File Coverage

blib/lib/Paws/WAFRegional.pm

Criterion	Covered	Total	%
statement	3	3	100.0
branch			n/a
condition			n/a
subroutine	1	1	100.0
pod			n/a
total	4	4	100.0

line	stmt	sub	time	code
1				package Paws::WAFRegional;
2	1	1	9686	use Moose;
	1		5
	1		32
3				sub service { 'waf-regional' }
4				sub version { '2016-11-28' }
5				sub target_prefix { 'AWSWAF_Regional_20161128' }
6				sub json_version { "1.1" }
7				has max_attempts => (is => 'ro', isa => 'Int', default => 5);
8				has retry => (is => 'ro', isa => 'HashRef', default => sub {
9				{ base => 'rand', type => 'exponential', growth_factor => 2 }
10				});
11				has retriables => (is => 'ro', isa => 'ArrayRef', default => sub { [
12				] });
13
14				with 'Paws::API::Caller', 'Paws::API::EndpointResolver', 'Paws::Net::V4Signature', 'Paws::Net::JsonCaller', 'Paws::Net::JsonResponse';
15
16
17				sub AssociateWebACL {
18				my $self = shift;
19				my $call_object = $self->new_with_coercions('Paws::WAFRegional::AssociateWebACL', @_);
20				return $self->caller->do_call($self, $call_object);
21				}
22				sub CreateByteMatchSet {
23				my $self = shift;
24				my $call_object = $self->new_with_coercions('Paws::WAFRegional::CreateByteMatchSet', @_);
25				return $self->caller->do_call($self, $call_object);
26				}
27				sub CreateIPSet {
28				my $self = shift;
29				my $call_object = $self->new_with_coercions('Paws::WAFRegional::CreateIPSet', @_);
30				return $self->caller->do_call($self, $call_object);
31				}
32				sub CreateRateBasedRule {
33				my $self = shift;
34				my $call_object = $self->new_with_coercions('Paws::WAFRegional::CreateRateBasedRule', @_);
35				return $self->caller->do_call($self, $call_object);
36				}
37				sub CreateRule {
38				my $self = shift;
39				my $call_object = $self->new_with_coercions('Paws::WAFRegional::CreateRule', @_);
40				return $self->caller->do_call($self, $call_object);
41				}
42				sub CreateSizeConstraintSet {
43				my $self = shift;
44				my $call_object = $self->new_with_coercions('Paws::WAFRegional::CreateSizeConstraintSet', @_);
45				return $self->caller->do_call($self, $call_object);
46				}
47				sub CreateSqlInjectionMatchSet {
48				my $self = shift;
49				my $call_object = $self->new_with_coercions('Paws::WAFRegional::CreateSqlInjectionMatchSet', @_);
50				return $self->caller->do_call($self, $call_object);
51				}
52				sub CreateWebACL {
53				my $self = shift;
54				my $call_object = $self->new_with_coercions('Paws::WAFRegional::CreateWebACL', @_);
55				return $self->caller->do_call($self, $call_object);
56				}
57				sub CreateXssMatchSet {
58				my $self = shift;
59				my $call_object = $self->new_with_coercions('Paws::WAFRegional::CreateXssMatchSet', @_);
60				return $self->caller->do_call($self, $call_object);
61				}
62				sub DeleteByteMatchSet {
63				my $self = shift;
64				my $call_object = $self->new_with_coercions('Paws::WAFRegional::DeleteByteMatchSet', @_);
65				return $self->caller->do_call($self, $call_object);
66				}
67				sub DeleteIPSet {
68				my $self = shift;
69				my $call_object = $self->new_with_coercions('Paws::WAFRegional::DeleteIPSet', @_);
70				return $self->caller->do_call($self, $call_object);
71				}
72				sub DeleteRateBasedRule {
73				my $self = shift;
74				my $call_object = $self->new_with_coercions('Paws::WAFRegional::DeleteRateBasedRule', @_);
75				return $self->caller->do_call($self, $call_object);
76				}
77				sub DeleteRule {
78				my $self = shift;
79				my $call_object = $self->new_with_coercions('Paws::WAFRegional::DeleteRule', @_);
80				return $self->caller->do_call($self, $call_object);
81				}
82				sub DeleteSizeConstraintSet {
83				my $self = shift;
84				my $call_object = $self->new_with_coercions('Paws::WAFRegional::DeleteSizeConstraintSet', @_);
85				return $self->caller->do_call($self, $call_object);
86				}
87				sub DeleteSqlInjectionMatchSet {
88				my $self = shift;
89				my $call_object = $self->new_with_coercions('Paws::WAFRegional::DeleteSqlInjectionMatchSet', @_);
90				return $self->caller->do_call($self, $call_object);
91				}
92				sub DeleteWebACL {
93				my $self = shift;
94				my $call_object = $self->new_with_coercions('Paws::WAFRegional::DeleteWebACL', @_);
95				return $self->caller->do_call($self, $call_object);
96				}
97				sub DeleteXssMatchSet {
98				my $self = shift;
99				my $call_object = $self->new_with_coercions('Paws::WAFRegional::DeleteXssMatchSet', @_);
100				return $self->caller->do_call($self, $call_object);
101				}
102				sub DisassociateWebACL {
103				my $self = shift;
104				my $call_object = $self->new_with_coercions('Paws::WAFRegional::DisassociateWebACL', @_);
105				return $self->caller->do_call($self, $call_object);
106				}
107				sub GetByteMatchSet {
108				my $self = shift;
109				my $call_object = $self->new_with_coercions('Paws::WAFRegional::GetByteMatchSet', @_);
110				return $self->caller->do_call($self, $call_object);
111				}
112				sub GetChangeToken {
113				my $self = shift;
114				my $call_object = $self->new_with_coercions('Paws::WAFRegional::GetChangeToken', @_);
115				return $self->caller->do_call($self, $call_object);
116				}
117				sub GetChangeTokenStatus {
118				my $self = shift;
119				my $call_object = $self->new_with_coercions('Paws::WAFRegional::GetChangeTokenStatus', @_);
120				return $self->caller->do_call($self, $call_object);
121				}
122				sub GetIPSet {
123				my $self = shift;
124				my $call_object = $self->new_with_coercions('Paws::WAFRegional::GetIPSet', @_);
125				return $self->caller->do_call($self, $call_object);
126				}
127				sub GetRateBasedRule {
128				my $self = shift;
129				my $call_object = $self->new_with_coercions('Paws::WAFRegional::GetRateBasedRule', @_);
130				return $self->caller->do_call($self, $call_object);
131				}
132				sub GetRateBasedRuleManagedKeys {
133				my $self = shift;
134				my $call_object = $self->new_with_coercions('Paws::WAFRegional::GetRateBasedRuleManagedKeys', @_);
135				return $self->caller->do_call($self, $call_object);
136				}
137				sub GetRule {
138				my $self = shift;
139				my $call_object = $self->new_with_coercions('Paws::WAFRegional::GetRule', @_);
140				return $self->caller->do_call($self, $call_object);
141				}
142				sub GetSampledRequests {
143				my $self = shift;
144				my $call_object = $self->new_with_coercions('Paws::WAFRegional::GetSampledRequests', @_);
145				return $self->caller->do_call($self, $call_object);
146				}
147				sub GetSizeConstraintSet {
148				my $self = shift;
149				my $call_object = $self->new_with_coercions('Paws::WAFRegional::GetSizeConstraintSet', @_);
150				return $self->caller->do_call($self, $call_object);
151				}
152				sub GetSqlInjectionMatchSet {
153				my $self = shift;
154				my $call_object = $self->new_with_coercions('Paws::WAFRegional::GetSqlInjectionMatchSet', @_);
155				return $self->caller->do_call($self, $call_object);
156				}
157				sub GetWebACL {
158				my $self = shift;
159				my $call_object = $self->new_with_coercions('Paws::WAFRegional::GetWebACL', @_);
160				return $self->caller->do_call($self, $call_object);
161				}
162				sub GetWebACLForResource {
163				my $self = shift;
164				my $call_object = $self->new_with_coercions('Paws::WAFRegional::GetWebACLForResource', @_);
165				return $self->caller->do_call($self, $call_object);
166				}
167				sub GetXssMatchSet {
168				my $self = shift;
169				my $call_object = $self->new_with_coercions('Paws::WAFRegional::GetXssMatchSet', @_);
170				return $self->caller->do_call($self, $call_object);
171				}
172				sub ListByteMatchSets {
173				my $self = shift;
174				my $call_object = $self->new_with_coercions('Paws::WAFRegional::ListByteMatchSets', @_);
175				return $self->caller->do_call($self, $call_object);
176				}
177				sub ListIPSets {
178				my $self = shift;
179				my $call_object = $self->new_with_coercions('Paws::WAFRegional::ListIPSets', @_);
180				return $self->caller->do_call($self, $call_object);
181				}
182				sub ListRateBasedRules {
183				my $self = shift;
184				my $call_object = $self->new_with_coercions('Paws::WAFRegional::ListRateBasedRules', @_);
185				return $self->caller->do_call($self, $call_object);
186				}
187				sub ListResourcesForWebACL {
188				my $self = shift;
189				my $call_object = $self->new_with_coercions('Paws::WAFRegional::ListResourcesForWebACL', @_);
