Indicates if the global database cluster has deletion protection enabled. The global database cluster can't be deleted when deletion protection is enabled.
", "OptionGroupOption$SupportsOptionVersionDowngrade": "If true, you can change the option to an earlier version of the option. This only applies to options that have different versions available.
", "OrderableDBInstanceOption$SupportsStorageAutoscaling": "Whether or not Amazon RDS can automatically scale storage for DB instances that use the specified instance class.
", + "OrderableDBInstanceOption$SupportsKerberosAuthentication": "Whether a DB instance supports Kerberos Authentication.
", "PendingModifiedValues$MultiAZ": "Indicates that the Single-AZ DB instance is to change to a Multi-AZ deployment.
", "RebootDBInstanceMessage$ForceFailover": "A value that indicates whether the reboot is conducted through a Multi-AZ failover.
Constraint: You can't enable force failover if the instance is not configured for Multi-AZ.
", "RestoreDBClusterFromS3Message$StorageEncrypted": "A value that indicates whether the restored DB cluster is encrypted.
", @@ -1747,7 +1748,7 @@ "DescribeDBClustersMessage$Filters": "A filter that specifies one or more DB clusters to describe.
Supported filters:
db-cluster-id - Accepts DB cluster identifiers and DB cluster Amazon Resource Names (ARNs). The results list will only include information about the DB clusters identified by these ARNs.
This parameter is not currently supported.
", "DescribeDBInstanceAutomatedBackupsMessage$Filters": "A filter that specifies which resources to return based on status.
Supported filters are the following:
status
active - automated backups for current instances
retained - automated backups for deleted instances
creating - automated backups that are waiting for the first automated snapshot to be available
db-instance-id - Accepts DB instance identifiers and Amazon Resource Names (ARNs) for DB instances. The results list includes only information about the DB instance automated backupss identified by these ARNs.
dbi-resource-id - Accepts DB instance resource identifiers and DB Amazon Resource Names (ARNs) for DB instances. The results list includes only information about the DB instance resources identified by these ARNs.
Returns all resources by default. The status for each resource is specified in the response.
", - "DescribeDBInstancesMessage$Filters": "A filter that specifies one or more DB instances to describe.
Supported filters:
db-cluster-id - Accepts DB cluster identifiers and DB cluster Amazon Resource Names (ARNs). The results list will only include information about the DB instances associated with the DB clusters identified by these ARNs.
db-instance-id - Accepts DB instance identifiers and DB instance Amazon Resource Names (ARNs). The results list will only include information about the DB instances identified by these ARNs.
dbi-resource-id - Accepts DB instance resource identifiers. The results list will only include information about the DB instances identified by these resource identifiers.
A filter that specifies one or more DB instances to describe.
Supported filters:
db-cluster-id - Accepts DB cluster identifiers and DB cluster Amazon Resource Names (ARNs). The results list will only include information about the DB instances associated with the DB clusters identified by these ARNs.
db-instance-id - Accepts DB instance identifiers and DB instance Amazon Resource Names (ARNs). The results list will only include information about the DB instances identified by these ARNs.
dbi-resource-id - Accepts DB instance resource identifiers. The results list will only include information about the DB instances identified by these DB instance resource identifiers.
domain - Accepts Active Directory directory IDs. The results list will only include information about the DB instances associated with these domains.
engine - Accepts engine names. The results list will only include information about the DB instances for these engines.
This parameter is not currently supported.
", "DescribeDBParameterGroupsMessage$Filters": "This parameter is not currently supported.
", "DescribeDBParametersMessage$Filters": "This parameter is not currently supported.
", @@ -3035,7 +3036,7 @@ "CreateDBInstanceMessage$TdeCredentialArn": "The ARN from the key store with which to associate the instance for TDE encryption.
", "CreateDBInstanceMessage$TdeCredentialPassword": "The password for the given ARN from the key store in order to access the device.
", "CreateDBInstanceMessage$KmsKeyId": "The AWS KMS key identifier for an encrypted DB instance.
The KMS key identifier is the Amazon Resource Name (ARN) for the KMS encryption key. If you are creating a DB instance with the same AWS account that owns the KMS encryption key used to encrypt the new DB instance, then you can use the KMS key alias instead of the ARN for the KM encryption key.
Amazon Aurora
Not applicable. The KMS key identifier is managed by the DB cluster. For more information, see CreateDBCluster.
If StorageEncrypted is enabled, and you do not specify a value for the KmsKeyId parameter, then Amazon RDS will use your default encryption key. AWS KMS creates the default encryption key for your AWS account. Your AWS account has a different default encryption key for each AWS Region.
For an Amazon RDS DB instance that's running Microsoft SQL Server, this parameter specifies the Active Directory directory ID to create the instance in. Amazon RDS uses Windows Authentication to authenticate users that connect to the DB instance. For more information, see Using Windows Authentication with an Amazon RDS DB Instance Running Microsoft SQL Server in the Amazon RDS User Guide.
", + "CreateDBInstanceMessage$Domain": "The Active Directory directory ID to create the DB instance in. Currently, only Microsoft SQL Server and Oracle DB instances can be created in an Active Directory Domain.
For Microsoft SQL Server DB instances, Amazon RDS can use Windows Authentication to authenticate users that connect to the DB instance. For more information, see Using Windows Authentication with an Amazon RDS DB Instance Running Microsoft SQL Server in the Amazon RDS User Guide.
For Oracle DB instance, Amazon RDS can use Kerberos Authentication to authenticate users that connect to the DB instance. For more information, see Using Kerberos Authentication with Amazon RDS for Oracle in the Amazon RDS User Guide.
", "CreateDBInstanceMessage$MonitoringRoleArn": "The ARN for the IAM role that permits RDS to send enhanced monitoring metrics to Amazon CloudWatch Logs. For example, arn:aws:iam:123456789012:role/emaccess. For information on creating a monitoring role, go to Setting Up and Enabling Enhanced Monitoring in the Amazon RDS User Guide.
If MonitoringInterval is set to a value other than 0, then you must supply a MonitoringRoleArn value.
Specify the name of the IAM role to be used when making API calls to the Directory Service.
", "CreateDBInstanceMessage$Timezone": "The time zone of the DB instance. The time zone parameter is currently supported only by Microsoft SQL Server.
", @@ -3052,6 +3053,8 @@ "CreateDBInstanceReadReplicaMessage$KmsKeyId": "The AWS KMS key ID for an encrypted Read Replica. The KMS key ID is the Amazon Resource Name (ARN), KMS key identifier, or the KMS key alias for the KMS encryption key.
If you create an encrypted Read Replica in the same AWS Region as the source DB instance, then you do not have to specify a value for this parameter. The Read Replica is encrypted with the same KMS key as the source DB instance.
If you create an encrypted Read Replica in a different AWS Region, then you must specify a KMS key for the destination AWS Region. KMS encryption keys are specific to the AWS Region that they are created in, and you can't use encryption keys from one AWS Region in another AWS Region.
You can't create an encrypted Read Replica from an unencrypted DB instance.
", "CreateDBInstanceReadReplicaMessage$PreSignedUrl": "The URL that contains a Signature Version 4 signed request for the CreateDBInstanceReadReplica API action in the source AWS Region that contains the source DB instance.
You must specify this parameter when you create an encrypted Read Replica from another AWS Region by using the Amazon RDS API. You can specify the --source-region option instead of this parameter when you create an encrypted Read Replica from another AWS Region by using the AWS CLI.
The presigned URL must be a valid request for the CreateDBInstanceReadReplica API action that can be executed in the source AWS Region that contains the encrypted source DB instance. The presigned URL request must contain the following parameter values:
DestinationRegion - The AWS Region that the encrypted Read Replica is created in. This AWS Region is the same one where the CreateDBInstanceReadReplica action is called that contains this presigned URL.
For example, if you create an encrypted DB instance in the us-west-1 AWS Region, from a source DB instance in the us-east-2 AWS Region, then you call the CreateDBInstanceReadReplica action in the us-east-1 AWS Region and provide a presigned URL that contains a call to the CreateDBInstanceReadReplica action in the us-west-2 AWS Region. For this example, the DestinationRegion in the presigned URL must be set to the us-east-1 AWS Region.
KmsKeyId - The AWS KMS key identifier for the key to use to encrypt the Read Replica in the destination AWS Region. This is the same identifier for both the CreateDBInstanceReadReplica action that is called in the destination AWS Region, and the action contained in the presigned URL.
SourceDBInstanceIdentifier - The DB instance identifier for the encrypted DB instance to be replicated. This identifier must be in the Amazon Resource Name (ARN) format for the source AWS Region. For example, if you are creating an encrypted Read Replica from a DB instance in the us-west-2 AWS Region, then your SourceDBInstanceIdentifier looks like the following example: arn:aws:rds:us-west-2:123456789012:instance:mysql-instance1-20161115.
To learn how to generate a Signature Version 4 signed request, see Authenticating Requests: Using Query Parameters (AWS Signature Version 4) and Signature Version 4 Signing Process.
", "CreateDBInstanceReadReplicaMessage$PerformanceInsightsKMSKeyId": "The AWS KMS key identifier for encryption of Performance Insights data. The KMS key ID is the Amazon Resource Name (ARN), KMS key identifier, or the KMS key alias for the KMS encryption key.
If you do not specify a value for PerformanceInsightsKMSKeyId, then Amazon RDS uses your default encryption key. AWS KMS creates the default encryption key for your AWS account. Your AWS account has a different default encryption key for each AWS Region.
The Active Directory directory ID to create the DB instance in.
For Oracle DB instances, Amazon RDS can use Kerberos Authentication to authenticate users that connect to the DB instance. For more information, see Using Kerberos Authentication with Amazon RDS for Oracle in the Amazon RDS User Guide.
", + "CreateDBInstanceReadReplicaMessage$DomainIAMRoleName": "Specify the name of the IAM role to be used when making API calls to the Directory Service.
", "CreateDBParameterGroupMessage$DBParameterGroupName": "The name of the DB parameter group.
Constraints:
Must be 1 to 255 letters, numbers, or hyphens.
First character must be a letter
Can't end with a hyphen or contain two consecutive hyphens
This value is stored as a lowercase string.
The DB parameter group family name. A DB parameter group can be associated with one and only one DB parameter group family, and can be applied only to a DB instance running a database engine and engine version compatible with that DB parameter group family.
To list all of the available parameter group families, use the following command:
aws rds describe-db-engine-versions --query \"DBEngineVersions[].DBParameterGroupFamily\"
The output contains duplicates.
The description for the DB parameter group.
", @@ -3433,7 +3436,7 @@ "ModifyDBInstanceMessage$TdeCredentialArn": "The ARN from the key store with which to associate the instance for TDE encryption.
", "ModifyDBInstanceMessage$TdeCredentialPassword": "The password for the given ARN from the key store in order to access the device.
", "ModifyDBInstanceMessage$CACertificateIdentifier": "Indicates the certificate that needs to be associated with the instance.
", - "ModifyDBInstanceMessage$Domain": "The Active Directory Domain to move the instance to. Specify none to remove the instance from its current domain. The domain must be created prior to this operation. Currently only a Microsoft SQL Server instance can be created in a Active Directory Domain.
The Active Directory directory ID to move the DB instance to. Specify none to remove the instance from its current domain. The domain must be created prior to this operation. Currently, only Microsoft SQL Server and Oracle DB instances can be created in an Active Directory Domain.
For Microsoft SQL Server DB instances, Amazon RDS can use Windows Authentication to authenticate users that connect to the DB instance. For more information, see Using Windows Authentication with an Amazon RDS DB Instance Running Microsoft SQL Server in the Amazon RDS User Guide.
For Oracle DB instances, Amazon RDS can use Kerberos Authentication to authenticate users that connect to the DB instance. For more information, see Using Kerberos Authentication with Amazon RDS for Oracle in the Amazon RDS User Guide.
", "ModifyDBInstanceMessage$MonitoringRoleArn": "The ARN for the IAM role that permits RDS to send enhanced monitoring metrics to Amazon CloudWatch Logs. For example, arn:aws:iam:123456789012:role/emaccess. For information on creating a monitoring role, go to To create an IAM role for Amazon RDS Enhanced Monitoring in the Amazon RDS User Guide.
