Aqua CSPM

ELBv2 WAF Enabled

Quick Info

Plugin TitleELBv2 WAF Enabled
CloudAWS
CategoryELBv2
DescriptionEnsure that all Application Load Balancers have WAF enabled.
More InfoEnabling WAF allows control over requests to the load balancer, allowing or denying traffic based off rules in the Web ACL
AWS Linkhttps://aws.amazon.com/blogs/aws/aws-web-application-firewall-waf-for-application-load-balancers/
Recommended Action1. Enter the WAF service. 2. Enter Web ACLs and filter by the region the Application Load Balancer is in. 3. If no Web ACL is found, Create a new Web ACL in the region the ALB resides and in Resource type to associate with web ACL, select the Load Balancer.

Detailed Remediation Steps