💼 [APIGateway.4] API Gateway should be associated with a WAF Web ACL

ID: /frameworks/aws-fsbp-v1.0.0/api-gateway/04

Description

AWS WAF is a web application firewall that helps protect web applications and APIs from attacks. It enables you to configure an ACL, which is a set of rules that allow, block, or count web requests based on customizable web security rules and conditions that you define. Ensure that your API Gateway stage is associated with an AWS WAF web ACL to help protect it from malicious attacks.

Similar

AWS Security Hub
- https://docs.aws.amazon.com/securityhub/latest/userguide/apigateway-controls.html#apigateway-4
Internal
- ID: dec-c-cdc41a7c

Similar Sections (Give Policies To)

Section	Sub Sections	Internal Rules	Policies	Flags	Compliance
💼 NIST SP 800-53 Revision 5 → 💼 AC-4(21) Information Flow Enforcement _ Physical or Logical Separation of Information Flows		37	48		no data

Sub Sections

Section	Sub Sections	Internal Rules	Policies	Flags	Compliance

Policies (1)

Policy	Logic Count	Flags	Compliance
🛡️ AWS API Gateway REST API Stage is not associated with a WAF Web ACL🟢	1	🟢 x6	no data

Internal Rules

Rule	Policies	Flags
✉️ dec-x-bfdadcc4	1

Description​

Similar​

Similar Sections (Give Policies To)​

Sub Sections​

Policies (1)​

Internal Rules​