Closed nkotov closed 5 years ago
justnance
commented
6 years ago @nkotov - Thank you for reaching out. I am not able to reproduce the same results. Please run the command again but append --debug at the end.
aws waf list-web-acls --debug
This will help us understand what is happening here.
nkotov
commented
6 years ago I've tried on a different laptop, different AWS account, and was able to replicate the issue. The WAF is setup in us-east-1.
~ aws waf list-web-acls
{
"WebACLs": []
}
~ aws waf list-web-acls --debug
2018-11-17 12:00:09,064 - MainThread - awscli.clidriver - DEBUG - CLI version: aws-cli/1.16.50 Python/3.7.1 Darwin/18.2.0 botocore/1.12.40
2018-11-17 12:00:09,065 - MainThread - awscli.clidriver - DEBUG - Arguments entered to CLI: ['waf', 'list-web-acls', '--debug']
2018-11-17 12:00:09,065 - MainThread - botocore.hooks - DEBUG - Event session-initialized: calling handler <function add_scalar_parsers at 0x103268378>
2018-11-17 12:00:09,065 - MainThread - botocore.hooks - DEBUG - Event session-initialized: calling handler <function register_uri_param_handler at 0x102da22f0>
2018-11-17 12:00:09,065 - MainThread - botocore.hooks - DEBUG - Event session-initialized: calling handler <function inject_assume_role_provider_cache at 0x102dd1488>
2018-11-17 12:00:09,072 - MainThread - botocore.hooks - DEBUG - Event session-initialized: calling handler <function attach_history_handler at 0x102ff98c8>
2018-11-17 12:00:09,073 - MainThread - botocore.loaders - DEBUG - Loading JSON file: /usr/local/Cellar/awscli/1.16.50/libexec/lib/python3.7/site-packages/botocore/data/waf/2015-08-24/service-2.json
2018-11-17 12:00:09,077 - MainThread - botocore.hooks - DEBUG - Event service-data-loaded.waf: calling handler <function register_retries_for_service at 0x1028e20d0>
2018-11-17 12:00:09,077 - MainThread - botocore.handlers - DEBUG - Registering retry handlers for service: waf
2018-11-17 12:00:09,079 - MainThread - botocore.hooks - DEBUG - Event building-command-table.waf: calling handler <function add_waiters at 0x103274598>
2018-11-17 12:00:09,087 - MainThread - awscli.clidriver - DEBUG - OrderedDict([('next-marker', <awscli.arguments.CLIArgument object at 0x1044c5080>), ('limit', <awscli.arguments.CLIArgument object at 0x1044c95f8>)])
2018-11-17 12:00:09,087 - MainThread - botocore.hooks - DEBUG - Event building-argument-table.waf.list-web-acls: calling handler <function add_streaming_output_arg at 0x103268620>
2018-11-17 12:00:09,087 - MainThread - botocore.hooks - DEBUG - Event building-argument-table.waf.list-web-acls: calling handler <function add_cli_input_json at 0x102dd19d8>
2018-11-17 12:00:09,088 - MainThread - botocore.hooks - DEBUG - Event building-argument-table.waf.list-web-acls: calling handler <function unify_paging_params at 0x1031f08c8>
2018-11-17 12:00:09,096 - MainThread - botocore.loaders - DEBUG - Loading JSON file: /usr/local/Cellar/awscli/1.16.50/libexec/lib/python3.7/site-packages/botocore/data/waf/2015-08-24/paginators-1.json
2018-11-17 12:00:09,096 - MainThread - awscli.customizations.paginate - DEBUG - Modifying paging parameters for operation: ListWebACLs
2018-11-17 12:00:09,096 - MainThread - botocore.hooks - DEBUG - Event building-argument-table.waf.list-web-acls: calling handler <function add_generate_skeleton at 0x1031ca6a8>
2018-11-17 12:00:09,097 - MainThread - botocore.hooks - DEBUG - Event before-building-argument-table-parser.waf.list-web-acls: calling handler <bound method OverrideRequiredArgsArgument.override_required_args of <awscli.customizations.cliinputjson.CliInputJSONArgument object at 0x1044c9588>>
