getWebACLForResource method

Future<GetWebACLForResourceResponse> getWebACLForResource({
  1. required String resourceArn,
})

Retrieves the WebACL for the specified resource.

This call uses GetWebACL, to verify that your account has permission to access the retrieved web ACL. If you get an error that indicates that your account isn't authorized to perform wafv2:GetWebACL on the resource, that error won't be included in your CloudTrail event history.

For Amazon CloudFront, don't use this call. Instead, call the CloudFront action GetDistributionConfig. For information, see GetDistributionConfig in the Amazon CloudFront API Reference.

Required permissions for customer-managed IAM policies

This call requires permissions that are specific to the protected resource type. For details, see Permissions for GetWebACLForResource in the WAF Developer Guide.

May throw WAFInternalErrorException. May throw WAFInvalidOperationException. May throw WAFInvalidParameterException. May throw WAFNonexistentItemException. May throw WAFUnavailableEntityException.

Parameter resourceArn : The Amazon Resource Name (ARN) of the resource whose web ACL you want to retrieve.

The ARN must be in one of the following formats:

  • For an Application Load Balancer: arn:partition:elasticloadbalancing:region:account-id:loadbalancer/app/load-balancer-name/load-balancer-id
  • For an Amazon API Gateway REST API: arn:partition:apigateway:region::/restapis/api-id/stages/stage-name
  • For an AppSync GraphQL API: arn:partition:appsync:region:account-id:apis/GraphQLApiId
  • For an Amazon Cognito user pool: arn:partition:cognito-idp:region:account-id:userpool/user-pool-id
  • For an App Runner service: arn:partition:apprunner:region:account-id:service/apprunner-service-name/apprunner-service-id
  • For an Amazon Web Services Verified Access instance: arn:partition:ec2:region:account-id:verified-access-instance/instance-id
  • For an Amplify application: arn:partition:amplify:region:account-id:apps/app-id

Implementation

Future<GetWebACLForResourceResponse> getWebACLForResource({
  required String resourceArn,
}) async {
  final headers = <String, String>{
    'Content-Type': 'application/x-amz-json-1.1',
    'X-Amz-Target': 'AWSWAF_20190729.GetWebACLForResource'
  };
  final jsonResponse = await _protocol.send(
    method: 'POST',
    requestUri: '/',
    exceptionFnMap: _exceptionFns,
    // TODO queryParams
    headers: headers,
    payload: {
      'ResourceArn': resourceArn,
    },
  );

  return GetWebACLForResourceResponse.fromJson(jsonResponse.body);
}