Triage and Remediation
Remediation
Using Console
Using Console
To remediate the misconfiguration for AWS, follow these steps:
- Log in to the AWS Management Console and navigate to the AWS WAF service.
- Create a new web ACL (Access Control List) by clicking on the “Create web ACL” button.
- Give your new web ACL a name and description.
- Under “Rules”, click on the “Add rule” button.
- Select “AWS Managed Rules” and choose the rule set that you want to use. For example, choose the “AWSManagedRulesCommonRuleSet” rule set.
- Under “Web ACL associations”, click on the “Add association” button.
- Select the CloudFront distribution that you want to associate with the web ACL.
- Click on the “Add association” button to complete the association.
- Wait for a few minutes for the changes to propagate.
- Test your CloudFront distribution to ensure that it is now integrated with AWS WAF.
Using CLI
Using CLI
To remediate the misconfiguration of CloudFront not being integrated with AWS WAF for AWS using AWS CLI, follow the steps below:Replace Replace Replace
- Open the AWS CLI on your local machine.
- Run the following command to create a new Web ACL in AWS WAF:
<name-of-web-acl> and <description-of-web-acl> with the desired name and description for your Web ACL.- Run the following command to get the ARN of the newly created Web ACL:
<name-of-web-acl> with the name of the Web ACL you created in step 2.- Run the following command to update the CloudFront distribution to use the new Web ACL:
<distribution-id> with the ID of the CloudFront distribution you want to update, and <web-acl-arn> with the ARN of the Web ACL you retrieved in step 3.- Wait for the CloudFront distribution to update and propagate the changes.
Using Python
Using Python
To remediate the misconfiguration of CloudFront not being integrated with AWS WAF, you can follow these steps using Python:You can save this code as a Python script and execute it using a Python interpreter to remediate the misconfiguration of CloudFront not being integrated with AWS WAF.
- Import the necessary modules:
- Create a boto3 client for AWS WAF:
- Create a boto3 client for CloudFront:
- Get the distribution ID of the CloudFront distribution that needs to be integrated with AWS WAF:
- Get the current configuration of the CloudFront distribution:
- Check if the distribution already has an AWS WAF web ACL ID configured:
- If the distribution is not integrated with AWS WAF, get the ID of the AWS WAF web ACL that needs to be associated with the distribution:
- Update the configuration of the CloudFront distribution to integrate it with AWS WAF:
- Verify that the CloudFront distribution is now integrated with AWS WAF: