npm - @aws-sdk/client-wafv2 - Versions diffs - 3.28.0 → 3.32.0 - Mend

@aws-sdk/client-wafv2 3.28.0 → 3.32.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (51) hide show

package/dist/types/WAFV2.d.ts CHANGED Viewed

@@ -242,7 +242,7 @@ export declare class WAFV2 extends WAFV2Client {
     /**
      * <p>Retrieves the specified managed rule set. </p>
      *          <note>
-     *             <p>This is intended for use only by vendors of managed rule sets. Vendors are Amazon Web Services and Marketplace sellers. </p>
+     *             <p>This is intended for use only by vendors of managed rule sets. Vendors are Amazon Web Services and Amazon Web Services Marketplace sellers. </p>
      *             <p>Vendors, you can use the managed rule set APIs to provide controlled rollout of your versioned managed rule group offerings for your customers. The APIs are <code>ListManagedRuleSets</code>, <code>GetManagedRuleSet</code>, <code>PutManagedRuleSetVersions</code>, and <code>UpdateManagedRuleSetVersionExpiryDate</code>.</p>
      *          </note>
      */
@@ -257,9 +257,9 @@ export declare class WAFV2 extends WAFV2Client {
     getPermissionPolicy(args: GetPermissionPolicyCommandInput, cb: (err: any, data?: GetPermissionPolicyCommandOutput) => void): void;
     getPermissionPolicy(args: GetPermissionPolicyCommandInput, options: __HttpHandlerOptions, cb: (err: any, data?: GetPermissionPolicyCommandOutput) => void): void;
     /**
-     * <p>Retrieves the keys that are currently blocked by a rate-based rule. The maximum number
-     *          of managed keys that can be blocked for a single rate-based rule is 10,000. If more than
-     *          10,000 addresses exceed the rate limit, those with the highest rates are blocked.</p>
+     * <p>Retrieves the keys that are currently blocked by a rate-based rule instance. The maximum number of managed keys that can be blocked for a single rate-based rule instance is 10,000. If more than 10,000 addresses exceed the rate limit, those with the highest rates are blocked.</p>
+     *          <p>For a rate-based rule that you've defined inside a rule group, provide the name of the rule group reference statement in your request, in addition to the rate-based rule name and the web ACL name. </p>
+     *          <p>WAF monitors web requests and manages keys independently for each unique combination of web ACL, optional rule group, and rate-based rule. For example, if you define a rate-based rule inside a rule group, and then use the rule group in a web ACL, WAF monitors web requests and manages keys for that web ACL, rule group reference statement, and rate-based rule instance. If you use the same rule group in a second web ACL, WAF monitors web requests and manages keys for this second usage completely independent of your first.  </p>
      */
     getRateBasedStatementManagedKeys(args: GetRateBasedStatementManagedKeysCommandInput, options?: __HttpHandlerOptions): Promise<GetRateBasedStatementManagedKeysCommandOutput>;
     getRateBasedStatementManagedKeys(args: GetRateBasedStatementManagedKeysCommandInput, cb: (err: any, data?: GetRateBasedStatementManagedKeysCommandOutput) => void): void;
@@ -305,7 +305,7 @@ export declare class WAFV2 extends WAFV2Client {
     getWebACLForResource(args: GetWebACLForResourceCommandInput, options: __HttpHandlerOptions, cb: (err: any, data?: GetWebACLForResourceCommandOutput) => void): void;
     /**
      * <p>Retrieves an array of managed rule groups that are available for you to use. This list
-     *          includes all Amazon Web Services Managed Rules rule groups and all of the Marketplace managed rule groups that you're
+     *          includes all Amazon Web Services Managed Rules rule groups and all of the Amazon Web Services Marketplace managed rule groups that you're
      *          subscribed to.</p>
      */
     listAvailableManagedRuleGroups(args: ListAvailableManagedRuleGroupsCommandInput, options?: __HttpHandlerOptions): Promise<ListAvailableManagedRuleGroupsCommandOutput>;
@@ -333,7 +333,7 @@ export declare class WAFV2 extends WAFV2Client {
     /**
      * <p>Retrieves the managed rule sets that you own. </p>
      *          <note>
-     *             <p>This is intended for use only by vendors of managed rule sets. Vendors are Amazon Web Services and Marketplace sellers. </p>
+     *             <p>This is intended for use only by vendors of managed rule sets. Vendors are Amazon Web Services and Amazon Web Services Marketplace sellers. </p>
      *             <p>Vendors, you can use the managed rule set APIs to provide controlled rollout of your versioned managed rule group offerings for your customers. The APIs are <code>ListManagedRuleSets</code>, <code>GetManagedRuleSet</code>, <code>PutManagedRuleSetVersions</code>, and <code>UpdateManagedRuleSetVersionExpiryDate</code>.</p>
      *          </note>
      */
@@ -422,7 +422,7 @@ export declare class WAFV2 extends WAFV2Client {
      * <p>Defines the versions of your managed rule set that you are offering to the customers.
      *          Customers see your offerings as managed rule groups with versioning.</p>
      *          <note>
-     *             <p>This is intended for use only by vendors of managed rule sets. Vendors are Amazon Web Services and Marketplace sellers. </p>
+     *             <p>This is intended for use only by vendors of managed rule sets. Vendors are Amazon Web Services and Amazon Web Services Marketplace sellers. </p>
      *             <p>Vendors, you can use the managed rule set APIs to provide controlled rollout of your versioned managed rule group offerings for your customers. The APIs are <code>ListManagedRuleSets</code>, <code>GetManagedRuleSet</code>, <code>PutManagedRuleSetVersions</code>, and <code>UpdateManagedRuleSetVersionExpiryDate</code>.</p>
      *          </note>
      *          <p>Customers retrieve their managed rule group list by calling <a>ListAvailableManagedRuleGroups</a>. The name that you provide here for your
@@ -493,7 +493,7 @@ export declare class WAFV2 extends WAFV2Client {
      *          expiration of a managed rule group version. After you initiate expiration for a version,
      *          WAF excludes it from the reponse to <a>ListAvailableManagedRuleGroupVersions</a> for the managed rule group. </p>
      *          <note>
-     *             <p>This is intended for use only by vendors of managed rule sets. Vendors are Amazon Web Services and Marketplace sellers. </p>
+     *             <p>This is intended for use only by vendors of managed rule sets. Vendors are Amazon Web Services and Amazon Web Services Marketplace sellers. </p>
      *             <p>Vendors, you can use the managed rule set APIs to provide controlled rollout of your versioned managed rule group offerings for your customers. The APIs are <code>ListManagedRuleSets</code>, <code>GetManagedRuleSet</code>, <code>PutManagedRuleSetVersions</code>, and <code>UpdateManagedRuleSetVersionExpiryDate</code>.</p>
      *          </note>
      */

