AWS Config Rule: WAF Global Rule Not Empty
WAF_GLOBAL_RULE_NOT_EMPTY
Eduardo Van Cauteren
Last Update 2 months ago
Description: Checks if an AWS WAF global rule contains any conditions. The rule is NON_COMPLIANT if no conditions are present within the WAF global rule.
Trigger type: Configurational Changes
AWS Region: Only available in US East (N. Virginia) Region
How to Resolve Manually
This rule evaluates if a WAF global rule includes conditions. It's marked as compliant if the global rule has at least one condition, and non-compliant if it doesn't.
You can resolve this by deleting the rule if it's not being used or add a condition to it.
To add conditions, head on over to the WAF & Shield service and then click on Switch to AWS WAF Classic from the left menu.
Click on Rules and in the filter dropdown menu choose Global (CloudFront) region. From the list, click on the name of the rule that is not compliant and finally click on the Edit rule button to add conditions.
Check the following screenshot as reference:
Want to know more about StackZone and how to make your cloud management simple and secure?
Check our how it works section with easy to follow videos or just create your own StackZone Account here
