AWS services or capabilities described in AWS Documentation may vary by region/location. Click Getting Started with Amazon AWS to see specific differences applicable to the China (Beijing) Region.
This is AWS WAF Classic documentation. For more information, see AWS
WAF Classic in the developer guide.
For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS
WAF Developer Guide. With the latest version, AWS WAF has a single set of endpoints
for regional and global use.
Attaches an IAM policy to the specified resource. The only supported use for this action is to share a RuleGroup across accounts.
The PutPermissionPolicy
is subject to the following restrictions:
You can attach only one policy with each PutPermissionPolicy
request.
The policy must include an Effect
, Action
and Principal
.
Effect
must specify Allow
.
The Action
in the policy must be waf:UpdateWebACL
, waf-regional:UpdateWebACL
,
waf:GetRuleGroup
and waf-regional:GetRuleGroup
. Any extra or wildcard
actions in the policy will be rejected.
The policy cannot include a Resource
parameter.
The ARN in the request must be a valid WAF RuleGroup ARN and the RuleGroup must exist in the same region.
The user making the request must be the owner of the RuleGroup.
Your policy must be composed using IAM Policy version 2012-10-17.
For more information, see IAM Policies.
An example of a valid policy parameter is shown in the Examples section below.
This is an asynchronous operation using the standard naming convention for .NET 4.5 or higher. For .NET 3.5 the operation is implemented as a pair of methods using the standard naming convention of BeginPutPermissionPolicy and EndPutPermissionPolicy.
Namespace: Amazon.WAF
Assembly: AWSSDK.WAF.dll
Version: 3.x.y.z
public abstract Task<PutPermissionPolicyResponse> PutPermissionPolicyAsync( PutPermissionPolicyRequest request, CancellationToken cancellationToken )
Container for the necessary parameters to execute the PutPermissionPolicy service method.
A cancellation token that can be used by other objects or threads to receive notice of cancellation.
Exception | Condition |
---|---|
WAFInternalErrorException | The operation failed because of a system problem, even though the request was valid. Retry your request. |
WAFInvalidPermissionPolicyException | The operation failed because the specified policy is not in the proper format. The policy is subject to the following restrictions: You can attach only one policy with each PutPermissionPolicy request. The policy must include an Effect, Action and Principal. Effect must specify Allow. The Action in the policy must be waf:UpdateWebACL, waf-regional:UpdateWebACL, waf:GetRuleGroup and waf-regional:GetRuleGroup . Any extra or wildcard actions in the policy will be rejected. The policy cannot include a Resource parameter. The ARN in the request must be a valid WAF RuleGroup ARN and the RuleGroup must exist in the same region. The user making the request must be the owner of the RuleGroup. Your policy must be composed using IAM Policy version 2012-10-17. |
WAFNonexistentItemException | The operation failed because the referenced object doesn't exist. |
WAFStaleDataException | The operation failed because you tried to create, update, or delete an object by using a change token that has already been used. |
.NET Core App:
Supported in: 3.1
.NET Standard:
Supported in: 2.0
.NET Framework:
Supported in: 4.5