AWS WAF Regional Regional XSS Match Set
This page shows how to write Terraform and CloudFormation for AWS WAF Regional Regional XSS Match Set and write them securely.
aws_wafregional_xss_match_set (Terraform)
The Regional XSS Match Set in AWS WAF Regional can be configured in Terraform with the resource name aws_wafregional_xss_match_set
. The following sections describe 3 examples of how to use the resource and its parameters.
Example Usage from GitHub
resource "aws_wafregional_xss_match_set" "xss_match_set" {
name = "detect-xss"
xss_match_tuple {
text_transformation = "HTML_ENTITY_DECODE"
resource "aws_wafregional_xss_match_set" "this" {
name = var.name
dynamic "xss_match_tuple" {
for_each = var.xss_match_tuple
content {
resource "aws_wafregional_xss_match_set" "xss_match_set" {
name = "detect-xss"
xss_match_tuple {
text_transformation = "HTML_ENTITY_DECODE"
Parameters
-
id
optional computed - string -
name
required - string -
xss_match_tuple
set block-
text_transformation
required - string -
field_to_match
list block
-
Explanation in Terraform Registry
Provides a WAF Regional XSS Match Set Resource for use with Application Load Balancer.
AWS::WAFRegional::XssMatchSet (CloudFormation)
The XssMatchSet in WAFRegional can be configured in CloudFormation with the resource name AWS::WAFRegional::XssMatchSet
. The following sections describe 10 examples of how to use the resource and its parameters.
Example Usage from GitHub
Type: AWS::WAFRegional::XssMatchSet
Properties:
Name: !Sub '${AWS::StackName}-detect-xss'
XssMatchTuples:
- FieldToMatch:
Type: URI
Type: AWS::WAFRegional::XssMatchSet
Properties:
Name: !Sub '${AWS::StackName}-detect-xss'
XssMatchTuples:
- FieldToMatch:
Type: URI
Type: AWS::WAFRegional::XssMatchSet
Properties:
Name: !Sub '${AWS::StackName}-detect-xss'
XssMatchTuples:
- FieldToMatch:
Type: URI
Type: AWS::WAFRegional::XssMatchSet
Properties:
Name: !Sub ${StackPrefix}DetectXSS
XssMatchTuples:
- FieldToMatch:
Type: URI
Type: AWS::WAFRegional::XssMatchSet
Properties:
Name: !Sub ${AWS::StackName}-XssSet
XssMatchTuples:
- FieldToMatch:
Type: URI
"AWS::WAFRegional::XssMatchSet.XssMatchTuple": {
"Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-wafregional-xssmatchset-xssmatchtuple.html",
"Properties": {
"TextTransformation": {
"Required": true,
"Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-wafregional-xssmatchset-xssmatchtuple.html#cfn-wafregional-xssmatchset-xssmatchtuple-texttransformation",
"AWS::WAFRegional::XssMatchSet.XssMatchTuple": {
"Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-wafregional-xssmatchset-xssmatchtuple.html",
"Properties": {
"TextTransformation": {
"Required": true,
"Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-wafregional-xssmatchset-xssmatchtuple.html#cfn-wafregional-xssmatchset-xssmatchtuple-texttransformation",
"AWS::WAFRegional::XssMatchSet.XssMatchTuple": {
"Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-wafregional-xssmatchset-xssmatchtuple.html",
"Properties": {
"TextTransformation": {
"Required": true,
"Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-wafregional-xssmatchset-xssmatchtuple.html#cfn-wafregional-xssmatchset-xssmatchtuple-texttransformation",
"AWS::WAFRegional::XssMatchSet.XssMatchTuple": {
"Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-wafregional-xssmatchset-xssmatchtuple.html",
"Properties": {
"TextTransformation": {
"Required": true,
"Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-wafregional-xssmatchset-xssmatchtuple.html#cfn-wafregional-xssmatchset-xssmatchtuple-texttransformation",
"Type": "AWS::WAFRegional::XssMatchSet",
"Properties": {
"Name": "${stack}-${instance}-URI-Query-XSS-Rule",
"XssMatchTuples": [
{
"FieldToMatch": {
Parameters
-
XssMatchTuples
optional - List of XssMatchTuple -
Name
required - String
Explanation in CloudFormation Registry
Note This is AWS WAF Classic documentation. For more information, see AWS WAF Classic in the developer guide. For the latest version of AWS WAF , use the AWS WAFV2 API and see the AWS WAF Developer Guide. With the latest version, AWS WAF has a single set of endpoints for regional and global use. A complex type that contains
XssMatchTuple
objects, which specify the parts of web requests that you want AWS WAF to inspect for cross-site scripting attacks and, if you want AWS WAF to inspect a header, the name of the header. If aXssMatchSet
contains more than oneXssMatchTuple
object, a request needs to include cross-site scripting attacks in only one of the specified parts of the request to be considered a match.
Frequently asked questions
What is AWS WAF Regional Regional XSS Match Set?
AWS WAF Regional Regional XSS Match Set is a resource for WAF Regional of Amazon Web Service. Settings can be wrote in Terraform and CloudFormation.
Where can I find the example code for the AWS WAF Regional Regional XSS Match Set?
For Terraform, the dwp/dataworks-metrics-infrastructure, niveklabs/aws and dwp/aws-analytical-env source code examples are useful. See the Terraform Example section for further details.
For CloudFormation, the gandhi-mansi/csye6225-su19-ccwebapp, cyrilsebastian1811/csye6225-webapp and cyrilsebastian1811/Library-Management-System source code examples are useful. See the CloudFormation Example section for further details.