private void GetWafResources(WafOptions wafOption, out Amazon.CDK.CfnResource apiGatewayDeploymentStage, out string apiGatewayArn, out string scope, out bool cloudWatchMetricsEnabled, out bool sampledRequestsEnabled)
{
// Locate Api Gateway, and from it gets its deployment stage and ARN
var apiGateway = LocateApiGateway(wafOption.AssociatedApiGatewayId, $"The Api Gateway {wafOption.AssociatedApiGatewayId} could not be found for the waf {wafOption.Id}.");
apiGatewayDeploymentStage = apiGateway.DeploymentStage.Node.FindChild("Resource") as Amazon.CDK.CfnResource;
apiGatewayArn = $"arn:aws:apigateway:{AwsCdkHandler.Region}::/restapis/{apiGateway.RestApiId}/stages/{apiGateway.DeploymentStage.StageName}";
// Parse scope
scope = string.IsNullOrWhiteSpace(wafOption.Scope) ? "REGIONAL" : wafOption.Scope;
// Parse CloudWatchMetricsEnabled
cloudWatchMetricsEnabled = wafOption.CloudWatchMetricsEnabled ?? true;
// Parse SampledRequestsEnabled
sampledRequestsEnabled = wafOption.SampledRequestsEnabled ?? true;
}
public static int RunWafAndReturnExitCode(WafOptions opts)
{
string filter = "*.txt";
IEnumerable <string> files = Directory.EnumerateFiles(opts.SearchDirectory, filter);
var firewallEntries = files.AsParallel().SelectMany(path => GetFirewallTable(path)).Where(entry => entry.HasValue).Select(entry => entry.Value);
foreach (var entry in firewallEntries)
{
if (entry.BlockedCount > 10)
{
Console.WriteLine(Properties.Resources.CsfRuleTemplate, entry.Ip.ToString(), entry.CountyCode.EnglishName, entry.BlockedCount);
}
}
return(0);
}
