AWS Config Rule: NETFW Policy Default Action Full Packets
NETFW_POLICY_DEFAULT_ACTION_FULL_PACKETS
Eduardo Van Cauteren
Last Update 4 maanden geleden
Description: Checks if an AWS Network Firewall policy is configured with a user defined default stateless action for full packets. This rule is NON_COMPLIANT if default stateless action for full packets does not match with user defined default stateless action.
Trigger type: Configuration changes
AWS Region: All supported AWS regions
How to Resolve Manually
In AWS Console this parameter can be one of three options:
- Pass
- Drop
- Forward to stateful rule groups
When this AWS Config Rule references "Stateless Default Actions", it means your chosen parameter from the three above. By default, StackZone sets this to aws:pass, but you can define up to two parameters for this Config Rule.
In order to resolve this manually, you will need to head over VPC service within your AWS Console. Ensure to select the correct region for where your Network Firewall is located.
Once there, from the left-hand side menu, find Network Firewall and click on Firewall Policies. Locate the policy that is out of compliance and click on its name.
Under the Stateless default actions card, make sure that the default action for the Actions for full packets is set to one of the already defined options from within the StackZone Console when you enabled the rule.
To modify it, click on Edit button and set the rule to one of the expected values. Alternatively, you can delete the policy if not being used, to make the rule compliant.
Want to know more about StackZone and how to make your cloud management simple and secure?
Check our how it works section with easy to follow videos or just create your own StackZone Account here