Resource: awsWafXssMatchSet
Provides a WAF XSS Match Set Resource
Example Usage
/*Provider bindings are generated by running cdktf get.
See https://cdk.tf/provider-generation for more details.*/
import * as aws from "./.gen/providers/aws";
new aws.wafXssMatchSet.WafXssMatchSet(this, "xss_match_set", {
name: "xss_match_set",
xssMatchTuples: [
{
fieldToMatch: {
type: "URI",
},
textTransformation: "NONE",
},
{
fieldToMatch: {
type: "QUERY_STRING",
},
textTransformation: "NONE",
},
],
});
Argument Reference
The following arguments are supported:
name
- (Required) The name or description of the SizeConstraintSet.xssMatchTuples
- (Optional) The parts of web requests that you want to inspect for cross-site scripting attacks.
Nested Blocks
xssMatchTuples
fieldToMatch
- (Required) Specifies where in a web request to look for cross-site scripting attacks.textTransformation
- (Required) Text transformations used to eliminate unusual formatting that attackers use in web requests in an effort to bypass AWS WAF. If you specify a transformation, AWS WAF performs the transformation ontargetString
before inspecting a request for a match. e.g.,CMD_LINE
,HTML_ENTITY_DECODE
ornone
. See docs for all supported values.
fieldToMatch
Arguments
data
- (Optional) Whentype
isheader
, enter the name of the header that you want to search, e.g.,userAgent
orreferer
. Iftype
is any other value, omit this field.type
- (Required) The part of the web request that you want AWS WAF to search for a specified string. e.g.,header
,method
orbody
. See docs for all supported values.
Remarks
Attributes Reference
In addition to all arguments above, the following attributes are exported:
id
- The ID of the WAF XssMatchSet.arn
- Amazon Resource Name (ARN)
Import
WAF XSS Match Set can be imported using their ID, e.g.,