cdk-comprehend-s3olap 2.0.115 → 2.0.117
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/.jsii +4 -4
- package/lib/cdk-comprehend-s3olap.js +2 -2
- package/lib/comprehend-lambdas.js +2 -2
- package/lib/iam-roles.js +4 -4
- package/node_modules/aws-sdk/CHANGELOG.md +17 -1
- package/node_modules/aws-sdk/README.md +1 -1
- package/node_modules/aws-sdk/apis/amplifyuibuilder-2021-08-11.min.json +563 -490
- package/node_modules/aws-sdk/apis/amplifyuibuilder-2021-08-11.waiters2.json +5 -0
- package/node_modules/aws-sdk/apis/ivs-realtime-2020-07-14.min.json +6 -2
- package/node_modules/aws-sdk/apis/runtime.sagemaker-2017-05-13.min.json +4 -0
- package/node_modules/aws-sdk/apis/sagemaker-2017-07-24.min.json +657 -655
- package/node_modules/aws-sdk/apis/wafv2-2019-07-29.min.json +28 -55
- package/node_modules/aws-sdk/clients/amplifyuibuilder.d.ts +451 -350
- package/node_modules/aws-sdk/clients/amplifyuibuilder.js +1 -0
- package/node_modules/aws-sdk/clients/autoscaling.d.ts +18 -18
- package/node_modules/aws-sdk/clients/configservice.d.ts +2 -2
- package/node_modules/aws-sdk/clients/ec2.d.ts +1 -1
- package/node_modules/aws-sdk/clients/ecs.d.ts +10 -10
- package/node_modules/aws-sdk/clients/elasticinference.d.ts +12 -12
- package/node_modules/aws-sdk/clients/identitystore.d.ts +27 -27
- package/node_modules/aws-sdk/clients/networkfirewall.d.ts +1 -1
- package/node_modules/aws-sdk/clients/sagemaker.d.ts +30 -20
- package/node_modules/aws-sdk/clients/sagemakerruntime.d.ts +4 -0
- package/node_modules/aws-sdk/clients/servicecatalog.d.ts +2 -2
- package/node_modules/aws-sdk/clients/vpclattice.d.ts +18 -18
- package/node_modules/aws-sdk/clients/wafv2.d.ts +62 -89
- package/node_modules/aws-sdk/dist/aws-sdk-core-react-native.js +1 -1
- package/node_modules/aws-sdk/dist/aws-sdk-react-native.js +294 -287
- package/node_modules/aws-sdk/dist/aws-sdk.js +3 -3
- package/node_modules/aws-sdk/dist/aws-sdk.min.js +2 -2
- package/node_modules/aws-sdk/lib/core.js +1 -1
- package/node_modules/aws-sdk/package.json +1 -1
- package/package.json +5 -5
|
@@ -12,19 +12,19 @@ declare class WAFV2 extends Service {
|
|
|
12
12
|
constructor(options?: WAFV2.Types.ClientConfiguration)
|
|
13
13
|
config: Config & WAFV2.Types.ClientConfiguration;
|
|
14
14
|
/**
|
|
15
|
-
* Associates a web ACL with a regional application resource, to protect the resource. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, an AppSync GraphQL API,
|
|
15
|
+
* Associates a web ACL with a regional application resource, to protect the resource. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, an AppSync GraphQL API, a Amazon Cognito user pool, or an App Runner service. For Amazon CloudFront, don't use this call. Instead, use your CloudFront distribution configuration. To associate a web ACL, in the CloudFront call UpdateDistribution, set the web ACL ID to the Amazon Resource Name (ARN) of the web ACL. For information, see UpdateDistribution. When you make changes to web ACLs or web ACL components, like rules and rule groups, WAF propagates the changes everywhere that the web ACL and its components are stored and used. Your changes are applied within seconds, but there might be a brief period of inconsistency when the changes have arrived in some places and not in others. So, for example, if you change a rule action setting, the action might be the old action in one area and the new action in another area. Or if you add an IP address to an IP set used in a blocking rule, the new address might briefly be blocked in one area while still allowed in another. This temporary inconsistency can occur when you first associate a web ACL with an Amazon Web Services resource and when you change a web ACL that is already associated with a resource. Generally, any inconsistencies of this type last only a few seconds.
|
|
16
16
|
*/
|
|
17
17
|
associateWebACL(params: WAFV2.Types.AssociateWebACLRequest, callback?: (err: AWSError, data: WAFV2.Types.AssociateWebACLResponse) => void): Request<WAFV2.Types.AssociateWebACLResponse, AWSError>;
|
|
18
18
|
/**
|
|
19
|
-
* Associates a web ACL with a regional application resource, to protect the resource. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, an AppSync GraphQL API,
|
|
19
|
+
* Associates a web ACL with a regional application resource, to protect the resource. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, an AppSync GraphQL API, a Amazon Cognito user pool, or an App Runner service. For Amazon CloudFront, don't use this call. Instead, use your CloudFront distribution configuration. To associate a web ACL, in the CloudFront call UpdateDistribution, set the web ACL ID to the Amazon Resource Name (ARN) of the web ACL. For information, see UpdateDistribution. When you make changes to web ACLs or web ACL components, like rules and rule groups, WAF propagates the changes everywhere that the web ACL and its components are stored and used. Your changes are applied within seconds, but there might be a brief period of inconsistency when the changes have arrived in some places and not in others. So, for example, if you change a rule action setting, the action might be the old action in one area and the new action in another area. Or if you add an IP address to an IP set used in a blocking rule, the new address might briefly be blocked in one area while still allowed in another. This temporary inconsistency can occur when you first associate a web ACL with an Amazon Web Services resource and when you change a web ACL that is already associated with a resource. Generally, any inconsistencies of this type last only a few seconds.
|
|
20
20
|
*/
|
|
21
21
|
associateWebACL(callback?: (err: AWSError, data: WAFV2.Types.AssociateWebACLResponse) => void): Request<WAFV2.Types.AssociateWebACLResponse, AWSError>;
|
|
22
22
|
/**
|
|
23
|
-
* Returns the web ACL capacity unit (WCU) requirements for a specified scope and set of rules. You can use this to check the capacity requirements for the rules you want to use in a RuleGroup or WebACL. WAF uses WCUs to calculate and control the operating resources that are used to run your rules, rule groups, and web ACLs. WAF calculates capacity differently for each rule type, to reflect the relative cost of each rule. Simple rules that cost little to run use fewer WCUs than more complex rules that use more processing power. Rule group capacity is fixed at creation, which helps users plan their web ACL WCU usage when they use a rule group.
|
|
23
|
+
* Returns the web ACL capacity unit (WCU) requirements for a specified scope and set of rules. You can use this to check the capacity requirements for the rules you want to use in a RuleGroup or WebACL. WAF uses WCUs to calculate and control the operating resources that are used to run your rules, rule groups, and web ACLs. WAF calculates capacity differently for each rule type, to reflect the relative cost of each rule. Simple rules that cost little to run use fewer WCUs than more complex rules that use more processing power. Rule group capacity is fixed at creation, which helps users plan their web ACL WCU usage when they use a rule group. The WCU limit for web ACLs is 1,500.
|
|
24
24
|
*/
|
|
25
25
|
checkCapacity(params: WAFV2.Types.CheckCapacityRequest, callback?: (err: AWSError, data: WAFV2.Types.CheckCapacityResponse) => void): Request<WAFV2.Types.CheckCapacityResponse, AWSError>;
|
|
26
26
|
/**
|
|
27
|
-
* Returns the web ACL capacity unit (WCU) requirements for a specified scope and set of rules. You can use this to check the capacity requirements for the rules you want to use in a RuleGroup or WebACL. WAF uses WCUs to calculate and control the operating resources that are used to run your rules, rule groups, and web ACLs. WAF calculates capacity differently for each rule type, to reflect the relative cost of each rule. Simple rules that cost little to run use fewer WCUs than more complex rules that use more processing power. Rule group capacity is fixed at creation, which helps users plan their web ACL WCU usage when they use a rule group.
|
|
27
|
+
* Returns the web ACL capacity unit (WCU) requirements for a specified scope and set of rules. You can use this to check the capacity requirements for the rules you want to use in a RuleGroup or WebACL. WAF uses WCUs to calculate and control the operating resources that are used to run your rules, rule groups, and web ACLs. WAF calculates capacity differently for each rule type, to reflect the relative cost of each rule. Simple rules that cost little to run use fewer WCUs than more complex rules that use more processing power. Rule group capacity is fixed at creation, which helps users plan their web ACL WCU usage when they use a rule group. The WCU limit for web ACLs is 1,500.
|
|
28
28
|
*/
|
|
29
29
|
checkCapacity(callback?: (err: AWSError, data: WAFV2.Types.CheckCapacityResponse) => void): Request<WAFV2.Types.CheckCapacityResponse, AWSError>;
|
|
30
30
|
/**
|
|
@@ -52,11 +52,11 @@ declare class WAFV2 extends Service {
|
|
|
52
52
|
*/
|
|
53
53
|
createRuleGroup(callback?: (err: AWSError, data: WAFV2.Types.CreateRuleGroupResponse) => void): Request<WAFV2.Types.CreateRuleGroupResponse, AWSError>;
|
|
54
54
|
/**
|
|
55
|
-
* Creates a WebACL per the specifications provided. A web ACL defines a collection of rules to use to inspect and control web requests. Each rule has an action defined (allow, block, or count) for requests that match the statement of the rule. In the web ACL, you assign a default action to take (allow, block) for any request that does not match any of the rules. The rules in a web ACL can be a combination of the types Rule, RuleGroup, and managed rule group. You can associate a web ACL with one or more Amazon Web Services resources to protect. The resources can be an Amazon CloudFront distribution, an Amazon API Gateway REST API, an Application Load Balancer, an AppSync GraphQL API,
|
|
55
|
+
* Creates a WebACL per the specifications provided. A web ACL defines a collection of rules to use to inspect and control web requests. Each rule has an action defined (allow, block, or count) for requests that match the statement of the rule. In the web ACL, you assign a default action to take (allow, block) for any request that does not match any of the rules. The rules in a web ACL can be a combination of the types Rule, RuleGroup, and managed rule group. You can associate a web ACL with one or more Amazon Web Services resources to protect. The resources can be an Amazon CloudFront distribution, an Amazon API Gateway REST API, an Application Load Balancer, an AppSync GraphQL API, Amazon Cognito user pool, or an App Runner service.
|
|
56
56
|
*/
|
|
57
57
|
createWebACL(params: WAFV2.Types.CreateWebACLRequest, callback?: (err: AWSError, data: WAFV2.Types.CreateWebACLResponse) => void): Request<WAFV2.Types.CreateWebACLResponse, AWSError>;
|
|
58
58
|
/**
|
|
59
|
-
* Creates a WebACL per the specifications provided. A web ACL defines a collection of rules to use to inspect and control web requests. Each rule has an action defined (allow, block, or count) for requests that match the statement of the rule. In the web ACL, you assign a default action to take (allow, block) for any request that does not match any of the rules. The rules in a web ACL can be a combination of the types Rule, RuleGroup, and managed rule group. You can associate a web ACL with one or more Amazon Web Services resources to protect. The resources can be an Amazon CloudFront distribution, an Amazon API Gateway REST API, an Application Load Balancer, an AppSync GraphQL API,
|
|
59
|
+
* Creates a WebACL per the specifications provided. A web ACL defines a collection of rules to use to inspect and control web requests. Each rule has an action defined (allow, block, or count) for requests that match the statement of the rule. In the web ACL, you assign a default action to take (allow, block) for any request that does not match any of the rules. The rules in a web ACL can be a combination of the types Rule, RuleGroup, and managed rule group. You can associate a web ACL with one or more Amazon Web Services resources to protect. The resources can be an Amazon CloudFront distribution, an Amazon API Gateway REST API, an Application Load Balancer, an AppSync GraphQL API, Amazon Cognito user pool, or an App Runner service.
|
|
60
60
|
*/
|
|
61
61
|
createWebACL(callback?: (err: AWSError, data: WAFV2.Types.CreateWebACLResponse) => void): Request<WAFV2.Types.CreateWebACLResponse, AWSError>;
|
|
62
62
|
/**
|
|
@@ -108,11 +108,11 @@ declare class WAFV2 extends Service {
|
|
|
108
108
|
*/
|
|
109
109
|
deleteRuleGroup(callback?: (err: AWSError, data: WAFV2.Types.DeleteRuleGroupResponse) => void): Request<WAFV2.Types.DeleteRuleGroupResponse, AWSError>;
|
|
110
110
|
/**
|
|
111
|
-
* Deletes the specified WebACL. You can only use this if ManagedByFirewallManager is false in the specified WebACL. Before deleting any web ACL, first disassociate it from all resources. To retrieve a list of the resources that are associated with a web ACL, use the following calls: For regional resources, call ListResourcesForWebACL. For Amazon CloudFront distributions, use the CloudFront call ListDistributionsByWebACLId. For information, see ListDistributionsByWebACLId
|
|
111
|
+
* Deletes the specified WebACL. You can only use this if ManagedByFirewallManager is false in the specified WebACL. Before deleting any web ACL, first disassociate it from all resources. To retrieve a list of the resources that are associated with a web ACL, use the following calls: For regional resources, call ListResourcesForWebACL. For Amazon CloudFront distributions, use the CloudFront call ListDistributionsByWebACLId. For information, see ListDistributionsByWebACLId. To disassociate a resource from a web ACL, use the following calls: For regional resources, call DisassociateWebACL. For Amazon CloudFront distributions, provide an empty web ACL ID in the CloudFront call UpdateDistribution. For information, see UpdateDistribution.
|
|
112
112
|
*/
|
|
113
113
|
deleteWebACL(params: WAFV2.Types.DeleteWebACLRequest, callback?: (err: AWSError, data: WAFV2.Types.DeleteWebACLResponse) => void): Request<WAFV2.Types.DeleteWebACLResponse, AWSError>;
|
|
114
114
|
/**
|
|
115
|
-
* Deletes the specified WebACL. You can only use this if ManagedByFirewallManager is false in the specified WebACL. Before deleting any web ACL, first disassociate it from all resources. To retrieve a list of the resources that are associated with a web ACL, use the following calls: For regional resources, call ListResourcesForWebACL. For Amazon CloudFront distributions, use the CloudFront call ListDistributionsByWebACLId. For information, see ListDistributionsByWebACLId
|
|
115
|
+
* Deletes the specified WebACL. You can only use this if ManagedByFirewallManager is false in the specified WebACL. Before deleting any web ACL, first disassociate it from all resources. To retrieve a list of the resources that are associated with a web ACL, use the following calls: For regional resources, call ListResourcesForWebACL. For Amazon CloudFront distributions, use the CloudFront call ListDistributionsByWebACLId. For information, see ListDistributionsByWebACLId. To disassociate a resource from a web ACL, use the following calls: For regional resources, call DisassociateWebACL. For Amazon CloudFront distributions, provide an empty web ACL ID in the CloudFront call UpdateDistribution. For information, see UpdateDistribution.
|
|
116
116
|
*/
|
|
117
117
|
deleteWebACL(callback?: (err: AWSError, data: WAFV2.Types.DeleteWebACLResponse) => void): Request<WAFV2.Types.DeleteWebACLResponse, AWSError>;
|
|
118
118
|
/**
|
|
@@ -124,11 +124,11 @@ declare class WAFV2 extends Service {
|
|
|
124
124
|
*/
|
|
125
125
|
describeManagedRuleGroup(callback?: (err: AWSError, data: WAFV2.Types.DescribeManagedRuleGroupResponse) => void): Request<WAFV2.Types.DescribeManagedRuleGroupResponse, AWSError>;
|
|
126
126
|
/**
|
|
127
|
-
* Disassociates the specified regional application resource from any existing web ACL association. A resource can have at most one web ACL association. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, an AppSync GraphQL API,
|
|
127
|
+
* Disassociates the specified regional application resource from any existing web ACL association. A resource can have at most one web ACL association. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, an AppSync GraphQL API, a Amazon Cognito user pool, or an App Runner service. For Amazon CloudFront, don't use this call. Instead, use your CloudFront distribution configuration. To disassociate a web ACL, provide an empty web ACL ID in the CloudFront call UpdateDistribution. For information, see UpdateDistribution.
|
|
128
128
|
*/
|
|
129
129
|
disassociateWebACL(params: WAFV2.Types.DisassociateWebACLRequest, callback?: (err: AWSError, data: WAFV2.Types.DisassociateWebACLResponse) => void): Request<WAFV2.Types.DisassociateWebACLResponse, AWSError>;
|
|
130
130
|
/**
|
|
131
|
-
* Disassociates the specified regional application resource from any existing web ACL association. A resource can have at most one web ACL association. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, an AppSync GraphQL API,
|
|
131
|
+
* Disassociates the specified regional application resource from any existing web ACL association. A resource can have at most one web ACL association. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, an AppSync GraphQL API, a Amazon Cognito user pool, or an App Runner service. For Amazon CloudFront, don't use this call. Instead, use your CloudFront distribution configuration. To disassociate a web ACL, provide an empty web ACL ID in the CloudFront call UpdateDistribution. For information, see UpdateDistribution.
|
|
132
132
|
*/
|
|
133
133
|
disassociateWebACL(callback?: (err: AWSError, data: WAFV2.Types.DisassociateWebACLResponse) => void): Request<WAFV2.Types.DisassociateWebACLResponse, AWSError>;
|
|
134
134
|
/**
|
|
@@ -388,11 +388,11 @@ declare class WAFV2 extends Service {
|
|
|
388
388
|
*/
|
|
389
389
|
updateRuleGroup(callback?: (err: AWSError, data: WAFV2.Types.UpdateRuleGroupResponse) => void): Request<WAFV2.Types.UpdateRuleGroupResponse, AWSError>;
|
|
390
390
|
/**
|
|
391
|
-
* Updates the specified WebACL. While updating a web ACL, WAF provides continuous coverage to the resources that you have associated with the web ACL. This operation completely replaces the mutable specifications that you already have for the web ACL with the ones that you provide to this call. To modify a web ACL, do the following: Retrieve it by calling GetWebACL Update its settings as needed Provide the complete web ACL specification to this call When you make changes to web ACLs or web ACL components, like rules and rule groups, WAF propagates the changes everywhere that the web ACL and its components are stored and used. Your changes are applied within seconds, but there might be a brief period of inconsistency when the changes have arrived in some places and not in others. So, for example, if you change a rule action setting, the action might be the old action in one area and the new action in another area. Or if you add an IP address to an IP set used in a blocking rule, the new address might briefly be blocked in one area while still allowed in another. This temporary inconsistency can occur when you first associate a web ACL with an Amazon Web Services resource and when you change a web ACL that is already associated with a resource. Generally, any inconsistencies of this type last only a few seconds. A web ACL defines a collection of rules to use to inspect and control web requests. Each rule has an action defined (allow, block, or count) for requests that match the statement of the rule. In the web ACL, you assign a default action to take (allow, block) for any request that does not match any of the rules. The rules in a web ACL can be a combination of the types Rule, RuleGroup, and managed rule group. You can associate a web ACL with one or more Amazon Web Services resources to protect. The resources can be an Amazon CloudFront distribution, an Amazon API Gateway REST API, an Application Load Balancer, an AppSync GraphQL API,
|
|
391
|
+
* Updates the specified WebACL. While updating a web ACL, WAF provides continuous coverage to the resources that you have associated with the web ACL. This operation completely replaces the mutable specifications that you already have for the web ACL with the ones that you provide to this call. To modify a web ACL, do the following: Retrieve it by calling GetWebACL Update its settings as needed Provide the complete web ACL specification to this call When you make changes to web ACLs or web ACL components, like rules and rule groups, WAF propagates the changes everywhere that the web ACL and its components are stored and used. Your changes are applied within seconds, but there might be a brief period of inconsistency when the changes have arrived in some places and not in others. So, for example, if you change a rule action setting, the action might be the old action in one area and the new action in another area. Or if you add an IP address to an IP set used in a blocking rule, the new address might briefly be blocked in one area while still allowed in another. This temporary inconsistency can occur when you first associate a web ACL with an Amazon Web Services resource and when you change a web ACL that is already associated with a resource. Generally, any inconsistencies of this type last only a few seconds. A web ACL defines a collection of rules to use to inspect and control web requests. Each rule has an action defined (allow, block, or count) for requests that match the statement of the rule. In the web ACL, you assign a default action to take (allow, block) for any request that does not match any of the rules. The rules in a web ACL can be a combination of the types Rule, RuleGroup, and managed rule group. You can associate a web ACL with one or more Amazon Web Services resources to protect. The resources can be an Amazon CloudFront distribution, an Amazon API Gateway REST API, an Application Load Balancer, an AppSync GraphQL API, Amazon Cognito user pool, or an App Runner service.
|
|
392
392
|
*/
|
|
393
393
|
updateWebACL(params: WAFV2.Types.UpdateWebACLRequest, callback?: (err: AWSError, data: WAFV2.Types.UpdateWebACLResponse) => void): Request<WAFV2.Types.UpdateWebACLResponse, AWSError>;
|
|
394
394
|
/**
|
|
395
|
-
* Updates the specified WebACL. While updating a web ACL, WAF provides continuous coverage to the resources that you have associated with the web ACL. This operation completely replaces the mutable specifications that you already have for the web ACL with the ones that you provide to this call. To modify a web ACL, do the following: Retrieve it by calling GetWebACL Update its settings as needed Provide the complete web ACL specification to this call When you make changes to web ACLs or web ACL components, like rules and rule groups, WAF propagates the changes everywhere that the web ACL and its components are stored and used. Your changes are applied within seconds, but there might be a brief period of inconsistency when the changes have arrived in some places and not in others. So, for example, if you change a rule action setting, the action might be the old action in one area and the new action in another area. Or if you add an IP address to an IP set used in a blocking rule, the new address might briefly be blocked in one area while still allowed in another. This temporary inconsistency can occur when you first associate a web ACL with an Amazon Web Services resource and when you change a web ACL that is already associated with a resource. Generally, any inconsistencies of this type last only a few seconds. A web ACL defines a collection of rules to use to inspect and control web requests. Each rule has an action defined (allow, block, or count) for requests that match the statement of the rule. In the web ACL, you assign a default action to take (allow, block) for any request that does not match any of the rules. The rules in a web ACL can be a combination of the types Rule, RuleGroup, and managed rule group. You can associate a web ACL with one or more Amazon Web Services resources to protect. The resources can be an Amazon CloudFront distribution, an Amazon API Gateway REST API, an Application Load Balancer, an AppSync GraphQL API,
|
|
395
|
+
* Updates the specified WebACL. While updating a web ACL, WAF provides continuous coverage to the resources that you have associated with the web ACL. This operation completely replaces the mutable specifications that you already have for the web ACL with the ones that you provide to this call. To modify a web ACL, do the following: Retrieve it by calling GetWebACL Update its settings as needed Provide the complete web ACL specification to this call When you make changes to web ACLs or web ACL components, like rules and rule groups, WAF propagates the changes everywhere that the web ACL and its components are stored and used. Your changes are applied within seconds, but there might be a brief period of inconsistency when the changes have arrived in some places and not in others. So, for example, if you change a rule action setting, the action might be the old action in one area and the new action in another area. Or if you add an IP address to an IP set used in a blocking rule, the new address might briefly be blocked in one area while still allowed in another. This temporary inconsistency can occur when you first associate a web ACL with an Amazon Web Services resource and when you change a web ACL that is already associated with a resource. Generally, any inconsistencies of this type last only a few seconds. A web ACL defines a collection of rules to use to inspect and control web requests. Each rule has an action defined (allow, block, or count) for requests that match the statement of the rule. In the web ACL, you assign a default action to take (allow, block) for any request that does not match any of the rules. The rules in a web ACL can be a combination of the types Rule, RuleGroup, and managed rule group. You can associate a web ACL with one or more Amazon Web Services resources to protect. The resources can be an Amazon CloudFront distribution, an Amazon API Gateway REST API, an Application Load Balancer, an AppSync GraphQL API, Amazon Cognito user pool, or an App Runner service.
|
|
396
396
|
*/
|
|
397
397
|
updateWebACL(callback?: (err: AWSError, data: WAFV2.Types.UpdateWebACLResponse) => void): Request<WAFV2.Types.UpdateWebACLResponse, AWSError>;
|
|
398
398
|
}
|
|
@@ -413,7 +413,7 @@ declare namespace WAFV2 {
|
|
|
413
413
|
}
|
|
414
414
|
export interface AWSManagedRulesBotControlRuleSet {
|
|
415
415
|
/**
|
|
416
|
-
* The inspection level to use for the Bot Control rule group. The common level is the least expensive. The targeted level includes all common level rules and adds rules with more advanced inspection criteria. For details, see WAF Bot Control rule group
|
|
416
|
+
* The inspection level to use for the Bot Control rule group. The common level is the least expensive. The targeted level includes all common level rules and adds rules with more advanced inspection criteria. For details, see WAF Bot Control rule group.
|
|
417
417
|
*/
|
|
418
418
|
InspectionLevel: InspectionLevel;
|
|
419
419
|
}
|
|
@@ -447,19 +447,12 @@ declare namespace WAFV2 {
|
|
|
447
447
|
*/
|
|
448
448
|
WebACLArn: ResourceArn;
|
|
449
449
|
/**
|
|
450
|
-
* The Amazon Resource Name (ARN) of the resource to associate with the web ACL. The ARN must be in one of the following formats: For an Application Load Balancer: arn:
|
|
450
|
+
* The Amazon Resource Name (ARN) of the resource to associate with the web ACL. The ARN must be in one of the following formats: For an Application Load Balancer: arn:aws:elasticloadbalancing:region:account-id:loadbalancer/app/load-balancer-name/load-balancer-id For an Amazon API Gateway REST API: arn:aws:apigateway:region::/restapis/api-id/stages/stage-name For an AppSync GraphQL API: arn:aws:appsync:region:account-id:apis/GraphQLApiId For an Amazon Cognito user pool: arn:aws:cognito-idp:region:account-id:userpool/user-pool-id For an App Runner service: arn:aws:apprunner:region:account-id:service/apprunner-service-name/apprunner-service-id
|
|
451
451
|
*/
|
|
452
452
|
ResourceArn: ResourceArn;
|
|
453
453
|
}
|
|
454
454
|
export interface AssociateWebACLResponse {
|
|
455
455
|
}
|
|
456
|
-
export type AssociatedResourceType = "CLOUDFRONT"|string;
|
|
457
|
-
export interface AssociationConfig {
|
|
458
|
-
/**
|
|
459
|
-
* Customizes the maximum size of the request body that your protected CloudFront distributions forward to WAF for inspection. The default size is 16 KB (16,384 kilobytes). You are charged additional fees when your protected resources forward body sizes that are larger than the default. For more information, see WAF Pricing.
|
|
460
|
-
*/
|
|
461
|
-
RequestBody?: RequestBody;
|
|
462
|
-
}
|
|
463
456
|
export interface BlockAction {
|
|
464
457
|
/**
|
|
465
458
|
* Defines a custom response for the web request. For information about customizing web requests and responses, see Customizing web requests and responses in WAF in the WAF Developer Guide.
|
|
@@ -468,7 +461,7 @@ declare namespace WAFV2 {
|
|
|
468
461
|
}
|
|
469
462
|
export interface Body {
|
|
470
463
|
/**
|
|
471
|
-
* What WAF should do if the body is larger than WAF can inspect. WAF does not support inspecting the entire contents of the web request
|
|
464
|
+
* What WAF should do if the body is larger than WAF can inspect. WAF does not support inspecting the entire contents of the body of a web request when the body exceeds 8 KB (8192 bytes). Only the first 8 KB of the request body are forwarded to WAF by the underlying host service. The options for oversize handling are the following: CONTINUE - Inspect the body normally, according to the rule inspection criteria. MATCH - Treat the web request as matching the rule statement. WAF applies the rule action to the request. NO_MATCH - Treat the web request as not matching the rule statement. You can combine the MATCH or NO_MATCH settings for oversize handling with your rule and web ACL action settings, so that you block any request whose body is over 8 KB. Default: CONTINUE
|
|
472
465
|
*/
|
|
473
466
|
OversizeHandling?: OversizeHandling;
|
|
474
467
|
}
|
|
@@ -547,7 +540,7 @@ declare namespace WAFV2 {
|
|
|
547
540
|
}
|
|
548
541
|
export interface CheckCapacityRequest {
|
|
549
542
|
/**
|
|
550
|
-
* Specifies whether this is for an Amazon CloudFront distribution or for a regional application. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, an AppSync GraphQL API,
|
|
543
|
+
* Specifies whether this is for an Amazon CloudFront distribution or for a regional application. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, an AppSync GraphQL API, a Amazon Cognito user pool, or an App Runner service. To work with CloudFront, you must also specify the Region US East (N. Virginia) as follows: CLI - Specify the Region when you use the CloudFront scope: --scope=CLOUDFRONT --region=us-east-1. API and SDKs - For all calls, use the Region endpoint us-east-1.
|
|
551
544
|
*/
|
|
552
545
|
Scope: Scope;
|
|
553
546
|
/**
|
|
@@ -618,7 +611,7 @@ declare namespace WAFV2 {
|
|
|
618
611
|
*/
|
|
619
612
|
Name: EntityName;
|
|
620
613
|
/**
|
|
621
|
-
* Specifies whether this is for an Amazon CloudFront distribution or for a regional application. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, an AppSync GraphQL API,
|
|
614
|
+
* Specifies whether this is for an Amazon CloudFront distribution or for a regional application. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, an AppSync GraphQL API, a Amazon Cognito user pool, or an App Runner service. To work with CloudFront, you must also specify the Region US East (N. Virginia) as follows: CLI - Specify the Region when you use the CloudFront scope: --scope=CLOUDFRONT --region=us-east-1. API and SDKs - For all calls, use the Region endpoint us-east-1.
|
|
622
615
|
*/
|
|
623
616
|
Scope: Scope;
|
|
624
617
|
/**
|
|
@@ -650,7 +643,7 @@ declare namespace WAFV2 {
|
|
|
650
643
|
*/
|
|
651
644
|
Name: EntityName;
|
|
652
645
|
/**
|
|
653
|
-
* Specifies whether this is for an Amazon CloudFront distribution or for a regional application. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, an AppSync GraphQL API,
|
|
646
|
+
* Specifies whether this is for an Amazon CloudFront distribution or for a regional application. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, an AppSync GraphQL API, a Amazon Cognito user pool, or an App Runner service. To work with CloudFront, you must also specify the Region US East (N. Virginia) as follows: CLI - Specify the Region when you use the CloudFront scope: --scope=CLOUDFRONT --region=us-east-1. API and SDKs - For all calls, use the Region endpoint us-east-1.
|
|
654
647
|
*/
|
|
655
648
|
Scope: Scope;
|
|
656
649
|
/**
|
|
@@ -678,11 +671,11 @@ declare namespace WAFV2 {
|
|
|
678
671
|
*/
|
|
679
672
|
Name: EntityName;
|
|
680
673
|
/**
|
|
681
|
-
* Specifies whether this is for an Amazon CloudFront distribution or for a regional application. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, an AppSync GraphQL API,
|
|
674
|
+
* Specifies whether this is for an Amazon CloudFront distribution or for a regional application. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, an AppSync GraphQL API, a Amazon Cognito user pool, or an App Runner service. To work with CloudFront, you must also specify the Region US East (N. Virginia) as follows: CLI - Specify the Region when you use the CloudFront scope: --scope=CLOUDFRONT --region=us-east-1. API and SDKs - For all calls, use the Region endpoint us-east-1.
|
|
682
675
|
*/
|
|
683
676
|
Scope: Scope;
|
|
684
677
|
/**
|
|
685
|
-
* The web ACL capacity units (WCUs) required for this rule group. When you create your own rule group, you define this, and you cannot change it after creation. When you add or modify the rules in a rule group, WAF enforces this limit. You can check the capacity for a set of rules using CheckCapacity. WAF uses WCUs to calculate and control the operating resources that are used to run your rules, rule groups, and web ACLs. WAF calculates capacity differently for each rule type, to reflect the relative cost of each rule. Simple rules that cost little to run use fewer WCUs than more complex rules that use more processing power. Rule group capacity is fixed at creation, which helps users plan their web ACL WCU usage when they use a rule group.
|
|
678
|
+
* The web ACL capacity units (WCUs) required for this rule group. When you create your own rule group, you define this, and you cannot change it after creation. When you add or modify the rules in a rule group, WAF enforces this limit. You can check the capacity for a set of rules using CheckCapacity. WAF uses WCUs to calculate and control the operating resources that are used to run your rules, rule groups, and web ACLs. WAF calculates capacity differently for each rule type, to reflect the relative cost of each rule. Simple rules that cost little to run use fewer WCUs than more complex rules that use more processing power. Rule group capacity is fixed at creation, which helps users plan their web ACL WCU usage when they use a rule group. The WCU limit for web ACLs is 1,500.
|
|
686
679
|
*/
|
|
687
680
|
Capacity: CapacityUnit;
|
|
688
681
|
/**
|
|
@@ -718,7 +711,7 @@ declare namespace WAFV2 {
|
|
|
718
711
|
*/
|
|
719
712
|
Name: EntityName;
|
|
720
713
|
/**
|
|
721
|
-
* Specifies whether this is for an Amazon CloudFront distribution or for a regional application. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, an AppSync GraphQL API,
|
|
714
|
+
* Specifies whether this is for an Amazon CloudFront distribution or for a regional application. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, an AppSync GraphQL API, a Amazon Cognito user pool, or an App Runner service. To work with CloudFront, you must also specify the Region US East (N. Virginia) as follows: CLI - Specify the Region when you use the CloudFront scope: --scope=CLOUDFRONT --region=us-east-1. API and SDKs - For all calls, use the Region endpoint us-east-1.
|
|
722
715
|
*/
|
|
723
716
|
Scope: Scope;
|
|
724
717
|
/**
|
|
@@ -757,10 +750,6 @@ declare namespace WAFV2 {
|
|
|
757
750
|
* Specifies the domains that WAF should accept in a web request token. This enables the use of tokens across multiple protected websites. When WAF provides a token, it uses the domain of the Amazon Web Services resource that the web ACL is protecting. If you don't specify a list of token domains, WAF accepts tokens only for the domain of the protected resource. With a token domain list, WAF accepts the resource's host domain plus all domains in the token domain list, including their prefixed subdomains. Example JSON: "TokenDomains": { "mywebsite.com", "myotherwebsite.com" } Public suffixes aren't allowed. For example, you can't use usa.gov or co.uk as token domains.
|
|
758
751
|
*/
|
|
759
752
|
TokenDomains?: TokenDomains;
|
|
760
|
-
/**
|
|
761
|
-
* Specifies custom configurations for the associations between the web ACL and protected resources. Use this to customize the maximum size of the request body that your protected CloudFront distributions forward to WAF for inspection. The default is 16 KB (16,384 kilobytes). You are charged additional fees when your protected resources forward body sizes that are larger than the default. For more information, see WAF Pricing.
|
|
762
|
-
*/
|
|
763
|
-
AssociationConfig?: AssociationConfig;
|
|
764
753
|
}
|
|
765
754
|
export interface CreateWebACLResponse {
|
|
766
755
|
/**
|
|
@@ -844,7 +833,7 @@ declare namespace WAFV2 {
|
|
|
844
833
|
*/
|
|
845
834
|
Name: EntityName;
|
|
846
835
|
/**
|
|
847
|
-
* Specifies whether this is for an Amazon CloudFront distribution or for a regional application. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, an AppSync GraphQL API,
|
|
836
|
+
* Specifies whether this is for an Amazon CloudFront distribution or for a regional application. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, an AppSync GraphQL API, a Amazon Cognito user pool, or an App Runner service. To work with CloudFront, you must also specify the Region US East (N. Virginia) as follows: CLI - Specify the Region when you use the CloudFront scope: --scope=CLOUDFRONT --region=us-east-1. API and SDKs - For all calls, use the Region endpoint us-east-1.
|
|
848
837
|
*/
|
|
849
838
|
Scope: Scope;
|
|
850
839
|
/**
|
|
@@ -880,7 +869,7 @@ declare namespace WAFV2 {
|
|
|
880
869
|
*/
|
|
881
870
|
Name: EntityName;
|
|
882
871
|
/**
|
|
883
|
-
* Specifies whether this is for an Amazon CloudFront distribution or for a regional application. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, an AppSync GraphQL API,
|
|
872
|
+
* Specifies whether this is for an Amazon CloudFront distribution or for a regional application. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, an AppSync GraphQL API, a Amazon Cognito user pool, or an App Runner service. To work with CloudFront, you must also specify the Region US East (N. Virginia) as follows: CLI - Specify the Region when you use the CloudFront scope: --scope=CLOUDFRONT --region=us-east-1. API and SDKs - For all calls, use the Region endpoint us-east-1.
|
|
884
873
|
*/
|
|
885
874
|
Scope: Scope;
|
|
886
875
|
/**
|
|
@@ -900,7 +889,7 @@ declare namespace WAFV2 {
|
|
|
900
889
|
*/
|
|
901
890
|
Name: EntityName;
|
|
902
891
|
/**
|
|
903
|
-
* Specifies whether this is for an Amazon CloudFront distribution or for a regional application. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, an AppSync GraphQL API,
|
|
892
|
+
* Specifies whether this is for an Amazon CloudFront distribution or for a regional application. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, an AppSync GraphQL API, a Amazon Cognito user pool, or an App Runner service. To work with CloudFront, you must also specify the Region US East (N. Virginia) as follows: CLI - Specify the Region when you use the CloudFront scope: --scope=CLOUDFRONT --region=us-east-1. API and SDKs - For all calls, use the Region endpoint us-east-1.
|
|
904
893
|
*/
|
|
905
894
|
Scope: Scope;
|
|
906
895
|
/**
|
|
@@ -920,7 +909,7 @@ declare namespace WAFV2 {
|
|
|
920
909
|
*/
|
|
921
910
|
Name: EntityName;
|
|
922
911
|
/**
|
|
923
|
-
* Specifies whether this is for an Amazon CloudFront distribution or for a regional application. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, an AppSync GraphQL API,
|
|
912
|
+
* Specifies whether this is for an Amazon CloudFront distribution or for a regional application. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, an AppSync GraphQL API, a Amazon Cognito user pool, or an App Runner service. To work with CloudFront, you must also specify the Region US East (N. Virginia) as follows: CLI - Specify the Region when you use the CloudFront scope: --scope=CLOUDFRONT --region=us-east-1. API and SDKs - For all calls, use the Region endpoint us-east-1.
|
|
924
913
|
*/
|
|
925
914
|
Scope: Scope;
|
|
926
915
|
/**
|
|
@@ -944,7 +933,7 @@ declare namespace WAFV2 {
|
|
|
944
933
|
*/
|
|
945
934
|
Name: EntityName;
|
|
946
935
|
/**
|
|
947
|
-
* Specifies whether this is for an Amazon CloudFront distribution or for a regional application. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, an AppSync GraphQL API,
|
|
936
|
+
* Specifies whether this is for an Amazon CloudFront distribution or for a regional application. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, an AppSync GraphQL API, a Amazon Cognito user pool, or an App Runner service. To work with CloudFront, you must also specify the Region US East (N. Virginia) as follows: CLI - Specify the Region when you use the CloudFront scope: --scope=CLOUDFRONT --region=us-east-1. API and SDKs - For all calls, use the Region endpoint us-east-1.
|
|
948
937
|
*/
|
|
949
938
|
Scope: Scope;
|
|
950
939
|
/**
|
|
@@ -962,7 +951,7 @@ declare namespace WAFV2 {
|
|
|
962
951
|
*/
|
|
963
952
|
SnsTopicArn?: ResourceArn;
|
|
964
953
|
/**
|
|
965
|
-
* The web ACL capacity units (WCUs) required for this rule group. WAF uses
|
|
954
|
+
* The web ACL capacity units (WCUs) required for this rule group. WAF uses web ACL capacity units (WCU) to calculate and control the operating resources that are used to run your rules, rule groups, and web ACLs. WAF calculates capacity differently for each rule type, to reflect each rule's relative cost. Rule group capacity is fixed at creation, so users can plan their web ACL WCU usage when they use a rule group. The WCU limit for web ACLs is 1,500.
|
|
966
955
|
*/
|
|
967
956
|
Capacity?: CapacityUnit;
|
|
968
957
|
/**
|
|
@@ -984,7 +973,7 @@ declare namespace WAFV2 {
|
|
|
984
973
|
}
|
|
985
974
|
export interface DisassociateWebACLRequest {
|
|
986
975
|
/**
|
|
987
|
-
* The Amazon Resource Name (ARN) of the resource to disassociate from the web ACL. The ARN must be in one of the following formats: For an Application Load Balancer: arn:
|
|
976
|
+
* The Amazon Resource Name (ARN) of the resource to disassociate from the web ACL. The ARN must be in one of the following formats: For an Application Load Balancer: arn:aws:elasticloadbalancing:region:account-id:loadbalancer/app/load-balancer-name/load-balancer-id For an Amazon API Gateway REST API: arn:aws:apigateway:region::/restapis/api-id/stages/stage-name For an AppSync GraphQL API: arn:aws:appsync:region:account-id:apis/GraphQLApiId For an Amazon Cognito user pool: arn:aws:cognito-idp:region:account-id:userpool/user-pool-id For an App Runner service: arn:aws:apprunner:region:account-id:service/apprunner-service-name/apprunner-service-id
|
|
988
977
|
*/
|
|
989
978
|
ResourceArn: ResourceArn;
|
|
990
979
|
}
|
|
@@ -1028,7 +1017,7 @@ declare namespace WAFV2 {
|
|
|
1028
1017
|
*/
|
|
1029
1018
|
QueryString?: QueryString;
|
|
1030
1019
|
/**
|
|
1031
|
-
* Inspect the request body as plain text. The request body immediately follows the request headers. This is the part of a request that contains any additional data that you want to send to your web server as the HTTP request body, such as data from a form.
|
|
1020
|
+
* Inspect the request body as plain text. The request body immediately follows the request headers. This is the part of a request that contains any additional data that you want to send to your web server as the HTTP request body, such as data from a form. Only the first 8 KB (8192 bytes) of the request body are forwarded to WAF for inspection by the underlying host service. For information about how to handle oversized request bodies, see the Body object configuration.
|
|
1032
1021
|
*/
|
|
1033
1022
|
Body?: Body;
|
|
1034
1023
|
/**
|
|
@@ -1036,7 +1025,7 @@ declare namespace WAFV2 {
|
|
|
1036
1025
|
*/
|
|
1037
1026
|
Method?: Method;
|
|
1038
1027
|
/**
|
|
1039
|
-
* Inspect the request body as JSON. The request body immediately follows the request headers. This is the part of a request that contains any additional data that you want to send to your web server as the HTTP request body, such as data from a form.
|
|
1028
|
+
* Inspect the request body as JSON. The request body immediately follows the request headers. This is the part of a request that contains any additional data that you want to send to your web server as the HTTP request body, such as data from a form. Only the first 8 KB (8192 bytes) of the request body are forwarded to WAF for inspection by the underlying host service. For information about how to handle oversized request bodies, see the JsonBody object configuration.
|
|
1040
1029
|
*/
|
|
1041
1030
|
JsonBody?: JsonBody;
|
|
1042
1031
|
/**
|
|
@@ -1091,11 +1080,11 @@ declare namespace WAFV2 {
|
|
|
1091
1080
|
export type FirewallManagerRuleGroups = FirewallManagerRuleGroup[];
|
|
1092
1081
|
export interface FirewallManagerStatement {
|
|
1093
1082
|
/**
|
|
1094
|
-
* A statement used
|
|
1083
|
+
* A rule statement used to run the rules that are defined in a managed rule group. To use this, provide the vendor name and the name of the rule group in this statement. You can retrieve the required names by calling ListAvailableManagedRuleGroups. You cannot nest a ManagedRuleGroupStatement, for example for use inside a NotStatement or OrStatement. It can only be referenced as a top-level statement within a rule. You are charged additional fees when you use the WAF Bot Control managed rule group AWSManagedRulesBotControlRuleSet or the WAF Fraud Control account takeover prevention (ATP) managed rule group AWSManagedRulesATPRuleSet. For more information, see WAF Pricing.
|
|
1095
1084
|
*/
|
|
1096
1085
|
ManagedRuleGroupStatement?: ManagedRuleGroupStatement;
|
|
1097
1086
|
/**
|
|
1098
|
-
* A statement used
|
|
1087
|
+
* A rule statement used to run the rules that are defined in a RuleGroup. To use this, create a rule group with your rules, then provide the ARN of the rule group in this statement. You cannot nest a RuleGroupReferenceStatement, for example for use inside a NotStatement or OrStatement. You can only use a rule group reference statement at the top level inside a web ACL.
|
|
1099
1088
|
*/
|
|
1100
1089
|
RuleGroupReferenceStatement?: RuleGroupReferenceStatement;
|
|
1101
1090
|
}
|
|
@@ -1143,7 +1132,7 @@ declare namespace WAFV2 {
|
|
|
1143
1132
|
*/
|
|
1144
1133
|
Name: EntityName;
|
|
1145
1134
|
/**
|
|
1146
|
-
* Specifies whether this is for an Amazon CloudFront distribution or for a regional application. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, an AppSync GraphQL API,
|
|
1135
|
+
* Specifies whether this is for an Amazon CloudFront distribution or for a regional application. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, an AppSync GraphQL API, a Amazon Cognito user pool, or an App Runner service. To work with CloudFront, you must also specify the Region US East (N. Virginia) as follows: CLI - Specify the Region when you use the CloudFront scope: --scope=CLOUDFRONT --region=us-east-1. API and SDKs - For all calls, use the Region endpoint us-east-1.
|
|
1147
1136
|
*/
|
|
1148
1137
|
Scope: Scope;
|
|
1149
1138
|
/**
|
|
@@ -1179,7 +1168,7 @@ declare namespace WAFV2 {
|
|
|
1179
1168
|
*/
|
|
1180
1169
|
Name: EntityName;
|
|
1181
1170
|
/**
|
|
1182
|
-
* Specifies whether this is for an Amazon CloudFront distribution or for a regional application. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, an AppSync GraphQL API,
|
|
1171
|
+
* Specifies whether this is for an Amazon CloudFront distribution or for a regional application. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, an AppSync GraphQL API, a Amazon Cognito user pool, or an App Runner service. To work with CloudFront, you must also specify the Region US East (N. Virginia) as follows: CLI - Specify the Region when you use the CloudFront scope: --scope=CLOUDFRONT --region=us-east-1. API and SDKs - For all calls, use the Region endpoint us-east-1.
|
|
1183
1172
|
*/
|
|
1184
1173
|
Scope: Scope;
|
|
1185
1174
|
/**
|
|
@@ -1227,7 +1216,7 @@ declare namespace WAFV2 {
|
|
|
1227
1216
|
}
|
|
1228
1217
|
export interface GetRateBasedStatementManagedKeysRequest {
|
|
1229
1218
|
/**
|
|
1230
|
-
* Specifies whether this is for an Amazon CloudFront distribution or for a regional application. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, an AppSync GraphQL API,
|
|
1219
|
+
* Specifies whether this is for an Amazon CloudFront distribution or for a regional application. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, an AppSync GraphQL API, a Amazon Cognito user pool, or an App Runner service. To work with CloudFront, you must also specify the Region US East (N. Virginia) as follows: CLI - Specify the Region when you use the CloudFront scope: --scope=CLOUDFRONT --region=us-east-1. API and SDKs - For all calls, use the Region endpoint us-east-1.
|
|
1231
1220
|
*/
|
|
1232
1221
|
Scope: Scope;
|
|
1233
1222
|
/**
|
|
@@ -1263,7 +1252,7 @@ declare namespace WAFV2 {
|
|
|
1263
1252
|
*/
|
|
1264
1253
|
Name: EntityName;
|
|
1265
1254
|
/**
|
|
1266
|
-
* Specifies whether this is for an Amazon CloudFront distribution or for a regional application. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, an AppSync GraphQL API,
|
|
1255
|
+
* Specifies whether this is for an Amazon CloudFront distribution or for a regional application. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, an AppSync GraphQL API, a Amazon Cognito user pool, or an App Runner service. To work with CloudFront, you must also specify the Region US East (N. Virginia) as follows: CLI - Specify the Region when you use the CloudFront scope: --scope=CLOUDFRONT --region=us-east-1. API and SDKs - For all calls, use the Region endpoint us-east-1.
|
|
1267
1256
|
*/
|
|
1268
1257
|
Scope: Scope;
|
|
1269
1258
|
/**
|
|
@@ -1287,7 +1276,7 @@ declare namespace WAFV2 {
|
|
|
1287
1276
|
*/
|
|
1288
1277
|
Name?: EntityName;
|
|
1289
1278
|
/**
|
|
1290
|
-
* Specifies whether this is for an Amazon CloudFront distribution or for a regional application. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, an AppSync GraphQL API,
|
|
1279
|
+
* Specifies whether this is for an Amazon CloudFront distribution or for a regional application. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, an AppSync GraphQL API, a Amazon Cognito user pool, or an App Runner service. To work with CloudFront, you must also specify the Region US East (N. Virginia) as follows: CLI - Specify the Region when you use the CloudFront scope: --scope=CLOUDFRONT --region=us-east-1. API and SDKs - For all calls, use the Region endpoint us-east-1.
