AWS::WAFv2::WebACL FieldToMatch
The part of a web request that you want AWS WAF to inspect. Include the FieldToMatch types that you want to inspect, with additional specifications as needed, according
to the type.
Syntax
To declare this entity in your AWS CloudFormation template, use the following syntax:
JSON
{ "AllQueryArguments" :Json, "Body" :Json, "JsonBody" :JsonBody, "Method" :Json, "QueryString" :Json, "SingleHeader" :Json, "SingleQueryArgument" :Json, "UriPath" :Json}
YAML
AllQueryArguments:JsonBody:JsonJsonBody:JsonBodyMethod:JsonQueryString:JsonSingleHeader:JsonSingleQueryArgument:JsonUriPath:Json
Properties
AllQueryArguments-
Inspect all query arguments.
Required: No
Type: Json
Update requires: No interruption
Body-
Inspect the request body, which immediately follows the request headers. This is the part of a request that contains any additional data that you want to send to your web server as the HTTP request body, such as data from a form.
Note that only the first 8 KB (8192 bytes) of the request body are forwarded to AWS WAF for inspection by the underlying host service. If you don't need to inspect more than 8 KB, you can guarantee that you don't allow additional bytes in by combining a statement that inspects the body of the web request, such as the
ByteMatchStatementorRegexPatternSetReferenceStatement, with aSizeConstraintStatementthat enforces an 8 KB size limit on the body of the request. AWS WAF doesn't support inspecting the entire contents of web requests whose bodies exceed the 8 KB limit.Required: No
Type: Json
Update requires: No interruption
JsonBody-
Inspect the request body as JSON. The request body immediately follows the request headers. This is the part of a request that contains any additional data that you want to send to your web server as the HTTP request body, such as data from a form.
Note that only the first 8 KB (8192 bytes) of the request body are forwarded to AWS WAF for inspection by the underlying host service. If you don't need to inspect more than 8 KB, you can guarantee that you don't allow additional bytes in by combining a statement that inspects the body of the web request, such as the
ByteMatchStatementorRegexPatternSetReferenceStatement, with aSizeConstraintStatementthat enforces an 8 KB size limit on the body of the request. AWS WAF doesn't support inspecting the entire contents of web requests whose bodies exceed the 8 KB limit.Required: No
Type: JsonBody
Update requires: No interruption
Method-
Inspect the HTTP method. The method indicates the type of operation that the request is asking the origin to perform.
Required: No
Type: Json
Update requires: No interruption
QueryString-
Inspect the query string. This is the part of a URL that appears after a
?character, if any.Required: No
Type: Json
Update requires: No interruption
SingleHeader-
Inspect a single header. Provide the name of the header to inspect, for example,
User-AgentorReferer. This setting isn't case sensitive.Required: No
Type: Json
Update requires: No interruption
SingleQueryArgument-
Inspect a single query argument. Provide the name of the query argument to inspect, such as UserName or SalesRegion. The name can be up to 30 characters long and isn't case sensitive.
Required: No
Type: Json
Update requires: No interruption
UriPath-
Inspect the request URI path. This is the part of a web request that identifies a resource, for example,
/images/daily-ad.jpg.Required: No
Type: Json
Update requires: No interruption
