AWS WAF 规则只接受 POST 个请求
AWS WAF rule to only accept POST requests
我正在尝试创建一个只接受 POST 请求的 WAF 规则。
通过 UI 这很简单,但是试图通过 CDK 实现相同的目标。
我想我已经完成了大部分,但是方法给我带来了问题。我原以为它应该是 HttpMethod.Post
但这不起作用。
这是我的资料:
Amazon.CDK.AWS.WAFv2.CfnWebACL cfnWebACL2 = new Amazon.CDK.AWS.WAFv2.CfnWebACL(this, "MyCfnWebACL", new Amazon.CDK.AWS.WAFv2.CfnWebACLProps {
DefaultAction = new Amazon.CDK.AWS.WAFv2.CfnWebACL.DefaultActionProperty {
Block = true
},
Name = "Allow_Post",
Rules = new [] { new Amazon.CDK.AWS.WAFv2.CfnWebACL.RuleProperty {
Name = "Allow_Post",
Priority = 1,
Statement = new Amazon.CDK.AWS.WAFv2.CfnWebACL.StatementProperty {
ByteMatchStatement = new Amazon.CDK.AWS.WAFv2.CfnWebACL.ByteMatchStatementProperty {
FieldToMatch = new Amazon.CDK.AWS.WAFv2.CfnWebACL.FieldToMatchProperty {
Method = HttpMethod.Post
},
PositionalConstraint = "EXACTLY",
SearchString = "POST",
TextTransformations = new [] { new Amazon.CDK.AWS.WAFv2.CfnWebACL.TextTransformationProperty {
Priority = 1,
Type = "NONE"
} },
}
},
VisibilityConfig = new Amazon.CDK.AWS.WAFv2.CfnWebACL.VisibilityConfigProperty {
CloudWatchMetricsEnabled = false,
MetricName = "metricName",
SampledRequestsEnabled = false
}}},
VisibilityConfig = new Amazon.CDK.AWS.WAFv2.CfnWebACL.VisibilityConfigProperty {
CloudWatchMetricsEnabled = false,
MetricName = "metricName",
SampledRequestsEnabled = false
},
Scope = "REGIONAL",
});
终于成功了:
Amazon.CDK.AWS.WAFv2.CfnWebACL cfnWebACL = new Amazon.CDK.AWS.WAFv2.CfnWebACL(this, "MyCfnWebACLw", new Amazon.CDK.AWS.WAFv2.CfnWebACLProps {
DefaultAction = new Amazon.CDK.AWS.WAFv2.CfnWebACL.DefaultActionProperty {
Block = new Amazon.CDK.AWS.WAFv2.CfnWebACL.BlockActionProperty {
CustomResponse = new Amazon.CDK.AWS.WAFv2.CfnWebACL.CustomResponseProperty {
ResponseCode = 403,
}
}
},
Scope = "REGIONAL",
VisibilityConfig = new Amazon.CDK.AWS.WAFv2.CfnWebACL.VisibilityConfigProperty {
MetricName = "test",
SampledRequestsEnabled = false,
CloudWatchMetricsEnabled = false
},
Rules = new [] { new Amazon.CDK.AWS.WAFv2.CfnWebACL.RuleProperty {
Name = "myRule",
Priority = 0,
Statement = new Amazon.CDK.AWS.WAFv2.CfnWebACL.StatementProperty {
ByteMatchStatement = new Amazon.CDK.AWS.WAFv2.CfnWebACL.ByteMatchStatementProperty {
PositionalConstraint = "EXACTLY",
SearchString = "POST",
TextTransformations = new [] {new Amazon.CDK.AWS.WAFv2.CfnWebACL.TextTransformationProperty {
Priority = 0,
Type = "NONE"
}},
FieldToMatch = new Amazon.CDK.AWS.WAFv2.CfnWebACL.FieldToMatchProperty {
Method = new Dictionary<string, object> {{ "name", "Post" }}
}
}
},
VisibilityConfig = new Amazon.CDK.AWS.WAFv2.CfnWebACL.VisibilityConfigProperty {
MetricName = "myMEtric",
SampledRequestsEnabled = false,
CloudWatchMetricsEnabled = false
},
Action = new Amazon.CDK.AWS.WAFv2.CfnWebACL.RuleActionProperty {
Allow = new Amazon.CDK.AWS.WAFv2.CfnWebACL.AllowActionProperty {
CustomRequestHandling = new Amazon.CDK.AWS.WAFv2.CfnWebACL.CustomRequestHandlingProperty {
InsertHeaders = new [] { new Amazon.CDK.AWS.WAFv2.CfnWebACL.CustomHTTPHeaderProperty {
Name = "name",
Value = "value"
} }
}
}
}
}}
});
我正在尝试创建一个只接受 POST 请求的 WAF 规则。
通过 UI 这很简单,但是试图通过 CDK 实现相同的目标。
我想我已经完成了大部分,但是方法给我带来了问题。我原以为它应该是 HttpMethod.Post
但这不起作用。
这是我的资料:
Amazon.CDK.AWS.WAFv2.CfnWebACL cfnWebACL2 = new Amazon.CDK.AWS.WAFv2.CfnWebACL(this, "MyCfnWebACL", new Amazon.CDK.AWS.WAFv2.CfnWebACLProps {
DefaultAction = new Amazon.CDK.AWS.WAFv2.CfnWebACL.DefaultActionProperty {
Block = true
},
Name = "Allow_Post",
Rules = new [] { new Amazon.CDK.AWS.WAFv2.CfnWebACL.RuleProperty {
Name = "Allow_Post",
Priority = 1,
Statement = new Amazon.CDK.AWS.WAFv2.CfnWebACL.StatementProperty {
ByteMatchStatement = new Amazon.CDK.AWS.WAFv2.CfnWebACL.ByteMatchStatementProperty {
FieldToMatch = new Amazon.CDK.AWS.WAFv2.CfnWebACL.FieldToMatchProperty {
Method = HttpMethod.Post
},
PositionalConstraint = "EXACTLY",
SearchString = "POST",
TextTransformations = new [] { new Amazon.CDK.AWS.WAFv2.CfnWebACL.TextTransformationProperty {
Priority = 1,
Type = "NONE"
} },
}
},
VisibilityConfig = new Amazon.CDK.AWS.WAFv2.CfnWebACL.VisibilityConfigProperty {
CloudWatchMetricsEnabled = false,
MetricName = "metricName",
SampledRequestsEnabled = false
}}},
VisibilityConfig = new Amazon.CDK.AWS.WAFv2.CfnWebACL.VisibilityConfigProperty {
CloudWatchMetricsEnabled = false,
MetricName = "metricName",
SampledRequestsEnabled = false
},
Scope = "REGIONAL",
});
终于成功了:
Amazon.CDK.AWS.WAFv2.CfnWebACL cfnWebACL = new Amazon.CDK.AWS.WAFv2.CfnWebACL(this, "MyCfnWebACLw", new Amazon.CDK.AWS.WAFv2.CfnWebACLProps {
DefaultAction = new Amazon.CDK.AWS.WAFv2.CfnWebACL.DefaultActionProperty {
Block = new Amazon.CDK.AWS.WAFv2.CfnWebACL.BlockActionProperty {
CustomResponse = new Amazon.CDK.AWS.WAFv2.CfnWebACL.CustomResponseProperty {
ResponseCode = 403,
}
}
},
Scope = "REGIONAL",
VisibilityConfig = new Amazon.CDK.AWS.WAFv2.CfnWebACL.VisibilityConfigProperty {
MetricName = "test",
SampledRequestsEnabled = false,
CloudWatchMetricsEnabled = false
},
Rules = new [] { new Amazon.CDK.AWS.WAFv2.CfnWebACL.RuleProperty {
Name = "myRule",
Priority = 0,
Statement = new Amazon.CDK.AWS.WAFv2.CfnWebACL.StatementProperty {
ByteMatchStatement = new Amazon.CDK.AWS.WAFv2.CfnWebACL.ByteMatchStatementProperty {
PositionalConstraint = "EXACTLY",
SearchString = "POST",
TextTransformations = new [] {new Amazon.CDK.AWS.WAFv2.CfnWebACL.TextTransformationProperty {
Priority = 0,
Type = "NONE"
}},
FieldToMatch = new Amazon.CDK.AWS.WAFv2.CfnWebACL.FieldToMatchProperty {
Method = new Dictionary<string, object> {{ "name", "Post" }}
}
}
},
VisibilityConfig = new Amazon.CDK.AWS.WAFv2.CfnWebACL.VisibilityConfigProperty {
MetricName = "myMEtric",
SampledRequestsEnabled = false,
CloudWatchMetricsEnabled = false
},
Action = new Amazon.CDK.AWS.WAFv2.CfnWebACL.RuleActionProperty {
Allow = new Amazon.CDK.AWS.WAFv2.CfnWebACL.AllowActionProperty {
CustomRequestHandling = new Amazon.CDK.AWS.WAFv2.CfnWebACL.CustomRequestHandlingProperty {
InsertHeaders = new [] { new Amazon.CDK.AWS.WAFv2.CfnWebACL.CustomHTTPHeaderProperty {
Name = "name",
Value = "value"
} }
}
}
}
}}
});