How to integrate CloudFront distribution to AWS WAF by using CloudFormation?

About

Asked 20/2, 2018 at 6:28 Answered 20/2, 2018 at 15:56

Solved amazon-web-services amazon-cloudfront aws-cloudformation amazon-waf

I am trying to add CloudFront distribution to AWS WAF by using CloudFormation and have tried this,

"Type": "AWS::WAFRegional::WebACLAssociation",
            "Properties": {
                "ResourceArn": "arn:aws:cloudfront::AccountID:distribution/CloudFrontID",
                "WebACLId": {
                    "Ref": "WebACLName"
                }

But I ended up with this error: The referenced item does not exist. (Service: AWSWAFRegional; Status Code: 400; Error Code: WAFNonexistentItemException; Request ID: 149453cd-1606-11e8-86b2-a3efdb49d9d1)

Bowser answered 20/2, 2018 at 6:28 Comment(0)

AWS::WAFRegional::* is actually for association with Application Load Balancers. You'll want to use the AWS::WAF::* types (without the "Regional").

Then for the association you have to do it from the CloudFront distribution itself. Like so:

"myDistribution": {
  "Type": "AWS::CloudFront::Distribution",
  "Properties": {
    "DistributionConfig": {    
      "WebACLId": { "Ref" : "MyWebACL" },

That part is explained in the CloudFormation documentation.

Groome answered 20/2, 2018 at 15:56 Comment(1)

thanks for the answer, so we can only associate them from CloudFront end? – Bowser 21/2, 2018 at 5:34

Hot tags

Godot Unity Godot Help Programming Godot 4.X GUI GDScript 3D 2D Physics CSharp Godot 3.X VR XR Projects C++

Recommended topics

Hot tags