class Aws::WAFV2::Types::Statement

The processing guidance for a Rule, used by WAF to determine whether a web request matches the rule.

@note When making an API call, you may pass Statement

data as a hash:

    {
      byte_match_statement: {
        search_string: "data", # required
        field_to_match: { # required
          single_header: {
            name: "FieldToMatchData", # required
          },
          single_query_argument: {
            name: "FieldToMatchData", # required
          },
          all_query_arguments: {
          },
          uri_path: {
          },
          query_string: {
          },
          body: {
          },
          method: {
          },
          json_body: {
            match_pattern: { # required
              all: {
              },
              included_paths: ["JsonPointerPath"],
            },
            match_scope: "ALL", # required, accepts ALL, KEY, VALUE
            invalid_fallback_behavior: "MATCH", # accepts MATCH, NO_MATCH, EVALUATE_AS_STRING
          },
        },
        text_transformations: [ # required
          {
            priority: 1, # required
            type: "NONE", # required, accepts NONE, COMPRESS_WHITE_SPACE, HTML_ENTITY_DECODE, LOWERCASE, CMD_LINE, URL_DECODE, BASE64_DECODE, HEX_DECODE, MD5, REPLACE_COMMENTS, ESCAPE_SEQ_DECODE, SQL_HEX_DECODE, CSS_DECODE, JS_DECODE, NORMALIZE_PATH, NORMALIZE_PATH_WIN, REMOVE_NULLS, REPLACE_NULLS, BASE64_DECODE_EXT, URL_DECODE_UNI, UTF8_TO_UNICODE
          },
        ],
        positional_constraint: "EXACTLY", # required, accepts EXACTLY, STARTS_WITH, ENDS_WITH, CONTAINS, CONTAINS_WORD
      },
      sqli_match_statement: {
        field_to_match: { # required
          single_header: {
            name: "FieldToMatchData", # required
          },
          single_query_argument: {
            name: "FieldToMatchData", # required
          },
          all_query_arguments: {
          },
          uri_path: {
          },
          query_string: {
          },
          body: {
          },
          method: {
          },
          json_body: {
            match_pattern: { # required
              all: {
              },
              included_paths: ["JsonPointerPath"],
            },
            match_scope: "ALL", # required, accepts ALL, KEY, VALUE
            invalid_fallback_behavior: "MATCH", # accepts MATCH, NO_MATCH, EVALUATE_AS_STRING
          },
        },
        text_transformations: [ # required
          {
            priority: 1, # required
            type: "NONE", # required, accepts NONE, COMPRESS_WHITE_SPACE, HTML_ENTITY_DECODE, LOWERCASE, CMD_LINE, URL_DECODE, BASE64_DECODE, HEX_DECODE, MD5, REPLACE_COMMENTS, ESCAPE_SEQ_DECODE, SQL_HEX_DECODE, CSS_DECODE, JS_DECODE, NORMALIZE_PATH, NORMALIZE_PATH_WIN, REMOVE_NULLS, REPLACE_NULLS, BASE64_DECODE_EXT, URL_DECODE_UNI, UTF8_TO_UNICODE
          },
        ],
      },
      xss_match_statement: {
        field_to_match: { # required
          single_header: {
            name: "FieldToMatchData", # required
          },
          single_query_argument: {
            name: "FieldToMatchData", # required
          },
          all_query_arguments: {
          },
          uri_path: {
          },
          query_string: {
          },
          body: {
          },
          method: {
          },
          json_body: {
            match_pattern: { # required
              all: {
              },
              included_paths: ["JsonPointerPath"],
            },
            match_scope: "ALL", # required, accepts ALL, KEY, VALUE
            invalid_fallback_behavior: "MATCH", # accepts MATCH, NO_MATCH, EVALUATE_AS_STRING
          },
        },
        text_transformations: [ # required
          {
            priority: 1, # required
            type: "NONE", # required, accepts NONE, COMPRESS_WHITE_SPACE, HTML_ENTITY_DECODE, LOWERCASE, CMD_LINE, URL_DECODE, BASE64_DECODE, HEX_DECODE, MD5, REPLACE_COMMENTS, ESCAPE_SEQ_DECODE, SQL_HEX_DECODE, CSS_DECODE, JS_DECODE, NORMALIZE_PATH, NORMALIZE_PATH_WIN, REMOVE_NULLS, REPLACE_NULLS, BASE64_DECODE_EXT, URL_DECODE_UNI, UTF8_TO_UNICODE
          },
        ],
      },
      size_constraint_statement: {
        field_to_match: { # required
          single_header: {
            name: "FieldToMatchData", # required
          },
          single_query_argument: {
            name: "FieldToMatchData", # required
          },
          all_query_arguments: {
          },
          uri_path: {
          },
          query_string: {
          },
          body: {
          },
          method: {
          },
          json_body: {
            match_pattern: { # required
              all: {
              },
              included_paths: ["JsonPointerPath"],
            },
            match_scope: "ALL", # required, accepts ALL, KEY, VALUE
            invalid_fallback_behavior: "MATCH", # accepts MATCH, NO_MATCH, EVALUATE_AS_STRING
          },
        },
        comparison_operator: "EQ", # required, accepts EQ, NE, LE, LT, GE, GT
        size: 1, # required
        text_transformations: [ # required
          {
            priority: 1, # required
            type: "NONE", # required, accepts NONE, COMPRESS_WHITE_SPACE, HTML_ENTITY_DECODE, LOWERCASE, CMD_LINE, URL_DECODE, BASE64_DECODE, HEX_DECODE, MD5, REPLACE_COMMENTS, ESCAPE_SEQ_DECODE, SQL_HEX_DECODE, CSS_DECODE, JS_DECODE, NORMALIZE_PATH, NORMALIZE_PATH_WIN, REMOVE_NULLS, REPLACE_NULLS, BASE64_DECODE_EXT, URL_DECODE_UNI, UTF8_TO_UNICODE
          },
        ],
      },
      geo_match_statement: {
        country_codes: ["AF"], # accepts AF, AX, AL, DZ, AS, AD, AO, AI, AQ, AG, AR, AM, AW, AU, AT, AZ, BS, BH, BD, BB, BY, BE, BZ, BJ, BM, BT, BO, BQ, BA, BW, BV, BR, IO, BN, BG, BF, BI, KH, CM, CA, CV, KY, CF, TD, CL, CN, CX, CC, CO, KM, CG, CD, CK, CR, CI, HR, CU, CW, CY, CZ, DK, DJ, DM, DO, EC, EG, SV, GQ, ER, EE, ET, FK, FO, FJ, FI, FR, GF, PF, TF, GA, GM, GE, DE, GH, GI, GR, GL, GD, GP, GU, GT, GG, GN, GW, GY, HT, HM, VA, HN, HK, HU, IS, IN, ID, IR, IQ, IE, IM, IL, IT, JM, JP, JE, JO, KZ, KE, KI, KP, KR, KW, KG, LA, LV, LB, LS, LR, LY, LI, LT, LU, MO, MK, MG, MW, MY, MV, ML, MT, MH, MQ, MR, MU, YT, MX, FM, MD, MC, MN, ME, MS, MA, MZ, MM, NA, NR, NP, NL, NC, NZ, NI, NE, NG, NU, NF, MP, NO, OM, PK, PW, PS, PA, PG, PY, PE, PH, PN, PL, PT, PR, QA, RE, RO, RU, RW, BL, SH, KN, LC, MF, PM, VC, WS, SM, ST, SA, SN, RS, SC, SL, SG, SX, SK, SI, SB, SO, ZA, GS, SS, ES, LK, SD, SR, SJ, SZ, SE, CH, SY, TW, TJ, TZ, TH, TL, TG, TK, TO, TT, TN, TR, TM, TC, TV, UG, UA, AE, GB, US, UM, UY, UZ, VU, VE, VN, VG, VI, WF, EH, YE, ZM, ZW
        forwarded_ip_config: {
          header_name: "ForwardedIPHeaderName", # required
          fallback_behavior: "MATCH", # required, accepts MATCH, NO_MATCH
        },
      },
      rule_group_reference_statement: {
        arn: "ResourceArn", # required
        excluded_rules: [
          {
            name: "EntityName", # required
          },
        ],
      },
      ip_set_reference_statement: {
        arn: "ResourceArn", # required
        ip_set_forwarded_ip_config: {
          header_name: "ForwardedIPHeaderName", # required
          fallback_behavior: "MATCH", # required, accepts MATCH, NO_MATCH
          position: "FIRST", # required, accepts FIRST, LAST, ANY
        },
      },
      regex_pattern_set_reference_statement: {
        arn: "ResourceArn", # required
        field_to_match: { # required
          single_header: {
            name: "FieldToMatchData", # required
          },
          single_query_argument: {
            name: "FieldToMatchData", # required
          },
          all_query_arguments: {
          },
          uri_path: {
          },
          query_string: {
          },
          body: {
          },
          method: {
          },
          json_body: {
            match_pattern: { # required
              all: {
              },
              included_paths: ["JsonPointerPath"],
            },
            match_scope: "ALL", # required, accepts ALL, KEY, VALUE
            invalid_fallback_behavior: "MATCH", # accepts MATCH, NO_MATCH, EVALUATE_AS_STRING
          },
        },
        text_transformations: [ # required
          {
            priority: 1, # required
            type: "NONE", # required, accepts NONE, COMPRESS_WHITE_SPACE, HTML_ENTITY_DECODE, LOWERCASE, CMD_LINE, URL_DECODE, BASE64_DECODE, HEX_DECODE, MD5, REPLACE_COMMENTS, ESCAPE_SEQ_DECODE, SQL_HEX_DECODE, CSS_DECODE, JS_DECODE, NORMALIZE_PATH, NORMALIZE_PATH_WIN, REMOVE_NULLS, REPLACE_NULLS, BASE64_DECODE_EXT, URL_DECODE_UNI, UTF8_TO_UNICODE
          },
        ],
      },
      rate_based_statement: {
        limit: 1, # required
        aggregate_key_type: "IP", # required, accepts IP, FORWARDED_IP
        scope_down_statement: {
          byte_match_statement: {
            search_string: "data", # required
            field_to_match: { # required
              single_header: {
                name: "FieldToMatchData", # required
              },
              single_query_argument: {
                name: "FieldToMatchData", # required
              },
              all_query_arguments: {
              },
              uri_path: {
              },
              query_string: {
              },
              body: {
              },
              method: {
              },
              json_body: {
                match_pattern: { # required
                  all: {
                  },
                  included_paths: ["JsonPointerPath"],
                },
                match_scope: "ALL", # required, accepts ALL, KEY, VALUE
                invalid_fallback_behavior: "MATCH", # accepts MATCH, NO_MATCH, EVALUATE_AS_STRING
              },
            },
            text_transformations: [ # required
              {
                priority: 1, # required
                type: "NONE", # required, accepts NONE, COMPRESS_WHITE_SPACE, HTML_ENTITY_DECODE, LOWERCASE, CMD_LINE, URL_DECODE, BASE64_DECODE, HEX_DECODE, MD5, REPLACE_COMMENTS, ESCAPE_SEQ_DECODE, SQL_HEX_DECODE, CSS_DECODE, JS_DECODE, NORMALIZE_PATH, NORMALIZE_PATH_WIN, REMOVE_NULLS, REPLACE_NULLS, BASE64_DECODE_EXT, URL_DECODE_UNI, UTF8_TO_UNICODE
              },
            ],
            positional_constraint: "EXACTLY", # required, accepts EXACTLY, STARTS_WITH, ENDS_WITH, CONTAINS, CONTAINS_WORD
          },
          sqli_match_statement: {
            field_to_match: { # required
              single_header: {
                name: "FieldToMatchData", # required
              },
              single_query_argument: {
                name: "FieldToMatchData", # required
              },
              all_query_arguments: {
              },
              uri_path: {
              },
              query_string: {
              },
              body: {
              },
              method: {
              },
              json_body: {
                match_pattern: { # required
                  all: {
                  },
                  included_paths: ["JsonPointerPath"],
                },
                match_scope: "ALL", # required, accepts ALL, KEY, VALUE
                invalid_fallback_behavior: "MATCH", # accepts MATCH, NO_MATCH, EVALUATE_AS_STRING
              },
            },
            text_transformations: [ # required
              {
                priority: 1, # required
                type: "NONE", # required, accepts NONE, COMPRESS_WHITE_SPACE, HTML_ENTITY_DECODE, LOWERCASE, CMD_LINE, URL_DECODE, BASE64_DECODE, HEX_DECODE, MD5, REPLACE_COMMENTS, ESCAPE_SEQ_DECODE, SQL_HEX_DECODE, CSS_DECODE, JS_DECODE, NORMALIZE_PATH, NORMALIZE_PATH_WIN, REMOVE_NULLS, REPLACE_NULLS, BASE64_DECODE_EXT, URL_DECODE_UNI, UTF8_TO_UNICODE
              },
            ],
          },
          xss_match_statement: {
            field_to_match: { # required
              single_header: {
                name: "FieldToMatchData", # required
              },
              single_query_argument: {
                name: "FieldToMatchData", # required
              },
              all_query_arguments: {
              },
              uri_path: {
              },
              query_string: {
              },
              body: {
              },
              method: {
              },
              json_body: {
                match_pattern: { # required
                  all: {
                  },
                  included_paths: ["JsonPointerPath"],
                },
                match_scope: "ALL", # required, accepts ALL, KEY, VALUE
                invalid_fallback_behavior: "MATCH", # accepts MATCH, NO_MATCH, EVALUATE_AS_STRING
              },
            },
            text_transformations: [ # required
              {
                priority: 1, # required
                type: "NONE", # required, accepts NONE, COMPRESS_WHITE_SPACE, HTML_ENTITY_DECODE, LOWERCASE, CMD_LINE, URL_DECODE, BASE64_DECODE, HEX_DECODE, MD5, REPLACE_COMMENTS, ESCAPE_SEQ_DECODE, SQL_HEX_DECODE, CSS_DECODE, JS_DECODE, NORMALIZE_PATH, NORMALIZE_PATH_WIN, REMOVE_NULLS, REPLACE_NULLS, BASE64_DECODE_EXT, URL_DECODE_UNI, UTF8_TO_UNICODE
              },
            ],
          },
          size_constraint_statement: {
            field_to_match: { # required
              single_header: {
                name: "FieldToMatchData", # required
              },
              single_query_argument: {
                name: "FieldToMatchData", # required
              },
              all_query_arguments: {
              },
              uri_path: {
              },
              query_string: {
              },
              body: {
              },
              method: {
              },
              json_body: {
                match_pattern: { # required
                  all: {
                  },
                  included_paths: ["JsonPointerPath"],
                },
                match_scope: "ALL", # required, accepts ALL, KEY, VALUE
                invalid_fallback_behavior: "MATCH", # accepts MATCH, NO_MATCH, EVALUATE_AS_STRING
              },
            },
            comparison_operator: "EQ", # required, accepts EQ, NE, LE, LT, GE, GT
            size: 1, # required
            text_transformations: [ # required
              {
                priority: 1, # required
                type: "NONE", # required, accepts NONE, COMPRESS_WHITE_SPACE, HTML_ENTITY_DECODE, LOWERCASE, CMD_LINE, URL_DECODE, BASE64_DECODE, HEX_DECODE, MD5, REPLACE_COMMENTS, ESCAPE_SEQ_DECODE, SQL_HEX_DECODE, CSS_DECODE, JS_DECODE, NORMALIZE_PATH, NORMALIZE_PATH_WIN, REMOVE_NULLS, REPLACE_NULLS, BASE64_DECODE_EXT, URL_DECODE_UNI, UTF8_TO_UNICODE
              },
            ],
          },
          geo_match_statement: {
            country_codes: ["AF"], # accepts AF, AX, AL, DZ, AS, AD, AO, AI, AQ, AG, AR, AM, AW, AU, AT, AZ, BS, BH, BD, BB, BY, BE, BZ, BJ, BM, BT, BO, BQ, BA, BW, BV, BR, IO, BN, BG, BF, BI, KH, CM, CA, CV, KY, CF, TD, CL, CN, CX, CC, CO, KM, CG, CD, CK, CR, CI, HR, CU, CW, CY, CZ, DK, DJ, DM, DO, EC, EG, SV, GQ, ER, EE, ET, FK, FO, FJ, FI, FR, GF, PF, TF, GA, GM, GE, DE, GH, GI, GR, GL, GD, GP, GU, GT, GG, GN, GW, GY, HT, HM, VA, HN, HK, HU, IS, IN, ID, IR, IQ, IE, IM, IL, IT, JM, JP, JE, JO, KZ, KE, KI, KP, KR, KW, KG, LA, LV, LB, LS, LR, LY, LI, LT, LU, MO, MK, MG, MW, MY, MV, ML, MT, MH, MQ, MR, MU, YT, MX, FM, MD, MC, MN, ME, MS, MA, MZ, MM, NA, NR, NP, NL, NC, NZ, NI, NE, NG, NU, NF, MP, NO, OM, PK, PW, PS, PA, PG, PY, PE, PH, PN, PL, PT, PR, QA, RE, RO, RU, RW, BL, SH, KN, LC, MF, PM, VC, WS, SM, ST, SA, SN, RS, SC, SL, SG, SX, SK, SI, SB, SO, ZA, GS, SS, ES, LK, SD, SR, SJ, SZ, SE, CH, SY, TW, TJ, TZ, TH, TL, TG, TK, TO, TT, TN, TR, TM, TC, TV, UG, UA, AE, GB, US, UM, UY, UZ, VU, VE, VN, VG, VI, WF, EH, YE, ZM, ZW
            forwarded_ip_config: {
              header_name: "ForwardedIPHeaderName", # required
              fallback_behavior: "MATCH", # required, accepts MATCH, NO_MATCH
            },
          },
          rule_group_reference_statement: {
            arn: "ResourceArn", # required
            excluded_rules: [
              {
                name: "EntityName", # required
              },
            ],
          },
          ip_set_reference_statement: {
            arn: "ResourceArn", # required
            ip_set_forwarded_ip_config: {
              header_name: "ForwardedIPHeaderName", # required
              fallback_behavior: "MATCH", # required, accepts MATCH, NO_MATCH
              position: "FIRST", # required, accepts FIRST, LAST, ANY
            },
          },
          regex_pattern_set_reference_statement: {
            arn: "ResourceArn", # required
            field_to_match: { # required
              single_header: {
                name: "FieldToMatchData", # required
              },
              single_query_argument: {
                name: "FieldToMatchData", # required
              },
              all_query_arguments: {
              },
              uri_path: {
              },
              query_string: {
              },
              body: {
              },
              method: {
              },
              json_body: {
                match_pattern: { # required
                  all: {
                  },
                  included_paths: ["JsonPointerPath"],
                },
                match_scope: "ALL", # required, accepts ALL, KEY, VALUE
                invalid_fallback_behavior: "MATCH", # accepts MATCH, NO_MATCH, EVALUATE_AS_STRING
              },
            },
            text_transformations: [ # required
              {
                priority: 1, # required
                type: "NONE", # required, accepts NONE, COMPRESS_WHITE_SPACE, HTML_ENTITY_DECODE, LOWERCASE, CMD_LINE, URL_DECODE, BASE64_DECODE, HEX_DECODE, MD5, REPLACE_COMMENTS, ESCAPE_SEQ_DECODE, SQL_HEX_DECODE, CSS_DECODE, JS_DECODE, NORMALIZE_PATH, NORMALIZE_PATH_WIN, REMOVE_NULLS, REPLACE_NULLS, BASE64_DECODE_EXT, URL_DECODE_UNI, UTF8_TO_UNICODE
              },
            ],
          },
