wafv2/aws.sdk.kotlin.services.wafv2.model/FieldToMatch

FieldToMatch

class FieldToMatch

Specifies a web request component to be used in a rule match statement or in a logging configuration.

In a rule statement, this is the part of the web request that you want WAF to inspect. Include the single FieldToMatch type that you want to inspect, with additional specifications as needed, according to the type. You specify a single request component in FieldToMatch for each rule statement that requires it. To inspect more than one component of the web request, create a separate rule statement for each component.Example JSON for a QueryString field to match: "FieldToMatch": { "QueryString": {} }Example JSON for a Method field to match specification:"FieldToMatch": { "Method": { "Name": "DELETE" } }
In a logging configuration, this is used in the RedactedFields property to specify a field to redact from the logging records. For this use case, note the following:

Even though all FieldToMatch settings are available, the only valid settings for field redaction are UriPath, QueryString, SingleHeader, and Method.
In this documentation, the descriptions of the individual fields talk about specifying the web request component to inspect, but for field redaction, you are specifying the component type to redact from the logs.
If you have request sampling enabled, the redacted fields configuration for logging has no impact on sampling. You can only exclude fields from request sampling by disabling sampling in the web ACL visibility configuration or by configuring data protection for the web ACL.

Types

Builder

class Builder

Companion

object Companion

Properties

allQueryArguments

val allQueryArguments: AllQueryArguments?

Inspect all query arguments.

body

val body: Body?

Inspect the request body as plain text. The request body immediately follows the request headers. This is the part of a request that contains any additional data that you want to send to your web server as the HTTP request body, such as data from a form.

val cookies: Cookies?

Inspect the request cookies. You must configure scope and pattern matching filters in the Cookies object, to define the set of cookies and the parts of the cookies that WAF inspects.

headerOrder

val headerOrder: HeaderOrder?

Inspect a string containing the list of the request's header names, ordered as they appear in the web request that WAF receives for inspection. WAF generates the string and then uses that as the field to match component in its inspection. WAF separates the header names in the string using colons and no added spaces, for example host:user-agent:accept:authorization:referer.

headers

val headers: Headers?

Inspect the request headers. You must configure scope and pattern matching filters in the Headers object, to define the set of headers to and the parts of the headers that WAF inspects.

ja3Fingerprint

val ja3Fingerprint: Ja3Fingerprint?

Available for use with Amazon CloudFront distributions and Application Load Balancers. Match against the request's JA3 fingerprint. The JA3 fingerprint is a 32-character hash derived from the TLS Client Hello of an incoming request. This fingerprint serves as a unique identifier for the client's TLS configuration. WAF calculates and logs this fingerprint for each request that has enough TLS Client Hello information for the calculation. Almost all web requests include this information.

ja4Fingerprint

val ja4Fingerprint: Ja4Fingerprint?

Available for use with Amazon CloudFront distributions and Application Load Balancers. Match against the request's JA4 fingerprint. The JA4 fingerprint is a 36-character hash derived from the TLS Client Hello of an incoming request. This fingerprint serves as a unique identifier for the client's TLS configuration. WAF calculates and logs this fingerprint for each request that has enough TLS Client Hello information for the calculation. Almost all web requests include this information.

jsonBody

val jsonBody: JsonBody?

Inspect the request body as JSON. The request body immediately follows the request headers. This is the part of a request that contains any additional data that you want to send to your web server as the HTTP request body, such as data from a form.

method

val method: Method?

Inspect the HTTP method. The method indicates the type of operation that the request is asking the origin to perform.

queryString

val queryString: QueryString?

Inspect the query string. This is the part of a URL that appears after a ? character, if any.

singleHeader

val singleHeader: SingleHeader?

Inspect a single header. Provide the name of the header to inspect, for example, User-Agent or Referer. This setting isn't case sensitive.

singleQueryArgument

val singleQueryArgument: SingleQueryArgument?

Inspect a single query argument. Provide the name of the query argument to inspect, such as UserName or SalesRegion. The name can be up to 30 characters long and isn't case sensitive.

uriFragment

val uriFragment: UriFragment?

Inspect fragments of the request URI. You must configure scope and pattern matching filters in the UriFragment object, to define the fragment of a URI that WAF inspects.

uriPath

val uriPath: UriPath?

Inspect the request URI path. This is the part of the web request that identifies a resource, for example, /images/daily-ad.jpg.

Functions

copy

inline fun copy(block: FieldToMatch.Builder.() -> Unit = {}): FieldToMatch

equals

open operator override fun equals(other: Any?): Boolean

hashCode

open override fun hashCode(): Int

toString

open override fun toString(): String