How to Secure Our Resources From DDoS Attacks With AWS WAF & Shield?

In this article, we will learn in detail about WAF, DDoS attacks, and Amazon WAF & Shield. We will create the necessary environment for the WAF test. For this, we will build an Application consisting of a Static Web Server (EC2 instance), Load Balancer, and Target Group. We will mitigate an application layer DDoS attack on the web server that we build, by defining rules and then by creating rule groups with defined rules and later by associating them to Web ACLs, step by step.
Then, we will create a test script and apply it to the web server that we build. Finally, we will examine and analyze the output on AWS WAF dashboard charts and CloudWatch.

Topics we will cover:

1. What is WAF?

2. AWS WAF & Shield

2.1. AWS WAF

2.2. AWS Shield

3. DDoS Attacks

4. How to mitigate DDoS attacks?

5. Mitigating attacks using AWS Shield Standart

5.1. Creating Rule Groups and Rule

5.2. Creating Web ACLs

6. Test to web ACL

6.1. Create a web application

6.2. Build an Application (Static Web Server, ALB, Target Group)

6.2.1. Create an Apache Web Server with a static website at EC2 console

6.2.2. Create a Target group

6.2.3. Create Application Load Balancers (ALB)

7. Control The Application that we created

8. Create the test script

9. Notice the output

10. AWS WAF Dashboard Charts

11. Subscribe to Shield Advanced

12. As a result