Step 3: Create a rule group - Amazon WAF, Amazon Firewall Manager, and Amazon Shield Advanced
Services or capabilities described in Amazon Web Services documentation might vary by Region. To see the differences applicable to the China Regions, see Getting Started with Amazon Web Services in China (PDF).

Step 3: Create a rule group


This is Amazon WAF Classic documentation. You should only use this version if you created Amazon WAF resources, like rules and web ACLs, in Amazon WAF prior to November 2019, and you have not migrated them over to the latest version yet. To migrate your resources, see Migrating your Amazon WAF Classic resources to Amazon WAF.

For the latest version of Amazon WAF, see Amazon WAF.

A rule group is a set of rules that defines what actions to take when a particular set of conditions is met. You can use managed rule groups from Amazon Web Services Marketplace, and you can create your own rule groups. For information about managed rule groups, see Amazon Web Services Marketplace rule groups.

To create your own rule group, perform the following procedure.

To create a rule group (console)
  1. Sign in to the Amazon Web Services Management Console using the Amazon Firewall Manager administrator account that you set up in the prerequisites, and then open the Firewall Manager console at

  2. In the navigation pane, choose Security policies.

  3. If you have not met the prerequisites, the console displays instructions about how to fix any issues. Follow the instructions, and then begin this step (create a rule group) again. If you have met the prerequisites, choose Close.

  4. Choose Create policy.

    For Policy type, choose Amazon WAF Classic.

  5. Choose Create an Amazon Firewall Manager policy and add a new rule group.

  6. Choose an Amazon Web Services Region, and then choose Next.

  7. Because you already created rules, you don't need to create conditions. Choose Next.

  8. Because you already created rules, you don't need to create rules. Choose Next.

  9. Choose Create rule group.

  10. For Name, enter a friendly name.

  11. Enter a name for the CloudWatch metric that Amazon WAF Classic will create and will associate with the rule group. The name can contain only alphanumeric characters (A-Z, a-z, 0-9) or the following special characters: _-!"#`+*},./. It can't contain white space.

  12. Select a rule, and then choose Add rule. A rule has an action setting that allows you to choose whether to allow, block, or count requests that match the rule's conditions. For this tutorial, choose Count. Repeat adding rules until you have added all the rules that you want to the rule group.

  13. Choose Create.

You are now ready to go to Step 4: Create and apply an Amazon Firewall ManagerAmazon WAF Classic policy.