Find an API

Search public APIs with auth details & Postman guides

← All APIs

AWS WAFV2

amazonaws · Cloud

Cloud No Auth Free & Open cloud

WAF This is the latest version of the WAF API, released in November, 2019. The names of the entities that you use to access this API, like endpoints and namespaces, all have the versioning information added, like "V2" or "v2", to distinguish from the prior version. We recommend migrating your resources to this version, because it has a number of significant improvements. If you used WAF prior to this release, you can't use this WAFV2 API to access any

Authentication

No authentication requiredFree to use with no key needed.

Sample Requests

POST AssociateWebACL

Associates a web ACL with a regional application resource, to protect the resource. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, an AppSync GraphQL API, an Amazon Cognito user pool, or an App Runner service. For Amazon CloudFront, don't

https://api.apis.guru/v2/specs/amazonaws.com/wafv2/2019-07-29/#X-Amz-Target=AWSWAF_20190729.AssociateWebACL

Hover any highlighted part to learn what it does

Headers — extra info sent with the request
X-Amz-Target AWSWAF_20190729.AssociateWebACL
curl -X POST "https://api.apis.guru/v2/specs/amazonaws.com/wafv2/2019-07-29/#X-Amz-Target=AWSWAF_20190729.AssociateWebACL" \
  -H "X-Amz-Target: AWSWAF_20190729.AssociateWebACL"
import requests
headers = {
    "X-Amz-Target": "AWSWAF_20190729.AssociateWebACL"
}
response = requests.post(
    "https://api.apis.guru/v2/specs/amazonaws.com/wafv2/2019-07-29/#X-Amz-Target=AWSWAF_20190729.AssociateWebACL",
    headers=headers,
)
print(response.json())
const url = 'https://api.apis.guru/v2/specs/amazonaws.com/wafv2/2019-07-29/#X-Amz-Target=AWSWAF_20190729.AssociateWebACL';

const response = await fetch(url, {
  method: 'POST',
  headers: {
    'X-Amz-Target': 'AWSWAF_20190729.AssociateWebACL'
  },
}); 
const data = await response.json();
console.log(data);
package main

import (
	"fmt"
	"io"
	"net/http"
)

func main() {
	targetURL := "https://api.apis.guru/v2/specs/amazonaws.com/wafv2/2019-07-29/#X-Amz-Target=AWSWAF_20190729.AssociateWebACL"
	req, _ := http.NewRequest("POST", targetURL, nil)
	req.Header.Set("X-Amz-Target", "AWSWAF_20190729.AssociateWebACL")

	client := &http.Client{}
	resp, _ := client.Do(req)
	defer resp.Body.Close()
	body, _ := io.ReadAll(resp.Body)
	fmt.Println(string(body))
}
require "net/http"
require "json"

uri = URI("https://api.apis.guru/v2/specs/amazonaws.com/wafv2/2019-07-29/#X-Amz-Target=AWSWAF_20190729.AssociateWebACL")

http = Net::HTTP.new(uri.host, uri.port)
http.use_ssl = uri.scheme == "https"

req = Net::HTTP::Post.new(uri)
req["X-Amz-Target"] = "AWSWAF_20190729.AssociateWebACL"

res = http.request(req)
puts JSON.parse(res.body)
<?php
$url = "https://api.apis.guru/v2/specs/amazonaws.com/wafv2/2019-07-29/#X-Amz-Target=AWSWAF_20190729.AssociateWebACL";
$opts = ["http" => [
    "method" => "POST",
    "header" => implode("\r\n", [
        "X-Amz-Target: AWSWAF_20190729.AssociateWebACL"
    ]),
]];
$ctx = stream_context_create($opts);
$res = file_get_contents($url, false, $ctx);
print_r(json_decode($res, true));
POST CheckCapacity

Returns the web ACL capacity unit (WCU) requirements for a specified scope and set of rules. You can use this to check the capacity requirements for the rules you want to use in a RuleGroup or WebACL . WAF uses WCUs to calculate and control the operating resources that are us

https://api.apis.guru/v2/specs/amazonaws.com/wafv2/2019-07-29/#X-Amz-Target=AWSWAF_20190729.CheckCapacity

Hover any highlighted part to learn what it does

Headers — extra info sent with the request
X-Amz-Target AWSWAF_20190729.CheckCapacity
curl -X POST "https://api.apis.guru/v2/specs/amazonaws.com/wafv2/2019-07-29/#X-Amz-Target=AWSWAF_20190729.CheckCapacity" \
  -H "X-Amz-Target: AWSWAF_20190729.CheckCapacity"
import requests
headers = {
    "X-Amz-Target": "AWSWAF_20190729.CheckCapacity"
}
response = requests.post(
    "https://api.apis.guru/v2/specs/amazonaws.com/wafv2/2019-07-29/#X-Amz-Target=AWSWAF_20190729.CheckCapacity",
    headers=headers,
)
print(response.json())
const url = 'https://api.apis.guru/v2/specs/amazonaws.com/wafv2/2019-07-29/#X-Amz-Target=AWSWAF_20190729.CheckCapacity';

const response = await fetch(url, {
  method: 'POST',
  headers: {
    'X-Amz-Target': 'AWSWAF_20190729.CheckCapacity'
  },
}); 
const data = await response.json();
console.log(data);
package main

import (
	"fmt"
	"io"
	"net/http"
)

