How to exclude allowlist from WAF rule?

h2oearth · April 6, 2023, 12:37am

I implemented the following custom WAF rule in Terraform and wondered if I missed something in the statement section!

resource "aws_wafv2_ip_set" "allow" {
  addresses          = var.allowlist
  description        = "Allowlist IP set "
  ip_address_version = "IPV4"
  name               = "ip-set"
  scope              = var.scope
}

rule {
    name     = "rule-test"
    priority = 10

    action {
      block {}
    }

    statement {
      rate_based_statement {
        limit              = 2000 
        aggregate_key_type = "IP"

        scope_down_statement {
          not_statement {
            statement {
              ip_set_reference_statement {
                arn = aws_wafv2_ip_set.allow.arn
              }
            }
          }
        }
      }
    }

    visibility_config {
      cloudwatch_metrics_enabled = true
      metric_name                = "rule-rate-limit-per-ip"
      sampled_requests_enabled   = true
    }
  }

macmiranda · April 6, 2023, 6:46am

What exactly is the problem?

Topic		Replies	Views
WAF web acl statements AWS waf	0	210	March 19, 2024
How to block waf rule actions in aws_wafv2_web_acl AWS	0	173	November 27, 2023
Aws_wafv2_web_acl not working with ratebasedrule and nested and/or AWS	0	548	October 9, 2020
[Solved] Unsupported aws_wafv2_web_acl configuration or did I get the syntax wrong? AWS	1	1230	October 1, 2021
Error on rate_based_statement, to ignore internal ips and apply rate limit on all other Ips HashiCorp Cloud Platform (HCP)	0	447	June 1, 2022

How to exclude allowlist from WAF rule?

Related topics