// Code generated by private/model/cli/gen-api/main.go. DO NOT EDIT. package wafregional import ( "fmt" "time" "github.com/aws/aws-sdk-go-v2/aws" "github.com/aws/aws-sdk-go-v2/internal/awsutil" ) var _ aws.Config var _ = awsutil.Prettify // // This is AWS WAF Classic documentation. For more information, see AWS WAF // Classic (https://docs.aws.amazon.com/waf/latest/developerguide/classic-waf-chapter.html) // in the developer guide. // // For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS // WAF Developer Guide (https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html). // With the latest version, AWS WAF has a single set of endpoints for regional // and global use. // // The ActivatedRule object in an UpdateWebACL request specifies a Rule that // you want to insert or delete, the priority of the Rule in the WebACL, and // the action that you want AWS WAF to take when a web request matches the Rule // (ALLOW, BLOCK, or COUNT). // // To specify whether to insert or delete a Rule, use the Action parameter in // the WebACLUpdate data type. type ActivatedRule struct { _ struct{} `type:"structure"` // Specifies the action that CloudFront or AWS WAF takes when a web request // matches the conditions in the Rule. Valid values for Action include the following: // // * ALLOW: CloudFront responds with the requested object. // // * BLOCK: CloudFront responds with an HTTP 403 (Forbidden) status code. // // * COUNT: AWS WAF increments a counter of requests that match the conditions // in the rule and then continues to inspect the web request based on the // remaining rules in the web ACL. // // ActivatedRule|OverrideAction applies only when updating or adding a RuleGroup // to a WebACL. In this case, you do not use ActivatedRule|Action. For all other // update requests, ActivatedRule|Action is used instead of ActivatedRule|OverrideAction. Action *WafAction `type:"structure"` // An array of rules to exclude from a rule group. This is applicable only when // the ActivatedRule refers to a RuleGroup. // // Sometimes it is necessary to troubleshoot rule groups that are blocking traffic // unexpectedly (false positives). One troubleshooting technique is to identify // the specific rule within the rule group that is blocking the legitimate traffic // and then disable (exclude) that particular rule. You can exclude rules from // both your own rule groups and AWS Marketplace rule groups that have been // associated with a web ACL. // // Specifying ExcludedRules does not remove those rules from the rule group. // Rather, it changes the action for the rules to COUNT. Therefore, requests // that match an ExcludedRule are counted but not blocked. The RuleGroup owner // will receive COUNT metrics for each ExcludedRule. // // If you want to exclude rules from a rule group that is already associated // with a web ACL, perform the following steps: // // Use the AWS WAF logs to identify the IDs of the rules that you want to exclude. // For more information about the logs, see Logging Web ACL Traffic Information // (https://docs.aws.amazon.com/waf/latest/developerguide/logging.html). // // Submit an UpdateWebACL request that has two actions: // // * The first action deletes the existing rule group from the web ACL. That // is, in the UpdateWebACL request, the first Updates:Action should be DELETE // and Updates:ActivatedRule:RuleId should be the rule group that contains // the rules that you want to exclude. // // * The second action inserts the same rule group back in, but specifying // the rules to exclude. That is, the second Updates:Action should be INSERT, // Updates:ActivatedRule:RuleId should be the rule group that you just removed, // and ExcludedRules should contain the rules that you want to exclude. ExcludedRules []ExcludedRule `type:"list"` // Use the OverrideAction to test your RuleGroup. // // Any rule in a RuleGroup can potentially block a request. If you set the OverrideAction // to None, the RuleGroup will block a request if any individual rule in the // RuleGroup matches the request and is configured to block that request. However // if you first want to test the RuleGroup, set the OverrideAction to Count. // The RuleGroup will then override any block action specified by individual // rules contained within the group. Instead of blocking matching requests, // those requests will be counted. You can view a record of counted requests // using GetSampledRequests. // // ActivatedRule|OverrideAction applies only when updating or adding a RuleGroup // to a WebACL. In this case you do not use ActivatedRule|Action. For all other // update requests, ActivatedRule|Action is used instead of ActivatedRule|OverrideAction. OverrideAction *WafOverrideAction `type:"structure"` // Specifies the order in which the Rules in a WebACL are evaluated. Rules with // a lower value for Priority are evaluated before Rules with a higher value. // The value must be a unique integer. If you add multiple Rules to a WebACL, // the values don't need to be consecutive. // // Priority is a required field Priority *int64 `type:"integer" required:"true"` // The RuleId for a Rule. You use RuleId to get more information about a Rule // (see GetRule), update a Rule (see UpdateRule), insert a Rule into a WebACL // or delete a one from a WebACL (see UpdateWebACL), or delete a Rule from AWS // WAF (see DeleteRule). // // RuleId is returned by CreateRule and by ListRules. // // RuleId is a required field RuleId *string `min:"1" type:"string" required:"true"` // The rule type, either REGULAR, as defined by Rule, RATE_BASED, as defined // by RateBasedRule, or GROUP, as defined by RuleGroup. The default is REGULAR. // Although this field is optional, be aware that if you try to add a RATE_BASED // rule to a web ACL without setting the type, the UpdateWebACL request will // fail because the request tries to add a REGULAR rule with the specified ID, // which does not exist. Type WafRuleType `type:"string" enum:"true"` } // String returns the string representation func (s ActivatedRule) String() string { return awsutil.Prettify(s) } // Validate inspects the fields of the type to determine if they are valid. func (s *ActivatedRule) Validate() error { invalidParams := aws.ErrInvalidParams{Context: "ActivatedRule"} if s.Priority == nil { invalidParams.Add(aws.NewErrParamRequired("Priority")) } if s.RuleId == nil { invalidParams.Add(aws.NewErrParamRequired("RuleId")) } if s.RuleId != nil && len(*s.RuleId) < 1 { invalidParams.Add(aws.NewErrParamMinLen("RuleId", 1)) } if s.Action != nil { if err := s.Action.Validate(); err != nil { invalidParams.AddNested("Action", err.(aws.ErrInvalidParams)) } } if s.ExcludedRules != nil { for i, v := range s.ExcludedRules { if err := v.Validate(); err != nil { invalidParams.AddNested(fmt.Sprintf("%s[%v]", "ExcludedRules", i), err.(aws.ErrInvalidParams)) } } } if s.OverrideAction != nil { if err := s.OverrideAction.Validate(); err != nil { invalidParams.AddNested("OverrideAction", err.(aws.ErrInvalidParams)) } } if invalidParams.Len() > 0 { return invalidParams } return nil } // // This is AWS WAF Classic documentation. For more information, see AWS WAF // Classic (https://docs.aws.amazon.com/waf/latest/developerguide/classic-waf-chapter.html) // in the developer guide. // // For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS // WAF Developer Guide (https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html). // With the latest version, AWS WAF has a single set of endpoints for regional // and global use. // // In a GetByteMatchSet request, ByteMatchSet is a complex type that contains // the ByteMatchSetId and Name of a ByteMatchSet, and the values that you specified // when you updated the ByteMatchSet. // // A complex type that contains ByteMatchTuple objects, which specify the parts // of web requests that you want AWS WAF to inspect and the values that you // want AWS WAF to search for. If a ByteMatchSet contains more than one ByteMatchTuple // object, a request needs to match the settings in only one ByteMatchTuple // to be considered a match. type ByteMatchSet struct { _ struct{} `type:"structure"` // The ByteMatchSetId for a ByteMatchSet. You use ByteMatchSetId to get information // about a ByteMatchSet (see GetByteMatchSet), update a ByteMatchSet (see UpdateByteMatchSet), // insert a ByteMatchSet into a Rule or delete one from a Rule (see UpdateRule), // and delete a ByteMatchSet from AWS WAF (see DeleteByteMatchSet). // // ByteMatchSetId is returned by CreateByteMatchSet and by ListByteMatchSets. // // ByteMatchSetId is a required field ByteMatchSetId *string `min:"1" type:"string" required:"true"` // Specifies the bytes (typically a string that corresponds with ASCII characters) // that you want AWS WAF to search for in web requests, the location in requests // that you want AWS WAF to search, and other settings. // // ByteMatchTuples is a required field ByteMatchTuples []ByteMatchTuple `type:"list" required:"true"` // A friendly name or description of the ByteMatchSet. You can't change Name // after you create a ByteMatchSet. Name *string `min:"1" type:"string"` } // String returns the string representation func (s ByteMatchSet) String() string { return awsutil.Prettify(s) } // // This is AWS WAF Classic documentation. For more information, see AWS WAF // Classic (https://docs.aws.amazon.com/waf/latest/developerguide/classic-waf-chapter.html) // in the developer guide. // // For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS // WAF Developer Guide (https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html). // With the latest version, AWS WAF has a single set of endpoints for regional // and global use. // // Returned by ListByteMatchSets. Each ByteMatchSetSummary object includes the // Name and ByteMatchSetId for one ByteMatchSet. type ByteMatchSetSummary struct { _ struct{} `type:"structure"` // The ByteMatchSetId for a ByteMatchSet. You use ByteMatchSetId to get information // about a ByteMatchSet, update a ByteMatchSet, remove a ByteMatchSet from a // Rule, and delete a ByteMatchSet from AWS WAF. // // ByteMatchSetId is returned by CreateByteMatchSet and by ListByteMatchSets. // // ByteMatchSetId is a required field ByteMatchSetId *string `min:"1" type:"string" required:"true"` // A friendly name or description of the ByteMatchSet. You can't change Name // after you create a ByteMatchSet. // // Name is a required field Name *string `min:"1" type:"string" required:"true"` } // String returns the string representation func (s ByteMatchSetSummary) String() string { return awsutil.Prettify(s) } // // This is AWS WAF Classic documentation. For more information, see AWS WAF // Classic (https://docs.aws.amazon.com/waf/latest/developerguide/classic-waf-chapter.html) // in the developer guide. // // For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS // WAF Developer Guide (https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html). // With the latest version, AWS WAF has a single set of endpoints for regional // and global use. // // In an UpdateByteMatchSet request, ByteMatchSetUpdate specifies whether to // insert or delete a ByteMatchTuple and includes the settings for the ByteMatchTuple. type ByteMatchSetUpdate struct { _ struct{} `type:"structure"` // Specifies whether to insert or delete a ByteMatchTuple. // // Action is a required field Action ChangeAction `type:"string" required:"true" enum:"true"` // Information about the part of a web request that you want AWS WAF to inspect // and the value that you want AWS WAF to search for. If you specify DELETE // for the value of Action, the ByteMatchTuple values must exactly match the // values in the ByteMatchTuple that you want to delete from the ByteMatchSet. // // ByteMatchTuple is a required field ByteMatchTuple *ByteMatchTuple `type:"structure" required:"true"` } // String returns the string representation func (s ByteMatchSetUpdate) String() string { return awsutil.Prettify(s) } // Validate inspects the fields of the type to determine if they are valid. func (s *ByteMatchSetUpdate) Validate() error { invalidParams := aws.ErrInvalidParams{Context: "ByteMatchSetUpdate"} if len(s.Action) == 0 { invalidParams.Add(aws.NewErrParamRequired("Action")) } if s.ByteMatchTuple == nil { invalidParams.Add(aws.NewErrParamRequired("ByteMatchTuple")) } if s.ByteMatchTuple != nil { if err := s.ByteMatchTuple.Validate(); err != nil { invalidParams.AddNested("ByteMatchTuple", err.(aws.ErrInvalidParams)) } } if invalidParams.Len() > 0 { return invalidParams } return nil } // // This is AWS WAF Classic documentation. For more information, see AWS WAF // Classic (https://docs.aws.amazon.com/waf/latest/developerguide/classic-waf-chapter.html) // in the developer guide. // // For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS // WAF Developer Guide (https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html). // With the latest version, AWS WAF has a single set of endpoints for regional // and global use. // // The bytes (typically a string that corresponds with ASCII characters) that // you want AWS WAF to search for in web requests, the location in requests // that you want AWS WAF to search, and other settings. type ByteMatchTuple struct { _ struct{} `type:"structure"` // The part of a web request that you want AWS WAF to search, such as a specified // header or a query string. For more information, see FieldToMatch. // // FieldToMatch is a required field FieldToMatch *FieldToMatch `type:"structure" required:"true"` // Within the portion of a web request that you want to search (for example, // in the query string, if any), specify where you want AWS WAF to search. Valid // values include the following: // // CONTAINS // // The specified part of the web request must include the value of TargetString, // but the location doesn't matter. // // CONTAINS_WORD // // The specified part of the web request must include the value of TargetString, // and TargetString must contain only alphanumeric characters or underscore // (A-Z, a-z, 0-9, or _). In addition, TargetString must be a word, which means // one of the following: // // * TargetString exactly matches the value of the specified part of the // web request, such as the value of a header. // // * TargetString is at the beginning of the specified part of the web request // and is followed by a character other than an alphanumeric character or // underscore (_), for example, BadBot;. // // * TargetString is at the end of the specified part of the web request // and is preceded by a character other than an alphanumeric character or // underscore (_), for example, ;BadBot. // // * TargetString is in the middle of the specified part of the web request // and is preceded and followed by characters other than alphanumeric characters // or underscore (_), for example, -BadBot;. // // EXACTLY // // The value of the specified part of the web request must exactly match the // value of TargetString. // // STARTS_WITH // // The value of TargetString must appear at the beginning of the specified part // of the web request. // // ENDS_WITH // // The value of TargetString must appear at the end of the specified part of // the web request. // // PositionalConstraint is a required field PositionalConstraint PositionalConstraint `type:"string" required:"true" enum:"true"` // The value that you want AWS WAF to search for. AWS WAF searches for the specified // string in the part of web requests that you specified in FieldToMatch. The // maximum length of the value is 50 bytes. // // Valid values depend on the values that you specified for FieldToMatch: // // * HEADER: The value that you want AWS WAF to search for in the request // header that you specified in FieldToMatch, for example, the value of the // User-Agent or Referer header. // // * METHOD: The HTTP method, which indicates the type of operation specified // in the request. CloudFront supports the following methods: DELETE, GET, // HEAD, OPTIONS, PATCH, POST, and PUT. // // * QUERY_STRING: The value that you want AWS WAF to search for in the query // string, which is the part of a URL that appears after a ? character. // // * URI: The value that you want AWS WAF to search for in the part of a // URL that identifies a resource, for example, /images/daily-ad.jpg. // // * BODY: The part of a request that contains any additional data that you // want to send to your web server as the HTTP request body, such as data // from a form. The request body immediately follows the request headers. // Note that only the first 8192 bytes of the request body are forwarded // to AWS WAF for inspection. To allow or block requests based on the length // of the body, you can create a size constraint set. For more information, // see CreateSizeConstraintSet. // // * SINGLE_QUERY_ARG: The parameter in the query string that you will inspect, // such as UserName or SalesRegion. The maximum length for SINGLE_QUERY_ARG // is 30 characters. // // * ALL_QUERY_ARGS: Similar to SINGLE_QUERY_ARG, but instead of inspecting // a single parameter, AWS WAF inspects all parameters within the query string // for the value or regex pattern that you specify in TargetString. // // If TargetString includes alphabetic characters A-Z and a-z, note that the // value is case sensitive. // // If you're using the AWS WAF API // // Specify a base64-encoded version of the value. The maximum length of the // value before you base64-encode it is 50 bytes. // // For example, suppose the value of Type is HEADER and the value of Data is // User-Agent. If you want to search the User-Agent header for the value BadBot, // you base64-encode BadBot using MIME base64-encoding and include the resulting // value, QmFkQm90, in the value of TargetString. // // If you're using the AWS CLI or one of the AWS SDKs // // The value that you want AWS WAF to search for. The SDK automatically base64 // encodes the value. // // TargetString is automatically base64 encoded/decoded by the SDK. // // TargetString is a required field TargetString []byte `type:"blob" required:"true"` // Text transformations eliminate some of the unusual formatting that attackers // use in web requests in an effort to bypass AWS WAF. If you specify a transformation, // AWS WAF performs the transformation on FieldToMatch before inspecting it // for a match. // // You can only specify a single type of TextTransformation. // // CMD_LINE // // When you're concerned that attackers are injecting an operating system command // line command and using unusual formatting to disguise some or all of the // command, use this option to perform the following transformations: // // * Delete the following characters: \ " ' ^ // // * Delete spaces before the following characters: / ( // // * Replace the following characters with a space: , ; // // * Replace multiple spaces with one space // // * Convert uppercase letters (A-Z) to lowercase (a-z) // // COMPRESS_WHITE_SPACE // // Use this option to replace the following characters with a space character // (decimal 32): // // * \f, formfeed, decimal 12 // // * \t, tab, decimal 9 // // * \n, newline, decimal 10 // // * \r, carriage return, decimal 13 // // * \v, vertical tab, decimal 11 // // * non-breaking space, decimal 160 // // COMPRESS_WHITE_SPACE also replaces multiple spaces with one space. // // HTML_ENTITY_DECODE // // Use this option to replace HTML-encoded characters with unencoded characters. // HTML_ENTITY_DECODE performs the following operations: // // * Replaces (ampersand)quot; with " // // * Replaces (ampersand)nbsp; with a non-breaking space, decimal 160 // // * Replaces (ampersand)lt; with a "less than" symbol // // * Replaces (ampersand)gt; with > // // * Replaces characters that are represented in hexadecimal format, (ampersand)#xhhhh;, // with the corresponding characters // // * Replaces characters that are represented in decimal format, (ampersand)#nnnn;, // with the corresponding characters // // LOWERCASE // // Use this option to convert uppercase letters (A-Z) to lowercase (a-z). // // URL_DECODE // // Use this option to decode a URL-encoded value. // // NONE // // Specify NONE if you don't want to perform any text transformations. // // TextTransformation is a required field TextTransformation TextTransformation `type:"string" required:"true" enum:"true"` } // String returns the string representation func (s ByteMatchTuple) String() string { return awsutil.Prettify(s) } // Validate inspects the fields of the type to determine if they are valid. func (s *ByteMatchTuple) Validate() error { invalidParams := aws.ErrInvalidParams{Context: "ByteMatchTuple"} if s.FieldToMatch == nil { invalidParams.Add(aws.NewErrParamRequired("FieldToMatch")) } if len(s.PositionalConstraint) == 0 { invalidParams.Add(aws.NewErrParamRequired("PositionalConstraint")) } if s.TargetString == nil { invalidParams.Add(aws.NewErrParamRequired("TargetString")) } if len(s.TextTransformation) == 0 { invalidParams.Add(aws.NewErrParamRequired("TextTransformation")) } if s.FieldToMatch != nil { if err := s.FieldToMatch.Validate(); err != nil { invalidParams.AddNested("FieldToMatch", err.(aws.ErrInvalidParams)) } } if invalidParams.Len() > 0 { return invalidParams } return nil } // // This is AWS WAF Classic documentation. For more information, see AWS WAF // Classic (https://docs.aws.amazon.com/waf/latest/developerguide/classic-waf-chapter.html) // in the developer guide. // // For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS // WAF Developer Guide (https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html). // With the latest version, AWS WAF has a single set of endpoints for regional // and global use. // // The rule to exclude from a rule group. This is applicable only when the ActivatedRule // refers to a RuleGroup. The rule must belong to the RuleGroup that is specified // by the ActivatedRule. type ExcludedRule struct { _ struct{} `type:"structure"` // The unique identifier for the rule to exclude from the rule group. // // RuleId is a required field RuleId *string `min:"1" type:"string" required:"true"` } // String returns the string representation func (s ExcludedRule) String() string { return awsutil.Prettify(s) } // Validate inspects the fields of the type to determine if they are valid. func (s *ExcludedRule) Validate() error { invalidParams := aws.ErrInvalidParams{Context: "ExcludedRule"} if s.RuleId == nil { invalidParams.Add(aws.NewErrParamRequired("RuleId")) } if s.RuleId != nil && len(*s.RuleId) < 1 { invalidParams.Add(aws.NewErrParamMinLen("RuleId", 1)) } if invalidParams.Len() > 0 { return invalidParams } return nil } // // This is AWS WAF Classic documentation. For more information, see AWS WAF // Classic (https://docs.aws.amazon.com/waf/latest/developerguide/classic-waf-chapter.html) // in the developer guide. // // For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS // WAF Developer Guide (https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html). // With the latest version, AWS WAF has a single set of endpoints for regional // and global use. // // Specifies where in a web request to look for TargetString. type FieldToMatch struct { _ struct{} `type:"structure"` // When the value of Type is HEADER, enter the name of the header that you want // AWS WAF to search, for example, User-Agent or Referer. The name of the header // is not case sensitive. // // When the value of Type is SINGLE_QUERY_ARG, enter the name of the parameter // that you want AWS WAF to search, for example, UserName or SalesRegion. The // parameter name is not case sensitive. // // If the value of Type is any other value, omit Data. Data *string `min:"1" type:"string"` // The part of the web request that you want AWS WAF to search for a specified // string. Parts of a request that you can search include the following: // // * HEADER: A specified request header, for example, the value of the User-Agent // or Referer header. If you choose HEADER for the type, specify the name // of the header in Data. // // * METHOD: The HTTP method, which indicated the type of operation that // the request is asking the origin to perform. Amazon CloudFront supports // the following methods: DELETE, GET, HEAD, OPTIONS, PATCH, POST, and PUT. // // * QUERY_STRING: A query string, which is the part of a URL that appears // after a ? character, if any. // // * URI: The part of a web request that identifies a resource, for example, // /images/daily-ad.jpg. // // * BODY: The part of a request that contains any additional data that you // want to send to your web server as the HTTP request body, such as data // from a form. The request body immediately follows the request headers. // Note that only the first 8192 bytes of the request body are forwarded // to AWS WAF for inspection. To allow or block requests based on the length // of the body, you can create a size constraint set. For more information, // see CreateSizeConstraintSet. // // * SINGLE_QUERY_ARG: The parameter in the query string that you will inspect, // such as UserName or SalesRegion. The maximum length for SINGLE_QUERY_ARG // is 30 characters. // // * ALL_QUERY_ARGS: Similar to SINGLE_QUERY_ARG, but rather than inspecting // a single parameter, AWS WAF will inspect all parameters within the query // for the value or regex pattern that you specify in TargetString. // // Type is a required field Type MatchFieldType `type:"string" required:"true" enum:"true"` } // String returns the string representation func (s FieldToMatch) String() string { return awsutil.Prettify(s) } // Validate inspects the fields of the type to determine if they are valid. func (s *FieldToMatch) Validate() error { invalidParams := aws.ErrInvalidParams{Context: "FieldToMatch"} if s.Data != nil && len(*s.Data) < 1 { invalidParams.Add(aws.NewErrParamMinLen("Data", 1)) } if len(s.Type) == 0 { invalidParams.Add(aws.NewErrParamRequired("Type")) } if invalidParams.Len() > 0 { return invalidParams } return nil } // // This is AWS WAF Classic documentation. For more information, see AWS WAF // Classic (https://docs.aws.amazon.com/waf/latest/developerguide/classic-waf-chapter.html) // in the developer guide. // // For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS // WAF Developer Guide (https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html). // With the latest version, AWS WAF has a single set of endpoints for regional // and global use. // // The country from which web requests originate that you want AWS WAF to search // for. type GeoMatchConstraint struct { _ struct{} `type:"structure"` // The type of geographical area you want AWS WAF to search for. Currently Country // is the only valid value. // // Type is a required field Type GeoMatchConstraintType `type:"string" required:"true" enum:"true"` // The country that you want AWS WAF to search for. // // Value is a required field Value GeoMatchConstraintValue `type:"string" required:"true" enum:"true"` } // String returns the string representation func (s GeoMatchConstraint) String() string { return awsutil.Prettify(s) } // Validate inspects the fields of the type to determine if they are valid. func (s *GeoMatchConstraint) Validate() error { invalidParams := aws.ErrInvalidParams{Context: "GeoMatchConstraint"} if len(s.Type) == 0 { invalidParams.Add(aws.NewErrParamRequired("Type")) } if len(s.Value) == 0 { invalidParams.Add(aws.NewErrParamRequired("Value")) } if invalidParams.Len() > 0 { return invalidParams } return nil } // // This is AWS WAF Classic documentation. For more information, see AWS WAF // Classic (https://docs.aws.amazon.com/waf/latest/developerguide/classic-waf-chapter.html) // in the developer guide. // // For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS // WAF Developer Guide (https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html). // With the latest version, AWS WAF has a single set of endpoints for regional // and global use. // // Contains one or more countries that AWS WAF will search for. type GeoMatchSet struct { _ struct{} `type:"structure"` // An array of GeoMatchConstraint objects, which contain the country that you // want AWS WAF to search for. // // GeoMatchConstraints is a required field GeoMatchConstraints []GeoMatchConstraint `type:"list" required:"true"` // The GeoMatchSetId for an GeoMatchSet. You use GeoMatchSetId to get information // about a GeoMatchSet (see GeoMatchSet), update a GeoMatchSet (see UpdateGeoMatchSet), // insert a GeoMatchSet into a Rule or delete one from a Rule (see UpdateRule), // and delete a GeoMatchSet from AWS WAF (see DeleteGeoMatchSet). // // GeoMatchSetId is returned by CreateGeoMatchSet and by ListGeoMatchSets. // // GeoMatchSetId is a required field GeoMatchSetId *string `min:"1" type:"string" required:"true"` // A friendly name or description of the GeoMatchSet. You can't change the name // of an GeoMatchSet after you create it. Name *string `min:"1" type:"string"` } // String returns the string representation func (s GeoMatchSet) String() string { return awsutil.Prettify(s) } // // This is AWS WAF Classic documentation. For more information, see AWS WAF // Classic (https://docs.aws.amazon.com/waf/latest/developerguide/classic-waf-chapter.html) // in the developer guide. // // For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS // WAF Developer Guide (https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html). // With the latest version, AWS WAF has a single set of endpoints for regional // and global use. // // Contains the identifier and the name of the GeoMatchSet. type GeoMatchSetSummary struct { _ struct{} `type:"structure"` // The GeoMatchSetId for an GeoMatchSet. You can use GeoMatchSetId in a GetGeoMatchSet // request to get detailed information about an GeoMatchSet. // // GeoMatchSetId is a required field GeoMatchSetId *string `min:"1" type:"string" required:"true"` // A friendly name or description of the GeoMatchSet. You can't change the name // of an GeoMatchSet after you create it. // // Name is a required field Name *string `min:"1" type:"string" required:"true"` } // String returns the string representation func (s GeoMatchSetSummary) String() string { return awsutil.Prettify(s) } // // This is AWS WAF Classic documentation. For more information, see AWS WAF // Classic (https://docs.aws.amazon.com/waf/latest/developerguide/classic-waf-chapter.html) // in the developer guide. // // For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS // WAF Developer Guide (https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html). // With the latest version, AWS WAF has a single set of endpoints for regional // and global use. // // Specifies the type of update to perform to an GeoMatchSet with UpdateGeoMatchSet. type GeoMatchSetUpdate struct { _ struct{} `type:"structure"` // Specifies whether to insert or delete a country with UpdateGeoMatchSet. // // Action is a required field Action ChangeAction `type:"string" required:"true" enum:"true"` // The country from which web requests originate that you want AWS WAF to search // for. // // GeoMatchConstraint is a required field GeoMatchConstraint *GeoMatchConstraint `type:"structure" required:"true"` } // String returns the string representation func (s GeoMatchSetUpdate) String() string { return awsutil.Prettify(s) } // Validate inspects the fields of the type to determine if they are valid. func (s *GeoMatchSetUpdate) Validate() error { invalidParams := aws.ErrInvalidParams{Context: "GeoMatchSetUpdate"} if len(s.Action) == 0 { invalidParams.Add(aws.NewErrParamRequired("Action")) } if s.GeoMatchConstraint == nil { invalidParams.Add(aws.NewErrParamRequired("GeoMatchConstraint")) } if s.GeoMatchConstraint != nil { if err := s.GeoMatchConstraint.Validate(); err != nil { invalidParams.AddNested("GeoMatchConstraint", err.(aws.ErrInvalidParams)) } } if invalidParams.Len() > 0 { return invalidParams } return nil } // // This is AWS WAF Classic documentation. For more information, see AWS WAF // Classic (https://docs.aws.amazon.com/waf/latest/developerguide/classic-waf-chapter.html) // in the developer guide. // // For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS // WAF Developer Guide (https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html). // With the latest version, AWS WAF has a single set of endpoints for regional // and global use. // // The response from a GetSampledRequests request includes an HTTPHeader complex // type that appears as Headers in the response syntax. HTTPHeader contains // the names and values of all of the headers that appear in one of the web // requests that were returned by GetSampledRequests. type HTTPHeader struct { _ struct{} `type:"structure"` // The name of one of the headers in the sampled web request. Name *string `type:"string"` // The value of one of the headers in the sampled web request. Value *string `type:"string"` } // String returns the string representation func (s HTTPHeader) String() string { return awsutil.Prettify(s) } // // This is AWS WAF Classic documentation. For more information, see AWS WAF // Classic (https://docs.aws.amazon.com/waf/latest/developerguide/classic-waf-chapter.html) // in the developer guide. // // For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS // WAF Developer Guide (https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html). // With the latest version, AWS WAF has a single set of endpoints for regional // and global use. // // The response from a GetSampledRequests request includes an HTTPRequest complex // type that appears as Request in the response syntax. HTTPRequest contains // information about one of the web requests that were returned by GetSampledRequests. type HTTPRequest struct { _ struct{} `type:"structure"` // The IP address that the request originated from. If the WebACL is associated // with a CloudFront distribution, this is the value of one of the following // fields in CloudFront access logs: // // * c-ip, if the viewer did not use an HTTP proxy or a load balancer to // send the request // // * x-forwarded-for, if the viewer did use an HTTP proxy or a load balancer // to send the request ClientIP *string `type:"string"` // The two-letter country code for the country that the request originated from. // For a current list of country codes, see the Wikipedia entry ISO 3166-1 alpha-2 // (https://en.wikipedia.org/wiki/ISO_3166-1_alpha-2). Country *string `type:"string"` // The HTTP version specified in the sampled web request, for example, HTTP/1.1. HTTPVersion *string `type:"string"` // A complex type that contains two values for each header in the sampled web // request: the name of the header and the value of the header. Headers []HTTPHeader `type:"list"` // The HTTP method specified in the sampled web request. CloudFront supports // the following methods: DELETE, GET, HEAD, OPTIONS, PATCH, POST, and PUT. Method *string `type:"string"` // The part of a web request that identifies the resource, for example, /images/daily-ad.jpg. URI *string `type:"string"` } // String returns the string representation func (s HTTPRequest) String() string { return awsutil.Prettify(s) } // // This is AWS WAF Classic documentation. For more information, see AWS WAF // Classic (https://docs.aws.amazon.com/waf/latest/developerguide/classic-waf-chapter.html) // in the developer guide. // // For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS // WAF Developer Guide (https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html). // With the latest version, AWS WAF has a single set of endpoints for regional // and global use. // // Contains one or more IP addresses or blocks of IP addresses specified in // Classless Inter-Domain Routing (CIDR) notation. AWS WAF supports IPv4 address // ranges: /8 and any range between /16 through /32. AWS WAF supports IPv6 address // ranges: /24, /32, /48, /56, /64, and /128. // // To specify an individual IP address, you specify the four-part IP address // followed by a /32, for example, 192.0.2.0/32. To block a range of IP addresses, // you can specify /8 or any range between /16 through /32 (for IPv4) or /24, // /32, /48, /56, /64, or /128 (for IPv6). For more information about CIDR notation, // see the Wikipedia entry Classless Inter-Domain Routing (https://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing). type IPSet struct { _ struct{} `type:"structure"` // The IP address type (IPV4 or IPV6) and the IP address range (in CIDR notation) // that web requests originate from. If the WebACL is associated with a CloudFront // distribution and the viewer did not use an HTTP proxy or a load balancer // to send the request, this is the value of the c-ip field in the CloudFront // access logs. // // IPSetDescriptors is a required field IPSetDescriptors []IPSetDescriptor `type:"list" required:"true"` // The IPSetId for an IPSet. You use IPSetId to get information about an IPSet // (see GetIPSet), update an IPSet (see UpdateIPSet), insert an IPSet into a // Rule or delete one from a Rule (see UpdateRule), and delete an IPSet from // AWS WAF (see DeleteIPSet). // // IPSetId is returned by CreateIPSet and by ListIPSets. // // IPSetId is a required field IPSetId *string `min:"1" type:"string" required:"true"` // A friendly name or description of the IPSet. You can't change the name of // an IPSet after you create it. Name *string `min:"1" type:"string"` } // String returns the string representation func (s IPSet) String() string { return awsutil.Prettify(s) } // // This is AWS WAF Classic documentation. For more information, see AWS WAF // Classic (https://docs.aws.amazon.com/waf/latest/developerguide/classic-waf-chapter.html) // in the developer guide. // // For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS // WAF Developer Guide (https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html). // With the latest version, AWS WAF has a single set of endpoints for regional // and global use. // // Specifies the IP address type (IPV4 or IPV6) and the IP address range (in // CIDR format) that web requests originate from. type IPSetDescriptor struct { _ struct{} `type:"structure"` // Specify IPV4 or IPV6. // // Type is a required field Type IPSetDescriptorType `type:"string" required:"true" enum:"true"` // Specify an IPv4 address by using CIDR notation. For example: // // * To configure AWS WAF to allow, block, or count requests that originated // from the IP address 192.0.2.44, specify 192.0.2.44/32. // // * To configure AWS WAF to allow, block, or count requests that originated // from IP addresses from 192.0.2.0 to 192.0.2.255, specify 192.0.2.0/24. // // For more information about CIDR notation, see the Wikipedia entry Classless // Inter-Domain Routing (https://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing). // // Specify an IPv6 address by using CIDR notation. For example: // // * To configure AWS WAF to allow, block, or count requests that originated // from the IP address 1111:0000:0000:0000:0000:0000:0000:0111, specify 1111:0000:0000:0000:0000:0000:0000:0111/128. // // * To configure AWS WAF to allow, block, or count requests that originated // from IP addresses 1111:0000:0000:0000:0000:0000:0000:0000 to 1111:0000:0000:0000:ffff:ffff:ffff:ffff, // specify 1111:0000:0000:0000:0000:0000:0000:0000/64. // // Value is a required field Value *string `min:"1" type:"string" required:"true"` } // String returns the string representation func (s IPSetDescriptor) String() string { return awsutil.Prettify(s) } // Validate inspects the fields of the type to determine if they are valid. func (s *IPSetDescriptor) Validate() error { invalidParams := aws.ErrInvalidParams{Context: "IPSetDescriptor"} if len(s.Type) == 0 { invalidParams.Add(aws.NewErrParamRequired("Type")) } if s.Value == nil { invalidParams.Add(aws.NewErrParamRequired("Value")) } if s.Value != nil && len(*s.Value) < 1 { invalidParams.Add(aws.NewErrParamMinLen("Value", 1)) } if invalidParams.Len() > 0 { return invalidParams } return nil } // // This is AWS WAF Classic documentation. For more information, see AWS WAF // Classic (https://docs.aws.amazon.com/waf/latest/developerguide/classic-waf-chapter.html) // in the developer guide. // // For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS // WAF Developer Guide (https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html). // With the latest version, AWS WAF has a single set of endpoints for regional // and global use. // // Contains the identifier and the name of the IPSet. type IPSetSummary struct { _ struct{} `type:"structure"` // The IPSetId for an IPSet. You can use IPSetId in a GetIPSet request to get // detailed information about an IPSet. // // IPSetId is a required field IPSetId *string `min:"1" type:"string" required:"true"` // A friendly name or description of the IPSet. You can't change the name of // an IPSet after you create it. // // Name is a required field Name *string `min:"1" type:"string" required:"true"` } // String returns the string representation func (s IPSetSummary) String() string { return awsutil.Prettify(s) } // // This is AWS WAF Classic documentation. For more information, see AWS WAF // Classic (https://docs.aws.amazon.com/waf/latest/developerguide/classic-waf-chapter.html) // in the developer guide. // // For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS // WAF Developer Guide (https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html). // With the latest version, AWS WAF has a single set of endpoints for regional // and global use. // // Specifies the type of update to perform to an IPSet with UpdateIPSet. type IPSetUpdate struct { _ struct{} `type:"structure"` // Specifies whether to insert or delete an IP address with UpdateIPSet. // // Action is a required field Action ChangeAction `type:"string" required:"true" enum:"true"` // The IP address type (IPV4 or IPV6) and the IP address range (in CIDR notation) // that web requests originate from. // // IPSetDescriptor is a required field IPSetDescriptor *IPSetDescriptor `type:"structure" required:"true"` } // String returns the string representation func (s IPSetUpdate) String() string { return awsutil.Prettify(s) } // Validate inspects the fields of the type to determine if they are valid. func (s *IPSetUpdate) Validate() error { invalidParams := aws.ErrInvalidParams{Context: "IPSetUpdate"} if len(s.Action) == 0 { invalidParams.Add(aws.NewErrParamRequired("Action")) } if s.IPSetDescriptor == nil { invalidParams.Add(aws.NewErrParamRequired("IPSetDescriptor")) } if s.IPSetDescriptor != nil { if err := s.IPSetDescriptor.Validate(); err != nil { invalidParams.AddNested("IPSetDescriptor", err.(aws.ErrInvalidParams)) } } if invalidParams.Len() > 0 { return invalidParams } return nil } // // This is AWS WAF Classic documentation. For more information, see AWS WAF // Classic (https://docs.aws.amazon.com/waf/latest/developerguide/classic-waf-chapter.html) // in the developer guide. // // For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS // WAF Developer Guide (https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html). // With the latest version, AWS WAF has a single set of endpoints for regional // and global use. // // The Amazon Kinesis Data Firehose, RedactedFields information, and the web // ACL Amazon Resource Name (ARN). type LoggingConfiguration struct { _ struct{} `type:"structure"` // An array of Amazon Kinesis Data Firehose ARNs. // // LogDestinationConfigs is a required field LogDestinationConfigs []string `min:"1" type:"list" required:"true"` // The parts of the request that you want redacted from the logs. For example, // if you redact the cookie field, the cookie field in the firehose will be // xxx. RedactedFields []FieldToMatch `type:"list"` // The Amazon Resource Name (ARN) of the web ACL that you want to associate // with LogDestinationConfigs. // // ResourceArn is a required field ResourceArn *string `min:"1" type:"string" required:"true"` } // String returns the string representation func (s LoggingConfiguration) String() string { return awsutil.Prettify(s) } // Validate inspects the fields of the type to determine if they are valid. func (s *LoggingConfiguration) Validate() error { invalidParams := aws.ErrInvalidParams{Context: "LoggingConfiguration"} if s.LogDestinationConfigs == nil { invalidParams.Add(aws.NewErrParamRequired("LogDestinationConfigs")) } if s.LogDestinationConfigs != nil && len(s.LogDestinationConfigs) < 1 { invalidParams.Add(aws.NewErrParamMinLen("LogDestinationConfigs", 1)) } if s.ResourceArn == nil { invalidParams.Add(aws.NewErrParamRequired("ResourceArn")) } if s.ResourceArn != nil && len(*s.ResourceArn) < 1 { invalidParams.Add(aws.NewErrParamMinLen("ResourceArn", 1)) } if s.RedactedFields != nil { for i, v := range s.RedactedFields { if err := v.Validate(); err != nil { invalidParams.AddNested(fmt.Sprintf("%s[%v]", "RedactedFields", i), err.(aws.ErrInvalidParams)) } } } if invalidParams.Len() > 0 { return invalidParams } return nil } // // This is AWS WAF Classic documentation. For more information, see AWS WAF // Classic (https://docs.aws.amazon.com/waf/latest/developerguide/classic-waf-chapter.html) // in the developer guide. // // For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS // WAF Developer Guide (https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html). // With the latest version, AWS WAF has a single set of endpoints for regional // and global use. // // Specifies the ByteMatchSet, IPSet, SqlInjectionMatchSet, XssMatchSet, RegexMatchSet, // GeoMatchSet, and SizeConstraintSet objects that you want to add to a Rule // and, for each object, indicates whether you want to negate the settings, // for example, requests that do NOT originate from the IP address 192.0.2.44. type Predicate struct { _ struct{} `type:"structure"` // A unique identifier for a predicate in a Rule, such as ByteMatchSetId or // IPSetId. The ID is returned by the corresponding Create or List command. // // DataId is a required field DataId *string `min:"1" type:"string" required:"true"` // Set Negated to False if you want AWS WAF to allow, block, or count requests // based on the settings in the specified ByteMatchSet, IPSet, SqlInjectionMatchSet, // XssMatchSet, RegexMatchSet, GeoMatchSet, or SizeConstraintSet. For example, // if an IPSet includes the IP address 192.0.2.44, AWS WAF will allow or block // requests based on that IP address. // // Set Negated to True if you want AWS WAF to allow or block a request based // on the negation of the settings in the ByteMatchSet, IPSet, SqlInjectionMatchSet, // XssMatchSet, RegexMatchSet, GeoMatchSet, or SizeConstraintSet. For example, // if an IPSet includes the IP address 192.0.2.44, AWS WAF will allow, block, // or count requests based on all IP addresses except 192.0.2.44. // // Negated is a required field Negated *bool `type:"boolean" required:"true"` // The type of predicate in a Rule, such as ByteMatch or IPSet. // // Type is a required field Type PredicateType `type:"string" required:"true" enum:"true"` } // String returns the string representation func (s Predicate) String() string { return awsutil.Prettify(s) } // Validate inspects the fields of the type to determine if they are valid. func (s *Predicate) Validate() error { invalidParams := aws.ErrInvalidParams{Context: "Predicate"} if s.DataId == nil { invalidParams.Add(aws.NewErrParamRequired("DataId")) } if s.DataId != nil && len(*s.DataId) < 1 { invalidParams.Add(aws.NewErrParamMinLen("DataId", 1)) } if s.Negated == nil { invalidParams.Add(aws.NewErrParamRequired("Negated")) } if len(s.Type) == 0 { invalidParams.Add(aws.NewErrParamRequired("Type")) } if invalidParams.Len() > 0 { return invalidParams } return nil } // // This is AWS WAF Classic documentation. For more information, see AWS WAF // Classic (https://docs.aws.amazon.com/waf/latest/developerguide/classic-waf-chapter.html) // in the developer guide. // // For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS // WAF Developer Guide (https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html). // With the latest version, AWS WAF has a single set of endpoints for regional // and global use. // // A RateBasedRule is identical to a regular Rule, with one addition: a RateBasedRule // counts the number of requests that arrive from a specified IP address every // five minutes. For example, based on recent requests that you've seen from // an attacker, you might create a RateBasedRule that includes the following // conditions: // // * The requests come from 192.0.2.44. // // * They contain the value BadBot in the User-Agent header. // // In the rule, you also define the rate limit as 1,000. // // Requests that meet both of these conditions and exceed 1,000 requests every // five minutes trigger the rule's action (block or count), which is defined // in the web ACL. type RateBasedRule struct { _ struct{} `type:"structure"` // The Predicates object contains one Predicate element for each ByteMatchSet, // IPSet, or SqlInjectionMatchSet object that you want to include in a RateBasedRule. // // MatchPredicates is a required field MatchPredicates []Predicate `type:"list" required:"true"` // A friendly name or description for the metrics for a RateBasedRule. The name // can contain only alphanumeric characters (A-Z, a-z, 0-9), with maximum length // 128 and minimum length one. It can't contain whitespace or metric names reserved // for AWS WAF, including "All" and "Default_Action." You can't change the name // of the metric after you create the RateBasedRule. MetricName *string `min:"1" type:"string"` // A friendly name or description for a RateBasedRule. You can't change the // name of a RateBasedRule after you create it. Name *string `min:"1" type:"string"` // The field that AWS WAF uses to determine if requests are likely arriving // from single source and thus subject to rate monitoring. The only valid value // for RateKey is IP. IP indicates that requests arriving from the same IP address // are subject to the RateLimit that is specified in the RateBasedRule. // // RateKey is a required field RateKey RateKey `type:"string" required:"true" enum:"true"` // The maximum number of requests, which have an identical value in the field // specified by the RateKey, allowed in a five-minute period. If the number // of requests exceeds the RateLimit and the other predicates specified in the // rule are also met, AWS WAF triggers the action that is specified for this // rule. // // RateLimit is a required field RateLimit *int64 `min:"100" type:"long" required:"true"` // A unique identifier for a RateBasedRule. You use RuleId to get more information // about a RateBasedRule (see GetRateBasedRule), update a RateBasedRule (see // UpdateRateBasedRule), insert a RateBasedRule into a WebACL or delete one // from a WebACL (see UpdateWebACL), or delete a RateBasedRule from AWS WAF // (see DeleteRateBasedRule). // // RuleId is a required field RuleId *string `min:"1" type:"string" required:"true"` } // String returns the string representation func (s RateBasedRule) String() string { return awsutil.Prettify(s) } // // This is AWS WAF Classic documentation. For more information, see AWS WAF // Classic (https://docs.aws.amazon.com/waf/latest/developerguide/classic-waf-chapter.html) // in the developer guide. // // For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS // WAF Developer Guide (https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html). // With the latest version, AWS WAF has a single set of endpoints for regional // and global use. // // In a GetRegexMatchSet request, RegexMatchSet is a complex type that contains // the RegexMatchSetId and Name of a RegexMatchSet, and the values that you // specified when you updated the RegexMatchSet. // // The values are contained in a RegexMatchTuple object, which specify the parts // of web requests that you want AWS WAF to inspect and the values that you // want AWS WAF to search for. If a RegexMatchSet contains more than one RegexMatchTuple // object, a request needs to match the settings in only one ByteMatchTuple // to be considered a match. type RegexMatchSet struct { _ struct{} `type:"structure"` // A friendly name or description of the RegexMatchSet. You can't change Name // after you create a RegexMatchSet. Name *string `min:"1" type:"string"` // The RegexMatchSetId for a RegexMatchSet. You use RegexMatchSetId to get information // about a RegexMatchSet (see GetRegexMatchSet), update a RegexMatchSet (see // UpdateRegexMatchSet), insert a RegexMatchSet into a Rule or delete one from // a Rule (see UpdateRule), and delete a RegexMatchSet from AWS WAF (see DeleteRegexMatchSet). // // RegexMatchSetId is returned by CreateRegexMatchSet and by ListRegexMatchSets. RegexMatchSetId *string `min:"1" type:"string"` // Contains an array of RegexMatchTuple objects. Each RegexMatchTuple object // contains: // // * The part of a web request that you want AWS WAF to inspect, such as // a query string or the value of the User-Agent header. // // * The identifier of the pattern (a regular expression) that you want AWS // WAF to look for. For more information, see RegexPatternSet. // // * Whether to perform any conversions on the request, such as converting // it to lowercase, before inspecting it for the specified string. RegexMatchTuples []RegexMatchTuple `type:"list"` } // String returns the string representation func (s RegexMatchSet) String() string { return awsutil.Prettify(s) } // // This is AWS WAF Classic documentation. For more information, see AWS WAF // Classic (https://docs.aws.amazon.com/waf/latest/developerguide/classic-waf-chapter.html) // in the developer guide. // // For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS // WAF Developer Guide (https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html). // With the latest version, AWS WAF has a single set of endpoints for regional // and global use. // // Returned by ListRegexMatchSets. Each RegexMatchSetSummary object includes // the Name and RegexMatchSetId for one RegexMatchSet. type RegexMatchSetSummary struct { _ struct{} `type:"structure"` // A friendly name or description of the RegexMatchSet. You can't change Name // after you create a RegexMatchSet. // // Name is a required field Name *string `min:"1" type:"string" required:"true"` // The RegexMatchSetId for a RegexMatchSet. You use RegexMatchSetId to get information // about a RegexMatchSet, update a RegexMatchSet, remove a RegexMatchSet from // a Rule, and delete a RegexMatchSet from AWS WAF. // // RegexMatchSetId is returned by CreateRegexMatchSet and by ListRegexMatchSets. // // RegexMatchSetId is a required field RegexMatchSetId *string `min:"1" type:"string" required:"true"` } // String returns the string representation func (s RegexMatchSetSummary) String() string { return awsutil.Prettify(s) } // // This is AWS WAF Classic documentation. For more information, see AWS WAF // Classic (https://docs.aws.amazon.com/waf/latest/developerguide/classic-waf-chapter.html) // in the developer guide. // // For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS // WAF Developer Guide (https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html). // With the latest version, AWS WAF has a single set of endpoints for regional // and global use. // // In an UpdateRegexMatchSet request, RegexMatchSetUpdate specifies whether // to insert or delete a RegexMatchTuple and includes the settings for the RegexMatchTuple. type RegexMatchSetUpdate struct { _ struct{} `type:"structure"` // Specifies whether to insert or delete a RegexMatchTuple. // // Action is a required field Action ChangeAction `type:"string" required:"true" enum:"true"` // Information about the part of a web request that you want AWS WAF to inspect // and the identifier of the regular expression (regex) pattern that you want // AWS WAF to search for. If you specify DELETE for the value of Action, the // RegexMatchTuple values must exactly match the values in the RegexMatchTuple // that you want to delete from the RegexMatchSet. // // RegexMatchTuple is a required field RegexMatchTuple *RegexMatchTuple `type:"structure" required:"true"` } // String returns the string representation func (s RegexMatchSetUpdate) String() string { return awsutil.Prettify(s) } // Validate inspects the fields of the type to determine if they are valid. func (s *RegexMatchSetUpdate) Validate() error { invalidParams := aws.ErrInvalidParams{Context: "RegexMatchSetUpdate"} if len(s.Action) == 0 { invalidParams.Add(aws.NewErrParamRequired("Action")) } if s.RegexMatchTuple == nil { invalidParams.Add(aws.NewErrParamRequired("RegexMatchTuple")) } if s.RegexMatchTuple != nil { if err := s.RegexMatchTuple.Validate(); err != nil { invalidParams.AddNested("RegexMatchTuple", err.(aws.ErrInvalidParams)) } } if invalidParams.Len() > 0 { return invalidParams } return nil } // // This is AWS WAF Classic documentation. For more information, see AWS WAF // Classic (https://docs.aws.amazon.com/waf/latest/developerguide/classic-waf-chapter.html) // in the developer guide. // // For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS // WAF Developer Guide (https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html). // With the latest version, AWS WAF has a single set of endpoints for regional // and global use. // // The regular expression pattern that you want AWS WAF to search for in web // requests, the location in requests that you want AWS WAF to search, and other // settings. Each RegexMatchTuple object contains: // // * The part of a web request that you want AWS WAF to inspect, such as // a query string or the value of the User-Agent header. // // * The identifier of the pattern (a regular expression) that you want AWS // WAF to look for. For more information, see RegexPatternSet. // // * Whether to perform any conversions on the request, such as converting // it to lowercase, before inspecting it for the specified string. type RegexMatchTuple struct { _ struct{} `type:"structure"` // Specifies where in a web request to look for the RegexPatternSet. // // FieldToMatch is a required field FieldToMatch *FieldToMatch `type:"structure" required:"true"` // The RegexPatternSetId for a RegexPatternSet. You use RegexPatternSetId to // get information about a RegexPatternSet (see GetRegexPatternSet), update // a RegexPatternSet (see UpdateRegexPatternSet), insert a RegexPatternSet into // a RegexMatchSet or delete one from a RegexMatchSet (see UpdateRegexMatchSet), // and delete an RegexPatternSet from AWS WAF (see DeleteRegexPatternSet). // // RegexPatternSetId is returned by CreateRegexPatternSet and by ListRegexPatternSets. // // RegexPatternSetId is a required field RegexPatternSetId *string `min:"1" type:"string" required:"true"` // Text transformations eliminate some of the unusual formatting that attackers // use in web requests in an effort to bypass AWS WAF. If you specify a transformation, // AWS WAF performs the transformation on RegexPatternSet before inspecting // a request for a match. // // You can only specify a single type of TextTransformation. // // CMD_LINE // // When you're concerned that attackers are injecting an operating system commandline // command and using unusual formatting to disguise some or all of the command, // use this option to perform the following transformations: // // * Delete the following characters: \ " ' ^ // // * Delete spaces before the following characters: / ( // // * Replace the following characters with a space: , ; // // * Replace multiple spaces with one space // // * Convert uppercase letters (A-Z) to lowercase (a-z) // // COMPRESS_WHITE_SPACE // // Use this option to replace the following characters with a space character // (decimal 32): // // * \f, formfeed, decimal 12 // // * \t, tab, decimal 9 // // * \n, newline, decimal 10 // // * \r, carriage return, decimal 13 // // * \v, vertical tab, decimal 11 // // * non-breaking space, decimal 160 // // COMPRESS_WHITE_SPACE also replaces multiple spaces with one space. // // HTML_ENTITY_DECODE // // Use this option to replace HTML-encoded characters with unencoded characters. // HTML_ENTITY_DECODE performs the following operations: // // * Replaces (ampersand)quot; with " // // * Replaces (ampersand)nbsp; with a non-breaking space, decimal 160 // // * Replaces (ampersand)lt; with a "less than" symbol // // * Replaces (ampersand)gt; with > // // * Replaces characters that are represented in hexadecimal format, (ampersand)#xhhhh;, // with the corresponding characters // // * Replaces characters that are represented in decimal format, (ampersand)#nnnn;, // with the corresponding characters // // LOWERCASE // // Use this option to convert uppercase letters (A-Z) to lowercase (a-z). // // URL_DECODE // // Use this option to decode a URL-encoded value. // // NONE // // Specify NONE if you don't want to perform any text transformations. // // TextTransformation is a required field TextTransformation TextTransformation `type:"string" required:"true" enum:"true"` } // String returns the string representation func (s RegexMatchTuple) String() string { return awsutil.Prettify(s) } // Validate inspects the fields of the type to determine if they are valid. func (s *RegexMatchTuple) Validate() error { invalidParams := aws.ErrInvalidParams{Context: "RegexMatchTuple"} if s.FieldToMatch == nil { invalidParams.Add(aws.NewErrParamRequired("FieldToMatch")) } if s.RegexPatternSetId == nil { invalidParams.Add(aws.NewErrParamRequired("RegexPatternSetId")) } if s.RegexPatternSetId != nil && len(*s.RegexPatternSetId) < 1 { invalidParams.Add(aws.NewErrParamMinLen("RegexPatternSetId", 1)) } if len(s.TextTransformation) == 0 { invalidParams.Add(aws.NewErrParamRequired("TextTransformation")) } if s.FieldToMatch != nil { if err := s.FieldToMatch.Validate(); err != nil { invalidParams.AddNested("FieldToMatch", err.(aws.ErrInvalidParams)) } } if invalidParams.Len() > 0 { return invalidParams } return nil } // // This is AWS WAF Classic documentation. For more information, see AWS WAF // Classic (https://docs.aws.amazon.com/waf/latest/developerguide/classic-waf-chapter.html) // in the developer guide. // // For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS // WAF Developer Guide (https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html). // With the latest version, AWS WAF has a single set of endpoints for regional // and global use. // // The RegexPatternSet specifies the regular expression (regex) pattern that // you want AWS WAF to search for, such as B[a@]dB[o0]t. You can then configure // AWS WAF to reject those requests. type RegexPatternSet struct { _ struct{} `type:"structure"` // A friendly name or description of the RegexPatternSet. You can't change Name // after you create a RegexPatternSet. Name *string `min:"1" type:"string"` // The identifier for the RegexPatternSet. You use RegexPatternSetId to get // information about a RegexPatternSet, update a RegexPatternSet, remove a RegexPatternSet // from a RegexMatchSet, and delete a RegexPatternSet from AWS WAF. // // RegexMatchSetId is returned by CreateRegexPatternSet and by ListRegexPatternSets. // // RegexPatternSetId is a required field RegexPatternSetId *string `min:"1" type:"string" required:"true"` // Specifies the regular expression (regex) patterns that you want AWS WAF to // search for, such as B[a@]dB[o0]t. // // RegexPatternStrings is a required field RegexPatternStrings []string `type:"list" required:"true"` } // String returns the string representation func (s RegexPatternSet) String() string { return awsutil.Prettify(s) } // // This is AWS WAF Classic documentation. For more information, see AWS WAF // Classic (https://docs.aws.amazon.com/waf/latest/developerguide/classic-waf-chapter.html) // in the developer guide. // // For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS // WAF Developer Guide (https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html). // With the latest version, AWS WAF has a single set of endpoints for regional // and global use. // // Returned by ListRegexPatternSets. Each RegexPatternSetSummary object includes // the Name and RegexPatternSetId for one RegexPatternSet. type RegexPatternSetSummary struct { _ struct{} `type:"structure"` // A friendly name or description of the RegexPatternSet. You can't change Name // after you create a RegexPatternSet. // // Name is a required field Name *string `min:"1" type:"string" required:"true"` // The RegexPatternSetId for a RegexPatternSet. You use RegexPatternSetId to // get information about a RegexPatternSet, update a RegexPatternSet, remove // a RegexPatternSet from a RegexMatchSet, and delete a RegexPatternSet from // AWS WAF. // // RegexPatternSetId is returned by CreateRegexPatternSet and by ListRegexPatternSets. // // RegexPatternSetId is a required field RegexPatternSetId *string `min:"1" type:"string" required:"true"` } // String returns the string representation func (s RegexPatternSetSummary) String() string { return awsutil.Prettify(s) } // // This is AWS WAF Classic documentation. For more information, see AWS WAF // Classic (https://docs.aws.amazon.com/waf/latest/developerguide/classic-waf-chapter.html) // in the developer guide. // // For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS // WAF Developer Guide (https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html). // With the latest version, AWS WAF has a single set of endpoints for regional // and global use. // // In an UpdateRegexPatternSet request, RegexPatternSetUpdate specifies whether // to insert or delete a RegexPatternString and includes the settings for the // RegexPatternString. type RegexPatternSetUpdate struct { _ struct{} `type:"structure"` // Specifies whether to insert or delete a RegexPatternString. // // Action is a required field Action ChangeAction `type:"string" required:"true" enum:"true"` // Specifies the regular expression (regex) pattern that you want AWS WAF to // search for, such as B[a@]dB[o0]t. // // RegexPatternString is a required field RegexPatternString *string `min:"1" type:"string" required:"true"` } // String returns the string representation func (s RegexPatternSetUpdate) String() string { return awsutil.Prettify(s) } // Validate inspects the fields of the type to determine if they are valid. func (s *RegexPatternSetUpdate) Validate() error { invalidParams := aws.ErrInvalidParams{Context: "RegexPatternSetUpdate"} if len(s.Action) == 0 { invalidParams.Add(aws.NewErrParamRequired("Action")) } if s.RegexPatternString == nil { invalidParams.Add(aws.NewErrParamRequired("RegexPatternString")) } if s.RegexPatternString != nil && len(*s.RegexPatternString) < 1 { invalidParams.Add(aws.NewErrParamMinLen("RegexPatternString", 1)) } if invalidParams.Len() > 0 { return invalidParams } return nil } // // This is AWS WAF Classic documentation. For more information, see AWS WAF // Classic (https://docs.aws.amazon.com/waf/latest/developerguide/classic-waf-chapter.html) // in the developer guide. // // For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS // WAF Developer Guide (https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html). // With the latest version, AWS WAF has a single set of endpoints for regional // and global use. // // A combination of ByteMatchSet, IPSet, and/or SqlInjectionMatchSet objects // that identify the web requests that you want to allow, block, or count. For // example, you might create a Rule that includes the following predicates: // // * An IPSet that causes AWS WAF to search for web requests that originate // from the IP address 192.0.2.44 // // * A ByteMatchSet that causes AWS WAF to search for web requests for which // the value of the User-Agent header is BadBot. // // To match the settings in this Rule, a request must originate from 192.0.2.44 // AND include a User-Agent header for which the value is BadBot. type Rule struct { _ struct{} `type:"structure"` // A friendly name or description for the metrics for this Rule. The name can // contain only alphanumeric characters (A-Z, a-z, 0-9), with maximum length // 128 and minimum length one. It can't contain whitespace or metric names reserved // for AWS WAF, including "All" and "Default_Action." You can't change MetricName // after you create the Rule. MetricName *string `min:"1" type:"string"` // The friendly name or description for the Rule. You can't change the name // of a Rule after you create it. Name *string `min:"1" type:"string"` // The Predicates object contains one Predicate element for each ByteMatchSet, // IPSet, or SqlInjectionMatchSet object that you want to include in a Rule. // // Predicates is a required field Predicates []Predicate `type:"list" required:"true"` // A unique identifier for a Rule. You use RuleId to get more information about // a Rule (see GetRule), update a Rule (see UpdateRule), insert a Rule into // a WebACL or delete a one from a WebACL (see UpdateWebACL), or delete a Rule // from AWS WAF (see DeleteRule). // // RuleId is returned by CreateRule and by ListRules. // // RuleId is a required field RuleId *string `min:"1" type:"string" required:"true"` } // String returns the string representation func (s Rule) String() string { return awsutil.Prettify(s) } // // This is AWS WAF Classic documentation. For more information, see AWS WAF // Classic (https://docs.aws.amazon.com/waf/latest/developerguide/classic-waf-chapter.html) // in the developer guide. // // For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS // WAF Developer Guide (https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html). // With the latest version, AWS WAF has a single set of endpoints for regional // and global use. // // A collection of predefined rules that you can add to a web ACL. // // Rule groups are subject to the following limits: // // * Three rule groups per account. You can request an increase to this limit // by contacting customer support. // // * One rule group per web ACL. // // * Ten rules per rule group. type RuleGroup struct { _ struct{} `type:"structure"` // A friendly name or description for the metrics for this RuleGroup. The name // can contain only alphanumeric characters (A-Z, a-z, 0-9), with maximum length // 128 and minimum length one. It can't contain whitespace or metric names reserved // for AWS WAF, including "All" and "Default_Action." You can't change the name // of the metric after you create the RuleGroup. MetricName *string `min:"1" type:"string"` // The friendly name or description for the RuleGroup. You can't change the // name of a RuleGroup after you create it. Name *string `min:"1" type:"string"` // A unique identifier for a RuleGroup. You use RuleGroupId to get more information // about a RuleGroup (see GetRuleGroup), update a RuleGroup (see UpdateRuleGroup), // insert a RuleGroup into a WebACL or delete a one from a WebACL (see UpdateWebACL), // or delete a RuleGroup from AWS WAF (see DeleteRuleGroup). // // RuleGroupId is returned by CreateRuleGroup and by ListRuleGroups. // // RuleGroupId is a required field RuleGroupId *string `min:"1" type:"string" required:"true"` } // String returns the string representation func (s RuleGroup) String() string { return awsutil.Prettify(s) } // // This is AWS WAF Classic documentation. For more information, see AWS WAF // Classic (https://docs.aws.amazon.com/waf/latest/developerguide/classic-waf-chapter.html) // in the developer guide. // // For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS // WAF Developer Guide (https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html). // With the latest version, AWS WAF has a single set of endpoints for regional // and global use. // // Contains the identifier and the friendly name or description of the RuleGroup. type RuleGroupSummary struct { _ struct{} `type:"structure"` // A friendly name or description of the RuleGroup. You can't change the name // of a RuleGroup after you create it. // // Name is a required field Name *string `min:"1" type:"string" required:"true"` // A unique identifier for a RuleGroup. You use RuleGroupId to get more information // about a RuleGroup (see GetRuleGroup), update a RuleGroup (see UpdateRuleGroup), // insert a RuleGroup into a WebACL or delete one from a WebACL (see UpdateWebACL), // or delete a RuleGroup from AWS WAF (see DeleteRuleGroup). // // RuleGroupId is returned by CreateRuleGroup and by ListRuleGroups. // // RuleGroupId is a required field RuleGroupId *string `min:"1" type:"string" required:"true"` } // String returns the string representation func (s RuleGroupSummary) String() string { return awsutil.Prettify(s) } // // This is AWS WAF Classic documentation. For more information, see AWS WAF // Classic (https://docs.aws.amazon.com/waf/latest/developerguide/classic-waf-chapter.html) // in the developer guide. // // For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS // WAF Developer Guide (https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html). // With the latest version, AWS WAF has a single set of endpoints for regional // and global use. // // Specifies an ActivatedRule and indicates whether you want to add it to a // RuleGroup or delete it from a RuleGroup. type RuleGroupUpdate struct { _ struct{} `type:"structure"` // Specify INSERT to add an ActivatedRule to a RuleGroup. Use DELETE to remove // an ActivatedRule from a RuleGroup. // // Action is a required field Action ChangeAction `type:"string" required:"true" enum:"true"` // The ActivatedRule object specifies a Rule that you want to insert or delete, // the priority of the Rule in the WebACL, and the action that you want AWS // WAF to take when a web request matches the Rule (ALLOW, BLOCK, or COUNT). // // ActivatedRule is a required field ActivatedRule *ActivatedRule `type:"structure" required:"true"` } // String returns the string representation func (s RuleGroupUpdate) String() string { return awsutil.Prettify(s) } // Validate inspects the fields of the type to determine if they are valid. func (s *RuleGroupUpdate) Validate() error { invalidParams := aws.ErrInvalidParams{Context: "RuleGroupUpdate"} if len(s.Action) == 0 { invalidParams.Add(aws.NewErrParamRequired("Action")) } if s.ActivatedRule == nil { invalidParams.Add(aws.NewErrParamRequired("ActivatedRule")) } if s.ActivatedRule != nil { if err := s.ActivatedRule.Validate(); err != nil { invalidParams.AddNested("ActivatedRule", err.(aws.ErrInvalidParams)) } } if invalidParams.Len() > 0 { return invalidParams } return nil } // // This is AWS WAF Classic documentation. For more information, see AWS WAF // Classic (https://docs.aws.amazon.com/waf/latest/developerguide/classic-waf-chapter.html) // in the developer guide. // // For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS // WAF Developer Guide (https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html). // With the latest version, AWS WAF has a single set of endpoints for regional // and global use. // // Contains the identifier and the friendly name or description of the Rule. type RuleSummary struct { _ struct{} `type:"structure"` // A friendly name or description of the Rule. You can't change the name of // a Rule after you create it. // // Name is a required field Name *string `min:"1" type:"string" required:"true"` // A unique identifier for a Rule. You use RuleId to get more information about // a Rule (see GetRule), update a Rule (see UpdateRule), insert a Rule into // a WebACL or delete one from a WebACL (see UpdateWebACL), or delete a Rule // from AWS WAF (see DeleteRule). // // RuleId is returned by CreateRule and by ListRules. // // RuleId is a required field RuleId *string `min:"1" type:"string" required:"true"` } // String returns the string representation func (s RuleSummary) String() string { return awsutil.Prettify(s) } // // This is AWS WAF Classic documentation. For more information, see AWS WAF // Classic (https://docs.aws.amazon.com/waf/latest/developerguide/classic-waf-chapter.html) // in the developer guide. // // For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS // WAF Developer Guide (https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html). // With the latest version, AWS WAF has a single set of endpoints for regional // and global use. // // Specifies a Predicate (such as an IPSet) and indicates whether you want to // add it to a Rule or delete it from a Rule. type RuleUpdate struct { _ struct{} `type:"structure"` // Specify INSERT to add a Predicate to a Rule. Use DELETE to remove a Predicate // from a Rule. // // Action is a required field Action ChangeAction `type:"string" required:"true" enum:"true"` // The ID of the Predicate (such as an IPSet) that you want to add to a Rule. // // Predicate is a required field Predicate *Predicate `type:"structure" required:"true"` } // String returns the string representation func (s RuleUpdate) String() string { return awsutil.Prettify(s) } // Validate inspects the fields of the type to determine if they are valid. func (s *RuleUpdate) Validate() error { invalidParams := aws.ErrInvalidParams{Context: "RuleUpdate"} if len(s.Action) == 0 { invalidParams.Add(aws.NewErrParamRequired("Action")) } if s.Predicate == nil { invalidParams.Add(aws.NewErrParamRequired("Predicate")) } if s.Predicate != nil { if err := s.Predicate.Validate(); err != nil { invalidParams.AddNested("Predicate", err.(aws.ErrInvalidParams)) } } if invalidParams.Len() > 0 { return invalidParams } return nil } // // This is AWS WAF Classic documentation. For more information, see AWS WAF // Classic (https://docs.aws.amazon.com/waf/latest/developerguide/classic-waf-chapter.html) // in the developer guide. // // For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS // WAF Developer Guide (https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html). // With the latest version, AWS WAF has a single set of endpoints for regional // and global use. // // The response from a GetSampledRequests request includes a SampledHTTPRequests // complex type that appears as SampledRequests in the response syntax. SampledHTTPRequests // contains one SampledHTTPRequest object for each web request that is returned // by GetSampledRequests. type SampledHTTPRequest struct { _ struct{} `type:"structure"` // The action for the Rule that the request matched: ALLOW, BLOCK, or COUNT. Action *string `type:"string"` // A complex type that contains detailed information about the request. // // Request is a required field Request *HTTPRequest `type:"structure" required:"true"` // This value is returned if the GetSampledRequests request specifies the ID // of a RuleGroup rather than the ID of an individual rule. RuleWithinRuleGroup // is the rule within the specified RuleGroup that matched the request listed // in the response. RuleWithinRuleGroup *string `min:"1" type:"string"` // The time at which AWS WAF received the request from your AWS resource, in // Unix time format (in seconds). Timestamp *time.Time `type:"timestamp"` // A value that indicates how one result in the response relates proportionally // to other results in the response. A result that has a weight of 2 represents // roughly twice as many CloudFront web requests as a result that has a weight // of 1. // // Weight is a required field Weight *int64 `type:"long" required:"true"` } // String returns the string representation func (s SampledHTTPRequest) String() string { return awsutil.Prettify(s) } // // This is AWS WAF Classic documentation. For more information, see AWS WAF // Classic (https://docs.aws.amazon.com/waf/latest/developerguide/classic-waf-chapter.html) // in the developer guide. // // For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS // WAF Developer Guide (https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html). // With the latest version, AWS WAF has a single set of endpoints for regional // and global use. // // Specifies a constraint on the size of a part of the web request. AWS WAF // uses the Size, ComparisonOperator, and FieldToMatch to build an expression // in the form of "Size ComparisonOperator size in bytes of FieldToMatch". If // that expression is true, the SizeConstraint is considered to match. type SizeConstraint struct { _ struct{} `type:"structure"` // The type of comparison you want AWS WAF to perform. AWS WAF uses this in // combination with the provided Size and FieldToMatch to build an expression // in the form of "Size ComparisonOperator size in bytes of FieldToMatch". If // that expression is true, the SizeConstraint is considered to match. // // EQ: Used to test if the Size is equal to the size of the FieldToMatch // // NE: Used to test if the Size is not equal to the size of the FieldToMatch // // LE: Used to test if the Size is less than or equal to the size of the FieldToMatch // // LT: Used to test if the Size is strictly less than the size of the FieldToMatch // // GE: Used to test if the Size is greater than or equal to the size of the // FieldToMatch // // GT: Used to test if the Size is strictly greater than the size of the FieldToMatch // // ComparisonOperator is a required field ComparisonOperator ComparisonOperator `type:"string" required:"true" enum:"true"` // Specifies where in a web request to look for the size constraint. // // FieldToMatch is a required field FieldToMatch *FieldToMatch `type:"structure" required:"true"` // The size in bytes that you want AWS WAF to compare against the size of the // specified FieldToMatch. AWS WAF uses this in combination with ComparisonOperator // and FieldToMatch to build an expression in the form of "Size ComparisonOperator // size in bytes of FieldToMatch". If that expression is true, the SizeConstraint // is considered to match. // // Valid values for size are 0 - 21474836480 bytes (0 - 20 GB). // // If you specify URI for the value of Type, the / in the URI counts as one // character. For example, the URI /logo.jpg is nine characters long. // // Size is a required field Size *int64 `type:"long" required:"true"` // Text transformations eliminate some of the unusual formatting that attackers // use in web requests in an effort to bypass AWS WAF. If you specify a transformation, // AWS WAF performs the transformation on FieldToMatch before inspecting it // for a match. // // You can only specify a single type of TextTransformation. // // Note that if you choose BODY for the value of Type, you must choose NONE // for TextTransformation because CloudFront forwards only the first 8192 bytes // for inspection. // // NONE // // Specify NONE if you don't want to perform any text transformations. // // CMD_LINE // // When you're concerned that attackers are injecting an operating system command // line command and using unusual formatting to disguise some or all of the // command, use this option to perform the following transformations: // // * Delete the following characters: \ " ' ^ // // * Delete spaces before the following characters: / ( // // * Replace the following characters with a space: , ; // // * Replace multiple spaces with one space // // * Convert uppercase letters (A-Z) to lowercase (a-z) // // COMPRESS_WHITE_SPACE // // Use this option to replace the following characters with a space character // (decimal 32): // // * \f, formfeed, decimal 12 // // * \t, tab, decimal 9 // // * \n, newline, decimal 10 // // * \r, carriage return, decimal 13 // // * \v, vertical tab, decimal 11 // // * non-breaking space, decimal 160 // // COMPRESS_WHITE_SPACE also replaces multiple spaces with one space. // // HTML_ENTITY_DECODE // // Use this option to replace HTML-encoded characters with unencoded characters. // HTML_ENTITY_DECODE performs the following operations: // // * Replaces (ampersand)quot; with " // // * Replaces (ampersand)nbsp; with a non-breaking space, decimal 160 // // * Replaces (ampersand)lt; with a "less than" symbol // // * Replaces (ampersand)gt; with > // // * Replaces characters that are represented in hexadecimal format, (ampersand)#xhhhh;, // with the corresponding characters // // * Replaces characters that are represented in decimal format, (ampersand)#nnnn;, // with the corresponding characters // // LOWERCASE // // Use this option to convert uppercase letters (A-Z) to lowercase (a-z). // // URL_DECODE // // Use this option to decode a URL-encoded value. // // TextTransformation is a required field TextTransformation TextTransformation `type:"string" required:"true" enum:"true"` } // String returns the string representation func (s SizeConstraint) String() string { return awsutil.Prettify(s) } // Validate inspects the fields of the type to determine if they are valid. func (s *SizeConstraint) Validate() error { invalidParams := aws.ErrInvalidParams{Context: "SizeConstraint"} if len(s.ComparisonOperator) == 0 { invalidParams.Add(aws.NewErrParamRequired("ComparisonOperator")) } if s.FieldToMatch == nil { invalidParams.Add(aws.NewErrParamRequired("FieldToMatch")) } if s.Size == nil { invalidParams.Add(aws.NewErrParamRequired("Size")) } if len(s.TextTransformation) == 0 { invalidParams.Add(aws.NewErrParamRequired("TextTransformation")) } if s.FieldToMatch != nil { if err := s.FieldToMatch.Validate(); err != nil { invalidParams.AddNested("FieldToMatch", err.(aws.ErrInvalidParams)) } } if invalidParams.Len() > 0 { return invalidParams } return nil } // // This is AWS WAF Classic documentation. For more information, see AWS WAF // Classic (https://docs.aws.amazon.com/waf/latest/developerguide/classic-waf-chapter.html) // in the developer guide. // // For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS // WAF Developer Guide (https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html). // With the latest version, AWS WAF has a single set of endpoints for regional // and global use. // // A complex type that contains SizeConstraint objects, which specify the parts // of web requests that you want AWS WAF to inspect the size of. If a SizeConstraintSet // contains more than one SizeConstraint object, a request only needs to match // one constraint to be considered a match. type SizeConstraintSet struct { _ struct{} `type:"structure"` // The name, if any, of the SizeConstraintSet. Name *string `min:"1" type:"string"` // A unique identifier for a SizeConstraintSet. You use SizeConstraintSetId // to get information about a SizeConstraintSet (see GetSizeConstraintSet), // update a SizeConstraintSet (see UpdateSizeConstraintSet), insert a SizeConstraintSet // into a Rule or delete one from a Rule (see UpdateRule), and delete a SizeConstraintSet // from AWS WAF (see DeleteSizeConstraintSet). // // SizeConstraintSetId is returned by CreateSizeConstraintSet and by ListSizeConstraintSets. // // SizeConstraintSetId is a required field SizeConstraintSetId *string `min:"1" type:"string" required:"true"` // Specifies the parts of web requests that you want to inspect the size of. // // SizeConstraints is a required field SizeConstraints []SizeConstraint `type:"list" required:"true"` } // String returns the string representation func (s SizeConstraintSet) String() string { return awsutil.Prettify(s) } // // This is AWS WAF Classic documentation. For more information, see AWS WAF // Classic (https://docs.aws.amazon.com/waf/latest/developerguide/classic-waf-chapter.html) // in the developer guide. // // For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS // WAF Developer Guide (https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html). // With the latest version, AWS WAF has a single set of endpoints for regional // and global use. // // The Id and Name of a SizeConstraintSet. type SizeConstraintSetSummary struct { _ struct{} `type:"structure"` // The name of the SizeConstraintSet, if any. // // Name is a required field Name *string `min:"1" type:"string" required:"true"` // A unique identifier for a SizeConstraintSet. You use SizeConstraintSetId // to get information about a SizeConstraintSet (see GetSizeConstraintSet), // update a SizeConstraintSet (see UpdateSizeConstraintSet), insert a SizeConstraintSet // into a Rule or delete one from a Rule (see UpdateRule), and delete a SizeConstraintSet // from AWS WAF (see DeleteSizeConstraintSet). // // SizeConstraintSetId is returned by CreateSizeConstraintSet and by ListSizeConstraintSets. // // SizeConstraintSetId is a required field SizeConstraintSetId *string `min:"1" type:"string" required:"true"` } // String returns the string representation func (s SizeConstraintSetSummary) String() string { return awsutil.Prettify(s) } // // This is AWS WAF Classic documentation. For more information, see AWS WAF // Classic (https://docs.aws.amazon.com/waf/latest/developerguide/classic-waf-chapter.html) // in the developer guide. // // For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS // WAF Developer Guide (https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html). // With the latest version, AWS WAF has a single set of endpoints for regional // and global use. // // Specifies the part of a web request that you want to inspect the size of // and indicates whether you want to add the specification to a SizeConstraintSet // or delete it from a SizeConstraintSet. type SizeConstraintSetUpdate struct { _ struct{} `type:"structure"` // Specify INSERT to add a SizeConstraintSetUpdate to a SizeConstraintSet. Use // DELETE to remove a SizeConstraintSetUpdate from a SizeConstraintSet. // // Action is a required field Action ChangeAction `type:"string" required:"true" enum:"true"` // Specifies a constraint on the size of a part of the web request. AWS WAF // uses the Size, ComparisonOperator, and FieldToMatch to build an expression // in the form of "Size ComparisonOperator size in bytes of FieldToMatch". If // that expression is true, the SizeConstraint is considered to match. // // SizeConstraint is a required field SizeConstraint *SizeConstraint `type:"structure" required:"true"` } // String returns the string representation func (s SizeConstraintSetUpdate) String() string { return awsutil.Prettify(s) } // Validate inspects the fields of the type to determine if they are valid. func (s *SizeConstraintSetUpdate) Validate() error { invalidParams := aws.ErrInvalidParams{Context: "SizeConstraintSetUpdate"} if len(s.Action) == 0 { invalidParams.Add(aws.NewErrParamRequired("Action")) } if s.SizeConstraint == nil { invalidParams.Add(aws.NewErrParamRequired("SizeConstraint")) } if s.SizeConstraint != nil { if err := s.SizeConstraint.Validate(); err != nil { invalidParams.AddNested("SizeConstraint", err.(aws.ErrInvalidParams)) } } if invalidParams.Len() > 0 { return invalidParams } return nil } // // This is AWS WAF Classic documentation. For more information, see AWS WAF // Classic (https://docs.aws.amazon.com/waf/latest/developerguide/classic-waf-chapter.html) // in the developer guide. // // For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS // WAF Developer Guide (https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html). // With the latest version, AWS WAF has a single set of endpoints for regional // and global use. // // A complex type that contains SqlInjectionMatchTuple objects, which specify // the parts of web requests that you want AWS WAF to inspect for snippets of // malicious SQL code and, if you want AWS WAF to inspect a header, the name // of the header. If a SqlInjectionMatchSet contains more than one SqlInjectionMatchTuple // object, a request needs to include snippets of SQL code in only one of the // specified parts of the request to be considered a match. type SqlInjectionMatchSet struct { _ struct{} `type:"structure"` // The name, if any, of the SqlInjectionMatchSet. Name *string `min:"1" type:"string"` // A unique identifier for a SqlInjectionMatchSet. You use SqlInjectionMatchSetId // to get information about a SqlInjectionMatchSet (see GetSqlInjectionMatchSet), // update a SqlInjectionMatchSet (see UpdateSqlInjectionMatchSet), insert a // SqlInjectionMatchSet into a Rule or delete one from a Rule (see UpdateRule), // and delete a SqlInjectionMatchSet from AWS WAF (see DeleteSqlInjectionMatchSet). // // SqlInjectionMatchSetId is returned by CreateSqlInjectionMatchSet and by ListSqlInjectionMatchSets. // // SqlInjectionMatchSetId is a required field SqlInjectionMatchSetId *string `min:"1" type:"string" required:"true"` // Specifies the parts of web requests that you want to inspect for snippets // of malicious SQL code. // // SqlInjectionMatchTuples is a required field SqlInjectionMatchTuples []SqlInjectionMatchTuple `type:"list" required:"true"` } // String returns the string representation func (s SqlInjectionMatchSet) String() string { return awsutil.Prettify(s) } // // This is AWS WAF Classic documentation. For more information, see AWS WAF // Classic (https://docs.aws.amazon.com/waf/latest/developerguide/classic-waf-chapter.html) // in the developer guide. // // For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS // WAF Developer Guide (https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html). // With the latest version, AWS WAF has a single set of endpoints for regional // and global use. // // The Id and Name of a SqlInjectionMatchSet. type SqlInjectionMatchSetSummary struct { _ struct{} `type:"structure"` // The name of the SqlInjectionMatchSet, if any, specified by Id. // // Name is a required field Name *string `min:"1" type:"string" required:"true"` // A unique identifier for a SqlInjectionMatchSet. You use SqlInjectionMatchSetId // to get information about a SqlInjectionMatchSet (see GetSqlInjectionMatchSet), // update a SqlInjectionMatchSet (see UpdateSqlInjectionMatchSet), insert a // SqlInjectionMatchSet into a Rule or delete one from a Rule (see UpdateRule), // and delete a SqlInjectionMatchSet from AWS WAF (see DeleteSqlInjectionMatchSet). // // SqlInjectionMatchSetId is returned by CreateSqlInjectionMatchSet and by ListSqlInjectionMatchSets. // // SqlInjectionMatchSetId is a required field SqlInjectionMatchSetId *string `min:"1" type:"string" required:"true"` } // String returns the string representation func (s SqlInjectionMatchSetSummary) String() string { return awsutil.Prettify(s) } // // This is AWS WAF Classic documentation. For more information, see AWS WAF // Classic (https://docs.aws.amazon.com/waf/latest/developerguide/classic-waf-chapter.html) // in the developer guide. // // For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS // WAF Developer Guide (https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html). // With the latest version, AWS WAF has a single set of endpoints for regional // and global use. // // Specifies the part of a web request that you want to inspect for snippets // of malicious SQL code and indicates whether you want to add the specification // to a SqlInjectionMatchSet or delete it from a SqlInjectionMatchSet. type SqlInjectionMatchSetUpdate struct { _ struct{} `type:"structure"` // Specify INSERT to add a SqlInjectionMatchSetUpdate to a SqlInjectionMatchSet. // Use DELETE to remove a SqlInjectionMatchSetUpdate from a SqlInjectionMatchSet. // // Action is a required field Action ChangeAction `type:"string" required:"true" enum:"true"` // Specifies the part of a web request that you want AWS WAF to inspect for // snippets of malicious SQL code and, if you want AWS WAF to inspect a header, // the name of the header. // // SqlInjectionMatchTuple is a required field SqlInjectionMatchTuple *SqlInjectionMatchTuple `type:"structure" required:"true"` } // String returns the string representation func (s SqlInjectionMatchSetUpdate) String() string { return awsutil.Prettify(s) } // Validate inspects the fields of the type to determine if they are valid. func (s *SqlInjectionMatchSetUpdate) Validate() error { invalidParams := aws.ErrInvalidParams{Context: "SqlInjectionMatchSetUpdate"} if len(s.Action) == 0 { invalidParams.Add(aws.NewErrParamRequired("Action")) } if s.SqlInjectionMatchTuple == nil { invalidParams.Add(aws.NewErrParamRequired("SqlInjectionMatchTuple")) } if s.SqlInjectionMatchTuple != nil { if err := s.SqlInjectionMatchTuple.Validate(); err != nil { invalidParams.AddNested("SqlInjectionMatchTuple", err.(aws.ErrInvalidParams)) } } if invalidParams.Len() > 0 { return invalidParams } return nil } // // This is AWS WAF Classic documentation. For more information, see AWS WAF // Classic (https://docs.aws.amazon.com/waf/latest/developerguide/classic-waf-chapter.html) // in the developer guide. // // For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS // WAF Developer Guide (https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html). // With the latest version, AWS WAF has a single set of endpoints for regional // and global use. // // Specifies the part of a web request that you want AWS WAF to inspect for // snippets of malicious SQL code and, if you want AWS WAF to inspect a header, // the name of the header. type SqlInjectionMatchTuple struct { _ struct{} `type:"structure"` // Specifies where in a web request to look for snippets of malicious SQL code. // // FieldToMatch is a required field FieldToMatch *FieldToMatch `type:"structure" required:"true"` // Text transformations eliminate some of the unusual formatting that attackers // use in web requests in an effort to bypass AWS WAF. If you specify a transformation, // AWS WAF performs the transformation on FieldToMatch before inspecting it // for a match. // // You can only specify a single type of TextTransformation. // // CMD_LINE // // When you're concerned that attackers are injecting an operating system command // line command and using unusual formatting to disguise some or all of the // command, use this option to perform the following transformations: // // * Delete the following characters: \ " ' ^ // // * Delete spaces before the following characters: / ( // // * Replace the following characters with a space: , ; // // * Replace multiple spaces with one space // // * Convert uppercase letters (A-Z) to lowercase (a-z) // // COMPRESS_WHITE_SPACE // // Use this option to replace the following characters with a space character // (decimal 32): // // * \f, formfeed, decimal 12 // // * \t, tab, decimal 9 // // * \n, newline, decimal 10 // // * \r, carriage return, decimal 13 // // * \v, vertical tab, decimal 11 // // * non-breaking space, decimal 160 // // COMPRESS_WHITE_SPACE also replaces multiple spaces with one space. // // HTML_ENTITY_DECODE // // Use this option to replace HTML-encoded characters with unencoded characters. // HTML_ENTITY_DECODE performs the following operations: // // * Replaces (ampersand)quot; with " // // * Replaces (ampersand)nbsp; with a non-breaking space, decimal 160 // // * Replaces (ampersand)lt; with a "less than" symbol // // * Replaces (ampersand)gt; with > // // * Replaces characters that are represented in hexadecimal format, (ampersand)#xhhhh;, // with the corresponding characters // // * Replaces characters that are represented in decimal format, (ampersand)#nnnn;, // with the corresponding characters // // LOWERCASE // // Use this option to convert uppercase letters (A-Z) to lowercase (a-z). // // URL_DECODE // // Use this option to decode a URL-encoded value. // // NONE // // Specify NONE if you don't want to perform any text transformations. // // TextTransformation is a required field TextTransformation TextTransformation `type:"string" required:"true" enum:"true"` } // String returns the string representation func (s SqlInjectionMatchTuple) String() string { return awsutil.Prettify(s) } // Validate inspects the fields of the type to determine if they are valid. func (s *SqlInjectionMatchTuple) Validate() error { invalidParams := aws.ErrInvalidParams{Context: "SqlInjectionMatchTuple"} if s.FieldToMatch == nil { invalidParams.Add(aws.NewErrParamRequired("FieldToMatch")) } if len(s.TextTransformation) == 0 { invalidParams.Add(aws.NewErrParamRequired("TextTransformation")) } if s.FieldToMatch != nil { if err := s.FieldToMatch.Validate(); err != nil { invalidParams.AddNested("FieldToMatch", err.(aws.ErrInvalidParams)) } } if invalidParams.Len() > 0 { return invalidParams } return nil } // // This is AWS WAF Classic documentation. For more information, see AWS WAF // Classic (https://docs.aws.amazon.com/waf/latest/developerguide/classic-waf-chapter.html) // in the developer guide. // // For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS // WAF Developer Guide (https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html). // With the latest version, AWS WAF has a single set of endpoints for regional // and global use. // // A summary of the rule groups you are subscribed to. type SubscribedRuleGroupSummary struct { _ struct{} `type:"structure"` // A friendly name or description for the metrics for this RuleGroup. The name // can contain only alphanumeric characters (A-Z, a-z, 0-9), with maximum length // 128 and minimum length one. It can't contain whitespace or metric names reserved // for AWS WAF, including "All" and "Default_Action." You can't change the name // of the metric after you create the RuleGroup. // // MetricName is a required field MetricName *string `min:"1" type:"string" required:"true"` // A friendly name or description of the RuleGroup. You can't change the name // of a RuleGroup after you create it. // // Name is a required field Name *string `min:"1" type:"string" required:"true"` // A unique identifier for a RuleGroup. // // RuleGroupId is a required field RuleGroupId *string `min:"1" type:"string" required:"true"` } // String returns the string representation func (s SubscribedRuleGroupSummary) String() string { return awsutil.Prettify(s) } // // This is AWS WAF Classic documentation. For more information, see AWS WAF // Classic (https://docs.aws.amazon.com/waf/latest/developerguide/classic-waf-chapter.html) // in the developer guide. // // For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS // WAF Developer Guide (https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html). // With the latest version, AWS WAF has a single set of endpoints for regional // and global use. // // A tag associated with an AWS resource. Tags are key:value pairs that you // can use to categorize and manage your resources, for purposes like billing. // For example, you might set the tag key to "customer" and the value to the // customer name or ID. You can specify one or more tags to add to each AWS // resource, up to 50 tags for a resource. // // Tagging is only available through the API, SDKs, and CLI. You can't manage // or view tags through the AWS WAF Classic console. You can tag the AWS resources // that you manage through AWS WAF Classic: web ACLs, rule groups, and rules. type Tag struct { _ struct{} `type:"structure"` // Key is a required field Key *string `min:"1" type:"string" required:"true"` // Value is a required field Value *string `type:"string" required:"true"` } // String returns the string representation func (s Tag) String() string { return awsutil.Prettify(s) } // Validate inspects the fields of the type to determine if they are valid. func (s *Tag) Validate() error { invalidParams := aws.ErrInvalidParams{Context: "Tag"} if s.Key == nil { invalidParams.Add(aws.NewErrParamRequired("Key")) } if s.Key != nil && len(*s.Key) < 1 { invalidParams.Add(aws.NewErrParamMinLen("Key", 1)) } if s.Value == nil { invalidParams.Add(aws.NewErrParamRequired("Value")) } if invalidParams.Len() > 0 { return invalidParams } return nil } // // This is AWS WAF Classic documentation. For more information, see AWS WAF // Classic (https://docs.aws.amazon.com/waf/latest/developerguide/classic-waf-chapter.html) // in the developer guide. // // For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS // WAF Developer Guide (https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html). // With the latest version, AWS WAF has a single set of endpoints for regional // and global use. // // Information for a tag associated with an AWS resource. Tags are key:value // pairs that you can use to categorize and manage your resources, for purposes // like billing. For example, you might set the tag key to "customer" and the // value to the customer name or ID. You can specify one or more tags to add // to each AWS resource, up to 50 tags for a resource. // // Tagging is only available through the API, SDKs, and CLI. You can't manage // or view tags through the AWS WAF Classic console. You can tag the AWS resources // that you manage through AWS WAF Classic: web ACLs, rule groups, and rules. type TagInfoForResource struct { _ struct{} `type:"structure"` ResourceARN *string `min:"1" type:"string"` TagList []Tag `min:"1" type:"list"` } // String returns the string representation func (s TagInfoForResource) String() string { return awsutil.Prettify(s) } // // This is AWS WAF Classic documentation. For more information, see AWS WAF // Classic (https://docs.aws.amazon.com/waf/latest/developerguide/classic-waf-chapter.html) // in the developer guide. // // For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS // WAF Developer Guide (https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html). // With the latest version, AWS WAF has a single set of endpoints for regional // and global use. // // In a GetSampledRequests request, the StartTime and EndTime objects specify // the time range for which you want AWS WAF to return a sample of web requests. // // You must specify the times in Coordinated Universal Time (UTC) format. UTC // format includes the special designator, Z. For example, "2016-09-27T14:50Z". // // In a GetSampledRequests response, the StartTime and EndTime objects specify // the time range for which AWS WAF actually returned a sample of web requests. // AWS WAF gets the specified number of requests from among the first 5,000 // requests that your AWS resource receives during the specified time period. // If your resource receives more than 5,000 requests during that period, AWS // WAF stops sampling after the 5,000th request. In that case, EndTime is the // time that AWS WAF received the 5,000th request. type TimeWindow struct { _ struct{} `type:"structure"` // The end of the time range from which you want GetSampledRequests to return // a sample of the requests that your AWS resource received. You must specify // the date and time in Coordinated Universal Time (UTC) format. UTC format // includes the special designator, Z. For example, "2016-09-27T14:50Z". You // can specify any time range in the previous three hours. // // EndTime is a required field EndTime *time.Time `type:"timestamp" required:"true"` // The beginning of the time range from which you want GetSampledRequests to // return a sample of the requests that your AWS resource received. You must // specify the date and time in Coordinated Universal Time (UTC) format. UTC // format includes the special designator, Z. For example, "2016-09-27T14:50Z". // You can specify any time range in the previous three hours. // // StartTime is a required field StartTime *time.Time `type:"timestamp" required:"true"` } // String returns the string representation func (s TimeWindow) String() string { return awsutil.Prettify(s) } // Validate inspects the fields of the type to determine if they are valid. func (s *TimeWindow) Validate() error { invalidParams := aws.ErrInvalidParams{Context: "TimeWindow"} if s.EndTime == nil { invalidParams.Add(aws.NewErrParamRequired("EndTime")) } if s.StartTime == nil { invalidParams.Add(aws.NewErrParamRequired("StartTime")) } if invalidParams.Len() > 0 { return invalidParams } return nil } // // This is AWS WAF Classic documentation. For more information, see AWS WAF // Classic (https://docs.aws.amazon.com/waf/latest/developerguide/classic-waf-chapter.html) // in the developer guide. // // For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS // WAF Developer Guide (https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html). // With the latest version, AWS WAF has a single set of endpoints for regional // and global use. // // For the action that is associated with a rule in a WebACL, specifies the // action that you want AWS WAF to perform when a web request matches all of // the conditions in a rule. For the default action in a WebACL, specifies the // action that you want AWS WAF to take when a web request doesn't match all // of the conditions in any of the rules in a WebACL. type WafAction struct { _ struct{} `type:"structure"` // Specifies how you want AWS WAF to respond to requests that match the settings // in a Rule. Valid settings include the following: // // * ALLOW: AWS WAF allows requests // // * BLOCK: AWS WAF blocks requests // // * COUNT: AWS WAF increments a counter of the requests that match all of // the conditions in the rule. AWS WAF then continues to inspect the web // request based on the remaining rules in the web ACL. You can't specify // COUNT for the default action for a WebACL. // // Type is a required field Type WafActionType `type:"string" required:"true" enum:"true"` } // String returns the string representation func (s WafAction) String() string { return awsutil.Prettify(s) } // Validate inspects the fields of the type to determine if they are valid. func (s *WafAction) Validate() error { invalidParams := aws.ErrInvalidParams{Context: "WafAction"} if len(s.Type) == 0 { invalidParams.Add(aws.NewErrParamRequired("Type")) } if invalidParams.Len() > 0 { return invalidParams } return nil } // // This is AWS WAF Classic documentation. For more information, see AWS WAF // Classic (https://docs.aws.amazon.com/waf/latest/developerguide/classic-waf-chapter.html) // in the developer guide. // // For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS // WAF Developer Guide (https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html). // With the latest version, AWS WAF has a single set of endpoints for regional // and global use. // // The action to take if any rule within the RuleGroup matches a request. type WafOverrideAction struct { _ struct{} `type:"structure"` // COUNT overrides the action specified by the individual rule within a RuleGroup // . If set to NONE, the rule's action will take place. // // Type is a required field Type WafOverrideActionType `type:"string" required:"true" enum:"true"` } // String returns the string representation func (s WafOverrideAction) String() string { return awsutil.Prettify(s) } // Validate inspects the fields of the type to determine if they are valid. func (s *WafOverrideAction) Validate() error { invalidParams := aws.ErrInvalidParams{Context: "WafOverrideAction"} if len(s.Type) == 0 { invalidParams.Add(aws.NewErrParamRequired("Type")) } if invalidParams.Len() > 0 { return invalidParams } return nil } // // This is AWS WAF Classic documentation. For more information, see AWS WAF // Classic (https://docs.aws.amazon.com/waf/latest/developerguide/classic-waf-chapter.html) // in the developer guide. // // For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS // WAF Developer Guide (https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html). // With the latest version, AWS WAF has a single set of endpoints for regional // and global use. // // Contains the Rules that identify the requests that you want to allow, block, // or count. In a WebACL, you also specify a default action (ALLOW or BLOCK), // and the action for each Rule that you add to a WebACL, for example, block // requests from specified IP addresses or block requests from specified referrers. // You also associate the WebACL with a CloudFront distribution to identify // the requests that you want AWS WAF to filter. If you add more than one Rule // to a WebACL, a request needs to match only one of the specifications to be // allowed, blocked, or counted. For more information, see UpdateWebACL. type WebACL struct { _ struct{} `type:"structure"` // The action to perform if none of the Rules contained in the WebACL match. // The action is specified by the WafAction object. // // DefaultAction is a required field DefaultAction *WafAction `type:"structure" required:"true"` // A friendly name or description for the metrics for this WebACL. The name // can contain only alphanumeric characters (A-Z, a-z, 0-9), with maximum length // 128 and minimum length one. It can't contain whitespace or metric names reserved // for AWS WAF, including "All" and "Default_Action." You can't change MetricName // after you create the WebACL. MetricName *string `min:"1" type:"string"` // A friendly name or description of the WebACL. You can't change the name of // a WebACL after you create it. Name *string `min:"1" type:"string"` // An array that contains the action for each Rule in a WebACL, the priority // of the Rule, and the ID of the Rule. // // Rules is a required field Rules []ActivatedRule `type:"list" required:"true"` // Tha Amazon Resource Name (ARN) of the web ACL. WebACLArn *string `min:"1" type:"string"` // A unique identifier for a WebACL. You use WebACLId to get information about // a WebACL (see GetWebACL), update a WebACL (see UpdateWebACL), and delete // a WebACL from AWS WAF (see DeleteWebACL). // // WebACLId is returned by CreateWebACL and by ListWebACLs. // // WebACLId is a required field WebACLId *string `min:"1" type:"string" required:"true"` } // String returns the string representation func (s WebACL) String() string { return awsutil.Prettify(s) } // // This is AWS WAF Classic documentation. For more information, see AWS WAF // Classic (https://docs.aws.amazon.com/waf/latest/developerguide/classic-waf-chapter.html) // in the developer guide. // // For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS // WAF Developer Guide (https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html). // With the latest version, AWS WAF has a single set of endpoints for regional // and global use. // // Contains the identifier and the name or description of the WebACL. type WebACLSummary struct { _ struct{} `type:"structure"` // A friendly name or description of the WebACL. You can't change the name of // a WebACL after you create it. // // Name is a required field Name *string `min:"1" type:"string" required:"true"` // A unique identifier for a WebACL. You use WebACLId to get information about // a WebACL (see GetWebACL), update a WebACL (see UpdateWebACL), and delete // a WebACL from AWS WAF (see DeleteWebACL). // // WebACLId is returned by CreateWebACL and by ListWebACLs. // // WebACLId is a required field WebACLId *string `min:"1" type:"string" required:"true"` } // String returns the string representation func (s WebACLSummary) String() string { return awsutil.Prettify(s) } // // This is AWS WAF Classic documentation. For more information, see AWS WAF // Classic (https://docs.aws.amazon.com/waf/latest/developerguide/classic-waf-chapter.html) // in the developer guide. // // For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS // WAF Developer Guide (https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html). // With the latest version, AWS WAF has a single set of endpoints for regional // and global use. // // Specifies whether to insert a Rule into or delete a Rule from a WebACL. type WebACLUpdate struct { _ struct{} `type:"structure"` // Specifies whether to insert a Rule into or delete a Rule from a WebACL. // // Action is a required field Action ChangeAction `type:"string" required:"true" enum:"true"` // The ActivatedRule object in an UpdateWebACL request specifies a Rule that // you want to insert or delete, the priority of the Rule in the WebACL, and // the action that you want AWS WAF to take when a web request matches the Rule // (ALLOW, BLOCK, or COUNT). // // ActivatedRule is a required field ActivatedRule *ActivatedRule `type:"structure" required:"true"` } // String returns the string representation func (s WebACLUpdate) String() string { return awsutil.Prettify(s) } // Validate inspects the fields of the type to determine if they are valid. func (s *WebACLUpdate) Validate() error { invalidParams := aws.ErrInvalidParams{Context: "WebACLUpdate"} if len(s.Action) == 0 { invalidParams.Add(aws.NewErrParamRequired("Action")) } if s.ActivatedRule == nil { invalidParams.Add(aws.NewErrParamRequired("ActivatedRule")) } if s.ActivatedRule != nil { if err := s.ActivatedRule.Validate(); err != nil { invalidParams.AddNested("ActivatedRule", err.(aws.ErrInvalidParams)) } } if invalidParams.Len() > 0 { return invalidParams } return nil } // // This is AWS WAF Classic documentation. For more information, see AWS WAF // Classic (https://docs.aws.amazon.com/waf/latest/developerguide/classic-waf-chapter.html) // in the developer guide. // // For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS // WAF Developer Guide (https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html). // With the latest version, AWS WAF has a single set of endpoints for regional // and global use. // // A complex type that contains XssMatchTuple objects, which specify the parts // of web requests that you want AWS WAF to inspect for cross-site scripting // attacks and, if you want AWS WAF to inspect a header, the name of the header. // If a XssMatchSet contains more than one XssMatchTuple object, a request needs // to include cross-site scripting attacks in only one of the specified parts // of the request to be considered a match. type XssMatchSet struct { _ struct{} `type:"structure"` // The name, if any, of the XssMatchSet. Name *string `min:"1" type:"string"` // A unique identifier for an XssMatchSet. You use XssMatchSetId to get information // about an XssMatchSet (see GetXssMatchSet), update an XssMatchSet (see UpdateXssMatchSet), // insert an XssMatchSet into a Rule or delete one from a Rule (see UpdateRule), // and delete an XssMatchSet from AWS WAF (see DeleteXssMatchSet). // // XssMatchSetId is returned by CreateXssMatchSet and by ListXssMatchSets. // // XssMatchSetId is a required field XssMatchSetId *string `min:"1" type:"string" required:"true"` // Specifies the parts of web requests that you want to inspect for cross-site // scripting attacks. // // XssMatchTuples is a required field XssMatchTuples []XssMatchTuple `type:"list" required:"true"` } // String returns the string representation func (s XssMatchSet) String() string { return awsutil.Prettify(s) } // // This is AWS WAF Classic documentation. For more information, see AWS WAF // Classic (https://docs.aws.amazon.com/waf/latest/developerguide/classic-waf-chapter.html) // in the developer guide. // // For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS // WAF Developer Guide (https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html). // With the latest version, AWS WAF has a single set of endpoints for regional // and global use. // // The Id and Name of an XssMatchSet. type XssMatchSetSummary struct { _ struct{} `type:"structure"` // The name of the XssMatchSet, if any, specified by Id. // // Name is a required field Name *string `min:"1" type:"string" required:"true"` // A unique identifier for an XssMatchSet. You use XssMatchSetId to get information // about a XssMatchSet (see GetXssMatchSet), update an XssMatchSet (see UpdateXssMatchSet), // insert an XssMatchSet into a Rule or delete one from a Rule (see UpdateRule), // and delete an XssMatchSet from AWS WAF (see DeleteXssMatchSet). // // XssMatchSetId is returned by CreateXssMatchSet and by ListXssMatchSets. // // XssMatchSetId is a required field XssMatchSetId *string `min:"1" type:"string" required:"true"` } // String returns the string representation func (s XssMatchSetSummary) String() string { return awsutil.Prettify(s) } // // This is AWS WAF Classic documentation. For more information, see AWS WAF // Classic (https://docs.aws.amazon.com/waf/latest/developerguide/classic-waf-chapter.html) // in the developer guide. // // For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS // WAF Developer Guide (https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html). // With the latest version, AWS WAF has a single set of endpoints for regional // and global use. // // Specifies the part of a web request that you want to inspect for cross-site // scripting attacks and indicates whether you want to add the specification // to an XssMatchSet or delete it from an XssMatchSet. type XssMatchSetUpdate struct { _ struct{} `type:"structure"` // Specify INSERT to add an XssMatchSetUpdate to an XssMatchSet. Use DELETE // to remove an XssMatchSetUpdate from an XssMatchSet. // // Action is a required field Action ChangeAction `type:"string" required:"true" enum:"true"` // Specifies the part of a web request that you want AWS WAF to inspect for // cross-site scripting attacks and, if you want AWS WAF to inspect a header, // the name of the header. // // XssMatchTuple is a required field XssMatchTuple *XssMatchTuple `type:"structure" required:"true"` } // String returns the string representation func (s XssMatchSetUpdate) String() string { return awsutil.Prettify(s) } // Validate inspects the fields of the type to determine if they are valid. func (s *XssMatchSetUpdate) Validate() error { invalidParams := aws.ErrInvalidParams{Context: "XssMatchSetUpdate"} if len(s.Action) == 0 { invalidParams.Add(aws.NewErrParamRequired("Action")) } if s.XssMatchTuple == nil { invalidParams.Add(aws.NewErrParamRequired("XssMatchTuple")) } if s.XssMatchTuple != nil { if err := s.XssMatchTuple.Validate(); err != nil { invalidParams.AddNested("XssMatchTuple", err.(aws.ErrInvalidParams)) } } if invalidParams.Len() > 0 { return invalidParams } return nil } // // This is AWS WAF Classic documentation. For more information, see AWS WAF // Classic (https://docs.aws.amazon.com/waf/latest/developerguide/classic-waf-chapter.html) // in the developer guide. // // For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS // WAF Developer Guide (https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html). // With the latest version, AWS WAF has a single set of endpoints for regional // and global use. // // Specifies the part of a web request that you want AWS WAF to inspect for // cross-site scripting attacks and, if you want AWS WAF to inspect a header, // the name of the header. type XssMatchTuple struct { _ struct{} `type:"structure"` // Specifies where in a web request to look for cross-site scripting attacks. // // FieldToMatch is a required field FieldToMatch *FieldToMatch `type:"structure" required:"true"` // Text transformations eliminate some of the unusual formatting that attackers // use in web requests in an effort to bypass AWS WAF. If you specify a transformation, // AWS WAF performs the transformation on FieldToMatch before inspecting it // for a match. // // You can only specify a single type of TextTransformation. // // CMD_LINE // // When you're concerned that attackers are injecting an operating system command // line command and using unusual formatting to disguise some or all of the // command, use this option to perform the following transformations: // // * Delete the following characters: \ " ' ^ // // * Delete spaces before the following characters: / ( // // * Replace the following characters with a space: , ; // // * Replace multiple spaces with one space // // * Convert uppercase letters (A-Z) to lowercase (a-z) // // COMPRESS_WHITE_SPACE // // Use this option to replace the following characters with a space character // (decimal 32): // // * \f, formfeed, decimal 12 // // * \t, tab, decimal 9 // // * \n, newline, decimal 10 // // * \r, carriage return, decimal 13 // // * \v, vertical tab, decimal 11 // // * non-breaking space, decimal 160 // // COMPRESS_WHITE_SPACE also replaces multiple spaces with one space. // // HTML_ENTITY_DECODE // // Use this option to replace HTML-encoded characters with unencoded characters. // HTML_ENTITY_DECODE performs the following operations: // // * Replaces (ampersand)quot; with " // // * Replaces (ampersand)nbsp; with a non-breaking space, decimal 160 // // * Replaces (ampersand)lt; with a "less than" symbol // // * Replaces (ampersand)gt; with > // // * Replaces characters that are represented in hexadecimal format, (ampersand)#xhhhh;, // with the corresponding characters // // * Replaces characters that are represented in decimal format, (ampersand)#nnnn;, // with the corresponding characters // // LOWERCASE // // Use this option to convert uppercase letters (A-Z) to lowercase (a-z). // // URL_DECODE // // Use this option to decode a URL-encoded value. // // NONE // // Specify NONE if you don't want to perform any text transformations. // // TextTransformation is a required field TextTransformation TextTransformation `type:"string" required:"true" enum:"true"` } // String returns the string representation func (s XssMatchTuple) String() string { return awsutil.Prettify(s) } // Validate inspects the fields of the type to determine if they are valid. func (s *XssMatchTuple) Validate() error { invalidParams := aws.ErrInvalidParams{Context: "XssMatchTuple"} if s.FieldToMatch == nil { invalidParams.Add(aws.NewErrParamRequired("FieldToMatch")) } if len(s.TextTransformation) == 0 { invalidParams.Add(aws.NewErrParamRequired("TextTransformation")) } if s.FieldToMatch != nil { if err := s.FieldToMatch.Validate(); err != nil { invalidParams.AddNested("FieldToMatch", err.(aws.ErrInvalidParams)) } } if invalidParams.Len() > 0 { return invalidParams } return nil }