You can now better protect your CloudFront distributions with AWS WAF security recommendations in the CloudFront console. CloudFront conveniently displays additional security rules for your distributions based on elements of your CloudFront configuration including path patterns or your origin type. Simply select the rules you’d like to enable and CloudFront automatically adds those rules to your AWS WAF configuration.
Source:: Amazon AWS