Home > Glossary > AWS Certified Cloud Practitioner > AWS Web Application Firewall (WAF)

📖 What is AWS Web Application Firewall (WAF)?

AWS Web Application Firewall (WAF) is a web application firewall that helps protect web applications from common web exploits. It allows you to control traffic by creating security rules that block common attack patterns, such as SQL injection or cross-site scripting (XSS).

🥋 Sensei Says:

"Crucial distinction: while AWS Shield protects the network layer (Layers 3 and 4), WAF protects the application layer (Layer 7). This is a common trick on the exam."

📚 Certification: AWS Certified Cloud Practitioner (CLF-C02)

🔑 What are the Key Concepts of AWS Web Application Firewall (WAF)?

▸ Operates at Layer 7 of the OSI model, focusing specifically on the application layer to filter HTTP and HTTPS web traffic.
▸ Protects against common web exploits including SQL injection (SQLi) and Cross-Site Scripting (XSS) by analyzing request patterns.
▸ Integrates seamlessly with AWS services such as Application Load Balancer (ALB), Amazon CloudFront, and Amazon API Gateway.
▸ Uses a rule-based system where you can create custom rules or utilize AWS Managed Rules for faster deployment.
▸ Provides the ability to allow, block, or count requests based on IP addresses, HTTP headers, or custom URI strings.

🎯 How does AWS Web Application Firewall (WAF) appear on the CLF-C02 Exam?

A scenario might describe a company experiencing SQL injection attacks on their public website; you must identify AWS WAF as the correct service to filter this application-layer traffic.

You may be asked to differentiate between services protecting against DDoS attacks at the network layer versus those blocking malicious HTTP requests at the application layer.

Expect questions where you must select the appropriate security tool to protect an Application Load Balancer from specific malicious web patterns and unauthorized IP ranges.

❓ Frequently Asked Questions

What is the primary difference between AWS WAF and AWS Shield?

AWS WAF operates at Layer 7 (Application) to block specific web exploits like XSS, while AWS Shield focuses on Layers 3 and 4 (Network/Transport) to protect against volumetric DDoS attacks.

Do I have to write all the security rules manually in AWS WAF?

No, you can use AWS Managed Rules, which are pre-configured rule sets maintained by AWS or third-party vendors to protect against common threats without requiring manual configuration.

Related Terms from AWS Certified Cloud Practitioner

AWS Cloud Adoption Framework (CAF) AWS Professional Services Amazon S3 AWS Lake Formation Virtualization AWS Snow Family

📝 Related Study Guides

Study Guide 8 min read

AWS Cloud Practitioner (CLF-C02): Complete 2026 Study Guide

The AWS Cloud Practitioner CLF-C02 certification validates foundational cloud knowledge across four domains: Cloud Concepts, Security and Compliance, Cloud Technology and Services, and Billing and Pricing. Prepare with a 4-week study plan focusing on core AWS services like EC2, S3, IAM, and Lambda, combined with scenario-based practice questions to build exam confidence.

Study Guide 10 min read

AWS Cloud Practitioner (CLF-C02) Study Guide for 2026

The AWS Cloud Practitioner (CLF-C02) exam validates overall understanding of the AWS Cloud platform. To pass, you must master four domains: Cloud Concepts, Security and Compliance, Technology, and Billing and Pricing. A successful strategy combines official AWS documentation with rigorous practice exams to benchmark your knowledge across all service categories.

Deep Dive 8 min read

AWS Support Plans & Pricing: CLF-C02 Exam Guide

AWS offers four support plans—Basic, Developer, Business, and Enterprise—differing by response time, access to engineers, and the inclusion of a Technical Account Manager (TAM). For the CLF-C02 exam, you must distinguish these tiers and understand pricing models like On-Demand, Reserved, Spot, and Savings Plans to optimize cloud costs.