WAF Is Disabled For Azure Application Gateway

• Query id: 2fc5ab5a-c5eb-4ae4-b687-0f16fe77c255
• Query name: WAF Is Disabled For Azure Application Gateway
• Platform: Ansible
• Severity: Medium
• Category: Networking and Firewall
• URL: Github

Description

Check if Web Application Firewall is disabled or not configured for Azure's Application Gateway.
Documentation

Code samples

Code samples with security vulnerabilities

Positive test num. 1 - yaml file

- name: Create instance of Application Gateway
  azure_rm_appgateway:
    resource_group: myResourceGroup
    name: myAppGateway
    sku:
      name: standard_small
      tier: standard
      capacity: 2

Code samples without security vulnerabilities

Negative test num. 1 - yaml file

- name: Create instance of Application Gateway
  azure_rm_appgateway:
    resource_group: myResourceGroup
    name: myAppGateway
    sku:
      name: waf_medium
      tier: waf
      capacity: 2