AWS WAF and AWS Shield Advanced
Developer Guide (API Version 2015-08-24)

Step 4: Deploy AWS WAF Security Automations

AWS provides preconfigured templates that include a set of AWS WAF rules, which you can customize to best fit your needs. These templates are designed to block common web-based attacks such as bad bots, SQL injection, cross-site scripting (XSS), HTTP floods, and known-attacker attacks. In addition to enabling Shield Advanced and specifying resources for Shield Advanced protection, you also should use these preconfigured templates.

For more information, see AWS WAF Security Automations. AWS WAF is included with Shield Advanced at no additional cost.