search

umotif-public / terraform-aws-waf-webaclv2

Terraform module to configure WAF V2 Web ACL with managed rules for Application Load Balancer
https://registry.terraform.io/modules/umotif-public/waf-webaclv2/aws
Other
137 stars 124 forks source link

json_body is not supported in the field_to_match parameter #106

Closed aditya-ambati closed 1 year ago

aditya-ambati commented 1 year ago

json_body is not available in the field_to_match parameter. I have added the json_body dynamic block using under sqli_match_statement.

waf_module.tf

dynamic "json_body" {
                  for_each = length(lookup(field_to_match.value, "json_body", {})) == 0 ? [] : [lookup(field_to_match.value, "json_body")]
                  content {
                    match_scope = upper(lookup(json_body.value, "match_scope"))
                    dynamic "match_pattern" {
                      for_each = length(lookup(json_body.value, "match_pattern", {})) == 0 ? [] : [lookup(json_body.value, "match_pattern", {})]
                      content {
                        dynamic "all" {
                          for_each = length(lookup(match_pattern.value, "all", {})) == 0 ? [] : [lookup(match_pattern.value, "all")]
                          content {}
                        }
                      }
                    }
                    oversize_handling = upper(lookup(json_body.value, "oversize_handling"))
                  }
                }

waf_inputs.tf

{
            sqli_match_statement = {
              field_to_match = {
                json_body = {
                  match_scope = "ALL"
                  match_pattern = {
                    all = "{}"
                  }
                  oversize_handling = "CONTINUE"
                }
              }

              text_transformation = {
                type     = "NONE"
                priority = 0
              }
            }
          }

terraform plan shows empty value for field_match parameter

+ statement {
                      + sqli_match_statement {
                          + field_to_match {
                              + headers {
                                  + match_scope       = "ALL"
                                  + oversize_handling = "CONTINUE"

                                  + match_pattern {
                                      + excluded_headers = []
                                      + included_headers = []

                                      + all {}
                                    }
                                }
                            }
                          + text_transformation {
                              + priority = 0
                              + type     = "NONE"
                            }
                        }
                    }
                  + statement {
                      + sqli_match_statement {
                          + field_to_match {
                            }
                          + text_transformation {
                              + priority = 0
                              + type     = "NONE"
                            }
                        }
                    }
                }
            }

What is the expected behavior? json_body should show the match_scope and match_pattern values in the plan

Software versions? aws provider version: 5.4.0 terraform version: v1.4.6

Ohid25 commented 1 year ago

I believe you need to add the json_body to the field_to_match parameter of a sqli_match_statement at every occurrence within the module instead of just one place.

Can you create a new example for this particular use case and raise a pull request so we can review the changes?

rafaljanicki commented 10 months ago

Is there any reason why this is closed? It's still an issue