Can Cloudwatch alarm trigger WAF for ALB?

0

Is it possible to automatically trigger WAF on an ALB if a certain condition is met on a CloudWatch alarm? And also turn it off again, if condition not met anymore (based status change on alarm).

When I'm editing an alarm on CloudWatch, there is only Lambda/Auto Scaling/Ec2 Action/System Manager, but nothing about such use case. Would I have to create a lambda function?

Ty.

3 Respostas
1
Resposta aceita

There is no direct integration between CloudWatch alarms and WAF, so you need a Lambda function as an intermediary. Set up a CloudWatch alarm for your specific condition, then create a Lambda function capable of modifying WAF rules or WebACL associations. Use EventBridge to trigger this Lambda function when the alarm state changes. The Lambda function will check the alarm state and, based on that, it can associate or dissociate the WebACL to or from the ALB accordingly.

AWS
respondido há 2 meses
profile picture
ESPECIALISTA
avaliado há 2 meses
1

Hello, please take a look at this blog post (plus associated sample code) - this might take some of the heavy lifting out of what you're trying to do. https://aws.amazon.com/blogs/networking-and-content-delivery/how-to-dynamically-adapt-your-response-to-changing-threat-levels-using-aws-waf/

AWS
ESPECIALISTA
respondido há 2 meses
1

Hi, please note that in the answer above the statement "Use EventBridge to trigger this Lambda function when the alarm state changes" is not mandatory: you can invoke a Lambda function directly from the alarm, without the need to go through EventBridge. How you invoke the Lambda function is your choice: a direct integration between the alarm and the Lambda simplifies the architecture at the tradeoff of simply having to manage alarm permissions more granularly.

profile pictureAWS
respondido há 2 meses

Você não está conectado. Fazer login para postar uma resposta.

Uma boa resposta responde claramente à pergunta, dá feedback construtivo e incentiva o crescimento profissional de quem perguntou.

Diretrizes para responder a perguntas