync
- *          GraphQL API. WAF also lets you control access to your content. Based on criteria that
+ *          requests that are forwarded to Amazon CloudFront, an Amazon API Gateway REST API, an Application Load Balancer, an AppSync
+ *          GraphQL API, or an Amazon Cognito user pool. WAF also lets you control access to your content. Based on conditions that
  *          you specify, such as the IP addresses that requests originate from or the values of query
- *          strings, the Amazon API Gateway REST API, CloudFront distribution, the Application Load Balancer, or the AppSync GraphQL
- *          API responds to requests either with the requested content or with an HTTP 403 status code
+ *          strings, the Amazon API Gateway REST API, CloudFront distribution, the Application Load Balancer, the AppSync GraphQL
+ *          API, or the Amazon Cognito user pool responds to requests either with the requested content or with an HTTP 403 status code
  *          (Forbidden). You also can configure CloudFront to return a custom error page when a request is
  *          blocked.</p>
  *          <p>This API guide is for developers who need detailed information about WAF API actions,
@@ -204,7 +204,7 @@ export interface WAFV2ClientResolvedConfig extends WAFV2ClientResolvedConfigType
  *          <ul>
  *             <li>
  *                <p>For regional applications, you can use any of the endpoints in the list.
- *                A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, or an AppSync GraphQL API. </p>
+ *                A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, an AppSync GraphQL API, or an Amazon Cognito user pool. </p>
  *             </li>
  *             <li>
  *                <p>For Amazon CloudFront applications, you must use the API endpoint listed for

package/dist-types/commands/AssociateWebACLCommand.d.ts

@@ -8,7 +8,7 @@ export interface AssociateWebACLCommandOutput extends AssociateWebACLResponse, _
 }
 /**
  * <p>Associates a web ACL with a regional application resource, to protect the resource.
- *          A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, or an AppSync GraphQL API.  </p>
+ *          A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, an AppSync GraphQL API, or an Amazon Cognito user pool.  </p>
  *          <p>For Amazon CloudFront, don't use this call. Instead, use your CloudFront distribution configuration. To
  *          associate a web ACL, in the CloudFront call <code>UpdateDistribution</code>, set the web ACL ID
  *          to the Amazon Resource Name (ARN) of the web ACL. For information, see <a href="https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_UpdateDistribution.html">UpdateDistribution</a>.</p>

package/dist-types/commands/CreateWebACLCommand.d.ts

@@ -8,7 +8,7 @@ export interface CreateWebACLCommandOutput extends CreateWebACLResponse, __Metad
 }
 /**
  * <p>Creates a <a>WebACL</a> per the specifications provided.</p>
- *          <p> A web ACL defines a collection of rules to use to inspect and control web requests. Each rule has an action defined (allow, block, or count) for requests that match the statement of the rule. In the web ACL, you assign a default action to take (allow, block) for any request that does not match any of the rules. The rules in a web ACL can be a combination of the types <a>Rule</a>, <a>RuleGroup</a>, and managed rule group. You can associate a web ACL with one or more Amazon Web Services resources to protect. The resources can be an Amazon CloudFront distribution, an Amazon API Gateway REST API, an Application Load Balancer, or an AppSync GraphQL API.  </p>
+ *          <p> A web ACL defines a collection of rules to use to inspect and control web requests. Each rule has an action defined (allow, block, or count) for requests that match the statement of the rule. In the web ACL, you assign a default action to take (allow, block) for any request that does not match any of the rules. The rules in a web ACL can be a combination of the types <a>Rule</a>, <a>RuleGroup</a>, and managed rule group. You can associate a web ACL with one or more Amazon Web Services resources to protect. The resources can be an Amazon CloudFront distribution, an Amazon API Gateway REST API, an Application Load Balancer, an AppSync GraphQL API, or an Amazon Cognito user pool.  </p>
  * @example
  * Use a bare-bones client and the command you need to make an API call.
