AWS::WAFv2::WebACL: Support other AggregateKeyType in RateBasedStatement

aws-cloudformation / cloudformation-coverage-roadmap

The AWS CloudFormation Public Coverage Roadmap

https://aws.amazon.com/cloudformation/

Creative Commons Attribution Share Alike 4.0 International

1.11k stars 54 forks source link

AWS::WAFv2::WebACL: Support other AggregateKeyType in RateBasedStatement #1736

Closed skywalker-nick closed 1 year ago

skywalker-nick commented 1 year ago

Name of the resource

AWS::WAFv2::WebACL

Resource name

No response

Description

We deployed WAFv2 in our business websites via CloudFormation, however, due to the lack of AggregateKeyType, we manually configured RateBasedStatement in the WAFv2 deployments.

The current CloudFormation supports "IP" and "FORWARDED_IP", however, we use "CONSTANT" and "CUSTOM_KEYS" in different deployments.

Other Details

No response

xavi-bean commented 1 year ago

In the same situation here. This is causing inconsistencies in our infrastructure. Any estimated time for this to be fixed?

nikita-sokolsky-amazon commented 1 year ago

@xavi-bean @skywalker-nick Thank you for opening this ticket. This feature is now supported within Cloudformation. I will provide an additional update once the aws-cdk package has been synchronized with Cloudformation as well.

nuttmeister commented 1 year ago

Only CUSTOM_KEYS was shipped. Trying to deploy a working rule with CONSTANT will produce a validation error in CF. Even something that is known to work via API / Console and/or using the examples in the CF docs will produce a validation error.

RateBasedStatement/AggregateKeyType: failed validation constraint for keyword [enum]