WAFv2 scope=cloudfront

cyclops69 · June 23, 2020, 12:36pm

Hi,
I’m pretty new to Terraform and I’ve been trying to build a WAFv2 web acl with little success.
I’ve got regional working ok but when I change scope=regional to cloudfront I get the following error:

Error: Error creating WAFv2 WebACL: WAFInvalidParameterException: Error reason: The scope is not valid., field: SCOPE_VALUE, parameter: CLOUDFRONT
{
RespMetadata: {
StatusCode: 400,
RequestID: “37cec571-6aa1-4ae5-916d-e5103e6de9b2”
},
Field: “SCOPE_VALUE”,
Message_: “Error reason: The scope is not valid., field: SCOPE_VALUE, parameter: CLOUDFRONT”,
Parameter: “CLOUDFRONT”,
Reason: “The scope is not valid.”

I’ve specified the region in my provider.tf and I can’t add the line under scope as that errors.
I’m running the latest Terraform and AWS provider.

Could anyone help me with this please as I’ve been trying for a few days with no joy?

Thanks

redhatprabu · March 15, 2021, 6:47pm

Hi @cyclops69 :

For CLOUDFRONT , you must create your WAFv2 resources in the US East (N. Virginia) Region, us-east-1 .

Topic		Replies	Views
AWS WAF v2 Security Polcies & web ACLs Terraform	0	592	April 19, 2021
Error: deleting WAFv2 WebACL - How to unassign WAF from the CloudFront and delete it Terraform Providers	5	2747	April 14, 2023
WAFv2 WebACL not found for name AWS	0	694	November 9, 2021
AWS WAFv2 Web ACL resource doesn't exist AWS	3	10121	July 21, 2022
Unable to associate the "API-Gateway-API-type-HTTP-API to WAFv2 association" HCP Terraform	0	1157	February 3, 2022

WAFv2 scope=cloudfront

Related topics