Amazon WAF
Amazon WAF is a web application firewall that lets you monitor the HTTP(S) requests that are forwarded to your protected web application resources. You can protect the following resource types:
Amazon CloudFront distribution
Amazon API Gateway REST API
Application Load Balancer
Amazon AppSync GraphQL API
Amazon Cognito user pool
Amazon App Runner service
Amazon Verified Access instance
Amazon WAF lets you control access to your content. Based on criteria that you specify, such as the IP addresses that requests originate from or the values of query strings, the service associated with your protected resource responds to requests either with the requested content, with an HTTP 403 status code (Forbidden), or with a custom response.
Note
You can also use Amazon WAF to protect your applications that are hosted in Amazon Elastic Container Service (Amazon ECS) containers. Amazon ECS is a highly scalable, fast container management service that makes it easy to run, stop, and manage Docker containers on a cluster. To use this option, you configure Amazon ECS to use an Application Load Balancer that is enabled for Amazon WAF to route and protect HTTP(S) layer 7 traffic across the tasks in your service. For more information, see Service Load Balancing in the Amazon Elastic Container Service Developer Guide.
Topics
- Setting up Amazon WAF and its components
- How Amazon WAF works
- Using web ACLs in Amazon WAF
- Amazon WAF rules
- Amazon WAF rule groups
- Web ACL capacity units (WCUs) in Amazon WAF
- Oversize web request components in Amazon WAF
- Supported regular expression syntax in Amazon WAF
- IP sets and regex pattern sets in Amazon WAF
- Customized web requests and responses in Amazon WAF
- Web request labeling in Amazon WAF
- Intelligent threat mitigation in Amazon WAF
- Logging Amazon WAF web ACL traffic
- Testing and tuning your Amazon WAF protections
- Using Amazon WAF with Amazon CloudFront
- Security in your use of the Amazon WAF service
- Amazon WAF quotas
- Migrating your Amazon WAF Classic resources to Amazon WAF