Network Firewall stateless rule groups should not be empty

이 페이지는 아직 한국어로 제공되지 않으며 번역 작업 중입니다. 번역에 관한 질문이나 의견이 있으시면 언제든지 저희에게 연락해 주십시오.

Description

This control verifies whether an AWS Network Firewall stateless rule group includes at least one rule.

A rule group contains rules that define how the firewall handles traffic within your VPC. While an empty stateless rule group in a firewall policy might seem like it would process traffic, it has no effect without any defined rules.

Remediation

For guidance on configuring firewall logging, refer to the Updating a stateful rule group section of the AWS Network Firewall Developer Guide.