Table: aws_waf_web_acls

This table shows data for WAF Web ACLs.

https://docs.aws.amazon.com/waf/latest/APIReference/API_waf_WebACLSummary.html (opens in a new tab)

The primary key for this table is arn.

Columns

Name	Type
_cq_id	`uuid`
_cq_parent_id	`uuid`
account_id	`utf8`
arn (PK)	`utf8`
tags	`json`
default_action	`json`
rules	`json`
web_acl_id	`utf8`
metric_name	`utf8`
name	`utf8`
web_acl_arn	`utf8`
logging_configuration	`json`

Example Queries

These SQL queries are sampled from CloudQuery policies and are compatible with PostgreSQL.

AWS WAF Classic global web ACL logging should be enabled

-- WAF Classic
SELECT
  'AWS WAF Classic global web ACL logging should be enabled' AS title,
  account_id,
  arn AS resource_id,
  CASE
  WHEN logging_configuration IS NULL OR logging_configuration = '{}' THEN 'fail'
  ELSE 'pass'
  END
    AS status
FROM
  aws_waf_web_acls;

AWS WAF Classic global web ACL logging should be enabled

(
  SELECT
    'AWS WAF Classic global web ACL logging should be enabled' AS title,
    account_id,
    arn AS resource_id,
    CASE
    WHEN logging_configuration IS NULL OR logging_configuration = '{}'
    THEN 'fail'
    ELSE 'pass'
    END
      AS status
  FROM
    aws_waf_web_acls
)
UNION
  (
    SELECT
      'AWS WAF Classic global web ACL logging should be enabled' AS title,
      account_id,
      arn AS resource_id,
      CASE
      WHEN logging_configuration IS NULL OR logging_configuration = '{}'
      THEN 'fail'
      ELSE 'pass'
      END
        AS status
    FROM
      aws_wafv2_web_acls
  );

Introduction