Search code examples
amazon-web-servicesaws-cloudformationaws-api-gateway

AWS: Attach WAF to api gateway using cloudformation template

I have created WAF in my AWS account and I want to integrate that with my API gateway rest endpoint.

I found below command to integrate WAF with API gateway rest endpoint but same thing I have to do using Cloudformation template.

aws waf-regional associate-web-acl \
--web-acl-id 'aabc123a-fb4f-4fc6-becb-2b00831cadcf' \
--resource-arn 'arn:aws:apigateway:{region}::/restapis/4wk1k4onj3/stages/prod'

From AWS documentation as well I'm not able to figure out that how to attach WAF with API gateway endpoint.

Here is how WAF configuration looks in AWS UI: enter image description here

Solution

  • Here is way to integrate WAF with any WAF supported resource in AWS: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-wafregional-webaclassociation.html

    "MyWebACLAssociation": {
  "Type": "AWS::WAFRegional::WebACLAssociation",
  "Properties": {
    "ResourceArn": { "Ref": "MyLoadBalancer" },
    "WebACLId": { "Ref": "MyWebACL" }
  }
}

    Edit:The docs for the newer WAFv2: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-wafv2-webaclassociation.html