hoping to fix syntax

Enterprise-CMCS · Jan 16, 2024 · 5771706 · 5771706
1 parent 3644e9e
commit 5771706
Showing 1 changed file with 52 additions and 55 deletions.
diff --git a/services/ui/serverless.yml b/services/ui/serverless.yml
@@ -39,64 +39,61 @@ custom:
     name: ${self:service}-${self:custom.stage}-webacl
     rules:
       - enable: ${param:restrictToVpn}
-        rule:
-          Name: vpn-only
-          Priority: 0
-          Action:
-            # Block: {
-            #   "CustomResponse": {
-            #     "ResponseCode": 403
-            #   }
-            # }
-            Allow: {}
-          VisibilityConfig:
-            SampledRequestsEnabled: true
-            CloudWatchMetricsEnabled: true
-            MetricName: ${self:service}-${self:custom.stage}-webacl-vpn-only
-          Statement:
-            # NotStatement:
-              # Statement:
-            IPSetReferenceStatement:
-              ARN: ${self:custom.vpnIpSetArn}
+        Name: vpn-only
+        Priority: 0
+        Action:
+          # Block: {
+          #   "CustomResponse": {
+          #     "ResponseCode": 403
+          #   }
+          # }
+          Allow: {}
+        VisibilityConfig:
+          SampledRequestsEnabled: true
+          CloudWatchMetricsEnabled: true
+          MetricName: ${self:service}-${self:custom.stage}-webacl-vpn-only
+        Statement:
+          # NotStatement:
+            # Statement:
+          IPSetReferenceStatement:
+            ARN: ${self:custom.vpnIpSetArn}
       - enable: ${param:restrictToVpn}
-        rule:
-          Name: vpn-only
-          Priority: 1
-          Action:
-            # Block: {
-            #   "CustomResponse": {
-            #     "ResponseCode": 403
-            #   }
-            # }
-            Allow: {}
-          VisibilityConfig:
-            SampledRequestsEnabled: true
-            CloudWatchMetricsEnabled: true
-            MetricName: ${self:service}-${self:custom.stage}-tmp-gh-runner
-          Statement:
-            # NotStatement:
-              # Statement:
-            IPSetReferenceStatement:
-              ARN: !GetAtt GitHubIPSet.Arn
+        Name: vpn-only
+        Priority: 1
+        Action:
+          # Block: {
+          #   "CustomResponse": {
+          #     "ResponseCode": 403
+          #   }
+          # }
+          Allow: {}
+        VisibilityConfig:
+          SampledRequestsEnabled: true
+          CloudWatchMetricsEnabled: true
+          MetricName: ${self:service}-${self:custom.stage}-tmp-gh-runner
+        Statement:
+          # NotStatement:
+            # Statement:
+          IPSetReferenceStatement:
+            ARN: !GetAtt GitHubIPSet.Arn
       - enable: ${param:restrictToVpn}
-        rule:
-          Name: block-all-other-traffic
-          Priority: 3
-          Action:
-            Block: {
-              "CustomResponse": {
-                "ResponseCode": 403
-              }
+        Name: block-all-other-traffic
+        Priority: 3
+        Action:
+          Block: {
+            "CustomResponse": {
+              "ResponseCode": 403
             }
-          VisibilityConfig:
-            SampledRequestsEnabled: true
-            CloudWatchMetricsEnabled: true
-            MetricName: ${self:service}-${self:custom.stage}-block-traffic
-            Statement:
-              NotStatement:
-                Statement:
-                  IPSetReferenceStatement:
-                    ARN: ${self:custom.vpnIpSetArn}
+          }
+        VisibilityConfig:
+          SampledRequestsEnabled: true
+          CloudWatchMetricsEnabled: true
+          MetricName: ${self:service}-${self:custom.stage}-block-traffic
+          Statement:
+            NotStatement:
+              Statement:
+                IPSetReferenceStatement:
+                  ARN: ${self:custom.vpnIpSetArn}
   firehoseStreamName: aws-waf-logs-${self:service}-${self:custom.stage}-firehose
   scripts:
     hooks: