RuleGroup is the Schema for the RuleGroups API. Creates a WAFv2 rule group resource.
Type
CRD
Group
wafv2.aws.upbound.io
Version
v1beta1
apiVersion: wafv2.aws.upbound.io/v1beta1
kind: RuleGroup
RuleGroupSpec defines the desired state of RuleGroup
No description provided.
Defines custom response bodies that can be referenced by custom_response actions. See Custom Response Body below for details.
The rule blocks used to identify the web requests that you want to allow, block, or count. See Rules below for details.
The action that AWS WAF should take on a web request when it matches the rule's statement. Settings at the aws_wafv2_web_acl level can override the rule action setting. See Action below for details.
Instructs AWS WAF to allow the web request. See Allow below for details.
Defines custom handling for the web request. See Custom Request Handling below for details.
Instructs AWS WAF to block the web request. See Block below for details.
Defines a custom response for the web request. See Custom Response below for details.
Instructs AWS WAF to count the web request and allow it. See Count below for details.
Defines custom handling for the web request. See Custom Request Handling below for details.
Labels to apply to web requests that match the rule match statement. See Rule Label below for details.
The statements to combine with AND logic. You can use any statements that can be nested. See Statement above for details.
A logical rule statement used to combine other rule statements with AND logic. See AND Statement below for details.
The statements to combine with AND logic. You can use any statements that can be nested. See Statement above for details.
A logical rule statement used to combine other rule statements with AND logic. See AND Statement below for details.
The statements to combine with AND logic. You can use any statements that can be nested. See Statement above for details.
A rule statement that defines a string match search for AWS WAF to apply to web requests. See Byte Match Statement below for details.
The part of a web request that you want AWS WAF to inspect. See Field to Match below for details.
Inspect all query arguments.
Inspect the request body, which immediately follows the request headers.
Inspect the HTTP method. The method indicates the type of operation that the request is asking the origin to perform.
Inspect the query string. This is the part of a URL that appears after a ? character, if any.
Inspect a single header. See Single Header below for details.
Inspect a single query argument. See Single Query Argument below for details.
Inspect the request URI path. This is the part of a web request that identifies a resource, for example, /images/daily-ad.jpg.
A rule statement used to identify web requests based on country of origin. See GEO Match Statement below for details.
An array of two-character country codes, for example, [ "US", "CN" ], from the alpha-2 country ISO codes of the ISO 3166 international standard. See the documentation for valid values.
The configuration for inspecting IP addresses in an HTTP header that you specify, instead of using the IP address that's reported by the web request origin. See Forwarded IP Config below for details.
A rule statement used to detect web requests coming from particular IP addresses or address ranges. See IP Set Reference Statement below for details.
The configuration for inspecting IP addresses in an HTTP header that you specify, instead of using the IP address that's reported by the web request origin. See IPSet Forwarded IP Config below for more details.
A rule statement used to search web request components for matches with regular expressions. See Regex Pattern Set Reference Statement below for details.
The part of a web request that you want AWS WAF to inspect. See Field to Match below for details.
Inspect all query arguments.
Inspect the request body, which immediately follows the request headers.
Inspect the HTTP method. The method indicates the type of operation that the request is asking the origin to perform.
Inspect the query string. This is the part of a URL that appears after a ? character, if any.
Inspect a single header. See Single Header below for details.
Inspect a single query argument. See Single Query Argument below for details.
Inspect the request URI path. This is the part of a web request that identifies a resource, for example, /images/daily-ad.jpg.
A rule statement that compares a number of bytes against the size of a request component, using a comparison operator, such as greater than (>) or less than (<). See Size Constraint Statement below for more details.
The part of a web request that you want AWS WAF to inspect. See Field to Match below for details.
Inspect all query arguments.
Inspect the request body, which immediately follows the request headers.
Inspect the HTTP method. The method indicates the type of operation that the request is asking the origin to perform.
Inspect the query string. This is the part of a URL that appears after a ? character, if any.
Inspect a single header. See Single Header below for details.
Inspect a single query argument. See Single Query Argument below for details.
Inspect the request URI path. This is the part of a web request that identifies a resource, for example, /images/daily-ad.jpg.
An SQL injection match condition identifies the part of web requests, such as the URI or the query string, that you want AWS WAF to inspect. See SQL Injection Match Statement below for details.
The part of a web request that you want AWS WAF to inspect. See Field to Match below for details.
Inspect all query arguments.
Inspect the request body, which immediately follows the request headers.
Inspect the HTTP method. The method indicates the type of operation that the request is asking the origin to perform.
Inspect the query string. This is the part of a URL that appears after a ? character, if any.
Inspect a single header. See Single Header below for details.
Inspect a single query argument. See Single Query Argument below for details.
Inspect the request URI path. This is the part of a web request that identifies a resource, for example, /images/daily-ad.jpg.
A rule statement that defines a cross-site scripting (XSS) match search for AWS WAF to apply to web requests. See XSS Match Statement below for details.
The part of a web request that you want AWS WAF to inspect. See Field to Match below for details.
Inspect all query arguments.
Inspect the request body, which immediately follows the request headers.
Inspect the HTTP method. The method indicates the type of operation that the request is asking the origin to perform.
Inspect the query string. This is the part of a URL that appears after a ? character, if any.
Inspect a single header. See Single Header below for details.
Inspect a single query argument. See Single Query Argument below for details.
Inspect the request URI path. This is the part of a web request that identifies a resource, for example, /images/daily-ad.jpg.
A rule statement that defines a string match search for AWS WAF to apply to web requests. See Byte Match Statement below for details.
The part of a web request that you want AWS WAF to inspect. See Field to Match below for details.
Inspect all query arguments.
Inspect the request body, which immediately follows the request headers.
Inspect the HTTP method. The method indicates the type of operation that the request is asking the origin to perform.
Inspect the query string. This is the part of a URL that appears after a ? character, if any.
Inspect a single header. See Single Header below for details.
Inspect a single query argument. See Single Query Argument below for details.
Inspect the request URI path. This is the part of a web request that identifies a resource, for example, /images/daily-ad.jpg.
A rule statement used to identify web requests based on country of origin. See GEO Match Statement below for details.
An array of two-character country codes, for example, [ "US", "CN" ], from the alpha-2 country ISO codes of the ISO 3166 international standard. See the documentation for valid values.
The configuration for inspecting IP addresses in an HTTP header that you specify, instead of using the IP address that's reported by the web request origin. See Forwarded IP Config below for details.
A rule statement used to detect web requests coming from particular IP addresses or address ranges. See IP Set Reference Statement below for details.
The configuration for inspecting IP addresses in an HTTP header that you specify, instead of using the IP address that's reported by the web request origin. See IPSet Forwarded IP Config below for more details.
A logical rule statement used to negate the results of another rule statement. See NOT Statement below for details.
The statements to combine with AND logic. You can use any statements that can be nested. See Statement above for details.
A rule statement that defines a string match search for AWS WAF to apply to web requests. See Byte Match Statement below for details.
The part of a web request that you want AWS WAF to inspect. See Field to Match below for details.
Inspect all query arguments.
Inspect the request body, which immediately follows the request headers.
Inspect the HTTP method. The method indicates the type of operation that the request is asking the origin to perform.
Inspect the query string. This is the part of a URL that appears after a ? character, if any.
Inspect a single header. See Single Header below for details.
Inspect a single query argument. See Single Query Argument below for details.
Inspect the request URI path. This is the part of a web request that identifies a resource, for example, /images/daily-ad.jpg.
A rule statement used to identify web requests based on country of origin. See GEO Match Statement below for details.
An array of two-character country codes, for example, [ "US", "CN" ], from the alpha-2 country ISO codes of the ISO 3166 international standard. See the documentation for valid values.
The configuration for inspecting IP addresses in an HTTP header that you specify, instead of using the IP address that's reported by the web request origin. See Forwarded IP Config below for details.
A rule statement used to detect web requests coming from particular IP addresses or address ranges. See IP Set Reference Statement below for details.
The configuration for inspecting IP addresses in an HTTP header that you specify, instead of using the IP address that's reported by the web request origin. See IPSet Forwarded IP Config below for more details.
A rule statement used to search web request components for matches with regular expressions. See Regex Pattern Set Reference Statement below for details.
The part of a web request that you want AWS WAF to inspect. See Field to Match below for details.
Inspect all query arguments.
Inspect the request body, which immediately follows the request headers.
Inspect the HTTP method. The method indicates the type of operation that the request is asking the origin to perform.
Inspect the query string. This is the part of a URL that appears after a ? character, if any.
Inspect a single header. See Single Header below for details.
Inspect a single query argument. See Single Query Argument below for details.
Inspect the request URI path. This is the part of a web request that identifies a resource, for example, /images/daily-ad.jpg.
A rule statement that compares a number of bytes against the size of a request component, using a comparison operator, such as greater than (>) or less than (<). See Size Constraint Statement below for more details.
The part of a web request that you want AWS WAF to inspect. See Field to Match below for details.
Inspect all query arguments.
Inspect the request body, which immediately follows the request headers.
Inspect the HTTP method. The method indicates the type of operation that the request is asking the origin to perform.
Inspect the query string. This is the part of a URL that appears after a ? character, if any.
Inspect a single header. See Single Header below for details.
Inspect a single query argument. See Single Query Argument below for details.
Inspect the request URI path. This is the part of a web request that identifies a resource, for example, /images/daily-ad.jpg.
An SQL injection match condition identifies the part of web requests, such as the URI or the query string, that you want AWS WAF to inspect. See SQL Injection Match Statement below for details.
The part of a web request that you want AWS WAF to inspect. See Field to Match below for details.
Inspect all query arguments.
Inspect the request body, which immediately follows the request headers.
Inspect the HTTP method. The method indicates the type of operation that the request is asking the origin to perform.
