Posted On: Mar 29, 2021
AWS WAF now supports inserting HTTP headers to the user request when WAF allows the request to reach your application. You can use the Request Header Insertion feature to help validate that requests made to your application were evaluated by WAF and configure your application to only allow requests that contain the custom header values that you specify. You can also insert headers so your application can process the request differently based on the presence of the header, or simply log the header in your application logs for reporting and analytics.
You can get started with Request Header Insertion by modifying the Allow or Count action for each new or existing WAF rule, or the default action associated with your web ACL. There is no additional cost for this new feature, but standard service charges for AWS WAF will still apply. This feature is available in all AWS Regions where WAF is available and for each supported service, including Amazon CloudFront, Application Load Balancer, Amazon API Gateway, and AWS AppSync. To learn more, see the AWS WAF developer guide.