WAF-REGIONAL
AssociateWebACL
valid {
input.Body.WebACLId == STRING
input.Body.ResourceArn == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
CreateByteMatchSet
valid {
input.Body.Name == STRING
input.Body.ChangeToken == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
CreateGeoMatchSet
valid {
input.Body.Name == STRING
input.Body.ChangeToken == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
CreateIPSet
valid {
input.Body.Name == STRING
input.Body.ChangeToken == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
CreateRateBasedRule
enum_RateKey := [ "IP" ]
valid {
input.Body.Name == STRING
input.Body.MetricName == STRING
input.Body.RateKey == enum_RateKey[_]
input.Body.RateLimit == LONG
input.Body.ChangeToken == STRING
input.Body.Tags[_].Key == STRING
input.Body.Tags[_].Value == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
CreateRegexMatchSet
valid {
input.Body.Name == STRING
input.Body.ChangeToken == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
CreateRegexPatternSet
valid {
input.Body.Name == STRING
input.Body.ChangeToken == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
CreateRule
valid {
input.Body.Name == STRING
input.Body.MetricName == STRING
input.Body.ChangeToken == STRING
input.Body.Tags[_].Key == STRING
input.Body.Tags[_].Value == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
CreateRuleGroup
valid {
input.Body.Name == STRING
input.Body.MetricName == STRING
input.Body.ChangeToken == STRING
input.Body.Tags[_].Key == STRING
input.Body.Tags[_].Value == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
CreateSizeConstraintSet
valid {
input.Body.Name == STRING
input.Body.ChangeToken == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
CreateSqlInjectionMatchSet
valid {
input.Body.Name == STRING
input.Body.ChangeToken == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
CreateWebACL
enum_WafActionType := [ "BLOCK", "ALLOW", "COUNT" ]
valid {
input.Body.Name == STRING
input.Body.MetricName == STRING
input.Body.DefaultAction.Type == enum_WafActionType[_]
input.Body.ChangeToken == STRING
input.Body.Tags[_].Key == STRING
input.Body.Tags[_].Value == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
CreateWebACLMigrationStack
valid {
input.Body.WebACLId == STRING
input.Body.S3BucketName == STRING
input.Body.IgnoreUnsupportedType == BOOLEAN
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
CreateXssMatchSet
valid {
input.Body.Name == STRING
input.Body.ChangeToken == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
DeleteByteMatchSet
valid {
input.Body.ByteMatchSetId == STRING
input.Body.ChangeToken == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
DeleteGeoMatchSet
valid {
input.Body.GeoMatchSetId == STRING
input.Body.ChangeToken == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
DeleteIPSet
valid {
input.Body.IPSetId == STRING
input.Body.ChangeToken == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
DeleteLoggingConfiguration
valid {
input.Body.ResourceArn == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
DeletePermissionPolicy
valid {
input.Body.ResourceArn == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
DeleteRateBasedRule
valid {
input.Body.RuleId == STRING
input.Body.ChangeToken == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
DeleteRegexMatchSet
valid {
input.Body.RegexMatchSetId == STRING
input.Body.ChangeToken == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
DeleteRegexPatternSet
valid {
input.Body.RegexPatternSetId == STRING
input.Body.ChangeToken == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
DeleteRule
valid {
input.Body.RuleId == STRING
input.Body.ChangeToken == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
DeleteRuleGroup
valid {
input.Body.RuleGroupId == STRING
input.Body.ChangeToken == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
DeleteSizeConstraintSet
valid {
input.Body.SizeConstraintSetId == STRING
input.Body.ChangeToken == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
DeleteSqlInjectionMatchSet
valid {
input.Body.SqlInjectionMatchSetId == STRING
input.Body.ChangeToken == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
DeleteWebACL
valid {
input.Body.WebACLId == STRING
input.Body.ChangeToken == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
DeleteXssMatchSet
valid {
input.Body.XssMatchSetId == STRING
input.Body.ChangeToken == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
DisassociateWebACL
valid {
input.Body.ResourceArn == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
GetByteMatchSet
valid {
input.Body.ByteMatchSetId == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
GetChangeToken
valid {
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
GetChangeTokenStatus
valid {
input.Body.ChangeToken == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
GetGeoMatchSet
valid {
input.Body.GeoMatchSetId == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
GetIPSet
valid {
input.Body.IPSetId == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
GetLoggingConfiguration
valid {
input.Body.ResourceArn == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
GetPermissionPolicy
valid {
input.Body.ResourceArn == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
GetRateBasedRule
valid {
input.Body.RuleId == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
GetRateBasedRuleManagedKeys
valid {
input.Body.RuleId == STRING
input.Body.NextMarker == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
GetRegexMatchSet
valid {
input.Body.RegexMatchSetId == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
GetRegexPatternSet
valid {
input.Body.RegexPatternSetId == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
GetRule
valid {
input.Body.RuleId == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
GetRuleGroup
valid {
input.Body.RuleGroupId == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
GetSampledRequests
valid {
input.Body.WebAclId == STRING
input.Body.RuleId == STRING
input.Body.TimeWindow.StartTime == TIMESTAMP
input.Body.TimeWindow.EndTime == TIMESTAMP
input.Body.MaxItems == LONG
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
GetSizeConstraintSet
valid {
input.Body.SizeConstraintSetId == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
GetSqlInjectionMatchSet
valid {
input.Body.SqlInjectionMatchSetId == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
GetWebACL
valid {
input.Body.WebACLId == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
GetWebACLForResource
valid {
input.Body.ResourceArn == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
GetXssMatchSet
valid {
input.Body.XssMatchSetId == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
ListActivatedRulesInRuleGroup
valid {
input.Body.RuleGroupId == STRING
input.Body.NextMarker == STRING
input.Body.Limit == INTEGER
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
ListByteMatchSets
valid {
input.Body.NextMarker == STRING
input.Body.Limit == INTEGER
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
ListGeoMatchSets
valid {
input.Body.NextMarker == STRING
input.Body.Limit == INTEGER
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
ListIPSets
valid {
input.Body.NextMarker == STRING
input.Body.Limit == INTEGER
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
ListLoggingConfigurations
valid {
input.Body.NextMarker == STRING
input.Body.Limit == INTEGER
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
ListRateBasedRules
valid {
input.Body.NextMarker == STRING
input.Body.Limit == INTEGER
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
ListRegexMatchSets
valid {
input.Body.NextMarker == STRING
input.Body.Limit == INTEGER
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
ListRegexPatternSets
valid {
input.Body.NextMarker == STRING
input.Body.Limit == INTEGER
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
ListResourcesForWebACL
enum_ResourceType := [ "APPLICATION_LOAD_BALANCER", "API_GATEWAY" ]
valid {
input.Body.WebACLId == STRING
input.Body.ResourceType == enum_ResourceType[_]
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
ListRuleGroups
valid {
input.Body.NextMarker == STRING
input.Body.Limit == INTEGER
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
ListRules
valid {
input.Body.NextMarker == STRING
input.Body.Limit == INTEGER
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
ListSizeConstraintSets
valid {
input.Body.NextMarker == STRING
input.Body.Limit == INTEGER
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
ListSqlInjectionMatchSets
valid {
input.Body.NextMarker == STRING
input.Body.Limit == INTEGER
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
ListSubscribedRuleGroups
valid {
input.Body.NextMarker == STRING
input.Body.Limit == INTEGER
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
ListTagsForResource
valid {
input.Body.NextMarker == STRING
input.Body.Limit == INTEGER
input.Body.ResourceARN == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
ListWebACLs
valid {
input.Body.NextMarker == STRING
input.Body.Limit == INTEGER
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
ListXssMatchSets
valid {
input.Body.NextMarker == STRING
input.Body.Limit == INTEGER
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
PutLoggingConfiguration
enum_MatchFieldType := [ "URI", "QUERY_STRING", "HEADER", "METHOD", "BODY", "SINGLE_QUERY_ARG", "ALL_QUERY_ARGS" ]
valid {
input.Body.LoggingConfiguration.ResourceArn == STRING
input.Body.LoggingConfiguration.LogDestinationConfigs[_] == STRING
input.Body.LoggingConfiguration.RedactedFields[_].Type == enum_MatchFieldType[_]
input.Body.LoggingConfiguration.RedactedFields[_].Data == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
PutPermissionPolicy
valid {
input.Body.ResourceArn == STRING
input.Body.Policy == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
TagResource
valid {
input.Body.ResourceARN == STRING
input.Body.Tags[_].Key == STRING
input.Body.Tags[_].Value == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
UntagResource
valid {
input.Body.ResourceARN == STRING
input.Body.TagKeys[_] == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
UpdateByteMatchSet
enum_ChangeAction := [ "INSERT", "DELETE" ]
enum_MatchFieldType := [ "URI", "QUERY_STRING", "HEADER", "METHOD", "BODY", "SINGLE_QUERY_ARG", "ALL_QUERY_ARGS" ]
enum_PositionalConstraint := [ "EXACTLY", "STARTS_WITH", "ENDS_WITH", "CONTAINS", "CONTAINS_WORD" ]
enum_TextTransformation := [ "NONE", "COMPRESS_WHITE_SPACE", "HTML_ENTITY_DECODE", "LOWERCASE", "CMD_LINE", "URL_DECODE" ]
valid {
input.Body.ByteMatchSetId == STRING
input.Body.ChangeToken == STRING
input.Body.Updates[_].Action == enum_ChangeAction[_]
input.Body.Updates[_].ByteMatchTuple.FieldToMatch.Type == enum_MatchFieldType[_]
input.Body.Updates[_].ByteMatchTuple.FieldToMatch.Data == STRING
input.Body.Updates[_].ByteMatchTuple.TargetString == BLOB
input.Body.Updates[_].ByteMatchTuple.TextTransformation == enum_TextTransformation[_]
input.Body.Updates[_].ByteMatchTuple.PositionalConstraint == enum_PositionalConstraint[_]
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
UpdateGeoMatchSet
enum_ChangeAction := [ "INSERT", "DELETE" ]
enum_GeoMatchConstraintType := [ "Country" ]
enum_GeoMatchConstraintValue := [ "AF", "AX", "AL", "DZ", "AS", "AD", "AO", "AI", "AQ", "AG", "AR", "AM", "AW", "AU", "AT", "AZ", "BS", "BH", "BD", "BB", "BY", "BE", "BZ", "BJ", "BM", "BT", "BO", "BQ", "BA", "BW", "BV", "BR", "IO", "BN", "BG", "BF", "BI", "KH", "CM", "CA", "CV", "KY", "CF", "TD", "CL", "CN", "CX", "CC", "CO", "KM", "CG", "CD", "CK", "CR", "CI", "HR", "CU", "CW", "CY", "CZ", "DK", "DJ", "DM", "DO", "EC", "EG", "SV", "GQ", "ER", "EE", "ET", "FK", "FO", "FJ", "FI", "FR", "GF", "PF", "TF", "GA", "GM", "GE", "DE", "GH", "GI", "GR", "GL", "GD", "GP", "GU", "GT", "GG", "GN", "GW", "GY", "HT", "HM", "VA", "HN", "HK", "HU", "IS", "IN", "ID", "IR", "IQ", "IE", "IM", "IL", "IT", "JM", "JP", "JE", "JO", "KZ", "KE", "KI", "KP", "KR", "KW", "KG", "LA", "LV", "LB", "LS", "LR", "LY", "LI", "LT", "LU", "MO", "MK", "MG", "MW", "MY", "MV", "ML", "MT", "MH", "MQ", "MR", "MU", "YT", "MX", "FM", "MD", "MC", "MN", "ME", "MS", "MA", "MZ", "MM", "NA", "NR", "NP", "NL", "NC", "NZ", "NI", "NE", "NG", "NU", "NF", "MP", "NO", "OM", "PK", "PW", "PS", "PA", "PG", "PY", "PE", "PH", "PN", "PL", "PT", "PR", "QA", "RE", "RO", "RU", "RW", "BL", "SH", "KN", "LC", "MF", "PM", "VC", "WS", "SM", "ST", "SA", "SN", "RS", "SC", "SL", "SG", "SX", "SK", "SI", "SB", "SO", "ZA", "GS", "SS", "ES", "LK", "SD", "SR", "SJ", "SZ", "SE", "CH", "SY", "TW", "TJ", "TZ", "TH", "TL", "TG", "TK", "TO", "TT", "TN", "TR", "TM", "TC", "TV", "UG", "UA", "AE", "GB", "US", "UM", "UY", "UZ", "VU", "VE", "VN", "VG", "VI", "WF", "EH", "YE", "ZM", "ZW" ]
valid {
input.Body.GeoMatchSetId == STRING
input.Body.ChangeToken == STRING
input.Body.Updates[_].Action == enum_ChangeAction[_]
input.Body.Updates[_].GeoMatchConstraint.Type == enum_GeoMatchConstraintType[_]
input.Body.Updates[_].GeoMatchConstraint.Value == enum_GeoMatchConstraintValue[_]
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
UpdateIPSet
enum_ChangeAction := [ "INSERT", "DELETE" ]
enum_IPSetDescriptorType := [ "IPV4", "IPV6" ]
valid {
input.Body.IPSetId == STRING
input.Body.ChangeToken == STRING
input.Body.Updates[_].Action == enum_ChangeAction[_]
input.Body.Updates[_].IPSetDescriptor.Type == enum_IPSetDescriptorType[_]
input.Body.Updates[_].IPSetDescriptor.Value == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
UpdateRateBasedRule
enum_ChangeAction := [ "INSERT", "DELETE" ]
enum_PredicateType := [ "IPMatch", "ByteMatch", "SqlInjectionMatch", "GeoMatch", "SizeConstraint", "XssMatch", "RegexMatch" ]
valid {
input.Body.RuleId == STRING
input.Body.ChangeToken == STRING
input.Body.Updates[_].Action == enum_ChangeAction[_]
input.Body.Updates[_].Predicate.Negated == BOOLEAN
input.Body.Updates[_].Predicate.Type == enum_PredicateType[_]
input.Body.Updates[_].Predicate.DataId == STRING
input.Body.RateLimit == LONG
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
UpdateRegexMatchSet
enum_ChangeAction := [ "INSERT", "DELETE" ]
enum_MatchFieldType := [ "URI", "QUERY_STRING", "HEADER", "METHOD", "BODY", "SINGLE_QUERY_ARG", "ALL_QUERY_ARGS" ]
enum_TextTransformation := [ "NONE", "COMPRESS_WHITE_SPACE", "HTML_ENTITY_DECODE", "LOWERCASE", "CMD_LINE", "URL_DECODE" ]
valid {
input.Body.RegexMatchSetId == STRING
input.Body.Updates[_].Action == enum_ChangeAction[_]
input.Body.Updates[_].RegexMatchTuple.FieldToMatch.Type == enum_MatchFieldType[_]
input.Body.Updates[_].RegexMatchTuple.FieldToMatch.Data == STRING
input.Body.Updates[_].RegexMatchTuple.TextTransformation == enum_TextTransformation[_]
input.Body.Updates[_].RegexMatchTuple.RegexPatternSetId == STRING
input.Body.ChangeToken == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
UpdateRegexPatternSet
enum_ChangeAction := [ "INSERT", "DELETE" ]
valid {
input.Body.RegexPatternSetId == STRING
input.Body.Updates[_].Action == enum_ChangeAction[_]
input.Body.Updates[_].RegexPatternString == STRING
input.Body.ChangeToken == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
UpdateRule
enum_ChangeAction := [ "INSERT", "DELETE" ]
enum_PredicateType := [ "IPMatch", "ByteMatch", "SqlInjectionMatch", "GeoMatch", "SizeConstraint", "XssMatch", "RegexMatch" ]
valid {
input.Body.RuleId == STRING
input.Body.ChangeToken == STRING
input.Body.Updates[_].Action == enum_ChangeAction[_]
input.Body.Updates[_].Predicate.Negated == BOOLEAN
input.Body.Updates[_].Predicate.Type == enum_PredicateType[_]
input.Body.Updates[_].Predicate.DataId == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
UpdateRuleGroup
enum_ChangeAction := [ "INSERT", "DELETE" ]
enum_WafActionType := [ "BLOCK", "ALLOW", "COUNT" ]
enum_WafOverrideActionType := [ "NONE", "COUNT" ]
enum_WafRuleType := [ "REGULAR", "RATE_BASED", "GROUP" ]
valid {
input.Body.RuleGroupId == STRING
input.Body.Updates[_].Action == enum_ChangeAction[_]
input.Body.Updates[_].ActivatedRule.Priority == INTEGER
input.Body.Updates[_].ActivatedRule.RuleId == STRING
input.Body.Updates[_].ActivatedRule.Action.Type == enum_WafActionType[_]
input.Body.Updates[_].ActivatedRule.OverrideAction.Type == enum_WafOverrideActionType[_]
input.Body.Updates[_].ActivatedRule.Type == enum_WafRuleType[_]
input.Body.Updates[_].ActivatedRule.ExcludedRules[_].RuleId == STRING
input.Body.ChangeToken == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
UpdateSizeConstraintSet
enum_ChangeAction := [ "INSERT", "DELETE" ]
enum_ComparisonOperator := [ "EQ", "NE", "LE", "LT", "GE", "GT" ]
enum_MatchFieldType := [ "URI", "QUERY_STRING", "HEADER", "METHOD", "BODY", "SINGLE_QUERY_ARG", "ALL_QUERY_ARGS" ]
enum_TextTransformation := [ "NONE", "COMPRESS_WHITE_SPACE", "HTML_ENTITY_DECODE", "LOWERCASE", "CMD_LINE", "URL_DECODE" ]
valid {
input.Body.SizeConstraintSetId == STRING
input.Body.ChangeToken == STRING
input.Body.Updates[_].Action == enum_ChangeAction[_]
input.Body.Updates[_].SizeConstraint.FieldToMatch.Type == enum_MatchFieldType[_]
input.Body.Updates[_].SizeConstraint.FieldToMatch.Data == STRING
input.Body.Updates[_].SizeConstraint.TextTransformation == enum_TextTransformation[_]
input.Body.Updates[_].SizeConstraint.ComparisonOperator == enum_ComparisonOperator[_]
input.Body.Updates[_].SizeConstraint.Size == LONG
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
UpdateSqlInjectionMatchSet
enum_ChangeAction := [ "INSERT", "DELETE" ]
enum_MatchFieldType := [ "URI", "QUERY_STRING", "HEADER", "METHOD", "BODY", "SINGLE_QUERY_ARG", "ALL_QUERY_ARGS" ]
enum_TextTransformation := [ "NONE", "COMPRESS_WHITE_SPACE", "HTML_ENTITY_DECODE", "LOWERCASE", "CMD_LINE", "URL_DECODE" ]
valid {
input.Body.SqlInjectionMatchSetId == STRING
input.Body.ChangeToken == STRING
input.Body.Updates[_].Action == enum_ChangeAction[_]
input.Body.Updates[_].SqlInjectionMatchTuple.FieldToMatch.Type == enum_MatchFieldType[_]
input.Body.Updates[_].SqlInjectionMatchTuple.FieldToMatch.Data == STRING
input.Body.Updates[_].SqlInjectionMatchTuple.TextTransformation == enum_TextTransformation[_]
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
UpdateWebACL
enum_ChangeAction := [ "INSERT", "DELETE" ]
enum_WafActionType := [ "BLOCK", "ALLOW", "COUNT" ]
enum_WafOverrideActionType := [ "NONE", "COUNT" ]
enum_WafRuleType := [ "REGULAR", "RATE_BASED", "GROUP" ]
valid {
input.Body.WebACLId == STRING
input.Body.ChangeToken == STRING
input.Body.Updates[_].Action == enum_ChangeAction[_]
input.Body.Updates[_].ActivatedRule.Priority == INTEGER
input.Body.Updates[_].ActivatedRule.RuleId == STRING
input.Body.Updates[_].ActivatedRule.Action.Type == enum_WafActionType[_]
input.Body.Updates[_].ActivatedRule.OverrideAction.Type == enum_WafOverrideActionType[_]
input.Body.Updates[_].ActivatedRule.Type == enum_WafRuleType[_]
input.Body.Updates[_].ActivatedRule.ExcludedRules[_].RuleId == STRING
input.Body.DefaultAction.Type == enum_WafActionType[_]
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
UpdateXssMatchSet
enum_ChangeAction := [ "INSERT", "DELETE" ]
enum_MatchFieldType := [ "URI", "QUERY_STRING", "HEADER", "METHOD", "BODY", "SINGLE_QUERY_ARG", "ALL_QUERY_ARGS" ]
enum_TextTransformation := [ "NONE", "COMPRESS_WHITE_SPACE", "HTML_ENTITY_DECODE", "LOWERCASE", "CMD_LINE", "URL_DECODE" ]
valid {
input.Body.XssMatchSetId == STRING
input.Body.ChangeToken == STRING
input.Body.Updates[_].Action == enum_ChangeAction[_]
input.Body.Updates[_].XssMatchTuple.FieldToMatch.Type == enum_MatchFieldType[_]
input.Body.Updates[_].XssMatchTuple.FieldToMatch.Data == STRING
input.Body.Updates[_].XssMatchTuple.TextTransformation == enum_TextTransformation[_]
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
Updated 23 days ago