[][src]Crate rusoto_waf_regional

This is the AWS WAF Regional API Reference for using AWS WAF with Elastic Load Balancing (ELB) Application Load Balancers. The AWS WAF actions and data types listed in the reference are available for protecting Application Load Balancers. You can use these actions and data types by means of the endpoints listed in AWS Regions and Endpoints. This guide is for developers who need detailed information about the AWS WAF API actions, data types, and errors. For detailed information about AWS WAF features and an overview of how to use the AWS WAF API, see the AWS WAF Developer Guide.

If you're using the service, you're probably looking for WAFRegionalClient and WAFRegional.

Structs

ActivatedRule

The ActivatedRule object in an UpdateWebACL request specifies a Rule that you want to insert or delete, the priority of the Rule in the WebACL, and the action that you want AWS WAF to take when a web request matches the Rule (ALLOW, BLOCK, or COUNT).

To specify whether to insert or delete a Rule, use the Action parameter in the WebACLUpdate data type.

AssociateWebACLRequest
AssociateWebACLResponse
ByteMatchSet

In a GetByteMatchSet request, ByteMatchSet is a complex type that contains the ByteMatchSetId and Name of a ByteMatchSet, and the values that you specified when you updated the ByteMatchSet.

A complex type that contains ByteMatchTuple objects, which specify the parts of web requests that you want AWS WAF to inspect and the values that you want AWS WAF to search for. If a ByteMatchSet contains more than one ByteMatchTuple object, a request needs to match the settings in only one ByteMatchTuple to be considered a match.

ByteMatchSetSummary

Returned by ListByteMatchSets. Each ByteMatchSetSummary object includes the Name and ByteMatchSetId for one ByteMatchSet.

ByteMatchSetUpdate

In an UpdateByteMatchSet request, ByteMatchSetUpdate specifies whether to insert or delete a ByteMatchTuple and includes the settings for the ByteMatchTuple.

ByteMatchTuple

The bytes (typically a string that corresponds with ASCII characters) that you want AWS WAF to search for in web requests, the location in requests that you want AWS WAF to search, and other settings.

CreateByteMatchSetRequest
CreateByteMatchSetResponse
CreateGeoMatchSetRequest
CreateGeoMatchSetResponse
CreateIPSetRequest
CreateIPSetResponse
CreateRateBasedRuleRequest
CreateRateBasedRuleResponse
CreateRegexMatchSetRequest
CreateRegexMatchSetResponse
CreateRegexPatternSetRequest
CreateRegexPatternSetResponse
CreateRuleGroupRequest
CreateRuleGroupResponse
CreateRuleRequest
CreateRuleResponse
CreateSizeConstraintSetRequest
CreateSizeConstraintSetResponse
CreateSqlInjectionMatchSetRequest

A request to create a SqlInjectionMatchSet.

CreateSqlInjectionMatchSetResponse

The response to a CreateSqlInjectionMatchSet request.

CreateWebACLRequest
CreateWebACLResponse
CreateXssMatchSetRequest

A request to create an XssMatchSet.

CreateXssMatchSetResponse

The response to a CreateXssMatchSet request.

DeleteByteMatchSetRequest
DeleteByteMatchSetResponse
DeleteGeoMatchSetRequest
DeleteGeoMatchSetResponse
DeleteIPSetRequest
DeleteIPSetResponse
DeleteLoggingConfigurationRequest
DeleteLoggingConfigurationResponse
DeletePermissionPolicyRequest
DeletePermissionPolicyResponse
DeleteRateBasedRuleRequest
DeleteRateBasedRuleResponse
DeleteRegexMatchSetRequest
DeleteRegexMatchSetResponse
DeleteRegexPatternSetRequest
DeleteRegexPatternSetResponse
DeleteRuleGroupRequest
DeleteRuleGroupResponse
DeleteRuleRequest
DeleteRuleResponse
DeleteSizeConstraintSetRequest
DeleteSizeConstraintSetResponse
DeleteSqlInjectionMatchSetRequest

A request to delete a SqlInjectionMatchSet from AWS WAF.

DeleteSqlInjectionMatchSetResponse

The response to a request to delete a SqlInjectionMatchSet from AWS WAF.

DeleteWebACLRequest
DeleteWebACLResponse
DeleteXssMatchSetRequest

A request to delete an XssMatchSet from AWS WAF.

DeleteXssMatchSetResponse

The response to a request to delete an XssMatchSet from AWS WAF.

DisassociateWebACLRequest
DisassociateWebACLResponse
ExcludedRule

The rule to exclude from a rule group. This is applicable only when the ActivatedRule refers to a RuleGroup. The rule must belong to the RuleGroup that is specified by the ActivatedRule.

FieldToMatch

Specifies where in a web request to look for TargetString.

GeoMatchConstraint

The country from which web requests originate that you want AWS WAF to search for.

GeoMatchSet

Contains one or more countries that AWS WAF will search for.

GeoMatchSetSummary

Contains the identifier and the name of the GeoMatchSet.

GeoMatchSetUpdate

Specifies the type of update to perform to an GeoMatchSet with UpdateGeoMatchSet.

GetByteMatchSetRequest
GetByteMatchSetResponse
GetChangeTokenRequest
GetChangeTokenResponse
GetChangeTokenStatusRequest
GetChangeTokenStatusResponse
GetGeoMatchSetRequest
GetGeoMatchSetResponse
GetIPSetRequest
GetIPSetResponse
GetLoggingConfigurationRequest
GetLoggingConfigurationResponse
GetPermissionPolicyRequest
GetPermissionPolicyResponse
GetRateBasedRuleManagedKeysRequest
GetRateBasedRuleManagedKeysResponse
GetRateBasedRuleRequest
GetRateBasedRuleResponse
GetRegexMatchSetRequest
GetRegexMatchSetResponse
GetRegexPatternSetRequest
GetRegexPatternSetResponse
GetRuleGroupRequest
GetRuleGroupResponse
GetRuleRequest
GetRuleResponse
GetSampledRequestsRequest
GetSampledRequestsResponse
GetSizeConstraintSetRequest
GetSizeConstraintSetResponse
GetSqlInjectionMatchSetRequest

A request to get a SqlInjectionMatchSet.

GetSqlInjectionMatchSetResponse

The response to a GetSqlInjectionMatchSet request.

GetWebACLForResourceRequest
GetWebACLForResourceResponse
GetWebACLRequest
GetWebACLResponse
GetXssMatchSetRequest

A request to get an XssMatchSet.

GetXssMatchSetResponse

The response to a GetXssMatchSet request.

HTTPHeader

The response from a GetSampledRequests request includes an HTTPHeader complex type that appears as Headers in the response syntax. HTTPHeader contains the names and values of all of the headers that appear in one of the web requests that were returned by GetSampledRequests.

HTTPRequest

The response from a GetSampledRequests request includes an HTTPRequest complex type that appears as Request in the response syntax. HTTPRequest contains information about one of the web requests that were returned by GetSampledRequests.

IPSet

Contains one or more IP addresses or blocks of IP addresses specified in Classless Inter-Domain Routing (CIDR) notation. AWS WAF supports IPv4 address ranges: /8 and any range between /16 through /32. AWS WAF supports IPv6 address ranges: /16, /24, /32, /48, /56, /64, and /128.

To specify an individual IP address, you specify the four-part IP address followed by a /32, for example, 192.0.2.0/31. To block a range of IP addresses, you can specify /8 or any range between /16 through /32 (for IPv4) or /16, /24, /32, /48, /56, /64, or /128 (for IPv6). For more information about CIDR notation, see the Wikipedia entry Classless Inter-Domain Routing.

IPSetDescriptor

Specifies the IP address type (IPV4 or IPV6) and the IP address range (in CIDR format) that web requests originate from.

IPSetSummary

Contains the identifier and the name of the IPSet.

IPSetUpdate

Specifies the type of update to perform to an IPSet with UpdateIPSet.

ListActivatedRulesInRuleGroupRequest
ListActivatedRulesInRuleGroupResponse
ListByteMatchSetsRequest
ListByteMatchSetsResponse
ListGeoMatchSetsRequest
ListGeoMatchSetsResponse
ListIPSetsRequest
ListIPSetsResponse
ListLoggingConfigurationsRequest
ListLoggingConfigurationsResponse
ListRateBasedRulesRequest
ListRateBasedRulesResponse
ListRegexMatchSetsRequest
ListRegexMatchSetsResponse
ListRegexPatternSetsRequest
ListRegexPatternSetsResponse
ListResourcesForWebACLRequest
ListResourcesForWebACLResponse
ListRuleGroupsRequest
ListRuleGroupsResponse
ListRulesRequest
ListRulesResponse
ListSizeConstraintSetsRequest
ListSizeConstraintSetsResponse
ListSqlInjectionMatchSetsRequest

A request to list the SqlInjectionMatchSet objects created by the current AWS account.

ListSqlInjectionMatchSetsResponse

The response to a ListSqlInjectionMatchSets request.

ListSubscribedRuleGroupsRequest
ListSubscribedRuleGroupsResponse
ListWebACLsRequest
ListWebACLsResponse
ListXssMatchSetsRequest

A request to list the XssMatchSet objects created by the current AWS account.

ListXssMatchSetsResponse

The response to a ListXssMatchSets request.

LoggingConfiguration

The Amazon Kinesis Data Firehose, RedactedFields information, and the web ACL Amazon Resource Name (ARN).

Predicate

Specifies the ByteMatchSet, IPSet, SqlInjectionMatchSet, XssMatchSet, RegexMatchSet, GeoMatchSet, and SizeConstraintSet objects that you want to add to a Rule and, for each object, indicates whether you want to negate the settings, for example, requests that do NOT originate from the IP address 192.0.2.44.

PutLoggingConfigurationRequest
PutLoggingConfigurationResponse
PutPermissionPolicyRequest
PutPermissionPolicyResponse
RateBasedRule

A RateBasedRule is identical to a regular Rule, with one addition: a RateBasedRule counts the number of requests that arrive from a specified IP address every five minutes. For example, based on recent requests that you've seen from an attacker, you might create a RateBasedRule that includes the following conditions:

  • The requests come from 192.0.2.44.

  • They contain the value BadBot in the User-Agent header.

In the rule, you also define the rate limit as 15,000.

Requests that meet both of these conditions and exceed 15,000 requests every five minutes trigger the rule's action (block or count), which is defined in the web ACL.

RegexMatchSet

In a GetRegexMatchSet request, RegexMatchSet is a complex type that contains the RegexMatchSetId and Name of a RegexMatchSet, and the values that you specified when you updated the RegexMatchSet.

The values are contained in a RegexMatchTuple object, which specify the parts of web requests that you want AWS WAF to inspect and the values that you want AWS WAF to search for. If a RegexMatchSet contains more than one RegexMatchTuple object, a request needs to match the settings in only one ByteMatchTuple to be considered a match.

RegexMatchSetSummary

Returned by ListRegexMatchSets. Each RegexMatchSetSummary object includes the Name and RegexMatchSetId for one RegexMatchSet.

RegexMatchSetUpdate

In an UpdateRegexMatchSet request, RegexMatchSetUpdate specifies whether to insert or delete a RegexMatchTuple and includes the settings for the RegexMatchTuple.

RegexMatchTuple

The regular expression pattern that you want AWS WAF to search for in web requests, the location in requests that you want AWS WAF to search, and other settings. Each RegexMatchTuple object contains:

  • The part of a web request that you want AWS WAF to inspect, such as a query string or the value of the User-Agent header.

  • The identifier of the pattern (a regular expression) that you want AWS WAF to look for. For more information, see RegexPatternSet.

  • Whether to perform any conversions on the request, such as converting it to lowercase, before inspecting it for the specified string.

RegexPatternSet

The RegexPatternSet specifies the regular expression (regex) pattern that you want AWS WAF to search for, such as B[a@]dB[o0]t. You can then configure AWS WAF to reject those requests.

RegexPatternSetSummary

Returned by ListRegexPatternSets. Each RegexPatternSetSummary object includes the Name and RegexPatternSetId for one RegexPatternSet.

RegexPatternSetUpdate

In an UpdateRegexPatternSet request, RegexPatternSetUpdate specifies whether to insert or delete a RegexPatternString and includes the settings for the RegexPatternString.

Rule

A combination of ByteMatchSet, IPSet, and/or SqlInjectionMatchSet objects that identify the web requests that you want to allow, block, or count. For example, you might create a Rule that includes the following predicates:

  • An IPSet that causes AWS WAF to search for web requests that originate from the IP address 192.0.2.44

  • A ByteMatchSet that causes AWS WAF to search for web requests for which the value of the User-Agent header is BadBot.

To match the settings in this Rule, a request must originate from 192.0.2.44 AND include a User-Agent header for which the value is BadBot.

RuleGroup

A collection of predefined rules that you can add to a web ACL.

Rule groups are subject to the following limits:

  • Three rule groups per account. You can request an increase to this limit by contacting customer support.

  • One rule group per web ACL.

  • Ten rules per rule group.

RuleGroupSummary

Contains the identifier and the friendly name or description of the RuleGroup.

RuleGroupUpdate

Specifies an ActivatedRule and indicates whether you want to add it to a RuleGroup or delete it from a RuleGroup.

RuleSummary

Contains the identifier and the friendly name or description of the Rule.

RuleUpdate

Specifies a Predicate (such as an IPSet) and indicates whether you want to add it to a Rule or delete it from a Rule.

SampledHTTPRequest

The response from a GetSampledRequests request includes a SampledHTTPRequests complex type that appears as SampledRequests in the response syntax. SampledHTTPRequests contains one SampledHTTPRequest object for each web request that is returned by GetSampledRequests.

SizeConstraint

Specifies a constraint on the size of a part of the web request. AWS WAF uses the Size, ComparisonOperator, and FieldToMatch to build an expression in the form of "Size ComparisonOperator size in bytes of FieldToMatch". If that expression is true, the SizeConstraint is considered to match.

SizeConstraintSet

A complex type that contains SizeConstraint objects, which specify the parts of web requests that you want AWS WAF to inspect the size of. If a SizeConstraintSet contains more than one SizeConstraint object, a request only needs to match one constraint to be considered a match.

SizeConstraintSetSummary

The Id and Name of a SizeConstraintSet.

SizeConstraintSetUpdate

Specifies the part of a web request that you want to inspect the size of and indicates whether you want to add the specification to a SizeConstraintSet or delete it from a SizeConstraintSet.

SqlInjectionMatchSet

A complex type that contains SqlInjectionMatchTuple objects, which specify the parts of web requests that you want AWS WAF to inspect for snippets of malicious SQL code and, if you want AWS WAF to inspect a header, the name of the header. If a SqlInjectionMatchSet contains more than one SqlInjectionMatchTuple object, a request needs to include snippets of SQL code in only one of the specified parts of the request to be considered a match.

SqlInjectionMatchSetSummary

The Id and Name of a SqlInjectionMatchSet.

SqlInjectionMatchSetUpdate

Specifies the part of a web request that you want to inspect for snippets of malicious SQL code and indicates whether you want to add the specification to a SqlInjectionMatchSet or delete it from a SqlInjectionMatchSet.

SqlInjectionMatchTuple

Specifies the part of a web request that you want AWS WAF to inspect for snippets of malicious SQL code and, if you want AWS WAF to inspect a header, the name of the header.

SubscribedRuleGroupSummary

A summary of the rule groups you are subscribed to.

TimeWindow

In a GetSampledRequests request, the StartTime and EndTime objects specify the time range for which you want AWS WAF to return a sample of web requests.

In a GetSampledRequests response, the StartTime and EndTime objects specify the time range for which AWS WAF actually returned a sample of web requests. AWS WAF gets the specified number of requests from among the first 5,000 requests that your AWS resource receives during the specified time period. If your resource receives more than 5,000 requests during that period, AWS WAF stops sampling after the 5,000th request. In that case, EndTime is the time that AWS WAF received the 5,000th request.

UpdateByteMatchSetRequest
UpdateByteMatchSetResponse
UpdateGeoMatchSetRequest
UpdateGeoMatchSetResponse
UpdateIPSetRequest
UpdateIPSetResponse
UpdateRateBasedRuleRequest
UpdateRateBasedRuleResponse
UpdateRegexMatchSetRequest
UpdateRegexMatchSetResponse
UpdateRegexPatternSetRequest
UpdateRegexPatternSetResponse
UpdateRuleGroupRequest
UpdateRuleGroupResponse
UpdateRuleRequest
UpdateRuleResponse
UpdateSizeConstraintSetRequest
UpdateSizeConstraintSetResponse
UpdateSqlInjectionMatchSetRequest

A request to update a SqlInjectionMatchSet.

