You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
We have some outstanding tickets following investigation into AWS Shield Advanced that are not viable without a decision in place for how Cloud Platform will provide WAF services in the future:
Investigation work has proven that implementing AWS Shield Advanced WAF features requires major changes not only to CP infrastructure (ingress controllers design change and full rebuild of LBs), but also a total change of how users/services implement WAF and rules.
We need to make a decision as to whether we stick to using ModSec, or opt for Shield Advanced and commit to putting together a roadmap for introducing this major change.
This ticket exists to cover:
Having a discussion around ModSec vs Shield, and making sure that we have agreed to a firm decision on which route we take as an outcome of that discussion
Recording this decision as an ADR
The text was updated successfully, but these errors were encountered:
Background
We have some outstanding tickets following investigation into AWS Shield Advanced that are not viable without a decision in place for how Cloud Platform will provide WAF services in the future:
#5730
#5731
#6001
Investigation work has proven that implementing AWS Shield Advanced WAF features requires major changes not only to CP infrastructure (ingress controllers design change and full rebuild of LBs), but also a total change of how users/services implement WAF and rules.
We need to make a decision as to whether we stick to using ModSec, or opt for Shield Advanced and commit to putting together a roadmap for introducing this major change.
This ticket exists to cover:
The text was updated successfully, but these errors were encountered: