'Wafv2 with terraform. how to do I exclude rules?
I created a WAFV2 as a modules and this is part of my code
name = var.name
description = "WAFv2 ACL for ${var.name}"
scope = var.scope
default_action {
allow {}
}
visibility_config {
cloudwatch_metrics_enabled = true
sampled_requests_enabled = true
metric_name = var.name
}
dynamic "rule" {
for_each = var.managed_rules
content {
name = rule.value.name
priority = rule.value.priority
override_action {
dynamic "none" {
for_each = rule.value.override_action == "none" ? [1] : []
content {}
}
dynamic "count" {
for_each = rule.value.override_action == "count" ? [1] : []
content {}
}
}
But after setting up kinesis firehouse I noticed some requests are been blocked by WAFV2, can anyone help me to figure out how to exclude some of the AwsManagdRules been blocked? here are some examples of them. "CrossSiteScripting_BODY", "GenericLFI_BODY"
but I tried something like this one below in the tableau server using the waf is this correct?
name = aws_wafv2_rule_group.aws-wafv2-tableau.name
arn = aws_wafv2_rule_group.aws-wafv2-tableau.arn
priority = 0
override_action = "allow"
excluded_rules = ["CrossSiteScripting_BODY","GenericLFI_BODY"]
}]```
amazon-web-servicesSources
This article follows the attribution requirements of Stack Overflow and is licensed under CC BY-SA 3.0.
Source: Stack Overflow
| Solution | Source |
|---|