Questions tagged with AWS WAF

Content language: English

Sort by most recent

Browse through the questions and answers listed below or filter and sort to narrow down your results.

AWS WAF Ruleset with Multple Rules with Cloudformation

I am trying to configure an AWS WAF WebACL using cloud formation. I have been successful in creating a WEBACL with a single rule defined in the AWS::WAFv2::WebACL Rules statement, but as soon as I try to define two or more rules only the last rule in the block is created. There are no errors but I only get the final rule in the block. Does anyone have an example of deploying a WebACL with multiple rules? The required ruleset is: 1. IP deny rule with priority 0 and referenced IPset 2. IP allow rule with priority 1 and referenced IPset 3. Geolocation rule to restrict to GB and allow Example code block: ``` "Rules":[ { "Name": "IPSetDeny", "Priority": 0, "Statement": { "IPSetReferenceStatement": {"ARN": { "Fn::GetAtt" : ["SampleIPSetDeny", "Arn" ]}} }, "Action": { "Block": {} }, "VisibilityConfig": { "SampledRequestsEnabled": true, "CloudWatchMetricsEnabled": true, "MetricName": "aws-waf-logs-dev-inf" }, "Name": "IPSetAllow", "Priority": 1, "Statement": { "IPSetReferenceStatement": {"ARN": { "Fn::GetAtt" : ["SampleIPSetAllow", "Arn" ]}} }, "Action": { "Allow": {} }, "VisibilityConfig": { "SampledRequestsEnabled": true, "CloudWatchMetricsEnabled": true, "MetricName": "aws-waf-logs-dev-inf" }, "Name": "restrict-country", "Priority": 2, "Statement": { "GeoMatchStatement": { "CountryCodes": [ "GB" ] } }, "Action": { "Allow": {} }, "VisibilityConfig": { "SampledRequestsEnabled": true, "CloudWatchMetricsEnabled": true, "MetricName": "aws-waf-logs-dev-inf" } } ] ```
2
answers
0
votes
69
views
asked 3 months ago