Reputation: 1606
How to integrate a large blacklist with AWS WAF
I'm following this example to filter incoming traffic from IP address ranges in a JSON file, using AWS WAF. The WAF file size-limit is 10,000 entries, and there is a max capacity of 500 WAF rules.
I would like to block a very large number of IP address ranges using AWS WAF - somewhere in the region of 500+ million. My initial thoughts are to store the entries in a database, and integrate the database with WAF. Is this possible, and if not, is there an alternative? There doesn't seem to be any recommended architecture for this in the AWS docs.
Upvotes: 2
Views: 674
Answers (1)
Reputation: 301
AWS WAF can block specific CIDR range. Is all IP address in /32? If not, probably a lot easier to maintain this. Can probably use DynamoDB to maintain the list, then use lambda to fetch and update the IP set in WAF.
Upvotes: 1
Related Questions
- How to add the lambda on WAF accept origin
- AWS WAF: How to make custom response code with managed rules for block actions
- AWS Layer 7 firewall to block http flood
- How to whilelist specific IP addresses from AWS WAF
- AWS WAF with IP restriction
- AWS WAF IP blacklisting and Rate limiting
- AWS WAF Pricing For Blocked Requests?
- AWS WAF How to rate limit path by IP below the minimum of 2000 requests/minute
- Ability to whitelist AWS Lambda function with WAF or run Lambda in a VPC
- AWS WAF update ip sets and rules specific to a region from lambda