Amazon web services WebACL在API网关中的应用
我找不到错误。我正在尝试将WafACL连接到API网关部署,并使用以下命令:Amazon web services WebACL在API网关中的应用,amazon-web-services,aws-api-gateway,amazon-waf,Amazon Web Services,Aws Api Gateway,Amazon Waf,我找不到错误。我正在尝试将WafACL连接到API网关部署,并使用以下命令: aws wafv2 associate-web-acl --web-acl-arn d3b11jj1-30c6-46ae-8e58-6a90ae69eeaf --resource-arn 'arn:aws:apigateway:us-east-1::/restapis/*api-id*/stages/dev' 调用时发生错误(WAFInvalidParameterException) AssociateWebACL
aws wafv2 associate-web-acl --web-acl-arn d3b11jj1-30c6-46ae-8e58-6a90ae69eeaf --resource-arn 'arn:aws:apigateway:us-east-1::/restapis/*api-id*/stages/dev'
调用时发生错误(WAFInvalidParameterException)
AssociateWebACL操作:错误原因:ARN无效。有效的
ARN以ARN开头:并包括由分隔的其他信息
冒号或斜杠,字段:资源,参数:
d3b11jj1-30c6-46ae-8e58-6a90ae69eeaf
我还尝试使用CloudFormation:
AWSTemplateFormatVersion: "2010-09-09"
Description: "DB Management Service"
Resources:
WebACLAssociation:
Type: AWS::WAFv2::WebACLAssociation
Properties:
ResourceArn: 'arn:aws:apigateway:us-east-1::/restapis/*api-id*/stages/dev'
WebACLArn:
Ref: WebACL
WebACL:
Type: AWS::WAFv2::WebACL
Properties:
DefaultAction:
Allow: {}
Rules:
- Name: WebACLRule
Action:
Block: {}
Priority: 0
Statement:
RateBasedStatement:
AggregateKeyType: IP
Limit: 2048
VisibilityConfig:
CloudWatchMetricsEnabled: true
MetricName: Requests
SampledRequestsEnabled: false
Scope: REGIONAL
VisibilityConfig:
CloudWatchMetricsEnabled: true
MetricName: WafACL
SampledRequestsEnabled: true
但这里我也得到:
错误原因:ARN无效。有效的ARN以ARN:开头,并包括以冒号或斜杠分隔的其他信息。字段:RESOURCE\u ARN
我不认为阿恩是错误的。我尝试在各种组合上使用它。Wafv2对arn有不同的方案。 Waf v1使用看起来像UUID的东西,而Waf V2使用完全合格的ARN
aws wafv2关联web acl\
--web acl arn arn:aws:wafv2:us-west-2:123456789012:regional/webacl/test cli/a1b2c3d4-5678-90ab-cdef-Example1111\
--资源arn arn:aws:ElasticLoadBalancement:us-west-2:123456789012:loadbalancer/app/waf cli alb/1ea17125f8b25a2a\
--region us-west-2
只想添加一点——CLI也需要region