Great Article. I think there's a small typo in your Cloudformation template missing the "Rule" attribute

Resources:

RateLimitACL:

Type: AWS::WAFv2::WebACL

Properties:

Name: rate-limit-acl

Scope: REGIONAL

Description: Auto-generated rate-limiting ACL.

DefaultAction:

Allow: {}

VisibilityConfig:

SampledRequestsEnabled: true

CloudWatchMetricsEnabled: true

MetricName: rate-limit-acl

Rule: << MISSING

- Name: rate-limit

Priority: 0

Action:

Block: {}

VisibilityConfig:

SampledRequestsEnabled: true

CloudWatchMetricsEnabled: true

MetricName: rate-limit

Statement:

RateBasedStatement:

AggregateKeyType: "IP"

Limit: 1000