WAFRegional / Client / exceptions / WAFInvalidPermissionPolicyException

WAFInvalidPermissionPolicyException#

class WAFRegional.Client.exceptions.WAFInvalidPermissionPolicyException#

The operation failed because the specified policy is not in the proper format.

The policy is subject to the following restrictions:

  • You can attach only one policy with each PutPermissionPolicy request.

  • The policy must include an Effect, Action and Principal.

  • Effect must specify Allow.

  • The Action in the policy must be waf:UpdateWebACL, waf-regional:UpdateWebACL, waf:GetRuleGroup and waf-regional:GetRuleGroup . Any extra or wildcard actions in the policy will be rejected.

  • The policy cannot include a Resource parameter.

  • The ARN in the request must be a valid WAF RuleGroup ARN and the RuleGroup must exist in the same region.

  • The user making the request must be the owner of the RuleGroup.

  • Your policy must be composed using IAM Policy version 2012-10-17.

Example

try:
  ...
except client.exceptions.WAFInvalidPermissionPolicyException as e:
  print(e.response)
response#

The parsed error response. All exceptions have a top level Error key that provides normalized access to common exception atrributes. All other keys are specific to this service or exception class.

Syntax

{
    'message': 'string',
    'Error': {
        'Code': 'string',
        'Message': 'string'
    }
}

Structure

  • (dict) –

    The operation failed because the specified policy is not in the proper format.

    The policy is subject to the following restrictions:

    • You can attach only one policy with each PutPermissionPolicy request.

    • The policy must include an Effect, Action and Principal.

    • Effect must specify Allow.

    • The Action in the policy must be waf:UpdateWebACL, waf-regional:UpdateWebACL, waf:GetRuleGroup and waf-regional:GetRuleGroup . Any extra or wildcard actions in the policy will be rejected.

    • The policy cannot include a Resource parameter.

    • The ARN in the request must be a valid WAF RuleGroup ARN and the RuleGroup must exist in the same region.

    • The user making the request must be the owner of the RuleGroup.

    • Your policy must be composed using IAM Policy version 2012-10-17.

    • message (string) –

    • Error (dict) – Normalized access to common exception attributes.

      • Code (string) – An identifier specifying the exception type.

      • Message (string) – A descriptive message explaining why the exception occured.