AWS cli documentation change
Summary
Added documentation for new --application-config parameter to configure application attributes for protection pack recommendations
Security assessment
Introduces documentation for a feature related to security recommendations (protection packs), but does not address a specific vulnerability or security incident.
Diff
diff --git a/cli/latest/reference/wafv2/update-web-acl.md b/cli/latest/reference/wafv2/update-web-acl.md index 72f9fd24b..865fa0379 100644 --- a//cli/latest/reference/wafv2/update-web-acl.md +++ b//cli/latest/reference/wafv2/update-web-acl.md @@ -15 +15 @@ - * [AWS CLI 2.28.15 Command Reference](../../index.html) » + * [AWS CLI 2.28.16 Command Reference](../../index.html) » @@ -109,0 +110 @@ See also: [AWS API Documentation](https://docs.aws.amazon.com/goto/WebAPI/wafv2- + [--application-config <value>] @@ -1933 +1934 @@ JSON Syntax: ->>>>>> Take care to verify the rule names in your overrides. If you provide a rule name that doesn’t match the name of any rule in the rule group, WAF doesn’t return an error and doesn’t apply the override setting. +>>>>>> Verify the rule names in your overrides carefully. With managed rule groups, WAF silently ignores any override that uses an invalid rule name. With customer-owned rule groups, invalid rule names in your overrides will cause web ACL updates to fail. An invalid rule name is any name that doesn’t exactly match the case-sensitive name of an existing rule in the rule group. @@ -1943 +1944 @@ JSON Syntax: ->>>>>>> Take care to verify the rule names in your overrides. If you provide a rule name that doesn’t match the name of any rule in the rule group, WAF doesn’t return an error and doesn’t apply the override setting. +>>>>>>> Verify the rule names in your overrides carefully. With managed rule groups, WAF silently ignores any override that uses an invalid rule name. With customer-owned rule groups, invalid rule names in your overrides will cause web ACL updates to fail. An invalid rule name is any name that doesn’t exactly match the case-sensitive name of an existing rule in the rule group. @@ -4262 +4263 @@ JSON Syntax: ->>>>>>>> Take care to verify the rule names in your overrides. If you provide a rule name that doesn’t match the name of any rule in the rule group, WAF doesn’t return an error and doesn’t apply the override setting. +>>>>>>>> Verify the rule names in your overrides carefully. With managed rule groups, WAF silently ignores any override that uses an invalid rule name. With customer-owned rule groups, invalid rule names in your overrides will cause web ACL updates to fail. An invalid rule name is any name that doesn’t exactly match the case-sensitive name of an existing rule in the rule group. @@ -4272 +4273 @@ JSON Syntax: ->>>>>>>>> Take care to verify the rule names in your overrides. If you provide a rule name that doesn’t match the name of any rule in the rule group, WAF doesn’t return an error and doesn’t apply the override setting. +>>>>>>>>> Verify the rule names in your overrides carefully. With managed rule groups, WAF silently ignores any override that uses an invalid rule name. With customer-owned rule groups, invalid rule names in your overrides will cause web ACL updates to fail. An invalid rule name is any name that doesn’t exactly match the case-sensitive name of an existing rule in the rule group. @@ -5866 +5867 @@ JSON Syntax: ->>>>>>>> Take care to verify the rule names in your overrides. If you provide a rule name that doesn’t match the name of any rule in the rule group, WAF doesn’t return an error and doesn’t apply the override setting. +>>>>>>>> Verify the rule names in your overrides carefully. With managed rule groups, WAF silently ignores any override that uses an invalid rule name. With customer-owned rule groups, invalid rule names in your overrides will cause web ACL updates to fail. An invalid rule name is any name that doesn’t exactly match the case-sensitive name of an existing rule in the rule group. @@ -5876 +5877 @@ JSON Syntax: ->>>>>>>>> Take care to verify the rule names in your overrides. If you provide a rule name that doesn’t match the name of any rule in the rule group, WAF doesn’t return an error and doesn’t apply the override setting. +>>>>>>>>> Verify the rule names in your overrides carefully. With managed rule groups, WAF silently ignores any override that uses an invalid rule name. With customer-owned rule groups, invalid rule names in your overrides will cause web ACL updates to fail. An invalid rule name is any name that doesn’t exactly match the case-sensitive name of an existing rule in the rule group. @@ -8349 +8350 @@ JSON Syntax: ->>>>>>>>> Take care to verify the rule names in your overrides. If you provide a rule name that doesn’t match the name of any rule in the rule group, WAF doesn’t return an error and doesn’t apply the override setting. +>>>>>>>>> Verify the rule names in your overrides carefully. With managed rule groups, WAF silently ignores any override that uses an invalid rule name. With customer-owned rule groups, invalid rule names in your overrides will cause web ACL updates to fail. An invalid rule name is any name that doesn’t exactly match the case-sensitive name of an existing rule in the rule group. @@ -8359 +8360 @@ JSON Syntax: ->>>>>>>>>> Take care to verify the rule names in your overrides. If you provide a rule name that doesn’t match the name of any rule in the rule group, WAF doesn’t return an error and doesn’t apply the override setting. +>>>>>>>>>> Verify the rule names in your overrides carefully. With managed rule groups, WAF silently ignores any override that uses an invalid rule name. With customer-owned rule groups, invalid rule names in your overrides will cause web ACL updates to fail. An invalid rule name is any name that doesn’t exactly match the case-sensitive name of an existing rule in the rule group. @@ -9953 +9954 @@ JSON Syntax: ->>>>>>>>> Take care to verify the rule names in your overrides. If you provide a rule name that doesn’t match the name of any rule in the rule group, WAF doesn’t return an error and doesn’t apply the override setting. +>>>>>>>>> Verify the rule names in your overrides carefully. With managed rule groups, WAF silently ignores any override that uses an invalid rule name. With customer-owned rule groups, invalid rule names in your overrides will cause web ACL updates to fail. An invalid rule name is any name that doesn’t exactly match the case-sensitive name of an existing rule in the rule group. @@ -9963 +9964 @@ JSON Syntax: ->>>>>>>>>> Take care to verify the rule names in your overrides. If you provide a rule name that doesn’t match the name of any rule in the rule group, WAF doesn’t return an error and doesn’t apply the override setting. +>>>>>>>>>> Verify the rule names in your overrides carefully. With managed rule groups, WAF silently ignores any override that uses an invalid rule name. With customer-owned rule groups, invalid rule names in your overrides will cause web ACL updates to fail. An invalid rule name is any name that doesn’t exactly match the case-sensitive name of an existing rule in the rule group. @@ -12215 +12216 @@ JSON Syntax: ->>>>>>>>> Take care to verify the rule names in your overrides. If you provide a rule name that doesn’t match the name of any rule in the rule group, WAF doesn’t return an error and doesn’t apply the override setting. +>>>>>>>>> Verify the rule names in your overrides carefully. With managed rule groups, WAF silently ignores any override that uses an invalid rule name. With customer-owned rule groups, invalid rule names in your overrides will cause web ACL updates to fail. An invalid rule name is any name that doesn’t exactly match the case-sensitive name of an existing rule in the rule group. @@ -12225 +12226 @@ JSON Syntax: ->>>>>>>>>> Take care to verify the rule names in your overrides. If you provide a rule name that doesn’t match the name of any rule in the rule group, WAF doesn’t return an error and doesn’t apply the override setting. +>>>>>>>>>> Verify the rule names in your overrides carefully. With managed rule groups, WAF silently ignores any override that uses an invalid rule name. With customer-owned rule groups, invalid rule names in your overrides will cause web ACL updates to fail. An invalid rule name is any name that doesn’t exactly match the case-sensitive name of an existing rule in the rule group. @@ -13819 +13820 @@ JSON Syntax: ->>>>>>>>> Take care to verify the rule names in your overrides. If you provide a rule name that doesn’t match the name of any rule in the rule group, WAF doesn’t return an error and doesn’t apply the override setting. +>>>>>>>>> Verify the rule names in your overrides carefully. With managed rule groups, WAF silently ignores any override that uses an invalid rule name. With customer-owned rule groups, invalid rule names in your overrides will cause web ACL updates to fail. An invalid rule name is any name that doesn’t exactly match the case-sensitive name of an existing rule in the rule group. @@ -13829 +13830 @@ JSON Syntax: ->>>>>>>>>> Take care to verify the rule names in your overrides. If you provide a rule name that doesn’t match the name of any rule in the rule group, WAF doesn’t return an error and doesn’t apply the override setting. +>>>>>>>>>> Verify the rule names in your overrides carefully. With managed rule groups, WAF silently ignores any override that uses an invalid rule name. With customer-owned rule groups, invalid rule names in your overrides will cause web ACL updates to fail. An invalid rule name is any name that doesn’t exactly match the case-sensitive name of an existing rule in the rule group. @@ -16075 +16076 @@ JSON Syntax: ->>>>>>>> Take care to verify the rule names in your overrides. If you provide a rule name that doesn’t match the name of any rule in the rule group, WAF doesn’t return an error and doesn’t apply the override setting. +>>>>>>>> Verify the rule names in your overrides carefully. With managed rule groups, WAF silently ignores any override that uses an invalid rule name. With customer-owned rule groups, invalid rule names in your overrides will cause web ACL updates to fail. An invalid rule name is any name that doesn’t exactly match the case-sensitive name of an existing rule in the rule group. @@ -16085 +16086 @@ JSON Syntax: ->>>>>>>>> Take care to verify the rule names in your overrides. If you provide a rule name that doesn’t match the name of any rule in the rule group, WAF doesn’t return an error and doesn’t apply the override setting. +>>>>>>>>> Verify the rule names in your overrides carefully. With managed rule groups, WAF silently ignores any override that uses an invalid rule name. With customer-owned rule groups, invalid rule names in your overrides will cause web ACL updates to fail. An invalid rule name is any name that doesn’t exactly match the case-sensitive name of an existing rule in the rule group. @@ -17679 +17680 @@ JSON Syntax: ->>>>>>>> Take care to verify the rule names in your overrides. If you provide a rule name that doesn’t match the name of any rule in the rule group, WAF doesn’t return an error and doesn’t apply the override setting. +>>>>>>>> Verify the rule names in your overrides carefully. With managed rule groups, WAF silently ignores any override that uses an invalid rule name. With customer-owned rule groups, invalid rule names in your overrides will cause web ACL updates to fail. An invalid rule name is any name that doesn’t exactly match the case-sensitive name of an existing rule in the rule group. @@ -17689 +17690 @@ JSON Syntax: ->>>>>>>>> Take care to verify the rule names in your overrides. If you provide a rule name that doesn’t match the name of any rule in the rule group, WAF doesn’t return an error and doesn’t apply the override setting. +>>>>>>>>> Verify the rule names in your overrides carefully. With managed rule groups, WAF silently ignores any override that uses an invalid rule name. With customer-owned rule groups, invalid rule names in your overrides will cause web ACL updates to fail. An invalid rule name is any name that doesn’t exactly match the case-sensitive name of an existing rule in the rule group. @@ -19973 +19974 @@ JSON Syntax: ->>>>>>>> Take care to verify the rule names in your overrides. If you provide a rule name that doesn’t match the name of any rule in the rule group, WAF doesn’t return an error and doesn’t apply the override setting. +>>>>>>>> Verify the rule names in your overrides carefully. With managed rule groups, WAF silently ignores any override that uses an invalid rule name. With customer-owned rule groups, invalid rule names in your overrides will cause web ACL updates to fail. An invalid rule name is any name that doesn’t exactly match the case-sensitive name of an existing rule in the rule group. @@ -19983 +19984 @@ JSON Syntax: ->>>>>>>>> Take care to verify the rule names in your overrides. If you provide a rule