CloudFront Without WAF
- Query id: 22c80725-e390-4055-8d14-a872230f6607
- Query name: CloudFront Without WAF
- Platform: Ansible
- Severity: Medium
- Category: Networking and Firewall
- CWE: 778
- URL: Github
Description¶
All AWS CloudFront distributions should be integrated with the Web Application Firewall (AWS WAF) service
Documentation
Code samples¶
Code samples with security vulnerabilities¶
Positive test num. 1 - yaml file
- name: create a basic distribution with defaults and tags
community.aws.cloudfront_distribution:
state: present
default_origin_domain_name: www.my-cloudfront-origin.com
tags:
Name: example distribution
Project: example project
Priority: '1'