aws_sdk_waf

Module types

Source
Expand description

Data structures used by operation inputs/outputs.

Modules§

Structs§

  • ActivatedRule

    This is AWS WAF Classic documentation. For more information, see AWS WAF Classic in the developer guide.

    For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS WAF Developer Guide. With the latest version, AWS WAF has a single set of endpoints for regional and global use.

    The ActivatedRule object in an UpdateWebACL request specifies a Rule that you want to insert or delete, the priority of the Rule in the WebACL, and the action that you want AWS WAF to take when a web request matches the Rule (ALLOW, BLOCK, or COUNT).

    To specify whether to insert or delete a Rule, use the Action parameter in the WebACLUpdate data type.

  • ByteMatchSet

    This is AWS WAF Classic documentation. For more information, see AWS WAF Classic in the developer guide.

    For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS WAF Developer Guide. With the latest version, AWS WAF has a single set of endpoints for regional and global use.

    In a GetByteMatchSet request, ByteMatchSet is a complex type that contains the ByteMatchSetId and Name of a ByteMatchSet, and the values that you specified when you updated the ByteMatchSet.

    A complex type that contains ByteMatchTuple objects, which specify the parts of web requests that you want AWS WAF to inspect and the values that you want AWS WAF to search for. If a ByteMatchSet contains more than one ByteMatchTuple object, a request needs to match the settings in only one ByteMatchTuple to be considered a match.

  • ByteMatchSetSummary

    This is AWS WAF Classic documentation. For more information, see AWS WAF Classic in the developer guide.

    For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS WAF Developer Guide. With the latest version, AWS WAF has a single set of endpoints for regional and global use.

    Returned by ListByteMatchSets. Each ByteMatchSetSummary object includes the Name and ByteMatchSetId for one ByteMatchSet.

  • ByteMatchSetUpdate

    This is AWS WAF Classic documentation. For more information, see AWS WAF Classic in the developer guide.

    For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS WAF Developer Guide. With the latest version, AWS WAF has a single set of endpoints for regional and global use.

    In an UpdateByteMatchSet request, ByteMatchSetUpdate specifies whether to insert or delete a ByteMatchTuple and includes the settings for the ByteMatchTuple.

  • ByteMatchTuple

    This is AWS WAF Classic documentation. For more information, see AWS WAF Classic in the developer guide.

    For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS WAF Developer Guide. With the latest version, AWS WAF has a single set of endpoints for regional and global use.

    The bytes (typically a string that corresponds with ASCII characters) that you want AWS WAF to search for in web requests, the location in requests that you want AWS WAF to search, and other settings.

  • ExcludedRule

    This is AWS WAF Classic documentation. For more information, see AWS WAF Classic in the developer guide.

    For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS WAF Developer Guide. With the latest version, AWS WAF has a single set of endpoints for regional and global use.

    The rule to exclude from a rule group. This is applicable only when the ActivatedRule refers to a RuleGroup. The rule must belong to the RuleGroup that is specified by the ActivatedRule.

  • FieldToMatch

    This is AWS WAF Classic documentation. For more information, see AWS WAF Classic in the developer guide.

    For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS WAF Developer Guide. With the latest version, AWS WAF has a single set of endpoints for regional and global use.

    Specifies where in a web request to look for TargetString.

  • GeoMatchConstraint

    This is AWS WAF Classic documentation. For more information, see AWS WAF Classic in the developer guide.

    For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS WAF Developer Guide. With the latest version, AWS WAF has a single set of endpoints for regional and global use.

    The country from which web requests originate that you want AWS WAF to search for.

  • GeoMatchSet

    This is AWS WAF Classic documentation. For more information, see AWS WAF Classic in the developer guide.

    For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS WAF Developer Guide. With the latest version, AWS WAF has a single set of endpoints for regional and global use.

    Contains one or more countries that AWS WAF will search for.

  • GeoMatchSetSummary

    This is AWS WAF Classic documentation. For more information, see AWS WAF Classic in the developer guide.

    For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS WAF Developer Guide. With the latest version, AWS WAF has a single set of endpoints for regional and global use.

    Contains the identifier and the name of the GeoMatchSet.

  • GeoMatchSetUpdate

    This is AWS WAF Classic documentation. For more information, see AWS WAF Classic in the developer guide.

    For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS WAF Developer Guide. With the latest version, AWS WAF has a single set of endpoints for regional and global use.

    Specifies the type of update to perform to an GeoMatchSet with UpdateGeoMatchSet.

  • HttpHeader

    This is AWS WAF Classic documentation. For more information, see AWS WAF Classic in the developer guide.

    For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS WAF Developer Guide. With the latest version, AWS WAF has a single set of endpoints for regional and global use.

    The response from a GetSampledRequests request includes an HTTPHeader complex type that appears as Headers in the response syntax. HTTPHeader contains the names and values of all of the headers that appear in one of the web requests that were returned by GetSampledRequests.

  • HttpRequest

    This is AWS WAF Classic documentation. For more information, see AWS WAF Classic in the developer guide.

    For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS WAF Developer Guide. With the latest version, AWS WAF has a single set of endpoints for regional and global use.

    The response from a GetSampledRequests request includes an HTTPRequest complex type that appears as Request in the response syntax. HTTPRequest contains information about one of the web requests that were returned by GetSampledRequests.

  • IpSet

    This is AWS WAF Classic documentation. For more information, see AWS WAF Classic in the developer guide.

    For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS WAF Developer Guide. With the latest version, AWS WAF has a single set of endpoints for regional and global use.

    Contains one or more IP addresses or blocks of IP addresses specified in Classless Inter-Domain Routing (CIDR) notation. AWS WAF supports IPv4 address ranges: /8 and any range between /16 through /32. AWS WAF supports IPv6 address ranges: /24, /32, /48, /56, /64, and /128.

    To specify an individual IP address, you specify the four-part IP address followed by a /32, for example, 192.0.2.0/32. To block a range of IP addresses, you can specify /8 or any range between /16 through /32 (for IPv4) or /24, /32, /48, /56, /64, or /128 (for IPv6). For more information about CIDR notation, see the Wikipedia entry Classless Inter-Domain Routing.

  • IpSetDescriptor

    This is AWS WAF Classic documentation. For more information, see AWS WAF Classic in the developer guide.

    For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS WAF Developer Guide. With the latest version, AWS WAF has a single set of endpoints for regional and global use.

    Specifies the IP address type (IPV4 or IPV6) and the IP address range (in CIDR format) that web requests originate from.

  • IpSetSummary

    This is AWS WAF Classic documentation. For more information, see AWS WAF Classic in the developer guide.

    For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS WAF Developer Guide. With the latest version, AWS WAF has a single set of endpoints for regional and global use.

    Contains the identifier and the name of the IPSet.

  • IpSetUpdate

    This is AWS WAF Classic documentation. For more information, see AWS WAF Classic in the developer guide.

    For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS WAF Developer Guide. With the latest version, AWS WAF has a single set of endpoints for regional and global use.

    Specifies the type of update to perform to an IPSet with UpdateIPSet.

  • LoggingConfiguration

    This is AWS WAF Classic documentation. For more information, see AWS WAF Classic in the developer guide.

    For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS WAF Developer Guide. With the latest version, AWS WAF has a single set of endpoints for regional and global use.

    The Amazon Kinesis Data Firehose, RedactedFields information, and the web ACL Amazon Resource Name (ARN).

  • Predicate

    This is AWS WAF Classic documentation. For more information, see AWS WAF Classic in the developer guide.

    For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS WAF Developer Guide. With the latest version, AWS WAF has a single set of endpoints for regional and global use.

    Specifies the ByteMatchSet, IPSet, SqlInjectionMatchSet, XssMatchSet, RegexMatchSet, GeoMatchSet, and SizeConstraintSet objects that you want to add to a Rule and, for each object, indicates whether you want to negate the settings, for example, requests that do NOT originate from the IP address 192.0.2.44.

  • RateBasedRule

    This is AWS WAF Classic documentation. For more information, see AWS WAF Classic in the developer guide.

    For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS WAF Developer Guide. With the latest version, AWS WAF has a single set of endpoints for regional and global use.

    A RateBasedRule is identical to a regular Rule, with one addition: a RateBasedRule counts the number of requests that arrive from a specified IP address every five minutes. For example, based on recent requests that you've seen from an attacker, you might create a RateBasedRule that includes the following conditions:

    • The requests come from 192.0.2.44.

    • They contain the value BadBot in the User-Agent header.

    In the rule, you also define the rate limit as 1,000.

    Requests that meet both of these conditions and exceed 1,000 requests every five minutes trigger the rule's action (block or count), which is defined in the web ACL.

  • RegexMatchSet

    This is AWS WAF Classic documentation. For more information, see AWS WAF Classic in the developer guide.

    For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS WAF Developer Guide. With the latest version, AWS WAF has a single set of endpoints for regional and global use.

    In a GetRegexMatchSet request, RegexMatchSet is a complex type that contains the RegexMatchSetId and Name of a RegexMatchSet, and the values that you specified when you updated the RegexMatchSet.

    The values are contained in a RegexMatchTuple object, which specify the parts of web requests that you want AWS WAF to inspect and the values that you want AWS WAF to search for. If a RegexMatchSet contains more than one RegexMatchTuple object, a request needs to match the settings in only one ByteMatchTuple to be considered a match.

  • RegexMatchSetSummary

    This is AWS WAF Classic documentation. For more information, see AWS WAF Classic in the developer guide.

    For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS WAF Developer Guide. With the latest version, AWS WAF has a single set of endpoints for regional and global use.

    Returned by ListRegexMatchSets. Each RegexMatchSetSummary object includes the Name and RegexMatchSetId for one RegexMatchSet.

  • RegexMatchSetUpdate

    This is AWS WAF Classic documentation. For more information, see AWS WAF Classic in the developer guide.

    For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS WAF Developer Guide. With the latest version, AWS WAF has a single set of endpoints for regional and global use.

    In an UpdateRegexMatchSet request, RegexMatchSetUpdate specifies whether to insert or delete a RegexMatchTuple and includes the settings for the RegexMatchTuple.

  • RegexMatchTuple

    This is AWS WAF Classic documentation. For more information, see AWS WAF Classic in the developer guide.

    For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS WAF Developer Guide. With the latest version, AWS WAF has a single set of endpoints for regional and global use.

    The regular expression pattern that you want AWS WAF to search for in web requests, the location in requests that you want AWS WAF to search, and other settings. Each RegexMatchTuple object contains:

    • The part of a web request that you want AWS WAF to inspect, such as a query string or the value of the User-Agent header.

    • The identifier of the pattern (a regular expression) that you want AWS WAF to look for. For more information, see RegexPatternSet.

    • Whether to perform any conversions on the request, such as converting it to lowercase, before inspecting it for the specified string.

  • RegexPatternSet

    This is AWS WAF Classic documentation. For more information, see AWS WAF Classic in the developer guide.

    For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS WAF Developer Guide. With the latest version, AWS WAF has a single set of endpoints for regional and global use.

    The RegexPatternSet specifies the regular expression (regex) pattern that you want AWS WAF to search for, such as B\[a@\]dB\[o0\]t. You can then configure AWS WAF to reject those requests.

  • RegexPatternSetSummary

    This is AWS WAF Classic documentation. For more information, see AWS WAF Classic in the developer guide.

    For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS WAF Developer Guide. With the latest version, AWS WAF has a single set of endpoints for regional and global use.

    Returned by ListRegexPatternSets. Each RegexPatternSetSummary object includes the Name and RegexPatternSetId for one RegexPatternSet.

  • RegexPatternSetUpdate

    This is AWS WAF Classic documentation. For more information, see AWS WAF Classic in the developer guide.

    For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS WAF Developer Guide. With the latest version, AWS WAF has a single set of endpoints for regional and global use.

    In an UpdateRegexPatternSet request, RegexPatternSetUpdate specifies whether to insert or delete a RegexPatternString and includes the settings for the RegexPatternString.

  • Rule

    This is AWS WAF Classic documentation. For more information, see AWS WAF Classic in the developer guide.

    For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS WAF Developer Guide. With the latest version, AWS WAF has a single set of endpoints for regional and global use.

    A combination of ByteMatchSet, IPSet, and/or SqlInjectionMatchSet objects that identify the web requests that you want to allow, block, or count. For example, you might create a Rule that includes the following predicates:

    • An IPSet that causes AWS WAF to search for web requests that originate from the IP address 192.0.2.44

    • A ByteMatchSet that causes AWS WAF to search for web requests for which the value of the User-Agent header is BadBot.

    To match the settings in this Rule, a request must originate from 192.0.2.44 AND include a User-Agent header for which the value is BadBot.

