Merge pull request #33217 from rasekoli/f-wafv2-atp-regex-support

Added ATP enable_regex_in_path parameter for login path
hashicorp · Aug 30, 2023 · d72d848 · d72d848
2 parents b855901 + 9ec7c59
commit d72d848
Show file tree

Hide file tree

Showing 5 changed files with 164 additions and 155 deletions.
diff --git a/.changelog/33217.txt b/.changelog/33217.txt
@@ -0,0 +1,3 @@
+```release-note:enhancement
+resource/aws_wafv2_web_acl: Add `statement.managed_rule_group_statement.managed_rule_group_configs.aws_managed_rules_atp_rule_set.enable_regex_in_path` argument
+```
diff --git a/internal/service/wafv2/flex.go b/internal/service/wafv2/flex.go
@@ -1170,6 +1170,9 @@ func expandManagedRulesATPRuleSet(tfList []interface{}) *wafv2.AWSManagedRulesAT
 		LoginPath: aws.String(m["login_path"].(string)),
 	}
 
+	if v, ok := m["enable_regex_in_path"].(bool); ok {
+		out.EnableRegexInPath = aws.Bool(v)
+	}
 	if v, ok := m["request_inspection"].([]interface{}); ok && len(v) > 0 {
 		out.RequestInspection = expandRequestInspection(v)
 	}
@@ -2322,7 +2325,8 @@ func flattenManagedRulesATPRuleSet(apiObject *wafv2.AWSManagedRulesATPRuleSet) [
 	}
 
 	m := map[string]interface{}{
-		"login_path": aws.StringValue(apiObject.LoginPath),
+		"enable_regex_in_path": aws.BoolValue(apiObject.EnableRegexInPath),
+		"login_path":           aws.StringValue(apiObject.LoginPath),
 	}
 	if apiObject.RequestInspection != nil {
 		m["request_inspection"] = flattenRequestInspection(apiObject.RequestInspection)

diff --git a/internal/service/wafv2/schemas.go b/internal/service/wafv2/schemas.go
@@ -999,26 +999,16 @@ func managedRuleGroupConfigSchema() *schema.Schema {
 		Optional: true,
 		Elem: &schema.Resource{
 			Schema: map[string]*schema.Schema{
-				"aws_managed_rules_bot_control_rule_set": {
-					Type:     schema.TypeList,
-					Optional: true,
-					MaxItems: 1,
-					Elem: &schema.Resource{
-						Schema: map[string]*schema.Schema{
-							"inspection_level": {
-								Type:         schema.TypeString,
-								Required:     true,
-								ValidateFunc: validation.StringInSlice(wafv2.InspectionLevel_Values(), false),
-							},
-						},
-					},
-				},
 				"aws_managed_rules_atp_rule_set": {
 					Type:     schema.TypeList,
 					Optional: true,
 					MaxItems: 1,
 					Elem: &schema.Resource{
 						Schema: map[string]*schema.Schema{
+							"enable_regex_in_path": {
+								Type:     schema.TypeBool,
+								Optional: true,
+							},
 							"login_path": {
 								Type:     schema.TypeString,
 								Required: true,
@@ -1032,6 +1022,20 @@ func managedRuleGroupConfigSchema() *schema.Schema {
 						},
 					},
 				},
+				"aws_managed_rules_bot_control_rule_set": {
+					Type:     schema.TypeList,
+					Optional: true,
+					MaxItems: 1,
+					Elem: &schema.Resource{
+						Schema: map[string]*schema.Schema{
+							"inspection_level": {
+								Type:         schema.TypeString,
+								Required:     true,
+								ValidateFunc: validation.StringInSlice(wafv2.InspectionLevel_Values(), false),
+							},
+						},
+					},
+				},
 				"login_path": {
 					Type:     schema.TypeString,
 					Optional: true,