AWS WAF is a web application firewall that lets you monitor web requests that are forwarded to Amazon CloudFront distributions or an Application Load Balancer. You can also use AWS WAF to block or allow requests based on conditions that you specify, such as the IP addresses that requests originate from or values in the requests.

Developer Guide
Describes how to get started with AWS WAF. Explains key concepts and provides step-by-step instructions that show you how to use the features.
HTML | PDF | Kindle


API Reference
Describes all the API operations for AWS WAF in detail.

AWS Firewall Manager simplifies your AWS WAF administration and maintenance tasks across multiple accounts and resources. With AWS Firewall Manager, you set up your firewall rules just once. The service automatically applies your rules across your accounts and resources, even as you add new resources. For more information, see the AWS Firewall Manager documentation.

For additional protection against distributed denial of service (DDoS) attacks, AWS also offers AWS Shield Advanced. AWS Shield Advanced provides expanded DDoS attack protection for your Amazon CloudFront distributions, Amazon Route 53 hosted zones, and Elastic Load Balancing load balancers. AWS Shield Advanced incurs additional charges. For more information, see the AWS Shield documentation.

For more information about choosing the right service, see Which should I choose?