When updating an existing WAFv2 WebACL's set of rules, we get model validation errors whether we are removing a rule, adding a rule, or editing an existing rule.
Expected Behavior
To be able to add/edit/delete WebACL rules without replacing the WebACL entirely.
Type Name Status Info
pulumi:pulumi:Stack wafv2-demo **failed** 1 error
~ └─ aws-native:wafv2:WebAcl demo-web-acl **updating failed** [diff: ~rules]; 1 error
Diagnostics:
pulumi:pulumi:Stack (wafv2-demo):
error: update failed
aws-native:wafv2:WebAcl (demo-web-acl):
error: operation error CloudControl: UpdateResource, https response error StatusCode: 400, RequestID: ..., api error ValidationException: Model validation failed (#/Description: failed validation constraint for keyword [pattern])
Output of pulumi about
Dependencies:
NAME VERSION
@pulumi/pulumi 3.77.1
@pulumi/aws-native 0.72.0
Additional context
One workaround for this issue is setting the replaceOnChanges pulumi resource option to ["*"] to replace the entire wafv2.WebAcl on any change.
eg.
import * as awsNative from "@pulumi/aws-native";
new awsNative.wafv2.WebAcl(
"demo-web-acl",
{
// ...
},
{ replaceOnChanges: ["*"] }
);
Contributing
Vote on this issue by adding a 👍 reaction.
To contribute a fix for this issue, leave a comment (and link to your pull request, if you've opened one already).
What happened?
When updating an existing WAFv2 WebACL's set of rules, we get model validation errors whether we are removing a rule, adding a rule, or editing an existing rule.
Expected Behavior
To be able to add/edit/delete WebACL rules without replacing the WebACL entirely.
Steps to reproduce
wafv2.WebAcl
eg.
rules
.The following error I run into is:
Output of
pulumi about
Additional context
One workaround for this issue is setting the
replaceOnChanges
pulumi resource option to["*"]
to replace the entirewafv2.WebAcl
on any change.eg.
Contributing
Vote on this issue by adding a 👍 reaction. To contribute a fix for this issue, leave a comment (and link to your pull request, if you've opened one already).