Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Failed to deploy when using tags and wafConfig #443

Closed
WolfWalter opened this issue Oct 26, 2021 · 5 comments
Closed

Failed to deploy when using tags and wafConfig #443

WolfWalter opened this issue Oct 26, 2021 · 5 comments
Labels
bug

Comments

@WolfWalter
Copy link
Contributor

When I try to deploy the api with

{
  wafConfig: { enabled: true, rules: [{ throttle: 300 }] },
  tags: {
    test: 'test'
  }
...
}

the deployment fails with the folowing error:

Serverless Error ----------------------------------------
 
  An error occurred: GraphQlWaf - Resource handler returned message: "Model validation failed (#/Rules/0/Priority: expected type: Number, found: String
  #/Rules/0/Statement/RateBasedStatement/Limit: expected type: Number, found: String
  #/Rules/0/VisibilityConfig/SampledRequestsEnabled: expected type: Boolean, found: String
  #/Rules/0/VisibilityConfig/CloudWatchMetricsEnabled: expected type: Boolean, found: String
  #/VisibilityConfig/SampledRequestsEnabled: expected type: Boolean, found: String
  #/VisibilityConfig/CloudWatchMetricsEnabled: expected type: Boolean, found: String
  #/Tags: expected type: JSONArray, found: JSONObject)" (RequestToken: 9b518598-fcd9-5f03-7edd-62d94d2a35a7, HandlerErrorCode: InvalidRequest).

The cloudformation-template-update-stack.json contains the following WAF-Cofnig:

...
 "GraphQlWaf": {
      "Type": "AWS::WAFv2::WebACL",
      "Properties": {
        "DefaultAction": {
          "Allow": {}
        },
        "Scope": "REGIONAL",
        "Description": "ACL rules for AppSync...",
        "Name": "sp-api-xxxWaf",
        "Rules": [
          {
            "Action": {
              "Block": {}
            },
            "Name": "BaseThrottle",
            "Priority": 100,
            "Statement": {
              "RateBasedStatement": {
                "AggregateKeyType": "IP",
                "Limit": 300
              }
            },
            "VisibilityConfig": {
              "CloudWatchMetricsEnabled": true,
              "MetricName": "BaseThrottle",
              "SampledRequestsEnabled": true
            }
          }
        ],
        "VisibilityConfig": {
          "CloudWatchMetricsEnabled": true,
          "MetricName": "sp-api-xxxWaf",
          "SampledRequestsEnabled": true
        },
        "Tags": {
          "test": "test"
        }
      }
    },
...

But for AWS::WAFv2::WebACL it should be a list of:

{
  "Key" : String,
  "Value" : String
}
@bboure bboure added the bug label Oct 28, 2021
@bboure
Copy link
Collaborator

bboure commented Oct 28, 2021

Thanks for reporting @WolfWalter
will have a look asap

@bboure
Copy link
Collaborator

bboure commented Oct 28, 2021

The issue is here

It probably should look like this

I'm happy to accept a PR or I'll do it later when I have a moment

@WolfWalter WolfWalter mentioned this issue Oct 29, 2021
Merged
bboure added a commit that referenced this issue Oct 29, 2021
@bboure
Fixed waf tags (#443) (#445)
4200ad8
@aschokking
Copy link

Thanks for the quick fix @WolfWalter, I was running into this now as well.

@bboure what's the process for publishing a new version to npm that would have this fix in it? 🤞

@bboure
Copy link
Collaborator

bboure commented Nov 14, 2021

I will push a new version :)

@bboure
Copy link
Collaborator

bboure commented Nov 14, 2021

Published in 1.21.1 🎉

Thank you All

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@aschokking @WolfWalter @bboure