You must be logged in to view saved presets
Network Firewall Policy has Default Action for Fragment Packets
A Config rule that checks if an AWS Network Firewall policy is configured with a user defined stateless default action for fragmented packets. The rule is NON_COMPLIANT if stateless default action for fragmented packets does not match with user defined default action.
This config rule supports the following parameters:
- statelessFragmentDefaultActions
- Required: Yes
- Type: CSV
- Description:Comma-separated list of values. You can select a max of two. Valid values include 'aws:pass', 'aws:drop', and 'aws:forward_to_sfe'.
CloudFormation Template
© 2024 asecurecloud. All rights reserved.