AWS WAF endpoints and quotas - AWS General Reference

AWS WAF endpoints and quotas

The following are the service endpoints and service quotas for this service. To connect programmatically to an AWS service, you use an endpoint. In addition to the standard AWS endpoints, some AWS services offer FIPS endpoints in selected Regions. For more information, see AWS service endpoints. Service quotas, also referred to as limits, are the maximum number of service resources or operations for your AWS account. For more information, see AWS service quotas.

Note

This page provides information related the latest version of AWS WAF, released in November 2019. The names of the entities that you use to access AWS WAF, like endpoints and namespaces, all have the versioning information added, like V2 or v2, to distinguish from the prior version.

Service endpoints

Region Name Region Endpoint Protocol
US East (Ohio) us-east-2

wafv2.us-east-2.amazonaws.com

wafv2-fips.us-east-2.amazonaws.com

HTTPS

HTTPS

US East (N. Virginia) us-east-1

wafv2.us-east-1.amazonaws.com

wafv2-fips.us-east-1.amazonaws.com

HTTPS

HTTPS

US West (N. California) us-west-1

wafv2.us-west-1.amazonaws.com

wafv2-fips.us-west-1.amazonaws.com

HTTPS

HTTPS

US West (Oregon) us-west-2

wafv2.us-west-2.amazonaws.com

wafv2-fips.us-west-2.amazonaws.com

HTTPS

HTTPS

Africa (Cape Town) af-south-1

wafv2.af-south-1.amazonaws.com

wafv2-fips.af-south-1.amazonaws.com

HTTPS

HTTPS

Asia Pacific (Hong Kong) ap-east-1

wafv2.ap-east-1.amazonaws.com

wafv2-fips.ap-east-1.amazonaws.com

HTTPS

HTTPS

Asia Pacific (Mumbai) ap-south-1

wafv2.ap-south-1.amazonaws.com

wafv2-fips.ap-south-1.amazonaws.com

HTTPS

HTTPS

Asia Pacific (Osaka) ap-northeast-3

wafv2.ap-northeast-3.amazonaws.com

wafv2-fips.ap-northeast-3.amazonaws.com

HTTPS

HTTPS

Asia Pacific (Seoul) ap-northeast-2

wafv2.ap-northeast-2.amazonaws.com

wafv2-fips.ap-northeast-2.amazonaws.com

HTTPS

HTTPS

Asia Pacific (Singapore) ap-southeast-1

wafv2.ap-southeast-1.amazonaws.com

wafv2-fips.ap-southeast-1.amazonaws.com

HTTPS

HTTPS

Asia Pacific (Sydney) ap-southeast-2

wafv2.ap-southeast-2.amazonaws.com

wafv2-fips.ap-southeast-2.amazonaws.com

HTTPS

HTTPS

Asia Pacific (Tokyo) ap-northeast-1

wafv2.ap-northeast-1.amazonaws.com

wafv2-fips.ap-northeast-1.amazonaws.com

HTTPS

HTTPS

Canada (Central) ca-central-1

wafv2.ca-central-1.amazonaws.com

wafv2-fips.ca-central-1.amazonaws.com

HTTPS

HTTPS

Europe (Frankfurt) eu-central-1

wafv2.eu-central-1.amazonaws.com

wafv2-fips.eu-central-1.amazonaws.com

HTTPS

HTTPS

Europe (Ireland) eu-west-1

wafv2.eu-west-1.amazonaws.com

wafv2-fips.eu-west-1.amazonaws.com

HTTPS

HTTPS

Europe (London) eu-west-2

wafv2.eu-west-2.amazonaws.com

wafv2-fips.eu-west-2.amazonaws.com

HTTPS

HTTPS

Europe (Milan) eu-south-1

wafv2.eu-south-1.amazonaws.com

wafv2-fips.eu-south-1.amazonaws.com

HTTPS

HTTPS

Europe (Paris) eu-west-3

wafv2.eu-west-3.amazonaws.com

wafv2-fips.eu-west-3.amazonaws.com

HTTPS

HTTPS

Europe (Stockholm) eu-north-1

wafv2.eu-north-1.amazonaws.com

wafv2-fips.eu-north-1.amazonaws.com

HTTPS

HTTPS

Middle East (Bahrain) me-south-1

wafv2.me-south-1.amazonaws.com

wafv2-fips.me-south-1.amazonaws.com

HTTPS

HTTPS

South America (São Paulo) sa-east-1

wafv2.sa-east-1.amazonaws.com

wafv2-fips.sa-east-1.amazonaws.com

HTTPS

HTTPS

AWS GovCloud (US-East) us-gov-east-1

wafv2.us-gov-east-1.amazonaws.com

wafv2-fips.us-gov-east-1.amazonaws.com

HTTPS

HTTPS

AWS GovCloud (US-West) us-gov-west-1

wafv2.us-gov-west-1.amazonaws.com

wafv2-fips.us-gov-west-1.amazonaws.com

HTTPS

HTTPS

Service quotas

Name Default Adjustable
Maximum IP sets per account in WAF for regional All supported Regions: 100 No
Maximum number of IP addresses in an IP set in WAF for regional All supported Regions: 10,000 No
Maximum number of bytes in a string match (byte match) string in WAF for regional All supported Regions: 200 No
Maximum number of characters allowed in a regex pattern per account in WAF for regional All supported Regions: 200 No
Maximum number of log destination configs per web ACL in WAF for regional All supported Regions: 1 No
Maximum number of patterns in a regex pattern set per account in WAF for regional All supported Regions: 10 No
Maximum number of rate-based statements per web ACL in WAF for Cloudfront All supported Regions: 10 Yes
Maximum number of referenced statements per rule group or web ACL in WAF for regional All supported Regions: 50 No
Maximum number of web ACL capacity units in a rule group in WAF for regional All supported Regions: 1,500 Yes
Maximum number of web ACL capacity units in a web ACL in WAF for regional All supported Regions: 1,500 Yes
Maximum regex pattern sets per account in WAF for regional All supported Regions: 10 No
Maximum rule groups per account in WAF for regional All supported Regions: 100 Yes
Maximum web ACLs per account in WAF for regional All supported Regions: 100 Yes

For more information, see AWS WAF quotas in the AWS WAF Developer Guide.