2025/06/11 - AWS WAFV2 - 8 updated api methods
Changes WAF now provides two DDoS protection options: resource-level monitoring for Application Load Balancers and the AWSManagedRulesAntiDDoSRuleSet managed rule group for CloudFront distributions.
{'Rules': {'Statement': {'ManagedRuleGroupStatement': {'ManagedRuleGroupConfigs': {'AWSManagedRulesAntiDDoSRuleSet': {'ClientSideActionConfig': {'Challenge': {'ExemptUriRegularExpressions': [{'RegexString': 'string'}],
'Sensitivity': 'LOW '
'| '
'MEDIUM '
'| '
'HIGH',
'UsageOfAction': 'ENABLED '
'| '
'DISABLED'}},
'SensitivityToBlock': 'LOW '
'| '
'MEDIUM '
'| '
'HIGH'}}}}}}
Returns the web ACL capacity unit (WCU) requirements for a specified scope and set of rules. You can use this to check the capacity requirements for the rules you want to use in a RuleGroup or WebACL.
WAF uses WCUs to calculate and control the operating resources that are used to run your rules, rule groups, and web ACLs. WAF calculates capacity differently for each rule type, to reflect the relative cost of each rule. Simple rules that cost little to run use fewer WCUs than more complex rules that use more processing power. Rule group capacity is fixed at creation, which helps users plan their web ACL WCU usage when they use a rule group. For more information, see WAF web ACL capacity units (WCU) in the WAF Developer Guide.
See also: AWS API Documentation
Request Syntax
client.check_capacity(
Scope='CLOUDFRONT'|'REGIONAL',
Rules=[
{
'Name': 'string',
'Priority': 123,
'Statement': {
'ByteMatchStatement': {
'SearchString': b'bytes',
'FieldToMatch': {
'SingleHeader': {
'Name': 'string'
},
'SingleQueryArgument': {
'Name': 'string'
},
'AllQueryArguments': {}
,
'UriPath': {}
,
'QueryString': {}
,
'Body': {
'OversizeHandling': 'CONTINUE'|'MATCH'|'NO_MATCH'
},
'Method': {}
,
'JsonBody': {
'MatchPattern': {
'All': {}
,
'IncludedPaths': [
'string',
]
},
'MatchScope': 'ALL'|'KEY'|'VALUE',
'InvalidFallbackBehavior': 'MATCH'|'NO_MATCH'|'EVALUATE_AS_STRING',
'OversizeHandling': 'CONTINUE'|'MATCH'|'NO_MATCH'
},
'Headers': {
'MatchPattern': {
'All': {}
,
'IncludedHeaders': [
'string',
],
'ExcludedHeaders': [
'string',
]
},
'MatchScope': 'ALL'|'KEY'|'VALUE',
'OversizeHandling': 'CONTINUE'|'MATCH'|'NO_MATCH'
},
'Cookies': {
'MatchPattern': {
'All': {}
,
'IncludedCookies': [
'string',
],
'ExcludedCookies': [
'string',
]
},
'MatchScope': 'ALL'|'KEY'|'VALUE',
'OversizeHandling': 'CONTINUE'|'MATCH'|'NO_MATCH'
},
'HeaderOrder': {
'OversizeHandling': 'CONTINUE'|'MATCH'|'NO_MATCH'
},
'JA3Fingerprint': {
'FallbackBehavior': 'MATCH'|'NO_MATCH'
},
'JA4Fingerprint': {
'FallbackBehavior': 'MATCH'|'NO_MATCH'
},
'UriFragment': {
'FallbackBehavior': 'MATCH'|'NO_MATCH'
}
},
'TextTransformations': [
{
'Priority': 123,
'Type': 'NONE'|'COMPRESS_WHITE_SPACE'|'HTML_ENTITY_DECODE'|'LOWERCASE'|'CMD_LINE'|'URL_DECODE'|'BASE64_DECODE'|'HEX_DECODE'|'MD5'|'REPLACE_COMMENTS'|'ESCAPE_SEQ_DECODE'|'SQL_HEX_DECODE'|'CSS_DECODE'|'JS_DECODE'|'NORMALIZE_PATH'|'NORMALIZE_PATH_WIN'|'REMOVE_NULLS'|'REPLACE_NULLS'|'BASE64_DECODE_EXT'|'URL_DECODE_UNI'|'UTF8_TO_UNICODE'
},
],
'PositionalConstraint': 'EXACTLY'|'STARTS_WITH'|'ENDS_WITH'|'CONTAINS'|'CONTAINS_WORD'
},
'SqliMatchStatement': {
'FieldToMatch': {
'SingleHeader': {
'Name': 'string'
},
'SingleQueryArgument': {
'Name': 'string'
},
'AllQueryArguments': {}
,
'UriPath': {}
,
'QueryString': {}
,
'Body': {
'OversizeHandling': 'CONTINUE'|'MATCH'|'NO_MATCH'
},
'Method': {}
,
'JsonBody': {
'MatchPattern': {
'All': {}
,
'IncludedPaths': [
'string',
]
},
'MatchScope': 'ALL'|'KEY'|'VALUE',
'InvalidFallbackBehavior': 'MATCH'|'NO_MATCH'|'EVALUATE_AS_STRING',
'OversizeHandling': 'CONTINUE'|'MATCH'|'NO_MATCH'
},
'Headers': {
'MatchPattern': {
'All': {}
,
'IncludedHeaders': [
'string',
],
'ExcludedHeaders': [
'string',
]
},
'MatchScope': 'ALL'|'KEY'|'VALUE',
'OversizeHandling': 'CONTINUE'|'MATCH'|'NO_MATCH'
},
'Cookies': {
'MatchPattern': {
'All': {}
,
'IncludedCookies': [
'string',
],
'ExcludedCookies': [
'string',
]
},
'MatchScope': 'ALL'|'KEY'|'VALUE',
'OversizeHandling': 'CONTINUE'|'MATCH'|'NO_MATCH'
},
'HeaderOrder': {
'OversizeHandling': 'CONTINUE'|'MATCH'|'NO_MATCH'
},
'JA3Fingerprint': {
'FallbackBehavior': 'MATCH'|'NO_MATCH'
},
'JA4Fingerprint': {
'FallbackBehavior': 'MATCH'|'NO_MATCH'
},
'UriFragment': {
'FallbackBehavior': 'MATCH'|'NO_MATCH'
}
},
'TextTransformations': [
{
'Priority': 123,
'Type': 'NONE'|'COMPRESS_WHITE_SPACE'|'HTML_ENTITY_DECODE'|'LOWERCASE'|'CMD_LINE'|'URL_DECODE'|'BASE64_DECODE'|'HEX_DECODE'|'MD5'|'REPLACE_COMMENTS'|'ESCAPE_SEQ_DECODE'|'SQL_HEX_DECODE'|'CSS_DECODE'|'JS_DECODE'|'NORMALIZE_PATH'|'NORMALIZE_PATH_WIN'|'REMOVE_NULLS'|'REPLACE_NULLS'|'BASE64_DECODE_EXT'|'URL_DECODE_UNI'|'UTF8_TO_UNICODE'
},
],
'SensitivityLevel': 'LOW'|'HIGH'
},
'XssMatchStatement': {
'FieldToMatch': {
'SingleHeader': {
'Name': 'string'
},
'SingleQueryArgument': {
'Name': 'string'
},
'AllQueryArguments': {}
,
'UriPath': {}
,
'QueryString': {}
,
'Body': {
'OversizeHandling': 'CONTINUE'|'MATCH'|'NO_MATCH'
},
'Method': {}
,
'JsonBody': {
'MatchPattern': {
'All': {}
,
'IncludedPaths': [
'string',
]
},
'MatchScope': 'ALL'|'KEY'|'VALUE',
'InvalidFallbackBehavior': 'MATCH'|'NO_MATCH'|'EVALUATE_AS_STRING',
'OversizeHandling': 'CONTINUE'|'MATCH'|'NO_MATCH'
},
'Headers': {
'MatchPattern': {
'All': {}
,
'IncludedHeaders': [
'string',
],
'ExcludedHeaders': [
'string',
]
},
'MatchScope': 'ALL'|'KEY'|'VALUE',
'OversizeHandling': 'CONTINUE'|'MATCH'|'NO_MATCH'
},
'Cookies': {
'MatchPattern': {
'All': {}
,
'IncludedCookies': [
'string',
],
'ExcludedCookies': [
'string',
]
},
'MatchScope': 'ALL'|'KEY'|'VALUE',
'OversizeHandling': 'CONTINUE'|'MATCH'|'NO_MATCH'
},
'HeaderOrder': {
'OversizeHandling': 'CONTINUE'|'MATCH'|'NO_MATCH'
},
'JA3Fingerprint': {
'FallbackBehavior': 'MATCH'|'NO_MATCH'
},
'JA4Fingerprint': {
'FallbackBehavior': 'MATCH'|'NO_MATCH'
},
'UriFragment': {
'FallbackBehavior': 'MATCH'|'NO_MATCH'
}
},
'TextTransformations': [
{
'Priority': 123,
'Type': 'NONE'|'COMPRESS_WHITE_SPACE'|'HTML_ENTITY_DECODE'|'LOWERCASE'|'CMD_LINE'|'URL_DECODE'|'BASE64_DECODE'|'HEX_DECODE'|'MD5'|'REPLACE_COMMENTS'|'ESCAPE_SEQ_DECODE'|'SQL_HEX_DECODE'|'CSS_DECODE'|'JS_DECODE'|'NORMALIZE_PATH'|'NORMALIZE_PATH_WIN'|'REMOVE_NULLS'|'REPLACE_NULLS'|'BASE64_DECODE_EXT'|'URL_DECODE_UNI'|'UTF8_TO_UNICODE'
},
]
},
'SizeConstraintStatement': {
'FieldToMatch': {
'SingleHeader': {
'Name': 'string'
},
'SingleQueryArgument': {
'Name': 'string'
},
'AllQueryArguments': {}
,
'UriPath': {}
,
'QueryString': {}
,
'Body': {
'OversizeHandling': 'CONTINUE'|'MATCH'|'NO_MATCH'
},
'Method': {}
,
'JsonBody': {
'MatchPattern': {
'All': {}
,
'IncludedPaths': [
'string',
]
},
'MatchScope': 'ALL'|'KEY'|'VALUE',
'InvalidFallbackBehavior': 'MATCH'|'NO_MATCH'|'EVALUATE_AS_STRING',
'OversizeHandling': 'CONTINUE'|'MATCH'|'NO_MATCH'
},
'Headers': {
'MatchPattern': {
'All': {}
,
'IncludedHeaders': [
'string',
],
'ExcludedHeaders': [
'string',
]
},
'MatchScope': 'ALL'|'KEY'|'VALUE',
'OversizeHandling': 'CONTINUE'|'MATCH'|'NO_MATCH'
},
'Cookies': {
'MatchPattern': {
'All': {}
,
'IncludedCookies': [
'string',
],
'ExcludedCookies': [
'string',
]
},
'MatchScope': 'ALL'|'KEY'|'VALUE',
'OversizeHandling': 'CONTINUE'|'MATCH'|'NO_MATCH'
},
'HeaderOrder': {
'OversizeHandling': 'CONTINUE'|'MATCH'|'NO_MATCH'
},
'JA3Fingerprint': {
'FallbackBehavior': 'MATCH'|'NO_MATCH'
},
'JA4Fingerprint': {
'FallbackBehavior': 'MATCH'|'NO_MATCH'
},
'UriFragment': {
'FallbackBehavior': 'MATCH'|'NO_MATCH'
}
},
'ComparisonOperator': 'EQ'|'NE'|'LE'|'LT'|'GE'|'GT',
'Size': 123,
'TextTransformations': [
{
'Priority': 123,
'Type': 'NONE'|'COMPRESS_WHITE_SPACE'|'HTML_ENTITY_DECODE'|'LOWERCASE'|'CMD_LINE'|'URL_DECODE'|'BASE64_DECODE'|'HEX_DECODE'|'MD5'|'REPLACE_COMMENTS'|'ESCAPE_SEQ_DECODE'|'SQL_HEX_DECODE'|'CSS_DECODE'|'JS_DECODE'|'NORMALIZE_PATH'|'NORMALIZE_PATH_WIN'|'REMOVE_NULLS'|'REPLACE_NULLS'|'BASE64_DECODE_EXT'|'URL_DECODE_UNI'|'UTF8_TO_UNICODE'
},
]
},
'GeoMatchStatement': {
'CountryCodes': [
'AF'|'AX'|'AL'|'DZ'|'AS'|'AD'|'AO'|'AI'|'AQ'|'AG'|'AR'|'AM'|'AW'|'AU'|'AT'|'AZ'|'BS'|'BH'|'BD'|'BB'|'BY'|'BE'|'BZ'|'BJ'|'BM'|'BT'|'BO'|'BQ'|'BA'|'BW'|'BV'|'BR'|'IO'|'BN'|'BG'|'BF'|'BI'|'KH'|'CM'|'CA'|'CV'|'KY'|'CF'|'TD'|'CL'|'CN'|'CX'|'CC'|'CO'|'KM'|'CG'|'CD'|'CK'|'CR'|'CI'|'HR'|'CU'|'CW'|'CY'|'CZ'|'DK'|'DJ'|'DM'|'DO'|'EC'|'EG'|'SV'|'GQ'|'ER'|'EE'|'ET'|'FK'|'FO'|'FJ'|'FI'|'FR'|'GF'|'PF'|'TF'|'GA'|'GM'|'GE'|'DE'|'GH'|'GI'|'GR'|'GL'|'GD'|'GP'|'GU'|'GT'|'GG'|'GN'|'GW'|'GY'|'HT'|'HM'|'VA'|'HN'|'HK'|'HU'|'IS'|'IN'|'ID'|'IR'|'IQ'|'IE'|'IM'|'IL'|'IT'|'JM'|'JP'|'JE'|'JO'|'KZ'|'KE'|'KI'|'KP'|'KR'|'KW'|'KG'|'LA'|'LV'|'LB'|'LS'|'LR'|'LY'|'LI'|'LT'|'LU'|'MO'|'MK'|'MG'|'MW'|'MY'|'MV'|'ML'|'MT'|'MH'|'MQ'|'MR'|'MU'|'YT'|'MX'|'FM'|'MD'|'MC'|'MN'|'ME'|'MS'|'MA'|'MZ'|'MM'|'NA'|'NR'|'NP'|'NL'|'NC'|'NZ'|'NI'|'NE'|'NG'|'NU'|'NF'|'MP'|'NO'|'OM'|'PK'|'PW'|'PS'|'PA'|'PG'|'PY'|'PE'|'PH'|'PN'|'PL'|'PT'|'PR'|'QA'|'RE'|'RO'|'RU'|'RW'|'BL'|'SH'|'KN'|'LC'|'MF'|'PM'|'VC'|'WS'|'SM'|'ST'|'SA'|'SN'|'RS'|'SC'|'SL'|'SG'|'SX'|'SK'|'SI'|'SB'|'SO'|'ZA'|'GS'|'SS'|'ES'|'LK'|'SD'|'SR'|'SJ'|'SZ'|'SE'|'CH'|'SY'|'TW'|'TJ'|'TZ'|'TH'|'TL'|'TG'|'TK'|'TO'|'TT'|'TN'|'TR'|'TM'|'TC'|'TV'|'UG'|'UA'|'AE'|'GB'|'US'|'UM'|'UY'|'UZ'|'VU'|'VE'|'VN'|'VG'|'VI'|'WF'|'EH'|'YE'|'ZM'|'ZW'|'XK',
],
'ForwardedIPConfig': {
'HeaderName': 'string',
'FallbackBehavior': 'MATCH'|'NO_MATCH'
}
},
'RuleGroupReferenceStatement': {
'ARN': 'string',
'ExcludedRules': [
{
'Name': 'string'
},
],
'RuleActionOverrides': [
{
'Name': 'string',
'ActionToUse': {
'Block': {
'CustomResponse': {
'ResponseCode': 123,
'CustomResponseBodyKey': 'string',
'ResponseHeaders': [
{
'Name': 'string',
'Value': 'string'
},
]
}
},
'Allow': {
'CustomRequestHandling': {
'InsertHeaders': [
{
'Name': 'string',
'Value': 'string'
},
]
}
},
'Count': {
'CustomRequestHandling': {
'InsertHeaders': [
{
'Name': 'string',
'Value': 'string'
},
]
}
},
'Captcha': {
'CustomRequestHandling': {
'InsertHeaders': [
{
'Name': 'string',
'Value': 'string'
},
]
}
},
'Challenge': {
'CustomRequestHandling': {
'InsertHeaders': [
{
'Name': 'string',
'Value': 'string'
},
]
}
}
}
},
]
},
'IPSetReferenceStatement': {
'ARN': 'string',
'IPSetForwardedIPConfig': {
'HeaderName': 'string',
'FallbackBehavior': 'MATCH'|'NO_MATCH',
'Position': 'FIRST'|'LAST'|'ANY'
}
},
'RegexPatternSetReferenceStatement': {
'ARN': 'string',
'FieldToMatch': {
'SingleHeader': {
'Name': 'string'
},
'SingleQueryArgument': {
'Name': 'string'
},
'AllQueryArguments': {}
,
'UriPath': {}
,
'QueryString': {}
,
'Body': {
'OversizeHandling': 'CONTINUE'|'MATCH'|'NO_MATCH'
},
'Method': {}
,
'JsonBody': {
'MatchPattern': {
'All': {}
,
'IncludedPaths': [
'string',
]
},
'MatchScope': 'ALL'|'KEY'|'VALUE',
'InvalidFallbackBehavior': 'MATCH'|'NO_MATCH'|'EVALUATE_AS_STRING',
'OversizeHandling': 'CONTINUE'|'MATCH'|'NO_MATCH'
},
'Headers': {
'MatchPattern': {
'All': {}
,
'IncludedHeaders': [
'string',
],
'ExcludedHeaders': [
'string',
]
},
'MatchScope': 'ALL'|'KEY'|'VALUE',
'OversizeHandling': 'CONTINUE'|'MATCH'|'NO_MATCH'
},
'Cookies': {
'MatchPattern': {
'All': {}
,
'IncludedCookies': [
'string',
],
'ExcludedCookies': [
'string',
]
},
'MatchScope': 'ALL'|'KEY'|'VALUE',
'OversizeHandling': 'CONTINUE'|'MATCH'|'NO_MATCH'
},
'HeaderOrder': {
'OversizeHandling': 'CONTINUE'|'MATCH'|'NO_MATCH'
},
'JA3Fingerprint': {
'FallbackBehavior': 'MATCH'|'NO_MATCH'
},
'JA4Fingerprint': {
'FallbackBehavior': 'MATCH'|'NO_MATCH'
},
'UriFragment': {
'FallbackBehavior': 'MATCH'|'NO_MATCH'
}
},
'TextTransformations': [
{
'Priority': 123,
'Type': 'NONE'|'COMPRESS_WHITE_SPACE'|'HTML_ENTITY_DECODE'|'LOWERCASE'|'CMD_LINE'|'URL_DECODE'|'BASE64_DECODE'|'HEX_DECODE'|'MD5'|'REPLACE_COMMENTS'|'ESCAPE_SEQ_DECODE'|'SQL_HEX_DECODE'|'CSS_DECODE'|'JS_DECODE'|'NORMALIZE_PATH'|'NORMALIZE_PATH_WIN'|'REMOVE_NULLS'|'REPLACE_NULLS'|'BASE64_DECODE_EXT'|'URL_DECODE_UNI'|'UTF8_TO_UNICODE'
},
]
},
'RateBasedStatement': {
'Limit': 123,
'EvaluationWindowSec': 123,
'AggregateKeyType': 'IP'|'FORWARDED_IP'|'CUSTOM_KEYS'|'CONSTANT',
'ScopeDownStatement': {'... recursive ...'},
'ForwardedIPConfig': {
'HeaderName': 'string',
'FallbackBehavior': 'MATCH'|'NO_MATCH'
},
'CustomKeys': [
{
'Header': {
'Name': 'string',
'TextTransformations': [
{
'Priority': 123,
'Type': 'NONE'|'COMPRESS_WHITE_SPACE'|'HTML_ENTITY_DECODE'|'LOWERCASE'|'CMD_LINE'|'URL_DECODE'|'BASE64_DECODE'|'HEX_DECODE'|'MD5'|'REPLACE_COMMENTS'|'ESCAPE_SEQ_DECODE'|'SQL_HEX_DECODE'|'CSS_DECODE'|'JS_DECODE'|'NORMALIZE_PATH'|'NORMALIZE_PATH_WIN'|'REMOVE_NULLS'|'REPLACE_NULLS'|'BASE64_DECODE_EXT'|'URL_DECODE_UNI'|'UTF8_TO_UNICODE'
},
]
},
'Cookie': {
'Name': 'string',
'TextTransformations': [
{
'Priority': 123,
'Type': 'NONE'|'COMPRESS_WHITE_SPACE'|'HTML_ENTITY_DECODE'|'LOWERCASE'|'CMD_LINE'|'URL_DECODE'|'BASE64_DECODE'|'HEX_DECODE'|'MD5'|'REPLACE_COMMENTS'|'ESCAPE_SEQ_DECODE'|'SQL_HEX_DECODE'|'CSS_DECODE'|'JS_DECODE'|'NORMALIZE_PATH'|'NORMALIZE_PATH_WIN'|'REMOVE_NULLS'|'REPLACE_NULLS'|'BASE64_DECODE_EXT'|'URL_DECODE_UNI'|'UTF8_TO_UNICODE'
},
]
},
'QueryArgument': {
'Name': 'string',
'TextTransformations': [
{
'Priority': 123,
'Type': 'NONE'|'COMPRESS_WHITE_SPACE'|'HTML_ENTITY_DECODE'|'LOWERCASE'|'CMD_LINE'|'URL_DECODE'|'BASE64_DECODE'|'HEX_DECODE'|'MD5'|'REPLACE_COMMENTS'|'ESCAPE_SEQ_DECODE'|'SQL_HEX_DECODE'|'CSS_DECODE'|'JS_DECODE'|'NORMALIZE_PATH'|'NORMALIZE_PATH_WIN'|'REMOVE_NULLS'|'REPLACE_NULLS'|'BASE64_DECODE_EXT'|'URL_DECODE_UNI'|'UTF8_TO_UNICODE'
},
]
},
'QueryString': {
'TextTransformations': [
{
'Priority': 123,
'Type': 'NONE'|'COMPRESS_WHITE_SPACE'|'HTML_ENTITY_DECODE'|'LOWERCASE'|'CMD_LINE'|'URL_DECODE'|'BASE64_DECODE'|'HEX_DECODE'|'MD5'|'REPLACE_COMMENTS'|'ESCAPE_SEQ_DECODE'|'SQL_HEX_DECODE'|'CSS_DECODE'|'JS_DECODE'|'NORMALIZE_PATH'|'NORMALIZE_PATH_WIN'|'REMOVE_NULLS'|'REPLACE_NULLS'|'BASE64_DECODE_EXT'|'URL_DECODE_UNI'|'UTF8_TO_UNICODE'
},
]
},
'HTTPMethod': {}
,
'ForwardedIP': {}
,
'IP': {}
,
'LabelNamespace': {
'Namespace': 'string'
},
'UriPath': {
'TextTransformations': [
{
'Priority': 123,
'Type': 'NONE'|'COMPRESS_WHITE_SPACE'|'HTML_ENTITY_DECODE'|'LOWERCASE'|'CMD_LINE'|'URL_DECODE'|'BASE64_DECODE'|'HEX_DECODE'|'MD5'|'REPLACE_COMMENTS'|'ESCAPE_SEQ_DECODE'|'SQL_HEX_DECODE'|'CSS_DECODE'|'JS_DECODE'|'NORMALIZE_PATH'|'NORMALIZE_PATH_WIN'|'REMOVE_NULLS'|'REPLACE_NULLS'|'BASE64_DECODE_EXT'|'URL_DECODE_UNI'|'UTF8_TO_UNICODE'
},
]
},
'JA3Fingerprint': {
'FallbackBehavior': 'MATCH'|'NO_MATCH'
},
'JA4Fingerprint': {
'FallbackBehavior': 'MATCH'|'NO_MATCH'
},
'ASN': {}
},
]
},
'AndStatement': {
'Statements': [
{'... recursive ...'},
]
},
'OrStatement': {
'Statements': [
{'... recursive ...'},
]
},
'NotStatement': {
'Statement': {'... recursive ...'}
},
'ManagedRuleGroupStatement': {
'VendorName': 'string',
'Name': 'string',
'Version': 'string',
'ExcludedRules': [
{
'Name': 'string'
},
],
'ScopeDownStatement': {'... recursive ...'},
'ManagedRuleGroupConfigs': [
{
'LoginPath': 'string',
'PayloadType': 'JSON'|'FORM_ENCODED',
'UsernameField': {
'Identifier': 'string'
},
'PasswordField': {
'Identifier': 'string'
},
'AWSManagedRulesBotControlRuleSet': {
'InspectionLevel': 'COMMON'|'TARGETED',
'EnableMachineLearning': True|False
},
'AWSManagedRulesATPRuleSet': {
'LoginPath': 'string',
'RequestInspection': {
'PayloadType': 'JSON'|'FORM_ENCODED',
'UsernameField': {
'Identifier': 'string'
},
'PasswordField': {
'Identifier': 'string'
}
},
'ResponseInspection': {
'StatusCode': {
'SuccessCodes': [
123,
],
'FailureCodes': [
123,
]
},
'Header': {
'Name': 'string',
'SuccessValues': [
'string',
],
'FailureValues': [
'string',
]
},
'BodyContains': {
'SuccessStrings': [
'string',
],
'FailureStrings': [
'string',
]
},
'Json': {
'Identifier': 'string',
'SuccessValues': [
'string',
],
'FailureValues': [
'string',
]
}
},
'EnableRegexInPath': True|False
},
'AWSManagedRulesACFPRuleSet': {
'CreationPath': 'string',
'RegistrationPagePath': 'string',
'RequestInspection': {
'PayloadType': 'JSON'|'FORM_ENCODED',
'UsernameField': {
'Identifier': 'string'
},
'PasswordField': {
'Identifier': 'string'
},
'EmailField': {
'Identifier': 'string'
},
'PhoneNumberFields': [
{
'Identifier': 'string'
},
],
'AddressFields': [
{
'Identifier': 'string'
},
]
},
'ResponseInspection': {
'StatusCode': {
'SuccessCodes': [
123,
],
'FailureCodes': [
123,
]
},
'Header': {
'Name': 'string',
'SuccessValues': [
'string',
],
'FailureValues': [
'string',
]
},
'BodyContains': {
'SuccessStrings': [
'string',
],
'FailureStrings': [
'string',
]
},
'Json': {
'Identifier': 'string',
'SuccessValues': [
'string',
],
'FailureValues': [
'string',
]
}
},
'EnableRegexInPath': True|False
},
'AWSManagedRulesAntiDDoSRuleSet': {
'ClientSideActionConfig': {
'Challenge': {
'UsageOfAction': 'ENABLED'|'DISABLED',
'Sensitivity': 'LOW'|'MEDIUM'|'HIGH',
'ExemptUriRegularExpressions': [
{
'RegexString': 'string'
},
]
}
},
'SensitivityToBlock': 'LOW'|'MEDIUM'|'HIGH'
}
},
],
'RuleActionOverrides': [
{
'Name': 'string',
'ActionToUse': {
'Block': {
'CustomResponse': {
'ResponseCode': 123,
'CustomResponseBodyKey': 'string',
'ResponseHeaders': [
{
'Name': 'string',
'Value': 'string'
},
]
}
},
'Allow': {
'CustomRequestHandling': {
'InsertHeaders': [
{
'Name': 'string',
'Value': 'string'
},
]
}
},
'Count': {
'CustomRequestHandling': {
'InsertHeaders': [
{
'Name': 'string',
'Value': 'string'
},
]
}
},
'Captcha': {
'CustomRequestHandling': {
'InsertHeaders': [
{
'Name': 'string',
'Value': 'string'
},
]
}
},
'Challenge': {
'CustomRequestHandling': {
'InsertHeaders': [
{
'Name': 'string',
'Value': 'string'
},
]
}
}
}
},
]
},
'LabelMatchStatement': {
'Scope': 'LABEL'|'NAMESPACE',
'Key': 'string'
},
'RegexMatchStatement': {
'RegexString': 'string',
'FieldToMatch': {
'SingleHeader': {
'Name': 'string'
},
'SingleQueryArgument': {
'Name': 'string'
},
'AllQueryArguments': {}
,
'UriPath': {}
,
'QueryString': {}
,
'Body': {
'OversizeHandling': 'CONTINUE'|'MATCH'|'NO_MATCH'
},
'Method': {}
,
'JsonBody': {
'MatchPattern': {
'All': {}
,
'IncludedPaths': [
'string',
]
},
'MatchScope': 'ALL'|'KEY'|'VALUE',
'InvalidFallbackBehavior': 'MATCH'|'NO_MATCH'|'EVALUATE_AS_STRING',
'OversizeHandling': 'CONTINUE'|'MATCH'|'NO_MATCH'
},
'Headers': {
'MatchPattern': {
'All': {}
,
'IncludedHeaders': [
'string',
],
'ExcludedHeaders': [
'string',
]
},
'MatchScope': 'ALL'|'KEY'|'VALUE',
'OversizeHandling': 'CONTINUE'|'MATCH'|'NO_MATCH'
},
'Cookies': {
'MatchPattern': {
'All': {}
,
'IncludedCookies': [
'string',
],
'ExcludedCookies': [
'string',
]
},
'MatchScope': 'ALL'|'KEY'|'VALUE',
'OversizeHandling': 'CONTINUE'|'MATCH'|'NO_MATCH'
},
'HeaderOrder': {
'OversizeHandling': 'CONTINUE'|'MATCH'|'NO_MATCH'
},
'JA3Fingerprint': {
'FallbackBehavior': 'MATCH'|'NO_MATCH'
},
'JA4Fingerprint': {
'FallbackBehavior': 'MATCH'|'NO_MATCH'
},
'UriFragment': {
'FallbackBehavior': 'MATCH'|'NO_MATCH'
}
},
'TextTransformations': [
{
'Priority': 123,
'Type': 'NONE'|'COMPRESS_WHITE_SPACE'|'HTML_ENTITY_DECODE'|'LOWERCASE'|'CMD_LINE'|'URL_DECODE'|'BASE64_DECODE'|'HEX_DECODE'|'MD5'|'REPLACE_COMMENTS'|'ESCAPE_SEQ_DECODE'|'SQL_HEX_DECODE'|'CSS_DECODE'|'JS_DECODE'|'NORMALIZE_PATH'|'NORMALIZE_PATH_WIN'|'REMOVE_NULLS'|'REPLACE_NULLS'|'BASE64_DECODE_EXT'|'URL_DECODE_UNI'|'UTF8_TO_UNICODE'
},
]
},
'AsnMatchStatement': {
'AsnList': [
123,
],
'ForwardedIPConfig': {
'HeaderName': 'string',
'FallbackBehavior': 'MATCH'|'NO_MATCH'
}
}
},
'Action': {
'Block': {
'CustomResponse': {
'ResponseCode': 123,
'CustomResponseBodyKey': 'string',
'ResponseHeaders': [
{
'Name': 'string',
'Value': 'string'
},
]
}
},
'Allow': {
'CustomRequestHandling': {
'InsertHeaders': [
{
'Name': 'string',
'Value': 'string'
},
]
}
},
'Count': {
'CustomRequestHandling': {
'InsertHeaders': [
{
'Name': 'string',
'Value': 'string'
},
]
}
},
'Captcha': {
'CustomRequestHandling': {
'InsertHeaders': [
{
'Name': 'string',
'Value': 'string'
},
]
}
},
'Challenge': {
'CustomRequestHandling': {
'InsertHeaders': [
{
'Name': 'string',
'Value': 'string'
},
]
}
}
},
'OverrideAction': {
'Count': {
'CustomRequestHandling': {
'InsertHeaders': [
{
'Name': 'string',
'Value': 'string'
},
]
}
},
'None': {}
},
'RuleLabels': [
{
'Name': 'string'
},
],
'VisibilityConfig': {
'SampledRequestsEnabled': True|False,
'CloudWatchMetricsEnabled': True|False,
'MetricName': 'string'
},
'CaptchaConfig': {
'ImmunityTimeProperty': {
'ImmunityTime': 123
}
},
'ChallengeConfig': {
'ImmunityTimeProperty': {
'ImmunityTime': 123
}
}
},
]
)
**Parameters**
::
# This section is too large to render.
# Please see the AWS API Documentation linked below.
`AWS API Documentation <https://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/CheckCapacity>`_
dict
Response Syntax
{
'Capacity': 123
}
Response Structure
(dict) --
Capacity (integer) --
The capacity required by the rules and scope.
{'Rules': {'Statement': {'ManagedRuleGroupStatement': {'ManagedRuleGroupConfigs': {'AWSManagedRulesAntiDDoSRuleSet': {'ClientSideActionConfig': {'Challenge': {'ExemptUriRegularExpressions': [{'RegexString': 'string'}],
'Sensitivity': 'LOW '
'| '
'MEDIUM '
'| '
'HIGH',
'UsageOfAction': 'ENABLED '
'| '
'DISABLED'}},
'SensitivityToBlock': 'LOW '
'| '
'MEDIUM '
'| '
'HIGH'}}}}}}
Creates a RuleGroup per the specifications provided.
A rule group defines a collection of rules to inspect and control web requests that you can use in a WebACL. When you create a rule group, you define an immutable capacity limit. If you update a rule group, you must stay within the capacity. This allows others to reuse the rule group with confidence in its capacity requirements.
See also: AWS API Documentation
Request Syntax
client.create_rule_group(
Name='string',
Scope='CLOUDFRONT'|'REGIONAL',
Capacity=123,
Description='string',
Rules=[
{
'Name': 'string',
'Priority': 123,
'Statement': {
'ByteMatchStatement': {
'SearchString': b'bytes',
'FieldToMatch': {
'SingleHeader': {
'Name': 'string'
},
'SingleQueryArgument': {
'Name': 'string'
},
'AllQueryArguments': {}
,
'UriPath': {}
,
'QueryString': {}
,
'Body': {
'OversizeHandling': 'CONTINUE'|'MATCH'|'NO_MATCH'
},
'Method': {}
,
'JsonBody': {
'MatchPattern': {
'All': {}
,
'IncludedPaths': [
'string',
]
},
'MatchScope': 'ALL'|'KEY'|'VALUE',
'InvalidFallbackBehavior': 'MATCH'|'NO_MATCH'|'EVALUATE_AS_STRING',
'OversizeHandling': 'CONTINUE'|'MATCH'|'NO_MATCH'
},
'Headers': {
'MatchPattern': {
'All': {}
,
'IncludedHeaders': [
'string',
],
'ExcludedHeaders': [
'string',
]
},
'MatchScope': 'ALL'|'KEY'|'VALUE',
'OversizeHandling': 'CONTINUE'|'MATCH'|'NO_MATCH'
},
'Cookies': {
'MatchPattern': {
'All': {}
,
'IncludedCookies': [
'string',
],
'ExcludedCookies': [
'string',
]
},
'MatchScope': 'ALL'|'KEY'|'VALUE',
'OversizeHandling': 'CONTINUE'|'MATCH'|'NO_MATCH'
},
'HeaderOrder': {
'OversizeHandling': 'CONTINUE'|'MATCH'|'NO_MATCH'
},
'JA3Fingerprint': {
'FallbackBehavior': 'MATCH'|'NO_MATCH'
},
'JA4Fingerprint': {
'FallbackBehavior': 'MATCH'|'NO_MATCH'
},
'UriFragment': {
'FallbackBehavior': 'MATCH'|'NO_MATCH'
}
},
'TextTransformations': [
{
'Priority': 123,
'Type': 'NONE'|'COMPRESS_WHITE_SPACE'|'HTML_ENTITY_DECODE'|'LOWERCASE'|'CMD_LINE'|'URL_DECODE'|'BASE64_DECODE'|'HEX_DECODE'|'MD5'|'REPLACE_COMMENTS'|'ESCAPE_SEQ_DECODE'|'SQL_HEX_DECODE'|'CSS_DECODE'|'JS_DECODE'|'NORMALIZE_PATH'|'NORMALIZE_PATH_WIN'|'REMOVE_NULLS'|'REPLACE_NULLS'|'BASE64_DECODE_EXT'|'URL_DECODE_UNI'|'UTF8_TO_UNICODE'
},
],
'PositionalConstraint': 'EXACTLY'|'STARTS_WITH'|'ENDS_WITH'|'CONTAINS'|'CONTAINS_WORD'
},
'SqliMatchStatement': {
'FieldToMatch': {
'SingleHeader': {
'Name': 'string'
},
'SingleQueryArgument': {
'Name': 'string'
},
'AllQueryArguments': {}
,
'UriPath': {}
,
'QueryString': {}
,
'Body': {
'OversizeHandling': 'CONTINUE'|'MATCH'|'NO_MATCH'
},
'Method': {}
,
'JsonBody': {
'MatchPattern': {
'All': {}
,
'IncludedPaths': [
'string',
]
},
'MatchScope': 'ALL'|'KEY'|'VALUE',
'InvalidFallbackBehavior': 'MATCH'|'NO_MATCH'|'EVALUATE_AS_STRING',
'OversizeHandling': 'CONTINUE'|'MATCH'|'NO_MATCH'
},
'Headers': {
'MatchPattern': {
'All': {}
,
'IncludedHeaders': [
'string',
],
'ExcludedHeaders': [
'string',
]
},
'MatchScope': 'ALL'|'KEY'|'VALUE',
'OversizeHandling': 'CONTINUE'|'MATCH'|'NO_MATCH'
},
'Cookies': {
'MatchPattern': {
'All': {}
,
'IncludedCookies': [
'string',
],
'ExcludedCookies': [
'string',
]
},
'MatchScope': 'ALL'|'KEY'|'VALUE',
'OversizeHandling': 'CONTINUE'|'MATCH'|'NO_MATCH'
},
'HeaderOrder': {
'OversizeHandling': 'CONTINUE'|'MATCH'|'NO_MATCH'
},
'JA3Fingerprint': {
'FallbackBehavior': 'MATCH'|'NO_MATCH'
},
'JA4Fingerprint': {
'FallbackBehavior': 'MATCH'|'NO_MATCH'
},
'UriFragment': {
'FallbackBehavior': 'MATCH'|'NO_MATCH'
}
},
'TextTransformations': [
{
'Priority': 123,
'Type': 'NONE'|'COMPRESS_WHITE_SPACE'|'HTML_ENTITY_DECODE'|'LOWERCASE'|'CMD_LINE'|'URL_DECODE'|'BASE64_DECODE'|'HEX_DECODE'|'MD5'|'REPLACE_COMMENTS'|'ESCAPE_SEQ_DECODE'|'SQL_HEX_DECODE'|'CSS_DECODE'|'JS_DECODE'|'NORMALIZE_PATH'|'NORMALIZE_PATH_WIN'|'REMOVE_NULLS'|'REPLACE_NULLS'|'BASE64_DECODE_EXT'|'URL_DECODE_UNI'|'UTF8_TO_UNICODE'
},
],
'SensitivityLevel': 'LOW'|'HIGH'
},
'XssMatchStatement': {
'FieldToMatch': {
'SingleHeader': {
'Name': 'string'
},
'SingleQueryArgument': {
'Name': 'string'
},
'AllQueryArguments': {}
,
'UriPath': {}
,
'QueryString': {}
,
'Body': {
'OversizeHandling': 'CONTINUE'|'MATCH'|'NO_MATCH'
},
'Method': {}
,
'JsonBody': {
'MatchPattern': {
'All': {}
,
'IncludedPaths': [
'string',
]
},
'MatchScope': 'ALL'|'KEY'|'VALUE',
'InvalidFallbackBehavior': 'MATCH'|'NO_MATCH'|'EVALUATE_AS_STRING',
'OversizeHandling': 'CONTINUE'|'MATCH'|'NO_MATCH'
},
'Headers': {
'MatchPattern': {
'All': {}
,
'IncludedHeaders': [
'string',
],
'ExcludedHeaders': [
'string',
]
},
'MatchScope': 'ALL'|'KEY'|'VALUE',
'OversizeHandling': 'CONTINUE'|'MATCH'|'NO_MATCH'
},
'Cookies': {
'MatchPattern': {
'All': {}
,
'IncludedCookies': [
'string',
],
'ExcludedCookies': [
'string',
]
},
'MatchScope': 'ALL'|'KEY'|'VALUE',
'OversizeHandling': 'CONTINUE'|'MATCH'|'NO_MATCH'
},
'HeaderOrder': {
'OversizeHandling': 'CONTINUE'|'MATCH'|'NO_MATCH'
},
'JA3Fingerprint': {
'FallbackBehavior': 'MATCH'|'NO_MATCH'
},
'JA4Fingerprint': {
'FallbackBehavior': 'MATCH'|'NO_MATCH'
},
'UriFragment': {
'FallbackBehavior': 'MATCH'|'NO_MATCH'
}
},
'TextTransformations': [
{
'Priority': 123,
'Type': 'NONE'|'COMPRESS_WHITE_SPACE'|'HTML_ENTITY_DECODE'|'LOWERCASE'|'CMD_LINE'|'URL_DECODE'|'BASE64_DECODE'|'HEX_DECODE'|'MD5'|'REPLACE_COMMENTS'|'ESCAPE_SEQ_DECODE'|'SQL_HEX_DECODE'|'CSS_DECODE'|'JS_DECODE'|'NORMALIZE_PATH'|'NORMALIZE_PATH_WIN'|'REMOVE_NULLS'|'REPLACE_NULLS'|'BASE64_DECODE_EXT'|'URL_DECODE_UNI'|'UTF8_TO_UNICODE'
},
]
},
'SizeConstraintStatement': {
'FieldToMatch': {
'SingleHeader': {
'Name': 'string'
},
'SingleQueryArgument': {
'Name': 'string'
},
'AllQueryArguments': {}
,
'UriPath': {}
,
'QueryString': {}
,
'Body': {
'OversizeHandling': 'CONTINUE'|'MATCH'|'NO_MATCH'
},
'Method': {}
,
'JsonBody': {
'MatchPattern': {
'All': {}
,
'IncludedPaths': [
'string',
]
},
'MatchScope': 'ALL'|'KEY'|'VALUE',
'InvalidFallbackBehavior': 'MATCH'|'NO_MATCH'|'EVALUATE_AS_STRING',
'OversizeHandling': 'CONTINUE'|'MATCH'|'NO_MATCH'
},
'Headers': {
'MatchPattern': {
'All': {}
,
'IncludedHeaders': [
'string',
],
'ExcludedHeaders': [
'string',
]
},
'MatchScope': 'ALL'|'KEY'|'VALUE',
'OversizeHandling': 'CONTINUE'|'MATCH'|'NO_MATCH'
},
'Cookies': {
'MatchPattern': {
'All': {}
,
'IncludedCookies': [
'string',
],
'ExcludedCookies': [
'string',
]
},
'MatchScope': 'ALL'|'KEY'|'VALUE',
'OversizeHandling': 'CONTINUE'|'MATCH'|'NO_MATCH'
},
'HeaderOrder': {
'OversizeHandling': 'CONTINUE'|'MATCH'|'NO_MATCH'
},
'JA3Fingerprint': {
'FallbackBehavior': 'MATCH'|'NO_MATCH'
},
'JA4Fingerprint': {
'FallbackBehavior': 'MATCH'|'NO_MATCH'
},
'UriFragment': {
'FallbackBehavior': 'MATCH'|'NO_MATCH'
}
},
'ComparisonOperator': 'EQ'|'NE'|'LE'|'LT'|'GE'|'GT',
'Size': 123,
'TextTransformations': [
{
'Priority': 123,
'Type': 'NONE'|'COMPRESS_WHITE_SPACE'|'HTML_ENTITY_DECODE'|'LOWERCASE'|'CMD_LINE'|'URL_DECODE'|'BASE64_DECODE'|'HEX_DECODE'|'MD5'|'REPLACE_COMMENTS'|'ESCAPE_SEQ_DECODE'|'SQL_HEX_DECODE'|'CSS_DECODE'|'JS_DECODE'|'NORMALIZE_PATH'|'NORMALIZE_PATH_WIN'|'REMOVE_NULLS'|'REPLACE_NULLS'|'BASE64_DECODE_EXT'|'URL_DECODE_UNI'|'UTF8_TO_UNICODE'
},
]
},
'GeoMatchStatement': {
'CountryCodes': [
'AF'|'AX'|'AL'|'DZ'|'AS'|'AD'|'AO'|'AI'|'AQ'|'AG'|'AR'|'AM'|'AW'|'AU'|'AT'|'AZ'|'BS'|'BH'|'BD'|'BB'|'BY'|'BE'|'BZ'|'BJ'|'BM'|'BT'|'BO'|'BQ'|'BA'|'BW'|'BV'|'BR'|'IO'|'BN'|'BG'|'BF'|'BI'|'KH'|'CM'|'CA'|'CV'|'KY'|'CF'|'TD'|'CL'|'CN'|'CX'|'CC'|'CO'|'KM'|'CG'|'CD'|'CK'|'CR'|'CI'|'HR'|'CU'|'CW'|'CY'|'CZ'|'DK'|'DJ'|'DM'|'DO'|'EC'|'EG'|'SV'|'GQ'|'ER'|'EE'|'ET'|'FK'|'FO'|'FJ'|'FI'|'FR'|'GF'|'PF'|'TF'|'GA'|'GM'|'GE'|'DE'|'GH'|'GI'|'GR'|'GL'|'GD'|'GP'|'GU'|'GT'|'GG'|'GN'|'GW'|'GY'|'HT'|'HM'|'VA'|'HN'|'HK'|'HU'|'IS'|'IN'|'ID'|'IR'|'IQ'|'IE'|'IM'|'IL'|'IT'|'JM'|'JP'|'JE'|'JO'|'KZ'|'KE'|'KI'|'KP'|'KR'|'KW'|'KG'|'LA'|'LV'|'LB'|'LS'|'LR'|'LY'|'LI'|'LT'|'LU'|'MO'|'MK'|'MG'|'MW'|'MY'|'MV'|'ML'|'MT'|'MH'|'MQ'|'MR'|'MU'|'YT'|'MX'|'FM'|'MD'|'MC'|'MN'|'ME'|'MS'|'MA'|'MZ'|'MM'|'NA'|'NR'|'NP'|'NL'|'NC'|'NZ'|'NI'|'NE'|'NG'|'NU'|'NF'|'MP'|'NO'|'OM'|'PK'|'PW'|'PS'|'PA'|'PG'|'PY'|'PE'|'PH'|'PN'|'PL'|'PT'|'PR'|'QA'|'RE'|'RO'|'RU'|'RW'|'BL'|'SH'|'KN'|'LC'|'MF'|'PM'|'VC'|'WS'|'SM'|'ST'|'SA'|'SN'|'RS'|'SC'|'SL'|'SG'|'SX'|'SK'|'SI'|'SB'|'SO'|'ZA'|'GS'|'SS'|'ES'|'LK'|'SD'|'SR'|'SJ'|'SZ'|'SE'|'CH'|'SY'|'TW'|'TJ'|'TZ'|'TH'|'TL'|'TG'|'TK'|'TO'|'TT'|'TN'|'TR'|'TM'|'TC'|'TV'|'UG'|'UA'|'AE'|'GB'|'US'|'UM'|'UY'|'UZ'|'VU'|'VE'|'VN'|'VG'|'VI'|'WF'|'EH'|'YE'|'ZM'|'ZW'|'XK',
],
'ForwardedIPConfig': {
'HeaderName': 'string',
'FallbackBehavior': 'MATCH'|'NO_MATCH'
}
},
'RuleGroupReferenceStatement': {
'ARN': 'string',
'ExcludedRules': [
{
'Name': 'string'
},
],
'RuleActionOverrides': [
{
'Name': 'string',
'ActionToUse': {
'Block': {
'CustomResponse': {
'ResponseCode': 123,
'CustomResponseBodyKey': 'string',
'ResponseHeaders': [
{
'Name': 'string',
'Value': 'string'
},
]
}
},
'Allow': {
'CustomRequestHandling': {
'InsertHeaders': [
{
'Name': 'string',
'Value': 'string'
},
]
}
},
'Count': {
'CustomRequestHandling': {
'InsertHeaders': [
{
'Name': 'string',
'Value': 'string'
},
]
}
},
'Captcha': {
'CustomRequestHandling': {
'InsertHeaders': [
{
'Name': 'string',
'Value': 'string'
},
]
}
},
'Challenge': {
'CustomRequestHandling': {
'InsertHeaders': [
{
'Name': 'string',
'Value': 'string'
},
]
}
}
}
},
]
},
'IPSetReferenceStatement': {
'ARN': 'string',
'IPSetForwardedIPConfig': {
'HeaderName': 'string',
'FallbackBehavior': 'MATCH'|'NO_MATCH',
'Position': 'FIRST'|'LAST'|'ANY'
}
},
'RegexPatternSetReferenceStatement': {
'ARN': 'string',
'FieldToMatch': {
'SingleHeader': {
'Name': 'string'
},
'SingleQueryArgument': {
'Name': 'string'
},
'AllQueryArguments': {}
,
'UriPath': {}
,
'QueryString': {}
,
'Body': {
'OversizeHandling': 'CONTINUE'|'MATCH'|'NO_MATCH'
},
'Method': {}
,
'JsonBody': {
'MatchPattern': {
'All': {}
,
'IncludedPaths': [
'string',
]
},
'MatchScope': 'ALL'|'KEY'|'VALUE',
'InvalidFallbackBehavior': 'MATCH'|'NO_MATCH'|'EVALUATE_AS_STRING',
'OversizeHandling': 'CONTINUE'|'MATCH'|'NO_MATCH'
},
'Headers': {
'MatchPattern': {
'All': {}
,
'IncludedHeaders': [
'string',
],
'ExcludedHeaders': [
'string',
]
},
'MatchScope': 'ALL'|'KEY'|'VALUE',
'OversizeHandling': 'CONTINUE'|'MATCH'|'NO_MATCH'
},
'Cookies': {
'MatchPattern': {
'All': {}
,
'IncludedCookies': [
'string',
],
'ExcludedCookies': [
'string',
]
},
'MatchScope': 'ALL'|'KEY'|'VALUE',
'OversizeHandling': 'CONTINUE'|'MATCH'|'NO_MATCH'
},
'HeaderOrder': {
'OversizeHandling': 'CONTINUE'|'MATCH'|'NO_MATCH'
},
'JA3Fingerprint': {
'FallbackBehavior': 'MATCH'|'NO_MATCH'
},
'JA4Fingerprint': {
'FallbackBehavior': 'MATCH'|'NO_MATCH'
},
'UriFragment': {
'FallbackBehavior': 'MATCH'|'NO_MATCH'
}
},
'TextTransformations': [
{
'Priority': 123,
'Type': 'NONE'|'COMPRESS_WHITE_SPACE'|'HTML_ENTITY_DECODE'|'LOWERCASE'|'CMD_LINE'|'URL_DECODE'|'BASE64_DECODE'|'HEX_DECODE'|'MD5'|'REPLACE_COMMENTS'|'ESCAPE_SEQ_DECODE'|'SQL_HEX_DECODE'|'CSS_DECODE'|'JS_DECODE'|'NORMALIZE_PATH'|'NORMALIZE_PATH_WIN'|'REMOVE_NULLS'|'REPLACE_NULLS'|'BASE64_DECODE_EXT'|'URL_DECODE_UNI'|'UTF8_TO_UNICODE'
},
]
},
'RateBasedStatement': {
'Limit': 123,
'EvaluationWindowSec': 123,
'AggregateKeyType': 'IP'|'FORWARDED_IP'|'CUSTOM_KEYS'|'CONSTANT',
'ScopeDownStatement': {'... recursive ...'},
'ForwardedIPConfig': {
'HeaderName': 'string',
'FallbackBehavior': 'MATCH'|'NO_MATCH'
},
'CustomKeys': [
{
'Header': {
'Name': 'string',
'TextTransformations': [
{
'Priority': 123,
'Type': 'NONE'|'COMPRESS_WHITE_SPACE'|'HTML_ENTITY_DECODE'|'LOWERCASE'|'CMD_LINE'|'URL_DECODE'|'BASE64_DECODE'|'HEX_DECODE'|'MD5'|'REPLACE_COMMENTS'|'ESCAPE_SEQ_DECODE'|'SQL_HEX_DECODE'|'CSS_DECODE'|'JS_DECODE'|'NORMALIZE_PATH'|'NORMALIZE_PATH_WIN'|'REMOVE_NULLS'|'REPLACE_NULLS'|'BASE64_DECODE_EXT'|'URL_DECODE_UNI'|'UTF8_TO_UNICODE'
},
]
},
'Cookie': {
'Name': 'string',
'TextTransformations': [
{
'Priority': 123,
'Type': 'NONE'|'COMPRESS_WHITE_SPACE'|'HTML_ENTITY_DECODE'|'LOWERCASE'|'CMD_LINE'|'URL_DECODE'|'BASE64_DECODE'|'HEX_DECODE'|'MD5'|'REPLACE_COMMENTS'|'ESCAPE_SEQ_DECODE'|'SQL_HEX_DECODE'|'CSS_DECODE'|'JS_DECODE'|'NORMALIZE_PATH'|'NORMALIZE_PATH_WIN'|'REMOVE_NULLS'|'REPLACE_NULLS'|'BASE64_DECODE_EXT'|'URL_DECODE_UNI'|'UTF8_TO_UNICODE'
},
]
},
'QueryArgument': {
'Name': 'string',
'TextTransformations': [
{
'Priority': 123,
'Type': 'NONE'|'COMPRESS_WHITE_SPACE'|'HTML_ENTITY_DECODE'|'LOWERCASE'|'CMD_LINE'|'URL_DECODE'|'BASE64_DECODE'|'HEX_DECODE'|'MD5'|'REPLACE_COMMENTS'|'ESCAPE_SEQ_DECODE'|'SQL_HEX_DECODE'|'CSS_DECODE'|'JS_DECODE'|'NORMALIZE_PATH'|'NORMALIZE_PATH_WIN'|'REMOVE_NULLS'|'REPLACE_NULLS'|'BASE64_DECODE_EXT'|'URL_DECODE_UNI'|'UTF8_TO_UNICODE'
},
]
},
'QueryString': {
'TextTransformations': [
{
'Priority': 123,
'Type': 'NONE'|'COMPRESS_WHITE_SPACE'|'HTML_ENTITY_DECODE'|'LOWERCASE'|'CMD_LINE'|'URL_DECODE'|'BASE64_DECODE'|'HEX_DECODE'|'MD5'|'REPLACE_COMMENTS'|'ESCAPE_SEQ_DECODE'|'SQL_HEX_DECODE'|'CSS_DECODE'|'JS_DECODE'|'NORMALIZE_PATH'|'NORMALIZE_PATH_WIN'|'REMOVE_NULLS'|'REPLACE_NULLS'|'BASE64_DECODE_EXT'|'URL_DECODE_UNI'|'UTF8_TO_UNICODE'
},
]
},
'HTTPMethod': {}
,
'ForwardedIP': {}
,
'IP': {}
,
'LabelNamespace': {
'Namespace': 'string'
},
'UriPath': {
'TextTransformations': [
{
'Priority': 123,
'Type': 'NONE'|'COMPRESS_WHITE_SPACE'|'HTML_ENTITY_DECODE'|'LOWERCASE'|'CMD_LINE'|'URL_DECODE'|'BASE64_DECODE'|'HEX_DECODE'|'MD5'|'REPLACE_COMMENTS'|'ESCAPE_SEQ_DECODE'|'SQL_HEX_DECODE'|'CSS_DECODE'|'JS_DECODE'|'NORMALIZE_PATH'|'NORMALIZE_PATH_WIN'|'REMOVE_NULLS'|'REPLACE_NULLS'|'BASE64_DECODE_EXT'|'URL_DECODE_UNI'|'UTF8_TO_UNICODE'
},
]
},
'JA3Fingerprint': {
'FallbackBehavior': 'MATCH'|'NO_MATCH'
},
'JA4Fingerprint': {
'FallbackBehavior': 'MATCH'|'NO_MATCH'
},
'ASN': {}
},
]
},
'AndStatement': {
'Statements': [
{'... recursive ...'},
]
},
'OrStatement': {
'Statements': [
{'... recursive ...'},
]
},
'NotStatement': {
'Statement': {'... recursive ...'}
},
'ManagedRuleGroupStatement': {
'VendorName': 'string',
'Name': 'string',
'Version': 'string',
'ExcludedRules': [
{
'Name': 'string'
},
],
'ScopeDownStatement': {'... recursive ...'},
'ManagedRuleGroupConfigs': [
{
'LoginPath': 'string',
'PayloadType': 'JSON'|'FORM_ENCODED',
'UsernameField': {
'Identifier': 'string'
},
'PasswordField': {
'Identifier': 'string'
},
'AWSManagedRulesBotControlRuleSet': {
'InspectionLevel': 'COMMON'|'TARGETED',
'EnableMachineLearning': True|False
},
'AWSManagedRulesATPRuleSet': {
'LoginPath': 'string',
'RequestInspection': {
'PayloadType': 'JSON'|'FORM_ENCODED',
'UsernameField': {
'Identifier': 'string'
},
'PasswordField': {
'Identifier': 'string'
}
},
'ResponseInspection': {
'StatusCode': {
'SuccessCodes': [
123,
],
'FailureCodes': [
123,
]
},
'Header': {
'Name': 'string',
'SuccessValues': [
'string',
],
'FailureValues': [
'string',
]
},
'BodyContains': {
'SuccessStrings': [
'string',
],
'FailureStrings': [
'string',
]
},
'Json': {
'Identifier': 'string',
'SuccessValues': [
'string',
],
'FailureValues': [
'string',
]
}
},
'EnableRegexInPath': True|False
},
'AWSManagedRulesACFPRuleSet': {
'CreationPath': 'string',
'RegistrationPagePath': 'string',
'RequestInspection': {
'PayloadType': 'JSON'|'FORM_ENCODED',
'UsernameField': {
'Identifier': 'string'
},
'PasswordField': {
'Identifier': 'string'
},
'EmailField': {
'Identifier': 'string'
},
'PhoneNumberFields': [
{
'Identifier': 'string'
},
],
'AddressFields': [
{
'Identifier': 'string'
},
]
},
'ResponseInspection': {
'StatusCode': {
'SuccessCodes': [
123,
],
'FailureCodes': [
123,
]
},
'Header': {
'Name': 'string',
'SuccessValues': [
'string',
],
'FailureValues': [
'string',
]
},
'BodyContains': {
'SuccessStrings': [
'string',
],
'FailureStrings': [
'string',
]
},
'Json': {
'Identifier': 'string',
'SuccessValues': [
'string',
],
'FailureValues': [
'string',
]
}
},
'EnableRegexInPath': True|False
},
'AWSManagedRulesAntiDDoSRuleSet': {
'ClientSideActionConfig': {
'Challenge': {
'UsageOfAction': 'ENABLED'|'DISABLED',
'Sensitivity': 'LOW'|'MEDIUM'|'HIGH',
'ExemptUriRegularExpressions': [
{
'RegexString': 'string'
},
]
}
},
'SensitivityToBlock': 'LOW'|'MEDIUM'|'HIGH'
}
},
],
'RuleActionOverrides': [
{
'Name': 'string',
'ActionToUse': {
'Block': {
'CustomResponse': {
'ResponseCode': 123,
'CustomResponseBodyKey': 'string',
'ResponseHeaders': [
{
'Name': 'string',
'Value': 'string'
},
]
}
},
'Allow': {
'CustomRequestHandling': {
'InsertHeaders': [
{
'Name': 'string',
'Value': 'string'
},
]
}
},
'Count': {
'CustomRequestHandling': {
'InsertHeaders': [
{
'Name': 'string',
'Value': 'string'
},
]
}
},
'Captcha': {
'CustomRequestHandling': {
'InsertHeaders': [
{
'Name': 'string',
'Value': 'string'
},
]
}
},
'Challenge': {
'CustomRequestHandling': {
'InsertHeaders': [
{
'Name': 'string',
'Value': 'string'
},
]
}
}
}
},
]
},
'LabelMatchStatement': {
'Scope': 'LABEL'|'NAMESPACE',
'Key': 'string'
},
'RegexMatchStatement': {
'RegexString': 'string',
'FieldToMatch': {
'SingleHeader': {
'Name': 'string'
},
'SingleQueryArgument': {
'Name': 'string'
},
'AllQueryArguments': {}
,
'UriPath': {}
,
'QueryString': {}
,
'Body': {
'OversizeHandling': 'CONTINUE'|'MATCH'|'NO_MATCH'
},
'Method': {}
,
'JsonBody': {
'MatchPattern': {
'All': {}
,
'IncludedPaths': [
'string',
]
},
'MatchScope': 'ALL'|'KEY'|'VALUE',
'InvalidFallbackBehavior': 'MATCH'|'NO_MATCH'|'EVALUATE_AS_STRING',
'OversizeHandling': 'CONTINUE'|'MATCH'|'NO_MATCH'
},
'Headers': {
'MatchPattern': {
'All': {}
,
'IncludedHeaders': [
'string',
],
'ExcludedHeaders': [
'string',
]
},
'MatchScope': 'ALL'|'KEY'|'VALUE',
'OversizeHandling': 'CONTINUE'|'MATCH'|'NO_MATCH'
},
'Cookies': {
'MatchPattern': {
'All': {}
,
'IncludedCookies': [
'string',
],
'ExcludedCookies': [
'string',
]
},
'MatchScope': 'ALL'|'KEY'|'VALUE',
'OversizeHandling': 'CONTINUE'|'MATCH'|'NO_MATCH'
},
'HeaderOrder': {
'OversizeHandling': 'CONTINUE'|'MATCH'|'NO_MATCH'
},
'JA3Fingerprint': {
'FallbackBehavior': 'MATCH'|'NO_MATCH'
},
'JA4Fingerprint': {
'FallbackBehavior': 'MATCH'|'NO_MATCH'
},
'UriFragment': {
'FallbackBehavior': 'MATCH'|'NO_MATCH'
}
},
'TextTransformations': [
{
'Priority': 123,
'Type': 'NONE'|'COMPRESS_WHITE_SPACE'|'HTML_ENTITY_DECODE'|'LOWERCASE'|'CMD_LINE'|'URL_DECODE'|'BASE64_DECODE'|'HEX_DECODE'|'MD5'|'REPLACE_COMMENTS'|'ESCAPE_SEQ_DECODE'|'SQL_HEX_DECODE'|'CSS_DECODE'|'JS_DECODE'|'NORMALIZE_PATH'|'NORMALIZE_PATH_WIN'|'REMOVE_NULLS'|'REPLACE_NULLS'|'BASE64_DECODE_EXT'|'URL_DECODE_UNI'|'UTF8_TO_UNICODE'
},
]
},
'AsnMatchStatement': {
'AsnList': [
123,
],
'ForwardedIPConfig': {
'HeaderName': 'string',
'FallbackBehavior': 'MATCH'|'NO_MATCH'
}
}
},
'Action': {
'Block': {
'CustomResponse': {
'ResponseCode': 123,
'CustomResponseBodyKey': 'string',
'ResponseHeaders': [
{
'Name': 'string',
'Value': 'string'
},
]
}
},
'Allow': {
'CustomRequestHandling': {
'InsertHeaders': [
{
'Name': 'string',
'Value': 'string'
},
]
}
},
'Count': {
'CustomRequestHandling': {
'InsertHeaders': [
{
'Name': 'string',
'Value': 'string'
},
]
}
},
'Captcha': {
'CustomRequestHandling': {
'InsertHeaders': [
{
'Name': 'string',
'Value': 'string'
},
]
}
},
'Challenge': {
'CustomRequestHandling': {
'InsertHeaders': [
{
'Name': 'string',
'Value': 'string'
},
]
}
}
},
'OverrideAction': {
'Count': {
'CustomRequestHandling': {
'InsertHeaders': [
{
'Name': 'string',
'Value': 'string'
},
]
}
},
'None': {}
},
'RuleLabels': [
{
'Name': 'string'
},
],
'VisibilityConfig': {
'SampledRequestsEnabled': True|False,
'CloudWatchMetricsEnabled': True|False,
'MetricName': 'string'
},
'CaptchaConfig': {
'ImmunityTimeProperty': {
'ImmunityTime': 123
}
},
'ChallengeConfig': {
'ImmunityTimeProperty': {
'ImmunityTime': 123
}
}
},
],
VisibilityConfig={
'SampledRequestsEnabled': True|False,
'CloudWatchMetricsEnabled': True|False,
'MetricName': 'string'
},
Tags=[
{
'Key': 'string',
'Value': 'string'
},
],
CustomResponseBodies={
'string': {
'ContentType': 'TEXT_PLAIN'|'TEXT_HTML'|'APPLICATION_JSON',
'Content': 'string'
}
}
)
**Parameters**
::
# This section is too large to render.
# Please see the AWS API Documentation linked below.
`AWS API Documentation <https://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/CreateRuleGroup>`_
dict
Response Syntax
{
'Summary': {
'Name': 'string',
'Id': 'string',
'Description': 'string',
'LockToken': 'string',
'ARN': 'string'
}
}
Response Structure
(dict) --
Summary (dict) --
High-level information about a RuleGroup, returned by operations like create and list. This provides information like the ID, that you can use to retrieve and manage a RuleGroup, and the ARN, that you provide to the RuleGroupReferenceStatement to use the rule group in a Rule.
Name (string) --
The name of the data type instance. You cannot change the name after you create the instance.
Id (string) --
A unique identifier for the rule group. This ID is returned in the responses to create and list commands. You provide it to operations like update and delete.
Description (string) --
A description of the rule group that helps with identification.
LockToken (string) --
A token used for optimistic locking. WAF returns a token to your get and list requests, to mark the state of the entity at the time of the request. To make changes to the entity associated with the token, you provide the token to operations like update and delete. WAF uses the token to ensure that no changes have been made to the entity since you last retrieved it. If a change has been made, the update fails with a WAFOptimisticLockException. If this happens, perform another get, and use the new token returned by that operation.
ARN (string) --
The Amazon Resource Name (ARN) of the entity.
{'OnSourceDDoSProtectionConfig': {'ALBLowReputationMode': 'ACTIVE_UNDER_DDOS | '
'ALWAYS_ON'},
'Rules': {'Statement': {'ManagedRuleGroupStatement': {'ManagedRuleGroupConfigs': {'AWSManagedRulesAntiDDoSRuleSet': {'ClientSideActionConfig': {'Challenge': {'ExemptUriRegularExpressions': [{'RegexString': 'string'}],
'Sensitivity': 'LOW '
'| '
'MEDIUM '
'| '
'HIGH',
'UsageOfAction': 'ENABLED '
'| '
'DISABLED'}},
'SensitivityToBlock': 'LOW '
'| '
'MEDIUM '
'| '
'HIGH'}}}}}}
Creates a WebACL per the specifications provided.
A web ACL defines a collection of rules to use to inspect and control web requests. Each rule has a statement that defines what to look for in web requests and an action that WAF applies to requests that match the statement. In the web ACL, you assign a default action to take (allow, block) for any request that does not match any of the rules. The rules in a web ACL can be a combination of the types Rule, RuleGroup, and managed rule group. You can associate a web ACL with one or more Amazon Web Services resources to protect. The resource types include Amazon CloudFront distribution, Amazon API Gateway REST API, Application Load Balancer, AppSync GraphQL API, Amazon Cognito user pool, App Runner service, Amplify application, and Amazon Web Services Verified Access instance.
See also: AWS API Documentation
Request Syntax
client.create_web_acl(
Name='string',
Scope='CLOUDFRONT'|'REGIONAL',
DefaultAction={
'Block': {
'CustomResponse': {
'ResponseCode': 123,
'CustomResponseBodyKey': 'string',
'ResponseHeaders': [
{
'Name': 'string',
'Value': 'string'
},
]
}
},
'Allow': {
'CustomRequestHandling': {
'InsertHeaders': [
{
'Name': 'string',
'Value': 'string'
},
]
}
}
},
Description='string',
Rules=[
{
'Name': 'string',
'Priority': 123,
'Statement': {
'ByteMatchStatement': {
'SearchString': b'bytes',
'FieldToMatch': {
'SingleHeader': {
'Name': 'string'
},
'SingleQueryArgument': {
'Name': 'string'
},
'AllQueryArguments': {}
,
'UriPath': {}
,
'QueryString': {}
,
'Body': {
'OversizeHandling': 'CONTINUE'|'MATCH'|'NO_MATCH'
},
'Method': {}
,
'JsonBody': {
'MatchPattern': {
'All': {}
,
'IncludedPaths': [
'string',
]
},
'MatchScope': 'ALL'|'KEY'|'VALUE',
'InvalidFallbackBehavior': 'MATCH'|'NO_MATCH'|'EVALUATE_AS_STRING',
'OversizeHandling': 'CONTINUE'|'MATCH'|'NO_MATCH'
},
'Headers': {
'MatchPattern': {
'All': {}
,
'IncludedHeaders': [
'string',
],
'ExcludedHeaders': [
'string',
]
},
'MatchScope': 'ALL'|'KEY'|'VALUE',
'OversizeHandling': 'CONTINUE'|'MATCH'|'NO_MATCH'
},
'Cookies': {
'MatchPattern': {
'All': {}
,
'IncludedCookies': [
'string',
],
'ExcludedCookies': [
'string',
]
},
'MatchScope': 'ALL'|'KEY'|'VALUE',
'OversizeHandling': 'CONTINUE'|'MATCH'|'NO_MATCH'
},
'HeaderOrder': {
'OversizeHandling': 'CONTINUE'|'MATCH'|'NO_MATCH'
},
'JA3Fingerprint': {
'FallbackBehavior': 'MATCH'|'NO_MATCH'
},
'JA4Fingerprint': {
'FallbackBehavior': 'MATCH'|'NO_MATCH'
},
'UriFragment': {
'FallbackBehavior': 'MATCH'|'NO_MATCH'
}
},
'TextTransformations': [
{
'Priority': 123,
'Type': 'NONE'|'COMPRESS_WHITE_SPACE'|'HTML_ENTITY_DECODE'|'LOWERCASE'|'CMD_LINE'|'URL_DECODE'|'BASE64_DECODE'|'HEX_DECODE'|'MD5'|'REPLACE_COMMENTS'|'ESCAPE_SEQ_DECODE'|'SQL_HEX_DECODE'|'CSS_DECODE'|'JS_DECODE'|'NORMALIZE_PATH'|'NORMALIZE_PATH_WIN'|'REMOVE_NULLS'|'REPLACE_NULLS'|'BASE64_DECODE_EXT'|'URL_DECODE_UNI'|'UTF8_TO_UNICODE'
},
],
'PositionalConstraint': 'EXACTLY'|'STARTS_WITH'|'ENDS_WITH'|'CONTAINS'|'CONTAINS_WORD'
},
'SqliMatchStatement': {
'FieldToMatch': {
'SingleHeader': {
'Name': 'string'
},
'SingleQueryArgument': {
'Name': 'string'
},
'AllQueryArguments': {}
,
'UriPath': {}
,
'QueryString': {}
,
'Body': {
'OversizeHandling': 'CONTINUE'|'MATCH'|'NO_MATCH'
},
'Method': {}
,
'JsonBody': {
'MatchPattern': {
'All': {}
,
'IncludedPaths': [
'string',
]
},
'MatchScope': 'ALL'|'KEY'|'VALUE',
'InvalidFallbackBehavior': 'MATCH'|'NO_MATCH'|'EVALUATE_AS_STRING',
'OversizeHandling': 'CONTINUE'|'MATCH'|'NO_MATCH'
},
'Headers': {
'MatchPattern': {
'All': {}
,
'IncludedHeaders': [
'string',
],
'ExcludedHeaders': [
'string',
]
},
'MatchScope': 'ALL'|'KEY'|'VALUE',
'OversizeHandling': 'CONTINUE'|'MATCH'|'NO_MATCH'
},
'Cookies': {
'MatchPattern': {
'All': {}
,
'IncludedCookies': [
'string',
],
'ExcludedCookies': [
'string',
]
},
'MatchScope': 'ALL'|'KEY'|'VALUE',
'OversizeHandling': 'CONTINUE'|'MATCH'|'NO_MATCH'
},
'HeaderOrder': {
'OversizeHandling': 'CONTINUE'|'MATCH'|'NO_MATCH'
},
'JA3Fingerprint': {
'FallbackBehavior': 'MATCH'|'NO_MATCH'
},
'JA4Fingerprint': {
'FallbackBehavior': 'MATCH'|'NO_MATCH'
},
'UriFragment': {
'FallbackBehavior': 'MATCH'|'NO_MATCH'
}
},
'TextTransformations': [
{
'Priority': 123,
'Type': 'NONE'|'COMPRESS_WHITE_SPACE'|'HTML_ENTITY_DECODE'|'LOWERCASE'|'CMD_LINE'|'URL_DECODE'|'BASE64_DECODE'|'HEX_DECODE'|'MD5'|'REPLACE_COMMENTS'|'ESCAPE_SEQ_DECODE'|'SQL_HEX_DECODE'|'CSS_DECODE'|'JS_DECODE'|'NORMALIZE_PATH'|'NORMALIZE_PATH_WIN'|'REMOVE_NULLS'|'REPLACE_NULLS'|'BASE64_DECODE_EXT'|'URL_DECODE_UNI'|'UTF8_TO_UNICODE'
},
],
'SensitivityLevel': 'LOW'|'HIGH'
},
'XssMatchStatement': {
'FieldToMatch': {
'SingleHeader': {
'Name': 'string'
},
'SingleQueryArgument': {
'Name': 'string'
},
'AllQueryArguments': {}
,
'UriPath': {}
,
'QueryString': {}
,
'Body': {
'OversizeHandling': 'CONTINUE'|'MATCH'|'NO_MATCH'
},
'Method': {}
,
'JsonBody': {
'MatchPattern': {
'All': {}
,
'IncludedPaths': [
'string',
]
},
'MatchScope': 'ALL'|'KEY'|'VALUE',
'InvalidFallbackBehavior': 'MATCH'|'NO_MATCH'|'EVALUATE_AS_STRING',
'OversizeHandling': 'CONTINUE'|'MATCH'|'NO_MATCH'
},
'Headers': {
'MatchPattern': {
'All': {}
,
'IncludedHeaders': [
'string',
],
'ExcludedHeaders': [
'string',
]
},
'MatchScope': 'ALL'|'KEY'|'VALUE',
'OversizeHandling': 'CONTINUE'|'MATCH'|'NO_MATCH'
},
'Cookies': {
'MatchPattern': {
'All': {}
,
'IncludedCookies': [
'string',
],
'ExcludedCookies': [
'string',
]
},
'MatchScope': 'ALL'|'KEY'|'VALUE',
'OversizeHandling': 'CONTINUE'|'MATCH'|'NO_MATCH'
},
'HeaderOrder': {
'OversizeHandling': 'CONTINUE'|'MATCH'|'NO_MATCH'
},
'JA3Fingerprint': {
'FallbackBehavior': 'MATCH'|'NO_MATCH'
},
'JA4Fingerprint': {
'FallbackBehavior': 'MATCH'|'NO_MATCH'
},
'UriFragment': {
'FallbackBehavior': 'MATCH'|'NO_MATCH'
}
},
'TextTransformations': [
{
'Priority': 123,
'Type': 'NONE'|'COMPRESS_WHITE_SPACE'|'HTML_ENTITY_DECODE'|'LOWERCASE'|'CMD_LINE'|'URL_DECODE'|'BASE64_DECODE'|'HEX_DECODE'|'MD5'|'REPLACE_COMMENTS'|'ESCAPE_SEQ_DECODE'|'SQL_HEX_DECODE'|'CSS_DECODE'|'JS_DECODE'|'NORMALIZE_PATH'|'NORMALIZE_PATH_WIN'|'REMOVE_NULLS'|'REPLACE_NULLS'|'BASE64_DECODE_EXT'|'URL_DECODE_UNI'|'UTF8_TO_UNICODE'
},
]
},
'SizeConstraintStatement': {
'FieldToMatch': {
'SingleHeader': {
'Name': 'string'
},
'SingleQueryArgument': {
'Name': 'string'
},
'AllQueryArguments': {}
,
'UriPath': {}
,
'QueryString': {}
,
'Body': {
'OversizeHandling': 'CONTINUE'|'MATCH'|'NO_MATCH'
},
'Method': {}
,
'JsonBody': {
'MatchPattern': {
'All': {}
,
'IncludedPaths': [
'string',
]
},
'MatchScope': 'ALL'|'KEY'|'VALUE',
'InvalidFallbackBehavior': 'MATCH'|'NO_MATCH'|'EVALUATE_AS_STRING',
'OversizeHandling': 'CONTINUE'|'MATCH'|'NO_MATCH'
},
'Headers': {
'MatchPattern': {
'All': {}
,
'IncludedHeaders': [
'string',
],
'ExcludedHeaders': [
'string',
]
},
'MatchScope': 'ALL'|'KEY'|'VALUE',
'OversizeHandling': 'CONTINUE'|'MATCH'|'NO_MATCH'
},
'Cookies': {
'MatchPattern': {
'All': {}
,
'IncludedCookies': [
'string',
],
'ExcludedCookies': [
'string',
]
},
'MatchScope': 'ALL'|'KEY'|'VALUE',
'OversizeHandling': 'CONTINUE'|'MATCH'|'NO_MATCH'
},
'HeaderOrder': {
'OversizeHandling': 'CONTINUE'|'MATCH'|'NO_MATCH'
},
'JA3Fingerprint': {
'FallbackBehavior': 'MATCH'|'NO_MATCH'
},
'JA4Fingerprint': {
'FallbackBehavior': 'MATCH'|'NO_MATCH'
},
'UriFragment': {
'FallbackBehavior': 'MATCH'|'NO_MATCH'
}
},
'ComparisonOperator': 'EQ'|'NE'|'LE'|'LT'|'GE'|'GT',
'Size': 123,
'TextTransformations': [
{
'Priority': 123,
'Type': 'NONE'|'COMPRESS_WHITE_SPACE'|'HTML_ENTITY_DECODE'|'LOWERCASE'|'CMD_LINE'|'URL_DECODE'|'BASE64_DECODE'|'HEX_DECODE'|'MD5'|'REPLACE_COMMENTS'|'ESCAPE_SEQ_DECODE'|'SQL_HEX_DECODE'|'CSS_DECODE'|'JS_DECODE'|'NORMALIZE_PATH'|'NORMALIZE_PATH_WIN'|'REMOVE_NULLS'|'REPLACE_NULLS'|'BASE64_DECODE_EXT'|'URL_DECODE_UNI'|'UTF8_TO_UNICODE'
},
]
},
'GeoMatchStatement': {
'CountryCodes': [
'AF'|'AX'|'AL'|'DZ'|'AS'|'AD'|'AO'|'AI'|'AQ'|'AG'|'AR'|'AM'|'AW'|'AU'|'AT'|'AZ'|'BS'|'BH'|'BD'|'BB'|'BY'|'BE'|'BZ'|'BJ'|'BM'|'BT'|'BO'|'BQ'|'BA'|'BW'|'BV'|'BR'|'IO'|'BN'|'BG'|'BF'|'BI'|'KH'|'CM'|'CA'|'CV'|'KY'|'CF'|'TD'|'CL'|'CN'|'CX'|'CC'|'CO'|'KM'|'CG'|'CD'|'CK'|'CR'|'CI'|'HR'|'CU'|'CW'|'CY'|'CZ'|'DK'|'DJ'|'DM'|'DO'|'EC'|'EG'|'SV'|'GQ'|'ER'|'EE'|'ET'|'FK'|'FO'|'FJ'|'FI'|'FR'|'GF'|'PF'|'TF'|'GA'|'GM'|'GE'|'DE'|'GH'|'GI'|'GR'|'GL'|'GD'|'GP'|'GU'|'GT'|'GG'|'GN'|'GW'|'GY'|'HT'|'HM'|'VA'|'HN'|'HK'|'HU'|'IS'|'IN'|'ID'|'IR'|'IQ'|'IE'|'IM'|'IL'|'IT'|'JM'|'JP'|'JE'|'JO'|'KZ'|'KE'|'KI'|'KP'|'KR'|'KW'|'KG'|'LA'|'LV'|'LB'|'LS'|'LR'|'LY'|'LI'|'LT'|'LU'|'MO'|'MK'|'MG'|'MW'|'MY'|'MV'|'ML'|'MT'|'MH'|'MQ'|'MR'|'MU'|'YT'|'MX'|'FM'|'MD'|'MC'|'MN'|'ME'|'MS'|'MA'|'MZ'|'MM'|'NA'|'NR'|'NP'|'NL'|'NC'|'NZ'|'NI'|'NE'|'NG'|'NU'|'NF'|'MP'|'NO'|'OM'|'PK'|'PW'|'PS'|'PA'|'PG'|'PY'|'PE'|'PH'|'PN'|'PL'|'PT'|'PR'|'QA'|'RE'|'RO'|'RU'|'RW'|'BL'|'SH'|'KN'|'LC'|'MF'|'PM'|'VC'|'WS'|'SM'|'ST'|'SA'|'SN'|'RS'|'SC'|'SL'|'SG'|'SX'|'SK'|'SI'|'SB'|'SO'|'ZA'|'GS'|'SS'|'ES'|'LK'|'SD'|'SR'|'SJ'|'SZ'|'SE'|'CH'|'SY'|'TW'|'TJ'|'TZ'|'TH'|'TL'|'TG'|'TK'|'TO'|'TT'|'TN'|'TR'|'TM'|'TC'|'TV'|'UG'|'UA'|'AE'|'GB'|'US'|'UM'|'UY'|'UZ'|'VU'|'VE'|'VN'|'VG'|'VI'|'WF'|'EH'|'YE'|'ZM'|'ZW'|'XK',
],
'ForwardedIPConfig': {
'HeaderName': 'string',
'FallbackBehavior': 'MATCH'|'NO_MATCH'
}
},
'RuleGroupReferenceStatement': {
'ARN': 'string',
'ExcludedRules': [
{
'Name': 'string'
},
],
'RuleActionOverrides': [
{
'Name': 'string',
'ActionToUse': {
'Block': {
'CustomResponse': {
'ResponseCode': 123,
'CustomResponseBodyKey': 'string',
'ResponseHeaders': [
{
'Name': 'string',
'Value': 'string'
},
]
}
},
'Allow': {
'CustomRequestHandling': {
'InsertHeaders': [
{
'Name': 'string',
'Value': 'string'
},
]
}
},
'Count': {
'CustomRequestHandling': {
'InsertHeaders': [
{
'Name': 'string',
'Value': 'string'
},
]
}
},
'Captcha': {
'CustomRequestHandling': {
'InsertHeaders': [
{
'Name': 'string',
'Value': 'string'
},
]
}
},
'Challenge': {
'CustomRequestHandling': {
'InsertHeaders': [
{
'Name': 'string',
'Value': 'string'
},
]
}
}
}
},
]
},
'IPSetReferenceStatement': {
'ARN': 'string',
'IPSetForwardedIPConfig': {
'HeaderName': 'string',
'FallbackBehavior': 'MATCH'|'NO_MATCH',
'Position': 'FIRST'|'LAST'|'ANY'
}
},
'RegexPatternSetReferenceStatement': {
'ARN': 'string',
'FieldToMatch': {
'SingleHeader': {
'Name': 'string'
},
'SingleQueryArgument': {
'Name': 'string'
},
'AllQueryArguments': {}
,
'UriPath': {}
,
'QueryString': {}
,
'Body': {
'OversizeHandling': 'CONTINUE'|'MATCH'|'NO_MATCH'
},
'Method': {}
,
'JsonBody': {
'MatchPattern': {
'All': {}
,
'IncludedPaths': [
'string',
]
},
'MatchScope': 'ALL'|'KEY'|'VALUE',
'InvalidFallbackBehavior': 'MATCH'|'NO_MATCH'|'EVALUATE_AS_STRING',
'OversizeHandling': 'CONTINUE'|'MATCH'|'NO_MATCH'
},
'Headers': {
'MatchPattern': {
'All': {}
,
'IncludedHeaders': [
'string',
],
'ExcludedHeaders': [
'string',
]
},
'MatchScope': 'ALL'|'KEY'|'VALUE',
'OversizeHandling': 'CONTINUE'|'MATCH'|'NO_MATCH'
},
'Cookies': {
'MatchPattern': {
'All': {}
,
'IncludedCookies': [
'string',
],
'ExcludedCookies': [
'string',
]
},
'MatchScope': 'ALL'|'KEY'|'VALUE',
'OversizeHandling': 'CONTINUE'|'MATCH'|'NO_MATCH'
},
'HeaderOrder': {
'OversizeHandling': 'CONTINUE'|'MATCH'|'NO_MATCH'
},
'JA3Fingerprint': {
'FallbackBehavior': 'MATCH'|'NO_MATCH'
},
'JA4Fingerprint': {
'FallbackBehavior': 'MATCH'|'NO_MATCH'
},
'UriFragment': {
'FallbackBehavior': 'MATCH'|'NO_MATCH'
}
},
'TextTransformations': [
{
'Priority': 123,
'Type': 'NONE'|'COMPRESS_WHITE_SPACE'|'HTML_ENTITY_DECODE'|'LOWERCASE'|'CMD_LINE'|'URL_DECODE'|'BASE64_DECODE'|'HEX_DECODE'|'MD5'|'REPLACE_COMMENTS'|'ESCAPE_SEQ_DECODE'|'SQL_HEX_DECODE'|'CSS_DECODE'|'JS_DECODE'|'NORMALIZE_PATH'|'NORMALIZE_PATH_WIN'|'REMOVE_NULLS'|'REPLACE_NULLS'|'BASE64_DECODE_EXT'|'URL_DECODE_UNI'|'UTF8_TO_UNICODE'
},
]
},
'RateBasedStatement': {
'Limit': 123,
'EvaluationWindowSec': 123,
'AggregateKeyType': 'IP'|'FORWARDED_IP'|'CUSTOM_KEYS'|'CONSTANT',
'ScopeDownStatement': {'... recursive ...'},
'ForwardedIPConfig': {
'HeaderName': 'string',
'FallbackBehavior': 'MATCH'|'NO_MATCH'
},
'CustomKeys': [
{
'Header': {
'Name': 'string',
'TextTransformations': [
{
'Priority': 123,
'Type': 'NONE'|'COMPRESS_WHITE_SPACE'|'HTML_ENTITY_DECODE'|'LOWERCASE'|'CMD_LINE'|'URL_DECODE'|'BASE64_DECODE'|'HEX_DECODE'|'MD5'|'REPLACE_COMMENTS'|'ESCAPE_SEQ_DECODE'|'SQL_HEX_DECODE'|'CSS_DECODE'|'JS_DECODE'|'NORMALIZE_PATH'|'NORMALIZE_PATH_WIN'|'REMOVE_NULLS'|'REPLACE_NULLS'|'BASE64_DECODE_EXT'|'URL_DECODE_UNI'|'UTF8_TO_UNICODE'
},
]
},
'Cookie': {
'Name': 'string',
'TextTransformations': [
{
'Priority': 123,
'Type': 'NONE'|'COMPRESS_WHITE_SPACE'|'HTML_ENTITY_DECODE'|'LOWERCASE'|'CMD_LINE'|'URL_DECODE'|'BASE64_DECODE'|'HEX_DECODE'|'MD5'|'REPLACE_COMMENTS'|'ESCAPE_SEQ_DECODE'|'SQL_HEX_DECODE'|'CSS_DECODE'|'JS_DECODE'|'NORMALIZE_PATH'|'NORMALIZE_PATH_WIN'|'REMOVE_NULLS'|'REPLACE_NULLS'|'BASE64_DECODE_EXT'|'URL_DECODE_UNI'|'UTF8_TO_UNICODE'
},
]
},
'QueryArgument': {
'Name': 'string',
'TextTransformations': [
{
'Priority': 123,
'Type': 'NONE'|'COMPRESS_WHITE_SPACE'|'HTML_ENTITY_DECODE'|'LOWERCASE'|'CMD_LINE'|'URL_DECODE'|'BASE64_DECODE'|'HEX_DECODE'|'MD5'|'REPLACE_COMMENTS'|'ESCAPE_SEQ_DECODE'|'SQL_HEX_DECODE'|'CSS_DECODE'|'JS_DECODE'|'NORMALIZE_PATH'|'NORMALIZE_PATH_WIN'|'REMOVE_NULLS'|'REPLACE_NULLS'|'BASE64_DECODE_EXT'|'URL_DECODE_UNI'|'UTF8_TO_UNICODE'
},
]
},
'QueryString': {
'TextTransformations': [
{
'Priority': 123,
'Type': 'NONE'|'COMPRESS_WHITE_SPACE'|'HTML_ENTITY_DECODE'|'LOWERCASE'|'CMD_LINE'|'URL_DECODE'|'BASE64_DECODE'|'HEX_DECODE'|'MD5'|'REPLACE_COMMENTS'|'ESCAPE_SEQ_DECODE'|'SQL_HEX_DECODE'|'CSS_DECODE'|'JS_DECODE'|'NORMALIZE_PATH'|'NORMALIZE_PATH_WIN'|'REMOVE_NULLS'|'REPLACE_NULLS'|'BASE64_DECODE_EXT'|'URL_DECODE_UNI'|'UTF8_TO_UNICODE'
},
]
},
'HTTPMethod': {}
,
'ForwardedIP': {}
,
'IP': {}
,
'LabelNamespace': {
'Namespace': 'string'
},
'UriPath': {
'TextTransformations': [
{
'Priority': 123,
'Type': 'NONE'|'COMPRESS_WHITE_SPACE'|'HTML_ENTITY_DECODE'|'LOWERCASE'|'CMD_LINE'|'URL_DECODE'|'BASE64_DECODE'|'HEX_DECODE'|'MD5'|'REPLACE_COMMENTS'|'ESCAPE_SEQ_DECODE'|'SQL_HEX_DECODE'|'CSS_DECODE'|'JS_DECODE'|'NORMALIZE_PATH'|'NORMALIZE_PATH_WIN'|'REMOVE_NULLS'|'REPLACE_NULLS'|'BASE64_DECODE_EXT'|'URL_DECODE_UNI'|'UTF8_TO_UNICODE'
},
]
},
'JA3Fingerprint': {
'FallbackBehavior': 'MATCH'|'NO_MATCH'
},
'JA4Fingerprint': {
'FallbackBehavior': 'MATCH'|'NO_MATCH'
},
'ASN': {}
},
]
},
'AndStatement': {
'Statements': [
{'... recursive ...'},
]
},
'OrStatement': {
'Statements': [
{'... recursive ...'},
]
},
'NotStatement': {
'Statement': {'... recursive ...'}
},
'ManagedRuleGroupStatement': {
'VendorName': 'string',
'Name': 'string',
'Version': 'string',
'ExcludedRules': [
{
'Name': 'string'
},
],
'ScopeDownStatement': {'... recursive ...'},
'ManagedRuleGroupConfigs': [
{
'LoginPath': 'string',
'PayloadType': 'JSON'|'FORM_ENCODED',
'UsernameField': {
'Identifier': 'string'
},
'PasswordField': {
'Identifier': 'string'
},
'AWSManagedRulesBotControlRuleSet': {
'InspectionLevel': 'COMMON'|'TARGETED',
'EnableMachineLearning': True|False
},
'AWSManagedRulesATPRuleSet': {
'LoginPath': 'string',
'RequestInspection': {
'PayloadType': 'JSON'|'FORM_ENCODED',
'UsernameField': {
'Identifier': 'string'
},
'PasswordField': {
'Identifier': 'string'
}
},
'ResponseInspection': {
'StatusCode': {
'SuccessCodes': [
123,
],
'FailureCodes': [
123,
]
},
'Header': {
'Name': 'string',
'SuccessValues': [
'string',
],
'FailureValues': [
'string',
]
},
'BodyContains': {
'SuccessStrings': [
'string',
],
'FailureStrings': [
'string',
]
},
'Json': {
'Identifier': 'string',
'SuccessValues': [
'string',
],
'FailureValues': [
'string',
]
}
},
'EnableRegexInPath': True|False
},
'AWSManagedRulesACFPRuleSet': {
'CreationPath': 'string',
'RegistrationPagePath': 'string',
'RequestInspection': {
'PayloadType': 'JSON'|'FORM_ENCODED',
'UsernameField': {
'Identifier': 'string'
},
'PasswordField': {
'Identifier': 'string'
},
'EmailField': {
'Identifier': 'string'
},
'PhoneNumberFields': [
{
'Identifier': 'string'
},
],
'AddressFields': [
{
'Identifier': 'string'
},
]
},
'ResponseInspection': {
'StatusCode': {
'SuccessCodes': [
123,
],
'FailureCodes': [
123,
]
},
'Header': {
'Name': 'string',
'SuccessValues': [
'string',
],
'FailureValues': [
'string',
]
},
'BodyContains': {
'SuccessStrings': [
'string',
],
'FailureStrings': [
'string',
]
},
'Json': {
'Identifier': 'string',
'SuccessValues': [
'string',
],
'FailureValues': [
'string',
]
}
},
'EnableRegexInPath': True|False
},
'AWSManagedRulesAntiDDoSRuleSet': {
'ClientSideActionConfig': {
'Challenge': {
'UsageOfAction': 'ENABLED'|'DISABLED',
'Sensitivity': 'LOW'|'MEDIUM'|'HIGH',
'ExemptUriRegularExpressions': [
{
'RegexString': 'string'
},
]
}
},
'SensitivityToBlock': 'LOW'|'MEDIUM'|'HIGH'
}
},
],
'RuleActionOverrides': [
{
'Name': 'string',
'ActionToUse': {
'Block': {
'CustomResponse': {
'ResponseCode': 123,
'CustomResponseBodyKey': 'string',
'ResponseHeaders': [
{
'Name': 'string',
'Value': 'string'
},
]
}
},
'Allow': {
'CustomRequestHandling': {
'InsertHeaders': [
{
'Name': 'string',
'Value': 'string'
},
]
}
},
'Count': {
'CustomRequestHandling': {
'InsertHeaders': [
{
'Name': 'string',
'Value': 'string'
},
]
}
},
'Captcha': {
'CustomRequestHandling': {
'InsertHeaders': [
{
'Name': 'string',
'Value': 'string'
},
]
}
},
'Challenge': {
'CustomRequestHandling': {
'InsertHeaders': [
{
'Name': 'string',
'Value': 'string'
},
]
}
}
}
},
]
},
'LabelMatchStatement': {
'Scope': 'LABEL'|'NAMESPACE',
'Key': 'string'
},
'RegexMatchStatement': {
'RegexString': 'string',
'FieldToMatch': {
'SingleHeader': {
'Name': 'string'
},
'SingleQueryArgument': {
'Name': 'string'
},
'AllQueryArguments': {}
,
'UriPath': {}
,
'QueryString': {}
,
'Body': {
'OversizeHandling': 'CONTINUE'|'MATCH'|'NO_MATCH'
},
'Method': {}
,
'JsonBody': {
'MatchPattern': {
'All': {}
,
'IncludedPaths': [
'string',
]
},
'MatchScope': 'ALL'|'KEY'|'VALUE',
'InvalidFallbackBehavior': 'MATCH'|'NO_MATCH'|'EVALUATE_AS_STRING',
'OversizeHandling': 'CONTINUE'|'MATCH'|'NO_MATCH'
},
'Headers': {
'MatchPattern': {
'All': {}
,
'IncludedHeaders': [
'string',
],
'ExcludedHeaders': [
'string',
]
},
'MatchScope': 'ALL'|'KEY'|'VALUE',
'OversizeHandling': 'CONTINUE'|'MATCH'|'NO_MATCH'
},
'Cookies': {
'MatchPattern': {
'All': {}
,
'IncludedCookies': [
'string',
],
'ExcludedCookies': [
'string',
]
},
'MatchScope': 'ALL'|'KEY'|'VALUE',
'OversizeHandling': 'CONTINUE'|'MATCH'|'NO_MATCH'
},
'HeaderOrder': {
'OversizeHandling': 'CONTINUE'|'MATCH'|'NO_MATCH'
},
'JA3Fingerprint': {
'FallbackBehavior': 'MATCH'|'NO_MATCH'
},
'JA4Fingerprint': {
'FallbackBehavior': 'MATCH'|'NO_MATCH'
},
'UriFragment': {
'FallbackBehavior': 'MATCH'|'NO_MATCH'
}
},
'TextTransformations': [
{
'Priority': 123,
'Type': 'NONE'|'COMPRESS_WHITE_SPACE'|'HTML_ENTITY_DECODE'|'LOWERCASE'|'CMD_LINE'|'URL_DECODE'|'BASE64_DECODE'|'HEX_DECODE'|'MD5'|'REPLACE_COMMENTS'|'ESCAPE_SEQ_DECODE'|'SQL_HEX_DECODE'|'CSS_DECODE'|'JS_DECODE'|'NORMALIZE_PATH'|'NORMALIZE_PATH_WIN'|'REMOVE_NULLS'|'REPLACE_NULLS'|'BASE64_DECODE_EXT'|'URL_DECODE_UNI'|'UTF8_TO_UNICODE'
},
]
},
'AsnMatchStatement': {
'AsnList': [
123,
],
'ForwardedIPConfig': {
'HeaderName': 'string',
'FallbackBehavior': 'MATCH'|'NO_MATCH'
}
}
},
'Action': {
'Block': {
'CustomResponse': {
'ResponseCode': 123,
'CustomResponseBodyKey': 'string',
'ResponseHeaders': [
{
'Name': 'string',
'Value': 'string'
},
]
}
},
'Allow': {
'CustomRequestHandling': {
'InsertHeaders': [
{
'Name': 'string',
'Value': 'string'
},
]
}
},
'Count': {
'CustomRequestHandling': {
'InsertHeaders': [
{
'Name': 'string',
'Value': 'string'
},
]
}
},
'Captcha': {
'CustomRequestHandling': {
'InsertHeaders': [
{
'Name': 'string',
'Value': 'string'
},
]
}
},
'Challenge': {
'CustomRequestHandling': {
'InsertHeaders': [
{
'Name': 'string',
'Value': 'string'
},
]
}
}
},
'OverrideAction': {
'Count': {
'CustomRequestHandling': {
'InsertHeaders': [
{
'Name': 'string',
'Value': 'string'
},
]
}
},
'None': {}
},
'RuleLabels': [
{
'Name': 'string'
},
],
'VisibilityConfig': {
'SampledRequestsEnabled': True|False,
'CloudWatchMetricsEnabled': True|False,
'MetricName': 'string'
},
'CaptchaConfig': {
'ImmunityTimeProperty': {
'ImmunityTime': 123
}
},
'ChallengeConfig': {
'ImmunityTimeProperty': {
'ImmunityTime': 123
}
}
},
],
VisibilityConfig={
'SampledRequestsEnabled': True|False,
'CloudWatchMetricsEnabled': True|False,
'MetricName': 'string'
},
DataProtectionConfig={
'DataProtections': [
{
'Field': {
'FieldType': 'SINGLE_HEADER'|'SINGLE_COOKIE'|'SINGLE_QUERY_ARGUMENT'|'QUERY_STRING'|'BODY',
'FieldKeys': [
'string',
]
},
'Action': 'SUBSTITUTION'|'HASH',
'ExcludeRuleMatchDetails': True|False,
'ExcludeRateBasedDetails': True|False
},
]
},
Tags=[
{
'Key': 'string',
'Value': 'string'
},
],
CustomResponseBodies={
'string': {
'ContentType': 'TEXT_PLAIN'|'TEXT_HTML'|'APPLICATION_JSON',
'Content': 'string'
}
},
CaptchaConfig={
'ImmunityTimeProperty': {
'ImmunityTime': 123
}
},
ChallengeConfig={
'ImmunityTimeProperty': {
'ImmunityTime': 123
}
},
TokenDomains=[
'string',
],
AssociationConfig={
'RequestBody': {
'string': {
'DefaultSizeInspectionLimit': 'KB_16'|'KB_32'|'KB_48'|'KB_64'
}
}
},
OnSourceDDoSProtectionConfig={
'ALBLowReputationMode': 'ACTIVE_UNDER_DDOS'|'ALWAYS_ON'
}
)
**Parameters**
::
# This section is too large to render.
# Please see the AWS API Documentation linked below.
`AWS API Documentation <https://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/CreateWebACL>`_
dict
Response Syntax
{
'Summary': {
'Name': 'string',
'Id': 'string',
'Description': 'string',
'LockToken': 'string',
'ARN': 'string'
}
}
Response Structure
(dict) --
Summary (dict) --
High-level information about a WebACL, returned by operations like create and list. This provides information like the ID, that you can use to retrieve and manage a WebACL, and the ARN, that you provide to operations like AssociateWebACL.
Name (string) --
The name of the web ACL. You cannot change the name of a web ACL after you create it.
Id (string) --
The unique identifier for the web ACL. This ID is returned in the responses to create and list commands. You provide it to operations like update and delete.
Description (string) --
A description of the web ACL that helps with identification.
LockToken (string) --
A token used for optimistic locking. WAF returns a token to your get and list requests, to mark the state of the entity at the time of the request. To make changes to the entity associated with the token, you provide the token to operations like update and delete. WAF uses the token to ensure that no changes have been made to the entity since you last retrieved it. If a change has been made, the update fails with a WAFOptimisticLockException. If this happens, perform another get, and use the new token returned by that operation.
ARN (string) --
The Amazon Resource Name (ARN) of the entity.
{'RuleGroup': {'Rules': {'Statement': {'ManagedRuleGroupStatement': {'ManagedRuleGroupConfigs': {'AWSManagedRulesAntiDDoSRuleSet': {'ClientSideActionConfig': {'Challenge': {'ExemptUriRegularExpressions': [{'RegexString': 'string'}],
'Sensitivity': 'LOW '
'| '
'MEDIUM '
'| '
'HIGH',
'UsageOfAction': 'ENABLED '
'| '
'DISABLED'}},
'SensitivityToBlock': 'LOW '
'| '
'MEDIUM '
'| '
'HIGH'}}}}}}}
Retrieves the specified RuleGroup.
See also: AWS API Documentation
Request Syntax
client.get_rule_group(
Name='string',
Scope='CLOUDFRONT'|'REGIONAL',
Id='string',
ARN='string'
)
string
The name of the rule group. You cannot change the name of a rule group after you create it.
string
Specifies whether this is for a global resource type, such as a Amazon CloudFront distribution. For an Amplify application, use CLOUDFRONT.
To work with CloudFront, you must also specify the Region US East (N. Virginia) as follows:
CLI - Specify the Region when you use the CloudFront scope: --scope=CLOUDFRONT --region=us-east-1.
API and SDKs - For all calls, use the Region endpoint us-east-1.
string
A unique identifier for the rule group. This ID is returned in the responses to create and list commands. You provide it to operations like update and delete.
string
The Amazon Resource Name (ARN) of the entity.
dict
Response Syntax
{
'RuleGroup': {
'Name': 'string',
'Id': 'string',
'Capacity': 123,
'ARN': 'string',
'Description': 'string',
'Rules': [
{
'Name': 'string',
'Priority': 123,
'Statement': {
'ByteMatchStatement': {
'SearchString': b'bytes',
'FieldToMatch': {
'SingleHeader': {
'Name': 'string'
},
'SingleQueryArgument': {
'Name': 'string'
},
'AllQueryArguments': {},
'UriPath': {},
'QueryString': {},
'Body': {
'OversizeHandling': 'CONTINUE'|'MATCH'|'NO_MATCH'
},
'Method': {},
'JsonBody': {
'MatchPattern': {
'All': {},
'IncludedPaths': [
'string',
]
},
'MatchScope': 'ALL'|'KEY'|'VALUE',
'InvalidFallbackBehavior': 'MATCH'|'NO_MATCH'|'EVALUATE_AS_STRING',
'OversizeHandling': 'CONTINUE'|'MATCH'|'NO_MATCH'
},
'Headers': {
'MatchPattern': {
'All': {},
'IncludedHeaders': [
'string',
],
'ExcludedHeaders': [
'string',
]
},
'MatchScope': 'ALL'|'KEY'|'VALUE',
'OversizeHandling': 'CONTINUE'|'MATCH'|'NO_MATCH'
},
'Cookies': {
'MatchPattern': {
'All': {},
'IncludedCookies': [
'string',
],
'ExcludedCookies': [
'string',
]
},
'MatchScope': 'ALL'|'KEY'|'VALUE',
'OversizeHandling': 'CONTINUE'|'MATCH'|'NO_MATCH'
},
'HeaderOrder': {
'OversizeHandling': 'CONTINUE'|'MATCH'|'NO_MATCH'
},
'JA3Fingerprint': {
'FallbackBehavior': 'MATCH'|'NO_MATCH'
},
'JA4Fingerprint': {
'FallbackBehavior': 'MATCH'|'NO_MATCH'
},
'UriFragment': {
'FallbackBehavior': 'MATCH'|'NO_MATCH'
}
},
'TextTransformations': [
{
'Priority': 123,
'Type': 'NONE'|'COMPRESS_WHITE_SPACE'|'HTML_ENTITY_DECODE'|'LOWERCASE'|'CMD_LINE'|'URL_DECODE'|'BASE64_DECODE'|'HEX_DECODE'|'MD5'|'REPLACE_COMMENTS'|'ESCAPE_SEQ_DECODE'|'SQL_HEX_DECODE'|'CSS_DECODE'|'JS_DECODE'|'NORMALIZE_PATH'|'NORMALIZE_PATH_WIN'|'REMOVE_NULLS'|'REPLACE_NULLS'|'BASE64_DECODE_EXT'|'URL_DECODE_UNI'|'UTF8_TO_UNICODE'
},
],
'PositionalConstraint': 'EXACTLY'|'STARTS_WITH'|'ENDS_WITH'|'CONTAINS'|'CONTAINS_WORD'
},
'SqliMatchStatement': {
'FieldToMatch': {
'SingleHeader': {
'Name': 'string'
},
'SingleQueryArgument': {
'Name': 'string'
},
'AllQueryArguments': {},
'UriPath': {},
'QueryString': {},
'Body': {
'OversizeHandling': 'CONTINUE'|'MATCH'|'NO_MATCH'
},
'Method': {},
'JsonBody': {
'MatchPattern': {
'All': {},
'IncludedPaths': [
'string',
]
},
'MatchScope': 'ALL'|'KEY'|'VALUE',
'InvalidFallbackBehavior': 'MATCH'|'NO_MATCH'|'EVALUATE_AS_STRING',
'OversizeHandling': 'CONTINUE'|'MATCH'|'NO_MATCH'
},
'Headers': {
'MatchPattern': {
'All': {},
'IncludedHeaders': [
'string',
],
'ExcludedHeaders': [
'string',
]
},
'MatchScope': 'ALL'|'KEY'|'VALUE',
'OversizeHandling': 'CONTINUE'|'MATCH'|'NO_MATCH'
},
'Cookies': {
'MatchPattern': {
'All': {},
'IncludedCookies': [
'string',
],
'ExcludedCookies': [
'string',
]
},
'MatchScope': 'ALL'|'KEY'|'VALUE',
'OversizeHandling': 'CONTINUE'|'MATCH'|'NO_MATCH'
},
'HeaderOrder': {
'OversizeHandling': 'CONTINUE'|'MATCH'|'NO_MATCH'
},
'JA3Fingerprint': {
'FallbackBehavior': 'MATCH'|'NO_MATCH'
},
'JA4Fingerprint': {
'FallbackBehavior': 'MATCH'|'NO_MATCH'
},
'UriFragment': {
'FallbackBehavior': 'MATCH'|'NO_MATCH'
}
},
'TextTransformations': [
{
'Priority': 123,
'Type': 'NONE'|'COMPRESS_WHITE_SPACE'|'HTML_ENTITY_DECODE'|'LOWERCASE'|'CMD_LINE'|'URL_DECODE'|'BASE64_DECODE'|'HEX_DECODE'|'MD5'|'REPLACE_COMMENTS'|'ESCAPE_SEQ_DECODE'|'SQL_HEX_DECODE'|'CSS_DECODE'|'JS_DECODE'|'NORMALIZE_PATH'|'NORMALIZE_PATH_WIN'|'REMOVE_NULLS'|'REPLACE_NULLS'|'BASE64_DECODE_EXT'|'URL_DECODE_UNI'|'UTF8_TO_UNICODE'
},
],
'SensitivityLevel': 'LOW'|'HIGH'
},
'XssMatchStatement': {
'FieldToMatch': {
'SingleHeader': {
'Name': 'string'
},
'SingleQueryArgument': {
'Name': 'string'
},
'AllQueryArguments': {},
'UriPath': {},
'QueryString': {},
'Body': {
'OversizeHandling': 'CONTINUE'|'MATCH'|'NO_MATCH'
},
'Method': {},
'JsonBody': {
'MatchPattern': {
'All': {},
'IncludedPaths': [
'string',
]
},
'MatchScope': 'ALL'|'KEY'|'VALUE',
'InvalidFallbackBehavior': 'MATCH'|'NO_MATCH'|'EVALUATE_AS_STRING',
'OversizeHandling': 'CONTINUE'|'MATCH'|'NO_MATCH'
},
'Headers': {
'MatchPattern': {
'All': {},
'IncludedHeaders': [
'string',
],
'ExcludedHeaders': [
'string',
]
},
'MatchScope': 'ALL'|'KEY'|'VALUE',
'OversizeHandling': 'CONTINUE'|'MATCH'|'NO_MATCH'
},
'Cookies': {
'MatchPattern': {
'All': {},
'IncludedCookies': [
'string',
],
'ExcludedCookies': [
'string',
]
},
'MatchScope': 'ALL'|'KEY'|'VALUE',
'OversizeHandling': 'CONTINUE'|'MATCH'|'NO_MATCH'
},
'HeaderOrder': {
'OversizeHandling': 'CONTINUE'|'MATCH'|'NO_MATCH'
},
'JA3Fingerprint': {
'FallbackBehavior': 'MATCH'|'NO_MATCH'
},
'JA4Fingerprint': {
'FallbackBehavior': 'MATCH'|'NO_MATCH'
},
'UriFragment': {
'FallbackBehavior': 'MATCH'|'NO_MATCH'
}
},
'TextTransformations': [
{
'Priority': 123,
'Type': 'NONE'|'COMPRESS_WHITE_SPACE'|'HTML_ENTITY_DECODE'|'LOWERCASE'|'CMD_LINE'|'URL_DECODE'|'BASE64_DECODE'|'HEX_DECODE'|'MD5'|'REPLACE_COMMENTS'|'ESCAPE_SEQ_DECODE'|'SQL_HEX_DECODE'|'CSS_DECODE'|'JS_DECODE'|'NORMALIZE_PATH'|'NORMALIZE_PATH_WIN'|'REMOVE_NULLS'|'REPLACE_NULLS'|'BASE64_DECODE_EXT'|'URL_DECODE_UNI'|'UTF8_TO_UNICODE'
},
]
},
'SizeConstraintStatement': {
'FieldToMatch': {
'SingleHeader': {
'Name': 'string'
},
'SingleQueryArgument': {
'Name': 'string'
},
'AllQueryArguments': {},
'UriPath': {},
'QueryString': {},
'Body': {
'OversizeHandling': 'CONTINUE'|'MATCH'|'NO_MATCH'
},
'Method': {},
'JsonBody': {
'MatchPattern': {
'All': {},
'IncludedPaths': [
'string',
]
},
'MatchScope': 'ALL'|'KEY'|'VALUE',
'InvalidFallbackBehavior': 'MATCH'|'NO_MATCH'|'EVALUATE_AS_STRING',
'OversizeHandling': 'CONTINUE'|'MATCH'|'NO_MATCH'
},
'Headers': {
'MatchPattern': {
'All': {},
'IncludedHeaders': [
'string',
],
'ExcludedHeaders': [
'string',
]
},
'MatchScope': 'ALL'|'KEY'|'VALUE',
'OversizeHandling': 'CONTINUE'|'MATCH'|'NO_MATCH'
},
'Cookies': {
'MatchPattern': {
'All': {},
'IncludedCookies': [
'string',
],
'ExcludedCookies': [
'string',
]
},
'MatchScope': 'ALL'|'KEY'|'VALUE',
'OversizeHandling': 'CONTINUE'|'MATCH'|'NO_MATCH'
},
'HeaderOrder': {
'OversizeHandling': 'CONTINUE'|'MATCH'|'NO_MATCH'
},
'JA3Fingerprint': {
'FallbackBehavior': 'MATCH'|'NO_MATCH'
},
'JA4Fingerprint': {
'FallbackBehavior': 'MATCH'|'NO_MATCH'
},
'UriFragment': {
'FallbackBehavior': 'MATCH'|'NO_MATCH'
}
},
'ComparisonOperator': 'EQ'|'NE'|'LE'|'LT'|'GE'|'GT',
'Size': 123,
'TextTransformations': [
{
'Priority': 123,
'Type': 'NONE'|'COMPRESS_WHITE_SPACE'|'HTML_ENTITY_DECODE'|'LOWERCASE'|'CMD_LINE'|'URL_DECODE'|'BASE64_DECODE'|'HEX_DECODE'|'MD5'|'REPLACE_COMMENTS'|'ESCAPE_SEQ_DECODE'|'SQL_HEX_DECODE'|'CSS_DECODE'|'JS_DECODE'|'NORMALIZE_PATH'|'NORMALIZE_PATH_WIN'|'REMOVE_NULLS'|'REPLACE_NULLS'|'BASE64_DECODE_EXT'|'URL_DECODE_UNI'|'UTF8_TO_UNICODE'
},
]
},
'GeoMatchStatement': {
'CountryCodes': [
'AF'|'AX'|'AL'|'DZ'|'AS'|'AD'|'AO'|'AI'|'AQ'|'AG'|'AR'|'AM'|'AW'|'AU'|'AT'|'AZ'|'BS'|'BH'|'BD'|'BB'|'BY'|'BE'|'BZ'|'BJ'|'BM'|'BT'|'BO'|'BQ'|'BA'|'BW'|'BV'|'BR'|'IO'|'BN'|'BG'|'BF'|'BI'|'KH'|'CM'|'CA'|'CV'|'KY'|'CF'|'TD'|'CL'|'CN'|'CX'|'CC'|'CO'|'KM'|'CG'|'CD'|'CK'|'CR'|'CI'|'HR'|'CU'|'CW'|'CY'|'CZ'|'DK'|'DJ'|'DM'|'DO'|'EC'|'EG'|'SV'|'GQ'|'ER'|'EE'|'ET'|'FK'|'FO'|'FJ'|'FI'|'FR'|'GF'|'PF'|'TF'|'GA'|'GM'|'GE'|'DE'|'GH'|'GI'|'GR'|'GL'|'GD'|'GP'|'GU'|'GT'|'GG'|'GN'|'GW'|'GY'|'HT'|'HM'|'VA'|'HN'|'HK'|'HU'|'IS'|'IN'|'ID'|'IR'|'IQ'|'IE'|'IM'|'IL'|'IT'|'JM'|'JP'|'JE'|'JO'|'KZ'|'KE'|'KI'|'KP'|'KR'|'KW'|'KG'|'LA'|'LV'|'LB'|'LS'|'LR'|'LY'|'LI'|'LT'|'LU'|'MO'|'MK'|'MG'|'MW'|'MY'|'MV'|'ML'|'MT'|'MH'|'MQ'|'MR'|'MU'|'YT'|'MX'|'FM'|'MD'|'MC'|'MN'|'ME'|'MS'|'MA'|'MZ'|'MM'|'NA'|'NR'|'NP'|'NL'|'NC'|'NZ'|'NI'|'NE'|'NG'|'NU'|'NF'|'MP'|'NO'|'OM'|'PK'|'PW'|'PS'|'PA'|'PG'|'PY'|'PE'|'PH'|'PN'|'PL'|'PT'|'PR'|'QA'|'RE'|'RO'|'RU'|'RW'|'BL'|'SH'|'KN'|'LC'|'MF'|'PM'|'VC'|'WS'|'SM'|'ST'|'SA'|'SN'|'RS'|'SC'|'SL'|'SG'|'SX'|'SK'|'SI'|'SB'|'SO'|'ZA'|'GS'|'SS'|'ES'|'LK'|'SD'|'SR'|'SJ'|'SZ'|'SE'|'CH'|'SY'|'TW'|'TJ'|'TZ'|'TH'|'TL'|'TG'|'TK'|'TO'|'TT'|'TN'|'TR'|'TM'|'TC'|'TV'|'UG'|'UA'|'AE'|'GB'|'US'|'UM'|'UY'|'UZ'|'VU'|'VE'|'VN'|'VG'|'VI'|'WF'|'EH'|'YE'|'ZM'|'ZW'|'XK',
],
'ForwardedIPConfig': {
'HeaderName': 'string',
'FallbackBehavior': 'MATCH'|'NO_MATCH'
}
},
'RuleGroupReferenceStatement': {
'ARN': 'string',
'ExcludedRules': [
{
'Name': 'string'
},
],
'RuleActionOverrides': [
{
'Name': 'string',
'ActionToUse': {
'Block': {
'CustomResponse': {
'ResponseCode': 123,
'CustomResponseBodyKey': 'string',
'ResponseHeaders': [
{
'Name': 'string',
'Value': 'string'
},
]
}
},
'Allow': {
'CustomRequestHandling': {
'InsertHeaders': [
{
'Name': 'string',
'Value': 'string'
},
]
}
},
'Count': {
'CustomRequestHandling': {
'InsertHeaders': [
{
'Name': 'string',
'Value': 'string'
},
]
}
},
'Captcha': {
'CustomRequestHandling': {
'InsertHeaders': [
{
'Name': 'string',
'Value': 'string'
},
]
}
},
'Challenge': {
'CustomRequestHandling': {
'InsertHeaders': [
{
'Name': 'string',
'Value': 'string'
},
]
}
}
}
},
]
},
'IPSetReferenceStatement': {
'ARN': 'string',
'IPSetForwardedIPConfig': {
'HeaderName': 'string',
'FallbackBehavior': 'MATCH'|'NO_MATCH',
'Position': 'FIRST'|'LAST'|'ANY'
}
},
'RegexPatternSetReferenceStatement': {
'ARN': 'string',
'FieldToMatch': {
'SingleHeader': {
'Name': 'string'
},
'SingleQueryArgument': {
'Name': 'string'
},
'AllQueryArguments': {},
'UriPath': {},
'QueryString': {},
'Body': {
'OversizeHandling': 'CONTINUE'|'MATCH'|'NO_MATCH'
},
'Method': {},
'JsonBody': {
'MatchPattern': {
'All': {},
'IncludedPaths': [
'string',
]
},
'MatchScope': 'ALL'|'KEY'|'VALUE',
'InvalidFallbackBehavior': 'MATCH'|'NO_MATCH'|'EVALUATE_AS_STRING',
'OversizeHandling': 'CONTINUE'|'MATCH'|'NO_MATCH'
},
'Headers': {
'MatchPattern': {
'All': {},
'IncludedHeaders': [
'string',
],
'ExcludedHeaders': [
'string',
]
},
'MatchScope': 'ALL'|'KEY'|'VALUE',
'OversizeHandling': 'CONTINUE'|'MATCH'|'NO_MATCH'
},
'Cookies': {
'MatchPattern': {
'All': {},
'IncludedCookies': [
'string',
],
'ExcludedCookies': [
'string',
]
},
'MatchScope': 'ALL'|'KEY'|'VALUE',
'OversizeHandling': 'CONTINUE'|'MATCH'|'NO_MATCH'
},
'HeaderOrder': {
'OversizeHandling': 'CONTINUE'|'MATCH'|'NO_MATCH'
},
'JA3Fingerprint': {
'FallbackBehavior': 'MATCH'|'NO_MATCH'
},
'JA4Fingerprint': {
'FallbackBehavior': 'MATCH'|'NO_MATCH'
},
'UriFragment': {
'FallbackBehavior': 'MATCH'|'NO_MATCH'
}
},
'TextTransformations': [
{
'Priority': 123,
'Type': 'NONE'|'COMPRESS_WHITE_SPACE'|'HTML_ENTITY_DECODE'|'LOWERCASE'|'CMD_LINE'|'URL_DECODE'|'BASE64_DECODE'|'HEX_DECODE'|'MD5'|'REPLACE_COMMENTS'|'ESCAPE_SEQ_DECODE'|'SQL_HEX_DECODE'|'CSS_DECODE'|'JS_DECODE'|'NORMALIZE_PATH'|'NORMALIZE_PATH_WIN'|'REMOVE_NULLS'|'REPLACE_NULLS'|'BASE64_DECODE_EXT'|'URL_DECODE_UNI'|'UTF8_TO_UNICODE'
},
]
},
'RateBasedStatement': {
'Limit': 123,
'EvaluationWindowSec': 123,
'AggregateKeyType': 'IP'|'FORWARDED_IP'|'CUSTOM_KEYS'|'CONSTANT',
'ScopeDownStatement': {'... recursive ...'},
'ForwardedIPConfig': {
'HeaderName': 'string',
'FallbackBehavior': 'MATCH'|'NO_MATCH'
},
'CustomKeys': [
{
'Header': {
'Name': 'string',
'TextTransformations': [
{
'Priority': 123,
'Type': 'NONE'|'COMPRESS_WHITE_SPACE'|'HTML_ENTITY_DECODE'|'LOWERCASE'|'CMD_LINE'|'URL_DECODE'|'BASE64_DECODE'|'HEX_DECODE'|'MD5'|'REPLACE_COMMENTS'|'ESCAPE_SEQ_DECODE'|'SQL_HEX_DECODE'|'CSS_DECODE'|'JS_DECODE'|'NORMALIZE_PATH'|'NORMALIZE_PATH_WIN'|'REMOVE_NULLS'|'REPLACE_NULLS'|'BASE64_DECODE_EXT'|'URL_DECODE_UNI'|'UTF8_TO_UNICODE'
},
]
},
'Cookie': {
'Name': 'string',
'TextTransformations': [
{
'Priority': 123,
'Type': 'NONE'|'COMPRESS_WHITE_SPACE'|'HTML_ENTITY_DECODE'|'LOWERCASE'|'CMD_LINE'|'URL_DECODE'|'BASE64_DECODE'|'HEX_DECODE'|'MD5'|'REPLACE_COMMENTS'|'ESCAPE_SEQ_DECODE'|'SQL_HEX_DECODE'|'CSS_DECODE'|'JS_DECODE'|'NORMALIZE_PATH'|'NORMALIZE_PATH_WIN'|'REMOVE_NULLS'|'REPLACE_NULLS'|'BASE64_DECODE_EXT'|'URL_DECODE_UNI'|'UTF8_TO_UNICODE'
},
]
},
'QueryArgument': {
'Name': 'string',
'TextTransformations': [
{
'Priority': 123,
'Type': 'NONE'|'COMPRESS_WHITE_SPACE'|'HTML_ENTITY_DECODE'|'LOWERCASE'|'CMD_LINE'|'URL_DECODE'|'BASE64_DECODE'|'HEX_DECODE'|'MD5'|'REPLACE_COMMENTS'|'ESCAPE_SEQ_DECODE'|'SQL_HEX_DECODE'|'CSS_DECODE'|'JS_DECODE'|'NORMALIZE_PATH'|'NORMALIZE_PATH_WIN'|'REMOVE_NULLS'|'REPLACE_NULLS'|'BASE64_DECODE_EXT'|'URL_DECODE_UNI'|'UTF8_TO_UNICODE'
},
]
},
'QueryString': {
'TextTransformations': [
{
'Priority': 123,
'Type': 'NONE'|'COMPRESS_WHITE_SPACE'|'HTML_ENTITY_DECODE'|'LOWERCASE'|'CMD_LINE'|'URL_DECODE'|'BASE64_DECODE'|'HEX_DECODE'|'MD5'|'REPLACE_COMMENTS'|'ESCAPE_SEQ_DECODE'|'SQL_HEX_DECODE'|'CSS_DECODE'|'JS_DECODE'|'NORMALIZE_PATH'|'NORMALIZE_PATH_WIN'|'REMOVE_NULLS'|'REPLACE_NULLS'|'BASE64_DECODE_EXT'|'URL_DECODE_UNI'|'UTF8_TO_UNICODE'
},
]
},
'HTTPMethod': {},
'ForwardedIP': {},
'IP': {},
'LabelNamespace': {
'Namespace': 'string'
},
'UriPath': {
'TextTransformations': [
{
'Priority': 123,
'Type': 'NONE'|'COMPRESS_WHITE_SPACE'|'HTML_ENTITY_DECODE'|'LOWERCASE'|'CMD_LINE'|'URL_DECODE'|'BASE64_DECODE'|'HEX_DECODE'|'MD5'|'REPLACE_COMMENTS'|'ESCAPE_SEQ_DECODE'|'SQL_HEX_DECODE'|'CSS_DECODE'|'JS_DECODE'|'NORMALIZE_PATH'|'NORMALIZE_PATH_WIN'|'REMOVE_NULLS'|'REPLACE_NULLS'|'BASE64_DECODE_EXT'|'URL_DECODE_UNI'|'UTF8_TO_UNICODE'
},
]
},
'JA3Fingerprint': {
'FallbackBehavior': 'MATCH'|'NO_MATCH'
},
'JA4Fingerprint': {
'FallbackBehavior': 'MATCH'|'NO_MATCH'
},
'ASN': {}
},
]
},
'AndStatement': {
'Statements': [
{'... recursive ...'},
]
},
'OrStatement': {
'Statements': [
{'... recursive ...'},
]
},
'NotStatement': {
'Statement': {'... recursive ...'}
},
'ManagedRuleGroupStatement': {
'VendorName': 'string',
'Name': 'string',
'Version': 'string',
'ExcludedRules': [
{
'Name': 'string'
},
],
'ScopeDownStatement': {'... recursive ...'},
'ManagedRuleGroupConfigs': [
{
'LoginPath': 'string',
'PayloadType': 'JSON'|'FORM_ENCODED',
'UsernameField': {
'Identifier': 'string'
},
'PasswordField': {
'Identifier': 'string'
},
'AWSManagedRulesBotControlRuleSet': {
'InspectionLevel': 'COMMON'|'TARGETED',
'EnableMachineLearning': True|False
},
'AWSManagedRulesATPRuleSet': {
'LoginPath': 'string',
'RequestInspection': {
'PayloadType': 'JSON'|'FORM_ENCODED',
'UsernameField': {
'Identifier': 'string'
},
'PasswordField': {
'Identifier': 'string'
}
},
'ResponseInspection': {
'StatusCode': {
'SuccessCodes': [
123,
],
'FailureCodes': [
123,
]
},
'Header': {
'Name': 'string',
'SuccessValues': [
'string',
],
'FailureValues': [
'string',
]
},
'BodyContains': {
'SuccessStrings': [
'string',
],
'FailureStrings': [
'string',
]
},
'Json': {
'Identifier': 'string',
'SuccessValues': [
'string',
],
'FailureValues': [
'string',
]
}
},
'EnableRegexInPath': True|False
},
'AWSManagedRulesACFPRuleSet': {
'CreationPath': 'string',
'RegistrationPagePath': 'string',
'RequestInspection': {
'PayloadType': 'JSON'|'FORM_ENCODED',
'UsernameField': {
'Identifier': 'string'
},
'PasswordField': {
'Identifier': 'string'
},
'EmailField': {
'Identifier': 'string'
},
'PhoneNumberFields': [
{
'Identifier': 'string'
},
],
'AddressFields': [
{
'Identifier': 'string'
},
]
},
'ResponseInspection': {
'StatusCode': {
'SuccessCodes': [
123,
],
'FailureCodes': [
123,
]
},
'Header': {
'Name': 'string',
'SuccessValues': [
'string',
],
'FailureValues': [
'string',
]
},
'BodyContains': {
'SuccessStrings': [
'string',
],
'FailureStrings': [
'string',
]
},
'Json': {
'Identifier': 'string',
'SuccessValues': [
'string',
],
'FailureValues': [
'string',
]
}
},
'EnableRegexInPath': True|False
},
'AWSManagedRulesAntiDDoSRuleSet': {
'ClientSideActionConfig': {
'Challenge': {
'UsageOfAction': 'ENABLED'|'DISABLED',
'Sensitivity': 'LOW'|'MEDIUM'|'HIGH',
'ExemptUriRegularExpressions': [
{
'RegexString': 'string'
},
]
}
},
'SensitivityToBlock': 'LOW'|'MEDIUM'|'HIGH'
}
},
],
'RuleActionOverrides': [
{
'Name': 'string',
'ActionToUse': {
'Block': {
'CustomResponse': {
'ResponseCode': 123,
'CustomResponseBodyKey': 'string',
'ResponseHeaders': [
{
'Name': 'string',
'Value': 'string'
},
]
}
},
'Allow': {
'CustomRequestHandling': {
'InsertHeaders': [
{
'Name': 'string',
'Value': 'string'
},
]
}
},
'Count': {
'CustomRequestHandling': {
'InsertHeaders': [
{
'Name': 'string',
'Value': 'string'
},
]
}
},
'Captcha': {
'CustomRequestHandling': {
'InsertHeaders': [
{
'Name': 'string',
'Value': 'string'
},
]
}
},
'Challenge': {
'CustomRequestHandling': {
'InsertHeaders': [
{
'Name': 'string',
'Value': 'string'
},
]
}
}
}
},
]
},
'LabelMatchStatement': {
'Scope': 'LABEL'|'NAMESPACE',
'Key': 'string'
},
'RegexMatchStatement': {
'RegexString': 'string',
'FieldToMatch': {
'SingleHeader': {
'Name': 'string'
},
'SingleQueryArgument': {
'Name': 'string'
},
'AllQueryArguments': {},
'UriPath': {},
'QueryString': {},
'Body': {
'OversizeHandling': 'CONTINUE'|'MATCH'|'NO_MATCH'
},
'Method': {},
'JsonBody': {
'MatchPattern': {
'All': {},
'IncludedPaths': [
'string',
]
},
'MatchScope': 'ALL'|'KEY'|'VALUE',
'InvalidFallbackBehavior': 'MATCH'|'NO_MATCH'|'EVALUATE_AS_STRING',
'OversizeHandling': 'CONTINUE'|'MATCH'|'NO_MATCH'
},
'Headers': {
'MatchPattern': {
'All': {},
'IncludedHeaders': [
'string',
],
'ExcludedHeaders': [
'string',
]
},
'MatchScope': 'ALL'|'KEY'|'VALUE',
'OversizeHandling': 'CONTINUE'|'MATCH'|'NO_MATCH'
},
'Cookies': {
'MatchPattern': {
'All': {},
'IncludedCookies': [
'string',
],
'ExcludedCookies': [
'string',
]
},
'MatchScope': 'ALL'|'KEY'|'VALUE',
'OversizeHandling': 'CONTINUE'|'MATCH'|'NO_MATCH'
},
'HeaderOrder': {
'OversizeHandling': 'CONTINUE'|'MATCH'|'NO_MATCH'
},
'JA3Fingerprint': {
'FallbackBehavior': 'MATCH'|'NO_MATCH'
},
'JA4Fingerprint': {
'FallbackBehavior': 'MATCH'|'NO_MATCH'
},
'UriFragment': {
'FallbackBehavior': 'MATCH'|'NO_MATCH'
}
},
'TextTransformations': [
{
'Priority': 123,
'Type': 'NONE'|'COMPRESS_WHITE_SPACE'|'HTML_ENTITY_DECODE'|'LOWERCASE'|'CMD_LINE'|'URL_DECODE'|'BASE64_DECODE'|'HEX_DECODE'|'MD5'|'REPLACE_COMMENTS'|'ESCAPE_SEQ_DECODE'|'SQL_HEX_DECODE'|'CSS_DECODE'|'JS_DECODE'|'NORMALIZE_PATH'|'NORMALIZE_PATH_WIN'|'REMOVE_NULLS'|'REPLACE_NULLS'|'BASE64_DECODE_EXT'|'URL_DECODE_UNI'|'UTF8_TO_UNICODE'
},
]
},
'AsnMatchStatement': {
'AsnList': [
123,
],
'ForwardedIPConfig': {
'HeaderName': 'string',
'FallbackBehavior': 'MATCH'|'NO_MATCH'
}
}
},
'Action': {
'Block': {
'CustomResponse': {
'ResponseCode': 123,
'CustomResponseBodyKey': 'string',
'ResponseHeaders': [
{
'Name': 'string',
'Value': 'string'
},
]
}
},
'Allow': {
'CustomRequestHandling': {
'InsertHeaders': [
{
'Name': 'string',
'Value': 'string'
},
]
}
},
'Count': {
'CustomRequestHandling': {
'InsertHeaders': [
{
'Name': 'string',
'Value': 'string'
},
]
}
},
'Captcha': {
'CustomRequestHandling': {
'InsertHeaders': [
{
'Name': 'string',
'Value': 'string'
},
]
}
},
'Challenge': {
'CustomRequestHandling': {
'InsertHeaders': [
{
'Name': 'string',
'Value': 'string'
},
]
}
}
},
'OverrideAction': {
'Count': {
'CustomRequestHandling': {
'InsertHeaders': [
{
'Name': 'string',
'Value': 'string'
},
]
}
},
'None': {}
},
'RuleLabels': [
{
'Name': 'string'
},
],
'VisibilityConfig': {
'SampledRequestsEnabled': True|False,
'CloudWatchMetricsEnabled': True|False,
'MetricName': 'string'
},
'CaptchaConfig': {
'ImmunityTimeProperty': {
'ImmunityTime': 123
}
},
'ChallengeConfig': {
'ImmunityTimeProperty': {
'ImmunityTime': 123
}
}
},
],
'VisibilityConfig': {
'SampledRequestsEnabled': True|False,
'CloudWatchMetricsEnabled': True|False,
'MetricName': 'string'
},
'LabelNamespace': 'string',
'CustomResponseBodies': {
'string': {
'ContentType': 'TEXT_PLAIN'|'TEXT_HTML'|'APPLICATION_JSON',
'Content': 'string'
}
},
'AvailableLabels': [
{
'Name': 'string'
},
],
'ConsumedLabels': [
{
'Name': 'string'
},
]
},
'LockToken': 'string'
}
**Response Structure**
::
# This section is too large to render.
# Please see the AWS API Documentation linked below.
`AWS API Documentation <https://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/GetRuleGroup>`_
{'WebACL': {'OnSourceDDoSProtectionConfig': {'ALBLowReputationMode': 'ACTIVE_UNDER_DDOS '
'| '
'ALWAYS_ON'},
'PostProcessFirewallManagerRuleGroups': {'FirewallManagerStatement': {'ManagedRuleGroupStatement': {'ManagedRuleGroupConfigs': {'AWSManagedRulesAntiDDoSRuleSet': {'ClientSideActionConfig': {'Challenge': {'ExemptUriRegularExpressions': [{'RegexString': 'string'}],
'Sensitivity': 'LOW '
'| '
'MEDIUM '
'| '
'HIGH',
'UsageOfAction': 'ENABLED '
'| '
'DISABLED'}},
'SensitivityToBlock': 'LOW '
'| '
'MEDIUM '
'| '
'HIGH'}}}}},
'PreProcessFirewallManagerRuleGroups': {'FirewallManagerStatement': {'ManagedRuleGroupStatement': {'ManagedRuleGroupConfigs': {'AWSManagedRulesAntiDDoSRuleSet': {'ClientSideActionConfig': {'Challenge': {'ExemptUriRegularExpressions': [{'RegexString': 'string'}],
'Sensitivity': 'LOW '
'| '
'MEDIUM '
'| '
'HIGH',
'UsageOfAction': 'ENABLED '
'| '
'DISABLED'}},
'SensitivityToBlock': 'LOW '
'| '
'MEDIUM '
'| '
'HIGH'}}}}},
'Rules': {'Statement': {'ManagedRuleGroupStatement': {'ManagedRuleGroupConfigs': {'AWSManagedRulesAntiDDoSRuleSet': {'ClientSideActionConfig': {'Challenge': {'ExemptUriRegularExpressions': [{'RegexString': 'string'}],
'Sensitivity': 'LOW '
'| '
'MEDIUM '
'| '
'HIGH',
'UsageOfAction': 'ENABLED '
'| '
'DISABLED'}},
'SensitivityToBlock': 'LOW '
'| '
'MEDIUM '
'| '
'HIGH'}}}}}}}
Retrieves the specified WebACL.
See also: AWS API Documentation
Request Syntax
client.get_web_acl(
Name='string',
Scope='CLOUDFRONT'|'REGIONAL',
Id='string',
ARN='string'
)
string
The name of the web ACL. You cannot change the name of a web ACL after you create it.
string
Specifies whether this is for a global resource type, such as a Amazon CloudFront distribution. For an Amplify application, use CLOUDFRONT.
To work with CloudFront, you must also specify the Region US East (N. Virginia) as follows:
CLI - Specify the Region when you use the CloudFront scope: --scope=CLOUDFRONT --region=us-east-1.
API and SDKs - For all calls, use the Region endpoint us-east-1.
string
The unique identifier for the web ACL. This ID is returned in the responses to create and list commands. You provide it to operations like update and delete.
string
The Amazon Resource Name (ARN) of the web ACL that you want to retrieve.
dict
Response Syntax
# This section is too large to render. # Please see the AWS API Documentation linked below.
Response Structure
# This section is too large to render. # Please see the AWS API Documentation linked below.
{'WebACL': {'OnSourceDDoSProtectionConfig': {'ALBLowReputationMode': 'ACTIVE_UNDER_DDOS '
'| '
'ALWAYS_ON'},
'PostProcessFirewallManagerRuleGroups': {'FirewallManagerStatement': {'ManagedRuleGroupStatement': {'ManagedRuleGroupConfigs': {'AWSManagedRulesAntiDDoSRuleSet': {'ClientSideActionConfig': {'Challenge': {'ExemptUriRegularExpressions': [{'RegexString': 'string'}],
'Sensitivity': 'LOW '
'| '
'MEDIUM '
'| '
'HIGH',
'UsageOfAction': 'ENABLED '
'| '
'DISABLED'}},
'SensitivityToBlock': 'LOW '
'| '
'MEDIUM '
'| '
'HIGH'}}}}},
'PreProcessFirewallManagerRuleGroups': {'FirewallManagerStatement': {'ManagedRuleGroupStatement': {'ManagedRuleGroupConfigs': {'AWSManagedRulesAntiDDoSRuleSet': {'ClientSideActionConfig': {'Challenge': {'ExemptUriRegularExpressions': [{'RegexString': 'string'}],
'Sensitivity': 'LOW '
'| '
'MEDIUM '
'| '
'HIGH',
'UsageOfAction': 'ENABLED '
'| '
'DISABLED'}},
'SensitivityToBlock': 'LOW '
'| '
'MEDIUM '
'| '
'HIGH'}}}}},
'Rules': {'Statement': {'ManagedRuleGroupStatement': {'ManagedRuleGroupConfigs': {'AWSManagedRulesAntiDDoSRuleSet': {'ClientSideActionConfig': {'Challenge': {'ExemptUriRegularExpressions': [{'RegexString': 'string'}],
'Sensitivity': 'LOW '
'| '
'MEDIUM '
'| '
'HIGH',
'UsageOfAction': 'ENABLED '
'| '
'DISABLED'}},
'SensitivityToBlock': 'LOW '
'| '
'MEDIUM '
'| '
'HIGH'}}}}}}}
Retrieves the WebACL for the specified resource.
This call uses GetWebACL, to verify that your account has permission to access the retrieved web ACL. If you get an error that indicates that your account isn't authorized to perform wafv2:GetWebACL on the resource, that error won't be included in your CloudTrail event history.
For Amazon CloudFront, don't use this call. Instead, call the CloudFront action GetDistributionConfig. For information, see GetDistributionConfig in the Amazon CloudFront API Reference.
Required permissions for customer-managed IAM policies
This call requires permissions that are specific to the protected resource type. For details, see Permissions for GetWebACLForResource in the WAF Developer Guide.
See also: AWS API Documentation
Request Syntax
client.get_web_acl_for_resource(
ResourceArn='string'
)
string
[REQUIRED]
The Amazon Resource Name (ARN) of the resource whose web ACL you want to retrieve.
The ARN must be in one of the following formats:
For an Application Load Balancer: arn:partition:elasticloadbalancing:region:account-id:loadbalancer/app/load-balancer-name/load-balancer-id
For an Amazon API Gateway REST API: arn:partition:apigateway:region::/restapis/api-id/stages/stage-name
For an AppSync GraphQL API: arn:partition:appsync:region:account-id:apis/GraphQLApiId
For an Amazon Cognito user pool: arn:partition:cognito-idp:region:account-id:userpool/user-pool-id
For an App Runner service: arn:partition:apprunner:region:account-id:service/apprunner-service-name/apprunner-service-id
For an Amazon Web Services Verified Access instance: arn:partition:ec2:region:account-id:verified-access-instance/instance-id
For an Amplify application: arn:partition:amplify:region:account-id:apps/app-id
dict
Response Syntax
# This section is too large to render. # Please see the AWS API Documentation linked below.
Response Structure
# This section is too large to render. # Please see the AWS API Documentation linked below.
{'Rules': {'Statement': {'ManagedRuleGroupStatement': {'ManagedRuleGroupConfigs': {'AWSManagedRulesAntiDDoSRuleSet': {'ClientSideActionConfig': {'Challenge': {'ExemptUriRegularExpressions': [{'RegexString': 'string'}],
'Sensitivity': 'LOW '
'| '
'MEDIUM '
'| '
'HIGH',
'UsageOfAction': 'ENABLED '
'| '
'DISABLED'}},
'SensitivityToBlock': 'LOW '
'| '
'MEDIUM '
'| '
'HIGH'}}}}}}
Updates the specified RuleGroup.
A rule group defines a collection of rules to inspect and control web requests that you can use in a WebACL. When you create a rule group, you define an immutable capacity limit. If you update a rule group, you must stay within the capacity. This allows others to reuse the rule group with confidence in its capacity requirements.
Temporary inconsistencies during updates
When you create or change a web ACL or other WAF resources, the changes take a small amount of time to propagate to all areas where the resources are stored. The propagation time can be from a few seconds to a number of minutes.
The following are examples of the temporary inconsistencies that you might notice during change propagation:
After you create a web ACL, if you try to associate it with a resource, you might get an exception indicating that the web ACL is unavailable.
After you add a rule group to a web ACL, the new rule group rules might be in effect in one area where the web ACL is used and not in another.
After you change a rule action setting, you might see the old action in some places and the new action in others.
After you add an IP address to an IP set that is in use in a blocking rule, the new address might be blocked in one area while still allowed in another.
See also: AWS API Documentation
Request Syntax
client.update_rule_group(
Name='string',
Scope='CLOUDFRONT'|'REGIONAL',
Id='string',
Description='string',
Rules=[
{
'Name': 'string',
'Priority': 123,
'Statement': {
'ByteMatchStatement': {
'SearchString': b'bytes',
'FieldToMatch': {
'SingleHeader': {
'Name': 'string'
},
'SingleQueryArgument': {
'Name': 'string'
},
'AllQueryArguments': {}
,
'UriPath': {}
,
'QueryString': {}
,
'Body': {
'OversizeHandling': 'CONTINUE'|'MATCH'|'NO_MATCH'
},
'Method': {}
,
'JsonBody': {
'MatchPattern': {
'All': {}
,
'IncludedPaths': [
'string',
]
},
'MatchScope': 'ALL'|'KEY'|'VALUE',
'InvalidFallbackBehavior': 'MATCH'|'NO_MATCH'|'EVALUATE_AS_STRING',
'OversizeHandling': 'CONTINUE'|'MATCH'|'NO_MATCH'
},
'Headers': {
'MatchPattern': {
'All': {}
,
'IncludedHeaders': [
'string',
],
'ExcludedHeaders': [
'string',
]
},
'MatchScope': 'ALL'|'KEY'|'VALUE',
'OversizeHandling': 'CONTINUE'|'MATCH'|'NO_MATCH'
},
'Cookies': {
'MatchPattern': {
'All': {}
,
'IncludedCookies': [
'string',
],
'ExcludedCookies': [
'string',
]
},
'MatchScope': 'ALL'|'KEY'|'VALUE',
'OversizeHandling': 'CONTINUE'|'MATCH'|'NO_MATCH'
},
'HeaderOrder': {
'OversizeHandling': 'CONTINUE'|'MATCH'|'NO_MATCH'
},
'JA3Fingerprint': {
'FallbackBehavior': 'MATCH'|'NO_MATCH'
},
'JA4Fingerprint': {
'FallbackBehavior': 'MATCH'|'NO_MATCH'
},
'UriFragment': {
'FallbackBehavior': 'MATCH'|'NO_MATCH'
}
},
'TextTransformations': [
{
'Priority': 123,
'Type': 'NONE'|'COMPRESS_WHITE_SPACE'|'HTML_ENTITY_DECODE'|'LOWERCASE'|'CMD_LINE'|'URL_DECODE'|'BASE64_DECODE'|'HEX_DECODE'|'MD5'|'REPLACE_COMMENTS'|'ESCAPE_SEQ_DECODE'|'SQL_HEX_DECODE'|'CSS_DECODE'|'JS_DECODE'|'NORMALIZE_PATH'|'NORMALIZE_PATH_WIN'|'REMOVE_NULLS'|'REPLACE_NULLS'|'BASE64_DECODE_EXT'|'URL_DECODE_UNI'|'UTF8_TO_UNICODE'
},
],
'PositionalConstraint': 'EXACTLY'|'STARTS_WITH'|'ENDS_WITH'|'CONTAINS'|'CONTAINS_WORD'
},
'SqliMatchStatement': {
'FieldToMatch': {
'SingleHeader': {
'Name': 'string'
},
'SingleQueryArgument': {
'Name': 'string'
},
'AllQueryArguments': {}
,
'UriPath': {}
,
'QueryString': {}
,
'Body': {
'OversizeHandling': 'CONTINUE'|'MATCH'|'NO_MATCH'
},
'Method': {}
,
'JsonBody': {
'MatchPattern': {
'All': {}
,
'IncludedPaths': [
'string',
]
},
'MatchScope': 'ALL'|'KEY'|'VALUE',
'InvalidFallbackBehavior': 'MATCH'|'NO_MATCH'|'EVALUATE_AS_STRING',
'OversizeHandling': 'CONTINUE'|'MATCH'|'NO_MATCH'
},
'Headers': {
'MatchPattern': {
'All': {}
,
'IncludedHeaders': [
'string',
],
'ExcludedHeaders': [
'string',
]
},
'MatchScope': 'ALL'|'KEY'|'VALUE',
'OversizeHandling': 'CONTINUE'|'MATCH'|'NO_MATCH'
},
'Cookies': {
'MatchPattern': {
'All': {}
,
'IncludedCookies': [
'string',
],
'ExcludedCookies': [
'string',
]
},
'MatchScope': 'ALL'|'KEY'|'VALUE',
'OversizeHandling': 'CONTINUE'|'MATCH'|'NO_MATCH'
},
'HeaderOrder': {
'OversizeHandling': 'CONTINUE'|'MATCH'|'NO_MATCH'
},
'JA3Fingerprint': {
'FallbackBehavior': 'MATCH'|'NO_MATCH'
},
'JA4Fingerprint': {
'FallbackBehavior': 'MATCH'|'NO_MATCH'
},
'UriFragment': {
'FallbackBehavior': 'MATCH'|'NO_MATCH'
}
},
'TextTransformations': [
{
'Priority': 123,
'Type': 'NONE'|'COMPRESS_WHITE_SPACE'|'HTML_ENTITY_DECODE'|'LOWERCASE'|'CMD_LINE'|'URL_DECODE'|'BASE64_DECODE'|'HEX_DECODE'|'MD5'|'REPLACE_COMMENTS'|'ESCAPE_SEQ_DECODE'|'SQL_HEX_DECODE'|'CSS_DECODE'|'JS_DECODE'|'NORMALIZE_PATH'|'NORMALIZE_PATH_WIN'|'REMOVE_NULLS'|'REPLACE_NULLS'|'BASE64_DECODE_EXT'|'URL_DECODE_UNI'|'UTF8_TO_UNICODE'
},
],
'SensitivityLevel': 'LOW'|'HIGH'
},
'XssMatchStatement': {
'FieldToMatch': {
'SingleHeader': {
'Name': 'string'
},
'SingleQueryArgument': {
'Name': 'string'
},
'AllQueryArguments': {}
,
'UriPath': {}
,
'QueryString': {}
,
'Body': {
'OversizeHandling': 'CONTINUE'|'MATCH'|'NO_MATCH'
},
'Method': {}
,
'JsonBody': {
'MatchPattern': {
'All': {}
,
'IncludedPaths': [
'string',
]
},
'MatchScope': 'ALL'|'KEY'|'VALUE',
'InvalidFallbackBehavior': 'MATCH'|'NO_MATCH'|'EVALUATE_AS_STRING',
'OversizeHandling': 'CONTINUE'|'MATCH'|'NO_MATCH'
},
'Headers': {
'MatchPattern': {
'All': {}
,
'IncludedHeaders': [
'string',
],
'ExcludedHeaders': [
'string',
]
},
'MatchScope': 'ALL'|'KEY'|'VALUE',
'OversizeHandling': 'CONTINUE'|'MATCH'|'NO_MATCH'
},
'Cookies': {
'MatchPattern': {
'All': {}
,
'IncludedCookies': [
'string',
],
'ExcludedCookies': [
'string',
]
},
'MatchScope': 'ALL'|'KEY'|'VALUE',
'OversizeHandling': 'CONTINUE'|'MATCH'|'NO_MATCH'
},
'HeaderOrder': {
'OversizeHandling': 'CONTINUE'|'MATCH'|'NO_MATCH'
},
'JA3Fingerprint': {
'FallbackBehavior': 'MATCH'|'NO_MATCH'
},
'JA4Fingerprint': {
'FallbackBehavior': 'MATCH'|'NO_MATCH'
},
'UriFragment': {
'FallbackBehavior': 'MATCH'|'NO_MATCH'
}
},
'TextTransformations': [
{
'Priority': 123,
'Type': 'NONE'|'COMPRESS_WHITE_SPACE'|'HTML_ENTITY_DECODE'|'LOWERCASE'|'CMD_LINE'|'URL_DECODE'|'BASE64_DECODE'|'HEX_DECODE'|'MD5'|'REPLACE_COMMENTS'|'ESCAPE_SEQ_DECODE'|'SQL_HEX_DECODE'|'CSS_DECODE'|'JS_DECODE'|'NORMALIZE_PATH'|'NORMALIZE_PATH_WIN'|'REMOVE_NULLS'|'REPLACE_NULLS'|'BASE64_DECODE_EXT'|'URL_DECODE_UNI'|'UTF8_TO_UNICODE'
},
]
},
'SizeConstraintStatement': {
'FieldToMatch': {
'SingleHeader': {
'Name': 'string'
},
'SingleQueryArgument': {
'Name': 'string'
},
'AllQueryArguments': {}
,
'UriPath': {}
,
'QueryString': {}
,
'Body': {
'OversizeHandling': 'CONTINUE'|'MATCH'|'NO_MATCH'
},
'Method': {}
,
'JsonBody': {
'MatchPattern': {
'All': {}
,
'IncludedPaths': [
'string',
]
},
'MatchScope': 'ALL'|'KEY'|'VALUE',
'InvalidFallbackBehavior': 'MATCH'|'NO_MATCH'|'EVALUATE_AS_STRING',
'OversizeHandling': 'CONTINUE'|'MATCH'|'NO_MATCH'
},
'Headers': {
'MatchPattern': {
'All': {}
,
'IncludedHeaders': [
'string',
],
'ExcludedHeaders': [
'string',
]
},
'MatchScope': 'ALL'|'KEY'|'VALUE',
'OversizeHandling': 'CONTINUE'|'MATCH'|'NO_MATCH'
},
'Cookies': {
'MatchPattern': {
'All': {}
,
'IncludedCookies': [
'string',
],
'ExcludedCookies': [
'string',
]
},
'MatchScope': 'ALL'|'KEY'|'VALUE',
'OversizeHandling': 'CONTINUE'|'MATCH'|'NO_MATCH'
},
'HeaderOrder': {
'OversizeHandling': 'CONTINUE'|'MATCH'|'NO_MATCH'
},
'JA3Fingerprint': {
'FallbackBehavior': 'MATCH'|'NO_MATCH'
},
'JA4Fingerprint': {
'FallbackBehavior': 'MATCH'|'NO_MATCH'
},
'UriFragment': {
'FallbackBehavior': 'MATCH'|'NO_MATCH'
}
},
'ComparisonOperator': 'EQ'|'NE'|'LE'|'LT'|'GE'|'GT',
'Size': 123,
'TextTransformations': [
{
'Priority': 123,
'Type': 'NONE'|'COMPRESS_WHITE_SPACE'|'HTML_ENTITY_DECODE'|'LOWERCASE'|'CMD_LINE'|'URL_DECODE'|'BASE64_DECODE'|'HEX_DECODE'|'MD5'|'REPLACE_COMMENTS'|'ESCAPE_SEQ_DECODE'|'SQL_HEX_DECODE'|'CSS_DECODE'|'JS_DECODE'|'NORMALIZE_PATH'|'NORMALIZE_PATH_WIN'|'REMOVE_NULLS'|'REPLACE_NULLS'|'BASE64_DECODE_EXT'|'URL_DECODE_UNI'|'UTF8_TO_UNICODE'
},
]
},
'GeoMatchStatement': {
'CountryCodes': [
