Disassociates the specified regional application resource from any existing web ACL association. A resource can have at most one web ACL association. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, an AppSync GraphQL API, an Amazon Cognito user pool, an App Runner service, or an Amazon Web Services Verified Access instance.
For Amazon CloudFront, don't use this call. Instead, use your CloudFront distribution configuration. To disassociate a web ACL, provide an empty web ACL ID in the CloudFront call
UpdateDistribution. For information, see
UpdateDistribution in the
Amazon CloudFront API Reference.
Required permissions for customer-managed IAM policies This call requires permissions that are specific to the protected resource type. For details, see
Permissions for DisassociateWebACL in the
WAF Developer Guide.