types

type ActivatedRule struct {

	// Specifies the order in which the Rules in a WebACL are evaluated. Rules with a
	// lower value for Priority are evaluated before Rules with a higher value. The
	// value must be a unique integer. If you add multiple Rules to a WebACL , the
	// values don't need to be consecutive.
	//
	// This member is required.
	Priority *int32

	// The RuleId for a Rule . You use RuleId to get more information about a Rule
	// (see GetRule ), update a Rule (see UpdateRule ), insert a Rule into a WebACL or
	// delete a one from a WebACL (see UpdateWebACL ), or delete a Rule from AWS WAF
	// (see DeleteRule ). RuleId is returned by CreateRule and by ListRules .
	//
	// This member is required.
	RuleId *string

	// Specifies the action that CloudFront or AWS WAF takes when a web request
	// matches the conditions in the Rule . Valid values for Action include the
	// following:
	//   - ALLOW : CloudFront responds with the requested object.
	//   - BLOCK : CloudFront responds with an HTTP 403 (Forbidden) status code.
	//   - COUNT : AWS WAF increments a counter of requests that match the conditions
	//   in the rule and then continues to inspect the web request based on the remaining
	//   rules in the web ACL.
	// ActivatedRule|OverrideAction applies only when updating or adding a RuleGroup
	// to a WebACL . In this case, you do not use ActivatedRule|Action . For all other
	// update requests, ActivatedRule|Action is used instead of
	// ActivatedRule|OverrideAction .
	Action *WafAction

	// An array of rules to exclude from a rule group. This is applicable only when
	// the ActivatedRule refers to a RuleGroup . Sometimes it is necessary to
	// troubleshoot rule groups that are blocking traffic unexpectedly (false
	// positives). One troubleshooting technique is to identify the specific rule
	// within the rule group that is blocking the legitimate traffic and then disable
	// (exclude) that particular rule. You can exclude rules from both your own rule
	// groups and AWS Marketplace rule groups that have been associated with a web ACL.
	// Specifying ExcludedRules does not remove those rules from the rule group.
	// Rather, it changes the action for the rules to COUNT . Therefore, requests that
	// match an ExcludedRule are counted but not blocked. The RuleGroup owner will
	// receive COUNT metrics for each ExcludedRule . If you want to exclude rules from
	// a rule group that is already associated with a web ACL, perform the following
	// steps:
	//   - Use the AWS WAF logs to identify the IDs of the rules that you want to
	//   exclude. For more information about the logs, see Logging Web ACL Traffic
	//   Information (https://docs.aws.amazon.com/waf/latest/developerguide/logging.html)
	//   .
	//   - Submit an UpdateWebACL request that has two actions:
	//   - The first action deletes the existing rule group from the web ACL. That is,
	//   in the UpdateWebACL request, the first Updates:Action should be DELETE and
	//   Updates:ActivatedRule:RuleId should be the rule group that contains the rules
	//   that you want to exclude.
	//   - The second action inserts the same rule group back in, but specifying the
	//   rules to exclude. That is, the second Updates:Action should be INSERT ,
	//   Updates:ActivatedRule:RuleId should be the rule group that you just removed,
	//   and ExcludedRules should contain the rules that you want to exclude.
	ExcludedRules []ExcludedRule

	// Use the OverrideAction to test your RuleGroup . Any rule in a RuleGroup can
	// potentially block a request. If you set the OverrideAction to None , the
	// RuleGroup will block a request if any individual rule in the RuleGroup matches
	// the request and is configured to block that request. However if you first want
	// to test the RuleGroup , set the OverrideAction to Count . The RuleGroup will
	// then override any block action specified by individual rules contained within
	// the group. Instead of blocking matching requests, those requests will be
	// counted. You can view a record of counted requests using GetSampledRequests .
	// ActivatedRule|OverrideAction applies only when updating or adding a RuleGroup
	// to a WebACL . In this case you do not use ActivatedRule|Action . For all other
	// update requests, ActivatedRule|Action is used instead of
	// ActivatedRule|OverrideAction .
	OverrideAction *WafOverrideAction

	// The rule type, either REGULAR , as defined by Rule , RATE_BASED , as defined by
	// RateBasedRule , or GROUP , as defined by RuleGroup . The default is REGULAR.
	// Although this field is optional, be aware that if you try to add a RATE_BASED
	// rule to a web ACL without setting the type, the UpdateWebACL request will fail
	// because the request tries to add a REGULAR rule with the specified ID, which
	// does not exist.
	Type WafRuleType
	// contains filtered or unexported fields
}

type ByteMatchSet struct {

	// The ByteMatchSetId for a ByteMatchSet . You use ByteMatchSetId to get
	// information about a ByteMatchSet (see GetByteMatchSet ), update a ByteMatchSet
	// (see UpdateByteMatchSet ), insert a ByteMatchSet into a Rule or delete one from
	// a Rule (see UpdateRule ), and delete a ByteMatchSet from AWS WAF (see
	// DeleteByteMatchSet ). ByteMatchSetId is returned by CreateByteMatchSet and by
	// ListByteMatchSets .
	//
	// This member is required.
	ByteMatchSetId *string

	// Specifies the bytes (typically a string that corresponds with ASCII characters)
	// that you want AWS WAF to search for in web requests, the location in requests
	// that you want AWS WAF to search, and other settings.
	//
	// This member is required.
	ByteMatchTuples []ByteMatchTuple

	// A friendly name or description of the ByteMatchSet . You can't change Name
	// after you create a ByteMatchSet .
	Name *string
	// contains filtered or unexported fields
}

type ByteMatchSetSummary struct {

	// The ByteMatchSetId for a ByteMatchSet . You use ByteMatchSetId to get
	// information about a ByteMatchSet , update a ByteMatchSet , remove a ByteMatchSet
	// from a Rule , and delete a ByteMatchSet from AWS WAF. ByteMatchSetId is
	// returned by CreateByteMatchSet and by ListByteMatchSets .
	//
	// This member is required.
	ByteMatchSetId *string

	// A friendly name or description of the ByteMatchSet . You can't change Name
	// after you create a ByteMatchSet .
	//
	// This member is required.
	Name *string
	// contains filtered or unexported fields
}

type ByteMatchSetUpdate struct {

	// Specifies whether to insert or delete a ByteMatchTuple .
	//
	// This member is required.
	Action ChangeAction

	// Information about the part of a web request that you want AWS WAF to inspect
	// and the value that you want AWS WAF to search for. If you specify DELETE for
	// the value of Action , the ByteMatchTuple values must exactly match the values
	// in the ByteMatchTuple that you want to delete from the ByteMatchSet .
	//
	// This member is required.
	ByteMatchTuple *ByteMatchTuple
	// contains filtered or unexported fields
}

type ByteMatchTuple struct {

	// The part of a web request that you want AWS WAF to search, such as a specified
	// header or a query string. For more information, see FieldToMatch .
	//
	// This member is required.
	FieldToMatch *FieldToMatch

	// Within the portion of a web request that you want to search (for example, in
	// the query string, if any), specify where you want AWS WAF to search. Valid
	// values include the following: CONTAINS The specified part of the web request
	// must include the value of TargetString , but the location doesn't matter.
	// CONTAINS_WORD The specified part of the web request must include the value of
	// TargetString , and TargetString must contain only alphanumeric characters or
	// underscore (A-Z, a-z, 0-9, or _). In addition, TargetString must be a word,
	// which means one of the following:
	//   - TargetString exactly matches the value of the specified part of the web
	//   request, such as the value of a header.
	//   - TargetString is at the beginning of the specified part of the web request
	//   and is followed by a character other than an alphanumeric character or
	//   underscore (_), for example, BadBot; .
	//   - TargetString is at the end of the specified part of the web request and is
	//   preceded by a character other than an alphanumeric character or underscore (_),
	//   for example, ;BadBot .
	//   - TargetString is in the middle of the specified part of the web request and
	//   is preceded and followed by characters other than alphanumeric characters or
	//   underscore (_), for example, -BadBot; .
	// EXACTLY The value of the specified part of the web request must exactly match
	// the value of TargetString . STARTS_WITH The value of TargetString must appear
	// at the beginning of the specified part of the web request. ENDS_WITH The value
	// of TargetString must appear at the end of the specified part of the web request.
	//
	// This member is required.
	PositionalConstraint PositionalConstraint

	// The value that you want AWS WAF to search for. AWS WAF searches for the
	// specified string in the part of web requests that you specified in FieldToMatch
	// . The maximum length of the value is 50 bytes. Valid values depend on the values
	// that you specified for FieldToMatch :
	//   - HEADER : The value that you want AWS WAF to search for in the request header
	//   that you specified in FieldToMatch , for example, the value of the User-Agent
	//   or Referer header.
	//   - METHOD : The HTTP method, which indicates the type of operation specified in
	//   the request. CloudFront supports the following methods: DELETE , GET , HEAD ,
	//   OPTIONS , PATCH , POST , and PUT .
	//   - QUERY_STRING : The value that you want AWS WAF to search for in the query
	//   string, which is the part of a URL that appears after a ? character.
	//   - URI : The value that you want AWS WAF to search for in the part of a URL
	//   that identifies a resource, for example, /images/daily-ad.jpg .
	//   - BODY : The part of a request that contains any additional data that you want
	//   to send to your web server as the HTTP request body, such as data from a form.
	//   The request body immediately follows the request headers. Note that only the
	//   first 8192 bytes of the request body are forwarded to AWS WAF for inspection.
	//   To allow or block requests based on the length of the body, you can create a
	//   size constraint set. For more information, see CreateSizeConstraintSet .
	//   - SINGLE_QUERY_ARG : The parameter in the query string that you will inspect,
	//   such as UserName or SalesRegion. The maximum length for SINGLE_QUERY_ARG is 30
	//   characters.
	//   - ALL_QUERY_ARGS : Similar to SINGLE_QUERY_ARG , but instead of inspecting a
	//   single parameter, AWS WAF inspects all parameters within the query string for
	//   the value or regex pattern that you specify in TargetString .
	// If TargetString includes alphabetic characters A-Z and a-z, note that the value
	// is case sensitive. If you're using the AWS WAF API Specify a base64-encoded
	// version of the value. The maximum length of the value before you base64-encode
	// it is 50 bytes. For example, suppose the value of Type is HEADER and the value
	// of Data is User-Agent . If you want to search the User-Agent header for the
	// value BadBot , you base64-encode BadBot using MIME base64-encoding and include
	// the resulting value, QmFkQm90 , in the value of TargetString . If you're using
	// the AWS CLI or one of the AWS SDKs The value that you want AWS WAF to search
	// for. The SDK automatically base64 encodes the value.
	//
	// This member is required.
	TargetString []byte

	// Text transformations eliminate some of the unusual formatting that attackers
	// use in web requests in an effort to bypass AWS WAF. If you specify a
	// transformation, AWS WAF performs the transformation on FieldToMatch before
	// inspecting it for a match. You can only specify a single type of
	// TextTransformation. CMD_LINE When you're concerned that attackers are injecting
	// an operating system command line command and using unusual formatting to
	// disguise some or all of the command, use this option to perform the following
	// transformations:
	//   - Delete the following characters: \ " ' ^
	//   - Delete spaces before the following characters: / (
	//   - Replace the following characters with a space: , ;
	//   - Replace multiple spaces with one space
	//   - Convert uppercase letters (A-Z) to lowercase (a-z)
	// COMPRESS_WHITE_SPACE Use this option to replace the following characters with a
	// space character (decimal 32):
	//   - \f, formfeed, decimal 12
	//   - \t, tab, decimal 9
	//   - \n, newline, decimal 10
	//   - \r, carriage return, decimal 13
	//   - \v, vertical tab, decimal 11
	//   - non-breaking space, decimal 160
	// COMPRESS_WHITE_SPACE also replaces multiple spaces with one space.
	// HTML_ENTITY_DECODE Use this option to replace HTML-encoded characters with
	// unencoded characters. HTML_ENTITY_DECODE performs the following operations:
	//   - Replaces (ampersand)quot; with "
	//   - Replaces (ampersand)nbsp; with a non-breaking space, decimal 160
	//   - Replaces (ampersand)lt; with a "less than" symbol
	//   - Replaces (ampersand)gt; with >
	//   - Replaces characters that are represented in hexadecimal format,
	//   (ampersand)#xhhhh; , with the corresponding characters
	//   - Replaces characters that are represented in decimal format,
	//   (ampersand)#nnnn; , with the corresponding characters
	// LOWERCASE Use this option to convert uppercase letters (A-Z) to lowercase
	// (a-z). URL_DECODE Use this option to decode a URL-encoded value. NONE Specify
	// NONE if you don't want to perform any text transformations.
	//
	// This member is required.
	TextTransformation TextTransformation
	// contains filtered or unexported fields
}

type ChangeAction string

type ChangeTokenStatus string

type ComparisonOperator string

type ExcludedRule struct {

	// The unique identifier for the rule to exclude from the rule group.
	//
	// This member is required.
	RuleId *string
	// contains filtered or unexported fields
}

type FieldToMatch struct {

	// The part of the web request that you want AWS WAF to search for a specified
	// string. Parts of a request that you can search include the following:
	//   - HEADER : A specified request header, for example, the value of the
	//   User-Agent or Referer header. If you choose HEADER for the type, specify the
	//   name of the header in Data .
	//   - METHOD : The HTTP method, which indicated the type of operation that the
	//   request is asking the origin to perform. Amazon CloudFront supports the
	//   following methods: DELETE , GET , HEAD , OPTIONS , PATCH , POST , and PUT .
	//   - QUERY_STRING : A query string, which is the part of a URL that appears after
	//   a ? character, if any.
	//   - URI : The part of a web request that identifies a resource, for example,
	//   /images/daily-ad.jpg .
	//   - BODY : The part of a request that contains any additional data that you want
	//   to send to your web server as the HTTP request body, such as data from a form.
	//   The request body immediately follows the request headers. Note that only the
	//   first 8192 bytes of the request body are forwarded to AWS WAF for inspection.
	//   To allow or block requests based on the length of the body, you can create a
	//   size constraint set. For more information, see CreateSizeConstraintSet .
	//   - SINGLE_QUERY_ARG : The parameter in the query string that you will inspect,
	//   such as UserName or SalesRegion. The maximum length for SINGLE_QUERY_ARG is 30
	//   characters.
	//   - ALL_QUERY_ARGS : Similar to SINGLE_QUERY_ARG , but rather than inspecting a
	//   single parameter, AWS WAF will inspect all parameters within the query for the
	//   value or regex pattern that you specify in TargetString .
	//
	// This member is required.
	Type MatchFieldType

	// When the value of Type is HEADER , enter the name of the header that you want
	// AWS WAF to search, for example, User-Agent or Referer . The name of the header
	// is not case sensitive. When the value of Type is SINGLE_QUERY_ARG , enter the
	// name of the parameter that you want AWS WAF to search, for example, UserName or
	// SalesRegion . The parameter name is not case sensitive. If the value of Type is
	// any other value, omit Data .
	Data *string
	// contains filtered or unexported fields
}

type GeoMatchConstraint struct {

	// The type of geographical area you want AWS WAF to search for. Currently Country
	// is the only valid value.
	//
	// This member is required.
	Type GeoMatchConstraintType

