AWS WAF and AWS Shield Advanced
Developer Guide (API Version 2015-08-24)

Document History

  • API Version: 2015-08-24

  • Latest documentation update: July 25, 2016

The following table describes important changes in each release of the AWS WAF Developer Guide.

Change API Version Description Release Date
Update 2016-08-24 Marketplace rule groups November, 2017
Update 2016-08-24 Shield Advanced support for Elastic IP addresses November, 2017
Update 2016-08-24 Global threat environment dashboard November, 2017
Update 2016-08-24 DDoS-resistant website tutorial October, 2017
Update 2016-08-24 Geo and regex conditions October, 2017
Update 2016-08-24 Rate-based rules June, 2017
Update 2016-08-24 Reorganization April, 2017
Update 2016-08-24 Added information about DDOS protection and support for Application Load Balancers. November, 2016
Update 2015-08-24 Added information about AWS WAF PCI DSS Compliance for AWS WAF. July 25, 2016
New Features 2015-08-24

You can now log all your API calls to AWS WAF through AWS CloudTrail, the AWS service that records API calls for your account and delivers log files to your S3 bucket. CloudTrail logs can be used to enable security analysis, track changes to your AWS resources, and aid in compliance auditing. Integrating AWS WAF and CloudTrail lets you determine which requests were made to the AWS WAF API, the source IP address from which each request was made, who made the request, when it was made, and more.

If you are already using AWS CloudTrail, you will start seeing AWS WAF API calls in your AWS CloudTrail log. If you haven't turned on AWS CloudTrail for your account, you can turn on CloudTrail from the AWS Management Console. There is no additional charge for turning on CloudTrail, but standard rates for Amazon S3 and Amazon SNS usage apply.

April 28, 2016

New Features


You can now use AWS WAF to allow, block, or count web requests that appear to contain malicious scripts, known as cross-site scripting or XSS. Attackers sometimes insert malicious scripts into web requests in an effort to exploit vulnerabilities in web applications. For more information, see Working with Cross-site Scripting Match Conditions.

March 29, 2016

New Features


With this release, AWS WAF adds the following features:

January 27, 2016

New Feature


You can now use the AWS WAF console to choose the CloudFront distributions that you want to associate a web ACL with. For more information, see Associating or Disassociating a Web ACL and a CloudFront Distribution.

November 16, 2015

Initial Release


This is the first release of the AWS WAF Developer Guide.

October 6, 2015