:doc:`WAFV2 <../../wafv2>` / Client / associate_web_acl

*****************
associate_web_acl
*****************



.. py:method:: WAFV2.Client.associate_web_acl(**kwargs)

  

  Associates a web ACL with a resource, to protect the resource.

   

  Use this for all resource types except for Amazon CloudFront distributions. For Amazon CloudFront, call ``UpdateDistribution`` for the distribution and provide the Amazon Resource Name (ARN) of the web ACL in the web ACL ID. For information, see `UpdateDistribution <https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_UpdateDistribution.html>`__ in the *Amazon CloudFront Developer Guide*.

   

  **Required permissions for customer-managed IAM policies**

   

  This call requires permissions that are specific to the protected resource type. For details, see `Permissions for AssociateWebACL <https://docs.aws.amazon.com/waf/latest/developerguide/security_iam_service-with-iam.html#security_iam_action-AssociateWebACL>`__ in the *WAF Developer Guide*.

   

  **Temporary inconsistencies during updates**

   

  When you create or change a web ACL or other WAF resources, the changes take a small amount of time to propagate to all areas where the resources are stored. The propagation time can be from a few seconds to a number of minutes.

   

  The following are examples of the temporary inconsistencies that you might notice during change propagation:

   

  
  * After you create a web ACL, if you try to associate it with a resource, you might get an exception indicating that the web ACL is unavailable.
   
  * After you add a rule group to a web ACL, the new rule group rules might be in effect in one area where the web ACL is used and not in another.
   
  * After you change a rule action setting, you might see the old action in some places and the new action in others.
   
  * After you add an IP address to an IP set that is in use in a blocking rule, the new address might be blocked in one area while still allowed in another.
  

  

  See also: `AWS API Documentation <https://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/AssociateWebACL>`_  


  **Request Syntax**
  ::

    response = client.associate_web_acl(
        WebACLArn='string',
        ResourceArn='string'
    )
    
  :type WebACLArn: string
  :param WebACLArn: **[REQUIRED]** 

    The Amazon Resource Name (ARN) of the web ACL that you want to associate with the resource.

    

  
  :type ResourceArn: string
  :param ResourceArn: **[REQUIRED]** 

    The Amazon Resource Name (ARN) of the resource to associate with the web ACL.

     

    The ARN must be in one of the following formats:

     

    
    * For an Application Load Balancer: ``arn:partition:elasticloadbalancing:region:account-id:loadbalancer/app/load-balancer-name/load-balancer-id``
     
    * For an Amazon API Gateway REST API: ``arn:partition:apigateway:region::/restapis/api-id/stages/stage-name``
     
    * For an AppSync GraphQL API: ``arn:partition:appsync:region:account-id:apis/GraphQLApiId``
     
    * For an Amazon Cognito user pool: ``arn:partition:cognito-idp:region:account-id:userpool/user-pool-id``
     
    * For an App Runner service: ``arn:partition:apprunner:region:account-id:service/apprunner-service-name/apprunner-service-id``
     
    * For an Amazon Web Services Verified Access instance: ``arn:partition:ec2:region:account-id:verified-access-instance/instance-id``
     
    * For an Amplify application: ``arn:partition:amplify:region:account-id:apps/app-id``
    

    

  
  
  :rtype: dict
  :returns: 
    
    **Response Syntax**

    
    ::

      {}
      
    **Response Structure**

    

    - *(dict) --* 
  
  **Exceptions**
  
  *   :py:class:`WAFV2.Client.exceptions.WAFInternalErrorException`

  
  *   :py:class:`WAFV2.Client.exceptions.WAFInvalidParameterException`

  
  *   :py:class:`WAFV2.Client.exceptions.WAFNonexistentItemException`

  
  *   :py:class:`WAFV2.Client.exceptions.WAFUnavailableEntityException`

  
  *   :py:class:`WAFV2.Client.exceptions.WAFInvalidOperationException`

  
  *   :py:class:`WAFV2.Client.exceptions.WAFLimitsExceededException`

  
  *   :py:class:`WAFV2.Client.exceptions.WAFFeatureNotIncludedInPricingPlanException`

  