Inspect the query string. This is the part of a URL that appears after a ? character, if any.
Inspect a single header. See Single Header below for details.
Inspect a single query argument. See Single Query Argument below for details.
Inspect the request URI path. This is the part of a web request that identifies a resource, for example, /images/daily-ad.jpg.
A rule statement that defines a cross-site scripting (XSS) match search for AWS WAF to apply to web requests. See XSS Match Statement below for details.
The part of a web request that you want AWS WAF to inspect. See Field to Match below for details.
Inspect all query arguments.
Inspect the request body, which immediately follows the request headers.
Inspect the HTTP method. The method indicates the type of operation that the request is asking the origin to perform.
Inspect the query string. This is the part of a URL that appears after a ? character, if any.
Inspect a single header. See Single Header below for details.
Inspect a single query argument. See Single Query Argument below for details.
Inspect the request URI path. This is the part of a web request that identifies a resource, for example, /images/daily-ad.jpg.
A logical rule statement used to combine other rule statements with OR logic. See OR Statement below for details.
The statements to combine with AND logic. You can use any statements that can be nested. See Statement above for details.
A rule statement that defines a string match search for AWS WAF to apply to web requests. See Byte Match Statement below for details.
The part of a web request that you want AWS WAF to inspect. See Field to Match below for details.
Inspect all query arguments.
Inspect the request body, which immediately follows the request headers.
Inspect the HTTP method. The method indicates the type of operation that the request is asking the origin to perform.
Inspect the query string. This is the part of a URL that appears after a ? character, if any.
Inspect a single header. See Single Header below for details.
Inspect a single query argument. See Single Query Argument below for details.
Inspect the request URI path. This is the part of a web request that identifies a resource, for example, /images/daily-ad.jpg.
A rule statement used to identify web requests based on country of origin. See GEO Match Statement below for details.
An array of two-character country codes, for example, [ "US", "CN" ], from the alpha-2 country ISO codes of the ISO 3166 international standard. See the documentation for valid values.
The configuration for inspecting IP addresses in an HTTP header that you specify, instead of using the IP address that's reported by the web request origin. See Forwarded IP Config below for details.
A rule statement used to detect web requests coming from particular IP addresses or address ranges. See IP Set Reference Statement below for details.
The configuration for inspecting IP addresses in an HTTP header that you specify, instead of using the IP address that's reported by the web request origin. See IPSet Forwarded IP Config below for more details.
A rule statement used to search web request components for matches with regular expressions. See Regex Pattern Set Reference Statement below for details.
The part of a web request that you want AWS WAF to inspect. See Field to Match below for details.
Inspect all query arguments.
Inspect the request body, which immediately follows the request headers.
Inspect the HTTP method. The method indicates the type of operation that the request is asking the origin to perform.
Inspect the query string. This is the part of a URL that appears after a ? character, if any.
Inspect a single header. See Single Header below for details.
Inspect a single query argument. See Single Query Argument below for details.
Inspect the request URI path. This is the part of a web request that identifies a resource, for example, /images/daily-ad.jpg.
A rule statement that compares a number of bytes against the size of a request component, using a comparison operator, such as greater than (>) or less than (<). See Size Constraint Statement below for more details.
The part of a web request that you want AWS WAF to inspect. See Field to Match below for details.
Inspect all query arguments.
Inspect the request body, which immediately follows the request headers.
Inspect the HTTP method. The method indicates the type of operation that the request is asking the origin to perform.
Inspect the query string. This is the part of a URL that appears after a ? character, if any.
Inspect a single header. See Single Header below for details.
Inspect a single query argument. See Single Query Argument below for details.
Inspect the request URI path. This is the part of a web request that identifies a resource, for example, /images/daily-ad.jpg.
An SQL injection match condition identifies the part of web requests, such as the URI or the query string, that you want AWS WAF to inspect. See SQL Injection Match Statement below for details.
The part of a web request that you want AWS WAF to inspect. See Field to Match below for details.
Inspect all query arguments.
Inspect the request body, which immediately follows the request headers.
Inspect the HTTP method. The method indicates the type of operation that the request is asking the origin to perform.
Inspect the query string. This is the part of a URL that appears after a ? character, if any.
Inspect a single header. See Single Header below for details.
Inspect a single query argument. See Single Query Argument below for details.
Inspect the request URI path. This is the part of a web request that identifies a resource, for example, /images/daily-ad.jpg.
A rule statement that defines a cross-site scripting (XSS) match search for AWS WAF to apply to web requests. See XSS Match Statement below for details.
The part of a web request that you want AWS WAF to inspect. See Field to Match below for details.
Inspect all query arguments.
Inspect the request body, which immediately follows the request headers.
Inspect the HTTP method. The method indicates the type of operation that the request is asking the origin to perform.
Inspect the query string. This is the part of a URL that appears after a ? character, if any.
Inspect a single header. See Single Header below for details.
Inspect a single query argument. See Single Query Argument below for details.
Inspect the request URI path. This is the part of a web request that identifies a resource, for example, /images/daily-ad.jpg.
A rule statement used to search web request components for matches with regular expressions. See Regex Pattern Set Reference Statement below for details.
The part of a web request that you want AWS WAF to inspect. See Field to Match below for details.
Inspect all query arguments.
Inspect the request body, which immediately follows the request headers.
Inspect the HTTP method. The method indicates the type of operation that the request is asking the origin to perform.
Inspect the query string. This is the part of a URL that appears after a ? character, if any.
Inspect a single header. See Single Header below for details.
Inspect a single query argument. See Single Query Argument below for details.
Inspect the request URI path. This is the part of a web request that identifies a resource, for example, /images/daily-ad.jpg.
A rule statement that compares a number of bytes against the size of a request component, using a comparison operator, such as greater than (>) or less than (<). See Size Constraint Statement below for more details.
The part of a web request that you want AWS WAF to inspect. See Field to Match below for details.
Inspect all query arguments.
Inspect the request body, which immediately follows the request headers.
Inspect the HTTP method. The method indicates the type of operation that the request is asking the origin to perform.
Inspect the query string. This is the part of a URL that appears after a ? character, if any.
Inspect a single header. See Single Header below for details.
Inspect a single query argument. See Single Query Argument below for details.
Inspect the request URI path. This is the part of a web request that identifies a resource, for example, /images/daily-ad.jpg.
An SQL injection match condition identifies the part of web requests, such as the URI or the query string, that you want AWS WAF to inspect. See SQL Injection Match Statement below for details.
The part of a web request that you want AWS WAF to inspect. See Field to Match below for details.
Inspect all query arguments.
Inspect the request body, which immediately follows the request headers.
Inspect the HTTP method. The method indicates the type of operation that the request is asking the origin to perform.
Inspect the query string. This is the part of a URL that appears after a ? character, if any.
Inspect a single header. See Single Header below for details.
Inspect a single query argument. See Single Query Argument below for details.
Inspect the request URI path. This is the part of a web request that identifies a resource, for example, /images/daily-ad.jpg.
A rule statement that defines a cross-site scripting (XSS) match search for AWS WAF to apply to web requests. See XSS Match Statement below for details.
The part of a web request that you want AWS WAF to inspect. See Field to Match below for details.
Inspect all query arguments.
Inspect the request body, which immediately follows the request headers.
Inspect the HTTP method. The method indicates the type of operation that the request is asking the origin to perform.
Inspect the query string. This is the part of a URL that appears after a ? character, if any.
Inspect a single header. See Single Header below for details.
Inspect a single query argument. See Single Query Argument below for details.
Inspect the request URI path. This is the part of a web request that identifies a resource, for example, /images/daily-ad.jpg.
A rule statement that defines a string match search for AWS WAF to apply to web requests. See Byte Match Statement below for details.
The part of a web request that you want AWS WAF to inspect. See Field to Match below for details.
Inspect all query arguments.
Inspect the request body, which immediately follows the request headers.
Inspect the HTTP method. The method indicates the type of operation that the request is asking the origin to perform.
Inspect the query string. This is the part of a URL that appears after a ? character, if any.
Inspect a single header. See Single Header below for details.
Inspect a single query argument. See Single Query Argument below for details.
Inspect the request URI path. This is the part of a web request that identifies a resource, for example, /images/daily-ad.jpg.
A rule statement used to identify web requests based on country of origin. See GEO Match Statement below for details.
An array of two-character country codes, for example, [ "US", "CN" ], from the alpha-2 country ISO codes of the ISO 3166 international standard. See the documentation for valid values.
The configuration for inspecting IP addresses in an HTTP header that you specify, instead of using the IP address that's reported by the web request origin. See Forwarded IP Config below for details.
A rule statement used to detect web requests coming from particular IP addresses or address ranges. See IP Set Reference Statement below for details.
The configuration for inspecting IP addresses in an HTTP header that you specify, instead of using the IP address that's reported by the web request origin. See IPSet Forwarded IP Config below for more details.
A logical rule statement used to negate the results of another rule statement. See NOT Statement below for details.
The statements to combine with AND logic. You can use any statements that can be nested. See Statement above for details.
A logical rule statement used to combine other rule statements with AND logic. See AND Statement below for details.
The statements to combine with AND logic. You can use any statements that can be nested. See Statement above for details.
A rule statement that defines a string match search for AWS WAF to apply to web requests. See Byte Match Statement below for details.
The part of a web request that you want AWS WAF to inspect. See Field to Match below for details.
Inspect all query arguments.
Inspect the request body, which immediately follows the request headers.
Inspect the HTTP method. The method indicates the type of operation that the request is asking the origin to perform.
Inspect the query string. This is the part of a URL that appears after a ? character, if any.
Inspect a single header. See Single Header below for details.
Inspect a single query argument. See Single Query Argument below for details.
Inspect the request URI path. This is the part of a web request that identifies a resource, for example, /images/daily-ad.jpg.
