From 699539fb78ae3c96eb4bb489c1aa69674e686451 Mon Sep 17 00:00:00 2001 From: Mark Chappell Date: Mon, 27 Jan 2025 15:25:59 +0100 Subject: [PATCH] waf_condition - adds missing options validation to filters (#2220) SUMMARY waf_condition - adds missing options validation to filters ISSUE TYPE Feature Pull Request COMPONENT NAME waf_condition ADDITIONAL INFORMATION Arguably a breaking change, but behaviour would be a little erratic if bad options were passed. Reviewed-by: Bikouo Aubin --- changelogs/fragments/20250127-waf_confition.yml | 3 +++ plugins/modules/waf_condition.py | 10 ++++++++-- 2 files changed, 11 insertions(+), 2 deletions(-) create mode 100644 changelogs/fragments/20250127-waf_confition.yml diff --git a/changelogs/fragments/20250127-waf_confition.yml b/changelogs/fragments/20250127-waf_confition.yml new file mode 100644 index 00000000000..9dcd077c69b --- /dev/null +++ b/changelogs/fragments/20250127-waf_confition.yml @@ -0,0 +1,3 @@ +--- +minor_changes: + - waf_condition - adds missing options validation to filters (https://github.com/ansible-collections/community.aws/pull/2220). diff --git a/plugins/modules/waf_condition.py b/plugins/modules/waf_condition.py index 5b08cb6de86..560ddf5c150 100644 --- a/plugins/modules/waf_condition.py +++ b/plugins/modules/waf_condition.py @@ -734,12 +734,18 @@ def main(): target_string=dict(), # Bytes size=dict(type="int"), ip_address=dict(), - regex_pattern=dict(), + regex_pattern=dict( + type="dict", + options=dict( + name=dict(), + regex_strings=dict(type="list", elements="str"), + ), + ), ) argument_spec = dict( name=dict(required=True), type=dict(required=True, choices=["byte", "geo", "ip", "regex", "size", "sql", "xss"]), - filters=dict(type="list", elements="dict"), + filters=dict(type="list", elements="dict", options=filters_subspec), purge_filters=dict(type="bool", default=False), waf_regional=dict(type="bool", default=False), state=dict(default="present", choices=["present", "absent"]),