I'm trying to configure a rule in AWS WAF to block access to a particular URL except when the request originates from one of a set of trusted IPs. Naturally I'm trying to use IP sets for this.
My network connection appears to switch between a v4 IP and a v6 IP. Ideally I'd include both, but there doesn't seem to be a way to do this.
Even if I create an IP Set for IPv6, it won't allow me to express my v4 address as v6 (e.g. 0:0:0:0:0:ffff:183f:beef/128)
The other approach I explored was adding two IP Sets as an "OR" condition. Unfortunately the rule builder (at least in visual mode) does not appear to support this.
I can't be the first to find myself in this position. What's the normal approach?