Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

bug(azure): waf is disabled for Azure Application Gateway while a WAF strategy is attached to my AG #7298

Open
HujinoKun opened this issue Nov 21, 2024 · 0 comments
Open

bug(azure): waf is disabled for Azure Application Gateway while a WAF strategy is attached to my AG #7298

HujinoKun opened this issue Nov 21, 2024 · 0 comments
Labels
azure PR related with Azure Cloud bug Something isn't working community Community contribution query New query feature terraform Terraform query

Comments

@HujinoKun
Copy link

HujinoKun commented Nov 21, 2024
edited
Loading

Hello,

When I run a scan with kics, it tells me that I'm not using WAF even though I'm using azurerm_web_application_firewall_policy from Terraform which is attached to my AG instance :

resource "azurerm_web_application_firewall_policy" "waf_policy" {
  name                = "waf-policy"
  resource_group_name = var.resource_group_name
  location            = var.resource_group_location

  policy_settings {
    enabled                     = true
    mode                        = "Detection"
    request_body_check          = true
    file_upload_limit_in_mb     = 500
    max_request_body_size_in_kb = 256
  }

  ## Example of managed rules
  managed_rules {
    managed_rule_set {
      type    = "OWASP"
      version = "3.2"
    }
  }
}

resource "azurerm_application_gateway" "ag_aks" {
  name                              = "ag-aks"
  resource_group_name               = var.resource_group_name
  location                          = var.resource_group_location
  firewall_policy_id                = azurerm_web_application_firewall_policy.waf_policy.id
  force_firewall_policy_association = true
  zones                             = [1, 2, 3]
  sku {
    name = "WAF_v2"
    tier = "WAF_v2"
  }
  [...]
}

Here's the alert that came up :

WAF Is Disabled For Azure Application Gateway, Severity: MEDIUM, Results: 1
Description: Check if Web Application Firewall is disabled or not configured for Azure's Application Gateway.
Platform: Terraform
CWE: 693
Learn more about this vulnerability: https://docs.kics.io/latest/queries/terraform-queries/azure/2e48d91c-50e4-45c8-9312-27b625868a72

	[1]: ../../path/main.tf:405

		404: 
		405: resource "azurerm_application_gateway" "ag_aks" {
		406:   name                              = "ag-aks"

URL : https://docs.kics.io/latest/queries/terraform-queries/azure/2e48d91c-50e4-45c8-9312-27b625868a72

Could you include this case in your detection, please?
@HujinoKun HujinoKun added bug Something isn't working community Community contribution labels Nov 21, 2024
@github-actions github-actions bot added query New query feature terraform Terraform query azure PR related with Azure Cloud labels Nov 21, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
azure PR related with Azure Cloud bug Something isn't working community Community contribution query New query feature terraform Terraform query
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@HujinoKun