- 新しい順
- 投票が多い順
- コメントが多い順
There is no direct integration between CloudWatch alarms and WAF, so you need a Lambda function as an intermediary. Set up a CloudWatch alarm for your specific condition, then create a Lambda function capable of modifying WAF rules or WebACL associations. Use EventBridge to trigger this Lambda function when the alarm state changes. The Lambda function will check the alarm state and, based on that, it can associate or dissociate the WebACL to or from the ALB accordingly.
Hello, please take a look at this blog post (plus associated sample code) - this might take some of the heavy lifting out of what you're trying to do. https://aws.amazon.com/blogs/networking-and-content-delivery/how-to-dynamically-adapt-your-response-to-changing-threat-levels-using-aws-waf/
Hi, please note that in the answer above the statement "Use EventBridge to trigger this Lambda function when the alarm state changes" is not mandatory: you can invoke a Lambda function directly from the alarm, without the need to go through EventBridge. How you invoke the Lambda function is your choice: a direct integration between the alarm and the Lambda simplifies the architecture at the tradeoff of simply having to manage alarm permissions more granularly.
関連するコンテンツ
- 質問済み 3ヶ月前
- AWS公式更新しました 1ヶ月前
- AWS公式更新しました 2ヶ月前
- AWS公式更新しました 3年前