[英]AWS WAF rule to only accept POST requests
I am trying to create a WAF rule that only accepts POST requests.我正在尝试创建一个只接受 POST 请求的 WAF 规则。 Via the UI this was straight forward, however trying to achieve the same with the CDK.
通过 UI,这是直截了当的,但是试图通过 CDK 实现相同的目标。 I think I have most of it complete, but the Method is giving me problems.
我想我已经完成了大部分,但是方法给我带来了问题。 I would have thought it should be
HttpMethod.Post
but that does not work.我原以为它应该是
HttpMethod.Post
但这不起作用。
Here is what I have:这是我所拥有的:
Amazon.CDK.AWS.WAFv2.CfnWebACL cfnWebACL2 = new Amazon.CDK.AWS.WAFv2.CfnWebACL(this, "MyCfnWebACL", new Amazon.CDK.AWS.WAFv2.CfnWebACLProps {
DefaultAction = new Amazon.CDK.AWS.WAFv2.CfnWebACL.DefaultActionProperty {
Block = true
},
Name = "Allow_Post",
Rules = new [] { new Amazon.CDK.AWS.WAFv2.CfnWebACL.RuleProperty {
Name = "Allow_Post",
Priority = 1,
Statement = new Amazon.CDK.AWS.WAFv2.CfnWebACL.StatementProperty {
ByteMatchStatement = new Amazon.CDK.AWS.WAFv2.CfnWebACL.ByteMatchStatementProperty {
FieldToMatch = new Amazon.CDK.AWS.WAFv2.CfnWebACL.FieldToMatchProperty {
Method = HttpMethod.Post
},
PositionalConstraint = "EXACTLY",
SearchString = "POST",
TextTransformations = new [] { new Amazon.CDK.AWS.WAFv2.CfnWebACL.TextTransformationProperty {
Priority = 1,
Type = "NONE"
} },
}
},
VisibilityConfig = new Amazon.CDK.AWS.WAFv2.CfnWebACL.VisibilityConfigProperty {
CloudWatchMetricsEnabled = false,
MetricName = "metricName",
SampledRequestsEnabled = false
}}},
VisibilityConfig = new Amazon.CDK.AWS.WAFv2.CfnWebACL.VisibilityConfigProperty {
CloudWatchMetricsEnabled = false,
MetricName = "metricName",
SampledRequestsEnabled = false
},
Scope = "REGIONAL",
});
Finally got this working:终于得到这个工作:
Amazon.CDK.AWS.WAFv2.CfnWebACL cfnWebACL = new Amazon.CDK.AWS.WAFv2.CfnWebACL(this, "MyCfnWebACLw", new Amazon.CDK.AWS.WAFv2.CfnWebACLProps {
DefaultAction = new Amazon.CDK.AWS.WAFv2.CfnWebACL.DefaultActionProperty {
Block = new Amazon.CDK.AWS.WAFv2.CfnWebACL.BlockActionProperty {
CustomResponse = new Amazon.CDK.AWS.WAFv2.CfnWebACL.CustomResponseProperty {
ResponseCode = 403,
}
}
},
Scope = "REGIONAL",
VisibilityConfig = new Amazon.CDK.AWS.WAFv2.CfnWebACL.VisibilityConfigProperty {
MetricName = "test",
SampledRequestsEnabled = false,
CloudWatchMetricsEnabled = false
},
Rules = new [] { new Amazon.CDK.AWS.WAFv2.CfnWebACL.RuleProperty {
Name = "myRule",
Priority = 0,
Statement = new Amazon.CDK.AWS.WAFv2.CfnWebACL.StatementProperty {
ByteMatchStatement = new Amazon.CDK.AWS.WAFv2.CfnWebACL.ByteMatchStatementProperty {
PositionalConstraint = "EXACTLY",
SearchString = "POST",
TextTransformations = new [] {new Amazon.CDK.AWS.WAFv2.CfnWebACL.TextTransformationProperty {
Priority = 0,
Type = "NONE"
}},
FieldToMatch = new Amazon.CDK.AWS.WAFv2.CfnWebACL.FieldToMatchProperty {
Method = new Dictionary<string, object> {{ "name", "Post" }}
}
}
},
VisibilityConfig = new Amazon.CDK.AWS.WAFv2.CfnWebACL.VisibilityConfigProperty {
MetricName = "myMEtric",
SampledRequestsEnabled = false,
CloudWatchMetricsEnabled = false
},
Action = new Amazon.CDK.AWS.WAFv2.CfnWebACL.RuleActionProperty {
Allow = new Amazon.CDK.AWS.WAFv2.CfnWebACL.AllowActionProperty {
CustomRequestHandling = new Amazon.CDK.AWS.WAFv2.CfnWebACL.CustomRequestHandlingProperty {
InsertHeaders = new [] { new Amazon.CDK.AWS.WAFv2.CfnWebACL.CustomHTTPHeaderProperty {
Name = "name",
Value = "value"
} }
}
}
}
}}
});
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.