Marketplace
BrowsePublish
Marketplace
You are viewing an outdated version of provider-aws.Go to Latest
upbound/provider-aws@v0.26.0
RuleGroup
wafv2.aws.upbound.io
RuleGroup
upbound/provider-aws@v0.26.0wafv2.aws.upbound.io

RuleGroup is the Schema for the RuleGroups API. Creates a WAFv2 rule group resource.

Type

CRD

Group

wafv2.aws.upbound.io

Version

v1beta1

apiVersion: wafv2.aws.upbound.io/v1beta1

kind: RuleGroup

API Documentation
apiVersion
string
kind
string
metadata
object
spec
object
object

RuleGroupSpec defines the desired state of RuleGroup

forProvider
requiredobject
requiredobject

No description provided.

capacity
requirednumber
array

Defines custom response bodies that can be referenced by custom_response actions. See Custom Response Body below for details.

content
requiredstring
contentType
requiredstring
key
requiredstring
name
requiredstring
region
requiredstring
rule
array
array

The rule blocks used to identify the web requests that you want to allow, block, or count. See Rules below for details.

action
requiredarray
requiredarray

The action that AWS WAF should take on a web request when it matches the rule's statement. Settings at the aws_wafv2_web_acl level can override the rule action setting. See Action below for details.

allow
array
array

Instructs AWS WAF to allow the web request. See Allow below for details.

array

Defines custom handling for the web request. See Custom Request Handling below for details.

insertHeader
requiredarray
requiredarray

The insert_header blocks used to define HTTP headers added to the request. See Custom HTTP Header below for details.

name
requiredstring
value
requiredstring
block
array
array

Instructs AWS WAF to block the web request. See Block below for details.

array

Defines a custom response for the web request. See Custom Response below for details.

responseCode
requirednumber
array

The response_header blocks used to define the HTTP response headers added to the response. See Custom HTTP Header below for details.

name
requiredstring
value
requiredstring
count
array
array

Instructs AWS WAF to count the web request and allow it. See Count below for details.

array

Defines custom handling for the web request. See Custom Request Handling below for details.

insertHeader
requiredarray
requiredarray

The insert_header blocks used to define HTTP headers added to the request. See Custom HTTP Header below for details.

name
requiredstring
value
requiredstring
name
requiredstring
priority
requirednumber
array

Labels to apply to web requests that match the rule match statement. See Rule Label below for details.

name
requiredstring
statement
requiredarray
requiredarray

The statements to combine with AND logic. You can use any statements that can be nested. See Statement above for details.

array

A logical rule statement used to combine other rule statements with AND logic. See AND Statement below for details.

statement
requiredarray
requiredarray

The statements to combine with AND logic. You can use any statements that can be nested. See Statement above for details.

array

A logical rule statement used to combine other rule statements with AND logic. See AND Statement below for details.

statement
requiredarray
requiredarray

The statements to combine with AND logic. You can use any statements that can be nested. See Statement above for details.

array

A rule statement that defines a string match search for AWS WAF to apply to web requests. See Byte Match Statement below for details.

array

The part of a web request that you want AWS WAF to inspect. See Field to Match below for details.

array

Inspect all query arguments.

body
array
array

Inspect the request body, which immediately follows the request headers.

method
array
array

Inspect the HTTP method. The method indicates the type of operation that the request is asking the origin to perform.

array

Inspect the query string. This is the part of a URL that appears after a ? character, if any.

array

Inspect a single header. See Single Header below for details.

name
requiredstring
array

Inspect a single query argument. See Single Query Argument below for details.

name
requiredstring
uriPath
array
array

Inspect the request URI path. This is the part of a web request that identifies a resource, for example, /images/daily-ad.jpg.

positionalConstraint
requiredstring
searchString
requiredstring
textTransformation
requiredarray
requiredarray

Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. See Text Transformation below for details.

priority
requirednumber
type
requiredstring
array

A rule statement used to identify web requests based on country of origin. See GEO Match Statement below for details.

countryCodes
requiredarray
requiredarray

An array of two-character country codes, for example, [ "US", "CN" ], from the alpha-2 country ISO codes of the ISO 3166 international standard. See the documentation for valid values.

array

The configuration for inspecting IP addresses in an HTTP header that you specify, instead of using the IP address that's reported by the web request origin. See Forwarded IP Config below for details.

fallbackBehavior
requiredstring
headerName
requiredstring
array

A rule statement used to detect web requests coming from particular IP addresses or address ranges. See IP Set Reference Statement below for details.

arn
requiredstring
array

The configuration for inspecting IP addresses in an HTTP header that you specify, instead of using the IP address that's reported by the web request origin. See IPSet Forwarded IP Config below for more details.

fallbackBehavior
requiredstring
headerName
requiredstring
position
requiredstring
array

A rule statement that defines a string match search against labels that have been added to the web request by rules that have already run in the web ACL. See Label Match Statement below for details.

key
requiredstring
scope
requiredstring
array

A rule statement used to search web request components for matches with regular expressions. See Regex Pattern Set Reference Statement below for details.

arn
requiredstring
array

The part of a web request that you want AWS WAF to inspect. See Field to Match below for details.

array

Inspect all query arguments.

body
array
array

Inspect the request body, which immediately follows the request headers.

method
array
array

Inspect the HTTP method. The method indicates the type of operation that the request is asking the origin to perform.

array

Inspect the query string. This is the part of a URL that appears after a ? character, if any.

array

Inspect a single header. See Single Header below for details.

name
requiredstring
array

Inspect a single query argument. See Single Query Argument below for details.

name
requiredstring
uriPath
array
array

Inspect the request URI path. This is the part of a web request that identifies a resource, for example, /images/daily-ad.jpg.

textTransformation
requiredarray
requiredarray

Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. See Text Transformation below for details.

priority
requirednumber
type
requiredstring
array

A rule statement that compares a number of bytes against the size of a request component, using a comparison operator, such as greater than (>) or less than (<). See Size Constraint Statement below for more details.

comparisonOperator
requiredstring
array

The part of a web request that you want AWS WAF to inspect. See Field to Match below for details.

array

Inspect all query arguments.

body
array
array

Inspect the request body, which immediately follows the request headers.

method
array
array

Inspect the HTTP method. The method indicates the type of operation that the request is asking the origin to perform.

array

Inspect the query string. This is the part of a URL that appears after a ? character, if any.

array

Inspect a single header. See Single Header below for details.

name
requiredstring
array

Inspect a single query argument. See Single Query Argument below for details.

name
requiredstring
uriPath
array
array

Inspect the request URI path. This is the part of a web request that identifies a resource, for example, /images/daily-ad.jpg.

size
requirednumber
textTransformation
requiredarray
requiredarray

Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. See Text Transformation below for details.

priority
requirednumber
type
requiredstring
array

An SQL injection match condition identifies the part of web requests, such as the URI or the query string, that you want AWS WAF to inspect. See SQL Injection Match Statement below for details.

array

The part of a web request that you want AWS WAF to inspect. See Field to Match below for details.

array

Inspect all query arguments.

body
array
array

Inspect the request body, which immediately follows the request headers.

method
array
array

Inspect the HTTP method. The method indicates the type of operation that the request is asking the origin to perform.

array

Inspect the query string. This is the part of a URL that appears after a ? character, if any.

array

Inspect a single header. See Single Header below for details.

name
requiredstring
array

Inspect a single query argument. See Single Query Argument below for details.

name
requiredstring
uriPath
array
array

Inspect the request URI path. This is the part of a web request that identifies a resource, for example, /images/daily-ad.jpg.

textTransformation
requiredarray
requiredarray

Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. See Text Transformation below for details.

priority
requirednumber
type
requiredstring
array

A rule statement that defines a cross-site scripting (XSS) match search for AWS WAF to apply to web requests. See XSS Match Statement below for details.

array

The part of a web request that you want AWS WAF to inspect. See Field to Match below for details.

array

Inspect all query arguments.

body
array
array

Inspect the request body, which immediately follows the request headers.

method
array
array

Inspect the HTTP method. The method indicates the type of operation that the request is asking the origin to perform.

array

Inspect the query string. This is the part of a URL that appears after a ? character, if any.

array

Inspect a single header. See Single Header below for details.

name
requiredstring
array

Inspect a single query argument. See Single Query Argument below for details.

name
requiredstring
uriPath
array
array

Inspect the request URI path. This is the part of a web request that identifies a resource, for example, /images/daily-ad.jpg.

textTransformation
requiredarray
requiredarray

Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. See Text Transformation below for details.

priority
requirednumber
type
requiredstring
array

A rule statement that defines a string match search for AWS WAF to apply to web requests. See Byte Match Statement below for details.

array

The part of a web request that you want AWS WAF to inspect. See Field to Match below for details.

array

Inspect all query arguments.

body
array
array

Inspect the request body, which immediately follows the request headers.

method
array
array

Inspect the HTTP method. The method indicates the type of operation that the request is asking the origin to perform.

array

Inspect the query string. This is the part of a URL that appears after a ? character, if any.

array

Inspect a single header. See Single Header below for details.

name
requiredstring
array

Inspect a single query argument. See Single Query Argument below for details.

name
requiredstring
uriPath
array
array

Inspect the request URI path. This is the part of a web request that identifies a resource, for example, /images/daily-ad.jpg.

positionalConstraint
requiredstring
searchString
requiredstring
textTransformation
requiredarray
requiredarray

Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. See Text Transformation below for details.

priority
requirednumber
type
requiredstring
array

A rule statement used to identify web requests based on country of origin. See GEO Match Statement below for details.

countryCodes
requiredarray
requiredarray

An array of two-character country codes, for example, [ "US", "CN" ], from the alpha-2 country ISO codes of the ISO 3166 international standard. See the documentation for valid values.

array

The configuration for inspecting IP addresses in an HTTP header that you specify, instead of using the IP address that's reported by the web request origin. See Forwarded IP Config below for details.

fallbackBehavior
requiredstring
headerName
requiredstring
array

A rule statement used to detect web requests coming from particular IP addresses or address ranges. See IP Set Reference Statement below for details.

arn
requiredstring
array

The configuration for inspecting IP addresses in an HTTP header that you specify, instead of using the IP address that's reported by the web request origin. See IPSet Forwarded IP Config below for more details.

fallbackBehavior
requiredstring
headerName
requiredstring
position
requiredstring
array

A rule statement that defines a string match search against labels that have been added to the web request by rules that have already run in the web ACL. See Label Match Statement below for details.

key
requiredstring
scope
requiredstring
array

A logical rule statement used to negate the results of another rule statement. See NOT Statement below for details.

statement
requiredarray
requiredarray

The statements to combine with AND logic. You can use any statements that can be nested. See Statement above for details.

array

A rule statement that defines a string match search for AWS WAF to apply to web requests. See Byte Match Statement below for details.

array

The part of a web request that you want AWS WAF to inspect. See Field to Match below for details.

array

Inspect all query arguments.

body
array
array

Inspect the request body, which immediately follows the request headers.

method
array
array

Inspect the HTTP method. The method indicates the type of operation that the request is asking the origin to perform.

array

Inspect the query string. This is the part of a URL that appears after a ? character, if any.

array

Inspect a single header. See Single Header below for details.

name
requiredstring
array

Inspect a single query argument. See Single Query Argument below for details.

name
requiredstring
uriPath
array
array

Inspect the request URI path. This is the part of a web request that identifies a resource, for example, /images/daily-ad.jpg.

positionalConstraint
requiredstring
searchString
requiredstring
textTransformation
requiredarray
requiredarray

Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. See Text Transformation below for details.

priority
requirednumber
type
requiredstring
array

A rule statement used to identify web requests based on country of origin. See GEO Match Statement below for details.

countryCodes
requiredarray
requiredarray

An array of two-character country codes, for example, [ "US", "CN" ], from the alpha-2 country ISO codes of the ISO 3166 international standard. See the documentation for valid values.

array

The configuration for inspecting IP addresses in an HTTP header that you specify, instead of using the IP address that's reported by the web request origin. See Forwarded IP Config below for details.

fallbackBehavior
requiredstring
headerName
requiredstring
array

A rule statement used to detect web requests coming from particular IP addresses or address ranges. See IP Set Reference Statement below for details.

arn
requiredstring
array

The configuration for inspecting IP addresses in an HTTP header that you specify, instead of using the IP address that's reported by the web request origin. See IPSet Forwarded IP Config below for more details.

fallbackBehavior
requiredstring
headerName
requiredstring
position
requiredstring
array

A rule statement that defines a string match search against labels that have been added to the web request by rules that have already run in the web ACL. See Label Match Statement below for details.

key
requiredstring
scope
requiredstring
array

A rule statement used to search web request components for matches with regular expressions. See Regex Pattern Set Reference Statement below for details.

arn
requiredstring
array

The part of a web request that you want AWS WAF to inspect. See Field to Match below for details.

array

Inspect all query arguments.

body
array
array

Inspect the request body, which immediately follows the request headers.

method
array
array

Inspect the HTTP method. The method indicates the type of operation that the request is asking the origin to perform.

array

Inspect the query string. This is the part of a URL that appears after a ? character, if any.

array

Inspect a single header. See Single Header below for details.

name
requiredstring
array

Inspect a single query argument. See Single Query Argument below for details.

name
requiredstring
uriPath
array
array

Inspect the request URI path. This is the part of a web request that identifies a resource, for example, /images/daily-ad.jpg.

textTransformation
requiredarray
requiredarray

Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. See Text Transformation below for details.

priority
requirednumber
type
requiredstring
array

A rule statement that compares a number of bytes against the size of a request component, using a comparison operator, such as greater than (>) or less than (<). See Size Constraint Statement below for more details.

comparisonOperator
requiredstring
array

The part of a web request that you want AWS WAF to inspect. See Field to Match below for details.

array

Inspect all query arguments.

body
array
array

Inspect the request body, which immediately follows the request headers.

method
array
array

Inspect the HTTP method. The method indicates the type of operation that the request is asking the origin to perform.

array

Inspect the query string. This is the part of a URL that appears after a ? character, if any.

array

Inspect a single header. See Single Header below for details.

name
requiredstring
array

Inspect a single query argument. See Single Query Argument below for details.

