The article Protect Web Sites & Services Using Rate-Based Rules for AWS WAF discusses how to define a Rate-based Rule to control when IP addresses are added to and removed from a blacklist.
Are these rate limits evaluated globally, across all CloudFront edges that have WAF deployed, or are they evaluated locally, in each edge location individually?
It's done globally. Aggregated across all POPs.
You are not logged in. Log in to post an answer.
A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.