What

WAF stands for web application firewall

Can be deployed on

1. Application Load Balancer
2. API Gateway
3. CloudFront
4. AppSync GraphQL API
5. Cognito User Pool

Web ACL

Web ACL rules can filter

1. IP Set: Up to 10,000 IP addresses
2. HTTP Headers
3. HTTP Body
4. HTTP query string
5. Geo Match
6. Rate Based

Protect From

1. SQL Injection
2. XSS
3. Size Contraint
4. DDoS

Web ACL is regional except from CloudFront

Web ACL Rule Group

A reusable group of Web ACL rules

Web ACL with fixed IP

To fix IP, you can use a Global Accelerator.