AWS Config Rule: WAF Regional Web ACL Not Empty
WAF_REGIONAL_WEBACL_NOT_EMPTY
Eduardo Van Cauteren
Last Update 6 months ago
Description: Checks if a WAF regional Web ACL contains any WAF rules or rule groups. The rule is NON_COMPLIANT if there are no WAF rules or rule groups present within a Web ACL.
Trigger type: Configuration changes
AWS Region: All supported AWS regions except Asia Pacific (Jakarta), Middle East (UAE), Asia Pacific (Hyderabad), AWS GovCloud (US-East), AWS GovCloud (US-West), Israel (Tel Aviv), Europe (Spain), Europe (Zurich) Region
How to Resolve Manually
This rule checks whether there exist at least one rule / rule group within a WAF regional Web ACL. If the ACL doesn't contain any rule it will be marked as non-compliant.
In order to resolve this manually you will need to go to your WAF & Shield dashboard and click on Web ACLs. Filter for the region in which your Web ACL is located then click on the ACL name to view its properties.
Once there, click on the Rules tab and check if this particular ACL has a rule or rule group associated to it. Check the following screenshot as a reference:
Want to know more about StackZone and how to make your cloud management simple and secure?
Check our how it works section with easy to follow videos or just create your own StackZone Account here
