AWS Fundamentals Logo
AWS Fundamentals
AWS::WAFv2::LoggingConfiguration

WAFv2 LoggingConfiguration

A WAFv2 Logging Configuration Resource Provider

Properties

4 configurable properties. 2 required. Click a row to see details.

Filter:
PropertyTypeFlags
LogDestinationConfigs
Array<string>
Required
ResourceArn
string
RequiredCreate-only
LoggingFilter
object
RedactedFields
Array<FieldToMatch>

Return Values

Values returned after the resource is created. Access these with Fn::GetAtt.

AttributeTypeDescription
ManagedByFirewallManagerbooleanIndicates whether the logging configuration was created by AWS Firewall Manager, as part of an AWS WAF policy configuration. If true, only Firewall Manager can modify or delete the configuration.

Sample CloudFormation Template

A minimal template with required properties and common optional ones.

template.yaml
AWSTemplateFormatVersion: "2010-09-09"
Description: Sample template for AWS::WAFv2::LoggingConfiguration

Resources:
  MyResource:
    Type: AWS::WAFv2::LoggingConfiguration
    Properties:
      ResourceArn: "arn:aws:service:region:account:resource"
      LogDestinationConfigs: []

Required IAM Permissions

Permissions CloudFormation needs in your IAM role to manage this resource.

create

wafv2:PutLoggingConfigurationwafv2:GetLoggingConfigurationfirehose:ListDeliveryStreamsiam:CreateServiceLinkedRoleiam:DescribeOrganizationlogs:CreateLogDeliverys3:PutBucketPolicys3:GetBucketPolicy

read

wafv2:GetLoggingConfiguration

update

wafv2:PutLoggingConfigurationwafv2:GetLoggingConfigurationfirehose:ListDeliveryStreamsiam:CreateServiceLinkedRoleiam:DescribeOrganizationlogs:CreateLogDeliverys3:PutBucketPolicys3:GetBucketPolicy

delete

wafv2:DeleteLoggingConfigurationwafv2:GetLoggingConfigurationlogs:DeleteLogDelivery

list

wafv2:ListLoggingConfigurations

Learn AWS the Practical Way

Our bi-weekly newsletter teaches hands-on AWS fundamentals. No certification fluff - just practical knowledge.

Subscribe to Newsletter

Quick Facts

ServiceWAFv2
Properties5
Required2
TaggingNot supported
Primary IDResourceArn

Supported Operations

CreateReadUpdateDeleteList

Immutable After Creation

These properties cannot be changed after the resource is created. Updating them triggers a replacement.

ResourceArn

Related Resources

External Links