Skip to content

Commit

Permalink
DO-1705: WAF - make logging enabled by default
Browse files Browse the repository at this point in the history
  • Loading branch information
Chris Park committed Sep 10, 2024
1 parent 288d968 commit e514d12
Showing 1 changed file with 3 additions and 2 deletions.
5 changes: 3 additions & 2 deletions packages/waf/lib/waf.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -79,7 +79,7 @@ export interface WebApplicationFirewallProps {
postProcessCustomRules?: aws_wafv2.CfnWebACL.RuleProperty[];

/**
* Enable CloudWatch logging. Default: false
* Enable CloudWatch logging. Default: true
*/
enableLogging?: boolean;

Expand Down Expand Up @@ -408,7 +408,8 @@ export class WebApplicationFirewall extends Construct {
});
}

if (props.enableLogging) {
const enableLogging = props.enableLogging ?? true;
if (enableLogging) {
const wafLogGroup = new LogGroup(this, `WAF-Logs-${this.web_acl.name}`, {
retention: props.logRetentionDays
? props.logRetentionDays
Expand Down

0 comments on commit e514d12

Please sign in to comment.