amazon-web-servicesamazon-cloudfrontamazon-waf

Associate WAF with CloudFront distribution in China


Looks like it's just not possible, but I still want to ask. There is no option in UI which allows you to do that, also you can't create WebACL in WAF using scope CLOUDFRONT, only REGIONAL is available.

But ALL docs in China is saying you can do that:

AWS again lies to people and doing Google-translate of their docs or I am missing something?


Solution

  • AWS CN Support confirmed that this feature is not yet supported in the China partition, referencing the documentation on implementation differences: https://docs.amazonaws.cn/en_us/aws/latest/userguide/cloudfront.html#feature-diff

    Feature Availability and Implementation Differences

    • Amazon WAF, a web application firewall service, is not available.