diff --git a/website/source/docs/providers/aws/r/waf_byte_match_set.html.markdown b/website/source/docs/providers/aws/r/waf_byte_match_set.html.markdown
index 0ccf628be2..4c9781bce5 100644
--- a/website/source/docs/providers/aws/r/waf_byte_match_set.html.markdown
+++ b/website/source/docs/providers/aws/r/waf_byte_match_set.html.markdown
@@ -3,7 +3,7 @@ layout: "aws"
 page_title: "AWS: waf_byte_match_set"
 sidebar_current: "docs-aws-resource-waf-bytematchset"
 description: |-
-  Provides a AWS WAF ByteMatchSet resource.
+  Provides a AWS WAF Byte Match Set resource.
 ---
 
 # aws\_waf\_byte\_match\_set
@@ -33,8 +33,42 @@ resource "aws_waf_byte_match_set" "byte_set" {
 
 The following arguments are supported:
 
-* `name` - (Required) The name or description of the ByteMatchSet.
-* `byte_match_tuples` - Settings for the ByteMatchSet, such as the bytes (typically a string that corresponds with ASCII characters) that you want AWS WAF to search for in web requests.
+* `name` - (Required) The name or description of the Byte Match Set.
+* `byte_match_tuples` - Specifies the bytes (typically a string that corresponds
+  with ASCII characters) that you want to search for in web requests,
+  the location in requests that you want to search, and other settings.
+
+## Nested blocks
+
+### `byte_match_tuples`
+
+#### Arguments
+
+* `field_to_match` - (Required) The part of a web request that you want to search, such as a specified header or a query string.
+* `positional_constraint` - (Required) Within the portion of a web request that you want to search
+  (for example, in the query string, if any), specify where you want to search.
+  e.g. `CONTAINS`, `CONTAINS_WORD` or `EXACTLY`.
+  See [docs](http://docs.aws.amazon.com/waf/latest/APIReference/API_ByteMatchTuple.html#WAF-Type-ByteMatchTuple-PositionalConstraint)
+  for all supported values.
+* `target_string` - (Optional) The value that you want to search for. e.g. `HEADER`, `METHOD` or `BODY`.
+  See [docs](http://docs.aws.amazon.com/waf/latest/APIReference/API_ByteMatchTuple.html#WAF-Type-ByteMatchTuple-TargetString)
+  for all supported values.
+* `text_transformation` - (Required) Text transformations used to eliminate unusual formatting that attackers use in web requests in an effort to bypass AWS WAF.
+  If you specify a transformation, AWS WAF performs the transformation on `target_string` before inspecting a request for a match.
+  e.g. `CMD_LINE`, `HTML_ENTITY_DECODE` or `NONE`.
+  See [docs](http://docs.aws.amazon.com/waf/latest/APIReference/API_ByteMatchTuple.html#WAF-Type-ByteMatchTuple-TextTransformation)
+  for all supported values.
+
+### `field_to_match`
+
+#### Arguments
+
+* `data` - (Optional) When `type` is `HEADER`, enter the name of the header that you want to search, e.g. `User-Agent` or `Referer`.
+  If `type` is any other value, omit this field.
+* `type` - (Required) The part of the web request that you want AWS WAF to search for a specified string.
+  e.g. `HEADER`, `METHOD` or `BODY`.
+  See [docs](http://docs.aws.amazon.com/waf/latest/APIReference/API_FieldToMatch.html)
+  for all supported values.
 
