AWS WAF ClassicAWS WAF v2Old PlanNew PlanAdvancedLegacyFeature / Spec.
Credentials and WAF Configs are validated, and the results are shown on their details page. This article will explain each error and how to check them.
Validation results are available under [State] for Credentials.
Message | Description |
|---|---|
Unknown | This message is shown when the validation has not yet been completed. |
Validated | This message is shown when the validation is successful. |
Invalid Credential | This message is shown when the credential is invalid. |
Undefined Error | This message is shown when an unexpected error occurs. |
Below are the examples of each error. These are just some examples, and errors could be caused by other reasons. If you see an error, please check your configurations.
To revalidate your resources after solving the causes, please click the [Validate] button on the top right corner of the Credential Store details page.
This message shows that the registered credential information is invalid.
This error may occur if there are mistakes in registered values or the information is deleted in the AWS management console.
Please check if the information registered in the Credential Store matches those in the AWS management console.
This message shows that none of the errors above apply or that there is an unexpected error.
Clicking on the [Validate] button could solve the issue. If clicking on the [Validate] button does not solve the issue, please contact the WafCharm support team with the information listed below.
For the Legacy rule policy, the validation results are available on items below in the WAF Configs.
Message | Description |
|---|---|
Unknown | This message is shown when the validation has not yet been completed. |
Validated | This message is shown when the validation is successful. |
Invalid Credential | This message is shown when the credential is invalid. |
Insufficient permissions | This message is shown when permissions are insufficient. |
Web ACL not found | The message is shown when web ACLs are missing or cannot be found. |
Undefined Error | This message is shown when an unexpected error occurs. |
Below are the examples of each error. These are just some examples, and errors could be caused by other reasons. If you see an error, please check your configurations.
To revalidate your resources after solving the causes, please click the [Reapply] button on the top right corner of the WAF Config details page.
This message shows that the registered credential information is invalid.
This error may occur if there are mistakes in registered values or the information is deleted in the AWS management console.
Please check if the information registered in the Credential Store matches those in the AWS management console.
This message shows that the permissions attached to an IAM policy are insufficient.
Please attach the permissions below to use WafCharm.
Please note that we recommend restricting the S3 bucket WafCharm can access on the AmazonS3ReadOnlyAccess permission.
For AWS WAF-related permission, please attach AWSWAFFullAccess because feature additions and updates could cause the permissions to become insufficient without full access. If you have concerns about the permission, please use the AssumeRole method, which is a more secure way to provide permissions.
In addition, please specify * in the Resource for AWS WAF permissions.
This message shows that the resources cannot be found. For example, this error can occur if you delete the web ACL before deleting the WAF Config.
This message shows that none of the errors above apply or that there is an unexpected error.
Clicking on the [Reapply] button could solve the issue. If clicking on the [Reapply] button does not solve the issue, please contact the WafCharm support team with the information listed below.
Message | Description |
|---|---|
Unknown | This message is shown when the validation has not yet been completed. |
Validated | This message is shown when the validation is successful. |
Invalid Credential | This message is shown when the credential is invalid. |
Insufficient permissions | This message is shown when permissions are insufficient. |
S3 bucket not found | This message is shown when S3 buckets cannot be found. |
Access log not found | This message is shown when access logs cannot be found. |
Undefined Error | This message is shown when an unexpected error occurs. |
Below are the examples of each error. These are just some examples, and errors could be caused by other reasons. If you see an error, please check your configurations.
To revalidate your resources after solving the causes, please click the [Reapply] button on the top right corner of the WAF Config details page.
This message shows that the registered credential information is invalid.
This error may occur if there are mistakes in registered values or the information is deleted in the AWS management console.
Please check if the information registered in the Credential Store matches those in the AWS management console.
This message shows that the permissions attached to an IAM policy are insufficient.
Please attach the permissions below to use WafCharm.
Please note that we recommend restricting the S3 bucket WafCharm can access on the AmazonS3ReadOnlyAccess permission.
For AWS WAF-related permission, please attach AWSWAFFullAccess because feature additions and updates could cause the permissions to become insufficient without full access. If you have concerns about the permission, please use the AssumeRole method, which is a more secure way to provide permissions.
In addition, please specify * in the Resource for AWS WAF permissions.
This message shows that the target resources cannot be found.
Please check the values specified in the S3 Path fields and if the S3 bucket exists in your AWS management console.
This message shows that the target resources cannot be found.
Please check the values specified in the S3 Path fields and if access logs are outputted to the target S3 bucket.
This message shows that none of the errors above apply or that there is an unexpected error.
Clicking on the [Reapply] button could solve the issue. If clicking on the [Reapply] button does not solve the issue, please contact the WafCharm support team with the information listed below.
For the Advanced rule policy, the validation and application results are shown on the items below in the WAF Configs.
Message | Description |
|---|---|
Applying | This message is shown when the rules are being applied. |
Failed | This message is shown when the rule application fails. If the rule application fails, the Validation Status explained below may also show an error. Please solve the Validation Status issue and then click the [Reapply] button to check the status again. |
Success | This message is shown when the rule application is successful. |
Message | Description |
|---|---|
Unknown | This message is shown when the validation has not yet been completed. |
Validated | This message is shown when the validation is successful. |
Invalid Credential | This message is shown when the credential is invalid. |
Insufficient permissions | This message is shown when permissions are insufficient. |
Web ACL not found | The message is shown when web ACLs are missing or cannot be found. |
Log config not found | This message is shown when the log configurations cannot be found. |
Undefined Error | This message is shown when an unexpected error occurs. |
Below are the examples of each error. These are just some examples, and errors could be caused by other reasons. If you see an error, please check your configurations.
To revalidate your resources after solving the causes, please click the [Reapply] button on the top right corner of the WAF Config details page.
This message shows that the registered credential information is invalid.
This error may occur if there are mistakes in registered values or the information is deleted in the AWS management console.
Please check if the information registered in the Credential Store matches those in the AWS management console.
This message shows that the permissions attached to an IAM policy are insufficient.
Please attach the permissions below to use WafCharm.
Please note that we recommend restricting the S3 bucket WafCharm can access on the AmazonS3ReadOnlyAccess permission.
For AWS WAF-related permission, please attach AWSWAFFullAccess because feature additions and updates could cause the permissions to become insufficient without full access. If you have concerns about the permission, please use the AssumeRole method, which is a more secure way to provide permissions.
In addition, please specify * in the Resource for AWS WAF permissions.
This message shows that the resources cannot be found. For example, this error can occur if you delete the web ACL before deleting the WAF Config.
This message shows that the resources cannot be found. For example, this error can occur if the AWS WAF's Logging configuration is disabled or if WAF logs are not directly outputted to S3 buckets.
This message shows that none of the errors above apply or that there is an unexpected error.
Clicking on the [Reapply] button could solve the issue. If clicking on the [Reapply] button does not solve the issue, please contact the WafCharm support team with the information listed below.