waf
cloudposse/waf/aws
Terraform module to create and manage AWS WAFv2 rules. > [!TIP] > #### 👽 Use Atmos with Terraform > Cloud Posse uses atmos to easily orchestrate multiple environments using Terraform. > Works with Github Actions, Atlantis, or Spacelift. > > > Watch demo of using Atmos with Terraform > > Example of running atmos to manage infrastructure from our Quick Start tutorial. > Usage For a complete example, see examples/complete. For automated tests of the complete example using bats and Terratest (which tests and deploys the example on AWS), see test. ```hcl module "label" { source = "cloudposse/label/null" # Cloud Posse recommends pinning every module to a specific version # version = "x.x.x" namespace = "eg" stage = "prod" name = "waf" delimiter = "-" tags = { "BusinessUnit" = "XYZ", } } module "
| Name | Type | Description | Default |
|---|---|---|---|
| visibility_config | object({ cloudwatch_metric | Defines and enables Amazon CloudWatch metrics and web request sample collection. | |
| context | any | Single object for setting entire context at once. See description of individual | {
"additional_tag_map": {},
"attribu |
| label_order | list(string) | The order in which the labels (ID elements) appear in the `id`. Defaults to ["na | null |
| default_action | string | Specifies that AWS WAF should allow requests by default. Possible values: `allow | "block" |
| byte_match_statement_rules | list(object({ name = s | A rule statement that defines a string match search for AWS WAF to apply to web | null |
| managed_rule_group_statement_rules | list(object({ name | A rule statement used to run the rules that are defined in a managed rule group. | null |
| regex_match_statement_rules | list(object({ name = s | A rule statement used to search web request components for a match against a sin | null |
| log_destination_configs | list(string) | The Amazon Kinesis Data Firehose, CloudWatch Log log group, or S3 bucket Amazon | [] |
| namespace | string | ID element. Usually an abbreviation of your organization name, e.g. 'eg' or 'cp' | null |
| label_value_case | string | Controls the letter case of ID elements (labels) as included in `id`, set as tag | null |
| custom_response_body | map(object({ content | Defines custom response bodies that can be referenced by custom_response actions | {} |
| token_domains | list(string) | Specifies the domains that AWS WAF should accept in a web request token. This en | null |
| geo_match_statement_rules | list(object({ name = s | A rule statement used to identify web requests based on country of origin. acti | null |
| default_block_custom_response_body_key | string | References the default response body that you want AWS WAF to return to the web | null |
| stage | string | ID element. Usually used to indicate role, e.g. 'prod', 'staging', 'source', 'bu | null |
| delimiter | string | Delimiter to be used between ID elements. Defaults to `-` (hyphen). Set to `""` | null |
| label_key_case | string | Controls the letter case of the `tags` keys (label names) for tags generated by | null |
| description | string | A friendly description of the WebACL. | "Managed by Terraform" |
| regex_pattern_set_reference_statement_rules | list(object({ name = s | A rule statement used to search web request components for matches with regular | null |
| association_resource_arns | list(string) | A list of ARNs of the resources to associate with the web ACL. This must be an A | [] |
| default_block_response | string | A HTTP response code that is sent when default block action is used. Only takes | null |
| … and 3 more inputs | |||
id — The ID of the WAF WebACL.arn — The ARN of the WAF WebACL.capacity — The web ACL capacity units (WCUs) currently being used by this web ACL.logging_config_id — The ARN of the WAFv2 Web ACL logging configuration.Terraform module for provisioning a general purpose EC2 host
Terraform module to configure AWS Single Sign-On (SSO)
This module configures AWS Config, a service that enables you to assess, audit,
Terraform module to provision Service Control Policies (SCP) for AWS Organizatio