Skip to content

Commit

Permalink
Fixed description typo, and modified the sql injection rule creation …
Browse files Browse the repository at this point in the history 
…and xss detection rule creation to deal with a bug since 0.9.6 and present in 0.9.11 -- see here: hashicorp/terraform-provider-aws#1107
  • Loading branch information
@ventz
ventz committed Jul 11, 2017
1 parent 03c6075 commit 325b37d
Show file tree
Hide file tree
Showing 4 changed files with 14 additions and 6 deletions.
6 changes: 1 addition & 5 deletions .template.main.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -19,22 +19,18 @@
# see: 'Change this line' #
###########################
provider "aws" {
# Change this line:
# *** Change ONLY THIS LINE: ***
shared_credentials_file = "/Users/user/.aws/credentials"
region = "${var.aws_region}"
}

variable "customer" {
description = "[REQUIRED] Customer/Project Name (max 15 characters):"

# Change this line:
default = "cerboXYZcerbo"
}

variable "CloudFrontAccessLogBucket" {
description = "[REQUIRED] CDN S3 Logs Bucket:"

# Change this line:
default = "cerboZYXcerbo"
}
###############################################################################
Expand Down
2 changes: 1 addition & 1 deletion solutionhelper.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -17,7 +17,7 @@
resource "aws_lambda_function" "SolutionHelper" {
depends_on = ["aws_s3_bucket_object.SolutionHelperZip"]
function_name = "${var.customer}-SolutionHelper-${element(split("-",uuid()),0)}"
descripton = "This lambda function executes generic common tasks to support this solution."
description = "This lambda function executes generic common tasks to support this solution."
role = "${aws_iam_role.SolutionHelperRole.arn}"
handler = "log-parser.lambda_handler"
#s3_bucket = "solutions-${var.aws_region}"
Expand Down
6 changes: 6 additions & 0 deletions wafsqlinjectiondetection.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -21,36 +21,42 @@ resource "aws_waf_sql_injection_match_set" "WAFSqlInjectionDetection" {
text_transformation = "URL_DECODE"
field_to_match {
type = "QUERY_STRING"
data = "none"
}
}
sql_injection_match_tuples {
text_transformation = "HTML_ENTITY_DECODE"
field_to_match {
type = "QUERY_STRING"
data = "none"
}
}
sql_injection_match_tuples {
text_transformation = "URL_DECODE"
field_to_match {
type = "BODY"
data = "none"
}
}
sql_injection_match_tuples {
text_transformation = "HTML_ENTITY_DECODE"
field_to_match {
type = "BODY"
data = "none"
}
}
sql_injection_match_tuples {
text_transformation = "URL_DECODE"
field_to_match {
type = "URI"
data = "none"
}
}
sql_injection_match_tuples {
text_transformation = "HTML_ENTITY_DECODE"
field_to_match {
type = "URI"
data = "none"
}
}
}
6 changes: 6 additions & 0 deletions wafxssdetection.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -20,36 +20,42 @@ resource "aws_waf_xss_match_set" "WAFXssDetection" {
text_transformation = "URL_DECODE"
field_to_match {
type = "QUERY_STRING"
data = "none"
}
}
xss_match_tuples {
text_transformation = "HTML_ENTITY_DECODE"
field_to_match {
type = "QUERY_STRING"
data = "none"
}
}
xss_match_tuples {
text_transformation = "URL_DECODE"
field_to_match {
type = "BODY"
data = "none"
}
}
xss_match_tuples {
text_transformation = "HTML_ENTITY_DECODE"
field_to_match {
type = "BODY"
data = "none"
}
}
xss_match_tuples {
text_transformation = "URL_DECODE"
field_to_match {
type = "URI"
data = "none"
}
}
xss_match_tuples {
text_transformation = "HTML_ENTITY_DECODE"
field_to_match {
type = "URI"
data = "none"
}
}
}

0 comments on commit 325b37d

Please sign in to comment.