Open lemaxmdlk opened 3 months ago
Voting for Prioritization
Volunteering to Work on This Issue
Issue Summary After reviewing the Terraform provider logs and AWS API responses, it became clear that the problem was caused by incorrect attribute naming within the Terraform configuration. Specifically, the issue stemmed from the use of rule_action_override and action_to_use instead of the correct attribute names.
Root Cause The correct attribute names, as per the AWS API documentation for RuleActionOverride and Rule action and, should be:
ruleActionOverrides
instead of rule_action_override
actionToUse
instead of action_to_use
Using the incorrect attribute names caused Terraform to believe that the policy was applied correctly, even though the AWS API did not recognize the malformed attributes. This discrepancy led to Terraform reporting successful application, while the policy changes were not actually reflected in the AWS console.
Solution The solution was to update the Terraform configuration with the correct attribute names:
{
priority = 6,
ruleGroupType = "ManagedRuleGroup",
managedRuleGroupIdentifier = {
vendorName = "AWS",
managedRuleGroupName = "AWSManagedRulesCommonRuleSet"
},
ruleActionOverrides = [
{
name = "EC2MetaDataSSRF_BODY",
actionToUse = {
count = {}
}
}
],
overrideAction = { type = "NONE" }
}
After making these changes, Terraform was able to successfully apply the policy, and the expected behavior was observed in the AWS console.
Terraform Core Version
1.5.2
AWS Provider Version
5.41.0
Affected Resource(s)
Expected Behavior
if you go to AWS console-> security policies -> core rule set. We should be able to see the action (count, block) that we are setting up explicitly within the code action_to_use = { count = {}}
Actual Behavior
if you go to AWS console-> security policies -> core rule set. None of them show the action_to_use = { count = {}} or block that I am explicitly set up in the code. All of them are listed empty. (-)AWS
Relevant Error/Panic Output Snippet
No response
Terraform Configuration Files
Steps to Reproduce
set up the explicit behavior in the core rule set using terraform and try to see that value in the console. It is empty
Debug Output
.
Panic Output
.
Important Factoids
.
References
https://docs.aws.amazon.com/waf/latest/developerguide/web-acl-rule-group-override-options.html
Would you like to implement a fix?
None