[ ] Evaluate the AWS WAF rules with the TG_ and TG_ML_ prefixes for increased traffic. Make sure the applied rules would not block valid traffic. Write evaluation results in existing WAF rules deployment document.
[ ] save an Athena query to show the COUNT or BLOCK results
QA Steps
[ ] Review the COUNT results and ensure legitimate traffic wouldn't be blocked (2 weeks)
[ ] If new rules are applied, double verify that no legit traffic is blocked. Try in staging first and monitor production for at least a week (2 weeks).
[ ] Inform support folks to keep an eye on users reporting potential connection issues with GCNotify UI and API.
Description
As an ops lead, I want to leverage new AWS WAF namespace from the bot control rules, So that GCNotify blocks even more unnecessary traffic.
As a potential attacked of GCNotify, I want GCNotify to block more of my bot traffic, So that I can waste some CPU cycles and my money.
WHY are we building?
For more security and target more invalid traffic to GCNotify to block.
WHAT are we building?
Evaluate and integrate if possible the targeted protection level AWS WAF bot control rules with the
TG_
andTG_ML_
prefixes.VALUE created by our solution
Protect our product and assets.
Acceptance Criteria
TG_
andTG_ML_
prefixes for increased traffic. Make sure the applied rules would not block valid traffic. Write evaluation results in existing WAF rules deployment document.COUNT
orBLOCK
resultsQA Steps
COUNT
results and ensure legitimate traffic wouldn't be blocked (2 weeks)