From 2d709f830d61d01f61715b820fd70b01aac03c17 Mon Sep 17 00:00:00 2001
From: dwhite_stratiform
 <dwhite_stratiform@dwhite-stratiforms-MacBook-Pro.local>
Date: Mon, 22 Jan 2024 13:16:57 -0500
Subject: [PATCH] fixing serverless file

---
 services/ui/serverless.yml | 77 ++++++++++++++++++++------------------
 1 file changed, 40 insertions(+), 37 deletions(-)

diff --git a/services/ui/serverless.yml b/services/ui/serverless.yml
index 6003d79e05..068627a2b1 100644
--- a/services/ui/serverless.yml
+++ b/services/ui/serverless.yml
@@ -39,45 +39,48 @@ custom:
     name: ${self:service}-${self:custom.stage}-webacl
     rules:
       - enable: ${param:restrictToVpn}
-        Name: vpn-only
-        Priority: 0
-        Action:
-          Allow: {}
-        VisibilityConfig:
-          SampledRequestsEnabled: true
-          CloudWatchMetricsEnabled: true
-          MetricName: ${self:service}-${self:custom.stage}-webacl-vpn-only
-        Statement:
-          IPSetReferenceStatement:
-            ARN: ${self:custom.vpnIpSetArn}
-      - enable: ${param:restrictToVpn}
-        Name: vpn-only
-        Priority: 1
-        Action:
-          Allow: {}
-        VisibilityConfig:
-          SampledRequestsEnabled: true
-          CloudWatchMetricsEnabled: true
-          MetricName: ${self:service}-${self:custom.stage}-tmp-gh-runner
-        Statement:
-          IPSetReferenceStatement:
-            ARN: !GetAtt GitHubIPSet.Arn
+        rule:
+          Name: vpn-only
+          Priority: 0
+          Action:
+            Allow: {}
+          VisibilityConfig:
+            SampledRequestsEnabled: true
+            CloudWatchMetricsEnabled: true
+            MetricName: ${self:service}-${self:custom.stage}-webacl-vpn-only
+          Statement:
+            IPSetReferenceStatement:
+              ARN: ${self:custom.vpnIpSetArn}
       - enable: ${param:restrictToVpn}
-        Name: block-all-other-traffic
-        Priority: 3
-        Action:
-          Block:
-            CustomResponse:
-              ResponseCode: 403
-        VisibilityConfig:
-          SampledRequestsEnabled: true
-          CloudWatchMetricsEnabled: true
-          MetricName: ${self:service}-${self:custom.stage}-block-traffic
+        rule:
+          Name: github-only
+          Priority: 1
+          Action:
+            Allow: {}
+          VisibilityConfig:
+            SampledRequestsEnabled: true
+            CloudWatchMetricsEnabled: true
+            MetricName: ${self:service}-${self:custom.stage}-tmp-gh-runner
           Statement:
-            NotStatement:
-              Statement:
-                IPSetReferenceStatement:
-                  ARN: ${self:custom.vpnIpSetArn}
+            IPSetReferenceStatement:
+              ARN: !GetAtt GitHubIPSet.Arn
+      - enable: ${param:restrictToVpn}
+        rule:
+          Name: block-all-other-traffic
+          Priority: 3
+          Action:
+            Block:
+              CustomResponse:
+                ResponseCode: 403
+          VisibilityConfig:
+            SampledRequestsEnabled: true
+            CloudWatchMetricsEnabled: true
+            MetricName: ${self:service}-${self:custom.stage}-block-traffic
+            Statement:
+              NotStatement:
+                Statement:
+                  IPSetReferenceStatement:
+                    ARN: ${self:custom.vpnIpSetArn}
   firehoseStreamName: aws-waf-logs-${self:service}-${self:custom.stage}-firehose
   scripts:
     hooks: