Skip to content

Commit

Permalink
feat(client-wafv2): My AWS Service (placeholder) - You can now rate l…
Browse files Browse the repository at this point in the history 
…imit web requests based on aggregation keys other than IP addresses, and you can aggregate using combinations of keys. You can also rate limit all requests that match a scope-down statement, without further aggregation.
  • Loading branch information
awstools committed May 16, 2023
1 parent edd45f2 commit d3d15cf
Show file tree
Hide file tree
Showing 12 changed files with 1,132 additions and 81 deletions.
54 changes: 52 additions & 2 deletions clients/client-wafv2/src/commands/CheckCapacityCommand.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -429,7 +429,7 @@ export interface CheckCapacityCommandOutput extends CheckCapacityResponse, __Met
* },
* RateBasedStatement: { // RateBasedStatement
* Limit: Number("long"), // required
* AggregateKeyType: "IP" || "FORWARDED_IP", // required
* AggregateKeyType: "IP" || "FORWARDED_IP" || "CUSTOM_KEYS" || "CONSTANT", // required
* ScopeDownStatement: {
* ByteMatchStatement: {
* SearchString: "BLOB_VALUE", // required
Expand Down Expand Up @@ -512,12 +512,37 @@ export interface CheckCapacityCommandOutput extends CheckCapacityResponse, __Met
* },
* RateBasedStatement: {
* Limit: Number("long"), // required
* AggregateKeyType: "IP" || "FORWARDED_IP", // required
* AggregateKeyType: "IP" || "FORWARDED_IP" || "CUSTOM_KEYS" || "CONSTANT", // required
* ScopeDownStatement: "<Statement>",
* ForwardedIPConfig: {
* HeaderName: "STRING_VALUE", // required
* FallbackBehavior: "MATCH" || "NO_MATCH", // required
* },
* CustomKeys: [ // RateBasedStatementCustomKeys
* { // RateBasedStatementCustomKey
* Header: { // RateLimitHeader
* Name: "STRING_VALUE", // required
* TextTransformations: "<TextTransformations>", // required
* },
* Cookie: { // RateLimitCookie
* Name: "STRING_VALUE", // required
* TextTransformations: "<TextTransformations>", // required
* },
* QueryArgument: { // RateLimitQueryArgument
* Name: "STRING_VALUE", // required
* TextTransformations: "<TextTransformations>", // required
* },
* QueryString: { // RateLimitQueryString
* TextTransformations: "<TextTransformations>", // required
* },
* HTTPMethod: {},
* ForwardedIP: {},
* IP: {},
* LabelNamespace: { // RateLimitLabelNamespace
* Namespace: "STRING_VALUE", // required
* },
* },
* ],
* },
* AndStatement: { // AndStatement
* Statements: [ // Statements // required
Expand Down Expand Up @@ -646,6 +671,31 @@ export interface CheckCapacityCommandOutput extends CheckCapacityResponse, __Met
* HeaderName: "STRING_VALUE", // required
* FallbackBehavior: "MATCH" || "NO_MATCH", // required
* },
* CustomKeys: [
* {
* Header: {
* Name: "STRING_VALUE", // required
* TextTransformations: "<TextTransformations>", // required
* },
* Cookie: {
* Name: "STRING_VALUE", // required
* TextTransformations: "<TextTransformations>", // required
* },
* QueryArgument: {
* Name: "STRING_VALUE", // required
* TextTransformations: "<TextTransformations>", // required
* },
* QueryString: {
* TextTransformations: "<TextTransformations>", // required
* },
* HTTPMethod: {},
* ForwardedIP: {},
* IP: {},
* LabelNamespace: {
* Namespace: "STRING_VALUE", // required
* },
* },
* ],
* },
* AndStatement: {
* Statements: [ // required
Expand Down
54 changes: 52 additions & 2 deletions clients/client-wafv2/src/commands/CreateRuleGroupCommand.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -422,7 +422,7 @@ export interface CreateRuleGroupCommandOutput extends CreateRuleGroupResponse, _
* },
* RateBasedStatement: { // RateBasedStatement
* Limit: Number("long"), // required
* AggregateKeyType: "IP" || "FORWARDED_IP", // required
* AggregateKeyType: "IP" || "FORWARDED_IP" || "CUSTOM_KEYS" || "CONSTANT", // required
* ScopeDownStatement: {
* ByteMatchStatement: {
* SearchString: "BLOB_VALUE", // required
Expand Down Expand Up @@ -505,12 +505,37 @@ export interface CreateRuleGroupCommandOutput extends CreateRuleGroupResponse, _
* },
* RateBasedStatement: {
* Limit: Number("long"), // required
* AggregateKeyType: "IP" || "FORWARDED_IP", // required
* AggregateKeyType: "IP" || "FORWARDED_IP" || "CUSTOM_KEYS" || "CONSTANT", // required
* ScopeDownStatement: "<Statement>",
* ForwardedIPConfig: {
* HeaderName: "STRING_VALUE", // required
* FallbackBehavior: "MATCH" || "NO_MATCH", // required
* },
* CustomKeys: [ // RateBasedStatementCustomKeys
* { // RateBasedStatementCustomKey
* Header: { // RateLimitHeader
* Name: "STRING_VALUE", // required
* TextTransformations: "<TextTransformations>", // required
* },
* Cookie: { // RateLimitCookie
* Name: "STRING_VALUE", // required
* TextTransformations: "<TextTransformations>", // required
* },
* QueryArgument: { // RateLimitQueryArgument
* Name: "STRING_VALUE", // required
* TextTransformations: "<TextTransformations>", // required
* },
* QueryString: { // RateLimitQueryString
* TextTransformations: "<TextTransformations>", // required
* },
* HTTPMethod: {},
* ForwardedIP: {},
* IP: {},
* LabelNamespace: { // RateLimitLabelNamespace
* Namespace: "STRING_VALUE", // required
* },
* },
* ],
* },
* AndStatement: { // AndStatement
* Statements: [ // Statements // required
Expand Down Expand Up @@ -639,6 +664,31 @@ export interface CreateRuleGroupCommandOutput extends CreateRuleGroupResponse, _
* HeaderName: "STRING_VALUE", // required
* FallbackBehavior: "MATCH" || "NO_MATCH", // required
* },
* CustomKeys: [
* {
* Header: {
* Name: "STRING_VALUE", // required
* TextTransformations: "<TextTransformations>", // required
* },
* Cookie: {
* Name: "STRING_VALUE", // required
* TextTransformations: "<TextTransformations>", // required
* },
* QueryArgument: {
* Name: "STRING_VALUE", // required
* TextTransformations: "<TextTransformations>", // required
* },
* QueryString: {
* TextTransformations: "<TextTransformations>", // required
* },
* HTTPMethod: {},
* ForwardedIP: {},
* IP: {},
* LabelNamespace: {
* Namespace: "STRING_VALUE", // required
* },
* },
* ],
* },
* AndStatement: {
* Statements: [ // required
Expand Down
54 changes: 52 additions & 2 deletions clients/client-wafv2/src/commands/CreateWebACLCommand.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -435,7 +435,7 @@ export interface CreateWebACLCommandOutput extends CreateWebACLResponse, __Metad
* },
* RateBasedStatement: { // RateBasedStatement
* Limit: Number("long"), // required
* AggregateKeyType: "IP" || "FORWARDED_IP", // required
* AggregateKeyType: "IP" || "FORWARDED_IP" || "CUSTOM_KEYS" || "CONSTANT", // required
* ScopeDownStatement: {
* ByteMatchStatement: {
* SearchString: "BLOB_VALUE", // required
Expand Down Expand Up @@ -508,12 +508,37 @@ export interface CreateWebACLCommandOutput extends CreateWebACLResponse, __Metad
* },
* RateBasedStatement: {
* Limit: Number("long"), // required
* AggregateKeyType: "IP" || "FORWARDED_IP", // required
* AggregateKeyType: "IP" || "FORWARDED_IP" || "CUSTOM_KEYS" || "CONSTANT", // required
* ScopeDownStatement: "<Statement>",
* ForwardedIPConfig: {
* HeaderName: "STRING_VALUE", // required
* FallbackBehavior: "MATCH" || "NO_MATCH", // required
* },
* CustomKeys: [ // RateBasedStatementCustomKeys
* { // RateBasedStatementCustomKey
* Header: { // RateLimitHeader
* Name: "STRING_VALUE", // required
* TextTransformations: "<TextTransformations>", // required
* },
* Cookie: { // RateLimitCookie
* Name: "STRING_VALUE", // required
* TextTransformations: "<TextTransformations>", // required
* },
* QueryArgument: { // RateLimitQueryArgument
* Name: "STRING_VALUE", // required
* TextTransformations: "<TextTransformations>", // required
* },
* QueryString: { // RateLimitQueryString
* TextTransformations: "<TextTransformations>", // required
* },
* HTTPMethod: {},
* ForwardedIP: {},
* IP: {},
* LabelNamespace: { // RateLimitLabelNamespace
* Namespace: "STRING_VALUE", // required
* },
* },
* ],
* },
* AndStatement: { // AndStatement
* Statements: [ // Statements // required
Expand Down Expand Up @@ -634,6 +659,31 @@ export interface CreateWebACLCommandOutput extends CreateWebACLResponse, __Metad
* HeaderName: "STRING_VALUE", // required
* FallbackBehavior: "MATCH" || "NO_MATCH", // required
* },
* CustomKeys: [
* {
* Header: {
* Name: "STRING_VALUE", // required
* TextTransformations: "<TextTransformations>", // required
* },
* Cookie: {
* Name: "STRING_VALUE", // required
* TextTransformations: "<TextTransformations>", // required
* },
* QueryArgument: {
* Name: "STRING_VALUE", // required
* TextTransformations: "<TextTransformations>", // required
* },
* QueryString: {
* TextTransformations: "<TextTransformations>", // required
* },
* HTTPMethod: {},
* ForwardedIP: {},
* IP: {},
* LabelNamespace: {
* Namespace: "STRING_VALUE", // required
* },
* },
* ],
* },
* AndStatement: {
* Statements: [ // required
Expand Down
11 changes: 9 additions & 2 deletions clients/client-wafv2/src/commands/GetRateBasedStatementManagedKeysCommand.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -37,8 +37,11 @@ export interface GetRateBasedStatementManagedKeysCommandOutput

/**
* @public
* <p>Retrieves the keys that are currently blocked by a rate-based rule instance. The maximum
* number of managed keys that can be blocked for a single rate-based rule instance is 10,000.
* <p>Retrieves the IP addresses that are currently blocked by a rate-based rule instance. This
* is only available for rate-based rules that aggregate solely on the IP address or on the forwarded IP
* address. </p>
* <p>The maximum
* number of addresses that can be blocked for a single rate-based rule instance is 10,000.
* If more than 10,000 addresses exceed the rate limit, those with the highest rates are
* blocked.</p>
* <p>For a rate-based rule that you've defined inside a rule group, provide the name of the
Expand Down Expand Up @@ -123,6 +126,10 @@ export interface GetRateBasedStatementManagedKeysCommandOutput
* just need to wait a few minutes. It can take from a few seconds to a number of minutes
* for changes to propagate. </p>
*
* @throws {@link WAFUnsupportedAggregateKeyTypeException} (client fault)
* <p>The rule that you've named doesn't aggregate solely on the IP address or solely on the forwarded IP address. This call
* is only available for rate-based rules with an <code>AggregateKeyType</code> setting of <code>IP</code> or <code>FORWARDED_IP</code>.</p>
*
* @throws {@link WAFV2ServiceException}
* <p>Base exception class for all service exceptions from WAFV2 service.</p>
*
Expand Down
54 changes: 52 additions & 2 deletions clients/client-wafv2/src/commands/GetRuleGroupCommand.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -431,7 +431,7 @@ export interface GetRuleGroupCommandOutput extends GetRuleGroupResponse, __Metad
* // },
* // RateBasedStatement: { // RateBasedStatement
* // Limit: Number("long"), // required
* // AggregateKeyType: "IP" || "FORWARDED_IP", // required
* // AggregateKeyType: "IP" || "FORWARDED_IP" || "CUSTOM_KEYS" || "CONSTANT", // required
* // ScopeDownStatement: {
* // ByteMatchStatement: {
* // SearchString: "BLOB_VALUE", // required
Expand Down Expand Up @@ -514,12 +514,37 @@ export interface GetRuleGroupCommandOutput extends GetRuleGroupResponse, __Metad
* // },
* // RateBasedStatement: {
* // Limit: Number("long"), // required
* // AggregateKeyType: "IP" || "FORWARDED_IP", // required
* // AggregateKeyType: "IP" || "FORWARDED_IP" || "CUSTOM_KEYS" || "CONSTANT", // required
* // ScopeDownStatement: "<Statement>",
* // ForwardedIPConfig: {
* // HeaderName: "STRING_VALUE", // required
* // FallbackBehavior: "MATCH" || "NO_MATCH", // required
* // },
* // CustomKeys: [ // RateBasedStatementCustomKeys
* // { // RateBasedStatementCustomKey
* // Header: { // RateLimitHeader
* // Name: "STRING_VALUE", // required
* // TextTransformations: "<TextTransformations>", // required
* // },
* // Cookie: { // RateLimitCookie
* // Name: "STRING_VALUE", // required
* // TextTransformations: "<TextTransformations>", // required
* // },
* // QueryArgument: { // RateLimitQueryArgument
* // Name: "STRING_VALUE", // required
* // TextTransformations: "<TextTransformations>", // required
* // },
* // QueryString: { // RateLimitQueryString
* // TextTransformations: "<TextTransformations>", // required
* // },
* // HTTPMethod: {},
* // ForwardedIP: {},
* // IP: {},
* // LabelNamespace: { // RateLimitLabelNamespace
* // Namespace: "STRING_VALUE", // required
* // },
* // },
* // ],
* // },
* // AndStatement: { // AndStatement
* // Statements: [ // Statements // required
Expand Down Expand Up @@ -648,6 +673,31 @@ export interface GetRuleGroupCommandOutput extends GetRuleGroupResponse, __Metad
* // HeaderName: "STRING_VALUE", // required
* // FallbackBehavior: "MATCH" || "NO_MATCH", // required
* // },
* // CustomKeys: [
* // {
* // Header: {
* // Name: "STRING_VALUE", // required
* // TextTransformations: "<TextTransformations>", // required
* // },
* // Cookie: {
* // Name: "STRING_VALUE", // required
* // TextTransformations: "<TextTransformations>", // required
* // },
* // QueryArgument: {
* // Name: "STRING_VALUE", // required
* // TextTransformations: "<TextTransformations>", // required
* // },
* // QueryString: {
* // TextTransformations: "<TextTransformations>", // required
* // },
* // HTTPMethod: {},
* // ForwardedIP: {},
* // IP: {},
* // LabelNamespace: {
* // Namespace: "STRING_VALUE", // required
* // },
* // },
* // ],
* // },
* // AndStatement: {
* // Statements: [ // required
Expand Down
Loading

0 comments on commit d3d15cf

Please sign in to comment.