2018-11-17 12:00:09,097 - MainThread - botocore.hooks - DEBUG - Event before-building-argument-table-parser.waf.list-web-acls: calling handler <bound method GenerateCliSkeletonArgument.override_required_args of <awscli.customizations.generatecliskeleton.GenerateCliSkeletonArgument object at 0x1044d1ac8>>
2018-11-17 12:00:09,098 - MainThread - botocore.hooks - DEBUG - Event operation-args-parsed.waf.list-web-acls: calling handler functools.partial(<function check_should_enable_pagination at 0x1031f09d8>, ['next-marker', 'limit'], {}, OrderedDict([('next-marker', <awscli.arguments.CLIArgument object at 0x1044c5080>), ('limit', <awscli.arguments.CLIArgument object at 0x1044c95f8>), ('cli-input-json', <awscli.customizations.cliinputjson.CliInputJSONArgument object at 0x1044c9588>), ('starting-token', <awscli.customizations.paginate.PageArgument object at 0x1044c96a0>), ('page-size', <awscli.customizations.paginate.PageArgument object at 0x1044d1940>), ('max-items', <awscli.customizations.paginate.PageArgument object at 0x1044d19e8>), ('generate-cli-skeleton', <awscli.customizations.generatecliskeleton.GenerateCliSkeletonArgument object at 0x1044d1ac8>)]))
2018-11-17 12:00:09,098 - MainThread - botocore.hooks - DEBUG - Event load-cli-arg.waf.list-web-acls.next-marker: calling handler <awscli.paramfile.URIArgumentHandler object at 0x103334f98>
2018-11-17 12:00:09,098 - MainThread - botocore.hooks - DEBUG - Event load-cli-arg.waf.list-web-acls.limit: calling handler <awscli.paramfile.URIArgumentHandler object at 0x103334f98>
2018-11-17 12:00:09,098 - MainThread - botocore.hooks - DEBUG - Event load-cli-arg.waf.list-web-acls.cli-input-json: calling handler <awscli.paramfile.URIArgumentHandler object at 0x103334f98>
2018-11-17 12:00:09,099 - MainThread - botocore.hooks - DEBUG - Event load-cli-arg.waf.list-web-acls.starting-token: calling handler <awscli.paramfile.URIArgumentHandler object at 0x103334f98>
2018-11-17 12:00:09,099 - MainThread - botocore.hooks - DEBUG - Event load-cli-arg.waf.list-web-acls.page-size: calling handler <awscli.paramfile.URIArgumentHandler object at 0x103334f98>
2018-11-17 12:00:09,099 - MainThread - botocore.hooks - DEBUG - Event load-cli-arg.waf.list-web-acls.max-items: calling handler <awscli.paramfile.URIArgumentHandler object at 0x103334f98>
2018-11-17 12:00:09,099 - MainThread - botocore.hooks - DEBUG - Event load-cli-arg.waf.list-web-acls.generate-cli-skeleton: calling handler <awscli.paramfile.URIArgumentHandler object at 0x103334f98>
2018-11-17 12:00:09,099 - MainThread - botocore.hooks - DEBUG - Event calling-command.waf.list-web-acls: calling handler <bound method CliInputJSONArgument.add_to_call_parameters of <awscli.customizations.cliinputjson.CliInputJSONArgument object at 0x1044c9588>>
2018-11-17 12:00:09,099 - MainThread - botocore.hooks - DEBUG - Event calling-command.waf.list-web-acls: calling handler <bound method GenerateCliSkeletonArgument.generate_json_skeleton of <awscli.customizations.generatecliskeleton.GenerateCliSkeletonArgument object at 0x1044d1ac8>>
2018-11-17 12:00:09,099 - MainThread - botocore.credentials - DEBUG - Looking for credentials via: env
2018-11-17 12:00:09,099 - MainThread - botocore.credentials - DEBUG - Looking for credentials via: assume-role
2018-11-17 12:00:09,100 - MainThread - botocore.credentials - DEBUG - Looking for credentials via: shared-credentials-file
2018-11-17 12:00:09,100 - MainThread - botocore.credentials - INFO - Found credentials in shared credentials file: ~/.aws/credentials
2018-11-17 12:00:09,100 - MainThread - botocore.loaders - DEBUG - Loading JSON file: /usr/local/Cellar/awscli/1.16.50/libexec/lib/python3.7/site-packages/botocore/data/endpoints.json
2018-11-17 12:00:09,104 - MainThread - botocore.hooks - DEBUG - Event choose-service-name: calling handler <function handle_service_name_alias at 0x1028c2598>
2018-11-17 12:00:09,106 - MainThread - botocore.hooks - DEBUG - Event creating-client-class.waf: calling handler <function add_generate_presigned_url at 0x10288e400>
2018-11-17 12:00:09,106 - MainThread - botocore.regions - DEBUG - Using partition endpoint for waf, us-west-2: aws-global
2018-11-17 12:00:09,107 - MainThread - botocore.args - DEBUG - The s3 config key is not a dictionary type, ignoring its value of: None
2018-11-17 12:00:09,112 - MainThread - botocore.endpoint - DEBUG - Setting waf timeout as (60, 60)
2018-11-17 12:00:09,113 - MainThread - botocore.client - DEBUG - Registering retry handlers for service: waf
2018-11-17 12:00:09,114 - MainThread - botocore.hooks - DEBUG - Event before-parameter-build.waf.ListWebACLs: calling handler <function generate_idempotent_uuid at 0x1028df9d8>
2018-11-17 12:00:09,114 - MainThread - botocore.endpoint - DEBUG - Making request for OperationModel(name=ListWebACLs) with params: {'url_path': '/', 'query_string': '', 'method': 'POST', 'headers': {'X-Amz-Target': 'AWSWAF_20150824.ListWebACLs', 'Content-Type': 'application/x-amz-json-1.1', 'User-Agent': 'aws-cli/1.16.50 Python/3.7.1 Darwin/18.2.0 botocore/1.12.40'}, 'body': b'{}', 'url': 'https://waf.amazonaws.com/', 'context': {'client_region': 'aws-global', 'client_config': <botocore.config.Config object at 0x1045ceba8>, 'has_streaming_input': False, 'auth_type': None}}
2018-11-17 12:00:09,114 - MainThread - botocore.hooks - DEBUG - Event request-created.waf.ListWebACLs: calling handler <bound method RequestSigner.handler of <botocore.signers.RequestSigner object at 0x1045ceb70>>
2018-11-17 12:00:09,114 - MainThread - botocore.hooks - DEBUG - Event choose-signer.waf.ListWebACLs: calling handler <function set_operation_specific_signer at 0x1028df8c8>
2018-11-17 12:00:09,115 - MainThread - botocore.auth - DEBUG - Calculating signature using v4 auth.
2018-11-17 12:00:09,115 - MainThread - botocore.auth - DEBUG - CanonicalRequest:
POST
/
content-type:application/x-amz-json-1.1
host:waf.amazonaws.com
x-amz-date:20181117T170009Z
x-amz-target:AWSWAF_20150824.ListWebACLs
content-type;host;x-amz-date;x-amz-target
[REDACTED]
2018-11-17 12:00:09,115 - MainThread - botocore.auth - DEBUG - StringToSign:
AWS4-HMAC-SHA256
20181117T170009Z
20181117/us-east-1/waf/aws4_request
[REDACTED]
2018-11-17 12:00:09,115 - MainThread - botocore.auth - DEBUG - Signature:
[REDACTED]
2018-11-17 12:00:09,115 - MainThread - botocore.endpoint - DEBUG - Sending http request: <AWSPreparedRequest stream_output=False, method=POST, url=https://waf.amazonaws.com/, headers={'X-Amz-Target': b'AWSWAF_20150824.ListWebACLs', 'Content-Type': b'application/x-amz-json-1.1', 'User-Agent': b'aws-cli/1.16.50 Python/3.7.1 Darwin/18.2.0 botocore/1.12.40', 'X-Amz-Date': b'20181117T170009Z', 'Authorization': b'AWS4-HMAC-SHA256 Credential=[REDACTED]/20181117/us-east-1/waf/aws4_request, SignedHeaders=content-type;host;x-amz-date;x-amz-target, Signature=[REDACTED]', 'Content-Length': '2'}>
2018-11-17 12:00:09,230 - MainThread - botocore.parsers - DEBUG - Response headers: {'x-amzn-RequestId': '[REDACTED]', 'Content-Type': 'application/x-amz-json-1.1', 'Content-Length': '14', 'Date': 'Sat, 17 Nov 2018 17:00:08 GMT'}
2018-11-17 12:00:09,230 - MainThread - botocore.parsers - DEBUG - Response body:
b'{"WebACLs":[]}'
2018-11-17 12:00:09,230 - MainThread - botocore.hooks - DEBUG - Event needs-retry.waf.ListWebACLs: calling handler <botocore.retryhandler.RetryHandler object at 0x104493cf8>
2018-11-17 12:00:09,231 - MainThread - botocore.retryhandler - DEBUG - No retry needed.
{
"WebACLs": []
}Hi, just wanted to follow up on this issue. Thanks!
justnance
commented
6 years ago @nkotov - Thank you for posting the debug logs. I was able to reproduce the same results and have better understanding of the problem but need to rule out an environment configuration. Please rerun the following: aws waf list-web-acls --region us-east-1 --debug
I want to see the results after using --region to override the default environment settings.
Thanks.
nkotov
commented
6 years ago Sure! Not a problem. See attached
~ aws waf list-web-acls --region us-east-1
{
"WebACLs": []
}
~ aws waf list-web-acls --region us-east-1 --debug
2018-11-28 12:34:50,862 - MainThread - awscli.clidriver - DEBUG - CLI version: aws-cli/1.16.50 Python/3.7.1 Darwin/18.2.0 botocore/1.12.40
2018-11-28 12:34:50,862 - MainThread - awscli.clidriver - DEBUG - Arguments entered to CLI: ['waf', 'list-web-acls', '--region', 'us-east-1', '--debug']
2018-11-28 12:34:50,863 - MainThread - botocore.hooks - DEBUG - Event session-initialized: calling handler <function add_scalar_parsers at 0x10ea01378>
2018-11-28 12:34:50,863 - MainThread - botocore.hooks - DEBUG - Event session-initialized: calling handler <function register_uri_param_handler at 0x10e53b2f0>
2018-11-28 12:34:50,863 - MainThread - botocore.hooks - DEBUG - Event session-initialized: calling handler <function inject_assume_role_provider_cache at 0x10e56a488>
2018-11-28 12:34:50,869 - MainThread - botocore.hooks - DEBUG - Event session-initialized: calling handler <function attach_history_handler at 0x10e7928c8>
2018-11-28 12:34:50,870 - MainThread - botocore.loaders - DEBUG - Loading JSON file: /usr/local/Cellar/awscli/1.16.50/libexec/lib/python3.7/site-packages/botocore/data/waf/2015-08-24/service-2.json
2018-11-28 12:34:50,873 - MainThread - botocore.hooks - DEBUG - Event service-data-loaded.waf: calling handler <function register_retries_for_service at 0x10e07c0d0>
2018-11-28 12:34:50,874 - MainThread - botocore.handlers - DEBUG - Registering retry handlers for service: waf
2018-11-28 12:34:50,875 - MainThread - botocore.hooks - DEBUG - Event building-command-table.waf: calling handler <function add_waiters at 0x10ea0d598>
2018-11-28 12:34:50,883 - MainThread - awscli.clidriver - DEBUG - OrderedDict([('next-marker', <awscli.arguments.CLIArgument object at 0x10fc85080>), ('limit', <awscli.arguments.CLIArgument object at 0x10fc895f8>)])
2018-11-28 12:34:50,884 - MainThread - botocore.hooks - DEBUG - Event building-argument-table.waf.list-web-acls: calling handler <function add_streaming_output_arg at 0x10ea01620>
2018-11-28 12:34:50,884 - MainThread - botocore.hooks - DEBUG - Event building-argument-table.waf.list-web-acls: calling handler <function add_cli_input_json at 0x10e56a9d8>
2018-11-28 12:34:50,884 - MainThread - botocore.hooks - DEBUG - Event building-argument-table.waf.list-web-acls: calling handler <function unify_paging_params at 0x10e9898c8>
2018-11-28 12:34:50,892 - MainThread - botocore.loaders - DEBUG - Loading JSON file: /usr/local/Cellar/awscli/1.16.50/libexec/lib/python3.7/site-packages/botocore/data/waf/2015-08-24/paginators-1.json
2018-11-28 12:34:50,892 - MainThread - awscli.customizations.paginate - DEBUG - Modifying paging parameters for operation: ListWebACLs
2018-11-28 12:34:50,893 - MainThread - botocore.hooks - DEBUG - Event building-argument-table.waf.list-web-acls: calling handler <function add_generate_skeleton at 0x10e9636a8>
2018-11-28 12:34:50,893 - MainThread - botocore.hooks - DEBUG - Event before-building-argument-table-parser.waf.list-web-acls: calling handler <bound method OverrideRequiredArgsArgument.override_required_args of <awscli.customizations.cliinputjson.CliInputJSONArgument object at 0x10fc89588>>
