ACFP 示例:响应检查配置 - AWS WAF、AWS Firewall Manager 和 AWS Shield Advanced

ACFP 示例:响应检查配置

以下 JSON 列表显示了带有 AWS WAF 欺诈控制账户创建欺诈预防(ACFP)托管规则组的 Web ACL 示例,该规则组配置成检查源响应。请注意响应检查配置,它指定了成功和响应状态代码。您还可以根据标头、正文和正文 JSON 匹配来配置成功和响应设置。此 JSON 包含 Web ACL 自动生成的设置,例如标签命名空间和 Web ACL 的应用程序集成 URL。

注意

ATP 响应检查仅在保护 CloudFront 分配的 Web ACL 中可用。

{ "Name": "simpleACFP", "Id": "... ", "ARN": "arn:aws:wafv2:us-east-1:111122223333:regional/webacl/simpleACFP/... ", "DefaultAction": { "Allow": {} }, "Description": "", "Rules": [ { "Name": "AWS-AWSManagedRulesACFPRuleSet", "Priority": 0, "Statement": { "ManagedRuleGroupStatement": { "VendorName": "AWS", "Name": "AWSManagedRulesACFPRuleSet", "ManagedRuleGroupConfigs": [ { "AWSManagedRulesACFPRuleSet": { "CreationPath": "/web/signup/submit-registration", "RegistrationPagePath": "/web/signup/registration", "RequestInspection": { "PayloadType": "JSON", "UsernameField": { "Identifier": "/form/username" }, "PasswordField": { "Identifier": "/form/password" }, "EmailField": { "Identifier": "/form/email" }, "PhoneNumberFields": [ { "Identifier": "/form/country-code" }, { "Identifier": "/form/region-code" }, { "Identifier": "/form/phonenumber" } ], "AddressFields": [ { "Identifier": "/form/name" }, { "Identifier": "/form/street-address" }, { "Identifier": "/form/city" }, { "Identifier": "/form/state" }, { "Identifier": "/form/zipcode" } ] }, "ResponseInspection": { "StatusCode": { "SuccessCodes": [ 200 ], "FailureCodes": [ 401 ] } }, "EnableRegexInPath": false } } ] } }, "OverrideAction": { "None": {} }, "VisibilityConfig": { "SampledRequestsEnabled": true, "CloudWatchMetricsEnabled": true, "MetricName": "AWS-AWSManagedRulesACFPRuleSet" } } ], "VisibilityConfig": { "SampledRequestsEnabled": true, "CloudWatchMetricsEnabled": true, "MetricName": "simpleACFP" }, "Capacity": 50, "ManagedByFirewallManager": false, "RetrofittedByFirewallManager": false, "LabelNamespace": "awswaf:111122223333:webacl:simpleACFP:" }