AWS WAF Byte Match Set

This page shows how to write Terraform and CloudFormation for AWS WAF Byte Match Set and write them securely.

aws_waf_byte_match_set (Terraform)

The Byte Match Set in AWS WAF can be configured in Terraform with the resource name aws_waf_byte_match_set. The following sections describe 1 example of how to use the resource and its parameters.

Example Usage from GitHub

main.tf#L16
resource "aws_waf_byte_match_set" "this" {
  for_each = { for rule in var.waf_rules : rule.name => rule if length(rule.byte_match_tuples) > 0 }
  name     = each.key

  dynamic byte_match_tuples {
    for_each = concat([], each.value.byte_match_tuples)

Review your Terraform file for AWS best practices

Shisho Cloud, our free checker to make sure your Terraform configuration follows best practices, is available (beta).

Parameters

Explanation in Terraform Registry

Provides a WAF Byte Match Set Resource

AWS::WAF::ByteMatchSet (CloudFormation)

The ByteMatchSet in WAF can be configured in CloudFormation with the resource name AWS::WAF::ByteMatchSet. The following sections describe 10 examples of how to use the resource and its parameters.

Example Usage from GitHub

allow-get.yml#L7
    Type: 'AWS::WAF::ByteMatchSet'
    Properties:
      Name: 'allowget'
      ByteMatchTuples:
        - FieldToMatch:
            Type: 'METHOD'
owasp_10_base.yml#L270
    Type: AWS::WAF::ByteMatchSet
    Condition: isGlobal
    Properties:
      Name: !Join ['-', [!Ref stackPrefix, 'match-auth-tokens']]
      ByteMatchTuples:
        - FieldToMatch:
owasp_10_base.yml#L268
    Type: AWS::WAF::ByteMatchSet
    Condition: isGlobal
    Properties:
      Name: !Join ['-', [!Ref stackPrefix, 'match-auth-tokens']]
      ByteMatchTuples:
        - FieldToMatch:
waf-rules.yml#L266
    Type: AWS::WAF::ByteMatchSet
    Condition: isGlobal
    Properties:
      Name: !Join ['-', [!Ref stackPrefix, 'match-auth-tokens']]
      ByteMatchTuples:
        - FieldToMatch:
AWSWAFStrutsCVE2018-11776.yml#L16
    Type: AWS::WAF::ByteMatchSet
    Condition: isGlobal
    Properties:
      Name: URIOGNLStartStringFilter
      ByteMatchTuples:
        - FieldToMatch:
owasp_10_base.json#L444
            "Type": "AWS::WAF::ByteMatchSet",
            "Condition": "isGlobal",
            "Properties": {
                "Name": {
                    "Fn::Join": [
                        "-",
waf-shiftmanprd.json#L338
      "Type": "AWS::WAF::ByteMatchSet",
      "Properties": {
        "Name": "PRServlet Match",
        "ByteMatchTuples": [
          {
            "FieldToMatch": {
WAF.json#L3
  "resourceType" : "AWS::WAF::ByteMatchSet",
  "properties" : [ {
    "propertyName" : "ByteMatchTuples",
    "propertyType" : "List<AWS::WAF::ByteMatchSet::ByteMatchTuple>",
    "required" : false,
    "propertyHref" : "aws-properties-waf-bytematchset-bytematchtuples.html"
cfn_waf-byteheader_2_v1.json#L22
      "Type": "AWS::WAF::ByteMatchSet",
      "Properties": {
        "Name": {
          "Ref": "ByteHeaderCondition2"
        },
        "ByteMatchTuples": [
cfn_waf-byteuri_2_v1.json#L22
      "Type": "AWS::WAF::ByteMatchSet",
      "Properties": {
        "Name": {
          "Ref": "ByteURICondition2"
        },
        "ByteMatchTuples": [

Parameters

Explanation in CloudFormation Registry

Note This is AWS WAF Classic documentation. For more information, see AWS WAF Classic in the developer guide. For the latest version of AWS WAF , use the AWS WAFV2 API and see the AWS WAF Developer Guide. With the latest version, AWS WAF has a single set of endpoints for regional and global use. The AWS::WAF::ByteMatchSet resource creates an AWS WAF ByteMatchSet that identifies a part of a web request that you want to inspect.

Frequently asked questions

What is AWS WAF Byte Match Set?

AWS WAF Byte Match Set is a resource for WAF of Amazon Web Service. Settings can be wrote in Terraform and CloudFormation.

Where can I find the example code for the AWS WAF Byte Match Set?

For Terraform, the Flaconi/terraform-aws-waf-acl-rules source code example is useful. See the Terraform Example section for further details.

For CloudFormation, the CU-CommunityApps/waf-testing, Amish132/Cloud-AWS--Fault-Tolerant-Notes-Application and gaurangdavda/CloudNote source code examples are useful. See the CloudFormation Example section for further details.