A Config rule that checks if logging is enabled on AWS Web Application Firewall (WAF) classic global web ACLs. This rule is NON_COMPLIANT for a global web ACL, if it does not have logging enabled.

This config rule supports the following parameters:

  • KinesisFirehoseDeliveryStreamArns
    • Required: No
    • Type: CSV
    • Description:Comma separated list of Amazon Kinesis stream ARN for AWS WAF logs.

ConfigRule
AWS::Config::ConfigRule


Source *
CustomPolicyDetails
SourceDetails

CloudFormation Template

Share Template