Client library for AWS WAF
npm install --save @datafire/amazonaws_waf
let amazonaws_waf = require('@datafire/amazonaws_waf').create({
accessKeyId: "",
secretAccessKey: "",
region: ""
});
.then(data => {
console.log(data);
});
This is AWS WAF Classic documentation. For more information, see AWS WAF Classic in the developer guide.
For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS WAF Developer Guide. With the latest version, AWS WAF has a single set of endpoints for regional and global use.
This is the AWS WAF Classic API Reference for using AWS WAF Classic with Amazon CloudFront. The AWS WAF Classic actions and data types listed in the reference are available for protecting Amazon CloudFront distributions. You can use these actions and data types via the endpoint waf.amazonaws.com. This guide is for developers who need detailed information about the AWS WAF Classic API actions, data types, and errors. For detailed information about AWS WAF Classic features and an overview of how to use the AWS WAF Classic API, see the AWS WAF Classic in the developer guide.
amazonaws_waf.CreateByteMatchSet({
"Name": null,
"ChangeToken": null
}, context)
- input
object
- ChangeToken required
- Name required
- output CreateByteMatchSetResponse
amazonaws_waf.CreateGeoMatchSet({
"Name": null,
"ChangeToken": null
}, context)
- input
object
- ChangeToken required
- Name required
- output CreateGeoMatchSetResponse
amazonaws_waf.CreateIPSet({
"Name": null,
"ChangeToken": null
}, context)
- input
object
- ChangeToken required
- Name required
- output CreateIPSetResponse
amazonaws_waf.CreateRateBasedRule({
"Name": null,
"MetricName": null,
"RateKey": null,
"RateLimit": null,
"ChangeToken": null
}, context)
- input
object
- ChangeToken required
- MetricName required
- Name required
- RateKey required
- RateLimit required
- Tags
- items Tag
- output CreateRateBasedRuleResponse
amazonaws_waf.CreateRegexMatchSet({
"Name": null,
"ChangeToken": null
}, context)
- input
object
- ChangeToken required
- Name required
- output CreateRegexMatchSetResponse
amazonaws_waf.CreateRegexPatternSet({
"Name": null,
"ChangeToken": null
}, context)
- input
object
- ChangeToken required
- Name required
amazonaws_waf.CreateRule({
"Name": null,
"MetricName": null,
"ChangeToken": null
}, context)
- input
object
- ChangeToken required
- MetricName required
- Name required
- Tags
- items Tag
- output CreateRuleResponse
amazonaws_waf.CreateRuleGroup({
"Name": null,
"MetricName": null,
"ChangeToken": null
}, context)
- input
object
- ChangeToken required
- MetricName required
- Name required
- Tags
- items Tag
- output CreateRuleGroupResponse
amazonaws_waf.CreateSizeConstraintSet({
"Name": null,
"ChangeToken": null
}, context)
- input
object
- ChangeToken required
- Name required
amazonaws_waf.CreateSqlInjectionMatchSet({
"Name": null,
"ChangeToken": null
}, context)
- input
object
- ChangeToken required
- Name required
amazonaws_waf.CreateWebACL({
"Name": null,
"MetricName": null,
"DefaultAction": null,
"ChangeToken": null
}, context)
- input
object
- ChangeToken required
- DefaultAction required
- Type required
- MetricName required
- Name required
- Tags
- items Tag
- output CreateWebACLResponse
amazonaws_waf.CreateWebACLMigrationStack({
"WebACLId": null,
"S3BucketName": null,
"IgnoreUnsupportedType": null
}, context)
- input
object
- IgnoreUnsupportedType required
- S3BucketName required
- WebACLId required
amazonaws_waf.CreateXssMatchSet({
"Name": null,
"ChangeToken": null
}, context)
- input
object
- ChangeToken required
- Name required
- output CreateXssMatchSetResponse
amazonaws_waf.DeleteByteMatchSet({
"ByteMatchSetId": null,
"ChangeToken": null
}, context)
- input
object
- ByteMatchSetId required
- ChangeToken required
- output DeleteByteMatchSetResponse
amazonaws_waf.DeleteGeoMatchSet({
"GeoMatchSetId": null,
"ChangeToken": null
}, context)
- input
object
- ChangeToken required
- GeoMatchSetId required
- output DeleteGeoMatchSetResponse
amazonaws_waf.DeleteIPSet({
"IPSetId": null,
"ChangeToken": null
}, context)
- input
object
- ChangeToken required
- IPSetId required
- output DeleteIPSetResponse
amazonaws_waf.DeleteLoggingConfiguration({
"ResourceArn": null
}, context)
- input
object
- ResourceArn required
amazonaws_waf.DeletePermissionPolicy({
"ResourceArn": null
}, context)
- input
object
- ResourceArn required
amazonaws_waf.DeleteRateBasedRule({
"RuleId": null,
"ChangeToken": null
}, context)
- input
object
- ChangeToken required
- RuleId required
- output DeleteRateBasedRuleResponse
amazonaws_waf.DeleteRegexMatchSet({
"RegexMatchSetId": null,
"ChangeToken": null
}, context)
- input
object
- ChangeToken required
- RegexMatchSetId required
- output DeleteRegexMatchSetResponse
amazonaws_waf.DeleteRegexPatternSet({
"RegexPatternSetId": null,
"ChangeToken": null
}, context)
- input
object
- ChangeToken required
- RegexPatternSetId required
amazonaws_waf.DeleteRule({
"RuleId": null,
"ChangeToken": null
}, context)
- input
object
- ChangeToken required
- RuleId required
- output DeleteRuleResponse
amazonaws_waf.DeleteRuleGroup({
"RuleGroupId": null,
"ChangeToken": null
}, context)
- input
object
- ChangeToken required
- RuleGroupId required
- output DeleteRuleGroupResponse
amazonaws_waf.DeleteSizeConstraintSet({
"SizeConstraintSetId": null,
"ChangeToken": null
}, context)
- input
object
- ChangeToken required
- SizeConstraintSetId required
amazonaws_waf.DeleteSqlInjectionMatchSet({
"SqlInjectionMatchSetId": null,
"ChangeToken": null
}, context)
- input
object
- ChangeToken required
- SqlInjectionMatchSetId required
amazonaws_waf.DeleteWebACL({
"WebACLId": null,
"ChangeToken": null
}, context)
- input
object
- ChangeToken required
- WebACLId required
- output DeleteWebACLResponse
amazonaws_waf.DeleteXssMatchSet({
"XssMatchSetId": null,
"ChangeToken": null
}, context)
- input
object
- ChangeToken required
- XssMatchSetId required
- output DeleteXssMatchSetResponse
amazonaws_waf.GetByteMatchSet({
"ByteMatchSetId": null
}, context)
- input
object
- ByteMatchSetId required
- output GetByteMatchSetResponse
amazonaws_waf.GetChangeToken({}, context)
- input
object
- output GetChangeTokenResponse
amazonaws_waf.GetChangeTokenStatus({
"ChangeToken": null
}, context)
- input
object
- ChangeToken required
- output GetChangeTokenStatusResponse
amazonaws_waf.GetGeoMatchSet({
"GeoMatchSetId": null
}, context)
- input
object
- GeoMatchSetId required
- output GetGeoMatchSetResponse
amazonaws_waf.GetIPSet({
"IPSetId": null
}, context)
- input
object
- IPSetId required
- output GetIPSetResponse
amazonaws_waf.GetLoggingConfiguration({
"ResourceArn": null
}, context)
- input
object
- ResourceArn required
amazonaws_waf.GetPermissionPolicy({
"ResourceArn": null
}, context)
- input
object
- ResourceArn required
- output GetPermissionPolicyResponse
amazonaws_waf.GetRateBasedRule({
"RuleId": null
}, context)
- input
object
- RuleId required
- output GetRateBasedRuleResponse
amazonaws_waf.GetRateBasedRuleManagedKeys({
"RuleId": null
}, context)
- input
object
- NextMarker
- RuleId required
amazonaws_waf.GetRegexMatchSet({
"RegexMatchSetId": null
}, context)
- input
object
- RegexMatchSetId required
- output GetRegexMatchSetResponse
amazonaws_waf.GetRegexPatternSet({
"RegexPatternSetId": null
}, context)
- input
object
- RegexPatternSetId required
- output GetRegexPatternSetResponse
amazonaws_waf.GetRule({
"RuleId": null
}, context)
- input
object
- RuleId required
- output GetRuleResponse
amazonaws_waf.GetRuleGroup({
"RuleGroupId": null
}, context)
- input
object
- RuleGroupId required
- output GetRuleGroupResponse
amazonaws_waf.GetSampledRequests({
"WebAclId": null,
"RuleId": null,
"TimeWindow": null,
"MaxItems": null
}, context)
- input
object
- MaxItems required
- RuleId required
- TimeWindow required
- EndTime required
- StartTime required
- WebAclId required
- output GetSampledRequestsResponse
amazonaws_waf.GetSizeConstraintSet({
"SizeConstraintSetId": null
}, context)
- input
object
- SizeConstraintSetId required
- output GetSizeConstraintSetResponse
amazonaws_waf.GetSqlInjectionMatchSet({
"SqlInjectionMatchSetId": null
}, context)
- input
object
- SqlInjectionMatchSetId required
amazonaws_waf.GetWebACL({
"WebACLId": null
}, context)
- input
object
- WebACLId required
- output GetWebACLResponse
amazonaws_waf.GetXssMatchSet({
"XssMatchSetId": null
}, context)
- input
object
- XssMatchSetId required
- output GetXssMatchSetResponse
amazonaws_waf.ListActivatedRulesInRuleGroup({}, context)
- input
object
- Limit
- NextMarker
- RuleGroupId
amazonaws_waf.ListByteMatchSets({}, context)
- input
object
- Limit
- NextMarker
- output ListByteMatchSetsResponse
amazonaws_waf.ListGeoMatchSets({}, context)
- input
object
- Limit
- NextMarker
- output ListGeoMatchSetsResponse
amazonaws_waf.ListIPSets({}, context)
- input
object
- Limit
- NextMarker
- output ListIPSetsResponse
amazonaws_waf.ListLoggingConfigurations({}, context)
- input
object
- Limit
- NextMarker
amazonaws_waf.ListRateBasedRules({}, context)
- input
object
- Limit
- NextMarker
- output ListRateBasedRulesResponse
amazonaws_waf.ListRegexMatchSets({}, context)
- input
object
- Limit
- NextMarker
- output ListRegexMatchSetsResponse
amazonaws_waf.ListRegexPatternSets({}, context)
- input
object
- Limit
- NextMarker
- output ListRegexPatternSetsResponse
amazonaws_waf.ListRuleGroups({}, context)
- input
object
- Limit
- NextMarker
- output ListRuleGroupsResponse
amazonaws_waf.ListRules({}, context)
- input
object
- Limit
- NextMarker
- output ListRulesResponse
amazonaws_waf.ListSizeConstraintSets({}, context)
- input
object
- Limit
- NextMarker
amazonaws_waf.ListSqlInjectionMatchSets({}, context)
- input
object
- Limit
- NextMarker
amazonaws_waf.ListSubscribedRuleGroups({}, context)
- input
object
- Limit
- NextMarker
amazonaws_waf.ListTagsForResource({
"ResourceARN": null
}, context)
- input
object
- Limit
- NextMarker
- ResourceARN required
- output ListTagsForResourceResponse
amazonaws_waf.ListWebACLs({}, context)
- input
object
- Limit
- NextMarker
- output ListWebACLsResponse
amazonaws_waf.ListXssMatchSets({}, context)
- input
object
- Limit
- NextMarker
- output ListXssMatchSetsResponse
amazonaws_waf.PutLoggingConfiguration({
"LoggingConfiguration": null
}, context)
- input
object
- LoggingConfiguration required
- LogDestinationConfigs required
- items ResourceArn
- RedactedFields
- items FieldToMatch
- ResourceArn required
- LogDestinationConfigs required
- LoggingConfiguration required
amazonaws_waf.PutPermissionPolicy({
"ResourceArn": null,
"Policy": null
}, context)
- input
object
- Policy required
- ResourceArn required
- output PutPermissionPolicyResponse
amazonaws_waf.TagResource({
"ResourceARN": null,
"Tags": null
}, context)
- input
object
- ResourceARN required
- Tags required
- items Tag
- output TagResourceResponse
amazonaws_waf.UntagResource({
"ResourceARN": null,
"TagKeys": null
}, context)
- input
object
- ResourceARN required
- TagKeys required
- items TagKey
- output UntagResourceResponse
amazonaws_waf.UpdateByteMatchSet({
"ByteMatchSetId": null,
"ChangeToken": null,
"Updates": null
}, context)
- input
object
- ByteMatchSetId required
- ChangeToken required
- Updates required
- items ByteMatchSetUpdate
- output UpdateByteMatchSetResponse
amazonaws_waf.UpdateGeoMatchSet({
"GeoMatchSetId": null,
"ChangeToken": null,
"Updates": null
}, context)
- input
object
- ChangeToken required
- GeoMatchSetId required
- Updates required
- items GeoMatchSetUpdate
- output UpdateGeoMatchSetResponse
amazonaws_waf.UpdateIPSet({
"IPSetId": null,
"ChangeToken": null,
"Updates": null
}, context)
- input
object
- ChangeToken required
- IPSetId required
- Updates required
- items IPSetUpdate
- output UpdateIPSetResponse
amazonaws_waf.UpdateRateBasedRule({
"RuleId": null,
"ChangeToken": null,
"Updates": null,
"RateLimit": null
}, context)
- input
object
- ChangeToken required
- RateLimit required
- RuleId required
- Updates required
- items RuleUpdate
- output UpdateRateBasedRuleResponse
amazonaws_waf.UpdateRegexMatchSet({
"RegexMatchSetId": null,
"Updates": null,
"ChangeToken": null
}, context)
- input
object
- ChangeToken required
- RegexMatchSetId required
- Updates required
- items RegexMatchSetUpdate
- output UpdateRegexMatchSetResponse
amazonaws_waf.UpdateRegexPatternSet({
"RegexPatternSetId": null,
"Updates": null,
"ChangeToken": null
}, context)
- input
object
- ChangeToken required
- RegexPatternSetId required
- Updates required
- items RegexPatternSetUpdate
amazonaws_waf.UpdateRule({
"RuleId": null,
"ChangeToken": null,
"Updates": null
}, context)
- input
object
- ChangeToken required
- RuleId required
- Updates required
- items RuleUpdate
- output UpdateRuleResponse
amazonaws_waf.UpdateRuleGroup({
"RuleGroupId": null,
"Updates": null,
"ChangeToken": null
}, context)
- input
object
- ChangeToken required
- RuleGroupId required
- Updates required
- items RuleGroupUpdate
- output UpdateRuleGroupResponse
amazonaws_waf.UpdateSizeConstraintSet({
"SizeConstraintSetId": null,
"ChangeToken": null,
"Updates": null
}, context)
- input
object
- ChangeToken required
- SizeConstraintSetId required
- Updates required
- items SizeConstraintSetUpdate
amazonaws_waf.UpdateSqlInjectionMatchSet({
"SqlInjectionMatchSetId": null,
"ChangeToken": null,
"Updates": null
}, context)
- input
object
- ChangeToken required
- SqlInjectionMatchSetId required
- Updates required
amazonaws_waf.UpdateWebACL({
"WebACLId": null,
"ChangeToken": null
}, context)
- input
object
- ChangeToken required
- DefaultAction
- Type required
- Updates
- items WebACLUpdate
- WebACLId required
- output UpdateWebACLResponse
amazonaws_waf.UpdateXssMatchSet({
"XssMatchSetId": null,
"ChangeToken": null,
"Updates": null
}, context)
- input
object
- ChangeToken required
- Updates required
- items XssMatchSetUpdate
- XssMatchSetId required
- output UpdateXssMatchSetResponse
- Action
string
- ActivatedRule
object
:This is AWS WAF Classic documentation. For more information, see AWS WAF Classic in the developer guide.
For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS WAF Developer Guide. With the latest version, AWS WAF has a single set of endpoints for regional and global use.
The
ActivatedRule
object in an UpdateWebACL request specifies aRule
that you want to insert or delete, the priority of theRule
in theWebACL
, and the action that you want AWS WAF to take when a web request matches theRule
(ALLOW
,BLOCK
, orCOUNT
).To specify whether to insert or delete a
Rule
, use theAction
parameter in the WebACLUpdate data type.- Action
- Type required
- ExcludedRules
- items ExcludedRule
- OverrideAction
- Type required
- Priority required
- RuleId required
- Type
- Action
- ActivatedRules
array
- items ActivatedRule
- ByteMatchSet
object
:This is AWS WAF Classic documentation. For more information, see AWS WAF Classic in the developer guide.
For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS WAF Developer Guide. With the latest version, AWS WAF has a single set of endpoints for regional and global use.
In a GetByteMatchSet request,
ByteMatchSet
is a complex type that contains theByteMatchSetId
andName
of aByteMatchSet
, and the values that you specified when you updated theByteMatchSet
.A complex type that contains
ByteMatchTuple
objects, which specify the parts of web requests that you want AWS WAF to inspect and the values that you want AWS WAF to search for. If aByteMatchSet
contains more than oneByteMatchTuple
object, a request needs to match the settings in only oneByteMatchTuple
to be considered a match.- ByteMatchSetId required
- ByteMatchTuples required
- items ByteMatchTuple
- Name
- ByteMatchSetSummaries
array
- items ByteMatchSetSummary
- ByteMatchSetSummary
object
:This is AWS WAF Classic documentation. For more information, see AWS WAF Classic in the developer guide.
For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS WAF Developer Guide. With the latest version, AWS WAF has a single set of endpoints for regional and global use.
Returned by ListByteMatchSets. Each
ByteMatchSetSummary
object includes theName
andByteMatchSetId
for one ByteMatchSet.- ByteMatchSetId required
- Name required
- ByteMatchSetUpdate
object
:This is AWS WAF Classic documentation. For more information, see AWS WAF Classic in the developer guide.
For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS WAF Developer Guide. With the latest version, AWS WAF has a single set of endpoints for regional and global use.
In an UpdateByteMatchSet request,
ByteMatchSetUpdate
specifies whether to insert or delete a ByteMatchTuple and includes the settings for theByteMatchTuple
.- Action required
- ByteMatchTuple required
- FieldToMatch required
- Data
- Type required
- PositionalConstraint required
- TargetString required
- TextTransformation required
- FieldToMatch required
- ByteMatchSetUpdates
array
- items ByteMatchSetUpdate
- ByteMatchTargetString
string
- ByteMatchTuple
object
:This is AWS WAF Classic documentation. For more information, see AWS WAF Classic in the developer guide.
For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS WAF Developer Guide. With the latest version, AWS WAF has a single set of endpoints for regional and global use.
The bytes (typically a string that corresponds with ASCII characters) that you want AWS WAF to search for in web requests, the location in requests that you want AWS WAF to search, and other settings.
- FieldToMatch required
- Data
- Type required
- PositionalConstraint required
- TargetString required
- TextTransformation required
- FieldToMatch required
- ByteMatchTuples
array
- items ByteMatchTuple
- ChangeAction
string
(values: INSERT, DELETE)
- ChangeToken
string
- ChangeTokenStatus
string
(values: PROVISIONED, PENDING, INSYNC)
- ComparisonOperator
string
(values: EQ, NE, LE, LT, GE, GT)
- Country
string
- CreateByteMatchSetRequest
object
- ChangeToken required
- Name required
- CreateByteMatchSetResponse
object
- ByteMatchSet
- ByteMatchSetId required
- ByteMatchTuples required
- items ByteMatchTuple
- Name
- ChangeToken
- ByteMatchSet
- CreateGeoMatchSetRequest
object
- ChangeToken required
- Name required
- CreateGeoMatchSetResponse
object
- ChangeToken
- GeoMatchSet
- GeoMatchConstraints required
- items GeoMatchConstraint
- GeoMatchSetId required
- Name
- GeoMatchConstraints required
- CreateIPSetRequest
object
- ChangeToken required
- Name required
- CreateIPSetResponse
object
- ChangeToken
- IPSet
- IPSetDescriptors required
- items IPSetDescriptor
- IPSetId required
- Name
- IPSetDescriptors required
- CreateRateBasedRuleRequest
object
- ChangeToken required
- MetricName required
- Name required
- RateKey required
- RateLimit required
- Tags
- items Tag
- CreateRateBasedRuleResponse
object
- ChangeToken
- Rule
- MatchPredicates required
- items Predicate
- MetricName
- Name
- RateKey required
- RateLimit required
- RuleId required
- MatchPredicates required
- CreateRegexMatchSetRequest
object
- ChangeToken required
- Name required
- CreateRegexMatchSetResponse
object
- ChangeToken
- RegexMatchSet
- Name
- RegexMatchSetId
- RegexMatchTuples
- items RegexMatchTuple
- CreateRegexPatternSetRequest
object
- ChangeToken required
- Name required
- CreateRegexPatternSetResponse
object
- ChangeToken
- RegexPatternSet
- Name
- RegexPatternSetId required
- RegexPatternStrings required
- items RegexPatternString
- CreateRuleGroupRequest
object
- ChangeToken required
- MetricName required
- Name required
- Tags
- items Tag
- CreateRuleGroupResponse
object
- ChangeToken
- RuleGroup
- MetricName
- Name
- RuleGroupId required
- CreateRuleRequest
object
- ChangeToken required
- MetricName required
- Name required
- Tags
- items Tag
- CreateRuleResponse
object
- ChangeToken
- Rule
- MetricName
- Name
- Predicates required
- items Predicate
- RuleId required
- CreateSizeConstraintSetRequest
object
- ChangeToken required
- Name required
- CreateSizeConstraintSetResponse
object
- ChangeToken
- SizeConstraintSet
- Name
- SizeConstraintSetId required
- SizeConstraints required
- items SizeConstraint
- CreateSqlInjectionMatchSetRequest
object
: A request to create a SqlInjectionMatchSet.- ChangeToken required
- Name required
- CreateSqlInjectionMatchSetResponse
object
: The response to aCreateSqlInjectionMatchSet
request.- ChangeToken
- SqlInjectionMatchSet
- Name
- SqlInjectionMatchSetId required
- SqlInjectionMatchTuples required
- items SqlInjectionMatchTuple
- CreateWebACLMigrationStackRequest
object
- IgnoreUnsupportedType required
- S3BucketName required
- WebACLId required
- CreateWebACLMigrationStackResponse
object
- S3ObjectUrl required
- CreateWebACLRequest
object
- ChangeToken required
- DefaultAction required
- Type required
- MetricName required
- Name required
- Tags
- items Tag
- CreateWebACLResponse
object
- ChangeToken
- WebACL
- DefaultAction required
- Type required
- MetricName
- Name
- Rules required
- items ActivatedRule
- WebACLArn
- WebACLId required
- DefaultAction required
- CreateXssMatchSetRequest
object
: A request to create an XssMatchSet.- ChangeToken required
- Name required
- CreateXssMatchSetResponse
object
: The response to aCreateXssMatchSet
request.- ChangeToken
- XssMatchSet
- Name
- XssMatchSetId required
- XssMatchTuples required
- items XssMatchTuple
- DeleteByteMatchSetRequest
object
- ByteMatchSetId required
- ChangeToken required
- DeleteByteMatchSetResponse
object
- ChangeToken
- DeleteGeoMatchSetRequest
object
- ChangeToken required
- GeoMatchSetId required
- DeleteGeoMatchSetResponse
object
- ChangeToken
- DeleteIPSetRequest
object
- ChangeToken required
- IPSetId required
- DeleteIPSetResponse
object
- ChangeToken
- DeleteLoggingConfigurationRequest
object
- ResourceArn required
- DeleteLoggingConfigurationResponse
object
- DeletePermissionPolicyRequest
object
- ResourceArn required
- DeletePermissionPolicyResponse
object
- DeleteRateBasedRuleRequest
object
- ChangeToken required
- RuleId required
- DeleteRateBasedRuleResponse
object
- ChangeToken
- DeleteRegexMatchSetRequest
object
- ChangeToken required
- RegexMatchSetId required
- DeleteRegexMatchSetResponse
object
- ChangeToken
- DeleteRegexPatternSetRequest
object
- ChangeToken required
- RegexPatternSetId required
- DeleteRegexPatternSetResponse
object
- ChangeToken
- DeleteRuleGroupRequest
object
- ChangeToken required
- RuleGroupId required
- DeleteRuleGroupResponse
object
- ChangeToken
- DeleteRuleRequest
object
- ChangeToken required
- RuleId required
- DeleteRuleResponse
object
- ChangeToken
- DeleteSizeConstraintSetRequest
object
- ChangeToken required
- SizeConstraintSetId required
- DeleteSizeConstraintSetResponse
object
- ChangeToken
- DeleteSqlInjectionMatchSetRequest
object
: A request to delete a SqlInjectionMatchSet from AWS WAF.- ChangeToken required
- SqlInjectionMatchSetId required
- DeleteSqlInjectionMatchSetResponse
object
: The response to a request to delete a SqlInjectionMatchSet from AWS WAF.- ChangeToken
- DeleteWebACLRequest
object
- ChangeToken required
- WebACLId required
- DeleteWebACLResponse
object
- ChangeToken
- DeleteXssMatchSetRequest
object
: A request to delete an XssMatchSet from AWS WAF.- ChangeToken required
- XssMatchSetId required
- DeleteXssMatchSetResponse
object
: The response to a request to delete an XssMatchSet from AWS WAF.- ChangeToken
- ExcludedRule
object
:This is AWS WAF Classic documentation. For more information, see AWS WAF Classic in the developer guide.
For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS WAF Developer Guide. With the latest version, AWS WAF has a single set of endpoints for regional and global use.
The rule to exclude from a rule group. This is applicable only when the
ActivatedRule
refers to aRuleGroup
. The rule must belong to theRuleGroup
that is specified by theActivatedRule
.- RuleId required
- ExcludedRules
array
- items ExcludedRule
- FieldToMatch
object
:This is AWS WAF Classic documentation. For more information, see AWS WAF Classic in the developer guide.
For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS WAF Developer Guide. With the latest version, AWS WAF has a single set of endpoints for regional and global use.
Specifies where in a web request to look for
TargetString
.- Data
- Type required
- GeoMatchConstraint
object
:This is AWS WAF Classic documentation. For more information, see AWS WAF Classic in the developer guide.
For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS WAF Developer Guide. With the latest version, AWS WAF has a single set of endpoints for regional and global use.
The country from which web requests originate that you want AWS WAF to search for.
- Type required
- Value required
- GeoMatchConstraintType
string
(values: Country)
- GeoMatchConstraintValue
string
(values: AF, AX, AL, DZ, AS, AD, AO, AI, AQ, AG, AR, AM, AW, AU, AT, AZ, BS, BH, BD, BB, BY, BE, BZ, BJ, BM, BT, BO, BQ, BA, BW, BV, BR, IO, BN, BG, BF, BI, KH, CM, CA, CV, KY, CF, TD, CL, CN, CX, CC, CO, KM, CG, CD, CK, CR, CI, HR, CU, CW, CY, CZ, DK, DJ, DM, DO, EC, EG, SV, GQ, ER, EE, ET, FK, FO, FJ, FI, FR, GF, PF, TF, GA, GM, GE, DE, GH, GI, GR, GL, GD, GP, GU, GT, GG, GN, GW, GY, HT, HM, VA, HN, HK, HU, IS, IN, ID, IR, IQ, IE, IM, IL, IT, JM, JP, JE, JO, KZ, KE, KI, KP, KR, KW, KG, LA, LV, LB, LS, LR, LY, LI, LT, LU, MO, MK, MG, MW, MY, MV, ML, MT, MH, MQ, MR, MU, YT, MX, FM, MD, MC, MN, ME, MS, MA, MZ, MM, NA, NR, NP, NL, NC, NZ, NI, NE, NG, NU, NF, MP, NO, OM, PK, PW, PS, PA, PG, PY, PE, PH, PN, PL, PT, PR, QA, RE, RO, RU, RW, BL, SH, KN, LC, MF, PM, VC, WS, SM, ST, SA, SN, RS, SC, SL, SG, SX, SK, SI, SB, SO, ZA, GS, SS, ES, LK, SD, SR, SJ, SZ, SE, CH, SY, TW, TJ, TZ, TH, TL, TG, TK, TO, TT, TN, TR, TM, TC, TV, UG, UA, AE, GB, US, UM, UY, UZ, VU, VE, VN, VG, VI, WF, EH, YE, ZM, ZW)
- GeoMatchConstraints
array
- items GeoMatchConstraint
- GeoMatchSet
object
:This is AWS WAF Classic documentation. For more information, see AWS WAF Classic in the developer guide.
For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS WAF Developer Guide. With the latest version, AWS WAF has a single set of endpoints for regional and global use.
Contains one or more countries that AWS WAF will search for.
- GeoMatchConstraints required
- items GeoMatchConstraint
- GeoMatchSetId required
- Name
- GeoMatchConstraints required
- GeoMatchSetSummaries
array
- items GeoMatchSetSummary
- GeoMatchSetSummary
object
:This is AWS WAF Classic documentation. For more information, see AWS WAF Classic in the developer guide.
For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS WAF Developer Guide. With the latest version, AWS WAF has a single set of endpoints for regional and global use.
Contains the identifier and the name of the
GeoMatchSet
.- GeoMatchSetId required
- Name required
- GeoMatchSetUpdate
object
:This is AWS WAF Classic documentation. For more information, see AWS WAF Classic in the developer guide.
For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS WAF Developer Guide. With the latest version, AWS WAF has a single set of endpoints for regional and global use.
Specifies the type of update to perform to an GeoMatchSet with UpdateGeoMatchSet.
- Action required
- GeoMatchConstraint required
- Type required
- Value required
- GeoMatchSetUpdates
array
- items GeoMatchSetUpdate
- GetByteMatchSetRequest
object
- ByteMatchSetId required
- GetByteMatchSetResponse
object
- ByteMatchSet
- ByteMatchSetId required
- ByteMatchTuples required
- items ByteMatchTuple
- Name
- ByteMatchSet
- GetChangeTokenRequest
object
- GetChangeTokenResponse
object
- ChangeToken
- GetChangeTokenStatusRequest
object
- ChangeToken required
- GetChangeTokenStatusResponse
object
- ChangeTokenStatus
- GetGeoMatchSetRequest
object
- GeoMatchSetId required
- GetGeoMatchSetResponse
object
- GeoMatchSet
- GeoMatchConstraints required
- items GeoMatchConstraint
- GeoMatchSetId required
- Name
- GeoMatchConstraints required
- GeoMatchSet
- GetIPSetRequest
object
- IPSetId required
- GetIPSetResponse
object
- IPSet
- IPSetDescriptors required
- items IPSetDescriptor
- IPSetId required
- Name
- IPSetDescriptors required
- IPSet
- GetLoggingConfigurationRequest
object
- ResourceArn required
- GetLoggingConfigurationResponse
object
- LoggingConfiguration
- LogDestinationConfigs required
- items ResourceArn
- RedactedFields
- items FieldToMatch
- ResourceArn required
- LogDestinationConfigs required
- LoggingConfiguration
- GetPermissionPolicyRequest
object
- ResourceArn required
- GetPermissionPolicyResponse
object
- Policy
- GetRateBasedRuleManagedKeysRequest
object
- NextMarker
- RuleId required
- GetRateBasedRuleManagedKeysResponse
object
- ManagedKeys
- items ManagedKey
- NextMarker
- ManagedKeys
- GetRateBasedRuleRequest
object
- RuleId required
- GetRateBasedRuleResponse
object
- Rule
- MatchPredicates required
- items Predicate
- MetricName
- Name
- RateKey required
- RateLimit required
- RuleId required
- MatchPredicates required
- Rule
- GetRegexMatchSetRequest
object
- RegexMatchSetId required
- GetRegexMatchSetResponse
object
- RegexMatchSet
- Name
- RegexMatchSetId
- RegexMatchTuples
- items RegexMatchTuple
- RegexMatchSet
- GetRegexPatternSetRequest
object
- RegexPatternSetId required
- GetRegexPatternSetResponse
object
- RegexPatternSet
- Name
- RegexPatternSetId required
- RegexPatternStrings required
- items RegexPatternString
- RegexPatternSet
- GetRuleGroupRequest
object
- RuleGroupId required
- GetRuleGroupResponse
object
- RuleGroup
- MetricName
- Name
- RuleGroupId required
- RuleGroup
- GetRuleRequest
object
- RuleId required
- GetRuleResponse
object
- Rule
- MetricName
- Name
- Predicates required
- items Predicate
- RuleId required
- Rule
- GetSampledRequestsMaxItems
integer
- GetSampledRequestsRequest
object
- MaxItems required
- RuleId required
- TimeWindow required
- EndTime required
- StartTime required
- WebAclId required
- GetSampledRequestsResponse
object
- PopulationSize
- SampledRequests
- items SampledHTTPRequest
- TimeWindow
- EndTime required
- StartTime required
- GetSizeConstraintSetRequest
object
- SizeConstraintSetId required
- GetSizeConstraintSetResponse
object
- SizeConstraintSet
- Name
- SizeConstraintSetId required
- SizeConstraints required
- items SizeConstraint
- SizeConstraintSet
- GetSqlInjectionMatchSetRequest
object
: A request to get a SqlInjectionMatchSet.- SqlInjectionMatchSetId required
- GetSqlInjectionMatchSetResponse
object
: The response to a GetSqlInjectionMatchSet request.- SqlInjectionMatchSet
- Name
- SqlInjectionMatchSetId required
- SqlInjectionMatchTuples required
- items SqlInjectionMatchTuple
- SqlInjectionMatchSet
- GetWebACLRequest
object
- WebACLId required
- GetWebACLResponse
object
- WebACL
- DefaultAction required
- Type required
- MetricName
- Name
- Rules required
- items ActivatedRule
- WebACLArn
- WebACLId required
- DefaultAction required
- WebACL
- GetXssMatchSetRequest
object
: A request to get an XssMatchSet.- XssMatchSetId required
- GetXssMatchSetResponse
object
: The response to a GetXssMatchSet request.- XssMatchSet
- Name
- XssMatchSetId required
- XssMatchTuples required
- items XssMatchTuple
- XssMatchSet
- HTTPHeader
object
:This is AWS WAF Classic documentation. For more information, see AWS WAF Classic in the developer guide.
