Skip to content

[Refactor] 비용 최적화를 위한 기존 WAF 규칙 삭제 Prod 적용#212

Merged
lvalentine6 merged 2 commits intomainfrom
develop
Oct 28, 2025
Merged

[Refactor] 비용 최적화를 위한 기존 WAF 규칙 삭제 Prod 적용#212
lvalentine6 merged 2 commits intomainfrom
develop

Conversation

@lvalentine6
Copy link
Member

@lvalentine6 lvalentine6 commented Oct 28, 2025
edited by coderabbitai bot
Loading

✨ 개요

  • 비용 최적화를 위한 기존 WAF 규칙 삭제를 프로덕션에 적용합니다.

🧾 관련 이슈

#211

🔍 참고 사항 (선택)

Summary by CodeRabbit

릴리스 노트

  • Chores
    • 웹 애플리케이션 방화벽 구성을 간소화했습니다. 일부 보안 규칙 설정이 정리되어 전체 보안 정책이 더욱 효율적으로 작동하도록 개선되었습니다.

@coderabbitai
Copy link

coderabbitai bot commented Oct 28, 2025
edited
Loading

Caution

Review failed

The pull request is closed.

개요

AWS WAFv2 웹 ACL에서 5개의 규칙 블록 제거(Rate-Limit-Rule, AWS-Managed-Known-Bad-Inputs-Rule-Set, AWSManagedRulesAmazonIpReputationList, AWSManagedRulesAnonymousIpList, AWSManagedRulesSQLiRuleSet). 남은 규칙과 설정은 유지됨.

변경사항

코호트 / 파일 변경 요약
WAFv2 규칙 제거
terraform/common/waf/main.tf		 5개의 WAF 규칙 블록 삭제: Rate-Limit-Rule(비율 기반), AWS-Managed-Known-Bad-Inputs-Rule-Set, AWSManagedRulesAmazonIpReputationList, AWSManagedRulesAnonymousIpList, AWSManagedRulesSQLiRuleSet. 각 규칙의 statement, override/visibility 설정 및 metric 설정 제거. AWS-Managed-Core-Rule-Set과 최종 visibility_config는 유지.

예상 코드 리뷰 소요 시간

🎯 2 (단순) | ⏱️ ~10분

  • 제거된 규칙들이 의도된 삭제인지 확인 필요
  • 다른 리소스나 정책에서 이 규칙들에 대한 의존성 여부 검토
  • 남은 규칙들의 설정이 정상 작동하는지 검증

🐰 다섯 개 규칙이 사라지고,
웹 보안은 더 간결해졌네,
AWS 관리 핵심은 여전히 튼튼하고,
불필요한 것들을 내려놓으니,
설정도 마음도 가벼워졌어! ✨

✨ Finishing touches
🧪 Generate unit tests (beta)
  • Create PR with unit tests
  • Post copyable unit tests in a comment
  • Commit unit tests in branch develop
📜 Recent review details

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 3e42ddb and 26b0da1.

📒 Files selected for processing (1)
  • terraform/common/waf/main.tf (0 hunks)

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands and usage tips.

@github-actions github-actions bot requested a review from leegwichan October 28, 2025 18:14
@lvalentine6 lvalentine6 merged commit 05516ed into main Oct 28, 2025
13 of 15 checks passed
@github-actions
Copy link

github-actions bot commented Oct 28, 2025

📄 Terraform Plan Summary

🛡️ Common Infrastructure

  ~ update in-place
  ~ resource aws_lb_target_group common {
Plan: 0 to add, 1 to change, 0 to destroy.

Status: 🔄 Changes Detected

🚀 Production Environment


No plan summary

Status: ✅ No Changes

📋 Full Results: View in Actions

@sonarqubecloud
Copy link

sonarqubecloud bot commented Oct 28, 2025

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

@github-actions
Copy link

github-actions bot commented Oct 28, 2025

🎉 This PR is included in version 1.9.3 🎉

The release is available on GitHub release

Your semantic-release bot 📦🚀

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@leegwichan leegwichan Awaiting requested review from leegwichan

Assignees

@lvalentine6 lvalentine6

Labels

released

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@lvalentine6