Formatting your API Gateway’s Application Resource Name (ARN), you will need this to associate it to the WebACL. YAML indentation - I’d recommend installing cfn-lint, a huge help for formatting YAML files and catching bugs early. I got the tip on these ahead of my implementation thanks to Natalie’s article. Use AWS WAF to control access to your content and to monitor the requests that are forwarded to an Amazon CloudFront distribution, an Amazon API Gateway REST API, an Application Load Balancer, an AWS AppSync GraphQL API, Amazon Cognito user pool, an AWS App Runner service, or an AWS Verified Access instance. Hence, this post is to help those who are as lost as I was configuring a WAFV2 with an API gateway. 02 Navigate to API Gateway dashboard at 03 In the left navigation panel, select APIs to open the APIs listing page. It enables you to configure an ACL, which is a set of rules. To determine if your Amazon API Gateway API stages are associated with WAF Web ACLs, perform the following actions: Using AWS Console 01 Sign in to AWS Management Console. Configuring the WAFV2 with an API is pretty straightforward, however, there are little resources available online. AWS WAF is a web application firewall that helps protect web applications and APIs from attacks. 
After some research I found that many others also faced this issue, mainly because the ‘Classic WAF’ has been depreciated by AWS.ĪWS WAFV2 is the latest version of the AWS WAF API released in November 2019.
I ran into an issue where my WebACL would not properly associate to the API. The only quality documentation I could find was from our very own Natalie Laing in this post she wrote back in 2019. I recently had to attach a Web Application Firewall (WAF) regional Access Control List (ACL) to an API gateway created using the Serverless Framework.
0 kommentar(er)
