AWS WAF charges based on the number of web access control lists (web ACLs) that you create, the number of rules that you add per web ACL, and the number of web requests that you receive. There are no upfront commitments. AWS WAF charges are in addition to Amazon CloudFront Pricing and/or the Application Load Balancer (ALB) pricing.

WebACLs and Rule Charges

AWS WAF charges based on the number of WebACLs that you create and the number of rules that you add per WebACL. WebACLs and their added rules are metered regardless of whether they are associated with a resource which could be ether a CloudFront distribution or an Application Load Balancer. There is no additional charge for reusing web ACLs across multiple CloudFront distributions and Application Load Balancers.

WebACL Charges (in all available Regions)

$5 per web ACL per month

Rule Charges (in all available Regions)

$1 per rule per web ACL per month

Request Charges 

AWS WAF also charges for the amount of web request AWS WAF handles. This is based upon the number of web requests that are evaluated.

Request Charge (in all available Regions)

$0.60 per million web requests

Managed Rules From AWS Marketplace

When you subscribe to a Managed Rule provided by one of the AWS Marketplace Sellers, you will also be charged the rule fee, and the Request fees based on the price set by the seller. These charges will be in addition to the AWS WAF price described above.

Learn more about Managed Rules for AWS WAF. >>> 

Get Started with AWS for Free

Create a Free Account

Receive twelve months of access to the AWS Free Tier and enjoy AWS Basic Support features including, 24x7x365 customer service, support forums, and more.

Let’s assume you start using AWS WAF at the first of the month to protect eight CloudFront web distributions. For this example, we’ll create two web ACLs, one web ACL with four rules associated to six CloudFront web distributions, and another web ACL with six rules associated to two remaining CloudFront web distributions. The CloudFront web distributions are expected to receive 10 million requests per month in total.

Web ACL

Web ACL charge = # of web ACLs per month * $5

Total web ACL charge = 2 * $5 = $10

Rule

The price for a rule is $1 per month (pro-rated by the hour)

Rule charge = # of rules associated per month * $1

Total rule charge = (4 + 6) * $1 = $10

Request

The price for request is $0.60 per million

Request charge = # of requests per month (in millions) * $0.60

Total request charge = 10 million requests * $0.60 = $6.00

Total Monthly Bill

Total web ACL charge + total rule charge + total request charge = $10 + $10 + $6 = $26

Let’s assume that in addition to the usage scenario in Example 1, you also start using a Managed RuleGroup provided by a Marketplace seller. Sellers charge different prices for different Managed RuleGroups, but for this example, we’ll assume the seller is charging $22 per RuleGroup per month, and $1.15 per MM Requests. This Managed RuleGroup is associated with both your web ACLs. The Amazon CloudFront web distributions are expected to receive 10 million requests per month in total.

You will continue to pay the $26 as per Example 1. In addition, you will also be charged as per below:

AWS WAF Charges

Rule

The price for a Managed Rule is $1 per month

Rule charge = # of rules associated per month * $1

Total rule charge = 2 * $1 = $2 [The Managed Rule is associated with two web ACLs]

AWS Marketplace Charges

RuleGroup

The price for a RuleGroup is set by the seller at $22 per month (pro-rated by the hour)

RuleGroup charge = # of RuleGroups associated per month * $22

Total RuleGroup charge = 2 * $22 = $44

Request

The price for request is $1.15 per million

Request charge = # of requests per month (in millions) * $1.15

Total request charge = 10 million requests * $1.15 = $11.50

Total Marketplace Monthly Bill

Total RuleGroup charge + total request charge = $44 + $11.50 = $55.50