Closed moonyoungheo closed 6 years ago
Hi @moonyoungheo!
Geographic Matching is a relatively new feature in WAF added in October, and unfortunately Terraform has not yet been updated to support it.
The Terraform team at HashiCorp won't be able to work on this in the near future due to our focus being elsewhere, but we'd be happy to review a pull request if you or someone else has the time and motivation to implement it. Alternatively, if others would also like to see this implemented I'd encourage adding a :+1: upvote reaction to the original issue comment (not to this comment), which we use as one of the inputs to prioritize work for the Terraform team.
@apparentlymart
The Terraform team at HashiCorp won't be able to work on this in the near future due to our focus being elsewhere, but we'd be happy to review a pull request if you or someone else has the time and motivation to implement it. Alternatively, if others would also like to see this implemented I'd encourage adding a π upvote reaction to the original issue comment (not to this comment), which we use as one of the inputs to prioritize work for the Terraform team.
Understandable, thanks for your hard work. Iβve implemented geo matching in PR #3275, awaiting review.
Why would that matter? The TF AWS Provider doesnβt use CloudFormation, it uses the AWS SDK which does support WAF Geo Matchsets.
On Tue, Mar 13, 2018 at 5:31 PM Thomas Steffes notifications@github.com wrote:
FWIW for others that find there way here -- It looks like AWS Cloudformation doesn't support WAF geo matchers yet, so that might be the true source of the issue.
β You are receiving this because you commented. Reply to this email directly, view it on GitHub https://github.com/terraform-providers/terraform-provider-aws/issues/2529#issuecomment-372825580, or mute the thread https://github.com/notifications/unsubscribe-auth/AA-FtAkhAXsLadnIxrCjmNY5ZBp1f3Wbks5teDq3gaJpZM4Q0bn4 .
Hi there, I'm having problems with this option not being implemented in wafregional, was this part of the scope? Thanks
Unfortunately no, I only implemented this for global WAF WebACLs.
I would create another feature request for regional WAF support.
EDIT: Nevermind, looks like someone implemented it for wafregional as well :).
On Tue, Apr 3, 2018 at 12:07 PM David Cohan notifications@github.com wrote:
Hi there, I'm having problems with this option not being implemented in wafregional, was this part of the scope? Thanks
β You are receiving this because you commented. Reply to this email directly, view it on GitHub https://github.com/terraform-providers/terraform-provider-aws/issues/2529#issuecomment-378304429, or mute the thread https://github.com/notifications/unsubscribe-auth/AA-FtOZ1rgs608bgrnllfPdYxY5CAlcEks5tk54ngaJpZM4Q0bn4 .
aws_wafregional_geo_match_set
is already implemented and part of the latest release:
https://www.terraform.io/docs/providers/aws/r/wafregional_geo_match_set.html
We just need to fix the incorrectly formatted docs π
I saw the doc, but the rule for that cannot be applied.
On Tue, Apr 3, 2018 at 1:21 PM, Radek Simko notifications@github.com wrote:
aws_wafregional_geo_matchset is already implemented and part of the latest release: https://www.terraform.io/docs/providers/aws/r/wafregional geo_match_set.html
We just need to fix the incorrectly formatted docs π
β You are receiving this because you commented. Reply to this email directly, view it on GitHub https://github.com/terraform-providers/terraform-provider-aws/issues/2529#issuecomment-378309106, or mute the thread https://github.com/notifications/unsubscribe-auth/AEPhSXty_aAdlCGvjLq-fPrSlDlRQeq8ks5tk6F6gaJpZM4Q0bn4 .
-- David Cohan
@dcohan I'm not sure I follow, but it sounds like a reason for opening a new issue.
So, Im trying to create a geo rule like this:
resource "aws_wafregional_geo_match_set" "geo_match_set" { name = "geo_match_set"
geo_match_constraint { type = "Country" value = "AR" } }
resource "aws_wafregional_rule" "georule" { depends_on = ["aws_wafregional_geo_match_set.geo_match_set"] name = "${var.group}-${var.environment}-waf-geo-rule" metric_name = "${var.group}${var.environment}wafgeorule"
predicate { data_id = "${aws_wafregional_geo_match_set.geo_match_set.id}" negated = false type = "GeoMatch" } }
first I create a match set limiting access to ARgentine only, then add that match to a rule with type="GeoMatch", and Im having an error about the type="GeoMatch" not available yet
On Tue, Apr 3, 2018 at 1:38 PM, Radek Simko notifications@github.com wrote:
@dcohan https://github.com/dcohan I'm not sure I follow, but it sounds like a reason for opening a new issue.
β You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub https://github.com/terraform-providers/terraform-provider-aws/issues/2529#issuecomment-378314792, or mute the thread https://github.com/notifications/unsubscribe-auth/AEPhSQSlPVpx1YMzA3HT5ggQxI6tPNzOks5tk6V_gaJpZM4Q0bn4 .
-- David Cohan
@dcohan Yeah, I think we don't have this field implemented in aws_wafregional_rule
. Can you open a new issue for this, please?
The formatting is now fixed btw. https://www.terraform.io/docs/providers/aws/r/wafregional_geo_match_set.html
Thanks Radek, I've opened a ticket for this already:
https://github.com/terraform-providers/terraform-provider-aws/issues/4039
Again, thanks for taking time for this!
On Wed, Apr 4, 2018 at 3:59 AM, Radek Simko notifications@github.com wrote:
@dcohan https://github.com/dcohan Yeah, I think we don't have this field implemented in aws_wafregional_rule. Can you open a new issue for this, please?
The formatting is now fixed btw. https://www.terraform.io/docs/ providers/aws/r/wafregional_geo_match_set.html
β You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub https://github.com/terraform-providers/terraform-provider-aws/issues/2529#issuecomment-378500439, or mute the thread https://github.com/notifications/unsubscribe-auth/AEPhSXpxPMf6NQrW59YytloD1fNnzTrFks5tlG9KgaJpZM4Q0bn4 .
-- David Cohan
I'm going to lock this issue because it has been closed for 30 days β³. This helps our maintainers find and focus on the active issues.
If you feel this issue should be reopened, we encourage creating a new issue linking back to this one for added context. Thanks!
Hi there,
Issue
I am trying to set Geo match condition on AWS WAF through Terraform but I cannot find any document and resources about it. Could I set Geo match condition on AWS WAF through Terraform?
Terraform Version
v0.10.6
Affected Resource(s)
aws_waf_web_acl aws_waf_rule