From 54ce5a1f95574d403864c1072b1b55384912441f Mon Sep 17 00:00:00 2001 From: Arthur Lutz Date: Wed, 20 Aug 2025 10:33:55 +0200 Subject: [PATCH] docs(aws-waf.mdx): add regional permissions for WAF --- crowdsec-docs/unversioned/bouncers/aws-waf.mdx | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/crowdsec-docs/unversioned/bouncers/aws-waf.mdx b/crowdsec-docs/unversioned/bouncers/aws-waf.mdx index 87db77fdf..977dca1ff 100644 --- a/crowdsec-docs/unversioned/bouncers/aws-waf.mdx +++ b/crowdsec-docs/unversioned/bouncers/aws-waf.mdx @@ -346,6 +346,9 @@ Here is the set of required permissions: "arn:aws:wafv2:*:*:global/webacl/*/*", "arn:aws:wafv2:*:*:global/rulegroup/*/*", "arn:aws:wafv2:*:*:global/managedruleset/*/*", + "arn:aws:wafv2:*:*:regional/webacl/*/*", + "arn:aws:wafv2:*:*:regional/rulegroup/*/*", + "arn:aws:wafv2:*:*:regional/managedruleset/*/*", "arn:aws:wafv2:*:*:*/ipset/*/*" ], "Sid": "WAF1" @@ -367,4 +370,4 @@ Here is the set of required permissions: AWS requires the resource for `wafv2:List*` to be `*`. -For the other permissions, we recommend to restrict the resources to only the WebACL the component is configured to interact with and the rule groups/ipsets the component will create. \ No newline at end of file +For the other permissions, we recommend to restrict the resources to only the WebACL the component is configured to interact with and the rule groups/ipsets the component will create.