Class: AWSCDK::WAFv2::CfnWebACL::ByteMatchStatementProperty
- Inherits:
-
Jsii::Struct
- Object
- Jsii::Struct
- AWSCDK::WAFv2::CfnWebACL::ByteMatchStatementProperty
- Defined in:
- wa_fv2/cfn_web_acl.rb
Overview
A rule statement that defines a string match search for AWS WAF to apply to web requests.
The byte match statement provides the bytes to search for, the location in requests that you want AWS WAF to search, and other settings. The bytes to search for are typically a string that corresponds with ASCII characters. In the AWS WAF console and the developer guide, this is called a string match statement.
Instance Attribute Summary collapse
-
#field_to_match ⇒ AWSCDK::IResolvable, AWSCDK::WAFv2::CfnWebACL::FieldToMatchProperty
readonly
The part of the web request that you want AWS WAF to inspect.
-
#positional_constraint ⇒ String
readonly
The area within the portion of the web request that you want AWS WAF to search for
SearchString. -
#search_string ⇒ String?
readonly
A string value that you want AWS WAF to search for.
-
#search_string_base64 ⇒ String?
readonly
String to search for in a web request component, base64-encoded.
-
#text_transformations ⇒ AWSCDK::IResolvable, Array<AWSCDK::IResolvable, AWSCDK::WAFv2::CfnWebACL::TextTransformationProperty>
readonly
Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection.
Class Method Summary collapse
Instance Method Summary collapse
-
#initialize(field_to_match:, positional_constraint:, text_transformations:, search_string: nil, search_string_base64: nil) ⇒ ByteMatchStatementProperty
constructor
A new instance of ByteMatchStatementProperty.
- #to_jsii ⇒ Object
Constructor Details
#initialize(field_to_match:, positional_constraint:, text_transformations:, search_string: nil, search_string_base64: nil) ⇒ ByteMatchStatementProperty
Returns a new instance of ByteMatchStatementProperty.
1394 1395 1396 1397 1398 1399 1400 1401 1402 1403 1404 1405 |
# File 'wa_fv2/cfn_web_acl.rb', line 1394 def initialize(field_to_match:, positional_constraint:, text_transformations:, search_string: nil, search_string_base64: nil) @field_to_match = field_to_match.is_a?(Hash) ? ::AWSCDK::WAFv2::CfnWebACL::FieldToMatchProperty.new(**field_to_match.transform_keys(&:to_sym)) : field_to_match Jsii::Type.check_type(@field_to_match, JSON.parse(Base64.strict_decode64("eyJ1bmlvbiI6eyJ0eXBlcyI6W3siZnFuIjoiYXdzLWNkay1saWIuSVJlc29sdmFibGUifSx7ImZxbiI6ImF3cy1jZGstbGliLmF3c193YWZ2Mi5DZm5XZWJBQ0wuRmllbGRUb01hdGNoUHJvcGVydHkifV19fQ==")), "fieldToMatch") @positional_constraint = positional_constraint Jsii::Type.check_type(@positional_constraint, JSON.parse(Base64.strict_decode64("eyJwcmltaXRpdmUiOiJzdHJpbmcifQ==")), "positionalConstraint") @text_transformations = text_transformations Jsii::Type.check_type(@text_transformations, JSON.parse(Base64.strict_decode64("eyJ1bmlvbiI6eyJ0eXBlcyI6W3siZnFuIjoiYXdzLWNkay1saWIuSVJlc29sdmFibGUifSx7ImNvbGxlY3Rpb24iOnsiZWxlbWVudHR5cGUiOnsidW5pb24iOnsidHlwZXMiOlt7ImZxbiI6ImF3cy1jZGstbGliLklSZXNvbHZhYmxlIn0seyJmcW4iOiJhd3MtY2RrLWxpYi5hd3Nfd2FmdjIuQ2ZuV2ViQUNMLlRleHRUcmFuc2Zvcm1hdGlvblByb3BlcnR5In1dfX0sImtpbmQiOiJhcnJheSJ9fV19fQ==")), "textTransformations") @search_string = search_string Jsii::Type.check_type(@search_string, JSON.parse(Base64.strict_decode64("eyJwcmltaXRpdmUiOiJzdHJpbmcifQ==")), "searchString") unless @search_string.nil? @search_string_base64 = search_string_base64 Jsii::Type.check_type(@search_string_base64, JSON.parse(Base64.strict_decode64("eyJwcmltaXRpdmUiOiJzdHJpbmcifQ==")), "searchStringBase64") unless @search_string_base64.nil? end |
Instance Attribute Details
#field_to_match ⇒ AWSCDK::IResolvable, AWSCDK::WAFv2::CfnWebACL::FieldToMatchProperty (readonly)
The part of the web request that you want AWS WAF to inspect.
1411 1412 1413 |
# File 'wa_fv2/cfn_web_acl.rb', line 1411 def field_to_match @field_to_match end |
#positional_constraint ⇒ String (readonly)
The area within the portion of the web request that you want AWS WAF to search for SearchString .
Valid values include the following:
CONTAINS
The specified part of the web request must include the value of SearchString , but the location doesn't matter.
CONTAINS_WORD
The specified part of the web request must include the value of SearchString , and SearchString must contain only alphanumeric characters or underscore (A-Z, a-z, 0-9, or _). In addition, SearchString must be a word, which means that both of the following are true:
SearchStringis at the beginning of the specified part of the web request or is preceded by a character other than an alphanumeric character or underscore (_). Examples include the value of a header and;BadBot.SearchStringis at the end of the specified part of the web request or is followed by a character other than an alphanumeric character or underscore (_), for example,BadBot;and-BadBot;.
EXACTLY
The value of the specified part of the web request must exactly match the value of SearchString .
STARTS_WITH
The value of SearchString must appear at the beginning of the specified part of the web request.
ENDS_WITH
The value of SearchString must appear at the end of the specified part of the web request.
1441 1442 1443 |
# File 'wa_fv2/cfn_web_acl.rb', line 1441 def positional_constraint @positional_constraint end |
#search_string ⇒ String? (readonly)
A string value that you want AWS WAF to search for.
AWS WAF searches only in the part of web requests that you designate for inspection in FieldToMatch . The maximum length of the value is 200 bytes. For alphabetic characters A-Z and a-z, the value is case sensitive.
Don't encode this string. Provide the value that you want AWS WAF to search for. AWS CloudFormation automatically base64 encodes the value for you.
For example, suppose the value of Type is HEADER and the value of Data is User-Agent . If you want to search the User-Agent header for the value BadBot , you provide the string BadBot in the value of SearchString .
You must specify either SearchString or SearchStringBase64 in a ByteMatchStatement .
1461 1462 1463 |
# File 'wa_fv2/cfn_web_acl.rb', line 1461 def search_string @search_string end |
#search_string_base64 ⇒ String? (readonly)
String to search for in a web request component, base64-encoded.
If you don't want to encode the string, specify the unencoded value in SearchString instead.
You must specify either SearchString or SearchStringBase64 in a ByteMatchStatement .
1470 1471 1472 |
# File 'wa_fv2/cfn_web_acl.rb', line 1470 def search_string_base64 @search_string_base64 end |
#text_transformations ⇒ AWSCDK::IResolvable, Array<AWSCDK::IResolvable, AWSCDK::WAFv2::CfnWebACL::TextTransformationProperty> (readonly)
Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection.
If you specify one or more transformations in a rule statement, AWS WAF performs all transformations on the content of the request component identified by FieldToMatch , starting from the lowest priority setting, before inspecting the content for a match.
1448 1449 1450 |
# File 'wa_fv2/cfn_web_acl.rb', line 1448 def text_transformations @text_transformations end |
Class Method Details
.jsii_properties ⇒ Object
1472 1473 1474 1475 1476 1477 1478 1479 1480 |
# File 'wa_fv2/cfn_web_acl.rb', line 1472 def self.jsii_properties { :field_to_match => "fieldToMatch", :positional_constraint => "positionalConstraint", :text_transformations => "textTransformations", :search_string => "searchString", :search_string_base64 => "searchStringBase64", } end |
Instance Method Details
#to_jsii ⇒ Object
1482 1483 1484 1485 1486 1487 1488 1489 1490 1491 1492 |
# File 'wa_fv2/cfn_web_acl.rb', line 1482 def to_jsii result = {} result.merge!({ "fieldToMatch" => @field_to_match, "positionalConstraint" => @positional_constraint, "textTransformations" => @text_transformations, "searchString" => @search_string, "searchStringBase64" => @search_string_base64, }) result.compact end |