If MonitoringInterval is set to a value other than 0, then you must supply a MonitoringRoleArn value.
The name of the IAM role to use when making API calls to the Directory Service.
", "ModifyDBInstanceMessage$PerformanceInsightsKMSKeyId": "The AWS KMS key identifier for encryption of Performance Insights data. The KMS key ID is the Amazon Resource Name (ARN), KMS key identifier, or the KMS key alias for the KMS encryption key.
If you do not specify a value for PerformanceInsightsKMSKeyId, then Amazon RDS uses your default encryption key. AWS KMS creates the default encryption key for your AWS account. Your AWS account has a different default encryption key for each AWS Region.
Specifies the storage type to be associated with the DB instance.
Valid values: standard | gp2 | io1
If you specify io1, you must also include a value for the Iops parameter.
Default: io1 if the Iops parameter is specified, otherwise gp2
The ARN from the key store with which to associate the instance for TDE encryption.
", "RestoreDBInstanceFromDBSnapshotMessage$TdeCredentialPassword": "The password for the given ARN from the key store in order to access the device.
", - "RestoreDBInstanceFromDBSnapshotMessage$Domain": "Specify the Active Directory Domain to restore the instance in.
", + "RestoreDBInstanceFromDBSnapshotMessage$Domain": "Specify the Active Directory directory ID to restore the DB instance in. The domain must be created prior to this operation. Currently, only Microsoft SQL Server and Oracle DB instances can be created in an Active Directory Domain.
For Microsoft SQL Server DB instances, Amazon RDS can use Windows Authentication to authenticate users that connect to the DB instance. For more information, see Using Windows Authentication with an Amazon RDS DB Instance Running Microsoft SQL Server in the Amazon RDS User Guide.
For Oracle DB instances, Amazon RDS can use Kerberos Authentication to authenticate users that connect to the DB instance. For more information, see Using Kerberos Authentication with Amazon RDS for Oracle in the Amazon RDS User Guide.
", "RestoreDBInstanceFromDBSnapshotMessage$DomainIAMRoleName": "Specify the name of the IAM role to be used when making API calls to the Directory Service.
", "RestoreDBInstanceFromDBSnapshotMessage$DBParameterGroupName": "The name of the DB parameter group to associate with this DB instance.
If you do not specify a value for DBParameterGroupName, then the default DBParameterGroup for the specified DB engine is used.
Constraints:
If supplied, must match the name of an existing DBParameterGroup.
Must be 1 to 255 letters, numbers, or hyphens.
First character must be a letter.
Can't end with a hyphen or contain two consecutive hyphens.
The name of the database to create when the DB instance is created. Follow the naming rules specified in CreateDBInstance.
Specifies the storage type to be associated with the DB instance.
Valid values: standard | gp2 | io1
If you specify io1, you must also include a value for the Iops parameter.
Default: io1 if the Iops parameter is specified, otherwise gp2
The ARN from the key store with which to associate the instance for TDE encryption.
", "RestoreDBInstanceToPointInTimeMessage$TdeCredentialPassword": "The password for the given ARN from the key store in order to access the device.
", - "RestoreDBInstanceToPointInTimeMessage$Domain": "Specify the Active Directory Domain to restore the instance in.
", + "RestoreDBInstanceToPointInTimeMessage$Domain": "Specify the Active Directory directory ID to restore the DB instance in. The domain must be created prior to this operation. Currently, only Microsoft SQL Server and Oracle DB instances can be created in an Active Directory Domain.
For Microsoft SQL Server DB instances, Amazon RDS can use Windows Authentication to authenticate users that connect to the DB instance. For more information, see Using Windows Authentication with an Amazon RDS DB Instance Running Microsoft SQL Server in the Amazon RDS User Guide.
For Oracle DB instances, Amazon RDS can use Kerberos Authentication to authenticate users that connect to the DB instance. For more information, see Using Kerberos Authentication with Amazon RDS for Oracle in the Amazon RDS User Guide.
", "RestoreDBInstanceToPointInTimeMessage$DomainIAMRoleName": "Specify the name of the IAM role to be used when making API calls to the Directory Service.
", "RestoreDBInstanceToPointInTimeMessage$DBParameterGroupName": "The name of the DB parameter group to associate with this DB instance.
If you do not specify a value for DBParameterGroupName, then the default DBParameterGroup for the specified DB engine is used.
Constraints:
If supplied, must match the name of an existing DBParameterGroup.
Must be 1 to 255 letters, numbers, or hyphens.
First character must be a letter.
Can't end with a hyphen or contain two consecutive hyphens.
The resource ID of the source DB instance from which to restore.
", diff --git a/aws-sdk-core/apis/rds/2014-10-31/waiters-2.json b/aws-sdk-core/apis/rds/2014-10-31/waiters-2.json index 6a223a583c5..1510d1fc8a4 100644 --- a/aws-sdk-core/apis/rds/2014-10-31/waiters-2.json +++ b/aws-sdk-core/apis/rds/2014-10-31/waiters-2.json @@ -50,10 +50,10 @@ "maxAttempts": 60, "acceptors": [ { - "expected": "deleted", - "matcher": "pathAll", + "expected": true, + "matcher": "path", "state": "success", - "argument": "DBInstances[].DBInstanceStatus" + "argument": "length(DBInstances) == `0`" }, { "expected": "DBInstanceNotFound", @@ -135,10 +135,10 @@ "maxAttempts": 60, "acceptors": [ { - "expected": "deleted", - "matcher": "pathAll", + "expected": true, + "matcher": "path", "state": "success", - "argument": "DBSnapshots[].Status" + "argument": "length(DBSnapshots) == `0`" }, { "expected": "DBSnapshotNotFound", @@ -170,6 +170,91 @@ "argument": "DBSnapshots[].Status" } ] + }, + "DBClusterSnapshotAvailable": { + "delay": 30, + "operation": "DescribeDBClusterSnapshots", + "maxAttempts": 60, + "acceptors": [ + { + "expected": "available", + "matcher": "pathAll", + "state": "success", + "argument": "DBClusterSnapshots[].Status" + }, + { + "expected": "deleted", + "matcher": "pathAny", + "state": "failure", + "argument": "DBClusterSnapshots[].Status" + }, + { + "expected": "deleting", + "matcher": "pathAny", + "state": "failure", + "argument": "DBClusterSnapshots[].Status" + }, + { + "expected": "failed", + "matcher": "pathAny", + "state": "failure", + "argument": "DBClusterSnapshots[].Status" + }, + { + "expected": "incompatible-restore", + "matcher": "pathAny", + "state": "failure", + "argument": "DBClusterSnapshots[].Status" + }, + { + "expected": "incompatible-parameters", + "matcher": "pathAny", + "state": "failure", + "argument": "DBClusterSnapshots[].Status" + } + ] + }, + "DBClusterSnapshotDeleted": { + "delay": 30, + "operation": "DescribeDBClusterSnapshots", + "maxAttempts": 60, + "acceptors": [ + { + "expected": true, + "matcher": "path", + "state": "success", + "argument": "length(DBClusterSnapshots) == `0`" + }, + { + "expected": "DBClusterSnapshotNotFoundFault", + "matcher": "error", + "state": "success" + }, + { + "expected": "creating", + "matcher": "pathAny", + "state": "failure", + "argument": "DBClusterSnapshots[].Status" + }, + { + "expected": "modifying", + "matcher": "pathAny", + "state": "failure", + "argument": "DBClusterSnapshots[].Status" + }, + { + "expected": "rebooting", + "matcher": "pathAny", + "state": "failure", + "argument": "DBClusterSnapshots[].Status" + }, + { + "expected": "resetting-master-credentials", + "matcher": "pathAny", + "state": "failure", + "argument": "DBClusterSnapshots[].Status" + } + ] } } } diff --git a/aws-sdk-core/apis/waf/2015-08-24/api-2.json b/aws-sdk-core/apis/waf/2015-08-24/api-2.json index 66458690a39..3fe00e78fd4 100644 --- a/aws-sdk-core/apis/waf/2015-08-24/api-2.json +++ b/aws-sdk-core/apis/waf/2015-08-24/api-2.json @@ -2885,7 +2885,7 @@ "RateLimit":{ "type":"long", "max":2000000000, - "min":2000 + "min":100 }, "RedactedFields":{ "type":"list", diff --git a/aws-sdk-core/apis/waf/2015-08-24/docs-2.json b/aws-sdk-core/apis/waf/2015-08-24/docs-2.json index f026be81488..1c3b5a8252b 100644 --- a/aws-sdk-core/apis/waf/2015-08-24/docs-2.json +++ b/aws-sdk-core/apis/waf/2015-08-24/docs-2.json @@ -62,7 +62,7 @@ "ListTagsForResource": null, "ListWebACLs": "Returns an array of WebACLSummary objects in the response.
", "ListXssMatchSets": "Returns an array of XssMatchSet objects.
", - "PutLoggingConfiguration": "Associates a LoggingConfiguration with a specified web ACL.
You can access information about all traffic that AWS WAF inspects using the following steps:
Create an Amazon Kinesis Data Firehose .
Create the data firehose with a PUT source and in the region that you are operating. However, if you are capturing logs for Amazon CloudFront, always create the firehose in US East (N. Virginia).
Do not create the data firehose using a Kinesis stream as your source.
Associate that firehose to your web ACL using a PutLoggingConfiguration request.
When you successfully enable logging using a PutLoggingConfiguration request, AWS WAF will create a service linked role with the necessary permissions to write logs to the Amazon Kinesis Data Firehose. For more information, see Logging Web ACL Traffic Information in the AWS WAF Developer Guide.
Associates a LoggingConfiguration with a specified web ACL.
You can access information about all traffic that AWS WAF inspects using the following steps:
Create an Amazon Kinesis Data Firehose.
Create the data firehose with a PUT source and in the region that you are operating. However, if you are capturing logs for Amazon CloudFront, always create the firehose in US East (N. Virginia).
Do not create the data firehose using a Kinesis stream as your source.
Associate that firehose to your web ACL using a PutLoggingConfiguration request.
When you successfully enable logging using a PutLoggingConfiguration request, AWS WAF will create a service linked role with the necessary permissions to write logs to the Amazon Kinesis Data Firehose. For more information, see Logging Web ACL Traffic Information in the AWS WAF Developer Guide.
Attaches a IAM policy to the specified resource. The only supported use for this action is to share a RuleGroup across accounts.
The PutPermissionPolicy is subject to the following restrictions:
You can attach only one policy with each PutPermissionPolicy request.
The policy must include an Effect, Action and Principal.
Effect must specify Allow.
The Action in the policy must be waf:UpdateWebACL, waf-regional:UpdateWebACL, waf:GetRuleGroup and waf-regional:GetRuleGroup . Any extra or wildcard actions in the policy will be rejected.
The policy cannot include a Resource parameter.
The ARN in the request must be a valid WAF RuleGroup ARN and the RuleGroup must exist in the same region.
The user making the request must be the owner of the RuleGroup.
Your policy must be composed using IAM Policy version 2012-10-17.
For more information, see IAM Policies.
An example of a valid policy parameter is shown in the Examples section below.
", "TagResource": null, "UntagResource": null, @@ -832,7 +832,7 @@ } }, "IPSet": { - "base": "Contains one or more IP addresses or blocks of IP addresses specified in Classless Inter-Domain Routing (CIDR) notation. AWS WAF supports IPv4 address ranges: /8 and any range between /16 through /32. AWS WAF supports IPv6 address ranges: /24, /32, /48, /56, /64, and /128.
To specify an individual IP address, you specify the four-part IP address followed by a /32, for example, 192.0.2.0/31. To block a range of IP addresses, you can specify /8 or any range between /16 through /32 (for IPv4) or /24, /32, /48, /56, /64, or /128 (for IPv6). For more information about CIDR notation, see the Wikipedia entry Classless Inter-Domain Routing.
