terraform-modules icon indicating copy to clipboard operation
terraform-modules copied to clipboard

Published 20 hours ago verified publisher icon cds-snc

Module: WAF ACL

Open patheard opened this issue 3 years ago • 2 comments

Create a Web Application Firewall Access Control List module with sane defaults and priorities.

  • If rate limiting, have it as the first rule.
  • Request size body limit of 8KB to deal with the dangerous defaults.

Examples:

https://github.com/cds-snc/notification-terraform/blob/9cf33a5b3507f3d9f19ceaac7ea14a60e5d19b57/aws/common/waf.tf#L1

https://github.com/cds-snc/forms-terraform/blob/695c5b022adcc4773217903f0a7b83a64b6ed4f1/aws/load_balancer/waf.tf#L2

https://github.com/cds-snc/gc-articles/blob/ec10ad1c59b2b79b1be4e15ab7de5f7c786028fa/infrastructure/terragrunt/aws/load-balancer/waf.tf#L9

patheard avatar Oct 20 '21 14:10 patheard