| Copyright | (c) 2013-2021 Brendan Hay |
|---|---|
| License | Mozilla Public License, v. 2.0. |
| Maintainer | Brendan Hay <brendan.g.hay+amazonka@gmail.com> |
| Stability | auto-generated |
| Portability | non-portable (GHC extensions) |
| Safe Haskell | None |
Amazonka.WAFRegional.Types
Contents
- Service Configuration
- Errors
- ChangeAction
- ChangeTokenStatus
- ComparisonOperator
- GeoMatchConstraintType
- GeoMatchConstraintValue
- IPSetDescriptorType
- MatchFieldType
- PositionalConstraint
- PredicateType
- RateKey
- ResourceType
- TextTransformation
- WafActionType
- WafOverrideActionType
- WafRuleType
- ActivatedRule
- ByteMatchSet
- ByteMatchSetSummary
- ByteMatchSetUpdate
- ByteMatchTuple
- ExcludedRule
- FieldToMatch
- GeoMatchConstraint
- GeoMatchSet
- GeoMatchSetSummary
- GeoMatchSetUpdate
- HTTPHeader
- HTTPRequest
- IPSet
- IPSetDescriptor
- IPSetSummary
- IPSetUpdate
- LoggingConfiguration
- Predicate
- RateBasedRule
- RegexMatchSet
- RegexMatchSetSummary
- RegexMatchSetUpdate
- RegexMatchTuple
- RegexPatternSet
- RegexPatternSetSummary
- RegexPatternSetUpdate
- Rule
- RuleGroup
- RuleGroupSummary
- RuleGroupUpdate
- RuleSummary
- RuleUpdate
- SampledHTTPRequest
- SizeConstraint
- SizeConstraintSet
- SizeConstraintSetSummary
- SizeConstraintSetUpdate
- SqlInjectionMatchSet
- SqlInjectionMatchSetSummary
- SqlInjectionMatchSetUpdate
- SqlInjectionMatchTuple
- SubscribedRuleGroupSummary
- Tag
- TagInfoForResource
- TimeWindow
- WafAction
- WafOverrideAction
- WebACL
- WebACLSummary
- WebACLUpdate
- XssMatchSet
- XssMatchSetSummary
- XssMatchSetUpdate
- XssMatchTuple
Description
Synopsis
- defaultService :: Service
- _WAFInvalidAccountException :: AsError a => Getting (First ServiceError) a ServiceError
- _WAFSubscriptionNotFoundException :: AsError a => Getting (First ServiceError) a ServiceError
- _WAFReferencedItemException :: AsError a => Getting (First ServiceError) a ServiceError
- _WAFTagOperationException :: AsError a => Getting (First ServiceError) a ServiceError
- _WAFEntityMigrationException :: AsError a => Getting (First ServiceError) a ServiceError
- _WAFInvalidRegexPatternException :: AsError a => Getting (First ServiceError) a ServiceError
- _WAFInvalidOperationException :: AsError a => Getting (First ServiceError) a ServiceError
- _WAFBadRequestException :: AsError a => Getting (First ServiceError) a ServiceError
- _WAFNonexistentItemException :: AsError a => Getting (First ServiceError) a ServiceError
- _WAFInvalidParameterException :: AsError a => Getting (First ServiceError) a ServiceError
- _WAFTagOperationInternalErrorException :: AsError a => Getting (First ServiceError) a ServiceError
- _WAFServiceLinkedRoleErrorException :: AsError a => Getting (First ServiceError) a ServiceError
- _WAFLimitsExceededException :: AsError a => Getting (First ServiceError) a ServiceError
- _WAFInvalidPermissionPolicyException :: AsError a => Getting (First ServiceError) a ServiceError
- _WAFStaleDataException :: AsError a => Getting (First ServiceError) a ServiceError
- _WAFInternalErrorException :: AsError a => Getting (First ServiceError) a ServiceError
- _WAFNonexistentContainerException :: AsError a => Getting (First ServiceError) a ServiceError
- _WAFUnavailableEntityException :: AsError a => Getting (First ServiceError) a ServiceError
- _WAFDisallowedNameException :: AsError a => Getting (First ServiceError) a ServiceError
- _WAFNonEmptyEntityException :: AsError a => Getting (First ServiceError) a ServiceError
- newtype ChangeAction where
- ChangeAction' { }
- pattern ChangeAction_DELETE :: ChangeAction
- pattern ChangeAction_INSERT :: ChangeAction
- newtype ChangeTokenStatus where
- ChangeTokenStatus' { }
- pattern ChangeTokenStatus_INSYNC :: ChangeTokenStatus
- pattern ChangeTokenStatus_PENDING :: ChangeTokenStatus
- pattern ChangeTokenStatus_PROVISIONED :: ChangeTokenStatus
- newtype ComparisonOperator where
- ComparisonOperator' { }
- pattern ComparisonOperator_EQ :: ComparisonOperator
- pattern ComparisonOperator_GE :: ComparisonOperator
- pattern ComparisonOperator_GT :: ComparisonOperator
- pattern ComparisonOperator_LE :: ComparisonOperator
- pattern ComparisonOperator_LT :: ComparisonOperator
- pattern ComparisonOperator_NE :: ComparisonOperator
- newtype GeoMatchConstraintType where
- newtype GeoMatchConstraintValue where
- GeoMatchConstraintValue' { }
- pattern GeoMatchConstraintValue_AD :: GeoMatchConstraintValue
- pattern GeoMatchConstraintValue_AE :: GeoMatchConstraintValue
- pattern GeoMatchConstraintValue_AF :: GeoMatchConstraintValue
- pattern GeoMatchConstraintValue_AG :: GeoMatchConstraintValue
- pattern GeoMatchConstraintValue_AI :: GeoMatchConstraintValue
- pattern GeoMatchConstraintValue_AL :: GeoMatchConstraintValue
- pattern GeoMatchConstraintValue_AM :: GeoMatchConstraintValue
- pattern GeoMatchConstraintValue_AO :: GeoMatchConstraintValue
- pattern GeoMatchConstraintValue_AQ :: GeoMatchConstraintValue
- pattern GeoMatchConstraintValue_AR :: GeoMatchConstraintValue
- pattern GeoMatchConstraintValue_AS :: GeoMatchConstraintValue
- pattern GeoMatchConstraintValue_AT :: GeoMatchConstraintValue
- pattern GeoMatchConstraintValue_AU :: GeoMatchConstraintValue
- pattern GeoMatchConstraintValue_AW :: GeoMatchConstraintValue
- pattern GeoMatchConstraintValue_AX :: GeoMatchConstraintValue
- pattern GeoMatchConstraintValue_AZ :: GeoMatchConstraintValue
- pattern GeoMatchConstraintValue_BA :: GeoMatchConstraintValue
- pattern GeoMatchConstraintValue_BB :: GeoMatchConstraintValue
- pattern GeoMatchConstraintValue_BD :: GeoMatchConstraintValue
- pattern GeoMatchConstraintValue_BE :: GeoMatchConstraintValue
- pattern GeoMatchConstraintValue_BF :: GeoMatchConstraintValue
- pattern GeoMatchConstraintValue_BG :: GeoMatchConstraintValue
- pattern GeoMatchConstraintValue_BH :: GeoMatchConstraintValue
- pattern GeoMatchConstraintValue_BI :: GeoMatchConstraintValue
- pattern GeoMatchConstraintValue_BJ :: GeoMatchConstraintValue
- pattern GeoMatchConstraintValue_BL :: GeoMatchConstraintValue
- pattern GeoMatchConstraintValue_BM :: GeoMatchConstraintValue
- pattern GeoMatchConstraintValue_BN :: GeoMatchConstraintValue
- pattern GeoMatchConstraintValue_BO :: GeoMatchConstraintValue
- pattern GeoMatchConstraintValue_BQ :: GeoMatchConstraintValue
- pattern GeoMatchConstraintValue_BR :: GeoMatchConstraintValue
- pattern GeoMatchConstraintValue_BS :: GeoMatchConstraintValue
- pattern GeoMatchConstraintValue_BT :: GeoMatchConstraintValue
- pattern GeoMatchConstraintValue_BV :: GeoMatchConstraintValue
- pattern GeoMatchConstraintValue_BW :: GeoMatchConstraintValue
- pattern GeoMatchConstraintValue_BY :: GeoMatchConstraintValue
- pattern GeoMatchConstraintValue_BZ :: GeoMatchConstraintValue
- pattern GeoMatchConstraintValue_CA :: GeoMatchConstraintValue
- pattern GeoMatchConstraintValue_CC :: GeoMatchConstraintValue
- pattern GeoMatchConstraintValue_CD :: GeoMatchConstraintValue
- pattern GeoMatchConstraintValue_CF :: GeoMatchConstraintValue
- pattern GeoMatchConstraintValue_CG :: GeoMatchConstraintValue
- pattern GeoMatchConstraintValue_CH :: GeoMatchConstraintValue
- pattern GeoMatchConstraintValue_CI :: GeoMatchConstraintValue
- pattern GeoMatchConstraintValue_CK :: GeoMatchConstraintValue
- pattern GeoMatchConstraintValue_CL :: GeoMatchConstraintValue
- pattern GeoMatchConstraintValue_CM :: GeoMatchConstraintValue
- pattern GeoMatchConstraintValue_CN :: GeoMatchConstraintValue
- pattern GeoMatchConstraintValue_CO :: GeoMatchConstraintValue
- pattern GeoMatchConstraintValue_CR :: GeoMatchConstraintValue
- pattern GeoMatchConstraintValue_CU :: GeoMatchConstraintValue
- pattern GeoMatchConstraintValue_CV :: GeoMatchConstraintValue
- pattern GeoMatchConstraintValue_CW :: GeoMatchConstraintValue
- pattern GeoMatchConstraintValue_CX :: GeoMatchConstraintValue
- pattern GeoMatchConstraintValue_CY :: GeoMatchConstraintValue
- pattern GeoMatchConstraintValue_CZ :: GeoMatchConstraintValue
- pattern GeoMatchConstraintValue_DE :: GeoMatchConstraintValue
- pattern GeoMatchConstraintValue_DJ :: GeoMatchConstraintValue
- pattern GeoMatchConstraintValue_DK :: GeoMatchConstraintValue
- pattern GeoMatchConstraintValue_DM :: GeoMatchConstraintValue
- pattern GeoMatchConstraintValue_DO :: GeoMatchConstraintValue
- pattern GeoMatchConstraintValue_DZ :: GeoMatchConstraintValue
- pattern GeoMatchConstraintValue_EC :: GeoMatchConstraintValue
- pattern GeoMatchConstraintValue_EE :: GeoMatchConstraintValue
- pattern GeoMatchConstraintValue_EG :: GeoMatchConstraintValue
- pattern GeoMatchConstraintValue_EH :: GeoMatchConstraintValue
- pattern GeoMatchConstraintValue_ER :: GeoMatchConstraintValue
- pattern GeoMatchConstraintValue_ES :: GeoMatchConstraintValue
- pattern GeoMatchConstraintValue_ET :: GeoMatchConstraintValue
- pattern GeoMatchConstraintValue_FI :: GeoMatchConstraintValue
- pattern GeoMatchConstraintValue_FJ :: GeoMatchConstraintValue
- pattern GeoMatchConstraintValue_FK :: GeoMatchConstraintValue
- pattern GeoMatchConstraintValue_FM :: GeoMatchConstraintValue
- pattern GeoMatchConstraintValue_FO :: GeoMatchConstraintValue
- pattern GeoMatchConstraintValue_FR :: GeoMatchConstraintValue
- pattern GeoMatchConstraintValue_GA :: GeoMatchConstraintValue
- pattern GeoMatchConstraintValue_GB :: GeoMatchConstraintValue
- pattern GeoMatchConstraintValue_GD :: GeoMatchConstraintValue
- pattern GeoMatchConstraintValue_GE :: GeoMatchConstraintValue
- pattern GeoMatchConstraintValue_GF :: GeoMatchConstraintValue
- pattern GeoMatchConstraintValue_GG :: GeoMatchConstraintValue
- pattern GeoMatchConstraintValue_GH :: GeoMatchConstraintValue
- pattern GeoMatchConstraintValue_GI :: GeoMatchConstraintValue
- pattern GeoMatchConstraintValue_GL :: GeoMatchConstraintValue
- pattern GeoMatchConstraintValue_GM :: GeoMatchConstraintValue
- pattern GeoMatchConstraintValue_GN :: GeoMatchConstraintValue
- pattern GeoMatchConstraintValue_GP :: GeoMatchConstraintValue
- pattern GeoMatchConstraintValue_GQ :: GeoMatchConstraintValue
- pattern GeoMatchConstraintValue_GR :: GeoMatchConstraintValue
- pattern GeoMatchConstraintValue_GS :: GeoMatchConstraintValue
- pattern GeoMatchConstraintValue_GT :: GeoMatchConstraintValue
- pattern GeoMatchConstraintValue_GU :: GeoMatchConstraintValue
- pattern GeoMatchConstraintValue_GW :: GeoMatchConstraintValue
- pattern GeoMatchConstraintValue_GY :: GeoMatchConstraintValue
- pattern GeoMatchConstraintValue_HK :: GeoMatchConstraintValue
- pattern GeoMatchConstraintValue_HM :: GeoMatchConstraintValue
- pattern GeoMatchConstraintValue_HN :: GeoMatchConstraintValue
- pattern GeoMatchConstraintValue_HR :: GeoMatchConstraintValue
- pattern GeoMatchConstraintValue_HT :: GeoMatchConstraintValue
- pattern GeoMatchConstraintValue_HU :: GeoMatchConstraintValue
- pattern GeoMatchConstraintValue_ID :: GeoMatchConstraintValue
- pattern GeoMatchConstraintValue_IE :: GeoMatchConstraintValue
- pattern GeoMatchConstraintValue_IL :: GeoMatchConstraintValue
- pattern GeoMatchConstraintValue_IM :: GeoMatchConstraintValue
- pattern GeoMatchConstraintValue_IN :: GeoMatchConstraintValue
- pattern GeoMatchConstraintValue_IO :: GeoMatchConstraintValue
- pattern GeoMatchConstraintValue_IQ :: GeoMatchConstraintValue
- pattern GeoMatchConstraintValue_IR :: GeoMatchConstraintValue
- pattern GeoMatchConstraintValue_IS :: GeoMatchConstraintValue
- pattern GeoMatchConstraintValue_IT :: GeoMatchConstraintValue
- pattern GeoMatchConstraintValue_JE :: GeoMatchConstraintValue
- pattern GeoMatchConstraintValue_JM :: GeoMatchConstraintValue
- pattern GeoMatchConstraintValue_JO :: GeoMatchConstraintValue
- pattern GeoMatchConstraintValue_JP :: GeoMatchConstraintValue
- pattern GeoMatchConstraintValue_KE :: GeoMatchConstraintValue
- pattern GeoMatchConstraintValue_KG :: GeoMatchConstraintValue
- pattern GeoMatchConstraintValue_KH :: GeoMatchConstraintValue
- pattern GeoMatchConstraintValue_KI :: GeoMatchConstraintValue
- pattern GeoMatchConstraintValue_KM :: GeoMatchConstraintValue
- pattern GeoMatchConstraintValue_KN :: GeoMatchConstraintValue
- pattern GeoMatchConstraintValue_KP :: GeoMatchConstraintValue
- pattern GeoMatchConstraintValue_KR :: GeoMatchConstraintValue
- pattern GeoMatchConstraintValue_KW :: GeoMatchConstraintValue
- pattern GeoMatchConstraintValue_KY :: GeoMatchConstraintValue
- pattern GeoMatchConstraintValue_KZ :: GeoMatchConstraintValue
- pattern GeoMatchConstraintValue_LA :: GeoMatchConstraintValue
- pattern GeoMatchConstraintValue_LB :: GeoMatchConstraintValue
- pattern GeoMatchConstraintValue_LC :: GeoMatchConstraintValue
- pattern GeoMatchConstraintValue_LI :: GeoMatchConstraintValue
- pattern GeoMatchConstraintValue_LK :: GeoMatchConstraintValue
- pattern GeoMatchConstraintValue_LR :: GeoMatchConstraintValue
- pattern GeoMatchConstraintValue_LS :: GeoMatchConstraintValue
- pattern GeoMatchConstraintValue_LT :: GeoMatchConstraintValue
- pattern GeoMatchConstraintValue_LU :: GeoMatchConstraintValue
- pattern GeoMatchConstraintValue_LV :: GeoMatchConstraintValue
- pattern GeoMatchConstraintValue_LY :: GeoMatchConstraintValue
- pattern GeoMatchConstraintValue_MA :: GeoMatchConstraintValue
- pattern GeoMatchConstraintValue_MC :: GeoMatchConstraintValue
- pattern GeoMatchConstraintValue_MD :: GeoMatchConstraintValue
- pattern GeoMatchConstraintValue_ME :: GeoMatchConstraintValue
- pattern GeoMatchConstraintValue_MF :: GeoMatchConstraintValue
- pattern GeoMatchConstraintValue_MG :: GeoMatchConstraintValue
- pattern GeoMatchConstraintValue_MH :: GeoMatchConstraintValue
- pattern GeoMatchConstraintValue_MK :: GeoMatchConstraintValue
- pattern GeoMatchConstraintValue_ML :: GeoMatchConstraintValue
- pattern GeoMatchConstraintValue_MM :: GeoMatchConstraintValue
- pattern GeoMatchConstraintValue_MN :: GeoMatchConstraintValue
- pattern GeoMatchConstraintValue_MO :: GeoMatchConstraintValue
- pattern GeoMatchConstraintValue_MP :: GeoMatchConstraintValue
- pattern GeoMatchConstraintValue_MQ :: GeoMatchConstraintValue
- pattern GeoMatchConstraintValue_MR :: GeoMatchConstraintValue
- pattern GeoMatchConstraintValue_MS :: GeoMatchConstraintValue
- pattern GeoMatchConstraintValue_MT :: GeoMatchConstraintValue
- pattern GeoMatchConstraintValue_MU :: GeoMatchConstraintValue
- pattern GeoMatchConstraintValue_MV :: GeoMatchConstraintValue
- pattern GeoMatchConstraintValue_MW :: GeoMatchConstraintValue
- pattern GeoMatchConstraintValue_MX :: GeoMatchConstraintValue
- pattern GeoMatchConstraintValue_MY :: GeoMatchConstraintValue
- pattern GeoMatchConstraintValue_MZ :: GeoMatchConstraintValue
- pattern GeoMatchConstraintValue_NA :: GeoMatchConstraintValue
- pattern GeoMatchConstraintValue_NC :: GeoMatchConstraintValue
- pattern GeoMatchConstraintValue_NE :: GeoMatchConstraintValue
- pattern GeoMatchConstraintValue_NF :: GeoMatchConstraintValue
- pattern GeoMatchConstraintValue_NG :: GeoMatchConstraintValue
- pattern GeoMatchConstraintValue_NI :: GeoMatchConstraintValue
- pattern GeoMatchConstraintValue_NL :: GeoMatchConstraintValue
- pattern GeoMatchConstraintValue_NO :: GeoMatchConstraintValue
- pattern GeoMatchConstraintValue_NP :: GeoMatchConstraintValue
- pattern GeoMatchConstraintValue_NR :: GeoMatchConstraintValue
- pattern GeoMatchConstraintValue_NU :: GeoMatchConstraintValue
- pattern GeoMatchConstraintValue_NZ :: GeoMatchConstraintValue
- pattern GeoMatchConstraintValue_OM :: GeoMatchConstraintValue
- pattern GeoMatchConstraintValue_PA :: GeoMatchConstraintValue
- pattern GeoMatchConstraintValue_PE :: GeoMatchConstraintValue
- pattern GeoMatchConstraintValue_PF :: GeoMatchConstraintValue
- pattern GeoMatchConstraintValue_PG :: GeoMatchConstraintValue
- pattern GeoMatchConstraintValue_PH :: GeoMatchConstraintValue
- pattern GeoMatchConstraintValue_PK :: GeoMatchConstraintValue
- pattern GeoMatchConstraintValue_PL :: GeoMatchConstraintValue
- pattern GeoMatchConstraintValue_PM :: GeoMatchConstraintValue
- pattern GeoMatchConstraintValue_PN :: GeoMatchConstraintValue
- pattern GeoMatchConstraintValue_PR :: GeoMatchConstraintValue
- pattern GeoMatchConstraintValue_PS :: GeoMatchConstraintValue
- pattern GeoMatchConstraintValue_PT :: GeoMatchConstraintValue
- pattern GeoMatchConstraintValue_PW :: GeoMatchConstraintValue
- pattern GeoMatchConstraintValue_PY :: GeoMatchConstraintValue
- pattern GeoMatchConstraintValue_QA :: GeoMatchConstraintValue
- pattern GeoMatchConstraintValue_RE :: GeoMatchConstraintValue
- pattern GeoMatchConstraintValue_RO :: GeoMatchConstraintValue
- pattern GeoMatchConstraintValue_RS :: GeoMatchConstraintValue
- pattern GeoMatchConstraintValue_RU :: GeoMatchConstraintValue
- pattern GeoMatchConstraintValue_RW :: GeoMatchConstraintValue
- pattern GeoMatchConstraintValue_SA :: GeoMatchConstraintValue
- pattern GeoMatchConstraintValue_SB :: GeoMatchConstraintValue
- pattern GeoMatchConstraintValue_SC :: GeoMatchConstraintValue
- pattern GeoMatchConstraintValue_SD :: GeoMatchConstraintValue
- pattern GeoMatchConstraintValue_SE :: GeoMatchConstraintValue
- pattern GeoMatchConstraintValue_SG :: GeoMatchConstraintValue
- pattern GeoMatchConstraintValue_SH :: GeoMatchConstraintValue
- pattern GeoMatchConstraintValue_SI :: GeoMatchConstraintValue
- pattern GeoMatchConstraintValue_SJ :: GeoMatchConstraintValue
- pattern GeoMatchConstraintValue_SK :: GeoMatchConstraintValue
- pattern GeoMatchConstraintValue_SL :: GeoMatchConstraintValue
- pattern GeoMatchConstraintValue_SM :: GeoMatchConstraintValue
- pattern GeoMatchConstraintValue_SN :: GeoMatchConstraintValue
- pattern GeoMatchConstraintValue_SO :: GeoMatchConstraintValue
- pattern GeoMatchConstraintValue_SR :: GeoMatchConstraintValue
- pattern GeoMatchConstraintValue_SS :: GeoMatchConstraintValue
- pattern GeoMatchConstraintValue_ST :: GeoMatchConstraintValue
- pattern GeoMatchConstraintValue_SV :: GeoMatchConstraintValue
- pattern GeoMatchConstraintValue_SX :: GeoMatchConstraintValue
- pattern GeoMatchConstraintValue_SY :: GeoMatchConstraintValue
- pattern GeoMatchConstraintValue_SZ :: GeoMatchConstraintValue
- pattern GeoMatchConstraintValue_TC :: GeoMatchConstraintValue
- pattern GeoMatchConstraintValue_TD :: GeoMatchConstraintValue
- pattern GeoMatchConstraintValue_TF :: GeoMatchConstraintValue
- pattern GeoMatchConstraintValue_TG :: GeoMatchConstraintValue
- pattern GeoMatchConstraintValue_TH :: GeoMatchConstraintValue
- pattern GeoMatchConstraintValue_TJ :: GeoMatchConstraintValue
- pattern GeoMatchConstraintValue_TK :: GeoMatchConstraintValue
- pattern GeoMatchConstraintValue_TL :: GeoMatchConstraintValue
- pattern GeoMatchConstraintValue_TM :: GeoMatchConstraintValue
- pattern GeoMatchConstraintValue_TN :: GeoMatchConstraintValue
- pattern GeoMatchConstraintValue_TO :: GeoMatchConstraintValue
- pattern GeoMatchConstraintValue_TR :: GeoMatchConstraintValue
- pattern GeoMatchConstraintValue_TT :: GeoMatchConstraintValue
- pattern GeoMatchConstraintValue_TV :: GeoMatchConstraintValue
- pattern GeoMatchConstraintValue_TW :: GeoMatchConstraintValue
- pattern GeoMatchConstraintValue_TZ :: GeoMatchConstraintValue
- pattern GeoMatchConstraintValue_UA :: GeoMatchConstraintValue
- pattern GeoMatchConstraintValue_UG :: GeoMatchConstraintValue
- pattern GeoMatchConstraintValue_UM :: GeoMatchConstraintValue
- pattern GeoMatchConstraintValue_US :: GeoMatchConstraintValue
- pattern GeoMatchConstraintValue_UY :: GeoMatchConstraintValue
- pattern GeoMatchConstraintValue_UZ :: GeoMatchConstraintValue
- pattern GeoMatchConstraintValue_VA :: GeoMatchConstraintValue
- pattern GeoMatchConstraintValue_VC :: GeoMatchConstraintValue
- pattern GeoMatchConstraintValue_VE :: GeoMatchConstraintValue
- pattern GeoMatchConstraintValue_VG :: GeoMatchConstraintValue
- pattern GeoMatchConstraintValue_VI :: GeoMatchConstraintValue
- pattern GeoMatchConstraintValue_VN :: GeoMatchConstraintValue
- pattern GeoMatchConstraintValue_VU :: GeoMatchConstraintValue
- pattern GeoMatchConstraintValue_WF :: GeoMatchConstraintValue
- pattern GeoMatchConstraintValue_WS :: GeoMatchConstraintValue
- pattern GeoMatchConstraintValue_YE :: GeoMatchConstraintValue
- pattern GeoMatchConstraintValue_YT :: GeoMatchConstraintValue
- pattern GeoMatchConstraintValue_ZA :: GeoMatchConstraintValue
- pattern GeoMatchConstraintValue_ZM :: GeoMatchConstraintValue
- pattern GeoMatchConstraintValue_ZW :: GeoMatchConstraintValue
- newtype IPSetDescriptorType where
- newtype MatchFieldType where
- MatchFieldType' { }
- pattern MatchFieldType_ALL_QUERY_ARGS :: MatchFieldType
- pattern MatchFieldType_BODY :: MatchFieldType
- pattern MatchFieldType_HEADER :: MatchFieldType
- pattern MatchFieldType_METHOD :: MatchFieldType
- pattern MatchFieldType_QUERY_STRING :: MatchFieldType
- pattern MatchFieldType_SINGLE_QUERY_ARG :: MatchFieldType
- pattern MatchFieldType_URI :: MatchFieldType
- newtype PositionalConstraint where
- PositionalConstraint' { }
- pattern PositionalConstraint_CONTAINS :: PositionalConstraint
- pattern PositionalConstraint_CONTAINS_WORD :: PositionalConstraint
- pattern PositionalConstraint_ENDS_WITH :: PositionalConstraint
- pattern PositionalConstraint_EXACTLY :: PositionalConstraint
- pattern PositionalConstraint_STARTS_WITH :: PositionalConstraint
- newtype PredicateType where
- PredicateType' { }
- pattern PredicateType_ByteMatch :: PredicateType
- pattern PredicateType_GeoMatch :: PredicateType
- pattern PredicateType_IPMatch :: PredicateType
- pattern PredicateType_RegexMatch :: PredicateType
- pattern PredicateType_SizeConstraint :: PredicateType
- pattern PredicateType_SqlInjectionMatch :: PredicateType
- pattern PredicateType_XssMatch :: PredicateType
- newtype RateKey where
- RateKey' {
- fromRateKey :: Text
- pattern RateKey_IP :: RateKey
- RateKey' {
- newtype ResourceType where
- ResourceType' { }
- pattern ResourceType_API_GATEWAY :: ResourceType
- pattern ResourceType_APPLICATION_LOAD_BALANCER :: ResourceType
- newtype TextTransformation where
- TextTransformation' { }
- pattern TextTransformation_CMD_LINE :: TextTransformation
- pattern TextTransformation_COMPRESS_WHITE_SPACE :: TextTransformation
- pattern TextTransformation_HTML_ENTITY_DECODE :: TextTransformation
- pattern TextTransformation_LOWERCASE :: TextTransformation
- pattern TextTransformation_NONE :: TextTransformation
- pattern TextTransformation_URL_DECODE :: TextTransformation
- newtype WafActionType where
- WafActionType' { }
- pattern WafActionType_ALLOW :: WafActionType
- pattern WafActionType_BLOCK :: WafActionType
- pattern WafActionType_COUNT :: WafActionType
- newtype WafOverrideActionType where
- newtype WafRuleType where
- WafRuleType' { }
- pattern WafRuleType_GROUP :: WafRuleType
- pattern WafRuleType_RATE_BASED :: WafRuleType
- pattern WafRuleType_REGULAR :: WafRuleType
- data ActivatedRule = ActivatedRule' {}
- newActivatedRule :: Int -> Text -> ActivatedRule
