diff --git a/aws/beta.ordbok.uib.no_stack.yaml b/aws/beta.ordbok.uib.no_stack.yaml
index 673b1cb9b0719e381c32ddd5cc75796d0791213b..87056757a91298f5082eff6526def25991a44093 100644
--- a/aws/beta.ordbok.uib.no_stack.yaml
+++ b/aws/beta.ordbok.uib.no_stack.yaml
@@ -73,70 +73,6 @@ Resources:
Principal:
CanonicalUser: !GetAtt CloudFrontOriginIdentity.S3CanonicalUserId
- ITAIpSet:
- Type: "AWS::WAF::IPSet"
- Properties:
- IPSetDescriptors:
- - Type: "IPV4"
- Value: "129.177.0.0/16"
- - Type: "IPV4"
- Value: "82.134.66.114/32"
- - Type: "IPV4"
- Value: "51.174.68.58/32"
- Name: "allowed IPs"
-
- APImatch:
- Type: "AWS::WAF::ByteMatchSet"
- Properties:
- Name: "API paths"
- ByteMatchTuples:
- - FieldToMatch:
- Type: "URI"
- TargetString: "/api"
- TextTransformation: "NONE"
- PositionalConstraint: "EXACTLY"
- - FieldToMatch:
- Type: "URI"
- TargetString: "/api/"
- TextTransformation: "NONE"
- PositionalConstraint: "STARTS_WITH"
-
- ITARule:
- Type: "AWS::WAF::Rule"
- Properties:
- MetricName: "ITARule"
- Name: "ITARule"
- Predicates:
- - Type: "IPMatch"
- Negated: false
- DataId: !Ref ITAIpSet
-
- APIRule:
- Type: "AWS::WAF::Rule"
- Properties:
- MetricName: "APIRule"
- Name: "APIRule"
- Predicates:
- - Type: "ByteMatch"
- Negated: false
- DataId: !Ref APImatch
-
- ACL:
- Type: "AWS::WAF::WebACL"
- Properties:
- DefaultAction:
- Type: "BLOCK"
- Name: "intern ITA"
- MetricName: "WebACL"
- Rules:
- - Action:
- Type: "ALLOW"
- Priority: 1
- RuleId: !Ref ITARule
- - Action:
- Type: "ALLOW"
- Priority: 5
- RuleId: !Ref APIRule
APICachePolicy:
Type: "AWS::CloudFront::CachePolicy"
Properties:
@@ -218,7 +154,6 @@ Resources:
AcmCertificateArn: !Ref CertificateArn
MinimumProtocolVersion: TLSv1.1_2016
SslSupportMethod: sni-only
- WebACLId: !Ref ACL
Tags:
- Key: Application
Value: !Ref DomainName