By using AWS re:Post, you agree to the Terms of Use

Questions tagged with AWS WAF

Sort by most recent

Browse through the questions and answers listed below or filter and sort to narrow down your results.

AWS WAF Ruleset with Multple Rules with Cloudformation

I am trying to configure an AWS WAF WebACL using cloud formation. I have been successful in creating a WEBACL with a single rule defined in the AWS::WAFv2::WebACL Rules statement, but as soon as I try to define two or more rules only the last rule in the block is created. There are no errors but I only get the final rule in the block. Does anyone have an example of deploying a WebACL with multiple rules? The required ruleset is: 1. IP deny rule with priority 0 and referenced IPset 2. IP allow rule with priority 1 and referenced IPset 3. Geolocation rule to restrict to GB and allow Example code block: ``` "Rules":[ { "Name": "IPSetDeny", "Priority": 0, "Statement": { "IPSetReferenceStatement": {"ARN": { "Fn::GetAtt" : ["SampleIPSetDeny", "Arn" ]}} }, "Action": { "Block": {} }, "VisibilityConfig": { "SampledRequestsEnabled": true, "CloudWatchMetricsEnabled": true, "MetricName": "aws-waf-logs-dev-inf" }, "Name": "IPSetAllow", "Priority": 1, "Statement": { "IPSetReferenceStatement": {"ARN": { "Fn::GetAtt" : ["SampleIPSetAllow", "Arn" ]}} }, "Action": { "Allow": {} }, "VisibilityConfig": { "SampledRequestsEnabled": true, "CloudWatchMetricsEnabled": true, "MetricName": "aws-waf-logs-dev-inf" }, "Name": "restrict-country", "Priority": 2, "Statement": { "GeoMatchStatement": { "CountryCodes": [ "GB" ] } }, "Action": { "Allow": {} }, "VisibilityConfig": { "SampledRequestsEnabled": true, "CloudWatchMetricsEnabled": true, "MetricName": "aws-waf-logs-dev-inf" } } ] ```
2
answers
0
votes
20
views
asked 17 days ago