'AF'|'AX'|'AL'|'DZ'|'AS'|'AD'|'AO'|'AI'|'AQ'|'AG'|'AR'|'AM'|'AW'|'AU'|'AT'|'AZ'|'BS'|'BH'|'BD'|'BB'|'BY'|'BE'|'BZ'|'BJ'|'BM'|'BT'|'BO'|'BQ'|'BA'|'BW'|'BV'|'BR'|'IO'|'BN'|'BG'|'BF'|'BI'|'KH'|'CM'|'CA'|'CV'|'KY'|'CF'|'TD'|'CL'|'CN'|'CX'|'CC'|'CO'|'KM'|'CG'|'CD'|'CK'|'CR'|'CI'|'HR'|'CU'|'CW'|'CY'|'CZ'|'DK'|'DJ'|'DM'|'DO'|'EC'|'EG'|'SV'|'GQ'|'ER'|'EE'|'ET'|'FK'|'FO'|'FJ'|'FI'|'FR'|'GF'|'PF'|'TF'|'GA'|'GM'|'GE'|'DE'|'GH'|'GI'|'GR'|'GL'|'GD'|'GP'|'GU'|'GT'|'GG'|'GN'|'GW'|'GY'|'HT'|'HM'|'VA'|'HN'|'HK'|'HU'|'IS'|'IN'|'ID'|'IR'|'IQ'|'IE'|'IM'|'IL'|'IT'|'JM'|'JP'|'JE'|'JO'|'KZ'|'KE'|'KI'|'KP'|'KR'|'KW'|'KG'|'LA'|'LV'|'LB'|'LS'|'LR'|'LY'|'LI'|'LT'|'LU'|'MO'|'MK'|'MG'|'MW'|'MY'|'MV'|'ML'|'MT'|'MH'|'MQ'|'MR'|'MU'|'YT'|'MX'|'FM'|'MD'|'MC'|'MN'|'ME'|'MS'|'MA'|'MZ'|'MM'|'NA'|'NR'|'NP'|'NL'|'NC'|'NZ'|'NI'|'NE'|'NG'|'NU'|'NF'|'MP'|'NO'|'OM'|'PK'|'PW'|'PS'|'PA'|'PG'|'PY'|'PE'|'PH'|'PN'|'PL'|'PT'|'PR'|'QA'|'RE'|'RO'|'RU'|'RW'|'BL'|'SH'|'KN'|'LC'|'MF'|'PM'|'VC'|'WS'|'SM'|'ST'|'SA'|'SN'|'RS'|'SC'|'SL'|'SG'|'SX'|'SK'|'SI'|'SB'|'SO'|'ZA'|'GS'|'SS'|'ES'|'LK'|'SD'|'SR'|'SJ'|'SZ'|'SE'|'CH'|'SY'|'TW'|'TJ'|'TZ'|'TH'|'TL'|'TG'|'TK'|'TO'|'TT'|'TN'|'TR'|'TM'|'TC'|'TV'|'UG'|'UA'|'AE'|'GB'|'US'|'UM'|'UY'|'UZ'|'VU'|'VE'|'VN'|'VG'|'VI'|'WF'|'EH'|'YE'|'ZM'|'ZW'|'XK',
],
'ForwardedIPConfig': {
'HeaderName': 'string',
'FallbackBehavior': 'MATCH'|'NO_MATCH'
}
},
'RuleGroupReferenceStatement': {
'ARN': 'string',
'ExcludedRules': [
{
'Name': 'string'
},
],
'RuleActionOverrides': [
{
'Name': 'string',
'ActionToUse': {
'Block': {
'CustomResponse': {
'ResponseCode': 123,
'CustomResponseBodyKey': 'string',
'ResponseHeaders': [
{
'Name': 'string',
'Value': 'string'
},
]
}
},
'Allow': {
'CustomRequestHandling': {
'InsertHeaders': [
{
'Name': 'string',
'Value': 'string'
},
]
}
},
'Count': {
'CustomRequestHandling': {
'InsertHeaders': [
{
'Name': 'string',
'Value': 'string'
},
]
}
},
'Captcha': {
'CustomRequestHandling': {
'InsertHeaders': [
{
'Name': 'string',
'Value': 'string'
},
]
}
},
'Challenge': {
'CustomRequestHandling': {
'InsertHeaders': [
{
'Name': 'string',
'Value': 'string'
},
]
}
}
}
},
]
},
'IPSetReferenceStatement': {
'ARN': 'string',
'IPSetForwardedIPConfig': {
'HeaderName': 'string',
'FallbackBehavior': 'MATCH'|'NO_MATCH',
'Position': 'FIRST'|'LAST'|'ANY'
}
},
'RegexPatternSetReferenceStatement': {
'ARN': 'string',
'FieldToMatch': {
'SingleHeader': {
'Name': 'string'
},
'SingleQueryArgument': {
'Name': 'string'
},
'AllQueryArguments': {}
,
'UriPath': {}
,
'QueryString': {}
,
'Body': {
'OversizeHandling': 'CONTINUE'|'MATCH'|'NO_MATCH'
},
'Method': {}
,
'JsonBody': {
'MatchPattern': {
'All': {}
,
'IncludedPaths': [
'string',
]
},
'MatchScope': 'ALL'|'KEY'|'VALUE',
'InvalidFallbackBehavior': 'MATCH'|'NO_MATCH'|'EVALUATE_AS_STRING',
'OversizeHandling': 'CONTINUE'|'MATCH'|'NO_MATCH'
},
'Headers': {
'MatchPattern': {
'All': {}
,
'IncludedHeaders': [
'string',
],
'ExcludedHeaders': [
'string',
]
},
'MatchScope': 'ALL'|'KEY'|'VALUE',
'OversizeHandling': 'CONTINUE'|'MATCH'|'NO_MATCH'
},
'Cookies': {
'MatchPattern': {
'All': {}
,
'IncludedCookies': [
'string',
],
'ExcludedCookies': [
'string',
]
},
'MatchScope': 'ALL'|'KEY'|'VALUE',
'OversizeHandling': 'CONTINUE'|'MATCH'|'NO_MATCH'
},
'HeaderOrder': {
'OversizeHandling': 'CONTINUE'|'MATCH'|'NO_MATCH'
},
'JA3Fingerprint': {
'FallbackBehavior': 'MATCH'|'NO_MATCH'
},
'JA4Fingerprint': {
'FallbackBehavior': 'MATCH'|'NO_MATCH'
},
'UriFragment': {
'FallbackBehavior': 'MATCH'|'NO_MATCH'
}
},
'TextTransformations': [
{
'Priority': 123,
'Type': 'NONE'|'COMPRESS_WHITE_SPACE'|'HTML_ENTITY_DECODE'|'LOWERCASE'|'CMD_LINE'|'URL_DECODE'|'BASE64_DECODE'|'HEX_DECODE'|'MD5'|'REPLACE_COMMENTS'|'ESCAPE_SEQ_DECODE'|'SQL_HEX_DECODE'|'CSS_DECODE'|'JS_DECODE'|'NORMALIZE_PATH'|'NORMALIZE_PATH_WIN'|'REMOVE_NULLS'|'REPLACE_NULLS'|'BASE64_DECODE_EXT'|'URL_DECODE_UNI'|'UTF8_TO_UNICODE'
},
]
},
'RateBasedStatement': {
'Limit': 123,
'EvaluationWindowSec': 123,
'AggregateKeyType': 'IP'|'FORWARDED_IP'|'CUSTOM_KEYS'|'CONSTANT',
'ScopeDownStatement': {'... recursive ...'},
'ForwardedIPConfig': {
'HeaderName': 'string',
'FallbackBehavior': 'MATCH'|'NO_MATCH'
},
'CustomKeys': [
{
'Header': {
'Name': 'string',
'TextTransformations': [
{
'Priority': 123,
'Type': 'NONE'|'COMPRESS_WHITE_SPACE'|'HTML_ENTITY_DECODE'|'LOWERCASE'|'CMD_LINE'|'URL_DECODE'|'BASE64_DECODE'|'HEX_DECODE'|'MD5'|'REPLACE_COMMENTS'|'ESCAPE_SEQ_DECODE'|'SQL_HEX_DECODE'|'CSS_DECODE'|'JS_DECODE'|'NORMALIZE_PATH'|'NORMALIZE_PATH_WIN'|'REMOVE_NULLS'|'REPLACE_NULLS'|'BASE64_DECODE_EXT'|'URL_DECODE_UNI'|'UTF8_TO_UNICODE'
},
]
},
'Cookie': {
'Name': 'string',
'TextTransformations': [
{
'Priority': 123,
'Type': 'NONE'|'COMPRESS_WHITE_SPACE'|'HTML_ENTITY_DECODE'|'LOWERCASE'|'CMD_LINE'|'URL_DECODE'|'BASE64_DECODE'|'HEX_DECODE'|'MD5'|'REPLACE_COMMENTS'|'ESCAPE_SEQ_DECODE'|'SQL_HEX_DECODE'|'CSS_DECODE'|'JS_DECODE'|'NORMALIZE_PATH'|'NORMALIZE_PATH_WIN'|'REMOVE_NULLS'|'REPLACE_NULLS'|'BASE64_DECODE_EXT'|'URL_DECODE_UNI'|'UTF8_TO_UNICODE'
},
]
},
'QueryArgument': {
'Name': 'string',
'TextTransformations': [
{
'Priority': 123,
'Type': 'NONE'|'COMPRESS_WHITE_SPACE'|'HTML_ENTITY_DECODE'|'LOWERCASE'|'CMD_LINE'|'URL_DECODE'|'BASE64_DECODE'|'HEX_DECODE'|'MD5'|'REPLACE_COMMENTS'|'ESCAPE_SEQ_DECODE'|'SQL_HEX_DECODE'|'CSS_DECODE'|'JS_DECODE'|'NORMALIZE_PATH'|'NORMALIZE_PATH_WIN'|'REMOVE_NULLS'|'REPLACE_NULLS'|'BASE64_DECODE_EXT'|'URL_DECODE_UNI'|'UTF8_TO_UNICODE'
},
]
},
'QueryString': {
'TextTransformations': [
{
'Priority': 123,
'Type': 'NONE'|'COMPRESS_WHITE_SPACE'|'HTML_ENTITY_DECODE'|'LOWERCASE'|'CMD_LINE'|'URL_DECODE'|'BASE64_DECODE'|'HEX_DECODE'|'MD5'|'REPLACE_COMMENTS'|'ESCAPE_SEQ_DECODE'|'SQL_HEX_DECODE'|'CSS_DECODE'|'JS_DECODE'|'NORMALIZE_PATH'|'NORMALIZE_PATH_WIN'|'REMOVE_NULLS'|'REPLACE_NULLS'|'BASE64_DECODE_EXT'|'URL_DECODE_UNI'|'UTF8_TO_UNICODE'
},
]
},
'HTTPMethod': {}
,
'ForwardedIP': {}
,
'IP': {}
,
'LabelNamespace': {
'Namespace': 'string'
},
'UriPath': {
'TextTransformations': [
{
'Priority': 123,
'Type': 'NONE'|'COMPRESS_WHITE_SPACE'|'HTML_ENTITY_DECODE'|'LOWERCASE'|'CMD_LINE'|'URL_DECODE'|'BASE64_DECODE'|'HEX_DECODE'|'MD5'|'REPLACE_COMMENTS'|'ESCAPE_SEQ_DECODE'|'SQL_HEX_DECODE'|'CSS_DECODE'|'JS_DECODE'|'NORMALIZE_PATH'|'NORMALIZE_PATH_WIN'|'REMOVE_NULLS'|'REPLACE_NULLS'|'BASE64_DECODE_EXT'|'URL_DECODE_UNI'|'UTF8_TO_UNICODE'
},
]
},
'JA3Fingerprint': {
'FallbackBehavior': 'MATCH'|'NO_MATCH'
},
'JA4Fingerprint': {
'FallbackBehavior': 'MATCH'|'NO_MATCH'
},
'ASN': {}
},
]
},
'AndStatement': {
'Statements': [
{'... recursive ...'},
]
},
'OrStatement': {
'Statements': [
{'... recursive ...'},
]
},
'NotStatement': {
'Statement': {'... recursive ...'}
},
'ManagedRuleGroupStatement': {
'VendorName': 'string',
'Name': 'string',
'Version': 'string',
'ExcludedRules': [
{
'Name': 'string'
},
],
'ScopeDownStatement': {'... recursive ...'},
'ManagedRuleGroupConfigs': [
{
'LoginPath': 'string',
'PayloadType': 'JSON'|'FORM_ENCODED',
'UsernameField': {
'Identifier': 'string'
},
'PasswordField': {
'Identifier': 'string'
},
'AWSManagedRulesBotControlRuleSet': {
'InspectionLevel': 'COMMON'|'TARGETED',
'EnableMachineLearning': True|False
},
'AWSManagedRulesATPRuleSet': {
'LoginPath': 'string',
'RequestInspection': {
'PayloadType': 'JSON'|'FORM_ENCODED',
'UsernameField': {
'Identifier': 'string'
},
'PasswordField': {
'Identifier': 'string'
}
},
'ResponseInspection': {
'StatusCode': {
'SuccessCodes': [
123,
],
'FailureCodes': [
123,
]
},
'Header': {
'Name': 'string',
'SuccessValues': [
'string',
],
'FailureValues': [
'string',
]
},
'BodyContains': {
'SuccessStrings': [
'string',
],
'FailureStrings': [
'string',
]
},
'Json': {
'Identifier': 'string',
'SuccessValues': [
'string',
],
'FailureValues': [
'string',
]
}
},
'EnableRegexInPath': True|False
},
'AWSManagedRulesACFPRuleSet': {
'CreationPath': 'string',
'RegistrationPagePath': 'string',
'RequestInspection': {
'PayloadType': 'JSON'|'FORM_ENCODED',
'UsernameField': {
'Identifier': 'string'
},
'PasswordField': {
'Identifier': 'string'
},
'EmailField': {
'Identifier': 'string'
},
'PhoneNumberFields': [
{
'Identifier': 'string'
},
],
'AddressFields': [
{
'Identifier': 'string'
},
]
},
'ResponseInspection': {
'StatusCode': {
'SuccessCodes': [
123,
],
'FailureCodes': [
123,
]
},
'Header': {
'Name': 'string',
'SuccessValues': [
'string',
],
'FailureValues': [
'string',
]
},
'BodyContains': {
'SuccessStrings': [
'string',
],
'FailureStrings': [
'string',
]
},
'Json': {
'Identifier': 'string',
'SuccessValues': [
'string',
],
'FailureValues': [
'string',
]
}
},
'EnableRegexInPath': True|False
},
'AWSManagedRulesAntiDDoSRuleSet': {
'ClientSideActionConfig': {
'Challenge': {
'UsageOfAction': 'ENABLED'|'DISABLED',
'Sensitivity': 'LOW'|'MEDIUM'|'HIGH',
'ExemptUriRegularExpressions': [
{
'RegexString': 'string'
},
]
}
},
'SensitivityToBlock': 'LOW'|'MEDIUM'|'HIGH'
}
},
],
'RuleActionOverrides': [
{
'Name': 'string',
'ActionToUse': {
'Block': {
'CustomResponse': {
'ResponseCode': 123,
'CustomResponseBodyKey': 'string',
'ResponseHeaders': [
{
'Name': 'string',
'Value': 'string'
},
]
}
},
'Allow': {
'CustomRequestHandling': {
'InsertHeaders': [
{
'Name': 'string',
'Value': 'string'
},
]
}
},
'Count': {
'CustomRequestHandling': {
'InsertHeaders': [
{
'Name': 'string',
'Value': 'string'
},
]
}
},
'Captcha': {
'CustomRequestHandling': {
'InsertHeaders': [
{
'Name': 'string',
'Value': 'string'
},
]
}
},
'Challenge': {
'CustomRequestHandling': {
'InsertHeaders': [
{
'Name': 'string',
'Value': 'string'
},
]
}
}
}
},
]
},
'LabelMatchStatement': {
'Scope': 'LABEL'|'NAMESPACE',
'Key': 'string'
},
'RegexMatchStatement': {
'RegexString': 'string',
'FieldToMatch': {
'SingleHeader': {
'Name': 'string'
},
'SingleQueryArgument': {
'Name': 'string'
},
'AllQueryArguments': {}
,
'UriPath': {}
,
'QueryString': {}
,
'Body': {
'OversizeHandling': 'CONTINUE'|'MATCH'|'NO_MATCH'
},
'Method': {}
,
'JsonBody': {
'MatchPattern': {
'All': {}
,
'IncludedPaths': [
'string',
]
},
'MatchScope': 'ALL'|'KEY'|'VALUE',
'InvalidFallbackBehavior': 'MATCH'|'NO_MATCH'|'EVALUATE_AS_STRING',
'OversizeHandling': 'CONTINUE'|'MATCH'|'NO_MATCH'
},
'Headers': {
'MatchPattern': {
'All': {}
,
'IncludedHeaders': [
'string',
],
'ExcludedHeaders': [
'string',
]
},
'MatchScope': 'ALL'|'KEY'|'VALUE',
'OversizeHandling': 'CONTINUE'|'MATCH'|'NO_MATCH'
},
'Cookies': {
'MatchPattern': {
'All': {}
,
'IncludedCookies': [
'string',
],
'ExcludedCookies': [
'string',
]
},
'MatchScope': 'ALL'|'KEY'|'VALUE',
'OversizeHandling': 'CONTINUE'|'MATCH'|'NO_MATCH'
},
'HeaderOrder': {
'OversizeHandling': 'CONTINUE'|'MATCH'|'NO_MATCH'
},
'JA3Fingerprint': {
'FallbackBehavior': 'MATCH'|'NO_MATCH'
},
'JA4Fingerprint': {
'FallbackBehavior': 'MATCH'|'NO_MATCH'
},
'UriFragment': {
'FallbackBehavior': 'MATCH'|'NO_MATCH'
}
},
'TextTransformations': [
{
'Priority': 123,
'Type': 'NONE'|'COMPRESS_WHITE_SPACE'|'HTML_ENTITY_DECODE'|'LOWERCASE'|'CMD_LINE'|'URL_DECODE'|'BASE64_DECODE'|'HEX_DECODE'|'MD5'|'REPLACE_COMMENTS'|'ESCAPE_SEQ_DECODE'|'SQL_HEX_DECODE'|'CSS_DECODE'|'JS_DECODE'|'NORMALIZE_PATH'|'NORMALIZE_PATH_WIN'|'REMOVE_NULLS'|'REPLACE_NULLS'|'BASE64_DECODE_EXT'|'URL_DECODE_UNI'|'UTF8_TO_UNICODE'
},
]
},
'AsnMatchStatement': {
'AsnList': [
123,
],
'ForwardedIPConfig': {
'HeaderName': 'string',
'FallbackBehavior': 'MATCH'|'NO_MATCH'
}
}
},
'Action': {
'Block': {
'CustomResponse': {
'ResponseCode': 123,
'CustomResponseBodyKey': 'string',
'ResponseHeaders': [
{
'Name': 'string',
'Value': 'string'
},
]
}
},
'Allow': {
'CustomRequestHandling': {
'InsertHeaders': [
{
'Name': 'string',
'Value': 'string'
},
]
}
},
'Count': {
'CustomRequestHandling': {
'InsertHeaders': [
{
'Name': 'string',
'Value': 'string'
},
]
}
},
'Captcha': {
'CustomRequestHandling': {
'InsertHeaders': [
{
'Name': 'string',
'Value': 'string'
},
]
}
},
'Challenge': {
'CustomRequestHandling': {
'InsertHeaders': [
{
'Name': 'string',
'Value': 'string'
},
]
}
}
},
'OverrideAction': {
'Count': {
'CustomRequestHandling': {
'InsertHeaders': [
{
'Name': 'string',
'Value': 'string'
},
]
}
},
'None': {}
},
'RuleLabels': [
{
'Name': 'string'
},
],
'VisibilityConfig': {
'SampledRequestsEnabled': True|False,
'CloudWatchMetricsEnabled': True|False,
'MetricName': 'string'
},
'CaptchaConfig': {
'ImmunityTimeProperty': {
'ImmunityTime': 123
}
},
'ChallengeConfig': {
'ImmunityTimeProperty': {
'ImmunityTime': 123
}
}
},
],
VisibilityConfig={
'SampledRequestsEnabled': True|False,
'CloudWatchMetricsEnabled': True|False,
'MetricName': 'string'
},
LockToken='string',
CustomResponseBodies={
'string': {
'ContentType': 'TEXT_PLAIN'|'TEXT_HTML'|'APPLICATION_JSON',
'Content': 'string'
}
}
)
**Parameters**
::
# This section is too large to render.
# Please see the AWS API Documentation linked below.
`AWS API Documentation <https://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/UpdateRuleGroup>`_
dict
Response Syntax
{
'NextLockToken': 'string'
}
Response Structure
(dict) --
NextLockToken (string) --
A token used for optimistic locking. WAF returns this token to your update requests. You use NextLockToken in the same manner as you use LockToken.
{'OnSourceDDoSProtectionConfig': {'ALBLowReputationMode': 'ACTIVE_UNDER_DDOS | '
'ALWAYS_ON'},
'Rules': {'Statement': {'ManagedRuleGroupStatement': {'ManagedRuleGroupConfigs': {'AWSManagedRulesAntiDDoSRuleSet': {'ClientSideActionConfig': {'Challenge': {'ExemptUriRegularExpressions': [{'RegexString': 'string'}],
'Sensitivity': 'LOW '
'| '
'MEDIUM '
'| '
'HIGH',
'UsageOfAction': 'ENABLED '
'| '
'DISABLED'}},
'SensitivityToBlock': 'LOW '
'| '
'MEDIUM '
'| '
'HIGH'}}}}}}
Updates the specified WebACL. While updating a web ACL, WAF provides continuous coverage to the resources that you have associated with the web ACL.
A web ACL defines a collection of rules to use to inspect and control web requests. Each rule has a statement that defines what to look for in web requests and an action that WAF applies to requests that match the statement. In the web ACL, you assign a default action to take (allow, block) for any request that does not match any of the rules. The rules in a web ACL can be a combination of the types Rule, RuleGroup, and managed rule group. You can associate a web ACL with one or more Amazon Web Services resources to protect. The resource types include Amazon CloudFront distribution, Amazon API Gateway REST API, Application Load Balancer, AppSync GraphQL API, Amazon Cognito user pool, App Runner service, Amplify application, and Amazon Web Services Verified Access instance.
Temporary inconsistencies during updates
When you create or change a web ACL or other WAF resources, the changes take a small amount of time to propagate to all areas where the resources are stored. The propagation time can be from a few seconds to a number of minutes.
The following are examples of the temporary inconsistencies that you might notice during change propagation:
After you create a web ACL, if you try to associate it with a resource, you might get an exception indicating that the web ACL is unavailable.
After you add a rule group to a web ACL, the new rule group rules might be in effect in one area where the web ACL is used and not in another.
After you change a rule action setting, you might see the old action in some places and the new action in others.
After you add an IP address to an IP set that is in use in a blocking rule, the new address might be blocked in one area while still allowed in another.
See also: AWS API Documentation
Request Syntax
client.update_web_acl(
Name='string',
Scope='CLOUDFRONT'|'REGIONAL',
Id='string',
DefaultAction={
'Block': {
'CustomResponse': {
'ResponseCode': 123,
'CustomResponseBodyKey': 'string',
'ResponseHeaders': [
{
'Name': 'string',
'Value': 'string'
},
]
}
},
'Allow': {
'CustomRequestHandling': {
'InsertHeaders': [
{
'Name': 'string',
'Value': 'string'
},
]
}
}
},
Description='string',
Rules=[
{
'Name': 'string',
'Priority': 123,
'Statement': {
'ByteMatchStatement': {
'SearchString': b'bytes',
'FieldToMatch': {
'SingleHeader': {
'Name': 'string'
},
'SingleQueryArgument': {
'Name': 'string'
},
'AllQueryArguments': {}
,
'UriPath': {}
,
'QueryString': {}
,
'Body': {
'OversizeHandling': 'CONTINUE'|'MATCH'|'NO_MATCH'
},
'Method': {}
,
'JsonBody': {
'MatchPattern': {
'All': {}
,
'IncludedPaths': [
'string',
]
},
'MatchScope': 'ALL'|'KEY'|'VALUE',
'InvalidFallbackBehavior': 'MATCH'|'NO_MATCH'|'EVALUATE_AS_STRING',
'OversizeHandling': 'CONTINUE'|'MATCH'|'NO_MATCH'
},
'Headers': {
'MatchPattern': {
'All': {}
,
'IncludedHeaders': [
'string',
],
'ExcludedHeaders': [
'string',
]
},
'MatchScope': 'ALL'|'KEY'|'VALUE',
'OversizeHandling': 'CONTINUE'|'MATCH'|'NO_MATCH'
},
'Cookies': {
'MatchPattern': {
'All': {}
,
'IncludedCookies': [
'string',
],
'ExcludedCookies': [
'string',
]
},
'MatchScope': 'ALL'|'KEY'|'VALUE',
'OversizeHandling': 'CONTINUE'|'MATCH'|'NO_MATCH'
},
'HeaderOrder': {
'OversizeHandling': 'CONTINUE'|'MATCH'|'NO_MATCH'
},
'JA3Fingerprint': {
'FallbackBehavior': 'MATCH'|'NO_MATCH'
},
'JA4Fingerprint': {
'FallbackBehavior': 'MATCH'|'NO_MATCH'
},
'UriFragment': {
'FallbackBehavior': 'MATCH'|'NO_MATCH'
}
},
'TextTransformations': [
{
'Priority': 123,
'Type': 'NONE'|'COMPRESS_WHITE_SPACE'|'HTML_ENTITY_DECODE'|'LOWERCASE'|'CMD_LINE'|'URL_DECODE'|'BASE64_DECODE'|'HEX_DECODE'|'MD5'|'REPLACE_COMMENTS'|'ESCAPE_SEQ_DECODE'|'SQL_HEX_DECODE'|'CSS_DECODE'|'JS_DECODE'|'NORMALIZE_PATH'|'NORMALIZE_PATH_WIN'|'REMOVE_NULLS'|'REPLACE_NULLS'|'BASE64_DECODE_EXT'|'URL_DECODE_UNI'|'UTF8_TO_UNICODE'
},
],
'PositionalConstraint': 'EXACTLY'|'STARTS_WITH'|'ENDS_WITH'|'CONTAINS'|'CONTAINS_WORD'
},
'SqliMatchStatement': {
'FieldToMatch': {
'SingleHeader': {
'Name': 'string'
},
'SingleQueryArgument': {
'Name': 'string'
},
'AllQueryArguments': {}
,
'UriPath': {}
,
'QueryString': {}
,
'Body': {
'OversizeHandling': 'CONTINUE'|'MATCH'|'NO_MATCH'
},
'Method': {}
,
'JsonBody': {
'MatchPattern': {
'All': {}
,
'IncludedPaths': [
'string',
]
},
'MatchScope': 'ALL'|'KEY'|'VALUE',
'InvalidFallbackBehavior': 'MATCH'|'NO_MATCH'|'EVALUATE_AS_STRING',
'OversizeHandling': 'CONTINUE'|'MATCH'|'NO_MATCH'
},
'Headers': {
'MatchPattern': {
'All': {}
,
'IncludedHeaders': [
'string',
],
'ExcludedHeaders': [
'string',
]
},
'MatchScope': 'ALL'|'KEY'|'VALUE',
'OversizeHandling': 'CONTINUE'|'MATCH'|'NO_MATCH'
},
'Cookies': {
'MatchPattern': {
'All': {}
,
'IncludedCookies': [
'string',
],
'ExcludedCookies': [
'string',
]
},
'MatchScope': 'ALL'|'KEY'|'VALUE',
'OversizeHandling': 'CONTINUE'|'MATCH'|'NO_MATCH'
},
'HeaderOrder': {
'OversizeHandling': 'CONTINUE'|'MATCH'|'NO_MATCH'
},
'JA3Fingerprint': {
'FallbackBehavior': 'MATCH'|'NO_MATCH'
},
'JA4Fingerprint': {
'FallbackBehavior': 'MATCH'|'NO_MATCH'
},
'UriFragment': {
'FallbackBehavior': 'MATCH'|'NO_MATCH'
}
},
'TextTransformations': [
{
'Priority': 123,
'Type': 'NONE'|'COMPRESS_WHITE_SPACE'|'HTML_ENTITY_DECODE'|'LOWERCASE'|'CMD_LINE'|'URL_DECODE'|'BASE64_DECODE'|'HEX_DECODE'|'MD5'|'REPLACE_COMMENTS'|'ESCAPE_SEQ_DECODE'|'SQL_HEX_DECODE'|'CSS_DECODE'|'JS_DECODE'|'NORMALIZE_PATH'|'NORMALIZE_PATH_WIN'|'REMOVE_NULLS'|'REPLACE_NULLS'|'BASE64_DECODE_EXT'|'URL_DECODE_UNI'|'UTF8_TO_UNICODE'
},
],
'SensitivityLevel': 'LOW'|'HIGH'
},
'XssMatchStatement': {
'FieldToMatch': {
'SingleHeader': {
'Name': 'string'
},
'SingleQueryArgument': {
'Name': 'string'
},
'AllQueryArguments': {}
,
'UriPath': {}
,
'QueryString': {}
,
'Body': {
'OversizeHandling': 'CONTINUE'|'MATCH'|'NO_MATCH'
},
'Method': {}
,
'JsonBody': {
'MatchPattern': {
'All': {}
,
'IncludedPaths': [
'string',
]
},
'MatchScope': 'ALL'|'KEY'|'VALUE',
'InvalidFallbackBehavior': 'MATCH'|'NO_MATCH'|'EVALUATE_AS_STRING',
'OversizeHandling': 'CONTINUE'|'MATCH'|'NO_MATCH'
},
'Headers': {
'MatchPattern': {
'All': {}
,
'IncludedHeaders': [
'string',
],
'ExcludedHeaders': [
'string',
]
},
'MatchScope': 'ALL'|'KEY'|'VALUE',
'OversizeHandling': 'CONTINUE'|'MATCH'|'NO_MATCH'
},
'Cookies': {
'MatchPattern': {
'All': {}
,
'IncludedCookies': [
'string',
],
'ExcludedCookies': [
'string',
]
},
'MatchScope': 'ALL'|'KEY'|'VALUE',
'OversizeHandling': 'CONTINUE'|'MATCH'|'NO_MATCH'
},
'HeaderOrder': {
'OversizeHandling': 'CONTINUE'|'MATCH'|'NO_MATCH'
},
'JA3Fingerprint': {
'FallbackBehavior': 'MATCH'|'NO_MATCH'
},
'JA4Fingerprint': {
'FallbackBehavior': 'MATCH'|'NO_MATCH'
},
'UriFragment': {
'FallbackBehavior': 'MATCH'|'NO_MATCH'
}
},
'TextTransformations': [
{
'Priority': 123,
'Type': 'NONE'|'COMPRESS_WHITE_SPACE'|'HTML_ENTITY_DECODE'|'LOWERCASE'|'CMD_LINE'|'URL_DECODE'|'BASE64_DECODE'|'HEX_DECODE'|'MD5'|'REPLACE_COMMENTS'|'ESCAPE_SEQ_DECODE'|'SQL_HEX_DECODE'|'CSS_DECODE'|'JS_DECODE'|'NORMALIZE_PATH'|'NORMALIZE_PATH_WIN'|'REMOVE_NULLS'|'REPLACE_NULLS'|'BASE64_DECODE_EXT'|'URL_DECODE_UNI'|'UTF8_TO_UNICODE'
},
]
},
'SizeConstraintStatement': {
'FieldToMatch': {
'SingleHeader': {
'Name': 'string'
},
'SingleQueryArgument': {
'Name': 'string'
},
'AllQueryArguments': {}
,
'UriPath': {}
,
'QueryString': {}
,
'Body': {
'OversizeHandling': 'CONTINUE'|'MATCH'|'NO_MATCH'
},
'Method': {}
,
'JsonBody': {
'MatchPattern': {
'All': {}
,
'IncludedPaths': [
'string',
]
},
'MatchScope': 'ALL'|'KEY'|'VALUE',
'InvalidFallbackBehavior': 'MATCH'|'NO_MATCH'|'EVALUATE_AS_STRING',
'OversizeHandling': 'CONTINUE'|'MATCH'|'NO_MATCH'
},
'Headers': {
'MatchPattern': {
'All': {}
,
'IncludedHeaders': [
'string',
],
'ExcludedHeaders': [
'string',
]
},
'MatchScope': 'ALL'|'KEY'|'VALUE',
'OversizeHandling': 'CONTINUE'|'MATCH'|'NO_MATCH'
},
'Cookies': {
'MatchPattern': {
'All': {}
,
'IncludedCookies': [
'string',
],
'ExcludedCookies': [
'string',
]
},
'MatchScope': 'ALL'|'KEY'|'VALUE',
'OversizeHandling': 'CONTINUE'|'MATCH'|'NO_MATCH'
},
'HeaderOrder': {
'OversizeHandling': 'CONTINUE'|'MATCH'|'NO_MATCH'
},
'JA3Fingerprint': {
'FallbackBehavior': 'MATCH'|'NO_MATCH'
},
'JA4Fingerprint': {
'FallbackBehavior': 'MATCH'|'NO_MATCH'
},
'UriFragment': {
'FallbackBehavior': 'MATCH'|'NO_MATCH'
}
},
'ComparisonOperator': 'EQ'|'NE'|'LE'|'LT'|'GE'|'GT',
'Size': 123,
'TextTransformations': [
{
'Priority': 123,
'Type': 'NONE'|'COMPRESS_WHITE_SPACE'|'HTML_ENTITY_DECODE'|'LOWERCASE'|'CMD_LINE'|'URL_DECODE'|'BASE64_DECODE'|'HEX_DECODE'|'MD5'|'REPLACE_COMMENTS'|'ESCAPE_SEQ_DECODE'|'SQL_HEX_DECODE'|'CSS_DECODE'|'JS_DECODE'|'NORMALIZE_PATH'|'NORMALIZE_PATH_WIN'|'REMOVE_NULLS'|'REPLACE_NULLS'|'BASE64_DECODE_EXT'|'URL_DECODE_UNI'|'UTF8_TO_UNICODE'
},
]
},
'GeoMatchStatement': {
'CountryCodes': [
'AF'|'AX'|'AL'|'DZ'|'AS'|'AD'|'AO'|'AI'|'AQ'|'AG'|'AR'|'AM'|'AW'|'AU'|'AT'|'AZ'|'BS'|'BH'|'BD'|'BB'|'BY'|'BE'|'BZ'|'BJ'|'BM'|'BT'|'BO'|'BQ'|'BA'|'BW'|'BV'|'BR'|'IO'|'BN'|'BG'|'BF'|'BI'|'KH'|'CM'|'CA'|'CV'|'KY'|'CF'|'TD'|'CL'|'CN'|'CX'|'CC'|'CO'|'KM'|'CG'|'CD'|'CK'|'CR'|'CI'|'HR'|'CU'|'CW'|'CY'|'CZ'|'DK'|'DJ'|'DM'|'DO'|'EC'|'EG'|'SV'|'GQ'|'ER'|'EE'|'ET'|'FK'|'FO'|'FJ'|'FI'|'FR'|'GF'|'PF'|'TF'|'GA'|'GM'|'GE'|'DE'|'GH'|'GI'|'GR'|'GL'|'GD'|'GP'|'GU'|'GT'|'GG'|'GN'|'GW'|'GY'|'HT'|'HM'|'VA'|'HN'|'HK'|'HU'|'IS'|'IN'|'ID'|'IR'|'IQ'|'IE'|'IM'|'IL'|'IT'|'JM'|'JP'|'JE'|'JO'|'KZ'|'KE'|'KI'|'KP'|'KR'|'KW'|'KG'|'LA'|'LV'|'LB'|'LS'|'LR'|'LY'|'LI'|'LT'|'LU'|'MO'|'MK'|'MG'|'MW'|'MY'|'MV'|'ML'|'MT'|'MH'|'MQ'|'MR'|'MU'|'YT'|'MX'|'FM'|'MD'|'MC'|'MN'|'ME'|'MS'|'MA'|'MZ'|'MM'|'NA'|'NR'|'NP'|'NL'|'NC'|'NZ'|'NI'|'NE'|'NG'|'NU'|'NF'|'MP'|'NO'|'OM'|'PK'|'PW'|'PS'|'PA'|'PG'|'PY'|'PE'|'PH'|'PN'|'PL'|'PT'|'PR'|'QA'|'RE'|'RO'|'RU'|'RW'|'BL'|'SH'|'KN'|'LC'|'MF'|'PM'|'VC'|'WS'|'SM'|'ST'|'SA'|'SN'|'RS'|'SC'|'SL'|'SG'|'SX'|'SK'|'SI'|'SB'|'SO'|'ZA'|'GS'|'SS'|'ES'|'LK'|'SD'|'SR'|'SJ'|'SZ'|'SE'|'CH'|'SY'|'TW'|'TJ'|'TZ'|'TH'|'TL'|'TG'|'TK'|'TO'|'TT'|'TN'|'TR'|'TM'|'TC'|'TV'|'UG'|'UA'|'AE'|'GB'|'US'|'UM'|'UY'|'UZ'|'VU'|'VE'|'VN'|'VG'|'VI'|'WF'|'EH'|'YE'|'ZM'|'ZW'|'XK',
],
'ForwardedIPConfig': {
'HeaderName': 'string',
'FallbackBehavior': 'MATCH'|'NO_MATCH'
}
},
'RuleGroupReferenceStatement': {
'ARN': 'string',
'ExcludedRules': [
{
'Name': 'string'
},
],
'RuleActionOverrides': [
{
'Name': 'string',
'ActionToUse': {
'Block': {
'CustomResponse': {
'ResponseCode': 123,
'CustomResponseBodyKey': 'string',
'ResponseHeaders': [
{
'Name': 'string',
'Value': 'string'
},
]
}
},
'Allow': {
'CustomRequestHandling': {
'InsertHeaders': [
{
'Name': 'string',
'Value': 'string'
},
]
}
},
'Count': {
'CustomRequestHandling': {
'InsertHeaders': [
{
'Name': 'string',
'Value': 'string'
},
]
}
},
'Captcha': {
'CustomRequestHandling': {
'InsertHeaders': [
{
'Name': 'string',
'Value': 'string'
},
]
}
},
'Challenge': {
'CustomRequestHandling': {
'InsertHeaders': [
{
'Name': 'string',
'Value': 'string'
},
]
}
}
}
},
]
},
'IPSetReferenceStatement': {
'ARN': 'string',
'IPSetForwardedIPConfig': {
'HeaderName': 'string',
'FallbackBehavior': 'MATCH'|'NO_MATCH',
'Position': 'FIRST'|'LAST'|'ANY'
}
},
'RegexPatternSetReferenceStatement': {
'ARN': 'string',
'FieldToMatch': {
'SingleHeader': {
'Name': 'string'
},
'SingleQueryArgument': {
'Name': 'string'
},
'AllQueryArguments': {}
,
'UriPath': {}
,
'QueryString': {}
,
'Body': {
'OversizeHandling': 'CONTINUE'|'MATCH'|'NO_MATCH'
},
'Method': {}
,
'JsonBody': {
'MatchPattern': {
'All': {}
,
'IncludedPaths': [
'string',
]
},
'MatchScope': 'ALL'|'KEY'|'VALUE',
'InvalidFallbackBehavior': 'MATCH'|'NO_MATCH'|'EVALUATE_AS_STRING',
'OversizeHandling': 'CONTINUE'|'MATCH'|'NO_MATCH'
},
'Headers': {
'MatchPattern': {
'All': {}
,
'IncludedHeaders': [
'string',
],
'ExcludedHeaders': [
'string',
]
},
'MatchScope': 'ALL'|'KEY'|'VALUE',
'OversizeHandling': 'CONTINUE'|'MATCH'|'NO_MATCH'
},
'Cookies': {
'MatchPattern': {
'All': {}
,
'IncludedCookies': [
'string',
],
'ExcludedCookies': [
'string',
]
},
'MatchScope': 'ALL'|'KEY'|'VALUE',
'OversizeHandling': 'CONTINUE'|'MATCH'|'NO_MATCH'
},
'HeaderOrder': {
'OversizeHandling': 'CONTINUE'|'MATCH'|'NO_MATCH'
},
'JA3Fingerprint': {
'FallbackBehavior': 'MATCH'|'NO_MATCH'
},
'JA4Fingerprint': {
'FallbackBehavior': 'MATCH'|'NO_MATCH'
},
'UriFragment': {
'FallbackBehavior': 'MATCH'|'NO_MATCH'
}
},
'TextTransformations': [
{
'Priority': 123,
'Type': 'NONE'|'COMPRESS_WHITE_SPACE'|'HTML_ENTITY_DECODE'|'LOWERCASE'|'CMD_LINE'|'URL_DECODE'|'BASE64_DECODE'|'HEX_DECODE'|'MD5'|'REPLACE_COMMENTS'|'ESCAPE_SEQ_DECODE'|'SQL_HEX_DECODE'|'CSS_DECODE'|'JS_DECODE'|'NORMALIZE_PATH'|'NORMALIZE_PATH_WIN'|'REMOVE_NULLS'|'REPLACE_NULLS'|'BASE64_DECODE_EXT'|'URL_DECODE_UNI'|'UTF8_TO_UNICODE'
},
]
},
'RateBasedStatement': {
'Limit': 123,
'EvaluationWindowSec': 123,
'AggregateKeyType': 'IP'|'FORWARDED_IP'|'CUSTOM_KEYS'|'CONSTANT',
'ScopeDownStatement': {'... recursive ...'},
'ForwardedIPConfig': {
'HeaderName': 'string',
'FallbackBehavior': 'MATCH'|'NO_MATCH'
},
'CustomKeys': [
{
'Header': {
'Name': 'string',
'TextTransformations': [
{
'Priority': 123,
'Type': 'NONE'|'COMPRESS_WHITE_SPACE'|'HTML_ENTITY_DECODE'|'LOWERCASE'|'CMD_LINE'|'URL_DECODE'|'BASE64_DECODE'|'HEX_DECODE'|'MD5'|'REPLACE_COMMENTS'|'ESCAPE_SEQ_DECODE'|'SQL_HEX_DECODE'|'CSS_DECODE'|'JS_DECODE'|'NORMALIZE_PATH'|'NORMALIZE_PATH_WIN'|'REMOVE_NULLS'|'REPLACE_NULLS'|'BASE64_DECODE_EXT'|'URL_DECODE_UNI'|'UTF8_TO_UNICODE'
},
]
},
'Cookie': {
'Name': 'string',
'TextTransformations': [
{
'Priority': 123,
'Type': 'NONE'|'COMPRESS_WHITE_SPACE'|'HTML_ENTITY_DECODE'|'LOWERCASE'|'CMD_LINE'|'URL_DECODE'|'BASE64_DECODE'|'HEX_DECODE'|'MD5'|'REPLACE_COMMENTS'|'ESCAPE_SEQ_DECODE'|'SQL_HEX_DECODE'|'CSS_DECODE'|'JS_DECODE'|'NORMALIZE_PATH'|'NORMALIZE_PATH_WIN'|'REMOVE_NULLS'|'REPLACE_NULLS'|'BASE64_DECODE_EXT'|'URL_DECODE_UNI'|'UTF8_TO_UNICODE'
},
]
},
'QueryArgument': {
'Name': 'string',
'TextTransformations': [
{
'Priority': 123,
'Type': 'NONE'|'COMPRESS_WHITE_SPACE'|'HTML_ENTITY_DECODE'|'LOWERCASE'|'CMD_LINE'|'URL_DECODE'|'BASE64_DECODE'|'HEX_DECODE'|'MD5'|'REPLACE_COMMENTS'|'ESCAPE_SEQ_DECODE'|'SQL_HEX_DECODE'|'CSS_DECODE'|'JS_DECODE'|'NORMALIZE_PATH'|'NORMALIZE_PATH_WIN'|'REMOVE_NULLS'|'REPLACE_NULLS'|'BASE64_DECODE_EXT'|'URL_DECODE_UNI'|'UTF8_TO_UNICODE'
},
]
},
'QueryString': {
'TextTransformations': [
{
'Priority': 123,
'Type': 'NONE'|'COMPRESS_WHITE_SPACE'|'HTML_ENTITY_DECODE'|'LOWERCASE'|'CMD_LINE'|'URL_DECODE'|'BASE64_DECODE'|'HEX_DECODE'|'MD5'|'REPLACE_COMMENTS'|'ESCAPE_SEQ_DECODE'|'SQL_HEX_DECODE'|'CSS_DECODE'|'JS_DECODE'|'NORMALIZE_PATH'|'NORMALIZE_PATH_WIN'|'REMOVE_NULLS'|'REPLACE_NULLS'|'BASE64_DECODE_EXT'|'URL_DECODE_UNI'|'UTF8_TO_UNICODE'
},
]
},
'HTTPMethod': {}
,
'ForwardedIP': {}
,
'IP': {}
,
'LabelNamespace': {
'Namespace': 'string'
},
'UriPath': {
'TextTransformations': [
{
'Priority': 123,
'Type': 'NONE'|'COMPRESS_WHITE_SPACE'|'HTML_ENTITY_DECODE'|'LOWERCASE'|'CMD_LINE'|'URL_DECODE'|'BASE64_DECODE'|'HEX_DECODE'|'MD5'|'REPLACE_COMMENTS'|'ESCAPE_SEQ_DECODE'|'SQL_HEX_DECODE'|'CSS_DECODE'|'JS_DECODE'|'NORMALIZE_PATH'|'NORMALIZE_PATH_WIN'|'REMOVE_NULLS'|'REPLACE_NULLS'|'BASE64_DECODE_EXT'|'URL_DECODE_UNI'|'UTF8_TO_UNICODE'
},
]
},
'JA3Fingerprint': {
'FallbackBehavior': 'MATCH'|'NO_MATCH'
},
'JA4Fingerprint': {
'FallbackBehavior': 'MATCH'|'NO_MATCH'
},
'ASN': {}
},
]
},
'AndStatement': {
'Statements': [
{'... recursive ...'},
]
},
'OrStatement': {
'Statements': [
{'... recursive ...'},
]
},
'NotStatement': {
'Statement': {'... recursive ...'}
},
'ManagedRuleGroupStatement': {
'VendorName': 'string',
'Name': 'string',
'Version': 'string',
'ExcludedRules': [
{
'Name': 'string'
},
],
'ScopeDownStatement': {'... recursive ...'},
'ManagedRuleGroupConfigs': [
{
'LoginPath': 'string',
'PayloadType': 'JSON'|'FORM_ENCODED',
'UsernameField': {
'Identifier': 'string'
},
'PasswordField': {
'Identifier': 'string'
},
'AWSManagedRulesBotControlRuleSet': {
'InspectionLevel': 'COMMON'|'TARGETED',
'EnableMachineLearning': True|False
},
'AWSManagedRulesATPRuleSet': {
'LoginPath': 'string',
'RequestInspection': {
'PayloadType': 'JSON'|'FORM_ENCODED',
'UsernameField': {
'Identifier': 'string'
},
'PasswordField': {
'Identifier': 'string'
}
},
'ResponseInspection': {
'StatusCode': {
'SuccessCodes': [
123,
],
'FailureCodes': [
123,
]
},
'Header': {
'Name': 'string',
'SuccessValues': [
'string',
],
'FailureValues': [
'string',
]
},
'BodyContains': {
'SuccessStrings': [
'string',
],
'FailureStrings': [
'string',
]
},
'Json': {
'Identifier': 'string',
'SuccessValues': [
'string',
],
'FailureValues': [
'string',
]
}
},
'EnableRegexInPath': True|False
},
'AWSManagedRulesACFPRuleSet': {
'CreationPath': 'string',
'RegistrationPagePath': 'string',
'RequestInspection': {
'PayloadType': 'JSON'|'FORM_ENCODED',
'UsernameField': {
'Identifier': 'string'
},
'PasswordField': {
'Identifier': 'string'
},
'EmailField': {
'Identifier': 'string'
},
'PhoneNumberFields': [
{
'Identifier': 'string'
},
],
'AddressFields': [
{
'Identifier': 'string'
},
]
},
'ResponseInspection': {
'StatusCode': {
'SuccessCodes': [
123,
],
'FailureCodes': [
123,
]
},
'Header': {
'Name': 'string',
'SuccessValues': [
'string',
],
'FailureValues': [
'string',
]
},
'BodyContains': {
'SuccessStrings': [
'string',
],
'FailureStrings': [
'string',
]
},
'Json': {
'Identifier': 'string',
'SuccessValues': [
'string',
],
'FailureValues': [
'string',
]
}
},
'EnableRegexInPath': True|False
},
'AWSManagedRulesAntiDDoSRuleSet': {
'ClientSideActionConfig': {
'Challenge': {
'UsageOfAction': 'ENABLED'|'DISABLED',
'Sensitivity': 'LOW'|'MEDIUM'|'HIGH',
'ExemptUriRegularExpressions': [
{
'RegexString': 'string'
},
]
}
},
'SensitivityToBlock': 'LOW'|'MEDIUM'|'HIGH'
}
},
],
'RuleActionOverrides': [
{
'Name': 'string',
'ActionToUse': {
'Block': {
'CustomResponse': {
'ResponseCode': 123,
'CustomResponseBodyKey': 'string',
'ResponseHeaders': [
{
'Name': 'string',
'Value': 'string'
},
]
}
},
'Allow': {
'CustomRequestHandling': {
'InsertHeaders': [
{
'Name': 'string',
'Value': 'string'
},
]
}
},
'Count': {
'CustomRequestHandling': {
'InsertHeaders': [
{
'Name': 'string',
'Value': 'string'
},
]
}
},
'Captcha': {
'CustomRequestHandling': {
'InsertHeaders': [
{
'Name': 'string',
'Value': 'string'
},
]
}
},
'Challenge': {
'CustomRequestHandling': {
'InsertHeaders': [
{
'Name': 'string',
'Value': 'string'
},
]
}
}
}
},
]
},
'LabelMatchStatement': {
'Scope': 'LABEL'|'NAMESPACE',
'Key': 'string'
},
'RegexMatchStatement': {
'RegexString': 'string',
'FieldToMatch': {
'SingleHeader': {
'Name': 'string'
},
'SingleQueryArgument': {
'Name': 'string'
},
'AllQueryArguments': {}
,
'UriPath': {}
,
'QueryString': {}
,
'Body': {
'OversizeHandling': 'CONTINUE'|'MATCH'|'NO_MATCH'
},
'Method': {}
,
'JsonBody': {
'MatchPattern': {
'All': {}
,
'IncludedPaths': [
'string',
]
},
'MatchScope': 'ALL'|'KEY'|'VALUE',
'InvalidFallbackBehavior': 'MATCH'|'NO_MATCH'|'EVALUATE_AS_STRING',
'OversizeHandling': 'CONTINUE'|'MATCH'|'NO_MATCH'
},
'Headers': {
'MatchPattern': {
'All': {}
,
'IncludedHeaders': [
'string',
],
'ExcludedHeaders': [
'string',
]
},
'MatchScope': 'ALL'|'KEY'|'VALUE',
'OversizeHandling': 'CONTINUE'|'MATCH'|'NO_MATCH'
},
'Cookies': {
'MatchPattern': {
'All': {}
,
'IncludedCookies': [
'string',
],
'ExcludedCookies': [
'string',
]
},
'MatchScope': 'ALL'|'KEY'|'VALUE',
'OversizeHandling': 'CONTINUE'|'MATCH'|'NO_MATCH'
},
'HeaderOrder': {
'OversizeHandling': 'CONTINUE'|'MATCH'|'NO_MATCH'
},
'JA3Fingerprint': {
'FallbackBehavior': 'MATCH'|'NO_MATCH'
},
'JA4Fingerprint': {
'FallbackBehavior': 'MATCH'|'NO_MATCH'
},
'UriFragment': {
'FallbackBehavior': 'MATCH'|'NO_MATCH'
}
},
'TextTransformations': [
{
'Priority': 123,
'Type': 'NONE'|'COMPRESS_WHITE_SPACE'|'HTML_ENTITY_DECODE'|'LOWERCASE'|'CMD_LINE'|'URL_DECODE'|'BASE64_DECODE'|'HEX_DECODE'|'MD5'|'REPLACE_COMMENTS'|'ESCAPE_SEQ_DECODE'|'SQL_HEX_DECODE'|'CSS_DECODE'|'JS_DECODE'|'NORMALIZE_PATH'|'NORMALIZE_PATH_WIN'|'REMOVE_NULLS'|'REPLACE_NULLS'|'BASE64_DECODE_EXT'|'URL_DECODE_UNI'|'UTF8_TO_UNICODE'
},
]
},
'AsnMatchStatement': {
'AsnList': [
123,
],
'ForwardedIPConfig': {
'HeaderName': 'string',
'FallbackBehavior': 'MATCH'|'NO_MATCH'
}
}
},
'Action': {
'Block': {
'CustomResponse': {
'ResponseCode': 123,
'CustomResponseBodyKey': 'string',
'ResponseHeaders': [
{
'Name': 'string',
'Value': 'string'
},
]
}
},
'Allow': {
'CustomRequestHandling': {
'InsertHeaders': [
{
'Name': 'string',
'Value': 'string'
},
]
}
},
'Count': {
'CustomRequestHandling': {
'InsertHeaders': [
{
'Name': 'string',
'Value': 'string'
},
]
}
},
'Captcha': {
'CustomRequestHandling': {
'InsertHeaders': [
{
'Name': 'string',
'Value': 'string'
},
]
}
},
'Challenge': {
'CustomRequestHandling': {
'InsertHeaders': [
{
'Name': 'string',
'Value': 'string'
},
]
}
}
},
'OverrideAction': {
'Count': {
'CustomRequestHandling': {
'InsertHeaders': [
{
'Name': 'string',
'Value': 'string'
},
]
}
},
'None': {}
},
'RuleLabels': [
{
'Name': 'string'
},
],
'VisibilityConfig': {
'SampledRequestsEnabled': True|False,
'CloudWatchMetricsEnabled': True|False,
'MetricName': 'string'
},
'CaptchaConfig': {
'ImmunityTimeProperty': {
'ImmunityTime': 123
}
},
'ChallengeConfig': {
'ImmunityTimeProperty': {
'ImmunityTime': 123
}
}
},
],
VisibilityConfig={
'SampledRequestsEnabled': True|False,
'CloudWatchMetricsEnabled': True|False,
'MetricName': 'string'
},
DataProtectionConfig={
'DataProtections': [
{
'Field': {
'FieldType': 'SINGLE_HEADER'|'SINGLE_COOKIE'|'SINGLE_QUERY_ARGUMENT'|'QUERY_STRING'|'BODY',
'FieldKeys': [
'string',
]
},
'Action': 'SUBSTITUTION'|'HASH',
'ExcludeRuleMatchDetails': True|False,
'ExcludeRateBasedDetails': True|False
},
]
},
LockToken='string',
CustomResponseBodies={
'string': {
'ContentType': 'TEXT_PLAIN'|'TEXT_HTML'|'APPLICATION_JSON',
'Content': 'string'
}
},
CaptchaConfig={
'ImmunityTimeProperty': {
'ImmunityTime': 123
}
},
ChallengeConfig={
'ImmunityTimeProperty': {
'ImmunityTime': 123
}
},
TokenDomains=[
'string',
],
AssociationConfig={
'RequestBody': {
'string': {
'DefaultSizeInspectionLimit': 'KB_16'|'KB_32'|'KB_48'|'KB_64'
}
}
},
OnSourceDDoSProtectionConfig={
'ALBLowReputationMode': 'ACTIVE_UNDER_DDOS'|'ALWAYS_ON'
}
)
**Parameters**
::
# This section is too large to render.
# Please see the AWS API Documentation linked below.
`AWS API Documentation <https://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/UpdateWebACL>`_
dict
Response Syntax
{
'NextLockToken': 'string'
}
Response Structure
(dict) --
NextLockToken (string) --
A token used for optimistic locking. WAF returns this token to your update requests. You use NextLockToken in the same manner as you use LockToken.