I am new to AWS, working on AWS WAF and creating ACLs. Under this, you have to write custom conditions and rules, and associate them to a Load Balancer.
So, your incoming traffic will be handled by your ACL rules.
But if I don't want to make any conditions and rules I just make an empty rule and assign it to the ACL, So the ACL cannot handle its default condition check itself?
Microsoft Azure application gateway has built-in rules you don't have to write any condition for basic attacks, So is there any feature available in AWS WAF?
Is it mandatory to write the rules for ACL? Does an ACL not handle some basic attacks itself?