AWS Web Application Firewall only evaluates the first 8 KB of a request body. Having a request body greater than 8 KB could allow attackers to embed payload within the request.
In AWS Console -
In Terraform -
References:
https://docs.aws.amazon.com/waf/latest/developerguide/web-acl.html
https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/waf_size_constraint_set