1 Answer
- Newest
- Most votes
- Most comments
0
Hello there,
Please find below an example to exclude a rule from AWS Managed Rule:
{
"Resources": {
"PolicyWAFv2": {
"Type": "AWS::FMS::Policy",
"Properties": {
"ExcludeResourceTags": false,
"PolicyName": "Policy",
"RemediationEnabled": false,
"ResourceType": "AWS::ElasticLoadBalancingV2::LoadBalancer",
"SecurityServicePolicyData": {
"Type": "WAFV2",
"ManagedServiceData": {
"Fn::Sub": "{\"type\":\"WAFV2\",\"preProcessRuleGroups\":[{\"ruleGroupArn\":null,\"overrideAction\":{\"type\":\"NONE\"},\"managedRuleGroupIdentifier\":{\"version\":null,\"vendorName\":\"AWS\",\"managedRuleGroupName\":\"AWSManagedRulesAmazonIpReputationList\"},\"ruleGroupType\":\"ManagedRuleGroup\",\"excludeRules\":[{\"name\":\"NoUserAgent_HEADER\"}]}],\"postProcessRuleGroups\":[],\"defaultAction\":{\"type\":\"ALLOW\"},\"overrideCustomerWebACLAssociation\":false,\"loggingConfiguration\":{\"logDestinationConfigs\":[\"arn:aws:firehose:us-west-2:12345678912:deliverystream/aws-waf-logs-fms-admin-destination\"],\"redactedFields\":[{\"redactedFieldType\":\"SingleHeader\",\"redactedFieldValue\":\"Cookies\"},{\"redactedFieldType\":\"Method\"}]}}"
}
}
}
}
}
}
Relevant content
- asked 9 months ago
- Accepted Answerasked a year ago
- AWS OFFICIALUpdated a year ago
- AWS OFFICIALUpdated 8 months ago
- AWS OFFICIALUpdated a year ago
Thanks, Zhiyuan
It works for me.