AWS WAF Regional Regional IPSet
This page shows how to write Terraform and CloudFormation for AWS WAF Regional Regional IPSet and write them securely.
aws_wafregional_ipset (Terraform)
The Regional IPSet in AWS WAF Regional can be configured in Terraform with the resource name aws_wafregional_ipset
. The following sections describe 1 example of how to use the resource and its parameters.
Example Usage from GitHub
resource "aws_wafregional_ipset" "nat" {
name = "natIPSet"
ip_set_descriptor {
type = "IPV4"
value = var.waf_nat_ip
Parameters
-
arn
optional computed - string -
id
optional computed - string -
name
required - string -
ip_set_descriptor
set block
Explanation in Terraform Registry
Provides a WAF Regional IPSet Resource for use with Application Load Balancer.
AWS::WAFRegional::IPSet (CloudFormation)
The IPSet in WAFRegional can be configured in CloudFormation with the resource name AWS::WAFRegional::IPSet
. The following sections describe 10 examples of how to use the resource and its parameters.
Example Usage from GitHub
Type: AWS::WAFRegional::IPSet
Condition: isRegional
Properties:
Name: !Join ['-', [!Ref stackPrefix, 'match-admin-remote-ip']]
IPSetDescriptors:
- Type: IPV4
Type: AWS::WAFRegional::IPSet
Condition: isRegional
Properties:
Name: !Join ['-', [!Ref stackPrefix, 'match-admin-remote-ip']]
IPSetDescriptors:
- Type: IPV4
Type: AWS::WAFRegional::IPSet
Properties:
Name: "GD2ACL ALB IPSet for blacklisted IP adresses"
IPSetDescriptors:
-
Type: "IPV4"
Type: AWS::WAFRegional::IPSet
Properties:
Name: !Join ['-', [!Ref 'AWS::StackName', 'result-ipset']]
LambdaExecutionRole:
Type: AWS::IAM::Role
Type: AWS::WAFRegional::IPSet
Properties:
Name: WhitelistRegional-${self:custom.stage}
IPSetDescriptors:
- Type: IPV4
Value: "88.97.29.77/32"
"Type": "AWS::WAFRegional::IPSet",
"Properties": {
"Name": "WhiteList IP Address Set",
"IPSetDescriptors": [
{
"Type": "IPV4",
"Type": "AWS::WAFRegional::IPSet",
"Properties": {
"Name": "WhiteList IP Address Set",
"IPSetDescriptors": [
{
"Type": "IPV4",
"Type": "AWS::WAFRegional::IPSet",
"Properties": {
"Name": "WhiteList IP Address Set",
"IPSetDescriptors": [
{
"Type": "IPV4",
"Type": "AWS::WAFRegional::IPSet",
"Properties": {
"Name": "WhiteList IP Address Set",
"IPSetDescriptors": [
{
"Type": "IPV4",
"Type": "AWS::WAFRegional::IPSet",
"Properties": {
"Name": "WhiteList IP Address Set",
"IPSetDescriptors": [
{
"Type": "IPV4",
Parameters
-
IPSetDescriptors
optional - List of IPSetDescriptor -
Name
required - String
Explanation in CloudFormation Registry
Note This is AWS WAF Classic documentation. For more information, see AWS WAF Classic in the developer guide. For the latest version of AWS WAF , use the AWS WAFV2 API and see the AWS WAF Developer Guide. With the latest version, AWS WAF has a single set of endpoints for regional and global use. Contains one or more IP addresses or blocks of IP addresses specified in Classless Inter-Domain Routing (CIDR) notation. AWS WAF supports IPv4 address ranges: /8 and any range between /16 through /32. AWS WAF supports IPv6 address ranges: /24, /32, /48, /56, /64, and /128.
To specify an individual IP address, you specify the four-part IP address followed by a
/32
, for example, 192.0/32. To block a range of IP addresses, you can specify /8 or any range between /16 through /32 (for IPv4) or /24, /32, /48, /56, /64, or /128 (for IPv6). For more information about CIDR notation, see the Wikipedia entry Classless Inter-Domain Routing.
Frequently asked questions
What is AWS WAF Regional Regional IPSet?
AWS WAF Regional Regional IPSet is a resource for WAF Regional of Amazon Web Service. Settings can be wrote in Terraform and CloudFormation.
Where can I find the example code for the AWS WAF Regional Regional IPSet?
For Terraform, the datacite/mastino source code example is useful. See the Terraform Example section for further details.
For CloudFormation, the Jagman13/ccwebapp, gaurangdavda/CloudNote and sanudatta11/devops-artifacts source code examples are useful. See the CloudFormation Example section for further details.