Class: Aws::WAFV2::Types::FieldToMatch

Inherits:

Struct

• Object
• Struct
• Aws::WAFV2::Types::FieldToMatch

Includes:

Structure

Defined in:

lib/aws-sdk-wafv2/types.rb

Overview

The part of the web request that you want WAF to inspect. Include the single ‘FieldToMatch` type that you want to inspect, with additional specifications as needed, according to the type. You specify a single request component in `FieldToMatch` for each rule statement that requires it. To inspect more than one component of the web request, create a separate rule statement for each component.

Example JSON for a ‘QueryString` field to match:

‘ “FieldToMatch”: { “QueryString”: {} }`

Example JSON for a ‘Method` field to match specification:

‘ “FieldToMatch”: { “Method”: { “Name”: “DELETE” } }`

See Also:

• AWS API Documentation

Constant Summary

SENSITIVE =

[]

Instance Attribute Summary

• #all_query_arguments ⇒ Types::AllQueryArguments

  Inspect all query arguments.

• #body ⇒ Types::Body

  Inspect the request body as plain text.

• #cookies ⇒ Types::Cookies

  Inspect the request cookies.

• #header_order ⇒ Types::HeaderOrder

  Inspect a string containing the list of the request’s header names, ordered as they appear in the web request that WAF receives for inspection.

• #headers ⇒ Types::Headers

  Inspect the request headers.

• #ja3_fingerprint ⇒ Types::JA3Fingerprint

  Match against the request’s JA3 fingerprint.

• #json_body ⇒ Types::JsonBody

  Inspect the request body as JSON.

• #method ⇒ Types::Method

  Inspect the HTTP method.

• #query_string ⇒ Types::QueryString

  Inspect the query string.

• #single_header ⇒ Types::SingleHeader

  Inspect a single header.

• #single_query_argument ⇒ Types::SingleQueryArgument

  Inspect a single query argument.

• #uri_path ⇒ Types::UriPath

  Inspect the request URI path.

Instance Attribute Details

#all_query_arguments ⇒ Types::AllQueryArguments

Inspect all query arguments.

Returns:

• (Types::AllQueryArguments)

# File 'lib/aws-sdk-wafv2/types.rb', line 2481

class FieldToMatch < Struct.new(
  :single_header,
  :single_query_argument,
  :all_query_arguments,
  :uri_path,
  :query_string,
  :body,
  :method,
  :json_body,
  :headers,
  :cookies,
  :header_order,
  :ja3_fingerprint)
  SENSITIVE = []
  include Aws::Structure
end

#body ⇒ Types::Body

Inspect the request body as plain text. The request body immediately follows the request headers. This is the part of a request that contains any additional data that you want to send to your web server as the HTTP request body, such as data from a form.

A limited amount of the request body is forwarded to WAF for inspection by the underlying host service. For regional resources, the limit is 8 KB (8,192 bytes) and for CloudFront distributions, the limit is 16 KB (16,384 bytes). For CloudFront distributions, you can increase the limit in the web ACL’s ‘AssociationConfig`, for additional processing fees.

For information about how to handle oversized request bodies, see the ‘Body` object configuration.

Returns:

• (Types::Body)

# File 'lib/aws-sdk-wafv2/types.rb', line 2481

class FieldToMatch < Struct.new(
  :single_header,
  :single_query_argument,
  :all_query_arguments,
  :uri_path,
  :query_string,
  :body,
  :method,
  :json_body,
  :headers,
  :cookies,
  :header_order,
  :ja3_fingerprint)
  SENSITIVE = []
  include Aws::Structure
end

#cookies ⇒ Types::Cookies

Inspect the request cookies. You must configure scope and pattern matching filters in the ‘Cookies` object, to define the set of cookies and the parts of the cookies that WAF inspects.

Only the first 8 KB (8192 bytes) of a request’s cookies and only the first 200 cookies are forwarded to WAF for inspection by the underlying host service. You must configure how to handle any oversize cookie content in the ‘Cookies` object. WAF applies the pattern matching filters to the cookies that it receives from the underlying host service.

Returns:

• (Types::Cookies)

# File 'lib/aws-sdk-wafv2/types.rb', line 2481

class FieldToMatch < Struct.new(
  :single_header,
  :single_query_argument,
  :all_query_arguments,
  :uri_path,
  :query_string,
  :body,
  :method,
  :json_body,
  :headers,
  :cookies,
  :header_order,
  :ja3_fingerprint)
  SENSITIVE = []
  include Aws::Structure
end

#header_order ⇒ Types::HeaderOrder

Inspect a string containing the list of the request’s header names, ordered as they appear in the web request that WAF receives for inspection. WAF generates the string and then uses that as the field to match component in its inspection. WAF separates the header names in the string using colons and no added spaces, for example ‘host:user-agent:accept:authorization:referer`.

Returns:

• (Types::HeaderOrder)

# File 'lib/aws-sdk-wafv2/types.rb', line 2481

class FieldToMatch < Struct.new(
  :single_header,
  :single_query_argument,
  :all_query_arguments,
  :uri_path,
  :query_string,
  :body,
  :method,
  :json_body,
  :headers,
  :cookies,
  :header_order,
  :ja3_fingerprint)
  SENSITIVE = []
  include Aws::Structure
end

#headers ⇒ Types::Headers

Inspect the request headers. You must configure scope and pattern matching filters in the ‘Headers` object, to define the set of headers to and the parts of the headers that WAF inspects.

Only the first 8 KB (8192 bytes) of a request’s headers and only the first 200 headers are forwarded to WAF for inspection by the underlying host service. You must configure how to handle any oversize header content in the ‘Headers` object. WAF applies the pattern matching filters to the headers that it receives from the underlying host service.

Returns:

• (Types::Headers)

# File 'lib/aws-sdk-wafv2/types.rb', line 2481

class FieldToMatch < Struct.new(
  :single_header,
  :single_query_argument,
  :all_query_arguments,
  :uri_path,
  :query_string,
  :body,
  :method,
  :json_body,
  :headers,
  :cookies,
  :header_order,
  :ja3_fingerprint)
  SENSITIVE = []
  include Aws::Structure
end

#ja3_fingerprint ⇒ Types::JA3Fingerprint

Match against the request’s JA3 fingerprint. The JA3 fingerprint is a 32-character hash derived from the TLS Client Hello of an incoming request. This fingerprint serves as a unique identifier for the client’s TLS configuration. WAF calculates and logs this fingerprint for each request that has enough TLS Client Hello information for the calculation. Almost all web requests include this information.

<note markdown=“1”> You can use this choice only with a string match ‘ByteMatchStatement` with the `PositionalConstraint` set to `EXACTLY`.

</note>

You can obtain the JA3 fingerprint for client requests from the web ACL logs. If WAF is able to calculate the fingerprint, it includes it in the logs. For information about the logging fields, see [Log fields] in the *WAF Developer Guide*.

Provide the JA3 fingerprint string from the logs in your string match statement specification, to match with any future requests that have the same TLS configuration.

[1]: docs.aws.amazon.com/waf/latest/developerguide/logging-fields.html

Returns:

• (Types::JA3Fingerprint)

# File 'lib/aws-sdk-wafv2/types.rb', line 2481

class FieldToMatch < Struct.new(
  :single_header,
  :single_query_argument,
  :all_query_arguments,
  :uri_path,
  :query_string,
  :body,
  :method,
  :json_body,
  :headers,
  :cookies,
  :header_order,
  :ja3_fingerprint)
  SENSITIVE = []
  include Aws::Structure
end

#json_body ⇒ Types::JsonBody

Inspect the request body as JSON. The request body immediately follows the request headers. This is the part of a request that contains any additional data that you want to send to your web server as the HTTP request body, such as data from a form.

A limited amount of the request body is forwarded to WAF for inspection by the underlying host service. For regional resources, the limit is 8 KB (8,192 bytes) and for CloudFront distributions, the limit is 16 KB (16,384 bytes). For CloudFront distributions, you can increase the limit in the web ACL’s ‘AssociationConfig`, for additional processing fees.

