AWS WAF Classic endpoints and quotas
The following are the service endpoints and service quotas for this service. To connect programmatically to an AWS service, you use an endpoint. In addition to the standard AWS endpoints, some AWS services offer FIPS endpoints in selected Regions. For more information, see AWS service endpoints. Service quotas, also referred to as limits, are the maximum number of service resources or operations for your AWS account. For more information, see AWS service quotas.
Note
This page provides information related to AWS WAF Classic. If you created AWS WAF resources, like rules and web ACLs, in AWS WAF prior to November 2019, and you have not migrated your web ACLs over yet, you must use AWS WAF Classic to access those resources. Otherwise, do not use this version.
For information related to the latest version of AWS WAF, see AWS WAF endpoints and quotas.
Service endpoints
| Region Name | Region | Endpoint | Protocol |
|---|---|---|---|
| US East (N. Virginia) | us-east-1 |
waf.amazonaws.com waf-fips.amazonaws.com |
HTTPS HTTPS |
AWS WAF Classic for Application Load Balancers and API Gateway APIs has the following endpoints:
| Region Name | Region | Endpoint | Protocol |
|---|---|---|---|
| US East (Ohio) | us-east-2 |
waf-regional.us-east-2.amazonaws.com waf-regional-fips.us-east-2.amazonaws.com |
HTTPS HTTPS |
| US East (N. Virginia) | us-east-1 |
waf-regional.us-east-1.amazonaws.com waf-regional-fips.us-east-1.amazonaws.com |
HTTPS HTTPS |
| US West (N. California) | us-west-1 |
waf-regional.us-west-1.amazonaws.com waf-regional-fips.us-west-1.amazonaws.com |
HTTPS HTTPS |
| US West (Oregon) | us-west-2 |
waf-regional.us-west-2.amazonaws.com waf-regional-fips.us-west-2.amazonaws.com |
HTTPS HTTPS |
| Africa (Cape Town) | af-south-1 |
waf-regional.af-south-1.amazonaws.com waf-regional-fips.af-south-1.amazonaws.com |
HTTPS HTTPS |
| Asia Pacific (Hong Kong) | ap-east-1 |
waf-regional.ap-east-1.amazonaws.com waf-regional-fips.ap-east-1.amazonaws.com |
HTTPS HTTPS |
| Asia Pacific (Hyderabad) | ap-south-2 |
waf-regional.ap-south-2.amazonaws.com waf-regional-fips.ap-south-2.amazonaws.com |
HTTPS HTTPS |
| Asia Pacific (Jakarta) | ap-southeast-3 |
waf-regional.ap-southeast-3.amazonaws.com waf-regional-fips.ap-southeast-3.amazonaws.com |
HTTPS HTTPS |
| Asia Pacific (Melbourne) | ap-southeast-4 |
waf-regional.ap-southeast-4.amazonaws.com waf-regional-fips.ap-southeast-4.amazonaws.com |
HTTPS HTTPS |
| Asia Pacific (Mumbai) | ap-south-1 |
waf-regional.ap-south-1.amazonaws.com waf-regional-fips.ap-south-1.amazonaws.com |
HTTPS HTTPS |
| Asia Pacific (Osaka) | ap-northeast-3 |
waf-regional.ap-northeast-3.amazonaws.com waf-regional-fips.ap-northeast-3.amazonaws.com |
HTTPS HTTPS |
| Asia Pacific (Seoul) | ap-northeast-2 |
waf-regional.ap-northeast-2.amazonaws.com waf-regional-fips.ap-northeast-2.amazonaws.com |
HTTPS HTTPS |
| Asia Pacific (Singapore) | ap-southeast-1 |
waf-regional.ap-southeast-1.amazonaws.com waf-regional-fips.ap-southeast-1.amazonaws.com |
HTTPS HTTPS |
| Asia Pacific (Sydney) | ap-southeast-2 |
waf-regional.ap-southeast-2.amazonaws.com waf-regional-fips.ap-southeast-2.amazonaws.com |
HTTPS HTTPS |
| Asia Pacific (Tokyo) | ap-northeast-1 |
waf-regional.ap-northeast-1.amazonaws.com waf-regional-fips.ap-northeast-1.amazonaws.com |
HTTPS HTTPS |
| Canada (Central) | ca-central-1 |
waf-regional.ca-central-1.amazonaws.com waf-regional-fips.ca-central-1.amazonaws.com |
HTTPS HTTPS |
| Europe (Frankfurt) | eu-central-1 |
waf-regional.eu-central-1.amazonaws.com waf-regional-fips.eu-central-1.amazonaws.com |
HTTPS HTTPS |
| Europe (Ireland) | eu-west-1 |
waf-regional.eu-west-1.amazonaws.com waf-regional-fips.eu-west-1.amazonaws.com |
HTTPS HTTPS |
| Europe (London) | eu-west-2 |
waf-regional.eu-west-2.amazonaws.com waf-regional-fips.eu-west-2.amazonaws.com |
HTTPS HTTPS |
| Europe (Milan) | eu-south-1 |
waf-regional.eu-south-1.amazonaws.com waf-regional-fips.eu-south-1.amazonaws.com |
HTTPS HTTPS |
| Europe (Paris) | eu-west-3 |
waf-regional.eu-west-3.amazonaws.com waf-regional-fips.eu-west-3.amazonaws.com |
HTTPS HTTPS |
| Europe (Spain) | eu-south-2 |
waf-regional.eu-south-2.amazonaws.com waf-regional-fips.eu-south-2.amazonaws.com |
HTTPS HTTPS |
| Europe (Stockholm) | eu-north-1 |
waf-regional.eu-north-1.amazonaws.com waf-regional-fips.eu-north-1.amazonaws.com |
HTTPS HTTPS |
