search

umotif-public / terraform-aws-waf-webaclv2

Terraform module to configure WAF V2 Web ACL with managed rules for Application Load Balancer
https://registry.terraform.io/modules/umotif-public/waf-webaclv2/aws
Other
137 stars 124 forks source link

terragrunt issue #16

Closed Mazon closed 3 years ago

Mazon commented 4 years ago

I am getting this error

Error: Unsupported block type

  on main.tf line 136, in resource "aws_wafv2_web_acl" "main":
 136:             dynamic "forwarded_ip_config" {

Blocks of type "forwarded_ip_config" are not expected here.

trying to use with terragrunt and pinned to version 1.5.0.

Maybe doing somethign wrong.

My file looks similar to your example except

terraform {
  source = "git@github.com:umotif-public/terraform-aws-waf-webaclv2.git?ref=1.5.0"

  after_hook "copy_vars_main_variables" {
      commands     = ["init-from-module"]
      execute      = ["cp", "${get_parent_terragrunt_dir()}/../vars/main_variables.tf", "."]
      run_on_error = false
    }
}

include {
  path = find_in_parent_folders()
}

locals {
  region = "ap-southeast-1"
}

inputs = {

In top.

Mazon commented 4 years ago

If trying other version like 1.4.1 i get another error 

Error: Invalid dynamic for_each value

  on main.tf line 23, in resource "aws_wafv2_web_acl" "main":
  23:     for_each = var.rules
    |----------------
    | var.rules is "[{\"managed_rule_group_statement\":{\"excluded_rule\":[\"SizeRestrictions_QUERYSTRING\",\"SizeRestrictions_BODY\",\"GenericRFI_QUERYARGUMENTS\"],\"name\":\"AWSManagedRulesCommonRuleSet\",\"vendor_name\":\"AWS\"},\"name\":\"AWSManagedRulesCommonRuleSet-rule-1\",\"override_action\":\"none\",\"priority\":\"1\",\"visibility_config\":{\"metric_name\":\"AWSManagedRulesCommonRuleSet-metric\"}},{\"managed_rule_group_statement\":{\"name\":\"AWSManagedRulesKnownBadInputsRuleSet\",\"vendor_name\":\"AWS\"},\"name\":\"AWSManagedRulesKnownBadInputsRuleSet-rule-2\",\"override_action\":\"count\",\"priority\":\"2\",\"visibility_config\":{\"metric_name\":\"AWSManagedRulesKnownBadInputsRuleSet-metric\"}},{\"managed_rule_group_statement\":{\"name\":\"AWSManagedRulesPHPRuleSet\",\"vendor_name\":\"AWS\"},\"name\":\"AWSManagedRulesPHPRuleSet-rule-3\",\"priority\":\"3\",\"visibility_config\":{\"cloudwatch_metrics_enabled\":false,\"metric_name\":\"AWSManagedRulesPHPRuleSet-metric\",\"sampled_requests_enabled\":false}}]"

Cannot use a string value in for_each. An iterable collection is required.

versions Terraform v0.13.5 terragrunt version v0.25.5

Mazon commented 4 years ago

I am guessing that it is related to 

Note that because the values are being passed in with environment variables and json, the type information is lost when crossing the boundary between Terragrunt and Terraform.
Mazon commented 3 years ago

got it working mostly with type = list in variables.tf for rules for the type information.

Artemkulish commented 3 years ago

Hello guys, could you be so kind specifying type = any in variables.tf for rules? It fixes the issue when using Terragrunt.

marcincuber commented 3 years ago

@Artemkulish upgrade to version 2.0.0 of this module where this is fixed.