  * ```javascript

package/dist-types/commands/DisassociateWebACLCommand.d.ts

@@ -8,7 +8,7 @@ export interface DisassociateWebACLCommandOutput extends DisassociateWebACLRespo
 }
 /**
  * <p>Disassociates the specified regional application resource from any existing web ACL
- *          association. A resource can have at most one web ACL association. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, or an AppSync GraphQL API.  </p>
+ *          association. A resource can have at most one web ACL association. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, an AppSync GraphQL API, or an Amazon Cognito user pool.  </p>
  *          <p>For Amazon CloudFront, don't use this call. Instead, use your CloudFront distribution configuration. To
  *          disassociate a web ACL, provide an empty web ACL ID in the CloudFront call
  *             <code>UpdateDistribution</code>. For information, see <a href="https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_UpdateDistribution.html">UpdateDistribution</a>.</p>

package/dist-types/commands/UpdateWebACLCommand.d.ts

@@ -14,7 +14,7 @@ export interface UpdateWebACLCommandOutput extends UpdateWebACLResponse, __Metad
  *          <note>
  *             <p>This operation completely replaces the mutable specifications that you already have for the web ACL with the ones that you provide to this call. To modify the web ACL, retrieve it by calling <a>GetWebACL</a>, update the settings as needed, and then provide the complete web ACL specification to this call.</p>
  *          </note>
- *          <p> A web ACL defines a collection of rules to use to inspect and control web requests. Each rule has an action defined (allow, block, or count) for requests that match the statement of the rule. In the web ACL, you assign a default action to take (allow, block) for any request that does not match any of the rules. The rules in a web ACL can be a combination of the types <a>Rule</a>, <a>RuleGroup</a>, and managed rule group. You can associate a web ACL with one or more Amazon Web Services resources to protect. The resources can be an Amazon CloudFront distribution, an Amazon API Gateway REST API, an Application Load Balancer, or an AppSync GraphQL API.  </p>
+ *          <p> A web ACL defines a collection of rules to use to inspect and control web requests. Each rule has an action defined (allow, block, or count) for requests that match the statement of the rule. In the web ACL, you assign a default action to take (allow, block) for any request that does not match any of the rules. The rules in a web ACL can be a combination of the types <a>Rule</a>, <a>RuleGroup</a>, and managed rule group. You can associate a web ACL with one or more Amazon Web Services resources to protect. The resources can be an Amazon CloudFront distribution, an Amazon API Gateway REST API, an Application Load Balancer, an AppSync GraphQL API, or an Amazon Cognito user pool.  </p>
  * @example
  * Use a bare-bones client and the command you need to make an API call.
  * ```javascript

package/dist-types/models/models_0.d.ts

@@ -1330,6 +1330,7 @@ export interface UsernameField {
  *          <p>Use this for the account takeover prevention managed rule group
  *       <code>AWSManagedRulesATPRuleSet</code>, to provide information about the sign-in page of your application. </p>
  *          <p>You can provide multiple individual <code>ManagedRuleGroupConfig</code> objects for any rule group configuration, for example <code>UsernameField</code> and <code>PasswordField</code>. The configuration that you provide depends on the needs of the managed rule group. For the ATP managed rule group, you provide the following individual configuration objects: <code>LoginPath</code>, <code>PasswordField</code>, <code>PayloadType</code> and <code>UsernameField</code>.</p>
+ *          <p>For example specifications, see the examples section of <a>CreateWebACL</a>.</p>
  */
 export interface ManagedRuleGroupConfig {
     /**
@@ -1522,6 +1523,11 @@ export interface AssociateWebACLRequest {
      *                   </code>
      *                </p>
      *             </li>
+     *             <li>
+     *                <p>For an Amazon Cognito user pool: <code>arn:aws:cognito-idp:<i>region</i>:<i>account-id</i>:userpool/<i>user-pool-id</i>
+     *                   </code>
+     *                </p>
+     *             </li>
      *          </ul>
      */
     ResourceArn: string | undefined;
@@ -1988,7 +1994,7 @@ export interface CreateIPSetRequest {
      */
     Name: string | undefined;
     /**
-     * <p>Specifies whether this is for an Amazon CloudFront distribution or for a regional application. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, or an AppSync GraphQL API.  </p>
+     * <p>Specifies whether this is for an Amazon CloudFront distribution or for a regional application. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, an AppSync GraphQL API, or an Amazon Cognito user pool.  </p>
      *          <p>To work with CloudFront, you must also specify the Region US East (N. Virginia) as follows: </p>
      *          <ul>
      *             <li>
@@ -2150,7 +2156,7 @@ export interface CreateRegexPatternSetRequest {
      */
     Name: string | undefined;
     /**
-     * <p>Specifies whether this is for an Amazon CloudFront distribution or for a regional application. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, or an AppSync GraphQL API.  </p>
+     * <p>Specifies whether this is for an Amazon CloudFront distribution or for a regional application. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, an AppSync GraphQL API, or an Amazon Cognito user pool.  </p>
      *          <p>To work with CloudFront, you must also specify the Region US East (N. Virginia) as follows: </p>
      *          <ul>
      *             <li>
@@ -2352,7 +2358,7 @@ export interface DeleteIPSetRequest {
      */
     Name: string | undefined;
     /**
-     * <p>Specifies whether this is for an Amazon CloudFront distribution or for a regional application. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, or an AppSync GraphQL API.  </p>
+     * <p>Specifies whether this is for an Amazon CloudFront distribution or for a regional application. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, an AppSync GraphQL API, or an Amazon Cognito user pool.  </p>
      *          <p>To work with CloudFront, you must also specify the Region US East (N. Virginia) as follows: </p>
      *          <ul>
      *             <li>
@@ -2378,9 +2384,6 @@ export interface DeleteIPSetResponse {
 /**
  * <p>WAF couldn’t perform the operation because your resource is being used by another
  *          resource or it’s associated with another resource. </p>
- *          <p>For <code>DeleteWebACL</code>, you will only get this exception if the web ACL is still
- *          associated with a regional resource. Deleting a web ACL that is still associated with an
- *          Amazon CloudFront distribution won't get this exception. </p>
  */
 export declare class WAFAssociatedItemException extends __BaseException {
     readonly name: "WAFAssociatedItemException";
@@ -2415,7 +2418,7 @@ export interface DeleteRegexPatternSetRequest {
      */
     Name: string | undefined;
     /**
-     * <p>Specifies whether this is for an Amazon CloudFront distribution or for a regional application. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, or an AppSync GraphQL API.  </p>
+     * <p>Specifies whether this is for an Amazon CloudFront distribution or for a regional application. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, an AppSync GraphQL API, or an Amazon Cognito user pool.  </p>
      *          <p>To work with CloudFront, you must also specify the Region US East (N. Virginia) as follows: </p>
      *          <ul>
      *             <li>
@@ -2444,7 +2447,7 @@ export interface DeleteRuleGroupRequest {
      */
     Name: string | undefined;
     /**
-     * <p>Specifies whether this is for an Amazon CloudFront distribution or for a regional application. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, or an AppSync GraphQL API.  </p>
+     * <p>Specifies whether this is for an Amazon CloudFront distribution or for a regional application. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, an AppSync GraphQL API, or an Amazon Cognito user pool.  </p>
      *          <p>To work with CloudFront, you must also specify the Region US East (N. Virginia) as follows: </p>
      *          <ul>
      *             <li>
@@ -2473,7 +2476,7 @@ export interface DeleteWebACLRequest {
      */
     Name: string | undefined;
     /**
-     * <p>Specifies whether this is for an Amazon CloudFront distribution or for a regional application. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, or an AppSync GraphQL API.  </p>
+     * <p>Specifies whether this is for an Amazon CloudFront distribution or for a regional application. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, an AppSync GraphQL API, or an Amazon Cognito user pool.  </p>
      *          <p>To work with CloudFront, you must also specify the Region US East (N. Virginia) as follows: </p>
      *          <ul>
      *             <li>
@@ -2506,7 +2509,7 @@ export interface DescribeManagedRuleGroupRequest {
      */
     Name: string | undefined;
     /**
-     * <p>Specifies whether this is for an Amazon CloudFront distribution or for a regional application. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, or an AppSync GraphQL API.  </p>
+     * <p>Specifies whether this is for an Amazon CloudFront distribution or for a regional application. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, an AppSync GraphQL API, or an Amazon Cognito user pool.  </p>
      *          <p>To work with CloudFront, you must also specify the Region US East (N. Virginia) as follows: </p>
      *          <ul>
      *             <li>
@@ -2633,6 +2636,11 @@ export interface DisassociateWebACLRequest {
      *                   </code>
      *                </p>
      *             </li>
+     *             <li>
+     *                <p>For an Amazon Cognito user pool: <code>arn:aws:cognito-idp:<i>region</i>:<i>account-id</i>:userpool/<i>user-pool-id</i>
+     *                   </code>
+     *                </p>
+     *             </li>
      *          </ul>
      */
     ResourceArn: string | undefined;
@@ -2666,7 +2674,7 @@ export interface GetIPSetRequest {
      */
     Name: string | undefined;
     /**
-     * <p>Specifies whether this is for an Amazon CloudFront distribution or for a regional application. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, or an AppSync GraphQL API.  </p>
+     * <p>Specifies whether this is for an Amazon CloudFront distribution or for a regional application. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, an AppSync GraphQL API, or an Amazon Cognito user pool.  </p>
      *          <p>To work with CloudFront, you must also specify the Region US East (N. Virginia) as follows: </p>
      *          <ul>
      *             <li>
@@ -2917,7 +2925,7 @@ export interface GetManagedRuleSetRequest {
      */
     Name: string | undefined;
     /**
-     * <p>Specifies whether this is for an Amazon CloudFront distribution or for a regional application. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, or an AppSync GraphQL API.  </p>
+     * <p>Specifies whether this is for an Amazon CloudFront distribution or for a regional application. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, an AppSync GraphQL API, or an Amazon Cognito user pool.  </p>
      *          <p>To work with CloudFront, you must also specify the Region US East (N. Virginia) as follows: </p>
      *          <ul>
      *             <li>
@@ -3098,7 +3106,7 @@ export interface GetPermissionPolicyResponse {
 }
 export interface GetRateBasedStatementManagedKeysRequest {
     /**
-     * <p>Specifies whether this is for an Amazon CloudFront distribution or for a regional application. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, or an AppSync GraphQL API.  </p>
+     * <p>Specifies whether this is for an Amazon CloudFront distribution or for a regional application. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, an AppSync GraphQL API, or an Amazon Cognito user pool.  </p>
      *          <p>To work with CloudFront, you must also specify the Region US East (N. Virginia) as follows: </p>
      *          <ul>
      *             <li>
@@ -3159,7 +3167,7 @@ export interface GetRegexPatternSetRequest {
      */
     Name: string | undefined;
     /**
-     * <p>Specifies whether this is for an Amazon CloudFront distribution or for a regional application. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, or an AppSync GraphQL API.  </p>
+     * <p>Specifies whether this is for an Amazon CloudFront distribution or for a regional application. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, an AppSync GraphQL API, or an Amazon Cognito user pool.  </p>
      *          <p>To work with CloudFront, you must also specify the Region US East (N. Virginia) as follows: </p>
      *          <ul>
      *             <li>
@@ -3219,7 +3227,7 @@ export interface GetRuleGroupRequest {
      */
     Name?: string;
     /**
-     * <p>Specifies whether this is for an Amazon CloudFront distribution or for a regional application. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, or an AppSync GraphQL API.  </p>
+     * <p>Specifies whether this is for an Amazon CloudFront distribution or for a regional application. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, an AppSync GraphQL API, or an Amazon Cognito user pool.  </p>
      *          <p>To work with CloudFront, you must also specify the Region US East (N. Virginia) as follows: </p>
      *          <ul>
      *             <li>
@@ -3286,7 +3294,7 @@ export interface GetSampledRequestsRequest {
      */
     RuleMetricName: string | undefined;
     /**
-     * <p>Specifies whether this is for an Amazon CloudFront distribution or for a regional application. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, or an AppSync GraphQL API.  </p>
+     * <p>Specifies whether this is for an Amazon CloudFront distribution or for a regional application. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, an AppSync GraphQL API, or an Amazon Cognito user pool.  </p>
      *          <p>To work with CloudFront, you must also specify the Region US East (N. Virginia) as follows: </p>
      *          <ul>
      *             <li>
@@ -3492,7 +3500,7 @@ export interface GetWebACLRequest {
      */
     Name: string | undefined;
     /**
-     * <p>Specifies whether this is for an Amazon CloudFront distribution or for a regional application. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, or an AppSync GraphQL API.  </p>
+     * <p>Specifies whether this is for an Amazon CloudFront distribution or for a regional application. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, an AppSync GraphQL API, or an Amazon Cognito user pool.  </p>
      *          <p>To work with CloudFront, you must also specify the Region US East (N. Virginia) as follows: </p>
      *          <ul>
      *             <li>
@@ -3511,13 +3519,37 @@ export interface GetWebACLRequest {
 }
 export interface GetWebACLForResourceRequest {
     /**
-     * <p>The ARN (Amazon Resource Name) of the resource.</p>
+     * <p>The Amazon Resource Name (ARN) of the resource whose web ACL you want to retrieve. </p>
+     *
+     *          <p>The ARN must be in one of the following formats:</p>
+     *          <ul>
+     *             <li>
+     *                <p>For an Application Load Balancer: <code>arn:aws:elasticloadbalancing:<i>region</i>:<i>account-id</i>:loadbalancer/app/<i>load-balancer-name</i>/<i>load-balancer-id</i>
+     *                   </code>
+     *                </p>
+     *             </li>
+     *             <li>
+     *                <p>For an Amazon API Gateway REST API: <code>arn:aws:apigateway:<i>region</i>::/restapis/<i>api-id</i>/stages/<i>stage-name</i>
+     *                   </code>
+     *                </p>
+     *             </li>
+     *             <li>
+     *                <p>For an AppSync GraphQL API: <code>arn:aws:appsync:<i>region</i>:<i>account-id</i>:apis/<i>GraphQLApiId</i>
+     *                   </code>
+     *                </p>
+     *             </li>
+     *             <li>
+     *                <p>For an Amazon Cognito user pool: <code>arn:aws:cognito-idp:<i>region</i>:<i>account-id</i>:userpool/<i>user-pool-id</i>
+     *                   </code>
+     *                </p>
+     *             </li>
+     *          </ul>
      */
     ResourceArn: string | undefined;
 }
 export interface ListAvailableManagedRuleGroupsRequest {
     /**
-     * <p>Specifies whether this is for an Amazon CloudFront distribution or for a regional application. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, or an AppSync GraphQL API.  </p>
+     * <p>Specifies whether this is for an Amazon CloudFront distribution or for a regional application. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, an AppSync GraphQL API, or an Amazon Cognito user pool.  </p>
      *          <p>To work with CloudFront, you must also specify the Region US East (N. Virginia) as follows: </p>
      *          <ul>
      *             <li>
@@ -3586,7 +3618,7 @@ export interface ListAvailableManagedRuleGroupVersionsRequest {
      */
     Name: string | undefined;
     /**
-     * <p>Specifies whether this is for an Amazon CloudFront distribution or for a regional application. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, or an AppSync GraphQL API.  </p>
+     * <p>Specifies whether this is for an Amazon CloudFront distribution or for a regional application. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, an AppSync GraphQL API, or an Amazon Cognito user pool.  </p>
      *          <p>To work with CloudFront, you must also specify the Region US East (N. Virginia) as follows: </p>
      *          <ul>
      *             <li>
@@ -3643,7 +3675,7 @@ export interface ListAvailableManagedRuleGroupVersionsResponse {
 }
 export interface ListIPSetsRequest {
     /**
-     * <p>Specifies whether this is for an Amazon CloudFront distribution or for a regional application. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, or an AppSync GraphQL API.  </p>
+     * <p>Specifies whether this is for an Amazon CloudFront distribution or for a regional application. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, an AppSync GraphQL API, or an Amazon Cognito user pool.  </p>
      *          <p>To work with CloudFront, you must also specify the Region US East (N. Virginia) as follows: </p>
      *          <ul>
      *             <li>
@@ -3683,7 +3715,7 @@ export interface ListIPSetsResponse {
 }
 export interface ListLoggingConfigurationsRequest {
     /**
-     * <p>Specifies whether this is for an Amazon CloudFront distribution or for a regional application. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, or an AppSync GraphQL API.  </p>
+     * <p>Specifies whether this is for an Amazon CloudFront distribution or for a regional application. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, an AppSync GraphQL API, or an Amazon Cognito user pool.  </p>
      *          <p>To work with CloudFront, you must also specify the Region US East (N. Virginia) as follows: </p>
      *          <ul>
      *             <li>
@@ -3722,7 +3754,7 @@ export interface ListLoggingConfigurationsResponse {
 }
 export interface ListManagedRuleSetsRequest {
     /**
-     * <p>Specifies whether this is for an Amazon CloudFront distribution or for a regional application. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, or an AppSync GraphQL API.  </p>
+     * <p>Specifies whether this is for an Amazon CloudFront distribution or for a regional application. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, an AppSync GraphQL API, or an Amazon Cognito user pool.  </p>
      *          <p>To work with CloudFront, you must also specify the Region US East (N. Virginia) as follows: </p>
      *          <ul>
      *             <li>
@@ -3852,7 +3884,7 @@ export interface ListMobileSdkReleasesResponse {
 }
 export interface ListRegexPatternSetsRequest {
     /**
-     * <p>Specifies whether this is for an Amazon CloudFront distribution or for a regional application. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, or an AppSync GraphQL API.  </p>
+     * <p>Specifies whether this is for an Amazon CloudFront distribution or for a regional application. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, an AppSync GraphQL API, or an Amazon Cognito user pool.  </p>
      *          <p>To work with CloudFront, you must also specify the Region US East (N. Virginia) as follows: </p>
      *          <ul>
      *             <li>
@@ -3892,7 +3924,8 @@ export interface ListRegexPatternSetsResponse {
 export declare enum ResourceType {
     API_GATEWAY = "API_GATEWAY",
     APPLICATION_LOAD_BALANCER = "APPLICATION_LOAD_BALANCER",
-    APPSYNC = "APPSYNC"
+    APPSYNC = "APPSYNC",
+    COGNITIO_USER_POOL = "COGNITO_USER_POOL"
 }
 export interface ListResourcesForWebACLRequest {
     /**
@@ -3901,7 +3934,7 @@ export interface ListResourcesForWebACLRequest {
     WebACLArn: string | undefined;
     /**
      * <p>Used for web ACLs that are scoped for regional applications.
-     *          A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, or an AppSync GraphQL API. </p>
+     *          A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, an AppSync GraphQL API, or an Amazon Cognito user pool. </p>
      */
     ResourceType?: ResourceType | string;
 }
@@ -3913,7 +3946,7 @@ export interface ListResourcesForWebACLResponse {
 }
 export interface ListRuleGroupsRequest {
     /**
-     * <p>Specifies whether this is for an Amazon CloudFront distribution or for a regional application. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, or an AppSync GraphQL API.  </p>
+     * <p>Specifies whether this is for an Amazon CloudFront distribution or for a regional application. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, an AppSync GraphQL API, or an Amazon Cognito user pool.  </p>
      *          <p>To work with CloudFront, you must also specify the Region US East (N. Virginia) as follows: </p>
      *          <ul>
      *             <li>
@@ -4004,7 +4037,7 @@ export interface ListTagsForResourceResponse {
 }
 export interface ListWebACLsRequest {
     /**
-     * <p>Specifies whether this is for an Amazon CloudFront distribution or for a regional application. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, or an AppSync GraphQL API.  </p>
+     * <p>Specifies whether this is for an Amazon CloudFront distribution or for a regional application. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, an AppSync GraphQL API, or an Amazon Cognito user pool.  </p>
      *          <p>To work with CloudFront, you must also specify the Region US East (N. Virginia) as follows: </p>
      *          <ul>
      *             <li>
@@ -4112,7 +4145,7 @@ export interface PutManagedRuleSetVersionsRequest {
      */
     Name: string | undefined;
     /**
-     * <p>Specifies whether this is for an Amazon CloudFront distribution or for a regional application. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, or an AppSync GraphQL API.  </p>
+     * <p>Specifies whether this is for an Amazon CloudFront distribution or for a regional application. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, an AppSync GraphQL API, or an Amazon Cognito user pool.  </p>
      *          <p>To work with CloudFront, you must also specify the Region US East (N. Virginia) as follows: </p>
      *          <ul>
      *             <li>
@@ -4252,7 +4285,7 @@ export interface UpdateIPSetRequest {
      */
     Name: string | undefined;
     /**
-     * <p>Specifies whether this is for an Amazon CloudFront distribution or for a regional application. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, or an AppSync GraphQL API.  </p>
+     * <p>Specifies whether this is for an Amazon CloudFront distribution or for a regional application. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, an AppSync GraphQL API, or an Amazon Cognito user pool.  </p>
      *          <p>To work with CloudFront, you must also specify the Region US East (N. Virginia) as follows: </p>
      *          <ul>
      *             <li>
@@ -4329,7 +4362,7 @@ export interface UpdateManagedRuleSetVersionExpiryDateRequest {
      */
     Name: string | undefined;
     /**
-     * <p>Specifies whether this is for an Amazon CloudFront distribution or for a regional application. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, or an AppSync GraphQL API.  </p>
+     * <p>Specifies whether this is for an Amazon CloudFront distribution or for a regional application. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, an AppSync GraphQL API, or an Amazon Cognito user pool.  </p>
      *          <p>To work with CloudFront, you must also specify the Region US East (N. Virginia) as follows: </p>
      *          <ul>
      *             <li>
@@ -4381,7 +4414,7 @@ export interface UpdateRegexPatternSetRequest {
      */
     Name: string | undefined;
     /**
-     * <p>Specifies whether this is for an Amazon CloudFront distribution or for a regional application. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, or an AppSync GraphQL API.  </p>
+     * <p>Specifies whether this is for an Amazon CloudFront distribution or for a regional application. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, an AppSync GraphQL API, or an Amazon Cognito user pool.  </p>
      *          <p>To work with CloudFront, you must also specify the Region US East (N. Virginia) as follows: </p>
      *          <ul>
      *             <li>
@@ -4431,6 +4464,7 @@ export interface UpdateWebACLResponse {
 /**
  * <p>The processing guidance for a <a>Rule</a>, used by WAF to determine whether
  *          a web request matches the rule. </p>
+ *          <p>For example specifications, see the examples section of <a>CreateWebACL</a>.</p>
  */
 export interface Statement {
     /**
@@ -4781,7 +4815,7 @@ export interface FirewallManagerRuleGroup {
 }
 export interface CheckCapacityRequest {
     /**
-     * <p>Specifies whether this is for an Amazon CloudFront distribution or for a regional application. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, or an AppSync GraphQL API.  </p>
+     * <p>Specifies whether this is for an Amazon CloudFront distribution or for a regional application. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, an AppSync GraphQL API, or an Amazon Cognito user pool.  </p>
      *          <p>To work with CloudFront, you must also specify the Region US East (N. Virginia) as follows: </p>
      *          <ul>
      *             <li>
@@ -4805,7 +4839,7 @@ export interface CreateRuleGroupRequest {
      */
     Name: string | undefined;
     /**
-     * <p>Specifies whether this is for an Amazon CloudFront distribution or for a regional application. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, or an AppSync GraphQL API.  </p>
+     * <p>Specifies whether this is for an Amazon CloudFront distribution or for a regional application. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, an AppSync GraphQL API, or an Amazon Cognito user pool.  </p>
      *          <p>To work with CloudFront, you must also specify the Region US East (N. Virginia) as follows: </p>
      *          <ul>
      *             <li>
@@ -4866,7 +4900,7 @@ export interface CreateWebACLRequest {
      */
     Name: string | undefined;
     /**
-     * <p>Specifies whether this is for an Amazon CloudFront distribution or for a regional application. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, or an AppSync GraphQL API.  </p>
+     * <p>Specifies whether this is for an Amazon CloudFront distribution or for a regional application. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, an AppSync GraphQL API, or an Amazon Cognito user pool.  </p>
      *          <p>To work with CloudFront, you must also specify the Region US East (N. Virginia) as follows: </p>
      *          <ul>
      *             <li>
@@ -5002,7 +5036,7 @@ export interface UpdateRuleGroupRequest {
      */
     Name: string | undefined;
     /**
-     * <p>Specifies whether this is for an Amazon CloudFront distribution or for a regional application. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, or an AppSync GraphQL API.  </p>
+     * <p>Specifies whether this is for an Amazon CloudFront distribution or for a regional application. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, an AppSync GraphQL API, or an Amazon Cognito user pool.  </p>
      *          <p>To work with CloudFront, you must also specify the Region US East (N. Virginia) as follows: </p>
      *          <ul>
      *             <li>
@@ -5052,7 +5086,7 @@ export interface UpdateWebACLRequest {
      */
     Name: string | undefined;
     /**
-     * <p>Specifies whether this is for an Amazon CloudFront distribution or for a regional application. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, or an AppSync GraphQL API.  </p>
+     * <p>Specifies whether this is for an Amazon CloudFront distribution or for a regional application. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, an AppSync GraphQL API, or an Amazon Cognito user pool.  </p>
      *          <p>To work with CloudFront, you must also specify the Region US East (N. Virginia) as follows: </p>
      *          <ul>
      *             <li>
@@ -5115,7 +5149,7 @@ export interface GetRuleGroupResponse {
     LockToken?: string;
 }
 /**
- * <p> A web ACL defines a collection of rules to use to inspect and control web requests. Each rule has an action defined (allow, block, or count) for requests that match the statement of the rule. In the web ACL, you assign a default action to take (allow, block) for any request that does not match any of the rules. The rules in a web ACL can be a combination of the types <a>Rule</a>, <a>RuleGroup</a>, and managed rule group. You can associate a web ACL with one or more Amazon Web Services resources to protect. The resources can be an Amazon CloudFront distribution, an Amazon API Gateway REST API, an Application Load Balancer, or an AppSync GraphQL API.  </p>
+ * <p> A web ACL defines a collection of rules to use to inspect and control web requests. Each rule has an action defined (allow, block, or count) for requests that match the statement of the rule. In the web ACL, you assign a default action to take (allow, block) for any request that does not match any of the rules. The rules in a web ACL can be a combination of the types <a>Rule</a>, <a>RuleGroup</a>, and managed rule group. You can associate a web ACL with one or more Amazon Web Services resources to protect. The resources can be an Amazon CloudFront distribution, an Amazon API Gateway REST API, an Application Load Balancer, an AppSync GraphQL API, or an Amazon Cognito user pool.  </p>
  */
 export interface WebACL {
     /**

package/package.json

@@ -1,7 +1,7 @@
 {
   "name": "@aws-sdk/client-wafv2",
   "description": "AWS SDK for JavaScript Wafv2 Client for Node.js, Browser and React Native",
-  "version": "3.142.0",
+  "version": "3.150.0",
   "scripts": {
     "build": "concurrently 'yarn:build:cjs' 'yarn:build:es' 'yarn:build:types'",
     "build:cjs": "tsc -p tsconfig.cjs.json",
@@ -18,9 +18,9 @@
   "dependencies": {
     "@aws-crypto/sha256-browser": "2.0.0",
     "@aws-crypto/sha256-js": "2.0.0",
-    "@aws-sdk/client-sts": "3.142.0",
+    "@aws-sdk/client-sts": "3.150.0",
     "@aws-sdk/config-resolver": "3.130.0",
-    "@aws-sdk/credential-provider-node": "3.142.0",
+    "@aws-sdk/credential-provider-node": "3.150.0",
     "@aws-sdk/fetch-http-handler": "3.131.0",
     "@aws-sdk/hash-node": "3.127.0",
     "@aws-sdk/invalid-dependency": "3.127.0",
@@ -61,6 +61,11 @@
     "typedoc": "0.19.2",
     "typescript": "~4.6.2"
   },
+  "overrides": {
+    "typedoc": {
+      "typescript": "~4.6.2"
+    }
+  },
   "engines": {
     "node": ">=12.0.0"
   },