Is there a way to create a WAFv2 from a Terraform script?

Question

Using Terraform script I built a WAFv1 infrastructure component on AWS, but now I want to Build WAFv2 infrastructure using Terraform script.

Any suggestion would be appreciated!

Answer 1

Here providing an example of the WAFv2 with a rate limit rule and the association with an ALB:

resource "aws_wafv2_web_acl" "my_web_acl" {

  name  = "my-web-acl"

  scope = "REGIONAL"

  default_action {

    allow {}

  }

  rule {

    name     = "RateLimit"

    priority = 1

    action {

      block {}

    }

    statement {

      rate_based_statement {

        aggregate_key_type = "IP"

        limit              = 500

      }

    }

    visibility_config {

      cloudwatch_metrics_enabled = true

      metric_name                = "RateLimit"

      sampled_requests_enabled   = true

    }

  }

  visibility_config {

    cloudwatch_metrics_enabled = false

    metric_name                = "my-web-acl"

    sampled_requests_enabled   = false

  }

}

resource "aws_wafv2_web_acl_association" "web_acl_association_my_lb" {

  resource_arn = aws_lb.my_lb.arn

  web_acl_arn  = aws_wafv2_web_acl.my_web_acl.arn

}

Do Check out the AWS Certification Course offered by Intellipaat.