A rule statement used to identify web requests based on country of origin. See GEO Match Statement below for details.
An array of two-character country codes, for example, [ "US", "CN" ], from the alpha-2 country ISO codes of the ISO 3166 international standard. See the documentation for valid values.
The configuration for inspecting IP addresses in an HTTP header that you specify, instead of using the IP address that's reported by the web request origin. See Forwarded IP Config below for details.
A rule statement used to detect web requests coming from particular IP addresses or address ranges. See IP Set Reference Statement below for details.
The configuration for inspecting IP addresses in an HTTP header that you specify, instead of using the IP address that's reported by the web request origin. See IPSet Forwarded IP Config below for more details.
A rule statement used to search web request components for matches with regular expressions. See Regex Pattern Set Reference Statement below for details.
The part of a web request that you want AWS WAF to inspect. See Field to Match below for details.
Inspect all query arguments.
Inspect the request body, which immediately follows the request headers.
Inspect the HTTP method. The method indicates the type of operation that the request is asking the origin to perform.
Inspect the query string. This is the part of a URL that appears after a ? character, if any.
Inspect a single header. See Single Header below for details.
Inspect a single query argument. See Single Query Argument below for details.
Inspect the request URI path. This is the part of a web request that identifies a resource, for example, /images/daily-ad.jpg.
A rule statement that compares a number of bytes against the size of a request component, using a comparison operator, such as greater than (>) or less than (<). See Size Constraint Statement below for more details.
The part of a web request that you want AWS WAF to inspect. See Field to Match below for details.
Inspect all query arguments.
Inspect the request body, which immediately follows the request headers.
Inspect the HTTP method. The method indicates the type of operation that the request is asking the origin to perform.
Inspect the query string. This is the part of a URL that appears after a ? character, if any.
Inspect a single header. See Single Header below for details.
Inspect a single query argument. See Single Query Argument below for details.
Inspect the request URI path. This is the part of a web request that identifies a resource, for example, /images/daily-ad.jpg.
An SQL injection match condition identifies the part of web requests, such as the URI or the query string, that you want AWS WAF to inspect. See SQL Injection Match Statement below for details.
The part of a web request that you want AWS WAF to inspect. See Field to Match below for details.
Inspect all query arguments.
Inspect the request body, which immediately follows the request headers.
Inspect the HTTP method. The method indicates the type of operation that the request is asking the origin to perform.
Inspect the query string. This is the part of a URL that appears after a ? character, if any.
Inspect a single header. See Single Header below for details.
Inspect a single query argument. See Single Query Argument below for details.
Inspect the request URI path. This is the part of a web request that identifies a resource, for example, /images/daily-ad.jpg.
A rule statement that defines a cross-site scripting (XSS) match search for AWS WAF to apply to web requests. See XSS Match Statement below for details.
The part of a web request that you want AWS WAF to inspect. See Field to Match below for details.
Inspect all query arguments.
Inspect the request body, which immediately follows the request headers.
Inspect the HTTP method. The method indicates the type of operation that the request is asking the origin to perform.
Inspect the query string. This is the part of a URL that appears after a ? character, if any.
Inspect a single header. See Single Header below for details.
Inspect a single query argument. See Single Query Argument below for details.
Inspect the request URI path. This is the part of a web request that identifies a resource, for example, /images/daily-ad.jpg.
A rule statement that defines a string match search for AWS WAF to apply to web requests. See Byte Match Statement below for details.
The part of a web request that you want AWS WAF to inspect. See Field to Match below for details.
Inspect all query arguments.
Inspect the request body, which immediately follows the request headers.
Inspect the HTTP method. The method indicates the type of operation that the request is asking the origin to perform.
Inspect the query string. This is the part of a URL that appears after a ? character, if any.
Inspect a single header. See Single Header below for details.
Inspect a single query argument. See Single Query Argument below for details.
Inspect the request URI path. This is the part of a web request that identifies a resource, for example, /images/daily-ad.jpg.
A rule statement used to identify web requests based on country of origin. See GEO Match Statement below for details.
An array of two-character country codes, for example, [ "US", "CN" ], from the alpha-2 country ISO codes of the ISO 3166 international standard. See the documentation for valid values.
The configuration for inspecting IP addresses in an HTTP header that you specify, instead of using the IP address that's reported by the web request origin. See Forwarded IP Config below for details.
A rule statement used to detect web requests coming from particular IP addresses or address ranges. See IP Set Reference Statement below for details.
The configuration for inspecting IP addresses in an HTTP header that you specify, instead of using the IP address that's reported by the web request origin. See IPSet Forwarded IP Config below for more details.
A logical rule statement used to negate the results of another rule statement. See NOT Statement below for details.
The statements to combine with AND logic. You can use any statements that can be nested. See Statement above for details.
A rule statement that defines a string match search for AWS WAF to apply to web requests. See Byte Match Statement below for details.
The part of a web request that you want AWS WAF to inspect. See Field to Match below for details.
Inspect all query arguments.
Inspect the request body, which immediately follows the request headers.
Inspect the HTTP method. The method indicates the type of operation that the request is asking the origin to perform.
Inspect the query string. This is the part of a URL that appears after a ? character, if any.
Inspect a single header. See Single Header below for details.
Inspect a single query argument. See Single Query Argument below for details.
Inspect the request URI path. This is the part of a web request that identifies a resource, for example, /images/daily-ad.jpg.
A rule statement used to identify web requests based on country of origin. See GEO Match Statement below for details.
An array of two-character country codes, for example, [ "US", "CN" ], from the alpha-2 country ISO codes of the ISO 3166 international standard. See the documentation for valid values.
The configuration for inspecting IP addresses in an HTTP header that you specify, instead of using the IP address that's reported by the web request origin. See Forwarded IP Config below for details.
A rule statement used to detect web requests coming from particular IP addresses or address ranges. See IP Set Reference Statement below for details.
The configuration for inspecting IP addresses in an HTTP header that you specify, instead of using the IP address that's reported by the web request origin. See IPSet Forwarded IP Config below for more details.
A rule statement used to search web request components for matches with regular expressions. See Regex Pattern Set Reference Statement below for details.
The part of a web request that you want AWS WAF to inspect. See Field to Match below for details.
Inspect all query arguments.
Inspect the request body, which immediately follows the request headers.
Inspect the HTTP method. The method indicates the type of operation that the request is asking the origin to perform.
Inspect the query string. This is the part of a URL that appears after a ? character, if any.
Inspect a single header. See Single Header below for details.
Inspect a single query argument. See Single Query Argument below for details.
Inspect the request URI path. This is the part of a web request that identifies a resource, for example, /images/daily-ad.jpg.
A rule statement that compares a number of bytes against the size of a request component, using a comparison operator, such as greater than (>) or less than (<). See Size Constraint Statement below for more details.
The part of a web request that you want AWS WAF to inspect. See Field to Match below for details.
Inspect all query arguments.
Inspect the request body, which immediately follows the request headers.
Inspect the HTTP method. The method indicates the type of operation that the request is asking the origin to perform.
Inspect the query string. This is the part of a URL that appears after a ? character, if any.
Inspect a single header. See Single Header below for details.
Inspect a single query argument. See Single Query Argument below for details.
Inspect the request URI path. This is the part of a web request that identifies a resource, for example, /images/daily-ad.jpg.
An SQL injection match condition identifies the part of web requests, such as the URI or the query string, that you want AWS WAF to inspect. See SQL Injection Match Statement below for details.
The part of a web request that you want AWS WAF to inspect. See Field to Match below for details.
Inspect all query arguments.
Inspect the request body, which immediately follows the request headers.
Inspect the HTTP method. The method indicates the type of operation that the request is asking the origin to perform.
Inspect the query string. This is the part of a URL that appears after a ? character, if any.
Inspect a single header. See Single Header below for details.
Inspect a single query argument. See Single Query Argument below for details.
Inspect the request URI path. This is the part of a web request that identifies a resource, for example, /images/daily-ad.jpg.
A rule statement that defines a cross-site scripting (XSS) match search for AWS WAF to apply to web requests. See XSS Match Statement below for details.
The part of a web request that you want AWS WAF to inspect. See Field to Match below for details.
Inspect all query arguments.
Inspect the request body, which immediately follows the request headers.
Inspect the HTTP method. The method indicates the type of operation that the request is asking the origin to perform.
Inspect the query string. This is the part of a URL that appears after a ? character, if any.
Inspect a single header. See Single Header below for details.
Inspect a single query argument. See Single Query Argument below for details.
Inspect the request URI path. This is the part of a web request that identifies a resource, for example, /images/daily-ad.jpg.
A logical rule statement used to combine other rule statements with OR logic. See OR Statement below for details.
The statements to combine with AND logic. You can use any statements that can be nested. See Statement above for details.
A rule statement that defines a string match search for AWS WAF to apply to web requests. See Byte Match Statement below for details.
The part of a web request that you want AWS WAF to inspect. See Field to Match below for details.
Inspect all query arguments.
Inspect the request body, which immediately follows the request headers.
Inspect the HTTP method. The method indicates the type of operation that the request is asking the origin to perform.
Inspect the query string. This is the part of a URL that appears after a ? character, if any.
Inspect a single header. See Single Header below for details.
Inspect a single query argument. See Single Query Argument below for details.
Inspect the request URI path. This is the part of a web request that identifies a resource, for example, /images/daily-ad.jpg.
A rule statement used to identify web requests based on country of origin. See GEO Match Statement below for details.
An array of two-character country codes, for example, [ "US", "CN" ], from the alpha-2 country ISO codes of the ISO 3166 international standard. See the documentation for valid values.
The configuration for inspecting IP addresses in an HTTP header that you specify, instead of using the IP address that's reported by the web request origin. See Forwarded IP Config below for details.
A rule statement used to detect web requests coming from particular IP addresses or address ranges. See IP Set Reference Statement below for details.
The configuration for inspecting IP addresses in an HTTP header that you specify, instead of using the IP address that's reported by the web request origin. See IPSet Forwarded IP Config below for more details.
A rule statement used to search web request components for matches with regular expressions. See Regex Pattern Set Reference Statement below for details.
The part of a web request that you want AWS WAF to inspect. See Field to Match below for details.
Inspect all query arguments.
Inspect the request body, which immediately follows the request headers.
Inspect the HTTP method. The method indicates the type of operation that the request is asking the origin to perform.
Inspect the query string. This is the part of a URL that appears after a ? character, if any.
Inspect a single header. See Single Header below for details.
Inspect a single query argument. See Single Query Argument below for details.
Inspect the request URI path. This is the part of a web request that identifies a resource, for example, /images/daily-ad.jpg.
A rule statement that compares a number of bytes against the size of a request component, using a comparison operator, such as greater than (>) or less than (<). See Size Constraint Statement below for more details.
The part of a web request that you want AWS WAF to inspect. See Field to Match below for details.
Inspect all query arguments.
Inspect the request body, which immediately follows the request headers.
Inspect the HTTP method. The method indicates the type of operation that the request is asking the origin to perform.
Inspect the query string. This is the part of a URL that appears after a ? character, if any.
Inspect a single header. See Single Header below for details.
Inspect a single query argument. See Single Query Argument below for details.
Inspect the request URI path. This is the part of a web request that identifies a resource, for example, /images/daily-ad.jpg.
An SQL injection match condition identifies the part of web requests, such as the URI or the query string, that you want AWS WAF to inspect. See SQL Injection Match Statement below for details.
The part of a web request that you want AWS WAF to inspect. See Field to Match below for details.
Inspect all query arguments.
Inspect the request body, which immediately follows the request headers.
Inspect the HTTP method. The method indicates the type of operation that the request is asking the origin to perform.
Inspect the query string. This is the part of a URL that appears after a ? character, if any.
Inspect a single header. See Single Header below for details.
Inspect a single query argument. See Single Query Argument below for details.
Inspect the request URI path. This is the part of a web request that identifies a resource, for example, /images/daily-ad.jpg.
A rule statement that defines a cross-site scripting (XSS) match search for AWS WAF to apply to web requests. See XSS Match Statement below for details.
The part of a web request that you want AWS WAF to inspect. See Field to Match below for details.
Inspect all query arguments.
Inspect the request body, which immediately follows the request headers.
Inspect the HTTP method. The method indicates the type of operation that the request is asking the origin to perform.
Inspect the query string. This is the part of a URL that appears after a ? character, if any.
Inspect a single header. See Single Header below for details.
Inspect a single query argument. See Single Query Argument below for details.
Inspect the request URI path. This is the part of a web request that identifies a resource, for example, /images/daily-ad.jpg.
A rule statement used to search web request components for matches with regular expressions. See Regex Pattern Set Reference Statement below for details.
The part of a web request that you want AWS WAF to inspect. See Field to Match below for details.
Inspect all query arguments.
Inspect the request body, which immediately follows the request headers.
Inspect the HTTP method. The method indicates the type of operation that the request is asking the origin to perform.
Inspect the query string. This is the part of a URL that appears after a ? character, if any.
Inspect a single header. See Single Header below for details.
Inspect a single query argument. See Single Query Argument below for details.
Inspect the request URI path. This is the part of a web request that identifies a resource, for example, /images/daily-ad.jpg.
A rule statement that compares a number of bytes against the size of a request component, using a comparison operator, such as greater than (>) or less than (<). See Size Constraint Statement below for more details.
The part of a web request that you want AWS WAF to inspect. See Field to Match below for details.
Inspect all query arguments.
Inspect the request body, which immediately follows the request headers.
Inspect the HTTP method. The method indicates the type of operation that the request is asking the origin to perform.
Inspect the query string. This is the part of a URL that appears after a ? character, if any.
Inspect a single header. See Single Header below for details.
Inspect a single query argument. See Single Query Argument below for details.
Inspect the request URI path. This is the part of a web request that identifies a resource, for example, /images/daily-ad.jpg.
An SQL injection match condition identifies the part of web requests, such as the URI or the query string, that you want AWS WAF to inspect. See SQL Injection Match Statement below for details.
The part of a web request that you want AWS WAF to inspect. See Field to Match below for details.
Inspect all query arguments.
Inspect the request body, which immediately follows the request headers.
Inspect the HTTP method. The method indicates the type of operation that the request is asking the origin to perform.
Inspect the query string. This is the part of a URL that appears after a ? character, if any.
Inspect a single header. See Single Header below for details.
Inspect a single query argument. See Single Query Argument below for details.
Inspect the request URI path. This is the part of a web request that identifies a resource, for example, /images/daily-ad.jpg.
