AWS re:Post을(를) 사용하면 다음에 동의하게 됩니다. AWS re:Post 이용 약관
AWS re:Postre:Post

WAF managed rules blocking SES incoming email notifications

0

I use SES incoming email for a discussion groups feature. When an email arrives, SES is configured to notify an SNS topic, which in turn POSTs to an HTTPS endpoint on my backend via a CloudFront distribution. This stopped working some time between Dec 5 and 24: the POST from SNS was showing as 403 Forbidden / Error in the CloudFront logs. After some trial and error, I discovered that by turning off the AWS WAF WindowsManagedRuleSet on my CloudFront distribution, I could fix the problem. Has anyone else seen this? It seems like an obvious false positive if AWS WAF rules are blocking AWS SESS notifications.

주제
보안, 신원 및 규정 준수프론트엔드 웹 및 모바일비즈니스 애플리케이션
태그
AWS WAF아마존 심플 이메일 서비스
언어
English
Chris-D
질문됨 2년 전535회 조회
1개 답변
0

Hello, Chris,

I found this AWS document on mitigation of false positives in WAF (1) and how to override rules in the group to identify which is causing the issue. I see 6 rules in the Windows Operating System managed rule in my own account. You can set individual rules to "count" one at a time to identify which may be preventing your SNS topic from posting. See the documentation link for details.

If you can identify the rule causing the issue and don't mind leaving it in "count", you can go that route. Otherwise, if you have a CloudFront request Id (x-amz-cf-id), this can be investigated further via a support case.

** RESOURCES **

  1. AWS Managed Rules for AWS WAF - https://docs.aws.amazon.com/waf/latest/developerguide/aws-managed-rule-groups.html
AWS
지원 엔지니어
Ron_H
답변함 2년 전

로그인하지 않았습니다. 로그인해야 답변을 게시할 수 있습니다.

좋은 답변은 질문에 명확하게 답하고 건설적인 피드백을 제공하며 질문자의 전문적인 성장을 장려합니다.

질문 답변하기에 대한 가이드라인

관련 콘텐츠