securing-api-gateway-with-aws-waf
CommunityShield API gateways with AWS WAF protection.
Software Engineering#api-security#rate-limiting#api-gateway#owasp-top-10#bot-protection#aws-waf#web-application-firewall
AuthorYukiIto1999
Version1.0.0
Installs0
System Documentation
What problem does it solve?
Protect API Gateway endpoints from common web attacks and abuse by configuring AWS WAF with managed rule groups, rate limiting, bot control, IP reputation filtering, and monitoring.
Core Features & Use Cases
- Create and manage a Web ACL with AWS managed rule groups for OWASP Top 10 protection.
- Configure rate-based rules to throttle abusive traffic and protect endpoints like /api/auth/login.
- Enable Bot Control and IP reputation filtering to identify and block automated threats.
- Implement custom rules (e.g., API key headers, geo-restrictions, max body size) to enforce API security policies.
- Attach the Web ACL to API Gateway stages and enable comprehensive logging and monitoring via CloudWatch and Kinesis Firehose.
Quick Start
Configure your API Gateway with AWS WAF by creating a Web ACL, adding managed rule groups, and attaching the Web ACL to the API stage for live protection.
Dependency Matrix
Required Modules
boto3
Components
scriptsreferences
💻 Claude Code Installation
Recommended: Let Claude install automatically. Simply copy and paste the text below to Claude Code.
Please help me install this Skill: Name: securing-api-gateway-with-aws-waf Download link: https://github.com/YukiIto1999/ctf-sleuth/archive/main.zip#securing-api-gateway-with-aws-waf Please download this .zip file, extract it, and install it in the .claude/skills/ directory.
Agent Skills Search Helper
Install a tiny helper to your Agent, search and equip skill from 471,000+ vetted skills library on demand.