diff --git a/.changelog/26506.txt b/.changelog/26506.txt index 9f4b9465df46..bd2a48a5453b 100644 --- a/.changelog/26506.txt +++ b/.changelog/26506.txt @@ -1,11 +1,3 @@ -```release-note:breaking-change -resource/aws_wafv2_web_acl: Add Required `oversize_handling` attribute to the `field_to_match.body` block -``` - -```release-note:breaking-change -resource/aws_wafv2_rule_group: Add Required `oversize_handling` attribute to the `field_to_match.body` block -``` - ```release-note:enhancement resource/aws_wafv2_web_acl: Add `headers` attribute to the `field_to_match` block ``` diff --git a/internal/service/wafv2/flex.go b/internal/service/wafv2/flex.go index d0bd2e1f65ca..db125d50b133 100644 --- a/internal/service/wafv2/flex.go +++ b/internal/service/wafv2/flex.go @@ -392,7 +392,7 @@ func expandFieldToMatch(l []interface{}) *wafv2.FieldToMatch { } if v, ok := m["body"]; ok && len(v.([]interface{})) > 0 { - f.Body = expandBody(m["body"].([]interface{})) + f.Body = &wafv2.Body{} } if v, ok := m["cookies"]; ok && len(v.([]interface{})) > 0 { @@ -727,22 +727,6 @@ func expandXSSMatchStatement(l []interface{}) *wafv2.XssMatchStatement { } } -func expandBody(l []interface{}) *wafv2.Body { - if len(l) == 0 || l[0] == nil { - return nil - } - - m := l[0].(map[string]interface{}) - - apiObject := &wafv2.Body{} - - if v, ok := m["oversize_handling"].(string); ok && v != "" { - apiObject.OversizeHandling = aws.String(v) - } - - return apiObject -} - func expandHeaders(l []interface{}) *wafv2.Headers { if len(l) == 0 || l[0] == nil { return nil @@ -1335,7 +1319,7 @@ func flattenFieldToMatch(f *wafv2.FieldToMatch) interface{} { } if f.Body != nil { - m["body"] = flattenBody(f.Body) + m["body"] = make([]map[string]interface{}, 1) } if f.Cookies != nil { @@ -1629,20 +1613,6 @@ func flattenVisibilityConfig(config *wafv2.VisibilityConfig) interface{} { return []interface{}{m} } -func flattenBody(s *wafv2.Body) interface{} { - if s == nil { - return []interface{}{} - } - - m := map[string]interface{}{} - - if v := s.OversizeHandling; v != nil { - m["oversize_handling"] = aws.StringValue(v) - } - - return []interface{}{m} -} - func flattenHeaders(s *wafv2.Headers) interface{} { if s == nil { return []interface{}{} diff --git a/internal/service/wafv2/schemas.go b/internal/service/wafv2/schemas.go index 76e215121864..ab4cce2e5e25 100644 --- a/internal/service/wafv2/schemas.go +++ b/internal/service/wafv2/schemas.go @@ -321,7 +321,7 @@ func fieldToMatchBaseSchema() *schema.Resource { return &schema.Resource{ Schema: map[string]*schema.Schema{ "all_query_arguments": emptySchema(), - "body": bodySchema(), + "body": emptySchema(), "cookies": cookiesSchema(), "headers": headersSchema(), "json_body": jsonBodySchema(), @@ -657,19 +657,6 @@ func customResponseBodySchema() *schema.Schema { } } -func bodySchema() *schema.Schema { - return &schema.Schema{ - Type: schema.TypeList, - Optional: true, - MaxItems: 1, - Elem: &schema.Resource{ - Schema: map[string]*schema.Schema{ - "oversize_handling": oversizeHandlingSchema(), - }, - }, - } -} - func cookiesSchema() *schema.Schema { return &schema.Schema{ Type: schema.TypeList, diff --git a/website/docs/r/wafv2_rule_group.html.markdown b/website/docs/r/wafv2_rule_group.html.markdown index 7206706086af..e902b32b17cd 100644 --- a/website/docs/r/wafv2_rule_group.html.markdown +++ b/website/docs/r/wafv2_rule_group.html.markdown @@ -29,6 +29,7 @@ resource "aws_wafv2_rule_group" "example" { } statement { + geo_match_statement { country_codes = ["US", "NL"] } @@ -144,9 +145,7 @@ resource "aws_wafv2_rule_group" "example" { sqli_match_statement { field_to_match { - body { - oversize_handling = "MATCH" - } + body {} } text_transformation { @@ -494,10 +493,10 @@ The part of a web request that you want AWS WAF to inspect. Include the single ` The `field_to_match` block supports the following arguments: ~> **NOTE:** Only one of `all_query_arguments`, `body`, `cookies`, `headers`, `json_body`, `method`, `query_string`, `single_header`, `single_query_argument`, or `uri_path` can be specified. -An empty configuration block `{}` should be used when specifying `all_query_arguments`, `method`, or `query_string` attributes. +An empty configuration block `{}` should be used when specifying `all_query_arguments`, `body`, `method`, or `query_string` attributes. * `all_query_arguments` - (Optional) Inspect all query arguments. -* `body` - (Optional) Inspect the request body, which immediately follows the request headers. See [Body](#body) below for details. +* `body` - (Optional) Inspect the request body, which immediately follows the request headers. * `cookies` - (Optional) Inspect the cookies in the web request. See [Cookies](#cookies) below for details. * `headers` - (Optional) Inspect the request headers. See [Headers](#headers) below for details. * `json_body` - (Optional) Inspect the request body as JSON. See [JSON Body](#json-body) for details. @@ -528,14 +527,6 @@ The `ip_set_forwarded_ip_config` block supports the following arguments: * `header_name` - (Required) - The name of the HTTP header to use for the IP address. * `position` - (Required) - The position in the header to search for the IP address. Valid values include: `FIRST`, `LAST`, or `ANY`. If `ANY` is specified and the header contains more than 10 IP addresses, AWS WAFv2 inspects the last 10. -### Body - -Inspect the request body, which immediately follows the request headers. - -The `body` block supports the following arguments: - -* `oversize_handling` - (Required) Oversize handling tells AWS WAF what to do with a web request when the request component that the rule inspects is over the limits. Valid values include the following: `CONTINUE`, `MATCH`, `NO_MATCH`. See the AWS [documentation](https://docs.aws.amazon.com/waf/latest/developerguide/waf-rule-statement-oversize-handling.html) for more information. - ### Headers Inspect the request headers. diff --git a/website/docs/r/wafv2_web_acl.html.markdown b/website/docs/r/wafv2_web_acl.html.markdown index 14b4f8913302..520f0d7413a2 100644 --- a/website/docs/r/wafv2_web_acl.html.markdown +++ b/website/docs/r/wafv2_web_acl.html.markdown @@ -546,7 +546,7 @@ The part of a web request that you want AWS WAF to inspect. Include the single ` The `field_to_match` block supports the following arguments: ~> **NOTE:** Only one of `all_query_arguments`, `body`, `cookies`, `headers`, `json_body`, `method`, `query_string`, `single_header`, `single_query_argument`, or `uri_path` can be specified. -An empty configuration block `{}` should be used when specifying `all_query_arguments`, `method`, or `query_string` attributes. +An empty configuration block `{}` should be used when specifying `all_query_arguments`, `body`, `method`, or `query_string` attributes. * `all_query_arguments` - (Optional) Inspect all query arguments. * `body` - (Optional) Inspect the request body, which immediately follows the request headers. See [Body](#body) below for details. @@ -580,14 +580,6 @@ The `ip_set_forwarded_ip_config` block supports the following arguments: * `header_name` - (Required) - Name of the HTTP header to use for the IP address. * `position` - (Required) - Position in the header to search for the IP address. Valid values include: `FIRST`, `LAST`, or `ANY`. If `ANY` is specified and the header contains more than 10 IP addresses, AWS WAFv2 inspects the last 10. -### Body - -Inspect the request body, which immediately follows the request headers. - -The `body` block supports the following arguments: - -* `oversize_handling` - (Required) Oversize handling tells AWS WAF what to do with a web request when the request component that the rule inspects is over the limits. Valid values include the following: `CONTINUE`, `MATCH`, `NO_MATCH`. See the AWS [documentation](https://docs.aws.amazon.com/waf/latest/developerguide/waf-rule-statement-oversize-handling.html) for more information. - ### Headers Inspect the request headers.