@aws-sdk/client-wafv2 3.577.0 → 3.582.0

package/dist-cjs/index.js

@@ -79,6 +79,8 @@ __export(src_exports, {
   ListRuleGroupsCommand: () => ListRuleGroupsCommand,
   ListTagsForResourceCommand: () => ListTagsForResourceCommand,
   ListWebACLsCommand: () => ListWebACLsCommand,
+  LogScope: () => LogScope,
+  LogType: () => LogType,
   MapMatchScope: () => MapMatchScope,
   OversizeHandling: () => OversizeHandling,
   ParameterExceptionField: () => ParameterExceptionField,
@@ -1020,6 +1022,13 @@ var _WAFAssociatedItemException = class _WAFAssociatedItemException extends WAFV
 };
 __name(_WAFAssociatedItemException, "WAFAssociatedItemException");
 var WAFAssociatedItemException = _WAFAssociatedItemException;
+var LogScope = {
+  CUSTOMER: "CUSTOMER",
+  SECURITY_LAKE: "SECURITY_LAKE"
+};
+var LogType = {
+  WAF_LOGS: "WAF_LOGS"
+};
 var Platform = {
   ANDROID: "ANDROID",
   IOS: "IOS"
@@ -3988,6 +3997,8 @@ var WAFV2 = _WAFV2;
   ResponseContentType,
   WAFConfigurationWarningException,
   WAFAssociatedItemException,
+  LogScope,
+  LogType,
   Platform,
   FilterBehavior,
   FilterRequirement,

package/dist-es/models/models_0.js

@@ -644,6 +644,13 @@ export class WAFAssociatedItemException extends __BaseException {
         this.Message = opts.Message;
     }
 }
+export const LogScope = {
+    CUSTOMER: "CUSTOMER",
+    SECURITY_LAKE: "SECURITY_LAKE",
+};
+export const LogType = {
+    WAF_LOGS: "WAF_LOGS",
+};
 export const Platform = {
     ANDROID: "ANDROID",
     IOS: "IOS",

package/dist-types/commands/DeleteLoggingConfigurationCommand.d.ts

@@ -35,6 +35,8 @@ declare const DeleteLoggingConfigurationCommand_base: {
  * const client = new WAFV2Client(config);
  * const input = { // DeleteLoggingConfigurationRequest
  *   ResourceArn: "STRING_VALUE", // required
+ *   LogType: "WAF_LOGS",
+ *   LogScope: "CUSTOMER" || "SECURITY_LAKE",
  * };
  * const command = new DeleteLoggingConfigurationCommand(input);
  * const response = await client.send(command);

package/dist-types/commands/GetLoggingConfigurationCommand.d.ts

@@ -35,6 +35,8 @@ declare const GetLoggingConfigurationCommand_base: {
  * const client = new WAFV2Client(config);
  * const input = { // GetLoggingConfigurationRequest
  *   ResourceArn: "STRING_VALUE", // required
+ *   LogType: "WAF_LOGS",
+ *   LogScope: "CUSTOMER" || "SECURITY_LAKE",
  * };
  * const command = new GetLoggingConfigurationCommand(input);
  * const response = await client.send(command);
@@ -124,6 +126,8 @@ declare const GetLoggingConfigurationCommand_base: {
  * //       ],
  * //       DefaultBehavior: "KEEP" || "DROP", // required
  * //     },
+ * //     LogType: "WAF_LOGS",
+ * //     LogScope: "CUSTOMER" || "SECURITY_LAKE",
  * //   },
  * // };
  *

package/dist-types/commands/ListLoggingConfigurationsCommand.d.ts

@@ -37,6 +37,7 @@ declare const ListLoggingConfigurationsCommand_base: {
  *   Scope: "CLOUDFRONT" || "REGIONAL", // required
  *   NextMarker: "STRING_VALUE",
  *   Limit: Number("int"),
+ *   LogScope: "CUSTOMER" || "SECURITY_LAKE",
  * };
  * const command = new ListLoggingConfigurationsCommand(input);
  * const response = await client.send(command);
@@ -127,6 +128,8 @@ declare const ListLoggingConfigurationsCommand_base: {
  * //         ],
  * //         DefaultBehavior: "KEEP" || "DROP", // required
  * //       },
+ * //       LogType: "WAF_LOGS",
+ * //       LogScope: "CUSTOMER" || "SECURITY_LAKE",
  * //     },
  * //   ],
  * //   NextMarker: "STRING_VALUE",

