Enable Logging Rule for AWS WAFv2 Web ACLs
This rule ensures logging is enabled on AWS WAFv2 regional and global web access control lists.
| Rule | Logging should be enabled on AWS WAFv2 regional and global web access control list (ACLs) |
| Framework | HIPAA |
| Severity | ✔ Low |
Rule Description:
Logging should be enabled on both regional and global web access control lists (ACLs) for HIPAA compliance in AWS WAFv2. Enabling logging helps track and monitor access attempts on the ACLs, allowing for effective security analysis and compliance auditing.
Troubleshooting Steps (if applicable):
- 1.Ensure that the AWS WAFv2 is properly configured and integrated with CloudWatch Logs for logging purposes.
- 2.Verify that appropriate IAM policies are in place to allow the necessary permissions for logging.
- 3.Check if the ACL logging settings are correctly configured for both regional and global ACLs.
- 4.Troubleshoot and resolve any issues related to CloudWatch Logs if logging is not functioning as expected.
Necessary Codes (if applicable):
AWS CLI or SDKs can be used to enable logging on AWS WAFv2 regional and global ACLs. Here is an example for the AWS CLI command:
aws wafv2 update-web-acl \ --name <web-acl-name> \ --scope <REGIONAL | CLOUDFRONT> \ --id <web-acl-id> \ --logging-configuration file://logging-configuration.json
Make sure to replace
<web-acl-name><REGIONAL | CLOUDFRONT><web-acl-id>file://logging-configuration.jsonStep-by-Step Guide for Remediation:
- 1.Log in to the AWS Management Console and open the AWS WAFv2 service.
- 2.In the navigation pane, click on "Web ACLs" to view the list of access control lists.
- 3.Identify the web ACLs that need logging enabled for HIPAA compliance.
- 4.Click on the desired web ACL name to open its settings.
- 5.In the web ACL details page, click on the "Logging" tab.
- 6.Verify if the logging configuration is enabled and properly configured.
- 7.If logging is not enabled, click on the "Edit" button to modify the logging settings.
- 8.Configure the logging destination as "CloudWatch Logs" to enable logging.
- 9.Specify the appropriate settings such as log group name, log destination type, and redaction settings if required.
- 10.Review the changes and click on the "Update" button to save the logging configuration.
- 11.Verify that the logging configuration has been updated successfully.
Conclusion:
Enabling logging on AWS WAFv2 regional and global web access control lists ensures compliance with HIPAA regulations. By following the troubleshooting steps and using the necessary codes, the logging configuration can be enabled successfully. The step-by-step guide provides a clear path to remediation for compliance.