AWS WAF application layer (L7) DDoS protection is an AWS Managed Rule group that is designed to automatically defend applications against distributed denial of service (DDoS) events within seconds. This feature monitors traffic data to establish a baseline within minutes of activation, then leverages machine learning models to detect anomalies from normal traffic patterns. When traffic exceeds or deviates from the established baseline, the system automatically applies rules designed to help block malicious requests.
This feature is designed to ensure your applications on HAQM CloudFront, Application Load Balancer (ALB) and API Gateway remain available.