test and verified, safe to release

Author: aws-sdk-dotnet-automation

generator/ServiceModels/wafv2/wafv2-2019-07-29.api.json

@@ -1105,7 +1105,7 @@
     "AttributeValues":{
       "type":"list",
       "member":{"shape":"AttributeValue"},
-      "max":10,
+      "max":50,
       "min":1
     },
     "BlockAction":{
@@ -4336,7 +4336,8 @@
         "ChallengeConfig":{"shape":"ChallengeConfig"},
         "TokenDomains":{"shape":"TokenDomains"},
         "AssociationConfig":{"shape":"AssociationConfig"},
-        "OnSourceDDoSProtectionConfig":{"shape":"OnSourceDDoSProtectionConfig"}
+        "OnSourceDDoSProtectionConfig":{"shape":"OnSourceDDoSProtectionConfig"},
+        "ApplicationConfig":{"shape":"ApplicationConfig"}
       }
     },
     "UpdateWebACLResponse":{

generator/ServiceModels/wafv2/wafv2-2019-07-29.docs.json

@@ -195,6 +195,7 @@
       "base": "<p>A list of <code>ApplicationAttribute</code>s that contains information about the application.</p>",
       "refs": {
         "CreateWebACLRequest$ApplicationConfig": "<p>Configures the ability for the WAF console to store and retrieve application attributes during the web ACL creation process. Application attributes help WAF give recommendations for protection packs.</p>",
+        "UpdateWebACLRequest$ApplicationConfig": "<p>Configures the ability for the WAF console to store and retrieve application attributes. Application attributes help WAF give recommendations for protection packs.</p> <p>When using <code>UpdateWebACL</code>, <code>ApplicationConfig</code> follows these rules:</p> <ul> <li> <p>If you omit <code>ApplicationConfig</code> from the request, all existing entries in the web ACL are retained.</p> </li> <li> <p>If you include <code>ApplicationConfig</code>, entries must match the existing values exactly. Any attempt to modify existing entries will result in an error.</p> </li> </ul>",
         "WebACL$ApplicationConfig": "<p>Returns a list of <code>ApplicationAttribute</code>s.</p>"
       }
     },
@@ -774,7 +775,7 @@
         "RegexPatternSet$Name": "<p>The name of the set. You cannot change the name after you create the set.</p>",
         "RegexPatternSetSummary$Name": "<p>The name of the data type instance. You cannot change the name after you create the instance.</p>",
         "Rule$Name": "<p>The name of the rule. </p> <p>If you change the name of a <code>Rule</code> after you create it and you want the rule's metric name to reflect the change, update the metric name in the rule's <code>VisibilityConfig</code> settings. WAF doesn't automatically update the metric name when you update the rule name. </p>",
-        "RuleActionOverride$Name": "<p>The name of the rule to override.</p> <note> <p>Take care to verify the rule names in your overrides. If you provide a rule name that doesn't match the name of any rule in the rule group, WAF doesn't return an error and doesn't apply the override setting.</p> </note>",
+        "RuleActionOverride$Name": "<p>The name of the rule to override.</p> <note> <p>Verify the rule names in your overrides carefully. With managed rule groups, WAF silently ignores any override that uses an invalid rule name. With customer-owned rule groups, invalid rule names in your overrides will cause web ACL updates to fail. An invalid rule name is any name that doesn't exactly match the case-sensitive name of an existing rule in the rule group.</p> </note>",
         "RuleGroup$Name": "<p>The name of the rule group. You cannot change the name of a rule group after you create it.</p>",
         "RuleGroupSummary$Name": "<p>The name of the data type instance. You cannot change the name after you create the instance.</p>",
         "RuleSummary$Name": "<p>The name of the rule. </p>",
@@ -2271,7 +2272,7 @@
       }
     },
     "RuleActionOverride": {
-      "base": "<p>Action setting to use in the place of a rule action that is configured inside the rule group. You specify one override for each rule whose action you want to change. </p> <note> <p>Take care to verify the rule names in your overrides. If you provide a rule name that doesn't match the name of any rule in the rule group, WAF doesn't return an error and doesn't apply the override setting.</p> </note> <p>You can use overrides for testing, for example you can override all of rule actions to <code>Count</code> and then monitor the resulting count metrics to understand how the rule group would handle your web traffic. You can also permanently override some or all actions, to modify how the rule group manages your web traffic.</p>",
+      "base": "<p>Action setting to use in the place of a rule action that is configured inside the rule group. You specify one override for each rule whose action you want to change. </p> <note> <p>Verify the rule names in your overrides carefully. With managed rule groups, WAF silently ignores any override that uses an invalid rule name. With customer-owned rule groups, invalid rule names in your overrides will cause web ACL updates to fail. An invalid rule name is any name that doesn't exactly match the case-sensitive name of an existing rule in the rule group.</p> </note> <p>You can use overrides for testing, for example you can override all of rule actions to <code>Count</code> and then monitor the resulting count metrics to understand how the rule group would handle your web traffic. You can also permanently override some or all actions, to modify how the rule group manages your web traffic.</p>",
       "refs": {
         "RuleActionOverrides$member": null
       }

