Skip to content

Commit

Permalink
fix: Remove rate limiting WAF on api domain url (#889)
Browse files Browse the repository at this point in the history
  • Loading branch information
@bryan-robitaille
bryan-robitaille authored Nov 13, 2024
1 parent 77bcdb4 commit 0f92923
Showing 1 changed file with 50 additions and 9 deletions.
59 changes: 50 additions & 9 deletions aws/load_balancer/waf.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -26,7 +26,25 @@ resource "aws_wafv2_rule_group" "rate_limiters_group" {
rate_based_statement {
limit = 2500
aggregate_key_type = "IP"

scope_down_statement {
not_statement {
statement {
byte_match_statement {
positional_constraint = "EXACTLY"
field_to_match {
single_header {
name = "host"
}
}
search_string = var.domain_api
text_transformation {
priority = 1
type = "LOWERCASE"
}
}
}
}
}
}
}

Expand All @@ -50,15 +68,38 @@ resource "aws_wafv2_rule_group" "rate_limiters_group" {
limit = 100
aggregate_key_type = "IP"
scope_down_statement {
byte_match_statement {
positional_constraint = "EXACTLY"
field_to_match {
method {}
and_statement {
statement {
not_statement {
statement {
byte_match_statement {
positional_constraint = "EXACTLY"
field_to_match {
single_header {
name = "host"
}
}
search_string = var.domain_api
text_transformation {
priority = 1
type = "LOWERCASE"
}
}
}
}
}
search_string = "post"
text_transformation {
priority = 1
type = "LOWERCASE"
statement {
byte_match_statement {
positional_constraint = "EXACTLY"
field_to_match {
method {}
}
search_string = "post"
text_transformation {
priority = 1
type = "LOWERCASE"
}
}
}
}
}
Expand Down

0 comments on commit 0f92923

Please sign in to comment.