Adds Exceptions for Teleport WAF

To be tagged v5.1.11

base/teleport-single-instance/waf.tf

@@ -31,8 +31,13 @@ module "waf" {
   excluded_rules_AWSManagedRulesUnixRuleSet = [
   ]
 
+  excluded_rules_AWSManagedRulesLinuxRuleSet = [
+    "LFI_URIPATH", # /web/config.js needed
+  ]
+
   excluded_rules_AWSManagedRulesCommonRuleSet = [
-    "SizeRestrictions_BODY",
+    "SizeRestrictions_BODY", # for SAML
+    "EC2MetaDataSSRF_BODY",  # for SAML
   ]
 
   # These are passed through and should be the same for module