Skip to content

AWS Solutions Architect Associate (SAA-C02)

Web Application Firewall (WAF)

  • Protects your application from common layer 7 web exploits such as SQL Injection and Cross-Site Scripting (XSS)
  • Layer 7 has more data about the structure of the incoming request than layer 4 (used by AWS Shield)
  • Can only be deployed on
  • WAF contains Web ACL (Access Control List) containing rules to filter requests based on:
    • IP addresses
    • HTTP headers
    • HTTP body
    • URI strings
    • Size constraints (ex. max 5kb)
    • Geo-match (block countries)
    • Rate-based rules (to count occurrences of events per IP) for DDoS protection

Last updated: 2022-06-03