For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS WAF Developer Guide. With the latest version, AWS WAF has a single set of endpoints for regional and global use.
The response from a GetSampledRequests request includes an
HTTPHeader
complex type that appears asHeaders
in the response syntax.HTTPHeader
contains the names and values of all of the headers that appear in one of the web requests that were returned byGetSampledRequests
.- Name
- Value
- HTTPHeaders
array
- items HTTPHeader
- HTTPMethod
string
- HTTPRequest
object
:This is AWS WAF Classic documentation. For more information, see AWS WAF Classic in the developer guide.
For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS WAF Developer Guide. With the latest version, AWS WAF has a single set of endpoints for regional and global use.
The response from a GetSampledRequests request includes an
HTTPRequest
complex type that appears asRequest
in the response syntax.HTTPRequest
contains information about one of the web requests that were returned byGetSampledRequests
.- ClientIP
- Country
- HTTPVersion
- Headers
- items HTTPHeader
- Method
- URI
- HTTPVersion
string
- HeaderName
string
- HeaderValue
string
- IPSet
object
:This is AWS WAF Classic documentation. For more information, see AWS WAF Classic in the developer guide.
For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS WAF Developer Guide. With the latest version, AWS WAF has a single set of endpoints for regional and global use.
Contains one or more IP addresses or blocks of IP addresses specified in Classless Inter-Domain Routing (CIDR) notation. AWS WAF supports IPv4 address ranges: /8 and any range between /16 through /32. AWS WAF supports IPv6 address ranges: /24, /32, /48, /56, /64, and /128.
To specify an individual IP address, you specify the four-part IP address followed by a
/32
, for example, 192.0.2.0/32. To block a range of IP addresses, you can specify /8 or any range between /16 through /32 (for IPv4) or /24, /32, /48, /56, /64, or /128 (for IPv6). For more information about CIDR notation, see the Wikipedia entry Classless Inter-Domain Routing.- IPSetDescriptors required
- items IPSetDescriptor
- IPSetId required
- Name
- IPSetDescriptors required
- IPSetDescriptor
object
:This is AWS WAF Classic documentation. For more information, see AWS WAF Classic in the developer guide.
For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS WAF Developer Guide. With the latest version, AWS WAF has a single set of endpoints for regional and global use.
Specifies the IP address type (
IPV4
orIPV6
) and the IP address range (in CIDR format) that web requests originate from.- Type required
- Value required
- IPSetDescriptorType
string
(values: IPV4, IPV6)
- IPSetDescriptorValue
string
- IPSetDescriptors
array
- items IPSetDescriptor
- IPSetSummaries
array
- items IPSetSummary
- IPSetSummary
object
:This is AWS WAF Classic documentation. For more information, see AWS WAF Classic in the developer guide.
For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS WAF Developer Guide. With the latest version, AWS WAF has a single set of endpoints for regional and global use.
Contains the identifier and the name of the
IPSet
.- IPSetId required
- Name required
- IPSetUpdate
object
:This is AWS WAF Classic documentation. For more information, see AWS WAF Classic in the developer guide.
For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS WAF Developer Guide. With the latest version, AWS WAF has a single set of endpoints for regional and global use.
Specifies the type of update to perform to an IPSet with UpdateIPSet.
- Action required
- IPSetDescriptor required
- Type required
- Value required
- IPSetUpdates
array
- items IPSetUpdate
- IPString
string
- IgnoreUnsupportedType
boolean
- ListActivatedRulesInRuleGroupRequest
object
- Limit
- NextMarker
- RuleGroupId
- ListActivatedRulesInRuleGroupResponse
object
- ActivatedRules
- items ActivatedRule
- NextMarker
- ActivatedRules
- ListByteMatchSetsRequest
object
- Limit
- NextMarker
- ListByteMatchSetsResponse
object
- ByteMatchSets
- items ByteMatchSetSummary
- NextMarker
- ByteMatchSets
- ListGeoMatchSetsRequest
object
- Limit
- NextMarker
- ListGeoMatchSetsResponse
object
- GeoMatchSets
- items GeoMatchSetSummary
- NextMarker
- GeoMatchSets
- ListIPSetsRequest
object
- Limit
- NextMarker
- ListIPSetsResponse
object
- IPSets
- items IPSetSummary
- NextMarker
- IPSets
- ListLoggingConfigurationsRequest
object
- Limit
- NextMarker
- ListLoggingConfigurationsResponse
object
- LoggingConfigurations
- items LoggingConfiguration
- NextMarker
- LoggingConfigurations
- ListRateBasedRulesRequest
object
- Limit
- NextMarker
- ListRateBasedRulesResponse
object
- NextMarker
- Rules
- items RuleSummary
- ListRegexMatchSetsRequest
object
- Limit
- NextMarker
- ListRegexMatchSetsResponse
object
- NextMarker
- RegexMatchSets
- items RegexMatchSetSummary
- ListRegexPatternSetsRequest
object
- Limit
- NextMarker
- ListRegexPatternSetsResponse
object
- NextMarker
- RegexPatternSets
- items RegexPatternSetSummary
- ListRuleGroupsRequest
object
- Limit
- NextMarker
- ListRuleGroupsResponse
object
- NextMarker
- RuleGroups
- items RuleGroupSummary
- ListRulesRequest
object
- Limit
- NextMarker
- ListRulesResponse
object
- NextMarker
- Rules
- items RuleSummary
- ListSizeConstraintSetsRequest
object
- Limit
- NextMarker
- ListSizeConstraintSetsResponse
object
- NextMarker
- SizeConstraintSets
- items SizeConstraintSetSummary
- ListSqlInjectionMatchSetsRequest
object
: A request to list the SqlInjectionMatchSet objects created by the current AWS account.- Limit
- NextMarker
- ListSqlInjectionMatchSetsResponse
object
: The response to a ListSqlInjectionMatchSets request.- NextMarker
- SqlInjectionMatchSets
- ListSubscribedRuleGroupsRequest
object
- Limit
- NextMarker
- ListSubscribedRuleGroupsResponse
object
- NextMarker
- RuleGroups
- ListTagsForResourceRequest
object
- Limit
- NextMarker
- ResourceARN required
- ListTagsForResourceResponse
object
- NextMarker
- TagInfoForResource
- ResourceARN
- TagList
- items Tag
- ListWebACLsRequest
object
- Limit
- NextMarker
- ListWebACLsResponse
object
- NextMarker
- WebACLs
- items WebACLSummary
- ListXssMatchSetsRequest
object
: A request to list the XssMatchSet objects created by the current AWS account.- Limit
- NextMarker
- ListXssMatchSetsResponse
object
: The response to a ListXssMatchSets request.- NextMarker
- XssMatchSets
- items XssMatchSetSummary
- LogDestinationConfigs
array
- items ResourceArn
- LoggingConfiguration
object
:This is AWS WAF Classic documentation. For more information, see AWS WAF Classic in the developer guide.
For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS WAF Developer Guide. With the latest version, AWS WAF has a single set of endpoints for regional and global use.
The Amazon Kinesis Data Firehose,
RedactedFields
information, and the web ACL Amazon Resource Name (ARN).- LogDestinationConfigs required
- items ResourceArn
- RedactedFields
- items FieldToMatch
- ResourceArn required
- LogDestinationConfigs required
- LoggingConfigurations
array
- items LoggingConfiguration
- ManagedKey
string
- ManagedKeys
array
- items ManagedKey
- MatchFieldData
string
- MatchFieldType
string
(values: URI, QUERY_STRING, HEADER, METHOD, BODY, SINGLE_QUERY_ARG, ALL_QUERY_ARGS)
- MetricName
string
- Negated
boolean
- NextMarker
string
- PaginationLimit
integer
- PolicyString
string
- PopulationSize
integer
- PositionalConstraint
string
(values: EXACTLY, STARTS_WITH, ENDS_WITH, CONTAINS, CONTAINS_WORD)
- Predicate
object
:This is AWS WAF Classic documentation. For more information, see AWS WAF Classic in the developer guide.
For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS WAF Developer Guide. With the latest version, AWS WAF has a single set of endpoints for regional and global use.
Specifies the ByteMatchSet, IPSet, SqlInjectionMatchSet, XssMatchSet, RegexMatchSet, GeoMatchSet, and SizeConstraintSet objects that you want to add to a
Rule
and, for each object, indicates whether you want to negate the settings, for example, requests that do NOT originate from the IP address 192.0.2.44.- DataId required
- Negated required
- Type required
- PredicateType
string
(values: IPMatch, ByteMatch, SqlInjectionMatch, GeoMatch, SizeConstraint, XssMatch, RegexMatch)
- Predicates
array
- items Predicate
- PutLoggingConfigurationRequest
object
- LoggingConfiguration required
- LogDestinationConfigs required
- items ResourceArn
- RedactedFields
- items FieldToMatch
- ResourceArn required
- LogDestinationConfigs required
- LoggingConfiguration required
- PutLoggingConfigurationResponse
object
- LoggingConfiguration
- LogDestinationConfigs required
- items ResourceArn
- RedactedFields
- items FieldToMatch
- ResourceArn required
- LogDestinationConfigs required
- LoggingConfiguration
- PutPermissionPolicyRequest
object
- Policy required
- ResourceArn required
- PutPermissionPolicyResponse
object
- RateBasedRule
object
:This is AWS WAF Classic documentation. For more information, see AWS WAF Classic in the developer guide.
For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS WAF Developer Guide. With the latest version, AWS WAF has a single set of endpoints for regional and global use.
A
RateBasedRule
is identical to a regular Rule, with one addition: aRateBasedRule
counts the number of requests that arrive from a specified IP address every five minutes. For example, based on recent requests that you've seen from an attacker, you might create aRateBasedRule
that includes the following conditions:-
The requests come from 192.0.2.44.
-
They contain the value
BadBot
in theUser-Agent
header.
In the rule, you also define the rate limit as 1,000.
Requests that meet both of these conditions and exceed 1,000 requests every five minutes trigger the rule's action (block or count), which is defined in the web ACL.
- MatchPredicates required
- items Predicate
- MetricName
- Name
- RateKey required
- RateLimit required
- RuleId required
-
- RateKey
string
(values: IP)
- RateLimit
integer
- RedactedFields
array
- items FieldToMatch
- RegexMatchSet
object
:This is AWS WAF Classic documentation. For more information, see AWS WAF Classic in the developer guide.
For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS WAF Developer Guide. With the latest version, AWS WAF has a single set of endpoints for regional and global use.
In a GetRegexMatchSet request,
RegexMatchSet
is a complex type that contains theRegexMatchSetId
andName
of aRegexMatchSet
, and the values that you specified when you updated theRegexMatchSet
.The values are contained in a
RegexMatchTuple
object, which specify the parts of web requests that you want AWS WAF to inspect and the values that you want AWS WAF to search for. If aRegexMatchSet
contains more than oneRegexMatchTuple
object, a request needs to match the settings in only oneByteMatchTuple
to be considered a match.- Name
- RegexMatchSetId
- RegexMatchTuples
- items RegexMatchTuple
- RegexMatchSetSummaries
array
- items RegexMatchSetSummary
- RegexMatchSetSummary
object
:This is AWS WAF Classic documentation. For more information, see AWS WAF Classic in the developer guide.
For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS WAF Developer Guide. With the latest version, AWS WAF has a single set of endpoints for regional and global use.
Returned by ListRegexMatchSets. Each
RegexMatchSetSummary
object includes theName
andRegexMatchSetId
for one RegexMatchSet.- Name required
- RegexMatchSetId required
- RegexMatchSetUpdate
object
:This is AWS WAF Classic documentation. For more information, see AWS WAF Classic in the developer guide.
For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS WAF Developer Guide. With the latest version, AWS WAF has a single set of endpoints for regional and global use.
In an UpdateRegexMatchSet request,
RegexMatchSetUpdate
specifies whether to insert or delete a RegexMatchTuple and includes the settings for theRegexMatchTuple
.- Action required
- RegexMatchTuple required
- FieldToMatch required
- Data
- Type required
- RegexPatternSetId required
- TextTransformation required
- FieldToMatch required
- RegexMatchSetUpdates
array
- items RegexMatchSetUpdate
- RegexMatchTuple
object
:This is AWS WAF Classic documentation. For more information, see AWS WAF Classic in the developer guide.
For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS WAF Developer Guide. With the latest version, AWS WAF has a single set of endpoints for regional and global use.
The regular expression pattern that you want AWS WAF to search for in web requests, the location in requests that you want AWS WAF to search, and other settings. Each
RegexMatchTuple
object contains:-
The part of a web request that you want AWS WAF to inspect, such as a query string or the value of the
User-Agent
header. -
The identifier of the pattern (a regular expression) that you want AWS WAF to look for. For more information, see RegexPatternSet.
-
Whether to perform any conversions on the request, such as converting it to lowercase, before inspecting it for the specified string.
- FieldToMatch required
- Data
- Type required
- RegexPatternSetId required
- TextTransformation required
-
- RegexMatchTuples
array
- items RegexMatchTuple
- RegexPatternSet
object
:This is AWS WAF Classic documentation. For more information, see AWS WAF Classic in the developer guide.
For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS WAF Developer Guide. With the latest version, AWS WAF has a single set of endpoints for regional and global use.
The
RegexPatternSet
specifies the regular expression (regex) pattern that you want AWS WAF to search for, such asB[a@]dB[o0]t
. You can then configure AWS WAF to reject those requests.- Name
- RegexPatternSetId required
- RegexPatternStrings required
- items RegexPatternString
- RegexPatternSetSummaries
array
- items RegexPatternSetSummary
- RegexPatternSetSummary
object
:This is AWS WAF Classic documentation. For more information, see AWS WAF Classic in the developer guide.
For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS WAF Developer Guide. With the latest version, AWS WAF has a single set of endpoints for regional and global use.
Returned by ListRegexPatternSets. Each
RegexPatternSetSummary
object includes theName
andRegexPatternSetId
for one RegexPatternSet.- Name required
- RegexPatternSetId required
- RegexPatternSetUpdate
object
:This is AWS WAF Classic documentation. For more information, see AWS WAF Classic in the developer guide.
For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS WAF Developer Guide. With the latest version, AWS WAF has a single set of endpoints for regional and global use.
In an UpdateRegexPatternSet request,
RegexPatternSetUpdate
specifies whether to insert or delete aRegexPatternString
and includes the settings for theRegexPatternString
.- Action required
- RegexPatternString required
- RegexPatternSetUpdates
array
- items RegexPatternSetUpdate
- RegexPatternString
string
- RegexPatternStrings
array
- items RegexPatternString
- ResourceArn
string
- ResourceId
string
- ResourceName
string
- Rule
object
:This is AWS WAF Classic documentation. For more information, see AWS WAF Classic in the developer guide.
For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS WAF Developer Guide. With the latest version, AWS WAF has a single set of endpoints for regional and global use.
A combination of ByteMatchSet, IPSet, and/or SqlInjectionMatchSet objects that identify the web requests that you want to allow, block, or count. For example, you might create a
Rule
that includes the following predicates:-
An
IPSet
that causes AWS WAF to search for web requests that originate from the IP address192.0.2.44
-
A
ByteMatchSet
that causes AWS WAF to search for web requests for which the value of theUser-Agent
header isBadBot
.
To match the settings in this
Rule
, a request must originate from192.0.2.44
AND include aUser-Agent
header for which the value isBadBot
.- MetricName
- Name
- Predicates required
- items Predicate
- RuleId required
-
- RuleGroup
object
:This is AWS WAF Classic documentation. For more information, see AWS WAF Classic in the developer guide.
For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS WAF Developer Guide. With the latest version, AWS WAF has a single set of endpoints for regional and global use.
A collection of predefined rules that you can add to a web ACL.
Rule groups are subject to the following limits:
-
Three rule groups per account. You can request an increase to this limit by contacting customer support.
-
One rule group per web ACL.
-
Ten rules per rule group.
- MetricName
- Name
- RuleGroupId required
-
- RuleGroupSummaries
array
- items RuleGroupSummary
- RuleGroupSummary
object
:This is AWS WAF Classic documentation. For more information, see AWS WAF Classic in the developer guide.
For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS WAF Developer Guide. With the latest version, AWS WAF has a single set of endpoints for regional and global use.
Contains the identifier and the friendly name or description of the
RuleGroup
.- Name required
- RuleGroupId required
- RuleGroupUpdate
object
:This is AWS WAF Classic documentation. For more information, see AWS WAF Classic in the developer guide.
For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS WAF Developer Guide. With the latest version, AWS WAF has a single set of endpoints for regional and global use.
Specifies an
ActivatedRule
and indicates whether you want to add it to aRuleGroup
or delete it from aRuleGroup
.- Action required
- ActivatedRule required
- Action
- Type required
- ExcludedRules
- items ExcludedRule
- OverrideAction
- Type required
- Priority required
- RuleId required
- Type
- Action
- RuleGroupUpdates
array
- items RuleGroupUpdate
- RulePriority
integer
- RuleSummaries
array
- items RuleSummary
- RuleSummary
object
:This is AWS WAF Classic documentation. For more information, see AWS WAF Classic in the developer guide.
For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS WAF Developer Guide. With the latest version, AWS WAF has a single set of endpoints for regional and global use.
Contains the identifier and the friendly name or description of the
Rule
.- Name required
- RuleId required
- RuleUpdate
object
:This is AWS WAF Classic documentation. For more information, see AWS WAF Classic in the developer guide.
For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS WAF Developer Guide. With the latest version, AWS WAF has a single set of endpoints for regional and global use.
Specifies a
Predicate
(such as anIPSet
) and indicates whether you want to add it to aRule
or delete it from aRule
.- Action required
- Predicate required
- DataId required
- Negated required
- Type required
- RuleUpdates
array
- items RuleUpdate
- S3BucketName
string
- S3ObjectUrl
string
- SampleWeight
integer
- SampledHTTPRequest
object
:This is AWS WAF Classic documentation. For more information, see AWS WAF Classic in the developer guide.
For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS WAF Developer Guide. With the latest version, AWS WAF has a single set of endpoints for regional and global use.
The response from a GetSampledRequests request includes a
SampledHTTPRequests
complex type that appears asSampledRequests
in the response syntax.SampledHTTPRequests
contains oneSampledHTTPRequest
object for each web request that is returned byGetSampledRequests
.- Action
- Request required
- ClientIP
- Country
- HTTPVersion
- Headers
- items HTTPHeader
- Method
- URI
- RuleWithinRuleGroup
- Timestamp
- Weight required
- SampledHTTPRequests
array
- items SampledHTTPRequest
- Size
integer
- SizeConstraint
object
:This is AWS WAF Classic documentation. For more information, see AWS WAF Classic in the developer guide.
For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS WAF Developer Guide. With the latest version, AWS WAF has a single set of endpoints for regional and global use.
Specifies a constraint on the size of a part of the web request. AWS WAF uses the
Size
,ComparisonOperator
, andFieldToMatch
to build an expression in the form of "Size
ComparisonOperator
size in bytes ofFieldToMatch
". If that expression is true, theSizeConstraint
is considered to match.- ComparisonOperator required
- FieldToMatch required
- Data
- Type required
- Size required
- TextTransformation required
- SizeConstraintSet
object
:This is AWS WAF Classic documentation. For more information, see AWS WAF Classic in the developer guide.
For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS WAF Developer Guide. With the latest version, AWS WAF has a single set of endpoints for regional and global use.
A complex type that contains
SizeConstraint
objects, which specify the parts of web requests that you want AWS WAF to inspect the size of. If aSizeConstraintSet
contains more than oneSizeConstraint
object, a request only needs to match one constraint to be considered a match.- Name
- SizeConstraintSetId required
- SizeConstraints required
- items SizeConstraint
- SizeConstraintSetSummaries
array
- items SizeConstraintSetSummary
- SizeConstraintSetSummary
object
:This is AWS WAF Classic documentation. For more information, see AWS WAF Classic in the developer guide.
For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS WAF Developer Guide. With the latest version, AWS WAF has a single set of endpoints for regional and global use.
The
Id
andName
of aSizeConstraintSet
.- Name required
- SizeConstraintSetId required
- SizeConstraintSetUpdate
object
:This is AWS WAF Classic documentation. For more information, see AWS WAF Classic in the developer guide.
For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS WAF Developer Guide. With the latest version, AWS WAF has a single set of endpoints for regional and global use.
Specifies the part of a web request that you want to inspect the size of and indicates whether you want to add the specification to a SizeConstraintSet or delete it from a
SizeConstraintSet
.- Action required
- SizeConstraint required
- ComparisonOperator required
- FieldToMatch required
- Data
- Type required
- Size required
- TextTransformation required
- SizeConstraintSetUpdates
array
- items SizeConstraintSetUpdate
- SizeConstraints
array
- items SizeConstraint
- SqlInjectionMatchSet
object
:This is AWS WAF Classic documentation. For more information, see AWS WAF Classic in the developer guide.
For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS WAF Developer Guide. With the latest version, AWS WAF has a single set of endpoints for regional and global use.
A complex type that contains
SqlInjectionMatchTuple
objects, which specify the parts of web requests that you want AWS WAF to inspect for snippets of malicious SQL code and, if you want AWS WAF to inspect a header, the name of the header. If aSqlInjectionMatchSet
contains more than oneSqlInjectionMatchTuple
object, a request needs to include snippets of SQL code in only one of the specified parts of the request to be considered a match.- Name
- SqlInjectionMatchSetId required
- SqlInjectionMatchTuples required
- items SqlInjectionMatchTuple
- SqlInjectionMatchSetSummaries
array
- SqlInjectionMatchSetSummary
object
:This is AWS WAF Classic documentation. For more information, see AWS WAF Classic in the developer guide.
For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS WAF Developer Guide. With the latest version, AWS WAF has a single set of endpoints for regional and global use.
The
Id
andName
of aSqlInjectionMatchSet
.- Name required
- SqlInjectionMatchSetId required
- SqlInjectionMatchSetUpdate
object
:This is AWS WAF Classic documentation. For more information, see AWS WAF Classic in the developer guide.
For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS WAF Developer Guide. With the latest version, AWS WAF has a single set of endpoints for regional and global use.
Specifies the part of a web request that you want to inspect for snippets of malicious SQL code and indicates whether you want to add the specification to a SqlInjectionMatchSet or delete it from a
SqlInjectionMatchSet
.- Action required
- SqlInjectionMatchTuple required
- FieldToMatch required
- Data
- Type required
- TextTransformation required
- FieldToMatch required
- SqlInjectionMatchSetUpdates
array
- SqlInjectionMatchTuple
object
:This is AWS WAF Classic documentation. For more information, see AWS WAF Classic in the developer guide.
For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS WAF Developer Guide. With the latest version, AWS WAF has a single set of endpoints for regional and global use.
Specifies the part of a web request that you want AWS WAF to inspect for snippets of malicious SQL code and, if you want AWS WAF to inspect a header, the name of the header.
- FieldToMatch required
- Data
- Type required
- TextTransformation required
- FieldToMatch required
- SqlInjectionMatchTuples
array
- items SqlInjectionMatchTuple
- SubscribedRuleGroupSummaries
array
- SubscribedRuleGroupSummary
object
:This is AWS WAF Classic documentation. For more information, see AWS WAF Classic in the developer guide.
For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS WAF Developer Guide. With the latest version, AWS WAF has a single set of endpoints for regional and global use.
A summary of the rule groups you are subscribed to.
- MetricName required
- Name required
- RuleGroupId required
- Tag
object
:This is AWS WAF Classic documentation. For more information, see AWS WAF Classic in the developer guide.
For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS WAF Developer Guide. With the latest version, AWS WAF has a single set of endpoints for regional and global use.
A tag associated with an AWS resource. Tags are key:value pairs that you can use to categorize and manage your resources, for purposes like billing. For example, you might set the tag key to "customer" and the value to the customer name or ID. You can specify one or more tags to add to each AWS resource, up to 50 tags for a resource.
Tagging is only available through the API, SDKs, and CLI. You can't manage or view tags through the AWS WAF Classic console. You can tag the AWS resources that you manage through AWS WAF Classic: web ACLs, rule groups, and rules.
- Key required
- Value required
- TagInfoForResource
object
:This is AWS WAF Classic documentation. For more information, see AWS WAF Classic in the developer guide.
For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS WAF Developer Guide. With the latest version, AWS WAF has a single set of endpoints for regional and global use.
Information for a tag associated with an AWS resource. Tags are key:value pairs that you can use to categorize and manage your resources, for purposes like billing. For example, you might set the tag key to "customer" and the value to the customer name or ID. You can specify one or more tags to add to each AWS resource, up to 50 tags for a resource.
Tagging is only available through the API, SDKs, and CLI. You can't manage or view tags through the AWS WAF Classic console. You can tag the AWS resources that you manage through AWS WAF Classic: web ACLs, rule groups, and rules.
- ResourceARN
- TagList
- items Tag
- TagKey
string
- TagKeyList
array
- items TagKey
- TagList
array
- items Tag
- TagResourceRequest
object
- ResourceARN required
- Tags required
- items Tag
- TagResourceResponse
object
- TagValue
string
- TextTransformation
string
(values: NONE, COMPRESS_WHITE_SPACE, HTML_ENTITY_DECODE, LOWERCASE, CMD_LINE, URL_DECODE)
- TimeWindow
object
:This is AWS WAF Classic documentation. For more information, see AWS WAF Classic in the developer guide.
For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS WAF Developer Guide. With the latest version, AWS WAF has a single set of endpoints for regional and global use.
In a GetSampledRequests request, the
StartTime
andEndTime
objects specify the time range for which you want AWS WAF to return a sample of web requests.You must specify the times in Coordinated Universal Time (UTC) format. UTC format includes the special designator,
Z
. For example,"2016-09-27T14:50Z"
.In a GetSampledRequests response, the
StartTime
andEndTime
objects specify the time range for which AWS WAF actually returned a sample of web requests. AWS WAF gets the specified number of requests from among the first 5,000 requests that your AWS resource receives during the specified time period. If your resource receives more than 5,000 requests during that period, AWS WAF stops sampling after the 5,000th request. In that case,EndTime
is the time that AWS WAF received the 5,000th request.- EndTime required
- StartTime required
- Timestamp
string
- URIString
string
- UntagResourceRequest
object
- ResourceARN required
- TagKeys required
- items TagKey
- UntagResourceResponse
object
- UpdateByteMatchSetRequest
object
- ByteMatchSetId required
- ChangeToken required
- Updates required
- items ByteMatchSetUpdate
- UpdateByteMatchSetResponse
object
- ChangeToken
- UpdateGeoMatchSetRequest
object
- ChangeToken required
- GeoMatchSetId required
- Updates required
- items GeoMatchSetUpdate
- UpdateGeoMatchSetResponse
object
- ChangeToken
- UpdateIPSetRequest
object
- ChangeToken required
- IPSetId required
- Updates required
- items IPSetUpdate
- UpdateIPSetResponse
object
- ChangeToken
- UpdateRateBasedRuleRequest
object
- ChangeToken required
- RateLimit required
- RuleId required
- Updates required
- items RuleUpdate
- UpdateRateBasedRuleResponse
object
- ChangeToken
- UpdateRegexMatchSetRequest
object
- ChangeToken required
- RegexMatchSetId required
- Updates required
- items RegexMatchSetUpdate
- UpdateRegexMatchSetResponse
object
- ChangeToken
- UpdateRegexPatternSetRequest
object
- ChangeToken required
- RegexPatternSetId required
- Updates required
- items RegexPatternSetUpdate
- UpdateRegexPatternSetResponse
object
- ChangeToken
- UpdateRuleGroupRequest
object
- ChangeToken required
- RuleGroupId required
- Updates required
- items RuleGroupUpdate
- UpdateRuleGroupResponse
object
- ChangeToken
- UpdateRuleRequest
object
- ChangeToken required
- RuleId required
- Updates required
- items RuleUpdate
- UpdateRuleResponse
object
- ChangeToken
- UpdateSizeConstraintSetRequest
object
- ChangeToken required
- SizeConstraintSetId required
- Updates required
- items SizeConstraintSetUpdate
- UpdateSizeConstraintSetResponse
object
- ChangeToken
- UpdateSqlInjectionMatchSetRequest
object
: A request to update a SqlInjectionMatchSet.- ChangeToken required
- SqlInjectionMatchSetId required
- Updates required
- UpdateSqlInjectionMatchSetResponse
object
: The response to an UpdateSqlInjectionMatchSets request.- ChangeToken
- UpdateWebACLRequest
object
- ChangeToken required
- DefaultAction
- Type required
- Updates
- items WebACLUpdate
- WebACLId required
- UpdateWebACLResponse
object
- ChangeToken
- UpdateXssMatchSetRequest
object
: A request to update an XssMatchSet.- ChangeToken required
- Updates required
- items XssMatchSetUpdate
- XssMatchSetId required
- UpdateXssMatchSetResponse
object
: The response to an UpdateXssMatchSets request.- ChangeToken
- WafAction
object
:This is AWS WAF Classic documentation. For more information, see AWS WAF Classic in the developer guide.
For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS WAF Developer Guide. With the latest version, AWS WAF has a single set of endpoints for regional and global use.
For the action that is associated with a rule in a
WebACL
, specifies the action that you want AWS WAF to perform when a web request matches all of the conditions in a rule. For the default action in aWebACL
, specifies the action that you want AWS WAF to take when a web request doesn't match all of the conditions in any of the rules in aWebACL
.- Type required
- WafActionType
string
(values: BLOCK, ALLOW, COUNT)
- WafOverrideAction
object
:This is AWS WAF Classic documentation. For more information, see AWS WAF Classic in the developer guide.
For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS WAF Developer Guide. With the latest version, AWS WAF has a single set of endpoints for regional and global use.
The action to take if any rule within the
RuleGroup
matches a request.- Type required
- WafOverrideActionType
string
(values: NONE, COUNT)
- WafRuleType
string
(values: REGULAR, RATE_BASED, GROUP)
- WebACL
object
:This is AWS WAF Classic documentation. For more information, see AWS WAF Classic in the developer guide.
For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS WAF Developer Guide. With the latest version, AWS WAF has a single set of endpoints for regional and global use.
Contains the
Rules
that identify the requests that you want to allow, block, or count. In aWebACL
, you also specify a default action (ALLOW
orBLOCK
), and the action for eachRule
that you add to aWebACL
, for example, block requests from specified IP addresses or block requests from specified referrers. You also associate theWebACL
with a CloudFront distribution to identify the requests that you want AWS WAF to filter. If you add more than oneRule
to aWebACL
, a request needs to match only one of the specifications to be allowed, blocked, or counted. For more information, see UpdateWebACL.- DefaultAction required
- Type required
- MetricName
- Name
- Rules required
- items ActivatedRule
- WebACLArn
- WebACLId required
- DefaultAction required
- WebACLSummaries
array
- items WebACLSummary
- WebACLSummary
object
:This is AWS WAF Classic documentation. For more information, see AWS WAF Classic in the developer guide.
For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS WAF Developer Guide. With the latest version, AWS WAF has a single set of endpoints for regional and global use.
Contains the identifier and the name or description of the WebACL.
- Name required
- WebACLId required
- WebACLUpdate
object
:This is AWS WAF Classic documentation. For more information, see AWS WAF Classic in the developer guide.
For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS WAF Developer Guide. With the latest version, AWS WAF has a single set of endpoints for regional and global use.
Specifies whether to insert a
Rule
into or delete aRule
from aWebACL
.- Action required
- ActivatedRule required
- Action
- Type required
- ExcludedRules
- items ExcludedRule
- OverrideAction
- Type required
- Priority required
- RuleId required
- Type
- Action
- WebACLUpdates
array
- items WebACLUpdate
- XssMatchSet
object
:This is AWS WAF Classic documentation. For more information, see AWS WAF Classic in the developer guide.
For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS WAF Developer Guide. With the latest version, AWS WAF has a single set of endpoints for regional and global use.
A complex type that contains
XssMatchTuple
objects, which specify the parts of web requests that you want AWS WAF to inspect for cross-site scripting attacks and, if you want AWS WAF to inspect a header, the name of the header. If aXssMatchSet
contains more than oneXssMatchTuple
object, a request needs to include cross-site scripting attacks in only one of the specified parts of the request to be considered a match.- Name
- XssMatchSetId required
- XssMatchTuples required
- items XssMatchTuple
- XssMatchSetSummaries
array
- items XssMatchSetSummary
- XssMatchSetSummary
object
:This is AWS WAF Classic documentation. For more information, see AWS WAF Classic in the developer guide.
For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS WAF Developer Guide. With the latest version, AWS WAF has a single set of endpoints for regional and global use.
The
Id
andName
of anXssMatchSet
.- Name required
- XssMatchSetId required
- XssMatchSetUpdate
object
:This is AWS WAF Classic documentation. For more information, see AWS WAF Classic in the developer guide.
For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS WAF Developer Guide. With the latest version, AWS WAF has a single set of endpoints for regional and global use.
Specifies the part of a web request that you want to inspect for cross-site scripting attacks and indicates whether you want to add the specification to an XssMatchSet or delete it from an
XssMatchSet
.- Action required
- XssMatchTuple required
- FieldToMatch required
- Data
- Type required
- TextTransformation required
- FieldToMatch required
- XssMatchSetUpdates
array
- items XssMatchSetUpdate
- XssMatchTuple
object
:This is AWS WAF Classic documentation. For more information, see AWS WAF Classic in the developer guide.
For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS WAF Developer Guide. With the latest version, AWS WAF has a single set of endpoints for regional and global use.
Specifies the part of a web request that you want AWS WAF to inspect for cross-site scripting attacks and, if you want AWS WAF to inspect a header, the name of the header.
- FieldToMatch required
- Data
- Type required
- TextTransformation required
- FieldToMatch required
- XssMatchTuples
array
- items XssMatchTuple