cdk webacl Getting error: AttributeError: type object 'property' has no attribute '__jsii_type__'

NadeemPatel commented 4 years ago

description of the bug:

I am trying to create AWS WAF web acl using cdk wafv2 - cfnwebacl() construct, but getting following error.

AttributeError: type object 'property' has no attribute '__jsii_type__'

Reproduction Steps

from aws_cdk import (
    core,
    aws_wafv2 as waf

)
from variables_list import (
    Project,
    Env,
    Vpc_Cidr
)

class WafStack(core.Stack):

    def __init__(self, scope: core.Construct, id: str, **kwargs) -> None:
        super().__init__(scope, id, **kwargs)

        # The code that defines your stack goes here
        core.Tag.add(self,key='environment',value=Env)
        core.Tag.add(self,key='project',value=Project)

        Ipv4set= waf.CfnIPSet(
            self,"Allowed-IPs",
            addresses=[
                "103.53.234.16/32",
                "223.229.155.35/32"
            ],
            ip_address_version="IPV4",
            scope="CLOUDFRONT",
            name="Allowed-IPs"
        )
        Ipv4set= waf.CfnIPSet(
            self,"allowed-ipv6",
            addresses=[
                "2409:4071:2389:d15f:f8ee:dcf0:2611:952c/128"
            ],
            ip_address_version="IPV6",
            scope="CLOUDFRONT",
            name="allowed-ipv6"
        )

        webAcl = waf.CfnWebACL(
            self,Project+"-"+Env+"-web-acl",
            default_action= waf.CfnWebACL.DefaultActionProperty.allow,
            scope="CLOUDFRONT",
            visibility_config=waf.CfnWebACL.VisibilityConfigProperty(
                cloud_watch_metrics_enabled=True,
                metric_name=Project+"-"+Env+"-web-acl",
                sampled_requests_enabled=False
            )
        )

Error Log

(node:2732) ExperimentalWarning: Conditional exports is an experimental feature. This feature could change at any time
Traceback (most recent call last):
  File "app.py", line 219, in <module>
    waf_stack = WafStack(
  File "/home/administrator/repos/devops/automation/cdk_codes/prod/env/lib/python3.8/site-packages/jsii/_runtime.py", line 66, in __call__
    inst = super().__call__(*args, **kwargs)
  File "/home/administrator/repos/devops/automation/cdk_codes/prod/prod/waf_stack.py", line 50, in __init__
    webAcl = waf.CfnWebACL(
  File "/home/administrator/repos/devops/automation/cdk_codes/prod/env/lib/python3.8/site-packages/jsii/_runtime.py", line 66, in __call__
    inst = super().__call__(*args, **kwargs)
  File "/home/administrator/repos/devops/automation/cdk_codes/prod/env/lib/python3.8/site-packages/aws_cdk/aws_wafv2/__init__.py", line 2142, in __init__
    jsii.create(CfnWebACL, self, [scope_, id, props])
  File "/home/administrator/repos/devops/automation/cdk_codes/prod/env/lib/python3.8/site-packages/jsii/_kernel/__init__.py", line 227, in create
    args=_make_reference_for_native(self, args),
  File "/home/administrator/repos/devops/automation/cdk_codes/prod/env/lib/python3.8/site-packages/jsii/_kernel/__init__.py", line 124, in _make_reference_for_native
    return [_make_reference_for_native(kernel, i) for i in d]
  File "/home/administrator/repos/devops/automation/cdk_codes/prod/env/lib/python3.8/site-packages/jsii/_kernel/__init__.py", line 124, in <listcomp>
    return [_make_reference_for_native(kernel, i) for i in d]
  File "/home/administrator/repos/devops/automation/cdk_codes/prod/env/lib/python3.8/site-packages/jsii/_kernel/__init__.py", line 137, in _make_reference_for_native
    "data": {
  File "/home/administrator/repos/devops/automation/cdk_codes/prod/env/lib/python3.8/site-packages/jsii/_kernel/__init__.py", line 138, in <dictcomp>
    jsii_name: _make_reference_for_native(kernel, getattr(d, python_name)) for python_name, jsii_name in mapping.items()
  File "/home/administrator/repos/devops/automation/cdk_codes/prod/env/lib/python3.8/site-packages/jsii/_kernel/__init__.py", line 151, in _make_reference_for_native
    kernel.create(d.__class__, d)
  File "/home/administrator/repos/devops/automation/cdk_codes/prod/env/lib/python3.8/site-packages/jsii/_kernel/__init__.py", line 226, in create
    fqn=klass.__jsii_type__ or "Object",
AttributeError: type object 'property' has no attribute '__jsii_type__'
Subprocess exited with error 1

Environment

CLI Version : aws-cli/1.18.11 Python/3.6.9 Linux/4.15.0-96-generic botocore/1.15.11
OS : Ubuntu 18
Language : Python

This is :bug: Bug Report

rix0rrr commented 4 years ago

Asking jsii folks to weigh in on which issue this is a duplicate of :)

RomainMuller commented 4 years ago

So the problem is with how you set default_action being an invalid access: waf.CfnWebACL.DefaultActionProperty.allow is an instance method on the waf.CfnWebACL.DefaultActionProperty type.

The correct way to set this is the following:

        webAcl = waf.CfnWebACL(
            self,Project+"-"+Env+"-web-acl",
            default_action= waf.CfnWebACL.DefaultActionProperty(allow={}),
            scope="CLOUDFRONT",
            visibility_config=waf.CfnWebACL.VisibilityConfigProperty(
                cloud_watch_metrics_enabled=True,
                metric_name=Project+"-"+Env+"-web-acl",
                sampled_requests_enabled=False
            )
        )

I have confirmed this to work and produce the output I'd have expected there, so I will be resolving this.

jsamuel1 commented 3 years ago

This needs a documentation update to have a Python sample.

aws / aws-cdk