Module: waf

Terraform module to create and manage AWS WAFv2 rules.

Usage

For a complete example, see examples/complete.

For automated tests of the complete example using bats and Terratest (which tests and deploys the example on AWS), see test.

module "label" {
  source = "cloudposse/label/null"
  # Cloud Posse recommends pinning every module to a specific version
  # version = "x.x.x"

  namespace = "eg"
  stage     = "prod"
  name      = "waf"
  delimiter = "-"

  tags = {
    "BusinessUnit" = "XYZ",
  }
}

module "waf" {
  source = "cloudposse/waf/aws"
  # Cloud Posse recommends pinning every module to a specific version
  # version = "x.x.x"

  geo_match_statement_rules = [
    {
      name     = "rule-10"
      action   = "count"
      priority = 10

      statement = {
        country_codes = ["NL", "GB"]
      }

      visibility_config = {
        cloudwatch_metrics_enabled = true
        sampled_requests_enabled   = false
        metric_name                = "rule-10-metric"
      }
    },
    {
      name     = "rule-11"
      action   = "allow"
      priority = 11

      statement = {
        country_codes = ["US"]
      }

      visibility_config = {
        cloudwatch_metrics_enabled = true
        sampled_requests_enabled   = false
        metric_name                = "rule-11-metric"
      }
    }
  ]

  context = module.label.context
}

Examples

Here is an example of using this module:

• examples/complete - complete example of using this module