You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
What is the current behavior?
Terraform plan is giving error. Please provide a proper way to write and_statement for aws_wafv2_web_acl AWS resource.
If the current behavior is a bug, please provide the steps to reproduce and if possible a minimal demo of the problem.
Create any aws_wafv2_web_acl resource with below rule and run terraform plan or validate.
rule {
name = "my-block-post-requests-content-type-application-json"
priority = 7
action {
block {}
}
statement {
and_statement {
statements = [
{
byte_match_statement = {
field_to_match {
method {}
}
positional_constraint = CONTAINS
search_string = POST
text_transformation {
priority = 0
type = NONE
}
}
},
{
not_statement {
statement {
byte_match_statement {
search_string = "application/json"
field_to_match {
single_header {
name = "content-type"
}
}
positional_constraint = CONTAINS
search_string = POST
text_transformation {
priority = 0
type = NONE
}
}
}
}
}
]
}
}
visibility_config {
cloudwatch_metrics_enabled = true
metric_name = "${var.solution}-${var.environment}-block-post-requests-content-type-application-json"
sampled_requests_enabled = true
}
}
The challenge here is Hashicorp's documentation for this resource does not contain full example of defining a WAF rule with and_statement - https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/wafv2_web_acl#and_statement-block
I have done all changes as per terraform validate but still it gives error.
I have raised same issue in Stack overflow - https://stackoverflow.com/questions/78666296/aws-aws-wafv2-web-acl-rule-and-statement-syntax-in-terraform
What is the expected behavior?
Terraform plan/validate should work fine. I think I am making some mistake in the syntax of and_statement.
What is the current behavior?
Terraform plan is giving error. Please provide a proper way to write and_statement for aws_wafv2_web_acl AWS resource.
If the current behavior is a bug, please provide the steps to reproduce and if possible a minimal demo of the problem.
Create any aws_wafv2_web_acl resource with below rule and run terraform plan or validate.
What is the expected behavior?
Terraform plan/validate should work fine. I think I am making some mistake in the syntax of and_statement.
Software versions?
The text was updated successfully, but these errors were encountered: