By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post

Can I increase the number of country list from AWS WAF rule configuration from 50?

0

I set a WAF rule to limit the country list to allow traffic and block the requests for other countries not on the list.

I can provide a maximum of 50 countries listed in the rule. I am getting a validation error if the list exceeds 50. WAF validation error

Can we provide a country list of more than 50? Is there any possibility to increase this limit?

Topics
Security, Identity, & ComplianceAWS Well-Architected Framework
Tags
AWS WAFAWS Firewall ManagerSecurity
Language
English
Jothi
asked 6 months ago921 views
1 Answer
2

It seems we have geo restrictions of limit 50 countries at maximum thus this is not possible with individual rule.

Having said that the work-around to this issue is creating two Geo Matching statements with 'OR' condition and each statements with certain number of country codes you would like blocked.

Below is the JSON format from the console I have tested by creating two geo match statement using the 'Or' condition

"Statement": {
    "OrStatement": {
      "Statements": [
        {
          "GeoMatchStatement": {
            "CountryCodes": [
              "AD",
              "AI",
              "AL"
            ]
          }
        },
        {
          "GeoMatchStatement": {
            "CountryCodes": [
              "BS",
              "BD",
              "BY"
            ]
          }
        }
      ]
    }
  }
}
AWS
Makendran G
answered 6 months ago
  • Jothi
    6 months ago

    Thanks for your Answer. I will try this and update..

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions

Relevant content