Table: aws_wafv2_web_acls

This table shows data for Wafv2 Web ACLs.

https://docs.aws.amazon.com/waf/latest/APIReference/API_WebACL.html (opens in a new tab)

The primary key for this table is arn.

Columns

NameType
_cq_iduuid
_cq_parent_iduuid
account_idutf8
regionutf8
tagsjson
resources_for_web_acllist<item: utf8, nullable>
arn (PK)utf8
default_actionjson
idutf8
nameutf8
visibility_configjson
association_configjson
capacityint64
captcha_configjson
challenge_configjson
custom_response_bodiesjson
descriptionutf8
label_namespaceutf8
managed_by_firewall_managerbool
post_process_firewall_manager_rule_groupsjson
pre_process_firewall_manager_rule_groupsjson
rulesjson
token_domainslist<item: utf8, nullable>
logging_configurationjson

Example Queries

These SQL queries are sampled from CloudQuery policies and are compatible with PostgreSQL.

AWS WAF Classic global web ACL logging should be enabled

(
  SELECT
    'AWS WAF Classic global web ACL logging should be enabled' AS title,
    account_id,
    arn AS resource_id,
    CASE
    WHEN logging_configuration IS NULL OR logging_configuration = '{}'
    THEN 'fail'
    ELSE 'pass'
    END
      AS status
  FROM
    aws_waf_web_acls
)
UNION
  (
    SELECT
      'AWS WAF Classic global web ACL logging should be enabled' AS title,
      account_id,
      arn AS resource_id,
      CASE
      WHEN logging_configuration IS NULL OR logging_configuration = '{}'
      THEN 'fail'
      ELSE 'pass'
      END
        AS status
    FROM
      aws_wafv2_web_acls
  );