wafv2:GetDecryptedAPIKey

Read

wafv2:GetDecryptedAPIKey is a Read access-level action in the wafv2 service. Grants permission to return your API key in decrypted form. Use this to check the token domains that you have defined for the key

Resource types

This action does not support resource-level permissions; use "Resource": "*" in your policy.

Condition keys

No condition keys are documented for this action.

Example IAM policy

A minimal policy that allows wafv2:GetDecryptedAPIKey. Replace "Resource": "*" with a specific ARN to follow least privilege.

{
  "Version": "2012-10-17",
  "Statement": [
    {
      "Sid": "AllowWafv2GetDecryptedAPIKey",
      "Effect": "Allow",
      "Action": "wafv2:GetDecryptedAPIKey",
      "Resource": "*"
    }
  ]
}

Related actions in wafv2

View all wafv2 actions →