Create AWS WAF Rules
2.1 AWS CloudFormation to create AWS WAF ACL for Application Load Balancer
Using AWS CloudFormation, we are going to deploy a basic example
AWS WAF configuration for use with Application Load Balancer.
- Sign in to the AWS Management Console, select your preferred region, and open the CloudFormation console at https://console.aws.amazon.com/cloudformation/. Note if your CloudFormation console does not look the same, you can enable the redesigned console by clicking New Console in the CloudFormation menu.
- Click Create New Stack.
- Select Specify an Amazon S3 template URL and enter the following URL for the template:
https://s3-us-west-2.amazonaws.com/aws-well-architected-labs/Security/Code/waf-regional.yaml and click Next.
- Enter the following details:
- Stack name: The name of this stack. For this lab, use
- WAFName: Enter the base name to be used for resource and export names for this stack. For this lab, you can use
- WAFCloudWatchPrefix: Enter the name of the CloudWatch prefix to use for each rule using alphanumeric
characters only. For this lab, you can use
The remainder of the parameters can be left as defaults.
- Click Next.
- In this scenario, we won’t add any tags or other options. Click Next.
- Review the information for the stack. When you’re satisfied with the settings, click Create.
- After a few minutes, the stack status should change from CREATE_IN_PROGRESS to CREATE_COMPLETE.
- You have now set up a basic AWS WAF configuration ready for Application Load Balancer to use!