Top / Amazon Web Service / AWS WAF Regional / Regional Rule

AWS WAF Regional Regional Rule

This page shows how to write Terraform and CloudFormation for AWS WAF Regional Regional Rule and write them securely.

terraform-logo

Review your .tf file for AWS best practices

Shisho Cloud, our free checker to make sure your Terraform configuration follows best practices, is available (beta).

aws_wafregional_rule (Terraform)

The Regional Rule in AWS WAF Regional can be configured in Terraform with the resource name aws_wafregional_rule. The following sections describe 1 example of how to use the resource and its parameters.

Example Usage from GitHub

waf_rule.tf#L1
resource "aws_wafregional_rule" "detect_admin_access" {
  name        = "detect-admin-access"
  metric_name = "detectadminaccess"
  tags        = var.tags

  predicate {

Review your Terraform file for AWS best practices

Shisho Cloud, our free checker to make sure your Terraform configuration follows best practices, is available (beta).

Parameters

>> from Terraform Registry

Explanation in Terraform Registry

Provides an WAF Regional Rule Resource for use with Application Load Balancer.

>> from Terraform Registry

AWS::WAFRegional::Rule (CloudFormation)

The Rule in WAFRegional can be configured in CloudFormation with the resource name AWS::WAFRegional::Rule. The following sections describe 10 examples of how to use the resource and its parameters.

Example Usage from GitHub

csye6225-cf-application-waf-temp.yml#L44
    Type: AWS::WAFRegional::Rule
    Properties:
      MetricName: 'mitigatesqli'
      Name: !Sub '${AWS::StackName}-mitigate-sqli'
      Predicates:
        - Type: SqlInjectionMatch
csye6225-cf-application-waf-temp.yml#L44
    Type: AWS::WAFRegional::Rule
    Properties:
      MetricName: 'mitigatesqli'
      Name: !Sub '${AWS::StackName}-mitigate-sqli'
      Predicates:
        - Type: SqlInjectionMatch
csye6225-cf-application-waf-temp.yml#L44
    Type: AWS::WAFRegional::Rule
    Properties:
      MetricName: 'mitigatesqli'
      Name: !Sub '${AWS::StackName}-mitigate-sqli'
      Predicates:
        - Type: SqlInjectionMatch
csye6225-cf-application-waf-temp.yml#L44
    Type: AWS::WAFRegional::Rule
    Properties:
      MetricName: 'mitigatesqli'
      Name: !Sub '${AWS::StackName}-mitigate-sqli'
      Predicates:
        - Type: SqlInjectionMatch
waf-regional.yml#L127
    Type: AWS::WAFRegional::Rule
    Properties:
      Name: !Sub ${StackPrefix}SecurityRule
      MetricName: SecurityRule
      Predicates:
        - DataId: !Ref LimitRequestSize
csye6225-cf-waf.json#L84
      "Type": "AWS::WAFRegional::Rule",
      "Properties": {
        "Name": "SQL Injection Rule",
        "MetricName": "SqlInjRule",
        "Predicates": [
          {
csye6225-cf-waf.json#L78
      "Type": "AWS::WAFRegional::Rule",
      "Properties": {
        "Name": "SQL Injection Rule",
        "MetricName": "SqlInjRule",
        "Predicates": [
          {
csye6225-firewall.json#L62
          "Type":"AWS::WAFRegional::Rule",
          "Properties":{
              "MetricName":"mitigatesqli",
              "Name":"mitigate-sqli",
              "Predicates":[{
                  "Type":"SqlInjectionMatch",
web-acl-template.json#L47
            "Type": "AWS::WAFRegional::Rule",
            "Properties": {
                "Name": "${stack}-${instance}-size-restrictions-rule",
                "MetricName": "${stack}${instance}SizeRestrictionsRule",
                "Predicates": [
                    {
csye6225-cf-WAFResource.json#L15
            "Type": "AWS::WAFRegional::Rule",
            "Properties": {
                "Name": "MyIPSetRule",
                "MetricName": "MyIPSetRule",
                "Predicates": [
                    {

Parameters

>> from AWS CloudFormation Documentation

Explanation in CloudFormation Registry

Note This is AWS WAF Classic documentation. For more information, see AWS WAF Classic in the developer guide. For the latest version of AWS WAF , use the AWS WAFV2 API and see the AWS WAF Developer Guide. With the latest version, AWS WAF has a single set of endpoints for regional and global use. A combination of ByteMatchSet, IPSet, and/or SqlInjectionMatchSet objects that identify the web requests that you want to allow, block, or count. For example, you might create a Rule that includes the following predicates:+ An IPSet that causes AWS WAF to search for web requests that originate from the IP address 192.0.2.44 + A ByteMatchSet that causes AWS WAF to search for web requests for which the value of the User-Agent header is BadBot.

To match the settings in this Rule, a request must originate from 192.0.2.44 AND include a User-Agent header for which the value is BadBot.

>> from AWS CloudFormation Documentation

The Other Related AWS WAF Regional Resources

Frequently asked questions

What is AWS WAF Regional Regional Rule?

AWS WAF Regional Regional Rule is a resource for WAF Regional of Amazon Web Service. Settings can be wrote in Terraform and CloudFormation.

Where can I find the example code for the AWS WAF Regional Regional Rule?

For Terraform, the dwp/dataworks-metrics-infrastructure source code example is useful. See the Terraform Example section for further details.

For CloudFormation, the gandhi-mansi/csye6225-su19-ccwebapp, cyrilsebastian1811/csye6225-webapp and cyrilsebastian1811/Library-Management-System source code examples are useful. See the CloudFormation Example section for further details.

security-icon

Automate config file reviews on your commits

Fix issues in your infrastructure as code with auto-generated patches.

Table of Contents