Turbot Guardrails Hub 
Hub
Mods
AWS
171
Mods
429
Resource Types
6,702
Policies
2,320
Controls
1,637
Quick Actions
524
IAM

IAM Role: AWS/WAF/Operator

PermissionGrant
waf:TagResourceOperator
waf:UntagResourceOperator
wafv2:TagResourceOperator
wafv2:UntagResourceOperator
waf:GetIPSetReadOnly
waf:GetPermissionPolicyReadOnly
waf:GetRateBasedRuleReadOnly
waf:GetRateBasedRuleManagedKeysReadOnly
waf:GetWebACLReadOnly
waf:GetByteMatchSetMetadata
waf:GetChangeTokenMetadata
waf:GetChangeTokenStatusMetadata
waf:GetGeoMatchSetMetadata
waf:GetLoggingConfigurationMetadata
waf:GetRegexMatchSetMetadata
waf:GetRegexPatternSetMetadata
waf:GetRuleMetadata
waf:GetRuleGroupMetadata
waf:GetSampledRequestsMetadata
waf:GetSizeConstraintSetMetadata
waf:GetSqlInjectionMatchSetMetadata
waf:GetXssMatchSetMetadata
waf:ListActivatedRulesInRuleGroupMetadata
waf:ListByteMatchSetsMetadata
waf:ListGeoMatchSetsMetadata
waf:ListIPSetsMetadata
waf:ListLoggingConfigurationsMetadata
waf:ListRateBasedRulesMetadata
waf:ListRegexMatchSetsMetadata
waf:ListRegexPatternSetsMetadata
waf:ListRuleGroupsMetadata
waf:ListRulesMetadata
waf:ListSizeConstraintSetsMetadata
waf:ListSqlInjectionMatchSetsMetadata
waf:ListSubscribedRuleGroupsMetadata
waf:ListTagsForResourceMetadata
waf:ListWebACLsMetadata
waf:ListXssMatchSetsMetadata
wafv2:CheckCapacityMetadata
wafv2:DescribeManagedRuleGroupMetadata
wafv2:GetIPSetMetadata
wafv2:GetLoggingConfigurationMetadata
wafv2:GetManagedRuleSetMetadata
wafv2:GetPermissionPolicyMetadata
wafv2:GetRateBasedStatementManagedKeysMetadata
wafv2:GetRegexPatternSetMetadata
wafv2:GetRuleGroupMetadata
wafv2:GetSampledRequestsMetadata
wafv2:GetWebACLMetadata
wafv2:GetWebACLForResourceMetadata
wafv2:ListAvailableManagedRuleGroupsMetadata
wafv2:ListIPSetsMetadata
wafv2:ListLoggingConfigurationsMetadata
wafv2:ListManagedRuleSetsMetadata
wafv2:ListRegexPatternSetsMetadata
wafv2:ListResourcesForWebACLMetadata
wafv2:ListTagsForResourceMetadata
wafv2:ListWebACLsMetadata