AssociateWebACL
This is the latest version of AWS WAF, named AWS WAFV2, released in November, 2019. For information, including how to migrate your AWS WAF resources from the prior release, see the AWS WAF Developer Guide.
Associates a Web ACL with a regional application resource, to protect the resource. A regional application can be an Application Load Balancer (ALB), an API Gateway REST API, or an AppSync GraphQL API.
For AWS CloudFront, don't use this call. Instead, use your CloudFront distribution
configuration. To associate a Web ACL, in the CloudFront call UpdateDistribution
, set the web ACL ID to the Amazon Resource Name (ARN) of the Web ACL. For information,
see UpdateDistribution.
Request Syntax
{
"ResourceArn": "string
",
"WebACLArn": "string
"
}
Request Parameters
For information about the parameters that are common to all actions, see Common Parameters.
The request accepts the following data in JSON format.
- ResourceArn
-
The Amazon Resource Name (ARN) of the resource to associate with the web ACL.
The ARN must be in one of the following formats:
-
For an Application Load Balancer:
arn:aws:elasticloadbalancing:region:account-id:loadbalancer/app/load-balancer-name/load-balancer-id
-
For an API Gateway REST API:
arn:aws:apigateway:region::/restapis/api-id/stages/stage-name
-
For an AppSync GraphQL API:
arn:aws:appsync:region:account-id:apis/GraphQLApiId
Type: String
Length Constraints: Minimum length of 20. Maximum length of 2048.
Pattern:
.*\S.*
Required: Yes
-
- WebACLArn
-
The Amazon Resource Name (ARN) of the Web ACL that you want to associate with the resource.
Type: String
Length Constraints: Minimum length of 20. Maximum length of 2048.
Pattern:
.*\S.*
Required: Yes
Response Elements
If the action is successful, the service sends back an HTTP 200 response with an empty HTTP body.
Errors
For information about the errors that are common to all actions, see Common Errors.
- WAFInternalErrorException
-
Your request is valid, but AWS WAF couldn’t perform the operation because of a system problem. Retry your request.
HTTP Status Code: 500
- WAFInvalidOperationException
-
The operation isn't valid.
HTTP Status Code: 400
- WAFInvalidParameterException
-
The operation failed because AWS WAF didn't recognize a parameter in the request. For example:
-
You specified an invalid parameter name or value.
-
Your nested statement isn't valid. You might have tried to nest a statement that can’t be nested.
-
You tried to update a
WebACL
with aDefaultAction
that isn't among the types available at DefaultAction. -
Your request references an ARN that is malformed, or corresponds to a resource with which a Web ACL cannot be associated.
HTTP Status Code: 400
-
- WAFNonexistentItemException
-
AWS WAF couldn’t perform the operation because your resource doesn’t exist.
HTTP Status Code: 400
- WAFUnavailableEntityException
-
AWS WAF couldn’t retrieve the resource that you requested. Retry your request.
HTTP Status Code: 400
See Also
For more information about using this API in one of the language-specific AWS SDKs, see the following: