This rule mandates enabling logging on AWS WAFv2 regional and global web access control lists.
Rule | Logging should be enabled on AWS WAFv2 regional and global web access control list (ACLs) |
Framework | NIST 800-53 Revision 5 |
Severity | ✔ Low |
AWS WAFv2 Logging for NIST 800-53 Revision 5 Compliance
Rule Description
This rule ensures that logging is enabled on AWS WAFv2 regional and global web access control lists (ACLs) to adhere to the NIST 800-53 Revision 5 compliance requirements. Enabling logging provides visibility into web traffic and allows for effective monitoring and analysis of potential security incidents.
Troubleshooting Steps
Verify the AWS WAFv2 regional and global web ACLs:
Enable logging on the web ACLs:
Verify the logging settings:
Necessary Codes
No specific codes are required for this rule. The steps provided above are sufficient for enabling logging on AWS WAFv2 regional and global web ACLs.
Remediation Steps
To remediate the issue:
Log in to the AWS Management Console.
Navigate to the AWS WAFv2 service.
Select the desired regional or global web ACL.
Switch to the Logging tab.
If logging is already enabled, no further action is required. If not, follow the steps below.
Click on "Edit logging configuration."
Choose the desired target for logging, such as Amazon Kinesis Data Firehose or Amazon S3.
Configure the necessary settings for the logging destination, including the bucket/stream name, prefix, and IAM roles.
Save the configuration changes.
Verify that the logs are being delivered to the desired destination.
Validate the accessibility and permissions of the logging destination.
By following these steps, you will enable logging on AWS WAFv2 regional and global web ACLs, ensuring compliance with NIST 800-53 Revision 5 requirements.
Note: It is essential to consult official AWS documentation and the NIST 800-53 Revision 5 standards for more in-depth understanding and to stay up to date with any changes or updates.