Detections
Analytics

Ensure that Web Application Firewall (WAF) enabled for Azure Front Door

MEDIUM

Description

Azure Front Door does not have Web Application Firewall (WAF) enabled.

Remediation

In Terraform -
For Azure Provider versions prior to v4.x (deprecated in favor of azurerm_cdn_frontdoor resources):

  1. In the azurerm_frontdoor resource, set the frontend_endpoint.web_application_firewall_policy_link_id to a configured WAF ID.

References:
https://learn.microsoft.com/en-us/azure/frontdoor/
https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/frontdoor#frontend_endpoint

Policy Details

Rule Reference ID: AC_AZURE_0314
CSP: Azure
Remediation Available: Yes
Domain: Infrastructure Security
Resource: azurerm_frontdoor
Resource Category: Virtual Network
Resource Type: Front Door

Frameworks