package/dist/types/commands/GetManagedRuleSetCommand.d.ts CHANGED Viewed

@@ -9,7 +9,7 @@ export interface GetManagedRuleSetCommandOutput extends GetManagedRuleSetRespons
 /**
  * <p>Retrieves the specified managed rule set. </p>
  *          <note>
- *             <p>This is intended for use only by vendors of managed rule sets. Vendors are Amazon Web Services and Marketplace sellers. </p>
+ *             <p>This is intended for use only by vendors of managed rule sets. Vendors are Amazon Web Services and Amazon Web Services Marketplace sellers. </p>
  *             <p>Vendors, you can use the managed rule set APIs to provide controlled rollout of your versioned managed rule group offerings for your customers. The APIs are <code>ListManagedRuleSets</code>, <code>GetManagedRuleSet</code>, <code>PutManagedRuleSetVersions</code>, and <code>UpdateManagedRuleSetVersionExpiryDate</code>.</p>
  *          </note>
  * @example

package/dist/types/commands/GetRateBasedStatementManagedKeysCommand.d.ts CHANGED Viewed

@@ -7,9 +7,9 @@ export interface GetRateBasedStatementManagedKeysCommandInput extends GetRateBas
 export interface GetRateBasedStatementManagedKeysCommandOutput extends GetRateBasedStatementManagedKeysResponse, __MetadataBearer {
 }
 /**
- * <p>Retrieves the keys that are currently blocked by a rate-based rule. The maximum number
- *          of managed keys that can be blocked for a single rate-based rule is 10,000. If more than
- *          10,000 addresses exceed the rate limit, those with the highest rates are blocked.</p>
+ * <p>Retrieves the keys that are currently blocked by a rate-based rule instance. The maximum number of managed keys that can be blocked for a single rate-based rule instance is 10,000. If more than 10,000 addresses exceed the rate limit, those with the highest rates are blocked.</p>
+ *          <p>For a rate-based rule that you've defined inside a rule group, provide the name of the rule group reference statement in your request, in addition to the rate-based rule name and the web ACL name. </p>
+ *          <p>WAF monitors web requests and manages keys independently for each unique combination of web ACL, optional rule group, and rate-based rule. For example, if you define a rate-based rule inside a rule group, and then use the rule group in a web ACL, WAF monitors web requests and manages keys for that web ACL, rule group reference statement, and rate-based rule instance. If you use the same rule group in a second web ACL, WAF monitors web requests and manages keys for this second usage completely independent of your first.  </p>
  * @example
  * Use a bare-bones client and the command you need to make an API call.
  * ```javascript

package/dist/types/commands/ListAvailableManagedRuleGroupsCommand.d.ts CHANGED Viewed

@@ -8,7 +8,7 @@ export interface ListAvailableManagedRuleGroupsCommandOutput extends ListAvailab
 }
 /**
  * <p>Retrieves an array of managed rule groups that are available for you to use. This list
- *          includes all Amazon Web Services Managed Rules rule groups and all of the Marketplace managed rule groups that you're
+ *          includes all Amazon Web Services Managed Rules rule groups and all of the Amazon Web Services Marketplace managed rule groups that you're
  *          subscribed to.</p>
  * @example
  * Use a bare-bones client and the command you need to make an API call.

package/dist/types/commands/ListManagedRuleSetsCommand.d.ts CHANGED Viewed

@@ -9,7 +9,7 @@ export interface ListManagedRuleSetsCommandOutput extends ListManagedRuleSetsRes
 /**
  * <p>Retrieves the managed rule sets that you own. </p>
  *          <note>
- *             <p>This is intended for use only by vendors of managed rule sets. Vendors are Amazon Web Services and Marketplace sellers. </p>
+ *             <p>This is intended for use only by vendors of managed rule sets. Vendors are Amazon Web Services and Amazon Web Services Marketplace sellers. </p>
  *             <p>Vendors, you can use the managed rule set APIs to provide controlled rollout of your versioned managed rule group offerings for your customers. The APIs are <code>ListManagedRuleSets</code>, <code>GetManagedRuleSet</code>, <code>PutManagedRuleSetVersions</code>, and <code>UpdateManagedRuleSetVersionExpiryDate</code>.</p>
  *          </note>
  * @example

package/dist/types/commands/PutManagedRuleSetVersionsCommand.d.ts CHANGED Viewed

@@ -10,7 +10,7 @@ export interface PutManagedRuleSetVersionsCommandOutput extends PutManagedRuleSe
  * <p>Defines the versions of your managed rule set that you are offering to the customers.
  *          Customers see your offerings as managed rule groups with versioning.</p>
  *          <note>
- *             <p>This is intended for use only by vendors of managed rule sets. Vendors are Amazon Web Services and Marketplace sellers. </p>
+ *             <p>This is intended for use only by vendors of managed rule sets. Vendors are Amazon Web Services and Amazon Web Services Marketplace sellers. </p>
  *             <p>Vendors, you can use the managed rule set APIs to provide controlled rollout of your versioned managed rule group offerings for your customers. The APIs are <code>ListManagedRuleSets</code>, <code>GetManagedRuleSet</code>, <code>PutManagedRuleSetVersions</code>, and <code>UpdateManagedRuleSetVersionExpiryDate</code>.</p>
  *          </note>
  *          <p>Customers retrieve their managed rule group list by calling <a>ListAvailableManagedRuleGroups</a>. The name that you provide here for your

package/dist/types/commands/UpdateManagedRuleSetVersionExpiryDateCommand.d.ts CHANGED Viewed

@@ -11,7 +11,7 @@ export interface UpdateManagedRuleSetVersionExpiryDateCommandOutput extends Upda
  *          expiration of a managed rule group version. After you initiate expiration for a version,
  *          WAF excludes it from the reponse to <a>ListAvailableManagedRuleGroupVersions</a> for the managed rule group. </p>
  *          <note>
- *             <p>This is intended for use only by vendors of managed rule sets. Vendors are Amazon Web Services and Marketplace sellers. </p>
+ *             <p>This is intended for use only by vendors of managed rule sets. Vendors are Amazon Web Services and Amazon Web Services Marketplace sellers. </p>
  *             <p>Vendors, you can use the managed rule set APIs to provide controlled rollout of your versioned managed rule group offerings for your customers. The APIs are <code>ListManagedRuleSets</code>, <code>GetManagedRuleSet</code>, <code>PutManagedRuleSetVersions</code>, and <code>UpdateManagedRuleSetVersionExpiryDate</code>.</p>
  *          </note>
  * @example

package/dist/types/models/models_0.d.ts CHANGED Viewed

@@ -28,6 +28,8 @@ export declare namespace ActionCondition {
  *
  *       </p>
  *          <p>This is used only to indicate the web request component for WAF to inspect, in the <a>FieldToMatch</a> specification. </p>
+ *          <p>JSON specification: <code>"All": {}</code>
+ *          </p>
  */
 export interface All {
 }
@@ -101,7 +103,9 @@ export declare namespace AllowAction {
 }
 /**
  * <p>All query arguments of a web request. </p>
- *          <p>This is used only to indicate the web request component for WAF to inspect, in the <a>FieldToMatch</a> specification. </p>
+ *            <p>This is used only to indicate the web request component for WAF to inspect, in the <a>FieldToMatch</a> specification. </p>
+ *          <p>JSON specification: <code>"AllQueryArguments": {}</code>
+ *          </p>
  */
 export interface AllQueryArguments {
 }
@@ -114,6 +118,8 @@ export declare namespace AllQueryArguments {
 /**
  * <p>The body of a web request. This immediately follows the request headers.</p>
  *          <p>This is used only to indicate the web request component for WAF to inspect, in the <a>FieldToMatch</a> specification. </p>
+ *          <p>JSON specification: <code>"Body": {}</code>
+ *          </p>
  */
 export interface Body {
 }
@@ -177,6 +183,8 @@ export declare enum JsonMatchScope {
  *          that result from the matches that you
  *          indicate.
  *       </p>
+ *          <p>Example JSON: <code>"JsonBody": { "MatchPattern": { "All": {} }, "MatchScope": "ALL" }</code>
+ *          </p>
  */
 export interface JsonBody {
     /**
@@ -240,9 +248,10 @@ export declare namespace JsonBody {
     const filterSensitiveLog: (obj: JsonBody) => any;
 }
 /**
- * <p>The HTTP method of a web request. The method indicates the type of operation that the
- *          request is asking the origin to perform. </p>
- *          <p>This is used only to indicate the web request component for WAF to inspect, in the <a>FieldToMatch</a> specification. </p>
+ * <p>The HTTP method of a web request. The method indicates the type of operation that the request is asking the origin to perform. </p>
+ *            <p>This is used only to indicate the web request component for WAF to inspect, in the <a>FieldToMatch</a> specification. </p>
+ *          <p>JSON specification: <code>"Method": {}</code>
+ *          </p>
  */
 export interface Method {
 }
@@ -253,9 +262,10 @@ export declare namespace Method {
     const filterSensitiveLog: (obj: Method) => any;
 }
 /**
- * <p>The query string of a web request. This is the part of a URL that appears after a
- *             <code>?</code> character, if any.</p>
- *          <p>This is used only to indicate the web request component for WAF to inspect, in the <a>FieldToMatch</a> specification. </p>
+ * <p>The query string of a web request. This is the part of a URL that appears after a <code>?</code> character, if any.</p>
+ *            <p>This is used only to indicate the web request component for WAF to inspect, in the <a>FieldToMatch</a> specification. </p>
+ *          <p>JSON specification: <code>"QueryString": {}</code>
+ *          </p>
  */
 export interface QueryString {
 }
@@ -270,6 +280,8 @@ export declare namespace QueryString {
  *             <code>User-Agent</code> or <code>Referer</code>. This setting isn't case
  *          sensitive.</p>
  *          <p>This is used only to indicate the web request component for WAF to inspect, in the <a>FieldToMatch</a> specification. </p>
+ *          <p>Example JSON: <code>"SingleHeader": { "Name": "haystack" }</code>
+ *          </p>
  */
 export interface SingleHeader {
     /**
@@ -287,6 +299,8 @@ export declare namespace SingleHeader {
  * <p>One query argument in a web request, identified by name, for example
  *             <i>UserName</i> or <i>SalesRegion</i>. The name can be up to
  *          30 characters long and isn't case sensitive. </p>
+ *          <p>Example JSON: <code>"SingleQueryArgument": { "Name": "myArgument" }</code>
+ *          </p>
  */
 export interface SingleQueryArgument {
     /**
@@ -303,6 +317,8 @@ export declare namespace SingleQueryArgument {
 /**
  * <p>The path component of the URI of a web request. This is the part of a web request that identifies a resource. For example, <code>/images/daily-ad.jpg</code>.</p>
  *          <p>This is used only to indicate the web request component for WAF to inspect, in the <a>FieldToMatch</a> specification. </p>
+ *          <p>JSON specification: <code>"UriPath": {}</code>
+ *          </p>
  */
 export interface UriPath {
 }
@@ -313,11 +329,15 @@ export declare namespace UriPath {
     const filterSensitiveLog: (obj: UriPath) => any;
 }
 /**
- * <p>The part of a web request that you want WAF to inspect. Include the single
- *             <code>FieldToMatch</code> type that you want to inspect, with additional specifications
- *          as needed, according to the type. You specify a single request component in
- *             <code>FieldToMatch</code> for each rule statement that requires it. To inspect more than
- *          one component of a web request, create a separate rule statement for each component.</p>
+ * <p>The part of a web request that you want WAF to inspect. Include the single <code>FieldToMatch</code> type that you want to inspect, with additional specifications as needed, according to the type. You specify a single request component in <code>FieldToMatch</code> for each rule statement that requires it. To inspect more than one component of a web request, create a separate rule statement for each component.</p>
+ *          <p>JSON specification for a <code>QueryString</code> field to match: </p>
+ *          <p>
+ *             <code>    "FieldToMatch": { "QueryString": {} }</code>
+ *          </p>
+ *          <p>Example JSON for a <code>Method</code> field to match specification:</p>
+ *          <p>
+ *             <code>    "FieldToMatch": { "Method": { "Name": "DELETE" } }</code>
+ *          </p>
  */
 export interface FieldToMatch {
     /**
@@ -1211,7 +1231,8 @@ export declare namespace RegexPatternSetReferenceStatement {
 }
 /**
  * <p>A rule statement used to run the rules that are defined in a <a>RuleGroup</a>. To use this, create a rule group with your rules, then provide the ARN of the rule group in this statement.</p>
- *          <p>You cannot nest a <code>RuleGroupReferenceStatement</code>, for example for use inside a <code>NotStatement</code> or <code>OrStatement</code>. It can only be referenced as a top-level statement within a rule.</p>
+ *          <p>You cannot nest a <code>RuleGroupReferenceStatement</code>, for example for use inside a <code>NotStatement</code> or <code>OrStatement</code>. You
+ *       can only use a rule group reference statement at the top level inside a web ACL. </p>
  */
 export interface RuleGroupReferenceStatement {
     /**
@@ -1390,14 +1411,17 @@ export declare namespace WAFInvalidOperationException {
 }
 export declare enum ParameterExceptionField {
     AND_STATEMENT = "AND_STATEMENT",
+    ASSOCIABLE_RESOURCE = "ASSOCIABLE_RESOURCE",
     BODY_PARSING_FALLBACK_BEHAVIOR = "BODY_PARSING_FALLBACK_BEHAVIOR",
     BYTE_MATCH_STATEMENT = "BYTE_MATCH_STATEMENT",
+    CHANGE_PROPAGATION_STATUS = "CHANGE_PROPAGATION_STATUS",
     CUSTOM_REQUEST_HANDLING = "CUSTOM_REQUEST_HANDLING",
     CUSTOM_RESPONSE = "CUSTOM_RESPONSE",
     CUSTOM_RESPONSE_BODY = "CUSTOM_RESPONSE_BODY",
     DEFAULT_ACTION = "DEFAULT_ACTION",
     ENTITY_LIMIT = "ENTITY_LIMIT",
     EXCLUDED_RULE = "EXCLUDED_RULE",
+    EXPIRE_TIMESTAMP = "EXPIRE_TIMESTAMP",
     FALLBACK_BEHAVIOR = "FALLBACK_BEHAVIOR",
     FIELD_TO_MATCH = "FIELD_TO_MATCH",
     FILTER_CONDITION = "FILTER_CONDITION",
@@ -1617,6 +1641,8 @@ export declare namespace RuleAction {
  * <p>Specifies that WAF should do nothing. This is generally used to try out a rule
  *          without performing any actions. You set the <code>OverrideAction</code> on the <a>Rule</a>. </p>
  *          <p>This is used in the context of other settings, for example to specify values for <a>RuleAction</a> and web ACL <a>DefaultAction</a>. </p>
+ *          <p>JSON specification: <code>"None": {}</code>
+ *          </p>
  */
 export interface NoneAction {
 }
@@ -2862,12 +2888,10 @@ export interface LoggingConfiguration {
      */
     LogDestinationConfigs: string[] | undefined;
     /**
-     * <p>The parts of the request that you want to keep out of the logs. For example, if you
-     *          redact the <code>HEADER</code> field, the <code>HEADER</code> field in the firehose will be
-     *             <code>xxx</code>. </p>
+     * <p>The parts of the request that you want to keep out of the logs. For
+     *           example, if you redact the <code>SingleHeader</code> field, the <code>HEADER</code> field in the firehose will be <code>xxx</code>. </p>
      *          <note>
-     *             <p>You must use one of the following values: <code>URI</code>,
-     *             <code>QUERY_STRING</code>, <code>HEADER</code>, or <code>METHOD</code>.</p>
+     *            <p>You can specify only the following fields for redaction: <code>UriPath</code>, <code>QueryString</code>, <code>SingleHeader</code>, <code>Method</code>, and <code>JsonBody</code>.</p>
      *          </note>
      */
     RedactedFields?: FieldToMatch[];
@@ -2935,7 +2959,7 @@ export declare namespace GetManagedRuleSetRequest {
 /**
  * <p>Information for a single version of a managed rule set. </p>
  *          <note>
- *             <p>This is intended for use only by vendors of managed rule sets. Vendors are Amazon Web Services and Marketplace sellers. </p>
+ *             <p>This is intended for use only by vendors of managed rule sets. Vendors are Amazon Web Services and Amazon Web Services Marketplace sellers. </p>
  *             <p>Vendors, you can use the managed rule set APIs to provide controlled rollout of your versioned managed rule group offerings for your customers. The APIs are <code>ListManagedRuleSets</code>, <code>GetManagedRuleSet</code>, <code>PutManagedRuleSetVersions</code>, and <code>UpdateManagedRuleSetVersionExpiryDate</code>.</p>
  *          </note>
  */
@@ -2985,10 +3009,10 @@ export declare namespace ManagedRuleSetVersion {
     const filterSensitiveLog: (obj: ManagedRuleSetVersion) => any;
 }
 /**
- * <p>A set of rules that is managed by Amazon Web Services and Marketplace sellers to provide versioned managed
+ * <p>A set of rules that is managed by Amazon Web Services and Amazon Web Services Marketplace sellers to provide versioned managed
  *          rule groups for customers of WAF.</p>
  *          <note>
- *             <p>This is intended for use only by vendors of managed rule sets. Vendors are Amazon Web Services and Marketplace sellers. </p>
+ *             <p>This is intended for use only by vendors of managed rule sets. Vendors are Amazon Web Services and Amazon Web Services Marketplace sellers. </p>
  *             <p>Vendors, you can use the managed rule set APIs to provide controlled rollout of your versioned managed rule group offerings for your customers. The APIs are <code>ListManagedRuleSets</code>, <code>GetManagedRuleSet</code>, <code>PutManagedRuleSetVersions</code>, and <code>UpdateManagedRuleSetVersionExpiryDate</code>.</p>
  *          </note>
  */
@@ -3109,7 +3133,12 @@ export interface GetRateBasedStatementManagedKeysRequest {
      */
     WebACLId: string | undefined;
     /**
-     * <p>The name of the rate-based rule to get the keys for.</p>
+     * <p>The name of the rule group reference statement in your web ACL. This is required only when you have the rate-based rule nested
+     * inside a rule group. </p>
+     */
+    RuleGroupRuleName?: string;
+    /**
+     * <p>The name of the rate-based rule to get the keys for. If you have the rule defined inside a rule group that you're using in your web ACL, also provide the name of the rule group reference statement in the request parameter <code>RuleGroupRuleName</code>.</p>
      */
     RuleName: string | undefined;
 }
@@ -3120,7 +3149,7 @@ export declare namespace GetRateBasedStatementManagedKeysRequest {
     const filterSensitiveLog: (obj: GetRateBasedStatementManagedKeysRequest) => any;
 }
 /**
- * <p>The set of IP addresses that are currently blocked for a rate-based statement.</p>
+ * <p>The set of IP addresses that are currently blocked for a <a>RateBasedStatement</a>.</p>
  */
 export interface RateBasedStatementManagedKeysIPSet {
     /**
@@ -3594,7 +3623,7 @@ export declare namespace ListAvailableManagedRuleGroupsRequest {
     const filterSensitiveLog: (obj: ListAvailableManagedRuleGroupsRequest) => any;
 }
 /**
- * <p>High-level information about a managed rule group, returned by <a>ListAvailableManagedRuleGroups</a>. This provides information like the name and vendor name, that you provide when you add a <a>ManagedRuleGroupStatement</a> to a web ACL. Managed rule groups include Amazon Web Services Managed Rules rule groups, which are free of charge to WAF customers, and Marketplace managed rule groups, which you can subscribe to through Marketplace. </p>
+ * <p>High-level information about a managed rule group, returned by <a>ListAvailableManagedRuleGroups</a>. This provides information like the name and vendor name, that you provide when you add a <a>ManagedRuleGroupStatement</a> to a web ACL. Managed rule groups include Amazon Web Services Managed Rules rule groups, which are free of charge to WAF customers, and Amazon Web Services Marketplace managed rule groups, which you can subscribe to through Amazon Web Services Marketplace. </p>
