interface ResponseInspectionProperty
Language | Type name |
---|---|
![]() | Amazon.CDK.AWS.WAFv2.CfnWebACL.ResponseInspectionProperty |
![]() | github.com/aws/aws-cdk-go/awscdk/v2/awswafv2#CfnWebACL_ResponseInspectionProperty |
![]() | software.amazon.awscdk.services.wafv2.CfnWebACL.ResponseInspectionProperty |
![]() | aws_cdk.aws_wafv2.CfnWebACL.ResponseInspectionProperty |
![]() | aws-cdk-lib » aws_wafv2 » CfnWebACL » ResponseInspectionProperty |
The criteria for inspecting responses to login requests, used by the ATP rule group to track login failure rates.
The ATP rule group evaluates the responses that your protected resources send back to client login attempts, keeping count of successful and failed attempts from each IP address and client session. Using this information, the rule group labels and mitigates requests from client sessions and IP addresses that submit too many failed login attempts in a short amount of time.
Response inspection is available only in web ACLs that protect Amazon CloudFront distributions.
This is part of the AWSManagedRulesATPRuleSet
configuration in ManagedRuleGroupConfig
.
Enable login response inspection by configuring exactly one component of the response to inspect. You can't configure more than one. If you don't configure any of the response inspection options, response inspection is disabled.
Example
// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import { aws_wafv2 as wafv2 } from 'aws-cdk-lib';
const responseInspectionProperty: wafv2.CfnWebACL.ResponseInspectionProperty = {
bodyContains: {
failureStrings: ['failureStrings'],
successStrings: ['successStrings'],
},
header: {
failureValues: ['failureValues'],
name: 'name',
successValues: ['successValues'],
},
json: {
failureValues: ['failureValues'],
identifier: 'identifier',
successValues: ['successValues'],
},
statusCode: {
failureCodes: [123],
successCodes: [123],
},
};
Properties
Name | Type | Description |
---|---|---|
body | IResolvable | Response | Configures inspection of the response body. |
header? | IResolvable | Response | Configures inspection of the response header. |
json? | IResolvable | Response | Configures inspection of the response JSON. |
status | IResolvable | Response | Configures inspection of the response status code. |
bodyContains?
Type:
IResolvable
|
Response
(optional)
Configures inspection of the response body.
AWS WAF can inspect the first 65,536 bytes (64 KB) of the response body.
header?
Type:
IResolvable
|
Response
(optional)
Configures inspection of the response header.
json?
Type:
IResolvable
|
Response
(optional)
Configures inspection of the response JSON.
AWS WAF can inspect the first 65,536 bytes (64 KB) of the response JSON.
statusCode?
Type:
IResolvable
|
Response
(optional)
Configures inspection of the response status code.