Unable to attach aws_wafregional_rule_group

[dynamike]

Terraform Version

Terraform v0.11.7
+ provider.aws v1.16.0

Affected Resource(s)

• aws_wafregional_web_acl
• aws_wafregional_rule_group

Terraform Configuration Files

# Copy-paste your Terraform configurations here - for large Terraform configs,
resource "aws_wafregional_rule" "example" {
  name        = "example"
  metric_name = "example"
}

resource "aws_wafregional_rule_group" "example" {
  name        = "example"
  metric_name = "example"

  activated_rule {
    action {
      type = "COUNT"
    }

    priority = 1
    rule_id  = "${aws_wafregional_rule.example.id}"
  }
}

resource "aws_wafregional_web_acl" "example" {
  name = "example"

  # CloudWatch metrics naming requirements:
  # 1 and 128 alphabetic characters long.
  # Don't include numbers, spaces, or special characters.
  metric_name = "example"

  default_action {
    type = "ALLOW"
  }

  rule {
    action {
      type = "BLOCK"
    }

    priority = 1
    rule_id  = "${aws_wafregional_rule_group.example.id}"
  }
}
provider "aws" {
  version = "~> 1.16.0"
  region  = "us-west-2"
}
terraform {
  required_version = "~> 0.11.3"
}

Debug Output

terraform apply output -- https://gist.github.com/dynamike/2c2dd59db19c380f09edba8e0db25686

Expected Behavior

The aws_wafregional_rule_group should attach to the aws_wafregional_web_acl

Actual Behavior

It's unable to find the rule group id
* aws_wafregional_web_acl.example: Error Updating WAF Regional ACL: Error Updating WAF Regional ACL: WAFNonexistentItemException: The referenced item does not exist.

Steps to Reproduce

Please list the steps required to reproduce the issue, for example:

1. terraform apply --auto-approve

[bflad]

This should be fixed with #5053 which was just merged into master and will release with version 1.27.0 of the AWS provider, likely middle of this week. 👍

# Implementation is similar for aws_wafregional_web_acl resource
resource "aws_waf_web_acl" "example" {
 # ... other configuration ...
  rules {
    # ... other configuration ...
    override_action {
       type = "NONE"
    }
    type = "GROUP"
    rule_id = "${aws_waf_rule_group.example.id}"
  }
}

[bflad]

This has been released in version 1.27.0 of the AWS provider. Please see the Terraform documentation on provider versioning or reach out if you need any assistance upgrading.

[ghost]

I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues.

If you feel this issue should be reopened, we encourage creating a new issue linking back to this one for added context. Thanks!