42

Network Config Rules

Last Update 3 months ago

AWS Config Rule: WAF V2 Logging Enabled AWS Config Rule: WAF Regional Web ACL Not Empty AWS Config Rule: VPC Subnet Auto Assign Public IP Disabled AWS Config Rule: ACM Certificate Expiration Check AWS Config Rule: ALB HTTP To HTTPS Redirection Check

AWS Config Rule: NETFW Policy Rule Group Associated

NETFW_POLICY_RULE_GROUP_ASSOCIATED

Eduardo Van Cauteren

Last Update 4 months ago

Description: Check AWS Network Firewall policy is associated with stateful OR stateless rule groups. This rule is NON_COMPLIANT if no stateful or stateless rule groups are associated with the Network Firewall policy else COMPLIANT if any one of the rule group exists.


Trigger type: Configurational Changes


AWS Region: All supported AWS regions

How to Resolve Manually

This Config Rule checks wether a Network Firewall policy is associated with either stateful or stateless Rule Group. The evaluation will be marked as non-compliant if a rule group is not associated with the policy.


To resolve this manually, go to VPC service within AWS Console and locate the Network Firewall policies section within the left hand side menu.

Look for the Policy that is not-compliant and under the Firewall policies card and click on its name to edit its properties. Look for Stateless rule groups or Stateful rule groups cards to add a Rule Group.


Another option, if you find that the Policy is not needed within your infrastructure, is to delete it to make the config rule to comply.

Want to know more about StackZone and how to make your cloud management simple and secure?

Check our how it works section with easy to follow videos or just create your own StackZone Account here

Was this article helpful?

0 out of 0 liked this article

Still need help? Message Us