Level 200: CloudFront with WAF Protection

Authors

• Ben Potter, Security Lead, Well-Architected

Introduction

This hands-on lab will guide you through the steps to protect a workload from network based attacks using Amazon CloudFront and AWS Web Application Firewall (WAF). You will use the AWS Management Console and AWS CloudFormation to guide you through how to deploy CloudFront with WAF integration to apply defense in depth methods. Skills learned will help you secure your workloads in alignment with the AWS Well-Architected Framework .

Goals

• Protecting network and host-level boundaries
• System security configuration and maintenance
• Enforcing service-level protection

Prerequisites

• An AWS account that you are able to use for testing, that is not used for production or other purposes. NOTE: You will be billed for any applicable AWS resources used if you complete this lab.

Steps:

• Launch Instance
• Configure AWS WAF
• Configure Amazon CloudFront
• Tear down this lab