Inspecting HTTP/2 pseudo headers in Amazon WAF - Amazon WAF, Amazon Firewall Manager, Amazon Shield Advanced, and Amazon Shield network security director
Services or capabilities described in Amazon Web Services documentation might vary by Region. To see the differences applicable to the China Regions, see Getting Started with Amazon Web Services in China (PDF).

Introducing a new console experience for Amazon WAF

You can now use the updated experience to access Amazon WAF functionality anywhere in the console. For more details, see Working with the updated console experience.

Inspecting HTTP/2 pseudo headers in Amazon WAF

This section explains how you can use Amazon WAF to inspect HTTP/2 pseudo headers.

Protected Amazon resources that support HTTP/2 traffic do not forward HTTP/2 pseudo headers to Amazon WAF for inspection, but they provide contents of pseudo headers in web request components that Amazon WAF inspects.

You can use Amazon WAF to inspect only the pseudo headers that are listed in the following table.

HTTP/2 pseudo header contents mapped to web request components

HTTP/2 pseudo header

Web request component to inspect

Documentation

:method

HTTP method

HTTP method

:authority

Host header

Single header

All headers

:path URI path

URI path

URI path

:path query

Query string

Query string

Single query parameter

All query parameters