  • RuleGroup

    This is AWS WAF Classic documentation. For more information, see AWS WAF Classic in the developer guide.

    For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS WAF Developer Guide. With the latest version, AWS WAF has a single set of endpoints for regional and global use.

    A collection of predefined rules that you can add to a web ACL.

    Rule groups are subject to the following limits:

    • Three rule groups per account. You can request an increase to this limit by contacting customer support.

    • One rule group per web ACL.

    • Ten rules per rule group.

  • RuleGroupSummary

    This is AWS WAF Classic documentation. For more information, see AWS WAF Classic in the developer guide.

    For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS WAF Developer Guide. With the latest version, AWS WAF has a single set of endpoints for regional and global use.

    Contains the identifier and the friendly name or description of the RuleGroup.

  • RuleGroupUpdate

    This is AWS WAF Classic documentation. For more information, see AWS WAF Classic in the developer guide.

    For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS WAF Developer Guide. With the latest version, AWS WAF has a single set of endpoints for regional and global use.

    Specifies an ActivatedRule and indicates whether you want to add it to a RuleGroup or delete it from a RuleGroup.

  • RuleSummary

    This is AWS WAF Classic documentation. For more information, see AWS WAF Classic in the developer guide.

    For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS WAF Developer Guide. With the latest version, AWS WAF has a single set of endpoints for regional and global use.

    Contains the identifier and the friendly name or description of the Rule.

  • RuleUpdate

    This is AWS WAF Classic documentation. For more information, see AWS WAF Classic in the developer guide.

    For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS WAF Developer Guide. With the latest version, AWS WAF has a single set of endpoints for regional and global use.

    Specifies a Predicate (such as an IPSet) and indicates whether you want to add it to a Rule or delete it from a Rule.

  • SampledHttpRequest

    This is AWS WAF Classic documentation. For more information, see AWS WAF Classic in the developer guide.

    For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS WAF Developer Guide. With the latest version, AWS WAF has a single set of endpoints for regional and global use.

    The response from a GetSampledRequests request includes a SampledHTTPRequests complex type that appears as SampledRequests in the response syntax. SampledHTTPRequests contains one SampledHTTPRequest object for each web request that is returned by GetSampledRequests.

  • SizeConstraint

    This is AWS WAF Classic documentation. For more information, see AWS WAF Classic in the developer guide.

    For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS WAF Developer Guide. With the latest version, AWS WAF has a single set of endpoints for regional and global use.

    Specifies a constraint on the size of a part of the web request. AWS WAF uses the Size, ComparisonOperator, and FieldToMatch to build an expression in the form of "Size ComparisonOperator size in bytes of FieldToMatch". If that expression is true, the SizeConstraint is considered to match.

  • SizeConstraintSet

    This is AWS WAF Classic documentation. For more information, see AWS WAF Classic in the developer guide.

    For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS WAF Developer Guide. With the latest version, AWS WAF has a single set of endpoints for regional and global use.

    A complex type that contains SizeConstraint objects, which specify the parts of web requests that you want AWS WAF to inspect the size of. If a SizeConstraintSet contains more than one SizeConstraint object, a request only needs to match one constraint to be considered a match.

  • SizeConstraintSetSummary

    This is AWS WAF Classic documentation. For more information, see AWS WAF Classic in the developer guide.

    For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS WAF Developer Guide. With the latest version, AWS WAF has a single set of endpoints for regional and global use.

    The Id and Name of a SizeConstraintSet.

  • SizeConstraintSetUpdate

    This is AWS WAF Classic documentation. For more information, see AWS WAF Classic in the developer guide.

    For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS WAF Developer Guide. With the latest version, AWS WAF has a single set of endpoints for regional and global use.

    Specifies the part of a web request that you want to inspect the size of and indicates whether you want to add the specification to a SizeConstraintSet or delete it from a SizeConstraintSet.

  • SqlInjectionMatchSet

    This is AWS WAF Classic documentation. For more information, see AWS WAF Classic in the developer guide.

    For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS WAF Developer Guide. With the latest version, AWS WAF has a single set of endpoints for regional and global use.

    A complex type that contains SqlInjectionMatchTuple objects, which specify the parts of web requests that you want AWS WAF to inspect for snippets of malicious SQL code and, if you want AWS WAF to inspect a header, the name of the header. If a SqlInjectionMatchSet contains more than one SqlInjectionMatchTuple object, a request needs to include snippets of SQL code in only one of the specified parts of the request to be considered a match.

