There are codes and file about article of "How to secure our resources from DDoS attacks with AWS WAF & Shield?". To see the article of aws-waf.
In this article, we will learn in detail about WAF, DDoS attacks, and Amazon WAF & Shield.
We will create the necessary environment for WAF test. For this, we will build an Application consisting of Static Web Server (EC2 instance), Load Balancer, Target Group. We will mitigate an application layer DDoS attack on the web server that we build, by defining rules and then by creating rule groups with defined rules and later by associating them to Web ACLs, step by step.
We will create a test script and apply it on our web server that we build. Then, we will examine and analyze the output on AWS WAF dashboard charts and CloudWatch.
Topics we will cover:
-
What is WAF ?
-
AWS WAF & Shield
-
DDoS Attacks
-
How to mitigate DDoS attacks?
-
Mitigating attacks using AWS Shield Standart
5.1. Creating Rule Groups and Rule
5.2. Creating Web ACLs
-
Test to web ACL
6.1. Create a web application
6.2. Build an Application (Static Web Server, ALB, Target Group)
-
2.1. Create an Apache Web Server with a static website at EC2 console
-
2.2. Create a Target group
-
2.3. Create Application Load Balancers (ALB)
-
Control The Application that we created
-
Create the test script
-
Notice the output
-
AWS WAF Dashboard Charts
-
Subscribe to Shield Advanced
-
As a result
-
Next post
-
References
You can build the following environment with cloudformation template to perform the tests mentioned in the article.
aws-waf repository root folder and terraform template folder contents are below:
- user-data.sh : If you create manually instance, to use in user-data.
- ddostest.sh : In order to create the test script.
- cfn-template.yaml : In order to create an environment with CloudFormation Template.
-
Create manually this enviroment above on your cloud provider. For this, follow the commands in item: "6.2. Build an Application (Static Web Servers, ALB, Target Group)" in the article.
-
Or build with CloudFormation
This CloudFormation Template creates Application Load Balancer with Auto Scaling Group of Amazon Linux 2 (XXXXXXXXXXXXX) EC2 Instances which host Python Flask Web Application. EC2 instances are placed within WebServerSecurityGroup which allows http (80) connections only from ALBSecurityGroup, and allows tcp(3306) connections only within itself. RDS DB instance is placed within WebServerSecurityGroup so that Database Server can communicate with Web Servers. Application Load Balancer is placed within ALBSecurityGroup which allows http (80) connections from anywhere. WebServerASG Auto Scaling Group is using the WebServerLT Launch Template in order to spin up instances needed. WebServerLT Launch Template is configured to prepare Python Flask environment on EC2.
This deployment can be deployed to an AWS environment. AWS account is required to run this deployment. Use the following link to create an access key and a secret access key.
Git are reqired for this deployment.
- To install Git, go to the Git website.
- Clone the repo and go to the deployment directory.
git clone https://github.com/cmakkaya/aws-waf
cd cfn-template/
-
Change your key file path and your key name in cfn-template.yaml file correctly!
-
Connect to AWS console.
Choose region as us-east-1.
Choose CloudFormation service
click on Create stack button
Choose Template is ready
Choose Upload a template file
click on "Choose file" and then choose cfn-template.yaml in your local host.
click on Next button
Enter Stack name whatever you want
Choose your KeyName
Choose your MyVPC
Choose your Subnets
click on Next button
There isn't changing in page and click on Next button
Control the information in page and click on Submit button and wait buildig your environment.
- Follow the commands in the article.
If the step 3 (Building cloudformation template) fails, see fail code in "Events", you try to correct fail then run templete once again. If it keeps failing save the output logs and reach out to me on Github.
- If the deployment is not needed anymore, run the following command to delete the deployment. Enter yes when prompted.
Choose your "stack", and click on "delete stack"
- ๐ LinkedIn
- โ๏ธ Medium Articles
- ๐ GitHub
- ๐ GitLab
- โ๏ธ Wordpress Articles
- ๐ข Portfolio/Resume Page
- ๐บ YouTube
-
- AWS 2021 โ AWS Shield: Automated layer 7 DDoS mitigation https://www.youtube.com/watch?v=T3kqljTLR50
-
- Chapter 6. Fundamental Cloud Security, Page:9. https://dokumen.tips/documents/chapter-6-fundamental-cloud-chapter-6-fundamental-cloud-security-61-basic-terms.html?page=9