com.pulumi.awsnative.wafv2.kotlin.outputs.WebAclFieldToMatch.kt Maven / Gradle / Ivy
Go to download
Show more of this group Show more artifacts with this name
Show all versions of pulumi-aws-native-kotlin Show documentation
Show all versions of pulumi-aws-native-kotlin Show documentation
Build cloud applications and infrastructure by combining the safety and reliability of infrastructure as code with the power of the Kotlin programming language.
@file:Suppress("NAME_SHADOWING", "DEPRECATION")
package com.pulumi.awsnative.wafv2.kotlin.outputs
import kotlin.Any
import kotlin.Suppress
/**
* Field of the request to match.
* @property allQueryArguments All query arguments of a web request.
* @property body Inspect the request body as plain text. The request body immediately follows the request headers. This is the part of a request that contains any additional data that you want to send to your web server as the HTTP request body, such as data from a form.
* AWS WAF does not support inspecting the entire contents of the web request body if the body exceeds the limit for the resource type. When a web request body is larger than the limit, the underlying host service only forwards the contents that are within the limit to AWS WAF for inspection.
* - For Application Load Balancer and AWS AppSync , the limit is fixed at 8 KB (8,192 bytes).
* - For CloudFront, API Gateway, Amazon Cognito, App Runner, and Verified Access, the default limit is 16 KB (16,384 bytes), and you can increase the limit for each resource type in the web ACL `AssociationConfig` , for additional processing fees.
* For information about how to handle oversized request bodies, see the `Body` object configuration.
* @property cookies Inspect the request cookies. You must configure scope and pattern matching filters in the `Cookies` object, to define the set of cookies and the parts of the cookies that AWS WAF inspects.
* Only the first 8 KB (8192 bytes) of a request's cookies and only the first 200 cookies are forwarded to AWS WAF for inspection by the underlying host service. You must configure how to handle any oversize cookie content in the `Cookies` object. AWS WAF applies the pattern matching filters to the cookies that it receives from the underlying host service.
* @property headers Inspect the request headers. You must configure scope and pattern matching filters in the `Headers` object, to define the set of headers to and the parts of the headers that AWS WAF inspects.
* Only the first 8 KB (8192 bytes) of a request's headers and only the first 200 headers are forwarded to AWS WAF for inspection by the underlying host service. You must configure how to handle any oversize header content in the `Headers` object. AWS WAF applies the pattern matching filters to the headers that it receives from the underlying host service.
* @property ja3Fingerprint Available for use with Amazon CloudFront distributions and Application Load Balancers. Match against the request's JA3 fingerprint. The JA3 fingerprint is a 32-character hash derived from the TLS Client Hello of an incoming request. This fingerprint serves as a unique identifier for the client's TLS configuration. AWS WAF calculates and logs this fingerprint for each request that has enough TLS Client Hello information for the calculation. Almost all web requests include this information.
* > You can use this choice only with a string match `ByteMatchStatement` with the `PositionalConstraint` set to `EXACTLY` .
* You can obtain the JA3 fingerprint for client requests from the web ACL logs. If AWS WAF is able to calculate the fingerprint, it includes it in the logs. For information about the logging fields, see [Log fields](https://docs.aws.amazon.com/waf/latest/developerguide/logging-fields.html) in the *AWS WAF Developer Guide* .
* Provide the JA3 fingerprint string from the logs in your string match statement specification, to match with any future requests that have the same TLS configuration.
* @property jsonBody Inspect the request body as JSON. The request body immediately follows the request headers. This is the part of a request that contains any additional data that you want to send to your web server as the HTTP request body, such as data from a form.
* AWS WAF does not support inspecting the entire contents of the web request body if the body exceeds the limit for the resource type. When a web request body is larger than the limit, the underlying host service only forwards the contents that are within the limit to AWS WAF for inspection.
* - For Application Load Balancer and AWS AppSync , the limit is fixed at 8 KB (8,192 bytes).
* - For CloudFront, API Gateway, Amazon Cognito, App Runner, and Verified Access, the default limit is 16 KB (16,384 bytes), and you can increase the limit for each resource type in the web ACL `AssociationConfig` , for additional processing fees.
* For information about how to handle oversized request bodies, see the `JsonBody` object configuration.
* @property method The HTTP method of a web request. The method indicates the type of operation that the request is asking the origin to perform.
* @property queryString The query string of a web request. This is the part of a URL that appears after a ? character, if any.
* @property singleHeader Inspect a single header. Provide the name of the header to inspect, for example, `User-Agent` or `Referer` . This setting isn't case sensitive.
* Example JSON: `"SingleHeader": { "Name": "haystack" }`
* Alternately, you can filter and inspect all headers with the `Headers` `FieldToMatch` setting.
* @property singleQueryArgument One query argument in a web request, identified by name, for example UserName or SalesRegion. The name can be up to 30 characters long and isn't case sensitive.
* @property uriPath The path component of the URI of a web request. This is the part of a web request that identifies a resource, for example, /images/daily-ad.jpg.
*/
public data class WebAclFieldToMatch(
public val allQueryArguments: Any? = null,
public val body: WebAclBody? = null,
public val cookies: WebAclCookies? = null,
public val headers: WebAclHeaders? = null,
public val ja3Fingerprint: WebAclJa3Fingerprint? = null,
public val jsonBody: WebAclJsonBody? = null,
public val method: Any? = null,
public val queryString: Any? = null,
public val singleHeader: WebAclFieldToMatchSingleHeaderProperties? = null,
public val singleQueryArgument: WebAclFieldToMatchSingleQueryArgumentProperties? = null,
public val uriPath: Any? = null,
) {
public companion object {
public fun toKotlin(javaType: com.pulumi.awsnative.wafv2.outputs.WebAclFieldToMatch): WebAclFieldToMatch = WebAclFieldToMatch(
allQueryArguments = javaType.allQueryArguments().map({ args0 -> args0 }).orElse(null),
body = javaType.body().map({ args0 ->
args0.let({ args0 ->
com.pulumi.awsnative.wafv2.kotlin.outputs.WebAclBody.Companion.toKotlin(args0)
})
}).orElse(null),
cookies = javaType.cookies().map({ args0 ->
args0.let({ args0 ->
com.pulumi.awsnative.wafv2.kotlin.outputs.WebAclCookies.Companion.toKotlin(args0)
})
}).orElse(null),
headers = javaType.headers().map({ args0 ->
args0.let({ args0 ->
com.pulumi.awsnative.wafv2.kotlin.outputs.WebAclHeaders.Companion.toKotlin(args0)
})
}).orElse(null),
ja3Fingerprint = javaType.ja3Fingerprint().map({ args0 ->
args0.let({ args0 ->
com.pulumi.awsnative.wafv2.kotlin.outputs.WebAclJa3Fingerprint.Companion.toKotlin(args0)
})
}).orElse(null),
jsonBody = javaType.jsonBody().map({ args0 ->
args0.let({ args0 ->
com.pulumi.awsnative.wafv2.kotlin.outputs.WebAclJsonBody.Companion.toKotlin(args0)
})
}).orElse(null),
method = javaType.method().map({ args0 -> args0 }).orElse(null),
queryString = javaType.queryString().map({ args0 -> args0 }).orElse(null),
singleHeader = javaType.singleHeader().map({ args0 ->
args0.let({ args0 ->
com.pulumi.awsnative.wafv2.kotlin.outputs.WebAclFieldToMatchSingleHeaderProperties.Companion.toKotlin(args0)
})
}).orElse(null),
singleQueryArgument = javaType.singleQueryArgument().map({ args0 ->
args0.let({ args0 ->
com.pulumi.awsnative.wafv2.kotlin.outputs.WebAclFieldToMatchSingleQueryArgumentProperties.Companion.toKotlin(args0)
})
}).orElse(null),
uriPath = javaType.uriPath().map({ args0 -> args0 }).orElse(null),
)
}
}