Skip to content

Update Rule Group

wafv2_update_rule_group R Documentation

Updates the specified RuleGroup

Description

Updates the specified RuleGroup.

This operation completely replaces the mutable specifications that you already have for the rule group with the ones that you provide to this call.

To modify a rule group, do the following:

  1. Retrieve it by calling get_rule_group

  2. Update its settings as needed

  3. Provide the complete rule group specification to this call

A rule group defines a collection of rules to inspect and control web requests that you can use in a WebACL. When you create a rule group, you define an immutable capacity limit. If you update a rule group, you must stay within the capacity. This allows others to reuse the rule group with confidence in its capacity requirements.

Temporary inconsistencies during updates

When you create or change a web ACL or other WAF resources, the changes take a small amount of time to propagate to all areas where the resources are stored. The propagation time can be from a few seconds to a number of minutes.

The following are examples of the temporary inconsistencies that you might notice during change propagation:

  • After you create a web ACL, if you try to associate it with a resource, you might get an exception indicating that the web ACL is unavailable.

  • After you add a rule group to a web ACL, the new rule group rules might be in effect in one area where the web ACL is used and not in another.

  • After you change a rule action setting, you might see the old action in some places and the new action in others.

  • After you add an IP address to an IP set that is in use in a blocking rule, the new address might be blocked in one area while still allowed in another.

Usage

wafv2_update_rule_group(Name, Scope, Id, Description, Rules,
  VisibilityConfig, LockToken, CustomResponseBodies)

Arguments

Name

[required] The name of the rule group. You cannot change the name of a rule group after you create it.

Scope

[required] Specifies whether this is for a global resource type, such as a Amazon CloudFront distribution. For an Amplify application, use CLOUDFRONT.

To work with CloudFront, you must also specify the Region US East (N. Virginia) as follows:

  • CLI - Specify the Region when you use the CloudFront scope: --scope=CLOUDFRONT --region=us-east-1.

  • API and SDKs - For all calls, use the Region endpoint us-east-1.

Id

[required] A unique identifier for the rule group. This ID is returned in the responses to create and list commands. You provide it to operations like update and delete.

Description

A description of the rule group that helps with identification.

Rules

The Rule statements used to identify the web requests that you want to manage. Each rule includes one top-level statement that WAF uses to identify matching web requests, and parameters that govern how WAF handles them.

VisibilityConfig

[required] Defines and enables Amazon CloudWatch metrics and web request sample collection.

LockToken

[required] A token used for optimistic locking. WAF returns a token to your get and list requests, to mark the state of the entity at the time of the request. To make changes to the entity associated with the token, you provide the token to operations like update and delete. WAF uses the token to ensure that no changes have been made to the entity since you last retrieved it. If a change has been made, the update fails with a WAFOptimisticLockException. If this happens, perform another get, and use the new token returned by that operation.

CustomResponseBodies

A map of custom response keys and content bodies. When you create a rule with a block action, you can send a custom response to the web request. You define these for the rule group, and then use them in the rules that you define in the rule group.

For information about customizing web requests and responses, see Customizing web requests and responses in WAF in the WAF Developer Guide.

For information about the limits on count and size for custom request and response settings, see WAF quotas in the WAF Developer Guide.

Value

A list with the following syntax:

list(
  NextLockToken = "string"
)

