Channels
announcements
automation-api
aws
azure
blog-posts
built-with-pulumi
cloudengineering
cloudengineering-support
content-share
contribex
contribute
docs
dotnet
finops
general
getting-started
gitlab
golang
google-cloud
hackathon-03-19-2020
hacktoberfest
install
java
jobs
kubernetes
learn-pulumi-events
linen
localstack
multi-language-hackathon
office-hours
oracle-cloud-infrastructure
plugin-framework
pulumi-cdk
pulumi-crosscode
pulumi-deployments
pulumi-kubernetes-operator
pulumi-service
pulumiverse
python
registry
status
testingtesting123
testingtesting321
typescript
welcome
workshops
yaml
Powered by LinenTitle
c
chilly-photographer-60932
02/02/2019, 5:44 PMI am trying to create a global
wafawsfunction wafRuleToAllowIpAddress(ipCIDRBlock: string, name: string) {
const aws_waf_ipset_ipset = new aws.waf.IpSet("ipset", {
ipSetDescriptors: [
{
type: "IPV4",
value: ipCIDRBlock
}
],
name: "tfIPSet"
});
const aws_waf_rule_wafrule = new aws.waf.Rule(
"wafrule",
{
metricName: "tfWAFRule",
name: "tfWAFRule",
predicates: [
{
dataId: aws_waf_ipset_ipset.id,
negated: false,
type: "IPMatch"
}
]
},
{ dependsOn: [aws_waf_ipset_ipset] }
);
return aws_waf_rule_wafrule;
}CloudfrontcloudfrontWhat am I doing wrong?
When I try to use this use with in the cloudfront webaclid. I run into this error
error updating CloudFrontDistribution (asdasdasd): InvalidWebACLId: Web ACL is not accessible by the requester.
status code: 400, request id: 895bdefa-2710-11e9-9f38-5156e40a13f9I am able to see the web acl is created in a region when I look at the aws console.
@white-balloon-205 @gorgeous-egg-16927 Could either of you help with this?
w
white-balloon-205
02/04/2019, 10:52 PMHonestly I'm not an expert on WAF.
It's possible that you need to stand up the WAF resources in the
us-east-1new aws.Provider({ region: "us-east-1"})aws.wafaws.wafregionalc
chilly-photographer-60932
02/05/2019, 2:36 PM@white-balloon-205 Thanks, will put out sample code so that it will help you