This repository has been archived by the owner on Jun 30, 2023. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 6
/
main.tf
47 lines (33 loc) · 1.94 KB
/
main.tf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
data "aws_caller_identity" "current" {}
locals {
# Current Account Id
account_id = data.aws_caller_identity.current.account_id
# Valid Actions
actions = ["BLOCK", "COUNT"]
# Determine if the SQLi rule is enabled
is_sqli_enabled = var.enabled && contains(local.actions, var.rule_sqli) ? 1 : 0
# Determine if the AuthToken rule is enabled
is_auth_tokens_enabled = var.enabled && contains(local.actions, var.rule_auth_tokens) ? 1 : 0
# Determine if the XSS rule is enabled
is_xss_enabled = var.enabled && contains(local.actions, var.rule_xss) ? 1 : 0
# Determine if the RFI/LFI rule is enabled
is_rfi_lfi_enabled = var.enabled && contains(local.actions, var.rule_rfi_lfi) ? 1 : 0
# Determine if the Admin Access rule is enabled
is_admin_access_enabled = var.enabled && contains(local.actions, var.rule_admin_access) ? 1 : 0
# Determine if the PHP rule is enabled
is_php_enabled = var.enabled && contains(local.actions, var.rule_php) ? 1 : 0
# Determine if the Size Constraints rule is enabled
is_size_constraints_enabled = var.enabled && contains(local.actions, var.rule_size_constraints) ? 1 : 0
# Determine if the CSRF rule is enabled
is_csrf_enabled = var.enabled && contains(local.actions, var.rule_csrf) ? 1 : 0
# Determine if the SSI rule is enabled
is_ssi_enabled = var.enabled && contains(local.actions, var.rule_ssi) ? 1 : 0
# Determine if the IP Blacklist rule is enabled
is_ip_blacklist_enabled = var.enabled && contains(local.actions, var.rule_ip_blacklist) ? 1 : 0
# Determine if Rate Limiting is enabled
is_rate_limit_enabled = var.enabled && contains(local.actions, var.rule_rate_limit) ? 1 : 0
# Determine if the Country of Origin rule is enabled
is_country_of_origin_enabled = var.enabled && contains(local.actions, var.rule_country_of_origin) ? 1 : 0
# Determine if Kinesis Firehose Logs is enabled
is_kinesis_firehose_logs_enabled = var.enabled && var.kinesis_firehose_logs_enabled ? 1 : 0
}