AWS WAF SQL Injection Match Set
This page shows how to write Terraform and CloudFormation for AWS WAF SQL Injection Match Set and write them securely.
aws_waf_sql_injection_match_set (Terraform)
The SQL Injection Match Set in AWS WAF can be configured in Terraform with the resource name aws_waf_sql_injection_match_set
. The following sections describe 1 example of how to use the resource and its parameters.
Example Usage from GitHub
resource "aws_waf_sql_injection_match_set" "this" {
name = var.name
dynamic "sql_injection_match_tuples" {
for_each = var.sql_injection_match_tuples
content {
Parameters
-
id
optional computed - string -
name
required - string -
sql_injection_match_tuples
set block-
text_transformation
required - string -
field_to_match
list block
-
Explanation in Terraform Registry
Provides a WAF SQL Injection Match Set Resource
AWS::WAF::SqlInjectionMatchSet (CloudFormation)
The SqlInjectionMatchSet in WAF can be configured in CloudFormation with the resource name AWS::WAF::SqlInjectionMatchSet
. The following sections describe 10 examples of how to use the resource and its parameters.
Example Usage from GitHub
Type: AWS::WAF::SqlInjectionMatchSet
Condition: SqlInjectionProtectionActivated
Properties:
Name:
!Join
- " - "
Type: AWS::WAF::SqlInjectionMatchSet
Condition: isGlobal
Properties:
Name: !Join ['-', [!Ref stackPrefix, 'detect-sqli']]
SqlInjectionMatchTuples:
- FieldToMatch:
Type: 'AWS::WAF::SqlInjectionMatchSet'
XssMatchSet:
Properties:
Name: !Join
- ''
- - !Ref WebAppACL
Type: 'AWS::WAF::SqlInjectionMatchSet'
XssMatchSet:
Properties:
Name: !Join
- ''
- - !Ref WebAppACL
Type: 'AWS::WAF::SqlInjectionMatchSet'
Condition: SqlInjectionProtectionActivated
Properties:
Name: !Join [' - ', [!Ref 'AWS::StackName', 'SQL injection Detection']]
SqlInjectionMatchTuples:
- FieldToMatch:
"AWS::WAF::SqlInjectionMatchSet.FieldToMatch": {
"Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-waf-bytematchset-bytematchtuples-fieldtomatch.html",
"Properties": {
"Data": {
"Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-waf-bytematchset-bytematchtuples-fieldtomatch.html#cfn-waf-sizeconstraintset-sizeconstraint-fieldtomatch-data",
"PrimitiveType": "String",
"AWS::WAF::SqlInjectionMatchSet.FieldToMatch": {
"Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-waf-bytematchset-bytematchtuples-fieldtomatch.html",
"Properties": {
"Data": {
"Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-waf-bytematchset-bytematchtuples-fieldtomatch.html#cfn-waf-sizeconstraintset-sizeconstraint-fieldtomatch-data",
"PrimitiveType": "String",
"Type": "AWS::WAF::SqlInjectionMatchSet",
"Properties": {
"Name": {
"Ref": "SQLiCondition1"
},
"SqlInjectionMatchTuples": [
"Type": "AWS::WAF::SqlInjectionMatchSet",
"Properties": {
"Name": {
"Ref": "SQLiCondition1"
},
"SqlInjectionMatchTuples": [
"Type": "AWS::WAF::SqlInjectionMatchSet",
"Properties": {
"Name": {
"Ref": "SQLiCondition1"
},
"SqlInjectionMatchTuples": [
Parameters
-
Name
required - String -
SqlInjectionMatchTuples
optional - List of SqlInjectionMatchTuple
Explanation in CloudFormation Registry
Note This is AWS WAF Classic documentation. For more information, see AWS WAF Classic in the developer guide. For the latest version of AWS WAF , use the AWS WAFV2 API and see the AWS WAF Developer Guide. With the latest version, AWS WAF has a single set of endpoints for regional and global use. A complex type that contains
SqlInjectionMatchTuple
objects, which specify the parts of web requests that you want AWS WAF to inspect for snippets of malicious SQL code and, if you want AWS WAF to inspect a header, the name of the header. If aSqlInjectionMatchSet
contains more than oneSqlInjectionMatchTuple
object, a request needs to include snippets of SQL code in only one of the specified parts of the request to be considered a match.
Frequently asked questions
What is AWS WAF SQL Injection Match Set?
AWS WAF SQL Injection Match Set is a resource for WAF of Amazon Web Service. Settings can be wrote in Terraform and CloudFormation.
Where can I find the example code for the AWS WAF SQL Injection Match Set?
For Terraform, the niveklabs/aws source code example is useful. See the Terraform Example section for further details.
For CloudFormation, the azjones/cloudformation, gaurangdavda/CloudNote and divuu/CloudFormation-Scripts source code examples are useful. See the CloudFormation Example section for further details.