From 0ba843e99a134e5074dddc9ee388b60e7804f49d Mon Sep 17 00:00:00 2001 From: nikhil Date: Fri, 19 Apr 2024 22:01:44 +0100 Subject: [PATCH 1/6] f-aws_wafv2_web_acl:support for enable machine learning --- internal/service/wafv2/flex.go | 6 ++++-- internal/service/wafv2/schemas.go | 5 +++++ internal/service/wafv2/web_acl_test.go | 6 ++++-- 3 files changed, 13 insertions(+), 4 deletions(-) diff --git a/internal/service/wafv2/flex.go b/internal/service/wafv2/flex.go index e713cad6ccc..39dec348353 100644 --- a/internal/service/wafv2/flex.go +++ b/internal/service/wafv2/flex.go @@ -1266,7 +1266,8 @@ func expandManagedRulesBotControlRuleSet(tfList []interface{}) *wafv2.AWSManaged m := tfList[0].(map[string]interface{}) out := wafv2.AWSManagedRulesBotControlRuleSet{ - InspectionLevel: aws.String(m["inspection_level"].(string)), + InspectionLevel: aws.String(m["inspection_level"].(string)), + EnableMachineLearning: aws.String(m["enable_machine_learning"].(bool)), } return &out @@ -2681,7 +2682,8 @@ func flattenManagedRulesBotControlRuleSet(apiObject *wafv2.AWSManagedRulesBotCon } m := map[string]interface{}{ - "inspection_level": aws.StringValue(apiObject.InspectionLevel), + "inspection_level": aws.StringValue(apiObject.InspectionLevel), + "enable_machine_learning": aws.StringValue(apiObject.EnableMachineLearning), } return []interface{}{m} diff --git a/internal/service/wafv2/schemas.go b/internal/service/wafv2/schemas.go index 7204e556096..fb78936bef6 100644 --- a/internal/service/wafv2/schemas.go +++ b/internal/service/wafv2/schemas.go @@ -1221,6 +1221,11 @@ func managedRuleGroupConfigSchema() *schema.Schema { Required: true, ValidateFunc: validation.StringInSlice(wafv2.InspectionLevel_Values(), false), }, + "enable_machine_learning": { + Type: schema.TypeBool, + Optional: true, + Default: true, + }, }, }, }, diff --git a/internal/service/wafv2/web_acl_test.go b/internal/service/wafv2/web_acl_test.go index f54c3cbf713..ef6fe80886f 100644 --- a/internal/service/wafv2/web_acl_test.go +++ b/internal/service/wafv2/web_acl_test.go @@ -940,7 +940,8 @@ func TestAccWAFV2WebACL_ManagedRuleGroup_ManagedRuleGroupConfig_BotControl(t *te "statement.0.managed_rule_group_statement.#": "1", "statement.0.managed_rule_group_statement.0.name": "AWSManagedRulesBotControlRuleSet", "statement.0.managed_rule_group_statement.0.vendor_name": "AWS", - "statement.0.managed_rule_group_statement.0.managed_rule_group_configs.0.aws_managed_rules_bot_control_rule_set.0.inspection_level": "TARGETED", + "statement.0.managed_rule_group_statement.0.managed_rule_group_configs.0.aws_managed_rules_bot_control_rule_set.0.inspection_level": "TARGETED", + "statement.0.managed_rule_group_statement.0.managed_rule_group_configs.0.aws_managed_rules_bot_control_rule_set.0.enable_machine_learning": "false", }), ), }, @@ -4547,7 +4548,8 @@ resource "aws_wafv2_web_acl" "test" { managed_rule_group_configs { aws_managed_rules_bot_control_rule_set { - inspection_level = "TARGETED" + inspection_level = "TARGETED" + enable_machine_learning = false } } } From b6e8e04c125e420a0e6bbc66c0119723ae7e256f Mon Sep 17 00:00:00 2001 From: nikhil Date: Fri, 19 Apr 2024 22:13:03 +0100 Subject: [PATCH 2/6] f-aws_wafv2_web_acl --- .changelog/37006.txt | 3 +++ 1 file changed, 3 insertions(+) create mode 100644 .changelog/37006.txt diff --git a/.changelog/37006.txt b/.changelog/37006.txt new file mode 100644 index 00000000000..0e091027038 --- /dev/null +++ b/.changelog/37006.txt @@ -0,0 +1,3 @@ +```release-note:enhancement +resource/aws_wafv2_web_acl: Add `enable_machine_learning` parameter in `aws_managed_rules_bot_control_rule_set` argument +``` \ No newline at end of file From 37a1b281e4e9454bb9e32b69abbec5f1ddaa8550 Mon Sep 17 00:00:00 2001 From: nikhil Date: Fri, 19 Apr 2024 22:18:16 +0100 Subject: [PATCH 3/6] f-enable_machine_learning --- internal/service/wafv2/flex.go | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/internal/service/wafv2/flex.go b/internal/service/wafv2/flex.go index 39dec348353..c7f01974aaf 100644 --- a/internal/service/wafv2/flex.go +++ b/internal/service/wafv2/flex.go @@ -1267,7 +1267,7 @@ func expandManagedRulesBotControlRuleSet(tfList []interface{}) *wafv2.AWSManaged m := tfList[0].(map[string]interface{}) out := wafv2.AWSManagedRulesBotControlRuleSet{ InspectionLevel: aws.String(m["inspection_level"].(string)), - EnableMachineLearning: aws.String(m["enable_machine_learning"].(bool)), + EnableMachineLearning: aws.Bool(m["enable_machine_learning"].(bool)), } return &out @@ -2683,7 +2683,7 @@ func flattenManagedRulesBotControlRuleSet(apiObject *wafv2.AWSManagedRulesBotCon m := map[string]interface{}{ "inspection_level": aws.StringValue(apiObject.InspectionLevel), - "enable_machine_learning": aws.StringValue(apiObject.EnableMachineLearning), + "enable_machine_learning": aws.BoolValue(apiObject.EnableMachineLearning), } return []interface{}{m} From b88ff6c3fbb9b01f3aa197dd76d99a4794db1223 Mon Sep 17 00:00:00 2001 From: nikhil Date: Fri, 19 Apr 2024 22:31:43 +0100 Subject: [PATCH 4/6] f-support for enable_machine_learning --- website/docs/r/wafv2_web_acl.html.markdown | 1 + 1 file changed, 1 insertion(+) diff --git a/website/docs/r/wafv2_web_acl.html.markdown b/website/docs/r/wafv2_web_acl.html.markdown index 4e62bc2a076..79ff81a9cdb 100644 --- a/website/docs/r/wafv2_web_acl.html.markdown +++ b/website/docs/r/wafv2_web_acl.html.markdown @@ -754,6 +754,7 @@ The `managed_rule_group_configs` block support the following arguments: ### `aws_managed_rules_bot_control_rule_set` Block * `inspection_level` - (Optional) The inspection level to use for the Bot Control rule group. +* `enable_machine_learning` - (Optional) Applies only to the targeted inspection level. Determines whether to use machine learning (ML) to analyze your web traffic for bot-related activity. Defaults to `true`. ### `aws_managed_rules_acfp_rule_set` Block From 7d88253594100097c277e57d8356204c040dc7ce Mon Sep 17 00:00:00 2001 From: Kit Ewbank Date: Tue, 16 Jul 2024 08:44:21 -0400 Subject: [PATCH 5/6] Fix overzealous simplification. --- internal/service/wafv2/flex.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/internal/service/wafv2/flex.go b/internal/service/wafv2/flex.go index c0879b15228..884bd87f1ae 100644 --- a/internal/service/wafv2/flex.go +++ b/internal/service/wafv2/flex.go @@ -2000,7 +2000,7 @@ func flattenByteMatchStatement(b *awstypes.ByteMatchStatement) interface{} { m := map[string]interface{}{ "field_to_match": flattenFieldToMatch(b.FieldToMatch), "positional_constraint": b.PositionalConstraint, - "search_string": b.SearchString, + "search_string": string(b.SearchString), "text_transformation": flattenTextTransformations(b.TextTransformations), } From 23d8425a1009e3befcad5dddb77fd6c8c69d95dc Mon Sep 17 00:00:00 2001 From: Kit Ewbank Date: Tue, 16 Jul 2024 10:51:38 -0400 Subject: [PATCH 6/6] Run 'make fix-constants PKG=wafv2'. --- internal/service/wafv2/web_acl_test.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/internal/service/wafv2/web_acl_test.go b/internal/service/wafv2/web_acl_test.go index bff0dc2cc14..e6b920a1a15 100644 --- a/internal/service/wafv2/web_acl_test.go +++ b/internal/service/wafv2/web_acl_test.go @@ -942,7 +942,7 @@ func TestAccWAFV2WebACL_ManagedRuleGroup_ManagedRuleGroupConfig_BotControl(t *te "statement.0.managed_rule_group_statement.0.name": "AWSManagedRulesBotControlRuleSet", "statement.0.managed_rule_group_statement.0.vendor_name": "AWS", "statement.0.managed_rule_group_statement.0.managed_rule_group_configs.0.aws_managed_rules_bot_control_rule_set.0.inspection_level": "TARGETED", - "statement.0.managed_rule_group_statement.0.managed_rule_group_configs.0.aws_managed_rules_bot_control_rule_set.0.enable_machine_learning": "false", + "statement.0.managed_rule_group_statement.0.managed_rule_group_configs.0.aws_managed_rules_bot_control_rule_set.0.enable_machine_learning": acctest.CtFalse, }), ), },