  */
 export interface ManagedRuleGroupSummary {
     /**
@@ -3606,7 +3635,7 @@ export interface ManagedRuleGroupSummary {
      */
     Name?: string;
     /**
-     * <p>The description of the managed rule group, provided by Amazon Web Services Managed Rules or the Marketplace seller who manages it.</p>
+     * <p>The description of the managed rule group, provided by Amazon Web Services Managed Rules or the Amazon Web Services Marketplace seller who manages it.</p>
      */
     Description?: string;
 }
@@ -3852,7 +3881,7 @@ export declare namespace ListManagedRuleSetsRequest {
 /**
  * <p>High-level information for a managed rule set. </p>
  *          <note>
- *             <p>This is intended for use only by vendors of managed rule sets. Vendors are Amazon Web Services and Marketplace sellers. </p>
+ *             <p>This is intended for use only by vendors of managed rule sets. Vendors are Amazon Web Services and Amazon Web Services Marketplace sellers. </p>
  *             <p>Vendors, you can use the managed rule set APIs to provide controlled rollout of your versioned managed rule group offerings for your customers. The APIs are <code>ListManagedRuleSets</code>, <code>GetManagedRuleSet</code>, <code>PutManagedRuleSetVersions</code>, and <code>UpdateManagedRuleSetVersionExpiryDate</code>.</p>
  *          </note>
  */
@@ -4227,7 +4256,7 @@ export declare namespace WAFServiceLinkedRoleErrorException {
  * <p>A version of the named managed rule group, that the rule group's vendor publishes for
  *          use by customers. </p>
  *          <note>
- *             <p>This is intended for use only by vendors of managed rule sets. Vendors are Amazon Web Services and Marketplace sellers. </p>
+ *             <p>This is intended for use only by vendors of managed rule sets. Vendors are Amazon Web Services and Amazon Web Services Marketplace sellers. </p>
  *             <p>Vendors, you can use the managed rule set APIs to provide controlled rollout of your versioned managed rule group offerings for your customers. The APIs are <code>ListManagedRuleSets</code>, <code>GetManagedRuleSet</code>, <code>PutManagedRuleSetVersions</code>, and <code>UpdateManagedRuleSetVersionExpiryDate</code>.</p>
  *          </note>
  */
@@ -4651,8 +4680,7 @@ export declare namespace UpdateWebACLResponse {
     const filterSensitiveLog: (obj: UpdateWebACLResponse) => any;
 }
 /**
- * <p>The processing guidance for a <a>Rule</a>, used by WAF to determine
- *          whether a web request matches the rule. </p>
+ * <p>The processing guidance for a <a>Rule</a>, used by WAF to determine whether a web request matches the rule. </p>
  */
 export interface Statement {
     /**
@@ -4683,7 +4711,8 @@ export interface Statement {
     GeoMatchStatement?: GeoMatchStatement;
     /**
      * <p>A rule statement used to run the rules that are defined in a <a>RuleGroup</a>. To use this, create a rule group with your rules, then provide the ARN of the rule group in this statement.</p>
-     *          <p>You cannot nest a <code>RuleGroupReferenceStatement</code>, for example for use inside a <code>NotStatement</code> or <code>OrStatement</code>. It can only be referenced as a top-level statement within a rule.</p>
+     *          <p>You cannot nest a <code>RuleGroupReferenceStatement</code>, for example for use inside a <code>NotStatement</code> or <code>OrStatement</code>. You
+     *       can only use a rule group reference statement at the top level inside a web ACL. </p>
      */
     RuleGroupReferenceStatement?: RuleGroupReferenceStatement;
     /**
@@ -4697,7 +4726,8 @@ export interface Statement {
      */
     RegexPatternSetReferenceStatement?: RegexPatternSetReferenceStatement;
     /**
-     * <p>A rate-based rule tracks the rate of requests for each originating IP address, and triggers the rule action when the rate exceeds a limit that you specify on the number of requests in any 5-minute time span. You can use this to put a temporary block on requests from an IP address that is sending excessive requests.</p>
+     * <p>A rate-based rule tracks the rate of requests for each originating IP address, and triggers the rule action when the rate exceeds a limit that you specify on the number of requests in any 5-minute time span. You can use this to put a temporary block on requests from an IP address that is sending excessive requests. </p>
+     *          <p>WAF tracks and manages web requests separately for each instance of a rate-based rule that you use. For example, if you provide the same rate-based rule settings in two web ACLs, each of the two rule statements represents a separate instance of the rate-based rule and gets its own tracking and management by WAF. If you define a rate-based rule inside a rule group, and then use that rule group in multiple places, each use creates a separate instance of the rate-based rule that gets its own tracking and management by WAF. </p>
      *          <p>When the rule action triggers, WAF blocks additional requests from the IP address until the request rate falls below the limit.</p>
      *          <p>You can optionally nest another statement inside the rate-based statement, to narrow the scope of the rule so that it only counts requests that match the nested statement. For example, based on recent requests that you have seen from an attacker, you might create a rate-based rule with a nested AND rule statement that contains the following nested statements:</p>
      *          <ul>
@@ -4709,7 +4739,7 @@ export interface Statement {
      *             </li>
      *          </ul>
      *          <p>In this rate-based rule, you also define a rate limit. For this example, the rate limit is 1,000. Requests that meet both of the conditions in the statements are counted. If the count exceeds 1,000 requests per five minutes, the rule action triggers. Requests that do not meet both conditions are not counted towards the rate limit and are not affected by this rule.</p>
-     *          <p>You cannot nest a <code>RateBasedStatement</code>, for example for use inside a <code>NotStatement</code> or <code>OrStatement</code>. It can only be referenced as a top-level statement within a rule.</p>
+     *          <p>You cannot nest a <code>RateBasedStatement</code> inside another statement, for example inside a <code>NotStatement</code> or <code>OrStatement</code>. You can define a <code>RateBasedStatement</code> inside a web ACL and inside a rule group. </p>
      */
     RateBasedStatement?: RateBasedStatement;
     /**
@@ -4798,7 +4828,8 @@ export declare namespace NotStatement {
     const filterSensitiveLog: (obj: NotStatement) => any;
 }
 /**
- * <p>A rate-based rule tracks the rate of requests for each originating IP address, and triggers the rule action when the rate exceeds a limit that you specify on the number of requests in any 5-minute time span. You can use this to put a temporary block on requests from an IP address that is sending excessive requests.</p>
+ * <p>A rate-based rule tracks the rate of requests for each originating IP address, and triggers the rule action when the rate exceeds a limit that you specify on the number of requests in any 5-minute time span. You can use this to put a temporary block on requests from an IP address that is sending excessive requests. </p>
+ *          <p>WAF tracks and manages web requests separately for each instance of a rate-based rule that you use. For example, if you provide the same rate-based rule settings in two web ACLs, each of the two rule statements represents a separate instance of the rate-based rule and gets its own tracking and management by WAF. If you define a rate-based rule inside a rule group, and then use that rule group in multiple places, each use creates a separate instance of the rate-based rule that gets its own tracking and management by WAF. </p>
  *          <p>When the rule action triggers, WAF blocks additional requests from the IP address until the request rate falls below the limit.</p>
  *          <p>You can optionally nest another statement inside the rate-based statement, to narrow the scope of the rule so that it only counts requests that match the nested statement. For example, based on recent requests that you have seen from an attacker, you might create a rate-based rule with a nested AND rule statement that contains the following nested statements:</p>
  *          <ul>
@@ -4810,7 +4841,7 @@ export declare namespace NotStatement {
  *             </li>
  *          </ul>
  *          <p>In this rate-based rule, you also define a rate limit. For this example, the rate limit is 1,000. Requests that meet both of the conditions in the statements are counted. If the count exceeds 1,000 requests per five minutes, the rule action triggers. Requests that do not meet both conditions are not counted towards the rate limit and are not affected by this rule.</p>
- *          <p>You cannot nest a <code>RateBasedStatement</code>, for example for use inside a <code>NotStatement</code> or <code>OrStatement</code>. It can only be referenced as a top-level statement within a rule.</p>
+ *          <p>You cannot nest a <code>RateBasedStatement</code> inside another statement, for example inside a <code>NotStatement</code> or <code>OrStatement</code>. You can define a <code>RateBasedStatement</code> inside a web ACL and inside a rule group. </p>
  */
 export interface RateBasedStatement {
     /**
@@ -4995,7 +5026,8 @@ export interface FirewallManagerStatement {
     ManagedRuleGroupStatement?: ManagedRuleGroupStatement;
     /**
      * <p>A rule statement used to run the rules that are defined in a <a>RuleGroup</a>. To use this, create a rule group with your rules, then provide the ARN of the rule group in this statement.</p>
-     *          <p>You cannot nest a <code>RuleGroupReferenceStatement</code>, for example for use inside a <code>NotStatement</code> or <code>OrStatement</code>. It can only be referenced as a top-level statement within a rule.</p>
+     *          <p>You cannot nest a <code>RuleGroupReferenceStatement</code>, for example for use inside a <code>NotStatement</code> or <code>OrStatement</code>. You
+     *       can only use a rule group reference statement at the top level inside a web ACL. </p>
      */
     RuleGroupReferenceStatement?: RuleGroupReferenceStatement;
 }

package/dist/types/ts3.4/WAFV2.d.ts CHANGED Viewed

@@ -242,7 +242,7 @@ export declare class WAFV2 extends WAFV2Client {
     /**
      * <p>Retrieves the specified managed rule set. </p>
      *          <note>
-     *             <p>This is intended for use only by vendors of managed rule sets. Vendors are Amazon Web Services and Marketplace sellers. </p>
+     *             <p>This is intended for use only by vendors of managed rule sets. Vendors are Amazon Web Services and Amazon Web Services Marketplace sellers. </p>
      *             <p>Vendors, you can use the managed rule set APIs to provide controlled rollout of your versioned managed rule group offerings for your customers. The APIs are <code>ListManagedRuleSets</code>, <code>GetManagedRuleSet</code>, <code>PutManagedRuleSetVersions</code>, and <code>UpdateManagedRuleSetVersionExpiryDate</code>.</p>
      *          </note>
      */
@@ -257,9 +257,9 @@ export declare class WAFV2 extends WAFV2Client {
     getPermissionPolicy(args: GetPermissionPolicyCommandInput, cb: (err: any, data?: GetPermissionPolicyCommandOutput) => void): void;
     getPermissionPolicy(args: GetPermissionPolicyCommandInput, options: __HttpHandlerOptions, cb: (err: any, data?: GetPermissionPolicyCommandOutput) => void): void;
     /**
-     * <p>Retrieves the keys that are currently blocked by a rate-based rule. The maximum number
-     *          of managed keys that can be blocked for a single rate-based rule is 10,000. If more than
-     *          10,000 addresses exceed the rate limit, those with the highest rates are blocked.</p>
+     * <p>Retrieves the keys that are currently blocked by a rate-based rule instance. The maximum number of managed keys that can be blocked for a single rate-based rule instance is 10,000. If more than 10,000 addresses exceed the rate limit, those with the highest rates are blocked.</p>
+     *          <p>For a rate-based rule that you've defined inside a rule group, provide the name of the rule group reference statement in your request, in addition to the rate-based rule name and the web ACL name. </p>
+     *          <p>WAF monitors web requests and manages keys independently for each unique combination of web ACL, optional rule group, and rate-based rule. For example, if you define a rate-based rule inside a rule group, and then use the rule group in a web ACL, WAF monitors web requests and manages keys for that web ACL, rule group reference statement, and rate-based rule instance. If you use the same rule group in a second web ACL, WAF monitors web requests and manages keys for this second usage completely independent of your first.  </p>
      */
     getRateBasedStatementManagedKeys(args: GetRateBasedStatementManagedKeysCommandInput, options?: __HttpHandlerOptions): Promise<GetRateBasedStatementManagedKeysCommandOutput>;
     getRateBasedStatementManagedKeys(args: GetRateBasedStatementManagedKeysCommandInput, cb: (err: any, data?: GetRateBasedStatementManagedKeysCommandOutput) => void): void;
@@ -305,7 +305,7 @@ export declare class WAFV2 extends WAFV2Client {
     getWebACLForResource(args: GetWebACLForResourceCommandInput, options: __HttpHandlerOptions, cb: (err: any, data?: GetWebACLForResourceCommandOutput) => void): void;
     /**
      * <p>Retrieves an array of managed rule groups that are available for you to use. This list
-     *          includes all Amazon Web Services Managed Rules rule groups and all of the Marketplace managed rule groups that you're
+     *          includes all Amazon Web Services Managed Rules rule groups and all of the Amazon Web Services Marketplace managed rule groups that you're
      *          subscribed to.</p>
      */
     listAvailableManagedRuleGroups(args: ListAvailableManagedRuleGroupsCommandInput, options?: __HttpHandlerOptions): Promise<ListAvailableManagedRuleGroupsCommandOutput>;
@@ -333,7 +333,7 @@ export declare class WAFV2 extends WAFV2Client {
     /**
      * <p>Retrieves the managed rule sets that you own. </p>
      *          <note>
-     *             <p>This is intended for use only by vendors of managed rule sets. Vendors are Amazon Web Services and Marketplace sellers. </p>
+     *             <p>This is intended for use only by vendors of managed rule sets. Vendors are Amazon Web Services and Amazon Web Services Marketplace sellers. </p>
      *             <p>Vendors, you can use the managed rule set APIs to provide controlled rollout of your versioned managed rule group offerings for your customers. The APIs are <code>ListManagedRuleSets</code>, <code>GetManagedRuleSet</code>, <code>PutManagedRuleSetVersions</code>, and <code>UpdateManagedRuleSetVersionExpiryDate</code>.</p>
      *          </note>
      */
@@ -422,7 +422,7 @@ export declare class WAFV2 extends WAFV2Client {
      * <p>Defines the versions of your managed rule set that you are offering to the customers.
      *          Customers see your offerings as managed rule groups with versioning.</p>
      *          <note>
-     *             <p>This is intended for use only by vendors of managed rule sets. Vendors are Amazon Web Services and Marketplace sellers. </p>
+     *             <p>This is intended for use only by vendors of managed rule sets. Vendors are Amazon Web Services and Amazon Web Services Marketplace sellers. </p>
      *             <p>Vendors, you can use the managed rule set APIs to provide controlled rollout of your versioned managed rule group offerings for your customers. The APIs are <code>ListManagedRuleSets</code>, <code>GetManagedRuleSet</code>, <code>PutManagedRuleSetVersions</code>, and <code>UpdateManagedRuleSetVersionExpiryDate</code>.</p>
      *          </note>
      *          <p>Customers retrieve their managed rule group list by calling <a>ListAvailableManagedRuleGroups</a>. The name that you provide here for your
@@ -493,7 +493,7 @@ export declare class WAFV2 extends WAFV2Client {
      *          expiration of a managed rule group version. After you initiate expiration for a version,
      *          WAF excludes it from the reponse to <a>ListAvailableManagedRuleGroupVersions</a> for the managed rule group. </p>
      *          <note>
-     *             <p>This is intended for use only by vendors of managed rule sets. Vendors are Amazon Web Services and Marketplace sellers. </p>
+     *             <p>This is intended for use only by vendors of managed rule sets. Vendors are Amazon Web Services and Amazon Web Services Marketplace sellers. </p>
      *             <p>Vendors, you can use the managed rule set APIs to provide controlled rollout of your versioned managed rule group offerings for your customers. The APIs are <code>ListManagedRuleSets</code>, <code>GetManagedRuleSet</code>, <code>PutManagedRuleSetVersions</code>, and <code>UpdateManagedRuleSetVersionExpiryDate</code>.</p>
      *          </note>
      */

package/dist/types/ts3.4/commands/GetManagedRuleSetCommand.d.ts CHANGED Viewed

@@ -9,7 +9,7 @@ export interface GetManagedRuleSetCommandOutput extends GetManagedRuleSetRespons
 /**
  * <p>Retrieves the specified managed rule set. </p>
  *          <note>
- *             <p>This is intended for use only by vendors of managed rule sets. Vendors are Amazon Web Services and Marketplace sellers. </p>
+ *             <p>This is intended for use only by vendors of managed rule sets. Vendors are Amazon Web Services and Amazon Web Services Marketplace sellers. </p>
  *             <p>Vendors, you can use the managed rule set APIs to provide controlled rollout of your versioned managed rule group offerings for your customers. The APIs are <code>ListManagedRuleSets</code>, <code>GetManagedRuleSet</code>, <code>PutManagedRuleSetVersions</code>, and <code>UpdateManagedRuleSetVersionExpiryDate</code>.</p>
  *          </note>
  * @example

package/dist/types/ts3.4/commands/GetRateBasedStatementManagedKeysCommand.d.ts CHANGED Viewed

@@ -7,9 +7,9 @@ export interface GetRateBasedStatementManagedKeysCommandInput extends GetRateBas
 export interface GetRateBasedStatementManagedKeysCommandOutput extends GetRateBasedStatementManagedKeysResponse, __MetadataBearer {
 }
 /**
- * <p>Retrieves the keys that are currently blocked by a rate-based rule. The maximum number
- *          of managed keys that can be blocked for a single rate-based rule is 10,000. If more than
- *          10,000 addresses exceed the rate limit, those with the highest rates are blocked.</p>
+ * <p>Retrieves the keys that are currently blocked by a rate-based rule instance. The maximum number of managed keys that can be blocked for a single rate-based rule instance is 10,000. If more than 10,000 addresses exceed the rate limit, those with the highest rates are blocked.</p>
+ *          <p>For a rate-based rule that you've defined inside a rule group, provide the name of the rule group reference statement in your request, in addition to the rate-based rule name and the web ACL name. </p>
+ *          <p>WAF monitors web requests and manages keys independently for each unique combination of web ACL, optional rule group, and rate-based rule. For example, if you define a rate-based rule inside a rule group, and then use the rule group in a web ACL, WAF monitors web requests and manages keys for that web ACL, rule group reference statement, and rate-based rule instance. If you use the same rule group in a second web ACL, WAF monitors web requests and manages keys for this second usage completely independent of your first.  </p>
  * @example
  * Use a bare-bones client and the command you need to make an API call.
  * ```javascript

