Hi All,
I am facing an issue with wafv2 resource.
I am able to add resource with below code,
resource “aws_wafv2_web_acl” “test2” {
name = “test2”
description = “test2 Web ACL”
scope = “REGIONAL”
default_action {
allow {}
}
rule {
name = “rule-2”
priority = 2
action {
count {}
}
statement {
rate_based_statement {
limit = 100
aggregate_key_type = "IP"
scope_down_statement {
byte_match_statement {
positional_constraint = "CONTAINS"
search_string = "/providerauthservice/forgotPassword"
field_to_match {
uri_path {}
}
text_transformation {
priority = 5
type = "NONE"
}
}
}
}
}
visibility_config {
cloudwatch_metrics_enabled = false
metric_name = "rule-2"
sampled_requests_enabled = false
}
}
tags = {
Tag1 = “Value1”
Tag2 = “Value2”
}
visibility_config {
cloudwatch_metrics_enabled = false
metric_name = “friendly-metric-name”
sampled_requests_enabled = false
}
}
when I modify the statement using or_statement, it fails ,
statement {
rate_based_statement {
limit = 100
aggregate_key_type = "IP"
or_statement {
statement {
scope_down_statement {
byte_match_statement {
positional_constraint = "CONTAINS"
search_string = "/providerauthservice/forgotPassword"
field_to_match {
all_query_arguments {}
}
text_transformation {
priority = 5
type = "NONE"
}
}
}
}
statement {
scope_down_statement {
byte_match_statement {
positional_constraint = "CONTAINS"
search_string = "/providerauthservice/login"
field_to_match {
all_query_arguments {}
}
text_transformation {
priority = 5
type = "NONE"
}
}
}
}
}
}
}
Error: Unsupported block type
on waf2.tf line 30, in resource “aws_wafv2_web_acl” “test2”:
30: or_statement {
Blocks of type “or_statement” are not expected here.
93: rate_based_statement {
Blocks of type “rate_based_statement” are not expected here.
can someone help me with or_statement sample works with rate_based_statement
thanks
1 post - 1 participant