fix(CloudFormation): No or Empty tags compiles to invalid Waf Resource

sid88in · Jun 15, 2022 · 1a5f81b · 1a5f81b
1 parent e91b238
commit 1a5f81b
Show file tree

Hide file tree

Showing 3 changed files with 65 additions and 3 deletions.
diff --git a/src/__tests__/__snapshots__/waf.test.ts.snap b/src/__tests__/__snapshots__/waf.test.ts.snap
@@ -332,6 +332,46 @@ Object {
 }
 `;
 
+exports[`Waf Base Resources should generate waf Resources without tags 1`] = `
+Object {
+  "GraphQlWaf": Object {
+    "Properties": Object {
+      "DefaultAction": Object {
+        "Allow": Object {},
+      },
+      "Description": "My Waf ACL",
+      "Name": "Waf",
+      "Rules": Array [],
+      "Scope": "REGIONAL",
+      "Tags": undefined,
+      "VisibilityConfig": Object {
+        "CloudWatchMetricsEnabled": true,
+        "MetricName": "MyVisibilityConfig",
+        "SampledRequestsEnabled": true,
+      },
+    },
+    "Type": "AWS::WAFv2::WebACL",
+  },
+  "GraphQlWafAssoc": Object {
+    "Properties": Object {
+      "ResourceArn": Object {
+        "Fn::GetAtt": Array [
+          "GraphQlApi",
+          "Arn",
+        ],
+      },
+      "WebACLArn": Object {
+        "Fn::GetAtt": Array [
+          "GraphQlWaf",
+          "Arn",
+        ],
+      },
+    },
+    "Type": "AWS::WAFv2::WebACLAssociation",
+  },
+}
+`;
+
 exports[`Waf Custom rules should generate a custom rule 1`] = `
 Object {
   "Action": Object {

diff --git a/src/__tests__/waf.test.ts b/src/__tests__/waf.test.ts
@@ -25,6 +25,28 @@ describe('Waf', () => {
       expect(waf.compile()).toMatchSnapshot();
     });
 
+    it('should generate waf Resources without tags', () => {
+      const api = new Api(
+        given.appSyncConfig({
+          tags: undefined,
+        }),
+        plugin,
+      );
+      const waf = new Waf(api, {
+        enabled: true,
+        name: 'Waf',
+        defaultAction: 'Allow',
+        description: 'My Waf ACL',
+        visibilityConfig: {
+          cloudWatchMetricsEnabled: true,
+          name: 'MyVisibilityConfig',
+          sampledRequestsEnabled: true,
+        },
+        rules: [],
+      });
+      expect(waf.compile()).toMatchSnapshot();
+    });
+
     it('should not generate waf Resources if disabled', () => {
       const api = new Api(
         given.appSyncConfig({

diff --git a/src/resources/Api.ts b/src/resources/Api.ts
@@ -1,5 +1,5 @@
 import ServerlessAppsyncPlugin from '..';
-import { forEach, merge, set } from 'lodash';
+import { forEach, isEmpty, merge, set } from 'lodash';
 import {
   CfnResource,
   CfnResources,
@@ -457,8 +457,8 @@ export class Api {
   }
 
   getTagsConfig() {
-    if (!this.config.tags) {
-      return [];
+    if (!this.config.tags || isEmpty(this.config.tags)) {
+      return undefined;
     }
 
     const tags = this.config.tags;