generator/ServiceModels/wafv2/wafv2-2019-07-29.endpoint-tests.json

@@ -754,17 +754,6 @@
                 "UseDualStack": true
             }
         },
-        {
-            "documentation": "For region us-iso-east-1 with FIPS enabled and DualStack enabled",
-            "expect": {
-                "error": "FIPS and DualStack are enabled, but this partition does not support one or both"
-            },
-            "params": {
-                "Region": "us-iso-east-1",
-                "UseFIPS": true,
-                "UseDualStack": true
-            }
-        },
         {
             "documentation": "For region us-iso-east-1 with FIPS enabled and DualStack disabled",
             "expect": {
@@ -778,17 +767,6 @@
                 "UseDualStack": false
             }
         },
-        {
-            "documentation": "For region us-iso-east-1 with FIPS disabled and DualStack enabled",
-            "expect": {
-                "error": "DualStack is enabled but this partition does not support DualStack"
-            },
-            "params": {
-                "Region": "us-iso-east-1",
-                "UseFIPS": false,
-                "UseDualStack": true
-            }
-        },
         {
             "documentation": "For region us-iso-east-1 with FIPS disabled and DualStack disabled",
             "expect": {
@@ -802,17 +780,6 @@
                 "UseDualStack": false
             }
         },
-        {
-            "documentation": "For region us-isob-east-1 with FIPS enabled and DualStack enabled",
-            "expect": {
-                "error": "FIPS and DualStack are enabled, but this partition does not support one or both"
-            },
-            "params": {
-                "Region": "us-isob-east-1",
-                "UseFIPS": true,
-                "UseDualStack": true
-            }
-        },
         {
             "documentation": "For region us-isob-east-1 with FIPS enabled and DualStack disabled",
             "expect": {
@@ -826,17 +793,6 @@
                 "UseDualStack": false
             }
         },
-        {
-            "documentation": "For region us-isob-east-1 with FIPS disabled and DualStack enabled",
-            "expect": {
-                "error": "DualStack is enabled but this partition does not support DualStack"
-            },
-            "params": {
-                "Region": "us-isob-east-1",
-                "UseFIPS": false,
-                "UseDualStack": true
-            }
-        },
         {
             "documentation": "For region us-isob-east-1 with FIPS disabled and DualStack disabled",
             "expect": {

generator/ServiceModels/wafv2/wafv2-2019-07-29.normal.json

@@ -1261,7 +1261,7 @@
     "AttributeValues":{
       "type":"list",
       "member":{"shape":"AttributeValue"},
-      "max":10,
+      "max":50,
       "min":1
     },
     "BlockAction":{
@@ -5584,14 +5584,14 @@
       "members":{
         "Name":{
           "shape":"EntityName",
-          "documentation":"<p>The name of the rule to override.</p> <note> <p>Take care to verify the rule names in your overrides. If you provide a rule name that doesn't match the name of any rule in the rule group, WAF doesn't return an error and doesn't apply the override setting.</p> </note>"
+          "documentation":"<p>The name of the rule to override.</p> <note> <p>Verify the rule names in your overrides carefully. With managed rule groups, WAF silently ignores any override that uses an invalid rule name. With customer-owned rule groups, invalid rule names in your overrides will cause web ACL updates to fail. An invalid rule name is any name that doesn't exactly match the case-sensitive name of an existing rule in the rule group.</p> </note>"
         },
         "ActionToUse":{
           "shape":"RuleAction",
           "documentation":"<p>The override action to use, in place of the configured action of the rule in the rule group. </p>"
         }
       },
-      "documentation":"<p>Action setting to use in the place of a rule action that is configured inside the rule group. You specify one override for each rule whose action you want to change. </p> <note> <p>Take care to verify the rule names in your overrides. If you provide a rule name that doesn't match the name of any rule in the rule group, WAF doesn't return an error and doesn't apply the override setting.</p> </note> <p>You can use overrides for testing, for example you can override all of rule actions to <code>Count</code> and then monitor the resulting count metrics to understand how the rule group would handle your web traffic. You can also permanently override some or all actions, to modify how the rule group manages your web traffic.</p>"
+      "documentation":"<p>Action setting to use in the place of a rule action that is configured inside the rule group. You specify one override for each rule whose action you want to change. </p> <note> <p>Verify the rule names in your overrides carefully. With managed rule groups, WAF silently ignores any override that uses an invalid rule name. With customer-owned rule groups, invalid rule names in your overrides will cause web ACL updates to fail. An invalid rule name is any name that doesn't exactly match the case-sensitive name of an existing rule in the rule group.</p> </note> <p>You can use overrides for testing, for example you can override all of rule actions to <code>Count</code> and then monitor the resulting count metrics to understand how the rule group would handle your web traffic. You can also permanently override some or all actions, to modify how the rule group manages your web traffic.</p>"
     },
     "RuleActionOverrides":{
       "type":"list",
@@ -6450,6 +6450,10 @@
         "OnSourceDDoSProtectionConfig":{
           "shape":"OnSourceDDoSProtectionConfig",
           "documentation":"<p>Specifies the type of DDoS protection to apply to web request data for a web ACL. For most scenarios, it is recommended to use the default protection level, <code>ACTIVE_UNDER_DDOS</code>. If a web ACL is associated with multiple Application Load Balancers, the changes you make to DDoS protection in that web ACL will apply to all associated Application Load Balancers.</p>"
+        },
+        "ApplicationConfig":{
+          "shape":"ApplicationConfig",
+          "documentation":"<p>Configures the ability for the WAF console to store and retrieve application attributes. Application attributes help WAF give recommendations for protection packs.</p> <p>When using <code>UpdateWebACL</code>, <code>ApplicationConfig</code> follows these rules:</p> <ul> <li> <p>If you omit <code>ApplicationConfig</code> from the request, all existing entries in the web ACL are retained.</p> </li> <li> <p>If you include <code>ApplicationConfig</code>, entries must match the existing values exactly. Any attempt to modify existing entries will result in an error.</p> </li> </ul>"
         }
       }
     },

sdk/src/Services/WAFV2/Generated/Model/ApplicationAttribute.cs

@@ -63,7 +63,7 @@ internal bool IsSetName()
         /// Specifies the attribute value.
         /// </para>
         /// </summary>
-        [AWSProperty(Min=1, Max=10)]
+        [AWSProperty(Min=1, Max=50)]
         public List<string> Values
         {
             get { return this._values; }

sdk/src/Services/WAFV2/Generated/Model/Internal/MarshallTransformations/UpdateWebACLRequestMarshaller.cs

