AWS Config Rule: WAF Regional Web ACL Not Empty


Eduardo Van Cauteren

Last Update 4 days ago

Description: Checks if a WAF regional Web ACL contains any WAF rules or rule groups. The rule is NON_COMPLIANT if there are no WAF rules or rule groups present within a Web ACL.

Trigger type: Configuration changes

AWS Region: All supported AWS regions except Asia Pacific (Jakarta), Middle East (UAE), Asia Pacific (Hyderabad), AWS GovCloud (US-East), AWS GovCloud (US-West), Israel (Tel Aviv), Europe (Spain), Europe (Zurich) Region

How to Resolve Manually

This rule checks whether there exist at least one rule / rule group within a WAF regional Web ACL. If the ACL doesn't contain any rule it will be marked as non-compliant.

In order to resolve this manually you will need to go to your WAF & Shield dashboard and click on Web ACLs. Filter for the region in which your Web ACL is located then click on the ACL name to view its properties.

Once there, click on the Rules tab and check if this particular ACL has a rule or rule group associated to it. Check the following screenshot as a reference:

Want to know more about StackZone and how to make your cloud management simple and secure?

Check our how it works section with easy to follow videos or just create your own StackZone Account here

Was this article helpful?

0 out of 0 liked this article

Still need help? Message Us