name
requiredstring
uriPath
array
array

Inspect the request URI path. This is the part of a web request that identifies a resource, for example, /images/daily-ad.jpg.

size
requirednumber
textTransformation
requiredarray
requiredarray

Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. See Text Transformation below for details.

priority
requirednumber
type
requiredstring
array

An SQL injection match condition identifies the part of web requests, such as the URI or the query string, that you want AWS WAF to inspect. See SQL Injection Match Statement below for details.

array

The part of a web request that you want AWS WAF to inspect. See Field to Match below for details.

array

Inspect all query arguments.

body
array
array

Inspect the request body, which immediately follows the request headers.

method
array
array

Inspect the HTTP method. The method indicates the type of operation that the request is asking the origin to perform.

array

Inspect the query string. This is the part of a URL that appears after a ? character, if any.

array

Inspect a single header. See Single Header below for details.

name
requiredstring
array

Inspect a single query argument. See Single Query Argument below for details.

name
requiredstring
uriPath
array
array

Inspect the request URI path. This is the part of a web request that identifies a resource, for example, /images/daily-ad.jpg.

textTransformation
requiredarray
requiredarray

Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. See Text Transformation below for details.

priority
requirednumber
type
requiredstring
array

A rule statement that defines a cross-site scripting (XSS) match search for AWS WAF to apply to web requests. See XSS Match Statement below for details.

array

The part of a web request that you want AWS WAF to inspect. See Field to Match below for details.

array

Inspect all query arguments.

body
array
array

Inspect the request body, which immediately follows the request headers.

method
array
array

Inspect the HTTP method. The method indicates the type of operation that the request is asking the origin to perform.

array

Inspect the query string. This is the part of a URL that appears after a ? character, if any.

array

Inspect a single header. See Single Header below for details.

name
requiredstring
array

Inspect a single query argument. See Single Query Argument below for details.

name
requiredstring
uriPath
array
array

Inspect the request URI path. This is the part of a web request that identifies a resource, for example, /images/daily-ad.jpg.

textTransformation
requiredarray
requiredarray

Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. See Text Transformation below for details.

priority
requirednumber
type
requiredstring
array

A logical rule statement used to combine other rule statements with OR logic. See OR Statement below for details.

statement
requiredarray
requiredarray

The statements to combine with AND logic. You can use any statements that can be nested. See Statement above for details.

array

A rule statement that defines a string match search for AWS WAF to apply to web requests. See Byte Match Statement below for details.

array

The part of a web request that you want AWS WAF to inspect. See Field to Match below for details.

array

Inspect all query arguments.

body
array
array

Inspect the request body, which immediately follows the request headers.

method
array
array

Inspect the HTTP method. The method indicates the type of operation that the request is asking the origin to perform.

array

Inspect the query string. This is the part of a URL that appears after a ? character, if any.

array

Inspect a single header. See Single Header below for details.

name
requiredstring
array

Inspect a single query argument. See Single Query Argument below for details.

name
requiredstring
uriPath
array
array

Inspect the request URI path. This is the part of a web request that identifies a resource, for example, /images/daily-ad.jpg.

positionalConstraint
requiredstring
searchString
requiredstring
textTransformation
requiredarray
requiredarray

Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. See Text Transformation below for details.

priority
requirednumber
type
requiredstring
array

A rule statement used to identify web requests based on country of origin. See GEO Match Statement below for details.

countryCodes
requiredarray
requiredarray

An array of two-character country codes, for example, [ "US", "CN" ], from the alpha-2 country ISO codes of the ISO 3166 international standard. See the documentation for valid values.

array

The configuration for inspecting IP addresses in an HTTP header that you specify, instead of using the IP address that's reported by the web request origin. See Forwarded IP Config below for details.

fallbackBehavior
requiredstring
headerName
requiredstring
array

A rule statement used to detect web requests coming from particular IP addresses or address ranges. See IP Set Reference Statement below for details.

arn
requiredstring
array

The configuration for inspecting IP addresses in an HTTP header that you specify, instead of using the IP address that's reported by the web request origin. See IPSet Forwarded IP Config below for more details.

fallbackBehavior
requiredstring
headerName
requiredstring
position
requiredstring
array

A rule statement that defines a string match search against labels that have been added to the web request by rules that have already run in the web ACL. See Label Match Statement below for details.

key
requiredstring
scope
requiredstring
array

A rule statement used to search web request components for matches with regular expressions. See Regex Pattern Set Reference Statement below for details.

arn
requiredstring
array

The part of a web request that you want AWS WAF to inspect. See Field to Match below for details.

array

Inspect all query arguments.

body
array
array

Inspect the request body, which immediately follows the request headers.

method
array
array

Inspect the HTTP method. The method indicates the type of operation that the request is asking the origin to perform.

array

Inspect the query string. This is the part of a URL that appears after a ? character, if any.

array

Inspect a single header. See Single Header below for details.

name
requiredstring
array

Inspect a single query argument. See Single Query Argument below for details.

name
requiredstring
uriPath
array
array

Inspect the request URI path. This is the part of a web request that identifies a resource, for example, /images/daily-ad.jpg.

textTransformation
requiredarray
requiredarray

Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. See Text Transformation below for details.

priority
requirednumber
type
requiredstring
array

A rule statement that compares a number of bytes against the size of a request component, using a comparison operator, such as greater than (>) or less than (<). See Size Constraint Statement below for more details.

comparisonOperator
requiredstring
array

The part of a web request that you want AWS WAF to inspect. See Field to Match below for details.

array

Inspect all query arguments.

body
array
array

Inspect the request body, which immediately follows the request headers.

method
array
array

Inspect the HTTP method. The method indicates the type of operation that the request is asking the origin to perform.

array

Inspect the query string. This is the part of a URL that appears after a ? character, if any.

array

Inspect a single header. See Single Header below for details.

name
requiredstring
array

Inspect a single query argument. See Single Query Argument below for details.

name
requiredstring
uriPath
array
array

Inspect the request URI path. This is the part of a web request that identifies a resource, for example, /images/daily-ad.jpg.

size
requirednumber
textTransformation
requiredarray
requiredarray

Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. See Text Transformation below for details.

priority
requirednumber
type
requiredstring
array

An SQL injection match condition identifies the part of web requests, such as the URI or the query string, that you want AWS WAF to inspect. See SQL Injection Match Statement below for details.

array

The part of a web request that you want AWS WAF to inspect. See Field to Match below for details.

array

Inspect all query arguments.

body
array
array

Inspect the request body, which immediately follows the request headers.

method
array
array

Inspect the HTTP method. The method indicates the type of operation that the request is asking the origin to perform.

array

Inspect the query string. This is the part of a URL that appears after a ? character, if any.

array

Inspect a single header. See Single Header below for details.

name
requiredstring
array

Inspect a single query argument. See Single Query Argument below for details.

name
requiredstring
uriPath
array
array

Inspect the request URI path. This is the part of a web request that identifies a resource, for example, /images/daily-ad.jpg.

textTransformation
requiredarray
requiredarray

Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. See Text Transformation below for details.

priority
requirednumber
type
requiredstring
array

A rule statement that defines a cross-site scripting (XSS) match search for AWS WAF to apply to web requests. See XSS Match Statement below for details.

array

The part of a web request that you want AWS WAF to inspect. See Field to Match below for details.

array

Inspect all query arguments.

body
array
array

Inspect the request body, which immediately follows the request headers.

method
array
array

Inspect the HTTP method. The method indicates the type of operation that the request is asking the origin to perform.

array

Inspect the query string. This is the part of a URL that appears after a ? character, if any.

array

Inspect a single header. See Single Header below for details.

name
requiredstring
array

Inspect a single query argument. See Single Query Argument below for details.

name
requiredstring
uriPath
array
array

Inspect the request URI path. This is the part of a web request that identifies a resource, for example, /images/daily-ad.jpg.

textTransformation
requiredarray
requiredarray

Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. See Text Transformation below for details.

priority
requirednumber
type
requiredstring
array

A rule statement used to search web request components for matches with regular expressions. See Regex Pattern Set Reference Statement below for details.

arn
requiredstring
array

The part of a web request that you want AWS WAF to inspect. See Field to Match below for details.

array

Inspect all query arguments.

body
array
array

Inspect the request body, which immediately follows the request headers.

method
array
array

Inspect the HTTP method. The method indicates the type of operation that the request is asking the origin to perform.

array

Inspect the query string. This is the part of a URL that appears after a ? character, if any.

array

Inspect a single header. See Single Header below for details.

name
requiredstring
array

Inspect a single query argument. See Single Query Argument below for details.

name
requiredstring
uriPath
array
array

Inspect the request URI path. This is the part of a web request that identifies a resource, for example, /images/daily-ad.jpg.

textTransformation
requiredarray
requiredarray

Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. See Text Transformation below for details.

priority
requirednumber
type
requiredstring
array

A rule statement that compares a number of bytes against the size of a request component, using a comparison operator, such as greater than (>) or less than (<). See Size Constraint Statement below for more details.

comparisonOperator
requiredstring
array

The part of a web request that you want AWS WAF to inspect. See Field to Match below for details.

array

Inspect all query arguments.

body
array
array

Inspect the request body, which immediately follows the request headers.

method
array
array

Inspect the HTTP method. The method indicates the type of operation that the request is asking the origin to perform.

array

Inspect the query string. This is the part of a URL that appears after a ? character, if any.

array

Inspect a single header. See Single Header below for details.

name
requiredstring
array

Inspect a single query argument. See Single Query Argument below for details.

name
requiredstring
uriPath
array
array

Inspect the request URI path. This is the part of a web request that identifies a resource, for example, /images/daily-ad.jpg.

size
requirednumber
textTransformation
requiredarray
requiredarray

Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. See Text Transformation below for details.

priority
requirednumber
type
requiredstring
array

An SQL injection match condition identifies the part of web requests, such as the URI or the query string, that you want AWS WAF to inspect. See SQL Injection Match Statement below for details.

array

The part of a web request that you want AWS WAF to inspect. See Field to Match below for details.

array

Inspect all query arguments.

body
array
array

Inspect the request body, which immediately follows the request headers.

method
array
array

Inspect the HTTP method. The method indicates the type of operation that the request is asking the origin to perform.

array

Inspect the query string. This is the part of a URL that appears after a ? character, if any.

array

Inspect a single header. See Single Header below for details.

name
requiredstring
array

Inspect a single query argument. See Single Query Argument below for details.

name
requiredstring
uriPath
array
array

Inspect the request URI path. This is the part of a web request that identifies a resource, for example, /images/daily-ad.jpg.

textTransformation
requiredarray
requiredarray

Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. See Text Transformation below for details.

priority
requirednumber
type
requiredstring
array

A rule statement that defines a cross-site scripting (XSS) match search for AWS WAF to apply to web requests. See XSS Match Statement below for details.

array

The part of a web request that you want AWS WAF to inspect. See Field to Match below for details.

array

Inspect all query arguments.

body
array
array

Inspect the request body, which immediately follows the request headers.

method
array
array

Inspect the HTTP method. The method indicates the type of operation that the request is asking the origin to perform.

array

Inspect the query string. This is the part of a URL that appears after a ? character, if any.

array

Inspect a single header. See Single Header below for details.

name
requiredstring
array

Inspect a single query argument. See Single Query Argument below for details.

name
requiredstring
uriPath
array
array

Inspect the request URI path. This is the part of a web request that identifies a resource, for example, /images/daily-ad.jpg.

textTransformation
requiredarray
requiredarray

Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. See Text Transformation below for details.

priority
requirednumber
type
requiredstring
array

A rule statement that defines a string match search for AWS WAF to apply to web requests. See Byte Match Statement below for details.

array

The part of a web request that you want AWS WAF to inspect. See Field to Match below for details.

array

Inspect all query arguments.

body
array
array

Inspect the request body, which immediately follows the request headers.

method
array
array

Inspect the HTTP method. The method indicates the type of operation that the request is asking the origin to perform.

array

Inspect the query string. This is the part of a URL that appears after a ? character, if any.

array

Inspect a single header. See Single Header below for details.

name
requiredstring
array

Inspect a single query argument. See Single Query Argument below for details.

name
requiredstring
uriPath
array
array

Inspect the request URI path. This is the part of a web request that identifies a resource, for example, /images/daily-ad.jpg.

positionalConstraint
requiredstring
searchString
requiredstring
textTransformation
requiredarray
requiredarray

Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. See Text Transformation below for details.

priority
requirednumber
type
requiredstring
array

A rule statement used to identify web requests based on country of origin. See GEO Match Statement below for details.

countryCodes
requiredarray
requiredarray

An array of two-character country codes, for example, [ "US", "CN" ], from the alpha-2 country ISO codes of the ISO 3166 international standard. See the documentation for valid values.

array

The configuration for inspecting IP addresses in an HTTP header that you specify, instead of using the IP address that's reported by the web request origin. See Forwarded IP Config below for details.

fallbackBehavior
requiredstring
headerName
requiredstring
array

A rule statement used to detect web requests coming from particular IP addresses or address ranges. See IP Set Reference Statement below for details.

arn
requiredstring
array

The configuration for inspecting IP addresses in an HTTP header that you specify, instead of using the IP address that's reported by the web request origin. See IPSet Forwarded IP Config below for more details.

fallbackBehavior
requiredstring
headerName
requiredstring
position
requiredstring
array

A rule statement that defines a string match search against labels that have been added to the web request by rules that have already run in the web ACL. See Label Match Statement below for details.

key
requiredstring
scope
requiredstring
array

A logical rule statement used to negate the results of another rule statement. See NOT Statement below for details.

statement
requiredarray
requiredarray

The statements to combine with AND logic. You can use any statements that can be nested. See Statement above for details.

array

A logical rule statement used to combine other rule statements with AND logic. See AND Statement below for details.

statement
requiredarray
requiredarray

The statements to combine with AND logic. You can use any statements that can be nested. See Statement above for details.

array

A rule statement that defines a string match search for AWS WAF to apply to web requests. See Byte Match Statement below for details.

array

The part of a web request that you want AWS WAF to inspect. See Field to Match below for details.

array

Inspect all query arguments.

body
array
array

Inspect the request body, which immediately follows the request headers.

method
array
array

Inspect the HTTP method. The method indicates the type of operation that the request is asking the origin to perform.

array

Inspect the query string. This is the part of a URL that appears after a ? character, if any.

array

Inspect a single header. See Single Header below for details.

name
requiredstring
array

Inspect a single query argument. See Single Query Argument below for details.

name
requiredstring
uriPath
array
array

Inspect the request URI path. This is the part of a web request that identifies a resource, for example, /images/daily-ad.jpg.

positionalConstraint
requiredstring
searchString
requiredstring
textTransformation
requiredarray
requiredarray

Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. See Text Transformation below for details.

priority
requirednumber
type
requiredstring
array

A rule statement used to identify web requests based on country of origin. See GEO Match Statement below for details.

countryCodes
requiredarray
requiredarray

An array of two-character country codes, for example, [ "US", "CN" ], from the alpha-2 country ISO codes of the ISO 3166 international standard. See the documentation for valid values.

array

The configuration for inspecting IP addresses in an HTTP header that you specify, instead of using the IP address that's reported by the web request origin. See Forwarded IP Config below for details.

fallbackBehavior
requiredstring
headerName
requiredstring
array

A rule statement used to detect web requests coming from particular IP addresses or address ranges. See IP Set Reference Statement below for details.

arn
requiredstring
array

The configuration for inspecting IP addresses in an HTTP header that you specify, instead of using the IP address that's reported by the web request origin. See IPSet Forwarded IP Config below for more details.

fallbackBehavior
requiredstring
headerName
requiredstring
position
requiredstring
array

A rule statement that defines a string match search against labels that have been added to the web request by rules that have already run in the web ACL. See Label Match Statement below for details.

key
requiredstring
scope
requiredstring
array

A rule statement used to search web request components for matches with regular expressions. See Regex Pattern Set Reference Statement below for details.

arn
requiredstring
array

The part of a web request that you want AWS WAF to inspect. See Field to Match below for details.

array

Inspect all query arguments.

body
array
array

Inspect the request body, which immediately follows the request headers.

method
array
array

Inspect the HTTP method. The method indicates the type of operation that the request is asking the origin to perform.

array

Inspect the query string. This is the part of a URL that appears after a ? character, if any.

array

Inspect a single header. See Single Header below for details.

name
requiredstring
array

Inspect a single query argument. See Single Query Argument below for details.

name
requiredstring
uriPath
array
array

Inspect the request URI path. This is the part of a web request that identifies a resource, for example, /images/daily-ad.jpg.

textTransformation
requiredarray
requiredarray

Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. See Text Transformation below for details.

priority
requirednumber
type
requiredstring
array

A rule statement that compares a number of bytes against the size of a request component, using a comparison operator, such as greater than (>) or less than (<). See Size Constraint Statement below for more details.

comparisonOperator
requiredstring
array

The part of a web request that you want AWS WAF to inspect. See Field to Match below for details.

array

Inspect all query arguments.

body
array
array

Inspect the request body, which immediately follows the request headers.

method
array
array

Inspect the HTTP method. The method indicates the type of operation that the request is asking the origin to perform.

array

Inspect the query string. This is the part of a URL that appears after a ? character, if any.

array

Inspect a single header. See Single Header below for details.

name
requiredstring
array

Inspect a single query argument. See Single Query Argument below for details.

name
requiredstring
uriPath
array
array

Inspect the request URI path. This is the part of a web request that identifies a resource, for example, /images/daily-ad.jpg.

size
requirednumber
textTransformation
requiredarray
requiredarray

Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. See Text Transformation below for details.

priority
requirednumber
type
requiredstring
array

An SQL injection match condition identifies the part of web requests, such as the URI or the query string, that you want AWS WAF to inspect. See SQL Injection Match Statement below for details.

array

The part of a web request that you want AWS WAF to inspect. See Field to Match below for details.

array

Inspect all query arguments.

body
array
array

Inspect the request body, which immediately follows the request headers.

method
array
array

Inspect the HTTP method. The method indicates the type of operation that the request is asking the origin to perform.

array

Inspect the query string. This is the part of a URL that appears after a ? character, if any.

array

Inspect a single header. See Single Header below for details.

name
requiredstring
array

Inspect a single query argument. See Single Query Argument below for details.

name
requiredstring
uriPath
array
array

Inspect the request URI path. This is the part of a web request that identifies a resource, for example, /images/daily-ad.jpg.

textTransformation
requiredarray
requiredarray

Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. See Text Transformation below for details.

priority
requirednumber
type
requiredstring
array

A rule statement that defines a cross-site scripting (XSS) match search for AWS WAF to apply to web requests. See XSS Match Statement below for details.

array

The part of a web request that you want AWS WAF to inspect. See Field to Match below for details.

array

Inspect all query arguments.

body
array
array

Inspect the request body, which immediately follows the request headers.

method
array
array

Inspect the HTTP method. The method indicates the type of operation that the request is asking the origin to perform.

array

Inspect the query string. This is the part of a URL that appears after a ? character, if any.

array

Inspect a single header. See Single Header below for details.

name
requiredstring
array

Inspect a single query argument. See Single Query Argument below for details.

name
requiredstring
uriPath
array
array

Inspect the request URI path. This is the part of a web request that identifies a resource, for example, /images/daily-ad.jpg.

textTransformation
requiredarray
requiredarray

Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. See Text Transformation below for details.

priority
requirednumber
type
requiredstring
array

A rule statement that defines a string match search for AWS WAF to apply to web requests. See Byte Match Statement below for details.

array

The part of a web request that you want AWS WAF to inspect. See Field to Match below for details.

array

Inspect all query arguments.

body
array
array

Inspect the request body, which immediately follows the request headers.

method
array
array

Inspect the HTTP method. The method indicates the type of operation that the request is asking the origin to perform.

array

Inspect the query string. This is the part of a URL that appears after a ? character, if any.

array

Inspect a single header. See Single Header below for details.

name
requiredstring
array

Inspect a single query argument. See Single Query Argument below for details.

name
requiredstring
uriPath
array
array

Inspect the request URI path. This is the part of a web request that identifies a resource, for example, /images/daily-ad.jpg.

positionalConstraint
requiredstring
searchString
requiredstring
textTransformation
requiredarray
requiredarray

Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. See Text Transformation below for details.

priority
requirednumber
type
requiredstring
array

A rule statement used to identify web requests based on country of origin. See GEO Match Statement below for details.

countryCodes
requiredarray
requiredarray

An array of two-character country codes, for example, [ "US", "CN" ], from the alpha-2 country ISO codes of the ISO 3166 international standard. See the documentation for valid values.

array

The configuration for inspecting IP addresses in an HTTP header that you specify, instead of using the IP address that's reported by the web request origin. See Forwarded IP Config below for details.

fallbackBehavior
requiredstring
headerName
requiredstring
array

A rule statement used to detect web requests coming from particular IP addresses or address ranges. See IP Set Reference Statement below for details.

arn
requiredstring
array

The configuration for inspecting IP addresses in an HTTP header that you specify, instead of using the IP address that's reported by the web request origin. See IPSet Forwarded IP Config below for more details.

fallbackBehavior
requiredstring
headerName
requiredstring
position
requiredstring
array

A rule statement that defines a string match search against labels that have been added to the web request by rules that have already run in the web ACL. See Label Match Statement below for details.

key
requiredstring
scope
requiredstring
array

A logical rule statement used to negate the results of another rule statement. See NOT Statement below for details.

statement
requiredarray
requiredarray

The statements to combine with AND logic. You can use any statements that can be nested. See Statement above for details.

array

A rule statement that defines a string match search for AWS WAF to apply to web requests. See Byte Match Statement below for details.

array

The part of a web request that you want AWS WAF to inspect. See Field to Match below for details.

array

Inspect all query arguments.

body
array
array

Inspect the request body, which immediately follows the request headers.

method
array
array

Inspect the HTTP method. The method indicates the type of operation that the request is asking the origin to perform.

array

Inspect the query string. This is the part of a URL that appears after a ? character, if any.

array

Inspect a single header. See Single Header below for details.

name
requiredstring
array

Inspect a single query argument. See Single Query Argument below for details.

name
requiredstring
uriPath
array
array

Inspect the request URI path. This is the part of a web request that identifies a resource, for example, /images/daily-ad.jpg.

positionalConstraint
requiredstring
searchString
requiredstring
textTransformation
requiredarray
requiredarray

Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. See Text Transformation below for details.

priority
requirednumber
type
requiredstring
array

A rule statement used to identify web requests based on country of origin. See GEO Match Statement below for details.

countryCodes
requiredarray
requiredarray

An array of two-character country codes, for example, [ "US", "CN" ], from the alpha-2 country ISO codes of the ISO 3166 international standard. See the documentation for valid values.

array

The configuration for inspecting IP addresses in an HTTP header that you specify, instead of using the IP address that's reported by the web request origin. See Forwarded IP Config below for details.

fallbackBehavior
requiredstring
headerName
requiredstring
array

A rule statement used to detect web requests coming from particular IP addresses or address ranges. See IP Set Reference Statement below for details.

arn
requiredstring
array

The configuration for inspecting IP addresses in an HTTP header that you specify, instead of using the IP address that's reported by the web request origin. See IPSet Forwarded IP Config below for more details.

fallbackBehavior
requiredstring
headerName
requiredstring
position
requiredstring
array

A rule statement that defines a string match search against labels that have been added to the web request by rules that have already run in the web ACL. See Label Match Statement below for details.

key
requiredstring
scope
requiredstring
array

A rule statement used to search web request components for matches with regular expressions. See Regex Pattern Set Reference Statement below for details.

arn
requiredstring
array

The part of a web request that you want AWS WAF to inspect. See Field to Match below for details.

array

Inspect all query arguments.

body
array
array

Inspect the request body, which immediately follows the request headers.

method
array
array

Inspect the HTTP method. The method indicates the type of operation that the request is asking the origin to perform.

array

Inspect the query string. This is the part of a URL that appears after a ? character, if any.

array

Inspect a single header. See Single Header below for details.

name
requiredstring
array

Inspect a single query argument. See Single Query Argument below for details.

name
requiredstring
uriPath
array
array

Inspect the request URI path. This is the part of a web request that identifies a resource, for example, /images/daily-ad.jpg.

textTransformation
requiredarray
requiredarray

Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. See Text Transformation below for details.

priority
requirednumber
type
requiredstring
array

A rule statement that compares a number of bytes against the size of a request component, using a comparison operator, such as greater than (>) or less than (<). See Size Constraint Statement below for more details.

comparisonOperator
requiredstring
array

The part of a web request that you want AWS WAF to inspect. See Field to Match below for details.

array

Inspect all query arguments.

body
array
array

Inspect the request body, which immediately follows the request headers.

method
array
array

Inspect the HTTP method. The method indicates the type of operation that the request is asking the origin to perform.

array

Inspect the query string. This is the part of a URL that appears after a ? character, if any.

array

Inspect a single header. See Single Header below for details.

name
requiredstring
array

Inspect a single query argument. See Single Query Argument below for details.

name
requiredstring
uriPath
array
array

Inspect the request URI path. This is the part of a web request that identifies a resource, for example, /images/daily-ad.jpg.

size
requirednumber
textTransformation
requiredarray
requiredarray

Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. See Text Transformation below for details.

priority
requirednumber
type
requiredstring
array

An SQL injection match condition identifies the part of web requests, such as the URI or the query string, that you want AWS WAF to inspect. See SQL Injection Match Statement below for details.

array

The part of a web request that you want AWS WAF to inspect. See Field to Match below for details.

array

Inspect all query arguments.

body
array
array

Inspect the request body, which immediately follows the request headers.

method
array
array

Inspect the HTTP method. The method indicates the type of operation that the request is asking the origin to perform.

array

Inspect the query string. This is the part of a URL that appears after a ? character, if any.

array

Inspect a single header. See Single Header below for details.

name
requiredstring
array

Inspect a single query argument. See Single Query Argument below for details.

name
requiredstring
uriPath
array
array

Inspect the request URI path. This is the part of a web request that identifies a resource, for example, /images/daily-ad.jpg.

textTransformation
requiredarray
requiredarray

Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. See Text Transformation below for details.

priority
requirednumber
type
requiredstring
array

A rule statement that defines a cross-site scripting (XSS) match search for AWS WAF to apply to web requests. See XSS Match Statement below for details.

array

The part of a web request that you want AWS WAF to inspect. See Field to Match below for details.

array

Inspect all query arguments.

body
array
array

Inspect the request body, which immediately follows the request headers.

method
array
array

Inspect the HTTP method. The method indicates the type of operation that the request is asking the origin to perform.

array

Inspect the query string. This is the part of a URL that appears after a ? character, if any.

array

Inspect a single header. See Single Header below for details.

name
requiredstring
array

Inspect a single query argument. See Single Query Argument below for details.

name
requiredstring
uriPath
array
array

Inspect the request URI path. This is the part of a web request that identifies a resource, for example, /images/daily-ad.jpg.

textTransformation
requiredarray
requiredarray

Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. See Text Transformation below for details.

priority
requirednumber
type
requiredstring
array

A logical rule statement used to combine other rule statements with OR logic. See OR Statement below for details.

statement
requiredarray
requiredarray

The statements to combine with AND logic. You can use any statements that can be nested. See Statement above for details.

array

A rule statement that defines a string match search for AWS WAF to apply to web requests. See Byte Match Statement below for details.

array

The part of a web request that you want AWS WAF to inspect. See Field to Match below for details.

array

Inspect all query arguments.

body
array
array

Inspect the request body, which immediately follows the request headers.

method
array
array

Inspect the HTTP method. The method indicates the type of operation that the request is asking the origin to perform.

array

Inspect the query string. This is the part of a URL that appears after a ? character, if any.

array

Inspect a single header. See Single Header below for details.

name
requiredstring
array

Inspect a single query argument. See Single Query Argument below for details.

name
requiredstring
uriPath
array
array

Inspect the request URI path. This is the part of a web request that identifies a resource, for example, /images/daily-ad.jpg.

positionalConstraint
requiredstring
searchString
requiredstring
textTransformation
requiredarray
requiredarray

Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. See Text Transformation below for details.

priority
requirednumber
type
requiredstring
array

A rule statement used to identify web requests based on country of origin. See GEO Match Statement below for details.

countryCodes
requiredarray
requiredarray

An array of two-character country codes, for example, [ "US", "CN" ], from the alpha-2 country ISO codes of the ISO 3166 international standard. See the documentation for valid values.

array

The configuration for inspecting IP addresses in an HTTP header that you specify, instead of using the IP address that's reported by the web request origin. See Forwarded IP Config below for details.

fallbackBehavior
requiredstring
headerName
requiredstring
array

A rule statement used to detect web requests coming from particular IP addresses or address ranges. See IP Set Reference Statement below for details.

arn
requiredstring
array

The configuration for inspecting IP addresses in an HTTP header that you specify, instead of using the IP address that's reported by the web request origin. See IPSet Forwarded IP Config below for more details.

fallbackBehavior
requiredstring
headerName
requiredstring
position
requiredstring
array

A rule statement that defines a string match search against labels that have been added to the web request by rules that have already run in the web ACL. See Label Match Statement below for details.

key
requiredstring
scope
requiredstring
array

A rule statement used to search web request components for matches with regular expressions. See Regex Pattern Set Reference Statement below for details.

arn
requiredstring
array

The part of a web request that you want AWS WAF to inspect. See Field to Match below for details.

array

Inspect all query arguments.

body
array
array

Inspect the request body, which immediately follows the request headers.

method
array
array

Inspect the HTTP method. The method indicates the type of operation that the request is asking the origin to perform.

array

Inspect the query string. This is the part of a URL that appears after a ? character, if any.

array

Inspect a single header. See Single Header below for details.

name
requiredstring
array

Inspect a single query argument. See Single Query Argument below for details.

name
requiredstring
uriPath
array
array

Inspect the request URI path. This is the part of a web request that identifies a resource, for example, /images/daily-ad.jpg.

textTransformation
requiredarray
requiredarray

Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. See Text Transformation below for details.

priority
requirednumber
type
requiredstring
array

A rule statement that compares a number of bytes against the size of a request component, using a comparison operator, such as greater than (>) or less than (<). See Size Constraint Statement below for more details.

comparisonOperator
requiredstring
array

The part of a web request that you want AWS WAF to inspect. See Field to Match below for details.

array

Inspect all query arguments.

body
array
array

Inspect the request body, which immediately follows the request headers.

method
array
array

Inspect the HTTP method. The method indicates the type of operation that the request is asking the origin to perform.

array

Inspect the query string. This is the part of a URL that appears after a ? character, if any.

array

Inspect a single header. See Single Header below for details.

name
requiredstring
array

Inspect a single query argument. See Single Query Argument below for details.

name
requiredstring
uriPath
array
array

Inspect the request URI path. This is the part of a web request that identifies a resource, for example, /images/daily-ad.jpg.

size
requirednumber
textTransformation
requiredarray
requiredarray

Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. See Text Transformation below for details.

priority
requirednumber
type
requiredstring
array

An SQL injection match condition identifies the part of web requests, such as the URI or the query string, that you want AWS WAF to inspect. See SQL Injection Match Statement below for details.

array

The part of a web request that you want AWS WAF to inspect. See Field to Match below for details.

array

Inspect all query arguments.

body
array
array

Inspect the request body, which immediately follows the request headers.

method
array
array

Inspect the HTTP method. The method indicates the type of operation that the request is asking the origin to perform.

array

Inspect the query string. This is the part of a URL that appears after a ? character, if any.

array

Inspect a single header. See Single Header below for details.

name
requiredstring
array

Inspect a single query argument. See Single Query Argument below for details.

name
requiredstring
uriPath
array
array

Inspect the request URI path. This is the part of a web request that identifies a resource, for example, /images/daily-ad.jpg.

textTransformation
requiredarray
requiredarray

Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. See Text Transformation below for details.

priority
requirednumber
type
requiredstring
array

A rule statement that defines a cross-site scripting (XSS) match search for AWS WAF to apply to web requests. See XSS Match Statement below for details.

array

The part of a web request that you want AWS WAF to inspect. See Field to Match below for details.

array

Inspect all query arguments.

body
array
array

Inspect the request body, which immediately follows the request headers.

method
array
array

Inspect the HTTP method. The method indicates the type of operation that the request is asking the origin to perform.

array

Inspect the query string. This is the part of a URL that appears after a ? character, if any.

array

Inspect a single header. See Single Header below for details.

name
requiredstring
array

Inspect a single query argument. See Single Query Argument below for details.

name
requiredstring
uriPath
array
array

Inspect the request URI path. This is the part of a web request that identifies a resource, for example, /images/daily-ad.jpg.

textTransformation
requiredarray
requiredarray

Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. See Text Transformation below for details.

priority
requirednumber
type
requiredstring
array

A rule statement used to search web request components for matches with regular expressions. See Regex Pattern Set Reference Statement below for details.

arn
requiredstring
array

The part of a web request that you want AWS WAF to inspect. See Field to Match below for details.

array

Inspect all query arguments.

body
array
array

Inspect the request body, which immediately follows the request headers.

method
array
array

Inspect the HTTP method. The method indicates the type of operation that the request is asking the origin to perform.

array

Inspect the query string. This is the part of a URL that appears after a ? character, if any.

array

Inspect a single header. See Single Header below for details.

name
requiredstring
array

Inspect a single query argument. See Single Query Argument below for details.

name
requiredstring
uriPath
array
array

Inspect the request URI path. This is the part of a web request that identifies a resource, for example, /images/daily-ad.jpg.

textTransformation
requiredarray
requiredarray

Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. See Text Transformation below for details.

priority
requirednumber
type
requiredstring
array

A rule statement that compares a number of bytes against the size of a request component, using a comparison operator, such as greater than (>) or less than (<). See Size Constraint Statement below for more details.

comparisonOperator
requiredstring
array

The part of a web request that you want AWS WAF to inspect. See Field to Match below for details.

array

Inspect all query arguments.

body
array
array

Inspect the request body, which immediately follows the request headers.

method
array
array

Inspect the HTTP method. The method indicates the type of operation that the request is asking the origin to perform.

array

Inspect the query string. This is the part of a URL that appears after a ? character, if any.

array

Inspect a single header. See Single Header below for details.

name
requiredstring
array

Inspect a single query argument. See Single Query Argument below for details.

name
requiredstring
uriPath
array
array

Inspect the request URI path. This is the part of a web request that identifies a resource, for example, /images/daily-ad.jpg.

size
requirednumber
textTransformation
requiredarray
requiredarray

Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. See Text Transformation below for details.

priority
requirednumber
type
requiredstring
array

An SQL injection match condition identifies the part of web requests, such as the URI or the query string, that you want AWS WAF to inspect. See SQL Injection Match Statement below for details.

array

The part of a web request that you want AWS WAF to inspect. See Field to Match below for details.

array

Inspect all query arguments.

body
array
array

Inspect the request body, which immediately follows the request headers.

method
array
array

Inspect the HTTP method. The method indicates the type of operation that the request is asking the origin to perform.

array

Inspect the query string. This is the part of a URL that appears after a ? character, if any.

array

Inspect a single header. See Single Header below for details.

name
requiredstring
array

Inspect a single query argument. See Single Query Argument below for details.

name
requiredstring
uriPath
array
array

Inspect the request URI path. This is the part of a web request that identifies a resource, for example, /images/daily-ad.jpg.

textTransformation
requiredarray
requiredarray

Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. See Text Transformation below for details.

priority
requirednumber
type
requiredstring
array

A rule statement that defines a cross-site scripting (XSS) match search for AWS WAF to apply to web requests. See XSS Match Statement below for details.

array

The part of a web request that you want AWS WAF to inspect. See Field to Match below for details.

array

Inspect all query arguments.

body
array
array

Inspect the request body, which immediately follows the request headers.

method
array
array

Inspect the HTTP method. The method indicates the type of operation that the request is asking the origin to perform.

array

Inspect the query string. This is the part of a URL that appears after a ? character, if any.

array

Inspect a single header. See Single Header below for details.

name
requiredstring
array

Inspect a single query argument. See Single Query Argument below for details.

name
requiredstring
uriPath
array
array

Inspect the request URI path. This is the part of a web request that identifies a resource, for example, /images/daily-ad.jpg.

textTransformation
requiredarray
requiredarray

Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. See Text Transformation below for details.

priority
requirednumber
type
requiredstring
array

A logical rule statement used to combine other rule statements with OR logic. See OR Statement below for details.

statement
requiredarray
requiredarray

The statements to combine with AND logic. You can use any statements that can be nested. See Statement above for details.

array

A logical rule statement used to combine other rule statements with AND logic. See AND Statement below for details.

statement
requiredarray
requiredarray

The statements to combine with AND logic. You can use any statements that can be nested. See Statement above for details.

array

A rule statement that defines a string match search for AWS WAF to apply to web requests. See Byte Match Statement below for details.

array

The part of a web request that you want AWS WAF to inspect. See Field to Match below for details.

array

Inspect all query arguments.

body
array
array

Inspect the request body, which immediately follows the request headers.

method
array
array

Inspect the HTTP method. The method indicates the type of operation that the request is asking the origin to perform.

array

Inspect the query string. This is the part of a URL that appears after a ? character, if any.

array

Inspect a single header. See Single Header below for details.

name
requiredstring
array

Inspect a single query argument. See Single Query Argument below for details.

name
requiredstring
uriPath
array
array

Inspect the request URI path. This is the part of a web request that identifies a resource, for example, /images/daily-ad.jpg.

positionalConstraint
requiredstring
searchString
requiredstring
textTransformation
requiredarray
requiredarray

Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. See Text Transformation below for details.

priority
requirednumber
type
requiredstring
array

A rule statement used to identify web requests based on country of origin. See GEO Match Statement below for details.

countryCodes
requiredarray
requiredarray

An array of two-character country codes, for example, [ "US", "CN" ], from the alpha-2 country ISO codes of the ISO 3166 international standard. See the documentation for valid values.

array

The configuration for inspecting IP addresses in an HTTP header that you specify, instead of using the IP address that's reported by the web request origin. See Forwarded IP Config below for details.

fallbackBehavior
requiredstring
headerName
requiredstring
array

A rule statement used to detect web requests coming from particular IP addresses or address ranges. See IP Set Reference Statement below for details.

arn
requiredstring
array

The configuration for inspecting IP addresses in an HTTP header that you specify, instead of using the IP address that's reported by the web request origin. See IPSet Forwarded IP Config below for more details.

fallbackBehavior
requiredstring
headerName
requiredstring
position
requiredstring
array

A rule statement that defines a string match search against labels that have been added to the web request by rules that have already run in the web ACL. See Label Match Statement below for details.

key
requiredstring
scope
requiredstring
array

A rule statement used to search web request components for matches with regular expressions. See Regex Pattern Set Reference Statement below for details.

arn
requiredstring
array

The part of a web request that you want AWS WAF to inspect. See Field to Match below for details.

array

Inspect all query arguments.

body
array
array

Inspect the request body, which immediately follows the request headers.

method
array
array

Inspect the HTTP method. The method indicates the type of operation that the request is asking the origin to perform.

array

Inspect the query string. This is the part of a URL that appears after a ? character, if any.

array

Inspect a single header. See Single Header below for details.

name
requiredstring
array

Inspect a single query argument. See Single Query Argument below for details.

name
requiredstring
uriPath
array
array

Inspect the request URI path. This is the part of a web request that identifies a resource, for example, /images/daily-ad.jpg.

textTransformation
requiredarray
requiredarray

Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. See Text Transformation below for details.

priority
requirednumber
type
requiredstring
array

A rule statement that compares a number of bytes against the size of a request component, using a comparison operator, such as greater than (>) or less than (<). See Size Constraint Statement below for more details.

comparisonOperator
requiredstring
array

The part of a web request that you want AWS WAF to inspect. See Field to Match below for details.

array

Inspect all query arguments.

body
array
array

Inspect the request body, which immediately follows the request headers.

method
array
array

Inspect the HTTP method. The method indicates the type of operation that the request is asking the origin to perform.

array

Inspect the query string. This is the part of a URL that appears after a ? character, if any.

array

Inspect a single header. See Single Header below for details.

name
requiredstring
array

Inspect a single query argument. See Single Query Argument below for details.

name
requiredstring
uriPath
array
array

Inspect the request URI path. This is the part of a web request that identifies a resource, for example, /images/daily-ad.jpg.

size
requirednumber
textTransformation
requiredarray
requiredarray

Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. See Text Transformation below for details.

priority
requirednumber
type
requiredstring
array

An SQL injection match condition identifies the part of web requests, such as the URI or the query string, that you want AWS WAF to inspect. See SQL Injection Match Statement below for details.

array

The part of a web request that you want AWS WAF to inspect. See Field to Match below for details.

array

Inspect all query arguments.

body
array
array

Inspect the request body, which immediately follows the request headers.

method
array
array

Inspect the HTTP method. The method indicates the type of operation that the request is asking the origin to perform.

array

Inspect the query string. This is the part of a URL that appears after a ? character, if any.

array

Inspect a single header. See Single Header below for details.

name
requiredstring
array

Inspect a single query argument. See Single Query Argument below for details.

name
requiredstring
uriPath
array
array

Inspect the request URI path. This is the part of a web request that identifies a resource, for example, /images/daily-ad.jpg.

textTransformation
requiredarray
requiredarray

Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. See Text Transformation below for details.

priority
requirednumber
type
requiredstring
array

A rule statement that defines a cross-site scripting (XSS) match search for AWS WAF to apply to web requests. See XSS Match Statement below for details.

array

The part of a web request that you want AWS WAF to inspect. See Field to Match below for details.

array

Inspect all query arguments.

body
array
array

Inspect the request body, which immediately follows the request headers.

method
array
array

Inspect the HTTP method. The method indicates the type of operation that the request is asking the origin to perform.

array

Inspect the query string. This is the part of a URL that appears after a ? character, if any.

array

Inspect a single header. See Single Header below for details.

name
requiredstring
array

Inspect a single query argument. See Single Query Argument below for details.

name
requiredstring
uriPath
array
array

Inspect the request URI path. This is the part of a web request that identifies a resource, for example, /images/daily-ad.jpg.

textTransformation
requiredarray
requiredarray

Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. See Text Transformation below for details.

priority
requirednumber
type
requiredstring