Introducing a new console experience for Amazon WAF
You can now use the updated experience to access Amazon WAF functionality anywhere in the console. For more details, see Working with the updated console experience.
Version life cycle for managed rule groups
Providers handle the following life cycle stages of a managed rule group static version:
-
Release and updates – A managed rule group provider announces upcoming and new static versions of their managed rule groups through notifications to an Amazon Simple Notification Service (Amazon SNS) topic. Providers might also use the topic to communicate other important information about their rule groups, such as urgent required updates.
You can subscribe to the rule group's topic and configure how you want to receive notifications. For more information see Getting notified of new versions and updates.
-
Expiration scheduling – A managed rule group provider schedules older versions of a rule group for expiration. A version that's scheduled to expire cannot be added to your protection pack or web ACL rules. After expiration is scheduled for a version, Amazon WAF tracks the expiration with a countdown metric in Amazon CloudWatch.
-
Version expiration – If you have a protection pack or web ACL configured to use an expired version of a managed rule group, then during protection pack or web ACL evaluation, Amazon WAF uses the rule group's default version. Additionally, Amazon WAF blocks any updates to the protection pack or web ACL that don't either remove the rule group or change its version to an unexpired one.
If you use Amazon Web Services Marketplace managed rule groups, ask the provider for any additional information about version life cycles.