WAF & Shield – Pavan Addepalli

Introduction

AWS WAF used to control how an Amazon CloudFront distribution, an Amazon API Gateway API, or an Application Load Balancer responds to web requests.

web access control list (Web ACL) to protect a set of AWS resources.
Rules are to block matching requests or to allow matching requests through. Rules also use to count matching requests.
Rule groups are to combination of rules for re-usability

AWS WAF uses web ACL capacity units (WCU) to calculate and control the operating resources that are used to run your rules, rule groups, and web ACLs.The maximum capacity for a web ACL is 1,500, which is sufficient for most use cases.

For DDOS , use AWS Shield. Refer https://d0.awsstatic.com/whitepapers/Security/DDoS_White_Paper.pdf for more details