Skip to content

WAFv2 controller - add AWSManagedRulesAntiDDoSRuleSet support to WebACL's managedRuleGroupConfigs #2955

Description

@michael-cr41g

Is your feature request related to a problem?
The WAFv2 controller does not support creating or adopting/editing ManagedRuleGroupConfig.AWSManagedRulesAntiDDoSRuleSet. This prevents solely enabling all WAF Shield features via ACK.

Describe the solution you'd like
The WAFv2 Controller's CRD webACL gets a new Property AWSManagedRulesAntiDDoSRuleSet for its ManagedRuleGroupConfigs that enables the anti-DDoS managed rule group.

Describe alternatives you've considered
Using AWS CLI to append the rule to the WebACL after it is created would just get reverted by our state controller (FluxCD).

Metadata

Metadata

Assignees

No one assigned

    Labels

    kind/new-fieldCategorizes issue or PR as related to a new fieldservice/wafv2Indicates issues or PRs that are related to wafv2-controller.

    Type

    No type

    Fields

    No fields configured for issues without a type.

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions