1// Code generated by smithy-go-codegen DO NOT EDIT. 2 3package types 4 5import ( 6 smithydocument "github.com/aws/smithy-go/document" 7 "time" 8) 9 10// This is AWS WAF Classic documentation. For more information, see AWS WAF Classic 11// (https://docs.aws.amazon.com/waf/latest/developerguide/classic-waf-chapter.html) 12// in the developer guide. For the latest version of AWS WAF, use the AWS WAFV2 API 13// and see the AWS WAF Developer Guide 14// (https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html). With 15// the latest version, AWS WAF has a single set of endpoints for regional and 16// global use. The ActivatedRule object in an UpdateWebACL request specifies a Rule 17// that you want to insert or delete, the priority of the Rule in the WebACL, and 18// the action that you want AWS WAF to take when a web request matches the Rule 19// (ALLOW, BLOCK, or COUNT). To specify whether to insert or delete a Rule, use the 20// Action parameter in the WebACLUpdate data type. 21type ActivatedRule struct { 22 23 // Specifies the order in which the Rules in a WebACL are evaluated. Rules with a 24 // lower value for Priority are evaluated before Rules with a higher value. The 25 // value must be a unique integer. If you add multiple Rules to a WebACL, the 26 // values don't need to be consecutive. 27 // 28 // This member is required. 29 Priority *int32 30 31 // The RuleId for a Rule. You use RuleId to get more information about a Rule (see 32 // GetRule), update a Rule (see UpdateRule), insert a Rule into a WebACL or delete 33 // a one from a WebACL (see UpdateWebACL), or delete a Rule from AWS WAF (see 34 // DeleteRule). RuleId is returned by CreateRule and by ListRules. 35 // 36 // This member is required. 37 RuleId *string 38 39 // Specifies the action that CloudFront or AWS WAF takes when a web request matches 40 // the conditions in the Rule. Valid values for Action include the following: 41 // 42 // * 43 // ALLOW: CloudFront responds with the requested object. 44 // 45 // * BLOCK: CloudFront 46 // responds with an HTTP 403 (Forbidden) status code. 47 // 48 // * COUNT: AWS WAF increments 49 // a counter of requests that match the conditions in the rule and then continues 50 // to inspect the web request based on the remaining rules in the web 51 // ACL. 52 // 53 // ActivatedRule|OverrideAction applies only when updating or adding a 54 // RuleGroup to a WebACL. In this case, you do not use ActivatedRule|Action. For 55 // all other update requests, ActivatedRule|Action is used instead of 56 // ActivatedRule|OverrideAction. 57 Action *WafAction 58 59 // An array of rules to exclude from a rule group. This is applicable only when the 60 // ActivatedRule refers to a RuleGroup. Sometimes it is necessary to troubleshoot 61 // rule groups that are blocking traffic unexpectedly (false positives). One 62 // troubleshooting technique is to identify the specific rule within the rule group 63 // that is blocking the legitimate traffic and then disable (exclude) that 64 // particular rule. You can exclude rules from both your own rule groups and AWS 65 // Marketplace rule groups that have been associated with a web ACL. Specifying 66 // ExcludedRules does not remove those rules from the rule group. Rather, it 67 // changes the action for the rules to COUNT. Therefore, requests that match an 68 // ExcludedRule are counted but not blocked. The RuleGroup owner will receive COUNT 69 // metrics for each ExcludedRule. If you want to exclude rules from a rule group 70 // that is already associated with a web ACL, perform the following steps: 71 // 72 // * Use 73 // the AWS WAF logs to identify the IDs of the rules that you want to exclude. For 74 // more information about the logs, see Logging Web ACL Traffic Information 75 // (https://docs.aws.amazon.com/waf/latest/developerguide/logging.html). 76 // 77 // * Submit 78 // an UpdateWebACL request that has two actions: 79 // 80 // * The first action deletes the 81 // existing rule group from the web ACL. That is, in the UpdateWebACL request, the 82 // first Updates:Action should be DELETE and Updates:ActivatedRule:RuleId should be 83 // the rule group that contains the rules that you want to exclude. 84 // 85 // * The second 86 // action inserts the same rule group back in, but specifying the rules to exclude. 87 // That is, the second Updates:Action should be INSERT, 88 // Updates:ActivatedRule:RuleId should be the rule group that you just removed, and 89 // ExcludedRules should contain the rules that you want to exclude. 90 ExcludedRules []ExcludedRule 91 92 // Use the OverrideAction to test your RuleGroup. Any rule in a RuleGroup can 93 // potentially block a request. If you set the OverrideAction to None, the 94 // RuleGroup will block a request if any individual rule in the RuleGroup matches 95 // the request and is configured to block that request. However if you first want 96 // to test the RuleGroup, set the OverrideAction to Count. The RuleGroup will then 97 // override any block action specified by individual rules contained within the 98 // group. Instead of blocking matching requests, those requests will be counted. 99 // You can view a record of counted requests using GetSampledRequests. 100 // ActivatedRule|OverrideAction applies only when updating or adding a RuleGroup to 101 // a WebACL. In this case you do not use ActivatedRule|Action. For all other update 102 // requests, ActivatedRule|Action is used instead of ActivatedRule|OverrideAction. 103 OverrideAction *WafOverrideAction 104 105 // The rule type, either REGULAR, as defined by Rule, RATE_BASED, as defined by 106 // RateBasedRule, or GROUP, as defined by RuleGroup. The default is REGULAR. 107 // Although this field is optional, be aware that if you try to add a RATE_BASED 108 // rule to a web ACL without setting the type, the UpdateWebACL request will fail 109 // because the request tries to add a REGULAR rule with the specified ID, which 110 // does not exist. 111 Type WafRuleType 112 113 noSmithyDocumentSerde 114} 115 116// This is AWS WAF Classic documentation. For more information, see AWS WAF Classic 117// (https://docs.aws.amazon.com/waf/latest/developerguide/classic-waf-chapter.html) 118// in the developer guide. For the latest version of AWS WAF, use the AWS WAFV2 API 119// and see the AWS WAF Developer Guide 120// (https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html). With 121// the latest version, AWS WAF has a single set of endpoints for regional and 122// global use. In a GetByteMatchSet request, ByteMatchSet is a complex type that 123// contains the ByteMatchSetId and Name of a ByteMatchSet, and the values that you 124// specified when you updated the ByteMatchSet. A complex type that contains 125// ByteMatchTuple objects, which specify the parts of web requests that you want 126// AWS WAF to inspect and the values that you want AWS WAF to search for. If a 127// ByteMatchSet contains more than one ByteMatchTuple object, a request needs to 128// match the settings in only one ByteMatchTuple to be considered a match. 129type ByteMatchSet struct { 130 131 // The ByteMatchSetId for a ByteMatchSet. You use ByteMatchSetId to get information 132 // about a ByteMatchSet (see GetByteMatchSet), update a ByteMatchSet (see 133 // UpdateByteMatchSet), insert a ByteMatchSet into a Rule or delete one from a Rule 134 // (see UpdateRule), and delete a ByteMatchSet from AWS WAF (see 135 // DeleteByteMatchSet). ByteMatchSetId is returned by CreateByteMatchSet and by 136 // ListByteMatchSets. 137 // 138 // This member is required. 139 ByteMatchSetId *string 140 141 // Specifies the bytes (typically a string that corresponds with ASCII characters) 142 // that you want AWS WAF to search for in web requests, the location in requests 143 // that you want AWS WAF to search, and other settings. 144 // 145 // This member is required. 146 ByteMatchTuples []ByteMatchTuple 147 148 // A friendly name or description of the ByteMatchSet. You can't change Name after 149 // you create a ByteMatchSet. 150 Name *string 151 152 noSmithyDocumentSerde 153} 154 155// This is AWS WAF Classic documentation. For more information, see AWS WAF Classic 156// (https://docs.aws.amazon.com/waf/latest/developerguide/classic-waf-chapter.html) 157// in the developer guide. For the latest version of AWS WAF, use the AWS WAFV2 API 158// and see the AWS WAF Developer Guide 159// (https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html). With 160// the latest version, AWS WAF has a single set of endpoints for regional and 161// global use. Returned by ListByteMatchSets. Each ByteMatchSetSummary object 162// includes the Name and ByteMatchSetId for one ByteMatchSet. 163type ByteMatchSetSummary struct { 164 165 // The ByteMatchSetId for a ByteMatchSet. You use ByteMatchSetId to get information 166 // about a ByteMatchSet, update a ByteMatchSet, remove a ByteMatchSet from a Rule, 167 // and delete a ByteMatchSet from AWS WAF. ByteMatchSetId is returned by 168 // CreateByteMatchSet and by ListByteMatchSets. 169 // 170 // This member is required. 171 ByteMatchSetId *string 172 173 // A friendly name or description of the ByteMatchSet. You can't change Name after 174 // you create a ByteMatchSet. 175 // 176 // This member is required. 177 Name *string 178 179 noSmithyDocumentSerde 180} 181 182// This is AWS WAF Classic documentation. For more information, see AWS WAF Classic 183// (https://docs.aws.amazon.com/waf/latest/developerguide/classic-waf-chapter.html) 184// in the developer guide. For the latest version of AWS WAF, use the AWS WAFV2 API 185// and see the AWS WAF Developer Guide 186// (https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html). With 187// the latest version, AWS WAF has a single set of endpoints for regional and 188// global use. In an UpdateByteMatchSet request, ByteMatchSetUpdate specifies 189// whether to insert or delete a ByteMatchTuple and includes the settings for the 190// ByteMatchTuple. 191type ByteMatchSetUpdate struct { 192 193 // Specifies whether to insert or delete a ByteMatchTuple. 194 // 195 // This member is required. 196 Action ChangeAction 197 198 // Information about the part of a web request that you want AWS WAF to inspect and 199 // the value that you want AWS WAF to search for. If you specify DELETE for the 200 // value of Action, the ByteMatchTuple values must exactly match the values in the 201 // ByteMatchTuple that you want to delete from the ByteMatchSet. 202 // 203 // This member is required. 204 ByteMatchTuple *ByteMatchTuple 205 206 noSmithyDocumentSerde 207} 208 209// This is AWS WAF Classic documentation. For more information, see AWS WAF Classic 210// (https://docs.aws.amazon.com/waf/latest/developerguide/classic-waf-chapter.html) 211// in the developer guide. For the latest version of AWS WAF, use the AWS WAFV2 API 212// and see the AWS WAF Developer Guide 213// (https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html). With 214// the latest version, AWS WAF has a single set of endpoints for regional and 215// global use. The bytes (typically a string that corresponds with ASCII 216// characters) that you want AWS WAF to search for in web requests, the location in 217// requests that you want AWS WAF to search, and other settings. 218type ByteMatchTuple struct { 219 220 // The part of a web request that you want AWS WAF to search, such as a specified 221 // header or a query string. For more information, see FieldToMatch. 222 // 223 // This member is required. 224 FieldToMatch *FieldToMatch 225 226 // Within the portion of a web request that you want to search (for example, in the 227 // query string, if any), specify where you want AWS WAF to search. Valid values 228 // include the following: CONTAINS The specified part of the web request must 229 // include the value of TargetString, but the location doesn't matter. 230 // CONTAINS_WORD The specified part of the web request must include the value of 231 // TargetString, and TargetString must contain only alphanumeric characters or 232 // underscore (A-Z, a-z, 0-9, or _). In addition, TargetString must be a word, 233 // which means one of the following: 234 // 235 // * TargetString exactly matches the value of 236 // the specified part of the web request, such as the value of a header. 237 // 238 // * 239 // TargetString is at the beginning of the specified part of the web request and is 240 // followed by a character other than an alphanumeric character or underscore (_), 241 // for example, BadBot;. 242 // 243 // * TargetString is at the end of the specified part of the 244 // web request and is preceded by a character other than an alphanumeric character 245 // or underscore (_), for example, ;BadBot. 246 // 247 // * TargetString is in the middle of the 248 // specified part of the web request and is preceded and followed by characters 249 // other than alphanumeric characters or underscore (_), for example, 250 // -BadBot;. 251 // 252 // EXACTLY The value of the specified part of the web request must 253 // exactly match the value of TargetString. STARTS_WITH The value of TargetString 254 // must appear at the beginning of the specified part of the web request. ENDS_WITH 255 // The value of TargetString must appear at the end of the specified part of the 256 // web request. 