AWS WAF Web ACL Rule -- programmatically get details
While adding resources to protect with AWS Shield Advanced through the console, the 'wizard' created a Web ACL rate-limiting rule, which I can see in the console under
- AWS WAF > Web ACLs > MyACL > Rules > MyRateLimitingRule
How can I get (and set) the details of that rule programmatically? I've tried using the CLI with both the waf
and wafv2
commands but neither return anything useful; the closest I've got was
aws wafv2 list-available-managed-rule-groups --scope REGIONAL
which, at least, returns the AWSManagedRulesCommonRuleSet, which is also visible, above MyRateLimitingRule. Can the CLI return what I need or is there another way to get these details (a Python script going to the API perhaps)?
Solution 1:
This script gives the required response (Bash, AWS CLI, JQ)
#!/bin/bash
web_acl_id () {
aws wafv2 list-web-acls\
--scope REGIONAL |
jq -r ".WebACLs [] |
select (.Name == \"$web_acl_name\") |
.Id"
}
web_acl_rule () {
aws wafv2 get-web-acl\
--name $web_acl_name\
--scope REGIONAL\
--id $(web_acl_id) |
jq ".WebACL.Rules [] |
select (.Name == \"$web_acl_rule_name\")"
}
web_acl_name=MyACL
web_acl_rule_name=MyRateLimitingRule
web_acl_rule