UpdateSqlInjectionMatchSetResponse

The response to an UpdateSqlInjectionMatchSets request.

UpdateWebACLRequest
UpdateWebACLResponse
UpdateXssMatchSetRequest

A request to update an XssMatchSet.

UpdateXssMatchSetResponse

The response to an UpdateXssMatchSets request.

WAFRegionalClient

A client for the WAF Regional API.

WafAction

For the action that is associated with a rule in a WebACL, specifies the action that you want AWS WAF to perform when a web request matches all of the conditions in a rule. For the default action in a WebACL, specifies the action that you want AWS WAF to take when a web request doesn't match all of the conditions in any of the rules in a WebACL.

WafOverrideAction

The action to take if any rule within the RuleGroup matches a request.

WebACL

Contains the Rules that identify the requests that you want to allow, block, or count. In a WebACL, you also specify a default action (ALLOW or BLOCK), and the action for each Rule that you add to a WebACL, for example, block requests from specified IP addresses or block requests from specified referrers. You also associate the WebACL with a CloudFront distribution to identify the requests that you want AWS WAF to filter. If you add more than one Rule to a WebACL, a request needs to match only one of the specifications to be allowed, blocked, or counted. For more information, see UpdateWebACL.

WebACLSummary

Contains the identifier and the name or description of the WebACL.

WebACLUpdate

Specifies whether to insert a Rule into or delete a Rule from a WebACL.

XssMatchSet

A complex type that contains XssMatchTuple objects, which specify the parts of web requests that you want AWS WAF to inspect for cross-site scripting attacks and, if you want AWS WAF to inspect a header, the name of the header. If a XssMatchSet contains more than one XssMatchTuple object, a request needs to include cross-site scripting attacks in only one of the specified parts of the request to be considered a match.

XssMatchSetSummary

The Id and Name of an XssMatchSet.

XssMatchSetUpdate

Specifies the part of a web request that you want to inspect for cross-site scripting attacks and indicates whether you want to add the specification to an XssMatchSet or delete it from an XssMatchSet.

XssMatchTuple

Specifies the part of a web request that you want AWS WAF to inspect for cross-site scripting attacks and, if you want AWS WAF to inspect a header, the name of the header.

