By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post

Create CLOUDFRONT scoped AWS::WAFv2::WebACL with CloudFormation

0

Hi!

I'm having difficulties creating a AWS::WAFv2::WebACL resource with CloudFormation:

The documentation (https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-wafv2-webacl.html#cfn-wafv2-webacl-scope) states For CLOUDFRONT, you must create your WAFv2 resources in the US East (N. Virginia) Region, us-east-1.

The only WebACL resource I am trying to spawn basically looks like this:

  ExampleWebACL:
    Type: AWS::WAFv2::WebACL
    Properties:
      Name: example-name
      Description: example-description
      Scope: CLOUDFRONT
      DefaultAction:
        Allow: {}
      VisibilityConfig:
        SampledRequestsEnabled: true
        CloudWatchMetricsEnabled: true
        MetricName: example-metric

Creation fails for Scope: CLOUDFRONT with 400 / Error reason: The scope is not valid.

Where do I set the region to us-east-1?

Thanks Christoph

Topics
Security, Identity, & ComplianceManagement & Governance
Tags
AWS WAFAWS CloudFormation
Language
English
chris
asked 2 years ago1747 views
1 Answer
0

Thank you aabragan for hinting at what the solution is: --region us-east-1 does the trick.

I guess

  • the first statement is, that CloudFormation stacks are region bound
  • and the answer to the question how do I create resources in multiple regions may be StackSets.
chris
answered 2 years ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions

Relevant content