I'm not sure if this is a bug or not. Over the last few days, I've created several Web ACLs and deleted several as well. I've also disassociated Web ACLs several times. When looking through my CloudTrail logs (I searched across all regions), I see most CloudTrail API calls except for:
- AssociateWebACL
- DisassociateWebACL
even though I know for sure I did this action several times.
The reason I was interested in this is that by default if you remove a Web ACL from a resource by adding another one, it does not warn you and I wanted to create a CloudWatch Event Rule to notify if this happens. And according to the documentation, DisassociateWebACL is an API call: https://docs.aws.amazon.com/waf/latest/APIReference/API_DisassociateWebACL.html
Any ideas? Thanks.
