Anthropic-Cybersecurity-Skills/skills/securing-api-gateway-with-aws-waf/references/api-reference.md

API Reference: Securing API Gateway with AWS WAF

boto3 WAFv2 Client

Installation

pip install boto3

Client Initialization

client = boto3.client("wafv2", region_name="us-east-1")

Key Methods

Method	Description
create_web_acl()	Create a new Web ACL with rules and default action
update_web_acl()	Modify rules, requires LockToken for optimistic concurrency
get_web_acl()	Retrieve full Web ACL configuration and lock token
list_web_acls()	List all Web ACLs in a scope (REGIONAL or CLOUDFRONT)
associate_web_acl()	Attach Web ACL to API Gateway, ALB, or AppSync
get_sampled_requests()	Retrieve sampled requests for a specific rule metric
get_rate_based_statement_managed_keys()	Get IPs currently rate-limited
put_logging_configuration()	Configure WAF logging to Firehose/S3
list_resources_for_web_acl()	List resources associated with a Web ACL

Managed Rule Groups

Rule Group	Protection
AWSManagedRulesCommonRuleSet	OWASP Top 10 common attacks
AWSManagedRulesSQLiRuleSet	SQL injection patterns
AWSManagedRulesKnownBadInputsRuleSet	Known bad request patterns
AWSManagedRulesAmazonIpReputationList	Malicious IP blocking
AWSManagedRulesBotControlRuleSet	Bot detection and management

Rate-Based Rule Parameters

Parameter	Type	Description
Limit	int	Max requests per 5-minute window (min: 100)
AggregateKeyType	str	IP or FORWARDED_IP
ScopeDownStatement	dict	Optional filter to scope rate limiting

CloudWatch Metrics (Namespace: AWS/WAFV2)

Metric	Description
AllowedRequests	Requests allowed by WAF
BlockedRequests	Requests blocked by WAF
CountedRequests	Requests matched in Count mode
PassedRequests	Requests not matching any rule

References

• boto3 WAFv2 docs: https://boto3.amazonaws.com/v1/documentation/api/latest/reference/services/wafv2.html
• AWS WAF Developer Guide: https://docs.aws.amazon.com/waf/latest/developerguide/
• AWS Managed Rules list: https://docs.aws.amazon.com/waf/latest/developerguide/aws-managed-rule-groups-list.html