search

hashicorp / terraform-provider-aws

The AWS Provider enables Terraform to manage AWS resources.
https://registry.terraform.io/providers/hashicorp/aws
Mozilla Public License 2.0
9.81k stars 9.16k forks source link

Unable to attach aws_wafregional_rule_group #4414

Closed dynamike closed 6 years ago

dynamike commented 6 years ago

Terraform Version

Terraform v0.11.7
+ provider.aws v1.16.0

Affected Resource(s)

Terraform Configuration Files

# Copy-paste your Terraform configurations here - for large Terraform configs,
resource "aws_wafregional_rule" "example" {
  name        = "example"
  metric_name = "example"
}

resource "aws_wafregional_rule_group" "example" {
  name        = "example"
  metric_name = "example"

  activated_rule {
    action {
      type = "COUNT"
    }

    priority = 1
    rule_id  = "${aws_wafregional_rule.example.id}"
  }
}

resource "aws_wafregional_web_acl" "example" {
  name = "example"

  # CloudWatch metrics naming requirements:
  # 1 and 128 alphabetic characters long.
  # Don't include numbers, spaces, or special characters.
  metric_name = "example"

  default_action {
    type = "ALLOW"
  }

  rule {
    action {
      type = "BLOCK"
    }

    priority = 1
    rule_id  = "${aws_wafregional_rule_group.example.id}"
  }
}
provider "aws" {
  version = "~> 1.16.0"
  region  = "us-west-2"
}
terraform {
  required_version = "~> 0.11.3"
}

Debug Output

terraform apply output -- https://gist.github.com/dynamike/2c2dd59db19c380f09edba8e0db25686

Expected Behavior

The aws_wafregional_rule_group should attach to the aws_wafregional_web_acl

Actual Behavior

It's unable to find the rule group id * aws_wafregional_web_acl.example: Error Updating WAF Regional ACL: Error Updating WAF Regional ACL: WAFNonexistentItemException: The referenced item does not exist.

Steps to Reproduce

Please list the steps required to reproduce the issue, for example:

  1. terraform apply --auto-approve
bflad commented 6 years ago

This should be fixed with #5053 which was just merged into master and will release with version 1.27.0 of the AWS provider, likely middle of this week. 👍 

# Implementation is similar for aws_wafregional_web_acl resource
resource "aws_waf_web_acl" "example" {
 # ... other configuration ...
  rules {
    # ... other configuration ...
    override_action {
       type = "NONE"
    }
    type = "GROUP"
    rule_id = "${aws_waf_rule_group.example.id}"
  }
}
bflad commented 6 years ago

This has been released in version 1.27.0 of the AWS provider. Please see the Terraform documentation on provider versioning or reach out if you need any assistance upgrading.

ghost commented 4 years ago

I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues.

If you feel this issue should be reopened, we encourage creating a new issue linking back to this one for added context. Thanks!