I want to secure my Amazon CloudFront distribution with an existing AWS WAF web access control list (web ACL).
Resolution
To turn on AWS WAF protection for your CloudFront distribution, use either the AWS WAF console or the CloudFront console.
Use the AWS WAF console
Complete the following steps:
- Open the AWS WAF console.
- In the navigation pane, under AWS WAF, choose Web ACLs.
- For Region, choose Global (CloudFront).
- Select the web ACL.
- For Associated AWS resources, choose Add AWS resources.
- Select your CloudFront distribution from the list.
- Choose Add.
Use the CloudFront console
Complete the following steps:
- Open the AWS CloudFront console.
- In the navigation pane, choose Distributions.
- Select your CloudFront distribution.
- For Security, choose Security - Web Application Firewall (WAF), and then choose Edit.
- Choose Enable security protections.
- Choose Use existing WAF configuration.
- Under Choose a web ACL, select the web ACL.
- Choose Save changes.
Related information
Creating a web ACL
Turning on AWS WAF for distributions
Using AWS WAF protections