257 // 258 // This member is required. 259 PositionalConstraint PositionalConstraint 260 261 // The value that you want AWS WAF to search for. AWS WAF searches for the 262 // specified string in the part of web requests that you specified in FieldToMatch. 263 // The maximum length of the value is 50 bytes. Valid values depend on the values 264 // that you specified for FieldToMatch: 265 // 266 // * HEADER: The value that you want AWS WAF 267 // to search for in the request header that you specified in FieldToMatch, for 268 // example, the value of the User-Agent or Referer header. 269 // 270 // * METHOD: The HTTP 271 // method, which indicates the type of operation specified in the request. 272 // CloudFront supports the following methods: DELETE, GET, HEAD, OPTIONS, PATCH, 273 // POST, and PUT. 274 // 275 // * QUERY_STRING: The value that you want AWS WAF to search for in 276 // the query string, which is the part of a URL that appears after a ? 277 // character. 278 // 279 // * URI: The value that you want AWS WAF to search for in the part of 280 // a URL that identifies a resource, for example, /images/daily-ad.jpg. 281 // 282 // * BODY: 283 // The part of a request that contains any additional data that you want to send to 284 // your web server as the HTTP request body, such as data from a form. The request 285 // body immediately follows the request headers. Note that only the first 8192 286 // bytes of the request body are forwarded to AWS WAF for inspection. To allow or 287 // block requests based on the length of the body, you can create a size constraint 288 // set. For more information, see CreateSizeConstraintSet. 289 // 290 // * SINGLE_QUERY_ARG: The 291 // parameter in the query string that you will inspect, such as UserName or 292 // SalesRegion. The maximum length for SINGLE_QUERY_ARG is 30 characters. 293 // 294 // * 295 // ALL_QUERY_ARGS: Similar to SINGLE_QUERY_ARG, but instead of inspecting a single 296 // parameter, AWS WAF inspects all parameters within the query string for the value 297 // or regex pattern that you specify in TargetString. 298 // 299 // If TargetString includes 300 // alphabetic characters A-Z and a-z, note that the value is case sensitive. If 301 // you're using the AWS WAF API Specify a base64-encoded version of the value. The 302 // maximum length of the value before you base64-encode it is 50 bytes. For 303 // example, suppose the value of Type is HEADER and the value of Data is 304 // User-Agent. If you want to search the User-Agent header for the value BadBot, 305 // you base64-encode BadBot using MIME base64-encoding and include the resulting 306 // value, QmFkQm90, in the value of TargetString. If you're using the AWS CLI or 307 // one of the AWS SDKs The value that you want AWS WAF to search for. The SDK 308 // automatically base64 encodes the value. 309 // 310 // This member is required. 311 TargetString []byte 312 313 // Text transformations eliminate some of the unusual formatting that attackers use 314 // in web requests in an effort to bypass AWS WAF. If you specify a transformation, 315 // AWS WAF performs the transformation on FieldToMatch before inspecting it for a 316 // match. You can only specify a single type of TextTransformation. CMD_LINE When 317 // you're concerned that attackers are injecting an operating system command line 318 // command and using unusual formatting to disguise some or all of the command, use 319 // this option to perform the following transformations: 320 // 321 // * Delete the following 322 // characters: \ " ' ^ 323 // 324 // * Delete spaces before the following characters: / ( 325 // 326 // * 327 // Replace the following characters with a space: , ; 328 // 329 // * Replace multiple spaces 330 // with one space 331 // 332 // * Convert uppercase letters (A-Z) to lowercase 333 // (a-z) 334 // 335 // COMPRESS_WHITE_SPACE Use this option to replace the following characters 336 // with a space character (decimal 32): 337 // 338 // * \f, formfeed, decimal 12 339 // 340 // * \t, tab, 341 // decimal 9 342 // 343 // * \n, newline, decimal 10 344 // 345 // * \r, carriage return, decimal 13 346 // 347 // * \v, 348 // vertical tab, decimal 11 349 // 350 // * non-breaking space, decimal 351 // 160 352 // 353 // COMPRESS_WHITE_SPACE also replaces multiple spaces with one space. 354 // HTML_ENTITY_DECODE Use this option to replace HTML-encoded characters with 355 // unencoded characters. HTML_ENTITY_DECODE performs the following operations: 356 // 357 // * 358 // Replaces (ampersand)quot; with " 359 // 360 // * Replaces (ampersand)nbsp; with a 361 // non-breaking space, decimal 160 362 // 363 // * Replaces (ampersand)lt; with a "less than" 364 // symbol 365 // 366 // * Replaces (ampersand)gt; with > 367 // 368 // * Replaces characters that are 369 // represented in hexadecimal format, (ampersand)#xhhhh;, with the corresponding 370 // characters 371 // 372 // * Replaces characters that are represented in decimal format, 373 // (ampersand)#nnnn;, with the corresponding characters 374 // 375 // LOWERCASE Use this option 376 // to convert uppercase letters (A-Z) to lowercase (a-z). URL_DECODE Use this 377 // option to decode a URL-encoded value. NONE Specify NONE if you don't want to 378 // perform any text transformations. 379 // 380 // This member is required. 381 TextTransformation TextTransformation 382 383 noSmithyDocumentSerde 384} 385 386// This is AWS WAF Classic documentation. For more information, see AWS WAF Classic 387// (https://docs.aws.amazon.com/waf/latest/developerguide/classic-waf-chapter.html) 388// in the developer guide. For the latest version of AWS WAF, use the AWS WAFV2 API 389// and see the AWS WAF Developer Guide 390// (https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html). With 391// the latest version, AWS WAF has a single set of endpoints for regional and 392// global use. The rule to exclude from a rule group. This is applicable only when 393// the ActivatedRule refers to a RuleGroup. The rule must belong to the RuleGroup 394// that is specified by the ActivatedRule. 395type ExcludedRule struct { 396 397 // The unique identifier for the rule to exclude from the rule group. 398 // 399 // This member is required. 400 RuleId *string 401 402 noSmithyDocumentSerde 403} 404 405// This is AWS WAF Classic documentation. For more information, see AWS WAF Classic 406// (https://docs.aws.amazon.com/waf/latest/developerguide/classic-waf-chapter.html) 407// in the developer guide. For the latest version of AWS WAF, use the AWS WAFV2 API 408// and see the AWS WAF Developer Guide 409// (https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html). With 410// the latest version, AWS WAF has a single set of endpoints for regional and 411// global use. Specifies where in a web request to look for TargetString. 412type FieldToMatch struct { 413 414 // The part of the web request that you want AWS WAF to search for a specified 415 // string. Parts of a request that you can search include the following: 416 // 417 // * HEADER: 418 // A specified request header, for example, the value of the User-Agent or Referer 419 // header. If you choose HEADER for the type, specify the name of the header in 420 // Data. 421 // 422 // * METHOD: The HTTP method, which indicated the type of operation that the 423 // request is asking the origin to perform. Amazon CloudFront supports the 424 // following methods: DELETE, GET, HEAD, OPTIONS, PATCH, POST, and PUT. 425 // 426 // * 427 // QUERY_STRING: A query string, which is the part of a URL that appears after a ? 428 // character, if any. 429 // 430 // * URI: The part of a web request that identifies a resource, 431 // for example, /images/daily-ad.jpg. 432 // 433 // * BODY: The part of a request that contains 434 // any additional data that you want to send to your web server as the HTTP request 435 // body, such as data from a form. The request body immediately follows the request 436 // headers. Note that only the first 8192 bytes of the request body are forwarded 437 // to AWS WAF for inspection. To allow or block requests based on the length of the 438 // body, you can create a size constraint set. For more information, see 439 // CreateSizeConstraintSet. 440 // 441 // * SINGLE_QUERY_ARG: The parameter in the query string 442 // that you will inspect, such as UserName or SalesRegion. The maximum length for 443 // SINGLE_QUERY_ARG is 30 characters. 444 // 445 // * ALL_QUERY_ARGS: Similar to 446 // SINGLE_QUERY_ARG, but rather than inspecting a single parameter, AWS WAF will 447 // inspect all parameters within the query for the value or regex pattern that you 448 // specify in TargetString. 449 // 450 // This member is required. 451 Type MatchFieldType 452 453 // When the value of Type is HEADER, enter the name of the header that you want AWS 454 // WAF to search, for example, User-Agent or Referer. The name of the header is not 455 // case sensitive. When the value of Type is SINGLE_QUERY_ARG, enter the name of 456 // the parameter that you want AWS WAF to search, for example, UserName or 457 // SalesRegion. The parameter name is not case sensitive. If the value of Type is 458 // any other value, omit Data. 459 Data *string 460 461 noSmithyDocumentSerde 462} 463 464// This is AWS WAF Classic documentation. For more information, see AWS WAF Classic 465// (https://docs.aws.amazon.com/waf/latest/developerguide/classic-waf-chapter.html) 466// in the developer guide. For the latest version of AWS WAF, use the AWS WAFV2 API 467// and see the AWS WAF Developer Guide 468// (https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html). With 469// the latest version, AWS WAF has a single set of endpoints for regional and 470// global use. The country from which web requests originate that you want AWS WAF 471// to search for. 472type GeoMatchConstraint struct { 473 474 // The type of geographical area you want AWS WAF to search for. Currently Country 475 // is the only valid value. 476 // 477 // This member is required. 478 Type GeoMatchConstraintType 479 480 // The country that you want AWS WAF to search for. 481 // 482 // This member is required. 483 Value GeoMatchConstraintValue 484 485 noSmithyDocumentSerde 486} 487 488// This is AWS WAF Classic documentation. For more information, see AWS WAF Classic 489// (https://docs.aws.amazon.com/waf/latest/developerguide/classic-waf-chapter.html) 490// in the developer guide. For the latest version of AWS WAF, use the AWS WAFV2 API 491// and see the AWS WAF Developer Guide 492// (https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html). With 493// the latest version, AWS WAF has a single set of endpoints for regional and 494// global use. Contains one or more countries that AWS WAF will search for. 495type GeoMatchSet struct { 496 497 // An array of GeoMatchConstraint objects, which contain the country that you want 498 // AWS WAF to search for. 499 // 500 // This member is required. 501 GeoMatchConstraints []GeoMatchConstraint 502 503 // The GeoMatchSetId for an GeoMatchSet. You use GeoMatchSetId to get information 504 // about a GeoMatchSet (see GeoMatchSet), update a GeoMatchSet (see 505 // UpdateGeoMatchSet), insert a GeoMatchSet into a Rule or delete one from a Rule 506 // (see UpdateRule), and delete a GeoMatchSet from AWS WAF (see DeleteGeoMatchSet). 507 // GeoMatchSetId is returned by CreateGeoMatchSet and by ListGeoMatchSets. 508 // 509 // This member is required. 510 GeoMatchSetId *string 511 512 // A friendly name or description of the GeoMatchSet. You can't change the name of 513 // an GeoMatchSet after you create it. 514 Name *string 515 516 noSmithyDocumentSerde 517} 518 519// This is AWS WAF Classic documentation. For more information, see AWS WAF Classic 520// (https://docs.aws.amazon.com/waf/latest/developerguide/classic-waf-chapter.html) 521// in the developer guide. For the latest version of AWS WAF, use the AWS WAFV2 API 522// and see the AWS WAF Developer Guide 523// (https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html). With 524// the latest version, AWS WAF has a single set of endpoints for regional and 525// global use. Contains the identifier and the name of the GeoMatchSet. 526type GeoMatchSetSummary struct { 527 528 // The GeoMatchSetId for an GeoMatchSet. You can use GeoMatchSetId in a 529 // GetGeoMatchSet request to get detailed information about an GeoMatchSet. 530 // 531 // This member is required. 532 GeoMatchSetId *string 533 534 // A friendly name or description of the GeoMatchSet. You can't change the name of 535 // an GeoMatchSet after you create it. 536 // 537 // This member is required. 538 Name *string 539 540 noSmithyDocumentSerde 541} 542 543// This is AWS WAF Classic documentation. For more information, see AWS WAF Classic 544// (https://docs.aws.amazon.com/waf/latest/developerguide/classic-waf-chapter.html) 545// in the developer guide. For the latest version of AWS WAF, use the AWS WAFV2 API 546// and see the AWS WAF Developer Guide 547// (https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html). With 548// the latest version, AWS WAF has a single set of endpoints for regional and 549// global use. Specifies the type of update to perform to an GeoMatchSet with 550// UpdateGeoMatchSet. 551type GeoMatchSetUpdate struct { 552 553 // Specifies whether to insert or delete a country with UpdateGeoMatchSet. 