com.amazonaws.services.waf.AWSWAFRegional Maven / Gradle / Ivy
Show all versions of aws-java-sdk-waf Show documentation
/*
* Copyright 2012-2017 Amazon.com, Inc. or its affiliates. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the "License"). You may not use this file except in compliance with
* the License. A copy of the License is located at
*
* http://aws.amazon.com/apache2.0
*
* or in the "license" file accompanying this file. This file is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR
* CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions
* and limitations under the License.
*/
package com.amazonaws.services.waf;
import javax.annotation.Generated;
import com.amazonaws.*;
import com.amazonaws.regions.*;
import com.amazonaws.services.waf.model.*;
/**
* Interface for accessing WAF Regional.
*
* Note: Do not directly implement this interface, new methods are added to it regularly. Extend from
* {@link com.amazonaws.services.waf.AbstractAWSWAFRegional} instead.
*
*
*
* This is the AWS WAF Regional API Reference for using AWS WAF with Elastic Load Balancing (ELB) Application
* Load Balancers. The AWS WAF actions and data types listed in the reference are available for protecting Application
* Load Balancers. You can use these actions and data types by means of the endpoints listed in AWS Regions and Endpoints. This guide
* is for developers who need detailed information about the AWS WAF API actions, data types, and errors. For detailed
* information about AWS WAF features and an overview of how to use the AWS WAF API, see the AWS WAF Developer Guide.
*
*/
@Generated("com.amazonaws:aws-java-sdk-code-generator")
public interface AWSWAFRegional {
/**
* The region metadata service name for computing region endpoints. You can use this value to retrieve metadata
* (such as supported regions) of the service.
*
* @see RegionUtils#getRegionsForService(String)
*/
String ENDPOINT_PREFIX = "waf-regional";
/**
* Overrides the default endpoint for this client ("https://waf-regional.us-east-1.amazonaws.com/"). Callers can use
* this method to control which AWS region they want to work with.
*
* Callers can pass in just the endpoint (ex: "waf-regional.us-east-1.amazonaws.com/") or a full URL, including the
* protocol (ex: "https://waf-regional.us-east-1.amazonaws.com/"). If the protocol is not specified here, the
* default protocol from this client's {@link ClientConfiguration} will be used, which by default is HTTPS.
*
* For more information on using AWS regions with the AWS SDK for Java, and a complete list of all available
* endpoints for all AWS services, see:
* http://developer.amazonwebservices.com/connect/entry.jspa?externalID=3912
*
* This method is not threadsafe. An endpoint should be configured when the client is created and before any
* service requests are made. Changing it afterwards creates inevitable race conditions for any service requests in
* transit or retrying.
*
* @param endpoint
* The endpoint (ex: "waf-regional.us-east-1.amazonaws.com/") or a full URL, including the protocol (ex:
* "https://waf-regional.us-east-1.amazonaws.com/") of the region specific AWS endpoint this client will
* communicate with.
* @deprecated use {@link AwsClientBuilder#setEndpointConfiguration(AwsClientBuilder.EndpointConfiguration)} for
* example:
* {@code builder.setEndpointConfiguration(new EndpointConfiguration(endpoint, signingRegion));}
*/
@Deprecated
void setEndpoint(String endpoint);
/**
* An alternative to {@link AWSWAFRegional#setEndpoint(String)}, sets the regional endpoint for this client's
* service calls. Callers can use this method to control which AWS region they want to work with.
*
* By default, all service endpoints in all regions use the https protocol. To use http instead, specify it in the
* {@link ClientConfiguration} supplied at construction.
*
* This method is not threadsafe. A region should be configured when the client is created and before any service
* requests are made. Changing it afterwards creates inevitable race conditions for any service requests in transit
* or retrying.
*
* @param region
* The region this client will communicate with. See {@link Region#getRegion(com.amazonaws.regions.Regions)}
* for accessing a given region. Must not be null and must be a region where the service is available.
*
* @see Region#getRegion(com.amazonaws.regions.Regions)
* @see Region#createClient(Class, com.amazonaws.auth.AWSCredentialsProvider, ClientConfiguration)
* @see Region#isServiceSupported(String)
* @deprecated use {@link AwsClientBuilder#setRegion(String)}
*/
@Deprecated
void setRegion(Region region);
/**
*
* Associates a web ACL with a resource.
*
*
* @param associateWebACLRequest
* @return Result of the AssociateWebACL operation returned by the service.
* @throws WAFInternalErrorException
* The operation failed because of a system problem, even though the request was valid. Retry your request.
* @throws WAFInvalidAccountException
* The operation failed because you tried to create, update, or delete an object by using an invalid account
* identifier.
* @throws WAFInvalidParameterException
* The operation failed because AWS WAF didn't recognize a parameter in the request. For example:
*
* -
*
* You specified an invalid parameter name.
*
*
* -
*
* You specified an invalid value.
*
*
* -
*
* You tried to update an object (ByteMatchSet, IPSet, Rule, or
* WebACL) using an action other than INSERT or DELETE.
*
*
* -
*
* You tried to create a WebACL with a DefaultAction Type other than
* ALLOW, BLOCK, or COUNT.
*
*
* -
*
* You tried to update a WebACL with a WafAction Type other than
* ALLOW, BLOCK, or COUNT.
*
*
* -
*
* You tried to update a ByteMatchSet with a FieldToMatch Type other
* than HEADER, QUERY_STRING, or URI.
*
*
* -
*
* You tried to update a ByteMatchSet with a Field of HEADER but no
* value for Data.
*
*
* -
*
* Your request references an ARN that is malformed, or corresponds to a resource with which a web ACL
* cannot be associated.
*
*
* @throws WAFNonexistentItemException
* The operation failed because the referenced object doesn't exist.
* @throws WAFUnavailableEntityException
* The operation failed because the entity referenced is temporarily unavailable. Retry your request.
* @sample AWSWAFRegional.AssociateWebACL
* @see AWS
* API Documentation
*/
AssociateWebACLResult associateWebACL(AssociateWebACLRequest associateWebACLRequest);
/**
*
* Creates a ByteMatchSet. You then use UpdateByteMatchSet to identify the part of a web request
* that you want AWS WAF to inspect, such as the values of the User-Agent header or the query string.
* For example, you can create a ByteMatchSet that matches any requests with User-Agent
* headers that contain the string BadBot. You can then configure AWS WAF to reject those requests.
*
*
* To create and configure a ByteMatchSet, perform the following steps:
*
*
* -
*
* Use GetChangeToken to get the change token that you provide in the ChangeToken parameter of a
* CreateByteMatchSet request.
*
*
* -
*
* Submit a CreateByteMatchSet request.
*
*
* -
*
* Use GetChangeToken to get the change token that you provide in the ChangeToken
* parameter of an UpdateByteMatchSet request.
*
*
* -
*
* Submit an UpdateByteMatchSet request to specify the part of the request that you want AWS WAF to inspect
* (for example, the header or the URI) and the value that you want AWS WAF to watch for.
*
*
*
*
* For more information about how to use the AWS WAF API to allow or block HTTP requests, see the AWS WAF Developer Guide.
*
*
* @param createByteMatchSetRequest
* @return Result of the CreateByteMatchSet operation returned by the service.
* @throws WAFDisallowedNameException
* The name specified is invalid.
* @throws WAFInternalErrorException
* The operation failed because of a system problem, even though the request was valid. Retry your request.
* @throws WAFInvalidAccountException
* The operation failed because you tried to create, update, or delete an object by using an invalid account
* identifier.
* @throws WAFInvalidParameterException
* The operation failed because AWS WAF didn't recognize a parameter in the request. For example:
*
* -
*
* You specified an invalid parameter name.
*
*
* -
*
* You specified an invalid value.
*
*
* -
*
* You tried to update an object (ByteMatchSet, IPSet, Rule, or
* WebACL) using an action other than INSERT or DELETE.
*
*
* -
*
* You tried to create a WebACL with a DefaultAction Type other than
* ALLOW, BLOCK, or COUNT.
*
*
* -
*
* You tried to update a WebACL with a WafAction Type other than
* ALLOW, BLOCK, or COUNT.
*
*
* -
*
* You tried to update a ByteMatchSet with a FieldToMatch Type other
* than HEADER, QUERY_STRING, or URI.
*
*
* -
*
* You tried to update a ByteMatchSet with a Field of HEADER but no
* value for Data.
*
*
* -
*
* Your request references an ARN that is malformed, or corresponds to a resource with which a web ACL
* cannot be associated.
*
*
* @throws WAFStaleDataException
* The operation failed because you tried to create, update, or delete an object by using a change token
* that has already been used.
* @throws WAFLimitsExceededException
* The operation exceeds a resource limit, for example, the maximum number of WebACL objects
* that you can create for an AWS account. For more information, see Limits in the AWS WAF
* Developer Guide.
* @sample AWSWAFRegional.CreateByteMatchSet
* @see AWS API Documentation
*/
CreateByteMatchSetResult createByteMatchSet(CreateByteMatchSetRequest createByteMatchSetRequest);
/**
*
* Creates an IPSet, which you use to specify which web requests you want to allow or block based on the IP
* addresses that the requests originate from. For example, if you're receiving a lot of requests from one or more
* individual IP addresses or one or more ranges of IP addresses and you want to block the requests, you can create
* an IPSet that contains those IP addresses and then configure AWS WAF to block the requests.
*
*
* To create and configure an IPSet, perform the following steps:
*
*
* -
*
* Use GetChangeToken to get the change token that you provide in the ChangeToken parameter of a
* CreateIPSet request.
*
*
* -
*
* Submit a CreateIPSet request.
*
*
* -
*
* Use GetChangeToken to get the change token that you provide in the ChangeToken
* parameter of an UpdateIPSet request.
*
*
* -
*
* Submit an UpdateIPSet request to specify the IP addresses that you want AWS WAF to watch for.
*
*
*
*
* For more information about how to use the AWS WAF API to allow or block HTTP requests, see the AWS WAF Developer Guide.
*
*
* @param createIPSetRequest
* @return Result of the CreateIPSet operation returned by the service.
* @throws WAFStaleDataException
* The operation failed because you tried to create, update, or delete an object by using a change token
* that has already been used.
* @throws WAFInternalErrorException
* The operation failed because of a system problem, even though the request was valid. Retry your request.
* @throws WAFInvalidAccountException
* The operation failed because you tried to create, update, or delete an object by using an invalid account
* identifier.
* @throws WAFDisallowedNameException
* The name specified is invalid.
* @throws WAFInvalidParameterException
* The operation failed because AWS WAF didn't recognize a parameter in the request. For example:
*
* -
*
* You specified an invalid parameter name.
*
*
* -
*
* You specified an invalid value.
*
*
* -
*
* You tried to update an object (ByteMatchSet, IPSet, Rule, or
* WebACL) using an action other than INSERT or DELETE.
*
*
* -
*
* You tried to create a WebACL with a DefaultAction Type other than
* ALLOW, BLOCK, or COUNT.
*
*
* -
*
* You tried to update a WebACL with a WafAction Type other than
* ALLOW, BLOCK, or COUNT.
*
*
* -
*
* You tried to update a ByteMatchSet with a FieldToMatch Type other
* than HEADER, QUERY_STRING, or URI.
*
*
* -
*
* You tried to update a ByteMatchSet with a Field of HEADER but no
* value for Data.
*
*
* -
*
* Your request references an ARN that is malformed, or corresponds to a resource with which a web ACL
* cannot be associated.
*
*
* @throws WAFLimitsExceededException
* The operation exceeds a resource limit, for example, the maximum number of WebACL objects
* that you can create for an AWS account. For more information, see Limits in the AWS WAF
* Developer Guide.
* @sample AWSWAFRegional.CreateIPSet
* @see AWS API
* Documentation
*/
CreateIPSetResult createIPSet(CreateIPSetRequest createIPSetRequest);
/**
*
* Creates a Rule, which contains the IPSet objects, ByteMatchSet objects,
* and other predicates that identify the requests that you want to block. If you add more than one predicate to a
* Rule, a request must match all of the specifications to be allowed or blocked. For example, suppose
* you add the following to a Rule:
*
*
* -
*
* An IPSet that matches the IP address 192.0.2.44/32
*
*
* -
*
* A ByteMatchSet that matches BadBot in the User-Agent header
*
*
*
*
* You then add the Rule to a WebACL and specify that you want to blocks requests that
* satisfy the Rule. For a request to be blocked, it must come from the IP address 192.0.2.44
* and the User-Agent header in the request must contain the value BadBot.
*
*
* To create and configure a Rule, perform the following steps:
*
*
* -
*
* Create and update the predicates that you want to include in the Rule. For more information, see
* CreateByteMatchSet, CreateIPSet, and CreateSqlInjectionMatchSet.
*
*
* -
*
* Use GetChangeToken to get the change token that you provide in the ChangeToken parameter of a
* CreateRule request.
*
*
* -
*
* Submit a CreateRule request.
*
*
* -
*
* Use GetChangeToken to get the change token that you provide in the ChangeToken
* parameter of an UpdateRule request.
*
*
* -
*
* Submit an UpdateRule request to specify the predicates that you want to include in the
* Rule.
*
*
* -
*
* Create and update a WebACL that contains the Rule. For more information, see
* CreateWebACL.
*
*
*
*
* For more information about how to use the AWS WAF API to allow or block HTTP requests, see the AWS WAF Developer Guide.
*
*
* @param createRuleRequest
* @return Result of the CreateRule operation returned by the service.
* @throws WAFStaleDataException
* The operation failed because you tried to create, update, or delete an object by using a change token
* that has already been used.
* @throws WAFInternalErrorException
* The operation failed because of a system problem, even though the request was valid. Retry your request.
* @throws WAFDisallowedNameException
* The name specified is invalid.
* @throws WAFInvalidParameterException
* The operation failed because AWS WAF didn't recognize a parameter in the request. For example:
*
* -
*
* You specified an invalid parameter name.
*
*
* -
*
* You specified an invalid value.
*
*
* -
*
* You tried to update an object (ByteMatchSet, IPSet, Rule, or
* WebACL) using an action other than INSERT or DELETE.
*
*
* -
*
* You tried to create a WebACL with a DefaultAction Type other than
* ALLOW, BLOCK, or COUNT.
*
*
* -
*
* You tried to update a WebACL with a WafAction Type other than
* ALLOW, BLOCK, or COUNT.
*
*
* -
*
* You tried to update a ByteMatchSet with a FieldToMatch Type other
* than HEADER, QUERY_STRING, or URI.
*
*
* -
*
* You tried to update a ByteMatchSet with a Field of HEADER but no
* value for Data.
*
*
* -
*
* Your request references an ARN that is malformed, or corresponds to a resource with which a web ACL
* cannot be associated.
*
*
* @throws WAFLimitsExceededException
* The operation exceeds a resource limit, for example, the maximum number of WebACL objects
* that you can create for an AWS account. For more information, see Limits in the AWS WAF
* Developer Guide.
* @sample AWSWAFRegional.CreateRule
* @see AWS API
* Documentation
*/
CreateRuleResult createRule(CreateRuleRequest createRuleRequest);
/**
*
* Creates a SizeConstraintSet. You then use UpdateSizeConstraintSet to identify the part of a
* web request that you want AWS WAF to check for length, such as the length of the User-Agent header
* or the length of the query string. For example, you can create a SizeConstraintSet that matches any
* requests that have a query string that is longer than 100 bytes. You can then configure AWS WAF to reject those
* requests.
*
*
* To create and configure a SizeConstraintSet, perform the following steps:
*
*
* -
*
* Use GetChangeToken to get the change token that you provide in the ChangeToken parameter of a
* CreateSizeConstraintSet request.
*
*
* -
*
* Submit a CreateSizeConstraintSet request.
*
*
* -
*
* Use GetChangeToken to get the change token that you provide in the ChangeToken
* parameter of an UpdateSizeConstraintSet request.
*
*
* -
*
* Submit an UpdateSizeConstraintSet request to specify the part of the request that you want AWS WAF to
* inspect (for example, the header or the URI) and the value that you want AWS WAF to watch for.
*
*
*
*
* For more information about how to use the AWS WAF API to allow or block HTTP requests, see the AWS WAF Developer Guide.
*
*
* @param createSizeConstraintSetRequest
* @return Result of the CreateSizeConstraintSet operation returned by the service.
* @throws WAFStaleDataException
* The operation failed because you tried to create, update, or delete an object by using a change token
* that has already been used.
* @throws WAFInternalErrorException
* The operation failed because of a system problem, even though the request was valid. Retry your request.
* @throws WAFInvalidAccountException
* The operation failed because you tried to create, update, or delete an object by using an invalid account
* identifier.
* @throws WAFDisallowedNameException
* The name specified is invalid.
* @throws WAFInvalidParameterException
* The operation failed because AWS WAF didn't recognize a parameter in the request. For example:
*
* -
*
* You specified an invalid parameter name.
*
*
* -
*
* You specified an invalid value.
*
*
* -
*
* You tried to update an object (ByteMatchSet, IPSet, Rule, or
* WebACL) using an action other than INSERT or DELETE.
*
*
* -
*
* You tried to create a WebACL with a DefaultAction Type other than
* ALLOW, BLOCK, or COUNT.
*
*
* -
*
* You tried to update a WebACL with a WafAction Type other than
* ALLOW, BLOCK, or COUNT.
*
*
* -
*
* You tried to update a ByteMatchSet with a FieldToMatch Type other
* than HEADER, QUERY_STRING, or URI.
*
*
* -
*
* You tried to update a ByteMatchSet with a Field of HEADER but no
* value for Data.
*
*
* -
*
* Your request references an ARN that is malformed, or corresponds to a resource with which a web ACL
* cannot be associated.
*
*
* @throws WAFLimitsExceededException
* The operation exceeds a resource limit, for example, the maximum number of WebACL objects
* that you can create for an AWS account. For more information, see Limits in the AWS WAF
* Developer Guide.
* @sample AWSWAFRegional.CreateSizeConstraintSet
* @see AWS API Documentation
*/
CreateSizeConstraintSetResult createSizeConstraintSet(CreateSizeConstraintSetRequest createSizeConstraintSetRequest);
/**
*
* Creates a SqlInjectionMatchSet, which you use to allow, block, or count requests that contain snippets of
* SQL code in a specified part of web requests. AWS WAF searches for character sequences that are likely to be
* malicious strings.
*
*
* To create and configure a SqlInjectionMatchSet, perform the following steps:
*
*
* -
*
* Use GetChangeToken to get the change token that you provide in the ChangeToken parameter of a
* CreateSqlInjectionMatchSet request.
*
*
* -
*
* Submit a CreateSqlInjectionMatchSet request.
*
*
* -
*
* Use GetChangeToken to get the change token that you provide in the ChangeToken
* parameter of an UpdateSqlInjectionMatchSet request.
*
*
* -
*
* Submit an UpdateSqlInjectionMatchSet request to specify the parts of web requests in which you want to
* allow, block, or count malicious SQL code.
*
*
*
*
* For more information about how to use the AWS WAF API to allow or block HTTP requests, see the AWS WAF Developer Guide.
*
*
* @param createSqlInjectionMatchSetRequest
* A request to create a SqlInjectionMatchSet.
* @return Result of the CreateSqlInjectionMatchSet operation returned by the service.
* @throws WAFDisallowedNameException
* The name specified is invalid.
* @throws WAFInternalErrorException
* The operation failed because of a system problem, even though the request was valid. Retry your request.
* @throws WAFInvalidAccountException
* The operation failed because you tried to create, update, or delete an object by using an invalid account
* identifier.
* @throws WAFInvalidParameterException
* The operation failed because AWS WAF didn't recognize a parameter in the request. For example:
*
* -
*
* You specified an invalid parameter name.
*
*
* -
*
* You specified an invalid value.
*
*
* -
*
* You tried to update an object (ByteMatchSet, IPSet, Rule, or
* WebACL) using an action other than INSERT or DELETE.
*
*
* -
*
* You tried to create a WebACL with a DefaultAction Type other than
* ALLOW, BLOCK, or COUNT.
*
*
* -
*
* You tried to update a WebACL with a WafAction Type other than
* ALLOW, BLOCK, or COUNT.
*
*
* -
*
* You tried to update a ByteMatchSet with a FieldToMatch Type other
* than HEADER, QUERY_STRING, or URI.
*
*
* -
*
* You tried to update a ByteMatchSet with a Field of HEADER but no
* value for Data.
*
*
* -
*
* Your request references an ARN that is malformed, or corresponds to a resource with which a web ACL
* cannot be associated.
*
*
* @throws WAFStaleDataException
* The operation failed because you tried to create, update, or delete an object by using a change token
* that has already been used.
* @throws WAFLimitsExceededException
* The operation exceeds a resource limit, for example, the maximum number of WebACL objects
* that you can create for an AWS account. For more information, see Limits in the AWS WAF
* Developer Guide.
* @sample AWSWAFRegional.CreateSqlInjectionMatchSet
* @see AWS API Documentation
*/
CreateSqlInjectionMatchSetResult createSqlInjectionMatchSet(CreateSqlInjectionMatchSetRequest createSqlInjectionMatchSetRequest);
/**
*
* Creates a WebACL, which contains the Rules that identify the CloudFront web requests
* that you want to allow, block, or count. AWS WAF evaluates Rules in order based on the value of
* Priority for each Rule.
*
*
* You also specify a default action, either ALLOW or BLOCK. If a web request doesn't
* match any of the Rules in a WebACL, AWS WAF responds to the request with the default
* action.
*
*
* To create and configure a WebACL, perform the following steps:
*
*
* -
*
* Create and update the ByteMatchSet objects and other predicates that you want to include in
* Rules. For more information, see CreateByteMatchSet, UpdateByteMatchSet,
* CreateIPSet, UpdateIPSet, CreateSqlInjectionMatchSet, and UpdateSqlInjectionMatchSet.
*
*
* -
*
* Create and update the Rules that you want to include in the WebACL. For more
* information, see CreateRule and UpdateRule.
*
*
* -
*
* Use GetChangeToken to get the change token that you provide in the ChangeToken parameter of a
* CreateWebACL request.
*
*
* -
*
* Submit a CreateWebACL request.
*
*
* -
*
* Use GetChangeToken to get the change token that you provide in the ChangeToken
* parameter of an UpdateWebACL request.
*
*
* -
*
* Submit an UpdateWebACL request to specify the Rules that you want to include in the
* WebACL, to specify the default action, and to associate the WebACL with a CloudFront
* distribution.
*
*
*
*
* For more information about how to use the AWS WAF API, see the AWS WAF Developer Guide.
*
*
* @param createWebACLRequest
* @return Result of the CreateWebACL operation returned by the service.
* @throws WAFStaleDataException
* The operation failed because you tried to create, update, or delete an object by using a change token
* that has already been used.
* @throws WAFInternalErrorException
* The operation failed because of a system problem, even though the request was valid. Retry your request.
* @throws WAFInvalidAccountException
* The operation failed because you tried to create, update, or delete an object by using an invalid account
* identifier.
* @throws WAFDisallowedNameException
* The name specified is invalid.
* @throws WAFInvalidParameterException
* The operation failed because AWS WAF didn't recognize a parameter in the request. For example:
*
* -
*
* You specified an invalid parameter name.
*
*
* -
*
* You specified an invalid value.
*
*
* -
*
* You tried to update an object (ByteMatchSet, IPSet, Rule, or
* WebACL) using an action other than INSERT or DELETE.
*
*
* -
*
* You tried to create a WebACL with a DefaultAction Type other than
* ALLOW, BLOCK, or COUNT.
*
*
* -
*
* You tried to update a WebACL with a WafAction Type other than
* ALLOW, BLOCK, or COUNT.
*
*
* -
*
* You tried to update a ByteMatchSet with a FieldToMatch Type other
* than HEADER, QUERY_STRING, or URI.
*
*
* -
*
* You tried to update a ByteMatchSet with a Field of HEADER but no
* value for Data.
*
*
* -
*
* Your request references an ARN that is malformed, or corresponds to a resource with which a web ACL
* cannot be associated.
*
*
* @throws WAFLimitsExceededException
* The operation exceeds a resource limit, for example, the maximum number of WebACL objects
* that you can create for an AWS account. For more information, see Limits in the AWS WAF
* Developer Guide.