190				return $self->caller->do_call($self, $call_object);
191				}
192				sub ListRules {
193				my $self = shift;
194				my $call_object = $self->new_with_coercions('Paws::WAFRegional::ListRules', @_);
195				return $self->caller->do_call($self, $call_object);
196				}
197				sub ListSizeConstraintSets {
198				my $self = shift;
199				my $call_object = $self->new_with_coercions('Paws::WAFRegional::ListSizeConstraintSets', @_);
200				return $self->caller->do_call($self, $call_object);
201				}
202				sub ListSqlInjectionMatchSets {
203				my $self = shift;
204				my $call_object = $self->new_with_coercions('Paws::WAFRegional::ListSqlInjectionMatchSets', @_);
205				return $self->caller->do_call($self, $call_object);
206				}
207				sub ListWebACLs {
208				my $self = shift;
209				my $call_object = $self->new_with_coercions('Paws::WAFRegional::ListWebACLs', @_);
210				return $self->caller->do_call($self, $call_object);
211				}
212				sub ListXssMatchSets {
213				my $self = shift;
214				my $call_object = $self->new_with_coercions('Paws::WAFRegional::ListXssMatchSets', @_);
215				return $self->caller->do_call($self, $call_object);
216				}
217				sub UpdateByteMatchSet {
218				my $self = shift;
219				my $call_object = $self->new_with_coercions('Paws::WAFRegional::UpdateByteMatchSet', @_);
220				return $self->caller->do_call($self, $call_object);
221				}
222				sub UpdateIPSet {
223				my $self = shift;
224				my $call_object = $self->new_with_coercions('Paws::WAFRegional::UpdateIPSet', @_);
225				return $self->caller->do_call($self, $call_object);
226				}
227				sub UpdateRateBasedRule {
228				my $self = shift;
229				my $call_object = $self->new_with_coercions('Paws::WAFRegional::UpdateRateBasedRule', @_);
230				return $self->caller->do_call($self, $call_object);
231				}
232				sub UpdateRule {
233				my $self = shift;
234				my $call_object = $self->new_with_coercions('Paws::WAFRegional::UpdateRule', @_);
235				return $self->caller->do_call($self, $call_object);
236				}
237				sub UpdateSizeConstraintSet {
238				my $self = shift;
239				my $call_object = $self->new_with_coercions('Paws::WAFRegional::UpdateSizeConstraintSet', @_);
240				return $self->caller->do_call($self, $call_object);
241				}
242				sub UpdateSqlInjectionMatchSet {
243				my $self = shift;
244				my $call_object = $self->new_with_coercions('Paws::WAFRegional::UpdateSqlInjectionMatchSet', @_);
245				return $self->caller->do_call($self, $call_object);
246				}
247				sub UpdateWebACL {
248				my $self = shift;
249				my $call_object = $self->new_with_coercions('Paws::WAFRegional::UpdateWebACL', @_);
250				return $self->caller->do_call($self, $call_object);
251				}
252				sub UpdateXssMatchSet {
253				my $self = shift;
254				my $call_object = $self->new_with_coercions('Paws::WAFRegional::UpdateXssMatchSet', @_);
255				return $self->caller->do_call($self, $call_object);
256				}
257
258
259
260				sub operations { qw/AssociateWebACL CreateByteMatchSet CreateIPSet CreateRateBasedRule CreateRule CreateSizeConstraintSet CreateSqlInjectionMatchSet CreateWebACL CreateXssMatchSet DeleteByteMatchSet DeleteIPSet DeleteRateBasedRule DeleteRule DeleteSizeConstraintSet DeleteSqlInjectionMatchSet DeleteWebACL DeleteXssMatchSet DisassociateWebACL GetByteMatchSet GetChangeToken GetChangeTokenStatus GetIPSet GetRateBasedRule GetRateBasedRuleManagedKeys GetRule GetSampledRequests GetSizeConstraintSet GetSqlInjectionMatchSet GetWebACL GetWebACLForResource GetXssMatchSet ListByteMatchSets ListIPSets ListRateBasedRules ListResourcesForWebACL ListRules ListSizeConstraintSets ListSqlInjectionMatchSets ListWebACLs ListXssMatchSets UpdateByteMatchSet UpdateIPSet UpdateRateBasedRule UpdateRule UpdateSizeConstraintSet UpdateSqlInjectionMatchSet UpdateWebACL UpdateXssMatchSet / }
261
262				1;
263
264				### main pod documentation begin ###
265
266				=head1 NAME
267
268				Paws::WAFRegional - Perl Interface to AWS AWS WAF Regional
269
270				=head1 SYNOPSIS
271
272				use Paws;
273
274				my $obj = Paws->service('WAFRegional');
275				my $res = $obj->Method(
276				Arg1 => $val1,
277				Arg2 => [ 'V1', 'V2' ],
278				# if Arg3 is an object, the HashRef will be used as arguments to the constructor
279				# of the arguments type
280				Arg3 => { Att1 => 'Val1' },
281				# if Arg4 is an array of objects, the HashRefs will be passed as arguments to
282				# the constructor of the arguments type
283				Arg4 => [ { Att1 => 'Val1' }, { Att1 => 'Val2' } ],
284				);
285
286				=head1 DESCRIPTION
287
288				This is the I<AWS WAF Regional API Reference> for using AWS WAF with
289				Elastic Load Balancing (ELB) Application Load Balancers. The AWS WAF
290				actions and data types listed in the reference are available for
291				protecting Application Load Balancers. You can use these actions and
292				data types by means of the endpoints listed in AWS Regions and
293				Endpoints. This guide is for developers who need detailed information
294				about the AWS WAF API actions, data types, and errors. For detailed
295				information about AWS WAF features and an overview of how to use the
296				AWS WAF API, see the AWS WAF Developer Guide.
297
298				=head1 METHODS
299
300				=head2 AssociateWebACL(ResourceArn => Str, WebACLId => Str)
301
302				Each argument is described in detail in: L<Paws::WAFRegional::AssociateWebACL>
303
304				Returns: a L<Paws::WAFRegional::AssociateWebACLResponse> instance
305
306				Associates a web ACL with a resource.
307
308
309				=head2 CreateByteMatchSet(ChangeToken => Str, Name => Str)
310
311				Each argument is described in detail in: L<Paws::WAFRegional::CreateByteMatchSet>
312
313				Returns: a L<Paws::WAFRegional::CreateByteMatchSetResponse> instance
314
315				Creates a C<ByteMatchSet>. You then use UpdateByteMatchSet to identify
316				the part of a web request that you want AWS WAF to inspect, such as the
317				values of the C<User-Agent> header or the query string. For example,
318				you can create a C<ByteMatchSet> that matches any requests with
319				C<User-Agent> headers that contain the string C<BadBot>. You can then
320				configure AWS WAF to reject those requests.
321
322				To create and configure a C<ByteMatchSet>, perform the following steps:
323
324				=over
325
326				=item 1.
327
328				Use GetChangeToken to get the change token that you provide in the
329				C<ChangeToken> parameter of a C<CreateByteMatchSet> request.
330
331				=item 2.
332
333				Submit a C<CreateByteMatchSet> request.
334
335				=item 3.
336
337				Use C<GetChangeToken> to get the change token that you provide in the
338				C<ChangeToken> parameter of an C<UpdateByteMatchSet> request.
339
340				=item 4.
341
342				Submit an UpdateByteMatchSet request to specify the part of the request
343				that you want AWS WAF to inspect (for example, the header or the URI)
344				and the value that you want AWS WAF to watch for.
345
346				=back
347
348				For more information about how to use the AWS WAF API to allow or block
349				HTTP requests, see the AWS WAF Developer Guide.
350
351
352				=head2 CreateIPSet(ChangeToken => Str, Name => Str)
353
354				Each argument is described in detail in: L<Paws::WAFRegional::CreateIPSet>
355
356				Returns: a L<Paws::WAFRegional::CreateIPSetResponse> instance
357
358				Creates an IPSet, which you use to specify which web requests you want
359				to allow or block based on the IP addresses that the requests originate
360				from. For example, if you're receiving a lot of requests from one or
361				more individual IP addresses or one or more ranges of IP addresses and
362				you want to block the requests, you can create an C<IPSet> that
363				contains those IP addresses and then configure AWS WAF to block the
364				requests.
365
366				To create and configure an C<IPSet>, perform the following steps:
367
368				=over
369
370				=item 1.
371
372				Use GetChangeToken to get the change token that you provide in the
373				C<ChangeToken> parameter of a C<CreateIPSet> request.
374
375				=item 2.
376
377				Submit a C<CreateIPSet> request.
378
379				=item 3.
380
381				Use C<GetChangeToken> to get the change token that you provide in the
382				C<ChangeToken> parameter of an UpdateIPSet request.
383
384				=item 4.
385
386				Submit an C<UpdateIPSet> request to specify the IP addresses that you
387				want AWS WAF to watch for.
388
389				=back
390
391				For more information about how to use the AWS WAF API to allow or block
392				HTTP requests, see the AWS WAF Developer Guide.
393
394
395				=head2 CreateRateBasedRule(ChangeToken => Str, MetricName => Str, Name => Str, RateKey => Str, RateLimit => Int)
396
397				Each argument is described in detail in: L<Paws::WAFRegional::CreateRateBasedRule>
398
399				Returns: a L<Paws::WAFRegional::CreateRateBasedRuleResponse> instance
400
401				Creates a RateBasedRule. The C<RateBasedRule> contains a C<RateLimit>,
402				which specifies the maximum number of requests that AWS WAF allows from
403				a specified IP address in a five-minute period. The C<RateBasedRule>
404				also contains the C<IPSet> objects, C<ByteMatchSet> objects, and other
405				predicates that identify the requests that you want to count or block
406				if these requests exceed the C<RateLimit>.
407
408				If you add more than one predicate to a C<RateBasedRule>, a request not
409				only must exceed the C<RateLimit>, but it also must match all the
410				specifications to be counted or blocked. For example, suppose you add
411				the following to a C<RateBasedRule>:
412
413				=over
414
415				=item *
416
417				An C<IPSet> that matches the IP address C<192.0.2.44/32>
418
419				=item *
420
421				A C<ByteMatchSet> that matches C<BadBot> in the C<User-Agent> header
422
423				=back
424
425				Further, you specify a C<RateLimit> of 15,000.
426
427				You then add the C<RateBasedRule> to a C<WebACL> and specify that you
428				want to block requests that meet the conditions in the rule. For a
429				request to be blocked, it must come from the IP address 192.0.2.44
430				I<and> the C<User-Agent> header in the request must contain the value
431				C<BadBot>. Further, requests that match these two conditions must be
432				received at a rate of more than 15,000 requests every five minutes. If
433				both conditions are met and the rate is exceeded, AWS WAF blocks the
434				requests. If the rate drops below 15,000 for a five-minute period, AWS
435				WAF no longer blocks the requests.
436
437				As a second example, suppose you want to limit requests to a particular
438				page on your site. To do this, you could add the following to a
439				C<RateBasedRule>:
440
441				=over
442
443				=item *
444
445				A C<ByteMatchSet> with C<FieldToMatch> of C<URI>
446
447				=item *
448
449				A C<PositionalConstraint> of C<STARTS_WITH>
450
451				=item *
452
453				A C<TargetString> of C<login>
454
455				=back
456
457				Further, you specify a C<RateLimit> of 15,000.
458
459				By adding this C<RateBasedRule> to a C<WebACL>, you could limit
460				requests to your login page without affecting the rest of your site.
461
462				To create and configure a C<RateBasedRule>, perform the following
463				steps:
464
465				=over
466
467				=item 1.
468
469				Create and update the predicates that you want to include in the rule.
470				For more information, see CreateByteMatchSet, CreateIPSet, and
471				CreateSqlInjectionMatchSet.
472
473				=item 2.
474
475				Use GetChangeToken to get the change token that you provide in the
476				C<ChangeToken> parameter of a C<CreateRule> request.
477
478				=item 3.
479
480				Submit a C<CreateRateBasedRule> request.
481
482				=item 4.
483
484				Use C<GetChangeToken> to get the change token that you provide in the
485				C<ChangeToken> parameter of an UpdateRule request.
486
487				=item 5.
488
489				Submit an C<UpdateRateBasedRule> request to specify the predicates that
490				you want to include in the rule.
491
492				=item 6.
493
494				Create and update a C<WebACL> that contains the C<RateBasedRule>. For
495				more information, see CreateWebACL.
496
497				=back
498
499				For more information about how to use the AWS WAF API to allow or block
500				HTTP requests, see the AWS WAF Developer Guide.
501
502
503				=head2 CreateRule(ChangeToken => Str, MetricName => Str, Name => Str)
504
505				Each argument is described in detail in: L<Paws::WAFRegional::CreateRule>
506
507				Returns: a L<Paws::WAFRegional::CreateRuleResponse> instance
508
509				Creates a C<Rule>, which contains the C<IPSet> objects, C<ByteMatchSet>
510				objects, and other predicates that identify the requests that you want
511				to block. If you add more than one predicate to a C<Rule>, a request
512				must match all of the specifications to be allowed or blocked. For
513				example, suppose you add the following to a C<Rule>:
514
515				=over
516
517				=item *
518
519				An C<IPSet> that matches the IP address C<192.0.2.44/32>
520
521				=item *
522
523				A C<ByteMatchSet> that matches C<BadBot> in the C<User-Agent> header
524
525				=back
526
527				You then add the C<Rule> to a C<WebACL> and specify that you want to
528				blocks requests that satisfy the C<Rule>. For a request to be blocked,
529				it must come from the IP address 192.0.2.44 I<and> the C<User-Agent>
530				header in the request must contain the value C<BadBot>.
531
532				To create and configure a C<Rule>, perform the following steps:
533
534				=over
535
536				=item 1.
537
538				Create and update the predicates that you want to include in the
539				C<Rule>. For more information, see CreateByteMatchSet, CreateIPSet, and
540				CreateSqlInjectionMatchSet.
541
542				=item 2.
543
544				Use GetChangeToken to get the change token that you provide in the
545				C<ChangeToken> parameter of a C<CreateRule> request.
546
547				=item 3.
548
549				Submit a C<CreateRule> request.
550
551				=item 4.
552
553				Use C<GetChangeToken> to get the change token that you provide in the
554				C<ChangeToken> parameter of an UpdateRule request.
555
556				=item 5.
557
558				Submit an C<UpdateRule> request to specify the predicates that you want
559				to include in the C<Rule>.
560
561				=item 6.
562
563				Create and update a C<WebACL> that contains the C<Rule>. For more
564				information, see CreateWebACL.
565
566				=back
567
568				For more information about how to use the AWS WAF API to allow or block
569				HTTP requests, see the AWS WAF Developer Guide.
570
571
572				=head2 CreateSizeConstraintSet(ChangeToken => Str, Name => Str)
573
574				Each argument is described in detail in: L<Paws::WAFRegional::CreateSizeConstraintSet>
575
576				Returns: a L<Paws::WAFRegional::CreateSizeConstraintSetResponse> instance
577
578				Creates a C<SizeConstraintSet>. You then use UpdateSizeConstraintSet to
579				identify the part of a web request that you want AWS WAF to check for
580				length, such as the length of the C<User-Agent> header or the length of
581				the query string. For example, you can create a C<SizeConstraintSet>
582				that matches any requests that have a query string that is longer than
583				100 bytes. You can then configure AWS WAF to reject those requests.
584
585				To create and configure a C<SizeConstraintSet>, perform the following
586				steps:
587
588				=over
589
590				=item 1.
591
592				Use GetChangeToken to get the change token that you provide in the
593				C<ChangeToken> parameter of a C<CreateSizeConstraintSet> request.
594
595				=item 2.
596
597				Submit a C<CreateSizeConstraintSet> request.
598
599				=item 3.
600
601				Use C<GetChangeToken> to get the change token that you provide in the
602				C<ChangeToken> parameter of an C<UpdateSizeConstraintSet> request.
603
604				=item 4.
605
606				Submit an UpdateSizeConstraintSet request to specify the part of the
607				request that you want AWS WAF to inspect (for example, the header or
608				the URI) and the value that you want AWS WAF to watch for.
609
610				=back
611
612				For more information about how to use the AWS WAF API to allow or block
613				HTTP requests, see the AWS WAF Developer Guide.
614
615
616				=head2 CreateSqlInjectionMatchSet(ChangeToken => Str, Name => Str)
617
618				Each argument is described in detail in: L<Paws::WAFRegional::CreateSqlInjectionMatchSet>
619
620				Returns: a L<Paws::WAFRegional::CreateSqlInjectionMatchSetResponse> instance
621
622				Creates a SqlInjectionMatchSet, which you use to allow, block, or count
623				requests that contain snippets of SQL code in a specified part of web
624				requests. AWS WAF searches for character sequences that are likely to
625				be malicious strings.
626
627				To create and configure a C<SqlInjectionMatchSet>, perform the
628				following steps:
629
630				=over
631
632				=item 1.
633
634				Use GetChangeToken to get the change token that you provide in the
635				C<ChangeToken> parameter of a C<CreateSqlInjectionMatchSet> request.
636
637				=item 2.
638
639				Submit a C<CreateSqlInjectionMatchSet> request.
640
641				=item 3.
642
643				Use C<GetChangeToken> to get the change token that you provide in the
644				C<ChangeToken> parameter of an UpdateSqlInjectionMatchSet request.
645
646				=item 4.
647
648				Submit an UpdateSqlInjectionMatchSet request to specify the parts of
649				web requests in which you want to allow, block, or count malicious SQL
650				code.
651
652				=back
653
654				For more information about how to use the AWS WAF API to allow or block
655				HTTP requests, see the AWS WAF Developer Guide.
656
657
658				=head2 CreateWebACL(ChangeToken => Str, DefaultAction => L<Paws::WAFRegional::WafAction>, MetricName => Str, Name => Str)
659
660				Each argument is described in detail in: L<Paws::WAFRegional::CreateWebACL>
661
662				Returns: a L<Paws::WAFRegional::CreateWebACLResponse> instance
663
664				Creates a C<WebACL>, which contains the C<Rules> that identify the
665				CloudFront web requests that you want to allow, block, or count. AWS
666				WAF evaluates C<Rules> in order based on the value of C<Priority> for
667				each C<Rule>.
668
669				You also specify a default action, either C<ALLOW> or C<BLOCK>. If a
670				web request doesn't match any of the C<Rules> in a C<WebACL>, AWS WAF
671				responds to the request with the default action.
672
673				To create and configure a C<WebACL>, perform the following steps:
674
675				=over
676
677				=item 1.
678
679				Create and update the C<ByteMatchSet> objects and other predicates that
680				you want to include in C<Rules>. For more information, see
681				CreateByteMatchSet, UpdateByteMatchSet, CreateIPSet, UpdateIPSet,
682				CreateSqlInjectionMatchSet, and UpdateSqlInjectionMatchSet.
683
684				=item 2.
685
686				Create and update the C<Rules> that you want to include in the
687				C<WebACL>. For more information, see CreateRule and UpdateRule.
688
689				=item 3.
690
691				Use GetChangeToken to get the change token that you provide in the
692				C<ChangeToken> parameter of a C<CreateWebACL> request.
693
694				=item 4.
695
696				Submit a C<CreateWebACL> request.
697
698				=item 5.
699
700				Use C<GetChangeToken> to get the change token that you provide in the
701				C<ChangeToken> parameter of an UpdateWebACL request.
702
703				=item 6.
704
705				Submit an UpdateWebACL request to specify the C<Rules> that you want to
706				include in the C<WebACL>, to specify the default action, and to
707				associate the C<WebACL> with a CloudFront distribution.
708
709				=back
710
711				For more information about how to use the AWS WAF API, see the AWS WAF
712				Developer Guide.
713
714
715				=head2 CreateXssMatchSet(ChangeToken => Str, Name => Str)
716
717				Each argument is described in detail in: L<Paws::WAFRegional::CreateXssMatchSet>
718
719				Returns: a L<Paws::WAFRegional::CreateXssMatchSetResponse> instance
720
721				Creates an XssMatchSet, which you use to allow, block, or count
722				requests that contain cross-site scripting attacks in the specified
723				part of web requests. AWS WAF searches for character sequences that are
724				likely to be malicious strings.
725
726				To create and configure an C<XssMatchSet>, perform the following steps:
727
728				=over
729
730				=item 1.
731
732				Use GetChangeToken to get the change token that you provide in the
733				C<ChangeToken> parameter of a C<CreateXssMatchSet> request.
734
735				=item 2.
736
737				Submit a C<CreateXssMatchSet> request.
738
739				=item 3.
740
741				Use C<GetChangeToken> to get the change token that you provide in the
742				C<ChangeToken> parameter of an UpdateXssMatchSet request.
743
744				=item 4.
745
746				Submit an UpdateXssMatchSet request to specify the parts of web
747				requests in which you want to allow, block, or count cross-site
748				scripting attacks.
749
750				=back
751
752				For more information about how to use the AWS WAF API to allow or block
753				HTTP requests, see the AWS WAF Developer Guide.
754
755
756				=head2 DeleteByteMatchSet(ByteMatchSetId => Str, ChangeToken => Str)
757
758				Each argument is described in detail in: L<Paws::WAFRegional::DeleteByteMatchSet>
759
760				Returns: a L<Paws::WAFRegional::DeleteByteMatchSetResponse> instance
761
762				Permanently deletes a ByteMatchSet. You can't delete a C<ByteMatchSet>
763				if it's still used in any C<Rules> or if it still includes any
764				ByteMatchTuple objects (any filters).
765
766				If you just want to remove a C<ByteMatchSet> from a C<Rule>, use
767				UpdateRule.
768
769				To permanently delete a C<ByteMatchSet>, perform the following steps:
770
771				=over
772
773				=item 1.
774
775				Update the C<ByteMatchSet> to remove filters, if any. For more
776				information, see UpdateByteMatchSet.
777
778				=item 2.
779
780				Use GetChangeToken to get the change token that you provide in the
781				C<ChangeToken> parameter of a C<DeleteByteMatchSet> request.
782
783				=item 3.
784
785				Submit a C<DeleteByteMatchSet> request.
786
787				=back
788
789
790
791				=head2 DeleteIPSet(ChangeToken => Str, IPSetId => Str)
792
793				Each argument is described in detail in: L<Paws::WAFRegional::DeleteIPSet>
794
795				Returns: a L<Paws::WAFRegional::DeleteIPSetResponse> instance
796
797				Permanently deletes an IPSet. You can't delete an C<IPSet> if it's
798				still used in any C<Rules> or if it still includes any IP addresses.
799
800				If you just want to remove an C<IPSet> from a C<Rule>, use UpdateRule.
801
802				To permanently delete an C<IPSet> from AWS WAF, perform the following
803				steps:
804
805				=over
806
807				=item 1.
808
809				Update the C<IPSet> to remove IP address ranges, if any. For more
810				information, see UpdateIPSet.
811
812				=item 2.
813
814				Use GetChangeToken to get the change token that you provide in the
815				C<ChangeToken> parameter of a C<DeleteIPSet> request.
816
817				=item 3.
818
819				Submit a C<DeleteIPSet> request.
820
821				=back
822
823
824
825				=head2 DeleteRateBasedRule(ChangeToken => Str, RuleId => Str)
826
827				Each argument is described in detail in: L<Paws::WAFRegional::DeleteRateBasedRule>
828
829				Returns: a L<Paws::WAFRegional::DeleteRateBasedRuleResponse> instance
830
831				Permanently deletes a RateBasedRule. You can't delete a rule if it's
832				still used in any C<WebACL> objects or if it still includes any
833				predicates, such as C<ByteMatchSet> objects.
834
835				If you just want to remove a rule from a C<WebACL>, use UpdateWebACL.
836
837				To permanently delete a C<RateBasedRule> from AWS WAF, perform the
838				following steps:
839
840				=over
841
842				=item 1.
843
844				Update the C<RateBasedRule> to remove predicates, if any. For more
845				information, see UpdateRateBasedRule.
846
847				=item 2.
848
849				Use GetChangeToken to get the change token that you provide in the
850				C<ChangeToken> parameter of a C<DeleteRateBasedRule> request.
851
852				=item 3.
853
854				Submit a C<DeleteRateBasedRule> request.
855
856				=back
857
858
859
860				=head2 DeleteRule(ChangeToken => Str, RuleId => Str)
861
862				Each argument is described in detail in: L<Paws::WAFRegional::DeleteRule>
863
864				Returns: a L<Paws::WAFRegional::DeleteRuleResponse> instance
865
866				Permanently deletes a Rule. You can't delete a C<Rule> if it's still
867				used in any C<WebACL> objects or if it still includes any predicates,
868				such as C<ByteMatchSet> objects.
869
870				If you just want to remove a C<Rule> from a C<WebACL>, use
871				UpdateWebACL.
872
873				To permanently delete a C<Rule> from AWS WAF, perform the following
874				steps:
875
876				=over
877
878				=item 1.
879
880				Update the C<Rule> to remove predicates, if any. For more information,
881				see UpdateRule.
882
883				=item 2.
884
885				Use GetChangeToken to get the change token that you provide in the
886				C<ChangeToken> parameter of a C<DeleteRule> request.
887
888				=item 3.
889
890				Submit a C<DeleteRule> request.
891
892				=back
893
894
895
896				=head2 DeleteSizeConstraintSet(ChangeToken => Str, SizeConstraintSetId => Str)
897
898				Each argument is described in detail in: L<Paws::WAFRegional::DeleteSizeConstraintSet>
899
900				Returns: a L<Paws::WAFRegional::DeleteSizeConstraintSetResponse> instance
901
902				Permanently deletes a SizeConstraintSet. You can't delete a
903				C<SizeConstraintSet> if it's still used in any C<Rules> or if it still
904				includes any SizeConstraint objects (any filters).
905
906				If you just want to remove a C<SizeConstraintSet> from a C<Rule>, use
907				UpdateRule.
908
909				To permanently delete a C<SizeConstraintSet>, perform the following
910				steps:
911
912				=over
913
914				=item 1.
915
916				Update the C<SizeConstraintSet> to remove filters, if any. For more
917				information, see UpdateSizeConstraintSet.
918
919				=item 2.
920
921				Use GetChangeToken to get the change token that you provide in the
922				C<ChangeToken> parameter of a C<DeleteSizeConstraintSet> request.
923
924				=item 3.
925
926				Submit a C<DeleteSizeConstraintSet> request.
927
928				=back
929
930
931
932				=head2 DeleteSqlInjectionMatchSet(ChangeToken => Str, SqlInjectionMatchSetId => Str)
933
934				Each argument is described in detail in: L<Paws::WAFRegional::DeleteSqlInjectionMatchSet>
935
936				Returns: a L<Paws::WAFRegional::DeleteSqlInjectionMatchSetResponse> instance
937
938				Permanently deletes a SqlInjectionMatchSet. You can't delete a
939				C<SqlInjectionMatchSet> if it's still used in any C<Rules> or if it
940				still contains any SqlInjectionMatchTuple objects.
941
942				If you just want to remove a C<SqlInjectionMatchSet> from a C<Rule>,
943				use UpdateRule.
944
945				To permanently delete a C<SqlInjectionMatchSet> from AWS WAF, perform
946				the following steps:
947
948				=over
949
950				=item 1.
951
952				Update the C<SqlInjectionMatchSet> to remove filters, if any. For more
953				information, see UpdateSqlInjectionMatchSet.
954
955				=item 2.
956
957				Use GetChangeToken to get the change token that you provide in the
958				C<ChangeToken> parameter of a C<DeleteSqlInjectionMatchSet> request.
959
960				=item 3.
961
962				Submit a C<DeleteSqlInjectionMatchSet> request.
963
964				=back
965
966
967
968				=head2 DeleteWebACL(ChangeToken => Str, WebACLId => Str)
969
970				Each argument is described in detail in: L<Paws::WAFRegional::DeleteWebACL>
971
972				Returns: a L<Paws::WAFRegional::DeleteWebACLResponse> instance
973
974				Permanently deletes a WebACL. You can't delete a C<WebACL> if it still
975				contains any C<Rules>.
976
977				To delete a C<WebACL>, perform the following steps:
978
979				=over
980
981				=item 1.
982
983				Update the C<WebACL> to remove C<Rules>, if any. For more information,
984				see UpdateWebACL.
985
986				=item 2.
987
988				Use GetChangeToken to get the change token that you provide in the
989				C<ChangeToken> parameter of a C<DeleteWebACL> request.
990
991				=item 3.
992
993				Submit a C<DeleteWebACL> request.
994
995				=back
996
997
998
999				=head2 DeleteXssMatchSet(ChangeToken => Str, XssMatchSetId => Str)
1000
1001				Each argument is described in detail in: L<Paws::WAFRegional::DeleteXssMatchSet>
1002
1003				Returns: a L<Paws::WAFRegional::DeleteXssMatchSetResponse> instance
1004
1005				Permanently deletes an XssMatchSet. You can't delete an C<XssMatchSet>
1006				if it's still used in any C<Rules> or if it still contains any
1007				XssMatchTuple objects.
1008
1009				If you just want to remove an C<XssMatchSet> from a C<Rule>, use
1010				UpdateRule.
1011
1012				To permanently delete an C<XssMatchSet> from AWS WAF, perform the
1013				following steps:
1014
1015				=over
1016
1017				=item 1.
1018
1019				Update the C<XssMatchSet> to remove filters, if any. For more
1020				information, see UpdateXssMatchSet.
1021
1022				=item 2.
1023
1024				Use GetChangeToken to get the change token that you provide in the
1025				C<ChangeToken> parameter of a C<DeleteXssMatchSet> request.
1026
1027				=item 3.
1028
1029				Submit a C<DeleteXssMatchSet> request.
1030
1031				=back
1032
1033
1034
1035				=head2 DisassociateWebACL(ResourceArn => Str)
1036
1037				Each argument is described in detail in: L<Paws::WAFRegional::DisassociateWebACL>
1038
1039				Returns: a L<Paws::WAFRegional::DisassociateWebACLResponse> instance
1040
1041				Removes a web ACL from the specified resource.
1042
1043
1044				=head2 GetByteMatchSet(ByteMatchSetId => Str)
1045
1046				Each argument is described in detail in: L<Paws::WAFRegional::GetByteMatchSet>
1047
1048				Returns: a L<Paws::WAFRegional::GetByteMatchSetResponse> instance
1049
1050				Returns the ByteMatchSet specified by C<ByteMatchSetId>.
1051
1052
1053				=head2 GetChangeToken()
1054
1055				Each argument is described in detail in: L<Paws::WAFRegional::GetChangeToken>
1056
1057				Returns: a L<Paws::WAFRegional::GetChangeTokenResponse> instance
1058
1059				When you want to create, update, or delete AWS WAF objects, get a
1060				change token and include the change token in the create, update, or
1061				delete request. Change tokens ensure that your application doesn't
1062				submit conflicting requests to AWS WAF.
1063
1064				Each create, update, or delete request must use a unique change token.
1065				If your application submits a C<GetChangeToken> request and then
1066				submits a second C<GetChangeToken> request before submitting a create,
1067				update, or delete request, the second C<GetChangeToken> request returns
1068				the same value as the first C<GetChangeToken> request.
1069
1070				When you use a change token in a create, update, or delete request, the
1071				status of the change token changes to C<PENDING>, which indicates that
1072				AWS WAF is propagating the change to all AWS WAF servers. Use
1073				C<GetChangeTokenStatus> to determine the status of your change token.
1074
1075
1076				=head2 GetChangeTokenStatus(ChangeToken => Str)
1077
1078				Each argument is described in detail in: L<Paws::WAFRegional::GetChangeTokenStatus>
1079
1080				Returns: a L<Paws::WAFRegional::GetChangeTokenStatusResponse> instance
1081
1082				Returns the status of a C<ChangeToken> that you got by calling
1083				GetChangeToken. C<ChangeTokenStatus> is one of the following values:
1084
1085				=over
1086
1087				=item *
1088
1089				C<PROVISIONED>: You requested the change token by calling
1090				C<GetChangeToken>, but you haven't used it yet in a call to create,
1091				update, or delete an AWS WAF object.
1092
1093				=item *
1094
1095				C<PENDING>: AWS WAF is propagating the create, update, or delete
1096				request to all AWS WAF servers.
1097
1098				=item *
1099
1100				C<IN_SYNC>: Propagation is complete.
1101
1102				=back
1103
1104
1105
1106				=head2 GetIPSet(IPSetId => Str)
1107
1108				Each argument is described in detail in: L<Paws::WAFRegional::GetIPSet>
1109
1110				Returns: a L<Paws::WAFRegional::GetIPSetResponse> instance
1111
1112				Returns the IPSet that is specified by C<IPSetId>.
1113
1114
1115				=head2 GetRateBasedRule(RuleId => Str)
1116
1117				Each argument is described in detail in: L<Paws::WAFRegional::GetRateBasedRule>
1118
1119				Returns: a L<Paws::WAFRegional::GetRateBasedRuleResponse> instance
1120
1121				Returns the RateBasedRule that is specified by the C<RuleId> that you
1122				included in the C<GetRateBasedRule> request.
1123
1124
1125				=head2 GetRateBasedRuleManagedKeys(RuleId => Str, [NextMarker => Str])
1126
1127				Each argument is described in detail in: L<Paws::WAFRegional::GetRateBasedRuleManagedKeys>
1128
1129				Returns: a L<Paws::WAFRegional::GetRateBasedRuleManagedKeysResponse> instance
1130
1131				Returns an array of IP addresses currently being blocked by the
1132				RateBasedRule that is specified by the C<RuleId>. The maximum number of
1133				managed keys that will be blocked is 10,000. If more than 10,000
1134				addresses exceed the rate limit, the 10,000 addresses with the highest
1135				rates will be blocked.
1136
1137
1138				=head2 GetRule(RuleId => Str)
1139
1140				Each argument is described in detail in: L<Paws::WAFRegional::GetRule>
1141
1142				Returns: a L<Paws::WAFRegional::GetRuleResponse> instance
1143
1144				Returns the Rule that is specified by the C<RuleId> that you included
1145				in the C<GetRule> request.
1146
1147
1148				=head2 GetSampledRequests(MaxItems => Int, RuleId => Str, TimeWindow => L<Paws::WAFRegional::TimeWindow>, WebAclId => Str)
1149
1150				Each argument is described in detail in: L<Paws::WAFRegional::GetSampledRequests>
1151
1152				Returns: a L<Paws::WAFRegional::GetSampledRequestsResponse> instance
1153
1154				Gets detailed information about a specified number of requests--a
1155				sample--that AWS WAF randomly selects from among the first 5,000
1156				requests that your AWS resource received during a time range that you
1157				choose. You can specify a sample size of up to 500 requests, and you
1158				can specify any time range in the previous three hours.
1159
1160				C<GetSampledRequests> returns a time range, which is usually the time
1161				range that you specified. However, if your resource (such as a
1162				CloudFront distribution) received 5,000 requests before the specified
1163				time range elapsed, C<GetSampledRequests> returns an updated time
1164				range. This new time range indicates the actual period during which AWS
1165				WAF selected the requests in the sample.
1166
1167
1168				=head2 GetSizeConstraintSet(SizeConstraintSetId => Str)
1169
1170				Each argument is described in detail in: L<Paws::WAFRegional::GetSizeConstraintSet>
1171
1172				Returns: a L<Paws::WAFRegional::GetSizeConstraintSetResponse> instance
1173
1174				Returns the SizeConstraintSet specified by C<SizeConstraintSetId>.
1175
1176
1177				=head2 GetSqlInjectionMatchSet(SqlInjectionMatchSetId => Str)
1178
1179				Each argument is described in detail in: L<Paws::WAFRegional::GetSqlInjectionMatchSet>
1180
1181				Returns: a L<Paws::WAFRegional::GetSqlInjectionMatchSetResponse> instance
1182
1183				Returns the SqlInjectionMatchSet that is specified by
1184				C<SqlInjectionMatchSetId>.
1185
1186
1187				=head2 GetWebACL(WebACLId => Str)
1188
1189				Each argument is described in detail in: L<Paws::WAFRegional::GetWebACL>
1190
1191				Returns: a L<Paws::WAFRegional::GetWebACLResponse> instance
1192
1193				Returns the WebACL that is specified by C<WebACLId>.
1194
1195
1196				=head2 GetWebACLForResource(ResourceArn => Str)
1197
1198				Each argument is described in detail in: L<Paws::WAFRegional::GetWebACLForResource>
1199
1200				Returns: a L<Paws::WAFRegional::GetWebACLForResourceResponse> instance
1201
1202				Returns the web ACL for the specified resource.
1203
1204
1205				=head2 GetXssMatchSet(XssMatchSetId => Str)
1206
1207				Each argument is described in detail in: L<Paws::WAFRegional::GetXssMatchSet>
1208
1209				Returns: a L<Paws::WAFRegional::GetXssMatchSetResponse> instance
1210
1211				Returns the XssMatchSet that is specified by C<XssMatchSetId>.
1212
1213
1214				=head2 ListByteMatchSets([Limit => Int, NextMarker => Str])
1215
1216				Each argument is described in detail in: L<Paws::WAFRegional::ListByteMatchSets>
1217
1218				Returns: a L<Paws::WAFRegional::ListByteMatchSetsResponse> instance
1219
1220				Returns an array of ByteMatchSetSummary objects.
1221
1222
1223				=head2 ListIPSets([Limit => Int, NextMarker => Str])
1224
1225				Each argument is described in detail in: L<Paws::WAFRegional::ListIPSets>
1226
1227				Returns: a L<Paws::WAFRegional::ListIPSetsResponse> instance
1228
1229				Returns an array of IPSetSummary objects in the response.
1230
1231
1232				=head2 ListRateBasedRules([Limit => Int, NextMarker => Str])
1233
1234				Each argument is described in detail in: L<Paws::WAFRegional::ListRateBasedRules>
1235
1236				Returns: a L<Paws::WAFRegional::ListRateBasedRulesResponse> instance
1237
1238				Returns an array of RuleSummary objects.
1239
1240
1241				=head2 ListResourcesForWebACL(WebACLId => Str)
1242
1243				Each argument is described in detail in: L<Paws::WAFRegional::ListResourcesForWebACL>
1244
1245				Returns: a L<Paws::WAFRegional::ListResourcesForWebACLResponse> instance
1246
1247				Returns an array of resources associated with the specified web ACL.
1248
1249
1250				=head2 ListRules([Limit => Int, NextMarker => Str])
1251
1252				Each argument is described in detail in: L<Paws::WAFRegional::ListRules>
1253
1254				Returns: a L<Paws::WAFRegional::ListRulesResponse> instance
1255
1256				Returns an array of RuleSummary objects.
1257
1258
1259				=head2 ListSizeConstraintSets([Limit => Int, NextMarker => Str])
1260
1261				Each argument is described in detail in: L<Paws::WAFRegional::ListSizeConstraintSets>
1262
1263				Returns: a L<Paws::WAFRegional::ListSizeConstraintSetsResponse> instance
1264
1265				Returns an array of SizeConstraintSetSummary objects.
1266
1267
1268				=head2 ListSqlInjectionMatchSets([Limit => Int, NextMarker => Str])
1269
1270				Each argument is described in detail in: L<Paws::WAFRegional::ListSqlInjectionMatchSets>
1271
1272				Returns: a L<Paws::WAFRegional::ListSqlInjectionMatchSetsResponse> instance
1273
1274				Returns an array of SqlInjectionMatchSet objects.
1275
1276
1277				=head2 ListWebACLs([Limit => Int, NextMarker => Str])
1278
1279				Each argument is described in detail in: L<Paws::WAFRegional::ListWebACLs>
1280
1281				Returns: a L<Paws::WAFRegional::ListWebACLsResponse> instance
1282
1283				Returns an array of WebACLSummary objects in the response.
1284
1285
1286				=head2 ListXssMatchSets([Limit => Int, NextMarker => Str])
1287
1288				Each argument is described in detail in: L<Paws::WAFRegional::ListXssMatchSets>
1289
1290				Returns: a L<Paws::WAFRegional::ListXssMatchSetsResponse> instance
1291
1292				Returns an array of XssMatchSet objects.
1293
1294
1295				=head2 UpdateByteMatchSet(ByteMatchSetId => Str, ChangeToken => Str, Updates => ArrayRef[L<Paws::WAFRegional::ByteMatchSetUpdate>])
1296
1297				Each argument is described in detail in: L<Paws::WAFRegional::UpdateByteMatchSet>
1298
1299				Returns: a L<Paws::WAFRegional::UpdateByteMatchSetResponse> instance
1300
1301				Inserts or deletes ByteMatchTuple objects (filters) in a ByteMatchSet.
1302				For each C<ByteMatchTuple> object, you specify the following values:
1303
1304				=over
1305
1306				=item *
1307
1308				Whether to insert or delete the object from the array. If you want to
1309				change a C<ByteMatchSetUpdate> object, you delete the existing object
1310				and add a new one.
1311
1312				=item *
1313
1314				The part of a web request that you want AWS WAF to inspect, such as a
1315				query string or the value of the C<User-Agent> header.
1316
1317				=item *
1318
1319				The bytes (typically a string that corresponds with ASCII characters)
1320				that you want AWS WAF to look for. For more information, including how
1321				you specify the values for the AWS WAF API and the AWS CLI or SDKs, see
1322				C<TargetString> in the ByteMatchTuple data type.
1323
1324				=item *
1325
1326				Where to look, such as at the beginning or the end of a query string.
1327
1328				=item *
1329
1330				Whether to perform any conversions on the request, such as converting
1331				it to lowercase, before inspecting it for the specified string.
1332
1333				=back
1334
1335				For example, you can add a C<ByteMatchSetUpdate> object that matches
1336				web requests in which C<User-Agent> headers contain the string
1337				C<BadBot>. You can then configure AWS WAF to block those requests.
1338
1339				To create and configure a C<ByteMatchSet>, perform the following steps:
1340
1341				=over
1342
1343				=item 1.
1344
1345				Create a C<ByteMatchSet.> For more information, see CreateByteMatchSet.
1346
1347				=item 2.
1348
1349				Use GetChangeToken to get the change token that you provide in the
1350				C<ChangeToken> parameter of an C<UpdateByteMatchSet> request.
1351
1352				=item 3.
1353
1354				Submit an C<UpdateByteMatchSet> request to specify the part of the
1355				request that you want AWS WAF to inspect (for example, the header or
1356				the URI) and the value that you want AWS WAF to watch for.
1357
1358				=back
1359
1360				For more information about how to use the AWS WAF API to allow or block
1361				HTTP requests, see the AWS WAF Developer Guide.
1362
1363
1364				=head2 UpdateIPSet(ChangeToken => Str, IPSetId => Str, Updates => ArrayRef[L<Paws::WAFRegional::IPSetUpdate>])
1365
1366				Each argument is described in detail in: L<Paws::WAFRegional::UpdateIPSet>
1367
1368				Returns: a L<Paws::WAFRegional::UpdateIPSetResponse> instance
1369
1370				Inserts or deletes IPSetDescriptor objects in an C<IPSet>. For each
1371				C<IPSetDescriptor> object, you specify the following values:
1372
1373				=over
1374
1375				=item *
1376
1377				Whether to insert or delete the object from the array. If you want to
1378				change an C<IPSetDescriptor> object, you delete the existing object and
1379				add a new one.
