Closed zBart closed 1 year ago
I'm also facing the same issue. Seems like this works via the API but the cloudformation validation is not updated to accept the CustomKeys property
I guess I'll have to stick to manually updating it for the time being instead of using cloudformation
another option could be use UpdateWebACL https://awscli.amazonaws.com/v2/documentation/api/latest/reference/waf/update-web-acl.html
How is the situation?
Good afternoon,
I am happy to confirm that CustomKeys
support should now be available in Cloudformation. Please let me know if you are still experiencing issues.
Hello, thanks for releasing this for Cloudformation. I wonder when this will be available for CDK? Should I raise any issue somewhere to move it to CDK, or it will be automatically moved as this is now available in Cfn? Thanks!
@xavi-bean It will appear automatically once the latest Cloudformation specification is updated. I've inquired as to the timelines of when this would happen next and will post an update as soon as I have the date.
@xavi-bean we are tracking this issue internally, unfortunately I cannot provide an exact ETA yet. I am monitoring this and will provide an update as soon as I can.
Name of the resource
AWS::WAFv2::WebACL
Resource name
No response
Description
AWS WAF added the option to specify custom keys for rate limiting (blog: https://aws.amazon.com/about-aws/whats-new/2023/05/aws-waf-rate-based-rules-request-headers-composite-keys/).
The new
CUSTOM_KEYS
option was added as a valid value for theAggregateKeyType
(and it even mentions you have to set theCustomKeys
property): https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-wafv2-rulegroup-ratebasedstatement.htmlHowever, setting the
CustomKeys
property fails:The API documentation for WAF does list the option: https://docs.aws.amazon.com/waf/latest/APIReference/API_RateBasedStatement.html
Adding support for this would require some additional types: https://docs.aws.amazon.com/waf/latest/APIReference/API_RateBasedStatementCustomKey.html
Other Details
No response