Enums

AssociateWebACLError

Errors returned by AssociateWebACL

CreateByteMatchSetError

Errors returned by CreateByteMatchSet

CreateGeoMatchSetError

Errors returned by CreateGeoMatchSet

CreateIPSetError

Errors returned by CreateIPSet

CreateRateBasedRuleError

Errors returned by CreateRateBasedRule

CreateRegexMatchSetError

Errors returned by CreateRegexMatchSet

CreateRegexPatternSetError

Errors returned by CreateRegexPatternSet

CreateRuleError

Errors returned by CreateRule

CreateRuleGroupError

Errors returned by CreateRuleGroup

CreateSizeConstraintSetError

Errors returned by CreateSizeConstraintSet

CreateSqlInjectionMatchSetError

Errors returned by CreateSqlInjectionMatchSet

CreateWebACLError

Errors returned by CreateWebACL

CreateXssMatchSetError

Errors returned by CreateXssMatchSet

DeleteByteMatchSetError

Errors returned by DeleteByteMatchSet

DeleteGeoMatchSetError

Errors returned by DeleteGeoMatchSet

DeleteIPSetError

Errors returned by DeleteIPSet

DeleteLoggingConfigurationError

Errors returned by DeleteLoggingConfiguration

DeletePermissionPolicyError

Errors returned by DeletePermissionPolicy

DeleteRateBasedRuleError

Errors returned by DeleteRateBasedRule

DeleteRegexMatchSetError

Errors returned by DeleteRegexMatchSet

DeleteRegexPatternSetError

Errors returned by DeleteRegexPatternSet

DeleteRuleError

Errors returned by DeleteRule

DeleteRuleGroupError

Errors returned by DeleteRuleGroup

DeleteSizeConstraintSetError

Errors returned by DeleteSizeConstraintSet

DeleteSqlInjectionMatchSetError

Errors returned by DeleteSqlInjectionMatchSet

DeleteWebACLError

Errors returned by DeleteWebACL

DeleteXssMatchSetError

Errors returned by DeleteXssMatchSet

DisassociateWebACLError

Errors returned by DisassociateWebACL

GetByteMatchSetError

Errors returned by GetByteMatchSet

GetChangeTokenError

Errors returned by GetChangeToken

GetChangeTokenStatusError

Errors returned by GetChangeTokenStatus

GetGeoMatchSetError

Errors returned by GetGeoMatchSet

GetIPSetError

Errors returned by GetIPSet

GetLoggingConfigurationError

Errors returned by GetLoggingConfiguration

GetPermissionPolicyError

Errors returned by GetPermissionPolicy

GetRateBasedRuleError

Errors returned by GetRateBasedRule

GetRateBasedRuleManagedKeysError

Errors returned by GetRateBasedRuleManagedKeys

GetRegexMatchSetError

Errors returned by GetRegexMatchSet

GetRegexPatternSetError

Errors returned by GetRegexPatternSet

GetRuleError

Errors returned by GetRule

GetRuleGroupError

Errors returned by GetRuleGroup

GetSampledRequestsError

Errors returned by GetSampledRequests

GetSizeConstraintSetError

Errors returned by GetSizeConstraintSet

GetSqlInjectionMatchSetError

Errors returned by GetSqlInjectionMatchSet

GetWebACLError

Errors returned by GetWebACL

GetWebACLForResourceError

Errors returned by GetWebACLForResource

GetXssMatchSetError

Errors returned by GetXssMatchSet

ListActivatedRulesInRuleGroupError

Errors returned by ListActivatedRulesInRuleGroup

ListByteMatchSetsError

Errors returned by ListByteMatchSets

ListGeoMatchSetsError

Errors returned by ListGeoMatchSets

ListIPSetsError

Errors returned by ListIPSets

ListLoggingConfigurationsError

Errors returned by ListLoggingConfigurations

ListRateBasedRulesError

Errors returned by ListRateBasedRules

ListRegexMatchSetsError

Errors returned by ListRegexMatchSets

ListRegexPatternSetsError

Errors returned by ListRegexPatternSets

ListResourcesForWebACLError

Errors returned by ListResourcesForWebACL

ListRuleGroupsError

Errors returned by ListRuleGroups

ListRulesError

Errors returned by ListRules

ListSizeConstraintSetsError

Errors returned by ListSizeConstraintSets

ListSqlInjectionMatchSetsError

Errors returned by ListSqlInjectionMatchSets

ListSubscribedRuleGroupsError

Errors returned by ListSubscribedRuleGroups

ListWebACLsError

Errors returned by ListWebACLs

ListXssMatchSetsError

Errors returned by ListXssMatchSets

PutLoggingConfigurationError

Errors returned by PutLoggingConfiguration

PutPermissionPolicyError

Errors returned by PutPermissionPolicy

UpdateByteMatchSetError

Errors returned by UpdateByteMatchSet

UpdateGeoMatchSetError

Errors returned by UpdateGeoMatchSet

UpdateIPSetError

Errors returned by UpdateIPSet

UpdateRateBasedRuleError

Errors returned by UpdateRateBasedRule

UpdateRegexMatchSetError

Errors returned by UpdateRegexMatchSet

UpdateRegexPatternSetError

Errors returned by UpdateRegexPatternSet

UpdateRuleError

Errors returned by UpdateRule

UpdateRuleGroupError

Errors returned by UpdateRuleGroup

UpdateSizeConstraintSetError

Errors returned by UpdateSizeConstraintSet

UpdateSqlInjectionMatchSetError

Errors returned by UpdateSqlInjectionMatchSet

UpdateWebACLError

Errors returned by UpdateWebACL

UpdateXssMatchSetError

Errors returned by UpdateXssMatchSet

Traits

WAFRegional

Trait representing the capabilities of the WAF Regional API. WAF Regional clients implement this trait.