| 1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071 |
- locals {
- blacklisted_ips = [
- {
- "value" = "172.16.0.0/16"
- type = "IPV4"
- },
- {
- "value" = "192.168.0.0/16"
- type = "IPV4"
- },
- {
- "value" = "169.254.0.0/16"
- type = "IPV4"
- },
- {
- "value" = "127.0.0.1/32"
- type = "IPV4"
- },
- ]
- # 73.10.53.113/32 Rick Page Home
- # 99.151.37.185/32 Wesley Leonard Home
- # 104.9.149.90/32 Greg Rivas Home
- # 100.4.76.3/32 Brandon Naughton Home
- # 170.248.173.247/32 AFS site
- # 170.248.173.245/32 AFS site
- # 70.120.41.230/32 Will Ledesma Home
- admin_remote_ipset = [
- {
- "value" = "73.10.53.113/32"
- type = "IPV4"
- },
- {
- "value" = "99.151.37.185/32"
- type = "IPV4"
- },
- {
- "value" = "104.9.149.90/32"
- type = "IPV4"
- },
- {
- "value" = "100.4.76.3/32"
- type = "IPV4"
- },
- {
- "value" = "170.248.173.247/32"
- type = "IPV4"
- },
- {
- "value" = "170.248.173.245/32"
- type = "IPV4"
- },
- {
- "value" = "70.120.41.230/32"
- type = "IPV4"
- },
- ]
- waf_prefix = "portal"
- }
- module "regional_waf" {
- source = "../../submodules/waf_owasp_top10"
- waf_prefix = local.waf_prefix
- blacklisted_ips = local.blacklisted_ips
- admin_remote_ipset = local.admin_remote_ipset
- }
- resource "aws_wafregional_web_acl_association" "portal_alb_waf" {
- resource_arn = aws_alb.portal.arn
- web_acl_id = module.regional_waf.web_acl_id
- }
|
