Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat(type-safe-api): expose managed rule props to allow consumers to … #712

Merged
merged 4 commits into from
Mar 4, 2024
Merged

feat(type-safe-api): expose managed rule props to allow consumers to … #712

merged 4 commits into from
Mar 4, 2024

Conversation

mirgj
Copy link
Contributor

@mirgj mirgj commented Mar 4, 2024

Fixes # NA

This PR introduce the ability to modify the Waf managed rule set provided by the consumers in order to allow customisations that include, for example, the ability to change the individual rule behaviour inside a ruleset.

A common example is related to the AWSManagedRulesCommonRuleSet which has a strict rule named SizeRestrictions_BODY that allow only 8Kb body payload. With the current implementation provided by PDK the only option we have is to either disable Waf altogether or add a different rule set to override the default behaviour. The interface provided by type safe api doesn't provide the ability to modify the ruleset rules.

With this change, consumers can override individual rules in the ruleset as the entire CDK interface is shared to the consumer.

In order to have backwards compatibility this PR keep the usage of both vendor and vendorName properties. In future PDK iterations it's suggested to remove vendor to keep only vendorName using the default interface provided by CDK

cogwirrel
cogwirrel approved these changes Mar 4, 2024
View reviewed changes
Copy link
Member

@cogwirrel cogwirrel left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks great, thank you! Just a couple of minor nit-picks :)

packages/type-safe-api/src/construct/waf/open-api-gateway-web-acl.ts Outdated Show resolved Hide resolved
packages/type-safe-api/src/construct/waf/types.ts Outdated Show resolved Hide resolved
@cogwirrel cogwirrel merged commit 54dc450 into aws:mainline Mar 4, 2024
3 checks passed
@cogwirrel cogwirrel mentioned this pull request Sep 17, 2024
Closed
2 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@cogwirrel cogwirrel cogwirrel approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@mirgj @cogwirrel