AWS WAFv2
Best practices and references below are based on published guidance from the cloud service provider and may reference native capabilities the cloud service provider offers. If you are not using the native security capabilities, the same security requirement can be met using other security capabilities your organization utilizes
Design Guidance:
Description | ||
Name | ||
Ipaddress Version | ||
Addresses |
Ipset Reference Statement-Arn |
Tags |
Tags |
Tags |
Name |
Description | ||
Name | ||
Rules | ||
Rules-Name | ||
Rules-Priority | ||
Byte Match Statement-Search String | ||
Byte Match Statement-Search String Base64 | ||
Field To Match-Single Header | ||
Field To Match-Single Query Argument | ||
Field To Match-All Query Arguments | ||
Field To Match-Uri Path | ||
Field To Match-Query String | ||
Field To Match-Body | ||
Field To Match-Method | ||
Byte Match Statement-Positional Constraint | ||
Size Constraint Statement-Comparison Operator | ||
Size Constraint Statement-Size | ||
Regex Pattern Set Reference Statement-Arn |
Design Guidance:
Regular Expression List |
Text Transformations-Priority | ||
Text Transformations-Type |
Design Guidance:
Geo Match Statement-Country Codes |
Description | ||
Name |
Resource Arn | ||
Web Aclarn |
Design Guidance:
Rate Based Statement-Limit | ||
Rate Based Statement-Aggregate Key Type |
Design Guidance:
Action-Allow | ||
Action-Block | ||
Action-Count |
Default Action-Allow | ||
Default Action-Block |
Design Guidance:
Visibility Config-Sampled Requests Enabled | ||
Visibility Config-Cloud Watch Metrics Enabled | ||
Visibility Config-Metric Name |
Last modified 7mo ago