search

aws / aws-tools-for-powershell

The AWS Tools for PowerShell lets developers and administrators manage their AWS services from the PowerShell scripting environment.
Apache License 2.0
235 stars 78 forks source link

Add documentation samples for New-WAF2WebACL #133

Closed ricohomewood closed 2 years ago

ricohomewood commented 4 years ago

Provide a general summary of the issue in the Title above.

Expected Behavior

New-WAF2WebACL -Name "waf-test" -Scope REGIONAL -Region eu-west-1 -VisibilityConfig_CloudWatchMetricsEnabled $true -VisibilityConfig_SampledRequestsEnabled $true -VisibilityConfig_MetricName "waf-test" -Description "Test" -DefaultAction_Allow

Should create a WAFv2 Web ACL

Current Behavior

The above throws an error stating that the -DefaultAction_Allow requires an argument (see error below) but looking at the code it shouldn't from what I understand. There are currently no documented examples for this.

New-WAF2WebACL : Missing an argument for parameter 'DefaultAction_Allow'. Specify a parameter of type 'Amazon.WAFV2.Model.AllowAction' and try again.

That same error is thrown if you use 'DefaultAction_Block'

Steps to Reproduce (for bugs)

Install latest version of AWSPowershell and run the above command

Context

Not able to create a new WAFv2 WEb ACL using AWSPowerShell

Your Environment

Using the latest version of AWSPowerShell ModuleType Version Name

Binary 4.0.4.0 AWSPowerShell

$PSVersionTable: Name Value

PSVersion 5.1.18362.628
PSEdition Desktop
PSCompatibleVersions {1.0, 2.0, 3.0, 4.0...}
BuildVersion 10.0.18362.628
CLRVersion 4.0.30319.42000
WSManStackVersion 3.0
PSRemotingProtocolVersion 2.3
SerializationVersion 1.1.0.1

Windows 10 Version 1909 (OS build 18363.657)

ricohomewood commented 4 years ago

To update I found a hacky workaround where I create a blank object like:

$allow = [Amazon.WAFV2.Model.AllowAction]::new()

and then use that as the arg to the -DefaultAction_Allow param but this is still a bug and we should not have to call the raw .NET to do that.

New-WAF2WebACL `
-Name "waf-test" `
-Scope REGIONAL `
-Region eu-west-1 `
-VisibilityConfig_CloudWatchMetricsEnabled $true `
-VisibilityConfig_SampledRequestsEnabled $true `
-VisibilityConfig_MetricName "waf-test" `
-Description "Test" `
-DefaultAction_Allow $allow
klaytaybai commented 4 years ago

Thank you for the feedback. I agree that this is an unnecessarily poor user experience. I'll see if we can make an improvement to solve your problem, but we probably won't be able to make a 100% clean solution because we will have to preserve backwards compatibility for people doing -DefaultAction_Allow [Amazon.WAFV2.Model.AllowAction]::new()

matteo-prosperi commented 4 years ago

Hello, an even simpler way to do this is -DefaultAction_Allow @{}.

I am not sure why this API was designed in this way, but I suppose it is in order to allow to future extensions where DefaultAction_Allow have added properties.

I will rename this issue as a request for documentation samples.

ashishdhingra commented 2 years ago

Fixed at https://docs.aws.amazon.com/powershell/latest/reference/items/New-WAF2WebACL.html

github-actions[bot] commented 2 years ago

⚠️COMMENT VISIBILITY WARNING⚠️

Comments on closed issues are hard for our team to see. If you need more assistance, please either tag a team member or open a new issue that references this one. If you wish to keep having a conversation with other community members under this issue feel free to do so.