From 4419f0e6c12dd2f0b40c418a8598ece5bb5e2321 Mon Sep 17 00:00:00 2001
From: "Michael B. Klein" <mbklein@gmail.com>
Date: Thu, 4 Jan 2024 22:28:51 +0000
Subject: [PATCH] Log all requests, not just blocked/count requests

---
 firewall/security_firewall.tf | 15 ---------------
 1 file changed, 15 deletions(-)

diff --git a/firewall/security_firewall.tf b/firewall/security_firewall.tf
index 10e9433..74a1085 100644
--- a/firewall/security_firewall.tf
+++ b/firewall/security_firewall.tf
@@ -392,21 +392,6 @@ resource "aws_wafv2_web_acl_logging_configuration" "security_firewall" {
   count                   = local.security_firewall ? 1 : 0
   log_destination_configs = [aws_cloudwatch_log_group.security_firewall_log.arn]
   resource_arn            = aws_wafv2_web_acl.security_firewall[0].arn
-
-  logging_filter {
-    default_behavior = "KEEP"
-
-    filter {
-      requirement   = "MEETS_ANY"
-      behavior      = "DROP"
-
-      condition {
-        action_condition {
-          action = "ALLOW"
-        }
-      }
-    }
-  }
 }
 
 resource "aws_wafv2_web_acl_association" "security_firewall" {