Class: AWSCDK::WAFv2::CfnWebACL::ResponseInspectionProperty

Inherits:
Jsii::Struct
  • Object
show all
Defined in:
wa_fv2/cfn_web_acl.rb

Overview

The criteria for inspecting responses to login requests and account creation requests, used by the ATP and ACFP rule groups to track login and account creation success and failure rates.

Response inspection is available only in web ACLs that protect Amazon CloudFront distributions.

The rule groups evaluates the responses that your protected resources send back to client login and account creation attempts, keeping count of successful and failed attempts from each IP address and client session. Using this information, the rule group labels and mitigates requests from client sessions and IP addresses with too much suspicious activity in a short amount of time.

This is part of the AWSManagedRulesATPRuleSet and AWSManagedRulesACFPRuleSet configurations in ManagedRuleGroupConfig .

Enable response inspection by configuring exactly one component of the response to inspect, for example, Header or StatusCode . You can't configure more than one component for inspection. If you don't configure any of the response inspection options, response inspection is disabled.

Instance Attribute Summary collapse

Class Method Summary collapse

Instance Method Summary collapse

Constructor Details

#initialize(body_contains: nil, header: nil, json: nil, status_code: nil) ⇒ ResponseInspectionProperty

Returns a new instance of ResponseInspectionProperty.

Parameters:



5369
5370
5371
5372
5373
5374
5375
5376
5377
5378
# File 'wa_fv2/cfn_web_acl.rb', line 5369

def initialize(body_contains: nil, header: nil, json: nil, status_code: nil)
  @body_contains = body_contains.is_a?(Hash) ? ::AWSCDK::WAFv2::CfnWebACL::ResponseInspectionBodyContainsProperty.new(**body_contains.transform_keys(&:to_sym)) : body_contains
  Jsii::Type.check_type(@body_contains, JSON.parse(Base64.strict_decode64("eyJ1bmlvbiI6eyJ0eXBlcyI6W3siZnFuIjoiYXdzLWNkay1saWIuSVJlc29sdmFibGUifSx7ImZxbiI6ImF3cy1jZGstbGliLmF3c193YWZ2Mi5DZm5XZWJBQ0wuUmVzcG9uc2VJbnNwZWN0aW9uQm9keUNvbnRhaW5zUHJvcGVydHkifV19fQ==")), "bodyContains") unless @body_contains.nil?
  @header = header.is_a?(Hash) ? ::AWSCDK::WAFv2::CfnWebACL::ResponseInspectionHeaderProperty.new(**header.transform_keys(&:to_sym)) : header
  Jsii::Type.check_type(@header, JSON.parse(Base64.strict_decode64("eyJ1bmlvbiI6eyJ0eXBlcyI6W3siZnFuIjoiYXdzLWNkay1saWIuSVJlc29sdmFibGUifSx7ImZxbiI6ImF3cy1jZGstbGliLmF3c193YWZ2Mi5DZm5XZWJBQ0wuUmVzcG9uc2VJbnNwZWN0aW9uSGVhZGVyUHJvcGVydHkifV19fQ==")), "header") unless @header.nil?
  @json = json.is_a?(Hash) ? ::AWSCDK::WAFv2::CfnWebACL::ResponseInspectionJsonProperty.new(**json.transform_keys(&:to_sym)) : json
  Jsii::Type.check_type(@json, JSON.parse(Base64.strict_decode64("eyJ1bmlvbiI6eyJ0eXBlcyI6W3siZnFuIjoiYXdzLWNkay1saWIuSVJlc29sdmFibGUifSx7ImZxbiI6ImF3cy1jZGstbGliLmF3c193YWZ2Mi5DZm5XZWJBQ0wuUmVzcG9uc2VJbnNwZWN0aW9uSnNvblByb3BlcnR5In1dfX0=")), "json") unless @json.nil?
  @status_code = status_code.is_a?(Hash) ? ::AWSCDK::WAFv2::CfnWebACL::ResponseInspectionStatusCodeProperty.new(**status_code.transform_keys(&:to_sym)) : status_code
  Jsii::Type.check_type(@status_code, JSON.parse(Base64.strict_decode64("eyJ1bmlvbiI6eyJ0eXBlcyI6W3siZnFuIjoiYXdzLWNkay1saWIuSVJlc29sdmFibGUifSx7ImZxbiI6ImF3cy1jZGstbGliLmF3c193YWZ2Mi5DZm5XZWJBQ0wuUmVzcG9uc2VJbnNwZWN0aW9uU3RhdHVzQ29kZVByb3BlcnR5In1dfX0=")), "statusCode") unless @status_code.nil?
end

Instance Attribute Details

#body_containsAWSCDK::IResolvable, ... (readonly)

Configures inspection of the response body for success and failure indicators.

AWS WAF can inspect the first 65,536 bytes (64 KB) of the response body.



5386
5387
5388
# File 'wa_fv2/cfn_web_acl.rb', line 5386

def body_contains
  @body_contains
end

#headerAWSCDK::IResolvable, ... (readonly)

Configures inspection of the response header for success and failure indicators.



5391
5392
5393
# File 'wa_fv2/cfn_web_acl.rb', line 5391

def header
  @header
end

#jsonAWSCDK::IResolvable, ... (readonly)

Configures inspection of the response JSON for success and failure indicators.

AWS WAF can inspect the first 65,536 bytes (64 KB) of the response JSON.



5398
5399
5400
# File 'wa_fv2/cfn_web_acl.rb', line 5398

def json
  @json
end

#status_codeAWSCDK::IResolvable, ... (readonly)

Configures inspection of the response status code for success and failure indicators.



5403
5404
5405
# File 'wa_fv2/cfn_web_acl.rb', line 5403

def status_code
  @status_code
end

Class Method Details

.jsii_propertiesObject



5405
5406
5407
5408
5409
5410
5411
5412
# File 'wa_fv2/cfn_web_acl.rb', line 5405

def self.jsii_properties
  {
    :body_contains => "bodyContains",
    :header => "header",
    :json => "json",
    :status_code => "statusCode",
  }
end

Instance Method Details

#to_jsiiObject



5414
5415
5416
5417
5418
5419
5420
5421
5422
5423
# File 'wa_fv2/cfn_web_acl.rb', line 5414

def to_jsii
  result = {}
  result.merge!({
    "bodyContains" => @body_contains,
    "header" => @header,
    "json" => @json,
    "statusCode" => @status_code,
  })
  result.compact
end