| Europe (Zurich) | eu-central-2 |
waf-regional.eu-central-2.amazonaws.com waf-regional-fips.eu-central-2.amazonaws.com |
HTTPS HTTPS |
| Israel (Tel Aviv) | il-central-1 |
waf-regional.il-central-1.amazonaws.com waf-regional-fips.il-central-1.amazonaws.com |
HTTPS HTTPS |
| Middle East (Bahrain) | me-south-1 |
waf-regional.me-south-1.amazonaws.com waf-regional-fips.me-south-1.amazonaws.com |
HTTPS HTTPS |
| Middle East (UAE) | me-central-1 |
waf-regional.me-central-1.amazonaws.com waf-regional-fips.me-central-1.amazonaws.com |
HTTPS HTTPS |
| South America (São Paulo) | sa-east-1 |
waf-regional.sa-east-1.amazonaws.com waf-regional-fips.sa-east-1.amazonaws.com |
HTTPS HTTPS |
| AWS GovCloud (US-East) | us-gov-east-1 |
waf-regional.us-gov-east-1.amazonaws.com waf-regional-fips.us-gov-east-1.amazonaws.com |
HTTPS HTTPS |
| AWS GovCloud (US-West) | us-gov-west-1 |
waf-regional.us-gov-west-1.amazonaws.com waf-regional-fips.us-gov-west-1.amazonaws.com |
HTTPS HTTPS |
Service quotas
| Name | Default | Adjustable | Description |
|---|---|---|---|
| Conditions per rule | Each supported Region: 10 | No | The maximum number of conditions you can add to a rule. |
| Filters per SQL injection match condition | Each supported Region: 10 | No | The maximum number of filters you can add to a SQL injection match condition. |
| Filters per cross-site scripting match condition | Each supported Region: 10 | No | The maximum number of filters you can add to a cross-site scripting match condition. |
| Filters per size constraint condition | Each supported Region: 10 | No | The maximum number of filters you can add to a size constraint condition. |
| Filters per string match condition | Each supported Region: 10 | No | The maximum number of filters you can add to a string match condition. |
| GeoMatchSets | Each supported Region: 50 | No | The maximum number of GeoMatchSets you can add to your account. |
| HTTP header name length | Each supported Region: 40 | No | The length, in bytes, that you want AWS WAF to inspect the HTTP header for in a size constraint condition. |
| IP address ranges per IP set match condition | Each supported Region: 10,000 | No | The maximum number of IP address ranges (in CIDR notation) you can add to an IP Set match condition. |
| IP addresses blocked per rate-based rule | Each supported Region: 10,000 | No | The maximum number of IP addresses blocked per rate-based rule. |
| Locations per GeoMatchSet | Each supported Region: 50 | No | The maximum number of locations you can add to a GeoMatchSet. |
| Logging destination configurations per web ACL | Each supported Region: 1 | No | The maximum number of logging destination configurations you can add to a web ACL. |
| Pattern sets per regex match condition | Each supported Region: 1 | No | The maximum number of pattern sets you can add to regex match condition. |
| Patterns per pattern set | Each supported Region: 10 | No | The maximum number of patterns you can add to a pattern set in a regex match condition. |
| Rate of requests | Each supported Region: 10,000 |
Yes |
The maximum number of requests per second on an Application Load Balancer. This limit applies only to AWS WAF on an Application Load Balancer. This limit can be increased using the AWS console. |
| Rate-based rule rate | Each supported Region: 2,000 | No | The maximum number of requests from a single IP address allowed in a five-minute period. |
| Rate-based rules | Each supported Region: 5 |
Yes |
The maximum number of rate-based rules you can create in your account. |
| Regex pattern length | Each supported Region: 70 | No | The number of characters that you want AWS WAF to search for in the pattern in a regex match condition. |
| Regex pattern sets | Each supported Region: 5 | No | The maximum number of regex pattern sets you can add to your account. |
| Rules | Each supported Region: 100 |
Yes |
The maximum number of rules you can create in your account. |
| Rules per web ACL | Each supported Region: 10 | No | The maximum number of rules you can add to a web ACL. |
| Search length | Each supported Region: 50 | No | The length, in bytes, that you want AWS WAF to watch for in a size constraint condition. |
| Web ACLs | Each supported Region: 50 |
Yes |
The maximum number of Web ACLs you can create in your account. |
For more information, see AWS WAF Classic quotas in the AWS WAF Developer Guide.
