AWS Config Rule: WAF Global Rule Not Empty

WAF_GLOBAL_RULE_NOT_EMPTY

Eduardo Van Cauteren

Last Update há 9 meses

Description: Checks if an AWS WAF global rule contains any conditions. The rule is NON_COMPLIANT if no conditions are present within the WAF global rule.


Trigger type: Configurational Changes


AWS Region: Only available in US East (N. Virginia) Region


How to Resolve Manually

This rule evaluates if a WAF global rule includes conditions. It's marked as compliant if the global rule has at least one condition, and non-compliant if it doesn't.


You can resolve this by deleting the rule if it's not being used or add a condition to it.


To add conditions, head on over to the WAF & Shield service and then click on Switch to AWS WAF Classic from the left menu.

Click on Rules and in the filter dropdown menu choose Global (CloudFront) region. From the list, click on the name of the rule that is not compliant and finally click on the Edit rule button to add conditions.

Check the following screenshot as reference:


Want to know more about StackZone and how to make your cloud management simple and secure?

Check our how it works section with easy to follow videos or just create your own StackZone Account here

Was this article helpful?

0 out of 0 liked this article

Still need help? Message Us