AWS WAF

What is AWS WAF?WAF

AWS WAF is a web application firewall that lets you monitor the HTTP and HTTPS requests that are forwarded to Amazon CloudFront or an Application Load Balancer or to API Gateway. AWS WAF also lets you control access to your content.

You can configure conditions such as what IP addresses are allowed to make this request or what query string parameters need to be passed for the request to be allowed, and then the application load balancer or CloudFront will either allow this content to be received or to giveA HTTP 403 Status Code

What is AWS WAF?WAF

At its most basic level, AWS WAF allows 3 different behaviours:

• Allow all requests except the ones that you specify• Block all requests except the ones that you specify• Count the requests that match the properties that you specify

What is AWS WAF?WAF

More protection against web attacks using conditions that you specify. You can define conditions by using characteristics of web requests such as:

• IP addresses that requests originate from.• Country that requests originate from.• Values in request headers.• Strings that appear in requests, either specific strings or string that match

regular expression (regex) patterns.• Length of requests.• Presence of SQL code that is likely to be malicious (or ‘SQL injection’).• Presence of a script that is likely to be malicious (known as cross-site

scripting).

Which Services Does It integrate with?WAF

WAF Integrates with the following services:

• Application Load Balancers• CloudFront• API Gateway

It DOES NOT integrate with:

• Classic Load Balancers• Network Load Balancers

Exam TipsWAF

AWS WAF is a web application firewall that lets you monitor the HTTP and HTTPS requests that are forwarded to Amazon CloudFront or an Application Load Balancer or to API Gateway. AWS WAF also lets you control access to your content.

It does not integrate with Classic or Network Load Balancers.