software.amazon.awssdk.services.wafv2.model.FieldToMatch Maven / Gradle / Ivy
/*
* Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the "License"). You may not use this file except in compliance with
* the License. A copy of the License is located at
*
* http://aws.amazon.com/apache2.0
*
* or in the "license" file accompanying this file. This file is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR
* CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions
* and limitations under the License.
*/
package software.amazon.awssdk.services.wafv2.model;
import java.io.Serializable;
import java.util.Arrays;
import java.util.Collections;
import java.util.List;
import java.util.Objects;
import java.util.Optional;
import java.util.function.BiConsumer;
import java.util.function.Consumer;
import java.util.function.Function;
import software.amazon.awssdk.annotations.Generated;
import software.amazon.awssdk.core.SdkField;
import software.amazon.awssdk.core.SdkPojo;
import software.amazon.awssdk.core.protocol.MarshallLocation;
import software.amazon.awssdk.core.protocol.MarshallingType;
import software.amazon.awssdk.core.traits.LocationTrait;
import software.amazon.awssdk.utils.ToString;
import software.amazon.awssdk.utils.builder.CopyableBuilder;
import software.amazon.awssdk.utils.builder.ToCopyableBuilder;
/**
*
* The part of the web request that you want WAF to inspect. Include the single FieldToMatch type that you
* want to inspect, with additional specifications as needed, according to the type. You specify a single request
* component in FieldToMatch for each rule statement that requires it. To inspect more than one component
* of the web request, create a separate rule statement for each component.
*
*
* Example JSON for a QueryString field to match:
*
*
* "FieldToMatch": { "QueryString": {} }
*
*
* Example JSON for a Method field to match specification:
*
*
* "FieldToMatch": { "Method": { "Name": "DELETE" } }
*
*/
@Generated("software.amazon.awssdk:codegen")
public final class FieldToMatch implements SdkPojo, Serializable, ToCopyableBuilder {
private static final SdkField SINGLE_HEADER_FIELD = SdkField. builder(MarshallingType.SDK_POJO)
.memberName("SingleHeader").getter(getter(FieldToMatch::singleHeader)).setter(setter(Builder::singleHeader))
.constructor(SingleHeader::builder)
.traits(LocationTrait.builder().location(MarshallLocation.PAYLOAD).locationName("SingleHeader").build()).build();
private static final SdkField SINGLE_QUERY_ARGUMENT_FIELD = SdkField
. builder(MarshallingType.SDK_POJO).memberName("SingleQueryArgument")
.getter(getter(FieldToMatch::singleQueryArgument)).setter(setter(Builder::singleQueryArgument))
.constructor(SingleQueryArgument::builder)
.traits(LocationTrait.builder().location(MarshallLocation.PAYLOAD).locationName("SingleQueryArgument").build())
.build();
private static final SdkField ALL_QUERY_ARGUMENTS_FIELD = SdkField
. builder(MarshallingType.SDK_POJO).memberName("AllQueryArguments")
.getter(getter(FieldToMatch::allQueryArguments)).setter(setter(Builder::allQueryArguments))
.constructor(AllQueryArguments::builder)
.traits(LocationTrait.builder().location(MarshallLocation.PAYLOAD).locationName("AllQueryArguments").build()).build();
private static final SdkField URI_PATH_FIELD = SdkField. builder(MarshallingType.SDK_POJO)
.memberName("UriPath").getter(getter(FieldToMatch::uriPath)).setter(setter(Builder::uriPath))
.constructor(UriPath::builder)
.traits(LocationTrait.builder().location(MarshallLocation.PAYLOAD).locationName("UriPath").build()).build();
private static final SdkField QUERY_STRING_FIELD = SdkField. builder(MarshallingType.SDK_POJO)
.memberName("QueryString").getter(getter(FieldToMatch::queryString)).setter(setter(Builder::queryString))
.constructor(QueryString::builder)
.traits(LocationTrait.builder().location(MarshallLocation.PAYLOAD).locationName("QueryString").build()).build();
private static final SdkField BODY_FIELD = SdkField. builder(MarshallingType.SDK_POJO).memberName("Body")
.getter(getter(FieldToMatch::body)).setter(setter(Builder::body)).constructor(Body::builder)
.traits(LocationTrait.builder().location(MarshallLocation.PAYLOAD).locationName("Body").build()).build();
private static final SdkField METHOD_FIELD = SdkField. builder(MarshallingType.SDK_POJO).memberName("Method")
.getter(getter(FieldToMatch::method)).setter(setter(Builder::method)).constructor(Method::builder)
.traits(LocationTrait.builder().location(MarshallLocation.PAYLOAD).locationName("Method").build()).build();
private static final SdkField JSON_BODY_FIELD = SdkField. builder(MarshallingType.SDK_POJO)
.memberName("JsonBody").getter(getter(FieldToMatch::jsonBody)).setter(setter(Builder::jsonBody))
.constructor(JsonBody::builder)
.traits(LocationTrait.builder().location(MarshallLocation.PAYLOAD).locationName("JsonBody").build()).build();
private static final SdkField HEADERS_FIELD = SdkField. builder(MarshallingType.SDK_POJO)
.memberName("Headers").getter(getter(FieldToMatch::headers)).setter(setter(Builder::headers))
.constructor(Headers::builder)
.traits(LocationTrait.builder().location(MarshallLocation.PAYLOAD).locationName("Headers").build()).build();
private static final SdkField COOKIES_FIELD = SdkField. builder(MarshallingType.SDK_POJO)
.memberName("Cookies").getter(getter(FieldToMatch::cookies)).setter(setter(Builder::cookies))
.constructor(Cookies::builder)
.traits(LocationTrait.builder().location(MarshallLocation.PAYLOAD).locationName("Cookies").build()).build();
private static final SdkField HEADER_ORDER_FIELD = SdkField. builder(MarshallingType.SDK_POJO)
.memberName("HeaderOrder").getter(getter(FieldToMatch::headerOrder)).setter(setter(Builder::headerOrder))
.constructor(HeaderOrder::builder)
.traits(LocationTrait.builder().location(MarshallLocation.PAYLOAD).locationName("HeaderOrder").build()).build();
private static final SdkField JA3_FINGERPRINT_FIELD = SdkField
. builder(MarshallingType.SDK_POJO).memberName("JA3Fingerprint")
.getter(getter(FieldToMatch::ja3Fingerprint)).setter(setter(Builder::ja3Fingerprint))
.constructor(JA3Fingerprint::builder)
.traits(LocationTrait.builder().location(MarshallLocation.PAYLOAD).locationName("JA3Fingerprint").build()).build();
private static final List> SDK_FIELDS = Collections.unmodifiableList(Arrays.asList(SINGLE_HEADER_FIELD,
SINGLE_QUERY_ARGUMENT_FIELD, ALL_QUERY_ARGUMENTS_FIELD, URI_PATH_FIELD, QUERY_STRING_FIELD, BODY_FIELD, METHOD_FIELD,
JSON_BODY_FIELD, HEADERS_FIELD, COOKIES_FIELD, HEADER_ORDER_FIELD, JA3_FINGERPRINT_FIELD));
private static final long serialVersionUID = 1L;
private final SingleHeader singleHeader;
private final SingleQueryArgument singleQueryArgument;
private final AllQueryArguments allQueryArguments;
private final UriPath uriPath;
private final QueryString queryString;
private final Body body;
private final Method method;
private final JsonBody jsonBody;
private final Headers headers;
private final Cookies cookies;
private final HeaderOrder headerOrder;
private final JA3Fingerprint ja3Fingerprint;
private FieldToMatch(BuilderImpl builder) {
this.singleHeader = builder.singleHeader;
this.singleQueryArgument = builder.singleQueryArgument;
this.allQueryArguments = builder.allQueryArguments;
this.uriPath = builder.uriPath;
this.queryString = builder.queryString;
this.body = builder.body;
this.method = builder.method;
this.jsonBody = builder.jsonBody;
this.headers = builder.headers;
this.cookies = builder.cookies;
this.headerOrder = builder.headerOrder;
this.ja3Fingerprint = builder.ja3Fingerprint;
}
/**
*
* Inspect a single header. Provide the name of the header to inspect, for example, User-Agent or
* Referer. This setting isn't case sensitive.
*
*
* Example JSON: "SingleHeader": { "Name": "haystack" }
*
*
* Alternately, you can filter and inspect all headers with the Headers FieldToMatch
* setting.
*
*
* @return Inspect a single header. Provide the name of the header to inspect, for example, User-Agent
* or Referer. This setting isn't case sensitive.
*
* Example JSON: "SingleHeader": { "Name": "haystack" }
*
*
* Alternately, you can filter and inspect all headers with the Headers
* FieldToMatch setting.
*/
public final SingleHeader singleHeader() {
return singleHeader;
}
/**
*
* Inspect a single query argument. Provide the name of the query argument to inspect, such as UserName or
* SalesRegion. The name can be up to 30 characters long and isn't case sensitive.
*
*
* Example JSON: "SingleQueryArgument": { "Name": "myArgument" }
*
*
* @return Inspect a single query argument. Provide the name of the query argument to inspect, such as
* UserName or SalesRegion. The name can be up to 30 characters long and isn't case sensitive.
*
*
* Example JSON: "SingleQueryArgument": { "Name": "myArgument" }
*/
public final SingleQueryArgument singleQueryArgument() {
return singleQueryArgument;
}
/**
*
* Inspect all query arguments.
*
*
* @return Inspect all query arguments.
*/
public final AllQueryArguments allQueryArguments() {
return allQueryArguments;
}
/**
*
* Inspect the request URI path. This is the part of the web request that identifies a resource, for example,
* /images/daily-ad.jpg.
*
*
* @return Inspect the request URI path. This is the part of the web request that identifies a resource, for
* example, /images/daily-ad.jpg.
*/
public final UriPath uriPath() {
return uriPath;
}
/**
*
* Inspect the query string. This is the part of a URL that appears after a ? character, if any.
*
*
* @return Inspect the query string. This is the part of a URL that appears after a ? character, if
* any.
*/
public final QueryString queryString() {
return queryString;
}
/**
*
* Inspect the request body as plain text. The request body immediately follows the request headers. This is the
* part of a request that contains any additional data that you want to send to your web server as the HTTP request
* body, such as data from a form.
*
*
* A limited amount of the request body is forwarded to WAF for inspection by the underlying host service. For
* regional resources, the limit is 8 KB (8,192 bytes) and for CloudFront distributions, the limit is 16 KB (16,384
* bytes). For CloudFront distributions, you can increase the limit in the web ACL's AssociationConfig,
* for additional processing fees.
*
*
* For information about how to handle oversized request bodies, see the Body object configuration.
*
*
* @return Inspect the request body as plain text. The request body immediately follows the request headers. This is
* the part of a request that contains any additional data that you want to send to your web server as the
* HTTP request body, such as data from a form.
*
* A limited amount of the request body is forwarded to WAF for inspection by the underlying host service.
* For regional resources, the limit is 8 KB (8,192 bytes) and for CloudFront distributions, the limit is 16
* KB (16,384 bytes). For CloudFront distributions, you can increase the limit in the web ACL's
* AssociationConfig, for additional processing fees.
*
*
* For information about how to handle oversized request bodies, see the Body object
* configuration.
*/
public final Body body() {
return body;
}
/**
*
* Inspect the HTTP method. The method indicates the type of operation that the request is asking the origin to
* perform.
*
*
* @return Inspect the HTTP method. The method indicates the type of operation that the request is asking the origin
* to perform.
*/
public final Method method() {
return method;
}
/**
*
* Inspect the request body as JSON. The request body immediately follows the request headers. This is the part of a
* request that contains any additional data that you want to send to your web server as the HTTP request body, such
* as data from a form.
*
*
* A limited amount of the request body is forwarded to WAF for inspection by the underlying host service. For
* regional resources, the limit is 8 KB (8,192 bytes) and for CloudFront distributions, the limit is 16 KB (16,384
* bytes). For CloudFront distributions, you can increase the limit in the web ACL's AssociationConfig,
* for additional processing fees.
*
*
* For information about how to handle oversized request bodies, see the JsonBody object configuration.
*
*
* @return Inspect the request body as JSON. The request body immediately follows the request headers. This is the
* part of a request that contains any additional data that you want to send to your web server as the HTTP
* request body, such as data from a form.
*
* A limited amount of the request body is forwarded to WAF for inspection by the underlying host service.
* For regional resources, the limit is 8 KB (8,192 bytes) and for CloudFront distributions, the limit is 16
* KB (16,384 bytes). For CloudFront distributions, you can increase the limit in the web ACL's
* AssociationConfig, for additional processing fees.
*
*
* For information about how to handle oversized request bodies, see the JsonBody object
* configuration.
*/
public final JsonBody jsonBody() {
return jsonBody;
}
/**
*
* Inspect the request headers. You must configure scope and pattern matching filters in the Headers
* object, to define the set of headers to and the parts of the headers that WAF inspects.
*
*
* Only the first 8 KB (8192 bytes) of a request's headers and only the first 200 headers are forwarded to WAF for
* inspection by the underlying host service. You must configure how to handle any oversize header content in the
* Headers object. WAF applies the pattern matching filters to the headers that it receives from the
* underlying host service.
*
*
* @return Inspect the request headers. You must configure scope and pattern matching filters in the
* Headers object, to define the set of headers to and the parts of the headers that WAF
* inspects.
*
* Only the first 8 KB (8192 bytes) of a request's headers and only the first 200 headers are forwarded to
* WAF for inspection by the underlying host service. You must configure how to handle any oversize header
* content in the Headers object. WAF applies the pattern matching filters to the headers that
* it receives from the underlying host service.
*/
public final Headers headers() {
return headers;
}
/**
*
* Inspect the request cookies. You must configure scope and pattern matching filters in the Cookies
* object, to define the set of cookies and the parts of the cookies that WAF inspects.
*
*
* Only the first 8 KB (8192 bytes) of a request's cookies and only the first 200 cookies are forwarded to WAF for
* inspection by the underlying host service. You must configure how to handle any oversize cookie content in the
* Cookies object. WAF applies the pattern matching filters to the cookies that it receives from the
* underlying host service.
*
*
* @return Inspect the request cookies. You must configure scope and pattern matching filters in the
* Cookies object, to define the set of cookies and the parts of the cookies that WAF inspects.
*
*
* Only the first 8 KB (8192 bytes) of a request's cookies and only the first 200 cookies are forwarded to
* WAF for inspection by the underlying host service. You must configure how to handle any oversize cookie
* content in the Cookies object. WAF applies the pattern matching filters to the cookies that
* it receives from the underlying host service.
*/
public final Cookies cookies() {
return cookies;
}
/**
*
* Inspect a string containing the list of the request's header names, ordered as they appear in the web request
* that WAF receives for inspection. WAF generates the string and then uses that as the field to match component in
* its inspection. WAF separates the header names in the string using colons and no added spaces, for example
* host:user-agent:accept:authorization:referer.
*
*
* @return Inspect a string containing the list of the request's header names, ordered as they appear in the web
* request that WAF receives for inspection. WAF generates the string and then uses that as the field to
* match component in its inspection. WAF separates the header names in the string using colons and no added
* spaces, for example host:user-agent:accept:authorization:referer.
*/
public final HeaderOrder headerOrder() {
return headerOrder;
}
/**
*
* Match against the request's JA3 fingerprint. The JA3 fingerprint is a 32-character hash derived from the TLS
* Client Hello of an incoming request. This fingerprint serves as a unique identifier for the client's TLS
* configuration. WAF calculates and logs this fingerprint for each request that has enough TLS Client Hello
* information for the calculation. Almost all web requests include this information.
*
*
*
* You can use this choice only with a string match ByteMatchStatement with the
* PositionalConstraint set to EXACTLY.
*
*
*
* You can obtain the JA3 fingerprint for client requests from the web ACL logs. If WAF is able to calculate the
* fingerprint, it includes it in the logs. For information about the logging fields, see Log fields in the WAF
* Developer Guide.
*
*
* Provide the JA3 fingerprint string from the logs in your string match statement specification, to match with any
* future requests that have the same TLS configuration.
*
*
* @return Match against the request's JA3 fingerprint. The JA3 fingerprint is a 32-character hash derived from the
* TLS Client Hello of an incoming request. This fingerprint serves as a unique identifier for the client's
* TLS configuration. WAF calculates and logs this fingerprint for each request that has enough TLS Client
* Hello information for the calculation. Almost all web requests include this information.
*
* You can use this choice only with a string match ByteMatchStatement with the
* PositionalConstraint set to EXACTLY.
*
*
*
* You can obtain the JA3 fingerprint for client requests from the web ACL logs. If WAF is able to calculate
* the fingerprint, it includes it in the logs. For information about the logging fields, see Log fields in the
* WAF Developer Guide.
*
*
* Provide the JA3 fingerprint string from the logs in your string match statement specification, to match
* with any future requests that have the same TLS configuration.
*/
public final JA3Fingerprint ja3Fingerprint() {
return ja3Fingerprint;
}
@Override
public Builder toBuilder() {
return new BuilderImpl(this);
}
public static Builder builder() {
return new BuilderImpl();
}
public static Class serializableBuilderClass() {
return BuilderImpl.class;
}
@Override
public final int hashCode() {
int hashCode = 1;
hashCode = 31 * hashCode + Objects.hashCode(singleHeader());
hashCode = 31 * hashCode + Objects.hashCode(singleQueryArgument());
hashCode = 31 * hashCode + Objects.hashCode(allQueryArguments());
hashCode = 31 * hashCode + Objects.hashCode(uriPath());
hashCode = 31 * hashCode + Objects.hashCode(queryString());
hashCode = 31 * hashCode + Objects.hashCode(body());
hashCode = 31 * hashCode + Objects.hashCode(method());
hashCode = 31 * hashCode + Objects.hashCode(jsonBody());
hashCode = 31 * hashCode + Objects.hashCode(headers());
hashCode = 31 * hashCode + Objects.hashCode(cookies());
hashCode = 31 * hashCode + Objects.hashCode(headerOrder());
hashCode = 31 * hashCode + Objects.hashCode(ja3Fingerprint());
return hashCode;
}
@Override
public final boolean equals(Object obj) {
return equalsBySdkFields(obj);
}
@Override
public final boolean equalsBySdkFields(Object obj) {
if (this == obj) {
return true;
}
if (obj == null) {
return false;
}
if (!(obj instanceof FieldToMatch)) {
return false;
}
FieldToMatch other = (FieldToMatch) obj;
return Objects.equals(singleHeader(), other.singleHeader())
&& Objects.equals(singleQueryArgument(), other.singleQueryArgument())
&& Objects.equals(allQueryArguments(), other.allQueryArguments()) && Objects.equals(uriPath(), other.uriPath())
&& Objects.equals(queryString(), other.queryString()) && Objects.equals(body(), other.body())
&& Objects.equals(method(), other.method()) && Objects.equals(jsonBody(), other.jsonBody())
&& Objects.equals(headers(), other.headers()) && Objects.equals(cookies(), other.cookies())
&& Objects.equals(headerOrder(), other.headerOrder()) && Objects.equals(ja3Fingerprint(), other.ja3Fingerprint());
}
/**
* Returns a string representation of this object. This is useful for testing and debugging. Sensitive data will be
* redacted from this string using a placeholder value.
*/
@Override
public final String toString() {
return ToString.builder("FieldToMatch").add("SingleHeader", singleHeader())
.add("SingleQueryArgument", singleQueryArgument()).add("AllQueryArguments", allQueryArguments())
.add("UriPath", uriPath()).add("QueryString", queryString()).add("Body", body()).add("Method", method())
.add("JsonBody", jsonBody()).add("Headers", headers()).add("Cookies", cookies())
.add("HeaderOrder", headerOrder()).add("JA3Fingerprint", ja3Fingerprint()).build();
}
public final Optional getValueForField(String fieldName, Class clazz) {
switch (fieldName) {
case "SingleHeader":
return Optional.ofNullable(clazz.cast(singleHeader()));
case "SingleQueryArgument":
return Optional.ofNullable(clazz.cast(singleQueryArgument()));
case "AllQueryArguments":
return Optional.ofNullable(clazz.cast(allQueryArguments()));
case "UriPath":
return Optional.ofNullable(clazz.cast(uriPath()));
case "QueryString":
return Optional.ofNullable(clazz.cast(queryString()));
case "Body":
return Optional.ofNullable(clazz.cast(body()));
case "Method":
return Optional.ofNullable(clazz.cast(method()));
case "JsonBody":
return Optional.ofNullable(clazz.cast(jsonBody()));
case "Headers":
return Optional.ofNullable(clazz.cast(headers()));
case "Cookies":
return Optional.ofNullable(clazz.cast(cookies()));
case "HeaderOrder":
return Optional.ofNullable(clazz.cast(headerOrder()));
case "JA3Fingerprint":
return Optional.ofNullable(clazz.cast(ja3Fingerprint()));
default:
return Optional.empty();
}
}
@Override
public final List> sdkFields() {
return SDK_FIELDS;
}
private static Function getter(Function g) {
return obj -> g.apply((FieldToMatch) obj);
}
private static BiConsumer setter(BiConsumer s) {
return (obj, val) -> s.accept((Builder) obj, val);
}
public interface Builder extends SdkPojo, CopyableBuilder {
/**
*
* Inspect a single header. Provide the name of the header to inspect, for example, User-Agent or
* Referer. This setting isn't case sensitive.
*
*
* Example JSON: "SingleHeader": { "Name": "haystack" }
*
*
* Alternately, you can filter and inspect all headers with the Headers FieldToMatch
* setting.
*
*
* @param singleHeader
* Inspect a single header. Provide the name of the header to inspect, for example,
* User-Agent or Referer. This setting isn't case sensitive.
*
* Example JSON: "SingleHeader": { "Name": "haystack" }
*
*
* Alternately, you can filter and inspect all headers with the Headers
* FieldToMatch setting.
* @return Returns a reference to this object so that method calls can be chained together.
*/
Builder singleHeader(SingleHeader singleHeader);
/**
*
* Inspect a single header. Provide the name of the header to inspect, for example, User-Agent or
* Referer. This setting isn't case sensitive.
*
*
* Example JSON: "SingleHeader": { "Name": "haystack" }
*
*
* Alternately, you can filter and inspect all headers with the Headers FieldToMatch
* setting.
*
* This is a convenience method that creates an instance of the {@link SingleHeader.Builder} avoiding the need
* to create one manually via {@link SingleHeader#builder()}.
*
*
* When the {@link Consumer} completes, {@link SingleHeader.Builder#build()} is called immediately and its
* result is passed to {@link #singleHeader(SingleHeader)}.
*
* @param singleHeader
* a consumer that will call methods on {@link SingleHeader.Builder}
* @return Returns a reference to this object so that method calls can be chained together.
* @see #singleHeader(SingleHeader)
*/
default Builder singleHeader(Consumer singleHeader) {
return singleHeader(SingleHeader.builder().applyMutation(singleHeader).build());
}
/**
*
* Inspect a single query argument. Provide the name of the query argument to inspect, such as UserName
* or SalesRegion. The name can be up to 30 characters long and isn't case sensitive.
*
*
* Example JSON: "SingleQueryArgument": { "Name": "myArgument" }
*
*
* @param singleQueryArgument
* Inspect a single query argument. Provide the name of the query argument to inspect, such as
* UserName or SalesRegion. The name can be up to 30 characters long and isn't case
* sensitive.
*
* Example JSON: "SingleQueryArgument": { "Name": "myArgument" }
* @return Returns a reference to this object so that method calls can be chained together.
*/
Builder singleQueryArgument(SingleQueryArgument singleQueryArgument);
/**
*
* Inspect a single query argument. Provide the name of the query argument to inspect, such as UserName
* or SalesRegion. The name can be up to 30 characters long and isn't case sensitive.
*
*
* Example JSON: "SingleQueryArgument": { "Name": "myArgument" }
*
* This is a convenience method that creates an instance of the {@link SingleQueryArgument.Builder} avoiding the
* need to create one manually via {@link SingleQueryArgument#builder()}.
