diff --git a/spire/templates/shared-alb.yml b/spire/templates/shared-alb.yml
index f15b35dd..c0590d65 100644
--- a/spire/templates/shared-alb.yml
+++ b/spire/templates/shared-alb.yml
@@ -440,6 +440,7 @@ Resources:
     Properties:
       DefaultAction:
         Allow: {}
+      Description: !Sub WAF for Spire ${EnvironmentType} shared ALB
       Scope: REGIONAL
       Tags:
         - { Key: prx:meta:tagging-version, Value: "2021-04-07" }
@@ -453,6 +454,11 @@ Resources:
         CloudWatchMetricsEnabled: false
         MetricName: !Sub ${Alb.LoadBalancerName}-WAF
         SampledRequestsEnabled: false
+  WafAssociation:
+    Type: AWS::WAFv2::WebACLAssociation
+    Properties:
+      ResourceArn: !Ref Alb
+      WebACLArn: !GetAtt Waf.Arn
 
 Outputs:
   AlbArn: