activeshadow/remove-waf-rules.sh

## remove-waf-rules.sh
#!/bin/bash

RULES=$(aws waf list-rules | jq -r ".Rules[] | .RuleId")

for rule in $RULES; do
  TOKEN=$(aws waf get-change-token | jq -r .ChangeToken)
  PRED=$(aws waf get-rule --rule-id $rule | jq ".Rule.Predicates[0]")

  aws waf update-rule --cli-input-json '{"RuleId": "'$rule'", "ChangeToken": "'$TOKEN'", "Updates": [{"Action": "DELETE", "Predicate": '"$PRED"'}]}'

  TOKEN=$(aws waf get-change-token | jq -r .ChangeToken)

  aws waf delete-rule --rule-id $rule --change-token $TOKEN

  sleep 1
done