Resource: awsWafSqlInjectionMatchSet
Provides a WAF SQL Injection Match Set Resource
Example Usage
/*Provider bindings are generated by running cdktf get.
See https://cdk.tf/provider-generation for more details.*/
import * as aws from "./.gen/providers/aws";
new aws.wafSqlInjectionMatchSet.WafSqlInjectionMatchSet(
this,
"sql_injection_match_set",
{
name: "tf-sql_injection_match_set",
sqlInjectionMatchTuples: [
{
fieldToMatch: {
type: "QUERY_STRING",
},
textTransformation: "URL_DECODE",
},
],
}
);
Argument Reference
The following arguments are supported:
name
- (Required) The name or description of the SQL Injection Match Set.sqlInjectionMatchTuples
- (Optional) The parts of web requests that you want AWS WAF to inspect for malicious SQL code and, if you want AWS WAF to inspect a header, the name of the header.
Nested Blocks
sqlInjectionMatchTuples
fieldToMatch
- (Required) Specifies where in a web request to look for snippets of malicious SQL code.textTransformation
- (Required) Text transformations used to eliminate unusual formatting that attackers use in web requests in an effort to bypass AWS WAF. If you specify a transformation, AWS WAF performs the transformation onfieldToMatch
before inspecting a request for a match. e.g.,CMD_LINE
,HTML_ENTITY_DECODE
ornone
. See docs for all supported values.
fieldToMatch
Arguments
data
- (Optional) Whentype
isheader
, enter the name of the header that you want to search, e.g.,userAgent
orreferer
. Iftype
is any other value, omit this field.type
- (Required) The part of the web request that you want AWS WAF to search for a specified string. e.g.,header
,method
orbody
. See docs for all supported values.
Remarks
Attributes Reference
In addition to all arguments above, the following attributes are exported:
id
- The ID of the WAF SQL Injection Match Set.
Import
AWS WAF SQL Injection Match Set can be imported using their ID, e.g.,