 ## Remarks
 
@@ -42,4 +76,4 @@ The following arguments are supported:
 
 The following attributes are exported:
 
-* `id` - The ID of the WAF ByteMatchSet.
+* `id` - The ID of the WAF Byte Match Set.
diff --git a/website/source/docs/providers/aws/r/waf_ipset.html.markdown b/website/source/docs/providers/aws/r/waf_ipset.html.markdown
index 042d224e9a..058101a4ab 100644
--- a/website/source/docs/providers/aws/r/waf_ipset.html.markdown
+++ b/website/source/docs/providers/aws/r/waf_ipset.html.markdown
@@ -28,7 +28,18 @@ resource "aws_waf_ipset" "ipset" {
 The following arguments are supported:
 
 * `name` - (Required) The name or description of the IPSet.
-* `ip_set_descriptors` - (Optional) The IP address type and IP address range (in CIDR notation) from which web requests originate.
+* `ip_set_descriptors` - (Optional) Specifies the IP address type (IPV4 or IPV6)
+	and the IP address range (in CIDR format) that web requests originate from.
+
+## Nested Blocks
+
+### `ip_set_descriptors`
+
+#### Arguments
+
+* `type` - (Required) Type of the IP address - `IPV4` or `IPV6`.
+* `value` - (Required) An IPv4 or IPv6 address specified via CIDR notation.
+	e.g. `192.0.2.44/32` or `1111:0000:0000:0000:0000:0000:0000:0000/64`
 
 ## Remarks
 
diff --git a/website/source/docs/providers/aws/r/waf_rule.html.markdown b/website/source/docs/providers/aws/r/waf_rule.html.markdown
index 0db2fa07c3..feea0c707b 100644
--- a/website/source/docs/providers/aws/r/waf_rule.html.markdown
+++ b/website/source/docs/providers/aws/r/waf_rule.html.markdown
@@ -41,7 +41,20 @@ The following arguments are supported:
 
 * `metric_name` - (Required) The name or description for the Amazon CloudWatch metric of this rule.
 * `name` - (Required) The name or description of the rule.
-* `predicates` - (Optional) The ByteMatchSet, IPSet, SizeConstraintSet, SqlInjectionMatchSet, or XssMatchSet objects to include in a rule.
+* `predicates` - (Optional) One of ByteMatchSet, IPSet, SizeConstraintSet, SqlInjectionMatchSet, or XssMatchSet objects to include in a rule.
+
+## Nested Blocks
+
+### `predicates`
+
+#### Arguments
+
+* `negated` - (Required) Set this to `false` if you want to allow, block, or count requests
+  based on the settings in the specified `ByteMatchSet`, `IPSet`, `SqlInjectionMatchSet`, `XssMatchSet`, or `SizeConstraintSet`.
+  For example, if an IPSet includes the IP address `192.0.2.44`, AWS WAF will allow or block requests based on that IP address.
+  If set to `true`, AWS WAF will allow, block, or count requests based on all IP addresses _except_ `192.0.2.44`.
+* `data_id` - (Optional) A unique identifier for a predicate in the rule, such as Byte Match Set ID or IPSet ID.
+* `type` - (Required) The type of predicate in a rule, such as `ByteMatchSet` or `IPSet`
 
 ## Remarks
 
diff --git a/website/source/docs/providers/aws/r/waf_size_constraint_set.html.markdown b/website/source/docs/providers/aws/r/waf_size_constraint_set.html.markdown
index 5b8635e2bf..e0d0107910 100644
--- a/website/source/docs/providers/aws/r/waf_size_constraint_set.html.markdown
+++ b/website/source/docs/providers/aws/r/waf_size_constraint_set.html.markdown
@@ -3,7 +3,7 @@ layout: "aws"
 page_title: "AWS: waf_size_constraint_set"
 sidebar_current: "docs-aws-resource-waf-size-constraint-set"
 description: |-
-  Provides a AWS WAF SizeConstraintSet resource.
+  Provides a AWS WAF Size Constraint Set resource.
 ---
 
 # aws\_waf\_size\_constraint\_set
@@ -32,8 +32,38 @@ resource "aws_waf_size_constraint_set" "size_constraint_set" {
 
 The following arguments are supported:
 
-* `name` - (Required) The name or description of the SizeConstraintSet.
-* `size_constraints` - (Required) The size constraint and the part of the web request to check.
+* `name` - (Required) The name or description of the Size Constraint Set.
+* `size_constraints` - (Optional) Specifies the parts of web requests that you want to inspect the size of.
+
+## Nested Blocks
+
+### `size_constraints`
+
+#### Arguments
+
+* `field_to_match` - (Required) Specifies where in a web request to look for the size constraint.
+* `comparison_operator` - (Required) The type of comparison you want to perform.
+  e.g. `EQ`, `NE`, `LT`, `GT`.
+  See [docs](http://docs.aws.amazon.com/waf/latest/APIReference/API_SizeConstraint.html#WAF-Type-SizeConstraint-ComparisonOperator) for all supported values.
+* `size` - (Required) The size in bytes that you want to compare against the size of the specified `field_to_match`.
+  Valid values are between 0 - 21474836480 bytes (0 - 20 GB).
+* `text_transformation` - (Required) Text transformations used to eliminate unusual formatting that attackers use in web requests in an effort to bypass AWS WAF.
+  If you specify a transformation, AWS WAF performs the transformation on `field_to_match` before inspecting a request for a match.
+  e.g. `CMD_LINE`, `HTML_ENTITY_DECODE` or `NONE`.
+  See [docs](http://docs.aws.amazon.com/waf/latest/APIReference/API_SizeConstraint.html#WAF-Type-SizeConstraint-TextTransformation)
+  for all supported values.
+  **Note:** if you choose `BODY` as `type`, you must choose `NONE` because CloudFront forwards only the first 8192 bytes for inspection.
+
+### `field_to_match`
+
+#### Arguments
+
+* `data` - (Optional) When `type` is `HEADER`, enter the name of the header that you want to search, e.g. `User-Agent` or `Referer`.
+  If `type` is any other value, omit this field.
+* `type` - (Required) The part of the web request that you want AWS WAF to search for a specified string.
+  e.g. `HEADER`, `METHOD` or `BODY`.
+  See [docs](http://docs.aws.amazon.com/waf/latest/APIReference/API_FieldToMatch.html)
+  for all supported values.
 
 ## Remarks
 
@@ -41,4 +71,4 @@ The following arguments are supported:
 
 The following attributes are exported:
 
-* `id` - The ID of the WAF SizeConstraintSet.
+* `id` - The ID of the WAF Size Constraint Set.
diff --git a/website/source/docs/providers/aws/r/waf_sql_injection_match_set.html.markdown b/website/source/docs/providers/aws/r/waf_sql_injection_match_set.html.markdown
index 9d8fab08e9..d3c96cf711 100644
--- a/website/source/docs/providers/aws/r/waf_sql_injection_match_set.html.markdown
+++ b/website/source/docs/providers/aws/r/waf_sql_injection_match_set.html.markdown
@@ -3,7 +3,7 @@ layout: "aws"
 page_title: "AWS: waf_sql_injection_match_set"
 sidebar_current: "docs-aws-resource-waf-sql-injection-match-set"
 description: |-
-  Provides a AWS WAF SqlInjectionMatchSet resource.
+  Provides a AWS WAF SQL Injection Match Set resource.
 ---
 
 # aws\_waf\_sql\_injection\_match\_set
@@ -31,7 +31,30 @@ resource "aws_waf_sql_injection_match_set" "sql_injection_match_set" {
 The following arguments are supported:
 
