waf

type ActivatedRule struct {

	// Specifies the action that CloudFront or AWS WAF takes when a web request
	// matches the conditions in the Rule. Valid values for Action include the following:
	//
	//    ALLOW: CloudFront responds with the requested object.
	//
	//    BLOCK: CloudFront responds with an HTTP 403 (Forbidden) status code.
	//
	//    COUNT: AWS WAF increments a counter of requests that match the conditions
	// in the rule and then continues to inspect the web request based on the remaining
	// rules in the web ACL.
	//
	// Action is a required field
	Action *WafAction `type:"structure" required:"true"`

	// Specifies the order in which the Rules in a WebACL are evaluated. Rules with
	// a lower value for Priority are evaluated before Rules with a higher value.
	// The value must be a unique integer. If you add multiple Rules to a WebACL,
	// the values don't need to be consecutive.
	//
	// Priority is a required field
	Priority *int64 `type:"integer" required:"true"`

	// The RuleId for a Rule. You use RuleId to get more information about a Rule
	// (see GetRule), update a Rule (see UpdateRule), insert a Rule into a WebACL
	// or delete a one from a WebACL (see UpdateWebACL), or delete a Rule from AWS
	// WAF (see DeleteRule).
	//
	//  RuleId is returned by CreateRule and by ListRules.
	//
	// RuleId is a required field
	RuleId *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

type ByteMatchSet struct {

	// The ByteMatchSetId for a ByteMatchSet. You use ByteMatchSetId to get information
	// about a ByteMatchSet (see GetByteMatchSet), update a ByteMatchSet (see UpdateByteMatchSet),
	// insert a ByteMatchSet into a Rule or delete one from a Rule (see UpdateRule),
	// and delete a ByteMatchSet from AWS WAF (see DeleteByteMatchSet).
	//
	//  ByteMatchSetId is returned by CreateByteMatchSet and by ListByteMatchSets.
	//
	// ByteMatchSetId is a required field
	ByteMatchSetId *string `min:"1" type:"string" required:"true"`

	// Specifies the bytes (typically a string that corresponds with ASCII characters)
	// that you want AWS WAF to search for in web requests, the location in requests
	// that you want AWS WAF to search, and other settings.
	//
	// ByteMatchTuples is a required field
	ByteMatchTuples []*ByteMatchTuple `type:"list" required:"true"`

	// A friendly name or description of the ByteMatchSet. You can't change Name
	// after you create a ByteMatchSet.
	Name *string `min:"1" type:"string"`
	// contains filtered or unexported fields
}

type ByteMatchSetSummary struct {

	// The ByteMatchSetId for a ByteMatchSet. You use ByteMatchSetId to get information
	// about a ByteMatchSet, update a ByteMatchSet, remove a ByteMatchSet from a
	// Rule, and delete a ByteMatchSet from AWS WAF.
	//
	//  ByteMatchSetId is returned by CreateByteMatchSet and by ListByteMatchSets.
	//
	// ByteMatchSetId is a required field
	ByteMatchSetId *string `min:"1" type:"string" required:"true"`

	// A friendly name or description of the ByteMatchSet. You can't change Name
	// after you create a ByteMatchSet.
	//
	// Name is a required field
	Name *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

type ByteMatchSetUpdate struct {

	// Specifies whether to insert or delete a ByteMatchTuple.
	//
	// Action is a required field
	Action *string `type:"string" required:"true" enum:"ChangeAction"`

	// Information about the part of a web request that you want AWS WAF to inspect
	// and the value that you want AWS WAF to search for. If you specify DELETE
	// for the value of Action, the ByteMatchTuple values must exactly match the
	// values in the ByteMatchTuple that you want to delete from the ByteMatchSet.
	//
	// ByteMatchTuple is a required field
	ByteMatchTuple *ByteMatchTuple `type:"structure" required:"true"`
	// contains filtered or unexported fields
}

type ByteMatchTuple struct {

	// The part of a web request that you want AWS WAF to search, such as a specified
	// header or a query string. For more information, see FieldToMatch.
	//
	// FieldToMatch is a required field
	FieldToMatch *FieldToMatch `type:"structure" required:"true"`

	// Within the portion of a web request that you want to search (for example,
	// in the query string, if any), specify where you want AWS WAF to search. Valid
	// values include the following:
	//
	//  CONTAINS
	//
	// The specified part of the web request must include the value of TargetString,
	// but the location doesn't matter.
	//
	//  CONTAINS_WORD
	//
	// The specified part of the web request must include the value of TargetString,
	// and TargetString must contain only alphanumeric characters or underscore
	// (A-Z, a-z, 0-9, or _). In addition, TargetString must be a word, which means
	// one of the following:
	//
	//    TargetString exactly matches the value of the specified part of the web
	// request, such as the value of a header.
	//
	//    TargetString is at the beginning of the specified part of the web request
	// and is followed by a character other than an alphanumeric character or underscore
	// (_), for example, BadBot;.
	//
	//    TargetString is at the end of the specified part of the web request and
	// is preceded by a character other than an alphanumeric character or underscore
	// (_), for example, ;BadBot.
	//
	//    TargetString is in the middle of the specified part of the web request
	// and is preceded and followed by characters other than alphanumeric characters
	// or underscore (_), for example, -BadBot;.
	//
	//    EXACTLY
	//
	// The value of the specified part of the web request must exactly match the
	// value of TargetString.
	//
	//  STARTS_WITH
	//
	// The value of TargetString must appear at the beginning of the specified
	// part of the web request.
	//
	//  ENDS_WITH
	//
	// The value of TargetString must appear at the end of the specified part of
	// the web request.
	//
	// PositionalConstraint is a required field
	PositionalConstraint *string `type:"string" required:"true" enum:"PositionalConstraint"`

	// The value that you want AWS WAF to search for. AWS WAF searches for the specified
	// string in the part of web requests that you specified in FieldToMatch. The
	// maximum length of the value is 50 bytes.
	//
	// Valid values depend on the values that you specified for FieldToMatch:
	//
	//    HEADER: The value that you want AWS WAF to search for in the request
	// header that you specified in FieldToMatch, for example, the value of the
	// User-Agent or Referer header.
	//
	//    METHOD: The HTTP method, which indicates the type of operation specified
	// in the request. CloudFront supports the following methods: DELETE, GET, HEAD,
	// OPTIONS, PATCH, POST, and PUT.
	//
	//    QUERY_STRING: The value that you want AWS WAF to search for in the query
	// string, which is the part of a URL that appears after a ? character.
	//
	//    URI: The value that you want AWS WAF to search for in the part of a URL
	// that identifies a resource, for example, /images/daily-ad.jpg.
	//
	//    BODY: The part of a request that contains any additional data that you
	// want to send to your web server as the HTTP request body, such as data from
	// a form. The request body immediately follows the request headers. Note that
	// only the first 8192 bytes of the request body are forwarded to AWS WAF for
	// inspection. To allow or block requests based on the length of the body, you
	// can create a size constraint set. For more information, see CreateSizeConstraintSet.
	//
	//   If TargetString includes alphabetic characters A-Z and a-z, note that
	// the value is case sensitive.
	//
	//  If you're using the AWS WAF API
	//
	// Specify a base64-encoded version of the value. The maximum length of the
	// value before you base64-encode it is 50 bytes.
	//
	// For example, suppose the value of Type is HEADER and the value of Data is
	// User-Agent. If you want to search the User-Agent header for the value BadBot,
	// you base64-encode BadBot using MIME base64 encoding and include the resulting
	// value, QmFkQm90, in the value of TargetString.
	//
	//  If you're using the AWS CLI or one of the AWS SDKs
	//
	// The value that you want AWS WAF to search for. The SDK automatically base64
	// encodes the value.
	//
	// TargetString is automatically base64 encoded/decoded by the SDK.
	//
	// TargetString is a required field
	TargetString []byte `type:"blob" required:"true"`

	// Text transformations eliminate some of the unusual formatting that attackers
	// use in web requests in an effort to bypass AWS WAF. If you specify a transformation,
	// AWS WAF performs the transformation on TargetString before inspecting a request
	// for a match.
	//
	//  CMD_LINE
	//
	// When you're concerned that attackers are injecting an operating system commandline
	// command and using unusual formatting to disguise some or all of the command,
	// use this option to perform the following transformations:
	//
	//   Delete the following characters: \ " ' ^
	//
	//   Delete spaces before the following characters: / (
	//
	//   Replace the following characters with a space: , ;
	//
	//   Replace multiple spaces with one space
	//
	//   Convert uppercase letters (A-Z) to lowercase (a-z)
	//
	//    COMPRESS_WHITE_SPACE
	//
	// Use this option to replace the following characters with a space character
	// (decimal 32):
	//
	//   \f, formfeed, decimal 12
	//
	//   \t, tab, decimal 9
	//
	//   \n, newline, decimal 10
	//
	//   \r, carriage return, decimal 13
	//
	//   \v, vertical tab, decimal 11
	//
	//   non-breaking space, decimal 160
	//
	//    COMPRESS_WHITE_SPACE also replaces multiple spaces with one space.
	//
	//  HTML_ENTITY_DECODE
	//
	// Use this option to replace HTML-encoded characters with unencoded characters.
	// HTML_ENTITY_DECODE performs the following operations:
	//
	//   Replaces (ampersand)quot; with "
	//
	//   Replaces (ampersand)nbsp; with a non-breaking space, decimal 160
	//
	//   Replaces (ampersand)lt; with a "less than" symbol
	//
	//   Replaces (ampersand)gt; with >
	//
	//   Replaces characters that are represented in hexadecimal format, (ampersand)#xhhhh;,
	// with the corresponding characters
	//
	//   Replaces characters that are represented in decimal format, (ampersand)#nnnn;,
	// with the corresponding characters
	//
	//    LOWERCASE
	//
	// Use this option to convert uppercase letters (A-Z) to lowercase (a-z).
	//
	//  URL_DECODE
	//
	// Use this option to decode a URL-encoded value.
	//
	//  NONE
	//
	// Specify NONE if you don't want to perform any text transformations.
	//
	// TextTransformation is a required field
	TextTransformation *string `type:"string" required:"true" enum:"TextTransformation"`
	// contains filtered or unexported fields
}

type CreateByteMatchSetInput struct {

	// The value returned by the most recent call to GetChangeToken.
	//
	// ChangeToken is a required field
	ChangeToken *string `min:"1" type:"string" required:"true"`

	// A friendly name or description of the ByteMatchSet. You can't change Name
	// after you create a ByteMatchSet.
	//
	// Name is a required field
	Name *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

type CreateByteMatchSetOutput struct {

	// A ByteMatchSet that contains no ByteMatchTuple objects.
	ByteMatchSet *ByteMatchSet `type:"structure"`

	// The ChangeToken that you used to submit the CreateByteMatchSet request. You
	// can also use this value to query the status of the request. For more information,
	// see GetChangeTokenStatus.
	ChangeToken *string `min:"1" type:"string"`
	// contains filtered or unexported fields
}

type CreateIPSetInput struct {

	// The value returned by the most recent call to GetChangeToken.
	//
	// ChangeToken is a required field
	ChangeToken *string `min:"1" type:"string" required:"true"`

	// A friendly name or description of the IPSet. You can't change Name after
	// you create the IPSet.
	//
	// Name is a required field
	Name *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

type CreateIPSetOutput struct {

	// The ChangeToken that you used to submit the CreateIPSet request. You can
	// also use this value to query the status of the request. For more information,
	// see GetChangeTokenStatus.
	ChangeToken *string `min:"1" type:"string"`

	// The IPSet returned in the CreateIPSet response.
	IPSet *IPSet `type:"structure"`
	// contains filtered or unexported fields
}

type CreateRuleInput struct {

	// The value returned by the most recent call to GetChangeToken.
	//
	// ChangeToken is a required field
	ChangeToken *string `min:"1" type:"string" required:"true"`

	// A friendly name or description for the metrics for this Rule. The name can
	// contain only alphanumeric characters (A-Z, a-z, 0-9); the name can't contain
	// whitespace. You can't change the name of the metric after you create the
	// Rule.
	//
	// MetricName is a required field
	MetricName *string `type:"string" required:"true"`

	// A friendly name or description of the Rule. You can't change the name of
	// a Rule after you create it.
	//
	// Name is a required field
	Name *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

type CreateRuleOutput struct {

	// The ChangeToken that you used to submit the CreateRule request. You can also
	// use this value to query the status of the request. For more information,
	// see GetChangeTokenStatus.
	ChangeToken *string `min:"1" type:"string"`

	// The Rule returned in the CreateRule response.
	Rule *Rule `type:"structure"`
	// contains filtered or unexported fields
}

type CreateSizeConstraintSetInput struct {

	// The value returned by the most recent call to GetChangeToken.
	//
	// ChangeToken is a required field
	ChangeToken *string `min:"1" type:"string" required:"true"`

	// A friendly name or description of the SizeConstraintSet. You can't change
	// Name after you create a SizeConstraintSet.
	//
	// Name is a required field
	Name *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

type CreateSizeConstraintSetOutput struct {

	// The ChangeToken that you used to submit the CreateSizeConstraintSet request.
	// You can also use this value to query the status of the request. For more
	// information, see GetChangeTokenStatus.
	ChangeToken *string `min:"1" type:"string"`

	// A SizeConstraintSet that contains no SizeConstraint objects.
	SizeConstraintSet *SizeConstraintSet `type:"structure"`
	// contains filtered or unexported fields
}

type CreateSqlInjectionMatchSetInput struct {

	// The value returned by the most recent call to GetChangeToken.
	//
	// ChangeToken is a required field
	ChangeToken *string `min:"1" type:"string" required:"true"`

	// A friendly name or description for the SqlInjectionMatchSet that you're creating.
	// You can't change Name after you create the SqlInjectionMatchSet.
	//
	// Name is a required field
	Name *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

type CreateSqlInjectionMatchSetOutput struct {

	// The ChangeToken that you used to submit the CreateSqlInjectionMatchSet request.
	// You can also use this value to query the status of the request. For more
	// information, see GetChangeTokenStatus.
	ChangeToken *string `min:"1" type:"string"`

	// A SqlInjectionMatchSet.
	SqlInjectionMatchSet *SqlInjectionMatchSet `type:"structure"`
	// contains filtered or unexported fields
}

type CreateWebACLInput struct {

	// The value returned by the most recent call to GetChangeToken.
	//
	// ChangeToken is a required field
	ChangeToken *string `min:"1" type:"string" required:"true"`

	// The action that you want AWS WAF to take when a request doesn't match the
	// criteria specified in any of the Rule objects that are associated with the
	// WebACL.
	//
	// DefaultAction is a required field
	DefaultAction *WafAction `type:"structure" required:"true"`

	// A friendly name or description for the metrics for this WebACL. The name
	// can contain only alphanumeric characters (A-Z, a-z, 0-9); the name can't
	// contain whitespace. You can't change MetricName after you create the WebACL.
	//
	// MetricName is a required field
	MetricName *string `type:"string" required:"true"`

	// A friendly name or description of the WebACL. You can't change Name after
	// you create the WebACL.
	//
	// Name is a required field
	Name *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

type CreateWebACLOutput struct {

	// The ChangeToken that you used to submit the CreateWebACL request. You can
	// also use this value to query the status of the request. For more information,
	// see GetChangeTokenStatus.
	ChangeToken *string `min:"1" type:"string"`

	// The WebACL returned in the CreateWebACL response.
	WebACL *WebACL `type:"structure"`
	// contains filtered or unexported fields
}

type CreateXssMatchSetInput struct {

	// The value returned by the most recent call to GetChangeToken.
	//
	// ChangeToken is a required field
	ChangeToken *string `min:"1" type:"string" required:"true"`

	// A friendly name or description for the XssMatchSet that you're creating.
	// You can't change Name after you create the XssMatchSet.
	//
	// Name is a required field
	Name *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

type CreateXssMatchSetOutput struct {

	// The ChangeToken that you used to submit the CreateXssMatchSet request. You
	// can also use this value to query the status of the request. For more information,
	// see GetChangeTokenStatus.
	ChangeToken *string `min:"1" type:"string"`

	// An XssMatchSet.
	XssMatchSet *XssMatchSet `type:"structure"`
	// contains filtered or unexported fields
}

type DeleteByteMatchSetInput struct {

	// The ByteMatchSetId of the ByteMatchSet that you want to delete. ByteMatchSetId
	// is returned by CreateByteMatchSet and by ListByteMatchSets.
	//
	// ByteMatchSetId is a required field
	ByteMatchSetId *string `min:"1" type:"string" required:"true"`

	// The value returned by the most recent call to GetChangeToken.
	//
	// ChangeToken is a required field
	ChangeToken *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

type DeleteByteMatchSetOutput struct {

	// The ChangeToken that you used to submit the DeleteByteMatchSet request. You
	// can also use this value to query the status of the request. For more information,
	// see GetChangeTokenStatus.
	ChangeToken *string `min:"1" type:"string"`
	// contains filtered or unexported fields
}

type DeleteIPSetInput struct {

	// The value returned by the most recent call to GetChangeToken.
	//
	// ChangeToken is a required field
	ChangeToken *string `min:"1" type:"string" required:"true"`

	// The IPSetId of the IPSet that you want to delete. IPSetId is returned by
	// CreateIPSet and by ListIPSets.
	//
	// IPSetId is a required field
	IPSetId *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

type DeleteIPSetOutput struct {

	// The ChangeToken that you used to submit the DeleteIPSet request. You can
	// also use this value to query the status of the request. For more information,
	// see GetChangeTokenStatus.
	ChangeToken *string `min:"1" type:"string"`
	// contains filtered or unexported fields
}

type DeleteRuleInput struct {

	// The value returned by the most recent call to GetChangeToken.
	//
	// ChangeToken is a required field
	ChangeToken *string `min:"1" type:"string" required:"true"`