package/dist-types/commands/PutLoggingConfigurationCommand.d.ts

@@ -161,6 +161,8 @@ declare const PutLoggingConfigurationCommand_base: {
  *       ],
  *       DefaultBehavior: "KEEP" || "DROP", // required
  *     },
+ *     LogType: "WAF_LOGS",
+ *     LogScope: "CUSTOMER" || "SECURITY_LAKE",
  *   },
  * };
  * const command = new PutLoggingConfigurationCommand(input);
@@ -251,6 +253,8 @@ declare const PutLoggingConfigurationCommand_base: {
  * //       ],
  * //       DefaultBehavior: "KEEP" || "DROP", // required
  * //     },
+ * //     LogType: "WAF_LOGS",
+ * //     LogScope: "CUSTOMER" || "SECURITY_LAKE",
  * //   },
  * // };
  *

package/dist-types/models/models_0.d.ts

@@ -418,7 +418,7 @@ export declare const FallbackBehavior: {
  */
 export type FallbackBehavior = (typeof FallbackBehavior)[keyof typeof FallbackBehavior];
 /**
- * <p>Match against the request's JA3 fingerprint. The JA3 fingerprint is a 32-character hash derived from the TLS Client Hello of an incoming request. This fingerprint serves as a unique identifier for the client's TLS configuration. WAF calculates and logs this fingerprint for each
+ * <p>Available for use with Amazon CloudFront distributions and Application Load Balancers. Match against the request's JA3 fingerprint. The JA3 fingerprint is a 32-character hash derived from the TLS Client Hello of an incoming request. This fingerprint serves as a unique identifier for the client's TLS configuration. WAF calculates and logs this fingerprint for each
  * 						request that has enough TLS Client Hello information for the calculation. Almost
  *                         all web requests include this information.</p>
  *          <note>
@@ -718,6 +718,10 @@ export interface UriPath {
  *                      <p>In this documentation, the descriptions of the individual fields talk about specifying the web request component to inspect,
  *                       but for field redaction, you are specifying the component type to redact from the logs. </p>
  *                   </li>
+ *                   <li>
+ *                      <p>If you have request sampling enabled, the redacted fields configuration for logging has no impact on sampling.
+ *                   The only way to exclude fields from request sampling is by disabling sampling in the web ACL visibility configuration. </p>
+ *                   </li>
  *                </ul>
  *             </li>
  *          </ul>
@@ -842,7 +846,7 @@ export interface FieldToMatch {
      */
     HeaderOrder?: HeaderOrder;
     /**
-     * <p>Match against the request's JA3 fingerprint. The JA3 fingerprint is a 32-character hash derived from the TLS Client Hello of an incoming request. This fingerprint serves as a unique identifier for the client's TLS configuration. WAF calculates and logs this fingerprint for each
+     * <p>Available for use with Amazon CloudFront distributions and Application Load Balancers. Match against the request's JA3 fingerprint. The JA3 fingerprint is a 32-character hash derived from the TLS Client Hello of an incoming request. This fingerprint serves as a unique identifier for the client's TLS configuration. WAF calculates and logs this fingerprint for each
      * 						request that has enough TLS Client Hello information for the calculation. Almost
      *                         all web requests include this information.</p>
      *          <note>
@@ -950,7 +954,7 @@ export interface ByteMatchStatement {
      *             </li>
      *             <li>
      *                <p>
-     *                   <code>JA3Fingerprint</code>: Match against the request's JA3 fingerprint. The JA3 fingerprint is a 32-character hash derived from the TLS Client Hello of an incoming request. This fingerprint serves as a unique identifier for the client's TLS configuration. You can use this choice only with a string match <code>ByteMatchStatement</code> with the <code>PositionalConstraint</code> set to
+     *                   <code>JA3Fingerprint</code>: Available for use with Amazon CloudFront distributions and Application Load Balancers. Match against the request's JA3 fingerprint. The JA3 fingerprint is a 32-character hash derived from the TLS Client Hello of an incoming request. This fingerprint serves as a unique identifier for the client's TLS configuration. You can use this choice only with a string match <code>ByteMatchStatement</code> with the <code>PositionalConstraint</code> set to
      *        <code>EXACTLY</code>. </p>
      *                <p>You can obtain the JA3 fingerprint for client requests from the web ACL logs.
      * 						If WAF is able to calculate the fingerprint, it includes it in the logs.
@@ -3232,6 +3236,10 @@ export interface VisibilityConfig {
     /**
      * <p>Indicates whether WAF should store a sampling of the web requests that
      *          match the rules. You can view the sampled requests through the WAF console. </p>
+     *          <note>
+     *             <p>Request sampling doesn't provide a field redaction option, and any field redaction that you specify in your logging configuration doesn't affect sampling.
+     *                   The only way to exclude fields from request sampling is by disabling sampling in the web ACL visibility configuration. </p>
+     *          </note>
      * @public
      */
     SampledRequestsEnabled: boolean | undefined;
@@ -3951,6 +3959,29 @@ export declare class WAFAssociatedItemException extends __BaseException {
      */
     constructor(opts: __ExceptionOptionType<WAFAssociatedItemException, __BaseException>);
 }
+/**
+ * @public
+ * @enum
+ */
+export declare const LogScope: {
+    readonly CUSTOMER: "CUSTOMER";
+    readonly SECURITY_LAKE: "SECURITY_LAKE";
+};
+/**
+ * @public
+ */
+export type LogScope = (typeof LogScope)[keyof typeof LogScope];
+/**
+ * @public
+ * @enum
+ */
+export declare const LogType: {
+    readonly WAF_LOGS: "WAF_LOGS";
+};
+/**
+ * @public
+ */
+export type LogType = (typeof LogType)[keyof typeof LogType];
 /**
  * @public
  */
@@ -3960,6 +3991,23 @@ export interface DeleteLoggingConfigurationRequest {
      * @public
      */
     ResourceArn: string | undefined;
+    /**
+     * <p>Used to distinguish between various logging options. Currently, there is one option.</p>
+     *          <p>Default: <code>WAF_LOGS</code>
+     *          </p>
+     * @public
+     */
+    LogType?: LogType;
+    /**
+     * <p>The owner of the logging configuration, which must be set to <code>CUSTOMER</code> for the configurations that you manage. </p>
+     *          <p>The log scope <code>SECURITY_LAKE</code> indicates a configuration that is managed through Amazon Security Lake. You can use Security Lake to collect log and event data from various sources for normalization, analysis, and management. For information, see
+     *        <a href="https://docs.aws.amazon.com/security-lake/latest/userguide/internal-sources.html">Collecting data from Amazon Web Services services</a>
+     *        in the <i>Amazon Security Lake user guide</i>. </p>
+     *          <p>Default: <code>CUSTOMER</code>
+     *          </p>
+     * @public
+     */
+    LogScope?: LogScope;
 }
 /**
  * @public
@@ -4612,6 +4660,23 @@ export interface GetLoggingConfigurationRequest {
      * @public
      */
     ResourceArn: string | undefined;
+    /**
+     * <p>Used to distinguish between various logging options. Currently, there is one option.</p>
+     *          <p>Default: <code>WAF_LOGS</code>
+     *          </p>
+     * @public
+     */
+    LogType?: LogType;
+    /**
+     * <p>The owner of the logging configuration, which must be set to <code>CUSTOMER</code> for the configurations that you manage. </p>
+     *          <p>The log scope <code>SECURITY_LAKE</code> indicates a configuration that is managed through Amazon Security Lake. You can use Security Lake to collect log and event data from various sources for normalization, analysis, and management. For information, see
+     *        <a href="https://docs.aws.amazon.com/security-lake/latest/userguide/internal-sources.html">Collecting data from Amazon Web Services services</a>
+     *        in the <i>Amazon Security Lake user guide</i>. </p>
+     *          <p>Default: <code>CUSTOMER</code>
+     *          </p>
+     * @public
+     */
+    LogScope?: LogScope;
 }
 /**
  * @public
@@ -4770,6 +4835,10 @@ export interface LoggingConfiguration {
      *             <p>You can specify only the following fields for redaction: <code>UriPath</code>,
      *          <code>QueryString</code>, <code>SingleHeader</code>, and <code>Method</code>.</p>
      *          </note>
+     *          <note>
+     *             <p>This setting has no impact on request sampling. With request sampling,
+     *                 the only way to exclude fields is by disabling sampling in the web ACL visibility configuration. </p>
+     *          </note>
      * @public
      */
     RedactedFields?: FieldToMatch[];
@@ -4787,6 +4856,23 @@ export interface LoggingConfiguration {
      * @public
      */
     LoggingFilter?: LoggingFilter;
+    /**
+     * <p>Used to distinguish between various logging options. Currently, there is one option.</p>
+     *          <p>Default: <code>WAF_LOGS</code>
+     *          </p>
+     * @public
+     */
+    LogType?: LogType;
+    /**
+     * <p>The owner of the logging configuration, which must be set to <code>CUSTOMER</code> for the configurations that you manage. </p>
+     *          <p>The log scope <code>SECURITY_LAKE</code> indicates a configuration that is managed through Amazon Security Lake. You can use Security Lake to collect log and event data from various sources for normalization, analysis, and management. For information, see
+     *        <a href="https://docs.aws.amazon.com/security-lake/latest/userguide/internal-sources.html">Collecting data from Amazon Web Services services</a>
+     *        in the <i>Amazon Security Lake user guide</i>. </p>
+     *          <p>Default: <code>CUSTOMER</code>
+     *          </p>
+     * @public
+     */
+    LogScope?: LogScope;
 }
 /**
  * @public
@@ -5927,6 +6013,16 @@ export interface ListLoggingConfigurationsRequest {
      * @public
      */
     Limit?: number;
+    /**
+     * <p>The owner of the logging configuration, which must be set to <code>CUSTOMER</code> for the configurations that you manage. </p>
+     *          <p>The log scope <code>SECURITY_LAKE</code> indicates a configuration that is managed through Amazon Security Lake. You can use Security Lake to collect log and event data from various sources for normalization, analysis, and management. For information, see
+     *        <a href="https://docs.aws.amazon.com/security-lake/latest/userguide/internal-sources.html">Collecting data from Amazon Web Services services</a>
+     *        in the <i>Amazon Security Lake user guide</i>. </p>
+     *          <p>Default: <code>CUSTOMER</code>
+     *          </p>
+     * @public
+     */
+    LogScope?: LogScope;
 }
 /**
  * @public

