Class: AWSCDK::WAFv2::CfnWebACL::BodyProperty

Inherits:
Jsii::Struct
  • Object
show all
Defined in:
wa_fv2/cfn_web_acl.rb

Overview

Inspect the body of the web request. The body immediately follows the request headers.

This is used to indicate the web request component to inspect, in the FieldToMatch specification.

Instance Attribute Summary collapse

Class Method Summary collapse

Instance Method Summary collapse

Constructor Details

#initialize(oversize_handling: nil) ⇒ BodyProperty

Returns a new instance of BodyProperty.

Parameters:

  • oversize_handling (String, nil) (defaults to: nil)

    What AWS WAF should do if the body is larger than AWS WAF can inspect.



1339
1340
1341
1342
# File 'wa_fv2/cfn_web_acl.rb', line 1339

def initialize(oversize_handling: nil)
  @oversize_handling = oversize_handling
  Jsii::Type.check_type(@oversize_handling, JSON.parse(Base64.strict_decode64("eyJwcmltaXRpdmUiOiJzdHJpbmcifQ==")), "oversizeHandling") unless @oversize_handling.nil?
end

Instance Attribute Details

#oversize_handlingString? (readonly)

What AWS WAF should do if the body is larger than AWS WAF can inspect.

AWS WAF does not support inspecting the entire contents of the web request body if the body exceeds the limit for the resource type. When a web request body is larger than the limit, the underlying host service only forwards the contents that are within the limit to AWS WAF for inspection.

  • For Application Load Balancer and AWS AppSync , the limit is fixed at 8 KB (8,192 bytes).
  • For CloudFront, API Gateway, Amazon Cognito, App Runner, and Verified Access, the default limit is 16 KB (16,384 bytes), and you can increase the limit for each resource type in the web ACL AssociationConfig , for additional processing fees.
  • For AWS Amplify , use the CloudFront limit.

The options for oversize handling are the following:

  • CONTINUE - Inspect the available body contents normally, according to the rule inspection criteria.
  • MATCH - Treat the web request as matching the rule statement. AWS WAF applies the rule action to the request.
  • NO_MATCH - Treat the web request as not matching the rule statement.

You can combine the MATCH or NO_MATCH settings for oversize handling with your rule and web ACL action settings, so that you block any request whose body is over the limit.

Default: CONTINUE



1364
1365
1366
# File 'wa_fv2/cfn_web_acl.rb', line 1364

def oversize_handling
  @oversize_handling
end

Class Method Details

.jsii_propertiesObject



1366
1367
1368
1369
1370
# File 'wa_fv2/cfn_web_acl.rb', line 1366

def self.jsii_properties
  {
    :oversize_handling => "oversizeHandling",
  }
end

Instance Method Details

#to_jsiiObject



1372
1373
1374
1375
1376
1377
1378
# File 'wa_fv2/cfn_web_acl.rb', line 1372

def to_jsii
  result = {}
  result.merge!({
    "oversizeHandling" => @oversize_handling,
  })
  result.compact
end