search

trussworks / terraform-aws-wafv2

Creates a WAF using AWS WAFv2 and AWS Managed Rule Sets
https://registry.terraform.io/modules/trussworks/wafv2
Apache License 2.0
103 stars 58 forks source link

How to Use with Geographic Rules #73

Closed fdamstra closed 3 years ago

fdamstra commented 3 years ago

Can this module be used to also restrict traffic to geographic regions such as countries? or deny based on country?

Can you give an example?

dynamike commented 3 years ago

The examples directory has a way that it can be used. You define a aws_wafv2_rule_group which specifies a list of country_codes that you can restrict or allow traffic on. See https://github.com/trussworks/terraform-aws-wafv2/blob/main/examples/alb/main.tf#L173

You can then pass this into this module in the group_rules variable. See https://github.com/trussworks/terraform-aws-wafv2/blob/main/examples/alb/main.tf#L82.

Let me know if that doesn't make sense.

fdamstra commented 3 years ago

Thank you very much! I missed the examples directory.