Feature | Add WAFv2 AWSManagedRulesATPRuleSet for AWS WAFv2 via Terraform

[marianod92]

Enable AWSManagedRulesATPRuleSet for AWS WAFv2 via Terraform

Add related rules and example Terraform code to provision/enable AWSManagedRulesATPRuleSet for AWS WAFv2. This functionality allows us to protect from brute force attacks on a specified login, lost credentials and even, allows us to verify session and token issues.

Currently not supported by Terraform. This is mentioned in the following Issues:

• Add Support for WAFv2 Managed Rule Group Configuration
• Support managed rule group configs in aws_wafv2_web_acl for the new managed rule AWSManagedRulesATPRuleSet

Layer related: security-firewall

Example of expected code:

statement {
  managed_rule_group_statement {
    name               = "AWSManagedRulesATPRuleSet"
    vendor_name = "AWS"
  }
}

[marianod92]

Update from these two related issues:

• https://github.com/hashicorp/terraform-provider-aws/issues/23287
• https://github.com/hashicorp/terraform-provider-aws/issues/23290

(https://github.com/hashicorp/terraform-provider-aws/issues/23287#issuecomment-1372896160) This functionality has been released in v4.49.0 of the Terraform AWS Provider. Please see the Terraform documentation on provider versioning or reach out if you need any assistance upgrading.