Skip to content

Commit

Permalink
feat: waf service to support IPV6 CIDRs
Browse files Browse the repository at this point in the history
  • Loading branch information
RossMurr4y authored and kshychko committed Sep 17, 2024
1 parent d259d8c commit 61e6e24
Showing 1 changed file with 16 additions and 6 deletions.
22 changes: 16 additions & 6 deletions aws/services/waf/resource.ftl
Original file line number Diff line number Diff line change
Expand Up @@ -225,19 +225,29 @@

[#switch hamletResourceType ]
[#case AWS_WAFV2_IPSET_RESOURCE_TYPE]

[#local addresses = asFlattenedArray(
filters?map(filter ->
getWAFValueList(filter.Targets, valueSet)
)
)]

[#-- Matches on IPv6 Values, but not IPv4 --]
[#if (addresses?first)?matches(r"^.*:.*:.*\/(12[0-8]|1[01][0-9]|[1-9]?[0-9])$") ]
[#local ipversion = "IPV6"]
[#else]
[#local ipversion = "IPV4"]
[/#if]

[@cfResource
id=id
type=cfnResourceType
properties=
{
"Name": name,
"Scope" : regional?then("REGIONAL","CLOUDFRONT"),
"IPAddressVersion" : "IPV4",
"Addresses": asFlattenedArray(
filters?map(filter ->
getWAFValueList(filter.Targets, valueSet)
)
)
"IPAddressVersion" : ipversion,
"Addresses": addresses
}
/]
[#break]
Expand Down

0 comments on commit 61e6e24

Please sign in to comment.