package/dist-types/ts3.4/models/models_0.d.ts

@@ -1043,8 +1043,19 @@ export declare class WAFAssociatedItemException extends __BaseException {
     opts: __ExceptionOptionType<WAFAssociatedItemException, __BaseException>
   );
 }
+export declare const LogScope: {
+  readonly CUSTOMER: "CUSTOMER";
+  readonly SECURITY_LAKE: "SECURITY_LAKE";
+};
+export type LogScope = (typeof LogScope)[keyof typeof LogScope];
+export declare const LogType: {
+  readonly WAF_LOGS: "WAF_LOGS";
+};
+export type LogType = (typeof LogType)[keyof typeof LogType];
 export interface DeleteLoggingConfigurationRequest {
   ResourceArn: string | undefined;
+  LogType?: LogType;
+  LogScope?: LogScope;
 }
 export interface DeleteLoggingConfigurationResponse {}
 export interface DeletePermissionPolicyRequest {
@@ -1161,6 +1172,8 @@ export interface GetIPSetResponse {
 }
 export interface GetLoggingConfigurationRequest {
   ResourceArn: string | undefined;
+  LogType?: LogType;
+  LogScope?: LogScope;
 }
 export declare const FilterBehavior: {
   readonly DROP: "DROP";
@@ -1196,6 +1209,8 @@ export interface LoggingConfiguration {
   RedactedFields?: FieldToMatch[];
   ManagedByFirewallManager?: boolean;
   LoggingFilter?: LoggingFilter;
+  LogType?: LogType;
+  LogScope?: LogScope;
 }
 export interface GetLoggingConfigurationResponse {
   LoggingConfiguration?: LoggingConfiguration;
@@ -1413,6 +1428,7 @@ export interface ListLoggingConfigurationsRequest {
   Scope: Scope | undefined;
   NextMarker?: string;
   Limit?: number;
+  LogScope?: LogScope;
 }
 export interface ListLoggingConfigurationsResponse {
   LoggingConfigurations?: LoggingConfiguration[];

