Stuck on an issue?
Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.
And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.
wafv2: CfnWebACL Rules property has incorrect CloudFormation schema
See original GitHub issuelink to reference doc page: https://docs.aws.amazon.com/cdk/api/latest/docs/@aws-cdk_aws-wafv2.CfnWebACL.html
I tried instantiating a simple WAF ACL with the following code:
const acl = new waf.CfnWebACL(this, 'ACL', {
defaultAction: {
allow: true,
},
scope: 'CLOUDFRONT',
visibilityConfig: {
cloudWatchMetricsEnabled: true,
metricName: 'waf', // TODO add a stage suffix
sampledRequestsEnabled: false,
},
rules: {
rules: [
{ name: 'AWS-AWSManagedRulesAmazonIpReputationList' },
{ name: 'AWS-AWSManagedRulesCommonRuleSet' },
{ name: 'AWS-AWSManagedRulesKnownBadInputsRuleSet' },
{ name: 'AWS-AWSManagedRulesSQLiRuleSet' },
{ name: 'AWS-AWSManagedRulesLinuxRuleSet' },
],
},
});
The code compiles but cdk deploy fails with an ACL Internal Failure that doesn’t provide any helpful context.
Can you update the document with a working starter example?
This is a 📕 documentation issue
Issue Analytics
- State:
- Created 4 years ago
- Comments:32 (9 by maintainers)
Top Results From Across the Web
interface JsonBodyProperty · AWS CDK
Use the specifications in this object to indicate which parts of the JSON body to inspect using the rule's inspection criteria. AWS WAF...
Read more >Using Custom Resources to Extend your CloudFormation
Provisioning non-AWS resources with CloudFormation. The second reason to use custom resources is to add infrastructure-as-code properties to ...
Read more >Different signatures for **wafv2.CfnWebACL** interface in aws ...
Because the documentation link in the question refers to aws-waf , and you're using aws-wafv2 , which is different.
Read more >10 Solutions to Common CloudFormation Errors - Medium
In multiple instances, I found that I created a resource via AWS Console and didn't even realize a property was required until creating...
Read more >AWS CloudFormation Properties Cheat Sheet
AWS CloudFormation Resource Type properties Cheat Sheet ... Events, Name, Overrides, Properties, SchemaVersion, SourceId, Tags, Variants.
Read more >
Top Related Medium Post
No results found
Top Related StackOverflow Question
No results found
Troubleshoot Live Code
Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free
Top Related Reddit Thread
No results found
Top Related Hackernoon Post
No results found
Top Related Tweet
No results found
Top Related Dev.to Post
No results found
Top Related Hashnode Post
No results found
I’ve discovered you get the error “Your statement has multiple values set for a field that requires exactly one value., field: RULE, parameter: Rule” is returned if you are missing the
OverrideActionon theManagedRuleGroupStatement. The field is needed even if you don’t want to override it, you specify “none” as per the docs.Clearly a CF issue because the cdk types can’t enforce this the way they are, but this GH Issue is the main result when searching for that error message so hopefully this helps someone.
Given this page is the first (and only, really) coming up in Google for the error
I would add to @tmo-trustpilot 's comment above:
overrideActionandactionHope this helps someone.