AWS — WAF (Web Application Firewall) Overview
Introduction to AWS WAF — What is Amazon WAF?
TL;DR
AWS WAF is a managed web application firewall service that helps you protect your web applications at the application layer from common web exploits that could affect application availability, compromise security, and/or consume excessive resources.
It lets you control access to your content by configuring rules that allow, block or monitor (count) web requests based on web security rules that you specify.
WAF can be natively applied on
- CloudFront
- Application Load Balancer
- API Gateway
- AppSync
WAF Components
Web ACL
You use a web access control list (ACL) to protect a set of AWS resources.
- You create a Web ACL and define its protection strategy by adding rules.
- You can add the rules and rule groups that you want to use to filter web requests.
- You can attach multiple Rules Groups and multiple Custom Rules to Web ACL.
- You can associate Web ACL with one or more AWS resources.
- You can specify a default…