 * `name` - (Required) The name or description of the SizeConstraintSet.
-* `sql_injection_match_tuples` - The parts of web requests that you want AWS WAF to inspect for malicious SQL code and, if you want AWS WAF to inspect a header, the name of the header.
+* `sql_injection_match_tuples` - (Optional) The parts of web requests that you want AWS WAF to inspect for malicious SQL code and, if you want AWS WAF to inspect a header, the name of the header.
+
+## Nested Blocks
+
+### `sql_injection_match_tuples`
+
+* `field_to_match` - (Required) Specifies where in a web request to look for snippets of malicious SQL code.
+* `text_transformation` - (Required) Text transformations used to eliminate unusual formatting that attackers use in web requests in an effort to bypass AWS WAF.
+  If you specify a transformation, AWS WAF performs the transformation on `field_to_match` before inspecting a request for a match.
+  e.g. `CMD_LINE`, `HTML_ENTITY_DECODE` or `NONE`.
+  See [docs](http://docs.aws.amazon.com/waf/latest/APIReference/API_SqlInjectionMatchTuple.html#WAF-Type-SqlInjectionMatchTuple-TextTransformation)
+  for all supported values.
+
+### `field_to_match`
+
+#### Arguments
+
+* `data` - (Optional) When `type` is `HEADER`, enter the name of the header that you want to search, e.g. `User-Agent` or `Referer`.
+  If `type` is any other value, omit this field.
+* `type` - (Required) The part of the web request that you want AWS WAF to search for a specified string.
+  e.g. `HEADER`, `METHOD` or `BODY`.
+  See [docs](http://docs.aws.amazon.com/waf/latest/APIReference/API_FieldToMatch.html)
+  for all supported values.
+
 
 ## Remarks
 
@@ -39,4 +62,4 @@ The following arguments are supported:
 
 The following attributes are exported:
 
-* `id` - The ID of the WAF SqlInjectionMatchSet.
+* `id` - The ID of the WAF SQL Injection Match Set.
diff --git a/website/source/docs/providers/aws/r/waf_web_acl.html.markdown b/website/source/docs/providers/aws/r/waf_web_acl.html.markdown
index 8011896575..c8c6a99874 100644
--- a/website/source/docs/providers/aws/r/waf_web_acl.html.markdown
+++ b/website/source/docs/providers/aws/r/waf_web_acl.html.markdown
@@ -63,6 +63,26 @@ The following arguments are supported:
 * `name` - (Required) The name or description of the web ACL.
 * `rules` - (Required) The rules to associate with the web ACL and the settings for each rule.
 
+## Nested Blocks
+
+### `default_action`
+
+#### Arguments
+
+* `type` - (Required) Specifies how you want AWS WAF to respond to requests that match the settings in a rule.
+  e.g. `ALLOW`, `BLOCK` or `COUNT`
+
+### `rules`
+
+See [docs](http://docs.aws.amazon.com/waf/latest/APIReference/API_ActivatedRule.html) for all details and supported values.
+
+#### Arguments
+
+* `action` - (Required) The action that CloudFront or AWS WAF takes when a web request matches the conditions in the rule.
+  e.g. `ALLOW`, `BLOCK` or `COUNT`
+* `priority` - (Required) Specifies the order in which the rules in a WebACL are evaluated.
+  Rules with a lower value are evaluated before rules with a higher value.
+* `rule_id` - (Required) ID of the associated [rule](/docs/providers/aws/r/waf_rule.html)
 
 ## Attributes Reference
 
diff --git a/website/source/docs/providers/aws/r/waf_xss_match_set.html.markdown b/website/source/docs/providers/aws/r/waf_xss_match_set.html.markdown
index 29fd7ab999..5f51a1f461 100644
--- a/website/source/docs/providers/aws/r/waf_xss_match_set.html.markdown
+++ b/website/source/docs/providers/aws/r/waf_xss_match_set.html.markdown
@@ -39,7 +39,30 @@ resource "aws_waf_xss_match_set" "xss_match_set" {
 The following arguments are supported:
 
 * `name` - (Required) The name or description of the SizeConstraintSet.
-* `xss_match_tuples` - The parts of web requests that you want to inspect for cross-site scripting attacks.
+* `xss_match_tuples` - (Optional) The parts of web requests that you want to inspect for cross-site scripting attacks.
+
+## Nested Blocks
+
+### `xss_match_tuples`
+
+* `field_to_match` - (Required) Specifies where in a web request to look for cross-site scripting attacks.
+* `text_transformation` - (Required) Text transformations used to eliminate unusual formatting that attackers use in web requests in an effort to bypass AWS WAF.
+  If you specify a transformation, AWS WAF performs the transformation on `target_string` before inspecting a request for a match.
+  e.g. `CMD_LINE`, `HTML_ENTITY_DECODE` or `NONE`.
+  See [docs](http://docs.aws.amazon.com/waf/latest/APIReference/API_XssMatchTuple.html#WAF-Type-XssMatchTuple-TextTransformation)
+  for all supported values.
+
+### `field_to_match`
+
+#### Arguments
+
+* `data` - (Optional) When `type` is `HEADER`, enter the name of the header that you want to search, e.g. `User-Agent` or `Referer`.
+  If `type` is any other value, omit this field.
+* `type` - (Required) The part of the web request that you want AWS WAF to search for a specified string.
+  e.g. `HEADER`, `METHOD` or `BODY`.
+  See [docs](http://docs.aws.amazon.com/waf/latest/APIReference/API_FieldToMatch.html)
+  for all supported values.
+
 
 ## Remarks
 
diff --git a/website/source/layouts/aws.erb b/website/source/layouts/aws.erb
index 11994afee4..71ee8b80a7 100644
--- a/website/source/layouts/aws.erb
+++ b/website/source/layouts/aws.erb
@@ -1067,34 +1067,34 @@
                 <a href="#">WAF Resources</a>
                 <ul class="nav nav-visible">
 
-                  <li<%= sidebar_current("docs-aws-resource-waf-webacl") %>>
-                    <a href="/docs/providers/aws/r/waf_web_acl.html">aws_waf_web_acl</a>
-                  </li>
-
                   <li<%= sidebar_current("docs-aws-resource-waf-bytematchset") %>>
                     <a href="/docs/providers/aws/r/waf_byte_match_set.html">aws_waf_byte_match_set</a>
                   </li>
 
-                  <li<%= sidebar_current("docs-aws-resource-waf-size-constraint-set") %>>
-                    <a href="/docs/providers/aws/r/waf_size_constraint_set.html">aws_waf_size_constraint_set</a>
-                  </li>
-
-                  <li<%= sidebar_current("docs-aws-resource-waf-rule") %>>
-                    <a href="/docs/providers/aws/r/waf_rule.html">aws_waf_rule</a>
-                  </li>
-
                   <li<%= sidebar_current("docs-aws-resource-waf-ipset") %>>
                     <a href="/docs/providers/aws/r/waf_ipset.html">aws_waf_ipset</a>
                   </li>
 
-                  <li<%= sidebar_current("docs-aws-resource-waf-xss-match-set") %>>
-                    <a href="/docs/providers/aws/r/waf_xss_match_set.html">aws_waf_xss_match_set</a>
+                  <li<%= sidebar_current("docs-aws-resource-waf-rule") %>>
+                    <a href="/docs/providers/aws/r/waf_rule.html">aws_waf_rule</a>
+                  </li>
+
+                  <li<%= sidebar_current("docs-aws-resource-waf-size-constraint-set") %>>
+                    <a href="/docs/providers/aws/r/waf_size_constraint_set.html">aws_waf_size_constraint_set</a>
                   </li>
 
                   <li<%= sidebar_current("docs-aws-resource-waf-sql-injection-match-set") %>>
                     <a href="/docs/providers/aws/r/waf_sql_injection_match_set.html">aws_waf_sql_injection_match_set</a>
                   </li>
 
+                  <li<%= sidebar_current("docs-aws-resource-waf-webacl") %>>
+                    <a href="/docs/providers/aws/r/waf_web_acl.html">aws_waf_web_acl</a>
+                  </li>
+
+                  <li<%= sidebar_current("docs-aws-resource-waf-xss-match-set") %>>
+                    <a href="/docs/providers/aws/r/waf_xss_match_set.html">aws_waf_xss_match_set</a>
+                  </li>
+
                 </ul>
               </li>