Closed joebernard closed 1 year ago
Hi,
Did you check the generated CloudFormation template (in the .serverless
folder).
Check the value and look if there is anything that looks incorrect.
Yes, no matter what I set throttle
in my yml, the generated .serverless/cloudformation-template-update-stack.json config will always set the BaseThrottle
Limit
parameter to 100. It doesn't seem to match the setting I'm passing in.
{
"Action": {
"Block": {}
},
"Name": "BaseThrottle",
"Priority": 100,
"Statement": {
"RateBasedStatement": {
"AggregateKeyType": "IP",
"Limit": 100
}
},
"VisibilityConfig": {
"CloudWatchMetricsEnabled": true,
"MetricName": "BaseThrottle",
"SampledRequestsEnabled": true
}
}
I am using version 1.14.0.
I see in the source that a throttle limit of 100 is being imposed by default. Could this be overwriting the limit being set in my config? Is there a way to overcome this limit?
https://github.com/sid88in/serverless-appsync-plugin/blob/master/src/index.js#L1673
thanks for checking @joebernard That is meant to be a default. on lines 1673 and 1683, it is supposed to pass a custom value.
what does your yml look like?
Here is my yml:
wafConfig:
enabled: true
name: AppSyncUnauthWaf
description: "AppSync WAF for the unauthenticated API"
rules:
- throttle: 1000, # request per 5 minutes
- disableIntrospection # disallow untrusted consumers to discover the structure of the API
- name: IPRules
overrideAction:
none: {}
statement:
managedRuleGroupStatement:
vendorName: AWS
name: AWSManagedRulesAmazonIpReputationList
Here is the generated CloudFormation json for BaseThrottle
:
{
"Action": {
"Block": {}
},
"Name": "BaseThrottle",
"Priority": 100,
"Statement": {
"RateBasedStatement": {
"AggregateKeyType": "IP",
"Limit": 100
}
},
"VisibilityConfig": {
"CloudWatchMetricsEnabled": true,
"MetricName": "BaseThrottle",
"SampledRequestsEnabled": true
}
}
Limit
is set to 100 instead of the value of 1000 that I set in the yml config, and this value of 100 is reflected in the AWS web console for WAF. This happens for any value I use for throttle
, even values less than 100. It always sets Limit
to 100.
Would you be able to add some debug log around here?
I'm wondering if for some reason the type of config
might be string
when coming from yml, instead of number
.
@bboure This was my mistake. I had a comma after the throttle
value. It is working as expected. Thanks for your help. Closing.
No matter what value I use for
throttle
the WAF rule always displays as 100 in the AWS WAF console. Changing thethrottle
value in my serverless config does not change the value displayed in the AWS console. If I change the BaseThrottle value in the console to something else then redeploy my serverless config, the value I set in the console remains (the serverless config does not update it). The wafConfig throttle setting seems to only enable/disable throttling but not control the throttle value effectively.