|
|
1291
1280
|
*/
|
|
1292
1281
|
Scope?: Scope;
|
|
1293
1282
|
/**
|
|
@@ -1319,7 +1308,7 @@ declare namespace WAFV2 {
|
|
|
1319
1308
|
*/
|
|
1320
1309
|
RuleMetricName: MetricName;
|
|
1321
1310
|
/**
|
|
1322
|
-
* Specifies whether this is for an Amazon CloudFront distribution or for a regional application. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, an AppSync GraphQL API,
|
|
1311
|
+
* Specifies whether this is for an Amazon CloudFront distribution or for a regional application. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, an AppSync GraphQL API, a Amazon Cognito user pool, or an App Runner service. To work with CloudFront, you must also specify the Region US East (N. Virginia) as follows: CLI - Specify the Region when you use the CloudFront scope: --scope=CLOUDFRONT --region=us-east-1. API and SDKs - For all calls, use the Region endpoint us-east-1.
|
|
1323
1312
|
*/
|
|
1324
1313
|
Scope: Scope;
|
|
1325
1314
|
/**
|
|
@@ -1347,7 +1336,7 @@ declare namespace WAFV2 {
|
|
|
1347
1336
|
}
|
|
1348
1337
|
export interface GetWebACLForResourceRequest {
|
|
1349
1338
|
/**
|
|
1350
|
-
* The Amazon Resource Name (ARN) of the resource whose web ACL you want to retrieve. The ARN must be in one of the following formats: For an Application Load Balancer: arn:
|
|
1339
|
+
* The Amazon Resource Name (ARN) of the resource whose web ACL you want to retrieve. The ARN must be in one of the following formats: For an Application Load Balancer: arn:aws:elasticloadbalancing:region:account-id:loadbalancer/app/load-balancer-name/load-balancer-id For an Amazon API Gateway REST API: arn:aws:apigateway:region::/restapis/api-id/stages/stage-name For an AppSync GraphQL API: arn:aws:appsync:region:account-id:apis/GraphQLApiId For an Amazon Cognito user pool: arn:aws:cognito-idp:region:account-id:userpool/user-pool-id For an App Runner service: arn:aws:apprunner:region:account-id:service/apprunner-service-name/apprunner-service-id
|
|
1351
1340
|
*/
|
|
1352
1341
|
ResourceArn: ResourceArn;
|
|
1353
1342
|
}
|
|
@@ -1363,7 +1352,7 @@ declare namespace WAFV2 {
|
|
|
1363
1352
|
*/
|
|
1364
1353
|
Name: EntityName;
|
|
1365
1354
|
/**
|
|
1366
|
-
* Specifies whether this is for an Amazon CloudFront distribution or for a regional application. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, an AppSync GraphQL API,
|
|
1355
|
+
* Specifies whether this is for an Amazon CloudFront distribution or for a regional application. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, an AppSync GraphQL API, a Amazon Cognito user pool, or an App Runner service. To work with CloudFront, you must also specify the Region US East (N. Virginia) as follows: CLI - Specify the Region when you use the CloudFront scope: --scope=CLOUDFRONT --region=us-east-1. API and SDKs - For all calls, use the Region endpoint us-east-1.
|
|
1367
1356
|
*/
|
|
1368
1357
|
Scope: Scope;
|
|
1369
1358
|
/**
|
|
@@ -1553,7 +1542,7 @@ declare namespace WAFV2 {
|
|
|
1553
1542
|
*/
|
|
1554
1543
|
InvalidFallbackBehavior?: BodyParsingFallbackBehavior;
|
|
1555
1544
|
/**
|
|
1556
|
-
* What WAF should do if the body is larger than WAF can inspect. WAF does not support inspecting the entire contents of the web request
|
|
1545
|
+
* What WAF should do if the body is larger than WAF can inspect. WAF does not support inspecting the entire contents of the body of a web request when the body exceeds 8 KB (8192 bytes). Only the first 8 KB of the request body are forwarded to WAF by the underlying host service. The options for oversize handling are the following: CONTINUE - Inspect the body normally, according to the rule inspection criteria. MATCH - Treat the web request as matching the rule statement. WAF applies the rule action to the request. NO_MATCH - Treat the web request as not matching the rule statement. You can combine the MATCH or NO_MATCH settings for oversize handling with your rule and web ACL action settings, so that you block any request whose body is over 8 KB. Default: CONTINUE
|
|
1557
1546
|
*/
|
|
1558
1547
|
OversizeHandling?: OversizeHandling;
|
|
1559
1548
|
}
|
|
@@ -1613,7 +1602,7 @@ declare namespace WAFV2 {
|
|
|
1613
1602
|
*/
|
|
1614
1603
|
Name: EntityName;
|
|
1615
1604
|
/**
|
|
1616
|
-
* Specifies whether this is for an Amazon CloudFront distribution or for a regional application. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, an AppSync GraphQL API,
|
|
1605
|
+
* Specifies whether this is for an Amazon CloudFront distribution or for a regional application. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, an AppSync GraphQL API, a Amazon Cognito user pool, or an App Runner service. To work with CloudFront, you must also specify the Region US East (N. Virginia) as follows: CLI - Specify the Region when you use the CloudFront scope: --scope=CLOUDFRONT --region=us-east-1. API and SDKs - For all calls, use the Region endpoint us-east-1.
|
|
1617
1606
|
*/
|
|
1618
1607
|
Scope: Scope;
|
|
1619
1608
|
/**
|
|
@@ -1641,7 +1630,7 @@ declare namespace WAFV2 {
|
|
|
1641
1630
|
}
|
|
1642
1631
|
export interface ListAvailableManagedRuleGroupsRequest {
|
|
1643
1632
|
/**
|
|
1644
|
-
* Specifies whether this is for an Amazon CloudFront distribution or for a regional application. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, an AppSync GraphQL API,
|
|
1633
|
+
* Specifies whether this is for an Amazon CloudFront distribution or for a regional application. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, an AppSync GraphQL API, a Amazon Cognito user pool, or an App Runner service. To work with CloudFront, you must also specify the Region US East (N. Virginia) as follows: CLI - Specify the Region when you use the CloudFront scope: --scope=CLOUDFRONT --region=us-east-1. API and SDKs - For all calls, use the Region endpoint us-east-1.
|
|
1645
1634
|
*/
|
|
1646
1635
|
Scope: Scope;
|
|
1647
1636
|
/**
|
|
@@ -1665,7 +1654,7 @@ declare namespace WAFV2 {
|
|
|
1665
1654
|
}
|
|
1666
1655
|
export interface ListIPSetsRequest {
|
|
1667
1656
|
/**
|
|
1668
|
-
* Specifies whether this is for an Amazon CloudFront distribution or for a regional application. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, an AppSync GraphQL API,
|
|
1657
|
+
* Specifies whether this is for an Amazon CloudFront distribution or for a regional application. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, an AppSync GraphQL API, a Amazon Cognito user pool, or an App Runner service. To work with CloudFront, you must also specify the Region US East (N. Virginia) as follows: CLI - Specify the Region when you use the CloudFront scope: --scope=CLOUDFRONT --region=us-east-1. API and SDKs - For all calls, use the Region endpoint us-east-1.
|
|
1669
1658
|
*/
|
|
1670
1659
|
Scope: Scope;
|
|
1671
1660
|
/**
|
|
@@ -1689,7 +1678,7 @@ declare namespace WAFV2 {
|
|
|
1689
1678
|
}
|
|
1690
1679
|
export interface ListLoggingConfigurationsRequest {
|
|
1691
1680
|
/**
|
|
1692
|
-
* Specifies whether this is for an Amazon CloudFront distribution or for a regional application. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, an AppSync GraphQL API,
|
|
1681
|
+
* Specifies whether this is for an Amazon CloudFront distribution or for a regional application. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, an AppSync GraphQL API, a Amazon Cognito user pool, or an App Runner service. To work with CloudFront, you must also specify the Region US East (N. Virginia) as follows: CLI - Specify the Region when you use the CloudFront scope: --scope=CLOUDFRONT --region=us-east-1. API and SDKs - For all calls, use the Region endpoint us-east-1.
|
|
1693
1682
|
*/
|
|
1694
1683
|
Scope: Scope;
|
|
1695
1684
|
/**
|
|
@@ -1713,7 +1702,7 @@ declare namespace WAFV2 {
|
|
|
1713
1702
|
}
|
|
1714
1703
|
export interface ListManagedRuleSetsRequest {
|
|
1715
1704
|
/**
|
|
1716
|
-
* Specifies whether this is for an Amazon CloudFront distribution or for a regional application. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, an AppSync GraphQL API,
|
|
1705
|
+
* Specifies whether this is for an Amazon CloudFront distribution or for a regional application. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, an AppSync GraphQL API, a Amazon Cognito user pool, or an App Runner service. To work with CloudFront, you must also specify the Region US East (N. Virginia) as follows: CLI - Specify the Region when you use the CloudFront scope: --scope=CLOUDFRONT --region=us-east-1. API and SDKs - For all calls, use the Region endpoint us-east-1.
|
|
1717
1706
|
*/
|
|
1718
1707
|
Scope: Scope;
|
|
1719
1708
|
/**
|
|
@@ -1762,7 +1751,7 @@ declare namespace WAFV2 {
|
|
|
1762
1751
|
}
|
|
1763
1752
|
export interface ListRegexPatternSetsRequest {
|
|
1764
1753
|
/**
|
|
1765
|
-
* Specifies whether this is for an Amazon CloudFront distribution or for a regional application. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, an AppSync GraphQL API,
|
|
1754
|
+
* Specifies whether this is for an Amazon CloudFront distribution or for a regional application. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, an AppSync GraphQL API, a Amazon Cognito user pool, or an App Runner service. To work with CloudFront, you must also specify the Region US East (N. Virginia) as follows: CLI - Specify the Region when you use the CloudFront scope: --scope=CLOUDFRONT --region=us-east-1. API and SDKs - For all calls, use the Region endpoint us-east-1.
|
|
1766
1755
|
*/
|
|
1767
1756
|
Scope: Scope;
|
|
1768
1757
|
/**
|
|
@@ -1790,7 +1779,7 @@ declare namespace WAFV2 {
|
|
|
1790
1779
|
*/
|
|
1791
1780
|
WebACLArn: ResourceArn;
|
|
1792
1781
|
/**
|
|
1793
|
-
* Used for web ACLs that are scoped for regional applications. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, an AppSync GraphQL API,
|
|
1782
|
+
* Used for web ACLs that are scoped for regional applications. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, an AppSync GraphQL API, a Amazon Cognito user pool, or an App Runner service. If you don't provide a resource type, the call uses the resource type APPLICATION_LOAD_BALANCER. Default: APPLICATION_LOAD_BALANCER
|
|
1794
1783
|
*/
|
|
1795
1784
|
ResourceType?: ResourceType;
|
|
1796
1785
|
}
|
|
@@ -1802,7 +1791,7 @@ declare namespace WAFV2 {
|
|
|
1802
1791
|
}
|
|
1803
1792
|
export interface ListRuleGroupsRequest {
|
|
1804
1793
|
/**
|
|
1805
|
-
* Specifies whether this is for an Amazon CloudFront distribution or for a regional application. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, an AppSync GraphQL API,
|
|
1794
|
+
* Specifies whether this is for an Amazon CloudFront distribution or for a regional application. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, an AppSync GraphQL API, a Amazon Cognito user pool, or an App Runner service. To work with CloudFront, you must also specify the Region US East (N. Virginia) as follows: CLI - Specify the Region when you use the CloudFront scope: --scope=CLOUDFRONT --region=us-east-1. API and SDKs - For all calls, use the Region endpoint us-east-1.
|
|
1806
1795
|
*/
|
|
1807
1796
|
Scope: Scope;
|
|
1808
1797
|
/**
|
|
@@ -1850,7 +1839,7 @@ declare namespace WAFV2 {
|
|
|
1850
1839
|
}
|
|
1851
1840
|
export interface ListWebACLsRequest {
|
|
1852
1841
|
/**
|
|
1853
|
-
* Specifies whether this is for an Amazon CloudFront distribution or for a regional application. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, an AppSync GraphQL API,
|
|
1842
|
+
* Specifies whether this is for an Amazon CloudFront distribution or for a regional application. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, an AppSync GraphQL API, a Amazon Cognito user pool, or an App Runner service. To work with CloudFront, you must also specify the Region US East (N. Virginia) as follows: CLI - Specify the Region when you use the CloudFront scope: --scope=CLOUDFRONT --region=us-east-1. API and SDKs - For all calls, use the Region endpoint us-east-1.
|
|
1854
1843
|
*/
|
|
1855
1844
|
Scope: Scope;
|
|
1856
1845
|
/**
|
|
@@ -2058,7 +2047,7 @@ declare namespace WAFV2 {
|
|
|
2058
2047
|
*/
|
|
2059
2048
|
AssociatedRuleGroupArn?: ResourceArn;
|
|
2060
2049
|
/**
|
|
2061
|
-
* The web ACL capacity units (WCUs) required for this rule group. WAF uses WCUs to calculate and control the operating resources that are used to run your rules, rule groups, and web ACLs. WAF calculates capacity differently for each rule type, to reflect the relative cost of each rule. Simple rules that cost little to run use fewer WCUs than more complex rules that use more processing power. Rule group capacity is fixed at creation, which helps users plan their web ACL WCU usage when they use a rule group.
|
|
2050
|
+
* The web ACL capacity units (WCUs) required for this rule group. WAF uses WCUs to calculate and control the operating resources that are used to run your rules, rule groups, and web ACLs. WAF calculates capacity differently for each rule type, to reflect the relative cost of each rule. Simple rules that cost little to run use fewer WCUs than more complex rules that use more processing power. Rule group capacity is fixed at creation, which helps users plan their web ACL WCU usage when they use a rule group. The WCU limit for web ACLs is 1,500.
|
|
2062
2051
|
*/
|
|
2063
2052
|
Capacity?: CapacityUnit;
|
|
2064
2053
|
/**
|
|
@@ -2158,7 +2147,7 @@ declare namespace WAFV2 {
|
|
|
2158
2147
|
*/
|
|
2159
2148
|
Name: EntityName;
|
|
2160
2149
|
/**
|
|
2161
|
-
* Specifies whether this is for an Amazon CloudFront distribution or for a regional application. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, an AppSync GraphQL API,
|
|
2150
|
+
* Specifies whether this is for an Amazon CloudFront distribution or for a regional application. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, an AppSync GraphQL API, a Amazon Cognito user pool, or an App Runner service. To work with CloudFront, you must also specify the Region US East (N. Virginia) as follows: CLI - Specify the Region when you use the CloudFront scope: --scope=CLOUDFRONT --region=us-east-1. API and SDKs - For all calls, use the Region endpoint us-east-1.
|
|
2162
2151
|
*/
|
|
2163
2152
|
Scope: Scope;
|
|
2164
2153
|
/**
|
|
@@ -2190,7 +2179,7 @@ declare namespace WAFV2 {
|
|
|
2190
2179
|
*/
|
|
2191
2180
|
ResourceArn: ResourceArn;
|
|
2192
2181
|
/**
|
|
2193
|
-
* The policy to attach to the specified rule group. The policy specifications must conform to the following: The policy must be composed using IAM Policy version 2012-10-17. The policy must include specifications for Effect, Action, and Principal. Effect must specify Allow. Action must specify wafv2:CreateWebACL, wafv2:UpdateWebACL, and wafv2:PutFirewallManagerRuleGroups and may optionally specify wafv2:GetRuleGroup. WAF rejects any extra actions or wildcard actions in the policy. The policy must not include a Resource parameter. For more information, see IAM Policies.
|
|
2182
|
+
* The policy to attach to the specified rule group. The policy specifications must conform to the following: The policy must be composed using IAM Policy version 2012-10-17 or version 2015-01-01. The policy must include specifications for Effect, Action, and Principal. Effect must specify Allow. Action must specify wafv2:CreateWebACL, wafv2:UpdateWebACL, and wafv2:PutFirewallManagerRuleGroups and may optionally specify wafv2:GetRuleGroup. WAF rejects any extra actions or wildcard actions in the policy. The policy must not include a Resource parameter. For more information, see IAM Policies.
|
|
2194
2183
|
*/
|
|
2195
2184
|
Policy: PolicyString;
|
|
2196
2185
|
}
|
|
@@ -2322,13 +2311,6 @@ declare namespace WAFV2 {
|
|
|
2322
2311
|
*/
|
|
2323
2312
|
Timestamp?: Timestamp;
|
|
2324
2313
|
}
|
|
2325
|
-
export type RequestBody = {[key: string]: RequestBodyAssociatedResourceTypeConfig};
|
|
2326
|
-
export interface RequestBodyAssociatedResourceTypeConfig {
|
|
2327
|
-
/**
|
|
2328
|
-
* Specifies the maximum size of the web request body component that an associated CloudFront distribution should send to WAF for inspection. This applies to statements in the web ACL that inspect the body or JSON body. Default: 16 KB (16,384 kilobytes)
|
|
2329
|
-
*/
|
|
2330
|
-
DefaultSizeInspectionLimit: SizeInspectionLimit;
|
|
2331
|
-
}
|
|
2332
2314
|
export interface RequestInspection {
|
|
2333
2315
|
/**
|
|
2334
2316
|
* The payload type for your login endpoint, either JSON or form encoded.
|
|
@@ -2506,7 +2488,7 @@ declare namespace WAFV2 {
|
|
|
2506
2488
|
*/
|
|
2507
2489
|
Id: EntityId;
|
|
2508
2490
|
/**
|
|
2509
|
-
* The web ACL capacity units (WCUs) required for this rule group. When you create your own rule group, you define this, and you cannot change it after creation. When you add or modify the rules in a rule group, WAF enforces this limit. You can check the capacity for a set of rules using CheckCapacity. WAF uses WCUs to calculate and control the operating resources that are used to run your rules, rule groups, and web ACLs. WAF calculates capacity differently for each rule type, to reflect the relative cost of each rule. Simple rules that cost little to run use fewer WCUs than more complex rules that use more processing power. Rule group capacity is fixed at creation, which helps users plan their web ACL WCU usage when they use a rule group.
|
|
2491
|
+
* The web ACL capacity units (WCUs) required for this rule group. When you create your own rule group, you define this, and you cannot change it after creation. When you add or modify the rules in a rule group, WAF enforces this limit. You can check the capacity for a set of rules using CheckCapacity. WAF uses WCUs to calculate and control the operating resources that are used to run your rules, rule groups, and web ACLs. WAF calculates capacity differently for each rule type, to reflect the relative cost of each rule. Simple rules that cost little to run use fewer WCUs than more complex rules that use more processing power. Rule group capacity is fixed at creation, which helps users plan their web ACL WCU usage when they use a rule group. The WCU limit for web ACLs is 1,500.
|
|
2510
2492
|
*/
|
|
2511
2493
|
Capacity: CapacityUnit;
|
|
2512
2494
|
/**
|
|
@@ -2675,7 +2657,6 @@ declare namespace WAFV2 {
|
|
|
2675
2657
|
*/
|
|
2676
2658
|
TextTransformations: TextTransformations;
|
|
2677
2659
|
}
|
|
2678
|
-
export type SizeInspectionLimit = "KB_16"|"KB_32"|"KB_48"|"KB_64"|string;
|
|
2679
2660
|
export type SolveTimestamp = number;
|
|
2680
2661
|
export interface SqliMatchStatement {
|
|
2681
2662
|
/**
|
|
@@ -2705,7 +2686,7 @@ declare namespace WAFV2 {
|
|
|
2705
2686
|
*/
|
|
2706
2687
|
XssMatchStatement?: XssMatchStatement;
|
|
2707
2688
|
/**
|
|
2708
|
-
* A rule statement that compares a number of bytes against the size of a request component, using a comparison operator, such as greater than (>) or less than (<). For example, you can use a size constraint statement to look for query strings that are longer than 100 bytes. If you configure WAF to inspect the request body, WAF inspects only the
|
|
2689
|
+
* A rule statement that compares a number of bytes against the size of a request component, using a comparison operator, such as greater than (>) or less than (<). For example, you can use a size constraint statement to look for query strings that are longer than 100 bytes. If you configure WAF to inspect the request body, WAF inspects only the first 8192 bytes (8 KB). If the request body for your web requests never exceeds 8192 bytes, you could use a size constraint statement to block requests that have a request body greater than 8192 bytes. If you choose URI for the value of Part of the request to filter on, the slash (/) in the URI counts as one character. For example, the URI /logo.jpg is nine characters long.
|
|
2709
2690
|
*/
|
|
2710
2691
|
SizeConstraintStatement?: SizeConstraintStatement;
|
|
2711
2692
|
/**
|
|
@@ -2840,7 +2821,7 @@ declare namespace WAFV2 {
|
|
|
2840
2821
|
*/
|
|
2841
2822
|
Name: EntityName;
|
|
2842
2823
|
/**
|
|
2843
|
-
* Specifies whether this is for an Amazon CloudFront distribution or for a regional application. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, an AppSync GraphQL API,
|
|
2824
|
+
* Specifies whether this is for an Amazon CloudFront distribution or for a regional application. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, an AppSync GraphQL API, a Amazon Cognito user pool, or an App Runner service. To work with CloudFront, you must also specify the Region US East (N. Virginia) as follows: CLI - Specify the Region when you use the CloudFront scope: --scope=CLOUDFRONT --region=us-east-1. API and SDKs - For all calls, use the Region endpoint us-east-1.
|
|
2844
2825
|
*/
|
|
2845
2826
|
Scope: Scope;
|
|
2846
2827
|
/**
|
|
@@ -2872,7 +2853,7 @@ declare namespace WAFV2 {
|
|
|
2872
2853
|
*/
|
|
2873
2854
|
Name: EntityName;
|
|
2874
2855
|
/**
|
|
2875
|
-
* Specifies whether this is for an Amazon CloudFront distribution or for a regional application. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, an AppSync GraphQL API,
|
|
2856
|
+
* Specifies whether this is for an Amazon CloudFront distribution or for a regional application. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, an AppSync GraphQL API, a Amazon Cognito user pool, or an App Runner service. To work with CloudFront, you must also specify the Region US East (N. Virginia) as follows: CLI - Specify the Region when you use the CloudFront scope: --scope=CLOUDFRONT --region=us-east-1. API and SDKs - For all calls, use the Region endpoint us-east-1.
|
|
2876
2857
|
*/
|
|
2877
2858
|
Scope: Scope;
|
|
2878
2859
|
/**
|
|
@@ -2912,7 +2893,7 @@ declare namespace WAFV2 {
|
|
|
2912
2893
|
*/
|
|
2913
2894
|
Name: EntityName;
|
|
2914
2895
|
/**
|
|
2915
|
-
* Specifies whether this is for an Amazon CloudFront distribution or for a regional application. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, an AppSync GraphQL API,
|
|
2896
|
+
* Specifies whether this is for an Amazon CloudFront distribution or for a regional application. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, an AppSync GraphQL API, a Amazon Cognito user pool, or an App Runner service. To work with CloudFront, you must also specify the Region US East (N. Virginia) as follows: CLI - Specify the Region when you use the CloudFront scope: --scope=CLOUDFRONT --region=us-east-1. API and SDKs - For all calls, use the Region endpoint us-east-1.
|
|
2916
2897
|
*/
|
|
2917
2898
|
Scope: Scope;
|
|
2918
2899
|
/**
|
|
@@ -2944,7 +2925,7 @@ declare namespace WAFV2 {
|
|
|
2944
2925
|
*/
|
|
2945
2926
|
Name: EntityName;
|
|
2946
2927
|
/**
|
|
2947
|
-
* Specifies whether this is for an Amazon CloudFront distribution or for a regional application. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, an AppSync GraphQL API,
|
|
2928
|
+
* Specifies whether this is for an Amazon CloudFront distribution or for a regional application. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, an AppSync GraphQL API, a Amazon Cognito user pool, or an App Runner service. To work with CloudFront, you must also specify the Region US East (N. Virginia) as follows: CLI - Specify the Region when you use the CloudFront scope: --scope=CLOUDFRONT --region=us-east-1. API and SDKs - For all calls, use the Region endpoint us-east-1.
|
|
2948
2929
|
*/
|
|
2949
2930
|
Scope: Scope;
|
|
2950
2931
|
/**
|
|
@@ -2984,7 +2965,7 @@ declare namespace WAFV2 {
|
|
|
2984
2965
|
*/
|
|
2985
2966
|
Name: EntityName;
|
|
2986
2967
|
/**
|
|
2987
|
-
* Specifies whether this is for an Amazon CloudFront distribution or for a regional application. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, an AppSync GraphQL API,
|
|
2968
|
+
* Specifies whether this is for an Amazon CloudFront distribution or for a regional application. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, an AppSync GraphQL API, a Amazon Cognito user pool, or an App Runner service. To work with CloudFront, you must also specify the Region US East (N. Virginia) as follows: CLI - Specify the Region when you use the CloudFront scope: --scope=CLOUDFRONT --region=us-east-1. API and SDKs - For all calls, use the Region endpoint us-east-1.
|
|
2988
2969
|
*/
|
|
2989
2970
|
Scope: Scope;
|
|
2990
2971
|
/**
|
|
@@ -3027,10 +3008,6 @@ declare namespace WAFV2 {
|
|
|
3027
3008
|
* Specifies the domains that WAF should accept in a web request token. This enables the use of tokens across multiple protected websites. When WAF provides a token, it uses the domain of the Amazon Web Services resource that the web ACL is protecting. If you don't specify a list of token domains, WAF accepts tokens only for the domain of the protected resource. With a token domain list, WAF accepts the resource's host domain plus all domains in the token domain list, including their prefixed subdomains. Example JSON: "TokenDomains": { "mywebsite.com", "myotherwebsite.com" } Public suffixes aren't allowed. For example, you can't use usa.gov or co.uk as token domains.
|
|
3028
3009
|
*/
|
|
3029
3010
|
TokenDomains?: TokenDomains;
|
|
3030
|
-
/**
|
|
3031
|
-
* Specifies custom configurations for the associations between the web ACL and protected resources. Use this to customize the maximum size of the request body that your protected CloudFront distributions forward to WAF for inspection. The default is 16 KB (16,384 kilobytes). You are charged additional fees when your protected resources forward body sizes that are larger than the default. For more information, see WAF Pricing.
|
|
3032
|
-
*/
|
|
3033
|
-
AssociationConfig?: AssociationConfig;
|
|
3034
3011
|
}
|
|
3035
3012
|
export interface UpdateWebACLResponse {
|
|
3036
3013
|
/**
|
|
@@ -3065,7 +3042,7 @@ declare namespace WAFV2 {
|
|
|
3065
3042
|
*/
|
|
3066
3043
|
SampledRequestsEnabled: Boolean;
|
|
3067
3044
|
/**
|
|
3068
|
-
* A boolean indicating whether the associated resource sends metrics to Amazon CloudWatch. For the list of available metrics, see WAF Metrics
|
|
3045
|
+
* A boolean indicating whether the associated resource sends metrics to Amazon CloudWatch. For the list of available metrics, see WAF Metrics.
|
|
3069
3046
|
*/
|
|
3070
3047
|
CloudWatchMetricsEnabled: Boolean;
|
|
3071
3048
|
/**
|
|
@@ -3103,7 +3080,7 @@ declare namespace WAFV2 {
|
|
|
3103
3080
|
*/
|
|
3104
3081
|
VisibilityConfig: VisibilityConfig;
|
|
3105
3082
|
/**
|
|
3106
|
-
* The web ACL capacity units (WCUs) currently being used by this web ACL. WAF uses WCUs to calculate and control the operating resources that are used to run your rules, rule groups, and web ACLs. WAF calculates capacity differently for each rule type, to reflect the relative cost of each rule. Simple rules that cost little to run use fewer WCUs than more complex rules that use more processing power. Rule group capacity is fixed at creation, which helps users plan their web ACL WCU usage when they use a rule group.
|
|
3083
|
+
* The web ACL capacity units (WCUs) currently being used by this web ACL. WAF uses WCUs to calculate and control the operating resources that are used to run your rules, rule groups, and web ACLs. WAF calculates capacity differently for each rule type, to reflect the relative cost of each rule. Simple rules that cost little to run use fewer WCUs than more complex rules that use more processing power. Rule group capacity is fixed at creation, which helps users plan their web ACL WCU usage when they use a rule group. The WCU limit for web ACLs is 1,500.
|
|
3107
3084
|
*/
|
|
3108
3085
|
Capacity?: ConsumedCapacity;
|
|
3109
3086
|
/**
|
|
@@ -3138,10 +3115,6 @@ declare namespace WAFV2 {
|
|
|
3138
3115
|
* Specifies the domains that WAF should accept in a web request token. This enables the use of tokens across multiple protected websites. When WAF provides a token, it uses the domain of the Amazon Web Services resource that the web ACL is protecting. If you don't specify a list of token domains, WAF accepts tokens only for the domain of the protected resource. With a token domain list, WAF accepts the resource's host domain plus all domains in the token domain list, including their prefixed subdomains.
|
|
3139
3116
|
*/
|
|
3140
3117
|
TokenDomains?: TokenDomains;
|
|
3141
|
-
/**
|
|
3142
|
-
* Specifies custom configurations for the associations between the web ACL and protected resources. Use this to customize the maximum size of the request body that your protected CloudFront distributions forward to WAF for inspection. The default is 16 KB (16,384 kilobytes). You are charged additional fees when your protected resources forward body sizes that are larger than the default. For more information, see WAF Pricing.
|
|
3143
|
-
*/
|
|
3144
|
-
AssociationConfig?: AssociationConfig;
|
|
3145
3118
|
}
|
|
3146
3119
|
export type WebACLSummaries = WebACLSummary[];
|
|
3147
3120
|
export interface WebACLSummary {
|