Skip to content

[Enhancement ] aws_wafv2_web_acl: Support data_protection_config block #42404

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 5 commits into
base: main
Choose a base branch
from
Open

[Enhancement ] aws_wafv2_web_acl: Support data_protection_config block #42404

wants to merge 5 commits into from

Conversation

tabito-hara
Copy link
Contributor

Description

  • Add data_protection_config block to aws_wafv2_web_acl resource.

Relations

Closes #41803
Closes #41453

References

https://docs.aws.amazon.com/ja_jp/waf/latest/APIReference/API_DataProtectionConfig.html

Output from Acceptance Testing

% make testacc TESTS=TestAccWAFV2WebACL_ PKG=wafv2 
make: Verifying source code with gofmt...
==> Checking that code complies with gofmt requirements...
TF_ACC=1 go1.23.8 test ./internal/service/wafv2/... -v -count 1 -parallel 20 -run='TestAccWAFV2WebACL_'  -timeout 360m -vet=off
2025/04/29 02:13:46 Initializing Terraform AWS Provider...
=== RUN   TestAccWAFV2WebACL_basic
=== PAUSE TestAccWAFV2WebACL_basic
=== RUN   TestAccWAFV2WebACL_nameGenerated
=== PAUSE TestAccWAFV2WebACL_nameGenerated
=== RUN   TestAccWAFV2WebACL_namePrefix
=== PAUSE TestAccWAFV2WebACL_namePrefix
=== RUN   TestAccWAFV2WebACL_Update_rule
=== PAUSE TestAccWAFV2WebACL_Update_rule
=== RUN   TestAccWAFV2WebACL_Update_ruleProperties
=== PAUSE TestAccWAFV2WebACL_Update_ruleProperties
=== RUN   TestAccWAFV2WebACL_Update_nameForceNew
=== PAUSE TestAccWAFV2WebACL_Update_nameForceNew
=== RUN   TestAccWAFV2WebACL_disappears
=== PAUSE TestAccWAFV2WebACL_disappears
=== RUN   TestAccWAFV2WebACL_ManagedRuleGroup_basic
=== PAUSE TestAccWAFV2WebACL_ManagedRuleGroup_basic
=== RUN   TestAccWAFV2WebACL_ManagedRuleGroup_ManagedRuleGroupConfig
=== PAUSE TestAccWAFV2WebACL_ManagedRuleGroup_ManagedRuleGroupConfig
=== RUN   TestAccWAFV2WebACL_ManagedRuleGroup_ManagedRuleGroupConfig_ACFPRuleSet
=== PAUSE TestAccWAFV2WebACL_ManagedRuleGroup_ManagedRuleGroupConfig_ACFPRuleSet
=== RUN   TestAccWAFV2WebACL_ManagedRuleGroup_ManagedRuleGroupConfig_ATPRuleSet
=== PAUSE TestAccWAFV2WebACL_ManagedRuleGroup_ManagedRuleGroupConfig_ATPRuleSet
=== RUN   TestAccWAFV2WebACL_ManagedRuleGroup_ManagedRuleGroupConfig_BotControl
=== PAUSE TestAccWAFV2WebACL_ManagedRuleGroup_ManagedRuleGroupConfig_BotControl
=== RUN   TestAccWAFV2WebACL_ManagedRuleGroup_specifyVersion
=== PAUSE TestAccWAFV2WebACL_ManagedRuleGroup_specifyVersion
=== RUN   TestAccWAFV2WebACL_minimal
=== PAUSE TestAccWAFV2WebACL_minimal
=== RUN   TestAccWAFV2WebACL_RateBased_basic
=== PAUSE TestAccWAFV2WebACL_RateBased_basic
=== RUN   TestAccWAFV2WebACL_ByteMatchStatement_basic
=== PAUSE TestAccWAFV2WebACL_ByteMatchStatement_basic
=== RUN   TestAccWAFV2WebACL_ByteMatchStatement_ja3fingerprint
=== PAUSE TestAccWAFV2WebACL_ByteMatchStatement_ja3fingerprint
=== RUN   TestAccWAFV2WebACL_ByteMatchStatement_ja4fingerprint
=== PAUSE TestAccWAFV2WebACL_ByteMatchStatement_ja4fingerprint
=== RUN   TestAccWAFV2WebACL_ByteMatchStatement_jsonBody
=== PAUSE TestAccWAFV2WebACL_ByteMatchStatement_jsonBody
=== RUN   TestAccWAFV2WebACL_ByteMatchStatement_body
=== PAUSE TestAccWAFV2WebACL_ByteMatchStatement_body
=== RUN   TestAccWAFV2WebACL_ByteMatchStatement_headerOrder
=== PAUSE TestAccWAFV2WebACL_ByteMatchStatement_headerOrder
=== RUN   TestAccWAFV2WebACL_GeoMatch_basic
=== PAUSE TestAccWAFV2WebACL_GeoMatch_basic
=== RUN   TestAccWAFV2WebACL_GeoMatch_forwardedIP
=== PAUSE TestAccWAFV2WebACL_GeoMatch_forwardedIP
=== RUN   TestAccWAFV2WebACL_LabelMatchStatement
=== PAUSE TestAccWAFV2WebACL_LabelMatchStatement
=== RUN   TestAccWAFV2WebACL_RuleLabels
=== PAUSE TestAccWAFV2WebACL_RuleLabels
=== RUN   TestAccWAFV2WebACL_IPSetReference_basic
=== PAUSE TestAccWAFV2WebACL_IPSetReference_basic
=== RUN   TestAccWAFV2WebACL_IPSetReference_forwardedIP
=== PAUSE TestAccWAFV2WebACL_IPSetReference_forwardedIP
=== RUN   TestAccWAFV2WebACL_RateBased_customKeys
=== PAUSE TestAccWAFV2WebACL_RateBased_customKeys
=== RUN   TestAccWAFV2WebACL_RateBased_forwardedIP
=== PAUSE TestAccWAFV2WebACL_RateBased_forwardedIP
=== RUN   TestAccWAFV2WebACL_RuleGroupReference_basic
=== PAUSE TestAccWAFV2WebACL_RuleGroupReference_basic
=== RUN   TestAccWAFV2WebACL_RuleGroupReference_shieldMitigation
=== PAUSE TestAccWAFV2WebACL_RuleGroupReference_shieldMitigation
=== RUN   TestAccWAFV2WebACL_RuleGroupReference_manageShieldMitigationRule
=== PAUSE TestAccWAFV2WebACL_RuleGroupReference_manageShieldMitigationRule
=== RUN   TestAccWAFV2WebACL_Custom_requestHandling
=== PAUSE TestAccWAFV2WebACL_Custom_requestHandling
=== RUN   TestAccWAFV2WebACL_Custom_response
=== PAUSE TestAccWAFV2WebACL_Custom_response
=== RUN   TestAccWAFV2WebACL_tags
=== PAUSE TestAccWAFV2WebACL_tags
=== RUN   TestAccWAFV2WebACL_RateBased_maxNested
=== PAUSE TestAccWAFV2WebACL_RateBased_maxNested
=== RUN   TestAccWAFV2WebACL_Operators_maxNested
=== PAUSE TestAccWAFV2WebACL_Operators_maxNested
=== RUN   TestAccWAFV2WebACL_tokenDomains
=== PAUSE TestAccWAFV2WebACL_tokenDomains
=== RUN   TestAccWAFV2WebACL_associationConfigCloudFront
=== PAUSE TestAccWAFV2WebACL_associationConfigCloudFront
=== RUN   TestAccWAFV2WebACL_associationConfigRegional
=== PAUSE TestAccWAFV2WebACL_associationConfigRegional
=== RUN   TestAccWAFV2WebACL_CloudFrontScope
=== PAUSE TestAccWAFV2WebACL_CloudFrontScope
=== RUN   TestAccWAFV2WebACL_ruleJSON
=== PAUSE TestAccWAFV2WebACL_ruleJSON
=== RUN   TestAccWAFV2WebACL_ruleJSONToRule
=== PAUSE TestAccWAFV2WebACL_ruleJSONToRule
=== RUN   TestAccWAFV2WebACL_dataProtectionConfig
=== PAUSE TestAccWAFV2WebACL_dataProtectionConfig
=== RUN   TestAccWAFV2WebACL_dataProtectionConfigMultiple
=== PAUSE TestAccWAFV2WebACL_dataProtectionConfigMultiple
=== CONT  TestAccWAFV2WebACL_basic
=== CONT  TestAccWAFV2WebACL_LabelMatchStatement
=== CONT  TestAccWAFV2WebACL_tags
=== CONT  TestAccWAFV2WebACL_dataProtectionConfigMultiple
=== CONT  TestAccWAFV2WebACL_dataProtectionConfig
=== CONT  TestAccWAFV2WebACL_associationConfigCloudFront
=== CONT  TestAccWAFV2WebACL_tokenDomains
=== CONT  TestAccWAFV2WebACL_Operators_maxNested
=== CONT  TestAccWAFV2WebACL_RateBased_maxNested
=== CONT  TestAccWAFV2WebACL_RuleGroupReference_basic
=== CONT  TestAccWAFV2WebACL_associationConfigRegional
=== CONT  TestAccWAFV2WebACL_Custom_response
=== CONT  TestAccWAFV2WebACL_ruleJSONToRule
=== CONT  TestAccWAFV2WebACL_Custom_requestHandling
=== CONT  TestAccWAFV2WebACL_ruleJSON
=== CONT  TestAccWAFV2WebACL_RuleGroupReference_manageShieldMitigationRule
=== CONT  TestAccWAFV2WebACL_CloudFrontScope
=== CONT  TestAccWAFV2WebACL_RuleGroupReference_shieldMitigation
=== CONT  TestAccWAFV2WebACL_IPSetReference_forwardedIP
=== CONT  TestAccWAFV2WebACL_RateBased_forwardedIP
=== NAME  TestAccWAFV2WebACL_associationConfigCloudFront
    web_acl_test.go:3108: skipping tests; AWS_DEFAULT_REGION (us-west-2) not supported. Supported: [us-east-1]
--- SKIP: TestAccWAFV2WebACL_associationConfigCloudFront (2.19s)
=== CONT  TestAccWAFV2WebACL_RateBased_customKeys
=== NAME  TestAccWAFV2WebACL_CloudFrontScope
    web_acl_test.go:3205: skipping tests; AWS_DEFAULT_REGION (us-west-2) not supported. Supported: [us-east-1]
--- SKIP: TestAccWAFV2WebACL_CloudFrontScope (2.19s)
=== CONT  TestAccWAFV2WebACL_ManagedRuleGroup_specifyVersion
--- PASS: TestAccWAFV2WebACL_associationConfigRegional (47.36s)
=== CONT  TestAccWAFV2WebACL_disappears
--- PASS: TestAccWAFV2WebACL_basic (51.92s)
=== CONT  TestAccWAFV2WebACL_GeoMatch_forwardedIP
--- PASS: TestAccWAFV2WebACL_dataProtectionConfigMultiple (66.14s)
=== CONT  TestAccWAFV2WebACL_ManagedRuleGroup_ManagedRuleGroupConfig_BotControl
--- PASS: TestAccWAFV2WebACL_Operators_maxNested (68.34s)
=== CONT  TestAccWAFV2WebACL_ByteMatchStatement_ja3fingerprint
--- PASS: TestAccWAFV2WebACL_tokenDomains (79.17s)
=== CONT  TestAccWAFV2WebACL_ManagedRuleGroup_ManagedRuleGroupConfig_ATPRuleSet
--- PASS: TestAccWAFV2WebACL_ruleJSONToRule (91.93s)
=== CONT  TestAccWAFV2WebACL_ManagedRuleGroup_ManagedRuleGroupConfig_ACFPRuleSet
--- PASS: TestAccWAFV2WebACL_RateBased_forwardedIP (107.86s)
=== CONT  TestAccWAFV2WebACL_ByteMatchStatement_basic
--- PASS: TestAccWAFV2WebACL_disappears (62.31s)
=== CONT  TestAccWAFV2WebACL_RateBased_basic
--- PASS: TestAccWAFV2WebACL_RateBased_maxNested (113.40s)
=== CONT  TestAccWAFV2WebACL_minimal
--- PASS: TestAccWAFV2WebACL_ruleJSON (117.25s)
=== CONT  TestAccWAFV2WebACL_IPSetReference_basic
--- PASS: TestAccWAFV2WebACL_ManagedRuleGroup_specifyVersion (121.17s)
=== CONT  TestAccWAFV2WebACL_ManagedRuleGroup_ManagedRuleGroupConfig
--- PASS: TestAccWAFV2WebACL_ManagedRuleGroup_ManagedRuleGroupConfig_BotControl (67.84s)
=== CONT  TestAccWAFV2WebACL_RuleLabels
--- PASS: TestAccWAFV2WebACL_dataProtectionConfig (158.39s)
=== CONT  TestAccWAFV2WebACL_ManagedRuleGroup_basic
--- PASS: TestAccWAFV2WebACL_LabelMatchStatement (162.02s)
=== CONT  TestAccWAFV2WebACL_ByteMatchStatement_ja4fingerprint
--- PASS: TestAccWAFV2WebACL_Custom_response (168.72s)
=== CONT  TestAccWAFV2WebACL_Update_rule
--- PASS: TestAccWAFV2WebACL_RuleGroupReference_shieldMitigation (180.88s)
=== CONT  TestAccWAFV2WebACL_Update_nameForceNew
--- PASS: TestAccWAFV2WebACL_minimal (68.43s)
=== CONT  TestAccWAFV2WebACL_GeoMatch_basic
--- PASS: TestAccWAFV2WebACL_GeoMatch_forwardedIP (148.80s)
=== CONT  TestAccWAFV2WebACL_Update_ruleProperties
--- PASS: TestAccWAFV2WebACL_IPSetReference_basic (91.81s)
=== CONT  TestAccWAFV2WebACL_ByteMatchStatement_headerOrder
--- PASS: TestAccWAFV2WebACL_RuleGroupReference_basic (213.28s)
=== CONT  TestAccWAFV2WebACL_namePrefix
--- PASS: TestAccWAFV2WebACL_tags (213.30s)
=== CONT  TestAccWAFV2WebACL_ByteMatchStatement_body
--- PASS: TestAccWAFV2WebACL_ByteMatchStatement_ja3fingerprint (146.04s)
=== CONT  TestAccWAFV2WebACL_ByteMatchStatement_jsonBody
--- PASS: TestAccWAFV2WebACL_RuleGroupReference_manageShieldMitigationRule (219.83s)
=== CONT  TestAccWAFV2WebACL_nameGenerated
--- PASS: TestAccWAFV2WebACL_ManagedRuleGroup_ManagedRuleGroupConfig_ATPRuleSet (149.96s)
--- PASS: TestAccWAFV2WebACL_ManagedRuleGroup_ManagedRuleGroupConfig_ACFPRuleSet (152.38s)
--- PASS: TestAccWAFV2WebACL_IPSetReference_forwardedIP (255.84s)
--- PASS: TestAccWAFV2WebACL_ByteMatchStatement_basic (153.66s)
--- PASS: TestAccWAFV2WebACL_Custom_requestHandling (263.61s)
--- PASS: TestAccWAFV2WebACL_RateBased_basic (156.44s)
--- PASS: TestAccWAFV2WebACL_ManagedRuleGroup_ManagedRuleGroupConfig (149.75s)
--- PASS: TestAccWAFV2WebACL_RuleLabels (152.74s)
--- PASS: TestAccWAFV2WebACL_namePrefix (76.31s)
--- PASS: TestAccWAFV2WebACL_nameGenerated (74.94s)
--- PASS: TestAccWAFV2WebACL_ByteMatchStatement_ja4fingerprint (141.39s)
--- PASS: TestAccWAFV2WebACL_Update_nameForceNew (123.70s)
--- PASS: TestAccWAFV2WebACL_Update_rule (139.65s)
--- PASS: TestAccWAFV2WebACL_GeoMatch_basic (130.25s)
--- PASS: TestAccWAFV2WebACL_ByteMatchStatement_headerOrder (113.41s)
--- PASS: TestAccWAFV2WebACL_ByteMatchStatement_body (110.65s)
--- PASS: TestAccWAFV2WebACL_ByteMatchStatement_jsonBody (110.93s)
--- PASS: TestAccWAFV2WebACL_ManagedRuleGroup_basic (182.89s)
--- PASS: TestAccWAFV2WebACL_Update_ruleProperties (146.58s)
--- PASS: TestAccWAFV2WebACL_RateBased_customKeys (453.15s)
PASS
ok      github.com/hashicorp/terraform-provider-aws/internal/service/wafv2      459.431s

