By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post

Building custom ACL based on the content inside the jwt token

1

I am building a solution to read JWT token in ALB logs then it should block the request through WAF rules. the main point is i want to decode the JWT token in WAF at the time request hit in WAF and based on some conditon after decoding the JWT , WAF will allow or block the request, Some how i am not able to find the place where should i write this logic. i tried to modify "aws-waf-security-automations" but not get success. if anybody has idea...

Topics
Security, Identity, & Compliance
Tags
AWS WAF
Language
English
rePost-User-1763805
asked a year ago705 views
1 Answer
0

Hi, currently AWS WAF does not have the capability to decipher JWT token and trigger some rules based on JWT content body. There is an existing feature request to support this feature.

As of now there is no ETA since AWS does not publicize the roadmap items; however, as soon as it gets released, it should be publicly announced in either one of our webpage.

What’s New with AWS: https://aws.amazon.com/new/ http://aws.amazon.com/blogs/aws/

AWS
SUPPORT ENGINEER
rePost-User-5752182
answered a year ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions

Relevant content