💼 [APIGateway.4] API Gateway should be associated with a WAF Web ACL

Contextual name: 💼 [APIGateway.4] API Gateway should be associated with a WAF Web ACL
ID: /frameworks/aws-fsbp-v1.0.0/api-gateway/04
Located in: 💼 API Gateway

Description

AWS WAF is a web application firewall that helps protect web applications and APIs from attacks. It enables you to configure an ACL, which is a set of rules that allow, block, or count web requests based on customizable web security rules and conditions that you define. Ensure that your API Gateway stage is associated with an AWS WAF web ACL to help protect it from malicious attacks.

Similar

AWS Security Hub
- https://docs.aws.amazon.com/securityhub/latest/userguide/apigateway-controls.html#apigateway-4
Internal
- ID: dec-c-cdc41a7c

Similar Sections (Give Policies To)

Section	Sub Sections	Internal Rules	Policies	Flags
💼 NIST SP 800-53 Revision 5 → 💼 AC-4(21) Information Flow Enforcement _ Physical or Logical Separation of Information Flows		35	39

Sub Sections

Section	Sub Sections	Internal Rules	Policies	Flags

Policies (1)

Policy	Logic Count	Flags
📝 AWS API Gateway REST API Stage is not associated with a WAF Web ACL 🟢	1	🟢 x6

Internal Rules

Rule	Policies	Flags
✉️ dec-x-bfdadcc4	1

Description​

Similar​

Similar Sections (Give Policies To)​

Sub Sections​

Policies (1)​

Internal Rules​