aijunpeng
commented
3 years ago Thanks for the ticket. We have added your request to our backlog and it will be evaluated in future releases.
Closed accollam closed 1 year ago
aijunpeng
commented
3 years ago Thanks for the ticket. We have added your request to our backlog and it will be evaluated in future releases.
aijunpeng
commented
1 year ago We evaluated this request. Unfortunately due to the WAF and S3 service limitation (For CloudFront endpoint WAF requires the stack to be deployed in us-east-1 region in order to use API endpoint in us-east-1. This deploys all resources including Lambda functions in us-east-1. Furthermore, S3 requires lambda function configured for s3 event notification used in the solution to be in the same region as S3 bucket), the S3 bucket must exist in the same us-east-1 region where the stack is deployed for CloudFront endpoint. Close this ticket.
Is your feature request related to a problem? Please describe. We are trying to implement the AWS WAF Security Automations solution using the CloudFormation template provided (v3.0.0). Our CloudFront access logs, which we intend for this solution to parse, are sitting in eu-west-1 and are unable to move as per our specifications. This is causing some complications with our stack's deployment. When we try to deploy the stack in us-east-1 the following error is thrown: [link]( https://github.com/awslabs/aws-waf-security-automations/blob/d7e42d69c77cead0bb31a41e4a69cf8667884253/source/helper/helper.py#L81 )
Describe the feature you'd like Since there is the possibility to have the CloudFront access logs sent in a different region (like for example eu-west-1) we would like to be able to deploy the 'Log Parsing' in a region different from the us-east-1.
Additional context Here you can see our configuration