Skip to content

Commit 81965b5

Browse files
OAS Update
1 parent 019208f commit 81965b5

File tree

2 files changed

+120
-19
lines changed

2 files changed

+120
-19
lines changed

services/cdn/v1beta/cdn.json

Lines changed: 120 additions & 11 deletions
Original file line numberDiff line numberDiff line change
@@ -430,6 +430,9 @@
430430
"timestamp": {
431431
"format": "date-time",
432432
"type": "string"
433+
},
434+
"wafViolation": {
435+
"$ref": "#/components/schemas/WAFViolation"
433436
}
434437
},
435438
"required": [
@@ -611,7 +614,8 @@
611614
"enum": [
612615
"UNKNOWN",
613616
"CUSTOM_DOMAIN_CNAME_MISSING",
614-
"INVALID_ARGUMENT"
617+
"INVALID_ARGUMENT",
618+
"LOG_SINK_INSTANCE_UNAVAILABLE"
615619
],
616620
"minLength": 1,
617621
"type": "string"
@@ -1052,11 +1056,13 @@
10521056
"properties": {
10531057
"certificate": {
10541058
"description": "base64-encoded PEM-encoded certificate",
1055-
"type": "string"
1059+
"type": "string",
1060+
"x-go-type": "secret.Secret"
10561061
},
10571062
"key": {
10581063
"description": "base64-encoded PEM encoded key",
1059-
"type": "string"
1064+
"type": "string",
1065+
"x-go-type": "secret.Secret"
10601066
},
10611067
"type": {
10621068
"type": "string"
@@ -1155,7 +1161,6 @@
11551161
"SA",
11561162
"ASIA"
11571163
],
1158-
"format": "enum",
11591164
"type": "string"
11601165
},
11611166
"StatusError": {
@@ -1176,7 +1181,9 @@
11761181
"UNKNOWN",
11771182
"CUSTOM_DOMAIN_CNAME_MISSING",
11781183
"CUSTOM_DOMAIN_ALREADY_IN_USE",
1179-
"PUBLIC_BETA_QUOTA_REACHED"
1184+
"PUBLIC_BETA_QUOTA_REACHED",
1185+
"LOG_SINK_INSTANCE_UNAVAILABLE",
1186+
"EXTERNAL_QUOTA_REACHED"
11801187
],
11811188
"minLength": 1,
11821189
"type": "string"
@@ -1207,6 +1214,15 @@
12071214
],
12081215
"type": "object"
12091216
},
1217+
"WAFRuleAction": {
1218+
"description": "The action a WAF rule can take based on a request",
1219+
"enum": [
1220+
"BLOCKED",
1221+
"LOGGED",
1222+
"ALLOWED"
1223+
],
1224+
"type": "string"
1225+
},
12101226
"WAFRuleCollection": {
12111227
"properties": {
12121228
"groups": {
@@ -1263,9 +1279,66 @@
12631279
],
12641280
"type": "object"
12651281
},
1282+
"WAFViolation": {
1283+
"description": "Information about a violated WAF rule in case the WAF is enabled and a rule was triggered (either in BLOCK or LOG_ONLY mode)",
1284+
"properties": {
1285+
"action": {
1286+
"$ref": "#/components/schemas/WAFRuleAction"
1287+
},
1288+
"asn": {
1289+
"description": "ASN for the request",
1290+
"type": "string"
1291+
},
1292+
"message": {
1293+
"description": "Rule specific message explaining the violation",
1294+
"type": "string"
1295+
},
1296+
"method": {
1297+
"description": "HTTP Method of the request that triggered the violation",
1298+
"type": "string"
1299+
},
1300+
"requestHeaders": {
1301+
"additionalProperties": {
1302+
"type": "string"
1303+
},
1304+
"type": "object"
1305+
},
1306+
"ruleId": {
1307+
"description": "ID of the WAF rule that was triggered",
1308+
"type": "string"
1309+
}
1310+
},
1311+
"required": [
1312+
"ruleId",
1313+
"method",
1314+
"message",
1315+
"asn",
1316+
"requestHeaders",
1317+
"action"
1318+
],
1319+
"type": "object"
1320+
},
12661321
"WafConfig": {
12671322
"description": "Configuration of the WAF of a distribution",
12681323
"properties": {
1324+
"allowedHttpMethods": {
1325+
"items": {
1326+
"type": "string"
1327+
},
1328+
"type": "array"
1329+
},
1330+
"allowedHttpVersions": {
1331+
"items": {
1332+
"type": "string"
1333+
},
1334+
"type": "array"
1335+
},
1336+
"allowedRequestContentTypes": {
1337+
"items": {
1338+
"type": "string"
1339+
},
1340+
"type": "array"
1341+
},
12691342
"enabledRuleIds": {
12701343
"description": "IDs of the WAF rules that are **explicitly** enabled for this distribution. \nIf this rule is in a disabled / log Only RuleGroup or Collection,\nit will be enabled regardless as `enabledRuleIds` overrides those in specificity.\n\nDo note that rules can also be enabled because a Rulegroup or Collection is enabled. \n**DO NOT** use this property to find all active rules. Instead, pass `?withWafStatus=true` as a query parameter\nto `GetDistribution` or `ListDistributions`. This will expose the `waf` Property on distribution Level.\n\nFrom there you can `$.waf.enabledRules.map(e =\u003e e.id)` to get a list of all enabled rules.\n",
12711344
"items": {
@@ -1276,6 +1349,9 @@
12761349
"mode": {
12771350
"$ref": "#/components/schemas/WafMode"
12781351
},
1352+
"paranoiaLevel": {
1353+
"$ref": "#/components/schemas/WafParanoiaLevel"
1354+
},
12791355
"type": {
12801356
"$ref": "#/components/schemas/WafType"
12811357
}
@@ -1289,9 +1365,30 @@
12891365
},
12901366
"WafConfigPatch": {
12911367
"properties": {
1368+
"allowedHttpMethods": {
1369+
"items": {
1370+
"type": "string"
1371+
},
1372+
"type": "array"
1373+
},
1374+
"allowedHttpVersions": {
1375+
"items": {
1376+
"type": "string"
1377+
},
1378+
"type": "array"
1379+
},
1380+
"allowedRequestContentTypes": {
1381+
"items": {
1382+
"type": "string"
1383+
},
1384+
"type": "array"
1385+
},
12921386
"mode": {
12931387
"$ref": "#/components/schemas/WafMode"
12941388
},
1389+
"paranoiaLevel": {
1390+
"$ref": "#/components/schemas/WafParanoiaLevel"
1391+
},
12951392
"type": {
12961393
"$ref": "#/components/schemas/WafType"
12971394
}
@@ -1304,7 +1401,16 @@
13041401
"ENABLED",
13051402
"LOG_ONLY"
13061403
],
1307-
"format": "enum",
1404+
"type": "string"
1405+
},
1406+
"WafParanoiaLevel": {
1407+
"description": "The paranoia level defines how aggressively the WAF should action on requests. \nIt ranges from `L1` (least strict, lowest chance of false positives) to `L4` (most strict, highest chance of false positives).\nA higher paranoia level is more effective at catching attacks but can also block legitimate traffic.\n",
1408+
"enum": [
1409+
"L1",
1410+
"L2",
1411+
"L3",
1412+
"L4"
1413+
],
13081414
"type": "string"
13091415
},
13101416
"WafType": {
@@ -1313,7 +1419,6 @@
13131419
"FREE",
13141420
"PREMIUM"
13151421
],
1316-
"format": "enum",
13171422
"type": "string"
13181423
}
13191424
}
@@ -1383,7 +1488,6 @@
13831488
"status",
13841489
"originUrlRelated"
13851490
],
1386-
"format": "enum",
13871491
"type": "string"
13881492
}
13891493
},
@@ -1395,7 +1499,6 @@
13951499
"ascending",
13961500
"descending"
13971501
],
1398-
"format": "enum",
13991502
"type": "string"
14001503
}
14011504
}
@@ -2937,6 +3040,14 @@
29373040
"type": "string"
29383041
}
29393042
},
3043+
{
3044+
"description": "If this is set then only log entries with the chosen WAF rule action/outcome are returned.\nSpecifically, if `ALLOWED` then all requests with no violation are returned. If `BLOCKED` then those where\na WAF rule blocked a request and if `LOGGED` then only those requests where the WAF violation was only logged \nbut the request not blocked\n",
3045+
"in": "query",
3046+
"name": "wafAction",
3047+
"schema": {
3048+
"$ref": "#/components/schemas/WAFRuleAction"
3049+
}
3050+
},
29403051
{
29413052
"description": "Quantifies how many log entries should be returned on this \npage. Must be a natural number between 1 and 1000 (inclusive)\n",
29423053
"in": "query",
@@ -2974,7 +3085,6 @@
29743085
"path",
29753086
"host"
29763087
],
2977-
"format": "enum",
29783088
"type": "string"
29793089
}
29803090
},
@@ -2986,7 +3096,6 @@
29863096
"ascending",
29873097
"descending"
29883098
],
2989-
"format": "enum",
29903099
"type": "string"
29913100
}
29923101
},

services/cdn/v1beta2/cdn.json

Lines changed: 0 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -1381,7 +1381,6 @@
13811381
"SA",
13821382
"ASIA"
13831383
],
1384-
"format": "enum",
13851384
"type": "string"
13861385
},
13871386
"StatusError": {
@@ -1677,7 +1676,6 @@
16771676
"ENABLED",
16781677
"LOG_ONLY"
16791678
],
1680-
"format": "enum",
16811679
"type": "string"
16821680
},
16831681
"WafParanoiaLevel": {
@@ -1688,7 +1686,6 @@
16881686
"L3",
16891687
"L4"
16901688
],
1691-
"format": "enum",
16921689
"type": "string"
16931690
},
16941691
"WafRule": {
@@ -1887,7 +1884,6 @@
18871884
"FREE",
18881885
"PREMIUM"
18891886
],
1890-
"format": "enum",
18911887
"type": "string"
18921888
}
18931889
}
@@ -1957,7 +1953,6 @@
19571953
"status",
19581954
"originUrlRelated"
19591955
],
1960-
"format": "enum",
19611956
"type": "string"
19621957
}
19631958
},
@@ -1969,7 +1964,6 @@
19691964
"ascending",
19701965
"descending"
19711966
],
1972-
"format": "enum",
19731967
"type": "string"
19741968
}
19751969
}
@@ -3717,7 +3711,6 @@
37173711
"path",
37183712
"host"
37193713
],
3720-
"format": "enum",
37213714
"type": "string"
37223715
}
37233716
},
@@ -3729,7 +3722,6 @@
37293722
"ascending",
37303723
"descending"
37313724
],
3732-
"format": "enum",
37333725
"type": "string"
37343726
}
37353727
},

0 commit comments

Comments
 (0)