Class: AWSCDK::WAFv2::CfnWebACL::SqliMatchStatementProperty

Inherits:
Jsii::Struct
  • Object
show all
Defined in:
wa_fv2/cfn_web_acl.rb

Overview

A rule statement that inspects for malicious SQL code.

Attackers insert malicious SQL code into web requests to do things like modify your database or extract data from it.

Instance Attribute Summary collapse

Class Method Summary collapse

Instance Method Summary collapse

Constructor Details

#initialize(field_to_match:, text_transformations:, sensitivity_level: nil) ⇒ SqliMatchStatementProperty

Returns a new instance of SqliMatchStatementProperty.

Parameters:



6009
6010
6011
6012
6013
6014
6015
6016
# File 'wa_fv2/cfn_web_acl.rb', line 6009

def initialize(field_to_match:, text_transformations:, sensitivity_level: nil)
  @field_to_match = field_to_match.is_a?(Hash) ? ::AWSCDK::WAFv2::CfnWebACL::FieldToMatchProperty.new(**field_to_match.transform_keys(&:to_sym)) : field_to_match
  Jsii::Type.check_type(@field_to_match, JSON.parse(Base64.strict_decode64("eyJ1bmlvbiI6eyJ0eXBlcyI6W3siZnFuIjoiYXdzLWNkay1saWIuSVJlc29sdmFibGUifSx7ImZxbiI6ImF3cy1jZGstbGliLmF3c193YWZ2Mi5DZm5XZWJBQ0wuRmllbGRUb01hdGNoUHJvcGVydHkifV19fQ==")), "fieldToMatch")
  @text_transformations = text_transformations
  Jsii::Type.check_type(@text_transformations, JSON.parse(Base64.strict_decode64("eyJ1bmlvbiI6eyJ0eXBlcyI6W3siZnFuIjoiYXdzLWNkay1saWIuSVJlc29sdmFibGUifSx7ImNvbGxlY3Rpb24iOnsiZWxlbWVudHR5cGUiOnsidW5pb24iOnsidHlwZXMiOlt7ImZxbiI6ImF3cy1jZGstbGliLklSZXNvbHZhYmxlIn0seyJmcW4iOiJhd3MtY2RrLWxpYi5hd3Nfd2FmdjIuQ2ZuV2ViQUNMLlRleHRUcmFuc2Zvcm1hdGlvblByb3BlcnR5In1dfX0sImtpbmQiOiJhcnJheSJ9fV19fQ==")), "textTransformations")
  @sensitivity_level = sensitivity_level
  Jsii::Type.check_type(@sensitivity_level, JSON.parse(Base64.strict_decode64("eyJwcmltaXRpdmUiOiJzdHJpbmcifQ==")), "sensitivityLevel") unless @sensitivity_level.nil?
end

Instance Attribute Details

#field_to_matchAWSCDK::IResolvable, AWSCDK::WAFv2::CfnWebACL::FieldToMatchProperty (readonly)

The part of the web request that you want AWS WAF to inspect.



6022
6023
6024
# File 'wa_fv2/cfn_web_acl.rb', line 6022

def field_to_match
  @field_to_match
end

#sensitivity_levelString? (readonly)

The sensitivity that you want AWS WAF to use to inspect for SQL injection attacks.

HIGH detects more attacks, but might generate more false positives, especially if your web requests frequently contain unusual strings. For information about identifying and mitigating false positives, see Testing and tuning in the AWS WAF Developer Guide .

LOW is generally a better choice for resources that already have other protections against SQL injection attacks or that have a low tolerance for false positives.

Default: LOW



6040
6041
6042
# File 'wa_fv2/cfn_web_acl.rb', line 6040

def sensitivity_level
  @sensitivity_level
end

#text_transformationsAWSCDK::IResolvable, Array<AWSCDK::IResolvable, AWSCDK::WAFv2::CfnWebACL::TextTransformationProperty> (readonly)

Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection.

If you specify one or more transformations in a rule statement, AWS WAF performs all transformations on the content of the request component identified by FieldToMatch , starting from the lowest priority setting, before inspecting the content for a match.



6029
6030
6031
# File 'wa_fv2/cfn_web_acl.rb', line 6029

def text_transformations
  @text_transformations
end

Class Method Details

.jsii_propertiesObject



6042
6043
6044
6045
6046
6047
6048
# File 'wa_fv2/cfn_web_acl.rb', line 6042

def self.jsii_properties
  {
    :field_to_match => "fieldToMatch",
    :text_transformations => "textTransformations",
    :sensitivity_level => "sensitivityLevel",
  }
end

Instance Method Details

#to_jsiiObject



6050
6051
6052
6053
6054
6055
6056
6057
6058
# File 'wa_fv2/cfn_web_acl.rb', line 6050

def to_jsii
  result = {}
  result.merge!({
    "fieldToMatch" => @field_to_match,
    "textTransformations" => @text_transformations,
    "sensitivityLevel" => @sensitivity_level,
  })
  result.compact
end