Amazon WAF rules that add labels
In almost all rules, you can define labels and Amazon WAF will apply them to any matching request.
The following rule types are the only exceptions:
-
Rate-based rules label only while rate limiting – Rate-based rules only add labels to web requests for a specific aggregation instance while that instance is being rate limited by Amazon WAF. For information about rate-based rules, see Using rate-based rule statements in Amazon WAF.
-
Labeling isn't allowed in rule group reference statements – The console doesn't accept labels for these rule types. Through the API, specifying a label for either statement type results in a validation exception. For information about these statement types, see Using managed rule group statements in Amazon WAF and Using rule group statements in Amazon WAF.
WCUs – 1 WCU for every 5 labels that you define in your web ACL or rule group rules.
Where to find this
-
Rule builder on the console – Under the rule's Action settings, under Label.
-
API data type –
Rule
RuleLabels
You define a label in a rule by specifying the custom namespace strings and name to append to the label namespace prefix. Amazon WAF derives the prefix from the context in which you define the rule. For information about this, see the label syntax information under Label syntax and naming requirements in Amazon WAF.