Hello Using Golang lib wafv2 for managing waf and cloudfront Pulumi Community #general

Hello, Using Golang lib wafv2 for managing waf and...

steep-motorcycle-5349

08/27/2025, 11:07 AM

Hello, Using Golang lib wafv2 for managing waf and cloudfront and also rulegroups. Have a challenge to implement this rule:

Copy code

{
  "Name": "AWS-AWSManagedRulesAntiDDoSRuleSet",
  "Priority": 4,
  "Statement": {
    "ManagedRuleGroupStatement": {
      "VendorName": "AWS",
      "Name": "AWSManagedRulesAntiDDoSRuleSet",
      "ManagedRuleGroupConfigs": [
        {
          "AWSManagedRulesAntiDDoSRuleSet": {
            "ClientSideActionConfig": {
              "Challenge": {
                "UsageOfAction": "DISABLED",
                "Sensitivity": "HIGH",
                "ExemptUriRegularExpressions": [
                  {
                    "RegexString": "\\/api\\/|\\.(acc|avi|css|gif|ico|jpe?g|js|json|mp[34]|ogg|otf|pdf|png|tiff?|ttf|webm|webp|woff2?|xml)$"
                  }
                ]
              }
            },
            "SensitivityToBlock": "LOW"
          }
        }
      ],
      "RuleActionOverrides": [
        {
          "Name": "DDoSRequests",
          "ActionToUse": {
            "Count": {}
          }
        }
      ]
    }
  },
  "OverrideAction": {
    "None": {}
  },
  "VisibilityConfig": {
    "SampledRequestsEnabled": true,
    "CloudWatchMetricsEnabled": true,
    "MetricName": "AWS-AWSManagedRulesAntiDDoSRuleSet"
  }
}

Seems to be lib doesn't have the proper config:

Copy code

type WebAclRuleStatementManagedRuleGroupStatementManagedRuleGroupConfigArgs struct {
    AwsManagedRulesAcfpRuleSet       WebAclRuleStatementManagedRuleGroupStatementManagedRuleGroupConfigAwsManagedRulesAcfpRuleSetPtrInput       `pulumi:"awsManagedRulesAcfpRuleSet"`
    AwsManagedRulesAtpRuleSet        WebAclRuleStatementManagedRuleGroupStatementManagedRuleGroupConfigAwsManagedRulesAtpRuleSetPtrInput        `pulumi:"awsManagedRulesAtpRuleSet"`
    AwsManagedRulesBotControlRuleSet WebAclRuleStatementManagedRuleGroupStatementManagedRuleGroupConfigAwsManagedRulesBotControlRuleSetPtrInput `pulumi:"awsManagedRulesBotControlRuleSet"`
    LoginPath                        pulumi.StringPtrInput                                                                                      `pulumi:"loginPath"`
    PasswordField                    WebAclRuleStatementManagedRuleGroupStatementManagedRuleGroupConfigPasswordFieldPtrInput                    `pulumi:"passwordField"`
    PayloadType                      pulumi.StringPtrInput                                                                                      `pulumi:"payloadType"`
    UsernameField                    WebAclRuleStatementManagedRuleGroupStatementManagedRuleGroupConfigUsernameFieldPtrInput                    `pulumi:"usernameField"`

Does someone know the workaround?

Open in Slack

Previous Next