Amazon Config Firewall Manager findings - Amazon WAF, Amazon Firewall Manager, Amazon Shield Advanced, and Amazon Shield network security director
Services or capabilities described in Amazon Web Services documentation might vary by Region. To see the differences applicable to the China Regions, see Getting Started with Amazon Web Services in China (PDF).

Introducing a new console experience for Amazon WAF

You can now use the updated experience to access Amazon WAF functionality anywhere in the console. For more details, see Working with the updated console experience.

Amazon Config Firewall Manager findings

This page explains Firewall Manager findings for Amazon Config.

For information about Amazon Config, see Enabling Amazon Config for using Firewall Manager.

Account does not have Amazon Config enabled in the Region.

Firewall Manager requires Amazon Config to be enabled in your account and Region. To resolve this issue, enable Amazon Config in the account and Region where you want to use Firewall Manager.

  • Status settings – PASSED/FAILED

  • Updates – Firewall Manager updates this finding.

Note

After you enable Amazon Config, the compliance status changes to PASS, but the severity remains HIGH.

Note

In order for Firewall Manager to monitor policy compliance, Amazon Config must continuously record configuration changes for protected resources. In your Amazon Config configuration, the recording frequency must be set to Continuous, which is the default setting.