package/dist/types/ts3.4/commands/ListAvailableManagedRuleGroupsCommand.d.ts CHANGED Viewed

@@ -8,7 +8,7 @@ export interface ListAvailableManagedRuleGroupsCommandOutput extends ListAvailab
 }
 /**
  * <p>Retrieves an array of managed rule groups that are available for you to use. This list
- *          includes all Amazon Web Services Managed Rules rule groups and all of the Marketplace managed rule groups that you're
+ *          includes all Amazon Web Services Managed Rules rule groups and all of the Amazon Web Services Marketplace managed rule groups that you're
  *          subscribed to.</p>
  * @example
  * Use a bare-bones client and the command you need to make an API call.

package/dist/types/ts3.4/commands/ListManagedRuleSetsCommand.d.ts CHANGED Viewed

@@ -9,7 +9,7 @@ export interface ListManagedRuleSetsCommandOutput extends ListManagedRuleSetsRes
 /**
  * <p>Retrieves the managed rule sets that you own. </p>
  *          <note>
- *             <p>This is intended for use only by vendors of managed rule sets. Vendors are Amazon Web Services and Marketplace sellers. </p>
+ *             <p>This is intended for use only by vendors of managed rule sets. Vendors are Amazon Web Services and Amazon Web Services Marketplace sellers. </p>
  *             <p>Vendors, you can use the managed rule set APIs to provide controlled rollout of your versioned managed rule group offerings for your customers. The APIs are <code>ListManagedRuleSets</code>, <code>GetManagedRuleSet</code>, <code>PutManagedRuleSetVersions</code>, and <code>UpdateManagedRuleSetVersionExpiryDate</code>.</p>
  *          </note>
  * @example

package/dist/types/ts3.4/commands/PutManagedRuleSetVersionsCommand.d.ts CHANGED Viewed

@@ -10,7 +10,7 @@ export interface PutManagedRuleSetVersionsCommandOutput extends PutManagedRuleSe
  * <p>Defines the versions of your managed rule set that you are offering to the customers.
  *          Customers see your offerings as managed rule groups with versioning.</p>
  *          <note>
- *             <p>This is intended for use only by vendors of managed rule sets. Vendors are Amazon Web Services and Marketplace sellers. </p>
+ *             <p>This is intended for use only by vendors of managed rule sets. Vendors are Amazon Web Services and Amazon Web Services Marketplace sellers. </p>
  *             <p>Vendors, you can use the managed rule set APIs to provide controlled rollout of your versioned managed rule group offerings for your customers. The APIs are <code>ListManagedRuleSets</code>, <code>GetManagedRuleSet</code>, <code>PutManagedRuleSetVersions</code>, and <code>UpdateManagedRuleSetVersionExpiryDate</code>.</p>
  *          </note>
  *          <p>Customers retrieve their managed rule group list by calling <a>ListAvailableManagedRuleGroups</a>. The name that you provide here for your

package/dist/types/ts3.4/commands/UpdateManagedRuleSetVersionExpiryDateCommand.d.ts CHANGED Viewed

@@ -11,7 +11,7 @@ export interface UpdateManagedRuleSetVersionExpiryDateCommandOutput extends Upda
  *          expiration of a managed rule group version. After you initiate expiration for a version,
  *          WAF excludes it from the reponse to <a>ListAvailableManagedRuleGroupVersions</a> for the managed rule group. </p>
  *          <note>
- *             <p>This is intended for use only by vendors of managed rule sets. Vendors are Amazon Web Services and Marketplace sellers. </p>
+ *             <p>This is intended for use only by vendors of managed rule sets. Vendors are Amazon Web Services and Amazon Web Services Marketplace sellers. </p>
  *             <p>Vendors, you can use the managed rule set APIs to provide controlled rollout of your versioned managed rule group offerings for your customers. The APIs are <code>ListManagedRuleSets</code>, <code>GetManagedRuleSet</code>, <code>PutManagedRuleSetVersions</code>, and <code>UpdateManagedRuleSetVersionExpiryDate</code>.</p>
  *          </note>
  * @example