Expand description
This is AWS WAF Classic documentation. For more information, see AWS WAF Classic in the developer guide. For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS WAF Developer Guide. With the latest version, AWS WAF has a single set of endpoints for regional and global use.
This is the AWS WAF Classic API Reference for using AWS WAF Classic with Amazon CloudFront. The AWS WAF Classic actions and data types listed in the reference are available for protecting Amazon CloudFront distributions. You can use these actions and data types via the endpoint waf.amazonaws.com. This guide is for developers who need detailed information about the AWS WAF Classic API actions, data types, and errors. For detailed information about AWS WAF Classic features and an overview of how to use the AWS WAF Classic API, see the AWS WAF Classic in the developer guide.
If you’re using the service, you’re probably looking for WafClient and Waf.
Structs§
- Activated
Rule This is AWS WAF Classic documentation. For more information, see AWS WAF Classic in the developer guide.
For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS WAF Developer Guide. With the latest version, AWS WAF has a single set of endpoints for regional and global use.
The
ActivatedRuleobject in an UpdateWebACL request specifies aRulethat you want to insert or delete, the priority of theRulein theWebACL, and the action that you want AWS WAF to take when a web request matches theRule(ALLOW,BLOCK, orCOUNT).To specify whether to insert or delete a
Rule, use theActionparameter in the WebACLUpdate data type.- Byte
Match Set This is AWS WAF Classic documentation. For more information, see AWS WAF Classic in the developer guide.
For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS WAF Developer Guide. With the latest version, AWS WAF has a single set of endpoints for regional and global use.
In a GetByteMatchSet request,
ByteMatchSetis a complex type that contains theByteMatchSetIdandNameof aByteMatchSet, and the values that you specified when you updated theByteMatchSet.A complex type that contains
ByteMatchTupleobjects, which specify the parts of web requests that you want AWS WAF to inspect and the values that you want AWS WAF to search for. If aByteMatchSetcontains more than oneByteMatchTupleobject, a request needs to match the settings in only oneByteMatchTupleto be considered a match.- Byte
Match SetSummary This is AWS WAF Classic documentation. For more information, see AWS WAF Classic in the developer guide.
For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS WAF Developer Guide. With the latest version, AWS WAF has a single set of endpoints for regional and global use.
Returned by ListByteMatchSets. Each
ByteMatchSetSummaryobject includes theNameandByteMatchSetIdfor one ByteMatchSet.- Byte
Match SetUpdate This is AWS WAF Classic documentation. For more information, see AWS WAF Classic in the developer guide.
For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS WAF Developer Guide. With the latest version, AWS WAF has a single set of endpoints for regional and global use.
In an UpdateByteMatchSet request,
ByteMatchSetUpdatespecifies whether to insert or delete a ByteMatchTuple and includes the settings for theByteMatchTuple.- Byte
Match Tuple This is AWS WAF Classic documentation. For more information, see AWS WAF Classic in the developer guide.
For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS WAF Developer Guide. With the latest version, AWS WAF has a single set of endpoints for regional and global use.
The bytes (typically a string that corresponds with ASCII characters) that you want AWS WAF to search for in web requests, the location in requests that you want AWS WAF to search, and other settings.
- Create
Byte Match SetRequest - Create
Byte Match SetResponse - Create
GeoMatch SetRequest - Create
GeoMatch SetResponse - CreateIP
SetRequest - CreateIP
SetResponse - Create
Rate Based Rule Request - Create
Rate Based Rule Response - Create
Regex Match SetRequest - Create
Regex Match SetResponse - Create
Regex Pattern SetRequest - Create
Regex Pattern SetResponse - Create
Rule Group Request - Create
Rule Group Response - Create
Rule Request - Create
Rule Response - Create
Size Constraint SetRequest - Create
Size Constraint SetResponse - Create
SqlInjection Match SetRequest A request to create a SqlInjectionMatchSet.
- Create
SqlInjection Match SetResponse The response to a
CreateSqlInjectionMatchSetrequest.- Create
WebACL Migration Stack Request - Create
WebACL Migration Stack Response - Create
WebACL Request - Create
WebACL Response - Create
XssMatch SetRequest A request to create an XssMatchSet.
- Create
XssMatch SetResponse The response to a
CreateXssMatchSetrequest.- Delete
Byte Match SetRequest - Delete
Byte Match SetResponse - Delete
GeoMatch SetRequest - Delete
GeoMatch SetResponse - DeleteIP
SetRequest - DeleteIP
SetResponse - Delete
Logging Configuration Request - Delete
Logging Configuration Response - Delete
Permission Policy Request - Delete
Permission Policy Response - Delete
Rate Based Rule Request - Delete
Rate Based Rule Response - Delete
Regex Match SetRequest - Delete
Regex Match SetResponse - Delete
Regex Pattern SetRequest - Delete
Regex Pattern SetResponse - Delete
Rule Group Request - Delete
Rule Group Response - Delete
Rule Request - Delete
Rule Response - Delete
Size Constraint SetRequest - Delete
Size Constraint SetResponse - Delete
SqlInjection Match SetRequest A request to delete a SqlInjectionMatchSet from AWS WAF.
- Delete
SqlInjection Match SetResponse The response to a request to delete a SqlInjectionMatchSet from AWS WAF.
- Delete
WebACL Request - Delete
WebACL Response - Delete
XssMatch SetRequest A request to delete an XssMatchSet from AWS WAF.
- Delete
XssMatch SetResponse The response to a request to delete an XssMatchSet from AWS WAF.
- Excluded
Rule This is AWS WAF Classic documentation. For more information, see AWS WAF Classic in the developer guide.
For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS WAF Developer Guide. With the latest version, AWS WAF has a single set of endpoints for regional and global use.
The rule to exclude from a rule group. This is applicable only when the
ActivatedRulerefers to aRuleGroup. The rule must belong to theRuleGroupthat is specified by theActivatedRule.- Field
ToMatch This is AWS WAF Classic documentation. For more information, see AWS WAF Classic in the developer guide.
For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS WAF Developer Guide. With the latest version, AWS WAF has a single set of endpoints for regional and global use.
Specifies where in a web request to look for
TargetString.- GeoMatch
Constraint This is AWS WAF Classic documentation. For more information, see AWS WAF Classic in the developer guide.
For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS WAF Developer Guide. With the latest version, AWS WAF has a single set of endpoints for regional and global use.
The country from which web requests originate that you want AWS WAF to search for.
- GeoMatch
Set This is AWS WAF Classic documentation. For more information, see AWS WAF Classic in the developer guide.
For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS WAF Developer Guide. With the latest version, AWS WAF has a single set of endpoints for regional and global use.
Contains one or more countries that AWS WAF will search for.
- GeoMatch
SetSummary This is AWS WAF Classic documentation. For more information, see AWS WAF Classic in the developer guide.
For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS WAF Developer Guide. With the latest version, AWS WAF has a single set of endpoints for regional and global use.
Contains the identifier and the name of the
GeoMatchSet.- GeoMatch
SetUpdate This is AWS WAF Classic documentation. For more information, see AWS WAF Classic in the developer guide.
For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS WAF Developer Guide. With the latest version, AWS WAF has a single set of endpoints for regional and global use.
Specifies the type of update to perform to an GeoMatchSet with UpdateGeoMatchSet.
- GetByte
Match SetRequest - GetByte
Match SetResponse - GetChange
Token Request - GetChange
Token Response - GetChange
Token Status Request - GetChange
Token Status Response - GetGeo
Match SetRequest - GetGeo
Match SetResponse - GetIP
SetRequest - GetIP
SetResponse - GetLogging
Configuration Request - GetLogging
Configuration Response - GetPermission
Policy Request - GetPermission
Policy Response - GetRate
Based Rule Managed Keys Request - GetRate
Based Rule Managed Keys Response - GetRate
Based Rule Request - GetRate
Based Rule Response - GetRegex
Match SetRequest - GetRegex
Match SetResponse - GetRegex
Pattern SetRequest - GetRegex
Pattern SetResponse - GetRule
Group Request - GetRule
Group Response - GetRule
Request - GetRule
Response - GetSampled
Requests Request - GetSampled
Requests Response - GetSize
Constraint SetRequest - GetSize
Constraint SetResponse - GetSql
Injection Match SetRequest A request to get a SqlInjectionMatchSet.
- GetSql
Injection Match SetResponse The response to a GetSqlInjectionMatchSet request.
- GetWebACL
Request - GetWebACL
Response - GetXss
Match SetRequest A request to get an XssMatchSet.
- GetXss
Match SetResponse The response to a GetXssMatchSet request.
- HTTP
Header This is AWS WAF Classic documentation. For more information, see AWS WAF Classic in the developer guide.
For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS WAF Developer Guide. With the latest version, AWS WAF has a single set of endpoints for regional and global use.
The response from a GetSampledRequests request includes an
HTTPHeadercomplex type that appears asHeadersin the response syntax.HTTPHeadercontains the names and values of all of the headers that appear in one of the web requests that were returned byGetSampledRequests.- HTTP
Request This is AWS WAF Classic documentation. For more information, see AWS WAF Classic in the developer guide.
For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS WAF Developer Guide. With the latest version, AWS WAF has a single set of endpoints for regional and global use.
The response from a GetSampledRequests request includes an
HTTPRequestcomplex type that appears asRequestin the response syntax.HTTPRequestcontains information about one of the web requests that were returned byGetSampledRequests.- IPSet
This is AWS WAF Classic documentation. For more information, see AWS WAF Classic in the developer guide.
For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS WAF Developer Guide. With the latest version, AWS WAF has a single set of endpoints for regional and global use.
Contains one or more IP addresses or blocks of IP addresses specified in Classless Inter-Domain Routing (CIDR) notation. AWS WAF supports IPv4 address ranges: /8 and any range between /16 through /32. AWS WAF supports IPv6 address ranges: /24, /32, /48, /56, /64, and /128.
To specify an individual IP address, you specify the four-part IP address followed by a
/32, for example, 192.0.2.0/32. To block a range of IP addresses, you can specify /8 or any range between /16 through /32 (for IPv4) or /24, /32, /48, /56, /64, or /128 (for IPv6). For more information about CIDR notation, see the Wikipedia entry Classless Inter-Domain Routing.- IPSet
Descriptor This is AWS WAF Classic documentation. For more information, see AWS WAF Classic in the developer guide.
For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS WAF Developer Guide. With the latest version, AWS WAF has a single set of endpoints for regional and global use.
Specifies the IP address type (
IPV4orIPV6) and the IP address range (in CIDR format) that web requests originate from.- IPSet
Summary This is AWS WAF Classic documentation. For more information, see AWS WAF Classic in the developer guide.
For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS WAF Developer Guide. With the latest version, AWS WAF has a single set of endpoints for regional and global use.
Contains the identifier and the name of the
IPSet.- IPSet
Update This is AWS WAF Classic documentation. For more information, see AWS WAF Classic in the developer guide.
For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS WAF Developer Guide. With the latest version, AWS WAF has a single set of endpoints for regional and global use.
Specifies the type of update to perform to an IPSet with UpdateIPSet.
- List
Activated Rules InRule Group Request - List
Activated Rules InRule Group Response - List
Byte Match Sets Request - List
Byte Match Sets Response - List
GeoMatch Sets Request - List
GeoMatch Sets Response - ListIP
Sets Request - ListIP
Sets Response - List
Logging Configurations Request - List
Logging Configurations Response - List
Rate Based Rules Request - List
Rate Based Rules Response - List
Regex Match Sets Request - List
Regex Match Sets Response - List
Regex Pattern Sets Request - List
Regex Pattern Sets Response - List
Rule Groups Request - List
Rule Groups Response - List
Rules Request - List
Rules Response - List
Size Constraint Sets Request - List
Size Constraint Sets Response - List
SqlInjection Match Sets Request A request to list the SqlInjectionMatchSet objects created by the current AWS account.
- List
SqlInjection Match Sets Response The response to a ListSqlInjectionMatchSets request.
- List
Subscribed Rule Groups Request - List
Subscribed Rule Groups Response - List
Tags ForResource Request - List
Tags ForResource Response - List
WebAC LsRequest - List
WebAC LsResponse - List
XssMatch Sets Request A request to list the XssMatchSet objects created by the current AWS account.
- List
XssMatch Sets Response The response to a ListXssMatchSets request.
- Logging
Configuration This is AWS WAF Classic documentation. For more information, see AWS WAF Classic in the developer guide.
For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS WAF Developer Guide. With the latest version, AWS WAF has a single set of endpoints for regional and global use.
The Amazon Kinesis Data Firehose,
RedactedFieldsinformation, and the web ACL Amazon Resource Name (ARN).- Predicate
This is AWS WAF Classic documentation. For more information, see AWS WAF Classic in the developer guide.
For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS WAF Developer Guide. With the latest version, AWS WAF has a single set of endpoints for regional and global use.
Specifies the ByteMatchSet, IPSet, SqlInjectionMatchSet, XssMatchSet, RegexMatchSet, GeoMatchSet, and SizeConstraintSet objects that you want to add to a
Ruleand, for each object, indicates whether you want to negate the settings, for example, requests that do NOT originate from the IP address 192.0.2.44.- PutLogging
Configuration Request - PutLogging
Configuration Response - PutPermission
Policy Request - PutPermission
Policy Response - Rate
Based Rule This is AWS WAF Classic documentation. For more information, see AWS WAF Classic in the developer guide.
For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS WAF Developer Guide. With the latest version, AWS WAF has a single set of endpoints for regional and global use.
A
RateBasedRuleis identical to a regular Rule, with one addition: aRateBasedRulecounts the number of requests that arrive from a specified IP address every five minutes. For example, based on recent requests that you've seen from an attacker, you might create aRateBasedRulethat includes the following conditions:-
The requests come from 192.0.2.44.
-
They contain the value
BadBotin theUser-Agentheader.
In the rule, you also define the rate limit as 1,000.
Requests that meet both of these conditions and exceed 1,000 requests every five minutes trigger the rule's action (block or count), which is defined in the web ACL.
-
- Regex
Match Set This is AWS WAF Classic documentation. For more information, see AWS WAF Classic in the developer guide.
For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS WAF Developer Guide. With the latest version, AWS WAF has a single set of endpoints for regional and global use.
In a GetRegexMatchSet request,
RegexMatchSetis a complex type that contains theRegexMatchSetIdandNameof aRegexMatchSet, and the values that you specified when you updated theRegexMatchSet.The values are contained in a
RegexMatchTupleobject, which specify the parts of web requests that you want AWS WAF to inspect and the values that you want AWS WAF to search for. If aRegexMatchSetcontains more than oneRegexMatchTupleobject, a request needs to match the settings in only oneByteMatchTupleto be considered a match.- Regex
Match SetSummary This is AWS WAF Classic documentation. For more information, see AWS WAF Classic in the developer guide.
For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS WAF Developer Guide. With the latest version, AWS WAF has a single set of endpoints for regional and global use.
Returned by ListRegexMatchSets. Each
RegexMatchSetSummaryobject includes theNameandRegexMatchSetIdfor one RegexMatchSet.- Regex
Match SetUpdate This is AWS WAF Classic documentation. For more information, see AWS WAF Classic in the developer guide.
For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS WAF Developer Guide. With the latest version, AWS WAF has a single set of endpoints for regional and global use.
In an UpdateRegexMatchSet request,
RegexMatchSetUpdatespecifies whether to insert or delete a RegexMatchTuple and includes the settings for theRegexMatchTuple.- Regex
Match Tuple This is AWS WAF Classic documentation. For more information, see AWS WAF Classic in the developer guide.
For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS WAF Developer Guide. With the latest version, AWS WAF has a single set of endpoints for regional and global use.
The regular expression pattern that you want AWS WAF to search for in web requests, the location in requests that you want AWS WAF to search, and other settings. Each
RegexMatchTupleobject contains:-
The part of a web request that you want AWS WAF to inspect, such as a query string or the value of the
User-Agentheader. -
The identifier of the pattern (a regular expression) that you want AWS WAF to look for. For more information, see RegexPatternSet.
-
Whether to perform any conversions on the request, such as converting it to lowercase, before inspecting it for the specified string.
-
- Regex
Pattern Set This is AWS WAF Classic documentation. For more information, see AWS WAF Classic in the developer guide.
For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS WAF Developer Guide. With the latest version, AWS WAF has a single set of endpoints for regional and global use.
The
RegexPatternSetspecifies the regular expression (regex) pattern that you want AWS WAF to search for, such asB[a@]dB[o0]t. You can then configure AWS WAF to reject those requests.- Regex
Pattern SetSummary This is AWS WAF Classic documentation. For more information, see AWS WAF Classic in the developer guide.
For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS WAF Developer Guide. With the latest version, AWS WAF has a single set of endpoints for regional and global use.
Returned by ListRegexPatternSets. Each
RegexPatternSetSummaryobject includes theNameandRegexPatternSetIdfor one RegexPatternSet.- Regex
Pattern SetUpdate This is AWS WAF Classic documentation. For more information, see AWS WAF Classic in the developer guide.
For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS WAF Developer Guide. With the latest version, AWS WAF has a single set of endpoints for regional and global use.
In an UpdateRegexPatternSet request,
RegexPatternSetUpdatespecifies whether to insert or delete aRegexPatternStringand includes the settings for theRegexPatternString.- Rule
This is AWS WAF Classic documentation. For more information, see AWS WAF Classic in the developer guide.
For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS WAF Developer Guide. With the latest version, AWS WAF has a single set of endpoints for regional and global use.
A combination of ByteMatchSet, IPSet, and/or SqlInjectionMatchSet objects that identify the web requests that you want to allow, block, or count. For example, you might create a
Rulethat includes the following predicates:-
An
IPSetthat causes AWS WAF to search for web requests that originate from the IP address192.0.2.44 -
A
ByteMatchSetthat causes AWS WAF to search for web requests for which the value of theUser-Agentheader isBadBot.
To match the settings in this
Rule, a request must originate from192.0.2.44AND include aUser-Agentheader for which the value isBadBot.-
- Rule
Group This is AWS WAF Classic documentation. For more information, see AWS WAF Classic in the developer guide.
For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS WAF Developer Guide. With the latest version, AWS WAF has a single set of endpoints for regional and global use.
A collection of predefined rules that you can add to a web ACL.
Rule groups are subject to the following limits:
-
Three rule groups per account. You can request an increase to this limit by contacting customer support.
-
One rule group per web ACL.
-
Ten rules per rule group.
-
- Rule
Group Summary This is AWS WAF Classic documentation. For more information, see AWS WAF Classic in the developer guide.
For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS WAF Developer Guide. With the latest version, AWS WAF has a single set of endpoints for regional and global use.
Contains the identifier and the friendly name or description of the
RuleGroup.- Rule
Group Update This is AWS WAF Classic documentation. For more information, see AWS WAF Classic in the developer guide.
For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS WAF Developer Guide. With the latest version, AWS WAF has a single set of endpoints for regional and global use.
Specifies an
ActivatedRuleand indicates whether you want to add it to aRuleGroupor delete it from aRuleGroup.- Rule
Summary This is AWS WAF Classic documentation. For more information, see AWS WAF Classic in the developer guide.
For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS WAF Developer Guide. With the latest version, AWS WAF has a single set of endpoints for regional and global use.
Contains the identifier and the friendly name or description of the
Rule.- Rule
Update This is AWS WAF Classic documentation. For more information, see AWS WAF Classic in the developer guide.
For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS WAF Developer Guide. With the latest version, AWS WAF has a single set of endpoints for regional and global use.
Specifies a
Predicate(such as anIPSet) and indicates whether you want to add it to aRuleor delete it from aRule.- SampledHTTP
Request This is AWS WAF Classic documentation. For more information, see AWS WAF Classic in the developer guide.
For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS WAF Developer Guide. With the latest version, AWS WAF has a single set of endpoints for regional and global use.
The response from a GetSampledRequests request includes a
SampledHTTPRequestscomplex type that appears asSampledRequestsin the response syntax.SampledHTTPRequestscontains oneSampledHTTPRequestobject for each web request that is returned byGetSampledRequests.- Size
Constraint This is AWS WAF Classic documentation. For more information, see AWS WAF Classic in the developer guide.
For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS WAF Developer Guide. With the latest version, AWS WAF has a single set of endpoints for regional and global use.
Specifies a constraint on the size of a part of the web request. AWS WAF uses the
Size,ComparisonOperator, andFieldToMatchto build an expression in the form of "SizeComparisonOperatorsize in bytes ofFieldToMatch". If that expression is true, theSizeConstraintis considered to match.- Size
Constraint Set This is AWS WAF Classic documentation. For more information, see AWS WAF Classic in the developer guide.
For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS WAF Developer Guide. With the latest version, AWS WAF has a single set of endpoints for regional and global use.
A complex type that contains
SizeConstraintobjects, which specify the parts of web requests that you want AWS WAF to inspect the size of. If aSizeConstraintSetcontains more than oneSizeConstraintobject, a request only needs to match one constraint to be considered a match.- Size
Constraint SetSummary This is AWS WAF Classic documentation. For more information, see AWS WAF Classic in the developer guide.
For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS WAF Developer Guide. With the latest version, AWS WAF has a single set of endpoints for regional and global use.
The
IdandNameof aSizeConstraintSet.- Size
Constraint SetUpdate This is AWS WAF Classic documentation. For more information, see AWS WAF Classic in the developer guide.
For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS WAF Developer Guide. With the latest version, AWS WAF has a single set of endpoints for regional and global use.
Specifies the part of a web request that you want to inspect the size of and indicates whether you want to add the specification to a SizeConstraintSet or delete it from a
SizeConstraintSet.- SqlInjection
Match Set This is AWS WAF Classic documentation. For more information, see AWS WAF Classic in the developer guide.
For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS WAF Developer Guide. With the latest version, AWS WAF has a single set of endpoints for regional and global use.
A complex type that contains
SqlInjectionMatchTupleobjects, which specify the parts of web requests that you want AWS WAF to inspect for snippets of malicious SQL code and, if you want AWS WAF to inspect a header, the name of the header. If aSqlInjectionMatchSetcontains more than oneSqlInjectionMatchTupleobject, a request needs to include snippets of SQL code in only one of the specified parts of the request to be considered a match.- SqlInjection
Match SetSummary This is AWS WAF Classic documentation. For more information, see AWS WAF Classic in the developer guide.
For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS WAF Developer Guide. With the latest version, AWS WAF has a single set of endpoints for regional and global use.
The
IdandNameof aSqlInjectionMatchSet.- SqlInjection
Match SetUpdate This is AWS WAF Classic documentation. For more information, see AWS WAF Classic in the developer guide.
For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS WAF Developer Guide. With the latest version, AWS WAF has a single set of endpoints for regional and global use.
Specifies the part of a web request that you want to inspect for snippets of malicious SQL code and indicates whether you want to add the specification to a SqlInjectionMatchSet or delete it from a
SqlInjectionMatchSet.- SqlInjection
Match Tuple This is AWS WAF Classic documentation. For more information, see AWS WAF Classic in the developer guide.
For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS WAF Developer Guide. With the latest version, AWS WAF has a single set of endpoints for regional and global use.
Specifies the part of a web request that you want AWS WAF to inspect for snippets of malicious SQL code and, if you want AWS WAF to inspect a header, the name of the header.
- Subscribed
Rule Group Summary This is AWS WAF Classic documentation. For more information, see AWS WAF Classic in the developer guide.
For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS WAF Developer Guide. With the latest version, AWS WAF has a single set of endpoints for regional and global use.
A summary of the rule groups you are subscribed to.
- Tag
This is AWS WAF Classic documentation. For more information, see AWS WAF Classic in the developer guide.
For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS WAF Developer Guide. With the latest version, AWS WAF has a single set of endpoints for regional and global use.
A tag associated with an AWS resource. Tags are key:value pairs that you can use to categorize and manage your resources, for purposes like billing. For example, you might set the tag key to "customer" and the value to the customer name or ID. You can specify one or more tags to add to each AWS resource, up to 50 tags for a resource.
Tagging is only available through the API, SDKs, and CLI. You can't manage or view tags through the AWS WAF Classic console. You can tag the AWS resources that you manage through AWS WAF Classic: web ACLs, rule groups, and rules.
- TagInfo
ForResource This is AWS WAF Classic documentation. For more information, see AWS WAF Classic in the developer guide.
For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS WAF Developer Guide. With the latest version, AWS WAF has a single set of endpoints for regional and global use.
Information for a tag associated with an AWS resource. Tags are key:value pairs that you can use to categorize and manage your resources, for purposes like billing. For example, you might set the tag key to "customer" and the value to the customer name or ID. You can specify one or more tags to add to each AWS resource, up to 50 tags for a resource.
Tagging is only available through the API, SDKs, and CLI. You can't manage or view tags through the AWS WAF Classic console. You can tag the AWS resources that you manage through AWS WAF Classic: web ACLs, rule groups, and rules.
- TagResource
Request - TagResource
Response - Time
Window This is AWS WAF Classic documentation. For more information, see AWS WAF Classic in the developer guide.
For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS WAF Developer Guide. With the latest version, AWS WAF has a single set of endpoints for regional and global use.
In a GetSampledRequests request, the
StartTimeandEndTimeobjects specify the time range for which you want AWS WAF to return a sample of web requests.You must specify the times in Coordinated Universal Time (UTC) format. UTC format includes the special designator,
Z. For example,"2016-09-27T14:50Z".In a GetSampledRequests response, the
StartTimeandEndTimeobjects specify the time range for which AWS WAF actually returned a sample of web requests. AWS WAF gets the specified number of requests from among the first 5,000 requests that your AWS resource receives during the specified time period. If your resource receives more than 5,000 requests during that period, AWS WAF stops sampling after the 5,000th request. In that case,EndTimeis the time that AWS WAF received the 5,000th request.- Untag
Resource Request - Untag
Resource Response - Update
Byte Match SetRequest - Update
Byte Match SetResponse - Update
GeoMatch SetRequest - Update
GeoMatch SetResponse - UpdateIP
SetRequest - UpdateIP
SetResponse - Update
Rate Based Rule Request - Update
Rate Based Rule Response - Update
Regex Match SetRequest - Update
Regex Match SetResponse - Update
Regex Pattern SetRequest - Update
Regex Pattern SetResponse - Update
Rule Group Request - Update
Rule Group Response - Update
Rule Request - Update
Rule Response - Update
Size Constraint SetRequest - Update
Size Constraint SetResponse - Update
SqlInjection Match SetRequest A request to update a SqlInjectionMatchSet.
- Update
SqlInjection Match SetResponse The response to an UpdateSqlInjectionMatchSets request.
- Update
WebACL Request - Update
WebACL Response - Update
XssMatch SetRequest A request to update an XssMatchSet.
- Update
XssMatch SetResponse The response to an UpdateXssMatchSets request.
- WafAction
This is AWS WAF Classic documentation. For more information, see AWS WAF Classic in the developer guide.
For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS WAF Developer Guide. With the latest version, AWS WAF has a single set of endpoints for regional and global use.
For the action that is associated with a rule in a
WebACL, specifies the action that you want AWS WAF to perform when a web request matches all of the conditions in a rule. For the default action in aWebACL, specifies the action that you want AWS WAF to take when a web request doesn't match all of the conditions in any of the rules in aWebACL.- WafClient
- A client for the WAF API.
- WafOverride
Action This is AWS WAF Classic documentation. For more information, see AWS WAF Classic in the developer guide.
For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS WAF Developer Guide. With the latest version, AWS WAF has a single set of endpoints for regional and global use.
The action to take if any rule within the
RuleGroupmatches a request.- WebACL
This is AWS WAF Classic documentation. For more information, see AWS WAF Classic in the developer guide.
For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS WAF Developer Guide. With the latest version, AWS WAF has a single set of endpoints for regional and global use.
Contains the
Rulesthat identify the requests that you want to allow, block, or count. In aWebACL, you also specify a default action (ALLOWorBLOCK), and the action for eachRulethat you add to aWebACL, for example, block requests from specified IP addresses or block requests from specified referrers. You also associate theWebACLwith a CloudFront distribution to identify the requests that you want AWS WAF to filter. If you add more than oneRuleto aWebACL, a request needs to match only one of the specifications to be allowed, blocked, or counted. For more information, see UpdateWebACL.- WebACL
Summary This is AWS WAF Classic documentation. For more information, see AWS WAF Classic in the developer guide.
For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS WAF Developer Guide. With the latest version, AWS WAF has a single set of endpoints for regional and global use.
Contains the identifier and the name or description of the WebACL.
- WebACL
Update This is AWS WAF Classic documentation. For more information, see AWS WAF Classic in the developer guide.
For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS WAF Developer Guide. With the latest version, AWS WAF has a single set of endpoints for regional and global use.
Specifies whether to insert a
Ruleinto or delete aRulefrom aWebACL.- XssMatch
Set This is AWS WAF Classic documentation. For more information, see AWS WAF Classic in the developer guide.
For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS WAF Developer Guide. With the latest version, AWS WAF has a single set of endpoints for regional and global use.
A complex type that contains
XssMatchTupleobjects, which specify the parts of web requests that you want AWS WAF to inspect for cross-site scripting attacks and, if you want AWS WAF to inspect a header, the name of the header. If aXssMatchSetcontains more than oneXssMatchTupleobject, a request needs to include cross-site scripting attacks in only one of the specified parts of the request to be considered a match.- XssMatch
SetSummary This is AWS WAF Classic documentation. For more information, see AWS WAF Classic in the developer guide.
For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS WAF Developer Guide. With the latest version, AWS WAF has a single set of endpoints for regional and global use.
The
IdandNameof anXssMatchSet.- XssMatch
SetUpdate This is AWS WAF Classic documentation. For more information, see AWS WAF Classic in the developer guide.
For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS WAF Developer Guide. With the latest version, AWS WAF has a single set of endpoints for regional and global use.
Specifies the part of a web request that you want to inspect for cross-site scripting attacks and indicates whether you want to add the specification to an XssMatchSet or delete it from an
XssMatchSet.- XssMatch
Tuple This is AWS WAF Classic documentation. For more information, see AWS WAF Classic in the developer guide.
For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS WAF Developer Guide. With the latest version, AWS WAF has a single set of endpoints for regional and global use.
Specifies the part of a web request that you want AWS WAF to inspect for cross-site scripting attacks and, if you want AWS WAF to inspect a header, the name of the header.
Enums§
- Create
Byte Match SetError - Errors returned by CreateByteMatchSet
- Create
GeoMatch SetError - Errors returned by CreateGeoMatchSet
- CreateIP
SetError - Errors returned by CreateIPSet
- Create
Rate Based Rule Error - Errors returned by CreateRateBasedRule
- Create
Regex Match SetError - Errors returned by CreateRegexMatchSet
- Create
Regex Pattern SetError - Errors returned by CreateRegexPatternSet
- Create
Rule Error - Errors returned by CreateRule
- Create
Rule Group Error - Errors returned by CreateRuleGroup
- Create
Size Constraint SetError - Errors returned by CreateSizeConstraintSet
- Create
SqlInjection Match SetError - Errors returned by CreateSqlInjectionMatchSet
- Create
WebACL Error - Errors returned by CreateWebACL
- Create
WebACL Migration Stack Error - Errors returned by CreateWebACLMigrationStack
- Create
XssMatch SetError - Errors returned by CreateXssMatchSet
- Delete
Byte Match SetError - Errors returned by DeleteByteMatchSet
- Delete
GeoMatch SetError - Errors returned by DeleteGeoMatchSet
- DeleteIP
SetError - Errors returned by DeleteIPSet
- Delete
Logging Configuration Error - Errors returned by DeleteLoggingConfiguration
- Delete
Permission Policy Error - Errors returned by DeletePermissionPolicy
- Delete
Rate Based Rule Error - Errors returned by DeleteRateBasedRule
- Delete
Regex Match SetError - Errors returned by DeleteRegexMatchSet
- Delete
Regex Pattern SetError - Errors returned by DeleteRegexPatternSet
- Delete
Rule Error - Errors returned by DeleteRule
- Delete
Rule Group Error - Errors returned by DeleteRuleGroup
- Delete
Size Constraint SetError - Errors returned by DeleteSizeConstraintSet
- Delete
SqlInjection Match SetError - Errors returned by DeleteSqlInjectionMatchSet
- Delete
WebACL Error - Errors returned by DeleteWebACL
- Delete
XssMatch SetError - Errors returned by DeleteXssMatchSet
- GetByte
Match SetError - Errors returned by GetByteMatchSet
- GetChange
Token Error - Errors returned by GetChangeToken
- GetChange
Token Status Error - Errors returned by GetChangeTokenStatus
- GetGeo
Match SetError - Errors returned by GetGeoMatchSet
- GetIP
SetError - Errors returned by GetIPSet
- GetLogging
Configuration Error - Errors returned by GetLoggingConfiguration
- GetPermission
Policy Error - Errors returned by GetPermissionPolicy
- GetRate
Based Rule Error - Errors returned by GetRateBasedRule
- GetRate
Based Rule Managed Keys Error - Errors returned by GetRateBasedRuleManagedKeys
- GetRegex
Match SetError - Errors returned by GetRegexMatchSet
- GetRegex
Pattern SetError - Errors returned by GetRegexPatternSet
- GetRule
Error - Errors returned by GetRule
- GetRule
Group Error - Errors returned by GetRuleGroup
- GetSampled
Requests Error - Errors returned by GetSampledRequests
- GetSize
Constraint SetError - Errors returned by GetSizeConstraintSet
- GetSql
Injection Match SetError - Errors returned by GetSqlInjectionMatchSet
- GetWebACL
Error - Errors returned by GetWebACL
- GetXss
Match SetError - Errors returned by GetXssMatchSet
- List
Activated Rules InRule Group Error - Errors returned by ListActivatedRulesInRuleGroup
- List
Byte Match Sets Error - Errors returned by ListByteMatchSets
- List
GeoMatch Sets Error - Errors returned by ListGeoMatchSets
- ListIP
Sets Error - Errors returned by ListIPSets
- List
Logging Configurations Error - Errors returned by ListLoggingConfigurations
- List
Rate Based Rules Error - Errors returned by ListRateBasedRules
- List
Regex Match Sets Error - Errors returned by ListRegexMatchSets
- List
Regex Pattern Sets Error - Errors returned by ListRegexPatternSets
- List
Rule Groups Error - Errors returned by ListRuleGroups
- List
Rules Error - Errors returned by ListRules
- List
Size Constraint Sets Error - Errors returned by ListSizeConstraintSets
- List
SqlInjection Match Sets Error - Errors returned by ListSqlInjectionMatchSets
- List
Subscribed Rule Groups Error - Errors returned by ListSubscribedRuleGroups
- List
Tags ForResource Error - Errors returned by ListTagsForResource
- List
WebAC LsError - Errors returned by ListWebACLs
- List
XssMatch Sets Error - Errors returned by ListXssMatchSets
- PutLogging
Configuration Error - Errors returned by PutLoggingConfiguration
- PutPermission
Policy Error - Errors returned by PutPermissionPolicy
- TagResource
Error - Errors returned by TagResource
- Untag
Resource Error - Errors returned by UntagResource
- Update
Byte Match SetError - Errors returned by UpdateByteMatchSet
- Update
GeoMatch SetError - Errors returned by UpdateGeoMatchSet
- UpdateIP
SetError - Errors returned by UpdateIPSet
- Update
Rate Based Rule Error - Errors returned by UpdateRateBasedRule
- Update
Regex Match SetError - Errors returned by UpdateRegexMatchSet
- Update
Regex Pattern SetError - Errors returned by UpdateRegexPatternSet
- Update
Rule Error - Errors returned by UpdateRule
- Update
Rule Group Error - Errors returned by UpdateRuleGroup
- Update
Size Constraint SetError - Errors returned by UpdateSizeConstraintSet
- Update
SqlInjection Match SetError - Errors returned by UpdateSqlInjectionMatchSet
- Update
WebACL Error - Errors returned by UpdateWebACL
- Update
XssMatch SetError - Errors returned by UpdateXssMatchSet
Traits§
- Waf
- Trait representing the capabilities of the WAF API. WAF clients implement this trait.