Support for COUNT mode for WAF

aws-solutions / aws-waf-security-automations

This solution automatically deploys a single web access control list (web ACL) with a set of AWS WAF rules designed to filter common web-based attacks.

https://aws.amazon.com/solutions/aws-waf-security-automations

Apache License 2.0

835 stars 358 forks source link

Support for COUNT mode for WAF #263

Open Kevinwochan opened 2 months ago

Kevinwochan commented 2 months ago

Is your feature request related to a problem? Please describe. AWS WAF prescriptive guidance recommends setting managed rules into COUNT mode to baseline activity and detect false positives

Describe the feature you'd like CloudFormation parameters only support "yes'/"no"
An option should be added for the action as well.

kroeter commented 2 months ago

Thanks for the post Kevin - we have another released planned for this solution in H2 of this year and I'll consider this during our next grooming session. Let me know if you're open for further discussion of other features that you'd like to see for this solution.

sbe-arg commented 2 months ago

cross reference https://github.com/aws-solutions/aws-waf-security-automations/issues/264 where I added more details on how this can be implemented.