Application gateway: disabled rule groups

[timja]

Currently WIP

Having issues with the flatten, although the creation works fine

--- FAIL: TestAccAzureRMApplicationGateway_webApplicationFirewallDisabledRuleGroups (264.94s)
    testing.go:568: Step 0 error: errors during apply:

        Error: Error setting `waf_configuration`: waf_configuration.0.disabled_rule_group.0: '' expected a map, got 'slice'

          on /var/folders/6r/vwg96jz13pn1dlb6tk2_x6rm0000gn/T/tf-test386488536/main.tf line 48:
          (source code not available)


    testing.go:629: Error destroying resource! WARNING: Dangling resources
        may exist. The full state and error is shown below.

        Error: errors during refresh: Error setting `waf_configuration`: waf_configuration.0.disabled_rule_group.0: '' expected a map, got 'slice'

        State: <nil>
FAIL

Opening for comment on the design and any general feedback

  waf_configuration {
    enabled          = true
    firewall_mode    = "Detection"
    rule_set_type    = "OWASP"
    rule_set_version = "3.0"
    file_upload_limit_mb = 100
    request_body_check = true
    max_request_body_size_kb = 100

	disabled_rule_group {
		rule_group_name = "REQUEST-913-SCANNER-DETECTION"
		rules = [ 913100 ]
    }

	disabled_rule_group {
		rule_group_name = "REQUEST-920-PROTOCOL-ENFORCEMENT"
    }
  }

[bs-matil]

@timja would #3394 do the trick for you?

[timja]

@bs-matil Yeah, there's one difference in that my PR allows optional rules so that the whole group is disabled.

I would like that supported as that matches the API docs

[timja]

Closing in favour of: #3394

[ghost]

I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues.

If you feel this issue should be reopened, we encourage creating a new issue linking back to this one for added context. If you feel I made an error 🤖 🙉 , please reach out to my human friends 👉 [email protected]. Thanks!