AWS WAFV2

2024/02/06 - 1 new api methods

Changes   You can now delete an API key that you've created for use with your CAPTCHA JavaScript integration API.

2023/09/25 - 11 updated api methods

Changes   You can now perform an exact match against the web request's JA3 fingerprint.

2023/09/06 - 8 updated api methods

Changes   The targeted protection level of the Bot Control managed rule group now provides optional, machine-learning analysis of traffic statistics to detect some bot-related activity. You can enable or disable the machine learning functionality through the API.

2023/07/19 - 8 updated api methods

Changes   Added the URI path to the custom aggregation keys that you can specify for a rate-based rule.

2023/06/13 - 8 updated api methods

Changes   You can now detect and block fraudulent account creation attempts with the new AWS WAF Fraud Control account creation fraud prevention (ACFP) managed rule group AWSManagedRulesACFPRuleSet.

2023/06/02 - 2 new api methods

Changes   Added APIs to describe managed products. The APIs retrieve information about rule groups that are managed by AWS and by AWS Marketplace sellers.

2023/05/30 - 11 updated api methods

Changes   This SDK release provides customers the ability to use Header Order as a field to match.

2023/05/16 - 8 updated api methods

Changes   My AWS Service (placeholder) - You can now rate limit web requests based on aggregation keys other than IP addresses, and you can aggregate using combinations of keys. You can also rate limit all requests that match a scope-down statement, without further aggregation.

2023/04/28 - 1 updated api methods

Changes   You can now associate a web ACL with a Verified Access instance.

2023/04/20 - 3 new api methods

Changes   You can now create encrypted API keys to use in a client application integration of the JavaScript CAPTCHA API . You can also retrieve a list of your API keys and the JavaScript application integration URL.

2023/04/11 - 4 updated api methods

Changes   For web ACLs that protect CloudFront protections, the default request body inspection size is now 16 KB, and you can use the new association configuration to increase the inspection size further, up to 64 KB. Sizes over 16 KB can incur additional costs.

2023/04/03 - 4 updated api methods

Changes   For web ACLs that protect CloudFront protections, the default request body inspection size is now 16 KB, and you can use the new association configuration to increase the inspection size further, up to 64 KB. Sizes over 16 KB can incur additional costs.

2023/02/23 - 1 updated api methods

Changes   You can now associate an AWS WAF v2 web ACL with an AWS App Runner service.

2023/02/15 - 8 updated api methods

Changes   For protected CloudFront distributions, you can now use the AWS WAF Fraud Control account takeover prevention (ATP) managed rule group to block new login attempts from clients that have recently submitted too many failed login attempts.

2022/10/27 - 13 updated api methods

Changes   This release adds the following: Challenge rule action, to silently verify client browsers; rule group rule action override to any valid rule action, not just Count; token sharing between protected applications for challenge/CAPTCHA token; targeted rules option for Bot Control managed rule group.

2022/08/03 - 1 updated api methods

Changes   You can now associate an AWS WAF web ACL with an Amazon Cognito user pool.

2022/07/15 - 8 updated api methods

Changes   This SDK release provide customers ability to add sensitivity level for WAF SQLI Match Statements.

2022/04/29 - 11 updated api methods

Changes   You can now inspect all request headers and all cookies. You can now specify how to handle oversize body contents in your rules that inspect the body.

2022/04/08 - 2 updated api methods

Changes   Add a new CurrentDefaultVersion field to ListAvailableManagedRuleGroupVersions API response; add a new VersioningSupported boolean to each ManagedRuleGroup returned from ListAvailableManagedRuleGroups API response.

2022/02/10 - 3 new 8 updated api methods

Changes   Adds support for AWS WAF Fraud Control account takeover prevention (ATP), with configuration options for the new managed rule group AWSManagedRulesATPRuleSet and support for application integration SDKs for Android and iOS mobile apps.

2021/11/08 - 13 updated api methods

Changes   You can now configure rules to run a CAPTCHA check against web requests and, as needed, send a CAPTCHA challenge to the client.

2021/09/22 - 8 updated api methods

Changes   Added the regex match rule statement, for matching web requests against a single regular expression.

2021/09/14 - 1 updated api methods

Changes   This release adds support for including rate based rules in a rule group.

2021/08/09 - 5 new 9 updated api methods

Changes   This release adds APIs to support versioning feature of AWS WAF Managed rule groups

2021/06/24 - 8 updated api methods

Changes   Added support for 15 new text transformation.

2021/04/01 - 13 updated api methods

Changes   Added support for ScopeDownStatement for ManagedRuleGroups, Labels, LabelMatchStatement, and LoggingFilter. For more information on these features, see the AWS WAF Developer Guide.

2021/03/29 - 10 updated api methods

Changes   Added custom request handling and custom response support in rule actions and default action; Added the option to inspect the web request body as parsed and filtered JSON.

2021/02/12 - 11 updated api methods

Changes   Added the option to inspect the web request body as parsed and filtered JSON (new FieldToMatch type JsonBody), in addition to the existing option to inspect the web request body as plain text.

2020/10/01 - 1 updated api methods

Changes   AWS WAF is now available for AWS AppSync GraphQL APIs. AWS WAF protects against malicious attacks with AWS Managed Rules or your own custom rules. For more information see the AWS WAF Developer Guide.

2020/07/31 - 3 updated api methods

Changes   Add ManagedByFirewallManager flag to the logging configuration, which indicates whether AWS Firewall Manager controls the configuration.

2020/07/09 - 8 updated api methods

Changes   Added the option to use IP addresses from an HTTP header that you specify, instead of using the web request origin. Available for IP set matching, geo matching, and rate-based rule count aggregation.

2020/03/31 - 4 new 2 updated api methods

Changes   Added support for AWS Firewall Manager for WAFv2 and PermissionPolicy APIs for WAFv2.

2019/11/25 - 36 new api methods

Changes   This release introduces new set of APIs ("wafv2") for AWS WAF. Major changes include single set of APIs for creating/updating resources in global and regional scope, and rules are configured directly into web ACL instead of being referenced. The previous APIs ("waf" and "waf-regional") are now referred as AWS WAF Classic. For more information visit: https://docs.aws.amazon.com/waf/latest/APIReference/Welcome.html