Elastic Beanstalk configuration for WAF

Question

I recently added a WAF Web ACL to my Elastic Beanstalk (EB) environment. Every time I launch a new EB environment the load balancer changes and I have to manually updated the "Associated AWS Resources" for the Web ACL. Is there an ebextensions configuration I can use to do that automatically? I found a similar [question](https://repost.aws/questions/QU_ICNLnvWSka4pjVlQGuW8g/how-to-associate-web-acl-rule-to-eb-alb-on-creation) from 10 months ago but the answers seem overly complicated. Surely there is something I can add to my ebextensions?

Accepted Answer

How about creating a config under "/ebextensions/" that ties the WAF to it?  
I thought that ALB could be tied to WAF every time by creating the following configuration.  
https://docs.aws.amazon.com/elasticbeanstalk/latest/dg/environment-resources.html
```
Resources:
  WebACLAssociation:
    Type: AWS::WAFv2::WebACLAssociation
    Properties:
      ResourceArn: '`{ "Ref" : "AWSEBV2LoadBalancer" }`'
      WebACLArn: {Web ACL ARN}
```

If this setup does not work, I think the only way to do it is to use Eventbridge and Lambda as in the answer at the URL you described.  
https://docs.aws.amazon.com/elasticbeanstalk/latest/dg/AWSHowTo.eventbridge.html

Elastic Beanstalk configuration for WAF

関連するコンテンツ