AWS Config Rule: NETFW Policy Default Action Full Packets

NETFW_POLICY_DEFAULT_ACTION_FULL_PACKETS

Eduardo Van Cauteren

Last Update 4 maanden geleden

Description: Checks if an AWS Network Firewall policy is configured with a user defined default stateless action for full packets. This rule is NON_COMPLIANT if default stateless action for full packets does not match with user defined default stateless action.


Trigger type: Configuration changes


AWS Region: All supported AWS regions


How to Resolve Manually

In AWS Console this parameter can be one of three options:

  • Pass
  • Drop
  • Forward to stateful rule groups

When this AWS Config Rule references "Stateless Default Actions", it means your chosen parameter from the three above. By default, StackZone sets this to aws:pass, but you can define up to two parameters for this Config Rule.


In order to resolve this manually, you will need to head over VPC service within your AWS Console. Ensure to select the correct region for where your Network Firewall is located.


Once there, from the left-hand side menu, find Network Firewall and click on Firewall Policies. Locate the policy that is out of compliance and click on its name.

Under the Stateless default actions card, make sure that the default action for the Actions for full packets is set to one of the already defined options from within the StackZone Console when you enabled the rule.


To modify it, click on Edit button and set the rule to one of the expected values. Alternatively, you can delete the policy if not being used, to make the rule compliant.


Want to know more about StackZone and how to make your cloud management simple and secure?

Check our how it works section with easy to follow videos or just create your own StackZone Account here

Was this article helpful?

0 out of 0 liked this article

Still need help? Message Us