Error: "Failed to create resource. An error occurred (WAFStaleDataException) when calling the UpdateWebACL operation: The input token is no longer current"

aws-solutions / aws-waf-security-automations

This solution automatically deploys a single web access control list (web ACL) with a set of AWS WAF rules designed to filter common web-based attacks.

https://aws.amazon.com/solutions/aws-waf-security-automations

Apache License 2.0

845 stars 361 forks source link

Error: "Failed to create resource. An error occurred (WAFStaleDataException) when calling the UpdateWebACL operation: The input token is no longer current" #88

Closed sushilfirminiq closed 1 year ago

sushilfirminiq commented 5 years ago

Facing the same issue while creating the WAF from cloudformation. Error: "Failed to create resource. An error occurred (WAFStaleDataException) when calling the UpdateWebACL operation: The input token is no longer current"

animateM commented 5 years ago

I have the same issue. This seems to be a common bug.

Here are the params I am using...

{ "Parameters" : { "ActivateSqlInjectionProtectionParam" : "yes", "ActivateCrossSiteScriptingProtectionParam" : "yes", "ActivateHttpFloodProtectionParam" : "yes - AWS WAF rate based rule", "ActivateScannersProbesProtectionParam" : "yes - AWS Lambda log parser", "ActivateReputationListsProtectionParam" : "yes", "ActivateBadBotProtectionParam" : "yes", "EndpointType" : "ALB", "AppAccessLogBucket" : "fh-accesslogbucket-s3", "RequestThreshold" : "2000", "ErrorThreshold" : "50", "WAFBlockPeriod" : "5" } }

animateM commented 5 years ago

I have a guess that this error is due to something "left over" in our S3 buckets when we deploy this new version that is causing the error. I suggest deleting the firewall stack and then deleting everything out of the S3 buckets, then try again... Either that is the problem or it is a random timing problem. Maybe if the *-app_log_conf.json already exists there is an error thrown??? Don't know.

In any case, I started completely from scratch after deleting everything out of the S3 buckets and I didn't get this error.

barticus commented 5 years ago

Hi, I'm also seeing this behaviour. I retried it a couple of times and on one environment it went through without any other intervention. On another environment i ended up removing the log_conf.json files from the bucket and the creation finally went through.

Hope this helps someone and this gets fixed at some point!

hvital commented 5 years ago

Hi,

Sorry for this. I added a comment on Issue#85 to give more context about this and what will be added to next update to fix it.

aijunpeng commented 1 year ago

We have deprecated WAF classic version <=2.3.3. closing the ticket.