curben
/
blog
mirror of https://gitlab.com/curben/blog
1
0
Fork 0
Code Issues Releases Wiki Activity

post(aws-waf): move usage guide to repo 

- https://gitlab.com/curben/aws-scripts
This commit is contained in:
Ming Di Leom 2021-08-22 07:43:12 +00:00
parent 2a6f2ebd2a
commit d5093b21f4
No known key found for this signature in database
GPG Key ID: 32D3E28E96A695E8
1 changed files with 0 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
source/_posts/aws-waf.md
View File

@ -12,14 +12,6 @@ I regularly need to audit my company's access control lists (ACLs) implemented i
The script is [available here](https://gitlab.com/curben/aws-scripts/-/blob/main/waf-acl.py). It currently only supports Cloudfront ACL, feel free to extend it to support regional ACL.
```
./waf-acl.py --profile {profile-name} --directory {output-dir} --original --wcu --total-wcu
```
**profile-name**: The profile name as listed in "~/.aws/credentials".
**directory**: Output directory. It will be created if not exist. Defaults to current folder.
**original**: Preserve the original ACL after conversion and save it with "-original" suffix.
## ACL schema
The underlying format of a web ACL is JSON. In this use case, I'm only concern with two keys: