AWS WAF IPSet
This page shows how to write Terraform and CloudFormation for AWS WAF IPSet and write them securely.
aws_waf_ipset (Terraform)
The IPSet in AWS WAF can be configured in Terraform with the resource name aws_waf_ipset
. The following sections describe 4 examples of how to use the resource and its parameters.
Example Usage from GitHub
resource "aws_waf_ipset" "office_ipset" {
name = "RIDI Office"
ip_set_descriptors {
type = "IPV4"
value = "218.232.41.2/32"
resource "aws_waf_ipset" "uat-bce-waf-ip-b" {
name = "uat-bce-waf-ip-b"
ip_set_descriptors {
type = "IPV4"
value = "92.54.181.130/32"
resource "aws_waf_ipset" "uat-bce-waf-ip" {
name = "uat-bce-waf-ip"
ip_set_descriptors {
type = "IPV4"
value = "92.54.181.130/32"
resource "aws_waf_ipset" "dev-bce-waf-ip" {
name = "dev-bce-waf-ip"
ip_set_descriptors {
type = "IPV4"
value = "92.54.181.130/32"
Parameters
-
arn
optional computed - string -
id
optional computed - string -
name
required - string -
ip_set_descriptors
set block
Explanation in Terraform Registry
Provides a WAF IPSet Resource
AWS::WAF::IPSet (CloudFormation)
The IPSet in WAF can be configured in CloudFormation with the resource name AWS::WAF::IPSet
. The following sections describe 10 examples of how to use the resource and its parameters.
Example Usage from GitHub
Type: 'AWS::WAF::IPSet'
Properties:
Name: !Join [' - ', [!Ref 'AWS::StackName', 'Whitelist Set']]
WAFBlacklistSet:
Type: 'AWS::WAF::IPSet'
Type: AWS::WAF::IPSet
Properties:
Name: IpBlacklistIpSet
IPSetDescriptors:
- Type: IPV4
Value: "192.0.2.44/32"
Type: AWS::WAF::IPSet
Properties:
Name: IPSet for whitelisted IP adresses
IPSetDescriptors:
- Type: IPV4
Value: 0.0.0.1/32
Type: AWS::WAF::IPSet
Properties:
Name: IPSet for whitelisted IP adresses
IPSetDescriptors:
- Type: IPV4
Value: 0.0.0.1/32
Type: AWS::WAF::IPSet
Properties:
Name: IPSet for whitelisted IP adresses
IPSetDescriptors:
- Type: IPV4
Value: 0.0.0.1/32
"Type": "AWS::WAF::IPSet",
"Properties": {
"Name": "IP Set #1"
}
},
"WAFIPSet2": {
"Type": "AWS::WAF::IPSet",
"Properties": {
"Name": "IP Set #1"
}
},
"WAFIPSet2": {
"Type": "AWS::WAF::IPSet",
"Properties": {
"Name": "IP Set #1"
}
},
"WAFIPSet2": {
"Type": "AWS::WAF::IPSet",
"Properties": {
"Name": "IP Set #1"
}
},
"WAFIPSet2": {
"Type": "AWS::WAF::IPSet",
"Properties": {
"Name": {
"Ref": "ManualIPCondition1"
}
}
Parameters
-
IPSetDescriptors
optional - List of IPSetDescriptor -
Name
required - String
Explanation in CloudFormation Registry
Note This is AWS WAF Classic documentation. For more information, see AWS WAF Classic in the developer guide. For the latest version of AWS WAF , use the AWS WAFV2 API and see the AWS WAF Developer Guide. With the latest version, AWS WAF has a single set of endpoints for regional and global use. Contains one or more IP addresses or blocks of IP addresses specified in Classless Inter-Domain Routing (CIDR) notation. AWS WAF supports IPv4 address ranges: /8 and any range between /16 through /32. AWS WAF supports IPv6 address ranges: /24, /32, /48, /56, /64, and /128.
To specify an individual IP address, you specify the four-part IP address followed by a
/32
, for example, 192.0/32. To block a range of IP addresses, you can specify /8 or any range between /16 through /32 (for IPv4) or /24, /32, /48, /56, /64, or /128 (for IPv6). For more information about CIDR notation, see the Wikipedia entry Classless Inter-Domain Routing.
Frequently asked questions
What is AWS WAF IPSet?
AWS WAF IPSet is a resource for WAF of Amazon Web Service. Settings can be wrote in Terraform and CloudFormation.
Where can I find the example code for the AWS WAF IPSet?
For Terraform, the ridi/frontend-provisions, MatthewRawling/BCP-terraform and MatthewRawling/BCP-terraform source code examples are useful. See the Terraform Example section for further details.
For CloudFormation, the Pabby92/aws-cloudformation-sample-templates, PRX/Infrastructure and DanteInc/js-cloud-native-cookbook source code examples are useful. See the CloudFormation Example section for further details.