Struct Client

pub struct Client { /* private fields */ }

Client for AWS WAFV2

Client for invoking operations on AWS WAFV2. Each operation on AWS WAFV2 is a method on this this struct. .send() MUST be invoked on the generated operations to dispatch the request to the service.

Constructing a Client

A Config is required to construct a client. For most use cases, the aws-config crate should be used to automatically resolve this config using aws_config::load_from_env(), since this will resolve an SdkConfig which can be shared across multiple different AWS SDK clients. This config resolution process can be customized by calling aws_config::from_env() instead, which returns a ConfigLoader that uses the builder pattern to customize the default config.

In the simplest case, creating a client looks as follows:

let config = aws_config::load_from_env().await;
let client = aws_sdk_wafv2::Client::new(&config);

Occasionally, SDKs may have additional service-specific values that can be set on the Config that is absent from SdkConfig, or slightly different settings for a specific client may be desired. The Builder struct implements From<&SdkConfig>, so setting these specific settings can be done as follows:

let sdk_config = ::aws_config::load_from_env().await;
let config = aws_sdk_wafv2::config::Builder::from(&sdk_config)
    .some_service_specific_setting("value")
    .build();

See the aws-config docs and Config for more information on customizing configuration.

Note: Client construction is expensive due to connection thread pool initialization, and should be done once at application start-up.

Using the Client

A client has a function for every operation that can be performed by the service. For example, the AssociateWebACL operation has a Client::associate_web_acl, function which returns a builder for that operation. The fluent builder ultimately has a send() function that returns an async future that returns a result, as illustrated below:

let result = client.associate_web_acl()
    .web_acl_arn("example")
    .send()
    .await;

The underlying HTTP requests that get made by this can be modified with the customize_operation function on the fluent builder. See the customize module for more information.

Implementations

impl Client

pub fn associate_web_acl(&self) -> AssociateWebACLFluentBuilder

Constructs a fluent builder for the AssociateWebACL operation.

• The fluent builder is configurable:
  • web_acl_arn(impl Into<String>) / set_web_acl_arn(Option<String>):
    required: true
    

    The Amazon Resource Name (ARN) of the web ACL that you want to associate with the resource.

    
    
  • resource_arn(impl Into<String>) / set_resource_arn(Option<String>):
    required: true
    

    The Amazon Resource Name (ARN) of the resource to associate with the web ACL.

    The ARN must be in one of the following formats:

    • For an Application Load Balancer: arn:partition:elasticloadbalancing:region:account-id:loadbalancer/app/load-balancer-name/load-balancer-id

    • For an Amazon API Gateway REST API: arn:partition:apigateway:region::/restapis/api-id/stages/stage-name

    • For an AppSync GraphQL API: arn:partition:appsync:region:account-id:apis/GraphQLApiId

    • For an Amazon Cognito user pool: arn:partition:cognito-idp:region:account-id:userpool/user-pool-id

    • For an App Runner service: arn:partition:apprunner:region:account-id:service/apprunner-service-name/apprunner-service-id

    • For an Amazon Web Services Verified Access instance: arn:partition:ec2:region:account-id:verified-access-instance/instance-id

    
    
• On success, responds with AssociateWebAclOutput
• On failure, responds with SdkError<AssociateWebACLError>

impl Client

pub fn check_capacity(&self) -> CheckCapacityFluentBuilder

Constructs a fluent builder for the CheckCapacity operation.

• The fluent builder is configurable:
  • scope(Scope) / set_scope(Option<Scope>):
    required: true
    

    Specifies whether this is for an Amazon CloudFront distribution or for a regional application. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, an AppSync GraphQL API, an Amazon Cognito user pool, an App Runner service, or an Amazon Web Services Verified Access instance.

    To work with CloudFront, you must also specify the Region US East (N. Virginia) as follows:

    • CLI - Specify the Region when you use the CloudFront scope: –scope=CLOUDFRONT –region=us-east-1.

    • API and SDKs - For all calls, use the Region endpoint us-east-1.

    
    
  • rules(Rule) / set_rules(Option<Vec::<Rule>>):
    required: true
    

    An array of Rule that you’re configuring to use in a rule group or web ACL.

    
    
• On success, responds with CheckCapacityOutput with field(s):
  • capacity(i64):

    The capacity required by the rules and scope.

• On failure, responds with SdkError<CheckCapacityError>

impl Client

pub fn create_api_key(&self) -> CreateAPIKeyFluentBuilder

Constructs a fluent builder for the CreateAPIKey operation.

• The fluent builder is configurable:
  • scope(Scope) / set_scope(Option<Scope>):
    required: true
    

    Specifies whether this is for an Amazon CloudFront distribution or for a regional application. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, an AppSync GraphQL API, an Amazon Cognito user pool, an App Runner service, or an Amazon Web Services Verified Access instance.

    To work with CloudFront, you must also specify the Region US East (N. Virginia) as follows:

    • CLI - Specify the Region when you use the CloudFront scope: –scope=CLOUDFRONT –region=us-east-1.

    • API and SDKs - For all calls, use the Region endpoint us-east-1.

    
    
  • token_domains(impl Into<String>) / set_token_domains(Option<Vec::<String>>):
    required: true
    

    The client application domains that you want to use this API key for.

    Example JSON: “TokenDomains”: [“abc.com”, “store.abc.com”]

    Public suffixes aren’t allowed. For example, you can’t use gov.au or co.uk as token domains.

    
    
• On success, responds with CreateApiKeyOutput with field(s):
  • api_key(Option<String>):

    The generated, encrypted API key. You can copy this for use in your JavaScript CAPTCHA integration.

• On failure, responds with SdkError<CreateAPIKeyError>

impl Client

pub fn create_ip_set(&self) -> CreateIPSetFluentBuilder

Constructs a fluent builder for the CreateIPSet operation.

• The fluent builder is configurable:
  • name(impl Into<String>) / set_name(Option<String>):
    required: true
    

    The name of the IP set. You cannot change the name of an IPSet after you create it.

    
    
  • scope(Scope) / set_scope(Option<Scope>):
    required: true
    

    Specifies whether this is for an Amazon CloudFront distribution or for a regional application. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, an AppSync GraphQL API, an Amazon Cognito user pool, an App Runner service, or an Amazon Web Services Verified Access instance.

    To work with CloudFront, you must also specify the Region US East (N. Virginia) as follows:

    • CLI - Specify the Region when you use the CloudFront scope: –scope=CLOUDFRONT –region=us-east-1.

    • API and SDKs - For all calls, use the Region endpoint us-east-1.

    
    
  • description(impl Into<String>) / set_description(Option<String>):
    required: false
    

    A description of the IP set that helps with identification.

    
    
  • ip_address_version(IpAddressVersion) / set_ip_address_version(Option<IpAddressVersion>):
    required: true
    

    The version of the IP addresses, either IPV4 or IPV6.

    
    
  • addresses(impl Into<String>) / set_addresses(Option<Vec::<String>>):
    required: true
    

    Contains an array of strings that specifies zero or more IP addresses or blocks of IP addresses that you want WAF to inspect for in incoming requests. All addresses must be specified using Classless Inter-Domain Routing (CIDR) notation. WAF supports all IPv4 and IPv6 CIDR ranges except for /0.

    Example address strings:

    • For requests that originated from the IP address 192.0.2.44, specify 192.0.2.44/32.

    • For requests that originated from IP addresses from 192.0.2.0 to 192.0.2.255, specify 192.0.2.0/24.

    • For requests that originated from the IP address 1111:0000:0000:0000:0000:0000:0000:0111, specify 1111:0000:0000:0000:0000:0000:0000:0111/128.

    • For requests that originated from IP addresses 1111:0000:0000:0000:0000:0000:0000:0000 to 1111:0000:0000:0000:ffff:ffff:ffff:ffff, specify 1111:0000:0000:0000:0000:0000:0000:0000/64.

    For more information about CIDR notation, see the Wikipedia entry Classless Inter-Domain Routing.

    Example JSON Addresses specifications:

    • Empty array: “Addresses”: []

    • Array with one address: “Addresses”: [“192.0.2.44/32”]

    • Array with three addresses: “Addresses”: [“192.0.2.44/32”, “192.0.2.0/24”, “192.0.0.0/16”]

    • INVALID specification: “Addresses”: [“”] INVALID

    
    
  • tags(Tag) / set_tags(Option<Vec::<Tag>>):
    required: false
    

    An array of key:value pairs to associate with the resource.

    
    
• On success, responds with CreateIpSetOutput with field(s):
  • summary(Option<IpSetSummary>):

    High-level information about an IPSet, returned by operations like create and list. This provides information like the ID, that you can use to retrieve and manage an IPSet, and the ARN, that you provide to the IPSetReferenceStatement to use the address set in a Rule.

• On failure, responds with SdkError<CreateIPSetError>

impl Client

pub fn create_regex_pattern_set(&self) -> CreateRegexPatternSetFluentBuilder

Constructs a fluent builder for the CreateRegexPatternSet operation.

• The fluent builder is configurable:
  • name(impl Into<String>) / set_name(Option<String>):
    required: true
    

    The name of the set. You cannot change the name after you create the set.

    
    
  • scope(Scope) / set_scope(Option<Scope>):
    required: true
    

    Specifies whether this is for an Amazon CloudFront distribution or for a regional application. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, an AppSync GraphQL API, an Amazon Cognito user pool, an App Runner service, or an Amazon Web Services Verified Access instance.

    To work with CloudFront, you must also specify the Region US East (N. Virginia) as follows:

    • CLI - Specify the Region when you use the CloudFront scope: –scope=CLOUDFRONT –region=us-east-1.

    • API and SDKs - For all calls, use the Region endpoint us-east-1.

    
    
  • description(impl Into<String>) / set_description(Option<String>):
    required: false
    

    A description of the set that helps with identification.

    
    
  • regular_expression_list(Regex) / set_regular_expression_list(Option<Vec::<Regex>>):
    required: true
    

    Array of regular expression strings.

    
    
  • tags(Tag) / set_tags(Option<Vec::<Tag>>):
    required: false
    

    An array of key:value pairs to associate with the resource.

    
    
• On success, responds with CreateRegexPatternSetOutput with field(s):
  • summary(Option<RegexPatternSetSummary>):

    High-level information about a RegexPatternSet, returned by operations like create and list. This provides information like the ID, that you can use to retrieve and manage a RegexPatternSet, and the ARN, that you provide to the RegexPatternSetReferenceStatement to use the pattern set in a Rule.

• On failure, responds with SdkError<CreateRegexPatternSetError>

impl Client

pub fn create_rule_group(&self) -> CreateRuleGroupFluentBuilder

Constructs a fluent builder for the CreateRuleGroup operation.

• The fluent builder is configurable:
  • name(impl Into<String>) / set_name(Option<String>):
    required: true
    

    The name of the rule group. You cannot change the name of a rule group after you create it.

    
    
  • scope(Scope) / set_scope(Option<Scope>):
    required: true
    

    Specifies whether this is for an Amazon CloudFront distribution or for a regional application. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, an AppSync GraphQL API, an Amazon Cognito user pool, an App Runner service, or an Amazon Web Services Verified Access instance.

    To work with CloudFront, you must also specify the Region US East (N. Virginia) as follows:

    • CLI - Specify the Region when you use the CloudFront scope: –scope=CLOUDFRONT –region=us-east-1.

    • API and SDKs - For all calls, use the Region endpoint us-east-1.

    
    
  • capacity(i64) / set_capacity(Option<i64>):
    required: true
    

    The web ACL capacity units (WCUs) required for this rule group.

    When you create your own rule group, you define this, and you cannot change it after creation. When you add or modify the rules in a rule group, WAF enforces this limit. You can check the capacity for a set of rules using CheckCapacity.

    WAF uses WCUs to calculate and control the operating resources that are used to run your rules, rule groups, and web ACLs. WAF calculates capacity differently for each rule type, to reflect the relative cost of each rule. Simple rules that cost little to run use fewer WCUs than more complex rules that use more processing power. Rule group capacity is fixed at creation, which helps users plan their web ACL WCU usage when they use a rule group. For more information, see WAF web ACL capacity units (WCU) in the WAF Developer Guide.

    
    
  • description(impl Into<String>) / set_description(Option<String>):
    required: false
    

    A description of the rule group that helps with identification.

    
    
  • rules(Rule) / set_rules(Option<Vec::<Rule>>):
    required: false
    

    The Rule statements used to identify the web requests that you want to manage. Each rule includes one top-level statement that WAF uses to identify matching web requests, and parameters that govern how WAF handles them.

    
    
  • visibility_config(VisibilityConfig) / set_visibility_config(Option<VisibilityConfig>):
    required: true
    

    Defines and enables Amazon CloudWatch metrics and web request sample collection.

    
    
  • tags(Tag) / set_tags(Option<Vec::<Tag>>):
    required: false
    

    An array of key:value pairs to associate with the resource.

    
    
  • custom_response_bodies(impl Into<String>, CustomResponseBody) / set_custom_response_bodies(Option<HashMap::<String, CustomResponseBody>>):
    required: false
    

    A map of custom response keys and content bodies. When you create a rule with a block action, you can send a custom response to the web request. You define these for the rule group, and then use them in the rules that you define in the rule group.

    For information about customizing web requests and responses, see Customizing web requests and responses in WAF in the WAF Developer Guide.

    For information about the limits on count and size for custom request and response settings, see WAF quotas in the WAF Developer Guide.

    
    
• On success, responds with CreateRuleGroupOutput with field(s):
  • summary(Option<RuleGroupSummary>):

    High-level information about a RuleGroup, returned by operations like create and list. This provides information like the ID, that you can use to retrieve and manage a RuleGroup, and the ARN, that you provide to the RuleGroupReferenceStatement to use the rule group in a Rule.

• On failure, responds with SdkError<CreateRuleGroupError>

impl Client

pub fn create_web_acl(&self) -> CreateWebACLFluentBuilder

Constructs a fluent builder for the CreateWebACL operation.

• The fluent builder is configurable:
  • name(impl Into<String>) / set_name(Option<String>):
    required: true
    

    The name of the web ACL. You cannot change the name of a web ACL after you create it.

    
    
  • scope(Scope) / set_scope(Option<Scope>):
    required: true
    

    Specifies whether this is for an Amazon CloudFront distribution or for a regional application. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, an AppSync GraphQL API, an Amazon Cognito user pool, an App Runner service, or an Amazon Web Services Verified Access instance.

    To work with CloudFront, you must also specify the Region US East (N. Virginia) as follows:

    • CLI - Specify the Region when you use the CloudFront scope: –scope=CLOUDFRONT –region=us-east-1.

    • API and SDKs - For all calls, use the Region endpoint us-east-1.

    
    
  • default_action(DefaultAction) / set_default_action(Option<DefaultAction>):
    required: true
    

    The action to perform if none of the Rules contained in the WebACL match.

    
    
  • description(impl Into<String>) / set_description(Option<String>):
    required: false
    

    A description of the web ACL that helps with identification.

    
    
  • rules(Rule) / set_rules(Option<Vec::<Rule>>):
    required: false
    

    The Rule statements used to identify the web requests that you want to manage. Each rule includes one top-level statement that WAF uses to identify matching web requests, and parameters that govern how WAF handles them.

    
    
  • visibility_config(VisibilityConfig) / set_visibility_config(Option<VisibilityConfig>):
    required: true
    

    Defines and enables Amazon CloudWatch metrics and web request sample collection.

    
    
  • tags(Tag) / set_tags(Option<Vec::<Tag>>):
    required: false
    

    An array of key:value pairs to associate with the resource.

    
    
  • custom_response_bodies(impl Into<String>, CustomResponseBody) / set_custom_response_bodies(Option<HashMap::<String, CustomResponseBody>>):
    required: false
    

    A map of custom response keys and content bodies. When you create a rule with a block action, you can send a custom response to the web request. You define these for the web ACL, and then use them in the rules and default actions that you define in the web ACL.

    For information about customizing web requests and responses, see Customizing web requests and responses in WAF in the WAF Developer Guide.

    For information about the limits on count and size for custom request and response settings, see WAF quotas in the WAF Developer Guide.

    
    
  • captcha_config(CaptchaConfig) / set_captcha_config(Option<CaptchaConfig>):
    required: false
    

    Specifies how WAF should handle CAPTCHA evaluations for rules that don’t have their own CaptchaConfig settings. If you don’t specify this, WAF uses its default settings for CaptchaConfig.

    
    
  • challenge_config(ChallengeConfig) / set_challenge_config(Option<ChallengeConfig>):
    required: false
    

    Specifies how WAF should handle challenge evaluations for rules that don’t have their own ChallengeConfig settings. If you don’t specify this, WAF uses its default settings for ChallengeConfig.

    
    
  • token_domains(impl Into<String>) / set_token_domains(Option<Vec::<String>>):
    required: false
    

    Specifies the domains that WAF should accept in a web request token. This enables the use of tokens across multiple protected websites. When WAF provides a token, it uses the domain of the Amazon Web Services resource that the web ACL is protecting. If you don’t specify a list of token domains, WAF accepts tokens only for the domain of the protected resource. With a token domain list, WAF accepts the resource’s host domain plus all domains in the token domain list, including their prefixed subdomains.

    Example JSON: “TokenDomains”: { “mywebsite.com”, “myotherwebsite.com” }

    Public suffixes aren’t allowed. For example, you can’t use gov.au or co.uk as token domains.

    
    
  • association_config(AssociationConfig) / set_association_config(Option<AssociationConfig>):
    required: false
    

    Specifies custom configurations for the associations between the web ACL and protected resources.

    Use this to customize the maximum size of the request body that your protected resources forward to WAF for inspection. You can customize this setting for CloudFront, API Gateway, Amazon Cognito, App Runner, or Verified Access resources. The default setting is 16 KB (16,384 bytes).

    You are charged additional fees when your protected resources forward body sizes that are larger than the default. For more information, see WAF Pricing.

    For Application Load Balancer and AppSync, the limit is fixed at 8 KB (8,192 bytes).

    
    
• On success, responds with CreateWebAclOutput with field(s):
  • summary(Option<WebAclSummary>):

    High-level information about a WebACL, returned by operations like create and list. This provides information like the ID, that you can use to retrieve and manage a WebACL, and the ARN, that you provide to operations like AssociateWebACL.

• On failure, responds with SdkError<CreateWebACLError>

impl Client

pub fn delete_api_key(&self) -> DeleteAPIKeyFluentBuilder

Constructs a fluent builder for the DeleteAPIKey operation.

• The fluent builder is configurable:
  • scope(Scope) / set_scope(Option<Scope>):
    required: true
    

    Specifies whether this is for an Amazon CloudFront distribution or for a regional application. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, an AppSync GraphQL API, an Amazon Cognito user pool, an App Runner service, or an Amazon Web Services Verified Access instance.

    To work with CloudFront, you must also specify the Region US East (N. Virginia) as follows:

    • CLI - Specify the Region when you use the CloudFront scope: –scope=CLOUDFRONT –region=us-east-1.

    • API and SDKs - For all calls, use the Region endpoint us-east-1.

    
    
  • api_key(impl Into<String>) / set_api_key(Option<String>):
    required: true
    

    The encrypted API key that you want to delete.

    
    
• On success, responds with DeleteApiKeyOutput
• On failure, responds with SdkError<DeleteAPIKeyError>

impl Client

pub fn delete_firewall_manager_rule_groups( &self, ) -> DeleteFirewallManagerRuleGroupsFluentBuilder

Constructs a fluent builder for the DeleteFirewallManagerRuleGroups operation.

• The fluent builder is configurable:
  • web_acl_arn(impl Into<String>) / set_web_acl_arn(Option<String>):
    required: true
    

    The Amazon Resource Name (ARN) of the web ACL.

    
    
  • web_acl_lock_token(impl Into<String>) / set_web_acl_lock_token(Option<String>):
    required: true
    

    A token used for optimistic locking. WAF returns a token to your get and list requests, to mark the state of the entity at the time of the request. To make changes to the entity associated with the token, you provide the token to operations like update and delete. WAF uses the token to ensure that no changes have been made to the entity since you last retrieved it. If a change has been made, the update fails with a WAFOptimisticLockException. If this happens, perform another get, and use the new token returned by that operation.

    
    
• On success, responds with DeleteFirewallManagerRuleGroupsOutput with field(s):
  • next_web_acl_lock_token(Option<String>):

    A token used for optimistic locking. WAF returns a token to your get and list requests, to mark the state of the entity at the time of the request. To make changes to the entity associated with the token, you provide the token to operations like update and delete. WAF uses the token to ensure that no changes have been made to the entity since you last retrieved it. If a change has been made, the update fails with a WAFOptimisticLockException. If this happens, perform another get, and use the new token returned by that operation.

• On failure, responds with SdkError<DeleteFirewallManagerRuleGroupsError>

impl Client

pub fn delete_ip_set(&self) -> DeleteIPSetFluentBuilder

Constructs a fluent builder for the DeleteIPSet operation.

• The fluent builder is configurable:
  • name(impl Into<String>) / set_name(Option<String>):
    required: true
    

    The name of the IP set. You cannot change the name of an IPSet after you create it.

    
    
  • scope(Scope) / set_scope(Option<Scope>):
    required: true
    

    Specifies whether this is for an Amazon CloudFront distribution or for a regional application. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, an AppSync GraphQL API, an Amazon Cognito user pool, an App Runner service, or an Amazon Web Services Verified Access instance.

    To work with CloudFront, you must also specify the Region US East (N. Virginia) as follows:

    • CLI - Specify the Region when you use the CloudFront scope: –scope=CLOUDFRONT –region=us-east-1.

    • API and SDKs - For all calls, use the Region endpoint us-east-1.

    
    
  • id(impl Into<String>) / set_id(Option<String>):
    required: true
    

    A unique identifier for the set. This ID is returned in the responses to create and list commands. You provide it to operations like update and delete.

    
    
  • lock_token(impl Into<String>) / set_lock_token(Option<String>):
    required: true
    

    A token used for optimistic locking. WAF returns a token to your get and list requests, to mark the state of the entity at the time of the request. To make changes to the entity associated with the token, you provide the token to operations like update and delete. WAF uses the token to ensure that no changes have been made to the entity since you last retrieved it. If a change has been made, the update fails with a WAFOptimisticLockException. If this happens, perform another get, and use the new token returned by that operation.

    
    
• On success, responds with DeleteIpSetOutput
• On failure, responds with SdkError<DeleteIPSetError>

impl Client

pub fn delete_logging_configuration( &self, ) -> DeleteLoggingConfigurationFluentBuilder

Constructs a fluent builder for the DeleteLoggingConfiguration operation.

• The fluent builder is configurable:
  • resource_arn(impl Into<String>) / set_resource_arn(Option<String>):
    required: true
    

    The Amazon Resource Name (ARN) of the web ACL from which you want to delete the LoggingConfiguration.

    
    
  • log_type(LogType) / set_log_type(Option<LogType>):
    required: false
    

    Used to distinguish between various logging options. Currently, there is one option.

    Default: WAF_LOGS

    
    
  • log_scope(LogScope) / set_log_scope(Option<LogScope>):
    required: false
    

    The owner of the logging configuration, which must be set to CUSTOMER for the configurations that you manage.

    The log scope SECURITY_LAKE indicates a configuration that is managed through Amazon Security Lake. You can use Security Lake to collect log and event data from various sources for normalization, analysis, and management. For information, see Collecting data from Amazon Web Services services in the Amazon Security Lake user guide.

    Default: CUSTOMER

    
    
• On success, responds with DeleteLoggingConfigurationOutput
• On failure, responds with SdkError<DeleteLoggingConfigurationError>

impl Client

pub fn delete_permission_policy(&self) -> DeletePermissionPolicyFluentBuilder

Constructs a fluent builder for the DeletePermissionPolicy operation.

• The fluent builder is configurable:
  • resource_arn(impl Into<String>) / set_resource_arn(Option<String>):
    required: true
    

    The Amazon Resource Name (ARN) of the rule group from which you want to delete the policy.

    You must be the owner of the rule group to perform this operation.

    
    
• On success, responds with DeletePermissionPolicyOutput
• On failure, responds with SdkError<DeletePermissionPolicyError>

impl Client

pub fn delete_regex_pattern_set(&self) -> DeleteRegexPatternSetFluentBuilder

Constructs a fluent builder for the DeleteRegexPatternSet operation.

• The fluent builder is configurable:
  • name(impl Into<String>) / set_name(Option<String>):
    required: true
    

    The name of the set. You cannot change the name after you create the set.

    
    
  • scope(Scope) / set_scope(Option<Scope>):
    required: true
    

    Specifies whether this is for an Amazon CloudFront distribution or for a regional application. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, an AppSync GraphQL API, an Amazon Cognito user pool, an App Runner service, or an Amazon Web Services Verified Access instance.

    To work with CloudFront, you must also specify the Region US East (N. Virginia) as follows:

    • CLI - Specify the Region when you use the CloudFront scope: –scope=CLOUDFRONT –region=us-east-1.

    • API and SDKs - For all calls, use the Region endpoint us-east-1.

    
    
  • id(impl Into<String>) / set_id(Option<String>):
    required: true
    

    A unique identifier for the set. This ID is returned in the responses to create and list commands. You provide it to operations like update and delete.

    
    
  • lock_token(impl Into<String>) / set_lock_token(Option<String>):
    required: true
    

    A token used for optimistic locking. WAF returns a token to your get and list requests, to mark the state of the entity at the time of the request. To make changes to the entity associated with the token, you provide the token to operations like update and delete. WAF uses the token to ensure that no changes have been made to the entity since you last retrieved it. If a change has been made, the update fails with a WAFOptimisticLockException. If this happens, perform another get, and use the new token returned by that operation.

    
    
• On success, responds with DeleteRegexPatternSetOutput
• On failure, responds with SdkError<DeleteRegexPatternSetError>

impl Client

pub fn delete_rule_group(&self) -> DeleteRuleGroupFluentBuilder

Constructs a fluent builder for the DeleteRuleGroup operation.

• The fluent builder is configurable:
  • name(impl Into<String>) / set_name(Option<String>):
    required: true
    

    The name of the rule group. You cannot change the name of a rule group after you create it.

    
    
  • scope(Scope) / set_scope(Option<Scope>):
    required: true
    

    Specifies whether this is for an Amazon CloudFront distribution or for a regional application. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, an AppSync GraphQL API, an Amazon Cognito user pool, an App Runner service, or an Amazon Web Services Verified Access instance.

    To work with CloudFront, you must also specify the Region US East (N. Virginia) as follows:

    • CLI - Specify the Region when you use the CloudFront scope: –scope=CLOUDFRONT –region=us-east-1.

    • API and SDKs - For all calls, use the Region endpoint us-east-1.

    
    
  • id(impl Into<String>) / set_id(Option<String>):
    required: true
    

    A unique identifier for the rule group. This ID is returned in the responses to create and list commands. You provide it to operations like update and delete.

    
    
  • lock_token(impl Into<String>) / set_lock_token(Option<String>):
    required: true
    

    A token used for optimistic locking. WAF returns a token to your get and list requests, to mark the state of the entity at the time of the request. To make changes to the entity associated with the token, you provide the token to operations like update and delete. WAF uses the token to ensure that no changes have been made to the entity since you last retrieved it. If a change has been made, the update fails with a WAFOptimisticLockException. If this happens, perform another get, and use the new token returned by that operation.

    
    
• On success, responds with DeleteRuleGroupOutput
• On failure, responds with SdkError<DeleteRuleGroupError>

impl Client

pub fn delete_web_acl(&self) -> DeleteWebACLFluentBuilder

Constructs a fluent builder for the DeleteWebACL operation.

• The fluent builder is configurable:
  • name(impl Into<String>) / set_name(Option<String>):
    required: true
    

    The name of the web ACL. You cannot change the name of a web ACL after you create it.

    
    
  • scope(Scope) / set_scope(Option<Scope>):
    required: true
    

    Specifies whether this is for an Amazon CloudFront distribution or for a regional application. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, an AppSync GraphQL API, an Amazon Cognito user pool, an App Runner service, or an Amazon Web Services Verified Access instance.

    To work with CloudFront, you must also specify the Region US East (N. Virginia) as follows:

    • CLI - Specify the Region when you use the CloudFront scope: –scope=CLOUDFRONT –region=us-east-1.

    • API and SDKs - For all calls, use the Region endpoint us-east-1.

    
    
  • id(impl Into<String>) / set_id(Option<String>):
    required: true
    

    The unique identifier for the web ACL. This ID is returned in the responses to create and list commands. You provide it to operations like update and delete.

    
    
  • lock_token(impl Into<String>) / set_lock_token(Option<String>):
    required: true
    

    A token used for optimistic locking. WAF returns a token to your get and list requests, to mark the state of the entity at the time of the request. To make changes to the entity associated with the token, you provide the token to operations like update and delete. WAF uses the token to ensure that no changes have been made to the entity since you last retrieved it. If a change has been made, the update fails with a WAFOptimisticLockException. If this happens, perform another get, and use the new token returned by that operation.

    
    
• On success, responds with DeleteWebAclOutput
• On failure, responds with SdkError<DeleteWebACLError>

impl Client

pub fn describe_all_managed_products( &self, ) -> DescribeAllManagedProductsFluentBuilder

Constructs a fluent builder for the DescribeAllManagedProducts operation.

• The fluent builder is configurable:
  • scope(Scope) / set_scope(Option<Scope>):
    required: true
    

    Specifies whether this is for an Amazon CloudFront distribution or for a regional application. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, an AppSync GraphQL API, an Amazon Cognito user pool, an App Runner service, or an Amazon Web Services Verified Access instance.

    To work with CloudFront, you must also specify the Region US East (N. Virginia) as follows:

    • CLI - Specify the Region when you use the CloudFront scope: –scope=CLOUDFRONT –region=us-east-1.

    • API and SDKs - For all calls, use the Region endpoint us-east-1.

    
    
• On success, responds with DescribeAllManagedProductsOutput with field(s):
  • managed_products(Option<Vec::<ManagedProductDescriptor>>):

    High-level information for the Amazon Web Services Managed Rules rule groups and Amazon Web Services Marketplace managed rule groups.

• On failure, responds with SdkError<DescribeAllManagedProductsError>

impl Client

pub fn describe_managed_products_by_vendor( &self, ) -> DescribeManagedProductsByVendorFluentBuilder

Constructs a fluent builder for the DescribeManagedProductsByVendor operation.

• The fluent builder is configurable:
  • vendor_name(impl Into<String>) / set_vendor_name(Option<String>):
    required: true
    

    The name of the managed rule group vendor. You use this, along with the rule group name, to identify a rule group.

    
    
  • scope(Scope) / set_scope(Option<Scope>):
    required: true
    

    Specifies whether this is for an Amazon CloudFront distribution or for a regional application. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, an AppSync GraphQL API, an Amazon Cognito user pool, an App Runner service, or an Amazon Web Services Verified Access instance.

    To work with CloudFront, you must also specify the Region US East (N. Virginia) as follows:

    • CLI - Specify the Region when you use the CloudFront scope: –scope=CLOUDFRONT –region=us-east-1.

    • API and SDKs - For all calls, use the Region endpoint us-east-1.

    
    
• On success, responds with DescribeManagedProductsByVendorOutput with field(s):
  • managed_products(Option<Vec::<ManagedProductDescriptor>>):

    High-level information for the managed rule groups owned by the specified vendor.

• On failure, responds with SdkError<DescribeManagedProductsByVendorError>

impl Client

pub fn describe_managed_rule_group( &self, ) -> DescribeManagedRuleGroupFluentBuilder

Constructs a fluent builder for the DescribeManagedRuleGroup operation.

• The fluent builder is configurable:
  • vendor_name(impl Into<String>) / set_vendor_name(Option<String>):
    required: true
    

    The name of the managed rule group vendor. You use this, along with the rule group name, to identify a rule group.

    
    
  • name(impl Into<String>) / set_name(Option<String>):
    required: true
    

    The name of the managed rule group. You use this, along with the vendor name, to identify the rule group.

    
    
  • scope(Scope) / set_scope(Option<Scope>):
    required: true
    

    Specifies whether this is for an Amazon CloudFront distribution or for a regional application. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, an AppSync GraphQL API, an Amazon Cognito user pool, an App Runner service, or an Amazon Web Services Verified Access instance.

    To work with CloudFront, you must also specify the Region US East (N. Virginia) as follows:

    • CLI - Specify the Region when you use the CloudFront scope: –scope=CLOUDFRONT –region=us-east-1.

    • API and SDKs - For all calls, use the Region endpoint us-east-1.

    
    
  • version_name(impl Into<String>) / set_version_name(Option<String>):
    required: false
    

    The version of the rule group. You can only use a version that is not scheduled for expiration. If you don’t provide this, WAF uses the vendor’s default version.

    
    
• On success, responds with DescribeManagedRuleGroupOutput with field(s):
  • version_name(Option<String>):

    The managed rule group’s version.

  • sns_topic_arn(Option<String>):

    The Amazon resource name (ARN) of the Amazon Simple Notification Service SNS topic that’s used to provide notification of changes to the managed rule group. You can subscribe to the SNS topic to receive notifications when the managed rule group is modified, such as for new versions and for version expiration. For more information, see the Amazon Simple Notification Service Developer Guide.

  • capacity(Option<i64>):

    The web ACL capacity units (WCUs) required for this rule group.

    WAF uses WCUs to calculate and control the operating resources that are used to run your rules, rule groups, and web ACLs. WAF calculates capacity differently for each rule type, to reflect the relative cost of each rule. Simple rules that cost little to run use fewer WCUs than more complex rules that use more processing power. Rule group capacity is fixed at creation, which helps users plan their web ACL WCU usage when they use a rule group. For more information, see WAF web ACL capacity units (WCU) in the WAF Developer Guide.

  • rules(Option<Vec::<RuleSummary>>):

  • label_namespace(Option<String>):

    The label namespace prefix for this rule group. All labels added by rules in this rule group have this prefix.

    • The syntax for the label namespace prefix for a managed rule group is the following:

      awswaf:managed: : :

    • When a rule with a label matches a web request, WAF adds the fully qualified label to the request. A fully qualified label is made up of the label namespace from the rule group or web ACL where the rule is defined and the label from the rule, separated by a colon:

      :

  • available_labels(Option<Vec::<LabelSummary>>):

    The labels that one or more rules in this rule group add to matching web requests. These labels are defined in the RuleLabels for a Rule.

  • consumed_labels(Option<Vec::<LabelSummary>>):

    The labels that one or more rules in this rule group match against in label match statements. These labels are defined in a LabelMatchStatement specification, in the Statement definition of a rule.

• On failure, responds with SdkError<DescribeManagedRuleGroupError>

impl Client

pub fn disassociate_web_acl(&self) -> DisassociateWebACLFluentBuilder

Constructs a fluent builder for the DisassociateWebACL operation.

• The fluent builder is configurable:
  • resource_arn(impl Into<String>) / set_resource_arn(Option<String>):
    required: true
    

    The Amazon Resource Name (ARN) of the resource to disassociate from the web ACL.

    The ARN must be in one of the following formats:

    • For an Application Load Balancer: arn:partition:elasticloadbalancing:region:account-id:loadbalancer/app/load-balancer-name/load-balancer-id

    • For an Amazon API Gateway REST API: arn:partition:apigateway:region::/restapis/api-id/stages/stage-name

    • For an AppSync GraphQL API: arn:partition:appsync:region:account-id:apis/GraphQLApiId

    • For an Amazon Cognito user pool: arn:partition:cognito-idp:region:account-id:userpool/user-pool-id

    • For an App Runner service: arn:partition:apprunner:region:account-id:service/apprunner-service-name/apprunner-service-id

    • For an Amazon Web Services Verified Access instance: arn:partition:ec2:region:account-id:verified-access-instance/instance-id

    
    
• On success, responds with DisassociateWebAclOutput
• On failure, responds with SdkError<DisassociateWebACLError>

impl Client

pub fn generate_mobile_sdk_release_url( &self, ) -> GenerateMobileSdkReleaseUrlFluentBuilder

Constructs a fluent builder for the GenerateMobileSdkReleaseUrl operation.

• The fluent builder is configurable:
  • platform(Platform) / set_platform(Option<Platform>):
    required: true
    

    The device platform.

    
    
  • release_version(impl Into<String>) / set_release_version(Option<String>):
    required: true
    

    The release version. For the latest available version, specify LATEST.

    
    
• On success, responds with GenerateMobileSdkReleaseUrlOutput with field(s):
  • url(Option<String>):

    The presigned download URL for the specified SDK release.

• On failure, responds with SdkError<GenerateMobileSdkReleaseUrlError>

impl Client

pub fn get_decrypted_api_key(&self) -> GetDecryptedAPIKeyFluentBuilder

Constructs a fluent builder for the GetDecryptedAPIKey operation.

• The fluent builder is configurable:
  • scope(Scope) / set_scope(Option<Scope>):
    required: true
    

    Specifies whether this is for an Amazon CloudFront distribution or for a regional application. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, an AppSync GraphQL API, an Amazon Cognito user pool, an App Runner service, or an Amazon Web Services Verified Access instance.

    To work with CloudFront, you must also specify the Region US East (N. Virginia) as follows:

    • CLI - Specify the Region when you use the CloudFront scope: –scope=CLOUDFRONT –region=us-east-1.

    • API and SDKs - For all calls, use the Region endpoint us-east-1.

    
    
  • api_key(impl Into<String>) / set_api_key(Option<String>):
    required: true
    

    The encrypted API key.

    
    
• On success, responds with GetDecryptedApiKeyOutput with field(s):
  • token_domains(Option<Vec::<String>>):

    The token domains that are defined in this API key.

  • creation_timestamp(Option<DateTime>):

    The date and time that the key was created.

• On failure, responds with SdkError<GetDecryptedAPIKeyError>

impl Client

pub fn get_ip_set(&self) -> GetIPSetFluentBuilder

Constructs a fluent builder for the GetIPSet operation.

• The fluent builder is configurable:
  • name(impl Into<String>) / set_name(Option<String>):
    required: true
    

    The name of the IP set. You cannot change the name of an IPSet after you create it.

    
    
  • scope(Scope) / set_scope(Option<Scope>):
    required: true
    

    Specifies whether this is for an Amazon CloudFront distribution or for a regional application. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, an AppSync GraphQL API, an Amazon Cognito user pool, an App Runner service, or an Amazon Web Services Verified Access instance.

    To work with CloudFront, you must also specify the Region US East (N. Virginia) as follows:

    • CLI - Specify the Region when you use the CloudFront scope: –scope=CLOUDFRONT –region=us-east-1.

    • API and SDKs - For all calls, use the Region endpoint us-east-1.

    
    
  • id(impl Into<String>) / set_id(Option<String>):
    required: true
    

    A unique identifier for the set. This ID is returned in the responses to create and list commands. You provide it to operations like update and delete.

    
    
• On success, responds with GetIpSetOutput with field(s):
  • ip_set(Option<IpSet>):

  • lock_token(Option<String>):

    A token used for optimistic locking. WAF returns a token to your get and list requests, to mark the state of the entity at the time of the request. To make changes to the entity associated with the token, you provide the token to operations like update and delete. WAF uses the token to ensure that no changes have been made to the entity since you last retrieved it. If a change has been made, the update fails with a WAFOptimisticLockException. If this happens, perform another get, and use the new token returned by that operation.

• On failure, responds with SdkError<GetIPSetError>

impl Client

pub fn get_logging_configuration(&self) -> GetLoggingConfigurationFluentBuilder

Constructs a fluent builder for the GetLoggingConfiguration operation.

• The fluent builder is configurable:
  • resource_arn(impl Into<String>) / set_resource_arn(Option<String>):
    required: true
    

    The Amazon Resource Name (ARN) of the web ACL for which you want to get the LoggingConfiguration.

    
    
  • log_type(LogType) / set_log_type(Option<LogType>):
    required: false
    

    Used to distinguish between various logging options. Currently, there is one option.

    Default: WAF_LOGS

    
    
  • log_scope(LogScope) / set_log_scope(Option<LogScope>):
    required: false
    

    The owner of the logging configuration, which must be set to CUSTOMER for the configurations that you manage.

    The log scope SECURITY_LAKE indicates a configuration that is managed through Amazon Security Lake. You can use Security Lake to collect log and event data from various sources for normalization, analysis, and management. For information, see Collecting data from Amazon Web Services services in the Amazon Security Lake user guide.

    Default: CUSTOMER

    
    
• On success, responds with GetLoggingConfigurationOutput with field(s):
  • logging_configuration(Option<LoggingConfiguration>):

    The LoggingConfiguration for the specified web ACL.

• On failure, responds with SdkError<GetLoggingConfigurationError>

impl Client

pub fn get_managed_rule_set(&self) -> GetManagedRuleSetFluentBuilder

Constructs a fluent builder for the GetManagedRuleSet operation.

• The fluent builder is configurable:
  • name(impl Into<String>) / set_name(Option<String>):
    required: true
    

    The name of the managed rule set. You use this, along with the rule set ID, to identify the rule set.

    This name is assigned to the corresponding managed rule group, which your customers can access and use.

    
    
  • scope(Scope) / set_scope(Option<Scope>):
    required: true
    

    Specifies whether this is for an Amazon CloudFront distribution or for a regional application. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, an AppSync GraphQL API, an Amazon Cognito user pool, an App Runner service, or an Amazon Web Services Verified Access instance.

    To work with CloudFront, you must also specify the Region US East (N. Virginia) as follows:

    • CLI - Specify the Region when you use the CloudFront scope: –scope=CLOUDFRONT –region=us-east-1.

    • API and SDKs - For all calls, use the Region endpoint us-east-1.

    
    
  • id(impl Into<String>) / set_id(Option<String>):
    required: true
    

    A unique identifier for the managed rule set. The ID is returned in the responses to commands like list. You provide it to operations like get and update.

    
    
• On success, responds with GetManagedRuleSetOutput with field(s):
  • managed_rule_set(Option<ManagedRuleSet>):

    The managed rule set that you requested.

  • lock_token(Option<String>):

    A token used for optimistic locking. WAF returns a token to your get and list requests, to mark the state of the entity at the time of the request. To make changes to the entity associated with the token, you provide the token to operations like update and delete. WAF uses the token to ensure that no changes have been made to the entity since you last retrieved it. If a change has been made, the update fails with a WAFOptimisticLockException. If this happens, perform another get, and use the new token returned by that operation.

• On failure, responds with SdkError<GetManagedRuleSetError>

impl Client

pub fn get_mobile_sdk_release(&self) -> GetMobileSdkReleaseFluentBuilder

Constructs a fluent builder for the GetMobileSdkRelease operation.

• The fluent builder is configurable:
  • platform(Platform) / set_platform(Option<Platform>):
    required: true
    

    The device platform.

    
    
  • release_version(impl Into<String>) / set_release_version(Option<String>):
    required: true
    

    The release version. For the latest available version, specify LATEST.

    
    
• On success, responds with GetMobileSdkReleaseOutput with field(s):
  • mobile_sdk_release(Option<MobileSdkRelease>):

    Information for a specified SDK release, including release notes and tags.

• On failure, responds with SdkError<GetMobileSdkReleaseError>

impl Client

pub fn get_permission_policy(&self) -> GetPermissionPolicyFluentBuilder

Constructs a fluent builder for the GetPermissionPolicy operation.

• The fluent builder is configurable:
  • resource_arn(impl Into<String>) / set_resource_arn(Option<String>):
    required: true
    

    The Amazon Resource Name (ARN) of the rule group for which you want to get the policy.

    
    
• On success, responds with GetPermissionPolicyOutput with field(s):
  • policy(Option<String>):

    The IAM policy that is attached to the specified rule group.

• On failure, responds with SdkError<GetPermissionPolicyError>

impl Client

pub fn get_rate_based_statement_managed_keys( &self, ) -> GetRateBasedStatementManagedKeysFluentBuilder

Constructs a fluent builder for the GetRateBasedStatementManagedKeys operation.

• The fluent builder is configurable:
  • scope(Scope) / set_scope(Option<Scope>):
    required: true
    

    Specifies whether this is for an Amazon CloudFront distribution or for a regional application. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, an AppSync GraphQL API, an Amazon Cognito user pool, an App Runner service, or an Amazon Web Services Verified Access instance.

    To work with CloudFront, you must also specify the Region US East (N. Virginia) as follows:

    • CLI - Specify the Region when you use the CloudFront scope: –scope=CLOUDFRONT –region=us-east-1.

    • API and SDKs - For all calls, use the Region endpoint us-east-1.

    
    
  • web_acl_name(impl Into<String>) / set_web_acl_name(Option<String>):
    required: true
    

    The name of the web ACL. You cannot change the name of a web ACL after you create it.

    
    
  • web_acl_id(impl Into<String>) / set_web_acl_id(Option<String>):
    required: true
    

    The unique identifier for the web ACL. This ID is returned in the responses to create and list commands. You provide it to operations like update and delete.

    
    
  • rule_group_rule_name(impl Into<String>) / set_rule_group_rule_name(Option<String>):
    required: false
    

    The name of the rule group reference statement in your web ACL. This is required only when you have the rate-based rule nested inside a rule group.

    
    
  • rule_name(impl Into<String>) / set_rule_name(Option<String>):
    required: true
    

    The name of the rate-based rule to get the keys for. If you have the rule defined inside a rule group that you’re using in your web ACL, also provide the name of the rule group reference statement in the request parameter RuleGroupRuleName.

    
    
• On success, responds with GetRateBasedStatementManagedKeysOutput with field(s):
  • managed_keys_ipv4(Option<RateBasedStatementManagedKeysIpSet>):

    The keys that are of Internet Protocol version 4 (IPv4).

  • managed_keys_ipv6(Option<RateBasedStatementManagedKeysIpSet>):

    The keys that are of Internet Protocol version 6 (IPv6).

• On failure, responds with SdkError<GetRateBasedStatementManagedKeysError>

impl Client

pub fn get_regex_pattern_set(&self) -> GetRegexPatternSetFluentBuilder

Constructs a fluent builder for the GetRegexPatternSet operation.

• The fluent builder is configurable:
  • name(impl Into<String>) / set_name(Option<String>):
    required: true
    

    The name of the set. You cannot change the name after you create the set.

    
    
  • scope(Scope) / set_scope(Option<Scope>):
    required: true
    

    Specifies whether this is for an Amazon CloudFront distribution or for a regional application. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, an AppSync GraphQL API, an Amazon Cognito user pool, an App Runner service, or an Amazon Web Services Verified Access instance.

    To work with CloudFront, you must also specify the Region US East (N. Virginia) as follows:

    • CLI - Specify the Region when you use the CloudFront scope: –scope=CLOUDFRONT –region=us-east-1.

    • API and SDKs - For all calls, use the Region endpoint us-east-1.

    
    
  • id(impl Into<String>) / set_id(Option<String>):
    required: true
    

    A unique identifier for the set. This ID is returned in the responses to create and list commands. You provide it to operations like update and delete.

    
    
• On success, responds with GetRegexPatternSetOutput with field(s):
  • regex_pattern_set(Option<RegexPatternSet>):

  • lock_token(Option<String>):

    A token used for optimistic locking. WAF returns a token to your get and list requests, to mark the state of the entity at the time of the request. To make changes to the entity associated with the token, you provide the token to operations like update and delete. WAF uses the token to ensure that no changes have been made to the entity since you last retrieved it. If a change has been made, the update fails with a WAFOptimisticLockException. If this happens, perform another get, and use the new token returned by that operation.

• On failure, responds with SdkError<GetRegexPatternSetError>

impl Client

pub fn get_rule_group(&self) -> GetRuleGroupFluentBuilder

Constructs a fluent builder for the GetRuleGroup operation.

• The fluent builder is configurable:
  • name(impl Into<String>) / set_name(Option<String>):
    required: false
    

    The name of the rule group. You cannot change the name of a rule group after you create it.

    
    
  • scope(Scope) / set_scope(Option<Scope>):
    required: false
    

    Specifies whether this is for an Amazon CloudFront distribution or for a regional application. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, an AppSync GraphQL API, an Amazon Cognito user pool, an App Runner service, or an Amazon Web Services Verified Access instance.

    To work with CloudFront, you must also specify the Region US East (N. Virginia) as follows:

    • CLI - Specify the Region when you use the CloudFront scope: –scope=CLOUDFRONT –region=us-east-1.

    • API and SDKs - For all calls, use the Region endpoint us-east-1.

    
    
  • id(impl Into<String>) / set_id(Option<String>):
    required: false
    

    A unique identifier for the rule group. This ID is returned in the responses to create and list commands. You provide it to operations like update and delete.

    
    
  • arn(impl Into<String>) / set_arn(Option<String>):
    required: false
    

    The Amazon Resource Name (ARN) of the entity.

    
    
• On success, responds with GetRuleGroupOutput with field(s):
  • rule_group(Option<RuleGroup>):

  • lock_token(Option<String>):

    A token used for optimistic locking. WAF returns a token to your get and list requests, to mark the state of the entity at the time of the request. To make changes to the entity associated with the token, you provide the token to operations like update and delete. WAF uses the token to ensure that no changes have been made to the entity since you last retrieved it. If a change has been made, the update fails with a WAFOptimisticLockException. If this happens, perform another get, and use the new token returned by that operation.

• On failure, responds with SdkError<GetRuleGroupError>

impl Client

pub fn get_sampled_requests(&self) -> GetSampledRequestsFluentBuilder

Constructs a fluent builder for the GetSampledRequests operation.

• The fluent builder is configurable:
  • web_acl_arn(impl Into<String>) / set_web_acl_arn(Option<String>):
    required: true
    

    The Amazon resource name (ARN) of the WebACL for which you want a sample of requests.

    
    
  • rule_metric_name(impl Into<String>) / set_rule_metric_name(Option<String>):
    required: true
    

    The metric name assigned to the Rule or RuleGroup dimension for which you want a sample of requests.

    
    
  • scope(Scope) / set_scope(Option<Scope>):
    required: true
    

    Specifies whether this is for an Amazon CloudFront distribution or for a regional application. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, an AppSync GraphQL API, an Amazon Cognito user pool, an App Runner service, or an Amazon Web Services Verified Access instance.

    To work with CloudFront, you must also specify the Region US East (N. Virginia) as follows:

    • CLI - Specify the Region when you use the CloudFront scope: –scope=CLOUDFRONT –region=us-east-1.

    • API and SDKs - For all calls, use the Region endpoint us-east-1.

    
    
  • time_window(TimeWindow) / set_time_window(Option<TimeWindow>):
    required: true
    

    The start date and time and the end date and time of the range for which you want GetSampledRequests to return a sample of requests. You must specify the times in Coordinated Universal Time (UTC) format. UTC format includes the special designator, Z. For example, “2016-09-27T14:50Z”. You can specify any time range in the previous three hours. If you specify a start time that’s earlier than three hours ago, WAF sets it to three hours ago.

    
    
  • max_items(i64) / set_max_items(Option<i64>):
    required: true
    

    The number of requests that you want WAF to return from among the first 5,000 requests that your Amazon Web Services resource received during the time range. If your resource received fewer requests than the value of MaxItems, GetSampledRequests returns information about all of them.

    
    
• On success, responds with GetSampledRequestsOutput with field(s):
  • sampled_requests(Option<Vec::<SampledHttpRequest>>):

    A complex type that contains detailed information about each of the requests in the sample.

  • population_size(i64):

    The total number of requests from which GetSampledRequests got a sample of MaxItems requests. If PopulationSize is less than MaxItems, the sample includes every request that your Amazon Web Services resource received during the specified time range.

  • time_window(Option<TimeWindow>):

    Usually, TimeWindow is the time range that you specified in the GetSampledRequests request. However, if your Amazon Web Services resource received more than 5,000 requests during the time range that you specified in the request, GetSampledRequests returns the time range for the first 5,000 requests. Times are in Coordinated Universal Time (UTC) format.

• On failure, responds with SdkError<GetSampledRequestsError>

impl Client

pub fn get_web_acl(&self) -> GetWebACLFluentBuilder

Constructs a fluent builder for the GetWebACL operation.

• The fluent builder is configurable:
  • name(impl Into<String>) / set_name(Option<String>):
    required: true
    

    The name of the web ACL. You cannot change the name of a web ACL after you create it.

    
    
  • scope(Scope) / set_scope(Option<Scope>):
    required: true
    

    Specifies whether this is for an Amazon CloudFront distribution or for a regional application. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, an AppSync GraphQL API, an Amazon Cognito user pool, an App Runner service, or an Amazon Web Services Verified Access instance.

    To work with CloudFront, you must also specify the Region US East (N. Virginia) as follows:

    • CLI - Specify the Region when you use the CloudFront scope: –scope=CLOUDFRONT –region=us-east-1.

    • API and SDKs - For all calls, use the Region endpoint us-east-1.

    
    
  • id(impl Into<String>) / set_id(Option<String>):
    required: true
    

    The unique identifier for the web ACL. This ID is returned in the responses to create and list commands. You provide it to operations like update and delete.

    
    
• On success, responds with GetWebAclOutput with field(s):
  • web_acl(Option<WebAcl>):

    The web ACL specification. You can modify the settings in this web ACL and use it to update this web ACL or create a new one.

  • lock_token(Option<String>):

    A token used for optimistic locking. WAF returns a token to your get and list requests, to mark the state of the entity at the time of the request. To make changes to the entity associated with the token, you provide the token to operations like update and delete. WAF uses the token to ensure that no changes have been made to the entity since you last retrieved it. If a change has been made, the update fails with a WAFOptimisticLockException. If this happens, perform another get, and use the new token returned by that operation.

  • application_integration_url(Option<String>):

    The URL to use in SDK integrations with Amazon Web Services managed rule groups. For example, you can use the integration SDKs with the account takeover prevention managed rule group AWSManagedRulesATPRuleSet and the account creation fraud prevention managed rule group AWSManagedRulesACFPRuleSet. This is only populated if you are using a rule group in your web ACL that integrates with your applications in this way. For more information, see WAF client application integration in the WAF Developer Guide.

• On failure, responds with SdkError<GetWebACLError>

impl Client

pub fn get_web_acl_for_resource(&self) -> GetWebACLForResourceFluentBuilder

Constructs a fluent builder for the GetWebACLForResource operation.

• The fluent builder is configurable:
  • resource_arn(impl Into<String>) / set_resource_arn(Option<String>):
    required: true
    

    The Amazon Resource Name (ARN) of the resource whose web ACL you want to retrieve.

    The ARN must be in one of the following formats:

    • For an Application Load Balancer: arn:partition:elasticloadbalancing:region:account-id:loadbalancer/app/load-balancer-name/load-balancer-id

    • For an Amazon API Gateway REST API: arn:partition:apigateway:region::/restapis/api-id/stages/stage-name

    • For an AppSync GraphQL API: arn:partition:appsync:region:account-id:apis/GraphQLApiId

    • For an Amazon Cognito user pool: arn:partition:cognito-idp:region:account-id:userpool/user-pool-id

    • For an App Runner service: arn:partition:apprunner:region:account-id:service/apprunner-service-name/apprunner-service-id

    • For an Amazon Web Services Verified Access instance: arn:partition:ec2:region:account-id:verified-access-instance/instance-id

    
    
• On success, responds with GetWebAclForResourceOutput with field(s):
  • web_acl(Option<WebAcl>):

    The web ACL that is associated with the resource. If there is no associated resource, WAF returns a null web ACL.

• On failure, responds with SdkError<GetWebACLForResourceError>

impl Client

pub fn list_api_keys(&self) -> ListAPIKeysFluentBuilder

Constructs a fluent builder for the ListAPIKeys operation.

• The fluent builder is configurable:
  • scope(Scope) / set_scope(Option<Scope>):
    required: true
    

    Specifies whether this is for an Amazon CloudFront distribution or for a regional application. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, an AppSync GraphQL API, an Amazon Cognito user pool, an App Runner service, or an Amazon Web Services Verified Access instance.

    To work with CloudFront, you must also specify the Region US East (N. Virginia) as follows:

    • CLI - Specify the Region when you use the CloudFront scope: –scope=CLOUDFRONT –region=us-east-1.

    • API and SDKs - For all calls, use the Region endpoint us-east-1.

    
    
  • next_marker(impl Into<String>) / set_next_marker(Option<String>):
    required: false
    

    When you request a list of objects with a Limit setting, if the number of objects that are still available for retrieval exceeds the limit, WAF returns a NextMarker value in the response. To retrieve the next batch of objects, provide the marker from the prior call in your next request.

    
    
  • limit(i32) / set_limit(Option<i32>):
    required: false
    

    The maximum number of objects that you want WAF to return for this request. If more objects are available, in the response, WAF provides a NextMarker value that you can use in a subsequent call to get the next batch of objects.

    
    
• On success, responds with ListApiKeysOutput with field(s):
  • next_marker(Option<String>):

    When you request a list of objects with a Limit setting, if the number of objects that are still available for retrieval exceeds the limit, WAF returns a NextMarker value in the response. To retrieve the next batch of objects, provide the marker from the prior call in your next request.

  • api_key_summaries(Option<Vec::<ApiKeySummary>>):

    The array of key summaries. If you specified a Limit in your request, this might not be the full list.

  • application_integration_url(Option<String>):

    The CAPTCHA application integration URL, for use in your JavaScript implementation.

• On failure, responds with SdkError<ListAPIKeysError>

impl Client

pub fn list_available_managed_rule_group_versions( &self, ) -> ListAvailableManagedRuleGroupVersionsFluentBuilder

Constructs a fluent builder for the ListAvailableManagedRuleGroupVersions operation.

• The fluent builder is configurable:
  • vendor_name(impl Into<String>) / set_vendor_name(Option<String>):
    required: true
    

    The name of the managed rule group vendor. You use this, along with the rule group name, to identify a rule group.

    
    
  • name(impl Into<String>) / set_name(Option<String>):
    required: true
    

    The name of the managed rule group. You use this, along with the vendor name, to identify the rule group.

    
    
  • scope(Scope) / set_scope(Option<Scope>):
    required: true
    

    Specifies whether this is for an Amazon CloudFront distribution or for a regional application. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, an AppSync GraphQL API, an Amazon Cognito user pool, an App Runner service, or an Amazon Web Services Verified Access instance.

    To work with CloudFront, you must also specify the Region US East (N. Virginia) as follows:

    • CLI - Specify the Region when you use the CloudFront scope: –scope=CLOUDFRONT –region=us-east-1.

    • API and SDKs - For all calls, use the Region endpoint us-east-1.

    
    
  • next_marker(impl Into<String>) / set_next_marker(Option<String>):
    required: false
    

    When you request a list of objects with a Limit setting, if the number of objects that are still available for retrieval exceeds the limit, WAF returns a NextMarker value in the response. To retrieve the next batch of objects, provide the marker from the prior call in your next request.

    
    
  • limit(i32) / set_limit(Option<i32>):
    required: false
    

    The maximum number of objects that you want WAF to return for this request. If more objects are available, in the response, WAF provides a NextMarker value that you can use in a subsequent call to get the next batch of objects.

    
    
• On success, responds with ListAvailableManagedRuleGroupVersionsOutput with field(s):
  • next_marker(Option<String>):

    When you request a list of objects with a Limit setting, if the number of objects that are still available for retrieval exceeds the limit, WAF returns a NextMarker value in the response. To retrieve the next batch of objects, provide the marker from the prior call in your next request.

  • versions(Option<Vec::<ManagedRuleGroupVersion>>):

    The versions that are currently available for the specified managed rule group. If you specified a Limit in your request, this might not be the full list.

  • current_default_version(Option<String>):

    The name of the version that’s currently set as the default.

• On failure, responds with SdkError<ListAvailableManagedRuleGroupVersionsError>

impl Client

pub fn list_available_managed_rule_groups( &self, ) -> ListAvailableManagedRuleGroupsFluentBuilder

Constructs a fluent builder for the ListAvailableManagedRuleGroups operation.

• The fluent builder is configurable:
  • scope(Scope) / set_scope(Option<Scope>):
    required: true
    

    Specifies whether this is for an Amazon CloudFront distribution or for a regional application. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, an AppSync GraphQL API, an Amazon Cognito user pool, an App Runner service, or an Amazon Web Services Verified Access instance.

    To work with CloudFront, you must also specify the Region US East (N. Virginia) as follows:

    • CLI - Specify the Region when you use the CloudFront scope: –scope=CLOUDFRONT –region=us-east-1.

    • API and SDKs - For all calls, use the Region endpoint us-east-1.

    
    
  • next_marker(impl Into<String>) / set_next_marker(Option<String>):
    required: false
    

    When you request a list of objects with a Limit setting, if the number of objects that are still available for retrieval exceeds the limit, WAF returns a NextMarker value in the response. To retrieve the next batch of objects, provide the marker from the prior call in your next request.

    
    
  • limit(i32) / set_limit(Option<i32>):
    required: false
    

    The maximum number of objects that you want WAF to return for this request. If more objects are available, in the response, WAF provides a NextMarker value that you can use in a subsequent call to get the next batch of objects.

    
    
• On success, responds with ListAvailableManagedRuleGroupsOutput with field(s):
  • next_marker(Option<String>):

    When you request a list of objects with a Limit setting, if the number of objects that are still available for retrieval exceeds the limit, WAF returns a NextMarker value in the response. To retrieve the next batch of objects, provide the marker from the prior call in your next request.

  • managed_rule_groups(Option<Vec::<ManagedRuleGroupSummary>>):

    Array of managed rule groups that you can use. If you specified a Limit in your request, this might not be the full list.

• On failure, responds with SdkError<ListAvailableManagedRuleGroupsError>

impl Client

pub fn list_ip_sets(&self) -> ListIPSetsFluentBuilder

Constructs a fluent builder for the ListIPSets operation.

• The fluent builder is configurable:
  • scope(Scope) / set_scope(Option<Scope>):
    required: true
    

    Specifies whether this is for an Amazon CloudFront distribution or for a regional application. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, an AppSync GraphQL API, an Amazon Cognito user pool, an App Runner service, or an Amazon Web Services Verified Access instance.

    To work with CloudFront, you must also specify the Region US East (N. Virginia) as follows:

    • CLI - Specify the Region when you use the CloudFront scope: –scope=CLOUDFRONT –region=us-east-1.

    • API and SDKs - For all calls, use the Region endpoint us-east-1.

    
    
  • next_marker(impl Into<String>) / set_next_marker(Option<String>):
    required: false
    

    When you request a list of objects with a Limit setting, if the number of objects that are still available for retrieval exceeds the limit, WAF returns a NextMarker value in the response. To retrieve the next batch of objects, provide the marker from the prior call in your next request.

    
    
  • limit(i32) / set_limit(Option<i32>):
    required: false
    

    The maximum number of objects that you want WAF to return for this request. If more objects are available, in the response, WAF provides a NextMarker value that you can use in a subsequent call to get the next batch of objects.

    
    
• On success, responds with ListIpSetsOutput with field(s):
  • next_marker(Option<String>):

    When you request a list of objects with a Limit setting, if the number of objects that are still available for retrieval exceeds the limit, WAF returns a NextMarker value in the response. To retrieve the next batch of objects, provide the marker from the prior call in your next request.

  • ip_sets(Option<Vec::<IpSetSummary>>):

    Array of IPSets. If you specified a Limit in your request, this might not be the full list.

• On failure, responds with SdkError<ListIPSetsError>

impl Client

pub fn list_logging_configurations( &self, ) -> ListLoggingConfigurationsFluentBuilder

Constructs a fluent builder for the ListLoggingConfigurations operation.

• The fluent builder is configurable:
  • scope(Scope) / set_scope(Option<Scope>):
    required: true
    

    Specifies whether this is for an Amazon CloudFront distribution or for a regional application. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, an AppSync GraphQL API, an Amazon Cognito user pool, an App Runner service, or an Amazon Web Services Verified Access instance.

    To work with CloudFront, you must also specify the Region US East (N. Virginia) as follows:

    • CLI - Specify the Region when you use the CloudFront scope: –scope=CLOUDFRONT –region=us-east-1.

    • API and SDKs - For all calls, use the Region endpoint us-east-1.

    
    
  • next_marker(impl Into<String>) / set_next_marker(Option<String>):
    required: false
    

    When you request a list of objects with a Limit setting, if the number of objects that are still available for retrieval exceeds the limit, WAF returns a NextMarker value in the response. To retrieve the next batch of objects, provide the marker from the prior call in your next request.

    
    
  • limit(i32) / set_limit(Option<i32>):
    required: false
    

    The maximum number of objects that you want WAF to return for this request. If more objects are available, in the response, WAF provides a NextMarker value that you can use in a subsequent call to get the next batch of objects.

    
    
  • log_scope(LogScope) / set_log_scope(Option<LogScope>):
    required: false
    

    The owner of the logging configuration, which must be set to CUSTOMER for the configurations that you manage.

    The log scope SECURITY_LAKE indicates a configuration that is managed through Amazon Security Lake. You can use Security Lake to collect log and event data from various sources for normalization, analysis, and management. For information, see Collecting data from Amazon Web Services services in the Amazon Security Lake user guide.

    Default: CUSTOMER

    
    
• On success, responds with ListLoggingConfigurationsOutput with field(s):
  • logging_configurations(Option<Vec::<LoggingConfiguration>>):

    Array of logging configurations. If you specified a Limit in your request, this might not be the full list.

  • next_marker(Option<String>):

    When you request a list of objects with a Limit setting, if the number of objects that are still available for retrieval exceeds the limit, WAF returns a NextMarker value in the response. To retrieve the next batch of objects, provide the marker from the prior call in your next request.

• On failure, responds with SdkError<ListLoggingConfigurationsError>

impl Client

pub fn list_managed_rule_sets(&self) -> ListManagedRuleSetsFluentBuilder

Constructs a fluent builder for the ListManagedRuleSets operation.

• The fluent builder is configurable:
  • scope(Scope) / set_scope(Option<Scope>):
    required: true
    

    Specifies whether this is for an Amazon CloudFront distribution or for a regional application. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, an AppSync GraphQL API, an Amazon Cognito user pool, an App Runner service, or an Amazon Web Services Verified Access instance.

    To work with CloudFront, you must also specify the Region US East (N. Virginia) as follows:

    • CLI - Specify the Region when you use the CloudFront scope: –scope=CLOUDFRONT –region=us-east-1.

    • API and SDKs - For all calls, use the Region endpoint us-east-1.

    
    
  • next_marker(impl Into<String>) / set_next_marker(Option<String>):
    required: false
    

    When you request a list of objects with a Limit setting, if the number of objects that are still available for retrieval exceeds the limit, WAF returns a NextMarker value in the response. To retrieve the next batch of objects, provide the marker from the prior call in your next request.

    
    
  • limit(i32) / set_limit(Option<i32>):
    required: false
    

    The maximum number of objects that you want WAF to return for this request. If more objects are available, in the response, WAF provides a NextMarker value that you can use in a subsequent call to get the next batch of objects.

    
    
• On success, responds with ListManagedRuleSetsOutput with field(s):
  • next_marker(Option<String>):

    When you request a list of objects with a Limit setting, if the number of objects that are still available for retrieval exceeds the limit, WAF returns a NextMarker value in the response. To retrieve the next batch of objects, provide the marker from the prior call in your next request.

  • managed_rule_sets(Option<Vec::<ManagedRuleSetSummary>>):

    Your managed rule sets. If you specified a Limit in your request, this might not be the full list.

• On failure, responds with SdkError<ListManagedRuleSetsError>

impl Client

pub fn list_mobile_sdk_releases(&self) -> ListMobileSdkReleasesFluentBuilder

Constructs a fluent builder for the ListMobileSdkReleases operation.

• The fluent builder is configurable:
  • platform(Platform) / set_platform(Option<Platform>):
    required: true
    

    The device platform to retrieve the list for.

    
    
  • next_marker(impl Into<String>) / set_next_marker(Option<String>):
    required: false
    

    When you request a list of objects with a Limit setting, if the number of objects that are still available for retrieval exceeds the limit, WAF returns a NextMarker value in the response. To retrieve the next batch of objects, provide the marker from the prior call in your next request.

    
    
  • limit(i32) / set_limit(Option<i32>):
    required: false
    

    The maximum number of objects that you want WAF to return for this request. If more objects are available, in the response, WAF provides a NextMarker value that you can use in a subsequent call to get the next batch of objects.

    
    
• On success, responds with ListMobileSdkReleasesOutput with field(s):
  • release_summaries(Option<Vec::<ReleaseSummary>>):

    The high level information for the available SDK releases. If you specified a Limit in your request, this might not be the full list.

  • next_marker(Option<String>):

    When you request a list of objects with a Limit setting, if the number of objects that are still available for retrieval exceeds the limit, WAF returns a NextMarker value in the response. To retrieve the next batch of objects, provide the marker from the prior call in your next request.

• On failure, responds with SdkError<ListMobileSdkReleasesError>

impl Client

pub fn list_regex_pattern_sets(&self) -> ListRegexPatternSetsFluentBuilder

Constructs a fluent builder for the ListRegexPatternSets operation.

• The fluent builder is configurable:
  • scope(Scope) / set_scope(Option<Scope>):
    required: true
    

    Specifies whether this is for an Amazon CloudFront distribution or for a regional application. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, an AppSync GraphQL API, an Amazon Cognito user pool, an App Runner service, or an Amazon Web Services Verified Access instance.

    To work with CloudFront, you must also specify the Region US East (N. Virginia) as follows:

    • CLI - Specify the Region when you use the CloudFront scope: –scope=CLOUDFRONT –region=us-east-1.

    • API and SDKs - For all calls, use the Region endpoint us-east-1.

    
    
  • next_marker(impl Into<String>) / set_next_marker(Option<String>):
    required: false
    

    When you request a list of objects with a Limit setting, if the number of objects that are still available for retrieval exceeds the limit, WAF returns a NextMarker value in the response. To retrieve the next batch of objects, provide the marker from the prior call in your next request.

    
    
  • limit(i32) / set_limit(Option<i32>):
    required: false
    

    The maximum number of objects that you want WAF to return for this request. If more objects are available, in the response, WAF provides a NextMarker value that you can use in a subsequent call to get the next batch of objects.

    
    
• On success, responds with ListRegexPatternSetsOutput with field(s):
  • next_marker(Option<String>):

    When you request a list of objects with a Limit setting, if the number of objects that are still available for retrieval exceeds the limit, WAF returns a NextMarker value in the response. To retrieve the next batch of objects, provide the marker from the prior call in your next request.

  • regex_pattern_sets(Option<Vec::<RegexPatternSetSummary>>):

    Array of regex pattern sets. If you specified a Limit in your request, this might not be the full list.

• On failure, responds with SdkError<ListRegexPatternSetsError>

impl Client

pub fn list_resources_for_web_acl(&self) -> ListResourcesForWebACLFluentBuilder

Constructs a fluent builder for the ListResourcesForWebACL operation.

• The fluent builder is configurable:
  • web_acl_arn(impl Into<String>) / set_web_acl_arn(Option<String>):
    required: true
    

    The Amazon Resource Name (ARN) of the web ACL.

    
    
  • resource_type(ResourceType) / set_resource_type(Option<ResourceType>):
    required: false
    

    Used for web ACLs that are scoped for regional applications. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, an AppSync GraphQL API, an Amazon Cognito user pool, an App Runner service, or an Amazon Web Services Verified Access instance.

    If you don’t provide a resource type, the call uses the resource type APPLICATION_LOAD_BALANCER.

    Default: APPLICATION_LOAD_BALANCER

    
    
• On success, responds with ListResourcesForWebAclOutput with field(s):
  • resource_arns(Option<Vec::<String>>):

    The array of Amazon Resource Names (ARNs) of the associated resources.

• On failure, responds with SdkError<ListResourcesForWebACLError>

impl Client

pub fn list_rule_groups(&self) -> ListRuleGroupsFluentBuilder

Constructs a fluent builder for the ListRuleGroups operation.

• The fluent builder is configurable:
  • scope(Scope) / set_scope(Option<Scope>):
    required: true
    

    Specifies whether this is for an Amazon CloudFront distribution or for a regional application. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, an AppSync GraphQL API, an Amazon Cognito user pool, an App Runner service, or an Amazon Web Services Verified Access instance.

    To work with CloudFront, you must also specify the Region US East (N. Virginia) as follows:

    • CLI - Specify the Region when you use the CloudFront scope: –scope=CLOUDFRONT –region=us-east-1.

    • API and SDKs - For all calls, use the Region endpoint us-east-1.

    
    
  • next_marker(impl Into<String>) / set_next_marker(Option<String>):
    required: false
    

    When you request a list of objects with a Limit setting, if the number of objects that are still available for retrieval exceeds the limit, WAF returns a NextMarker value in the response. To retrieve the next batch of objects, provide the marker from the prior call in your next request.

    
    
  • limit(i32) / set_limit(Option<i32>):
    required: false
    

    The maximum number of objects that you want WAF to return for this request. If more objects are available, in the response, WAF provides a NextMarker value that you can use in a subsequent call to get the next batch of objects.

    
    
• On success, responds with ListRuleGroupsOutput with field(s):
  • next_marker(Option<String>):

    When you request a list of objects with a Limit setting, if the number of objects that are still available for retrieval exceeds the limit, WAF returns a NextMarker value in the response. To retrieve the next batch of objects, provide the marker from the prior call in your next request.

  • rule_groups(Option<Vec::<RuleGroupSummary>>):

    Array of rule groups. If you specified a Limit in your request, this might not be the full list.

• On failure, responds with SdkError<ListRuleGroupsError>

impl Client

pub fn list_tags_for_resource(&self) -> ListTagsForResourceFluentBuilder

Constructs a fluent builder for the ListTagsForResource operation.

• The fluent builder is configurable:
  • next_marker(impl Into<String>) / set_next_marker(Option<String>):
    required: false
    

    When you request a list of objects with a Limit setting, if the number of objects that are still available for retrieval exceeds the limit, WAF returns a NextMarker value in the response. To retrieve the next batch of objects, provide the marker from the prior call in your next request.

    
    
  • limit(i32) / set_limit(Option<i32>):
    required: false
    

    The maximum number of objects that you want WAF to return for this request. If more objects are available, in the response, WAF provides a NextMarker value that you can use in a subsequent call to get the next batch of objects.

    
    
  • resource_arn(impl Into<String>) / set_resource_arn(Option<String>):
    required: true
    

    The Amazon Resource Name (ARN) of the resource.

    
    
• On success, responds with ListTagsForResourceOutput with field(s):
  • next_marker(Option<String>):

    When you request a list of objects with a Limit setting, if the number of objects that are still available for retrieval exceeds the limit, WAF returns a NextMarker value in the response. To retrieve the next batch of objects, provide the marker from the prior call in your next request.

  • tag_info_for_resource(Option<TagInfoForResource>):

    The collection of tagging definitions for the resource. If you specified a Limit in your request, this might not be the full list.

• On failure, responds with SdkError<ListTagsForResourceError>

impl Client

pub fn list_web_acls(&self) -> ListWebACLsFluentBuilder

Constructs a fluent builder for the ListWebACLs operation.

• The fluent builder is configurable:
  • scope(Scope) / set_scope(Option<Scope>):
    required: true
    

    Specifies whether this is for an Amazon CloudFront distribution or for a regional application. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, an AppSync GraphQL API, an Amazon Cognito user pool, an App Runner service, or an Amazon Web Services Verified Access instance.

    To work with CloudFront, you must also specify the Region US East (N. Virginia) as follows:

    • CLI - Specify the Region when you use the CloudFront scope: –scope=CLOUDFRONT –region=us-east-1.

    • API and SDKs - For all calls, use the Region endpoint us-east-1.

    
    
  • next_marker(impl Into<String>) / set_next_marker(Option<String>):
    required: false
    

    When you request a list of objects with a Limit setting, if the number of objects that are still available for retrieval exceeds the limit, WAF returns a NextMarker value in the response. To retrieve the next batch of objects, provide the marker from the prior call in your next request.

    
    
  • limit(i32) / set_limit(Option<i32>):
    required: false
    

    The maximum number of objects that you want WAF to return for this request. If more objects are available, in the response, WAF provides a NextMarker value that you can use in a subsequent call to get the next batch of objects.

    
    
• On success, responds with ListWebAcLsOutput with field(s):
  • next_marker(Option<String>):

    When you request a list of objects with a Limit setting, if the number of objects that are still available for retrieval exceeds the limit, WAF returns a NextMarker value in the response. To retrieve the next batch of objects, provide the marker from the prior call in your next request.

  • web_acls(Option<Vec::<WebAclSummary>>):

    Array of web ACLs. If you specified a Limit in your request, this might not be the full list.

• On failure, responds with SdkError<ListWebACLsError>

impl Client

pub fn put_logging_configuration(&self) -> PutLoggingConfigurationFluentBuilder

Constructs a fluent builder for the PutLoggingConfiguration operation.

• The fluent builder is configurable:
  • logging_configuration(LoggingConfiguration) / set_logging_configuration(Option<LoggingConfiguration>):
    required: true
    
    
    
• On success, responds with PutLoggingConfigurationOutput with field(s):
  • logging_configuration(Option<LoggingConfiguration>):

• On failure, responds with SdkError<PutLoggingConfigurationError>

impl Client

pub fn put_managed_rule_set_versions( &self, ) -> PutManagedRuleSetVersionsFluentBuilder

Constructs a fluent builder for the PutManagedRuleSetVersions operation.

• The fluent builder is configurable:
  • name(impl Into<String>) / set_name(Option<String>):
    required: true
    

    The name of the managed rule set. You use this, along with the rule set ID, to identify the rule set.

    This name is assigned to the corresponding managed rule group, which your customers can access and use.

    
    
  • scope(Scope) / set_scope(Option<Scope>):
    required: true
    

    Specifies whether this is for an Amazon CloudFront distribution or for a regional application. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, an AppSync GraphQL API, an Amazon Cognito user pool, an App Runner service, or an Amazon Web Services Verified Access instance.

    To work with CloudFront, you must also specify the Region US East (N. Virginia) as follows:

    • CLI - Specify the Region when you use the CloudFront scope: –scope=CLOUDFRONT –region=us-east-1.

    • API and SDKs - For all calls, use the Region endpoint us-east-1.

    
    
  • id(impl Into<String>) / set_id(Option<String>):
    required: true
    

    A unique identifier for the managed rule set. The ID is returned in the responses to commands like list. You provide it to operations like get and update.

    
    
  • lock_token(impl Into<String>) / set_lock_token(Option<String>):
    required: true
    

    A token used for optimistic locking. WAF returns a token to your get and list requests, to mark the state of the entity at the time of the request. To make changes to the entity associated with the token, you provide the token to operations like update and delete. WAF uses the token to ensure that no changes have been made to the entity since you last retrieved it. If a change has been made, the update fails with a WAFOptimisticLockException. If this happens, perform another get, and use the new token returned by that operation.

    
    
  • recommended_version(impl Into<String>) / set_recommended_version(Option<String>):
    required: false
    

    The version of the named managed rule group that you’d like your customers to choose, from among your version offerings.

    
    
  • versions_to_publish(impl Into<String>, VersionToPublish) / set_versions_to_publish(Option<HashMap::<String, VersionToPublish>>):
    required: false
    

    The versions of the named managed rule group that you want to offer to your customers.

    
    
• On success, responds with PutManagedRuleSetVersionsOutput with field(s):
  • next_lock_token(Option<String>):

    A token used for optimistic locking. WAF returns a token to your get and list requests, to mark the state of the entity at the time of the request. To make changes to the entity associated with the token, you provide the token to operations like update and delete. WAF uses the token to ensure that no changes have been made to the entity since you last retrieved it. If a change has been made, the update fails with a WAFOptimisticLockException. If this happens, perform another get, and use the new token returned by that operation.

• On failure, responds with SdkError<PutManagedRuleSetVersionsError>

impl Client

pub fn put_permission_policy(&self) -> PutPermissionPolicyFluentBuilder

Constructs a fluent builder for the PutPermissionPolicy operation.

• The fluent builder is configurable:
  • resource_arn(impl Into<String>) / set_resource_arn(Option<String>):
    required: true
    

    The Amazon Resource Name (ARN) of the RuleGroup to which you want to attach the policy.

    
    
  • policy(impl Into<String>) / set_policy(Option<String>):
    required: true
    

    The policy to attach to the specified rule group.

    The policy specifications must conform to the following:

    • The policy must be composed using IAM Policy version 2012-10-17.

    • The policy must include specifications for Effect, Action, and Principal.

    • Effect must specify Allow.

    • Action must specify wafv2:CreateWebACL, wafv2:UpdateWebACL, and wafv2:PutFirewallManagerRuleGroups and may optionally specify wafv2:GetRuleGroup. WAF rejects any extra actions or wildcard actions in the policy.

    • The policy must not include a Resource parameter.

    For more information, see IAM Policies.

    
    
• On success, responds with PutPermissionPolicyOutput
• On failure, responds with SdkError<PutPermissionPolicyError>

impl Client

pub fn tag_resource(&self) -> TagResourceFluentBuilder

Constructs a fluent builder for the TagResource operation.

• The fluent builder is configurable:
  • resource_arn(impl Into<String>) / set_resource_arn(Option<String>):
    required: true
    

    The Amazon Resource Name (ARN) of the resource.

    
    
  • tags(Tag) / set_tags(Option<Vec::<Tag>>):
    required: true
    

    An array of key:value pairs to associate with the resource.

    
    
• On success, responds with TagResourceOutput
• On failure, responds with SdkError<TagResourceError>

impl Client

pub fn untag_resource(&self) -> UntagResourceFluentBuilder

Constructs a fluent builder for the UntagResource operation.

• The fluent builder is configurable:
  • resource_arn(impl Into<String>) / set_resource_arn(Option<String>):
    required: true
    

    The Amazon Resource Name (ARN) of the resource.

    
    
  • tag_keys(impl Into<String>) / set_tag_keys(Option<Vec::<String>>):
    required: true
    

    An array of keys identifying the tags to disassociate from the resource.

    
    
• On success, responds with UntagResourceOutput
• On failure, responds with SdkError<UntagResourceError>

impl Client

pub fn update_ip_set(&self) -> UpdateIPSetFluentBuilder

Constructs a fluent builder for the UpdateIPSet operation.

• The fluent builder is configurable:
  • name(impl Into<String>) / set_name(Option<String>):
    required: true
    

    The name of the IP set. You cannot change the name of an IPSet after you create it.

    
    
  • scope(Scope) / set_scope(Option<Scope>):
    required: true
    

    Specifies whether this is for an Amazon CloudFront distribution or for a regional application. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, an AppSync GraphQL API, an Amazon Cognito user pool, an App Runner service, or an Amazon Web Services Verified Access instance.

    To work with CloudFront, you must also specify the Region US East (N. Virginia) as follows:

    • CLI - Specify the Region when you use the CloudFront scope: –scope=CLOUDFRONT –region=us-east-1.

    • API and SDKs - For all calls, use the Region endpoint us-east-1.

    
    
  • id(impl Into<String>) / set_id(Option<String>):
    required: true
    

    A unique identifier for the set. This ID is returned in the responses to create and list commands. You provide it to operations like update and delete.

    
    
  • description(impl Into<String>) / set_description(Option<String>):
    required: false
    

    A description of the IP set that helps with identification.

    
    
  • addresses(impl Into<String>) / set_addresses(Option<Vec::<String>>):
    required: true
    

    Contains an array of strings that specifies zero or more IP addresses or blocks of IP addresses that you want WAF to inspect for in incoming requests. All addresses must be specified using Classless Inter-Domain Routing (CIDR) notation. WAF supports all IPv4 and IPv6 CIDR ranges except for /0.

    Example address strings:

    • For requests that originated from the IP address 192.0.2.44, specify 192.0.2.44/32.

    • For requests that originated from IP addresses from 192.0.2.0 to 192.0.2.255, specify 192.0.2.0/24.

    • For requests that originated from the IP address 1111:0000:0000:0000:0000:0000:0000:0111, specify 1111:0000:0000:0000:0000:0000:0000:0111/128.

    • For requests that originated from IP addresses 1111:0000:0000:0000:0000:0000:0000:0000 to 1111:0000:0000:0000:ffff:ffff:ffff:ffff, specify 1111:0000:0000:0000:0000:0000:0000:0000/64.

    For more information about CIDR notation, see the Wikipedia entry Classless Inter-Domain Routing.

    Example JSON Addresses specifications:

    • Empty array: “Addresses”: []

    • Array with one address: “Addresses”: [“192.0.2.44/32”]

    • Array with three addresses: “Addresses”: [“192.0.2.44/32”, “192.0.2.0/24”, “192.0.0.0/16”]

    • INVALID specification: “Addresses”: [“”] INVALID

    
    
  • lock_token(impl Into<String>) / set_lock_token(Option<String>):
    required: true
    

    A token used for optimistic locking. WAF returns a token to your get and list requests, to mark the state of the entity at the time of the request. To make changes to the entity associated with the token, you provide the token to operations like update and delete. WAF uses the token to ensure that no changes have been made to the entity since you last retrieved it. If a change has been made, the update fails with a WAFOptimisticLockException. If this happens, perform another get, and use the new token returned by that operation.

    
    
• On success, responds with UpdateIpSetOutput with field(s):
  • next_lock_token(Option<String>):

    A token used for optimistic locking. WAF returns this token to your update requests. You use NextLockToken in the same manner as you use LockToken.

• On failure, responds with SdkError<UpdateIPSetError>

impl Client

pub fn update_managed_rule_set_version_expiry_date( &self, ) -> UpdateManagedRuleSetVersionExpiryDateFluentBuilder

Constructs a fluent builder for the UpdateManagedRuleSetVersionExpiryDate operation.

• The fluent builder is configurable:
  • name(impl Into<String>) / set_name(Option<String>):
    required: true
    

    The name of the managed rule set. You use this, along with the rule set ID, to identify the rule set.

    This name is assigned to the corresponding managed rule group, which your customers can access and use.

    
    
  • scope(Scope) / set_scope(Option<Scope>):
    required: true
    

    Specifies whether this is for an Amazon CloudFront distribution or for a regional application. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, an AppSync GraphQL API, an Amazon Cognito user pool, an App Runner service, or an Amazon Web Services Verified Access instance.

    To work with CloudFront, you must also specify the Region US East (N. Virginia) as follows:

    • CLI - Specify the Region when you use the CloudFront scope: –scope=CLOUDFRONT –region=us-east-1.

    • API and SDKs - For all calls, use the Region endpoint us-east-1.

    
    
  • id(impl Into<String>) / set_id(Option<String>):
    required: true
    

    A unique identifier for the managed rule set. The ID is returned in the responses to commands like list. You provide it to operations like get and update.

    
    
  • lock_token(impl Into<String>) / set_lock_token(Option<String>):
    required: true
    

    A token used for optimistic locking. WAF returns a token to your get and list requests, to mark the state of the entity at the time of the request. To make changes to the entity associated with the token, you provide the token to operations like update and delete. WAF uses the token to ensure that no changes have been made to the entity since you last retrieved it. If a change has been made, the update fails with a WAFOptimisticLockException. If this happens, perform another get, and use the new token returned by that operation.

    
    
  • version_to_expire(impl Into<String>) / set_version_to_expire(Option<String>):
    required: true
    

    The version that you want to remove from your list of offerings for the named managed rule group.

    
    
  • expiry_timestamp(DateTime) / set_expiry_timestamp(Option<DateTime>):
    required: true
    

    The time that you want the version to expire.

    Times are in Coordinated Universal Time (UTC) format. UTC format includes the special designator, Z. For example, “2016-09-27T14:50Z”.

    
    
• On success, responds with UpdateManagedRuleSetVersionExpiryDateOutput with field(s):
  • expiring_version(Option<String>):

    The version that is set to expire.

  • expiry_timestamp(Option<DateTime>):

    The time that the version will expire.

    Times are in Coordinated Universal Time (UTC) format. UTC format includes the special designator, Z. For example, “2016-09-27T14:50Z”.

  • next_lock_token(Option<String>):

    A token used for optimistic locking. WAF returns a token to your get and list requests, to mark the state of the entity at the time of the request. To make changes to the entity associated with the token, you provide the token to operations like update and delete. WAF uses the token to ensure that no changes have been made to the entity since you last retrieved it. If a change has been made, the update fails with a WAFOptimisticLockException. If this happens, perform another get, and use the new token returned by that operation.

• On failure, responds with SdkError<UpdateManagedRuleSetVersionExpiryDateError>

impl Client

pub fn update_regex_pattern_set(&self) -> UpdateRegexPatternSetFluentBuilder

Constructs a fluent builder for the UpdateRegexPatternSet operation.

• The fluent builder is configurable:
  • name(impl Into<String>) / set_name(Option<String>):
    required: true
    

    The name of the set. You cannot change the name after you create the set.

    
    
  • scope(Scope) / set_scope(Option<Scope>):
    required: true
    

    Specifies whether this is for an Amazon CloudFront distribution or for a regional application. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, an AppSync GraphQL API, an Amazon Cognito user pool, an App Runner service, or an Amazon Web Services Verified Access instance.

    To work with CloudFront, you must also specify the Region US East (N. Virginia) as follows:

    • CLI - Specify the Region when you use the CloudFront scope: –scope=CLOUDFRONT –region=us-east-1.

    • API and SDKs - For all calls, use the Region endpoint us-east-1.

    
    
  • id(impl Into<String>) / set_id(Option<String>):
    required: true
    

    A unique identifier for the set. This ID is returned in the responses to create and list commands. You provide it to operations like update and delete.

    
    
  • description(impl Into<String>) / set_description(Option<String>):
    required: false
    

    A description of the set that helps with identification.

    
    
  • regular_expression_list(Regex) / set_regular_expression_list(Option<Vec::<Regex>>):
    required: true
    
    
    
  • lock_token(impl Into<String>) / set_lock_token(Option<String>):
    required: true
    

    A token used for optimistic locking. WAF returns a token to your get and list requests, to mark the state of the entity at the time of the request. To make changes to the entity associated with the token, you provide the token to operations like update and delete. WAF uses the token to ensure that no changes have been made to the entity since you last retrieved it. If a change has been made, the update fails with a WAFOptimisticLockException. If this happens, perform another get, and use the new token returned by that operation.

    
    
• On success, responds with UpdateRegexPatternSetOutput with field(s):
  • next_lock_token(Option<String>):

    A token used for optimistic locking. WAF returns this token to your update requests. You use NextLockToken in the same manner as you use LockToken.

• On failure, responds with SdkError<UpdateRegexPatternSetError>

impl Client

pub fn update_rule_group(&self) -> UpdateRuleGroupFluentBuilder

Constructs a fluent builder for the UpdateRuleGroup operation.

• The fluent builder is configurable:
  • name(impl Into<String>) / set_name(Option<String>):
    required: true
    

    The name of the rule group. You cannot change the name of a rule group after you create it.

    
    
  • scope(Scope) / set_scope(Option<Scope>):
    required: true
    

    Specifies whether this is for an Amazon CloudFront distribution or for a regional application. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, an AppSync GraphQL API, an Amazon Cognito user pool, an App Runner service, or an Amazon Web Services Verified Access instance.

    To work with CloudFront, you must also specify the Region US East (N. Virginia) as follows:

    • CLI - Specify the Region when you use the CloudFront scope: –scope=CLOUDFRONT –region=us-east-1.

    • API and SDKs - For all calls, use the Region endpoint us-east-1.

    
    
  • id(impl Into<String>) / set_id(Option<String>):
    required: true
    

    A unique identifier for the rule group. This ID is returned in the responses to create and list commands. You provide it to operations like update and delete.

    
    
  • description(impl Into<String>) / set_description(Option<String>):
    required: false
    

    A description of the rule group that helps with identification.

    
    
  • rules(Rule) / set_rules(Option<Vec::<Rule>>):
    required: false
    

    The Rule statements used to identify the web requests that you want to manage. Each rule includes one top-level statement that WAF uses to identify matching web requests, and parameters that govern how WAF handles them.

    
    
  • visibility_config(VisibilityConfig) / set_visibility_config(Option<VisibilityConfig>):
    required: true
    

    Defines and enables Amazon CloudWatch metrics and web request sample collection.

    
    
  • lock_token(impl Into<String>) / set_lock_token(Option<String>):
    required: true
    

    A token used for optimistic locking. WAF returns a token to your get and list requests, to mark the state of the entity at the time of the request. To make changes to the entity associated with the token, you provide the token to operations like update and delete. WAF uses the token to ensure that no changes have been made to the entity since you last retrieved it. If a change has been made, the update fails with a WAFOptimisticLockException. If this happens, perform another get, and use the new token returned by that operation.

    
    
  • custom_response_bodies(impl Into<String>, CustomResponseBody) / set_custom_response_bodies(Option<HashMap::<String, CustomResponseBody>>):
    required: false
    

    A map of custom response keys and content bodies. When you create a rule with a block action, you can send a custom response to the web request. You define these for the rule group, and then use them in the rules that you define in the rule group.

    For information about customizing web requests and responses, see Customizing web requests and responses in WAF in the WAF Developer Guide.

    For information about the limits on count and size for custom request and response settings, see WAF quotas in the WAF Developer Guide.

    
    
• On success, responds with UpdateRuleGroupOutput with field(s):
  • next_lock_token(Option<String>):

    A token used for optimistic locking. WAF returns this token to your update requests. You use NextLockToken in the same manner as you use LockToken.

• On failure, responds with SdkError<UpdateRuleGroupError>

impl Client

pub fn update_web_acl(&self) -> UpdateWebACLFluentBuilder

Constructs a fluent builder for the UpdateWebACL operation.

• The fluent builder is configurable:
  • name(impl Into<String>) / set_name(Option<String>):
    required: true
    

    The name of the web ACL. You cannot change the name of a web ACL after you create it.

    
    
  • scope(Scope) / set_scope(Option<Scope>):
    required: true
    

    Specifies whether this is for an Amazon CloudFront distribution or for a regional application. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, an AppSync GraphQL API, an Amazon Cognito user pool, an App Runner service, or an Amazon Web Services Verified Access instance.

    To work with CloudFront, you must also specify the Region US East (N. Virginia) as follows:

    • CLI - Specify the Region when you use the CloudFront scope: –scope=CLOUDFRONT –region=us-east-1.

    • API and SDKs - For all calls, use the Region endpoint us-east-1.

    
    
  • id(impl Into<String>) / set_id(Option<String>):
    required: true
    

    The unique identifier for the web ACL. This ID is returned in the responses to create and list commands. You provide it to operations like update and delete.

    
    
  • default_action(DefaultAction) / set_default_action(Option<DefaultAction>):
    required: true
    

    The action to perform if none of the Rules contained in the WebACL match.

    
    
  • description(impl Into<String>) / set_description(Option<String>):
    required: false
    

    A description of the web ACL that helps with identification.

    
    
  • rules(Rule) / set_rules(Option<Vec::<Rule>>):
    required: false
    

    The Rule statements used to identify the web requests that you want to manage. Each rule includes one top-level statement that WAF uses to identify matching web requests, and parameters that govern how WAF handles them.

    
    
  • visibility_config(VisibilityConfig) / set_visibility_config(Option<VisibilityConfig>):
    required: true
    

    Defines and enables Amazon CloudWatch metrics and web request sample collection.

    
    
  • lock_token(impl Into<String>) / set_lock_token(Option<String>):
    required: true
    

    A token used for optimistic locking. WAF returns a token to your get and list requests, to mark the state of the entity at the time of the request. To make changes to the entity associated with the token, you provide the token to operations like update and delete. WAF uses the token to ensure that no changes have been made to the entity since you last retrieved it. If a change has been made, the update fails with a WAFOptimisticLockException. If this happens, perform another get, and use the new token returned by that operation.

    
    
  • custom_response_bodies(impl Into<String>, CustomResponseBody) / set_custom_response_bodies(Option<HashMap::<String, CustomResponseBody>>):
    required: false
    

    A map of custom response keys and content bodies. When you create a rule with a block action, you can send a custom response to the web request. You define these for the web ACL, and then use them in the rules and default actions that you define in the web ACL.

    For information about customizing web requests and responses, see Customizing web requests and responses in WAF in the WAF Developer Guide.

    For information about the limits on count and size for custom request and response settings, see WAF quotas in the WAF Developer Guide.

    
    
  • captcha_config(CaptchaConfig) / set_captcha_config(Option<CaptchaConfig>):
    required: false
    

    Specifies how WAF should handle CAPTCHA evaluations for rules that don’t have their own CaptchaConfig settings. If you don’t specify this, WAF uses its default settings for CaptchaConfig.

    
    
  • challenge_config(ChallengeConfig) / set_challenge_config(Option<ChallengeConfig>):
    required: false
    

    Specifies how WAF should handle challenge evaluations for rules that don’t have their own ChallengeConfig settings. If you don’t specify this, WAF uses its default settings for ChallengeConfig.

    
    
  • token_domains(impl Into<String>) / set_token_domains(Option<Vec::<String>>):
    required: false
    

    Specifies the domains that WAF should accept in a web request token. This enables the use of tokens across multiple protected websites. When WAF provides a token, it uses the domain of the Amazon Web Services resource that the web ACL is protecting. If you don’t specify a list of token domains, WAF accepts tokens only for the domain of the protected resource. With a token domain list, WAF accepts the resource’s host domain plus all domains in the token domain list, including their prefixed subdomains.

    Example JSON: “TokenDomains”: { “mywebsite.com”, “myotherwebsite.com” }

    Public suffixes aren’t allowed. For example, you can’t use gov.au or co.uk as token domains.

    
    
  • association_config(AssociationConfig) / set_association_config(Option<AssociationConfig>):
    required: false
    

    Specifies custom configurations for the associations between the web ACL and protected resources.

    Use this to customize the maximum size of the request body that your protected resources forward to WAF for inspection. You can customize this setting for CloudFront, API Gateway, Amazon Cognito, App Runner, or Verified Access resources. The default setting is 16 KB (16,384 bytes).

    You are charged additional fees when your protected resources forward body sizes that are larger than the default. For more information, see WAF Pricing.

    For Application Load Balancer and AppSync, the limit is fixed at 8 KB (8,192 bytes).

    
    
• On success, responds with UpdateWebAclOutput with field(s):
  • next_lock_token(Option<String>):

    A token used for optimistic locking. WAF returns this token to your update requests. You use NextLockToken in the same manner as you use LockToken.

• On failure, responds with SdkError<UpdateWebACLError>

impl Client

pub fn from_conf(conf: Config) -> Self

Creates a new client from the service Config.

Panics

This method will panic in the following cases:

• Retries or timeouts are enabled without a sleep_impl configured.
• Identity caching is enabled without a sleep_impl and time_source configured.
• No behavior_version is provided.

The panic message for each of these will have instructions on how to resolve them.

pub fn config(&self) -> &Config

Returns the client’s configuration.

impl Client

pub fn new(sdk_config: &SdkConfig) -> Self

Creates a new client from an SDK Config.

Panics

• This method will panic if the sdk_config is missing an async sleep implementation. If you experience this panic, set the sleep_impl on the Config passed into this function to fix it.
• This method will panic if the sdk_config is missing an HTTP connector. If you experience this panic, set the http_connector on the Config passed into this function to fix it.
• This method will panic if no BehaviorVersion is provided. If you experience this panic, set behavior_version on the Config or enable the behavior-version-latest Cargo feature.

Trait Implementations

impl Clone for Client

fn clone(&self) -> Client

Returns a copy of the value.

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source.

impl Debug for Client

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter.