From b22baa19999dbb9fecc2ac2498d7669353325eb9 Mon Sep 17 00:00:00 2001 From: Ming Di Leom <2809763-curben@users.noreply.gitlab.com> Date: Sun, 15 Aug 2021 08:06:18 +0000 Subject: [PATCH] fix: move aws scripts to curben/aws-scripts repo --- source/_posts/aws-waf-wcu.md | 2 +- source/_posts/aws-waf.md | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/source/_posts/aws-waf-wcu.md b/source/_posts/aws-waf-wcu.md index 4897f60..3dcb446 100644 --- a/source/_posts/aws-waf-wcu.md +++ b/source/_posts/aws-waf-wcu.md @@ -10,7 +10,7 @@ As part of my {% post_link aws-waf 'routine review' %} of my company's [AWS WAF] While individual and total WCU are shown during ACL creation/modification on the management console, a read-only role could only check the total WCU. It may be possible to use `CheckCapacity` [CLI](https://docs.aws.amazon.com/cli/latest/reference/wafv2/check-capacity.html) or [API](https://docs.aws.amazon.com/waf/latest/APIReference/API_CheckCapacity.html) by separating each rule as an ACL, but that'll involve excessive (online) API calls. -I further improved my script [waf-acl.py](/files/20210627/waf-acl.py) by implementing _offline_ WCU calculation. While the [AWS docs](https://docs.aws.amazon.com/waf/latest/developerguide/waf-rule-statements-list.html) has a complete list of WCU of each match statement, I find the text transformation part is not clear enough. +I further improved my script [waf-acl.py](https://gitlab.com/curben/aws-scripts/-/blob/main/waf-acl.py) by implementing _offline_ WCU calculation. While the [AWS docs](https://docs.aws.amazon.com/waf/latest/developerguide/waf-rule-statements-list.html) has a complete list of WCU of each match statement, I find the text transformation part is not clear enough. > For each Text transformation that you apply, add 10 WCUs. diff --git a/source/_posts/aws-waf.md b/source/_posts/aws-waf.md index b192ef6..ac14d8d 100644 --- a/source/_posts/aws-waf.md +++ b/source/_posts/aws-waf.md @@ -10,7 +10,7 @@ tags: I regularly need to audit my company's access control lists (ACLs) implemented in [AWS WAF](https://aws.amazon.com/waf/), as part of my job. Each ACL can be more than a thousand lines which is practically impossible to read. I wrote a script that downloads and summarises the ACLs into human-readable format; each one-thousand-line behemoth is transformed into a fifty-line summary that I can _actually_ audit. -The script is [available here](/files/20210627/waf-acl.py). It currently only supports Cloudfront ACL, feel free to extend it to support regional ACL. +The script is [available here](https://gitlab.com/curben/aws-scripts/-/blob/main/waf-acl.py). It currently only supports Cloudfront ACL, feel free to extend it to support regional ACL. ``` ./waf-acl.py --profile {profile-name} --directory {output-dir} --original --wcu --total-wcu