WAFv2

Web ACLs, IP sets, regex pattern sets, rule groups.

JSON-RPC (X-Amz-Target) multi-tenant 24 operations

Quick start

import boto3
waf = boto3.client("wafv2", endpoint_url="http://localhost:4566",
                   region_name="us-east-1",
                   aws_access_key_id="test", aws_secret_access_key="test")
waf.create_web_acl(Name="acl", Scope="REGIONAL",
    DefaultAction={"Allow":{}}, Rules=[],
    VisibilityConfig={"SampledRequestsEnabled":False,
                      "CloudWatchMetricsEnabled":False,"MetricName":"m"})

Supported operations

24 operations exposed by this service as of MiniStack 1.3.14. Extracted directly from the handler dispatch in the source module.

AssociateWebACL CheckCapacity CreateIPSet CreateRuleGroup CreateWebACL DeleteIPSet DeleteRuleGroup DeleteWebACL DescribeManagedRuleGroup DisassociateWebACL GetIPSet GetRuleGroup GetWebACL GetWebACLForResource ListIPSets ListResourcesForWebACL ListRuleGroups ListTagsForResource ListWebACLs TagResource UntagResource UpdateIPSet UpdateRuleGroup UpdateWebACL

CloudFormation

The CloudFormation engine provisions these resource types via this service:

AWS::WAFv2::WebACL

See CloudFormation engine for intrinsic support and lifecycle details.

Known limitations

Rules are stored but not enforced — incoming traffic is never filtered.
Sampled-requests and CloudWatch metrics are not populated.

Source

ministack/services/waf.py:85-145

Read the source to verify the ops list above — dispatch tables and handler functions are the ground truth.

See also: all services · configuration · limitations.