AWS WAF gets disassociated without any warning

0

AWS WAF can get disassociated without any warning. Could we please get at least an email? Something like: [Attention Required] WAF disassociated you are now exposed to all the internet.

We are using AWS Load Balancer Controller and the WAF stopped working without notice until we found this: https://github.com/kubernetes-sigs/aws-load-balancer-controller/issues/2219 But even now I cannot guarantee that the WAF will stay up...

질문됨 일 년 전542회 조회
3개 답변
1

I’ve never seen this myself. I have seen a WAF ACL applied to many ALBs but never seen a WAF disappear from an ALB.

How are you associating them?

profile picture
전문가
답변함 일 년 전
0

Through the aws management console. But this is not the point.

Any state changes on a WAF should trigger an email notification. If you agree, can you please upvote my question so that it gets seen?

Thanks in advance

답변함 일 년 전
  • What do you mean by state change?

0

You can check the Cloud Trail logs to see why ALB is getting disassociated from WAF. DisassociateWebACL is the API that disassociates the specified regional application resource from any existing web ACL association. Additionally, check if you have Firewall Manager (FMS) thats controlling the WAF integration. If yes, review the rules that you have in FMS that might be preventing the association of ALB to WAF.

AWS
답변함 5달 전

로그인하지 않았습니다. 로그인해야 답변을 게시할 수 있습니다.

좋은 답변은 질문에 명확하게 답하고 건설적인 피드백을 제공하며 질문자의 전문적인 성장을 장려합니다.

질문 답변하기에 대한 가이드라인