aws-cdk-lib.aws_wafv2.CfnRuleGroup.CookiesProperty

interface CookiesProperty

LanguageType name
.NETAmazon.CDK.AWS.WAFv2.CfnRuleGroup.CookiesProperty
Gogithub.com/aws/aws-cdk-go/awscdk/v2/awswafv2#CfnRuleGroup_CookiesProperty
Javasoftware.amazon.awscdk.services.wafv2.CfnRuleGroup.CookiesProperty
Pythonaws_cdk.aws_wafv2.CfnRuleGroup.CookiesProperty
TypeScript aws-cdk-lib » aws_wafv2 » CfnRuleGroup » CookiesProperty

Inspect the cookies in the web request.

You can specify the parts of the cookies to inspect and you can narrow the set of cookies to inspect by including or excluding specific keys.

This is used to indicate the web request component to inspect, in the FieldToMatch specification.

Example JSON: "Cookies": { "MatchPattern": { "All": {} }, "MatchScope": "KEY", "OversizeHandling": "MATCH" }

Example

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import { aws_wafv2 as wafv2 } from 'aws-cdk-lib';

declare const all: any;
const cookiesProperty: wafv2.CfnRuleGroup.CookiesProperty = {
  matchPattern: {
    all: all,
    excludedCookies: ['excludedCookies'],
    includedCookies: ['includedCookies'],
  },
  matchScope: 'matchScope',
  oversizeHandling: 'oversizeHandling',
};

Properties

NameTypeDescription
matchPatternIResolvable | CookieMatchPatternPropertyThe filter to use to identify the subset of cookies to inspect in a web request.
matchScopestringThe parts of the cookies to inspect with the rule inspection criteria.
oversizeHandlingstringWhat AWS WAF should do if the cookies of the request are more numerous or larger than AWS WAF can inspect.

matchPattern

Type: IResolvable | CookieMatchPatternProperty

The filter to use to identify the subset of cookies to inspect in a web request.

You must specify exactly one setting: either All , IncludedCookies , or ExcludedCookies .

Example JSON: "MatchPattern": { "IncludedCookies": [ "session-id-time", "session-id" ] }


matchScope

Type: string

The parts of the cookies to inspect with the rule inspection criteria.

If you specify All , AWS WAF inspects both keys and values.


oversizeHandling

Type: string

What AWS WAF should do if the cookies of the request are more numerous or larger than AWS WAF can inspect.

AWS WAF does not support inspecting the entire contents of request cookies when they exceed 8 KB (8192 bytes) or 200 total cookies. The underlying host service forwards a maximum of 200 cookies and at most 8 KB of cookie contents to AWS WAF .

The options for oversize handling are the following:

  • CONTINUE - Inspect the available cookies normally, according to the rule inspection criteria.
  • MATCH - Treat the web request as matching the rule statement. AWS WAF applies the rule action to the request.
  • NO_MATCH - Treat the web request as not matching the rule statement.