This is blocked by #6056

I have several thoughts on this too and would love to expand it to all wafv2 resources. Do you think we could chat about this any time soon and exchange ideas?

@hoegertn Yes i'd definitely be willing to get a plan in place for the rest! Let me know when you'd like to. If you prefer to take the conversation off github, my email is in my profile and we can chat somewhere.

I would suggest to have a short call about this and then put the results back into this issue. I think a call is faster than writing essays here. ;-)

Sounds good, sent you an email!

Just to make sure, is this issue related to not being able instantiate CfnIPSet class due to required addresses property, which is of type IPAddressesProperty | IResolvable (docs)?

I tried to implement IPAddressesProperty and get the app to synth, but it returns {} for CloudFormation Addresses property, while populating the rest correctly.

import jsii
from aws_cdk import (
    core as cdk,
    aws_wafv2 as wafv2
)


@jsii.implements(wafv2.CfnIPSet.IPAddressesProperty)
class IpAddresses:

    def __init__(self) -> None:
        self.ip_addresses = ['10.1.0.0/16']


class Firewall(cdk.Stack):

    def __init__(self, scope: cdk.Construct, id: str, **kwargs) -> None:
        super().__init__(scope, id, **kwargs)

        wafv2.CfnIPSet(self, 'IpSet', addresses=IpAddresses(),
                       scope='CLOUDFRONT', ip_address_version="IPV4")


app = cdk.App()
Firewall(app, "firewall")

app.synth()

The resulting CloudFormation template:

Resources:
  IpSet:
    Type: AWS::WAFv2::IPSet
    Properties:
      Addresses: {}
      IPAddressVersion: IPV4
      Scope: CLOUDFRONT

@alexpulver yes that is part of the issue. As far as I know we are still in a holding pattern. @rix0rrr spoke with the CF team and they are working on some spec changes and I believe we are waiting for that (correct me if I’m wrong).