troposphere icon indicating copy to clipboard operation
troposphere copied to clipboard
verified publisher icon cloudtools

Adding in additional SecurityServicePolicyData sub-class.

Open ev3rl0ng opened this issue 5 years ago • 2 comments

Fixes https://github.com/cloudtools/troposphere/issues/1834

ev3rl0ng avatar Nov 17 '20 22:11 ev3rl0ng

Sorry for the delay in responding. I don't see this additional property documented or in the spec files. Can you let me know where you saw this documented? Thanks.

markpeek avatar Jan 24 '21 22:01 markpeek

Hi Mark, thanks for getting back to me. All of the data is documented in the linked issue above.

By AWS CloudFormation documentation (https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-fms-policy.html), the YAML representation of the SecurityServicePolicyData has two child nodes... Type and ManagedServiceData. They are represented in YAML as follows:

PolicyWAFv2:
    Type: AWS::FMS::Policy
    Properties:
      ExcludeResourceTags: false
      PolicyName: Policy
      RemediationEnabled: false 
      ResourceType: AWS::ElasticLoadBalancingV2::LoadBalancer 
      SecurityServicePolicyData: 
        Type: WAFV2
        ManagedServiceData: !Sub '{"type":"WAFV2", 
                                  "preProcessRuleGroups":[{ 
                                  "ruleGroupType":"RuleGroup",
                                  "ruleGroupArn":"${RuleGroup.Arn}",
                                  "overrideAction":{"type":"NONE"}}],
                                  "postProcessRuleGroups":[],
                                  "defaultAction":{"type":"BLOCK"}}'

ev3rl0ng avatar Jan 24 '21 22:01 ev3rl0ng