2018-11-28 12:34:50,893 - MainThread - botocore.hooks - DEBUG - Event before-building-argument-table-parser.waf.list-web-acls: calling handler <bound method GenerateCliSkeletonArgument.override_required_args of <awscli.customizations.generatecliskeleton.GenerateCliSkeletonArgument object at 0x10fc92ac8>>
2018-11-28 12:34:50,894 - MainThread - botocore.hooks - DEBUG - Event operation-args-parsed.waf.list-web-acls: calling handler functools.partial(<function check_should_enable_pagination at 0x10e9899d8>, ['next-marker', 'limit'], {}, OrderedDict([('next-marker', <awscli.arguments.CLIArgument object at 0x10fc85080>), ('limit', <awscli.arguments.CLIArgument object at 0x10fc895f8>), ('cli-input-json', <awscli.customizations.cliinputjson.CliInputJSONArgument object at 0x10fc89588>), ('starting-token', <awscli.customizations.paginate.PageArgument object at 0x10fc896a0>), ('page-size', <awscli.customizations.paginate.PageArgument object at 0x10fc92940>), ('max-items', <awscli.customizations.paginate.PageArgument object at 0x10fc929e8>), ('generate-cli-skeleton', <awscli.customizations.generatecliskeleton.GenerateCliSkeletonArgument object at 0x10fc92ac8>)]))
2018-11-28 12:34:50,894 - MainThread - botocore.hooks - DEBUG - Event load-cli-arg.waf.list-web-acls.next-marker: calling handler <awscli.paramfile.URIArgumentHandler object at 0x10e30bba8>
2018-11-28 12:34:50,895 - MainThread - botocore.hooks - DEBUG - Event load-cli-arg.waf.list-web-acls.limit: calling handler <awscli.paramfile.URIArgumentHandler object at 0x10e30bba8>
2018-11-28 12:34:50,895 - MainThread - botocore.hooks - DEBUG - Event load-cli-arg.waf.list-web-acls.cli-input-json: calling handler <awscli.paramfile.URIArgumentHandler object at 0x10e30bba8>
2018-11-28 12:34:50,895 - MainThread - botocore.hooks - DEBUG - Event load-cli-arg.waf.list-web-acls.starting-token: calling handler <awscli.paramfile.URIArgumentHandler object at 0x10e30bba8>
2018-11-28 12:34:50,895 - MainThread - botocore.hooks - DEBUG - Event load-cli-arg.waf.list-web-acls.page-size: calling handler <awscli.paramfile.URIArgumentHandler object at 0x10e30bba8>
2018-11-28 12:34:50,895 - MainThread - botocore.hooks - DEBUG - Event load-cli-arg.waf.list-web-acls.max-items: calling handler <awscli.paramfile.URIArgumentHandler object at 0x10e30bba8>
2018-11-28 12:34:50,895 - MainThread - botocore.hooks - DEBUG - Event load-cli-arg.waf.list-web-acls.generate-cli-skeleton: calling handler <awscli.paramfile.URIArgumentHandler object at 0x10e30bba8>
2018-11-28 12:34:50,896 - MainThread - botocore.hooks - DEBUG - Event calling-command.waf.list-web-acls: calling handler <bound method CliInputJSONArgument.add_to_call_parameters of <awscli.customizations.cliinputjson.CliInputJSONArgument object at 0x10fc89588>>
2018-11-28 12:34:50,896 - MainThread - botocore.hooks - DEBUG - Event calling-command.waf.list-web-acls: calling handler <bound method GenerateCliSkeletonArgument.generate_json_skeleton of <awscli.customizations.generatecliskeleton.GenerateCliSkeletonArgument object at 0x10fc92ac8>>
2018-11-28 12:34:50,896 - MainThread - botocore.credentials - DEBUG - Looking for credentials via: env
2018-11-28 12:34:50,896 - MainThread - botocore.credentials - DEBUG - Looking for credentials via: assume-role
2018-11-28 12:34:50,896 - MainThread - botocore.credentials - DEBUG - Looking for credentials via: shared-credentials-file
2018-11-28 12:34:50,896 - MainThread - botocore.credentials - INFO - Found credentials in shared credentials file: ~/.aws/credentials
2018-11-28 12:34:50,896 - MainThread - botocore.loaders - DEBUG - Loading JSON file: /usr/local/Cellar/awscli/1.16.50/libexec/lib/python3.7/site-packages/botocore/data/endpoints.json
2018-11-28 12:34:50,900 - MainThread - botocore.hooks - DEBUG - Event choose-service-name: calling handler <function handle_service_name_alias at 0x10e05b598>
2018-11-28 12:34:50,902 - MainThread - botocore.hooks - DEBUG - Event creating-client-class.waf: calling handler <function add_generate_presigned_url at 0x10e027400>
2018-11-28 12:34:50,902 - MainThread - botocore.regions - DEBUG - Using partition endpoint for waf, us-east-1: aws-global
2018-11-28 12:34:50,902 - MainThread - botocore.args - DEBUG - The s3 config key is not a dictionary type, ignoring its value of: None
2018-11-28 12:34:50,907 - MainThread - botocore.endpoint - DEBUG - Setting waf timeout as (60, 60)
2018-11-28 12:34:50,908 - MainThread - botocore.client - DEBUG - Registering retry handlers for service: waf
2018-11-28 12:34:50,908 - MainThread - botocore.hooks - DEBUG - Event before-parameter-build.waf.ListWebACLs: calling handler <function generate_idempotent_uuid at 0x10e0789d8>
2018-11-28 12:34:50,909 - MainThread - botocore.endpoint - DEBUG - Making request for OperationModel(name=ListWebACLs) with params: {'url_path': '/', 'query_string': '', 'method': 'POST', 'headers': {'X-Amz-Target': 'AWSWAF_20150824.ListWebACLs', 'Content-Type': 'application/x-amz-json-1.1', 'User-Agent': 'aws-cli/1.16.50 Python/3.7.1 Darwin/18.2.0 botocore/1.12.40'}, 'body': b'{}', 'url': 'https://waf.amazonaws.com/', 'context': {'client_region': 'aws-global', 'client_config': <botocore.config.Config object at 0x10fd8eb70>, 'has_streaming_input': False, 'auth_type': None}}
2018-11-28 12:34:50,909 - MainThread - botocore.hooks - DEBUG - Event request-created.waf.ListWebACLs: calling handler <bound method RequestSigner.handler of <botocore.signers.RequestSigner object at 0x10fd8eb38>>
2018-11-28 12:34:50,909 - MainThread - botocore.hooks - DEBUG - Event choose-signer.waf.ListWebACLs: calling handler <function set_operation_specific_signer at 0x10e0788c8>
2018-11-28 12:34:50,910 - MainThread - botocore.auth - DEBUG - Calculating signature using v4 auth.
2018-11-28 12:34:50,910 - MainThread - botocore.auth - DEBUG - CanonicalRequest:
POST
/
content-type:application/x-amz-json-1.1
host:waf.amazonaws.com
x-amz-date:20181128T173450Z
x-amz-target:AWSWAF_20150824.ListWebACLs
content-type;host;x-amz-date;x-amz-target
[REDACTED]
2018-11-28 12:34:50,910 - MainThread - botocore.auth - DEBUG - StringToSign:
AWS4-HMAC-SHA256
20181128T173450Z
20181128/us-east-1/waf/aws4_request
[REDACTED]
2018-11-28 12:34:50,910 - MainThread - botocore.auth - DEBUG - Signature:
[REDACTED]
2018-11-28 12:34:50,910 - MainThread - botocore.endpoint - DEBUG - Sending http request: <AWSPreparedRequest stream_output=False, method=POST, url=https://waf.amazonaws.com/, headers={'X-Amz-Target': b'AWSWAF_20150824.ListWebACLs', 'Content-Type': b'application/x-amz-json-1.1', 'User-Agent': b'aws-cli/1.16.50 Python/3.7.1 Darwin/18.2.0 botocore/1.12.40', 'X-Amz-Date': b'20181128T173450Z', 'Authorization': b'AWS4-HMAC-SHA256 Credential=[REDACTED]/20181128/us-east-1/waf/aws4_request, SignedHeaders=content-type;host;x-amz-date;x-amz-target, Signature=[REDACTED]', 'Content-Length': '2'}>
2018-11-28 12:34:51,018 - MainThread - botocore.parsers - DEBUG - Response headers: {'x-amzn-RequestId': '[REDACTED]', 'Content-Type': 'application/x-amz-json-1.1', 'Content-Length': '14', 'Date': 'Wed, 28 Nov 2018 17:34:50 GMT'}
2018-11-28 12:34:51,018 - MainThread - botocore.parsers - DEBUG - Response body:
b'{"WebACLs":[]}'
2018-11-28 12:34:51,019 - MainThread - botocore.hooks - DEBUG - Event needs-retry.waf.ListWebACLs: calling handler <botocore.retryhandler.RetryHandler object at 0x10fc53cf8>
2018-11-28 12:34:51,019 - MainThread - botocore.retryhandler - DEBUG - No retry needed.
{
"WebACLs": []
}
~ :50,895 - MainThread - botocore.hooks - DEBUG - Event load-cli-arg.waf.list-web-acls.max-items: calling handler <awscli.paramfile.URIArgumentHandler object at 0x10e30bba8>
2018-11-28 12:34:50,895 - MainThread - botocore.hooks - DEBUG - Event load-cli-arg.waf.list-web-acls.generate-cli-skeleton: calling handler <awscli.paramfile.URIArgumentHandler object at 0x10e30bba8>
2018-11-28 12:34:50,896 - MainThread - botocore.hooks - DEBUG - Event calling-command.waf.list-web-acls: calling handler <bound method CliInputJSONArgument.add_to_call_parameters of <awscli.customizations.cliinputjson.CliInputJSONArgument object at 0x10fc89588>>
2018-11-28 12:34:50,896 - MainThread - botocore.hooks - DEBUG - Event calling-command.waf.list-web-acls: calling handler <bound method GenerateCliSkeletonArgument.generate_json_skeleton of <awscli.customizations.generatecliskeleton.GenerateCliSkeletonArgument object at 0x10fc92ac8>>
2018-11-28 12:34:50,896 - MainThread - botocore.credentials - DEBUG - Looking for credentials via: env
2018-11-28 12:34:50,896 - MainThread - botocore.credentials - DEBUG - Looking for credentials via: assume-role
2018-11-28 12:34:50,896 - MainThread - botocore.credentials - DEBUG - Looking for credentials via: shared-credentials-file
2018-11-28 12:34:50,896 - MainThread - botocore.credentials - INFO - Found credentials in shared credentials file: ~/.aws/credentials
2018-11-28 12:34:50,896 - MainThread - botocore.loaders - DEBUG - Loading JSON file: /usr/local/Cellar/awscli/1.16.50/libexec/lib/python3.7/site-packages/botocore/data/endpoints.json
2018-11-28 12:34:50,900 - MainThread - botocore.hooks - DEBUG - Event choose-service-name: calling handler <function handle_service_name_alias at 0x10e05b598>
2018-11-28 12:34:50,902 - MainThread - botocore.hooks - DEBUG - Event creating-client-class.waf: calling handler <function add_generate_presigned_url at 0x10e027400>
2018-11-28 12:34:50,902 - MainThread - botocore.regions - DEBUG - Using partition endpoint for waf, us-east-1: aws-global
2018-11-28 12:34:50,902 - MainThread - botocore.args - DEBUG - The s3 config key is not a dictionary type, ignoring its value of: None
2018-11-28 12:34:50,907 - MainThread - botocore.endpoint - DEBUG - Setting waf timeout as (60, 60)
2018-11-28 12:34:50,908 - MainThread - botocore.client - DEBUG - Registering retry handlers for service: waf
2018-11-28 12:34:50,908 - MainThread - botocore.hooks - DEBUG - Event before-parameter-build.waf.ListWebACLs: calling handler <function generate_idempotent_uuid at 0x10e0789d8>
2018-11-28 12:34:50,909 - MainThread - botocore.endpoint - DEBUG - Making request for OperationModel(name=ListWebACLs) with params: {'url_path': '/', 'query_string': '', 'method': 'POST', 'headers': {'X-Amz-Target': 'AWSWAF_20150824.ListWebACLs', 'Content-Type': 'application/x-amz-json-1.1', 'User-Agent': 'aws-cli/1.16.50 Python/3.7.1 Darwin/18.2.0 botocore/1.12.40'}, 'body': b'{}', 'url': 'https://waf.amazonaws.com/', 'context': {'client_region': 'aws-global', 'client_config': <botocore.config.Config object at 0x10fd8eb70>, 'has_streaming_input': False, 'auth_type': None}}
2018-11-28 12:34:50,909 - MainThread - botocore.hooks - DEBUG - Event request-created.waf.ListWebACLs: calling handler <bound method RequestSigner.handler of <botocore.signers.RequestSigner object at 0x10fd8eb38>>
2018-11-28 12:34:50,909 - MainThread - botocore.hooks - DEBUG - Event choose-signer.waf.ListWebACLs: calling handler <function set_operation_specific_signer at 0x10e0788c8>
2018-11-28 12:34:50,910 - MainThread - botocore.auth - DEBUG - Calculating signature using v4 auth.
2018-11-28 12:34:50,910 - MainThread - botocore.auth - DEBUG - CanonicalRequest:
POST
/
content-type:application/x-amz-json-1.1
host:waf.amazonaws.com
x-amz-date:20181128T173450Z
x-amz-target:AWSWAF_20150824.ListWebACLs
content-type;host;x-amz-date;x-amz-target
[REDACTED]
2018-11-28 12:34:50,910 - MainThread - botocore.auth - DEBUG - StringToSign:
AWS4-HMAC-SHA256
20181128T173450Z
20181128/us-east-1/waf/aws4_request
[REDACTED]
2018-11-28 12:34:50,910 - MainThread - botocore.auth - DEBUG - Signature:
[REDACTED]
2018-11-28 12:34:50,910 - MainThread - botocore.endpoint - DEBUG - Sending http request: <AWSPreparedRequest stream_output=False, method=POST, url=https://waf.amazonaws.com/, headers={'X-Amz-Target': b'AWSWAF_20150824.ListWebACLs', 'Content-Type': b'application/x-amz-json-1.1', 'User-Agent': b'aws-cli/1.16.50 Python/3.7.1 Darwin/18.2.0 botocore/1.12.40', 'X-Amz-Date': b'20181128T173450Z', 'Authorization': b'AWS4-HMAC-SHA256 Credential=AKIAJ5[REDACTED][REDACTED]/20181128/us-east-1/waf/aws4_request, SignedHeaders=content-type;host;x-amz-date;x-amz-target, Signature=[REDACTED]', 'Content-Length': '2'}>
2018-11-28 12:34:51,018 - MainThread - botocore.parsers - DEBUG - Response headers: {'x-amzn-RequestId': '[REDACTED]', 'Content-Type': 'application/x-amz-json-1.1', 'Content-Length': '14', 'Date': 'Wed, 28 Nov 2018 17:34:50 GMT'}
2018-11-28 12:34:51,018 - MainThread - botocore.parsers - DEBUG - Response body:
b'{"WebACLs":[]}'
2018-11-28 12:34:51,019 - MainThread - botocore.hooks - DEBUG - Event needs-retry.waf.ListWebACLs: calling handler <botocore.retryhandler.RetryHandler object at 0x10fc53cf8>
2018-11-28 12:34:51,019 - MainThread - botocore.retryhandler - DEBUG - No retry needed.
{
"WebACLs": []
}
zsh: parse error near `\n'Hi, just wanted to follow up on this to see if you need anything else on my end.
justnance
commented
5 years ago @nkotov - Thanks for the debug output and your patience. There are two sets of AWS WAF Action:
AWS WAF AWS WAF Regional
WAF resources associated with CloudFront distributions are generally configured as global for the region to which the AWS WAF action would be used. When a WAF resource is associated with ALBs and API Gateway then it is usually configured as region specific to which AWS WAF Regional action would be used and not AWS WAF. As per the screens shot provided, testwaf was configured as region specific and in the us-east-1 . Please test the following command and advised if it works as you expect:
aws waf-regional list-web-acls --region us-east-1Thanks for clarification @justnance! That resolved our issue!
justnance
commented
5 years ago Thanks for the feedback. Glad to hear it worked.
thisismana
commented
2 years ago In case someone lands here in 2022, this would be the wafv2 command:
aws wafv2 list-web-acls --scope=CLOUDFRONT --region=us-east-1
Running into an issue where running
aws waf list-web-aclsreturns nothing even though we have a WAF setup under one of the regions:{ "WebACLs": [] }