Skip to content

Commit

Permalink
Merge branch 'main' into fix/workflow-json-encoding
Browse files Browse the repository at this point in the history
  • Loading branch information
@andrewleith
andrewleith authored Jan 10, 2025
2 parents 133bf60 + c5f6977 commit e843d16
Showing 1 changed file with 37 additions and 15 deletions.
52 changes: 37 additions & 15 deletions aws/eks/waf.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -536,23 +536,46 @@ resource "aws_wafv2_web_acl" "notification-canada-ca" {
limit = var.non_api_waf_rate_limit
aggregate_key_type = "IP"
scope_down_statement {
not_statement {
and_statement {
statement {
byte_match_statement {
positional_constraint = "STARTS_WITH"
field_to_match {
single_header {
name = "host"
not_statement {
statement {
byte_match_statement {
positional_constraint = "EXACTLY"
search_string = var.waf_secret
field_to_match {
single_header {
name = "waf-secret"
}
}
text_transformation {
priority = 1
type = "NONE"
}
}
}
search_string = "api"
text_transformation {
priority = 1
type = "COMPRESS_WHITE_SPACE"
}
text_transformation {
priority = 2
type = "LOWERCASE"
}
}
statement {
not_statement {
statement {
byte_match_statement {
positional_constraint = "STARTS_WITH"
field_to_match {
single_header {
name = "host"
}
}
search_string = "api"
text_transformation {
priority = 1
type = "COMPRESS_WHITE_SPACE"
}
text_transformation {
priority = 2
type = "LOWERCASE"
}
}
}
}
}
Expand All @@ -561,7 +584,6 @@ resource "aws_wafv2_web_acl" "notification-canada-ca" {
}
}
}

rule {
name = "ApiRateLimit"
priority = 210
Expand Down

0 comments on commit e843d16

Please sign in to comment.