  • SqlInjectionMatchSetSummary

    This is AWS WAF Classic documentation. For more information, see AWS WAF Classic in the developer guide.

    For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS WAF Developer Guide. With the latest version, AWS WAF has a single set of endpoints for regional and global use.

    The Id and Name of a SqlInjectionMatchSet.

  • SqlInjectionMatchSetUpdate

    This is AWS WAF Classic documentation. For more information, see AWS WAF Classic in the developer guide.

    For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS WAF Developer Guide. With the latest version, AWS WAF has a single set of endpoints for regional and global use.

    Specifies the part of a web request that you want to inspect for snippets of malicious SQL code and indicates whether you want to add the specification to a SqlInjectionMatchSet or delete it from a SqlInjectionMatchSet.

  • SqlInjectionMatchTuple

    This is AWS WAF Classic documentation. For more information, see AWS WAF Classic in the developer guide.

    For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS WAF Developer Guide. With the latest version, AWS WAF has a single set of endpoints for regional and global use.

    Specifies the part of a web request that you want AWS WAF to inspect for snippets of malicious SQL code and, if you want AWS WAF to inspect a header, the name of the header.

  • SubscribedRuleGroupSummary

    This is AWS WAF Classic documentation. For more information, see AWS WAF Classic in the developer guide.

    For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS WAF Developer Guide. With the latest version, AWS WAF has a single set of endpoints for regional and global use.

    A summary of the rule groups you are subscribed to.

  • Tag

    This is AWS WAF Classic documentation. For more information, see AWS WAF Classic in the developer guide.

    For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS WAF Developer Guide. With the latest version, AWS WAF has a single set of endpoints for regional and global use.

    A tag associated with an AWS resource. Tags are key:value pairs that you can use to categorize and manage your resources, for purposes like billing. For example, you might set the tag key to "customer" and the value to the customer name or ID. You can specify one or more tags to add to each AWS resource, up to 50 tags for a resource.

    Tagging is only available through the API, SDKs, and CLI. You can't manage or view tags through the AWS WAF Classic console. You can tag the AWS resources that you manage through AWS WAF Classic: web ACLs, rule groups, and rules.

  • TagInfoForResource

    This is AWS WAF Classic documentation. For more information, see AWS WAF Classic in the developer guide.

    For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS WAF Developer Guide. With the latest version, AWS WAF has a single set of endpoints for regional and global use.

    Information for a tag associated with an AWS resource. Tags are key:value pairs that you can use to categorize and manage your resources, for purposes like billing. For example, you might set the tag key to "customer" and the value to the customer name or ID. You can specify one or more tags to add to each AWS resource, up to 50 tags for a resource.

    Tagging is only available through the API, SDKs, and CLI. You can't manage or view tags through the AWS WAF Classic console. You can tag the AWS resources that you manage through AWS WAF Classic: web ACLs, rule groups, and rules.

  • TimeWindow

    This is AWS WAF Classic documentation. For more information, see AWS WAF Classic in the developer guide.

    For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS WAF Developer Guide. With the latest version, AWS WAF has a single set of endpoints for regional and global use.

    In a GetSampledRequests request, the StartTime and EndTime objects specify the time range for which you want AWS WAF to return a sample of web requests.

    You must specify the times in Coordinated Universal Time (UTC) format. UTC format includes the special designator, Z. For example, "2016-09-27T14:50Z".

    In a GetSampledRequests response, the StartTime and EndTime objects specify the time range for which AWS WAF actually returned a sample of web requests. AWS WAF gets the specified number of requests from among the first 5,000 requests that your AWS resource receives during the specified time period. If your resource receives more than 5,000 requests during that period, AWS WAF stops sampling after the 5,000th request. In that case, EndTime is the time that AWS WAF received the 5,000th request.

  • WafAction

    This is AWS WAF Classic documentation. For more information, see AWS WAF Classic in the developer guide.

    For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS WAF Developer Guide. With the latest version, AWS WAF has a single set of endpoints for regional and global use.

    For the action that is associated with a rule in a WebACL, specifies the action that you want AWS WAF to perform when a web request matches all of the conditions in a rule. For the default action in a WebACL, specifies the action that you want AWS WAF to take when a web request doesn't match all of the conditions in any of the rules in a WebACL.

  • WafOverrideAction

    This is AWS WAF Classic documentation. For more information, see AWS WAF Classic in the developer guide.

    For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS WAF Developer Guide. With the latest version, AWS WAF has a single set of endpoints for regional and global use.

    The action to take if any rule within the RuleGroup matches a request.

  • WebAcl

    This is AWS WAF Classic documentation. For more information, see AWS WAF Classic in the developer guide.

    For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS WAF Developer Guide. With the latest version, AWS WAF has a single set of endpoints for regional and global use.

    Contains the Rules that identify the requests that you want to allow, block, or count. In a WebACL, you also specify a default action (ALLOW or BLOCK), and the action for each Rule that you add to a WebACL, for example, block requests from specified IP addresses or block requests from specified referrers. You also associate the WebACL with a CloudFront distribution to identify the requests that you want AWS WAF to filter. If you add more than one Rule to a WebACL, a request needs to match only one of the specifications to be allowed, blocked, or counted. For more information, see UpdateWebACL.

  • WebAclSummary

    This is AWS WAF Classic documentation. For more information, see AWS WAF Classic in the developer guide.

    For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS WAF Developer Guide. With the latest version, AWS WAF has a single set of endpoints for regional and global use.

    Contains the identifier and the name or description of the WebACL.

  • WebAclUpdate

    This is AWS WAF Classic documentation. For more information, see AWS WAF Classic in the developer guide.

    For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS WAF Developer Guide. With the latest version, AWS WAF has a single set of endpoints for regional and global use.

    Specifies whether to insert a Rule into or delete a Rule from a WebACL.

  • XssMatchSet

    This is AWS WAF Classic documentation. For more information, see AWS WAF Classic in the developer guide.

    For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS WAF Developer Guide. With the latest version, AWS WAF has a single set of endpoints for regional and global use.

    A complex type that contains XssMatchTuple objects, which specify the parts of web requests that you want AWS WAF to inspect for cross-site scripting attacks and, if you want AWS WAF to inspect a header, the name of the header. If a XssMatchSet contains more than one XssMatchTuple object, a request needs to include cross-site scripting attacks in only one of the specified parts of the request to be considered a match.

  • XssMatchSetSummary

    This is AWS WAF Classic documentation. For more information, see AWS WAF Classic in the developer guide.

    For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS WAF Developer Guide. With the latest version, AWS WAF has a single set of endpoints for regional and global use.

    The Id and Name of an XssMatchSet.

  • XssMatchSetUpdate

    This is AWS WAF Classic documentation. For more information, see AWS WAF Classic in the developer guide.

    For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS WAF Developer Guide. With the latest version, AWS WAF has a single set of endpoints for regional and global use.

    Specifies the part of a web request that you want to inspect for cross-site scripting attacks and indicates whether you want to add the specification to an XssMatchSet or delete it from an XssMatchSet.

  • XssMatchTuple

    This is AWS WAF Classic documentation. For more information, see AWS WAF Classic in the developer guide.

    For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS WAF Developer Guide. With the latest version, AWS WAF has a single set of endpoints for regional and global use.

    Specifies the part of a web request that you want AWS WAF to inspect for cross-site scripting attacks and, if you want AWS WAF to inspect a header, the name of the header.