package/package.json

@@ -1,7 +1,7 @@
 {
   "name": "@aws-sdk/client-wafv2",
   "description": "AWS SDK for JavaScript Wafv2 Client for Node.js, Browser and React Native",
-  "version": "3.577.0",
+  "version": "3.582.0",
   "scripts": {
     "build": "concurrently 'yarn:build:cjs' 'yarn:build:es' 'yarn:build:types'",
     "build:cjs": "node ../../scripts/compilation/inline client-wafv2",
@@ -20,10 +20,10 @@
   "dependencies": {
     "@aws-crypto/sha256-browser": "3.0.0",
     "@aws-crypto/sha256-js": "3.0.0",
-    "@aws-sdk/client-sso-oidc": "3.577.0",
-    "@aws-sdk/client-sts": "3.577.0",
-    "@aws-sdk/core": "3.576.0",
-    "@aws-sdk/credential-provider-node": "3.577.0",
+    "@aws-sdk/client-sso-oidc": "3.582.0",
+    "@aws-sdk/client-sts": "3.582.0",
+    "@aws-sdk/core": "3.582.0",
+    "@aws-sdk/credential-provider-node": "3.582.0",
     "@aws-sdk/middleware-host-header": "3.577.0",
     "@aws-sdk/middleware-logger": "3.577.0",
     "@aws-sdk/middleware-recursion-detection": "3.577.0",
@@ -34,26 +34,26 @@
     "@aws-sdk/util-user-agent-browser": "3.577.0",
     "@aws-sdk/util-user-agent-node": "3.577.0",
     "@smithy/config-resolver": "^3.0.0",
-    "@smithy/core": "^2.0.0",
-    "@smithy/fetch-http-handler": "^3.0.0",
+    "@smithy/core": "^2.0.1",
+    "@smithy/fetch-http-handler": "^3.0.1",
     "@smithy/hash-node": "^3.0.0",
     "@smithy/invalid-dependency": "^3.0.0",
     "@smithy/middleware-content-length": "^3.0.0",
     "@smithy/middleware-endpoint": "^3.0.0",
-    "@smithy/middleware-retry": "^3.0.0",
+    "@smithy/middleware-retry": "^3.0.1",
     "@smithy/middleware-serde": "^3.0.0",
     "@smithy/middleware-stack": "^3.0.0",
     "@smithy/node-config-provider": "^3.0.0",
     "@smithy/node-http-handler": "^3.0.0",
     "@smithy/protocol-http": "^4.0.0",
-    "@smithy/smithy-client": "^3.0.0",
+    "@smithy/smithy-client": "^3.0.1",
     "@smithy/types": "^3.0.0",
     "@smithy/url-parser": "^3.0.0",
     "@smithy/util-base64": "^3.0.0",
     "@smithy/util-body-length-browser": "^3.0.0",
     "@smithy/util-body-length-node": "^3.0.0",
-    "@smithy/util-defaults-mode-browser": "^3.0.0",
-    "@smithy/util-defaults-mode-node": "^3.0.0",
+    "@smithy/util-defaults-mode-browser": "^3.0.1",
+    "@smithy/util-defaults-mode-node": "^3.0.1",
     "@smithy/util-endpoints": "^2.0.0",
     "@smithy/util-middleware": "^3.0.0",
     "@smithy/util-retry": "^3.0.0",