- activatedRule_overrideAction :: Lens' ActivatedRule (Maybe WafOverrideAction)
- activatedRule_action :: Lens' ActivatedRule (Maybe WafAction)
- activatedRule_excludedRules :: Lens' ActivatedRule (Maybe [ExcludedRule])
- activatedRule_type :: Lens' ActivatedRule (Maybe WafRuleType)
- activatedRule_priority :: Lens' ActivatedRule Int
- activatedRule_ruleId :: Lens' ActivatedRule Text
- data ByteMatchSet = ByteMatchSet' {
- name :: Maybe Text
- byteMatchSetId :: Text
- byteMatchTuples :: [ByteMatchTuple]
- newByteMatchSet :: Text -> ByteMatchSet
- byteMatchSet_name :: Lens' ByteMatchSet (Maybe Text)
- byteMatchSet_byteMatchSetId :: Lens' ByteMatchSet Text
- byteMatchSet_byteMatchTuples :: Lens' ByteMatchSet [ByteMatchTuple]
- data ByteMatchSetSummary = ByteMatchSetSummary' {
- byteMatchSetId :: Text
- name :: Text
- newByteMatchSetSummary :: Text -> Text -> ByteMatchSetSummary
- byteMatchSetSummary_byteMatchSetId :: Lens' ByteMatchSetSummary Text
- byteMatchSetSummary_name :: Lens' ByteMatchSetSummary Text
- data ByteMatchSetUpdate = ByteMatchSetUpdate' {}
- newByteMatchSetUpdate :: ChangeAction -> ByteMatchTuple -> ByteMatchSetUpdate
- byteMatchSetUpdate_action :: Lens' ByteMatchSetUpdate ChangeAction
- byteMatchSetUpdate_byteMatchTuple :: Lens' ByteMatchSetUpdate ByteMatchTuple
- data ByteMatchTuple = ByteMatchTuple' {}
- newByteMatchTuple :: FieldToMatch -> ByteString -> TextTransformation -> PositionalConstraint -> ByteMatchTuple
- byteMatchTuple_fieldToMatch :: Lens' ByteMatchTuple FieldToMatch
- byteMatchTuple_targetString :: Lens' ByteMatchTuple ByteString
- byteMatchTuple_textTransformation :: Lens' ByteMatchTuple TextTransformation
- byteMatchTuple_positionalConstraint :: Lens' ByteMatchTuple PositionalConstraint
- data ExcludedRule = ExcludedRule' {}
- newExcludedRule :: Text -> ExcludedRule
- excludedRule_ruleId :: Lens' ExcludedRule Text
- data FieldToMatch = FieldToMatch' {
- data' :: Maybe Text
- type' :: MatchFieldType
- newFieldToMatch :: MatchFieldType -> FieldToMatch
- fieldToMatch_data :: Lens' FieldToMatch (Maybe Text)
- fieldToMatch_type :: Lens' FieldToMatch MatchFieldType
- data GeoMatchConstraint = GeoMatchConstraint' {}
- newGeoMatchConstraint :: GeoMatchConstraintType -> GeoMatchConstraintValue -> GeoMatchConstraint
- geoMatchConstraint_type :: Lens' GeoMatchConstraint GeoMatchConstraintType
- geoMatchConstraint_value :: Lens' GeoMatchConstraint GeoMatchConstraintValue
- data GeoMatchSet = GeoMatchSet' {}
- newGeoMatchSet :: Text -> GeoMatchSet
- geoMatchSet_name :: Lens' GeoMatchSet (Maybe Text)
- geoMatchSet_geoMatchSetId :: Lens' GeoMatchSet Text
- geoMatchSet_geoMatchConstraints :: Lens' GeoMatchSet [GeoMatchConstraint]
- data GeoMatchSetSummary = GeoMatchSetSummary' {
- geoMatchSetId :: Text
- name :: Text
- newGeoMatchSetSummary :: Text -> Text -> GeoMatchSetSummary
- geoMatchSetSummary_geoMatchSetId :: Lens' GeoMatchSetSummary Text
- geoMatchSetSummary_name :: Lens' GeoMatchSetSummary Text
- data GeoMatchSetUpdate = GeoMatchSetUpdate' {}
- newGeoMatchSetUpdate :: ChangeAction -> GeoMatchConstraint -> GeoMatchSetUpdate
- geoMatchSetUpdate_action :: Lens' GeoMatchSetUpdate ChangeAction
- geoMatchSetUpdate_geoMatchConstraint :: Lens' GeoMatchSetUpdate GeoMatchConstraint
- data HTTPHeader = HTTPHeader' {}
- newHTTPHeader :: HTTPHeader
- hTTPHeader_value :: Lens' HTTPHeader (Maybe Text)
- hTTPHeader_name :: Lens' HTTPHeader (Maybe Text)
- data HTTPRequest = HTTPRequest' {}
- newHTTPRequest :: HTTPRequest
- hTTPRequest_hTTPVersion :: Lens' HTTPRequest (Maybe Text)
- hTTPRequest_country :: Lens' HTTPRequest (Maybe Text)
- hTTPRequest_uri :: Lens' HTTPRequest (Maybe Text)
- hTTPRequest_headers :: Lens' HTTPRequest (Maybe [HTTPHeader])
- hTTPRequest_method :: Lens' HTTPRequest (Maybe Text)
- hTTPRequest_clientIP :: Lens' HTTPRequest (Maybe Text)
- data IPSet = IPSet' {
- name :: Maybe Text
- iPSetId :: Text
- iPSetDescriptors :: [IPSetDescriptor]
- newIPSet :: Text -> IPSet
- iPSet_name :: Lens' IPSet (Maybe Text)
- iPSet_iPSetId :: Lens' IPSet Text
- iPSet_iPSetDescriptors :: Lens' IPSet [IPSetDescriptor]
- data IPSetDescriptor = IPSetDescriptor' {}
- newIPSetDescriptor :: IPSetDescriptorType -> Text -> IPSetDescriptor
- iPSetDescriptor_type :: Lens' IPSetDescriptor IPSetDescriptorType
- iPSetDescriptor_value :: Lens' IPSetDescriptor Text
- data IPSetSummary = IPSetSummary' {}
- newIPSetSummary :: Text -> Text -> IPSetSummary
- iPSetSummary_iPSetId :: Lens' IPSetSummary Text
- iPSetSummary_name :: Lens' IPSetSummary Text
- data IPSetUpdate = IPSetUpdate' {}
- newIPSetUpdate :: ChangeAction -> IPSetDescriptor -> IPSetUpdate
- iPSetUpdate_action :: Lens' IPSetUpdate ChangeAction
- iPSetUpdate_iPSetDescriptor :: Lens' IPSetUpdate IPSetDescriptor
- data LoggingConfiguration = LoggingConfiguration' {}
- newLoggingConfiguration :: Text -> NonEmpty Text -> LoggingConfiguration
- loggingConfiguration_redactedFields :: Lens' LoggingConfiguration (Maybe [FieldToMatch])
- loggingConfiguration_resourceArn :: Lens' LoggingConfiguration Text
- loggingConfiguration_logDestinationConfigs :: Lens' LoggingConfiguration (NonEmpty Text)
- data Predicate = Predicate' {}
- newPredicate :: Bool -> PredicateType -> Text -> Predicate
- predicate_negated :: Lens' Predicate Bool
- predicate_type :: Lens' Predicate PredicateType
- predicate_dataId :: Lens' Predicate Text
- data RateBasedRule = RateBasedRule' {}
- newRateBasedRule :: Text -> RateKey -> Natural -> RateBasedRule
- rateBasedRule_metricName :: Lens' RateBasedRule (Maybe Text)
- rateBasedRule_name :: Lens' RateBasedRule (Maybe Text)
- rateBasedRule_ruleId :: Lens' RateBasedRule Text
- rateBasedRule_matchPredicates :: Lens' RateBasedRule [Predicate]
- rateBasedRule_rateKey :: Lens' RateBasedRule RateKey
- rateBasedRule_rateLimit :: Lens' RateBasedRule Natural
- data RegexMatchSet = RegexMatchSet' {}
- newRegexMatchSet :: RegexMatchSet
- regexMatchSet_name :: Lens' RegexMatchSet (Maybe Text)
- regexMatchSet_regexMatchTuples :: Lens' RegexMatchSet (Maybe [RegexMatchTuple])
- regexMatchSet_regexMatchSetId :: Lens' RegexMatchSet (Maybe Text)
- data RegexMatchSetSummary = RegexMatchSetSummary' {
- regexMatchSetId :: Text
- name :: Text
- newRegexMatchSetSummary :: Text -> Text -> RegexMatchSetSummary
- regexMatchSetSummary_regexMatchSetId :: Lens' RegexMatchSetSummary Text
- regexMatchSetSummary_name :: Lens' RegexMatchSetSummary Text
- data RegexMatchSetUpdate = RegexMatchSetUpdate' {}
- newRegexMatchSetUpdate :: ChangeAction -> RegexMatchTuple -> RegexMatchSetUpdate
- regexMatchSetUpdate_action :: Lens' RegexMatchSetUpdate ChangeAction
- regexMatchSetUpdate_regexMatchTuple :: Lens' RegexMatchSetUpdate RegexMatchTuple
- data RegexMatchTuple = RegexMatchTuple' {}
- newRegexMatchTuple :: FieldToMatch -> TextTransformation -> Text -> RegexMatchTuple
- regexMatchTuple_fieldToMatch :: Lens' RegexMatchTuple FieldToMatch
- regexMatchTuple_textTransformation :: Lens' RegexMatchTuple TextTransformation
- regexMatchTuple_regexPatternSetId :: Lens' RegexMatchTuple Text
- data RegexPatternSet = RegexPatternSet' {
- name :: Maybe Text
- regexPatternSetId :: Text
- regexPatternStrings :: [Text]
- newRegexPatternSet :: Text -> RegexPatternSet
- regexPatternSet_name :: Lens' RegexPatternSet (Maybe Text)
- regexPatternSet_regexPatternSetId :: Lens' RegexPatternSet Text
- regexPatternSet_regexPatternStrings :: Lens' RegexPatternSet [Text]
- data RegexPatternSetSummary = RegexPatternSetSummary' {
- regexPatternSetId :: Text
- name :: Text
- newRegexPatternSetSummary :: Text -> Text -> RegexPatternSetSummary
- regexPatternSetSummary_regexPatternSetId :: Lens' RegexPatternSetSummary Text
- regexPatternSetSummary_name :: Lens' RegexPatternSetSummary Text
- data RegexPatternSetUpdate = RegexPatternSetUpdate' {}
- newRegexPatternSetUpdate :: ChangeAction -> Text -> RegexPatternSetUpdate
- regexPatternSetUpdate_action :: Lens' RegexPatternSetUpdate ChangeAction
- regexPatternSetUpdate_regexPatternString :: Lens' RegexPatternSetUpdate Text
- data Rule = Rule' {
- metricName :: Maybe Text
- name :: Maybe Text
- ruleId :: Text
- predicates :: [Predicate]
- newRule :: Text -> Rule
- rule_metricName :: Lens' Rule (Maybe Text)
- rule_name :: Lens' Rule (Maybe Text)
- rule_ruleId :: Lens' Rule Text
- rule_predicates :: Lens' Rule [Predicate]
- data RuleGroup = RuleGroup' {
- metricName :: Maybe Text
- name :: Maybe Text
- ruleGroupId :: Text
- newRuleGroup :: Text -> RuleGroup
- ruleGroup_metricName :: Lens' RuleGroup (Maybe Text)
- ruleGroup_name :: Lens' RuleGroup (Maybe Text)
- ruleGroup_ruleGroupId :: Lens' RuleGroup Text
- data RuleGroupSummary = RuleGroupSummary' {
- ruleGroupId :: Text
- name :: Text
- newRuleGroupSummary :: Text -> Text -> RuleGroupSummary
- ruleGroupSummary_ruleGroupId :: Lens' RuleGroupSummary Text
- ruleGroupSummary_name :: Lens' RuleGroupSummary Text
- data RuleGroupUpdate = RuleGroupUpdate' {}
- newRuleGroupUpdate :: ChangeAction -> ActivatedRule -> RuleGroupUpdate
- ruleGroupUpdate_action :: Lens' RuleGroupUpdate ChangeAction
- ruleGroupUpdate_activatedRule :: Lens' RuleGroupUpdate ActivatedRule
- data RuleSummary = RuleSummary' {}
- newRuleSummary :: Text -> Text -> RuleSummary
- ruleSummary_ruleId :: Lens' RuleSummary Text
- ruleSummary_name :: Lens' RuleSummary Text
- data RuleUpdate = RuleUpdate' {}
- newRuleUpdate :: ChangeAction -> Predicate -> RuleUpdate
- ruleUpdate_action :: Lens' RuleUpdate ChangeAction
- ruleUpdate_predicate :: Lens' RuleUpdate Predicate
- data SampledHTTPRequest = SampledHTTPRequest' {}
- newSampledHTTPRequest :: HTTPRequest -> Natural -> SampledHTTPRequest
- sampledHTTPRequest_ruleWithinRuleGroup :: Lens' SampledHTTPRequest (Maybe Text)
- sampledHTTPRequest_action :: Lens' SampledHTTPRequest (Maybe Text)
- sampledHTTPRequest_timestamp :: Lens' SampledHTTPRequest (Maybe UTCTime)
- sampledHTTPRequest_request :: Lens' SampledHTTPRequest HTTPRequest
- sampledHTTPRequest_weight :: Lens' SampledHTTPRequest Natural
- data SizeConstraint = SizeConstraint' {}
- newSizeConstraint :: FieldToMatch -> TextTransformation -> ComparisonOperator -> Natural -> SizeConstraint
- sizeConstraint_fieldToMatch :: Lens' SizeConstraint FieldToMatch
- sizeConstraint_textTransformation :: Lens' SizeConstraint TextTransformation
- sizeConstraint_comparisonOperator :: Lens' SizeConstraint ComparisonOperator
- sizeConstraint_size :: Lens' SizeConstraint Natural
- data SizeConstraintSet = SizeConstraintSet' {}
- newSizeConstraintSet :: Text -> SizeConstraintSet
- sizeConstraintSet_name :: Lens' SizeConstraintSet (Maybe Text)
- sizeConstraintSet_sizeConstraintSetId :: Lens' SizeConstraintSet Text
- sizeConstraintSet_sizeConstraints :: Lens' SizeConstraintSet [SizeConstraint]
- data SizeConstraintSetSummary = SizeConstraintSetSummary' {
- sizeConstraintSetId :: Text
- name :: Text
- newSizeConstraintSetSummary :: Text -> Text -> SizeConstraintSetSummary
- sizeConstraintSetSummary_sizeConstraintSetId :: Lens' SizeConstraintSetSummary Text
- sizeConstraintSetSummary_name :: Lens' SizeConstraintSetSummary Text
- data SizeConstraintSetUpdate = SizeConstraintSetUpdate' {}
- newSizeConstraintSetUpdate :: ChangeAction -> SizeConstraint -> SizeConstraintSetUpdate
- sizeConstraintSetUpdate_action :: Lens' SizeConstraintSetUpdate ChangeAction
- sizeConstraintSetUpdate_sizeConstraint :: Lens' SizeConstraintSetUpdate SizeConstraint
- data SqlInjectionMatchSet = SqlInjectionMatchSet' {}
- newSqlInjectionMatchSet :: Text -> SqlInjectionMatchSet
- sqlInjectionMatchSet_name :: Lens' SqlInjectionMatchSet (Maybe Text)
- sqlInjectionMatchSet_sqlInjectionMatchSetId :: Lens' SqlInjectionMatchSet Text
- sqlInjectionMatchSet_sqlInjectionMatchTuples :: Lens' SqlInjectionMatchSet [SqlInjectionMatchTuple]
- data SqlInjectionMatchSetSummary = SqlInjectionMatchSetSummary' {}
- newSqlInjectionMatchSetSummary :: Text -> Text -> SqlInjectionMatchSetSummary
- sqlInjectionMatchSetSummary_sqlInjectionMatchSetId :: Lens' SqlInjectionMatchSetSummary Text
- sqlInjectionMatchSetSummary_name :: Lens' SqlInjectionMatchSetSummary Text
- data SqlInjectionMatchSetUpdate = SqlInjectionMatchSetUpdate' {}
- newSqlInjectionMatchSetUpdate :: ChangeAction -> SqlInjectionMatchTuple -> SqlInjectionMatchSetUpdate
- sqlInjectionMatchSetUpdate_action :: Lens' SqlInjectionMatchSetUpdate ChangeAction
- sqlInjectionMatchSetUpdate_sqlInjectionMatchTuple :: Lens' SqlInjectionMatchSetUpdate SqlInjectionMatchTuple
- data SqlInjectionMatchTuple = SqlInjectionMatchTuple' {}
- newSqlInjectionMatchTuple :: FieldToMatch -> TextTransformation -> SqlInjectionMatchTuple
- sqlInjectionMatchTuple_fieldToMatch :: Lens' SqlInjectionMatchTuple FieldToMatch
- sqlInjectionMatchTuple_textTransformation :: Lens' SqlInjectionMatchTuple TextTransformation
- data SubscribedRuleGroupSummary = SubscribedRuleGroupSummary' {
- ruleGroupId :: Text
- name :: Text
- metricName :: Text
- newSubscribedRuleGroupSummary :: Text -> Text -> Text -> SubscribedRuleGroupSummary
- subscribedRuleGroupSummary_ruleGroupId :: Lens' SubscribedRuleGroupSummary Text
- subscribedRuleGroupSummary_name :: Lens' SubscribedRuleGroupSummary Text
- subscribedRuleGroupSummary_metricName :: Lens' SubscribedRuleGroupSummary Text
- data Tag = Tag' {}
- newTag :: Text -> Text -> Tag
- tag_key :: Lens' Tag Text
- tag_value :: Lens' Tag Text
- data TagInfoForResource = TagInfoForResource' {}
- newTagInfoForResource :: TagInfoForResource
- tagInfoForResource_tagList :: Lens' TagInfoForResource (Maybe (NonEmpty Tag))
- tagInfoForResource_resourceARN :: Lens' TagInfoForResource (Maybe Text)
- data TimeWindow = TimeWindow' {}
- newTimeWindow :: UTCTime -> UTCTime -> TimeWindow
- timeWindow_startTime :: Lens' TimeWindow UTCTime
- timeWindow_endTime :: Lens' TimeWindow UTCTime
- data WafAction = WafAction' {}
- newWafAction :: WafActionType -> WafAction
- wafAction_type :: Lens' WafAction WafActionType
- data WafOverrideAction = WafOverrideAction' {}
- newWafOverrideAction :: WafOverrideActionType -> WafOverrideAction
- wafOverrideAction_type :: Lens' WafOverrideAction WafOverrideActionType
- data WebACL = WebACL' {
- metricName :: Maybe Text
- name :: Maybe Text
- webACLArn :: Maybe Text
- webACLId :: Text
- defaultAction :: WafAction
- rules :: [ActivatedRule]
- newWebACL :: Text -> WafAction -> WebACL
- webACL_metricName :: Lens' WebACL (Maybe Text)
- webACL_name :: Lens' WebACL (Maybe Text)
- webACL_webACLArn :: Lens' WebACL (Maybe Text)
- webACL_webACLId :: Lens' WebACL Text
- webACL_defaultAction :: Lens' WebACL WafAction
- webACL_rules :: Lens' WebACL [ActivatedRule]
- data WebACLSummary = WebACLSummary' {}
- newWebACLSummary :: Text -> Text -> WebACLSummary
- webACLSummary_webACLId :: Lens' WebACLSummary Text
- webACLSummary_name :: Lens' WebACLSummary Text
- data WebACLUpdate = WebACLUpdate' {}
- newWebACLUpdate :: ChangeAction -> ActivatedRule -> WebACLUpdate
- webACLUpdate_action :: Lens' WebACLUpdate ChangeAction
- webACLUpdate_activatedRule :: Lens' WebACLUpdate ActivatedRule
- data XssMatchSet = XssMatchSet' {
- name :: Maybe Text
- xssMatchSetId :: Text
- xssMatchTuples :: [XssMatchTuple]
- newXssMatchSet :: Text -> XssMatchSet
- xssMatchSet_name :: Lens' XssMatchSet (Maybe Text)
- xssMatchSet_xssMatchSetId :: Lens' XssMatchSet Text
- xssMatchSet_xssMatchTuples :: Lens' XssMatchSet [XssMatchTuple]
- data XssMatchSetSummary = XssMatchSetSummary' {
- xssMatchSetId :: Text
- name :: Text
- newXssMatchSetSummary :: Text -> Text -> XssMatchSetSummary
- xssMatchSetSummary_xssMatchSetId :: Lens' XssMatchSetSummary Text
- xssMatchSetSummary_name :: Lens' XssMatchSetSummary Text
- data XssMatchSetUpdate = XssMatchSetUpdate' {}
- newXssMatchSetUpdate :: ChangeAction -> XssMatchTuple -> XssMatchSetUpdate
- xssMatchSetUpdate_action :: Lens' XssMatchSetUpdate ChangeAction
- xssMatchSetUpdate_xssMatchTuple :: Lens' XssMatchSetUpdate XssMatchTuple
- data XssMatchTuple = XssMatchTuple' {}
- newXssMatchTuple :: FieldToMatch -> TextTransformation -> XssMatchTuple
- xssMatchTuple_fieldToMatch :: Lens' XssMatchTuple FieldToMatch
- xssMatchTuple_textTransformation :: Lens' XssMatchTuple TextTransformation
Service Configuration
defaultService :: Service Source #
API version 2016-11-28 of the Amazon WAF Regional SDK configuration.
Errors
_WAFInvalidAccountException :: AsError a => Getting (First ServiceError) a ServiceError Source #
The operation failed because you tried to create, update, or delete an object by using an invalid account identifier.
_WAFSubscriptionNotFoundException :: AsError a => Getting (First ServiceError) a ServiceError Source #
The specified subscription does not exist.
_WAFReferencedItemException :: AsError a => Getting (First ServiceError) a ServiceError Source #
The operation failed because you tried to delete an object that is still in use. For example:
- You tried to delete a
ByteMatchSetthat is still referenced by aRule. - You tried to delete a
Rulethat is still referenced by aWebACL.
_WAFTagOperationException :: AsError a => Getting (First ServiceError) a ServiceError Source #
_WAFEntityMigrationException :: AsError a => Getting (First ServiceError) a ServiceError Source #
The operation failed due to a problem with the migration. The failure
cause is provided in the exception, in the MigrationErrorType:
ENTITY_NOT_SUPPORTED- The web ACL has an unsupported entity but theIgnoreUnsupportedTypeis not set to true.ENTITY_NOT_FOUND- The web ACL doesn't exist.S3_BUCKET_NO_PERMISSION- You don't have permission to perform thePutObjectaction to the specified Amazon S3 bucket.S3_BUCKET_NOT_ACCESSIBLE- The bucket policy doesn't allow AWS WAF to perform thePutObjectaction in the bucket.S3_BUCKET_NOT_FOUND- The S3 bucket doesn't exist.S3_BUCKET_INVALID_REGION- The S3 bucket is not in the same Region as the web ACL.S3_INTERNAL_ERROR- AWS WAF failed to create the template in the S3 bucket for another reason.
_WAFInvalidRegexPatternException :: AsError a => Getting (First ServiceError) a ServiceError Source #
The regular expression (regex) you specified in RegexPatternString is
invalid.
_WAFInvalidOperationException :: AsError a => Getting (First ServiceError) a ServiceError Source #
The operation failed because there was nothing to do. For example:
- You tried to remove a
Rulefrom aWebACL, but theRuleisn't in the specifiedWebACL. - You tried to remove an IP address from an
IPSet, but the IP address isn't in the specifiedIPSet. - You tried to remove a
ByteMatchTuplefrom aByteMatchSet, but theByteMatchTupleisn't in the specifiedWebACL. - You tried to add a
Ruleto aWebACL, but theRulealready exists in the specifiedWebACL. - You tried to add a
ByteMatchTupleto aByteMatchSet, but theByteMatchTuplealready exists in the specifiedWebACL.
_WAFBadRequestException :: AsError a => Getting (First ServiceError) a ServiceError Source #
_WAFNonexistentItemException :: AsError a => Getting (First ServiceError) a ServiceError Source #
The operation failed because the referenced object doesn't exist.
_WAFInvalidParameterException :: AsError a => Getting (First ServiceError) a ServiceError Source #
The operation failed because AWS WAF didn't recognize a parameter in the request. For example:
- You specified an invalid parameter name.
- You specified an invalid value.
- You tried to update an object (
ByteMatchSet,IPSet,Rule, orWebACL) using an action other thanINSERTorDELETE. - You tried to create a
WebACLwith aDefaultActionTypeother thanALLOW,BLOCK, orCOUNT. - You tried to create a
RateBasedRulewith aRateKeyvalue other thanIP. - You tried to update a
WebACLwith aWafActionTypeother thanALLOW,BLOCK, orCOUNT. - You tried to update a
ByteMatchSetwith aFieldToMatchTypeother than HEADER, METHOD, QUERY_STRING, URI, or BODY. - You tried to update a
ByteMatchSetwith aFieldofHEADERbut no value forData. - Your request references an ARN that is malformed, or corresponds to a resource with which a web ACL cannot be associated.
_WAFTagOperationInternalErrorException :: AsError a => Getting (First ServiceError) a ServiceError Source #
_WAFServiceLinkedRoleErrorException :: AsError a => Getting (First ServiceError) a ServiceError Source #
AWS WAF is not able to access the service linked role. This can be
caused by a previous PutLoggingConfiguration request, which can lock
the service linked role for about 20 seconds. Please try your request
again. The service linked role can also be locked by a previous
DeleteServiceLinkedRole request, which can lock the role for 15
minutes or more. If you recently made a DeleteServiceLinkedRole, wait
at least 15 minutes and try the request again. If you receive this same
exception again, you will have to wait additional time until the role is
unlocked.
_WAFLimitsExceededException :: AsError a => Getting (First ServiceError) a ServiceError Source #
The operation exceeds a resource limit, for example, the maximum number
of WebACL objects that you can create for an AWS account. For more
information, see
Limits
in the AWS WAF Developer Guide.
_WAFInvalidPermissionPolicyException :: AsError a => Getting (First ServiceError) a ServiceError Source #
The operation failed because the specified policy is not in the proper format.
The policy is subject to the following restrictions:
- You can attach only one policy with each
PutPermissionPolicyrequest. - The policy must include an
Effect,ActionandPrincipal. Effectmust specifyAllow.- The
Actionin the policy must bewaf:UpdateWebACL,waf-regional:UpdateWebACL,waf:GetRuleGroupandwaf-regional:GetRuleGroup. Any extra or wildcard actions in the policy will be rejected. - The policy cannot include a
Resourceparameter. - The ARN in the request must be a valid WAF RuleGroup ARN and the RuleGroup must exist in the same region.
- The user making the request must be the owner of the RuleGroup.
- Your policy must be composed using IAM Policy version 2012-10-17.
_WAFStaleDataException :: AsError a => Getting (First ServiceError) a ServiceError Source #
The operation failed because you tried to create, update, or delete an object by using a change token that has already been used.
_WAFInternalErrorException :: AsError a => Getting (First ServiceError) a ServiceError Source #
The operation failed because of a system problem, even though the request was valid. Retry your request.
_WAFNonexistentContainerException :: AsError a => Getting (First ServiceError) a ServiceError Source #
The operation failed because you tried to add an object to or delete an object from another object that doesn't exist. For example:
- You tried to add a
Ruleto or delete aRulefrom aWebACLthat doesn't exist. - You tried to add a
ByteMatchSetto or delete aByteMatchSetfrom aRulethat doesn't exist. - You tried to add an IP address to or delete an IP address from an
IPSetthat doesn't exist. - You tried to add a
ByteMatchTupleto or delete aByteMatchTuplefrom aByteMatchSetthat doesn't exist.
