![Core Solutions alt text](https://camo.githubusercontent.com/78358ab0046ca882ec61b78b20cfb6ca0555cb01b7672c4008e96a3d17b52b7a/68747470733a2f2f636f7265736f6c7574696f6e732e6c74642f6d656469612f636f72652d736f6c7574696f6e732d38322e706e67)
![License](https://camo.githubusercontent.com/4fd09fbf73dfd31f009df5f8041e9f93be76a66ce06af0537be7be4fb80c7298/68747470733a2f2f696d672e736869656c64732e696f2f62616467652f4c6963656e73652d417061636865253230322e302d627269676874677265656e2e737667)
A Terraform module to handle the creation of all things WAF
module "waf" {
source = "coresolutions-ltd/wafv2/aws"
name_preifx = "MyAwsomeWAF"
default_action = "block"
scope = "REGIONAL"
rate_limit = 1000
host_header = "example.com"
managed_rules = ["AWSManagedRulesCommonRuleSet",
"AWSManagedRulesAmazonIpReputationList",
"AWSManagedRulesKnownBadInputsRuleSet"]
}
Name |
Version |
aws |
~> 3.0 |
random |
~> 2.0 |
Name |
Description |
Type |
Default |
Required |
default_action |
Default WAF action, can be either allow or block |
string |
"allow" |
no |
denylist |
IP denylist |
list |
[] |
no |
host_header |
Host header value to match, requests with this host header will be allowed. |
string |
null |
no |
managed_rules |
Managed AWS rules to be applied to the web ACL |
list(string) |
[] |
no |
name_prefix |
Name prefix for all resources |
string |
"Core" |
no |
origin_token |
X-Origin-Token header value, requests with this header will be allowed. |
string |
null |
no |
rate_limit |
Allowable rate of requests for each originating IP address in any 5 minute time span |
number |
null |
no |
scope |
Scope to be applied, must be either REGIONAL or CLOUDFRONT |
string |
"REGIONAL" |
no |
tags |
A map of tags to add to resources |
map(string) |
{} |
no |
whitelist |
IP whitelist |
list |
[] |
no |
Name |
Description |
waf_arn |
The WebACL ARN |
waf_id |
The WebACL ID |