Forum Discussion

Sriram_Shanmuga's avatar
Sriram_Shanmuga
Icon for Altostratus rankAltostratus
Mar 28, 2019

How to configure WAF to protect applications hosted in AWS CDN environment.

We have a requirement to configure ASM security policy for an application hosted in AWS CDN environment. The lambda function is used and have 2 subnets attached to it. The application has an url https://abcdef.cloudfront.net and resolves to a random public ip.

 

My query is how to configure WAF policy to protect the application hosted in AWS CDN environment.

 

Thanks Sriram

 

1 Reply

  • F5 ASM can only protect application traffic flowing through your F5 ASM device. If CDN traffic you are taking about is 100% within AWS Cloudfront and is not flowing though F5 ASM in EC2 then you can't protect it.

     

    If however in your design the traffic is flowing through F5 ASM then the WAF policy would be a standard JSON profile policy as AWS Lambda function calls are just JSON