Provides a WAF Byte Match Set Resource
resource "aws_waf_byte_match_set" "byte_set" {
name = "tf_waf_byte_match_set"
byte_match_tuples {
text_transformation = "NONE"
target_string = "badrefer1"
positional_constraint = "CONTAINS"
field_to_match {
type = "HEADER"
data = "referer"
}
}
}
This resource supports the following arguments:
name
- (Required) The name or description of the Byte Match Set.byte_match_tuples
- Specifies the bytes (typically a string that corresponds
with ASCII characters) that you want to search for in web requests,
the location in requests that you want to search, and other settings.byte_match_tuples
field_to_match
- (Required) The part of a web request that you want to search, such as a specified header or a query string.positional_constraint
- (Required) Within the portion of a web request that you want to search
(for example, in the query string, if any), specify where you want to search.
e.g., CONTAINS
, CONTAINS_WORD
or EXACTLY
.
See docs
for all supported values.target_string
- (Optional) The value that you want to search for within the field specified by field_to_match
, e.g., badrefer1
.
See docs
for all supported values.text_transformation
- (Required) Text transformations used to eliminate unusual formatting that attackers use in web requests in an effort to bypass AWS WAF.
If you specify a transformation, AWS WAF performs the transformation on target_string
before inspecting a request for a match.
e.g., CMD_LINE
, HTML_ENTITY_DECODE
or NONE
.
See docs
for all supported values.field_to_match
data
- (Optional) When type
is HEADER
, enter the name of the header that you want to search, e.g., User-Agent
or Referer
.
If type
is any other value, omit this field.type
- (Required) The part of the web request that you want AWS WAF to search for a specified string.
e.g., HEADER
, METHOD
or BODY
.
See docs
for all supported values.This resource exports the following attributes in addition to the arguments above:
id
- The ID of the WAF Byte Match Set.In Terraform v1.5.0 and later, use an import
block to import WAF Byte Match Set using the id. For example:
import {
to = aws_waf_byte_match_set.byte_set
id = "a1b2c3d4-d5f6-7777-8888-9999aaaabbbbcccc"
}
Using terraform import
, import WAF Byte Match Set using the id. For example:
% terraform import aws_waf_byte_match_set.byte_set a1b2c3d4-d5f6-7777-8888-9999aaaabbbbcccc