Menu
Sign In to the Console
AWS WAF
API Reference

AWS Documentation » AWS WAF » API Reference » Actions » AWS WAF » DeleteRuleGroup

DeleteRuleGroup

Permanently deletes a RuleGroup. You can't delete a RuleGroup if it's still used in any WebACL objects or if it still includes any rules.

If you just want to remove a RuleGroup from a WebACL, use UpdateWebACL.

To permanently delete a RuleGroup from AWS WAF, perform the following steps:

  1. Update the RuleGroup to remove rules, if any. For more information, see UpdateRuleGroup.

  2. Use GetChangeToken to get the change token that you provide in the ChangeToken parameter of a DeleteRuleGroup request.

  3. Submit a DeleteRuleGroup request.

Request Syntax

{
   "ChangeToken": "string",
   "RuleGroupId": "string"
}

Request Parameters

For information about the parameters that are common to all actions, see Common Parameters.

The request accepts the following data in JSON format.

ChangeToken

The value returned by the most recent call to GetChangeToken.

Type: String

Length Constraints: Minimum length of 1.

Required: Yes

RuleGroupId

The RuleGroupId of the RuleGroup that you want to delete. RuleGroupId is returned by CreateRuleGroup and by ListRuleGroups.

Type: String

Length Constraints: Minimum length of 1. Maximum length of 128.

Required: Yes

Response Syntax

{
   "ChangeToken": "string"
}

Response Elements

If the action is successful, the service sends back an HTTP 200 response.

The following data is returned in JSON format by the service.

ChangeToken

The ChangeToken that you used to submit the DeleteRuleGroup request. You can also use this value to query the status of the request. For more information, see GetChangeTokenStatus.

Type: String

Length Constraints: Minimum length of 1.

Errors

For information about the errors that are common to all actions, see Common Errors.

WAFInternalErrorException

The operation failed because of a system problem, even though the request was valid. Retry your request.

HTTP Status Code: 500

WAFInvalidOperationException

The operation failed because there was nothing to do. For example:

  • You tried to remove a Rule from a WebACL, but the Rule isn't in the specified WebACL.

  • You tried to remove an IP address from an IPSet, but the IP address isn't in the specified IPSet.

  • You tried to remove a ByteMatchTuple from a ByteMatchSet, but the ByteMatchTuple isn't in the specified WebACL.

  • You tried to add a Rule to a WebACL, but the Rule already exists in the specified WebACL.

  • You tried to add a ByteMatchTuple to a ByteMatchSet, but the ByteMatchTuple already exists in the specified WebACL.

HTTP Status Code: 400

WAFNonEmptyEntityException

The operation failed because you tried to delete an object that isn't empty. For example:

  • You tried to delete a WebACL that still contains one or more Rule objects.

  • You tried to delete a Rule that still contains one or more ByteMatchSet objects or other predicates.

  • You tried to delete a ByteMatchSet that contains one or more ByteMatchTuple objects.

  • You tried to delete an IPSet that references one or more IP addresses.

HTTP Status Code: 400

WAFNonexistentItemException

The operation failed because the referenced object doesn't exist.

HTTP Status Code: 400

WAFReferencedItemException

The operation failed because you tried to delete an object that is still in use. For example:

  • You tried to delete a ByteMatchSet that is still referenced by a Rule.

  • You tried to delete a Rule that is still referenced by a WebACL.

HTTP Status Code: 400

WAFStaleDataException

The operation failed because you tried to create, update, or delete an object by using a change token that has already been used.

HTTP Status Code: 400

See Also

For more information about using this API in one of the language-specific AWS SDKs, see the following: