diff --git a/builtin/providers/aws/resource_aws_waf_rule.go b/builtin/providers/aws/resource_aws_waf_rule.go
index f750f6ea09..543299879f 100644
--- a/builtin/providers/aws/resource_aws_waf_rule.go
+++ b/builtin/providers/aws/resource_aws_waf_rule.go
@@ -24,9 +24,10 @@ func resourceAwsWafRule() *schema.Resource {
 				ForceNew: true,
 			},
 			"metric_name": &schema.Schema{
-				Type:     schema.TypeString,
-				Required: true,
-				ForceNew: true,
+				Type:         schema.TypeString,
+				Required:     true,
+				ForceNew:     true,
+				ValidateFunc: validateWafMetricName,
 			},
 			"predicates": &schema.Schema{
 				Type:     schema.TypeSet,
diff --git a/builtin/providers/aws/resource_aws_waf_web_acl.go b/builtin/providers/aws/resource_aws_waf_web_acl.go
index a45b1cc0e6..7e3ac72378 100644
--- a/builtin/providers/aws/resource_aws_waf_web_acl.go
+++ b/builtin/providers/aws/resource_aws_waf_web_acl.go
@@ -37,9 +37,10 @@ func resourceAwsWafWebAcl() *schema.Resource {
 				},
 			},
 			"metric_name": &schema.Schema{
-				Type:     schema.TypeString,
-				Required: true,
-				ForceNew: true,
+				Type:         schema.TypeString,
+				Required:     true,
+				ForceNew:     true,
+				ValidateFunc: validateWafMetricName,
 			},
 			"rules": &schema.Schema{
 				Type:     schema.TypeSet,
diff --git a/builtin/providers/aws/validators.go b/builtin/providers/aws/validators.go
index c6a4edb03e..a682537070 100644
--- a/builtin/providers/aws/validators.go
+++ b/builtin/providers/aws/validators.go
@@ -1291,3 +1291,13 @@ func validateCognitoIdentityProvidersProviderName(v interface{}, k string) (ws [
 
 	return
 }
+
+func validateWafMetricName(v interface{}, k string) (ws []string, errors []error) {
+	value := v.(string)
+	if !regexp.MustCompile(`^[0-9A-Za-z]+$`).MatchString(value) {
+		errors = append(errors, fmt.Errorf(
+			"Only alphanumeric characters allowed in %q: %q",
+			k, value))
+	}
+	return
+}
diff --git a/builtin/providers/aws/validators_test.go b/builtin/providers/aws/validators_test.go
index 26b14a4847..b344f206d5 100644
--- a/builtin/providers/aws/validators_test.go
+++ b/builtin/providers/aws/validators_test.go
@@ -2178,3 +2178,34 @@ func TestValidateCognitoIdentityProvidersProviderName(t *testing.T) {
 		}
 	}
 }
+
+func TestValidateWafMetricName(t *testing.T) {
+	validNames := []string{
+		"testrule",
+		"testRule",
+		"testRule123",
+	}
+	for _, v := range validNames {
+		_, errors := validateWafMetricName(v, "name")
+		if len(errors) != 0 {
+			t.Fatalf("%q should be a valid WAF metric name: %q", v, errors)
+		}
+	}
+
+	invalidNames := []string{
+		"!",
+		"/",
+		" ",
+		":",
+		";",
+		"white space",
+		"/slash-at-the-beginning",
+		"slash-at-the-end/",
+	}
+	for _, v := range invalidNames {
+		_, errors := validateWafMetricName(v, "name")
+		if len(errors) == 0 {
+			t.Fatalf("%q should be an invalid WAF metric name", v)
+		}
+	}
+}