* @sample AWSWAFRegional.CreateWebACL
* @see AWS API
* Documentation
*/
CreateWebACLResult createWebACL(CreateWebACLRequest createWebACLRequest);
/**
*
* Creates an XssMatchSet, which you use to allow, block, or count requests that contain cross-site scripting
* attacks in the specified part of web requests. AWS WAF searches for character sequences that are likely to be
* malicious strings.
*
*
* To create and configure an XssMatchSet, perform the following steps:
*
*
* -
*
* Use GetChangeToken to get the change token that you provide in the ChangeToken parameter of a
* CreateXssMatchSet request.
*
*
* -
*
* Submit a CreateXssMatchSet request.
*
*
* -
*
* Use GetChangeToken to get the change token that you provide in the ChangeToken
* parameter of an UpdateXssMatchSet request.
*
*
* -
*
* Submit an UpdateXssMatchSet request to specify the parts of web requests in which you want to allow,
* block, or count cross-site scripting attacks.
*
*
*
*
* For more information about how to use the AWS WAF API to allow or block HTTP requests, see the AWS WAF Developer Guide.
*
*
* @param createXssMatchSetRequest
* A request to create an XssMatchSet.
* @return Result of the CreateXssMatchSet operation returned by the service.
* @throws WAFDisallowedNameException
* The name specified is invalid.
* @throws WAFInternalErrorException
* The operation failed because of a system problem, even though the request was valid. Retry your request.
* @throws WAFInvalidAccountException
* The operation failed because you tried to create, update, or delete an object by using an invalid account
* identifier.
* @throws WAFInvalidParameterException
* The operation failed because AWS WAF didn't recognize a parameter in the request. For example:
*
* -
*
* You specified an invalid parameter name.
*
*
* -
*
* You specified an invalid value.
*
*
* -
*
* You tried to update an object (ByteMatchSet, IPSet, Rule, or
* WebACL) using an action other than INSERT or DELETE.
*
*
* -
*
* You tried to create a WebACL with a DefaultAction Type other than
* ALLOW, BLOCK, or COUNT.
*
*
* -
*
* You tried to update a WebACL with a WafAction Type other than
* ALLOW, BLOCK, or COUNT.
*
*
* -
*
* You tried to update a ByteMatchSet with a FieldToMatch Type other
* than HEADER, QUERY_STRING, or URI.
*
*
* -
*
* You tried to update a ByteMatchSet with a Field of HEADER but no
* value for Data.
*
*
* -
*
* Your request references an ARN that is malformed, or corresponds to a resource with which a web ACL
* cannot be associated.
*
*
* @throws WAFStaleDataException
* The operation failed because you tried to create, update, or delete an object by using a change token
* that has already been used.
* @throws WAFLimitsExceededException
* The operation exceeds a resource limit, for example, the maximum number of WebACL objects
* that you can create for an AWS account. For more information, see Limits in the AWS WAF
* Developer Guide.
* @sample AWSWAFRegional.CreateXssMatchSet
* @see AWS
* API Documentation
*/
CreateXssMatchSetResult createXssMatchSet(CreateXssMatchSetRequest createXssMatchSetRequest);
/**
*
* Permanently deletes a ByteMatchSet. You can't delete a ByteMatchSet if it's still used in any
* Rules or if it still includes any ByteMatchTuple objects (any filters).
*
*
* If you just want to remove a ByteMatchSet from a Rule, use UpdateRule.
*
*
* To permanently delete a ByteMatchSet, perform the following steps:
*
*
* -
*
* Update the ByteMatchSet to remove filters, if any. For more information, see
* UpdateByteMatchSet.
*
*
* -
*
* Use GetChangeToken to get the change token that you provide in the ChangeToken parameter of a
* DeleteByteMatchSet request.
*
*
* -
*
* Submit a DeleteByteMatchSet request.
*
*
*
*
* @param deleteByteMatchSetRequest
* @return Result of the DeleteByteMatchSet operation returned by the service.
* @throws WAFInternalErrorException
* The operation failed because of a system problem, even though the request was valid. Retry your request.
* @throws WAFInvalidAccountException
* The operation failed because you tried to create, update, or delete an object by using an invalid account
* identifier.
* @throws WAFNonexistentItemException
* The operation failed because the referenced object doesn't exist.
* @throws WAFReferencedItemException
* The operation failed because you tried to delete an object that is still in use. For example:
*
* -
*
* You tried to delete a ByteMatchSet that is still referenced by a Rule.
*
*
* -
*
* You tried to delete a Rule that is still referenced by a WebACL.
*
*
* @throws WAFStaleDataException
* The operation failed because you tried to create, update, or delete an object by using a change token
* that has already been used.
* @throws WAFNonEmptyEntityException
* The operation failed because you tried to delete an object that isn't empty. For example:
*
* -
*
* You tried to delete a WebACL that still contains one or more Rule objects.
*
*
* -
*
* You tried to delete a Rule that still contains one or more ByteMatchSet objects
* or other predicates.
*
*
* -
*
* You tried to delete a ByteMatchSet that contains one or more ByteMatchTuple
* objects.
*
*
* -
*
* You tried to delete an IPSet that references one or more IP addresses.
*
*
* @sample AWSWAFRegional.DeleteByteMatchSet
* @see AWS API Documentation
*/
DeleteByteMatchSetResult deleteByteMatchSet(DeleteByteMatchSetRequest deleteByteMatchSetRequest);
/**
*
* Permanently deletes an IPSet. You can't delete an IPSet if it's still used in any
* Rules or if it still includes any IP addresses.
*
*
* If you just want to remove an IPSet from a Rule, use UpdateRule.
*
*
* To permanently delete an IPSet from AWS WAF, perform the following steps:
*
*
* -
*
* Update the IPSet to remove IP address ranges, if any. For more information, see UpdateIPSet.
*
*
* -
*
* Use GetChangeToken to get the change token that you provide in the ChangeToken parameter of a
* DeleteIPSet request.
*
*
* -
*
* Submit a DeleteIPSet request.
*
*
*
*
* @param deleteIPSetRequest
* @return Result of the DeleteIPSet operation returned by the service.
* @throws WAFStaleDataException
* The operation failed because you tried to create, update, or delete an object by using a change token
* that has already been used.
* @throws WAFInternalErrorException
* The operation failed because of a system problem, even though the request was valid. Retry your request.
* @throws WAFInvalidAccountException
* The operation failed because you tried to create, update, or delete an object by using an invalid account
* identifier.
* @throws WAFNonexistentItemException
* The operation failed because the referenced object doesn't exist.
* @throws WAFReferencedItemException
* The operation failed because you tried to delete an object that is still in use. For example:
*
* -
*
* You tried to delete a ByteMatchSet that is still referenced by a Rule.
*
*
* -
*
* You tried to delete a Rule that is still referenced by a WebACL.
*
*
* @throws WAFNonEmptyEntityException
* The operation failed because you tried to delete an object that isn't empty. For example:
*
* -
*
* You tried to delete a WebACL that still contains one or more Rule objects.
*
*
* -
*
* You tried to delete a Rule that still contains one or more ByteMatchSet objects
* or other predicates.
*
*
* -
*
* You tried to delete a ByteMatchSet that contains one or more ByteMatchTuple
* objects.
*
*
* -
*
* You tried to delete an IPSet that references one or more IP addresses.
*
*
* @sample AWSWAFRegional.DeleteIPSet
* @see AWS API
* Documentation
*/
DeleteIPSetResult deleteIPSet(DeleteIPSetRequest deleteIPSetRequest);
/**
*
* Permanently deletes a Rule. You can't delete a Rule if it's still used in any
* WebACL objects or if it still includes any predicates, such as ByteMatchSet objects.
*
*
* If you just want to remove a Rule from a WebACL, use UpdateWebACL.
*
*
* To permanently delete a Rule from AWS WAF, perform the following steps:
*
*
* -
*
* Update the Rule to remove predicates, if any. For more information, see UpdateRule.
*
*
* -
*
* Use GetChangeToken to get the change token that you provide in the ChangeToken parameter of a
* DeleteRule request.
*
*
* -
*
* Submit a DeleteRule request.
*
*
*
*
* @param deleteRuleRequest
* @return Result of the DeleteRule operation returned by the service.
* @throws WAFStaleDataException
* The operation failed because you tried to create, update, or delete an object by using a change token
* that has already been used.
* @throws WAFInternalErrorException
* The operation failed because of a system problem, even though the request was valid. Retry your request.
* @throws WAFInvalidAccountException
* The operation failed because you tried to create, update, or delete an object by using an invalid account
* identifier.
* @throws WAFNonexistentItemException
* The operation failed because the referenced object doesn't exist.
* @throws WAFReferencedItemException
* The operation failed because you tried to delete an object that is still in use. For example:
*
* -
*
* You tried to delete a ByteMatchSet that is still referenced by a Rule.
*
*
* -
*
* You tried to delete a Rule that is still referenced by a WebACL.
*
*
* @throws WAFNonEmptyEntityException
* The operation failed because you tried to delete an object that isn't empty. For example:
*
* -
*
* You tried to delete a WebACL that still contains one or more Rule objects.
*
*
* -
*
* You tried to delete a Rule that still contains one or more ByteMatchSet objects
* or other predicates.
*
*
* -
*
* You tried to delete a ByteMatchSet that contains one or more ByteMatchTuple
* objects.
*
*
* -
*
* You tried to delete an IPSet that references one or more IP addresses.
*
*
* @sample AWSWAFRegional.DeleteRule
* @see AWS API
* Documentation
*/
DeleteRuleResult deleteRule(DeleteRuleRequest deleteRuleRequest);
/**
*
* Permanently deletes a SizeConstraintSet. You can't delete a SizeConstraintSet if it's still
* used in any Rules or if it still includes any SizeConstraint objects (any filters).
*
*
* If you just want to remove a SizeConstraintSet from a Rule, use UpdateRule.
*
*
* To permanently delete a SizeConstraintSet, perform the following steps:
*
*
* -
*
* Update the SizeConstraintSet to remove filters, if any. For more information, see
* UpdateSizeConstraintSet.
*
*
* -
*
* Use GetChangeToken to get the change token that you provide in the ChangeToken parameter of a
* DeleteSizeConstraintSet request.
*
*
* -
*
* Submit a DeleteSizeConstraintSet request.
*
*
*
*
* @param deleteSizeConstraintSetRequest
* @return Result of the DeleteSizeConstraintSet operation returned by the service.
* @throws WAFStaleDataException
* The operation failed because you tried to create, update, or delete an object by using a change token
* that has already been used.
* @throws WAFInternalErrorException
* The operation failed because of a system problem, even though the request was valid. Retry your request.
* @throws WAFInvalidAccountException
* The operation failed because you tried to create, update, or delete an object by using an invalid account
* identifier.
* @throws WAFNonexistentItemException
* The operation failed because the referenced object doesn't exist.
* @throws WAFReferencedItemException
* The operation failed because you tried to delete an object that is still in use. For example:
*
* -
*
* You tried to delete a ByteMatchSet that is still referenced by a Rule.
*
*
* -
*
* You tried to delete a Rule that is still referenced by a WebACL.
*
*
* @throws WAFNonEmptyEntityException
* The operation failed because you tried to delete an object that isn't empty. For example:
*
* -
*
* You tried to delete a WebACL that still contains one or more Rule objects.
*
*
* -
*
* You tried to delete a Rule that still contains one or more ByteMatchSet objects
* or other predicates.
*
*
* -
*
* You tried to delete a ByteMatchSet that contains one or more ByteMatchTuple
* objects.
*
*
* -
*
* You tried to delete an IPSet that references one or more IP addresses.
*
*
* @sample AWSWAFRegional.DeleteSizeConstraintSet
* @see AWS API Documentation
*/
DeleteSizeConstraintSetResult deleteSizeConstraintSet(DeleteSizeConstraintSetRequest deleteSizeConstraintSetRequest);
/**
*
* Permanently deletes a SqlInjectionMatchSet. You can't delete a SqlInjectionMatchSet if it's
* still used in any Rules or if it still contains any SqlInjectionMatchTuple objects.
*
*
* If you just want to remove a SqlInjectionMatchSet from a Rule, use UpdateRule.
*
*
* To permanently delete a SqlInjectionMatchSet from AWS WAF, perform the following steps:
*
*
* -
*
* Update the SqlInjectionMatchSet to remove filters, if any. For more information, see
* UpdateSqlInjectionMatchSet.
*
*
* -
*
* Use GetChangeToken to get the change token that you provide in the ChangeToken parameter of a
* DeleteSqlInjectionMatchSet request.
*
*
* -
*
* Submit a DeleteSqlInjectionMatchSet request.
*
*
*
*
* @param deleteSqlInjectionMatchSetRequest
* A request to delete a SqlInjectionMatchSet from AWS WAF.
* @return Result of the DeleteSqlInjectionMatchSet operation returned by the service.
* @throws WAFInternalErrorException
* The operation failed because of a system problem, even though the request was valid. Retry your request.
* @throws WAFInvalidAccountException
* The operation failed because you tried to create, update, or delete an object by using an invalid account
* identifier.
* @throws WAFNonexistentItemException
* The operation failed because the referenced object doesn't exist.
* @throws WAFReferencedItemException
* The operation failed because you tried to delete an object that is still in use. For example:
*
* -
*
* You tried to delete a ByteMatchSet that is still referenced by a Rule.
*
*
* -
*
* You tried to delete a Rule that is still referenced by a WebACL.
*
*
* @throws WAFStaleDataException
* The operation failed because you tried to create, update, or delete an object by using a change token
* that has already been used.
* @throws WAFNonEmptyEntityException
* The operation failed because you tried to delete an object that isn't empty. For example:
*
* -
*
* You tried to delete a WebACL that still contains one or more Rule objects.
*
*
* -
*
* You tried to delete a Rule that still contains one or more ByteMatchSet objects
* or other predicates.
*
*
* -
*
* You tried to delete a ByteMatchSet that contains one or more ByteMatchTuple
* objects.
*
*
* -
*
* You tried to delete an IPSet that references one or more IP addresses.
*
*
* @sample AWSWAFRegional.DeleteSqlInjectionMatchSet
* @see AWS API Documentation
*/
DeleteSqlInjectionMatchSetResult deleteSqlInjectionMatchSet(DeleteSqlInjectionMatchSetRequest deleteSqlInjectionMatchSetRequest);
/**
*
* Permanently deletes a WebACL. You can't delete a WebACL if it still contains any
* Rules.
*
*
* To delete a WebACL, perform the following steps:
*
*
* -
*
* Update the WebACL to remove Rules, if any. For more information, see
* UpdateWebACL.
*
*
* -
*
* Use GetChangeToken to get the change token that you provide in the ChangeToken parameter of a
* DeleteWebACL request.
*
*
* -
*
* Submit a DeleteWebACL request.
*
*
*
*
* @param deleteWebACLRequest
* @return Result of the DeleteWebACL operation returned by the service.
* @throws WAFStaleDataException
* The operation failed because you tried to create, update, or delete an object by using a change token
* that has already been used.
* @throws WAFInternalErrorException
* The operation failed because of a system problem, even though the request was valid. Retry your request.
* @throws WAFInvalidAccountException
* The operation failed because you tried to create, update, or delete an object by using an invalid account
* identifier.
* @throws WAFNonexistentItemException
* The operation failed because the referenced object doesn't exist.
* @throws WAFReferencedItemException
* The operation failed because you tried to delete an object that is still in use. For example:
*
* -
*
* You tried to delete a ByteMatchSet that is still referenced by a Rule.
*
*
* -
*
* You tried to delete a Rule that is still referenced by a WebACL.
*
*
* @throws WAFNonEmptyEntityException
* The operation failed because you tried to delete an object that isn't empty. For example:
*
* -
*
* You tried to delete a WebACL that still contains one or more Rule objects.
*
*
* -
*
* You tried to delete a Rule that still contains one or more ByteMatchSet objects
* or other predicates.
*
*
* -
*
* You tried to delete a ByteMatchSet that contains one or more ByteMatchTuple
* objects.
*
*
* -
*
* You tried to delete an IPSet that references one or more IP addresses.
*
*
* @sample AWSWAFRegional.DeleteWebACL
* @see AWS API
* Documentation
*/
DeleteWebACLResult deleteWebACL(DeleteWebACLRequest deleteWebACLRequest);
/**
*
* Permanently deletes an XssMatchSet. You can't delete an XssMatchSet if it's still used in any
* Rules or if it still contains any XssMatchTuple objects.
*
*
* If you just want to remove an XssMatchSet from a Rule, use UpdateRule.
*
*
* To permanently delete an XssMatchSet from AWS WAF, perform the following steps:
*
*
* -
*
* Update the XssMatchSet to remove filters, if any. For more information, see
* UpdateXssMatchSet.
*
*
* -
*
* Use GetChangeToken to get the change token that you provide in the ChangeToken parameter of a
* DeleteXssMatchSet request.
*
*
* -
*
* Submit a DeleteXssMatchSet request.
*
*
*
*
* @param deleteXssMatchSetRequest
* A request to delete an XssMatchSet from AWS WAF.
* @return Result of the DeleteXssMatchSet operation returned by the service.
* @throws WAFInternalErrorException
* The operation failed because of a system problem, even though the request was valid. Retry your request.
* @throws WAFInvalidAccountException
* The operation failed because you tried to create, update, or delete an object by using an invalid account
* identifier.
* @throws WAFNonexistentItemException
* The operation failed because the referenced object doesn't exist.
* @throws WAFReferencedItemException
* The operation failed because you tried to delete an object that is still in use. For example:
*
* -
*
* You tried to delete a ByteMatchSet that is still referenced by a Rule.
*
*
* -
*
* You tried to delete a Rule that is still referenced by a WebACL.
*
*
* @throws WAFStaleDataException
* The operation failed because you tried to create, update, or delete an object by using a change token
* that has already been used.
* @throws WAFNonEmptyEntityException
* The operation failed because you tried to delete an object that isn't empty. For example:
*
* -
*
* You tried to delete a WebACL that still contains one or more Rule objects.
*
*
* -
*
* You tried to delete a Rule that still contains one or more ByteMatchSet objects
* or other predicates.
*
*
* -
*
* You tried to delete a ByteMatchSet that contains one or more ByteMatchTuple
* objects.
*
*
* -
*
* You tried to delete an IPSet that references one or more IP addresses.
*
*
* @sample AWSWAFRegional.DeleteXssMatchSet
* @see AWS
* API Documentation
*/
DeleteXssMatchSetResult deleteXssMatchSet(DeleteXssMatchSetRequest deleteXssMatchSetRequest);
/**
*
* Removes a web ACL from the specified resource.
*
*
* @param disassociateWebACLRequest
* @return Result of the DisassociateWebACL operation returned by the service.
* @throws WAFInternalErrorException
* The operation failed because of a system problem, even though the request was valid. Retry your request.
* @throws WAFInvalidAccountException
* The operation failed because you tried to create, update, or delete an object by using an invalid account
* identifier.
* @throws WAFInvalidParameterException
* The operation failed because AWS WAF didn't recognize a parameter in the request. For example:
*
* -
*
* You specified an invalid parameter name.
*
*
* -
*
* You specified an invalid value.
*
*
* -
*
* You tried to update an object (ByteMatchSet, IPSet, Rule, or
* WebACL) using an action other than INSERT or DELETE.
*
*
* -
*
* You tried to create a WebACL with a DefaultAction Type other than
* ALLOW, BLOCK, or COUNT.
*
*
* -
*
* You tried to update a WebACL with a WafAction Type other than
* ALLOW, BLOCK, or COUNT.
*
*
* -
*
* You tried to update a ByteMatchSet with a FieldToMatch Type other
* than HEADER, QUERY_STRING, or URI.
*
*
* -
*
* You tried to update a ByteMatchSet with a Field of HEADER but no
* value for Data.
*
*
* -
*
* Your request references an ARN that is malformed, or corresponds to a resource with which a web ACL
* cannot be associated.
*
*
* @throws WAFNonexistentItemException
* The operation failed because the referenced object doesn't exist.
* @sample AWSWAFRegional.DisassociateWebACL
* @see AWS API Documentation
*/
DisassociateWebACLResult disassociateWebACL(DisassociateWebACLRequest disassociateWebACLRequest);
/**
*
* Returns the ByteMatchSet specified by ByteMatchSetId.
*
*
* @param getByteMatchSetRequest
* @return Result of the GetByteMatchSet operation returned by the service.
* @throws WAFInternalErrorException
* The operation failed because of a system problem, even though the request was valid. Retry your request.
* @throws WAFInvalidAccountException
* The operation failed because you tried to create, update, or delete an object by using an invalid account
* identifier.
* @throws WAFNonexistentItemException
* The operation failed because the referenced object doesn't exist.
* @sample AWSWAFRegional.GetByteMatchSet
* @see AWS
* API Documentation
*/
GetByteMatchSetResult getByteMatchSet(GetByteMatchSetRequest getByteMatchSetRequest);
/**
*
* When you want to create, update, or delete AWS WAF objects, get a change token and include the change token in
* the create, update, or delete request. Change tokens ensure that your application doesn't submit conflicting
* requests to AWS WAF.
*
*
* Each create, update, or delete request must use a unique change token. If your application submits a
* GetChangeToken request and then submits a second GetChangeToken request before
* submitting a create, update, or delete request, the second GetChangeToken request returns the same
* value as the first GetChangeToken request.
*
*
* When you use a change token in a create, update, or delete request, the status of the change token changes to
* PENDING, which indicates that AWS WAF is propagating the change to all AWS WAF servers. Use
* GetChangeTokenStatus to determine the status of your change token.
*
*
* @param getChangeTokenRequest
* @return Result of the GetChangeToken operation returned by the service.
* @throws WAFInternalErrorException
* The operation failed because of a system problem, even though the request was valid. Retry your request.
* @sample AWSWAFRegional.GetChangeToken
* @see AWS
* API Documentation
*/
GetChangeTokenResult getChangeToken(GetChangeTokenRequest getChangeTokenRequest);
/**
*
* Returns the status of a ChangeToken that you got by calling GetChangeToken.
* ChangeTokenStatus is one of the following values:
*
*
* -
*
* PROVISIONED: You requested the change token by calling GetChangeToken, but you haven't
* used it yet in a call to create, update, or delete an AWS WAF object.
*
*
* -
*
* PENDING: AWS WAF is propagating the create, update, or delete request to all AWS WAF servers.
*
*
* -
*
* IN_SYNC: Propagation is complete.
*
*
*
*
* @param getChangeTokenStatusRequest
* @return Result of the GetChangeTokenStatus operation returned by the service.
* @throws WAFNonexistentItemException
* The operation failed because the referenced object doesn't exist.
* @throws WAFInternalErrorException
* The operation failed because of a system problem, even though the request was valid. Retry your request.
* @sample AWSWAFRegional.GetChangeTokenStatus
* @see AWS API Documentation
*/
GetChangeTokenStatusResult getChangeTokenStatus(GetChangeTokenStatusRequest getChangeTokenStatusRequest);
/**
*
* Returns the IPSet that is specified by IPSetId.
*
*
* @param getIPSetRequest
* @return Result of the GetIPSet operation returned by the service.
* @throws WAFInternalErrorException
* The operation failed because of a system problem, even though the request was valid. Retry your request.
* @throws WAFInvalidAccountException
* The operation failed because you tried to create, update, or delete an object by using an invalid account
* identifier.
* @throws WAFNonexistentItemException
* The operation failed because the referenced object doesn't exist.
* @sample AWSWAFRegional.GetIPSet
* @see AWS API
* Documentation
*/
GetIPSetResult getIPSet(GetIPSetRequest getIPSetRequest);
/**
*
* Returns the Rule that is specified by the RuleId that you included in the
* GetRule request.
*
*
* @param getRuleRequest
* @return Result of the GetRule operation returned by the service.
* @throws WAFInternalErrorException
* The operation failed because of a system problem, even though the request was valid. Retry your request.
* @throws WAFInvalidAccountException
* The operation failed because you tried to create, update, or delete an object by using an invalid account
* identifier.
* @throws WAFNonexistentItemException
* The operation failed because the referenced object doesn't exist.
* @sample AWSWAFRegional.GetRule
* @see AWS API
* Documentation
*/
GetRuleResult getRule(GetRuleRequest getRuleRequest);
/**
*
* Gets detailed information about a specified number of requests--a sample--that AWS WAF randomly selects from
* among the first 5,000 requests that your AWS resource received during a time range that you choose. You can
* specify a sample size of up to 100 requests, and you can specify any time range in the previous three hours.
*
*
* GetSampledRequests returns a time range, which is usually the time range that you specified.
* However, if your resource (such as a CloudFront distribution) received 5,000 requests before the specified time
* range elapsed, GetSampledRequests returns an updated time range. This new time range indicates the
* actual period during which AWS WAF selected the requests in the sample.
*
*
* @param getSampledRequestsRequest
* @return Result of the GetSampledRequests operation returned by the service.
* @throws WAFNonexistentItemException
* The operation failed because the referenced object doesn't exist.
* @throws WAFInternalErrorException
* The operation failed because of a system problem, even though the request was valid. Retry your request.
* @sample AWSWAFRegional.GetSampledRequests
* @see AWS API Documentation
*/
GetSampledRequestsResult getSampledRequests(GetSampledRequestsRequest getSampledRequestsRequest);
/**
*
* Returns the SizeConstraintSet specified by SizeConstraintSetId.
*
*
* @param getSizeConstraintSetRequest
* @return Result of the GetSizeConstraintSet operation returned by the service.
* @throws WAFInternalErrorException
* The operation failed because of a system problem, even though the request was valid. Retry your request.
* @throws WAFInvalidAccountException
* The operation failed because you tried to create, update, or delete an object by using an invalid account
* identifier.
* @throws WAFNonexistentItemException
* The operation failed because the referenced object doesn't exist.
* @sample AWSWAFRegional.GetSizeConstraintSet
* @see AWS API Documentation
*/
GetSizeConstraintSetResult getSizeConstraintSet(GetSizeConstraintSetRequest getSizeConstraintSetRequest);
/**
*
* Returns the SqlInjectionMatchSet that is specified by SqlInjectionMatchSetId.
*
*
* @param getSqlInjectionMatchSetRequest
* A request to get a SqlInjectionMatchSet.
* @return Result of the GetSqlInjectionMatchSet operation returned by the service.
* @throws WAFInternalErrorException
* The operation failed because of a system problem, even though the request was valid. Retry your request.
* @throws WAFInvalidAccountException
* The operation failed because you tried to create, update, or delete an object by using an invalid account
* identifier.
* @throws WAFNonexistentItemException
* The operation failed because the referenced object doesn't exist.
* @sample AWSWAFRegional.GetSqlInjectionMatchSet
* @see AWS API Documentation
*/
GetSqlInjectionMatchSetResult getSqlInjectionMatchSet(GetSqlInjectionMatchSetRequest getSqlInjectionMatchSetRequest);
/**
*
* Returns the WebACL that is specified by WebACLId.
*
*
* @param getWebACLRequest
* @return Result of the GetWebACL operation returned by the service.
* @throws WAFInternalErrorException
* The operation failed because of a system problem, even though the request was valid. Retry your request.
* @throws WAFInvalidAccountException
* The operation failed because you tried to create, update, or delete an object by using an invalid account
* identifier.
* @throws WAFNonexistentItemException
* The operation failed because the referenced object doesn't exist.
* @sample AWSWAFRegional.GetWebACL
* @see AWS API
* Documentation
*/
GetWebACLResult getWebACL(GetWebACLRequest getWebACLRequest);
/**
*
* Returns the web ACL for the specified resource.
*
*
* @param getWebACLForResourceRequest
* @return Result of the GetWebACLForResource operation returned by the service.
* @throws WAFInternalErrorException
* The operation failed because of a system problem, even though the request was valid. Retry your request.
* @throws WAFInvalidAccountException
* The operation failed because you tried to create, update, or delete an object by using an invalid account
* identifier.
* @throws WAFNonexistentItemException
* The operation failed because the referenced object doesn't exist.
* @throws WAFInvalidParameterException
* The operation failed because AWS WAF didn't recognize a parameter in the request. For example:
*
* -
*
* You specified an invalid parameter name.
*
*
* -
*
* You specified an invalid value.
*
*
* -
*
* You tried to update an object (ByteMatchSet, IPSet, Rule, or
* WebACL) using an action other than INSERT or DELETE.
*
*
* -
*
* You tried to create a WebACL with a DefaultAction Type other than
* ALLOW, BLOCK, or COUNT.
*
*
* -
*
* You tried to update a WebACL with a WafAction Type other than
* ALLOW, BLOCK, or COUNT.
*
*
* -
*
* You tried to update a ByteMatchSet with a FieldToMatch Type other
* than HEADER, QUERY_STRING, or URI.
*
*
* -
*
* You tried to update a ByteMatchSet with a Field of HEADER but no
* value for Data.
*
*
* -
*
* Your request references an ARN that is malformed, or corresponds to a resource with which a web ACL
* cannot be associated.
*
*
* @throws WAFUnavailableEntityException
* The operation failed because the entity referenced is temporarily unavailable. Retry your request.
* @sample AWSWAFRegional.GetWebACLForResource
* @see AWS API Documentation
*/
GetWebACLForResourceResult getWebACLForResource(GetWebACLForResourceRequest getWebACLForResourceRequest);
/**
*
* Returns the XssMatchSet that is specified by XssMatchSetId.
*
*
* @param getXssMatchSetRequest
* A request to get an XssMatchSet.
* @return Result of the GetXssMatchSet operation returned by the service.
* @throws WAFInternalErrorException
* The operation failed because of a system problem, even though the request was valid. Retry your request.
* @throws WAFInvalidAccountException
* The operation failed because you tried to create, update, or delete an object by using an invalid account
* identifier.
* @throws WAFNonexistentItemException
* The operation failed because the referenced object doesn't exist.
* @sample AWSWAFRegional.GetXssMatchSet
* @see AWS
* API Documentation
*/
GetXssMatchSetResult getXssMatchSet(GetXssMatchSetRequest getXssMatchSetRequest);
/**
*
* Returns an array of ByteMatchSetSummary objects.
*
*
* @param listByteMatchSetsRequest
* @return Result of the ListByteMatchSets operation returned by the service.
* @throws WAFInternalErrorException
* The operation failed because of a system problem, even though the request was valid. Retry your request.
* @throws WAFInvalidAccountException
* The operation failed because you tried to create, update, or delete an object by using an invalid account
* identifier.
* @sample AWSWAFRegional.ListByteMatchSets
* @see AWS
* API Documentation
*/
ListByteMatchSetsResult listByteMatchSets(ListByteMatchSetsRequest listByteMatchSetsRequest);
/**
*
* Returns an array of IPSetSummary objects in the response.
*
*
* @param listIPSetsRequest
* @return Result of the ListIPSets operation returned by the service.
* @throws WAFInternalErrorException
* The operation failed because of a system problem, even though the request was valid. Retry your request.
* @throws WAFInvalidAccountException
* The operation failed because you tried to create, update, or delete an object by using an invalid account
* identifier.
* @sample AWSWAFRegional.ListIPSets
* @see AWS API
* Documentation
*/
ListIPSetsResult listIPSets(ListIPSetsRequest listIPSetsRequest);
/**
*
* Returns an array of resources associated with the specified web ACL.
*
*
* @param listResourcesForWebACLRequest
* @return Result of the ListResourcesForWebACL operation returned by the service.
* @throws WAFInternalErrorException
* The operation failed because of a system problem, even though the request was valid. Retry your request.
* @throws WAFInvalidAccountException
* The operation failed because you tried to create, update, or delete an object by using an invalid account
* identifier.
* @throws WAFNonexistentItemException
* The operation failed because the referenced object doesn't exist.
* @sample AWSWAFRegional.ListResourcesForWebACL
* @see AWS API Documentation
*/
ListResourcesForWebACLResult listResourcesForWebACL(ListResourcesForWebACLRequest listResourcesForWebACLRequest);
/**
*
* Returns an array of RuleSummary objects.
*
*
* @param listRulesRequest
* @return Result of the ListRules operation returned by the service.
* @throws WAFInternalErrorException
* The operation failed because of a system problem, even though the request was valid. Retry your request.
* @throws WAFInvalidAccountException
* The operation failed because you tried to create, update, or delete an object by using an invalid account
* identifier.
* @sample AWSWAFRegional.ListRules
* @see AWS API
* Documentation
*/
ListRulesResult listRules(ListRulesRequest listRulesRequest);
/**
*
* Returns an array of SizeConstraintSetSummary objects.
*
*
* @param listSizeConstraintSetsRequest
* @return Result of the ListSizeConstraintSets operation returned by the service.
* @throws WAFInternalErrorException
* The operation failed because of a system problem, even though the request was valid. Retry your request.
* @throws WAFInvalidAccountException
* The operation failed because you tried to create, update, or delete an object by using an invalid account
* identifier.
* @sample AWSWAFRegional.ListSizeConstraintSets
* @see AWS API Documentation
*/
ListSizeConstraintSetsResult listSizeConstraintSets(ListSizeConstraintSetsRequest listSizeConstraintSetsRequest);
/**
*
* Returns an array of SqlInjectionMatchSet objects.
*
*
* @param listSqlInjectionMatchSetsRequest
* A request to list the SqlInjectionMatchSet objects created by the current AWS account.
* @return Result of the ListSqlInjectionMatchSets operation returned by the service.
* @throws WAFInternalErrorException
* The operation failed because of a system problem, even though the request was valid. Retry your request.
* @throws WAFInvalidAccountException
* The operation failed because you tried to create, update, or delete an object by using an invalid account
* identifier.
* @sample AWSWAFRegional.ListSqlInjectionMatchSets
* @see AWS API Documentation
*/
ListSqlInjectionMatchSetsResult listSqlInjectionMatchSets(ListSqlInjectionMatchSetsRequest listSqlInjectionMatchSetsRequest);
/**
*
* Returns an array of WebACLSummary objects in the response.
*
*
* @param listWebACLsRequest
* @return Result of the ListWebACLs operation returned by the service.
* @throws WAFInternalErrorException
* The operation failed because of a system problem, even though the request was valid. Retry your request.
* @throws WAFInvalidAccountException
* The operation failed because you tried to create, update, or delete an object by using an invalid account
* identifier.
* @sample AWSWAFRegional.ListWebACLs
* @see AWS API
* Documentation
*/
ListWebACLsResult listWebACLs(ListWebACLsRequest listWebACLsRequest);
/**
*
* Returns an array of XssMatchSet objects.
*
*
* @param listXssMatchSetsRequest
* A request to list the XssMatchSet objects created by the current AWS account.
* @return Result of the ListXssMatchSets operation returned by the service.
* @throws WAFInternalErrorException
* The operation failed because of a system problem, even though the request was valid. Retry your request.
* @throws WAFInvalidAccountException
* The operation failed because you tried to create, update, or delete an object by using an invalid account
* identifier.
* @sample AWSWAFRegional.ListXssMatchSets
* @see AWS
* API Documentation
*/
ListXssMatchSetsResult listXssMatchSets(ListXssMatchSetsRequest listXssMatchSetsRequest);
/**
*
* Inserts or deletes ByteMatchTuple objects (filters) in a ByteMatchSet. For each
* ByteMatchTuple object, you specify the following values:
*
*
* -
*
* Whether to insert or delete the object from the array. If you want to change a ByteMatchSetUpdate
* object, you delete the existing object and add a new one.
*
*
* -
*
* The part of a web request that you want AWS WAF to inspect, such as a query string or the value of the
* User-Agent header.
*
*
* -
*
* The bytes (typically a string that corresponds with ASCII characters) that you want AWS WAF to look for. For more
* information, including how you specify the values for the AWS WAF API and the AWS CLI or SDKs, see
* TargetString in the ByteMatchTuple data type.
*
*
* -
*
* Where to look, such as at the beginning or the end of a query string.
*
*
* -
*
* Whether to perform any conversions on the request, such as converting it to lowercase, before inspecting it for
* the specified string.
*
*
*
*
* For example, you can add a ByteMatchSetUpdate object that matches web requests in which
* User-Agent headers contain the string BadBot. You can then configure AWS WAF to block
* those requests.
*
*
* To create and configure a ByteMatchSet, perform the following steps:
*
*
* -
*
* Create a ByteMatchSet. For more information, see CreateByteMatchSet.
*
*
* -
*
* Use GetChangeToken to get the change token that you provide in the ChangeToken parameter of
* an UpdateByteMatchSet request.
*
*
* -
*
* Submit an UpdateByteMatchSet request to specify the part of the request that you want AWS WAF to
* inspect (for example, the header or the URI) and the value that you want AWS WAF to watch for.
*
*
*
*
* For more information about how to use the AWS WAF API to allow or block HTTP requests, see the AWS WAF Developer Guide.
*
*
* @param updateByteMatchSetRequest
* @return Result of the UpdateByteMatchSet operation returned by the service.
* @throws WAFInternalErrorException
* The operation failed because of a system problem, even though the request was valid. Retry your request.
* @throws WAFInvalidAccountException
* The operation failed because you tried to create, update, or delete an object by using an invalid account
* identifier.
* @throws WAFInvalidOperationException
* The operation failed because there was nothing to do. For example:
*
* -
*
* You tried to remove a Rule from a WebACL, but the Rule isn't in
* the specified WebACL.
*
*
* -
*
* You tried to remove an IP address from an IPSet, but the IP address isn't in the specified
* IPSet.
*
*
* -
*
* You tried to remove a ByteMatchTuple from a ByteMatchSet, but the
* ByteMatchTuple isn't in the specified WebACL.
*
*
* -
*
* You tried to add a Rule to a WebACL, but the Rule already exists
* in the specified WebACL.
*
*
* -
*
* You tried to add an IP address to an IPSet, but the IP address already exists in the
* specified IPSet.
*
*
* -
*
* You tried to add a ByteMatchTuple to a ByteMatchSet, but the
* ByteMatchTuple already exists in the specified WebACL.
*
*
* @throws WAFInvalidParameterException
* The operation failed because AWS WAF didn't recognize a parameter in the request. For example:
*
* -
*
* You specified an invalid parameter name.
*
*
* -
*
* You specified an invalid value.
*
*
* -
*
* You tried to update an object (ByteMatchSet, IPSet, Rule, or
* WebACL) using an action other than INSERT or DELETE.
*
*
* -
*
* You tried to create a WebACL with a DefaultAction Type other than
* ALLOW, BLOCK, or COUNT.
*
*
* -
*
* You tried to update a WebACL with a WafAction Type other than
* ALLOW, BLOCK, or COUNT.
*
*
* -
*
* You tried to update a ByteMatchSet with a FieldToMatch Type other
* than HEADER, QUERY_STRING, or URI.
*
*
* -
*
* You tried to update a ByteMatchSet with a Field of HEADER but no
* value for Data.
*
*
* -
*
* Your request references an ARN that is malformed, or corresponds to a resource with which a web ACL
* cannot be associated.
*
*
* @throws WAFNonexistentContainerException
* The operation failed because you tried to add an object to or delete an object from another object that
* doesn't exist. For example:
*
* -
*
* You tried to add a Rule to or delete a Rule from a WebACL that
* doesn't exist.
*
*
* -
*
* You tried to add a ByteMatchSet to or delete a ByteMatchSet from a
* Rule that doesn't exist.
*
*
* -
*
* You tried to add an IP address to or delete an IP address from an IPSet that doesn't exist.
*
*
* -
*
* You tried to add a ByteMatchTuple to or delete a ByteMatchTuple from a
* ByteMatchSet that doesn't exist.
*
*
* @throws WAFNonexistentItemException
* The operation failed because the referenced object doesn't exist.
* @throws WAFStaleDataException
* The operation failed because you tried to create, update, or delete an object by using a change token
* that has already been used.
* @throws WAFLimitsExceededException
* The operation exceeds a resource limit, for example, the maximum number of WebACL objects
* that you can create for an AWS account. For more information, see Limits in the AWS WAF
* Developer Guide.
* @sample AWSWAFRegional.UpdateByteMatchSet
* @see AWS API Documentation
*/
UpdateByteMatchSetResult updateByteMatchSet(UpdateByteMatchSetRequest updateByteMatchSetRequest);
/**
*
* Inserts or deletes IPSetDescriptor objects in an IPSet. For each IPSetDescriptor
* object, you specify the following values:
*
*
* -
*
* Whether to insert or delete the object from the array. If you want to change an IPSetDescriptor
* object, you delete the existing object and add a new one.
*
*
* -
*
* The IP address version, IPv4 or IPv6.
*
*
* -
*
* The IP address in CIDR notation, for example, 192.0.2.0/24 (for the range of IP addresses from
* 192.0.2.0 to 192.0.2.255) or 192.0.2.44/32 (for the individual IP address
* 192.0.2.44).
*
*
*
*
* AWS WAF supports /8, /16, /24, and /32 IP address ranges for IPv4, and /24, /32, /48, /56, /64 and /128 for IPv6.
* For more information about CIDR notation, see the Wikipedia entry Classless Inter-Domain Routing.
*
*
* IPv6 addresses can be represented using any of the following formats:
*
*
* -
*
* 1111:0000:0000:0000:0000:0000:0000:0111/128
*
*
* -
*
* 1111:0:0:0:0:0:0:0111/128
*
*
* -
*
* 1111::0111/128
*
*
* -
*
* 1111::111/128
*
*
*
*
* You use an IPSet to specify which web requests you want to allow or block based on the IP addresses
* that the requests originated from. For example, if you're receiving a lot of requests from one or a small number
* of IP addresses and you want to block the requests, you can create an IPSet that specifies those IP
* addresses, and then configure AWS WAF to block the requests.
*
*
* To create and configure an IPSet, perform the following steps:
*
*
* -
*
* Submit a CreateIPSet request.
*
*
* -
*
* Use GetChangeToken to get the change token that you provide in the ChangeToken parameter of
* an UpdateIPSet request.
*
*
* -
*
* Submit an UpdateIPSet request to specify the IP addresses that you want AWS WAF to watch for.
*
*
*
*
* When you update an IPSet, you specify the IP addresses that you want to add and/or the IP addresses
* that you want to delete. If you want to change an IP address, you delete the existing IP address and add the new
* one.
*
*
* For more information about how to use the AWS WAF API to allow or block HTTP requests, see the AWS WAF Developer Guide.
*
*
* @param updateIPSetRequest
* @return Result of the UpdateIPSet operation returned by the service.
* @throws WAFStaleDataException
* The operation failed because you tried to create, update, or delete an object by using a change token
* that has already been used.
* @throws WAFInternalErrorException
* The operation failed because of a system problem, even though the request was valid. Retry your request.
* @throws WAFInvalidAccountException
* The operation failed because you tried to create, update, or delete an object by using an invalid account
* identifier.
* @throws WAFInvalidOperationException
* The operation failed because there was nothing to do. For example:
*
* -
*
* You tried to remove a Rule from a WebACL, but the Rule isn't in
* the specified WebACL.
*
*
* -
*
* You tried to remove an IP address from an IPSet, but the IP address isn't in the specified
* IPSet.
*
*
* -
*
* You tried to remove a ByteMatchTuple from a ByteMatchSet, but the
* ByteMatchTuple isn't in the specified WebACL.
*
*
* -
*
* You tried to add a Rule to a WebACL, but the Rule already exists
* in the specified WebACL.
*
*
* -
*
* You tried to add an IP address to an IPSet, but the IP address already exists in the
* specified IPSet.
*
*
* -
*
* You tried to add a ByteMatchTuple to a ByteMatchSet, but the
* ByteMatchTuple already exists in the specified WebACL.
*
*
* @throws WAFInvalidParameterException
* The operation failed because AWS WAF didn't recognize a parameter in the request. For example:
*
* -
*
* You specified an invalid parameter name.
*
*
* -
*
* You specified an invalid value.
*
*
* -
*
* You tried to update an object (ByteMatchSet, IPSet, Rule, or
* WebACL) using an action other than INSERT or DELETE.
*
*
* -
*
* You tried to create a WebACL with a DefaultAction Type other than
* ALLOW, BLOCK, or COUNT.
*
*
* -
*
* You tried to update a WebACL with a WafAction Type other than
* ALLOW, BLOCK, or COUNT.
*
*
* -
*
* You tried to update a ByteMatchSet with a FieldToMatch Type other
* than HEADER, QUERY_STRING, or URI.
*
*
* -
*
* You tried to update a ByteMatchSet with a Field of HEADER but no
* value for Data.
*
*
* -
*
* Your request references an ARN that is malformed, or corresponds to a resource with which a web ACL
* cannot be associated.
*
*
* @throws WAFNonexistentContainerException
* The operation failed because you tried to add an object to or delete an object from another object that
* doesn't exist. For example:
*
* -
*
* You tried to add a Rule to or delete a Rule from a WebACL that
* doesn't exist.
*
*
* -
*
* You tried to add a ByteMatchSet to or delete a ByteMatchSet from a
* Rule that doesn't exist.
*
*
* -
*
* You tried to add an IP address to or delete an IP address from an IPSet that doesn't exist.
*
*
* -
*
* You tried to add a ByteMatchTuple to or delete a ByteMatchTuple from a
* ByteMatchSet that doesn't exist.
*
*
* @throws WAFNonexistentItemException
* The operation failed because the referenced object doesn't exist.
* @throws WAFReferencedItemException
* The operation failed because you tried to delete an object that is still in use. For example:
*
* -
*
* You tried to delete a ByteMatchSet that is still referenced by a Rule.
*
*
* -
*
* You tried to delete a Rule that is still referenced by a WebACL.
*
*
* @throws WAFLimitsExceededException
* The operation exceeds a resource limit, for example, the maximum number of WebACL objects
* that you can create for an AWS account. For more information, see Limits in the AWS WAF
* Developer Guide.
* @sample AWSWAFRegional.UpdateIPSet
* @see AWS API
* Documentation
*/
UpdateIPSetResult updateIPSet(UpdateIPSetRequest updateIPSetRequest);
/**
*
* Inserts or deletes Predicate objects in a Rule. Each Predicate object identifies
* a predicate, such as a ByteMatchSet or an IPSet, that specifies the web requests that you want to
* allow, block, or count. If you add more than one predicate to a Rule, a request must match all of
* the specifications to be allowed, blocked, or counted. For example, suppose you add the following to a
* Rule:
*
*
* -
*
* A ByteMatchSet that matches the value BadBot in the User-Agent header
*
*
* -
*
* An IPSet that matches the IP address 192.0.2.44
*
*
*
*
* You then add the Rule to a WebACL and specify that you want to block requests that
* satisfy the Rule. For a request to be blocked, the User-Agent header in the request
* must contain the value BadBot and the request must originate from the IP address 192.0.2.44.
*
*
* To create and configure a Rule, perform the following steps:
*
*
* -
*
* Create and update the predicates that you want to include in the Rule.
*
*
* -
*
* Create the Rule. See CreateRule.
*
*
* -
*
* Use GetChangeToken to get the change token that you provide in the ChangeToken
* parameter of an UpdateRule request.
*
*
* -
*
* Submit an UpdateRule request to add predicates to the Rule.
*
*
* -
*
* Create and update a WebACL that contains the Rule. See CreateWebACL.
*
*
*
*
* If you want to replace one ByteMatchSet or IPSet with another, you delete the existing
* one and add the new one.
*
*
* For more information about how to use the AWS WAF API to allow or block HTTP requests, see the AWS WAF Developer Guide.
*
*
* @param updateRuleRequest
* @return Result of the UpdateRule operation returned by the service.
* @throws WAFStaleDataException
* The operation failed because you tried to create, update, or delete an object by using a change token
* that has already been used.
* @throws WAFInternalErrorException
* The operation failed because of a system problem, even though the request was valid. Retry your request.
* @throws WAFInvalidAccountException
* The operation failed because you tried to create, update, or delete an object by using an invalid account
* identifier.
* @throws WAFInvalidOperationException
* The operation failed because there was nothing to do. For example:
*
* -
*
* You tried to remove a Rule from a WebACL, but the Rule isn't in
* the specified WebACL.
*
*
* -
*
* You tried to remove an IP address from an IPSet, but the IP address isn't in the specified
* IPSet.
*
*
* -
*
* You tried to remove a ByteMatchTuple from a ByteMatchSet, but the
* ByteMatchTuple isn't in the specified WebACL.
*
*
* -
*
* You tried to add a Rule to a WebACL, but the Rule already exists
* in the specified WebACL.
*
*
* -
*
* You tried to add an IP address to an IPSet, but the IP address already exists in the
* specified IPSet.
*
*
* -
*
* You tried to add a ByteMatchTuple to a ByteMatchSet, but the
* ByteMatchTuple already exists in the specified WebACL.
*
*
* @throws WAFInvalidParameterException
* The operation failed because AWS WAF didn't recognize a parameter in the request. For example:
*
* -
*
* You specified an invalid parameter name.
