func ExampleWAF_UpdateIPSet() {
svc := waf.New(session.New())
params := &waf.UpdateIPSetInput{
ChangeToken: aws.String("ChangeToken"), // Required
IPSetId: aws.String("ResourceId"), // Required
Updates: []*waf.IPSetUpdate{ // Required
{ // Required
Action: aws.String("ChangeAction"), // Required
IPSetDescriptor: &waf.IPSetDescriptor{ // Required
Type: aws.String("IPSetDescriptorType"), // Required
Value: aws.String("IPSetDescriptorValue"), // Required
},
},
// More values...
},
}
resp, err := svc.UpdateIPSet(params)
if err != nil {
// Print the error, cast err to awserr.Error to get the Code and
// Message from an error.
fmt.Println(err.Error())
return
}
// Pretty-print the response data.
fmt.Println(resp)
}
func ExampleWAF_UpdateByteMatchSet() {
svc := waf.New(nil)
params := &waf.UpdateByteMatchSetInput{
ByteMatchSetId: aws.String("ResourceId"), // Required
ChangeToken: aws.String("ChangeToken"), // Required
Updates: []*waf.ByteMatchSetUpdate{ // Required
{ // Required
Action: aws.String("ChangeAction"), // Required
ByteMatchTuple: &waf.ByteMatchTuple{ // Required
FieldToMatch: &waf.FieldToMatch{ // Required
Type: aws.String("MatchFieldType"), // Required
Data: aws.String("MatchFieldData"),
},
PositionalConstraint: aws.String("PositionalConstraint"), // Required
TargetString: []byte("PAYLOAD"), // Required
TextTransformation: aws.String("TextTransformation"), // Required
},
},
// More values...
},
}
resp, err := svc.UpdateByteMatchSet(params)
if err != nil {
// Print the error, cast err to awserr.Error to get the Code and
// Message from an error.
fmt.Println(err.Error())
return
}
// Pretty-print the response data.
fmt.Println(resp)
}
func ExampleWAF_UpdateRule() {
svc := waf.New(session.New())
params := &waf.UpdateRuleInput{
ChangeToken: aws.String("ChangeToken"), // Required
RuleId: aws.String("ResourceId"), // Required
Updates: []*waf.RuleUpdate{ // Required
{ // Required
Action: aws.String("ChangeAction"), // Required
Predicate: &waf.Predicate{ // Required
DataId: aws.String("ResourceId"), // Required
Negated: aws.Bool(true), // Required
Type: aws.String("PredicateType"), // Required
},
},
// More values...
},
}
resp, err := svc.UpdateRule(params)
if err != nil {
// Print the error, cast err to awserr.Error to get the Code and
// Message from an error.
fmt.Println(err.Error())
return
}
// Pretty-print the response data.
fmt.Println(resp)
}
func ExampleWAF_CreateSizeConstraintSet() {
sess, err := session.NewSession()
if err != nil {
fmt.Println("failed to create session,", err)
return
}
svc := waf.New(sess)
params := &waf.CreateSizeConstraintSetInput{
ChangeToken: aws.String("ChangeToken"), // Required
Name: aws.String("ResourceName"), // Required
}
resp, err := svc.CreateSizeConstraintSet(params)
if err != nil {
// Print the error, cast err to awserr.Error to get the Code and
// Message from an error.
fmt.Println(err.Error())
return
}
// Pretty-print the response data.
fmt.Println(resp)
}
func ExampleWAF_UpdateWebACL() {
svc := waf.New(session.New())
params := &waf.UpdateWebACLInput{
ChangeToken: aws.String("ChangeToken"), // Required
WebACLId: aws.String("ResourceId"), // Required
DefaultAction: &waf.WafAction{
Type: aws.String("WafActionType"), // Required
},
Updates: []*waf.WebACLUpdate{
{ // Required
Action: aws.String("ChangeAction"), // Required
ActivatedRule: &waf.ActivatedRule{ // Required
Action: &waf.WafAction{ // Required
Type: aws.String("WafActionType"), // Required
},
Priority: aws.Int64(1), // Required
RuleId: aws.String("ResourceId"), // Required
},
},
// More values...
},
}
resp, err := svc.UpdateWebACL(params)
if err != nil {
// Print the error, cast err to awserr.Error to get the Code and
// Message from an error.
fmt.Println(err.Error())
return
}
// Pretty-print the response data.
fmt.Println(resp)
}
func ExampleWAF_ListXssMatchSets() {
sess, err := session.NewSession()
if err != nil {
fmt.Println("failed to create session,", err)
return
}
svc := waf.New(sess)
params := &waf.ListXssMatchSetsInput{
Limit: aws.Int64(1), // Required
NextMarker: aws.String("NextMarker"),
}
resp, err := svc.ListXssMatchSets(params)
if err != nil {
// Print the error, cast err to awserr.Error to get the Code and
// Message from an error.
fmt.Println(err.Error())
return
}
// Pretty-print the response data.
fmt.Println(resp)
}
func ExampleWAF_GetSampledRequests() {
sess, err := session.NewSession()
if err != nil {
fmt.Println("failed to create session,", err)
return
}
svc := waf.New(sess)
params := &waf.GetSampledRequestsInput{
MaxItems: aws.Int64(1), // Required
RuleId: aws.String("ResourceId"), // Required
TimeWindow: &waf.TimeWindow{ // Required
EndTime: aws.Time(time.Now()), // Required
StartTime: aws.Time(time.Now()), // Required
},
WebAclId: aws.String("ResourceId"), // Required
}
resp, err := svc.GetSampledRequests(params)
if err != nil {
// Print the error, cast err to awserr.Error to get the Code and
// Message from an error.
fmt.Println(err.Error())
return
}
// Pretty-print the response data.
fmt.Println(resp)
}
func ExampleWAF_CreateWebACL() {
sess, err := session.NewSession()
if err != nil {
fmt.Println("failed to create session,", err)
return
}
svc := waf.New(sess)
params := &waf.CreateWebACLInput{
ChangeToken: aws.String("ChangeToken"), // Required
DefaultAction: &waf.WafAction{ // Required
Type: aws.String("WafActionType"), // Required
},
MetricName: aws.String("MetricName"), // Required
Name: aws.String("ResourceName"), // Required
}
resp, err := svc.CreateWebACL(params)
if err != nil {
// Print the error, cast err to awserr.Error to get the Code and
// Message from an error.
fmt.Println(err.Error())
return
}
// Pretty-print the response data.
fmt.Println(resp)
}
func ExampleWAF_UpdateXssMatchSet() {
svc := waf.New(session.New())
params := &waf.UpdateXssMatchSetInput{
ChangeToken: aws.String("ChangeToken"), // Required
Updates: []*waf.XssMatchSetUpdate{ // Required
{ // Required
Action: aws.String("ChangeAction"), // Required
XssMatchTuple: &waf.XssMatchTuple{ // Required
FieldToMatch: &waf.FieldToMatch{ // Required
Type: aws.String("MatchFieldType"), // Required
Data: aws.String("MatchFieldData"),
},
TextTransformation: aws.String("TextTransformation"), // Required
},
},
// More values...
},
XssMatchSetId: aws.String("ResourceId"), // Required
}
resp, err := svc.UpdateXssMatchSet(params)
if err != nil {
// Print the error, cast err to awserr.Error to get the Code and
// Message from an error.
fmt.Println(err.Error())
return
}
// Pretty-print the response data.
fmt.Println(resp)
}
func ExampleWAF_GetChangeToken() {
svc := waf.New(session.New())
var params *waf.GetChangeTokenInput
resp, err := svc.GetChangeToken(params)
if err != nil {
// Print the error, cast err to awserr.Error to get the Code and
// Message from an error.
fmt.Println(err.Error())
return
}
// Pretty-print the response data.
fmt.Println(resp)
}
func ExampleWAF_GetXssMatchSet() {
svc := waf.New(session.New())
params := &waf.GetXssMatchSetInput{
XssMatchSetId: aws.String("ResourceId"), // Required
}
resp, err := svc.GetXssMatchSet(params)
if err != nil {
// Print the error, cast err to awserr.Error to get the Code and
// Message from an error.
fmt.Println(err.Error())
return
}
// Pretty-print the response data.
fmt.Println(resp)
}
func ExampleWAF_GetChangeTokenStatus() {
svc := waf.New(session.New())
params := &waf.GetChangeTokenStatusInput{
ChangeToken: aws.String("ChangeToken"), // Required
}
resp, err := svc.GetChangeTokenStatus(params)
if err != nil {
// Print the error, cast err to awserr.Error to get the Code and
// Message from an error.
fmt.Println(err.Error())
return
}
// Pretty-print the response data.
fmt.Println(resp)
}
func ExampleWAF_ListWebACLs() {
svc := waf.New(session.New())
params := &waf.ListWebACLsInput{
Limit: aws.Int64(1), // Required
NextMarker: aws.String("NextMarker"),
}
resp, err := svc.ListWebACLs(params)
if err != nil {
// Print the error, cast err to awserr.Error to get the Code and
// Message from an error.
fmt.Println(err.Error())
return
}
// Pretty-print the response data.
fmt.Println(resp)
}
func ExampleWAF_CreateSqlInjectionMatchSet() {
svc := waf.New(session.New())
params := &waf.CreateSqlInjectionMatchSetInput{
ChangeToken: aws.String("ChangeToken"), // Required
Name: aws.String("ResourceName"), // Required
}
resp, err := svc.CreateSqlInjectionMatchSet(params)
if err != nil {
// Print the error, cast err to awserr.Error to get the Code and
// Message from an error.
fmt.Println(err.Error())
return
}
// Pretty-print the response data.
fmt.Println(resp)
}
func ExampleWAF_DeleteWebACL() {
svc := waf.New(session.New())
params := &waf.DeleteWebACLInput{
ChangeToken: aws.String("ChangeToken"), // Required
WebACLId: aws.String("ResourceId"), // Required
}
resp, err := svc.DeleteWebACL(params)
if err != nil {
// Print the error, cast err to awserr.Error to get the Code and
// Message from an error.
fmt.Println(err.Error())
return
}
// Pretty-print the response data.
fmt.Println(resp)
}
func ExampleWAF_UpdateSizeConstraintSet() {
sess, err := session.NewSession()
if err != nil {
fmt.Println("failed to create session,", err)
return
}
svc := waf.New(sess)
params := &waf.UpdateSizeConstraintSetInput{
ChangeToken: aws.String("ChangeToken"), // Required
SizeConstraintSetId: aws.String("ResourceId"), // Required
Updates: []*waf.SizeConstraintSetUpdate{ // Required
{ // Required
Action: aws.String("ChangeAction"), // Required
SizeConstraint: &waf.SizeConstraint{ // Required
ComparisonOperator: aws.String("ComparisonOperator"), // Required
FieldToMatch: &waf.FieldToMatch{ // Required
Type: aws.String("MatchFieldType"), // Required
Data: aws.String("MatchFieldData"),
},
Size: aws.Int64(1), // Required
TextTransformation: aws.String("TextTransformation"), // Required
},
},
// More values...
},
}
resp, err := svc.UpdateSizeConstraintSet(params)
if err != nil {
// Print the error, cast err to awserr.Error to get the Code and
// Message from an error.
fmt.Println(err.Error())
return
}
// Pretty-print the response data.
fmt.Println(resp)
}
func ExampleWAF_GetWebACL() {
sess, err := session.NewSession()
if err != nil {
fmt.Println("failed to create session,", err)
return
}
svc := waf.New(sess)
params := &waf.GetWebACLInput{
WebACLId: aws.String("ResourceId"), // Required
}
resp, err := svc.GetWebACL(params)
if err != nil {
// Print the error, cast err to awserr.Error to get the Code and
// Message from an error.
fmt.Println(err.Error())
return
}
// Pretty-print the response data.
fmt.Println(resp)
}
func TestInterface(t *testing.T) {
assert.Implements(t, (*wafiface.WAFAPI)(nil), waf.New(nil))
}
func init() {
Before("@waf", func() {
World["client"] = waf.New(smoke.Session)
})
}
// Client configures and returns a fully initialized AWSClient
func (c *Config) Client() (interface{}, error) {
// Get the auth and region. This can fail if keys/regions were not
// specified and we're attempting to use the environment.
log.Println("[INFO] Building AWS region structure")
err := c.ValidateRegion()
if err != nil {
return nil, err
}
var client AWSClient
// store AWS region in client struct, for region specific operations such as
// bucket storage in S3
client.region = c.Region
log.Println("[INFO] Building AWS auth structure")
creds, err := GetCredentials(c)
if err != nil {
return nil, err
}
// Call Get to check for credential provider. If nothing found, we'll get an
// error, and we can present it nicely to the user
cp, err := creds.Get()
if err != nil {
if awsErr, ok := err.(awserr.Error); ok && awsErr.Code() == "NoCredentialProviders" {
return nil, errors.New(`No valid credential sources found for AWS Provider.
