A Web Application Firewall (WAF), is a layer of protection you can add to your web application. Adding a WAF to an Application Load Balancer (ALB) is pretty straightforward. You need to create at least one WebACL, to which you configure some rules (that filter the traffic), you can then attach the WebACL to the ALB with an “association”. The snippet also includes how you can add Cloudtrial logging.
To use this template you first need to have a working ALB template, you would then copy the below snippet into your existing template and update the “association” section to specify the ALB you wish to attach the WAF to, once attached it becomes active and starts to filter traffic.