{"slug":"iam-aws-wafv2","cloud":"aws","service":"wafv2","title":"AWS WAF V2 (IAM)","description":"AWS WAF is a web application firewall that helps protect your web applications from common web exploits.","category":"security","common_permissions":["wafv2:ListWebACLs","wafv2:GetWebACL","wafv2:ListRuleGroups","wafv2:GetRuleGroup","wafv2:ListIPSets","wafv2:GetIPSet","wafv2:GetSampledRequests","wafv2:GetLoggingConfiguration"],"least_privilege_example":"{\n  \"Version\": \"2012-10-17\",\n  \"Statement\": [\n    {\n      \"Effect\": \"Allow\",\n      \"Action\": [\n        \"wafv2:ListWebACLs\",\n        \"wafv2:GetWebACL\",\n        \"wafv2:ListRuleGroups\",\n        \"wafv2:GetRuleGroup\",\n        \"wafv2:ListIPSets\",\n        \"wafv2:GetIPSet\",\n        \"wafv2:GetSampledRequests\",\n        \"wafv2:GetLoggingConfiguration\"\n      ],\n      \"Resource\": \"*\"\n    }\n  ]\n}","warnings":["Avoid wafv2:* — grants full control including web ACL and rule group deletion","Avoid wafv2:DeleteWebACL and wafv2:DeleteRuleGroup — can remove critical web application protections"],"docs":"https://servicereference.us-east-1.amazonaws.com/v1/wafv2/wafv2.json","tags":["iam","aws"],"last_verified":"2026-06-14T00:00:00.000Z","next_check":"2026-12-11T00:00:00.000Z","created_at":"2026-06-14T04:49:42.270Z","updated_at":"2026-06-14T04:49:42.270Z"}