From 0b23d0fa5e6978eae850ae88c1fe2f284e2a8f50 Mon Sep 17 00:00:00 2001
From: Grant Freeman <129095098+gfreeman-navapbc@users.noreply.github.com>
Date: Wed, 11 Dec 2024 12:06:37 -0800
Subject: [PATCH] Bump DPC rate limit (#154)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

## 🎫 Ticket

https://cmsgov.slack.com/archives/C04UG13JF9B/p1733939290774959

## 🛠 Changes

Bumping DPC rate limit to 3000requests/5min

## ℹ️ Context

DPC is seeing some customers get timed out

## 🧪 Validation

DPC rate limit rule should be changed, all others should stay the same
---
 terraform/modules/firewall/variables.tf | 2 +-
 terraform/services/api-waf/main.tf      | 1 +
 2 files changed, 2 insertions(+), 1 deletion(-)

diff --git a/terraform/modules/firewall/variables.tf b/terraform/modules/firewall/variables.tf
index 9459ed2f..34b37f6f 100644
--- a/terraform/modules/firewall/variables.tf
+++ b/terraform/modules/firewall/variables.tf
@@ -48,7 +48,7 @@ variable "content_type" {
 variable "rate_limit" {
   description = "IP rate limit for every 5 minutes"
   type        = number
-  default     = 300
+  default     = 3000
 }
 
 variable "ip_sets" {
diff --git a/terraform/services/api-waf/main.tf b/terraform/services/api-waf/main.tf
index b8f5b073..985d9f23 100644
--- a/terraform/services/api-waf/main.tf
+++ b/terraform/services/api-waf/main.tf
@@ -52,6 +52,7 @@ module "aws_waf" {
   content_type = "APPLICATION_JSON"
 
   associated_resource_arn = data.aws_lb.api.arn
+  rate_limit              = var.app == "bcda" ? 300 : 3000
   ip_sets = var.env == "sbx" ? [] : [
     one(data.aws_wafv2_ip_set.external_services).arn,
     one(aws_wafv2_ip_set.api_customers).arn,