Skip to content

Waf2 rule group permission policy#46872

Open
issabayevmk wants to merge 6 commits intohashicorp:mainfrom
issabayevmk:waf2-rule-group-permission-policy
Open

Waf2 rule group permission policy#46872
issabayevmk wants to merge 6 commits intohashicorp:mainfrom
issabayevmk:waf2-rule-group-permission-policy

Conversation

@issabayevmk
Copy link

@issabayevmk issabayevmk commented Mar 11, 2026

Rollback Plan

If a change needs to be reverted, we will publish an updated version of the library.

Changes to Security Controls

Are there any changes to security controls (access controls, encryption, logging) in this pull request? If so, explain.

No changes to security controls.

Description

New resource aws_wafv2_rule_group_permission_policy to manage WAFv2 Rule Group permission policies, enabling cross-account sharing of rule groups.

This resource wraps the PutPermissionPolicy, GetPermissionPolicy, and DeletePermissionPolicy WAFv2 API operations. It follows the provider's IAM resource-based policy pattern (same as aws_networkfirewall_resource_policy, aws_kinesis_resource_policy, etc.) as recommended by the provider design guide.

Supports sharing with:

  • Specific accounts or IAM principals
  • Multiple accounts
  • Entire AWS Organizations (via aws:PrincipalOrgID condition)
  • Specific OUs (via aws:PrincipalOrgPaths condition)

Implemented using Terraform Plugin Framework with ARN-based resource identity.

Relations

References

Output from Acceptance Testing

% make testacc TESTS=TestAccWAFV2RuleGroupPermissionPolicy PKG=wafv2

...

@issabayevmk
Add release note for new AWS WAFv2 rule group policy
9b98fc0
@issabayevmk
Add new resources for RuleGroupPermissionPolicy
e7e2b89
@issabayevmk
Add WAFv2 Rule Group Permission Policy resource
d7c1260 
Implement WAFv2 Rule Group Permission Policy resource with CRUD operations.
@issabayevmk
Implement tests for WAFv2 Rule Group Permission Policy
0385ffa 
Add tests for WAFv2 Rule Group Permission Policy including basic, disappear, and update scenarios.
@issabayevmk
Add Rule Group Permission Policy resource definition
4e7882b
@issabayevmk
Add documentation for aws_wafv2_rule_group_permission_policy
6185c0e 
Document the aws_wafv2_rule_group_permission_policy resource, including usage examples and argument references.
@issabayevmk issabayevmk requested a review from a team as a code owner March 11, 2026 16:14
@github-actions
Copy link
Contributor

github-actions bot commented Mar 11, 2026

Community Guidelines

This comment is added to every new Pull Request to provide quick reference to how the Terraform AWS Provider is maintained. Please review the information below, and thank you for contributing to the community that keeps the provider thriving! 🚀

Voting for Prioritization

  • Please vote on this Pull Request by adding a 👍 reaction to the original post to help the community and maintainers prioritize it.
  • Please see our prioritization guide for additional information on how the maintainers handle prioritization.
  • Please do not leave +1 or other comments that do not add relevant new information or questions; they generate extra noise for others following the Pull Request and do not help prioritize the request.

Pull Request Authors

  • Review the contribution guide relating to the type of change you are making to ensure all of the necessary steps have been taken.
  • Whether or not the branch has been rebased will not impact prioritization, but doing so is always a welcome surprise.

@github-actions github-actions bot added needs-triage Waiting for first response or review from a maintainer. documentation Introduces or discusses updates to documentation. tests PRs: expanded test coverage. Issues: expanded coverage, enhancements to test infrastructure. service/wafv2 Issues and PRs that pertain to the wafv2 service. generators Relates to code generators. size/XL Managed by automation to categorize the size of a PR. labels Mar 11, 2026
@dosubot dosubot bot added the new-resource Introduces a new resource. label Mar 11, 2026
@ewbankkit ewbankkit added the partner Contribution from a partner. label Mar 11, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

documentation Introduces or discusses updates to documentation. generators Relates to code generators. needs-triage Waiting for first response or review from a maintainer. new-resource Introduces a new resource. partner Contribution from a partner. service/wafv2 Issues and PRs that pertain to the wafv2 service. size/XL Managed by automation to categorize the size of a PR. tests PRs: expanded test coverage. Issues: expanded coverage, enhancements to test infrastructure.

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@issabayevmk @ewbankkit