Skip to content

perxhealth/terraform-aws-waf

Repository files navigation

terraform-aws-waf

Lint Status LICENSE

This terraform module creates a Global Web Application Firewall(WAF) Web Acl to be used with Cloudfront.

Dynamic rules:

  • SQL Injection
    • Filter requests that contain possible malicious SQL code. The condition includes filters that evaluate the following parts of requests:
      • Query string (URL & HTML decode transformation)
      • URI (URL & HTML decode transformation)
      • Body (URL & HTML decode transformation)
  • Cross Site Scripting
    • Filters requests that contain possible malicious scripts. The condition includes filters that evaluate the following parts of requests:
      • Query string (URL & HTML decode transformation)
      • URI (URL & HTML decode transformation)
      • Body (URL & HTML decode transformation)
  • IP Blacklist
    • Any IP range add here will be restricted to access the service
  • Network Blacklist
    • Any network range add here will be restricted to access the service

Usage

module "waf_acl" {
  # source             = "git::https://github.com/DNXLabs/terraform-aws-waf.git?ref=0.1.0"
  sql_injection        = true
  cross_site_scripting = true
  ip_blacklist         = {
    enable = true
    list   = [
      "10.0.0.0/24",
      "192.168.0.0/16"
    ]
  }
}

Requirements

Name Version
terraform >= 0.12.0

Providers

Name Version
aws n/a

Inputs

Name Description Type Default Required
cross_site_scripting n/a bool "false" no
ip_blacklist n/a
object({
enable = bool
list = list(string)
})
{
"enable": "false",
"list": []
}
no
sql_injection n/a bool "false" no

Outputs

Name Description
id WAF ACL arn to be consumed

Authors

Module managed by DNX Solutions.

License

Apache 2 Licensed. See LICENSE for full details.

About

No description, website, or topics provided.

Resources

License

Stars

Watchers

Forks

Packages

No packages published

Contributors 4

  •  
  •  
  •  
  •  

Languages