AWS Config Rules: WAF Regional Rule Group Not Empty
WAF_REGIONAL_RULEGROUP_NOT_EMPTY
Eduardo Van Cauteren
Last Update 2 miesiące temu
Description: Checks if WAF Regional rule groups contain any rules. The rule is NON_COMPLIANT if there are no rules present within a WAF Regional rule group.
Trigger type: Configurational Changes
AWS Region: All supported AWS regions except China (Beijing), Asia Pacific (Jakarta), Middle East (UAE), Asia Pacific (Hyderabad), Asia Pacific (Osaka), AWS GovCloud (US-East), AWS GovCloud (US-West), Israel (Tel Aviv), Europe (Spain), China (Ningxia), Europe (Zurich) Region
How to Resolve Manually
This rule evaluates if a WAF Regional Rule Group includes rules. It's marked as compliant if the regional rule group has at least one rule, and non-compliant if it doesn't.
You can resolve this by deleting the rule group if it's not being used or add a rule to it.
To add conditions, head on over to the WAF & Shield service and then click on Switch to AWS WAF Classic from the left menu.
Click on Rule groups and in the filter dropdown menu choose the desired region. From the list, click on the name of the rule group that is not compliant and finally click on the Edit rule group button to add rules to it.
Check the following screenshot as reference:
Want to know more about StackZone and how to make your cloud management simple and secure?
Check our how it works section with easy to follow videos or just create your own StackZone Account here
