From b028df35aab8145ae87d83e2391ff7116f0b94d1 Mon Sep 17 00:00:00 2001
From: Jay Whitwell <72501756+jay-whitwell@users.noreply.github.com>
Date: Tue, 5 Mar 2024 13:45:55 +0000
Subject: [PATCH] UML-3227: Count IP Reputation matches #minor (#2539)

---
 terraform/account/region/waf.tf | 29 ++++++++++++++++++++++++++---
 1 file changed, 26 insertions(+), 3 deletions(-)

diff --git a/terraform/account/region/waf.tf b/terraform/account/region/waf.tf
index c9af159a6a..0cccdd730f 100644
--- a/terraform/account/region/waf.tf
+++ b/terraform/account/region/waf.tf
@@ -8,9 +8,31 @@ resource "aws_wafv2_web_acl" "main" {
   }
 
   rule {
-    name     = "AWS-AWSManagedRulesPHPRuleSet"
+    name     = "AWS-AWSManagedRulesAmazonIpReputationList"
     priority = 0
 
+    override_action {
+      count {}
+    }
+
+    statement {
+      managed_rule_group_statement {
+        name        = "AWSManagedRulesAmazonIpReputationList"
+        vendor_name = "AWS"
+      }
+    }
+
+    visibility_config {
+      cloudwatch_metrics_enabled = true
+      metric_name                = "AWS-AWSManagedRulesAmazonIpReputationList"
+      sampled_requests_enabled   = true
+    }
+  }
+
+  rule {
+    name     = "AWS-AWSManagedRulesPHPRuleSet"
+    priority = 1
+
     override_action {
       none {}
     }
@@ -30,7 +52,7 @@ resource "aws_wafv2_web_acl" "main" {
   }
   rule {
     name     = "AWS-AWSManagedRulesKnownBadInputsRuleSet"
-    priority = 1
+    priority = 2
 
     override_action {
       none {}
@@ -51,7 +73,7 @@ resource "aws_wafv2_web_acl" "main" {
   }
   rule {
     name     = "AWS-AWSManagedRulesCommonRuleSet"
-    priority = 2
+    priority = 3
 
     override_action {
       none {}
@@ -79,6 +101,7 @@ resource "aws_wafv2_web_acl" "main" {
       sampled_requests_enabled   = true
     }
   }
+
   visibility_config {
     cloudwatch_metrics_enabled = true
     metric_name                = "${var.account_name}-web-acl"