Overview

A config rule that checks whether the web ACL is associated with an Application Load Balancer or Amazon CloudFront distributions. When AWS Firewall Manager creates this rule, the FMS policy owner specifies the WebACLId in the FMS policy and can optionally enable remediation.

Configuration Templates

Items
1
Size
0.8 KB
Missing Parameters
AWSTemplateFormatVersion: '2010-09-09'
Description: ''
Resources:
  ConfigRule:
    Type: 'AWS::Config::ConfigRule'
    Properties:
      ConfigRuleName: fms-webacl-resource-policy-check
      Description: >-
        A config rule that checks whether the web ACL is associated with an
        Application Load Balancer or Amazon CloudFront distributions. When AWS
        Firewall Manager creates this rule, the FMS policy owner specifies the
        WebACLId in the FMS policy and can optiona...
      Scope:
        ComplianceResourceTypes:
          - 'AWS::CloudFront::Distribution'
          - 'AWS::ElasticLoadBalancingV2::LoadBalancer'
          - 'AWS::WAFRegional::WebACL'
      Source:
        Owner: AWS
        SourceIdentifier: FMS_WEBACL_RESOURCE_POLICY_CHECK
Parameters: {}
Metadata: {}
Conditions: {}

Actions



Rule Parameters

 
* Required field

Sources and Documentation

Configuration Source: AWS Documentation

Additional Documentation: