Resource: awsWafregionalXssMatchSet
Provides a WAF Regional XSS Match Set Resource for use with Application Load Balancer.
Example Usage
/*Provider bindings are generated by running cdktf get.
See https://cdk.tf/provider-generation for more details.*/
import * as aws from "./.gen/providers/aws";
new aws.wafregionalXssMatchSet.WafregionalXssMatchSet(this, "xss_match_set", {
name: "xss_match_set",
xssMatchTuple: [
{
fieldToMatch: {
type: "URI",
},
textTransformation: "NONE",
},
{
fieldToMatch: {
type: "QUERY_STRING",
},
textTransformation: "NONE",
},
],
});
Argument Reference
The following arguments are supported:
name
- (Required) The name of the setxssMatchTuple
- (Optional) The parts of web requests that you want to inspect for cross-site scripting attacks.
Nested fields
xssMatchTuple
fieldToMatch
- (Required) Specifies where in a web request to look for cross-site scripting attacks.textTransformation
- (Required) Which text transformation, if any, to perform on the web request before inspecting the request for cross-site scripting attacks.
fieldToMatch
data
- (Optional) When the value oftype
isheader
, enter the name of the header that you want the WAF to search, for example,userAgent
orreferer
. If the value oftype
is any other value, omitdata
.type
- (Required) The part of the web request that you want AWS WAF to search for a specified stringE.g.,header
ormethod
Attributes Reference
In addition to all arguments above, the following attributes are exported:
id
- The ID of the Regional WAF XSS Match Set.
Import
AWS WAF Regional XSS Match can be imported using the id
, e.g.,