name that doesn’t match the name of any rule in the rule group, WAF doesn’t return an error and doesn’t apply the override setting. +>>>>>>>>> Verify the rule names in your overrides carefully. With managed rule groups, WAF silently ignores any override that uses an invalid rule name. With customer-owned rule groups, invalid rule names in your overrides will cause web ACL updates to fail. An invalid rule name is any name that doesn’t exactly match the case-sensitive name of an existing rule in the rule group. @@ -21577 +21578 @@ JSON Syntax: ->>>>>>>> Take care to verify the rule names in your overrides. If you provide a rule name that doesn’t match the name of any rule in the rule group, WAF doesn’t return an error and doesn’t apply the override setting. +>>>>>>>> Verify the rule names in your overrides carefully. With managed rule groups, WAF silently ignores any override that uses an invalid rule name. With customer-owned rule groups, invalid rule names in your overrides will cause web ACL updates to fail. An invalid rule name is any name that doesn’t exactly match the case-sensitive name of an existing rule in the rule group. @@ -21587 +21588 @@ JSON Syntax: ->>>>>>>>> Take care to verify the rule names in your overrides. If you provide a rule name that doesn’t match the name of any rule in the rule group, WAF doesn’t return an error and doesn’t apply the override setting. +>>>>>>>>> Verify the rule names in your overrides carefully. With managed rule groups, WAF silently ignores any override that uses an invalid rule name. With customer-owned rule groups, invalid rule names in your overrides will cause web ACL updates to fail. An invalid rule name is any name that doesn’t exactly match the case-sensitive name of an existing rule in the rule group. @@ -22815 +22816 @@ JSON Syntax: ->>>>>> Take care to verify the rule names in your overrides. If you provide a rule name that doesn’t match the name of any rule in the rule group, WAF doesn’t return an error and doesn’t apply the override setting. +>>>>>> Verify the rule names in your overrides carefully. With managed rule groups, WAF silently ignores any override that uses an invalid rule name. With customer-owned rule groups, invalid rule names in your overrides will cause web ACL updates to fail. An invalid rule name is any name that doesn’t exactly match the case-sensitive name of an existing rule in the rule group. @@ -22825 +22826 @@ JSON Syntax: ->>>>>>> Take care to verify the rule names in your overrides. If you provide a rule name that doesn’t match the name of any rule in the rule group, WAF doesn’t return an error and doesn’t apply the override setting. +>>>>>>> Verify the rule names in your overrides carefully. With managed rule groups, WAF silently ignores any override that uses an invalid rule name. With customer-owned rule groups, invalid rule names in your overrides will cause web ACL updates to fail. An invalid rule name is any name that doesn’t exactly match the case-sensitive name of an existing rule in the rule group. @@ -29308,0 +29310,43 @@ JSON Syntax: +`--application-config` (structure) + +> Configures the ability for the WAF console to store and retrieve application attributes. Application attributes help WAF give recommendations for protection packs. +> +> When using `UpdateWebACL` , `ApplicationConfig` follows these rules: +> +> * If you omit `ApplicationConfig` from the request, all existing entries in the web ACL are retained. +> * If you include `ApplicationConfig` , entries must match the existing values exactly. Any attempt to modify existing entries will result in an error. +> + +> +> Attributes -> (list) +> +>> Contains the attribute name and a list of values for that attribute. +>> +>> (structure) +>> +>>> Application details defined during the web ACL creation process. Application attributes help WAF give recommendations for protection packs. +>>> +>>> Name -> (string) +>>> +>>>> Specifies the attribute name. +>>> +>>> Values -> (list) +>>> +>>>> Specifies the attribute value. +>>>> +>>>> (string) + +JSON Syntax: + + + { + "Attributes": [ + { + "Name": "string", + "Values": ["string", ...] + } + ... + ] + } + + @@ -29456 +29500 @@ NextLockToken -> (string) - * [AWS CLI 2.28.15 Command Reference](../../index.html) » + * [AWS CLI 2.28.16 Command Reference](../../index.html) »