Securing AI APIs Against Malicious Payloads with AWS WAF

Question

Pulumi · Accepted Answer

To secure AI APIs against malicious payloads with AWS Web Application Firewall (WAF), you need to create a set of rules that filter out unwanted traffic based on criteria such as IP addresses, SQL injection, body size, strings that appear in the query, user-agent header, etc.

Below is a detailed explanation and a corresponding Pulumi Python program that sets up AWS WAF with a few basic protections:

1. **AWS WAF IP Set**: This can be used to filter requests from IP addresses that you specify. You can create an IP set and specify whether AWS WAF should allow or block requests based on that set.

2. **AWS WAF Rule**: Using this, you can define specifics like which IP sets to use, what size constraints are necessary (to block overly large payloads that might be indicative of an attack), or which strings to look for within the request.

3. **AWS WAF Web ACL**: This acts as a container for the rules you define and determines the action AWS WAF takes when a rule is matched.

Here, we'll create a simple AWS WAF configuration with Pulumi that defines one IP set (where you can list IPs to whitelist or blacklist), a size constraint set to block overly large payloads, and an SQL injection match set to protect against SQL injection attacks. We'll then create a WAF Rule that uses these sets and associates everything with a Web Access Control List (Web ACL).

In the following program:

- We first import the required Pulumi AWS package.
- Set up the IP set, size constraint set, and SQL injection match set.
- Define a WAF rule to use the above sets.
- Create a Web ACL and associate the rule with it.

Please adjust the specifics like `ipSetDescriptors`, `sizeConstraints`, and `sqlInjectionMatchTuples` to match your security requirements.

```python
import pulumi
import pulumi_aws as aws

# IPSet to include IPs that are known and trusted
ip_set = aws.waf.IpSet("ipSet",
    ip_set_descriptors=[
        aws.waf.IpSetIpSetDescriptorArgs(
            type="IPV4",
            value="192.0.2.44/32",
        ),
    ])

# SizeConstraintSet to block requests that have a body over a certain size
size_constraint_set = aws.waf.SizeConstraintSet("sizeConstraintSet",
    size_constraints=[
        aws.waf.SizeConstraintSetSizeConstraintArgs(
            comparison_operator="GT",
            field_to_match=aws.waf.SizeConstraintSetSizeConstraintFieldToMatchArgs(
                type="BODY",
            ),
            size=8192,  # Size in bytes
            text_transformation="NONE",
        ),
    ])

# SQLInjectionMatchSet to filter out common SQL injection patterns
sql_injection_match_set = aws.waf.SqlInjectionMatchSet("sqlInjectionMatchSet",
    sql_injection_match_tuples=[
        aws.waf.SqlInjectionMatchSetSqlInjectionMatchTupleArgs(
            field_to_match=aws.waf.SqlInjectionMatchSetSqlInjectionMatchTupleFieldToMatchArgs(
                type="QUERY_STRING",
            ),
            text_transformation="URL_DECODE",
        ),
    ])

# A WAF Rule that combines the conditions set above
waf_rule = aws.waf.Rule("wafRule",
    metric_name="WAFRule",
    predicates=[
        aws.waf.RulePredicateArgs(
            data_id=ip_set.id,
            negated=False,  # Set to `True` to blacklist, `False` to whitelist.
            type="IPMatch",
        ),
        aws.waf.RulePredicateArgs(
            data_id=size_constraint_set.id,
            negated=False,
            type="SizeConstraint",
        ),
        aws.waf.RulePredicateArgs(
            data_id=sql_injection_match_set.id,
            negated=False,
            type="SqlInjectionMatch",
        ),
    ])

# A Web ACL that references the rule created
web_acl = aws.waf.WebAcl("webAcl",
    default_action=aws.waf.WebAclDefaultActionArgs(
        type="ALLOW",
    ),
    metric_name="WAFAcl",
    rules=[
        aws.waf.WebAclRuleArgs(
            action=aws.waf.WebAclRuleActionArgs(
                type="BLOCK",
            ),
            priority=1,
            rule_id=waf_rule.id,
        ),
    ])

# Export the Web ACL Id which might be used to associate with a REST API
pulumi.export("web_acl_id", web_acl.id)
```

This program is a starting point for securing your AI APIs. Make sure to adapt the IP lists, constraints, and conditions based on your environment, traffic patterns, and security policies. The above protection mechanisms help mitigate various common web exploits and attacks by defining a Web ACL applied to your application's entry point, typically an API Gateway or a load balancer.

Once the resources are created, don't forget to associate the Web ACL with your REST API or Resource, which is not covered in this script. Look into your API Gateway or Load Balancer settings in AWS to attach the Web ACL.