@@ -69,6 +69,17 @@ public IRequest Marshall(UpdateWebACLRequest publicRequest)
                 writer.Validate = false;
                 writer.WriteObjectStart();
                 var context = new JsonMarshallerContext(request, writer);
+                if(publicRequest.IsSetApplicationConfig())
+                {
+                    context.Writer.WritePropertyName("ApplicationConfig");
+                    context.Writer.WriteObjectStart();
+
+                    var marshaller = ApplicationConfigMarshaller.Instance;
+                    marshaller.Marshall(publicRequest.ApplicationConfig, context);
+
+                    context.Writer.WriteObjectEnd();
+                }
+
                 if(publicRequest.IsSetAssociationConfig())
                 {
                     context.Writer.WritePropertyName("AssociationConfig");

sdk/src/Services/WAFV2/Generated/Model/RuleActionOverride.cs

@@ -36,9 +36,11 @@ namespace Amazon.WAFV2.Model
     /// 
     ///  <note> 
     /// <para>
-    /// Take care to verify the rule names in your overrides. If you provide a rule name that
-    /// doesn't match the name of any rule in the rule group, WAF doesn't return an error
-    /// and doesn't apply the override setting.
+    /// Verify the rule names in your overrides carefully. With managed rule groups, WAF silently
+    /// ignores any override that uses an invalid rule name. With customer-owned rule groups,
+    /// invalid rule names in your overrides will cause web ACL updates to fail. An invalid
+    /// rule name is any name that doesn't exactly match the case-sensitive name of an existing
+    /// rule in the rule group.
     /// </para>
     ///  </note> 
     /// <para>
@@ -80,9 +82,11 @@ internal bool IsSetActionToUse()
         /// </para>
         ///  <note> 
         /// <para>
-        /// Take care to verify the rule names in your overrides. If you provide a rule name that
-        /// doesn't match the name of any rule in the rule group, WAF doesn't return an error
-        /// and doesn't apply the override setting.
+        /// Verify the rule names in your overrides carefully. With managed rule groups, WAF silently
+        /// ignores any override that uses an invalid rule name. With customer-owned rule groups,
+        /// invalid rule names in your overrides will cause web ACL updates to fail. An invalid
+        /// rule name is any name that doesn't exactly match the case-sensitive name of an existing
+        /// rule in the rule group.
         /// </para>
         ///  </note>
         /// </summary>

sdk/src/Services/WAFV2/Generated/Model/UpdateWebACLRequest.cs

@@ -107,6 +107,7 @@ namespace Amazon.WAFV2.Model
     /// </summary>
     public partial class UpdateWebACLRequest : AmazonWAFV2Request
     {
+        private ApplicationConfig _applicationConfig;
         private AssociationConfig _associationConfig;
         private CaptchaConfig _captchaConfig;
         private ChallengeConfig _challengeConfig;
@@ -123,6 +124,40 @@ public partial class UpdateWebACLRequest : AmazonWAFV2Request
         private List<string> _tokenDomains = AWSConfigs.InitializeCollections ? new List<string>() : null;
         private VisibilityConfig _visibilityConfig;
 
+        /// <summary>
+        /// Gets and sets the property ApplicationConfig. 
+        /// <para>
+        /// Configures the ability for the WAF console to store and retrieve application attributes.
+        /// Application attributes help WAF give recommendations for protection packs.
+        /// </para>
+        ///  
+        /// <para>
+        /// When using <c>UpdateWebACL</c>, <c>ApplicationConfig</c> follows these rules:
+        /// </para>
+        ///  <ul> <li> 
+        /// <para>
+        /// If you omit <c>ApplicationConfig</c> from the request, all existing entries in the
+        /// web ACL are retained.
+        /// </para>
+        ///  </li> <li> 
+        /// <para>
+        /// If you include <c>ApplicationConfig</c>, entries must match the existing values exactly.
+        /// Any attempt to modify existing entries will result in an error.
+        /// </para>
+        ///  </li> </ul>
+        /// </summary>
+        public ApplicationConfig ApplicationConfig
+        {
+            get { return this._applicationConfig; }
+            set { this._applicationConfig = value; }
+        }
+
+        // Check to see if ApplicationConfig property is set
+        internal bool IsSetApplicationConfig()
+        {
+            return this._applicationConfig != null;
+        }
+
         /// <summary>
         /// Gets and sets the property AssociationConfig. 
         /// <para>