Closed LumaC0 closed 2 months ago
This link: https://docs.aws.amazon.com/waf/latest/developerguide/logging-s3.html#logging-s3-permissions says exactly what's needed. I'm mostly concerned with the error message.
This issue is now closed. Comments on closed issues are hard for our team to see. If you need more assistance, please open a new issue that references this one.
Describe the bug
The above code fails when the WAF logging configuration doesn't already exist and the executing role allows
wafv2:PutLoggingConfiguration
in its permissions. The error:Could be more descriptive and tell me which permission is missing, like it does when
wafv2:PutLoggingConfiguration
is missing from the IAM policy.Expected Behavior
Outputs:
Current Behavior
Raises:
Reproduction Steps
aws-waf-logs-
wafv2:PutLoggingConfiguration
in its IAM policywafv2 = client("wafv2") wafv2.put_logging_configuration(LoggingConfiguration={ 'ResourceArn': '',
'LogDestinationConfigs': ['']
})