hashicorp / terraform-provider-aws

The AWS Provider enables Terraform to manage AWS resources.
https://registry.terraform.io/providers/hashicorp/aws
Mozilla Public License 2.0
9.82k stars 9.16k forks source link

AWS WAF Bot Control Rule Defaults #39825

Open RoseSecurity opened 1 week ago

RoseSecurity commented 1 week ago

Description

Hey team, quick question about the AWS WAF's aws_managed_rules_bot_control_rule_set default values. From my understanding, inspection_levels can be one of two values, COMMON or TARGETED. This value is required but no default is assigned. For the enable_machine_learning parameter, it defaults to true, although this value is only compatible with TARGETED inspection levels. Should this be corrected to default to false?

Code Reference

"aws_managed_rules_bot_control_rule_set": {
    Type:     schema.TypeList,
    Optional: true,
    MaxItems: 1,
    Elem: &schema.Resource{
        Schema: map[string]*schema.Schema{
            "enable_machine_learning": {
                Type:     schema.TypeBool,
                Optional: true,
                Default:  true,
            },
            "inspection_level": {
                Type:             schema.TypeString,
                Required:         true,
                ValidateDiagFunc: enum.Validate[awstypes.InspectionLevel](),
            },
        },
    },
},

References

Would you like to implement a fix?

Yes

github-actions[bot] commented 1 week ago

Community Note

Voting for Prioritization

Volunteering to Work on This Issue