Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/globaldatanet/aws-firewall-factory

Easily improve the security of your web applications with aws firewall factory. Protect your valuable assets with seamless WAF deployment, updates, and staging, all efficiently managed centrally with Firewall Manager.
https://github.com/globaldatanet/aws-firewall-factory

amazon-web-services aws cdk devsecops firewall governance hacktoberfest owasp owasp-top-10 security typescript waf wafv2

Last synced: 3 months ago
JSON representation

Easily improve the security of your web applications with aws firewall factory. Protect your valuable assets with seamless WAF deployment, updates, and staging, all efficiently managed centrally with Firewall Manager.

Awesome Lists containing this project

README 

        

[![Mentioned in Awesome CDK](https://awesome.re/mentioned-badge.svg)](https://github.com/kolomied/awesome-cdk)

[![License: Apache2](https://img.shields.io/badge/license-Apache%202-lightgrey.svg)](http://www.apache.org/licenses/) [![cdk](https://img.shields.io/badge/aws_cdk-v2-orange.svg)](https://docs.aws.amazon.com/cdk/v2/guide/home.html)

[![latest](https://img.shields.io/badge/latest-release-yellow.svg)](https://github.com/globaldatanet/aws-firewall-factory/releases)

[![gdn](https://img.shields.io/badge/opensource-@globaldatanet-%2300ecbd)](https://globaldatanet.com/opensource) [![dakn](https://img.shields.io/badge/by-dakn-%23ae0009.svg)](https://github.com/daknhh)

[![TypeScript](https://badges.frapsoft.com/typescript/love/typescript.png?v=101)](https://github.com/ellerbrock/typescript-badges/)

[![Tweet](https://img.shields.io/twitter/url/http/shields.io.svg?style=social)](https://twitter.com/intent/tweet?text=AWS%20FIREWALL%20FACTORY%20-%20Deploy%2C%20update%2C%20and%20stage%20your%20WAFs%20while%20managing%20them%20centrally%20via%20FMS&url=https://github.com/globaldatanet/aws-firewall-factory&hashtags=aws,security,waf)

[![roadmap](https://img.shields.io/badge/public-roadmap-yellow.svg)](https://github.com/orgs/globaldatanet/projects/1)



**[🚧 Feature request](https://github.com/globaldatanet/aws-firewall-factory/issues/new?assignees=&labels=feature-request%2C+enhancement&template=feature_request.md&title=)** | **[πŸ› Bug Report](https://github.com/globaldatanet/aws-firewall-factory/issues/new?assignees=&labels=bug%2C+triage&template=bug_report.md&title=)**



aws-firewall-factory



## π’‹° Table of contents



- [π’‹° Table of contents](#π’‹°-table-of-contents)

- [πŸ”­ Overview](#-overview)

- [🎬 Media](#-media)

    - [πŸ”— Useful Links](#-useful-links)

- [πŸ—ΊοΈ Architecture](#️-architecture)

- [πŸ§ͺ Tests](#-tests)

- [πŸ¦ΈπŸΌβ€β™€οΈ Contributors](#️-contributors)

  - [πŸ‘©β€πŸ’» Contribute](#-contribute)

  - [πŸ‘ Supporters](#-supporters)



|                     Releases                      | Author |

|---------------------------------------------------|--------|

| [Changelog](CHANGELOG.md) - [Features](Features.md) - [πŸ›‘οΈ Deployment](Deployment.md) | David Krohn  [Linkedin](https://www.linkedin.com/in/daknhh/) - [Blog](https://globaldatanet.com/our-team/david-krohn)|



## πŸ”­ Overview






AWS Web Application Firewalls (WAFs) protect web applications and APIs from typical attacks from the Internet that can compromise security and availability, and put undue strain on servers and resources. The AWS WAF provides prebuilt security rules that help control bot traffic and block attack patterns. You can also create your own rules based on your own requirements. In simple scenarios and for smaller applications, this is very easy to implement on an individual basis. However, in larger environments with tens or even hundreds of applications, it is advisable to aim for central governance and automation. This simple solution helps you deploy, update and stage your Web Application Firewalls while managing them centrally via AWS Firewall Manager.



![Example Deployment](./static/example-deployment.gif "Example Deployment")



## 🎬 Media



If you want to learn more about the AWS Firewall Factory feel free to look at the following media resources.



- [πŸ“Ί Webinar: Web Application Firewalls at Scale - Language: πŸ‡©πŸ‡ͺ](https://globaldatanet.com/webinars/aws-security-with-security-in-the-cloud)

- [πŸ“Ί Webinar: Managing AWS Web Application Firewalls at Scale - Language: πŸ‡ΊπŸ‡Έ](https://globaldatanet.com/webinars/managing-aws-web-application-firewalls-at-scale)

- [πŸ“Ί Webinar: Secure Serverless Applications against OWASP TOP 10 in 5 mins - Language: πŸ‡ΊπŸ‡Έ](https://serverless-summit.io/)

- [πŸ“Š Slides: Managing AWS Web Application Firewalls at Scale - Language: πŸ‡ΊπŸ‡Έ](https://docs.google.com/presentation/d/1jE_DmNk0cCc1XM8eBYPM2za0pzGyg9Lv/edit?usp=sharing&ouid=115444461121738087344&rtpof=true&sd=true)

- Secure Serverless Applications against OWASP TOP 10 in 5 Minutes - Language: πŸ‡ΊπŸ‡Έ

  - [πŸ“Š Slides](https://docs.google.com/file/d/1YJCfTt8ILa2R9n23fHDFLpfLhTwhB4ea/edit?filetype=mspresentation) - [πŸ“Ί Video](https://www.youtube.com/watch?v=jrYpr0DLKfo)



#### πŸ”— Useful Links



- [πŸ¦πŸ€– Twitter Bot to get Notified for Managed Rules Updates](https://twitter.com/AWSMgMtRulesBot)

- [🏫 AWS WAF Workshop](https://catalog.us-east-1.prod.workshops.aws/workshops/c2f03000-cf61-42a6-8e62-9eaf04907417/en-US/02-custom-rules)

## πŸ—ΊοΈ Architecture



![Architecture](./static/AWSFIREWALLMANAGER.png "Architecture")



## πŸ§ͺ Tests

|  Test | Status  |

|---|---|

|  CodeQL | ![CodeQL](https://github.com/globaldatanet/aws-firewall-factory/actions/workflows/github-code-scanning/codeql/badge.svg?branch=master)  |

|  Linting | ![linting](https://github.com/globaldatanet/aws-firewall-factory/actions/workflows/linting.yml/badge.svg?branch=master)  |

|  WAF Deployment - Only Managed Rule Groups  | ![onlyManagedRuleGroups](https://github.com/globaldatanet/aws-firewall-factory/actions/workflows/waf_test_onlymanagedrulegroups.yml/badge.svg?branch=master)  |

|  WAF Deployment - Only Managed Rule Groups with Excludes | ![rateBasedwithScopeDown](https://github.com/globaldatanet/aws-firewall-factory/actions/workflows/waf_test_onlymanagedrulegroupsWithExcludes.yml/badge.svg?branch=master)  |

|  WAF Deployment - IpSets | ![IpSets](https://github.com/globaldatanet/aws-firewall-factory/actions/workflows/waf_test_ipSets.yml/badge.svg?branch=master)   |

|  WAF Deployment - RegexPatternSets | ![regexPatternSets](https://github.com/globaldatanet/aws-firewall-factory/actions/workflows/waf_test_regexPatternSets.yml/badge.svg?branch=master)  |

|  WAF Deployment - RateBasedwithScopeDown | ![rateBasedwithScopeDown](https://github.com/globaldatanet/aws-firewall-factory/actions/workflows/waf_test_rateBasedwithScopeDown.yml/badge.svg?branch=master)  |



## πŸ¦ΈπŸΌβ€β™€οΈ Contributors





  




Any form of contribution is welcome. The above contributors have been officially released by globaldatanet.



### πŸ‘©β€πŸ’» Contribute



Want to contribute to **AWS FIREWALL FACTORY**? Check out the [Contribution docs](./CONTRIBUTING.md)



### πŸ‘ Supporters



[![Stargazers repo roster for @globaldatanet/aws-firewall-factory](http://bytecrank.com/nastyox/reporoster/php/stargazersSVG.php?user=globaldatanet&repo=aws-firewall-factory)](https://github.com/globaldatanet/aws-firewall-factory/stargazers)






[^1]: Optional Fields.