This solution automatically deploys a single web access control list (web ACL) with a set of AWS WAF rules designed to filter common web-based attacks.
I am running this stack to add waf rules to attach with cloudfront.
Currently, we are having these rules with version Node 8x and Python 2.8.
We have added two WAFReputationListsSet i.e WAFReputationListsSet1 and WAFReputationListsSet2 to extend IP rules above 10000.
Similarly, in the latest stack (cloudfront stack) i have added two resources in WAFReputationListsSet1 and WAFReputationListsSet2 and other dependencies such as WAFIPReputationListsRule1 &2.
-This required some modification in custom properties of PopulateReputationList and ConfigureWebAcl in the parent stack.
Once i add the properties in PopulateReputationList and ConfigureWebAcl manually in custom-resource.py and run the stack. Stack kept on creating the resource PopulateReputationList, ConfigureRateBasedRule e.t.c. However, cloudfront stack create successfully.
Am i missing any process here to override custom-resource causing stack failure or this is not possible to have more than one WAFReputationListsSet.
Sample code of custom-resource.py
elif event['ResourceType'] == "Custom::PopulateReputationList":
if 'CREATE' in request_type or 'UPDATE' in request_type:
populate_reputation_list(event['ResourceProperties']['Region'],
event['ResourceProperties']['ReputationListsParser'],
event['ResourceProperties']['WAFReputationListsSet1']),
event['ResourceProperties']['WAFReputationListsSet2']),
Sample code of custom-resource.py elif event['ResourceType'] == "Custom::PopulateReputationList": if 'CREATE' in request_type or 'UPDATE' in request_type: populate_reputation_list(event['ResourceProperties']['Region'], event['ResourceProperties']['ReputationListsParser'], event['ResourceProperties']['WAFReputationListsSet1']), event['ResourceProperties']['WAFReputationListsSet2']),