*
*
* -
*
* You specified an invalid value.
*
*
* -
*
* You tried to update an object (ByteMatchSet, IPSet, Rule, or
* WebACL) using an action other than INSERT or DELETE.
*
*
* -
*
* You tried to create a WebACL with a DefaultAction Type other than
* ALLOW, BLOCK, or COUNT.
*
*
* -
*
* You tried to update a WebACL with a WafAction Type other than
* ALLOW, BLOCK, or COUNT.
*
*
* -
*
* You tried to update a ByteMatchSet with a FieldToMatch Type other
* than HEADER, QUERY_STRING, or URI.
*
*
* -
*
* You tried to update a ByteMatchSet with a Field of HEADER but no
* value for Data.
*
*
* -
*
* Your request references an ARN that is malformed, or corresponds to a resource with which a web ACL
* cannot be associated.
*
*
* @throws WAFNonexistentContainerException
* The operation failed because you tried to add an object to or delete an object from another object that
* doesn't exist. For example:
*
* -
*
* You tried to add a Rule to or delete a Rule from a WebACL that
* doesn't exist.
*
*
* -
*
* You tried to add a ByteMatchSet to or delete a ByteMatchSet from a
* Rule that doesn't exist.
*
*
* -
*
* You tried to add an IP address to or delete an IP address from an IPSet that doesn't exist.
*
*
* -
*
* You tried to add a ByteMatchTuple to or delete a ByteMatchTuple from a
* ByteMatchSet that doesn't exist.
*
*
* @throws WAFNonexistentItemException
* The operation failed because the referenced object doesn't exist.
* @throws WAFReferencedItemException
* The operation failed because you tried to delete an object that is still in use. For example:
*
* -
*
* You tried to delete a ByteMatchSet that is still referenced by a Rule.
*
*
* -
*
* You tried to delete a Rule that is still referenced by a WebACL.
*
*
* @throws WAFLimitsExceededException
* The operation exceeds a resource limit, for example, the maximum number of WebACL objects
* that you can create for an AWS account. For more information, see Limits in the AWS WAF
* Developer Guide.
* @sample AWSWAFRegional.UpdateRule
* @see AWS API
* Documentation
*/
UpdateRuleResult updateRule(UpdateRuleRequest updateRuleRequest);
/**
*
* Inserts or deletes SizeConstraint objects (filters) in a SizeConstraintSet. For each
* SizeConstraint object, you specify the following values:
*
*
* -
*
* Whether to insert or delete the object from the array. If you want to change a
* SizeConstraintSetUpdate object, you delete the existing object and add a new one.
*
*
* -
*
* The part of a web request that you want AWS WAF to evaluate, such as the length of a query string or the length
* of the User-Agent header.
*
*
* -
*
* Whether to perform any transformations on the request, such as converting it to lowercase, before checking its
* length. Note that transformations of the request body are not supported because the AWS resource forwards only
* the first 8192 bytes of your request to AWS WAF.
*
*
* -
*
* A ComparisonOperator used for evaluating the selected part of the request against the specified
* Size, such as equals, greater than, less than, and so on.
*
*
* -
*
* The length, in bytes, that you want AWS WAF to watch for in selected part of the request. The length is computed
* after applying the transformation.
*
*
*
*
* For example, you can add a SizeConstraintSetUpdate object that matches web requests in which the
* length of the User-Agent header is greater than 100 bytes. You can then configure AWS WAF to block
* those requests.
*
*
* To create and configure a SizeConstraintSet, perform the following steps:
*
*
* -
*
* Create a SizeConstraintSet. For more information, see CreateSizeConstraintSet.
*
*
* -
*
* Use GetChangeToken to get the change token that you provide in the ChangeToken parameter of
* an UpdateSizeConstraintSet request.
*
*
* -
*
* Submit an UpdateSizeConstraintSet request to specify the part of the request that you want AWS WAF
* to inspect (for example, the header or the URI) and the value that you want AWS WAF to watch for.
*
*
*
*
* For more information about how to use the AWS WAF API to allow or block HTTP requests, see the AWS WAF Developer Guide.
*
*
* @param updateSizeConstraintSetRequest
* @return Result of the UpdateSizeConstraintSet operation returned by the service.
* @throws WAFStaleDataException
* The operation failed because you tried to create, update, or delete an object by using a change token
* that has already been used.
* @throws WAFInternalErrorException
* The operation failed because of a system problem, even though the request was valid. Retry your request.
* @throws WAFInvalidAccountException
* The operation failed because you tried to create, update, or delete an object by using an invalid account
* identifier.
* @throws WAFInvalidOperationException
* The operation failed because there was nothing to do. For example:
*
* -
*
* You tried to remove a Rule from a WebACL, but the Rule isn't in
* the specified WebACL.
*
*
* -
*
* You tried to remove an IP address from an IPSet, but the IP address isn't in the specified
* IPSet.
*
*
* -
*
* You tried to remove a ByteMatchTuple from a ByteMatchSet, but the
* ByteMatchTuple isn't in the specified WebACL.
*
*
* -
*
* You tried to add a Rule to a WebACL, but the Rule already exists
* in the specified WebACL.
*
*
* -
*
* You tried to add an IP address to an IPSet, but the IP address already exists in the
* specified IPSet.
*
*
* -
*
* You tried to add a ByteMatchTuple to a ByteMatchSet, but the
* ByteMatchTuple already exists in the specified WebACL.
*
*
* @throws WAFInvalidParameterException
* The operation failed because AWS WAF didn't recognize a parameter in the request. For example:
*
* -
*
* You specified an invalid parameter name.
*
*
* -
*
* You specified an invalid value.
*
*
* -
*
* You tried to update an object (ByteMatchSet, IPSet, Rule, or
* WebACL) using an action other than INSERT or DELETE.
*
*
* -
*
* You tried to create a WebACL with a DefaultAction Type other than
* ALLOW, BLOCK, or COUNT.
*
*
* -
*
* You tried to update a WebACL with a WafAction Type other than
* ALLOW, BLOCK, or COUNT.
*
*
* -
*
* You tried to update a ByteMatchSet with a FieldToMatch Type other
* than HEADER, QUERY_STRING, or URI.
*
*
* -
*
* You tried to update a ByteMatchSet with a Field of HEADER but no
* value for Data.
*
*
* -
*
* Your request references an ARN that is malformed, or corresponds to a resource with which a web ACL
* cannot be associated.
*
*
* @throws WAFNonexistentContainerException
* The operation failed because you tried to add an object to or delete an object from another object that
* doesn't exist. For example:
*
* -
*
* You tried to add a Rule to or delete a Rule from a WebACL that
* doesn't exist.
*
*
* -
*
* You tried to add a ByteMatchSet to or delete a ByteMatchSet from a
* Rule that doesn't exist.
*
*
* -
*
* You tried to add an IP address to or delete an IP address from an IPSet that doesn't exist.
*
*
* -
*
* You tried to add a ByteMatchTuple to or delete a ByteMatchTuple from a
* ByteMatchSet that doesn't exist.
*
*
* @throws WAFNonexistentItemException
* The operation failed because the referenced object doesn't exist.
* @throws WAFReferencedItemException
* The operation failed because you tried to delete an object that is still in use. For example:
*
* -
*
* You tried to delete a ByteMatchSet that is still referenced by a Rule.
*
*
* -
*
* You tried to delete a Rule that is still referenced by a WebACL.
*
*
* @throws WAFLimitsExceededException
* The operation exceeds a resource limit, for example, the maximum number of WebACL objects
* that you can create for an AWS account. For more information, see Limits in the AWS WAF
* Developer Guide.
* @sample AWSWAFRegional.UpdateSizeConstraintSet
* @see AWS API Documentation
*/
UpdateSizeConstraintSetResult updateSizeConstraintSet(UpdateSizeConstraintSetRequest updateSizeConstraintSetRequest);
/**
*
* Inserts or deletes SqlInjectionMatchTuple objects (filters) in a SqlInjectionMatchSet. For each
* SqlInjectionMatchTuple object, you specify the following values:
*
*
* -
*
* Action: Whether to insert the object into or delete the object from the array. To change a
* SqlInjectionMatchTuple, you delete the existing object and add a new one.
*
*
* -
*
* FieldToMatch: The part of web requests that you want AWS WAF to inspect and, if you want AWS WAF to
* inspect a header, the name of the header.
*
*
* -
*
* TextTransformation: Which text transformation, if any, to perform on the web request before
* inspecting the request for snippets of malicious SQL code.
*
*
*
*
* You use SqlInjectionMatchSet objects to specify which CloudFront requests you want to allow, block,
* or count. For example, if you're receiving requests that contain snippets of SQL code in the query string and you
* want to block the requests, you can create a SqlInjectionMatchSet with the applicable settings, and
* then configure AWS WAF to block the requests.
*
*
* To create and configure a SqlInjectionMatchSet, perform the following steps:
*
*
* -
*
* Submit a CreateSqlInjectionMatchSet request.
*
*
* -
*
* Use GetChangeToken to get the change token that you provide in the ChangeToken parameter of
* an UpdateIPSet request.
*
*
* -
*
* Submit an UpdateSqlInjectionMatchSet request to specify the parts of web requests that you want AWS
* WAF to inspect for snippets of SQL code.
*
*
*
*
* For more information about how to use the AWS WAF API to allow or block HTTP requests, see the AWS WAF Developer Guide.
*
*
* @param updateSqlInjectionMatchSetRequest
* A request to update a SqlInjectionMatchSet.
* @return Result of the UpdateSqlInjectionMatchSet operation returned by the service.
* @throws WAFInternalErrorException
* The operation failed because of a system problem, even though the request was valid. Retry your request.
* @throws WAFInvalidAccountException
* The operation failed because you tried to create, update, or delete an object by using an invalid account
* identifier.
* @throws WAFInvalidOperationException
* The operation failed because there was nothing to do. For example:
*
* -
*
* You tried to remove a Rule from a WebACL, but the Rule isn't in
* the specified WebACL.
*
*
* -
*
* You tried to remove an IP address from an IPSet, but the IP address isn't in the specified
* IPSet.
*
*
* -
*
* You tried to remove a ByteMatchTuple from a ByteMatchSet, but the
* ByteMatchTuple isn't in the specified WebACL.
*
*
* -
*
* You tried to add a Rule to a WebACL, but the Rule already exists
* in the specified WebACL.
*
*
* -
*
* You tried to add an IP address to an IPSet, but the IP address already exists in the
* specified IPSet.
*
*
* -
*
* You tried to add a ByteMatchTuple to a ByteMatchSet, but the
* ByteMatchTuple already exists in the specified WebACL.
*
*
* @throws WAFInvalidParameterException
* The operation failed because AWS WAF didn't recognize a parameter in the request. For example:
*
* -
*
* You specified an invalid parameter name.
*
*
* -
*
* You specified an invalid value.
*
*
* -
*
* You tried to update an object (ByteMatchSet, IPSet, Rule, or
* WebACL) using an action other than INSERT or DELETE.
*
*
* -
*
* You tried to create a WebACL with a DefaultAction Type other than
* ALLOW, BLOCK, or COUNT.
*
*
* -
*
* You tried to update a WebACL with a WafAction Type other than
* ALLOW, BLOCK, or COUNT.
*
*
* -
*
* You tried to update a ByteMatchSet with a FieldToMatch Type other
* than HEADER, QUERY_STRING, or URI.
*
*
* -
*
* You tried to update a ByteMatchSet with a Field of HEADER but no
* value for Data.
*
*
* -
*
* Your request references an ARN that is malformed, or corresponds to a resource with which a web ACL
* cannot be associated.
*
*
* @throws WAFNonexistentContainerException
* The operation failed because you tried to add an object to or delete an object from another object that
* doesn't exist. For example:
*
* -
*
* You tried to add a Rule to or delete a Rule from a WebACL that
* doesn't exist.
*
*
* -
*
* You tried to add a ByteMatchSet to or delete a ByteMatchSet from a
* Rule that doesn't exist.
*
*
* -
*
* You tried to add an IP address to or delete an IP address from an IPSet that doesn't exist.
*
*
* -
*
* You tried to add a ByteMatchTuple to or delete a ByteMatchTuple from a
* ByteMatchSet that doesn't exist.
*
*
* @throws WAFNonexistentItemException
* The operation failed because the referenced object doesn't exist.
* @throws WAFStaleDataException
* The operation failed because you tried to create, update, or delete an object by using a change token
* that has already been used.
* @throws WAFLimitsExceededException
* The operation exceeds a resource limit, for example, the maximum number of WebACL objects
* that you can create for an AWS account. For more information, see Limits in the AWS WAF
* Developer Guide.
* @sample AWSWAFRegional.UpdateSqlInjectionMatchSet
* @see AWS API Documentation
*/
UpdateSqlInjectionMatchSetResult updateSqlInjectionMatchSet(UpdateSqlInjectionMatchSetRequest updateSqlInjectionMatchSetRequest);
/**
*
* Inserts or deletes ActivatedRule objects in a WebACL. Each Rule identifies web
* requests that you want to allow, block, or count. When you update a WebACL, you specify the
* following values:
*
*
* -
*
* A default action for the WebACL, either ALLOW or BLOCK. AWS WAF performs
* the default action if a request doesn't match the criteria in any of the Rules in a
* WebACL.
*
*
* -
*
* The Rules that you want to add and/or delete. If you want to replace one Rule with
* another, you delete the existing Rule and add the new one.
*
*
* -
*
* For each Rule, whether you want AWS WAF to allow requests, block requests, or count requests that
* match the conditions in the Rule.
*
*
* -
*
* The order in which you want AWS WAF to evaluate the Rules in a WebACL. If you add more
* than one Rule to a WebACL, AWS WAF evaluates each request against the
* Rules in order based on the value of Priority. (The Rule that has the
* lowest value for Priority is evaluated first.) When a web request matches all of the predicates
* (such as ByteMatchSets and IPSets) in a Rule, AWS WAF immediately takes
* the corresponding action, allow or block, and doesn't evaluate the request against the remaining
* Rules in the WebACL, if any.
*
*
* -
*
* The CloudFront distribution that you want to associate with the WebACL.
*
*
*
*
* To create and configure a WebACL, perform the following steps:
*
*
* -
*
* Create and update the predicates that you want to include in Rules. For more information, see
* CreateByteMatchSet, UpdateByteMatchSet, CreateIPSet, UpdateIPSet,
* CreateSqlInjectionMatchSet, and UpdateSqlInjectionMatchSet.
*
*
* -
*
* Create and update the Rules that you want to include in the WebACL. For more
* information, see CreateRule and UpdateRule.
*
*
* -
*
* Create a WebACL. See CreateWebACL.
*
*
* -
*
* Use GetChangeToken to get the change token that you provide in the ChangeToken
* parameter of an UpdateWebACL request.
*
*
* -
*
* Submit an UpdateWebACL request to specify the Rules that you want to include in the
* WebACL, to specify the default action, and to associate the WebACL with a CloudFront
* distribution.
*
*
*
*
* For more information about how to use the AWS WAF API to allow or block HTTP requests, see the AWS WAF Developer Guide.
*
*
* @param updateWebACLRequest
* @return Result of the UpdateWebACL operation returned by the service.
* @throws WAFStaleDataException
* The operation failed because you tried to create, update, or delete an object by using a change token
* that has already been used.
* @throws WAFInternalErrorException
* The operation failed because of a system problem, even though the request was valid. Retry your request.
* @throws WAFInvalidAccountException
* The operation failed because you tried to create, update, or delete an object by using an invalid account
* identifier.
* @throws WAFInvalidOperationException
* The operation failed because there was nothing to do. For example:
*
* -
*
* You tried to remove a Rule from a WebACL, but the Rule isn't in
* the specified WebACL.
*
*
* -
*
* You tried to remove an IP address from an IPSet, but the IP address isn't in the specified
* IPSet.
*
*
* -
*
* You tried to remove a ByteMatchTuple from a ByteMatchSet, but the
* ByteMatchTuple isn't in the specified WebACL.
*
*
* -
*
* You tried to add a Rule to a WebACL, but the Rule already exists
* in the specified WebACL.
*
*
* -
*
* You tried to add an IP address to an IPSet, but the IP address already exists in the
* specified IPSet.
*
*
* -
*
* You tried to add a ByteMatchTuple to a ByteMatchSet, but the
* ByteMatchTuple already exists in the specified WebACL.
*
*
* @throws WAFInvalidParameterException
* The operation failed because AWS WAF didn't recognize a parameter in the request. For example:
*
* -
*
* You specified an invalid parameter name.
*
*
* -
*
* You specified an invalid value.
*
*
* -
*
* You tried to update an object (ByteMatchSet, IPSet, Rule, or
* WebACL) using an action other than INSERT or DELETE.
*
*
* -
*
* You tried to create a WebACL with a DefaultAction Type other than
* ALLOW, BLOCK, or COUNT.
*
*
* -
*
* You tried to update a WebACL with a WafAction Type other than
* ALLOW, BLOCK, or COUNT.
*
*
* -
*
* You tried to update a ByteMatchSet with a FieldToMatch Type other
* than HEADER, QUERY_STRING, or URI.
*
*
* -
*
* You tried to update a ByteMatchSet with a Field of HEADER but no
* value for Data.
*
*
* -
*
* Your request references an ARN that is malformed, or corresponds to a resource with which a web ACL
* cannot be associated.
*
*
* @throws WAFNonexistentContainerException
* The operation failed because you tried to add an object to or delete an object from another object that
* doesn't exist. For example:
*
* -
*
* You tried to add a Rule to or delete a Rule from a WebACL that
* doesn't exist.
*
*
* -
*
* You tried to add a ByteMatchSet to or delete a ByteMatchSet from a
* Rule that doesn't exist.
*
*
* -
*
* You tried to add an IP address to or delete an IP address from an IPSet that doesn't exist.
*
*
* -
*
* You tried to add a ByteMatchTuple to or delete a ByteMatchTuple from a
* ByteMatchSet that doesn't exist.
*
*
* @throws WAFNonexistentItemException
* The operation failed because the referenced object doesn't exist.
* @throws WAFReferencedItemException
* The operation failed because you tried to delete an object that is still in use. For example:
*
* -
*
* You tried to delete a ByteMatchSet that is still referenced by a Rule.
*
*
* -
*
* You tried to delete a Rule that is still referenced by a WebACL.
*
*
* @throws WAFLimitsExceededException
* The operation exceeds a resource limit, for example, the maximum number of WebACL objects
* that you can create for an AWS account. For more information, see Limits in the AWS WAF
* Developer Guide.
* @sample AWSWAFRegional.UpdateWebACL
* @see AWS API
* Documentation
*/
UpdateWebACLResult updateWebACL(UpdateWebACLRequest updateWebACLRequest);
/**
*
* Inserts or deletes XssMatchTuple objects (filters) in an XssMatchSet. For each
* XssMatchTuple object, you specify the following values:
*
*
* -
*
* Action: Whether to insert the object into or delete the object from the array. To change a
* XssMatchTuple, you delete the existing object and add a new one.
*
*
* -
*
* FieldToMatch: The part of web requests that you want AWS WAF to inspect and, if you want AWS WAF to
* inspect a header, the name of the header.
*
*
* -
*
* TextTransformation: Which text transformation, if any, to perform on the web request before
* inspecting the request for cross-site scripting attacks.
*
*
*
*
* You use XssMatchSet objects to specify which CloudFront requests you want to allow, block, or count.
* For example, if you're receiving requests that contain cross-site scripting attacks in the request body and you
* want to block the requests, you can create an XssMatchSet with the applicable settings, and then
* configure AWS WAF to block the requests.
*
*
* To create and configure an XssMatchSet, perform the following steps:
*
*
* -
*
* Submit a CreateXssMatchSet request.
*
*
* -
*
* Use GetChangeToken to get the change token that you provide in the ChangeToken parameter of
* an UpdateIPSet request.
*
*
* -
*
* Submit an UpdateXssMatchSet request to specify the parts of web requests that you want AWS WAF to
* inspect for cross-site scripting attacks.
*
*
*
*
* For more information about how to use the AWS WAF API to allow or block HTTP requests, see the AWS WAF Developer Guide.
*
*
* @param updateXssMatchSetRequest
* A request to update an XssMatchSet.
* @return Result of the UpdateXssMatchSet operation returned by the service.
* @throws WAFInternalErrorException
* The operation failed because of a system problem, even though the request was valid. Retry your request.
* @throws WAFInvalidAccountException
* The operation failed because you tried to create, update, or delete an object by using an invalid account
* identifier.
* @throws WAFInvalidOperationException
* The operation failed because there was nothing to do. For example:
*
* -
*
* You tried to remove a Rule from a WebACL, but the Rule isn't in
* the specified WebACL.
*
*
* -
*
* You tried to remove an IP address from an IPSet, but the IP address isn't in the specified
* IPSet.
*
*
* -
*
* You tried to remove a ByteMatchTuple from a ByteMatchSet, but the
* ByteMatchTuple isn't in the specified WebACL.
*
*
* -
*
* You tried to add a Rule to a WebACL, but the Rule already exists
* in the specified WebACL.
*
*
* -
*
* You tried to add an IP address to an IPSet, but the IP address already exists in the
* specified IPSet.
*
*
* -
*
* You tried to add a ByteMatchTuple to a ByteMatchSet, but the
* ByteMatchTuple already exists in the specified WebACL.
*
*
* @throws WAFInvalidParameterException
* The operation failed because AWS WAF didn't recognize a parameter in the request. For example:
*
* -
*
* You specified an invalid parameter name.
*
*
* -
*
* You specified an invalid value.
*
*
* -
*
* You tried to update an object (ByteMatchSet, IPSet, Rule, or
* WebACL) using an action other than INSERT or DELETE.
*
*
* -
*
* You tried to create a WebACL with a DefaultAction Type other than
* ALLOW, BLOCK, or COUNT.
*
*
* -
*
* You tried to update a WebACL with a WafAction Type other than
* ALLOW, BLOCK, or COUNT.
*
*
* -
*
* You tried to update a ByteMatchSet with a FieldToMatch Type other
* than HEADER, QUERY_STRING, or URI.
*
*
* -
*
* You tried to update a ByteMatchSet with a Field of HEADER but no
* value for Data.
*
*
* -
*
* Your request references an ARN that is malformed, or corresponds to a resource with which a web ACL
* cannot be associated.
*
*
* @throws WAFNonexistentContainerException
* The operation failed because you tried to add an object to or delete an object from another object that
* doesn't exist. For example:
*
* -
*
* You tried to add a Rule to or delete a Rule from a WebACL that
* doesn't exist.
*
*
* -
*
* You tried to add a ByteMatchSet to or delete a ByteMatchSet from a
* Rule that doesn't exist.
*
*
* -
*
* You tried to add an IP address to or delete an IP address from an IPSet that doesn't exist.
*
*
* -
*
* You tried to add a ByteMatchTuple to or delete a ByteMatchTuple from a
* ByteMatchSet that doesn't exist.
*
*
* @throws WAFNonexistentItemException
* The operation failed because the referenced object doesn't exist.
* @throws WAFStaleDataException
* The operation failed because you tried to create, update, or delete an object by using a change token
* that has already been used.
* @throws WAFLimitsExceededException
* The operation exceeds a resource limit, for example, the maximum number of WebACL objects
* that you can create for an AWS account. For more information, see Limits in the AWS WAF
* Developer Guide.
* @sample AWSWAFRegional.UpdateXssMatchSet
* @see AWS
* API Documentation
*/
UpdateXssMatchSetResult updateXssMatchSet(UpdateXssMatchSetRequest updateXssMatchSetRequest);
/**
* Shuts down this client object, releasing any resources that might be held open. This is an optional method, and
* callers are not expected to call it, but can if they want to explicitly release any open resources. Once a client
* has been shutdown, it should not be used to make any more requests.
*/
void shutdown();
/**
* Returns additional metadata for a previously executed successful request, typically used for debugging issues
* where a service isn't acting as expected. This data isn't considered part of the result data returned by an
* operation, so it's available through this separate, diagnostic interface.
*
* Response metadata is only cached for a limited period of time, so if you need to access this extra diagnostic
* information for an executed request, you should use this method to retrieve it as soon as possible after
* executing a request.
*
* @param request
* The originally executed request.
*
* @return The response metadata for the specified request, or null if none is available.
*/
ResponseMetadata getCachedResponseMetadata(AmazonWebServiceRequest request);
}