AWS CloudFormation
User Guide (Version )

The AWS Documentation website is getting a new look!
Try it now and let us know what you think. Switch to the new look >>

You can return to the original look by selecting English in the language selector above.


The RegexPatternSet specifies the regular expression (regex) pattern that you want AWS WAF to search for, such as B[a@]dB[o0]t. You can then configure AWS WAF to reject those requests.

Note that you can only create regex pattern sets using a CloudFormation template. To add the regex pattern sets created through CloudFormation to a RegexMatchSet, use the AWS WAF console, API, or command line interface (CLI). For more information, see UpdateRegexMatchSet.


To declare this entity in your AWS CloudFormation template, use the following syntax:


{ "Type" : "AWS::WAFRegional::RegexPatternSet", "Properties" : { "Name" : String, "RegexPatternStrings" : [ String, ... ] } }


Type: AWS::WAFRegional::RegexPatternSet Properties: Name: String RegexPatternStrings: - String



A friendly name or description of the AWS::WAFRegional::RegexPatternSet. You can't change Name after you create a RegexPatternSet.

Required: Yes

Type: String

Minimum: 1

Maximum: 128

Update requires: Replacement


Specifies the regular expression (regex) patterns that you want AWS WAF to search for, such as B[a@]dB[o0]t.

Required: Yes

Type: List of String

Maximum: 10

Update requires: No interruption

Return Values


When you pass the logical ID of this resource to the intrinsic Ref function, Ref returns the resource physical ID, such as 1234a1a-a1b1-12a1-abcd-a123b123456.

For more information about using the Ref function, see Ref.


Define Regular Expression Pattern

The following example defines a regular expression (regex) pattern for a web access control list (ACL) rule.


"MyRegexPatternSet": { "Type": "AWS::WAFRegional::RegexPatternSet", "Properties": { "Name": "Regex Pattern Set", "RegexPatternStrings": ["badbot", "danger"] } }


MyRegexPatternSet: Type: "AWS::WAFRegional::RegexPatternSet" Properties: Name: "Regex Pattern Set" RegexPatternStrings: - "[B[a@]dB[o0]t" - "D[a@]ng[e3]rStr[i1]ng"

Associate a RegexPatternSet with a Web ACL Rule

The following example associates the MyRegexPatternSet with a web ACL rule.


"MyRegexRule" : { "Type": "AWS::WAFRegional::Rule", "Properties": { "Name": "MyRegexRule", "MetricName" : "MyRegexRule", "Predicates": [ { "DataId" : { "Ref" : "MyRegexPatternSet" }, "Negated" : false, "Type" : "RegexMatch" } ] } }


MyRegexRule: Type: "AWS::WAFRegional::Rule" Properties: Name: "MyRegexRule" MetricName: "MyRegexRule" Predicates: - DataId: Ref: "MyRegexPatternSet" Negated: false Type: "RegexMatch"

Create a Web ACL

The following example associates the MyRegexRule rule with a web ACL. The web ACL allows requests except for those that include strings defined by MyRegexRule.


"MyWebACL": { "Type": "AWS::WAFRegional::WebACL", "Properties": { "Name": "WebACL to block certain regex strings", "DefaultAction": { "Type": "ALLOW" }, "MetricName" : "MyWebACL", "Rules": [ { "Action" : { "Type" : "BLOCK" }, "Priority" : 1, "RuleId" : { "Ref" : "MyRegexRule" } } ] } }


MyWebACL: Type: "AWS::WAFRegional::WebACL" Properties: Name: "WebACL to block certain regex strings" DefaultAction: Type: "ALLOW" MetricName: "MyWebACL" Rules: - Action: Type: "BLOCK" Priority: 1 RuleId: Ref: "MyRegexRule"