-
Notifications
You must be signed in to change notification settings - Fork 1.5k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
feat(waf): add new check waf_global_rule_with_conditions
#5465
feat(waf): add new check waf_global_rule_with_conditions
#5465
Conversation
Codecov ReportAttention: Patch coverage is
Additional details and impacted files@@ Coverage Diff @@
## master #5465 +/- ##
==========================================
+ Coverage 89.45% 89.59% +0.14%
==========================================
Files 1059 1070 +11
Lines 32855 33172 +317
==========================================
+ Hits 29390 29721 +331
+ Misses 3465 3451 -14 ☔ View full report in Codecov by Sentry. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I have made necessary changes in the PR @HugoPBrito, but the call _list_resources_for_web_acl
does not exist for the WAF API. Please, take a look!
Context
AWS WAF Classic global rules
are used to manage and control web traffic by specifying conditions that determine how the firewall handles requests. These conditions help identify, inspect, and mitigate potential security threats, such as malicious or suspicious traffic, thereby improving the overall security posture. Without any conditions in place, web traffic flows freely, which can lead to vulnerabilities being exploited, bypassing security policies.Description
This check ensures that
AWS WAF Classic global rules
contain at least one condition. If no conditions are present, the rule becomes ineffective, allowing all traffic to pass unchecked.Checklist
License
By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.