	// The country that you want AWS WAF to search for.
	//
	// This member is required.
	Value GeoMatchConstraintValue
	// contains filtered or unexported fields
}

type GeoMatchConstraintType string

type GeoMatchConstraintValue string

type GeoMatchSet struct {

	// An array of GeoMatchConstraint objects, which contain the country that you want
	// AWS WAF to search for.
	//
	// This member is required.
	GeoMatchConstraints []GeoMatchConstraint

	// The GeoMatchSetId for an GeoMatchSet . You use GeoMatchSetId to get information
	// about a GeoMatchSet (see GeoMatchSet ), update a GeoMatchSet (see
	// UpdateGeoMatchSet ), insert a GeoMatchSet into a Rule or delete one from a Rule
	// (see UpdateRule ), and delete a GeoMatchSet from AWS WAF (see DeleteGeoMatchSet
	// ). GeoMatchSetId is returned by CreateGeoMatchSet and by ListGeoMatchSets .
	//
	// This member is required.
	GeoMatchSetId *string

	// A friendly name or description of the GeoMatchSet . You can't change the name of
	// an GeoMatchSet after you create it.
	Name *string
	// contains filtered or unexported fields
}

type GeoMatchSetSummary struct {

	// The GeoMatchSetId for an GeoMatchSet . You can use GeoMatchSetId in a
	// GetGeoMatchSet request to get detailed information about an GeoMatchSet .
	//
	// This member is required.
	GeoMatchSetId *string

	// A friendly name or description of the GeoMatchSet . You can't change the name of
	// an GeoMatchSet after you create it.
	//
	// This member is required.
	Name *string
	// contains filtered or unexported fields
}

type GeoMatchSetUpdate struct {

	// Specifies whether to insert or delete a country with UpdateGeoMatchSet .
	//
	// This member is required.
	Action ChangeAction

	// The country from which web requests originate that you want AWS WAF to search
	// for.
	//
	// This member is required.
	GeoMatchConstraint *GeoMatchConstraint
	// contains filtered or unexported fields
}

type HTTPHeader struct {

	// The name of one of the headers in the sampled web request.
	Name *string

	// The value of one of the headers in the sampled web request.
	Value *string
	// contains filtered or unexported fields
}

type HTTPRequest struct {

	// The IP address that the request originated from. If the WebACL is associated
	// with a CloudFront distribution, this is the value of one of the following fields
	// in CloudFront access logs:
	//   - c-ip , if the viewer did not use an HTTP proxy or a load balancer to send
	//   the request
	//   - x-forwarded-for , if the viewer did use an HTTP proxy or a load balancer to
	//   send the request
	ClientIP *string

	// The two-letter country code for the country that the request originated from.
	// For a current list of country codes, see the Wikipedia entry ISO 3166-1 alpha-2 (https://en.wikipedia.org/wiki/ISO_3166-1_alpha-2)
	// .
	Country *string

	// The HTTP version specified in the sampled web request, for example, HTTP/1.1 .
	HTTPVersion *string

	// A complex type that contains two values for each header in the sampled web
	// request: the name of the header and the value of the header.
	Headers []HTTPHeader

	// The HTTP method specified in the sampled web request. CloudFront supports the
	// following methods: DELETE , GET , HEAD , OPTIONS , PATCH , POST , and PUT .
	Method *string

	// The part of a web request that identifies the resource, for example,
	// /images/daily-ad.jpg .
	URI *string
	// contains filtered or unexported fields
}

type IPSet struct {

	// The IP address type ( IPV4 or IPV6 ) and the IP address range (in CIDR notation)
	// that web requests originate from. If the WebACL is associated with a CloudFront
	// distribution and the viewer did not use an HTTP proxy or a load balancer to send
	// the request, this is the value of the c-ip field in the CloudFront access logs.
	//
	// This member is required.
	IPSetDescriptors []IPSetDescriptor

	// The IPSetId for an IPSet . You use IPSetId to get information about an IPSet
	// (see GetIPSet ), update an IPSet (see UpdateIPSet ), insert an IPSet into a Rule
	// or delete one from a Rule (see UpdateRule ), and delete an IPSet from AWS WAF
	// (see DeleteIPSet ). IPSetId is returned by CreateIPSet and by ListIPSets .
	//
	// This member is required.
	IPSetId *string

	// A friendly name or description of the IPSet . You can't change the name of an
	// IPSet after you create it.
	Name *string
	// contains filtered or unexported fields
}

type IPSetDescriptor struct {

	// Specify IPV4 or IPV6 .
	//
	// This member is required.
	Type IPSetDescriptorType

	// Specify an IPv4 address by using CIDR notation. For example:
	//   - To configure AWS WAF to allow, block, or count requests that originated
	//   from the IP address 192.0.2.44, specify 192.0.2.44/32 .
	//   - To configure AWS WAF to allow, block, or count requests that originated
	//   from IP addresses from 192.0.2.0 to 192.0.2.255, specify 192.0.2.0/24 .
	// For more information about CIDR notation, see the Wikipedia entry Classless
	// Inter-Domain Routing (https://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing)
	// . Specify an IPv6 address by using CIDR notation. For example:
	//   - To configure AWS WAF to allow, block, or count requests that originated
	//   from the IP address 1111:0000:0000:0000:0000:0000:0000:0111, specify
	//   1111:0000:0000:0000:0000:0000:0000:0111/128 .
	//   - To configure AWS WAF to allow, block, or count requests that originated
	//   from IP addresses 1111:0000:0000:0000:0000:0000:0000:0000 to
	//   1111:0000:0000:0000:ffff:ffff:ffff:ffff, specify
	//   1111:0000:0000:0000:0000:0000:0000:0000/64 .
	//
	// This member is required.
	Value *string
	// contains filtered or unexported fields
}

type IPSetDescriptorType string

type IPSetSummary struct {

	// The IPSetId for an IPSet . You can use IPSetId in a GetIPSet request to get
	// detailed information about an IPSet .
	//
	// This member is required.
	IPSetId *string

	// A friendly name or description of the IPSet . You can't change the name of an
	// IPSet after you create it.
	//
	// This member is required.
	Name *string
	// contains filtered or unexported fields
}

type IPSetUpdate struct {

	// Specifies whether to insert or delete an IP address with UpdateIPSet .
	//
	// This member is required.
	Action ChangeAction

	// The IP address type ( IPV4 or IPV6 ) and the IP address range (in CIDR notation)
	// that web requests originate from.
	//
	// This member is required.
	IPSetDescriptor *IPSetDescriptor
	// contains filtered or unexported fields
}

type LoggingConfiguration struct {

	// An array of Amazon Kinesis Data Firehose ARNs.
	//
	// This member is required.
	LogDestinationConfigs []string

	// The Amazon Resource Name (ARN) of the web ACL that you want to associate with
	// LogDestinationConfigs .
	//
	// This member is required.
	ResourceArn *string

	// The parts of the request that you want redacted from the logs. For example, if
	// you redact the cookie field, the cookie field in the firehose will be xxx .
	RedactedFields []FieldToMatch
	// contains filtered or unexported fields
}

type MatchFieldType string

type MigrationErrorType string

type ParameterExceptionField string

type ParameterExceptionReason string

type PositionalConstraint string

type Predicate struct {

	// A unique identifier for a predicate in a Rule , such as ByteMatchSetId or
	// IPSetId . The ID is returned by the corresponding Create or List command.
	//
	// This member is required.
	DataId *string

	// Set Negated to False if you want AWS WAF to allow, block, or count requests
	// based on the settings in the specified ByteMatchSet , IPSet ,
	// SqlInjectionMatchSet , XssMatchSet , RegexMatchSet , GeoMatchSet , or
	// SizeConstraintSet . For example, if an IPSet includes the IP address 192.0.2.44
	// , AWS WAF will allow or block requests based on that IP address. Set Negated to
	// True if you want AWS WAF to allow or block a request based on the negation of
	// the settings in the ByteMatchSet , IPSet , SqlInjectionMatchSet , XssMatchSet ,
	// RegexMatchSet , GeoMatchSet , or SizeConstraintSet . For example, if an IPSet
	// includes the IP address 192.0.2.44 , AWS WAF will allow, block, or count
	// requests based on all IP addresses except 192.0.2.44 .
	//
	// This member is required.
	Negated *bool

	// The type of predicate in a Rule , such as ByteMatch or IPSet .
	//
	// This member is required.
	Type PredicateType
	// contains filtered or unexported fields
}

type PredicateType string

type RateBasedRule struct {

	// The Predicates object contains one Predicate element for each ByteMatchSet ,
	// IPSet , or SqlInjectionMatchSet object that you want to include in a
	// RateBasedRule .
	//
	// This member is required.
	MatchPredicates []Predicate

	// The field that AWS WAF uses to determine if requests are likely arriving from
	// single source and thus subject to rate monitoring. The only valid value for
	// RateKey is IP . IP indicates that requests arriving from the same IP address
	// are subject to the RateLimit that is specified in the RateBasedRule .
	//
	// This member is required.
	RateKey RateKey

	// The maximum number of requests, which have an identical value in the field
	// specified by the RateKey , allowed in a five-minute period. If the number of
	// requests exceeds the RateLimit and the other predicates specified in the rule
	// are also met, AWS WAF triggers the action that is specified for this rule.
	//
	// This member is required.
	RateLimit *int64

	// A unique identifier for a RateBasedRule . You use RuleId to get more
	// information about a RateBasedRule (see GetRateBasedRule ), update a
	// RateBasedRule (see UpdateRateBasedRule ), insert a RateBasedRule into a WebACL
	// or delete one from a WebACL (see UpdateWebACL ), or delete a RateBasedRule from
	// AWS WAF (see DeleteRateBasedRule ).
	//
	// This member is required.
	RuleId *string

	// A friendly name or description for the metrics for a RateBasedRule . The name
	// can contain only alphanumeric characters (A-Z, a-z, 0-9), with maximum length
	// 128 and minimum length one. It can't contain whitespace or metric names reserved
	// for AWS WAF, including "All" and "Default_Action." You can't change the name of
	// the metric after you create the RateBasedRule .
	MetricName *string

	// A friendly name or description for a RateBasedRule . You can't change the name
	// of a RateBasedRule after you create it.
	Name *string
	// contains filtered or unexported fields
}

type RateKey string

type RegexMatchSet struct {

	// A friendly name or description of the RegexMatchSet . You can't change Name
	// after you create a RegexMatchSet .
	Name *string

	// The RegexMatchSetId for a RegexMatchSet . You use RegexMatchSetId to get
	// information about a RegexMatchSet (see GetRegexMatchSet ), update a
	// RegexMatchSet (see UpdateRegexMatchSet ), insert a RegexMatchSet into a Rule or
	// delete one from a Rule (see UpdateRule ), and delete a RegexMatchSet from AWS
	// WAF (see DeleteRegexMatchSet ). RegexMatchSetId is returned by
	// CreateRegexMatchSet and by ListRegexMatchSets .
	RegexMatchSetId *string

	// Contains an array of RegexMatchTuple objects. Each RegexMatchTuple object
	// contains:
	//   - The part of a web request that you want AWS WAF to inspect, such as a query
	//   string or the value of the User-Agent header.
	//   - The identifier of the pattern (a regular expression) that you want AWS WAF
	//   to look for. For more information, see RegexPatternSet .
	//   - Whether to perform any conversions on the request, such as converting it to
	//   lowercase, before inspecting it for the specified string.
	RegexMatchTuples []RegexMatchTuple
	// contains filtered or unexported fields
}

type RegexMatchSetSummary struct {

	// A friendly name or description of the RegexMatchSet . You can't change Name
	// after you create a RegexMatchSet .
	//
	// This member is required.
	Name *string

	// The RegexMatchSetId for a RegexMatchSet . You use RegexMatchSetId to get
	// information about a RegexMatchSet , update a RegexMatchSet , remove a
	// RegexMatchSet from a Rule , and delete a RegexMatchSet from AWS WAF.
	// RegexMatchSetId is returned by CreateRegexMatchSet and by ListRegexMatchSets .
	//
	// This member is required.
	RegexMatchSetId *string
	// contains filtered or unexported fields
}

type RegexMatchSetUpdate struct {

	// Specifies whether to insert or delete a RegexMatchTuple .
	//
	// This member is required.
	Action ChangeAction

	// Information about the part of a web request that you want AWS WAF to inspect
	// and the identifier of the regular expression (regex) pattern that you want AWS
	// WAF to search for. If you specify DELETE for the value of Action , the
	// RegexMatchTuple values must exactly match the values in the RegexMatchTuple
	// that you want to delete from the RegexMatchSet .
	//
	// This member is required.
	RegexMatchTuple *RegexMatchTuple
	// contains filtered or unexported fields
}

type RegexMatchTuple struct {

	// Specifies where in a web request to look for the RegexPatternSet .
	//
	// This member is required.
	FieldToMatch *FieldToMatch

	// The RegexPatternSetId for a RegexPatternSet . You use RegexPatternSetId to get
	// information about a RegexPatternSet (see GetRegexPatternSet ), update a
	// RegexPatternSet (see UpdateRegexPatternSet ), insert a RegexPatternSet into a
	// RegexMatchSet or delete one from a RegexMatchSet (see UpdateRegexMatchSet ), and
	// delete an RegexPatternSet from AWS WAF (see DeleteRegexPatternSet ).
	// RegexPatternSetId is returned by CreateRegexPatternSet and by
	// ListRegexPatternSets .
	//
	// This member is required.
	RegexPatternSetId *string

	// Text transformations eliminate some of the unusual formatting that attackers
	// use in web requests in an effort to bypass AWS WAF. If you specify a
	// transformation, AWS WAF performs the transformation on RegexPatternSet before
	// inspecting a request for a match. You can only specify a single type of
	// TextTransformation. CMD_LINE When you're concerned that attackers are injecting
	// an operating system commandline command and using unusual formatting to disguise
	// some or all of the command, use this option to perform the following
	// transformations:
	//   - Delete the following characters: \ " ' ^
	//   - Delete spaces before the following characters: / (
	//   - Replace the following characters with a space: , ;
	//   - Replace multiple spaces with one space
	//   - Convert uppercase letters (A-Z) to lowercase (a-z)
	// COMPRESS_WHITE_SPACE Use this option to replace the following characters with a
	// space character (decimal 32):
	//   - \f, formfeed, decimal 12
	//   - \t, tab, decimal 9
	//   - \n, newline, decimal 10
	//   - \r, carriage return, decimal 13
	//   - \v, vertical tab, decimal 11
	//   - non-breaking space, decimal 160
	// COMPRESS_WHITE_SPACE also replaces multiple spaces with one space.
	// HTML_ENTITY_DECODE Use this option to replace HTML-encoded characters with
	// unencoded characters. HTML_ENTITY_DECODE performs the following operations:
	//   - Replaces (ampersand)quot; with "
	//   - Replaces (ampersand)nbsp; with a non-breaking space, decimal 160
	//   - Replaces (ampersand)lt; with a "less than" symbol
	//   - Replaces (ampersand)gt; with >
	//   - Replaces characters that are represented in hexadecimal format,
	//   (ampersand)#xhhhh; , with the corresponding characters
	//   - Replaces characters that are represented in decimal format,
	//   (ampersand)#nnnn; , with the corresponding characters
	// LOWERCASE Use this option to convert uppercase letters (A-Z) to lowercase
	// (a-z). URL_DECODE Use this option to decode a URL-encoded value. NONE Specify
	// NONE if you don't want to perform any text transformations.
	//
	// This member is required.
	TextTransformation TextTransformation
	// contains filtered or unexported fields
}

type RegexPatternSet struct {

	// The identifier for the RegexPatternSet . You use RegexPatternSetId to get
	// information about a RegexPatternSet , update a RegexPatternSet , remove a
	// RegexPatternSet from a RegexMatchSet , and delete a RegexPatternSet from AWS
	// WAF. RegexMatchSetId is returned by CreateRegexPatternSet and by
	// ListRegexPatternSets .
	//
	// This member is required.
	RegexPatternSetId *string

	// Specifies the regular expression (regex) patterns that you want AWS WAF to
	// search for, such as B[a@]dB[o0]t .
	//
	// This member is required.
	RegexPatternStrings []string

	// A friendly name or description of the RegexPatternSet . You can't change Name
	// after you create a RegexPatternSet .
	Name *string
	// contains filtered or unexported fields
}

type RegexPatternSetSummary struct {

	// A friendly name or description of the RegexPatternSet . You can't change Name
	// after you create a RegexPatternSet .
	//
	// This member is required.
	Name *string

	// The RegexPatternSetId for a RegexPatternSet . You use RegexPatternSetId to get
	// information about a RegexPatternSet , update a RegexPatternSet , remove a
	// RegexPatternSet from a RegexMatchSet , and delete a RegexPatternSet from AWS
	// WAF. RegexPatternSetId is returned by CreateRegexPatternSet and by
	// ListRegexPatternSets .
	//
	// This member is required.
	RegexPatternSetId *string
	// contains filtered or unexported fields
}

type RegexPatternSetUpdate struct {

	// Specifies whether to insert or delete a RegexPatternString .
	//
	// This member is required.
	Action ChangeAction

	// Specifies the regular expression (regex) pattern that you want AWS WAF to
	// search for, such as B[a@]dB[o0]t .
	//
	// This member is required.
	RegexPatternString *string
	// contains filtered or unexported fields
}

type ResourceType string

type Rule struct {

	// The Predicates object contains one Predicate element for each ByteMatchSet ,
	// IPSet , or SqlInjectionMatchSet object that you want to include in a Rule .
	//
	// This member is required.
	Predicates []Predicate

	// A unique identifier for a Rule . You use RuleId to get more information about a
	// Rule (see GetRule ), update a Rule (see UpdateRule ), insert a Rule into a
	// WebACL or delete a one from a WebACL (see UpdateWebACL ), or delete a Rule from
	// AWS WAF (see DeleteRule ). RuleId is returned by CreateRule and by ListRules .
	//
	// This member is required.
	RuleId *string

	// A friendly name or description for the metrics for this Rule . The name can
	// contain only alphanumeric characters (A-Z, a-z, 0-9), with maximum length 128
	// and minimum length one. It can't contain whitespace or metric names reserved for
	// AWS WAF, including "All" and "Default_Action." You can't change MetricName
	// after you create the Rule .
	MetricName *string

	// The friendly name or description for the Rule . You can't change the name of a
	// Rule after you create it.
	Name *string
	// contains filtered or unexported fields
}

type RuleGroup struct {

	// A unique identifier for a RuleGroup . You use RuleGroupId to get more
	// information about a RuleGroup (see GetRuleGroup ), update a RuleGroup (see
	// UpdateRuleGroup ), insert a RuleGroup into a WebACL or delete a one from a
	// WebACL (see UpdateWebACL ), or delete a RuleGroup from AWS WAF (see
	// DeleteRuleGroup ). RuleGroupId is returned by CreateRuleGroup and by
	// ListRuleGroups .
	//
	// This member is required.
	RuleGroupId *string

	// A friendly name or description for the metrics for this RuleGroup . The name can
	// contain only alphanumeric characters (A-Z, a-z, 0-9), with maximum length 128
	// and minimum length one. It can't contain whitespace or metric names reserved for
	// AWS WAF, including "All" and "Default_Action." You can't change the name of the
	// metric after you create the RuleGroup .
	MetricName *string

	// The friendly name or description for the RuleGroup . You can't change the name
	// of a RuleGroup after you create it.
	Name *string
	// contains filtered or unexported fields
}

type RuleGroupSummary struct {

	// A friendly name or description of the RuleGroup . You can't change the name of a
	// RuleGroup after you create it.
	//
	// This member is required.
	Name *string

	// A unique identifier for a RuleGroup . You use RuleGroupId to get more
	// information about a RuleGroup (see GetRuleGroup ), update a RuleGroup (see
	// UpdateRuleGroup ), insert a RuleGroup into a WebACL or delete one from a WebACL
	// (see UpdateWebACL ), or delete a RuleGroup from AWS WAF (see DeleteRuleGroup ).
	// RuleGroupId is returned by CreateRuleGroup and by ListRuleGroups .
	//
	// This member is required.
	RuleGroupId *string
	// contains filtered or unexported fields
}

type RuleGroupUpdate struct {

	// Specify INSERT to add an ActivatedRule to a RuleGroup . Use DELETE to remove an
	// ActivatedRule from a RuleGroup .
	//
	// This member is required.
	Action ChangeAction

	// The ActivatedRule object specifies a Rule that you want to insert or delete,
	// the priority of the Rule in the WebACL , and the action that you want AWS WAF to
	// take when a web request matches the Rule ( ALLOW , BLOCK , or COUNT ).
	//
	// This member is required.
	ActivatedRule *ActivatedRule
	// contains filtered or unexported fields
}

type RuleSummary struct {

	// A friendly name or description of the Rule . You can't change the name of a Rule
	// after you create it.
	//
	// This member is required.
	Name *string

	// A unique identifier for a Rule . You use RuleId to get more information about a
	// Rule (see GetRule ), update a Rule (see UpdateRule ), insert a Rule into a
	// WebACL or delete one from a WebACL (see UpdateWebACL ), or delete a Rule from
	// AWS WAF (see DeleteRule ). RuleId is returned by CreateRule and by ListRules .
	//
	// This member is required.
	RuleId *string
	// contains filtered or unexported fields
}

type RuleUpdate struct {

	// Specify INSERT to add a Predicate to a Rule . Use DELETE to remove a Predicate
	// from a Rule .
	//
	// This member is required.
	Action ChangeAction

	// The ID of the Predicate (such as an IPSet ) that you want to add to a Rule .
	//
	// This member is required.
	Predicate *Predicate
	// contains filtered or unexported fields
}

type SampledHTTPRequest struct {

	// A complex type that contains detailed information about the request.
	//
	// This member is required.
	Request *HTTPRequest

	// A value that indicates how one result in the response relates proportionally to
	// other results in the response. A result that has a weight of 2 represents
	// roughly twice as many CloudFront web requests as a result that has a weight of 1
	// .
	//
	// This member is required.
	Weight int64

	// The action for the Rule that the request matched: ALLOW , BLOCK , or COUNT .
	Action *string

	// This value is returned if the GetSampledRequests request specifies the ID of a
	// RuleGroup rather than the ID of an individual rule. RuleWithinRuleGroup is the
	// rule within the specified RuleGroup that matched the request listed in the
	// response.
	RuleWithinRuleGroup *string

	// The time at which AWS WAF received the request from your AWS resource, in Unix
	// time format (in seconds).
	Timestamp *time.Time
	// contains filtered or unexported fields
}

type SizeConstraint struct {

	// The type of comparison you want AWS WAF to perform. AWS WAF uses this in
	// combination with the provided Size and FieldToMatch to build an expression in
	// the form of " Size ComparisonOperator size in bytes of FieldToMatch ". If that
	// expression is true, the SizeConstraint is considered to match. EQ: Used to test
	// if the Size is equal to the size of the FieldToMatch NE: Used to test if the
	// Size is not equal to the size of the FieldToMatch LE: Used to test if the Size
	// is less than or equal to the size of the FieldToMatch LT: Used to test if the
	// Size is strictly less than the size of the FieldToMatch GE: Used to test if the
	// Size is greater than or equal to the size of the FieldToMatch GT: Used to test
	// if the Size is strictly greater than the size of the FieldToMatch
	//
	// This member is required.
	ComparisonOperator ComparisonOperator

	// Specifies where in a web request to look for the size constraint.
	//
	// This member is required.
	FieldToMatch *FieldToMatch

	// The size in bytes that you want AWS WAF to compare against the size of the
	// specified FieldToMatch . AWS WAF uses this in combination with
	// ComparisonOperator and FieldToMatch to build an expression in the form of " Size
	// ComparisonOperator size in bytes of FieldToMatch ". If that expression is true,
	// the SizeConstraint is considered to match. Valid values for size are 0 -
	// 21474836480 bytes (0 - 20 GB). If you specify URI for the value of Type , the /
	// in the URI counts as one character. For example, the URI /logo.jpg is nine
	// characters long.
	//
	// This member is required.
	Size int64

	// Text transformations eliminate some of the unusual formatting that attackers
	// use in web requests in an effort to bypass AWS WAF. If you specify a
	// transformation, AWS WAF performs the transformation on FieldToMatch before
	// inspecting it for a match. You can only specify a single type of
	// TextTransformation. Note that if you choose BODY for the value of Type , you
	// must choose NONE for TextTransformation because CloudFront forwards only the
	// first 8192 bytes for inspection. NONE Specify NONE if you don't want to perform
	// any text transformations. CMD_LINE When you're concerned that attackers are
	// injecting an operating system command line command and using unusual formatting
	// to disguise some or all of the command, use this option to perform the following
	// transformations:
	//   - Delete the following characters: \ " ' ^
	//   - Delete spaces before the following characters: / (
	//   - Replace the following characters with a space: , ;
	//   - Replace multiple spaces with one space
	//   - Convert uppercase letters (A-Z) to lowercase (a-z)
	// COMPRESS_WHITE_SPACE Use this option to replace the following characters with a
	// space character (decimal 32):
	//   - \f, formfeed, decimal 12
	//   - \t, tab, decimal 9
	//   - \n, newline, decimal 10
	//   - \r, carriage return, decimal 13
	//   - \v, vertical tab, decimal 11
	//   - non-breaking space, decimal 160
	// COMPRESS_WHITE_SPACE also replaces multiple spaces with one space.
	// HTML_ENTITY_DECODE Use this option to replace HTML-encoded characters with
	// unencoded characters. HTML_ENTITY_DECODE performs the following operations:
	//   - Replaces (ampersand)quot; with "
	//   - Replaces (ampersand)nbsp; with a non-breaking space, decimal 160
	//   - Replaces (ampersand)lt; with a "less than" symbol
	//   - Replaces (ampersand)gt; with >
	//   - Replaces characters that are represented in hexadecimal format,
	//   (ampersand)#xhhhh; , with the corresponding characters
	//   - Replaces characters that are represented in decimal format,
	//   (ampersand)#nnnn; , with the corresponding characters
	// LOWERCASE Use this option to convert uppercase letters (A-Z) to lowercase
	// (a-z). URL_DECODE Use this option to decode a URL-encoded value.
	//
	// This member is required.
	TextTransformation TextTransformation
	// contains filtered or unexported fields
}

type SizeConstraintSet struct {

	// A unique identifier for a SizeConstraintSet . You use SizeConstraintSetId to
	// get information about a SizeConstraintSet (see GetSizeConstraintSet ), update a
	// SizeConstraintSet (see UpdateSizeConstraintSet ), insert a SizeConstraintSet
	// into a Rule or delete one from a Rule (see UpdateRule ), and delete a
	// SizeConstraintSet from AWS WAF (see DeleteSizeConstraintSet ).
	// SizeConstraintSetId is returned by CreateSizeConstraintSet and by
	// ListSizeConstraintSets .
	//
	// This member is required.
	SizeConstraintSetId *string

	// Specifies the parts of web requests that you want to inspect the size of.
	//
	// This member is required.
	SizeConstraints []SizeConstraint

	// The name, if any, of the SizeConstraintSet .
	Name *string
	// contains filtered or unexported fields
}

type SizeConstraintSetSummary struct {

	// The name of the SizeConstraintSet , if any.
	//
	// This member is required.
	Name *string

	// A unique identifier for a SizeConstraintSet . You use SizeConstraintSetId to
	// get information about a SizeConstraintSet (see GetSizeConstraintSet ), update a
	// SizeConstraintSet (see UpdateSizeConstraintSet ), insert a SizeConstraintSet
	// into a Rule or delete one from a Rule (see UpdateRule ), and delete a
	// SizeConstraintSet from AWS WAF (see DeleteSizeConstraintSet ).
	// SizeConstraintSetId is returned by CreateSizeConstraintSet and by
	// ListSizeConstraintSets .
	//
	// This member is required.
	SizeConstraintSetId *string
	// contains filtered or unexported fields
}

type SizeConstraintSetUpdate struct {

	// Specify INSERT to add a SizeConstraintSetUpdate to a SizeConstraintSet . Use
	// DELETE to remove a SizeConstraintSetUpdate from a SizeConstraintSet .
	//
	// This member is required.
	Action ChangeAction

	// Specifies a constraint on the size of a part of the web request. AWS WAF uses
	// the Size , ComparisonOperator , and FieldToMatch to build an expression in the
	// form of " Size ComparisonOperator size in bytes of FieldToMatch ". If that
	// expression is true, the SizeConstraint is considered to match.
	//
	// This member is required.
	SizeConstraint *SizeConstraint
	// contains filtered or unexported fields
}

type SqlInjectionMatchSet struct {

	// A unique identifier for a SqlInjectionMatchSet . You use SqlInjectionMatchSetId
	// to get information about a SqlInjectionMatchSet (see GetSqlInjectionMatchSet ),
	// update a SqlInjectionMatchSet (see UpdateSqlInjectionMatchSet ), insert a
	// SqlInjectionMatchSet into a Rule or delete one from a Rule (see UpdateRule ),
	// and delete a SqlInjectionMatchSet from AWS WAF (see DeleteSqlInjectionMatchSet
	// ). SqlInjectionMatchSetId is returned by CreateSqlInjectionMatchSet and by
	// ListSqlInjectionMatchSets .
	//
	// This member is required.
	SqlInjectionMatchSetId *string

	// Specifies the parts of web requests that you want to inspect for snippets of
	// malicious SQL code.
	//
	// This member is required.
	SqlInjectionMatchTuples []SqlInjectionMatchTuple

	// The name, if any, of the SqlInjectionMatchSet .
	Name *string
	// contains filtered or unexported fields
}

type SqlInjectionMatchSetSummary struct {

	// The name of the SqlInjectionMatchSet , if any, specified by Id .
	//
	// This member is required.
	Name *string

	// A unique identifier for a SqlInjectionMatchSet . You use SqlInjectionMatchSetId
	// to get information about a SqlInjectionMatchSet (see GetSqlInjectionMatchSet ),
	// update a SqlInjectionMatchSet (see UpdateSqlInjectionMatchSet ), insert a
	// SqlInjectionMatchSet into a Rule or delete one from a Rule (see UpdateRule ),
	// and delete a SqlInjectionMatchSet from AWS WAF (see DeleteSqlInjectionMatchSet
	// ). SqlInjectionMatchSetId is returned by CreateSqlInjectionMatchSet and by
	// ListSqlInjectionMatchSets .
	//
	// This member is required.
	SqlInjectionMatchSetId *string
	// contains filtered or unexported fields
}

type SqlInjectionMatchSetUpdate struct {

	// Specify INSERT to add a SqlInjectionMatchSetUpdate to a SqlInjectionMatchSet .
	// Use DELETE to remove a SqlInjectionMatchSetUpdate from a SqlInjectionMatchSet .
	//
	// This member is required.
	Action ChangeAction

	// Specifies the part of a web request that you want AWS WAF to inspect for
	// snippets of malicious SQL code and, if you want AWS WAF to inspect a header, the
	// name of the header.
	//
	// This member is required.
	SqlInjectionMatchTuple *SqlInjectionMatchTuple
	// contains filtered or unexported fields
}

type SqlInjectionMatchTuple struct {

	// Specifies where in a web request to look for snippets of malicious SQL code.
	//
	// This member is required.
	FieldToMatch *FieldToMatch

	// Text transformations eliminate some of the unusual formatting that attackers
	// use in web requests in an effort to bypass AWS WAF. If you specify a
	// transformation, AWS WAF performs the transformation on FieldToMatch before
	// inspecting it for a match. You can only specify a single type of
	// TextTransformation. CMD_LINE When you're concerned that attackers are injecting
	// an operating system command line command and using unusual formatting to
	// disguise some or all of the command, use this option to perform the following
	// transformations:
	//   - Delete the following characters: \ " ' ^
	//   - Delete spaces before the following characters: / (
	//   - Replace the following characters with a space: , ;
	//   - Replace multiple spaces with one space
	//   - Convert uppercase letters (A-Z) to lowercase (a-z)
	// COMPRESS_WHITE_SPACE Use this option to replace the following characters with a
	// space character (decimal 32):
	//   - \f, formfeed, decimal 12
	//   - \t, tab, decimal 9
	//   - \n, newline, decimal 10
	//   - \r, carriage return, decimal 13
	//   - \v, vertical tab, decimal 11
	//   - non-breaking space, decimal 160
	// COMPRESS_WHITE_SPACE also replaces multiple spaces with one space.
	// HTML_ENTITY_DECODE Use this option to replace HTML-encoded characters with
	// unencoded characters. HTML_ENTITY_DECODE performs the following operations:
	//   - Replaces (ampersand)quot; with "
	//   - Replaces (ampersand)nbsp; with a non-breaking space, decimal 160
	//   - Replaces (ampersand)lt; with a "less than" symbol
	//   - Replaces (ampersand)gt; with >
	//   - Replaces characters that are represented in hexadecimal format,
	//   (ampersand)#xhhhh; , with the corresponding characters
	//   - Replaces characters that are represented in decimal format,
	//   (ampersand)#nnnn; , with the corresponding characters
	// LOWERCASE Use this option to convert uppercase letters (A-Z) to lowercase
	// (a-z). URL_DECODE Use this option to decode a URL-encoded value. NONE Specify
	// NONE if you don't want to perform any text transformations.
	//
	// This member is required.
	TextTransformation TextTransformation
	// contains filtered or unexported fields
}

type SubscribedRuleGroupSummary struct {

	// A friendly name or description for the metrics for this RuleGroup . The name can
	// contain only alphanumeric characters (A-Z, a-z, 0-9), with maximum length 128
	// and minimum length one. It can't contain whitespace or metric names reserved for
	// AWS WAF, including "All" and "Default_Action." You can't change the name of the
	// metric after you create the RuleGroup .
	//
	// This member is required.
	MetricName *string

	// A friendly name or description of the RuleGroup . You can't change the name of a
	// RuleGroup after you create it.
	//
	// This member is required.
	Name *string

	// A unique identifier for a RuleGroup .
	//
	// This member is required.
	RuleGroupId *string
	// contains filtered or unexported fields
}

type Tag struct {

	//
	//
	// This member is required.
	Key *string

	//
	//
	// This member is required.
	Value *string
	// contains filtered or unexported fields
}

type TagInfoForResource struct {

	//
	ResourceARN *string

	//
	TagList []Tag
	// contains filtered or unexported fields
}

type TextTransformation string

type TimeWindow struct {

	// The end of the time range from which you want GetSampledRequests to return a
	// sample of the requests that your AWS resource received. You must specify the
	// date and time in Coordinated Universal Time (UTC) format. UTC format includes
	// the special designator, Z . For example, "2016-09-27T14:50Z" . You can specify
	// any time range in the previous three hours.
	//
	// This member is required.
	EndTime *time.Time

	// The beginning of the time range from which you want GetSampledRequests to
	// return a sample of the requests that your AWS resource received. You must
	// specify the date and time in Coordinated Universal Time (UTC) format. UTC format
	// includes the special designator, Z . For example, "2016-09-27T14:50Z" . You can
	// specify any time range in the previous three hours.
	//
	// This member is required.
	StartTime *time.Time
	// contains filtered or unexported fields
}

type WAFBadRequestException struct {
	Message *string

	ErrorCodeOverride *string
	// contains filtered or unexported fields
}

type WAFDisallowedNameException struct {
	Message *string

	ErrorCodeOverride *string
	// contains filtered or unexported fields
}

type WAFEntityMigrationException struct {
	Message *string

	ErrorCodeOverride *string

	MigrationErrorType   MigrationErrorType
	MigrationErrorReason *string
	// contains filtered or unexported fields
}

type WAFInternalErrorException struct {
	Message *string

	ErrorCodeOverride *string
	// contains filtered or unexported fields
}

type WAFInvalidAccountException struct {
	Message *string

	ErrorCodeOverride *string
	// contains filtered or unexported fields
}

type WAFInvalidOperationException struct {
	Message *string

	ErrorCodeOverride *string
	// contains filtered or unexported fields
}

type WAFInvalidParameterException struct {
	Message *string

	ErrorCodeOverride *string

	Field     ParameterExceptionField
	Parameter *string
	Reason    ParameterExceptionReason
	// contains filtered or unexported fields
}

type WAFInvalidPermissionPolicyException struct {
	Message *string

	ErrorCodeOverride *string
	// contains filtered or unexported fields
}

type WAFInvalidRegexPatternException struct {
	Message *string

	ErrorCodeOverride *string
	// contains filtered or unexported fields
}

type WAFLimitsExceededException struct {
	Message *string

	ErrorCodeOverride *string
	// contains filtered or unexported fields
}

type WAFNonEmptyEntityException struct {
	Message *string

	ErrorCodeOverride *string
	// contains filtered or unexported fields
}

type WAFNonexistentContainerException struct {
	Message *string

	ErrorCodeOverride *string
	// contains filtered or unexported fields
}

type WAFNonexistentItemException struct {
	Message *string

	ErrorCodeOverride *string
	// contains filtered or unexported fields
}

type WAFReferencedItemException struct {
	Message *string

	ErrorCodeOverride *string
	// contains filtered or unexported fields
}

type WAFServiceLinkedRoleErrorException struct {
	Message *string

	ErrorCodeOverride *string
	// contains filtered or unexported fields
}

type WAFStaleDataException struct {
	Message *string

	ErrorCodeOverride *string
	// contains filtered or unexported fields
}

type WAFSubscriptionNotFoundException struct {
	Message *string

	ErrorCodeOverride *string
	// contains filtered or unexported fields
}

type WAFTagOperationException struct {
	Message *string

	ErrorCodeOverride *string
	// contains filtered or unexported fields
}

type WAFTagOperationInternalErrorException struct {
	Message *string

	ErrorCodeOverride *string
	// contains filtered or unexported fields
}

type WAFUnavailableEntityException struct {
	Message *string

	ErrorCodeOverride *string
	// contains filtered or unexported fields
}

type WafAction struct {

	// Specifies how you want AWS WAF to respond to requests that match the settings
	// in a Rule . Valid settings include the following:
	//   - ALLOW : AWS WAF allows requests
	//   - BLOCK : AWS WAF blocks requests
	//   - COUNT : AWS WAF increments a counter of the requests that match all of the
	//   conditions in the rule. AWS WAF then continues to inspect the web request based
	//   on the remaining rules in the web ACL. You can't specify COUNT for the default
	//   action for a WebACL .
	//
	// This member is required.
	Type WafActionType
	// contains filtered or unexported fields
}

type WafActionType string

type WafOverrideAction struct {

	// COUNT overrides the action specified by the individual rule within a RuleGroup
	// . If set to NONE , the rule's action will take place.
	//
	// This member is required.
	Type WafOverrideActionType
	// contains filtered or unexported fields
}

type WafOverrideActionType string

type WafRuleType string

type WebACL struct {

	// The action to perform if none of the Rules contained in the WebACL match. The
	// action is specified by the WafAction object.
	//
	// This member is required.
	DefaultAction *WafAction

	// An array that contains the action for each Rule in a WebACL , the priority of
	// the Rule , and the ID of the Rule .
	//
	// This member is required.
	Rules []ActivatedRule

	// A unique identifier for a WebACL . You use WebACLId to get information about a
	// WebACL (see GetWebACL ), update a WebACL (see UpdateWebACL ), and delete a
	// WebACL from AWS WAF (see DeleteWebACL ). WebACLId is returned by CreateWebACL
	// and by ListWebACLs .
	//
	// This member is required.
	WebACLId *string

	// A friendly name or description for the metrics for this WebACL . The name can
	// contain only alphanumeric characters (A-Z, a-z, 0-9), with maximum length 128
	// and minimum length one. It can't contain whitespace or metric names reserved for
	// AWS WAF, including "All" and "Default_Action." You can't change MetricName
	// after you create the WebACL .
	MetricName *string

	// A friendly name or description of the WebACL . You can't change the name of a
	// WebACL after you create it.
	Name *string

	// Tha Amazon Resource Name (ARN) of the web ACL.
	WebACLArn *string
	// contains filtered or unexported fields
}

type WebACLSummary struct {

	// A friendly name or description of the WebACL . You can't change the name of a
	// WebACL after you create it.
	//
	// This member is required.
	Name *string

	// A unique identifier for a WebACL . You use WebACLId to get information about a
	// WebACL (see GetWebACL ), update a WebACL (see UpdateWebACL ), and delete a
	// WebACL from AWS WAF (see DeleteWebACL ). WebACLId is returned by CreateWebACL
	// and by ListWebACLs .
	//
	// This member is required.
	WebACLId *string
	// contains filtered or unexported fields
}

type WebACLUpdate struct {

	// Specifies whether to insert a Rule into or delete a Rule from a WebACL .
	//
	// This member is required.
	Action ChangeAction

	// The ActivatedRule object in an UpdateWebACL request specifies a Rule that you
	// want to insert or delete, the priority of the Rule in the WebACL , and the
	// action that you want AWS WAF to take when a web request matches the Rule ( ALLOW
	// , BLOCK , or COUNT ).
	//
	// This member is required.
	ActivatedRule *ActivatedRule
	// contains filtered or unexported fields
}

type XssMatchSet struct {

	// A unique identifier for an XssMatchSet . You use XssMatchSetId to get
	// information about an XssMatchSet (see GetXssMatchSet ), update an XssMatchSet
	// (see UpdateXssMatchSet ), insert an XssMatchSet into a Rule or delete one from
	// a Rule (see UpdateRule ), and delete an XssMatchSet from AWS WAF (see
	// DeleteXssMatchSet ). XssMatchSetId is returned by CreateXssMatchSet and by
	// ListXssMatchSets .
	//
	// This member is required.
	XssMatchSetId *string

	// Specifies the parts of web requests that you want to inspect for cross-site
	// scripting attacks.
	//
	// This member is required.
	XssMatchTuples []XssMatchTuple

	// The name, if any, of the XssMatchSet .
	Name *string
	// contains filtered or unexported fields
}

type XssMatchSetSummary struct {

	// The name of the XssMatchSet , if any, specified by Id .
	//
	// This member is required.
	Name *string

	// A unique identifier for an XssMatchSet . You use XssMatchSetId to get
	// information about a XssMatchSet (see GetXssMatchSet ), update an XssMatchSet
	// (see UpdateXssMatchSet ), insert an XssMatchSet into a Rule or delete one from
	// a Rule (see UpdateRule ), and delete an XssMatchSet from AWS WAF (see
	// DeleteXssMatchSet ). XssMatchSetId is returned by CreateXssMatchSet and by
	// ListXssMatchSets .
	//
	// This member is required.
	XssMatchSetId *string
	// contains filtered or unexported fields
}

type XssMatchSetUpdate struct {

	// Specify INSERT to add an XssMatchSetUpdate to an XssMatchSet . Use DELETE to
	// remove an XssMatchSetUpdate from an XssMatchSet .
	//
	// This member is required.
	Action ChangeAction

	// Specifies the part of a web request that you want AWS WAF to inspect for
	// cross-site scripting attacks and, if you want AWS WAF to inspect a header, the
	// name of the header.
	//
	// This member is required.
	XssMatchTuple *XssMatchTuple
	// contains filtered or unexported fields
}

type XssMatchTuple struct {

	// Specifies where in a web request to look for cross-site scripting attacks.
	//
	// This member is required.
	FieldToMatch *FieldToMatch

	// Text transformations eliminate some of the unusual formatting that attackers
	// use in web requests in an effort to bypass AWS WAF. If you specify a
	// transformation, AWS WAF performs the transformation on FieldToMatch before
	// inspecting it for a match. You can only specify a single type of
	// TextTransformation. CMD_LINE When you're concerned that attackers are injecting
	// an operating system command line command and using unusual formatting to
	// disguise some or all of the command, use this option to perform the following
	// transformations:
	//   - Delete the following characters: \ " ' ^
	//   - Delete spaces before the following characters: / (
	//   - Replace the following characters with a space: , ;
	//   - Replace multiple spaces with one space
	//   - Convert uppercase letters (A-Z) to lowercase (a-z)
	// COMPRESS_WHITE_SPACE Use this option to replace the following characters with a
	// space character (decimal 32):
	//   - \f, formfeed, decimal 12
	//   - \t, tab, decimal 9
	//   - \n, newline, decimal 10
	//   - \r, carriage return, decimal 13
	//   - \v, vertical tab, decimal 11
	//   - non-breaking space, decimal 160
	// COMPRESS_WHITE_SPACE also replaces multiple spaces with one space.
	// HTML_ENTITY_DECODE Use this option to replace HTML-encoded characters with
	// unencoded characters. HTML_ENTITY_DECODE performs the following operations:
	//   - Replaces (ampersand)quot; with "
	//   - Replaces (ampersand)nbsp; with a non-breaking space, decimal 160
	//   - Replaces (ampersand)lt; with a "less than" symbol
	//   - Replaces (ampersand)gt; with >
	//   - Replaces characters that are represented in hexadecimal format,
	//   (ampersand)#xhhhh; , with the corresponding characters
	//   - Replaces characters that are represented in decimal format,
	//   (ampersand)#nnnn; , with the corresponding characters
	// LOWERCASE Use this option to convert uppercase letters (A-Z) to lowercase
	// (a-z). URL_DECODE Use this option to decode a URL-encoded value. NONE Specify
	// NONE if you don't want to perform any text transformations.
	//
	// This member is required.
	TextTransformation TextTransformation
	// contains filtered or unexported fields
}