Forum Discussion

Altostratus

Mar 28, 2019

How to configure WAF to protect applications hosted in AWS CDN environment.

We have a requirement to configure ASM security policy for an application hosted in AWS CDN environment. The lambda function is used and have 2 subnets attached to it. The application has an url http...

Cirrocumulus

Apr 26, 2019

F5 ASM can only protect application traffic flowing through your F5 ASM device. If CDN traffic you are taking about is 100% within AWS Cloudfront and is not flowing though F5 ASM in EC2 then you can't protect it.

If however in your design the traffic is flowing through F5 ASM then the WAF policy would be a standard JSON profile policy as AWS Lambda function calls are just JSON

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5

Forum Discussion

How to configure WAF to protect applications hosted in AWS CDN environment.

Security Best Practices for F5 Products

F5 AppWorld 2026 Registration - early bird pricing.

Kostas Injeyan - October 2025 Featured Member

Recent Discussions

Cannot ping external interface

HA Failover between two Datacenters

LTM issue Openning new web browser tab

F5 asm/awaf

AST Configuration Assistance

Related Content

VIPTest: Rapid Application Testing for F5 Environments

How Do I Install the Application Study Tool in an Air-Gapped Environment?

Introducing the F5 Application Study Tool (AST)

BIG-IP for Scalable App Delivery & Security in Hybrid Environments

Distributed Cloud for App Delivery & Security for Hybrid Environments

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS