From e514d12e9d983e9cda3769750e8d6205228e3932 Mon Sep 17 00:00:00 2001 From: Chris Park Date: Tue, 10 Sep 2024 09:39:17 +0930 Subject: [PATCH] DO-1705: WAF - make logging enabled by default --- packages/waf/lib/waf.ts | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/packages/waf/lib/waf.ts b/packages/waf/lib/waf.ts index 1aa351c6..2597b738 100644 --- a/packages/waf/lib/waf.ts +++ b/packages/waf/lib/waf.ts @@ -79,7 +79,7 @@ export interface WebApplicationFirewallProps { postProcessCustomRules?: aws_wafv2.CfnWebACL.RuleProperty[]; /** - * Enable CloudWatch logging. Default: false + * Enable CloudWatch logging. Default: true */ enableLogging?: boolean; @@ -408,7 +408,8 @@ export class WebApplicationFirewall extends Construct { }); } - if (props.enableLogging) { + const enableLogging = props.enableLogging ?? true; + if (enableLogging) { const wafLogGroup = new LogGroup(this, `WAF-Logs-${this.web_acl.name}`, { retention: props.logRetentionDays ? props.logRetentionDays