cloudformation-coverage-roadmap
cloudformation-coverage-roadmap copied to clipboard
Published
20 hours ago •
aws-cloudformation
aws-cloudformation
[AWS::WAFv2::WebAC] - [BUG] - UNABLE to go lower than value 100 for "RateBasedStatementProperty"
Name of the resource
AWS::WAF::WebACL
Resource Name
AWS::WAFv2::WebACL
Issue Description
I am unable to set my limit for a RateBasedStatementProperty below 100. Attempting to do so results in a stack error:
Resource handler returned message: "Model validation failed (#/Rules/0/Statement/RateBasedStatement/Limit: failed validation constraint for keyword [minimum])" (RequestToken: TOKEN, HandlerErrorCode: InvalidRequest)
Expected Behavior
I am able to set a rate below 100.
Observed Behavior
Unable to set a rate below 100, must be done via web console in AWS.
Test Cases
CDK Codd Example:
waf_acl = aws_wafv2.CfnWebACL(
scope_=self,
id='RootWAF',
default_action=aws_wafv2.CfnWebACL.DefaultActionProperty(allow={}),
scope='CLOUDFRONT',
visibility_config=aws_wafv2.CfnWebACL.VisibilityConfigProperty(
cloud_watch_metrics_enabled=True,
metric_name="WAF",
sampled_requests_enabled=True,
),
rules=[
aws_wafv2.CfnWebACL.RuleProperty(
name='Rate-Limit-Requests',
priority=0,
action=aws_wafv2.CfnWebACL.RuleActionProperty(block={}),
visibility_config=aws_wafv2.CfnWebACL
.VisibilityConfigProperty(
cloud_watch_metrics_enabled=True,
metric_name="Rate-Limit-Requests",
sampled_requests_enabled=True,
),
statement=aws_wafv2.CfnWebACL.StatementProperty(
rate_based_statement=aws_wafv2.CfnWebACL
.RateBasedStatementProperty(
aggregate_key_type='IP',
limit=60, # FAILS HERE !!!!
evaluation_window_sec=60,
),
),
),
],
)
Other Details
Version details:
- Python:
Python 3.12.0 - CDK Version:
2.162.1 (build 10aa526)
