creator/Anthropic-Cybersecurity-Skills
1
0
Fork 0
mirror of https://github.com/mukul975/Anthropic-Cybersecurity-Skills.git synced 2026-06-12 06:04:56 +03:00
Code Issues Packages Projects Releases Wiki Activity
Files
d5f3fa32486ea335db802d68fe2147fa2da69583
Anthropic-Cybersecurity-Skills/skills/securing-api-gateway-with-aws-waf/references/api-reference.md
T
mukul975 27c6414ca5 Add folder anatomy (scripts/agent.py + references/api-reference.md) for 648 cybersecurity skills 
Complete skill folder anatomy across all cybersecurity skills:
- scripts/agent.py: 80-150 line Python agents using real libraries (impacket,
  boto3, azure-mgmt-*, kubernetes, pefile, yara, scapy, shodan, stix2, etc.)
- references/api-reference.md: real API documentation with method signatures
- LICENSE: MIT license for all skill folders
2026-03-10 21:02:12 +01:00

57 lines
2.3 KiB
Markdown
Raw Blame History

# API Reference: Securing API Gateway with AWS WAF
## boto3 WAFv2 Client
### Installation
```bash
pip install boto3
```
### Client Initialization
```python
client = boto3.client("wafv2", region_name="us-east-1")
```
### Key Methods
| Method | Description |
|--------|-------------|
| `create_web_acl()` | Create a new Web ACL with rules and default action |
| `update_web_acl()` | Modify rules, requires `LockToken` for optimistic concurrency |
| `get_web_acl()` | Retrieve full Web ACL configuration and lock token |
| `list_web_acls()` | List all Web ACLs in a scope (REGIONAL or CLOUDFRONT) |
| `associate_web_acl()` | Attach Web ACL to API Gateway, ALB, or AppSync |
| `get_sampled_requests()` | Retrieve sampled requests for a specific rule metric |
| `get_rate_based_statement_managed_keys()` | Get IPs currently rate-limited |
| `put_logging_configuration()` | Configure WAF logging to Firehose/S3 |
| `list_resources_for_web_acl()` | List resources associated with a Web ACL |
### Managed Rule Groups
| Rule Group | Protection |
|-----------|------------|
| `AWSManagedRulesCommonRuleSet` | OWASP Top 10 common attacks |
| `AWSManagedRulesSQLiRuleSet` | SQL injection patterns |
| `AWSManagedRulesKnownBadInputsRuleSet` | Known bad request patterns |
| `AWSManagedRulesAmazonIpReputationList` | Malicious IP blocking |
| `AWSManagedRulesBotControlRuleSet` | Bot detection and management |
### Rate-Based Rule Parameters
| Parameter | Type | Description |
|-----------|------|-------------|
| `Limit` | int | Max requests per 5-minute window (min: 100) |
| `AggregateKeyType` | str | `IP` or `FORWARDED_IP` |
| `ScopeDownStatement` | dict | Optional filter to scope rate limiting |
### CloudWatch Metrics (Namespace: AWS/WAFV2)
| Metric | Description |
|--------|-------------|
| `AllowedRequests` | Requests allowed by WAF |
| `BlockedRequests` | Requests blocked by WAF |
| `CountedRequests` | Requests matched in Count mode |
| `PassedRequests` | Requests not matching any rule |
## References
- boto3 WAFv2 docs: https://boto3.amazonaws.com/v1/documentation/api/latest/reference/services/wafv2.html
- AWS WAF Developer Guide: https://docs.aws.amazon.com/waf/latest/developerguide/
- AWS Managed Rules list: https://docs.aws.amazon.com/waf/latest/developerguide/aws-managed-rule-groups-list.html
Reference in New Issue View Git Blame Copy Permalink