AWS WAF gets disassociated without any warning

0

AWS WAF can get disassociated without any warning. Could we please get at least an email? Something like: [Attention Required] WAF disassociated you are now exposed to all the internet.

We are using AWS Load Balancer Controller and the WAF stopped working without notice until we found this: https://github.com/kubernetes-sigs/aws-load-balancer-controller/issues/2219 But even now I cannot guarantee that the WAF will stay up...

已提問 1 年前檢視次數 543 次
3 個答案
1

I’ve never seen this myself. I have seen a WAF ACL applied to many ALBs but never seen a WAF disappear from an ALB.

How are you associating them?

profile picture
專家
已回答 1 年前
0

Through the aws management console. But this is not the point.

Any state changes on a WAF should trigger an email notification. If you agree, can you please upvote my question so that it gets seen?

Thanks in advance

已回答 1 年前
  • What do you mean by state change?

0

You can check the Cloud Trail logs to see why ALB is getting disassociated from WAF. DisassociateWebACL is the API that disassociates the specified regional application resource from any existing web ACL association. Additionally, check if you have Firewall Manager (FMS) thats controlling the WAF integration. If yes, review the rules that you have in FMS that might be preventing the association of ALB to WAF.

AWS
已回答 5 個月前

您尚未登入。 登入 去張貼答案。

一個好的回答可以清楚地回答問題並提供建設性的意見回饋,同時有助於提問者的專業成長。

回答問題指南