554 // 555 // This member is required. 556 Action ChangeAction 557 558 // The country from which web requests originate that you want AWS WAF to search 559 // for. 560 // 561 // This member is required. 562 GeoMatchConstraint *GeoMatchConstraint 563 564 noSmithyDocumentSerde 565} 566 567// This is AWS WAF Classic documentation. For more information, see AWS WAF Classic 568// (https://docs.aws.amazon.com/waf/latest/developerguide/classic-waf-chapter.html) 569// in the developer guide. For the latest version of AWS WAF, use the AWS WAFV2 API 570// and see the AWS WAF Developer Guide 571// (https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html). With 572// the latest version, AWS WAF has a single set of endpoints for regional and 573// global use. The response from a GetSampledRequests request includes an 574// HTTPHeader complex type that appears as Headers in the response syntax. 575// HTTPHeader contains the names and values of all of the headers that appear in 576// one of the web requests that were returned by GetSampledRequests. 577type HTTPHeader struct { 578 579 // The name of one of the headers in the sampled web request. 580 Name *string 581 582 // The value of one of the headers in the sampled web request. 583 Value *string 584 585 noSmithyDocumentSerde 586} 587 588// This is AWS WAF Classic documentation. For more information, see AWS WAF Classic 589// (https://docs.aws.amazon.com/waf/latest/developerguide/classic-waf-chapter.html) 590// in the developer guide. For the latest version of AWS WAF, use the AWS WAFV2 API 591// and see the AWS WAF Developer Guide 592// (https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html). With 593// the latest version, AWS WAF has a single set of endpoints for regional and 594// global use. The response from a GetSampledRequests request includes an 595// HTTPRequest complex type that appears as Request in the response syntax. 596// HTTPRequest contains information about one of the web requests that were 597// returned by GetSampledRequests. 598type HTTPRequest struct { 599 600 // The IP address that the request originated from. If the WebACL is associated 601 // with a CloudFront distribution, this is the value of one of the following fields 602 // in CloudFront access logs: 603 // 604 // * c-ip, if the viewer did not use an HTTP proxy or a 605 // load balancer to send the request 606 // 607 // * x-forwarded-for, if the viewer did use an 608 // HTTP proxy or a load balancer to send the request 609 ClientIP *string 610 611 // The two-letter country code for the country that the request originated from. 612 // For a current list of country codes, see the Wikipedia entry ISO 3166-1 alpha-2 613 // (https://en.wikipedia.org/wiki/ISO_3166-1_alpha-2). 614 Country *string 615 616 // The HTTP version specified in the sampled web request, for example, HTTP/1.1. 617 HTTPVersion *string 618 619 // A complex type that contains two values for each header in the sampled web 620 // request: the name of the header and the value of the header. 621 Headers []HTTPHeader 622 623 // The HTTP method specified in the sampled web request. CloudFront supports the 624 // following methods: DELETE, GET, HEAD, OPTIONS, PATCH, POST, and PUT. 625 Method *string 626 627 // The part of a web request that identifies the resource, for example, 628 // /images/daily-ad.jpg. 629 URI *string 630 631 noSmithyDocumentSerde 632} 633 634// This is AWS WAF Classic documentation. For more information, see AWS WAF Classic 635// (https://docs.aws.amazon.com/waf/latest/developerguide/classic-waf-chapter.html) 636// in the developer guide. For the latest version of AWS WAF, use the AWS WAFV2 API 637// and see the AWS WAF Developer Guide 638// (https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html). With 639// the latest version, AWS WAF has a single set of endpoints for regional and 640// global use. Contains one or more IP addresses or blocks of IP addresses 641// specified in Classless Inter-Domain Routing (CIDR) notation. AWS WAF supports 642// IPv4 address ranges: /8 and any range between /16 through /32. AWS WAF supports 643// IPv6 address ranges: /24, /32, /48, /56, /64, and /128. To specify an individual 644// IP address, you specify the four-part IP address followed by a /32, for example, 645// 192.0.2.0/32. To block a range of IP addresses, you can specify /8 or any range 646// between /16 through /32 (for IPv4) or /24, /32, /48, /56, /64, or /128 (for 647// IPv6). For more information about CIDR notation, see the Wikipedia entry 648// Classless Inter-Domain Routing 649// (https://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing). 650type IPSet struct { 651 652 // The IP address type (IPV4 or IPV6) and the IP address range (in CIDR notation) 653 // that web requests originate from. If the WebACL is associated with a CloudFront 654 // distribution and the viewer did not use an HTTP proxy or a load balancer to send 655 // the request, this is the value of the c-ip field in the CloudFront access logs. 656 // 657 // This member is required. 658 IPSetDescriptors []IPSetDescriptor 659 660 // The IPSetId for an IPSet. You use IPSetId to get information about an IPSet (see 661 // GetIPSet), update an IPSet (see UpdateIPSet), insert an IPSet into a Rule or 662 // delete one from a Rule (see UpdateRule), and delete an IPSet from AWS WAF (see 663 // DeleteIPSet). IPSetId is returned by CreateIPSet and by ListIPSets. 664 // 665 // This member is required. 666 IPSetId *string 667 668 // A friendly name or description of the IPSet. You can't change the name of an 669 // IPSet after you create it. 670 Name *string 671 672 noSmithyDocumentSerde 673} 674 675// This is AWS WAF Classic documentation. For more information, see AWS WAF Classic 676// (https://docs.aws.amazon.com/waf/latest/developerguide/classic-waf-chapter.html) 677// in the developer guide. For the latest version of AWS WAF, use the AWS WAFV2 API 678// and see the AWS WAF Developer Guide 679// (https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html). With 680// the latest version, AWS WAF has a single set of endpoints for regional and 681// global use. Specifies the IP address type (IPV4 or IPV6) and the IP address 682// range (in CIDR format) that web requests originate from. 683type IPSetDescriptor struct { 684 685 // Specify IPV4 or IPV6. 686 // 687 // This member is required. 688 Type IPSetDescriptorType 689 690 // Specify an IPv4 address by using CIDR notation. For example: 691 // 692 // * To configure AWS 693 // WAF to allow, block, or count requests that originated from the IP address 694 // 192.0.2.44, specify 192.0.2.44/32. 695 // 696 // * To configure AWS WAF to allow, block, or 697 // count requests that originated from IP addresses from 192.0.2.0 to 192.0.2.255, 698 // specify 192.0.2.0/24. 699 // 700 // For more information about CIDR notation, see the 701 // Wikipedia entry Classless Inter-Domain Routing 702 // (https://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing). Specify an IPv6 703 // address by using CIDR notation. For example: 704 // 705 // * To configure AWS WAF to allow, 706 // block, or count requests that originated from the IP address 707 // 1111:0000:0000:0000:0000:0000:0000:0111, specify 708 // 1111:0000:0000:0000:0000:0000:0000:0111/128. 709 // 710 // * To configure AWS WAF to allow, 711 // block, or count requests that originated from IP addresses 712 // 1111:0000:0000:0000:0000:0000:0000:0000 to 713 // 1111:0000:0000:0000:ffff:ffff:ffff:ffff, specify 714 // 1111:0000:0000:0000:0000:0000:0000:0000/64. 715 // 716 // This member is required. 717 Value *string 718 719 noSmithyDocumentSerde 720} 721 722// This is AWS WAF Classic documentation. For more information, see AWS WAF Classic 723// (https://docs.aws.amazon.com/waf/latest/developerguide/classic-waf-chapter.html) 724// in the developer guide. For the latest version of AWS WAF, use the AWS WAFV2 API 725// and see the AWS WAF Developer Guide 726// (https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html). With 727// the latest version, AWS WAF has a single set of endpoints for regional and 728// global use. Contains the identifier and the name of the IPSet. 729type IPSetSummary struct { 730 731 // The IPSetId for an IPSet. You can use IPSetId in a GetIPSet request to get 732 // detailed information about an IPSet. 733 // 734 // This member is required. 735 IPSetId *string 736 737 // A friendly name or description of the IPSet. You can't change the name of an 738 // IPSet after you create it. 739 // 740 // This member is required. 741 Name *string 742 743 noSmithyDocumentSerde 744} 745 746// This is AWS WAF Classic documentation. For more information, see AWS WAF Classic 747// (https://docs.aws.amazon.com/waf/latest/developerguide/classic-waf-chapter.html) 748// in the developer guide. For the latest version of AWS WAF, use the AWS WAFV2 API 749// and see the AWS WAF Developer Guide 750// (https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html). With 751// the latest version, AWS WAF has a single set of endpoints for regional and 752// global use. Specifies the type of update to perform to an IPSet with 753// UpdateIPSet. 754type IPSetUpdate struct { 755 756 // Specifies whether to insert or delete an IP address with UpdateIPSet. 757 // 758 // This member is required. 759 Action ChangeAction 760 761 // The IP address type (IPV4 or IPV6) and the IP address range (in CIDR notation) 762 // that web requests originate from. 763 // 764 // This member is required. 765 IPSetDescriptor *IPSetDescriptor 766 767 noSmithyDocumentSerde 768} 769 770// This is AWS WAF Classic documentation. For more information, see AWS WAF Classic 771// (https://docs.aws.amazon.com/waf/latest/developerguide/classic-waf-chapter.html) 772// in the developer guide. For the latest version of AWS WAF, use the AWS WAFV2 API 773// and see the AWS WAF Developer Guide 774// (https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html). With 775// the latest version, AWS WAF has a single set of endpoints for regional and 776// global use. The Amazon Kinesis Data Firehose, RedactedFields information, and 777// the web ACL Amazon Resource Name (ARN). 778type LoggingConfiguration struct { 779 780 // An array of Amazon Kinesis Data Firehose ARNs. 781 // 782 // This member is required. 783 LogDestinationConfigs []string 784 785 // The Amazon Resource Name (ARN) of the web ACL that you want to associate with 786 // LogDestinationConfigs. 787 // 788 // This member is required. 789 ResourceArn *string 790 791 // The parts of the request that you want redacted from the logs. For example, if 792 // you redact the cookie field, the cookie field in the firehose will be xxx. 793 RedactedFields []FieldToMatch 794 795 noSmithyDocumentSerde 796} 797 798// This is AWS WAF Classic documentation. For more information, see AWS WAF Classic 799// (https://docs.aws.amazon.com/waf/latest/developerguide/classic-waf-chapter.html) 800// in the developer guide. For the latest version of AWS WAF, use the AWS WAFV2 API 801// and see the AWS WAF Developer Guide 802// (https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html). With 803// the latest version, AWS WAF has a single set of endpoints for regional and 804// global use. Specifies the ByteMatchSet, IPSet, SqlInjectionMatchSet, 805// XssMatchSet, RegexMatchSet, GeoMatchSet, and SizeConstraintSet objects that you 806// want to add to a Rule and, for each object, indicates whether you want to negate 807// the settings, for example, requests that do NOT originate from the IP address 808// 192.0.2.44. 809type Predicate struct { 810 811 // A unique identifier for a predicate in a Rule, such as ByteMatchSetId or 812 // IPSetId. The ID is returned by the corresponding Create or List command. 813 // 814 // This member is required. 815 DataId *string 816 817 // Set Negated to False if you want AWS WAF to allow, block, or count requests 818 // based on the settings in the specified ByteMatchSet, IPSet, 819 // SqlInjectionMatchSet, XssMatchSet, RegexMatchSet, GeoMatchSet, or 820 // SizeConstraintSet. For example, if an IPSet includes the IP address 192.0.2.44, 821 // AWS WAF will allow or block requests based on that IP address. Set Negated to 822 // True if you want AWS WAF to allow or block a request based on the negation of 823 // the settings in the ByteMatchSet, IPSet, SqlInjectionMatchSet, XssMatchSet, 824 // RegexMatchSet, GeoMatchSet, or SizeConstraintSet. For example, if an IPSet 825 // includes the IP address 192.0.2.44, AWS WAF will allow, block, or count requests 826 // based on all IP addresses except 192.0.2.44. 827 // 828 // This member is required. 829 Negated *bool 830 831 // The type of predicate in a Rule, such as ByteMatch or IPSet. 832 // 833 // This member is required. 834 Type PredicateType 835 836 noSmithyDocumentSerde 837} 838 839// This is AWS WAF Classic documentation. For more information, see AWS WAF Classic 840// (https://docs.aws.amazon.com/waf/latest/developerguide/classic-waf-chapter.html) 841// in the developer guide. For the latest version of AWS WAF, use the AWS WAFV2 API 842// and see the AWS WAF Developer Guide 843// (https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html). With 844// the latest version, AWS WAF has a single set of endpoints for regional and 845// global use. A RateBasedRule is identical to a regular Rule, with one addition: a 846// RateBasedRule counts the number of requests that arrive from a specified IP 847// address every five minutes. For example, based on recent requests that you've 848// seen from an attacker, you might create a RateBasedRule that includes the 849// following conditions: 850// 851// * The requests come from 192.0.2.44. 852// 853// * They contain the 854// value BadBot in the User-Agent header. 855// 856// In the rule, you also define the rate 857// limit as 1,000. Requests that meet both of these conditions and exceed 1,000 858// requests every five minutes trigger the rule's action (block or count), which is 859// defined in the web ACL. 860type RateBasedRule struct { 861 862 // The Predicates object contains one Predicate element for each ByteMatchSet, 863 // IPSet, or SqlInjectionMatchSet object that you want to include in a 864 // RateBasedRule. 865 // 866 // This member is required. 867 MatchPredicates []Predicate 868 869 // The field that AWS WAF uses to determine if requests are likely arriving from 870 // single source and thus subject to rate monitoring. The only valid value for 871 // RateKey is IP. IP indicates that requests arriving from the same IP address are 872 // subject to the RateLimit that is specified in the RateBasedRule. 873 // 874 // This member is required. 875 RateKey RateKey 876 877 // The maximum number of requests, which have an identical value in the field 878 // specified by the RateKey, allowed in a five-minute period. If the number of 879 // requests exceeds the RateLimit and the other predicates specified in the rule 880 // are also met, AWS WAF triggers the action that is specified for this rule. 881 // 882 // This member is required. 883 RateLimit int64 884 885 // A unique identifier for a RateBasedRule. You use RuleId to get more information 886 // about a RateBasedRule (see GetRateBasedRule), update a RateBasedRule (see 887 // UpdateRateBasedRule), insert a RateBasedRule into a WebACL or delete one from a 888 // WebACL (see UpdateWebACL), or delete a RateBasedRule from AWS WAF (see 889 // DeleteRateBasedRule). 890 // 891 // This member is required. 892 RuleId *string 893 894 // A friendly name or description for the metrics for a RateBasedRule. The name can 895 // contain only alphanumeric characters (A-Z, a-z, 0-9), with maximum length 128 896 // and minimum length one. It can't contain whitespace or metric names reserved for 897 // AWS WAF, including "All" and "Default_Action." You can't change the name of the 898 // metric after you create the RateBasedRule. 899 MetricName *string 900 901 // A friendly name or description for a RateBasedRule. You can't change the name of 902 // a RateBasedRule after you create it. 903 Name *string 904 905 noSmithyDocumentSerde 906} 907 908// This is AWS WAF Classic documentation. For more information, see AWS WAF Classic 909// (https://docs.aws.amazon.com/waf/latest/developerguide/classic-waf-chapter.html) 910// in the developer guide. For the latest version of AWS WAF, use the AWS WAFV2 API 911// and see the AWS WAF Developer Guide 912// (https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html). With 913// the latest version, AWS WAF has a single set of endpoints for regional and 914// global use. In a GetRegexMatchSet request, RegexMatchSet is a complex type that 915// contains the RegexMatchSetId and Name of a RegexMatchSet, and the values that 916// you specified when you updated the RegexMatchSet. The values are contained in a 917// RegexMatchTuple object, which specify the parts of web requests that you want 918// AWS WAF to inspect and the values that you want AWS WAF to search for. If a 919// RegexMatchSet contains more than one RegexMatchTuple object, a request needs to 920// match the settings in only one ByteMatchTuple to be considered a match. 921type RegexMatchSet struct { 922 923 // A friendly name or description of the RegexMatchSet. You can't change Name after 924 // you create a RegexMatchSet. 925 Name *string 926 927 // The RegexMatchSetId for a RegexMatchSet. You use RegexMatchSetId to get 928 // information about a RegexMatchSet (see GetRegexMatchSet), update a RegexMatchSet 929 // (see UpdateRegexMatchSet), insert a RegexMatchSet into a Rule or delete one from 930 // a Rule (see UpdateRule), and delete a RegexMatchSet from AWS WAF (see 931 // DeleteRegexMatchSet). RegexMatchSetId is returned by CreateRegexMatchSet and by 932 // ListRegexMatchSets. 933 RegexMatchSetId *string 934 935 // Contains an array of RegexMatchTuple objects. Each RegexMatchTuple object 936 // contains: 937 // 938 // * The part of a web request that you want AWS WAF to inspect, such as 939 // a query string or the value of the User-Agent header. 940 // 941 // * The identifier of the 942 // pattern (a regular expression) that you want AWS WAF to look for. For more 943 // information, see RegexPatternSet. 944 // 945 // * Whether to perform any conversions on the 946 // request, such as converting it to lowercase, before inspecting it for the 947 // specified string. 948 RegexMatchTuples []RegexMatchTuple 949 950 noSmithyDocumentSerde 951} 952 953// This is AWS WAF Classic documentation. For more information, see AWS WAF Classic 954// (https://docs.aws.amazon.com/waf/latest/developerguide/classic-waf-chapter.html) 955// in the developer guide. For the latest version of AWS WAF, use the AWS WAFV2 API 956// and see the AWS WAF Developer Guide 957// (https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html). With 958// the latest version, AWS WAF has a single set of endpoints for regional and 959// global use. Returned by ListRegexMatchSets. Each RegexMatchSetSummary object 960// includes the Name and RegexMatchSetId for one RegexMatchSet. 961type RegexMatchSetSummary struct { 962 963 // A friendly name or description of the RegexMatchSet. You can't change Name after 964 // you create a RegexMatchSet. 965 // 966 // This member is required. 967 Name *string 968 969 // The RegexMatchSetId for a RegexMatchSet. You use RegexMatchSetId to get 970 // information about a RegexMatchSet, update a RegexMatchSet, remove a 971 // RegexMatchSet from a Rule, and delete a RegexMatchSet from AWS WAF. 972 // RegexMatchSetId is returned by CreateRegexMatchSet and by ListRegexMatchSets. 973 // 974 // This member is required. 975 RegexMatchSetId *string 976 977 noSmithyDocumentSerde 978} 979 980// This is AWS WAF Classic documentation. For more information, see AWS WAF Classic 981// (https://docs.aws.amazon.com/waf/latest/developerguide/classic-waf-chapter.html) 982// in the developer guide. For the latest version of AWS WAF, use the AWS WAFV2 API 983// and see the AWS WAF Developer Guide 984// (https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html). With 985// the latest version, AWS WAF has a single set of endpoints for regional and 986// global use. In an UpdateRegexMatchSet request, RegexMatchSetUpdate specifies 987// whether to insert or delete a RegexMatchTuple and includes the settings for the 988// RegexMatchTuple. 989type RegexMatchSetUpdate struct { 990 991 // Specifies whether to insert or delete a RegexMatchTuple. 992 // 993 // This member is required. 994 Action ChangeAction 995 996 // Information about the part of a web request that you want AWS WAF to inspect and 997 // the identifier of the regular expression (regex) pattern that you want AWS WAF 998 // to search for. If you specify DELETE for the value of Action, the 999 // RegexMatchTuple values must exactly match the values in the RegexMatchTuple that 1000 // you want to delete from the RegexMatchSet. 1001 // 1002 // This member is required. 1003 RegexMatchTuple *RegexMatchTuple 1004 1005 noSmithyDocumentSerde 1006} 1007 1008// This is AWS WAF Classic documentation. For more information, see AWS WAF Classic 1009// (https://docs.aws.amazon.com/waf/latest/developerguide/classic-waf-chapter.html) 1010// in the developer guide. For the latest version of AWS WAF, use the AWS WAFV2 API 1011// and see the AWS WAF Developer Guide 1012// (https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html). With 1013// the latest version, AWS WAF has a single set of endpoints for regional and 1014// global use. The regular expression pattern that you want AWS WAF to search for 1015// in web requests, the location in requests that you want AWS WAF to search, and 1016// other settings. Each RegexMatchTuple object contains: 1017// 1018// * The part of a web 1019// request that you want AWS WAF to inspect, such as a query string or the value of 1020// the User-Agent header. 1021// 1022// * The identifier of the pattern (a regular expression) 1023// that you want AWS WAF to look for. For more information, see RegexPatternSet. 1024// 1025// * 1026// Whether to perform any conversions on the request, such as converting it to 1027// lowercase, before inspecting it for the specified string. 1028type RegexMatchTuple struct { 1029 1030 // Specifies where in a web request to look for the RegexPatternSet. 1031 // 1032 // This member is required. 1033 FieldToMatch *FieldToMatch 1034 1035 // The RegexPatternSetId for a RegexPatternSet. You use RegexPatternSetId to get 1036 // information about a RegexPatternSet (see GetRegexPatternSet), update a 1037 // RegexPatternSet (see UpdateRegexPatternSet), insert a RegexPatternSet into a 1038 // RegexMatchSet or delete one from a RegexMatchSet (see UpdateRegexMatchSet), and 1039 // delete an RegexPatternSet from AWS WAF (see DeleteRegexPatternSet). 1040 // RegexPatternSetId is returned by CreateRegexPatternSet and by 1041 // ListRegexPatternSets. 1042 // 1043 // This member is required. 1044 RegexPatternSetId *string 1045 1046 // Text transformations eliminate some of the unusual formatting that attackers use 1047 // in web requests in an effort to bypass AWS WAF. If you specify a transformation, 1048 // AWS WAF performs the transformation on RegexPatternSet before inspecting a 1049 // request for a match. You can only specify a single type of TextTransformation. 1050 // CMD_LINE When you're concerned that attackers are injecting an operating system 1051 // commandline command and using unusual formatting to disguise some or all of the 1052 // command, use this option to perform the following transformations: 1053 // 1054 // * Delete the 1055 // following characters: \ " ' ^ 1056 // 1057 // * Delete spaces before the following characters: 1058 // / ( 1059 // 1060 // * Replace the following characters with a space: , ; 1061 // 1062 // * Replace multiple 1063 // spaces with one space 1064 // 1065 // * Convert uppercase letters (A-Z) to lowercase 1066 // (a-z) 1067 // 1068 // COMPRESS_WHITE_SPACE Use this option to replace the following characters 1069 // with a space character (decimal 32): 1070 // 1071 // * \f, formfeed, decimal 12 1072 // 1073 // * \t, tab, 1074 // decimal 9 1075 // 1076 // * \n, newline, decimal 10 1077 // 1078 // * \r, carriage return, decimal 13 1079 // 1080 // * \v, 1081 // vertical tab, decimal 11 1082 // 1083 // * non-breaking space, decimal 1084 // 160 1085 // 1086 // COMPRESS_WHITE_SPACE also replaces multiple spaces with one space. 1087 // HTML_ENTITY_DECODE Use this option to replace HTML-encoded characters with 1088 // unencoded characters. HTML_ENTITY_DECODE performs the following operations: 1089 // 1090 // * 1091 // Replaces (ampersand)quot; with " 1092 // 1093 // * Replaces (ampersand)nbsp; with a 1094 // non-breaking space, decimal 160 1095 // 1096 // * Replaces (ampersand)lt; with a "less than" 1097 // symbol 1098 // 1099 // * Replaces (ampersand)gt; with > 1100 // 1101 // * Replaces characters that are 1102 // represented in hexadecimal format, (ampersand)#xhhhh;, with the corresponding 1103 // characters 1104 // 1105 // * Replaces characters that are represented in decimal format, 1106 // (ampersand)#nnnn;, with the corresponding characters 1107 // 1108 // LOWERCASE Use this option 1109 // to convert uppercase letters (A-Z) to lowercase (a-z). URL_DECODE Use this 1110 // option to decode a URL-encoded value. NONE Specify NONE if you don't want to 1111 // perform any text transformations. 1112 // 1113 // This member is required. 1114 TextTransformation TextTransformation 1115 1116 noSmithyDocumentSerde 1117} 1118 1119// This is AWS WAF Classic documentation. For more information, see AWS WAF Classic 1120// (https://docs.aws.amazon.com/waf/latest/developerguide/classic-waf-chapter.html) 1121// in the developer guide. For the latest version of AWS WAF, use the AWS WAFV2 API 1122// and see the AWS WAF Developer Guide 1123// (https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html). With 1124// the latest version, AWS WAF has a single set of endpoints for regional and 1125// global use. The RegexPatternSet specifies the regular expression (regex) pattern 1126// that you want AWS WAF to search for, such as B[a@]dB[o0]t. You can then 1127// configure AWS WAF to reject those requests. 1128type RegexPatternSet struct { 1129 1130 // The identifier for the RegexPatternSet. You use RegexPatternSetId to get 1131 // information about a RegexPatternSet, update a RegexPatternSet, remove a 1132 // RegexPatternSet from a RegexMatchSet, and delete a RegexPatternSet from AWS WAF. 1133 // RegexMatchSetId is returned by CreateRegexPatternSet and by 1134 // ListRegexPatternSets. 1135 // 1136 // This member is required. 1137 RegexPatternSetId *string 1138 1139 // Specifies the regular expression (regex) patterns that you want AWS WAF to 1140 // search for, such as B[a@]dB[o0]t. 1141 // 1142 // This member is required. 1143 RegexPatternStrings []string 1144 1145 // A friendly name or description of the RegexPatternSet. You can't change Name 1146 // after you create a RegexPatternSet. 1147 Name *string 1148 1149 noSmithyDocumentSerde 1150} 1151 1152// This is AWS WAF Classic documentation. For more information, see AWS WAF Classic 1153// (https://docs.aws.amazon.com/waf/latest/developerguide/classic-waf-chapter.html) 1154// in the developer guide. For the latest version of AWS WAF, use the AWS WAFV2 API 1155// and see the AWS WAF Developer Guide 1156// (https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html). With 1157// the latest version, AWS WAF has a single set of endpoints for regional and 1158// global use. Returned by ListRegexPatternSets. Each RegexPatternSetSummary object 1159// includes the Name and RegexPatternSetId for one RegexPatternSet. 1160type RegexPatternSetSummary struct { 1161 1162 // A friendly name or description of the RegexPatternSet. You can't change Name 1163 // after you create a RegexPatternSet. 1164 // 1165 // This member is required. 1166 Name *string 1167 1168 // The RegexPatternSetId for a RegexPatternSet. You use RegexPatternSetId to get 1169 // information about a RegexPatternSet, update a RegexPatternSet, remove a 1170 // RegexPatternSet from a RegexMatchSet, and delete a RegexPatternSet from AWS WAF. 1171 // RegexPatternSetId is returned by CreateRegexPatternSet and by 1172 // ListRegexPatternSets. 1173 // 1174 // This member is required. 1175 RegexPatternSetId *string 1176 1177 noSmithyDocumentSerde 1178} 1179 1180// This is AWS WAF Classic documentation. For more information, see AWS WAF Classic 1181// (https://docs.aws.amazon.com/waf/latest/developerguide/classic-waf-chapter.html) 1182// in the developer guide. For the latest version of AWS WAF, use the AWS WAFV2 API 1183// and see the AWS WAF Developer Guide 1184// (https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html). With 1185// the latest version, AWS WAF has a single set of endpoints for regional and 1186// global use. In an UpdateRegexPatternSet request, RegexPatternSetUpdate specifies 1187// whether to insert or delete a RegexPatternString and includes the settings for 1188// the RegexPatternString. 1189type RegexPatternSetUpdate struct { 1190 1191 // Specifies whether to insert or delete a RegexPatternString. 1192 // 1193 // This member is required. 1194 Action ChangeAction 1195 1196 // Specifies the regular expression (regex) pattern that you want AWS WAF to search 1197 // for, such as B[a@]dB[o0]t. 1198 // 1199 // This member is required. 1200 RegexPatternString *string 1201 1202 noSmithyDocumentSerde 1203} 1204 1205// This is AWS WAF Classic documentation. For more information, see AWS WAF Classic 1206// (https://docs.aws.amazon.com/waf/latest/developerguide/classic-waf-chapter.html) 1207// in the developer guide. For the latest version of AWS WAF, use the AWS WAFV2 API 1208// and see the AWS WAF Developer Guide 1209// (https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html). With 1210// the latest version, AWS WAF has a single set of endpoints for regional and 1211// global use. A combination of ByteMatchSet, IPSet, and/or SqlInjectionMatchSet 1212// objects that identify the web requests that you want to allow, block, or count. 1213// For example, you might create a Rule that includes the following predicates: 1214// 1215// * 1216// An IPSet that causes AWS WAF to search for web requests that originate from the 1217// IP address 192.0.2.44 1218// 1219// * A ByteMatchSet that causes AWS WAF to search for web 1220// requests for which the value of the User-Agent header is BadBot. 1221// 1222// To match the 1223// settings in this Rule, a request must originate from 192.0.2.44 AND include a 1224// User-Agent header for which the value is BadBot. 1225type Rule struct { 1226 1227 // The Predicates object contains one Predicate element for each ByteMatchSet, 1228 // IPSet, or SqlInjectionMatchSet object that you want to include in a Rule. 1229 // 1230 // This member is required. 1231 Predicates []Predicate 1232 1233 // A unique identifier for a Rule. You use RuleId to get more information about a 1234 // Rule (see GetRule), update a Rule (see UpdateRule), insert a Rule into a WebACL 1235 // or delete a one from a WebACL (see UpdateWebACL), or delete a Rule from AWS WAF 1236 // (see DeleteRule). RuleId is returned by CreateRule and by ListRules. 1237 // 1238 // This member is required. 1239 RuleId *string 1240 1241 // A friendly name or description for the metrics for this Rule. The name can 1242 // contain only alphanumeric characters (A-Z, a-z, 0-9), with maximum length 128 1243 // and minimum length one. It can't contain whitespace or metric names reserved for 1244 // AWS WAF, including "All" and "Default_Action." You can't change MetricName after 1245 // you create the Rule. 1246 MetricName *string 1247 1248 // The friendly name or description for the Rule. You can't change the name of a 1249 // Rule after you create it. 1250 Name *string 1251 1252 noSmithyDocumentSerde 1253} 1254 1255// This is AWS WAF Classic documentation. For more information, see AWS WAF Classic 1256// (https://docs.aws.amazon.com/waf/latest/developerguide/classic-waf-chapter.html) 1257// in the developer guide. For the latest version of AWS WAF, use the AWS WAFV2 API 1258// and see the AWS WAF Developer Guide 1259// (https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html). With 1260// the latest version, AWS WAF has a single set of endpoints for regional and 1261// global use. A collection of predefined rules that you can add to a web ACL. Rule 1262// groups are subject to the following limits: 1263// 1264// * Three rule groups per account. 1265// You can request an increase to this limit by contacting customer support. 1266// 1267// * One 1268// rule group per web ACL. 1269// 1270// * Ten rules per rule group. 1271type RuleGroup struct { 1272 1273 // A unique identifier for a RuleGroup. You use RuleGroupId to get more information 1274 // about a RuleGroup (see GetRuleGroup), update a RuleGroup (see UpdateRuleGroup), 1275 // insert a RuleGroup into a WebACL or delete a one from a WebACL (see 1276 // UpdateWebACL), or delete a RuleGroup from AWS WAF (see DeleteRuleGroup). 1277 // RuleGroupId is returned by CreateRuleGroup and by ListRuleGroups. 1278 // 1279 // This member is required. 1280 RuleGroupId *string 1281 1282 // A friendly name or description for the metrics for this RuleGroup. The name can 1283 // contain only alphanumeric characters (A-Z, a-z, 0-9), with maximum length 128 1284 // and minimum length one. It can't contain whitespace or metric names reserved for 1285 // AWS WAF, including "All" and "Default_Action." You can't change the name of the 1286 // metric after you create the RuleGroup. 1287 MetricName *string 1288 1289 // The friendly name or description for the RuleGroup. You can't change the name of 1290 // a RuleGroup after you create it. 1291 Name *string 1292 1293 noSmithyDocumentSerde 1294} 1295 1296// This is AWS WAF Classic documentation. For more information, see AWS WAF Classic 1297// (https://docs.aws.amazon.com/waf/latest/developerguide/classic-waf-chapter.html) 1298// in the developer guide. For the latest version of AWS WAF, use the AWS WAFV2 API 1299// and see the AWS WAF Developer Guide 1300// (https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html). With 1301// the latest version, AWS WAF has a single set of endpoints for regional and 1302// global use. Contains the identifier and the friendly name or description of the 1303// RuleGroup. 1304type RuleGroupSummary struct { 1305 1306 // A friendly name or description of the RuleGroup. You can't change the name of a 1307 // RuleGroup after you create it. 1308 // 1309 // This member is required. 1310 Name *string 1311 1312 // A unique identifier for a RuleGroup. You use RuleGroupId to get more information 1313 // about a RuleGroup (see GetRuleGroup), update a RuleGroup (see UpdateRuleGroup), 1314 // insert a RuleGroup into a WebACL or delete one from a WebACL (see UpdateWebACL), 1315 // or delete a RuleGroup from AWS WAF (see DeleteRuleGroup). RuleGroupId is 1316 // returned by CreateRuleGroup and by ListRuleGroups. 1317 // 1318 // This member is required. 1319 RuleGroupId *string 1320 1321 noSmithyDocumentSerde 1322} 1323 1324// This is AWS WAF Classic documentation. For more information, see AWS WAF Classic 1325// (https://docs.aws.amazon.com/waf/latest/developerguide/classic-waf-chapter.html) 1326// in the developer guide. For the latest version of AWS WAF, use the AWS WAFV2 API 1327// and see the AWS WAF Developer Guide 1328// (https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html). With 1329// the latest version, AWS WAF has a single set of endpoints for regional and 1330// global use. Specifies an ActivatedRule and indicates whether you want to add it 1331// to a RuleGroup or delete it from a RuleGroup. 1332type RuleGroupUpdate struct { 1333 1334 // Specify INSERT to add an ActivatedRule to a RuleGroup. Use DELETE to remove an 1335 // ActivatedRule from a RuleGroup. 1336 // 1337 // This member is required. 1338 Action ChangeAction 1339 1340 // The ActivatedRule object specifies a Rule that you want to insert or delete, the 1341 // priority of the Rule in the WebACL, and the action that you want AWS WAF to take 1342 // when a web request matches the Rule (ALLOW, BLOCK, or COUNT). 1343 // 1344 // This member is required. 1345 ActivatedRule *ActivatedRule 1346 1347 noSmithyDocumentSerde 1348} 1349 1350// This is AWS WAF Classic documentation. For more information, see AWS WAF Classic 1351// (https://docs.aws.amazon.com/waf/latest/developerguide/classic-waf-chapter.html) 1352// in the developer guide. For the latest version of AWS WAF, use the AWS WAFV2 API 1353// and see the AWS WAF Developer Guide 1354// (https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html). With 1355// the latest version, AWS WAF has a single set of endpoints for regional and 1356// global use. Contains the identifier and the friendly name or description of the 1357// Rule. 1358type RuleSummary struct { 1359 1360 // A friendly name or description of the Rule. You can't change the name of a Rule 1361 // after you create it. 1362 // 1363 // This member is required. 1364 Name *string 1365 1366 // A unique identifier for a Rule. You use RuleId to get more information about a 1367 // Rule (see GetRule), update a Rule (see UpdateRule), insert a Rule into a WebACL 1368 // or delete one from a WebACL (see UpdateWebACL), or delete a Rule from AWS WAF 1369 // (see DeleteRule). RuleId is returned by CreateRule and by ListRules. 1370 // 1371 // This member is required. 1372 RuleId *string 1373 1374 noSmithyDocumentSerde 1375} 1376 1377// This is AWS WAF Classic documentation. For more information, see AWS WAF Classic 1378// (https://docs.aws.amazon.com/waf/latest/developerguide/classic-waf-chapter.html) 1379// in the developer guide. For the latest version of AWS WAF, use the AWS WAFV2 API 1380// and see the AWS WAF Developer Guide 1381// (https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html). With 1382// the latest version, AWS WAF has a single set of endpoints for regional and 1383// global use. Specifies a Predicate (such as an IPSet) and indicates whether you 1384// want to add it to a Rule or delete it from a Rule. 1385type RuleUpdate struct { 1386 1387 // Specify INSERT to add a Predicate to a Rule. Use DELETE to remove a Predicate 1388 // from a Rule. 1389 // 1390 // This member is required. 1391 Action ChangeAction 1392 1393 // The ID of the Predicate (such as an IPSet) that you want to add to a Rule. 1394 // 1395 // This member is required. 1396 Predicate *Predicate 1397 1398 noSmithyDocumentSerde 1399} 1400 1401// This is AWS WAF Classic documentation. For more information, see AWS WAF Classic 1402// (https://docs.aws.amazon.com/waf/latest/developerguide/classic-waf-chapter.html) 1403// in the developer guide. For the latest version of AWS WAF, use the AWS WAFV2 API 1404// and see the AWS WAF Developer Guide 1405// (https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html). With 1406// the latest version, AWS WAF has a single set of endpoints for regional and 1407// global use. The response from a GetSampledRequests request includes a 1408// SampledHTTPRequests complex type that appears as SampledRequests in the response 1409// syntax. SampledHTTPRequests contains one SampledHTTPRequest object for each web 1410// request that is returned by GetSampledRequests. 1411type SampledHTTPRequest struct { 1412 1413 // A complex type that contains detailed information about the request. 1414 // 1415 // This member is required. 1416 Request *HTTPRequest 1417 1418 // A value that indicates how one result in the response relates proportionally to 1419 // other results in the response. A result that has a weight of 2 represents 1420 // roughly twice as many CloudFront web requests as a result that has a weight of 1421 // 1. 1422 // 1423 // This member is required. 1424 Weight int64 1425 1426 // The action for the Rule that the request matched: ALLOW, BLOCK, or COUNT. 1427 Action *string 1428 1429 // This value is returned if the GetSampledRequests request specifies the ID of a 1430 // RuleGroup rather than the ID of an individual rule. RuleWithinRuleGroup is the 1431 // rule within the specified RuleGroup that matched the request listed in the 1432 // response. 1433 RuleWithinRuleGroup *string 1434 1435 // The time at which AWS WAF received the request from your AWS resource, in Unix 1436 // time format (in seconds). 1437 Timestamp *time.Time 1438 1439 noSmithyDocumentSerde 1440} 1441 1442// This is AWS WAF Classic documentation. For more information, see AWS WAF Classic 1443// (https://docs.aws.amazon.com/waf/latest/developerguide/classic-waf-chapter.html) 1444// in the developer guide. For the latest version of AWS WAF, use the AWS WAFV2 API 1445// and see the AWS WAF Developer Guide 1446// (https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html). With 1447// the latest version, AWS WAF has a single set of endpoints for regional and 1448// global use. Specifies a constraint on the size of a part of the web request. AWS 1449// WAF uses the Size, ComparisonOperator, and FieldToMatch to build an expression 1450// in the form of "SizeComparisonOperator size in bytes of FieldToMatch". If that 1451// expression is true, the SizeConstraint is considered to match. 1452type SizeConstraint struct { 1453 1454 // The type of comparison you want AWS WAF to perform. AWS WAF uses this in 1455 // combination with the provided Size and FieldToMatch to build an expression in 1456 // the form of "SizeComparisonOperator size in bytes of FieldToMatch". If that 1457 // expression is true, the SizeConstraint is considered to match. EQ: Used to test 1458 // if the Size is equal to the size of the FieldToMatch NE: Used to test if the 1459 // Size is not equal to the size of the FieldToMatch LE: Used to test if the Size 1460 // is less than or equal to the size of the FieldToMatch LT: Used to test if the 1461 // Size is strictly less than the size of the FieldToMatch GE: Used to test if the 1462 // Size is greater than or equal to the size of the FieldToMatch GT: Used to test 1463 // if the Size is strictly greater than the size of the FieldToMatch 1464 // 1465 // This member is required. 1466 ComparisonOperator ComparisonOperator 1467 1468 // Specifies where in a web request to look for the size constraint. 1469 // 1470 // This member is required. 1471 FieldToMatch *FieldToMatch 1472 1473 // The size in bytes that you want AWS WAF to compare against the size of the 1474 // specified FieldToMatch. AWS WAF uses this in combination with ComparisonOperator 1475 // and FieldToMatch to build an expression in the form of "SizeComparisonOperator 1476 // size in bytes of FieldToMatch". If that expression is true, the SizeConstraint 1477 // is considered to match. Valid values for size are 0 - 21474836480 bytes (0 - 20 1478 // GB). If you specify URI for the value of Type, the / in the URI counts as one 1479 // character. For example, the URI /logo.jpg is nine characters long. 1480 // 1481 // This member is required. 1482 Size int64 1483 1484 // Text transformations eliminate some of the unusual formatting that attackers use 1485 // in web requests in an effort to bypass AWS WAF. If you specify a transformation, 1486 // AWS WAF performs the transformation on FieldToMatch before inspecting it for a 1487 // match. You can only specify a single type of TextTransformation. Note that if 1488 // you choose BODY for the value of Type, you must choose NONE for 1489 // TextTransformation because CloudFront forwards only the first 8192 bytes for 1490 // inspection. NONE Specify NONE if you don't want to perform any text 1491 // transformations. CMD_LINE When you're concerned that attackers are injecting an 1492 // operating system command line command and using unusual formatting to disguise 1493 // some or all of the command, use this option to perform the following 1494 // transformations: 1495 // 1496 // * Delete the following characters: \ " ' ^ 1497 // 1498 // * Delete spaces 1499 // before the following characters: / ( 1500 // 1501 // * Replace the following characters with a 1502 // space: , ; 1503 // 1504 // * Replace multiple spaces with one space 1505 // 1506 // * Convert uppercase 1507 // letters (A-Z) to lowercase (a-z) 1508 // 1509 // COMPRESS_WHITE_SPACE Use this option to 1510 // replace the following characters with a space character (decimal 32): 1511 // 1512 // * \f, 1513 // formfeed, decimal 12 1514 // 1515 // * \t, tab, decimal 9 1516 // 1517 // * \n, newline, decimal 10 1518 // 1519 // * \r, 1520 // carriage return, decimal 13 1521 // 1522 // * \v, vertical tab, decimal 11 1523 // 1524 // * non-breaking 1525 // space, decimal 160 1526 // 1527 // COMPRESS_WHITE_SPACE also replaces multiple spaces with one 1528 // space. HTML_ENTITY_DECODE Use this option to replace HTML-encoded characters 1529 // with unencoded characters. HTML_ENTITY_DECODE performs the following 1530 // operations: 1531 // 1532 // * Replaces (ampersand)quot; with " 1533 // 1534 // * Replaces (ampersand)nbsp; 1535 // with a non-breaking space, decimal 160 1536 // 1537 // * Replaces (ampersand)lt; with a "less 1538 // than" symbol 1539 // 1540 // * Replaces (ampersand)gt; with > 1541 // 1542 // * Replaces characters that are 1543 // represented in hexadecimal format, (ampersand)#xhhhh;, with the corresponding 1544 // characters 1545 // 1546 // * Replaces characters that are represented in decimal format, 1547 // (ampersand)#nnnn;, with the corresponding characters 1548 // 1549 // LOWERCASE Use this option 1550 // to convert uppercase letters (A-Z) to lowercase (a-z). URL_DECODE Use this 1551 // option to decode a URL-encoded value. 1552 // 1553 // This member is required. 1554 TextTransformation TextTransformation 1555 1556 noSmithyDocumentSerde 1557} 1558 1559// This is AWS WAF Classic documentation. For more information, see AWS WAF Classic 1560// (https://docs.aws.amazon.com/waf/latest/developerguide/classic-waf-chapter.html) 1561// in the developer guide. For the latest version of AWS WAF, use the AWS WAFV2 API 1562// and see the AWS WAF Developer Guide 1563// (https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html). With 1564// the latest version, AWS WAF has a single set of endpoints for regional and 1565// global use. A complex type that contains SizeConstraint objects, which specify 1566// the parts of web requests that you want AWS WAF to inspect the size of. If a 1567// SizeConstraintSet contains more than one SizeConstraint object, a request only 1568// needs to match one constraint to be considered a match. 1569type SizeConstraintSet struct { 1570 1571 // A unique identifier for a SizeConstraintSet. You use SizeConstraintSetId to get 1572 // information about a SizeConstraintSet (see GetSizeConstraintSet), update a 1573 // SizeConstraintSet (see UpdateSizeConstraintSet), insert a SizeConstraintSet into 1574 // a Rule or delete one from a Rule (see UpdateRule), and delete a 1575 // SizeConstraintSet from AWS WAF (see DeleteSizeConstraintSet). 1576 // SizeConstraintSetId is returned by CreateSizeConstraintSet and by 1577 // ListSizeConstraintSets. 1578 // 1579 // This member is required. 1580 SizeConstraintSetId *string 1581 1582 // Specifies the parts of web requests that you want to inspect the size of. 1583 // 1584 // This member is required. 1585 SizeConstraints []SizeConstraint 1586 1587 // The name, if any, of the SizeConstraintSet. 1588 Name *string 1589 1590 noSmithyDocumentSerde 1591} 1592 1593// This is AWS WAF Classic documentation. For more information, see AWS WAF Classic 1594// (https://docs.aws.amazon.com/waf/latest/developerguide/classic-waf-chapter.html) 1595// in the developer guide. For the latest version of AWS WAF, use the AWS WAFV2 API 1596// and see the AWS WAF Developer Guide 1597// (https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html). With 1598// the latest version, AWS WAF has a single set of endpoints for regional and 1599// global use. The Id and Name of a SizeConstraintSet. 1600type SizeConstraintSetSummary struct { 1601 1602 // The name of the SizeConstraintSet, if any. 1603 // 1604 // This member is required. 1605 Name *string 1606 1607 // A unique identifier for a SizeConstraintSet. You use SizeConstraintSetId to get 1608 // information about a SizeConstraintSet (see GetSizeConstraintSet), update a 1609 // SizeConstraintSet (see UpdateSizeConstraintSet), insert a SizeConstraintSet into 1610 // a Rule or delete one from a Rule (see UpdateRule), and delete a 1611 // SizeConstraintSet from AWS WAF (see DeleteSizeConstraintSet). 1612 // SizeConstraintSetId is returned by CreateSizeConstraintSet and by 1613 // ListSizeConstraintSets. 1614 // 1615 // This member is required. 1616 SizeConstraintSetId *string 1617 1618 noSmithyDocumentSerde 1619} 1620 1621// This is AWS WAF Classic documentation. For more information, see AWS WAF Classic 1622// (https://docs.aws.amazon.com/waf/latest/developerguide/classic-waf-chapter.html) 1623// in the developer guide. For the latest version of AWS WAF, use the AWS WAFV2 API 1624// and see the AWS WAF Developer Guide 1625// (https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html). With 1626// the latest version, AWS WAF has a single set of endpoints for regional and 1627// global use. Specifies the part of a web request that you want to inspect the 1628// size of and indicates whether you want to add the specification to a 1629// SizeConstraintSet or delete it from a SizeConstraintSet. 1630type SizeConstraintSetUpdate struct { 1631 1632 // Specify INSERT to add a SizeConstraintSetUpdate to a SizeConstraintSet. Use 1633 // DELETE to remove a SizeConstraintSetUpdate from a SizeConstraintSet. 1634 // 1635 // This member is required. 1636 Action ChangeAction 1637 1638 // Specifies a constraint on the size of a part of the web request. AWS WAF uses 1639 // the Size, ComparisonOperator, and FieldToMatch to build an expression in the 1640 // form of "SizeComparisonOperator size in bytes of FieldToMatch". If that 1641 // expression is true, the SizeConstraint is considered to match. 1642 // 1643 // This member is required. 1644 SizeConstraint *SizeConstraint 1645 1646 noSmithyDocumentSerde 1647} 1648 1649// This is AWS WAF Classic documentation. For more information, see AWS WAF Classic 1650// (https://docs.aws.amazon.com/waf/latest/developerguide/classic-waf-chapter.html) 1651// in the developer guide. For the latest version of AWS WAF, use the AWS WAFV2 API 1652// and see the AWS WAF Developer Guide 1653// (https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html). With 1654// the latest version, AWS WAF has a single set of endpoints for regional and 1655// global use. A complex type that contains SqlInjectionMatchTuple objects, which 1656// specify the parts of web requests that you want AWS WAF to inspect for snippets 1657// of malicious SQL code and, if you want AWS WAF to inspect a header, the name of 1658// the header. If a SqlInjectionMatchSet contains more than one 1659// SqlInjectionMatchTuple object, a request needs to include snippets of SQL code 1660// in only one of the specified parts of the request to be considered a match. 1661type SqlInjectionMatchSet struct { 1662 1663 // A unique identifier for a SqlInjectionMatchSet. You use SqlInjectionMatchSetId 1664 // to get information about a SqlInjectionMatchSet (see GetSqlInjectionMatchSet), 1665 // update a SqlInjectionMatchSet (see UpdateSqlInjectionMatchSet), insert a 1666 // SqlInjectionMatchSet into a Rule or delete one from a Rule (see UpdateRule), and 1667 // delete a SqlInjectionMatchSet from AWS WAF (see DeleteSqlInjectionMatchSet). 1668 // SqlInjectionMatchSetId is returned by CreateSqlInjectionMatchSet and by 1669 // ListSqlInjectionMatchSets. 1670 // 1671 // This member is required. 1672 SqlInjectionMatchSetId *string 1673 1674 // Specifies the parts of web requests that you want to inspect for snippets of 1675 // malicious SQL code. 1676 // 1677 // This member is required. 1678 SqlInjectionMatchTuples []SqlInjectionMatchTuple 1679 1680 // The name, if any, of the SqlInjectionMatchSet. 1681 Name *string 1682 1683 noSmithyDocumentSerde 1684} 1685 1686// This is AWS WAF Classic documentation. For more information, see AWS WAF Classic 1687// (https://docs.aws.amazon.com/waf/latest/developerguide/classic-waf-chapter.html) 1688// in the developer guide. For the latest version of AWS WAF, use the AWS WAFV2 API 1689// and see the AWS WAF Developer Guide 1690// (https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html). With 1691// the latest version, AWS WAF has a single set of endpoints for regional and 1692// global use. The Id and Name of a SqlInjectionMatchSet. 1693type SqlInjectionMatchSetSummary struct { 1694 1695 // The name of the SqlInjectionMatchSet, if any, specified by Id. 1696 // 1697 // This member is required. 1698 Name *string 1699 1700 // A unique identifier for a SqlInjectionMatchSet. You use SqlInjectionMatchSetId 1701 // to get information about a SqlInjectionMatchSet (see GetSqlInjectionMatchSet), 1702 // update a SqlInjectionMatchSet (see UpdateSqlInjectionMatchSet), insert a 1703 // SqlInjectionMatchSet into a Rule or delete one from a Rule (see UpdateRule), and 1704 // delete a SqlInjectionMatchSet from AWS WAF (see DeleteSqlInjectionMatchSet). 1705 // SqlInjectionMatchSetId is returned by CreateSqlInjectionMatchSet and by 1706 // ListSqlInjectionMatchSets. 1707 // 1708 // This member is required. 1709 SqlInjectionMatchSetId *string 1710 1711 noSmithyDocumentSerde 1712} 1713 1714// This is AWS WAF Classic documentation. For more information, see AWS WAF Classic 1715// (https://docs.aws.amazon.com/waf/latest/developerguide/classic-waf-chapter.html) 1716// in the developer guide. For the latest version of AWS WAF, use the AWS WAFV2 API 1717// and see the AWS WAF Developer Guide 1718// (https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html). With 1719// the latest version, AWS WAF has a single set of endpoints for regional and 1720// global use. Specifies the part of a web request that you want to inspect for 1721// snippets of malicious SQL code and indicates whether you want to add the 1722// specification to a SqlInjectionMatchSet or delete it from a 1723// SqlInjectionMatchSet. 1724type SqlInjectionMatchSetUpdate struct { 1725 1726 // Specify INSERT to add a SqlInjectionMatchSetUpdate to a SqlInjectionMatchSet. 1727 // Use DELETE to remove a SqlInjectionMatchSetUpdate from a SqlInjectionMatchSet. 1728 // 1729 // This member is required. 1730 Action ChangeAction 1731 1732 // Specifies the part of a web request that you want AWS WAF to inspect for 1733 // snippets of malicious SQL code and, if you want AWS WAF to inspect a header, the 1734 // name of the header. 1735 // 1736 // This member is required. 1737 SqlInjectionMatchTuple *SqlInjectionMatchTuple 1738 1739 noSmithyDocumentSerde 1740} 1741 1742// This is AWS WAF Classic documentation. For more information, see AWS WAF Classic 1743// (https://docs.aws.amazon.com/waf/latest/developerguide/classic-waf-chapter.html) 1744// in the developer guide. For the latest version of AWS WAF, use the AWS WAFV2 API 1745// and see the AWS WAF Developer Guide 1746// (https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html). With 1747// the latest version, AWS WAF has a single set of endpoints for regional and 1748// global use. Specifies the part of a web request that you want AWS WAF to inspect 1749// for snippets of malicious SQL code and, if you want AWS WAF to inspect a header, 1750// the name of the header. 1751type SqlInjectionMatchTuple struct { 1752 1753 // Specifies where in a web request to look for snippets of malicious SQL code. 1754 // 1755 // This member is required. 1756 FieldToMatch *FieldToMatch 1757 1758 // Text transformations eliminate some of the unusual formatting that attackers use 1759 // in web requests in an effort to bypass AWS WAF. If you specify a transformation, 1760 // AWS WAF performs the transformation on FieldToMatch before inspecting it for a 1761 // match. You can only specify a single type of TextTransformation. CMD_LINE When 1762 // you're concerned that attackers are injecting an operating system command line 1763 // command and using unusual formatting to disguise some or all of the command, use 1764 // this option to perform the following transformations: 1765 // 1766 // * Delete the following 1767 // characters: \ " ' ^ 1768 // 1769 // * Delete spaces before the following characters: / ( 1770 // 1771 // * 1772 // Replace the following characters with a space: , ; 1773 // 1774 // * Replace multiple spaces 1775 // with one space 1776 // 1777 // * Convert uppercase letters (A-Z) to lowercase 1778 // (a-z) 1779 // 1780 // COMPRESS_WHITE_SPACE Use this option to replace the following characters 1781 // with a space character (decimal 32): 1782 // 1783 // * \f, formfeed, decimal 12 1784 // 1785 // * \t, tab, 1786 // decimal 9 1787 // 1788 // * \n, newline, decimal 10 1789 // 1790 // * \r, carriage return, decimal 13 1791 // 1792 // * \v, 1793 // vertical tab, decimal 11 1794 // 1795 // * non-breaking space, decimal 1796 // 160 1797 // 1798 // COMPRESS_WHITE_SPACE also replaces multiple spaces with one space. 1799 // HTML_ENTITY_DECODE Use this option to replace HTML-encoded characters with 1800 // unencoded characters. HTML_ENTITY_DECODE performs the following operations: 1801 // 1802 // * 1803 // Replaces (ampersand)quot; with " 1804 // 1805 // * Replaces (ampersand)nbsp; with a 1806 // non-breaking space, decimal 160 1807 // 1808 // * Replaces (ampersand)lt; with a "less than" 1809 // symbol 1810 // 1811 // * Replaces (ampersand)gt; with > 1812 // 1813 // * Replaces characters that are 1814 // represented in hexadecimal format, (ampersand)#xhhhh;, with the corresponding 1815 // characters 1816 // 1817 // * Replaces characters that are represented in decimal format, 1818 // (ampersand)#nnnn;, with the corresponding characters 1819 // 1820 // LOWERCASE Use this option 1821 // to convert uppercase letters (A-Z) to lowercase (a-z). URL_DECODE Use this 1822 // option to decode a URL-encoded value. NONE Specify NONE if you don't want to 1823 // perform any text transformations. 1824 // 1825 // This member is required. 1826 TextTransformation TextTransformation 1827 1828 noSmithyDocumentSerde 1829} 1830 1831// This is AWS WAF Classic documentation. For more information, see AWS WAF Classic 1832// (https://docs.aws.amazon.com/waf/latest/developerguide/classic-waf-chapter.html) 1833// in the developer guide. For the latest version of AWS WAF, use the AWS WAFV2 API 1834// and see the AWS WAF Developer Guide 1835// (https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html). With 1836// the latest version, AWS WAF has a single set of endpoints for regional and 1837// global use. A summary of the rule groups you are subscribed to. 1838type SubscribedRuleGroupSummary struct { 1839 1840 // A friendly name or description for the metrics for this RuleGroup. The name can 1841 // contain only alphanumeric characters (A-Z, a-z, 0-9), with maximum length 128 1842 // and minimum length one. It can't contain whitespace or metric names reserved for 1843 // AWS WAF, including "All" and "Default_Action." You can't change the name of the 1844 // metric after you create the RuleGroup. 1845 // 1846 // This member is required. 1847 MetricName *string 1848 1849 // A friendly name or description of the RuleGroup. You can't change the name of a 1850 // RuleGroup after you create it. 1851 // 1852 // This member is required. 1853 Name *string 1854 1855 // A unique identifier for a RuleGroup. 1856 // 1857 // This member is required. 1858 RuleGroupId *string 1859 1860 noSmithyDocumentSerde 1861} 1862 1863// This is AWS WAF Classic documentation. For more information, see AWS WAF Classic 1864// (https://docs.aws.amazon.com/waf/latest/developerguide/classic-waf-chapter.html) 1865// in the developer guide. For the latest version of AWS WAF, use the AWS WAFV2 API 1866// and see the AWS WAF Developer Guide 1867// (https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html). With 1868// the latest version, AWS WAF has a single set of endpoints for regional and 1869// global use. A tag associated with an AWS resource. Tags are key:value pairs that 1870// you can use to categorize and manage your resources, for purposes like billing. 1871// For example, you might set the tag key to "customer" and the value to the 1872// customer name or ID. You can specify one or more tags to add to each AWS 1873// resource, up to 50 tags for a resource. Tagging is only available through the 1874// API, SDKs, and CLI. You can't manage or view tags through the AWS WAF Classic 1875// console. You can tag the AWS resources that you manage through AWS WAF Classic: 1876// web ACLs, rule groups, and rules. 1877type Tag struct { 1878 1879 // 1880 // 1881 // This member is required. 1882 Key *string 1883 1884 // 1885 // 1886 // This member is required. 1887 Value *string 1888 1889 noSmithyDocumentSerde 1890} 1891 1892// This is AWS WAF Classic documentation. For more information, see AWS WAF Classic 1893// (https://docs.aws.amazon.com/waf/latest/developerguide/classic-waf-chapter.html) 1894// in the developer guide. For the latest version of AWS WAF, use the AWS WAFV2 API 1895// and see the AWS WAF Developer Guide 1896// (https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html). With 1897// the latest version, AWS WAF has a single set of endpoints for regional and 1898// global use. Information for a tag associated with an AWS resource. Tags are 1899// key:value pairs that you can use to categorize and manage your resources, for 1900// purposes like billing. For example, you might set the tag key to "customer" and 1901// the value to the customer name or ID. You can specify one or more tags to add to 1902// each AWS resource, up to 50 tags for a resource. Tagging is only available 1903// through the API, SDKs, and CLI. You can't manage or view tags through the AWS 1904// WAF Classic console. You can tag the AWS resources that you manage through AWS 1905// WAF Classic: web ACLs, rule groups, and rules. 1906type TagInfoForResource struct { 1907 1908 // 1909 ResourceARN *string 1910 1911 // 1912 TagList []Tag 1913 1914 noSmithyDocumentSerde 1915} 1916 1917// This is AWS WAF Classic documentation. For more information, see AWS WAF Classic 1918// (https://docs.aws.amazon.com/waf/latest/developerguide/classic-waf-chapter.html) 1919// in the developer guide. For the latest version of AWS WAF, use the AWS WAFV2 API 1920// and see the AWS WAF Developer Guide 1921// (https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html). With 1922// the latest version, AWS WAF has a single set of endpoints for regional and 1923// global use. In a GetSampledRequests request, the StartTime and EndTime objects 1924// specify the time range for which you want AWS WAF to return a sample of web 1925// requests. You must specify the times in Coordinated Universal Time (UTC) format. 1926// UTC format includes the special designator, Z. For example, "2016-09-27T14:50Z". 1927// In a GetSampledRequests response, the StartTime and EndTime objects specify the 1928// time range for which AWS WAF actually returned a sample of web requests. AWS WAF 1929// gets the specified number of requests from among the first 5,000 requests that 1930// your AWS resource receives during the specified time period. If your resource 1931// receives more than 5,000 requests during that period, AWS WAF stops sampling 1932// after the 5,000th request. In that case, EndTime is the time that AWS WAF 1933// received the 5,000th request. 1934type TimeWindow struct { 1935 1936 // The end of the time range from which you want GetSampledRequests to return a 1937 // sample of the requests that your AWS resource received. You must specify the 1938 // date and time in Coordinated Universal Time (UTC) format. UTC format includes 1939 // the special designator, Z. For example, "2016-09-27T14:50Z". You can specify any 1940 // time range in the previous three hours. 1941 // 1942 // This member is required. 1943 EndTime *time.Time 1944 1945 // The beginning of the time range from which you want GetSampledRequests to return 1946 // a sample of the requests that your AWS resource received. You must specify the 1947 // date and time in Coordinated Universal Time (UTC) format. UTC format includes 1948 // the special designator, Z. For example, "2016-09-27T14:50Z". You can specify any 1949 // time range in the previous three hours. 1950 // 1951 // This member is required. 1952 StartTime *time.Time 1953 1954 noSmithyDocumentSerde 1955} 1956 1957// This is AWS WAF Classic documentation. For more information, see AWS WAF Classic 1958// (https://docs.aws.amazon.com/waf/latest/developerguide/classic-waf-chapter.html) 1959// in the developer guide. For the latest version of AWS WAF, use the AWS WAFV2 API 1960// and see the AWS WAF Developer Guide 1961// (https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html). With 1962// the latest version, AWS WAF has a single set of endpoints for regional and 1963// global use. For the action that is associated with a rule in a WebACL, specifies 1964// the action that you want AWS WAF to perform when a web request matches all of 1965// the conditions in a rule. For the default action in a WebACL, specifies the 1966// action that you want AWS WAF to take when a web request doesn't match all of the 1967// conditions in any of the rules in a WebACL. 1968type WafAction struct { 1969 1970 // Specifies how you want AWS WAF to respond to requests that match the settings in 1971 // a Rule. Valid settings include the following: 1972 // 1973 // * ALLOW: AWS WAF allows 1974 // requests 1975 // 1976 // * BLOCK: AWS WAF blocks requests 1977 // 1978 // * COUNT: AWS WAF increments a 1979 // counter of the requests that match all of the conditions in the rule. AWS WAF 1980 // then continues to inspect the web request based on the remaining rules in the 1981 // web ACL. You can't specify COUNT for the default action for a WebACL. 1982 // 1983 // This member is required. 1984 Type WafActionType 1985 1986 noSmithyDocumentSerde 1987} 1988 1989// This is AWS WAF Classic documentation. For more information, see AWS WAF Classic 1990// (https://docs.aws.amazon.com/waf/latest/developerguide/classic-waf-chapter.html) 1991// in the developer guide. For the latest version of AWS WAF, use the AWS WAFV2 API 1992// and see the AWS WAF Developer Guide 1993// (https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html). With 1994// the latest version, AWS WAF has a single set of endpoints for regional and 1995// global use. The action to take if any rule within the RuleGroup matches a 1996// request. 1997type WafOverrideAction struct { 1998 1999 // COUNT overrides the action specified by the individual rule within a RuleGroup . 2000 // If set to NONE, the rule's action will take place. 2001 // 2002 // This member is required. 2003 Type WafOverrideActionType 2004 2005 noSmithyDocumentSerde 2006} 2007 2008// This is AWS WAF Classic documentation. For more information, see AWS WAF Classic 2009// (https://docs.aws.amazon.com/waf/latest/developerguide/classic-waf-chapter.html) 2010// in the developer guide. For the latest version of AWS WAF, use the AWS WAFV2 API 2011// and see the AWS WAF Developer Guide 2012// (https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html). With 2013// the latest version, AWS WAF has a single set of endpoints for regional and 2014// global use. Contains the Rules that identify the requests that you want to 2015// allow, block, or count. In a WebACL, you also specify a default action (ALLOW or 2016// BLOCK), and the action for each Rule that you add to a WebACL, for example, 2017// block requests from specified IP addresses or block requests from specified 2018// referrers. You also associate the WebACL with a CloudFront distribution to 2019// identify the requests that you want AWS WAF to filter. If you add more than one 2020// Rule to a WebACL, a request needs to match only one of the specifications to be 2021// allowed, blocked, or counted. For more information, see UpdateWebACL. 2022type WebACL struct { 2023 2024 // The action to perform if none of the Rules contained in the WebACL match. The 2025 // action is specified by the WafAction object. 2026 // 2027 // This member is required. 2028 DefaultAction *WafAction 2029 2030 // An array that contains the action for each Rule in a WebACL, the priority of the 2031 // Rule, and the ID of the Rule. 2032 // 2033 // This member is required. 2034 Rules []ActivatedRule 2035 2036 // A unique identifier for a WebACL. You use WebACLId to get information about a 2037 // WebACL (see GetWebACL), update a WebACL (see UpdateWebACL), and delete a WebACL 2038 // from AWS WAF (see DeleteWebACL). WebACLId is returned by CreateWebACL and by 2039 // ListWebACLs. 2040 // 2041 // This member is required. 2042 WebACLId *string 2043 2044 // A friendly name or description for the metrics for this WebACL. The name can 2045 // contain only alphanumeric characters (A-Z, a-z, 0-9), with maximum length 128 2046 // and minimum length one. It can't contain whitespace or metric names reserved for 2047 // AWS WAF, including "All" and "Default_Action." You can't change MetricName after 2048 // you create the WebACL. 2049 MetricName *string 2050 2051 // A friendly name or description of the WebACL. You can't change the name of a 2052 // WebACL after you create it. 2053 Name *string 2054 2055 // Tha Amazon Resource Name (ARN) of the web ACL. 2056 WebACLArn *string 2057 2058 noSmithyDocumentSerde 2059} 2060 2061// This is AWS WAF Classic documentation. For more information, see AWS WAF Classic 2062// (https://docs.aws.amazon.com/waf/latest/developerguide/classic-waf-chapter.html) 2063// in the developer guide. For the latest version of AWS WAF, use the AWS WAFV2 API 2064// and see the AWS WAF Developer Guide 2065// (https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html). With 2066// the latest version, AWS WAF has a single set of endpoints for regional and 2067// global use. Contains the identifier and the name or description of the WebACL. 2068type WebACLSummary struct { 2069 2070 // A friendly name or description of the WebACL. You can't change the name of a 2071 // WebACL after you create it. 2072 // 2073 // This member is required. 2074 Name *string 2075 2076 // A unique identifier for a WebACL. You use WebACLId to get information about a 2077 // WebACL (see GetWebACL), update a WebACL (see UpdateWebACL), and delete a WebACL 2078 // from AWS WAF (see DeleteWebACL). WebACLId is returned by CreateWebACL and by 2079 // ListWebACLs. 2080 // 2081 // This member is required. 2082 WebACLId *string 2083 2084 noSmithyDocumentSerde 2085} 2086 2087// This is AWS WAF Classic documentation. For more information, see AWS WAF Classic 2088// (https://docs.aws.amazon.com/waf/latest/developerguide/classic-waf-chapter.html) 2089// in the developer guide. For the latest version of AWS WAF, use the AWS WAFV2 API 2090// and see the AWS WAF Developer Guide 2091// (https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html). With 2092// the latest version, AWS WAF has a single set of endpoints for regional and 2093// global use. Specifies whether to insert a Rule into or delete a Rule from a 2094// WebACL. 2095type WebACLUpdate struct { 2096 2097 // Specifies whether to insert a Rule into or delete a Rule from a WebACL. 2098 // 2099 // This member is required. 2100 Action ChangeAction 2101 2102 // The ActivatedRule object in an UpdateWebACL request specifies a Rule that you 2103 // want to insert or delete, the priority of the Rule in the WebACL, and the action 2104 // that you want AWS WAF to take when a web request matches the Rule (ALLOW, BLOCK, 2105 // or COUNT). 2106 // 2107 // This member is required. 2108 ActivatedRule *ActivatedRule 2109 2110 noSmithyDocumentSerde 2111} 2112 2113// This is AWS WAF Classic documentation. For more information, see AWS WAF Classic 2114// (https://docs.aws.amazon.com/waf/latest/developerguide/classic-waf-chapter.html) 2115// in the developer guide. For the latest version of AWS WAF, use the AWS WAFV2 API 2116// and see the AWS WAF Developer Guide 2117// (https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html). With 2118// the latest version, AWS WAF has a single set of endpoints for regional and 2119// global use. A complex type that contains XssMatchTuple objects, which specify 2120// the parts of web requests that you want AWS WAF to inspect for cross-site 2121// scripting attacks and, if you want AWS WAF to inspect a header, the name of the 2122// header. If a XssMatchSet contains more than one XssMatchTuple object, a request 2123// needs to include cross-site scripting attacks in only one of the specified parts 2124// of the request to be considered a match. 2125type XssMatchSet struct { 2126 2127 // A unique identifier for an XssMatchSet. You use XssMatchSetId to get information 2128 // about an XssMatchSet (see GetXssMatchSet), update an XssMatchSet (see 2129 // UpdateXssMatchSet), insert an XssMatchSet into a Rule or delete one from a Rule 2130 // (see UpdateRule), and delete an XssMatchSet from AWS WAF (see 2131 // DeleteXssMatchSet). XssMatchSetId is returned by CreateXssMatchSet and by 2132 // ListXssMatchSets. 2133 // 2134 // This member is required. 2135 XssMatchSetId *string 2136 2137 // Specifies the parts of web requests that you want to inspect for cross-site 2138 // scripting attacks. 2139 // 2140 // This member is required. 2141 XssMatchTuples []XssMatchTuple 2142 2143 // The name, if any, of the XssMatchSet. 2144 Name *string 2145 2146 noSmithyDocumentSerde 2147} 2148 2149// This is AWS WAF Classic documentation. For more information, see AWS WAF Classic 2150// (https://docs.aws.amazon.com/waf/latest/developerguide/classic-waf-chapter.html) 2151// in the developer guide. For the latest version of AWS WAF, use the AWS WAFV2 API 2152// and see the AWS WAF Developer Guide 2153// (https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html). With 2154// the latest version, AWS WAF has a single set of endpoints for regional and 2155// global use. The Id and Name of an XssMatchSet. 2156type XssMatchSetSummary struct { 2157 2158 // The name of the XssMatchSet, if any, specified by Id. 2159 // 2160 // This member is required. 2161 Name *string 2162 2163 // A unique identifier for an XssMatchSet. You use XssMatchSetId to get information 2164 // about a XssMatchSet (see GetXssMatchSet), update an XssMatchSet (see 2165 // UpdateXssMatchSet), insert an XssMatchSet into a Rule or delete one from a Rule 2166 // (see UpdateRule), and delete an XssMatchSet from AWS WAF (see 2167 // DeleteXssMatchSet). XssMatchSetId is returned by CreateXssMatchSet and by 2168 // ListXssMatchSets. 2169 // 2170 // This member is required. 2171 XssMatchSetId *string 2172 2173 noSmithyDocumentSerde 2174} 2175 2176// This is AWS WAF Classic documentation. For more information, see AWS WAF Classic 2177// (https://docs.aws.amazon.com/waf/latest/developerguide/classic-waf-chapter.html) 2178// in the developer guide. For the latest version of AWS WAF, use the AWS WAFV2 API 2179// and see the AWS WAF Developer Guide 2180// (https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html). With 2181// the latest version, AWS WAF has a single set of endpoints for regional and 2182// global use. Specifies the part of a web request that you want to inspect for 2183// cross-site scripting attacks and indicates whether you want to add the 2184// specification to an XssMatchSet or delete it from an XssMatchSet. 2185type XssMatchSetUpdate struct { 2186 2187 // Specify INSERT to add an XssMatchSetUpdate to an XssMatchSet. Use DELETE to 2188 // remove an XssMatchSetUpdate from an XssMatchSet. 2189 // 2190 // This member is required. 2191 Action ChangeAction 2192 2193 // Specifies the part of a web request that you want AWS WAF to inspect for 2194 // cross-site scripting attacks and, if you want AWS WAF to inspect a header, the 2195 // name of the header. 2196 // 2197 // This member is required. 2198 XssMatchTuple *XssMatchTuple 2199 2200 noSmithyDocumentSerde 2201} 2202 2203// This is AWS WAF Classic documentation. For more information, see AWS WAF Classic 2204// (https://docs.aws.amazon.com/waf/latest/developerguide/classic-waf-chapter.html) 2205// in the developer guide. For the latest version of AWS WAF, use the AWS WAFV2 API 2206// and see the AWS WAF Developer Guide 2207// (https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html). With 2208// the latest version, AWS WAF has a single set of endpoints for regional and 2209// global use. Specifies the part of a web request that you want AWS WAF to inspect 2210// for cross-site scripting attacks and, if you want AWS WAF to inspect a header, 2211// the name of the header. 2212type XssMatchTuple struct { 2213 2214 // Specifies where in a web request to look for cross-site scripting attacks. 2215 // 2216 // This member is required. 2217 FieldToMatch *FieldToMatch 2218 2219 // Text transformations eliminate some of the unusual formatting that attackers use 2220 // in web requests in an effort to bypass AWS WAF. If you specify a transformation, 2221 // AWS WAF performs the transformation on FieldToMatch before inspecting it for a 2222 // match. You can only specify a single type of TextTransformation. CMD_LINE When 2223 // you're concerned that attackers are injecting an operating system command line 2224 // command and using unusual formatting to disguise some or all of the command, use 2225 // this option to perform the following transformations: 2226 // 2227 // * Delete the following 2228 // characters: \ " ' ^ 2229 // 2230 // * Delete spaces before the following characters: / ( 2231 // 2232 // * 2233 // Replace the following characters with a space: , ; 2234 // 2235 // * Replace multiple spaces 2236 // with one space 2237 // 2238 // * Convert uppercase letters (A-Z) to lowercase 2239 // (a-z) 2240 // 2241 // COMPRESS_WHITE_SPACE Use this option to replace the following characters 2242 // with a space character (decimal 32): 2243 // 2244 // * \f, formfeed, decimal 12 2245 // 2246 // * \t, tab, 2247 // decimal 9 2248 // 2249 // * \n, newline, decimal 10 2250 // 2251 // * \r, carriage return, decimal 13 2252 // 2253 // * \v, 2254 // vertical tab, decimal 11 2255 // 2256 // * non-breaking space, decimal 2257 // 160 2258 // 2259 // COMPRESS_WHITE_SPACE also replaces multiple spaces with one space. 2260 // HTML_ENTITY_DECODE Use this option to replace HTML-encoded characters with 2261 // unencoded characters. HTML_ENTITY_DECODE performs the following operations: 2262 // 2263 // * 2264 // Replaces (ampersand)quot; with " 2265 // 2266 // * Replaces (ampersand)nbsp; with a 2267 // non-breaking space, decimal 160 2268 // 2269 // * Replaces (ampersand)lt; with a "less than" 2270 // symbol 2271 // 2272 // * Replaces (ampersand)gt; with > 2273 // 2274 // * Replaces characters that are 2275 // represented in hexadecimal format, (ampersand)#xhhhh;, with the corresponding 2276 // characters 2277 // 2278 // * Replaces characters that are represented in decimal format, 2279 // (ampersand)#nnnn;, with the corresponding characters 2280 // 2281 // LOWERCASE Use this option 2282 // to convert uppercase letters (A-Z) to lowercase (a-z). URL_DECODE Use this 2283 // option to decode a URL-encoded value. NONE Specify NONE if you don't want to 2284 // perform any text transformations. 2285 // 2286 // This member is required. 2287 TextTransformation TextTransformation 2288 2289 noSmithyDocumentSerde 2290} 2291 2292type noSmithyDocumentSerde = smithydocument.NoSerde 2293