          rate_based_statement: {
            # recursive RateBasedStatement
          },
          and_statement: {
            statements: [ # required
              {
                # recursive Statement
              },
            ],
          },
          or_statement: {
            statements: [ # required
              {
                # recursive Statement
              },
            ],
          },
          not_statement: {
            statement: { # required
              # recursive Statement
            },
          },
          managed_rule_group_statement: {
            vendor_name: "VendorName", # required
            name: "EntityName", # required
            version: "VersionKeyString",
            excluded_rules: [
              {
                name: "EntityName", # required
              },
            ],
            scope_down_statement: {
              # recursive Statement
            },
          },
          label_match_statement: {
            scope: "LABEL", # required, accepts LABEL, NAMESPACE
            key: "LabelMatchKey", # required
          },
        },
        forwarded_ip_config: {
          header_name: "ForwardedIPHeaderName", # required
          fallback_behavior: "MATCH", # required, accepts MATCH, NO_MATCH
        },
      },
      and_statement: {
        statements: [ # required
          {
            byte_match_statement: {
              search_string: "data", # required
              field_to_match: { # required
                single_header: {
                  name: "FieldToMatchData", # required
                },
                single_query_argument: {
                  name: "FieldToMatchData", # required
                },
                all_query_arguments: {
                },
                uri_path: {
                },
                query_string: {
                },
                body: {
                },
                method: {
                },
                json_body: {
                  match_pattern: { # required
                    all: {
                    },
                    included_paths: ["JsonPointerPath"],
                  },
                  match_scope: "ALL", # required, accepts ALL, KEY, VALUE
                  invalid_fallback_behavior: "MATCH", # accepts MATCH, NO_MATCH, EVALUATE_AS_STRING
                },
              },
              text_transformations: [ # required
                {
                  priority: 1, # required
                  type: "NONE", # required, accepts NONE, COMPRESS_WHITE_SPACE, HTML_ENTITY_DECODE, LOWERCASE, CMD_LINE, URL_DECODE, BASE64_DECODE, HEX_DECODE, MD5, REPLACE_COMMENTS, ESCAPE_SEQ_DECODE, SQL_HEX_DECODE, CSS_DECODE, JS_DECODE, NORMALIZE_PATH, NORMALIZE_PATH_WIN, REMOVE_NULLS, REPLACE_NULLS, BASE64_DECODE_EXT, URL_DECODE_UNI, UTF8_TO_UNICODE
                },
              ],
              positional_constraint: "EXACTLY", # required, accepts EXACTLY, STARTS_WITH, ENDS_WITH, CONTAINS, CONTAINS_WORD
            },
            sqli_match_statement: {
              field_to_match: { # required
                single_header: {
                  name: "FieldToMatchData", # required
                },
                single_query_argument: {
                  name: "FieldToMatchData", # required
                },
                all_query_arguments: {
                },
                uri_path: {
                },
                query_string: {
                },
                body: {
                },
                method: {
                },
                json_body: {
                  match_pattern: { # required
                    all: {
                    },
                    included_paths: ["JsonPointerPath"],
                  },
                  match_scope: "ALL", # required, accepts ALL, KEY, VALUE
                  invalid_fallback_behavior: "MATCH", # accepts MATCH, NO_MATCH, EVALUATE_AS_STRING
                },
              },
              text_transformations: [ # required
                {
                  priority: 1, # required
                  type: "NONE", # required, accepts NONE, COMPRESS_WHITE_SPACE, HTML_ENTITY_DECODE, LOWERCASE, CMD_LINE, URL_DECODE, BASE64_DECODE, HEX_DECODE, MD5, REPLACE_COMMENTS, ESCAPE_SEQ_DECODE, SQL_HEX_DECODE, CSS_DECODE, JS_DECODE, NORMALIZE_PATH, NORMALIZE_PATH_WIN, REMOVE_NULLS, REPLACE_NULLS, BASE64_DECODE_EXT, URL_DECODE_UNI, UTF8_TO_UNICODE
                },
              ],
            },
            xss_match_statement: {
              field_to_match: { # required
                single_header: {
                  name: "FieldToMatchData", # required
                },
                single_query_argument: {
                  name: "FieldToMatchData", # required
                },
                all_query_arguments: {
                },
                uri_path: {
                },
                query_string: {
                },
                body: {
                },
                method: {
                },
                json_body: {
                  match_pattern: { # required
                    all: {
                    },
                    included_paths: ["JsonPointerPath"],
                  },
                  match_scope: "ALL", # required, accepts ALL, KEY, VALUE
                  invalid_fallback_behavior: "MATCH", # accepts MATCH, NO_MATCH, EVALUATE_AS_STRING
                },
              },
              text_transformations: [ # required
                {
                  priority: 1, # required
                  type: "NONE", # required, accepts NONE, COMPRESS_WHITE_SPACE, HTML_ENTITY_DECODE, LOWERCASE, CMD_LINE, URL_DECODE, BASE64_DECODE, HEX_DECODE, MD5, REPLACE_COMMENTS, ESCAPE_SEQ_DECODE, SQL_HEX_DECODE, CSS_DECODE, JS_DECODE, NORMALIZE_PATH, NORMALIZE_PATH_WIN, REMOVE_NULLS, REPLACE_NULLS, BASE64_DECODE_EXT, URL_DECODE_UNI, UTF8_TO_UNICODE
                },
              ],
            },
            size_constraint_statement: {
              field_to_match: { # required
                single_header: {
                  name: "FieldToMatchData", # required
                },
                single_query_argument: {
                  name: "FieldToMatchData", # required
                },
                all_query_arguments: {
                },
                uri_path: {
                },
                query_string: {
                },
                body: {
                },
                method: {
                },
                json_body: {
                  match_pattern: { # required
                    all: {
                    },
                    included_paths: ["JsonPointerPath"],
                  },
                  match_scope: "ALL", # required, accepts ALL, KEY, VALUE
                  invalid_fallback_behavior: "MATCH", # accepts MATCH, NO_MATCH, EVALUATE_AS_STRING
                },
              },
              comparison_operator: "EQ", # required, accepts EQ, NE, LE, LT, GE, GT
              size: 1, # required
              text_transformations: [ # required
                {
                  priority: 1, # required
                  type: "NONE", # required, accepts NONE, COMPRESS_WHITE_SPACE, HTML_ENTITY_DECODE, LOWERCASE, CMD_LINE, URL_DECODE, BASE64_DECODE, HEX_DECODE, MD5, REPLACE_COMMENTS, ESCAPE_SEQ_DECODE, SQL_HEX_DECODE, CSS_DECODE, JS_DECODE, NORMALIZE_PATH, NORMALIZE_PATH_WIN, REMOVE_NULLS, REPLACE_NULLS, BASE64_DECODE_EXT, URL_DECODE_UNI, UTF8_TO_UNICODE
                },
              ],
            },
            geo_match_statement: {
              country_codes: ["AF"], # accepts AF, AX, AL, DZ, AS, AD, AO, AI, AQ, AG, AR, AM, AW, AU, AT, AZ, BS, BH, BD, BB, BY, BE, BZ, BJ, BM, BT, BO, BQ, BA, BW, BV, BR, IO, BN, BG, BF, BI, KH, CM, CA, CV, KY, CF, TD, CL, CN, CX, CC, CO, KM, CG, CD, CK, CR, CI, HR, CU, CW, CY, CZ, DK, DJ, DM, DO, EC, EG, SV, GQ, ER, EE, ET, FK, FO, FJ, FI, FR, GF, PF, TF, GA, GM, GE, DE, GH, GI, GR, GL, GD, GP, GU, GT, GG, GN, GW, GY, HT, HM, VA, HN, HK, HU, IS, IN, ID, IR, IQ, IE, IM, IL, IT, JM, JP, JE, JO, KZ, KE, KI, KP, KR, KW, KG, LA, LV, LB, LS, LR, LY, LI, LT, LU, MO, MK, MG, MW, MY, MV, ML, MT, MH, MQ, MR, MU, YT, MX, FM, MD, MC, MN, ME, MS, MA, MZ, MM, NA, NR, NP, NL, NC, NZ, NI, NE, NG, NU, NF, MP, NO, OM, PK, PW, PS, PA, PG, PY, PE, PH, PN, PL, PT, PR, QA, RE, RO, RU, RW, BL, SH, KN, LC, MF, PM, VC, WS, SM, ST, SA, SN, RS, SC, SL, SG, SX, SK, SI, SB, SO, ZA, GS, SS, ES, LK, SD, SR, SJ, SZ, SE, CH, SY, TW, TJ, TZ, TH, TL, TG, TK, TO, TT, TN, TR, TM, TC, TV, UG, UA, AE, GB, US, UM, UY, UZ, VU, VE, VN, VG, VI, WF, EH, YE, ZM, ZW
              forwarded_ip_config: {
                header_name: "ForwardedIPHeaderName", # required
                fallback_behavior: "MATCH", # required, accepts MATCH, NO_MATCH
              },
            },
            rule_group_reference_statement: {
              arn: "ResourceArn", # required
              excluded_rules: [
                {
                  name: "EntityName", # required
                },
              ],
            },
            ip_set_reference_statement: {
              arn: "ResourceArn", # required
              ip_set_forwarded_ip_config: {
                header_name: "ForwardedIPHeaderName", # required
                fallback_behavior: "MATCH", # required, accepts MATCH, NO_MATCH
                position: "FIRST", # required, accepts FIRST, LAST, ANY
              },
            },
            regex_pattern_set_reference_statement: {
              arn: "ResourceArn", # required
              field_to_match: { # required
                single_header: {
                  name: "FieldToMatchData", # required
                },
                single_query_argument: {
                  name: "FieldToMatchData", # required
                },
                all_query_arguments: {
                },
                uri_path: {
                },
                query_string: {
                },
                body: {
                },
                method: {
                },
                json_body: {
                  match_pattern: { # required
                    all: {
                    },
                    included_paths: ["JsonPointerPath"],
                  },
                  match_scope: "ALL", # required, accepts ALL, KEY, VALUE
                  invalid_fallback_behavior: "MATCH", # accepts MATCH, NO_MATCH, EVALUATE_AS_STRING
                },
              },
              text_transformations: [ # required
                {
                  priority: 1, # required
                  type: "NONE", # required, accepts NONE, COMPRESS_WHITE_SPACE, HTML_ENTITY_DECODE, LOWERCASE, CMD_LINE, URL_DECODE, BASE64_DECODE, HEX_DECODE, MD5, REPLACE_COMMENTS, ESCAPE_SEQ_DECODE, SQL_HEX_DECODE, CSS_DECODE, JS_DECODE, NORMALIZE_PATH, NORMALIZE_PATH_WIN, REMOVE_NULLS, REPLACE_NULLS, BASE64_DECODE_EXT, URL_DECODE_UNI, UTF8_TO_UNICODE
                },
              ],
            },
            rate_based_statement: {
              limit: 1, # required
              aggregate_key_type: "IP", # required, accepts IP, FORWARDED_IP
              scope_down_statement: {
                # recursive Statement
              },
              forwarded_ip_config: {
                header_name: "ForwardedIPHeaderName", # required
                fallback_behavior: "MATCH", # required, accepts MATCH, NO_MATCH
              },
            },
            and_statement: {
              # recursive AndStatement
            },
            or_statement: {
              statements: { # required
                # recursive Statements
              },
            },
            not_statement: {
              statement: { # required
                # recursive Statement
              },
            },
            managed_rule_group_statement: {
              vendor_name: "VendorName", # required
              name: "EntityName", # required
              version: "VersionKeyString",
              excluded_rules: [
                {
                  name: "EntityName", # required
                },
              ],
              scope_down_statement: {
                # recursive Statement
              },
            },
            label_match_statement: {
              scope: "LABEL", # required, accepts LABEL, NAMESPACE
              key: "LabelMatchKey", # required
            },
          },
        ],
      },
      or_statement: {
        statements: [ # required
          {
            byte_match_statement: {
              search_string: "data", # required
              field_to_match: { # required
                single_header: {
                  name: "FieldToMatchData", # required
                },
                single_query_argument: {
                  name: "FieldToMatchData", # required
                },
                all_query_arguments: {
                },
                uri_path: {
                },
                query_string: {
                },
                body: {
                },
                method: {
                },
                json_body: {
                  match_pattern: { # required
                    all: {
                    },
                    included_paths: ["JsonPointerPath"],
                  },
                  match_scope: "ALL", # required, accepts ALL, KEY, VALUE
                  invalid_fallback_behavior: "MATCH", # accepts MATCH, NO_MATCH, EVALUATE_AS_STRING
                },
              },
              text_transformations: [ # required
                {
                  priority: 1, # required
                  type: "NONE", # required, accepts NONE, COMPRESS_WHITE_SPACE, HTML_ENTITY_DECODE, LOWERCASE, CMD_LINE, URL_DECODE, BASE64_DECODE, HEX_DECODE, MD5, REPLACE_COMMENTS, ESCAPE_SEQ_DECODE, SQL_HEX_DECODE, CSS_DECODE, JS_DECODE, NORMALIZE_PATH, NORMALIZE_PATH_WIN, REMOVE_NULLS, REPLACE_NULLS, BASE64_DECODE_EXT, URL_DECODE_UNI, UTF8_TO_UNICODE
                },
              ],
              positional_constraint: "EXACTLY", # required, accepts EXACTLY, STARTS_WITH, ENDS_WITH, CONTAINS, CONTAINS_WORD
            },
            sqli_match_statement: {
              field_to_match: { # required
                single_header: {
                  name: "FieldToMatchData", # required
                },
                single_query_argument: {
                  name: "FieldToMatchData", # required
                },
                all_query_arguments: {
                },
                uri_path: {
                },
                query_string: {
                },
                body: {
                },
                method: {
                },
                json_body: {
                  match_pattern: { # required
                    all: {
                    },
                    included_paths: ["JsonPointerPath"],
                  },
                  match_scope: "ALL", # required, accepts ALL, KEY, VALUE
                  invalid_fallback_behavior: "MATCH", # accepts MATCH, NO_MATCH, EVALUATE_AS_STRING
                },
              },
              text_transformations: [ # required
                {
                  priority: 1, # required
                  type: "NONE", # required, accepts NONE, COMPRESS_WHITE_SPACE, HTML_ENTITY_DECODE, LOWERCASE, CMD_LINE, URL_DECODE, BASE64_DECODE, HEX_DECODE, MD5, REPLACE_COMMENTS, ESCAPE_SEQ_DECODE, SQL_HEX_DECODE, CSS_DECODE, JS_DECODE, NORMALIZE_PATH, NORMALIZE_PATH_WIN, REMOVE_NULLS, REPLACE_NULLS, BASE64_DECODE_EXT, URL_DECODE_UNI, UTF8_TO_UNICODE
                },
              ],
            },
            xss_match_statement: {
              field_to_match: { # required
                single_header: {
                  name: "FieldToMatchData", # required
                },
                single_query_argument: {
                  name: "FieldToMatchData", # required
                },
                all_query_arguments: {
                },
                uri_path: {
                },
                query_string: {
                },
                body: {
                },
                method: {
                },
                json_body: {
                  match_pattern: { # required
                    all: {
                    },
                    included_paths: ["JsonPointerPath"],
                  },
                  match_scope: "ALL", # required, accepts ALL, KEY, VALUE
                  invalid_fallback_behavior: "MATCH", # accepts MATCH, NO_MATCH, EVALUATE_AS_STRING
                },
              },
              text_transformations: [ # required
                {
                  priority: 1, # required
                  type: "NONE", # required, accepts NONE, COMPRESS_WHITE_SPACE, HTML_ENTITY_DECODE, LOWERCASE, CMD_LINE, URL_DECODE, BASE64_DECODE, HEX_DECODE, MD5, REPLACE_COMMENTS, ESCAPE_SEQ_DECODE, SQL_HEX_DECODE, CSS_DECODE, JS_DECODE, NORMALIZE_PATH, NORMALIZE_PATH_WIN, REMOVE_NULLS, REPLACE_NULLS, BASE64_DECODE_EXT, URL_DECODE_UNI, UTF8_TO_UNICODE
                },
              ],
            },
            size_constraint_statement: {
              field_to_match: { # required
                single_header: {
                  name: "FieldToMatchData", # required
                },
                single_query_argument: {
                  name: "FieldToMatchData", # required
                },
                all_query_arguments: {
                },
                uri_path: {
                },
                query_string: {
                },
                body: {
                },
                method: {
                },
                json_body: {
                  match_pattern: { # required
                    all: {
                    },
                    included_paths: ["JsonPointerPath"],
                  },
                  match_scope: "ALL", # required, accepts ALL, KEY, VALUE
                  invalid_fallback_behavior: "MATCH", # accepts MATCH, NO_MATCH, EVALUATE_AS_STRING
                },
              },
              comparison_operator: "EQ", # required, accepts EQ, NE, LE, LT, GE, GT
              size: 1, # required
              text_transformations: [ # required
                {
                  priority: 1, # required
                  type: "NONE", # required, accepts NONE, COMPRESS_WHITE_SPACE, HTML_ENTITY_DECODE, LOWERCASE, CMD_LINE, URL_DECODE, BASE64_DECODE, HEX_DECODE, MD5, REPLACE_COMMENTS, ESCAPE_SEQ_DECODE, SQL_HEX_DECODE, CSS_DECODE, JS_DECODE, NORMALIZE_PATH, NORMALIZE_PATH_WIN, REMOVE_NULLS, REPLACE_NULLS, BASE64_DECODE_EXT, URL_DECODE_UNI, UTF8_TO_UNICODE
                },
              ],
            },
            geo_match_statement: {
              country_codes: ["AF"], # accepts AF, AX, AL, DZ, AS, AD, AO, AI, AQ, AG, AR, AM, AW, AU, AT, AZ, BS, BH, BD, BB, BY, BE, BZ, BJ, BM, BT, BO, BQ, BA, BW, BV, BR, IO, BN, BG, BF, BI, KH, CM, CA, CV, KY, CF, TD, CL, CN, CX, CC, CO, KM, CG, CD, CK, CR, CI, HR, CU, CW, CY, CZ, DK, DJ, DM, DO, EC, EG, SV, GQ, ER, EE, ET, FK, FO, FJ, FI, FR, GF, PF, TF, GA, GM, GE, DE, GH, GI, GR, GL, GD, GP, GU, GT, GG, GN, GW, GY, HT, HM, VA, HN, HK, HU, IS, IN, ID, IR, IQ, IE, IM, IL, IT, JM, JP, JE, JO, KZ, KE, KI, KP, KR, KW, KG, LA, LV, LB, LS, LR, LY, LI, LT, LU, MO, MK, MG, MW, MY, MV, ML, MT, MH, MQ, MR, MU, YT, MX, FM, MD, MC, MN, ME, MS, MA, MZ, MM, NA, NR, NP, NL, NC, NZ, NI, NE, NG, NU, NF, MP, NO, OM, PK, PW, PS, PA, PG, PY, PE, PH, PN, PL, PT, PR, QA, RE, RO, RU, RW, BL, SH, KN, LC, MF, PM, VC, WS, SM, ST, SA, SN, RS, SC, SL, SG, SX, SK, SI, SB, SO, ZA, GS, SS, ES, LK, SD, SR, SJ, SZ, SE, CH, SY, TW, TJ, TZ, TH, TL, TG, TK, TO, TT, TN, TR, TM, TC, TV, UG, UA, AE, GB, US, UM, UY, UZ, VU, VE, VN, VG, VI, WF, EH, YE, ZM, ZW
              forwarded_ip_config: {
                header_name: "ForwardedIPHeaderName", # required
                fallback_behavior: "MATCH", # required, accepts MATCH, NO_MATCH
              },
            },
            rule_group_reference_statement: {
              arn: "ResourceArn", # required
              excluded_rules: [
                {
                  name: "EntityName", # required
                },
              ],
            },
            ip_set_reference_statement: {
              arn: "ResourceArn", # required
              ip_set_forwarded_ip_config: {
                header_name: "ForwardedIPHeaderName", # required
                fallback_behavior: "MATCH", # required, accepts MATCH, NO_MATCH
                position: "FIRST", # required, accepts FIRST, LAST, ANY
              },
            },
            regex_pattern_set_reference_statement: {
              arn: "ResourceArn", # required
              field_to_match: { # required
                single_header: {
                  name: "FieldToMatchData", # required
                },
                single_query_argument: {
                  name: "FieldToMatchData", # required
                },
                all_query_arguments: {
                },
                uri_path: {
                },
                query_string: {
                },
                body: {
                },
                method: {
                },
                json_body: {
                  match_pattern: { # required
                    all: {
                    },
                    included_paths: ["JsonPointerPath"],
                  },
                  match_scope: "ALL", # required, accepts ALL, KEY, VALUE
                  invalid_fallback_behavior: "MATCH", # accepts MATCH, NO_MATCH, EVALUATE_AS_STRING
                },
              },
              text_transformations: [ # required
                {
                  priority: 1, # required
                  type: "NONE", # required, accepts NONE, COMPRESS_WHITE_SPACE, HTML_ENTITY_DECODE, LOWERCASE, CMD_LINE, URL_DECODE, BASE64_DECODE, HEX_DECODE, MD5, REPLACE_COMMENTS, ESCAPE_SEQ_DECODE, SQL_HEX_DECODE, CSS_DECODE, JS_DECODE, NORMALIZE_PATH, NORMALIZE_PATH_WIN, REMOVE_NULLS, REPLACE_NULLS, BASE64_DECODE_EXT, URL_DECODE_UNI, UTF8_TO_UNICODE
                },
              ],
            },
            rate_based_statement: {
              limit: 1, # required
              aggregate_key_type: "IP", # required, accepts IP, FORWARDED_IP
              scope_down_statement: {
                # recursive Statement
              },
              forwarded_ip_config: {
                header_name: "ForwardedIPHeaderName", # required
                fallback_behavior: "MATCH", # required, accepts MATCH, NO_MATCH
              },
            },
            and_statement: {
              statements: { # required
                # recursive Statements
              },
            },
            or_statement: {
              # recursive OrStatement
            },
            not_statement: {
              statement: { # required
                # recursive Statement
              },
            },
            managed_rule_group_statement: {
              vendor_name: "VendorName", # required
              name: "EntityName", # required
              version: "VersionKeyString",
              excluded_rules: [
                {
                  name: "EntityName", # required
                },
              ],
              scope_down_statement: {
                # recursive Statement
              },
            },
            label_match_statement: {
              scope: "LABEL", # required, accepts LABEL, NAMESPACE
              key: "LabelMatchKey", # required
            },
          },
        ],
      },
      not_statement: {
        statement: { # required
          byte_match_statement: {
            search_string: "data", # required
            field_to_match: { # required
              single_header: {
                name: "FieldToMatchData", # required
              },
              single_query_argument: {
                name: "FieldToMatchData", # required
              },
              all_query_arguments: {
              },
              uri_path: {
              },
              query_string: {
              },
              body: {
              },
              method: {
              },
              json_body: {
                match_pattern: { # required
                  all: {
                  },
                  included_paths: ["JsonPointerPath"],
                },
                match_scope: "ALL", # required, accepts ALL, KEY, VALUE
                invalid_fallback_behavior: "MATCH", # accepts MATCH, NO_MATCH, EVALUATE_AS_STRING
              },
            },
            text_transformations: [ # required
              {
                priority: 1, # required
                type: "NONE", # required, accepts NONE, COMPRESS_WHITE_SPACE, HTML_ENTITY_DECODE, LOWERCASE, CMD_LINE, URL_DECODE, BASE64_DECODE, HEX_DECODE, MD5, REPLACE_COMMENTS, ESCAPE_SEQ_DECODE, SQL_HEX_DECODE, CSS_DECODE, JS_DECODE, NORMALIZE_PATH, NORMALIZE_PATH_WIN, REMOVE_NULLS, REPLACE_NULLS, BASE64_DECODE_EXT, URL_DECODE_UNI, UTF8_TO_UNICODE
              },
            ],
            positional_constraint: "EXACTLY", # required, accepts EXACTLY, STARTS_WITH, ENDS_WITH, CONTAINS, CONTAINS_WORD
          },
          sqli_match_statement: {
            field_to_match: { # required
              single_header: {
                name: "FieldToMatchData", # required
              },
              single_query_argument: {
                name: "FieldToMatchData", # required
              },
              all_query_arguments: {
              },
              uri_path: {
              },
              query_string: {
              },
              body: {
              },
              method: {
              },
              json_body: {
                match_pattern: { # required
                  all: {
                  },
                  included_paths: ["JsonPointerPath"],
                },
                match_scope: "ALL", # required, accepts ALL, KEY, VALUE
                invalid_fallback_behavior: "MATCH", # accepts MATCH, NO_MATCH, EVALUATE_AS_STRING
              },
            },
            text_transformations: [ # required
              {
                priority: 1, # required
                type: "NONE", # required, accepts NONE, COMPRESS_WHITE_SPACE, HTML_ENTITY_DECODE, LOWERCASE, CMD_LINE, URL_DECODE, BASE64_DECODE, HEX_DECODE, MD5, REPLACE_COMMENTS, ESCAPE_SEQ_DECODE, SQL_HEX_DECODE, CSS_DECODE, JS_DECODE, NORMALIZE_PATH, NORMALIZE_PATH_WIN, REMOVE_NULLS, REPLACE_NULLS, BASE64_DECODE_EXT, URL_DECODE_UNI, UTF8_TO_UNICODE
              },
            ],
          },
          xss_match_statement: {
            field_to_match: { # required
              single_header: {
                name: "FieldToMatchData", # required
              },
              single_query_argument: {
                name: "FieldToMatchData", # required
              },
              all_query_arguments: {
              },
              uri_path: {
              },
              query_string: {
              },
              body: {
              },
              method: {
              },
              json_body: {
                match_pattern: { # required
                  all: {
                  },
                  included_paths: ["JsonPointerPath"],
                },
                match_scope: "ALL", # required, accepts ALL, KEY, VALUE
                invalid_fallback_behavior: "MATCH", # accepts MATCH, NO_MATCH, EVALUATE_AS_STRING
              },
            },
            text_transformations: [ # required
              {
                priority: 1, # required
                type: "NONE", # required, accepts NONE, COMPRESS_WHITE_SPACE, HTML_ENTITY_DECODE, LOWERCASE, CMD_LINE, URL_DECODE, BASE64_DECODE, HEX_DECODE, MD5, REPLACE_COMMENTS, ESCAPE_SEQ_DECODE, SQL_HEX_DECODE, CSS_DECODE, JS_DECODE, NORMALIZE_PATH, NORMALIZE_PATH_WIN, REMOVE_NULLS, REPLACE_NULLS, BASE64_DECODE_EXT, URL_DECODE_UNI, UTF8_TO_UNICODE
              },
            ],
          },
          size_constraint_statement: {
            field_to_match: { # required
              single_header: {
                name: "FieldToMatchData", # required
              },
              single_query_argument: {
                name: "FieldToMatchData", # required
              },
              all_query_arguments: {
              },
              uri_path: {
              },
              query_string: {
              },
              body: {
              },
              method: {
              },
              json_body: {
                match_pattern: { # required
                  all: {
                  },
                  included_paths: ["JsonPointerPath"],
                },
                match_scope: "ALL", # required, accepts ALL, KEY, VALUE
                invalid_fallback_behavior: "MATCH", # accepts MATCH, NO_MATCH, EVALUATE_AS_STRING
              },
            },
            comparison_operator: "EQ", # required, accepts EQ, NE, LE, LT, GE, GT
            size: 1, # required
            text_transformations: [ # required
              {
                priority: 1, # required
                type: "NONE", # required, accepts NONE, COMPRESS_WHITE_SPACE, HTML_ENTITY_DECODE, LOWERCASE, CMD_LINE, URL_DECODE, BASE64_DECODE, HEX_DECODE, MD5, REPLACE_COMMENTS, ESCAPE_SEQ_DECODE, SQL_HEX_DECODE, CSS_DECODE, JS_DECODE, NORMALIZE_PATH, NORMALIZE_PATH_WIN, REMOVE_NULLS, REPLACE_NULLS, BASE64_DECODE_EXT, URL_DECODE_UNI, UTF8_TO_UNICODE
              },
            ],
          },
          geo_match_statement: {
            country_codes: ["AF"], # accepts AF, AX, AL, DZ, AS, AD, AO, AI, AQ, AG, AR, AM, AW, AU, AT, AZ, BS, BH, BD, BB, BY, BE, BZ, BJ, BM, BT, BO, BQ, BA, BW, BV, BR, IO, BN, BG, BF, BI, KH, CM, CA, CV, KY, CF, TD, CL, CN, CX, CC, CO, KM, CG, CD, CK, CR, CI, HR, CU, CW, CY, CZ, DK, DJ, DM, DO, EC, EG, SV, GQ, ER, EE, ET, FK, FO, FJ, FI, FR, GF, PF, TF, GA, GM, GE, DE, GH, GI, GR, GL, GD, GP, GU, GT, GG, GN, GW, GY, HT, HM, VA, HN, HK, HU, IS, IN, ID, IR, IQ, IE, IM, IL, IT, JM, JP, JE, JO, KZ, KE, KI, KP, KR, KW, KG, LA, LV, LB, LS, LR, LY, LI, LT, LU, MO, MK, MG, MW, MY, MV, ML, MT, MH, MQ, MR, MU, YT, MX, FM, MD, MC, MN, ME, MS, MA, MZ, MM, NA, NR, NP, NL, NC, NZ, NI, NE, NG, NU, NF, MP, NO, OM, PK, PW, PS, PA, PG, PY, PE, PH, PN, PL, PT, PR, QA, RE, RO, RU, RW, BL, SH, KN, LC, MF, PM, VC, WS, SM, ST, SA, SN, RS, SC, SL, SG, SX, SK, SI, SB, SO, ZA, GS, SS, ES, LK, SD, SR, SJ, SZ, SE, CH, SY, TW, TJ, TZ, TH, TL, TG, TK, TO, TT, TN, TR, TM, TC, TV, UG, UA, AE, GB, US, UM, UY, UZ, VU, VE, VN, VG, VI, WF, EH, YE, ZM, ZW
            forwarded_ip_config: {
              header_name: "ForwardedIPHeaderName", # required
              fallback_behavior: "MATCH", # required, accepts MATCH, NO_MATCH
            },
          },
          rule_group_reference_statement: {
            arn: "ResourceArn", # required
            excluded_rules: [
              {
                name: "EntityName", # required
              },
            ],
          },
          ip_set_reference_statement: {
            arn: "ResourceArn", # required
            ip_set_forwarded_ip_config: {
              header_name: "ForwardedIPHeaderName", # required
              fallback_behavior: "MATCH", # required, accepts MATCH, NO_MATCH
              position: "FIRST", # required, accepts FIRST, LAST, ANY
            },
          },
          regex_pattern_set_reference_statement: {
            arn: "ResourceArn", # required
            field_to_match: { # required
              single_header: {
                name: "FieldToMatchData", # required
              },
              single_query_argument: {
                name: "FieldToMatchData", # required
              },
              all_query_arguments: {
              },
              uri_path: {
              },
              query_string: {
              },
              body: {
              },
              method: {
              },
              json_body: {
                match_pattern: { # required
                  all: {
                  },
                  included_paths: ["JsonPointerPath"],
                },
                match_scope: "ALL", # required, accepts ALL, KEY, VALUE
                invalid_fallback_behavior: "MATCH", # accepts MATCH, NO_MATCH, EVALUATE_AS_STRING
              },
            },
            text_transformations: [ # required
              {
                priority: 1, # required
                type: "NONE", # required, accepts NONE, COMPRESS_WHITE_SPACE, HTML_ENTITY_DECODE, LOWERCASE, CMD_LINE, URL_DECODE, BASE64_DECODE, HEX_DECODE, MD5, REPLACE_COMMENTS, ESCAPE_SEQ_DECODE, SQL_HEX_DECODE, CSS_DECODE, JS_DECODE, NORMALIZE_PATH, NORMALIZE_PATH_WIN, REMOVE_NULLS, REPLACE_NULLS, BASE64_DECODE_EXT, URL_DECODE_UNI, UTF8_TO_UNICODE
              },
            ],
          },
          rate_based_statement: {
            limit: 1, # required
            aggregate_key_type: "IP", # required, accepts IP, FORWARDED_IP
            scope_down_statement: {
              # recursive Statement
            },
            forwarded_ip_config: {
              header_name: "ForwardedIPHeaderName", # required
              fallback_behavior: "MATCH", # required, accepts MATCH, NO_MATCH
            },
          },
          and_statement: {
            statements: [ # required
              {
                # recursive Statement
              },
            ],
          },
          or_statement: {
            statements: [ # required
              {
                # recursive Statement
              },
            ],
          },
          not_statement: {
            # recursive NotStatement
          },
          managed_rule_group_statement: {
            vendor_name: "VendorName", # required
            name: "EntityName", # required
            version: "VersionKeyString",
            excluded_rules: [
              {
                name: "EntityName", # required
              },
            ],
            scope_down_statement: {
              # recursive Statement
            },
          },
          label_match_statement: {
            scope: "LABEL", # required, accepts LABEL, NAMESPACE
            key: "LabelMatchKey", # required
          },
        },
      },
      managed_rule_group_statement: {
        vendor_name: "VendorName", # required
        name: "EntityName", # required
        version: "VersionKeyString",
        excluded_rules: [
          {
            name: "EntityName", # required
          },
        ],
        scope_down_statement: {
          byte_match_statement: {
            search_string: "data", # required
            field_to_match: { # required
              single_header: {
                name: "FieldToMatchData", # required
              },
              single_query_argument: {
                name: "FieldToMatchData", # required
              },
              all_query_arguments: {
              },
              uri_path: {
              },
              query_string: {
              },
              body: {
              },
              method: {
              },
              json_body: {
                match_pattern: { # required
                  all: {
                  },
                  included_paths: ["JsonPointerPath"],
                },
                match_scope: "ALL", # required, accepts ALL, KEY, VALUE
                invalid_fallback_behavior: "MATCH", # accepts MATCH, NO_MATCH, EVALUATE_AS_STRING
              },
            },
            text_transformations: [ # required
              {
                priority: 1, # required
                type: "NONE", # required, accepts NONE, COMPRESS_WHITE_SPACE, HTML_ENTITY_DECODE, LOWERCASE, CMD_LINE, URL_DECODE, BASE64_DECODE, HEX_DECODE, MD5, REPLACE_COMMENTS, ESCAPE_SEQ_DECODE, SQL_HEX_DECODE, CSS_DECODE, JS_DECODE, NORMALIZE_PATH, NORMALIZE_PATH_WIN, REMOVE_NULLS, REPLACE_NULLS, BASE64_DECODE_EXT, URL_DECODE_UNI, UTF8_TO_UNICODE
              },
            ],
            positional_constraint: "EXACTLY", # required, accepts EXACTLY, STARTS_WITH, ENDS_WITH, CONTAINS, CONTAINS_WORD
