Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Enhancement | wafv2 fix rules and add outputs #418

Merged
merged 2 commits into from
Aug 2, 2022
Merged

Enhancement | wafv2 fix rules and add outputs #418

merged 2 commits into from
Aug 2, 2022

Conversation

marianod92
Copy link
Contributor

@marianod92 marianod92 commented Aug 1, 2022
edited
Loading

What?

  • Fix duplicated Rule Priority for SQLiRulesByAWS Rule
  • Add outputs.tf file and WAFv2 ARN to the available outputs

Why?

  • It is not allowed to have duplicate priority rules, this produces an error during the terraform plan stage.
  • Allow consumption of WAFv2 ARN from another layer if needed

@marianod92 marianod92 added enhancement New feature or request minor labels Aug 1, 2022
@marianod92 marianod92 added this to the 2022 Q3 milestone Aug 1, 2022
@marianod92 marianod92 self-assigned this Aug 1, 2022
@marianod92 marianod92 requested a review from a team as a code owner August 1, 2022 20:40
@github-actions
Copy link

github-actions bot commented Aug 1, 2022

💰 Infracost estimate: monthly cost will not change

Project Previous New Diff
All projects $1,633 $1,633 $0

124 projects have no cost estimate changes.

Infracost output 
──────────────────────────────────

The following projects have no cost estimate changes: binbashar/le-tf-infra-aws/apps-devstg/global/base-identities (Module path: apps-devstg/global/base-identities), binbashar/le-tf-infra-aws/apps-devstg/us-east-1/backups -- (Module path: apps-devstg/us-east-1/backups --), binbashar/le-tf-infra-aws/apps-devstg/us-east-1/base-network (Module path: apps-devstg/us-east-1/base-network), binbashar/le-tf-infra-aws/apps-devstg/us-east-1/base-tf-backend (Module path: apps-devstg/us-east-1/base-tf-backend), binbashar/le-tf-infra-aws/apps-devstg/us-east-1/cdn-s3-frontend -- (Module path: apps-devstg/us-east-1/cdn-s3-frontend --), binbashar/le-tf-infra-aws/apps-devstg/us-east-1/databases-aurora (Module path: apps-devstg/us-east-1/databases-aurora), binbashar/le-tf-infra-aws/apps-devstg/us-east-1/databases-mysql -- (Module path: apps-devstg/us-east-1/databases-mysql --), binbashar/le-tf-infra-aws/apps-devstg/us-east-1/databases-pgsql -- (Module path: apps-devstg/us-east-1/databases-pgsql --), binbashar/le-tf-infra-aws/apps-devstg/us-east-1/ec2-fleet-ansible -- (Module path: apps-devstg/us-east-1/ec2-fleet-ansible --), binbashar/le-tf-infra-aws/apps-devstg/us-east-1/k8s-eks-demoapps/cluster (Module path: apps-devstg/us-east-1/k8s-eks-demoapps/cluster), binbashar/le-tf-infra-aws/apps-devstg/us-east-1/k8s-eks-demoapps/identities (Module path: apps-devstg/us-east-1/k8s-eks-demoapps/identities), binbashar/le-tf-infra-aws/apps-devstg/us-east-1/k8s-eks-demoapps/k8s-resources (Module path: apps-devstg/us-east-1/k8s-eks-demoapps/k8s-resources), binbashar/le-tf-infra-aws/apps-devstg/us-east-1/k8s-eks-demoapps/k8s-workloads (Module path: apps-devstg/us-east-1/k8s-eks-demoapps/k8s-workloads), binbashar/le-tf-infra-aws/apps-devstg/us-east-1/k8s-eks-demoapps/network (Module path: apps-devstg/us-east-1/k8s-eks-demoapps/network), binbashar/le-tf-infra-aws/apps-devstg/us-east-1/k8s-eks-v1.17/cluster (Module path: apps-devstg/us-east-1/k8s-eks-v1.17/cluster), binbashar/le-tf-infra-aws/apps-devstg/us-east-1/k8s-eks-v1.17/identities (Module path: apps-devstg/us-east-1/k8s-eks-v1.17/identities), binbashar/le-tf-infra-aws/apps-devstg/us-east-1/k8s-eks-v1.17/k8s-resources (Module path: apps-devstg/us-east-1/k8s-eks-v1.17/k8s-resources), binbashar/le-tf-infra-aws/apps-devstg/us-east-1/k8s-eks-v1.17/k8s-workloads (Module path: apps-devstg/us-east-1/k8s-eks-v1.17/k8s-workloads), binbashar/le-tf-infra-aws/apps-devstg/us-east-1/k8s-eks-v1.17/network (Module path: apps-devstg/us-east-1/k8s-eks-v1.17/network), binbashar/le-tf-infra-aws/apps-devstg/us-east-1/k8s-kind/k8s-resources (Module path: apps-devstg/us-east-1/k8s-kind/k8s-resources), binbashar/le-tf-infra-aws/apps-devstg/us-east-1/k8s-kops --/1-prerequisites (Module path: apps-devstg/us-east-1/k8s-kops --/1-prerequisites), binbashar/le-tf-infra-aws/apps-devstg/us-east-1/k8s-kops --/2-kops (Module path: apps-devstg/us-east-1/k8s-kops --/2-kops), binbashar/le-tf-infra-aws/apps-devstg/us-east-1/notifications (Module path: apps-devstg/us-east-1/notifications), binbashar/le-tf-infra-aws/apps-devstg/us-east-1/security-audit (Module path: apps-devstg/us-east-1/security-audit), binbashar/le-tf-infra-aws/apps-devstg/us-east-1/security-base (Module path: apps-devstg/us-east-1/security-base), binbashar/le-tf-infra-aws/apps-devstg/us-east-1/security-certs (Module path: apps-devstg/us-east-1/security-certs), binbashar/le-tf-infra-aws/apps-devstg/us-east-1/security-compliance -- (Module path: apps-devstg/us-east-1/security-compliance --), binbashar/le-tf-infra-aws/apps-devstg/us-east-1/security-firewall -- (Module path: apps-devstg/us-east-1/security-firewall --), binbashar/le-tf-infra-aws/apps-devstg/us-east-1/security-keys (Module path: apps-devstg/us-east-1/security-keys), binbashar/le-tf-infra-aws/apps-devstg/us-east-1/storage/s3-bucket-demo-files -- (Module path: apps-devstg/us-east-1/storage/s3-bucket-demo-files --), binbashar/le-tf-infra-aws/apps-devstg/us-east-1/tools-cloud-nuke (Module path: apps-devstg/us-east-1/tools-cloud-nuke), binbashar/le-tf-infra-aws/apps-devstg/us-east-2/k8s-eks-v1.17/cluster (Module path: apps-devstg/us-east-2/k8s-eks-v1.17/cluster), binbashar/le-tf-infra-aws/apps-devstg/us-east-2/k8s-eks-v1.17/identities (Module path: apps-devstg/us-east-2/k8s-eks-v1.17/identities), binbashar/le-tf-infra-aws/apps-devstg/us-east-2/k8s-eks-v1.17/k8s-resources (Module path: apps-devstg/us-east-2/k8s-eks-v1.17/k8s-resources), binbashar/le-tf-infra-aws/apps-devstg/us-east-2/k8s-eks-v1.17/k8s-workloads (Module path: apps-devstg/us-east-2/k8s-eks-v1.17/k8s-workloads), binbashar/le-tf-infra-aws/apps-devstg/us-east-2/k8s-eks-v1.17/network (Module path: apps-devstg/us-east-2/k8s-eks-v1.17/network), binbashar/le-tf-infra-aws/apps-devstg/us-east-2/security-compliance -- (Module path: apps-devstg/us-east-2/security-compliance --), binbashar/le-tf-infra-aws/apps-devstg/us-east-2/security-keys (Module path: apps-devstg/us-east-2/security-keys), binbashar/le-tf-infra-aws/apps-prd/global/base-identities (Module path: apps-prd/global/base-identities), binbashar/le-tf-infra-aws/apps-prd/us-east-1/backups -- (Module path: apps-prd/us-east-1/backups --), binbashar/le-tf-infra-aws/apps-prd/us-east-1/base-network (Module path: apps-prd/us-east-1/base-network), binbashar/le-tf-infra-aws/apps-prd/us-east-1/base-tf-backend (Module path: apps-prd/us-east-1/base-tf-backend), binbashar/le-tf-infra-aws/apps-prd/us-east-1/cdn-s3-frontend -- (Module path: apps-prd/us-east-1/cdn-s3-frontend --), binbashar/le-tf-infra-aws/apps-prd/us-east-1/ec2-fleet -- (Module path: apps-prd/us-east-1/ec2-fleet --), binbashar/le-tf-infra-aws/apps-prd/us-east-1/notifications (Module path: apps-prd/us-east-1/notifications), binbashar/le-tf-infra-aws/apps-prd/us-east-1/security-audit (Module path: apps-prd/us-east-1/security-audit), binbashar/le-tf-infra-aws/apps-prd/us-east-1/security-base (Module path: apps-prd/us-east-1/security-base), binbashar/le-tf-infra-aws/apps-prd/us-east-1/security-certs (Module path: apps-prd/us-east-1/security-certs), binbashar/le-tf-infra-aws/apps-prd/us-east-1/security-compliance -- (Module path: apps-prd/us-east-1/security-compliance --), binbashar/le-tf-infra-aws/apps-prd/us-east-1/security-keys (Module path: apps-prd/us-east-1/security-keys), binbashar/le-tf-infra-aws/management/global/base-identities (Module path: management/global/base-identities), binbashar/le-tf-infra-aws/management/global/cost-mgmt (Module path: management/global/cost-mgmt), binbashar/le-tf-infra-aws/management/global/organizations (Module path: management/global/organizations), binbashar/le-tf-infra-aws/management/global/sso (Module path: management/global/sso), binbashar/le-tf-infra-aws/management/us-east-1/backups (Module path: management/us-east-1/backups), binbashar/le-tf-infra-aws/management/us-east-1/base-tf-backend (Module path: management/us-east-1/base-tf-backend), binbashar/le-tf-infra-aws/management/us-east-1/firewall-manager (Module path: management/us-east-1/firewall-manager), binbashar/le-tf-infra-aws/management/us-east-1/notifications (Module path: management/us-east-1/notifications), binbashar/le-tf-infra-aws/management/us-east-1/security-audit (Module path: management/us-east-1/security-audit), binbashar/le-tf-infra-aws/management/us-east-1/security-base (Module path: management/us-east-1/security-base), binbashar/le-tf-infra-aws/management/us-east-1/security-compliance (Module path: management/us-east-1/security-compliance), binbashar/le-tf-infra-aws/management/us-east-1/security-keys (Module path: management/us-east-1/security-keys), binbashar/le-tf-infra-aws/management/us-east-1/security-monitoring (Module path: management/us-east-1/security-monitoring), binbashar/le-tf-infra-aws/management/us-east-2/security-monitoring -- (Module path: management/us-east-2/security-monitoring --), binbashar/le-tf-infra-aws/network/global/base-identities (Module path: network/global/base-identities), binbashar/le-tf-infra-aws/network/us-east-1/base-network (Module path: network/us-east-1/base-network), binbashar/le-tf-infra-aws/network/us-east-1/base-tf-backend (Module path: network/us-east-1/base-tf-backend), binbashar/le-tf-infra-aws/network/us-east-1/network-firewall (Module path: network/us-east-1/network-firewall), binbashar/le-tf-infra-aws/network/us-east-1/notifications (Module path: network/us-east-1/notifications), binbashar/le-tf-infra-aws/network/us-east-1/security-audit (Module path: network/us-east-1/security-audit), binbashar/le-tf-infra-aws/network/us-east-1/security-base (Module path: network/us-east-1/security-base), binbashar/le-tf-infra-aws/network/us-east-1/security-compliance -- (Module path: network/us-east-1/security-compliance --), binbashar/le-tf-infra-aws/network/us-east-1/security-keys (Module path: network/us-east-1/security-keys), binbashar/le-tf-infra-aws/network/us-east-1/transit-gateway (Module path: network/us-east-1/transit-gateway), binbashar/le-tf-infra-aws/network/us-east-2/base-network (Module path: network/us-east-2/base-network), binbashar/le-tf-infra-aws/network/us-east-2/network-firewall (Module path: network/us-east-2/network-firewall), binbashar/le-tf-infra-aws/network/us-east-2/security-compliance -- (Module path: network/us-east-2/security-compliance --), binbashar/le-tf-infra-aws/network/us-east-2/security-keys (Module path: network/us-east-2/security-keys), binbashar/le-tf-infra-aws/network/us-east-2/transit-gateway (Module path: network/us-east-2/transit-gateway), binbashar/le-tf-infra-aws/security/global/base-identities (Module path: security/global/base-identities), binbashar/le-tf-infra-aws/security/us-east-1/base-tf-backend (Module path: security/us-east-1/base-tf-backend), binbashar/le-tf-infra-aws/security/us-east-1/firewall-manager (Module path: security/us-east-1/firewall-manager), binbashar/le-tf-infra-aws/security/us-east-1/notifications (Module path: security/us-east-1/notifications), binbashar/le-tf-infra-aws/security/us-east-1/security-audit (Module path: security/us-east-1/security-audit), binbashar/le-tf-infra-aws/security/us-east-1/security-base (Module path: security/us-east-1/security-base), binbashar/le-tf-infra-aws/security/us-east-1/security-compliance -- (Module path: security/us-east-1/security-compliance --), binbashar/le-tf-infra-aws/security/us-east-1/security-keys (Module path: security/us-east-1/security-keys), binbashar/le-tf-infra-aws/security/us-east-1/security-monitoring (Module path: security/us-east-1/security-monitoring), binbashar/le-tf-infra-aws/security/us-east-2/security-audit (Module path: security/us-east-2/security-audit), binbashar/le-tf-infra-aws/security/us-east-2/security-compliance -- (Module path: security/us-east-2/security-compliance --), binbashar/le-tf-infra-aws/security/us-east-2/security-monitoring -- (Module path: security/us-east-2/security-monitoring --), binbashar/le-tf-infra-aws/shared/global/base-dns/binbash.com.ar (Module path: shared/global/base-dns/binbash.com.ar), binbashar/le-tf-infra-aws/shared/global/base-identities (Module path: shared/global/base-identities), binbashar/le-tf-infra-aws/shared/us-east-1/backups (Module path: shared/us-east-1/backups), binbashar/le-tf-infra-aws/shared/us-east-1/base-network (Module path: shared/us-east-1/base-network), binbashar/le-tf-infra-aws/shared/us-east-1/base-tf-backend (Module path: shared/us-east-1/base-tf-backend), binbashar/le-tf-infra-aws/shared/us-east-1/container-registry (Module path: shared/us-east-1/container-registry), binbashar/le-tf-infra-aws/shared/us-east-1/ec2-fleet -- (Module path: shared/us-east-1/ec2-fleet --), binbashar/le-tf-infra-aws/shared/us-east-1/ec2-fleet-bastions -- (Module path: shared/us-east-1/ec2-fleet-bastions --), binbashar/le-tf-infra-aws/shared/us-east-1/k8s-eks-demoapps/identities (Module path: shared/us-east-1/k8s-eks-demoapps/identities), binbashar/le-tf-infra-aws/shared/us-east-1/notifications (Module path: shared/us-east-1/notifications), binbashar/le-tf-infra-aws/shared/us-east-1/secrets-manager -- (Module path: shared/us-east-1/secrets-manager --), binbashar/le-tf-infra-aws/shared/us-east-1/security-audit (Module path: shared/us-east-1/security-audit), binbashar/le-tf-infra-aws/shared/us-east-1/security-base (Module path: shared/us-east-1/security-base), binbashar/le-tf-infra-aws/shared/us-east-1/security-compliance -- (Module path: shared/us-east-1/security-compliance --), binbashar/le-tf-infra-aws/shared/us-east-1/security-keys (Module path: shared/us-east-1/security-keys), binbashar/le-tf-infra-aws/shared/us-east-1/storage/backup-gdrive -- (Module path: shared/us-east-1/storage/backup-gdrive --), binbashar/le-tf-infra-aws/shared/us-east-1/storage/object-file-shares-for-users-list -- (Module path: shared/us-east-1/storage/object-file-shares-for-users-list --), binbashar/le-tf-infra-aws/shared/us-east-1/storage/object-file-shares-sftp-transfer-service -- (Module path: shared/us-east-1/storage/object-file-shares-sftp-transfer-service --), binbashar/le-tf-infra-aws/shared/us-east-1/tools-cloud-scheduler-stop-start (Module path: shared/us-east-1/tools-cloud-scheduler-stop-start), binbashar/le-tf-infra-aws/shared/us-east-1/tools-eskibana -- (Module path: shared/us-east-1/tools-eskibana --), binbashar/le-tf-infra-aws/shared/us-east-1/tools-github-selfhosted-runners (Module path: shared/us-east-1/tools-github-selfhosted-runners), binbashar/le-tf-infra-aws/shared/us-east-1/tools-jenkins -- (Module path: shared/us-east-1/tools-jenkins --), binbashar/le-tf-infra-aws/shared/us-east-1/tools-managedeskibana -- (Module path: shared/us-east-1/tools-managedeskibana --), binbashar/le-tf-infra-aws/shared/us-east-1/tools-prometheus -- (Module path: shared/us-east-1/tools-prometheus --), binbashar/le-tf-infra-aws/shared/us-east-1/tools-vault -- (Module path: shared/us-east-1/tools-vault --), binbashar/le-tf-infra-aws/shared/us-east-1/tools-vpn-server (Module path: shared/us-east-1/tools-vpn-server), binbashar/le-tf-infra-aws/shared/us-east-1/tools-webhooks -- (Module path: shared/us-east-1/tools-webhooks --), binbashar/le-tf-infra-aws/shared/us-east-2/base-network (Module path: shared/us-east-2/base-network), binbashar/le-tf-infra-aws/shared/us-east-2/container-registry (Module path: shared/us-east-2/container-registry), binbashar/le-tf-infra-aws/shared/us-east-2/security-compliance -- (Module path: shared/us-east-2/security-compliance --), binbashar/le-tf-infra-aws/shared/us-east-2/security-keys (Module path: shared/us-east-2/security-keys), binbashar/le-tf-infra-aws/shared/us-east-2/tools-eskibana -- (Module path: shared/us-east-2/tools-eskibana --), binbashar/le-tf-infra-aws/shared/us-east-2/tools-prometheus -- (Module path: shared/us-east-2/tools-prometheus --)
Run the following command to see their breakdown: infracost breakdown --path=/path/to/code

──────────────────────────────────
518 cloud resources were detected:
∙ 518 were estimated, 383 of which include usage-based costs, see https://infracost.io/usage-file

This comment will be updated when the cost estimate changes.

Is this comment useful? Yes, No, Other

@exequielrafaela exequielrafaela requested a review from a team August 1, 2022 21:42
@marianod92 marianod92 merged commit 6349fe9 into master Aug 2, 2022
@marianod92 marianod92 deleted the feature/wafv2-fix-rules-add-ouputs branch August 2, 2022 15:05
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@diego-ojeda-binbash diego-ojeda-binbash diego-ojeda-binbash approved these changes

@exequielrafaela exequielrafaela exequielrafaela approved these changes

Assignees

@marianod92 marianod92

Labels
enhancement New feature or request patch
Projects
None yet
Milestone
2022 Q3
Development

Successfully merging this pull request may close these issues.
3 participants
@marianod92 @exequielrafaela @diego-ojeda-binbash