Introducing versioning for AWS WAF Bot & Fraud Control managed rule groups

Posted on: May 30, 2024

AWS WAF now allows you to select specific versions of Bot Control and Fraud Control managed rule groups within your web ACLs. This provides greater control over managing traffic when AWS makes new managed rule groups updates available to you.

With versioning, you gain the flexibility to test new and updated bot and fraud rules before deploying them to production. For example, you can apply a new version of a managed rule group to a staging environment to validate efficacy. You can then incrementally roll out the version across production to closely monitor impact before fully enabling it. If a new version inadvertently causes issues, you can swiftly roll back to the previous version to instantly restore original behavior.

With this launch, you will be configured to use the default version (v1.0) of Bot Control and Fraud Control managed rules groups, and you will continue to receive periodic AWS updates. If you do not want to receive updates automatically, you can select a specific version and you will remain on that version you selected until you manually update or till it reaches end of life. For more information and best practices about version management, see documentation.

There is no additional cost for using versioning, but standard AWS WAF service charges still apply. Visit the AWS WAF console today to start using versioning for your Bot and Fraud Control managed rule groups.