Class CcCloudfrontWaf

CloudKitect CloudFront WAF Component, by default this WAF enables the following AWS managed WAF Rules

  • AWSManagedRulesCommonRuleSet
  • AWSManagedRulesAmazonIpReputationList
  • AWSManagedRulesKnownBadInputsRuleSet
  • AWSManagedRulesAnonymousIpList
  • AWSManagedRulesSQLiRuleSet

Default Alarms

Examples

Default Usage

new CcCloudfrontWaf(this, "LogicalId", {});

Custom Configuration

new CcCloudfrontWaf(this, "LogicalId", {
   ccDoNotAddAnonymousIpWafRules: true
});

Compliance

It addresses the following compliance requirements, when used with CloudFront Distribution

PCI, HIPAA, APRA, MAS, NIST4

Hierarchy

Constructors

constructor

Properties

cloudFrontRules webAcl

Methods

getLoggingConfig

Constructors

constructor

Properties

Private Readonly cloudFrontRules

cloudFrontRules: WafManagedRule[] = ...

Readonly webAcl

webAcl: CfnWebACL

Exposing Web ACL for clients

Methods

getLoggingConfig

  • getLoggingConfig(id, wafArn): CfnLoggingConfiguration

  • Parameters

    • id: string
    • wafArn: string

    Returns CfnLoggingConfiguration

Settings

Member Visibility

Theme

On This Page

Generated using TypeDoc