@github-actions GitHub Actions
Copy link

Community Guidelines

This comment is added to every new Pull Request to provide quick reference to how the Terraform AWS Provider is maintained. Please review the information below, and thank you for contributing to the community that keeps the provider thriving! 🚀

Voting for Prioritization

  • Please vote on this Pull Request by adding a 👍 reaction to the original post to help the community and maintainers prioritize it.
  • Please see our prioritization guide for additional information on how the maintainers handle prioritization.
  • Please do not leave +1 or other comments that do not add relevant new information or questions; they generate extra noise for others following the Pull Request and do not help prioritize the request.

Pull Request Authors

  • Review the contribution guide relating to the type of change you are making to ensure all of the necessary steps have been taken.
  • Whether or not the branch has been rebased will not impact prioritization, but doing so is always a welcome surprise.

@github-actions GitHub Actions
Copy link

github-actions bot commented Apr 28, 2025
edited
Loading

✅ Thank you for correcting the previously detected issues! The maintainers appreciate your efforts to make the review process as smooth as possible.

@github-actions github-actions bot added needs-triage Waiting for first response or review from a maintainer. documentation Introduces or discusses updates to documentation. tests PRs: expanded test coverage. Issues: expanded coverage, enhancements to test infrastructure. service/wafv2 Issues and PRs that pertain to the wafv2 service. size/XL Managed by automation to categorize the size of a PR. labels Apr 28, 2025
@tabito-hara tabito-hara changed the title [Enhancement ] aws_wafv2_webacl: Add data_protection_config block [Enhancement ] aws_wafv2_web_acl: Add data_protection_config block Apr 28, 2025
@tabito-hara tabito-hara changed the title [Enhancement ] aws_wafv2_web_acl: Add data_protection_config block [Enhancement ] aws_wafv2_web_acl: Support data_protection_config block Apr 28, 2025
@tabito-hara tabito-hara marked this pull request as ready for review April 29, 2025 00:00
@tabito-hara tabito-hara requested a review from a team as a code owner April 29, 2025 00:00
@tabito-hara tabito-hara mentioned this pull request Apr 29, 2025
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
documentation Introduces or discusses updates to documentation. needs-triage Waiting for first response or review from a maintainer. service/wafv2 Issues and PRs that pertain to the wafv2 service. size/XL Managed by automation to categorize the size of a PR. tests PRs: expanded test coverage. Issues: expanded coverage, enhancements to test infrastructure.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

AWS WAF enhances Data Protection [Enhancement]: Add support for WAFv2 Data Protection
1 participant
@tabito-hara