Closed anGie44 closed 4 years ago
From AWS Support, a very clear answer:
Rule groups and web ACLs both contain rules, which are defined in the same manner in both places. Rule groups differ from web ACLs in the following ways:
Rule groups can't contain the following rule statement types:
-Rule group reference statements
-Rate-based rule statements
I would like to confirm that Rate-based rules cannot be added in Rule group and can be added only in WebACLS[1]
Hope I was able to confirm and answer your question. In case of any additional queries, feel free to respond back and I will be more happy to assist you.
Have a nice day!!
Thanks for reaching out to us about this @anGie44, and thanks @leecookson for the insight from Premium Support. While I was able to reproduce the described behavior, the error returned suggests this behavior is due to the way the service behaves rather than a problem with the AWS SDK for Go, which is confirmed by our Premium Support team's statement in @leecookson's reply.
Unfortunately this behavior is not something that can be altered from the SDK's end, as such I will be closing out this issue. If you'd like to see this behavior changed from the service end I suggest creating a new Technical Support case under the WAF service and Feature Request category so your request goes through the appropriate channels.
i see! thanks @diehlaws and @leecookson for following up with this behavior. anyway we can help make a request to update the API documentation?
@anGie44 Certainly! You can use the Provide feedback
link on the CreateRuleGroup page for WAF's API Reference, this will create a ticket for the service's documentation team containing the information provided in the form.
awesome 👍 , thanks @diehlaws!
Hi Team, This is now possible; can we please reopen this issue. I am facing the same issue despite having this option on the console cannot do it via terraform. thanks.
Hi Team , Same issue here. I managed to create the "rate_based_statement" from console inside a rule group, but not working with terraform yet.
Thanks.
+1 to the above.
Confirm by changing [ ] to [x] below to ensure that it's a bug:
Describe the bug Creating a Rule Group with a RateBasedStatement returns 400 (similar to aws cli error reported in https://github.com/aws/aws-cli/issues/5015)
Version of AWS SDK for Go?
Version of Go (
go version
)?To Reproduce (observed behavior) Steps to reproduce the behavior (please share code or minimal repo)
statement := &wafv2.Statement{RateBasedStatement: rateBased}
visibilityConfig := &wafv2.VisbilityConfig { CloudWatchMetricsEnabled: aws.Bool(false), MetricName: aws.String("example-metric"), SampledRequestsEnabled: aws.Bool(false), }
var rules []*wafv2.Rule rule := &wafv2.Rule{ Name: aws.String("rule-1"), Priority: aws.Int64(int64(1)), Action: &wafv2.RuleAction{ Allow: &wafv2.AllowAction{} }, // or {Block: &wafv2.BlockAction{}} or {Count: &wafv2.CountAction{}} also tested Statement: statement, VisibilityConfig: visibilityConfig, }
rules = append(rules, rule)
params := &wafv2.CreateRuleGroupInput { Name: aws.String("example"), Scope: aws.String("REGIONAL"), Capacity: aws.Int64(int64(300)), Rules: rules, VisibilityConfig: visibilityConfig, }
output, err := conn.CreateRuleGroup(params)