AWS WAFV2

2023/06/02 - AWS WAFV2 - 2 new api methods

Changes  Added APIs to describe managed products. The APIs retrieve information about rule groups that are managed by AWS and by AWS Marketplace sellers.

DescribeAllManagedProducts (new) Link ¶

Provides high-level information for the Amazon Web Services Managed Rules rule groups and Amazon Web Services Marketplace managed rule groups.

See also: AWS API Documentation

Request Syntax

client.describe_all_managed_products(
    Scope='CLOUDFRONT'|'REGIONAL'
)
type Scope:

string

param Scope:

[REQUIRED]

Specifies whether this is for an Amazon CloudFront distribution or for a regional application. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, an AppSync GraphQL API, an Amazon Cognito user pool, an App Runner service, or an Amazon Web Services Verified Access instance.

To work with CloudFront, you must also specify the Region US East (N. Virginia) as follows:

  • CLI - Specify the Region when you use the CloudFront scope: --scope=CLOUDFRONT --region=us-east-1.

  • API and SDKs - For all calls, use the Region endpoint us-east-1.

rtype:

dict

returns:

Response Syntax

{
    'ManagedProducts': [
        {
            'VendorName': 'string',
            'ManagedRuleSetName': 'string',
            'ProductId': 'string',
            'ProductLink': 'string',
            'ProductTitle': 'string',
            'ProductDescription': 'string',
            'SnsTopicArn': 'string',
            'IsVersioningSupported': True|False,
            'IsAdvancedManagedRuleSet': True|False
        },
    ]
}

Response Structure

  • (dict) --

    • ManagedProducts (list) --

      High-level information for the Amazon Web Services Managed Rules rule groups and Amazon Web Services Marketplace managed rule groups.

      • (dict) --

        The properties of a managed product, such as an Amazon Web Services Managed Rules rule group or an Amazon Web Services Marketplace managed rule group.

        • VendorName (string) --

          The name of the managed rule group vendor. You use this, along with the rule group name, to identify a rule group.

        • ManagedRuleSetName (string) --

          The name of the managed rule group. For example, AWSManagedRulesAnonymousIpList or AWSManagedRulesATPRuleSet.

        • ProductId (string) --

          A unique identifier for the rule group. This ID is returned in the responses to create and list commands. You provide it to operations like update and delete.

        • ProductLink (string) --

          For Amazon Web Services Marketplace managed rule groups only, the link to the rule group product page.

        • ProductTitle (string) --

          The display name for the managed rule group. For example, Anonymous IP list or Account takeover prevention.

        • ProductDescription (string) --

          A short description of the managed rule group.

        • SnsTopicArn (string) --

          The Amazon resource name (ARN) of the Amazon Simple Notification Service SNS topic that's used to provide notification of changes to the managed rule group. You can subscribe to the SNS topic to receive notifications when the managed rule group is modified, such as for new versions and for version expiration. For more information, see the Amazon Simple Notification Service Developer Guide.

        • IsVersioningSupported (boolean) --

          Indicates whether the rule group is versioned.

        • IsAdvancedManagedRuleSet (boolean) --

          Indicates whether the rule group provides an advanced set of protections, such as the the Amazon Web Services Managed Rules rule groups that are used for WAF intelligent threat mitigation.

DescribeManagedProductsByVendor (new) Link ¶

Provides high-level information for the managed rule groups owned by a specific vendor.

See also: AWS API Documentation

Request Syntax

client.describe_managed_products_by_vendor(
    VendorName='string',
    Scope='CLOUDFRONT'|'REGIONAL'
)
type VendorName:

string

param VendorName:

[REQUIRED]

The name of the managed rule group vendor. You use this, along with the rule group name, to identify a rule group.

type Scope:

string

param Scope:

[REQUIRED]

Specifies whether this is for an Amazon CloudFront distribution or for a regional application. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, an AppSync GraphQL API, an Amazon Cognito user pool, an App Runner service, or an Amazon Web Services Verified Access instance.

To work with CloudFront, you must also specify the Region US East (N. Virginia) as follows:

  • CLI - Specify the Region when you use the CloudFront scope: --scope=CLOUDFRONT --region=us-east-1.

  • API and SDKs - For all calls, use the Region endpoint us-east-1.

rtype:

dict

returns:

Response Syntax

{
    'ManagedProducts': [
        {
            'VendorName': 'string',
            'ManagedRuleSetName': 'string',
            'ProductId': 'string',
            'ProductLink': 'string',
            'ProductTitle': 'string',
            'ProductDescription': 'string',
            'SnsTopicArn': 'string',
            'IsVersioningSupported': True|False,
            'IsAdvancedManagedRuleSet': True|False
        },
    ]
}

Response Structure

  • (dict) --

    • ManagedProducts (list) --

      High-level information for the managed rule groups owned by the specified vendor.

      • (dict) --

        The properties of a managed product, such as an Amazon Web Services Managed Rules rule group or an Amazon Web Services Marketplace managed rule group.

        • VendorName (string) --

          The name of the managed rule group vendor. You use this, along with the rule group name, to identify a rule group.

        • ManagedRuleSetName (string) --

          The name of the managed rule group. For example, AWSManagedRulesAnonymousIpList or AWSManagedRulesATPRuleSet.

        • ProductId (string) --

          A unique identifier for the rule group. This ID is returned in the responses to create and list commands. You provide it to operations like update and delete.

        • ProductLink (string) --

          For Amazon Web Services Marketplace managed rule groups only, the link to the rule group product page.

        • ProductTitle (string) --

          The display name for the managed rule group. For example, Anonymous IP list or Account takeover prevention.

        • ProductDescription (string) --

          A short description of the managed rule group.

        • SnsTopicArn (string) --

          The Amazon resource name (ARN) of the Amazon Simple Notification Service SNS topic that's used to provide notification of changes to the managed rule group. You can subscribe to the SNS topic to receive notifications when the managed rule group is modified, such as for new versions and for version expiration. For more information, see the Amazon Simple Notification Service Developer Guide.

        • IsVersioningSupported (boolean) --

          Indicates whether the rule group is versioned.

        • IsAdvancedManagedRuleSet (boolean) --

          Indicates whether the rule group provides an advanced set of protections, such as the the Amazon Web Services Managed Rules rule groups that are used for WAF intelligent threat mitigation.