3개 답변
- 최신
- 최다 투표
- 가장 많은 댓글
0
For CLI:
WAFv2 has a different scheme for the ARN. WAF Classic uses UUID alone whereas WAFv2 uses full ARN.
From: https://docs.aws.amazon.com/cli/latest/reference/wafv2/associate-web-acl.html
aws wafv2 associate-web-acl \
--web-acl-arn arn:aws:wafv2:us-west-2:123456789012:regional/webacl/test-cli/a1b2c3d4-5678-90ab-cdef-EXAMPLE11111 \
--resource-arn arn:aws:elasticloadbalancing:us-west-2:123456789012:loadbalancer/app/waf-cli-alb/1ea17125f8b25a2a \
--region us-west-2
For CFN:
WAFv2 has multiple return attribute so you cannot just reference the entire web ACL:
WebACLArn: !Ref <webacl>
Thus, you will have to do the following:
WebACLArn: !GetAtt <webacl>.Arn
답변함 4년 전
0
Thank you Kevin
This solves my issue. And it works now. Then I think the error message is not clear.
The field: RESOURCE_ARN
looks like the invalid parameter is ResourceArn. But what is invalid is WebACLArn. Is this is correct error message or I misunderstanding the message?
답변함 4년 전
0
Thanks, Kevin. This solved a similar issue for me as well. A corresponding example in the documentation would help reducing headache for others ;-)
답변함 3년 전