ServiceNow CMDB CI relationship sync: faster, more complete →
Mods
AWS

Policy: AWS > WAF > Rule Group v2 Regional > Active

Determine the action to take when an AWS WAF rule group v2 regional, based on the AWS > WAF > Rule Group v2 Regional > Active > * policies.

The control determines whether the resource is in active use, and if not, has the ability to delete / cleanup the resource. When running an automated compliance environment, it's common to end up with a wide range of alarms that are difficult and time consuming to clear. The Active control brings automated, well-defined control to this process.

The Active control checks the status of all defined Active policies for the resource (AWS > WAF > Rule Group v2 Regional > Active > *), raises an alarm, and takes the defined enforcement action. Each Active sub-policy can calculate a status of active, inactive or skipped. Generally, if the resource appears to be Active for any reason it will be considered Active. Note the contrast with Approved, where if the resource appears to be Unapproved for any reason it will be considered Unapproved.

See Active for more information.

Resource Types

This policy targets the following resource types:

Controls

Policy Specification

Schema Type
string
Default
Skip
Valid Values [YAML]
  • Skip
    
  • Check: Active
    
  • Enforce: Delete inactive with 1 day warning
    
  • Enforce: Delete inactive with 3 days warning
    
  • Enforce: Delete inactive with 7 days warning
    
  • Enforce: Delete inactive with 14 days warning
    
  • Enforce: Delete inactive with 30 days warning
    
  • Enforce: Delete inactive with 60 days warning
    
  • Enforce: Delete inactive with 90 days warning
    
  • Enforce: Delete inactive with 180 days warning
    
  • Enforce: Delete inactive with 365 days warning
    
Examples [YAML]
  • Check: Active
    

Category

In Your Workspace

Developers