Closed davelanglois-ssc closed 10 months ago
@ybellerose I would appreciate your input on this PR
/lgtm Rules as-is will work. observation: you could prepare the rules for the tuning phase by adding the severity level and the opt-out list. Such as: evaluatePreconfiguredWaf('xss-v33-stable', {'sensitivity': 4, 'opt_out_rule_ids': []})
Results is the same as the actual configuration, simply prepare for the next stage when opt-out rule will be required by some application.
update cloud armor policy to use v33 of preconfigured waf rules. All lists are using distinct rules.
The list below are not included in this example as they are more application specific and will be evaluated on a per application basis
credit to Yan Bellerose for this repository https://github.com/ybellerose/GCP-Cloud-Armor/tree/main
closes #730