This is AWS WAF Classic
documentation. For more information, see AWS WAF Classic
in the developer guide. For the latest version of AWS WAF
, use the AWS WAFV2 API and see the AWS WAF Developer Guide
. With the latest version, AWS WAF has a single set of endpoints for regional and global use.
Attaches an IAM policy to the specified resource. The only supported use for this action is to share a RuleGroup across accounts.
is subject to the following restrictions:
- You can attach only one policy with each
- The policy must include an
Effect must specify
Action in the policy must be
waf-regional:GetRuleGroup . Any extra or wildcard actions in the policy will be rejected.
- The policy cannot include a
- The ARN in the request must be a valid WAF RuleGroup ARN and the RuleGroup must exist in the same region.
- The user making the request must be the owner of the RuleGroup.
- Your policy must be composed using IAM Policy version 2012-10-17.
For more information, see IAM Policies
An example of a valid policy parameter is shown in the Examples section below.