search

hashicorp / terraform

Terraform enables you to safely and predictably create, change, and improve infrastructure. It is a source-available tool that codifies APIs into declarative configuration files that can be shared amongst team members, treated as code, edited, reviewed, and versioned.
https://www.terraform.io/
Other
42.6k stars 9.55k forks source link

AWS WAF web acl creates new rule instead of updating #11959

Closed sarjidoo closed 7 years ago

sarjidoo commented 7 years ago

Hi there,

Thank you for opening an issue. Please note that we try to keep the Terraform issue tracker reserved for bug reports and feature requests. For general usage questions, please see: https://www.terraform.io/community.html.

Terraform Version

v0.8.6

Affected Resource(s)

resource "aws_waf_web_acl"

Terraform Configuration Files

 depends_on = ["aws_waf_rule.rule1",
   "aws_waf_rule.rule3",
   "aws_waf_rule.rule2",
   "aws_waf_rule.rule4",
   "aws_waf_rule.Rule_rule5",
   "aws_waf_rule.rule6"]
 name = "TFWaf_ACL"
 metric_name = "TFWafAcl"
 default_action {
   type = "ALLOW"
 }
 rules {
   action {
      type = "BLOCK"
   }
   priority = 2
   rule_id = "${aws_waf_rule.rule3.id}"
 }
 rules {
   action {
      type = "BLOCK"
   }
   priority = 3
   rule_id = "${aws_waf_rule.rule2.id}"
 }
 rules {
   action {
      type = "BLOCK"
   }
   priority = 4
   rule_id = "${aws_waf_rule.rule1.id}"
 }
 rules {
   action {
     type = "BLOCK"
   }
   priority = 5
   rule_id = "${aws_waf_rule.rule4.id}"
 }
   rules {
   action {
     type = "BLOCK"
   }
   priority = 6
   rule_id = "${aws_waf_rule.Rule_rule5.id}"
 }
 rules {
   action {
     type = "ALLOW"
   }
   priority = 8
   rule_id = "${aws_waf_rule.Rule_rule5.id}"
 }
   rules {
   action {
     type = "BLOCK"
   }
   priority = 7
   rule_id = "${aws_waf_rule.rule6.id}"
 }
}

Expected Behavior

Rule should update with new parameters.

Actual Behavior

New rule was created, keeping the original one.

Steps to Reproduce

  1. Apply code above.
  2. Change one of the rules from BLOCK to ALLOW or change the priority order.
  3. Reapply.
  4. TF destroy will remove all rules.
james-gonzalez commented 7 years ago

Any update on this?

ghost commented 4 years ago

I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues.

If you have found a problem that seems similar to this, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further.