          },
          sqli_match_statement: {
            field_to_match: { # required
              single_header: {
                name: "FieldToMatchData", # required
              },
              single_query_argument: {
                name: "FieldToMatchData", # required
              },
              all_query_arguments: {
              },
              uri_path: {
              },
              query_string: {
              },
              body: {
              },
              method: {
              },
              json_body: {
                match_pattern: { # required
                  all: {
                  },
                  included_paths: ["JsonPointerPath"],
                },
                match_scope: "ALL", # required, accepts ALL, KEY, VALUE
                invalid_fallback_behavior: "MATCH", # accepts MATCH, NO_MATCH, EVALUATE_AS_STRING
              },
            },
            text_transformations: [ # required
              {
                priority: 1, # required
                type: "NONE", # required, accepts NONE, COMPRESS_WHITE_SPACE, HTML_ENTITY_DECODE, LOWERCASE, CMD_LINE, URL_DECODE, BASE64_DECODE, HEX_DECODE, MD5, REPLACE_COMMENTS, ESCAPE_SEQ_DECODE, SQL_HEX_DECODE, CSS_DECODE, JS_DECODE, NORMALIZE_PATH, NORMALIZE_PATH_WIN, REMOVE_NULLS, REPLACE_NULLS, BASE64_DECODE_EXT, URL_DECODE_UNI, UTF8_TO_UNICODE
              },
            ],
          },
          xss_match_statement: {
            field_to_match: { # required
              single_header: {
                name: "FieldToMatchData", # required
              },
              single_query_argument: {
                name: "FieldToMatchData", # required
              },
              all_query_arguments: {
              },
              uri_path: {
              },
              query_string: {
              },
              body: {
              },
              method: {
              },
              json_body: {
                match_pattern: { # required
                  all: {
                  },
                  included_paths: ["JsonPointerPath"],
                },
                match_scope: "ALL", # required, accepts ALL, KEY, VALUE
                invalid_fallback_behavior: "MATCH", # accepts MATCH, NO_MATCH, EVALUATE_AS_STRING
              },
            },
            text_transformations: [ # required
              {
                priority: 1, # required
                type: "NONE", # required, accepts NONE, COMPRESS_WHITE_SPACE, HTML_ENTITY_DECODE, LOWERCASE, CMD_LINE, URL_DECODE, BASE64_DECODE, HEX_DECODE, MD5, REPLACE_COMMENTS, ESCAPE_SEQ_DECODE, SQL_HEX_DECODE, CSS_DECODE, JS_DECODE, NORMALIZE_PATH, NORMALIZE_PATH_WIN, REMOVE_NULLS, REPLACE_NULLS, BASE64_DECODE_EXT, URL_DECODE_UNI, UTF8_TO_UNICODE
              },
            ],
          },
          size_constraint_statement: {
            field_to_match: { # required
              single_header: {
                name: "FieldToMatchData", # required
              },
              single_query_argument: {
                name: "FieldToMatchData", # required
              },
              all_query_arguments: {
              },
              uri_path: {
              },
              query_string: {
              },
              body: {
              },
              method: {
              },
              json_body: {
                match_pattern: { # required
                  all: {
                  },
                  included_paths: ["JsonPointerPath"],
                },
                match_scope: "ALL", # required, accepts ALL, KEY, VALUE
                invalid_fallback_behavior: "MATCH", # accepts MATCH, NO_MATCH, EVALUATE_AS_STRING
              },
            },
            comparison_operator: "EQ", # required, accepts EQ, NE, LE, LT, GE, GT
            size: 1, # required
            text_transformations: [ # required
              {
                priority: 1, # required
                type: "NONE", # required, accepts NONE, COMPRESS_WHITE_SPACE, HTML_ENTITY_DECODE, LOWERCASE, CMD_LINE, URL_DECODE, BASE64_DECODE, HEX_DECODE, MD5, REPLACE_COMMENTS, ESCAPE_SEQ_DECODE, SQL_HEX_DECODE, CSS_DECODE, JS_DECODE, NORMALIZE_PATH, NORMALIZE_PATH_WIN, REMOVE_NULLS, REPLACE_NULLS, BASE64_DECODE_EXT, URL_DECODE_UNI, UTF8_TO_UNICODE
              },
            ],
          },
          geo_match_statement: {
            country_codes: ["AF"], # accepts AF, AX, AL, DZ, AS, AD, AO, AI, AQ, AG, AR, AM, AW, AU, AT, AZ, BS, BH, BD, BB, BY, BE, BZ, BJ, BM, BT, BO, BQ, BA, BW, BV, BR, IO, BN, BG, BF, BI, KH, CM, CA, CV, KY, CF, TD, CL, CN, CX, CC, CO, KM, CG, CD, CK, CR, CI, HR, CU, CW, CY, CZ, DK, DJ, DM, DO, EC, EG, SV, GQ, ER, EE, ET, FK, FO, FJ, FI, FR, GF, PF, TF, GA, GM, GE, DE, GH, GI, GR, GL, GD, GP, GU, GT, GG, GN, GW, GY, HT, HM, VA, HN, HK, HU, IS, IN, ID, IR, IQ, IE, IM, IL, IT, JM, JP, JE, JO, KZ, KE, KI, KP, KR, KW, KG, LA, LV, LB, LS, LR, LY, LI, LT, LU, MO, MK, MG, MW, MY, MV, ML, MT, MH, MQ, MR, MU, YT, MX, FM, MD, MC, MN, ME, MS, MA, MZ, MM, NA, NR, NP, NL, NC, NZ, NI, NE, NG, NU, NF, MP, NO, OM, PK, PW, PS, PA, PG, PY, PE, PH, PN, PL, PT, PR, QA, RE, RO, RU, RW, BL, SH, KN, LC, MF, PM, VC, WS, SM, ST, SA, SN, RS, SC, SL, SG, SX, SK, SI, SB, SO, ZA, GS, SS, ES, LK, SD, SR, SJ, SZ, SE, CH, SY, TW, TJ, TZ, TH, TL, TG, TK, TO, TT, TN, TR, TM, TC, TV, UG, UA, AE, GB, US, UM, UY, UZ, VU, VE, VN, VG, VI, WF, EH, YE, ZM, ZW
            forwarded_ip_config: {
              header_name: "ForwardedIPHeaderName", # required
              fallback_behavior: "MATCH", # required, accepts MATCH, NO_MATCH
            },
          },
          rule_group_reference_statement: {
            arn: "ResourceArn", # required
            excluded_rules: [
              {
                name: "EntityName", # required
              },
            ],
          },
          ip_set_reference_statement: {
            arn: "ResourceArn", # required
            ip_set_forwarded_ip_config: {
              header_name: "ForwardedIPHeaderName", # required
              fallback_behavior: "MATCH", # required, accepts MATCH, NO_MATCH
              position: "FIRST", # required, accepts FIRST, LAST, ANY
            },
          },
          regex_pattern_set_reference_statement: {
            arn: "ResourceArn", # required
            field_to_match: { # required
              single_header: {
                name: "FieldToMatchData", # required
              },
              single_query_argument: {
                name: "FieldToMatchData", # required
              },
              all_query_arguments: {
              },
              uri_path: {
              },
              query_string: {
              },
              body: {
              },
              method: {
              },
              json_body: {
                match_pattern: { # required
                  all: {
                  },
                  included_paths: ["JsonPointerPath"],
                },
                match_scope: "ALL", # required, accepts ALL, KEY, VALUE
                invalid_fallback_behavior: "MATCH", # accepts MATCH, NO_MATCH, EVALUATE_AS_STRING
              },
            },
            text_transformations: [ # required
              {
                priority: 1, # required
                type: "NONE", # required, accepts NONE, COMPRESS_WHITE_SPACE, HTML_ENTITY_DECODE, LOWERCASE, CMD_LINE, URL_DECODE, BASE64_DECODE, HEX_DECODE, MD5, REPLACE_COMMENTS, ESCAPE_SEQ_DECODE, SQL_HEX_DECODE, CSS_DECODE, JS_DECODE, NORMALIZE_PATH, NORMALIZE_PATH_WIN, REMOVE_NULLS, REPLACE_NULLS, BASE64_DECODE_EXT, URL_DECODE_UNI, UTF8_TO_UNICODE
              },
            ],
          },
          rate_based_statement: {
            limit: 1, # required
            aggregate_key_type: "IP", # required, accepts IP, FORWARDED_IP
            scope_down_statement: {
              # recursive Statement
            },
            forwarded_ip_config: {
              header_name: "ForwardedIPHeaderName", # required
              fallback_behavior: "MATCH", # required, accepts MATCH, NO_MATCH
            },
          },
          and_statement: {
            statements: [ # required
              {
                # recursive Statement
              },
            ],
          },
          or_statement: {
            statements: [ # required
              {
                # recursive Statement
              },
            ],
          },
          not_statement: {
            statement: { # required
              # recursive Statement
            },
          },
          managed_rule_group_statement: {
            # recursive ManagedRuleGroupStatement
          },
          label_match_statement: {
            scope: "LABEL", # required, accepts LABEL, NAMESPACE
            key: "LabelMatchKey", # required
          },
        },
      },
      label_match_statement: {
        scope: "LABEL", # required, accepts LABEL, NAMESPACE
        key: "LabelMatchKey", # required
      },
    }

