AWS::WAFv2::WebACL ResponseInspectionHeader

Configures inspection of the response header. This is part of the ResponseInspection configuration for AWSManagedRulesATPRuleSet and AWSManagedRulesACFPRuleSet.

Note

Response inspection is available only in web ACLs that protect Amazon CloudFront distributions.

Syntax

To declare this entity in your AWS CloudFormation template, use the following syntax:

JSON

{
  "FailureValues" : [ String, ... ],
  "Name" : String,
  "SuccessValues" : [ String, ... ]
}

YAML

  FailureValues: 
    - String
  Name: String
  SuccessValues: 
    - String

Properties

FailureValues

Values in the response header with the specified name that indicate a failed login or account creation attempt. To be counted as a failure, the value must be an exact match, including case. Each value must be unique among the success and failure values.

JSON examples: "FailureValues": [ "LoginFailed", "Failed login" ] and "FailureValues": [ "AccountCreationFailed" ]

Required: Yes

Type: Array of String

Minimum: 1 | 1

Maximum: 100 | 3

Update requires: No interruption

Name

The name of the header to match against. The name must be an exact match, including case.

JSON example: "Name": [ "RequestResult" ]

Required: Yes

Type: String

Pattern: .*\S.*

Minimum: 1

Maximum: 200

Update requires: No interruption

SuccessValues

Values in the response header with the specified name that indicate a successful login or account creation attempt. To be counted as a success, the value must be an exact match, including case. Each value must be unique among the success and failure values.

JSON examples: "SuccessValues": [ "LoginPassed", "Successful login" ] and "SuccessValues": [ "AccountCreated", "Successful account creation" ]

Required: Yes

Type: Array of String

Minimum: 1 | 1

Maximum: 100 | 3

Update requires: No interruption