A rule statement that defines a cross-site scripting (XSS) match search for AWS WAF to apply to web requests. See XSS Match Statement below for details.
The part of a web request that you want AWS WAF to inspect. See Field to Match below for details.
Inspect all query arguments.
Inspect the request body, which immediately follows the request headers.
Inspect the HTTP method. The method indicates the type of operation that the request is asking the origin to perform.
Inspect the query string. This is the part of a URL that appears after a ? character, if any.
Inspect a single header. See Single Header below for details.
Inspect a single query argument. See Single Query Argument below for details.
Inspect the request URI path. This is the part of a web request that identifies a resource, for example, /images/daily-ad.jpg.
A logical rule statement used to combine other rule statements with OR logic. See OR Statement below for details.
The statements to combine with AND logic. You can use any statements that can be nested. See Statement above for details.
A logical rule statement used to combine other rule statements with AND logic. See AND Statement below for details.
The statements to combine with AND logic. You can use any statements that can be nested. See Statement above for details.
A rule statement that defines a string match search for AWS WAF to apply to web requests. See Byte Match Statement below for details.
The part of a web request that you want AWS WAF to inspect. See Field to Match below for details.
Inspect all query arguments.
Inspect the request body, which immediately follows the request headers.
Inspect the HTTP method. The method indicates the type of operation that the request is asking the origin to perform.
Inspect the query string. This is the part of a URL that appears after a ? character, if any.
Inspect a single header. See Single Header below for details.
Inspect a single query argument. See Single Query Argument below for details.
Inspect the request URI path. This is the part of a web request that identifies a resource, for example, /images/daily-ad.jpg.
A rule statement used to identify web requests based on country of origin. See GEO Match Statement below for details.
An array of two-character country codes, for example, [ "US", "CN" ], from the alpha-2 country ISO codes of the ISO 3166 international standard. See the documentation for valid values.
The configuration for inspecting IP addresses in an HTTP header that you specify, instead of using the IP address that's reported by the web request origin. See Forwarded IP Config below for details.
A rule statement used to detect web requests coming from particular IP addresses or address ranges. See IP Set Reference Statement below for details.
The configuration for inspecting IP addresses in an HTTP header that you specify, instead of using the IP address that's reported by the web request origin. See IPSet Forwarded IP Config below for more details.
A rule statement used to search web request components for matches with regular expressions. See Regex Pattern Set Reference Statement below for details.
The part of a web request that you want AWS WAF to inspect. See Field to Match below for details.
Inspect all query arguments.
Inspect the request body, which immediately follows the request headers.
Inspect the HTTP method. The method indicates the type of operation that the request is asking the origin to perform.
Inspect the query string. This is the part of a URL that appears after a ? character, if any.
Inspect a single header. See Single Header below for details.
Inspect a single query argument. See Single Query Argument below for details.
Inspect the request URI path. This is the part of a web request that identifies a resource, for example, /images/daily-ad.jpg.
A rule statement that compares a number of bytes against the size of a request component, using a comparison operator, such as greater than (>) or less than (<). See Size Constraint Statement below for more details.
The part of a web request that you want AWS WAF to inspect. See Field to Match below for details.
Inspect all query arguments.
Inspect the request body, which immediately follows the request headers.
Inspect the HTTP method. The method indicates the type of operation that the request is asking the origin to perform.
Inspect the query string. This is the part of a URL that appears after a ? character, if any.
Inspect a single header. See Single Header below for details.
Inspect a single query argument. See Single Query Argument below for details.
Inspect the request URI path. This is the part of a web request that identifies a resource, for example, /images/daily-ad.jpg.
An SQL injection match condition identifies the part of web requests, such as the URI or the query string, that you want AWS WAF to inspect. See SQL Injection Match Statement below for details.
The part of a web request that you want AWS WAF to inspect. See Field to Match below for details.
Inspect all query arguments.
Inspect the request body, which immediately follows the request headers.
Inspect the HTTP method. The method indicates the type of operation that the request is asking the origin to perform.
Inspect the query string. This is the part of a URL that appears after a ? character, if any.
Inspect a single header. See Single Header below for details.
Inspect a single query argument. See Single Query Argument below for details.
Inspect the request URI path. This is the part of a web request that identifies a resource, for example, /images/daily-ad.jpg.
A rule statement that defines a cross-site scripting (XSS) match search for AWS WAF to apply to web requests. See XSS Match Statement below for details.
The part of a web request that you want AWS WAF to inspect. See Field to Match below for details.
Inspect all query arguments.
Inspect the request body, which immediately follows the request headers.
Inspect the HTTP method. The method indicates the type of operation that the request is asking the origin to perform.
Inspect the query string. This is the part of a URL that appears after a ? character, if any.
Inspect a single header. See Single Header below for details.
Inspect a single query argument. See Single Query Argument below for details.
Inspect the request URI path. This is the part of a web request that identifies a resource, for example, /images/daily-ad.jpg.
A rule statement that defines a string match search for AWS WAF to apply to web requests. See Byte Match Statement below for details.