WAF ACLs, IP rules, etc not shown (not created?) on AWS WAF Console

[cscareerkaizen]

I followed the guide (https://docs.aws.amazon.com/solutions/latest/aws-waf-security-automations/deployment.html) which created two CF stacks successfully.

Since we use ALB not CF, I chose ALB.

But when I go to AWS WAF Console, I see no WAF resources shown. Even if I picked us-east-1, nothing shown.

If I go to EC2 console and pick ALB, it says "this ALB not WAF protected"

[rakshb]

Hello @cscareerkaizen, Thanks for reaching out. Are you using V2.3.2? This version supports AWS WAF Classic.

If you go to AWS WAF on console, by default it shows the WAFv2 UI. You will have to switch to WAF Classic (you can make the selection in the blue banner as shown in the picture) You will be able to find your WAF security automation related resources under WAF Classic UI.

We are also working on a new version of WAF Security Automations to support WAFv2 and will be releasing it shortly.

[cscareerkaizen]

I see it in WAF classic but not from ELB integrated services @rakshb

Is this okay? How can I really know ELB is WAF-protected ?

[peteroruba]

@cscareerkaizen to attach a WAF ruleset to your ALB go to "AWS Firewall Manager" -> "AWS WAF Classic" -> Select "Web ACLs" (under left hand side menu items) -> Select your region at "Filter" -> Select your Web ACL -> Then select the tab "Rules" -> At the bottom you'll find a button "Add association" which lets you attach your Web ACL ruleset to a load balancer.

[rakshb]

Thanks @peteroruba! Give us a thumbs up when you are able to set up the association successfully @cscareerkaizen

[cscareerkaizen]

Yes, was able to. Thanks!

[dclose20]

@rakshb Do you have any timeline on the WAFv2 support? I'm interested in implementing this solution, but would rather hold off until then. Thanks!!

[rakshb]

@dclose20 We released WAF V3.0 last week with support for WAFv2 API. Check it out on https://aws.amazon.com/solutions/implementations/aws-waf-security-automations/