Overview

Configuration to create WAF Web ACLs with AWS Managed Rules to protect internet-facing applications. Web ACLs can be applied to CloudFront distributions, Application Load Balancers (ALBs), and API Gateways.

Select from the following options to ensure the appropriate configuration for your environment and application: 

  • Setting the scope to Regional or CloudFront depending on the resource you want to associate the Web ACL with.
  • Use the Customize WAF Rules option to select the appropriate WAF rules to protect your application. Rules include general vulnerability and OWASP protections, known bad IP lists, specific use-cases such as WordPress or SQL database protections, and more.
  • Set the visibility configuration settings for the Web ACL and for each rule to create matching CloudWatch metrics for monitoring the WAF rules.

Configuration Templates

Items
1
Size
0.4 KB
Missing Parameters
AWSTemplateFormatVersion: '2010-09-09'
Description: ''
Resources:
  WafWebAcl:
    Type: 'AWS::WAFv2::WebACL'
    Properties:
      Name: ''
      Scope: REGIONAL
      DefaultAction:
        Allow: {}
      VisibilityConfig:
        CloudWatchMetricsEnabled: true
        MetricName: ''
        SampledRequestsEnabled: true
      Rules: []
Parameters: {}
Metadata: {}
Conditions: {}

Actions



Customize Template

AWS Managed WAF Rules

Visibility Configuration

* Required field

Sources and Documentation

Configuration Source: AWS Documentation

Additional Documentation:

Configuration References:

© 2020 asecurecloud Inc. All Rights Reserved.