Building custom ACL based on the content inside the jwt token

I am building a solution to read JWT token in ALB logs then it should block the request through WAF rules. the main point is i want to decode the JWT token in WAF at the time request hit in WAF and based on some conditon after decoding the JWT , WAF will allow or block the request, Some how i am not able to find the place where should i write this logic. i tried to modify "aws-waf-security-automations" but not get success. if anybody has idea...

トピック

セキュリティ、アイデンティティ、コンプライアンス

タグ

AWS WAF

言語

English

rePost-User-1763805

質問済み 1年前731ビュー

1回答

新しい順
投票が多い順
コメントが多い順

これらの回答は役に立ちましたか？コミュニティがあなたの知識を活用できるように、正解に賛成票を投じてください。

Hi, currently AWS WAF does not have the capability to decipher JWT token and trigger some rules based on JWT content body. There is an existing feature request to support this feature.

As of now there is no ETA since AWS does not publicize the roadmap items; however, as soon as it gets released, it should be publicly announced in either one of our webpage.

What’s New with AWS: https://aws.amazon.com/new/ http://aws.amazon.com/blogs/aws/

サポートエンジニア

rePost-User-5752182

回答済み 1年前

Building custom ACL based on the content inside the jwt token

関連するコンテンツ