Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/cloudnationhq/terraform-azure-wafwp

Terraform module which creates web application firewall policy resources used by workloads and accelerators.
https://github.com/cloudnationhq/terraform-azure-wafwp

azure terraform wam

Last synced: 7 days ago
JSON representation

Terraform module which creates web application firewall policy resources used by workloads and accelerators.

Host: GitHub
URL: https://github.com/cloudnationhq/terraform-azure-wafwp
Owner: CloudNationHQ
License: mit
Created: 2024-11-12T13:56:00.000Z (8 days ago)
Default Branch: main
Last Pushed: 2024-11-13T09:41:17.000Z (7 days ago)
Last Synced: 2024-11-13T10:29:47.704Z (7 days ago)
Topics: azure, terraform, wam
Language: Go
Homepage: https://registry.terraform.io/modules/CloudNationHQ/wafwp/azure/latest
Size: 55.7 KB
Stars: 0
Watchers: 1
Forks: 0
Open Issues: 0
Metadata Files:
- Readme: README.md
- Changelog: CHANGELOG.md
- Contributing: CONTRIBUTING.md
- License: LICENSE
- Code of conduct: CODE_OF_CONDUCT.md
- Codeowners: .github/CODEOWNERS
- Security: SECURITY.md

Awesome Lists containing this project

README

        # Web Appliation Firewall Policy

This Terraform module manages Azure web application firewall policies, providing flexible rule configurations, request validation settings, and seamless integration with application gateway for enhanced security and traffic management.

## Goals

The main objective is to create a more logic data structure, achieved by combining and grouping related resources together in a complex object.

The structure of the module promotes reusability. It's intended to be a repeatable component, simplifying the process of building diverse workloads and platform accelerators consistently.

A primary goal is to utilize keys and values in the object that correspond to the REST API's structure. This enables us to carry out iterations, increasing its practical value as time goes on.

A last key goal is to separate logic from configuration in the module, thereby enhancing its scalability, ease of customization, and manageability.

## Non-Goals

These modules are not intended to be complete, ready-to-use solutions; they are designed as components for creating your own patterns.

They are not tailored for a single use case but are meant to be versatile and applicable to a range of scenarios.

Security standardization is applied at the pattern level, while the modules include default values based on best practices but do not enforce specific security standards.

End-to-end testing is not conducted on these modules, as they are individual components and do not undergo the extensive testing reserved for complete patterns or solutions.

## Features

- flexible support for custom and managed rules

- rate limiting and geo-filtering capabilities

- configurable OWASP rules and bot protection

- advanced request validation and match conditions

- rule exclusions and overrides support

- adjustable request body inspection

- customizable rule actions and responses

- integrates with application gateway

## Requirements

| Name | Version |

|------|---------|

|  [terraform](#requirement\_terraform) | ~> 1.0 |

|  [azurerm](#requirement\_azurerm) | ~> 4.0 |

## Providers

| Name | Version |

|------|---------|

|  [azurerm](#provider\_azurerm) | ~> 4.0 |

## Resources

| Name | Type |

|------|------|

| [azurerm_web_application_firewall_policy.this](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/web_application_firewall_policy) | resource |

## Inputs

| Name | Description | Type | Default | Required |

|------|-------------|------|---------|:--------:|

|  [config](#input\_config) | contains web application fireqwall policy configuration | `any` | n/a | yes |

|  [location](#input\_location) | default azure region to be used. | `string` | `null` | no |

|  [resource\_group](#input\_resource\_group) | default resource group to be used. | `string` | `null` | no |

|  [tags](#input\_tags) | tags to be added to the resources | `map(string)` | `{}` | no |

## Outputs

| Name | Description |

|------|-------------|

|  [firewall\_policy](#output\_firewall\_policy) | contains web application fireqwall policy configuration |

## Testing

For more information, please see our testing [guidelines](./TESTING.md)

## Notes

Using a dedicated module, we've developed a naming convention for resources that's based on specific regular expressions for each type, ensuring correct abbreviations and offering flexibility with multiple prefixes and suffixes.

Full examples detailing all usages, along with integrations with dependency modules, are located in the examples directory.

To update the module's documentation run `make doc`

## Authors

Module is maintained by [these awesome contributors](https://github.com/cloudnationhq/terraform-azure-wafwp/graphs/contributors).

## Contributing

We welcome contributions from the community! Whether it's reporting a bug, suggesting a new feature, or submitting a pull request, your input is highly valued.

For more information, please see our contribution [guidelines](./CONTRIBUTING.md).

## License

MIT Licensed. See [LICENSE](./LICENSE) for full details.

## References

- [Documentation](https://learn.microsoft.com/en-us/azure/web-application-firewall/)

- [Rest Api](https://learn.microsoft.com/en-us/rest/api/application-gateway/web-application-firewall-policies)