-
Notifications
You must be signed in to change notification settings - Fork 9.2k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
fix(webaclv2): WAFv2 rule loss when making an update." #39283
Conversation
Community NoteVoting for Prioritization
For Submitters
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Welcome @fyqtian 👋
It looks like this is your first Pull Request submission to the Terraform AWS Provider! If you haven’t already done so please make sure you have checked out our CONTRIBUTOR guide and FAQ to make sure your contribution is adhering to best practice and has all the necessary elements in place for a successful approval.
Also take a look at our FAQ which details how we prioritize Pull Requests for inclusion.
Thanks again, and welcome to the community! 😃
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM 🚀.
% make testacc TESTARGS='-run=TestAccWAFV2WebACL_' PKG=wafv2 ACCTEST_PARALLELISM=4
make: Verifying source code with gofmt...
==> Checking that code complies with gofmt requirements...
TF_ACC=1 go1.23.2 test ./internal/service/wafv2/... -v -count 1 -parallel 4 -run=TestAccWAFV2WebACL_ -timeout 360m
2024/10/25 15:03:34 Initializing Terraform AWS Provider...
=== RUN TestAccWAFV2WebACL_basic
=== PAUSE TestAccWAFV2WebACL_basic
=== RUN TestAccWAFV2WebACL_Update_rule
=== PAUSE TestAccWAFV2WebACL_Update_rule
=== RUN TestAccWAFV2WebACL_Update_ruleProperties
=== PAUSE TestAccWAFV2WebACL_Update_ruleProperties
=== RUN TestAccWAFV2WebACL_Update_nameForceNew
=== PAUSE TestAccWAFV2WebACL_Update_nameForceNew
=== RUN TestAccWAFV2WebACL_disappears
=== PAUSE TestAccWAFV2WebACL_disappears
=== RUN TestAccWAFV2WebACL_ManagedRuleGroup_basic
=== PAUSE TestAccWAFV2WebACL_ManagedRuleGroup_basic
=== RUN TestAccWAFV2WebACL_ManagedRuleGroup_ManagedRuleGroupConfig
=== PAUSE TestAccWAFV2WebACL_ManagedRuleGroup_ManagedRuleGroupConfig
=== RUN TestAccWAFV2WebACL_ManagedRuleGroup_ManagedRuleGroupConfig_ACFPRuleSet
=== PAUSE TestAccWAFV2WebACL_ManagedRuleGroup_ManagedRuleGroupConfig_ACFPRuleSet
=== RUN TestAccWAFV2WebACL_ManagedRuleGroup_ManagedRuleGroupConfig_ATPRuleSet
=== PAUSE TestAccWAFV2WebACL_ManagedRuleGroup_ManagedRuleGroupConfig_ATPRuleSet
=== RUN TestAccWAFV2WebACL_ManagedRuleGroup_ManagedRuleGroupConfig_BotControl
=== PAUSE TestAccWAFV2WebACL_ManagedRuleGroup_ManagedRuleGroupConfig_BotControl
=== RUN TestAccWAFV2WebACL_ManagedRuleGroup_specifyVersion
=== PAUSE TestAccWAFV2WebACL_ManagedRuleGroup_specifyVersion
=== RUN TestAccWAFV2WebACL_minimal
=== PAUSE TestAccWAFV2WebACL_minimal
=== RUN TestAccWAFV2WebACL_RateBased_basic
=== PAUSE TestAccWAFV2WebACL_RateBased_basic
=== RUN TestAccWAFV2WebACL_ByteMatchStatement_basic
=== PAUSE TestAccWAFV2WebACL_ByteMatchStatement_basic
=== RUN TestAccWAFV2WebACL_ByteMatchStatement_ja3fingerprint
=== PAUSE TestAccWAFV2WebACL_ByteMatchStatement_ja3fingerprint
=== RUN TestAccWAFV2WebACL_ByteMatchStatement_jsonBody
=== PAUSE TestAccWAFV2WebACL_ByteMatchStatement_jsonBody
=== RUN TestAccWAFV2WebACL_ByteMatchStatement_body
=== PAUSE TestAccWAFV2WebACL_ByteMatchStatement_body
=== RUN TestAccWAFV2WebACL_ByteMatchStatement_headerOrder
=== PAUSE TestAccWAFV2WebACL_ByteMatchStatement_headerOrder
=== RUN TestAccWAFV2WebACL_GeoMatch_basic
=== PAUSE TestAccWAFV2WebACL_GeoMatch_basic
=== RUN TestAccWAFV2WebACL_GeoMatch_forwardedIP
=== PAUSE TestAccWAFV2WebACL_GeoMatch_forwardedIP
=== RUN TestAccWAFV2WebACL_LabelMatchStatement
=== PAUSE TestAccWAFV2WebACL_LabelMatchStatement
=== RUN TestAccWAFV2WebACL_RuleLabels
=== PAUSE TestAccWAFV2WebACL_RuleLabels
=== RUN TestAccWAFV2WebACL_IPSetReference_basic
=== PAUSE TestAccWAFV2WebACL_IPSetReference_basic
=== RUN TestAccWAFV2WebACL_IPSetReference_forwardedIP
=== PAUSE TestAccWAFV2WebACL_IPSetReference_forwardedIP
=== RUN TestAccWAFV2WebACL_RateBased_customKeys
=== PAUSE TestAccWAFV2WebACL_RateBased_customKeys
=== RUN TestAccWAFV2WebACL_RateBased_forwardedIP
=== PAUSE TestAccWAFV2WebACL_RateBased_forwardedIP
=== RUN TestAccWAFV2WebACL_RuleGroupReference_basic
=== PAUSE TestAccWAFV2WebACL_RuleGroupReference_basic
=== RUN TestAccWAFV2WebACL_RuleGroupReference_shieldMitigation
=== PAUSE TestAccWAFV2WebACL_RuleGroupReference_shieldMitigation
=== RUN TestAccWAFV2WebACL_RuleGroupReference_manageShieldMitigationRule
=== PAUSE TestAccWAFV2WebACL_RuleGroupReference_manageShieldMitigationRule
=== RUN TestAccWAFV2WebACL_Custom_requestHandling
=== PAUSE TestAccWAFV2WebACL_Custom_requestHandling
=== RUN TestAccWAFV2WebACL_Custom_response
=== PAUSE TestAccWAFV2WebACL_Custom_response
=== RUN TestAccWAFV2WebACL_tags
=== PAUSE TestAccWAFV2WebACL_tags
=== RUN TestAccWAFV2WebACL_RateBased_maxNested
=== PAUSE TestAccWAFV2WebACL_RateBased_maxNested
=== RUN TestAccWAFV2WebACL_Operators_maxNested
=== PAUSE TestAccWAFV2WebACL_Operators_maxNested
=== RUN TestAccWAFV2WebACL_tokenDomains
=== PAUSE TestAccWAFV2WebACL_tokenDomains
=== RUN TestAccWAFV2WebACL_associationConfigCloudFront
=== PAUSE TestAccWAFV2WebACL_associationConfigCloudFront
=== RUN TestAccWAFV2WebACL_associationConfigRegional
=== PAUSE TestAccWAFV2WebACL_associationConfigRegional
=== RUN TestAccWAFV2WebACL_CloudFrontScope
=== PAUSE TestAccWAFV2WebACL_CloudFrontScope
=== RUN TestAccWAFV2WebACL_ruleJSON
=== PAUSE TestAccWAFV2WebACL_ruleJSON
=== RUN TestAccWAFV2WebACL_ruleJSONToRule
=== PAUSE TestAccWAFV2WebACL_ruleJSONToRule
=== CONT TestAccWAFV2WebACL_basic
=== CONT TestAccWAFV2WebACL_LabelMatchStatement
=== CONT TestAccWAFV2WebACL_ManagedRuleGroup_specifyVersion
=== CONT TestAccWAFV2WebACL_GeoMatch_forwardedIP
--- PASS: TestAccWAFV2WebACL_basic (16.41s)
=== CONT TestAccWAFV2WebACL_GeoMatch_basic
--- PASS: TestAccWAFV2WebACL_LabelMatchStatement (28.81s)
=== CONT TestAccWAFV2WebACL_ByteMatchStatement_headerOrder
--- PASS: TestAccWAFV2WebACL_ManagedRuleGroup_specifyVersion (29.66s)
=== CONT TestAccWAFV2WebACL_ByteMatchStatement_body
--- PASS: TestAccWAFV2WebACL_GeoMatch_forwardedIP (33.65s)
=== CONT TestAccWAFV2WebACL_ByteMatchStatement_jsonBody
--- PASS: TestAccWAFV2WebACL_GeoMatch_basic (27.08s)
=== CONT TestAccWAFV2WebACL_ByteMatchStatement_ja3fingerprint
--- PASS: TestAccWAFV2WebACL_ByteMatchStatement_headerOrder (27.11s)
=== CONT TestAccWAFV2WebACL_ByteMatchStatement_basic
--- PASS: TestAccWAFV2WebACL_ByteMatchStatement_body (27.44s)
=== CONT TestAccWAFV2WebACL_RateBased_basic
--- PASS: TestAccWAFV2WebACL_ByteMatchStatement_jsonBody (27.54s)
=== CONT TestAccWAFV2WebACL_minimal
--- PASS: TestAccWAFV2WebACL_ByteMatchStatement_ja3fingerprint (27.70s)
=== CONT TestAccWAFV2WebACL_Custom_response
--- PASS: TestAccWAFV2WebACL_minimal (13.47s)
=== CONT TestAccWAFV2WebACL_ruleJSONToRule
--- PASS: TestAccWAFV2WebACL_ByteMatchStatement_basic (27.73s)
=== CONT TestAccWAFV2WebACL_ruleJSON
--- PASS: TestAccWAFV2WebACL_RateBased_basic (27.76s)
=== CONT TestAccWAFV2WebACL_CloudFrontScope
web_acl_test.go:3004: skipping tests; AWS_DEFAULT_REGION (us-west-2) not supported. Supported: [us-east-1]
--- SKIP: TestAccWAFV2WebACL_CloudFrontScope (0.00s)
=== CONT TestAccWAFV2WebACL_associationConfigRegional
--- PASS: TestAccWAFV2WebACL_ruleJSONToRule (24.42s)
=== CONT TestAccWAFV2WebACL_associationConfigCloudFront
web_acl_test.go:2907: skipping tests; AWS_DEFAULT_REGION (us-west-2) not supported. Supported: [us-east-1]
--- SKIP: TestAccWAFV2WebACL_associationConfigCloudFront (0.00s)
=== CONT TestAccWAFV2WebACL_tokenDomains
--- PASS: TestAccWAFV2WebACL_associationConfigRegional (17.67s)
=== CONT TestAccWAFV2WebACL_Operators_maxNested
--- PASS: TestAccWAFV2WebACL_Custom_response (39.03s)
=== CONT TestAccWAFV2WebACL_RateBased_maxNested
--- PASS: TestAccWAFV2WebACL_ruleJSON (27.07s)
=== CONT TestAccWAFV2WebACL_tags
--- PASS: TestAccWAFV2WebACL_tokenDomains (15.95s)
=== CONT TestAccWAFV2WebACL_IPSetReference_forwardedIP
--- PASS: TestAccWAFV2WebACL_Operators_maxNested (17.65s)
=== CONT TestAccWAFV2WebACL_RateBased_customKeys
--- PASS: TestAccWAFV2WebACL_RateBased_maxNested (17.99s)
=== CONT TestAccWAFV2WebACL_RuleGroupReference_manageShieldMitigationRule
--- PASS: TestAccWAFV2WebACL_tags (35.98s)
=== CONT TestAccWAFV2WebACL_Custom_requestHandling
--- PASS: TestAccWAFV2WebACL_IPSetReference_forwardedIP (52.72s)
=== CONT TestAccWAFV2WebACL_RuleGroupReference_shieldMitigation
--- PASS: TestAccWAFV2WebACL_RuleGroupReference_manageShieldMitigationRule (42.60s)
=== CONT TestAccWAFV2WebACL_RateBased_forwardedIP
--- PASS: TestAccWAFV2WebACL_RateBased_forwardedIP (27.80s)
=== CONT TestAccWAFV2WebACL_ManagedRuleGroup_basic
--- PASS: TestAccWAFV2WebACL_Custom_requestHandling (52.33s)
=== CONT TestAccWAFV2WebACL_RuleGroupReference_basic
--- PASS: TestAccWAFV2WebACL_RuleGroupReference_shieldMitigation (51.00s)
=== CONT TestAccWAFV2WebACL_ManagedRuleGroup_ManagedRuleGroupConfig_BotControl
--- PASS: TestAccWAFV2WebACL_RateBased_customKeys (105.59s)
=== CONT TestAccWAFV2WebACL_ManagedRuleGroup_ManagedRuleGroupConfig_ATPRuleSet
--- PASS: TestAccWAFV2WebACL_ManagedRuleGroup_ManagedRuleGroupConfig_BotControl (14.23s)
=== CONT TestAccWAFV2WebACL_IPSetReference_basic
--- PASS: TestAccWAFV2WebACL_RuleGroupReference_basic (36.10s)
=== CONT TestAccWAFV2WebACL_ManagedRuleGroup_ManagedRuleGroupConfig_ACFPRuleSet
--- PASS: TestAccWAFV2WebACL_ManagedRuleGroup_basic (47.96s)
=== CONT TestAccWAFV2WebACL_ManagedRuleGroup_ManagedRuleGroupConfig
--- PASS: TestAccWAFV2WebACL_IPSetReference_basic (17.39s)
=== CONT TestAccWAFV2WebACL_Update_nameForceNew
--- PASS: TestAccWAFV2WebACL_ManagedRuleGroup_ManagedRuleGroupConfig_ATPRuleSet (28.13s)
=== CONT TestAccWAFV2WebACL_disappears
--- PASS: TestAccWAFV2WebACL_ManagedRuleGroup_ManagedRuleGroupConfig_ACFPRuleSet (28.05s)
=== CONT TestAccWAFV2WebACL_Update_ruleProperties
--- PASS: TestAccWAFV2WebACL_disappears (14.37s)
=== CONT TestAccWAFV2WebACL_RuleLabels
--- PASS: TestAccWAFV2WebACL_ManagedRuleGroup_ManagedRuleGroupConfig (28.18s)
=== CONT TestAccWAFV2WebACL_Update_rule
--- PASS: TestAccWAFV2WebACL_Update_nameForceNew (24.90s)
--- PASS: TestAccWAFV2WebACL_RuleLabels (28.20s)
--- PASS: TestAccWAFV2WebACL_Update_rule (29.13s)
--- PASS: TestAccWAFV2WebACL_Update_ruleProperties (42.85s)
PASS
ok github.com/hashicorp/terraform-provider-aws/internal/service/wafv2 311.323s
Before fix
% make testacc TESTARGS='-run=TestAccWAFV2WebACL_ruleJSONToRule' PKG=wafv2
make: Verifying source code with gofmt...
==> Checking that code complies with gofmt requirements...
TF_ACC=1 go1.23.2 test ./internal/service/wafv2/... -v -count 1 -parallel 20 -run=TestAccWAFV2WebACL_ruleJSONToRule -timeout 360m
2024/10/25 14:18:05 Initializing Terraform AWS Provider...
=== RUN TestAccWAFV2WebACL_ruleJSONToRule
=== PAUSE TestAccWAFV2WebACL_ruleJSONToRule
=== CONT TestAccWAFV2WebACL_ruleJSONToRule
web_acl_test.go:3095: Step 2/2 error: Error running apply: exit status 1
Error: expanding WAFv2 WebACL JSON rule (1d4514d6-40e6-4030-8beb-d6afac6a7fc8): decoding JSON: unexpected end of JSON input
with aws_wafv2_web_acl.test,
on terraform_plugin_test.tf line 12, in resource "aws_wafv2_web_acl" "test":
12: resource "aws_wafv2_web_acl" "test" {
--- FAIL: TestAccWAFV2WebACL_ruleJSONToRule (18.78s)
FAIL
FAIL github.com/hashicorp/terraform-provider-aws/internal/service/wafv2 24.121s
FAIL
make: *** [testacc] Error 1
@fyqtian Thanks for the contribution 🎉 👏. |
This functionality has been released in v5.74.0 of the Terraform AWS Provider. Please see the Terraform documentation on provider versioning or reach out if you need any assistance upgrading. For further feature requests or bug reports with this functionality, please create a new GitHub issue following the template. Thank you! |
I'm going to lock this pull request because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues. |
Description
After creating WAFv2 with the rule_json field, updating other fields will set the rules to empty."
Relations
Closes #0000
References
Output from Acceptance Testing