Introducing AWS Managed Rules for AWS WAF

Posted on: Nov 25, 2019

AWS WAF announces AWS Managed Rules (AMRs), a set of AWS WAF rules curated and maintained by the AWS Threat Research Team. With just a few clicks, AMRs can help protect your web applications from new and emerging threats, so you don’t need to spend time researching and writing your own rules. AMRs are based on common Internet threats, including security risks referenced in the OWASP Top 10 publication. AMRs also include IP reputation lists based on Amazon threat intelligence that can help reduce your exposure to bot traffic.

In addition to offering AMRs, we have updated the APIs and console experience for AWS WAF, allowing you to add multiple AMRs to your web access control list (web ACL) or write hundreds of your own rules. The new APIs support full logical operators, chained text transformations, and the ability to express rules in JSON format. You can also create conditions that match on flexible IPv4 and IPv6 CIDR ranges by configuring any subnet mask. Finally, the new APIs for AWS WAF allows you to create web ACL and update rules using the AWS CloudFormation templates.

These AWS WAF enhancements, including AMRs, are available at no additional cost in all AWS Regions where AWS WAF is currently available. Managed rules from AWS Marketplace sellers like Cyber Security Cloud and Fortinet are also available on these new APIs. The original WAF APIs (now called AWS WAF Classic) remain available to customers as well.

To get started with AMRs for AWS WAF, simply log in to the AWS Management Console, navigate to AWS WAF, and click “Create Web ACL.” You will then be guided by an onboarding wizard to enable AMRs. Learn more about AMRs by visiting our latest blog post and the AWS WAF developer guide.