top of page

WAF.10

A WAFV2 web ACL should have at least one rule or rule group

Severity

Cloud Platforms

Resources

Related Standards

Automated

MEDIUM

AWS

Amazon Web Application Firewall

AWS Foundational Best Practice, NIST.800-53.r5,

This control checks whether a WAFV2 web ACL contains at least one WAF rule or WAF rule group. The control fails if a web ACL does not contain any WAF rule or rule group.

bottom of page