Documenting Gotchas in AWS's WAF Offerings

submited by
Style Pass
2022-01-17 19:00:08

Most recently, CVE-2021-44228 pushed all of us into adopting slapdash measures to protect our applications. One such newfound technique that gained some traction was WAF or the Web Application Firewall. A WAF protects your web applications or APIs against common web exploits that may affect availability, compromise security, or consume excessive resources. AWS supports this via the AWS WAF offering and provides the payer accounts with the flexibility to deploy them centrally on the child accounts using AWS Firewall Manager. My experience with both of these offerings is quite limited but a single iteration of the deployment cycle for both of these services highlighted a few glaring gotchas hidden in plain sight or sometimes missing from the docs. I hope this guide will help the folks in security or infrastructure to make more informed deployments. 👀

Only the first 8 KB (8,192 bytes) of the request body are forwarded to AWS WAF for inspection. For information about how to manage this, see Web request body inspection.

Leave a Comment