Flaconi/terraform-aws-waf-acl-rules

Module for simple management of WAF Rules and the ACL

WAF ACL Rules

This Terraform module can create typical resources needed for using WAF

Usage

WAF ACL

module "waf_acl_rules" {
  source = "github.com/flaconi/terraform-aws-waf-acl-rules"
  waf_acl_name           = "name"
  waf_acl_default_action = "BLOCK"
  waf_rules              = local.waf_rules
  waf_rules = [{
    name              = "name"
    priority          = "1"
    enabled           = false
    negated           = false
    action_type       = "ALLOW"
    byte_match_tuples = []
    ranges = [
      {
        "value" = "127.0.0.1/32"
      },
    ]
    }, {
    name              = "blockgoogle"
    priority          = "2"
    enabled           = true
    negated           = true
    action_type       = "BLOCK"
    byte_match_tuples = []
    ranges = [
      {
        "value" = "8.8.4.4/32"
      },
      {
        "value" = "8.8.8.8/32"
      },
    ]
    }
    , {
      name         = "allowheaderx"
      priority     = "3"
      enabled      = true
      negated      = false
      action_type  = "ALLOW"
      ranges       = []
      byte_match_tuples = [{
        field_to_match_data = "header-X",
        target_string       = "containsthis"
      }]
    }
  ]
}

Requirements

Name	Version
terraform	>= 0.13
aws	>= 4

Providers

Name	Version
aws	>= 4

Modules

No modules.

Resources

Name	Type
aws_waf_byte_match_set.this	resource
aws_waf_byte_match_set.uri	resource
aws_waf_ipset.this	resource
aws_waf_rule.this	resource
aws_waf_web_acl.this	resource

Inputs

Name	Description	Type	Default	Required
waf_rules	Waf Rules	list(object({ name = string enabled = bool priority = string negated = bool action_type = string ranges = list(map(string)) byte_match_tuples = list(map(string)) uri_match = list(map(string)) }))	[]	no
waf_acl_name	Waf Rules	string	n/a	yes
waf_acl_default_action	WAF Default Action	string	n/a	yes

Outputs

Name	Description
this_aws_waf_acl_id	waf acl id

License

MIT

Copyright (c) 2019 Flaconi GmbH