Skip to content

tedilabs/terraform-aws-firewall

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

Β 

History

49 Commits
.github
.github
Β 
Β 
examples
examples
Β 
Β 
modules
modules
Β 
Β 
.deepsource.toml
.deepsource.toml
Β 
Β 
.editorconfig
.editorconfig
Β 
Β 
.gitignore
.gitignore
Β 
Β 
.pre-commit-config.yaml
.pre-commit-config.yaml
Β 
Β 
.tflint.hcl
.tflint.hcl
Β 
Β 
.yamllint.yaml
.yamllint.yaml
Β 
Β 
LICENSE
LICENSE
Β 
Β 
README.md
README.md
Β 
Β 
VERSION
VERSION
Β 
Β 

Repository files navigation

terraform-aws-firewall

GitHub release (latest SemVer) GitHub pre-commit

Terraform module which creates firewall related resources on AWS.

Target AWS Services

Terraform Modules from this package were written to manage the following AWS Services with Terraform.

  • AWS FMS (Firewall Manager)
    • DNS Firewall Security Policy
  • AWS Route53 DNS Firewall
    • Firewall
    • Firewall Rule Group
    • Firewall Domain List
  • AWS VPC Network Firewall
    • Firewall
  • AWS WAF (Web Application Firewall)
    • IP Set

Usage

Route53 DNS Firewall

data "aws_vpc" "default" {
  default = true
}


###################################################
# DNS Firewall Domain List
###################################################

module "domain_list" {
  source  = "tedilabs/firewall/aws//modules/dns-firewall-domain-list"
  version = "~> 0.1.0"

  name = "example"
  domains = [
    "example1.mycompany.com.",
    "example2.mycompany.com.",
    "example3.mycompany.com.",
  ]

  tags = {
    "project" = "terraform-aws-firewall-examples"
  }
}


###################################################
# DNS Firewall Rule Group
###################################################

module "rule_group" {
  source  = "tedilabs/firewall/aws//modules/dns-firewall-rule-group"
  version = "~> 0.1.0"

  name = "block-blacklist"
  rules = [
    {
      priority    = 10
      name        = "block-example"
      domain_list = module.domain_list.id
      action      = "BLOCK"
      action_parameters = {
        response = "OVERRIDE"
        override = {
          type  = "CNAME"
          value = "404.mycompany.com."
          ttl   = 60
        }
      }
    },
  ]

  tags = {
    "project" = "terraform-aws-firewall-examples"
  }
}


###################################################
# DNS Firewall
###################################################

module "firewall" {
  source  = "tedilabs/firewall/aws//modules/dns-firewall"
  version = "~> 0.1.0"

  vpc_id            = data.aws_vpc.default.id
  fail_open_enabled = true

  rule_groups = [
    {
      priority = 200
      id       = module.rule_group.id
    },
  ]

  tags = {
    "project" = "terraform-aws-firewall-examples"
  }
}

Examples

Route53 DNS Firewall

Self Promotion

Like this project? Follow the repository on GitHub. And if you're feeling especially charitable, follow posquit0 on GitHub.

License

Provided under the terms of the Apache License.

Copyright Β© 2022-2023, Byungjin Park.

About

🌳 A sustainable Terraform Package which creates resources for Firewall Services on AWS

registry.terraform.io/modules/tedilabs/firewall/aws

Topics

aws devops terraform iac sre hacktoberfest terraform-modules aws-waf terraform-module terraform-aws hcl2 lang-hcl tedilabs aws-firewall

Resources

Readme

License

Apache-2.0 license

Code of conduct

Code of conduct

Security policy

Security policy
Activity
Custom properties

Stars

9 stars

Watchers

1 watching

Forks

2 forks
Report repository

Releases 6

v0.2.2 Latest
Dec 13, 2022
+ 5 releases

Sponsor this project

  •  
Learn more about GitHub Sponsors

Packages

No packages published

Contributors 3

  •  
  •  
  •  

Languages