Enums§

  • ChangeAction
    When writing a match expression against ChangeAction, it is important to ensure your code is forward-compatible. That is, if a match arm handles a case for a feature that is supported by the service but has not been represented as an enum variant in a current version of SDK, your code should continue to work when you upgrade SDK to a future version in which the enum does include a variant for that feature.
  • ChangeTokenStatus
    When writing a match expression against ChangeTokenStatus, it is important to ensure your code is forward-compatible. That is, if a match arm handles a case for a feature that is supported by the service but has not been represented as an enum variant in a current version of SDK, your code should continue to work when you upgrade SDK to a future version in which the enum does include a variant for that feature.
  • ComparisonOperator
    When writing a match expression against ComparisonOperator, it is important to ensure your code is forward-compatible. That is, if a match arm handles a case for a feature that is supported by the service but has not been represented as an enum variant in a current version of SDK, your code should continue to work when you upgrade SDK to a future version in which the enum does include a variant for that feature.
  • GeoMatchConstraintType
    When writing a match expression against GeoMatchConstraintType, it is important to ensure your code is forward-compatible. That is, if a match arm handles a case for a feature that is supported by the service but has not been represented as an enum variant in a current version of SDK, your code should continue to work when you upgrade SDK to a future version in which the enum does include a variant for that feature.
  • GeoMatchConstraintValue
    When writing a match expression against GeoMatchConstraintValue, it is important to ensure your code is forward-compatible. That is, if a match arm handles a case for a feature that is supported by the service but has not been represented as an enum variant in a current version of SDK, your code should continue to work when you upgrade SDK to a future version in which the enum does include a variant for that feature.
  • IpSetDescriptorType
    When writing a match expression against IpSetDescriptorType, it is important to ensure your code is forward-compatible. That is, if a match arm handles a case for a feature that is supported by the service but has not been represented as an enum variant in a current version of SDK, your code should continue to work when you upgrade SDK to a future version in which the enum does include a variant for that feature.
  • MatchFieldType
    When writing a match expression against MatchFieldType, it is important to ensure your code is forward-compatible. That is, if a match arm handles a case for a feature that is supported by the service but has not been represented as an enum variant in a current version of SDK, your code should continue to work when you upgrade SDK to a future version in which the enum does include a variant for that feature.
  • MigrationErrorType
    When writing a match expression against MigrationErrorType, it is important to ensure your code is forward-compatible. That is, if a match arm handles a case for a feature that is supported by the service but has not been represented as an enum variant in a current version of SDK, your code should continue to work when you upgrade SDK to a future version in which the enum does include a variant for that feature.
  • ParameterExceptionField
    When writing a match expression against ParameterExceptionField, it is important to ensure your code is forward-compatible. That is, if a match arm handles a case for a feature that is supported by the service but has not been represented as an enum variant in a current version of SDK, your code should continue to work when you upgrade SDK to a future version in which the enum does include a variant for that feature.
  • ParameterExceptionReason
    When writing a match expression against ParameterExceptionReason, it is important to ensure your code is forward-compatible. That is, if a match arm handles a case for a feature that is supported by the service but has not been represented as an enum variant in a current version of SDK, your code should continue to work when you upgrade SDK to a future version in which the enum does include a variant for that feature.
  • PositionalConstraint
    When writing a match expression against PositionalConstraint, it is important to ensure your code is forward-compatible. That is, if a match arm handles a case for a feature that is supported by the service but has not been represented as an enum variant in a current version of SDK, your code should continue to work when you upgrade SDK to a future version in which the enum does include a variant for that feature.
  • PredicateType
    When writing a match expression against PredicateType, it is important to ensure your code is forward-compatible. That is, if a match arm handles a case for a feature that is supported by the service but has not been represented as an enum variant in a current version of SDK, your code should continue to work when you upgrade SDK to a future version in which the enum does include a variant for that feature.
  • RateKey
    When writing a match expression against RateKey, it is important to ensure your code is forward-compatible. That is, if a match arm handles a case for a feature that is supported by the service but has not been represented as an enum variant in a current version of SDK, your code should continue to work when you upgrade SDK to a future version in which the enum does include a variant for that feature.
  • TextTransformation
    When writing a match expression against TextTransformation, it is important to ensure your code is forward-compatible. That is, if a match arm handles a case for a feature that is supported by the service but has not been represented as an enum variant in a current version of SDK, your code should continue to work when you upgrade SDK to a future version in which the enum does include a variant for that feature.
  • WafActionType
    When writing a match expression against WafActionType, it is important to ensure your code is forward-compatible. That is, if a match arm handles a case for a feature that is supported by the service but has not been represented as an enum variant in a current version of SDK, your code should continue to work when you upgrade SDK to a future version in which the enum does include a variant for that feature.
  • WafOverrideActionType
    When writing a match expression against WafOverrideActionType, it is important to ensure your code is forward-compatible. That is, if a match arm handles a case for a feature that is supported by the service but has not been represented as an enum variant in a current version of SDK, your code should continue to work when you upgrade SDK to a future version in which the enum does include a variant for that feature.
  • WafRuleType
    When writing a match expression against WafRuleType, it is important to ensure your code is forward-compatible. That is, if a match arm handles a case for a feature that is supported by the service but has not been represented as an enum variant in a current version of SDK, your code should continue to work when you upgrade SDK to a future version in which the enum does include a variant for that feature.