You should now see 3 rules in like below. Ensure you select Block if the request matches any of the rules.
For Default action, select Allow all requests that don’t match any rules
Click Review and create
In the next page, review the configuration and click Confirm and Create
👏 Congratulations! You have now added a WAF to our API gateway stage!