Please see https://terraform.io/docs/providers/aws/index.html for more information on
providing credentials for the AWS Provider`)
}
return nil, fmt.Errorf("Error loading credentials for AWS Provider: %s", err)
}
log.Printf("[INFO] AWS Auth provider used: %q", cp.ProviderName)
awsConfig := &aws.Config{
Credentials: creds,
Region: aws.String(c.Region),
MaxRetries: aws.Int(c.MaxRetries),
HTTPClient: cleanhttp.DefaultClient(),
S3ForcePathStyle: aws.Bool(c.S3ForcePathStyle),
}
if logging.IsDebugOrHigher() {
awsConfig.LogLevel = aws.LogLevel(aws.LogDebugWithHTTPBody)
awsConfig.Logger = awsLogger{}
}
if c.Insecure {
transport := awsConfig.HTTPClient.Transport.(*http.Transport)
transport.TLSClientConfig = &tls.Config{
InsecureSkipVerify: true,
}
}
// Set up base session
sess, err := session.NewSession(awsConfig)
if err != nil {
return nil, errwrap.Wrapf("Error creating AWS session: {{err}}", err)
}
// Removes the SDK Version handler, so we only have the provider User-Agent
// Ex: "User-Agent: APN/1.0 HashiCorp/1.0 Terraform/0.7.9-dev"
sess.Handlers.Build.Remove(request.NamedHandler{Name: "core.SDKVersionUserAgentHandler"})
sess.Handlers.Build.PushFrontNamed(addTerraformVersionToUserAgent)
if extraDebug := os.Getenv("TERRAFORM_AWS_AUTHFAILURE_DEBUG"); extraDebug != "" {
sess.Handlers.UnmarshalError.PushFrontNamed(debugAuthFailure)
}
// Some services exist only in us-east-1, e.g. because they manage
// resources that can span across multiple regions, or because
// signature format v4 requires region to be us-east-1 for global
// endpoints:
// http://docs.aws.amazon.com/general/latest/gr/sigv4_changes.html
usEast1Sess := sess.Copy(&aws.Config{Region: aws.String("us-east-1")})
// Some services have user-configurable endpoints
awsEc2Sess := sess.Copy(&aws.Config{Endpoint: aws.String(c.Ec2Endpoint)})
awsElbSess := sess.Copy(&aws.Config{Endpoint: aws.String(c.ElbEndpoint)})
awsIamSess := sess.Copy(&aws.Config{Endpoint: aws.String(c.IamEndpoint)})
awsS3Sess := sess.Copy(&aws.Config{Endpoint: aws.String(c.S3Endpoint)})
dynamoSess := sess.Copy(&aws.Config{Endpoint: aws.String(c.DynamoDBEndpoint)})
kinesisSess := sess.Copy(&aws.Config{Endpoint: aws.String(c.KinesisEndpoint)})
// These two services need to be set up early so we can check on AccountID
client.iamconn = iam.New(awsIamSess)
client.stsconn = sts.New(sess)
if !c.SkipCredsValidation {
err = c.ValidateCredentials(client.stsconn)
if err != nil {
return nil, err
}
}
if !c.SkipRequestingAccountId {
partition, accountId, err := GetAccountInfo(client.iamconn, client.stsconn, cp.ProviderName)
if err == nil {
client.partition = partition
client.accountid = accountId
}
}
authErr := c.ValidateAccountId(client.accountid)
if authErr != nil {
return nil, authErr
}
client.acmconn = acm.New(sess)
client.apigateway = apigateway.New(sess)
client.appautoscalingconn = applicationautoscaling.New(sess)
client.autoscalingconn = autoscaling.New(sess)
client.cfconn = cloudformation.New(sess)
client.cloudfrontconn = cloudfront.New(sess)
client.cloudtrailconn = cloudtrail.New(sess)
client.cloudwatchconn = cloudwatch.New(sess)
client.cloudwatcheventsconn = cloudwatchevents.New(sess)
client.cloudwatchlogsconn = cloudwatchlogs.New(sess)
client.codecommitconn = codecommit.New(usEast1Sess)
client.codedeployconn = codedeploy.New(sess)
client.dsconn = directoryservice.New(sess)
client.dynamodbconn = dynamodb.New(dynamoSess)
client.ec2conn = ec2.New(awsEc2Sess)
client.ecrconn = ecr.New(sess)
client.ecsconn = ecs.New(sess)
client.efsconn = efs.New(sess)
client.elasticacheconn = elasticache.New(sess)
client.elasticbeanstalkconn = elasticbeanstalk.New(sess)
client.elastictranscoderconn = elastictranscoder.New(sess)
client.elbconn = elb.New(awsElbSess)
client.elbv2conn = elbv2.New(awsElbSess)
client.emrconn = emr.New(sess)
client.esconn = elasticsearch.New(sess)
client.firehoseconn = firehose.New(sess)
client.glacierconn = glacier.New(sess)
client.kinesisconn = kinesis.New(kinesisSess)
client.kmsconn = kms.New(sess)
client.lambdaconn = lambda.New(sess)
client.lightsailconn = lightsail.New(usEast1Sess)
client.opsworksconn = opsworks.New(usEast1Sess)
client.r53conn = route53.New(usEast1Sess)
client.rdsconn = rds.New(sess)
client.redshiftconn = redshift.New(sess)
client.simpledbconn = simpledb.New(sess)
client.s3conn = s3.New(awsS3Sess)
client.sesConn = ses.New(sess)
client.snsconn = sns.New(sess)
client.sqsconn = sqs.New(sess)
client.ssmconn = ssm.New(sess)
client.wafconn = waf.New(sess)
return &client, nil
}
func init() {
gucumber.Before("@waf", func() {
gucumber.World["client"] = waf.New(smoke.Session)
})
}
