Image from @awsgeek
- 📒 Homepage ∙ Documentation ∙ FAQ ∙ Pricing
- WAF (Web Application Firewall) is used in conjunction with the CloudFront and ALB services to inspect and block/allow web requests based on user-configurable conditions.
- HTTPS and HTTP requests are supported with this service.
- WAF's strength is in detecting malicious activity based on pattern-matching inputs for attacks such as SQL injections, XSS, etc.
- WAF supports inspection of requests received through both IPv6 and IPv4.
- Getting a WAF API call history can be done through CloudTrail. This is enabled through the CloudTrail console.
- It's also possible to get full logs of all the web requests inspected
WAF Gotchas and Limitations
- As of May 2019, AWS WAF is available on Amazon CloudFront and in 12 commercial AWS regions: US East (N. Virginia), US East (Ohio), US West (Oregon), US West (N. California), EU (Ireland), EU (Frankfurt), EU (London), EU (Stockholm), Asia Pacific (Tokyo), Asia Pacific (Sydney), Asia Pacific (Singapore), and Asia Pacific (Seoul).