com.amazonaws.services.waf.AWSWAFClient Maven / Gradle / Ivy
Show all versions of aws-java-sdk-waf Show documentation
/*
* Copyright 2012-2017 Amazon.com, Inc. or its affiliates. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the "License"). You may not use this file except in compliance with
* the License. A copy of the License is located at
*
* http://aws.amazon.com/apache2.0
*
* or in the "license" file accompanying this file. This file is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR
* CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions
* and limitations under the License.
*/
package com.amazonaws.services.waf;
import org.w3c.dom.*;
import java.net.*;
import java.util.*;
import javax.annotation.Generated;
import org.apache.commons.logging.*;
import com.amazonaws.*;
import com.amazonaws.auth.*;
import com.amazonaws.handlers.*;
import com.amazonaws.http.*;
import com.amazonaws.internal.*;
import com.amazonaws.internal.auth.*;
import com.amazonaws.metrics.*;
import com.amazonaws.regions.*;
import com.amazonaws.transform.*;
import com.amazonaws.util.*;
import com.amazonaws.protocol.json.*;
import com.amazonaws.util.AWSRequestMetrics.Field;
import com.amazonaws.annotation.ThreadSafe;
import com.amazonaws.client.AwsSyncClientParams;
import com.amazonaws.services.waf.AWSWAFClientBuilder;
import com.amazonaws.AmazonServiceException;
import com.amazonaws.services.waf.model.*;
import com.amazonaws.services.waf.model.waf.transform.*;
/**
* Client for accessing WAF. All service calls made using this client are blocking, and will not return until the
* service call completes.
*
*
* This is the AWS WAF API Reference for using AWS WAF with Amazon CloudFront. The AWS WAF actions and data types
* listed in the reference are available for protecting Amazon CloudFront distributions. You can use these actions and
* data types via the endpoint waf.amazonaws.com. This guide is for developers who need detailed information
* about the AWS WAF API actions, data types, and errors. For detailed information about AWS WAF features and an
* overview of how to use the AWS WAF API, see the AWS
* WAF Developer Guide.
*
*/
@ThreadSafe
@Generated("com.amazonaws:aws-java-sdk-code-generator")
public class AWSWAFClient extends AmazonWebServiceClient implements AWSWAF {
/** Provider for AWS credentials. */
private final AWSCredentialsProvider awsCredentialsProvider;
private static final Log log = LogFactory.getLog(AWSWAF.class);
/** Default signing name for the service. */
private static final String DEFAULT_SIGNING_NAME = "waf";
/** Client configuration factory providing ClientConfigurations tailored to this client */
protected static final ClientConfigurationFactory configFactory = new ClientConfigurationFactory();
private final com.amazonaws.protocol.json.SdkJsonProtocolFactory protocolFactory = new com.amazonaws.protocol.json.SdkJsonProtocolFactory(
new JsonClientMetadata()
.withProtocolVersion("1.1")
.withSupportsCbor(false)
.withSupportsIon(false)
.addErrorMetadata(
new JsonErrorShapeMetadata().withErrorCode("WAFReferencedItemException").withModeledClass(
com.amazonaws.services.waf.model.WAFReferencedItemException.class))
.addErrorMetadata(
new JsonErrorShapeMetadata().withErrorCode("WAFLimitsExceededException").withModeledClass(
com.amazonaws.services.waf.model.WAFLimitsExceededException.class))
.addErrorMetadata(
new JsonErrorShapeMetadata().withErrorCode("WAFStaleDataException").withModeledClass(
com.amazonaws.services.waf.model.WAFStaleDataException.class))
.addErrorMetadata(
new JsonErrorShapeMetadata().withErrorCode("WAFNonexistentItemException").withModeledClass(
com.amazonaws.services.waf.model.WAFNonexistentItemException.class))
.addErrorMetadata(
new JsonErrorShapeMetadata().withErrorCode("WAFInternalErrorException").withModeledClass(
com.amazonaws.services.waf.model.WAFInternalErrorException.class))
.addErrorMetadata(
new JsonErrorShapeMetadata().withErrorCode("WAFInvalidAccountException").withModeledClass(
com.amazonaws.services.waf.model.WAFInvalidAccountException.class))
.addErrorMetadata(
new JsonErrorShapeMetadata().withErrorCode("WAFDisallowedNameException").withModeledClass(
com.amazonaws.services.waf.model.WAFDisallowedNameException.class))
.addErrorMetadata(
new JsonErrorShapeMetadata().withErrorCode("WAFInvalidOperationException").withModeledClass(
com.amazonaws.services.waf.model.WAFInvalidOperationException.class))
.addErrorMetadata(
new JsonErrorShapeMetadata().withErrorCode("WAFInvalidParameterException").withModeledClass(
com.amazonaws.services.waf.model.WAFInvalidParameterException.class))
.addErrorMetadata(
new JsonErrorShapeMetadata().withErrorCode("WAFNonexistentContainerException").withModeledClass(
com.amazonaws.services.waf.model.WAFNonexistentContainerException.class))
.addErrorMetadata(
new JsonErrorShapeMetadata().withErrorCode("WAFNonEmptyEntityException").withModeledClass(
com.amazonaws.services.waf.model.WAFNonEmptyEntityException.class))
.withBaseServiceExceptionClass(com.amazonaws.services.waf.model.AWSWAFException.class));
/**
* Constructs a new client to invoke service methods on WAF. A credentials provider chain will be used that searches
* for credentials in this order:
*
* - Environment Variables - AWS_ACCESS_KEY_ID and AWS_SECRET_KEY
* - Java System Properties - aws.accessKeyId and aws.secretKey
* - Instance profile credentials delivered through the Amazon EC2 metadata service
*
*
*
* All service calls made using this new client object are blocking, and will not return until the service call
* completes.
*
* @see DefaultAWSCredentialsProviderChain
* @deprecated use {@link AWSWAFClientBuilder#defaultClient()}
*/
@Deprecated
public AWSWAFClient() {
this(DefaultAWSCredentialsProviderChain.getInstance(), configFactory.getConfig());
}
/**
* Constructs a new client to invoke service methods on WAF. A credentials provider chain will be used that searches
* for credentials in this order:
*
* - Environment Variables - AWS_ACCESS_KEY_ID and AWS_SECRET_KEY
* - Java System Properties - aws.accessKeyId and aws.secretKey
* - Instance profile credentials delivered through the Amazon EC2 metadata service
*
*
*
* All service calls made using this new client object are blocking, and will not return until the service call
* completes.
*
* @param clientConfiguration
* The client configuration options controlling how this client connects to WAF (ex: proxy settings, retry
* counts, etc.).
*
* @see DefaultAWSCredentialsProviderChain
* @deprecated use {@link AWSWAFClientBuilder#withClientConfiguration(ClientConfiguration)}
*/
@Deprecated
public AWSWAFClient(ClientConfiguration clientConfiguration) {
this(DefaultAWSCredentialsProviderChain.getInstance(), clientConfiguration);
}
/**
* Constructs a new client to invoke service methods on WAF using the specified AWS account credentials.
*
*
* All service calls made using this new client object are blocking, and will not return until the service call
* completes.
*
* @param awsCredentials
* The AWS credentials (access key ID and secret key) to use when authenticating with AWS services.
* @deprecated use {@link AWSWAFClientBuilder#withCredentials(AWSCredentialsProvider)} for example:
* {@code AWSWAFClientBuilder.standard().withCredentials(new AWSStaticCredentialsProvider(awsCredentials)).build();}
*/
@Deprecated
public AWSWAFClient(AWSCredentials awsCredentials) {
this(awsCredentials, configFactory.getConfig());
}
/**
* Constructs a new client to invoke service methods on WAF using the specified AWS account credentials and client
* configuration options.
*
*
* All service calls made using this new client object are blocking, and will not return until the service call
* completes.
*
* @param awsCredentials
* The AWS credentials (access key ID and secret key) to use when authenticating with AWS services.
* @param clientConfiguration
* The client configuration options controlling how this client connects to WAF (ex: proxy settings, retry
* counts, etc.).
* @deprecated use {@link AWSWAFClientBuilder#withCredentials(AWSCredentialsProvider)} and
* {@link AWSWAFClientBuilder#withClientConfiguration(ClientConfiguration)}
*/
@Deprecated
public AWSWAFClient(AWSCredentials awsCredentials, ClientConfiguration clientConfiguration) {
super(clientConfiguration);
this.awsCredentialsProvider = new StaticCredentialsProvider(awsCredentials);
init();
}
/**
* Constructs a new client to invoke service methods on WAF using the specified AWS account credentials provider.
*
*
* All service calls made using this new client object are blocking, and will not return until the service call
* completes.
*
* @param awsCredentialsProvider
* The AWS credentials provider which will provide credentials to authenticate requests with AWS services.
* @deprecated use {@link AWSWAFClientBuilder#withCredentials(AWSCredentialsProvider)}
*/
@Deprecated
public AWSWAFClient(AWSCredentialsProvider awsCredentialsProvider) {
this(awsCredentialsProvider, configFactory.getConfig());
}
/**
* Constructs a new client to invoke service methods on WAF using the specified AWS account credentials provider and
* client configuration options.
*
*
* All service calls made using this new client object are blocking, and will not return until the service call
* completes.
*
* @param awsCredentialsProvider
* The AWS credentials provider which will provide credentials to authenticate requests with AWS services.
* @param clientConfiguration
* The client configuration options controlling how this client connects to WAF (ex: proxy settings, retry
* counts, etc.).
* @deprecated use {@link AWSWAFClientBuilder#withCredentials(AWSCredentialsProvider)} and
* {@link AWSWAFClientBuilder#withClientConfiguration(ClientConfiguration)}
*/
@Deprecated
public AWSWAFClient(AWSCredentialsProvider awsCredentialsProvider, ClientConfiguration clientConfiguration) {
this(awsCredentialsProvider, clientConfiguration, null);
}
/**
* Constructs a new client to invoke service methods on WAF using the specified AWS account credentials provider,
* client configuration options, and request metric collector.
*
*
* All service calls made using this new client object are blocking, and will not return until the service call
* completes.
*
* @param awsCredentialsProvider
* The AWS credentials provider which will provide credentials to authenticate requests with AWS services.
* @param clientConfiguration
* The client configuration options controlling how this client connects to WAF (ex: proxy settings, retry
* counts, etc.).
* @param requestMetricCollector
* optional request metric collector
* @deprecated use {@link AWSWAFClientBuilder#withCredentials(AWSCredentialsProvider)} and
* {@link AWSWAFClientBuilder#withClientConfiguration(ClientConfiguration)} and
* {@link AWSWAFClientBuilder#withMetricsCollector(RequestMetricCollector)}
*/
@Deprecated
public AWSWAFClient(AWSCredentialsProvider awsCredentialsProvider, ClientConfiguration clientConfiguration, RequestMetricCollector requestMetricCollector) {
super(clientConfiguration, requestMetricCollector);
this.awsCredentialsProvider = awsCredentialsProvider;
init();
}
public static AWSWAFClientBuilder builder() {
return AWSWAFClientBuilder.standard();
}
/**
* Constructs a new client to invoke service methods on WAF using the specified parameters.
*
*
* All service calls made using this new client object are blocking, and will not return until the service call
* completes.
*
* @param clientParams
* Object providing client parameters.
*/
AWSWAFClient(AwsSyncClientParams clientParams) {
super(clientParams);
this.awsCredentialsProvider = clientParams.getCredentialsProvider();
init();
}
private void init() {
setServiceNameIntern(DEFAULT_SIGNING_NAME);
setEndpointPrefix(ENDPOINT_PREFIX);
// calling this.setEndPoint(...) will also modify the signer accordingly
setEndpoint("https://waf.amazonaws.com/");
HandlerChainFactory chainFactory = new HandlerChainFactory();
requestHandler2s.addAll(chainFactory.newRequestHandlerChain("/com/amazonaws/services/waf/request.handlers"));
requestHandler2s.addAll(chainFactory.newRequestHandler2Chain("/com/amazonaws/services/waf/request.handler2s"));
requestHandler2s.addAll(chainFactory.getGlobalHandlers());
}
/**
*
* Creates a ByteMatchSet
. You then use UpdateByteMatchSet to identify the part of a web request
* that you want AWS WAF to inspect, such as the values of the User-Agent
header or the query string.
* For example, you can create a ByteMatchSet
that matches any requests with User-Agent
* headers that contain the string BadBot
. You can then configure AWS WAF to reject those requests.
*
*
* To create and configure a ByteMatchSet
, perform the following steps:
*
*
* -
*
* Use GetChangeToken to get the change token that you provide in the ChangeToken
parameter of a
* CreateByteMatchSet
request.
*
*
* -
*
* Submit a CreateByteMatchSet
request.
*
*
* -
*
* Use GetChangeToken
to get the change token that you provide in the ChangeToken
* parameter of an UpdateByteMatchSet
request.
*
*
* -
*
* Submit an UpdateByteMatchSet request to specify the part of the request that you want AWS WAF to inspect
* (for example, the header or the URI) and the value that you want AWS WAF to watch for.
*
*
*
*
* For more information about how to use the AWS WAF API to allow or block HTTP requests, see the AWS WAF Developer Guide.
*
*
* @param createByteMatchSetRequest
* @return Result of the CreateByteMatchSet operation returned by the service.
* @throws WAFDisallowedNameException
* The name specified is invalid.
* @throws WAFInternalErrorException
* The operation failed because of a system problem, even though the request was valid. Retry your request.
* @throws WAFInvalidAccountException
* The operation failed because you tried to create, update, or delete an object by using an invalid account
* identifier.
* @throws WAFInvalidParameterException
* The operation failed because AWS WAF didn't recognize a parameter in the request. For example:
*
* -
*
* You specified an invalid parameter name.
*
*
* -
*
* You specified an invalid value.
*
*
* -
*
* You tried to update an object (ByteMatchSet
, IPSet
, Rule
, or
* WebACL
) using an action other than INSERT
or DELETE
.
*
*
* -
*
* You tried to create a WebACL
with a DefaultAction
Type
other than
* ALLOW
, BLOCK
, or COUNT
.
*
*
* -
*
* You tried to update a WebACL
with a WafAction
Type
other than
* ALLOW
, BLOCK
, or COUNT
.
*
*
* -
*
* You tried to update a ByteMatchSet
with a FieldToMatch
Type
other
* than HEADER, QUERY_STRING, or URI.
*
*
* -
*
* You tried to update a ByteMatchSet
with a Field
of HEADER
but no
* value for Data
.
*
*
* -
*
* Your request references an ARN that is malformed, or corresponds to a resource with which a web ACL
* cannot be associated.
*
*
* @throws WAFStaleDataException
* The operation failed because you tried to create, update, or delete an object by using a change token
* that has already been used.
* @throws WAFLimitsExceededException
* The operation exceeds a resource limit, for example, the maximum number of WebACL
objects
* that you can create for an AWS account. For more information, see Limits in the AWS WAF
* Developer Guide.
* @sample AWSWAF.CreateByteMatchSet
* @see AWS API
* Documentation
*/
@Override
public CreateByteMatchSetResult createByteMatchSet(CreateByteMatchSetRequest createByteMatchSetRequest) {
ExecutionContext executionContext = createExecutionContext(createByteMatchSetRequest);
AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics();
awsRequestMetrics.startEvent(Field.ClientExecuteTime);
Request request = null;
Response response = null;
try {
awsRequestMetrics.startEvent(Field.RequestMarshallTime);
try {
request = new CreateByteMatchSetRequestMarshaller(protocolFactory).marshall(super.beforeMarshalling(createByteMatchSetRequest));
// Binds the request metrics to the current request.
request.setAWSRequestMetrics(awsRequestMetrics);
} finally {
awsRequestMetrics.endEvent(Field.RequestMarshallTime);
}
HttpResponseHandler> responseHandler = protocolFactory.createResponseHandler(
new JsonOperationMetadata().withPayloadJson(true).withHasStreamingSuccessResponse(false), new CreateByteMatchSetResultJsonUnmarshaller());
response = invoke(request, responseHandler, executionContext);
return response.getAwsResponse();
} finally {
endClientExecution(awsRequestMetrics, request, response);
}
}
/**
*
* Creates an IPSet, which you use to specify which web requests you want to allow or block based on the IP
* addresses that the requests originate from. For example, if you're receiving a lot of requests from one or more
* individual IP addresses or one or more ranges of IP addresses and you want to block the requests, you can create
* an IPSet
that contains those IP addresses and then configure AWS WAF to block the requests.
*
*
* To create and configure an IPSet
, perform the following steps:
*
*
* -
*
* Use GetChangeToken to get the change token that you provide in the ChangeToken
parameter of a
* CreateIPSet
request.
*
*
* -
*
* Submit a CreateIPSet
request.
*
*
* -
*
* Use GetChangeToken
to get the change token that you provide in the ChangeToken
* parameter of an UpdateIPSet request.
*
*
* -
*
* Submit an UpdateIPSet
request to specify the IP addresses that you want AWS WAF to watch for.
*
*
*
*
* For more information about how to use the AWS WAF API to allow or block HTTP requests, see the AWS WAF Developer Guide.
*
*
* @param createIPSetRequest
* @return Result of the CreateIPSet operation returned by the service.
* @throws WAFStaleDataException
* The operation failed because you tried to create, update, or delete an object by using a change token
* that has already been used.
* @throws WAFInternalErrorException
* The operation failed because of a system problem, even though the request was valid. Retry your request.
* @throws WAFInvalidAccountException
* The operation failed because you tried to create, update, or delete an object by using an invalid account
* identifier.
* @throws WAFDisallowedNameException
* The name specified is invalid.
* @throws WAFInvalidParameterException
* The operation failed because AWS WAF didn't recognize a parameter in the request. For example:
*
* -
*
* You specified an invalid parameter name.
*
*
* -
*
* You specified an invalid value.
*
*
* -
*
* You tried to update an object (ByteMatchSet
, IPSet
, Rule
, or
* WebACL
) using an action other than INSERT
or DELETE
.
*
*
* -
*
* You tried to create a WebACL
with a DefaultAction
Type
other than
* ALLOW
, BLOCK
, or COUNT
.
*
*
* -
*
* You tried to update a WebACL
with a WafAction
Type
other than
* ALLOW
, BLOCK
, or COUNT
.
*
*
* -
*
* You tried to update a ByteMatchSet
with a FieldToMatch
Type
other
* than HEADER, QUERY_STRING, or URI.
*
*
* -
*
* You tried to update a ByteMatchSet
with a Field
of HEADER
but no
* value for Data
.
*
*
* -
*
* Your request references an ARN that is malformed, or corresponds to a resource with which a web ACL
* cannot be associated.
*
*
* @throws WAFLimitsExceededException
* The operation exceeds a resource limit, for example, the maximum number of WebACL
objects
* that you can create for an AWS account. For more information, see Limits in the AWS WAF
* Developer Guide.
* @sample AWSWAF.CreateIPSet
* @see AWS API
* Documentation
*/
@Override
public CreateIPSetResult createIPSet(CreateIPSetRequest createIPSetRequest) {
ExecutionContext executionContext = createExecutionContext(createIPSetRequest);
AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics();
awsRequestMetrics.startEvent(Field.ClientExecuteTime);
Request request = null;
Response response = null;
try {
awsRequestMetrics.startEvent(Field.RequestMarshallTime);
try {
request = new CreateIPSetRequestMarshaller(protocolFactory).marshall(super.beforeMarshalling(createIPSetRequest));
// Binds the request metrics to the current request.
request.setAWSRequestMetrics(awsRequestMetrics);
} finally {
awsRequestMetrics.endEvent(Field.RequestMarshallTime);
}
HttpResponseHandler> responseHandler = protocolFactory.createResponseHandler(
new JsonOperationMetadata().withPayloadJson(true).withHasStreamingSuccessResponse(false), new CreateIPSetResultJsonUnmarshaller());
response = invoke(request, responseHandler, executionContext);
return response.getAwsResponse();
} finally {
endClientExecution(awsRequestMetrics, request, response);
}
}
/**
*
* Creates a Rule
, which contains the IPSet
objects, ByteMatchSet
objects,
* and other predicates that identify the requests that you want to block. If you add more than one predicate to a
* Rule
, a request must match all of the specifications to be allowed or blocked. For example, suppose
* you add the following to a Rule
:
*
*
* -
*
* An IPSet
that matches the IP address 192.0.2.44/32
*
*
* -
*
* A ByteMatchSet
that matches BadBot
in the User-Agent
header
*
*
*
*
* You then add the Rule
to a WebACL
and specify that you want to blocks requests that
* satisfy the Rule
. For a request to be blocked, it must come from the IP address 192.0.2.44
* and the User-Agent
header in the request must contain the value BadBot
.
*
*
* To create and configure a Rule
, perform the following steps:
*
*
* -
*
* Create and update the predicates that you want to include in the Rule
. For more information, see
* CreateByteMatchSet, CreateIPSet, and CreateSqlInjectionMatchSet.
*
*
* -
*
* Use GetChangeToken to get the change token that you provide in the ChangeToken
parameter of a
* CreateRule
request.
*
*
* -
*
* Submit a CreateRule
request.
*
*
* -
*
* Use GetChangeToken
to get the change token that you provide in the ChangeToken
* parameter of an UpdateRule request.
*
*
* -
*
* Submit an UpdateRule
request to specify the predicates that you want to include in the
* Rule
.
*
*
* -
*
* Create and update a WebACL
that contains the Rule
. For more information, see
* CreateWebACL.
*
*
*
*
* For more information about how to use the AWS WAF API to allow or block HTTP requests, see the AWS WAF Developer Guide.
*
*
* @param createRuleRequest
* @return Result of the CreateRule operation returned by the service.
* @throws WAFStaleDataException
* The operation failed because you tried to create, update, or delete an object by using a change token
* that has already been used.
* @throws WAFInternalErrorException
* The operation failed because of a system problem, even though the request was valid. Retry your request.
* @throws WAFDisallowedNameException
* The name specified is invalid.
* @throws WAFInvalidParameterException
* The operation failed because AWS WAF didn't recognize a parameter in the request. For example:
*
* -
*
* You specified an invalid parameter name.
*
*
* -
*
* You specified an invalid value.
*
*
* -
*
* You tried to update an object (ByteMatchSet
, IPSet
, Rule
, or
* WebACL
) using an action other than INSERT
or DELETE
.
*
*
* -
*
* You tried to create a WebACL
with a DefaultAction
Type
other than
* ALLOW
, BLOCK
, or COUNT
.
*
*
* -
*
* You tried to update a WebACL
with a WafAction
Type
other than
* ALLOW
, BLOCK
, or COUNT
.
*
*
* -
*
* You tried to update a ByteMatchSet
with a FieldToMatch
Type
other
* than HEADER, QUERY_STRING, or URI.
*
*
* -
*
* You tried to update a ByteMatchSet
with a Field
of HEADER
but no
* value for Data
.
*
*
* -
*
* Your request references an ARN that is malformed, or corresponds to a resource with which a web ACL
* cannot be associated.
*
*
* @throws WAFLimitsExceededException
* The operation exceeds a resource limit, for example, the maximum number of WebACL
objects
* that you can create for an AWS account. For more information, see Limits in the AWS WAF
* Developer Guide.
* @sample AWSWAF.CreateRule
* @see AWS API
* Documentation
*/
@Override
public CreateRuleResult createRule(CreateRuleRequest createRuleRequest) {
ExecutionContext executionContext = createExecutionContext(createRuleRequest);
AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics();
awsRequestMetrics.startEvent(Field.ClientExecuteTime);
Request request = null;
Response response = null;
try {
awsRequestMetrics.startEvent(Field.RequestMarshallTime);
try {
request = new CreateRuleRequestMarshaller(protocolFactory).marshall(super.beforeMarshalling(createRuleRequest));
// Binds the request metrics to the current request.
request.setAWSRequestMetrics(awsRequestMetrics);
} finally {
awsRequestMetrics.endEvent(Field.RequestMarshallTime);
}
HttpResponseHandler> responseHandler = protocolFactory.createResponseHandler(new JsonOperationMetadata()
.withPayloadJson(true).withHasStreamingSuccessResponse(false), new CreateRuleResultJsonUnmarshaller());
response = invoke(request, responseHandler, executionContext);
return response.getAwsResponse();
} finally {
endClientExecution(awsRequestMetrics, request, response);
}
}
/**
*
* Creates a SizeConstraintSet
. You then use UpdateSizeConstraintSet to identify the part of a
* web request that you want AWS WAF to check for length, such as the length of the User-Agent
header
* or the length of the query string. For example, you can create a SizeConstraintSet
that matches any
* requests that have a query string that is longer than 100 bytes. You can then configure AWS WAF to reject those
* requests.
*
*
* To create and configure a SizeConstraintSet
, perform the following steps:
*
*
* -
*
* Use GetChangeToken to get the change token that you provide in the ChangeToken
parameter of a
* CreateSizeConstraintSet
request.
*
*
* -
*
* Submit a CreateSizeConstraintSet
request.
*
*
* -
*
* Use GetChangeToken
to get the change token that you provide in the ChangeToken
* parameter of an UpdateSizeConstraintSet
request.
*
*
* -
*
* Submit an UpdateSizeConstraintSet request to specify the part of the request that you want AWS WAF to
* inspect (for example, the header or the URI) and the value that you want AWS WAF to watch for.
*
*
*
*
* For more information about how to use the AWS WAF API to allow or block HTTP requests, see the AWS WAF Developer Guide.
*
*
* @param createSizeConstraintSetRequest
* @return Result of the CreateSizeConstraintSet operation returned by the service.
* @throws WAFStaleDataException
* The operation failed because you tried to create, update, or delete an object by using a change token
* that has already been used.
* @throws WAFInternalErrorException
* The operation failed because of a system problem, even though the request was valid. Retry your request.
* @throws WAFInvalidAccountException
* The operation failed because you tried to create, update, or delete an object by using an invalid account
* identifier.
* @throws WAFDisallowedNameException
* The name specified is invalid.
* @throws WAFInvalidParameterException
* The operation failed because AWS WAF didn't recognize a parameter in the request. For example:
*
* -
*
* You specified an invalid parameter name.
*
*
* -
*
* You specified an invalid value.
*
*
* -
*
* You tried to update an object (ByteMatchSet
, IPSet
, Rule
, or
* WebACL
) using an action other than INSERT
or DELETE
.
*
*
* -
*
* You tried to create a WebACL
with a DefaultAction
Type
other than
* ALLOW
, BLOCK
, or COUNT
.
*
*
* -
*
* You tried to update a WebACL
with a WafAction
Type
other than
* ALLOW
, BLOCK
, or COUNT
.
*
*
* -
*
* You tried to update a ByteMatchSet
with a FieldToMatch
Type
other
* than HEADER, QUERY_STRING, or URI.
*
*
* -
*
* You tried to update a ByteMatchSet
with a Field
of HEADER
but no
* value for Data
.
*
*
* -
*
* Your request references an ARN that is malformed, or corresponds to a resource with which a web ACL
* cannot be associated.
*
*
* @throws WAFLimitsExceededException
* The operation exceeds a resource limit, for example, the maximum number of WebACL
objects
* that you can create for an AWS account. For more information, see Limits in the AWS WAF
* Developer Guide.
* @sample AWSWAF.CreateSizeConstraintSet
* @see AWS
* API Documentation
*/
@Override
public CreateSizeConstraintSetResult createSizeConstraintSet(CreateSizeConstraintSetRequest createSizeConstraintSetRequest) {
ExecutionContext executionContext = createExecutionContext(createSizeConstraintSetRequest);
AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics();
awsRequestMetrics.startEvent(Field.ClientExecuteTime);
Request request = null;
Response response = null;
try {
awsRequestMetrics.startEvent(Field.RequestMarshallTime);
try {
request = new CreateSizeConstraintSetRequestMarshaller(protocolFactory).marshall(super.beforeMarshalling(createSizeConstraintSetRequest));
// Binds the request metrics to the current request.
request.setAWSRequestMetrics(awsRequestMetrics);
} finally {
awsRequestMetrics.endEvent(Field.RequestMarshallTime);
}
HttpResponseHandler> responseHandler = protocolFactory.createResponseHandler(
new JsonOperationMetadata().withPayloadJson(true).withHasStreamingSuccessResponse(false),
new CreateSizeConstraintSetResultJsonUnmarshaller());
response = invoke(request, responseHandler, executionContext);
return response.getAwsResponse();
} finally {
endClientExecution(awsRequestMetrics, request, response);
}
}
/**
*
* Creates a SqlInjectionMatchSet, which you use to allow, block, or count requests that contain snippets of
* SQL code in a specified part of web requests. AWS WAF searches for character sequences that are likely to be
* malicious strings.
*
*
* To create and configure a SqlInjectionMatchSet
, perform the following steps:
*
*
* -
*
* Use GetChangeToken to get the change token that you provide in the ChangeToken
parameter of a
* CreateSqlInjectionMatchSet
request.
*
*
* -
*
* Submit a CreateSqlInjectionMatchSet
request.
*
*
* -
*
* Use GetChangeToken
to get the change token that you provide in the ChangeToken
* parameter of an UpdateSqlInjectionMatchSet request.
*
*
* -
*
* Submit an UpdateSqlInjectionMatchSet request to specify the parts of web requests in which you want to
* allow, block, or count malicious SQL code.
*
*
*
*
* For more information about how to use the AWS WAF API to allow or block HTTP requests, see the AWS WAF Developer Guide.
*
*
* @param createSqlInjectionMatchSetRequest
* A request to create a SqlInjectionMatchSet.
* @return Result of the CreateSqlInjectionMatchSet operation returned by the service.
* @throws WAFDisallowedNameException
* The name specified is invalid.
* @throws WAFInternalErrorException
* The operation failed because of a system problem, even though the request was valid. Retry your request.
* @throws WAFInvalidAccountException
* The operation failed because you tried to create, update, or delete an object by using an invalid account
* identifier.
* @throws WAFInvalidParameterException
* The operation failed because AWS WAF didn't recognize a parameter in the request. For example:
*
* -
*
* You specified an invalid parameter name.
*
*
* -
*
* You specified an invalid value.
*
*
* -
*
* You tried to update an object (ByteMatchSet
, IPSet
, Rule
, or
* WebACL
) using an action other than INSERT
or DELETE
.
*
*
* -
*
* You tried to create a WebACL
with a DefaultAction
Type
other than
* ALLOW
, BLOCK
, or COUNT
.
*
*
* -
*
* You tried to update a WebACL
with a WafAction
Type
other than
* ALLOW
, BLOCK
, or COUNT
.
*
*
* -
*
* You tried to update a ByteMatchSet
with a FieldToMatch
Type
other
* than HEADER, QUERY_STRING, or URI.
*
*
* -
*
* You tried to update a ByteMatchSet
with a Field
of HEADER
but no
* value for Data
.
*
*
* -
*
* Your request references an ARN that is malformed, or corresponds to a resource with which a web ACL
* cannot be associated.
*
*
* @throws WAFStaleDataException
* The operation failed because you tried to create, update, or delete an object by using a change token
* that has already been used.
* @throws WAFLimitsExceededException
* The operation exceeds a resource limit, for example, the maximum number of WebACL
objects
* that you can create for an AWS account. For more information, see Limits in the AWS WAF
* Developer Guide.
* @sample AWSWAF.CreateSqlInjectionMatchSet
* @see AWS
* API Documentation
*/
@Override
public CreateSqlInjectionMatchSetResult createSqlInjectionMatchSet(CreateSqlInjectionMatchSetRequest createSqlInjectionMatchSetRequest) {
ExecutionContext executionContext = createExecutionContext(createSqlInjectionMatchSetRequest);
AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics();
awsRequestMetrics.startEvent(Field.ClientExecuteTime);
Request request = null;
Response response = null;
try {
awsRequestMetrics.startEvent(Field.RequestMarshallTime);
try {
request = new CreateSqlInjectionMatchSetRequestMarshaller(protocolFactory).marshall(super.beforeMarshalling(createSqlInjectionMatchSetRequest));
// Binds the request metrics to the current request.
request.setAWSRequestMetrics(awsRequestMetrics);
} finally {
awsRequestMetrics.endEvent(Field.RequestMarshallTime);
}
HttpResponseHandler> responseHandler = protocolFactory.createResponseHandler(
new JsonOperationMetadata().withPayloadJson(true).withHasStreamingSuccessResponse(false),
new CreateSqlInjectionMatchSetResultJsonUnmarshaller());
response = invoke(request, responseHandler, executionContext);
return response.getAwsResponse();
} finally {
endClientExecution(awsRequestMetrics, request, response);
}
}
/**
*
* Creates a WebACL
, which contains the Rules
that identify the CloudFront web requests
* that you want to allow, block, or count. AWS WAF evaluates Rules
in order based on the value of
* Priority
for each Rule
.
*
*
* You also specify a default action, either ALLOW
or BLOCK
. If a web request doesn't
* match any of the Rules
in a WebACL
, AWS WAF responds to the request with the default
* action.
*
*
* To create and configure a WebACL
, perform the following steps:
*
*
* -
*
* Create and update the ByteMatchSet
objects and other predicates that you want to include in
* Rules
. For more information, see CreateByteMatchSet, UpdateByteMatchSet,
* CreateIPSet, UpdateIPSet, CreateSqlInjectionMatchSet, and UpdateSqlInjectionMatchSet.
*
*
* -
*
* Create and update the Rules
that you want to include in the WebACL
. For more
* information, see CreateRule and UpdateRule.
*
*
* -
*
* Use GetChangeToken to get the change token that you provide in the ChangeToken
parameter of a
* CreateWebACL
request.
*
*
* -
*
* Submit a CreateWebACL
request.
*
*
* -
*
* Use GetChangeToken
to get the change token that you provide in the ChangeToken
* parameter of an UpdateWebACL request.
*
*
* -
*
* Submit an UpdateWebACL request to specify the Rules
that you want to include in the
* WebACL
, to specify the default action, and to associate the WebACL
with a CloudFront
* distribution.
*
*
*
*
* For more information about how to use the AWS WAF API, see the AWS WAF Developer Guide.
*
*
* @param createWebACLRequest
* @return Result of the CreateWebACL operation returned by the service.
* @throws WAFStaleDataException
* The operation failed because you tried to create, update, or delete an object by using a change token
* that has already been used.
* @throws WAFInternalErrorException
* The operation failed because of a system problem, even though the request was valid. Retry your request.
* @throws WAFInvalidAccountException
* The operation failed because you tried to create, update, or delete an object by using an invalid account
* identifier.
* @throws WAFDisallowedNameException
* The name specified is invalid.
* @throws WAFInvalidParameterException
* The operation failed because AWS WAF didn't recognize a parameter in the request. For example:
*
* -
*
* You specified an invalid parameter name.
*
*
* -
*
* You specified an invalid value.
*
*
* -
*
* You tried to update an object (ByteMatchSet
, IPSet
, Rule
, or
* WebACL
) using an action other than INSERT
or DELETE
.
*
*
* -
*
* You tried to create a WebACL
with a DefaultAction
Type
other than
* ALLOW
, BLOCK
, or COUNT
.
*
*
* -
*
* You tried to update a WebACL
with a WafAction
Type
other than
* ALLOW
, BLOCK
, or COUNT
.
