Closed FaizRasool closed 1 year ago
exequielrafaela
commented
1 year ago @FaizRasool thanks for creating this issue and for your feedback. We would try to take care of this request during Q1 2023 and let you know if we have any updates.
CC: @binbashar/leverage-project-terraform-dev @binbashar/leverage-project-terraform-admin
lgallard
commented
1 year ago @FaizRasool regarding this issue, we tried to implement another rule set to include a whitelist variable input, but we ran into the 10 rules limits for wafregional_acl resources, due to how the modules are currently implemented. A possible option is to use rule groups, but it will imply changing the modules approach.
Keep in midn this module will be not longer maintain because there are other Terraform modules that support these features based on ´wafv2´ Managed rules for AWS Web Application Firewall
exequielrafaela
commented
1 year ago @FaizRasool as comment by @lgallard we're closing this issue favoring and recommending the use of:
Hello - can we make an option where we can optionally assign whitelist IPs which skip all of the rule. In current state module doesn't work specially if you are using like web hooks. For example webhook from Stripe is being blocked with "rule_csrf_action_type" rule and we had to change the whole rule to count. Would be nice if we can specify whitelist IPs.