All Products
Search

This Product

    Cloud Config:Enabled logging for WAF 3.0 protected objects

    Document Center

    Cloud Config:Enabled logging for WAF 3.0 protected objects

    Last Updated:Sep 30, 2025

    A protected object is considered compliant if it is added to a WAF 3.0 instance and has log collection enabled.

    Risk level

    Default risk level: Medium.

    You can change the risk level as needed.

    Detection logic

    A protected object is considered compliant if it is added to a WAF 3.0 instance and has log collection enabled.

    Rule details

    Parameter

    Description

    Rule name

    Enabled logging for WAF 3.0 protected objects

    Rule identifier

    waf3-defense-resource-logging-enabled

    Tags

    WAF3, DefenseResource

    Automatic remediation

    Not supported

    Rule trigger

    Periodic

    Trigger frequency

    24 hours

    Supported resource types

    ACS::WAFV3::DefenseResource

    Input parameters

    None

    Remediation guide

    To remediate a non-compliant resource, enable log collection for the protected object. For more information, see Enable or disable Simple Log Service.