jsonamazon-web-servicesbotsamazon-waf

AWS WAF : You have used none or multiple values for a field that requires exactly one value


Problem

Cannot implement AWS-defined custom JSON rule for AWS WAF. I am following documentation, and I don't understand how I am exceeding the values. Rule #2 I was able to apply, but I need to be able to apply the count rule as well.

Error

Error reason: You have used none or multiple values for a field that requires exactly one value., field: RULE, parameter: Rule
{
  "Name": "AWSBotControl-SignalOverride",
  "Priority": 5,
  "Statement": {
    "ManagedRuleGroupStatement": {
      "VendorName": "AWS",
      "Name": "AWSManagedRulesBotControlRuleSet",
      "RuleActionOverrides": [
        {
          "Action": "Count",
          "OverrideAction": { "Count": {} }, // Use this if specific configuration for count is needed.
          "Name": "SignalNonBrowserUserAgent"
        }
      ]
    }
  },
  "VisibilityConfig": {
    "SampledRequestsEnabled": true,
    "CloudWatchMetricsEnabled": true,
    "MetricName": "AWSBotControl-SignalOverride"
  }
}


Solution

  • This seems to have worked for me. It's an inherent optional setting at the bottom of the BotControl rules for the WebACL.

    Override rule group action

    Use this in combination with a rule for throttling and you can prevent non-browsers agents from being blocked by default.