For information about how to handle oversized request bodies, see the ‘JsonBody` object configuration.

Returns:

• (Types::JsonBody)

# File 'lib/aws-sdk-wafv2/types.rb', line 2481

class FieldToMatch < Struct.new(
  :single_header,
  :single_query_argument,
  :all_query_arguments,
  :uri_path,
  :query_string,
  :body,
  :method,
  :json_body,
  :headers,
  :cookies,
  :header_order,
  :ja3_fingerprint)
  SENSITIVE = []
  include Aws::Structure
end

#method ⇒ Types::Method

Inspect the HTTP method. The method indicates the type of operation that the request is asking the origin to perform.

Returns:

• (Types::Method)

# File 'lib/aws-sdk-wafv2/types.rb', line 2481

class FieldToMatch < Struct.new(
  :single_header,
  :single_query_argument,
  :all_query_arguments,
  :uri_path,
  :query_string,
  :body,
  :method,
  :json_body,
  :headers,
  :cookies,
  :header_order,
  :ja3_fingerprint)
  SENSITIVE = []
  include Aws::Structure
end

#query_string ⇒ Types::QueryString

Inspect the query string. This is the part of a URL that appears after a ‘?` character, if any.

Returns:

• (Types::QueryString)

# File 'lib/aws-sdk-wafv2/types.rb', line 2481

class FieldToMatch < Struct.new(
  :single_header,
  :single_query_argument,
  :all_query_arguments,
  :uri_path,
  :query_string,
  :body,
  :method,
  :json_body,
  :headers,
  :cookies,
  :header_order,
  :ja3_fingerprint)
  SENSITIVE = []
  include Aws::Structure
end

#single_header ⇒ Types::SingleHeader

Inspect a single header. Provide the name of the header to inspect, for example, ‘User-Agent` or `Referer`. This setting isn’t case sensitive.

Example JSON: ‘“SingleHeader”: { “Name”: “haystack” }`

Alternately, you can filter and inspect all headers with the ‘Headers` `FieldToMatch` setting.

Returns:

• (Types::SingleHeader)

# File 'lib/aws-sdk-wafv2/types.rb', line 2481

class FieldToMatch < Struct.new(
  :single_header,
  :single_query_argument,
  :all_query_arguments,
  :uri_path,
  :query_string,
  :body,
  :method,
  :json_body,
  :headers,
  :cookies,
  :header_order,
  :ja3_fingerprint)
  SENSITIVE = []
  include Aws::Structure
end

#single_query_argument ⇒ Types::SingleQueryArgument

Inspect a single query argument. Provide the name of the query argument to inspect, such as UserName or SalesRegion. The name can be up to 30 characters long and isn’t case sensitive.

Example JSON: ‘“SingleQueryArgument”: { “Name”: “myArgument” }`

Returns:

• (Types::SingleQueryArgument)

# File 'lib/aws-sdk-wafv2/types.rb', line 2481

class FieldToMatch < Struct.new(
  :single_header,
  :single_query_argument,
  :all_query_arguments,
  :uri_path,
  :query_string,
  :body,
  :method,
  :json_body,
  :headers,
  :cookies,
  :header_order,
  :ja3_fingerprint)
  SENSITIVE = []
  include Aws::Structure
end

#uri_path ⇒ Types::UriPath

Inspect the request URI path. This is the part of the web request that identifies a resource, for example, ‘/images/daily-ad.jpg`.

Returns:

• (Types::UriPath)

# File 'lib/aws-sdk-wafv2/types.rb', line 2481

class FieldToMatch < Struct.new(
  :single_header,
  :single_query_argument,
  :all_query_arguments,
  :uri_path,
  :query_string,
  :body,
  :method,
  :json_body,
  :headers,
  :cookies,
  :header_order,
  :ja3_fingerprint)
  SENSITIVE = []
  include Aws::Structure
end