Working with managed rule groups - Amazon WAF, Amazon Firewall Manager, Amazon Shield Advanced, and Amazon Shield network security director
Services or capabilities described in Amazon Web Services documentation might vary by Region. To see the differences applicable to the China Regions, see Getting Started with Amazon Web Services in China (PDF).

Introducing a new console experience for Amazon WAF

You can now use the updated experience to access Amazon WAF functionality anywhere in the console. For more details, see Working with the updated console experience.

Working with managed rule groups

This section provides guidance for accessing and managing your managed rule groups.

When you add a managed rule group to your protection pack or web ACL, you can choose the same configuration options as you can your own rule groups, plus additional settings.

Through the console, you access managed rule group information during the process of adding and editing the rules in your protection pack or web ACLs. Through the APIs and the command line interface (CLI), you can directly request managed rule group information.

When you use a managed rule group in your protection pack or web ACL, you can edit the following settings:

  • Version – This is available only if the rule group is versioned. For more information, see Using versioned managed rule groups in Amazon WAF.

  • Override rule actions – You can override the actions for rules in the rule group to any action. Setting them to Count is useful for testing a rule group before using it to manage your web requests. For more information, see Rule group rule action overrides.

  • Scope-down statement – You can add a scope-down statement, to filter out web requests that you don't want to evaluate with the rule group. For more information, see Using scope-down statements in Amazon WAF.

  • Override rule group action – You can override the action that results from the rule group evaluation, and set it to Count only. This option isn't commonly used. It doesn't alter how Amazon WAF evaluates the rules in the rule group. For more information, see Rule group return action override to Count.

To edit the managed rule group settings in your protection pack or web ACL

  • Console

    • (Option) When you add the managed rules group to your protection pack or web ACL, you can choose Edit to view and edit the settings.

    • (Option) After you've added the managed rule group into your protection pack or web ACL, from the protection pack or web ACLs page, choose the protection pack or web ACL you just created. This takes you to the protection pack or web ACL edit page.

      • Choose Rules.

      • Select the rule group, then choose Edit to view and edit the settings.

  • APIs and CLI – Outside of the console, you can manage the managed rule group settings when you create and update the protection pack or web ACL.