AWS WAF Regional Regional SQL Injection Match Set
This page shows how to write Terraform and CloudFormation for AWS WAF Regional Regional SQL Injection Match Set and write them securely.
aws_wafregional_sql_injection_match_set (Terraform)
The Regional SQL Injection Match Set in AWS WAF Regional can be configured in Terraform with the resource name aws_wafregional_sql_injection_match_set
. The following sections describe 3 examples of how to use the resource and its parameters.
Example Usage from GitHub
resource "aws_wafregional_sql_injection_match_set" "sql_injection_match_set" {
name = "detect-sqli"
sql_injection_match_tuple {
text_transformation = "HTML_ENTITY_DECODE"
resource "aws_wafregional_sql_injection_match_set" "sql_injection_match_set" {
name = "detect-sqli"
sql_injection_match_tuple {
text_transformation = "HTML_ENTITY_DECODE"
resource "aws_wafregional_sql_injection_match_set" "this" {
name = var.name
dynamic "sql_injection_match_tuple" {
for_each = var.sql_injection_match_tuple
content {
Parameters
-
id
optional computed - string -
name
required - string -
sql_injection_match_tuple
set block-
text_transformation
required - string -
field_to_match
list block
-
Explanation in Terraform Registry
Provides a WAF Regional SQL Injection Match Set Resource for use with Application Load Balancer.
AWS::WAFRegional::SqlInjectionMatchSet (CloudFormation)
The SqlInjectionMatchSet in WAFRegional can be configured in CloudFormation with the resource name AWS::WAFRegional::SqlInjectionMatchSet
. The following sections describe 10 examples of how to use the resource and its parameters.
Example Usage from GitHub
Type: AWS::WAFRegional::SqlInjectionMatchSet
Properties:
Name: !Sub ${AWS::StackName}-SqliSet
SqlInjectionMatchTuples:
- FieldToMatch:
Type: URI
Type: AWS::WAFRegional::SqlInjectionMatchSet
Properties:
Name: SqlInjectionMatchSet
SqlInjectionMatchTuples:
- FieldToMatch:
Type: QUERY_STRING
Type: AWS::WAFRegional::SqlInjectionMatchSet
Properties:
Name: !Sub ${StackPrefix}DetectSQLi
SqlInjectionMatchTuples:
- FieldToMatch:
Type: URI
Type: AWS::WAFRegional::SqlInjectionMatchSet
Properties:
Name: 'waf-tsting-detect-sqli'
SqlInjectionMatchTuples:
- FieldToMatch:
Type: URI
Type: AWS::WAFRegional::SqlInjectionMatchSet
Properties:
Name: !Sub '${AWS::StackName}-detect-sqli'
SqlInjectionMatchTuples:
- FieldToMatch:
Type: URI
"Type": "AWS::WAFRegional::SqlInjectionMatchSet",
"Properties": {
"Name": "${stack}-${instance}-URI-Query-SQL-Injection-Set",
"SqlInjectionMatchTuples": [
{
"FieldToMatch": {
"AWS::WAFRegional::SqlInjectionMatchSet.FieldToMatch": {
"Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-wafregional-sqlinjectionmatchset-fieldtomatch.html",
"Properties": {
"Type": {
"Required": true,
"Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-wafregional-sqlinjectionmatchset-fieldtomatch.html#cfn-wafregional-sqlinjectionmatchset-fieldtomatch-type",
"AWS::WAFRegional::SqlInjectionMatchSet.FieldToMatch": {
"Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-wafregional-sqlinjectionmatchset-fieldtomatch.html",
"Properties": {
"Type": {
"Required": true,
"Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-wafregional-sqlinjectionmatchset-fieldtomatch.html#cfn-wafregional-sqlinjectionmatchset-fieldtomatch-type",
"AWS::WAFRegional::SqlInjectionMatchSet.FieldToMatch": {
"Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-wafregional-sqlinjectionmatchset-fieldtomatch.html",
"Properties": {
"Type": {
"Required": true,
"Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-wafregional-sqlinjectionmatchset-fieldtomatch.html#cfn-wafregional-sqlinjectionmatchset-fieldtomatch-type",
"AWS::WAFRegional::SqlInjectionMatchSet.FieldToMatch": {
"Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-wafregional-sqlinjectionmatchset-fieldtomatch.html",
"Properties": {
"Type": {
"Required": true,
"Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-wafregional-sqlinjectionmatchset-fieldtomatch.html#cfn-wafregional-sqlinjectionmatchset-fieldtomatch-type",
Parameters
-
SqlInjectionMatchTuples
optional - List of SqlInjectionMatchTuple -
Name
required - String
Explanation in CloudFormation Registry
Note This is AWS WAF Classic documentation. For more information, see AWS WAF Classic in the developer guide. For the latest version of AWS WAF , use the AWS WAFV2 API and see the AWS WAF Developer Guide. With the latest version, AWS WAF has a single set of endpoints for regional and global use. A complex type that contains
SqlInjectionMatchTuple
objects, which specify the parts of web requests that you want AWS WAF to inspect for snippets of malicious SQL code and, if you want AWS WAF to inspect a header, the name of the header. If aSqlInjectionMatchSet
contains more than oneSqlInjectionMatchTuple
object, a request needs to include snippets of SQL code in only one of the specified parts of the request to be considered a match.
Frequently asked questions
What is AWS WAF Regional Regional SQL Injection Match Set?
AWS WAF Regional Regional SQL Injection Match Set is a resource for WAF Regional of Amazon Web Service. Settings can be wrote in Terraform and CloudFormation.
Where can I find the example code for the AWS WAF Regional Regional SQL Injection Match Set?
For Terraform, the dwp/dataworks-metrics-infrastructure, dwp/aws-analytical-env and niveklabs/aws source code examples are useful. See the Terraform Example section for further details.
For CloudFormation, the m6a-UdS/hf-ctf, CLSDevelopment/CLSWebsite and rupertbg/aws-3tier-container-deployment source code examples are useful. See the CloudFormation Example section for further details.