func main() {
	targetURL := "https://api.apis.guru/v2/specs/amazonaws.com/wafv2/2019-07-29/#X-Amz-Target=AWSWAF_20190729.CheckCapacity"
	req, _ := http.NewRequest("POST", targetURL, nil)
	req.Header.Set("X-Amz-Target", "AWSWAF_20190729.CheckCapacity")

	client := &http.Client{}
	resp, _ := client.Do(req)
	defer resp.Body.Close()
	body, _ := io.ReadAll(resp.Body)
	fmt.Println(string(body))
}
require "net/http"
require "json"

uri = URI("https://api.apis.guru/v2/specs/amazonaws.com/wafv2/2019-07-29/#X-Amz-Target=AWSWAF_20190729.CheckCapacity")

http = Net::HTTP.new(uri.host, uri.port)
http.use_ssl = uri.scheme == "https"

req = Net::HTTP::Post.new(uri)
req["X-Amz-Target"] = "AWSWAF_20190729.CheckCapacity"

res = http.request(req)
puts JSON.parse(res.body)
<?php
$url = "https://api.apis.guru/v2/specs/amazonaws.com/wafv2/2019-07-29/#X-Amz-Target=AWSWAF_20190729.CheckCapacity";
$opts = ["http" => [
    "method" => "POST",
    "header" => implode("\r\n", [
        "X-Amz-Target: AWSWAF_20190729.CheckCapacity"
    ]),
]];
$ctx = stream_context_create($opts);
$res = file_get_contents($url, false, $ctx);
print_r(json_decode($res, true));
POST CreateAPIKey

Creates an API key for use in the integration of the CAPTCHA API in your JavaScript client applications. The integration lets you customize the placement and characteristics of the CAPTCHA puzzle for your end users. For more information about the CAPTCHA JavaScript integration, see <a href="https

https://api.apis.guru/v2/specs/amazonaws.com/wafv2/2019-07-29/#X-Amz-Target=AWSWAF_20190729.CreateAPIKey

Hover any highlighted part to learn what it does

Headers — extra info sent with the request
X-Amz-Target AWSWAF_20190729.CreateAPIKey
curl -X POST "https://api.apis.guru/v2/specs/amazonaws.com/wafv2/2019-07-29/#X-Amz-Target=AWSWAF_20190729.CreateAPIKey" \
  -H "X-Amz-Target: AWSWAF_20190729.CreateAPIKey"
import requests
headers = {
    "X-Amz-Target": "AWSWAF_20190729.CreateAPIKey"
}
response = requests.post(
    "https://api.apis.guru/v2/specs/amazonaws.com/wafv2/2019-07-29/#X-Amz-Target=AWSWAF_20190729.CreateAPIKey",
    headers=headers,
)
print(response.json())
const url = 'https://api.apis.guru/v2/specs/amazonaws.com/wafv2/2019-07-29/#X-Amz-Target=AWSWAF_20190729.CreateAPIKey';

const response = await fetch(url, {
  method: 'POST',
  headers: {
    'X-Amz-Target': 'AWSWAF_20190729.CreateAPIKey'
  },
}); 
const data = await response.json();
console.log(data);
package main

import (
	"fmt"
	"io"
	"net/http"
)

func main() {
	targetURL := "https://api.apis.guru/v2/specs/amazonaws.com/wafv2/2019-07-29/#X-Amz-Target=AWSWAF_20190729.CreateAPIKey"
	req, _ := http.NewRequest("POST", targetURL, nil)
	req.Header.Set("X-Amz-Target", "AWSWAF_20190729.CreateAPIKey")

	client := &http.Client{}
	resp, _ := client.Do(req)
	defer resp.Body.Close()
	body, _ := io.ReadAll(resp.Body)
	fmt.Println(string(body))
}
require "net/http"
require "json"

uri = URI("https://api.apis.guru/v2/specs/amazonaws.com/wafv2/2019-07-29/#X-Amz-Target=AWSWAF_20190729.CreateAPIKey")

http = Net::HTTP.new(uri.host, uri.port)
http.use_ssl = uri.scheme == "https"

req = Net::HTTP::Post.new(uri)
req["X-Amz-Target"] = "AWSWAF_20190729.CreateAPIKey"

res = http.request(req)
puts JSON.parse(res.body)
<?php
$url = "https://api.apis.guru/v2/specs/amazonaws.com/wafv2/2019-07-29/#X-Amz-Target=AWSWAF_20190729.CreateAPIKey";
$opts = ["http" => [
    "method" => "POST",
    "header" => implode("\r\n", [
        "X-Amz-Target: AWSWAF_20190729.CreateAPIKey"
    ]),
]];
$ctx = stream_context_create($opts);
$res = file_get_contents($url, false, $ctx);
print_r(json_decode($res, true));

Postman Setup Guide

Get Postman ↗
  1. See official documentation for authentication and setup.

What can you build with AWS WAFV2?

AWS WAFV2 is a Cloud API. Developers commonly use cloud APIs for:

  • provisioning and managing cloud infrastructure
  • automating deployments and container orchestration
  • monitoring uptime and performance metrics
  • managing storage buckets and databases
  • setting up auto-scaling and load balancing

No authentication required. This API is open — no signup or key needed. Ideal for quick prototypes and public-facing features. AWS WAFV2 is free to use, making it a low-risk choice to experiment with.

New to APIs? Read our beginner's guide · Learn about API keys · What is REST?

Open documentation ↗