search

aws-solutions-library-samples / guidance-for-custom-game-backend-hosting-on-aws

The AWS Game Backend Framework allows you to integrate your game clients with AWS backend services, with secure scalable identity management and authentication, and integrations to commonly used game platform identity providers and game engines.
https://aws.amazon.com/solutions/guidance/custom-game-backend-hosting-on-aws/
MIT No Attribution
28 stars 15 forks source link

Unable to associate two WebACLs with the CustomIdentityComponent's API Gateway at the same time. #34

Closed junsjang closed 5 days ago

junsjang commented 6 days ago

An API Gateway can associate only one AWS WAF WebACL according to https://docs.aws.amazon.com/waf/latest/developerguide/how-aws-waf-works-resources.html#:~:text=Restrictions%20on%20multiple%20resource%20associations.

There are two WebACLs for an API Gateway. One is for a managed rule group and the other is for a rate limit rule. When we deploy the stack, it looks like all WebACLs are associated successfully and the stack deployed successfully either. In reality, only one WebACL which is associated later will be associated. It is caused by the property of associateWebACL api that replace WebACL of a resource without any error.

We need to make a WebACL with multiple rules to associate those two rule for an API Gateway resource.

juhoaws commented 5 days ago

Thanks for spotting this! Now fixed in this commit: https://github.com/aws-solutions-library-samples/guidance-for-custom-game-backend-hosting-on-aws/commit/44924dcd55c143d5a6f5b5e94ec7d08de70fe40c