AWS WAF can now suggest protection packs for you based on the application information you provide when you create a webACL.

Author: aws-sdk-dotnet-automation

generator/ServiceModels/wafv2/wafv2-2019-07-29.api.json

@@ -1027,6 +1027,25 @@
         "Statements":{"shape":"Statements"}
       }
     },
+    "ApplicationAttribute":{
+      "type":"structure",
+      "members":{
+        "Name":{"shape":"AttributeName"},
+        "Values":{"shape":"AttributeValues"}
+      }
+    },
+    "ApplicationAttributes":{
+      "type":"list",
+      "member":{"shape":"ApplicationAttribute"},
+      "max":10,
+      "min":1
+    },
+    "ApplicationConfig":{
+      "type":"structure",
+      "members":{
+        "Attributes":{"shape":"ApplicationAttributes"}
+      }
+    },
     "AsnList":{
       "type":"list",
       "member":{"shape":"ASN"},
@@ -1072,6 +1091,23 @@
         "RequestBody":{"shape":"RequestBody"}
       }
     },
+    "AttributeName":{
+      "type":"string",
+      "max":64,
+      "min":1,
+      "pattern":"^[\\w\\-]+$"
+    },
+    "AttributeValue":{
+      "type":"string",
+      "max":64,
+      "min":1
+    },
+    "AttributeValues":{
+      "type":"list",
+      "member":{"shape":"AttributeValue"},
+      "max":10,
+      "min":1
+    },
     "BlockAction":{
       "type":"structure",
       "members":{
@@ -1614,7 +1650,8 @@
         "ChallengeConfig":{"shape":"ChallengeConfig"},
         "TokenDomains":{"shape":"TokenDomains"},
         "AssociationConfig":{"shape":"AssociationConfig"},
-        "OnSourceDDoSProtectionConfig":{"shape":"OnSourceDDoSProtectionConfig"}
+        "OnSourceDDoSProtectionConfig":{"shape":"OnSourceDDoSProtectionConfig"},
+        "ApplicationConfig":{"shape":"ApplicationConfig"}
       }
     },
     "CreateWebACLResponse":{
@@ -4537,7 +4574,8 @@
         "TokenDomains":{"shape":"TokenDomains"},
         "AssociationConfig":{"shape":"AssociationConfig"},
         "RetrofittedByFirewallManager":{"shape":"Boolean"},
-        "OnSourceDDoSProtectionConfig":{"shape":"OnSourceDDoSProtectionConfig"}
+        "OnSourceDDoSProtectionConfig":{"shape":"OnSourceDDoSProtectionConfig"},
+        "ApplicationConfig":{"shape":"ApplicationConfig"}
       }
     },
     "WebACLSummaries":{

generator/ServiceModels/wafv2/wafv2-2019-07-29.docs.json

@@ -179,6 +179,25 @@
         "Statement$AndStatement": "<p>A logical rule statement used to combine other rule statements with AND logic. You provide more than one <a>Statement</a> within the <code>AndStatement</code>. </p>"
       }
     },
+    "ApplicationAttribute": {
+      "base": "<p>Application details defined during the web ACL creation process. Application attributes help WAF give recommendations for protection packs.</p>",
+      "refs": {
+        "ApplicationAttributes$member": null
+      }
+    },
+    "ApplicationAttributes": {
+      "base": null,
+      "refs": {
+        "ApplicationConfig$Attributes": "<p>Contains the attribute name and a list of values for that attribute.</p>"
+      }
+    },
+    "ApplicationConfig": {
+      "base": "<p>A list of <code>ApplicationAttribute</code>s that contains information about the application.</p>",
+      "refs": {
+        "CreateWebACLRequest$ApplicationConfig": "<p>Configures the ability for the WAF console to store and retrieve application attributes during the web ACL creation process. Application attributes help WAF give recommendations for protection packs.</p>",
+        "WebACL$ApplicationConfig": "<p>Returns a list of <code>ApplicationAttribute</code>s.</p>"
+      }
+    },
     "AsnList": {
       "base": null,
       "refs": {
@@ -213,6 +232,24 @@
         "WebACL$AssociationConfig": "<p>Specifies custom configurations for the associations between the web ACL and protected resources. </p> <p>Use this to customize the maximum size of the request body that your protected resources forward to WAF for inspection. You can customize this setting for CloudFront, API Gateway, Amazon Cognito, App Runner, or Verified Access resources. The default setting is 16 KB (16,384 bytes). </p> <note> <p>You are charged additional fees when your protected resources forward body sizes that are larger than the default. For more information, see <a href=\"http://aws.amazon.com/waf/pricing/\">WAF Pricing</a>.</p> </note> <p>For Application Load Balancer and AppSync, the limit is fixed at 8 KB (8,192 bytes).</p>"
       }
     },
+    "AttributeName": {
+      "base": null,
+      "refs": {
+        "ApplicationAttribute$Name": "<p>Specifies the attribute name.</p>"
+      }
+    },
+    "AttributeValue": {
+      "base": null,
+      "refs": {
+        "AttributeValues$member": null
+      }
+    },
+    "AttributeValues": {
+      "base": null,
+      "refs": {
+        "ApplicationAttribute$Values": "<p>Specifies the attribute value.</p>"
+      }
+    },
     "BlockAction": {
       "base": "<p>Specifies that WAF should block the request and optionally defines additional custom handling for the response to the web request.</p> <p>This is used in the context of other settings, for example to specify values for <a>RuleAction</a> and web ACL <a>DefaultAction</a>. </p>",
       "refs": {

generator/ServiceModels/wafv2/wafv2-2019-07-29.normal.json

@@ -1155,6 +1155,36 @@
       },
       "documentation":"<p>A logical rule statement used to combine other rule statements with AND logic. You provide more than one <a>Statement</a> within the <code>AndStatement</code>. </p>"
     },
+    "ApplicationAttribute":{
+      "type":"structure",
+      "members":{
+        "Name":{
+          "shape":"AttributeName",
+          "documentation":"<p>Specifies the attribute name.</p>"
+        },
+        "Values":{
+          "shape":"AttributeValues",
+          "documentation":"<p>Specifies the attribute value.</p>"
+        }
+      },
+      "documentation":"<p>Application details defined during the web ACL creation process. Application attributes help WAF give recommendations for protection packs.</p>"
+    },
+    "ApplicationAttributes":{
+      "type":"list",
+      "member":{"shape":"ApplicationAttribute"},
+      "max":10,
+      "min":1
+    },
+    "ApplicationConfig":{
+      "type":"structure",
+      "members":{
+        "Attributes":{
+          "shape":"ApplicationAttributes",
+          "documentation":"<p>Contains the attribute name and a list of values for that attribute.</p>"
+        }
+      },
+      "documentation":"<p>A list of <code>ApplicationAttribute</code>s that contains information about the application.</p>"
+    },
     "AsnList":{
       "type":"list",
       "member":{"shape":"ASN"},
@@ -1217,6 +1247,23 @@
       },
       "documentation":"<p>Specifies custom configurations for the associations between the web ACL and protected resources. </p> <p>Use this to customize the maximum size of the request body that your protected resources forward to WAF for inspection. You can customize this setting for CloudFront, API Gateway, Amazon Cognito, App Runner, or Verified Access resources. The default setting is 16 KB (16,384 bytes). </p> <note> <p>You are charged additional fees when your protected resources forward body sizes that are larger than the default. For more information, see <a href=\"http://aws.amazon.com/waf/pricing/\">WAF Pricing</a>.</p> </note> <p>For Application Load Balancer and AppSync, the limit is fixed at 8 KB (8,192 bytes).</p>"
     },
+    "AttributeName":{
+      "type":"string",
+      "max":64,
+      "min":1,
+      "pattern":"^[\\w\\-]+$"
+    },
+    "AttributeValue":{
+      "type":"string",
+      "max":64,
+      "min":1
+    },
+    "AttributeValues":{
+      "type":"list",
+      "member":{"shape":"AttributeValue"},
+      "max":10,
+      "min":1
+    },
     "BlockAction":{
       "type":"structure",
       "members":{
@@ -1987,6 +2034,10 @@
         "OnSourceDDoSProtectionConfig":{
           "shape":"OnSourceDDoSProtectionConfig",
           "documentation":"<p>Specifies the type of DDoS protection to apply to web request data for a web ACL. For most scenarios, it is recommended to use the default protection level, <code>ACTIVE_UNDER_DDOS</code>. If a web ACL is associated with multiple Application Load Balancers, the changes you make to DDoS protection in that web ACL will apply to all associated Application Load Balancers.</p>"
+        },
+        "ApplicationConfig":{
+          "shape":"ApplicationConfig",
+          "documentation":"<p>Configures the ability for the WAF console to store and retrieve application attributes during the web ACL creation process. Application attributes help WAF give recommendations for protection packs.</p>"
         }
       }
     },
@@ -6757,6 +6808,10 @@
         "OnSourceDDoSProtectionConfig":{
           "shape":"OnSourceDDoSProtectionConfig",
           "documentation":"<p>Configures the level of DDoS protection that applies to web ACLs associated with Application Load Balancers.</p>"
+        },
+        "ApplicationConfig":{
+          "shape":"ApplicationConfig",
+          "documentation":"<p>Returns a list of <code>ApplicationAttribute</code>s.</p>"
         }
       },
       "documentation":"<p> A web ACL defines a collection of rules to use to inspect and control web requests. Each rule has a statement that defines what to look for in web requests and an action that WAF applies to requests that match the statement. In the web ACL, you assign a default action to take (allow, block) for any request that does not match any of the rules. The rules in a web ACL can be a combination of the types <a>Rule</a>, <a>RuleGroup</a>, and managed rule group. You can associate a web ACL with one or more Amazon Web Services resources to protect. The resource types include Amazon CloudFront distribution, Amazon API Gateway REST API, Application Load Balancer, AppSync GraphQL API, Amazon Cognito user pool, App Runner service, Amplify application, and Amazon Web Services Verified Access instance. </p>"

sdk/code-analysis/ServiceAnalysis/WAFV2/Generated/PropertyValueRules.xml

@@ -862,6 +862,12 @@
     <property>Amazon.WAFV2.Model.APIKeySummary.Version</property>
     <min>0</min>
   </property-value-rule>
+  <property-value-rule>
+    <property>Amazon.WAFV2.Model.ApplicationAttribute.Name</property>
+    <min>1</min>
+    <max>64</max>
+    <pattern>^[\w\-]+$</pattern>
+  </property-value-rule>
   <property-value-rule>
     <property>Amazon.WAFV2.Model.AWSManagedRulesACFPRuleSet.CreationPath</property>
     <min>1</min>

sdk/src/Services/WAFV2/Generated/Model/ApplicationAttribute.cs

@@ -0,0 +1,80 @@
+/*
+ * Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
+ * 
+ * Licensed under the Apache License, Version 2.0 (the "License").
+ * You may not use this file except in compliance with the License.
+ * A copy of the License is located at
+ * 
+ *  http://aws.amazon.com/apache2.0
+ * 
+ * or in the "license" file accompanying this file. This file is distributed
+ * on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either
+ * express or implied. See the License for the specific language governing
+ * permissions and limitations under the License.
+ */
+
+/*
+ * Do not modify this file. This file is generated from the wafv2-2019-07-29.normal.json service model.
+ */
+using System;
+using System.Collections.Generic;
+using System.Xml.Serialization;
+using System.Text;
+using System.IO;
+using System.Net;
+
+using Amazon.Runtime;
+using Amazon.Runtime.Internal;
+
+#pragma warning disable CS0612,CS0618,CS1570
+namespace Amazon.WAFV2.Model
+{
+    /// <summary>
+    /// Application details defined during the web ACL creation process. Application attributes
+    /// help WAF give recommendations for protection packs.
+    /// </summary>
+    public partial class ApplicationAttribute
+    {
+        private string _name;
+        private List<string> _values = AWSConfigs.InitializeCollections ? new List<string>() : null;
+
+        /// <summary>
+        /// Gets and sets the property Name. 
+        /// <para>
+        /// Specifies the attribute name.
+        /// </para>
+        /// </summary>
+        [AWSProperty(Min=1, Max=64)]
+        public string Name
+        {
+            get { return this._name; }
+            set { this._name = value; }
+        }
+
+        // Check to see if Name property is set
+        internal bool IsSetName()
+        {
+            return this._name != null;
+        }
+
+        /// <summary>
+        /// Gets and sets the property Values. 
+        /// <para>
+        /// Specifies the attribute value.
+        /// </para>
+        /// </summary>
+        [AWSProperty(Min=1, Max=10)]
+        public List<string> Values
+        {
+            get { return this._values; }
+            set { this._values = value; }
+        }
+
+        // Check to see if Values property is set
+        internal bool IsSetValues()
+        {
+            return this._values != null && (this._values.Count > 0 || !AWSConfigs.InitializeCollections); 
+        }
+
+    }
+}

sdk/src/Services/WAFV2/Generated/Model/ApplicationConfig.cs

@@ -0,0 +1,59 @@
+/*
+ * Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
+ * 
+ * Licensed under the Apache License, Version 2.0 (the "License").
+ * You may not use this file except in compliance with the License.
+ * A copy of the License is located at
+ * 
+ *  http://aws.amazon.com/apache2.0
+ * 
+ * or in the "license" file accompanying this file. This file is distributed
+ * on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either
+ * express or implied. See the License for the specific language governing
+ * permissions and limitations under the License.
+ */
+
+/*
+ * Do not modify this file. This file is generated from the wafv2-2019-07-29.normal.json service model.
+ */
+using System;
+using System.Collections.Generic;
+using System.Xml.Serialization;
+using System.Text;
+using System.IO;
+using System.Net;
+
+using Amazon.Runtime;
+using Amazon.Runtime.Internal;
+
+#pragma warning disable CS0612,CS0618,CS1570
+namespace Amazon.WAFV2.Model
+{
+    /// <summary>
+    /// A list of <c>ApplicationAttribute</c>s that contains information about the application.
+    /// </summary>
+    public partial class ApplicationConfig
+    {
+        private List<ApplicationAttribute> _attributes = AWSConfigs.InitializeCollections ? new List<ApplicationAttribute>() : null;
+
+        /// <summary>
+        /// Gets and sets the property Attributes. 
+        /// <para>
+        /// Contains the attribute name and a list of values for that attribute.
+        /// </para>
+        /// </summary>
+        [AWSProperty(Min=1, Max=10)]
+        public List<ApplicationAttribute> Attributes
+        {
+            get { return this._attributes; }
+            set { this._attributes = value; }
+        }
+
+        // Check to see if Attributes property is set
+        internal bool IsSetAttributes()
+        {
+            return this._attributes != null && (this._attributes.Count > 0 || !AWSConfigs.InitializeCollections); 
+        }
+
+    }
+}

sdk/src/Services/WAFV2/Generated/Model/CreateWebACLRequest.cs

@@ -49,6 +49,7 @@ namespace Amazon.WAFV2.Model
     /// </summary>
     public partial class CreateWebACLRequest : AmazonWAFV2Request
     {
+        private ApplicationConfig _applicationConfig;
         private AssociationConfig _associationConfig;
         private CaptchaConfig _captchaConfig;
         private ChallengeConfig _challengeConfig;
@@ -64,6 +65,26 @@ public partial class CreateWebACLRequest : AmazonWAFV2Request
         private List<string> _tokenDomains = AWSConfigs.InitializeCollections ? new List<string>() : null;
         private VisibilityConfig _visibilityConfig;
 
+        /// <summary>
+        /// Gets and sets the property ApplicationConfig. 
+        /// <para>
+        /// Configures the ability for the WAF console to store and retrieve application attributes
+        /// during the web ACL creation process. Application attributes help WAF give recommendations
+        /// for protection packs.
+        /// </para>
+        /// </summary>
+        public ApplicationConfig ApplicationConfig
+        {
+            get { return this._applicationConfig; }
+            set { this._applicationConfig = value; }
+        }
+
+        // Check to see if ApplicationConfig property is set
+        internal bool IsSetApplicationConfig()
+        {
+            return this._applicationConfig != null;
+        }
+
         /// <summary>
         /// Gets and sets the property AssociationConfig. 
         /// <para>