@!attribute [rw] byte_match_statement

A rule statement that defines a string match search for WAF to apply
to web requests. The byte match statement provides the bytes to
search for, the location in requests that you want WAF to search,
and other settings. The bytes to search for are typically a string
that corresponds with ASCII characters. In the WAF console and the
developer guide, this is refered to as a string match statement.
@return [Types::ByteMatchStatement]

@!attribute [rw] sqli_match_statement

Attackers sometimes insert malicious SQL code into web requests in
an effort to extract data from your database. To allow or block web
requests that appear to contain malicious SQL code, create one or
more SQL injection match conditions. An SQL injection match
condition identifies the part of web requests, such as the URI or
the query string, that you want WAF to inspect. Later in the
process, when you create a web ACL, you specify whether to allow or
block requests that appear to contain malicious SQL code.
@return [Types::SqliMatchStatement]

@!attribute [rw] xss_match_statement

A rule statement that defines a cross-site scripting (XSS) match
search for WAF to apply to web requests. XSS attacks are those where
the attacker uses vulnerabilities in a benign website as a vehicle
to inject malicious client-site scripts into other legitimate web
browsers. The XSS match statement provides the location in requests
that you want WAF to search and text transformations to use on the
search area before WAF searches for character sequences that are
likely to be malicious strings.
@return [Types::XssMatchStatement]

@!attribute [rw] size_constraint_statement

A rule statement that compares a number of bytes against the size of
a request component, using a comparison operator, such as greater
than (>) or less than (<). For example, you can use a size
constraint statement to look for query strings that are longer than
100 bytes.

If you configure WAF to inspect the request body, WAF inspects only
the first 8192 bytes (8 KB). If the request body for your web
requests never exceeds 8192 bytes, you can create a size constraint
condition and block requests that have a request body greater than
8192 bytes.

If you choose URI for the value of Part of the request to filter on,
the slash (/) in the URI counts as one character. For example, the
URI `/logo.jpg` is nine characters long.
@return [Types::SizeConstraintStatement]

@!attribute [rw] geo_match_statement

A rule statement used to identify web requests based on country of
origin.
@return [Types::GeoMatchStatement]

@!attribute [rw] rule_group_reference_statement

A rule statement used to run the rules that are defined in a
RuleGroup. To use this, create a rule group with your rules, then
provide the ARN of the rule group in this statement.

You cannot nest a `RuleGroupReferenceStatement`, for example for use
inside a `NotStatement` or `OrStatement`. It can only be referenced
as a top-level statement within a rule.
@return [Types::RuleGroupReferenceStatement]

@!attribute [rw] ip_set_reference_statement

A rule statement used to detect web requests coming from particular
IP addresses or address ranges. To use this, create an IPSet that
specifies the addresses you want to detect, then use the ARN of that
set in this statement. To create an IP set, see CreateIPSet.

Each IP set rule statement references an IP set. You create and
maintain the set independent of your rules. This allows you to use
the single set in multiple rules. When you update the referenced
set, WAF automatically updates all rules that reference it.
@return [Types::IPSetReferenceStatement]

@!attribute [rw] regex_pattern_set_reference_statement

A rule statement used to search web request components for matches
with regular expressions. To use this, create a RegexPatternSet that
specifies the expressions that you want to detect, then use the ARN
of that set in this statement. A web request matches the pattern set
rule statement if the request component matches any of the patterns
in the set. To create a regex pattern set, see
CreateRegexPatternSet.

Each regex pattern set rule statement references a regex pattern
set. You create and maintain the set independent of your rules. This
allows you to use the single set in multiple rules. When you update
the referenced set, WAF automatically updates all rules that
reference it.
@return [Types::RegexPatternSetReferenceStatement]

@!attribute [rw] rate_based_statement

A rate-based rule tracks the rate of requests for each originating
IP address, and triggers the rule action when the rate exceeds a
limit that you specify on the number of requests in any 5-minute
time span. You can use this to put a temporary block on requests
from an IP address that is sending excessive requests.

When the rule action triggers, WAF blocks additional requests from
the IP address until the request rate falls below the limit.

You can optionally nest another statement inside the rate-based
statement, to narrow the scope of the rule so that it only counts
requests that match the nested statement. For example, based on
recent requests that you have seen from an attacker, you might
create a rate-based rule with a nested AND rule statement that
contains the following nested statements:

* An IP match statement with an IP set that specified the address
  192.0.2.44.

* A string match statement that searches in the User-Agent header
  for the string BadBot.

In this rate-based rule, you also define a rate limit. For this
example, the rate limit is 1,000. Requests that meet both of the
conditions in the statements are counted. If the count exceeds 1,000
requests per five minutes, the rule action triggers. Requests that
do not meet both conditions are not counted towards the rate limit
and are not affected by this rule.

You cannot nest a `RateBasedStatement`, for example for use inside a
`NotStatement` or `OrStatement`. It can only be referenced as a
top-level statement within a rule.
@return [Types::RateBasedStatement]

@!attribute [rw] and_statement

A logical rule statement used to combine other rule statements with
AND logic. You provide more than one Statement within the
`AndStatement`.
@return [Types::AndStatement]

@!attribute [rw] or_statement

A logical rule statement used to combine other rule statements with
OR logic. You provide more than one Statement within the
`OrStatement`.
@return [Types::OrStatement]

@!attribute [rw] not_statement

A logical rule statement used to negate the results of another rule
statement. You provide one Statement within the `NotStatement`.
@return [Types::NotStatement]

@!attribute [rw] managed_rule_group_statement

A rule statement used to run the rules that are defined in a managed
rule group. To use this, provide the vendor name and the name of the
rule group in this statement. You can retrieve the required names by
calling ListAvailableManagedRuleGroups.

You cannot nest a `ManagedRuleGroupStatement`, for example for use
inside a `NotStatement` or `OrStatement`. It can only be referenced
as a top-level statement within a rule.
@return [Types::ManagedRuleGroupStatement]

@!attribute [rw] label_match_statement

A rule statement that defines a string match search against labels
that have been added to the web request by rules that have already
run in the web ACL.

The label match statement provides the label or namespace string to
search for. The label string can represent a part or all of the
fully qualified label name that had been added to the web request.
Fully qualified labels have a prefix, optional namespaces, and label
name. The prefix identifies the rule group or web ACL context of the
rule that added the label. If you do not provide the fully qualified
name in your label match string, WAF performs the search for labels
that were added in the same context as the label match statement.
@return [Types::LabelMatchStatement]

@see docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/Statement AWS API Documentation

Constants

SENSITIVE