Benchmark: WAF

Usage

Browse dashboards and select WAF:

steampipe dashboard

Or run the benchmarks in your terminal:

steampipe check aws_compliance.benchmark.foundational_security_waf

Snapshot and share results via Steampipe Cloud:

steampipe login
steampipe check --share aws_compliance.benchmark.foundational_security_waf

Controls

• 1 AWS WAF Classic Global Web ACL logging should be enabled
• 2 A WAF Regional rule should have at least one condition
• 3 A WAF Regional rule group should have at least one rule
• 4 A WAF Regional web ACL should have at least one rule or rule group
• 6 A WAF global rule should have at least one condition
• 7 A WAF global rule group should have at least one rule
• 8 A WAF global web ACL should have at least one rule or rule group
• 10 A WAFV2 web ACL should have at least one rule or rule group

Tags