1. Answers
  2. Building an AWS WAFv2 IPSet

How do I build an AWS WAFv2 IPSet?

This guide demonstrates how to build an AWS WAFv2 IPSet. An IPSet is a collection of IP addresses that you specify to block or allow. It can be associated with WAF rules for better security management in your AWS infrastructure. Let’s start by defining and creating an IPSet resource.

import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";

const exampleIpset = new aws.wafv2.IpSet("example_ipset", {
    name: "example-ipset",
    description: "An example IPSet to block certain IP addresses",
    scope: "REGIONAL",
    ipAddressVersion: "IPV4",
    addresses: [
        "192.0.2.44/32",
        "198.51.100.0/24",
    ],
    tags: {
        Name: "example-ipset",
        Environment: "Dev",
    },
});
export const ipSetId = exampleIpset.id;

In this script, we defined an AWS provider specifying the region. We then created an aws_wafv2_ip_set resource with a name, description, scope, and IP address version. The addresses attribute includes the list of IP addresses to be included in the IPSet. Finally, we added tags for the resource and define an output to easily reference the IPSet’s ID.

In summary, we created a WAFv2 IPSet in AWS to manage allowed or blocked IP addresses in your security setup.

Deploy this code

Want to deploy this code? Sign up for a free Pulumi account to deploy in a few clicks.

Sign up

New to Pulumi?

Want to deploy this code? Sign up with Pulumi to deploy in a few clicks.

Sign up