Posted On: Feb 12, 2021

AWS WAF can now natively parse request body JSON content, allowing you to inspect specific keys or values of the JSON content with AWS WAF rules. This capability helps you protect your APIs by checking for valid JSON structure, inspecting the JSON content for common threats against your application, and reducing false positives by inspecting only the keys or values in the JSON content.

You can get started with JSON body inspection by creating a new WAF rule or modifying an existing rule. To enable, set the field to match as JSON body when defining the rule statement. You can use JSON Pointer syntax to select specific keys or values for inspection, or simply inspect all key-value pairs found within the JSON.

There is no additional cost for this new feature, but standard service charges for AWS WAF will still apply. This feature is available in all AWS WAF regions and for each supported service, including Amazon CloudFront, Application Load Balancer, Amazon API Gateway, and AWS AppSync. To learn more, please see the AWS WAF developer guide here.