- Newest
- Most votes
- Most comments
Yes, you do pay for AWS WAF Web ACLs even if no resources are associated with them. AWS WAF charges are based on the number of web access control lists (web ACLs) that you create, the number of rules that you add per web ACL, and the number of web requests that you receive. There is a monthly fee for each web ACL and rule, regardless of whether they are actively protecting resources.
However, AWS has recently introduced enhancements to help optimize costs related to unassociated web ACLs. AWS Firewall Manager now supports a new policy feature that ensures AWS WAF web ACLs are only created in AWS accounts with resources in scope. Additionally, AWS Firewall Manager will remove web ACLs from AWS accounts that no longer have resources within scope. This new functionality helps customers optimize costs associated with unassociated web ACLs and effectively scale existing Firewall Manager WAF policies across organizations and accounts.
To minimize unnecessary costs, it's recommended to regularly review your AWS WAF configurations and remove any unused web ACLs or rules. You can also leverage AWS Firewall Manager's new features to automatically manage web ACL creation and removal based on resource scope.
Sources
Pricing - AWS WAF - Amazon Web Services (AWS)
AWS Firewall Manager announces enhancements to optimize AWS WAF web ACL creation in AWS accounts
Relevant content
- asked 6 months ago
- asked 2 years ago
- AWS OFFICIALUpdated 5 months ago
- AWS OFFICIALUpdated 5 months ago
- AWS OFFICIALUpdated 3 months ago
