Closed anwar-sadat85 closed 1 year ago
Params for 3.1.1
ActivateAWSManagedRulesParam no
ActivateBadBotProtectionParam yes
ActivateCrossSiteScriptingProtectionParam yes
ActivateHttpFloodProtectionParam yes - AWS WAF rate based rule
ActivateReputationListsProtectionParam yes
ActivateScannersProbesProtectionParam yes - AWS Lambda log parser
ActivateSqlInjectionProtectionParam yes
AppAccessLogBucket
Params for 3.2.4 update
ActivateAWSManagedRulesParam Use existing value ActivateBadBotProtectionParam Use existing value ActivateCrossSiteScriptingProtectionParam Use existing value ActivateHttpFloodProtectionParam Use existing value ActivateReputationListsProtectionParam Use existing value ActivateScannersProbesProtectionParam Use existing value ActivateSqlInjectionProtectionParam Use existing value AppAccessLogBucket Use existing value EndpointType Use existing value ErrorThreshold Use existing value IPRetentionPeriodAllowedParam -1 IPRetentionPeriodDeniedParam -1 KeepDataInOriginalS3Location Use existing value RequestThreshold Use existing value SNSEmailParam - SqlInjectionProtectionSensitivityLevelParam LOW WAFBlockPeriod Use existing value
Track this in an internal ticket. closing the issue.
Describe the bug When updating the stack from version 3.1.0 to 3.2.4, the IPs configured in the "WhitelistSetIPV4" are all deleted.
To Reproduce
Expected behavior We expect the IP addresses in WhitelistSetIPv4 to be preserved when the stack is updated
Please complete the following information about the solution:
To get the version of the solution, you can look at the description of the created CloudFormation stack. For example, "AWS WAF Security Automations v3.1: This AWS CloudFormation template helps you provision the AWS WAF Security Automations stack without worrying about creating and configuring the underlying AWS infrastructure". If the description does not contain the version information, you can look at the mappings section of the template:
Screenshots If applicable, add screenshots to help explain your problem (please DO NOT include sensitive information).
Additional context Add any other context about the problem here.