Easily protect your AWS CDK-defined infrastructure with AWS WAFv2

Source: aws.amazon.com

Easily protect your AWS CDK-defined infrastructure with AWS WAFv2
Security is a shared responsibility between AWS and the customer. When we use infrastructure as code (IaC) we want to describe workloads wholistically, and that includes the configuration of firewalls alongside the entrypoints to web applications.

Given that you have an existing web application defined in AWS CDK, we want to add a WAFv2 web ACL to its entrypoint.

First, let’s give the AWS WAF module a nicely readable name: import { aws_wafv2 as wafv2 } from 'aws-cdk-lib'; Then, we define the AWS WAFv2 web ACL in AWS CDK: const cfnWebACL = new wafv2.CfnWebACL(this,'MyCDKWebAcl' defaultAction: { allow: {}}, visibilityConfig: { cloudWatchMetricsEnabled: true, metricName:'MetricForWebACLCDK', sampledRequestsEnabled: true, }, name:‘MyCDKWebAcl’, rules: [{ name: 'CRSRule', priority: 0, statement: { managedRuleGroupStatement: { name:'AWSManagedRulesCommonRuleSet', vendorName:'AWS' }}, visibilityConfig: { cloudWatchMetricsEnabled: true, metricName:'MetricForWebACLCDK-CRS', sampledRequestsEnabled: true, }, overrideAction: { none: {}}, }]}); The highlighted line references the CRS managed rule group as one Rule in the list.

Attach the AWS WAFv2 web ACL to an Application Load Balancer, AWS AppSync API, or API Gateway
Read Full Article On aws.amazon.com
Achieve superior email deliverability with ToastMail! Our AI-driven tool warms up inboxes, monitors reputation, and ensures emails reach their intended destination. Sign up today for a spam-free future.

Related Articles

Community Partners
CrowdSec
Autonomous.ai | Best Standing Desks & Ergonomic Office Chairs

Koho

Shift

Become a Partner?
DevOps Careers
    • Add a Job?