	// The RuleId of the Rule that you want to delete. RuleId is returned by CreateRule
	// and by ListRules.
	//
	// RuleId is a required field
	RuleId *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

type DeleteRuleOutput struct {

	// The ChangeToken that you used to submit the DeleteRule request. You can also
	// use this value to query the status of the request. For more information,
	// see GetChangeTokenStatus.
	ChangeToken *string `min:"1" type:"string"`
	// contains filtered or unexported fields
}

type DeleteSizeConstraintSetInput struct {

	// The value returned by the most recent call to GetChangeToken.
	//
	// ChangeToken is a required field
	ChangeToken *string `min:"1" type:"string" required:"true"`

	// The SizeConstraintSetId of the SizeConstraintSet that you want to delete.
	// SizeConstraintSetId is returned by CreateSizeConstraintSet and by ListSizeConstraintSets.
	//
	// SizeConstraintSetId is a required field
	SizeConstraintSetId *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

type DeleteSizeConstraintSetOutput struct {

	// The ChangeToken that you used to submit the DeleteSizeConstraintSet request.
	// You can also use this value to query the status of the request. For more
	// information, see GetChangeTokenStatus.
	ChangeToken *string `min:"1" type:"string"`
	// contains filtered or unexported fields
}

type DeleteSqlInjectionMatchSetInput struct {

	// The value returned by the most recent call to GetChangeToken.
	//
	// ChangeToken is a required field
	ChangeToken *string `min:"1" type:"string" required:"true"`

	// The SqlInjectionMatchSetId of the SqlInjectionMatchSet that you want to delete.
	// SqlInjectionMatchSetId is returned by CreateSqlInjectionMatchSet and by ListSqlInjectionMatchSets.
	//
	// SqlInjectionMatchSetId is a required field
	SqlInjectionMatchSetId *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

type DeleteSqlInjectionMatchSetOutput struct {

	// The ChangeToken that you used to submit the DeleteSqlInjectionMatchSet request.
	// You can also use this value to query the status of the request. For more
	// information, see GetChangeTokenStatus.
	ChangeToken *string `min:"1" type:"string"`
	// contains filtered or unexported fields
}

type DeleteWebACLInput struct {

	// The value returned by the most recent call to GetChangeToken.
	//
	// ChangeToken is a required field
	ChangeToken *string `min:"1" type:"string" required:"true"`

	// The WebACLId of the WebACL that you want to delete. WebACLId is returned
	// by CreateWebACL and by ListWebACLs.
	//
	// WebACLId is a required field
	WebACLId *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

type DeleteWebACLOutput struct {

	// The ChangeToken that you used to submit the DeleteWebACL request. You can
	// also use this value to query the status of the request. For more information,
	// see GetChangeTokenStatus.
	ChangeToken *string `min:"1" type:"string"`
	// contains filtered or unexported fields
}

type DeleteXssMatchSetInput struct {

	// The value returned by the most recent call to GetChangeToken.
	//
	// ChangeToken is a required field
	ChangeToken *string `min:"1" type:"string" required:"true"`

	// The XssMatchSetId of the XssMatchSet that you want to delete. XssMatchSetId
	// is returned by CreateXssMatchSet and by ListXssMatchSets.
	//
	// XssMatchSetId is a required field
	XssMatchSetId *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

type DeleteXssMatchSetOutput struct {

	// The ChangeToken that you used to submit the DeleteXssMatchSet request. You
	// can also use this value to query the status of the request. For more information,
	// see GetChangeTokenStatus.
	ChangeToken *string `min:"1" type:"string"`
	// contains filtered or unexported fields
}

type FieldToMatch struct {

	// When the value of Type is HEADER, enter the name of the header that you want
	// AWS WAF to search, for example, User-Agent or Referer. If the value of Type
	// is any other value, omit Data.
	//
	// The name of the header is not case sensitive.
	Data *string `type:"string"`

	// The part of the web request that you want AWS WAF to search for a specified
	// string. Parts of a request that you can search include the following:
	//
	//    HEADER: A specified request header, for example, the value of the User-Agent
	// or Referer header. If you choose HEADER for the type, specify the name of
	// the header in Data.
	//
	//    METHOD: The HTTP method, which indicated the type of operation that the
	// request is asking the origin to perform. Amazon CloudFront supports the following
	// methods: DELETE, GET, HEAD, OPTIONS, PATCH, POST, and PUT.
	//
	//    QUERY_STRING: A query string, which is the part of a URL that appears
	// after a ? character, if any.
	//
	//    URI: The part of a web request that identifies a resource, for example,
	// /images/daily-ad.jpg.
	//
	//    BODY: The part of a request that contains any additional data that you
	// want to send to your web server as the HTTP request body, such as data from
	// a form. The request body immediately follows the request headers. Note that
	// only the first 8192 bytes of the request body are forwarded to AWS WAF for
	// inspection. To allow or block requests based on the length of the body, you
	// can create a size constraint set. For more information, see CreateSizeConstraintSet.
	//
	// Type is a required field
	Type *string `type:"string" required:"true" enum:"MatchFieldType"`
	// contains filtered or unexported fields
}

type GetByteMatchSetInput struct {

	// The ByteMatchSetId of the ByteMatchSet that you want to get. ByteMatchSetId
	// is returned by CreateByteMatchSet and by ListByteMatchSets.
	//
	// ByteMatchSetId is a required field
	ByteMatchSetId *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

type GetByteMatchSetOutput struct {

	// Information about the ByteMatchSet that you specified in the GetByteMatchSet
	// request. For more information, see the following topics:
	//
	//    ByteMatchSet: Contains ByteMatchSetId, ByteMatchTuples, and Name
	//
	//    ByteMatchTuples: Contains an array of ByteMatchTuple objects. Each ByteMatchTuple
	// object contains FieldToMatch, PositionalConstraint, TargetString, and TextTransformation
	//
	//    FieldToMatch: Contains Data and Type
	ByteMatchSet *ByteMatchSet `type:"structure"`
	// contains filtered or unexported fields
}

type GetChangeTokenInput struct {
	// contains filtered or unexported fields
}

type GetChangeTokenOutput struct {

	// The ChangeToken that you used in the request. Use this value in a GetChangeTokenStatus
	// request to get the current status of the request.
	ChangeToken *string `min:"1" type:"string"`
	// contains filtered or unexported fields
}

type GetChangeTokenStatusInput struct {

	// The change token for which you want to get the status. This change token
	// was previously returned in the GetChangeToken response.
	//
	// ChangeToken is a required field
	ChangeToken *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

type GetChangeTokenStatusOutput struct {

	// The status of the change token.
	ChangeTokenStatus *string `type:"string" enum:"ChangeTokenStatus"`
	// contains filtered or unexported fields
}

type GetIPSetInput struct {

	// The IPSetId of the IPSet that you want to get. IPSetId is returned by CreateIPSet
	// and by ListIPSets.
	//
	// IPSetId is a required field
	IPSetId *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

type GetIPSetOutput struct {

	// Information about the IPSet that you specified in the GetIPSet request. For
	// more information, see the following topics:
	//
	//    IPSet: Contains IPSetDescriptors, IPSetId, and Name
	//
	//    IPSetDescriptors: Contains an array of IPSetDescriptor objects. Each
	// IPSetDescriptor object contains Type and Value
	IPSet *IPSet `type:"structure"`
	// contains filtered or unexported fields
}

type GetRuleInput struct {

	// The RuleId of the Rule that you want to get. RuleId is returned by CreateRule
	// and by ListRules.
	//
	// RuleId is a required field
	RuleId *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

type GetRuleOutput struct {

	// Information about the Rule that you specified in the GetRule request. For
	// more information, see the following topics:
	//
	//    Rule: Contains MetricName, Name, an array of Predicate objects, and RuleId
	//
	//    Predicate: Each Predicate object contains DataId, Negated, and Type
	Rule *Rule `type:"structure"`
	// contains filtered or unexported fields
}

type GetSampledRequestsInput struct {

	// The number of requests that you want AWS WAF to return from among the first
	// 5,000 requests that your AWS resource received during the time range. If
	// your resource received fewer requests than the value of MaxItems, GetSampledRequests
	// returns information about all of them.
	//
	// MaxItems is a required field
	MaxItems *int64 `min:"1" type:"long" required:"true"`

	// RuleId is one of two values:
	//
	//   The RuleId of the Rule for which you want GetSampledRequests to return
	// a sample of requests.
	//
	//    Default_Action, which causes GetSampledRequests to return a sample of
	// the requests that didn't match any of the rules in the specified WebACL.
	//
	// RuleId is a required field
	RuleId *string `min:"1" type:"string" required:"true"`

	// The start date and time and the end date and time of the range for which
	// you want GetSampledRequests to return a sample of requests. Specify the date
	// and time in Unix time format (in seconds). You can specify any time range
	// in the previous three hours.
	//
	// TimeWindow is a required field
	TimeWindow *TimeWindow `type:"structure" required:"true"`

	// The WebACLId of the WebACL for which you want GetSampledRequests to return
	// a sample of requests.
	//
	// WebAclId is a required field
	WebAclId *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

type GetSampledRequestsOutput struct {

	// The total number of requests from which GetSampledRequests got a sample of
	// MaxItems requests. If PopulationSize is less than MaxItems, the sample includes
	// every request that your AWS resource received during the specified time range.
	PopulationSize *int64 `type:"long"`

	// A complex type that contains detailed information about each of the requests
	// in the sample.
	SampledRequests []*SampledHTTPRequest `type:"list"`

	// Usually, TimeWindow is the time range that you specified in the GetSampledRequests
	// request. However, if your AWS resource received more than 5,000 requests
	// during the time range that you specified in the request, GetSampledRequests
	// returns the time range for the first 5,000 requests.
	TimeWindow *TimeWindow `type:"structure"`
	// contains filtered or unexported fields
}

type GetSizeConstraintSetInput struct {

	// The SizeConstraintSetId of the SizeConstraintSet that you want to get. SizeConstraintSetId
	// is returned by CreateSizeConstraintSet and by ListSizeConstraintSets.
	//
	// SizeConstraintSetId is a required field
	SizeConstraintSetId *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

type GetSizeConstraintSetOutput struct {

	// Information about the SizeConstraintSet that you specified in the GetSizeConstraintSet
	// request. For more information, see the following topics:
	//
	//    SizeConstraintSet: Contains SizeConstraintSetId, SizeConstraints, and
	// Name
	//
	//    SizeConstraints: Contains an array of SizeConstraint objects. Each SizeConstraint
	// object contains FieldToMatch, TextTransformation, ComparisonOperator, and
	// Size
	//
	//    FieldToMatch: Contains Data and Type
	SizeConstraintSet *SizeConstraintSet `type:"structure"`
	// contains filtered or unexported fields
}

type GetSqlInjectionMatchSetInput struct {

	// The SqlInjectionMatchSetId of the SqlInjectionMatchSet that you want to get.
	// SqlInjectionMatchSetId is returned by CreateSqlInjectionMatchSet and by ListSqlInjectionMatchSets.
	//
	// SqlInjectionMatchSetId is a required field
	SqlInjectionMatchSetId *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

type GetSqlInjectionMatchSetOutput struct {

	// Information about the SqlInjectionMatchSet that you specified in the GetSqlInjectionMatchSet
	// request. For more information, see the following topics:
	//
	//    SqlInjectionMatchSet: Contains Name, SqlInjectionMatchSetId, and an array
	// of SqlInjectionMatchTuple objects
	//
	//    SqlInjectionMatchTuple: Each SqlInjectionMatchTuple object contains FieldToMatch
	// and TextTransformation
	//
	//    FieldToMatch: Contains Data and Type
	SqlInjectionMatchSet *SqlInjectionMatchSet `type:"structure"`
	// contains filtered or unexported fields
}

type GetWebACLInput struct {

	// The WebACLId of the WebACL that you want to get. WebACLId is returned by
	// CreateWebACL and by ListWebACLs.
	//
	// WebACLId is a required field
	WebACLId *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

type GetWebACLOutput struct {

	// Information about the WebACL that you specified in the GetWebACL request.
	// For more information, see the following topics:
	//
	//    WebACL: Contains DefaultAction, MetricName, Name, an array of Rule objects,
	// and WebACLId
	//
	//    DefaultAction (Data type is WafAction): Contains Type
	//
	//    Rules: Contains an array of ActivatedRule objects, which contain Action,
	// Priority, and RuleId
	//
	//    Action: Contains Type
	WebACL *WebACL `type:"structure"`
	// contains filtered or unexported fields
}

type GetXssMatchSetInput struct {

	// The XssMatchSetId of the XssMatchSet that you want to get. XssMatchSetId
	// is returned by CreateXssMatchSet and by ListXssMatchSets.
	//
	// XssMatchSetId is a required field
	XssMatchSetId *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

type GetXssMatchSetOutput struct {

	// Information about the XssMatchSet that you specified in the GetXssMatchSet
	// request. For more information, see the following topics:
	//
	//    XssMatchSet: Contains Name, XssMatchSetId, and an array of XssMatchTuple
	// objects
	//
	//    XssMatchTuple: Each XssMatchTuple object contains FieldToMatch and TextTransformation
	//
	//    FieldToMatch: Contains Data and Type
	XssMatchSet *XssMatchSet `type:"structure"`
	// contains filtered or unexported fields
}

type HTTPHeader struct {

	// The name of one of the headers in the sampled web request.
	Name *string `type:"string"`

	// The value of one of the headers in the sampled web request.
	Value *string `type:"string"`
	// contains filtered or unexported fields
}

type HTTPRequest struct {

	// The IP address that the request originated from. If the WebACL is associated
	// with a CloudFront distribution, this is the value of one of the following
	// fields in CloudFront access logs:
	//
	//    c-ip, if the viewer did not use an HTTP proxy or a load balancer to send
	// the request
	//
	//    x-forwarded-for, if the viewer did use an HTTP proxy or a load balancer
	// to send the request
	ClientIP *string `type:"string"`

	// The two-letter country code for the country that the request originated from.
	// For a current list of country codes, see the Wikipedia entry ISO 3166-1 alpha-2
	// (https://en.wikipedia.org/wiki/ISO_3166-1_alpha-2).
	Country *string `type:"string"`

	// The HTTP version specified in the sampled web request, for example, HTTP/1.1.
	HTTPVersion *string `type:"string"`

	// A complex type that contains two values for each header in the sampled web
	// request: the name of the header and the value of the header.
	Headers []*HTTPHeader `type:"list"`

	// The HTTP method specified in the sampled web request. CloudFront supports
	// the following methods: DELETE, GET, HEAD, OPTIONS, PATCH, POST, and PUT.
	Method *string `type:"string"`

	// The part of a web request that identifies the resource, for example, /images/daily-ad.jpg.
	URI *string `type:"string"`
	// contains filtered or unexported fields
}

type IPSet struct {

	// The IP address type (IPV4 or IPV6) and the IP address range (in CIDR notation)
	// that web requests originate from. If the WebACL is associated with a CloudFront
	// distribution, this is the value of one of the following fields in CloudFront
	// access logs:
	//
	//    c-ip, if the viewer did not use an HTTP proxy or a load balancer to send
	// the request
	//
	//    x-forwarded-for, if the viewer did use an HTTP proxy or a load balancer
	// to send the request
	//
	// IPSetDescriptors is a required field
	IPSetDescriptors []*IPSetDescriptor `type:"list" required:"true"`

	// The IPSetId for an IPSet. You use IPSetId to get information about an IPSet
	// (see GetIPSet), update an IPSet (see UpdateIPSet), insert an IPSet into a
	// Rule or delete one from a Rule (see UpdateRule), and delete an IPSet from
	// AWS WAF (see DeleteIPSet).
	//
	//  IPSetId is returned by CreateIPSet and by ListIPSets.
	//
	// IPSetId is a required field
	IPSetId *string `min:"1" type:"string" required:"true"`

	// A friendly name or description of the IPSet. You can't change the name of
	// an IPSet after you create it.
	Name *string `min:"1" type:"string"`
	// contains filtered or unexported fields
}

type IPSetDescriptor struct {

	// Specify IPV4 or IPV6.
	//
	// Type is a required field
	Type *string `type:"string" required:"true" enum:"IPSetDescriptorType"`

	// Specify an IPv4 address by using CIDR notation. For example:
	//
	//   To configure AWS WAF to allow, block, or count requests that originated
	// from the IP address 192.0.2.44, specify 192.0.2.44/32.
	//
	//   To configure AWS WAF to allow, block, or count requests that originated
	// from IP addresses from 192.0.2.0 to 192.0.2.255, specify 192.0.2.0/24.
	//
	//   For more information about CIDR notation, see the Wikipedia entry Classless
	// Inter-Domain Routing (https://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing).
	//
	// Specify an IPv6 address by using CIDR notation. For example:
	//
	//   To configure AWS WAF to allow, block, or count requests that originated
	// from the IP address 1111:0000:0000:0000:0000:0000:0000:0111, specify 1111:0000:0000:0000:0000:0000:0000:0111/128.
	//
	//   To configure AWS WAF to allow, block, or count requests that originated
	// from IP addresses 1111:0000:0000:0000:0000:0000:0000:0000 to 1111:0000:0000:0000:ffff:ffff:ffff:ffff,
	// specify 1111:0000:0000:0000:0000:0000:0000:0000/64.
	//
	// Value is a required field
	Value *string `type:"string" required:"true"`
	// contains filtered or unexported fields
}

type IPSetSummary struct {

	// The IPSetId for an IPSet. You can use IPSetId in a GetIPSet request to get
	// detailed information about an IPSet.
	//
	// IPSetId is a required field
	IPSetId *string `min:"1" type:"string" required:"true"`

	// A friendly name or description of the IPSet. You can't change the name of
	// an IPSet after you create it.
	//
	// Name is a required field
	Name *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

type IPSetUpdate struct {

	// Specifies whether to insert or delete an IP address with UpdateIPSet.
	//
	// Action is a required field
	Action *string `type:"string" required:"true" enum:"ChangeAction"`

	// The IP address type (IPV4 or IPV6) and the IP address range (in CIDR notation)
	// that web requests originate from.
	//
	// IPSetDescriptor is a required field
	IPSetDescriptor *IPSetDescriptor `type:"structure" required:"true"`
	// contains filtered or unexported fields
}

type ListByteMatchSetsInput struct {

	// Specifies the number of ByteMatchSet objects that you want AWS WAF to return
	// for this request. If you have more ByteMatchSets objects than the number
	// you specify for Limit, the response includes a NextMarker value that you
	// can use to get another batch of ByteMatchSet objects.
	Limit *int64 `type:"integer"`

	// If you specify a value for Limit and you have more ByteMatchSets than the
	// value of Limit, AWS WAF returns a NextMarker value in the response that allows
	// you to list another group of ByteMatchSets. For the second and subsequent
	// ListByteMatchSets requests, specify the value of NextMarker from the previous
	// response to get information about another batch of ByteMatchSets.
	NextMarker *string `min:"1" type:"string"`
	// contains filtered or unexported fields
}

type ListByteMatchSetsOutput struct {

	// An array of ByteMatchSetSummary objects.
	ByteMatchSets []*ByteMatchSetSummary `type:"list"`

	// If you have more ByteMatchSet objects than the number that you specified
	// for Limit in the request, the response includes a NextMarker value. To list
	// more ByteMatchSet objects, submit another ListByteMatchSets request, and
	// specify the NextMarker value from the response in the NextMarker value in
	// the next request.
	NextMarker *string `min:"1" type:"string"`
	// contains filtered or unexported fields
}

type ListIPSetsInput struct {

	// Specifies the number of IPSet objects that you want AWS WAF to return for
	// this request. If you have more IPSet objects than the number you specify
	// for Limit, the response includes a NextMarker value that you can use to get
	// another batch of IPSet objects.
	Limit *int64 `type:"integer"`

	// If you specify a value for Limit and you have more IPSets than the value
	// of Limit, AWS WAF returns a NextMarker value in the response that allows
	// you to list another group of IPSets. For the second and subsequent ListIPSets
	// requests, specify the value of NextMarker from the previous response to get
	// information about another batch of ByteMatchSets.
	NextMarker *string `min:"1" type:"string"`
	// contains filtered or unexported fields
}

type ListIPSetsOutput struct {

	// An array of IPSetSummary objects.
	IPSets []*IPSetSummary `type:"list"`

	// If you have more IPSet objects than the number that you specified for Limit
	// in the request, the response includes a NextMarker value. To list more IPSet
	// objects, submit another ListIPSets request, and specify the NextMarker value
	// from the response in the NextMarker value in the next request.
	NextMarker *string `min:"1" type:"string"`
	// contains filtered or unexported fields
}

type ListRulesInput struct {

	// Specifies the number of Rules that you want AWS WAF to return for this request.
	// If you have more Rules than the number that you specify for Limit, the response
	// includes a NextMarker value that you can use to get another batch of Rules.
	Limit *int64 `type:"integer"`

	// If you specify a value for Limit and you have more Rules than the value of
	// Limit, AWS WAF returns a NextMarker value in the response that allows you
	// to list another group of Rules. For the second and subsequent ListRules requests,
	// specify the value of NextMarker from the previous response to get information
	// about another batch of Rules.
	NextMarker *string `min:"1" type:"string"`
	// contains filtered or unexported fields
}

type ListRulesOutput struct {

	// If you have more Rules than the number that you specified for Limit in the
	// request, the response includes a NextMarker value. To list more Rules, submit
	// another ListRules request, and specify the NextMarker value from the response
	// in the NextMarker value in the next request.
	NextMarker *string `min:"1" type:"string"`

	// An array of RuleSummary objects.
	Rules []*RuleSummary `type:"list"`
	// contains filtered or unexported fields
}

type ListSizeConstraintSetsInput struct {

	// Specifies the number of SizeConstraintSet objects that you want AWS WAF to
	// return for this request. If you have more SizeConstraintSets objects than
	// the number you specify for Limit, the response includes a NextMarker value
	// that you can use to get another batch of SizeConstraintSet objects.
	Limit *int64 `type:"integer"`

	// If you specify a value for Limit and you have more SizeConstraintSets than
	// the value of Limit, AWS WAF returns a NextMarker value in the response that
	// allows you to list another group of SizeConstraintSets. For the second and
	// subsequent ListSizeConstraintSets requests, specify the value of NextMarker
	// from the previous response to get information about another batch of SizeConstraintSets.
	NextMarker *string `min:"1" type:"string"`
	// contains filtered or unexported fields
}

type ListSizeConstraintSetsOutput struct {

	// If you have more SizeConstraintSet objects than the number that you specified
	// for Limit in the request, the response includes a NextMarker value. To list
	// more SizeConstraintSet objects, submit another ListSizeConstraintSets request,
	// and specify the NextMarker value from the response in the NextMarker value
	// in the next request.
	NextMarker *string `min:"1" type:"string"`

	// An array of SizeConstraintSetSummary objects.
	SizeConstraintSets []*SizeConstraintSetSummary `type:"list"`
	// contains filtered or unexported fields
}

type ListSqlInjectionMatchSetsInput struct {

	// Specifies the number of SqlInjectionMatchSet objects that you want AWS WAF
	// to return for this request. If you have more SqlInjectionMatchSet objects
	// than the number you specify for Limit, the response includes a NextMarker
	// value that you can use to get another batch of Rules.
	Limit *int64 `type:"integer"`

	// If you specify a value for Limit and you have more SqlInjectionMatchSet objects
	// than the value of Limit, AWS WAF returns a NextMarker value in the response
	// that allows you to list another group of SqlInjectionMatchSets. For the second
	// and subsequent ListSqlInjectionMatchSets requests, specify the value of NextMarker
	// from the previous response to get information about another batch of SqlInjectionMatchSets.
	NextMarker *string `min:"1" type:"string"`
	// contains filtered or unexported fields
}

type ListSqlInjectionMatchSetsOutput struct {

	// If you have more SqlInjectionMatchSet objects than the number that you specified
	// for Limit in the request, the response includes a NextMarker value. To list
	// more SqlInjectionMatchSet objects, submit another ListSqlInjectionMatchSets
	// request, and specify the NextMarker value from the response in the NextMarker
	// value in the next request.
	NextMarker *string `min:"1" type:"string"`

	// An array of SqlInjectionMatchSetSummary objects.
	SqlInjectionMatchSets []*SqlInjectionMatchSetSummary `type:"list"`
	// contains filtered or unexported fields
}

type ListWebACLsInput struct {

	// Specifies the number of WebACL objects that you want AWS WAF to return for
	// this request. If you have more WebACL objects than the number that you specify
	// for Limit, the response includes a NextMarker value that you can use to get
	// another batch of WebACL objects.
	Limit *int64 `type:"integer"`

	// If you specify a value for Limit and you have more WebACL objects than the
	// number that you specify for Limit, AWS WAF returns a NextMarker value in
	// the response that allows you to list another group of WebACL objects. For
	// the second and subsequent ListWebACLs requests, specify the value of NextMarker
	// from the previous response to get information about another batch of WebACL
	// objects.
	NextMarker *string `min:"1" type:"string"`
	// contains filtered or unexported fields
}

type ListWebACLsOutput struct {

	// If you have more WebACL objects than the number that you specified for Limit
	// in the request, the response includes a NextMarker value. To list more WebACL
	// objects, submit another ListWebACLs request, and specify the NextMarker value
	// from the response in the NextMarker value in the next request.
	NextMarker *string `min:"1" type:"string"`

	// An array of WebACLSummary objects.
	WebACLs []*WebACLSummary `type:"list"`
	// contains filtered or unexported fields
}

type ListXssMatchSetsInput struct {

	// Specifies the number of XssMatchSet objects that you want AWS WAF to return
	// for this request. If you have more XssMatchSet objects than the number you
	// specify for Limit, the response includes a NextMarker value that you can
	// use to get another batch of Rules.
	Limit *int64 `type:"integer"`

	// If you specify a value for Limit and you have more XssMatchSet objects than
	// the value of Limit, AWS WAF returns a NextMarker value in the response that
	// allows you to list another group of XssMatchSets. For the second and subsequent
	// ListXssMatchSets requests, specify the value of NextMarker from the previous
	// response to get information about another batch of XssMatchSets.
	NextMarker *string `min:"1" type:"string"`
	// contains filtered or unexported fields
}

type ListXssMatchSetsOutput struct {

	// If you have more XssMatchSet objects than the number that you specified for
	// Limit in the request, the response includes a NextMarker value. To list more
	// XssMatchSet objects, submit another ListXssMatchSets request, and specify
	// the NextMarker value from the response in the NextMarker value in the next
	// request.
	NextMarker *string `min:"1" type:"string"`

	// An array of XssMatchSetSummary objects.
	XssMatchSets []*XssMatchSetSummary `type:"list"`
	// contains filtered or unexported fields
}

type Predicate struct {

	// A unique identifier for a predicate in a Rule, such as ByteMatchSetId or
	// IPSetId. The ID is returned by the corresponding Create or List command.
	//
	// DataId is a required field
	DataId *string `min:"1" type:"string" required:"true"`

	// Set Negated to False if you want AWS WAF to allow, block, or count requests
	// based on the settings in the specified ByteMatchSet, IPSet, SqlInjectionMatchSet,
	// XssMatchSet, or SizeConstraintSet. For example, if an IPSet includes the
	// IP address 192.0.2.44, AWS WAF will allow or block requests based on that
	// IP address.
	//
	// Set Negated to True if you want AWS WAF to allow or block a request based
	// on the negation of the settings in the ByteMatchSet, IPSet, SqlInjectionMatchSet,
	// XssMatchSet, or SizeConstraintSet. For example, if an IPSet includes the
	// IP address 192.0.2.44, AWS WAF will allow, block, or count requests based
	// on all IP addresses except 192.0.2.44.
	//
	// Negated is a required field
	Negated *bool `type:"boolean" required:"true"`

	// The type of predicate in a Rule, such as ByteMatchSet or IPSet.
	//
	// Type is a required field
	Type *string `type:"string" required:"true" enum:"PredicateType"`
	// contains filtered or unexported fields
}

type Rule struct {
	MetricName *string `type:"string"`

	// The friendly name or description for the Rule. You can't change the name
	// of a Rule after you create it.
	Name *string `min:"1" type:"string"`

	// The Predicates object contains one Predicate element for each ByteMatchSet,
	// IPSet, or SqlInjectionMatchSet object that you want to include in a Rule.
	//
	// Predicates is a required field
	Predicates []*Predicate `type:"list" required:"true"`

	// A unique identifier for a Rule. You use RuleId to get more information about
	// a Rule (see GetRule), update a Rule (see UpdateRule), insert a Rule into
	// a WebACL or delete a one from a WebACL (see UpdateWebACL), or delete a Rule
	// from AWS WAF (see DeleteRule).
	//
	//  RuleId is returned by CreateRule and by ListRules.
	//
	// RuleId is a required field
	RuleId *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

type RuleSummary struct {

	// A friendly name or description of the Rule. You can't change the name of
	// a Rule after you create it.
	//
	// Name is a required field
	Name *string `min:"1" type:"string" required:"true"`

	// A unique identifier for a Rule. You use RuleId to get more information about
	// a Rule (see GetRule), update a Rule (see UpdateRule), insert a Rule into
	// a WebACL or delete one from a WebACL (see UpdateWebACL), or delete a Rule
	// from AWS WAF (see DeleteRule).
	//
	//  RuleId is returned by CreateRule and by ListRules.
	//
	// RuleId is a required field
	RuleId *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

type RuleUpdate struct {

	// Specify INSERT to add a Predicate to a Rule. Use DELETE to remove a Predicate
	// from a Rule.
	//
	// Action is a required field
	Action *string `type:"string" required:"true" enum:"ChangeAction"`

	// The ID of the Predicate (such as an IPSet) that you want to add to a Rule.
	//
	// Predicate is a required field
	Predicate *Predicate `type:"structure" required:"true"`
	// contains filtered or unexported fields
}

type SampledHTTPRequest struct {

	// The action for the Rule that the request matched: ALLOW, BLOCK, or COUNT.
	Action *string `type:"string"`

	// A complex type that contains detailed information about the request.
	//
	// Request is a required field
	Request *HTTPRequest `type:"structure" required:"true"`

	// The time at which AWS WAF received the request from your AWS resource, in
	// Unix time format (in seconds).
	Timestamp *time.Time `type:"timestamp" timestampFormat:"unix"`

	// A value that indicates how one result in the response relates proportionally
	// to other results in the response. A result that has a weight of 2 represents
	// roughly twice as many CloudFront web requests as a result that has a weight
	// of 1.
	//
	// Weight is a required field
	Weight *int64 `type:"long" required:"true"`
	// contains filtered or unexported fields
}

type SizeConstraint struct {

	// The type of comparison you want AWS WAF to perform. AWS WAF uses this in
	// combination with the provided Size and FieldToMatch to build an expression
	// in the form of "Size ComparisonOperator size in bytes of FieldToMatch". If
	// that expression is true, the SizeConstraint is considered to match.
	//
	//  EQ: Used to test if the Size is equal to the size of the FieldToMatch
	//
	//  NE: Used to test if the Size is not equal to the size of the FieldToMatch
	//
	//  LE: Used to test if the Size is less than or equal to the size of the FieldToMatch
	//
	//  LT: Used to test if the Size is strictly less than the size of the FieldToMatch
	//
	//  GE: Used to test if the Size is greater than or equal to the size of the
	// FieldToMatch
	//
	//  GT: Used to test if the Size is strictly greater than the size of the FieldToMatch
	//
	// ComparisonOperator is a required field
	ComparisonOperator *string `type:"string" required:"true" enum:"ComparisonOperator"`

	// Specifies where in a web request to look for TargetString.
	//
	// FieldToMatch is a required field
	FieldToMatch *FieldToMatch `type:"structure" required:"true"`

	// The size in bytes that you want AWS WAF to compare against the size of the
	// specified FieldToMatch. AWS WAF uses this in combination with ComparisonOperator
	// and FieldToMatch to build an expression in the form of "Size ComparisonOperator
	// size in bytes of FieldToMatch". If that expression is true, the SizeConstraint
	// is considered to match.
	//
	// Valid values for size are 0 - 21474836480 bytes (0 - 20 GB).
	//
	// If you specify URI for the value of Type, the / in the URI counts as one
	// character. For example, the URI /logo.jpg is nine characters long.
	//
	// Size is a required field
	Size *int64 `type:"long" required:"true"`

	// Text transformations eliminate some of the unusual formatting that attackers
	// use in web requests in an effort to bypass AWS WAF. If you specify a transformation,
	// AWS WAF performs the transformation on FieldToMatch before inspecting a request
	// for a match.
	//
	// Note that if you choose BODY for the value of Type, you must choose NONE
	// for TextTransformation because CloudFront forwards only the first 8192 bytes
	// for inspection.
	//
	//  NONE
	//
	// Specify NONE if you don't want to perform any text transformations.
	//
	//  CMD_LINE
	//
	// When you're concerned that attackers are injecting an operating system command
	// line command and using unusual formatting to disguise some or all of the
	// command, use this option to perform the following transformations:
	//
	//   Delete the following characters: \ " ' ^
	//
	//   Delete spaces before the following characters: / (
	//
	//   Replace the following characters with a space: , ;
	//
	//   Replace multiple spaces with one space
	//
	//   Convert uppercase letters (A-Z) to lowercase (a-z)
	//
	//    COMPRESS_WHITE_SPACE
	//
	// Use this option to replace the following characters with a space character
	// (decimal 32):
	//
	//   \f, formfeed, decimal 12
	//
	//   \t, tab, decimal 9
	//
	//   \n, newline, decimal 10
	//
	//   \r, carriage return, decimal 13
	//
	//   \v, vertical tab, decimal 11
	//
	//   non-breaking space, decimal 160
	//
	//    COMPRESS_WHITE_SPACE also replaces multiple spaces with one space.
	//
	//  HTML_ENTITY_DECODE
	//
	// Use this option to replace HTML-encoded characters with unencoded characters.
	// HTML_ENTITY_DECODE performs the following operations:
	//
	//   Replaces (ampersand)quot; with "
	//
	//   Replaces (ampersand)nbsp; with a non-breaking space, decimal 160
	//
	//   Replaces (ampersand)lt; with a "less than" symbol
	//
	//   Replaces (ampersand)gt; with >
	//
	//   Replaces characters that are represented in hexadecimal format, (ampersand)#xhhhh;,
	// with the corresponding characters
	//
	//   Replaces characters that are represented in decimal format, (ampersand)#nnnn;,
	// with the corresponding characters
	//
	//    LOWERCASE
	//
	// Use this option to convert uppercase letters (A-Z) to lowercase (a-z).
	//
	//  URL_DECODE
	//
	// Use this option to decode a URL-encoded value.
	//
	// TextTransformation is a required field
	TextTransformation *string `type:"string" required:"true" enum:"TextTransformation"`
	// contains filtered or unexported fields
}

type SizeConstraintSet struct {

	// The name, if any, of the SizeConstraintSet.
	Name *string `min:"1" type:"string"`

