Skip to content

Latest commit

 

History

History
67 lines (42 loc) · 1.48 KB

wafv2.rst

File metadata and controls

67 lines (42 loc) · 1.48 KB

WAF

List Web ACLs

aws wafv2 list-web-acls --scope REGIONAL | jq -r '.WebACLs[]|.Name'
prod-api-allow
prod-frontend-allow
prod-bots-deny
prod-testing-allow

List Rules under an Web ACL

aws wafv2 get-web-acl --name prod-frontend-allow --scope REGIONAL --id 5cf184c3-d7f0-44af-8c99-f3f08aec0267 | jq -r '.WebACL.Rules[]|.Name'
prod-allow-ip
prod-allow-build-server
prod-allow-office-network

List Resources for an Web ACL

aws wafv2 list-resources-for-web-acl --web-acl-arn arn:aws:wafv2:us-east-2:123456789:regional/webacl/prod-frontend-allow/5cf184c3-d7f0-44af-8c99-f3f08aec0267 | jq -r '.ResourceArns[]|.'
arn:aws:elasticloadbalancing:us-east-2:123456789:loadbalancer/app/k8s-backend-5cf184c3/f3f08aec0267
arn:aws:elasticloadbalancing:us-east-1:123456789:loadbalancer/app/k8s-frontend-d7f084c3/44af8aec029a

List IP Sets

aws wafv2 list-ip-sets --scope REGIONAL | jq -r '.IPSets[]|.Name'
prod-api-ipv4-set
prod-api-ipv6-set
prod-customer-ipv4-set
prod-customer-ipv6-set

List IP Addresses under an IP Set

aws wafv2 get-ip-set --scope REGIONAL --name prod-api-ipv4-set --id 7cd71356-f6df-4cef-b058-6c174eb3f23a | jq -r '.IPSet.Addresses[]|.'
103.10.127.0/24
104.154.0.0/15