Giters

woodonggyu / terraform-aws-wafv2

Terraform module which creates Web Application Firewall (WAFV2)

Home Page:https://registry.terraform.io/modules/woodonggyu/wafv2/aws/latest

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

awsterraformwafv2

terraform-aws-wafv2

Terraform module which creates Web Application Firewall (WAFV2).

Available features

  • AWS Managed Rule Groups
  • Statement
    • IPSetReferenceStatement
    • GeoMatchStatement
    • ByteMatchStatement
    • LabelMatchStatement
    • RateBasedStatement
    • SizeConstraintStatement
    • Logical Statement (And, Or, Not)
    • RegexPatternSetReferenceStatement
  • Associating WAFv2 WebACL with AWS resources (API Gateway, ALB, AWS AppSync)
  • Enabling Logging Configuration
  • Create IP sets

Examples

Requirements

Name Version
terraform >= 1.0.8
aws >= 3.60.0

Providers

Name Version
aws >= 3.60.0

Modules

Name Type

Submodules

Name Type
aws_wafv2_ip_set.this resource
aws_wafv2_regex_pattern_set.this resource

Resources

Name Type
aws_wafv2_web_acl.this resource
aws_wafv2_web_acl_association.this resource
aws_wafv2_web_acl_logging_configuration.this resource

Inputs

Name Description Type Default Required
region The Region of the AWS. string ap-northeast-2 no
name A friendly name of the WebACL. string "" yes
description A friendly description of the WebACL. string null no
scope Specifies whether this is for an AWS CloudFront distribution or for a regional application. string "" yes
default_action The action to perform when a web request doesn't match any of the rules in the WebACL. string allow no
visibility_config Defines and enables Amazon CloudWatch metrics and web request sample collection. object({...}) 
 { 
   cloudwatch_metrics_enabled = false 
   metric_name = "cloudwatch_wafv2_metrics" 
   sampled_requests_enabled = false 
 }
no
rules The processing guidance for a Rule, used by AWS WAF to determine whether a web request matches the rule. any [] yes
tags A tag associated with an AWS resource. map(string) null no
enable_logging_configuration Whether to enable logging configuration. bool false no
log_destination_configs The Amazon Kinesis Data Firehose Amazon Resource Name (ARNs) that you want to associate with the web ACL. list [] no
redacted_fields The parts of the request that you want to keep out of the logs. object({...}) null no
logging_filter Filtering that specifies which web requests are kept in the logs and which are dropped. object({...}) null no
enable_webacl_association Whether to associate ALB with WAFv2 WebACL. bool false no
alb_resource_arn The Amazon Resource Name (ARN) of the resource to associate with the web ACL. list(string) [] no

Outputs

Name Description

Dependencies

This module does not have any dependencies to other modules.

Authors

Module is maintained by Donggyu Woo

License

MIT Licensed. See LICENSE for full details.

About

Terraform module which creates Web Application Firewall (WAFV2)

https://registry.terraform.io/modules/woodonggyu/wafv2/aws/latest

awsterraformwafv2

License:MIT License

Languages

Language:HCL 100.0%