AWS WAF endpoints and quotas - AWS General Reference

AWS WAF endpoints and quotas

The following are the service endpoints and service quotas for this service. To connect programmatically to an AWS service, you use an endpoint. In addition to the standard AWS endpoints, some AWS services offer FIPS endpoints in selected Regions. For more information, see AWS service endpoints. Service quotas, also referred to as limits, are the maximum number of service resources or operations for your AWS account. For more information, see AWS service quotas.

Note

This page provides information related the latest version of AWS WAF, released in November 2019. The names of the entities that you use to access AWS WAF, like endpoints and namespaces, all have the versioning information added, like V2 or v2, to distinguish from the prior version.

Service endpoints

Region Name Region Endpoint Protocol
US East (Ohio) us-east-2

wafv2.us-east-2.amazonaws.com

wafv2-fips.us-east-2.amazonaws.com

HTTPS

HTTPS

US East (N. Virginia) us-east-1

wafv2.us-east-1.amazonaws.com

wafv2-fips.us-east-1.amazonaws.com

HTTPS

HTTPS

US West (N. California) us-west-1

wafv2.us-west-1.amazonaws.com

wafv2-fips.us-west-1.amazonaws.com

HTTPS

HTTPS

US West (Oregon) us-west-2

wafv2.us-west-2.amazonaws.com

wafv2-fips.us-west-2.amazonaws.com

HTTPS

HTTPS

Africa (Cape Town) af-south-1

wafv2.af-south-1.amazonaws.com

wafv2-fips.af-south-1.amazonaws.com

HTTPS

HTTPS

Asia Pacific (Hong Kong) ap-east-1

wafv2.ap-east-1.amazonaws.com

wafv2-fips.ap-east-1.amazonaws.com

HTTPS

HTTPS

Asia Pacific (Hyderabad) ap-south-2

wafv2.ap-south-2.amazonaws.com

wafv2-fips.ap-south-2.amazonaws.com

HTTPS

HTTPS

Asia Pacific (Jakarta) ap-southeast-3

wafv2.ap-southeast-3.amazonaws.com

wafv2-fips.ap-southeast-3.amazonaws.com

HTTPS

HTTPS

Asia Pacific (Malaysia) ap-southeast-5

wafv2.ap-southeast-5.amazonaws.com

wafv2-fips.ap-southeast-5.amazonaws.com

HTTPS

HTTPS

Asia Pacific (Melbourne) ap-southeast-4

wafv2.ap-southeast-4.amazonaws.com

wafv2-fips.ap-southeast-4.amazonaws.com

HTTPS

HTTPS

Asia Pacific (Mumbai) ap-south-1

wafv2.ap-south-1.amazonaws.com

wafv2-fips.ap-south-1.amazonaws.com

HTTPS

HTTPS

Asia Pacific (Osaka) ap-northeast-3

wafv2.ap-northeast-3.amazonaws.com

wafv2-fips.ap-northeast-3.amazonaws.com

HTTPS

HTTPS

Asia Pacific (Seoul) ap-northeast-2

wafv2.ap-northeast-2.amazonaws.com

wafv2-fips.ap-northeast-2.amazonaws.com

HTTPS

HTTPS

Asia Pacific (Singapore) ap-southeast-1

wafv2.ap-southeast-1.amazonaws.com

wafv2-fips.ap-southeast-1.amazonaws.com

HTTPS

HTTPS

Asia Pacific (Sydney) ap-southeast-2

wafv2.ap-southeast-2.amazonaws.com

wafv2-fips.ap-southeast-2.amazonaws.com

HTTPS

HTTPS

Asia Pacific (Tokyo) ap-northeast-1

wafv2.ap-northeast-1.amazonaws.com

wafv2-fips.ap-northeast-1.amazonaws.com

HTTPS

HTTPS

Canada (Central) ca-central-1

wafv2.ca-central-1.amazonaws.com

wafv2-fips.ca-central-1.amazonaws.com

HTTPS

HTTPS

Canada West (Calgary) ca-west-1

wafv2.ca-west-1.amazonaws.com

wafv2-fips.ca-west-1.amazonaws.com

HTTPS

HTTPS

Europe (Frankfurt) eu-central-1

wafv2.eu-central-1.amazonaws.com

wafv2-fips.eu-central-1.amazonaws.com

HTTPS

HTTPS

Europe (Ireland) eu-west-1

wafv2.eu-west-1.amazonaws.com

wafv2-fips.eu-west-1.amazonaws.com

HTTPS

HTTPS

Europe (London) eu-west-2

wafv2.eu-west-2.amazonaws.com

wafv2-fips.eu-west-2.amazonaws.com

HTTPS

HTTPS

Europe (Milan) eu-south-1

wafv2.eu-south-1.amazonaws.com

wafv2-fips.eu-south-1.amazonaws.com

HTTPS

HTTPS

Europe (Paris) eu-west-3

wafv2.eu-west-3.amazonaws.com

wafv2-fips.eu-west-3.amazonaws.com

HTTPS

HTTPS

Europe (Spain) eu-south-2

wafv2.eu-south-2.amazonaws.com

wafv2-fips.eu-south-2.amazonaws.com

HTTPS

HTTPS

Europe (Stockholm) eu-north-1

wafv2.eu-north-1.amazonaws.com

wafv2-fips.eu-north-1.amazonaws.com

HTTPS

HTTPS

Europe (Zurich) eu-central-2

wafv2.eu-central-2.amazonaws.com

wafv2-fips.eu-central-2.amazonaws.com

HTTPS

HTTPS

Israel (Tel Aviv) il-central-1

wafv2.il-central-1.amazonaws.com

wafv2-fips.il-central-1.amazonaws.com

HTTPS

HTTPS

Middle East (Bahrain) me-south-1

wafv2.me-south-1.amazonaws.com

wafv2-fips.me-south-1.amazonaws.com

HTTPS

HTTPS

Middle East (UAE) me-central-1

wafv2.me-central-1.amazonaws.com

wafv2-fips.me-central-1.amazonaws.com

HTTPS

HTTPS

South America (São Paulo) sa-east-1

wafv2.sa-east-1.amazonaws.com

wafv2-fips.sa-east-1.amazonaws.com

HTTPS

HTTPS

AWS GovCloud (US-East) us-gov-east-1

wafv2.us-gov-east-1.amazonaws.com

wafv2-fips.us-gov-east-1.amazonaws.com

HTTPS

HTTPS

AWS GovCloud (US-West) us-gov-west-1

wafv2.us-gov-west-1.amazonaws.com

wafv2-fips.us-gov-west-1.amazonaws.com

HTTPS

HTTPS

Service quotas

Name Default Adjustable Description
Maximum IP sets per account in WAF for CloudFront Each supported Region: 100 No The maximum number of IP sets you can create in your account for CloudFront.
Maximum IP sets per account in WAF for regional Each supported Region: 100 No The maximum number of IP sets you can create in your account for regional.
Maximum combined size in kilobytes of all response body content for a single rule group or a single web ACL for CloudFront Each supported Region: 50 No The maximum combined size in kilobytes of all response body content for a single rule group or a single web ACL for CloudFront.
Maximum combined size in kilobytes of all response body content for a single rule group or a single web ACL for regional Each supported Region: 50 No The maximum combined size in kilobytes of all response body content for a single rule group or a single web AC for regional.
Maximum number of IP addresses in an IP set in WAF for CloudFront Each supported Region: 10,000 No The maximum number of IP addresses allowed in an IP set for CloudFront.
Maximum number of IP addresses in an IP set in WAF for regional Each supported Region: 10,000 No The maximum number of IP addresses allowed in an IP set for regional.
Maximum number of bytes in a string match (byte match) string in WAF for CloudFront Each supported Region: 200 No The maximum number of bytes you can create in a string match (byte match) string for CloudFront.
Maximum number of bytes in a string match (byte match) string in WAF for regional Each supported Region: 200 No The maximum number of bytes you can create in a string match (byte match) string for regional.
Maximum number of characters allowed in a regex pattern per account in WAF for Cloudfront Each supported Region: 200 No The maximum number of characters allowed in a regex pattern in your account for CloudFront.
Maximum number of characters allowed in a regex pattern per account in WAF for regional Each supported Region: 200 No The maximum number of characters allowed in a regex pattern in your account for regional.
Maximum number of custom headers for a single custom request definition for CloudFront Each supported Region: 10 No The maximum number of custom headers for a single custom request definition for CloudFront.
Maximum number of custom headers for a single custom request definition for regional Each supported Region: 10 No The maximum number of custom headers for a single custom request definition for regional.
Maximum number of custom headers for a single custom response definition for CloudFront Each supported Region: 10 No The maximum number of custom headers for a single custom response definition for CloudFront.
Maximum number of custom headers for a single custom response definition for regional Each supported Region: 10 No The maximum number of custom headers for a single custom response definition for regional.
Maximum number of custom request headers per web ACL or rule group for CloudFront Each supported Region: 100 Yes The maximum number of custom request headers per web ACL or rule group for CloudFront.
Maximum number of custom request headers per web ACL or rule group for regional Each supported Region: 100 Yes The maximum number of custom request headers per web ACL or rule group for regional.
Maximum number of custom response bodies per web ACL or rule group for CloudFront Each supported Region: 50 Yes The maximum number of custom response bodies per web ACL or rule group for CloudFront.
Maximum number of custom response bodies per web ACL or rule group for regional Each supported Region: 50 Yes The maximum number of custom response bodies per web ACL or rule group for regional.
Maximum number of custom response headers per web ACL or rule group for CloudFront Each supported Region: 100 Yes The maximum number of custom response headers per web ACL or rule group for CloudFront.
Maximum number of custom response headers per web ACL or rule group for regional Each supported Region: 100 Yes The maximum number of custom response headers per web ACL or rule group for regional.
Maximum number of log destination configs per web ACL in WAF for Cloudfront Each supported Region: 1 No The maximum number of log destination configs allowed in a web ACL for CloudFront.
Maximum number of log destination configs per web ACL in WAF for regional Each supported Region: 1 No The maximum number of log destination configs allowed in a web ACL for regional.
Maximum number of patterns in a regex pattern set per account in WAF for Cloudfront Each supported Region: 10 No The maximum number of patterns in a regex pattern set you can create in your account for CloudFront.
Maximum number of patterns in a regex pattern set per account in WAF for regional Each supported Region: 10 No The maximum number of patterns in a regex pattern set you can create in your account for regional.
Maximum number of rate-based statements per web ACL in WAF for Cloudfront Each supported Region: 10 No The maximum number of rate-based statements allowed in a web ACL for CloudFront.
Maximum number of rate-based statements per web ACL in WAF for regional Each supported Region: 10 No The maximum number of rate-based statements allowed in a web ACL for CloudFront.
Maximum number of referenced statements per rule group or web ACL in WAF for Cloudfront Each supported Region: 50 No The maximum number of referenced statements allowed within a rule group or web ACL for CloudFront.
Maximum number of referenced statements per rule group or web ACL in WAF for regional Each supported Region: 50 No The maximum number of referenced statements allowed within a rule group or web ACL for regional.
Maximum number of requests per second per web ACL for CloudFront Each supported Region: 25,000 Yes The maximum number of requests per second per web ACL for CloudFront.
Maximum number of requests per second per web ACL for regional Each supported Region: 25,000 Yes The maximum number of requests per second per web ACL for regional.
Maximum number of text transformations per rule statement for CloudFront Each supported Region: 3 No The maximum number of text transformations per rule statement for CloudFront.
Maximum number of text transformations per rule statement for regional Each supported Region: 3 No The maximum number of text transformations per rule statement for regional.
Maximum number of unique IP addresses that can be blocked per rate-based rule for CloudFront Each supported Region: 10,000 No The maximum number of unique IP addresses that can be blocked per rate-based rule for CloudFront.
Maximum number of unique IP addresses that can be blocked per rate-based rule for regional Each supported Region: 10,000 No The maximum number of unique IP addresses that can be blocked per rate-based rule for regional.
Maximum number of web ACL capacity units in a rule group in WAF for CloudFront Each supported Region: 5,000 No The maximum number of web ACL capacity units allowed in a rule group for CloudFront.
Maximum number of web ACL capacity units in a rule group in WAF for regional Each supported Region: 5,000 No The maximum number of web ACL capacity units allowed in a rule group for regional.
Maximum number of web ACL capacity units in a web ACL in WAF for CloudFront Each supported Region: 5,000 No The maximum number of web ACL capacity units allowed in a web ACL for CloudFront.
Maximum number of web ACL capacity units in a web ACL in WAF for regional Each supported Region: 5,000 No The maximum number of web ACL capacity units allowed in a web ACL for regional.
Maximum regex pattern sets per account in WAF for CloudFront Each supported Region: 10 No The maximum number of regex pattern sets you can create in your account for CloudFront.
Maximum regex pattern sets per account in WAF for regional Each supported Region: 10 No The maximum number of regex pattern sets you can create in your account for regional.
Maximum rule groups per account in WAF for CloudFront Each supported Region: 100 Yes The maximum number of rule groups you can create in your account for CloudFront.
Maximum rule groups per account in WAF for regional Each supported Region: 100 Yes The maximum number of rule groups you can create in your account for regional.
Maximum size in kilobytes of a web request body that can be inspected for Application Load Balancer and AWS AppSync protections Each supported Region: 8 No The maximum size in kilobytes of a web request body that can be inspected for Application Load Balancer and AWS AppSync protections.
Maximum size in kilobytes of a web request body that can be inspected for CloudFront, API Gateway, Amazon Cognito, App Runner, and Verified Access protections Each supported Region: 64 No The maximum size in kilobytes of a web request body that can be inspected for CloudFront, API Gateway, Amazon Cognito, App Runner, and Verified Access protections.
Maximum size in kilobytes of the custom response body content for a single custom response definition for CloudFront Each supported Region: 4 No The maximum size in kilobytes of the custom response body content for a single custom response definition for CloudFront.
Maximum size in kilobytes of the custom response body content for a single custom response definition for regional Each supported Region: 4 No The maximum size in kilobytes of the custom response body content for a single custom response definition for regional.
Maximum web ACLs per account in WAF for CloudFront Each supported Region: 100 Yes The maximum number of web ACLs you can create in your account for CloudFront.
Maximum web ACLs per account in WAF for regional Each supported Region: 100 Yes The maximum number of web ACLs you can create in your account for regional.
Minimum request rate that can be defined for a rate-based rule for CloudFront Each supported Region: 100 No The minimum request rate that can be defined for a rate-based rule for CloudFront.
Minimum request rate that can be defined for a rate-based rule for regional Each supported Region: 100 No The minimum request rate that can be defined for a rate-based rule for regional.
Number of token domains per web ACL for CloudFront Each supported Region: 10 Yes The number of token domains per web ACL for CloudFront.
Number of token domains per web ACL for regional Each supported Region: 10 Yes The number of token domains per web ACL for regional.

For more information, see AWS WAF quotas in the AWS WAF Developer Guide.