1

Can somebody clarify on how AWS WAF pricing works in the below mentioned scenarios

  1. Once the malicious IPs are blacklisted using IP sets, does the WAF charge us for the subsequent requests from those blacklisted IPs?
  2. When the requests are rate limited, does the WAF charge us for the blocked requests of an IP(requests beyond the limit set for 5 minutes interval)?
  3. As per WAF quotas documentation, requests per second per web ACL is 25,000 for ALB. Does this count include only the requests allowed or blocked requests as well?
neuro
  • 14,948
  • 3
  • 36
  • 59
Shashikumar
  • 21
  • 3

1 Answers1

2

All WAF quotas are for any request that it must process.

This is regardless of whether they're allow or block, as the cost is of the evaluation of the rules against the request.

Chris Williams
  • 32,215
  • 4
  • 30
  • 68