Contains one or more IP addresses or blocks of IP addresses specified in Classless Inter-Domain Routing (CIDR) notation. AWS WAF supports IPv4 address ranges: /8 and any range between /16 through /32. AWS WAF supports IPv6 address ranges: /24, /32, /48, /56, /64, and /128.
To specify an individual IP address, you specify the four-part IP address followed by a /32, for example, 192.0.2.0/32. To block a range of IP addresses, you can specify /8 or any range between /16 through /32 (for IPv4) or /24, /32, /48, /56, /64, or /128 (for IPv6). For more information about CIDR notation, see the Wikipedia entry Classless Inter-Domain Routing.
The IPSet returned in the CreateIPSet response.
Information about the IPSet that you specified in the GetIPSet request. For more information, see the following topics:
IPSet: Contains IPSetDescriptors, IPSetId, and Name
IPSetDescriptors: Contains an array of IPSetDescriptor objects. Each IPSetDescriptor object contains Type and Value
The LoggingConfiguration for the specified web ACL.
", "LoggingConfigurations$member": null, - "PutLoggingConfigurationRequest$LoggingConfiguration": "The Amazon Kinesis Data Firehose that contains the inspected traffic information, the redacted fields details, and the Amazon Resource Name (ARN) of the web ACL to monitor.
", + "PutLoggingConfigurationRequest$LoggingConfiguration": "The Amazon Kinesis Data Firehose that contains the inspected traffic information, the redacted fields details, and the Amazon Resource Name (ARN) of the web ACL to monitor.
When specifying Type in RedactedFields, you must use one of the following values: URI, QUERY_STRING, HEADER, or METHOD.
The LoggingConfiguration that you submitted in the request.
" } }, @@ -1129,8 +1129,8 @@ "ListByteMatchSetsResponse$NextMarker": "If you have more ByteMatchSet objects than the number that you specified for Limit in the request, the response includes a NextMarker value. To list more ByteMatchSet objects, submit another ListByteMatchSets request, and specify the NextMarker value from the response in the NextMarker value in the next request.
If you specify a value for Limit and you have more GeoMatchSets than the value of Limit, AWS WAF returns a NextMarker value in the response that allows you to list another group of GeoMatchSet objects. For the second and subsequent ListGeoMatchSets requests, specify the value of NextMarker from the previous response to get information about another batch of GeoMatchSet objects.
If you have more GeoMatchSet objects than the number that you specified for Limit in the request, the response includes a NextMarker value. To list more GeoMatchSet objects, submit another ListGeoMatchSets request, and specify the NextMarker value from the response in the NextMarker value in the next request.
If you specify a value for Limit and you have more IPSets than the value of Limit, AWS WAF returns a NextMarker value in the response that allows you to list another group of IPSets. For the second and subsequent ListIPSets requests, specify the value of NextMarker from the previous response to get information about another batch of IPSets.
If you have more IPSet objects than the number that you specified for Limit in the request, the response includes a NextMarker value. To list more IPSet objects, submit another ListIPSets request, and specify the NextMarker value from the response in the NextMarker value in the next request.
AWS WAF returns a NextMarker value in the response that allows you to list another group of IPSets. For the second and subsequent ListIPSets requests, specify the value of NextMarker from the previous response to get information about another batch of IPSets.
To list more IPSet objects, submit another ListIPSets request, and in the next request use the NextMarker response value as the NextMarker value.
If you specify a value for Limit and you have more LoggingConfigurations than the value of Limit, AWS WAF returns a NextMarker value in the response that allows you to list another group of LoggingConfigurations. For the second and subsequent ListLoggingConfigurations requests, specify the value of NextMarker from the previous response to get information about another batch of ListLoggingConfigurations.
If you have more LoggingConfigurations than the number that you specified for Limit in the request, the response includes a NextMarker value. To list more LoggingConfigurations, submit another ListLoggingConfigurations request, and specify the NextMarker value from the response in the NextMarker value in the next request.
If you specify a value for Limit and you have more Rules than the value of Limit, AWS WAF returns a NextMarker value in the response that allows you to list another group of Rules. For the second and subsequent ListRateBasedRules requests, specify the value of NextMarker from the previous response to get information about another batch of Rules.