fix: Add custom_response support for 'block' action in rule-group

aws-ss · Feb 24, 2025 · bc05415 · bc05415
1 parent a638a2a
commit bc05415
Showing 1 changed file with 17 additions and 1 deletion.
diff --git a/modules/rule-group/main.tf b/modules/rule-group/main.tf
@@ -20,7 +20,23 @@ resource "aws_wafv2_rule_group" "this" {
           }
           dynamic "block" {
             for_each = action.value == "block" ? [1] : []
-            content {}
+            content {
+              dynamic "custom_response" {
+                for_each = lookup(rule.value, "custom_response", null) == null ? [] : [lookup(rule.value, "custom_response")]
+                content {
+                  custom_response_body_key = lookup(custom_response.value, "custom_response_body_key", null)
+                  response_code            = lookup(custom_response.value, "response_code", 403)
+
+                  dynamic "response_header" {
+                    for_each = lookup(custom_response.value, "response_header", [])
+                    content {
+                      name  = lookup(response_header.value, "name")
+                      value = lookup(response_header.value, "value")
+                    }
+                  }
+                }
+              }
+            }
           }
           dynamic "count" {
             for_each = action.value == "count" ? [1] : []