_WAFUnavailableEntityException :: AsError a => Getting (First ServiceError) a ServiceError Source #
The operation failed because the entity referenced is temporarily unavailable. Retry your request.
_WAFDisallowedNameException :: AsError a => Getting (First ServiceError) a ServiceError Source #
The name specified is invalid.
_WAFNonEmptyEntityException :: AsError a => Getting (First ServiceError) a ServiceError Source #
The operation failed because you tried to delete an object that isn't empty. For example:
- You tried to delete a
WebACLthat still contains one or moreRuleobjects. - You tried to delete a
Rulethat still contains one or moreByteMatchSetobjects or other predicates. - You tried to delete a
ByteMatchSetthat contains one or moreByteMatchTupleobjects. - You tried to delete an
IPSetthat references one or more IP addresses.
ChangeAction
newtype ChangeAction Source #
Constructors
| ChangeAction' | |
Fields | |
Bundled Patterns
| pattern ChangeAction_DELETE :: ChangeAction | |
| pattern ChangeAction_INSERT :: ChangeAction |
Instances
ChangeTokenStatus
newtype ChangeTokenStatus Source #
Constructors
| ChangeTokenStatus' | |
Fields | |
Bundled Patterns
| pattern ChangeTokenStatus_INSYNC :: ChangeTokenStatus | |
| pattern ChangeTokenStatus_PENDING :: ChangeTokenStatus | |
| pattern ChangeTokenStatus_PROVISIONED :: ChangeTokenStatus |
Instances
ComparisonOperator
newtype ComparisonOperator Source #
Constructors
| ComparisonOperator' | |
Fields | |
Bundled Patterns
| pattern ComparisonOperator_EQ :: ComparisonOperator | |
| pattern ComparisonOperator_GE :: ComparisonOperator | |
| pattern ComparisonOperator_GT :: ComparisonOperator | |
| pattern ComparisonOperator_LE :: ComparisonOperator | |
| pattern ComparisonOperator_LT :: ComparisonOperator | |
| pattern ComparisonOperator_NE :: ComparisonOperator |
Instances
GeoMatchConstraintType
newtype GeoMatchConstraintType Source #
Constructors
| GeoMatchConstraintType' | |
Fields | |
Bundled Patterns
| pattern GeoMatchConstraintType_Country :: GeoMatchConstraintType |
Instances
GeoMatchConstraintValue
newtype GeoMatchConstraintValue Source #
Constructors
| GeoMatchConstraintValue' | |
Fields | |
Bundled Patterns
Instances
IPSetDescriptorType
newtype IPSetDescriptorType Source #
Constructors
| IPSetDescriptorType' | |
Fields | |
Bundled Patterns
| pattern IPSetDescriptorType_IPV4 :: IPSetDescriptorType | |
| pattern IPSetDescriptorType_IPV6 :: IPSetDescriptorType |
Instances
MatchFieldType
newtype MatchFieldType Source #
Constructors
| MatchFieldType' | |
Fields | |
Bundled Patterns
| pattern MatchFieldType_ALL_QUERY_ARGS :: MatchFieldType | |
| pattern MatchFieldType_BODY :: MatchFieldType | |
| pattern MatchFieldType_HEADER :: MatchFieldType | |
| pattern MatchFieldType_METHOD :: MatchFieldType | |
| pattern MatchFieldType_QUERY_STRING :: MatchFieldType | |
| pattern MatchFieldType_SINGLE_QUERY_ARG :: MatchFieldType | |
| pattern MatchFieldType_URI :: MatchFieldType |
Instances
PositionalConstraint
newtype PositionalConstraint Source #
Constructors
| PositionalConstraint' | |
Fields | |
Bundled Patterns
| pattern PositionalConstraint_CONTAINS :: PositionalConstraint | |
| pattern PositionalConstraint_CONTAINS_WORD :: PositionalConstraint | |
| pattern PositionalConstraint_ENDS_WITH :: PositionalConstraint | |
| pattern PositionalConstraint_EXACTLY :: PositionalConstraint | |
| pattern PositionalConstraint_STARTS_WITH :: PositionalConstraint |
Instances
PredicateType
newtype PredicateType Source #
Constructors
| PredicateType' | |
Fields | |
Bundled Patterns
| pattern PredicateType_ByteMatch :: PredicateType | |
| pattern PredicateType_GeoMatch :: PredicateType | |
| pattern PredicateType_IPMatch :: PredicateType | |
| pattern PredicateType_RegexMatch :: PredicateType | |
| pattern PredicateType_SizeConstraint :: PredicateType | |
| pattern PredicateType_SqlInjectionMatch :: PredicateType | |
| pattern PredicateType_XssMatch :: PredicateType |
Instances
RateKey
Constructors
| RateKey' | |
Fields
| |
Bundled Patterns
| pattern RateKey_IP :: RateKey |
Instances
ResourceType
newtype ResourceType Source #
Constructors
| ResourceType' | |
Fields | |
Bundled Patterns
| pattern ResourceType_API_GATEWAY :: ResourceType | |
| pattern ResourceType_APPLICATION_LOAD_BALANCER :: ResourceType |
Instances
TextTransformation
newtype TextTransformation Source #
Constructors
| TextTransformation' | |
Fields | |
Bundled Patterns
| pattern TextTransformation_CMD_LINE :: TextTransformation | |
| pattern TextTransformation_COMPRESS_WHITE_SPACE :: TextTransformation | |
| pattern TextTransformation_HTML_ENTITY_DECODE :: TextTransformation | |
| pattern TextTransformation_LOWERCASE :: TextTransformation | |
| pattern TextTransformation_NONE :: TextTransformation | |
| pattern TextTransformation_URL_DECODE :: TextTransformation |
Instances
WafActionType
newtype WafActionType Source #
Constructors
| WafActionType' | |
Fields | |
Bundled Patterns
| pattern WafActionType_ALLOW :: WafActionType | |
| pattern WafActionType_BLOCK :: WafActionType | |
| pattern WafActionType_COUNT :: WafActionType |
Instances
WafOverrideActionType
newtype WafOverrideActionType Source #
Constructors
| WafOverrideActionType' | |
Fields | |
Bundled Patterns
| pattern WafOverrideActionType_COUNT :: WafOverrideActionType | |
| pattern WafOverrideActionType_NONE :: WafOverrideActionType |
Instances
WafRuleType
newtype WafRuleType Source #
Constructors
| WafRuleType' | |
Fields | |
Bundled Patterns
| pattern WafRuleType_GROUP :: WafRuleType | |
| pattern WafRuleType_RATE_BASED :: WafRuleType | |
| pattern WafRuleType_REGULAR :: WafRuleType |
Instances
ActivatedRule
data ActivatedRule Source #
This is AWS WAF Classic documentation. For more information, see AWS WAF Classic in the developer guide.
For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS WAF Developer Guide. With the latest version, AWS WAF has a single set of endpoints for regional and global use.
The ActivatedRule object in an UpdateWebACL request specifies a Rule
that you want to insert or delete, the priority of the Rule in the
WebACL, and the action that you want AWS WAF to take when a web
request matches the Rule (ALLOW, BLOCK, or COUNT).
To specify whether to insert or delete a Rule, use the Action
parameter in the WebACLUpdate data type.
See: newActivatedRule smart constructor.
Constructors
| ActivatedRule' | |
Fields
| |
Instances
Create a value of ActivatedRule with all optional fields omitted.
Use generic-lens or optics to modify other optional fields.
The following record fields are available, with the corresponding lenses provided for backwards compatibility:
$sel:overrideAction:ActivatedRule', activatedRule_overrideAction - Use the OverrideAction to test your RuleGroup.
Any rule in a RuleGroup can potentially block a request. If you set
the OverrideAction to None, the RuleGroup will block a request if
any individual rule in the RuleGroup matches the request and is
configured to block that request. However if you first want to test the
RuleGroup, set the OverrideAction to Count. The RuleGroup will
then override any block action specified by individual rules contained
within the group. Instead of blocking matching requests, those requests
will be counted. You can view a record of counted requests using
GetSampledRequests.
ActivatedRule|OverrideAction applies only when updating or adding a
RuleGroup to a WebACL. In this case you do not use
ActivatedRule|Action. For all other update requests,
ActivatedRule|Action is used instead of
ActivatedRule|OverrideAction.
$sel:action:ActivatedRule', activatedRule_action - Specifies the action that CloudFront or AWS WAF takes when a web request
matches the conditions in the Rule. Valid values for Action include
the following:
ALLOW: CloudFront responds with the requested object.BLOCK: CloudFront responds with an HTTP 403 (Forbidden) status code.COUNT: AWS WAF increments a counter of requests that match the conditions in the rule and then continues to inspect the web request based on the remaining rules in the web ACL.
ActivatedRule|OverrideAction applies only when updating or adding a
RuleGroup to a WebACL. In this case, you do not use
ActivatedRule|Action. For all other update requests,
ActivatedRule|Action is used instead of
ActivatedRule|OverrideAction.
$sel:excludedRules:ActivatedRule', activatedRule_excludedRules - An array of rules to exclude from a rule group. This is applicable only
when the ActivatedRule refers to a RuleGroup.
Sometimes it is necessary to troubleshoot rule groups that are blocking traffic unexpectedly (false positives). One troubleshooting technique is to identify the specific rule within the rule group that is blocking the legitimate traffic and then disable (exclude) that particular rule. You can exclude rules from both your own rule groups and AWS Marketplace rule groups that have been associated with a web ACL.
Specifying ExcludedRules does not remove those rules from the rule
group. Rather, it changes the action for the rules to COUNT.
Therefore, requests that match an ExcludedRule are counted but not
blocked. The RuleGroup owner will receive COUNT metrics for each
ExcludedRule.
If you want to exclude rules from a rule group that is already associated with a web ACL, perform the following steps:
- Use the AWS WAF logs to identify the IDs of the rules that you want to exclude. For more information about the logs, see Logging Web ACL Traffic Information.
Submit an UpdateWebACL request that has two actions:
- The first action deletes the existing rule group from the web
ACL. That is, in the UpdateWebACL request, the first
Updates:Actionshould beDELETEandUpdates:ActivatedRule:RuleIdshould be the rule group that contains the rules that you want to exclude. - The second action inserts the same rule group back in, but
specifying the rules to exclude. That is, the second
Updates:Actionshould beINSERT,Updates:ActivatedRule:RuleIdshould be the rule group that you just removed, andExcludedRulesshould contain the rules that you want to exclude.
- The first action deletes the existing rule group from the web
ACL. That is, in the UpdateWebACL request, the first
$sel:type':ActivatedRule', activatedRule_type - The rule type, either REGULAR, as defined by Rule, RATE_BASED, as
defined by RateBasedRule, or GROUP, as defined by RuleGroup. The
default is REGULAR. Although this field is optional, be aware that if
you try to add a RATE_BASED rule to a web ACL without setting the type,
the UpdateWebACL request will fail because the request tries to add a
REGULAR rule with the specified ID, which does not exist.
$sel:priority:ActivatedRule', activatedRule_priority - Specifies the order in which the Rules in a WebACL are evaluated.
Rules with a lower value for Priority are evaluated before Rules
with a higher value. The value must be a unique integer. If you add
multiple Rules to a WebACL, the values don't need to be
consecutive.
$sel:ruleId:ActivatedRule', activatedRule_ruleId - The RuleId for a Rule. You use RuleId to get more information
about a Rule (see GetRule), update a Rule (see UpdateRule), insert a
Rule into a WebACL or delete a one from a WebACL (see
UpdateWebACL), or delete a Rule from AWS WAF (see DeleteRule).
RuleId is returned by CreateRule and by ListRules.
activatedRule_overrideAction :: Lens' ActivatedRule (Maybe WafOverrideAction) Source #
Use the OverrideAction to test your RuleGroup.
Any rule in a RuleGroup can potentially block a request. If you set
the OverrideAction to None, the RuleGroup will block a request if
any individual rule in the RuleGroup matches the request and is
configured to block that request. However if you first want to test the
RuleGroup, set the OverrideAction to Count. The RuleGroup will
then override any block action specified by individual rules contained
within the group. Instead of blocking matching requests, those requests
will be counted. You can view a record of counted requests using
GetSampledRequests.
ActivatedRule|OverrideAction applies only when updating or adding a
RuleGroup to a WebACL. In this case you do not use
ActivatedRule|Action. For all other update requests,
ActivatedRule|Action is used instead of
ActivatedRule|OverrideAction.
activatedRule_action :: Lens' ActivatedRule (Maybe WafAction) Source #
Specifies the action that CloudFront or AWS WAF takes when a web request
matches the conditions in the Rule. Valid values for Action include
the following:
ALLOW: CloudFront responds with the requested object.BLOCK: CloudFront responds with an HTTP 403 (Forbidden) status code.COUNT: AWS WAF increments a counter of requests that match the conditions in the rule and then continues to inspect the web request based on the remaining rules in the web ACL.
ActivatedRule|OverrideAction applies only when updating or adding a
RuleGroup to a WebACL. In this case, you do not use
ActivatedRule|Action. For all other update requests,
ActivatedRule|Action is used instead of
ActivatedRule|OverrideAction.
activatedRule_excludedRules :: Lens' ActivatedRule (Maybe [ExcludedRule]) Source #
An array of rules to exclude from a rule group. This is applicable only
when the ActivatedRule refers to a RuleGroup.
Sometimes it is necessary to troubleshoot rule groups that are blocking traffic unexpectedly (false positives). One troubleshooting technique is to identify the specific rule within the rule group that is blocking the legitimate traffic and then disable (exclude) that particular rule. You can exclude rules from both your own rule groups and AWS Marketplace rule groups that have been associated with a web ACL.
Specifying ExcludedRules does not remove those rules from the rule
group. Rather, it changes the action for the rules to COUNT.
Therefore, requests that match an ExcludedRule are counted but not
blocked. The RuleGroup owner will receive COUNT metrics for each
ExcludedRule.
If you want to exclude rules from a rule group that is already associated with a web ACL, perform the following steps:
- Use the AWS WAF logs to identify the IDs of the rules that you want to exclude. For more information about the logs, see Logging Web ACL Traffic Information.
Submit an UpdateWebACL request that has two actions:
- The first action deletes the existing rule group from the web
ACL. That is, in the UpdateWebACL request, the first
Updates:Actionshould beDELETEandUpdates:ActivatedRule:RuleIdshould be the rule group that contains the rules that you want to exclude. - The second action inserts the same rule group back in, but
specifying the rules to exclude. That is, the second
Updates:Actionshould beINSERT,Updates:ActivatedRule:RuleIdshould be the rule group that you just removed, andExcludedRulesshould contain the rules that you want to exclude.
- The first action deletes the existing rule group from the web
ACL. That is, in the UpdateWebACL request, the first
activatedRule_type :: Lens' ActivatedRule (Maybe WafRuleType) Source #
The rule type, either REGULAR, as defined by Rule, RATE_BASED, as
defined by RateBasedRule, or GROUP, as defined by RuleGroup. The
default is REGULAR. Although this field is optional, be aware that if
you try to add a RATE_BASED rule to a web ACL without setting the type,
the UpdateWebACL request will fail because the request tries to add a
REGULAR rule with the specified ID, which does not exist.
activatedRule_priority :: Lens' ActivatedRule Int Source #
Specifies the order in which the Rules in a WebACL are evaluated.
Rules with a lower value for Priority are evaluated before Rules
with a higher value. The value must be a unique integer. If you add
multiple Rules to a WebACL, the values don't need to be
consecutive.
activatedRule_ruleId :: Lens' ActivatedRule Text Source #
The RuleId for a Rule. You use RuleId to get more information
about a Rule (see GetRule), update a Rule (see UpdateRule), insert a
Rule into a WebACL or delete a one from a WebACL (see
UpdateWebACL), or delete a Rule from AWS WAF (see DeleteRule).
RuleId is returned by CreateRule and by ListRules.
ByteMatchSet
data ByteMatchSet Source #
This is AWS WAF Classic documentation. For more information, see AWS WAF Classic in the developer guide.
For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS WAF Developer Guide. With the latest version, AWS WAF has a single set of endpoints for regional and global use.
In a GetByteMatchSet request, ByteMatchSet is a complex type that
contains the ByteMatchSetId and Name of a ByteMatchSet, and the
values that you specified when you updated the ByteMatchSet.
A complex type that contains ByteMatchTuple objects, which specify the
parts of web requests that you want AWS WAF to inspect and the values
that you want AWS WAF to search for. If a ByteMatchSet contains more
than one ByteMatchTuple object, a request needs to match the settings
in only one ByteMatchTuple to be considered a match.
See: newByteMatchSet smart constructor.
Constructors
| ByteMatchSet' | |
Fields
| |
Instances
Arguments
| :: Text | |
| -> ByteMatchSet |
Create a value of ByteMatchSet with all optional fields omitted.
Use generic-lens or optics to modify other optional fields.
The following record fields are available, with the corresponding lenses provided for backwards compatibility:
$sel:name:ByteMatchSet', byteMatchSet_name - A friendly name or description of the ByteMatchSet. You can't change
Name after you create a ByteMatchSet.
$sel:byteMatchSetId:ByteMatchSet', byteMatchSet_byteMatchSetId - The ByteMatchSetId for a ByteMatchSet. You use ByteMatchSetId to
get information about a ByteMatchSet (see GetByteMatchSet), update a
ByteMatchSet (see UpdateByteMatchSet), insert a ByteMatchSet into a
Rule or delete one from a Rule (see UpdateRule), and delete a
ByteMatchSet from AWS WAF (see DeleteByteMatchSet).
ByteMatchSetId is returned by CreateByteMatchSet and by
ListByteMatchSets.
$sel:byteMatchTuples:ByteMatchSet', byteMatchSet_byteMatchTuples - Specifies the bytes (typically a string that corresponds with ASCII
characters) that you want AWS WAF to search for in web requests, the
location in requests that you want AWS WAF to search, and other
settings.
byteMatchSet_name :: Lens' ByteMatchSet (Maybe Text) Source #
A friendly name or description of the ByteMatchSet. You can't change
Name after you create a ByteMatchSet.
byteMatchSet_byteMatchSetId :: Lens' ByteMatchSet Text Source #
The ByteMatchSetId for a ByteMatchSet. You use ByteMatchSetId to
get information about a ByteMatchSet (see GetByteMatchSet), update a
ByteMatchSet (see UpdateByteMatchSet), insert a ByteMatchSet into a
Rule or delete one from a Rule (see UpdateRule), and delete a
ByteMatchSet from AWS WAF (see DeleteByteMatchSet).
ByteMatchSetId is returned by CreateByteMatchSet and by
ListByteMatchSets.
byteMatchSet_byteMatchTuples :: Lens' ByteMatchSet [ByteMatchTuple] Source #
Specifies the bytes (typically a string that corresponds with ASCII characters) that you want AWS WAF to search for in web requests, the location in requests that you want AWS WAF to search, and other settings.
ByteMatchSetSummary
data ByteMatchSetSummary Source #
This is AWS WAF Classic documentation. For more information, see AWS WAF Classic in the developer guide.
For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS WAF Developer Guide. With the latest version, AWS WAF has a single set of endpoints for regional and global use.
Returned by ListByteMatchSets. Each ByteMatchSetSummary object
includes the Name and ByteMatchSetId for one ByteMatchSet.
See: newByteMatchSetSummary smart constructor.
Constructors
| ByteMatchSetSummary' | |
Fields
| |
Instances
newByteMatchSetSummary Source #
Arguments
| :: Text | |
| -> Text | |
| -> ByteMatchSetSummary |
Create a value of ByteMatchSetSummary with all optional fields omitted.
Use generic-lens or optics to modify other optional fields.
The following record fields are available, with the corresponding lenses provided for backwards compatibility:
$sel:byteMatchSetId:ByteMatchSetSummary', byteMatchSetSummary_byteMatchSetId - The ByteMatchSetId for a ByteMatchSet. You use ByteMatchSetId to
get information about a ByteMatchSet, update a ByteMatchSet, remove
a ByteMatchSet from a Rule, and delete a ByteMatchSet from AWS
WAF.
ByteMatchSetId is returned by CreateByteMatchSet and by
ListByteMatchSets.
$sel:name:ByteMatchSetSummary', byteMatchSetSummary_name - A friendly name or description of the ByteMatchSet. You can't change
Name after you create a ByteMatchSet.
byteMatchSetSummary_byteMatchSetId :: Lens' ByteMatchSetSummary Text Source #
The ByteMatchSetId for a ByteMatchSet. You use ByteMatchSetId to
get information about a ByteMatchSet, update a ByteMatchSet, remove
a ByteMatchSet from a Rule, and delete a ByteMatchSet from AWS
WAF.
ByteMatchSetId is returned by CreateByteMatchSet and by
ListByteMatchSets.
byteMatchSetSummary_name :: Lens' ByteMatchSetSummary Text Source #
A friendly name or description of the ByteMatchSet. You can't change
Name after you create a ByteMatchSet.
ByteMatchSetUpdate
data ByteMatchSetUpdate Source #
This is AWS WAF Classic documentation. For more information, see AWS WAF Classic in the developer guide.
For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS WAF Developer Guide. With the latest version, AWS WAF has a single set of endpoints for regional and global use.
In an UpdateByteMatchSet request, ByteMatchSetUpdate specifies whether
to insert or delete a ByteMatchTuple and includes the settings for the
ByteMatchTuple.
See: newByteMatchSetUpdate smart constructor.
Constructors
| ByteMatchSetUpdate' | |
Fields
| |
Instances
newByteMatchSetUpdate Source #
Arguments
| :: ChangeAction | |
| -> ByteMatchTuple | |
| -> ByteMatchSetUpdate |
Create a value of ByteMatchSetUpdate with all optional fields omitted.
Use generic-lens or optics to modify other optional fields.
The following record fields are available, with the corresponding lenses provided for backwards compatibility:
$sel:action:ByteMatchSetUpdate', byteMatchSetUpdate_action - Specifies whether to insert or delete a ByteMatchTuple.
$sel:byteMatchTuple:ByteMatchSetUpdate', byteMatchSetUpdate_byteMatchTuple - Information about the part of a web request that you want AWS WAF to
inspect and the value that you want AWS WAF to search for. If you
specify DELETE for the value of Action, the ByteMatchTuple values
must exactly match the values in the ByteMatchTuple that you want to
delete from the ByteMatchSet.
byteMatchSetUpdate_action :: Lens' ByteMatchSetUpdate ChangeAction Source #
Specifies whether to insert or delete a ByteMatchTuple.
byteMatchSetUpdate_byteMatchTuple :: Lens' ByteMatchSetUpdate ByteMatchTuple Source #
Information about the part of a web request that you want AWS WAF to
inspect and the value that you want AWS WAF to search for. If you
specify DELETE for the value of Action, the ByteMatchTuple values
must exactly match the values in the ByteMatchTuple that you want to
delete from the ByteMatchSet.
ByteMatchTuple
data ByteMatchTuple Source #
This is AWS WAF Classic documentation. For more information, see AWS WAF Classic in the developer guide.
For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS WAF Developer Guide. With the latest version, AWS WAF has a single set of endpoints for regional and global use.
The bytes (typically a string that corresponds with ASCII characters) that you want AWS WAF to search for in web requests, the location in requests that you want AWS WAF to search, and other settings.
See: newByteMatchTuple smart constructor.
Constructors
| ByteMatchTuple' | |
Fields
| |
Instances
Arguments
| :: FieldToMatch | |
| -> ByteString | |
| -> TextTransformation | |
| -> PositionalConstraint | |
| -> ByteMatchTuple |
Create a value of ByteMatchTuple with all optional fields omitted.
Use generic-lens or optics to modify other optional fields.
The following record fields are available, with the corresponding lenses provided for backwards compatibility:
$sel:fieldToMatch:ByteMatchTuple', byteMatchTuple_fieldToMatch - The part of a web request that you want AWS WAF to search, such as a
specified header or a query string. For more information, see
FieldToMatch.
$sel:targetString:ByteMatchTuple', byteMatchTuple_targetString - The value that you want AWS WAF to search for. AWS WAF searches for the
specified string in the part of web requests that you specified in
FieldToMatch. The maximum length of the value is 50 bytes.
Valid values depend on the values that you specified for FieldToMatch:
HEADER: The value that you want AWS WAF to search for in the request header that you specified in FieldToMatch, for example, the value of theUser-AgentorRefererheader.METHOD: The HTTP method, which indicates the type of operation specified in the request. CloudFront supports the following methods:DELETE,GET,HEAD,OPTIONS,PATCH,POST, andPUT.QUERY_STRING: The value that you want AWS WAF to search for in the query string, which is the part of a URL that appears after a?character.URI: The value that you want AWS WAF to search for in the part of a URL that identifies a resource, for example,/images/daily-ad.jpg.BODY: The part of a request that contains any additional data that you want to send to your web server as the HTTP request body, such as data from a form. The request body immediately follows the request headers. Note that only the first8192bytes of the request body are forwarded to AWS WAF for inspection. To allow or block requests based on the length of the body, you can create a size constraint set. For more information, see CreateSizeConstraintSet.SINGLE_QUERY_ARG: The parameter in the query string that you will inspect, such as UserName or SalesRegion. The maximum length forSINGLE_QUERY_ARGis 30 characters.ALL_QUERY_ARGS: Similar toSINGLE_QUERY_ARG, but instead of inspecting a single parameter, AWS WAF inspects all parameters within the query string for the value or regex pattern that you specify inTargetString.
If TargetString includes alphabetic characters A-Z and a-z, note that
the value is case sensitive.
If you're using the AWS WAF API
Specify a base64-encoded version of the value. The maximum length of the value before you base64-encode it is 50 bytes.
For example, suppose the value of Type is HEADER and the value of
Data is User-Agent. If you want to search the User-Agent header
for the value BadBot, you base64-encode BadBot using MIME
base64-encoding and include the resulting value, QmFkQm90, in the
value of TargetString.
If you're using the AWS CLI or one of the AWS SDKs
The value that you want AWS WAF to search for. The SDK automatically
base64 encodes the value.--
-- Note: This Lens automatically encodes and decodes Base64 data.
-- The underlying isomorphism will encode to Base64 representation during
-- serialisation, and decode from Base64 representation during deserialisation.
-- This Lens accepts and returns only raw unencoded data.
$sel:textTransformation:ByteMatchTuple', byteMatchTuple_textTransformation - Text transformations eliminate some of the unusual formatting that
attackers use in web requests in an effort to bypass AWS WAF. If you
specify a transformation, AWS WAF performs the transformation on
FieldToMatch before inspecting it for a match.
You can only specify a single type of TextTransformation.
CMD_LINE
When you're concerned that attackers are injecting an operating system command line command and using unusual formatting to disguise some or all of the command, use this option to perform the following transformations:
- Delete the following characters: \ " ' ^
- Delete spaces before the following characters: / (
- Replace the following characters with a space: , ;
- Replace multiple spaces with one space
- Convert uppercase letters (A-Z) to lowercase (a-z)
COMPRESS_WHITE_SPACE
Use this option to replace the following characters with a space character (decimal 32):
- \f, formfeed, decimal 12
- \t, tab, decimal 9
- \n, newline, decimal 10
- \r, carriage return, decimal 13
- \v, vertical tab, decimal 11
- non-breaking space, decimal 160
COMPRESS_WHITE_SPACE also replaces multiple spaces with one space.
HTML_ENTITY_DECODE
Use this option to replace HTML-encoded characters with unencoded
characters. HTML_ENTITY_DECODE performs the following operations:
- Replaces
(ampersand)quot;with" - Replaces
(ampersand)nbsp;with a non-breaking space, decimal 160 - Replaces
(ampersand)lt;with a "less than" symbol - Replaces
(ampersand)gt;with> - Replaces characters that are represented in hexadecimal format,
(ampersand)#xhhhh;, with the corresponding characters - Replaces characters that are represented in decimal format,
(ampersand)#nnnn;, with the corresponding characters
LOWERCASE
Use this option to convert uppercase letters (A-Z) to lowercase (a-z).
URL_DECODE
Use this option to decode a URL-encoded value.
NONE
Specify NONE if you don't want to perform any text transformations.
$sel:positionalConstraint:ByteMatchTuple', byteMatchTuple_positionalConstraint - Within the portion of a web request that you want to search (for
example, in the query string, if any), specify where you want AWS WAF to
search. Valid values include the following:
CONTAINS
The specified part of the web request must include the value of
TargetString, but the location doesn't matter.
CONTAINS_WORD
The specified part of the web request must include the value of
TargetString, and TargetString must contain only alphanumeric
characters or underscore (A-Z, a-z, 0-9, or _). In addition,
TargetString must be a word, which means one of the following:
TargetStringexactly matches the value of the specified part of the web request, such as the value of a header.TargetStringis at the beginning of the specified part of the web request and is followed by a character other than an alphanumeric character or underscore (_), for example,BadBot;.TargetStringis at the end of the specified part of the web request and is preceded by a character other than an alphanumeric character or underscore (_), for example,;BadBot.TargetStringis in the middle of the specified part of the web request and is preceded and followed by characters other than alphanumeric characters or underscore (_), for example,-BadBot;.
EXACTLY
The value of the specified part of the web request must exactly match
the value of TargetString.
STARTS_WITH
The value of TargetString must appear at the beginning of the
specified part of the web request.
ENDS_WITH
The value of TargetString must appear at the end of the specified part
of the web request.
byteMatchTuple_fieldToMatch :: Lens' ByteMatchTuple FieldToMatch Source #
The part of a web request that you want AWS WAF to search, such as a specified header or a query string. For more information, see FieldToMatch.
byteMatchTuple_targetString :: Lens' ByteMatchTuple ByteString Source #
The value that you want AWS WAF to search for. AWS WAF searches for the
specified string in the part of web requests that you specified in
FieldToMatch. The maximum length of the value is 50 bytes.
Valid values depend on the values that you specified for FieldToMatch:
HEADER: The value that you want AWS WAF to search for in the request header that you specified in FieldToMatch, for example, the value of theUser-AgentorRefererheader.METHOD: The HTTP method, which indicates the type of operation specified in the request. CloudFront supports the following methods:DELETE,GET,HEAD,OPTIONS,PATCH,POST, andPUT.QUERY_STRING: The value that you want AWS WAF to search for in the query string, which is the part of a URL that appears after a?character.URI: The value that you want AWS WAF to search for in the part of a URL that identifies a resource, for example,/images/daily-ad.jpg.BODY: The part of a request that contains any additional data that you want to send to your web server as the HTTP request body, such as data from a form. The request body immediately follows the request headers. Note that only the first8192bytes of the request body are forwarded to AWS WAF for inspection. To allow or block requests based on the length of the body, you can create a size constraint set. For more information, see CreateSizeConstraintSet.SINGLE_QUERY_ARG: The parameter in the query string that you will inspect, such as UserName or SalesRegion. The maximum length forSINGLE_QUERY_ARGis 30 characters.ALL_QUERY_ARGS: Similar toSINGLE_QUERY_ARG, but instead of inspecting a single parameter, AWS WAF inspects all parameters within the query string for the value or regex pattern that you specify inTargetString.
If TargetString includes alphabetic characters A-Z and a-z, note that
the value is case sensitive.
If you're using the AWS WAF API
Specify a base64-encoded version of the value. The maximum length of the value before you base64-encode it is 50 bytes.
For example, suppose the value of Type is HEADER and the value of
Data is User-Agent. If you want to search the User-Agent header
for the value BadBot, you base64-encode BadBot using MIME
base64-encoding and include the resulting value, QmFkQm90, in the
value of TargetString.
If you're using the AWS CLI or one of the AWS SDKs
The value that you want AWS WAF to search for. The SDK automatically
base64 encodes the value.--
-- Note: This Lens automatically encodes and decodes Base64 data.
-- The underlying isomorphism will encode to Base64 representation during
-- serialisation, and decode from Base64 representation during deserialisation.
-- This Lens accepts and returns only raw unencoded data.
byteMatchTuple_textTransformation :: Lens' ByteMatchTuple TextTransformation Source #
Text transformations eliminate some of the unusual formatting that
attackers use in web requests in an effort to bypass AWS WAF. If you
specify a transformation, AWS WAF performs the transformation on
FieldToMatch before inspecting it for a match.
You can only specify a single type of TextTransformation.
CMD_LINE
When you're concerned that attackers are injecting an operating system command line command and using unusual formatting to disguise some or all of the command, use this option to perform the following transformations:
- Delete the following characters: \ " ' ^
- Delete spaces before the following characters: / (
- Replace the following characters with a space: , ;
- Replace multiple spaces with one space
- Convert uppercase letters (A-Z) to lowercase (a-z)
COMPRESS_WHITE_SPACE
Use this option to replace the following characters with a space character (decimal 32):
- \f, formfeed, decimal 12
- \t, tab, decimal 9
- \n, newline, decimal 10
- \r, carriage return, decimal 13
- \v, vertical tab, decimal 11
- non-breaking space, decimal 160
COMPRESS_WHITE_SPACE also replaces multiple spaces with one space.
HTML_ENTITY_DECODE
Use this option to replace HTML-encoded characters with unencoded
characters. HTML_ENTITY_DECODE performs the following operations:
- Replaces
(ampersand)quot;with" - Replaces
(ampersand)nbsp;with a non-breaking space, decimal 160 - Replaces
(ampersand)lt;with a "less than" symbol - Replaces
(ampersand)gt;with> - Replaces characters that are represented in hexadecimal format,
(ampersand)#xhhhh;, with the corresponding characters - Replaces characters that are represented in decimal format,
(ampersand)#nnnn;, with the corresponding characters
LOWERCASE
Use this option to convert uppercase letters (A-Z) to lowercase (a-z).
URL_DECODE
Use this option to decode a URL-encoded value.
NONE
Specify NONE if you don't want to perform any text transformations.
byteMatchTuple_positionalConstraint :: Lens' ByteMatchTuple PositionalConstraint Source #
Within the portion of a web request that you want to search (for example, in the query string, if any), specify where you want AWS WAF to search. Valid values include the following:
CONTAINS
The specified part of the web request must include the value of
TargetString, but the location doesn't matter.
CONTAINS_WORD
The specified part of the web request must include the value of
TargetString, and TargetString must contain only alphanumeric
characters or underscore (A-Z, a-z, 0-9, or _). In addition,
TargetString must be a word, which means one of the following:
TargetStringexactly matches the value of the specified part of the web request, such as the value of a header.TargetStringis at the beginning of the specified part of the web request and is followed by a character other than an alphanumeric character or underscore (_), for example,BadBot;.TargetStringis at the end of the specified part of the web request and is preceded by a character other than an alphanumeric character or underscore (_), for example,;BadBot.TargetStringis in the middle of the specified part of the web request and is preceded and followed by characters other than alphanumeric characters or underscore (_), for example,-BadBot;.
EXACTLY
The value of the specified part of the web request must exactly match
the value of TargetString.
STARTS_WITH
The value of TargetString must appear at the beginning of the
specified part of the web request.
ENDS_WITH
The value of TargetString must appear at the end of the specified part
of the web request.
ExcludedRule
data ExcludedRule Source #
This is AWS WAF Classic documentation. For more information, see AWS WAF Classic in the developer guide.
For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS WAF Developer Guide. With the latest version, AWS WAF has a single set of endpoints for regional and global use.
The rule to exclude from a rule group. This is applicable only when the
ActivatedRule refers to a RuleGroup. The rule must belong to the
RuleGroup that is specified by the ActivatedRule.
See: newExcludedRule smart constructor.
Constructors
| ExcludedRule' | |
Instances
Arguments
| :: Text | |
| -> ExcludedRule |
Create a value of ExcludedRule with all optional fields omitted.
Use generic-lens or optics to modify other optional fields.
The following record fields are available, with the corresponding lenses provided for backwards compatibility:
$sel:ruleId:ExcludedRule', excludedRule_ruleId - The unique identifier for the rule to exclude from the rule group.
excludedRule_ruleId :: Lens' ExcludedRule Text Source #
The unique identifier for the rule to exclude from the rule group.
FieldToMatch
data FieldToMatch Source #
This is AWS WAF Classic documentation. For more information, see AWS WAF Classic in the developer guide.
For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS WAF Developer Guide. With the latest version, AWS WAF has a single set of endpoints for regional and global use.
Specifies where in a web request to look for TargetString.
See: newFieldToMatch smart constructor.
Constructors
| FieldToMatch' | |
Fields
| |
Instances
Arguments
| :: MatchFieldType | |
| -> FieldToMatch |
Create a value of FieldToMatch with all optional fields omitted.
Use generic-lens or optics to modify other optional fields.
The following record fields are available, with the corresponding lenses provided for backwards compatibility:
$sel:data':FieldToMatch', fieldToMatch_data - When the value of Type is HEADER, enter the name of the header that
you want AWS WAF to search, for example, User-Agent or Referer. The
name of the header is not case sensitive.
When the value of Type is SINGLE_QUERY_ARG, enter the name of the
parameter that you want AWS WAF to search, for example, UserName or
SalesRegion. The parameter name is not case sensitive.
If the value of Type is any other value, omit Data.
$sel:type':FieldToMatch', fieldToMatch_type - The part of the web request that you want AWS WAF to search for a
specified string. Parts of a request that you can search include the
following:
HEADER: A specified request header, for example, the value of theUser-AgentorRefererheader. If you chooseHEADERfor the type, specify the name of the header inData.METHOD: The HTTP method, which indicated the type of operation that the request is asking the origin to perform. Amazon CloudFront supports the following methods:DELETE,GET,HEAD,OPTIONS,PATCH,POST, andPUT.QUERY_STRING: A query string, which is the part of a URL that appears after a?character, if any.URI: The part of a web request that identifies a resource, for example,/images/daily-ad.jpg.BODY: The part of a request that contains any additional data that you want to send to your web server as the HTTP request body, such as data from a form. The request body immediately follows the request headers. Note that only the first8192bytes of the request body are forwarded to AWS WAF for inspection. To allow or block requests based on the length of the body, you can create a size constraint set. For more information, see CreateSizeConstraintSet.SINGLE_QUERY_ARG: The parameter in the query string that you will inspect, such as UserName or SalesRegion. The maximum length forSINGLE_QUERY_ARGis 30 characters.ALL_QUERY_ARGS: Similar toSINGLE_QUERY_ARG, but rather than inspecting a single parameter, AWS WAF will inspect all parameters within the query for the value or regex pattern that you specify inTargetString.
fieldToMatch_data :: Lens' FieldToMatch (Maybe Text) Source #
When the value of Type is HEADER, enter the name of the header that
you want AWS WAF to search, for example, User-Agent or Referer. The
name of the header is not case sensitive.
When the value of Type is SINGLE_QUERY_ARG, enter the name of the
parameter that you want AWS WAF to search, for example, UserName or
SalesRegion. The parameter name is not case sensitive.
If the value of Type is any other value, omit Data.
fieldToMatch_type :: Lens' FieldToMatch MatchFieldType Source #
The part of the web request that you want AWS WAF to search for a specified string. Parts of a request that you can search include the following:
HEADER: A specified request header, for example, the value of theUser-AgentorRefererheader. If you chooseHEADERfor the type, specify the name of the header inData.METHOD: The HTTP method, which indicated the type of operation that the request is asking the origin to perform. Amazon CloudFront supports the following methods:DELETE,GET,HEAD,OPTIONS,PATCH,POST, andPUT.QUERY_STRING: A query string, which is the part of a URL that appears after a?character, if any.URI: The part of a web request that identifies a resource, for example,/images/daily-ad.jpg.BODY: The part of a request that contains any additional data that you want to send to your web server as the HTTP request body, such as data from a form. The request body immediately follows the request headers. Note that only the first8192bytes of the request body are forwarded to AWS WAF for inspection. To allow or block requests based on the length of the body, you can create a size constraint set. For more information, see CreateSizeConstraintSet.SINGLE_QUERY_ARG: The parameter in the query string that you will inspect, such as UserName or SalesRegion. The maximum length forSINGLE_QUERY_ARGis 30 characters.ALL_QUERY_ARGS: Similar toSINGLE_QUERY_ARG, but rather than inspecting a single parameter, AWS WAF will inspect all parameters within the query for the value or regex pattern that you specify inTargetString.
GeoMatchConstraint
data GeoMatchConstraint Source #
This is AWS WAF Classic documentation. For more information, see AWS WAF Classic in the developer guide.
For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS WAF Developer Guide. With the latest version, AWS WAF has a single set of endpoints for regional and global use.
The country from which web requests originate that you want AWS WAF to search for.
See: newGeoMatchConstraint smart constructor.
Constructors
| GeoMatchConstraint' | |
Fields
| |
Instances
newGeoMatchConstraint Source #
Arguments
| :: GeoMatchConstraintType | |
| -> GeoMatchConstraintValue | |
| -> GeoMatchConstraint |
Create a value of GeoMatchConstraint with all optional fields omitted.
Use generic-lens or optics to modify other optional fields.
The following record fields are available, with the corresponding lenses provided for backwards compatibility:
$sel:type':GeoMatchConstraint', geoMatchConstraint_type - The type of geographical area you want AWS WAF to search for. Currently
Country is the only valid value.
$sel:value:GeoMatchConstraint', geoMatchConstraint_value - The country that you want AWS WAF to search for.
geoMatchConstraint_type :: Lens' GeoMatchConstraint GeoMatchConstraintType Source #
The type of geographical area you want AWS WAF to search for. Currently
Country is the only valid value.
geoMatchConstraint_value :: Lens' GeoMatchConstraint GeoMatchConstraintValue Source #
The country that you want AWS WAF to search for.
GeoMatchSet
data GeoMatchSet Source #
This is AWS WAF Classic documentation. For more information, see AWS WAF Classic in the developer guide.
For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS WAF Developer Guide. With the latest version, AWS WAF has a single set of endpoints for regional and global use.
Contains one or more countries that AWS WAF will search for.
See: newGeoMatchSet smart constructor.
Constructors
| GeoMatchSet' | |
Fields
| |
Instances
Arguments
| :: Text | |
| -> GeoMatchSet |
Create a value of GeoMatchSet with all optional fields omitted.
Use generic-lens or optics to modify other optional fields.
The following record fields are available, with the corresponding lenses provided for backwards compatibility:
$sel:name:GeoMatchSet', geoMatchSet_name - A friendly name or description of the GeoMatchSet. You can't change the
name of an GeoMatchSet after you create it.
$sel:geoMatchSetId:GeoMatchSet', geoMatchSet_geoMatchSetId - The GeoMatchSetId for an GeoMatchSet. You use GeoMatchSetId to get
information about a GeoMatchSet (see GeoMatchSet), update a
GeoMatchSet (see UpdateGeoMatchSet), insert a GeoMatchSet into a
Rule or delete one from a Rule (see UpdateRule), and delete a
GeoMatchSet from AWS WAF (see DeleteGeoMatchSet).
GeoMatchSetId is returned by CreateGeoMatchSet and by
ListGeoMatchSets.
$sel:geoMatchConstraints:GeoMatchSet', geoMatchSet_geoMatchConstraints - An array of GeoMatchConstraint objects, which contain the country that
you want AWS WAF to search for.
geoMatchSet_name :: Lens' GeoMatchSet (Maybe Text) Source #
A friendly name or description of the GeoMatchSet. You can't change the
name of an GeoMatchSet after you create it.
geoMatchSet_geoMatchSetId :: Lens' GeoMatchSet Text Source #
The GeoMatchSetId for an GeoMatchSet. You use GeoMatchSetId to get
information about a GeoMatchSet (see GeoMatchSet), update a
GeoMatchSet (see UpdateGeoMatchSet), insert a GeoMatchSet into a
Rule or delete one from a Rule (see UpdateRule), and delete a
GeoMatchSet from AWS WAF (see DeleteGeoMatchSet).
GeoMatchSetId is returned by CreateGeoMatchSet and by
ListGeoMatchSets.
geoMatchSet_geoMatchConstraints :: Lens' GeoMatchSet [GeoMatchConstraint] Source #
An array of GeoMatchConstraint objects, which contain the country that you want AWS WAF to search for.
GeoMatchSetSummary
data GeoMatchSetSummary Source #
This is AWS WAF Classic documentation. For more information, see AWS WAF Classic in the developer guide.
For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS WAF Developer Guide. With the latest version, AWS WAF has a single set of endpoints for regional and global use.
Contains the identifier and the name of the GeoMatchSet.
See: newGeoMatchSetSummary smart constructor.
Constructors
| GeoMatchSetSummary' | |
Fields
| |
Instances
newGeoMatchSetSummary Source #
Arguments
| :: Text | |
| -> Text | |
| -> GeoMatchSetSummary |
Create a value of GeoMatchSetSummary with all optional fields omitted.
Use generic-lens or optics to modify other optional fields.
The following record fields are available, with the corresponding lenses provided for backwards compatibility:
$sel:geoMatchSetId:GeoMatchSetSummary', geoMatchSetSummary_geoMatchSetId - The GeoMatchSetId for an GeoMatchSet. You can use GeoMatchSetId in a
GetGeoMatchSet request to get detailed information about an GeoMatchSet.
$sel:name:GeoMatchSetSummary', geoMatchSetSummary_name - A friendly name or description of the GeoMatchSet. You can't change the
name of an GeoMatchSet after you create it.
geoMatchSetSummary_geoMatchSetId :: Lens' GeoMatchSetSummary Text Source #
The GeoMatchSetId for an GeoMatchSet. You can use GeoMatchSetId in a
GetGeoMatchSet request to get detailed information about an GeoMatchSet.
geoMatchSetSummary_name :: Lens' GeoMatchSetSummary Text Source #
A friendly name or description of the GeoMatchSet. You can't change the
name of an GeoMatchSet after you create it.
GeoMatchSetUpdate
data GeoMatchSetUpdate Source #
This is AWS WAF Classic documentation. For more information, see AWS WAF Classic in the developer guide.
For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS WAF Developer Guide. With the latest version, AWS WAF has a single set of endpoints for regional and global use.
Specifies the type of update to perform to an GeoMatchSet with UpdateGeoMatchSet.
See: newGeoMatchSetUpdate smart constructor.
Constructors
| GeoMatchSetUpdate' | |
Fields
| |
Instances
Arguments
| :: ChangeAction | |
| -> GeoMatchConstraint | |
| -> GeoMatchSetUpdate |
Create a value of GeoMatchSetUpdate with all optional fields omitted.
Use generic-lens or optics to modify other optional fields.
The following record fields are available, with the corresponding lenses provided for backwards compatibility:
$sel:action:GeoMatchSetUpdate', geoMatchSetUpdate_action - Specifies whether to insert or delete a country with UpdateGeoMatchSet.
$sel:geoMatchConstraint:GeoMatchSetUpdate', geoMatchSetUpdate_geoMatchConstraint - The country from which web requests originate that you want AWS WAF to
search for.
geoMatchSetUpdate_action :: Lens' GeoMatchSetUpdate ChangeAction Source #
Specifies whether to insert or delete a country with UpdateGeoMatchSet.
geoMatchSetUpdate_geoMatchConstraint :: Lens' GeoMatchSetUpdate GeoMatchConstraint Source #
The country from which web requests originate that you want AWS WAF to search for.
HTTPHeader
data HTTPHeader Source #
This is AWS WAF Classic documentation. For more information, see AWS WAF Classic in the developer guide.
For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS WAF Developer Guide. With the latest version, AWS WAF has a single set of endpoints for regional and global use.
The response from a GetSampledRequests request includes an HTTPHeader
complex type that appears as Headers in the response syntax.
HTTPHeader contains the names and values of all of the headers that
appear in one of the web requests that were returned by
GetSampledRequests.
See: newHTTPHeader smart constructor.
Constructors
| HTTPHeader' | |
Instances
newHTTPHeader :: HTTPHeader Source #
Create a value of HTTPHeader with all optional fields omitted.
Use generic-lens or optics to modify other optional fields.
The following record fields are available, with the corresponding lenses provided for backwards compatibility:
$sel:value:HTTPHeader', hTTPHeader_value - The value of one of the headers in the sampled web request.
$sel:name:HTTPHeader', hTTPHeader_name - The name of one of the headers in the sampled web request.
hTTPHeader_value :: Lens' HTTPHeader (Maybe Text) Source #
The value of one of the headers in the sampled web request.
hTTPHeader_name :: Lens' HTTPHeader (Maybe Text) Source #
The name of one of the headers in the sampled web request.
HTTPRequest
data HTTPRequest Source #
This is AWS WAF Classic documentation. For more information, see AWS WAF Classic in the developer guide.
For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS WAF Developer Guide. With the latest version, AWS WAF has a single set of endpoints for regional and global use.
The response from a GetSampledRequests request includes an HTTPRequest
complex type that appears as Request in the response syntax.
HTTPRequest contains information about one of the web requests that
were returned by GetSampledRequests.
See: newHTTPRequest smart constructor.
Constructors
| HTTPRequest' | |
Fields
| |
Instances
newHTTPRequest :: HTTPRequest Source #
Create a value of HTTPRequest with all optional fields omitted.
Use generic-lens or optics to modify other optional fields.
The following record fields are available, with the corresponding lenses provided for backwards compatibility:
$sel:hTTPVersion:HTTPRequest', hTTPRequest_hTTPVersion - The HTTP version specified in the sampled web request, for example,
HTTP/1.1.
$sel:country:HTTPRequest', hTTPRequest_country - The two-letter country code for the country that the request originated
from. For a current list of country codes, see the Wikipedia entry
ISO 3166-1 alpha-2.
$sel:uri:HTTPRequest', hTTPRequest_uri - The part of a web request that identifies the resource, for example,
/images/daily-ad.jpg.
$sel:headers:HTTPRequest', hTTPRequest_headers - A complex type that contains two values for each header in the sampled
web request: the name of the header and the value of the header.
$sel:method:HTTPRequest', hTTPRequest_method - The HTTP method specified in the sampled web request. CloudFront
supports the following methods: DELETE, GET, HEAD, OPTIONS,
PATCH, POST, and PUT.
$sel:clientIP:HTTPRequest', hTTPRequest_clientIP - The IP address that the request originated from. If the WebACL is
associated with a CloudFront distribution, this is the value of one of
the following fields in CloudFront access logs:
c-ip, if the viewer did not use an HTTP proxy or a load balancer to send the requestx-forwarded-for, if the viewer did use an HTTP proxy or a load balancer to send the request
hTTPRequest_hTTPVersion :: Lens' HTTPRequest (Maybe Text) Source #
The HTTP version specified in the sampled web request, for example,
HTTP/1.1.
hTTPRequest_country :: Lens' HTTPRequest (Maybe Text) Source #
The two-letter country code for the country that the request originated from. For a current list of country codes, see the Wikipedia entry ISO 3166-1 alpha-2.
hTTPRequest_uri :: Lens' HTTPRequest (Maybe Text) Source #
The part of a web request that identifies the resource, for example,
/images/daily-ad.jpg.
hTTPRequest_headers :: Lens' HTTPRequest (Maybe [HTTPHeader]) Source #
A complex type that contains two values for each header in the sampled web request: the name of the header and the value of the header.
hTTPRequest_method :: Lens' HTTPRequest (Maybe Text) Source #
The HTTP method specified in the sampled web request. CloudFront
supports the following methods: DELETE, GET, HEAD, OPTIONS,
PATCH, POST, and PUT.
hTTPRequest_clientIP :: Lens' HTTPRequest (Maybe Text) Source #
The IP address that the request originated from. If the WebACL is
associated with a CloudFront distribution, this is the value of one of
the following fields in CloudFront access logs:
c-ip, if the viewer did not use an HTTP proxy or a load balancer to send the requestx-forwarded-for, if the viewer did use an HTTP proxy or a load balancer to send the request
IPSet
This is AWS WAF Classic documentation. For more information, see AWS WAF Classic in the developer guide.
For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS WAF Developer Guide. With the latest version, AWS WAF has a single set of endpoints for regional and global use.
Contains one or more IP addresses or blocks of IP addresses specified in Classless Inter-Domain Routing (CIDR) notation. AWS WAF supports IPv4 address ranges: /8 and any range between /16 through /32. AWS WAF supports IPv6 address ranges: /24, /32, /48, /56, /64, and /128.
To specify an individual IP address, you specify the four-part IP
address followed by a /32, for example, 192.0.2.0/32. To block a
range of IP addresses, you can specify /8 or any range between /16
through /32 (for IPv4) or /24, /32, /48, /56, /64, or /128 (for
IPv6). For more information about CIDR notation, see the Wikipedia entry
Classless Inter-Domain Routing.
See: newIPSet smart constructor.
Constructors
| IPSet' | |
Fields
| |
Instances
| Eq IPSet Source # | |
| Read IPSet Source # | |
| Show IPSet Source # | |
| Generic IPSet Source # | |
| NFData IPSet Source # | |
Defined in Amazonka.WAFRegional.Types.IPSet | |
| Hashable IPSet Source # | |
Defined in Amazonka.WAFRegional.Types.IPSet | |
| FromJSON IPSet Source # | |
| type Rep IPSet Source # | |
Defined in Amazonka.WAFRegional.Types.IPSet type Rep IPSet = D1 ('MetaData "IPSet" "Amazonka.WAFRegional.Types.IPSet" "libZSservicesZSamazonka-waf-regionalZSamazonka-waf-regional" 'False) (C1 ('MetaCons "IPSet'" 'PrefixI 'True) (S1 ('MetaSel ('Just "name") 'NoSourceUnpackedness 'NoSourceStrictness 'DecidedStrict) (Rec0 (Maybe Text)) :*: (S1 ('MetaSel ('Just "iPSetId") 'NoSourceUnpackedness 'NoSourceStrictness 'DecidedStrict) (Rec0 Text) :*: S1 ('MetaSel ('Just "iPSetDescriptors") 'NoSourceUnpackedness 'NoSourceStrictness 'DecidedStrict) (Rec0 [IPSetDescriptor])))) | |
Create a value of IPSet with all optional fields omitted.
Use generic-lens or optics to modify other optional fields.
The following record fields are available, with the corresponding lenses provided for backwards compatibility:
$sel:name:IPSet', iPSet_name - A friendly name or description of the IPSet. You can't change the name
of an IPSet after you create it.
$sel:iPSetId:IPSet', iPSet_iPSetId - The IPSetId for an IPSet. You use IPSetId to get information about
an IPSet (see GetIPSet), update an IPSet (see UpdateIPSet), insert
an IPSet into a Rule or delete one from a Rule (see UpdateRule),
and delete an IPSet from AWS WAF (see DeleteIPSet).
IPSetId is returned by CreateIPSet and by ListIPSets.
$sel:iPSetDescriptors:IPSet', iPSet_iPSetDescriptors - The IP address type (IPV4 or IPV6) and the IP address range (in CIDR
notation) that web requests originate from. If the WebACL is
associated with a CloudFront distribution and the viewer did not use an
HTTP proxy or a load balancer to send the request, this is the value of
the c-ip field in the CloudFront access logs.
iPSet_name :: Lens' IPSet (Maybe Text) Source #
A friendly name or description of the IPSet. You can't change the name
of an IPSet after you create it.
iPSet_iPSetId :: Lens' IPSet Text Source #
The IPSetId for an IPSet. You use IPSetId to get information about
an IPSet (see GetIPSet), update an IPSet (see UpdateIPSet), insert
an IPSet into a Rule or delete one from a Rule (see UpdateRule),
and delete an IPSet from AWS WAF (see DeleteIPSet).
IPSetId is returned by CreateIPSet and by ListIPSets.
iPSet_iPSetDescriptors :: Lens' IPSet [IPSetDescriptor] Source #
The IP address type (IPV4 or IPV6) and the IP address range (in CIDR
notation) that web requests originate from. If the WebACL is
associated with a CloudFront distribution and the viewer did not use an
HTTP proxy or a load balancer to send the request, this is the value of
the c-ip field in the CloudFront access logs.
IPSetDescriptor
data IPSetDescriptor Source #
This is AWS WAF Classic documentation. For more information, see AWS WAF Classic in the developer guide.
For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS WAF Developer Guide. With the latest version, AWS WAF has a single set of endpoints for regional and global use.
Specifies the IP address type (IPV4 or IPV6) and the IP address
range (in CIDR format) that web requests originate from.
See: newIPSetDescriptor smart constructor.
