Associate Rule Groups with Network Firewall Policies

Checks if AWS Network Firewall policies have at least one rule group associated to filter network traffic effectively.

Rule	Network Firewall policies should have at least one rule group associated
Framework	AWS Foundational Security Best Practices
Severity	✔ Medium

Description:

Network firewall policies should have at least one rule group associated for AWS Foundational Security Best Practices. Rule groups can help enforce security best practices and prevent unauthorized access to resources.

Troubleshooting Steps:

If a firewall policy does not have a rule group associated for AWS Foundational Security Best Practices, follow these steps:

1.
Check the current configuration of the firewall policy to confirm if a rule group is missing.

2.
Verify the AWS Foundational Security Best Practices rule group is available in the firewall policy settings.

3.
If the rule group is missing, add it to the firewall policy.

Necessary Codes:

If you need to add a rule group for AWS Foundational Security Best Practices to a firewall policy, you can use the following AWS CLI command:

aws network-firewall associate-firewall-policy --firewall-policy-id <firewall-policy-id> --firewall-policy-arn arn:aws:network-firewall:<region>:<account-id>:firewall-policy/<firewall-policy-id> --update-token <update-token> --rule-groups "Type=STATELESS|STATEFUL,ResourceName=<resource-name>,ResourceArn=<resource-arn>"

Remediation Steps:

To remediate the issue and add a rule group for AWS Foundational Security Best Practices to a network firewall policy, follow these steps:

1.
Open the AWS Management Console and navigate to the Network Firewall service.

2.
Select the appropriate firewall policy that needs to be updated.

3.
Look for the option to associate a rule group with the firewall policy.

4.
Click on "Add Rule Group" and choose the AWS Foundational Security Best Practices rule group.

5.
Save the changes to associate the rule group with the firewall policy.

6.
Verify that the rule group is successfully added by checking the firewall policy settings.

By following these steps, you can ensure that network firewall policies have at least one rule group associated for AWS Foundational Security Best Practices, helping to enhance the security of your AWS resources.

Associate Rule Groups with Network Firewall Policies

.css-rso7cu{margin:0;font-family:Inter;font-weight:400;font-size:1.2857142857142858rem;line-height:1.5;color:#01130E;text-align:left;font-size:26px;font-weight:700;margin-top:1rem;}Description:

.css-rso7cu{margin:0;font-family:Inter;font-weight:400;font-size:1.2857142857142858rem;line-height:1.5;color:#01130E;text-align:left;font-size:26px;font-weight:700;margin-top:1rem;}Troubleshooting Steps:

.css-rso7cu{margin:0;font-family:Inter;font-weight:400;font-size:1.2857142857142858rem;line-height:1.5;color:#01130E;text-align:left;font-size:26px;font-weight:700;margin-top:1rem;}Necessary Codes:

.css-rso7cu{margin:0;font-family:Inter;font-weight:400;font-size:1.2857142857142858rem;line-height:1.5;color:#01130E;text-align:left;font-size:26px;font-weight:700;margin-top:1rem;}Remediation Steps:

Is your System Free of Underlying Vulnerabilities? Find Out Now

Description:

Troubleshooting Steps:

Necessary Codes:

Remediation Steps:

Is your System Free of Underlying Vulnerabilities?
Find Out Now