By using AWS re:Post, you agree to the Terms of Use
AWS re:Postre:Post

HOW CAN WE LIST ALL Web ACLs and the all the rules inside of those Web ACLs.

0

I'm trying to find any code in cli which I can execute in cloudshell to extract the LIST of ALL Web ACLs and the all the rules inside of those Web ACLs using some for loop. The output should be in text or it can be in csv format.

In both ways using AWS WAF Classic or the new AWS WAF.

Topics
Security, Identity, & ComplianceDeveloper ToolsManagement & Governance
Tags
AWS WAFAWS CloudShellAWS Command Line Interface
Language
English
rePost-User-4327020
asked 3 months ago86 views
2 Answers
0

There is no direct way to list ACLs alongwith rules, needs to be two step process, first you list ACLs and then rules. Please check the below two links.

https://docs.aws.amazon.com/cli/latest/reference/waf/list-web-acls.html https://docs.aws.amazon.com/cli/latest/reference/wafv2/list-resources-for-web-acl.html

AWS
Rishi
answered 3 months ago
0

WAFv2 (the newest WAF) has a nice property where all rules are explicitly listed inside web ACL. You have to fetch the list of web ACLs using list-web-acls and then cycle through the list to fetch individual web ACL using get-web-acl. Pipe the output into a file.

For WAF Classic, the process is similar but rules are referenced from web ACL. So you need to do addition step of cycling through the rules inside web ACL and then fetch individual rule using get-rule. Note the difference in API documentation for WAF Classic and WAFv2.

Doable in most shell using CLI but probably easier to use scripting language like Python for better formatting.

AWS
kumo-hiyori
answered 3 months ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions

Relevant content