🔧 Add flag to enable/disable WAF audit log
Decision record
The WAF audit log is extremely verbose. When running in production, this can lead to issues (such as producing 30GB of logs in less than 10 minutes). This means an attacker can fill the filesystem simply by sending requests to a mapping and successfully crash the service.
We need to be able to disable the audit log for exposed environments, and keep it for lab environments (so that we can reproduce potential issues).
Changes
-
🐳 ✨ Add newEC_RPS_WAF_AUDITLOG
flag -
📝 Update documentation -
🔖 v0.8.0
-->