Request syntax

svc$update_rule_group(
  Name = "string",
  Scope = "CLOUDFRONT"|"REGIONAL",
  Id = "string",
  Description = "string",
  Rules = list(
    list(
      Name = "string",
      Priority = 123,
      Statement = list(
        ByteMatchStatement = list(
          SearchString = raw,
          FieldToMatch = list(
            SingleHeader = list(
              Name = "string"
            ),
            SingleQueryArgument = list(
              Name = "string"
            ),
            AllQueryArguments = list(),
            UriPath = list(),
            QueryString = list(),
            Body = list(
              OversizeHandling = "CONTINUE"|"MATCH"|"NO_MATCH"
            ),
            Method = list(),
            JsonBody = list(
              MatchPattern = list(
                All = list(),
                IncludedPaths = list(
                  "string"
                )
              ),
              MatchScope = "ALL"|"KEY"|"VALUE",
              InvalidFallbackBehavior = "MATCH"|"NO_MATCH"|"EVALUATE_AS_STRING",
              OversizeHandling = "CONTINUE"|"MATCH"|"NO_MATCH"
            ),
            Headers = list(
              MatchPattern = list(
                All = list(),
                IncludedHeaders = list(
                  "string"
                ),
                ExcludedHeaders = list(
                  "string"
                )
              ),
              MatchScope = "ALL"|"KEY"|"VALUE",
              OversizeHandling = "CONTINUE"|"MATCH"|"NO_MATCH"
            ),
            Cookies = list(
              MatchPattern = list(
                All = list(),
                IncludedCookies = list(
                  "string"
                ),
                ExcludedCookies = list(
                  "string"
                )
              ),
              MatchScope = "ALL"|"KEY"|"VALUE",
              OversizeHandling = "CONTINUE"|"MATCH"|"NO_MATCH"
            ),
            HeaderOrder = list(
              OversizeHandling = "CONTINUE"|"MATCH"|"NO_MATCH"
            ),
            JA3Fingerprint = list(
              FallbackBehavior = "MATCH"|"NO_MATCH"
            ),
            JA4Fingerprint = list(
              FallbackBehavior = "MATCH"|"NO_MATCH"
            ),
            UriFragment = list(
              FallbackBehavior = "MATCH"|"NO_MATCH"
            )
          ),
          TextTransformations = list(
            list(
              Priority = 123,
              Type = "NONE"|"COMPRESS_WHITE_SPACE"|"HTML_ENTITY_DECODE"|"LOWERCASE"|"CMD_LINE"|"URL_DECODE"|"BASE64_DECODE"|"HEX_DECODE"|"MD5"|"REPLACE_COMMENTS"|"ESCAPE_SEQ_DECODE"|"SQL_HEX_DECODE"|"CSS_DECODE"|"JS_DECODE"|"NORMALIZE_PATH"|"NORMALIZE_PATH_WIN"|"REMOVE_NULLS"|"REPLACE_NULLS"|"BASE64_DECODE_EXT"|"URL_DECODE_UNI"|"UTF8_TO_UNICODE"
            )
          ),
          PositionalConstraint = "EXACTLY"|"STARTS_WITH"|"ENDS_WITH"|"CONTAINS"|"CONTAINS_WORD"
        ),
        SqliMatchStatement = list(
          FieldToMatch = list(
            SingleHeader = list(
              Name = "string"
            ),
            SingleQueryArgument = list(
              Name = "string"
            ),
            AllQueryArguments = list(),
            UriPath = list(),
            QueryString = list(),
            Body = list(
              OversizeHandling = "CONTINUE"|"MATCH"|"NO_MATCH"
            ),
            Method = list(),
            JsonBody = list(
              MatchPattern = list(
                All = list(),
                IncludedPaths = list(
                  "string"
                )
              ),
              MatchScope = "ALL"|"KEY"|"VALUE",
              InvalidFallbackBehavior = "MATCH"|"NO_MATCH"|"EVALUATE_AS_STRING",
              OversizeHandling = "CONTINUE"|"MATCH"|"NO_MATCH"
            ),
            Headers = list(
              MatchPattern = list(
                All = list(),
                IncludedHeaders = list(
                  "string"
                ),
                ExcludedHeaders = list(
                  "string"
                )
              ),
              MatchScope = "ALL"|"KEY"|"VALUE",
              OversizeHandling = "CONTINUE"|"MATCH"|"NO_MATCH"
            ),
            Cookies = list(
              MatchPattern = list(
                All = list(),
                IncludedCookies = list(
                  "string"
                ),
                ExcludedCookies = list(
                  "string"
                )
              ),
              MatchScope = "ALL"|"KEY"|"VALUE",
              OversizeHandling = "CONTINUE"|"MATCH"|"NO_MATCH"
            ),
            HeaderOrder = list(
              OversizeHandling = "CONTINUE"|"MATCH"|"NO_MATCH"
            ),
            JA3Fingerprint = list(
              FallbackBehavior = "MATCH"|"NO_MATCH"
            ),
            JA4Fingerprint = list(
              FallbackBehavior = "MATCH"|"NO_MATCH"
            ),
            UriFragment = list(
              FallbackBehavior = "MATCH"|"NO_MATCH"
            )
          ),
          TextTransformations = list(
            list(
              Priority = 123,
              Type = "NONE"|"COMPRESS_WHITE_SPACE"|"HTML_ENTITY_DECODE"|"LOWERCASE"|"CMD_LINE"|"URL_DECODE"|"BASE64_DECODE"|"HEX_DECODE"|"MD5"|"REPLACE_COMMENTS"|"ESCAPE_SEQ_DECODE"|"SQL_HEX_DECODE"|"CSS_DECODE"|"JS_DECODE"|"NORMALIZE_PATH"|"NORMALIZE_PATH_WIN"|"REMOVE_NULLS"|"REPLACE_NULLS"|"BASE64_DECODE_EXT"|"URL_DECODE_UNI"|"UTF8_TO_UNICODE"
            )
          ),
          SensitivityLevel = "LOW"|"HIGH"
        ),
        XssMatchStatement = list(
          FieldToMatch = list(
            SingleHeader = list(
              Name = "string"
            ),
            SingleQueryArgument = list(
              Name = "string"
            ),
            AllQueryArguments = list(),
            UriPath = list(),
            QueryString = list(),
            Body = list(
              OversizeHandling = "CONTINUE"|"MATCH"|"NO_MATCH"
            ),
            Method = list(),
            JsonBody = list(
              MatchPattern = list(
                All = list(),
                IncludedPaths = list(
                  "string"
                )
              ),
              MatchScope = "ALL"|"KEY"|"VALUE",
              InvalidFallbackBehavior = "MATCH"|"NO_MATCH"|"EVALUATE_AS_STRING",
              OversizeHandling = "CONTINUE"|"MATCH"|"NO_MATCH"
            ),
            Headers = list(
              MatchPattern = list(
                All = list(),
                IncludedHeaders = list(
                  "string"
                ),
                ExcludedHeaders = list(
                  "string"
                )
              ),
              MatchScope = "ALL"|"KEY"|"VALUE",
              OversizeHandling = "CONTINUE"|"MATCH"|"NO_MATCH"
            ),
            Cookies = list(
              MatchPattern = list(
                All = list(),
                IncludedCookies = list(
                  "string"
                ),
                ExcludedCookies = list(
                  "string"
                )
              ),
              MatchScope = "ALL"|"KEY"|"VALUE",
              OversizeHandling = "CONTINUE"|"MATCH"|"NO_MATCH"
            ),
            HeaderOrder = list(
              OversizeHandling = "CONTINUE"|"MATCH"|"NO_MATCH"
            ),
            JA3Fingerprint = list(
              FallbackBehavior = "MATCH"|"NO_MATCH"
            ),
            JA4Fingerprint = list(
              FallbackBehavior = "MATCH"|"NO_MATCH"
            ),
            UriFragment = list(
              FallbackBehavior = "MATCH"|"NO_MATCH"
            )
          ),
          TextTransformations = list(
            list(
              Priority = 123,
              Type = "NONE"|"COMPRESS_WHITE_SPACE"|"HTML_ENTITY_DECODE"|"LOWERCASE"|"CMD_LINE"|"URL_DECODE"|"BASE64_DECODE"|"HEX_DECODE"|"MD5"|"REPLACE_COMMENTS"|"ESCAPE_SEQ_DECODE"|"SQL_HEX_DECODE"|"CSS_DECODE"|"JS_DECODE"|"NORMALIZE_PATH"|"NORMALIZE_PATH_WIN"|"REMOVE_NULLS"|"REPLACE_NULLS"|"BASE64_DECODE_EXT"|"URL_DECODE_UNI"|"UTF8_TO_UNICODE"
            )
          )
        ),
        SizeConstraintStatement = list(
          FieldToMatch = list(
            SingleHeader = list(
              Name = "string"
            ),
            SingleQueryArgument = list(
              Name = "string"
            ),
            AllQueryArguments = list(),
            UriPath = list(),
            QueryString = list(),
            Body = list(
              OversizeHandling = "CONTINUE"|"MATCH"|"NO_MATCH"
            ),
            Method = list(),
            JsonBody = list(
              MatchPattern = list(
                All = list(),
                IncludedPaths = list(
                  "string"
                )
              ),
              MatchScope = "ALL"|"KEY"|"VALUE",
              InvalidFallbackBehavior = "MATCH"|"NO_MATCH"|"EVALUATE_AS_STRING",
              OversizeHandling = "CONTINUE"|"MATCH"|"NO_MATCH"
            ),
            Headers = list(
              MatchPattern = list(
                All = list(),
                IncludedHeaders = list(
                  "string"
                ),
                ExcludedHeaders = list(
                  "string"
                )
              ),
              MatchScope = "ALL"|"KEY"|"VALUE",
              OversizeHandling = "CONTINUE"|"MATCH"|"NO_MATCH"
            ),
            Cookies = list(
              MatchPattern = list(
                All = list(),
                IncludedCookies = list(
                  "string"
                ),
                ExcludedCookies = list(
                  "string"
                )
              ),
              MatchScope = "ALL"|"KEY"|"VALUE",
              OversizeHandling = "CONTINUE"|"MATCH"|"NO_MATCH"
            ),
            HeaderOrder = list(
              OversizeHandling = "CONTINUE"|"MATCH"|"NO_MATCH"
            ),
            JA3Fingerprint = list(
              FallbackBehavior = "MATCH"|"NO_MATCH"
            ),
            JA4Fingerprint = list(
              FallbackBehavior = "MATCH"|"NO_MATCH"
            ),
            UriFragment = list(
              FallbackBehavior = "MATCH"|"NO_MATCH"
            )
          ),
          ComparisonOperator = "EQ"|"NE"|"LE"|"LT"|"GE"|"GT",
          Size = 123,
          TextTransformations = list(
            list(
              Priority = 123,
              Type = "NONE"|"COMPRESS_WHITE_SPACE"|"HTML_ENTITY_DECODE"|"LOWERCASE"|"CMD_LINE"|"URL_DECODE"|"BASE64_DECODE"|"HEX_DECODE"|"MD5"|"REPLACE_COMMENTS"|"ESCAPE_SEQ_DECODE"|"SQL_HEX_DECODE"|"CSS_DECODE"|"JS_DECODE"|"NORMALIZE_PATH"|"NORMALIZE_PATH_WIN"|"REMOVE_NULLS"|"REPLACE_NULLS"|"BASE64_DECODE_EXT"|"URL_DECODE_UNI"|"UTF8_TO_UNICODE"
            )
          )
        ),
        GeoMatchStatement = list(
          CountryCodes = list(
            "AF"|"AX"|"AL"|"DZ"|"AS"|"AD"|"AO"|"AI"|"AQ"|"AG"|"AR"|"AM"|"AW"|"AU"|"AT"|"AZ"|"BS"|"BH"|"BD"|"BB"|"BY"|"BE"|"BZ"|"BJ"|"BM"|"BT"|"BO"|"BQ"|"BA"|"BW"|"BV"|"BR"|"IO"|"BN"|"BG"|"BF"|"BI"|"KH"|"CM"|"CA"|"CV"|"KY"|"CF"|"TD"|"CL"|"CN"|"CX"|"CC"|"CO"|"KM"|"CG"|"CD"|"CK"|"CR"|"CI"|"HR"|"CU"|"CW"|"CY"|"CZ"|"DK"|"DJ"|"DM"|"DO"|"EC"|"EG"|"SV"|"GQ"|"ER"|"EE"|"ET"|"FK"|"FO"|"FJ"|"FI"|"FR"|"GF"|"PF"|"TF"|"GA"|"GM"|"GE"|"DE"|"GH"|"GI"|"GR"|"GL"|"GD"|"GP"|"GU"|"GT"|"GG"|"GN"|"GW"|"GY"|"HT"|"HM"|"VA"|"HN"|"HK"|"HU"|"IS"|"IN"|"ID"|"IR"|"IQ"|"IE"|"IM"|"IL"|"IT"|"JM"|"JP"|"JE"|"JO"|"KZ"|"KE"|"KI"|"KP"|"KR"|"KW"|"KG"|"LA"|"LV"|"LB"|"LS"|"LR"|"LY"|"LI"|"LT"|"LU"|"MO"|"MK"|"MG"|"MW"|"MY"|"MV"|"ML"|"MT"|"MH"|"MQ"|"MR"|"MU"|"YT"|"MX"|"FM"|"MD"|"MC"|"MN"|"ME"|"MS"|"MA"|"MZ"|"MM"|"NA"|"NR"|"NP"|"NL"|"NC"|"NZ"|"NI"|"NE"|"NG"|"NU"|"NF"|"MP"|"NO"|"OM"|"PK"|"PW"|"PS"|"PA"|"PG"|"PY"|"PE"|"PH"|"PN"|"PL"|"PT"|"PR"|"QA"|"RE"|"RO"|"RU"|"RW"|"BL"|"SH"|"KN"|"LC"|"MF"|"PM"|"VC"|"WS"|"SM"|"ST"|"SA"|"SN"|"RS"|"SC"|"SL"|"SG"|"SX"|"SK"|"SI"|"SB"|"SO"|"ZA"|"GS"|"SS"|"ES"|"LK"|"SD"|"SR"|"SJ"|"SZ"|"SE"|"CH"|"SY"|"TW"|"TJ"|"TZ"|"TH"|"TL"|"TG"|"TK"|"TO"|"TT"|"TN"|"TR"|"TM"|"TC"|"TV"|"UG"|"UA"|"AE"|"GB"|"US"|"UM"|"UY"|"UZ"|"VU"|"VE"|"VN"|"VG"|"VI"|"WF"|"EH"|"YE"|"ZM"|"ZW"|"XK"
          ),
          ForwardedIPConfig = list(
            HeaderName = "string",
            FallbackBehavior = "MATCH"|"NO_MATCH"
          )
        ),
        RuleGroupReferenceStatement = list(
          ARN = "string",
          ExcludedRules = list(
            list(
              Name = "string"
            )
          ),
          RuleActionOverrides = list(
            list(
              Name = "string",
              ActionToUse = list(
                Block = list(
                  CustomResponse = list(
                    ResponseCode = 123,
                    CustomResponseBodyKey = "string",
                    ResponseHeaders = list(
                      list(
                        Name = "string",
                        Value = "string"
                      )
                    )
                  )
                ),
                Allow = list(
                  CustomRequestHandling = list(
                    InsertHeaders = list(
                      list(
                        Name = "string",
                        Value = "string"
                      )
                    )
                  )
                ),
                Count = list(
                  CustomRequestHandling = list(
                    InsertHeaders = list(
                      list(
                        Name = "string",
                        Value = "string"
                      )
                    )
                  )
                ),
                Captcha = list(
                  CustomRequestHandling = list(
                    InsertHeaders = list(
                      list(
                        Name = "string",
                        Value = "string"
                      )
                    )
                  )
                ),
                Challenge = list(
                  CustomRequestHandling = list(
                    InsertHeaders = list(
                      list(
                        Name = "string",
                        Value = "string"
                      )
                    )
                  )
                )
              )
            )
          )
        ),
        IPSetReferenceStatement = list(
          ARN = "string",
          IPSetForwardedIPConfig = list(
            HeaderName = "string",
            FallbackBehavior = "MATCH"|"NO_MATCH",
            Position = "FIRST"|"LAST"|"ANY"
          )
        ),
        RegexPatternSetReferenceStatement = list(
          ARN = "string",
          FieldToMatch = list(
            SingleHeader = list(
              Name = "string"
            ),
            SingleQueryArgument = list(
              Name = "string"
            ),
            AllQueryArguments = list(),
            UriPath = list(),
            QueryString = list(),
            Body = list(
              OversizeHandling = "CONTINUE"|"MATCH"|"NO_MATCH"
            ),
            Method = list(),
            JsonBody = list(
              MatchPattern = list(
                All = list(),
                IncludedPaths = list(
                  "string"
                )
              ),
              MatchScope = "ALL"|"KEY"|"VALUE",
              InvalidFallbackBehavior = "MATCH"|"NO_MATCH"|"EVALUATE_AS_STRING",
              OversizeHandling = "CONTINUE"|"MATCH"|"NO_MATCH"
            ),
            Headers = list(
              MatchPattern = list(
                All = list(),
                IncludedHeaders = list(
                  "string"
                ),
                ExcludedHeaders = list(
                  "string"
                )
              ),
              MatchScope = "ALL"|"KEY"|"VALUE",
              OversizeHandling = "CONTINUE"|"MATCH"|"NO_MATCH"
            ),
            Cookies = list(
              MatchPattern = list(
                All = list(),
                IncludedCookies = list(
                  "string"
                ),
                ExcludedCookies = list(
                  "string"
                )
              ),
              MatchScope = "ALL"|"KEY"|"VALUE",
              OversizeHandling = "CONTINUE"|"MATCH"|"NO_MATCH"
            ),
            HeaderOrder = list(
              OversizeHandling = "CONTINUE"|"MATCH"|"NO_MATCH"
            ),
            JA3Fingerprint = list(
              FallbackBehavior = "MATCH"|"NO_MATCH"
            ),
            JA4Fingerprint = list(
              FallbackBehavior = "MATCH"|"NO_MATCH"
            ),
            UriFragment = list(
              FallbackBehavior = "MATCH"|"NO_MATCH"
            )
          ),
          TextTransformations = list(
            list(
              Priority = 123,
              Type = "NONE"|"COMPRESS_WHITE_SPACE"|"HTML_ENTITY_DECODE"|"LOWERCASE"|"CMD_LINE"|"URL_DECODE"|"BASE64_DECODE"|"HEX_DECODE"|"MD5"|"REPLACE_COMMENTS"|"ESCAPE_SEQ_DECODE"|"SQL_HEX_DECODE"|"CSS_DECODE"|"JS_DECODE"|"NORMALIZE_PATH"|"NORMALIZE_PATH_WIN"|"REMOVE_NULLS"|"REPLACE_NULLS"|"BASE64_DECODE_EXT"|"URL_DECODE_UNI"|"UTF8_TO_UNICODE"
            )
          )
        ),
        RateBasedStatement = list(
          Limit = 123,
          EvaluationWindowSec = 123,
          AggregateKeyType = "IP"|"FORWARDED_IP"|"CUSTOM_KEYS"|"CONSTANT",
          ScopeDownStatement = list(),
          ForwardedIPConfig = list(
            HeaderName = "string",
            FallbackBehavior = "MATCH"|"NO_MATCH"
          ),
          CustomKeys = list(
            list(
              Header = list(
                Name = "string",
                TextTransformations = list(
                  list(
                    Priority = 123,
                    Type = "NONE"|"COMPRESS_WHITE_SPACE"|"HTML_ENTITY_DECODE"|"LOWERCASE"|"CMD_LINE"|"URL_DECODE"|"BASE64_DECODE"|"HEX_DECODE"|"MD5"|"REPLACE_COMMENTS"|"ESCAPE_SEQ_DECODE"|"SQL_HEX_DECODE"|"CSS_DECODE"|"JS_DECODE"|"NORMALIZE_PATH"|"NORMALIZE_PATH_WIN"|"REMOVE_NULLS"|"REPLACE_NULLS"|"BASE64_DECODE_EXT"|"URL_DECODE_UNI"|"UTF8_TO_UNICODE"
                  )
                )
              ),
              Cookie = list(
                Name = "string",
                TextTransformations = list(
                  list(
                    Priority = 123,
                    Type = "NONE"|"COMPRESS_WHITE_SPACE"|"HTML_ENTITY_DECODE"|"LOWERCASE"|"CMD_LINE"|"URL_DECODE"|"BASE64_DECODE"|"HEX_DECODE"|"MD5"|"REPLACE_COMMENTS"|"ESCAPE_SEQ_DECODE"|"SQL_HEX_DECODE"|"CSS_DECODE"|"JS_DECODE"|"NORMALIZE_PATH"|"NORMALIZE_PATH_WIN"|"REMOVE_NULLS"|"REPLACE_NULLS"|"BASE64_DECODE_EXT"|"URL_DECODE_UNI"|"UTF8_TO_UNICODE"
                  )
                )
              ),
              QueryArgument = list(
                Name = "string",
                TextTransformations = list(
                  list(
                    Priority = 123,
                    Type = "NONE"|"COMPRESS_WHITE_SPACE"|"HTML_ENTITY_DECODE"|"LOWERCASE"|"CMD_LINE"|"URL_DECODE"|"BASE64_DECODE"|"HEX_DECODE"|"MD5"|"REPLACE_COMMENTS"|"ESCAPE_SEQ_DECODE"|"SQL_HEX_DECODE"|"CSS_DECODE"|"JS_DECODE"|"NORMALIZE_PATH"|"NORMALIZE_PATH_WIN"|"REMOVE_NULLS"|"REPLACE_NULLS"|"BASE64_DECODE_EXT"|"URL_DECODE_UNI"|"UTF8_TO_UNICODE"
                  )
                )
              ),
              QueryString = list(
                TextTransformations = list(
                  list(
                    Priority = 123,
                    Type = "NONE"|"COMPRESS_WHITE_SPACE"|"HTML_ENTITY_DECODE"|"LOWERCASE"|"CMD_LINE"|"URL_DECODE"|"BASE64_DECODE"|"HEX_DECODE"|"MD5"|"REPLACE_COMMENTS"|"ESCAPE_SEQ_DECODE"|"SQL_HEX_DECODE"|"CSS_DECODE"|"JS_DECODE"|"NORMALIZE_PATH"|"NORMALIZE_PATH_WIN"|"REMOVE_NULLS"|"REPLACE_NULLS"|"BASE64_DECODE_EXT"|"URL_DECODE_UNI"|"UTF8_TO_UNICODE"
                  )
                )
              ),
              HTTPMethod = list(),
              ForwardedIP = list(),
              IP = list(),
              LabelNamespace = list(
                Namespace = "string"
              ),
              UriPath = list(
                TextTransformations = list(
                  list(
                    Priority = 123,
                    Type = "NONE"|"COMPRESS_WHITE_SPACE"|"HTML_ENTITY_DECODE"|"LOWERCASE"|"CMD_LINE"|"URL_DECODE"|"BASE64_DECODE"|"HEX_DECODE"|"MD5"|"REPLACE_COMMENTS"|"ESCAPE_SEQ_DECODE"|"SQL_HEX_DECODE"|"CSS_DECODE"|"JS_DECODE"|"NORMALIZE_PATH"|"NORMALIZE_PATH_WIN"|"REMOVE_NULLS"|"REPLACE_NULLS"|"BASE64_DECODE_EXT"|"URL_DECODE_UNI"|"UTF8_TO_UNICODE"
                  )
                )
              ),
              JA3Fingerprint = list(
                FallbackBehavior = "MATCH"|"NO_MATCH"
              ),
              JA4Fingerprint = list(
                FallbackBehavior = "MATCH"|"NO_MATCH"
              )
            )
          )
        ),
        AndStatement = list(
          Statements = list(
            list()
          )
        ),
        OrStatement = list(
          Statements = list(
            list()
          )
        ),
        NotStatement = list(
          Statement = list()
        ),
        ManagedRuleGroupStatement = list(
          VendorName = "string",
          Name = "string",
          Version = "string",
          ExcludedRules = list(
            list(
              Name = "string"
            )
          ),
          ScopeDownStatement = list(),
          ManagedRuleGroupConfigs = list(
            list(
              LoginPath = "string",
              PayloadType = "JSON"|"FORM_ENCODED",
              UsernameField = list(
                Identifier = "string"
              ),
              PasswordField = list(
                Identifier = "string"
              ),
              AWSManagedRulesBotControlRuleSet = list(
                InspectionLevel = "COMMON"|"TARGETED",
                EnableMachineLearning = TRUE|FALSE
              ),
              AWSManagedRulesATPRuleSet = list(
                LoginPath = "string",
                RequestInspection = list(
                  PayloadType = "JSON"|"FORM_ENCODED",
                  UsernameField = list(
                    Identifier = "string"
                  ),
                  PasswordField = list(
                    Identifier = "string"
                  )
                ),
                ResponseInspection = list(
                  StatusCode = list(
                    SuccessCodes = list(
                      123
                    ),
                    FailureCodes = list(
                      123
                    )
                  ),
                  Header = list(
                    Name = "string",
                    SuccessValues = list(
                      "string"
                    ),
                    FailureValues = list(
                      "string"
                    )
                  ),
                  BodyContains = list(
                    SuccessStrings = list(
                      "string"
                    ),
                    FailureStrings = list(
                      "string"
                    )
                  ),
                  Json = list(
                    Identifier = "string",
                    SuccessValues = list(
                      "string"
                    ),
                    FailureValues = list(
                      "string"
                    )
                  )
                ),
                EnableRegexInPath = TRUE|FALSE
              ),
              AWSManagedRulesACFPRuleSet = list(
                CreationPath = "string",
                RegistrationPagePath = "string",
                RequestInspection = list(
                  PayloadType = "JSON"|"FORM_ENCODED",
                  UsernameField = list(
                    Identifier = "string"
                  ),
                  PasswordField = list(
                    Identifier = "string"
                  ),
                  EmailField = list(
                    Identifier = "string"
                  ),
                  PhoneNumberFields = list(
                    list(
                      Identifier = "string"
                    )
                  ),
                  AddressFields = list(
                    list(
                      Identifier = "string"
                    )
                  )
                ),
                ResponseInspection = list(
                  StatusCode = list(
                    SuccessCodes = list(
                      123
                    ),
                    FailureCodes = list(
                      123
                    )
                  ),
                  Header = list(
                    Name = "string",
                    SuccessValues = list(
                      "string"
                    ),
                    FailureValues = list(
                      "string"
                    )
                  ),
                  BodyContains = list(
                    SuccessStrings = list(
                      "string"
                    ),
                    FailureStrings = list(
                      "string"
                    )
                  ),
                  Json = list(
                    Identifier = "string",
                    SuccessValues = list(
                      "string"
                    ),
                    FailureValues = list(
                      "string"
                    )
                  )
                ),
                EnableRegexInPath = TRUE|FALSE
              )
            )
          ),
          RuleActionOverrides = list(
            list(
              Name = "string",
              ActionToUse = list(
                Block = list(
                  CustomResponse = list(
                    ResponseCode = 123,
                    CustomResponseBodyKey = "string",
                    ResponseHeaders = list(
                      list(
                        Name = "string",
                        Value = "string"
                      )
                    )
                  )
                ),
                Allow = list(
                  CustomRequestHandling = list(
                    InsertHeaders = list(
                      list(
                        Name = "string",
                        Value = "string"
                      )
                    )
                  )
                ),
                Count = list(
                  CustomRequestHandling = list(
                    InsertHeaders = list(
                      list(
                        Name = "string",
                        Value = "string"
                      )
                    )
                  )
                ),
                Captcha = list(
                  CustomRequestHandling = list(
                    InsertHeaders = list(
                      list(
                        Name = "string",
                        Value = "string"
                      )
                    )
                  )
                ),
                Challenge = list(
                  CustomRequestHandling = list(
                    InsertHeaders = list(
                      list(
                        Name = "string",
                        Value = "string"
                      )
                    )
                  )
                )
              )
            )
          )
        ),
        LabelMatchStatement = list(
          Scope = "LABEL"|"NAMESPACE",
          Key = "string"
        ),
        RegexMatchStatement = list(
          RegexString = "string",
          FieldToMatch = list(
            SingleHeader = list(
              Name = "string"
            ),
            SingleQueryArgument = list(
              Name = "string"
            ),
            AllQueryArguments = list(),
            UriPath = list(),
            QueryString = list(),
            Body = list(
              OversizeHandling = "CONTINUE"|"MATCH"|"NO_MATCH"
            ),
            Method = list(),
            JsonBody = list(
              MatchPattern = list(
                All = list(),
                IncludedPaths = list(
                  "string"
                )
              ),
              MatchScope = "ALL"|"KEY"|"VALUE",
              InvalidFallbackBehavior = "MATCH"|"NO_MATCH"|"EVALUATE_AS_STRING",
              OversizeHandling = "CONTINUE"|"MATCH"|"NO_MATCH"
            ),
            Headers = list(
              MatchPattern = list(
                All = list(),
                IncludedHeaders = list(
                  "string"
                ),
                ExcludedHeaders = list(
                  "string"
                )
              ),
              MatchScope = "ALL"|"KEY"|"VALUE",
              OversizeHandling = "CONTINUE"|"MATCH"|"NO_MATCH"
            ),
            Cookies = list(
              MatchPattern = list(
                All = list(),
                IncludedCookies = list(
                  "string"
                ),
                ExcludedCookies = list(
                  "string"
                )
              ),
              MatchScope = "ALL"|"KEY"|"VALUE",
              OversizeHandling = "CONTINUE"|"MATCH"|"NO_MATCH"
            ),
            HeaderOrder = list(
              OversizeHandling = "CONTINUE"|"MATCH"|"NO_MATCH"
            ),
            JA3Fingerprint = list(
              FallbackBehavior = "MATCH"|"NO_MATCH"
            ),
            JA4Fingerprint = list(
              FallbackBehavior = "MATCH"|"NO_MATCH"
            ),
            UriFragment = list(
              FallbackBehavior = "MATCH"|"NO_MATCH"
            )
          ),
          TextTransformations = list(
            list(
              Priority = 123,
              Type = "NONE"|"COMPRESS_WHITE_SPACE"|"HTML_ENTITY_DECODE"|"LOWERCASE"|"CMD_LINE"|"URL_DECODE"|"BASE64_DECODE"|"HEX_DECODE"|"MD5"|"REPLACE_COMMENTS"|"ESCAPE_SEQ_DECODE"|"SQL_HEX_DECODE"|"CSS_DECODE"|"JS_DECODE"|"NORMALIZE_PATH"|"NORMALIZE_PATH_WIN"|"REMOVE_NULLS"|"REPLACE_NULLS"|"BASE64_DECODE_EXT"|"URL_DECODE_UNI"|"UTF8_TO_UNICODE"
            )
          )
        )
      ),
      Action = list(
        Block = list(
          CustomResponse = list(
            ResponseCode = 123,
            CustomResponseBodyKey = "string",
            ResponseHeaders = list(
              list(
                Name = "string",
                Value = "string"
              )
            )
          )
        ),
        Allow = list(
          CustomRequestHandling = list(
            InsertHeaders = list(
              list(
                Name = "string",
                Value = "string"
              )
            )
          )
        ),
        Count = list(
          CustomRequestHandling = list(
            InsertHeaders = list(
              list(
                Name = "string",
                Value = "string"
              )
            )
          )
        ),
        Captcha = list(
          CustomRequestHandling = list(
            InsertHeaders = list(
              list(
                Name = "string",
                Value = "string"
              )
            )
          )
        ),
        Challenge = list(
          CustomRequestHandling = list(
            InsertHeaders = list(
              list(
                Name = "string",
                Value = "string"
              )
            )
          )
        )
      ),
      OverrideAction = list(
        Count = list(
          CustomRequestHandling = list(
            InsertHeaders = list(
              list(
                Name = "string",
                Value = "string"
              )
            )
          )
        ),
        None = list()
      ),
      RuleLabels = list(
        list(
          Name = "string"
        )
      ),
      VisibilityConfig = list(
        SampledRequestsEnabled = TRUE|FALSE,
        CloudWatchMetricsEnabled = TRUE|FALSE,
        MetricName = "string"
      ),
      CaptchaConfig = list(
        ImmunityTimeProperty = list(
          ImmunityTime = 123
        )
      ),
      ChallengeConfig = list(
        ImmunityTimeProperty = list(
          ImmunityTime = 123
        )
      )
    )
  ),
  VisibilityConfig = list(
    SampledRequestsEnabled = TRUE|FALSE,
    CloudWatchMetricsEnabled = TRUE|FALSE,
    MetricName = "string"
  ),
  LockToken = "string",
  CustomResponseBodies = list(
    list(
      ContentType = "TEXT_PLAIN"|"TEXT_HTML"|"APPLICATION_JSON",
      Content = "string"
    )
  )
)