moto
moto copied to clipboard
Published
20 hours ago •
getmoto
getmoto
Wafv2: Adds associate-web-acl, disassociate-web-acl, and get-web-acl-for-resource
Adding support for the wafv2 services. This PR adds the associate-web-acl, get-web-acl-for-resource and disassociate-web-acl commands.
Sample Output:
- Create VPC and 2 subnets for load-balancer
- Create load-balancer and web acl
- Associate load-balancer and web-acl -> no output if successful
- Show web-acl is associated with load-balancer with get-web-acl-for-resource
- Disassociate load-balancer and web-acl -> no output if successful
- Show web-acl is no longer associated with load-balancer with get-web-acl-for-resource
$ aws --endpoint-url=http://localhost:5000 ec2 create-vpc --cidr-block 172.28.7.0/24
{
"Vpc": {
"CidrBlock": "172.28.7.0/24",
"DhcpOptionsId": "dopt-1a2b3c4d2",
"State": "pending",
"VpcId": "vpc-4898d358",
...
$ aws --endpoint-url=http://localhost:5000 ec2 create-subnet --vpc-id vpc-4898d358 --cidr-block 172.28.7.192/26
{
"Subnet": {
"AvailabilityZone": "us-east-2c",
"AvailabilityZoneId": "use2-az3",
"AvailableIpAddressCount": 59,
"CidrBlock": "172.28.7.192/26",
"DefaultForAz": false,
"MapPublicIpOnLaunch": false,
"State": "pending",
"SubnetId": "subnet-a8c73b4b",
...
$ aws --endpoint-url=http://localhost:5000 ec2 create-subnet --vpc-id vpc-4898d358 --cidr-block 172.28.7.0/26
{
"Subnet": {
"AvailabilityZone": "us-east-2a",
"AvailabilityZoneId": "use2-az1",
"AvailableIpAddressCount": 59,
"CidrBlock": "172.28.7.0/26",
"DefaultForAz": false,
"MapPublicIpOnLaunch": false,
"State": "pending",
"SubnetId": "subnet-078bbf49",
...
$ aws --endpoint-url=http://localhost:5000 elbv2 create-load-balancer --name test_alb1 --subnets subnet-a8c73b4b subnet-078bbf49
{
"LoadBalancers": [
{
"LoadBalancerArn": "arn:aws:elasticloadbalancing:us-east-2:1:loadbalancer/test_alb1/50dc6c495c0c9188",
"DNSName": "test_alb1-1.us-east-2.elb.amazonaws.com",
"CanonicalHostedZoneId": "Z2P70J7EXAMPLE",
"CreatedTime": "2021-08-05T14:17:58.081000+00:00",
"LoadBalancerName": "test_alb1",
...
$ aws --endpoint-url=http://localhost:5000 wafv2 create-web-acl --name wacl1 --scope REGIONAL --default-action Allow={} --visibility-config SampledRequestsEnabled=false,CloudWatchMetricsEnabled=false,MetricName=testMetricName
{
"Summary": {
"Name": "wacl1",
"Id": "2c00295e-f228-4c59-83b5-2bfb828b6a4e",
"Description": "Mock WebACL named wacl1",
"LockToken": "Not Implemented",
"ARN": "arn:aws:wafv2:us-east-2:123456789012:regional/webacl/wacl1/2c00295e-f228-4c59-83b5-2bfb828b6a4e"
}
}
$ aws --endpoint-url=http://localhost:5000 wafv2 associate-web-acl --resource-arn arn:aws:elasticloadbalancing:us-east-2:1:loadbalancer/test_alb1/50dc6c495c0c9188 --web-acl-arn arn:aws:wafv2:us-east-2:123456789012:regional/webacl/wacl1/2c00295e-f228-4c59-83b5-2bfb828b6a4e
$ aws --endpoint-url=http://localhost:5000 wafv2 get-web-acl-for-resource --resource-arn arn:aws:elasticloadbalancing:us-east-2:1:loadbalancer/test_alb1/50dc6c495c0c9188
{
"WebACL": {
"Name": "wacl1",
"Id": "2c00295e-f228-4c59-83b5-2bfb828b6a4e",
"ARN": "arn:aws:wafv2:us-east-2:123456789012:regional/webacl/wacl1/2c00295e-f228-4c59-83b5-2bfb828b6a4e",
"DefaultAction": {
"Block": {},
"Allow": {}
},
"Description": "Mock WebACL named wacl1",
"VisibilityConfig": {
"SampledRequestsEnabled": false,
"CloudWatchMetricsEnabled": false,
"MetricName": "testMetricName"
},
"Capacity": "Not Implemented"
}
}
$ aws --endpoint-url=http://localhost:5000 wafv2 disassociate-web-acl --resource-arn arn:aws:elasticloadbalancing:us-east-2:1:loadbalancer/test_alb1/50dc6c495c0c9188
$ aws --endpoint-url=http://localhost:5000 wafv2 get-web-acl-for-resource --resource-arn arn:aws:elasticloadbalancing:us-east-2:1:loadbalancer/test_alb1/50dc6c495c0c9188
