AWS::WAFv2::WebACL ResponseInspectionJson

Configures inspection of the response JSON. AWS WAF can inspect the first 65,536 bytes (64 KB) of the response JSON. This is part of the ResponseInspection configuration for AWSManagedRulesATPRuleSet and AWSManagedRulesACFPRuleSet.

Note

Response inspection is available only in web ACLs that protect Amazon CloudFront distributions.

Syntax

To declare this entity in your AWS CloudFormation template, use the following syntax:

JSON

{
  "FailureValues" : [ String, ... ],
  "Identifier" : String,
  "SuccessValues" : [ String, ... ]
}

YAML

  FailureValues: 
    - String
  Identifier: String
  SuccessValues: 
    - String

Properties

FailureValues

Values for the specified identifier in the response JSON that indicate a failed login or account creation attempt. To be counted as a failure, the value must be an exact match, including case. Each value must be unique among the success and failure values.

JSON example: "FailureValues": [ "False", "Failed" ]

Required: Yes

Type: Array of String

Minimum: 1 | 1

Maximum: 100 | 5

Update requires: No interruption

Identifier

The identifier for the value to match against in the JSON. The identifier must be an exact match, including case.

JSON examples: "Identifier": [ "/login/success" ] and "Identifier": [ "/sign-up/success" ]

Required: Yes

Type: String

Pattern: .*\S.*

Minimum: 1

Maximum: 512

Update requires: No interruption

SuccessValues

Values for the specified identifier in the response JSON that indicate a successful login or account creation attempt. To be counted as a success, the value must be an exact match, including case. Each value must be unique among the success and failure values.

JSON example: "SuccessValues": [ "True", "Succeeded" ]

Required: Yes

Type: Array of String

Minimum: 1 | 1

Maximum: 100 | 5

Update requires: No interruption