AWS WAFv2 Web ACL resource doesn't exist

Hello,

I am trying to use the new WAFv2 Terraform module for configuration a Web ACL with attached AWS managed rules.

I am getting an error that resource doesn’t exist although I want Terraform to actually create it.

Error: Error creating WAFv2 WebACL: WAFNonexistentItemException: AWS WAF couldn’t perform the operation because your resource doesn’t exist.
  on ../../../../../tmp/terraform/modules/wafv2/main.tf line 1, in resource "aws_wafv2_web_acl" 
  "waf_web_acl":
  1: resource "aws_wafv2_web_acl" "waf_web_acl" {

My resource definition looks something like this, with a bunch more AWS managed rule groups :

  resource "aws_wafv2_web_acl" "waf_web_acl" {
  name        = var.web_acl_name
  description = "AWS Managed rules configured on Web ACL"
  scope       = var.web_acl_scope # REGIONAL

  default_action {
    allow {}
  }

  rule {
    name     = "AWS-AWSManagedRulesAdminProtectionRuleSet"
    priority = 1

    action {
      block {}
    }

    override_action {
      none {}
    }

    statement {
      managed_rule_group_statement {
        name        = "AWS-AWSManagedRulesAdminProtectionRuleSet"
        vendor_name = "AWS"
      }
    }

    visibility_config {
      cloudwatch_metrics_enabled = var.web_acl_enable_cloudwatch
      metric_name                = "AWS-AWSManagedRulesAdminProtectionRuleSet"
      sampled_requests_enabled   = var.sampled_requests_enabled
    }
  }
  visibility_config {
    cloudwatch_metrics_enabled = var.web_acl_enable_cloudwatch   ## true
    metric_name                = var.web_acl_name     ## same as web acl name
    sampled_requests_enabled   = var.sampled_requests_enabled    ## true
  }
}

Any ideas ?

I found the issue. It was due to incorrect reference to the AWS managed rules. In their JSON export the names appear as - “AWS-AWSManagedRulesAdminProtectionRuleSet”, but in Terraform they need to be referenced as “AWSManagedRulesAdminProtectionRuleSet”