Detections
Analytics

Ensure that Web Application Firewall (WAF) is used in 'Detection' or 'Prevention' modes for Azure Front Door

MEDIUM

Description

Azure Front Door should use Web Application Firewall (WAF) in 'Detection' or 'Prevention' modes.

Remediation

In Terraform -
For Azure Provider versions prior to v4.x (deprecated in favor of azurerm_cdn_frontdoor resources):

  1. In the azurerm_frontdoor_firewall_policy resource, set enabled to true.

References:
https://learn.microsoft.com/en-us/azure/frontdoor/
https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/frontdoor_firewall_policy

Policy Details

Rule Reference ID: AC_AZURE_0293
CSP: Azure
Remediation Available: Yes
Domain: Infrastructure Security
Resource: azurerm_frontdoor_firewall_policy
Resource Category: Virtual Network
Resource Type: Front Door

Frameworks