You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
In order to be aware of catalog web traffic status, data.gov teams wants to be notified when AWS WAF rate limiting rule is triggerd and blocks ip addresses.
Acceptance Criteria
[ACs should be clearly demoable/verifiable whenever possible. Try specifying them using BDD.]
GIVEN an AWS WAF Web ACLs rate limit rule is set
WHEN an ip is blocked by the rule
THEN a notification goes out to datagov-alerts channel
AND includes IP address
Background
[Any helpful contextual notes or links to artifacts/evidence, if needed]
Good finding. I was also thinking to pipe the rate limit log to new relic where we can set an alert. Piping log to newrelic give us more info, allowing us to exam user's request info such as uri and browser agent, so we can tell the blocking is good or a mistake.
User Story
In order to be aware of catalog web traffic status, data.gov teams wants to be notified when AWS WAF rate limiting rule is triggerd and blocks ip addresses.
Acceptance Criteria
[ACs should be clearly demoable/verifiable whenever possible. Try specifying them using BDD.]
WHEN an ip is blocked by the rule
THEN a notification goes out to datagov-alerts channel
AND includes IP address
Background
[Any helpful contextual notes or links to artifacts/evidence, if needed]
Security Considerations (required)
None
Sketch
[Notes or a checklist reflecting our understanding of the selected approach]
The text was updated successfully, but these errors were encountered: