Detections
Analytics

Ensure Web Application Firewall(WAF) is enabled for Azure Application Gateway

MEDIUM

Description

Disabled WAF keeps applications in Azure Application Gateway open to all layer 7 attacks.

Remediation

In Azure Console -

  1. Log into portal, go to Azure marketplace.
  2. Search for Application Gateway.
  3. Select it, click create.
  4. Follow rest of the prompts and configure as needed.

In Terraform -

  1. In the azurerm_application_gateway resource, configure 'waf_configuration' block as needed.

References:
https://learn.microsoft.com/en-us/azure/web-application-firewall/ag/ag-overview
https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/application_gateway#waf_configuration

Policy Details

Rule Reference ID: AC_AZURE_0189
CSP: Azure
Remediation Available: Yes
Domain: Infrastructure Security
Resource: azurerm_application_gateway
Resource Category: Virtual Network
Resource Type: Application Gateway

Frameworks