	// A unique identifier for a SizeConstraintSet. You use SizeConstraintSetId
	// to get information about a SizeConstraintSet (see GetSizeConstraintSet),
	// update a SizeConstraintSet (see UpdateSizeConstraintSet), insert a SizeConstraintSet
	// into a Rule or delete one from a Rule (see UpdateRule), and delete a SizeConstraintSet
	// from AWS WAF (see DeleteSizeConstraintSet).
	//
	//  SizeConstraintSetId is returned by CreateSizeConstraintSet and by ListSizeConstraintSets.
	//
	// SizeConstraintSetId is a required field
	SizeConstraintSetId *string `min:"1" type:"string" required:"true"`

	// Specifies the parts of web requests that you want to inspect the size of.
	//
	// SizeConstraints is a required field
	SizeConstraints []*SizeConstraint `type:"list" required:"true"`
	// contains filtered or unexported fields
}

type SizeConstraintSetSummary struct {

	// The name of the SizeConstraintSet, if any.
	//
	// Name is a required field
	Name *string `min:"1" type:"string" required:"true"`

	// A unique identifier for a SizeConstraintSet. You use SizeConstraintSetId
	// to get information about a SizeConstraintSet (see GetSizeConstraintSet),
	// update a SizeConstraintSet (see UpdateSizeConstraintSet), insert a SizeConstraintSet
	// into a Rule or delete one from a Rule (see UpdateRule), and delete a SizeConstraintSet
	// from AWS WAF (see DeleteSizeConstraintSet).
	//
	//  SizeConstraintSetId is returned by CreateSizeConstraintSet and by ListSizeConstraintSets.
	//
	// SizeConstraintSetId is a required field
	SizeConstraintSetId *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

type SizeConstraintSetUpdate struct {

	// Specify INSERT to add a SizeConstraintSetUpdate to a SizeConstraintSet. Use
	// DELETE to remove a SizeConstraintSetUpdate from a SizeConstraintSet.
	//
	// Action is a required field
	Action *string `type:"string" required:"true" enum:"ChangeAction"`

	// Specifies a constraint on the size of a part of the web request. AWS WAF
	// uses the Size, ComparisonOperator, and FieldToMatch to build an expression
	// in the form of "Size ComparisonOperator size in bytes of FieldToMatch". If
	// that expression is true, the SizeConstraint is considered to match.
	//
	// SizeConstraint is a required field
	SizeConstraint *SizeConstraint `type:"structure" required:"true"`
	// contains filtered or unexported fields
}

type SqlInjectionMatchSet struct {

	// The name, if any, of the SqlInjectionMatchSet.
	Name *string `min:"1" type:"string"`

	// A unique identifier for a SqlInjectionMatchSet. You use SqlInjectionMatchSetId
	// to get information about a SqlInjectionMatchSet (see GetSqlInjectionMatchSet),
	// update a SqlInjectionMatchSet (see UpdateSqlInjectionMatchSet), insert a
	// SqlInjectionMatchSet into a Rule or delete one from a Rule (see UpdateRule),
	// and delete a SqlInjectionMatchSet from AWS WAF (see DeleteSqlInjectionMatchSet).
	//
	//  SqlInjectionMatchSetId is returned by CreateSqlInjectionMatchSet and by
	// ListSqlInjectionMatchSets.
	//
	// SqlInjectionMatchSetId is a required field
	SqlInjectionMatchSetId *string `min:"1" type:"string" required:"true"`

	// Specifies the parts of web requests that you want to inspect for snippets
	// of malicious SQL code.
	//
	// SqlInjectionMatchTuples is a required field
	SqlInjectionMatchTuples []*SqlInjectionMatchTuple `type:"list" required:"true"`
	// contains filtered or unexported fields
}

type SqlInjectionMatchSetSummary struct {

	// The name of the SqlInjectionMatchSet, if any, specified by Id.
	//
	// Name is a required field
	Name *string `min:"1" type:"string" required:"true"`

	// A unique identifier for a SqlInjectionMatchSet. You use SqlInjectionMatchSetId
	// to get information about a SqlInjectionMatchSet (see GetSqlInjectionMatchSet),
	// update a SqlInjectionMatchSet (see UpdateSqlInjectionMatchSet), insert a
	// SqlInjectionMatchSet into a Rule or delete one from a Rule (see UpdateRule),
	// and delete a SqlInjectionMatchSet from AWS WAF (see DeleteSqlInjectionMatchSet).
	//
	//  SqlInjectionMatchSetId is returned by CreateSqlInjectionMatchSet and by
	// ListSqlInjectionMatchSets.
	//
	// SqlInjectionMatchSetId is a required field
	SqlInjectionMatchSetId *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

type SqlInjectionMatchSetUpdate struct {

	// Specify INSERT to add a SqlInjectionMatchSetUpdate to a SqlInjectionMatchSet.
	// Use DELETE to remove a SqlInjectionMatchSetUpdate from a SqlInjectionMatchSet.
	//
	// Action is a required field
	Action *string `type:"string" required:"true" enum:"ChangeAction"`

	// Specifies the part of a web request that you want AWS WAF to inspect for
	// snippets of malicious SQL code and, if you want AWS WAF to inspect a header,
	// the name of the header.
	//
	// SqlInjectionMatchTuple is a required field
	SqlInjectionMatchTuple *SqlInjectionMatchTuple `type:"structure" required:"true"`
	// contains filtered or unexported fields
}

type SqlInjectionMatchTuple struct {

	// Specifies where in a web request to look for TargetString.
	//
	// FieldToMatch is a required field
	FieldToMatch *FieldToMatch `type:"structure" required:"true"`

	// Text transformations eliminate some of the unusual formatting that attackers
	// use in web requests in an effort to bypass AWS WAF. If you specify a transformation,
	// AWS WAF performs the transformation on FieldToMatch before inspecting a request
	// for a match.
	//
	//  CMD_LINE
	//
	// When you're concerned that attackers are injecting an operating system commandline
	// command and using unusual formatting to disguise some or all of the command,
	// use this option to perform the following transformations:
	//
	//   Delete the following characters: \ " ' ^
	//
	//   Delete spaces before the following characters: / (
	//
	//   Replace the following characters with a space: , ;
	//
	//   Replace multiple spaces with one space
	//
	//   Convert uppercase letters (A-Z) to lowercase (a-z)
	//
	//    COMPRESS_WHITE_SPACE
	//
	// Use this option to replace the following characters with a space character
	// (decimal 32):
	//
	//   \f, formfeed, decimal 12
	//
	//   \t, tab, decimal 9
	//
	//   \n, newline, decimal 10
	//
	//   \r, carriage return, decimal 13
	//
	//   \v, vertical tab, decimal 11
	//
	//   non-breaking space, decimal 160
	//
	//    COMPRESS_WHITE_SPACE also replaces multiple spaces with one space.
	//
	//  HTML_ENTITY_DECODE
	//
	// Use this option to replace HTML-encoded characters with unencoded characters.
	// HTML_ENTITY_DECODE performs the following operations:
	//
	//   Replaces (ampersand)quot; with "
	//
	//   Replaces (ampersand)nbsp; with a non-breaking space, decimal 160
	//
	//   Replaces (ampersand)lt; with a "less than" symbol
	//
	//   Replaces (ampersand)gt; with >
	//
	//   Replaces characters that are represented in hexadecimal format, (ampersand)#xhhhh;,
	// with the corresponding characters
	//
	//   Replaces characters that are represented in decimal format, (ampersand)#nnnn;,
	// with the corresponding characters
	//
	//    LOWERCASE
	//
	// Use this option to convert uppercase letters (A-Z) to lowercase (a-z).
	//
	//  URL_DECODE
	//
	// Use this option to decode a URL-encoded value.
	//
	//  NONE
	//
	// Specify NONE if you don't want to perform any text transformations.
	//
	// TextTransformation is a required field
	TextTransformation *string `type:"string" required:"true" enum:"TextTransformation"`
	// contains filtered or unexported fields
}

type TimeWindow struct {

	// The end of the time range from which you want GetSampledRequests to return
	// a sample of the requests that your AWS resource received. You can specify
	// any time range in the previous three hours.
	//
	// EndTime is a required field
	EndTime *time.Time `type:"timestamp" timestampFormat:"unix" required:"true"`

	// The beginning of the time range from which you want GetSampledRequests to
	// return a sample of the requests that your AWS resource received. You can
	// specify any time range in the previous three hours.
	//
	// StartTime is a required field
	StartTime *time.Time `type:"timestamp" timestampFormat:"unix" required:"true"`
	// contains filtered or unexported fields
}

type UpdateByteMatchSetInput struct {

	// The ByteMatchSetId of the ByteMatchSet that you want to update. ByteMatchSetId
	// is returned by CreateByteMatchSet and by ListByteMatchSets.
	//
	// ByteMatchSetId is a required field
	ByteMatchSetId *string `min:"1" type:"string" required:"true"`

	// The value returned by the most recent call to GetChangeToken.
	//
	// ChangeToken is a required field
	ChangeToken *string `min:"1" type:"string" required:"true"`

	// An array of ByteMatchSetUpdate objects that you want to insert into or delete
	// from a ByteMatchSet. For more information, see the applicable data types:
	//
	//    ByteMatchSetUpdate: Contains Action and ByteMatchTuple
	//
	//    ByteMatchTuple: Contains FieldToMatch, PositionalConstraint, TargetString,
	// and TextTransformation
	//
	//    FieldToMatch: Contains Data and Type
	//
	// Updates is a required field
	Updates []*ByteMatchSetUpdate `type:"list" required:"true"`
	// contains filtered or unexported fields
}

type UpdateByteMatchSetOutput struct {

	// The ChangeToken that you used to submit the UpdateByteMatchSet request. You
	// can also use this value to query the status of the request. For more information,
	// see GetChangeTokenStatus.
	ChangeToken *string `min:"1" type:"string"`
	// contains filtered or unexported fields
}

type UpdateIPSetInput struct {

	// The value returned by the most recent call to GetChangeToken.
	//
	// ChangeToken is a required field
	ChangeToken *string `min:"1" type:"string" required:"true"`

	// The IPSetId of the IPSet that you want to update. IPSetId is returned by
	// CreateIPSet and by ListIPSets.
	//
	// IPSetId is a required field
	IPSetId *string `min:"1" type:"string" required:"true"`

	// An array of IPSetUpdate objects that you want to insert into or delete from
	// an IPSet. For more information, see the applicable data types:
	//
	//    IPSetUpdate: Contains Action and IPSetDescriptor
	//
	//    IPSetDescriptor: Contains Type and Value
	//
	// Updates is a required field
	Updates []*IPSetUpdate `type:"list" required:"true"`
	// contains filtered or unexported fields
}

type UpdateIPSetOutput struct {

	// The ChangeToken that you used to submit the UpdateIPSet request. You can
	// also use this value to query the status of the request. For more information,
	// see GetChangeTokenStatus.
	ChangeToken *string `min:"1" type:"string"`
	// contains filtered or unexported fields
}

type UpdateRuleInput struct {

	// The value returned by the most recent call to GetChangeToken.
	//
	// ChangeToken is a required field
	ChangeToken *string `min:"1" type:"string" required:"true"`

	// The RuleId of the Rule that you want to update. RuleId is returned by CreateRule
	// and by ListRules.
	//
	// RuleId is a required field
	RuleId *string `min:"1" type:"string" required:"true"`

	// An array of RuleUpdate objects that you want to insert into or delete from
	// a Rule. For more information, see the applicable data types:
	//
	//    RuleUpdate: Contains Action and Predicate
	//
	//    Predicate: Contains DataId, Negated, and Type
	//
	//    FieldToMatch: Contains Data and Type
	//
	// Updates is a required field
	Updates []*RuleUpdate `type:"list" required:"true"`
	// contains filtered or unexported fields
}

type UpdateRuleOutput struct {

	// The ChangeToken that you used to submit the UpdateRule request. You can also
	// use this value to query the status of the request. For more information,
	// see GetChangeTokenStatus.
	ChangeToken *string `min:"1" type:"string"`
	// contains filtered or unexported fields
}

type UpdateSizeConstraintSetInput struct {

	// The value returned by the most recent call to GetChangeToken.
	//
	// ChangeToken is a required field
	ChangeToken *string `min:"1" type:"string" required:"true"`

	// The SizeConstraintSetId of the SizeConstraintSet that you want to update.
	// SizeConstraintSetId is returned by CreateSizeConstraintSet and by ListSizeConstraintSets.
	//
	// SizeConstraintSetId is a required field
	SizeConstraintSetId *string `min:"1" type:"string" required:"true"`

	// An array of SizeConstraintSetUpdate objects that you want to insert into
	// or delete from a SizeConstraintSet. For more information, see the applicable
	// data types:
	//
	//    SizeConstraintSetUpdate: Contains Action and SizeConstraint
	//
	//    SizeConstraint: Contains FieldToMatch, TextTransformation, ComparisonOperator,
	// and Size
	//
	//    FieldToMatch: Contains Data and Type
	//
	// Updates is a required field
	Updates []*SizeConstraintSetUpdate `type:"list" required:"true"`
	// contains filtered or unexported fields
}

type UpdateSizeConstraintSetOutput struct {

	// The ChangeToken that you used to submit the UpdateSizeConstraintSet request.
	// You can also use this value to query the status of the request. For more
	// information, see GetChangeTokenStatus.
	ChangeToken *string `min:"1" type:"string"`
	// contains filtered or unexported fields
}

type UpdateSqlInjectionMatchSetInput struct {

	// The value returned by the most recent call to GetChangeToken.
	//
	// ChangeToken is a required field
	ChangeToken *string `min:"1" type:"string" required:"true"`

	// The SqlInjectionMatchSetId of the SqlInjectionMatchSet that you want to update.
	// SqlInjectionMatchSetId is returned by CreateSqlInjectionMatchSet and by ListSqlInjectionMatchSets.
	//
	// SqlInjectionMatchSetId is a required field
	SqlInjectionMatchSetId *string `min:"1" type:"string" required:"true"`

	// An array of SqlInjectionMatchSetUpdate objects that you want to insert into
	// or delete from a SqlInjectionMatchSet. For more information, see the applicable
	// data types:
	//
	//    SqlInjectionMatchSetUpdate: Contains Action and SqlInjectionMatchTuple
	//
	//    SqlInjectionMatchTuple: Contains FieldToMatch and TextTransformation
	//
	//    FieldToMatch: Contains Data and Type
	//
	// Updates is a required field
	Updates []*SqlInjectionMatchSetUpdate `type:"list" required:"true"`
	// contains filtered or unexported fields
}

type UpdateSqlInjectionMatchSetOutput struct {

	// The ChangeToken that you used to submit the UpdateSqlInjectionMatchSet request.
	// You can also use this value to query the status of the request. For more
	// information, see GetChangeTokenStatus.
	ChangeToken *string `min:"1" type:"string"`
	// contains filtered or unexported fields
}

type UpdateWebACLInput struct {

	// The value returned by the most recent call to GetChangeToken.
	//
	// ChangeToken is a required field
	ChangeToken *string `min:"1" type:"string" required:"true"`

	// For the action that is associated with a rule in a WebACL, specifies the
	// action that you want AWS WAF to perform when a web request matches all of
	// the conditions in a rule. For the default action in a WebACL, specifies the
	// action that you want AWS WAF to take when a web request doesn't match all
	// of the conditions in any of the rules in a WebACL.
	DefaultAction *WafAction `type:"structure"`

	// An array of updates to make to the WebACL.
	//
	// An array of WebACLUpdate objects that you want to insert into or delete
	// from a WebACL. For more information, see the applicable data types:
	//
	//    WebACLUpdate: Contains Action and ActivatedRule
	//
	//    ActivatedRule: Contains Action, Priority, and RuleId
	//
	//    WafAction: Contains Type
	Updates []*WebACLUpdate `type:"list"`

	// The WebACLId of the WebACL that you want to update. WebACLId is returned
	// by CreateWebACL and by ListWebACLs.
	//
	// WebACLId is a required field
	WebACLId *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

type UpdateWebACLOutput struct {

	// The ChangeToken that you used to submit the UpdateWebACL request. You can
	// also use this value to query the status of the request. For more information,
	// see GetChangeTokenStatus.
	ChangeToken *string `min:"1" type:"string"`
	// contains filtered or unexported fields
}

type UpdateXssMatchSetInput struct {

	// The value returned by the most recent call to GetChangeToken.
	//
	// ChangeToken is a required field
	ChangeToken *string `min:"1" type:"string" required:"true"`

	// An array of XssMatchSetUpdate objects that you want to insert into or delete
	// from a XssMatchSet. For more information, see the applicable data types:
	//
	//    XssMatchSetUpdate: Contains Action and XssMatchTuple
	//
	//    XssMatchTuple: Contains FieldToMatch and TextTransformation
	//
	//    FieldToMatch: Contains Data and Type
	//
	// Updates is a required field
	Updates []*XssMatchSetUpdate `type:"list" required:"true"`

	// The XssMatchSetId of the XssMatchSet that you want to update. XssMatchSetId
	// is returned by CreateXssMatchSet and by ListXssMatchSets.
	//
	// XssMatchSetId is a required field
	XssMatchSetId *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

type UpdateXssMatchSetOutput struct {

	// The ChangeToken that you used to submit the UpdateXssMatchSet request. You
	// can also use this value to query the status of the request. For more information,
	// see GetChangeTokenStatus.
	ChangeToken *string `min:"1" type:"string"`
	// contains filtered or unexported fields
}

type WAF struct {
	*client.Client
}