This message was deleted Pulumi Community #general

Join Slack

This message was deleted.

# general

sparse-intern-71089

08/20/2020, 3:44 PM

This message was deleted.

broad-dog-22463

08/20/2020, 4:11 PM

@brave-angle-33257 it's waiting to be released - it will go out this week!

broad-dog-22463

08/20/2020, 4:11 PM

sorry for the tardiness here 😕

brave-angle-33257

08/20/2020, 4:12 PM

no problem Paul, thanks! I'm going to manually create the webACL in the console for now and add the generated ARN to my cloudfront config in the meantime, I'll just rebuild the rule when it's avaiable

broad-dog-22463

08/20/2020, 4:13 PM

sounds good - look for pulumi-aws 3.2.0 either tonight or tomorrow

broad-dog-22463

08/20/2020, 4:13 PM

It will definitely hit by EoD tomorrow

👍 1

brave-angle-33257

08/28/2020, 4:13 PM

hey Paul, heads up, it keeps wanting to replace my webACL with no differences showing in the diff

Copy code

++aws:wafv2/webAcl:WebAcl: (create-replacement)
        [id=f6341589-01f2-42ee-8a8f-e645a6d8dcbc]
        [urn=urn:pulumi:mycompany-cloudfront.us-east-1.dev::mycompany-cloudfront::aws:wafv2/webAcl:WebAcl::mycompany-distro-api-stage]
        [provider=urn:pulumi:mycompany-cloudfront.us-east-1.dev::mycompany-cloudfront::pulumi:providers:aws::default_3_2_0::c7c4fa01-32bd-4cb0-938d-a7e3ce3fe9e7]
      ~ rules: [
          ~ [0]: {
                  ~ name            : "mycompany-distro-api-stage-http-flood" => "mycompany-distro-api-stage-http-flood"
                  ~ priority        : 1 => 1
                  ~ statement       : {
                      ~ rateBasedStatement: {
                          ~ aggregateKeyType: "IP" => "IP"
                          ~ limit           : 200 => 200
                        }
                    }
                  ~ visibilityConfig: {
                      ~ cloudwatchMetricsEnabled: true => true
                      ~ metricName              : "mycompany-distro-api-stage-http-flood" => "mycompany-distro-api-stage-http-flood"
                      ~ sampledRequestsEnabled  : true => true
                    }
                }
        ]

brave-angle-33257

08/28/2020, 4:13 PM

im gonna open a git issue

brave-angle-33257

08/28/2020, 4:20 PM

i feel like this has some bugs, im getting several odd issues

brave-angle-33257

08/28/2020, 4:20 PM

i had some ACLs that weren't there, but when i would refresh the stack, it thought they were there, then next run it would try to delete them and fail

brave-angle-33257

08/28/2020, 4:21 PM

so i just manually emptied out the state file of all WAF resources, and also deleted them manually in console, and now running same code, I'm getting an error

brave-angle-33257

08/28/2020, 4:21 PM

previously I was trying to attach a WAF to CLOUDFRONT and was getting a warning that the ARN was incorrect.. I did notice that there was no set of double colons in the ARN it produced

brave-angle-33257

08/28/2020, 4:21 PM

Copy code

error: Error creating WAFv2 WebACL: WAFInvalidParameterException: Error reason: Your statement has multiple values set for a field that requires exactly one value., field: STATEMENT, parameter: Statement
    {
      RespMetadata: {
        StatusCode: 400,
        RequestID: "31f2d618-99bc-4ad4-8857-0b4535b812a3"
      },
      Field: "STATEMENT",
      Message_: "Error reason: Your statement has multiple values set for a field that requires exactly one value., field: STATEMENT, parameter: Statement",
      Parameter: "Statement",
      Reason: "Your statement has multiple values set for a field that requires exactly one value."
    }

brave-angle-33257

08/28/2020, 4:22 PM

Copy code

var web_acl_flood_name = `${distro_name}-http-flood`;
  var web_acl = new aws.wafv2.WebAcl(distro_name, {
        name: distro_name,
        defaultAction: {
            allow: {},
        },
        rules: [{
            action: {
                block: {},
            },
            name: web_acl_flood_name,
            priority: 1,
            statement: {
                rateBasedStatement: {
                    aggregateKeyType: "IP",
                    limit: 200,
                    scopeDownStatement: {}
                },
            },
            visibilityConfig: {
                cloudwatchMetricsEnabled: true,
                metricName: web_acl_flood_name,
                sampledRequestsEnabled: true,
            },
        }],
        scope: "CLOUDFRONT",
        visibilityConfig: {
            cloudwatchMetricsEnabled: true,
            metricName: distro_name,
            sampledRequestsEnabled: true,
        },
    });

brave-angle-33257

08/28/2020, 4:23 PM

i was getting something earlier similar with the "multiple values" but with the rules

abundant-appointment-96790

09/20/2020, 5:46 AM

Did you ever manage to resolve the issue? I’m encountering the same issue

brave-angle-33257

10/06/2020, 11:42 PM

not yet, i have an open issue on github that has been assigned but not closed, i tried once more on the next in line version of pulumi-aws but it still didn't work, there have probably been updates since then though https://github.com/pulumi/pulumi-aws/issues/1098

Open in Slack

Previous Next