Resource: awsWafSqlInjectionMatchSet
Provides a WAF SQL Injection Match Set Resource
Example Usage
/*Provider bindings are generated by running cdktf get.
See https://cdk.tf/provider-generation for more details.*/
import * as aws from "./.gen/providers/aws";
new aws.wafSqlInjectionMatchSet.WafSqlInjectionMatchSet(
this,
"sql_injection_match_set",
{
name: "tf-sql_injection_match_set",
sqlInjectionMatchTuples: [
{
fieldToMatch: {
type: "QUERY_STRING",
},
textTransformation: "URL_DECODE",
},
],
}
);
Argument Reference
The following arguments are supported:
name- (Required) The name or description of the SQL Injection Match Set.sqlInjectionMatchTuples- (Optional) The parts of web requests that you want AWS WAF to inspect for malicious SQL code and, if you want AWS WAF to inspect a header, the name of the header.
Nested Blocks
sqlInjectionMatchTuples
fieldToMatch- (Required) Specifies where in a web request to look for snippets of malicious SQL code.textTransformation- (Required) Text transformations used to eliminate unusual formatting that attackers use in web requests in an effort to bypass AWS WAF. If you specify a transformation, AWS WAF performs the transformation onfieldToMatchbefore inspecting a request for a match. e.g.,CMD_LINE,HTML_ENTITY_DECODEornone. See docs for all supported values.
fieldToMatch
Arguments
data- (Optional) Whentypeisheader, enter the name of the header that you want to search, e.g.,userAgentorreferer. Iftypeis any other value, omit this field.type- (Required) The part of the web request that you want AWS WAF to search for a specified string. e.g.,header,methodorbody. See docs for all supported values.
Remarks
Attributes Reference
In addition to all arguments above, the following attributes are exported:
id- The ID of the WAF SQL Injection Match Set.
Import
AWS WAF SQL Injection Match Set can be imported using their ID, e.g.,