Usm*_*kil 9 amazon-web-services aws-cloudformation amazon-waf amazon-alb
我找不到任何关于如何通过CloudFormation将WAF与ALB相关联的示例或文档.据说可能通过这个新闻公告https://aws.amazon.com/about-aws/whats-new/2017/05/cloudformation-support-for-aws-waf-on-alb/,但没有任何东西我发现这表明如何.使用CloudFront而不是ALB已有详细记录,但我没有找到关于使用ALB(通过CloudFormation)的单个示例.
更新:我不需要一个完整的示例来为我完成整个设置,但至少需要一个片段来指出WAF如何知道与ALB关联,反之亦然.链接是什么缺失.
Usm*_*kil 18
为了解决这个问题,我浏览了他们的发布历史,发现了更新的CloudFormation资源,以支持WAF和ALB http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/ReleaseHistory.html 从那里我能够推断出链接组件是映射WAF和ALB的WebACLA协会.但这也要求您必须使用WAFRegional而不是正常的WebACL.到目前为止,它似乎只意味着在整个代码中将:: WAF更改为:: WAFRegional.
WAFRegional(AWS :: WAFRegional :: WebACL):http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-wafregional-webacl.html
"MyWebACL": {
"Type": "AWS::WAFRegional::WebACL",
"Properties": {
"Name": "WebACL to with three rules",
"DefaultAction": {
"Type": "ALLOW"
},
"MetricName" : "MyWebACL",
"Rules": [
{
"Action" : {
"Type" : "BLOCK"
},
"Priority" : 1,
"RuleId" : { "Ref" : "MyRule" }
},
{
"Action" : {
"Type" : "BLOCK"
},
"Priority" : 2,
"RuleId" : { "Ref" : "BadReferersRule" }
},
{
"Action" : {
"Type" : "BLOCK"
},
"Priority" : 3,
"RuleId" : { "Ref" : "SqlInjRule" }
}
]
}
}
WebACLAssociation(AWS :: WAFRegional :: WebACLAssociation)http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-wafregional-webaclassociation.html
"MyWebACLAssociation": {
"Type": "AWS::WAFRegional::WebACLAssociation",
"Properties": {
"ResourceArn": { "Ref": "MyLoadBalancer" },
"WebACLId": { "Ref": "MyWebACL" }
}
}
| 归档时间: |
|
| 查看次数: |
3361 次 |
| 最近记录: |