Constructors
| IPSetDescriptor' | |
Fields
| |
Instances
Arguments
| :: IPSetDescriptorType | |
| -> Text | |
| -> IPSetDescriptor |
Create a value of IPSetDescriptor with all optional fields omitted.
Use generic-lens or optics to modify other optional fields.
The following record fields are available, with the corresponding lenses provided for backwards compatibility:
$sel:type':IPSetDescriptor', iPSetDescriptor_type - Specify IPV4 or IPV6.
$sel:value:IPSetDescriptor', iPSetDescriptor_value - Specify an IPv4 address by using CIDR notation. For example:
- To configure AWS WAF to allow, block, or count requests that
originated from the IP address 192.0.2.44, specify
192.0.2.44/32. - To configure AWS WAF to allow, block, or count requests that
originated from IP addresses from 192.0.2.0 to 192.0.2.255, specify
192.0.2.0/24.
For more information about CIDR notation, see the Wikipedia entry Classless Inter-Domain Routing.
Specify an IPv6 address by using CIDR notation. For example:
- To configure AWS WAF to allow, block, or count requests that
originated from the IP address
1111:0000:0000:0000:0000:0000:0000:0111, specify
1111:0000:0000:0000:0000:0000:0000:0111/128. - To configure AWS WAF to allow, block, or count requests that
originated from IP addresses 1111:0000:0000:0000:0000:0000:0000:0000
to 1111:0000:0000:0000:ffff:ffff:ffff:ffff, specify
1111:0000:0000:0000:0000:0000:0000:0000/64.
iPSetDescriptor_type :: Lens' IPSetDescriptor IPSetDescriptorType Source #
Specify IPV4 or IPV6.
iPSetDescriptor_value :: Lens' IPSetDescriptor Text Source #
Specify an IPv4 address by using CIDR notation. For example:
- To configure AWS WAF to allow, block, or count requests that
originated from the IP address 192.0.2.44, specify
192.0.2.44/32. - To configure AWS WAF to allow, block, or count requests that
originated from IP addresses from 192.0.2.0 to 192.0.2.255, specify
192.0.2.0/24.
For more information about CIDR notation, see the Wikipedia entry Classless Inter-Domain Routing.
Specify an IPv6 address by using CIDR notation. For example:
- To configure AWS WAF to allow, block, or count requests that
originated from the IP address
1111:0000:0000:0000:0000:0000:0000:0111, specify
1111:0000:0000:0000:0000:0000:0000:0111/128. - To configure AWS WAF to allow, block, or count requests that
originated from IP addresses 1111:0000:0000:0000:0000:0000:0000:0000
to 1111:0000:0000:0000:ffff:ffff:ffff:ffff, specify
1111:0000:0000:0000:0000:0000:0000:0000/64.
IPSetSummary
data IPSetSummary Source #
This is AWS WAF Classic documentation. For more information, see AWS WAF Classic in the developer guide.
For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS WAF Developer Guide. With the latest version, AWS WAF has a single set of endpoints for regional and global use.
Contains the identifier and the name of the IPSet.
See: newIPSetSummary smart constructor.
Constructors
| IPSetSummary' | |
Instances
Arguments
| :: Text | |
| -> Text | |
| -> IPSetSummary |
Create a value of IPSetSummary with all optional fields omitted.
Use generic-lens or optics to modify other optional fields.
The following record fields are available, with the corresponding lenses provided for backwards compatibility:
$sel:iPSetId:IPSetSummary', iPSetSummary_iPSetId - The IPSetId for an IPSet. You can use IPSetId in a GetIPSet request
to get detailed information about an IPSet.
$sel:name:IPSetSummary', iPSetSummary_name - A friendly name or description of the IPSet. You can't change the name
of an IPSet after you create it.
iPSetSummary_iPSetId :: Lens' IPSetSummary Text Source #
The IPSetId for an IPSet. You can use IPSetId in a GetIPSet request
to get detailed information about an IPSet.
iPSetSummary_name :: Lens' IPSetSummary Text Source #
A friendly name or description of the IPSet. You can't change the name
of an IPSet after you create it.
IPSetUpdate
data IPSetUpdate Source #
This is AWS WAF Classic documentation. For more information, see AWS WAF Classic in the developer guide.
For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS WAF Developer Guide. With the latest version, AWS WAF has a single set of endpoints for regional and global use.
Specifies the type of update to perform to an IPSet with UpdateIPSet.
See: newIPSetUpdate smart constructor.
Constructors
| IPSetUpdate' | |
Fields
| |
Instances
Arguments
| :: ChangeAction | |
| -> IPSetDescriptor | |
| -> IPSetUpdate |
Create a value of IPSetUpdate with all optional fields omitted.
Use generic-lens or optics to modify other optional fields.
The following record fields are available, with the corresponding lenses provided for backwards compatibility:
$sel:action:IPSetUpdate', iPSetUpdate_action - Specifies whether to insert or delete an IP address with UpdateIPSet.
$sel:iPSetDescriptor:IPSetUpdate', iPSetUpdate_iPSetDescriptor - The IP address type (IPV4 or IPV6) and the IP address range (in CIDR
notation) that web requests originate from.
iPSetUpdate_action :: Lens' IPSetUpdate ChangeAction Source #
Specifies whether to insert or delete an IP address with UpdateIPSet.
iPSetUpdate_iPSetDescriptor :: Lens' IPSetUpdate IPSetDescriptor Source #
The IP address type (IPV4 or IPV6) and the IP address range (in CIDR
notation) that web requests originate from.
LoggingConfiguration
data LoggingConfiguration Source #
This is AWS WAF Classic documentation. For more information, see AWS WAF Classic in the developer guide.
For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS WAF Developer Guide. With the latest version, AWS WAF has a single set of endpoints for regional and global use.
The Amazon Kinesis Data Firehose, RedactedFields information, and the
web ACL Amazon Resource Name (ARN).
See: newLoggingConfiguration smart constructor.
Constructors
| LoggingConfiguration' | |
Fields
| |
Instances
newLoggingConfiguration Source #
Arguments
| :: Text | |
| -> NonEmpty Text | |
| -> LoggingConfiguration |
Create a value of LoggingConfiguration with all optional fields omitted.
Use generic-lens or optics to modify other optional fields.
The following record fields are available, with the corresponding lenses provided for backwards compatibility:
$sel:redactedFields:LoggingConfiguration', loggingConfiguration_redactedFields - The parts of the request that you want redacted from the logs. For
example, if you redact the cookie field, the cookie field in the
firehose will be xxx.
$sel:resourceArn:LoggingConfiguration', loggingConfiguration_resourceArn - The Amazon Resource Name (ARN) of the web ACL that you want to associate
with LogDestinationConfigs.
$sel:logDestinationConfigs:LoggingConfiguration', loggingConfiguration_logDestinationConfigs - An array of Amazon Kinesis Data Firehose ARNs.
loggingConfiguration_redactedFields :: Lens' LoggingConfiguration (Maybe [FieldToMatch]) Source #
The parts of the request that you want redacted from the logs. For
example, if you redact the cookie field, the cookie field in the
firehose will be xxx.
loggingConfiguration_resourceArn :: Lens' LoggingConfiguration Text Source #
The Amazon Resource Name (ARN) of the web ACL that you want to associate
with LogDestinationConfigs.
loggingConfiguration_logDestinationConfigs :: Lens' LoggingConfiguration (NonEmpty Text) Source #
An array of Amazon Kinesis Data Firehose ARNs.
Predicate
This is AWS WAF Classic documentation. For more information, see AWS WAF Classic in the developer guide.
For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS WAF Developer Guide. With the latest version, AWS WAF has a single set of endpoints for regional and global use.
Specifies the ByteMatchSet, IPSet, SqlInjectionMatchSet, XssMatchSet,
RegexMatchSet, GeoMatchSet, and SizeConstraintSet objects that you want
to add to a Rule and, for each object, indicates whether you want to
negate the settings, for example, requests that do NOT originate from
the IP address 192.0.2.44.
See: newPredicate smart constructor.
Constructors
| Predicate' | |
Fields
| |
Instances
| Eq Predicate Source # | |
| Read Predicate Source # | |
| Show Predicate Source # | |
| Generic Predicate Source # | |
| NFData Predicate Source # | |
Defined in Amazonka.WAFRegional.Types.Predicate | |
| Hashable Predicate Source # | |
Defined in Amazonka.WAFRegional.Types.Predicate | |
| ToJSON Predicate Source # | |
Defined in Amazonka.WAFRegional.Types.Predicate | |
| FromJSON Predicate Source # | |
| type Rep Predicate Source # | |
Defined in Amazonka.WAFRegional.Types.Predicate type Rep Predicate = D1 ('MetaData "Predicate" "Amazonka.WAFRegional.Types.Predicate" "libZSservicesZSamazonka-waf-regionalZSamazonka-waf-regional" 'False) (C1 ('MetaCons "Predicate'" 'PrefixI 'True) (S1 ('MetaSel ('Just "negated") 'NoSourceUnpackedness 'NoSourceStrictness 'DecidedStrict) (Rec0 Bool) :*: (S1 ('MetaSel ('Just "type'") 'NoSourceUnpackedness 'NoSourceStrictness 'DecidedStrict) (Rec0 PredicateType) :*: S1 ('MetaSel ('Just "dataId") 'NoSourceUnpackedness 'NoSourceStrictness 'DecidedStrict) (Rec0 Text)))) | |
Arguments
| :: Bool | |
| -> PredicateType | |
| -> Text | |
| -> Predicate |
Create a value of Predicate with all optional fields omitted.
Use generic-lens or optics to modify other optional fields.
The following record fields are available, with the corresponding lenses provided for backwards compatibility:
$sel:negated:Predicate', predicate_negated - Set Negated to False if you want AWS WAF to allow, block, or count
requests based on the settings in the specified ByteMatchSet, IPSet,
SqlInjectionMatchSet, XssMatchSet, RegexMatchSet, GeoMatchSet, or
SizeConstraintSet. For example, if an IPSet includes the IP address
192.0.2.44, AWS WAF will allow or block requests based on that IP
address.
Set Negated to True if you want AWS WAF to allow or block a request
based on the negation of the settings in the ByteMatchSet, IPSet,
SqlInjectionMatchSet, XssMatchSet, RegexMatchSet, GeoMatchSet, or
SizeConstraintSet. For example, if an IPSet includes the IP address
192.0.2.44, AWS WAF will allow, block, or count requests based on all
IP addresses except 192.0.2.44.
$sel:type':Predicate', predicate_type - The type of predicate in a Rule, such as ByteMatch or IPSet.
$sel:dataId:Predicate', predicate_dataId - A unique identifier for a predicate in a Rule, such as
ByteMatchSetId or IPSetId. The ID is returned by the corresponding
Create or List command.
predicate_negated :: Lens' Predicate Bool Source #
Set Negated to False if you want AWS WAF to allow, block, or count
requests based on the settings in the specified ByteMatchSet, IPSet,
SqlInjectionMatchSet, XssMatchSet, RegexMatchSet, GeoMatchSet, or
SizeConstraintSet. For example, if an IPSet includes the IP address
192.0.2.44, AWS WAF will allow or block requests based on that IP
address.
Set Negated to True if you want AWS WAF to allow or block a request
based on the negation of the settings in the ByteMatchSet, IPSet,
SqlInjectionMatchSet, XssMatchSet, RegexMatchSet, GeoMatchSet, or
SizeConstraintSet. For example, if an IPSet includes the IP address
192.0.2.44, AWS WAF will allow, block, or count requests based on all
IP addresses except 192.0.2.44.
predicate_type :: Lens' Predicate PredicateType Source #
The type of predicate in a Rule, such as ByteMatch or IPSet.
predicate_dataId :: Lens' Predicate Text Source #
A unique identifier for a predicate in a Rule, such as
ByteMatchSetId or IPSetId. The ID is returned by the corresponding
Create or List command.
RateBasedRule
data RateBasedRule Source #
This is AWS WAF Classic documentation. For more information, see AWS WAF Classic in the developer guide.
For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS WAF Developer Guide. With the latest version, AWS WAF has a single set of endpoints for regional and global use.
A RateBasedRule is identical to a regular Rule, with one addition: a
RateBasedRule counts the number of requests that arrive from a
specified IP address every five minutes. For example, based on recent
requests that you've seen from an attacker, you might create a
RateBasedRule that includes the following conditions:
- The requests come from 192.0.2.44.
- They contain the value
BadBotin theUser-Agentheader.
In the rule, you also define the rate limit as 1,000.
Requests that meet both of these conditions and exceed 1,000 requests every five minutes trigger the rule's action (block or count), which is defined in the web ACL.
See: newRateBasedRule smart constructor.
Constructors
| RateBasedRule' | |
Fields
| |
Instances
Arguments
| :: Text | |
| -> RateKey | |
| -> Natural | |
| -> RateBasedRule |
Create a value of RateBasedRule with all optional fields omitted.
Use generic-lens or optics to modify other optional fields.
The following record fields are available, with the corresponding lenses provided for backwards compatibility:
$sel:metricName:RateBasedRule', rateBasedRule_metricName - A friendly name or description for the metrics for a RateBasedRule.
The name can contain only alphanumeric characters (A-Z, a-z, 0-9), with
maximum length 128 and minimum length one. It can't contain whitespace
or metric names reserved for AWS WAF, including "All" and
"Default_Action." You can't change the name of the metric after you
create the RateBasedRule.
$sel:name:RateBasedRule', rateBasedRule_name - A friendly name or description for a RateBasedRule. You can't change
the name of a RateBasedRule after you create it.
$sel:ruleId:RateBasedRule', rateBasedRule_ruleId - A unique identifier for a RateBasedRule. You use RuleId to get more
information about a RateBasedRule (see GetRateBasedRule), update a
RateBasedRule (see UpdateRateBasedRule), insert a RateBasedRule into
a WebACL or delete one from a WebACL (see UpdateWebACL), or delete a
RateBasedRule from AWS WAF (see DeleteRateBasedRule).
$sel:matchPredicates:RateBasedRule', rateBasedRule_matchPredicates - The Predicates object contains one Predicate element for each
ByteMatchSet, IPSet, or SqlInjectionMatchSet object that you want to
include in a RateBasedRule.
$sel:rateKey:RateBasedRule', rateBasedRule_rateKey - The field that AWS WAF uses to determine if requests are likely arriving
from single source and thus subject to rate monitoring. The only valid
value for RateKey is IP. IP indicates that requests arriving from
the same IP address are subject to the RateLimit that is specified in
the RateBasedRule.
$sel:rateLimit:RateBasedRule', rateBasedRule_rateLimit - The maximum number of requests, which have an identical value in the
field specified by the RateKey, allowed in a five-minute period. If
the number of requests exceeds the RateLimit and the other predicates
specified in the rule are also met, AWS WAF triggers the action that is
specified for this rule.
rateBasedRule_metricName :: Lens' RateBasedRule (Maybe Text) Source #
A friendly name or description for the metrics for a RateBasedRule.
The name can contain only alphanumeric characters (A-Z, a-z, 0-9), with
maximum length 128 and minimum length one. It can't contain whitespace
or metric names reserved for AWS WAF, including "All" and
"Default_Action." You can't change the name of the metric after you
create the RateBasedRule.
rateBasedRule_name :: Lens' RateBasedRule (Maybe Text) Source #
A friendly name or description for a RateBasedRule. You can't change
the name of a RateBasedRule after you create it.
rateBasedRule_ruleId :: Lens' RateBasedRule Text Source #
A unique identifier for a RateBasedRule. You use RuleId to get more
information about a RateBasedRule (see GetRateBasedRule), update a
RateBasedRule (see UpdateRateBasedRule), insert a RateBasedRule into
a WebACL or delete one from a WebACL (see UpdateWebACL), or delete a
RateBasedRule from AWS WAF (see DeleteRateBasedRule).
rateBasedRule_matchPredicates :: Lens' RateBasedRule [Predicate] Source #
The Predicates object contains one Predicate element for each
ByteMatchSet, IPSet, or SqlInjectionMatchSet object that you want to
include in a RateBasedRule.
rateBasedRule_rateKey :: Lens' RateBasedRule RateKey Source #
The field that AWS WAF uses to determine if requests are likely arriving
from single source and thus subject to rate monitoring. The only valid
value for RateKey is IP. IP indicates that requests arriving from
the same IP address are subject to the RateLimit that is specified in
the RateBasedRule.
rateBasedRule_rateLimit :: Lens' RateBasedRule Natural Source #
The maximum number of requests, which have an identical value in the
field specified by the RateKey, allowed in a five-minute period. If
the number of requests exceeds the RateLimit and the other predicates
specified in the rule are also met, AWS WAF triggers the action that is
specified for this rule.
RegexMatchSet
data RegexMatchSet Source #
This is AWS WAF Classic documentation. For more information, see AWS WAF Classic in the developer guide.
For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS WAF Developer Guide. With the latest version, AWS WAF has a single set of endpoints for regional and global use.
In a GetRegexMatchSet request, RegexMatchSet is a complex type that
contains the RegexMatchSetId and Name of a RegexMatchSet, and the
values that you specified when you updated the RegexMatchSet.
The values are contained in a RegexMatchTuple object, which specify
the parts of web requests that you want AWS WAF to inspect and the
values that you want AWS WAF to search for. If a RegexMatchSet
contains more than one RegexMatchTuple object, a request needs to
match the settings in only one ByteMatchTuple to be considered a
match.
See: newRegexMatchSet smart constructor.
Constructors
| RegexMatchSet' | |
Fields
| |
Instances
newRegexMatchSet :: RegexMatchSet Source #
Create a value of RegexMatchSet with all optional fields omitted.
Use generic-lens or optics to modify other optional fields.
The following record fields are available, with the corresponding lenses provided for backwards compatibility:
$sel:name:RegexMatchSet', regexMatchSet_name - A friendly name or description of the RegexMatchSet. You can't change
Name after you create a RegexMatchSet.
$sel:regexMatchTuples:RegexMatchSet', regexMatchSet_regexMatchTuples - Contains an array of RegexMatchTuple objects. Each RegexMatchTuple
object contains:
- The part of a web request that you want AWS WAF to inspect, such as
a query string or the value of the
User-Agentheader. - The identifier of the pattern (a regular expression) that you want AWS WAF to look for. For more information, see RegexPatternSet.
- Whether to perform any conversions on the request, such as converting it to lowercase, before inspecting it for the specified string.
$sel:regexMatchSetId:RegexMatchSet', regexMatchSet_regexMatchSetId - The RegexMatchSetId for a RegexMatchSet. You use RegexMatchSetId
to get information about a RegexMatchSet (see GetRegexMatchSet),
update a RegexMatchSet (see UpdateRegexMatchSet), insert a
RegexMatchSet into a Rule or delete one from a Rule (see
UpdateRule), and delete a RegexMatchSet from AWS WAF (see
DeleteRegexMatchSet).
RegexMatchSetId is returned by CreateRegexMatchSet and by
ListRegexMatchSets.
regexMatchSet_name :: Lens' RegexMatchSet (Maybe Text) Source #
A friendly name or description of the RegexMatchSet. You can't change
Name after you create a RegexMatchSet.
regexMatchSet_regexMatchTuples :: Lens' RegexMatchSet (Maybe [RegexMatchTuple]) Source #
Contains an array of RegexMatchTuple objects. Each RegexMatchTuple
object contains:
- The part of a web request that you want AWS WAF to inspect, such as
a query string or the value of the
User-Agentheader. - The identifier of the pattern (a regular expression) that you want AWS WAF to look for. For more information, see RegexPatternSet.
- Whether to perform any conversions on the request, such as converting it to lowercase, before inspecting it for the specified string.
regexMatchSet_regexMatchSetId :: Lens' RegexMatchSet (Maybe Text) Source #
The RegexMatchSetId for a RegexMatchSet. You use RegexMatchSetId
to get information about a RegexMatchSet (see GetRegexMatchSet),
update a RegexMatchSet (see UpdateRegexMatchSet), insert a
RegexMatchSet into a Rule or delete one from a Rule (see
UpdateRule), and delete a RegexMatchSet from AWS WAF (see
DeleteRegexMatchSet).
RegexMatchSetId is returned by CreateRegexMatchSet and by
ListRegexMatchSets.
RegexMatchSetSummary
data RegexMatchSetSummary Source #
This is AWS WAF Classic documentation. For more information, see AWS WAF Classic in the developer guide.
For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS WAF Developer Guide. With the latest version, AWS WAF has a single set of endpoints for regional and global use.
Returned by ListRegexMatchSets. Each RegexMatchSetSummary object
includes the Name and RegexMatchSetId for one RegexMatchSet.
See: newRegexMatchSetSummary smart constructor.
Constructors
| RegexMatchSetSummary' | |
Fields
| |
Instances
newRegexMatchSetSummary Source #
Arguments
| :: Text | |
| -> Text | |
| -> RegexMatchSetSummary |
Create a value of RegexMatchSetSummary with all optional fields omitted.
Use generic-lens or optics to modify other optional fields.
The following record fields are available, with the corresponding lenses provided for backwards compatibility:
$sel:regexMatchSetId:RegexMatchSetSummary', regexMatchSetSummary_regexMatchSetId - The RegexMatchSetId for a RegexMatchSet. You use RegexMatchSetId
to get information about a RegexMatchSet, update a RegexMatchSet,
remove a RegexMatchSet from a Rule, and delete a RegexMatchSet
from AWS WAF.
RegexMatchSetId is returned by CreateRegexMatchSet and by
ListRegexMatchSets.
$sel:name:RegexMatchSetSummary', regexMatchSetSummary_name - A friendly name or description of the RegexMatchSet. You can't change
Name after you create a RegexMatchSet.
regexMatchSetSummary_regexMatchSetId :: Lens' RegexMatchSetSummary Text Source #
The RegexMatchSetId for a RegexMatchSet. You use RegexMatchSetId
to get information about a RegexMatchSet, update a RegexMatchSet,
remove a RegexMatchSet from a Rule, and delete a RegexMatchSet
from AWS WAF.
RegexMatchSetId is returned by CreateRegexMatchSet and by
ListRegexMatchSets.
regexMatchSetSummary_name :: Lens' RegexMatchSetSummary Text Source #
A friendly name or description of the RegexMatchSet. You can't change
Name after you create a RegexMatchSet.
RegexMatchSetUpdate
data RegexMatchSetUpdate Source #
This is AWS WAF Classic documentation. For more information, see AWS WAF Classic in the developer guide.
For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS WAF Developer Guide. With the latest version, AWS WAF has a single set of endpoints for regional and global use.
In an UpdateRegexMatchSet request, RegexMatchSetUpdate specifies
whether to insert or delete a RegexMatchTuple and includes the settings
for the RegexMatchTuple.
See: newRegexMatchSetUpdate smart constructor.
Constructors
| RegexMatchSetUpdate' | |
Fields
| |
Instances
newRegexMatchSetUpdate Source #
Arguments
| :: ChangeAction | |
| -> RegexMatchTuple | |
| -> RegexMatchSetUpdate |
Create a value of RegexMatchSetUpdate with all optional fields omitted.
Use generic-lens or optics to modify other optional fields.
The following record fields are available, with the corresponding lenses provided for backwards compatibility:
$sel:action:RegexMatchSetUpdate', regexMatchSetUpdate_action - Specifies whether to insert or delete a RegexMatchTuple.
$sel:regexMatchTuple:RegexMatchSetUpdate', regexMatchSetUpdate_regexMatchTuple - Information about the part of a web request that you want AWS WAF to
inspect and the identifier of the regular expression (regex) pattern
that you want AWS WAF to search for. If you specify DELETE for the
value of Action, the RegexMatchTuple values must exactly match the
values in the RegexMatchTuple that you want to delete from the
RegexMatchSet.
regexMatchSetUpdate_action :: Lens' RegexMatchSetUpdate ChangeAction Source #
Specifies whether to insert or delete a RegexMatchTuple.
regexMatchSetUpdate_regexMatchTuple :: Lens' RegexMatchSetUpdate RegexMatchTuple Source #
Information about the part of a web request that you want AWS WAF to
inspect and the identifier of the regular expression (regex) pattern
that you want AWS WAF to search for. If you specify DELETE for the
value of Action, the RegexMatchTuple values must exactly match the
values in the RegexMatchTuple that you want to delete from the
RegexMatchSet.
RegexMatchTuple
data RegexMatchTuple Source #
This is AWS WAF Classic documentation. For more information, see AWS WAF Classic in the developer guide.
For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS WAF Developer Guide. With the latest version, AWS WAF has a single set of endpoints for regional and global use.
The regular expression pattern that you want AWS WAF to search for in
web requests, the location in requests that you want AWS WAF to search,
and other settings. Each RegexMatchTuple object contains:
- The part of a web request that you want AWS WAF to inspect, such as
a query string or the value of the
User-Agentheader. - The identifier of the pattern (a regular expression) that you want AWS WAF to look for. For more information, see RegexPatternSet.
- Whether to perform any conversions on the request, such as converting it to lowercase, before inspecting it for the specified string.
See: newRegexMatchTuple smart constructor.
Constructors
| RegexMatchTuple' | |
Fields
| |
Instances
Arguments
| :: FieldToMatch | |
| -> TextTransformation | |
| -> Text | |
| -> RegexMatchTuple |
Create a value of RegexMatchTuple with all optional fields omitted.
Use generic-lens or optics to modify other optional fields.
The following record fields are available, with the corresponding lenses provided for backwards compatibility:
$sel:fieldToMatch:RegexMatchTuple', regexMatchTuple_fieldToMatch - Specifies where in a web request to look for the RegexPatternSet.
$sel:textTransformation:RegexMatchTuple', regexMatchTuple_textTransformation - Text transformations eliminate some of the unusual formatting that
attackers use in web requests in an effort to bypass AWS WAF. If you
specify a transformation, AWS WAF performs the transformation on
RegexPatternSet before inspecting a request for a match.
You can only specify a single type of TextTransformation.
CMD_LINE
When you're concerned that attackers are injecting an operating system commandline command and using unusual formatting to disguise some or all of the command, use this option to perform the following transformations:
- Delete the following characters: \ " ' ^
- Delete spaces before the following characters: / (
- Replace the following characters with a space: , ;
- Replace multiple spaces with one space
- Convert uppercase letters (A-Z) to lowercase (a-z)
COMPRESS_WHITE_SPACE
Use this option to replace the following characters with a space character (decimal 32):
- \f, formfeed, decimal 12
- \t, tab, decimal 9
- \n, newline, decimal 10
- \r, carriage return, decimal 13
- \v, vertical tab, decimal 11
- non-breaking space, decimal 160
COMPRESS_WHITE_SPACE also replaces multiple spaces with one space.
HTML_ENTITY_DECODE
Use this option to replace HTML-encoded characters with unencoded
characters. HTML_ENTITY_DECODE performs the following operations:
- Replaces
(ampersand)quot;with" - Replaces
(ampersand)nbsp;with a non-breaking space, decimal 160 - Replaces
(ampersand)lt;with a "less than" symbol - Replaces
(ampersand)gt;with> - Replaces characters that are represented in hexadecimal format,
(ampersand)#xhhhh;, with the corresponding characters - Replaces characters that are represented in decimal format,
(ampersand)#nnnn;, with the corresponding characters
LOWERCASE
Use this option to convert uppercase letters (A-Z) to lowercase (a-z).
URL_DECODE
Use this option to decode a URL-encoded value.
NONE
Specify NONE if you don't want to perform any text transformations.
$sel:regexPatternSetId:RegexMatchTuple', regexMatchTuple_regexPatternSetId - The RegexPatternSetId for a RegexPatternSet. You use
RegexPatternSetId to get information about a RegexPatternSet (see
GetRegexPatternSet), update a RegexPatternSet (see
UpdateRegexPatternSet), insert a RegexPatternSet into a
RegexMatchSet or delete one from a RegexMatchSet (see
UpdateRegexMatchSet), and delete an RegexPatternSet from AWS WAF (see
DeleteRegexPatternSet).
RegexPatternSetId is returned by CreateRegexPatternSet and by
ListRegexPatternSets.
regexMatchTuple_fieldToMatch :: Lens' RegexMatchTuple FieldToMatch Source #
Specifies where in a web request to look for the RegexPatternSet.
regexMatchTuple_textTransformation :: Lens' RegexMatchTuple TextTransformation Source #
Text transformations eliminate some of the unusual formatting that
attackers use in web requests in an effort to bypass AWS WAF. If you
specify a transformation, AWS WAF performs the transformation on
RegexPatternSet before inspecting a request for a match.
You can only specify a single type of TextTransformation.
CMD_LINE
When you're concerned that attackers are injecting an operating system commandline command and using unusual formatting to disguise some or all of the command, use this option to perform the following transformations:
- Delete the following characters: \ " ' ^
- Delete spaces before the following characters: / (
- Replace the following characters with a space: , ;
- Replace multiple spaces with one space
- Convert uppercase letters (A-Z) to lowercase (a-z)
COMPRESS_WHITE_SPACE
Use this option to replace the following characters with a space character (decimal 32):
- \f, formfeed, decimal 12
- \t, tab, decimal 9
- \n, newline, decimal 10
- \r, carriage return, decimal 13
- \v, vertical tab, decimal 11
- non-breaking space, decimal 160
COMPRESS_WHITE_SPACE also replaces multiple spaces with one space.
HTML_ENTITY_DECODE
Use this option to replace HTML-encoded characters with unencoded
characters. HTML_ENTITY_DECODE performs the following operations:
- Replaces
(ampersand)quot;with" - Replaces
(ampersand)nbsp;with a non-breaking space, decimal 160 - Replaces
(ampersand)lt;with a "less than" symbol - Replaces
(ampersand)gt;with> - Replaces characters that are represented in hexadecimal format,
(ampersand)#xhhhh;, with the corresponding characters - Replaces characters that are represented in decimal format,
(ampersand)#nnnn;, with the corresponding characters
LOWERCASE
Use this option to convert uppercase letters (A-Z) to lowercase (a-z).
URL_DECODE
Use this option to decode a URL-encoded value.
NONE
Specify NONE if you don't want to perform any text transformations.
regexMatchTuple_regexPatternSetId :: Lens' RegexMatchTuple Text Source #
The RegexPatternSetId for a RegexPatternSet. You use
RegexPatternSetId to get information about a RegexPatternSet (see
GetRegexPatternSet), update a RegexPatternSet (see
UpdateRegexPatternSet), insert a RegexPatternSet into a
RegexMatchSet or delete one from a RegexMatchSet (see
UpdateRegexMatchSet), and delete an RegexPatternSet from AWS WAF (see
DeleteRegexPatternSet).
RegexPatternSetId is returned by CreateRegexPatternSet and by
ListRegexPatternSets.
RegexPatternSet
data RegexPatternSet Source #
This is AWS WAF Classic documentation. For more information, see AWS WAF Classic in the developer guide.
For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS WAF Developer Guide. With the latest version, AWS WAF has a single set of endpoints for regional and global use.
The RegexPatternSet specifies the regular expression (regex) pattern
that you want AWS WAF to search for, such as B[a@]dB[o0]t. You can
then configure AWS WAF to reject those requests.
See: newRegexPatternSet smart constructor.
Constructors
| RegexPatternSet' | |
Fields
| |
Instances
Arguments
| :: Text | |
| -> RegexPatternSet |
Create a value of RegexPatternSet with all optional fields omitted.
Use generic-lens or optics to modify other optional fields.
The following record fields are available, with the corresponding lenses provided for backwards compatibility:
$sel:name:RegexPatternSet', regexPatternSet_name - A friendly name or description of the RegexPatternSet. You can't change
Name after you create a RegexPatternSet.
$sel:regexPatternSetId:RegexPatternSet', regexPatternSet_regexPatternSetId - The identifier for the RegexPatternSet. You use RegexPatternSetId to
get information about a RegexPatternSet, update a RegexPatternSet,
remove a RegexPatternSet from a RegexMatchSet, and delete a
RegexPatternSet from AWS WAF.
RegexMatchSetId is returned by CreateRegexPatternSet and by
ListRegexPatternSets.
$sel:regexPatternStrings:RegexPatternSet', regexPatternSet_regexPatternStrings - Specifies the regular expression (regex) patterns that you want AWS WAF
to search for, such as B[a@]dB[o0]t.
regexPatternSet_name :: Lens' RegexPatternSet (Maybe Text) Source #
A friendly name or description of the RegexPatternSet. You can't change
Name after you create a RegexPatternSet.
regexPatternSet_regexPatternSetId :: Lens' RegexPatternSet Text Source #
The identifier for the RegexPatternSet. You use RegexPatternSetId to
get information about a RegexPatternSet, update a RegexPatternSet,
remove a RegexPatternSet from a RegexMatchSet, and delete a
RegexPatternSet from AWS WAF.
RegexMatchSetId is returned by CreateRegexPatternSet and by
ListRegexPatternSets.
regexPatternSet_regexPatternStrings :: Lens' RegexPatternSet [Text] Source #
Specifies the regular expression (regex) patterns that you want AWS WAF
to search for, such as B[a@]dB[o0]t.
RegexPatternSetSummary
data RegexPatternSetSummary Source #
This is AWS WAF Classic documentation. For more information, see AWS WAF Classic in the developer guide.
For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS WAF Developer Guide. With the latest version, AWS WAF has a single set of endpoints for regional and global use.
Returned by ListRegexPatternSets. Each RegexPatternSetSummary object
includes the Name and RegexPatternSetId for one RegexPatternSet.
See: newRegexPatternSetSummary smart constructor.
Constructors
| RegexPatternSetSummary' | |
Fields
| |
Instances
newRegexPatternSetSummary Source #
Arguments
| :: Text | |
| -> Text | |
| -> RegexPatternSetSummary |
Create a value of RegexPatternSetSummary with all optional fields omitted.
Use generic-lens or optics to modify other optional fields.
The following record fields are available, with the corresponding lenses provided for backwards compatibility:
$sel:regexPatternSetId:RegexPatternSetSummary', regexPatternSetSummary_regexPatternSetId - The RegexPatternSetId for a RegexPatternSet. You use
RegexPatternSetId to get information about a RegexPatternSet, update
a RegexPatternSet, remove a RegexPatternSet from a RegexMatchSet,
and delete a RegexPatternSet from AWS WAF.
RegexPatternSetId is returned by CreateRegexPatternSet and by
ListRegexPatternSets.
$sel:name:RegexPatternSetSummary', regexPatternSetSummary_name - A friendly name or description of the RegexPatternSet. You can't change
Name after you create a RegexPatternSet.
regexPatternSetSummary_regexPatternSetId :: Lens' RegexPatternSetSummary Text Source #
The RegexPatternSetId for a RegexPatternSet. You use
RegexPatternSetId to get information about a RegexPatternSet, update
a RegexPatternSet, remove a RegexPatternSet from a RegexMatchSet,
and delete a RegexPatternSet from AWS WAF.
RegexPatternSetId is returned by CreateRegexPatternSet and by
ListRegexPatternSets.
regexPatternSetSummary_name :: Lens' RegexPatternSetSummary Text Source #
A friendly name or description of the RegexPatternSet. You can't change
Name after you create a RegexPatternSet.
RegexPatternSetUpdate
data RegexPatternSetUpdate Source #
This is AWS WAF Classic documentation. For more information, see AWS WAF Classic in the developer guide.
For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS WAF Developer Guide. With the latest version, AWS WAF has a single set of endpoints for regional and global use.
In an UpdateRegexPatternSet request, RegexPatternSetUpdate specifies
whether to insert or delete a RegexPatternString and includes the
settings for the RegexPatternString.
See: newRegexPatternSetUpdate smart constructor.
Constructors
| RegexPatternSetUpdate' | |
Fields
| |
Instances
newRegexPatternSetUpdate Source #
Arguments
| :: ChangeAction | |
| -> Text | |
| -> RegexPatternSetUpdate |
Create a value of RegexPatternSetUpdate with all optional fields omitted.
Use generic-lens or optics to modify other optional fields.
The following record fields are available, with the corresponding lenses provided for backwards compatibility:
$sel:action:RegexPatternSetUpdate', regexPatternSetUpdate_action - Specifies whether to insert or delete a RegexPatternString.
$sel:regexPatternString:RegexPatternSetUpdate', regexPatternSetUpdate_regexPatternString - Specifies the regular expression (regex) pattern that you want AWS WAF
to search for, such as B[a@]dB[o0]t.
regexPatternSetUpdate_action :: Lens' RegexPatternSetUpdate ChangeAction Source #
Specifies whether to insert or delete a RegexPatternString.
regexPatternSetUpdate_regexPatternString :: Lens' RegexPatternSetUpdate Text Source #
Specifies the regular expression (regex) pattern that you want AWS WAF
to search for, such as B[a@]dB[o0]t.
Rule
This is AWS WAF Classic documentation. For more information, see AWS WAF Classic in the developer guide.
For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS WAF Developer Guide. With the latest version, AWS WAF has a single set of endpoints for regional and global use.
A combination of ByteMatchSet, IPSet, and/or SqlInjectionMatchSet
objects that identify the web requests that you want to allow, block, or
count. For example, you might create a Rule that includes the
following predicates:
- An
IPSetthat causes AWS WAF to search for web requests that originate from the IP address192.0.2.44 - A
ByteMatchSetthat causes AWS WAF to search for web requests for which the value of theUser-Agentheader isBadBot.
To match the settings in this Rule, a request must originate from
192.0.2.44 AND include a User-Agent header for which the value is
BadBot.
See: newRule smart constructor.
Constructors
| Rule' | |
Fields
| |
Instances
| Eq Rule Source # | |
| Read Rule Source # | |
| Show Rule Source # | |
| Generic Rule Source # | |
| NFData Rule Source # | |
Defined in Amazonka.WAFRegional.Types.Rule | |
| Hashable Rule Source # | |
Defined in Amazonka.WAFRegional.Types.Rule | |
| FromJSON Rule Source # | |
| type Rep Rule Source # | |
Defined in Amazonka.WAFRegional.Types.Rule type Rep Rule = D1 ('MetaData "Rule" "Amazonka.WAFRegional.Types.Rule" "libZSservicesZSamazonka-waf-regionalZSamazonka-waf-regional" 'False) (C1 ('MetaCons "Rule'" 'PrefixI 'True) ((S1 ('MetaSel ('Just "metricName") 'NoSourceUnpackedness 'NoSourceStrictness 'DecidedStrict) (Rec0 (Maybe Text)) :*: S1 ('MetaSel ('Just "name") 'NoSourceUnpackedness 'NoSourceStrictness 'DecidedStrict) (Rec0 (Maybe Text))) :*: (S1 ('MetaSel ('Just "ruleId") 'NoSourceUnpackedness 'NoSourceStrictness 'DecidedStrict) (Rec0 Text) :*: S1 ('MetaSel ('Just "predicates") 'NoSourceUnpackedness 'NoSourceStrictness 'DecidedStrict) (Rec0 [Predicate])))) | |
Create a value of Rule with all optional fields omitted.
Use generic-lens or optics to modify other optional fields.
The following record fields are available, with the corresponding lenses provided for backwards compatibility:
$sel:metricName:Rule', rule_metricName - A friendly name or description for the metrics for this Rule. The name
can contain only alphanumeric characters (A-Z, a-z, 0-9), with maximum
length 128 and minimum length one. It can't contain whitespace or
metric names reserved for AWS WAF, including "All" and
"Default_Action." You can't change MetricName after you create the
Rule.
$sel:name:Rule', rule_name - The friendly name or description for the Rule. You can't change the
name of a Rule after you create it.
$sel:ruleId:Rule', rule_ruleId - A unique identifier for a Rule. You use RuleId to get more
information about a Rule (see GetRule), update a Rule (see
UpdateRule), insert a Rule into a WebACL or delete a one from a
WebACL (see UpdateWebACL), or delete a Rule from AWS WAF (see
DeleteRule).
RuleId is returned by CreateRule and by ListRules.
$sel:predicates:Rule', rule_predicates - The Predicates object contains one Predicate element for each
ByteMatchSet, IPSet, or SqlInjectionMatchSet object that you want to
include in a Rule.
rule_metricName :: Lens' Rule (Maybe Text) Source #
A friendly name or description for the metrics for this Rule. The name
can contain only alphanumeric characters (A-Z, a-z, 0-9), with maximum
length 128 and minimum length one. It can't contain whitespace or
metric names reserved for AWS WAF, including "All" and
"Default_Action." You can't change MetricName after you create the
Rule.
rule_name :: Lens' Rule (Maybe Text) Source #
The friendly name or description for the Rule. You can't change the
name of a Rule after you create it.
rule_ruleId :: Lens' Rule Text Source #
A unique identifier for a Rule. You use RuleId to get more
information about a Rule (see GetRule), update a Rule (see
UpdateRule), insert a Rule into a WebACL or delete a one from a
WebACL (see UpdateWebACL), or delete a Rule from AWS WAF (see
DeleteRule).
RuleId is returned by CreateRule and by ListRules.
rule_predicates :: Lens' Rule [Predicate] Source #
The Predicates object contains one Predicate element for each
ByteMatchSet, IPSet, or SqlInjectionMatchSet object that you want to
include in a Rule.
RuleGroup
This is AWS WAF Classic documentation. For more information, see AWS WAF Classic in the developer guide.
For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS WAF Developer Guide. With the latest version, AWS WAF has a single set of endpoints for regional and global use.
A collection of predefined rules that you can add to a web ACL.
Rule groups are subject to the following limits:
- Three rule groups per account. You can request an increase to this limit by contacting customer support.
- One rule group per web ACL.
- Ten rules per rule group.
See: newRuleGroup smart constructor.
Constructors
| RuleGroup' | |
Fields
| |
Instances
| Eq RuleGroup Source # | |
| Read RuleGroup Source # | |
| Show RuleGroup Source # | |
| Generic RuleGroup Source # | |
| NFData RuleGroup Source # | |
Defined in Amazonka.WAFRegional.Types.RuleGroup | |
| Hashable RuleGroup Source # | |
Defined in Amazonka.WAFRegional.Types.RuleGroup | |
| FromJSON RuleGroup Source # | |
| type Rep RuleGroup Source # | |
Defined in Amazonka.WAFRegional.Types.RuleGroup type Rep RuleGroup = D1 ('MetaData "RuleGroup" "Amazonka.WAFRegional.Types.RuleGroup" "libZSservicesZSamazonka-waf-regionalZSamazonka-waf-regional" 'False) (C1 ('MetaCons "RuleGroup'" 'PrefixI 'True) (S1 ('MetaSel ('Just "metricName") 'NoSourceUnpackedness 'NoSourceStrictness 'DecidedStrict) (Rec0 (Maybe Text)) :*: (S1 ('MetaSel ('Just "name") 'NoSourceUnpackedness 'NoSourceStrictness 'DecidedStrict) (Rec0 (Maybe Text)) :*: S1 ('MetaSel ('Just "ruleGroupId") 'NoSourceUnpackedness 'NoSourceStrictness 'DecidedStrict) (Rec0 Text)))) | |
Create a value of RuleGroup with all optional fields omitted.
Use generic-lens or optics to modify other optional fields.
The following record fields are available, with the corresponding lenses provided for backwards compatibility:
$sel:metricName:RuleGroup', ruleGroup_metricName - A friendly name or description for the metrics for this RuleGroup. The
name can contain only alphanumeric characters (A-Z, a-z, 0-9), with
maximum length 128 and minimum length one. It can't contain whitespace
or metric names reserved for AWS WAF, including "All" and
"Default_Action." You can't change the name of the metric after you
create the RuleGroup.
$sel:name:RuleGroup', ruleGroup_name - The friendly name or description for the RuleGroup. You can't change
the name of a RuleGroup after you create it.
$sel:ruleGroupId:RuleGroup', ruleGroup_ruleGroupId - A unique identifier for a RuleGroup. You use RuleGroupId to get more
information about a RuleGroup (see GetRuleGroup), update a RuleGroup
(see UpdateRuleGroup), insert a RuleGroup into a WebACL or delete a
one from a WebACL (see UpdateWebACL), or delete a RuleGroup from AWS
WAF (see DeleteRuleGroup).
RuleGroupId is returned by CreateRuleGroup and by ListRuleGroups.
ruleGroup_metricName :: Lens' RuleGroup (Maybe Text) Source #
A friendly name or description for the metrics for this RuleGroup. The
name can contain only alphanumeric characters (A-Z, a-z, 0-9), with
maximum length 128 and minimum length one. It can't contain whitespace
or metric names reserved for AWS WAF, including "All" and
"Default_Action." You can't change the name of the metric after you
create the RuleGroup.
ruleGroup_name :: Lens' RuleGroup (Maybe Text) Source #
The friendly name or description for the RuleGroup. You can't change
the name of a RuleGroup after you create it.
ruleGroup_ruleGroupId :: Lens' RuleGroup Text Source #
A unique identifier for a RuleGroup. You use RuleGroupId to get more
information about a RuleGroup (see GetRuleGroup), update a RuleGroup
(see UpdateRuleGroup), insert a RuleGroup into a WebACL or delete a
one from a WebACL (see UpdateWebACL), or delete a RuleGroup from AWS
WAF (see DeleteRuleGroup).
RuleGroupId is returned by CreateRuleGroup and by ListRuleGroups.
RuleGroupSummary
data RuleGroupSummary Source #
This is AWS WAF Classic documentation. For more information, see AWS WAF Classic in the developer guide.
For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS WAF Developer Guide. With the latest version, AWS WAF has a single set of endpoints for regional and global use.
Contains the identifier and the friendly name or description of the
RuleGroup.
See: newRuleGroupSummary smart constructor.
Constructors
| RuleGroupSummary' | |
Fields
| |
Instances
Arguments
| :: Text | |
| -> Text | |
| -> RuleGroupSummary |
Create a value of RuleGroupSummary with all optional fields omitted.
Use generic-lens or optics to modify other optional fields.
The following record fields are available, with the corresponding lenses provided for backwards compatibility:
$sel:ruleGroupId:RuleGroupSummary', ruleGroupSummary_ruleGroupId - A unique identifier for a RuleGroup. You use RuleGroupId to get more
information about a RuleGroup (see GetRuleGroup), update a RuleGroup
(see UpdateRuleGroup), insert a RuleGroup into a WebACL or delete
one from a WebACL (see UpdateWebACL), or delete a RuleGroup from AWS
WAF (see DeleteRuleGroup).
RuleGroupId is returned by CreateRuleGroup and by ListRuleGroups.
$sel:name:RuleGroupSummary', ruleGroupSummary_name - A friendly name or description of the RuleGroup. You can't change the
name of a RuleGroup after you create it.
ruleGroupSummary_ruleGroupId :: Lens' RuleGroupSummary Text Source #
A unique identifier for a RuleGroup. You use RuleGroupId to get more
information about a RuleGroup (see GetRuleGroup), update a RuleGroup
(see UpdateRuleGroup), insert a RuleGroup into a WebACL or delete
one from a WebACL (see UpdateWebACL), or delete a RuleGroup from AWS
WAF (see DeleteRuleGroup).
RuleGroupId is returned by CreateRuleGroup and by ListRuleGroups.
ruleGroupSummary_name :: Lens' RuleGroupSummary Text Source #
A friendly name or description of the RuleGroup. You can't change the
name of a RuleGroup after you create it.
RuleGroupUpdate
data RuleGroupUpdate Source #
This is AWS WAF Classic documentation. For more information, see AWS WAF Classic in the developer guide.
For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS WAF Developer Guide. With the latest version, AWS WAF has a single set of endpoints for regional and global use.
Specifies an ActivatedRule and indicates whether you want to add it to
a RuleGroup or delete it from a RuleGroup.
See: newRuleGroupUpdate smart constructor.
Constructors
| RuleGroupUpdate' | |
Fields
| |
Instances
Arguments
| :: ChangeAction | |
| -> ActivatedRule | |
| -> RuleGroupUpdate |
Create a value of RuleGroupUpdate with all optional fields omitted.
Use generic-lens or optics to modify other optional fields.
The following record fields are available, with the corresponding lenses provided for backwards compatibility:
$sel:action:RuleGroupUpdate', ruleGroupUpdate_action - Specify INSERT to add an ActivatedRule to a RuleGroup. Use
DELETE to remove an ActivatedRule from a RuleGroup.
$sel:activatedRule:RuleGroupUpdate', ruleGroupUpdate_activatedRule - The ActivatedRule object specifies a Rule that you want to insert or
delete, the priority of the Rule in the WebACL, and the action that
you want AWS WAF to take when a web request matches the Rule (ALLOW,
BLOCK, or COUNT).
ruleGroupUpdate_action :: Lens' RuleGroupUpdate ChangeAction Source #
Specify INSERT to add an ActivatedRule to a RuleGroup. Use
DELETE to remove an ActivatedRule from a RuleGroup.
ruleGroupUpdate_activatedRule :: Lens' RuleGroupUpdate ActivatedRule Source #
The ActivatedRule object specifies a Rule that you want to insert or
delete, the priority of the Rule in the WebACL, and the action that
you want AWS WAF to take when a web request matches the Rule (ALLOW,
BLOCK, or COUNT).
RuleSummary
data RuleSummary Source #
This is AWS WAF Classic documentation. For more information, see AWS WAF Classic in the developer guide.
For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS WAF Developer Guide. With the latest version, AWS WAF has a single set of endpoints for regional and global use.
Contains the identifier and the friendly name or description of the
Rule.
See: newRuleSummary smart constructor.
Constructors
| RuleSummary' | |
Fields
| |
Instances
Arguments
| :: Text | |
| -> Text | |
| -> RuleSummary |
Create a value of RuleSummary with all optional fields omitted.
Use generic-lens or optics to modify other optional fields.
The following record fields are available, with the corresponding lenses provided for backwards compatibility:
$sel:ruleId:RuleSummary', ruleSummary_ruleId - A unique identifier for a Rule. You use RuleId to get more
information about a Rule (see GetRule), update a Rule (see
UpdateRule), insert a Rule into a WebACL or delete one from a
WebACL (see UpdateWebACL), or delete a Rule from AWS WAF (see
DeleteRule).
RuleId is returned by CreateRule and by ListRules.
$sel:name:RuleSummary', ruleSummary_name - A friendly name or description of the Rule. You can't change the name
of a Rule after you create it.
ruleSummary_ruleId :: Lens' RuleSummary Text Source #
A unique identifier for a Rule. You use RuleId to get more
information about a Rule (see GetRule), update a Rule (see
UpdateRule), insert a Rule into a WebACL or delete one from a
WebACL (see UpdateWebACL), or delete a Rule from AWS WAF (see
DeleteRule).
RuleId is returned by CreateRule and by ListRules.
ruleSummary_name :: Lens' RuleSummary Text Source #
A friendly name or description of the Rule. You can't change the name
of a Rule after you create it.
RuleUpdate
data RuleUpdate Source #
This is AWS WAF Classic documentation. For more information, see AWS WAF Classic in the developer guide.
For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS WAF Developer Guide. With the latest version, AWS WAF has a single set of endpoints for regional and global use.
Specifies a Predicate (such as an IPSet) and indicates whether you
want to add it to a Rule or delete it from a Rule.
See: newRuleUpdate smart constructor.
Constructors
| RuleUpdate' | |
Fields
| |
Instances
Create a value of RuleUpdate with all optional fields omitted.
Use generic-lens or optics to modify other optional fields.
The following record fields are available, with the corresponding lenses provided for backwards compatibility:
$sel:action:RuleUpdate', ruleUpdate_action - Specify INSERT to add a Predicate to a Rule. Use DELETE to
remove a Predicate from a Rule.
$sel:predicate:RuleUpdate', ruleUpdate_predicate - The ID of the Predicate (such as an IPSet) that you want to add to a
Rule.
ruleUpdate_action :: Lens' RuleUpdate ChangeAction Source #
Specify INSERT to add a Predicate to a Rule. Use DELETE to
remove a Predicate from a Rule.
ruleUpdate_predicate :: Lens' RuleUpdate Predicate Source #
The ID of the Predicate (such as an IPSet) that you want to add to a
Rule.
SampledHTTPRequest
data SampledHTTPRequest Source #
This is AWS WAF Classic documentation. For more information, see AWS WAF Classic in the developer guide.
For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS WAF Developer Guide. With the latest version, AWS WAF has a single set of endpoints for regional and global use.
The response from a GetSampledRequests request includes a
SampledHTTPRequests complex type that appears as SampledRequests in
the response syntax. SampledHTTPRequests contains one
SampledHTTPRequest object for each web request that is returned by
GetSampledRequests.
See: newSampledHTTPRequest smart constructor.
Constructors
| SampledHTTPRequest' | |
Fields
| |
Instances
newSampledHTTPRequest Source #
Arguments
| :: HTTPRequest | |
| -> Natural | |
| -> SampledHTTPRequest |
Create a value of SampledHTTPRequest with all optional fields omitted.
Use generic-lens or optics to modify other optional fields.
The following record fields are available, with the corresponding lenses provided for backwards compatibility:
$sel:ruleWithinRuleGroup:SampledHTTPRequest', sampledHTTPRequest_ruleWithinRuleGroup - This value is returned if the GetSampledRequests request specifies the
ID of a RuleGroup rather than the ID of an individual rule.
RuleWithinRuleGroup is the rule within the specified RuleGroup that
matched the request listed in the response.
$sel:action:SampledHTTPRequest', sampledHTTPRequest_action - The action for the Rule that the request matched: ALLOW, BLOCK, or
COUNT.
$sel:timestamp:SampledHTTPRequest', sampledHTTPRequest_timestamp - The time at which AWS WAF received the request from your AWS resource,
in Unix time format (in seconds).
$sel:request:SampledHTTPRequest', sampledHTTPRequest_request - A complex type that contains detailed information about the request.
$sel:weight:SampledHTTPRequest', sampledHTTPRequest_weight - A value that indicates how one result in the response relates
proportionally to other results in the response. A result that has a
weight of 2 represents roughly twice as many CloudFront web requests
as a result that has a weight of 1.
sampledHTTPRequest_ruleWithinRuleGroup :: Lens' SampledHTTPRequest (Maybe Text) Source #
This value is returned if the GetSampledRequests request specifies the
ID of a RuleGroup rather than the ID of an individual rule.
RuleWithinRuleGroup is the rule within the specified RuleGroup that
matched the request listed in the response.
sampledHTTPRequest_action :: Lens' SampledHTTPRequest (Maybe Text) Source #
The action for the Rule that the request matched: ALLOW, BLOCK, or
COUNT.
sampledHTTPRequest_timestamp :: Lens' SampledHTTPRequest (Maybe UTCTime) Source #
The time at which AWS WAF received the request from your AWS resource, in Unix time format (in seconds).
sampledHTTPRequest_request :: Lens' SampledHTTPRequest HTTPRequest Source #
A complex type that contains detailed information about the request.
sampledHTTPRequest_weight :: Lens' SampledHTTPRequest Natural Source #
A value that indicates how one result in the response relates
proportionally to other results in the response. A result that has a
weight of 2 represents roughly twice as many CloudFront web requests
as a result that has a weight of 1.
SizeConstraint
data SizeConstraint Source #
This is AWS WAF Classic documentation. For more information, see AWS WAF Classic in the developer guide.
For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS WAF Developer Guide. With the latest version, AWS WAF has a single set of endpoints for regional and global use.
Specifies a constraint on the size of a part of the web request. AWS WAF
uses the Size, ComparisonOperator, and FieldToMatch to build an
expression in the form of "Size ComparisonOperator size in bytes of
FieldToMatch". If that expression is true, the SizeConstraint is
considered to match.
See: newSizeConstraint smart constructor.
Constructors
| SizeConstraint' | |
Fields
| |
Instances
Arguments
| :: FieldToMatch | |
| -> TextTransformation | |
| -> ComparisonOperator | |
| -> Natural | |
| -> SizeConstraint |
Create a value of SizeConstraint with all optional fields omitted.
Use generic-lens or optics to modify other optional fields.
The following record fields are available, with the corresponding lenses provided for backwards compatibility:
$sel:fieldToMatch:SizeConstraint', sizeConstraint_fieldToMatch - Specifies where in a web request to look for the size constraint.
$sel:textTransformation:SizeConstraint', sizeConstraint_textTransformation - Text transformations eliminate some of the unusual formatting that
attackers use in web requests in an effort to bypass AWS WAF. If you
specify a transformation, AWS WAF performs the transformation on
FieldToMatch before inspecting it for a match.
You can only specify a single type of TextTransformation.
Note that if you choose BODY for the value of Type, you must choose
NONE for TextTransformation because CloudFront forwards only the
first 8192 bytes for inspection.
NONE
Specify NONE if you don't want to perform any text transformations.
CMD_LINE
When you're concerned that attackers are injecting an operating system command line command and using unusual formatting to disguise some or all of the command, use this option to perform the following transformations:
- Delete the following characters: \ " ' ^
- Delete spaces before the following characters: / (
- Replace the following characters with a space: , ;
- Replace multiple spaces with one space
- Convert uppercase letters (A-Z) to lowercase (a-z)
COMPRESS_WHITE_SPACE
Use this option to replace the following characters with a space character (decimal 32):
- \f, formfeed, decimal 12
- \t, tab, decimal 9
- \n, newline, decimal 10
- \r, carriage return, decimal 13
- \v, vertical tab, decimal 11
- non-breaking space, decimal 160
COMPRESS_WHITE_SPACE also replaces multiple spaces with one space.
HTML_ENTITY_DECODE
Use this option to replace HTML-encoded characters with unencoded
characters. HTML_ENTITY_DECODE performs the following operations:
- Replaces
(ampersand)quot;with" - Replaces
(ampersand)nbsp;with a non-breaking space, decimal 160 - Replaces
(ampersand)lt;with a "less than" symbol - Replaces
(ampersand)gt;with> - Replaces characters that are represented in hexadecimal format,
(ampersand)#xhhhh;, with the corresponding characters - Replaces characters that are represented in decimal format,
(ampersand)#nnnn;, with the corresponding characters
LOWERCASE
Use this option to convert uppercase letters (A-Z) to lowercase (a-z).
URL_DECODE
Use this option to decode a URL-encoded value.
$sel:comparisonOperator:SizeConstraint', sizeConstraint_comparisonOperator - The type of comparison you want AWS WAF to perform. AWS WAF uses this in
combination with the provided Size and FieldToMatch to build an
expression in the form of "Size ComparisonOperator size in bytes of
FieldToMatch". If that expression is true, the SizeConstraint is
considered to match.
EQ: Used to test if the Size is equal to the size of the
FieldToMatch
NE: Used to test if the Size is not equal to the size of the
FieldToMatch
LE: Used to test if the Size is less than or equal to the size of
the FieldToMatch
LT: Used to test if the Size is strictly less than the size of the
FieldToMatch
GE: Used to test if the Size is greater than or equal to the size
of the FieldToMatch
GT: Used to test if the Size is strictly greater than the size of
the FieldToMatch
$sel:size:SizeConstraint', sizeConstraint_size - The size in bytes that you want AWS WAF to compare against the size of
the specified FieldToMatch. AWS WAF uses this in combination with
ComparisonOperator and FieldToMatch to build an expression in the
form of "Size ComparisonOperator size in bytes of FieldToMatch".
If that expression is true, the SizeConstraint is considered to match.
Valid values for size are 0 - 21474836480 bytes (0 - 20 GB).
If you specify URI for the value of Type, the / in the URI counts
as one character. For example, the URI /logo.jpg is nine characters
long.
sizeConstraint_fieldToMatch :: Lens' SizeConstraint FieldToMatch Source #
Specifies where in a web request to look for the size constraint.
sizeConstraint_textTransformation :: Lens' SizeConstraint TextTransformation Source #
Text transformations eliminate some of the unusual formatting that
attackers use in web requests in an effort to bypass AWS WAF. If you
specify a transformation, AWS WAF performs the transformation on
FieldToMatch before inspecting it for a match.
You can only specify a single type of TextTransformation.
Note that if you choose BODY for the value of Type, you must choose
NONE for TextTransformation because CloudFront forwards only the
first 8192 bytes for inspection.
NONE
Specify NONE if you don't want to perform any text transformations.
CMD_LINE
When you're concerned that attackers are injecting an operating system command line command and using unusual formatting to disguise some or all of the command, use this option to perform the following transformations:
- Delete the following characters: \ " ' ^
- Delete spaces before the following characters: / (
- Replace the following characters with a space: , ;
- Replace multiple spaces with one space
- Convert uppercase letters (A-Z) to lowercase (a-z)
COMPRESS_WHITE_SPACE
Use this option to replace the following characters with a space character (decimal 32):
- \f, formfeed, decimal 12
- \t, tab, decimal 9
- \n, newline, decimal 10
- \r, carriage return, decimal 13
- \v, vertical tab, decimal 11
- non-breaking space, decimal 160
COMPRESS_WHITE_SPACE also replaces multiple spaces with one space.
HTML_ENTITY_DECODE
Use this option to replace HTML-encoded characters with unencoded
characters. HTML_ENTITY_DECODE performs the following operations:
- Replaces
(ampersand)quot;with" - Replaces
(ampersand)nbsp;with a non-breaking space, decimal 160 - Replaces
(ampersand)lt;with a "less than" symbol - Replaces
(ampersand)gt;with> - Replaces characters that are represented in hexadecimal format,
(ampersand)#xhhhh;, with the corresponding characters - Replaces characters that are represented in decimal format,
(ampersand)#nnnn;, with the corresponding characters
LOWERCASE
Use this option to convert uppercase letters (A-Z) to lowercase (a-z).
URL_DECODE
Use this option to decode a URL-encoded value.
sizeConstraint_comparisonOperator :: Lens' SizeConstraint ComparisonOperator Source #
The type of comparison you want AWS WAF to perform. AWS WAF uses this in
combination with the provided Size and FieldToMatch to build an
expression in the form of "Size ComparisonOperator size in bytes of
FieldToMatch". If that expression is true, the SizeConstraint is
considered to match.
EQ: Used to test if the Size is equal to the size of the
FieldToMatch
NE: Used to test if the Size is not equal to the size of the
FieldToMatch
LE: Used to test if the Size is less than or equal to the size of
the FieldToMatch
LT: Used to test if the Size is strictly less than the size of the
FieldToMatch
GE: Used to test if the Size is greater than or equal to the size
of the FieldToMatch
GT: Used to test if the Size is strictly greater than the size of
the FieldToMatch
sizeConstraint_size :: Lens' SizeConstraint Natural Source #
The size in bytes that you want AWS WAF to compare against the size of
the specified FieldToMatch. AWS WAF uses this in combination with
ComparisonOperator and FieldToMatch to build an expression in the
form of "Size ComparisonOperator size in bytes of FieldToMatch".
If that expression is true, the SizeConstraint is considered to match.
Valid values for size are 0 - 21474836480 bytes (0 - 20 GB).
If you specify URI for the value of Type, the / in the URI counts
as one character. For example, the URI /logo.jpg is nine characters
long.
SizeConstraintSet
data SizeConstraintSet Source #
This is AWS WAF Classic documentation. For more information, see AWS WAF Classic in the developer guide.
For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS WAF Developer Guide. With the latest version, AWS WAF has a single set of endpoints for regional and global use.
A complex type that contains SizeConstraint objects, which specify the
parts of web requests that you want AWS WAF to inspect the size of. If a
SizeConstraintSet contains more than one SizeConstraint object, a
request only needs to match one constraint to be considered a match.
See: newSizeConstraintSet smart constructor.
Constructors
| SizeConstraintSet' | |
Fields
| |
Instances
Create a value of SizeConstraintSet with all optional fields omitted.
Use generic-lens or optics to modify other optional fields.
The following record fields are available, with the corresponding lenses provided for backwards compatibility:
$sel:name:SizeConstraintSet', sizeConstraintSet_name - The name, if any, of the SizeConstraintSet.
$sel:sizeConstraintSetId:SizeConstraintSet', sizeConstraintSet_sizeConstraintSetId - A unique identifier for a SizeConstraintSet. You use
SizeConstraintSetId to get information about a SizeConstraintSet
(see GetSizeConstraintSet), update a SizeConstraintSet (see
UpdateSizeConstraintSet), insert a SizeConstraintSet into a Rule or
delete one from a Rule (see UpdateRule), and delete a
SizeConstraintSet from AWS WAF (see DeleteSizeConstraintSet).
SizeConstraintSetId is returned by CreateSizeConstraintSet and by
ListSizeConstraintSets.
$sel:sizeConstraints:SizeConstraintSet', sizeConstraintSet_sizeConstraints - Specifies the parts of web requests that you want to inspect the size
of.
sizeConstraintSet_name :: Lens' SizeConstraintSet (Maybe Text) Source #
The name, if any, of the SizeConstraintSet.
sizeConstraintSet_sizeConstraintSetId :: Lens' SizeConstraintSet Text Source #
A unique identifier for a SizeConstraintSet. You use
SizeConstraintSetId to get information about a SizeConstraintSet
(see GetSizeConstraintSet), update a SizeConstraintSet (see
UpdateSizeConstraintSet), insert a SizeConstraintSet into a Rule or
delete one from a Rule (see UpdateRule), and delete a
SizeConstraintSet from AWS WAF (see DeleteSizeConstraintSet).
SizeConstraintSetId is returned by CreateSizeConstraintSet and by
ListSizeConstraintSets.
sizeConstraintSet_sizeConstraints :: Lens' SizeConstraintSet [SizeConstraint] Source #
Specifies the parts of web requests that you want to inspect the size of.
SizeConstraintSetSummary
data SizeConstraintSetSummary Source #
This is AWS WAF Classic documentation. For more information, see AWS WAF Classic in the developer guide.
For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS WAF Developer Guide. With the latest version, AWS WAF has a single set of endpoints for regional and global use.
The Id and Name of a SizeConstraintSet.
See: newSizeConstraintSetSummary smart constructor.
Constructors
| SizeConstraintSetSummary' | |
Fields
| |
Instances
newSizeConstraintSetSummary Source #
Arguments
| :: Text | |
| -> Text | |
| -> SizeConstraintSetSummary |
Create a value of SizeConstraintSetSummary with all optional fields omitted.
Use generic-lens or optics to modify other optional fields.
The following record fields are available, with the corresponding lenses provided for backwards compatibility:
$sel:sizeConstraintSetId:SizeConstraintSetSummary', sizeConstraintSetSummary_sizeConstraintSetId - A unique identifier for a SizeConstraintSet. You use
SizeConstraintSetId to get information about a SizeConstraintSet
(see GetSizeConstraintSet), update a SizeConstraintSet (see
UpdateSizeConstraintSet), insert a SizeConstraintSet into a Rule or
delete one from a Rule (see UpdateRule), and delete a
SizeConstraintSet from AWS WAF (see DeleteSizeConstraintSet).
SizeConstraintSetId is returned by CreateSizeConstraintSet and by
ListSizeConstraintSets.
$sel:name:SizeConstraintSetSummary', sizeConstraintSetSummary_name - The name of the SizeConstraintSet, if any.
sizeConstraintSetSummary_sizeConstraintSetId :: Lens' SizeConstraintSetSummary Text Source #
A unique identifier for a SizeConstraintSet. You use
SizeConstraintSetId to get information about a SizeConstraintSet
(see GetSizeConstraintSet), update a SizeConstraintSet (see
UpdateSizeConstraintSet), insert a SizeConstraintSet into a Rule or
delete one from a Rule (see UpdateRule), and delete a
SizeConstraintSet from AWS WAF (see DeleteSizeConstraintSet).
SizeConstraintSetId is returned by CreateSizeConstraintSet and by
ListSizeConstraintSets.
sizeConstraintSetSummary_name :: Lens' SizeConstraintSetSummary Text Source #
The name of the SizeConstraintSet, if any.
SizeConstraintSetUpdate
data SizeConstraintSetUpdate Source #
This is AWS WAF Classic documentation. For more information, see AWS WAF Classic in the developer guide.
For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS WAF Developer Guide. With the latest version, AWS WAF has a single set of endpoints for regional and global use.
Specifies the part of a web request that you want to inspect the size of
and indicates whether you want to add the specification to a
SizeConstraintSet or delete it from a SizeConstraintSet.
See: newSizeConstraintSetUpdate smart constructor.
Constructors
| SizeConstraintSetUpdate' | |
Fields
| |
Instances
newSizeConstraintSetUpdate Source #
Arguments
| :: ChangeAction | |
| -> SizeConstraint | |
| -> SizeConstraintSetUpdate |
Create a value of SizeConstraintSetUpdate with all optional fields omitted.
Use generic-lens or optics to modify other optional fields.
The following record fields are available, with the corresponding lenses provided for backwards compatibility:
$sel:action:SizeConstraintSetUpdate', sizeConstraintSetUpdate_action - Specify INSERT to add a SizeConstraintSetUpdate to a
SizeConstraintSet. Use DELETE to remove a SizeConstraintSetUpdate
from a SizeConstraintSet.
$sel:sizeConstraint:SizeConstraintSetUpdate', sizeConstraintSetUpdate_sizeConstraint - Specifies a constraint on the size of a part of the web request. AWS WAF
uses the Size, ComparisonOperator, and FieldToMatch to build an
expression in the form of "Size ComparisonOperator size in bytes of
FieldToMatch". If that expression is true, the SizeConstraint is
considered to match.
sizeConstraintSetUpdate_action :: Lens' SizeConstraintSetUpdate ChangeAction Source #
Specify INSERT to add a SizeConstraintSetUpdate to a
SizeConstraintSet. Use DELETE to remove a SizeConstraintSetUpdate
from a SizeConstraintSet.
sizeConstraintSetUpdate_sizeConstraint :: Lens' SizeConstraintSetUpdate SizeConstraint Source #
Specifies a constraint on the size of a part of the web request. AWS WAF
uses the Size, ComparisonOperator, and FieldToMatch to build an
expression in the form of "Size ComparisonOperator size in bytes of
FieldToMatch". If that expression is true, the SizeConstraint is
considered to match.
SqlInjectionMatchSet
data SqlInjectionMatchSet Source #
This is AWS WAF Classic documentation. For more information, see AWS WAF Classic in the developer guide.
For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS WAF Developer Guide. With the latest version, AWS WAF has a single set of endpoints for regional and global use.
A complex type that contains SqlInjectionMatchTuple objects, which
specify the parts of web requests that you want AWS WAF to inspect for
snippets of malicious SQL code and, if you want AWS WAF to inspect a
header, the name of the header. If a SqlInjectionMatchSet contains
more than one SqlInjectionMatchTuple object, a request needs to
include snippets of SQL code in only one of the specified parts of the
request to be considered a match.
See: newSqlInjectionMatchSet smart constructor.
Constructors
| SqlInjectionMatchSet' | |
Fields
| |
Instances
newSqlInjectionMatchSet Source #
Create a value of SqlInjectionMatchSet with all optional fields omitted.
Use generic-lens or optics to modify other optional fields.
The following record fields are available, with the corresponding lenses provided for backwards compatibility:
$sel:name:SqlInjectionMatchSet', sqlInjectionMatchSet_name - The name, if any, of the SqlInjectionMatchSet.
$sel:sqlInjectionMatchSetId:SqlInjectionMatchSet', sqlInjectionMatchSet_sqlInjectionMatchSetId - A unique identifier for a SqlInjectionMatchSet. You use
SqlInjectionMatchSetId to get information about a
SqlInjectionMatchSet (see GetSqlInjectionMatchSet), update a
SqlInjectionMatchSet (see UpdateSqlInjectionMatchSet), insert a
SqlInjectionMatchSet into a Rule or delete one from a Rule (see
UpdateRule), and delete a SqlInjectionMatchSet from AWS WAF (see
DeleteSqlInjectionMatchSet).
SqlInjectionMatchSetId is returned by CreateSqlInjectionMatchSet and
by ListSqlInjectionMatchSets.
$sel:sqlInjectionMatchTuples:SqlInjectionMatchSet', sqlInjectionMatchSet_sqlInjectionMatchTuples - Specifies the parts of web requests that you want to inspect for
snippets of malicious SQL code.
sqlInjectionMatchSet_name :: Lens' SqlInjectionMatchSet (Maybe Text) Source #
The name, if any, of the SqlInjectionMatchSet.
sqlInjectionMatchSet_sqlInjectionMatchSetId :: Lens' SqlInjectionMatchSet Text Source #
A unique identifier for a SqlInjectionMatchSet. You use
SqlInjectionMatchSetId to get information about a
SqlInjectionMatchSet (see GetSqlInjectionMatchSet), update a
SqlInjectionMatchSet (see UpdateSqlInjectionMatchSet), insert a
SqlInjectionMatchSet into a Rule or delete one from a Rule (see
UpdateRule), and delete a SqlInjectionMatchSet from AWS WAF (see
DeleteSqlInjectionMatchSet).
SqlInjectionMatchSetId is returned by CreateSqlInjectionMatchSet and
by ListSqlInjectionMatchSets.
sqlInjectionMatchSet_sqlInjectionMatchTuples :: Lens' SqlInjectionMatchSet [SqlInjectionMatchTuple] Source #
Specifies the parts of web requests that you want to inspect for snippets of malicious SQL code.
SqlInjectionMatchSetSummary
data SqlInjectionMatchSetSummary Source #
This is AWS WAF Classic documentation. For more information, see AWS WAF Classic in the developer guide.
For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS WAF Developer Guide. With the latest version, AWS WAF has a single set of endpoints for regional and global use.
The Id and Name of a SqlInjectionMatchSet.
See: newSqlInjectionMatchSetSummary smart constructor.
Constructors
| SqlInjectionMatchSetSummary' | |
Fields
| |
Instances
newSqlInjectionMatchSetSummary Source #
Arguments
| :: Text | |
| -> Text | |
| -> SqlInjectionMatchSetSummary |
Create a value of SqlInjectionMatchSetSummary with all optional fields omitted.
Use generic-lens or optics to modify other optional fields.
The following record fields are available, with the corresponding lenses provided for backwards compatibility:
$sel:sqlInjectionMatchSetId:SqlInjectionMatchSetSummary', sqlInjectionMatchSetSummary_sqlInjectionMatchSetId - A unique identifier for a SqlInjectionMatchSet. You use
SqlInjectionMatchSetId to get information about a
SqlInjectionMatchSet (see GetSqlInjectionMatchSet), update a
SqlInjectionMatchSet (see UpdateSqlInjectionMatchSet), insert a
SqlInjectionMatchSet into a Rule or delete one from a Rule (see
UpdateRule), and delete a SqlInjectionMatchSet from AWS WAF (see
DeleteSqlInjectionMatchSet).
SqlInjectionMatchSetId is returned by CreateSqlInjectionMatchSet and
by ListSqlInjectionMatchSets.
$sel:name:SqlInjectionMatchSetSummary', sqlInjectionMatchSetSummary_name - The name of the SqlInjectionMatchSet, if any, specified by Id.
sqlInjectionMatchSetSummary_sqlInjectionMatchSetId :: Lens' SqlInjectionMatchSetSummary Text Source #
A unique identifier for a SqlInjectionMatchSet. You use
SqlInjectionMatchSetId to get information about a
SqlInjectionMatchSet (see GetSqlInjectionMatchSet), update a
SqlInjectionMatchSet (see UpdateSqlInjectionMatchSet), insert a
SqlInjectionMatchSet into a Rule or delete one from a Rule (see
UpdateRule), and delete a SqlInjectionMatchSet from AWS WAF (see
DeleteSqlInjectionMatchSet).
SqlInjectionMatchSetId is returned by CreateSqlInjectionMatchSet and
by ListSqlInjectionMatchSets.
sqlInjectionMatchSetSummary_name :: Lens' SqlInjectionMatchSetSummary Text Source #
The name of the SqlInjectionMatchSet, if any, specified by Id.
SqlInjectionMatchSetUpdate
data SqlInjectionMatchSetUpdate Source #
This is AWS WAF Classic documentation. For more information, see AWS WAF Classic in the developer guide.
For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS WAF Developer Guide. With the latest version, AWS WAF has a single set of endpoints for regional and global use.
Specifies the part of a web request that you want to inspect for
snippets of malicious SQL code and indicates whether you want to add the
specification to a SqlInjectionMatchSet or delete it from a
SqlInjectionMatchSet.
See: newSqlInjectionMatchSetUpdate smart constructor.
Constructors
| SqlInjectionMatchSetUpdate' | |
Fields
| |
Instances
newSqlInjectionMatchSetUpdate Source #
Arguments
| :: ChangeAction | |
| -> SqlInjectionMatchTuple | |
| -> SqlInjectionMatchSetUpdate |
Create a value of SqlInjectionMatchSetUpdate with all optional fields omitted.
Use generic-lens or optics to modify other optional fields.
The following record fields are available, with the corresponding lenses provided for backwards compatibility:
$sel:action:SqlInjectionMatchSetUpdate', sqlInjectionMatchSetUpdate_action - Specify INSERT to add a SqlInjectionMatchSetUpdate to a
SqlInjectionMatchSet. Use DELETE to remove a
SqlInjectionMatchSetUpdate from a SqlInjectionMatchSet.
$sel:sqlInjectionMatchTuple:SqlInjectionMatchSetUpdate', sqlInjectionMatchSetUpdate_sqlInjectionMatchTuple - Specifies the part of a web request that you want AWS WAF to inspect for
snippets of malicious SQL code and, if you want AWS WAF to inspect a
header, the name of the header.
sqlInjectionMatchSetUpdate_action :: Lens' SqlInjectionMatchSetUpdate ChangeAction Source #
Specify INSERT to add a SqlInjectionMatchSetUpdate to a
SqlInjectionMatchSet. Use DELETE to remove a
SqlInjectionMatchSetUpdate from a SqlInjectionMatchSet.
sqlInjectionMatchSetUpdate_sqlInjectionMatchTuple :: Lens' SqlInjectionMatchSetUpdate SqlInjectionMatchTuple Source #
Specifies the part of a web request that you want AWS WAF to inspect for snippets of malicious SQL code and, if you want AWS WAF to inspect a header, the name of the header.
SqlInjectionMatchTuple
data SqlInjectionMatchTuple Source #
This is AWS WAF Classic documentation. For more information, see AWS WAF Classic in the developer guide.
For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS WAF Developer Guide. With the latest version, AWS WAF has a single set of endpoints for regional and global use.
Specifies the part of a web request that you want AWS WAF to inspect for snippets of malicious SQL code and, if you want AWS WAF to inspect a header, the name of the header.
See: newSqlInjectionMatchTuple smart constructor.
Constructors
| SqlInjectionMatchTuple' | |
Fields
| |
Instances
newSqlInjectionMatchTuple Source #
Arguments
| :: FieldToMatch | |
| -> TextTransformation | |
| -> SqlInjectionMatchTuple |
Create a value of SqlInjectionMatchTuple with all optional fields omitted.
Use generic-lens or optics to modify other optional fields.
The following record fields are available, with the corresponding lenses provided for backwards compatibility:
$sel:fieldToMatch:SqlInjectionMatchTuple', sqlInjectionMatchTuple_fieldToMatch - Specifies where in a web request to look for snippets of malicious SQL
code.
$sel:textTransformation:SqlInjectionMatchTuple', sqlInjectionMatchTuple_textTransformation - Text transformations eliminate some of the unusual formatting that
attackers use in web requests in an effort to bypass AWS WAF. If you
specify a transformation, AWS WAF performs the transformation on
FieldToMatch before inspecting it for a match.
You can only specify a single type of TextTransformation.
CMD_LINE
When you're concerned that attackers are injecting an operating system command line command and using unusual formatting to disguise some or all of the command, use this option to perform the following transformations:
- Delete the following characters: \ " ' ^
- Delete spaces before the following characters: / (
- Replace the following characters with a space: , ;
- Replace multiple spaces with one space
- Convert uppercase letters (A-Z) to lowercase (a-z)
COMPRESS_WHITE_SPACE
Use this option to replace the following characters with a space character (decimal 32):
- \f, formfeed, decimal 12
- \t, tab, decimal 9
- \n, newline, decimal 10
- \r, carriage return, decimal 13
- \v, vertical tab, decimal 11
- non-breaking space, decimal 160
COMPRESS_WHITE_SPACE also replaces multiple spaces with one space.
HTML_ENTITY_DECODE
Use this option to replace HTML-encoded characters with unencoded
characters. HTML_ENTITY_DECODE performs the following operations:
- Replaces
(ampersand)quot;with" - Replaces
(ampersand)nbsp;with a non-breaking space, decimal 160 - Replaces
(ampersand)lt;with a "less than" symbol - Replaces
(ampersand)gt;with> - Replaces characters that are represented in hexadecimal format,
(ampersand)#xhhhh;, with the corresponding characters - Replaces characters that are represented in decimal format,
(ampersand)#nnnn;, with the corresponding characters
LOWERCASE
Use this option to convert uppercase letters (A-Z) to lowercase (a-z).
URL_DECODE
Use this option to decode a URL-encoded value.
NONE
Specify NONE if you don't want to perform any text transformations.
sqlInjectionMatchTuple_fieldToMatch :: Lens' SqlInjectionMatchTuple FieldToMatch Source #
Specifies where in a web request to look for snippets of malicious SQL code.
sqlInjectionMatchTuple_textTransformation :: Lens' SqlInjectionMatchTuple TextTransformation Source #
Text transformations eliminate some of the unusual formatting that
attackers use in web requests in an effort to bypass AWS WAF. If you
specify a transformation, AWS WAF performs the transformation on
FieldToMatch before inspecting it for a match.
You can only specify a single type of TextTransformation.
CMD_LINE
When you're concerned that attackers are injecting an operating system command line command and using unusual formatting to disguise some or all of the command, use this option to perform the following transformations:
- Delete the following characters: \ " ' ^
- Delete spaces before the following characters: / (
- Replace the following characters with a space: , ;
- Replace multiple spaces with one space
- Convert uppercase letters (A-Z) to lowercase (a-z)
COMPRESS_WHITE_SPACE
Use this option to replace the following characters with a space character (decimal 32):
- \f, formfeed, decimal 12
- \t, tab, decimal 9
- \n, newline, decimal 10
- \r, carriage return, decimal 13
- \v, vertical tab, decimal 11
- non-breaking space, decimal 160
COMPRESS_WHITE_SPACE also replaces multiple spaces with one space.
HTML_ENTITY_DECODE
Use this option to replace HTML-encoded characters with unencoded
characters. HTML_ENTITY_DECODE performs the following operations:
- Replaces
(ampersand)quot;with" - Replaces
(ampersand)nbsp;with a non-breaking space, decimal 160 - Replaces
(ampersand)lt;with a "less than" symbol - Replaces
(ampersand)gt;with> - Replaces characters that are represented in hexadecimal format,
(ampersand)#xhhhh;, with the corresponding characters - Replaces characters that are represented in decimal format,
(ampersand)#nnnn;, with the corresponding characters
LOWERCASE
Use this option to convert uppercase letters (A-Z) to lowercase (a-z).
URL_DECODE
Use this option to decode a URL-encoded value.
NONE
Specify NONE if you don't want to perform any text transformations.
SubscribedRuleGroupSummary
data SubscribedRuleGroupSummary Source #
This is AWS WAF Classic documentation. For more information, see AWS WAF Classic in the developer guide.
For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS WAF Developer Guide. With the latest version, AWS WAF has a single set of endpoints for regional and global use.
A summary of the rule groups you are subscribed to.
See: newSubscribedRuleGroupSummary smart constructor.
Constructors
| SubscribedRuleGroupSummary' | |
Fields
| |
Instances
newSubscribedRuleGroupSummary Source #
Arguments
| :: Text | |
| -> Text | |
| -> Text | |
| -> SubscribedRuleGroupSummary |
Create a value of SubscribedRuleGroupSummary with all optional fields omitted.
Use generic-lens or optics to modify other optional fields.
The following record fields are available, with the corresponding lenses provided for backwards compatibility:
$sel:ruleGroupId:SubscribedRuleGroupSummary', subscribedRuleGroupSummary_ruleGroupId - A unique identifier for a RuleGroup.
$sel:name:SubscribedRuleGroupSummary', subscribedRuleGroupSummary_name - A friendly name or description of the RuleGroup. You can't change the
name of a RuleGroup after you create it.
$sel:metricName:SubscribedRuleGroupSummary', subscribedRuleGroupSummary_metricName - A friendly name or description for the metrics for this RuleGroup. The
name can contain only alphanumeric characters (A-Z, a-z, 0-9), with
maximum length 128 and minimum length one. It can't contain whitespace
or metric names reserved for AWS WAF, including "All" and
"Default_Action." You can't change the name of the metric after you
create the RuleGroup.
subscribedRuleGroupSummary_ruleGroupId :: Lens' SubscribedRuleGroupSummary Text Source #
A unique identifier for a RuleGroup.
subscribedRuleGroupSummary_name :: Lens' SubscribedRuleGroupSummary Text Source #
A friendly name or description of the RuleGroup. You can't change the
name of a RuleGroup after you create it.
subscribedRuleGroupSummary_metricName :: Lens' SubscribedRuleGroupSummary Text Source #
A friendly name or description for the metrics for this RuleGroup. The
name can contain only alphanumeric characters (A-Z, a-z, 0-9), with
maximum length 128 and minimum length one. It can't contain whitespace
or metric names reserved for AWS WAF, including "All" and
"Default_Action." You can't change the name of the metric after you
create the RuleGroup.
Tag
This is AWS WAF Classic documentation. For more information, see AWS WAF Classic in the developer guide.
For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS WAF Developer Guide. With the latest version, AWS WAF has a single set of endpoints for regional and global use.
A tag associated with an AWS resource. Tags are key:value pairs that you can use to categorize and manage your resources, for purposes like billing. For example, you might set the tag key to "customer" and the value to the customer name or ID. You can specify one or more tags to add to each AWS resource, up to 50 tags for a resource.
Tagging is only available through the API, SDKs, and CLI. You can't manage or view tags through the AWS WAF Classic console. You can tag the AWS resources that you manage through AWS WAF Classic: web ACLs, rule groups, and rules.
See: newTag smart constructor.
Instances
| Eq Tag Source # | |
| Read Tag Source # | |
| Show Tag Source # | |
| Generic Tag Source # | |
| NFData Tag Source # | |
Defined in Amazonka.WAFRegional.Types.Tag | |
| Hashable Tag Source # | |
Defined in Amazonka.WAFRegional.Types.Tag | |
| ToJSON Tag Source # | |
Defined in Amazonka.WAFRegional.Types.Tag | |
| FromJSON Tag Source # | |
| type Rep Tag Source # | |
Defined in Amazonka.WAFRegional.Types.Tag type Rep Tag = D1 ('MetaData "Tag" "Amazonka.WAFRegional.Types.Tag" "libZSservicesZSamazonka-waf-regionalZSamazonka-waf-regional" 'False) (C1 ('MetaCons "Tag'" 'PrefixI 'True) (S1 ('MetaSel ('Just "key") 'NoSourceUnpackedness 'NoSourceStrictness 'DecidedStrict) (Rec0 Text) :*: S1 ('MetaSel ('Just "value") 'NoSourceUnpackedness 'NoSourceStrictness 'DecidedStrict) (Rec0 Text))) | |
Create a value of Tag with all optional fields omitted.
Use generic-lens or optics to modify other optional fields.
The following record fields are available, with the corresponding lenses provided for backwards compatibility:
TagInfoForResource
data TagInfoForResource Source #
This is AWS WAF Classic documentation. For more information, see AWS WAF Classic in the developer guide.
For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS WAF Developer Guide. With the latest version, AWS WAF has a single set of endpoints for regional and global use.
Information for a tag associated with an AWS resource. Tags are key:value pairs that you can use to categorize and manage your resources, for purposes like billing. For example, you might set the tag key to "customer" and the value to the customer name or ID. You can specify one or more tags to add to each AWS resource, up to 50 tags for a resource.
Tagging is only available through the API, SDKs, and CLI. You can't manage or view tags through the AWS WAF Classic console. You can tag the AWS resources that you manage through AWS WAF Classic: web ACLs, rule groups, and rules.
See: newTagInfoForResource smart constructor.
Constructors
| TagInfoForResource' | |
Instances
newTagInfoForResource :: TagInfoForResource Source #
Create a value of TagInfoForResource with all optional fields omitted.
Use generic-lens or optics to modify other optional fields.
The following record fields are available, with the corresponding lenses provided for backwards compatibility:
$sel:tagList:TagInfoForResource', tagInfoForResource_tagList -
$sel:resourceARN:TagInfoForResource', tagInfoForResource_resourceARN -
TimeWindow
data TimeWindow Source #
This is AWS WAF Classic documentation. For more information, see AWS WAF Classic in the developer guide.
For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS WAF Developer Guide. With the latest version, AWS WAF has a single set of endpoints for regional and global use.
In a GetSampledRequests request, the StartTime and EndTime objects
specify the time range for which you want AWS WAF to return a sample of
web requests.
You must specify the times in Coordinated Universal Time (UTC) format.
UTC format includes the special designator, Z. For example,
"2016-09-27T14:50Z".
In a GetSampledRequests response, the StartTime and EndTime objects
specify the time range for which AWS WAF actually returned a sample of
web requests. AWS WAF gets the specified number of requests from among
the first 5,000 requests that your AWS resource receives during the
specified time period. If your resource receives more than 5,000
requests during that period, AWS WAF stops sampling after the 5,000th
request. In that case, EndTime is the time that AWS WAF received the
5,000th request.
See: newTimeWindow smart constructor.
Constructors
| TimeWindow' | |
Fields
| |
Instances
Create a value of TimeWindow with all optional fields omitted.
Use generic-lens or optics to modify other optional fields.
The following record fields are available, with the corresponding lenses provided for backwards compatibility:
$sel:startTime:TimeWindow', timeWindow_startTime - The beginning of the time range from which you want GetSampledRequests
to return a sample of the requests that your AWS resource received. You
must specify the date and time in Coordinated Universal Time (UTC)
format. UTC format includes the special designator, Z. For example,
"2016-09-27T14:50Z". You can specify any time range in the previous
three hours.
$sel:endTime:TimeWindow', timeWindow_endTime - The end of the time range from which you want GetSampledRequests to
return a sample of the requests that your AWS resource received. You
must specify the date and time in Coordinated Universal Time (UTC)
format. UTC format includes the special designator, Z. For example,
"2016-09-27T14:50Z". You can specify any time range in the previous
three hours.
timeWindow_startTime :: Lens' TimeWindow UTCTime Source #
The beginning of the time range from which you want GetSampledRequests
to return a sample of the requests that your AWS resource received. You
must specify the date and time in Coordinated Universal Time (UTC)
format. UTC format includes the special designator, Z. For example,
"2016-09-27T14:50Z". You can specify any time range in the previous
three hours.
timeWindow_endTime :: Lens' TimeWindow UTCTime Source #
The end of the time range from which you want GetSampledRequests to
return a sample of the requests that your AWS resource received. You
must specify the date and time in Coordinated Universal Time (UTC)
format. UTC format includes the special designator, Z. For example,
"2016-09-27T14:50Z". You can specify any time range in the previous
three hours.
WafAction
This is AWS WAF Classic documentation. For more information, see AWS WAF Classic in the developer guide.
For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS WAF Developer Guide. With the latest version, AWS WAF has a single set of endpoints for regional and global use.
For the action that is associated with a rule in a WebACL, specifies
the action that you want AWS WAF to perform when a web request matches
all of the conditions in a rule. For the default action in a WebACL,
specifies the action that you want AWS WAF to take when a web request
doesn't match all of the conditions in any of the rules in a WebACL.
See: newWafAction smart constructor.
Constructors
| WafAction' | |
Fields
| |
Instances
| Eq WafAction Source # | |
| Read WafAction Source # | |
| Show WafAction Source # | |
| Generic WafAction Source # | |
| NFData WafAction Source # | |
Defined in Amazonka.WAFRegional.Types.WafAction | |
| Hashable WafAction Source # | |
Defined in Amazonka.WAFRegional.Types.WafAction | |
| ToJSON WafAction Source # | |
Defined in Amazonka.WAFRegional.Types.WafAction | |
| FromJSON WafAction Source # | |
| type Rep WafAction Source # | |
Defined in Amazonka.WAFRegional.Types.WafAction type Rep WafAction = D1 ('MetaData "WafAction" "Amazonka.WAFRegional.Types.WafAction" "libZSservicesZSamazonka-waf-regionalZSamazonka-waf-regional" 'False) (C1 ('MetaCons "WafAction'" 'PrefixI 'True) (S1 ('MetaSel ('Just "type'") 'NoSourceUnpackedness 'NoSourceStrictness 'DecidedStrict) (Rec0 WafActionType))) | |
Arguments
| :: WafActionType | |
| -> WafAction |
Create a value of WafAction with all optional fields omitted.
Use generic-lens or optics to modify other optional fields.
The following record fields are available, with the corresponding lenses provided for backwards compatibility:
$sel:type':WafAction', wafAction_type - Specifies how you want AWS WAF to respond to requests that match the
settings in a Rule. Valid settings include the following:
ALLOW: AWS WAF allows requestsBLOCK: AWS WAF blocks requestsCOUNT: AWS WAF increments a counter of the requests that match all of the conditions in the rule. AWS WAF then continues to inspect the web request based on the remaining rules in the web ACL. You can't specifyCOUNTfor the default action for aWebACL.
wafAction_type :: Lens' WafAction WafActionType Source #
Specifies how you want AWS WAF to respond to requests that match the
settings in a Rule. Valid settings include the following:
ALLOW: AWS WAF allows requestsBLOCK: AWS WAF blocks requestsCOUNT: AWS WAF increments a counter of the requests that match all of the conditions in the rule. AWS WAF then continues to inspect the web request based on the remaining rules in the web ACL. You can't specifyCOUNTfor the default action for aWebACL.
WafOverrideAction
data WafOverrideAction Source #
This is AWS WAF Classic documentation. For more information, see AWS WAF Classic in the developer guide.
For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS WAF Developer Guide. With the latest version, AWS WAF has a single set of endpoints for regional and global use.
The action to take if any rule within the RuleGroup matches a request.
See: newWafOverrideAction smart constructor.
Constructors
| WafOverrideAction' | |
Fields
| |
Instances
Create a value of WafOverrideAction with all optional fields omitted.
Use generic-lens or optics to modify other optional fields.
The following record fields are available, with the corresponding lenses provided for backwards compatibility:
$sel:type':WafOverrideAction', wafOverrideAction_type - COUNT overrides the action specified by the individual rule within a
RuleGroup . If set to NONE, the rule's action will take place.
wafOverrideAction_type :: Lens' WafOverrideAction WafOverrideActionType Source #
COUNT overrides the action specified by the individual rule within a
RuleGroup . If set to NONE, the rule's action will take place.
WebACL
This is AWS WAF Classic documentation. For more information, see AWS WAF Classic in the developer guide.
For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS WAF Developer Guide. With the latest version, AWS WAF has a single set of endpoints for regional and global use.
Contains the Rules that identify the requests that you want to allow,
block, or count. In a WebACL, you also specify a default action
(ALLOW or BLOCK), and the action for each Rule that you add to a
WebACL, for example, block requests from specified IP addresses or
block requests from specified referrers. You also associate the WebACL
with a CloudFront distribution to identify the requests that you want
AWS WAF to filter. If you add more than one Rule to a WebACL, a
request needs to match only one of the specifications to be allowed,
blocked, or counted. For more information, see UpdateWebACL.
See: newWebACL smart constructor.
Constructors
| WebACL' | |
Fields
| |
Instances
Create a value of WebACL with all optional fields omitted.
Use generic-lens or optics to modify other optional fields.
The following record fields are available, with the corresponding lenses provided for backwards compatibility:
$sel:metricName:WebACL', webACL_metricName - A friendly name or description for the metrics for this WebACL. The
name can contain only alphanumeric characters (A-Z, a-z, 0-9), with
maximum length 128 and minimum length one. It can't contain whitespace
or metric names reserved for AWS WAF, including "All" and
"Default_Action." You can't change MetricName after you create the
WebACL.
$sel:name:WebACL', webACL_name - A friendly name or description of the WebACL. You can't change the
name of a WebACL after you create it.
$sel:webACLArn:WebACL', webACL_webACLArn - Tha Amazon Resource Name (ARN) of the web ACL.
$sel:webACLId:WebACL', webACL_webACLId - A unique identifier for a WebACL. You use WebACLId to get
information about a WebACL (see GetWebACL), update a WebACL (see
UpdateWebACL), and delete a WebACL from AWS WAF (see DeleteWebACL).
WebACLId is returned by CreateWebACL and by ListWebACLs.
$sel:defaultAction:WebACL', webACL_defaultAction - The action to perform if none of the Rules contained in the WebACL
match. The action is specified by the WafAction object.
$sel:rules:WebACL', webACL_rules - An array that contains the action for each Rule in a WebACL, the
priority of the Rule, and the ID of the Rule.
webACL_metricName :: Lens' WebACL (Maybe Text) Source #
A friendly name or description for the metrics for this WebACL. The
name can contain only alphanumeric characters (A-Z, a-z, 0-9), with
maximum length 128 and minimum length one. It can't contain whitespace
or metric names reserved for AWS WAF, including "All" and
"Default_Action." You can't change MetricName after you create the
WebACL.
webACL_name :: Lens' WebACL (Maybe Text) Source #
A friendly name or description of the WebACL. You can't change the
name of a WebACL after you create it.
webACL_webACLArn :: Lens' WebACL (Maybe Text) Source #
Tha Amazon Resource Name (ARN) of the web ACL.
webACL_webACLId :: Lens' WebACL Text Source #
A unique identifier for a WebACL. You use WebACLId to get
information about a WebACL (see GetWebACL), update a WebACL (see
UpdateWebACL), and delete a WebACL from AWS WAF (see DeleteWebACL).
WebACLId is returned by CreateWebACL and by ListWebACLs.
webACL_defaultAction :: Lens' WebACL WafAction Source #
The action to perform if none of the Rules contained in the WebACL
match. The action is specified by the WafAction object.
webACL_rules :: Lens' WebACL [ActivatedRule] Source #
An array that contains the action for each Rule in a WebACL, the
priority of the Rule, and the ID of the Rule.
WebACLSummary
data WebACLSummary Source #
This is AWS WAF Classic documentation. For more information, see AWS WAF Classic in the developer guide.
For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS WAF Developer Guide. With the latest version, AWS WAF has a single set of endpoints for regional and global use.
Contains the identifier and the name or description of the WebACL.
See: newWebACLSummary smart constructor.
Constructors
| WebACLSummary' | |
Fields
| |
Instances
Create a value of WebACLSummary with all optional fields omitted.
Use generic-lens or optics to modify other optional fields.
The following record fields are available, with the corresponding lenses provided for backwards compatibility:
$sel:webACLId:WebACLSummary', webACLSummary_webACLId - A unique identifier for a WebACL. You use WebACLId to get
information about a WebACL (see GetWebACL), update a WebACL (see
UpdateWebACL), and delete a WebACL from AWS WAF (see DeleteWebACL).
WebACLId is returned by CreateWebACL and by ListWebACLs.
$sel:name:WebACLSummary', webACLSummary_name - A friendly name or description of the WebACL. You can't change the name
of a WebACL after you create it.
webACLSummary_webACLId :: Lens' WebACLSummary Text Source #
A unique identifier for a WebACL. You use WebACLId to get
information about a WebACL (see GetWebACL), update a WebACL (see
UpdateWebACL), and delete a WebACL from AWS WAF (see DeleteWebACL).
WebACLId is returned by CreateWebACL and by ListWebACLs.
webACLSummary_name :: Lens' WebACLSummary Text Source #
A friendly name or description of the WebACL. You can't change the name
of a WebACL after you create it.
WebACLUpdate
data WebACLUpdate Source #
This is AWS WAF Classic documentation. For more information, see AWS WAF Classic in the developer guide.
For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS WAF Developer Guide. With the latest version, AWS WAF has a single set of endpoints for regional and global use.
Specifies whether to insert a Rule into or delete a Rule from a
WebACL.
See: newWebACLUpdate smart constructor.
Constructors
| WebACLUpdate' | |
Fields
| |
Instances
Arguments
| :: ChangeAction | |
| -> ActivatedRule | |
| -> WebACLUpdate |
Create a value of WebACLUpdate with all optional fields omitted.
Use generic-lens or optics to modify other optional fields.
The following record fields are available, with the corresponding lenses provided for backwards compatibility:
$sel:action:WebACLUpdate', webACLUpdate_action - Specifies whether to insert a Rule into or delete a Rule from a
WebACL.
$sel:activatedRule:WebACLUpdate', webACLUpdate_activatedRule - The ActivatedRule object in an UpdateWebACL request specifies a Rule
that you want to insert or delete, the priority of the Rule in the
WebACL, and the action that you want AWS WAF to take when a web
request matches the Rule (ALLOW, BLOCK, or COUNT).
webACLUpdate_action :: Lens' WebACLUpdate ChangeAction Source #
Specifies whether to insert a Rule into or delete a Rule from a
WebACL.
webACLUpdate_activatedRule :: Lens' WebACLUpdate ActivatedRule Source #
The ActivatedRule object in an UpdateWebACL request specifies a Rule
that you want to insert or delete, the priority of the Rule in the
WebACL, and the action that you want AWS WAF to take when a web
request matches the Rule (ALLOW, BLOCK, or COUNT).
XssMatchSet
data XssMatchSet Source #
This is AWS WAF Classic documentation. For more information, see AWS WAF Classic in the developer guide.
For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS WAF Developer Guide. With the latest version, AWS WAF has a single set of endpoints for regional and global use.
A complex type that contains XssMatchTuple objects, which specify the
parts of web requests that you want AWS WAF to inspect for cross-site
scripting attacks and, if you want AWS WAF to inspect a header, the name
of the header. If a XssMatchSet contains more than one XssMatchTuple
object, a request needs to include cross-site scripting attacks in only
one of the specified parts of the request to be considered a match.
See: newXssMatchSet smart constructor.
Constructors
| XssMatchSet' | |
Fields
| |
Instances
Arguments
| :: Text | |
| -> XssMatchSet |
Create a value of XssMatchSet with all optional fields omitted.
Use generic-lens or optics to modify other optional fields.
The following record fields are available, with the corresponding lenses provided for backwards compatibility:
$sel:name:XssMatchSet', xssMatchSet_name - The name, if any, of the XssMatchSet.
$sel:xssMatchSetId:XssMatchSet', xssMatchSet_xssMatchSetId - A unique identifier for an XssMatchSet. You use XssMatchSetId to get
information about an XssMatchSet (see GetXssMatchSet), update an
XssMatchSet (see UpdateXssMatchSet), insert an XssMatchSet into a
Rule or delete one from a Rule (see UpdateRule), and delete an
XssMatchSet from AWS WAF (see DeleteXssMatchSet).
XssMatchSetId is returned by CreateXssMatchSet and by
ListXssMatchSets.
$sel:xssMatchTuples:XssMatchSet', xssMatchSet_xssMatchTuples - Specifies the parts of web requests that you want to inspect for
cross-site scripting attacks.
xssMatchSet_name :: Lens' XssMatchSet (Maybe Text) Source #
The name, if any, of the XssMatchSet.
xssMatchSet_xssMatchSetId :: Lens' XssMatchSet Text Source #
A unique identifier for an XssMatchSet. You use XssMatchSetId to get
information about an XssMatchSet (see GetXssMatchSet), update an
XssMatchSet (see UpdateXssMatchSet), insert an XssMatchSet into a
Rule or delete one from a Rule (see UpdateRule), and delete an
XssMatchSet from AWS WAF (see DeleteXssMatchSet).
XssMatchSetId is returned by CreateXssMatchSet and by
ListXssMatchSets.
xssMatchSet_xssMatchTuples :: Lens' XssMatchSet [XssMatchTuple] Source #
Specifies the parts of web requests that you want to inspect for cross-site scripting attacks.
XssMatchSetSummary
data XssMatchSetSummary Source #
This is AWS WAF Classic documentation. For more information, see AWS WAF Classic in the developer guide.
For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS WAF Developer Guide. With the latest version, AWS WAF has a single set of endpoints for regional and global use.
The Id and Name of an XssMatchSet.
See: newXssMatchSetSummary smart constructor.
Constructors
| XssMatchSetSummary' | |
Fields
| |
Instances
newXssMatchSetSummary Source #
Arguments
| :: Text | |
| -> Text | |
| -> XssMatchSetSummary |
Create a value of XssMatchSetSummary with all optional fields omitted.
Use generic-lens or optics to modify other optional fields.
The following record fields are available, with the corresponding lenses provided for backwards compatibility:
$sel:xssMatchSetId:XssMatchSetSummary', xssMatchSetSummary_xssMatchSetId - A unique identifier for an XssMatchSet. You use XssMatchSetId to get
information about a XssMatchSet (see GetXssMatchSet), update an
XssMatchSet (see UpdateXssMatchSet), insert an XssMatchSet into a
Rule or delete one from a Rule (see UpdateRule), and delete an
XssMatchSet from AWS WAF (see DeleteXssMatchSet).
XssMatchSetId is returned by CreateXssMatchSet and by
ListXssMatchSets.
$sel:name:XssMatchSetSummary', xssMatchSetSummary_name - The name of the XssMatchSet, if any, specified by Id.
xssMatchSetSummary_xssMatchSetId :: Lens' XssMatchSetSummary Text Source #
A unique identifier for an XssMatchSet. You use XssMatchSetId to get
information about a XssMatchSet (see GetXssMatchSet), update an
XssMatchSet (see UpdateXssMatchSet), insert an XssMatchSet into a
Rule or delete one from a Rule (see UpdateRule), and delete an
XssMatchSet from AWS WAF (see DeleteXssMatchSet).
XssMatchSetId is returned by CreateXssMatchSet and by
ListXssMatchSets.
xssMatchSetSummary_name :: Lens' XssMatchSetSummary Text Source #
The name of the XssMatchSet, if any, specified by Id.
XssMatchSetUpdate
data XssMatchSetUpdate Source #
This is AWS WAF Classic documentation. For more information, see AWS WAF Classic in the developer guide.
For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS WAF Developer Guide. With the latest version, AWS WAF has a single set of endpoints for regional and global use.
Specifies the part of a web request that you want to inspect for
cross-site scripting attacks and indicates whether you want to add the
specification to an XssMatchSet or delete it from an XssMatchSet.
See: newXssMatchSetUpdate smart constructor.
Constructors
| XssMatchSetUpdate' | |
Fields
| |
Instances
Arguments
| :: ChangeAction | |
| -> XssMatchTuple | |
| -> XssMatchSetUpdate |
Create a value of XssMatchSetUpdate with all optional fields omitted.
Use generic-lens or optics to modify other optional fields.
The following record fields are available, with the corresponding lenses provided for backwards compatibility:
$sel:action:XssMatchSetUpdate', xssMatchSetUpdate_action - Specify INSERT to add an XssMatchSetUpdate to an XssMatchSet. Use
DELETE to remove an XssMatchSetUpdate from an XssMatchSet.
$sel:xssMatchTuple:XssMatchSetUpdate', xssMatchSetUpdate_xssMatchTuple - Specifies the part of a web request that you want AWS WAF to inspect for
cross-site scripting attacks and, if you want AWS WAF to inspect a
header, the name of the header.
xssMatchSetUpdate_action :: Lens' XssMatchSetUpdate ChangeAction Source #
Specify INSERT to add an XssMatchSetUpdate to an XssMatchSet. Use
DELETE to remove an XssMatchSetUpdate from an XssMatchSet.
xssMatchSetUpdate_xssMatchTuple :: Lens' XssMatchSetUpdate XssMatchTuple Source #
Specifies the part of a web request that you want AWS WAF to inspect for cross-site scripting attacks and, if you want AWS WAF to inspect a header, the name of the header.
XssMatchTuple
data XssMatchTuple Source #
This is AWS WAF Classic documentation. For more information, see AWS WAF Classic in the developer guide.
For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS WAF Developer Guide. With the latest version, AWS WAF has a single set of endpoints for regional and global use.
Specifies the part of a web request that you want AWS WAF to inspect for cross-site scripting attacks and, if you want AWS WAF to inspect a header, the name of the header.
See: newXssMatchTuple smart constructor.
Constructors
| XssMatchTuple' | |
Fields
| |
Instances
Arguments
| :: FieldToMatch | |
| -> TextTransformation | |
| -> XssMatchTuple |
Create a value of XssMatchTuple with all optional fields omitted.
Use generic-lens or optics to modify other optional fields.
The following record fields are available, with the corresponding lenses provided for backwards compatibility:
$sel:fieldToMatch:XssMatchTuple', xssMatchTuple_fieldToMatch - Specifies where in a web request to look for cross-site scripting
attacks.
$sel:textTransformation:XssMatchTuple', xssMatchTuple_textTransformation - Text transformations eliminate some of the unusual formatting that
attackers use in web requests in an effort to bypass AWS WAF. If you
specify a transformation, AWS WAF performs the transformation on
FieldToMatch before inspecting it for a match.
You can only specify a single type of TextTransformation.
CMD_LINE
When you're concerned that attackers are injecting an operating system command line command and using unusual formatting to disguise some or all of the command, use this option to perform the following transformations:
- Delete the following characters: \ " ' ^
- Delete spaces before the following characters: / (
- Replace the following characters with a space: , ;
- Replace multiple spaces with one space
- Convert uppercase letters (A-Z) to lowercase (a-z)
COMPRESS_WHITE_SPACE
Use this option to replace the following characters with a space character (decimal 32):
- \f, formfeed, decimal 12
- \t, tab, decimal 9
- \n, newline, decimal 10
- \r, carriage return, decimal 13
- \v, vertical tab, decimal 11
- non-breaking space, decimal 160
COMPRESS_WHITE_SPACE also replaces multiple spaces with one space.
HTML_ENTITY_DECODE
Use this option to replace HTML-encoded characters with unencoded
characters. HTML_ENTITY_DECODE performs the following operations:
- Replaces
(ampersand)quot;with" - Replaces
(ampersand)nbsp;with a non-breaking space, decimal 160 - Replaces
(ampersand)lt;with a "less than" symbol - Replaces
(ampersand)gt;with> - Replaces characters that are represented in hexadecimal format,
(ampersand)#xhhhh;, with the corresponding characters - Replaces characters that are represented in decimal format,
(ampersand)#nnnn;, with the corresponding characters
LOWERCASE
Use this option to convert uppercase letters (A-Z) to lowercase (a-z).
URL_DECODE
Use this option to decode a URL-encoded value.
NONE
Specify NONE if you don't want to perform any text transformations.
xssMatchTuple_fieldToMatch :: Lens' XssMatchTuple FieldToMatch Source #
Specifies where in a web request to look for cross-site scripting attacks.
xssMatchTuple_textTransformation :: Lens' XssMatchTuple TextTransformation Source #
Text transformations eliminate some of the unusual formatting that
attackers use in web requests in an effort to bypass AWS WAF. If you
specify a transformation, AWS WAF performs the transformation on
FieldToMatch before inspecting it for a match.
You can only specify a single type of TextTransformation.
CMD_LINE
When you're concerned that attackers are injecting an operating system command line command and using unusual formatting to disguise some or all of the command, use this option to perform the following transformations:
- Delete the following characters: \ " ' ^
- Delete spaces before the following characters: / (
- Replace the following characters with a space: , ;
- Replace multiple spaces with one space
- Convert uppercase letters (A-Z) to lowercase (a-z)
COMPRESS_WHITE_SPACE
Use this option to replace the following characters with a space character (decimal 32):
- \f, formfeed, decimal 12
- \t, tab, decimal 9
- \n, newline, decimal 10
- \r, carriage return, decimal 13
- \v, vertical tab, decimal 11
- non-breaking space, decimal 160
COMPRESS_WHITE_SPACE also replaces multiple spaces with one space.
HTML_ENTITY_DECODE
Use this option to replace HTML-encoded characters with unencoded
characters. HTML_ENTITY_DECODE performs the following operations:
- Replaces
(ampersand)quot;with" - Replaces
(ampersand)nbsp;with a non-breaking space, decimal 160 - Replaces
(ampersand)lt;with a "less than" symbol - Replaces
(ampersand)gt;with> - Replaces characters that are represented in hexadecimal format,
(ampersand)#xhhhh;, with the corresponding characters - Replaces characters that are represented in decimal format,
(ampersand)#nnnn;, with the corresponding characters
LOWERCASE
Use this option to convert uppercase letters (A-Z) to lowercase (a-z).
URL_DECODE
Use this option to decode a URL-encoded value.
NONE
Specify NONE if you don't want to perform any text transformations.