*
*
* When the {@link Consumer} completes, {@link SingleQueryArgument.Builder#build()} is called immediately and
* its result is passed to {@link #singleQueryArgument(SingleQueryArgument)}.
*
* @param singleQueryArgument
* a consumer that will call methods on {@link SingleQueryArgument.Builder}
* @return Returns a reference to this object so that method calls can be chained together.
* @see #singleQueryArgument(SingleQueryArgument)
*/
default Builder singleQueryArgument(Consumer singleQueryArgument) {
return singleQueryArgument(SingleQueryArgument.builder().applyMutation(singleQueryArgument).build());
}
/**
*
* Inspect all query arguments.
*
*
* @param allQueryArguments
* Inspect all query arguments.
* @return Returns a reference to this object so that method calls can be chained together.
*/
Builder allQueryArguments(AllQueryArguments allQueryArguments);
/**
*
* Inspect all query arguments.
*
* This is a convenience method that creates an instance of the {@link AllQueryArguments.Builder} avoiding the
* need to create one manually via {@link AllQueryArguments#builder()}.
*
*
* When the {@link Consumer} completes, {@link AllQueryArguments.Builder#build()} is called immediately and its
* result is passed to {@link #allQueryArguments(AllQueryArguments)}.
*
* @param allQueryArguments
* a consumer that will call methods on {@link AllQueryArguments.Builder}
* @return Returns a reference to this object so that method calls can be chained together.
* @see #allQueryArguments(AllQueryArguments)
*/
default Builder allQueryArguments(Consumer allQueryArguments) {
return allQueryArguments(AllQueryArguments.builder().applyMutation(allQueryArguments).build());
}
/**
*
* Inspect the request URI path. This is the part of the web request that identifies a resource, for example,
* /images/daily-ad.jpg.
*
*
* @param uriPath
* Inspect the request URI path. This is the part of the web request that identifies a resource, for
* example, /images/daily-ad.jpg.
* @return Returns a reference to this object so that method calls can be chained together.
*/
Builder uriPath(UriPath uriPath);
/**
*
* Inspect the request URI path. This is the part of the web request that identifies a resource, for example,
* /images/daily-ad.jpg.
*
* This is a convenience method that creates an instance of the {@link UriPath.Builder} avoiding the need to
* create one manually via {@link UriPath#builder()}.
*
*
* When the {@link Consumer} completes, {@link UriPath.Builder#build()} is called immediately and its result is
* passed to {@link #uriPath(UriPath)}.
*
* @param uriPath
* a consumer that will call methods on {@link UriPath.Builder}
* @return Returns a reference to this object so that method calls can be chained together.
* @see #uriPath(UriPath)
*/
default Builder uriPath(Consumer uriPath) {
return uriPath(UriPath.builder().applyMutation(uriPath).build());
}
/**
*
* Inspect the query string. This is the part of a URL that appears after a ? character, if any.
*
*
* @param queryString
* Inspect the query string. This is the part of a URL that appears after a ? character, if
* any.
* @return Returns a reference to this object so that method calls can be chained together.
*/
Builder queryString(QueryString queryString);
/**
*
* Inspect the query string. This is the part of a URL that appears after a ? character, if any.
*
* This is a convenience method that creates an instance of the {@link QueryString.Builder} avoiding the need to
* create one manually via {@link QueryString#builder()}.
*
*
* When the {@link Consumer} completes, {@link QueryString.Builder#build()} is called immediately and its result
* is passed to {@link #queryString(QueryString)}.
*
* @param queryString
* a consumer that will call methods on {@link QueryString.Builder}
* @return Returns a reference to this object so that method calls can be chained together.
* @see #queryString(QueryString)
*/
default Builder queryString(Consumer queryString) {
return queryString(QueryString.builder().applyMutation(queryString).build());
}
/**
*
* Inspect the request body as plain text. The request body immediately follows the request headers. This is the
* part of a request that contains any additional data that you want to send to your web server as the HTTP
* request body, such as data from a form.
*
*
* A limited amount of the request body is forwarded to WAF for inspection by the underlying host service. For
* regional resources, the limit is 8 KB (8,192 bytes) and for CloudFront distributions, the limit is 16 KB
* (16,384 bytes). For CloudFront distributions, you can increase the limit in the web ACL's
* AssociationConfig, for additional processing fees.
*
*
* For information about how to handle oversized request bodies, see the Body object configuration.
*
*
* @param body
* Inspect the request body as plain text. The request body immediately follows the request headers. This
* is the part of a request that contains any additional data that you want to send to your web server as
* the HTTP request body, such as data from a form.
*
* A limited amount of the request body is forwarded to WAF for inspection by the underlying host
* service. For regional resources, the limit is 8 KB (8,192 bytes) and for CloudFront distributions, the
* limit is 16 KB (16,384 bytes). For CloudFront distributions, you can increase the limit in the web
* ACL's AssociationConfig, for additional processing fees.
*
*
* For information about how to handle oversized request bodies, see the Body object
* configuration.
* @return Returns a reference to this object so that method calls can be chained together.
*/
Builder body(Body body);
/**
*
* Inspect the request body as plain text. The request body immediately follows the request headers. This is the
* part of a request that contains any additional data that you want to send to your web server as the HTTP
* request body, such as data from a form.
*
*
* A limited amount of the request body is forwarded to WAF for inspection by the underlying host service. For
* regional resources, the limit is 8 KB (8,192 bytes) and for CloudFront distributions, the limit is 16 KB
* (16,384 bytes). For CloudFront distributions, you can increase the limit in the web ACL's
* AssociationConfig, for additional processing fees.
*
*
* For information about how to handle oversized request bodies, see the Body object configuration.
*
* This is a convenience method that creates an instance of the {@link Body.Builder} avoiding the need to create
* one manually via {@link Body#builder()}.
*
*
* When the {@link Consumer} completes, {@link Body.Builder#build()} is called immediately and its result is
* passed to {@link #body(Body)}.
*
* @param body
* a consumer that will call methods on {@link Body.Builder}
* @return Returns a reference to this object so that method calls can be chained together.
* @see #body(Body)
*/
default Builder body(Consumer body) {
return body(Body.builder().applyMutation(body).build());
}
/**
*
* Inspect the HTTP method. The method indicates the type of operation that the request is asking the origin to
* perform.
*
*
* @param method
* Inspect the HTTP method. The method indicates the type of operation that the request is asking the
* origin to perform.
* @return Returns a reference to this object so that method calls can be chained together.
*/
Builder method(Method method);
/**
*
* Inspect the HTTP method. The method indicates the type of operation that the request is asking the origin to
* perform.
*
* This is a convenience method that creates an instance of the {@link Method.Builder} avoiding the need to
* create one manually via {@link Method#builder()}.
*
*
* When the {@link Consumer} completes, {@link Method.Builder#build()} is called immediately and its result is
* passed to {@link #method(Method)}.
*
* @param method
* a consumer that will call methods on {@link Method.Builder}
* @return Returns a reference to this object so that method calls can be chained together.
* @see #method(Method)
*/
default Builder method(Consumer method) {
return method(Method.builder().applyMutation(method).build());
}
/**
*
* Inspect the request body as JSON. The request body immediately follows the request headers. This is the part
* of a request that contains any additional data that you want to send to your web server as the HTTP request
* body, such as data from a form.
*
*
* A limited amount of the request body is forwarded to WAF for inspection by the underlying host service. For
* regional resources, the limit is 8 KB (8,192 bytes) and for CloudFront distributions, the limit is 16 KB
* (16,384 bytes). For CloudFront distributions, you can increase the limit in the web ACL's
* AssociationConfig, for additional processing fees.
*
*
* For information about how to handle oversized request bodies, see the JsonBody object
* configuration.
*
*
* @param jsonBody
* Inspect the request body as JSON. The request body immediately follows the request headers. This is
* the part of a request that contains any additional data that you want to send to your web server as
* the HTTP request body, such as data from a form.
*
* A limited amount of the request body is forwarded to WAF for inspection by the underlying host
* service. For regional resources, the limit is 8 KB (8,192 bytes) and for CloudFront distributions, the
* limit is 16 KB (16,384 bytes). For CloudFront distributions, you can increase the limit in the web
* ACL's AssociationConfig, for additional processing fees.
*
*
* For information about how to handle oversized request bodies, see the JsonBody object
* configuration.
* @return Returns a reference to this object so that method calls can be chained together.
*/
Builder jsonBody(JsonBody jsonBody);
/**
*
* Inspect the request body as JSON. The request body immediately follows the request headers. This is the part
* of a request that contains any additional data that you want to send to your web server as the HTTP request
* body, such as data from a form.
*
*
* A limited amount of the request body is forwarded to WAF for inspection by the underlying host service. For
* regional resources, the limit is 8 KB (8,192 bytes) and for CloudFront distributions, the limit is 16 KB
* (16,384 bytes). For CloudFront distributions, you can increase the limit in the web ACL's
* AssociationConfig, for additional processing fees.
*
*
* For information about how to handle oversized request bodies, see the JsonBody object
* configuration.
*
* This is a convenience method that creates an instance of the {@link JsonBody.Builder} avoiding the need to
* create one manually via {@link JsonBody#builder()}.
*
*
* When the {@link Consumer} completes, {@link JsonBody.Builder#build()} is called immediately and its result is
* passed to {@link #jsonBody(JsonBody)}.
*
* @param jsonBody
* a consumer that will call methods on {@link JsonBody.Builder}
* @return Returns a reference to this object so that method calls can be chained together.
* @see #jsonBody(JsonBody)
*/
default Builder jsonBody(Consumer jsonBody) {
return jsonBody(JsonBody.builder().applyMutation(jsonBody).build());
}
/**
*
* Inspect the request headers. You must configure scope and pattern matching filters in the
* Headers object, to define the set of headers to and the parts of the headers that WAF inspects.
*
*
* Only the first 8 KB (8192 bytes) of a request's headers and only the first 200 headers are forwarded to WAF
* for inspection by the underlying host service. You must configure how to handle any oversize header content
* in the Headers object. WAF applies the pattern matching filters to the headers that it receives
* from the underlying host service.
*
*
* @param headers
* Inspect the request headers. You must configure scope and pattern matching filters in the
* Headers object, to define the set of headers to and the parts of the headers that WAF
* inspects.
*
* Only the first 8 KB (8192 bytes) of a request's headers and only the first 200 headers are forwarded
* to WAF for inspection by the underlying host service. You must configure how to handle any oversize
* header content in the Headers object. WAF applies the pattern matching filters to the
* headers that it receives from the underlying host service.
* @return Returns a reference to this object so that method calls can be chained together.
*/
Builder headers(Headers headers);
/**
*
* Inspect the request headers. You must configure scope and pattern matching filters in the
* Headers object, to define the set of headers to and the parts of the headers that WAF inspects.
*
*
* Only the first 8 KB (8192 bytes) of a request's headers and only the first 200 headers are forwarded to WAF
* for inspection by the underlying host service. You must configure how to handle any oversize header content
* in the Headers object. WAF applies the pattern matching filters to the headers that it receives
* from the underlying host service.
*
* This is a convenience method that creates an instance of the {@link Headers.Builder} avoiding the need to
* create one manually via {@link Headers#builder()}.
*
*
* When the {@link Consumer} completes, {@link Headers.Builder#build()} is called immediately and its result is
* passed to {@link #headers(Headers)}.
*
* @param headers
* a consumer that will call methods on {@link Headers.Builder}
* @return Returns a reference to this object so that method calls can be chained together.
* @see #headers(Headers)
*/
default Builder headers(Consumer headers) {
return headers(Headers.builder().applyMutation(headers).build());
}
/**
*
* Inspect the request cookies. You must configure scope and pattern matching filters in the
* Cookies object, to define the set of cookies and the parts of the cookies that WAF inspects.
*
*
* Only the first 8 KB (8192 bytes) of a request's cookies and only the first 200 cookies are forwarded to WAF
* for inspection by the underlying host service. You must configure how to handle any oversize cookie content
* in the Cookies object. WAF applies the pattern matching filters to the cookies that it receives
* from the underlying host service.
*
*
* @param cookies
* Inspect the request cookies. You must configure scope and pattern matching filters in the
* Cookies object, to define the set of cookies and the parts of the cookies that WAF
* inspects.
*
* Only the first 8 KB (8192 bytes) of a request's cookies and only the first 200 cookies are forwarded
* to WAF for inspection by the underlying host service. You must configure how to handle any oversize
* cookie content in the Cookies object. WAF applies the pattern matching filters to the
* cookies that it receives from the underlying host service.
* @return Returns a reference to this object so that method calls can be chained together.
*/
Builder cookies(Cookies cookies);
/**
*
* Inspect the request cookies. You must configure scope and pattern matching filters in the
* Cookies object, to define the set of cookies and the parts of the cookies that WAF inspects.
*
*
* Only the first 8 KB (8192 bytes) of a request's cookies and only the first 200 cookies are forwarded to WAF
* for inspection by the underlying host service. You must configure how to handle any oversize cookie content
* in the Cookies object. WAF applies the pattern matching filters to the cookies that it receives
* from the underlying host service.
*
* This is a convenience method that creates an instance of the {@link Cookies.Builder} avoiding the need to
* create one manually via {@link Cookies#builder()}.
*
*
* When the {@link Consumer} completes, {@link Cookies.Builder#build()} is called immediately and its result is
* passed to {@link #cookies(Cookies)}.
*
* @param cookies
* a consumer that will call methods on {@link Cookies.Builder}
* @return Returns a reference to this object so that method calls can be chained together.
* @see #cookies(Cookies)
*/
default Builder cookies(Consumer cookies) {
return cookies(Cookies.builder().applyMutation(cookies).build());
}
/**
*
* Inspect a string containing the list of the request's header names, ordered as they appear in the web request
* that WAF receives for inspection. WAF generates the string and then uses that as the field to match component
* in its inspection. WAF separates the header names in the string using colons and no added spaces, for example
* host:user-agent:accept:authorization:referer.
*
*
* @param headerOrder
* Inspect a string containing the list of the request's header names, ordered as they appear in the web
* request that WAF receives for inspection. WAF generates the string and then uses that as the field to
* match component in its inspection. WAF separates the header names in the string using colons and no
* added spaces, for example host:user-agent:accept:authorization:referer.
* @return Returns a reference to this object so that method calls can be chained together.
*/
Builder headerOrder(HeaderOrder headerOrder);
/**
*
* Inspect a string containing the list of the request's header names, ordered as they appear in the web request
* that WAF receives for inspection. WAF generates the string and then uses that as the field to match component
* in its inspection. WAF separates the header names in the string using colons and no added spaces, for example
* host:user-agent:accept:authorization:referer.
*
* This is a convenience method that creates an instance of the {@link HeaderOrder.Builder} avoiding the need to
* create one manually via {@link HeaderOrder#builder()}.
*
*
* When the {@link Consumer} completes, {@link HeaderOrder.Builder#build()} is called immediately and its result
* is passed to {@link #headerOrder(HeaderOrder)}.
*
* @param headerOrder
* a consumer that will call methods on {@link HeaderOrder.Builder}
* @return Returns a reference to this object so that method calls can be chained together.
* @see #headerOrder(HeaderOrder)
*/
default Builder headerOrder(Consumer headerOrder) {
return headerOrder(HeaderOrder.builder().applyMutation(headerOrder).build());
}
/**
*
* Match against the request's JA3 fingerprint. The JA3 fingerprint is a 32-character hash derived from the TLS
* Client Hello of an incoming request. This fingerprint serves as a unique identifier for the client's TLS
* configuration. WAF calculates and logs this fingerprint for each request that has enough TLS Client Hello
* information for the calculation. Almost all web requests include this information.
*
*
*
* You can use this choice only with a string match ByteMatchStatement with the
* PositionalConstraint set to EXACTLY.
*
*
*
* You can obtain the JA3 fingerprint for client requests from the web ACL logs. If WAF is able to calculate the
* fingerprint, it includes it in the logs. For information about the logging fields, see Log fields in the WAF
* Developer Guide.
*
*
* Provide the JA3 fingerprint string from the logs in your string match statement specification, to match with
* any future requests that have the same TLS configuration.
*
*
* @param ja3Fingerprint
* Match against the request's JA3 fingerprint. The JA3 fingerprint is a 32-character hash derived from
* the TLS Client Hello of an incoming request. This fingerprint serves as a unique identifier for the
* client's TLS configuration. WAF calculates and logs this fingerprint for each request that has enough
* TLS Client Hello information for the calculation. Almost all web requests include this
* information.
*
* You can use this choice only with a string match ByteMatchStatement with the
* PositionalConstraint set to EXACTLY.
*
*
*
* You can obtain the JA3 fingerprint for client requests from the web ACL logs. If WAF is able to
* calculate the fingerprint, it includes it in the logs. For information about the logging fields, see
* Log fields in
* the WAF Developer Guide.
*
*
* Provide the JA3 fingerprint string from the logs in your string match statement specification, to
* match with any future requests that have the same TLS configuration.
* @return Returns a reference to this object so that method calls can be chained together.
*/
Builder ja3Fingerprint(JA3Fingerprint ja3Fingerprint);
/**
*
* Match against the request's JA3 fingerprint. The JA3 fingerprint is a 32-character hash derived from the TLS
* Client Hello of an incoming request. This fingerprint serves as a unique identifier for the client's TLS
* configuration. WAF calculates and logs this fingerprint for each request that has enough TLS Client Hello
* information for the calculation. Almost all web requests include this information.
*
*
*
* You can use this choice only with a string match ByteMatchStatement with the
* PositionalConstraint set to EXACTLY.
*
*
*
* You can obtain the JA3 fingerprint for client requests from the web ACL logs. If WAF is able to calculate the
* fingerprint, it includes it in the logs. For information about the logging fields, see Log fields in the WAF
* Developer Guide.
*
*
* Provide the JA3 fingerprint string from the logs in your string match statement specification, to match with
* any future requests that have the same TLS configuration.
*
* This is a convenience method that creates an instance of the {@link JA3Fingerprint.Builder} avoiding the need
* to create one manually via {@link JA3Fingerprint#builder()}.
*
*
* When the {@link Consumer} completes, {@link JA3Fingerprint.Builder#build()} is called immediately and its
* result is passed to {@link #ja3Fingerprint(JA3Fingerprint)}.
*
* @param ja3Fingerprint
* a consumer that will call methods on {@link JA3Fingerprint.Builder}
* @return Returns a reference to this object so that method calls can be chained together.
* @see #ja3Fingerprint(JA3Fingerprint)
*/
default Builder ja3Fingerprint(Consumer ja3Fingerprint) {
return ja3Fingerprint(JA3Fingerprint.builder().applyMutation(ja3Fingerprint).build());
}
}
static final class BuilderImpl implements Builder {
private SingleHeader singleHeader;
private SingleQueryArgument singleQueryArgument;
private AllQueryArguments allQueryArguments;
private UriPath uriPath;
private QueryString queryString;
private Body body;
private Method method;
private JsonBody jsonBody;
private Headers headers;
private Cookies cookies;
private HeaderOrder headerOrder;
private JA3Fingerprint ja3Fingerprint;
private BuilderImpl() {
}
private BuilderImpl(FieldToMatch model) {
singleHeader(model.singleHeader);
singleQueryArgument(model.singleQueryArgument);
allQueryArguments(model.allQueryArguments);
uriPath(model.uriPath);
queryString(model.queryString);
body(model.body);
method(model.method);
jsonBody(model.jsonBody);
headers(model.headers);
cookies(model.cookies);
headerOrder(model.headerOrder);
ja3Fingerprint(model.ja3Fingerprint);
}
public final SingleHeader.Builder getSingleHeader() {
return singleHeader != null ? singleHeader.toBuilder() : null;
}
public final void setSingleHeader(SingleHeader.BuilderImpl singleHeader) {
this.singleHeader = singleHeader != null ? singleHeader.build() : null;
}
@Override
public final Builder singleHeader(SingleHeader singleHeader) {
this.singleHeader = singleHeader;
return this;
}
public final SingleQueryArgument.Builder getSingleQueryArgument() {
return singleQueryArgument != null ? singleQueryArgument.toBuilder() : null;
}
public final void setSingleQueryArgument(SingleQueryArgument.BuilderImpl singleQueryArgument) {
this.singleQueryArgument = singleQueryArgument != null ? singleQueryArgument.build() : null;
}
@Override
public final Builder singleQueryArgument(SingleQueryArgument singleQueryArgument) {
this.singleQueryArgument = singleQueryArgument;
return this;
}
public final AllQueryArguments.Builder getAllQueryArguments() {
return allQueryArguments != null ? allQueryArguments.toBuilder() : null;
}
public final void setAllQueryArguments(AllQueryArguments.BuilderImpl allQueryArguments) {
this.allQueryArguments = allQueryArguments != null ? allQueryArguments.build() : null;
}
@Override
public final Builder allQueryArguments(AllQueryArguments allQueryArguments) {
this.allQueryArguments = allQueryArguments;
return this;
}
public final UriPath.Builder getUriPath() {
return uriPath != null ? uriPath.toBuilder() : null;
}
public final void setUriPath(UriPath.BuilderImpl uriPath) {
this.uriPath = uriPath != null ? uriPath.build() : null;
}
@Override
public final Builder uriPath(UriPath uriPath) {
this.uriPath = uriPath;
return this;
}
public final QueryString.Builder getQueryString() {
return queryString != null ? queryString.toBuilder() : null;
}
public final void setQueryString(QueryString.BuilderImpl queryString) {
this.queryString = queryString != null ? queryString.build() : null;
}
@Override
public final Builder queryString(QueryString queryString) {
this.queryString = queryString;
return this;
}
public final Body.Builder getBody() {
return body != null ? body.toBuilder() : null;
}
public final void setBody(Body.BuilderImpl body) {
this.body = body != null ? body.build() : null;
}
@Override
public final Builder body(Body body) {
this.body = body;
return this;
}
public final Method.Builder getMethod() {
return method != null ? method.toBuilder() : null;
}
public final void setMethod(Method.BuilderImpl method) {
this.method = method != null ? method.build() : null;
}
@Override
public final Builder method(Method method) {
this.method = method;
return this;
}
public final JsonBody.Builder getJsonBody() {
return jsonBody != null ? jsonBody.toBuilder() : null;
}
public final void setJsonBody(JsonBody.BuilderImpl jsonBody) {
this.jsonBody = jsonBody != null ? jsonBody.build() : null;
}
@Override
public final Builder jsonBody(JsonBody jsonBody) {
this.jsonBody = jsonBody;
return this;
}
public final Headers.Builder getHeaders() {
return headers != null ? headers.toBuilder() : null;
}
public final void setHeaders(Headers.BuilderImpl headers) {
this.headers = headers != null ? headers.build() : null;
}
@Override
public final Builder headers(Headers headers) {
this.headers = headers;
return this;
}
public final Cookies.Builder getCookies() {
return cookies != null ? cookies.toBuilder() : null;
}
public final void setCookies(Cookies.BuilderImpl cookies) {
this.cookies = cookies != null ? cookies.build() : null;
}
@Override
public final Builder cookies(Cookies cookies) {
this.cookies = cookies;
return this;
}
public final HeaderOrder.Builder getHeaderOrder() {
return headerOrder != null ? headerOrder.toBuilder() : null;
}
public final void setHeaderOrder(HeaderOrder.BuilderImpl headerOrder) {
this.headerOrder = headerOrder != null ? headerOrder.build() : null;
}
@Override
public final Builder headerOrder(HeaderOrder headerOrder) {
this.headerOrder = headerOrder;
return this;
}
public final JA3Fingerprint.Builder getJa3Fingerprint() {
return ja3Fingerprint != null ? ja3Fingerprint.toBuilder() : null;
}
public final void setJa3Fingerprint(JA3Fingerprint.BuilderImpl ja3Fingerprint) {
this.ja3Fingerprint = ja3Fingerprint != null ? ja3Fingerprint.build() : null;
}
@Override
public final Builder ja3Fingerprint(JA3Fingerprint ja3Fingerprint) {
this.ja3Fingerprint = ja3Fingerprint;
return this;
}
@Override
public FieldToMatch build() {
return new FieldToMatch(this);
}
@Override
public List> sdkFields() {
return SDK_FIELDS;
}
}
}