- Newest
- Most votes
- Most comments
WAF is only available for REST APIs, not HTTP. https://docs.aws.amazon.com/waf/latest/developerguide/what-is-aws-waf.html#waf-intro
Hi, WAF is available for Rest api type as mentioned above.
If you have http api type, you can either front your api Gateway with CloudFront and associate WAF with CloudFront, or add an Application Load Balancer (ALB) after the api gateway, and associate WAF with the ALB.
Hope it helps ;)
The following steps in AWS WAF will help you to set up the system.
When linking AWS WAF Web ACLs, create a Web ACL in the same region as the API Gateway.
https://docs.aws.amazon.com/waf/latest/developerguide/web-acl-associating-aws-resource.html
Ah yes, you are right. Sorry, was confused by the region in the top bar, which is set to global when I click to ACLs. However, I have the same view as you for the actual creation; and, my ACL is created in US-east-1, as is the API gateway. Here's what I see:
Yeah, that doesn't work either because the API Gateway resource is not listed in the Add AWS Resources tab.
The region might be the issue - I can only create ACLs in "Global" (they others are grayed out), whereas the API Gateway is us-east-1.
My screen allows me to choose a region on the Web ACL screen.
When creating the Web ACL, did you select "Regional resources"?
Relevant content
- asked 2 years ago
- asked 3 years ago
AWS OFFICIALUpdated 8 months ago- AWS OFFICIALUpdated 5 months ago
- AWS OFFICIALUpdated 4 months ago
- AWS OFFICIALUpdated 5 months ago
Although the protocol is HTTP, WAF can only be configured for Rest API. Are you creating an API Gateway with Rest API?