This rule ensures that ELB application load balancers have Web Application Firewall (WAF) enabled for enhanced security.
Rule | ELB application load balancers should have Web Application Firewall (WAF) enabled |
Framework | FedRAMP Moderate Revision 4 |
Severity | ✔ Medium |
Rule Description:
ELB (Elastic Load Balancer) application load balancers should have the Web Application Firewall (WAF) enabled to meet the FedRAMP (Federal Risk and Authorization Management Program) Moderate Revision 4 compliance requirements. The WAF provides an additional layer of security by inspecting incoming web traffic, detecting and mitigating potential web application attacks.
Troubleshooting Steps:
If the Web Application Firewall is not enabled on the ELB application load balancer, follow these troubleshooting steps:
Necessary Codes:
There are no specific codes required for enabling the Web Application Firewall on the ELB application load balancer. However, you would need to utilize the AWS Management Console or AWS CLI (Command-Line Interface) for enabling the WAF. The following guide will walk you through the necessary steps for enabling the Web Application Firewall on the ELB:
Step-by-Step Guide for Remediation:
Note: The above steps outline the general process for enabling the Web Application Firewall on ELB application load balancers. The specific steps may differ based on the AWS Management Console interface changes or updates. Ensure to refer to the official AWS documentation for the most up-to-date steps and configurations.