Revert "Add WAF Bundle example (#3656)" (#3677)

This reverts commit b649666.
nginxinc · Mar 21, 2023 · df264ff · df264ff
1 parent b649666
commit df264ff
Show file tree

Hide file tree

Showing 3 changed files with 1 addition and 59 deletions.
diff --git a/docs/content/app-protect-waf/configuration.md b/docs/content/app-protect-waf/configuration.md
@@ -19,7 +19,7 @@ The NGINX Ingress Controller has a set of global configuration parameters that a
 
 You can enable and configure NGINX App Protect WAF on the Custom Resources (VirtualServer, VirtualServerRoute) or on the Ingress-resource basis.
 
-To configure NGINX App Protect WAF on a VirtualServer resource, you would create a Policy Custom Resource referencing the `APPolicy` Custom Resource or `APPolicy` Bundle, and add this to the VirtualServer definition. Additional information can be found in the [Policy resource documentation](/nginx-ingress-controller/configuration/policy-resource/#waf).
+To configure NGINX App Protect WAF on a VirtualServer resource, you would create a Policy Custom Resource referencing the APPolicy Custom Resource, and add this to the VirtualServer definition. See the documentation on the [App Protect WAF Policy](/nginx-ingress-controller/configuration/policy-resource/#waf).
 
 To configure NGINX App Protect WAF on an Ingress resource, you would apply the [App Protect annotations](/nginx-ingress-controller/configuration/ingress-resources/advanced-configuration-with-annotations/#app-protect) to each desired resource.
 
@@ -209,29 +209,6 @@ spec:
   tag: Fruits
 ```
 
-## App Protect WAF Bundles
-
-You can define App Protect WAF bundles for VirtualServers by creating policy bundles and putting them on a mounted volume accessible from NGINX Ingress Controller.
-
-
-For example, you can configure a policy by referencing generated WAF Policy Bundle:
-
-> **Note**: Currently we do not support `securityLogs` for policy bundles.
-
-```yaml
-apiVersion: k8s.nginx.org/v1
-kind: Policy
-metadata:
-  name: <policy_name>
-spec:
-  waf:
-    enable: true
-    apBundle: "<policy_bundle_name>.tgz"
-```
-
-> **Note**: Before applying the policy, a WAF Policy Bundle must be created, copied to a volume, and the volume must be mounted to `/etc/nginx/waf/bundles`.
-
-
 ## OpenAPI Specification in NGINX Ingress Controller
 
 The OpenAPI Specification defines the spec file format needed to describe RESTful APIs. The spec file can be written either in JSON or YAML. Using a spec file simplifies the work of implementing API protection. Refer to the [OpenAPI Specification](#https://github.com/OAI/OpenAPI-Specification) (formerly called Swagger) for details.

diff --git a/docs/content/app-protect-waf/installation.md b/docs/content/app-protect-waf/installation.md
@@ -60,39 +60,7 @@ Take the steps below to set up and deploy the NGINX Ingress Controller and App P
     > **Important**: You must have an admin role to configure RBAC in your Kubernetes cluster.
 
 2. [Create the common Kubernetes resources](/nginx-ingress-controller/installation/installation-with-manifests/#2-create-common-resources).
-
 3. Enable the App Protect WAF module by adding the `enable-app-protect` [cli argument](/nginx-ingress-controller/configuration/global-configuration/command-line-arguments/#cmdoption-enable-app-protect) to your Deployment or DaemonSet file.
-
-If you intend to use the NGINX Ingress Controller with the AppProtect WAF module and policy bundles, follow these additional steps:
-
-- Skip configuring custom resource definition for `APPolicy` `APLogConf` and `APUserSig`.
-
-- Create and configure [Persistent Volume and Persistent Volume Claim](https://kubernetes.io/docs/concepts/storage/persistent-volumes/) in your Kubernetes cluster.
-
-- Modify NGINX Ingress Controller Deployment or DaemonSet file to include volumes and volume mounts.
-
-    Make the following changes:
-
-    Add `volumes` section to deployment template spec:
-    ```yaml
-    ...
-    volumes:
-    - name: <volume_name>
-      persistentVolumeClaim:
-        claimName: <claim_name>
-    ...
-    ```
-    Add volume mounts to `containers` section:
-    ```yaml
-    ...
-    volumeMounts:
-      - name: <volume_mount_name>
-        mountPath: /etc/nginx/waf/bundles
-    ...
-    ```
-
-    > **Important**: NGINX Ingress Controller requires the volume mount path to be `/etc/nginx/waf/bundles`
-
 4. [Deploy the Ingress Controller](/nginx-ingress-controller/installation/installation-with-manifests/#3-deploy-the-ingress-controller).
 
 For more information, see the [Configuration guide](/nginx-ingress-controller/app-protect/configuration) and the NGINX Ingress Controller with App Protect example resources on GitHub [for VirtualServer resources](https://github.com/nginxinc/kubernetes-ingress/tree/v3.0.2/examples/custom-resources/app-protect-waf) and [for Ingress resources](https://github.com/nginxinc/kubernetes-ingress/tree/v3.0.2/examples/ingress-resources/app-protect-waf).
diff --git a/docs/content/installation/installation-with-manifests.md b/docs/content/installation/installation-with-manifests.md
@@ -94,9 +94,6 @@ Create a custom resource definition for [GlobalConfiguration](/nginx-ingress-con
 
 3. If you would like to use the App Protect WAF module, create the following additional resources:
 
-    > **Note** This step can be skipped if you are using App Protect WAF module with policy bundles.
-
-
 Create a custom resource definition for `APPolicy`, `APLogConf` and `APUserSig`:
 
    ```