Skip to content

Commit 8337d3b

Browse files
author
awstools
committed
feat(client-wafv2): WAF now provides two DDoS protection options: resource-level monitoring for Application Load Balancers and the AWSManagedRulesAntiDDoSRuleSet managed rule group for CloudFront distributions.
1 parent 52a85ab commit 8337d3b

10 files changed

+585
-14
lines changed

clients/client-wafv2/src/commands/CheckCapacityCommand.ts

Lines changed: 28 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -761,6 +761,20 @@ export interface CheckCapacityCommandOutput extends CheckCapacityResponse, __Met
761761
* },
762762
* EnableRegexInPath: true || false,
763763
* },
764+
* AWSManagedRulesAntiDDoSRuleSet: { // AWSManagedRulesAntiDDoSRuleSet
765+
* ClientSideActionConfig: { // ClientSideActionConfig
766+
* Challenge: { // ClientSideAction
767+
* UsageOfAction: "ENABLED" || "DISABLED", // required
768+
* Sensitivity: "LOW" || "MEDIUM" || "HIGH",
769+
* ExemptUriRegularExpressions: [ // RegularExpressionList
770+
* { // Regex
771+
* RegexString: "STRING_VALUE",
772+
* },
773+
* ],
774+
* },
775+
* },
776+
* SensitivityToBlock: "LOW" || "MEDIUM" || "HIGH",
777+
* },
764778
* },
765779
* ],
766780
* RuleActionOverrides: [
@@ -986,6 +1000,20 @@ export interface CheckCapacityCommandOutput extends CheckCapacityResponse, __Met
9861000
* },
9871001
* EnableRegexInPath: true || false,
9881002
* },
1003+
* AWSManagedRulesAntiDDoSRuleSet: {
1004+
* ClientSideActionConfig: {
1005+
* Challenge: {
1006+
* UsageOfAction: "ENABLED" || "DISABLED", // required
1007+
* Sensitivity: "LOW" || "MEDIUM" || "HIGH",
1008+
* ExemptUriRegularExpressions: [
1009+
* {
1010+
* RegexString: "STRING_VALUE",
1011+
* },
1012+
* ],
1013+
* },
1014+
* },
1015+
* SensitivityToBlock: "LOW" || "MEDIUM" || "HIGH",
1016+
* },
9891017
* },
9901018
* ],
9911019
* RuleActionOverrides: [

clients/client-wafv2/src/commands/CreateRuleGroupCommand.ts

Lines changed: 28 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -754,6 +754,20 @@ export interface CreateRuleGroupCommandOutput extends CreateRuleGroupResponse, _
754754
* },
755755
* EnableRegexInPath: true || false,
756756
* },
757+
* AWSManagedRulesAntiDDoSRuleSet: { // AWSManagedRulesAntiDDoSRuleSet
758+
* ClientSideActionConfig: { // ClientSideActionConfig
759+
* Challenge: { // ClientSideAction
760+
* UsageOfAction: "ENABLED" || "DISABLED", // required
761+
* Sensitivity: "LOW" || "MEDIUM" || "HIGH",
762+
* ExemptUriRegularExpressions: [ // RegularExpressionList
763+
* { // Regex
764+
* RegexString: "STRING_VALUE",
765+
* },
766+
* ],
767+
* },
768+
* },
769+
* SensitivityToBlock: "LOW" || "MEDIUM" || "HIGH",
770+
* },
757771
* },
758772
* ],
759773
* RuleActionOverrides: [
@@ -979,6 +993,20 @@ export interface CreateRuleGroupCommandOutput extends CreateRuleGroupResponse, _
979993
* },
980994
* EnableRegexInPath: true || false,
981995
* },
996+
* AWSManagedRulesAntiDDoSRuleSet: {
997+
* ClientSideActionConfig: {
998+
* Challenge: {
999+
* UsageOfAction: "ENABLED" || "DISABLED", // required
1000+
* Sensitivity: "LOW" || "MEDIUM" || "HIGH",
1001+
* ExemptUriRegularExpressions: [
1002+
* {
1003+
* RegexString: "STRING_VALUE",
1004+
* },
1005+
* ],
1006+
* },
1007+
* },
1008+
* SensitivityToBlock: "LOW" || "MEDIUM" || "HIGH",
1009+
* },
9821010
* },
9831011
* ],
9841012
* RuleActionOverrides: [

clients/client-wafv2/src/commands/CreateWebACLCommand.ts

Lines changed: 31 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -757,6 +757,20 @@ export interface CreateWebACLCommandOutput extends CreateWebACLResponse, __Metad
757757
* },
758758
* EnableRegexInPath: true || false,
759759
* },
760+
* AWSManagedRulesAntiDDoSRuleSet: { // AWSManagedRulesAntiDDoSRuleSet
761+
* ClientSideActionConfig: { // ClientSideActionConfig
762+
* Challenge: { // ClientSideAction
763+
* UsageOfAction: "ENABLED" || "DISABLED", // required
764+
* Sensitivity: "LOW" || "MEDIUM" || "HIGH",
765+
* ExemptUriRegularExpressions: [ // RegularExpressionList
766+
* { // Regex
767+
* RegexString: "STRING_VALUE",
768+
* },
769+
* ],
770+
* },
771+
* },
772+
* SensitivityToBlock: "LOW" || "MEDIUM" || "HIGH",
773+
* },
760774
* },
761775
* ],
762776
* RuleActionOverrides: [
@@ -974,6 +988,20 @@ export interface CreateWebACLCommandOutput extends CreateWebACLResponse, __Metad
974988
* },
975989
* EnableRegexInPath: true || false,
976990
* },
991+
* AWSManagedRulesAntiDDoSRuleSet: {
992+
* ClientSideActionConfig: {
993+
* Challenge: {
994+
* UsageOfAction: "ENABLED" || "DISABLED", // required
995+
* Sensitivity: "LOW" || "MEDIUM" || "HIGH",
996+
* ExemptUriRegularExpressions: [
997+
* {
998+
* RegexString: "STRING_VALUE",
999+
* },
1000+
* ],
1001+
* },
1002+
* },
1003+
* SensitivityToBlock: "LOW" || "MEDIUM" || "HIGH",
1004+
* },
9771005
* },
9781006
* ],
9791007
* RuleActionOverrides: [
@@ -1090,6 +1118,9 @@ export interface CreateWebACLCommandOutput extends CreateWebACLResponse, __Metad
10901118
* },
10911119
* },
10921120
* },
1121+
* OnSourceDDoSProtectionConfig: { // OnSourceDDoSProtectionConfig
1122+
* ALBLowReputationMode: "ACTIVE_UNDER_DDOS" || "ALWAYS_ON", // required
1123+
* },
10931124
* };
10941125
* const command = new CreateWebACLCommand(input);
10951126
* const response = await client.send(command);

clients/client-wafv2/src/commands/GetRuleGroupCommand.ts

Lines changed: 28 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -763,6 +763,20 @@ export interface GetRuleGroupCommandOutput extends GetRuleGroupResponse, __Metad
763763
* // },
764764
* // EnableRegexInPath: true || false,
765765
* // },
766+
* // AWSManagedRulesAntiDDoSRuleSet: { // AWSManagedRulesAntiDDoSRuleSet
767+
* // ClientSideActionConfig: { // ClientSideActionConfig
768+
* // Challenge: { // ClientSideAction
769+
* // UsageOfAction: "ENABLED" || "DISABLED", // required
770+
* // Sensitivity: "LOW" || "MEDIUM" || "HIGH",
771+
* // ExemptUriRegularExpressions: [ // RegularExpressionList
772+
* // { // Regex
773+
* // RegexString: "STRING_VALUE",
774+
* // },
775+
* // ],
776+
* // },
777+
* // },
778+
* // SensitivityToBlock: "LOW" || "MEDIUM" || "HIGH",
779+
* // },
766780
* // },
767781
* // ],
768782
* // RuleActionOverrides: [
@@ -988,6 +1002,20 @@ export interface GetRuleGroupCommandOutput extends GetRuleGroupResponse, __Metad
9881002
* // },
9891003
* // EnableRegexInPath: true || false,
9901004
* // },
1005+
* // AWSManagedRulesAntiDDoSRuleSet: {
1006+
* // ClientSideActionConfig: {
1007+
* // Challenge: {
1008+
* // UsageOfAction: "ENABLED" || "DISABLED", // required
1009+
* // Sensitivity: "LOW" || "MEDIUM" || "HIGH",
1010+
* // ExemptUriRegularExpressions: [
1011+
* // {
1012+
* // RegexString: "STRING_VALUE",
1013+
* // },
1014+
* // ],
1015+
* // },
1016+
* // },
1017+
* // SensitivityToBlock: "LOW" || "MEDIUM" || "HIGH",
1018+
* // },
9911019
* // },
9921020
* // ],
9931021
* // RuleActionOverrides: [

clients/client-wafv2/src/commands/GetWebACLCommand.ts

Lines changed: 59 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -766,6 +766,20 @@ export interface GetWebACLCommandOutput extends GetWebACLResponse, __MetadataBea
766766
* // },
767767
* // EnableRegexInPath: true || false,
768768
* // },
769+
* // AWSManagedRulesAntiDDoSRuleSet: { // AWSManagedRulesAntiDDoSRuleSet
770+
* // ClientSideActionConfig: { // ClientSideActionConfig
771+
* // Challenge: { // ClientSideAction
772+
* // UsageOfAction: "ENABLED" || "DISABLED", // required
773+
* // Sensitivity: "LOW" || "MEDIUM" || "HIGH",
774+
* // ExemptUriRegularExpressions: [ // RegularExpressionList
775+
* // { // Regex
776+
* // RegexString: "STRING_VALUE",
777+
* // },
778+
* // ],
779+
* // },
780+
* // },
781+
* // SensitivityToBlock: "LOW" || "MEDIUM" || "HIGH",
782+
* // },
769783
* // },
770784
* // ],
771785
* // RuleActionOverrides: [
@@ -983,6 +997,20 @@ export interface GetWebACLCommandOutput extends GetWebACLResponse, __MetadataBea
983997
* // },
984998
* // EnableRegexInPath: true || false,
985999
* // },
1000+
* // AWSManagedRulesAntiDDoSRuleSet: {
1001+
* // ClientSideActionConfig: {
1002+
* // Challenge: {
1003+
* // UsageOfAction: "ENABLED" || "DISABLED", // required
1004+
* // Sensitivity: "LOW" || "MEDIUM" || "HIGH",
1005+
* // ExemptUriRegularExpressions: [
1006+
* // {
1007+
* // RegexString: "STRING_VALUE",
1008+
* // },
1009+
* // ],
1010+
* // },
1011+
* // },
1012+
* // SensitivityToBlock: "LOW" || "MEDIUM" || "HIGH",
1013+
* // },
9861014
* // },
9871015
* // ],
9881016
* // RuleActionOverrides: [
@@ -1162,6 +1190,20 @@ export interface GetWebACLCommandOutput extends GetWebACLResponse, __MetadataBea
11621190
* // ResponseInspection: "<ResponseInspection>",
11631191
* // EnableRegexInPath: true || false,
11641192
* // },
1193+
* // AWSManagedRulesAntiDDoSRuleSet: {
1194+
* // ClientSideActionConfig: {
1195+
* // Challenge: {
1196+
* // UsageOfAction: "ENABLED" || "DISABLED", // required
1197+
* // Sensitivity: "LOW" || "MEDIUM" || "HIGH",
1198+
* // ExemptUriRegularExpressions: [
1199+
* // {
1200+
* // RegexString: "STRING_VALUE",
1201+
* // },
1202+
* // ],
1203+
* // },
1204+
* // },
1205+
* // SensitivityToBlock: "LOW" || "MEDIUM" || "HIGH",
1206+
* // },
11651207
* // },
11661208
* // ],
11671209
* // RuleActionOverrides: [
@@ -1243,6 +1285,20 @@ export interface GetWebACLCommandOutput extends GetWebACLResponse, __MetadataBea
12431285
* // ResponseInspection: "<ResponseInspection>",
12441286
* // EnableRegexInPath: true || false,
12451287
* // },
1288+
* // AWSManagedRulesAntiDDoSRuleSet: {
1289+
* // ClientSideActionConfig: {
1290+
* // Challenge: {
1291+
* // UsageOfAction: "ENABLED" || "DISABLED", // required
1292+
* // Sensitivity: "LOW" || "MEDIUM" || "HIGH",
1293+
* // ExemptUriRegularExpressions: [
1294+
* // {
1295+
* // RegexString: "STRING_VALUE",
1296+
* // },
1297+
* // ],
1298+
* // },
1299+
* // },
1300+
* // SensitivityToBlock: "LOW" || "MEDIUM" || "HIGH",
1301+
* // },
12461302
* // },
12471303
* // ],
12481304
* // RuleActionOverrides: "<RuleActionOverrides>",
@@ -1293,6 +1349,9 @@ export interface GetWebACLCommandOutput extends GetWebACLResponse, __MetadataBea
12931349
* // },
12941350
* // },
12951351
* // RetrofittedByFirewallManager: true || false,
1352+
* // OnSourceDDoSProtectionConfig: { // OnSourceDDoSProtectionConfig
1353+
* // ALBLowReputationMode: "ACTIVE_UNDER_DDOS" || "ALWAYS_ON", // required
1354+
* // },
12961355
* // },
12971356
* // LockToken: "STRING_VALUE",
12981357
* // ApplicationIntegrationURL: "STRING_VALUE",

clients/client-wafv2/src/commands/GetWebACLForResourceCommand.ts

Lines changed: 59 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -773,6 +773,20 @@ export interface GetWebACLForResourceCommandOutput extends GetWebACLForResourceR
773773
* // },
774774
* // EnableRegexInPath: true || false,
775775
* // },
776+
* // AWSManagedRulesAntiDDoSRuleSet: { // AWSManagedRulesAntiDDoSRuleSet
777+
* // ClientSideActionConfig: { // ClientSideActionConfig
778+
* // Challenge: { // ClientSideAction
779+
* // UsageOfAction: "ENABLED" || "DISABLED", // required
780+
* // Sensitivity: "LOW" || "MEDIUM" || "HIGH",
781+
* // ExemptUriRegularExpressions: [ // RegularExpressionList
782+
* // { // Regex
783+
* // RegexString: "STRING_VALUE",
784+
* // },
785+
* // ],
786+
* // },
787+
* // },
788+
* // SensitivityToBlock: "LOW" || "MEDIUM" || "HIGH",
789+
* // },
776790
* // },
777791
* // ],
778792
* // RuleActionOverrides: [
@@ -990,6 +1004,20 @@ export interface GetWebACLForResourceCommandOutput extends GetWebACLForResourceR
9901004
* // },
9911005
* // EnableRegexInPath: true || false,
9921006
* // },
1007+
* // AWSManagedRulesAntiDDoSRuleSet: {
1008+
* // ClientSideActionConfig: {
1009+
* // Challenge: {
1010+
* // UsageOfAction: "ENABLED" || "DISABLED", // required
1011+
* // Sensitivity: "LOW" || "MEDIUM" || "HIGH",
1012+
* // ExemptUriRegularExpressions: [
1013+
* // {
1014+
* // RegexString: "STRING_VALUE",
1015+
* // },
1016+
* // ],
1017+
* // },
1018+
* // },
1019+
* // SensitivityToBlock: "LOW" || "MEDIUM" || "HIGH",
1020+
* // },
9931021
* // },
9941022
* // ],
9951023
* // RuleActionOverrides: [
@@ -1169,6 +1197,20 @@ export interface GetWebACLForResourceCommandOutput extends GetWebACLForResourceR
11691197
* // ResponseInspection: "<ResponseInspection>",
11701198
* // EnableRegexInPath: true || false,
11711199
* // },
1200+
* // AWSManagedRulesAntiDDoSRuleSet: {
1201+
* // ClientSideActionConfig: {
1202+
* // Challenge: {
1203+
* // UsageOfAction: "ENABLED" || "DISABLED", // required
1204+
* // Sensitivity: "LOW" || "MEDIUM" || "HIGH",
1205+
* // ExemptUriRegularExpressions: [
1206+
* // {
1207+
* // RegexString: "STRING_VALUE",
1208+
* // },
1209+
* // ],
1210+
* // },
1211+
* // },
1212+
* // SensitivityToBlock: "LOW" || "MEDIUM" || "HIGH",
1213+
* // },
11721214
* // },
11731215
* // ],
11741216
* // RuleActionOverrides: [
@@ -1250,6 +1292,20 @@ export interface GetWebACLForResourceCommandOutput extends GetWebACLForResourceR
12501292
* // ResponseInspection: "<ResponseInspection>",
12511293
* // EnableRegexInPath: true || false,
12521294
* // },
1295+
* // AWSManagedRulesAntiDDoSRuleSet: {
1296+
* // ClientSideActionConfig: {
1297+
* // Challenge: {
1298+
* // UsageOfAction: "ENABLED" || "DISABLED", // required
1299+
* // Sensitivity: "LOW" || "MEDIUM" || "HIGH",
1300+
* // ExemptUriRegularExpressions: [
1301+
* // {
1302+
* // RegexString: "STRING_VALUE",
1303+
* // },
1304+
* // ],
1305+
* // },
1306+
* // },
1307+
* // SensitivityToBlock: "LOW" || "MEDIUM" || "HIGH",
1308+
* // },
12531309
* // },
12541310
* // ],
12551311
* // RuleActionOverrides: "<RuleActionOverrides>",
@@ -1300,6 +1356,9 @@ export interface GetWebACLForResourceCommandOutput extends GetWebACLForResourceR
13001356
* // },
13011357
* // },
13021358
* // RetrofittedByFirewallManager: true || false,
1359+
* // OnSourceDDoSProtectionConfig: { // OnSourceDDoSProtectionConfig
1360+
* // ALBLowReputationMode: "ACTIVE_UNDER_DDOS" || "ALWAYS_ON", // required
1361+
* // },
13031362
* // },
13041363
* // };
13051364
*

0 commit comments

Comments
 (0)