gpt4 book ai didi

amazon-web-services - 出现错误 : Resource handler returned message: "AWS WAF couldn' t perform the operation because your resource doesn? t 存在

转载 作者:行者123 更新时间:2023-12-03 07:38:39 28 4
gpt4 key购买 nike


#WAF Code
Resources:
MyWaf:
Type: 'AWS::WAFv2::WebACL'
Properties:
Name: My-waf
Scope: CLOUDFRONT
DefaultAction:
Block: {}
VisibilityConfig:
CloudWatchMetricsEnabled: true
MetricName: my-waf-metric
SampledRequestsEnabled: true
Rules:
- Name: AWSManagedRulesCommonRuleSet
Statement:
ManagedRuleGroupStatement:
VendorName: AWS
Name: CommonRuleSet
Priority: 1
Action:
Block: {}
OverrideAction:
Count: {}
VisibilityConfig:
SampledRequestsEnabled: true
CloudWatchMetricsEnabled: true
MetricName: CommonRuleSetMetric
- Name: AWSManagedRulesSQLiRuleSet
Statement:
ManagedRuleGroupStatement:
VendorName: AWS
Name: SQLiRuleSet
Priority: 2
Action:
Block: {}
OverrideAction:
Count: {}
VisibilityConfig:
SampledRequestsEnabled: true
CloudWatchMetricsEnabled: true
MetricName: SQLiMeteric
- Name: AWSManagedRulesKnownBadInputs
Statement:
ManagedRuleGroupStatement:
Name: BadInputSet
VendorName: AWS
Priority: 3
Action:
Block: {}
OverrideAction:
Count: {}
VisibilityConfig:
SampledRequestsEnabled: true
CloudWatchMetricsEnabled: true
MetricName: BadInputMetric
- Name: AWSManagedRulesATPRuleSet
Statement:
ManagedRuleGroupStatement:
Name: ATPRuleSet
VendorName: AWS
Priority: 4
Action:
Block: {}
OverrideAction:
Count: {}
VisibilityConfig:
SampledRequestsEnabled: true
CloudWatchMetricsEnabled: true
MetricName: ATPRuleSetMetric
- Name: AWSManagedRulesIPReputationList
Priority: 5
Statement:
ManagedRuleGroupStatement:
Name: IPReputationListSet
VendorName: AWS
Action:
Block: {}
OverrideAction:
Count: {}
VisibilityConfig:
SampledRequestsEnabled: true
CloudWatchMetricsEnabled: true
MetricName: IPReputationListMetric
- Name: AWSManagedRulesBotControlRuleSet
Priority: 6
Statement:
ManagedRuleGroupStatement:
Name: BotControlSet
VendorName: AWS
Action:
Block: {}
OverrideAction:
Count: {}
VisibilityConfig:
SampledRequestsEnabled: true
CloudWatchMetricsEnabled: true
MetricName: BotContolSetMetric


Outputs:
WebACLId:
Description: My WAF WebACL ID
Value: !Ref MyWaf
Export:
Name: my-web-aclid

我在 ap-souteast-2 中有一个 CloudFront 发行版。这与 ALB 相关。这两个资源都是使用 Cloudformation 创建的。我已将 WAF 与 cloudfront 关联,并将 WAFv2 的范围作为 cloudfront。我正在 us-east-1 中部署它。在 us-east-1 中部署 WAF 代码时,我注意到以下错误。

Resource handler returned message: "AWS WAF couldn?t perform the operation because your resource doesn?t exist. (Service: Wafv2, Status Code: 400, Request ID: 7165d5e9-aa1d-4057-a5f2-b6a5617cbbdf)" (RequestToken: 82863340-6852-b176-023f-01beb14f28b1, HandlerErrorCode: NotFound). How do I then associate this WAF with a cloudfront deployed in ap-south-east 2 can exports be done cross region in cloudfromagtion...i think not right?

这是我的 WAF 代码。你能帮我解决这个问题吗,因为这是一个非常常见的运行时错误。

    MyCloudFrontDistribution:
Type: 'AWS::CloudFront::Distribution'
Properties:
DistributionConfig:
Enabled: true
Origins:
- DomainName: !ImportValue my-ApiGatewayDnsName
Id: testgwy
CustomOriginConfig:
HTTPSPort: 443
OriginProtocolPolicy: https-only
DefaultCacheBehavior:
AllowedMethods:
- GET
- HEAD
CachedMethods:
- GET
- HEAD
MinTTL: 100
DefaultTTL: 100
MaxTTL: 300
ForwardedValues:
QueryString: true
TargetOriginId: testalb
ViewerProtocolPolicy: allow-all
WebACLId: !Ref MyWaf

谢谢

我尝试将 cloudfront 和 WAF 放在 us-east-1 中,但随后 cloudfront 部署失败,因为它链接到的源位于 ap-south-east-2 中。我尝试在 us-east-1 中单独运行 WAF 代码,但出现错误。

更新 1:我删除了所有规则并再次尝试,WAF 代码有效。.然后仅包含通用规则集规则,但失败了..它认为与规则集有关

最佳答案

您的 WebACL 名为 MyVicWaf,但您使用的是 !Ref MyWaf。此外,您还需要 ARN,而不是 Id。因此应该是:

WebACLId: !GetAtt MyVicWaf.Arn

关于amazon-web-services - 出现错误 : Resource handler returned message: "AWS WAF couldn' t perform the operation because your resource doesn? t 存在,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/75668093/

28 4 0
Copyright 2021 - 2024 cfsdn All Rights Reserved 蜀ICP备2022000587号
广告合作:1813099741@qq.com 6ren.com