aws.waf.rule.statement
aws.waf.rule.statement MQL resource for querying AWS infrastructure with cnquery and cnspec.
AWSPrivate Resource
Min version: 9.0.0Defaults:
kindRelationships
17 resources · 34 relationships·Click to select, expand fields to see properties.
Fields (33)
| Field | Type | Description |
|---|---|---|
andstatementprivate | aws.waf.rule.statement.andstatement | Rule statement that matches if all of the rule statements inside it match |
andStatementrequired | aws.waf.rule.statement.andstatement | Statement that matches if all sub-statements match |
bytematchstatementprivate | aws.waf.rule.statement.bytematchstatement | Rule statement that matches a specified sequence of bytes |
byteMatchStatementrequired | aws.waf.rule.statement.bytematchstatement | Statement that matches certain bytes |
geomatchstatementprivate | aws.waf.rule.statement.geomatchstatement | Rule statement that checks for requests from certain countries |
geoMatchStatementrequired | aws.waf.rule.statement.geomatchstatement | Statement that matches requests from certain countries |
idrequired | string | ID of the statement |
ipsetreferencestatementprivate | aws.waf.rule.statement.ipsetreferencestatement | Rule statement that checks for requests from IP addresses defined in an IPSet |
ipSetReferenceStatementrequired | aws.waf.rule.statement.ipsetreferencestatement | Statement that matches requests from certain ips defined in an IPSet |
jsonrequired | dict | Entire statement as JSON |
kindrequired | string | Kind of statement, e.g., "sqliMatchStatement" |
labelmatchstatementprivate | aws.waf.rule.statement.labelmatchstatement | - |
labelMatchStatementrequired | aws.waf.rule.statement.labelmatchstatement | Statement that matches requests with certain labels |
managedrulegroupstatementprivate | aws.waf.rule.statement.managedrulegroupstatement | Rule statement that is managed by AWS |
managedRuleGroupStatementrequired | aws.waf.rule.statement.managedrulegroupstatement | Statement managed by AWS |
notstatementprivate | aws.waf.rule.statement.notstatement | Rule statement that negates another rule statement |
notStatementrequired | aws.waf.rule.statement.notstatement | Statement that matches if the conditions are not met |
orstatementprivate | aws.waf.rule.statement.orstatement | Rule statement that matches if one of the rule statements inside it matches |
orStatementrequired | aws.waf.rule.statement.orstatement | Statement that matches if one or many sub-statements match |
ratebasedstatementprivate | aws.waf.rule.statement.ratebasedstatement | Rule statement that matches at a certain rate of requests (rate limiting) |
rateBasedStatementrequired | aws.waf.rule.statement.ratebasedstatement | Statement that matches if a request comes in at a certain rate (rate limiting) |
regexmatchstatementprivate | aws.waf.rule.statement.regexmatchstatement | Rule statement that matches a specified regex pattern |
regexMatchStatementrequired | aws.waf.rule.statement.regexmatchstatement | Statement that matches a regex pattern |
regexpatternsetreferencestatementprivate | aws.waf.rule.statement.regexpatternsetreferencestatement | Rule statement that checks for a regex pattern defined in a regex pattern set |
regexPatternSetReferenceStatementrequired | aws.waf.rule.statement.regexpatternsetreferencestatement | Statement that matches a regex pattern defined in a regex pattern set |
rulegroupreferencestatementprivate | aws.waf.rule.statement.rulegroupreferencestatement | Rule statement that refers to a group of rules |
ruleGroupReferenceStatementrequired | aws.waf.rule.statement.rulegroupreferencestatement | Statement that refers to the rules in a rule group |
sizeconstraintstatementprivate | aws.waf.rule.statement.sizeconstraintstatement | Rule statement that checks the size of the specified field |
sizeConstraintStatementrequired | aws.waf.rule.statement.sizeconstraintstatement | Statement that matches the size of the request |
sqlimatchstatementprivate | aws.waf.rule.statement.sqlimatchstatement | Statement that matches SQLI attacks |
sqliMatchStatementrequired | aws.waf.rule.statement.sqlimatchstatement | Statement that detects SQL injection attacks |
xssmatchstatementprivate | aws.waf.rule.statement.xssmatchstatement | Statement that matches XSS attacks |
xssMatchStatementrequired | aws.waf.rule.statement.xssmatchstatement | Statement that detects XSS attacks |
Pattern to match
aws.waf.rule.fieldtomatch.jsonbody.matchpattern MQL resource for querying AWS infrastructure with cnquery and cnspec.
Rule statement that matches if all of the rule statements inside it match
aws.waf.rule.statement.andstatement MQL resource for querying AWS infrastructure with cnquery and cnspec.