[Enhancement]: aws_wafv2_rule_group accept json similar to aws_iam_policy

[jreagan00]

Description

Please add the capability to use a JSON file as a source for a WAF Rule similar to how i can with the IAM Policy

My aws_iam_policy code example:

variable "iam_pol_name" {type=string}
variable "json_pol_file" {type=string}

data "local_file" "json_pol_file" {filename = "${path.module}/${var.json_pol_file}"}

resource "aws_iam_policy" "policy" {
    name        = var.iam_pol_name
    policy = data.local_file.json_pol_file.content
}

Something similar to:

variable "rule_grp_name" {type=string}
variable "rule_grp_desc" {type=string}
variable "json_rule_file" {type=string}

data "local_file" "json_rule_file" {filename = "${path.module}/${var.json_rule_file}"}

resource "aws_wafv2_rule_group" "rule_grp" {
  name        = var.rule_grp_name
  description = var.rule_grp_desc
  scope       = "REGIONAL"
  capacity    = 500  

  rule = data.local_file.json_rule_file.content

}

Even using the jsonencode block would work:

policy = jsonencode({
    Version = "2012-10-17"
    Statement = [
      {
        Action = [
          "ec2:Describe*",
        ]
        Effect   = "Allow"
        Resource = "*"
      },
    ]
  })

Affected Resource(s) and/or Data Source(s)

aws_wafv2_web_acl aws_wafv2_rule_group

Potential Terraform Configuration

variable "rule_grp_name" {type=string}
variable "rule_grp_desc" {type=string}
variable "json_rule_file" {type=string}

data "local_file" "json_rule_file" {filename = "${path.module}/${var.json_rule_file}"}

resource "aws_wafv2_rule_group" "rule_grp" {
  name        = var.rule_grp_name
  description = var.rule_grp_desc
  scope       = "REGIONAL"
  capacity    = 500  

  rule = data.local_file.json_rule_file.content

}

References

No response

Would you like to implement a fix?

No

[github-actions[bot]]

Community Note

Voting for Prioritization

• Please vote on this issue by adding a 👍 reaction to the original post to help the community and maintainers prioritize this request.
• Please see our prioritization guide for information on how we prioritize.
• Please do not leave "+1" or other comments that do not add relevant new information or questions, they generate extra noise for issue followers and do not help prioritize the request.

Volunteering to Work on This Issue

• If you are interested in working on this issue, please leave a comment.
• If this would be your first contribution, please review the contribution guide.

[github-actions[bot]]

Marking this issue as stale due to inactivity. This helps our maintainers find and focus on the active issues. If this issue receives no comments in the next 30 days it will automatically be closed. Maintainers can also remove the stale label.

If this issue was automatically closed and you feel this issue should be reopened, we encourage creating a new issue linking back to this one for added context. Thank you!