Class: Aws::WAFV2::Types::AndStatement

Inherits:
Struct
  • Object
show all
Defined in:
gems/aws-sdk-wafv2/lib/aws-sdk-wafv2/types.rb

Overview

Note:

When making an API call, you may pass AndStatement data as a hash:

{
  statements: [ # required
    {
      byte_match_statement: {
        search_string: "data", # required
        field_to_match: { # required
          single_header: {
            name: "FieldToMatchData", # required
          },
          single_query_argument: {
            name: "FieldToMatchData", # required
          },
          all_query_arguments: {
          },
          uri_path: {
          },
          query_string: {
          },
          body: {
            oversize_handling: "CONTINUE", # accepts CONTINUE, MATCH, NO_MATCH
          },
          method: {
          },
          json_body: {
            match_pattern: { # required
              all: {
              },
              included_paths: ["JsonPointerPath"],
            },
            match_scope: "ALL", # required, accepts ALL, KEY, VALUE
            invalid_fallback_behavior: "MATCH", # accepts MATCH, NO_MATCH, EVALUATE_AS_STRING
            oversize_handling: "CONTINUE", # accepts CONTINUE, MATCH, NO_MATCH
          },
          headers: {
            match_pattern: { # required
              all: {
              },
              included_headers: ["FieldToMatchData"],
              excluded_headers: ["FieldToMatchData"],
            },
            match_scope: "ALL", # required, accepts ALL, KEY, VALUE
            oversize_handling: "CONTINUE", # required, accepts CONTINUE, MATCH, NO_MATCH
          },
          cookies: {
            match_pattern: { # required
              all: {
              },
              included_cookies: ["SingleCookieName"],
              excluded_cookies: ["SingleCookieName"],
            },
            match_scope: "ALL", # required, accepts ALL, KEY, VALUE
            oversize_handling: "CONTINUE", # required, accepts CONTINUE, MATCH, NO_MATCH
          },
        },
        text_transformations: [ # required
          {
            priority: 1, # required
            type: "NONE", # required, accepts NONE, COMPRESS_WHITE_SPACE, HTML_ENTITY_DECODE, LOWERCASE, CMD_LINE, URL_DECODE, BASE64_DECODE, HEX_DECODE, MD5, REPLACE_COMMENTS, ESCAPE_SEQ_DECODE, SQL_HEX_DECODE, CSS_DECODE, JS_DECODE, NORMALIZE_PATH, NORMALIZE_PATH_WIN, REMOVE_NULLS, REPLACE_NULLS, BASE64_DECODE_EXT, URL_DECODE_UNI, UTF8_TO_UNICODE
          },
        ],
        positional_constraint: "EXACTLY", # required, accepts EXACTLY, STARTS_WITH, ENDS_WITH, CONTAINS, CONTAINS_WORD
      },
      sqli_match_statement: {
        field_to_match: { # required
          single_header: {
            name: "FieldToMatchData", # required
          },
          single_query_argument: {
            name: "FieldToMatchData", # required
          },
          all_query_arguments: {
          },
          uri_path: {
          },
          query_string: {
          },
          body: {
            oversize_handling: "CONTINUE", # accepts CONTINUE, MATCH, NO_MATCH
          },
          method: {
          },
          json_body: {
            match_pattern: { # required
              all: {
              },
              included_paths: ["JsonPointerPath"],
            },
            match_scope: "ALL", # required, accepts ALL, KEY, VALUE
            invalid_fallback_behavior: "MATCH", # accepts MATCH, NO_MATCH, EVALUATE_AS_STRING
            oversize_handling: "CONTINUE", # accepts CONTINUE, MATCH, NO_MATCH
          },
          headers: {
            match_pattern: { # required
              all: {
              },
              included_headers: ["FieldToMatchData"],
              excluded_headers: ["FieldToMatchData"],
            },
            match_scope: "ALL", # required, accepts ALL, KEY, VALUE
            oversize_handling: "CONTINUE", # required, accepts CONTINUE, MATCH, NO_MATCH
          },
          cookies: {
            match_pattern: { # required
              all: {
              },
              included_cookies: ["SingleCookieName"],
              excluded_cookies: ["SingleCookieName"],
            },
            match_scope: "ALL", # required, accepts ALL, KEY, VALUE
            oversize_handling: "CONTINUE", # required, accepts CONTINUE, MATCH, NO_MATCH
          },
        },
        text_transformations: [ # required
          {
            priority: 1, # required
            type: "NONE", # required, accepts NONE, COMPRESS_WHITE_SPACE, HTML_ENTITY_DECODE, LOWERCASE, CMD_LINE, URL_DECODE, BASE64_DECODE, HEX_DECODE, MD5, REPLACE_COMMENTS, ESCAPE_SEQ_DECODE, SQL_HEX_DECODE, CSS_DECODE, JS_DECODE, NORMALIZE_PATH, NORMALIZE_PATH_WIN, REMOVE_NULLS, REPLACE_NULLS, BASE64_DECODE_EXT, URL_DECODE_UNI, UTF8_TO_UNICODE
          },
        ],
        sensitivity_level: "LOW", # accepts LOW, HIGH
      },
      xss_match_statement: {
        field_to_match: { # required
          single_header: {
            name: "FieldToMatchData", # required
          },
          single_query_argument: {
            name: "FieldToMatchData", # required
          },
          all_query_arguments: {
          },
          uri_path: {
          },
          query_string: {
          },
          body: {
            oversize_handling: "CONTINUE", # accepts CONTINUE, MATCH, NO_MATCH
          },
          method: {
          },
          json_body: {
            match_pattern: { # required
              all: {
              },
              included_paths: ["JsonPointerPath"],
            },
            match_scope: "ALL", # required, accepts ALL, KEY, VALUE
            invalid_fallback_behavior: "MATCH", # accepts MATCH, NO_MATCH, EVALUATE_AS_STRING
            oversize_handling: "CONTINUE", # accepts CONTINUE, MATCH, NO_MATCH
          },
          headers: {
            match_pattern: { # required
              all: {
              },
              included_headers: ["FieldToMatchData"],
              excluded_headers: ["FieldToMatchData"],
            },
            match_scope: "ALL", # required, accepts ALL, KEY, VALUE
            oversize_handling: "CONTINUE", # required, accepts CONTINUE, MATCH, NO_MATCH
          },
          cookies: {
            match_pattern: { # required
              all: {
              },
              included_cookies: ["SingleCookieName"],
              excluded_cookies: ["SingleCookieName"],
            },
            match_scope: "ALL", # required, accepts ALL, KEY, VALUE
            oversize_handling: "CONTINUE", # required, accepts CONTINUE, MATCH, NO_MATCH
          },
        },
        text_transformations: [ # required
          {
            priority: 1, # required
            type: "NONE", # required, accepts NONE, COMPRESS_WHITE_SPACE, HTML_ENTITY_DECODE, LOWERCASE, CMD_LINE, URL_DECODE, BASE64_DECODE, HEX_DECODE, MD5, REPLACE_COMMENTS, ESCAPE_SEQ_DECODE, SQL_HEX_DECODE, CSS_DECODE, JS_DECODE, NORMALIZE_PATH, NORMALIZE_PATH_WIN, REMOVE_NULLS, REPLACE_NULLS, BASE64_DECODE_EXT, URL_DECODE_UNI, UTF8_TO_UNICODE
          },
        ],
      },
      size_constraint_statement: {
        field_to_match: { # required
          single_header: {
            name: "FieldToMatchData", # required
          },
          single_query_argument: {
            name: "FieldToMatchData", # required
          },
          all_query_arguments: {
          },
          uri_path: {
          },
          query_string: {
          },
          body: {
            oversize_handling: "CONTINUE", # accepts CONTINUE, MATCH, NO_MATCH
          },
          method: {
          },
          json_body: {
            match_pattern: { # required
              all: {
              },
              included_paths: ["JsonPointerPath"],
            },
            match_scope: "ALL", # required, accepts ALL, KEY, VALUE
            invalid_fallback_behavior: "MATCH", # accepts MATCH, NO_MATCH, EVALUATE_AS_STRING
            oversize_handling: "CONTINUE", # accepts CONTINUE, MATCH, NO_MATCH
          },
          headers: {
            match_pattern: { # required
              all: {
              },
              included_headers: ["FieldToMatchData"],
              excluded_headers: ["FieldToMatchData"],
            },
            match_scope: "ALL", # required, accepts ALL, KEY, VALUE
            oversize_handling: "CONTINUE", # required, accepts CONTINUE, MATCH, NO_MATCH
          },
          cookies: {
            match_pattern: { # required
              all: {
              },
              included_cookies: ["SingleCookieName"],
              excluded_cookies: ["SingleCookieName"],
            },
            match_scope: "ALL", # required, accepts ALL, KEY, VALUE
            oversize_handling: "CONTINUE", # required, accepts CONTINUE, MATCH, NO_MATCH
          },
        },
        comparison_operator: "EQ", # required, accepts EQ, NE, LE, LT, GE, GT
        size: 1, # required
        text_transformations: [ # required
          {
            priority: 1, # required
            type: "NONE", # required, accepts NONE, COMPRESS_WHITE_SPACE, HTML_ENTITY_DECODE, LOWERCASE, CMD_LINE, URL_DECODE, BASE64_DECODE, HEX_DECODE, MD5, REPLACE_COMMENTS, ESCAPE_SEQ_DECODE, SQL_HEX_DECODE, CSS_DECODE, JS_DECODE, NORMALIZE_PATH, NORMALIZE_PATH_WIN, REMOVE_NULLS, REPLACE_NULLS, BASE64_DECODE_EXT, URL_DECODE_UNI, UTF8_TO_UNICODE
          },
        ],
      },
      geo_match_statement: {
        country_codes: ["AF"], # accepts AF, AX, AL, DZ, AS, AD, AO, AI, AQ, AG, AR, AM, AW, AU, AT, AZ, BS, BH, BD, BB, BY, BE, BZ, BJ, BM, BT, BO, BQ, BA, BW, BV, BR, IO, BN, BG, BF, BI, KH, CM, CA, CV, KY, CF, TD, CL, CN, CX, CC, CO, KM, CG, CD, CK, CR, CI, HR, CU, CW, CY, CZ, DK, DJ, DM, DO, EC, EG, SV, GQ, ER, EE, ET, FK, FO, FJ, FI, FR, GF, PF, TF, GA, GM, GE, DE, GH, GI, GR, GL, GD, GP, GU, GT, GG, GN, GW, GY, HT, HM, VA, HN, HK, HU, IS, IN, ID, IR, IQ, IE, IM, IL, IT, JM, JP, JE, JO, KZ, KE, KI, KP, KR, KW, KG, LA, LV, LB, LS, LR, LY, LI, LT, LU, MO, MK, MG, MW, MY, MV, ML, MT, MH, MQ, MR, MU, YT, MX, FM, MD, MC, MN, ME, MS, MA, MZ, MM, NA, NR, NP, NL, NC, NZ, NI, NE, NG, NU, NF, MP, NO, OM, PK, PW, PS, PA, PG, PY, PE, PH, PN, PL, PT, PR, QA, RE, RO, RU, RW, BL, SH, KN, LC, MF, PM, VC, WS, SM, ST, SA, SN, RS, SC, SL, SG, SX, SK, SI, SB, SO, ZA, GS, SS, ES, LK, SD, SR, SJ, SZ, SE, CH, SY, TW, TJ, TZ, TH, TL, TG, TK, TO, TT, TN, TR, TM, TC, TV, UG, UA, AE, GB, US, UM, UY, UZ, VU, VE, VN, VG, VI, WF, EH, YE, ZM, ZW, XK
        forwarded_ip_config: {
          header_name: "ForwardedIPHeaderName", # required
          fallback_behavior: "MATCH", # required, accepts MATCH, NO_MATCH
        },
      },
      rule_group_reference_statement: {
        arn: "ResourceArn", # required
        excluded_rules: [
          {
            name: "EntityName", # required
          },
        ],
      },
      ip_set_reference_statement: {
        arn: "ResourceArn", # required
        ip_set_forwarded_ip_config: {
          header_name: "ForwardedIPHeaderName", # required
          fallback_behavior: "MATCH", # required, accepts MATCH, NO_MATCH
          position: "FIRST", # required, accepts FIRST, LAST, ANY
        },
      },
      regex_pattern_set_reference_statement: {
        arn: "ResourceArn", # required
        field_to_match: { # required
          single_header: {
            name: "FieldToMatchData", # required
          },
          single_query_argument: {
            name: "FieldToMatchData", # required
          },
          all_query_arguments: {
          },
          uri_path: {
          },
          query_string: {
          },
          body: {
            oversize_handling: "CONTINUE", # accepts CONTINUE, MATCH, NO_MATCH
          },
          method: {
          },
          json_body: {
            match_pattern: { # required
              all: {
              },
              included_paths: ["JsonPointerPath"],
            },
            match_scope: "ALL", # required, accepts ALL, KEY, VALUE
            invalid_fallback_behavior: "MATCH", # accepts MATCH, NO_MATCH, EVALUATE_AS_STRING
            oversize_handling: "CONTINUE", # accepts CONTINUE, MATCH, NO_MATCH
          },
          headers: {
            match_pattern: { # required
              all: {
              },
              included_headers: ["FieldToMatchData"],
              excluded_headers: ["FieldToMatchData"],
            },
            match_scope: "ALL", # required, accepts ALL, KEY, VALUE
            oversize_handling: "CONTINUE", # required, accepts CONTINUE, MATCH, NO_MATCH
          },
          cookies: {
            match_pattern: { # required
              all: {
              },
              included_cookies: ["SingleCookieName"],
              excluded_cookies: ["SingleCookieName"],
            },
            match_scope: "ALL", # required, accepts ALL, KEY, VALUE
            oversize_handling: "CONTINUE", # required, accepts CONTINUE, MATCH, NO_MATCH
          },
        },
        text_transformations: [ # required
          {
            priority: 1, # required
            type: "NONE", # required, accepts NONE, COMPRESS_WHITE_SPACE, HTML_ENTITY_DECODE, LOWERCASE, CMD_LINE, URL_DECODE, BASE64_DECODE, HEX_DECODE, MD5, REPLACE_COMMENTS, ESCAPE_SEQ_DECODE, SQL_HEX_DECODE, CSS_DECODE, JS_DECODE, NORMALIZE_PATH, NORMALIZE_PATH_WIN, REMOVE_NULLS, REPLACE_NULLS, BASE64_DECODE_EXT, URL_DECODE_UNI, UTF8_TO_UNICODE
          },
        ],
      },
      rate_based_statement: {
        limit: 1, # required
        aggregate_key_type: "IP", # required, accepts IP, FORWARDED_IP
        scope_down_statement: {
          # recursive Statement
        },
        forwarded_ip_config: {
          header_name: "ForwardedIPHeaderName", # required
          fallback_behavior: "MATCH", # required, accepts MATCH, NO_MATCH
        },
      },
      and_statement: {
        statements: { # required
          # recursive Statements
        },
      },
      or_statement: {
        statements: { # required
          # recursive Statements
        },
      },
      not_statement: {
        statement: { # required
          # recursive Statement
        },
      },
      managed_rule_group_statement: {
        vendor_name: "VendorName", # required
        name: "EntityName", # required
        version: "VersionKeyString",
        excluded_rules: [
          {
            name: "EntityName", # required
          },
        ],
        scope_down_statement: {
          # recursive Statement
        },
        managed_rule_group_configs: [
          {
            login_path: "LoginPathString",
            payload_type: "JSON", # accepts JSON, FORM_ENCODED
            username_field: {
              identifier: "FieldIdentifier", # required
            },
            password_field: {
              identifier: "FieldIdentifier", # required
            },
          },
        ],
      },
      label_match_statement: {
        scope: "LABEL", # required, accepts LABEL, NAMESPACE
        key: "LabelMatchKey", # required
      },
      regex_match_statement: {
        regex_string: "RegexPatternString", # required
        field_to_match: { # required
          single_header: {
            name: "FieldToMatchData", # required
          },
          single_query_argument: {
            name: "FieldToMatchData", # required
          },
          all_query_arguments: {
          },
          uri_path: {
          },
          query_string: {
          },
          body: {
            oversize_handling: "CONTINUE", # accepts CONTINUE, MATCH, NO_MATCH
          },
          method: {
          },
          json_body: {
            match_pattern: { # required
              all: {
              },
              included_paths: ["JsonPointerPath"],
            },
            match_scope: "ALL", # required, accepts ALL, KEY, VALUE
            invalid_fallback_behavior: "MATCH", # accepts MATCH, NO_MATCH, EVALUATE_AS_STRING
            oversize_handling: "CONTINUE", # accepts CONTINUE, MATCH, NO_MATCH
          },
          headers: {
            match_pattern: { # required
              all: {
              },
              included_headers: ["FieldToMatchData"],
              excluded_headers: ["FieldToMatchData"],
            },
            match_scope: "ALL", # required, accepts ALL, KEY, VALUE
            oversize_handling: "CONTINUE", # required, accepts CONTINUE, MATCH, NO_MATCH
          },
          cookies: {
            match_pattern: { # required
              all: {
              },
              included_cookies: ["SingleCookieName"],
              excluded_cookies: ["SingleCookieName"],
            },
            match_scope: "ALL", # required, accepts ALL, KEY, VALUE
            oversize_handling: "CONTINUE", # required, accepts CONTINUE, MATCH, NO_MATCH
          },
        },
        text_transformations: [ # required
          {
            priority: 1, # required
            type: "NONE", # required, accepts NONE, COMPRESS_WHITE_SPACE, HTML_ENTITY_DECODE, LOWERCASE, CMD_LINE, URL_DECODE, BASE64_DECODE, HEX_DECODE, MD5, REPLACE_COMMENTS, ESCAPE_SEQ_DECODE, SQL_HEX_DECODE, CSS_DECODE, JS_DECODE, NORMALIZE_PATH, NORMALIZE_PATH_WIN, REMOVE_NULLS, REPLACE_NULLS, BASE64_DECODE_EXT, URL_DECODE_UNI, UTF8_TO_UNICODE
          },
        ],
      },
    },
  ],
}

A logical rule statement used to combine other rule statements with AND logic. You provide more than one Statement within the AndStatement.

Constant Summary collapse

SENSITIVE =
[]

Instance Attribute Summary collapse

Instance Attribute Details

#statementsArray<Types::Statement>

The statements to combine with AND logic. You can use any statements that can be nested.

Returns:



552
553
554
555
556
# File 'gems/aws-sdk-wafv2/lib/aws-sdk-wafv2/types.rb', line 552

class AndStatement < Struct.new(
  :statements)
  SENSITIVE = []
  include Aws::Structure
end