This Terraform module can create typical resources needed for using WAF
module "waf_acl_rules" {
source = "github.com/flaconi/terraform-aws-waf-acl-rules"
waf_acl_name = "name"
waf_acl_default_action = "BLOCK"
waf_rules = local.waf_rules
waf_rules = [{
name = "name"
priority = "1"
enabled = false
negated = false
action_type = "ALLOW"
byte_match_tuples = []
ranges = [
{
"value" = "127.0.0.1/32"
},
]
}, {
name = "blockgoogle"
priority = "2"
enabled = true
negated = true
action_type = "BLOCK"
byte_match_tuples = []
ranges = [
{
"value" = "8.8.4.4/32"
},
{
"value" = "8.8.8.8/32"
},
]
}
, {
name = "allowheaderx"
priority = "3"
enabled = true
negated = false
action_type = "ALLOW"
ranges = []
byte_match_tuples = [{
field_to_match_data = "header-X",
target_string = "containsthis"
}]
}
]
}
Name | Version |
---|---|
terraform | >= 0.13 |
aws | >= 4 |
Name | Version |
---|---|
aws | >= 4 |
No modules.
Name | Type |
---|---|
aws_waf_byte_match_set.this | resource |
aws_waf_byte_match_set.uri | resource |
aws_waf_ipset.this | resource |
aws_waf_rule.this | resource |
aws_waf_web_acl.this | resource |
Name | Description | Type | Default | Required |
---|---|---|---|---|
waf_rules | Waf Rules | list(object({ |
[] |
no |
waf_acl_name | Waf Rules | string |
n/a | yes |
waf_acl_default_action | WAF Default Action | string |
n/a | yes |
Name | Description |
---|---|
this_aws_waf_acl_id | waf acl id |
Copyright (c) 2019 Flaconi GmbH