-
Notifications
You must be signed in to change notification settings - Fork 9.3k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Fixed WAFv2 ATP response inspection parameters #31111
Fixed WAFv2 ATP response inspection parameters #31111
Conversation
Community NoteVoting for Prioritization
For Submitters
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Welcome @rasekoli 👋
It looks like this is your first Pull Request submission to the Terraform AWS Provider! If you haven’t already done so please make sure you have checked out our CONTRIBUTOR guide and FAQ to make sure your contribution is adhering to best practice and has all the necessary elements in place for a successful approval.
Also take a look at our FAQ which details how we prioritize Pull Requests for inclusion.
Thanks again, and welcome to the community! 😃
5624a14
to
330ec22
Compare
@@ -2309,7 +2309,7 @@ func flattenBodyContains(apiObject *wafv2.ResponseInspectionBodyContains) []inte | |||
|
|||
m := map[string]interface{}{ | |||
"failure_strings": flex.FlattenStringSet(apiObject.FailureStrings), | |||
"succeed_strings": flex.FlattenStringSet(apiObject.SuccessStrings), |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Were you able to add an Account Takeover Protection rule to a WAFv2 Web ACL using success_strings
instead of succeed_strings
parameter? In #31106 issue I pasted the errors I get in this case, and I was able to add an ATP rule using succeed_strings
successfully.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Yes, these lines in the flatten...
functions were the problem. They should have been success_...
instead of succeed_...
to match the names of the parameters returned by AWS
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks for the PR, @rasekoli. I've made some adjustments to bring the names in line with the AWS API parameters and added an acceptance test.
Acceptance test results in Commercial partition
--- PASS: TestAccWAFV2WebACL_CloudFrontScope (80.15s)
--- PASS: TestAccWAFV2WebACL_tokenDomains (83.79s)
--- PASS: TestAccWAFV2WebACL_Operators_maxNested (102.65s)
--- PASS: TestAccWAFV2WebACL_RateBased_maxNested (116.40s)
--- PASS: TestAccWAFV2WebACL_ManagedRuleGroup_ManagedRuleGroupConfig_BotControl (133.09s)
--- PASS: TestAccWAFV2WebACL_IPSetReference_basic (141.87s)
--- PASS: TestAccWAFV2WebACL_basic (157.40s)
--- PASS: TestAccWAFV2WebACL_RuleGroupReference_manageShieldMitigationRule (161.45s)
--- PASS: TestAccWAFV2WebACL_ManagedRuleGroup_ManagedRuleGroupConfig_ATPRuleSet (168.38s)
--- PASS: TestAccWAFV2WebACL_LabelMatchStatement (169.94s)
--- PASS: TestAccWAFV2WebACL_disappears (89.73s)
--- PASS: TestAccWAFV2WebACL_RuleGroupReference_shieldMitigation (182.23s)
--- PASS: TestAccWAFV2WebACL_RuleLabels (184.67s)
--- PASS: TestAccWAFV2WebACL_ManagedRuleGroup_ManagedRuleGroupConfig (200.08s)
--- PASS: TestAccWAFV2WebACL_GeoMatch_forwardedIP (204.92s)
--- PASS: TestAccWAFV2WebACL_RuleGroupReference_basic (228.16s)
--- PASS: TestAccWAFV2WebACL_minimal (90.86s)
--- PASS: TestAccWAFV2WebACL_RateBased_forwardedIP (233.87s)
--- PASS: TestAccWAFV2WebACL_Custom_response (246.61s)
--- PASS: TestAccWAFV2WebACL_Update_nameForceNew (159.62s)
--- PASS: TestAccWAFV2WebACL_tags (271.01s)
--- PASS: TestAccWAFV2WebACL_ByteMatchStatement_basic (151.19s)
--- PASS: TestAccWAFV2WebACL_GeoMatch_basic (136.35s)
--- PASS: TestAccWAFV2WebACL_ByteMatchStatement_body (135.79s)
--- PASS: TestAccWAFV2WebACL_ByteMatchStatement_jsonBody (129.79s)
--- PASS: TestAccWAFV2WebACL_ManagedRuleGroup_specifyVersion (130.69s)
--- PASS: TestAccWAFV2WebACL_RateBased_basic (120.50s)
--- PASS: TestAccWAFV2WebACL_Update_rule (130.51s)
--- PASS: TestAccWAFV2WebACL_IPSetReference_forwardedIP (306.44s)
--- PASS: TestAccWAFV2WebACL_Custom_requestHandling (306.45s)
--- PASS: TestAccWAFV2WebACL_Update_ruleProperties (196.50s)
--- PASS: TestAccWAFV2WebACL_ManagedRuleGroup_basic (236.62s)
Acceptance test results in Gov Cloud partition
--- SKIP: TestAccWAFV2WebACL_CloudFrontScope (112.60s)
--- PASS: TestAccWAFV2WebACL_ManagedRuleGroup_ManagedRuleGroupConfig_BotControl (247.28s)
--- PASS: TestAccWAFV2WebACL_minimal (254.12s)
--- PASS: TestAccWAFV2WebACL_basic (284.12s)
--- PASS: TestAccWAFV2WebACL_tokenDomains (292.39s)
--- PASS: TestAccWAFV2WebACL_Operators_maxNested (306.42s)
--- PASS: TestAccWAFV2WebACL_RateBased_maxNested (323.49s)
--- SKIP: TestAccWAFV2WebACL_ManagedRuleGroup_ManagedRuleGroupConfig_ATPRuleSet (104.86s)
--- SKIP: TestAccWAFV2WebACL_ManagedRuleGroup_ManagedRuleGroupConfig (99.93s)
--- PASS: TestAccWAFV2WebACL_disappears (207.76s)
--- PASS: TestAccWAFV2WebACL_RuleGroupReference_manageShieldMitigationRule (459.68s)
--- PASS: TestAccWAFV2WebACL_ByteMatchStatement_jsonBody (466.34s)
--- PASS: TestAccWAFV2WebACL_RuleGroupReference_shieldMitigation (478.97s)
--- PASS: TestAccWAFV2WebACL_ByteMatchStatement_basic (482.16s)
--- PASS: TestAccWAFV2WebACL_RateBased_basic (483.12s)
--- PASS: TestAccWAFV2WebACL_ByteMatchStatement_body (486.90s)
--- PASS: TestAccWAFV2WebACL_GeoMatch_forwardedIP (488.67s)
--- PASS: TestAccWAFV2WebACL_RateBased_forwardedIP (490.09s)
--- PASS: TestAccWAFV2WebACL_GeoMatch_basic (490.15s)
--- PASS: TestAccWAFV2WebACL_IPSetReference_basic (205.26s)
--- PASS: TestAccWAFV2WebACL_ManagedRuleGroup_specifyVersion (400.65s)
--- PASS: TestAccWAFV2WebACL_RuleGroupReference_basic (532.92s)
--- PASS: TestAccWAFV2WebACL_tags (549.23s)
--- PASS: TestAccWAFV2WebACL_Custom_response (561.36s)
--- PASS: TestAccWAFV2WebACL_RuleLabels (237.76s)
--- PASS: TestAccWAFV2WebACL_Update_nameForceNew (166.27s)
--- PASS: TestAccWAFV2WebACL_Custom_requestHandling (629.06s)
--- PASS: TestAccWAFV2WebACL_LabelMatchStatement (175.59s)
--- PASS: TestAccWAFV2WebACL_Update_rule (175.81s)
--- PASS: TestAccWAFV2WebACL_Update_ruleProperties (284.20s)
--- PASS: TestAccWAFV2WebACL_ManagedRuleGroup_basic (380.58s)
--- PASS: TestAccWAFV2WebACL_IPSetReference_forwardedIP (355.11s)
This functionality has been released in v5.9.0 of the Terraform AWS Provider. Please see the Terraform documentation on provider versioning or reach out if you need any assistance upgrading. For further feature requests or bug reports with this functionality, please create a new GitHub issue following the template. Thank you! |
I'm going to lock this pull request because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues. |
Description
Fixes three
response_inspection
ATP parameters (body_contains
,header
,json
).Relations
Closes #31106
References
Output from Acceptance Testing