1380
1381				=item *
1382
1383				The IP address version, C<IPv4> or C<IPv6>.
1384
1385				=item *
1386
1387				The IP address in CIDR notation, for example, C<192.0.2.0/24> (for the
1388				range of IP addresses from C<192.0.2.0> to C<192.0.2.255>) or
1389				C<192.0.2.44/32> (for the individual IP address C<192.0.2.44>).
1390
1391				=back
1392
1393				AWS WAF supports /8, /16, /24, and /32 IP address ranges for IPv4, and
1394				/24, /32, /48, /56, /64 and /128 for IPv6. For more information about
1395				CIDR notation, see the Wikipedia entry Classless Inter-Domain Routing.
1396
1397				IPv6 addresses can be represented using any of the following formats:
1398
1399				=over
1400
1401				=item *
1402
1403				1111:0000:0000:0000:0000:0000:0000:0111/128
1404
1405				=item *
1406
1407				1111:0:0:0:0:0:0:0111/128
1408
1409				=item *
1410
1411				1111::0111/128
1412
1413				=item *
1414
1415				1111::111/128
1416
1417				=back
1418
1419				You use an C<IPSet> to specify which web requests you want to allow or
1420				block based on the IP addresses that the requests originated from. For
1421				example, if you're receiving a lot of requests from one or a small
1422				number of IP addresses and you want to block the requests, you can
1423				create an C<IPSet> that specifies those IP addresses, and then
1424				configure AWS WAF to block the requests.
1425
1426				To create and configure an C<IPSet>, perform the following steps:
1427
1428				=over
1429
1430				=item 1.
1431
1432				Submit a CreateIPSet request.
1433
1434				=item 2.
1435
1436				Use GetChangeToken to get the change token that you provide in the
1437				C<ChangeToken> parameter of an UpdateIPSet request.
1438
1439				=item 3.
1440
1441				Submit an C<UpdateIPSet> request to specify the IP addresses that you
1442				want AWS WAF to watch for.
1443
1444				=back
1445
1446				When you update an C<IPSet>, you specify the IP addresses that you want
1447				to add and/or the IP addresses that you want to delete. If you want to
1448				change an IP address, you delete the existing IP address and add the
1449				new one.
1450
1451				For more information about how to use the AWS WAF API to allow or block
1452				HTTP requests, see the AWS WAF Developer Guide.
1453
1454
1455				=head2 UpdateRateBasedRule(ChangeToken => Str, RateLimit => Int, RuleId => Str, Updates => ArrayRef[L<Paws::WAFRegional::RuleUpdate>])
1456
1457				Each argument is described in detail in: L<Paws::WAFRegional::UpdateRateBasedRule>
1458
1459				Returns: a L<Paws::WAFRegional::UpdateRateBasedRuleResponse> instance
1460
1461				Inserts or deletes Predicate objects in a rule and updates the
1462				C<RateLimit> in the rule.
1463
1464				Each C<Predicate> object identifies a predicate, such as a ByteMatchSet
1465				or an IPSet, that specifies the web requests that you want to block or
1466				count. The C<RateLimit> specifies the number of requests every five
1467				minutes that triggers the rule.
1468
1469				If you add more than one predicate to a C<RateBasedRule>, a request
1470				must match all the predicates and exceed the C<RateLimit> to be counted
1471				or blocked. For example, suppose you add the following to a
1472				C<RateBasedRule>:
1473
1474				=over
1475
1476				=item *
1477
1478				An C<IPSet> that matches the IP address C<192.0.2.44/32>
1479
1480				=item *
1481
1482				A C<ByteMatchSet> that matches C<BadBot> in the C<User-Agent> header
1483
1484				=back
1485
1486				Further, you specify a C<RateLimit> of 15,000.
1487
1488				You then add the C<RateBasedRule> to a C<WebACL> and specify that you
1489				want to block requests that satisfy the rule. For a request to be
1490				blocked, it must come from the IP address 192.0.2.44 I<and> the
1491				C<User-Agent> header in the request must contain the value C<BadBot>.
1492				Further, requests that match these two conditions much be received at a
1493				rate of more than 15,000 every five minutes. If the rate drops below
1494				this limit, AWS WAF no longer blocks the requests.
1495
1496				As a second example, suppose you want to limit requests to a particular
1497				page on your site. To do this, you could add the following to a
1498				C<RateBasedRule>:
1499
1500				=over
1501
1502				=item *
1503
1504				A C<ByteMatchSet> with C<FieldToMatch> of C<URI>
1505
1506				=item *
1507
1508				A C<PositionalConstraint> of C<STARTS_WITH>
1509
1510				=item *
1511
1512				A C<TargetString> of C<login>
1513
1514				=back
1515
1516				Further, you specify a C<RateLimit> of 15,000.
1517
1518				By adding this C<RateBasedRule> to a C<WebACL>, you could limit
1519				requests to your login page without affecting the rest of your site.
1520
1521
1522				=head2 UpdateRule(ChangeToken => Str, RuleId => Str, Updates => ArrayRef[L<Paws::WAFRegional::RuleUpdate>])
1523
1524				Each argument is described in detail in: L<Paws::WAFRegional::UpdateRule>
1525
1526				Returns: a L<Paws::WAFRegional::UpdateRuleResponse> instance
1527
1528				Inserts or deletes Predicate objects in a C<Rule>. Each C<Predicate>
1529				object identifies a predicate, such as a ByteMatchSet or an IPSet, that
1530				specifies the web requests that you want to allow, block, or count. If
1531				you add more than one predicate to a C<Rule>, a request must match all
1532				of the specifications to be allowed, blocked, or counted. For example,
1533				suppose you add the following to a C<Rule>:
1534
1535				=over
1536
1537				=item *
1538
1539				A C<ByteMatchSet> that matches the value C<BadBot> in the C<User-Agent>
1540				header
1541
1542				=item *
1543
1544				An C<IPSet> that matches the IP address C<192.0.2.44>
1545
1546				=back
1547
1548				You then add the C<Rule> to a C<WebACL> and specify that you want to
1549				block requests that satisfy the C<Rule>. For a request to be blocked,
1550				the C<User-Agent> header in the request must contain the value
1551				C<BadBot> I<and> the request must originate from the IP address
1552				192.0.2.44.
1553
1554				To create and configure a C<Rule>, perform the following steps:
1555
1556				=over
1557
1558				=item 1.
1559
1560				Create and update the predicates that you want to include in the
1561				C<Rule>.
1562
1563				=item 2.
1564
1565				Create the C<Rule>. See CreateRule.
1566
1567				=item 3.
1568
1569				Use C<GetChangeToken> to get the change token that you provide in the
1570				C<ChangeToken> parameter of an UpdateRule request.
1571
1572				=item 4.
1573
1574				Submit an C<UpdateRule> request to add predicates to the C<Rule>.
1575
1576				=item 5.
1577
1578				Create and update a C<WebACL> that contains the C<Rule>. See
1579				CreateWebACL.
1580
1581				=back
1582
1583				If you want to replace one C<ByteMatchSet> or C<IPSet> with another,
1584				you delete the existing one and add the new one.
1585
1586				For more information about how to use the AWS WAF API to allow or block
1587				HTTP requests, see the AWS WAF Developer Guide.
1588
1589
1590				=head2 UpdateSizeConstraintSet(ChangeToken => Str, SizeConstraintSetId => Str, Updates => ArrayRef[L<Paws::WAFRegional::SizeConstraintSetUpdate>])
1591
1592				Each argument is described in detail in: L<Paws::WAFRegional::UpdateSizeConstraintSet>
1593
1594				Returns: a L<Paws::WAFRegional::UpdateSizeConstraintSetResponse> instance
1595
1596				Inserts or deletes SizeConstraint objects (filters) in a
1597				SizeConstraintSet. For each C<SizeConstraint> object, you specify the
1598				following values:
1599
1600				=over
1601
1602				=item *
1603
1604				Whether to insert or delete the object from the array. If you want to
1605				change a C<SizeConstraintSetUpdate> object, you delete the existing
1606				object and add a new one.
1607
1608				=item *
1609
1610				The part of a web request that you want AWS WAF to evaluate, such as
1611				the length of a query string or the length of the C<User-Agent> header.
1612
1613				=item *
1614
1615				Whether to perform any transformations on the request, such as
1616				converting it to lowercase, before checking its length. Note that
1617				transformations of the request body are not supported because the AWS
1618				resource forwards only the first C<8192> bytes of your request to AWS
1619				WAF.
1620
1621				=item *
1622
1623				A C<ComparisonOperator> used for evaluating the selected part of the
1624				request against the specified C<Size>, such as equals, greater than,
1625				less than, and so on.
1626
1627				=item *
1628
1629				The length, in bytes, that you want AWS WAF to watch for in selected
1630				part of the request. The length is computed after applying the
1631				transformation.
1632
1633				=back
1634
1635				For example, you can add a C<SizeConstraintSetUpdate> object that
1636				matches web requests in which the length of the C<User-Agent> header is
1637				greater than 100 bytes. You can then configure AWS WAF to block those
1638				requests.
1639
1640				To create and configure a C<SizeConstraintSet>, perform the following
1641				steps:
1642
1643				=over
1644
1645				=item 1.
1646
1647				Create a C<SizeConstraintSet.> For more information, see
1648				CreateSizeConstraintSet.
1649
1650				=item 2.
1651
1652				Use GetChangeToken to get the change token that you provide in the
1653				C<ChangeToken> parameter of an C<UpdateSizeConstraintSet> request.
1654
1655				=item 3.
1656
1657				Submit an C<UpdateSizeConstraintSet> request to specify the part of the
1658				request that you want AWS WAF to inspect (for example, the header or
1659				the URI) and the value that you want AWS WAF to watch for.
1660
1661				=back
1662
1663				For more information about how to use the AWS WAF API to allow or block
1664				HTTP requests, see the AWS WAF Developer Guide.
1665
1666
1667				=head2 UpdateSqlInjectionMatchSet(ChangeToken => Str, SqlInjectionMatchSetId => Str, Updates => ArrayRef[L<Paws::WAFRegional::SqlInjectionMatchSetUpdate>])
1668
1669				Each argument is described in detail in: L<Paws::WAFRegional::UpdateSqlInjectionMatchSet>
1670
1671				Returns: a L<Paws::WAFRegional::UpdateSqlInjectionMatchSetResponse> instance
1672
1673				Inserts or deletes SqlInjectionMatchTuple objects (filters) in a
1674				SqlInjectionMatchSet. For each C<SqlInjectionMatchTuple> object, you
1675				specify the following values:
1676
1677				=over
1678
1679				=item *
1680
1681				C<Action>: Whether to insert the object into or delete the object from
1682				the array. To change a C<SqlInjectionMatchTuple>, you delete the
1683				existing object and add a new one.
1684
1685				=item *
1686
1687				C<FieldToMatch>: The part of web requests that you want AWS WAF to
1688				inspect and, if you want AWS WAF to inspect a header, the name of the
1689				header.
1690
1691				=item *
1692
1693				C<TextTransformation>: Which text transformation, if any, to perform on
1694				the web request before inspecting the request for snippets of malicious
1695				SQL code.
1696
1697				=back
1698
1699				You use C<SqlInjectionMatchSet> objects to specify which CloudFront
1700				requests you want to allow, block, or count. For example, if you're
1701				receiving requests that contain snippets of SQL code in the query
1702				string and you want to block the requests, you can create a
1703				C<SqlInjectionMatchSet> with the applicable settings, and then
1704				configure AWS WAF to block the requests.
1705
1706				To create and configure a C<SqlInjectionMatchSet>, perform the
1707				following steps:
1708
1709				=over
1710
1711				=item 1.
1712
1713				Submit a CreateSqlInjectionMatchSet request.
1714
1715				=item 2.
1716
1717				Use GetChangeToken to get the change token that you provide in the
1718				C<ChangeToken> parameter of an UpdateIPSet request.
1719
1720				=item 3.
1721
1722				Submit an C<UpdateSqlInjectionMatchSet> request to specify the parts of
1723				web requests that you want AWS WAF to inspect for snippets of SQL code.
1724
1725				=back
1726
1727				For more information about how to use the AWS WAF API to allow or block
1728				HTTP requests, see the AWS WAF Developer Guide.
1729
1730
1731				=head2 UpdateWebACL(ChangeToken => Str, WebACLId => Str, [DefaultAction => L<Paws::WAFRegional::WafAction>, Updates => ArrayRef[L<Paws::WAFRegional::WebACLUpdate>]])
1732
1733				Each argument is described in detail in: L<Paws::WAFRegional::UpdateWebACL>
1734
1735				Returns: a L<Paws::WAFRegional::UpdateWebACLResponse> instance
1736
1737				Inserts or deletes ActivatedRule objects in a C<WebACL>. Each C<Rule>
1738				identifies web requests that you want to allow, block, or count. When
1739				you update a C<WebACL>, you specify the following values:
1740
1741				=over
1742
1743				=item *
1744
1745				A default action for the C<WebACL>, either C<ALLOW> or C<BLOCK>. AWS
1746				WAF performs the default action if a request doesn't match the criteria
1747				in any of the C<Rules> in a C<WebACL>.
1748
1749				=item *
1750
1751				The C<Rules> that you want to add and/or delete. If you want to replace
1752				one C<Rule> with another, you delete the existing C<Rule> and add the
1753				new one.
1754
1755				=item *
1756
1757				For each C<Rule>, whether you want AWS WAF to allow requests, block
1758				requests, or count requests that match the conditions in the C<Rule>.
1759
1760				=item *
1761
1762				The order in which you want AWS WAF to evaluate the C<Rules> in a
1763				C<WebACL>. If you add more than one C<Rule> to a C<WebACL>, AWS WAF
1764				evaluates each request against the C<Rules> in order based on the value
1765				of C<Priority>. (The C<Rule> that has the lowest value for C<Priority>
1766				is evaluated first.) When a web request matches all of the predicates
1767				(such as C<ByteMatchSets> and C<IPSets>) in a C<Rule>, AWS WAF
1768				immediately takes the corresponding action, allow or block, and doesn't
1769				evaluate the request against the remaining C<Rules> in the C<WebACL>,
1770				if any.
1771
1772				=back
1773
1774				To create and configure a C<WebACL>, perform the following steps:
1775
1776				=over
1777
1778				=item 1.
1779
1780				Create and update the predicates that you want to include in C<Rules>.
1781				For more information, see CreateByteMatchSet, UpdateByteMatchSet,
1782				CreateIPSet, UpdateIPSet, CreateSqlInjectionMatchSet, and
1783				UpdateSqlInjectionMatchSet.
1784
1785				=item 2.
1786
1787				Create and update the C<Rules> that you want to include in the
1788				C<WebACL>. For more information, see CreateRule and UpdateRule.
1789
1790				=item 3.
1791
1792				Create a C<WebACL>. See CreateWebACL.
1793
1794				=item 4.
1795
1796				Use C<GetChangeToken> to get the change token that you provide in the
1797				C<ChangeToken> parameter of an UpdateWebACL request.
1798
1799				=item 5.
1800
1801				Submit an C<UpdateWebACL> request to specify the C<Rules> that you want
1802				to include in the C<WebACL>, to specify the default action, and to
1803				associate the C<WebACL> with a CloudFront distribution.
1804
1805				=back
1806
1807				Be aware that if you try to add a RATE_BASED rule to a web ACL without
1808				setting the rule type when first creating the rule, the UpdateWebACL
1809				request will fail because the request tries to add a REGULAR rule (the
1810				default rule type) with the specified ID, which does not exist.
1811
1812				For more information about how to use the AWS WAF API to allow or block
1813				HTTP requests, see the AWS WAF Developer Guide.
1814
1815
1816				=head2 UpdateXssMatchSet(ChangeToken => Str, Updates => ArrayRef[L<Paws::WAFRegional::XssMatchSetUpdate>], XssMatchSetId => Str)
1817
1818				Each argument is described in detail in: L<Paws::WAFRegional::UpdateXssMatchSet>
1819
1820				Returns: a L<Paws::WAFRegional::UpdateXssMatchSetResponse> instance
1821
1822				Inserts or deletes XssMatchTuple objects (filters) in an XssMatchSet.
1823				For each C<XssMatchTuple> object, you specify the following values:
1824
1825				=over
1826
1827				=item *
1828
1829				C<Action>: Whether to insert the object into or delete the object from
1830				the array. To change a C<XssMatchTuple>, you delete the existing object
1831				and add a new one.
1832
1833				=item *
1834
1835				C<FieldToMatch>: The part of web requests that you want AWS WAF to
1836				inspect and, if you want AWS WAF to inspect a header, the name of the
1837				header.
1838
1839				=item *
1840
1841				C<TextTransformation>: Which text transformation, if any, to perform on
1842				the web request before inspecting the request for cross-site scripting
1843				attacks.
1844
1845				=back
1846
1847				You use C<XssMatchSet> objects to specify which CloudFront requests you
1848				want to allow, block, or count. For example, if you're receiving
1849				requests that contain cross-site scripting attacks in the request body
1850				and you want to block the requests, you can create an C<XssMatchSet>
1851				with the applicable settings, and then configure AWS WAF to block the
1852				requests.
1853
1854				To create and configure an C<XssMatchSet>, perform the following steps:
1855
1856				=over
1857
1858				=item 1.
1859
1860				Submit a CreateXssMatchSet request.
1861
1862				=item 2.
1863
1864				Use GetChangeToken to get the change token that you provide in the
1865				C<ChangeToken> parameter of an UpdateIPSet request.
1866
1867				=item 3.
1868
1869				Submit an C<UpdateXssMatchSet> request to specify the parts of web
1870				requests that you want AWS WAF to inspect for cross-site scripting
1871				attacks.
1872
1873				=back
1874
1875				For more information about how to use the AWS WAF API to allow or block
1876				HTTP requests, see the AWS WAF Developer Guide.
1877
1878
1879
1880
1881				=head1 PAGINATORS
1882
1883				Paginator methods are helpers that repetively call methods that return partial results
1884
1885
1886
1887
1888				=head1 SEE ALSO
1889
1890				This service class forms part of L<Paws>
1891
1892				=head1 BUGS and CONTRIBUTIONS
1893
1894				The source code is located here: https://github.com/pplu/aws-sdk-perl
1895
1896				Please report bugs to: https://github.com/pplu/aws-sdk-perl/issues
1897
1898				=cut
1899