You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I can across an issue with the IAM policy used for the lamba function when it attempted to update the managed rule set on the managed rule set.
This is the error I received:
Error: An error occurred (AccessDeniedException) when calling the UpdateWebACL operation: User: arn:aws:sts::xxxxxxxxxxx:assumed-role/xxxxxxxxxxx/xxxxxxxxxxx is not authorized to perform: wafv2:UpdateWebACL on resource: arn:aws:wafv2:ap-southeast-2:xxxxxxxxxxx:regional/managedruleset/
To overcome this issue, I applied the following to the CFN template.
Hello,
I can across an issue with the IAM policy used for the lamba function when it attempted to update the managed rule set on the managed rule set.
This is the error I received:
Error: An error occurred (AccessDeniedException) when calling the UpdateWebACL operation: User: arn:aws:sts::xxxxxxxxxxx:assumed-role/xxxxxxxxxxx/xxxxxxxxxxx is not authorized to perform: wafv2:UpdateWebACL on resource: arn:aws:wafv2:ap-southeast-2:xxxxxxxxxxx:regional/managedruleset/
To overcome this issue, I applied the following to the CFN template.
Action:
Resource: !Sub 'arn:aws:wafv2:${AWS::Region}:${AWS::AccountId}:regional/managedruleset/*'
Is my workaround the best approach and is this expected behaviour?
The text was updated successfully, but these errors were encountered: