Getting notified of new versions and updates to a managed rule group
A managed rule group provider uses SNS notifications to announce rule group changes, like upcoming new versions and urgent security updates.
How to subscribe to SNS notifications
To subscribe to notifications for a rule group, you create an Amazon SNS subscription for the rule group's Amazon SNS topic ARN in the US East (N. Virginia) Region us-east-1.
For information about how to subscribe, see the Amazon Simple Notification Service Developer Guide.
Note
Create your subscription for the SNS topic only in the us-east-1 Region.
The versioned Amazon Managed Rules rule groups all use the same SNS topic Amazon Resource Name (ARN). For more information about Amazon Managed Rules rule group notifications, see Deployment notifications.
Where to find the Amazon SNS topic ARN for a managed rule group
Amazon Managed Rules rule groups use a single SNS topic ARN, so you can retrieve the topic ARN from one of the rule groups and subscribe to it to get notifications for all of the Amazon Managed Rules rule groups that provide SNS notifications.
-
Console
-
(Option) When you add the managed rule group to your web ACL, choose Edit to see the rule group's information, which includes the rule group's Amazon SNS topic ARN.
-
(Option) After you've added the managed rule group into your web ACL, choose Edit on the web ACL, and then select and edit the rule group rule to see the rule group's Amazon SNS topic ARN.
-
-
API –
DescribeManagedRuleGroup -
CLI –
aws wafv2 describe-managed-rule-group --scope=<CLOUDFRONT|REGIONAL> --vendor-name <vendor> --name <managedrule_name>
For general information about Amazon SNS notification formats and how to filter the notifications that you receive, see Parsing message formats and Amazon SNS subscription filter policies in the Amazon Simple Notification Service Developer Guide.