Stuck on an issue?
Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.
And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.
RuleActionOverrides throws E3002 Invalid Property with ManagedRuleGroupStatement
See original GitHub issueCloudFormation Lint Version
cfn-lint 0.72.2
What operating system are you using?
Mac
Describe the bug
RuleActionOverrides throws an E3002 Invalid Property error when used with ManagedRuleGroupStatement.
$ cfn-lint ruleactionoverride.yaml
E3002 Invalid Property Resources/ExampleWebACL/Properties/Rules/0/Statement/ManagedRuleGroupStatement/RuleActionOverrides
ruleactionoverride.yaml:30:15
Expected behavior
This should not throw an error as it’s valid per CloudFormation’s documentation. I also successfully ran a CloudFormation stack update with a template similar to the example included in this issue.
- https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-wafv2-webacl.html
- https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-wafv2-webacl-rule.html
- https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-wafv2-webacl-statement.html
- https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-wafv2-webacl-managedrulegroupstatement.html
- https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-wafv2-webacl-ruleactionoverride.html
Reproduction template
AWSTemplateFormatVersion: "2010-09-09"
Description: "RuleActionOverrides Example"
Resources:
ExampleWebACL:
Type: AWS::WAFv2::WebACL
Properties:
Name: ExampleWebACL
DefaultAction:
Block: {}
Scope: REGIONAL
VisibilityConfig:
SampledRequestsEnabled: true
CloudWatchMetricsEnabled: true
MetricName: ExampleWebACL
Rules:
- Name: ExampleRuleActionOverrides
Priority: 0
OverrideAction:
None: {}
VisibilityConfig:
SampledRequestsEnabled: true
CloudWatchMetricsEnabled: true
MetricName: ExampleRuleActionOverrides
Statement:
ManagedRuleGroupStatement:
Name: AWSManagedRulesCommonRuleSet
VendorName: AWS
RuleActionOverrides:
- Name: NoUserAgent_HEADER
ActionToUse:
Count: {}
Issue Analytics
- State:
- Created 9 months ago
- Comments:8 (5 by maintainers)
Top Results From Across the Web
AWS::WAFv2::WebACL ManagedRuleGroupStatement
A rule statement used to run the rules that are defined in a managed rule group. To use this, provide the vendor name...
Read more >
Top Related Medium Post
No results found
Top Related StackOverflow Question
No results found
Troubleshoot Live Code
Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free
Top Related Reddit Thread
No results found
Top Related Hackernoon Post
No results found
Top Related Tweet
No results found
Top Related Dev.to Post
No results found
Top Related Hashnode Post
No results found
I’m going to watch this weeks spec drop to see if its covered and if not I will patch this property in so its covered going forward.
Confirmed working!