*
*
* -
*
* You tried to update a ByteMatchSet
with a FieldToMatch
Type
other
* than HEADER, QUERY_STRING, or URI.
*
*
* -
*
* You tried to update a ByteMatchSet
with a Field
of HEADER
but no
* value for Data
.
*
*
* -
*
* Your request references an ARN that is malformed, or corresponds to a resource with which a web ACL
* cannot be associated.
*
*
* @throws WAFLimitsExceededException
* The operation exceeds a resource limit, for example, the maximum number of WebACL
objects
* that you can create for an AWS account. For more information, see Limits in the AWS WAF
* Developer Guide.
* @sample AWSWAF.CreateWebACL
* @see AWS API
* Documentation
*/
@Override
public CreateWebACLResult createWebACL(CreateWebACLRequest createWebACLRequest) {
ExecutionContext executionContext = createExecutionContext(createWebACLRequest);
AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics();
awsRequestMetrics.startEvent(Field.ClientExecuteTime);
Request request = null;
Response response = null;
try {
awsRequestMetrics.startEvent(Field.RequestMarshallTime);
try {
request = new CreateWebACLRequestMarshaller(protocolFactory).marshall(super.beforeMarshalling(createWebACLRequest));
// Binds the request metrics to the current request.
request.setAWSRequestMetrics(awsRequestMetrics);
} finally {
awsRequestMetrics.endEvent(Field.RequestMarshallTime);
}
HttpResponseHandler> responseHandler = protocolFactory.createResponseHandler(
new JsonOperationMetadata().withPayloadJson(true).withHasStreamingSuccessResponse(false), new CreateWebACLResultJsonUnmarshaller());
response = invoke(request, responseHandler, executionContext);
return response.getAwsResponse();
} finally {
endClientExecution(awsRequestMetrics, request, response);
}
}
/**
*
* Creates an XssMatchSet, which you use to allow, block, or count requests that contain cross-site scripting
* attacks in the specified part of web requests. AWS WAF searches for character sequences that are likely to be
* malicious strings.
*
*
* To create and configure an XssMatchSet
, perform the following steps:
*
*
* -
*
* Use GetChangeToken to get the change token that you provide in the ChangeToken
parameter of a
* CreateXssMatchSet
request.
*
*
* -
*
* Submit a CreateXssMatchSet
request.
*
*
* -
*
* Use GetChangeToken
to get the change token that you provide in the ChangeToken
* parameter of an UpdateXssMatchSet request.
*
*
* -
*
* Submit an UpdateXssMatchSet request to specify the parts of web requests in which you want to allow,
* block, or count cross-site scripting attacks.
*
*
*
*
* For more information about how to use the AWS WAF API to allow or block HTTP requests, see the AWS WAF Developer Guide.
*
*
* @param createXssMatchSetRequest
* A request to create an XssMatchSet.
* @return Result of the CreateXssMatchSet operation returned by the service.
* @throws WAFDisallowedNameException
* The name specified is invalid.
* @throws WAFInternalErrorException
* The operation failed because of a system problem, even though the request was valid. Retry your request.
* @throws WAFInvalidAccountException
* The operation failed because you tried to create, update, or delete an object by using an invalid account
* identifier.
* @throws WAFInvalidParameterException
* The operation failed because AWS WAF didn't recognize a parameter in the request. For example:
*
* -
*
* You specified an invalid parameter name.
*
*
* -
*
* You specified an invalid value.
*
*
* -
*
* You tried to update an object (ByteMatchSet
, IPSet
, Rule
, or
* WebACL
) using an action other than INSERT
or DELETE
.
*
*
* -
*
* You tried to create a WebACL
with a DefaultAction
Type
other than
* ALLOW
, BLOCK
, or COUNT
.
*
*
* -
*
* You tried to update a WebACL
with a WafAction
Type
other than
* ALLOW
, BLOCK
, or COUNT
.
*
*
* -
*
* You tried to update a ByteMatchSet
with a FieldToMatch
Type
other
* than HEADER, QUERY_STRING, or URI.
*
*
* -
*
* You tried to update a ByteMatchSet
with a Field
of HEADER
but no
* value for Data
.
*
*
* -
*
* Your request references an ARN that is malformed, or corresponds to a resource with which a web ACL
* cannot be associated.
*
*
* @throws WAFStaleDataException
* The operation failed because you tried to create, update, or delete an object by using a change token
* that has already been used.
* @throws WAFLimitsExceededException
* The operation exceeds a resource limit, for example, the maximum number of WebACL
objects
* that you can create for an AWS account. For more information, see Limits in the AWS WAF
* Developer Guide.
* @sample AWSWAF.CreateXssMatchSet
* @see AWS API
* Documentation
*/
@Override
public CreateXssMatchSetResult createXssMatchSet(CreateXssMatchSetRequest createXssMatchSetRequest) {
ExecutionContext executionContext = createExecutionContext(createXssMatchSetRequest);
AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics();
awsRequestMetrics.startEvent(Field.ClientExecuteTime);
Request request = null;
Response response = null;
try {
awsRequestMetrics.startEvent(Field.RequestMarshallTime);
try {
request = new CreateXssMatchSetRequestMarshaller(protocolFactory).marshall(super.beforeMarshalling(createXssMatchSetRequest));
// Binds the request metrics to the current request.
request.setAWSRequestMetrics(awsRequestMetrics);
} finally {
awsRequestMetrics.endEvent(Field.RequestMarshallTime);
}
HttpResponseHandler> responseHandler = protocolFactory.createResponseHandler(
new JsonOperationMetadata().withPayloadJson(true).withHasStreamingSuccessResponse(false), new CreateXssMatchSetResultJsonUnmarshaller());
response = invoke(request, responseHandler, executionContext);
return response.getAwsResponse();
} finally {
endClientExecution(awsRequestMetrics, request, response);
}
}
/**
*
* Permanently deletes a ByteMatchSet. You can't delete a ByteMatchSet
if it's still used in any
* Rules
or if it still includes any ByteMatchTuple objects (any filters).
*
*
* If you just want to remove a ByteMatchSet
from a Rule
, use UpdateRule.
*
*
* To permanently delete a ByteMatchSet
, perform the following steps:
*
*
* -
*
* Update the ByteMatchSet
to remove filters, if any. For more information, see
* UpdateByteMatchSet.
*
*
* -
*
* Use GetChangeToken to get the change token that you provide in the ChangeToken
parameter of a
* DeleteByteMatchSet
request.
*
*
* -
*
* Submit a DeleteByteMatchSet
request.
*
*
*
*
* @param deleteByteMatchSetRequest
* @return Result of the DeleteByteMatchSet operation returned by the service.
* @throws WAFInternalErrorException
* The operation failed because of a system problem, even though the request was valid. Retry your request.
* @throws WAFInvalidAccountException
* The operation failed because you tried to create, update, or delete an object by using an invalid account
* identifier.
* @throws WAFNonexistentItemException
* The operation failed because the referenced object doesn't exist.
* @throws WAFReferencedItemException
* The operation failed because you tried to delete an object that is still in use. For example:
*
* -
*
* You tried to delete a ByteMatchSet
that is still referenced by a Rule
.
*
*
* -
*
* You tried to delete a Rule
that is still referenced by a WebACL
.
*
*
* @throws WAFStaleDataException
* The operation failed because you tried to create, update, or delete an object by using a change token
* that has already been used.
* @throws WAFNonEmptyEntityException
* The operation failed because you tried to delete an object that isn't empty. For example:
*
* -
*
* You tried to delete a WebACL
that still contains one or more Rule
objects.
*
*
* -
*
* You tried to delete a Rule
that still contains one or more ByteMatchSet
objects
* or other predicates.
*
*
* -
*
* You tried to delete a ByteMatchSet
that contains one or more ByteMatchTuple
* objects.
*
*
* -
*
* You tried to delete an IPSet
that references one or more IP addresses.
*
*
* @sample AWSWAF.DeleteByteMatchSet
* @see AWS API
* Documentation
*/
@Override
public DeleteByteMatchSetResult deleteByteMatchSet(DeleteByteMatchSetRequest deleteByteMatchSetRequest) {
ExecutionContext executionContext = createExecutionContext(deleteByteMatchSetRequest);
AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics();
awsRequestMetrics.startEvent(Field.ClientExecuteTime);
Request request = null;
Response response = null;
try {
awsRequestMetrics.startEvent(Field.RequestMarshallTime);
try {
request = new DeleteByteMatchSetRequestMarshaller(protocolFactory).marshall(super.beforeMarshalling(deleteByteMatchSetRequest));
// Binds the request metrics to the current request.
request.setAWSRequestMetrics(awsRequestMetrics);
} finally {
awsRequestMetrics.endEvent(Field.RequestMarshallTime);
}
HttpResponseHandler> responseHandler = protocolFactory.createResponseHandler(
new JsonOperationMetadata().withPayloadJson(true).withHasStreamingSuccessResponse(false), new DeleteByteMatchSetResultJsonUnmarshaller());
response = invoke(request, responseHandler, executionContext);
return response.getAwsResponse();
} finally {
endClientExecution(awsRequestMetrics, request, response);
}
}
/**
*
* Permanently deletes an IPSet. You can't delete an IPSet
if it's still used in any
* Rules
or if it still includes any IP addresses.
*
*
* If you just want to remove an IPSet
from a Rule
, use UpdateRule.
*
*
* To permanently delete an IPSet
from AWS WAF, perform the following steps:
*
*
* -
*
* Update the IPSet
to remove IP address ranges, if any. For more information, see UpdateIPSet.
*
*
* -
*
* Use GetChangeToken to get the change token that you provide in the ChangeToken
parameter of a
* DeleteIPSet
request.
*
*
* -
*
* Submit a DeleteIPSet
request.
*
*
*
*
* @param deleteIPSetRequest
* @return Result of the DeleteIPSet operation returned by the service.
* @throws WAFStaleDataException
* The operation failed because you tried to create, update, or delete an object by using a change token
* that has already been used.
* @throws WAFInternalErrorException
* The operation failed because of a system problem, even though the request was valid. Retry your request.
* @throws WAFInvalidAccountException
* The operation failed because you tried to create, update, or delete an object by using an invalid account
* identifier.
* @throws WAFNonexistentItemException
* The operation failed because the referenced object doesn't exist.
* @throws WAFReferencedItemException
* The operation failed because you tried to delete an object that is still in use. For example:
*
* -
*
* You tried to delete a ByteMatchSet
that is still referenced by a Rule
.
*
*
* -
*
* You tried to delete a Rule
that is still referenced by a WebACL
.
*
*
* @throws WAFNonEmptyEntityException
* The operation failed because you tried to delete an object that isn't empty. For example:
*
* -
*
* You tried to delete a WebACL
that still contains one or more Rule
objects.
*
*
* -
*
* You tried to delete a Rule
that still contains one or more ByteMatchSet
objects
* or other predicates.
*
*
* -
*
* You tried to delete a ByteMatchSet
that contains one or more ByteMatchTuple
* objects.
*
*
* -
*
* You tried to delete an IPSet
that references one or more IP addresses.
*
*
* @sample AWSWAF.DeleteIPSet
* @see AWS API
* Documentation
*/
@Override
public DeleteIPSetResult deleteIPSet(DeleteIPSetRequest deleteIPSetRequest) {
ExecutionContext executionContext = createExecutionContext(deleteIPSetRequest);
AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics();
awsRequestMetrics.startEvent(Field.ClientExecuteTime);
Request request = null;
Response response = null;
try {
awsRequestMetrics.startEvent(Field.RequestMarshallTime);
try {
request = new DeleteIPSetRequestMarshaller(protocolFactory).marshall(super.beforeMarshalling(deleteIPSetRequest));
// Binds the request metrics to the current request.
request.setAWSRequestMetrics(awsRequestMetrics);
} finally {
awsRequestMetrics.endEvent(Field.RequestMarshallTime);
}
HttpResponseHandler> responseHandler = protocolFactory.createResponseHandler(
new JsonOperationMetadata().withPayloadJson(true).withHasStreamingSuccessResponse(false), new DeleteIPSetResultJsonUnmarshaller());
response = invoke(request, responseHandler, executionContext);
return response.getAwsResponse();
} finally {
endClientExecution(awsRequestMetrics, request, response);
}
}
/**
*
* Permanently deletes a Rule. You can't delete a Rule
if it's still used in any
* WebACL
objects or if it still includes any predicates, such as ByteMatchSet
objects.
*
*
* If you just want to remove a Rule
from a WebACL
, use UpdateWebACL.
*
*
* To permanently delete a Rule
from AWS WAF, perform the following steps:
*
*
* -
*
* Update the Rule
to remove predicates, if any. For more information, see UpdateRule.
*
*
* -
*
* Use GetChangeToken to get the change token that you provide in the ChangeToken
parameter of a
* DeleteRule
request.
*
*
* -
*
* Submit a DeleteRule
request.
*
*
*
*
* @param deleteRuleRequest
* @return Result of the DeleteRule operation returned by the service.
* @throws WAFStaleDataException
* The operation failed because you tried to create, update, or delete an object by using a change token
* that has already been used.
* @throws WAFInternalErrorException
* The operation failed because of a system problem, even though the request was valid. Retry your request.
* @throws WAFInvalidAccountException
* The operation failed because you tried to create, update, or delete an object by using an invalid account
* identifier.
* @throws WAFNonexistentItemException
* The operation failed because the referenced object doesn't exist.
* @throws WAFReferencedItemException
* The operation failed because you tried to delete an object that is still in use. For example:
*
* -
*
* You tried to delete a ByteMatchSet
that is still referenced by a Rule
.
*
*
* -
*
* You tried to delete a Rule
that is still referenced by a WebACL
.
*
*
* @throws WAFNonEmptyEntityException
* The operation failed because you tried to delete an object that isn't empty. For example:
*
* -
*
* You tried to delete a WebACL
that still contains one or more Rule
objects.
*
*
* -
*
* You tried to delete a Rule
that still contains one or more ByteMatchSet
objects
* or other predicates.
*
*
* -
*
* You tried to delete a ByteMatchSet
that contains one or more ByteMatchTuple
* objects.
*
*
* -
*
* You tried to delete an IPSet
that references one or more IP addresses.
*
*
* @sample AWSWAF.DeleteRule
* @see AWS API
* Documentation
*/
@Override
public DeleteRuleResult deleteRule(DeleteRuleRequest deleteRuleRequest) {
ExecutionContext executionContext = createExecutionContext(deleteRuleRequest);
AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics();
awsRequestMetrics.startEvent(Field.ClientExecuteTime);
Request request = null;
Response response = null;
try {
awsRequestMetrics.startEvent(Field.RequestMarshallTime);
try {
request = new DeleteRuleRequestMarshaller(protocolFactory).marshall(super.beforeMarshalling(deleteRuleRequest));
// Binds the request metrics to the current request.
request.setAWSRequestMetrics(awsRequestMetrics);
} finally {
awsRequestMetrics.endEvent(Field.RequestMarshallTime);
}
HttpResponseHandler> responseHandler = protocolFactory.createResponseHandler(new JsonOperationMetadata()
.withPayloadJson(true).withHasStreamingSuccessResponse(false), new DeleteRuleResultJsonUnmarshaller());
response = invoke(request, responseHandler, executionContext);
return response.getAwsResponse();
} finally {
endClientExecution(awsRequestMetrics, request, response);
}
}
/**
*
* Permanently deletes a SizeConstraintSet. You can't delete a SizeConstraintSet
if it's still
* used in any Rules
or if it still includes any SizeConstraint objects (any filters).
*
*
* If you just want to remove a SizeConstraintSet
from a Rule
, use UpdateRule.
*
*
* To permanently delete a SizeConstraintSet
, perform the following steps:
*
*
* -
*
* Update the SizeConstraintSet
to remove filters, if any. For more information, see
* UpdateSizeConstraintSet.
*
*
* -
*
* Use GetChangeToken to get the change token that you provide in the ChangeToken
parameter of a
* DeleteSizeConstraintSet
request.
*
*
* -
*
* Submit a DeleteSizeConstraintSet
request.
*
*
*
*
* @param deleteSizeConstraintSetRequest
* @return Result of the DeleteSizeConstraintSet operation returned by the service.
* @throws WAFStaleDataException
* The operation failed because you tried to create, update, or delete an object by using a change token
* that has already been used.
* @throws WAFInternalErrorException
* The operation failed because of a system problem, even though the request was valid. Retry your request.
* @throws WAFInvalidAccountException
* The operation failed because you tried to create, update, or delete an object by using an invalid account
* identifier.
* @throws WAFNonexistentItemException
* The operation failed because the referenced object doesn't exist.
* @throws WAFReferencedItemException
* The operation failed because you tried to delete an object that is still in use. For example:
*
* -
*
* You tried to delete a ByteMatchSet
that is still referenced by a Rule
.
*
*
* -
*
* You tried to delete a Rule
that is still referenced by a WebACL
.
*
*
* @throws WAFNonEmptyEntityException
* The operation failed because you tried to delete an object that isn't empty. For example:
*
* -
*
* You tried to delete a WebACL
that still contains one or more Rule
objects.
*
*
* -
*
* You tried to delete a Rule
that still contains one or more ByteMatchSet
objects
* or other predicates.
*
*
* -
*
* You tried to delete a ByteMatchSet
that contains one or more ByteMatchTuple
* objects.
*
*
* -
*
* You tried to delete an IPSet
that references one or more IP addresses.
*
*
* @sample AWSWAF.DeleteSizeConstraintSet
* @see AWS
* API Documentation
*/
@Override
public DeleteSizeConstraintSetResult deleteSizeConstraintSet(DeleteSizeConstraintSetRequest deleteSizeConstraintSetRequest) {
ExecutionContext executionContext = createExecutionContext(deleteSizeConstraintSetRequest);
AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics();
awsRequestMetrics.startEvent(Field.ClientExecuteTime);
Request request = null;
Response response = null;
try {
awsRequestMetrics.startEvent(Field.RequestMarshallTime);
try {
request = new DeleteSizeConstraintSetRequestMarshaller(protocolFactory).marshall(super.beforeMarshalling(deleteSizeConstraintSetRequest));
// Binds the request metrics to the current request.
request.setAWSRequestMetrics(awsRequestMetrics);
} finally {
awsRequestMetrics.endEvent(Field.RequestMarshallTime);
}
HttpResponseHandler> responseHandler = protocolFactory.createResponseHandler(
new JsonOperationMetadata().withPayloadJson(true).withHasStreamingSuccessResponse(false),
new DeleteSizeConstraintSetResultJsonUnmarshaller());
response = invoke(request, responseHandler, executionContext);
return response.getAwsResponse();
} finally {
endClientExecution(awsRequestMetrics, request, response);
}
}
/**
*
* Permanently deletes a SqlInjectionMatchSet. You can't delete a SqlInjectionMatchSet
if it's
* still used in any Rules
or if it still contains any SqlInjectionMatchTuple objects.
*
*
* If you just want to remove a SqlInjectionMatchSet
from a Rule
, use UpdateRule.
*
*
* To permanently delete a SqlInjectionMatchSet
from AWS WAF, perform the following steps:
*
*
* -
*
* Update the SqlInjectionMatchSet
to remove filters, if any. For more information, see
* UpdateSqlInjectionMatchSet.
*
*
* -
*
* Use GetChangeToken to get the change token that you provide in the ChangeToken
parameter of a
* DeleteSqlInjectionMatchSet
request.
*
*
* -
*
* Submit a DeleteSqlInjectionMatchSet
request.
*
*
*
*
* @param deleteSqlInjectionMatchSetRequest
* A request to delete a SqlInjectionMatchSet from AWS WAF.
* @return Result of the DeleteSqlInjectionMatchSet operation returned by the service.
* @throws WAFInternalErrorException
* The operation failed because of a system problem, even though the request was valid. Retry your request.
* @throws WAFInvalidAccountException
* The operation failed because you tried to create, update, or delete an object by using an invalid account
* identifier.
* @throws WAFNonexistentItemException
* The operation failed because the referenced object doesn't exist.
* @throws WAFReferencedItemException
* The operation failed because you tried to delete an object that is still in use. For example:
*
* -
*
* You tried to delete a ByteMatchSet
that is still referenced by a Rule
.
*
*
* -
*
* You tried to delete a Rule
that is still referenced by a WebACL
.
*
*
* @throws WAFStaleDataException
* The operation failed because you tried to create, update, or delete an object by using a change token
* that has already been used.
* @throws WAFNonEmptyEntityException
* The operation failed because you tried to delete an object that isn't empty. For example:
*
* -
*
* You tried to delete a WebACL
that still contains one or more Rule
objects.
*
*
* -
*
* You tried to delete a Rule
that still contains one or more ByteMatchSet
objects
* or other predicates.
*
*
* -
*
* You tried to delete a ByteMatchSet
that contains one or more ByteMatchTuple
* objects.
*
*
* -
*
* You tried to delete an IPSet
that references one or more IP addresses.
*
*
* @sample AWSWAF.DeleteSqlInjectionMatchSet
* @see AWS
* API Documentation
*/
@Override
public DeleteSqlInjectionMatchSetResult deleteSqlInjectionMatchSet(DeleteSqlInjectionMatchSetRequest deleteSqlInjectionMatchSetRequest) {
ExecutionContext executionContext = createExecutionContext(deleteSqlInjectionMatchSetRequest);
AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics();
awsRequestMetrics.startEvent(Field.ClientExecuteTime);
Request request = null;
Response response = null;
try {
awsRequestMetrics.startEvent(Field.RequestMarshallTime);
try {
request = new DeleteSqlInjectionMatchSetRequestMarshaller(protocolFactory).marshall(super.beforeMarshalling(deleteSqlInjectionMatchSetRequest));
// Binds the request metrics to the current request.
request.setAWSRequestMetrics(awsRequestMetrics);
} finally {
awsRequestMetrics.endEvent(Field.RequestMarshallTime);
}
HttpResponseHandler> responseHandler = protocolFactory.createResponseHandler(
new JsonOperationMetadata().withPayloadJson(true).withHasStreamingSuccessResponse(false),
new DeleteSqlInjectionMatchSetResultJsonUnmarshaller());
response = invoke(request, responseHandler, executionContext);
return response.getAwsResponse();
} finally {
endClientExecution(awsRequestMetrics, request, response);
}
}
/**
*
* Permanently deletes a WebACL. You can't delete a WebACL
if it still contains any
* Rules
.
*
*
* To delete a WebACL
, perform the following steps:
*
*
* -
*
* Update the WebACL
to remove Rules
, if any. For more information, see
* UpdateWebACL.
*
*
* -
*
* Use GetChangeToken to get the change token that you provide in the ChangeToken
parameter of a
* DeleteWebACL
request.
*
*
* -
*
* Submit a DeleteWebACL
request.
*
*
*
*
* @param deleteWebACLRequest
* @return Result of the DeleteWebACL operation returned by the service.
* @throws WAFStaleDataException
* The operation failed because you tried to create, update, or delete an object by using a change token
* that has already been used.
* @throws WAFInternalErrorException
* The operation failed because of a system problem, even though the request was valid. Retry your request.
* @throws WAFInvalidAccountException
* The operation failed because you tried to create, update, or delete an object by using an invalid account
* identifier.
* @throws WAFNonexistentItemException
* The operation failed because the referenced object doesn't exist.
* @throws WAFReferencedItemException
* The operation failed because you tried to delete an object that is still in use. For example:
*
* -
*
* You tried to delete a ByteMatchSet
that is still referenced by a Rule
.
*
*
* -
*
* You tried to delete a Rule
that is still referenced by a WebACL
.
*
*
* @throws WAFNonEmptyEntityException
* The operation failed because you tried to delete an object that isn't empty. For example:
*
* -
*
* You tried to delete a WebACL
that still contains one or more Rule
objects.
*
*
* -
*
* You tried to delete a Rule
that still contains one or more ByteMatchSet
objects
* or other predicates.
*
*
* -
*
* You tried to delete a ByteMatchSet
that contains one or more ByteMatchTuple
* objects.
*
*
* -
*
* You tried to delete an IPSet
that references one or more IP addresses.
*
*
* @sample AWSWAF.DeleteWebACL
* @see AWS API
* Documentation
*/
@Override
public DeleteWebACLResult deleteWebACL(DeleteWebACLRequest deleteWebACLRequest) {
ExecutionContext executionContext = createExecutionContext(deleteWebACLRequest);
AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics();
awsRequestMetrics.startEvent(Field.ClientExecuteTime);
Request request = null;
Response response = null;
try {
awsRequestMetrics.startEvent(Field.RequestMarshallTime);
try {
request = new DeleteWebACLRequestMarshaller(protocolFactory).marshall(super.beforeMarshalling(deleteWebACLRequest));
// Binds the request metrics to the current request.
request.setAWSRequestMetrics(awsRequestMetrics);
} finally {
awsRequestMetrics.endEvent(Field.RequestMarshallTime);
}
HttpResponseHandler> responseHandler = protocolFactory.createResponseHandler(
new JsonOperationMetadata().withPayloadJson(true).withHasStreamingSuccessResponse(false), new DeleteWebACLResultJsonUnmarshaller());
response = invoke(request, responseHandler, executionContext);
return response.getAwsResponse();
} finally {
endClientExecution(awsRequestMetrics, request, response);
}
}
/**
*
* Permanently deletes an XssMatchSet. You can't delete an XssMatchSet
if it's still used in any
* Rules
or if it still contains any XssMatchTuple objects.
*
*
* If you just want to remove an XssMatchSet
from a Rule
, use UpdateRule.
*
*
* To permanently delete an XssMatchSet
from AWS WAF, perform the following steps:
*
*
* -
*
* Update the XssMatchSet
to remove filters, if any. For more information, see
* UpdateXssMatchSet.
*
*
* -
*
* Use GetChangeToken to get the change token that you provide in the ChangeToken
parameter of a
* DeleteXssMatchSet
request.
*
*
* -
*
* Submit a DeleteXssMatchSet
request.
*
*
*
*
* @param deleteXssMatchSetRequest
* A request to delete an XssMatchSet from AWS WAF.
* @return Result of the DeleteXssMatchSet operation returned by the service.
* @throws WAFInternalErrorException
* The operation failed because of a system problem, even though the request was valid. Retry your request.
* @throws WAFInvalidAccountException
* The operation failed because you tried to create, update, or delete an object by using an invalid account
* identifier.
* @throws WAFNonexistentItemException
* The operation failed because the referenced object doesn't exist.
* @throws WAFReferencedItemException
* The operation failed because you tried to delete an object that is still in use. For example:
*
* -
*
* You tried to delete a ByteMatchSet
that is still referenced by a Rule
.
*
*
* -
*
* You tried to delete a Rule
that is still referenced by a WebACL
.
*
*
* @throws WAFStaleDataException
* The operation failed because you tried to create, update, or delete an object by using a change token
* that has already been used.
* @throws WAFNonEmptyEntityException
* The operation failed because you tried to delete an object that isn't empty. For example:
*
* -
*
* You tried to delete a WebACL
that still contains one or more Rule
objects.
*
*
* -
*
* You tried to delete a Rule
that still contains one or more ByteMatchSet
objects
* or other predicates.
*
*
* -
*
* You tried to delete a ByteMatchSet
that contains one or more ByteMatchTuple
* objects.
*
*
* -
*
* You tried to delete an IPSet
that references one or more IP addresses.
*
*
* @sample AWSWAF.DeleteXssMatchSet
* @see AWS API
* Documentation
*/
@Override
public DeleteXssMatchSetResult deleteXssMatchSet(DeleteXssMatchSetRequest deleteXssMatchSetRequest) {
ExecutionContext executionContext = createExecutionContext(deleteXssMatchSetRequest);
AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics();
awsRequestMetrics.startEvent(Field.ClientExecuteTime);
Request request = null;
Response response = null;
try {
awsRequestMetrics.startEvent(Field.RequestMarshallTime);
try {
request = new DeleteXssMatchSetRequestMarshaller(protocolFactory).marshall(super.beforeMarshalling(deleteXssMatchSetRequest));
// Binds the request metrics to the current request.
request.setAWSRequestMetrics(awsRequestMetrics);
} finally {
awsRequestMetrics.endEvent(Field.RequestMarshallTime);
}
HttpResponseHandler> responseHandler = protocolFactory.createResponseHandler(
new JsonOperationMetadata().withPayloadJson(true).withHasStreamingSuccessResponse(false), new DeleteXssMatchSetResultJsonUnmarshaller());
response = invoke(request, responseHandler, executionContext);
return response.getAwsResponse();
} finally {
endClientExecution(awsRequestMetrics, request, response);
}
}
/**
*
* Returns the ByteMatchSet specified by ByteMatchSetId
.
*
*
* @param getByteMatchSetRequest
* @return Result of the GetByteMatchSet operation returned by the service.
* @throws WAFInternalErrorException
* The operation failed because of a system problem, even though the request was valid. Retry your request.
* @throws WAFInvalidAccountException
* The operation failed because you tried to create, update, or delete an object by using an invalid account
* identifier.
* @throws WAFNonexistentItemException
* The operation failed because the referenced object doesn't exist.
* @sample AWSWAF.GetByteMatchSet
* @see AWS API
* Documentation
*/
@Override
public GetByteMatchSetResult getByteMatchSet(GetByteMatchSetRequest getByteMatchSetRequest) {
ExecutionContext executionContext = createExecutionContext(getByteMatchSetRequest);
AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics();
awsRequestMetrics.startEvent(Field.ClientExecuteTime);
Request request = null;
Response response = null;
try {
awsRequestMetrics.startEvent(Field.RequestMarshallTime);
try {
request = new GetByteMatchSetRequestMarshaller(protocolFactory).marshall(super.beforeMarshalling(getByteMatchSetRequest));
// Binds the request metrics to the current request.
request.setAWSRequestMetrics(awsRequestMetrics);
} finally {
awsRequestMetrics.endEvent(Field.RequestMarshallTime);
}
HttpResponseHandler> responseHandler = protocolFactory.createResponseHandler(
new JsonOperationMetadata().withPayloadJson(true).withHasStreamingSuccessResponse(false), new GetByteMatchSetResultJsonUnmarshaller());
response = invoke(request, responseHandler, executionContext);
return response.getAwsResponse();
} finally {
endClientExecution(awsRequestMetrics, request, response);
}
}
/**
*
* When you want to create, update, or delete AWS WAF objects, get a change token and include the change token in
* the create, update, or delete request. Change tokens ensure that your application doesn't submit conflicting
* requests to AWS WAF.
*
*
* Each create, update, or delete request must use a unique change token. If your application submits a
* GetChangeToken
request and then submits a second GetChangeToken
request before
* submitting a create, update, or delete request, the second GetChangeToken
request returns the same
* value as the first GetChangeToken
request.
*
*
* When you use a change token in a create, update, or delete request, the status of the change token changes to
* PENDING
, which indicates that AWS WAF is propagating the change to all AWS WAF servers. Use
* GetChangeTokenStatus
to determine the status of your change token.
*
*
* @param getChangeTokenRequest
* @return Result of the GetChangeToken operation returned by the service.
* @throws WAFInternalErrorException
* The operation failed because of a system problem, even though the request was valid. Retry your request.
* @sample AWSWAF.GetChangeToken
* @see AWS API
* Documentation
*/
@Override
public GetChangeTokenResult getChangeToken(GetChangeTokenRequest getChangeTokenRequest) {
ExecutionContext executionContext = createExecutionContext(getChangeTokenRequest);
AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics();
awsRequestMetrics.startEvent(Field.ClientExecuteTime);
Request request = null;
Response response = null;
try {
awsRequestMetrics.startEvent(Field.RequestMarshallTime);
try {
request = new GetChangeTokenRequestMarshaller(protocolFactory).marshall(super.beforeMarshalling(getChangeTokenRequest));
// Binds the request metrics to the current request.
request.setAWSRequestMetrics(awsRequestMetrics);
} finally {
awsRequestMetrics.endEvent(Field.RequestMarshallTime);
}
HttpResponseHandler> responseHandler = protocolFactory.createResponseHandler(
new JsonOperationMetadata().withPayloadJson(true).withHasStreamingSuccessResponse(false), new GetChangeTokenResultJsonUnmarshaller());
response = invoke(request, responseHandler, executionContext);
return response.getAwsResponse();
} finally {
endClientExecution(awsRequestMetrics, request, response);
}
}
/**
*
* Returns the status of a ChangeToken
that you got by calling GetChangeToken.
* ChangeTokenStatus
is one of the following values:
*
*
* -
*
* PROVISIONED
: You requested the change token by calling GetChangeToken
, but you haven't
* used it yet in a call to create, update, or delete an AWS WAF object.
*
*
* -
*
* PENDING
: AWS WAF is propagating the create, update, or delete request to all AWS WAF servers.
*
*
* -
*
* IN_SYNC
: Propagation is complete.
*
*
*
*
* @param getChangeTokenStatusRequest
* @return Result of the GetChangeTokenStatus operation returned by the service.
* @throws WAFNonexistentItemException
* The operation failed because the referenced object doesn't exist.
* @throws WAFInternalErrorException
* The operation failed because of a system problem, even though the request was valid. Retry your request.
* @sample AWSWAF.GetChangeTokenStatus
* @see AWS API
* Documentation
*/
@Override
public GetChangeTokenStatusResult getChangeTokenStatus(GetChangeTokenStatusRequest getChangeTokenStatusRequest) {
ExecutionContext executionContext = createExecutionContext(getChangeTokenStatusRequest);
AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics();
awsRequestMetrics.startEvent(Field.ClientExecuteTime);
Request request = null;
Response response = null;
try {
awsRequestMetrics.startEvent(Field.RequestMarshallTime);
try {
request = new GetChangeTokenStatusRequestMarshaller(protocolFactory).marshall(super.beforeMarshalling(getChangeTokenStatusRequest));
// Binds the request metrics to the current request.
request.setAWSRequestMetrics(awsRequestMetrics);
} finally {
awsRequestMetrics.endEvent(Field.RequestMarshallTime);
}
HttpResponseHandler> responseHandler = protocolFactory.createResponseHandler(
new JsonOperationMetadata().withPayloadJson(true).withHasStreamingSuccessResponse(false), new GetChangeTokenStatusResultJsonUnmarshaller());
response = invoke(request, responseHandler, executionContext);
return response.getAwsResponse();
} finally {
endClientExecution(awsRequestMetrics, request, response);
}
}
/**
*
* Returns the IPSet that is specified by IPSetId
.
*
*
* @param getIPSetRequest
* @return Result of the GetIPSet operation returned by the service.
* @throws WAFInternalErrorException
* The operation failed because of a system problem, even though the request was valid. Retry your request.
* @throws WAFInvalidAccountException
* The operation failed because you tried to create, update, or delete an object by using an invalid account
* identifier.
* @throws WAFNonexistentItemException
* The operation failed because the referenced object doesn't exist.
* @sample AWSWAF.GetIPSet
* @see AWS API
* Documentation
*/
@Override
public GetIPSetResult getIPSet(GetIPSetRequest getIPSetRequest) {
ExecutionContext executionContext = createExecutionContext(getIPSetRequest);
AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics();
awsRequestMetrics.startEvent(Field.ClientExecuteTime);
Request request = null;
Response response = null;
try {
awsRequestMetrics.startEvent(Field.RequestMarshallTime);
try {
request = new GetIPSetRequestMarshaller(protocolFactory).marshall(super.beforeMarshalling(getIPSetRequest));
// Binds the request metrics to the current request.
request.setAWSRequestMetrics(awsRequestMetrics);
} finally {
awsRequestMetrics.endEvent(Field.RequestMarshallTime);
}
HttpResponseHandler> responseHandler = protocolFactory.createResponseHandler(new JsonOperationMetadata()
.withPayloadJson(true).withHasStreamingSuccessResponse(false), new GetIPSetResultJsonUnmarshaller());
response = invoke(request, responseHandler, executionContext);
return response.getAwsResponse();
} finally {
endClientExecution(awsRequestMetrics, request, response);
}
}
/**
*
* Returns the Rule that is specified by the RuleId
that you included in the
* GetRule
request.
*
*
* @param getRuleRequest
* @return Result of the GetRule operation returned by the service.
* @throws WAFInternalErrorException
* The operation failed because of a system problem, even though the request was valid. Retry your request.
* @throws WAFInvalidAccountException
* The operation failed because you tried to create, update, or delete an object by using an invalid account
* identifier.
* @throws WAFNonexistentItemException
* The operation failed because the referenced object doesn't exist.
* @sample AWSWAF.GetRule
* @see AWS API
* Documentation
*/
@Override
public GetRuleResult getRule(GetRuleRequest getRuleRequest) {
ExecutionContext executionContext = createExecutionContext(getRuleRequest);
AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics();
awsRequestMetrics.startEvent(Field.ClientExecuteTime);
Request request = null;
Response response = null;
try {
awsRequestMetrics.startEvent(Field.RequestMarshallTime);
try {
request = new GetRuleRequestMarshaller(protocolFactory).marshall(super.beforeMarshalling(getRuleRequest));
// Binds the request metrics to the current request.
request.setAWSRequestMetrics(awsRequestMetrics);
} finally {
awsRequestMetrics.endEvent(Field.RequestMarshallTime);
}
HttpResponseHandler> responseHandler = protocolFactory.createResponseHandler(new JsonOperationMetadata()
.withPayloadJson(true).withHasStreamingSuccessResponse(false), new GetRuleResultJsonUnmarshaller());
response = invoke(request, responseHandler, executionContext);
return response.getAwsResponse();
} finally {
endClientExecution(awsRequestMetrics, request, response);
}
}
/**
*
* Gets detailed information about a specified number of requests--a sample--that AWS WAF randomly selects from
* among the first 5,000 requests that your AWS resource received during a time range that you choose. You can
* specify a sample size of up to 100 requests, and you can specify any time range in the previous three hours.
*
*
* GetSampledRequests
returns a time range, which is usually the time range that you specified.
* However, if your resource (such as a CloudFront distribution) received 5,000 requests before the specified time
* range elapsed, GetSampledRequests
returns an updated time range. This new time range indicates the
* actual period during which AWS WAF selected the requests in the sample.
*
*
* @param getSampledRequestsRequest
* @return Result of the GetSampledRequests operation returned by the service.
* @throws WAFNonexistentItemException
* The operation failed because the referenced object doesn't exist.
* @throws WAFInternalErrorException
* The operation failed because of a system problem, even though the request was valid. Retry your request.
* @sample AWSWAF.GetSampledRequests
* @see AWS API
* Documentation
*/
@Override
public GetSampledRequestsResult getSampledRequests(GetSampledRequestsRequest getSampledRequestsRequest) {
ExecutionContext executionContext = createExecutionContext(getSampledRequestsRequest);
AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics();
awsRequestMetrics.startEvent(Field.ClientExecuteTime);
Request request = null;
Response response = null;
try {
awsRequestMetrics.startEvent(Field.RequestMarshallTime);
try {
request = new GetSampledRequestsRequestMarshaller(protocolFactory).marshall(super.beforeMarshalling(getSampledRequestsRequest));
// Binds the request metrics to the current request.
request.setAWSRequestMetrics(awsRequestMetrics);
} finally {
awsRequestMetrics.endEvent(Field.RequestMarshallTime);
}
HttpResponseHandler> responseHandler = protocolFactory.createResponseHandler(
new JsonOperationMetadata().withPayloadJson(true).withHasStreamingSuccessResponse(false), new GetSampledRequestsResultJsonUnmarshaller());
response = invoke(request, responseHandler, executionContext);
return response.getAwsResponse();
} finally {
endClientExecution(awsRequestMetrics, request, response);
}
}
/**
*
* Returns the SizeConstraintSet specified by SizeConstraintSetId
.
*
*
* @param getSizeConstraintSetRequest
* @return Result of the GetSizeConstraintSet operation returned by the service.
* @throws WAFInternalErrorException
* The operation failed because of a system problem, even though the request was valid. Retry your request.
* @throws WAFInvalidAccountException
* The operation failed because you tried to create, update, or delete an object by using an invalid account
* identifier.
* @throws WAFNonexistentItemException
* The operation failed because the referenced object doesn't exist.
* @sample AWSWAF.GetSizeConstraintSet
* @see AWS API
* Documentation
*/
@Override
public GetSizeConstraintSetResult getSizeConstraintSet(GetSizeConstraintSetRequest getSizeConstraintSetRequest) {
ExecutionContext executionContext = createExecutionContext(getSizeConstraintSetRequest);
AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics();
awsRequestMetrics.startEvent(Field.ClientExecuteTime);
Request request = null;
Response response = null;
try {
awsRequestMetrics.startEvent(Field.RequestMarshallTime);
try {
request = new GetSizeConstraintSetRequestMarshaller(protocolFactory).marshall(super.beforeMarshalling(getSizeConstraintSetRequest));
// Binds the request metrics to the current request.
request.setAWSRequestMetrics(awsRequestMetrics);
} finally {
awsRequestMetrics.endEvent(Field.RequestMarshallTime);
}
HttpResponseHandler> responseHandler = protocolFactory.createResponseHandler(
new JsonOperationMetadata().withPayloadJson(true).withHasStreamingSuccessResponse(false), new GetSizeConstraintSetResultJsonUnmarshaller());
response = invoke(request, responseHandler, executionContext);
return response.getAwsResponse();
} finally {
endClientExecution(awsRequestMetrics, request, response);
}
}
/**
*
* Returns the SqlInjectionMatchSet that is specified by SqlInjectionMatchSetId
.
*
*
* @param getSqlInjectionMatchSetRequest
* A request to get a SqlInjectionMatchSet.
* @return Result of the GetSqlInjectionMatchSet operation returned by the service.
* @throws WAFInternalErrorException
* The operation failed because of a system problem, even though the request was valid. Retry your request.
* @throws WAFInvalidAccountException
* The operation failed because you tried to create, update, or delete an object by using an invalid account
* identifier.
* @throws WAFNonexistentItemException
* The operation failed because the referenced object doesn't exist.
* @sample AWSWAF.GetSqlInjectionMatchSet
* @see AWS
* API Documentation
*/
@Override
public GetSqlInjectionMatchSetResult getSqlInjectionMatchSet(GetSqlInjectionMatchSetRequest getSqlInjectionMatchSetRequest) {
ExecutionContext executionContext = createExecutionContext(getSqlInjectionMatchSetRequest);
AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics();
awsRequestMetrics.startEvent(Field.ClientExecuteTime);
Request request = null;
Response response = null;
try {
awsRequestMetrics.startEvent(Field.RequestMarshallTime);
try {
request = new GetSqlInjectionMatchSetRequestMarshaller(protocolFactory).marshall(super.beforeMarshalling(getSqlInjectionMatchSetRequest));
// Binds the request metrics to the current request.
request.setAWSRequestMetrics(awsRequestMetrics);
} finally {
awsRequestMetrics.endEvent(Field.RequestMarshallTime);
}
HttpResponseHandler> responseHandler = protocolFactory.createResponseHandler(
new JsonOperationMetadata().withPayloadJson(true).withHasStreamingSuccessResponse(false),
new GetSqlInjectionMatchSetResultJsonUnmarshaller());
response = invoke(request, responseHandler, executionContext);
return response.getAwsResponse();
} finally {
endClientExecution(awsRequestMetrics, request, response);
}
}
/**
*
* Returns the WebACL that is specified by WebACLId
.
*
*
* @param getWebACLRequest
* @return Result of the GetWebACL operation returned by the service.
* @throws WAFInternalErrorException
* The operation failed because of a system problem, even though the request was valid. Retry your request.
* @throws WAFInvalidAccountException
* The operation failed because you tried to create, update, or delete an object by using an invalid account
* identifier.
* @throws WAFNonexistentItemException
* The operation failed because the referenced object doesn't exist.
* @sample AWSWAF.GetWebACL
* @see AWS API
* Documentation
*/
@Override
public GetWebACLResult getWebACL(GetWebACLRequest getWebACLRequest) {
ExecutionContext executionContext = createExecutionContext(getWebACLRequest);
AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics();
awsRequestMetrics.startEvent(Field.ClientExecuteTime);
Request request = null;
Response response = null;
try {
awsRequestMetrics.startEvent(Field.RequestMarshallTime);
try {
request = new GetWebACLRequestMarshaller(protocolFactory).marshall(super.beforeMarshalling(getWebACLRequest));
// Binds the request metrics to the current request.
request.setAWSRequestMetrics(awsRequestMetrics);
} finally {
awsRequestMetrics.endEvent(Field.RequestMarshallTime);
}
HttpResponseHandler> responseHandler = protocolFactory.createResponseHandler(new JsonOperationMetadata()
.withPayloadJson(true).withHasStreamingSuccessResponse(false), new GetWebACLResultJsonUnmarshaller());
response = invoke(request, responseHandler, executionContext);
return response.getAwsResponse();
} finally {
endClientExecution(awsRequestMetrics, request, response);
}
}
/**
*
* Returns the XssMatchSet that is specified by XssMatchSetId
.
*
*
* @param getXssMatchSetRequest
* A request to get an XssMatchSet.
* @return Result of the GetXssMatchSet operation returned by the service.
* @throws WAFInternalErrorException
* The operation failed because of a system problem, even though the request was valid. Retry your request.
* @throws WAFInvalidAccountException
* The operation failed because you tried to create, update, or delete an object by using an invalid account
* identifier.
* @throws WAFNonexistentItemException
* The operation failed because the referenced object doesn't exist.
* @sample AWSWAF.GetXssMatchSet
* @see AWS API
* Documentation
*/
@Override
public GetXssMatchSetResult getXssMatchSet(GetXssMatchSetRequest getXssMatchSetRequest) {
ExecutionContext executionContext = createExecutionContext(getXssMatchSetRequest);
AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics();
awsRequestMetrics.startEvent(Field.ClientExecuteTime);
Request request = null;
Response response = null;
try {
awsRequestMetrics.startEvent(Field.RequestMarshallTime);
try {
request = new GetXssMatchSetRequestMarshaller(protocolFactory).marshall(super.beforeMarshalling(getXssMatchSetRequest));
// Binds the request metrics to the current request.
request.setAWSRequestMetrics(awsRequestMetrics);
} finally {
awsRequestMetrics.endEvent(Field.RequestMarshallTime);
}
HttpResponseHandler> responseHandler = protocolFactory.createResponseHandler(
new JsonOperationMetadata().withPayloadJson(true).withHasStreamingSuccessResponse(false), new GetXssMatchSetResultJsonUnmarshaller());
response = invoke(request, responseHandler, executionContext);
return response.getAwsResponse();
} finally {
endClientExecution(awsRequestMetrics, request, response);
}
}
/**
*
* Returns an array of ByteMatchSetSummary objects.
*
*
* @param listByteMatchSetsRequest
* @return Result of the ListByteMatchSets operation returned by the service.
* @throws WAFInternalErrorException
* The operation failed because of a system problem, even though the request was valid. Retry your request.
* @throws WAFInvalidAccountException
* The operation failed because you tried to create, update, or delete an object by using an invalid account
* identifier.
* @sample AWSWAF.ListByteMatchSets
* @see AWS API
* Documentation
*/
@Override
public ListByteMatchSetsResult listByteMatchSets(ListByteMatchSetsRequest listByteMatchSetsRequest) {
ExecutionContext executionContext = createExecutionContext(listByteMatchSetsRequest);
AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics();
awsRequestMetrics.startEvent(Field.ClientExecuteTime);
Request request = null;
Response response = null;
try {
awsRequestMetrics.startEvent(Field.RequestMarshallTime);
try {
request = new ListByteMatchSetsRequestMarshaller(protocolFactory).marshall(super.beforeMarshalling(listByteMatchSetsRequest));
// Binds the request metrics to the current request.
request.setAWSRequestMetrics(awsRequestMetrics);
} finally {
awsRequestMetrics.endEvent(Field.RequestMarshallTime);
}
HttpResponseHandler> responseHandler = protocolFactory.createResponseHandler(
new JsonOperationMetadata().withPayloadJson(true).withHasStreamingSuccessResponse(false), new ListByteMatchSetsResultJsonUnmarshaller());
response = invoke(request, responseHandler, executionContext);
return response.getAwsResponse();
} finally {
endClientExecution(awsRequestMetrics, request, response);
}
}
/**
*
* Returns an array of IPSetSummary objects in the response.
*
*
* @param listIPSetsRequest
* @return Result of the ListIPSets operation returned by the service.
* @throws WAFInternalErrorException
* The operation failed because of a system problem, even though the request was valid. Retry your request.
* @throws WAFInvalidAccountException
* The operation failed because you tried to create, update, or delete an object by using an invalid account
* identifier.
* @sample AWSWAF.ListIPSets
* @see AWS API
* Documentation
*/
@Override
public ListIPSetsResult listIPSets(ListIPSetsRequest listIPSetsRequest) {
ExecutionContext executionContext = createExecutionContext(listIPSetsRequest);
AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics();
awsRequestMetrics.startEvent(Field.ClientExecuteTime);
Request request = null;
Response response = null;
try {
awsRequestMetrics.startEvent(Field.RequestMarshallTime);
try {
request = new ListIPSetsRequestMarshaller(protocolFactory).marshall(super.beforeMarshalling(listIPSetsRequest));
// Binds the request metrics to the current request.
request.setAWSRequestMetrics(awsRequestMetrics);
} finally {
awsRequestMetrics.endEvent(Field.RequestMarshallTime);
}
HttpResponseHandler> responseHandler = protocolFactory.createResponseHandler(new JsonOperationMetadata()
.withPayloadJson(true).withHasStreamingSuccessResponse(false), new ListIPSetsResultJsonUnmarshaller());
response = invoke(request, responseHandler, executionContext);
return response.getAwsResponse();
} finally {
endClientExecution(awsRequestMetrics, request, response);
}
}
/**
*
* Returns an array of RuleSummary objects.
*
*
* @param listRulesRequest
* @return Result of the ListRules operation returned by the service.
* @throws WAFInternalErrorException
* The operation failed because of a system problem, even though the request was valid. Retry your request.
* @throws WAFInvalidAccountException
* The operation failed because you tried to create, update, or delete an object by using an invalid account
* identifier.
* @sample AWSWAF.ListRules
* @see AWS API
* Documentation
*/
@Override
public ListRulesResult listRules(ListRulesRequest listRulesRequest) {
ExecutionContext executionContext = createExecutionContext(listRulesRequest);
AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics();
awsRequestMetrics.startEvent(Field.ClientExecuteTime);
Request request = null;
Response response = null;
try {
awsRequestMetrics.startEvent(Field.RequestMarshallTime);
try {
request = new ListRulesRequestMarshaller(protocolFactory).marshall(super.beforeMarshalling(listRulesRequest));
// Binds the request metrics to the current request.
request.setAWSRequestMetrics(awsRequestMetrics);
} finally {
awsRequestMetrics.endEvent(Field.RequestMarshallTime);
}
HttpResponseHandler> responseHandler = protocolFactory.createResponseHandler(new JsonOperationMetadata()
.withPayloadJson(true).withHasStreamingSuccessResponse(false), new ListRulesResultJsonUnmarshaller());
response = invoke(request, responseHandler, executionContext);
return response.getAwsResponse();
} finally {
endClientExecution(awsRequestMetrics, request, response);
}
}
/**
*
* Returns an array of SizeConstraintSetSummary objects.
*
*
* @param listSizeConstraintSetsRequest
* @return Result of the ListSizeConstraintSets operation returned by the service.
* @throws WAFInternalErrorException
* The operation failed because of a system problem, even though the request was valid. Retry your request.
* @throws WAFInvalidAccountException
* The operation failed because you tried to create, update, or delete an object by using an invalid account
* identifier.
* @sample AWSWAF.ListSizeConstraintSets
* @see AWS API
* Documentation
*/
@Override
public ListSizeConstraintSetsResult listSizeConstraintSets(ListSizeConstraintSetsRequest listSizeConstraintSetsRequest) {
ExecutionContext executionContext = createExecutionContext(listSizeConstraintSetsRequest);
AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics();
awsRequestMetrics.startEvent(Field.ClientExecuteTime);
Request request = null;
Response response = null;
try {
awsRequestMetrics.startEvent(Field.RequestMarshallTime);
try {
request = new ListSizeConstraintSetsRequestMarshaller(protocolFactory).marshall(super.beforeMarshalling(listSizeConstraintSetsRequest));
// Binds the request metrics to the current request.
request.setAWSRequestMetrics(awsRequestMetrics);
} finally {
awsRequestMetrics.endEvent(Field.RequestMarshallTime);
}
HttpResponseHandler> responseHandler = protocolFactory.createResponseHandler(
new JsonOperationMetadata().withPayloadJson(true).withHasStreamingSuccessResponse(false),
new ListSizeConstraintSetsResultJsonUnmarshaller());
response = invoke(request, responseHandler, executionContext);
return response.getAwsResponse();
} finally {
endClientExecution(awsRequestMetrics, request, response);
}
}
/**
*
* Returns an array of SqlInjectionMatchSet objects.
*
*
* @param listSqlInjectionMatchSetsRequest
* A request to list the SqlInjectionMatchSet objects created by the current AWS account.
* @return Result of the ListSqlInjectionMatchSets operation returned by the service.
* @throws WAFInternalErrorException
* The operation failed because of a system problem, even though the request was valid. Retry your request.
* @throws WAFInvalidAccountException
* The operation failed because you tried to create, update, or delete an object by using an invalid account
* identifier.
* @sample AWSWAF.ListSqlInjectionMatchSets
* @see AWS
* API Documentation
*/
@Override
public ListSqlInjectionMatchSetsResult listSqlInjectionMatchSets(ListSqlInjectionMatchSetsRequest listSqlInjectionMatchSetsRequest) {
ExecutionContext executionContext = createExecutionContext(listSqlInjectionMatchSetsRequest);
AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics();
awsRequestMetrics.startEvent(Field.ClientExecuteTime);
Request request = null;
Response response = null;
try {
awsRequestMetrics.startEvent(Field.RequestMarshallTime);
try {
request = new ListSqlInjectionMatchSetsRequestMarshaller(protocolFactory).marshall(super.beforeMarshalling(listSqlInjectionMatchSetsRequest));
// Binds the request metrics to the current request.
request.setAWSRequestMetrics(awsRequestMetrics);
} finally {
awsRequestMetrics.endEvent(Field.RequestMarshallTime);
}
HttpResponseHandler> responseHandler = protocolFactory.createResponseHandler(
new JsonOperationMetadata().withPayloadJson(true).withHasStreamingSuccessResponse(false),
new ListSqlInjectionMatchSetsResultJsonUnmarshaller());
response = invoke(request, responseHandler, executionContext);
return response.getAwsResponse();
} finally {
endClientExecution(awsRequestMetrics, request, response);
}
}
/**
*
* Returns an array of WebACLSummary objects in the response.
*
*
* @param listWebACLsRequest
* @return Result of the ListWebACLs operation returned by the service.
* @throws WAFInternalErrorException
* The operation failed because of a system problem, even though the request was valid. Retry your request.
* @throws WAFInvalidAccountException
* The operation failed because you tried to create, update, or delete an object by using an invalid account
* identifier.
* @sample AWSWAF.ListWebACLs
* @see AWS API
* Documentation
*/
@Override
public ListWebACLsResult listWebACLs(ListWebACLsRequest listWebACLsRequest) {
ExecutionContext executionContext = createExecutionContext(listWebACLsRequest);
AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics();
awsRequestMetrics.startEvent(Field.ClientExecuteTime);
Request request = null;
Response response = null;
try {
awsRequestMetrics.startEvent(Field.RequestMarshallTime);
try {
request = new ListWebACLsRequestMarshaller(protocolFactory).marshall(super.beforeMarshalling(listWebACLsRequest));
// Binds the request metrics to the current request.
request.setAWSRequestMetrics(awsRequestMetrics);
} finally {
awsRequestMetrics.endEvent(Field.RequestMarshallTime);
}
HttpResponseHandler> responseHandler = protocolFactory.createResponseHandler(
new JsonOperationMetadata().withPayloadJson(true).withHasStreamingSuccessResponse(false), new ListWebACLsResultJsonUnmarshaller());
response = invoke(request, responseHandler, executionContext);
return response.getAwsResponse();
} finally {
endClientExecution(awsRequestMetrics, request, response);
}
}
/**
*
* Returns an array of XssMatchSet objects.
*
*
* @param listXssMatchSetsRequest
* A request to list the XssMatchSet objects created by the current AWS account.
* @return Result of the ListXssMatchSets operation returned by the service.
* @throws WAFInternalErrorException
* The operation failed because of a system problem, even though the request was valid. Retry your request.
* @throws WAFInvalidAccountException
* The operation failed because you tried to create, update, or delete an object by using an invalid account
* identifier.
* @sample AWSWAF.ListXssMatchSets
* @see AWS API
* Documentation
*/
@Override
public ListXssMatchSetsResult listXssMatchSets(ListXssMatchSetsRequest listXssMatchSetsRequest) {
ExecutionContext executionContext = createExecutionContext(listXssMatchSetsRequest);
AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics();
awsRequestMetrics.startEvent(Field.ClientExecuteTime);
Request request = null;
Response response = null;
try {
awsRequestMetrics.startEvent(Field.RequestMarshallTime);
try {
request = new ListXssMatchSetsRequestMarshaller(protocolFactory).marshall(super.beforeMarshalling(listXssMatchSetsRequest));
// Binds the request metrics to the current request.
request.setAWSRequestMetrics(awsRequestMetrics);
} finally {
awsRequestMetrics.endEvent(Field.RequestMarshallTime);
}
HttpResponseHandler> responseHandler = protocolFactory.createResponseHandler(
new JsonOperationMetadata().withPayloadJson(true).withHasStreamingSuccessResponse(false), new ListXssMatchSetsResultJsonUnmarshaller());
response = invoke(request, responseHandler, executionContext);
return response.getAwsResponse();
} finally {
endClientExecution(awsRequestMetrics, request, response);
}
}
/**
*
* Inserts or deletes ByteMatchTuple objects (filters) in a ByteMatchSet. For each
* ByteMatchTuple
object, you specify the following values:
*
*
* -
*
* Whether to insert or delete the object from the array. If you want to change a ByteMatchSetUpdate
* object, you delete the existing object and add a new one.
*
*
* -
*
* The part of a web request that you want AWS WAF to inspect, such as a query string or the value of the
* User-Agent
header.
*
*
* -
*
* The bytes (typically a string that corresponds with ASCII characters) that you want AWS WAF to look for. For more
* information, including how you specify the values for the AWS WAF API and the AWS CLI or SDKs, see
* TargetString
in the ByteMatchTuple data type.
*
*
* -
*
* Where to look, such as at the beginning or the end of a query string.
*
*
* -
*
* Whether to perform any conversions on the request, such as converting it to lowercase, before inspecting it for
* the specified string.
*
*
*
*
* For example, you can add a ByteMatchSetUpdate
object that matches web requests in which
* User-Agent
headers contain the string BadBot
. You can then configure AWS WAF to block
* those requests.
*
*
* To create and configure a ByteMatchSet
, perform the following steps:
*
*
* -
*
* Create a ByteMatchSet.
For more information, see CreateByteMatchSet.
*
*
* -
*
* Use GetChangeToken to get the change token that you provide in the ChangeToken
parameter of
* an UpdateByteMatchSet
request.
*
*
* -
*
* Submit an UpdateByteMatchSet
request to specify the part of the request that you want AWS WAF to
* inspect (for example, the header or the URI) and the value that you want AWS WAF to watch for.
*
*
*
*
* For more information about how to use the AWS WAF API to allow or block HTTP requests, see the AWS WAF Developer Guide.
*
*
* @param updateByteMatchSetRequest
* @return Result of the UpdateByteMatchSet operation returned by the service.
* @throws WAFInternalErrorException
* The operation failed because of a system problem, even though the request was valid. Retry your request.
* @throws WAFInvalidAccountException
* The operation failed because you tried to create, update, or delete an object by using an invalid account
* identifier.
* @throws WAFInvalidOperationException
* The operation failed because there was nothing to do. For example:
*
* -
*
* You tried to remove a Rule
from a WebACL
, but the Rule
isn't in
* the specified WebACL
.
*
*
* -
*
* You tried to remove an IP address from an IPSet
, but the IP address isn't in the specified
* IPSet
.
*
*
* -
*
* You tried to remove a ByteMatchTuple
from a ByteMatchSet
, but the
* ByteMatchTuple
isn't in the specified WebACL
.
*
*
* -
*
* You tried to add a Rule
to a WebACL
, but the Rule
already exists
* in the specified WebACL
.
*
*
* -
*
* You tried to add an IP address to an IPSet
, but the IP address already exists in the
* specified IPSet
.
*
*
* -
*
* You tried to add a ByteMatchTuple
to a ByteMatchSet
, but the
* ByteMatchTuple
already exists in the specified WebACL
.
*
*
* @throws WAFInvalidParameterException
* The operation failed because AWS WAF didn't recognize a parameter in the request. For example:
*
* -
*
* You specified an invalid parameter name.
*
*
* -
*
* You specified an invalid value.
*
*
* -
*
* You tried to update an object (ByteMatchSet
, IPSet
, Rule
, or
* WebACL
) using an action other than INSERT
or DELETE
.
*
*
* -
*
* You tried to create a WebACL
with a DefaultAction
Type
other than
* ALLOW
, BLOCK
, or COUNT
.
*
*
* -
*
* You tried to update a WebACL
with a WafAction
Type
other than
* ALLOW
, BLOCK
, or COUNT
.
*
*
* -
*
* You tried to update a ByteMatchSet
with a FieldToMatch
Type
other
* than HEADER, QUERY_STRING, or URI.
*
*
* -
*
* You tried to update a ByteMatchSet
with a Field
of HEADER
but no
* value for Data
.
*
*
* -
*
* Your request references an ARN that is malformed, or corresponds to a resource with which a web ACL
* cannot be associated.
*
*
* @throws WAFNonexistentContainerException
* The operation failed because you tried to add an object to or delete an object from another object that
* doesn't exist. For example:
*
* -
*
* You tried to add a Rule
to or delete a Rule
from a WebACL
that
* doesn't exist.
*
*
* -
*
* You tried to add a ByteMatchSet
to or delete a ByteMatchSet
from a
* Rule
that doesn't exist.
*
*
* -
*
* You tried to add an IP address to or delete an IP address from an IPSet
that doesn't exist.
*
*
* -
*
* You tried to add a ByteMatchTuple
to or delete a ByteMatchTuple
from a
* ByteMatchSet
that doesn't exist.
*
*
* @throws WAFNonexistentItemException
* The operation failed because the referenced object doesn't exist.
* @throws WAFStaleDataException
* The operation failed because you tried to create, update, or delete an object by using a change token
* that has already been used.
* @throws WAFLimitsExceededException
* The operation exceeds a resource limit, for example, the maximum number of WebACL
objects
* that you can create for an AWS account. For more information, see Limits in the AWS WAF
* Developer Guide.
* @sample AWSWAF.UpdateByteMatchSet
* @see AWS API
* Documentation
*/
@Override
public UpdateByteMatchSetResult updateByteMatchSet(UpdateByteMatchSetRequest updateByteMatchSetRequest) {
ExecutionContext executionContext = createExecutionContext(updateByteMatchSetRequest);
AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics();
awsRequestMetrics.startEvent(Field.ClientExecuteTime);
Request request = null;
Response response = null;
try {
awsRequestMetrics.startEvent(Field.RequestMarshallTime);
try {
request = new UpdateByteMatchSetRequestMarshaller(protocolFactory).marshall(super.beforeMarshalling(updateByteMatchSetRequest));
// Binds the request metrics to the current request.
request.setAWSRequestMetrics(awsRequestMetrics);
} finally {
awsRequestMetrics.endEvent(Field.RequestMarshallTime);
}
HttpResponseHandler> responseHandler = protocolFactory.createResponseHandler(
new JsonOperationMetadata().withPayloadJson(true).withHasStreamingSuccessResponse(false), new UpdateByteMatchSetResultJsonUnmarshaller());
response = invoke(request, responseHandler, executionContext);
return response.getAwsResponse();
} finally {
endClientExecution(awsRequestMetrics, request, response);
}
}
/**
*
* Inserts or deletes IPSetDescriptor objects in an IPSet
. For each IPSetDescriptor
* object, you specify the following values:
*
*
* -
*
* Whether to insert or delete the object from the array. If you want to change an IPSetDescriptor
* object, you delete the existing object and add a new one.
*
*
* -
*
* The IP address version, IPv4
or IPv6
.
*
*
* -
*
* The IP address in CIDR notation, for example, 192.0.2.0/24
(for the range of IP addresses from
* 192.0.2.0
to 192.0.2.255
) or 192.0.2.44/32
(for the individual IP address
* 192.0.2.44
).
*
*
*
*
* AWS WAF supports /8, /16, /24, and /32 IP address ranges for IPv4, and /24, /32, /48, /56, /64 and /128 for IPv6.
* For more information about CIDR notation, see the Wikipedia entry Classless Inter-Domain Routing.
*
*
* IPv6 addresses can be represented using any of the following formats:
*
*
* -
*
* 1111:0000:0000:0000:0000:0000:0000:0111/128
*
*
* -
*
* 1111:0:0:0:0:0:0:0111/128
*
*
* -
*
* 1111::0111/128
*
*
* -
*
* 1111::111/128
*
*
*
*
* You use an IPSet
to specify which web requests you want to allow or block based on the IP addresses
* that the requests originated from. For example, if you're receiving a lot of requests from one or a small number
* of IP addresses and you want to block the requests, you can create an IPSet
that specifies those IP
* addresses, and then configure AWS WAF to block the requests.
*
*
* To create and configure an IPSet
, perform the following steps:
*
*
* -
*
* Submit a CreateIPSet request.
*
*
* -
*
* Use GetChangeToken to get the change token that you provide in the ChangeToken
parameter of
* an UpdateIPSet request.
*
*
* -
*
* Submit an UpdateIPSet
request to specify the IP addresses that you want AWS WAF to watch for.
*
*
*
*
* When you update an IPSet
, you specify the IP addresses that you want to add and/or the IP addresses
* that you want to delete. If you want to change an IP address, you delete the existing IP address and add the new
* one.
*
*
* For more information about how to use the AWS WAF API to allow or block HTTP requests, see the AWS WAF Developer Guide.
*
*
* @param updateIPSetRequest
* @return Result of the UpdateIPSet operation returned by the service.
* @throws WAFStaleDataException
* The operation failed because you tried to create, update, or delete an object by using a change token
* that has already been used.
* @throws WAFInternalErrorException
* The operation failed because of a system problem, even though the request was valid. Retry your request.
* @throws WAFInvalidAccountException
* The operation failed because you tried to create, update, or delete an object by using an invalid account
* identifier.
* @throws WAFInvalidOperationException
* The operation failed because there was nothing to do. For example:
*
* -
*
* You tried to remove a Rule
from a WebACL
, but the Rule
isn't in
* the specified WebACL
.
*
*
* -
*
* You tried to remove an IP address from an IPSet
, but the IP address isn't in the specified
* IPSet
.
*
*
* -
*
* You tried to remove a ByteMatchTuple
from a ByteMatchSet
, but the
* ByteMatchTuple
isn't in the specified WebACL
.
*
*
* -
*
* You tried to add a Rule
to a WebACL
, but the Rule
already exists
* in the specified WebACL
.
*
*
* -
*
* You tried to add an IP address to an IPSet
, but the IP address already exists in the
* specified IPSet
.
*
*
* -
*
* You tried to add a ByteMatchTuple
to a ByteMatchSet
, but the
* ByteMatchTuple
already exists in the specified WebACL
.
*
*
* @throws WAFInvalidParameterException
* The operation failed because AWS WAF didn't recognize a parameter in the request. For example:
*
* -
*
* You specified an invalid parameter name.
*
*
* -
*
* You specified an invalid value.
*
*
* -
*
* You tried to update an object (ByteMatchSet
, IPSet
, Rule
, or
* WebACL
) using an action other than INSERT
or DELETE
.
*
*
* -
*
* You tried to create a WebACL
with a DefaultAction
Type
other than
* ALLOW
, BLOCK
, or COUNT
.
*
*
* -
*
* You tried to update a WebACL
with a WafAction
Type
other than
* ALLOW
, BLOCK
, or COUNT
.
*
*
* -
*
* You tried to update a ByteMatchSet
with a FieldToMatch
Type
other
* than HEADER, QUERY_STRING, or URI.
*
*
* -
*
* You tried to update a ByteMatchSet
with a Field
of HEADER
but no
* value for Data
.
*
*
* -
*
* Your request references an ARN that is malformed, or corresponds to a resource with which a web ACL
* cannot be associated.
*
*
* @throws WAFNonexistentContainerException
* The operation failed because you tried to add an object to or delete an object from another object that
* doesn't exist. For example:
*
* -
*
* You tried to add a Rule
to or delete a Rule
from a WebACL
that
* doesn't exist.
*
*
* -
*
* You tried to add a ByteMatchSet
to or delete a ByteMatchSet
from a
* Rule
that doesn't exist.
*
*
* -
*
* You tried to add an IP address to or delete an IP address from an IPSet
that doesn't exist.
*
*
* -
*
* You tried to add a ByteMatchTuple
to or delete a ByteMatchTuple
from a
* ByteMatchSet
that doesn't exist.
*
*
* @throws WAFNonexistentItemException
* The operation failed because the referenced object doesn't exist.
* @throws WAFReferencedItemException
* The operation failed because you tried to delete an object that is still in use. For example:
*
* -
*
* You tried to delete a ByteMatchSet
that is still referenced by a Rule
.
*
*
* -
*
* You tried to delete a Rule
that is still referenced by a WebACL
.
*
*
* @throws WAFLimitsExceededException
* The operation exceeds a resource limit, for example, the maximum number of WebACL
objects
* that you can create for an AWS account. For more information, see Limits in the AWS WAF
* Developer Guide.
* @sample AWSWAF.UpdateIPSet
* @see AWS API
* Documentation
*/
@Override
public UpdateIPSetResult updateIPSet(UpdateIPSetRequest updateIPSetRequest) {
ExecutionContext executionContext = createExecutionContext(updateIPSetRequest);
AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics();
awsRequestMetrics.startEvent(Field.ClientExecuteTime);
Request request = null;
Response response = null;
try {
awsRequestMetrics.startEvent(Field.RequestMarshallTime);
try {
request = new UpdateIPSetRequestMarshaller(protocolFactory).marshall(super.beforeMarshalling(updateIPSetRequest));
// Binds the request metrics to the current request.
request.setAWSRequestMetrics(awsRequestMetrics);
} finally {
awsRequestMetrics.endEvent(Field.RequestMarshallTime);
}
HttpResponseHandler> responseHandler = protocolFactory.createResponseHandler(
new JsonOperationMetadata().withPayloadJson(true).withHasStreamingSuccessResponse(false), new UpdateIPSetResultJsonUnmarshaller());
response = invoke(request, responseHandler, executionContext);
return response.getAwsResponse();
} finally {
endClientExecution(awsRequestMetrics, request, response);
}
}
/**
*
* Inserts or deletes Predicate objects in a Rule
. Each Predicate
object identifies
* a predicate, such as a ByteMatchSet or an IPSet, that specifies the web requests that you want to
* allow, block, or count. If you add more than one predicate to a Rule
, a request must match all of
* the specifications to be allowed, blocked, or counted. For example, suppose you add the following to a
* Rule
:
*
*
* -
*
* A ByteMatchSet
that matches the value BadBot
in the User-Agent
header
*
*
* -
*
* An IPSet
that matches the IP address 192.0.2.44
*
*
*
*
* You then add the Rule
to a WebACL
and specify that you want to block requests that
* satisfy the Rule
. For a request to be blocked, the User-Agent
header in the request
* must contain the value BadBot
and the request must originate from the IP address 192.0.2.44.
*
*
* To create and configure a Rule
, perform the following steps:
*
*
* -
*
* Create and update the predicates that you want to include in the Rule
.
*
*
* -
*
* Create the Rule
. See CreateRule.
*
*
* -
*
* Use GetChangeToken
to get the change token that you provide in the ChangeToken
* parameter of an UpdateRule request.
*
*
* -
*
* Submit an UpdateRule
request to add predicates to the Rule
.
*
*
* -
*
* Create and update a WebACL
that contains the Rule
. See CreateWebACL.
*
*
*
*
* If you want to replace one ByteMatchSet
or IPSet
with another, you delete the existing
* one and add the new one.
*
*
* For more information about how to use the AWS WAF API to allow or block HTTP requests, see the AWS WAF Developer Guide.
*
*
* @param updateRuleRequest
* @return Result of the UpdateRule operation returned by the service.
* @throws WAFStaleDataException
* The operation failed because you tried to create, update, or delete an object by using a change token
* that has already been used.
* @throws WAFInternalErrorException
* The operation failed because of a system problem, even though the request was valid. Retry your request.
* @throws WAFInvalidAccountException
* The operation failed because you tried to create, update, or delete an object by using an invalid account
* identifier.
* @throws WAFInvalidOperationException
* The operation failed because there was nothing to do. For example:
*
* -
*
* You tried to remove a Rule
from a WebACL
, but the Rule
isn't in
* the specified WebACL
.
*
*
* -
*
* You tried to remove an IP address from an IPSet
, but the IP address isn't in the specified
* IPSet
.
*
*
* -
*
* You tried to remove a ByteMatchTuple
from a ByteMatchSet
, but the
* ByteMatchTuple
isn't in the specified WebACL
.
*
*
* -
*
* You tried to add a Rule
to a WebACL
, but the Rule
already exists
* in the specified WebACL
.
*
*
* -
*
* You tried to add an IP address to an IPSet
, but the IP address already exists in the
* specified IPSet
.
*
*
* -
*
* You tried to add a ByteMatchTuple
to a ByteMatchSet
, but the
* ByteMatchTuple
already exists in the specified WebACL
.
*
*
* @throws WAFInvalidParameterException
* The operation failed because AWS WAF didn't recognize a parameter in the request. For example:
*
* -
*
* You specified an invalid parameter name.
*
*
* -
*
* You specified an invalid value.
*
*
* -
*
* You tried to update an object (ByteMatchSet
, IPSet
, Rule
, or
* WebACL
) using an action other than INSERT
or DELETE
.
*
*
* -
*
* You tried to create a WebACL
with a DefaultAction
Type
other than
* ALLOW
, BLOCK
, or COUNT
.
*
*
* -
*
* You tried to update a WebACL
with a WafAction
Type
other than
* ALLOW
, BLOCK
, or COUNT
.
*
*
* -
*
* You tried to update a ByteMatchSet
with a FieldToMatch
Type
other
* than HEADER, QUERY_STRING, or URI.
*
*
* -
*
* You tried to update a ByteMatchSet
with a Field
of HEADER
but no
* value for Data
.
*
*
* -
*
* Your request references an ARN that is malformed, or corresponds to a resource with which a web ACL
* cannot be associated.
*
*
* @throws WAFNonexistentContainerException
* The operation failed because you tried to add an object to or delete an object from another object that
* doesn't exist. For example:
*
* -
*
* You tried to add a Rule
to or delete a Rule
from a WebACL
that
* doesn't exist.
*
*
* -
*
* You tried to add a ByteMatchSet
to or delete a ByteMatchSet
from a
* Rule
that doesn't exist.
*
*
* -
*
* You tried to add an IP address to or delete an IP address from an IPSet
that doesn't exist.
*
*
* -
*
* You tried to add a ByteMatchTuple
to or delete a ByteMatchTuple
from a
* ByteMatchSet
that doesn't exist.
*
*
* @throws WAFNonexistentItemException
* The operation failed because the referenced object doesn't exist.
* @throws WAFReferencedItemException
* The operation failed because you tried to delete an object that is still in use. For example:
*
* -
*
* You tried to delete a ByteMatchSet
that is still referenced by a Rule
.
*
*
* -
*
* You tried to delete a Rule
that is still referenced by a WebACL
.
*
*
* @throws WAFLimitsExceededException
* The operation exceeds a resource limit, for example, the maximum number of WebACL
objects
* that you can create for an AWS account. For more information, see Limits in the AWS WAF
* Developer Guide.
* @sample AWSWAF.UpdateRule
* @see AWS API
* Documentation
*/
@Override
public UpdateRuleResult updateRule(UpdateRuleRequest updateRuleRequest) {
ExecutionContext executionContext = createExecutionContext(updateRuleRequest);
AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics();
awsRequestMetrics.startEvent(Field.ClientExecuteTime);
Request request = null;
Response response = null;
try {
awsRequestMetrics.startEvent(Field.RequestMarshallTime);
try {
request = new UpdateRuleRequestMarshaller(protocolFactory).marshall(super.beforeMarshalling(updateRuleRequest));
// Binds the request metrics to the current request.
request.setAWSRequestMetrics(awsRequestMetrics);
} finally {
awsRequestMetrics.endEvent(Field.RequestMarshallTime);
}
HttpResponseHandler> responseHandler = protocolFactory.createResponseHandler(new JsonOperationMetadata()
.withPayloadJson(true).withHasStreamingSuccessResponse(false), new UpdateRuleResultJsonUnmarshaller());
response = invoke(request, responseHandler, executionContext);
return response.getAwsResponse();
} finally {
endClientExecution(awsRequestMetrics, request, response);
}
}
/**
*
* Inserts or deletes SizeConstraint objects (filters) in a SizeConstraintSet. For each
* SizeConstraint
object, you specify the following values:
*
*
* -
*
* Whether to insert or delete the object from the array. If you want to change a
* SizeConstraintSetUpdate
object, you delete the existing object and add a new one.
*
*
* -
*
* The part of a web request that you want AWS WAF to evaluate, such as the length of a query string or the length
* of the User-Agent
header.
*
*
* -
*
* Whether to perform any transformations on the request, such as converting it to lowercase, before checking its
* length. Note that transformations of the request body are not supported because the AWS resource forwards only
* the first 8192
bytes of your request to AWS WAF.
*
*
* -
*
* A ComparisonOperator
used for evaluating the selected part of the request against the specified
* Size
, such as equals, greater than, less than, and so on.
*
*
* -
*
* The length, in bytes, that you want AWS WAF to watch for in selected part of the request. The length is computed
* after applying the transformation.
*
*
*
*
* For example, you can add a SizeConstraintSetUpdate
object that matches web requests in which the
* length of the User-Agent
header is greater than 100 bytes. You can then configure AWS WAF to block
* those requests.
*
*
* To create and configure a SizeConstraintSet
, perform the following steps:
*
*
* -
*
* Create a SizeConstraintSet.
For more information, see CreateSizeConstraintSet.
*
*
* -
*
* Use GetChangeToken to get the change token that you provide in the ChangeToken
parameter of
* an UpdateSizeConstraintSet
request.
*
*
* -
*
* Submit an UpdateSizeConstraintSet
request to specify the part of the request that you want AWS WAF
* to inspect (for example, the header or the URI) and the value that you want AWS WAF to watch for.
*
*
*
*
* For more information about how to use the AWS WAF API to allow or block HTTP requests, see the AWS WAF Developer Guide.
*
*
* @param updateSizeConstraintSetRequest
* @return Result of the UpdateSizeConstraintSet operation returned by the service.
* @throws WAFStaleDataException
* The operation failed because you tried to create, update, or delete an object by using a change token
* that has already been used.
* @throws WAFInternalErrorException
* The operation failed because of a system problem, even though the request was valid. Retry your request.
* @throws WAFInvalidAccountException
* The operation failed because you tried to create, update, or delete an object by using an invalid account
* identifier.
* @throws WAFInvalidOperationException
* The operation failed because there was nothing to do. For example:
*
* -
*
* You tried to remove a Rule
from a WebACL
, but the Rule
isn't in
* the specified WebACL
.
*
*
* -
*
* You tried to remove an IP address from an IPSet
, but the IP address isn't in the specified
* IPSet
.
*
*
* -
*
* You tried to remove a ByteMatchTuple
from a ByteMatchSet
, but the
* ByteMatchTuple
isn't in the specified WebACL
.
*
*
* -
*
* You tried to add a Rule
to a WebACL
, but the Rule
already exists
* in the specified WebACL
.
*
*
* -
*
* You tried to add an IP address to an IPSet
, but the IP address already exists in the
* specified IPSet
.
*
*
* -
*
* You tried to add a ByteMatchTuple
to a ByteMatchSet
, but the
* ByteMatchTuple
already exists in the specified WebACL
.
*
*
* @throws WAFInvalidParameterException
* The operation failed because AWS WAF didn't recognize a parameter in the request. For example:
*
* -
*
* You specified an invalid parameter name.
*
*
* -
*
* You specified an invalid value.
*
*
* -
*
* You tried to update an object (ByteMatchSet
, IPSet
, Rule
, or
* WebACL
) using an action other than INSERT
or DELETE
.
*
*
* -
*
* You tried to create a WebACL
with a DefaultAction
Type
other than
* ALLOW
, BLOCK
, or COUNT
.
*
*
* -
*
* You tried to update a WebACL
with a WafAction
Type
other than
* ALLOW
, BLOCK
, or COUNT
.
*
*
* -
*
* You tried to update a ByteMatchSet
with a FieldToMatch
Type
other
* than HEADER, QUERY_STRING, or URI.
*
*
* -
*
* You tried to update a ByteMatchSet
with a Field
of HEADER
but no
* value for Data
.
*
*
* -
*
* Your request references an ARN that is malformed, or corresponds to a resource with which a web ACL
* cannot be associated.
*
*
* @throws WAFNonexistentContainerException
* The operation failed because you tried to add an object to or delete an object from another object that
* doesn't exist. For example:
*
* -
*
* You tried to add a Rule
to or delete a Rule
from a WebACL
that
* doesn't exist.
*
*
* -
*
* You tried to add a ByteMatchSet
to or delete a ByteMatchSet
from a
* Rule
that doesn't exist.
*
*
* -
*
* You tried to add an IP address to or delete an IP address from an IPSet
that doesn't exist.
*
*
* -
*
* You tried to add a ByteMatchTuple
to or delete a ByteMatchTuple
from a
* ByteMatchSet
that doesn't exist.
*
*
* @throws WAFNonexistentItemException
* The operation failed because the referenced object doesn't exist.
* @throws WAFReferencedItemException
* The operation failed because you tried to delete an object that is still in use. For example:
*
* -
*
* You tried to delete a ByteMatchSet
that is still referenced by a Rule
.
*
*
* -
*
* You tried to delete a Rule
that is still referenced by a WebACL
.
*
*
* @throws WAFLimitsExceededException
* The operation exceeds a resource limit, for example, the maximum number of WebACL
objects
* that you can create for an AWS account. For more information, see Limits in the AWS WAF
* Developer Guide.
* @sample AWSWAF.UpdateSizeConstraintSet
* @see AWS
* API Documentation
*/
@Override
public UpdateSizeConstraintSetResult updateSizeConstraintSet(UpdateSizeConstraintSetRequest updateSizeConstraintSetRequest) {
ExecutionContext executionContext = createExecutionContext(updateSizeConstraintSetRequest);
AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics();
awsRequestMetrics.startEvent(Field.ClientExecuteTime);
Request request = null;
Response response = null;
try {
awsRequestMetrics.startEvent(Field.RequestMarshallTime);
try {
request = new UpdateSizeConstraintSetRequestMarshaller(protocolFactory).marshall(super.beforeMarshalling(updateSizeConstraintSetRequest));
// Binds the request metrics to the current request.
request.setAWSRequestMetrics(awsRequestMetrics);
} finally {
awsRequestMetrics.endEvent(Field.RequestMarshallTime);
}
HttpResponseHandler> responseHandler = protocolFactory.createResponseHandler(
new JsonOperationMetadata().withPayloadJson(true).withHasStreamingSuccessResponse(false),
new UpdateSizeConstraintSetResultJsonUnmarshaller());
response = invoke(request, responseHandler, executionContext);
return response.getAwsResponse();
} finally {
endClientExecution(awsRequestMetrics, request, response);
}
}
/**
*
* Inserts or deletes SqlInjectionMatchTuple objects (filters) in a SqlInjectionMatchSet. For each
* SqlInjectionMatchTuple
object, you specify the following values:
*
*
* -
*
* Action
: Whether to insert the object into or delete the object from the array. To change a
* SqlInjectionMatchTuple
, you delete the existing object and add a new one.
*
*
* -
*
* FieldToMatch
: The part of web requests that you want AWS WAF to inspect and, if you want AWS WAF to
* inspect a header, the name of the header.
*
*
* -
*
* TextTransformation
: Which text transformation, if any, to perform on the web request before
* inspecting the request for snippets of malicious SQL code.
*
*
*
*
* You use SqlInjectionMatchSet
objects to specify which CloudFront requests you want to allow, block,
* or count. For example, if you're receiving requests that contain snippets of SQL code in the query string and you
* want to block the requests, you can create a SqlInjectionMatchSet
with the applicable settings, and
* then configure AWS WAF to block the requests.
*
*
* To create and configure a SqlInjectionMatchSet
, perform the following steps:
*
*
* -
*
* Submit a CreateSqlInjectionMatchSet request.
*
*
* -
*
* Use GetChangeToken to get the change token that you provide in the ChangeToken
parameter of
* an UpdateIPSet request.
*
*
* -
*
* Submit an UpdateSqlInjectionMatchSet
request to specify the parts of web requests that you want AWS
* WAF to inspect for snippets of SQL code.
*
*
*
*
* For more information about how to use the AWS WAF API to allow or block HTTP requests, see the AWS WAF Developer Guide.
*
*
* @param updateSqlInjectionMatchSetRequest
* A request to update a SqlInjectionMatchSet.
* @return Result of the UpdateSqlInjectionMatchSet operation returned by the service.
* @throws WAFInternalErrorException
* The operation failed because of a system problem, even though the request was valid. Retry your request.
* @throws WAFInvalidAccountException
* The operation failed because you tried to create, update, or delete an object by using an invalid account
* identifier.
* @throws WAFInvalidOperationException
* The operation failed because there was nothing to do. For example:
*
* -
*
* You tried to remove a Rule
from a WebACL
, but the Rule
isn't in
* the specified WebACL
.
*
*
* -
*
* You tried to remove an IP address from an IPSet
, but the IP address isn't in the specified
* IPSet
.
*
*
* -
*
* You tried to remove a ByteMatchTuple
from a ByteMatchSet
, but the
* ByteMatchTuple
isn't in the specified WebACL
.
*
*
* -
*
* You tried to add a Rule
to a WebACL
, but the Rule
already exists
* in the specified WebACL
.
*
*
* -
*
* You tried to add an IP address to an IPSet
, but the IP address already exists in the
* specified IPSet
.
*
*
* -
*
* You tried to add a ByteMatchTuple
to a ByteMatchSet
, but the
* ByteMatchTuple
already exists in the specified WebACL
.
*
*
* @throws WAFInvalidParameterException
* The operation failed because AWS WAF didn't recognize a parameter in the request. For example:
*
* -
*
* You specified an invalid parameter name.
*
*
* -
*
* You specified an invalid value.
*
*
* -
*
* You tried to update an object (ByteMatchSet
, IPSet
, Rule
, or
* WebACL
) using an action other than INSERT
or DELETE
.
*
*
* -
*
* You tried to create a WebACL
with a DefaultAction
Type
other than
* ALLOW
, BLOCK
, or COUNT
.
*
*
* -
*
* You tried to update a WebACL
with a WafAction
Type
other than
* ALLOW
, BLOCK
, or COUNT
.
*
*
* -
*
* You tried to update a ByteMatchSet
with a FieldToMatch
Type
other
* than HEADER, QUERY_STRING, or URI.
*
*
* -
*
* You tried to update a ByteMatchSet
with a Field
of HEADER
but no
* value for Data
.
*
*
* -
*
* Your request references an ARN that is malformed, or corresponds to a resource with which a web ACL
* cannot be associated.
*
*
* @throws WAFNonexistentContainerException
* The operation failed because you tried to add an object to or delete an object from another object that
* doesn't exist. For example:
*
* -
*
* You tried to add a Rule
to or delete a Rule
from a WebACL
that
* doesn't exist.
*
*
* -
*
* You tried to add a ByteMatchSet
to or delete a ByteMatchSet
from a
* Rule
that doesn't exist.
*
*
* -
*
* You tried to add an IP address to or delete an IP address from an IPSet
that doesn't exist.
*
*
* -
*
* You tried to add a ByteMatchTuple
to or delete a ByteMatchTuple
from a
* ByteMatchSet
that doesn't exist.
*
*
* @throws WAFNonexistentItemException
* The operation failed because the referenced object doesn't exist.
* @throws WAFStaleDataException
* The operation failed because you tried to create, update, or delete an object by using a change token
* that has already been used.
* @throws WAFLimitsExceededException
* The operation exceeds a resource limit, for example, the maximum number of WebACL
objects
* that you can create for an AWS account. For more information, see Limits in the AWS WAF
* Developer Guide.
* @sample AWSWAF.UpdateSqlInjectionMatchSet
* @see AWS
* API Documentation
*/
@Override
public UpdateSqlInjectionMatchSetResult updateSqlInjectionMatchSet(UpdateSqlInjectionMatchSetRequest updateSqlInjectionMatchSetRequest) {
ExecutionContext executionContext = createExecutionContext(updateSqlInjectionMatchSetRequest);
AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics();
awsRequestMetrics.startEvent(Field.ClientExecuteTime);
Request request = null;
Response response = null;
try {
awsRequestMetrics.startEvent(Field.RequestMarshallTime);
try {
request = new UpdateSqlInjectionMatchSetRequestMarshaller(protocolFactory).marshall(super.beforeMarshalling(updateSqlInjectionMatchSetRequest));
// Binds the request metrics to the current request.
request.setAWSRequestMetrics(awsRequestMetrics);
} finally {
awsRequestMetrics.endEvent(Field.RequestMarshallTime);
}
HttpResponseHandler> responseHandler = protocolFactory.createResponseHandler(
new JsonOperationMetadata().withPayloadJson(true).withHasStreamingSuccessResponse(false),
new UpdateSqlInjectionMatchSetResultJsonUnmarshaller());
response = invoke(request, responseHandler, executionContext);
return response.getAwsResponse();
} finally {
endClientExecution(awsRequestMetrics, request, response);
}
}
/**
*
* Inserts or deletes ActivatedRule objects in a WebACL
. Each Rule
identifies web
* requests that you want to allow, block, or count. When you update a WebACL
, you specify the
* following values:
*
*
* -
*
* A default action for the WebACL
, either ALLOW
or BLOCK
. AWS WAF performs
* the default action if a request doesn't match the criteria in any of the Rules
in a
* WebACL
.
*
*
* -
*
* The Rules
that you want to add and/or delete. If you want to replace one Rule
with
* another, you delete the existing Rule
and add the new one.
*
*
* -
*
* For each Rule
, whether you want AWS WAF to allow requests, block requests, or count requests that
* match the conditions in the Rule
.
*
*
* -
*
* The order in which you want AWS WAF to evaluate the Rules
in a WebACL
. If you add more
* than one Rule
to a WebACL
, AWS WAF evaluates each request against the
* Rules
in order based on the value of Priority
. (The Rule
that has the
* lowest value for Priority
is evaluated first.) When a web request matches all of the predicates
* (such as ByteMatchSets
and IPSets
) in a Rule
, AWS WAF immediately takes
* the corresponding action, allow or block, and doesn't evaluate the request against the remaining
* Rules
in the WebACL
, if any.
*
*
* -
*
* The CloudFront distribution that you want to associate with the WebACL
.
*
*
*
*
* To create and configure a WebACL
, perform the following steps:
*
*
* -
*
* Create and update the predicates that you want to include in Rules
. For more information, see
* CreateByteMatchSet, UpdateByteMatchSet, CreateIPSet, UpdateIPSet,
* CreateSqlInjectionMatchSet, and UpdateSqlInjectionMatchSet.
*
*
* -
*
* Create and update the Rules
that you want to include in the WebACL
. For more
* information, see CreateRule and UpdateRule.
*
*
* -
*
* Create a WebACL
. See CreateWebACL.
*
*
* -
*
* Use GetChangeToken
to get the change token that you provide in the ChangeToken
* parameter of an UpdateWebACL request.
*
*
* -
*
* Submit an UpdateWebACL
request to specify the Rules
that you want to include in the
* WebACL
, to specify the default action, and to associate the WebACL
with a CloudFront
* distribution.
*
*
*
*
* For more information about how to use the AWS WAF API to allow or block HTTP requests, see the AWS WAF Developer Guide.
*
*
* @param updateWebACLRequest
* @return Result of the UpdateWebACL operation returned by the service.
* @throws WAFStaleDataException
* The operation failed because you tried to create, update, or delete an object by using a change token
* that has already been used.
* @throws WAFInternalErrorException
* The operation failed because of a system problem, even though the request was valid. Retry your request.
* @throws WAFInvalidAccountException
* The operation failed because you tried to create, update, or delete an object by using an invalid account
* identifier.
* @throws WAFInvalidOperationException
* The operation failed because there was nothing to do. For example:
*
* -
*
* You tried to remove a Rule
from a WebACL
, but the Rule
isn't in
* the specified WebACL
.
*
*
* -
*
* You tried to remove an IP address from an IPSet
, but the IP address isn't in the specified
* IPSet
.
*
*
* -
*
* You tried to remove a ByteMatchTuple
from a ByteMatchSet
, but the
* ByteMatchTuple
isn't in the specified WebACL
.
*
*
* -
*
* You tried to add a Rule
to a WebACL
, but the Rule
already exists
* in the specified WebACL
.
*
*
* -
*
* You tried to add an IP address to an IPSet
, but the IP address already exists in the
* specified IPSet
.
*
*
* -
*
* You tried to add a ByteMatchTuple
to a ByteMatchSet
, but the
* ByteMatchTuple
already exists in the specified WebACL
.
*
*
* @throws WAFInvalidParameterException
* The operation failed because AWS WAF didn't recognize a parameter in the request. For example:
*
* -
*
* You specified an invalid parameter name.
*
*
* -
*
* You specified an invalid value.
*
*
* -
*
* You tried to update an object (ByteMatchSet
, IPSet
, Rule
, or
* WebACL
) using an action other than INSERT
or DELETE
.
*
*
* -
*
* You tried to create a WebACL
with a DefaultAction
Type
other than
* ALLOW
, BLOCK
, or COUNT
.
*
*
* -
*
* You tried to update a WebACL
with a WafAction
Type
other than
* ALLOW
, BLOCK
, or COUNT
.
*
*
* -
*
* You tried to update a ByteMatchSet
with a FieldToMatch
Type
other
* than HEADER, QUERY_STRING, or URI.
*
*
* -
*
* You tried to update a ByteMatchSet
with a Field
of HEADER
but no
* value for Data
.
*
*
* -
*
* Your request references an ARN that is malformed, or corresponds to a resource with which a web ACL
* cannot be associated.
*
*
* @throws WAFNonexistentContainerException
* The operation failed because you tried to add an object to or delete an object from another object that
* doesn't exist. For example:
*
* -
*
* You tried to add a Rule
to or delete a Rule
from a WebACL
that
* doesn't exist.
*
*
* -
*
* You tried to add a ByteMatchSet
to or delete a ByteMatchSet
from a
* Rule
that doesn't exist.
*
*
* -
*
* You tried to add an IP address to or delete an IP address from an IPSet
that doesn't exist.
*
*
* -
*
* You tried to add a ByteMatchTuple
to or delete a ByteMatchTuple
from a
* ByteMatchSet
that doesn't exist.
*
*
* @throws WAFNonexistentItemException
* The operation failed because the referenced object doesn't exist.
* @throws WAFReferencedItemException
* The operation failed because you tried to delete an object that is still in use. For example:
*
* -
*
* You tried to delete a ByteMatchSet
that is still referenced by a Rule
.
*
*
* -
*
* You tried to delete a Rule
that is still referenced by a WebACL
.
*
*
* @throws WAFLimitsExceededException
* The operation exceeds a resource limit, for example, the maximum number of WebACL
objects
* that you can create for an AWS account. For more information, see Limits in the AWS WAF
* Developer Guide.
* @sample AWSWAF.UpdateWebACL
* @see AWS API
* Documentation
*/
@Override
public UpdateWebACLResult updateWebACL(UpdateWebACLRequest updateWebACLRequest) {
ExecutionContext executionContext = createExecutionContext(updateWebACLRequest);
AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics();
awsRequestMetrics.startEvent(Field.ClientExecuteTime);
Request request = null;
Response response = null;
try {
awsRequestMetrics.startEvent(Field.RequestMarshallTime);
try {
request = new UpdateWebACLRequestMarshaller(protocolFactory).marshall(super.beforeMarshalling(updateWebACLRequest));
// Binds the request metrics to the current request.
request.setAWSRequestMetrics(awsRequestMetrics);
} finally {
awsRequestMetrics.endEvent(Field.RequestMarshallTime);
}
HttpResponseHandler> responseHandler = protocolFactory.createResponseHandler(
new JsonOperationMetadata().withPayloadJson(true).withHasStreamingSuccessResponse(false), new UpdateWebACLResultJsonUnmarshaller());
response = invoke(request, responseHandler, executionContext);
return response.getAwsResponse();
} finally {
endClientExecution(awsRequestMetrics, request, response);
}
}
/**
*
* Inserts or deletes XssMatchTuple objects (filters) in an XssMatchSet. For each
* XssMatchTuple
object, you specify the following values:
*
*
* -
*
* Action
: Whether to insert the object into or delete the object from the array. To change a
* XssMatchTuple
, you delete the existing object and add a new one.
*
*
* -
*
* FieldToMatch
: The part of web requests that you want AWS WAF to inspect and, if you want AWS WAF to
* inspect a header, the name of the header.
*
*
* -
*
* TextTransformation
: Which text transformation, if any, to perform on the web request before
* inspecting the request for cross-site scripting attacks.
*
*
*
*
* You use XssMatchSet
objects to specify which CloudFront requests you want to allow, block, or count.
* For example, if you're receiving requests that contain cross-site scripting attacks in the request body and you
* want to block the requests, you can create an XssMatchSet
with the applicable settings, and then
* configure AWS WAF to block the requests.
*
*
* To create and configure an XssMatchSet
, perform the following steps:
*
*
* -
*
* Submit a CreateXssMatchSet request.
*
*
* -
*
* Use GetChangeToken to get the change token that you provide in the ChangeToken
parameter of
* an UpdateIPSet request.
*
*
* -
*
* Submit an UpdateXssMatchSet
request to specify the parts of web requests that you want AWS WAF to
* inspect for cross-site scripting attacks.
*
*
*
*
* For more information about how to use the AWS WAF API to allow or block HTTP requests, see the AWS WAF Developer Guide.
*
*
* @param updateXssMatchSetRequest
* A request to update an XssMatchSet.
* @return Result of the UpdateXssMatchSet operation returned by the service.
* @throws WAFInternalErrorException
* The operation failed because of a system problem, even though the request was valid. Retry your request.
* @throws WAFInvalidAccountException
* The operation failed because you tried to create, update, or delete an object by using an invalid account
* identifier.
* @throws WAFInvalidOperationException
* The operation failed because there was nothing to do. For example:
*
* -
*
* You tried to remove a Rule
from a WebACL
, but the Rule
isn't in
* the specified WebACL
.
*
*
* -
*
* You tried to remove an IP address from an IPSet
, but the IP address isn't in the specified
* IPSet
.
*
*
* -
*
* You tried to remove a ByteMatchTuple
from a ByteMatchSet
, but the
* ByteMatchTuple
isn't in the specified WebACL
.
*
*
* -
*
* You tried to add a Rule
to a WebACL
, but the Rule
already exists
* in the specified WebACL
.
*
*
* -
*
* You tried to add an IP address to an IPSet
, but the IP address already exists in the
* specified IPSet
.
*
*
* -
*
* You tried to add a ByteMatchTuple
to a ByteMatchSet
, but the
* ByteMatchTuple
already exists in the specified WebACL
.
*
*
* @throws WAFInvalidParameterException
* The operation failed because AWS WAF didn't recognize a parameter in the request. For example:
*
* -
*
* You specified an invalid parameter name.
*
*
* -
*
* You specified an invalid value.
*
*
* -
*
* You tried to update an object (ByteMatchSet
, IPSet
, Rule
, or
* WebACL
) using an action other than INSERT
or DELETE
.
*
*
* -
*
* You tried to create a WebACL
with a DefaultAction
Type
other than
* ALLOW
, BLOCK
, or COUNT
.
*
*
* -
*
* You tried to update a WebACL
with a WafAction
Type
other than
* ALLOW
, BLOCK
, or COUNT
.
*
*
* -
*
* You tried to update a ByteMatchSet
with a FieldToMatch
Type
other
* than HEADER, QUERY_STRING, or URI.
*
*
* -
*
* You tried to update a ByteMatchSet
with a Field
of HEADER
but no
* value for Data
.
*
*
* -
*
* Your request references an ARN that is malformed, or corresponds to a resource with which a web ACL
* cannot be associated.
*
*
* @throws WAFNonexistentContainerException
* The operation failed because you tried to add an object to or delete an object from another object that
* doesn't exist. For example:
*
* -
*
* You tried to add a Rule
to or delete a Rule
from a WebACL
that
* doesn't exist.
*
*
* -
*
* You tried to add a ByteMatchSet
to or delete a ByteMatchSet
from a
* Rule
that doesn't exist.
*
*
* -
*
* You tried to add an IP address to or delete an IP address from an IPSet
that doesn't exist.
*
*
* -
*
* You tried to add a ByteMatchTuple
to or delete a ByteMatchTuple
from a
* ByteMatchSet
that doesn't exist.
*
*
* @throws WAFNonexistentItemException
* The operation failed because the referenced object doesn't exist.
* @throws WAFStaleDataException
* The operation failed because you tried to create, update, or delete an object by using a change token
* that has already been used.
* @throws WAFLimitsExceededException
* The operation exceeds a resource limit, for example, the maximum number of WebACL
objects
* that you can create for an AWS account. For more information, see Limits in the AWS WAF
* Developer Guide.
* @sample AWSWAF.UpdateXssMatchSet
* @see AWS API
* Documentation
*/
@Override
public UpdateXssMatchSetResult updateXssMatchSet(UpdateXssMatchSetRequest updateXssMatchSetRequest) {
ExecutionContext executionContext = createExecutionContext(updateXssMatchSetRequest);
AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics();
awsRequestMetrics.startEvent(Field.ClientExecuteTime);
Request request = null;
Response response = null;
try {
awsRequestMetrics.startEvent(Field.RequestMarshallTime);
try {
request = new UpdateXssMatchSetRequestMarshaller(protocolFactory).marshall(super.beforeMarshalling(updateXssMatchSetRequest));
// Binds the request metrics to the current request.
request.setAWSRequestMetrics(awsRequestMetrics);
} finally {
awsRequestMetrics.endEvent(Field.RequestMarshallTime);
}
HttpResponseHandler> responseHandler = protocolFactory.createResponseHandler(
new JsonOperationMetadata().withPayloadJson(true).withHasStreamingSuccessResponse(false), new UpdateXssMatchSetResultJsonUnmarshaller());
response = invoke(request, responseHandler, executionContext);
return response.getAwsResponse();
} finally {
endClientExecution(awsRequestMetrics, request, response);
}
}
/**
* Returns additional metadata for a previously executed successful, request, typically used for debugging issues
* where a service isn't acting as expected. This data isn't considered part of the result data returned by an
* operation, so it's available through this separate, diagnostic interface.
*
* Response metadata is only cached for a limited period of time, so if you need to access this extra diagnostic
* information for an executed request, you should use this method to retrieve it as soon as possible after
* executing the request.
*
* @param request
* The originally executed request
*
* @return The response metadata for the specified request, or null if none is available.
*/
public ResponseMetadata getCachedResponseMetadata(AmazonWebServiceRequest request) {
return client.getResponseMetadataForRequest(request);
}
/**
* Normal invoke with authentication. Credentials are required and may be overriden at the request level.
**/
private Response invoke(Request request, HttpResponseHandler> responseHandler,
ExecutionContext executionContext) {
executionContext.setCredentialsProvider(CredentialUtils.getCredentialsProvider(request.getOriginalRequest(), awsCredentialsProvider));
return doInvoke(request, responseHandler, executionContext);
}
/**
* Invoke with no authentication. Credentials are not required and any credentials set on the client or request will
* be ignored for this operation.
**/
private Response anonymousInvoke(Request request,
HttpResponseHandler> responseHandler, ExecutionContext executionContext) {
return doInvoke(request, responseHandler, executionContext);
}
/**
* Invoke the request using the http client. Assumes credentials (or lack thereof) have been configured in the
* ExecutionContext beforehand.
**/
private Response doInvoke(Request request, HttpResponseHandler> responseHandler,
ExecutionContext executionContext) {
request.setEndpoint(endpoint);
request.setTimeOffset(timeOffset);
HttpResponseHandler errorResponseHandler = protocolFactory.createErrorResponseHandler(new JsonErrorResponseMetadata());
return client.execute(request, responseHandler, errorResponseHandler, executionContext);
}
}