Cookie の設定を選択する

当社は、当社のサイトおよびサービスを提供するために必要な必須 Cookie および類似のツールを使用しています。当社は、パフォーマンス Cookie を使用して匿名の統計情報を収集することで、お客様が当社のサイトをどのように利用しているかを把握し、改善に役立てています。必須 Cookie は無効化できませんが、[カスタマイズ] または [拒否] をクリックしてパフォーマンス Cookie を拒否することはできます。

お客様が同意した場合、AWS および承認された第三者は、Cookie を使用して便利なサイト機能を提供したり、お客様の選択を記憶したり、関連する広告を含む関連コンテンツを表示したりします。すべての必須ではない Cookie を受け入れるか拒否するには、[受け入れる] または [拒否] をクリックしてください。より詳細な選択を行うには、[カスタマイズ] をクリックしてください。

設定
お問い合わせ
フィードバック
AWS Documentation
今すぐ無料サインアップ »
PutPermissionPolicy - AWS WAFV2
Request SyntaxRequest ParametersResponse ElementsErrorsExamplesSee Also
このページはお客様の言語に翻訳されていません。 翻訳のリクエスト

PutPermissionPolicy

PDF
Note

AWS WAF Classic support will end on September 30, 2025.

This is AWS WAF Classic documentation. For more information, see AWS WAF Classic in the developer guide.

For the latest version of AWS WAF , use the AWS WAFV2 API and see the AWS WAF Developer Guide. With the latest version, AWS WAF has a single set of endpoints for regional and global use.

Attaches an IAM policy to the specified resource. The only supported use for this action is to share a RuleGroup across accounts.

The PutPermissionPolicy is subject to the following restrictions:

  • You can attach only one policy with each PutPermissionPolicy request.

  • The policy must include an Effect, Action and Principal.

  • Effect must specify Allow.

  • The Action in the policy must be waf:UpdateWebACL, waf-regional:UpdateWebACL, waf:GetRuleGroup and waf-regional:GetRuleGroup . Any extra or wildcard actions in the policy will be rejected.

  • The policy cannot include a Resource parameter.

  • The ARN in the request must be a valid RuleGroup ARN and the RuleGroup must exist in the same region.

  • The user making the request must be the owner of the RuleGroup.

  • Your policy must be composed using IAM Policy version 2012-10-17.

For more information, see Policies and permissions in IAM.

An example of a valid policy parameter is shown in the Examples section below.

Request Syntax

{
   "Policy": "string",
   "ResourceArn": "string"
}

Request Parameters

For information about the parameters that are common to all actions, see Common Parameters.

The request accepts the following data in JSON format.

Policy

The policy to attach to the specified RuleGroup.

Type: String

Length Constraints: Minimum length of 1. Maximum length of 395000.

Pattern: .*\S.*

Required: Yes

ResourceArn

The Amazon Resource Name (ARN) of the RuleGroup to which you want to attach the policy.

Type: String

Length Constraints: Minimum length of 1. Maximum length of 1224.

Pattern: .*\S.*

Required: Yes

Response Elements

If the action is successful, the service sends back an HTTP 200 response with an empty HTTP body.

Errors

For information about the errors that are common to all actions, see Common Errors.

WAFInternalErrorException

The operation failed because of a system problem, even though the request was valid. Retry your request.

HTTP Status Code: 500

WAFInvalidPermissionPolicyException

The operation failed because the specified policy is not in the proper format.

The policy is subject to the following restrictions:

  • You can attach only one policy with each PutPermissionPolicy request.

  • The policy must include an Effect, Action and Principal.

  • Effect must specify Allow.

  • The Action in the policy must be waf:UpdateWebACL, waf-regional:UpdateWebACL, waf:GetRuleGroup and waf-regional:GetRuleGroup . Any extra or wildcard actions in the policy will be rejected.

  • The policy cannot include a Resource parameter.

  • The ARN in the request must be a valid WAF RuleGroup ARN and the RuleGroup must exist in the same region.

  • The user making the request must be the owner of the RuleGroup.

  • Your policy must be composed using IAM Policy version 2012-10-17.

HTTP Status Code: 400

WAFNonexistentItemException

The operation failed because the referenced object doesn't exist.

HTTP Status Code: 400

WAFStaleDataException

The operation failed because you tried to create, update, or delete an object by using a change token that has already been used.

HTTP Status Code: 400

Examples

Example policy parameter - No escape characters

This example illustrates one usage of PutPermissionPolicy.

{
   "Version": "2012-10-17",
    "Statement": [
        {
          "Effect": "Allow",
          "Principal": {
          "AWS": "arn:aws:iam::111111111111:user/MyUserName"
                       },
           "Action": [
               "waf:UpdateWebACL",
               "waf-regional:UpdateWebACL",
               "waf:GetRuleGroup",
               "waf-regional:GetRuleGroup"

                     ]
         }
                  ]
}

Example policy parameter - ()

This example illustrates one usage of PutPermissionPolicy.

{\"Version\":\"2012-10-17\",\"Statement\":[{\"Effect\":\"Allow\",\"Principal\":{\"AWS\":\"arn:aws:iam::111111111111:user\/MyUserName\"},\"Action\":[\"waf:UpdateWebACL\",\"waf-regional:UpdateWebACL\",\"waf:GetRuleGroup\",\"waf-regional:GetRuleGroup\"]}]}

See Also

For more information about using this API in one of the language-specific AWS SDKs, see the following:

次のトピック

TagResource

前のトピック:

PutLoggingConfiguration

ヘルプが必要ですか?

プライバシーサイト規約Cookie の設定
© 2025, Amazon Web Services, Inc. or its affiliates.All rights reserved.