Resource: awsWafXssMatchSet

Provides a WAF XSS Match Set Resource

Example Usage

/*Provider bindings are generated by running cdktf get.
See https://cdk.tf/provider-generation for more details.*/
import * as aws from "./.gen/providers/aws";
new aws.wafXssMatchSet.WafXssMatchSet(this, "xss_match_set", {
  name: "xss_match_set",
  xssMatchTuples: [
    {
      fieldToMatch: {
        type: "URI",
      },
      textTransformation: "NONE",
    },
    {
      fieldToMatch: {
        type: "QUERY_STRING",
      },
      textTransformation: "NONE",
    },
  ],
});

Argument Reference

The following arguments are supported:

name - (Required) The name or description of the SizeConstraintSet.
xssMatchTuples - (Optional) The parts of web requests that you want to inspect for cross-site scripting attacks.

Nested Blocks

`xssMatchTuples`

fieldToMatch - (Required) Specifies where in a web request to look for cross-site scripting attacks.
textTransformation - (Required) Text transformations used to eliminate unusual formatting that attackers use in web requests in an effort to bypass AWS WAF. If you specify a transformation, AWS WAF performs the transformation on targetString before inspecting a request for a match. e.g., CMD_LINE, HTML_ENTITY_DECODE or none. See docs for all supported values.

`fieldToMatch`

Arguments

data - (Optional) When type is header, enter the name of the header that you want to search, e.g., userAgent or referer. If type is any other value, omit this field.
type - (Required) The part of the web request that you want AWS WAF to search for a specified string. e.g., header, method or body. See docs for all supported values.

Remarks

Attributes Reference

In addition to all arguments above, the following attributes are exported:

id - The ID of the WAF XssMatchSet.
arn - Amazon Resource Name (ARN)

Import

WAF XSS Match Set can be imported using their ID, e.g.,

$ terraform import aws_waf_xss_match_set.example a1b2c3d4-d5f6-7777-8888-9999aaaabbbbcccc