Risk Level: High
Cloud Entity: AWS CloudFront Distribution
CloudGuard Rule ID: D9.CFT.CRY.18
Covered by Spectral: Yes
Category: Management Tools
AWS_CloudFront_Distribution should have DistributionConfig.WebACLId
Supply AWS::CloudFront::Distribution::WebACLId property with ARN value of your WAF Web ACL.
See below example;
Resources: MyDistribution: Type: AWS::CloudFront::Distribution Properties: DistributionConfig: ... WebACLId:"arn:aws:wafv2:us-east-1:123456789012:global/webacl/ExampleWebACL/473e64fd-f30b-4765-81a0-62ad96dd167a" ...
A distribution tells CloudFront where you want content to be delivered from, and the details about how to track and manage content delivery. The following topics explain some basics about CloudFront distributions and provide detailed information about the settings you can choose to configure your distributions to meet your business needs
- AWS CloudFormation ruleset
Updated 3 months ago