Skip to content

Commit 5094495

Browse files
TOEL2TOEL2
authored
Merge branch 'main' into spike/ELI-619-caching
2 parents 15b903b + 1bdd58e commit 5094495

3 files changed

Lines changed: 14 additions & 14 deletions

File tree

infrastructure/stacks/api-layer/waf.tf

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -48,9 +48,9 @@ resource "aws_wafv2_web_acl" "api_gateway" {
4848
vendor_name = "AWS"
4949
name = "AWSManagedRulesCommonRuleSet"
5050

51-
# Override NoUserAgent_Header to count only - APIM health checks send no User-Agent
51+
# Override NoUserAgent_HEADER to count only - APIM health checks send no User-Agent
5252
rule_action_override {
53-
name = "NoUserAgent_Header"
53+
name = "NoUserAgent_HEADER"
5454
action_to_use {
5555
count {}
5656
}

infrastructure/stacks/api-layer/waf_alarms.tf

Lines changed: 4 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -197,14 +197,14 @@ resource "aws_cloudwatch_metric_alarm" "waf_all_requests_high" {
197197
)
198198
}
199199

200-
# Alarm for counted requests (NoUserAgent_Header override)
201-
# The CRS NoUserAgent_Header sub-rule is kept in COUNT to allow the API proxy healthcheck.
200+
# Alarm for counted requests (NoUserAgent_HEADER override)
201+
# The CRS NoUserAgent_HEADER sub-rule is kept in COUNT to allow the API proxy healthcheck.
202202
# This alarm alerts if count spikes unexpectedly, which could indicate rule misconfiguration
203203
# or unexpected traffic patterns hitting that override.
204204
resource "aws_cloudwatch_metric_alarm" "waf_counted_requests_monitoring" {
205205
count = local.waf_enabled ? 1 : 0
206206
alarm_name = "WAF-CountedRequests-Monitoring-${local.workspace}"
207-
alarm_description = "Monitors counted requests - expected to be low volume (healthcheck NoUserAgent_Header override only)"
207+
alarm_description = "Monitors counted requests - expected to be low volume (healthcheck NoUserAgent_HEADER override only)"
208208
comparison_operator = "GreaterThanThreshold"
209209
evaluation_periods = 1
210210
metric_name = "CountedRequests"
@@ -227,7 +227,7 @@ resource "aws_cloudwatch_metric_alarm" "waf_counted_requests_monitoring" {
227227
Name = "WAF-CountedRequests-Monitoring"
228228
Severity = "low"
229229
Environment = var.environment
230-
Purpose = "Monitor NoUserAgent_Header count override for healthcheck proxy"
230+
Purpose = "Monitor NoUserAgent_HEADER count override for healthcheck proxy"
231231
}
232232
)
233233
}

poetry.lock

Lines changed: 8 additions & 8 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

0 commit comments

Comments
 (0)