AWS::WAFv2::WebACL Cookies
Inspect the cookies in the web request. You can specify the parts of the cookies to inspect and you can narrow the set of cookies to inspect by including or excluding specific keys.
This is used to indicate the web request component to inspect, in the FieldToMatch
specification.
Example JSON: "Cookies": { "MatchPattern": { "All": {} }, "MatchScope": "KEY",
"OversizeHandling": "MATCH" }
Syntax
To declare this entity in your AWS CloudFormation template, use the following syntax:
JSON
{ "MatchPattern" :
CookieMatchPattern
, "MatchScope" :String
, "OversizeHandling" :String
}
YAML
MatchPattern:
CookieMatchPattern
MatchScope:String
OversizeHandling:String
Properties
MatchPattern
-
The filter to use to identify the subset of cookies to inspect in a web request.
You must specify exactly one setting: either
All
,IncludedCookies
, orExcludedCookies
.Example JSON:
"MatchPattern": { "IncludedCookies": {"KeyToInclude1", "KeyToInclude2", "KeyToInclude3"} }
Required: Yes
Type: CookieMatchPattern
Update requires: No interruption
MatchScope
-
The parts of the cookies to inspect with the rule inspection criteria. If you specify
All
, AWS WAF inspects both keys and values.Required: Yes
Type: String
Allowed values:
ALL | KEY | VALUE
Update requires: No interruption
OversizeHandling
-
What AWS WAF should do if the cookies of the request are larger than AWS WAF can inspect. AWS WAF does not support inspecting the entire contents of request cookies when they exceed 8 KB (8192 bytes) or 200 total cookies. The underlying host service forwards a maximum of 200 cookies and at most 8 KB of cookie contents to AWS WAF.
The options for oversize handling are the following:
-
CONTINUE
- Inspect the cookies normally, according to the rule inspection criteria. -
MATCH
- Treat the web request as matching the rule statement. AWS WAF applies the rule action to the request. -
NO_MATCH
- Treat the web request as not matching the rule statement.
Required: Yes
Type: String
Allowed values:
CONTINUE | MATCH | NO_MATCH
Update requires: No interruption
-
Examples
Set the Cookies specification
The following shows an example Cookies field to match specification.
YAML
FieldToMatch: Cookies: MatchPattern: IncludedCookies: - "session-id" - "session-id-time" MatchScope: ALL OversizeHandling: MATCH
JSON
"FieldToMatch": { "Cookies": { "MatchPattern": { "IncludedCookies": [ "session-id", "session-id-time" ] }, "MatchScope": "ALL", "OversizeHandling": "MATCH" } }